]> git.ipfire.org Git - thirdparty/hostap.git/blob - src/drivers/driver_nl80211.c
projects / thirdparty / hostap.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Revert "nl80211: Do not indicate P2P_DEVICE support by default"
[thirdparty/hostap.git] / src / drivers / driver_nl80211.c
1 /*
2 * Driver interaction with Linux nl80211/cfg80211
3 * Copyright (c) 2002-2014, Jouni Malinen <j@w1.fi>
4 * Copyright (c) 2003-2004, Instant802 Networks, Inc.
5 * Copyright (c) 2005-2006, Devicescape Software, Inc.
6 * Copyright (c) 2007, Johannes Berg <johannes@sipsolutions.net>
7 * Copyright (c) 2009-2010, Atheros Communications
8 *
9 * This software may be distributed under the terms of the BSD license.
10 * See README for more details.
11 */
12
13 #include "includes.h"
14 #include <sys/ioctl.h>
15 #include <sys/types.h>
16 #include <sys/stat.h>
17 #include <fcntl.h>
18 #include <net/if.h>
19 #include <netlink/genl/genl.h>
20 #include <netlink/genl/family.h>
21 #include <netlink/genl/ctrl.h>
22 #ifdef CONFIG_LIBNL3_ROUTE
23 #include <netlink/route/neighbour.h>
24 #endif /* CONFIG_LIBNL3_ROUTE */
25 #include <linux/rtnetlink.h>
26 #include <netpacket/packet.h>
27 #include <linux/filter.h>
28 #include <linux/errqueue.h>
29 #include "nl80211_copy.h"
30
31 #include "common.h"
32 #include "eloop.h"
33 #include "utils/list.h"
34 #include "common/qca-vendor.h"
35 #include "common/qca-vendor-attr.h"
36 #include "common/ieee802_11_defs.h"
37 #include "common/ieee802_11_common.h"
38 #include "l2_packet/l2_packet.h"
39 #include "netlink.h"
40 #include "linux_ioctl.h"
41 #include "radiotap.h"
42 #include "radiotap_iter.h"
43 #include "rfkill.h"
44 #include "driver.h"
45
46 #ifndef SO_WIFI_STATUS
47 # if defined(__sparc__)
48 # define SO_WIFI_STATUS 0x0025
49 # elif defined(__parisc__)
50 # define SO_WIFI_STATUS 0x4022
51 # else
52 # define SO_WIFI_STATUS 41
53 # endif
54
55 # define SCM_WIFI_STATUS SO_WIFI_STATUS
56 #endif
57
58 #ifndef SO_EE_ORIGIN_TXSTATUS
59 #define SO_EE_ORIGIN_TXSTATUS 4
60 #endif
61
62 #ifndef PACKET_TX_TIMESTAMP
63 #define PACKET_TX_TIMESTAMP 16
64 #endif
65
66 #ifdef ANDROID
67 #include "android_drv.h"
68 #endif /* ANDROID */
69 #ifdef CONFIG_LIBNL20
70 /* libnl 2.0 compatibility code */
71 #define nl_handle nl_sock
72 #define nl80211_handle_alloc nl_socket_alloc_cb
73 #define nl80211_handle_destroy nl_socket_free
74 #else
75 /*
76 * libnl 1.1 has a bug, it tries to allocate socket numbers densely
77 * but when you free a socket again it will mess up its bitmap and
78 * and use the wrong number the next time it needs a socket ID.
79 * Therefore, we wrap the handle alloc/destroy and add our own pid
80 * accounting.
81 */
82 static uint32_t port_bitmap[32] = { 0 };
83
84 static struct nl_handle *nl80211_handle_alloc(void *cb)
85 {
86 struct nl_handle *handle;
87 uint32_t pid = getpid() & 0x3FFFFF;
88 int i;
89
90 handle = nl_handle_alloc_cb(cb);
91
92 for (i = 0; i < 1024; i++) {
93 if (port_bitmap[i / 32] & (1 << (i % 32)))
94 continue;
95 port_bitmap[i / 32] |= 1 << (i % 32);
96 pid += i << 22;
97 break;
98 }
99
100 nl_socket_set_local_port(handle, pid);
101
102 return handle;
103 }
104
105 static void nl80211_handle_destroy(struct nl_handle *handle)
106 {
107 uint32_t port = nl_socket_get_local_port(handle);
108
109 port >>= 22;
110 port_bitmap[port / 32] &= ~(1 << (port % 32));
111
112 nl_handle_destroy(handle);
113 }
114 #endif /* CONFIG_LIBNL20 */
115
116
117 #ifdef ANDROID
118 /* system/core/libnl_2 does not include nl_socket_set_nonblocking() */
119 static int android_nl_socket_set_nonblocking(struct nl_handle *handle)
120 {
121 return fcntl(nl_socket_get_fd(handle), F_SETFL, O_NONBLOCK);
122 }
123 #undef nl_socket_set_nonblocking
124 #define nl_socket_set_nonblocking(h) android_nl_socket_set_nonblocking(h)
125 #endif /* ANDROID */
126
127
128 static struct nl_handle * nl_create_handle(struct nl_cb *cb, const char *dbg)
129 {
130 struct nl_handle *handle;
131
132 handle = nl80211_handle_alloc(cb);
133 if (handle == NULL) {
134 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate netlink "
135 "callbacks (%s)", dbg);
136 return NULL;
137 }
138
139 if (genl_connect(handle)) {
140 wpa_printf(MSG_ERROR, "nl80211: Failed to connect to generic "
141 "netlink (%s)", dbg);
142 nl80211_handle_destroy(handle);
143 return NULL;
144 }
145
146 return handle;
147 }
148
149
150 static void nl_destroy_handles(struct nl_handle **handle)
151 {
152 if (*handle == NULL)
153 return;
154 nl80211_handle_destroy(*handle);
155 *handle = NULL;
156 }
157
158
159 #if __WORDSIZE == 64
160 #define ELOOP_SOCKET_INVALID (intptr_t) 0x8888888888888889ULL
161 #else
162 #define ELOOP_SOCKET_INVALID (intptr_t) 0x88888889ULL
163 #endif
164
165 static void nl80211_register_eloop_read(struct nl_handle **handle,
166 eloop_sock_handler handler,
167 void *eloop_data)
168 {
169 nl_socket_set_nonblocking(*handle);
170 eloop_register_read_sock(nl_socket_get_fd(*handle), handler,
171 eloop_data, *handle);
172 *handle = (void *) (((intptr_t) *handle) ^ ELOOP_SOCKET_INVALID);
173 }
174
175
176 static void nl80211_destroy_eloop_handle(struct nl_handle **handle)
177 {
178 *handle = (void *) (((intptr_t) *handle) ^ ELOOP_SOCKET_INVALID);
179 eloop_unregister_read_sock(nl_socket_get_fd(*handle));
180 nl_destroy_handles(handle);
181 }
182
183
184 #ifndef IFF_LOWER_UP
185 #define IFF_LOWER_UP 0x10000 /* driver signals L1 up */
186 #endif
187 #ifndef IFF_DORMANT
188 #define IFF_DORMANT 0x20000 /* driver signals dormant */
189 #endif
190
191 #ifndef IF_OPER_DORMANT
192 #define IF_OPER_DORMANT 5
193 #endif
194 #ifndef IF_OPER_UP
195 #define IF_OPER_UP 6
196 #endif
197
198 struct nl80211_global {
199 struct dl_list interfaces;
200 int if_add_ifindex;
201 u64 if_add_wdevid;
202 int if_add_wdevid_set;
203 struct netlink_data *netlink;
204 struct nl_cb *nl_cb;
205 struct nl_handle *nl;
206 int nl80211_id;
207 int ioctl_sock; /* socket for ioctl() use */
208
209 struct nl_handle *nl_event;
210 };
211
212 struct nl80211_wiphy_data {
213 struct dl_list list;
214 struct dl_list bsss;
215 struct dl_list drvs;
216
217 struct nl_handle *nl_beacons;
218 struct nl_cb *nl_cb;
219
220 int wiphy_idx;
221 };
222
223 static void nl80211_global_deinit(void *priv);
224
225 struct i802_bss {
226 struct wpa_driver_nl80211_data *drv;
227 struct i802_bss *next;
228 int ifindex;
229 u64 wdev_id;
230 char ifname[IFNAMSIZ + 1];
231 char brname[IFNAMSIZ];
232 unsigned int beacon_set:1;
233 unsigned int added_if_into_bridge:1;
234 unsigned int added_bridge:1;
235 unsigned int in_deinit:1;
236 unsigned int wdev_id_set:1;
237 unsigned int added_if:1;
238 unsigned int static_ap:1;
239
240 u8 addr[ETH_ALEN];
241
242 int freq;
243 int bandwidth;
244 int if_dynamic;
245
246 void *ctx;
247 struct nl_handle *nl_preq, *nl_mgmt;
248 struct nl_cb *nl_cb;
249
250 struct nl80211_wiphy_data *wiphy_data;
251 struct dl_list wiphy_list;
252 };
253
254 struct wpa_driver_nl80211_data {
255 struct nl80211_global *global;
256 struct dl_list list;
257 struct dl_list wiphy_list;
258 char phyname[32];
259 u8 perm_addr[ETH_ALEN];
260 void *ctx;
261 int ifindex;
262 int if_removed;
263 int if_disabled;
264 int ignore_if_down_event;
265 struct rfkill_data *rfkill;
266 struct wpa_driver_capa capa;
267 u8 *extended_capa, *extended_capa_mask;
268 unsigned int extended_capa_len;
269 int has_capability;
270
271 int operstate;
272
273 int scan_complete_events;
274 enum scan_states {
275 NO_SCAN, SCAN_REQUESTED, SCAN_STARTED, SCAN_COMPLETED,
276 SCAN_ABORTED, SCHED_SCAN_STARTED, SCHED_SCAN_STOPPED,
277 SCHED_SCAN_RESULTS
278 } scan_state;
279
280 struct nl_cb *nl_cb;
281
282 u8 auth_bssid[ETH_ALEN];
283 u8 auth_attempt_bssid[ETH_ALEN];
284 u8 bssid[ETH_ALEN];
285 u8 prev_bssid[ETH_ALEN];
286 int associated;
287 u8 ssid[32];
288 size_t ssid_len;
289 enum nl80211_iftype nlmode;
290 enum nl80211_iftype ap_scan_as_station;
291 unsigned int assoc_freq;
292
293 int monitor_sock;
294 int monitor_ifidx;
295 int monitor_refcount;
296
297 unsigned int disabled_11b_rates:1;
298 unsigned int pending_remain_on_chan:1;
299 unsigned int in_interface_list:1;
300 unsigned int device_ap_sme:1;
301 unsigned int poll_command_supported:1;
302 unsigned int data_tx_status:1;
303 unsigned int scan_for_auth:1;
304 unsigned int retry_auth:1;
305 unsigned int use_monitor:1;
306 unsigned int ignore_next_local_disconnect:1;
307 unsigned int ignore_next_local_deauth:1;
308 unsigned int hostapd:1;
309 unsigned int start_mode_ap:1;
310 unsigned int start_iface_up:1;
311 unsigned int test_use_roc_tx:1;
312 unsigned int ignore_deauth_event:1;
313 unsigned int roaming_vendor_cmd_avail:1;
314 unsigned int dfs_vendor_cmd_avail:1;
315 unsigned int have_low_prio_scan:1;
316 unsigned int force_connect_cmd:1;
317 unsigned int addr_changed:1;
318
319 u64 remain_on_chan_cookie;
320 u64 send_action_cookie;
321
322 unsigned int last_mgmt_freq;
323
324 struct wpa_driver_scan_filter *filter_ssids;
325 size_t num_filter_ssids;
326
327 struct i802_bss *first_bss;
328
329 int eapol_tx_sock;
330
331 int eapol_sock; /* socket for EAPOL frames */
332
333 struct nl_handle *rtnl_sk; /* nl_sock for NETLINK_ROUTE */
334
335 int default_if_indices[16];
336 int *if_indices;
337 int num_if_indices;
338
339 /* From failed authentication command */
340 int auth_freq;
341 u8 auth_bssid_[ETH_ALEN];
342 u8 auth_ssid[32];
343 size_t auth_ssid_len;
344 int auth_alg;
345 u8 *auth_ie;
346 size_t auth_ie_len;
347 u8 auth_wep_key[4][16];
348 size_t auth_wep_key_len[4];
349 int auth_wep_tx_keyidx;
350 int auth_local_state_change;
351 int auth_p2p;
352 };
353
354
355 static void wpa_driver_nl80211_deinit(struct i802_bss *bss);
356 static void wpa_driver_nl80211_scan_timeout(void *eloop_ctx,
357 void *timeout_ctx);
358 static int wpa_driver_nl80211_set_mode(struct i802_bss *bss,
359 enum nl80211_iftype nlmode);
360 static int wpa_driver_nl80211_set_mode_ibss(struct i802_bss *bss,
361 struct hostapd_freq_params *freq);
362
363 static int
364 wpa_driver_nl80211_finish_drv_init(struct wpa_driver_nl80211_data *drv,
365 const u8 *set_addr, int first);
366 static int wpa_driver_nl80211_mlme(struct wpa_driver_nl80211_data *drv,
367 const u8 *addr, int cmd, u16 reason_code,
368 int local_state_change);
369 static void nl80211_remove_monitor_interface(
370 struct wpa_driver_nl80211_data *drv);
371 static int nl80211_send_frame_cmd(struct i802_bss *bss,
372 unsigned int freq, unsigned int wait,
373 const u8 *buf, size_t buf_len, u64 *cookie,
374 int no_cck, int no_ack, int offchanok);
375 static int nl80211_register_frame(struct i802_bss *bss,
376 struct nl_handle *hl_handle,
377 u16 type, const u8 *match, size_t match_len);
378 static int wpa_driver_nl80211_probe_req_report(struct i802_bss *bss,
379 int report);
380 #ifdef ANDROID
381 static int android_pno_start(struct i802_bss *bss,
382 struct wpa_driver_scan_params *params);
383 static int android_pno_stop(struct i802_bss *bss);
384 extern int wpa_driver_nl80211_driver_cmd(void *priv, char *cmd, char *buf,
385 size_t buf_len);
386 #endif /* ANDROID */
387 #ifdef ANDROID_P2P
388 #ifdef ANDROID_P2P_STUB
389 int wpa_driver_set_p2p_noa(void *priv, u8 count, int start, int duration) {
390 return 0;
391 }
392 int wpa_driver_get_p2p_noa(void *priv, u8 *buf, size_t len) {
393 return 0;
394 }
395 int wpa_driver_set_p2p_ps(void *priv, int legacy_ps, int opp_ps, int ctwindow) {
396 return -1;
397 }
398 int wpa_driver_set_ap_wps_p2p_ie(void *priv, const struct wpabuf *beacon,
399 const struct wpabuf *proberesp,
400 const struct wpabuf *assocresp) {
401 return 0;
402 }
403 #else /* ANDROID_P2P_STUB */
404 int wpa_driver_set_p2p_noa(void *priv, u8 count, int start, int duration);
405 int wpa_driver_get_p2p_noa(void *priv, u8 *buf, size_t len);
406 int wpa_driver_set_p2p_ps(void *priv, int legacy_ps, int opp_ps, int ctwindow);
407 int wpa_driver_set_ap_wps_p2p_ie(void *priv, const struct wpabuf *beacon,
408 const struct wpabuf *proberesp,
409 const struct wpabuf *assocresp);
410 #endif /* ANDROID_P2P_STUB */
411 #endif /* ANDROID_P2P */
412
413 static void add_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx);
414 static void del_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx);
415 static int have_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx);
416 static int wpa_driver_nl80211_if_remove(struct i802_bss *bss,
417 enum wpa_driver_if_type type,
418 const char *ifname);
419
420 static int nl80211_set_channel(struct i802_bss *bss,
421 struct hostapd_freq_params *freq, int set_chan);
422 static int nl80211_disable_11b_rates(struct wpa_driver_nl80211_data *drv,
423 int ifindex, int disabled);
424
425 static int nl80211_leave_ibss(struct wpa_driver_nl80211_data *drv);
426 static int wpa_driver_nl80211_authenticate_retry(
427 struct wpa_driver_nl80211_data *drv);
428
429 static int i802_set_freq(void *priv, struct hostapd_freq_params *freq);
430 static int i802_set_iface_flags(struct i802_bss *bss, int up);
431
432
433 static const char * nl80211_command_to_string(enum nl80211_commands cmd)
434 {
435 #define C2S(x) case x: return #x;
436 switch (cmd) {
437 C2S(NL80211_CMD_UNSPEC)
438 C2S(NL80211_CMD_GET_WIPHY)
439 C2S(NL80211_CMD_SET_WIPHY)
440 C2S(NL80211_CMD_NEW_WIPHY)
441 C2S(NL80211_CMD_DEL_WIPHY)
442 C2S(NL80211_CMD_GET_INTERFACE)
443 C2S(NL80211_CMD_SET_INTERFACE)
444 C2S(NL80211_CMD_NEW_INTERFACE)
445 C2S(NL80211_CMD_DEL_INTERFACE)
446 C2S(NL80211_CMD_GET_KEY)
447 C2S(NL80211_CMD_SET_KEY)
448 C2S(NL80211_CMD_NEW_KEY)
449 C2S(NL80211_CMD_DEL_KEY)
450 C2S(NL80211_CMD_GET_BEACON)
451 C2S(NL80211_CMD_SET_BEACON)
452 C2S(NL80211_CMD_START_AP)
453 C2S(NL80211_CMD_STOP_AP)
454 C2S(NL80211_CMD_GET_STATION)
455 C2S(NL80211_CMD_SET_STATION)
456 C2S(NL80211_CMD_NEW_STATION)
457 C2S(NL80211_CMD_DEL_STATION)
458 C2S(NL80211_CMD_GET_MPATH)
459 C2S(NL80211_CMD_SET_MPATH)
460 C2S(NL80211_CMD_NEW_MPATH)
461 C2S(NL80211_CMD_DEL_MPATH)
462 C2S(NL80211_CMD_SET_BSS)
463 C2S(NL80211_CMD_SET_REG)
464 C2S(NL80211_CMD_REQ_SET_REG)
465 C2S(NL80211_CMD_GET_MESH_CONFIG)
466 C2S(NL80211_CMD_SET_MESH_CONFIG)
467 C2S(NL80211_CMD_SET_MGMT_EXTRA_IE)
468 C2S(NL80211_CMD_GET_REG)
469 C2S(NL80211_CMD_GET_SCAN)
470 C2S(NL80211_CMD_TRIGGER_SCAN)
471 C2S(NL80211_CMD_NEW_SCAN_RESULTS)
472 C2S(NL80211_CMD_SCAN_ABORTED)
473 C2S(NL80211_CMD_REG_CHANGE)
474 C2S(NL80211_CMD_AUTHENTICATE)
475 C2S(NL80211_CMD_ASSOCIATE)
476 C2S(NL80211_CMD_DEAUTHENTICATE)
477 C2S(NL80211_CMD_DISASSOCIATE)
478 C2S(NL80211_CMD_MICHAEL_MIC_FAILURE)
479 C2S(NL80211_CMD_REG_BEACON_HINT)
480 C2S(NL80211_CMD_JOIN_IBSS)
481 C2S(NL80211_CMD_LEAVE_IBSS)
482 C2S(NL80211_CMD_TESTMODE)
483 C2S(NL80211_CMD_CONNECT)
484 C2S(NL80211_CMD_ROAM)
485 C2S(NL80211_CMD_DISCONNECT)
486 C2S(NL80211_CMD_SET_WIPHY_NETNS)
487 C2S(NL80211_CMD_GET_SURVEY)
488 C2S(NL80211_CMD_NEW_SURVEY_RESULTS)
489 C2S(NL80211_CMD_SET_PMKSA)
490 C2S(NL80211_CMD_DEL_PMKSA)
491 C2S(NL80211_CMD_FLUSH_PMKSA)
492 C2S(NL80211_CMD_REMAIN_ON_CHANNEL)
493 C2S(NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL)
494 C2S(NL80211_CMD_SET_TX_BITRATE_MASK)
495 C2S(NL80211_CMD_REGISTER_FRAME)
496 C2S(NL80211_CMD_FRAME)
497 C2S(NL80211_CMD_FRAME_TX_STATUS)
498 C2S(NL80211_CMD_SET_POWER_SAVE)
499 C2S(NL80211_CMD_GET_POWER_SAVE)
500 C2S(NL80211_CMD_SET_CQM)
501 C2S(NL80211_CMD_NOTIFY_CQM)
502 C2S(NL80211_CMD_SET_CHANNEL)
503 C2S(NL80211_CMD_SET_WDS_PEER)
504 C2S(NL80211_CMD_FRAME_WAIT_CANCEL)
505 C2S(NL80211_CMD_JOIN_MESH)
506 C2S(NL80211_CMD_LEAVE_MESH)
507 C2S(NL80211_CMD_UNPROT_DEAUTHENTICATE)
508 C2S(NL80211_CMD_UNPROT_DISASSOCIATE)
509 C2S(NL80211_CMD_NEW_PEER_CANDIDATE)
510 C2S(NL80211_CMD_GET_WOWLAN)
511 C2S(NL80211_CMD_SET_WOWLAN)
512 C2S(NL80211_CMD_START_SCHED_SCAN)
513 C2S(NL80211_CMD_STOP_SCHED_SCAN)
514 C2S(NL80211_CMD_SCHED_SCAN_RESULTS)
515 C2S(NL80211_CMD_SCHED_SCAN_STOPPED)
516 C2S(NL80211_CMD_SET_REKEY_OFFLOAD)
517 C2S(NL80211_CMD_PMKSA_CANDIDATE)
518 C2S(NL80211_CMD_TDLS_OPER)
519 C2S(NL80211_CMD_TDLS_MGMT)
520 C2S(NL80211_CMD_UNEXPECTED_FRAME)
521 C2S(NL80211_CMD_PROBE_CLIENT)
522 C2S(NL80211_CMD_REGISTER_BEACONS)
523 C2S(NL80211_CMD_UNEXPECTED_4ADDR_FRAME)
524 C2S(NL80211_CMD_SET_NOACK_MAP)
525 C2S(NL80211_CMD_CH_SWITCH_NOTIFY)
526 C2S(NL80211_CMD_START_P2P_DEVICE)
527 C2S(NL80211_CMD_STOP_P2P_DEVICE)
528 C2S(NL80211_CMD_CONN_FAILED)
529 C2S(NL80211_CMD_SET_MCAST_RATE)
530 C2S(NL80211_CMD_SET_MAC_ACL)
531 C2S(NL80211_CMD_RADAR_DETECT)
532 C2S(NL80211_CMD_GET_PROTOCOL_FEATURES)
533 C2S(NL80211_CMD_UPDATE_FT_IES)
534 C2S(NL80211_CMD_FT_EVENT)
535 C2S(NL80211_CMD_CRIT_PROTOCOL_START)
536 C2S(NL80211_CMD_CRIT_PROTOCOL_STOP)
537 C2S(NL80211_CMD_GET_COALESCE)
538 C2S(NL80211_CMD_SET_COALESCE)
539 C2S(NL80211_CMD_CHANNEL_SWITCH)
540 C2S(NL80211_CMD_VENDOR)
541 C2S(NL80211_CMD_SET_QOS_MAP)
542 default:
543 return "NL80211_CMD_UNKNOWN";
544 }
545 #undef C2S
546 }
547
548
549 /* Converts nl80211_chan_width to a common format */
550 static enum chan_width convert2width(int width)
551 {
552 switch (width) {
553 case NL80211_CHAN_WIDTH_20_NOHT:
554 return CHAN_WIDTH_20_NOHT;
555 case NL80211_CHAN_WIDTH_20:
556 return CHAN_WIDTH_20;
557 case NL80211_CHAN_WIDTH_40:
558 return CHAN_WIDTH_40;
559 case NL80211_CHAN_WIDTH_80:
560 return CHAN_WIDTH_80;
561 case NL80211_CHAN_WIDTH_80P80:
562 return CHAN_WIDTH_80P80;
563 case NL80211_CHAN_WIDTH_160:
564 return CHAN_WIDTH_160;
565 }
566 return CHAN_WIDTH_UNKNOWN;
567 }
568
569
570 static int is_ap_interface(enum nl80211_iftype nlmode)
571 {
572 return nlmode == NL80211_IFTYPE_AP ||
573 nlmode == NL80211_IFTYPE_P2P_GO;
574 }
575
576
577 static int is_sta_interface(enum nl80211_iftype nlmode)
578 {
579 return nlmode == NL80211_IFTYPE_STATION ||
580 nlmode == NL80211_IFTYPE_P2P_CLIENT;
581 }
582
583
584 static int is_p2p_net_interface(enum nl80211_iftype nlmode)
585 {
586 return nlmode == NL80211_IFTYPE_P2P_CLIENT ||
587 nlmode == NL80211_IFTYPE_P2P_GO;
588 }
589
590
591 static struct i802_bss * get_bss_ifindex(struct wpa_driver_nl80211_data *drv,
592 int ifindex)
593 {
594 struct i802_bss *bss;
595
596 for (bss = drv->first_bss; bss; bss = bss->next) {
597 if (bss->ifindex == ifindex)
598 return bss;
599 }
600
601 return NULL;
602 }
603
604
605 static void nl80211_mark_disconnected(struct wpa_driver_nl80211_data *drv)
606 {
607 if (drv->associated)
608 os_memcpy(drv->prev_bssid, drv->bssid, ETH_ALEN);
609 drv->associated = 0;
610 os_memset(drv->bssid, 0, ETH_ALEN);
611 }
612
613
614 struct nl80211_bss_info_arg {
615 struct wpa_driver_nl80211_data *drv;
616 struct wpa_scan_results *res;
617 unsigned int assoc_freq;
618 unsigned int ibss_freq;
619 u8 assoc_bssid[ETH_ALEN];
620 };
621
622 static int bss_info_handler(struct nl_msg *msg, void *arg);
623
624
625 /* nl80211 code */
626 static int ack_handler(struct nl_msg *msg, void *arg)
627 {
628 int *err = arg;
629 *err = 0;
630 return NL_STOP;
631 }
632
633 static int finish_handler(struct nl_msg *msg, void *arg)
634 {
635 int *ret = arg;
636 *ret = 0;
637 return NL_SKIP;
638 }
639
640 static int error_handler(struct sockaddr_nl *nla, struct nlmsgerr *err,
641 void *arg)
642 {
643 int *ret = arg;
644 *ret = err->error;
645 return NL_SKIP;
646 }
647
648
649 static int no_seq_check(struct nl_msg *msg, void *arg)
650 {
651 return NL_OK;
652 }
653
654
655 static int send_and_recv(struct nl80211_global *global,
656 struct nl_handle *nl_handle, struct nl_msg *msg,
657 int (*valid_handler)(struct nl_msg *, void *),
658 void *valid_data)
659 {
660 struct nl_cb *cb;
661 int err = -ENOMEM;
662
663 cb = nl_cb_clone(global->nl_cb);
664 if (!cb)
665 goto out;
666
667 err = nl_send_auto_complete(nl_handle, msg);
668 if (err < 0)
669 goto out;
670
671 err = 1;
672
673 nl_cb_err(cb, NL_CB_CUSTOM, error_handler, &err);
674 nl_cb_set(cb, NL_CB_FINISH, NL_CB_CUSTOM, finish_handler, &err);
675 nl_cb_set(cb, NL_CB_ACK, NL_CB_CUSTOM, ack_handler, &err);
676
677 if (valid_handler)
678 nl_cb_set(cb, NL_CB_VALID, NL_CB_CUSTOM,
679 valid_handler, valid_data);
680
681 while (err > 0) {
682 int res = nl_recvmsgs(nl_handle, cb);
683 if (res < 0) {
684 wpa_printf(MSG_INFO,
685 "nl80211: %s->nl_recvmsgs failed: %d",
686 __func__, res);
687 }
688 }
689 out:
690 nl_cb_put(cb);
691 nlmsg_free(msg);
692 return err;
693 }
694
695
696 static int send_and_recv_msgs_global(struct nl80211_global *global,
697 struct nl_msg *msg,
698 int (*valid_handler)(struct nl_msg *, void *),
699 void *valid_data)
700 {
701 return send_and_recv(global, global->nl, msg, valid_handler,
702 valid_data);
703 }
704
705
706 static int send_and_recv_msgs(struct wpa_driver_nl80211_data *drv,
707 struct nl_msg *msg,
708 int (*valid_handler)(struct nl_msg *, void *),
709 void *valid_data)
710 {
711 return send_and_recv(drv->global, drv->global->nl, msg,
712 valid_handler, valid_data);
713 }
714
715
716 struct family_data {
717 const char *group;
718 int id;
719 };
720
721
722 static int nl80211_set_iface_id(struct nl_msg *msg, struct i802_bss *bss)
723 {
724 if (bss->wdev_id_set)
725 NLA_PUT_U64(msg, NL80211_ATTR_WDEV, bss->wdev_id);
726 else
727 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, bss->ifindex);
728 return 0;
729
730 nla_put_failure:
731 return -1;
732 }
733
734
735 static int family_handler(struct nl_msg *msg, void *arg)
736 {
737 struct family_data *res = arg;
738 struct nlattr *tb[CTRL_ATTR_MAX + 1];
739 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
740 struct nlattr *mcgrp;
741 int i;
742
743 nla_parse(tb, CTRL_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
744 genlmsg_attrlen(gnlh, 0), NULL);
745 if (!tb[CTRL_ATTR_MCAST_GROUPS])
746 return NL_SKIP;
747
748 nla_for_each_nested(mcgrp, tb[CTRL_ATTR_MCAST_GROUPS], i) {
749 struct nlattr *tb2[CTRL_ATTR_MCAST_GRP_MAX + 1];
750 nla_parse(tb2, CTRL_ATTR_MCAST_GRP_MAX, nla_data(mcgrp),
751 nla_len(mcgrp), NULL);
752 if (!tb2[CTRL_ATTR_MCAST_GRP_NAME] ||
753 !tb2[CTRL_ATTR_MCAST_GRP_ID] ||
754 os_strncmp(nla_data(tb2[CTRL_ATTR_MCAST_GRP_NAME]),
755 res->group,
756 nla_len(tb2[CTRL_ATTR_MCAST_GRP_NAME])) != 0)
757 continue;
758 res->id = nla_get_u32(tb2[CTRL_ATTR_MCAST_GRP_ID]);
759 break;
760 };
761
762 return NL_SKIP;
763 }
764
765
766 static int nl_get_multicast_id(struct nl80211_global *global,
767 const char *family, const char *group)
768 {
769 struct nl_msg *msg;
770 int ret = -1;
771 struct family_data res = { group, -ENOENT };
772
773 msg = nlmsg_alloc();
774 if (!msg)
775 return -ENOMEM;
776 genlmsg_put(msg, 0, 0, genl_ctrl_resolve(global->nl, "nlctrl"),
777 0, 0, CTRL_CMD_GETFAMILY, 0);
778 NLA_PUT_STRING(msg, CTRL_ATTR_FAMILY_NAME, family);
779
780 ret = send_and_recv_msgs_global(global, msg, family_handler, &res);
781 msg = NULL;
782 if (ret == 0)
783 ret = res.id;
784
785 nla_put_failure:
786 nlmsg_free(msg);
787 return ret;
788 }
789
790
791 static void * nl80211_cmd(struct wpa_driver_nl80211_data *drv,
792 struct nl_msg *msg, int flags, uint8_t cmd)
793 {
794 return genlmsg_put(msg, 0, 0, drv->global->nl80211_id,
795 0, flags, cmd, 0);
796 }
797
798
799 struct wiphy_idx_data {
800 int wiphy_idx;
801 enum nl80211_iftype nlmode;
802 u8 *macaddr;
803 };
804
805
806 static int netdev_info_handler(struct nl_msg *msg, void *arg)
807 {
808 struct nlattr *tb[NL80211_ATTR_MAX + 1];
809 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
810 struct wiphy_idx_data *info = arg;
811
812 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
813 genlmsg_attrlen(gnlh, 0), NULL);
814
815 if (tb[NL80211_ATTR_WIPHY])
816 info->wiphy_idx = nla_get_u32(tb[NL80211_ATTR_WIPHY]);
817
818 if (tb[NL80211_ATTR_IFTYPE])
819 info->nlmode = nla_get_u32(tb[NL80211_ATTR_IFTYPE]);
820
821 if (tb[NL80211_ATTR_MAC] && info->macaddr)
822 os_memcpy(info->macaddr, nla_data(tb[NL80211_ATTR_MAC]),
823 ETH_ALEN);
824
825 return NL_SKIP;
826 }
827
828
829 static int nl80211_get_wiphy_index(struct i802_bss *bss)
830 {
831 struct nl_msg *msg;
832 struct wiphy_idx_data data = {
833 .wiphy_idx = -1,
834 .macaddr = NULL,
835 };
836
837 msg = nlmsg_alloc();
838 if (!msg)
839 return NL80211_IFTYPE_UNSPECIFIED;
840
841 nl80211_cmd(bss->drv, msg, 0, NL80211_CMD_GET_INTERFACE);
842
843 if (nl80211_set_iface_id(msg, bss) < 0)
844 goto nla_put_failure;
845
846 if (send_and_recv_msgs(bss->drv, msg, netdev_info_handler, &data) == 0)
847 return data.wiphy_idx;
848 msg = NULL;
849 nla_put_failure:
850 nlmsg_free(msg);
851 return -1;
852 }
853
854
855 static enum nl80211_iftype nl80211_get_ifmode(struct i802_bss *bss)
856 {
857 struct nl_msg *msg;
858 struct wiphy_idx_data data = {
859 .nlmode = NL80211_IFTYPE_UNSPECIFIED,
860 .macaddr = NULL,
861 };
862
863 msg = nlmsg_alloc();
864 if (!msg)
865 return -1;
866
867 nl80211_cmd(bss->drv, msg, 0, NL80211_CMD_GET_INTERFACE);
868
869 if (nl80211_set_iface_id(msg, bss) < 0)
870 goto nla_put_failure;
871
872 if (send_and_recv_msgs(bss->drv, msg, netdev_info_handler, &data) == 0)
873 return data.nlmode;
874 msg = NULL;
875 nla_put_failure:
876 nlmsg_free(msg);
877 return NL80211_IFTYPE_UNSPECIFIED;
878 }
879
880
881 static int nl80211_get_macaddr(struct i802_bss *bss)
882 {
883 struct nl_msg *msg;
884 struct wiphy_idx_data data = {
885 .macaddr = bss->addr,
886 };
887
888 msg = nlmsg_alloc();
889 if (!msg)
890 return NL80211_IFTYPE_UNSPECIFIED;
891
892 nl80211_cmd(bss->drv, msg, 0, NL80211_CMD_GET_INTERFACE);
893 if (nl80211_set_iface_id(msg, bss) < 0)
894 goto nla_put_failure;
895
896 return send_and_recv_msgs(bss->drv, msg, netdev_info_handler, &data);
897
898 nla_put_failure:
899 nlmsg_free(msg);
900 return NL80211_IFTYPE_UNSPECIFIED;
901 }
902
903
904 static int nl80211_register_beacons(struct wpa_driver_nl80211_data *drv,
905 struct nl80211_wiphy_data *w)
906 {
907 struct nl_msg *msg;
908 int ret = -1;
909
910 msg = nlmsg_alloc();
911 if (!msg)
912 return -1;
913
914 nl80211_cmd(drv, msg, 0, NL80211_CMD_REGISTER_BEACONS);
915
916 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, w->wiphy_idx);
917
918 ret = send_and_recv(drv->global, w->nl_beacons, msg, NULL, NULL);
919 msg = NULL;
920 if (ret) {
921 wpa_printf(MSG_DEBUG, "nl80211: Register beacons command "
922 "failed: ret=%d (%s)",
923 ret, strerror(-ret));
924 goto nla_put_failure;
925 }
926 ret = 0;
927 nla_put_failure:
928 nlmsg_free(msg);
929 return ret;
930 }
931
932
933 static void nl80211_recv_beacons(int sock, void *eloop_ctx, void *handle)
934 {
935 struct nl80211_wiphy_data *w = eloop_ctx;
936 int res;
937
938 wpa_printf(MSG_EXCESSIVE, "nl80211: Beacon event message available");
939
940 res = nl_recvmsgs(handle, w->nl_cb);
941 if (res < 0) {
942 wpa_printf(MSG_INFO, "nl80211: %s->nl_recvmsgs failed: %d",
943 __func__, res);
944 }
945 }
946
947
948 static int process_beacon_event(struct nl_msg *msg, void *arg)
949 {
950 struct nl80211_wiphy_data *w = arg;
951 struct wpa_driver_nl80211_data *drv;
952 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
953 struct nlattr *tb[NL80211_ATTR_MAX + 1];
954 union wpa_event_data event;
955
956 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
957 genlmsg_attrlen(gnlh, 0), NULL);
958
959 if (gnlh->cmd != NL80211_CMD_FRAME) {
960 wpa_printf(MSG_DEBUG, "nl80211: Unexpected beacon event? (%d)",
961 gnlh->cmd);
962 return NL_SKIP;
963 }
964
965 if (!tb[NL80211_ATTR_FRAME])
966 return NL_SKIP;
967
968 dl_list_for_each(drv, &w->drvs, struct wpa_driver_nl80211_data,
969 wiphy_list) {
970 os_memset(&event, 0, sizeof(event));
971 event.rx_mgmt.frame = nla_data(tb[NL80211_ATTR_FRAME]);
972 event.rx_mgmt.frame_len = nla_len(tb[NL80211_ATTR_FRAME]);
973 wpa_supplicant_event(drv->ctx, EVENT_RX_MGMT, &event);
974 }
975
976 return NL_SKIP;
977 }
978
979
980 static struct nl80211_wiphy_data *
981 nl80211_get_wiphy_data_ap(struct i802_bss *bss)
982 {
983 static DEFINE_DL_LIST(nl80211_wiphys);
984 struct nl80211_wiphy_data *w;
985 int wiphy_idx, found = 0;
986 struct i802_bss *tmp_bss;
987
988 if (bss->wiphy_data != NULL)
989 return bss->wiphy_data;
990
991 wiphy_idx = nl80211_get_wiphy_index(bss);
992
993 dl_list_for_each(w, &nl80211_wiphys, struct nl80211_wiphy_data, list) {
994 if (w->wiphy_idx == wiphy_idx)
995 goto add;
996 }
997
998 /* alloc new one */
999 w = os_zalloc(sizeof(*w));
1000 if (w == NULL)
1001 return NULL;
1002 w->wiphy_idx = wiphy_idx;
1003 dl_list_init(&w->bsss);
1004 dl_list_init(&w->drvs);
1005
1006 w->nl_cb = nl_cb_alloc(NL_CB_DEFAULT);
1007 if (!w->nl_cb) {
1008 os_free(w);
1009 return NULL;
1010 }
1011 nl_cb_set(w->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM, no_seq_check, NULL);
1012 nl_cb_set(w->nl_cb, NL_CB_VALID, NL_CB_CUSTOM, process_beacon_event,
1013 w);
1014
1015 w->nl_beacons = nl_create_handle(bss->drv->global->nl_cb,
1016 "wiphy beacons");
1017 if (w->nl_beacons == NULL) {
1018 os_free(w);
1019 return NULL;
1020 }
1021
1022 if (nl80211_register_beacons(bss->drv, w)) {
1023 nl_destroy_handles(&w->nl_beacons);
1024 os_free(w);
1025 return NULL;
1026 }
1027
1028 nl80211_register_eloop_read(&w->nl_beacons, nl80211_recv_beacons, w);
1029
1030 dl_list_add(&nl80211_wiphys, &w->list);
1031
1032 add:
1033 /* drv entry for this bss already there? */
1034 dl_list_for_each(tmp_bss, &w->bsss, struct i802_bss, wiphy_list) {
1035 if (tmp_bss->drv == bss->drv) {
1036 found = 1;
1037 break;
1038 }
1039 }
1040 /* if not add it */
1041 if (!found)
1042 dl_list_add(&w->drvs, &bss->drv->wiphy_list);
1043
1044 dl_list_add(&w->bsss, &bss->wiphy_list);
1045 bss->wiphy_data = w;
1046 return w;
1047 }
1048
1049
1050 static void nl80211_put_wiphy_data_ap(struct i802_bss *bss)
1051 {
1052 struct nl80211_wiphy_data *w = bss->wiphy_data;
1053 struct i802_bss *tmp_bss;
1054 int found = 0;
1055
1056 if (w == NULL)
1057 return;
1058 bss->wiphy_data = NULL;
1059 dl_list_del(&bss->wiphy_list);
1060
1061 /* still any for this drv present? */
1062 dl_list_for_each(tmp_bss, &w->bsss, struct i802_bss, wiphy_list) {
1063 if (tmp_bss->drv == bss->drv) {
1064 found = 1;
1065 break;
1066 }
1067 }
1068 /* if not remove it */
1069 if (!found)
1070 dl_list_del(&bss->drv->wiphy_list);
1071
1072 if (!dl_list_empty(&w->bsss))
1073 return;
1074
1075 nl80211_destroy_eloop_handle(&w->nl_beacons);
1076
1077 nl_cb_put(w->nl_cb);
1078 dl_list_del(&w->list);
1079 os_free(w);
1080 }
1081
1082
1083 static int wpa_driver_nl80211_get_bssid(void *priv, u8 *bssid)
1084 {
1085 struct i802_bss *bss = priv;
1086 struct wpa_driver_nl80211_data *drv = bss->drv;
1087 if (!drv->associated)
1088 return -1;
1089 os_memcpy(bssid, drv->bssid, ETH_ALEN);
1090 return 0;
1091 }
1092
1093
1094 static int wpa_driver_nl80211_get_ssid(void *priv, u8 *ssid)
1095 {
1096 struct i802_bss *bss = priv;
1097 struct wpa_driver_nl80211_data *drv = bss->drv;
1098 if (!drv->associated)
1099 return -1;
1100 os_memcpy(ssid, drv->ssid, drv->ssid_len);
1101 return drv->ssid_len;
1102 }
1103
1104
1105 static void wpa_driver_nl80211_event_newlink(
1106 struct wpa_driver_nl80211_data *drv, char *ifname)
1107 {
1108 union wpa_event_data event;
1109
1110 if (os_strcmp(drv->first_bss->ifname, ifname) == 0) {
1111 if (if_nametoindex(drv->first_bss->ifname) == 0) {
1112 wpa_printf(MSG_DEBUG, "nl80211: Interface %s does not exist - ignore RTM_NEWLINK",
1113 drv->first_bss->ifname);
1114 return;
1115 }
1116 if (!drv->if_removed)
1117 return;
1118 wpa_printf(MSG_DEBUG, "nl80211: Mark if_removed=0 for %s based on RTM_NEWLINK event",
1119 drv->first_bss->ifname);
1120 drv->if_removed = 0;
1121 }
1122
1123 os_memset(&event, 0, sizeof(event));
1124 os_strlcpy(event.interface_status.ifname, ifname,
1125 sizeof(event.interface_status.ifname));
1126 event.interface_status.ievent = EVENT_INTERFACE_ADDED;
1127 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_STATUS, &event);
1128 }
1129
1130
1131 static void wpa_driver_nl80211_event_dellink(
1132 struct wpa_driver_nl80211_data *drv, char *ifname)
1133 {
1134 union wpa_event_data event;
1135
1136 if (os_strcmp(drv->first_bss->ifname, ifname) == 0) {
1137 if (drv->if_removed) {
1138 wpa_printf(MSG_DEBUG, "nl80211: if_removed already set - ignore RTM_DELLINK event for %s",
1139 ifname);
1140 return;
1141 }
1142 wpa_printf(MSG_DEBUG, "RTM_DELLINK: Interface '%s' removed - mark if_removed=1",
1143 ifname);
1144 drv->if_removed = 1;
1145 } else {
1146 wpa_printf(MSG_DEBUG, "RTM_DELLINK: Interface '%s' removed",
1147 ifname);
1148 }
1149
1150 os_memset(&event, 0, sizeof(event));
1151 os_strlcpy(event.interface_status.ifname, ifname,
1152 sizeof(event.interface_status.ifname));
1153 event.interface_status.ievent = EVENT_INTERFACE_REMOVED;
1154 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_STATUS, &event);
1155 }
1156
1157
1158 static int wpa_driver_nl80211_own_ifname(struct wpa_driver_nl80211_data *drv,
1159 u8 *buf, size_t len)
1160 {
1161 int attrlen, rta_len;
1162 struct rtattr *attr;
1163
1164 attrlen = len;
1165 attr = (struct rtattr *) buf;
1166
1167 rta_len = RTA_ALIGN(sizeof(struct rtattr));
1168 while (RTA_OK(attr, attrlen)) {
1169 if (attr->rta_type == IFLA_IFNAME) {
1170 if (os_strcmp(((char *) attr) + rta_len,
1171 drv->first_bss->ifname) == 0)
1172 return 1;
1173 else
1174 break;
1175 }
1176 attr = RTA_NEXT(attr, attrlen);
1177 }
1178
1179 return 0;
1180 }
1181
1182
1183 static int wpa_driver_nl80211_own_ifindex(struct wpa_driver_nl80211_data *drv,
1184 int ifindex, u8 *buf, size_t len)
1185 {
1186 if (drv->ifindex == ifindex)
1187 return 1;
1188
1189 if (drv->if_removed && wpa_driver_nl80211_own_ifname(drv, buf, len)) {
1190 wpa_printf(MSG_DEBUG, "nl80211: Update ifindex for a removed "
1191 "interface");
1192 wpa_driver_nl80211_finish_drv_init(drv, NULL, 0);
1193 return 1;
1194 }
1195
1196 return 0;
1197 }
1198
1199
1200 static struct wpa_driver_nl80211_data *
1201 nl80211_find_drv(struct nl80211_global *global, int idx, u8 *buf, size_t len)
1202 {
1203 struct wpa_driver_nl80211_data *drv;
1204 dl_list_for_each(drv, &global->interfaces,
1205 struct wpa_driver_nl80211_data, list) {
1206 if (wpa_driver_nl80211_own_ifindex(drv, idx, buf, len) ||
1207 have_ifidx(drv, idx))
1208 return drv;
1209 }
1210 return NULL;
1211 }
1212
1213
1214 static void wpa_driver_nl80211_event_rtm_newlink(void *ctx,
1215 struct ifinfomsg *ifi,
1216 u8 *buf, size_t len)
1217 {
1218 struct nl80211_global *global = ctx;
1219 struct wpa_driver_nl80211_data *drv;
1220 int attrlen;
1221 struct rtattr *attr;
1222 u32 brid = 0;
1223 char namebuf[IFNAMSIZ];
1224 char ifname[IFNAMSIZ + 1];
1225 char extra[100], *pos, *end;
1226
1227 drv = nl80211_find_drv(global, ifi->ifi_index, buf, len);
1228 if (!drv) {
1229 wpa_printf(MSG_DEBUG, "nl80211: Ignore RTM_NEWLINK event for foreign ifindex %d",
1230 ifi->ifi_index);
1231 return;
1232 }
1233
1234 extra[0] = '\0';
1235 pos = extra;
1236 end = pos + sizeof(extra);
1237 ifname[0] = '\0';
1238
1239 attrlen = len;
1240 attr = (struct rtattr *) buf;
1241 while (RTA_OK(attr, attrlen)) {
1242 switch (attr->rta_type) {
1243 case IFLA_IFNAME:
1244 if (RTA_PAYLOAD(attr) >= IFNAMSIZ)
1245 break;
1246 os_memcpy(ifname, RTA_DATA(attr), RTA_PAYLOAD(attr));
1247 ifname[RTA_PAYLOAD(attr)] = '\0';
1248 break;
1249 case IFLA_MASTER:
1250 brid = nla_get_u32((struct nlattr *) attr);
1251 pos += os_snprintf(pos, end - pos, " master=%u", brid);
1252 break;
1253 case IFLA_WIRELESS:
1254 pos += os_snprintf(pos, end - pos, " wext");
1255 break;
1256 case IFLA_OPERSTATE:
1257 pos += os_snprintf(pos, end - pos, " operstate=%u",
1258 nla_get_u32((struct nlattr *) attr));
1259 break;
1260 case IFLA_LINKMODE:
1261 pos += os_snprintf(pos, end - pos, " linkmode=%u",
1262 nla_get_u32((struct nlattr *) attr));
1263 break;
1264 }
1265 attr = RTA_NEXT(attr, attrlen);
1266 }
1267 extra[sizeof(extra) - 1] = '\0';
1268
1269 wpa_printf(MSG_DEBUG, "RTM_NEWLINK: ifi_index=%d ifname=%s%s ifi_family=%d ifi_flags=0x%x (%s%s%s%s)",
1270 ifi->ifi_index, ifname, extra, ifi->ifi_family,
1271 ifi->ifi_flags,
1272 (ifi->ifi_flags & IFF_UP) ? "[UP]" : "",
1273 (ifi->ifi_flags & IFF_RUNNING) ? "[RUNNING]" : "",
1274 (ifi->ifi_flags & IFF_LOWER_UP) ? "[LOWER_UP]" : "",
1275 (ifi->ifi_flags & IFF_DORMANT) ? "[DORMANT]" : "");
1276
1277 if (!drv->if_disabled && !(ifi->ifi_flags & IFF_UP)) {
1278 if (if_indextoname(ifi->ifi_index, namebuf) &&
1279 linux_iface_up(drv->global->ioctl_sock,
1280 drv->first_bss->ifname) > 0) {
1281 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface down "
1282 "event since interface %s is up", namebuf);
1283 return;
1284 }
1285 wpa_printf(MSG_DEBUG, "nl80211: Interface down");
1286 if (drv->ignore_if_down_event) {
1287 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface down "
1288 "event generated by mode change");
1289 drv->ignore_if_down_event = 0;
1290 } else {
1291 drv->if_disabled = 1;
1292 wpa_supplicant_event(drv->ctx,
1293 EVENT_INTERFACE_DISABLED, NULL);
1294
1295 /*
1296 * Try to get drv again, since it may be removed as
1297 * part of the EVENT_INTERFACE_DISABLED handling for
1298 * dynamic interfaces
1299 */
1300 drv = nl80211_find_drv(global, ifi->ifi_index,
1301 buf, len);
1302 if (!drv)
1303 return;
1304 }
1305 }
1306
1307 if (drv->if_disabled && (ifi->ifi_flags & IFF_UP)) {
1308 if (if_indextoname(ifi->ifi_index, namebuf) &&
1309 linux_iface_up(drv->global->ioctl_sock,
1310 drv->first_bss->ifname) == 0) {
1311 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface up "
1312 "event since interface %s is down",
1313 namebuf);
1314 } else if (if_nametoindex(drv->first_bss->ifname) == 0) {
1315 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface up "
1316 "event since interface %s does not exist",
1317 drv->first_bss->ifname);
1318 } else if (drv->if_removed) {
1319 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface up "
1320 "event since interface %s is marked "
1321 "removed", drv->first_bss->ifname);
1322 } else {
1323 struct i802_bss *bss;
1324 u8 addr[ETH_ALEN];
1325
1326 /* Re-read MAC address as it may have changed */
1327 bss = get_bss_ifindex(drv, ifi->ifi_index);
1328 if (bss &&
1329 linux_get_ifhwaddr(drv->global->ioctl_sock,
1330 bss->ifname, addr) < 0) {
1331 wpa_printf(MSG_DEBUG,
1332 "nl80211: %s: failed to re-read MAC address",
1333 bss->ifname);
1334 } else if (bss &&
1335 os_memcmp(addr, bss->addr, ETH_ALEN) != 0) {
1336 wpa_printf(MSG_DEBUG,
1337 "nl80211: Own MAC address on ifindex %d (%s) changed from "
1338 MACSTR " to " MACSTR,
1339 ifi->ifi_index, bss->ifname,
1340 MAC2STR(bss->addr),
1341 MAC2STR(addr));
1342 os_memcpy(bss->addr, addr, ETH_ALEN);
1343 }
1344
1345 wpa_printf(MSG_DEBUG, "nl80211: Interface up");
1346 drv->if_disabled = 0;
1347 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_ENABLED,
1348 NULL);
1349 }
1350 }
1351
1352 /*
1353 * Some drivers send the association event before the operup event--in
1354 * this case, lifting operstate in wpa_driver_nl80211_set_operstate()
1355 * fails. This will hit us when wpa_supplicant does not need to do
1356 * IEEE 802.1X authentication
1357 */
1358 if (drv->operstate == 1 &&
1359 (ifi->ifi_flags & (IFF_LOWER_UP | IFF_DORMANT)) == IFF_LOWER_UP &&
1360 !(ifi->ifi_flags & IFF_RUNNING)) {
1361 wpa_printf(MSG_DEBUG, "nl80211: Set IF_OPER_UP again based on ifi_flags and expected operstate");
1362 netlink_send_oper_ifla(drv->global->netlink, drv->ifindex,
1363 -1, IF_OPER_UP);
1364 }
1365
1366 if (ifname[0])
1367 wpa_driver_nl80211_event_newlink(drv, ifname);
1368
1369 if (ifi->ifi_family == AF_BRIDGE && brid) {
1370 /* device has been added to bridge */
1371 if_indextoname(brid, namebuf);
1372 wpa_printf(MSG_DEBUG, "nl80211: Add ifindex %u for bridge %s",
1373 brid, namebuf);
1374 add_ifidx(drv, brid);
1375 }
1376 }
1377
1378
1379 static void wpa_driver_nl80211_event_rtm_dellink(void *ctx,
1380 struct ifinfomsg *ifi,
1381 u8 *buf, size_t len)
1382 {
1383 struct nl80211_global *global = ctx;
1384 struct wpa_driver_nl80211_data *drv;
1385 int attrlen;
1386 struct rtattr *attr;
1387 u32 brid = 0;
1388 char ifname[IFNAMSIZ + 1];
1389 char extra[100], *pos, *end;
1390
1391 drv = nl80211_find_drv(global, ifi->ifi_index, buf, len);
1392 if (!drv) {
1393 wpa_printf(MSG_DEBUG, "nl80211: Ignore RTM_DELLINK event for foreign ifindex %d",
1394 ifi->ifi_index);
1395 return;
1396 }
1397
1398 extra[0] = '\0';
1399 pos = extra;
1400 end = pos + sizeof(extra);
1401 ifname[0] = '\0';
1402
1403 attrlen = len;
1404 attr = (struct rtattr *) buf;
1405 while (RTA_OK(attr, attrlen)) {
1406 switch (attr->rta_type) {
1407 case IFLA_IFNAME:
1408 if (RTA_PAYLOAD(attr) >= IFNAMSIZ)
1409 break;
1410 os_memcpy(ifname, RTA_DATA(attr), RTA_PAYLOAD(attr));
1411 ifname[RTA_PAYLOAD(attr)] = '\0';
1412 break;
1413 case IFLA_MASTER:
1414 brid = nla_get_u32((struct nlattr *) attr);
1415 pos += os_snprintf(pos, end - pos, " master=%u", brid);
1416 break;
1417 case IFLA_OPERSTATE:
1418 pos += os_snprintf(pos, end - pos, " operstate=%u",
1419 nla_get_u32((struct nlattr *) attr));
1420 break;
1421 case IFLA_LINKMODE:
1422 pos += os_snprintf(pos, end - pos, " linkmode=%u",
1423 nla_get_u32((struct nlattr *) attr));
1424 break;
1425 }
1426 attr = RTA_NEXT(attr, attrlen);
1427 }
1428 extra[sizeof(extra) - 1] = '\0';
1429
1430 wpa_printf(MSG_DEBUG, "RTM_DELLINK: ifi_index=%d ifname=%s%s ifi_family=%d ifi_flags=0x%x (%s%s%s%s)",
1431 ifi->ifi_index, ifname, extra, ifi->ifi_family,
1432 ifi->ifi_flags,
1433 (ifi->ifi_flags & IFF_UP) ? "[UP]" : "",
1434 (ifi->ifi_flags & IFF_RUNNING) ? "[RUNNING]" : "",
1435 (ifi->ifi_flags & IFF_LOWER_UP) ? "[LOWER_UP]" : "",
1436 (ifi->ifi_flags & IFF_DORMANT) ? "[DORMANT]" : "");
1437
1438 if (ifname[0] && (ifi->ifi_family != AF_BRIDGE || !brid))
1439 wpa_driver_nl80211_event_dellink(drv, ifname);
1440
1441 if (ifi->ifi_family == AF_BRIDGE && brid) {
1442 /* device has been removed from bridge */
1443 char namebuf[IFNAMSIZ];
1444 if_indextoname(brid, namebuf);
1445 wpa_printf(MSG_DEBUG, "nl80211: Remove ifindex %u for bridge "
1446 "%s", brid, namebuf);
1447 del_ifidx(drv, brid);
1448 }
1449 }
1450
1451
1452 static void mlme_event_auth(struct wpa_driver_nl80211_data *drv,
1453 const u8 *frame, size_t len)
1454 {
1455 const struct ieee80211_mgmt *mgmt;
1456 union wpa_event_data event;
1457
1458 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME) &&
1459 drv->force_connect_cmd) {
1460 /*
1461 * Avoid reporting two association events that would confuse
1462 * the core code.
1463 */
1464 wpa_printf(MSG_DEBUG,
1465 "nl80211: Ignore auth event when using driver SME");
1466 return;
1467 }
1468
1469 wpa_printf(MSG_DEBUG, "nl80211: Authenticate event");
1470 mgmt = (const struct ieee80211_mgmt *) frame;
1471 if (len < 24 + sizeof(mgmt->u.auth)) {
1472 wpa_printf(MSG_DEBUG, "nl80211: Too short association event "
1473 "frame");
1474 return;
1475 }
1476
1477 os_memcpy(drv->auth_bssid, mgmt->sa, ETH_ALEN);
1478 os_memset(drv->auth_attempt_bssid, 0, ETH_ALEN);
1479 os_memset(&event, 0, sizeof(event));
1480 os_memcpy(event.auth.peer, mgmt->sa, ETH_ALEN);
1481 event.auth.auth_type = le_to_host16(mgmt->u.auth.auth_alg);
1482 event.auth.auth_transaction =
1483 le_to_host16(mgmt->u.auth.auth_transaction);
1484 event.auth.status_code = le_to_host16(mgmt->u.auth.status_code);
1485 if (len > 24 + sizeof(mgmt->u.auth)) {
1486 event.auth.ies = mgmt->u.auth.variable;
1487 event.auth.ies_len = len - 24 - sizeof(mgmt->u.auth);
1488 }
1489
1490 wpa_supplicant_event(drv->ctx, EVENT_AUTH, &event);
1491 }
1492
1493
1494 static unsigned int nl80211_get_assoc_freq(struct wpa_driver_nl80211_data *drv)
1495 {
1496 struct nl_msg *msg;
1497 int ret;
1498 struct nl80211_bss_info_arg arg;
1499
1500 os_memset(&arg, 0, sizeof(arg));
1501 msg = nlmsg_alloc();
1502 if (!msg)
1503 goto nla_put_failure;
1504
1505 nl80211_cmd(drv, msg, NLM_F_DUMP, NL80211_CMD_GET_SCAN);
1506 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
1507
1508 arg.drv = drv;
1509 ret = send_and_recv_msgs(drv, msg, bss_info_handler, &arg);
1510 msg = NULL;
1511 if (ret == 0) {
1512 unsigned int freq = drv->nlmode == NL80211_IFTYPE_ADHOC ?
1513 arg.ibss_freq : arg.assoc_freq;
1514 wpa_printf(MSG_DEBUG, "nl80211: Operating frequency for the "
1515 "associated BSS from scan results: %u MHz", freq);
1516 if (freq)
1517 drv->assoc_freq = freq;
1518 return drv->assoc_freq;
1519 }
1520 wpa_printf(MSG_DEBUG, "nl80211: Scan result fetch failed: ret=%d "
1521 "(%s)", ret, strerror(-ret));
1522 nla_put_failure:
1523 nlmsg_free(msg);
1524 return drv->assoc_freq;
1525 }
1526
1527
1528 static void mlme_event_assoc(struct wpa_driver_nl80211_data *drv,
1529 const u8 *frame, size_t len)
1530 {
1531 const struct ieee80211_mgmt *mgmt;
1532 union wpa_event_data event;
1533 u16 status;
1534
1535 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME) &&
1536 drv->force_connect_cmd) {
1537 /*
1538 * Avoid reporting two association events that would confuse
1539 * the core code.
1540 */
1541 wpa_printf(MSG_DEBUG,
1542 "nl80211: Ignore assoc event when using driver SME");
1543 return;
1544 }
1545
1546 wpa_printf(MSG_DEBUG, "nl80211: Associate event");
1547 mgmt = (const struct ieee80211_mgmt *) frame;
1548 if (len < 24 + sizeof(mgmt->u.assoc_resp)) {
1549 wpa_printf(MSG_DEBUG, "nl80211: Too short association event "
1550 "frame");
1551 return;
1552 }
1553
1554 status = le_to_host16(mgmt->u.assoc_resp.status_code);
1555 if (status != WLAN_STATUS_SUCCESS) {
1556 os_memset(&event, 0, sizeof(event));
1557 event.assoc_reject.bssid = mgmt->bssid;
1558 if (len > 24 + sizeof(mgmt->u.assoc_resp)) {
1559 event.assoc_reject.resp_ies =
1560 (u8 *) mgmt->u.assoc_resp.variable;
1561 event.assoc_reject.resp_ies_len =
1562 len - 24 - sizeof(mgmt->u.assoc_resp);
1563 }
1564 event.assoc_reject.status_code = status;
1565
1566 wpa_supplicant_event(drv->ctx, EVENT_ASSOC_REJECT, &event);
1567 return;
1568 }
1569
1570 drv->associated = 1;
1571 os_memcpy(drv->bssid, mgmt->sa, ETH_ALEN);
1572 os_memcpy(drv->prev_bssid, mgmt->sa, ETH_ALEN);
1573
1574 os_memset(&event, 0, sizeof(event));
1575 if (len > 24 + sizeof(mgmt->u.assoc_resp)) {
1576 event.assoc_info.resp_ies = (u8 *) mgmt->u.assoc_resp.variable;
1577 event.assoc_info.resp_ies_len =
1578 len - 24 - sizeof(mgmt->u.assoc_resp);
1579 }
1580
1581 event.assoc_info.freq = drv->assoc_freq;
1582
1583 wpa_supplicant_event(drv->ctx, EVENT_ASSOC, &event);
1584 }
1585
1586
1587 static void mlme_event_connect(struct wpa_driver_nl80211_data *drv,
1588 enum nl80211_commands cmd, struct nlattr *status,
1589 struct nlattr *addr, struct nlattr *req_ie,
1590 struct nlattr *resp_ie)
1591 {
1592 union wpa_event_data event;
1593
1594 if (drv->capa.flags & WPA_DRIVER_FLAGS_SME) {
1595 /*
1596 * Avoid reporting two association events that would confuse
1597 * the core code.
1598 */
1599 wpa_printf(MSG_DEBUG, "nl80211: Ignore connect event (cmd=%d) "
1600 "when using userspace SME", cmd);
1601 return;
1602 }
1603
1604 if (cmd == NL80211_CMD_CONNECT)
1605 wpa_printf(MSG_DEBUG, "nl80211: Connect event");
1606 else if (cmd == NL80211_CMD_ROAM)
1607 wpa_printf(MSG_DEBUG, "nl80211: Roam event");
1608
1609 os_memset(&event, 0, sizeof(event));
1610 if (cmd == NL80211_CMD_CONNECT &&
1611 nla_get_u16(status) != WLAN_STATUS_SUCCESS) {
1612 if (addr)
1613 event.assoc_reject.bssid = nla_data(addr);
1614 if (resp_ie) {
1615 event.assoc_reject.resp_ies = nla_data(resp_ie);
1616 event.assoc_reject.resp_ies_len = nla_len(resp_ie);
1617 }
1618 event.assoc_reject.status_code = nla_get_u16(status);
1619 wpa_supplicant_event(drv->ctx, EVENT_ASSOC_REJECT, &event);
1620 return;
1621 }
1622
1623 drv->associated = 1;
1624 if (addr) {
1625 os_memcpy(drv->bssid, nla_data(addr), ETH_ALEN);
1626 os_memcpy(drv->prev_bssid, drv->bssid, ETH_ALEN);
1627 }
1628
1629 if (req_ie) {
1630 event.assoc_info.req_ies = nla_data(req_ie);
1631 event.assoc_info.req_ies_len = nla_len(req_ie);
1632 }
1633 if (resp_ie) {
1634 event.assoc_info.resp_ies = nla_data(resp_ie);
1635 event.assoc_info.resp_ies_len = nla_len(resp_ie);
1636 }
1637
1638 event.assoc_info.freq = nl80211_get_assoc_freq(drv);
1639
1640 wpa_supplicant_event(drv->ctx, EVENT_ASSOC, &event);
1641 }
1642
1643
1644 static void mlme_event_disconnect(struct wpa_driver_nl80211_data *drv,
1645 struct nlattr *reason, struct nlattr *addr,
1646 struct nlattr *by_ap)
1647 {
1648 union wpa_event_data data;
1649 unsigned int locally_generated = by_ap == NULL;
1650
1651 if (drv->capa.flags & WPA_DRIVER_FLAGS_SME) {
1652 /*
1653 * Avoid reporting two disassociation events that could
1654 * confuse the core code.
