2 * Driver interaction with Linux nl80211/cfg80211
3 * Copyright (c) 2002-2014, Jouni Malinen <j@w1.fi>
4 * Copyright (c) 2003-2004, Instant802 Networks, Inc.
5 * Copyright (c) 2005-2006, Devicescape Software, Inc.
6 * Copyright (c) 2007, Johannes Berg <johannes@sipsolutions.net>
7 * Copyright (c) 2009-2010, Atheros Communications
9 * This software may be distributed under the terms of the BSD license.
10 * See README for more details.
14 #include <sys/ioctl.h>
15 #include <sys/types.h>
19 #include <netlink/genl/genl.h>
20 #include <netlink/genl/family.h>
21 #include <netlink/genl/ctrl.h>
22 #ifdef CONFIG_LIBNL3_ROUTE
23 #include <netlink/route/neighbour.h>
24 #endif /* CONFIG_LIBNL3_ROUTE */
25 #include <linux/rtnetlink.h>
26 #include <netpacket/packet.h>
27 #include <linux/filter.h>
28 #include <linux/errqueue.h>
29 #include "nl80211_copy.h"
33 #include "utils/list.h"
34 #include "common/qca-vendor.h"
35 #include "common/qca-vendor-attr.h"
36 #include "common/ieee802_11_defs.h"
37 #include "common/ieee802_11_common.h"
38 #include "l2_packet/l2_packet.h"
40 #include "linux_ioctl.h"
42 #include "radiotap_iter.h"
46 #ifndef SO_WIFI_STATUS
47 # if defined(__sparc__)
48 # define SO_WIFI_STATUS 0x0025
49 # elif defined(__parisc__)
50 # define SO_WIFI_STATUS 0x4022
52 # define SO_WIFI_STATUS 41
55 # define SCM_WIFI_STATUS SO_WIFI_STATUS
58 #ifndef SO_EE_ORIGIN_TXSTATUS
59 #define SO_EE_ORIGIN_TXSTATUS 4
62 #ifndef PACKET_TX_TIMESTAMP
63 #define PACKET_TX_TIMESTAMP 16
67 #include "android_drv.h"
70 /* libnl 2.0 compatibility code */
71 #define nl_handle nl_sock
72 #define nl80211_handle_alloc nl_socket_alloc_cb
73 #define nl80211_handle_destroy nl_socket_free
76 * libnl 1.1 has a bug, it tries to allocate socket numbers densely
77 * but when you free a socket again it will mess up its bitmap and
78 * and use the wrong number the next time it needs a socket ID.
79 * Therefore, we wrap the handle alloc/destroy and add our own pid
82 static uint32_t port_bitmap[32] = { 0 };
84 static struct nl_handle *nl80211_handle_alloc(void *cb)
86 struct nl_handle *handle;
87 uint32_t pid = getpid() & 0x3FFFFF;
90 handle = nl_handle_alloc_cb(cb);
92 for (i = 0; i < 1024; i++) {
93 if (port_bitmap[i / 32] & (1 << (i % 32)))
95 port_bitmap[i / 32] |= 1 << (i % 32);
100 nl_socket_set_local_port(handle, pid);
105 static void nl80211_handle_destroy(struct nl_handle *handle)
107 uint32_t port = nl_socket_get_local_port(handle);
110 port_bitmap[port / 32] &= ~(1 << (port % 32));
112 nl_handle_destroy(handle);
114 #endif /* CONFIG_LIBNL20 */
118 /* system/core/libnl_2 does not include nl_socket_set_nonblocking() */
119 static int android_nl_socket_set_nonblocking(struct nl_handle *handle)
121 return fcntl(nl_socket_get_fd(handle), F_SETFL, O_NONBLOCK);
123 #undef nl_socket_set_nonblocking
124 #define nl_socket_set_nonblocking(h) android_nl_socket_set_nonblocking(h)
128 static struct nl_handle * nl_create_handle(struct nl_cb *cb, const char *dbg)
130 struct nl_handle *handle;
132 handle = nl80211_handle_alloc(cb);
133 if (handle == NULL) {
134 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate netlink "
135 "callbacks (%s)", dbg);
139 if (genl_connect(handle)) {
140 wpa_printf(MSG_ERROR, "nl80211: Failed to connect to generic "
141 "netlink (%s)", dbg);
142 nl80211_handle_destroy(handle);
150 static void nl_destroy_handles(struct nl_handle **handle)
154 nl80211_handle_destroy(*handle);
160 #define ELOOP_SOCKET_INVALID (intptr_t) 0x8888888888888889ULL
162 #define ELOOP_SOCKET_INVALID (intptr_t) 0x88888889ULL
165 static void nl80211_register_eloop_read(struct nl_handle **handle,
166 eloop_sock_handler handler,
169 nl_socket_set_nonblocking(*handle);
170 eloop_register_read_sock(nl_socket_get_fd(*handle), handler,
171 eloop_data, *handle);
172 *handle = (void *) (((intptr_t) *handle) ^ ELOOP_SOCKET_INVALID);
176 static void nl80211_destroy_eloop_handle(struct nl_handle **handle)
178 *handle = (void *) (((intptr_t) *handle) ^ ELOOP_SOCKET_INVALID);
179 eloop_unregister_read_sock(nl_socket_get_fd(*handle));
180 nl_destroy_handles(handle);
185 #define IFF_LOWER_UP 0x10000 /* driver signals L1 up */
188 #define IFF_DORMANT 0x20000 /* driver signals dormant */
191 #ifndef IF_OPER_DORMANT
192 #define IF_OPER_DORMANT 5
198 struct nl80211_global {
199 struct dl_list interfaces;
202 int if_add_wdevid_set;
203 struct netlink_data *netlink;
205 struct nl_handle *nl;
207 int ioctl_sock; /* socket for ioctl() use */
209 struct nl_handle *nl_event;
212 struct nl80211_wiphy_data {
217 struct nl_handle *nl_beacons;
223 static void nl80211_global_deinit(void *priv);
226 struct wpa_driver_nl80211_data *drv;
227 struct i802_bss *next;
230 char ifname[IFNAMSIZ + 1];
231 char brname[IFNAMSIZ];
232 unsigned int beacon_set:1;
233 unsigned int added_if_into_bridge:1;
234 unsigned int added_bridge:1;
235 unsigned int in_deinit:1;
236 unsigned int wdev_id_set:1;
237 unsigned int added_if:1;
238 unsigned int static_ap:1;
247 struct nl_handle *nl_preq, *nl_mgmt;
250 struct nl80211_wiphy_data *wiphy_data;
251 struct dl_list wiphy_list;
254 struct wpa_driver_nl80211_data {
255 struct nl80211_global *global;
257 struct dl_list wiphy_list;
259 u8 perm_addr[ETH_ALEN];
264 int ignore_if_down_event;
265 struct rfkill_data *rfkill;
266 struct wpa_driver_capa capa;
267 u8 *extended_capa, *extended_capa_mask;
268 unsigned int extended_capa_len;
273 int scan_complete_events;
275 NO_SCAN, SCAN_REQUESTED, SCAN_STARTED, SCAN_COMPLETED,
276 SCAN_ABORTED, SCHED_SCAN_STARTED, SCHED_SCAN_STOPPED,
282 u8 auth_bssid[ETH_ALEN];
283 u8 auth_attempt_bssid[ETH_ALEN];
285 u8 prev_bssid[ETH_ALEN];
289 enum nl80211_iftype nlmode;
290 enum nl80211_iftype ap_scan_as_station;
291 unsigned int assoc_freq;
295 int monitor_refcount;
297 unsigned int disabled_11b_rates:1;
298 unsigned int pending_remain_on_chan:1;
299 unsigned int in_interface_list:1;
300 unsigned int device_ap_sme:1;
301 unsigned int poll_command_supported:1;
302 unsigned int data_tx_status:1;
303 unsigned int scan_for_auth:1;
304 unsigned int retry_auth:1;
305 unsigned int use_monitor:1;
306 unsigned int ignore_next_local_disconnect:1;
307 unsigned int ignore_next_local_deauth:1;
308 unsigned int allow_p2p_device:1;
309 unsigned int hostapd:1;
310 unsigned int start_mode_ap:1;
311 unsigned int start_iface_up:1;
312 unsigned int test_use_roc_tx:1;
313 unsigned int ignore_deauth_event:1;
314 unsigned int roaming_vendor_cmd_avail:1;
315 unsigned int dfs_vendor_cmd_avail:1;
316 unsigned int have_low_prio_scan:1;
317 unsigned int force_connect_cmd:1;
318 unsigned int addr_changed:1;
320 u64 remain_on_chan_cookie;
321 u64 send_action_cookie;
323 unsigned int last_mgmt_freq;
325 struct wpa_driver_scan_filter *filter_ssids;
326 size_t num_filter_ssids;
328 struct i802_bss *first_bss;
332 int eapol_sock; /* socket for EAPOL frames */
334 struct nl_handle *rtnl_sk; /* nl_sock for NETLINK_ROUTE */
336 int default_if_indices[16];
340 /* From failed authentication command */
342 u8 auth_bssid_[ETH_ALEN];
344 size_t auth_ssid_len;
348 u8 auth_wep_key[4][16];
349 size_t auth_wep_key_len[4];
350 int auth_wep_tx_keyidx;
351 int auth_local_state_change;
356 static void wpa_driver_nl80211_deinit(struct i802_bss *bss);
357 static void wpa_driver_nl80211_scan_timeout(void *eloop_ctx,
359 static int wpa_driver_nl80211_set_mode(struct i802_bss *bss,
360 enum nl80211_iftype nlmode);
361 static int wpa_driver_nl80211_set_mode_ibss(struct i802_bss *bss, int freq);
364 wpa_driver_nl80211_finish_drv_init(struct wpa_driver_nl80211_data *drv,
365 const u8 *set_addr, int first);
366 static int wpa_driver_nl80211_mlme(struct wpa_driver_nl80211_data *drv,
367 const u8 *addr, int cmd, u16 reason_code,
368 int local_state_change);
369 static void nl80211_remove_monitor_interface(
370 struct wpa_driver_nl80211_data *drv);
371 static int nl80211_send_frame_cmd(struct i802_bss *bss,
372 unsigned int freq, unsigned int wait,
373 const u8 *buf, size_t buf_len, u64 *cookie,
374 int no_cck, int no_ack, int offchanok);
375 static int nl80211_register_frame(struct i802_bss *bss,
376 struct nl_handle *hl_handle,
377 u16 type, const u8 *match, size_t match_len);
378 static int wpa_driver_nl80211_probe_req_report(struct i802_bss *bss,
381 static int android_pno_start(struct i802_bss *bss,
382 struct wpa_driver_scan_params *params);
383 static int android_pno_stop(struct i802_bss *bss);
384 extern int wpa_driver_nl80211_driver_cmd(void *priv, char *cmd, char *buf,
388 #ifdef ANDROID_P2P_STUB
389 int wpa_driver_set_p2p_noa(void *priv, u8 count, int start, int duration) {
392 int wpa_driver_get_p2p_noa(void *priv, u8 *buf, size_t len) {
395 int wpa_driver_set_p2p_ps(void *priv, int legacy_ps, int opp_ps, int ctwindow) {