1655 */
1656 wpa_printf(MSG_DEBUG, "nl80211: Ignore disconnect "
1657 "event when using userspace SME");
1658 return;
1659 }
1660
1661 if (drv->ignore_next_local_disconnect) {
1662 drv->ignore_next_local_disconnect = 0;
1663 if (locally_generated) {
1664 wpa_printf(MSG_DEBUG, "nl80211: Ignore disconnect "
1665 "event triggered during reassociation");
1666 return;
1667 }
1668 wpa_printf(MSG_WARNING, "nl80211: Was expecting local "
1669 "disconnect but got another disconnect "
1670 "event first");
1671 }
1672
1673 wpa_printf(MSG_DEBUG, "nl80211: Disconnect event");
1674 nl80211_mark_disconnected(drv);
1675 os_memset(&data, 0, sizeof(data));
1676 if (reason)
1677 data.deauth_info.reason_code = nla_get_u16(reason);
1678 data.deauth_info.locally_generated = by_ap == NULL;
1679 wpa_supplicant_event(drv->ctx, EVENT_DEAUTH, &data);
1680 }
1681
1682
1683 static int calculate_chan_offset(int width, int freq, int cf1, int cf2)
1684 {
1685 int freq1 = 0;
1686
1687 switch (convert2width(width)) {
1688 case CHAN_WIDTH_20_NOHT:
1689 case CHAN_WIDTH_20:
1690 return 0;
1691 case CHAN_WIDTH_40:
1692 freq1 = cf1 - 10;
1693 break;
1694 case CHAN_WIDTH_80:
1695 freq1 = cf1 - 30;
1696 break;
1697 case CHAN_WIDTH_160:
1698 freq1 = cf1 - 70;
1699 break;
1700 case CHAN_WIDTH_UNKNOWN:
1701 case CHAN_WIDTH_80P80:
1702 /* FIXME: implement this */
1703 return 0;
1704 }
1705
1706 return (abs(freq - freq1) / 20) % 2 == 0 ? 1 : -1;
1707 }
1708
1709
1710 static void mlme_event_ch_switch(struct wpa_driver_nl80211_data *drv,
1711 struct nlattr *ifindex, struct nlattr *freq,
1712 struct nlattr *type, struct nlattr *bw,
1713 struct nlattr *cf1, struct nlattr *cf2)
1714 {
1715 struct i802_bss *bss;
1716 union wpa_event_data data;
1717 int ht_enabled = 1;
1718 int chan_offset = 0;
1719 int ifidx;
1720
1721 wpa_printf(MSG_DEBUG, "nl80211: Channel switch event");
1722
1723 if (!freq)
1724 return;
1725
1726 ifidx = nla_get_u32(ifindex);
1727 bss = get_bss_ifindex(drv, ifidx);
1728 if (bss == NULL) {
1729 wpa_printf(MSG_WARNING, "nl80211: Unknown ifindex (%d) for channel switch, ignoring",
1730 ifidx);
1731 return;
1732 }
1733
1734 if (type) {
1735 switch (nla_get_u32(type)) {
1736 case NL80211_CHAN_NO_HT:
1737 ht_enabled = 0;
1738 break;
1739 case NL80211_CHAN_HT20:
1740 break;
1741 case NL80211_CHAN_HT40PLUS:
1742 chan_offset = 1;
1743 break;
1744 case NL80211_CHAN_HT40MINUS:
1745 chan_offset = -1;
1746 break;
1747 }
1748 } else if (bw && cf1) {
1749 /* This can happen for example with VHT80 ch switch */
1750 chan_offset = calculate_chan_offset(nla_get_u32(bw),
1751 nla_get_u32(freq),
1752 nla_get_u32(cf1),
1753 cf2 ? nla_get_u32(cf2) : 0);
1754 } else {
1755 wpa_printf(MSG_WARNING, "nl80211: Unknown secondary channel information - following channel definition calculations may fail");
1756 }
1757
1758 os_memset(&data, 0, sizeof(data));
1759 data.ch_switch.freq = nla_get_u32(freq);
1760 data.ch_switch.ht_enabled = ht_enabled;
1761 data.ch_switch.ch_offset = chan_offset;
1762 if (bw)
1763 data.ch_switch.ch_width = convert2width(nla_get_u32(bw));
1764 if (cf1)
1765 data.ch_switch.cf1 = nla_get_u32(cf1);
1766 if (cf2)
1767 data.ch_switch.cf2 = nla_get_u32(cf2);
1768
1769 bss->freq = data.ch_switch.freq;
1770
1771 wpa_supplicant_event(bss->ctx, EVENT_CH_SWITCH, &data);
1772 }
1773
1774
1775 static void mlme_timeout_event(struct wpa_driver_nl80211_data *drv,
1776 enum nl80211_commands cmd, struct nlattr *addr)
1777 {
1778 union wpa_event_data event;
1779 enum wpa_event_type ev;
1780
1781 if (nla_len(addr) != ETH_ALEN)
1782 return;
1783
1784 wpa_printf(MSG_DEBUG, "nl80211: MLME event %d; timeout with " MACSTR,
1785 cmd, MAC2STR((u8 *) nla_data(addr)));
1786
1787 if (cmd == NL80211_CMD_AUTHENTICATE)
1788 ev = EVENT_AUTH_TIMED_OUT;
1789 else if (cmd == NL80211_CMD_ASSOCIATE)
1790 ev = EVENT_ASSOC_TIMED_OUT;
1791 else
1792 return;
1793
1794 os_memset(&event, 0, sizeof(event));
1795 os_memcpy(event.timeout_event.addr, nla_data(addr), ETH_ALEN);
1796 wpa_supplicant_event(drv->ctx, ev, &event);
1797 }
1798
1799
1800 static void mlme_event_mgmt(struct i802_bss *bss,
1801 struct nlattr *freq, struct nlattr *sig,
1802 const u8 *frame, size_t len)
1803 {
1804 struct wpa_driver_nl80211_data *drv = bss->drv;
1805 const struct ieee80211_mgmt *mgmt;
1806 union wpa_event_data event;
1807 u16 fc, stype;
1808 int ssi_signal = 0;
1809 int rx_freq = 0;
1810
1811 wpa_printf(MSG_MSGDUMP, "nl80211: Frame event");
1812 mgmt = (const struct ieee80211_mgmt *) frame;
1813 if (len < 24) {
1814 wpa_printf(MSG_DEBUG, "nl80211: Too short management frame");
1815 return;
1816 }
1817
1818 fc = le_to_host16(mgmt->frame_control);
1819 stype = WLAN_FC_GET_STYPE(fc);
1820
1821 if (sig)
1822 ssi_signal = (s32) nla_get_u32(sig);
1823
1824 os_memset(&event, 0, sizeof(event));
1825 if (freq) {
1826 event.rx_mgmt.freq = nla_get_u32(freq);
1827 rx_freq = drv->last_mgmt_freq = event.rx_mgmt.freq;
1828 }
1829 wpa_printf(MSG_DEBUG,
1830 "nl80211: RX frame sa=" MACSTR
1831 " freq=%d ssi_signal=%d stype=%u (%s) len=%u",
1832 MAC2STR(mgmt->sa), rx_freq, ssi_signal, stype, fc2str(fc),
1833 (unsigned int) len);
1834 event.rx_mgmt.frame = frame;
1835 event.rx_mgmt.frame_len = len;
1836 event.rx_mgmt.ssi_signal = ssi_signal;
1837 event.rx_mgmt.drv_priv = bss;
1838 wpa_supplicant_event(drv->ctx, EVENT_RX_MGMT, &event);
1839 }
1840
1841
1842 static void mlme_event_mgmt_tx_status(struct wpa_driver_nl80211_data *drv,
1843 struct nlattr *cookie, const u8 *frame,
1844 size_t len, struct nlattr *ack)
1845 {
1846 union wpa_event_data event;
1847 const struct ieee80211_hdr *hdr;
1848 u16 fc;
1849
1850 wpa_printf(MSG_DEBUG, "nl80211: Frame TX status event");
1851 if (!is_ap_interface(drv->nlmode)) {
1852 u64 cookie_val;
1853
1854 if (!cookie)
1855 return;
1856
1857 cookie_val = nla_get_u64(cookie);
1858 wpa_printf(MSG_DEBUG, "nl80211: Action TX status:"
1859 " cookie=0%llx%s (ack=%d)",
1860 (long long unsigned int) cookie_val,
1861 cookie_val == drv->send_action_cookie ?
1862 " (match)" : " (unknown)", ack != NULL);
1863 if (cookie_val != drv->send_action_cookie)
1864 return;
1865 }
1866
1867 hdr = (const struct ieee80211_hdr *) frame;
1868 fc = le_to_host16(hdr->frame_control);
1869
1870 os_memset(&event, 0, sizeof(event));
1871 event.tx_status.type = WLAN_FC_GET_TYPE(fc);
1872 event.tx_status.stype = WLAN_FC_GET_STYPE(fc);
1873 event.tx_status.dst = hdr->addr1;
1874 event.tx_status.data = frame;
1875 event.tx_status.data_len = len;
1876 event.tx_status.ack = ack != NULL;
1877 wpa_supplicant_event(drv->ctx, EVENT_TX_STATUS, &event);
1878 }
1879
1880
1881 static void mlme_event_deauth_disassoc(struct wpa_driver_nl80211_data *drv,
1882 enum wpa_event_type type,
1883 const u8 *frame, size_t len)
1884 {
1885 const struct ieee80211_mgmt *mgmt;
1886 union wpa_event_data event;
1887 const u8 *bssid = NULL;
1888 u16 reason_code = 0;
1889
1890 if (type == EVENT_DEAUTH)
1891 wpa_printf(MSG_DEBUG, "nl80211: Deauthenticate event");
1892 else
1893 wpa_printf(MSG_DEBUG, "nl80211: Disassociate event");
1894
1895 mgmt = (const struct ieee80211_mgmt *) frame;
1896 if (len >= 24) {
1897 bssid = mgmt->bssid;
1898
1899 if ((drv->capa.flags & WPA_DRIVER_FLAGS_SME) &&
1900 !drv->associated &&
1901 os_memcmp(bssid, drv->auth_bssid, ETH_ALEN) != 0 &&
1902 os_memcmp(bssid, drv->auth_attempt_bssid, ETH_ALEN) != 0 &&
1903 os_memcmp(bssid, drv->prev_bssid, ETH_ALEN) == 0) {
1904 /*
1905 * Avoid issues with some roaming cases where
1906 * disconnection event for the old AP may show up after
1907 * we have started connection with the new AP.
1908 */
1909 wpa_printf(MSG_DEBUG, "nl80211: Ignore deauth/disassoc event from old AP " MACSTR " when already authenticating with " MACSTR,
1910 MAC2STR(bssid),
1911 MAC2STR(drv->auth_attempt_bssid));
1912 return;
1913 }
1914
1915 if (drv->associated != 0 &&
1916 os_memcmp(bssid, drv->bssid, ETH_ALEN) != 0 &&
1917 os_memcmp(bssid, drv->auth_bssid, ETH_ALEN) != 0) {
1918 /*
1919 * We have presumably received this deauth as a
1920 * response to a clear_state_mismatch() outgoing
1921 * deauth. Don't let it take us offline!
1922 */
1923 wpa_printf(MSG_DEBUG, "nl80211: Deauth received "
1924 "from Unknown BSSID " MACSTR " -- ignoring",
1925 MAC2STR(bssid));
1926 return;
1927 }
1928 }
1929
1930 nl80211_mark_disconnected(drv);
1931 os_memset(&event, 0, sizeof(event));
1932
1933 /* Note: Same offset for Reason Code in both frame subtypes */
1934 if (len >= 24 + sizeof(mgmt->u.deauth))
1935 reason_code = le_to_host16(mgmt->u.deauth.reason_code);
1936
1937 if (type == EVENT_DISASSOC) {
1938 event.disassoc_info.locally_generated =
1939 !os_memcmp(mgmt->sa, drv->first_bss->addr, ETH_ALEN);
1940 event.disassoc_info.addr = bssid;
1941 event.disassoc_info.reason_code = reason_code;
1942 if (frame + len > mgmt->u.disassoc.variable) {
1943 event.disassoc_info.ie = mgmt->u.disassoc.variable;
1944 event.disassoc_info.ie_len = frame + len -
1945 mgmt->u.disassoc.variable;
1946 }
1947 } else {
1948 if (drv->ignore_deauth_event) {
1949 wpa_printf(MSG_DEBUG, "nl80211: Ignore deauth event due to previous forced deauth-during-auth");
1950 drv->ignore_deauth_event = 0;
1951 return;
1952 }
1953 event.deauth_info.locally_generated =
1954 !os_memcmp(mgmt->sa, drv->first_bss->addr, ETH_ALEN);
1955 if (drv->ignore_next_local_deauth) {
1956 drv->ignore_next_local_deauth = 0;
1957 if (event.deauth_info.locally_generated) {
1958 wpa_printf(MSG_DEBUG, "nl80211: Ignore deauth event triggered due to own deauth request");
1959 return;
1960 }
1961 wpa_printf(MSG_WARNING, "nl80211: Was expecting local deauth but got another disconnect event first");
1962 }
1963 event.deauth_info.addr = bssid;
1964 event.deauth_info.reason_code = reason_code;
1965 if (frame + len > mgmt->u.deauth.variable) {
1966 event.deauth_info.ie = mgmt->u.deauth.variable;
1967 event.deauth_info.ie_len = frame + len -
1968 mgmt->u.deauth.variable;
1969 }
1970 }
1971
1972 wpa_supplicant_event(drv->ctx, type, &event);
1973 }
1974
1975
1976 static void mlme_event_unprot_disconnect(struct wpa_driver_nl80211_data *drv,
1977 enum wpa_event_type type,
1978 const u8 *frame, size_t len)
1979 {
1980 const struct ieee80211_mgmt *mgmt;
1981 union wpa_event_data event;
1982 u16 reason_code = 0;
1983
1984 if (type == EVENT_UNPROT_DEAUTH)
1985 wpa_printf(MSG_DEBUG, "nl80211: Unprot Deauthenticate event");
1986 else
1987 wpa_printf(MSG_DEBUG, "nl80211: Unprot Disassociate event");
1988
1989 if (len < 24)
1990 return;
1991
1992 mgmt = (const struct ieee80211_mgmt *) frame;
1993
1994 os_memset(&event, 0, sizeof(event));
1995 /* Note: Same offset for Reason Code in both frame subtypes */
1996 if (len >= 24 + sizeof(mgmt->u.deauth))
1997 reason_code = le_to_host16(mgmt->u.deauth.reason_code);
1998
1999 if (type == EVENT_UNPROT_DISASSOC) {
2000 event.unprot_disassoc.sa = mgmt->sa;
2001 event.unprot_disassoc.da = mgmt->da;
2002 event.unprot_disassoc.reason_code = reason_code;
2003 } else {
2004 event.unprot_deauth.sa = mgmt->sa;
2005 event.unprot_deauth.da = mgmt->da;
2006 event.unprot_deauth.reason_code = reason_code;
2007 }
2008
2009 wpa_supplicant_event(drv->ctx, type, &event);
2010 }
2011
2012
2013 static void mlme_event(struct i802_bss *bss,
2014 enum nl80211_commands cmd, struct nlattr *frame,
2015 struct nlattr *addr, struct nlattr *timed_out,
2016 struct nlattr *freq, struct nlattr *ack,
2017 struct nlattr *cookie, struct nlattr *sig)
2018 {
2019 struct wpa_driver_nl80211_data *drv = bss->drv;
2020 const u8 *data;
2021 size_t len;
2022
2023 if (timed_out && addr) {
2024 mlme_timeout_event(drv, cmd, addr);
2025 return;
2026 }
2027
2028 if (frame == NULL) {
2029 wpa_printf(MSG_DEBUG,
2030 "nl80211: MLME event %d (%s) without frame data",
2031 cmd, nl80211_command_to_string(cmd));
2032 return;
2033 }
2034
2035 data = nla_data(frame);
2036 len = nla_len(frame);
2037 if (len < 4 + 2 * ETH_ALEN) {
2038 wpa_printf(MSG_MSGDUMP, "nl80211: MLME event %d (%s) on %s("
2039 MACSTR ") - too short",
2040 cmd, nl80211_command_to_string(cmd), bss->ifname,
2041 MAC2STR(bss->addr));
2042 return;
2043 }
2044 wpa_printf(MSG_MSGDUMP, "nl80211: MLME event %d (%s) on %s(" MACSTR
2045 ") A1=" MACSTR " A2=" MACSTR, cmd,
2046 nl80211_command_to_string(cmd), bss->ifname,
2047 MAC2STR(bss->addr), MAC2STR(data + 4),
2048 MAC2STR(data + 4 + ETH_ALEN));
2049 if (cmd != NL80211_CMD_FRAME_TX_STATUS && !(data[4] & 0x01) &&
2050 os_memcmp(bss->addr, data + 4, ETH_ALEN) != 0 &&
2051 os_memcmp(bss->addr, data + 4 + ETH_ALEN, ETH_ALEN) != 0) {
2052 wpa_printf(MSG_MSGDUMP, "nl80211: %s: Ignore MLME frame event "
2053 "for foreign address", bss->ifname);
2054 return;
2055 }
2056 wpa_hexdump(MSG_MSGDUMP, "nl80211: MLME event frame",
2057 nla_data(frame), nla_len(frame));
2058
2059 switch (cmd) {
2060 case NL80211_CMD_AUTHENTICATE:
2061 mlme_event_auth(drv, nla_data(frame), nla_len(frame));
2062 break;
2063 case NL80211_CMD_ASSOCIATE:
2064 mlme_event_assoc(drv, nla_data(frame), nla_len(frame));
2065 break;
2066 case NL80211_CMD_DEAUTHENTICATE:
2067 mlme_event_deauth_disassoc(drv, EVENT_DEAUTH,
2068 nla_data(frame), nla_len(frame));
2069 break;
2070 case NL80211_CMD_DISASSOCIATE:
2071 mlme_event_deauth_disassoc(drv, EVENT_DISASSOC,
2072 nla_data(frame), nla_len(frame));
2073 break;
2074 case NL80211_CMD_FRAME:
2075 mlme_event_mgmt(bss, freq, sig, nla_data(frame),
2076 nla_len(frame));
2077 break;
2078 case NL80211_CMD_FRAME_TX_STATUS:
2079 mlme_event_mgmt_tx_status(drv, cookie, nla_data(frame),
2080 nla_len(frame), ack);
2081 break;
2082 case NL80211_CMD_UNPROT_DEAUTHENTICATE:
2083 mlme_event_unprot_disconnect(drv, EVENT_UNPROT_DEAUTH,
2084 nla_data(frame), nla_len(frame));
2085 break;
2086 case NL80211_CMD_UNPROT_DISASSOCIATE:
2087 mlme_event_unprot_disconnect(drv, EVENT_UNPROT_DISASSOC,
2088 nla_data(frame), nla_len(frame));
2089 break;
2090 default:
2091 break;
2092 }
2093 }
2094
2095
2096 static void mlme_event_michael_mic_failure(struct i802_bss *bss,
2097 struct nlattr *tb[])
2098 {
2099 union wpa_event_data data;
2100
2101 wpa_printf(MSG_DEBUG, "nl80211: MLME event Michael MIC failure");
2102 os_memset(&data, 0, sizeof(data));
2103 if (tb[NL80211_ATTR_MAC]) {
2104 wpa_hexdump(MSG_DEBUG, "nl80211: Source MAC address",
2105 nla_data(tb[NL80211_ATTR_MAC]),
2106 nla_len(tb[NL80211_ATTR_MAC]));
2107 data.michael_mic_failure.src = nla_data(tb[NL80211_ATTR_MAC]);
2108 }
2109 if (tb[NL80211_ATTR_KEY_SEQ]) {
2110 wpa_hexdump(MSG_DEBUG, "nl80211: TSC",
2111 nla_data(tb[NL80211_ATTR_KEY_SEQ]),
2112 nla_len(tb[NL80211_ATTR_KEY_SEQ]));
2113 }
2114 if (tb[NL80211_ATTR_KEY_TYPE]) {
2115 enum nl80211_key_type key_type =
2116 nla_get_u32(tb[NL80211_ATTR_KEY_TYPE]);
2117 wpa_printf(MSG_DEBUG, "nl80211: Key Type %d", key_type);
2118 if (key_type == NL80211_KEYTYPE_PAIRWISE)
2119 data.michael_mic_failure.unicast = 1;
2120 } else
2121 data.michael_mic_failure.unicast = 1;
2122
2123 if (tb[NL80211_ATTR_KEY_IDX]) {
2124 u8 key_id = nla_get_u8(tb[NL80211_ATTR_KEY_IDX]);
2125 wpa_printf(MSG_DEBUG, "nl80211: Key Id %d", key_id);
2126 }
2127
2128 wpa_supplicant_event(bss->ctx, EVENT_MICHAEL_MIC_FAILURE, &data);
2129 }
2130
2131
2132 static void mlme_event_join_ibss(struct wpa_driver_nl80211_data *drv,
2133 struct nlattr *tb[])
2134 {
2135 unsigned int freq;
2136
2137 if (tb[NL80211_ATTR_MAC] == NULL) {
2138 wpa_printf(MSG_DEBUG, "nl80211: No address in IBSS joined "
2139 "event");
2140 return;
2141 }
2142 os_memcpy(drv->bssid, nla_data(tb[NL80211_ATTR_MAC]), ETH_ALEN);
2143
2144 drv->associated = 1;
2145 wpa_printf(MSG_DEBUG, "nl80211: IBSS " MACSTR " joined",
2146 MAC2STR(drv->bssid));
2147
2148 freq = nl80211_get_assoc_freq(drv);
2149 if (freq) {
2150 wpa_printf(MSG_DEBUG, "nl80211: IBSS on frequency %u MHz",
2151 freq);
2152 drv->first_bss->freq = freq;
2153 }
2154
2155 wpa_supplicant_event(drv->ctx, EVENT_ASSOC, NULL);
2156 }
2157
2158
2159 static void mlme_event_remain_on_channel(struct wpa_driver_nl80211_data *drv,
2160 int cancel_event, struct nlattr *tb[])
2161 {
2162 unsigned int freq, chan_type, duration;
2163 union wpa_event_data data;
2164 u64 cookie;
2165
2166 if (tb[NL80211_ATTR_WIPHY_FREQ])
2167 freq = nla_get_u32(tb[NL80211_ATTR_WIPHY_FREQ]);
2168 else
2169 freq = 0;
2170
2171 if (tb[NL80211_ATTR_WIPHY_CHANNEL_TYPE])
2172 chan_type = nla_get_u32(tb[NL80211_ATTR_WIPHY_CHANNEL_TYPE]);
2173 else
2174 chan_type = 0;
2175
2176 if (tb[NL80211_ATTR_DURATION])
2177 duration = nla_get_u32(tb[NL80211_ATTR_DURATION]);
2178 else
2179 duration = 0;
2180
2181 if (tb[NL80211_ATTR_COOKIE])
2182 cookie = nla_get_u64(tb[NL80211_ATTR_COOKIE]);
2183 else
2184 cookie = 0;
2185
2186 wpa_printf(MSG_DEBUG, "nl80211: Remain-on-channel event (cancel=%d "
2187 "freq=%u channel_type=%u duration=%u cookie=0x%llx (%s))",
2188 cancel_event, freq, chan_type, duration,
2189 (long long unsigned int) cookie,
2190 cookie == drv->remain_on_chan_cookie ? "match" : "unknown");
2191
2192 if (cookie != drv->remain_on_chan_cookie)
2193 return; /* not for us */
2194
2195 if (cancel_event)
2196 drv->pending_remain_on_chan = 0;
2197
2198 os_memset(&data, 0, sizeof(data));
2199 data.remain_on_channel.freq = freq;
2200 data.remain_on_channel.duration = duration;
2201 wpa_supplicant_event(drv->ctx, cancel_event ?
2202 EVENT_CANCEL_REMAIN_ON_CHANNEL :
2203 EVENT_REMAIN_ON_CHANNEL, &data);
2204 }
2205
2206
2207 static void mlme_event_ft_event(struct wpa_driver_nl80211_data *drv,
2208 struct nlattr *tb[])
2209 {
2210 union wpa_event_data data;
2211
2212 os_memset(&data, 0, sizeof(data));
2213
2214 if (tb[NL80211_ATTR_IE]) {
2215 data.ft_ies.ies = nla_data(tb[NL80211_ATTR_IE]);
2216 data.ft_ies.ies_len = nla_len(tb[NL80211_ATTR_IE]);
2217 }
2218
2219 if (tb[NL80211_ATTR_IE_RIC]) {
2220 data.ft_ies.ric_ies = nla_data(tb[NL80211_ATTR_IE_RIC]);
2221 data.ft_ies.ric_ies_len = nla_len(tb[NL80211_ATTR_IE_RIC]);
2222 }
2223
2224 if (tb[NL80211_ATTR_MAC])
2225 os_memcpy(data.ft_ies.target_ap,
2226 nla_data(tb[NL80211_ATTR_MAC]), ETH_ALEN);
2227
2228 wpa_printf(MSG_DEBUG, "nl80211: FT event target_ap " MACSTR,
2229 MAC2STR(data.ft_ies.target_ap));
2230
2231 wpa_supplicant_event(drv->ctx, EVENT_FT_RESPONSE, &data);
2232 }
2233
2234
2235 static void send_scan_event(struct wpa_driver_nl80211_data *drv, int aborted,
2236 struct nlattr *tb[])
2237 {
2238 union wpa_event_data event;
2239 struct nlattr *nl;
2240 int rem;
2241 struct scan_info *info;
2242 #define MAX_REPORT_FREQS 50
2243 int freqs[MAX_REPORT_FREQS];
2244 int num_freqs = 0;
2245
2246 if (drv->scan_for_auth) {
2247 drv->scan_for_auth = 0;
2248 wpa_printf(MSG_DEBUG, "nl80211: Scan results for missing "
2249 "cfg80211 BSS entry");
2250 wpa_driver_nl80211_authenticate_retry(drv);
2251 return;
2252 }
2253
2254 os_memset(&event, 0, sizeof(event));
2255 info = &event.scan_info;
2256 info->aborted = aborted;
2257
2258 if (tb[NL80211_ATTR_SCAN_SSIDS]) {
2259 nla_for_each_nested(nl, tb[NL80211_ATTR_SCAN_SSIDS], rem) {
2260 struct wpa_driver_scan_ssid *s =
2261 &info->ssids[info->num_ssids];
2262 s->ssid = nla_data(nl);
2263 s->ssid_len = nla_len(nl);
2264 wpa_printf(MSG_DEBUG, "nl80211: Scan probed for SSID '%s'",
2265 wpa_ssid_txt(s->ssid, s->ssid_len));
2266 info->num_ssids++;
2267 if (info->num_ssids == WPAS_MAX_SCAN_SSIDS)
2268 break;
2269 }
2270 }
2271 if (tb[NL80211_ATTR_SCAN_FREQUENCIES]) {
2272 char msg[200], *pos, *end;
2273 int res;
2274
2275 pos = msg;
2276 end = pos + sizeof(msg);
2277 *pos = '\0';
2278
2279 nla_for_each_nested(nl, tb[NL80211_ATTR_SCAN_FREQUENCIES], rem)
2280 {
2281 freqs[num_freqs] = nla_get_u32(nl);
2282 res = os_snprintf(pos, end - pos, " %d",
2283 freqs[num_freqs]);
2284 if (res > 0 && end - pos > res)
2285 pos += res;
2286 num_freqs++;
2287 if (num_freqs == MAX_REPORT_FREQS - 1)
2288 break;
2289 }
2290 info->freqs = freqs;
2291 info->num_freqs = num_freqs;
2292 wpa_printf(MSG_DEBUG, "nl80211: Scan included frequencies:%s",
2293 msg);
2294 }
2295 wpa_supplicant_event(drv->ctx, EVENT_SCAN_RESULTS, &event);
2296 }
2297
2298
2299 static int get_link_signal(struct nl_msg *msg, void *arg)
2300 {
2301 struct nlattr *tb[NL80211_ATTR_MAX + 1];
2302 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
2303 struct nlattr *sinfo[NL80211_STA_INFO_MAX + 1];
2304 static struct nla_policy policy[NL80211_STA_INFO_MAX + 1] = {
2305 [NL80211_STA_INFO_SIGNAL] = { .type = NLA_U8 },
2306 [NL80211_STA_INFO_SIGNAL_AVG] = { .type = NLA_U8 },
2307 };
2308 struct nlattr *rinfo[NL80211_RATE_INFO_MAX + 1];
2309 static struct nla_policy rate_policy[NL80211_RATE_INFO_MAX + 1] = {
2310 [NL80211_RATE_INFO_BITRATE] = { .type = NLA_U16 },
2311 [NL80211_RATE_INFO_MCS] = { .type = NLA_U8 },
2312 [NL80211_RATE_INFO_40_MHZ_WIDTH] = { .type = NLA_FLAG },
2313 [NL80211_RATE_INFO_SHORT_GI] = { .type = NLA_FLAG },
2314 };
2315 struct wpa_signal_info *sig_change = arg;
2316
2317 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
2318 genlmsg_attrlen(gnlh, 0), NULL);
2319 if (!tb[NL80211_ATTR_STA_INFO] ||
2320 nla_parse_nested(sinfo, NL80211_STA_INFO_MAX,
2321 tb[NL80211_ATTR_STA_INFO], policy))
2322 return NL_SKIP;
2323 if (!sinfo[NL80211_STA_INFO_SIGNAL])
2324 return NL_SKIP;
2325
2326 sig_change->current_signal =
2327 (s8) nla_get_u8(sinfo[NL80211_STA_INFO_SIGNAL]);
2328
2329 if (sinfo[NL80211_STA_INFO_SIGNAL_AVG])
2330 sig_change->avg_signal =
2331 (s8) nla_get_u8(sinfo[NL80211_STA_INFO_SIGNAL_AVG]);
2332 else
2333 sig_change->avg_signal = 0;
2334
2335 if (sinfo[NL80211_STA_INFO_TX_BITRATE]) {
2336 if (nla_parse_nested(rinfo, NL80211_RATE_INFO_MAX,
2337 sinfo[NL80211_STA_INFO_TX_BITRATE],
2338 rate_policy)) {
2339 sig_change->current_txrate = 0;
2340 } else {
2341 if (rinfo[NL80211_RATE_INFO_BITRATE]) {
2342 sig_change->current_txrate =
2343 nla_get_u16(rinfo[
2344 NL80211_RATE_INFO_BITRATE]) * 100;
2345 }
2346 }
2347 }
2348
2349 return NL_SKIP;
2350 }
2351
2352
2353 static int nl80211_get_link_signal(struct wpa_driver_nl80211_data *drv,
2354 struct wpa_signal_info *sig)
2355 {
2356 struct nl_msg *msg;
2357
2358 sig->current_signal = -9999;
2359 sig->current_txrate = 0;
2360
2361 msg = nlmsg_alloc();
2362 if (!msg)
2363 return -ENOMEM;
2364
2365 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_STATION);
2366
2367 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
2368 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, drv->bssid);
2369
2370 return send_and_recv_msgs(drv, msg, get_link_signal, sig);
2371 nla_put_failure:
2372 nlmsg_free(msg);
2373 return -ENOBUFS;
2374 }
2375
2376
2377 static int get_link_noise(struct nl_msg *msg, void *arg)
2378 {
2379 struct nlattr *tb[NL80211_ATTR_MAX + 1];
2380 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
2381 struct nlattr *sinfo[NL80211_SURVEY_INFO_MAX + 1];
2382 static struct nla_policy survey_policy[NL80211_SURVEY_INFO_MAX + 1] = {
2383 [NL80211_SURVEY_INFO_FREQUENCY] = { .type = NLA_U32 },
2384 [NL80211_SURVEY_INFO_NOISE] = { .type = NLA_U8 },
2385 };
2386 struct wpa_signal_info *sig_change = arg;
2387
2388 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
2389 genlmsg_attrlen(gnlh, 0), NULL);
2390
2391 if (!tb[NL80211_ATTR_SURVEY_INFO]) {
2392 wpa_printf(MSG_DEBUG, "nl80211: survey data missing!");
2393 return NL_SKIP;
2394 }
2395
2396 if (nla_parse_nested(sinfo, NL80211_SURVEY_INFO_MAX,
2397 tb[NL80211_ATTR_SURVEY_INFO],
2398 survey_policy)) {
2399 wpa_printf(MSG_DEBUG, "nl80211: failed to parse nested "
2400 "attributes!");
2401 return NL_SKIP;
2402 }
2403
2404 if (!sinfo[NL80211_SURVEY_INFO_FREQUENCY])
2405 return NL_SKIP;
2406
2407 if (nla_get_u32(sinfo[NL80211_SURVEY_INFO_FREQUENCY]) !=
2408 sig_change->frequency)
2409 return NL_SKIP;
2410
2411 if (!sinfo[NL80211_SURVEY_INFO_NOISE])
2412 return NL_SKIP;
2413
2414 sig_change->current_noise =
2415 (s8) nla_get_u8(sinfo[NL80211_SURVEY_INFO_NOISE]);
2416
2417 return NL_SKIP;
2418 }
2419
2420
2421 static int nl80211_get_link_noise(struct wpa_driver_nl80211_data *drv,
2422 struct wpa_signal_info *sig_change)
2423 {
2424 struct nl_msg *msg;
2425
2426 sig_change->current_noise = 9999;
2427 sig_change->frequency = drv->assoc_freq;
2428
2429 msg = nlmsg_alloc();
2430 if (!msg)
2431 return -ENOMEM;
2432
2433 nl80211_cmd(drv, msg, NLM_F_DUMP, NL80211_CMD_GET_SURVEY);
2434
2435 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
2436
2437 return send_and_recv_msgs(drv, msg, get_link_noise, sig_change);
2438 nla_put_failure:
2439 nlmsg_free(msg);
2440 return -ENOBUFS;
2441 }
2442
2443
2444 static int get_noise_for_scan_results(struct nl_msg *msg, void *arg)
2445 {
2446 struct nlattr *tb[NL80211_ATTR_MAX + 1];
2447 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
2448 struct nlattr *sinfo[NL80211_SURVEY_INFO_MAX + 1];
2449 static struct nla_policy survey_policy[NL80211_SURVEY_INFO_MAX + 1] = {
2450 [NL80211_SURVEY_INFO_FREQUENCY] = { .type = NLA_U32 },
2451 [NL80211_SURVEY_INFO_NOISE] = { .type = NLA_U8 },
2452 };
2453 struct wpa_scan_results *scan_results = arg;
2454 struct wpa_scan_res *scan_res;
2455 size_t i;
2456
2457 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
2458 genlmsg_attrlen(gnlh, 0), NULL);
2459
2460 if (!tb[NL80211_ATTR_SURVEY_INFO]) {
2461 wpa_printf(MSG_DEBUG, "nl80211: Survey data missing");
2462 return NL_SKIP;
2463 }
2464
2465 if (nla_parse_nested(sinfo, NL80211_SURVEY_INFO_MAX,
2466 tb[NL80211_ATTR_SURVEY_INFO],
2467 survey_policy)) {
2468 wpa_printf(MSG_DEBUG, "nl80211: Failed to parse nested "
2469 "attributes");
2470 return NL_SKIP;
2471 }
2472
2473 if (!sinfo[NL80211_SURVEY_INFO_NOISE])
2474 return NL_SKIP;
2475
2476 if (!sinfo[NL80211_SURVEY_INFO_FREQUENCY])
2477 return NL_SKIP;
2478
2479 for (i = 0; i < scan_results->num; ++i) {
2480 scan_res = scan_results->res[i];
2481 if (!scan_res)
2482 continue;
2483 if ((int) nla_get_u32(sinfo[NL80211_SURVEY_INFO_FREQUENCY]) !=
2484 scan_res->freq)
2485 continue;
2486 if (!(scan_res->flags & WPA_SCAN_NOISE_INVALID))
2487 continue;
2488 scan_res->noise = (s8)
2489 nla_get_u8(sinfo[NL80211_SURVEY_INFO_NOISE]);
2490 scan_res->flags &= ~WPA_SCAN_NOISE_INVALID;
2491 }
2492
2493 return NL_SKIP;
2494 }
2495
2496
2497 static int nl80211_get_noise_for_scan_results(
2498 struct wpa_driver_nl80211_data *drv,
2499 struct wpa_scan_results *scan_res)
2500 {
2501 struct nl_msg *msg;
2502
2503 msg = nlmsg_alloc();
2504 if (!msg)
2505 return -ENOMEM;
2506
2507 nl80211_cmd(drv, msg, NLM_F_DUMP, NL80211_CMD_GET_SURVEY);
2508
2509 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
2510
2511 return send_and_recv_msgs(drv, msg, get_noise_for_scan_results,
2512 scan_res);
2513 nla_put_failure:
2514 nlmsg_free(msg);
2515 return -ENOBUFS;
2516 }
2517
2518
2519 static void nl80211_cqm_event(struct wpa_driver_nl80211_data *drv,
2520 struct nlattr *tb[])
2521 {
2522 static struct nla_policy cqm_policy[NL80211_ATTR_CQM_MAX + 1] = {
2523 [NL80211_ATTR_CQM_RSSI_THOLD] = { .type = NLA_U32 },
2524 [NL80211_ATTR_CQM_RSSI_HYST] = { .type = NLA_U8 },
2525 [NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT] = { .type = NLA_U32 },
2526 [NL80211_ATTR_CQM_PKT_LOSS_EVENT] = { .type = NLA_U32 },
2527 };
2528 struct nlattr *cqm[NL80211_ATTR_CQM_MAX + 1];
2529 enum nl80211_cqm_rssi_threshold_event event;
2530 union wpa_event_data ed;
2531 struct wpa_signal_info sig;
2532 int res;
2533
2534 if (tb[NL80211_ATTR_CQM] == NULL ||
2535 nla_parse_nested(cqm, NL80211_ATTR_CQM_MAX, tb[NL80211_ATTR_CQM],
2536 cqm_policy)) {
2537 wpa_printf(MSG_DEBUG, "nl80211: Ignore invalid CQM event");
2538 return;
2539 }
2540
2541 os_memset(&ed, 0, sizeof(ed));
2542
2543 if (cqm[NL80211_ATTR_CQM_PKT_LOSS_EVENT]) {
2544 if (!tb[NL80211_ATTR_MAC])
2545 return;
2546 os_memcpy(ed.low_ack.addr, nla_data(tb[NL80211_ATTR_MAC]),
2547 ETH_ALEN);
2548 wpa_supplicant_event(drv->ctx, EVENT_STATION_LOW_ACK, &ed);
2549 return;
2550 }
2551
2552 if (cqm[NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT] == NULL)
2553 return;
2554 event = nla_get_u32(cqm[NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT]);
2555
2556 if (event == NL80211_CQM_RSSI_THRESHOLD_EVENT_HIGH) {
2557 wpa_printf(MSG_DEBUG, "nl80211: Connection quality monitor "
2558 "event: RSSI high");
2559 ed.signal_change.above_threshold = 1;
2560 } else if (event == NL80211_CQM_RSSI_THRESHOLD_EVENT_LOW) {
2561 wpa_printf(MSG_DEBUG, "nl80211: Connection quality monitor "
2562 "event: RSSI low");
2563 ed.signal_change.above_threshold = 0;
2564 } else
2565 return;
2566
2567 res = nl80211_get_link_signal(drv, &sig);
2568 if (res == 0) {
2569 ed.signal_change.current_signal = sig.current_signal;
2570 ed.signal_change.current_txrate = sig.current_txrate;
2571 wpa_printf(MSG_DEBUG, "nl80211: Signal: %d dBm txrate: %d",
2572 sig.current_signal, sig.current_txrate);
2573 }
2574
2575 res = nl80211_get_link_noise(drv, &sig);
2576 if (res == 0) {
2577 ed.signal_change.current_noise = sig.current_noise;
2578 wpa_printf(MSG_DEBUG, "nl80211: Noise: %d dBm",
2579 sig.current_noise);
2580 }
2581
2582 wpa_supplicant_event(drv->ctx, EVENT_SIGNAL_CHANGE, &ed);
2583 }
2584
2585
2586 static void nl80211_new_peer_candidate(struct wpa_driver_nl80211_data *drv,
2587 struct nlattr **tb)
2588 {
2589 const u8 *addr;
2590 union wpa_event_data data;
2591
2592 if (drv->nlmode != NL80211_IFTYPE_MESH_POINT)
2593 return;
2594
2595 if (!tb[NL80211_ATTR_MAC] || !tb[NL80211_ATTR_IE])
2596 return;
2597
2598 addr = nla_data(tb[NL80211_ATTR_MAC]);
2599 wpa_printf(MSG_DEBUG, "nl80211: New peer candidate" MACSTR,
2600 MAC2STR(addr));
2601
2602 os_memset(&data, 0, sizeof(data));
2603 data.mesh_peer.peer = addr;
2604 data.mesh_peer.ies = nla_data(tb[NL80211_ATTR_IE]);
2605 data.mesh_peer.ie_len = nla_len(tb[NL80211_ATTR_IE]);
2606 wpa_supplicant_event(drv->ctx, EVENT_NEW_PEER_CANDIDATE, &data);
2607 }
2608
2609
2610 static void nl80211_new_station_event(struct wpa_driver_nl80211_data *drv,
2611 struct nlattr **tb)
2612 {
2613 u8 *addr;
2614 union wpa_event_data data;
2615
2616 if (tb[NL80211_ATTR_MAC] == NULL)
2617 return;
2618 addr = nla_data(tb[NL80211_ATTR_MAC]);
2619 wpa_printf(MSG_DEBUG, "nl80211: New station " MACSTR, MAC2STR(addr));
2620
2621 if (is_ap_interface(drv->nlmode) && drv->device_ap_sme) {
2622 u8 *ies = NULL;
2623 size_t ies_len = 0;
2624 if (tb[NL80211_ATTR_IE]) {
2625 ies = nla_data(tb[NL80211_ATTR_IE]);
2626 ies_len = nla_len(tb[NL80211_ATTR_IE]);
2627 }
2628 wpa_hexdump(MSG_DEBUG, "nl80211: Assoc Req IEs", ies, ies_len);
2629 drv_event_assoc(drv->ctx, addr, ies, ies_len, 0);
2630 return;
2631 }
2632
2633 if (drv->nlmode != NL80211_IFTYPE_ADHOC)
2634 return;
2635
2636 os_memset(&data, 0, sizeof(data));
2637 os_memcpy(data.ibss_rsn_start.peer, addr, ETH_ALEN);
2638 wpa_supplicant_event(drv->ctx, EVENT_IBSS_RSN_START, &data);
2639 }
2640
2641
2642 static void nl80211_del_station_event(struct wpa_driver_nl80211_data *drv,
2643 struct nlattr **tb)
2644 {
2645 u8 *addr;
2646 union wpa_event_data data;
2647
2648 if (tb[NL80211_ATTR_MAC] == NULL)
2649 return;
2650 addr = nla_data(tb[NL80211_ATTR_MAC]);
2651 wpa_printf(MSG_DEBUG, "nl80211: Delete station " MACSTR,
2652 MAC2STR(addr));
2653
2654 if (is_ap_interface(drv->nlmode) && drv->device_ap_sme) {
2655 drv_event_disassoc(drv->ctx, addr);
2656 return;
2657 }
2658
2659 if (drv->nlmode != NL80211_IFTYPE_ADHOC)
2660 return;
2661
2662 os_memset(&data, 0, sizeof(data));
2663 os_memcpy(data.ibss_peer_lost.peer, addr, ETH_ALEN);
2664 wpa_supplicant_event(drv->ctx, EVENT_IBSS_PEER_LOST, &data);
2665 }
2666
2667
2668 static void nl80211_rekey_offload_event(struct wpa_driver_nl80211_data *drv,
2669 struct nlattr **tb)
2670 {
2671 struct nlattr *rekey_info[NUM_NL80211_REKEY_DATA];
2672 static struct nla_policy rekey_policy[NUM_NL80211_REKEY_DATA] = {
2673 [NL80211_REKEY_DATA_KEK] = {
2674 .minlen = NL80211_KEK_LEN,
2675 .maxlen = NL80211_KEK_LEN,
2676 },
2677 [NL80211_REKEY_DATA_KCK] = {
2678 .minlen = NL80211_KCK_LEN,
2679 .maxlen = NL80211_KCK_LEN,
2680 },
2681 [NL80211_REKEY_DATA_REPLAY_CTR] = {
2682 .minlen = NL80211_REPLAY_CTR_LEN,
2683 .maxlen = NL80211_REPLAY_CTR_LEN,
2684 },
2685 };
2686 union wpa_event_data data;
2687
2688 if (!tb[NL80211_ATTR_MAC])
2689 return;
2690 if (!tb[NL80211_ATTR_REKEY_DATA])
2691 return;
2692 if (nla_parse_nested(rekey_info, MAX_NL80211_REKEY_DATA,
2693 tb[NL80211_ATTR_REKEY_DATA], rekey_policy))
2694 return;
2695 if (!rekey_info[NL80211_REKEY_DATA_REPLAY_CTR])
2696 return;
2697
2698 os_memset(&data, 0, sizeof(data));
2699 data.driver_gtk_rekey.bssid = nla_data(tb[NL80211_ATTR_MAC]);
2700 wpa_printf(MSG_DEBUG, "nl80211: Rekey offload event for BSSID " MACSTR,
2701 MAC2STR(data.driver_gtk_rekey.bssid));
2702 data.driver_gtk_rekey.replay_ctr =
2703 nla_data(rekey_info[NL80211_REKEY_DATA_REPLAY_CTR]);
2704 wpa_hexdump(MSG_DEBUG, "nl80211: Rekey offload - Replay Counter",
2705 data.driver_gtk_rekey.replay_ctr, NL80211_REPLAY_CTR_LEN);
2706 wpa_supplicant_event(drv->ctx, EVENT_DRIVER_GTK_REKEY, &data);
2707 }
2708
2709
2710 static void nl80211_pmksa_candidate_event(struct wpa_driver_nl80211_data *drv,
2711 struct nlattr **tb)
2712 {
2713 struct nlattr *cand[NUM_NL80211_PMKSA_CANDIDATE];
2714 static struct nla_policy cand_policy[NUM_NL80211_PMKSA_CANDIDATE] = {
2715 [NL80211_PMKSA_CANDIDATE_INDEX] = { .type = NLA_U32 },
2716 [NL80211_PMKSA_CANDIDATE_BSSID] = {
2717 .minlen = ETH_ALEN,
2718 .maxlen = ETH_ALEN,
2719 },
2720 [NL80211_PMKSA_CANDIDATE_PREAUTH] = { .type = NLA_FLAG },
2721 };
2722 union wpa_event_data data;
2723
2724 wpa_printf(MSG_DEBUG, "nl80211: PMKSA candidate event");
2725
2726 if (!tb[NL80211_ATTR_PMKSA_CANDIDATE])
2727 return;
2728 if (nla_parse_nested(cand, MAX_NL80211_PMKSA_CANDIDATE,
2729 tb[NL80211_ATTR_PMKSA_CANDIDATE], cand_policy))
2730 return;
2731 if (!cand[NL80211_PMKSA_CANDIDATE_INDEX] ||
2732 !cand[NL80211_PMKSA_CANDIDATE_BSSID])
2733 return;
2734
2735 os_memset(&data, 0, sizeof(data));
2736 os_memcpy(data.pmkid_candidate.bssid,
2737 nla_data(cand[NL80211_PMKSA_CANDIDATE_BSSID]), ETH_ALEN);
2738 data.pmkid_candidate.index =
2739 nla_get_u32(cand[NL80211_PMKSA_CANDIDATE_INDEX]);
2740 data.pmkid_candidate.preauth =
2741 cand[NL80211_PMKSA_CANDIDATE_PREAUTH] != NULL;
2742 wpa_supplicant_event(drv->ctx, EVENT_PMKID_CANDIDATE, &data);
2743 }
2744
2745
2746 static void nl80211_client_probe_event(struct wpa_driver_nl80211_data *drv,
2747 struct nlattr **tb)
2748 {
2749 union wpa_event_data data;
2750
2751 wpa_printf(MSG_DEBUG, "nl80211: Probe client event");
2752
2753 if (!tb[NL80211_ATTR_MAC] || !tb[NL80211_ATTR_ACK])
2754 return;
2755
2756 os_memset(&data, 0, sizeof(data));
2757 os_memcpy(data.client_poll.addr,
2758 nla_data(tb[NL80211_ATTR_MAC]), ETH_ALEN);
2759
2760 wpa_supplicant_event(drv->ctx, EVENT_DRIVER_CLIENT_POLL_OK, &data);
2761 }
2762
2763
2764 static void nl80211_tdls_oper_event(struct wpa_driver_nl80211_data *drv,
2765 struct nlattr **tb)
2766 {
2767 union wpa_event_data data;
2768
2769 wpa_printf(MSG_DEBUG, "nl80211: TDLS operation event");
2770
2771 if (!tb[NL80211_ATTR_MAC] || !tb[NL80211_ATTR_TDLS_OPERATION])
2772 return;
2773
2774 os_memset(&data, 0, sizeof(data));
2775 os_memcpy(data.tdls.peer, nla_data(tb[NL80211_ATTR_MAC]), ETH_ALEN);
2776 switch (nla_get_u8(tb[NL80211_ATTR_TDLS_OPERATION])) {
2777 case NL80211_TDLS_SETUP:
2778 wpa_printf(MSG_DEBUG, "nl80211: TDLS setup request for peer "
2779 MACSTR, MAC2STR(data.tdls.peer));
2780 data.tdls.oper = TDLS_REQUEST_SETUP;
2781 break;
2782 case NL80211_TDLS_TEARDOWN:
2783 wpa_printf(MSG_DEBUG, "nl80211: TDLS teardown request for peer "
2784 MACSTR, MAC2STR(data.tdls.peer));
2785 data.tdls.oper = TDLS_REQUEST_TEARDOWN;
2786 break;
2787 default:
2788 wpa_printf(MSG_DEBUG, "nl80211: Unsupported TDLS operatione "
2789 "event");
2790 return;
2791 }
2792 if (tb[NL80211_ATTR_REASON_CODE]) {
2793 data.tdls.reason_code =
2794 nla_get_u16(tb[NL80211_ATTR_REASON_CODE]);
2795 }
2796
2797 wpa_supplicant_event(drv->ctx, EVENT_TDLS, &data);
2798 }
2799
2800
2801 static void nl80211_stop_ap(struct wpa_driver_nl80211_data *drv,
2802 struct nlattr **tb)
2803 {
2804 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_UNAVAILABLE, NULL);
2805 }
2806
2807
2808 static void nl80211_connect_failed_event(struct wpa_driver_nl80211_data *drv,
2809 struct nlattr **tb)
2810 {
2811 union wpa_event_data data;
2812 u32 reason;
2813
2814 wpa_printf(MSG_DEBUG, "nl80211: Connect failed event");
2815
2816 if (!tb[NL80211_ATTR_MAC] || !tb[NL80211_ATTR_CONN_FAILED_REASON])
2817 return;
2818
2819 os_memset(&data, 0, sizeof(data));
2820 os_memcpy(data.connect_failed_reason.addr,
2821 nla_data(tb[NL80211_ATTR_MAC]), ETH_ALEN);
2822
2823 reason = nla_get_u32(tb[NL80211_ATTR_CONN_FAILED_REASON]);
2824 switch (reason) {
2825 case NL80211_CONN_FAIL_MAX_CLIENTS:
2826 wpa_printf(MSG_DEBUG, "nl80211: Max client reached");
2827 data.connect_failed_reason.code = MAX_CLIENT_REACHED;
2828 break;
2829 case NL80211_CONN_FAIL_BLOCKED_CLIENT:
2830 wpa_printf(MSG_DEBUG, "nl80211: Blocked client " MACSTR
2831 " tried to connect",
2832 MAC2STR(data.connect_failed_reason.addr));
2833 data.connect_failed_reason.code = BLOCKED_CLIENT;
2834 break;
2835 default:
2836 wpa_printf(MSG_DEBUG, "nl8021l: Unknown connect failed reason "
2837 "%u", reason);
2838 return;
2839 }
2840
2841 wpa_supplicant_event(drv->ctx, EVENT_CONNECT_FAILED_REASON, &data);
2842 }
2843
2844
2845 static void nl80211_radar_event(struct wpa_driver_nl80211_data *drv,
2846 struct nlattr **tb)
2847 {
2848 union wpa_event_data data;
2849 enum nl80211_radar_event event_type;
2850
2851 if (!tb[NL80211_ATTR_WIPHY_FREQ] || !tb[NL80211_ATTR_RADAR_EVENT])
2852 return;
2853
2854 os_memset(&data, 0, sizeof(data));
2855 data.dfs_event.freq = nla_get_u32(tb[NL80211_ATTR_WIPHY_FREQ]);
2856 event_type = nla_get_u32(tb[NL80211_ATTR_RADAR_EVENT]);
2857
2858 /* Check HT params */
2859 if (tb[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) {
2860 data.dfs_event.ht_enabled = 1;
2861 data.dfs_event.chan_offset = 0;
2862
2863 switch (nla_get_u32(tb[NL80211_ATTR_WIPHY_CHANNEL_TYPE])) {
2864 case NL80211_CHAN_NO_HT:
2865 data.dfs_event.ht_enabled = 0;
2866 break;
2867 case NL80211_CHAN_HT20:
2868 break;
2869 case NL80211_CHAN_HT40PLUS:
2870 data.dfs_event.chan_offset = 1;
2871 break;
2872 case NL80211_CHAN_HT40MINUS:
2873 data.dfs_event.chan_offset = -1;
2874 break;
2875 }
2876 }
2877
2878 /* Get VHT params */
2879 if (tb[NL80211_ATTR_CHANNEL_WIDTH])
2880 data.dfs_event.chan_width =
2881 convert2width(nla_get_u32(
2882 tb[NL80211_ATTR_CHANNEL_WIDTH]));
2883 if (tb[NL80211_ATTR_CENTER_FREQ1])
2884 data.dfs_event.cf1 = nla_get_u32(tb[NL80211_ATTR_CENTER_FREQ1]);
2885 if (tb[NL80211_ATTR_CENTER_FREQ2])
2886 data.dfs_event.cf2 = nla_get_u32(tb[NL80211_ATTR_CENTER_FREQ2]);
2887
2888 wpa_printf(MSG_DEBUG, "nl80211: DFS event on freq %d MHz, ht: %d, offset: %d, width: %d, cf1: %dMHz, cf2: %dMHz",
2889 data.dfs_event.freq, data.dfs_event.ht_enabled,
2890 data.dfs_event.chan_offset, data.dfs_event.chan_width,
2891 data.dfs_event.cf1, data.dfs_event.cf2);
2892
2893 switch (event_type) {
2894 case NL80211_RADAR_DETECTED:
2895 wpa_supplicant_event(drv->ctx, EVENT_DFS_RADAR_DETECTED, &data);
2896 break;
2897 case NL80211_RADAR_CAC_FINISHED:
2898 wpa_supplicant_event(drv->ctx, EVENT_DFS_CAC_FINISHED, &data);
2899 break;
2900 case NL80211_RADAR_CAC_ABORTED:
2901 wpa_supplicant_event(drv->ctx, EVENT_DFS_CAC_ABORTED, &data);
2902 break;
2903 case NL80211_RADAR_NOP_FINISHED:
2904 wpa_supplicant_event(drv->ctx, EVENT_DFS_NOP_FINISHED, &data);
2905 break;
2906 default:
2907 wpa_printf(MSG_DEBUG, "nl80211: Unknown radar event %d "
2908 "received", event_type);
2909 break;
2910 }
2911 }
2912
2913
2914 static void nl80211_spurious_frame(struct i802_bss *bss, struct nlattr **tb,
2915 int wds)
2916 {
2917 struct wpa_driver_nl80211_data *drv = bss->drv;
2918 union wpa_event_data event;
2919
2920 if (!tb[NL80211_ATTR_MAC])
2921 return;
2922
2923 os_memset(&event, 0, sizeof(event));
2924 event.rx_from_unknown.bssid = bss->addr;
2925 event.rx_from_unknown.addr = nla_data(tb[NL80211_ATTR_MAC]);
2926 event.rx_from_unknown.wds = wds;
2927
2928 wpa_supplicant_event(drv->ctx, EVENT_RX_FROM_UNKNOWN, &event);
2929 }
2930
2931
2932 static void qca_nl80211_avoid_freq(struct wpa_driver_nl80211_data *drv,
2933 const u8 *data, size_t len)
2934 {
2935 u32 i, count;
2936 union wpa_event_data event;
2937 struct wpa_freq_range *range = NULL;
2938 const struct qca_avoid_freq_list *freq_range;
2939
2940 freq_range = (const struct qca_avoid_freq_list *) data;
2941 if (len < sizeof(freq_range->count))
2942 return;
2943
2944 count = freq_range->count;
2945 if (len < sizeof(freq_range->count) +
2946 count * sizeof(struct qca_avoid_freq_range)) {
2947 wpa_printf(MSG_DEBUG, "nl80211: Ignored too short avoid frequency list (len=%u)",
2948 (unsigned int) len);
2949 return;
2950 }
2951
2952 if (count > 0) {
2953 range = os_calloc(count, sizeof(struct wpa_freq_range));
2954 if (range == NULL)
2955 return;
2956 }
2957
2958 os_memset(&event, 0, sizeof(event));
2959 for (i = 0; i < count; i++) {
2960 unsigned int idx = event.freq_range.num;
2961 range[idx].min = freq_range->range[i].start_freq;
2962 range[idx].max = freq_range->range[i].end_freq;
2963 wpa_printf(MSG_DEBUG, "nl80211: Avoid frequency range: %u-%u",
2964 range[idx].min, range[idx].max);
2965 if (range[idx].min > range[idx].max) {
2966 wpa_printf(MSG_DEBUG, "nl80211: Ignore invalid frequency range");
2967 continue;
2968 }
2969 event.freq_range.num++;
2970 }
2971 event.freq_range.range = range;
2972
2973 wpa_supplicant_event(drv->ctx, EVENT_AVOID_FREQUENCIES, &event);
2974
2975 os_free(range);
2976 }
2977
2978
2979 static void nl80211_vendor_event_qca(struct wpa_driver_nl80211_data *drv,
2980 u32 subcmd, u8 *data, size_t len)
2981 {
2982 switch (subcmd) {
2983 case QCA_NL80211_VENDOR_SUBCMD_AVOID_FREQUENCY:
2984 qca_nl80211_avoid_freq(drv, data, len);
2985 break;
2986 default:
2987 wpa_printf(MSG_DEBUG,
2988 "nl80211: Ignore unsupported QCA vendor event %u",
2989 subcmd);
2990 break;
2991 }
2992 }
2993
2994
2995 static void nl80211_vendor_event(struct wpa_driver_nl80211_data *drv,
2996 struct nlattr **tb)
2997 {
2998 u32 vendor_id, subcmd, wiphy = 0;
2999 int wiphy_idx;
3000 u8 *data = NULL;
3001 size_t len = 0;
3002
3003 if (!tb[NL80211_ATTR_VENDOR_ID] ||
3004 !tb[NL80211_ATTR_VENDOR_SUBCMD])
3005 return;
3006
3007 vendor_id = nla_get_u32(tb[NL80211_ATTR_VENDOR_ID]);
3008 subcmd = nla_get_u32(tb[NL80211_ATTR_VENDOR_SUBCMD]);
3009
3010 if (tb[NL80211_ATTR_WIPHY])
3011 wiphy = nla_get_u32(tb[NL80211_ATTR_WIPHY]);
3012
3013 wpa_printf(MSG_DEBUG, "nl80211: Vendor event: wiphy=%u vendor_id=0x%x subcmd=%u",
3014 wiphy, vendor_id, subcmd);
3015
3016 if (tb[NL80211_ATTR_VENDOR_DATA]) {
3017 data = nla_data(tb[NL80211_ATTR_VENDOR_DATA]);
3018 len = nla_len(tb[NL80211_ATTR_VENDOR_DATA]);
3019 wpa_hexdump(MSG_MSGDUMP, "nl80211: Vendor data", data, len);
3020 }
3021
3022 wiphy_idx = nl80211_get_wiphy_index(drv->first_bss);
3023 if (wiphy_idx >= 0 && wiphy_idx != (int) wiphy) {
3024 wpa_printf(MSG_DEBUG, "nl80211: Ignore vendor event for foreign wiphy %u (own: %d)",
3025 wiphy, wiphy_idx);
3026 return;
3027 }
3028
3029 switch (vendor_id) {
3030 case OUI_QCA:
3031 nl80211_vendor_event_qca(drv, subcmd, data, len);
3032 break;
3033 default:
3034 wpa_printf(MSG_DEBUG, "nl80211: Ignore unsupported vendor event");
3035 break;
3036 }
3037 }
3038
3039
3040 static void nl80211_reg_change_event(struct wpa_driver_nl80211_data *drv,
3041 struct nlattr *tb[])
3042 {
3043 union wpa_event_data data;
3044 enum nl80211_reg_initiator init;
3045
3046 wpa_printf(MSG_DEBUG, "nl80211: Regulatory domain change");
3047
3048 if (tb[NL80211_ATTR_REG_INITIATOR] == NULL)
3049 return;
3050
3051 os_memset(&data, 0, sizeof(data));
3052 init = nla_get_u8(tb[NL80211_ATTR_REG_INITIATOR]);
3053 wpa_printf(MSG_DEBUG, " * initiator=%d", init);
3054 switch (init) {
3055 case NL80211_REGDOM_SET_BY_CORE:
3056 data.channel_list_changed.initiator = REGDOM_SET_BY_CORE;
3057 break;
3058 case NL80211_REGDOM_SET_BY_USER:
3059 data.channel_list_changed.initiator = REGDOM_SET_BY_USER;
3060 break;
3061 case NL80211_REGDOM_SET_BY_DRIVER:
3062 data.channel_list_changed.initiator = REGDOM_SET_BY_DRIVER;
3063 break;
3064 case NL80211_REGDOM_SET_BY_COUNTRY_IE:
3065 data.channel_list_changed.initiator = REGDOM_SET_BY_COUNTRY_IE;
3066 break;
3067 }
3068
3069 if (tb[NL80211_ATTR_REG_TYPE]) {
3070 enum nl80211_reg_type type;
3071 type = nla_get_u8(tb[NL80211_ATTR_REG_TYPE]);
3072 wpa_printf(MSG_DEBUG, " * type=%d", type);
3073 switch (type) {
3074 case NL80211_REGDOM_TYPE_COUNTRY:
3075 data.channel_list_changed.type = REGDOM_TYPE_COUNTRY;
3076 break;
3077 case NL80211_REGDOM_TYPE_WORLD:
3078 data.channel_list_changed.type = REGDOM_TYPE_WORLD;
3079 break;
3080 case NL80211_REGDOM_TYPE_CUSTOM_WORLD:
3081 data.channel_list_changed.type =
3082 REGDOM_TYPE_CUSTOM_WORLD;
3083 break;
3084 case NL80211_REGDOM_TYPE_INTERSECTION:
3085 data.channel_list_changed.type =
3086 REGDOM_TYPE_INTERSECTION;
3087 break;
3088 }
3089 }
3090
3091 if (tb[NL80211_ATTR_REG_ALPHA2]) {
3092 os_strlcpy(data.channel_list_changed.alpha2,
3093 nla_get_string(tb[NL80211_ATTR_REG_ALPHA2]),
3094 sizeof(data.channel_list_changed.alpha2));
3095 wpa_printf(MSG_DEBUG, " * alpha2=%s",
3096 data.channel_list_changed.alpha2);
3097 }
3098
3099 wpa_supplicant_event(drv->ctx, EVENT_CHANNEL_LIST_CHANGED, &data);
3100 }
3101
3102
3103 static void do_process_drv_event(struct i802_bss *bss, int cmd,
3104 struct nlattr **tb)
3105 {
3106 struct wpa_driver_nl80211_data *drv = bss->drv;
3107 union wpa_event_data data;
3108
3109 wpa_printf(MSG_DEBUG, "nl80211: Drv Event %d (%s) received for %s",
3110 cmd, nl80211_command_to_string(cmd), bss->ifname);
3111
3112 if (drv->ap_scan_as_station != NL80211_IFTYPE_UNSPECIFIED &&
3113 (cmd == NL80211_CMD_NEW_SCAN_RESULTS ||
3114 cmd == NL80211_CMD_SCAN_ABORTED)) {
3115 wpa_driver_nl80211_set_mode(drv->first_bss,
3116 drv->ap_scan_as_station);
3117 drv->ap_scan_as_station = NL80211_IFTYPE_UNSPECIFIED;
3118 }
3119
3120 switch (cmd) {
3121 case NL80211_CMD_TRIGGER_SCAN:
3122 wpa_dbg(drv->ctx, MSG_DEBUG, "nl80211: Scan trigger");
3123 drv->scan_state = SCAN_STARTED;
3124 if (drv->scan_for_auth) {
3125 /*
3126 * Cannot indicate EVENT_SCAN_STARTED here since we skip
3127 * EVENT_SCAN_RESULTS in scan_for_auth case and the
3128 * upper layer implementation could get confused about
3129 * scanning state.
3130 */
3131 wpa_printf(MSG_DEBUG, "nl80211: Do not indicate scan-start event due to internal scan_for_auth");
3132 break;
3133 }
3134 wpa_supplicant_event(drv->ctx, EVENT_SCAN_STARTED, NULL);
3135 break;
3136 case NL80211_CMD_START_SCHED_SCAN:
3137 wpa_dbg(drv->ctx, MSG_DEBUG, "nl80211: Sched scan started");
3138 drv->scan_state = SCHED_SCAN_STARTED;
3139 break;
3140 case NL80211_CMD_SCHED_SCAN_STOPPED:
3141 wpa_dbg(drv->ctx, MSG_DEBUG, "nl80211: Sched scan stopped");
3142 drv->scan_state = SCHED_SCAN_STOPPED;
3143 wpa_supplicant_event(drv->ctx, EVENT_SCHED_SCAN_STOPPED, NULL);
3144 break;
3145 case NL80211_CMD_NEW_SCAN_RESULTS:
3146 wpa_dbg(drv->ctx, MSG_DEBUG,
3147 "nl80211: New scan results available");
3148 drv->scan_state = SCAN_COMPLETED;
3149 drv->scan_complete_events = 1;
3150 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv,
3151 drv->ctx);
3152 send_scan_event(drv, 0, tb);
3153 break;
3154 case NL80211_CMD_SCHED_SCAN_RESULTS:
3155 wpa_dbg(drv->ctx, MSG_DEBUG,
3156 "nl80211: New sched scan results available");
3157 drv->scan_state = SCHED_SCAN_RESULTS;
3158 send_scan_event(drv, 0, tb);
3159 break;
3160 case NL80211_CMD_SCAN_ABORTED:
3161 wpa_dbg(drv->ctx, MSG_DEBUG, "nl80211: Scan aborted");
3162 drv->scan_state = SCAN_ABORTED;
3163 /*
3164 * Need to indicate that scan results are available in order
3165 * not to make wpa_supplicant stop its scanning.
3166 */
3167 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv,
3168 drv->ctx);
3169 send_scan_event(drv, 1, tb);
3170 break;
3171 case NL80211_CMD_AUTHENTICATE:
3172 case NL80211_CMD_ASSOCIATE:
3173 case NL80211_CMD_DEAUTHENTICATE:
3174 case NL80211_CMD_DISASSOCIATE:
3175 case NL80211_CMD_FRAME_TX_STATUS:
3176 case NL80211_CMD_UNPROT_DEAUTHENTICATE:
3177 case NL80211_CMD_UNPROT_DISASSOCIATE:
3178 mlme_event(bss, cmd, tb[NL80211_ATTR_FRAME],
3179 tb[NL80211_ATTR_MAC], tb[NL80211_ATTR_TIMED_OUT],
3180 tb[NL80211_ATTR_WIPHY_FREQ], tb[NL80211_ATTR_ACK],
3181 tb[NL80211_ATTR_COOKIE],
3182 tb[NL80211_ATTR_RX_SIGNAL_DBM]);
3183 break;
3184 case NL80211_CMD_CONNECT:
3185 case NL80211_CMD_ROAM:
3186 mlme_event_connect(drv, cmd,
3187 tb[NL80211_ATTR_STATUS_CODE],
3188 tb[NL80211_ATTR_MAC],
3189 tb[NL80211_ATTR_REQ_IE],
3190 tb[NL80211_ATTR_RESP_IE]);
3191 break;
3192 case NL80211_CMD_CH_SWITCH_NOTIFY:
3193 mlme_event_ch_switch(drv,
3194 tb[NL80211_ATTR_IFINDEX],
3195 tb[NL80211_ATTR_WIPHY_FREQ],
3196 tb[NL80211_ATTR_WIPHY_CHANNEL_TYPE],
3197 tb[NL80211_ATTR_CHANNEL_WIDTH],
3198 tb[NL80211_ATTR_CENTER_FREQ1],
3199 tb[NL80211_ATTR_CENTER_FREQ2]);
3200 break;
3201 case NL80211_CMD_DISCONNECT:
3202 mlme_event_disconnect(drv, tb[NL80211_ATTR_REASON_CODE],
3203 tb[NL80211_ATTR_MAC],
3204 tb[NL80211_ATTR_DISCONNECTED_BY_AP]);
3205 break;
3206 case NL80211_CMD_MICHAEL_MIC_FAILURE:
3207 mlme_event_michael_mic_failure(bss, tb);
3208 break;
3209 case NL80211_CMD_JOIN_IBSS:
3210 mlme_event_join_ibss(drv, tb);
3211 break;
3212 case NL80211_CMD_REMAIN_ON_CHANNEL:
3213 mlme_event_remain_on_channel(drv, 0, tb);
3214 break;
3215 case NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL:
3216 mlme_event_remain_on_channel(drv, 1, tb);
3217 break;
3218 case NL80211_CMD_NOTIFY_CQM:
3219 nl80211_cqm_event(drv, tb);
3220 break;
3221 case NL80211_CMD_REG_CHANGE:
3222 nl80211_reg_change_event(drv, tb);
3223 break;
3224 case NL80211_CMD_REG_BEACON_HINT:
3225 wpa_printf(MSG_DEBUG, "nl80211: Regulatory beacon hint");
3226 os_memset(&data, 0, sizeof(data));
3227 data.channel_list_changed.initiator = REGDOM_BEACON_HINT;
3228 wpa_supplicant_event(drv->ctx, EVENT_CHANNEL_LIST_CHANGED,
3229 &data);
3230 break;
3231 case NL80211_CMD_NEW_STATION:
3232 nl80211_new_station_event(drv, tb);
3233 break;
3234 case NL80211_CMD_DEL_STATION:
3235 nl80211_del_station_event(drv, tb);
3236 break;
3237 case NL80211_CMD_SET_REKEY_OFFLOAD:
3238 nl80211_rekey_offload_event(drv, tb);
3239 break;
3240 case NL80211_CMD_PMKSA_CANDIDATE:
3241 nl80211_pmksa_candidate_event(drv, tb);
3242 break;
3243 case NL80211_CMD_PROBE_CLIENT:
3244 nl80211_client_probe_event(drv, tb);
3245 break;
3246 case NL80211_CMD_TDLS_OPER:
3247 nl80211_tdls_oper_event(drv, tb);
3248 break;
3249 case NL80211_CMD_CONN_FAILED:
3250 nl80211_connect_failed_event(drv, tb);
3251 break;
3252 case NL80211_CMD_FT_EVENT:
3253 mlme_event_ft_event(drv, tb);
3254 break;
3255 case NL80211_CMD_RADAR_DETECT:
3256 nl80211_radar_event(drv, tb);
3257 break;
3258 case NL80211_CMD_STOP_AP:
3259 nl80211_stop_ap(drv, tb);
3260 break;
3261 case NL80211_CMD_VENDOR:
3262 nl80211_vendor_event(drv, tb);
3263 break;
3264 case NL80211_CMD_NEW_PEER_CANDIDATE:
3265 nl80211_new_peer_candidate(drv, tb);
3266 break;
3267 default:
3268 wpa_dbg(drv->ctx, MSG_DEBUG, "nl80211: Ignored unknown event "
3269 "(cmd=%d)", cmd);
3270 break;
3271 }
3272 }
3273
3274
3275 static int process_drv_event(struct nl_msg *msg, void *arg)
3276 {
3277 struct wpa_driver_nl80211_data *drv = arg;
3278 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
3279 struct nlattr *tb[NL80211_ATTR_MAX + 1];
3280 struct i802_bss *bss;
3281 int ifidx = -1;
3282
3283 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
3284 genlmsg_attrlen(gnlh, 0), NULL);
3285
3286 if (tb[NL80211_ATTR_IFINDEX]) {
3287 ifidx = nla_get_u32(tb[NL80211_ATTR_IFINDEX]);
3288
3289 for (bss = drv->first_bss; bss; bss = bss->next)
3290 if (ifidx == -1 || ifidx == bss->ifindex) {
3291 do_process_drv_event(bss, gnlh->cmd, tb);
3292 return NL_SKIP;
3293 }
3294 wpa_printf(MSG_DEBUG,
3295 "nl80211: Ignored event (cmd=%d) for foreign interface (ifindex %d)",
3296 gnlh->cmd, ifidx);
3297 } else if (tb[NL80211_ATTR_WDEV]) {
3298 u64 wdev_id = nla_get_u64(tb[NL80211_ATTR_WDEV]);
3299 wpa_printf(MSG_DEBUG, "nl80211: Process event on P2P device");
3300 for (bss = drv->first_bss; bss; bss = bss->next) {
3301 if (bss->wdev_id_set && wdev_id == bss->wdev_id) {
3302 do_process_drv_event(bss, gnlh->cmd, tb);
3303 return NL_SKIP;
3304 }
3305 }
3306 wpa_printf(MSG_DEBUG,
3307 "nl80211: Ignored event (cmd=%d) for foreign interface (wdev 0x%llx)",
3308 gnlh->cmd, (long long unsigned int) wdev_id);
3309 }
3310
3311 return NL_SKIP;
3312 }
3313
3314
3315 static int process_global_event(struct nl_msg *msg, void *arg)
3316 {
3317 struct nl80211_global *global = arg;
3318 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
3319 struct nlattr *tb[NL80211_ATTR_MAX + 1];
3320 struct wpa_driver_nl80211_data *drv, *tmp;
3321 int ifidx = -1;
3322 struct i802_bss *bss;
3323 u64 wdev_id = 0;
3324 int wdev_id_set = 0;
3325
3326 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
3327 genlmsg_attrlen(gnlh, 0), NULL);
3328
3329 if (tb[NL80211_ATTR_IFINDEX])
3330 ifidx = nla_get_u32(tb[NL80211_ATTR_IFINDEX]);
3331 else if (tb[NL80211_ATTR_WDEV]) {
3332 wdev_id = nla_get_u64(tb[NL80211_ATTR_WDEV]);
3333 wdev_id_set = 1;
3334 }
3335
3336 dl_list_for_each_safe(drv, tmp, &global->interfaces,
3337 struct wpa_driver_nl80211_data, list) {
3338 for (bss = drv->first_bss; bss; bss = bss->next) {
3339 if ((ifidx == -1 && !wdev_id_set) ||
3340 ifidx == bss->ifindex ||
3341 (wdev_id_set && bss->wdev_id_set &&
3342 wdev_id == bss->wdev_id)) {
3343 do_process_drv_event(bss, gnlh->cmd, tb);
3344 return NL_SKIP;
3345 }
3346 }
3347 }
3348
3349 return NL_SKIP;
3350 }
3351
3352
3353 static int process_bss_event(struct nl_msg *msg, void *arg)
3354 {
3355 struct i802_bss *bss = arg;
3356 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
3357 struct nlattr *tb[NL80211_ATTR_MAX + 1];
3358
3359 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
3360 genlmsg_attrlen(gnlh, 0), NULL);
3361
3362 wpa_printf(MSG_DEBUG, "nl80211: BSS Event %d (%s) received for %s",
3363 gnlh->cmd, nl80211_command_to_string(gnlh->cmd),
3364 bss->ifname);
3365
3366 switch (gnlh->cmd) {
3367 case NL80211_CMD_FRAME:
3368 case NL80211_CMD_FRAME_TX_STATUS:
3369 mlme_event(bss, gnlh->cmd, tb[NL80211_ATTR_FRAME],
3370 tb[NL80211_ATTR_MAC], tb[NL80211_ATTR_TIMED_OUT],
3371 tb[NL80211_ATTR_WIPHY_FREQ], tb[NL80211_ATTR_ACK],
3372 tb[NL80211_ATTR_COOKIE],
3373 tb[NL80211_ATTR_RX_SIGNAL_DBM]);
3374 break;
3375 case NL80211_CMD_UNEXPECTED_FRAME:
3376 nl80211_spurious_frame(bss, tb, 0);
3377 break;
3378 case NL80211_CMD_UNEXPECTED_4ADDR_FRAME:
3379 nl80211_spurious_frame(bss, tb, 1);
3380 break;
3381 default:
3382 wpa_printf(MSG_DEBUG, "nl80211: Ignored unknown event "
3383 "(cmd=%d)", gnlh->cmd);
3384 break;
3385 }
3386
3387 return NL_SKIP;
3388 }
3389
3390
3391 static void wpa_driver_nl80211_event_receive(int sock, void *eloop_ctx,
3392 void *handle)
3393 {
3394 struct nl_cb *cb = eloop_ctx;
3395 int res;
3396
3397 wpa_printf(MSG_MSGDUMP, "nl80211: Event message available");
3398
3399 res = nl_recvmsgs(handle, cb);
3400 if (res < 0) {
3401 wpa_printf(MSG_INFO, "nl80211: %s->nl_recvmsgs failed: %d",
3402 __func__, res);
3403 }
3404 }
3405
3406
3407 /**
3408 * wpa_driver_nl80211_set_country - ask nl80211 to set the regulatory domain
3409 * @priv: driver_nl80211 private data
3410 * @alpha2_arg: country to which to switch to
3411 * Returns: 0 on success, -1 on failure
3412 *
3413 * This asks nl80211 to set the regulatory domain for given
3414 * country ISO / IEC alpha2.
3415 */
3416 static int wpa_driver_nl80211_set_country(void *priv, const char *alpha2_arg)
3417 {
3418 struct i802_bss *bss = priv;
3419 struct wpa_driver_nl80211_data *drv = bss->drv;
3420 char alpha2[3];
3421 struct nl_msg *msg;
3422
3423 msg = nlmsg_alloc();
3424 if (!msg)
3425 return -ENOMEM;
3426
3427 alpha2[0] = alpha2_arg[0];
3428 alpha2[1] = alpha2_arg[1];
3429 alpha2[2] = '\0';
3430
3431 nl80211_cmd(drv, msg, 0, NL80211_CMD_REQ_SET_REG);
3432
3433 NLA_PUT_STRING(msg, NL80211_ATTR_REG_ALPHA2, alpha2);
3434 if (send_and_recv_msgs(drv, msg, NULL, NULL))
3435 return -EINVAL;
3436 return 0;
3437 nla_put_failure:
3438 nlmsg_free(msg);
3439 return -EINVAL;
3440 }
3441
3442
3443 static int nl80211_get_country(struct nl_msg *msg, void *arg)
3444 {
3445 char *alpha2 = arg;
3446 struct nlattr *tb_msg[NL80211_ATTR_MAX + 1];
3447 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
3448
3449 nla_parse(tb_msg, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
3450 genlmsg_attrlen(gnlh, 0), NULL);
3451 if (!tb_msg[NL80211_ATTR_REG_ALPHA2]) {
3452 wpa_printf(MSG_DEBUG, "nl80211: No country information available");
3453 return NL_SKIP;
3454 }
3455 os_strlcpy(alpha2, nla_data(tb_msg[NL80211_ATTR_REG_ALPHA2]), 3);
3456 return NL_SKIP;
3457 }
3458
3459
3460 static int wpa_driver_nl80211_get_country(void *priv, char *alpha2)
3461 {
3462 struct i802_bss *bss = priv;
3463 struct wpa_driver_nl80211_data *drv = bss->drv;
3464 struct nl_msg *msg;
3465 int ret;
3466
3467 msg = nlmsg_alloc();
3468 if (!msg)
3469 return -ENOMEM;
3470
3471 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_REG);
3472 alpha2[0] = '\0';
3473 ret = send_and_recv_msgs(drv, msg, nl80211_get_country, alpha2);
3474 if (!alpha2[0])
3475 ret = -1;
3476
3477 return ret;
3478 }
3479
3480
3481 static int protocol_feature_handler(struct nl_msg *msg, void *arg)
3482 {
3483 u32 *feat = arg;
3484 struct nlattr *tb_msg[NL80211_ATTR_MAX + 1];
3485 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
3486
3487 nla_parse(tb_msg, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
3488 genlmsg_attrlen(gnlh, 0), NULL);
3489
3490 if (tb_msg[NL80211_ATTR_PROTOCOL_FEATURES])
3491 *feat = nla_get_u32(tb_msg[NL80211_ATTR_PROTOCOL_FEATURES]);
3492
3493 return NL_SKIP;
3494 }
3495
3496
3497 static u32 get_nl80211_protocol_features(struct wpa_driver_nl80211_data *drv)
3498 {
3499 u32 feat = 0;
3500 struct nl_msg *msg;
3501
3502 msg = nlmsg_alloc();
3503 if (!msg)
3504 goto nla_put_failure;
3505
3506 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_PROTOCOL_FEATURES);
3507 if (send_and_recv_msgs(drv, msg, protocol_feature_handler, &feat) == 0)
3508 return feat;
3509
3510 msg = NULL;
3511 nla_put_failure:
3512 nlmsg_free(msg);
3513 return 0;
3514 }
3515
3516
3517 struct wiphy_info_data {
3518 struct wpa_driver_nl80211_data *drv;
3519 struct wpa_driver_capa *capa;
3520
3521 unsigned int num_multichan_concurrent;
3522
3523 unsigned int error:1;
3524 unsigned int device_ap_sme:1;
3525 unsigned int poll_command_supported:1;
3526 unsigned int data_tx_status:1;
3527 unsigned int monitor_supported:1;
3528 unsigned int auth_supported:1;
3529 unsigned int connect_supported:1;
3530 unsigned int p2p_go_supported:1;
3531 unsigned int p2p_client_supported:1;
3532 unsigned int p2p_concurrent:1;
3533 unsigned int channel_switch_supported:1;
3534 unsigned int set_qos_map_supported:1;
3535 unsigned int have_low_prio_scan:1;
3536 };
3537
3538
3539 static unsigned int probe_resp_offload_support(int supp_protocols)
3540 {
3541 unsigned int prot = 0;
3542
3543 if (supp_protocols & NL80211_PROBE_RESP_OFFLOAD_SUPPORT_WPS)
3544 prot |= WPA_DRIVER_PROBE_RESP_OFFLOAD_WPS;
3545 if (supp_protocols & NL80211_PROBE_RESP_OFFLOAD_SUPPORT_WPS2)
3546 prot |= WPA_DRIVER_PROBE_RESP_OFFLOAD_WPS2;
3547 if (supp_protocols & NL80211_PROBE_RESP_OFFLOAD_SUPPORT_P2P)
3548 prot |= WPA_DRIVER_PROBE_RESP_OFFLOAD_P2P;
3549 if (supp_protocols & NL80211_PROBE_RESP_OFFLOAD_SUPPORT_80211U)
3550 prot |= WPA_DRIVER_PROBE_RESP_OFFLOAD_INTERWORKING;
3551
3552 return prot;
3553 }
3554
3555
3556 static void wiphy_info_supported_iftypes(struct wiphy_info_data *info,
3557 struct nlattr *tb)
3558 {
3559 struct nlattr *nl_mode;
3560 int i;
3561
3562 if (tb == NULL)
3563 return;
3564
3565 nla_for_each_nested(nl_mode, tb, i) {
3566 switch (nla_type(nl_mode)) {
3567 case NL80211_IFTYPE_AP:
3568 info->capa->flags |= WPA_DRIVER_FLAGS_AP;
3569 break;
3570 case NL80211_IFTYPE_MESH_POINT:
3571 info->capa->flags |= WPA_DRIVER_FLAGS_MESH;
3572 break;
3573 case NL80211_IFTYPE_ADHOC:
3574 info->capa->flags |= WPA_DRIVER_FLAGS_IBSS;
3575 break;
3576 case NL80211_IFTYPE_P2P_DEVICE:
3577 info->capa->flags |=
3578 WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE;
3579 break;
3580 case NL80211_IFTYPE_P2P_GO:
3581 info->p2p_go_supported = 1;
3582 break;
3583 case NL80211_IFTYPE_P2P_CLIENT:
3584 info->p2p_client_supported = 1;
3585 break;
3586 case NL80211_IFTYPE_MONITOR:
3587 info->monitor_supported = 1;
3588 break;
3589 }
3590 }
3591 }
3592
3593
3594 static int wiphy_info_iface_comb_process(struct wiphy_info_data *info,
3595 struct nlattr *nl_combi)
3596 {
3597 struct nlattr *tb_comb[NUM_NL80211_IFACE_COMB];
3598 struct nlattr *tb_limit[NUM_NL80211_IFACE_LIMIT];
3599 struct nlattr *nl_limit, *nl_mode;
3600 int err, rem_limit, rem_mode;
3601 int combination_has_p2p = 0, combination_has_mgd = 0;
3602 static struct nla_policy
3603 iface_combination_policy[NUM_NL80211_IFACE_COMB] = {
3604 [NL80211_IFACE_COMB_LIMITS] = { .type = NLA_NESTED },
3605 [NL80211_IFACE_COMB_MAXNUM] = { .type = NLA_U32 },
3606 [NL80211_IFACE_COMB_STA_AP_BI_MATCH] = { .type = NLA_FLAG },
3607 [NL80211_IFACE_COMB_NUM_CHANNELS] = { .type = NLA_U32 },
3608 [NL80211_IFACE_COMB_RADAR_DETECT_WIDTHS] = { .type = NLA_U32 },
3609 },
3610 iface_limit_policy[NUM_NL80211_IFACE_LIMIT] = {
3611 [NL80211_IFACE_LIMIT_TYPES] = { .type = NLA_NESTED },
3612 [NL80211_IFACE_LIMIT_MAX] = { .type = NLA_U32 },
3613 };
3614
3615 err = nla_parse_nested(tb_comb, MAX_NL80211_IFACE_COMB,
3616 nl_combi, iface_combination_policy);
3617 if (err || !tb_comb[NL80211_IFACE_COMB_LIMITS] ||
3618 !tb_comb[NL80211_IFACE_COMB_MAXNUM] ||
3619 !tb_comb[NL80211_IFACE_COMB_NUM_CHANNELS])
3620 return 0; /* broken combination */
3621
3622 if (tb_comb[NL80211_IFACE_COMB_RADAR_DETECT_WIDTHS])
3623 info->capa->flags |= WPA_DRIVER_FLAGS_RADAR;
3624
3625 nla_for_each_nested(nl_limit, tb_comb[NL80211_IFACE_COMB_LIMITS],
3626 rem_limit) {
3627 err = nla_parse_nested(tb_limit, MAX_NL80211_IFACE_LIMIT,
3628 nl_limit, iface_limit_policy);
3629 if (err || !tb_limit[NL80211_IFACE_LIMIT_TYPES])
3630 return 0; /* broken combination */
3631
3632 nla_for_each_nested(nl_mode,
3633 tb_limit[NL80211_IFACE_LIMIT_TYPES],
3634 rem_mode) {
3635 int ift = nla_type(nl_mode);
3636 if (ift == NL80211_IFTYPE_P2P_GO ||
3637 ift == NL80211_IFTYPE_P2P_CLIENT)
3638 combination_has_p2p = 1;
3639 if (ift == NL80211_IFTYPE_STATION)
3640 combination_has_mgd = 1;
3641 }
3642 if (combination_has_p2p && combination_has_mgd)
3643 break;
3644 }
3645
3646 if (combination_has_p2p && combination_has_mgd) {
3647 unsigned int num_channels =
3648 nla_get_u32(tb_comb[NL80211_IFACE_COMB_NUM_CHANNELS]);
3649
3650 info->p2p_concurrent = 1;
3651 if (info->num_multichan_concurrent < num_channels)
3652 info->num_multichan_concurrent = num_channels;
3653 }
3654
3655 return 0;
3656 }
3657
3658
3659 static void wiphy_info_iface_comb(struct wiphy_info_data *info,
3660 struct nlattr *tb)
3661 {
3662 struct nlattr *nl_combi;
3663 int rem_combi;
3664
3665 if (tb == NULL)
3666 return;
3667
3668 nla_for_each_nested(nl_combi, tb, rem_combi) {
3669 if (wiphy_info_iface_comb_process(info, nl_combi) > 0)
3670 break;
3671 }
3672 }
3673
3674
3675 static void wiphy_info_supp_cmds(struct wiphy_info_data *info,
3676 struct nlattr *tb)
3677 {
3678 struct nlattr *nl_cmd;
3679 int i;
3680
3681 if (tb == NULL)
3682 return;
3683
3684 nla_for_each_nested(nl_cmd, tb, i) {
3685 switch (nla_get_u32(nl_cmd)) {
3686 case NL80211_CMD_AUTHENTICATE:
3687 info->auth_supported = 1;
3688 break;
3689 case NL80211_CMD_CONNECT:
3690 info->connect_supported = 1;
3691 break;
3692 case NL80211_CMD_START_SCHED_SCAN:
3693 info->capa->sched_scan_supported = 1;
3694 break;
3695 case NL80211_CMD_PROBE_CLIENT:
3696 info->poll_command_supported = 1;
3697 break;
3698 case NL80211_CMD_CHANNEL_SWITCH:
3699 info->channel_switch_supported = 1;
3700 break;
3701 case NL80211_CMD_SET_QOS_MAP:
3702 info->set_qos_map_supported = 1;
3703 break;
3704 }
3705 }
3706 }
3707
3708
3709 static void wiphy_info_cipher_suites(struct wiphy_info_data *info,
3710 struct nlattr *tb)
3711 {
3712 int i, num;
3713 u32 *ciphers;
3714
3715 if (tb == NULL)
3716 return;
3717
3718 num = nla_len(tb) / sizeof(u32);
3719 ciphers = nla_data(tb);
3720 for (i = 0; i < num; i++) {
3721 u32 c = ciphers[i];
3722
3723 wpa_printf(MSG_DEBUG, "nl80211: Supported cipher %02x-%02x-%02x:%d",
3724 c >> 24, (c >> 16) & 0xff,
3725 (c >> 8) & 0xff, c & 0xff);
3726 switch (c) {
3727 case WLAN_CIPHER_SUITE_CCMP_256:
3728 info->capa->enc |= WPA_DRIVER_CAPA_ENC_CCMP_256;
3729 break;
3730 case WLAN_CIPHER_SUITE_GCMP_256:
3731 info->capa->enc |= WPA_DRIVER_CAPA_ENC_GCMP_256;
3732 break;
3733 case WLAN_CIPHER_SUITE_CCMP:
3734 info->capa->enc |= WPA_DRIVER_CAPA_ENC_CCMP;
3735 break;
3736 case WLAN_CIPHER_SUITE_GCMP:
3737 info->capa->enc |= WPA_DRIVER_CAPA_ENC_GCMP;
3738 break;
3739 case WLAN_CIPHER_SUITE_TKIP:
3740 info->capa->enc |= WPA_DRIVER_CAPA_ENC_TKIP;
3741 break;
3742 case WLAN_CIPHER_SUITE_WEP104:
3743 info->capa->enc |= WPA_DRIVER_CAPA_ENC_WEP104;
3744 break;
3745 case WLAN_CIPHER_SUITE_WEP40:
3746 info->capa->enc |= WPA_DRIVER_CAPA_ENC_WEP40;
3747 break;
3748 case WLAN_CIPHER_SUITE_AES_CMAC:
3749 info->capa->enc |= WPA_DRIVER_CAPA_ENC_BIP;
3750 break;
3751 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
3752 info->capa->enc |= WPA_DRIVER_CAPA_ENC_BIP_GMAC_128;
3753 break;
3754 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
3755 info->capa->enc |= WPA_DRIVER_CAPA_ENC_BIP_GMAC_256;
3756 break;
3757 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
3758 info->capa->enc |= WPA_DRIVER_CAPA_ENC_BIP_CMAC_256;
3759 break;
3760 case WLAN_CIPHER_SUITE_NO_GROUP_ADDR:
3761 info->capa->enc |= WPA_DRIVER_CAPA_ENC_GTK_NOT_USED;
3762 break;
3763 }
3764 }
3765 }
3766
3767
3768 static void wiphy_info_max_roc(struct wpa_driver_capa *capa,
3769 struct nlattr *tb)
3770 {
3771 if (tb)
3772 capa->max_remain_on_chan = nla_get_u32(tb);
3773 }
3774
3775
3776 static void wiphy_info_tdls(struct wpa_driver_capa *capa, struct nlattr *tdls,
3777 struct nlattr *ext_setup)
3778 {
3779 if (tdls == NULL)
3780 return;
3781
3782 wpa_printf(MSG_DEBUG, "nl80211: TDLS supported");
3783 capa->flags |= WPA_DRIVER_FLAGS_TDLS_SUPPORT;
3784
3785 if (ext_setup) {
3786 wpa_printf(MSG_DEBUG, "nl80211: TDLS external setup");
3787 capa->flags |= WPA_DRIVER_FLAGS_TDLS_EXTERNAL_SETUP;
3788 }
3789 }
3790
3791
3792 static void wiphy_info_feature_flags(struct wiphy_info_data *info,
3793 struct nlattr *tb)
3794 {
3795 u32 flags;
3796 struct wpa_driver_capa *capa = info->capa;
3797
3798 if (tb == NULL)
3799 return;
3800
3801 flags = nla_get_u32(tb);
3802
3803 if (flags & NL80211_FEATURE_SK_TX_STATUS)
3804 info->data_tx_status = 1;
3805
3806 if (flags & NL80211_FEATURE_INACTIVITY_TIMER)
3807 capa->flags |= WPA_DRIVER_FLAGS_INACTIVITY_TIMER;
3808
3809 if (flags & NL80211_FEATURE_SAE)
3810 capa->flags |= WPA_DRIVER_FLAGS_SAE;
3811
3812 if (flags & NL80211_FEATURE_NEED_OBSS_SCAN)
3813 capa->flags |= WPA_DRIVER_FLAGS_OBSS_SCAN;
3814
3815 if (flags & NL80211_FEATURE_AP_MODE_CHAN_WIDTH_CHANGE)
3816 capa->flags |= WPA_DRIVER_FLAGS_HT_2040_COEX;
3817
3818 if (flags & NL80211_FEATURE_LOW_PRIORITY_SCAN)
3819 info->have_low_prio_scan = 1;
3820 }
3821
3822
3823 static void wiphy_info_probe_resp_offload(struct wpa_driver_capa *capa,
3824 struct nlattr *tb)
3825 {
3826 u32 protocols;
3827
3828 if (tb == NULL)
3829 return;
3830
3831 protocols = nla_get_u32(tb);
3832 wpa_printf(MSG_DEBUG, "nl80211: Supports Probe Response offload in AP "
3833 "mode");
3834 capa->flags |= WPA_DRIVER_FLAGS_PROBE_RESP_OFFLOAD;
3835 capa->probe_resp_offloads = probe_resp_offload_support(protocols);
3836 }
3837
3838
3839 static void wiphy_info_wowlan_triggers(struct wpa_driver_capa *capa,
3840 struct nlattr *tb)
3841 {
3842 struct nlattr *triggers[MAX_NL80211_WOWLAN_TRIG + 1];
3843
3844 if (tb == NULL)
3845 return;
3846
3847 if (nla_parse_nested(triggers, MAX_NL80211_WOWLAN_TRIG,
3848 tb, NULL))
3849 return;
3850
3851 if (triggers[NL80211_WOWLAN_TRIG_ANY])
3852 capa->wowlan_triggers.any = 1;
3853 if (triggers[NL80211_WOWLAN_TRIG_DISCONNECT])
3854 capa->wowlan_triggers.disconnect = 1;
3855 if (triggers[NL80211_WOWLAN_TRIG_MAGIC_PKT])
3856 capa->wowlan_triggers.magic_pkt = 1;
3857 if (triggers[NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE])
3858 capa->wowlan_triggers.gtk_rekey_failure = 1;
3859 if (triggers[NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST])
3860 capa->wowlan_triggers.eap_identity_req = 1;
3861 if (triggers[NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE])
3862 capa->wowlan_triggers.four_way_handshake = 1;
3863 if (triggers[NL80211_WOWLAN_TRIG_RFKILL_RELEASE])
3864 capa->wowlan_triggers.rfkill_release = 1;
3865 }
3866
3867
3868 static int wiphy_info_handler(struct nl_msg *msg, void *arg)
3869 {
3870 struct nlattr *tb[NL80211_ATTR_MAX + 1];
3871 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
3872 struct wiphy_info_data *info = arg;
3873 struct wpa_driver_capa *capa = info->capa;
3874 struct wpa_driver_nl80211_data *drv = info->drv;
3875
3876 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
3877 genlmsg_attrlen(gnlh, 0), NULL);
3878
3879 if (tb[NL80211_ATTR_WIPHY_NAME])
3880 os_strlcpy(drv->phyname,
3881 nla_get_string(tb[NL80211_ATTR_WIPHY_NAME]),
3882 sizeof(drv->phyname));
3883 if (tb[NL80211_ATTR_MAX_NUM_SCAN_SSIDS])
3884 capa->max_scan_ssids =
3885 nla_get_u8(tb[NL80211_ATTR_MAX_NUM_SCAN_SSIDS]);
3886
3887 if (tb[NL80211_ATTR_MAX_NUM_SCHED_SCAN_SSIDS])
3888 capa->max_sched_scan_ssids =
3889 nla_get_u8(tb[NL80211_ATTR_MAX_NUM_SCHED_SCAN_SSIDS]);
3890
3891 if (tb[NL80211_ATTR_MAX_MATCH_SETS])
3892 capa->max_match_sets =
3893 nla_get_u8(tb[NL80211_ATTR_MAX_MATCH_SETS]);
3894
3895 if (tb[NL80211_ATTR_MAC_ACL_MAX])
3896 capa->max_acl_mac_addrs =
3897 nla_get_u8(tb[NL80211_ATTR_MAC_ACL_MAX]);
3898
3899 wiphy_info_supported_iftypes(info, tb[NL80211_ATTR_SUPPORTED_IFTYPES]);
3900 wiphy_info_iface_comb(info, tb[NL80211_ATTR_INTERFACE_COMBINATIONS]);
3901 wiphy_info_supp_cmds(info, tb[NL80211_ATTR_SUPPORTED_COMMANDS]);
3902 wiphy_info_cipher_suites(info, tb[NL80211_ATTR_CIPHER_SUITES]);
3903
3904 if (tb[NL80211_ATTR_OFFCHANNEL_TX_OK]) {
3905 wpa_printf(MSG_DEBUG, "nl80211: Using driver-based "
3906 "off-channel TX");
3907 capa->flags |= WPA_DRIVER_FLAGS_OFFCHANNEL_TX;
3908 }
3909
3910 if (tb[NL80211_ATTR_ROAM_SUPPORT]) {
3911 wpa_printf(MSG_DEBUG, "nl80211: Using driver-based roaming");
3912 capa->flags |= WPA_DRIVER_FLAGS_BSS_SELECTION;
3913 }
3914
3915 wiphy_info_max_roc(capa,
3916 tb[NL80211_ATTR_MAX_REMAIN_ON_CHANNEL_DURATION]);
3917
3918 if (tb[NL80211_ATTR_SUPPORT_AP_UAPSD])
3919 capa->flags |= WPA_DRIVER_FLAGS_AP_UAPSD;
3920
3921 wiphy_info_tdls(capa, tb[NL80211_ATTR_TDLS_SUPPORT],
3922 tb[NL80211_ATTR_TDLS_EXTERNAL_SETUP]);
3923
3924 if (tb[NL80211_ATTR_DEVICE_AP_SME])
3925 info->device_ap_sme = 1;
3926
3927 wiphy_info_feature_flags(info, tb[NL80211_ATTR_FEATURE_FLAGS]);
3928 wiphy_info_probe_resp_offload(capa,
3929 tb[NL80211_ATTR_PROBE_RESP_OFFLOAD]);
3930
3931 if (tb[NL80211_ATTR_EXT_CAPA] && tb[NL80211_ATTR_EXT_CAPA_MASK] &&
3932 drv->extended_capa == NULL) {
3933 drv->extended_capa =
3934 os_malloc(nla_len(tb[NL80211_ATTR_EXT_CAPA]));
3935 if (drv->extended_capa) {
3936 os_memcpy(drv->extended_capa,
3937 nla_data(tb[NL80211_ATTR_EXT_CAPA]),
3938 nla_len(tb[NL80211_ATTR_EXT_CAPA]));
3939 drv->extended_capa_len =
3940 nla_len(tb[NL80211_ATTR_EXT_CAPA]);
3941 }
3942 drv->extended_capa_mask =
3943 os_malloc(nla_len(tb[NL80211_ATTR_EXT_CAPA]));
3944 if (drv->extended_capa_mask) {
3945 os_memcpy(drv->extended_capa_mask,
3946 nla_data(tb[NL80211_ATTR_EXT_CAPA]),
3947 nla_len(tb[NL80211_ATTR_EXT_CAPA]));
3948 } else {
3949 os_free(drv->extended_capa);
3950 drv->extended_capa = NULL;
3951 drv->extended_capa_len = 0;
3952 }
3953 }
3954
3955 if (tb[NL80211_ATTR_VENDOR_DATA]) {
3956 struct nlattr *nl;
3957 int rem;
3958
3959 nla_for_each_nested(nl, tb[NL80211_ATTR_VENDOR_DATA], rem) {
3960 struct nl80211_vendor_cmd_info *vinfo;
3961 if (nla_len(nl) != sizeof(*vinfo)) {
3962 wpa_printf(MSG_DEBUG, "nl80211: Unexpected vendor data info");
3963 continue;
3964 }
3965 vinfo = nla_data(nl);
3966 switch (vinfo->subcmd) {
3967 case QCA_NL80211_VENDOR_SUBCMD_ROAMING:
3968 drv->roaming_vendor_cmd_avail = 1;
3969 break;
3970 case QCA_NL80211_VENDOR_SUBCMD_DFS_CAPABILITY:
3971 drv->dfs_vendor_cmd_avail = 1;
3972 break;
3973 }
3974
3975 wpa_printf(MSG_DEBUG, "nl80211: Supported vendor command: vendor_id=0x%x subcmd=%u",
3976 vinfo->vendor_id, vinfo->subcmd);
3977 }
3978 }
3979
3980 if (tb[NL80211_ATTR_VENDOR_EVENTS]) {
3981 struct nlattr *nl;
3982 int rem;
3983
3984 nla_for_each_nested(nl, tb[NL80211_ATTR_VENDOR_EVENTS], rem) {
3985 struct nl80211_vendor_cmd_info *vinfo;
3986 if (nla_len(nl) != sizeof(*vinfo)) {
3987 wpa_printf(MSG_DEBUG, "nl80211: Unexpected vendor data info");
3988 continue;
3989 }
3990 vinfo = nla_data(nl);
3991 wpa_printf(MSG_DEBUG, "nl80211: Supported vendor event: vendor_id=0x%x subcmd=%u",
3992 vinfo->vendor_id, vinfo->subcmd);
3993 }
3994 }
3995
3996 wiphy_info_wowlan_triggers(capa,
3997 tb[NL80211_ATTR_WOWLAN_TRIGGERS_SUPPORTED]);
3998
3999 if (tb[NL80211_ATTR_MAX_AP_ASSOC_STA])
4000 capa->max_stations =
4001 nla_get_u32(tb[NL80211_ATTR_MAX_AP_ASSOC_STA]);
4002
4003 return NL_SKIP;
4004 }
4005
4006
4007 static int wpa_driver_nl80211_get_info(struct wpa_driver_nl80211_data *drv,
4008 struct wiphy_info_data *info)
4009 {
4010 u32 feat;
4011 struct nl_msg *msg;
4012
4013 os_memset(info, 0, sizeof(*info));
4014 info->capa = &drv->capa;
4015 info->drv = drv;
4016
4017 msg = nlmsg_alloc();
4018 if (!msg)
4019 return -1;
4020
4021 feat = get_nl80211_protocol_features(drv);
4022 if (feat & NL80211_PROTOCOL_FEATURE_SPLIT_WIPHY_DUMP)
4023 nl80211_cmd(drv, msg, NLM_F_DUMP, NL80211_CMD_GET_WIPHY);
4024 else
4025 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_WIPHY);
4026
4027 NLA_PUT_FLAG(msg, NL80211_ATTR_SPLIT_WIPHY_DUMP);
4028 if (nl80211_set_iface_id(msg, drv->first_bss) < 0)
4029 goto nla_put_failure;
4030
4031 if (send_and_recv_msgs(drv, msg, wiphy_info_handler, info))
4032 return -1;
4033
4034 if (info->auth_supported)
4035 drv->capa.flags |= WPA_DRIVER_FLAGS_SME;
4036 else if (!info->connect_supported) {
4037 wpa_printf(MSG_INFO, "nl80211: Driver does not support "
4038 "authentication/association or connect commands");
4039 info->error = 1;
4040 }
4041
4042 if (info->p2p_go_supported && info->p2p_client_supported)
4043 drv->capa.flags |= WPA_DRIVER_FLAGS_P2P_CAPABLE;
4044 if (info->p2p_concurrent) {
4045 wpa_printf(MSG_DEBUG, "nl80211: Use separate P2P group "
4046 "interface (driver advertised support)");
4047 drv->capa.flags |= WPA_DRIVER_FLAGS_P2P_CONCURRENT;
4048 drv->capa.flags |= WPA_DRIVER_FLAGS_P2P_MGMT_AND_NON_P2P;
4049 }
4050 if (info->num_multichan_concurrent > 1) {
4051 wpa_printf(MSG_DEBUG, "nl80211: Enable multi-channel "
4052 "concurrent (driver advertised support)");
4053 drv->capa.num_multichan_concurrent =
4054 info->num_multichan_concurrent;
4055 }
4056 if (drv->capa.flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)
4057 wpa_printf(MSG_DEBUG, "nl80211: use P2P_DEVICE support");
4058
4059 /* default to 5000 since early versions of mac80211 don't set it */
4060 if (!drv->capa.max_remain_on_chan)
4061 drv->capa.max_remain_on_chan = 5000;
4062
4063 if (info->channel_switch_supported)
4064 drv->capa.flags |= WPA_DRIVER_FLAGS_AP_CSA;
4065
4066 return 0;
4067 nla_put_failure:
4068 nlmsg_free(msg);
4069 return -1;
4070 }
4071
4072
4073 static int wpa_driver_nl80211_capa(struct wpa_driver_nl80211_data *drv)
4074 {
4075 struct wiphy_info_data info;
4076 if (wpa_driver_nl80211_get_info(drv, &info))
4077 return -1;
4078
4079 if (info.error)
4080 return -1;
4081
4082 drv->has_capability = 1;
4083 drv->capa.key_mgmt = WPA_DRIVER_CAPA_KEY_MGMT_WPA |
4084 WPA_DRIVER_CAPA_KEY_MGMT_WPA_PSK |
4085 WPA_DRIVER_CAPA_KEY_MGMT_WPA2 |
4086 WPA_DRIVER_CAPA_KEY_MGMT_WPA2_PSK;
4087 drv->capa.auth = WPA_DRIVER_AUTH_OPEN |
4088 WPA_DRIVER_AUTH_SHARED |
4089 WPA_DRIVER_AUTH_LEAP;
4090
4091 drv->capa.flags |= WPA_DRIVER_FLAGS_SANE_ERROR_CODES;
4092 drv->capa.flags |= WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC_DONE;
4093 drv->capa.flags |= WPA_DRIVER_FLAGS_EAPOL_TX_STATUS;
4094
4095 /*
4096 * As all cfg80211 drivers must support cases where the AP interface is
4097 * removed without the knowledge of wpa_supplicant/hostapd, e.g., in
4098 * case that the user space daemon has crashed, they must be able to
4099 * cleanup all stations and key entries in the AP tear down flow. Thus,
4100 * this flag can/should always be set for cfg80211 drivers.
4101 */
4102 drv->capa.flags |= WPA_DRIVER_FLAGS_AP_TEARDOWN_SUPPORT;
4103
4104 if (!info.device_ap_sme) {
4105 drv->capa.flags |= WPA_DRIVER_FLAGS_DEAUTH_TX_STATUS;
4106
4107 /*
4108 * No AP SME is currently assumed to also indicate no AP MLME
4109 * in the driver/firmware.
4110 */
4111 drv->capa.flags |= WPA_DRIVER_FLAGS_AP_MLME;
4112 }
4113
4114 drv->device_ap_sme = info.device_ap_sme;
4115 drv->poll_command_supported = info.poll_command_supported;
4116 drv->data_tx_status = info.data_tx_status;
4117 if (info.set_qos_map_supported)
4118 drv->capa.flags |= WPA_DRIVER_FLAGS_QOS_MAPPING;
4119 drv->have_low_prio_scan = info.have_low_prio_scan;
4120
4121 /*
4122 * If poll command and tx status are supported, mac80211 is new enough
4123 * to have everything we need to not need monitor interfaces.
4124 */
4125 drv->use_monitor = !info.poll_command_supported || !info.data_tx_status;
4126
4127 if (drv->device_ap_sme && drv->use_monitor) {
4128 /*
4129 * Non-mac80211 drivers may not support monitor interface.
4130 * Make sure we do not get stuck with incorrect capability here
4131 * by explicitly testing this.
4132 */
4133 if (!info.monitor_supported) {
4134 wpa_printf(MSG_DEBUG, "nl80211: Disable use_monitor "
4135 "with device_ap_sme since no monitor mode "
4136 "support detected");
4137 drv->use_monitor = 0;
4138 }
4139 }
4140
4141 /*
4142 * If we aren't going to use monitor interfaces, but the
4143 * driver doesn't support data TX status, we won't get TX
4144 * status for EAPOL frames.
4145 */
4146 if (!drv->use_monitor && !info.data_tx_status)
4147 drv->capa.flags &= ~WPA_DRIVER_FLAGS_EAPOL_TX_STATUS;
4148
4149 return 0;
4150 }
4151
4152
4153 #ifdef ANDROID
4154 static int android_genl_ctrl_resolve(struct nl_handle *handle,
4155 const char *name)
4156 {
4157 /*
4158 * Android ICS has very minimal genl_ctrl_resolve() implementation, so
4159 * need to work around that.
4160 */
4161 struct nl_cache *cache = NULL;
4162 struct genl_family *nl80211 = NULL;
4163 int id = -1;
4164
4165 if (genl_ctrl_alloc_cache(handle, &cache) < 0) {
4166 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate generic "
4167 "netlink cache");
4168 goto fail;
4169 }
4170
4171 nl80211 = genl_ctrl_search_by_name(cache, name);
4172 if (nl80211 == NULL)
4173 goto fail;
4174
4175 id = genl_family_get_id(nl80211);
4176
4177 fail:
4178 if (nl80211)
4179 genl_family_put(nl80211);
4180 if (cache)
4181 nl_cache_free(cache);
4182
4183 return id;
4184 }
4185 #define genl_ctrl_resolve android_genl_ctrl_resolve
4186 #endif /* ANDROID */
4187
4188
4189 static int wpa_driver_nl80211_init_nl_global(struct nl80211_global *global)
4190 {
4191 int ret;
4192
4193 global->nl_cb = nl_cb_alloc(NL_CB_DEFAULT);
4194 if (global->nl_cb == NULL) {
4195 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate netlink "
4196 "callbacks");
4197 return -1;
4198 }
4199
4200 global->nl = nl_create_handle(global->nl_cb, "nl");
4201 if (global->nl == NULL)
4202 goto err;
4203
4204 global->nl80211_id = genl_ctrl_resolve(global->nl, "nl80211");
4205 if (global->nl80211_id < 0) {
4206 wpa_printf(MSG_ERROR, "nl80211: 'nl80211' generic netlink not "
4207 "found");
4208 goto err;
4209 }
4210
4211 global->nl_event = nl_create_handle(global->nl_cb, "event");
4212 if (global->nl_event == NULL)
4213 goto err;
4214
4215 ret = nl_get_multicast_id(global, "nl80211", "scan");
4216 if (ret >= 0)
4217 ret = nl_socket_add_membership(global->nl_event, ret);
4218 if (ret < 0) {
4219 wpa_printf(MSG_ERROR, "nl80211: Could not add multicast "
4220 "membership for scan events: %d (%s)",
4221 ret, strerror(-ret));
4222 goto err;
4223 }
4224
4225 ret = nl_get_multicast_id(global, "nl80211", "mlme");
4226 if (ret >= 0)
4227 ret = nl_socket_add_membership(global->nl_event, ret);
4228 if (ret < 0) {
4229 wpa_printf(MSG_ERROR, "nl80211: Could not add multicast "
4230 "membership for mlme events: %d (%s)",
4231 ret, strerror(-ret));
4232 goto err;
4233 }
4234
4235 ret = nl_get_multicast_id(global, "nl80211", "regulatory");
4236 if (ret >= 0)
4237 ret = nl_socket_add_membership(global->nl_event, ret);
4238 if (ret < 0) {
4239 wpa_printf(MSG_DEBUG, "nl80211: Could not add multicast "
4240 "membership for regulatory events: %d (%s)",
4241 ret, strerror(-ret));
4242 /* Continue without regulatory events */
4243 }
4244
4245 ret = nl_get_multicast_id(global, "nl80211", "vendor");
4246 if (ret >= 0)
4247 ret = nl_socket_add_membership(global->nl_event, ret);
4248 if (ret < 0) {
4249 wpa_printf(MSG_DEBUG, "nl80211: Could not add multicast "
4250 "membership for vendor events: %d (%s)",
4251 ret, strerror(-ret));
4252 /* Continue without vendor events */
4253 }
4254
4255 nl_cb_set(global->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM,
4256 no_seq_check, NULL);
4257 nl_cb_set(global->nl_cb, NL_CB_VALID, NL_CB_CUSTOM,
4258 process_global_event, global);
4259
4260 nl80211_register_eloop_read(&global->nl_event,
4261 wpa_driver_nl80211_event_receive,
4262 global->nl_cb);
4263
4264 return 0;
4265
4266 err:
4267 nl_destroy_handles(&global->nl_event);
4268 nl_destroy_handles(&global->nl);
4269 nl_cb_put(global->nl_cb);
4270 global->nl_cb = NULL;
4271 return -1;
4272 }
4273
4274
4275 static int wpa_driver_nl80211_init_nl(struct wpa_driver_nl80211_data *drv)
4276 {
4277 drv->nl_cb = nl_cb_alloc(NL_CB_DEFAULT);
4278 if (!drv->nl_cb) {
4279 wpa_printf(MSG_ERROR, "nl80211: Failed to alloc cb struct");
4280 return -1;
4281 }
4282
4283 nl_cb_set(drv->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM,
4284 no_seq_check, NULL);
4285 nl_cb_set(drv->nl_cb, NL_CB_VALID, NL_CB_CUSTOM,
4286 process_drv_event, drv);
4287
4288 return 0;
4289 }
4290
4291
4292 static void wpa_driver_nl80211_rfkill_blocked(void *ctx)
4293 {
4294 wpa_printf(MSG_DEBUG, "nl80211: RFKILL blocked");
4295 /*
4296 * This may be for any interface; use ifdown event to disable
4297 * interface.
4298 */
4299 }
4300
4301
4302 static void wpa_driver_nl80211_rfkill_unblocked(void *ctx)
4303 {
4304 struct wpa_driver_nl80211_data *drv = ctx;
4305 wpa_printf(MSG_DEBUG, "nl80211: RFKILL unblocked");
4306 if (i802_set_iface_flags(drv->first_bss, 1)) {
4307 wpa_printf(MSG_DEBUG, "nl80211: Could not set interface UP "
4308 "after rfkill unblock");
4309 return;
4310 }
4311 /* rtnetlink ifup handler will report interface as enabled */
4312 }
4313
4314
4315 static void wpa_driver_nl80211_handle_eapol_tx_status(int sock,
4316 void *eloop_ctx,
4317 void *handle)
4318 {
4319 struct wpa_driver_nl80211_data *drv = eloop_ctx;
4320 u8 data[2048];
4321 struct msghdr msg;
4322 struct iovec entry;
4323 u8 control[512];
4324 struct cmsghdr *cmsg;
4325 int res, found_ee = 0, found_wifi = 0, acked = 0;
4326 union wpa_event_data event;
4327
4328 memset(&msg, 0, sizeof(msg));
4329 msg.msg_iov = &entry;
4330 msg.msg_iovlen = 1;
4331 entry.iov_base = data;
4332 entry.iov_len = sizeof(data);
4333 msg.msg_control = &control;
4334 msg.msg_controllen = sizeof(control);
4335
4336 res = recvmsg(sock, &msg, MSG_ERRQUEUE);
4337 /* if error or not fitting 802.3 header, return */
4338 if (res < 14)
4339 return;
4340
4341 for (cmsg = CMSG_FIRSTHDR(&msg); cmsg; cmsg = CMSG_NXTHDR(&msg, cmsg))
4342 {
4343 if (cmsg->cmsg_level == SOL_SOCKET &&
4344 cmsg->cmsg_type == SCM_WIFI_STATUS) {
4345 int *ack;
4346
4347 found_wifi = 1;
4348 ack = (void *)CMSG_DATA(cmsg);
4349 acked = *ack;
4350 }
4351
4352 if (cmsg->cmsg_level == SOL_PACKET &&
4353 cmsg->cmsg_type == PACKET_TX_TIMESTAMP) {
4354 struct sock_extended_err *err =
4355 (struct sock_extended_err *)CMSG_DATA(cmsg);
4356
4357 if (err->ee_origin == SO_EE_ORIGIN_TXSTATUS)
4358 found_ee = 1;
4359 }
4360 }
4361
4362 if (!found_ee || !found_wifi)
4363 return;
4364
4365 memset(&event, 0, sizeof(event));
4366 event.eapol_tx_status.dst = data;
4367 event.eapol_tx_status.data = data + 14;
4368 event.eapol_tx_status.data_len = res - 14;
4369 event.eapol_tx_status.ack = acked;
4370 wpa_supplicant_event(drv->ctx, EVENT_EAPOL_TX_STATUS, &event);
4371 }
4372
4373
4374 static int nl80211_init_bss(struct i802_bss *bss)
4375 {
4376 bss->nl_cb = nl_cb_alloc(NL_CB_DEFAULT);
4377 if (!bss->nl_cb)
4378 return -1;
4379
4380 nl_cb_set(bss->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM,
4381 no_seq_check, NULL);
4382 nl_cb_set(bss->nl_cb, NL_CB_VALID, NL_CB_CUSTOM,
4383 process_bss_event, bss);
4384
4385 return 0;
4386 }
4387
4388
4389 static void nl80211_destroy_bss(struct i802_bss *bss)
4390 {
4391 nl_cb_put(bss->nl_cb);
4392 bss->nl_cb = NULL;
4393 }
4394
4395
4396 static void * wpa_driver_nl80211_drv_init(void *ctx, const char *ifname,
4397 void *global_priv, int hostapd,
4398 const u8 *set_addr)
4399 {
4400 struct wpa_driver_nl80211_data *drv;
4401 struct rfkill_config *rcfg;
4402 struct i802_bss *bss;
4403
4404 if (global_priv == NULL)
4405 return NULL;
4406 drv = os_zalloc(sizeof(*drv));
4407 if (drv == NULL)
4408 return NULL;
4409 drv->global = global_priv;
4410 drv->ctx = ctx;
4411 drv->hostapd = !!hostapd;
4412 drv->eapol_sock = -1;
4413 drv->num_if_indices = sizeof(drv->default_if_indices) / sizeof(int);
4414 drv->if_indices = drv->default_if_indices;
4415
4416 drv->first_bss = os_zalloc(sizeof(*drv->first_bss));
4417 if (!drv->first_bss) {
4418 os_free(drv);
4419 return NULL;
4420 }
4421 bss = drv->first_bss;
4422 bss->drv = drv;
4423 bss->ctx = ctx;
4424
4425 os_strlcpy(bss->ifname, ifname, sizeof(bss->ifname));
4426 drv->monitor_ifidx = -1;
4427 drv->monitor_sock = -1;
4428 drv->eapol_tx_sock = -1;
4429 drv->ap_scan_as_station = NL80211_IFTYPE_UNSPECIFIED;
4430
4431 if (wpa_driver_nl80211_init_nl(drv)) {
4432 os_free(drv);
4433 return NULL;
4434 }
4435
4436 if (nl80211_init_bss(bss))
4437 goto failed;
4438
4439 rcfg = os_zalloc(sizeof(*rcfg));
4440 if (rcfg == NULL)
4441 goto failed;
4442 rcfg->ctx = drv;
4443 os_strlcpy(rcfg->ifname, ifname, sizeof(rcfg->ifname));
4444 rcfg->blocked_cb = wpa_driver_nl80211_rfkill_blocked;
4445 rcfg->unblocked_cb = wpa_driver_nl80211_rfkill_unblocked;
4446 drv->rfkill = rfkill_init(rcfg);
4447 if (drv->rfkill == NULL) {
4448 wpa_printf(MSG_DEBUG, "nl80211: RFKILL status not available");
4449 os_free(rcfg);
4450 }
4451
4452 if (linux_iface_up(drv->global->ioctl_sock, ifname) > 0)
4453 drv->start_iface_up = 1;
4454
4455 if (wpa_driver_nl80211_finish_drv_init(drv, set_addr, 1))
4456 goto failed;
4457
4458 drv->eapol_tx_sock = socket(PF_PACKET, SOCK_DGRAM, 0);
4459 if (drv->eapol_tx_sock < 0)
4460 goto failed;
4461
4462 if (drv->data_tx_status) {
4463 int enabled = 1;
4464
4465 if (setsockopt(drv->eapol_tx_sock, SOL_SOCKET, SO_WIFI_STATUS,
4466 &enabled, sizeof(enabled)) < 0) {
4467 wpa_printf(MSG_DEBUG,
4468 "nl80211: wifi status sockopt failed\n");
4469 drv->data_tx_status = 0;
4470 if (!drv->use_monitor)
4471 drv->capa.flags &=
4472 ~WPA_DRIVER_FLAGS_EAPOL_TX_STATUS;
4473 } else {
4474 eloop_register_read_sock(drv->eapol_tx_sock,
4475 wpa_driver_nl80211_handle_eapol_tx_status,
4476 drv, NULL);
4477 }
4478 }
4479
4480 if (drv->global) {
4481 dl_list_add(&drv->global->interfaces, &drv->list);
4482 drv->in_interface_list = 1;
4483 }
4484
4485 return bss;
4486
4487 failed:
4488 wpa_driver_nl80211_deinit(bss);
4489 return NULL;
4490 }
4491
4492
4493 /**
4494 * wpa_driver_nl80211_init - Initialize nl80211 driver interface
4495 * @ctx: context to be used when calling wpa_supplicant functions,
4496 * e.g., wpa_supplicant_event()
4497 * @ifname: interface name, e.g., wlan0
4498 * @global_priv: private driver global data from global_init()
4499 * Returns: Pointer to private data, %NULL on failure
4500 */
4501 static void * wpa_driver_nl80211_init(void *ctx, const char *ifname,
4502 void *global_priv)
4503 {
4504 return wpa_driver_nl80211_drv_init(ctx, ifname, global_priv, 0, NULL);
4505 }
4506
4507
4508 static int nl80211_register_frame(struct i802_bss *bss,
4509 struct nl_handle *nl_handle,
4510 u16 type, const u8 *match, size_t match_len)
4511 {
4512 struct wpa_driver_nl80211_data *drv = bss->drv;
4513 struct nl_msg *msg;
4514 int ret = -1;
4515 char buf[30];
4516
4517 msg = nlmsg_alloc();
4518 if (!msg)
4519 return -1;
4520
4521 buf[0] = '\0';
4522 wpa_snprintf_hex(buf, sizeof(buf), match, match_len);
4523 wpa_printf(MSG_DEBUG, "nl80211: Register frame type=0x%x (%s) nl_handle=%p match=%s",
4524 type, fc2str(type), nl_handle, buf);
4525
4526 nl80211_cmd(drv, msg, 0, NL80211_CMD_REGISTER_ACTION);
4527
4528 if (nl80211_set_iface_id(msg, bss) < 0)
4529 goto nla_put_failure;
4530
4531 NLA_PUT_U16(msg, NL80211_ATTR_FRAME_TYPE, type);
4532 NLA_PUT(msg, NL80211_ATTR_FRAME_MATCH, match_len, match);
4533
4534 ret = send_and_recv(drv->global, nl_handle, msg, NULL, NULL);
4535 msg = NULL;
4536 if (ret) {
4537 wpa_printf(MSG_DEBUG, "nl80211: Register frame command "
4538 "failed (type=%u): ret=%d (%s)",
4539 type, ret, strerror(-ret));
4540 wpa_hexdump(MSG_DEBUG, "nl80211: Register frame match",
4541 match, match_len);
4542 goto nla_put_failure;
4543 }
4544 ret = 0;
4545 nla_put_failure:
4546 nlmsg_free(msg);
4547 return ret;
4548 }
4549
4550
4551 static int nl80211_alloc_mgmt_handle(struct i802_bss *bss)
4552 {
4553 struct wpa_driver_nl80211_data *drv = bss->drv;
4554
4555 if (bss->nl_mgmt) {
4556 wpa_printf(MSG_DEBUG, "nl80211: Mgmt reporting "
4557 "already on! (nl_mgmt=%p)", bss->nl_mgmt);
4558 return -1;
4559 }
4560
4561 bss->nl_mgmt = nl_create_handle(drv->nl_cb, "mgmt");
4562 if (bss->nl_mgmt == NULL)
4563 return -1;
4564
4565 return 0;
4566 }
4567
4568
4569 static void nl80211_mgmt_handle_register_eloop(struct i802_bss *bss)
4570 {
4571 nl80211_register_eloop_read(&bss->nl_mgmt,
4572 wpa_driver_nl80211_event_receive,
4573 bss->nl_cb);
4574 }
4575
4576
4577 static int nl80211_register_action_frame(struct i802_bss *bss,
4578 const u8 *match, size_t match_len)
4579 {
4580 u16 type = (WLAN_FC_TYPE_MGMT << 2) | (WLAN_FC_STYPE_ACTION << 4);
4581 return nl80211_register_frame(bss, bss->nl_mgmt,
4582 type, match, match_len);
4583 }
4584
4585
4586 static int nl80211_mgmt_subscribe_non_ap(struct i802_bss *bss)
4587 {
4588 struct wpa_driver_nl80211_data *drv = bss->drv;
4589 int ret = 0;
4590
4591 if (nl80211_alloc_mgmt_handle(bss))
4592 return -1;
4593 wpa_printf(MSG_DEBUG, "nl80211: Subscribe to mgmt frames with non-AP "
4594 "handle %p", bss->nl_mgmt);
4595
4596 if (drv->nlmode == NL80211_IFTYPE_ADHOC) {
4597 u16 type = (WLAN_FC_TYPE_MGMT << 2) | (WLAN_FC_STYPE_AUTH << 4);
4598
4599 /* register for any AUTH message */
4600 nl80211_register_frame(bss, bss->nl_mgmt, type, NULL, 0);
4601 }
4602
4603 #ifdef CONFIG_INTERWORKING
4604 /* QoS Map Configure */
4605 if (nl80211_register_action_frame(bss, (u8 *) "\x01\x04", 2) < 0)
4606 ret = -1;
4607 #endif /* CONFIG_INTERWORKING */
4608 #if defined(CONFIG_P2P) || defined(CONFIG_INTERWORKING)
4609 /* GAS Initial Request */
4610 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0a", 2) < 0)
4611 ret = -1;
4612 /* GAS Initial Response */
4613 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0b", 2) < 0)
4614 ret = -1;
4615 /* GAS Comeback Request */
4616 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0c", 2) < 0)
4617 ret = -1;
4618 /* GAS Comeback Response */
4619 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0d", 2) < 0)
4620 ret = -1;
4621 /* Protected GAS Initial Request */
4622 if (nl80211_register_action_frame(bss, (u8 *) "\x09\x0a", 2) < 0)
4623 ret = -1;
4624 /* Protected GAS Initial Response */
4625 if (nl80211_register_action_frame(bss, (u8 *) "\x09\x0b", 2) < 0)
4626 ret = -1;
4627 /* Protected GAS Comeback Request */
4628 if (nl80211_register_action_frame(bss, (u8 *) "\x09\x0c", 2) < 0)
4629 ret = -1;
4630 /* Protected GAS Comeback Response */
4631 if (nl80211_register_action_frame(bss, (u8 *) "\x09\x0d", 2) < 0)
4632 ret = -1;
4633 #endif /* CONFIG_P2P || CONFIG_INTERWORKING */
4634 #ifdef CONFIG_P2P
4635 /* P2P Public Action */
4636 if (nl80211_register_action_frame(bss,
4637 (u8 *) "\x04\x09\x50\x6f\x9a\x09",
4638 6) < 0)
4639 ret = -1;
4640 /* P2P Action */
4641 if (nl80211_register_action_frame(bss,
4642 (u8 *) "\x7f\x50\x6f\x9a\x09",
4643 5) < 0)
4644 ret = -1;
4645 #endif /* CONFIG_P2P */
4646 #ifdef CONFIG_IEEE80211W
4647 /* SA Query Response */
4648 if (nl80211_register_action_frame(bss, (u8 *) "\x08\x01", 2) < 0)
4649 ret = -1;
4650 #endif /* CONFIG_IEEE80211W */
4651 #ifdef CONFIG_TDLS
4652 if ((drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT)) {
4653 /* TDLS Discovery Response */
4654 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0e", 2) <
4655 0)
4656 ret = -1;
4657 }
4658 #endif /* CONFIG_TDLS */
4659
4660 /* FT Action frames */
4661 if (nl80211_register_action_frame(bss, (u8 *) "\x06", 1) < 0)
4662 ret = -1;
4663 else
4664 drv->capa.key_mgmt |= WPA_DRIVER_CAPA_KEY_MGMT_FT |
4665 WPA_DRIVER_CAPA_KEY_MGMT_FT_PSK;
4666
4667 /* WNM - BSS Transition Management Request */
4668 if (nl80211_register_action_frame(bss, (u8 *) "\x0a\x07", 2) < 0)
4669 ret = -1;
4670 /* WNM-Sleep Mode Response */
4671 if (nl80211_register_action_frame(bss, (u8 *) "\x0a\x11", 2) < 0)
4672 ret = -1;
4673
4674 #ifdef CONFIG_HS20
4675 /* WNM-Notification */
4676 if (nl80211_register_action_frame(bss, (u8 *) "\x0a\x1a", 2) < 0)
4677 ret = -1;
4678 #endif /* CONFIG_HS20 */
4679
4680 nl80211_mgmt_handle_register_eloop(bss);
4681
4682 return ret;
4683 }
4684
4685
4686 static int nl80211_register_spurious_class3(struct i802_bss *bss)
4687 {
4688 struct wpa_driver_nl80211_data *drv = bss->drv;
4689 struct nl_msg *msg;
4690 int ret = -1;
4691
4692 msg = nlmsg_alloc();
4693 if (!msg)
4694 return -1;
4695
4696 nl80211_cmd(drv, msg, 0, NL80211_CMD_UNEXPECTED_FRAME);
4697
4698 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, bss->ifindex);
4699
4700 ret = send_and_recv(drv->global, bss->nl_mgmt, msg, NULL, NULL);
4701 msg = NULL;
4702 if (ret) {
4703 wpa_printf(MSG_DEBUG, "nl80211: Register spurious class3 "
4704 "failed: ret=%d (%s)",
4705 ret, strerror(-ret));
4706 goto nla_put_failure;
4707 }
4708 ret = 0;
4709 nla_put_failure:
4710 nlmsg_free(msg);
4711 return ret;
4712 }
4713
4714
4715 static int nl80211_mgmt_subscribe_ap(struct i802_bss *bss)
4716 {
4717 static const int stypes[] = {
4718 WLAN_FC_STYPE_AUTH,
4719 WLAN_FC_STYPE_ASSOC_REQ,
4720 WLAN_FC_STYPE_REASSOC_REQ,
4721 WLAN_FC_STYPE_DISASSOC,
4722 WLAN_FC_STYPE_DEAUTH,
4723 WLAN_FC_STYPE_ACTION,
4724 WLAN_FC_STYPE_PROBE_REQ,
4725 /* Beacon doesn't work as mac80211 doesn't currently allow
4726 * it, but it wouldn't really be the right thing anyway as
4727 * it isn't per interface ... maybe just dump the scan
4728 * results periodically for OLBC?