398 int wpa_driver_set_ap_wps_p2p_ie(void *priv, const struct wpabuf *beacon,
399 const struct wpabuf *proberesp,
400 const struct wpabuf *assocresp) {
403 #else /* ANDROID_P2P_STUB */
404 int wpa_driver_set_p2p_noa(void *priv, u8 count, int start, int duration);
405 int wpa_driver_get_p2p_noa(void *priv, u8 *buf, size_t len);
406 int wpa_driver_set_p2p_ps(void *priv, int legacy_ps, int opp_ps, int ctwindow);
407 int wpa_driver_set_ap_wps_p2p_ie(void *priv, const struct wpabuf *beacon,
408 const struct wpabuf *proberesp,
409 const struct wpabuf *assocresp);
410 #endif /* ANDROID_P2P_STUB */
411 #endif /* ANDROID_P2P */
413 static void add_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx);
414 static void del_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx);
415 static int have_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx);
416 static int wpa_driver_nl80211_if_remove(struct i802_bss *bss,
417 enum wpa_driver_if_type type,
420 static int nl80211_set_channel(struct i802_bss *bss,
421 struct hostapd_freq_params *freq, int set_chan);
422 static int nl80211_disable_11b_rates(struct wpa_driver_nl80211_data *drv,
423 int ifindex, int disabled);
425 static int nl80211_leave_ibss(struct wpa_driver_nl80211_data *drv);
426 static int wpa_driver_nl80211_authenticate_retry(
427 struct wpa_driver_nl80211_data *drv);
429 static int i802_set_freq(void *priv, struct hostapd_freq_params *freq);
430 static int i802_set_iface_flags(struct i802_bss *bss, int up);
433 static const char * nl80211_command_to_string(enum nl80211_commands cmd)
435 #define C2S(x) case x: return #x;
437 C2S(NL80211_CMD_UNSPEC)
438 C2S(NL80211_CMD_GET_WIPHY)
439 C2S(NL80211_CMD_SET_WIPHY)
440 C2S(NL80211_CMD_NEW_WIPHY)
441 C2S(NL80211_CMD_DEL_WIPHY)
442 C2S(NL80211_CMD_GET_INTERFACE)
443 C2S(NL80211_CMD_SET_INTERFACE)
444 C2S(NL80211_CMD_NEW_INTERFACE)
445 C2S(NL80211_CMD_DEL_INTERFACE)
446 C2S(NL80211_CMD_GET_KEY)
447 C2S(NL80211_CMD_SET_KEY)
448 C2S(NL80211_CMD_NEW_KEY)
449 C2S(NL80211_CMD_DEL_KEY)
450 C2S(NL80211_CMD_GET_BEACON)
451 C2S(NL80211_CMD_SET_BEACON)
452 C2S(NL80211_CMD_START_AP)
453 C2S(NL80211_CMD_STOP_AP)
454 C2S(NL80211_CMD_GET_STATION)
455 C2S(NL80211_CMD_SET_STATION)
456 C2S(NL80211_CMD_NEW_STATION)
457 C2S(NL80211_CMD_DEL_STATION)
458 C2S(NL80211_CMD_GET_MPATH)
459 C2S(NL80211_CMD_SET_MPATH)
460 C2S(NL80211_CMD_NEW_MPATH)
461 C2S(NL80211_CMD_DEL_MPATH)
462 C2S(NL80211_CMD_SET_BSS)
463 C2S(NL80211_CMD_SET_REG)
464 C2S(NL80211_CMD_REQ_SET_REG)
465 C2S(NL80211_CMD_GET_MESH_CONFIG)
466 C2S(NL80211_CMD_SET_MESH_CONFIG)
467 C2S(NL80211_CMD_SET_MGMT_EXTRA_IE)
468 C2S(NL80211_CMD_GET_REG)
469 C2S(NL80211_CMD_GET_SCAN)
470 C2S(NL80211_CMD_TRIGGER_SCAN)
471 C2S(NL80211_CMD_NEW_SCAN_RESULTS)
472 C2S(NL80211_CMD_SCAN_ABORTED)
473 C2S(NL80211_CMD_REG_CHANGE)
474 C2S(NL80211_CMD_AUTHENTICATE)
475 C2S(NL80211_CMD_ASSOCIATE)
476 C2S(NL80211_CMD_DEAUTHENTICATE)
477 C2S(NL80211_CMD_DISASSOCIATE)
478 C2S(NL80211_CMD_MICHAEL_MIC_FAILURE)
479 C2S(NL80211_CMD_REG_BEACON_HINT)
480 C2S(NL80211_CMD_JOIN_IBSS)
481 C2S(NL80211_CMD_LEAVE_IBSS)
482 C2S(NL80211_CMD_TESTMODE)
483 C2S(NL80211_CMD_CONNECT)
484 C2S(NL80211_CMD_ROAM)
485 C2S(NL80211_CMD_DISCONNECT)
486 C2S(NL80211_CMD_SET_WIPHY_NETNS)
487 C2S(NL80211_CMD_GET_SURVEY)
488 C2S(NL80211_CMD_NEW_SURVEY_RESULTS)
489 C2S(NL80211_CMD_SET_PMKSA)
490 C2S(NL80211_CMD_DEL_PMKSA)
491 C2S(NL80211_CMD_FLUSH_PMKSA)
492 C2S(NL80211_CMD_REMAIN_ON_CHANNEL)
493 C2S(NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL)
494 C2S(NL80211_CMD_SET_TX_BITRATE_MASK)
495 C2S(NL80211_CMD_REGISTER_FRAME)
496 C2S(NL80211_CMD_FRAME)
497 C2S(NL80211_CMD_FRAME_TX_STATUS)
498 C2S(NL80211_CMD_SET_POWER_SAVE)
499 C2S(NL80211_CMD_GET_POWER_SAVE)
500 C2S(NL80211_CMD_SET_CQM)
501 C2S(NL80211_CMD_NOTIFY_CQM)
502 C2S(NL80211_CMD_SET_CHANNEL)
503 C2S(NL80211_CMD_SET_WDS_PEER)
504 C2S(NL80211_CMD_FRAME_WAIT_CANCEL)
505 C2S(NL80211_CMD_JOIN_MESH)
506 C2S(NL80211_CMD_LEAVE_MESH)
507 C2S(NL80211_CMD_UNPROT_DEAUTHENTICATE)
508 C2S(NL80211_CMD_UNPROT_DISASSOCIATE)
509 C2S(NL80211_CMD_NEW_PEER_CANDIDATE)
510 C2S(NL80211_CMD_GET_WOWLAN)
511 C2S(NL80211_CMD_SET_WOWLAN)
512 C2S(NL80211_CMD_START_SCHED_SCAN)
513 C2S(NL80211_CMD_STOP_SCHED_SCAN)
514 C2S(NL80211_CMD_SCHED_SCAN_RESULTS)
515 C2S(NL80211_CMD_SCHED_SCAN_STOPPED)
516 C2S(NL80211_CMD_SET_REKEY_OFFLOAD)
517 C2S(NL80211_CMD_PMKSA_CANDIDATE)
518 C2S(NL80211_CMD_TDLS_OPER)
519 C2S(NL80211_CMD_TDLS_MGMT)
520 C2S(NL80211_CMD_UNEXPECTED_FRAME)
521 C2S(NL80211_CMD_PROBE_CLIENT)
522 C2S(NL80211_CMD_REGISTER_BEACONS)
523 C2S(NL80211_CMD_UNEXPECTED_4ADDR_FRAME)
524 C2S(NL80211_CMD_SET_NOACK_MAP)
525 C2S(NL80211_CMD_CH_SWITCH_NOTIFY)
526 C2S(NL80211_CMD_START_P2P_DEVICE)
527 C2S(NL80211_CMD_STOP_P2P_DEVICE)
528 C2S(NL80211_CMD_CONN_FAILED)
529 C2S(NL80211_CMD_SET_MCAST_RATE)
530 C2S(NL80211_CMD_SET_MAC_ACL)
531 C2S(NL80211_CMD_RADAR_DETECT)
532 C2S(NL80211_CMD_GET_PROTOCOL_FEATURES)
533 C2S(NL80211_CMD_UPDATE_FT_IES)
534 C2S(NL80211_CMD_FT_EVENT)
535 C2S(NL80211_CMD_CRIT_PROTOCOL_START)
536 C2S(NL80211_CMD_CRIT_PROTOCOL_STOP)
537 C2S(NL80211_CMD_GET_COALESCE)
538 C2S(NL80211_CMD_SET_COALESCE)
539 C2S(NL80211_CMD_CHANNEL_SWITCH)
540 C2S(NL80211_CMD_VENDOR)
541 C2S(NL80211_CMD_SET_QOS_MAP)
543 return "NL80211_CMD_UNKNOWN";
549 /* Converts nl80211_chan_width to a common format */
550 static enum chan_width convert2width(int width)
553 case NL80211_CHAN_WIDTH_20_NOHT:
554 return CHAN_WIDTH_20_NOHT;
555 case NL80211_CHAN_WIDTH_20:
556 return CHAN_WIDTH_20;
557 case NL80211_CHAN_WIDTH_40:
558 return CHAN_WIDTH_40;
559 case NL80211_CHAN_WIDTH_80:
560 return CHAN_WIDTH_80;
561 case NL80211_CHAN_WIDTH_80P80:
562 return CHAN_WIDTH_80P80;
563 case NL80211_CHAN_WIDTH_160:
564 return CHAN_WIDTH_160;
566 return CHAN_WIDTH_UNKNOWN;
570 static int is_ap_interface(enum nl80211_iftype nlmode)
572 return nlmode == NL80211_IFTYPE_AP ||
573 nlmode == NL80211_IFTYPE_P2P_GO;
577 static int is_sta_interface(enum nl80211_iftype nlmode)
579 return nlmode == NL80211_IFTYPE_STATION ||
580 nlmode == NL80211_IFTYPE_P2P_CLIENT;
584 static int is_p2p_net_interface(enum nl80211_iftype nlmode)
586 return nlmode == NL80211_IFTYPE_P2P_CLIENT ||
587 nlmode == NL80211_IFTYPE_P2P_GO;
591 static struct i802_bss * get_bss_ifindex(struct wpa_driver_nl80211_data *drv,
594 struct i802_bss *bss;
596 for (bss = drv->first_bss; bss; bss = bss->next) {
597 if (bss->ifindex == ifindex)
605 static void nl80211_mark_disconnected(struct wpa_driver_nl80211_data *drv)
608 os_memcpy(drv->prev_bssid, drv->bssid, ETH_ALEN);
610 os_memset(drv->bssid, 0, ETH_ALEN);
614 struct nl80211_bss_info_arg {
615 struct wpa_driver_nl80211_data *drv;
616 struct wpa_scan_results *res;
617 unsigned int assoc_freq;
618 unsigned int ibss_freq;
619 u8 assoc_bssid[ETH_ALEN];
622 static int bss_info_handler(struct nl_msg *msg, void *arg);
626 static int ack_handler(struct nl_msg *msg, void *arg)
633 static int finish_handler(struct nl_msg *msg, void *arg)
640 static int error_handler(struct sockaddr_nl *nla, struct nlmsgerr *err,
649 static int no_seq_check(struct nl_msg *msg, void *arg)
655 static int send_and_recv(struct nl80211_global *global,
656 struct nl_handle *nl_handle, struct nl_msg *msg,
657 int (*valid_handler)(struct nl_msg *, void *),
663 cb = nl_cb_clone(global->nl_cb);
667 err = nl_send_auto_complete(nl_handle, msg);
673 nl_cb_err(cb, NL_CB_CUSTOM, error_handler, &err);
674 nl_cb_set(cb, NL_CB_FINISH, NL_CB_CUSTOM, finish_handler, &err);
675 nl_cb_set(cb, NL_CB_ACK, NL_CB_CUSTOM, ack_handler, &err);
678 nl_cb_set(cb, NL_CB_VALID, NL_CB_CUSTOM,
679 valid_handler, valid_data);
682 int res = nl_recvmsgs(nl_handle, cb);
685 "nl80211: %s->nl_recvmsgs failed: %d",
696 static int send_and_recv_msgs_global(struct nl80211_global *global,
698 int (*valid_handler)(struct nl_msg *, void *),
701 return send_and_recv(global, global->nl, msg, valid_handler,
706 static int send_and_recv_msgs(struct wpa_driver_nl80211_data *drv,
708 int (*valid_handler)(struct nl_msg *, void *),
711 return send_and_recv(drv->global, drv->global->nl, msg,
712 valid_handler, valid_data);
722 static int nl80211_set_iface_id(struct nl_msg *msg, struct i802_bss *bss)
724 if (bss->wdev_id_set)
725 NLA_PUT_U64(msg, NL80211_ATTR_WDEV, bss->wdev_id);
727 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, bss->ifindex);
735 static int family_handler(struct nl_msg *msg, void *arg)
737 struct family_data *res = arg;
738 struct nlattr *tb[CTRL_ATTR_MAX + 1];
739 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
740 struct nlattr *mcgrp;
743 nla_parse(tb, CTRL_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
744 genlmsg_attrlen(gnlh, 0), NULL);