4729 */
4730 /* WLAN_FC_STYPE_BEACON, */
4731 };
4732 unsigned int i;
4733
4734 if (nl80211_alloc_mgmt_handle(bss))
4735 return -1;
4736 wpa_printf(MSG_DEBUG, "nl80211: Subscribe to mgmt frames with AP "
4737 "handle %p", bss->nl_mgmt);
4738
4739 for (i = 0; i < ARRAY_SIZE(stypes); i++) {
4740 if (nl80211_register_frame(bss, bss->nl_mgmt,
4741 (WLAN_FC_TYPE_MGMT << 2) |
4742 (stypes[i] << 4),
4743 NULL, 0) < 0) {
4744 goto out_err;
4745 }
4746 }
4747
4748 if (nl80211_register_spurious_class3(bss))
4749 goto out_err;
4750
4751 if (nl80211_get_wiphy_data_ap(bss) == NULL)
4752 goto out_err;
4753
4754 nl80211_mgmt_handle_register_eloop(bss);
4755 return 0;
4756
4757 out_err:
4758 nl_destroy_handles(&bss->nl_mgmt);
4759 return -1;
4760 }
4761
4762
4763 static int nl80211_mgmt_subscribe_ap_dev_sme(struct i802_bss *bss)
4764 {
4765 if (nl80211_alloc_mgmt_handle(bss))
4766 return -1;
4767 wpa_printf(MSG_DEBUG, "nl80211: Subscribe to mgmt frames with AP "
4768 "handle %p (device SME)", bss->nl_mgmt);
4769
4770 if (nl80211_register_frame(bss, bss->nl_mgmt,
4771 (WLAN_FC_TYPE_MGMT << 2) |
4772 (WLAN_FC_STYPE_ACTION << 4),
4773 NULL, 0) < 0)
4774 goto out_err;
4775
4776 nl80211_mgmt_handle_register_eloop(bss);
4777 return 0;
4778
4779 out_err:
4780 nl_destroy_handles(&bss->nl_mgmt);
4781 return -1;
4782 }
4783
4784
4785 static void nl80211_mgmt_unsubscribe(struct i802_bss *bss, const char *reason)
4786 {
4787 if (bss->nl_mgmt == NULL)
4788 return;
4789 wpa_printf(MSG_DEBUG, "nl80211: Unsubscribe mgmt frames handle %p "
4790 "(%s)", bss->nl_mgmt, reason);
4791 nl80211_destroy_eloop_handle(&bss->nl_mgmt);
4792
4793 nl80211_put_wiphy_data_ap(bss);
4794 }
4795
4796
4797 static void wpa_driver_nl80211_send_rfkill(void *eloop_ctx, void *timeout_ctx)
4798 {
4799 wpa_supplicant_event(timeout_ctx, EVENT_INTERFACE_DISABLED, NULL);
4800 }
4801
4802
4803 static void nl80211_del_p2pdev(struct i802_bss *bss)
4804 {
4805 struct wpa_driver_nl80211_data *drv = bss->drv;
4806 struct nl_msg *msg;
4807 int ret;
4808
4809 msg = nlmsg_alloc();
4810 if (!msg)
4811 return;
4812
4813 nl80211_cmd(drv, msg, 0, NL80211_CMD_DEL_INTERFACE);
4814 NLA_PUT_U64(msg, NL80211_ATTR_WDEV, bss->wdev_id);
4815
4816 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
4817 msg = NULL;
4818
4819 wpa_printf(MSG_DEBUG, "nl80211: Delete P2P Device %s (0x%llx): %s",
4820 bss->ifname, (long long unsigned int) bss->wdev_id,
4821 strerror(-ret));
4822
4823 nla_put_failure:
4824 nlmsg_free(msg);
4825 }
4826
4827
4828 static int nl80211_set_p2pdev(struct i802_bss *bss, int start)
4829 {
4830 struct wpa_driver_nl80211_data *drv = bss->drv;
4831 struct nl_msg *msg;
4832 int ret = -1;
4833
4834 msg = nlmsg_alloc();
4835 if (!msg)
4836 return -1;
4837
4838 if (start)
4839 nl80211_cmd(drv, msg, 0, NL80211_CMD_START_P2P_DEVICE);
4840 else
4841 nl80211_cmd(drv, msg, 0, NL80211_CMD_STOP_P2P_DEVICE);
4842
4843 NLA_PUT_U64(msg, NL80211_ATTR_WDEV, bss->wdev_id);
4844
4845 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
4846 msg = NULL;
4847
4848 wpa_printf(MSG_DEBUG, "nl80211: %s P2P Device %s (0x%llx): %s",
4849 start ? "Start" : "Stop",
4850 bss->ifname, (long long unsigned int) bss->wdev_id,
4851 strerror(-ret));
4852
4853 nla_put_failure:
4854 nlmsg_free(msg);
4855 return ret;
4856 }
4857
4858
4859 static int i802_set_iface_flags(struct i802_bss *bss, int up)
4860 {
4861 enum nl80211_iftype nlmode;
4862
4863 nlmode = nl80211_get_ifmode(bss);
4864 if (nlmode != NL80211_IFTYPE_P2P_DEVICE) {
4865 return linux_set_iface_flags(bss->drv->global->ioctl_sock,
4866 bss->ifname, up);
4867 }
4868
4869 /* P2P Device has start/stop which is equivalent */
4870 return nl80211_set_p2pdev(bss, up);
4871 }
4872
4873
4874 static int
4875 wpa_driver_nl80211_finish_drv_init(struct wpa_driver_nl80211_data *drv,
4876 const u8 *set_addr, int first)
4877 {
4878 struct i802_bss *bss = drv->first_bss;
4879 int send_rfkill_event = 0;
4880 enum nl80211_iftype nlmode;
4881
4882 drv->ifindex = if_nametoindex(bss->ifname);
4883 bss->ifindex = drv->ifindex;
4884 bss->wdev_id = drv->global->if_add_wdevid;
4885 bss->wdev_id_set = drv->global->if_add_wdevid_set;
4886
4887 bss->if_dynamic = drv->ifindex == drv->global->if_add_ifindex;
4888 bss->if_dynamic = bss->if_dynamic || drv->global->if_add_wdevid_set;
4889 drv->global->if_add_wdevid_set = 0;
4890
4891 if (!bss->if_dynamic && nl80211_get_ifmode(bss) == NL80211_IFTYPE_AP)
4892 bss->static_ap = 1;
4893
4894 if (wpa_driver_nl80211_capa(drv))
4895 return -1;
4896
4897 wpa_printf(MSG_DEBUG, "nl80211: interface %s in phy %s",
4898 bss->ifname, drv->phyname);
4899
4900 if (set_addr &&
4901 (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 0) ||
4902 linux_set_ifhwaddr(drv->global->ioctl_sock, bss->ifname,
4903 set_addr)))
4904 return -1;
4905
4906 if (first && nl80211_get_ifmode(bss) == NL80211_IFTYPE_AP)
4907 drv->start_mode_ap = 1;
4908
4909 if (drv->hostapd || bss->static_ap)
4910 nlmode = NL80211_IFTYPE_AP;
4911 else if (bss->if_dynamic)
4912 nlmode = nl80211_get_ifmode(bss);
4913 else
4914 nlmode = NL80211_IFTYPE_STATION;
4915
4916 if (wpa_driver_nl80211_set_mode(bss, nlmode) < 0) {
4917 wpa_printf(MSG_ERROR, "nl80211: Could not configure driver mode");
4918 return -1;
4919 }
4920
4921 if (nlmode == NL80211_IFTYPE_P2P_DEVICE)
4922 nl80211_get_macaddr(bss);
4923
4924 if (!rfkill_is_blocked(drv->rfkill)) {
4925 int ret = i802_set_iface_flags(bss, 1);
4926 if (ret) {
4927 wpa_printf(MSG_ERROR, "nl80211: Could not set "
4928 "interface '%s' UP", bss->ifname);
4929 return ret;
4930 }
4931 if (nlmode == NL80211_IFTYPE_P2P_DEVICE)
4932 return ret;
4933 } else {
4934 wpa_printf(MSG_DEBUG, "nl80211: Could not yet enable "
4935 "interface '%s' due to rfkill", bss->ifname);
4936 if (nlmode == NL80211_IFTYPE_P2P_DEVICE)
4937 return 0;
4938 drv->if_disabled = 1;
4939 send_rfkill_event = 1;
4940 }
4941
4942 if (!drv->hostapd)
4943 netlink_send_oper_ifla(drv->global->netlink, drv->ifindex,
4944 1, IF_OPER_DORMANT);
4945
4946 if (linux_get_ifhwaddr(drv->global->ioctl_sock, bss->ifname,
4947 bss->addr))
4948 return -1;
4949 os_memcpy(drv->perm_addr, bss->addr, ETH_ALEN);
4950
4951 if (send_rfkill_event) {
4952 eloop_register_timeout(0, 0, wpa_driver_nl80211_send_rfkill,
4953 drv, drv->ctx);
4954 }
4955
4956 return 0;
4957 }
4958
4959
4960 static int wpa_driver_nl80211_del_beacon(struct wpa_driver_nl80211_data *drv)
4961 {
4962 struct nl_msg *msg;
4963
4964 msg = nlmsg_alloc();
4965 if (!msg)
4966 return -ENOMEM;
4967
4968 wpa_printf(MSG_DEBUG, "nl80211: Remove beacon (ifindex=%d)",
4969 drv->ifindex);
4970 nl80211_cmd(drv, msg, 0, NL80211_CMD_DEL_BEACON);
4971 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
4972
4973 return send_and_recv_msgs(drv, msg, NULL, NULL);
4974 nla_put_failure:
4975 nlmsg_free(msg);
4976 return -ENOBUFS;
4977 }
4978
4979
4980 /**
4981 * wpa_driver_nl80211_deinit - Deinitialize nl80211 driver interface
4982 * @bss: Pointer to private nl80211 data from wpa_driver_nl80211_init()
4983 *
4984 * Shut down driver interface and processing of driver events. Free
4985 * private data buffer if one was allocated in wpa_driver_nl80211_init().
4986 */
4987 static void wpa_driver_nl80211_deinit(struct i802_bss *bss)
4988 {
4989 struct wpa_driver_nl80211_data *drv = bss->drv;
4990
4991 bss->in_deinit = 1;
4992 if (drv->data_tx_status)
4993 eloop_unregister_read_sock(drv->eapol_tx_sock);
4994 if (drv->eapol_tx_sock >= 0)
4995 close(drv->eapol_tx_sock);
4996
4997 if (bss->nl_preq)
4998 wpa_driver_nl80211_probe_req_report(bss, 0);
4999 if (bss->added_if_into_bridge) {
5000 if (linux_br_del_if(drv->global->ioctl_sock, bss->brname,
5001 bss->ifname) < 0)
5002 wpa_printf(MSG_INFO, "nl80211: Failed to remove "
5003 "interface %s from bridge %s: %s",
5004 bss->ifname, bss->brname, strerror(errno));
5005 if (drv->rtnl_sk)
5006 nl80211_handle_destroy(drv->rtnl_sk);
5007 }
5008 if (bss->added_bridge) {
5009 if (linux_br_del(drv->global->ioctl_sock, bss->brname) < 0)
5010 wpa_printf(MSG_INFO, "nl80211: Failed to remove "
5011 "bridge %s: %s",
5012 bss->brname, strerror(errno));
5013 }
5014
5015 nl80211_remove_monitor_interface(drv);
5016
5017 if (is_ap_interface(drv->nlmode))
5018 wpa_driver_nl80211_del_beacon(drv);
5019
5020 if (drv->eapol_sock >= 0) {
5021 eloop_unregister_read_sock(drv->eapol_sock);
5022 close(drv->eapol_sock);
5023 }
5024
5025 if (drv->if_indices != drv->default_if_indices)
5026 os_free(drv->if_indices);
5027
5028 if (drv->disabled_11b_rates)
5029 nl80211_disable_11b_rates(drv, drv->ifindex, 0);
5030
5031 netlink_send_oper_ifla(drv->global->netlink, drv->ifindex, 0,
5032 IF_OPER_UP);
5033 eloop_cancel_timeout(wpa_driver_nl80211_send_rfkill, drv, drv->ctx);
5034 rfkill_deinit(drv->rfkill);
5035
5036 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv, drv->ctx);
5037
5038 if (!drv->start_iface_up)
5039 (void) i802_set_iface_flags(bss, 0);
5040
5041 if (drv->addr_changed) {
5042 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname,
5043 0) < 0) {
5044 wpa_printf(MSG_DEBUG,
5045 "nl80211: Could not set interface down to restore permanent MAC address");
5046 }
5047 if (linux_set_ifhwaddr(drv->global->ioctl_sock, bss->ifname,
5048 drv->perm_addr) < 0) {
5049 wpa_printf(MSG_DEBUG,
5050 "nl80211: Could not restore permanent MAC address");
5051 }
5052 }
5053
5054 if (drv->nlmode != NL80211_IFTYPE_P2P_DEVICE) {
5055 if (!drv->hostapd || !drv->start_mode_ap)
5056 wpa_driver_nl80211_set_mode(bss,
5057 NL80211_IFTYPE_STATION);
5058 nl80211_mgmt_unsubscribe(bss, "deinit");
5059 } else {
5060 nl80211_mgmt_unsubscribe(bss, "deinit");
5061 nl80211_del_p2pdev(bss);
5062 }
5063 nl_cb_put(drv->nl_cb);
5064
5065 nl80211_destroy_bss(drv->first_bss);
5066
5067 os_free(drv->filter_ssids);
5068
5069 os_free(drv->auth_ie);
5070
5071 if (drv->in_interface_list)
5072 dl_list_del(&drv->list);
5073
5074 os_free(drv->extended_capa);
5075 os_free(drv->extended_capa_mask);
5076 os_free(drv->first_bss);
5077 os_free(drv);
5078 }
5079
5080
5081 /**
5082 * wpa_driver_nl80211_scan_timeout - Scan timeout to report scan completion
5083 * @eloop_ctx: Driver private data
5084 * @timeout_ctx: ctx argument given to wpa_driver_nl80211_init()
5085 *
5086 * This function can be used as registered timeout when starting a scan to
5087 * generate a scan completed event if the driver does not report this.
5088 */
5089 static void wpa_driver_nl80211_scan_timeout(void *eloop_ctx, void *timeout_ctx)
5090 {
5091 struct wpa_driver_nl80211_data *drv = eloop_ctx;
5092 if (drv->ap_scan_as_station != NL80211_IFTYPE_UNSPECIFIED) {
5093 wpa_driver_nl80211_set_mode(drv->first_bss,
5094 drv->ap_scan_as_station);
5095 drv->ap_scan_as_station = NL80211_IFTYPE_UNSPECIFIED;
5096 }
5097 wpa_printf(MSG_DEBUG, "Scan timeout - try to get results");
5098 wpa_supplicant_event(timeout_ctx, EVENT_SCAN_RESULTS, NULL);
5099 }
5100
5101
5102 static struct nl_msg *
5103 nl80211_scan_common(struct wpa_driver_nl80211_data *drv, u8 cmd,
5104 struct wpa_driver_scan_params *params, u64 *wdev_id)
5105 {
5106 struct nl_msg *msg;
5107 size_t i;
5108 u32 scan_flags = 0;
5109
5110 msg = nlmsg_alloc();
5111 if (!msg)
5112 return NULL;
5113
5114 nl80211_cmd(drv, msg, 0, cmd);
5115
5116 if (!wdev_id)
5117 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
5118 else
5119 NLA_PUT_U64(msg, NL80211_ATTR_WDEV, *wdev_id);
5120
5121 if (params->num_ssids) {
5122 struct nlattr *ssids;
5123
5124 ssids = nla_nest_start(msg, NL80211_ATTR_SCAN_SSIDS);
5125 if (ssids == NULL)
5126 goto fail;
5127 for (i = 0; i < params->num_ssids; i++) {
5128 wpa_hexdump_ascii(MSG_MSGDUMP, "nl80211: Scan SSID",
5129 params->ssids[i].ssid,
5130 params->ssids[i].ssid_len);
5131 if (nla_put(msg, i + 1, params->ssids[i].ssid_len,
5132 params->ssids[i].ssid) < 0)
5133 goto fail;
5134 }
5135 nla_nest_end(msg, ssids);
5136 }
5137
5138 if (params->extra_ies) {
5139 wpa_hexdump(MSG_MSGDUMP, "nl80211: Scan extra IEs",
5140 params->extra_ies, params->extra_ies_len);
5141 if (nla_put(msg, NL80211_ATTR_IE, params->extra_ies_len,
5142 params->extra_ies) < 0)
5143 goto fail;
5144 }
5145
5146 if (params->freqs) {
5147 struct nlattr *freqs;
5148 freqs = nla_nest_start(msg, NL80211_ATTR_SCAN_FREQUENCIES);
5149 if (freqs == NULL)
5150 goto fail;
5151 for (i = 0; params->freqs[i]; i++) {
5152 wpa_printf(MSG_MSGDUMP, "nl80211: Scan frequency %u "
5153 "MHz", params->freqs[i]);
5154 if (nla_put_u32(msg, i + 1, params->freqs[i]) < 0)
5155 goto fail;
5156 }
5157 nla_nest_end(msg, freqs);
5158 }
5159
5160 os_free(drv->filter_ssids);
5161 drv->filter_ssids = params->filter_ssids;
5162 params->filter_ssids = NULL;
5163 drv->num_filter_ssids = params->num_filter_ssids;
5164
5165 if (params->only_new_results) {
5166 wpa_printf(MSG_DEBUG, "nl80211: Add NL80211_SCAN_FLAG_FLUSH");
5167 scan_flags |= NL80211_SCAN_FLAG_FLUSH;
5168 }
5169
5170 if (params->low_priority && drv->have_low_prio_scan) {
5171 wpa_printf(MSG_DEBUG,
5172 "nl80211: Add NL80211_SCAN_FLAG_LOW_PRIORITY");
5173 scan_flags |= NL80211_SCAN_FLAG_LOW_PRIORITY;
5174 }
5175
5176 if (scan_flags)
5177 NLA_PUT_U32(msg, NL80211_ATTR_SCAN_FLAGS, scan_flags);
5178
5179 return msg;
5180
5181 fail:
5182 nla_put_failure:
5183 nlmsg_free(msg);
5184 return NULL;
5185 }
5186
5187
5188 /**
5189 * wpa_driver_nl80211_scan - Request the driver to initiate scan
5190 * @bss: Pointer to private driver data from wpa_driver_nl80211_init()
5191 * @params: Scan parameters
5192 * Returns: 0 on success, -1 on failure
5193 */
5194 static int wpa_driver_nl80211_scan(struct i802_bss *bss,
5195 struct wpa_driver_scan_params *params)
5196 {
5197 struct wpa_driver_nl80211_data *drv = bss->drv;
5198 int ret = -1, timeout;
5199 struct nl_msg *msg = NULL;
5200
5201 wpa_dbg(drv->ctx, MSG_DEBUG, "nl80211: scan request");
5202 drv->scan_for_auth = 0;
5203
5204 msg = nl80211_scan_common(drv, NL80211_CMD_TRIGGER_SCAN, params,
5205 bss->wdev_id_set ? &bss->wdev_id : NULL);
5206 if (!msg)
5207 return -1;
5208
5209 if (params->p2p_probe) {
5210 struct nlattr *rates;
5211
5212 wpa_printf(MSG_DEBUG, "nl80211: P2P probe - mask SuppRates");
5213
5214 rates = nla_nest_start(msg, NL80211_ATTR_SCAN_SUPP_RATES);
5215 if (rates == NULL)
5216 goto nla_put_failure;
5217
5218 /*
5219 * Remove 2.4 GHz rates 1, 2, 5.5, 11 Mbps from supported rates
5220 * by masking out everything else apart from the OFDM rates 6,
5221 * 9, 12, 18, 24, 36, 48, 54 Mbps from non-MCS rates. All 5 GHz
5222 * rates are left enabled.
5223 */
5224 NLA_PUT(msg, NL80211_BAND_2GHZ, 8,
5225 "\x0c\x12\x18\x24\x30\x48\x60\x6c");
5226 nla_nest_end(msg, rates);
5227
5228 NLA_PUT_FLAG(msg, NL80211_ATTR_TX_NO_CCK_RATE);
5229 }
5230
5231 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
5232 msg = NULL;
5233 if (ret) {
5234 wpa_printf(MSG_DEBUG, "nl80211: Scan trigger failed: ret=%d "
5235 "(%s)", ret, strerror(-ret));
5236 if (drv->hostapd && is_ap_interface(drv->nlmode)) {
5237 enum nl80211_iftype old_mode = drv->nlmode;
5238
5239 /*
5240 * mac80211 does not allow scan requests in AP mode, so
5241 * try to do this in station mode.
5242 */
5243 if (wpa_driver_nl80211_set_mode(
5244 bss, NL80211_IFTYPE_STATION))
5245 goto nla_put_failure;
5246
5247 if (wpa_driver_nl80211_scan(bss, params)) {
5248 wpa_driver_nl80211_set_mode(bss, drv->nlmode);
5249 goto nla_put_failure;
5250 }
5251
5252 /* Restore AP mode when processing scan results */
5253 drv->ap_scan_as_station = old_mode;
5254 ret = 0;
5255 } else
5256 goto nla_put_failure;
5257 }
5258
5259 drv->scan_state = SCAN_REQUESTED;
5260 /* Not all drivers generate "scan completed" wireless event, so try to
5261 * read results after a timeout. */
5262 timeout = 10;
5263 if (drv->scan_complete_events) {
5264 /*
5265 * The driver seems to deliver events to notify when scan is
5266 * complete, so use longer timeout to avoid race conditions
5267 * with scanning and following association request.
5268 */
5269 timeout = 30;
5270 }
5271 wpa_printf(MSG_DEBUG, "Scan requested (ret=%d) - scan timeout %d "
5272 "seconds", ret, timeout);
5273 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv, drv->ctx);
5274 eloop_register_timeout(timeout, 0, wpa_driver_nl80211_scan_timeout,
5275 drv, drv->ctx);
5276
5277 nla_put_failure:
5278 nlmsg_free(msg);
5279 return ret;
5280 }
5281
5282
5283 /**
5284 * wpa_driver_nl80211_sched_scan - Initiate a scheduled scan
5285 * @priv: Pointer to private driver data from wpa_driver_nl80211_init()
5286 * @params: Scan parameters
5287 * @interval: Interval between scan cycles in milliseconds
5288 * Returns: 0 on success, -1 on failure or if not supported
5289 */
5290 static int wpa_driver_nl80211_sched_scan(void *priv,
5291 struct wpa_driver_scan_params *params,
5292 u32 interval)
5293 {
5294 struct i802_bss *bss = priv;
5295 struct wpa_driver_nl80211_data *drv = bss->drv;
5296 int ret = -1;
5297 struct nl_msg *msg;
5298 size_t i;
5299
5300 wpa_dbg(drv->ctx, MSG_DEBUG, "nl80211: sched_scan request");
5301
5302 #ifdef ANDROID
5303 if (!drv->capa.sched_scan_supported)
5304 return android_pno_start(bss, params);
5305 #endif /* ANDROID */
5306
5307 msg = nl80211_scan_common(drv, NL80211_CMD_START_SCHED_SCAN, params,
5308 bss->wdev_id_set ? &bss->wdev_id : NULL);
5309 if (!msg)
5310 goto nla_put_failure;
5311
5312 NLA_PUT_U32(msg, NL80211_ATTR_SCHED_SCAN_INTERVAL, interval);
5313
5314 if ((drv->num_filter_ssids &&
5315 (int) drv->num_filter_ssids <= drv->capa.max_match_sets) ||
5316 params->filter_rssi) {
5317 struct nlattr *match_sets;
5318 match_sets = nla_nest_start(msg, NL80211_ATTR_SCHED_SCAN_MATCH);
5319 if (match_sets == NULL)
5320 goto nla_put_failure;
5321
5322 for (i = 0; i < drv->num_filter_ssids; i++) {
5323 struct nlattr *match_set_ssid;
5324 wpa_hexdump_ascii(MSG_MSGDUMP,
5325 "nl80211: Sched scan filter SSID",
5326 drv->filter_ssids[i].ssid,
5327 drv->filter_ssids[i].ssid_len);
5328
5329 match_set_ssid = nla_nest_start(msg, i + 1);
5330 if (match_set_ssid == NULL)
5331 goto nla_put_failure;
5332 NLA_PUT(msg, NL80211_ATTR_SCHED_SCAN_MATCH_SSID,
5333 drv->filter_ssids[i].ssid_len,
5334 drv->filter_ssids[i].ssid);
5335 if (params->filter_rssi)
5336 NLA_PUT_U32(msg,
5337 NL80211_SCHED_SCAN_MATCH_ATTR_RSSI,
5338 params->filter_rssi);
5339
5340 nla_nest_end(msg, match_set_ssid);
5341 }
5342
5343 /*
5344 * Due to backward compatibility code, newer kernels treat this
5345 * matchset (with only an RSSI filter) as the default for all
5346 * other matchsets, unless it's the only one, in which case the
5347 * matchset will actually allow all SSIDs above the RSSI.
5348 */
5349 if (params->filter_rssi) {
5350 struct nlattr *match_set_rssi;
5351 match_set_rssi = nla_nest_start(msg, 0);
5352 if (match_set_rssi == NULL)
5353 goto nla_put_failure;
5354 NLA_PUT_U32(msg, NL80211_SCHED_SCAN_MATCH_ATTR_RSSI,
5355 params->filter_rssi);
5356 wpa_printf(MSG_MSGDUMP,
5357 "nl80211: Sched scan RSSI filter %d dBm",
5358 params->filter_rssi);
5359 nla_nest_end(msg, match_set_rssi);
5360 }
5361
5362 nla_nest_end(msg, match_sets);
5363 }
5364
5365 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
5366
5367 /* TODO: if we get an error here, we should fall back to normal scan */
5368
5369 msg = NULL;
5370 if (ret) {
5371 wpa_printf(MSG_DEBUG, "nl80211: Sched scan start failed: "
5372 "ret=%d (%s)", ret, strerror(-ret));
5373 goto nla_put_failure;
5374 }
5375
5376 wpa_printf(MSG_DEBUG, "nl80211: Sched scan requested (ret=%d) - "
5377 "scan interval %d msec", ret, interval);
5378
5379 nla_put_failure:
5380 nlmsg_free(msg);
5381 return ret;
5382 }
5383
5384
5385 /**
5386 * wpa_driver_nl80211_stop_sched_scan - Stop a scheduled scan
5387 * @priv: Pointer to private driver data from wpa_driver_nl80211_init()
5388 * Returns: 0 on success, -1 on failure or if not supported
5389 */
5390 static int wpa_driver_nl80211_stop_sched_scan(void *priv)
5391 {
5392 struct i802_bss *bss = priv;
5393 struct wpa_driver_nl80211_data *drv = bss->drv;
5394 int ret = 0;
5395 struct nl_msg *msg;
5396
5397 #ifdef ANDROID
5398 if (!drv->capa.sched_scan_supported)
5399 return android_pno_stop(bss);
5400 #endif /* ANDROID */
5401
5402 msg = nlmsg_alloc();
5403 if (!msg)
5404 return -1;
5405
5406 nl80211_cmd(drv, msg, 0, NL80211_CMD_STOP_SCHED_SCAN);
5407
5408 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
5409
5410 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
5411 msg = NULL;
5412 if (ret) {
5413 wpa_printf(MSG_DEBUG, "nl80211: Sched scan stop failed: "
5414 "ret=%d (%s)", ret, strerror(-ret));
5415 goto nla_put_failure;
5416 }
5417
5418 wpa_printf(MSG_DEBUG, "nl80211: Sched scan stop sent (ret=%d)", ret);
5419
5420 nla_put_failure:
5421 nlmsg_free(msg);
5422 return ret;
5423 }
5424
5425
5426 static const u8 * nl80211_get_ie(const u8 *ies, size_t ies_len, u8 ie)
5427 {
5428 const u8 *end, *pos;
5429
5430 if (ies == NULL)
5431 return NULL;
5432
5433 pos = ies;
5434 end = ies + ies_len;
5435
5436 while (pos + 1 < end) {
5437 if (pos + 2 + pos[1] > end)
5438 break;
5439 if (pos[0] == ie)
5440 return pos;
5441 pos += 2 + pos[1];
5442 }
5443
5444 return NULL;
5445 }
5446
5447
5448 static int nl80211_scan_filtered(struct wpa_driver_nl80211_data *drv,
5449 const u8 *ie, size_t ie_len)
5450 {
5451 const u8 *ssid;
5452 size_t i;
5453
5454 if (drv->filter_ssids == NULL)
5455 return 0;
5456
5457 ssid = nl80211_get_ie(ie, ie_len, WLAN_EID_SSID);
5458 if (ssid == NULL)
5459 return 1;
5460
5461 for (i = 0; i < drv->num_filter_ssids; i++) {
5462 if (ssid[1] == drv->filter_ssids[i].ssid_len &&
5463 os_memcmp(ssid + 2, drv->filter_ssids[i].ssid, ssid[1]) ==
5464 0)
5465 return 0;
5466 }
5467
5468 return 1;
5469 }
5470
5471
5472 static int bss_info_handler(struct nl_msg *msg, void *arg)
5473 {
5474 struct nlattr *tb[NL80211_ATTR_MAX + 1];
5475 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
5476 struct nlattr *bss[NL80211_BSS_MAX + 1];
5477 static struct nla_policy bss_policy[NL80211_BSS_MAX + 1] = {
5478 [NL80211_BSS_BSSID] = { .type = NLA_UNSPEC },
5479 [NL80211_BSS_FREQUENCY] = { .type = NLA_U32 },
5480 [NL80211_BSS_TSF] = { .type = NLA_U64 },
5481 [NL80211_BSS_BEACON_INTERVAL] = { .type = NLA_U16 },
5482 [NL80211_BSS_CAPABILITY] = { .type = NLA_U16 },
5483 [NL80211_BSS_INFORMATION_ELEMENTS] = { .type = NLA_UNSPEC },
5484 [NL80211_BSS_SIGNAL_MBM] = { .type = NLA_U32 },
5485 [NL80211_BSS_SIGNAL_UNSPEC] = { .type = NLA_U8 },
5486 [NL80211_BSS_STATUS] = { .type = NLA_U32 },
5487 [NL80211_BSS_SEEN_MS_AGO] = { .type = NLA_U32 },
5488 [NL80211_BSS_BEACON_IES] = { .type = NLA_UNSPEC },
5489 };
5490 struct nl80211_bss_info_arg *_arg = arg;
5491 struct wpa_scan_results *res = _arg->res;
5492 struct wpa_scan_res **tmp;
5493 struct wpa_scan_res *r;
5494 const u8 *ie, *beacon_ie;
5495 size_t ie_len, beacon_ie_len;
5496 u8 *pos;
5497 size_t i;
5498
5499 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
5500 genlmsg_attrlen(gnlh, 0), NULL);
5501 if (!tb[NL80211_ATTR_BSS])
5502 return NL_SKIP;
5503 if (nla_parse_nested(bss, NL80211_BSS_MAX, tb[NL80211_ATTR_BSS],
5504 bss_policy))
5505 return NL_SKIP;
5506 if (bss[NL80211_BSS_STATUS]) {
5507 enum nl80211_bss_status status;
5508 status = nla_get_u32(bss[NL80211_BSS_STATUS]);
5509 if (status == NL80211_BSS_STATUS_ASSOCIATED &&
5510 bss[NL80211_BSS_FREQUENCY]) {
5511 _arg->assoc_freq =
5512 nla_get_u32(bss[NL80211_BSS_FREQUENCY]);
5513 wpa_printf(MSG_DEBUG, "nl80211: Associated on %u MHz",
5514 _arg->assoc_freq);
5515 }
5516 if (status == NL80211_BSS_STATUS_IBSS_JOINED &&
5517 bss[NL80211_BSS_FREQUENCY]) {
5518 _arg->ibss_freq =
5519 nla_get_u32(bss[NL80211_BSS_FREQUENCY]);
5520 wpa_printf(MSG_DEBUG, "nl80211: IBSS-joined on %u MHz",
5521 _arg->ibss_freq);
5522 }
5523 if (status == NL80211_BSS_STATUS_ASSOCIATED &&
5524 bss[NL80211_BSS_BSSID]) {
5525 os_memcpy(_arg->assoc_bssid,
5526 nla_data(bss[NL80211_BSS_BSSID]), ETH_ALEN);
5527 wpa_printf(MSG_DEBUG, "nl80211: Associated with "
5528 MACSTR, MAC2STR(_arg->assoc_bssid));
5529 }
5530 }
5531 if (!res)
5532 return NL_SKIP;
5533 if (bss[NL80211_BSS_INFORMATION_ELEMENTS]) {
5534 ie = nla_data(bss[NL80211_BSS_INFORMATION_ELEMENTS]);
5535 ie_len = nla_len(bss[NL80211_BSS_INFORMATION_ELEMENTS]);
5536 } else {
5537 ie = NULL;
5538 ie_len = 0;
5539 }
5540 if (bss[NL80211_BSS_BEACON_IES]) {
5541 beacon_ie = nla_data(bss[NL80211_BSS_BEACON_IES]);
5542 beacon_ie_len = nla_len(bss[NL80211_BSS_BEACON_IES]);
5543 } else {
5544 beacon_ie = NULL;
5545 beacon_ie_len = 0;
5546 }
5547
5548 if (nl80211_scan_filtered(_arg->drv, ie ? ie : beacon_ie,
5549 ie ? ie_len : beacon_ie_len))
5550 return NL_SKIP;
5551
5552 r = os_zalloc(sizeof(*r) + ie_len + beacon_ie_len);
5553 if (r == NULL)
5554 return NL_SKIP;
5555 if (bss[NL80211_BSS_BSSID])
5556 os_memcpy(r->bssid, nla_data(bss[NL80211_BSS_BSSID]),
5557 ETH_ALEN);
5558 if (bss[NL80211_BSS_FREQUENCY])
5559 r->freq = nla_get_u32(bss[NL80211_BSS_FREQUENCY]);
5560 if (bss[NL80211_BSS_BEACON_INTERVAL])
5561 r->beacon_int = nla_get_u16(bss[NL80211_BSS_BEACON_INTERVAL]);
5562 if (bss[NL80211_BSS_CAPABILITY])
5563 r->caps = nla_get_u16(bss[NL80211_BSS_CAPABILITY]);
5564 r->flags |= WPA_SCAN_NOISE_INVALID;
5565 if (bss[NL80211_BSS_SIGNAL_MBM]) {
5566 r->level = nla_get_u32(bss[NL80211_BSS_SIGNAL_MBM]);
5567 r->level /= 100; /* mBm to dBm */
5568 r->flags |= WPA_SCAN_LEVEL_DBM | WPA_SCAN_QUAL_INVALID;
5569 } else if (bss[NL80211_BSS_SIGNAL_UNSPEC]) {
5570 r->level = nla_get_u8(bss[NL80211_BSS_SIGNAL_UNSPEC]);
5571 r->flags |= WPA_SCAN_QUAL_INVALID;
5572 } else
5573 r->flags |= WPA_SCAN_LEVEL_INVALID | WPA_SCAN_QUAL_INVALID;
5574 if (bss[NL80211_BSS_TSF])
5575 r->tsf = nla_get_u64(bss[NL80211_BSS_TSF]);
5576 if (bss[NL80211_BSS_SEEN_MS_AGO])
5577 r->age = nla_get_u32(bss[NL80211_BSS_SEEN_MS_AGO]);
5578 r->ie_len = ie_len;
5579 pos = (u8 *) (r + 1);
5580 if (ie) {
5581 os_memcpy(pos, ie, ie_len);
5582 pos += ie_len;
5583 }
5584 r->beacon_ie_len = beacon_ie_len;
5585 if (beacon_ie)
5586 os_memcpy(pos, beacon_ie, beacon_ie_len);
5587
5588 if (bss[NL80211_BSS_STATUS]) {
5589 enum nl80211_bss_status status;
5590 status = nla_get_u32(bss[NL80211_BSS_STATUS]);
5591 switch (status) {
5592 case NL80211_BSS_STATUS_AUTHENTICATED:
5593 r->flags |= WPA_SCAN_AUTHENTICATED;
5594 break;
5595 case NL80211_BSS_STATUS_ASSOCIATED:
5596 r->flags |= WPA_SCAN_ASSOCIATED;
5597 break;
5598 default:
5599 break;
5600 }
5601 }
5602
5603 /*
5604 * cfg80211 maintains separate BSS table entries for APs if the same
5605 * BSSID,SSID pair is seen on multiple channels. wpa_supplicant does
5606 * not use frequency as a separate key in the BSS table, so filter out
5607 * duplicated entries. Prefer associated BSS entry in such a case in
5608 * order to get the correct frequency into the BSS table. Similarly,
5609 * prefer newer entries over older.
5610 */
5611 for (i = 0; i < res->num; i++) {
5612 const u8 *s1, *s2;
5613 if (os_memcmp(res->res[i]->bssid, r->bssid, ETH_ALEN) != 0)
5614 continue;
5615
5616 s1 = nl80211_get_ie((u8 *) (res->res[i] + 1),
5617 res->res[i]->ie_len, WLAN_EID_SSID);
5618 s2 = nl80211_get_ie((u8 *) (r + 1), r->ie_len, WLAN_EID_SSID);
5619 if (s1 == NULL || s2 == NULL || s1[1] != s2[1] ||
5620 os_memcmp(s1, s2, 2 + s1[1]) != 0)
5621 continue;
5622
5623 /* Same BSSID,SSID was already included in scan results */
5624 wpa_printf(MSG_DEBUG, "nl80211: Remove duplicated scan result "
5625 "for " MACSTR, MAC2STR(r->bssid));
5626
5627 if (((r->flags & WPA_SCAN_ASSOCIATED) &&
5628 !(res->res[i]->flags & WPA_SCAN_ASSOCIATED)) ||
5629 r->age < res->res[i]->age) {
5630 os_free(res->res[i]);
5631 res->res[i] = r;
5632 } else
5633 os_free(r);
5634 return NL_SKIP;
5635 }
5636
5637 tmp = os_realloc_array(res->res, res->num + 1,
5638 sizeof(struct wpa_scan_res *));
5639 if (tmp == NULL) {
5640 os_free(r);
5641 return NL_SKIP;
5642 }
5643 tmp[res->num++] = r;
5644 res->res = tmp;
5645
5646 return NL_SKIP;
5647 }
5648
5649
5650 static void clear_state_mismatch(struct wpa_driver_nl80211_data *drv,
5651 const u8 *addr)
5652 {
5653 if (drv->capa.flags & WPA_DRIVER_FLAGS_SME) {
5654 wpa_printf(MSG_DEBUG, "nl80211: Clear possible state "
5655 "mismatch (" MACSTR ")", MAC2STR(addr));
5656 wpa_driver_nl80211_mlme(drv, addr,
5657 NL80211_CMD_DEAUTHENTICATE,
5658 WLAN_REASON_PREV_AUTH_NOT_VALID, 1);
5659 }
5660 }
5661
5662
5663 static void wpa_driver_nl80211_check_bss_status(
5664 struct wpa_driver_nl80211_data *drv, struct wpa_scan_results *res)
5665 {
5666 size_t i;
5667
5668 for (i = 0; i < res->num; i++) {
5669 struct wpa_scan_res *r = res->res[i];
5670 if (r->flags & WPA_SCAN_AUTHENTICATED) {
5671 wpa_printf(MSG_DEBUG, "nl80211: Scan results "
5672 "indicates BSS status with " MACSTR
5673 " as authenticated",
5674 MAC2STR(r->bssid));
5675 if (is_sta_interface(drv->nlmode) &&
5676 os_memcmp(r->bssid, drv->bssid, ETH_ALEN) != 0 &&
5677 os_memcmp(r->bssid, drv->auth_bssid, ETH_ALEN) !=
5678 0) {
5679 wpa_printf(MSG_DEBUG, "nl80211: Unknown BSSID"
5680 " in local state (auth=" MACSTR
5681 " assoc=" MACSTR ")",
5682 MAC2STR(drv->auth_bssid),
5683 MAC2STR(drv->bssid));
5684 clear_state_mismatch(drv, r->bssid);
5685 }
5686 }
5687
5688 if (r->flags & WPA_SCAN_ASSOCIATED) {
5689 wpa_printf(MSG_DEBUG, "nl80211: Scan results "
5690 "indicate BSS status with " MACSTR
5691 " as associated",
5692 MAC2STR(r->bssid));
5693 if (is_sta_interface(drv->nlmode) &&
5694 !drv->associated) {
5695 wpa_printf(MSG_DEBUG, "nl80211: Local state "
5696 "(not associated) does not match "
5697 "with BSS state");
5698 clear_state_mismatch(drv, r->bssid);
5699 } else if (is_sta_interface(drv->nlmode) &&
5700 os_memcmp(drv->bssid, r->bssid, ETH_ALEN) !=
5701 0) {
5702 wpa_printf(MSG_DEBUG, "nl80211: Local state "
5703 "(associated with " MACSTR ") does "
5704 "not match with BSS state",
5705 MAC2STR(drv->bssid));
5706 clear_state_mismatch(drv, r->bssid);
5707 clear_state_mismatch(drv, drv->bssid);
5708 }
5709 }
5710 }
5711 }
5712
5713
5714 static struct wpa_scan_results *
5715 nl80211_get_scan_results(struct wpa_driver_nl80211_data *drv)
5716 {
5717 struct nl_msg *msg;
5718 struct wpa_scan_results *res;
5719 int ret;
5720 struct nl80211_bss_info_arg arg;
5721
5722 res = os_zalloc(sizeof(*res));
5723 if (res == NULL)
5724 return NULL;
5725 msg = nlmsg_alloc();
5726 if (!msg)
5727 goto nla_put_failure;
5728
5729 nl80211_cmd(drv, msg, NLM_F_DUMP, NL80211_CMD_GET_SCAN);
5730 if (nl80211_set_iface_id(msg, drv->first_bss) < 0)
5731 goto nla_put_failure;
5732
5733 arg.drv = drv;
5734 arg.res = res;
5735 ret = send_and_recv_msgs(drv, msg, bss_info_handler, &arg);
5736 msg = NULL;
5737 if (ret == 0) {
5738 wpa_printf(MSG_DEBUG, "nl80211: Received scan results (%lu "
5739 "BSSes)", (unsigned long) res->num);
5740 nl80211_get_noise_for_scan_results(drv, res);
5741 return res;
5742 }
5743 wpa_printf(MSG_DEBUG, "nl80211: Scan result fetch failed: ret=%d "
5744 "(%s)", ret, strerror(-ret));
5745 nla_put_failure:
5746 nlmsg_free(msg);
5747 wpa_scan_results_free(res);
5748 return NULL;
5749 }
5750
5751
5752 /**
5753 * wpa_driver_nl80211_get_scan_results - Fetch the latest scan results
5754 * @priv: Pointer to private wext data from wpa_driver_nl80211_init()
5755 * Returns: Scan results on success, -1 on failure
5756 */
5757 static struct wpa_scan_results *
5758 wpa_driver_nl80211_get_scan_results(void *priv)
5759 {
5760 struct i802_bss *bss = priv;
5761 struct wpa_driver_nl80211_data *drv = bss->drv;
5762 struct wpa_scan_results *res;
5763
5764 res = nl80211_get_scan_results(drv);
5765 if (res)
5766 wpa_driver_nl80211_check_bss_status(drv, res);
5767 return res;
5768 }
5769
5770
5771 static void nl80211_dump_scan(struct wpa_driver_nl80211_data *drv)
5772 {
5773 struct wpa_scan_results *res;
5774 size_t i;
5775
5776 res = nl80211_get_scan_results(drv);
5777 if (res == NULL) {
5778 wpa_printf(MSG_DEBUG, "nl80211: Failed to get scan results");
5779 return;
5780 }
5781
5782 wpa_printf(MSG_DEBUG, "nl80211: Scan result dump");
5783 for (i = 0; i < res->num; i++) {
5784 struct wpa_scan_res *r = res->res[i];
5785 wpa_printf(MSG_DEBUG, "nl80211: %d/%d " MACSTR "%s%s",
5786 (int) i, (int) res->num, MAC2STR(r->bssid),
5787 r->flags & WPA_SCAN_AUTHENTICATED ? " [auth]" : "",
5788 r->flags & WPA_SCAN_ASSOCIATED ? " [assoc]" : "");
5789 }
5790
5791 wpa_scan_results_free(res);
5792 }
5793
5794
5795 static u32 wpa_alg_to_cipher_suite(enum wpa_alg alg, size_t key_len)
5796 {
5797 switch (alg) {
5798 case WPA_ALG_WEP:
5799 if (key_len == 5)
5800 return WLAN_CIPHER_SUITE_WEP40;
5801 return WLAN_CIPHER_SUITE_WEP104;
5802 case WPA_ALG_TKIP:
5803 return WLAN_CIPHER_SUITE_TKIP;
5804 case WPA_ALG_CCMP:
5805 return WLAN_CIPHER_SUITE_CCMP;
5806 case WPA_ALG_GCMP:
5807 return WLAN_CIPHER_SUITE_GCMP;
5808 case WPA_ALG_CCMP_256:
5809 return WLAN_CIPHER_SUITE_CCMP_256;
5810 case WPA_ALG_GCMP_256:
5811 return WLAN_CIPHER_SUITE_GCMP_256;
5812 case WPA_ALG_IGTK:
5813 return WLAN_CIPHER_SUITE_AES_CMAC;
5814 case WPA_ALG_BIP_GMAC_128:
5815 return WLAN_CIPHER_SUITE_BIP_GMAC_128;
5816 case WPA_ALG_BIP_GMAC_256:
5817 return WLAN_CIPHER_SUITE_BIP_GMAC_256;
5818 case WPA_ALG_BIP_CMAC_256:
5819 return WLAN_CIPHER_SUITE_BIP_CMAC_256;
5820 case WPA_ALG_SMS4:
5821 return WLAN_CIPHER_SUITE_SMS4;
5822 case WPA_ALG_KRK:
5823 return WLAN_CIPHER_SUITE_KRK;
5824 case WPA_ALG_NONE:
5825 case WPA_ALG_PMK:
5826 wpa_printf(MSG_ERROR, "nl80211: Unexpected encryption algorithm %d",
5827 alg);
5828 return 0;
5829 }
5830
5831 wpa_printf(MSG_ERROR, "nl80211: Unsupported encryption algorithm %d",
5832 alg);
5833 return 0;
5834 }
5835
5836
5837 static u32 wpa_cipher_to_cipher_suite(unsigned int cipher)
5838 {
5839 switch (cipher) {
5840 case WPA_CIPHER_CCMP_256:
5841 return WLAN_CIPHER_SUITE_CCMP_256;
5842 case WPA_CIPHER_GCMP_256:
5843 return WLAN_CIPHER_SUITE_GCMP_256;
5844 case WPA_CIPHER_CCMP:
5845 return WLAN_CIPHER_SUITE_CCMP;
5846 case WPA_CIPHER_GCMP:
5847 return WLAN_CIPHER_SUITE_GCMP;
5848 case WPA_CIPHER_TKIP:
5849 return WLAN_CIPHER_SUITE_TKIP;
5850 case WPA_CIPHER_WEP104:
5851 return WLAN_CIPHER_SUITE_WEP104;
5852 case WPA_CIPHER_WEP40:
5853 return WLAN_CIPHER_SUITE_WEP40;
5854 case WPA_CIPHER_GTK_NOT_USED:
5855 return WLAN_CIPHER_SUITE_NO_GROUP_ADDR;
5856 }
5857
5858 return 0;
5859 }
5860
5861
5862 static int wpa_cipher_to_cipher_suites(unsigned int ciphers, u32 suites[],
5863 int max_suites)
5864 {
5865 int num_suites = 0;
5866
5867 if (num_suites < max_suites && ciphers & WPA_CIPHER_CCMP_256)
5868 suites[num_suites++] = WLAN_CIPHER_SUITE_CCMP_256;
5869 if (num_suites < max_suites && ciphers & WPA_CIPHER_GCMP_256)
5870 suites[num_suites++] = WLAN_CIPHER_SUITE_GCMP_256;
5871 if (num_suites < max_suites && ciphers & WPA_CIPHER_CCMP)
5872 suites[num_suites++] = WLAN_CIPHER_SUITE_CCMP;
5873 if (num_suites < max_suites && ciphers & WPA_CIPHER_GCMP)
5874 suites[num_suites++] = WLAN_CIPHER_SUITE_GCMP;
5875 if (num_suites < max_suites && ciphers & WPA_CIPHER_TKIP)
5876 suites[num_suites++] = WLAN_CIPHER_SUITE_TKIP;
5877 if (num_suites < max_suites && ciphers & WPA_CIPHER_WEP104)
5878 suites[num_suites++] = WLAN_CIPHER_SUITE_WEP104;
5879 if (num_suites < max_suites && ciphers & WPA_CIPHER_WEP40)
5880 suites[num_suites++] = WLAN_CIPHER_SUITE_WEP40;
5881
5882 return num_suites;
5883 }
5884
5885
5886 static int wpa_driver_nl80211_set_key(const char *ifname, struct i802_bss *bss,
5887 enum wpa_alg alg, const u8 *addr,
5888 int key_idx, int set_tx,
5889 const u8 *seq, size_t seq_len,
5890 const u8 *key, size_t key_len)
5891 {
5892 struct wpa_driver_nl80211_data *drv = bss->drv;
5893 int ifindex;
5894 struct nl_msg *msg;
5895 int ret;
5896 int tdls = 0;
5897
5898 /* Ignore for P2P Device */
5899 if (drv->nlmode == NL80211_IFTYPE_P2P_DEVICE)
5900 return 0;
5901
5902 ifindex = if_nametoindex(ifname);
5903 wpa_printf(MSG_DEBUG, "%s: ifindex=%d (%s) alg=%d addr=%p key_idx=%d "
5904 "set_tx=%d seq_len=%lu key_len=%lu",
5905 __func__, ifindex, ifname, alg, addr, key_idx, set_tx,
5906 (unsigned long) seq_len, (unsigned long) key_len);
5907 #ifdef CONFIG_TDLS
5908 if (key_idx == -1) {
5909 key_idx = 0;
5910 tdls = 1;
5911 }
5912 #endif /* CONFIG_TDLS */
5913
5914 msg = nlmsg_alloc();
5915 if (!msg)
5916 return -ENOMEM;
5917
5918 if (alg == WPA_ALG_NONE) {
5919 nl80211_cmd(drv, msg, 0, NL80211_CMD_DEL_KEY);
5920 } else {
5921 nl80211_cmd(drv, msg, 0, NL80211_CMD_NEW_KEY);
5922 NLA_PUT(msg, NL80211_ATTR_KEY_DATA, key_len, key);
5923 wpa_hexdump_key(MSG_DEBUG, "nl80211: KEY_DATA", key, key_len);
5924 NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
5925 wpa_alg_to_cipher_suite(alg, key_len));
5926 }
5927
5928 if (seq && seq_len) {
5929 NLA_PUT(msg, NL80211_ATTR_KEY_SEQ, seq_len, seq);
5930 wpa_hexdump(MSG_DEBUG, "nl80211: KEY_SEQ", seq, seq_len);
5931 }
5932
5933 if (addr && !is_broadcast_ether_addr(addr)) {
5934 wpa_printf(MSG_DEBUG, " addr=" MACSTR, MAC2STR(addr));
5935 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
5936
5937 if (alg != WPA_ALG_WEP && key_idx && !set_tx) {
5938 wpa_printf(MSG_DEBUG, " RSN IBSS RX GTK");
5939 NLA_PUT_U32(msg, NL80211_ATTR_KEY_TYPE,
5940 NL80211_KEYTYPE_GROUP);
5941 }
5942 } else if (addr && is_broadcast_ether_addr(addr)) {
5943 struct nlattr *types;
5944
5945 wpa_printf(MSG_DEBUG, " broadcast key");
5946
5947 types = nla_nest_start(msg, NL80211_ATTR_KEY_DEFAULT_TYPES);
5948 if (!types)
5949 goto nla_put_failure;
5950 NLA_PUT_FLAG(msg, NL80211_KEY_DEFAULT_TYPE_MULTICAST);
5951 nla_nest_end(msg, types);
5952 }
5953 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, key_idx);
5954 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifindex);
5955
5956 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
5957 if ((ret == -ENOENT || ret == -ENOLINK) && alg == WPA_ALG_NONE)
5958 ret = 0;
5959 if (ret)
5960 wpa_printf(MSG_DEBUG, "nl80211: set_key failed; err=%d %s)",
5961 ret, strerror(-ret));
5962
5963 /*
5964 * If we failed or don't need to set the default TX key (below),
5965 * we're done here.
5966 */
5967 if (ret || !set_tx || alg == WPA_ALG_NONE || tdls)
5968 return ret;
5969 if (is_ap_interface(drv->nlmode) && addr &&
5970 !is_broadcast_ether_addr(addr))
5971 return ret;
5972
5973 msg = nlmsg_alloc();
5974 if (!msg)
5975 return -ENOMEM;
5976
5977 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_KEY);
5978 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, key_idx);
5979 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifindex);
5980 if (alg == WPA_ALG_IGTK)
5981 NLA_PUT_FLAG(msg, NL80211_ATTR_KEY_DEFAULT_MGMT);
5982 else
5983 NLA_PUT_FLAG(msg, NL80211_ATTR_KEY_DEFAULT);
5984 if (addr && is_broadcast_ether_addr(addr)) {
5985 struct nlattr *types;
5986
5987 types = nla_nest_start(msg, NL80211_ATTR_KEY_DEFAULT_TYPES);
5988 if (!types)
5989 goto nla_put_failure;
5990 NLA_PUT_FLAG(msg, NL80211_KEY_DEFAULT_TYPE_MULTICAST);
5991 nla_nest_end(msg, types);
5992 } else if (addr) {
5993 struct nlattr *types;
5994
5995 types = nla_nest_start(msg, NL80211_ATTR_KEY_DEFAULT_TYPES);
5996 if (!types)
5997 goto nla_put_failure;
5998 NLA_PUT_FLAG(msg, NL80211_KEY_DEFAULT_TYPE_UNICAST);
5999 nla_nest_end(msg, types);
6000 }
6001
6002 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
6003 if (ret == -ENOENT)
6004 ret = 0;
6005 if (ret)
6006 wpa_printf(MSG_DEBUG, "nl80211: set_key default failed; "
6007 "err=%d %s)", ret, strerror(-ret));
6008 return ret;
6009
6010 nla_put_failure:
6011 nlmsg_free(msg);
6012 return -ENOBUFS;
6013 }
6014
6015
6016 static int nl_add_key(struct nl_msg *msg, enum wpa_alg alg,
6017 int key_idx, int defkey,
6018 const u8 *seq, size_t seq_len,
6019 const u8 *key, size_t key_len)
6020 {
6021 struct nlattr *key_attr = nla_nest_start(msg, NL80211_ATTR_KEY);
6022 if (!key_attr)
6023 return -1;
6024
6025 if (defkey && alg == WPA_ALG_IGTK)
6026 NLA_PUT_FLAG(msg, NL80211_KEY_DEFAULT_MGMT);
6027 else if (defkey)
6028 NLA_PUT_FLAG(msg, NL80211_KEY_DEFAULT);
6029
6030 NLA_PUT_U8(msg, NL80211_KEY_IDX, key_idx);
6031
6032 NLA_PUT_U32(msg, NL80211_KEY_CIPHER,
6033 wpa_alg_to_cipher_suite(alg, key_len));
6034
6035 if (seq && seq_len)
6036 NLA_PUT(msg, NL80211_KEY_SEQ, seq_len, seq);
6037
6038 NLA_PUT(msg, NL80211_KEY_DATA, key_len, key);
6039
6040 nla_nest_end(msg, key_attr);
6041
6042 return 0;
6043 nla_put_failure:
6044 return -1;
6045 }
6046
6047
6048 static int nl80211_set_conn_keys(struct wpa_driver_associate_params *params,
6049 struct nl_msg *msg)
6050 {
6051 int i, privacy = 0;
6052 struct nlattr *nl_keys, *nl_key;
6053
6054 for (i = 0; i < 4; i++) {
6055 if (!params->wep_key[i])
6056 continue;
6057 privacy = 1;
6058 break;
6059 }
6060 if (params->wps == WPS_MODE_PRIVACY)
6061 privacy = 1;
6062 if (params->pairwise_suite &&
6063 params->pairwise_suite != WPA_CIPHER_NONE)
6064 privacy = 1;
6065
6066 if (!privacy)
6067 return 0;
6068
6069 NLA_PUT_FLAG(msg, NL80211_ATTR_PRIVACY);
6070
6071 nl_keys = nla_nest_start(msg, NL80211_ATTR_KEYS);
6072 if (!nl_keys)
6073 goto nla_put_failure;
6074
6075 for (i = 0; i < 4; i++) {
6076 if (!params->wep_key[i])
6077 continue;
6078
6079 nl_key = nla_nest_start(msg, i);
6080 if (!nl_key)
6081 goto nla_put_failure;
6082
6083 NLA_PUT(msg, NL80211_KEY_DATA, params->wep_key_len[i],
6084 params->wep_key[i]);
6085 if (params->wep_key_len[i] == 5)
6086 NLA_PUT_U32(msg, NL80211_KEY_CIPHER,
6087 WLAN_CIPHER_SUITE_WEP40);
6088 else
6089 NLA_PUT_U32(msg, NL80211_KEY_CIPHER,
6090 WLAN_CIPHER_SUITE_WEP104);
6091
6092 NLA_PUT_U8(msg, NL80211_KEY_IDX, i);
6093
6094 if (i == params->wep_tx_keyidx)
6095 NLA_PUT_FLAG(msg, NL80211_KEY_DEFAULT);
6096
6097 nla_nest_end(msg, nl_key);
6098 }
6099 nla_nest_end(msg, nl_keys);
6100
6101 return 0;
6102
6103 nla_put_failure:
6104 return -ENOBUFS;
6105 }
6106
6107
6108 static int wpa_driver_nl80211_mlme(struct wpa_driver_nl80211_data *drv,
6109 const u8 *addr, int cmd, u16 reason_code,
6110 int local_state_change)
6111 {
6112 int ret = -1;
6113 struct nl_msg *msg;
6114
6115 msg = nlmsg_alloc();
6116 if (!msg)
6117 return -1;
6118
6119 nl80211_cmd(drv, msg, 0, cmd);
6120
6121 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
6122 NLA_PUT_U16(msg, NL80211_ATTR_REASON_CODE, reason_code);
6123 if (addr)
6124 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
6125 if (local_state_change)
6126 NLA_PUT_FLAG(msg, NL80211_ATTR_LOCAL_STATE_CHANGE);
6127
6128 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
6129 msg = NULL;
6130 if (ret) {
6131 wpa_dbg(drv->ctx, MSG_DEBUG,
6132 "nl80211: MLME command failed: reason=%u ret=%d (%s)",
6133 reason_code, ret, strerror(-ret));
6134 goto nla_put_failure;
6135 }
6136 ret = 0;
6137
6138 nla_put_failure:
6139 nlmsg_free(msg);
6140 return ret;
6141 }
6142
6143
6144 static int wpa_driver_nl80211_disconnect(struct wpa_driver_nl80211_data *drv,
6145 int reason_code)
6146 {
6147 int ret;
6148
6149 wpa_printf(MSG_DEBUG, "%s(reason_code=%d)", __func__, reason_code);
6150 nl80211_mark_disconnected(drv);
6151 /* Disconnect command doesn't need BSSID - it uses cached value */
6152 ret = wpa_driver_nl80211_mlme(drv, NULL, NL80211_CMD_DISCONNECT,
6153 reason_code, 0);
6154 /*
6155 * For locally generated disconnect, supplicant already generates a
6156 * DEAUTH event, so ignore the event from NL80211.
6157 */
6158 drv->ignore_next_local_disconnect = ret == 0;
6159
6160 return ret;
6161 }
6162
6163
6164 static int wpa_driver_nl80211_deauthenticate(struct i802_bss *bss,
6165 const u8 *addr, int reason_code)
6166 {
6167 struct wpa_driver_nl80211_data *drv = bss->drv;
6168 int ret;
6169
6170 if (drv->nlmode == NL80211_IFTYPE_ADHOC) {
6171 nl80211_mark_disconnected(drv);
6172 return nl80211_leave_ibss(drv);
6173 }
6174 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME))
6175 return wpa_driver_nl80211_disconnect(drv, reason_code);
6176 wpa_printf(MSG_DEBUG, "%s(addr=" MACSTR " reason_code=%d)",
6177 __func__, MAC2STR(addr), reason_code);
6178 nl80211_mark_disconnected(drv);
6179 ret = wpa_driver_nl80211_mlme(drv, addr, NL80211_CMD_DEAUTHENTICATE,
6180 reason_code, 0);
6181 /*
6182 * For locally generated deauthenticate, supplicant already generates a
6183 * DEAUTH event, so ignore the event from NL80211.
6184 */
6185 drv->ignore_next_local_deauth = ret == 0;
6186 return ret;
6187 }
6188
6189
6190 static void nl80211_copy_auth_params(struct wpa_driver_nl80211_data *drv,
6191 struct wpa_driver_auth_params *params)
6192 {
6193 int i;
6194
6195 drv->auth_freq = params->freq;
6196 drv->auth_alg = params->auth_alg;
6197 drv->auth_wep_tx_keyidx = params->wep_tx_keyidx;
6198 drv->auth_local_state_change = params->local_state_change;
6199 drv->auth_p2p = params->p2p;
6200
6201 if (params->bssid)
6202 os_memcpy(drv->auth_bssid_, params->bssid, ETH_ALEN);
6203 else
6204 os_memset(drv->auth_bssid_, 0, ETH_ALEN);
6205
6206 if (params->ssid) {
6207 os_memcpy(drv->auth_ssid, params->ssid, params->ssid_len);
6208 drv->auth_ssid_len = params->ssid_len;
6209 } else
6210 drv->auth_ssid_len = 0;
6211
6212
6213 os_free(drv->auth_ie);
6214 drv->auth_ie = NULL;
6215 drv->auth_ie_len = 0;
6216 if (params->ie) {
6217 drv->auth_ie = os_malloc(params->ie_len);
6218 if (drv->auth_ie) {
6219 os_memcpy(drv->auth_ie, params->ie, params->ie_len);
6220 drv->auth_ie_len = params->ie_len;
6221 }
6222 }
6223
6224 for (i = 0; i < 4; i++) {
6225 if (params->wep_key[i] && params->wep_key_len[i] &&
6226 params->wep_key_len[i] <= 16) {
6227 os_memcpy(drv->auth_wep_key[i], params->wep_key[i],
6228 params->wep_key_len[i]);
6229 drv->auth_wep_key_len[i] = params->wep_key_len[i];
6230 } else
6231 drv->auth_wep_key_len[i] = 0;
6232 }
6233 }
6234
6235
6236 static int wpa_driver_nl80211_authenticate(
6237 struct i802_bss *bss, struct wpa_driver_auth_params *params)
6238 {
6239 struct wpa_driver_nl80211_data *drv = bss->drv;
6240 int ret = -1, i;
6241 struct nl_msg *msg;
6242 enum nl80211_auth_type type;
6243 enum nl80211_iftype nlmode;
6244 int count = 0;
6245 int is_retry;
6246
6247 is_retry = drv->retry_auth;
6248 drv->retry_auth = 0;
6249 drv->ignore_deauth_event = 0;
6250
6251 nl80211_mark_disconnected(drv);
6252 os_memset(drv->auth_bssid, 0, ETH_ALEN);
6253 if (params->bssid)
6254 os_memcpy(drv->auth_attempt_bssid, params->bssid, ETH_ALEN);
6255 else
6256 os_memset(drv->auth_attempt_bssid, 0, ETH_ALEN);
6257 /* FIX: IBSS mode */
6258 nlmode = params->p2p ?
6259 NL80211_IFTYPE_P2P_CLIENT : NL80211_IFTYPE_STATION;
6260 if (drv->nlmode != nlmode &&
6261 wpa_driver_nl80211_set_mode(bss, nlmode) < 0)
6262 return -1;
6263
6264 retry:
6265 msg = nlmsg_alloc();
6266 if (!msg)
6267 return -1;
6268
6269 wpa_printf(MSG_DEBUG, "nl80211: Authenticate (ifindex=%d)",
6270 drv->ifindex);
6271
6272 nl80211_cmd(drv, msg, 0, NL80211_CMD_AUTHENTICATE);
6273
6274 for (i = 0; i < 4; i++) {
6275 if (!params->wep_key[i])
6276 continue;
6277 wpa_driver_nl80211_set_key(bss->ifname, bss, WPA_ALG_WEP,
6278 NULL, i,
6279 i == params->wep_tx_keyidx, NULL, 0,
6280 params->wep_key[i],
6281 params->wep_key_len[i]);
6282 if (params->wep_tx_keyidx != i)
6283 continue;
6284 if (nl_add_key(msg, WPA_ALG_WEP, i, 1, NULL, 0,
6285 params->wep_key[i], params->wep_key_len[i])) {
6286 nlmsg_free(msg);
6287 return -1;
6288 }
6289 }
6290
6291 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
6292 if (params->bssid) {
6293 wpa_printf(MSG_DEBUG, " * bssid=" MACSTR,
6294 MAC2STR(params->bssid));
6295 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid);
6296 }
6297 if (params->freq) {
6298 wpa_printf(MSG_DEBUG, " * freq=%d", params->freq);
6299 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, params->freq);
6300 }
6301 if (params->ssid) {
6302 wpa_hexdump_ascii(MSG_DEBUG, " * SSID",
6303 params->ssid, params->ssid_len);
6304 NLA_PUT(msg, NL80211_ATTR_SSID, params->ssid_len,
6305 params->ssid);
6306 }
6307 wpa_hexdump(MSG_DEBUG, " * IEs", params->ie, params->ie_len);
6308 if (params->ie)
6309 NLA_PUT(msg, NL80211_ATTR_IE, params->ie_len, params->ie);
6310 if (params->sae_data) {
6311 wpa_hexdump(MSG_DEBUG, " * SAE data", params->sae_data,
6312 params->sae_data_len);
6313 NLA_PUT(msg, NL80211_ATTR_SAE_DATA, params->sae_data_len,
6314 params->sae_data);
6315 }
6316 if (params->auth_alg & WPA_AUTH_ALG_OPEN)
6317 type = NL80211_AUTHTYPE_OPEN_SYSTEM;
6318 else if (params->auth_alg & WPA_AUTH_ALG_SHARED)
6319 type = NL80211_AUTHTYPE_SHARED_KEY;
6320 else if (params->auth_alg & WPA_AUTH_ALG_LEAP)
6321 type = NL80211_AUTHTYPE_NETWORK_EAP;
6322 else if (params->auth_alg & WPA_AUTH_ALG_FT)
6323 type = NL80211_AUTHTYPE_FT;
6324 else if (params->auth_alg & WPA_AUTH_ALG_SAE)
6325 type = NL80211_AUTHTYPE_SAE;
6326 else
6327 goto nla_put_failure;
6328 wpa_printf(MSG_DEBUG, " * Auth Type %d", type);
6329 NLA_PUT_U32(msg, NL80211_ATTR_AUTH_TYPE, type);
6330 if (params->local_state_change) {
6331 wpa_printf(MSG_DEBUG, " * Local state change only");
6332 NLA_PUT_FLAG(msg, NL80211_ATTR_LOCAL_STATE_CHANGE);
6333 }
6334
6335 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
6336 msg = NULL;
6337 if (ret) {
6338 wpa_dbg(drv->ctx, MSG_DEBUG,
6339 "nl80211: MLME command failed (auth): ret=%d (%s)",
6340 ret, strerror(-ret));
6341 count++;
6342 if (ret == -EALREADY && count == 1 && params->bssid &&
6343 !params->local_state_change) {
6344 /*
6345 * mac80211 does not currently accept new
6346 * authentication if we are already authenticated. As a
6347 * workaround, force deauthentication and try again.
6348 */
6349 wpa_printf(MSG_DEBUG, "nl80211: Retry authentication "
6350 "after forced deauthentication");
6351 drv->ignore_deauth_event = 1;
6352 wpa_driver_nl80211_deauthenticate(
6353 bss, params->bssid,
6354 WLAN_REASON_PREV_AUTH_NOT_VALID);
6355 nlmsg_free(msg);
6356 goto retry;
6357 }
6358
6359 if (ret == -ENOENT && params->freq && !is_retry) {
6360 /*
6361 * cfg80211 has likely expired the BSS entry even
6362 * though it was previously available in our internal
6363 * BSS table. To recover quickly, start a single
6364 * channel scan on the specified channel.
6365 */
6366 struct wpa_driver_scan_params scan;
6367 int freqs[2];
6368
6369 os_memset(&scan, 0, sizeof(scan));
6370 scan.num_ssids = 1;
6371 if (params->ssid) {
6372 scan.ssids[0].ssid = params->ssid;
6373 scan.ssids[0].ssid_len = params->ssid_len;
6374 }
6375 freqs[0] = params->freq;
6376 freqs[1] = 0;
6377 scan.freqs = freqs;
6378 wpa_printf(MSG_DEBUG, "nl80211: Trigger single "
6379 "channel scan to refresh cfg80211 BSS "
6380 "entry");
6381 ret = wpa_driver_nl80211_scan(bss, &scan);
6382 if (ret == 0) {
6383 nl80211_copy_auth_params(drv, params);
6384 drv->scan_for_auth = 1;
6385 }
6386 } else if (is_retry) {
6387 /*
6388 * Need to indicate this with an event since the return
6389 * value from the retry is not delivered to core code.
6390 */
6391 union wpa_event_data event;
6392 wpa_printf(MSG_DEBUG, "nl80211: Authentication retry "
6393 "failed");
6394 os_memset(&event, 0, sizeof(event));
6395 os_memcpy(event.timeout_event.addr, drv->auth_bssid_,
6396 ETH_ALEN);
6397 wpa_supplicant_event(drv->ctx, EVENT_AUTH_TIMED_OUT,
6398 &event);
6399 }
6400
6401 goto nla_put_failure;
6402 }
6403 ret = 0;
6404 wpa_printf(MSG_DEBUG, "nl80211: Authentication request send "
6405 "successfully");
6406
6407 nla_put_failure:
6408 nlmsg_free(msg);
6409 return ret;
6410 }
6411
6412
6413 static int wpa_driver_nl80211_authenticate_retry(
6414 struct wpa_driver_nl80211_data *drv)
6415 {
6416 struct wpa_driver_auth_params params;
6417 struct i802_bss *bss = drv->first_bss;
6418 int i;
6419
6420 wpa_printf(MSG_DEBUG, "nl80211: Try to authenticate again");
6421
6422 os_memset(&params, 0, sizeof(params));
6423 params.freq = drv->auth_freq;
6424 params.auth_alg = drv->auth_alg;
6425 params.wep_tx_keyidx = drv->auth_wep_tx_keyidx;
6426 params.local_state_change = drv->auth_local_state_change;
6427 params.p2p = drv->auth_p2p;
6428
6429 if (!is_zero_ether_addr(drv->auth_bssid_))
6430 params.bssid = drv->auth_bssid_;
6431
6432 if (drv->auth_ssid_len) {
6433 params.ssid = drv->auth_ssid;
6434 params.ssid_len = drv->auth_ssid_len;
6435 }
6436
6437 params.ie = drv->auth_ie;
6438 params.ie_len = drv->auth_ie_len;
6439
6440 for (i = 0; i < 4; i++) {
6441 if (drv->auth_wep_key_len[i]) {
6442 params.wep_key[i] = drv->auth_wep_key[i];
6443 params.wep_key_len[i] = drv->auth_wep_key_len[i];
6444 }
6445 }
6446
6447 drv->retry_auth = 1;
6448 return wpa_driver_nl80211_authenticate(bss, &params);
6449 }
6450
6451
6452 struct phy_info_arg {
6453 u16 *num_modes;
6454 struct hostapd_hw_modes *modes;
6455 int last_mode, last_chan_idx;
6456 };
6457
6458 static void phy_info_ht_capa(struct hostapd_hw_modes *mode, struct nlattr *capa,
6459 struct nlattr *ampdu_factor,
6460 struct nlattr *ampdu_density,
6461 struct nlattr *mcs_set)
6462 {
6463 if (capa)
6464 mode->ht_capab = nla_get_u16(capa);
6465
6466 if (ampdu_factor)
6467 mode->a_mpdu_params |= nla_get_u8(ampdu_factor) & 0x03;
6468
6469 if (ampdu_density)
6470 mode->a_mpdu_params |= nla_get_u8(ampdu_density) << 2;
6471
6472 if (mcs_set && nla_len(mcs_set) >= 16) {
6473 u8 *mcs;
6474 mcs = nla_data(mcs_set);
6475 os_memcpy(mode->mcs_set, mcs, 16);
6476 }
6477 }
6478
6479
6480 static void phy_info_vht_capa(struct hostapd_hw_modes *mode,
6481 struct nlattr *capa,
6482 struct nlattr *mcs_set)
6483 {
6484 if (capa)
6485 mode->vht_capab = nla_get_u32(capa);
6486
6487 if (mcs_set && nla_len(mcs_set) >= 8) {
6488 u8 *mcs;
6489 mcs = nla_data(mcs_set);
6490 os_memcpy(mode->vht_mcs_set, mcs, 8);
6491 }
6492 }
6493
6494
6495 static void phy_info_freq(struct hostapd_hw_modes *mode,
6496 struct hostapd_channel_data *chan,
6497 struct nlattr *tb_freq[])
6498 {
6499 u8 channel;
6500 chan->freq = nla_get_u32(tb_freq[NL80211_FREQUENCY_ATTR_FREQ]);
6501 chan->flag = 0;
6502 chan->dfs_cac_ms = 0;
6503 if (ieee80211_freq_to_chan(chan->freq, &channel) != NUM_HOSTAPD_MODES)
6504 chan->chan = channel;
6505
6506 if (tb_freq[NL80211_FREQUENCY_ATTR_DISABLED])
6507 chan->flag |= HOSTAPD_CHAN_DISABLED;
6508 if (tb_freq[NL80211_FREQUENCY_ATTR_NO_IR])
6509 chan->flag |= HOSTAPD_CHAN_PASSIVE_SCAN | HOSTAPD_CHAN_NO_IBSS;
6510 if (tb_freq[NL80211_FREQUENCY_ATTR_RADAR])
6511 chan->flag |= HOSTAPD_CHAN_RADAR;
6512
6513 if (tb_freq[NL80211_FREQUENCY_ATTR_DFS_STATE]) {
6514 enum nl80211_dfs_state state =
6515 nla_get_u32(tb_freq[NL80211_FREQUENCY_ATTR_DFS_STATE]);
6516
6517 switch (state) {
6518 case NL80211_DFS_USABLE:
6519 chan->flag |= HOSTAPD_CHAN_DFS_USABLE;
6520 break;
6521 case NL80211_DFS_AVAILABLE:
6522 chan->flag |= HOSTAPD_CHAN_DFS_AVAILABLE;
6523 break;
6524 case NL80211_DFS_UNAVAILABLE:
6525 chan->flag |= HOSTAPD_CHAN_DFS_UNAVAILABLE;
6526 break;
6527 }
6528 }
6529
6530 if (tb_freq[NL80211_FREQUENCY_ATTR_DFS_CAC_TIME]) {
6531 chan->dfs_cac_ms = nla_get_u32(
6532 tb_freq[NL80211_FREQUENCY_ATTR_DFS_CAC_TIME]);
6533 }
6534 }
6535
6536
6537 static int phy_info_freqs(struct phy_info_arg *phy_info,
6538 struct hostapd_hw_modes *mode, struct nlattr *tb)
6539 {
6540 static struct nla_policy freq_policy[NL80211_FREQUENCY_ATTR_MAX + 1] = {
6541 [NL80211_FREQUENCY_ATTR_FREQ] = { .type = NLA_U32 },
6542 [NL80211_FREQUENCY_ATTR_DISABLED] = { .type = NLA_FLAG },
6543 [NL80211_FREQUENCY_ATTR_NO_IR] = { .type = NLA_FLAG },
6544 [NL80211_FREQUENCY_ATTR_RADAR] = { .type = NLA_FLAG },
6545 [NL80211_FREQUENCY_ATTR_MAX_TX_POWER] = { .type = NLA_U32 },
6546 [NL80211_FREQUENCY_ATTR_DFS_STATE] = { .type = NLA_U32 },
6547 };
6548 int new_channels = 0;
6549 struct hostapd_channel_data *channel;
6550 struct nlattr *tb_freq[NL80211_FREQUENCY_ATTR_MAX + 1];
6551 struct nlattr *nl_freq;
6552 int rem_freq, idx;
6553
6554 if (tb == NULL)
6555 return NL_OK;
6556
6557 nla_for_each_nested(nl_freq, tb, rem_freq) {
6558 nla_parse(tb_freq, NL80211_FREQUENCY_ATTR_MAX,
6559 nla_data(nl_freq), nla_len(nl_freq), freq_policy);
6560 if (!tb_freq[NL80211_FREQUENCY_ATTR_FREQ])
6561 continue;
6562 new_channels++;
6563 }
6564
6565 channel = os_realloc_array(mode->channels,
6566 mode->num_channels + new_channels,
6567 sizeof(struct hostapd_channel_data));
6568 if (!channel)
6569 return NL_SKIP;
6570
6571 mode->channels = channel;
6572 mode->num_channels += new_channels;
6573
6574 idx = phy_info->last_chan_idx;
6575
6576 nla_for_each_nested(nl_freq, tb, rem_freq) {
6577 nla_parse(tb_freq, NL80211_FREQUENCY_ATTR_MAX,
6578 nla_data(nl_freq), nla_len(nl_freq), freq_policy);
6579 if (!tb_freq[NL80211_FREQUENCY_ATTR_FREQ])
6580 continue;
6581 phy_info_freq(mode, &mode->channels[idx], tb_freq);
6582 idx++;
6583 }
6584 phy_info->last_chan_idx = idx;
6585
6586 return NL_OK;
6587 }
6588
6589
6590 static int phy_info_rates(struct hostapd_hw_modes *mode, struct nlattr *tb)
6591 {
6592 static struct nla_policy rate_policy[NL80211_BITRATE_ATTR_MAX + 1] = {
6593 [NL80211_BITRATE_ATTR_RATE] = { .type = NLA_U32 },
6594 [NL80211_BITRATE_ATTR_2GHZ_SHORTPREAMBLE] =
6595 { .type = NLA_FLAG },
6596 };
6597 struct nlattr *tb_rate[NL80211_BITRATE_ATTR_MAX + 1];
6598 struct nlattr *nl_rate;
6599 int rem_rate, idx;
6600
6601 if (tb == NULL)
6602 return NL_OK;
6603
6604 nla_for_each_nested(nl_rate, tb, rem_rate) {
6605 nla_parse(tb_rate, NL80211_BITRATE_ATTR_MAX,
6606 nla_data(nl_rate), nla_len(nl_rate),
6607 rate_policy);
6608 if (!tb_rate[NL80211_BITRATE_ATTR_RATE])
6609 continue;
6610 mode->num_rates++;
6611 }
6612
6613 mode->rates = os_calloc(mode->num_rates, sizeof(int));
6614 if (!mode->rates)
6615 return NL_SKIP;
6616
6617 idx = 0;
6618
6619 nla_for_each_nested(nl_rate, tb, rem_rate) {
6620 nla_parse(tb_rate, NL80211_BITRATE_ATTR_MAX,
6621 nla_data(nl_rate), nla_len(nl_rate),
6622 rate_policy);
6623 if (!tb_rate[NL80211_BITRATE_ATTR_RATE])
6624 continue;
6625 mode->rates[idx] = nla_get_u32(
6626 tb_rate[NL80211_BITRATE_ATTR_RATE]);
6627 idx++;
6628 }
6629
6630 return NL_OK;
6631 }
6632
6633
6634 static int phy_info_band(struct phy_info_arg *phy_info, struct nlattr *nl_band)
6635 {
6636 struct nlattr *tb_band[NL80211_BAND_ATTR_MAX + 1];
6637 struct hostapd_hw_modes *mode;
6638 int ret;
6639
6640 if (phy_info->last_mode != nl_band->nla_type) {
6641 mode = os_realloc_array(phy_info->modes,
6642 *phy_info->num_modes + 1,
6643 sizeof(*mode));
6644 if (!mode)
6645 return NL_SKIP;
6646 phy_info->modes = mode;
6647
6648 mode = &phy_info->modes[*(phy_info->num_modes)];
6649 os_memset(mode, 0, sizeof(*mode));
6650 mode->mode = NUM_HOSTAPD_MODES;
6651 mode->flags = HOSTAPD_MODE_FLAG_HT_INFO_KNOWN |
6652 HOSTAPD_MODE_FLAG_VHT_INFO_KNOWN;
6653
6654 /*
6655 * Unsupported VHT MCS stream is defined as value 3, so the VHT
6656 * MCS RX/TX map must be initialized with 0xffff to mark all 8
6657 * possible streams as unsupported. This will be overridden if
6658 * driver advertises VHT support.
6659 */
6660 mode->vht_mcs_set[0] = 0xff;
6661 mode->vht_mcs_set[1] = 0xff;
6662 mode->vht_mcs_set[4] = 0xff;
6663 mode->vht_mcs_set[5] = 0xff;
6664
6665 *(phy_info->num_modes) += 1;
6666 phy_info->last_mode = nl_band->nla_type;
6667 phy_info->last_chan_idx = 0;
6668 } else
6669 mode = &phy_info->modes[*(phy_info->num_modes) - 1];
6670
6671 nla_parse(tb_band, NL80211_BAND_ATTR_MAX, nla_data(nl_band),
6672 nla_len(nl_band), NULL);
6673
6674 phy_info_ht_capa(mode, tb_band[NL80211_BAND_ATTR_HT_CAPA],
6675 tb_band[NL80211_BAND_ATTR_HT_AMPDU_FACTOR],
6676 tb_band[NL80211_BAND_ATTR_HT_AMPDU_DENSITY],
6677 tb_band[NL80211_BAND_ATTR_HT_MCS_SET]);
6678 phy_info_vht_capa(mode, tb_band[NL80211_BAND_ATTR_VHT_CAPA],
6679 tb_band[NL80211_BAND_ATTR_VHT_MCS_SET]);
6680 ret = phy_info_freqs(phy_info, mode, tb_band[NL80211_BAND_ATTR_FREQS]);
6681 if (ret != NL_OK)
6682 return ret;
6683 ret = phy_info_rates(mode, tb_band[NL80211_BAND_ATTR_RATES]);
6684 if (ret != NL_OK)
6685 return ret;
6686
6687 return NL_OK;
6688 }
6689
6690
6691 static int phy_info_handler(struct nl_msg *msg, void *arg)
6692 {
6693 struct nlattr *tb_msg[NL80211_ATTR_MAX + 1];
6694 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
6695 struct phy_info_arg *phy_info = arg;
6696 struct nlattr *nl_band;
6697 int rem_band;
6698
6699 nla_parse(tb_msg, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
6700 genlmsg_attrlen(gnlh, 0), NULL);
6701
6702 if (!tb_msg[NL80211_ATTR_WIPHY_BANDS])
6703 return NL_SKIP;
6704
6705 nla_for_each_nested(nl_band, tb_msg[NL80211_ATTR_WIPHY_BANDS], rem_band)
6706 {
6707 int res = phy_info_band(phy_info, nl_band);
6708 if (res != NL_OK)
6709 return res;
6710 }
6711
6712 return NL_SKIP;
6713 }
6714
6715
6716 static struct hostapd_hw_modes *
6717 wpa_driver_nl80211_postprocess_modes(struct hostapd_hw_modes *modes,
6718 u16 *num_modes)
6719 {
6720 u16 m;
6721 struct hostapd_hw_modes *mode11g = NULL, *nmodes, *mode;
6722 int i, mode11g_idx = -1;
6723
6724 /* heuristic to set up modes */
6725 for (m = 0; m < *num_modes; m++) {
6726 if (!modes[m].num_channels)
6727 continue;
6728 if (modes[m].channels[0].freq < 4000) {
6729 modes[m].mode = HOSTAPD_MODE_IEEE80211B;
6730 for (i = 0; i < modes[m].num_rates; i++) {
6731 if (modes[m].rates[i] > 200) {
6732 modes[m].mode = HOSTAPD_MODE_IEEE80211G;
6733 break;
6734 }
6735 }
6736 } else if (modes[m].channels[0].freq > 50000)
6737 modes[m].mode = HOSTAPD_MODE_IEEE80211AD;
6738 else
6739 modes[m].mode = HOSTAPD_MODE_IEEE80211A;
6740 }
6741
6742 /* If only 802.11g mode is included, use it to construct matching
6743 * 802.11b mode data. */
6744
6745 for (m = 0; m < *num_modes; m++) {
6746 if (modes[m].mode == HOSTAPD_MODE_IEEE80211B)
6747 return modes; /* 802.11b already included */
6748 if (modes[m].mode == HOSTAPD_MODE_IEEE80211G)
6749 mode11g_idx = m;
6750 }
6751
6752 if (mode11g_idx < 0)
6753 return modes; /* 2.4 GHz band not supported at all */
6754
6755 nmodes = os_realloc_array(modes, *num_modes + 1, sizeof(*nmodes));
6756 if (nmodes == NULL)
6757 return modes; /* Could not add 802.11b mode */
6758
6759 mode = &nmodes[*num_modes];
6760 os_memset(mode, 0, sizeof(*mode));
6761 (*num_modes)++;
6762 modes = nmodes;
6763
6764 mode->mode = HOSTAPD_MODE_IEEE80211B;
6765
6766 mode11g = &modes[mode11g_idx];
6767 mode->num_channels = mode11g->num_channels;
6768 mode->channels = os_malloc(mode11g->num_channels *
6769 sizeof(struct hostapd_channel_data));
6770 if (mode->channels == NULL) {
6771 (*num_modes)--;
6772 return modes; /* Could not add 802.11b mode */
6773 }
6774 os_memcpy(mode->channels, mode11g->channels,
6775 mode11g->num_channels * sizeof(struct hostapd_channel_data));
6776
6777 mode->num_rates = 0;
6778 mode->rates = os_malloc(4 * sizeof(int));
6779 if (mode->rates == NULL) {
6780 os_free(mode->channels);
6781 (*num_modes)--;
6782 return modes; /* Could not add 802.11b mode */
6783 }
6784
6785 for (i = 0; i < mode11g->num_rates; i++) {
6786 if (mode11g->rates[i] != 10 && mode11g->rates[i] != 20 &&
6787 mode11g->rates[i] != 55 && mode11g->rates[i] != 110)
6788 continue;
6789 mode->rates[mode->num_rates] = mode11g->rates[i];
6790 mode->num_rates++;
6791 if (mode->num_rates == 4)
6792 break;
6793 }
6794
6795 if (mode->num_rates == 0) {
6796 os_free(mode->channels);
6797 os_free(mode->rates);
6798 (*num_modes)--;
6799 return modes; /* No 802.11b rates */
6800 }
6801
6802 wpa_printf(MSG_DEBUG, "nl80211: Added 802.11b mode based on 802.11g "
6803 "information");
6804
6805 return modes;
6806 }
6807
6808
6809 static void nl80211_set_ht40_mode(struct hostapd_hw_modes *mode, int start,
6810 int end)
6811 {
6812 int c;
6813
6814 for (c = 0; c < mode->num_channels; c++) {
6815 struct hostapd_channel_data *chan = &mode->channels[c];
6816 if (chan->freq - 10 >= start && chan->freq + 10 <= end)
6817 chan->flag |= HOSTAPD_CHAN_HT40;
6818 }
6819 }
6820
6821
6822 static void nl80211_set_ht40_mode_sec(struct hostapd_hw_modes *mode, int start,
6823 int end)
6824 {
6825 int c;
6826
6827 for (c = 0; c < mode->num_channels; c++) {
6828 struct hostapd_channel_data *chan = &mode->channels[c];
6829 if (!(chan->flag & HOSTAPD_CHAN_HT40))
6830 continue;
6831 if (chan->freq - 30 >= start && chan->freq - 10 <= end)
6832 chan->flag |= HOSTAPD_CHAN_HT40MINUS;
6833 if (chan->freq + 10 >= start && chan->freq + 30 <= end)
6834 chan->flag |= HOSTAPD_CHAN_HT40PLUS;
6835 }
6836 }
6837
6838
6839 static void nl80211_reg_rule_max_eirp(u32 start, u32 end, u32 max_eirp,
6840 struct phy_info_arg *results)
6841 {
6842 u16 m;
6843
6844 for (m = 0; m < *results->num_modes; m++) {
6845 int c;
6846 struct hostapd_hw_modes *mode = &results->modes[m];
6847
6848 for (c = 0; c < mode->num_channels; c++) {
6849 struct hostapd_channel_data *chan = &mode->channels[c];
6850 if ((u32) chan->freq - 10 >= start &&
6851 (u32) chan->freq + 10 <= end)
6852 chan->max_tx_power = max_eirp;
6853 }
6854 }
6855 }
6856
6857
6858 static void nl80211_reg_rule_ht40(u32 start, u32 end,
6859 struct phy_info_arg *results)
6860 {
6861 u16 m;
6862
6863 for (m = 0; m < *results->num_modes; m++) {
6864 if (!(results->modes[m].ht_capab &
6865 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET))
6866 continue;
6867 nl80211_set_ht40_mode(&results->modes[m], start, end);
6868 }
6869 }
6870
6871
6872 static void nl80211_reg_rule_sec(struct nlattr *tb[],
6873 struct phy_info_arg *results)
6874 {
6875 u32 start, end, max_bw;
6876 u16 m;
6877
6878 if (tb[NL80211_ATTR_FREQ_RANGE_START] == NULL ||
6879 tb[NL80211_ATTR_FREQ_RANGE_END] == NULL ||
6880 tb[NL80211_ATTR_FREQ_RANGE_MAX_BW] == NULL)
6881 return;
6882
6883 start = nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_START]) / 1000;
6884 end = nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_END]) / 1000;
6885 max_bw = nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_MAX_BW]) / 1000;
6886
6887 if (max_bw < 20)
6888 return;
6889
6890 for (m = 0; m < *results->num_modes; m++) {
6891 if (!(results->modes[m].ht_capab &
6892 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET))
6893 continue;
6894 nl80211_set_ht40_mode_sec(&results->modes[m], start, end);
6895 }
6896 }
6897
6898
6899 static void nl80211_set_vht_mode(struct hostapd_hw_modes *mode, int start,
6900 int end)
6901 {
6902 int c;
6903
6904 for (c = 0; c < mode->num_channels; c++) {
6905 struct hostapd_channel_data *chan = &mode->channels[c];
6906 if (chan->freq - 10 >= start && chan->freq + 70 <= end)
6907 chan->flag |= HOSTAPD_CHAN_VHT_10_70;
6908
6909 if (chan->freq - 30 >= start && chan->freq + 50 <= end)
6910 chan->flag |= HOSTAPD_CHAN_VHT_30_50;
6911
6912 if (chan->freq - 50 >= start && chan->freq + 30 <= end)
6913 chan->flag |= HOSTAPD_CHAN_VHT_50_30;
6914
6915 if (chan->freq - 70 >= start && chan->freq + 10 <= end)
6916 chan->flag |= HOSTAPD_CHAN_VHT_70_10;
6917 }
6918 }
6919
6920
6921 static void nl80211_reg_rule_vht(struct nlattr *tb[],
6922 struct phy_info_arg *results)
6923 {
6924 u32 start, end, max_bw;
6925 u16 m;
6926
6927 if (tb[NL80211_ATTR_FREQ_RANGE_START] == NULL ||
6928 tb[NL80211_ATTR_FREQ_RANGE_END] == NULL ||
6929 tb[NL80211_ATTR_FREQ_RANGE_MAX_BW] == NULL)
6930 return;
6931
6932 start = nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_START]) / 1000;
6933 end = nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_END]) / 1000;
6934 max_bw = nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_MAX_BW]) / 1000;
6935
6936 if (max_bw < 80)
6937 return;
6938
6939 for (m = 0; m < *results->num_modes; m++) {
6940 if (!(results->modes[m].ht_capab &
6941 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET))
6942 continue;
6943 /* TODO: use a real VHT support indication */
6944 if (!results->modes[m].vht_capab)
6945 continue;
6946
6947 nl80211_set_vht_mode(&results->modes[m], start, end);
6948 }
6949 }
6950
6951
6952 static const char * dfs_domain_name(enum nl80211_dfs_regions region)
6953 {
6954 switch (region) {
6955 case NL80211_DFS_UNSET:
6956 return "DFS-UNSET";
6957 case NL80211_DFS_FCC:
6958 return "DFS-FCC";
6959 case NL80211_DFS_ETSI:
6960 return "DFS-ETSI";
6961 case NL80211_DFS_JP:
6962 return "DFS-JP";
6963 default:
6964 return "DFS-invalid";
6965 }
6966 }
6967
6968
6969 static int nl80211_get_reg(struct nl_msg *msg, void *arg)
6970 {
6971 struct phy_info_arg *results = arg;
6972 struct nlattr *tb_msg[NL80211_ATTR_MAX + 1];
6973 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
6974 struct nlattr *nl_rule;
6975 struct nlattr *tb_rule[NL80211_FREQUENCY_ATTR_MAX + 1];
6976 int rem_rule;
6977 static struct nla_policy reg_policy[NL80211_FREQUENCY_ATTR_MAX + 1] = {
6978 [NL80211_ATTR_REG_RULE_FLAGS] = { .type = NLA_U32 },
6979 [NL80211_ATTR_FREQ_RANGE_START] = { .type = NLA_U32 },
6980 [NL80211_ATTR_FREQ_RANGE_END] = { .type = NLA_U32 },
6981 [NL80211_ATTR_FREQ_RANGE_MAX_BW] = { .type = NLA_U32 },
6982 [NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN] = { .type = NLA_U32 },
6983 [NL80211_ATTR_POWER_RULE_MAX_EIRP] = { .type = NLA_U32 },
6984 };
6985
6986 nla_parse(tb_msg, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
6987 genlmsg_attrlen(gnlh, 0), NULL);
6988 if (!tb_msg[NL80211_ATTR_REG_ALPHA2] ||
6989 !tb_msg[NL80211_ATTR_REG_RULES]) {
6990 wpa_printf(MSG_DEBUG, "nl80211: No regulatory information "
6991 "available");
6992 return NL_SKIP;
6993 }
6994
6995 if (tb_msg[NL80211_ATTR_DFS_REGION]) {
6996 enum nl80211_dfs_regions dfs_domain;
6997 dfs_domain = nla_get_u8(tb_msg[NL80211_ATTR_DFS_REGION]);
6998 wpa_printf(MSG_DEBUG, "nl80211: Regulatory information - country=%s (%s)",
6999 (char *) nla_data(tb_msg[NL80211_ATTR_REG_ALPHA2]),
7000 dfs_domain_name(dfs_domain));
7001 } else {
7002 wpa_printf(MSG_DEBUG, "nl80211: Regulatory information - country=%s",
7003 (char *) nla_data(tb_msg[NL80211_ATTR_REG_ALPHA2]));
7004 }
7005
7006 nla_for_each_nested(nl_rule, tb_msg[NL80211_ATTR_REG_RULES], rem_rule)
7007 {
7008 u32 start, end, max_eirp = 0, max_bw = 0, flags = 0;
7009 nla_parse(tb_rule, NL80211_FREQUENCY_ATTR_MAX,
7010 nla_data(nl_rule), nla_len(nl_rule), reg_policy);
7011 if (tb_rule[NL80211_ATTR_FREQ_RANGE_START] == NULL ||
7012 tb_rule[NL80211_ATTR_FREQ_RANGE_END] == NULL)
7013 continue;
7014 start = nla_get_u32(tb_rule[NL80211_ATTR_FREQ_RANGE_START]) / 1000;
7015 end = nla_get_u32(tb_rule[NL80211_ATTR_FREQ_RANGE_END]) / 1000;
7016 if (tb_rule[NL80211_ATTR_POWER_RULE_MAX_EIRP])
7017 max_eirp = nla_get_u32(tb_rule[NL80211_ATTR_POWER_RULE_MAX_EIRP]) / 100;
7018 if (tb_rule[NL80211_ATTR_FREQ_RANGE_MAX_BW])
7019 max_bw = nla_get_u32(tb_rule[NL80211_ATTR_FREQ_RANGE_MAX_BW]) / 1000;
7020 if (tb_rule[NL80211_ATTR_REG_RULE_FLAGS])
7021 flags = nla_get_u32(tb_rule[NL80211_ATTR_REG_RULE_FLAGS]);
7022
7023 wpa_printf(MSG_DEBUG, "nl80211: %u-%u @ %u MHz %u mBm%s%s%s%s%s%s%s%s",
7024 start, end, max_bw, max_eirp,
7025 flags & NL80211_RRF_NO_OFDM ? " (no OFDM)" : "",
7026 flags & NL80211_RRF_NO_CCK ? " (no CCK)" : "",
7027 flags & NL80211_RRF_NO_INDOOR ? " (no indoor)" : "",
7028 flags & NL80211_RRF_NO_OUTDOOR ? " (no outdoor)" :
7029 "",
7030 flags & NL80211_RRF_DFS ? " (DFS)" : "",
7031 flags & NL80211_RRF_PTP_ONLY ? " (PTP only)" : "",
7032 flags & NL80211_RRF_PTMP_ONLY ? " (PTMP only)" : "",
7033 flags & NL80211_RRF_NO_IR ? " (no IR)" : "");
7034 if (max_bw >= 40)
7035 nl80211_reg_rule_ht40(start, end, results);
7036 if (tb_rule[NL80211_ATTR_POWER_RULE_MAX_EIRP])
7037 nl80211_reg_rule_max_eirp(start, end, max_eirp,
7038 results);
7039 }
7040
7041 nla_for_each_nested(nl_rule, tb_msg[NL80211_ATTR_REG_RULES], rem_rule)
7042 {
7043 nla_parse(tb_rule, NL80211_FREQUENCY_ATTR_MAX,
7044 nla_data(nl_rule), nla_len(nl_rule), reg_policy);
7045 nl80211_reg_rule_sec(tb_rule, results);
7046 }
7047
7048 nla_for_each_nested(nl_rule, tb_msg[NL80211_ATTR_REG_RULES], rem_rule)
7049 {
7050 nla_parse(tb_rule, NL80211_FREQUENCY_ATTR_MAX,
7051 nla_data(nl_rule), nla_len(nl_rule), reg_policy);
7052 nl80211_reg_rule_vht(tb_rule, results);
7053 }
7054
7055 return NL_SKIP;
7056 }
7057
7058
7059 static int nl80211_set_regulatory_flags(struct wpa_driver_nl80211_data *drv,
7060 struct phy_info_arg *results)
7061 {
7062 struct nl_msg *msg;
7063
7064 msg = nlmsg_alloc();
7065 if (!msg)
7066 return -ENOMEM;
7067
7068 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_REG);
7069 return send_and_recv_msgs(drv, msg, nl80211_get_reg, results);
7070 }
7071
7072
7073 static struct hostapd_hw_modes *
7074 wpa_driver_nl80211_get_hw_feature_data(void *priv, u16 *num_modes, u16 *flags)
7075 {
7076 u32 feat;
7077 struct i802_bss *bss = priv;
7078 struct wpa_driver_nl80211_data *drv = bss->drv;
7079 struct nl_msg *msg;
7080 struct phy_info_arg result = {
7081 .num_modes = num_modes,
7082 .modes = NULL,
7083 .last_mode = -1,
7084 };
7085
7086 *num_modes = 0;
7087 *flags = 0;
7088
7089 msg = nlmsg_alloc();
7090 if (!msg)
7091 return NULL;
7092
7093 feat = get_nl80211_protocol_features(drv);
7094 if (feat & NL80211_PROTOCOL_FEATURE_SPLIT_WIPHY_DUMP)
7095 nl80211_cmd(drv, msg, NLM_F_DUMP, NL80211_CMD_GET_WIPHY);
7096 else
7097 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_WIPHY);
7098
7099 NLA_PUT_FLAG(msg, NL80211_ATTR_SPLIT_WIPHY_DUMP);
7100 if (nl80211_set_iface_id(msg, bss) < 0)
7101 goto nla_put_failure;
7102
7103 if (send_and_recv_msgs(drv, msg, phy_info_handler, &result) == 0) {
7104 nl80211_set_regulatory_flags(drv, &result);
7105 return wpa_driver_nl80211_postprocess_modes(result.modes,
7106 num_modes);
7107 }
7108 msg = NULL;
7109 nla_put_failure:
7110 nlmsg_free(msg);
7111 return NULL;
7112 }
7113
7114
7115 static int wpa_driver_nl80211_send_mntr(struct wpa_driver_nl80211_data *drv,
7116 const void *data, size_t len,
7117 int encrypt, int noack)
7118 {
7119 __u8 rtap_hdr[] = {
7120 0x00, 0x00, /* radiotap version */
7121 0x0e, 0x00, /* radiotap length */
7122 0x02, 0xc0, 0x00, 0x00, /* bmap: flags, tx and rx flags */
7123 IEEE80211_RADIOTAP_F_FRAG, /* F_FRAG (fragment if required) */
7124 0x00, /* padding */
7125 0x00, 0x00, /* RX and TX flags to indicate that */
7126 0x00, 0x00, /* this is the injected frame directly */
7127 };
7128 struct iovec iov[2] = {
7129 {
7130 .iov_base = &rtap_hdr,
7131 .iov_len = sizeof(rtap_hdr),
7132 },
7133 {
7134 .iov_base = (void *) data,
7135 .iov_len = len,
7136 }
7137 };
7138 struct msghdr msg = {
7139 .msg_name = NULL,
7140 .msg_namelen = 0,
7141 .msg_iov = iov,
7142 .msg_iovlen = 2,
7143 .msg_control = NULL,
7144 .msg_controllen = 0,
7145 .msg_flags = 0,
7146 };
7147 int res;
7148 u16 txflags = 0;
7149
7150 if (encrypt)
7151 rtap_hdr[8] |= IEEE80211_RADIOTAP_F_WEP;
7152
7153 if (drv->monitor_sock < 0) {
7154 wpa_printf(MSG_DEBUG, "nl80211: No monitor socket available "
7155 "for %s", __func__);
7156 return -1;
7157 }
7158
7159 if (noack)
7160 txflags |= IEEE80211_RADIOTAP_F_TX_NOACK;
7161 WPA_PUT_LE16(&rtap_hdr[12], txflags);
7162
7163 res = sendmsg(drv->monitor_sock, &msg, 0);
7164 if (res < 0) {
7165 wpa_printf(MSG_INFO, "nl80211: sendmsg: %s", strerror(errno));
7166 return -1;
7167 }
7168 return 0;
7169 }
7170
7171
7172 static int wpa_driver_nl80211_send_frame(struct i802_bss *bss,
7173 const void *data, size_t len,
7174 int encrypt, int noack,
7175 unsigned int freq, int no_cck,
7176 int offchanok, unsigned int wait_time)
7177 {
7178 struct wpa_driver_nl80211_data *drv = bss->drv;
7179 u64 cookie;
7180 int res;
7181
7182 if (freq == 0 && drv->nlmode == NL80211_IFTYPE_ADHOC) {
7183 freq = nl80211_get_assoc_freq(drv);
7184 wpa_printf(MSG_DEBUG,
7185 "nl80211: send_frame - Use assoc_freq=%u for IBSS",
7186 freq);
7187 }
7188 if (freq == 0) {
7189 wpa_printf(MSG_DEBUG, "nl80211: send_frame - Use bss->freq=%u",
7190 bss->freq);
7191 freq = bss->freq;
7192 }
7193
7194 if (drv->use_monitor) {
7195 wpa_printf(MSG_DEBUG, "nl80211: send_frame(freq=%u bss->freq=%u) -> send_mntr",
7196 freq, bss->freq);
7197 return wpa_driver_nl80211_send_mntr(drv, data, len,
7198 encrypt, noack);
7199 }
7200
7201 wpa_printf(MSG_DEBUG, "nl80211: send_frame -> send_frame_cmd");
7202 res = nl80211_send_frame_cmd(bss, freq, wait_time, data, len,
7203 &cookie, no_cck, noack, offchanok);
7204 if (res == 0 && !noack) {
7205 const struct ieee80211_mgmt *mgmt;
7206 u16 fc;
7207
7208 mgmt = (const struct ieee80211_mgmt *) data;
7209 fc = le_to_host16(mgmt->frame_control);
7210 if (WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT &&
7211 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_ACTION) {
7212 wpa_printf(MSG_MSGDUMP,
7213 "nl80211: Update send_action_cookie from 0x%llx to 0x%llx",
7214 (long long unsigned int)
7215 drv->send_action_cookie,
7216 (long long unsigned int) cookie);
7217 drv->send_action_cookie = cookie;
7218 }
7219 }
7220
7221 return res;
7222 }
7223
7224
7225 static int wpa_driver_nl80211_send_mlme(struct i802_bss *bss, const u8 *data,
7226 size_t data_len, int noack,
7227 unsigned int freq, int no_cck,
7228 int offchanok,
7229 unsigned int wait_time)
7230 {
7231 struct wpa_driver_nl80211_data *drv = bss->drv;
7232 struct ieee80211_mgmt *mgmt;
7233 int encrypt = 1;
7234 u16 fc;
7235
7236 mgmt = (struct ieee80211_mgmt *) data;
7237 fc = le_to_host16(mgmt->frame_control);
7238 wpa_printf(MSG_DEBUG, "nl80211: send_mlme - da= " MACSTR
7239 " noack=%d freq=%u no_cck=%d offchanok=%d wait_time=%u fc=0x%x (%s) nlmode=%d",
7240 MAC2STR(mgmt->da), noack, freq, no_cck, offchanok, wait_time,
7241 fc, fc2str(fc), drv->nlmode);
7242
7243 if ((is_sta_interface(drv->nlmode) ||
7244 drv->nlmode == NL80211_IFTYPE_P2P_DEVICE) &&
7245 WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT &&
7246 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_PROBE_RESP) {
7247 /*
7248 * The use of last_mgmt_freq is a bit of a hack,
7249 * but it works due to the single-threaded nature
7250 * of wpa_supplicant.
7251 */
7252 if (freq == 0) {
7253 wpa_printf(MSG_DEBUG, "nl80211: Use last_mgmt_freq=%d",
7254 drv->last_mgmt_freq);
7255 freq = drv->last_mgmt_freq;
7256 }
7257 return nl80211_send_frame_cmd(bss, freq, 0,
7258 data, data_len, NULL, 1, noack,
7259 1);
7260 }
7261
7262 if (drv->device_ap_sme && is_ap_interface(drv->nlmode)) {
7263 if (freq == 0) {
7264 wpa_printf(MSG_DEBUG, "nl80211: Use bss->freq=%d",
7265 bss->freq);
7266 freq = bss->freq;
7267 }
7268 return nl80211_send_frame_cmd(bss, freq,
7269 (int) freq == bss->freq ? 0 :
7270 wait_time,
7271 data, data_len,
7272 &drv->send_action_cookie,
7273 no_cck, noack, offchanok);
7274 }
7275
7276 if (WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT &&
7277 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_AUTH) {
7278 /*
7279 * Only one of the authentication frame types is encrypted.
7280 * In order for static WEP encryption to work properly (i.e.,
7281 * to not encrypt the frame), we need to tell mac80211 about
7282 * the frames that must not be encrypted.
7283 */
7284 u16 auth_alg = le_to_host16(mgmt->u.auth.auth_alg);
7285 u16 auth_trans = le_to_host16(mgmt->u.auth.auth_transaction);
7286 if (auth_alg != WLAN_AUTH_SHARED_KEY || auth_trans != 3)
7287 encrypt = 0;
7288 }
7289
7290 wpa_printf(MSG_DEBUG, "nl80211: send_mlme -> send_frame");
7291 return wpa_driver_nl80211_send_frame(bss, data, data_len, encrypt,
7292 noack, freq, no_cck, offchanok,
7293 wait_time);
7294 }
7295
7296
7297 static int nl80211_set_bss(struct i802_bss *bss, int cts, int preamble,
7298 int slot, int ht_opmode, int ap_isolate,
7299 int *basic_rates)
7300 {
7301 struct wpa_driver_nl80211_data *drv = bss->drv;
7302 struct nl_msg *msg;
7303
7304 msg = nlmsg_alloc();
7305 if (!msg)
7306 return -ENOMEM;
7307
7308 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_BSS);
7309
7310 if (cts >= 0)
7311 NLA_PUT_U8(msg, NL80211_ATTR_BSS_CTS_PROT, cts);
7312 if (preamble >= 0)
7313 NLA_PUT_U8(msg, NL80211_ATTR_BSS_SHORT_PREAMBLE, preamble);
7314 if (slot >= 0)
7315 NLA_PUT_U8(msg, NL80211_ATTR_BSS_SHORT_SLOT_TIME, slot);
7316 if (ht_opmode >= 0)
7317 NLA_PUT_U16(msg, NL80211_ATTR_BSS_HT_OPMODE, ht_opmode);
7318 if (ap_isolate >= 0)
7319 NLA_PUT_U8(msg, NL80211_ATTR_AP_ISOLATE, ap_isolate);
7320
7321 if (basic_rates) {
7322 u8 rates[NL80211_MAX_SUPP_RATES];
7323 u8 rates_len = 0;
7324 int i;
7325
7326 for (i = 0; i < NL80211_MAX_SUPP_RATES && basic_rates[i] >= 0;
7327 i++)
7328 rates[rates_len++] = basic_rates[i] / 5;
7329
7330 NLA_PUT(msg, NL80211_ATTR_BSS_BASIC_RATES, rates_len, rates);
7331 }
7332
7333 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(bss->ifname));
7334
7335 return send_and_recv_msgs(drv, msg, NULL, NULL);
7336 nla_put_failure:
7337 nlmsg_free(msg);
7338 return -ENOBUFS;
7339 }
7340
7341
7342 static int wpa_driver_nl80211_set_acl(void *priv,
7343 struct hostapd_acl_params *params)
7344 {
7345 struct i802_bss *bss = priv;
7346 struct wpa_driver_nl80211_data *drv = bss->drv;
7347 struct nl_msg *msg;
7348 struct nlattr *acl;
7349 unsigned int i;
7350 int ret = 0;
7351
7352 if (!(drv->capa.max_acl_mac_addrs))
7353 return -ENOTSUP;
7354
7355 if (params->num_mac_acl > drv->capa.max_acl_mac_addrs)
7356 return -ENOTSUP;
7357
7358 msg = nlmsg_alloc();
7359 if (!msg)
7360 return -ENOMEM;
7361
7362 wpa_printf(MSG_DEBUG, "nl80211: Set %s ACL (num_mac_acl=%u)",
7363 params->acl_policy ? "Accept" : "Deny", params->num_mac_acl);
7364
7365 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_MAC_ACL);
7366
7367 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
7368
7369 NLA_PUT_U32(msg, NL80211_ATTR_ACL_POLICY, params->acl_policy ?
7370 NL80211_ACL_POLICY_DENY_UNLESS_LISTED :
7371 NL80211_ACL_POLICY_ACCEPT_UNLESS_LISTED);
7372
7373 acl = nla_nest_start(msg, NL80211_ATTR_MAC_ADDRS);
7374 if (acl == NULL)
7375 goto nla_put_failure;
7376
7377 for (i = 0; i < params->num_mac_acl; i++)
7378 NLA_PUT(msg, i + 1, ETH_ALEN, params->mac_acl[i].addr);
7379
7380 nla_nest_end(msg, acl);
7381
7382 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
7383 msg = NULL;
7384 if (ret) {
7385 wpa_printf(MSG_DEBUG, "nl80211: Failed to set MAC ACL: %d (%s)",
7386 ret, strerror(-ret));
7387 }
7388
7389 nla_put_failure:
7390 nlmsg_free(msg);
7391
7392 return ret;
7393 }
7394
7395
7396 static int wpa_driver_nl80211_set_ap(void *priv,
7397 struct wpa_driver_ap_params *params)
7398 {
7399 struct i802_bss *bss = priv;
7400 struct wpa_driver_nl80211_data *drv = bss->drv;
7401 struct nl_msg *msg;
7402 u8 cmd = NL80211_CMD_NEW_BEACON;
7403 int ret;
7404 int beacon_set;
7405 int ifindex = if_nametoindex(bss->ifname);
7406 int num_suites;
7407 u32 suites[10], suite;
7408 u32 ver;
7409
7410 beacon_set = bss->beacon_set;
7411
7412 msg = nlmsg_alloc();
7413 if (!msg)
7414 return -ENOMEM;
7415
7416 wpa_printf(MSG_DEBUG, "nl80211: Set beacon (beacon_set=%d)",
7417 beacon_set);
7418 if (beacon_set)
7419 cmd = NL80211_CMD_SET_BEACON;
7420
7421 nl80211_cmd(drv, msg, 0, cmd);
7422 wpa_hexdump(MSG_DEBUG, "nl80211: Beacon head",
7423 params->head, params->head_len);
7424 NLA_PUT(msg, NL80211_ATTR_BEACON_HEAD, params->head_len, params->head);
7425 wpa_hexdump(MSG_DEBUG, "nl80211: Beacon tail",
7426 params->tail, params->tail_len);
7427 NLA_PUT(msg, NL80211_ATTR_BEACON_TAIL, params->tail_len, params->tail);
7428 wpa_printf(MSG_DEBUG, "nl80211: ifindex=%d", ifindex);
7429 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifindex);
7430 wpa_printf(MSG_DEBUG, "nl80211: beacon_int=%d", params->beacon_int);
7431 NLA_PUT_U32(msg, NL80211_ATTR_BEACON_INTERVAL, params->beacon_int);
7432 wpa_printf(MSG_DEBUG, "nl80211: dtim_period=%d", params->dtim_period);
7433 NLA_PUT_U32(msg, NL80211_ATTR_DTIM_PERIOD, params->dtim_period);
7434 wpa_hexdump_ascii(MSG_DEBUG, "nl80211: ssid",
7435 params->ssid, params->ssid_len);
7436 NLA_PUT(msg, NL80211_ATTR_SSID, params->ssid_len,
7437 params->ssid);
7438 if (params->proberesp && params->proberesp_len) {
7439 wpa_hexdump(MSG_DEBUG, "nl80211: proberesp (offload)",
7440 params->proberesp, params->proberesp_len);
7441 NLA_PUT(msg, NL80211_ATTR_PROBE_RESP, params->proberesp_len,
7442 params->proberesp);
7443 }
7444 switch (params->hide_ssid) {
7445 case NO_SSID_HIDING:
7446 wpa_printf(MSG_DEBUG, "nl80211: hidden SSID not in use");
7447 NLA_PUT_U32(msg, NL80211_ATTR_HIDDEN_SSID,
7448 NL80211_HIDDEN_SSID_NOT_IN_USE);
7449 break;
7450 case HIDDEN_SSID_ZERO_LEN:
7451 wpa_printf(MSG_DEBUG, "nl80211: hidden SSID zero len");
7452 NLA_PUT_U32(msg, NL80211_ATTR_HIDDEN_SSID,
7453 NL80211_HIDDEN_SSID_ZERO_LEN);
7454 break;
7455 case HIDDEN_SSID_ZERO_CONTENTS:
7456 wpa_printf(MSG_DEBUG, "nl80211: hidden SSID zero contents");
7457 NLA_PUT_U32(msg, NL80211_ATTR_HIDDEN_SSID,
7458 NL80211_HIDDEN_SSID_ZERO_CONTENTS);
7459 break;
7460 }
7461 wpa_printf(MSG_DEBUG, "nl80211: privacy=%d", params->privacy);
7462 if (params->privacy)
7463 NLA_PUT_FLAG(msg, NL80211_ATTR_PRIVACY);
7464 wpa_printf(MSG_DEBUG, "nl80211: auth_algs=0x%x", params->auth_algs);
7465 if ((params->auth_algs & (WPA_AUTH_ALG_OPEN | WPA_AUTH_ALG_SHARED)) ==
7466 (WPA_AUTH_ALG_OPEN | WPA_AUTH_ALG_SHARED)) {
7467 /* Leave out the attribute */
7468 } else if (params->auth_algs & WPA_AUTH_ALG_SHARED)
7469 NLA_PUT_U32(msg, NL80211_ATTR_AUTH_TYPE,
7470 NL80211_AUTHTYPE_SHARED_KEY);
7471 else
7472 NLA_PUT_U32(msg, NL80211_ATTR_AUTH_TYPE,
7473 NL80211_AUTHTYPE_OPEN_SYSTEM);
7474
7475 wpa_printf(MSG_DEBUG, "nl80211: wpa_version=0x%x", params->wpa_version);
7476 ver = 0;
7477 if (params->wpa_version & WPA_PROTO_WPA)
7478 ver |= NL80211_WPA_VERSION_1;
7479 if (params->wpa_version & WPA_PROTO_RSN)
7480 ver |= NL80211_WPA_VERSION_2;
7481 if (ver)
7482 NLA_PUT_U32(msg, NL80211_ATTR_WPA_VERSIONS, ver);
7483
7484 wpa_printf(MSG_DEBUG, "nl80211: key_mgmt_suites=0x%x",
7485 params->key_mgmt_suites);
7486 num_suites = 0;
7487 if (params->key_mgmt_suites & WPA_KEY_MGMT_IEEE8021X)
7488 suites[num_suites++] = WLAN_AKM_SUITE_8021X;
7489 if (params->key_mgmt_suites & WPA_KEY_MGMT_PSK)
7490 suites[num_suites++] = WLAN_AKM_SUITE_PSK;
7491 if (num_suites) {
7492 NLA_PUT(msg, NL80211_ATTR_AKM_SUITES,
7493 num_suites * sizeof(u32), suites);
7494 }
7495
7496 if (params->key_mgmt_suites & WPA_KEY_MGMT_IEEE8021X &&
7497 params->pairwise_ciphers & (WPA_CIPHER_WEP104 | WPA_CIPHER_WEP40))
7498 NLA_PUT_FLAG(msg, NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT);
7499
7500 wpa_printf(MSG_DEBUG, "nl80211: pairwise_ciphers=0x%x",
7501 params->pairwise_ciphers);
7502 num_suites = wpa_cipher_to_cipher_suites(params->pairwise_ciphers,
7503 suites, ARRAY_SIZE(suites));
7504 if (num_suites) {
7505 NLA_PUT(msg, NL80211_ATTR_CIPHER_SUITES_PAIRWISE,
7506 num_suites * sizeof(u32), suites);
7507 }
7508
7509 wpa_printf(MSG_DEBUG, "nl80211: group_cipher=0x%x",
7510 params->group_cipher);
7511 suite = wpa_cipher_to_cipher_suite(params->group_cipher);
7512 if (suite)
7513 NLA_PUT_U32(msg, NL80211_ATTR_CIPHER_SUITE_GROUP, suite);
7514
7515 if (params->beacon_ies) {
7516 wpa_hexdump_buf(MSG_DEBUG, "nl80211: beacon_ies",
7517 params->beacon_ies);
7518 NLA_PUT(msg, NL80211_ATTR_IE, wpabuf_len(params->beacon_ies),
7519 wpabuf_head(params->beacon_ies));
7520 }
7521 if (params->proberesp_ies) {
7522 wpa_hexdump_buf(MSG_DEBUG, "nl80211: proberesp_ies",
7523 params->proberesp_ies);
7524 NLA_PUT(msg, NL80211_ATTR_IE_PROBE_RESP,
7525 wpabuf_len(params->proberesp_ies),
7526 wpabuf_head(params->proberesp_ies));
7527 }
7528 if (params->assocresp_ies) {
7529 wpa_hexdump_buf(MSG_DEBUG, "nl80211: assocresp_ies",
7530 params->assocresp_ies);
7531 NLA_PUT(msg, NL80211_ATTR_IE_ASSOC_RESP,
7532 wpabuf_len(params->assocresp_ies),
7533 wpabuf_head(params->assocresp_ies));
7534 }
7535
7536 if (drv->capa.flags & WPA_DRIVER_FLAGS_INACTIVITY_TIMER) {
7537 wpa_printf(MSG_DEBUG, "nl80211: ap_max_inactivity=%d",
7538 params->ap_max_inactivity);
7539 NLA_PUT_U16(msg, NL80211_ATTR_INACTIVITY_TIMEOUT,
7540 params->ap_max_inactivity);
7541 }
7542
7543 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
7544 if (ret) {
7545 wpa_printf(MSG_DEBUG, "nl80211: Beacon set failed: %d (%s)",
7546 ret, strerror(-ret));
7547 } else {
7548 bss->beacon_set = 1;
7549 nl80211_set_bss(bss, params->cts_protect, params->preamble,
7550 params->short_slot_time, params->ht_opmode,
7551 params->isolate, params->basic_rates);
7552 if (beacon_set && params->freq &&
7553 params->freq->bandwidth != bss->bandwidth) {
7554 wpa_printf(MSG_DEBUG,
7555 "nl80211: Update BSS %s bandwidth: %d -> %d",
7556 bss->ifname, bss->bandwidth,
7557 params->freq->bandwidth);
7558 ret = nl80211_set_channel(bss, params->freq, 1);
7559 if (ret) {
7560 wpa_printf(MSG_DEBUG,
7561 "nl80211: Frequency set failed: %d (%s)",
7562 ret, strerror(-ret));
7563 } else {
7564 wpa_printf(MSG_DEBUG,
7565 "nl80211: Frequency set succeeded for ht2040 coex");
7566 bss->bandwidth = params->freq->bandwidth;
7567 }
7568 } else if (!beacon_set) {
7569 /*
7570 * cfg80211 updates the driver on frequence change in AP
7571 * mode only at the point when beaconing is started, so
7572 * set the initial value here.
7573 */
7574 bss->bandwidth = params->freq->bandwidth;
7575 }
7576 }
7577 return ret;
7578 nla_put_failure:
7579 nlmsg_free(msg);
7580 return -ENOBUFS;
7581 }
7582
7583
7584 static int nl80211_put_freq_params(struct nl_msg *msg,
7585 struct hostapd_freq_params *freq)
7586 {
7587 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, freq->freq);
7588 if (freq->vht_enabled) {
7589 switch (freq->bandwidth) {
7590 case 20:
7591 NLA_PUT_U32(msg, NL80211_ATTR_CHANNEL_WIDTH,
7592 NL80211_CHAN_WIDTH_20);
7593 break;
7594 case 40:
7595 NLA_PUT_U32(msg, NL80211_ATTR_CHANNEL_WIDTH,
7596 NL80211_CHAN_WIDTH_40);
7597 break;
7598 case 80:
7599 if (freq->center_freq2)
7600 NLA_PUT_U32(msg, NL80211_ATTR_CHANNEL_WIDTH,
7601 NL80211_CHAN_WIDTH_80P80);
7602 else
7603 NLA_PUT_U32(msg, NL80211_ATTR_CHANNEL_WIDTH,
7604 NL80211_CHAN_WIDTH_80);
7605 break;
7606 case 160:
7607 NLA_PUT_U32(msg, NL80211_ATTR_CHANNEL_WIDTH,
7608 NL80211_CHAN_WIDTH_160);
7609 break;
7610 default:
7611 return -EINVAL;
7612 }
7613 NLA_PUT_U32(msg, NL80211_ATTR_CENTER_FREQ1, freq->center_freq1);
7614 if (freq->center_freq2)
7615 NLA_PUT_U32(msg, NL80211_ATTR_CENTER_FREQ2,
7616 freq->center_freq2);
7617 } else if (freq->ht_enabled) {
7618 switch (freq->sec_channel_offset) {
7619 case -1:
7620 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE,
7621 NL80211_CHAN_HT40MINUS);
7622 break;
7623 case 1:
7624 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE,
7625 NL80211_CHAN_HT40PLUS);
7626 break;
7627 default:
7628 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE,
7629 NL80211_CHAN_HT20);
7630 break;
7631 }
7632 }
7633 return 0;
7634
7635 nla_put_failure:
7636 return -ENOBUFS;
7637 }
7638
7639
7640 static int nl80211_set_channel(struct i802_bss *bss,
7641 struct hostapd_freq_params *freq, int set_chan)
7642 {
7643 struct wpa_driver_nl80211_data *drv = bss->drv;
7644 struct nl_msg *msg;
7645 int ret;
7646
7647 wpa_printf(MSG_DEBUG,
7648 "nl80211: Set freq %d (ht_enabled=%d, vht_enabled=%d, bandwidth=%d MHz, cf1=%d MHz, cf2=%d MHz)",
7649 freq->freq, freq->ht_enabled, freq->vht_enabled,
7650 freq->bandwidth, freq->center_freq1, freq->center_freq2);
7651 msg = nlmsg_alloc();
7652 if (!msg)
7653 return -1;
7654
7655 nl80211_cmd(drv, msg, 0, set_chan ? NL80211_CMD_SET_CHANNEL :
7656 NL80211_CMD_SET_WIPHY);
7657
7658 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
7659 if (nl80211_put_freq_params(msg, freq) < 0)
7660 goto nla_put_failure;
7661
7662 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
7663 msg = NULL;
7664 if (ret == 0) {
7665 bss->freq = freq->freq;
7666 return 0;
7667 }
7668 wpa_printf(MSG_DEBUG, "nl80211: Failed to set channel (freq=%d): "
7669 "%d (%s)", freq->freq, ret, strerror(-ret));
7670 nla_put_failure:
7671 nlmsg_free(msg);
7672 return -1;
7673 }
7674
7675
7676 static u32 sta_flags_nl80211(int flags)
7677 {
7678 u32 f = 0;
7679
7680 if (flags & WPA_STA_AUTHORIZED)
7681 f |= BIT(NL80211_STA_FLAG_AUTHORIZED);
7682 if (flags & WPA_STA_WMM)
7683 f |= BIT(NL80211_STA_FLAG_WME);
7684 if (flags & WPA_STA_SHORT_PREAMBLE)
7685 f |= BIT(NL80211_STA_FLAG_SHORT_PREAMBLE);
7686 if (flags & WPA_STA_MFP)
7687 f |= BIT(NL80211_STA_FLAG_MFP);
7688 if (flags & WPA_STA_TDLS_PEER)
7689 f |= BIT(NL80211_STA_FLAG_TDLS_PEER);
7690
7691 return f;
7692 }
7693
7694
7695 static int wpa_driver_nl80211_sta_add(void *priv,
7696 struct hostapd_sta_add_params *params)
7697 {
7698 struct i802_bss *bss = priv;
7699 struct wpa_driver_nl80211_data *drv = bss->drv;
7700 struct nl_msg *msg;
7701 struct nl80211_sta_flag_update upd;
7702 int ret = -ENOBUFS;
7703
7704 if ((params->flags & WPA_STA_TDLS_PEER) &&
7705 !(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT))
7706 return -EOPNOTSUPP;
7707
7708 msg = nlmsg_alloc();
7709 if (!msg)
7710 return -ENOMEM;
7711
7712 wpa_printf(MSG_DEBUG, "nl80211: %s STA " MACSTR,
7713 params->set ? "Set" : "Add", MAC2STR(params->addr));
7714 nl80211_cmd(drv, msg, 0, params->set ? NL80211_CMD_SET_STATION :
7715 NL80211_CMD_NEW_STATION);
7716
7717 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(bss->ifname));
7718 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, params->addr);
7719 NLA_PUT(msg, NL80211_ATTR_STA_SUPPORTED_RATES, params->supp_rates_len,
7720 params->supp_rates);
7721 wpa_hexdump(MSG_DEBUG, " * supported rates", params->supp_rates,
7722 params->supp_rates_len);
7723 if (!params->set) {
7724 if (params->aid) {
7725 wpa_printf(MSG_DEBUG, " * aid=%u", params->aid);
7726 NLA_PUT_U16(msg, NL80211_ATTR_STA_AID, params->aid);
7727 } else {
7728 /*
7729 * cfg80211 validates that AID is non-zero, so we have
7730 * to make this a non-zero value for the TDLS case where
7731 * a dummy STA entry is used for now.