745 if (!tb[CTRL_ATTR_MCAST_GROUPS])
748 nla_for_each_nested(mcgrp, tb[CTRL_ATTR_MCAST_GROUPS], i) {
749 struct nlattr *tb2[CTRL_ATTR_MCAST_GRP_MAX + 1];
750 nla_parse(tb2, CTRL_ATTR_MCAST_GRP_MAX, nla_data(mcgrp),
751 nla_len(mcgrp), NULL);
752 if (!tb2[CTRL_ATTR_MCAST_GRP_NAME] ||
753 !tb2[CTRL_ATTR_MCAST_GRP_ID] ||
754 os_strncmp(nla_data(tb2[CTRL_ATTR_MCAST_GRP_NAME]),
756 nla_len(tb2[CTRL_ATTR_MCAST_GRP_NAME])) != 0)
758 res->id = nla_get_u32(tb2[CTRL_ATTR_MCAST_GRP_ID]);
766 static int nl_get_multicast_id(struct nl80211_global *global,
767 const char *family, const char *group)
771 struct family_data res = { group, -ENOENT };
776 genlmsg_put(msg, 0, 0, genl_ctrl_resolve(global->nl, "nlctrl"),
777 0, 0, CTRL_CMD_GETFAMILY, 0);
778 NLA_PUT_STRING(msg, CTRL_ATTR_FAMILY_NAME, family);
780 ret = send_and_recv_msgs_global(global, msg, family_handler, &res);
791 static void * nl80211_cmd(struct wpa_driver_nl80211_data *drv,
792 struct nl_msg *msg, int flags, uint8_t cmd)
794 return genlmsg_put(msg, 0, 0, drv->global->nl80211_id,
799 struct wiphy_idx_data {
801 enum nl80211_iftype nlmode;
806 static int netdev_info_handler(struct nl_msg *msg, void *arg)
808 struct nlattr *tb[NL80211_ATTR_MAX + 1];
809 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
810 struct wiphy_idx_data *info = arg;
812 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
813 genlmsg_attrlen(gnlh, 0), NULL);
815 if (tb[NL80211_ATTR_WIPHY])
816 info->wiphy_idx = nla_get_u32(tb[NL80211_ATTR_WIPHY]);
818 if (tb[NL80211_ATTR_IFTYPE])
819 info->nlmode = nla_get_u32(tb[NL80211_ATTR_IFTYPE]);
821 if (tb[NL80211_ATTR_MAC] && info->macaddr)
822 os_memcpy(info->macaddr, nla_data(tb[NL80211_ATTR_MAC]),
829 static int nl80211_get_wiphy_index(struct i802_bss *bss)
832 struct wiphy_idx_data data = {
839 return NL80211_IFTYPE_UNSPECIFIED;
841 nl80211_cmd(bss->drv, msg, 0, NL80211_CMD_GET_INTERFACE);
843 if (nl80211_set_iface_id(msg, bss) < 0)
844 goto nla_put_failure;
846 if (send_and_recv_msgs(bss->drv, msg, netdev_info_handler, &data) == 0)
847 return data.wiphy_idx;
855 static enum nl80211_iftype nl80211_get_ifmode(struct i802_bss *bss)
858 struct wiphy_idx_data data = {
859 .nlmode = NL80211_IFTYPE_UNSPECIFIED,
867 nl80211_cmd(bss->drv, msg, 0, NL80211_CMD_GET_INTERFACE);
869 if (nl80211_set_iface_id(msg, bss) < 0)
870 goto nla_put_failure;
872 if (send_and_recv_msgs(bss->drv, msg, netdev_info_handler, &data) == 0)
877 return NL80211_IFTYPE_UNSPECIFIED;
881 static int nl80211_get_macaddr(struct i802_bss *bss)
884 struct wiphy_idx_data data = {
885 .macaddr = bss->addr,
890 return NL80211_IFTYPE_UNSPECIFIED;
892 nl80211_cmd(bss->drv, msg, 0, NL80211_CMD_GET_INTERFACE);
893 if (nl80211_set_iface_id(msg, bss) < 0)
894 goto nla_put_failure;
896 return send_and_recv_msgs(bss->drv, msg, netdev_info_handler, &data);
900 return NL80211_IFTYPE_UNSPECIFIED;
904 static int nl80211_register_beacons(struct wpa_driver_nl80211_data *drv,
905 struct nl80211_wiphy_data *w)
914 nl80211_cmd(drv, msg, 0, NL80211_CMD_REGISTER_BEACONS);
916 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, w->wiphy_idx);
918 ret = send_and_recv(drv->global, w->nl_beacons, msg, NULL, NULL);
921 wpa_printf(MSG_DEBUG, "nl80211: Register beacons command "
922 "failed: ret=%d (%s)",
923 ret, strerror(-ret));
924 goto nla_put_failure;
933 static void nl80211_recv_beacons(int sock, void *eloop_ctx, void *handle)
935 struct nl80211_wiphy_data *w = eloop_ctx;
938 wpa_printf(MSG_EXCESSIVE, "nl80211: Beacon event message available");
940 res = nl_recvmsgs(handle, w->nl_cb);
942 wpa_printf(MSG_INFO, "nl80211: %s->nl_recvmsgs failed: %d",
948 static int process_beacon_event(struct nl_msg *msg, void *arg)
950 struct nl80211_wiphy_data *w = arg;
951 struct wpa_driver_nl80211_data *drv;
952 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
953 struct nlattr *tb[NL80211_ATTR_MAX + 1];
954 union wpa_event_data event;
956 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
957 genlmsg_attrlen(gnlh, 0), NULL);
959 if (gnlh->cmd != NL80211_CMD_FRAME) {
960 wpa_printf(MSG_DEBUG, "nl80211: Unexpected beacon event? (%d)",
965 if (!tb[NL80211_ATTR_FRAME])
968 dl_list_for_each(drv, &w->drvs, struct wpa_driver_nl80211_data,
970 os_memset(&event, 0, sizeof(event));
971 event.rx_mgmt.frame = nla_data(tb[NL80211_ATTR_FRAME]);
972 event.rx_mgmt.frame_len = nla_len(tb[NL80211_ATTR_FRAME]);
973 wpa_supplicant_event(drv->ctx, EVENT_RX_MGMT, &event);
980 static struct nl80211_wiphy_data *
981 nl80211_get_wiphy_data_ap(struct i802_bss *bss)
983 static DEFINE_DL_LIST(nl80211_wiphys);
984 struct nl80211_wiphy_data *w;
985 int wiphy_idx, found = 0;
986 struct i802_bss *tmp_bss;
988 if (bss->wiphy_data != NULL)
989 return bss->wiphy_data;
991 wiphy_idx = nl80211_get_wiphy_index(bss);
993 dl_list_for_each(w, &nl80211_wiphys, struct nl80211_wiphy_data, list) {
994 if (w->wiphy_idx == wiphy_idx)
999 w = os_zalloc(sizeof(*w));
1002 w->wiphy_idx = wiphy_idx;
1003 dl_list_init(&w->bsss);
1004 dl_list_init(&w->drvs);
1006 w->nl_cb = nl_cb_alloc(NL_CB_DEFAULT);
1011 nl_cb_set(w->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM, no_seq_check, NULL);
1012 nl_cb_set(w->nl_cb, NL_CB_VALID, NL_CB_CUSTOM, process_beacon_event,
1015 w->nl_beacons = nl_create_handle(bss->drv->global->nl_cb,
1017 if (w->nl_beacons == NULL) {
1022 if (nl80211_register_beacons(bss->drv, w)) {
1023 nl_destroy_handles(&w->nl_beacons);
1028 nl80211_register_eloop_read(&w->nl_beacons, nl80211_recv_beacons, w);
1030 dl_list_add(&nl80211_wiphys, &w->list);
1033 /* drv entry for this bss already there? */
1034 dl_list_for_each(tmp_bss, &w->bsss, struct i802_bss, wiphy_list) {
1035 if (tmp_bss->drv == bss->drv) {
1042 dl_list_add(&w->drvs, &bss->drv->wiphy_list);
1044 dl_list_add(&w->bsss, &bss->wiphy_list);
1045 bss->wiphy_data = w;
1050 static void nl80211_put_wiphy_data_ap(struct i802_bss *bss)
1052 struct nl80211_wiphy_data *w = bss->wiphy_data;
1053 struct i802_bss *tmp_bss;
1058 bss->wiphy_data = NULL;
1059 dl_list_del(&bss->wiphy_list);
1061 /* still any for this drv present? */
1062 dl_list_for_each(tmp_bss, &w->bsss, struct i802_bss, wiphy_list) {
1063 if (tmp_bss->drv == bss->drv) {
1068 /* if not remove it */
1070 dl_list_del(&bss->drv->wiphy_list);
1072 if (!dl_list_empty(&w->bsss))
1075 nl80211_destroy_eloop_handle(&w->nl_beacons);
1077 nl_cb_put(w->nl_cb);
1078 dl_list_del(&w->list);
1083 static int wpa_driver_nl80211_get_bssid(void *priv, u8 *bssid)
1085 struct i802_bss *bss = priv;
1086 struct wpa_driver_nl80211_data *drv = bss->drv;
1087 if (!drv->associated)
1089 os_memcpy(bssid, drv->bssid, ETH_ALEN);
1094 static int wpa_driver_nl80211_get_ssid(void *priv, u8 *ssid)
1096 struct i802_bss *bss = priv;
1097 struct wpa_driver_nl80211_data *drv = bss->drv;
1098 if (!drv->associated)
1100 os_memcpy(ssid, drv->ssid, drv->ssid_len);
1101 return drv->ssid_len;
1105 static void wpa_driver_nl80211_event_newlink(
1106 struct wpa_driver_nl80211_data *drv, char *ifname)
1108 union wpa_event_data event;
1110 if (os_strcmp(drv->first_bss->ifname, ifname) == 0) {
1111 if (if_nametoindex(drv->first_bss->ifname) == 0) {
1112 wpa_printf(MSG_DEBUG, "nl80211: Interface %s does not exist - ignore RTM_NEWLINK",
1113 drv->first_bss->ifname);
1116 if (!drv->if_removed)
1118 wpa_printf(MSG_DEBUG, "nl80211: Mark if_removed=0 for %s based on RTM_NEWLINK event",
1119 drv->first_bss->ifname);
1120 drv->if_removed = 0;
1123 os_memset(&event, 0, sizeof(event));
1124 os_strlcpy(event.interface_status.ifname, ifname,
1125 sizeof(event.interface_status.ifname));
1126 event.interface_status.ievent = EVENT_INTERFACE_ADDED;
1127 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_STATUS, &event);
1131 static void wpa_driver_nl80211_event_dellink(
1132 struct wpa_driver_nl80211_data *drv, char *ifname)
1134 union wpa_event_data event;
1136 if (os_strcmp(drv->first_bss->ifname, ifname) == 0) {
1137 if (drv->if_removed) {
1138 wpa_printf(MSG_DEBUG, "nl80211: if_removed already set - ignore RTM_DELLINK event for %s",
1142 wpa_printf(MSG_DEBUG, "RTM_DELLINK: Interface '%s' removed - mark if_removed=1",
1144 drv->if_removed = 1;
1146 wpa_printf(MSG_DEBUG, "RTM_DELLINK: Interface '%s' removed",
1150 os_memset(&event, 0, sizeof(event));
1151 os_strlcpy(event.interface_status.ifname, ifname,
1152 sizeof(event.interface_status.ifname));
1153 event.interface_status.ievent = EVENT_INTERFACE_REMOVED;
1154 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_STATUS, &event);
1158 static int wpa_driver_nl80211_own_ifname(struct wpa_driver_nl80211_data *drv,
1159 u8 *buf, size_t len)
1161 int attrlen, rta_len;
1162 struct rtattr *attr;
1165 attr = (struct rtattr *) buf;
1167 rta_len = RTA_ALIGN(sizeof(struct rtattr));
1168 while (RTA_OK(attr, attrlen)) {
1169 if (attr->rta_type == IFLA_IFNAME) {
1170 if (os_strcmp(((char *) attr) + rta_len,
1171 drv->first_bss->ifname) == 0)
1176 attr = RTA_NEXT(attr, attrlen);
1183 static int wpa_driver_nl80211_own_ifindex(struct wpa_driver_nl80211_data *drv,
1184 int ifindex, u8 *buf, size_t len)
1186 if (drv->ifindex == ifindex)
1189 if (drv->if_removed && wpa_driver_nl80211_own_ifname(drv, buf, len)) {
1190 wpa_printf(MSG_DEBUG, "nl80211: Update ifindex for a removed "
1192 wpa_driver_nl80211_finish_drv_init(drv, NULL, 0);
1200 static struct wpa_driver_nl80211_data *
1201 nl80211_find_drv(struct nl80211_global *global, int idx, u8 *buf, size_t len)
1203 struct wpa_driver_nl80211_data *drv;
1204 dl_list_for_each(drv, &global->interfaces,
1205 struct wpa_driver_nl80211_data, list) {
1206 if (wpa_driver_nl80211_own_ifindex(drv, idx, buf, len) ||
1207 have_ifidx(drv, idx))
1214 static void wpa_driver_nl80211_event_rtm_newlink(void *ctx,
1215 struct ifinfomsg *ifi,
1216 u8 *buf, size_t len)
1218 struct nl80211_global *global = ctx;
1219 struct wpa_driver_nl80211_data *drv;
1221 struct rtattr *attr;
1223 char namebuf[IFNAMSIZ];
1224 char ifname[IFNAMSIZ + 1];
1225 char extra[100], *pos, *end;
1227 drv = nl80211_find_drv(global, ifi->ifi_index, buf, len);
1229 wpa_printf(MSG_DEBUG, "nl80211: Ignore RTM_NEWLINK event for foreign ifindex %d",
1236 end = pos + sizeof(extra);
1240 attr = (struct rtattr *) buf;
1241 while (RTA_OK(attr, attrlen)) {
1242 switch (attr->rta_type) {
1244 if (RTA_PAYLOAD(attr) >= IFNAMSIZ)
1246 os_memcpy(ifname, RTA_DATA(attr), RTA_PAYLOAD(attr));
1247 ifname[RTA_PAYLOAD(attr)] = '\0';
1250 brid = nla_get_u32((struct nlattr *) attr);
1251 pos += os_snprintf(pos, end - pos, " master=%u", brid);
1254 pos += os_snprintf(pos, end - pos, " wext");
1256 case IFLA_OPERSTATE:
1257 pos += os_snprintf(pos, end - pos, " operstate=%u",
1258 nla_get_u32((struct nlattr *) attr));
1261 pos += os_snprintf(pos, end - pos, " linkmode=%u",
1262 nla_get_u32((struct nlattr *) attr));
1265 attr = RTA_NEXT(attr, attrlen);
1267 extra[sizeof(extra) - 1] = '\0';
1269 wpa_printf(MSG_DEBUG, "RTM_NEWLINK: ifi_index=%d ifname=%s%s ifi_family=%d ifi_flags=0x%x (%s%s%s%s)",
1270 ifi->ifi_index, ifname, extra, ifi->ifi_family,
1272 (ifi->ifi_flags & IFF_UP) ? "[UP]" : "",
1273 (ifi->ifi_flags & IFF_RUNNING) ? "[RUNNING]" : "",
1274 (ifi->ifi_flags & IFF_LOWER_UP) ? "[LOWER_UP]" : "",
1275 (ifi->ifi_flags & IFF_DORMANT) ? "[DORMANT]" : "");
1277 if (!drv->if_disabled && !(ifi->ifi_flags & IFF_UP)) {
1278 if (if_indextoname(ifi->ifi_index, namebuf) &&
1279 linux_iface_up(drv->global->ioctl_sock,
1280 drv->first_bss->ifname) > 0) {
1281 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface down "
1282 "event since interface %s is up", namebuf);
1285 wpa_printf(MSG_DEBUG, "nl80211: Interface down");
1286 if (drv->ignore_if_down_event) {
1287 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface down "
1288 "event generated by mode change");
1289 drv->ignore_if_down_event = 0;
1291 drv->if_disabled = 1;
1292 wpa_supplicant_event(drv->ctx,
1293 EVENT_INTERFACE_DISABLED, NULL);
1296 * Try to get drv again, since it may be removed as
1297 * part of the EVENT_INTERFACE_DISABLED handling for
1298 * dynamic interfaces
1300 drv = nl80211_find_drv(global, ifi->ifi_index,
1307 if (drv->if_disabled && (ifi->ifi_flags & IFF_UP)) {
1308 if (if_indextoname(ifi->ifi_index, namebuf) &&
1309 linux_iface_up(drv->global->ioctl_sock,
1310 drv->first_bss->ifname) == 0) {
1311 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface up "
1312 "event since interface %s is down",
1314 } else if (if_nametoindex(drv->first_bss->ifname) == 0) {
1315 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface up "
1316 "event since interface %s does not exist",
1317 drv->first_bss->ifname);
1318 } else if (drv->if_removed) {
1319 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface up "
1320 "event since interface %s is marked "
1321 "removed", drv->first_bss->ifname);
1323 wpa_printf(MSG_DEBUG, "nl80211: Interface up");
1324 drv->if_disabled = 0;
1325 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_ENABLED,
1331 * Some drivers send the association event before the operup event--in
1332 * this case, lifting operstate in wpa_driver_nl80211_set_operstate()
1333 * fails. This will hit us when wpa_supplicant does not need to do
1334 * IEEE 802.1X authentication
1336 if (drv->operstate == 1 &&
1337 (ifi->ifi_flags & (IFF_LOWER_UP | IFF_DORMANT)) == IFF_LOWER_UP &&
1338 !(ifi->ifi_flags & IFF_RUNNING)) {
1339 wpa_printf(MSG_DEBUG, "nl80211: Set IF_OPER_UP again based on ifi_flags and expected operstate");
1340 netlink_send_oper_ifla(drv->global->netlink, drv->ifindex,
1345 wpa_driver_nl80211_event_newlink(drv, ifname);
1347 if (ifi->ifi_family == AF_BRIDGE && brid) {
1348 /* device has been added to bridge */
1349 if_indextoname(brid, namebuf);
1350 wpa_printf(MSG_DEBUG, "nl80211: Add ifindex %u for bridge %s",
1352 add_ifidx(drv, brid);
1357 static void wpa_driver_nl80211_event_rtm_dellink(void *ctx,
1358 struct ifinfomsg *ifi,
1359 u8 *buf, size_t len)
1361 struct nl80211_global *global = ctx;
1362 struct wpa_driver_nl80211_data *drv;
1364 struct rtattr *attr;
1366 char ifname[IFNAMSIZ + 1];
1367 char extra[100], *pos, *end;
1369 drv = nl80211_find_drv(global, ifi->ifi_index, buf, len);
1371 wpa_printf(MSG_DEBUG, "nl80211: Ignore RTM_DELLINK event for foreign ifindex %d",
1378 end = pos + sizeof(extra);
1382 attr = (struct rtattr *) buf;
1383 while (RTA_OK(attr, attrlen)) {
1384 switch (attr->rta_type) {
1386 if (RTA_PAYLOAD(attr) >= IFNAMSIZ)
1388 os_memcpy(ifname, RTA_DATA(attr), RTA_PAYLOAD(attr));
1389 ifname[RTA_PAYLOAD(attr)] = '\0';
1392 brid = nla_get_u32((struct nlattr *) attr);
1393 pos += os_snprintf(pos, end - pos, " master=%u", brid);
1395 case IFLA_OPERSTATE:
1396 pos += os_snprintf(pos, end - pos, " operstate=%u",
1397 nla_get_u32((struct nlattr *) attr));
1400 pos += os_snprintf(pos, end - pos, " linkmode=%u",
1401 nla_get_u32((struct nlattr *) attr));
1404 attr = RTA_NEXT(attr, attrlen);
1406 extra[sizeof(extra) - 1] = '\0';
1408 wpa_printf(MSG_DEBUG, "RTM_DELLINK: ifi_index=%d ifname=%s%s ifi_family=%d ifi_flags=0x%x (%s%s%s%s)",
1409 ifi->ifi_index, ifname, extra, ifi->ifi_family,
1411 (ifi->ifi_flags & IFF_UP) ? "[UP]" : "",
1412 (ifi->ifi_flags & IFF_RUNNING) ? "[RUNNING]" : "",
1413 (ifi->ifi_flags & IFF_LOWER_UP) ? "[LOWER_UP]" : "",
1414 (ifi->ifi_flags & IFF_DORMANT) ? "[DORMANT]" : "");
1416 if (ifname[0] && (ifi->ifi_family != AF_BRIDGE || !brid))
1417 wpa_driver_nl80211_event_dellink(drv, ifname);
1419 if (ifi->ifi_family == AF_BRIDGE && brid) {
1420 /* device has been removed from bridge */
1421 char namebuf[IFNAMSIZ];
1422 if_indextoname(brid, namebuf);
1423 wpa_printf(MSG_DEBUG, "nl80211: Remove ifindex %u for bridge "
1424 "%s", brid, namebuf);
1425 del_ifidx(drv, brid);
1430 static void mlme_event_auth(struct wpa_driver_nl80211_data *drv,
1431 const u8 *frame, size_t len)
1433 const struct ieee80211_mgmt *mgmt;
1434 union wpa_event_data event;
1436 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME) &&
1437 drv->force_connect_cmd) {
1439 * Avoid reporting two association events that would confuse
1442 wpa_printf(MSG_DEBUG,
1443 "nl80211: Ignore auth event when using driver SME");
1447 wpa_printf(MSG_DEBUG, "nl80211: Authenticate event");
1448 mgmt = (const struct ieee80211_mgmt *) frame;
1449 if (len < 24 + sizeof(mgmt->u.auth)) {
1450 wpa_printf(MSG_DEBUG, "nl80211: Too short association event "
1455 os_memcpy(drv->auth_bssid, mgmt->sa, ETH_ALEN);
1456 os_memset(drv->auth_attempt_bssid, 0, ETH_ALEN);
1457 os_memset(&event, 0, sizeof(event));
1458 os_memcpy(event.auth.peer, mgmt->sa, ETH_ALEN);
1459 event.auth.auth_type = le_to_host16(mgmt->u.auth.auth_alg);
1460 event.auth.auth_transaction =
1461 le_to_host16(mgmt->u.auth.auth_transaction);
1462 event.auth.status_code = le_to_host16(mgmt->u.auth.status_code);
1463 if (len > 24 + sizeof(mgmt->u.auth)) {
1464 event.auth.ies = mgmt->u.auth.variable;
1465 event.auth.ies_len = len - 24 - sizeof(mgmt->u.auth);
1468 wpa_supplicant_event(drv->ctx, EVENT_AUTH, &event);
1472 static unsigned int nl80211_get_assoc_freq(struct wpa_driver_nl80211_data *drv)
1476 struct nl80211_bss_info_arg arg;
1478 os_memset(&arg, 0, sizeof(arg));
1479 msg = nlmsg_alloc();
1481 goto nla_put_failure;
1483 nl80211_cmd(drv, msg, NLM_F_DUMP, NL80211_CMD_GET_SCAN);
1484 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
1487 ret = send_and_recv_msgs(drv, msg, bss_info_handler, &arg);
1490 unsigned int freq = drv->nlmode == NL80211_IFTYPE_ADHOC ?