7732 */
7733 wpa_printf(MSG_DEBUG, " * aid=1 (TDLS workaround)");
7734 NLA_PUT_U16(msg, NL80211_ATTR_STA_AID, 1);
7735 }
7736 wpa_printf(MSG_DEBUG, " * listen_interval=%u",
7737 params->listen_interval);
7738 NLA_PUT_U16(msg, NL80211_ATTR_STA_LISTEN_INTERVAL,
7739 params->listen_interval);
7740 } else if (params->aid && (params->flags & WPA_STA_TDLS_PEER)) {
7741 wpa_printf(MSG_DEBUG, " * peer_aid=%u", params->aid);
7742 NLA_PUT_U16(msg, NL80211_ATTR_PEER_AID, params->aid);
7743 }
7744 if (params->ht_capabilities) {
7745 wpa_hexdump(MSG_DEBUG, " * ht_capabilities",
7746 (u8 *) params->ht_capabilities,
7747 sizeof(*params->ht_capabilities));
7748 NLA_PUT(msg, NL80211_ATTR_HT_CAPABILITY,
7749 sizeof(*params->ht_capabilities),
7750 params->ht_capabilities);
7751 }
7752
7753 if (params->vht_capabilities) {
7754 wpa_hexdump(MSG_DEBUG, " * vht_capabilities",
7755 (u8 *) params->vht_capabilities,
7756 sizeof(*params->vht_capabilities));
7757 NLA_PUT(msg, NL80211_ATTR_VHT_CAPABILITY,
7758 sizeof(*params->vht_capabilities),
7759 params->vht_capabilities);
7760 }
7761
7762 if (params->vht_opmode_enabled) {
7763 wpa_printf(MSG_DEBUG, " * opmode=%u", params->vht_opmode);
7764 NLA_PUT_U8(msg, NL80211_ATTR_OPMODE_NOTIF,
7765 params->vht_opmode);
7766 }
7767
7768 wpa_printf(MSG_DEBUG, " * capability=0x%x", params->capability);
7769 NLA_PUT_U16(msg, NL80211_ATTR_STA_CAPABILITY, params->capability);
7770
7771 if (params->ext_capab) {
7772 wpa_hexdump(MSG_DEBUG, " * ext_capab",
7773 params->ext_capab, params->ext_capab_len);
7774 NLA_PUT(msg, NL80211_ATTR_STA_EXT_CAPABILITY,
7775 params->ext_capab_len, params->ext_capab);
7776 }
7777
7778 if (params->supp_channels) {
7779 wpa_hexdump(MSG_DEBUG, " * supported channels",
7780 params->supp_channels, params->supp_channels_len);
7781 NLA_PUT(msg, NL80211_ATTR_STA_SUPPORTED_CHANNELS,
7782 params->supp_channels_len, params->supp_channels);
7783 }
7784
7785 if (params->supp_oper_classes) {
7786 wpa_hexdump(MSG_DEBUG, " * supported operating classes",
7787 params->supp_oper_classes,
7788 params->supp_oper_classes_len);
7789 NLA_PUT(msg, NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES,
7790 params->supp_oper_classes_len,
7791 params->supp_oper_classes);
7792 }
7793
7794 os_memset(&upd, 0, sizeof(upd));
7795 upd.set = sta_flags_nl80211(params->flags);
7796 upd.mask = upd.set | sta_flags_nl80211(params->flags_mask);
7797 wpa_printf(MSG_DEBUG, " * flags set=0x%x mask=0x%x",
7798 upd.set, upd.mask);
7799 NLA_PUT(msg, NL80211_ATTR_STA_FLAGS2, sizeof(upd), &upd);
7800
7801 if (params->flags & WPA_STA_WMM) {
7802 struct nlattr *wme = nla_nest_start(msg, NL80211_ATTR_STA_WME);
7803
7804 if (!wme)
7805 goto nla_put_failure;
7806
7807 wpa_printf(MSG_DEBUG, " * qosinfo=0x%x", params->qosinfo);
7808 NLA_PUT_U8(msg, NL80211_STA_WME_UAPSD_QUEUES,
7809 params->qosinfo & WMM_QOSINFO_STA_AC_MASK);
7810 NLA_PUT_U8(msg, NL80211_STA_WME_MAX_SP,
7811 (params->qosinfo >> WMM_QOSINFO_STA_SP_SHIFT) &
7812 WMM_QOSINFO_STA_SP_MASK);
7813 nla_nest_end(msg, wme);
7814 }
7815
7816 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
7817 msg = NULL;
7818 if (ret)
7819 wpa_printf(MSG_DEBUG, "nl80211: NL80211_CMD_%s_STATION "
7820 "result: %d (%s)", params->set ? "SET" : "NEW", ret,
7821 strerror(-ret));
7822 if (ret == -EEXIST)
7823 ret = 0;
7824 nla_put_failure:
7825 nlmsg_free(msg);
7826 return ret;
7827 }
7828
7829
7830 static void rtnl_neigh_delete_fdb_entry(struct i802_bss *bss, const u8 *addr)
7831 {
7832 #ifdef CONFIG_LIBNL3_ROUTE
7833 struct wpa_driver_nl80211_data *drv = bss->drv;
7834 struct rtnl_neigh *rn;
7835 struct nl_addr *nl_addr;
7836 int err;
7837
7838 rn = rtnl_neigh_alloc();
7839 if (!rn)
7840 return;
7841
7842 rtnl_neigh_set_family(rn, AF_BRIDGE);
7843 rtnl_neigh_set_ifindex(rn, bss->ifindex);
7844 nl_addr = nl_addr_build(AF_BRIDGE, (void *) addr, ETH_ALEN);
7845 if (!nl_addr) {
7846 rtnl_neigh_put(rn);
7847 return;
7848 }
7849 rtnl_neigh_set_lladdr(rn, nl_addr);
7850
7851 err = rtnl_neigh_delete(drv->rtnl_sk, rn, 0);
7852 if (err < 0) {
7853 wpa_printf(MSG_DEBUG, "nl80211: bridge FDB entry delete for "
7854 MACSTR " ifindex=%d failed: %s", MAC2STR(addr),
7855 bss->ifindex, nl_geterror(err));
7856 } else {
7857 wpa_printf(MSG_DEBUG, "nl80211: deleted bridge FDB entry for "
7858 MACSTR, MAC2STR(addr));
7859 }
7860
7861 nl_addr_put(nl_addr);
7862 rtnl_neigh_put(rn);
7863 #endif /* CONFIG_LIBNL3_ROUTE */
7864 }
7865
7866
7867 static int wpa_driver_nl80211_sta_remove(struct i802_bss *bss, const u8 *addr,
7868 int deauth, u16 reason_code)
7869 {
7870 struct wpa_driver_nl80211_data *drv = bss->drv;
7871 struct nl_msg *msg;
7872 int ret;
7873
7874 msg = nlmsg_alloc();
7875 if (!msg)
7876 return -ENOMEM;
7877
7878 nl80211_cmd(drv, msg, 0, NL80211_CMD_DEL_STATION);
7879
7880 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
7881 if_nametoindex(bss->ifname));
7882 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
7883 if (deauth == 0)
7884 NLA_PUT_U8(msg, NL80211_ATTR_MGMT_SUBTYPE,
7885 WLAN_FC_STYPE_DISASSOC);
7886 else if (deauth == 1)
7887 NLA_PUT_U8(msg, NL80211_ATTR_MGMT_SUBTYPE,
7888 WLAN_FC_STYPE_DEAUTH);
7889 if (reason_code)
7890 NLA_PUT_U16(msg, NL80211_ATTR_REASON_CODE, reason_code);
7891
7892 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
7893 wpa_printf(MSG_DEBUG, "nl80211: sta_remove -> DEL_STATION %s " MACSTR
7894 " --> %d (%s)",
7895 bss->ifname, MAC2STR(addr), ret, strerror(-ret));
7896
7897 if (drv->rtnl_sk)
7898 rtnl_neigh_delete_fdb_entry(bss, addr);
7899
7900 if (ret == -ENOENT)
7901 return 0;
7902 return ret;
7903 nla_put_failure:
7904 nlmsg_free(msg);
7905 return -ENOBUFS;
7906 }
7907
7908
7909 static void nl80211_remove_iface(struct wpa_driver_nl80211_data *drv,
7910 int ifidx)
7911 {
7912 struct nl_msg *msg;
7913 struct wpa_driver_nl80211_data *drv2;
7914
7915 wpa_printf(MSG_DEBUG, "nl80211: Remove interface ifindex=%d", ifidx);
7916
7917 /* stop listening for EAPOL on this interface */
7918 dl_list_for_each(drv2, &drv->global->interfaces,
7919 struct wpa_driver_nl80211_data, list)
7920 del_ifidx(drv2, ifidx);
7921
7922 msg = nlmsg_alloc();
7923 if (!msg)
7924 goto nla_put_failure;
7925
7926 nl80211_cmd(drv, msg, 0, NL80211_CMD_DEL_INTERFACE);
7927 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifidx);
7928
7929 if (send_and_recv_msgs(drv, msg, NULL, NULL) == 0)
7930 return;
7931 msg = NULL;
7932 nla_put_failure:
7933 nlmsg_free(msg);
7934 wpa_printf(MSG_ERROR, "Failed to remove interface (ifidx=%d)", ifidx);
7935 }
7936
7937
7938 static const char * nl80211_iftype_str(enum nl80211_iftype mode)
7939 {
7940 switch (mode) {
7941 case NL80211_IFTYPE_ADHOC:
7942 return "ADHOC";
7943 case NL80211_IFTYPE_STATION:
7944 return "STATION";
7945 case NL80211_IFTYPE_AP:
7946 return "AP";
7947 case NL80211_IFTYPE_AP_VLAN:
7948 return "AP_VLAN";
7949 case NL80211_IFTYPE_WDS:
7950 return "WDS";
7951 case NL80211_IFTYPE_MONITOR:
7952 return "MONITOR";
7953 case NL80211_IFTYPE_MESH_POINT:
7954 return "MESH_POINT";
7955 case NL80211_IFTYPE_P2P_CLIENT:
7956 return "P2P_CLIENT";
7957 case NL80211_IFTYPE_P2P_GO:
7958 return "P2P_GO";
7959 case NL80211_IFTYPE_P2P_DEVICE:
7960 return "P2P_DEVICE";
7961 default:
7962 return "unknown";
7963 }
7964 }
7965
7966
7967 static int nl80211_create_iface_once(struct wpa_driver_nl80211_data *drv,
7968 const char *ifname,
7969 enum nl80211_iftype iftype,
7970 const u8 *addr, int wds,
7971 int (*handler)(struct nl_msg *, void *),
7972 void *arg)
7973 {
7974 struct nl_msg *msg;
7975 int ifidx;
7976 int ret = -ENOBUFS;
7977
7978 wpa_printf(MSG_DEBUG, "nl80211: Create interface iftype %d (%s)",
7979 iftype, nl80211_iftype_str(iftype));
7980
7981 msg = nlmsg_alloc();
7982 if (!msg)
7983 return -1;
7984
7985 nl80211_cmd(drv, msg, 0, NL80211_CMD_NEW_INTERFACE);
7986 if (nl80211_set_iface_id(msg, drv->first_bss) < 0)
7987 goto nla_put_failure;
7988 NLA_PUT_STRING(msg, NL80211_ATTR_IFNAME, ifname);
7989 NLA_PUT_U32(msg, NL80211_ATTR_IFTYPE, iftype);
7990
7991 if (iftype == NL80211_IFTYPE_MONITOR) {
7992 struct nlattr *flags;
7993
7994 flags = nla_nest_start(msg, NL80211_ATTR_MNTR_FLAGS);
7995 if (!flags)
7996 goto nla_put_failure;
7997
7998 NLA_PUT_FLAG(msg, NL80211_MNTR_FLAG_COOK_FRAMES);
7999
8000 nla_nest_end(msg, flags);
8001 } else if (wds) {
8002 NLA_PUT_U8(msg, NL80211_ATTR_4ADDR, wds);
8003 }
8004
8005 /*
8006 * Tell cfg80211 that the interface belongs to the socket that created
8007 * it, and the interface should be deleted when the socket is closed.
8008 */
8009 NLA_PUT_FLAG(msg, NL80211_ATTR_IFACE_SOCKET_OWNER);
8010
8011 ret = send_and_recv_msgs(drv, msg, handler, arg);
8012 msg = NULL;
8013 if (ret) {
8014 nla_put_failure:
8015 nlmsg_free(msg);
8016 wpa_printf(MSG_ERROR, "Failed to create interface %s: %d (%s)",
8017 ifname, ret, strerror(-ret));
8018 return ret;
8019 }
8020
8021 if (iftype == NL80211_IFTYPE_P2P_DEVICE)
8022 return 0;
8023
8024 ifidx = if_nametoindex(ifname);
8025 wpa_printf(MSG_DEBUG, "nl80211: New interface %s created: ifindex=%d",
8026 ifname, ifidx);
8027
8028 if (ifidx <= 0)
8029 return -1;
8030
8031 /*
8032 * Some virtual interfaces need to process EAPOL packets and events on
8033 * the parent interface. This is used mainly with hostapd.
8034 */
8035 if (drv->hostapd ||
8036 iftype == NL80211_IFTYPE_AP_VLAN ||
8037 iftype == NL80211_IFTYPE_WDS ||
8038 iftype == NL80211_IFTYPE_MONITOR) {
8039 /* start listening for EAPOL on this interface */
8040 add_ifidx(drv, ifidx);
8041 }
8042
8043 if (addr && iftype != NL80211_IFTYPE_MONITOR &&
8044 linux_set_ifhwaddr(drv->global->ioctl_sock, ifname, addr)) {
8045 nl80211_remove_iface(drv, ifidx);
8046 return -1;
8047 }
8048
8049 return ifidx;
8050 }
8051
8052
8053 static int nl80211_create_iface(struct wpa_driver_nl80211_data *drv,
8054 const char *ifname, enum nl80211_iftype iftype,
8055 const u8 *addr, int wds,
8056 int (*handler)(struct nl_msg *, void *),
8057 void *arg, int use_existing)
8058 {
8059 int ret;
8060
8061 ret = nl80211_create_iface_once(drv, ifname, iftype, addr, wds, handler,
8062 arg);
8063
8064 /* if error occurred and interface exists already */
8065 if (ret == -ENFILE && if_nametoindex(ifname)) {
8066 if (use_existing) {
8067 wpa_printf(MSG_DEBUG, "nl80211: Continue using existing interface %s",
8068 ifname);
8069 if (addr && iftype != NL80211_IFTYPE_MONITOR &&
8070 linux_set_ifhwaddr(drv->global->ioctl_sock, ifname,
8071 addr) < 0 &&
8072 (linux_set_iface_flags(drv->global->ioctl_sock,
8073 ifname, 0) < 0 ||
8074 linux_set_ifhwaddr(drv->global->ioctl_sock, ifname,
8075 addr) < 0 ||
8076 linux_set_iface_flags(drv->global->ioctl_sock,
8077 ifname, 1) < 0))
8078 return -1;
8079 return -ENFILE;
8080 }
8081 wpa_printf(MSG_INFO, "Try to remove and re-create %s", ifname);
8082
8083 /* Try to remove the interface that was already there. */
8084 nl80211_remove_iface(drv, if_nametoindex(ifname));
8085
8086 /* Try to create the interface again */
8087 ret = nl80211_create_iface_once(drv, ifname, iftype, addr,
8088 wds, handler, arg);
8089 }
8090
8091 if (ret >= 0 && is_p2p_net_interface(iftype))
8092 nl80211_disable_11b_rates(drv, ret, 1);
8093
8094 return ret;
8095 }
8096
8097
8098 static void handle_tx_callback(void *ctx, u8 *buf, size_t len, int ok)
8099 {
8100 struct ieee80211_hdr *hdr;
8101 u16 fc;
8102 union wpa_event_data event;
8103
8104 hdr = (struct ieee80211_hdr *) buf;
8105 fc = le_to_host16(hdr->frame_control);
8106
8107 os_memset(&event, 0, sizeof(event));
8108 event.tx_status.type = WLAN_FC_GET_TYPE(fc);
8109 event.tx_status.stype = WLAN_FC_GET_STYPE(fc);
8110 event.tx_status.dst = hdr->addr1;
8111 event.tx_status.data = buf;
8112 event.tx_status.data_len = len;
8113 event.tx_status.ack = ok;
8114 wpa_supplicant_event(ctx, EVENT_TX_STATUS, &event);
8115 }
8116
8117
8118 static void from_unknown_sta(struct wpa_driver_nl80211_data *drv,
8119 u8 *buf, size_t len)
8120 {
8121 struct ieee80211_hdr *hdr = (void *)buf;
8122 u16 fc;
8123 union wpa_event_data event;
8124
8125 if (len < sizeof(*hdr))
8126 return;
8127
8128 fc = le_to_host16(hdr->frame_control);
8129
8130 os_memset(&event, 0, sizeof(event));
8131 event.rx_from_unknown.bssid = get_hdr_bssid(hdr, len);
8132 event.rx_from_unknown.addr = hdr->addr2;
8133 event.rx_from_unknown.wds = (fc & (WLAN_FC_FROMDS | WLAN_FC_TODS)) ==
8134 (WLAN_FC_FROMDS | WLAN_FC_TODS);
8135 wpa_supplicant_event(drv->ctx, EVENT_RX_FROM_UNKNOWN, &event);
8136 }
8137
8138
8139 static void handle_frame(struct wpa_driver_nl80211_data *drv,
8140 u8 *buf, size_t len, int datarate, int ssi_signal)
8141 {
8142 struct ieee80211_hdr *hdr;
8143 u16 fc;
8144 union wpa_event_data event;
8145
8146 hdr = (struct ieee80211_hdr *) buf;
8147 fc = le_to_host16(hdr->frame_control);
8148
8149 switch (WLAN_FC_GET_TYPE(fc)) {
8150 case WLAN_FC_TYPE_MGMT:
8151 os_memset(&event, 0, sizeof(event));
8152 event.rx_mgmt.frame = buf;
8153 event.rx_mgmt.frame_len = len;
8154 event.rx_mgmt.datarate = datarate;
8155 event.rx_mgmt.ssi_signal = ssi_signal;
8156 wpa_supplicant_event(drv->ctx, EVENT_RX_MGMT, &event);
8157 break;
8158 case WLAN_FC_TYPE_CTRL:
8159 /* can only get here with PS-Poll frames */
8160 wpa_printf(MSG_DEBUG, "CTRL");
8161 from_unknown_sta(drv, buf, len);
8162 break;
8163 case WLAN_FC_TYPE_DATA:
8164 from_unknown_sta(drv, buf, len);
8165 break;
8166 }
8167 }
8168
8169
8170 static void handle_monitor_read(int sock, void *eloop_ctx, void *sock_ctx)
8171 {
8172 struct wpa_driver_nl80211_data *drv = eloop_ctx;
8173 int len;
8174 unsigned char buf[3000];
8175 struct ieee80211_radiotap_iterator iter;
8176 int ret;
8177 int datarate = 0, ssi_signal = 0;
8178 int injected = 0, failed = 0, rxflags = 0;
8179
8180 len = recv(sock, buf, sizeof(buf), 0);
8181 if (len < 0) {
8182 wpa_printf(MSG_ERROR, "nl80211: Monitor socket recv failed: %s",
8183 strerror(errno));
8184 return;
8185 }
8186
8187 if (ieee80211_radiotap_iterator_init(&iter, (void *) buf, len, NULL)) {
8188 wpa_printf(MSG_INFO, "nl80211: received invalid radiotap frame");
8189 return;
8190 }
8191
8192 while (1) {
8193 ret = ieee80211_radiotap_iterator_next(&iter);
8194 if (ret == -ENOENT)
8195 break;
8196 if (ret) {
8197 wpa_printf(MSG_INFO, "nl80211: received invalid radiotap frame (%d)",
8198 ret);
8199 return;
8200 }
8201 switch (iter.this_arg_index) {
8202 case IEEE80211_RADIOTAP_FLAGS:
8203 if (*iter.this_arg & IEEE80211_RADIOTAP_F_FCS)
8204 len -= 4;
8205 break;
8206 case IEEE80211_RADIOTAP_RX_FLAGS:
8207 rxflags = 1;
8208 break;
8209 case IEEE80211_RADIOTAP_TX_FLAGS:
8210 injected = 1;
8211 failed = le_to_host16((*(uint16_t *) iter.this_arg)) &
8212 IEEE80211_RADIOTAP_F_TX_FAIL;
8213 break;
8214 case IEEE80211_RADIOTAP_DATA_RETRIES:
8215 break;
8216 case IEEE80211_RADIOTAP_CHANNEL:
8217 /* TODO: convert from freq/flags to channel number */
8218 break;
8219 case IEEE80211_RADIOTAP_RATE:
8220 datarate = *iter.this_arg * 5;
8221 break;
8222 case IEEE80211_RADIOTAP_DBM_ANTSIGNAL:
8223 ssi_signal = (s8) *iter.this_arg;
8224 break;
8225 }
8226 }
8227
8228 if (rxflags && injected)
8229 return;
8230
8231 if (!injected)
8232 handle_frame(drv, buf + iter._max_length,
8233 len - iter._max_length, datarate, ssi_signal);
8234 else
8235 handle_tx_callback(drv->ctx, buf + iter._max_length,
8236 len - iter._max_length, !failed);
8237 }
8238
8239
8240 /*
8241 * we post-process the filter code later and rewrite
8242 * this to the offset to the last instruction
8243 */
8244 #define PASS 0xFF
8245 #define FAIL 0xFE
8246
8247 static struct sock_filter msock_filter_insns[] = {
8248 /*
8249 * do a little-endian load of the radiotap length field
8250 */
8251 /* load lower byte into A */
8252 BPF_STMT(BPF_LD | BPF_B | BPF_ABS, 2),
8253 /* put it into X (== index register) */
8254 BPF_STMT(BPF_MISC| BPF_TAX, 0),
8255 /* load upper byte into A */
8256 BPF_STMT(BPF_LD | BPF_B | BPF_ABS, 3),
8257 /* left-shift it by 8 */
8258 BPF_STMT(BPF_ALU | BPF_LSH | BPF_K, 8),
8259 /* or with X */
8260 BPF_STMT(BPF_ALU | BPF_OR | BPF_X, 0),
8261 /* put result into X */
8262 BPF_STMT(BPF_MISC| BPF_TAX, 0),
8263
8264 /*
8265 * Allow management frames through, this also gives us those
8266 * management frames that we sent ourselves with status
8267 */
8268 /* load the lower byte of the IEEE 802.11 frame control field */
8269 BPF_STMT(BPF_LD | BPF_B | BPF_IND, 0),
8270 /* mask off frame type and version */
8271 BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0xF),
8272 /* accept frame if it's both 0, fall through otherwise */
8273 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 0, PASS, 0),
8274
8275 /*
8276 * TODO: add a bit to radiotap RX flags that indicates
8277 * that the sending station is not associated, then
8278 * add a filter here that filters on our DA and that flag
8279 * to allow us to deauth frames to that bad station.
8280 *
8281 * For now allow all To DS data frames through.
8282 */
8283 /* load the IEEE 802.11 frame control field */
8284 BPF_STMT(BPF_LD | BPF_H | BPF_IND, 0),
8285 /* mask off frame type, version and DS status */
8286 BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0x0F03),
8287 /* accept frame if version 0, type 2 and To DS, fall through otherwise
8288 */
8289 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 0x0801, PASS, 0),
8290
8291 #if 0
8292 /*
8293 * drop non-data frames
8294 */
8295 /* load the lower byte of the frame control field */
8296 BPF_STMT(BPF_LD | BPF_B | BPF_IND, 0),
8297 /* mask off QoS bit */
8298 BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0x0c),
8299 /* drop non-data frames */
8300 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 8, 0, FAIL),
8301 #endif
8302 /* load the upper byte of the frame control field */
8303 BPF_STMT(BPF_LD | BPF_B | BPF_IND, 1),
8304 /* mask off toDS/fromDS */
8305 BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0x03),
8306 /* accept WDS frames */
8307 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 3, PASS, 0),
8308
8309 /*
8310 * add header length to index
8311 */
8312 /* load the lower byte of the frame control field */
8313 BPF_STMT(BPF_LD | BPF_B | BPF_IND, 0),
8314 /* mask off QoS bit */
8315 BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0x80),
8316 /* right shift it by 6 to give 0 or 2 */
8317 BPF_STMT(BPF_ALU | BPF_RSH | BPF_K, 6),
8318 /* add data frame header length */
8319 BPF_STMT(BPF_ALU | BPF_ADD | BPF_K, 24),
8320 /* add index, was start of 802.11 header */
8321 BPF_STMT(BPF_ALU | BPF_ADD | BPF_X, 0),
8322 /* move to index, now start of LL header */
8323 BPF_STMT(BPF_MISC | BPF_TAX, 0),
8324
8325 /*
8326 * Accept empty data frames, we use those for
8327 * polling activity.
8328 */
8329 BPF_STMT(BPF_LD | BPF_W | BPF_LEN, 0),
8330 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_X, 0, PASS, 0),
8331
8332 /*
8333 * Accept EAPOL frames
8334 */
8335 BPF_STMT(BPF_LD | BPF_W | BPF_IND, 0),
8336 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 0xAAAA0300, 0, FAIL),
8337 BPF_STMT(BPF_LD | BPF_W | BPF_IND, 4),
8338 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 0x0000888E, PASS, FAIL),
8339
8340 /* keep these last two statements or change the code below */
8341 /* return 0 == "DROP" */
8342 BPF_STMT(BPF_RET | BPF_K, 0),
8343 /* return ~0 == "keep all" */
8344 BPF_STMT(BPF_RET | BPF_K, ~0),
8345 };
8346
8347 static struct sock_fprog msock_filter = {
8348 .len = ARRAY_SIZE(msock_filter_insns),
8349 .filter = msock_filter_insns,
8350 };
8351
8352
8353 static int add_monitor_filter(int s)
8354 {
8355 int idx;
8356
8357 /* rewrite all PASS/FAIL jump offsets */
8358 for (idx = 0; idx < msock_filter.len; idx++) {
8359 struct sock_filter *insn = &msock_filter_insns[idx];
8360
8361 if (BPF_CLASS(insn->code) == BPF_JMP) {
8362 if (insn->code == (BPF_JMP|BPF_JA)) {
8363 if (insn->k == PASS)
8364 insn->k = msock_filter.len - idx - 2;
8365 else if (insn->k == FAIL)
8366 insn->k = msock_filter.len - idx - 3;
8367 }
8368
8369 if (insn->jt == PASS)
8370 insn->jt = msock_filter.len - idx - 2;
8371 else if (insn->jt == FAIL)
8372 insn->jt = msock_filter.len - idx - 3;
8373
8374 if (insn->jf == PASS)
8375 insn->jf = msock_filter.len - idx - 2;
8376 else if (insn->jf == FAIL)
8377 insn->jf = msock_filter.len - idx - 3;
8378 }
8379 }
8380
8381 if (setsockopt(s, SOL_SOCKET, SO_ATTACH_FILTER,
8382 &msock_filter, sizeof(msock_filter))) {
8383 wpa_printf(MSG_ERROR, "nl80211: setsockopt(SO_ATTACH_FILTER) failed: %s",
8384 strerror(errno));
8385 return -1;
8386 }
8387
8388 return 0;
8389 }
8390
8391
8392 static void nl80211_remove_monitor_interface(
8393 struct wpa_driver_nl80211_data *drv)
8394 {
8395 if (drv->monitor_refcount > 0)
8396 drv->monitor_refcount--;
8397 wpa_printf(MSG_DEBUG, "nl80211: Remove monitor interface: refcount=%d",
8398 drv->monitor_refcount);
8399 if (drv->monitor_refcount > 0)
8400 return;
8401
8402 if (drv->monitor_ifidx >= 0) {
8403 nl80211_remove_iface(drv, drv->monitor_ifidx);
8404 drv->monitor_ifidx = -1;
8405 }
8406 if (drv->monitor_sock >= 0) {
8407 eloop_unregister_read_sock(drv->monitor_sock);
8408 close(drv->monitor_sock);
8409 drv->monitor_sock = -1;
8410 }
8411 }
8412
8413
8414 static int
8415 nl80211_create_monitor_interface(struct wpa_driver_nl80211_data *drv)
8416 {
8417 char buf[IFNAMSIZ];
8418 struct sockaddr_ll ll;
8419 int optval;
8420 socklen_t optlen;
8421
8422 if (drv->monitor_ifidx >= 0) {
8423 drv->monitor_refcount++;
8424 wpa_printf(MSG_DEBUG, "nl80211: Re-use existing monitor interface: refcount=%d",
8425 drv->monitor_refcount);
8426 return 0;
8427 }
8428
8429 if (os_strncmp(drv->first_bss->ifname, "p2p-", 4) == 0) {
8430 /*
8431 * P2P interface name is of the format p2p-%s-%d. For monitor
8432 * interface name corresponding to P2P GO, replace "p2p-" with
8433 * "mon-" to retain the same interface name length and to
8434 * indicate that it is a monitor interface.
8435 */
8436 snprintf(buf, IFNAMSIZ, "mon-%s", drv->first_bss->ifname + 4);
8437 } else {
8438 /* Non-P2P interface with AP functionality. */
8439 snprintf(buf, IFNAMSIZ, "mon.%s", drv->first_bss->ifname);
8440 }
8441
8442 buf[IFNAMSIZ - 1] = '\0';
8443
8444 drv->monitor_ifidx =
8445 nl80211_create_iface(drv, buf, NL80211_IFTYPE_MONITOR, NULL,
8446 0, NULL, NULL, 0);
8447
8448 if (drv->monitor_ifidx == -EOPNOTSUPP) {
8449 /*
8450 * This is backward compatibility for a few versions of
8451 * the kernel only that didn't advertise the right
8452 * attributes for the only driver that then supported
8453 * AP mode w/o monitor -- ath6kl.
8454 */
8455 wpa_printf(MSG_DEBUG, "nl80211: Driver does not support "
8456 "monitor interface type - try to run without it");
8457 drv->device_ap_sme = 1;
8458 }
8459
8460 if (drv->monitor_ifidx < 0)
8461 return -1;
8462
8463 if (linux_set_iface_flags(drv->global->ioctl_sock, buf, 1))
8464 goto error;
8465
8466 memset(&ll, 0, sizeof(ll));
8467 ll.sll_family = AF_PACKET;
8468 ll.sll_ifindex = drv->monitor_ifidx;
8469 drv->monitor_sock = socket(PF_PACKET, SOCK_RAW, htons(ETH_P_ALL));
8470 if (drv->monitor_sock < 0) {
8471 wpa_printf(MSG_ERROR, "nl80211: socket[PF_PACKET,SOCK_RAW] failed: %s",
8472 strerror(errno));
8473 goto error;
8474 }
8475
8476 if (add_monitor_filter(drv->monitor_sock)) {
8477 wpa_printf(MSG_INFO, "Failed to set socket filter for monitor "
8478 "interface; do filtering in user space");
8479 /* This works, but will cost in performance. */
8480 }
8481
8482 if (bind(drv->monitor_sock, (struct sockaddr *) &ll, sizeof(ll)) < 0) {
8483 wpa_printf(MSG_ERROR, "nl80211: monitor socket bind failed: %s",
8484 strerror(errno));
8485 goto error;
8486 }
8487
8488 optlen = sizeof(optval);
8489 optval = 20;
8490 if (setsockopt
8491 (drv->monitor_sock, SOL_SOCKET, SO_PRIORITY, &optval, optlen)) {
8492 wpa_printf(MSG_ERROR, "nl80211: Failed to set socket priority: %s",
8493 strerror(errno));
8494 goto error;
8495 }
8496
8497 if (eloop_register_read_sock(drv->monitor_sock, handle_monitor_read,
8498 drv, NULL)) {
8499 wpa_printf(MSG_INFO, "nl80211: Could not register monitor read socket");
8500 goto error;
8501 }
8502
8503 drv->monitor_refcount++;
8504 return 0;
8505 error:
8506 nl80211_remove_monitor_interface(drv);
8507 return -1;
8508 }
8509
8510
8511 static int nl80211_setup_ap(struct i802_bss *bss)
8512 {
8513 struct wpa_driver_nl80211_data *drv = bss->drv;
8514
8515 wpa_printf(MSG_DEBUG, "nl80211: Setup AP(%s) - device_ap_sme=%d use_monitor=%d",
8516 bss->ifname, drv->device_ap_sme, drv->use_monitor);
8517
8518 /*
8519 * Disable Probe Request reporting unless we need it in this way for
8520 * devices that include the AP SME, in the other case (unless using
8521 * monitor iface) we'll get it through the nl_mgmt socket instead.
8522 */
8523 if (!drv->device_ap_sme)
8524 wpa_driver_nl80211_probe_req_report(bss, 0);
8525
8526 if (!drv->device_ap_sme && !drv->use_monitor)
8527 if (nl80211_mgmt_subscribe_ap(bss))
8528 return -1;
8529
8530 if (drv->device_ap_sme && !drv->use_monitor)
8531 if (nl80211_mgmt_subscribe_ap_dev_sme(bss))
8532 return -1;
8533
8534 if (!drv->device_ap_sme && drv->use_monitor &&
8535 nl80211_create_monitor_interface(drv) &&
8536 !drv->device_ap_sme)
8537 return -1;
8538
8539 if (drv->device_ap_sme &&
8540 wpa_driver_nl80211_probe_req_report(bss, 1) < 0) {
8541 wpa_printf(MSG_DEBUG, "nl80211: Failed to enable "
8542 "Probe Request frame reporting in AP mode");
8543 /* Try to survive without this */
8544 }
8545
8546 return 0;
8547 }
8548
8549
8550 static void nl80211_teardown_ap(struct i802_bss *bss)
8551 {
8552 struct wpa_driver_nl80211_data *drv = bss->drv;
8553
8554 wpa_printf(MSG_DEBUG, "nl80211: Teardown AP(%s) - device_ap_sme=%d use_monitor=%d",
8555 bss->ifname, drv->device_ap_sme, drv->use_monitor);
8556 if (drv->device_ap_sme) {
8557 wpa_driver_nl80211_probe_req_report(bss, 0);
8558 if (!drv->use_monitor)
8559 nl80211_mgmt_unsubscribe(bss, "AP teardown (dev SME)");
8560 } else if (drv->use_monitor)
8561 nl80211_remove_monitor_interface(drv);
8562 else
8563 nl80211_mgmt_unsubscribe(bss, "AP teardown");
8564
8565 bss->beacon_set = 0;
8566 }
8567
8568
8569 static int nl80211_send_eapol_data(struct i802_bss *bss,
8570 const u8 *addr, const u8 *data,
8571 size_t data_len)
8572 {
8573 struct sockaddr_ll ll;
8574 int ret;
8575
8576 if (bss->drv->eapol_tx_sock < 0) {
8577 wpa_printf(MSG_DEBUG, "nl80211: No socket to send EAPOL");
8578 return -1;
8579 }
8580
8581 os_memset(&ll, 0, sizeof(ll));
8582 ll.sll_family = AF_PACKET;
8583 ll.sll_ifindex = bss->ifindex;
8584 ll.sll_protocol = htons(ETH_P_PAE);
8585 ll.sll_halen = ETH_ALEN;
8586 os_memcpy(ll.sll_addr, addr, ETH_ALEN);
8587 ret = sendto(bss->drv->eapol_tx_sock, data, data_len, 0,
8588 (struct sockaddr *) &ll, sizeof(ll));
8589 if (ret < 0)
8590 wpa_printf(MSG_ERROR, "nl80211: EAPOL TX: %s",
8591 strerror(errno));
8592
8593 return ret;
8594 }
8595
8596
8597 static const u8 rfc1042_header[6] = { 0xaa, 0xaa, 0x03, 0x00, 0x00, 0x00 };
8598
8599 static int wpa_driver_nl80211_hapd_send_eapol(
8600 void *priv, const u8 *addr, const u8 *data,
8601 size_t data_len, int encrypt, const u8 *own_addr, u32 flags)
8602 {
8603 struct i802_bss *bss = priv;
8604 struct wpa_driver_nl80211_data *drv = bss->drv;
8605 struct ieee80211_hdr *hdr;
8606 size_t len;
8607 u8 *pos;
8608 int res;
8609 int qos = flags & WPA_STA_WMM;
8610
8611 if (drv->device_ap_sme || !drv->use_monitor)
8612 return nl80211_send_eapol_data(bss, addr, data, data_len);
8613
8614 len = sizeof(*hdr) + (qos ? 2 : 0) + sizeof(rfc1042_header) + 2 +
8615 data_len;
8616 hdr = os_zalloc(len);
8617 if (hdr == NULL) {
8618 wpa_printf(MSG_INFO, "nl80211: Failed to allocate EAPOL buffer(len=%lu)",
8619 (unsigned long) len);
8620 return -1;
8621 }
8622
8623 hdr->frame_control =
8624 IEEE80211_FC(WLAN_FC_TYPE_DATA, WLAN_FC_STYPE_DATA);
8625 hdr->frame_control |= host_to_le16(WLAN_FC_FROMDS);
8626 if (encrypt)
8627 hdr->frame_control |= host_to_le16(WLAN_FC_ISWEP);
8628 if (qos) {
8629 hdr->frame_control |=
8630 host_to_le16(WLAN_FC_STYPE_QOS_DATA << 4);
8631 }
8632
8633 memcpy(hdr->IEEE80211_DA_FROMDS, addr, ETH_ALEN);
8634 memcpy(hdr->IEEE80211_BSSID_FROMDS, own_addr, ETH_ALEN);
8635 memcpy(hdr->IEEE80211_SA_FROMDS, own_addr, ETH_ALEN);
8636 pos = (u8 *) (hdr + 1);
8637
8638 if (qos) {
8639 /* Set highest priority in QoS header */
8640 pos[0] = 7;
8641 pos[1] = 0;
8642 pos += 2;
8643 }
8644
8645 memcpy(pos, rfc1042_header, sizeof(rfc1042_header));
8646 pos += sizeof(rfc1042_header);
8647 WPA_PUT_BE16(pos, ETH_P_PAE);
8648 pos += 2;
8649 memcpy(pos, data, data_len);
8650
8651 res = wpa_driver_nl80211_send_frame(bss, (u8 *) hdr, len, encrypt, 0,
8652 0, 0, 0, 0);
8653 if (res < 0) {
8654 wpa_printf(MSG_ERROR, "i802_send_eapol - packet len: %lu - "
8655 "failed: %d (%s)",
8656 (unsigned long) len, errno, strerror(errno));
8657 }
8658 os_free(hdr);
8659
8660 return res;
8661 }
8662
8663
8664 static int wpa_driver_nl80211_sta_set_flags(void *priv, const u8 *addr,
8665 int total_flags,
8666 int flags_or, int flags_and)
8667 {
8668 struct i802_bss *bss = priv;
8669 struct wpa_driver_nl80211_data *drv = bss->drv;
8670 struct nl_msg *msg;
8671 struct nlattr *flags;
8672 struct nl80211_sta_flag_update upd;
8673
8674 wpa_printf(MSG_DEBUG, "nl80211: Set STA flags - ifname=%s addr=" MACSTR
8675 " total_flags=0x%x flags_or=0x%x flags_and=0x%x authorized=%d",
8676 bss->ifname, MAC2STR(addr), total_flags, flags_or, flags_and,
8677 !!(total_flags & WPA_STA_AUTHORIZED));
8678
8679 msg = nlmsg_alloc();
8680 if (!msg)
8681 return -ENOMEM;
8682
8683 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_STATION);
8684
8685 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
8686 if_nametoindex(bss->ifname));
8687 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
8688
8689 /*
8690 * Backwards compatibility version using NL80211_ATTR_STA_FLAGS. This
8691 * can be removed eventually.
8692 */
8693 flags = nla_nest_start(msg, NL80211_ATTR_STA_FLAGS);
8694 if (!flags)
8695 goto nla_put_failure;
8696 if (total_flags & WPA_STA_AUTHORIZED)
8697 NLA_PUT_FLAG(msg, NL80211_STA_FLAG_AUTHORIZED);
8698
8699 if (total_flags & WPA_STA_WMM)
8700 NLA_PUT_FLAG(msg, NL80211_STA_FLAG_WME);
8701
8702 if (total_flags & WPA_STA_SHORT_PREAMBLE)
8703 NLA_PUT_FLAG(msg, NL80211_STA_FLAG_SHORT_PREAMBLE);
8704
8705 if (total_flags & WPA_STA_MFP)
8706 NLA_PUT_FLAG(msg, NL80211_STA_FLAG_MFP);
8707
8708 if (total_flags & WPA_STA_TDLS_PEER)
8709 NLA_PUT_FLAG(msg, NL80211_STA_FLAG_TDLS_PEER);
8710
8711 nla_nest_end(msg, flags);
8712
8713 os_memset(&upd, 0, sizeof(upd));
8714 upd.mask = sta_flags_nl80211(flags_or | ~flags_and);
8715 upd.set = sta_flags_nl80211(flags_or);
8716 NLA_PUT(msg, NL80211_ATTR_STA_FLAGS2, sizeof(upd), &upd);
8717
8718 return send_and_recv_msgs(drv, msg, NULL, NULL);
8719 nla_put_failure:
8720 nlmsg_free(msg);
8721 return -ENOBUFS;
8722 }
8723
8724
8725 static int wpa_driver_nl80211_ap(struct wpa_driver_nl80211_data *drv,
8726 struct wpa_driver_associate_params *params)
8727 {
8728 enum nl80211_iftype nlmode, old_mode;
8729
8730 if (params->p2p) {
8731 wpa_printf(MSG_DEBUG, "nl80211: Setup AP operations for P2P "
8732 "group (GO)");
8733 nlmode = NL80211_IFTYPE_P2P_GO;
8734 } else
8735 nlmode = NL80211_IFTYPE_AP;
8736
8737 old_mode = drv->nlmode;
8738 if (wpa_driver_nl80211_set_mode(drv->first_bss, nlmode)) {
8739 nl80211_remove_monitor_interface(drv);
8740 return -1;
8741 }
8742
8743 if (nl80211_set_channel(drv->first_bss, &params->freq, 0)) {
8744 if (old_mode != nlmode)
8745 wpa_driver_nl80211_set_mode(drv->first_bss, old_mode);
8746 nl80211_remove_monitor_interface(drv);
8747 return -1;
8748 }
8749
8750 return 0;
8751 }
8752
8753
8754 static int nl80211_leave_ibss(struct wpa_driver_nl80211_data *drv)
8755 {
8756 struct nl_msg *msg;
8757 int ret = -1;
8758
8759 msg = nlmsg_alloc();
8760 if (!msg)
8761 return -1;
8762
8763 nl80211_cmd(drv, msg, 0, NL80211_CMD_LEAVE_IBSS);
8764 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
8765 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
8766 msg = NULL;
8767 if (ret) {
8768 wpa_printf(MSG_DEBUG, "nl80211: Leave IBSS failed: ret=%d "
8769 "(%s)", ret, strerror(-ret));
8770 goto nla_put_failure;
8771 }
8772
8773 ret = 0;
8774 wpa_printf(MSG_DEBUG, "nl80211: Leave IBSS request sent successfully");
8775
8776 nla_put_failure:
8777 if (wpa_driver_nl80211_set_mode(drv->first_bss,
8778 NL80211_IFTYPE_STATION)) {
8779 wpa_printf(MSG_INFO, "nl80211: Failed to set interface into "
8780 "station mode");
8781 }
8782
8783 nlmsg_free(msg);
8784 return ret;
8785 }
8786
8787
8788 static int wpa_driver_nl80211_ibss(struct wpa_driver_nl80211_data *drv,
8789 struct wpa_driver_associate_params *params)
8790 {
8791 struct nl_msg *msg;
8792 int ret = -1;
8793 int count = 0;
8794
8795 wpa_printf(MSG_DEBUG, "nl80211: Join IBSS (ifindex=%d)", drv->ifindex);
8796
8797 if (wpa_driver_nl80211_set_mode_ibss(drv->first_bss, &params->freq)) {
8798 wpa_printf(MSG_INFO, "nl80211: Failed to set interface into "
8799 "IBSS mode");
8800 return -1;
8801 }
8802
8803 retry:
8804 msg = nlmsg_alloc();
8805 if (!msg)
8806 return -1;
8807
8808 nl80211_cmd(drv, msg, 0, NL80211_CMD_JOIN_IBSS);
8809 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
8810
8811 if (params->ssid == NULL || params->ssid_len > sizeof(drv->ssid))
8812 goto nla_put_failure;
8813
8814 wpa_hexdump_ascii(MSG_DEBUG, " * SSID",
8815 params->ssid, params->ssid_len);
8816 NLA_PUT(msg, NL80211_ATTR_SSID, params->ssid_len,
8817 params->ssid);
8818 os_memcpy(drv->ssid, params->ssid, params->ssid_len);
8819 drv->ssid_len = params->ssid_len;
8820
8821 wpa_printf(MSG_DEBUG, " * freq=%d", params->freq.freq);
8822 wpa_printf(MSG_DEBUG, " * ht_enabled=%d", params->freq.ht_enabled);
8823 wpa_printf(MSG_DEBUG, " * sec_channel_offset=%d",
8824 params->freq.sec_channel_offset);
8825 wpa_printf(MSG_DEBUG, " * vht_enabled=%d", params->freq.vht_enabled);
8826 wpa_printf(MSG_DEBUG, " * center_freq1=%d", params->freq.center_freq1);
8827 wpa_printf(MSG_DEBUG, " * center_freq2=%d", params->freq.center_freq2);
8828 wpa_printf(MSG_DEBUG, " * bandwidth=%d", params->freq.bandwidth);
8829 if (nl80211_put_freq_params(msg, &params->freq) < 0)
8830 goto nla_put_failure;
8831
8832 if (params->beacon_int > 0) {
8833 wpa_printf(MSG_DEBUG, " * beacon_int=%d", params->beacon_int);
8834 NLA_PUT_U32(msg, NL80211_ATTR_BEACON_INTERVAL,
8835 params->beacon_int);
8836 }
8837
8838 ret = nl80211_set_conn_keys(params, msg);
8839 if (ret)
8840 goto nla_put_failure;
8841
8842 if (params->bssid && params->fixed_bssid) {
8843 wpa_printf(MSG_DEBUG, " * BSSID=" MACSTR,
8844 MAC2STR(params->bssid));
8845 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid);
8846 }
8847
8848 if (params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
8849 params->key_mgmt_suite == WPA_KEY_MGMT_PSK ||
8850 params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
8851 params->key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256) {
8852 wpa_printf(MSG_DEBUG, " * control port");
8853 NLA_PUT_FLAG(msg, NL80211_ATTR_CONTROL_PORT);
8854 }
8855
8856 if (params->wpa_ie) {
8857 wpa_hexdump(MSG_DEBUG,
8858 " * Extra IEs for Beacon/Probe Response frames",
8859 params->wpa_ie, params->wpa_ie_len);
8860 NLA_PUT(msg, NL80211_ATTR_IE, params->wpa_ie_len,
8861 params->wpa_ie);
8862 }
8863
8864 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
8865 msg = NULL;
8866 if (ret) {
8867 wpa_printf(MSG_DEBUG, "nl80211: Join IBSS failed: ret=%d (%s)",
8868 ret, strerror(-ret));
8869 count++;
8870 if (ret == -EALREADY && count == 1) {
8871 wpa_printf(MSG_DEBUG, "nl80211: Retry IBSS join after "
8872 "forced leave");
8873 nl80211_leave_ibss(drv);
8874 nlmsg_free(msg);
8875 goto retry;
8876 }
8877
8878 goto nla_put_failure;
8879 }
8880 ret = 0;
8881 wpa_printf(MSG_DEBUG, "nl80211: Join IBSS request sent successfully");
8882
8883 nla_put_failure:
8884 nlmsg_free(msg);
8885 return ret;
8886 }
8887
8888
8889 static int nl80211_connect_common(struct wpa_driver_nl80211_data *drv,
8890 struct wpa_driver_associate_params *params,
8891 struct nl_msg *msg)
8892 {
8893 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
8894
8895 if (params->bssid) {
8896 wpa_printf(MSG_DEBUG, " * bssid=" MACSTR,
8897 MAC2STR(params->bssid));
8898 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid);
8899 }
8900
8901 if (params->bssid_hint) {
8902 wpa_printf(MSG_DEBUG, " * bssid_hint=" MACSTR,
8903 MAC2STR(params->bssid_hint));
8904 NLA_PUT(msg, NL80211_ATTR_MAC_HINT, ETH_ALEN,
8905 params->bssid_hint);
8906 }
8907
8908 if (params->freq.freq) {
8909 wpa_printf(MSG_DEBUG, " * freq=%d", params->freq.freq);
8910 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, params->freq.freq);
8911 drv->assoc_freq = params->freq.freq;
8912 } else
8913 drv->assoc_freq = 0;
8914
8915 if (params->freq_hint) {
8916 wpa_printf(MSG_DEBUG, " * freq_hint=%d", params->freq_hint);
8917 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ_HINT,
8918 params->freq_hint);
8919 }
8920
8921 if (params->bg_scan_period >= 0) {
8922 wpa_printf(MSG_DEBUG, " * bg scan period=%d",
8923 params->bg_scan_period);
8924 NLA_PUT_U16(msg, NL80211_ATTR_BG_SCAN_PERIOD,
8925 params->bg_scan_period);
8926 }
8927
8928 if (params->ssid) {
8929 wpa_hexdump_ascii(MSG_DEBUG, " * SSID",
8930 params->ssid, params->ssid_len);
8931 NLA_PUT(msg, NL80211_ATTR_SSID, params->ssid_len,
8932 params->ssid);
8933 if (params->ssid_len > sizeof(drv->ssid))
8934 goto nla_put_failure;
8935 os_memcpy(drv->ssid, params->ssid, params->ssid_len);
8936 drv->ssid_len = params->ssid_len;
8937 }
8938
8939 wpa_hexdump(MSG_DEBUG, " * IEs", params->wpa_ie, params->wpa_ie_len);
8940 if (params->wpa_ie)
8941 NLA_PUT(msg, NL80211_ATTR_IE, params->wpa_ie_len,
8942 params->wpa_ie);
8943
8944 if (params->wpa_proto) {
8945 enum nl80211_wpa_versions ver = 0;
8946
8947 if (params->wpa_proto & WPA_PROTO_WPA)
8948 ver |= NL80211_WPA_VERSION_1;
8949 if (params->wpa_proto & WPA_PROTO_RSN)
8950 ver |= NL80211_WPA_VERSION_2;
8951
8952 wpa_printf(MSG_DEBUG, " * WPA Versions 0x%x", ver);
8953 NLA_PUT_U32(msg, NL80211_ATTR_WPA_VERSIONS, ver);
8954 }
8955
8956 if (params->pairwise_suite != WPA_CIPHER_NONE) {
8957 u32 cipher = wpa_cipher_to_cipher_suite(params->pairwise_suite);
8958 wpa_printf(MSG_DEBUG, " * pairwise=0x%x", cipher);
8959 NLA_PUT_U32(msg, NL80211_ATTR_CIPHER_SUITES_PAIRWISE, cipher);
8960 }
8961
8962 if (params->group_suite == WPA_CIPHER_GTK_NOT_USED &&
8963 !(drv->capa.enc & WPA_DRIVER_CAPA_ENC_GTK_NOT_USED)) {
8964 /*
8965 * This is likely to work even though many drivers do not
8966 * advertise support for operations without GTK.
8967 */
8968 wpa_printf(MSG_DEBUG, " * skip group cipher configuration for GTK_NOT_USED due to missing driver support advertisement");
8969 } else if (params->group_suite != WPA_CIPHER_NONE) {
8970 u32 cipher = wpa_cipher_to_cipher_suite(params->group_suite);
8971 wpa_printf(MSG_DEBUG, " * group=0x%x", cipher);
8972 NLA_PUT_U32(msg, NL80211_ATTR_CIPHER_SUITE_GROUP, cipher);
8973 }
8974
8975 if (params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
8976 params->key_mgmt_suite == WPA_KEY_MGMT_PSK ||
8977 params->key_mgmt_suite == WPA_KEY_MGMT_FT_IEEE8021X ||
8978 params->key_mgmt_suite == WPA_KEY_MGMT_FT_PSK ||
8979 params->key_mgmt_suite == WPA_KEY_MGMT_CCKM ||
8980 params->key_mgmt_suite == WPA_KEY_MGMT_OSEN ||
8981 params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
8982 params->key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256) {
8983 int mgmt = WLAN_AKM_SUITE_PSK;
8984
8985 switch (params->key_mgmt_suite) {
8986 case WPA_KEY_MGMT_CCKM:
8987 mgmt = WLAN_AKM_SUITE_CCKM;
8988 break;
8989 case WPA_KEY_MGMT_IEEE8021X:
8990 mgmt = WLAN_AKM_SUITE_8021X;
8991 break;
8992 case WPA_KEY_MGMT_FT_IEEE8021X:
8993 mgmt = WLAN_AKM_SUITE_FT_8021X;
8994 break;
8995 case WPA_KEY_MGMT_FT_PSK:
8996 mgmt = WLAN_AKM_SUITE_FT_PSK;
8997 break;
8998 case WPA_KEY_MGMT_IEEE8021X_SHA256:
8999 mgmt = WLAN_AKM_SUITE_8021X_SHA256;
9000 break;
9001 case WPA_KEY_MGMT_PSK_SHA256:
9002 mgmt = WLAN_AKM_SUITE_PSK_SHA256;
9003 break;
9004 case WPA_KEY_MGMT_OSEN:
9005 mgmt = WLAN_AKM_SUITE_OSEN;
9006 break;
9007 case WPA_KEY_MGMT_PSK:
9008 default:
9009 mgmt = WLAN_AKM_SUITE_PSK;
9010 break;
9011 }
9012 wpa_printf(MSG_DEBUG, " * akm=0x%x", mgmt);
9013 NLA_PUT_U32(msg, NL80211_ATTR_AKM_SUITES, mgmt);
9014 }
9015
9016 NLA_PUT_FLAG(msg, NL80211_ATTR_CONTROL_PORT);
9017
9018 if (params->mgmt_frame_protection == MGMT_FRAME_PROTECTION_REQUIRED)
9019 NLA_PUT_U32(msg, NL80211_ATTR_USE_MFP, NL80211_MFP_REQUIRED);
9020
9021 if (params->disable_ht)
9022 NLA_PUT_FLAG(msg, NL80211_ATTR_DISABLE_HT);
9023
9024 if (params->htcaps && params->htcaps_mask) {
9025 int sz = sizeof(struct ieee80211_ht_capabilities);
9026 wpa_hexdump(MSG_DEBUG, " * htcaps", params->htcaps, sz);
9027 NLA_PUT(msg, NL80211_ATTR_HT_CAPABILITY, sz, params->htcaps);
9028 wpa_hexdump(MSG_DEBUG, " * htcaps_mask",
9029 params->htcaps_mask, sz);
9030 NLA_PUT(msg, NL80211_ATTR_HT_CAPABILITY_MASK, sz,
9031 params->htcaps_mask);
9032 }
9033
9034 #ifdef CONFIG_VHT_OVERRIDES
9035 if (params->disable_vht) {
9036 wpa_printf(MSG_DEBUG, " * VHT disabled");
9037 NLA_PUT_FLAG(msg, NL80211_ATTR_DISABLE_VHT);
9038 }
9039
9040 if (params->vhtcaps && params->vhtcaps_mask) {
9041 int sz = sizeof(struct ieee80211_vht_capabilities);
9042 wpa_hexdump(MSG_DEBUG, " * vhtcaps", params->vhtcaps, sz);
9043 NLA_PUT(msg, NL80211_ATTR_VHT_CAPABILITY, sz, params->vhtcaps);
9044 wpa_hexdump(MSG_DEBUG, " * vhtcaps_mask",
9045 params->vhtcaps_mask, sz);
9046 NLA_PUT(msg, NL80211_ATTR_VHT_CAPABILITY_MASK, sz,
9047 params->vhtcaps_mask);
9048 }
9049 #endif /* CONFIG_VHT_OVERRIDES */
9050
9051 if (params->p2p)
9052 wpa_printf(MSG_DEBUG, " * P2P group");
9053
9054 return 0;
9055 nla_put_failure:
9056 return -1;
9057 }
9058
9059
9060 static int wpa_driver_nl80211_try_connect(
9061 struct wpa_driver_nl80211_data *drv,
9062 struct wpa_driver_associate_params *params)
9063 {
9064 struct nl_msg *msg;
9065 enum nl80211_auth_type type;
9066 int ret;
9067 int algs;
9068
9069 msg = nlmsg_alloc();
9070 if (!msg)
9071 return -1;
9072
9073 wpa_printf(MSG_DEBUG, "nl80211: Connect (ifindex=%d)", drv->ifindex);
9074 nl80211_cmd(drv, msg, 0, NL80211_CMD_CONNECT);
9075
9076 ret = nl80211_connect_common(drv, params, msg);
9077 if (ret)
9078 goto nla_put_failure;
9079
9080 algs = 0;
9081 if (params->auth_alg & WPA_AUTH_ALG_OPEN)
9082 algs++;
9083 if (params->auth_alg & WPA_AUTH_ALG_SHARED)
9084 algs++;
9085 if (params->auth_alg & WPA_AUTH_ALG_LEAP)
9086 algs++;
9087 if (algs > 1) {
9088 wpa_printf(MSG_DEBUG, " * Leave out Auth Type for automatic "
9089 "selection");
9090 goto skip_auth_type;
9091 }
9092
9093 if (params->auth_alg & WPA_AUTH_ALG_OPEN)
9094 type = NL80211_AUTHTYPE_OPEN_SYSTEM;
9095 else if (params->auth_alg & WPA_AUTH_ALG_SHARED)
9096 type = NL80211_AUTHTYPE_SHARED_KEY;
9097 else if (params->auth_alg & WPA_AUTH_ALG_LEAP)
9098 type = NL80211_AUTHTYPE_NETWORK_EAP;
9099 else if (params->auth_alg & WPA_AUTH_ALG_FT)
9100 type = NL80211_AUTHTYPE_FT;
9101 else
9102 goto nla_put_failure;
9103
9104 wpa_printf(MSG_DEBUG, " * Auth Type %d", type);
9105 NLA_PUT_U32(msg, NL80211_ATTR_AUTH_TYPE, type);
9106
9107 skip_auth_type:
9108 ret = nl80211_set_conn_keys(params, msg);
9109 if (ret)
9110 goto nla_put_failure;
9111
9112 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
9113 msg = NULL;
9114 if (ret) {
9115 wpa_printf(MSG_DEBUG, "nl80211: MLME connect failed: ret=%d "
9116 "(%s)", ret, strerror(-ret));
9117 goto nla_put_failure;
9118 }
9119 ret = 0;
9120 wpa_printf(MSG_DEBUG, "nl80211: Connect request send successfully");
9121
9122 nla_put_failure:
9123 nlmsg_free(msg);
9124 return ret;
9125
9126 }
9127
9128
9129 static int wpa_driver_nl80211_connect(
9130 struct wpa_driver_nl80211_data *drv,
9131 struct wpa_driver_associate_params *params)
9132 {
9133 int ret = wpa_driver_nl80211_try_connect(drv, params);
9134 if (ret == -EALREADY) {
9135 /*
9136 * cfg80211 does not currently accept new connections if
9137 * we are already connected. As a workaround, force
9138 * disconnection and try again.
9139 */
9140 wpa_printf(MSG_DEBUG, "nl80211: Explicitly "
9141 "disconnecting before reassociation "
9142 "attempt");
9143 if (wpa_driver_nl80211_disconnect(
9144 drv, WLAN_REASON_PREV_AUTH_NOT_VALID))
9145 return -1;
9146 ret = wpa_driver_nl80211_try_connect(drv, params);
9147 }
9148 return ret;
9149 }
9150
9151
9152 static int wpa_driver_nl80211_associate(
9153 void *priv, struct wpa_driver_associate_params *params)
9154 {
9155 struct i802_bss *bss = priv;
9156 struct wpa_driver_nl80211_data *drv = bss->drv;
9157 int ret;
9158 struct nl_msg *msg;
9159
9160 if (params->mode == IEEE80211_MODE_AP)
9161 return wpa_driver_nl80211_ap(drv, params);
9162
9163 if (params->mode == IEEE80211_MODE_IBSS)
9164 return wpa_driver_nl80211_ibss(drv, params);
9165
9166 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME)) {
9167 enum nl80211_iftype nlmode = params->p2p ?
9168 NL80211_IFTYPE_P2P_CLIENT : NL80211_IFTYPE_STATION;
9169
9170 if (wpa_driver_nl80211_set_mode(priv, nlmode) < 0)
9171 return -1;
9172 return wpa_driver_nl80211_connect(drv, params);
9173 }
9174
9175 nl80211_mark_disconnected(drv);
9176
9177 msg = nlmsg_alloc();
9178 if (!msg)
9179 return -1;
9180
9181 wpa_printf(MSG_DEBUG, "nl80211: Associate (ifindex=%d)",
9182 drv->ifindex);
9183 nl80211_cmd(drv, msg, 0, NL80211_CMD_ASSOCIATE);
9184
9185 ret = nl80211_connect_common(drv, params, msg);
9186 if (ret)
9187 goto nla_put_failure;
9188
9189 if (params->prev_bssid) {
9190 wpa_printf(MSG_DEBUG, " * prev_bssid=" MACSTR,
9191 MAC2STR(params->prev_bssid));
9192 NLA_PUT(msg, NL80211_ATTR_PREV_BSSID, ETH_ALEN,
9193 params->prev_bssid);
9194 }
9195
9196 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
9197 msg = NULL;
9198 if (ret) {
9199 wpa_dbg(drv->ctx, MSG_DEBUG,
9200 "nl80211: MLME command failed (assoc): ret=%d (%s)",
9201 ret, strerror(-ret));
9202 nl80211_dump_scan(drv);
9203 goto nla_put_failure;
9204 }
9205 ret = 0;
9206 wpa_printf(MSG_DEBUG, "nl80211: Association request send "
9207 "successfully");
9208
9209 nla_put_failure:
9210 nlmsg_free(msg);
9211 return ret;
9212 }
9213
9214
9215 static int nl80211_set_mode(struct wpa_driver_nl80211_data *drv,
9216 int ifindex, enum nl80211_iftype mode)
9217 {
9218 struct nl_msg *msg;
9219 int ret = -ENOBUFS;
9220
9221 wpa_printf(MSG_DEBUG, "nl80211: Set mode ifindex %d iftype %d (%s)",
9222 ifindex, mode, nl80211_iftype_str(mode));
9223
9224 msg = nlmsg_alloc();
9225 if (!msg)
9226 return -ENOMEM;
9227
9228 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_INTERFACE);
9229 if (nl80211_set_iface_id(msg, drv->first_bss) < 0)
9230 goto nla_put_failure;
9231 NLA_PUT_U32(msg, NL80211_ATTR_IFTYPE, mode);
9232
9233 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
9234 msg = NULL;
9235 if (!ret)
9236 return 0;
9237 nla_put_failure:
9238 nlmsg_free(msg);
9239 wpa_printf(MSG_DEBUG, "nl80211: Failed to set interface %d to mode %d:"
9240 " %d (%s)", ifindex, mode, ret, strerror(-ret));
9241 return ret;
9242 }
9243
9244
9245 static int wpa_driver_nl80211_set_mode_impl(
9246 struct i802_bss *bss,
9247 enum nl80211_iftype nlmode,
9248 struct hostapd_freq_params *desired_freq_params)
9249 {
9250 struct wpa_driver_nl80211_data *drv = bss->drv;
9251 int ret = -1;
9252 int i;
9253 int was_ap = is_ap_interface(drv->nlmode);
9254 int res;
9255 int mode_switch_res;
9256
9257 mode_switch_res = nl80211_set_mode(drv, drv->ifindex, nlmode);
9258 if (mode_switch_res && nlmode == nl80211_get_ifmode(bss))
9259 mode_switch_res = 0;
9260
9261 if (mode_switch_res == 0) {
9262 drv->nlmode = nlmode;
9263 ret = 0;
9264 goto done;
9265 }
9266
9267 if (mode_switch_res == -ENODEV)
9268 return -1;
9269
9270 if (nlmode == drv->nlmode) {
9271 wpa_printf(MSG_DEBUG, "nl80211: Interface already in "
9272 "requested mode - ignore error");
9273 ret = 0;
9274 goto done; /* Already in the requested mode */
9275 }
9276
9277 /* mac80211 doesn't allow mode changes while the device is up, so
9278 * take the device down, try to set the mode again, and bring the
9279 * device back up.
9280 */
9281 wpa_printf(MSG_DEBUG, "nl80211: Try mode change after setting "
9282 "interface down");
9283 for (i = 0; i < 10; i++) {
9284 res = i802_set_iface_flags(bss, 0);
9285 if (res == -EACCES || res == -ENODEV)
9286 break;
9287 if (res != 0) {
9288 wpa_printf(MSG_DEBUG, "nl80211: Failed to set "
9289 "interface down");
9290 os_sleep(0, 100000);
9291 continue;
9292 }
9293
9294 /*
9295 * Setting the mode will fail for some drivers if the phy is
9296 * on a frequency that the mode is disallowed in.
9297 */
9298 if (desired_freq_params) {
9299 res = i802_set_freq(bss, desired_freq_params);
9300 if (res) {
9301 wpa_printf(MSG_DEBUG,
9302 "nl80211: Failed to set frequency on interface");
9303 }
9304 }
9305
9306 /* Try to set the mode again while the interface is down */
9307 mode_switch_res = nl80211_set_mode(drv, drv->ifindex, nlmode);
9308 if (mode_switch_res == -EBUSY) {
9309 wpa_printf(MSG_DEBUG,
9310 "nl80211: Delaying mode set while interface going down");
9311 os_sleep(0, 100000);
9312 continue;
9313 }
9314 ret = mode_switch_res;
9315 break;
9316 }
9317
9318 if (!ret) {
9319 wpa_printf(MSG_DEBUG, "nl80211: Mode change succeeded while "
9320 "interface is down");
9321 drv->nlmode = nlmode;
9322 drv->ignore_if_down_event = 1;
9323 }
9324
9325 /* Bring the interface back up */
9326 res = linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 1);
9327 if (res != 0) {
9328 wpa_printf(MSG_DEBUG,
9329 "nl80211: Failed to set interface up after switching mode");
9330 ret = -1;
9331 }
9332
9333 done:
9334 if (ret) {
9335 wpa_printf(MSG_DEBUG, "nl80211: Interface mode change to %d "
9336 "from %d failed", nlmode, drv->nlmode);
9337 return ret;
9338 }
9339
9340 if (is_p2p_net_interface(nlmode))
9341 nl80211_disable_11b_rates(drv, drv->ifindex, 1);
9342 else if (drv->disabled_11b_rates)
9343 nl80211_disable_11b_rates(drv, drv->ifindex, 0);
9344
9345 if (is_ap_interface(nlmode)) {
9346 nl80211_mgmt_unsubscribe(bss, "start AP");
9347 /* Setup additional AP mode functionality if needed */
9348 if (nl80211_setup_ap(bss))
9349 return -1;
9350 } else if (was_ap) {
9351 /* Remove additional AP mode functionality */
9352 nl80211_teardown_ap(bss);
9353 } else {
9354 nl80211_mgmt_unsubscribe(bss, "mode change");
9355 }
9356
9357 if (!bss->in_deinit && !is_ap_interface(nlmode) &&
9358 nl80211_mgmt_subscribe_non_ap(bss) < 0)
9359 wpa_printf(MSG_DEBUG, "nl80211: Failed to register Action "
9360 "frame processing - ignore for now");
9361
9362 return 0;
9363 }
9364
9365
9366 static int dfs_info_handler(struct nl_msg *msg, void *arg)
9367 {
9368 struct nlattr *tb[NL80211_ATTR_MAX + 1];
9369 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
9370 int *dfs_capability_ptr = arg;
9371
9372 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
9373 genlmsg_attrlen(gnlh, 0), NULL);
9374
9375 if (tb[NL80211_ATTR_VENDOR_DATA]) {
9376 struct nlattr *nl_vend = tb[NL80211_ATTR_VENDOR_DATA];
9377 struct nlattr *tb_vendor[QCA_WLAN_VENDOR_ATTR_MAX + 1];
9378
9379 nla_parse(tb_vendor, QCA_WLAN_VENDOR_ATTR_MAX,
9380 nla_data(nl_vend), nla_len(nl_vend), NULL);
9381
9382 if (tb_vendor[QCA_WLAN_VENDOR_ATTR_DFS]) {
9383 u32 val;
9384 val = nla_get_u32(tb_vendor[QCA_WLAN_VENDOR_ATTR_DFS]);
9385 wpa_printf(MSG_DEBUG, "nl80211: DFS offload capability: %u",
9386 val);
9387 *dfs_capability_ptr = val;
9388 }
9389 }
9390
9391 return NL_SKIP;
9392 }
9393
9394
9395 static int wpa_driver_nl80211_set_mode(struct i802_bss *bss,
9396 enum nl80211_iftype nlmode)
9397 {
9398 return wpa_driver_nl80211_set_mode_impl(bss, nlmode, NULL);
9399 }
9400
9401
9402 static int wpa_driver_nl80211_set_mode_ibss(struct i802_bss *bss,
9403 struct hostapd_freq_params *freq)
9404 {
9405 return wpa_driver_nl80211_set_mode_impl(bss, NL80211_IFTYPE_ADHOC,
9406 freq);
9407 }
9408
9409
9410 static int wpa_driver_nl80211_get_capa(void *priv,
9411 struct wpa_driver_capa *capa)
9412 {
9413 struct i802_bss *bss = priv;
9414 struct wpa_driver_nl80211_data *drv = bss->drv;
9415 struct nl_msg *msg;
9416 int dfs_capability = 0;
9417 int ret = 0;
9418
9419 if (!drv->has_capability)
9420 return -1;
9421 os_memcpy(capa, &drv->capa, sizeof(*capa));
9422 if (drv->extended_capa && drv->extended_capa_mask) {
9423 capa->extended_capa = drv->extended_capa;
9424 capa->extended_capa_mask = drv->extended_capa_mask;
9425 capa->extended_capa_len = drv->extended_capa_len;
9426 }
9427
9428 if (drv->dfs_vendor_cmd_avail == 1) {
9429 msg = nlmsg_alloc();
9430 if (!msg)
9431 return -ENOMEM;
9432
9433 nl80211_cmd(drv, msg, 0, NL80211_CMD_VENDOR);
9434
9435 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
9436 NLA_PUT_U32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA);
9437 NLA_PUT_U32(msg, NL80211_ATTR_VENDOR_SUBCMD,
9438 QCA_NL80211_VENDOR_SUBCMD_DFS_CAPABILITY);
9439
9440 ret = send_and_recv_msgs(drv, msg, dfs_info_handler,
9441 &dfs_capability);
9442 if (!ret) {
9443 if (dfs_capability)
9444 capa->flags |= WPA_DRIVER_FLAGS_DFS_OFFLOAD;
9445 }
9446 }
9447
9448 return ret;
9449
9450 nla_put_failure:
9451 nlmsg_free(msg);
9452 return -ENOBUFS;
9453 }
9454
9455
9456 static int wpa_driver_nl80211_set_operstate(void *priv, int state)
9457 {
9458 struct i802_bss *bss = priv;
9459 struct wpa_driver_nl80211_data *drv = bss->drv;
9460
9461 wpa_printf(MSG_DEBUG, "nl80211: Set %s operstate %d->%d (%s)",
9462 bss->ifname, drv->operstate, state,
9463 state ? "UP" : "DORMANT");
9464 drv->operstate = state;
9465 return netlink_send_oper_ifla(drv->global->netlink, drv->ifindex, -1,
9466 state ? IF_OPER_UP : IF_OPER_DORMANT);
9467 }
9468
9469
9470 static int wpa_driver_nl80211_set_supp_port(void *priv, int authorized)
9471 {
9472 struct i802_bss *bss = priv;
9473 struct wpa_driver_nl80211_data *drv = bss->drv;
9474 struct nl_msg *msg;
9475 struct nl80211_sta_flag_update upd;
9476 int ret = -ENOBUFS;
9477
9478 if (!drv->associated && is_zero_ether_addr(drv->bssid) && !authorized) {
9479 wpa_printf(MSG_DEBUG, "nl80211: Skip set_supp_port(unauthorized) while not associated");
9480 return 0;
9481 }
9482
9483 wpa_printf(MSG_DEBUG, "nl80211: Set supplicant port %sauthorized for "
9484 MACSTR, authorized ? "" : "un", MAC2STR(drv->bssid));
9485
9486 msg = nlmsg_alloc();
9487 if (!msg)
9488 return -ENOMEM;
9489
9490 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_STATION);
9491
9492 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
9493 if_nametoindex(bss->ifname));
9494 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, drv->bssid);
9495
9496 os_memset(&upd, 0, sizeof(upd));
9497 upd.mask = BIT(NL80211_STA_FLAG_AUTHORIZED);
9498 if (authorized)
9499 upd.set = BIT(NL80211_STA_FLAG_AUTHORIZED);
9500 NLA_PUT(msg, NL80211_ATTR_STA_FLAGS2, sizeof(upd), &upd);
9501
9502 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
9503 msg = NULL;
9504 if (!ret)
9505 return 0;
9506 nla_put_failure:
9507 nlmsg_free(msg);
9508 wpa_printf(MSG_DEBUG, "nl80211: Failed to set STA flag: %d (%s)",
9509 ret, strerror(-ret));
9510 return ret;
9511 }
9512
9513
9514 /* Set kernel driver on given frequency (MHz) */
9515 static int i802_set_freq(void *priv, struct hostapd_freq_params *freq)
9516 {
9517 struct i802_bss *bss = priv;
9518 return nl80211_set_channel(bss, freq, 0);
9519 }
9520
9521
9522 static inline int min_int(int a, int b)
9523 {
9524 if (a < b)
9525 return a;
9526 return b;
9527 }
9528
9529
9530 static int get_key_handler(struct nl_msg *msg, void *arg)
9531 {
9532 struct nlattr *tb[NL80211_ATTR_MAX + 1];
9533 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
9534
9535 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
9536 genlmsg_attrlen(gnlh, 0), NULL);
9537
9538 /*
9539 * TODO: validate the key index and mac address!
9540 * Otherwise, there's a race condition as soon as
9541 * the kernel starts sending key notifications.
9542 */
9543
9544 if (tb[NL80211_ATTR_KEY_SEQ])
9545 memcpy(arg, nla_data(tb[NL80211_ATTR_KEY_SEQ]),
9546 min_int(nla_len(tb[NL80211_ATTR_KEY_SEQ]), 6));
9547 return NL_SKIP;
9548 }
9549
9550
9551 static int i802_get_seqnum(const char *iface, void *priv, const u8 *addr,
9552 int idx, u8 *seq)
9553 {
9554 struct i802_bss *bss = priv;
9555 struct wpa_driver_nl80211_data *drv = bss->drv;
9556 struct nl_msg *msg;
9557
9558 msg = nlmsg_alloc();
9559 if (!msg)
9560 return -ENOMEM;
9561
9562 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_KEY);
9563
9564 if (addr)
9565 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
9566 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, idx);
9567 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(iface));
9568
9569 memset(seq, 0, 6);
9570
9571 return send_and_recv_msgs(drv, msg, get_key_handler, seq);
9572 nla_put_failure:
9573 nlmsg_free(msg);
9574 return -ENOBUFS;
9575 }
9576
9577
9578 static int i802_set_rts(void *priv, int rts)
9579 {
9580 struct i802_bss *bss = priv;
9581 struct wpa_driver_nl80211_data *drv = bss->drv;
9582 struct nl_msg *msg;
9583 int ret = -ENOBUFS;
9584 u32 val;
9585
9586 msg = nlmsg_alloc();
9587 if (!msg)
9588 return -ENOMEM;
9589
9590 if (rts >= 2347)
9591 val = (u32) -1;
9592 else
9593 val = rts;
9594
9595 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_WIPHY);
9596 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
9597 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_RTS_THRESHOLD, val);
9598
9599 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
9600 msg = NULL;
9601 if (!ret)
9602 return 0;
9603 nla_put_failure:
9604 nlmsg_free(msg);
9605 wpa_printf(MSG_DEBUG, "nl80211: Failed to set RTS threshold %d: "
9606 "%d (%s)", rts, ret, strerror(-ret));
9607 return ret;
9608 }
9609
9610
9611 static int i802_set_frag(void *priv, int frag)
9612 {
9613 struct i802_bss *bss = priv;
9614 struct wpa_driver_nl80211_data *drv = bss->drv;
9615 struct nl_msg *msg;
9616 int ret = -ENOBUFS;
9617 u32 val;
9618
9619 msg = nlmsg_alloc();
9620 if (!msg)
9621 return -ENOMEM;
9622
9623 if (frag >= 2346)
9624 val = (u32) -1;
9625 else
9626 val = frag;
9627
9628 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_WIPHY);
9629 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
9630 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FRAG_THRESHOLD, val);
9631
9632 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
9633 msg = NULL;
9634 if (!ret)
9635 return 0;
9636 nla_put_failure:
9637 nlmsg_free(msg);
9638 wpa_printf(MSG_DEBUG, "nl80211: Failed to set fragmentation threshold "
9639 "%d: %d (%s)", frag, ret, strerror(-ret));
9640 return ret;
9641 }
9642
9643
9644 static int i802_flush(void *priv)
9645 {
9646 struct i802_bss *bss = priv;
9647 struct wpa_driver_nl80211_data *drv = bss->drv;
9648 struct nl_msg *msg;
9649 int res;
9650
9651 msg = nlmsg_alloc();
9652 if (!msg)
9653 return -1;
9654
9655 wpa_printf(MSG_DEBUG, "nl80211: flush -> DEL_STATION %s (all)",
9656 bss->ifname);
9657 nl80211_cmd(drv, msg, 0, NL80211_CMD_DEL_STATION);
9658
9659 /*
9660 * XXX: FIX! this needs to flush all VLANs too
9661 */
9662 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
9663 if_nametoindex(bss->ifname));
9664
9665 res = send_and_recv_msgs(drv, msg, NULL, NULL);
9666 if (res) {
9667 wpa_printf(MSG_DEBUG, "nl80211: Station flush failed: ret=%d "
9668 "(%s)", res, strerror(-res));
9669 }
9670 return res;
9671 nla_put_failure:
9672 nlmsg_free(msg);
9673 return -ENOBUFS;
9674 }
9675
9676
9677 static int get_sta_handler(struct nl_msg *msg, void *arg)
9678 {
9679 struct nlattr *tb[NL80211_ATTR_MAX + 1];
9680 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
9681 struct hostap_sta_driver_data *data = arg;
9682 struct nlattr *stats[NL80211_STA_INFO_MAX + 1];
9683 static struct nla_policy stats_policy[NL80211_STA_INFO_MAX + 1] = {
9684 [NL80211_STA_INFO_INACTIVE_TIME] = { .type = NLA_U32 },
9685 [NL80211_STA_INFO_RX_BYTES] = { .type = NLA_U32 },
9686 [NL80211_STA_INFO_TX_BYTES] = { .type = NLA_U32 },
9687 [NL80211_STA_INFO_RX_PACKETS] = { .type = NLA_U32 },
9688 [NL80211_STA_INFO_TX_PACKETS] = { .type = NLA_U32 },
9689 [NL80211_STA_INFO_TX_FAILED] = { .type = NLA_U32 },
9690 };
9691
9692 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
9693 genlmsg_attrlen(gnlh, 0), NULL);
9694
9695 /*
9696 * TODO: validate the interface and mac address!
9697 * Otherwise, there's a race condition as soon as
9698 * the kernel starts sending station notifications.
9699 */
9700
9701 if (!tb[NL80211_ATTR_STA_INFO]) {
9702 wpa_printf(MSG_DEBUG, "sta stats missing!");
9703 return NL_SKIP;
9704 }
9705 if (nla_parse_nested(stats, NL80211_STA_INFO_MAX,
9706 tb[NL80211_ATTR_STA_INFO],
9707 stats_policy)) {
9708 wpa_printf(MSG_DEBUG, "failed to parse nested attributes!");
9709 return NL_SKIP;
9710 }
9711
9712 if (stats[NL80211_STA_INFO_INACTIVE_TIME])
9713 data->inactive_msec =
9714 nla_get_u32(stats[NL80211_STA_INFO_INACTIVE_TIME]);
9715 if (stats[NL80211_STA_INFO_RX_BYTES])
9716 data->rx_bytes = nla_get_u32(stats[NL80211_STA_INFO_RX_BYTES]);
9717 if (stats[NL80211_STA_INFO_TX_BYTES])
9718 data->tx_bytes = nla_get_u32(stats[NL80211_STA_INFO_TX_BYTES]);
9719 if (stats[NL80211_STA_INFO_RX_PACKETS])
9720 data->rx_packets =
9721 nla_get_u32(stats[NL80211_STA_INFO_RX_PACKETS]);
9722 if (stats[NL80211_STA_INFO_TX_PACKETS])
9723 data->tx_packets =
9724 nla_get_u32(stats[NL80211_STA_INFO_TX_PACKETS]);
9725 if (stats[NL80211_STA_INFO_TX_FAILED])
9726 data->tx_retry_failed =
9727 nla_get_u32(stats[NL80211_STA_INFO_TX_FAILED]);
9728
9729 return NL_SKIP;
9730 }
9731
9732 static int i802_read_sta_data(struct i802_bss *bss,
9733 struct hostap_sta_driver_data *data,
9734 const u8 *addr)
9735 {
9736 struct wpa_driver_nl80211_data *drv = bss->drv;
9737 struct nl_msg *msg;
9738
9739 os_memset(data, 0, sizeof(*data));
9740 msg = nlmsg_alloc();
9741 if (!msg)
9742 return -ENOMEM;
9743
9744 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_STATION);
9745
9746 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
9747 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(bss->ifname));
9748
9749 return send_and_recv_msgs(drv, msg, get_sta_handler, data);
9750 nla_put_failure:
9751 nlmsg_free(msg);
9752 return -ENOBUFS;
9753 }
9754
9755
9756 static int i802_set_tx_queue_params(void *priv, int queue, int aifs,
9757 int cw_min, int cw_max, int burst_time)
9758 {
9759 struct i802_bss *bss = priv;
9760 struct wpa_driver_nl80211_data *drv = bss->drv;
9761 struct nl_msg *msg;
9762 struct nlattr *txq, *params;
9763
9764 msg = nlmsg_alloc();
9765 if (!msg)
9766 return -1;
9767
9768 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_WIPHY);
9769
9770 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(bss->ifname));
9771
9772 txq = nla_nest_start(msg, NL80211_ATTR_WIPHY_TXQ_PARAMS);
9773 if (!txq)
9774 goto nla_put_failure;
9775
9776 /* We are only sending parameters for a single TXQ at a time */
9777 params = nla_nest_start(msg, 1);
9778 if (!params)
9779 goto nla_put_failure;
9780
9781 switch (queue) {
9782 case 0:
9783 NLA_PUT_U8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_VO);
9784 break;
9785 case 1:
9786 NLA_PUT_U8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_VI);
9787 break;
9788 case 2:
9789 NLA_PUT_U8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_BE);
9790 break;
9791 case 3:
9792 NLA_PUT_U8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_BK);
9793 break;
9794 }
9795 /* Burst time is configured in units of 0.1 msec and TXOP parameter in
9796 * 32 usec, so need to convert the value here. */
9797 NLA_PUT_U16(msg, NL80211_TXQ_ATTR_TXOP, (burst_time * 100 + 16) / 32);
9798 NLA_PUT_U16(msg, NL80211_TXQ_ATTR_CWMIN, cw_min);
9799 NLA_PUT_U16(msg, NL80211_TXQ_ATTR_CWMAX, cw_max);
9800 NLA_PUT_U8(msg, NL80211_TXQ_ATTR_AIFS, aifs);
9801
9802 nla_nest_end(msg, params);
9803
9804 nla_nest_end(msg, txq);
9805
9806 if (send_and_recv_msgs(drv, msg, NULL, NULL) == 0)
9807 return 0;
9808 msg = NULL;
9809 nla_put_failure:
9810 nlmsg_free(msg);
9811 return -1;
9812 }
9813
9814
9815 static int i802_set_sta_vlan(struct i802_bss *bss, const u8 *addr,
9816 const char *ifname, int vlan_id)
9817 {
9818 struct wpa_driver_nl80211_data *drv = bss->drv;
9819 struct nl_msg *msg;
9820 int ret = -ENOBUFS;
9821
9822 msg = nlmsg_alloc();
9823 if (!msg)
9824 return -ENOMEM;
9825
9826 wpa_printf(MSG_DEBUG, "nl80211: %s[%d]: set_sta_vlan(" MACSTR
9827 ", ifname=%s[%d], vlan_id=%d)",
9828 bss->ifname, if_nametoindex(bss->ifname),
9829 MAC2STR(addr), ifname, if_nametoindex(ifname), vlan_id);
9830 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_STATION);
9831
9832 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
9833 if_nametoindex(bss->ifname));
9834 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
9835 NLA_PUT_U32(msg, NL80211_ATTR_STA_VLAN,
9836 if_nametoindex(ifname));
9837
9838 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
9839 msg = NULL;
9840 if (ret < 0) {
9841 wpa_printf(MSG_ERROR, "nl80211: NL80211_ATTR_STA_VLAN (addr="
9842 MACSTR " ifname=%s vlan_id=%d) failed: %d (%s)",
9843 MAC2STR(addr), ifname, vlan_id, ret,
9844 strerror(-ret));
9845 }
9846 nla_put_failure:
9847 nlmsg_free(msg);
9848 return ret;
9849 }
9850
9851
9852 static int i802_get_inact_sec(void *priv, const u8 *addr)
9853 {
9854 struct hostap_sta_driver_data data;
9855 int ret;
9856
9857 data.inactive_msec = (unsigned long) -1;
9858 ret = i802_read_sta_data(priv, &data, addr);
9859 if (ret || data.inactive_msec == (unsigned long) -1)
9860 return -1;
9861 return data.inactive_msec / 1000;
9862 }
9863
9864
9865 static int i802_sta_clear_stats(void *priv, const u8 *addr)
9866 {
9867 #if 0
9868 /* TODO */
9869 #endif
9870 return 0;
9871 }
9872
9873
9874 static int i802_sta_deauth(void *priv, const u8 *own_addr, const u8 *addr,
9875 int reason)
9876 {
9877 struct i802_bss *bss = priv;
9878 struct wpa_driver_nl80211_data *drv = bss->drv;
9879 struct ieee80211_mgmt mgmt;
9880
9881 if (drv->device_ap_sme)
9882 return wpa_driver_nl80211_sta_remove(bss, addr, 1, reason);
9883
9884 memset(&mgmt, 0, sizeof(mgmt));
9885 mgmt.frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT,
9886 WLAN_FC_STYPE_DEAUTH);
9887 memcpy(mgmt.da, addr, ETH_ALEN);
9888 memcpy(mgmt.sa, own_addr, ETH_ALEN);
9889 memcpy(mgmt.bssid, own_addr, ETH_ALEN);
9890 mgmt.u.deauth.reason_code = host_to_le16(reason);
9891 return wpa_driver_nl80211_send_mlme(bss, (u8 *) &mgmt,
9892 IEEE80211_HDRLEN +
9893 sizeof(mgmt.u.deauth), 0, 0, 0, 0,
9894 0);
9895 }
9896
9897
9898 static int i802_sta_disassoc(void *priv, const u8 *own_addr, const u8 *addr,
9899 int reason)
9900 {
9901 struct i802_bss *bss = priv;
9902 struct wpa_driver_nl80211_data *drv = bss->drv;
9903 struct ieee80211_mgmt mgmt;
9904
9905 if (drv->device_ap_sme)
9906 return wpa_driver_nl80211_sta_remove(bss, addr, 0, reason);
9907
9908 memset(&mgmt, 0, sizeof(mgmt));
9909 mgmt.frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT,
9910 WLAN_FC_STYPE_DISASSOC);
9911 memcpy(mgmt.da, addr, ETH_ALEN);
9912 memcpy(mgmt.sa, own_addr, ETH_ALEN);
9913 memcpy(mgmt.bssid, own_addr, ETH_ALEN);
9914 mgmt.u.disassoc.reason_code = host_to_le16(reason);
9915 return wpa_driver_nl80211_send_mlme(bss, (u8 *) &mgmt,
9916 IEEE80211_HDRLEN +
9917 sizeof(mgmt.u.disassoc), 0, 0, 0, 0,
9918 0);
9919 }
9920
9921
9922 static void dump_ifidx(struct wpa_driver_nl80211_data *drv)
9923 {
9924 char buf[200], *pos, *end;
9925 int i, res;
9926
9927 pos = buf;
9928 end = pos + sizeof(buf);
9929
9930 for (i = 0; i < drv->num_if_indices; i++) {
9931 if (!drv->if_indices[i])
9932 continue;
9933 res = os_snprintf(pos, end - pos, " %d", drv->if_indices[i]);
9934 if (res < 0 || res >= end - pos)
9935 break;
9936 pos += res;
9937 }
9938 *pos = '\0';
9939
9940 wpa_printf(MSG_DEBUG, "nl80211: if_indices[%d]:%s",
9941 drv->num_if_indices, buf);
9942 }
9943
9944
9945 static void add_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx)
9946 {
9947 int i;
9948 int *old;
9949
9950 wpa_printf(MSG_DEBUG, "nl80211: Add own interface ifindex %d",
9951 ifidx);
9952 if (have_ifidx(drv, ifidx)) {
9953 wpa_printf(MSG_DEBUG, "nl80211: ifindex %d already in the list",
9954 ifidx);
9955 return;
9956 }
9957 for (i = 0; i < drv->num_if_indices; i++) {
9958 if (drv->if_indices[i] == 0) {
9959 drv->if_indices[i] = ifidx;
9960 dump_ifidx(drv);
9961 return;
9962 }
9963 }
9964
9965 if (drv->if_indices != drv->default_if_indices)
9966 old = drv->if_indices;
9967 else
9968 old = NULL;
9969
9970 drv->if_indices = os_realloc_array(old, drv->num_if_indices + 1,
9971 sizeof(int));
9972 if (!drv->if_indices) {
9973 if (!old)
9974 drv->if_indices = drv->default_if_indices;
9975 else
9976 drv->if_indices = old;
9977 wpa_printf(MSG_ERROR, "Failed to reallocate memory for "
9978 "interfaces");
9979 wpa_printf(MSG_ERROR, "Ignoring EAPOL on interface %d", ifidx);
9980 return;
9981 } else if (!old)
9982 os_memcpy(drv->if_indices, drv->default_if_indices,
9983 sizeof(drv->default_if_indices));
9984 drv->if_indices[drv->num_if_indices] = ifidx;
9985 drv->num_if_indices++;
9986 dump_ifidx(drv);
9987 }
9988
9989
9990 static void del_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx)
9991 {
9992 int i;
9993
9994 for (i = 0; i < drv->num_if_indices; i++) {
9995 if (drv->if_indices[i] == ifidx) {
9996 drv->if_indices[i] = 0;
9997 break;
9998 }
9999 }
10000 dump_ifidx(drv);
10001 }
10002
10003
10004 static int have_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx)
10005 {
10006 int i;
10007
10008 for (i = 0; i < drv->num_if_indices; i++)
10009 if (drv->if_indices[i] == ifidx)
10010 return 1;
10011
10012 return 0;
10013 }
10014
10015
10016 static int i802_set_wds_sta(void *priv, const u8 *addr, int aid, int val,
10017 const char *bridge_ifname, char *ifname_wds)
10018 {
10019 struct i802_bss *bss = priv;
10020 struct wpa_driver_nl80211_data *drv = bss->drv;
10021 char name[IFNAMSIZ + 1];
10022
10023 os_snprintf(name, sizeof(name), "%s.sta%d", bss->ifname, aid);
10024 if (ifname_wds)
10025 os_strlcpy(ifname_wds, name, IFNAMSIZ + 1);
10026
10027 wpa_printf(MSG_DEBUG, "nl80211: Set WDS STA addr=" MACSTR
10028 " aid=%d val=%d name=%s", MAC2STR(addr), aid, val, name);
10029 if (val) {
10030 if (!if_nametoindex(name)) {
10031 if (nl80211_create_iface(drv, name,
10032 NL80211_IFTYPE_AP_VLAN,
10033 bss->addr, 1, NULL, NULL, 0) <
10034 0)
10035 return -1;
10036 if (bridge_ifname &&
10037 linux_br_add_if(drv->global->ioctl_sock,
10038 bridge_ifname, name) < 0)
10039 return -1;
10040 }
10041 if (linux_set_iface_flags(drv->global->ioctl_sock, name, 1)) {
10042 wpa_printf(MSG_ERROR, "nl80211: Failed to set WDS STA "
10043 "interface %s up", name);
10044 }
10045 return i802_set_sta_vlan(priv, addr, name, 0);
10046 } else {
10047 if (bridge_ifname)
10048 linux_br_del_if(drv->global->ioctl_sock, bridge_ifname,
10049 name);
10050
10051 i802_set_sta_vlan(priv, addr, bss->ifname, 0);
10052 nl80211_remove_iface(drv, if_nametoindex(name));
10053 return 0;
10054 }
10055 }
10056
10057
10058 static void handle_eapol(int sock, void *eloop_ctx, void *sock_ctx)
10059 {
10060 struct wpa_driver_nl80211_data *drv = eloop_ctx;
10061 struct sockaddr_ll lladdr;
10062 unsigned char buf[3000];
10063 int len;
10064 socklen_t fromlen = sizeof(lladdr);
10065
10066 len = recvfrom(sock, buf, sizeof(buf), 0,
10067 (struct sockaddr *)&lladdr, &fromlen);
10068 if (len < 0) {
10069 wpa_printf(MSG_ERROR, "nl80211: EAPOL recv failed: %s",
10070 strerror(errno));
10071 return;
10072 }
10073
10074 if (have_ifidx(drv, lladdr.sll_ifindex))
10075 drv_event_eapol_rx(drv->ctx, lladdr.sll_addr, buf, len);
10076 }
10077
10078
10079 static int i802_check_bridge(struct wpa_driver_nl80211_data *drv,
10080 struct i802_bss *bss,
10081 const char *brname, const char *ifname)
10082 {
10083 int ifindex;
10084 char in_br[IFNAMSIZ];
10085
10086 os_strlcpy(bss->brname, brname, IFNAMSIZ);
10087 ifindex = if_nametoindex(brname);
10088 if (ifindex == 0) {
10089 /*
10090 * Bridge was configured, but the bridge device does
10091 * not exist. Try to add it now.
10092 */
10093 if (linux_br_add(drv->global->ioctl_sock, brname) < 0) {
10094 wpa_printf(MSG_ERROR, "nl80211: Failed to add the "
10095 "bridge interface %s: %s",
10096 brname, strerror(errno));
10097 return -1;
10098 }
10099 bss->added_bridge = 1;
10100 add_ifidx(drv, if_nametoindex(brname));
10101 }
10102
10103 if (linux_br_get(in_br, ifname) == 0) {
10104 if (os_strcmp(in_br, brname) == 0)
10105 return 0; /* already in the bridge */
10106
10107 wpa_printf(MSG_DEBUG, "nl80211: Removing interface %s from "
10108 "bridge %s", ifname, in_br);
10109 if (linux_br_del_if(drv->global->ioctl_sock, in_br, ifname) <
10110 0) {
10111 wpa_printf(MSG_ERROR, "nl80211: Failed to "
10112 "remove interface %s from bridge "
10113 "%s: %s",
10114 ifname, brname, strerror(errno));
10115 return -1;
10116 }
10117 }
10118
10119 wpa_printf(MSG_DEBUG, "nl80211: Adding interface %s into bridge %s",
10120 ifname, brname);
10121 if (linux_br_add_if(drv->global->ioctl_sock, brname, ifname) < 0) {
10122 wpa_printf(MSG_ERROR, "nl80211: Failed to add interface %s "
10123 "into bridge %s: %s",
10124 ifname, brname, strerror(errno));
10125 return -1;
10126 }
10127 bss->added_if_into_bridge = 1;
10128
10129 return 0;
10130 }
10131
10132
10133 static void *i802_init(struct hostapd_data *hapd,
10134 struct wpa_init_params *params)
10135 {
10136 struct wpa_driver_nl80211_data *drv;
10137 struct i802_bss *bss;
10138 size_t i;
10139 char brname[IFNAMSIZ];
10140 int ifindex, br_ifindex;
10141 int br_added = 0;
10142
10143 bss = wpa_driver_nl80211_drv_init(hapd, params->ifname,
10144 params->global_priv, 1,
10145 params->bssid);
10146 if (bss == NULL)
10147 return NULL;
10148
10149 drv = bss->drv;
10150
10151 if (linux_br_get(brname, params->ifname) == 0) {
10152 wpa_printf(MSG_DEBUG, "nl80211: Interface %s is in bridge %s",
10153 params->ifname, brname);
10154 br_ifindex = if_nametoindex(brname);
10155 } else {
10156 brname[0] = '\0';
10157 br_ifindex = 0;
10158 }
10159
10160 for (i = 0; i < params->num_bridge; i++) {
10161 if (params->bridge[i]) {
10162 ifindex = if_nametoindex(params->bridge[i]);
10163 if (ifindex)
10164 add_ifidx(drv, ifindex);
10165 if (ifindex == br_ifindex)
10166 br_added = 1;
10167 }
10168 }
10169 if (!br_added && br_ifindex &&
10170 (params->num_bridge == 0 || !params->bridge[0]))
10171 add_ifidx(drv, br_ifindex);
10172
10173 /* start listening for EAPOL on the default AP interface */
10174 add_ifidx(drv, drv->ifindex);
10175
10176 if (params->num_bridge && params->bridge[0] &&
10177 i802_check_bridge(drv, bss, params->bridge[0], params->ifname) < 0)
10178 goto failed;
10179
10180 #ifdef CONFIG_LIBNL3_ROUTE
10181 if (bss->added_if_into_bridge) {
10182 drv->rtnl_sk = nl_socket_alloc();
10183 if (drv->rtnl_sk == NULL) {
10184 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate nl_sock");
10185 goto failed;
10186 }
10187
10188 if (nl_connect(drv->rtnl_sk, NETLINK_ROUTE)) {
10189 wpa_printf(MSG_ERROR, "nl80211: Failed to connect nl_sock to NETLINK_ROUTE: %s",
10190 strerror(errno));
10191 goto failed;
10192 }
10193 }
10194 #endif /* CONFIG_LIBNL3_ROUTE */
10195
10196 drv->eapol_sock = socket(PF_PACKET, SOCK_DGRAM, htons(ETH_P_PAE));
10197 if (drv->eapol_sock < 0) {
10198 wpa_printf(MSG_ERROR, "nl80211: socket(PF_PACKET, SOCK_DGRAM, ETH_P_PAE) failed: %s",
10199 strerror(errno));
10200 goto failed;
10201 }
10202
10203 if (eloop_register_read_sock(drv->eapol_sock, handle_eapol, drv, NULL))
10204 {
10205 wpa_printf(MSG_INFO, "nl80211: Could not register read socket for eapol");
10206 goto failed;
10207 }
10208
10209 if (linux_get_ifhwaddr(drv->global->ioctl_sock, bss->ifname,
10210 params->own_addr))
10211 goto failed;
10212 os_memcpy(drv->perm_addr, params->own_addr, ETH_ALEN);
10213
10214 memcpy(bss->addr, params->own_addr, ETH_ALEN);
10215
10216 return bss;
10217
10218 failed:
10219 wpa_driver_nl80211_deinit(bss);
10220 return NULL;
10221 }
10222
10223
10224 static void i802_deinit(void *priv)
10225 {
10226 struct i802_bss *bss = priv;
10227 wpa_driver_nl80211_deinit(bss);
10228 }
10229
10230
10231 static enum nl80211_iftype wpa_driver_nl80211_if_type(
10232 enum wpa_driver_if_type type)
10233 {
10234 switch (type) {
10235 case WPA_IF_STATION:
10236 return NL80211_IFTYPE_STATION;
10237 case WPA_IF_P2P_CLIENT:
10238 case WPA_IF_P2P_GROUP:
10239 return NL80211_IFTYPE_P2P_CLIENT;
10240 case WPA_IF_AP_VLAN:
10241 return NL80211_IFTYPE_AP_VLAN;
10242 case WPA_IF_AP_BSS:
10243 return NL80211_IFTYPE_AP;
10244 case WPA_IF_P2P_GO:
10245 return NL80211_IFTYPE_P2P_GO;
10246 case WPA_IF_P2P_DEVICE:
10247 return NL80211_IFTYPE_P2P_DEVICE;
10248 }
10249 return -1;
10250 }
10251
10252
10253 #ifdef CONFIG_P2P
10254
10255 static int nl80211_addr_in_use(struct nl80211_global *global, const u8 *addr)
10256 {
10257 struct wpa_driver_nl80211_data *drv;
10258 dl_list_for_each(drv, &global->interfaces,
10259 struct wpa_driver_nl80211_data, list) {
10260 if (os_memcmp(addr, drv->first_bss->addr, ETH_ALEN) == 0)
10261 return 1;
10262 }
10263 return 0;
10264 }
10265
10266
10267 static int nl80211_p2p_interface_addr(struct wpa_driver_nl80211_data *drv,
10268 u8 *new_addr)
10269 {
10270 unsigned int idx;
10271
10272 if (!drv->global)
10273 return -1;
10274
10275 os_memcpy(new_addr, drv->first_bss->addr, ETH_ALEN);
10276 for (idx = 0; idx < 64; idx++) {
10277 new_addr[0] = drv->first_bss->addr[0] | 0x02;
10278 new_addr[0] ^= idx << 2;
10279 if (!nl80211_addr_in_use(drv->global, new_addr))
10280 break;
10281 }
10282 if (idx == 64)
10283 return -1;
10284
10285 wpa_printf(MSG_DEBUG, "nl80211: Assigned new P2P Interface Address "
10286 MACSTR, MAC2STR(new_addr));
10287
10288 return 0;
10289 }
10290
10291 #endif /* CONFIG_P2P */
10292
10293
10294 struct wdev_info {
10295 u64 wdev_id;
10296 int wdev_id_set;
10297 u8 macaddr[ETH_ALEN];
10298 };
10299
10300 static int nl80211_wdev_handler(struct nl_msg *msg, void *arg)
10301 {
10302 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
10303 struct nlattr *tb[NL80211_ATTR_MAX + 1];
10304 struct wdev_info *wi = arg;
10305
10306 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
10307 genlmsg_attrlen(gnlh, 0), NULL);
10308 if (tb[NL80211_ATTR_WDEV]) {
10309 wi->wdev_id = nla_get_u64(tb[NL80211_ATTR_WDEV]);
10310 wi->wdev_id_set = 1;
10311 }
10312
10313 if (tb[NL80211_ATTR_MAC])
10314 os_memcpy(wi->macaddr, nla_data(tb[NL80211_ATTR_MAC]),
10315 ETH_ALEN);
10316
10317 return NL_SKIP;
10318 }
10319
10320
10321 static int wpa_driver_nl80211_if_add(void *priv, enum wpa_driver_if_type type,
10322 const char *ifname, const u8 *addr,
10323 void *bss_ctx, void **drv_priv,
10324 char *force_ifname, u8 *if_addr,
10325 const char *bridge, int use_existing)
10326 {
10327 enum nl80211_iftype nlmode;
10328 struct i802_bss *bss = priv;
10329 struct wpa_driver_nl80211_data *drv = bss->drv;
10330 int ifidx;
10331 int added = 1;
10332
10333 if (addr)
10334 os_memcpy(if_addr, addr, ETH_ALEN);
10335 nlmode = wpa_driver_nl80211_if_type(type);
10336 if (nlmode == NL80211_IFTYPE_P2P_DEVICE) {
10337 struct wdev_info p2pdev_info;
10338
10339 os_memset(&p2pdev_info, 0, sizeof(p2pdev_info));
10340 ifidx = nl80211_create_iface(drv, ifname, nlmode, addr,
10341 0, nl80211_wdev_handler,
10342 &p2pdev_info, use_existing);
10343 if (!p2pdev_info.wdev_id_set || ifidx != 0) {
10344 wpa_printf(MSG_ERROR, "nl80211: Failed to create a P2P Device interface %s",
10345 ifname);
10346 return -1;
10347 }
10348
10349 drv->global->if_add_wdevid = p2pdev_info.wdev_id;
10350 drv->global->if_add_wdevid_set = p2pdev_info.wdev_id_set;
10351 if (!is_zero_ether_addr(p2pdev_info.macaddr))
10352 os_memcpy(if_addr, p2pdev_info.macaddr, ETH_ALEN);
10353 wpa_printf(MSG_DEBUG, "nl80211: New P2P Device interface %s (0x%llx) created",
10354 ifname,
10355 (long long unsigned int) p2pdev_info.wdev_id);
10356 } else {
10357 ifidx = nl80211_create_iface(drv, ifname, nlmode, addr,
10358 0, NULL, NULL, use_existing);
10359 if (use_existing && ifidx == -ENFILE) {
10360 added = 0;
10361 ifidx = if_nametoindex(ifname);
10362 } else if (ifidx < 0) {
10363 return -1;
10364 }
10365 }
10366
10367 if (!addr) {
10368 if (drv->nlmode == NL80211_IFTYPE_P2P_DEVICE)
10369 os_memcpy(if_addr, bss->addr, ETH_ALEN);
10370 else if (linux_get_ifhwaddr(drv->global->ioctl_sock,
10371 bss->ifname, if_addr) < 0) {
10372 if (added)
10373 nl80211_remove_iface(drv, ifidx);
10374 return -1;
10375 }
10376 }
10377
10378 #ifdef CONFIG_P2P
10379 if (!addr &&
10380 (type == WPA_IF_P2P_CLIENT || type == WPA_IF_P2P_GROUP ||
10381 type == WPA_IF_P2P_GO)) {
10382 /* Enforce unique P2P Interface Address */
10383 u8 new_addr[ETH_ALEN];
10384
10385 if (linux_get_ifhwaddr(drv->global->ioctl_sock, ifname,
10386 new_addr) < 0) {
10387 if (added)
10388 nl80211_remove_iface(drv, ifidx);
10389 return -1;
10390 }
10391 if (nl80211_addr_in_use(drv->global, new_addr)) {
10392 wpa_printf(MSG_DEBUG, "nl80211: Allocate new address "
10393 "for P2P group interface");
10394 if (nl80211_p2p_interface_addr(drv, new_addr) < 0) {
10395 if (added)
10396 nl80211_remove_iface(drv, ifidx);
10397 return -1;
10398 }
10399 if (linux_set_ifhwaddr(drv->global->ioctl_sock, ifname,
10400 new_addr) < 0) {
10401 if (added)
10402 nl80211_remove_iface(drv, ifidx);
10403 return -1;
10404 }
10405 }
10406 os_memcpy(if_addr, new_addr, ETH_ALEN);
10407 }
10408 #endif /* CONFIG_P2P */
10409
10410 if (type == WPA_IF_AP_BSS) {
10411 struct i802_bss *new_bss = os_zalloc(sizeof(*new_bss));
10412 if (new_bss == NULL) {
10413 if (added)
10414 nl80211_remove_iface(drv, ifidx);
10415 return -1;
10416 }
10417
10418 if (bridge &&
10419 i802_check_bridge(drv, new_bss, bridge, ifname) < 0) {
10420 wpa_printf(MSG_ERROR, "nl80211: Failed to add the new "
10421 "interface %s to a bridge %s",
10422 ifname, bridge);
10423 if (added)
10424 nl80211_remove_iface(drv, ifidx);
10425 os_free(new_bss);
10426 return -1;
10427 }
10428
10429 if (linux_set_iface_flags(drv->global->ioctl_sock, ifname, 1))
10430 {
10431 if (added)
10432 nl80211_remove_iface(drv, ifidx);
10433 os_free(new_bss);
10434 return -1;
10435 }
10436 os_strlcpy(new_bss->ifname, ifname, IFNAMSIZ);
10437 os_memcpy(new_bss->addr, if_addr, ETH_ALEN);
10438 new_bss->ifindex = ifidx;
10439 new_bss->drv = drv;
10440 new_bss->next = drv->first_bss->next;
10441 new_bss->freq = drv->first_bss->freq;
10442 new_bss->ctx = bss_ctx;
10443 new_bss->added_if = added;
10444 drv->first_bss->next = new_bss;
10445 if (drv_priv)
10446 *drv_priv = new_bss;
10447 nl80211_init_bss(new_bss);
10448
10449 /* Subscribe management frames for this WPA_IF_AP_BSS */
10450 if (nl80211_setup_ap(new_bss))
10451 return -1;
10452 }
10453
10454 if (drv->global)
10455 drv->global->if_add_ifindex = ifidx;
10456
10457 /*
10458 * Some virtual interfaces need to process EAPOL packets and events on
10459 * the parent interface. This is used mainly with hostapd.
10460 */
10461 if (ifidx > 0 &&
10462 (drv->hostapd ||
10463 nlmode == NL80211_IFTYPE_AP_VLAN ||
10464 nlmode == NL80211_IFTYPE_WDS ||
10465 nlmode == NL80211_IFTYPE_MONITOR))
10466 add_ifidx(drv, ifidx);
10467
10468 return 0;
10469 }
10470
10471
10472 static int wpa_driver_nl80211_if_remove(struct i802_bss *bss,
10473 enum wpa_driver_if_type type,
10474 const char *ifname)
10475 {
10476 struct wpa_driver_nl80211_data *drv = bss->drv;
10477 int ifindex = if_nametoindex(ifname);
10478
10479 wpa_printf(MSG_DEBUG, "nl80211: %s(type=%d ifname=%s) ifindex=%d added_if=%d",
10480 __func__, type, ifname, ifindex, bss->added_if);
10481 if (ifindex > 0 && (bss->added_if || bss->ifindex != ifindex))
10482 nl80211_remove_iface(drv, ifindex);
10483 else if (ifindex > 0 && !bss->added_if) {
10484 struct wpa_driver_nl80211_data *drv2;
10485 dl_list_for_each(drv2, &drv->global->interfaces,
10486 struct wpa_driver_nl80211_data, list)
10487 del_ifidx(drv2, ifindex);
10488 }
10489
10490 if (type != WPA_IF_AP_BSS)
10491 return 0;
10492
10493 if (bss->added_if_into_bridge) {
10494 if (linux_br_del_if(drv->global->ioctl_sock, bss->brname,
10495 bss->ifname) < 0)
10496 wpa_printf(MSG_INFO, "nl80211: Failed to remove "
10497 "interface %s from bridge %s: %s",
10498 bss->ifname, bss->brname, strerror(errno));
10499 }
10500 if (bss->added_bridge) {
10501 if (linux_br_del(drv->global->ioctl_sock, bss->brname) < 0)
10502 wpa_printf(MSG_INFO, "nl80211: Failed to remove "
10503 "bridge %s: %s",
10504 bss->brname, strerror(errno));
10505 }
10506
10507 if (bss != drv->first_bss) {
10508 struct i802_bss *tbss;
10509
10510 wpa_printf(MSG_DEBUG, "nl80211: Not the first BSS - remove it");
10511 for (tbss = drv->first_bss; tbss; tbss = tbss->next) {
10512 if (tbss->next == bss) {
10513 tbss->next = bss->next;
10514 /* Unsubscribe management frames */
10515 nl80211_teardown_ap(bss);
10516 nl80211_destroy_bss(bss);
10517 if (!bss->added_if)
10518 i802_set_iface_flags(bss, 0);
10519 os_free(bss);
10520 bss = NULL;
10521 break;
10522 }
10523 }
10524 if (bss)
10525 wpa_printf(MSG_INFO, "nl80211: %s - could not find "
10526 "BSS %p in the list", __func__, bss);
10527 } else {
10528 wpa_printf(MSG_DEBUG, "nl80211: First BSS - reassign context");
10529 nl80211_teardown_ap(bss);
10530 if (!bss->added_if && !drv->first_bss->next)
10531 wpa_driver_nl80211_del_beacon(drv);
10532 nl80211_destroy_bss(bss);
10533 if (!bss->added_if)
10534 i802_set_iface_flags(bss, 0);
10535 if (drv->first_bss->next) {
10536 drv->first_bss = drv->first_bss->next;
10537 drv->ctx = drv->first_bss->ctx;
10538 os_free(bss);
10539 } else {
10540 wpa_printf(MSG_DEBUG, "nl80211: No second BSS to reassign context to");
10541 }
10542 }
10543
10544 return 0;
10545 }
10546
10547
10548 static int cookie_handler(struct nl_msg *msg, void *arg)
10549 {
10550 struct nlattr *tb[NL80211_ATTR_MAX + 1];
10551 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
10552 u64 *cookie = arg;
10553 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
10554 genlmsg_attrlen(gnlh, 0), NULL);
10555 if (tb[NL80211_ATTR_COOKIE])
10556 *cookie = nla_get_u64(tb[NL80211_ATTR_COOKIE]);
10557 return NL_SKIP;
10558 }
10559
10560
10561 static int nl80211_send_frame_cmd(struct i802_bss *bss,
10562 unsigned int freq, unsigned int wait,
10563 const u8 *buf, size_t buf_len,
10564 u64 *cookie_out, int no_cck, int no_ack,
10565 int offchanok)
10566 {
10567 struct wpa_driver_nl80211_data *drv = bss->drv;
10568 struct nl_msg *msg;
10569 u64 cookie;
10570 int ret = -1;
10571
10572 msg = nlmsg_alloc();
10573 if (!msg)
10574 return -1;
10575
10576 wpa_printf(MSG_MSGDUMP, "nl80211: CMD_FRAME freq=%u wait=%u no_cck=%d "
10577 "no_ack=%d offchanok=%d",
10578 freq, wait, no_cck, no_ack, offchanok);
10579 wpa_hexdump(MSG_MSGDUMP, "CMD_FRAME", buf, buf_len);
10580 nl80211_cmd(drv, msg, 0, NL80211_CMD_FRAME);
10581
10582 if (nl80211_set_iface_id(msg, bss) < 0)
10583 goto nla_put_failure;
10584 if (freq)
10585 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, freq);
10586 if (wait)
10587 NLA_PUT_U32(msg, NL80211_ATTR_DURATION, wait);
10588 if (offchanok && ((drv->capa.flags & WPA_DRIVER_FLAGS_OFFCHANNEL_TX) ||
10589 drv->test_use_roc_tx))
10590 NLA_PUT_FLAG(msg, NL80211_ATTR_OFFCHANNEL_TX_OK);
10591 if (no_cck)
10592 NLA_PUT_FLAG(msg, NL80211_ATTR_TX_NO_CCK_RATE);
10593 if (no_ack)
10594 NLA_PUT_FLAG(msg, NL80211_ATTR_DONT_WAIT_FOR_ACK);
10595
10596 NLA_PUT(msg, NL80211_ATTR_FRAME, buf_len, buf);
10597
10598 cookie = 0;
10599 ret = send_and_recv_msgs(drv, msg, cookie_handler, &cookie);
10600 msg = NULL;
10601 if (ret) {
10602 wpa_printf(MSG_DEBUG, "nl80211: Frame command failed: ret=%d "
10603 "(%s) (freq=%u wait=%u)", ret, strerror(-ret),
10604 freq, wait);
10605 goto nla_put_failure;
10606 }
10607 wpa_printf(MSG_MSGDUMP, "nl80211: Frame TX command accepted%s; "
10608 "cookie 0x%llx", no_ack ? " (no ACK)" : "",
10609 (long long unsigned int) cookie);
10610
10611 if (cookie_out)
10612 *cookie_out = no_ack ? (u64) -1 : cookie;
10613
10614 nla_put_failure:
10615 nlmsg_free(msg);
10616 return ret;
10617 }
10618
10619
10620 static int wpa_driver_nl80211_send_action(struct i802_bss *bss,
10621 unsigned int freq,
10622 unsigned int wait_time,
10623 const u8 *dst, const u8 *src,
10624 const u8 *bssid,
10625 const u8 *data, size_t data_len,
10626 int no_cck)
10627 {
10628 struct wpa_driver_nl80211_data *drv = bss->drv;
10629 int ret = -1;
10630 u8 *buf;
10631 struct ieee80211_hdr *hdr;
10632
10633 wpa_printf(MSG_DEBUG, "nl80211: Send Action frame (ifindex=%d, "
10634 "freq=%u MHz wait=%d ms no_cck=%d)",
10635 drv->ifindex, freq, wait_time, no_cck);
10636
10637 buf = os_zalloc(24 + data_len);
10638 if (buf == NULL)
10639 return ret;
10640 os_memcpy(buf + 24, data, data_len);
10641 hdr = (struct ieee80211_hdr *) buf;
10642 hdr->frame_control =
10643 IEEE80211_FC(WLAN_FC_TYPE_MGMT, WLAN_FC_STYPE_ACTION);
10644 os_memcpy(hdr->addr1, dst, ETH_ALEN);
10645 os_memcpy(hdr->addr2, src, ETH_ALEN);
10646 os_memcpy(hdr->addr3, bssid, ETH_ALEN);
10647
10648 if (is_ap_interface(drv->nlmode) &&
10649 (!(drv->capa.flags & WPA_DRIVER_FLAGS_OFFCHANNEL_TX) ||
10650 (int) freq == bss->freq || drv->device_ap_sme ||
10651 !drv->use_monitor))
10652 ret = wpa_driver_nl80211_send_mlme(bss, buf, 24 + data_len,
10653 0, freq, no_cck, 1,
10654 wait_time);
10655 else
10656 ret = nl80211_send_frame_cmd(bss, freq, wait_time, buf,
10657 24 + data_len,
10658 &drv->send_action_cookie,
10659 no_cck, 0, 1);
10660
10661 os_free(buf);
10662 return ret;
10663 }
10664
10665
10666 static void wpa_driver_nl80211_send_action_cancel_wait(void *priv)
10667 {
10668 struct i802_bss *bss = priv;
10669 struct wpa_driver_nl80211_data *drv = bss->drv;
10670 struct nl_msg *msg;
10671 int ret;
10672
10673 msg = nlmsg_alloc();
10674 if (!msg)
10675 return;
10676
10677 wpa_printf(MSG_DEBUG, "nl80211: Cancel TX frame wait: cookie=0x%llx",
10678 (long long unsigned int) drv->send_action_cookie);
10679 nl80211_cmd(drv, msg, 0, NL80211_CMD_FRAME_WAIT_CANCEL);
10680
10681 if (nl80211_set_iface_id(msg, bss) < 0)
10682 goto nla_put_failure;
10683 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, drv->send_action_cookie);
10684
10685 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
10686 msg = NULL;
10687 if (ret)
10688 wpa_printf(MSG_DEBUG, "nl80211: wait cancel failed: ret=%d "
10689 "(%s)", ret, strerror(-ret));
10690
10691 nla_put_failure:
10692 nlmsg_free(msg);
10693 }
10694
10695
10696 static int wpa_driver_nl80211_remain_on_channel(void *priv, unsigned int freq,
10697 unsigned int duration)
10698 {
10699 struct i802_bss *bss = priv;
10700 struct wpa_driver_nl80211_data *drv = bss->drv;
10701 struct nl_msg *msg;
10702 int ret;
10703 u64 cookie;
10704
10705 msg = nlmsg_alloc();
10706 if (!msg)
10707 return -1;
10708
10709 nl80211_cmd(drv, msg, 0, NL80211_CMD_REMAIN_ON_CHANNEL);
10710
10711 if (nl80211_set_iface_id(msg, bss) < 0)
10712 goto nla_put_failure;
10713
10714 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, freq);
10715 NLA_PUT_U32(msg, NL80211_ATTR_DURATION, duration);
10716
10717 cookie = 0;
10718 ret = send_and_recv_msgs(drv, msg, cookie_handler, &cookie);
10719 msg = NULL;
10720 if (ret == 0) {
10721 wpa_printf(MSG_DEBUG, "nl80211: Remain-on-channel cookie "
10722 "0x%llx for freq=%u MHz duration=%u",
10723 (long long unsigned int) cookie, freq, duration);
10724 drv->remain_on_chan_cookie = cookie;
10725 drv->pending_remain_on_chan = 1;
10726 return 0;
10727 }
10728 wpa_printf(MSG_DEBUG, "nl80211: Failed to request remain-on-channel "
10729 "(freq=%d duration=%u): %d (%s)",
10730 freq, duration, ret, strerror(-ret));
10731 nla_put_failure:
10732 nlmsg_free(msg);
10733 return -1;
10734 }
10735
10736
10737 static int wpa_driver_nl80211_cancel_remain_on_channel(void *priv)
10738 {
10739 struct i802_bss *bss = priv;
10740 struct wpa_driver_nl80211_data *drv = bss->drv;
10741 struct nl_msg *msg;
10742 int ret;
10743
10744 if (!drv->pending_remain_on_chan) {
10745 wpa_printf(MSG_DEBUG, "nl80211: No pending remain-on-channel "
10746 "to cancel");
10747 return -1;
10748 }
10749
10750 wpa_printf(MSG_DEBUG, "nl80211: Cancel remain-on-channel with cookie "
10751 "0x%llx",
10752 (long long unsigned int) drv->remain_on_chan_cookie);
10753
10754 msg = nlmsg_alloc();
10755 if (!msg)
10756 return -1;
10757
10758 nl80211_cmd(drv, msg, 0, NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL);
10759
10760 if (nl80211_set_iface_id(msg, bss) < 0)
10761 goto nla_put_failure;
10762
10763 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, drv->remain_on_chan_cookie);
10764
10765 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
10766 msg = NULL;
10767 if (ret == 0)
10768 return 0;
10769 wpa_printf(MSG_DEBUG, "nl80211: Failed to cancel remain-on-channel: "
10770 "%d (%s)", ret, strerror(-ret));
10771 nla_put_failure:
10772 nlmsg_free(msg);
10773 return -1;
10774 }
10775
10776
10777 static int wpa_driver_nl80211_probe_req_report(struct i802_bss *bss, int report)
10778 {
10779 struct wpa_driver_nl80211_data *drv = bss->drv;
10780
10781 if (!report) {
10782 if (bss->nl_preq && drv->device_ap_sme &&
10783 is_ap_interface(drv->nlmode) && !bss->in_deinit &&
10784 !bss->static_ap) {
10785 /*
10786 * Do not disable Probe Request reporting that was
10787 * enabled in nl80211_setup_ap().
10788 */
10789 wpa_printf(MSG_DEBUG, "nl80211: Skip disabling of "
10790 "Probe Request reporting nl_preq=%p while "
10791 "in AP mode", bss->nl_preq);
10792 } else if (bss->nl_preq) {
10793 wpa_printf(MSG_DEBUG, "nl80211: Disable Probe Request "
10794 "reporting nl_preq=%p", bss->nl_preq);
10795 nl80211_destroy_eloop_handle(&bss->nl_preq);
10796 }
10797 return 0;
10798 }
10799
10800 if (bss->nl_preq) {
10801 wpa_printf(MSG_DEBUG, "nl80211: Probe Request reporting "
10802 "already on! nl_preq=%p", bss->nl_preq);
10803 return 0;
10804 }
10805
10806 bss->nl_preq = nl_create_handle(drv->global->nl_cb, "preq");
10807 if (bss->nl_preq == NULL)
10808 return -1;
10809 wpa_printf(MSG_DEBUG, "nl80211: Enable Probe Request "
10810 "reporting nl_preq=%p", bss->nl_preq);
10811
10812 if (nl80211_register_frame(bss, bss->nl_preq,
10813 (WLAN_FC_TYPE_MGMT << 2) |
10814 (WLAN_FC_STYPE_PROBE_REQ << 4),
10815 NULL, 0) < 0)
10816 goto out_err;
10817
10818 nl80211_register_eloop_read(&bss->nl_preq,
10819 wpa_driver_nl80211_event_receive,
10820 bss->nl_cb);
10821
10822 return 0;
10823
10824 out_err:
10825 nl_destroy_handles(&bss->nl_preq);
10826 return -1;
10827 }
10828
10829
10830 static int nl80211_disable_11b_rates(struct wpa_driver_nl80211_data *drv,
10831 int ifindex, int disabled)
10832 {
10833 struct nl_msg *msg;
10834 struct nlattr *bands, *band;
10835 int ret;
10836
10837 msg = nlmsg_alloc();
10838 if (!msg)
10839 return -1;
10840
10841 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_TX_BITRATE_MASK);
10842 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifindex);
10843
10844 bands = nla_nest_start(msg, NL80211_ATTR_TX_RATES);
10845 if (!bands)
10846 goto nla_put_failure;
10847
10848 /*
10849 * Disable 2 GHz rates 1, 2, 5.5, 11 Mbps by masking out everything
10850 * else apart from 6, 9, 12, 18, 24, 36, 48, 54 Mbps from non-MCS
10851 * rates. All 5 GHz rates are left enabled.
10852 */
10853 band = nla_nest_start(msg, NL80211_BAND_2GHZ);
10854 if (!band)
10855 goto nla_put_failure;
10856 if (disabled) {
10857 NLA_PUT(msg, NL80211_TXRATE_LEGACY, 8,
10858 "\x0c\x12\x18\x24\x30\x48\x60\x6c");
10859 }
10860 nla_nest_end(msg, band);
10861
10862 nla_nest_end(msg, bands);
10863
10864 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
10865 msg = NULL;
10866 if (ret) {
10867 wpa_printf(MSG_DEBUG, "nl80211: Set TX rates failed: ret=%d "
10868 "(%s)", ret, strerror(-ret));
10869 } else
10870 drv->disabled_11b_rates = disabled;
10871
10872 return ret;
10873
10874 nla_put_failure:
10875 nlmsg_free(msg);
10876 return -1;
10877 }
10878
10879
10880 static int wpa_driver_nl80211_deinit_ap(void *priv)
10881 {
10882 struct i802_bss *bss = priv;
10883 struct wpa_driver_nl80211_data *drv = bss->drv;
10884 if (!is_ap_interface(drv->nlmode))
10885 return -1;
10886 wpa_driver_nl80211_del_beacon(drv);
10887
10888 /*
10889 * If the P2P GO interface was dynamically added, then it is
10890 * possible that the interface change to station is not possible.
10891 */
10892 if (drv->nlmode == NL80211_IFTYPE_P2P_GO && bss->if_dynamic)
10893 return 0;
10894
10895 return wpa_driver_nl80211_set_mode(priv, NL80211_IFTYPE_STATION);
10896 }
10897
10898
10899 static int wpa_driver_nl80211_stop_ap(void *priv)
10900 {
10901 struct i802_bss *bss = priv;
10902 struct wpa_driver_nl80211_data *drv = bss->drv;
10903 if (!is_ap_interface(drv->nlmode))
10904 return -1;
10905 wpa_driver_nl80211_del_beacon(drv);
10906 bss->beacon_set = 0;
10907 return 0;
10908 }
10909
10910
10911 static int wpa_driver_nl80211_deinit_p2p_cli(void *priv)
10912 {
10913 struct i802_bss *bss = priv;
10914 struct wpa_driver_nl80211_data *drv = bss->drv;
10915 if (drv->nlmode != NL80211_IFTYPE_P2P_CLIENT)
10916 return -1;
10917
10918 /*
10919 * If the P2P Client interface was dynamically added, then it is
10920 * possible that the interface change to station is not possible.
10921 */
10922 if (bss->if_dynamic)
10923 return 0;
10924
10925 return wpa_driver_nl80211_set_mode(priv, NL80211_IFTYPE_STATION);
10926 }
10927
10928
10929 static void wpa_driver_nl80211_resume(void *priv)
10930 {
10931 struct i802_bss *bss = priv;
10932
10933 if (i802_set_iface_flags(bss, 1))
10934 wpa_printf(MSG_DEBUG, "nl80211: Failed to set interface up on resume event");
10935 }
10936
10937
10938 static int nl80211_send_ft_action(void *priv, u8 action, const u8 *target_ap,
10939 const u8 *ies, size_t ies_len)
10940 {
10941 struct i802_bss *bss = priv;
10942 struct wpa_driver_nl80211_data *drv = bss->drv;
10943 int ret;
10944 u8 *data, *pos;
10945 size_t data_len;
10946 const u8 *own_addr = bss->addr;
10947
10948 if (action != 1) {
10949 wpa_printf(MSG_ERROR, "nl80211: Unsupported send_ft_action "
10950 "action %d", action);
10951 return -1;
10952 }
10953
10954 /*
10955 * Action frame payload:
10956 * Category[1] = 6 (Fast BSS Transition)
10957 * Action[1] = 1 (Fast BSS Transition Request)
10958 * STA Address
10959 * Target AP Address
10960 * FT IEs
10961 */
10962
10963 data_len = 2 + 2 * ETH_ALEN + ies_len;
10964 data = os_malloc(data_len);
10965 if (data == NULL)
10966 return -1;
10967 pos = data;
10968 *pos++ = 0x06; /* FT Action category */
10969 *pos++ = action;
10970 os_memcpy(pos, own_addr, ETH_ALEN);
10971 pos += ETH_ALEN;
10972 os_memcpy(pos, target_ap, ETH_ALEN);
10973 pos += ETH_ALEN;
10974 os_memcpy(pos, ies, ies_len);
10975
10976 ret = wpa_driver_nl80211_send_action(bss, drv->assoc_freq, 0,
10977 drv->bssid, own_addr, drv->bssid,
10978 data, data_len, 0);
10979 os_free(data);
10980
10981 return ret;
10982 }
10983
10984
10985 static int nl80211_signal_monitor(void *priv, int threshold, int hysteresis)
10986 {
10987 struct i802_bss *bss = priv;
10988 struct wpa_driver_nl80211_data *drv = bss->drv;
10989 struct nl_msg *msg;
10990 struct nlattr *cqm;
10991 int ret = -1;
10992
10993 wpa_printf(MSG_DEBUG, "nl80211: Signal monitor threshold=%d "
10994 "hysteresis=%d", threshold, hysteresis);
10995
10996 msg = nlmsg_alloc();
10997 if (!msg)
10998 return -1;
10999
11000 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_CQM);
11001
11002 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, bss->ifindex);
11003
11004 cqm = nla_nest_start(msg, NL80211_ATTR_CQM);
11005 if (cqm == NULL)
11006 goto nla_put_failure;
11007
11008 NLA_PUT_U32(msg, NL80211_ATTR_CQM_RSSI_THOLD, threshold);
11009 NLA_PUT_U32(msg, NL80211_ATTR_CQM_RSSI_HYST, hysteresis);
11010 nla_nest_end(msg, cqm);
11011
11012 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
11013 msg = NULL;
11014
11015 nla_put_failure:
11016 nlmsg_free(msg);
11017 return ret;
11018 }
11019
11020
11021 static int get_channel_width(struct nl_msg *msg, void *arg)
11022 {
11023 struct nlattr *tb[NL80211_ATTR_MAX + 1];
11024 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
11025 struct wpa_signal_info *sig_change = arg;
11026
11027 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
11028 genlmsg_attrlen(gnlh, 0), NULL);
11029
11030 sig_change->center_frq1 = -1;
11031 sig_change->center_frq2 = -1;
11032 sig_change->chanwidth = CHAN_WIDTH_UNKNOWN;
11033
11034 if (tb[NL80211_ATTR_CHANNEL_WIDTH]) {
11035 sig_change->chanwidth = convert2width(
11036 nla_get_u32(tb[NL80211_ATTR_CHANNEL_WIDTH]));
11037 if (tb[NL80211_ATTR_CENTER_FREQ1])
11038 sig_change->center_frq1 =
11039 nla_get_u32(tb[NL80211_ATTR_CENTER_FREQ1]);
11040 if (tb[NL80211_ATTR_CENTER_FREQ2])
11041 sig_change->center_frq2 =
11042 nla_get_u32(tb[NL80211_ATTR_CENTER_FREQ2]);
11043 }
11044
11045 return NL_SKIP;
11046 }
11047
11048
11049 static int nl80211_get_channel_width(struct wpa_driver_nl80211_data *drv,
11050 struct wpa_signal_info *sig)
11051 {
11052 struct nl_msg *msg;
11053
11054 msg = nlmsg_alloc();
11055 if (!msg)
11056 return -ENOMEM;
11057
11058 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_INTERFACE);
11059 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
11060
11061 return send_and_recv_msgs(drv, msg, get_channel_width, sig);
11062
11063 nla_put_failure:
11064 nlmsg_free(msg);
11065 return -ENOBUFS;
11066 }
11067
11068
11069 static int nl80211_signal_poll(void *priv, struct wpa_signal_info *si)
11070 {
11071 struct i802_bss *bss = priv;
11072 struct wpa_driver_nl80211_data *drv = bss->drv;
11073 int res;
11074
11075 os_memset(si, 0, sizeof(*si));
11076 res = nl80211_get_link_signal(drv, si);
11077 if (res != 0)
11078 return res;
11079
11080 res = nl80211_get_channel_width(drv, si);
11081 if (res != 0)
11082 return res;
11083
11084 return nl80211_get_link_noise(drv, si);
11085 }
11086
11087
11088 static int wpa_driver_nl80211_shared_freq(void *priv)
11089 {
11090 struct i802_bss *bss = priv;
11091 struct wpa_driver_nl80211_data *drv = bss->drv;
11092 struct wpa_driver_nl80211_data *driver;
11093 int freq = 0;
11094
11095 /*
11096 * If the same PHY is in connected state with some other interface,
11097 * then retrieve the assoc freq.