1491 arg.ibss_freq : arg.assoc_freq;
1492 wpa_printf(MSG_DEBUG, "nl80211: Operating frequency for the "
1493 "associated BSS from scan results: %u MHz", freq);
1495 drv->assoc_freq = freq;
1496 return drv->assoc_freq;
1498 wpa_printf(MSG_DEBUG, "nl80211: Scan result fetch failed: ret=%d "
1499 "(%s)", ret, strerror(-ret));
1502 return drv->assoc_freq;
1506 static void mlme_event_assoc(struct wpa_driver_nl80211_data *drv,
1507 const u8 *frame, size_t len)
1509 const struct ieee80211_mgmt *mgmt;
1510 union wpa_event_data event;
1513 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME) &&
1514 drv->force_connect_cmd) {
1516 * Avoid reporting two association events that would confuse
1519 wpa_printf(MSG_DEBUG,
1520 "nl80211: Ignore assoc event when using driver SME");
1524 wpa_printf(MSG_DEBUG, "nl80211: Associate event");
1525 mgmt = (const struct ieee80211_mgmt *) frame;
1526 if (len < 24 + sizeof(mgmt->u.assoc_resp)) {
1527 wpa_printf(MSG_DEBUG, "nl80211: Too short association event "
1532 status = le_to_host16(mgmt->u.assoc_resp.status_code);
1533 if (status != WLAN_STATUS_SUCCESS) {
1534 os_memset(&event, 0, sizeof(event));
1535 event.assoc_reject.bssid = mgmt->bssid;
1536 if (len > 24 + sizeof(mgmt->u.assoc_resp)) {
1537 event.assoc_reject.resp_ies =
1538 (u8 *) mgmt->u.assoc_resp.variable;
1539 event.assoc_reject.resp_ies_len =
1540 len - 24 - sizeof(mgmt->u.assoc_resp);
1542 event.assoc_reject.status_code = status;
1544 wpa_supplicant_event(drv->ctx, EVENT_ASSOC_REJECT, &event);
1548 drv->associated = 1;
1549 os_memcpy(drv->bssid, mgmt->sa, ETH_ALEN);
1550 os_memcpy(drv->prev_bssid, mgmt->sa, ETH_ALEN);
1552 os_memset(&event, 0, sizeof(event));
1553 if (len > 24 + sizeof(mgmt->u.assoc_resp)) {
1554 event.assoc_info.resp_ies = (u8 *) mgmt->u.assoc_resp.variable;
1555 event.assoc_info.resp_ies_len =
1556 len - 24 - sizeof(mgmt->u.assoc_resp);
1559 event.assoc_info.freq = drv->assoc_freq;
1561 wpa_supplicant_event(drv->ctx, EVENT_ASSOC, &event);
1565 static void mlme_event_connect(struct wpa_driver_nl80211_data *drv,
1566 enum nl80211_commands cmd, struct nlattr *status,
1567 struct nlattr *addr, struct nlattr *req_ie,
1568 struct nlattr *resp_ie)
1570 union wpa_event_data event;
1572 if (drv->capa.flags & WPA_DRIVER_FLAGS_SME) {
1574 * Avoid reporting two association events that would confuse
1577 wpa_printf(MSG_DEBUG, "nl80211: Ignore connect event (cmd=%d) "
1578 "when using userspace SME", cmd);
1582 if (cmd == NL80211_CMD_CONNECT)
1583 wpa_printf(MSG_DEBUG, "nl80211: Connect event");
1584 else if (cmd == NL80211_CMD_ROAM)
1585 wpa_printf(MSG_DEBUG, "nl80211: Roam event");
1587 os_memset(&event, 0, sizeof(event));
1588 if (cmd == NL80211_CMD_CONNECT &&
1589 nla_get_u16(status) != WLAN_STATUS_SUCCESS) {
1591 event.assoc_reject.bssid = nla_data(addr);
1593 event.assoc_reject.resp_ies = nla_data(resp_ie);
1594 event.assoc_reject.resp_ies_len = nla_len(resp_ie);
1596 event.assoc_reject.status_code = nla_get_u16(status);
1597 wpa_supplicant_event(drv->ctx, EVENT_ASSOC_REJECT, &event);
1601 drv->associated = 1;
1603 os_memcpy(drv->bssid, nla_data(addr), ETH_ALEN);
1604 os_memcpy(drv->prev_bssid, drv->bssid, ETH_ALEN);
1608 event.assoc_info.req_ies = nla_data(req_ie);
1609 event.assoc_info.req_ies_len = nla_len(req_ie);
1612 event.assoc_info.resp_ies = nla_data(resp_ie);
1613 event.assoc_info.resp_ies_len = nla_len(resp_ie);
1616 event.assoc_info.freq = nl80211_get_assoc_freq(drv);
1618 wpa_supplicant_event(drv->ctx, EVENT_ASSOC, &event);
1622 static void mlme_event_disconnect(struct wpa_driver_nl80211_data *drv,
1623 struct nlattr *reason, struct nlattr *addr,
1624 struct nlattr *by_ap)
1626 union wpa_event_data data;
1627 unsigned int locally_generated = by_ap == NULL;
1629 if (drv->capa.flags & WPA_DRIVER_FLAGS_SME) {
1631 * Avoid reporting two disassociation events that could
1632 * confuse the core code.
1634 wpa_printf(MSG_DEBUG, "nl80211: Ignore disconnect "
1635 "event when using userspace SME");
1639 if (drv->ignore_next_local_disconnect) {
1640 drv->ignore_next_local_disconnect = 0;
1641 if (locally_generated) {
1642 wpa_printf(MSG_DEBUG, "nl80211: Ignore disconnect "
1643 "event triggered during reassociation");
1646 wpa_printf(MSG_WARNING, "nl80211: Was expecting local "
1647 "disconnect but got another disconnect "
1651 wpa_printf(MSG_DEBUG, "nl80211: Disconnect event");
1652 nl80211_mark_disconnected(drv);
1653 os_memset(&data, 0, sizeof(data));
1655 data.deauth_info.reason_code = nla_get_u16(reason);
1656 data.deauth_info.locally_generated = by_ap == NULL;
1657 wpa_supplicant_event(drv->ctx, EVENT_DEAUTH, &data);
1661 static int calculate_chan_offset(int width, int freq, int cf1, int cf2)
1665 switch (convert2width(width)) {
1666 case CHAN_WIDTH_20_NOHT:
1675 case CHAN_WIDTH_160:
1678 case CHAN_WIDTH_UNKNOWN:
1679 case CHAN_WIDTH_80P80:
1680 /* FIXME: implement this */
1684 return (abs(freq - freq1) / 20) % 2 == 0 ? 1 : -1;
1688 static void mlme_event_ch_switch(struct wpa_driver_nl80211_data *drv,
1689 struct nlattr *ifindex, struct nlattr *freq,
1690 struct nlattr *type, struct nlattr *bw,
1691 struct nlattr *cf1, struct nlattr *cf2)
1693 struct i802_bss *bss;
1694 union wpa_event_data data;
1696 int chan_offset = 0;
1699 wpa_printf(MSG_DEBUG, "nl80211: Channel switch event");
1704 ifidx = nla_get_u32(ifindex);
1705 bss = get_bss_ifindex(drv, ifidx);
1707 wpa_printf(MSG_WARNING, "nl80211: Unknown ifindex (%d) for channel switch, ignoring",
1713 switch (nla_get_u32(type)) {
1714 case NL80211_CHAN_NO_HT:
1717 case NL80211_CHAN_HT20:
1719 case NL80211_CHAN_HT40PLUS:
1722 case NL80211_CHAN_HT40MINUS:
1726 } else if (bw && cf1) {
1727 /* This can happen for example with VHT80 ch switch */
1728 chan_offset = calculate_chan_offset(nla_get_u32(bw),
1731 cf2 ? nla_get_u32(cf2) : 0);
1733 wpa_printf(MSG_WARNING, "nl80211: Unknown secondary channel information - following channel definition calculations may fail");
1736 os_memset(&data, 0, sizeof(data));
1737 data.ch_switch.freq = nla_get_u32(freq);
1738 data.ch_switch.ht_enabled = ht_enabled;
1739 data.ch_switch.ch_offset = chan_offset;
1741 data.ch_switch.ch_width = convert2width(nla_get_u32(bw));
1743 data.ch_switch.cf1 = nla_get_u32(cf1);
1745 data.ch_switch.cf2 = nla_get_u32(cf2);
1747 bss->freq = data.ch_switch.freq;
1749 wpa_supplicant_event(bss->ctx, EVENT_CH_SWITCH, &data);
1753 static void mlme_timeout_event(struct wpa_driver_nl80211_data *drv,
1754 enum nl80211_commands cmd, struct nlattr *addr)
1756 union wpa_event_data event;
1757 enum wpa_event_type ev;
1759 if (nla_len(addr) != ETH_ALEN)
1762 wpa_printf(MSG_DEBUG, "nl80211: MLME event %d; timeout with " MACSTR,
1763 cmd, MAC2STR((u8 *) nla_data(addr)));
1765 if (cmd == NL80211_CMD_AUTHENTICATE)
1766 ev = EVENT_AUTH_TIMED_OUT;
1767 else if (cmd == NL80211_CMD_ASSOCIATE)
1768 ev = EVENT_ASSOC_TIMED_OUT;
1772 os_memset(&event, 0, sizeof(event));
1773 os_memcpy(event.timeout_event.addr, nla_data(addr), ETH_ALEN);
1774 wpa_supplicant_event(drv->ctx, ev, &event);
1778 static void mlme_event_mgmt(struct i802_bss *bss,
1779 struct nlattr *freq, struct nlattr *sig,
1780 const u8 *frame, size_t len)
1782 struct wpa_driver_nl80211_data *drv = bss->drv;
1783 const struct ieee80211_mgmt *mgmt;
1784 union wpa_event_data event;
1789 wpa_printf(MSG_MSGDUMP, "nl80211: Frame event");
1790 mgmt = (const struct ieee80211_mgmt *) frame;
1792 wpa_printf(MSG_DEBUG, "nl80211: Too short management frame");
1796 fc = le_to_host16(mgmt->frame_control);
1797 stype = WLAN_FC_GET_STYPE(fc);
1800 ssi_signal = (s32) nla_get_u32(sig);
1802 os_memset(&event, 0, sizeof(event));
1804 event.rx_mgmt.freq = nla_get_u32(freq);
1805 rx_freq = drv->last_mgmt_freq = event.rx_mgmt.freq;
1807 wpa_printf(MSG_DEBUG,
1808 "nl80211: RX frame sa=" MACSTR
1809 " freq=%d ssi_signal=%d stype=%u (%s) len=%u",
1810 MAC2STR(mgmt->sa), rx_freq, ssi_signal, stype, fc2str(fc),
1811 (unsigned int) len);
1812 event.rx_mgmt.frame = frame;
1813 event.rx_mgmt.frame_len = len;
1814 event.rx_mgmt.ssi_signal = ssi_signal;
1815 event.rx_mgmt.drv_priv = bss;
1816 wpa_supplicant_event(drv->ctx, EVENT_RX_MGMT, &event);
1820 static void mlme_event_mgmt_tx_status(struct wpa_driver_nl80211_data *drv,
1821 struct nlattr *cookie, const u8 *frame,
1822 size_t len, struct nlattr *ack)
1824 union wpa_event_data event;
1825 const struct ieee80211_hdr *hdr;
1828 wpa_printf(MSG_DEBUG, "nl80211: Frame TX status event");
1829 if (!is_ap_interface(drv->nlmode)) {
1835 cookie_val = nla_get_u64(cookie);
1836 wpa_printf(MSG_DEBUG, "nl80211: Action TX status:"
1837 " cookie=0%llx%s (ack=%d)",
1838 (long long unsigned int) cookie_val,
1839 cookie_val == drv->send_action_cookie ?
1840 " (match)" : " (unknown)", ack != NULL);
1841 if (cookie_val != drv->send_action_cookie)
1845 hdr = (const struct ieee80211_hdr *) frame;
1846 fc = le_to_host16(hdr->frame_control);
1848 os_memset(&event, 0, sizeof(event));
1849 event.tx_status.type = WLAN_FC_GET_TYPE(fc);
1850 event.tx_status.stype = WLAN_FC_GET_STYPE(fc);
1851 event.tx_status.dst = hdr->addr1;
1852 event.tx_status.data = frame;
1853 event.tx_status.data_len = len;
1854 event.tx_status.ack = ack != NULL;
1855 wpa_supplicant_event(drv->ctx, EVENT_TX_STATUS, &event);
1859 static void mlme_event_deauth_disassoc(struct wpa_driver_nl80211_data *drv,
1860 enum wpa_event_type type,
1861 const u8 *frame, size_t len)
1863 const struct ieee80211_mgmt *mgmt;
1864 union wpa_event_data event;
1865 const u8 *bssid = NULL;
1866 u16 reason_code = 0;
1868 if (type == EVENT_DEAUTH)
1869 wpa_printf(MSG_DEBUG, "nl80211: Deauthenticate event");
1871 wpa_printf(MSG_DEBUG, "nl80211: Disassociate event");
1873 mgmt = (const struct ieee80211_mgmt *) frame;
1875 bssid = mgmt->bssid;
1877 if ((drv->capa.flags & WPA_DRIVER_FLAGS_SME) &&
1879 os_memcmp(bssid, drv->auth_bssid, ETH_ALEN) != 0 &&
1880 os_memcmp(bssid, drv->auth_attempt_bssid, ETH_ALEN) != 0 &&
1881 os_memcmp(bssid, drv->prev_bssid, ETH_ALEN) == 0) {
1883 * Avoid issues with some roaming cases where
1884 * disconnection event for the old AP may show up after
1885 * we have started connection with the new AP.
1887 wpa_printf(MSG_DEBUG, "nl80211: Ignore deauth/disassoc event from old AP " MACSTR " when already authenticating with " MACSTR,
1889 MAC2STR(drv->auth_attempt_bssid));
1893 if (drv->associated != 0 &&
1894 os_memcmp(bssid, drv->bssid, ETH_ALEN) != 0 &&
1895 os_memcmp(bssid, drv->auth_bssid, ETH_ALEN) != 0) {
1897 * We have presumably received this deauth as a
1898 * response to a clear_state_mismatch() outgoing
1899 * deauth. Don't let it take us offline!
1901 wpa_printf(MSG_DEBUG, "nl80211: Deauth received "
1902 "from Unknown BSSID " MACSTR " -- ignoring",
1908 nl80211_mark_disconnected(drv);
1909 os_memset(&event, 0, sizeof(event));
1911 /* Note: Same offset for Reason Code in both frame subtypes */
1912 if (len >= 24 + sizeof(mgmt->u.deauth))
1913 reason_code = le_to_host16(mgmt->u.deauth.reason_code);
1915 if (type == EVENT_DISASSOC) {
1916 event.disassoc_info.locally_generated =
1917 !os_memcmp(mgmt->sa, drv->first_bss->addr, ETH_ALEN);
1918 event.disassoc_info.addr = bssid;
1919 event.disassoc_info.reason_code = reason_code;
1920 if (frame + len > mgmt->u.disassoc.variable) {
1921 event.disassoc_info.ie = mgmt->u.disassoc.variable;
1922 event.disassoc_info.ie_len = frame + len -
1923 mgmt->u.disassoc.variable;
1926 if (drv->ignore_deauth_event) {
1927 wpa_printf(MSG_DEBUG, "nl80211: Ignore deauth event due to previous forced deauth-during-auth");
1928 drv->ignore_deauth_event = 0;
1931 event.deauth_info.locally_generated =
1932 !os_memcmp(mgmt->sa, drv->first_bss->addr, ETH_ALEN);
1933 if (drv->ignore_next_local_deauth) {
1934 drv->ignore_next_local_deauth = 0;
1935 if (event.deauth_info.locally_generated) {
1936 wpa_printf(MSG_DEBUG, "nl80211: Ignore deauth event triggered due to own deauth request");
1939 wpa_printf(MSG_WARNING, "nl80211: Was expecting local deauth but got another disconnect event first");
1941 event.deauth_info.addr = bssid;
1942 event.deauth_info.reason_code = reason_code;
1943 if (frame + len > mgmt->u.deauth.variable) {
1944 event.deauth_info.ie = mgmt->u.deauth.variable;
1945 event.deauth_info.ie_len = frame + len -
1946 mgmt->u.deauth.variable;
1950 wpa_supplicant_event(drv->ctx, type, &event);
1954 static void mlme_event_unprot_disconnect(struct wpa_driver_nl80211_data *drv,
1955 enum wpa_event_type type,
1956 const u8 *frame, size_t len)
1958 const struct ieee80211_mgmt *mgmt;
1959 union wpa_event_data event;
1960 u16 reason_code = 0;
1962 if (type == EVENT_UNPROT_DEAUTH)
1963 wpa_printf(MSG_DEBUG, "nl80211: Unprot Deauthenticate event");
1965 wpa_printf(MSG_DEBUG, "nl80211: Unprot Disassociate event");
1970 mgmt = (const struct ieee80211_mgmt *) frame;
1972 os_memset(&event, 0, sizeof(event));
1973 /* Note: Same offset for Reason Code in both frame subtypes */
1974 if (len >= 24 + sizeof(mgmt->u.deauth))
1975 reason_code = le_to_host16(mgmt->u.deauth.reason_code);
1977 if (type == EVENT_UNPROT_DISASSOC) {
1978 event.unprot_disassoc.sa = mgmt->sa;
1979 event.unprot_disassoc.da = mgmt->da;
1980 event.unprot_disassoc.reason_code = reason_code;
1982 event.unprot_deauth.sa = mgmt->sa;
1983 event.unprot_deauth.da = mgmt->da;
1984 event.unprot_deauth.reason_code = reason_code;
1987 wpa_supplicant_event(drv->ctx, type, &event);
1991 static void mlme_event(struct i802_bss *bss,
1992 enum nl80211_commands cmd, struct nlattr *frame,
1993 struct nlattr *addr, struct nlattr *timed_out,
1994 struct nlattr *freq, struct nlattr *ack,
1995 struct nlattr *cookie, struct nlattr *sig)
1997 struct wpa_driver_nl80211_data *drv = bss->drv;
2001 if (timed_out && addr) {
2002 mlme_timeout_event(drv, cmd, addr);
2006 if (frame == NULL) {
2007 wpa_printf(MSG_DEBUG,
2008 "nl80211: MLME event %d (%s) without frame data",
2009 cmd, nl80211_command_to_string(cmd));
2013 data = nla_data(frame);
2014 len = nla_len(frame);
2015 if (len < 4 + 2 * ETH_ALEN) {
2016 wpa_printf(MSG_MSGDUMP, "nl80211: MLME event %d (%s) on %s("
2017 MACSTR ") - too short",
2018 cmd, nl80211_command_to_string(cmd), bss->ifname,
2019 MAC2STR(bss->addr));
2022 wpa_printf(MSG_MSGDUMP, "nl80211: MLME event %d (%s) on %s(" MACSTR
2023 ") A1=" MACSTR " A2=" MACSTR, cmd,
2024 nl80211_command_to_string(cmd), bss->ifname,
2025 MAC2STR(bss->addr), MAC2STR(data + 4),
2026 MAC2STR(data + 4 + ETH_ALEN));
2027 if (cmd != NL80211_CMD_FRAME_TX_STATUS && !(data[4] & 0x01) &&
2028 os_memcmp(bss->addr, data + 4, ETH_ALEN) != 0 &&
2029 os_memcmp(bss->addr, data + 4 + ETH_ALEN, ETH_ALEN) != 0) {
2030 wpa_printf(MSG_MSGDUMP, "nl80211: %s: Ignore MLME frame event "
2031 "for foreign address", bss->ifname);
2034 wpa_hexdump(MSG_MSGDUMP, "nl80211: MLME event frame",
2035 nla_data(frame), nla_len(frame));
2038 case NL80211_CMD_AUTHENTICATE:
2039 mlme_event_auth(drv, nla_data(frame), nla_len(frame));
2041 case NL80211_CMD_ASSOCIATE:
2042 mlme_event_assoc(drv, nla_data(frame), nla_len(frame));
2044 case NL80211_CMD_DEAUTHENTICATE:
2045 mlme_event_deauth_disassoc(drv, EVENT_DEAUTH,
2046 nla_data(frame), nla_len(frame));
2048 case NL80211_CMD_DISASSOCIATE:
2049 mlme_event_deauth_disassoc(drv, EVENT_DISASSOC,
2050 nla_data(frame), nla_len(frame));
2052 case NL80211_CMD_FRAME:
2053 mlme_event_mgmt(bss, freq, sig, nla_data(frame),
2056 case NL80211_CMD_FRAME_TX_STATUS:
2057 mlme_event_mgmt_tx_status(drv, cookie, nla_data(frame),
2058 nla_len(frame), ack);
2060 case NL80211_CMD_UNPROT_DEAUTHENTICATE:
2061 mlme_event_unprot_disconnect(drv, EVENT_UNPROT_DEAUTH,
2062 nla_data(frame), nla_len(frame));
2064 case NL80211_CMD_UNPROT_DISASSOCIATE:
2065 mlme_event_unprot_disconnect(drv, EVENT_UNPROT_DISASSOC,
2066 nla_data(frame), nla_len(frame));
2074 static void mlme_event_michael_mic_failure(struct i802_bss *bss,
2075 struct nlattr *tb[])
2077 union wpa_event_data data;
2079 wpa_printf(MSG_DEBUG, "nl80211: MLME event Michael MIC failure");
2080 os_memset(&data, 0, sizeof(data));
2081 if (tb[NL80211_ATTR_MAC]) {
2082 wpa_hexdump(MSG_DEBUG, "nl80211: Source MAC address",
2083 nla_data(tb[NL80211_ATTR_MAC]),
2084 nla_len(tb[NL80211_ATTR_MAC]));
2085 data.michael_mic_failure.src = nla_data(tb[NL80211_ATTR_MAC]);
2087 if (tb[NL80211_ATTR_KEY_SEQ]) {
2088 wpa_hexdump(MSG_DEBUG, "nl80211: TSC",
2089 nla_data(tb[NL80211_ATTR_KEY_SEQ]),
2090 nla_len(tb[NL80211_ATTR_KEY_SEQ]));
2092 if (tb[NL80211_ATTR_KEY_TYPE]) {
2093 enum nl80211_key_type key_type =
2094 nla_get_u32(tb[NL80211_ATTR_KEY_TYPE]);
2095 wpa_printf(MSG_DEBUG, "nl80211: Key Type %d", key_type);
2096 if (key_type == NL80211_KEYTYPE_PAIRWISE)
2097 data.michael_mic_failure.unicast = 1;
2099 data.michael_mic_failure.unicast = 1;
2101 if (tb[NL80211_ATTR_KEY_IDX]) {
2102 u8 key_id = nla_get_u8(tb[NL80211_ATTR_KEY_IDX]);
2103 wpa_printf(MSG_DEBUG, "nl80211: Key Id %d", key_id);
2106 wpa_supplicant_event(bss->ctx, EVENT_MICHAEL_MIC_FAILURE, &data);
2110 static void mlme_event_join_ibss(struct wpa_driver_nl80211_data *drv,
2111 struct nlattr *tb[])
2115 if (tb[NL80211_ATTR_MAC] == NULL) {
2116 wpa_printf(MSG_DEBUG, "nl80211: No address in IBSS joined "
2120 os_memcpy(drv->bssid, nla_data(tb[NL80211_ATTR_MAC]), ETH_ALEN);
2122 drv->associated = 1;
2123 wpa_printf(MSG_DEBUG, "nl80211: IBSS " MACSTR " joined",
2124 MAC2STR(drv->bssid));
2126 freq = nl80211_get_assoc_freq(drv);
2128 wpa_printf(MSG_DEBUG, "nl80211: IBSS on frequency %u MHz",
2130 drv->first_bss->freq = freq;
2133 wpa_supplicant_event(drv->ctx, EVENT_ASSOC, NULL);
2137 static void mlme_event_remain_on_channel(struct wpa_driver_nl80211_data *drv,
2138 int cancel_event, struct nlattr *tb[])
2140 unsigned int freq, chan_type, duration;
2141 union wpa_event_data data;
2144 if (tb[NL80211_ATTR_WIPHY_FREQ])
2145 freq = nla_get_u32(tb[NL80211_ATTR_WIPHY_FREQ]);
2149 if (tb[NL80211_ATTR_WIPHY_CHANNEL_TYPE])
2150 chan_type = nla_get_u32(tb[NL80211_ATTR_WIPHY_CHANNEL_TYPE]);
2154 if (tb[NL80211_ATTR_DURATION])
2155 duration = nla_get_u32(tb[NL80211_ATTR_DURATION]);
2159 if (tb[NL80211_ATTR_COOKIE])
2160 cookie = nla_get_u64(tb[NL80211_ATTR_COOKIE]);
2164 wpa_printf(MSG_DEBUG, "nl80211: Remain-on-channel event (cancel=%d "
2165 "freq=%u channel_type=%u duration=%u cookie=0x%llx (%s))",
2166 cancel_event, freq, chan_type, duration,
2167 (long long unsigned int) cookie,
2168 cookie == drv->remain_on_chan_cookie ? "match" : "unknown");
2170 if (cookie != drv->remain_on_chan_cookie)
2171 return; /* not for us */
2174 drv->pending_remain_on_chan = 0;
2176 os_memset(&data, 0, sizeof(data));
2177 data.remain_on_channel.freq = freq;
2178 data.remain_on_channel.duration = duration;
2179 wpa_supplicant_event(drv->ctx, cancel_event ?