11098 */
11099 wpa_printf(MSG_DEBUG, "nl80211: Get shared freq for PHY %s",
11100 drv->phyname);
11101
11102 dl_list_for_each(driver, &drv->global->interfaces,
11103 struct wpa_driver_nl80211_data, list) {
11104 if (drv == driver ||
11105 os_strcmp(drv->phyname, driver->phyname) != 0 ||
11106 !driver->associated)
11107 continue;
11108
11109 wpa_printf(MSG_DEBUG, "nl80211: Found a match for PHY %s - %s "
11110 MACSTR,
11111 driver->phyname, driver->first_bss->ifname,
11112 MAC2STR(driver->first_bss->addr));
11113 if (is_ap_interface(driver->nlmode))
11114 freq = driver->first_bss->freq;
11115 else
11116 freq = nl80211_get_assoc_freq(driver);
11117 wpa_printf(MSG_DEBUG, "nl80211: Shared freq for PHY %s: %d",
11118 drv->phyname, freq);
11119 }
11120
11121 if (!freq)
11122 wpa_printf(MSG_DEBUG, "nl80211: No shared interface for "
11123 "PHY (%s) in associated state", drv->phyname);
11124
11125 return freq;
11126 }
11127
11128
11129 static int nl80211_send_frame(void *priv, const u8 *data, size_t data_len,
11130 int encrypt)
11131 {
11132 struct i802_bss *bss = priv;
11133 return wpa_driver_nl80211_send_frame(bss, data, data_len, encrypt, 0,
11134 0, 0, 0, 0);
11135 }
11136
11137
11138 static int nl80211_set_param(void *priv, const char *param)
11139 {
11140 wpa_printf(MSG_DEBUG, "nl80211: driver param='%s'", param);
11141 if (param == NULL)
11142 return 0;
11143
11144 #ifdef CONFIG_P2P
11145 if (os_strstr(param, "use_p2p_group_interface=1")) {
11146 struct i802_bss *bss = priv;
11147 struct wpa_driver_nl80211_data *drv = bss->drv;
11148
11149 wpa_printf(MSG_DEBUG, "nl80211: Use separate P2P group "
11150 "interface");
11151 drv->capa.flags |= WPA_DRIVER_FLAGS_P2P_CONCURRENT;
11152 drv->capa.flags |= WPA_DRIVER_FLAGS_P2P_MGMT_AND_NON_P2P;
11153 }
11154 #endif /* CONFIG_P2P */
11155
11156 if (os_strstr(param, "use_monitor=1")) {
11157 struct i802_bss *bss = priv;
11158 struct wpa_driver_nl80211_data *drv = bss->drv;
11159 drv->use_monitor = 1;
11160 }
11161
11162 if (os_strstr(param, "force_connect_cmd=1")) {
11163 struct i802_bss *bss = priv;
11164 struct wpa_driver_nl80211_data *drv = bss->drv;
11165 drv->capa.flags &= ~WPA_DRIVER_FLAGS_SME;
11166 drv->force_connect_cmd = 1;
11167 }
11168
11169 if (os_strstr(param, "no_offchannel_tx=1")) {
11170 struct i802_bss *bss = priv;
11171 struct wpa_driver_nl80211_data *drv = bss->drv;
11172 drv->capa.flags &= ~WPA_DRIVER_FLAGS_OFFCHANNEL_TX;
11173 drv->test_use_roc_tx = 1;
11174 }
11175
11176 return 0;
11177 }
11178
11179
11180 static void * nl80211_global_init(void)
11181 {
11182 struct nl80211_global *global;
11183 struct netlink_config *cfg;
11184
11185 global = os_zalloc(sizeof(*global));
11186 if (global == NULL)
11187 return NULL;
11188 global->ioctl_sock = -1;
11189 dl_list_init(&global->interfaces);
11190 global->if_add_ifindex = -1;
11191
11192 cfg = os_zalloc(sizeof(*cfg));
11193 if (cfg == NULL)
11194 goto err;
11195
11196 cfg->ctx = global;
11197 cfg->newlink_cb = wpa_driver_nl80211_event_rtm_newlink;
11198 cfg->dellink_cb = wpa_driver_nl80211_event_rtm_dellink;
11199 global->netlink = netlink_init(cfg);
11200 if (global->netlink == NULL) {
11201 os_free(cfg);
11202 goto err;
11203 }
11204
11205 if (wpa_driver_nl80211_init_nl_global(global) < 0)
11206 goto err;
11207
11208 global->ioctl_sock = socket(PF_INET, SOCK_DGRAM, 0);
11209 if (global->ioctl_sock < 0) {
11210 wpa_printf(MSG_ERROR, "nl80211: socket(PF_INET,SOCK_DGRAM) failed: %s",
11211 strerror(errno));
11212 goto err;
11213 }
11214
11215 return global;
11216
11217 err:
11218 nl80211_global_deinit(global);
11219 return NULL;
11220 }
11221
11222
11223 static void nl80211_global_deinit(void *priv)
11224 {
11225 struct nl80211_global *global = priv;
11226 if (global == NULL)
11227 return;
11228 if (!dl_list_empty(&global->interfaces)) {
11229 wpa_printf(MSG_ERROR, "nl80211: %u interface(s) remain at "
11230 "nl80211_global_deinit",
11231 dl_list_len(&global->interfaces));
11232 }
11233
11234 if (global->netlink)
11235 netlink_deinit(global->netlink);
11236
11237 nl_destroy_handles(&global->nl);
11238
11239 if (global->nl_event)
11240 nl80211_destroy_eloop_handle(&global->nl_event);
11241
11242 nl_cb_put(global->nl_cb);
11243
11244 if (global->ioctl_sock >= 0)
11245 close(global->ioctl_sock);
11246
11247 os_free(global);
11248 }
11249
11250
11251 static const char * nl80211_get_radio_name(void *priv)
11252 {
11253 struct i802_bss *bss = priv;
11254 struct wpa_driver_nl80211_data *drv = bss->drv;
11255 return drv->phyname;
11256 }
11257
11258
11259 static int nl80211_pmkid(struct i802_bss *bss, int cmd, const u8 *bssid,
11260 const u8 *pmkid)
11261 {
11262 struct nl_msg *msg;
11263
11264 msg = nlmsg_alloc();
11265 if (!msg)
11266 return -ENOMEM;
11267
11268 nl80211_cmd(bss->drv, msg, 0, cmd);
11269
11270 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(bss->ifname));
11271 if (pmkid)
11272 NLA_PUT(msg, NL80211_ATTR_PMKID, 16, pmkid);
11273 if (bssid)
11274 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid);
11275
11276 return send_and_recv_msgs(bss->drv, msg, NULL, NULL);
11277 nla_put_failure:
11278 nlmsg_free(msg);
11279 return -ENOBUFS;
11280 }
11281
11282
11283 static int nl80211_add_pmkid(void *priv, const u8 *bssid, const u8 *pmkid)
11284 {
11285 struct i802_bss *bss = priv;
11286 wpa_printf(MSG_DEBUG, "nl80211: Add PMKID for " MACSTR, MAC2STR(bssid));
11287 return nl80211_pmkid(bss, NL80211_CMD_SET_PMKSA, bssid, pmkid);
11288 }
11289
11290
11291 static int nl80211_remove_pmkid(void *priv, const u8 *bssid, const u8 *pmkid)
11292 {
11293 struct i802_bss *bss = priv;
11294 wpa_printf(MSG_DEBUG, "nl80211: Delete PMKID for " MACSTR,
11295 MAC2STR(bssid));
11296 return nl80211_pmkid(bss, NL80211_CMD_DEL_PMKSA, bssid, pmkid);
11297 }
11298
11299
11300 static int nl80211_flush_pmkid(void *priv)
11301 {
11302 struct i802_bss *bss = priv;
11303 wpa_printf(MSG_DEBUG, "nl80211: Flush PMKIDs");
11304 return nl80211_pmkid(bss, NL80211_CMD_FLUSH_PMKSA, NULL, NULL);
11305 }
11306
11307
11308 static void clean_survey_results(struct survey_results *survey_results)
11309 {
11310 struct freq_survey *survey, *tmp;
11311
11312 if (dl_list_empty(&survey_results->survey_list))
11313 return;
11314
11315 dl_list_for_each_safe(survey, tmp, &survey_results->survey_list,
11316 struct freq_survey, list) {
11317 dl_list_del(&survey->list);
11318 os_free(survey);
11319 }
11320 }
11321
11322
11323 static void add_survey(struct nlattr **sinfo, u32 ifidx,
11324 struct dl_list *survey_list)
11325 {
11326 struct freq_survey *survey;
11327
11328 survey = os_zalloc(sizeof(struct freq_survey));
11329 if (!survey)
11330 return;
11331
11332 survey->ifidx = ifidx;
11333 survey->freq = nla_get_u32(sinfo[NL80211_SURVEY_INFO_FREQUENCY]);
11334 survey->filled = 0;
11335
11336 if (sinfo[NL80211_SURVEY_INFO_NOISE]) {
11337 survey->nf = (int8_t)
11338 nla_get_u8(sinfo[NL80211_SURVEY_INFO_NOISE]);
11339 survey->filled |= SURVEY_HAS_NF;
11340 }
11341
11342 if (sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME]) {
11343 survey->channel_time =
11344 nla_get_u64(sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME]);
11345 survey->filled |= SURVEY_HAS_CHAN_TIME;
11346 }
11347
11348 if (sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_BUSY]) {
11349 survey->channel_time_busy =
11350 nla_get_u64(sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_BUSY]);
11351 survey->filled |= SURVEY_HAS_CHAN_TIME_BUSY;
11352 }
11353
11354 if (sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_RX]) {
11355 survey->channel_time_rx =
11356 nla_get_u64(sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_RX]);
11357 survey->filled |= SURVEY_HAS_CHAN_TIME_RX;
11358 }
11359
11360 if (sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_TX]) {
11361 survey->channel_time_tx =
11362 nla_get_u64(sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_TX]);
11363 survey->filled |= SURVEY_HAS_CHAN_TIME_TX;
11364 }
11365
11366 wpa_printf(MSG_DEBUG, "nl80211: Freq survey dump event (freq=%d MHz noise=%d channel_time=%ld busy_time=%ld tx_time=%ld rx_time=%ld filled=%04x)",
11367 survey->freq,
11368 survey->nf,
11369 (unsigned long int) survey->channel_time,
11370 (unsigned long int) survey->channel_time_busy,
11371 (unsigned long int) survey->channel_time_tx,
11372 (unsigned long int) survey->channel_time_rx,
11373 survey->filled);
11374
11375 dl_list_add_tail(survey_list, &survey->list);
11376 }
11377
11378
11379 static int check_survey_ok(struct nlattr **sinfo, u32 surveyed_freq,
11380 unsigned int freq_filter)
11381 {
11382 if (!freq_filter)
11383 return 1;
11384
11385 return freq_filter == surveyed_freq;
11386 }
11387
11388
11389 static int survey_handler(struct nl_msg *msg, void *arg)
11390 {
11391 struct nlattr *tb[NL80211_ATTR_MAX + 1];
11392 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
11393 struct nlattr *sinfo[NL80211_SURVEY_INFO_MAX + 1];
11394 struct survey_results *survey_results;
11395 u32 surveyed_freq = 0;
11396 u32 ifidx;
11397
11398 static struct nla_policy survey_policy[NL80211_SURVEY_INFO_MAX + 1] = {
11399 [NL80211_SURVEY_INFO_FREQUENCY] = { .type = NLA_U32 },
11400 [NL80211_SURVEY_INFO_NOISE] = { .type = NLA_U8 },
11401 };
11402
11403 survey_results = (struct survey_results *) arg;
11404
11405 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
11406 genlmsg_attrlen(gnlh, 0), NULL);
11407
11408 if (!tb[NL80211_ATTR_IFINDEX])
11409 return NL_SKIP;
11410
11411 ifidx = nla_get_u32(tb[NL80211_ATTR_IFINDEX]);
11412
11413 if (!tb[NL80211_ATTR_SURVEY_INFO])
11414 return NL_SKIP;
11415
11416 if (nla_parse_nested(sinfo, NL80211_SURVEY_INFO_MAX,
11417 tb[NL80211_ATTR_SURVEY_INFO],
11418 survey_policy))
11419 return NL_SKIP;
11420
11421 if (!sinfo[NL80211_SURVEY_INFO_FREQUENCY]) {
11422 wpa_printf(MSG_ERROR, "nl80211: Invalid survey data");
11423 return NL_SKIP;
11424 }
11425
11426 surveyed_freq = nla_get_u32(sinfo[NL80211_SURVEY_INFO_FREQUENCY]);
11427
11428 if (!check_survey_ok(sinfo, surveyed_freq,
11429 survey_results->freq_filter))
11430 return NL_SKIP;
11431
11432 if (survey_results->freq_filter &&
11433 survey_results->freq_filter != surveyed_freq) {
11434 wpa_printf(MSG_EXCESSIVE, "nl80211: Ignoring survey data for freq %d MHz",
11435 surveyed_freq);
11436 return NL_SKIP;
11437 }
11438
11439 add_survey(sinfo, ifidx, &survey_results->survey_list);
11440
11441 return NL_SKIP;
11442 }
11443
11444
11445 static int wpa_driver_nl80211_get_survey(void *priv, unsigned int freq)
11446 {
11447 struct i802_bss *bss = priv;
11448 struct wpa_driver_nl80211_data *drv = bss->drv;
11449 struct nl_msg *msg;
11450 int err = -ENOBUFS;
11451 union wpa_event_data data;
11452 struct survey_results *survey_results;
11453
11454 os_memset(&data, 0, sizeof(data));
11455 survey_results = &data.survey_results;
11456
11457 dl_list_init(&survey_results->survey_list);
11458
11459 msg = nlmsg_alloc();
11460 if (!msg)
11461 goto nla_put_failure;
11462
11463 nl80211_cmd(drv, msg, NLM_F_DUMP, NL80211_CMD_GET_SURVEY);
11464
11465 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
11466
11467 if (freq)
11468 data.survey_results.freq_filter = freq;
11469
11470 do {
11471 wpa_printf(MSG_DEBUG, "nl80211: Fetch survey data");
11472 err = send_and_recv_msgs(drv, msg, survey_handler,
11473 survey_results);
11474 } while (err > 0);
11475
11476 if (err) {
11477 wpa_printf(MSG_ERROR, "nl80211: Failed to process survey data");
11478 goto out_clean;
11479 }
11480
11481 wpa_supplicant_event(drv->ctx, EVENT_SURVEY, &data);
11482
11483 out_clean:
11484 clean_survey_results(survey_results);
11485 nla_put_failure:
11486 return err;
11487 }
11488
11489
11490 static void nl80211_set_rekey_info(void *priv, const u8 *kek, const u8 *kck,
11491 const u8 *replay_ctr)
11492 {
11493 struct i802_bss *bss = priv;
11494 struct wpa_driver_nl80211_data *drv = bss->drv;
11495 struct nlattr *replay_nested;
11496 struct nl_msg *msg;
11497
11498 msg = nlmsg_alloc();
11499 if (!msg)
11500 return;
11501
11502 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_REKEY_OFFLOAD);
11503
11504 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, bss->ifindex);
11505
11506 replay_nested = nla_nest_start(msg, NL80211_ATTR_REKEY_DATA);
11507 if (!replay_nested)
11508 goto nla_put_failure;
11509
11510 NLA_PUT(msg, NL80211_REKEY_DATA_KEK, NL80211_KEK_LEN, kek);
11511 NLA_PUT(msg, NL80211_REKEY_DATA_KCK, NL80211_KCK_LEN, kck);
11512 NLA_PUT(msg, NL80211_REKEY_DATA_REPLAY_CTR, NL80211_REPLAY_CTR_LEN,
11513 replay_ctr);
11514
11515 nla_nest_end(msg, replay_nested);
11516
11517 send_and_recv_msgs(drv, msg, NULL, NULL);
11518 return;
11519 nla_put_failure:
11520 nlmsg_free(msg);
11521 }
11522
11523
11524 static void nl80211_send_null_frame(struct i802_bss *bss, const u8 *own_addr,
11525 const u8 *addr, int qos)
11526 {
11527 /* send data frame to poll STA and check whether
11528 * this frame is ACKed */
11529 struct {
11530 struct ieee80211_hdr hdr;
11531 u16 qos_ctl;
11532 } STRUCT_PACKED nulldata;
11533 size_t size;
11534
11535 /* Send data frame to poll STA and check whether this frame is ACKed */
11536
11537 os_memset(&nulldata, 0, sizeof(nulldata));
11538
11539 if (qos) {
11540 nulldata.hdr.frame_control =
11541 IEEE80211_FC(WLAN_FC_TYPE_DATA,
11542 WLAN_FC_STYPE_QOS_NULL);
11543 size = sizeof(nulldata);
11544 } else {
11545 nulldata.hdr.frame_control =
11546 IEEE80211_FC(WLAN_FC_TYPE_DATA,
11547 WLAN_FC_STYPE_NULLFUNC);
11548 size = sizeof(struct ieee80211_hdr);
11549 }
11550
11551 nulldata.hdr.frame_control |= host_to_le16(WLAN_FC_FROMDS);
11552 os_memcpy(nulldata.hdr.IEEE80211_DA_FROMDS, addr, ETH_ALEN);
11553 os_memcpy(nulldata.hdr.IEEE80211_BSSID_FROMDS, own_addr, ETH_ALEN);
11554 os_memcpy(nulldata.hdr.IEEE80211_SA_FROMDS, own_addr, ETH_ALEN);
11555
11556 if (wpa_driver_nl80211_send_mlme(bss, (u8 *) &nulldata, size, 0, 0, 0,
11557 0, 0) < 0)
11558 wpa_printf(MSG_DEBUG, "nl80211_send_null_frame: Failed to "
11559 "send poll frame");
11560 }
11561
11562 static void nl80211_poll_client(void *priv, const u8 *own_addr, const u8 *addr,
11563 int qos)
11564 {
11565 struct i802_bss *bss = priv;
11566 struct wpa_driver_nl80211_data *drv = bss->drv;
11567 struct nl_msg *msg;
11568
11569 if (!drv->poll_command_supported) {
11570 nl80211_send_null_frame(bss, own_addr, addr, qos);
11571 return;
11572 }
11573
11574 msg = nlmsg_alloc();
11575 if (!msg)
11576 return;
11577
11578 nl80211_cmd(drv, msg, 0, NL80211_CMD_PROBE_CLIENT);
11579
11580 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, bss->ifindex);
11581 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
11582
11583 send_and_recv_msgs(drv, msg, NULL, NULL);
11584 return;
11585 nla_put_failure:
11586 nlmsg_free(msg);
11587 }
11588
11589
11590 static int nl80211_set_power_save(struct i802_bss *bss, int enabled)
11591 {
11592 struct nl_msg *msg;
11593
11594 msg = nlmsg_alloc();
11595 if (!msg)
11596 return -ENOMEM;
11597
11598 nl80211_cmd(bss->drv, msg, 0, NL80211_CMD_SET_POWER_SAVE);
11599 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, bss->ifindex);
11600 NLA_PUT_U32(msg, NL80211_ATTR_PS_STATE,
11601 enabled ? NL80211_PS_ENABLED : NL80211_PS_DISABLED);
11602 return send_and_recv_msgs(bss->drv, msg, NULL, NULL);
11603 nla_put_failure:
11604 nlmsg_free(msg);
11605 return -ENOBUFS;
11606 }
11607
11608
11609 static int nl80211_set_p2p_powersave(void *priv, int legacy_ps, int opp_ps,
11610 int ctwindow)
11611 {
11612 struct i802_bss *bss = priv;
11613
11614 wpa_printf(MSG_DEBUG, "nl80211: set_p2p_powersave (legacy_ps=%d "
11615 "opp_ps=%d ctwindow=%d)", legacy_ps, opp_ps, ctwindow);
11616
11617 if (opp_ps != -1 || ctwindow != -1) {
11618 #ifdef ANDROID_P2P
11619 wpa_driver_set_p2p_ps(priv, legacy_ps, opp_ps, ctwindow);
11620 #else /* ANDROID_P2P */
11621 return -1; /* Not yet supported */
11622 #endif /* ANDROID_P2P */
11623 }
11624
11625 if (legacy_ps == -1)
11626 return 0;
11627 if (legacy_ps != 0 && legacy_ps != 1)
11628 return -1; /* Not yet supported */
11629
11630 return nl80211_set_power_save(bss, legacy_ps);
11631 }
11632
11633
11634 static int nl80211_start_radar_detection(void *priv,
11635 struct hostapd_freq_params *freq)
11636 {
11637 struct i802_bss *bss = priv;
11638 struct wpa_driver_nl80211_data *drv = bss->drv;
11639 struct nl_msg *msg;
11640 int ret;
11641
11642 wpa_printf(MSG_DEBUG, "nl80211: Start radar detection (CAC) %d MHz (ht_enabled=%d, vht_enabled=%d, bandwidth=%d MHz, cf1=%d MHz, cf2=%d MHz)",
11643 freq->freq, freq->ht_enabled, freq->vht_enabled,
11644 freq->bandwidth, freq->center_freq1, freq->center_freq2);
11645
11646 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_RADAR)) {
11647 wpa_printf(MSG_DEBUG, "nl80211: Driver does not support radar "
11648 "detection");
11649 return -1;
11650 }
11651
11652 msg = nlmsg_alloc();
11653 if (!msg)
11654 return -1;
11655
11656 nl80211_cmd(bss->drv, msg, 0, NL80211_CMD_RADAR_DETECT);
11657 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
11658
11659 if (nl80211_put_freq_params(msg, freq) < 0)
11660 goto nla_put_failure;
11661
11662 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
11663 msg = NULL;
11664 if (ret == 0)
11665 return 0;
11666 wpa_printf(MSG_DEBUG, "nl80211: Failed to start radar detection: "
11667 "%d (%s)", ret, strerror(-ret));
11668 nla_put_failure:
11669 nlmsg_free(msg);
11670 return -1;
11671 }
11672
11673 #ifdef CONFIG_TDLS
11674
11675 static int nl80211_send_tdls_mgmt(void *priv, const u8 *dst, u8 action_code,
11676 u8 dialog_token, u16 status_code,
11677 u32 peer_capab, int initiator, const u8 *buf,
11678 size_t len)
11679 {
11680 struct i802_bss *bss = priv;
11681 struct wpa_driver_nl80211_data *drv = bss->drv;
11682 struct nl_msg *msg;
11683
11684 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT))
11685 return -EOPNOTSUPP;
11686
11687 if (!dst)
11688 return -EINVAL;
11689
11690 msg = nlmsg_alloc();
11691 if (!msg)
11692 return -ENOMEM;
11693
11694 nl80211_cmd(drv, msg, 0, NL80211_CMD_TDLS_MGMT);
11695 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
11696 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, dst);
11697 NLA_PUT_U8(msg, NL80211_ATTR_TDLS_ACTION, action_code);
11698 NLA_PUT_U8(msg, NL80211_ATTR_TDLS_DIALOG_TOKEN, dialog_token);
11699 NLA_PUT_U16(msg, NL80211_ATTR_STATUS_CODE, status_code);
11700 if (peer_capab) {
11701 /*
11702 * The internal enum tdls_peer_capability definition is
11703 * currently identical with the nl80211 enum
11704 * nl80211_tdls_peer_capability, so no conversion is needed
11705 * here.
11706 */
11707 NLA_PUT_U32(msg, NL80211_ATTR_TDLS_PEER_CAPABILITY, peer_capab);
11708 }
11709 if (initiator)
11710 NLA_PUT_FLAG(msg, NL80211_ATTR_TDLS_INITIATOR);
11711 NLA_PUT(msg, NL80211_ATTR_IE, len, buf);
11712
11713 return send_and_recv_msgs(drv, msg, NULL, NULL);
11714
11715 nla_put_failure:
11716 nlmsg_free(msg);
11717 return -ENOBUFS;
11718 }
11719
11720
11721 static int nl80211_tdls_oper(void *priv, enum tdls_oper oper, const u8 *peer)
11722 {
11723 struct i802_bss *bss = priv;
11724 struct wpa_driver_nl80211_data *drv = bss->drv;
11725 struct nl_msg *msg;
11726 enum nl80211_tdls_operation nl80211_oper;
11727
11728 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT))
11729 return -EOPNOTSUPP;
11730
11731 switch (oper) {
11732 case TDLS_DISCOVERY_REQ:
11733 nl80211_oper = NL80211_TDLS_DISCOVERY_REQ;
11734 break;
11735 case TDLS_SETUP:
11736 nl80211_oper = NL80211_TDLS_SETUP;
11737 break;
11738 case TDLS_TEARDOWN:
11739 nl80211_oper = NL80211_TDLS_TEARDOWN;
11740 break;
11741 case TDLS_ENABLE_LINK:
11742 nl80211_oper = NL80211_TDLS_ENABLE_LINK;
11743 break;
11744 case TDLS_DISABLE_LINK:
11745 nl80211_oper = NL80211_TDLS_DISABLE_LINK;
11746 break;
11747 case TDLS_ENABLE:
11748 return 0;
11749 case TDLS_DISABLE:
11750 return 0;
11751 default:
11752 return -EINVAL;
11753 }
11754
11755 msg = nlmsg_alloc();
11756 if (!msg)
11757 return -ENOMEM;
11758
11759 nl80211_cmd(drv, msg, 0, NL80211_CMD_TDLS_OPER);
11760 NLA_PUT_U8(msg, NL80211_ATTR_TDLS_OPERATION, nl80211_oper);
11761 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
11762 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, peer);
11763
11764 return send_and_recv_msgs(drv, msg, NULL, NULL);
11765
11766 nla_put_failure:
11767 nlmsg_free(msg);
11768 return -ENOBUFS;
11769 }
11770
11771 #endif /* CONFIG TDLS */
11772
11773
11774 #ifdef ANDROID
11775
11776 typedef struct android_wifi_priv_cmd {
11777 char *buf;
11778 int used_len;
11779 int total_len;
11780 } android_wifi_priv_cmd;
11781
11782 static int drv_errors = 0;
11783
11784 static void wpa_driver_send_hang_msg(struct wpa_driver_nl80211_data *drv)
11785 {
11786 drv_errors++;
11787 if (drv_errors > DRV_NUMBER_SEQUENTIAL_ERRORS) {
11788 drv_errors = 0;
11789 wpa_msg(drv->ctx, MSG_INFO, WPA_EVENT_DRIVER_STATE "HANGED");
11790 }
11791 }
11792
11793
11794 static int android_priv_cmd(struct i802_bss *bss, const char *cmd)
11795 {
11796 struct wpa_driver_nl80211_data *drv = bss->drv;
11797 struct ifreq ifr;
11798 android_wifi_priv_cmd priv_cmd;
11799 char buf[MAX_DRV_CMD_SIZE];
11800 int ret;
11801
11802 os_memset(&ifr, 0, sizeof(ifr));
11803 os_memset(&priv_cmd, 0, sizeof(priv_cmd));
11804 os_strlcpy(ifr.ifr_name, bss->ifname, IFNAMSIZ);
11805
11806 os_memset(buf, 0, sizeof(buf));
11807 os_strlcpy(buf, cmd, sizeof(buf));
11808
11809 priv_cmd.buf = buf;
11810 priv_cmd.used_len = sizeof(buf);
11811 priv_cmd.total_len = sizeof(buf);
11812 ifr.ifr_data = &priv_cmd;
11813
11814 ret = ioctl(drv->global->ioctl_sock, SIOCDEVPRIVATE + 1, &ifr);
11815 if (ret < 0) {
11816 wpa_printf(MSG_ERROR, "%s: failed to issue private commands",
11817 __func__);
11818 wpa_driver_send_hang_msg(drv);
11819 return ret;
11820 }
11821
11822 drv_errors = 0;
11823 return 0;
11824 }
11825
11826
11827 static int android_pno_start(struct i802_bss *bss,
11828 struct wpa_driver_scan_params *params)
11829 {
11830 struct wpa_driver_nl80211_data *drv = bss->drv;
11831 struct ifreq ifr;
11832 android_wifi_priv_cmd priv_cmd;
11833 int ret = 0, i = 0, bp;
11834 char buf[WEXT_PNO_MAX_COMMAND_SIZE];
11835
11836 bp = WEXT_PNOSETUP_HEADER_SIZE;
11837 os_memcpy(buf, WEXT_PNOSETUP_HEADER, bp);
11838 buf[bp++] = WEXT_PNO_TLV_PREFIX;
11839 buf[bp++] = WEXT_PNO_TLV_VERSION;
11840 buf[bp++] = WEXT_PNO_TLV_SUBVERSION;
11841 buf[bp++] = WEXT_PNO_TLV_RESERVED;
11842
11843 while (i < WEXT_PNO_AMOUNT && (size_t) i < params->num_ssids) {
11844 /* Check that there is enough space needed for 1 more SSID, the
11845 * other sections and null termination */
11846 if ((bp + WEXT_PNO_SSID_HEADER_SIZE + MAX_SSID_LEN +
11847 WEXT_PNO_NONSSID_SECTIONS_SIZE + 1) >= (int) sizeof(buf))
11848 break;
11849 wpa_hexdump_ascii(MSG_DEBUG, "For PNO Scan",
11850 params->ssids[i].ssid,
11851 params->ssids[i].ssid_len);
11852 buf[bp++] = WEXT_PNO_SSID_SECTION;
11853 buf[bp++] = params->ssids[i].ssid_len;
11854 os_memcpy(&buf[bp], params->ssids[i].ssid,
11855 params->ssids[i].ssid_len);
11856 bp += params->ssids[i].ssid_len;
11857 i++;
11858 }
11859
11860 buf[bp++] = WEXT_PNO_SCAN_INTERVAL_SECTION;
11861 os_snprintf(&buf[bp], WEXT_PNO_SCAN_INTERVAL_LENGTH + 1, "%x",
11862 WEXT_PNO_SCAN_INTERVAL);
11863 bp += WEXT_PNO_SCAN_INTERVAL_LENGTH;
11864
11865 buf[bp++] = WEXT_PNO_REPEAT_SECTION;
11866 os_snprintf(&buf[bp], WEXT_PNO_REPEAT_LENGTH + 1, "%x",
11867 WEXT_PNO_REPEAT);
11868 bp += WEXT_PNO_REPEAT_LENGTH;
11869
11870 buf[bp++] = WEXT_PNO_MAX_REPEAT_SECTION;
11871 os_snprintf(&buf[bp], WEXT_PNO_MAX_REPEAT_LENGTH + 1, "%x",
11872 WEXT_PNO_MAX_REPEAT);
11873 bp += WEXT_PNO_MAX_REPEAT_LENGTH + 1;
11874
11875 memset(&ifr, 0, sizeof(ifr));
11876 memset(&priv_cmd, 0, sizeof(priv_cmd));
11877 os_strlcpy(ifr.ifr_name, bss->ifname, IFNAMSIZ);
11878
11879 priv_cmd.buf = buf;
11880 priv_cmd.used_len = bp;
11881 priv_cmd.total_len = bp;
11882 ifr.ifr_data = &priv_cmd;
11883
11884 ret = ioctl(drv->global->ioctl_sock, SIOCDEVPRIVATE + 1, &ifr);
11885
11886 if (ret < 0) {
11887 wpa_printf(MSG_ERROR, "ioctl[SIOCSIWPRIV] (pnosetup): %d",
11888 ret);
11889 wpa_driver_send_hang_msg(drv);
11890 return ret;
11891 }
11892
11893 drv_errors = 0;
11894
11895 return android_priv_cmd(bss, "PNOFORCE 1");
11896 }
11897
11898
11899 static int android_pno_stop(struct i802_bss *bss)
11900 {
11901 return android_priv_cmd(bss, "PNOFORCE 0");
11902 }
11903
11904 #endif /* ANDROID */
11905
11906
11907 static int driver_nl80211_set_key(const char *ifname, void *priv,
11908 enum wpa_alg alg, const u8 *addr,
11909 int key_idx, int set_tx,
11910 const u8 *seq, size_t seq_len,
11911 const u8 *key, size_t key_len)
11912 {
11913 struct i802_bss *bss = priv;
11914 return wpa_driver_nl80211_set_key(ifname, bss, alg, addr, key_idx,
11915 set_tx, seq, seq_len, key, key_len);
11916 }
11917
11918
11919 static int driver_nl80211_scan2(void *priv,
11920 struct wpa_driver_scan_params *params)
11921 {
11922 struct i802_bss *bss = priv;
11923 return wpa_driver_nl80211_scan(bss, params);
11924 }
11925
11926
11927 static int driver_nl80211_deauthenticate(void *priv, const u8 *addr,
11928 int reason_code)
11929 {
11930 struct i802_bss *bss = priv;
11931 return wpa_driver_nl80211_deauthenticate(bss, addr, reason_code);
11932 }
11933
11934
11935 static int driver_nl80211_authenticate(void *priv,
11936 struct wpa_driver_auth_params *params)
11937 {
11938 struct i802_bss *bss = priv;
11939 return wpa_driver_nl80211_authenticate(bss, params);
11940 }
11941
11942
11943 static void driver_nl80211_deinit(void *priv)
11944 {
11945 struct i802_bss *bss = priv;
11946 wpa_driver_nl80211_deinit(bss);
11947 }
11948
11949
11950 static int driver_nl80211_if_remove(void *priv, enum wpa_driver_if_type type,
11951 const char *ifname)
11952 {
11953 struct i802_bss *bss = priv;
11954 return wpa_driver_nl80211_if_remove(bss, type, ifname);
11955 }
11956
11957
11958 static int driver_nl80211_send_mlme(void *priv, const u8 *data,
11959 size_t data_len, int noack)
11960 {
11961 struct i802_bss *bss = priv;
11962 return wpa_driver_nl80211_send_mlme(bss, data, data_len, noack,
11963 0, 0, 0, 0);
11964 }
11965
11966
11967 static int driver_nl80211_sta_remove(void *priv, const u8 *addr)
11968 {
11969 struct i802_bss *bss = priv;
11970 return wpa_driver_nl80211_sta_remove(bss, addr, -1, 0);
11971 }
11972
11973
11974 static int driver_nl80211_set_sta_vlan(void *priv, const u8 *addr,
11975 const char *ifname, int vlan_id)
11976 {
11977 struct i802_bss *bss = priv;
11978 return i802_set_sta_vlan(bss, addr, ifname, vlan_id);
11979 }
11980
11981
11982 static int driver_nl80211_read_sta_data(void *priv,
11983 struct hostap_sta_driver_data *data,
11984 const u8 *addr)
11985 {
11986 struct i802_bss *bss = priv;
11987 return i802_read_sta_data(bss, data, addr);
11988 }
11989
11990
11991 static int driver_nl80211_send_action(void *priv, unsigned int freq,
11992 unsigned int wait_time,
11993 const u8 *dst, const u8 *src,
11994 const u8 *bssid,
11995 const u8 *data, size_t data_len,
11996 int no_cck)
11997 {
11998 struct i802_bss *bss = priv;
11999 return wpa_driver_nl80211_send_action(bss, freq, wait_time, dst, src,
12000 bssid, data, data_len, no_cck);
12001 }
12002
12003
12004 static int driver_nl80211_probe_req_report(void *priv, int report)
12005 {
12006 struct i802_bss *bss = priv;
12007 return wpa_driver_nl80211_probe_req_report(bss, report);
12008 }
12009
12010
12011 static int wpa_driver_nl80211_update_ft_ies(void *priv, const u8 *md,
12012 const u8 *ies, size_t ies_len)
12013 {
12014 int ret;
12015 struct nl_msg *msg;
12016 struct i802_bss *bss = priv;
12017 struct wpa_driver_nl80211_data *drv = bss->drv;
12018 u16 mdid = WPA_GET_LE16(md);
12019
12020 msg = nlmsg_alloc();
12021 if (!msg)
12022 return -ENOMEM;
12023
12024 wpa_printf(MSG_DEBUG, "nl80211: Updating FT IEs");
12025 nl80211_cmd(drv, msg, 0, NL80211_CMD_UPDATE_FT_IES);
12026 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
12027 NLA_PUT(msg, NL80211_ATTR_IE, ies_len, ies);
12028 NLA_PUT_U16(msg, NL80211_ATTR_MDID, mdid);
12029
12030 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
12031 if (ret) {
12032 wpa_printf(MSG_DEBUG, "nl80211: update_ft_ies failed "
12033 "err=%d (%s)", ret, strerror(-ret));
12034 }
12035
12036 return ret;
12037
12038 nla_put_failure:
12039 nlmsg_free(msg);
12040 return -ENOBUFS;
12041 }
12042
12043
12044 const u8 * wpa_driver_nl80211_get_macaddr(void *priv)
12045 {
12046 struct i802_bss *bss = priv;
12047 struct wpa_driver_nl80211_data *drv = bss->drv;
12048
12049 if (drv->nlmode != NL80211_IFTYPE_P2P_DEVICE)
12050 return NULL;
12051
12052 return bss->addr;
12053 }
12054
12055
12056 static const char * scan_state_str(enum scan_states scan_state)
12057 {
12058 switch (scan_state) {
12059 case NO_SCAN:
12060 return "NO_SCAN";
12061 case SCAN_REQUESTED:
12062 return "SCAN_REQUESTED";
12063 case SCAN_STARTED:
12064 return "SCAN_STARTED";
12065 case SCAN_COMPLETED:
12066 return "SCAN_COMPLETED";
12067 case SCAN_ABORTED:
12068 return "SCAN_ABORTED";
12069 case SCHED_SCAN_STARTED:
12070 return "SCHED_SCAN_STARTED";
12071 case SCHED_SCAN_STOPPED:
12072 return "SCHED_SCAN_STOPPED";
12073 case SCHED_SCAN_RESULTS:
12074 return "SCHED_SCAN_RESULTS";
12075 }
12076
12077 return "??";
12078 }
12079
12080
12081 static int wpa_driver_nl80211_status(void *priv, char *buf, size_t buflen)
12082 {
12083 struct i802_bss *bss = priv;
12084 struct wpa_driver_nl80211_data *drv = bss->drv;
12085 int res;
12086 char *pos, *end;
12087
12088 pos = buf;
12089 end = buf + buflen;
12090
12091 res = os_snprintf(pos, end - pos,
12092 "ifindex=%d\n"
12093 "ifname=%s\n"
12094 "brname=%s\n"
12095 "addr=" MACSTR "\n"
12096 "freq=%d\n"
12097 "%s%s%s%s%s",
12098 bss->ifindex,
12099 bss->ifname,
12100 bss->brname,
12101 MAC2STR(bss->addr),
12102 bss->freq,
12103 bss->beacon_set ? "beacon_set=1\n" : "",
12104 bss->added_if_into_bridge ?
12105 "added_if_into_bridge=1\n" : "",
12106 bss->added_bridge ? "added_bridge=1\n" : "",
12107 bss->in_deinit ? "in_deinit=1\n" : "",
12108 bss->if_dynamic ? "if_dynamic=1\n" : "");
12109 if (res < 0 || res >= end - pos)
12110 return pos - buf;
12111 pos += res;
12112
12113 if (bss->wdev_id_set) {
12114 res = os_snprintf(pos, end - pos, "wdev_id=%llu\n",
12115 (unsigned long long) bss->wdev_id);
12116 if (res < 0 || res >= end - pos)
12117 return pos - buf;
12118 pos += res;
12119 }
12120
12121 res = os_snprintf(pos, end - pos,
12122 "phyname=%s\n"
12123 "perm_addr=" MACSTR "\n"
12124 "drv_ifindex=%d\n"
12125 "operstate=%d\n"
12126 "scan_state=%s\n"
12127 "auth_bssid=" MACSTR "\n"
12128 "auth_attempt_bssid=" MACSTR "\n"
12129 "bssid=" MACSTR "\n"
12130 "prev_bssid=" MACSTR "\n"
12131 "associated=%d\n"
12132 "assoc_freq=%u\n"
12133 "monitor_sock=%d\n"
12134 "monitor_ifidx=%d\n"
12135 "monitor_refcount=%d\n"
12136 "last_mgmt_freq=%u\n"
12137 "eapol_tx_sock=%d\n"
12138 "%s%s%s%s%s%s%s%s%s%s%s%s%s",
12139 drv->phyname,
12140 MAC2STR(drv->perm_addr),
12141 drv->ifindex,
12142 drv->operstate,
12143 scan_state_str(drv->scan_state),
12144 MAC2STR(drv->auth_bssid),
12145 MAC2STR(drv->auth_attempt_bssid),
12146 MAC2STR(drv->bssid),
12147 MAC2STR(drv->prev_bssid),
12148 drv->associated,
12149 drv->assoc_freq,
12150 drv->monitor_sock,
12151 drv->monitor_ifidx,
12152 drv->monitor_refcount,
12153 drv->last_mgmt_freq,
12154 drv->eapol_tx_sock,
12155 drv->ignore_if_down_event ?
12156 "ignore_if_down_event=1\n" : "",
12157 drv->scan_complete_events ?
12158 "scan_complete_events=1\n" : "",
12159 drv->disabled_11b_rates ?
12160 "disabled_11b_rates=1\n" : "",
12161 drv->pending_remain_on_chan ?
12162 "pending_remain_on_chan=1\n" : "",
12163 drv->in_interface_list ? "in_interface_list=1\n" : "",
12164 drv->device_ap_sme ? "device_ap_sme=1\n" : "",
12165 drv->poll_command_supported ?
12166 "poll_command_supported=1\n" : "",
12167 drv->data_tx_status ? "data_tx_status=1\n" : "",
12168 drv->scan_for_auth ? "scan_for_auth=1\n" : "",
12169 drv->retry_auth ? "retry_auth=1\n" : "",
12170 drv->use_monitor ? "use_monitor=1\n" : "",
12171 drv->ignore_next_local_disconnect ?
12172 "ignore_next_local_disconnect=1\n" : "",
12173 drv->ignore_next_local_deauth ?
12174 "ignore_next_local_deauth=1\n" : "");
12175 if (res < 0 || res >= end - pos)
12176 return pos - buf;
12177 pos += res;
12178
12179 if (drv->has_capability) {
12180 res = os_snprintf(pos, end - pos,
12181 "capa.key_mgmt=0x%x\n"
12182 "capa.enc=0x%x\n"
12183 "capa.auth=0x%x\n"
12184 "capa.flags=0x%llx\n"
12185 "capa.max_scan_ssids=%d\n"
12186 "capa.max_sched_scan_ssids=%d\n"
12187 "capa.sched_scan_supported=%d\n"
12188 "capa.max_match_sets=%d\n"
12189 "capa.max_remain_on_chan=%u\n"
12190 "capa.max_stations=%u\n"
12191 "capa.probe_resp_offloads=0x%x\n"
12192 "capa.max_acl_mac_addrs=%u\n"
12193 "capa.num_multichan_concurrent=%u\n",
12194 drv->capa.key_mgmt,
12195 drv->capa.enc,
12196 drv->capa.auth,
12197 (unsigned long long) drv->capa.flags,
12198 drv->capa.max_scan_ssids,
12199 drv->capa.max_sched_scan_ssids,
12200 drv->capa.sched_scan_supported,
12201 drv->capa.max_match_sets,
12202 drv->capa.max_remain_on_chan,
12203 drv->capa.max_stations,
12204 drv->capa.probe_resp_offloads,
12205 drv->capa.max_acl_mac_addrs,
12206 drv->capa.num_multichan_concurrent);
12207 if (res < 0 || res >= end - pos)
12208 return pos - buf;
12209 pos += res;
12210 }
12211
12212 return pos - buf;
12213 }
12214
12215
12216 static int set_beacon_data(struct nl_msg *msg, struct beacon_data *settings)
12217 {
12218 if (settings->head)
12219 NLA_PUT(msg, NL80211_ATTR_BEACON_HEAD,
12220 settings->head_len, settings->head);
12221
12222 if (settings->tail)
12223 NLA_PUT(msg, NL80211_ATTR_BEACON_TAIL,
12224 settings->tail_len, settings->tail);
12225
12226 if (settings->beacon_ies)
12227 NLA_PUT(msg, NL80211_ATTR_IE,
12228 settings->beacon_ies_len, settings->beacon_ies);
12229
12230 if (settings->proberesp_ies)
12231 NLA_PUT(msg, NL80211_ATTR_IE_PROBE_RESP,
12232 settings->proberesp_ies_len, settings->proberesp_ies);
12233
12234 if (settings->assocresp_ies)
12235 NLA_PUT(msg,
12236 NL80211_ATTR_IE_ASSOC_RESP,
12237 settings->assocresp_ies_len, settings->assocresp_ies);
12238
12239 if (settings->probe_resp)
12240 NLA_PUT(msg, NL80211_ATTR_PROBE_RESP,
12241 settings->probe_resp_len, settings->probe_resp);
12242
12243 return 0;
12244
12245 nla_put_failure:
12246 return -ENOBUFS;
12247 }
12248
12249
12250 static int nl80211_switch_channel(void *priv, struct csa_settings *settings)
12251 {
12252 struct nl_msg *msg;
12253 struct i802_bss *bss = priv;
12254 struct wpa_driver_nl80211_data *drv = bss->drv;
12255 struct nlattr *beacon_csa;
12256 int ret = -ENOBUFS;
12257
12258 wpa_printf(MSG_DEBUG, "nl80211: Channel switch request (cs_count=%u block_tx=%u freq=%d width=%d cf1=%d cf2=%d)",
12259 settings->cs_count, settings->block_tx,
12260 settings->freq_params.freq, settings->freq_params.bandwidth,
12261 settings->freq_params.center_freq1,
12262 settings->freq_params.center_freq2);
12263
12264 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_AP_CSA)) {
12265 wpa_printf(MSG_DEBUG, "nl80211: Driver does not support channel switch command");
12266 return -EOPNOTSUPP;
12267 }
12268
12269 if ((drv->nlmode != NL80211_IFTYPE_AP) &&
12270 (drv->nlmode != NL80211_IFTYPE_P2P_GO))
12271 return -EOPNOTSUPP;
12272
12273 /* check settings validity */
12274 if (!settings->beacon_csa.tail ||
12275 ((settings->beacon_csa.tail_len <=
12276 settings->counter_offset_beacon) ||
12277 (settings->beacon_csa.tail[settings->counter_offset_beacon] !=
12278 settings->cs_count)))
12279 return -EINVAL;
12280
12281 if (settings->beacon_csa.probe_resp &&
12282 ((settings->beacon_csa.probe_resp_len <=
12283 settings->counter_offset_presp) ||
12284 (settings->beacon_csa.probe_resp[settings->counter_offset_presp] !=
12285 settings->cs_count)))
12286 return -EINVAL;
12287
12288 msg = nlmsg_alloc();
12289 if (!msg)
12290 return -ENOMEM;
12291
12292 nl80211_cmd(drv, msg, 0, NL80211_CMD_CHANNEL_SWITCH);
12293 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, bss->ifindex);
12294 NLA_PUT_U32(msg, NL80211_ATTR_CH_SWITCH_COUNT, settings->cs_count);
12295 ret = nl80211_put_freq_params(msg, &settings->freq_params);
12296 if (ret)
12297 goto error;
12298
12299 if (settings->block_tx)
12300 NLA_PUT_FLAG(msg, NL80211_ATTR_CH_SWITCH_BLOCK_TX);
12301
12302 /* beacon_after params */
12303 ret = set_beacon_data(msg, &settings->beacon_after);
12304 if (ret)
12305 goto error;
12306
12307 /* beacon_csa params */
12308 beacon_csa = nla_nest_start(msg, NL80211_ATTR_CSA_IES);
12309 if (!beacon_csa)
12310 goto nla_put_failure;
12311
12312 ret = set_beacon_data(msg, &settings->beacon_csa);
12313 if (ret)
12314 goto error;
12315
12316 NLA_PUT_U16(msg, NL80211_ATTR_CSA_C_OFF_BEACON,
12317 settings->counter_offset_beacon);
12318
12319 if (settings->beacon_csa.probe_resp)
12320 NLA_PUT_U16(msg, NL80211_ATTR_CSA_C_OFF_PRESP,
12321 settings->counter_offset_presp);
12322
12323 nla_nest_end(msg, beacon_csa);
12324 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
12325 if (ret) {
12326 wpa_printf(MSG_DEBUG, "nl80211: switch_channel failed err=%d (%s)",
12327 ret, strerror(-ret));
12328 }
12329 return ret;
12330
12331 nla_put_failure:
12332 ret = -ENOBUFS;
12333 error:
12334 nlmsg_free(msg);
12335 wpa_printf(MSG_DEBUG, "nl80211: Could not build channel switch request");
12336 return ret;
12337 }
12338
12339
12340 #ifdef CONFIG_TESTING_OPTIONS
12341 static int cmd_reply_handler(struct nl_msg *msg, void *arg)
12342 {
12343 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
12344 struct wpabuf *buf = arg;
12345
12346 if (!buf)
12347 return NL_SKIP;
12348
12349 if ((size_t) genlmsg_attrlen(gnlh, 0) > wpabuf_tailroom(buf)) {
12350 wpa_printf(MSG_INFO, "nl80211: insufficient buffer space for reply");
12351 return NL_SKIP;
12352 }
12353
12354 wpabuf_put_data(buf, genlmsg_attrdata(gnlh, 0),
12355 genlmsg_attrlen(gnlh, 0));
12356
12357 return NL_SKIP;
12358 }
12359 #endif /* CONFIG_TESTING_OPTIONS */
12360
12361
12362 static int vendor_reply_handler(struct nl_msg *msg, void *arg)
12363 {
12364 struct nlattr *tb[NL80211_ATTR_MAX + 1];
12365 struct nlattr *nl_vendor_reply, *nl;
12366 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
12367 struct wpabuf *buf = arg;
12368 int rem;
12369
12370 if (!buf)
12371 return NL_SKIP;
12372
12373 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
12374 genlmsg_attrlen(gnlh, 0), NULL);
12375 nl_vendor_reply = tb[NL80211_ATTR_VENDOR_DATA];
12376
12377 if (!nl_vendor_reply)
12378 return NL_SKIP;
12379
12380 if ((size_t) nla_len(nl_vendor_reply) > wpabuf_tailroom(buf)) {
12381 wpa_printf(MSG_INFO, "nl80211: Vendor command: insufficient buffer space for reply");
12382 return NL_SKIP;
12383 }
12384
12385 nla_for_each_nested(nl, nl_vendor_reply, rem) {
12386 wpabuf_put_data(buf, nla_data(nl), nla_len(nl));
12387 }
12388
12389 return NL_SKIP;
12390 }
12391
12392
12393 static int nl80211_vendor_cmd(void *priv, unsigned int vendor_id,
12394 unsigned int subcmd, const u8 *data,
12395 size_t data_len, struct wpabuf *buf)
12396 {
12397 struct i802_bss *bss = priv;
12398 struct wpa_driver_nl80211_data *drv = bss->drv;
12399 struct nl_msg *msg;
12400 int ret;
12401
12402 msg = nlmsg_alloc();
12403 if (!msg)
12404 return -ENOMEM;
12405
12406 #ifdef CONFIG_TESTING_OPTIONS
12407 if (vendor_id == 0xffffffff) {
12408 nl80211_cmd(drv, msg, 0, subcmd);
12409 if (nlmsg_append(msg, (void *) data, data_len, NLMSG_ALIGNTO) <
12410 0)
12411 goto nla_put_failure;
12412 ret = send_and_recv_msgs(drv, msg, cmd_reply_handler, buf);
12413 if (ret)
12414 wpa_printf(MSG_DEBUG, "nl80211: command failed err=%d",
12415 ret);
12416 return ret;
12417 }
12418 #endif /* CONFIG_TESTING_OPTIONS */
12419
12420 nl80211_cmd(drv, msg, 0, NL80211_CMD_VENDOR);
12421 if (nl80211_set_iface_id(msg, bss) < 0)
12422 goto nla_put_failure;
12423 NLA_PUT_U32(msg, NL80211_ATTR_VENDOR_ID, vendor_id);
12424 NLA_PUT_U32(msg, NL80211_ATTR_VENDOR_SUBCMD, subcmd);
12425 if (data)
12426 NLA_PUT(msg, NL80211_ATTR_VENDOR_DATA, data_len, data);
12427
12428 ret = send_and_recv_msgs(drv, msg, vendor_reply_handler, buf);
12429 if (ret)
12430 wpa_printf(MSG_DEBUG, "nl80211: vendor command failed err=%d",
12431 ret);
12432 return ret;
12433
12434 nla_put_failure:
12435 nlmsg_free(msg);
12436 return -ENOBUFS;
12437 }
12438
12439
12440 static int nl80211_set_qos_map(void *priv, const u8 *qos_map_set,
12441 u8 qos_map_set_len)
12442 {
12443 struct i802_bss *bss = priv;
12444 struct wpa_driver_nl80211_data *drv = bss->drv;
12445 struct nl_msg *msg;
12446 int ret;
12447
12448 msg = nlmsg_alloc();
12449 if (!msg)
12450 return -ENOMEM;
12451
12452 wpa_hexdump(MSG_DEBUG, "nl80211: Setting QoS Map",
12453 qos_map_set, qos_map_set_len);
12454
12455 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_QOS_MAP);
12456 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
12457 NLA_PUT(msg, NL80211_ATTR_QOS_MAP, qos_map_set_len, qos_map_set);
12458
12459 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
12460 if (ret)
12461 wpa_printf(MSG_DEBUG, "nl80211: Setting QoS Map failed");
12462
12463 return ret;
12464
12465 nla_put_failure:
12466 nlmsg_free(msg);
12467 return -ENOBUFS;
12468 }
12469
12470
12471 static int nl80211_set_wowlan(void *priv,
12472 const struct wowlan_triggers *triggers)
12473 {
12474 struct i802_bss *bss = priv;
12475 struct wpa_driver_nl80211_data *drv = bss->drv;
12476 struct nl_msg *msg;
12477 struct nlattr *wowlan_triggers;
12478 int ret;
12479
12480 msg = nlmsg_alloc();
12481 if (!msg)
12482 return -ENOMEM;
12483
12484 wpa_printf(MSG_DEBUG, "nl80211: Setting wowlan");
12485
12486 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_WOWLAN);
12487 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
12488
12489 wowlan_triggers = nla_nest_start(msg, NL80211_ATTR_WOWLAN_TRIGGERS);
12490 if (!wowlan_triggers)
12491 goto nla_put_failure;
12492
12493 if (triggers->any)
12494 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_ANY);
12495 if (triggers->disconnect)
12496 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_DISCONNECT);
12497 if (triggers->magic_pkt)
12498 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_MAGIC_PKT);
12499 if (triggers->gtk_rekey_failure)
12500 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE);
12501 if (triggers->eap_identity_req)
12502 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST);
12503 if (triggers->four_way_handshake)
12504 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE);
12505 if (triggers->rfkill_release)
12506 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_RFKILL_RELEASE);
12507
12508 nla_nest_end(msg, wowlan_triggers);
12509
12510 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
12511 if (ret)
12512 wpa_printf(MSG_DEBUG, "nl80211: Setting wowlan failed");
12513
12514 return ret;
12515
12516 nla_put_failure:
12517 nlmsg_free(msg);
12518 return -ENOBUFS;
12519 }
12520
12521
12522 static int nl80211_roaming(void *priv, int allowed, const u8 *bssid)
12523 {
12524 struct i802_bss *bss = priv;
12525 struct wpa_driver_nl80211_data *drv = bss->drv;
12526 struct nl_msg *msg;
12527 struct nlattr *params;
12528
12529 wpa_printf(MSG_DEBUG, "nl80211: Roaming policy: allowed=%d", allowed);
12530
12531 if (!drv->roaming_vendor_cmd_avail) {
12532 wpa_printf(MSG_DEBUG,
12533 "nl80211: Ignore roaming policy change since driver does not provide command for setting it");
12534 return -1;
12535 }
12536
12537 msg = nlmsg_alloc();
12538 if (!msg)
12539 return -ENOMEM;
12540
12541 nl80211_cmd(drv, msg, 0, NL80211_CMD_VENDOR);
12542
12543 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
12544 NLA_PUT_U32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA);
12545 NLA_PUT_U32(msg, NL80211_ATTR_VENDOR_SUBCMD,
12546 QCA_NL80211_VENDOR_SUBCMD_ROAMING);
12547
12548 params = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA);
12549 if (!params)
12550 goto nla_put_failure;
12551 NLA_PUT_U32(msg, QCA_WLAN_VENDOR_ATTR_ROAMING_POLICY,
12552 allowed ? QCA_ROAMING_ALLOWED_WITHIN_ESS :
12553 QCA_ROAMING_NOT_ALLOWED);
12554 if (bssid)
12555 NLA_PUT(msg, QCA_WLAN_VENDOR_ATTR_MAC_ADDR, ETH_ALEN, bssid);
12556 nla_nest_end(msg, params);
12557
12558 return send_and_recv_msgs(drv, msg, NULL, NULL);
12559
12560 nla_put_failure:
12561 nlmsg_free(msg);
12562 return -1;
12563 }
12564
12565
12566 static int nl80211_set_mac_addr(void *priv, const u8 *addr)
12567 {
12568 struct i802_bss *bss = priv;
12569 struct wpa_driver_nl80211_data *drv = bss->drv;
12570 int new_addr = addr != NULL;
12571
12572 if (!addr)
12573 addr = drv->perm_addr;
12574
12575 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 0) < 0)
12576 return -1;
12577
12578 if (linux_set_ifhwaddr(drv->global->ioctl_sock, bss->ifname, addr) < 0)
12579 {
12580 wpa_printf(MSG_DEBUG,
12581 "nl80211: failed to set_mac_addr for %s to " MACSTR,
12582 bss->ifname, MAC2STR(addr));
12583 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname,
12584 1) < 0) {
12585 wpa_printf(MSG_DEBUG,
12586 "nl80211: Could not restore interface UP after failed set_mac_addr");
12587 }
12588 return -1;
12589 }
12590
12591 wpa_printf(MSG_DEBUG, "nl80211: set_mac_addr for %s to " MACSTR,
12592 bss->ifname, MAC2STR(addr));
12593 drv->addr_changed = new_addr;
12594 os_memcpy(bss->addr, addr, ETH_ALEN);
12595
12596 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 1) < 0)
12597 {
12598 wpa_printf(MSG_DEBUG,
12599 "nl80211: Could not restore interface UP after set_mac_addr");
12600 }
12601
12602 return 0;
12603 }
12604
12605
12606 #ifdef CONFIG_MESH
12607
12608 static int wpa_driver_nl80211_init_mesh(void *priv)
12609 {
12610 if (wpa_driver_nl80211_set_mode(priv, NL80211_IFTYPE_MESH_POINT)) {
12611 wpa_printf(MSG_INFO,
12612 "nl80211: Failed to set interface into mesh mode");
12613 return -1;
12614 }
12615 return 0;
12616 }
12617
12618
12619 static int
12620 wpa_driver_nl80211_join_mesh(void *priv,
12621 struct wpa_driver_mesh_join_params *params)
12622 {
12623 struct i802_bss *bss = priv;
12624 struct wpa_driver_nl80211_data *drv = bss->drv;
12625 struct nl_msg *msg;
12626 struct nlattr *container;
12627 int ret = 0;
12628
12629 msg = nlmsg_alloc();
12630 if (!msg)
12631 return -1;
12632
12633 wpa_printf(MSG_DEBUG, "nl80211: mesh join (ifindex=%d)", drv->ifindex);
12634 nl80211_cmd(drv, msg, 0, NL80211_CMD_JOIN_MESH);
12635
12636 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
12637 /* XXX: need chtype too in case we want HT */
12638 if (params->freq) {
12639 wpa_printf(MSG_DEBUG, " * freq=%d", params->freq);
12640 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, params->freq);
12641 }
12642
12643 if (params->basic_rates) {
12644 u8 rates[NL80211_MAX_SUPP_RATES];
12645 u8 rates_len = 0;
12646 int i;
12647
12648 for (i = 0; i < NL80211_MAX_SUPP_RATES; i++) {
12649 if (params->basic_rates[i] < 0)
12650 break;
12651 rates[rates_len++] = params->basic_rates[i] / 5;
12652 }
12653
12654 NLA_PUT(msg, NL80211_ATTR_BSS_BASIC_RATES, rates_len, rates);
12655 }
12656
12657 if (params->meshid) {
12658 wpa_hexdump_ascii(MSG_DEBUG, " * SSID",
12659 params->meshid, params->meshid_len);
12660 NLA_PUT(msg, NL80211_ATTR_MESH_ID, params->meshid_len,
12661 params->meshid);
12662 }
12663
12664 wpa_printf(MSG_DEBUG, " * flags=%08X", params->flags);
12665
12666 container = nla_nest_start(msg, NL80211_ATTR_MESH_SETUP);
12667 if (!container)
12668 goto nla_put_failure;
12669
12670 if (params->ies) {
12671 wpa_hexdump(MSG_DEBUG, " * IEs", params->ies, params->ie_len);
12672 NLA_PUT(msg, NL80211_MESH_SETUP_IE, params->ie_len,
12673 params->ies);
12674 }
12675 /* WPA_DRIVER_MESH_FLAG_OPEN_AUTH is treated as default by nl80211 */
12676 if (params->flags & WPA_DRIVER_MESH_FLAG_SAE_AUTH) {
12677 NLA_PUT_U8(msg, NL80211_MESH_SETUP_AUTH_PROTOCOL, 0x1);
12678 NLA_PUT_FLAG(msg, NL80211_MESH_SETUP_USERSPACE_AUTH);
12679 }
12680 if (params->flags & WPA_DRIVER_MESH_FLAG_AMPE)
12681 NLA_PUT_FLAG(msg, NL80211_MESH_SETUP_USERSPACE_AMPE);
12682 if (params->flags & WPA_DRIVER_MESH_FLAG_USER_MPM)
12683 NLA_PUT_FLAG(msg, NL80211_MESH_SETUP_USERSPACE_MPM);
12684 nla_nest_end(msg, container);
12685
12686 container = nla_nest_start(msg, NL80211_ATTR_MESH_CONFIG);
12687 if (!container)
12688 goto nla_put_failure;
12689
12690 if (!(params->conf.flags & WPA_DRIVER_MESH_CONF_FLAG_AUTO_PLINKS))
12691 NLA_PUT_U32(msg, NL80211_MESHCONF_AUTO_OPEN_PLINKS, 0);
12692 nla_nest_end(msg, container);
12693
12694 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
12695 msg = NULL;
12696 if (ret) {
12697 wpa_printf(MSG_DEBUG, "nl80211: mesh join failed: ret=%d (%s)",
12698 ret, strerror(-ret));
12699 goto nla_put_failure;
12700 }
12701 ret = 0;
12702 bss->freq = params->freq;
12703 wpa_printf(MSG_DEBUG, "nl80211: mesh join request send successfully");
12704
12705
12706 nla_put_failure:
12707 nlmsg_free(msg);
12708 return ret;
12709 }
12710
12711
12712 static int wpa_driver_nl80211_leave_mesh(void *priv)
12713 {
12714 struct i802_bss *bss = priv;
12715 struct wpa_driver_nl80211_data *drv = bss->drv;
12716 struct nl_msg *msg;
12717 int ret = 0;
12718
12719 msg = nlmsg_alloc();
12720 if (!msg)
12721 return -1;
12722
12723 wpa_printf(MSG_DEBUG, "nl80211: mesh leave (ifindex=%d)", drv->ifindex);
12724 nl80211_cmd(drv, msg, 0, NL80211_CMD_LEAVE_MESH);
12725 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
12726
12727 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
12728 msg = NULL;
12729 if (ret) {
12730 wpa_printf(MSG_DEBUG, "nl80211: mesh leave failed: ret=%d (%s)",
12731 ret, strerror(-ret));
12732 goto nla_put_failure;
12733 }
12734 ret = 0;
12735 wpa_printf(MSG_DEBUG, "nl80211: mesh leave request send successfully");
12736
12737 nla_put_failure:
12738 nlmsg_free(msg);
12739 return ret;
12740 }
12741
12742 #endif /* CONFIG_MESH */
12743
12744
12745 const struct wpa_driver_ops wpa_driver_nl80211_ops = {
12746 .name = "nl80211",
12747 .desc = "Linux nl80211/cfg80211",
12748 .get_bssid = wpa_driver_nl80211_get_bssid,
12749 .get_ssid = wpa_driver_nl80211_get_ssid,
12750 .set_key = driver_nl80211_set_key,
12751 .scan2 = driver_nl80211_scan2,
12752 .sched_scan = wpa_driver_nl80211_sched_scan,
12753 .stop_sched_scan = wpa_driver_nl80211_stop_sched_scan,
12754 .get_scan_results2 = wpa_driver_nl80211_get_scan_results,
12755 .deauthenticate = driver_nl80211_deauthenticate,
12756 .authenticate = driver_nl80211_authenticate,
12757 .associate = wpa_driver_nl80211_associate,
12758 .global_init = nl80211_global_init,
12759 .global_deinit = nl80211_global_deinit,
12760 .init2 = wpa_driver_nl80211_init,
12761 .deinit = driver_nl80211_deinit,
12762 .get_capa = wpa_driver_nl80211_get_capa,
12763 .set_operstate = wpa_driver_nl80211_set_operstate,
12764 .set_supp_port = wpa_driver_nl80211_set_supp_port,
12765 .set_country = wpa_driver_nl80211_set_country,
12766 .get_country = wpa_driver_nl80211_get_country,
12767 .set_ap = wpa_driver_nl80211_set_ap,
12768 .set_acl = wpa_driver_nl80211_set_acl,
12769 .if_add = wpa_driver_nl80211_if_add,
12770 .if_remove = driver_nl80211_if_remove,
12771 .send_mlme = driver_nl80211_send_mlme,
12772 .get_hw_feature_data = wpa_driver_nl80211_get_hw_feature_data,
12773 .sta_add = wpa_driver_nl80211_sta_add,
12774 .sta_remove = driver_nl80211_sta_remove,
12775 .hapd_send_eapol = wpa_driver_nl80211_hapd_send_eapol,
12776 .sta_set_flags = wpa_driver_nl80211_sta_set_flags,
12777 .hapd_init = i802_init,
12778 .hapd_deinit = i802_deinit,
12779 .set_wds_sta = i802_set_wds_sta,
12780 .get_seqnum = i802_get_seqnum,
12781 .flush = i802_flush,
12782 .get_inact_sec = i802_get_inact_sec,
12783 .sta_clear_stats = i802_sta_clear_stats,
12784 .set_rts = i802_set_rts,
12785 .set_frag = i802_set_frag,
12786 .set_tx_queue_params = i802_set_tx_queue_params,
12787 .set_sta_vlan = driver_nl80211_set_sta_vlan,
12788 .sta_deauth = i802_sta_deauth,
12789 .sta_disassoc = i802_sta_disassoc,
12790 .read_sta_data = driver_nl80211_read_sta_data,
12791 .set_freq = i802_set_freq,
12792 .send_action = driver_nl80211_send_action,
12793 .send_action_cancel_wait = wpa_driver_nl80211_send_action_cancel_wait,
12794 .remain_on_channel = wpa_driver_nl80211_remain_on_channel,
12795 .cancel_remain_on_channel =
12796 wpa_driver_nl80211_cancel_remain_on_channel,
12797 .probe_req_report = driver_nl80211_probe_req_report,
12798 .deinit_ap = wpa_driver_nl80211_deinit_ap,
12799 .deinit_p2p_cli = wpa_driver_nl80211_deinit_p2p_cli,
12800 .resume = wpa_driver_nl80211_resume,
12801 .send_ft_action = nl80211_send_ft_action,
12802 .signal_monitor = nl80211_signal_monitor,
12803 .signal_poll = nl80211_signal_poll,
12804 .send_frame = nl80211_send_frame,
12805 .shared_freq = wpa_driver_nl80211_shared_freq,
12806 .set_param = nl80211_set_param,
12807 .get_radio_name = nl80211_get_radio_name,
12808 .add_pmkid = nl80211_add_pmkid,
12809 .remove_pmkid = nl80211_remove_pmkid,
12810 .flush_pmkid = nl80211_flush_pmkid,
12811 .set_rekey_info = nl80211_set_rekey_info,
12812 .poll_client = nl80211_poll_client,
12813 .set_p2p_powersave = nl80211_set_p2p_powersave,
12814 .start_dfs_cac = nl80211_start_radar_detection,
12815 .stop_ap = wpa_driver_nl80211_stop_ap,
12816 #ifdef CONFIG_TDLS
12817 .send_tdls_mgmt = nl80211_send_tdls_mgmt,
12818 .tdls_oper = nl80211_tdls_oper,
12819 #endif /* CONFIG_TDLS */
12820 .update_ft_ies = wpa_driver_nl80211_update_ft_ies,
12821 .get_mac_addr = wpa_driver_nl80211_get_macaddr,
12822 .get_survey = wpa_driver_nl80211_get_survey,
12823 .status = wpa_driver_nl80211_status,
12824 .switch_channel = nl80211_switch_channel,
12825 #ifdef ANDROID_P2P
12826 .set_noa = wpa_driver_set_p2p_noa,
12827 .get_noa = wpa_driver_get_p2p_noa,
12828 .set_ap_wps_ie = wpa_driver_set_ap_wps_p2p_ie,
12829 #endif /* ANDROID_P2P */
12830 #ifdef ANDROID
12831 .driver_cmd = wpa_driver_nl80211_driver_cmd,
12832 #endif /* ANDROID */
12833 .vendor_cmd = nl80211_vendor_cmd,
12834 .set_qos_map = nl80211_set_qos_map,
12835 .set_wowlan = nl80211_set_wowlan,
12836 .roaming = nl80211_roaming,
12837 .set_mac_addr = nl80211_set_mac_addr,
12838 #ifdef CONFIG_MESH
12839 .init_mesh = wpa_driver_nl80211_init_mesh,
12840 .join_mesh = wpa_driver_nl80211_join_mesh,
12841 .leave_mesh = wpa_driver_nl80211_leave_mesh,
12842 #endif /* CONFIG_MESH */
12843 };
Unnamed repository; edit this file 'description' to name the repository.