2180 EVENT_CANCEL_REMAIN_ON_CHANNEL :
2181 EVENT_REMAIN_ON_CHANNEL, &data);
2185 static void mlme_event_ft_event(struct wpa_driver_nl80211_data *drv,
2186 struct nlattr *tb[])
2188 union wpa_event_data data;
2190 os_memset(&data, 0, sizeof(data));
2192 if (tb[NL80211_ATTR_IE]) {
2193 data.ft_ies.ies = nla_data(tb[NL80211_ATTR_IE]);
2194 data.ft_ies.ies_len = nla_len(tb[NL80211_ATTR_IE]);
2197 if (tb[NL80211_ATTR_IE_RIC]) {
2198 data.ft_ies.ric_ies = nla_data(tb[NL80211_ATTR_IE_RIC]);
2199 data.ft_ies.ric_ies_len = nla_len(tb[NL80211_ATTR_IE_RIC]);
2202 if (tb[NL80211_ATTR_MAC])
2203 os_memcpy(data.ft_ies.target_ap,
2204 nla_data(tb[NL80211_ATTR_MAC]), ETH_ALEN);
2206 wpa_printf(MSG_DEBUG, "nl80211: FT event target_ap " MACSTR,
2207 MAC2STR(data.ft_ies.target_ap));
2209 wpa_supplicant_event(drv->ctx, EVENT_FT_RESPONSE, &data);
2213 static void send_scan_event(struct wpa_driver_nl80211_data *drv, int aborted,
2214 struct nlattr *tb[])
2216 union wpa_event_data event;
2219 struct scan_info *info;
2220 #define MAX_REPORT_FREQS 50
2221 int freqs[MAX_REPORT_FREQS];
2224 if (drv->scan_for_auth) {
2225 drv->scan_for_auth = 0;
2226 wpa_printf(MSG_DEBUG, "nl80211: Scan results for missing "
2227 "cfg80211 BSS entry");
2228 wpa_driver_nl80211_authenticate_retry(drv);
2232 os_memset(&event, 0, sizeof(event));
2233 info = &event.scan_info;
2234 info->aborted = aborted;
2236 if (tb[NL80211_ATTR_SCAN_SSIDS]) {
2237 nla_for_each_nested(nl, tb[NL80211_ATTR_SCAN_SSIDS], rem) {
2238 struct wpa_driver_scan_ssid *s =
2239 &info->ssids[info->num_ssids];
2240 s->ssid = nla_data(nl);
2241 s->ssid_len = nla_len(nl);
2242 wpa_printf(MSG_DEBUG, "nl80211: Scan probed for SSID '%s'",
2243 wpa_ssid_txt(s->ssid, s->ssid_len));
2245 if (info->num_ssids == WPAS_MAX_SCAN_SSIDS)
2249 if (tb[NL80211_ATTR_SCAN_FREQUENCIES]) {
2250 char msg[200], *pos, *end;
2254 end = pos + sizeof(msg);
2257 nla_for_each_nested(nl, tb[NL80211_ATTR_SCAN_FREQUENCIES], rem)
2259 freqs[num_freqs] = nla_get_u32(nl);
2260 res = os_snprintf(pos, end - pos, " %d",
2262 if (res > 0 && end - pos > res)
2265 if (num_freqs == MAX_REPORT_FREQS - 1)
2268 info->freqs = freqs;
2269 info->num_freqs = num_freqs;
2270 wpa_printf(MSG_DEBUG, "nl80211: Scan included frequencies:%s",
2273 wpa_supplicant_event(drv->ctx, EVENT_SCAN_RESULTS, &event);
2277 static int get_link_signal(struct nl_msg *msg, void *arg)
2279 struct nlattr *tb[NL80211_ATTR_MAX + 1];
2280 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
2281 struct nlattr *sinfo[NL80211_STA_INFO_MAX + 1];
2282 static struct nla_policy policy[NL80211_STA_INFO_MAX + 1] = {
2283 [NL80211_STA_INFO_SIGNAL] = { .type = NLA_U8 },
2284 [NL80211_STA_INFO_SIGNAL_AVG] = { .type = NLA_U8 },
2286 struct nlattr *rinfo[NL80211_RATE_INFO_MAX + 1];
2287 static struct nla_policy rate_policy[NL80211_RATE_INFO_MAX + 1] = {
2288 [NL80211_RATE_INFO_BITRATE] = { .type = NLA_U16 },
2289 [NL80211_RATE_INFO_MCS] = { .type = NLA_U8 },
2290 [NL80211_RATE_INFO_40_MHZ_WIDTH] = { .type = NLA_FLAG },
2291 [NL80211_RATE_INFO_SHORT_GI] = { .type = NLA_FLAG },
2293 struct wpa_signal_info *sig_change = arg;
2295 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
2296 genlmsg_attrlen(gnlh, 0), NULL);
2297 if (!tb[NL80211_ATTR_STA_INFO] ||
2298 nla_parse_nested(sinfo, NL80211_STA_INFO_MAX,
2299 tb[NL80211_ATTR_STA_INFO], policy))
2301 if (!sinfo[NL80211_STA_INFO_SIGNAL])
2304 sig_change->current_signal =
2305 (s8) nla_get_u8(sinfo[NL80211_STA_INFO_SIGNAL]);
2307 if (sinfo[NL80211_STA_INFO_SIGNAL_AVG])
2308 sig_change->avg_signal =
2309 (s8) nla_get_u8(sinfo[NL80211_STA_INFO_SIGNAL_AVG]);
2311 sig_change->avg_signal = 0;
2313 if (sinfo[NL80211_STA_INFO_TX_BITRATE]) {
2314 if (nla_parse_nested(rinfo, NL80211_RATE_INFO_MAX,
2315 sinfo[NL80211_STA_INFO_TX_BITRATE],
2317 sig_change->current_txrate = 0;
2319 if (rinfo[NL80211_RATE_INFO_BITRATE]) {
2320 sig_change->current_txrate =
2322 NL80211_RATE_INFO_BITRATE]) * 100;
2331 static int nl80211_get_link_signal(struct wpa_driver_nl80211_data *drv,
2332 struct wpa_signal_info *sig)
2336 sig->current_signal = -9999;
2337 sig->current_txrate = 0;
2339 msg = nlmsg_alloc();
2343 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_STATION);
2345 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
2346 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, drv->bssid);
2348 return send_and_recv_msgs(drv, msg, get_link_signal, sig);
2355 static int get_link_noise(struct nl_msg *msg, void *arg)
2357 struct nlattr *tb[NL80211_ATTR_MAX + 1];
2358 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
2359 struct nlattr *sinfo[NL80211_SURVEY_INFO_MAX + 1];
2360 static struct nla_policy survey_policy[NL80211_SURVEY_INFO_MAX + 1] = {
2361 [NL80211_SURVEY_INFO_FREQUENCY] = { .type = NLA_U32 },
2362 [NL80211_SURVEY_INFO_NOISE] = { .type = NLA_U8 },
2364 struct wpa_signal_info *sig_change = arg;
2366 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
2367 genlmsg_attrlen(gnlh, 0), NULL);
2369 if (!tb[NL80211_ATTR_SURVEY_INFO]) {
2370 wpa_printf(MSG_DEBUG, "nl80211: survey data missing!");
2374 if (nla_parse_nested(sinfo, NL80211_SURVEY_INFO_MAX,
2375 tb[NL80211_ATTR_SURVEY_INFO],
2377 wpa_printf(MSG_DEBUG, "nl80211: failed to parse nested "
2382 if (!sinfo[NL80211_SURVEY_INFO_FREQUENCY])
2385 if (nla_get_u32(sinfo[NL80211_SURVEY_INFO_FREQUENCY]) !=
2386 sig_change->frequency)
2389 if (!sinfo[NL80211_SURVEY_INFO_NOISE])
2392 sig_change->current_noise =
2393 (s8) nla_get_u8(sinfo[NL80211_SURVEY_INFO_NOISE]);
2399 static int nl80211_get_link_noise(struct wpa_driver_nl80211_data *drv,
2400 struct wpa_signal_info *sig_change)
2404 sig_change->current_noise = 9999;
2405 sig_change->frequency = drv->assoc_freq;
2407 msg = nlmsg_alloc();
2411 nl80211_cmd(drv, msg, NLM_F_DUMP, NL80211_CMD_GET_SURVEY);
2413 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
2415 return send_and_recv_msgs(drv, msg, get_link_noise, sig_change);
2422 static int get_noise_for_scan_results(struct nl_msg *msg, void *arg)
2424 struct nlattr *tb[NL80211_ATTR_MAX + 1];
2425 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
2426 struct nlattr *sinfo[NL80211_SURVEY_INFO_MAX + 1];
2427 static struct nla_policy survey_policy[NL80211_SURVEY_INFO_MAX + 1] = {
2428 [NL80211_SURVEY_INFO_FREQUENCY] = { .type = NLA_U32 },
2429 [NL80211_SURVEY_INFO_NOISE] = { .type = NLA_U8 },
2431 struct wpa_scan_results *scan_results = arg;
2432 struct wpa_scan_res *scan_res;
2435 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
2436 genlmsg_attrlen(gnlh, 0), NULL);
2438 if (!tb[NL80211_ATTR_SURVEY_INFO]) {
2439 wpa_printf(MSG_DEBUG, "nl80211: Survey data missing");
2443 if (nla_parse_nested(sinfo, NL80211_SURVEY_INFO_MAX,
2444 tb[NL80211_ATTR_SURVEY_INFO],
2446 wpa_printf(MSG_DEBUG, "nl80211: Failed to parse nested "
2451 if (!sinfo[NL80211_SURVEY_INFO_NOISE])
2454 if (!sinfo[NL80211_SURVEY_INFO_FREQUENCY])
2457 for (i = 0; i < scan_results->num; ++i) {
2458 scan_res = scan_results->res[i];
2461 if ((int) nla_get_u32(sinfo[NL80211_SURVEY_INFO_FREQUENCY]) !=
2464 if (!(scan_res->flags & WPA_SCAN_NOISE_INVALID))
2466 scan_res->noise = (s8)
2467 nla_get_u8(sinfo[NL80211_SURVEY_INFO_NOISE]);
2468 scan_res->flags &= ~WPA_SCAN_NOISE_INVALID;
2475 static int nl80211_get_noise_for_scan_results(
2476 struct wpa_driver_nl80211_data *drv,
2477 struct wpa_scan_results *scan_res)
2481 msg = nlmsg_alloc();
2485 nl80211_cmd(drv, msg, NLM_F_DUMP, NL80211_CMD_GET_SURVEY);
2487 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
2489 return send_and_recv_msgs(drv, msg, get_noise_for_scan_results,
2497 static void nl80211_cqm_event(struct wpa_driver_nl80211_data *drv,
2498 struct nlattr *tb[])
2500 static struct nla_policy cqm_policy[NL80211_ATTR_CQM_MAX + 1] = {
2501 [NL80211_ATTR_CQM_RSSI_THOLD] = { .type = NLA_U32 },
2502 [NL80211_ATTR_CQM_RSSI_HYST] = { .type = NLA_U8 },
2503 [NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT] = { .type = NLA_U32 },
2504 [NL80211_ATTR_CQM_PKT_LOSS_EVENT] = { .type = NLA_U32 },
2506 struct nlattr *cqm[NL80211_ATTR_CQM_MAX + 1];
2507 enum nl80211_cqm_rssi_threshold_event event;
2508 union wpa_event_data ed;
2509 struct wpa_signal_info sig;
2512 if (tb[NL80211_ATTR_CQM] == NULL ||
2513 nla_parse_nested(cqm, NL80211_ATTR_CQM_MAX, tb[NL80211_ATTR_CQM],
2515 wpa_printf(MSG_DEBUG, "nl80211: Ignore invalid CQM event");
2519 os_memset(&ed, 0, sizeof(ed));
2521 if (cqm[NL80211_ATTR_CQM_PKT_LOSS_EVENT]) {
2522 if (!tb[NL80211_ATTR_MAC])
2524 os_memcpy(ed.low_ack.addr, nla_data(tb[NL80211_ATTR_MAC]),
2526 wpa_supplicant_event(drv->ctx, EVENT_STATION_LOW_ACK, &ed);
2530 if (cqm[NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT] == NULL)
2532 event = nla_get_u32(cqm[NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT]);
2534 if (event == NL80211_CQM_RSSI_THRESHOLD_EVENT_HIGH) {
2535 wpa_printf(MSG_DEBUG, "nl80211: Connection quality monitor "
2536 "event: RSSI high");
2537 ed.signal_change.above_threshold = 1;
2538 } else if (event == NL80211_CQM_RSSI_THRESHOLD_EVENT_LOW) {
2539 wpa_printf(MSG_DEBUG, "nl80211: Connection quality monitor "
2541 ed.signal_change.above_threshold = 0;
2545 res = nl80211_get_link_signal(drv, &sig);
2547 ed.signal_change.current_signal = sig.current_signal;
2548 ed.signal_change.current_txrate = sig.current_txrate;
2549 wpa_printf(MSG_DEBUG, "nl80211: Signal: %d dBm txrate: %d",
2550 sig.current_signal, sig.current_txrate);
2553 res = nl80211_get_link_noise(drv, &sig);
2555 ed.signal_change.current_noise = sig.current_noise;
2556 wpa_printf(MSG_DEBUG, "nl80211: Noise: %d dBm",
2560 wpa_supplicant_event(drv->ctx, EVENT_SIGNAL_CHANGE, &ed);
2564 static void nl80211_new_station_event(struct wpa_driver_nl80211_data *drv,
2568 union wpa_event_data data;
2570 if (tb[NL80211_ATTR_MAC] == NULL)
2572 addr = nla_data(tb[NL80211_ATTR_MAC]);
2573 wpa_printf(MSG_DEBUG, "nl80211: New station " MACSTR, MAC2STR(addr));
2575 if (is_ap_interface(drv->nlmode) && drv->device_ap_sme) {
2578 if (tb[NL80211_ATTR_IE]) {
2579 ies = nla_data(tb[NL80211_ATTR_IE]);
2580 ies_len = nla_len(tb[NL80211_ATTR_IE]);
2582 wpa_hexdump(MSG_DEBUG, "nl80211: Assoc Req IEs", ies, ies_len);
2583 drv_event_assoc(drv->ctx, addr, ies, ies_len, 0);
2587 if (drv->nlmode != NL80211_IFTYPE_ADHOC)
2590 os_memset(&data, 0, sizeof(data));
2591 os_memcpy(data.ibss_rsn_start.peer, addr, ETH_ALEN);
2592 wpa_supplicant_event(drv->ctx, EVENT_IBSS_RSN_START, &data);
2596 static void nl80211_del_station_event(struct wpa_driver_nl80211_data *drv,
2600 union wpa_event_data data;
2602 if (tb[NL80211_ATTR_MAC] == NULL)
2604 addr = nla_data(tb[NL80211_ATTR_MAC]);
2605 wpa_printf(MSG_DEBUG, "nl80211: Delete station " MACSTR,
2608 if (is_ap_interface(drv->nlmode) && drv->device_ap_sme) {
2609 drv_event_disassoc(drv->ctx, addr);
2613 if (drv->nlmode != NL80211_IFTYPE_ADHOC)
2616 os_memset(&data, 0, sizeof(data));
2617 os_memcpy(data.ibss_peer_lost.peer, addr, ETH_ALEN);
2618 wpa_supplicant_event(drv->ctx, EVENT_IBSS_PEER_LOST, &data);
2622 static void nl80211_rekey_offload_event(struct wpa_driver_nl80211_data *drv,
2625 struct nlattr *rekey_info[NUM_NL80211_REKEY_DATA];
2626 static struct nla_policy rekey_policy[NUM_NL80211_REKEY_DATA] = {
2627 [NL80211_REKEY_DATA_KEK] = {
2628 .minlen = NL80211_KEK_LEN,
2629 .maxlen = NL80211_KEK_LEN,
2631 [NL80211_REKEY_DATA_KCK] = {
2632 .minlen = NL80211_KCK_LEN,
2633 .maxlen = NL80211_KCK_LEN,
2635 [NL80211_REKEY_DATA_REPLAY_CTR] = {
2636 .minlen = NL80211_REPLAY_CTR_LEN,
2637 .maxlen = NL80211_REPLAY_CTR_LEN,
2640 union wpa_event_data data;
2642 if (!tb[NL80211_ATTR_MAC])
2644 if (!tb[NL80211_ATTR_REKEY_DATA])
2646 if (nla_parse_nested(rekey_info, MAX_NL80211_REKEY_DATA,
2647 tb[NL80211_ATTR_REKEY_DATA], rekey_policy))
2649 if (!rekey_info[NL80211_REKEY_DATA_REPLAY_CTR])
2652 os_memset(&data, 0, sizeof(data));
2653 data.driver_gtk_rekey.bssid = nla_data(tb[NL80211_ATTR_MAC]);
2654 wpa_printf(MSG_DEBUG, "nl80211: Rekey offload event for BSSID " MACSTR,
2655 MAC2STR(data.driver_gtk_rekey.bssid));
2656 data.driver_gtk_rekey.replay_ctr =
2657 nla_data(rekey_info[NL80211_REKEY_DATA_REPLAY_CTR]);
2658 wpa_hexdump(MSG_DEBUG, "nl80211: Rekey offload - Replay Counter",
2659 data.driver_gtk_rekey.replay_ctr, NL80211_REPLAY_CTR_LEN);
2660 wpa_supplicant_event(drv->ctx, EVENT_DRIVER_GTK_REKEY, &data);
2664 static void nl80211_pmksa_candidate_event(struct wpa_driver_nl80211_data *drv,
2667 struct nlattr *cand[NUM_NL80211_PMKSA_CANDIDATE];
2668 static struct nla_policy cand_policy[NUM_NL80211_PMKSA_CANDIDATE] = {
2669 [NL80211_PMKSA_CANDIDATE_INDEX] = { .type = NLA_U32 },
2670 [NL80211_PMKSA_CANDIDATE_BSSID] = {
2674 [NL80211_PMKSA_CANDIDATE_PREAUTH] = { .type = NLA_FLAG },
2676 union wpa_event_data data;
2678 wpa_printf(MSG_DEBUG, "nl80211: PMKSA candidate event");
2680 if (!tb[NL80211_ATTR_PMKSA_CANDIDATE])
2682 if (nla_parse_nested(cand, MAX_NL80211_PMKSA_CANDIDATE,
2683 tb[NL80211_ATTR_PMKSA_CANDIDATE], cand_policy))
2685 if (!cand[NL80211_PMKSA_CANDIDATE_INDEX] ||
2686 !cand[NL80211_PMKSA_CANDIDATE_BSSID])
2689 os_memset(&data, 0, sizeof(data));
2690 os_memcpy(data.pmkid_candidate.bssid,
2691 nla_data(cand[NL80211_PMKSA_CANDIDATE_BSSID]), ETH_ALEN);
2692 data.pmkid_candidate.index =
2693 nla_get_u32(cand[NL80211_PMKSA_CANDIDATE_INDEX]);
2694 data.pmkid_candidate.preauth =
2695 cand[NL80211_PMKSA_CANDIDATE_PREAUTH] != NULL;
2696 wpa_supplicant_event(drv->ctx, EVENT_PMKID_CANDIDATE, &data);
2700 static void nl80211_client_probe_event(struct wpa_driver_nl80211_data *drv,
2703 union wpa_event_data data;
2705 wpa_printf(MSG_DEBUG, "nl80211: Probe client event");
2707 if (!tb[NL80211_ATTR_MAC] || !tb[NL80211_ATTR_ACK])
2710 os_memset(&data, 0, sizeof(data));
2711 os_memcpy(data.client_poll.addr,
2712 nla_data(tb[NL80211_ATTR_MAC]), ETH_ALEN);
2714 wpa_supplicant_event(drv->ctx, EVENT_DRIVER_CLIENT_POLL_OK, &data);
2718 static void nl80211_tdls_oper_event(struct wpa_driver_nl80211_data *drv,
2721 union wpa_event_data data;
2723 wpa_printf(MSG_DEBUG, "nl80211: TDLS operation event");
2725 if (!tb[NL80211_ATTR_MAC] || !tb[NL80211_ATTR_TDLS_OPERATION])
2728 os_memset(&data, 0, sizeof(data));
2729 os_memcpy(data.tdls.peer, nla_data(tb[NL80211_ATTR_MAC]), ETH_ALEN);
2730 switch (nla_get_u8(tb[NL80211_ATTR_TDLS_OPERATION])) {
2731 case NL80211_TDLS_SETUP:
2732 wpa_printf(MSG_DEBUG, "nl80211: TDLS setup request for peer "
2733 MACSTR, MAC2STR(data.tdls.peer));
2734 data.tdls.oper = TDLS_REQUEST_SETUP;
2736 case NL80211_TDLS_TEARDOWN:
2737 wpa_printf(MSG_DEBUG, "nl80211: TDLS teardown request for peer "
2738 MACSTR, MAC2STR(data.tdls.peer));
2739 data.tdls.oper = TDLS_REQUEST_TEARDOWN;
2742 wpa_printf(MSG_DEBUG, "nl80211: Unsupported TDLS operatione "
2746 if (tb[NL80211_ATTR_REASON_CODE]) {
2747 data.tdls.reason_code =
2748 nla_get_u16(tb[NL80211_ATTR_REASON_CODE]);
2751 wpa_supplicant_event(drv->ctx, EVENT_TDLS, &data);
2755 static void nl80211_stop_ap(struct wpa_driver_nl80211_data *drv,
2758 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_UNAVAILABLE, NULL);
2762 static void nl80211_connect_failed_event(struct wpa_driver_nl80211_data *drv,
2765 union wpa_event_data data;
2768 wpa_printf(MSG_DEBUG, "nl80211: Connect failed event");
2770 if (!tb[NL80211_ATTR_MAC] || !tb[NL80211_ATTR_CONN_FAILED_REASON])
2773 os_memset(&data, 0, sizeof(data));
2774 os_memcpy(data.connect_failed_reason.addr,
2775 nla_data(tb[NL80211_ATTR_MAC]), ETH_ALEN);
2777 reason = nla_get_u32(tb[NL80211_ATTR_CONN_FAILED_REASON]);
2779 case NL80211_CONN_FAIL_MAX_CLIENTS:
2780 wpa_printf(MSG_DEBUG, "nl80211: Max client reached");
2781 data.connect_failed_reason.code = MAX_CLIENT_REACHED;
2783 case NL80211_CONN_FAIL_BLOCKED_CLIENT:
2784 wpa_printf(MSG_DEBUG, "nl80211: Blocked client " MACSTR
2785 " tried to connect",
2786 MAC2STR(data.connect_failed_reason.addr));
2787 data.connect_failed_reason.code = BLOCKED_CLIENT;
2790 wpa_printf(MSG_DEBUG, "nl8021l: Unknown connect failed reason "
2795 wpa_supplicant_event(drv->ctx, EVENT_CONNECT_FAILED_REASON, &data);
2799 static void nl80211_radar_event(struct wpa_driver_nl80211_data *drv,
2802 union wpa_event_data data;
2803 enum nl80211_radar_event event_type;
2805 if (!tb[NL80211_ATTR_WIPHY_FREQ] || !tb[NL80211_ATTR_RADAR_EVENT])
2808 os_memset(&data, 0, sizeof(data));
2809 data.dfs_event.freq = nla_get_u32(tb[NL80211_ATTR_WIPHY_FREQ]);
2810 event_type = nla_get_u32(tb[NL80211_ATTR_RADAR_EVENT]);
2812 /* Check HT params */
2813 if (tb[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) {
2814 data.dfs_event.ht_enabled = 1;
2815 data.dfs_event.chan_offset = 0;
2817 switch (nla_get_u32(tb[NL80211_ATTR_WIPHY_CHANNEL_TYPE])) {
2818 case NL80211_CHAN_NO_HT:
2819 data.dfs_event.ht_enabled = 0;
2821 case NL80211_CHAN_HT20:
2823 case NL80211_CHAN_HT40PLUS:
2824 data.dfs_event.chan_offset = 1;
2826 case NL80211_CHAN_HT40MINUS:
2827 data.dfs_event.chan_offset = -1;
2832 /* Get VHT params */
2833 if (tb[NL80211_ATTR_CHANNEL_WIDTH])
2834 data.dfs_event.chan_width =
2835 convert2width(nla_get_u32(
2836 tb[NL80211_ATTR_CHANNEL_WIDTH]));
2837 if (tb[NL80211_ATTR_CENTER_FREQ1])
2838 data.dfs_event.cf1 = nla_get_u32(tb[NL80211_ATTR_CENTER_FREQ1]);
2839 if (tb[NL80211_ATTR_CENTER_FREQ2])
2840 data.dfs_event.cf2 = nla_get_u32(tb[NL80211_ATTR_CENTER_FREQ2]);
2842 wpa_printf(MSG_DEBUG, "nl80211: DFS event on freq %d MHz, ht: %d, offset: %d, width: %d, cf1: %dMHz, cf2: %dMHz",
2843 data.dfs_event.freq, data.dfs_event.ht_enabled,
2844 data.dfs_event.chan_offset, data.dfs_event.chan_width,
2845 data.dfs_event.cf1, data.dfs_event.cf2);
2847 switch (event_type) {
2848 case NL80211_RADAR_DETECTED:
2849 wpa_supplicant_event(drv->ctx, EVENT_DFS_RADAR_DETECTED, &data);
2851 case NL80211_RADAR_CAC_FINISHED:
2852 wpa_supplicant_event(drv->ctx, EVENT_DFS_CAC_FINISHED, &data);
2854 case NL80211_RADAR_CAC_ABORTED:
2855 wpa_supplicant_event(drv->ctx, EVENT_DFS_CAC_ABORTED, &data);
2857 case NL80211_RADAR_NOP_FINISHED:
2858 wpa_supplicant_event(drv->ctx, EVENT_DFS_NOP_FINISHED, &data);
2861 wpa_printf(MSG_DEBUG, "nl80211: Unknown radar event %d "
2862 "received", event_type);
2868 static void nl80211_spurious_frame(struct i802_bss *bss, struct nlattr **tb,
2871 struct wpa_driver_nl80211_data *drv = bss->drv;
2872 union wpa_event_data event;
2874 if (!tb[NL80211_ATTR_MAC])
2877 os_memset(&event, 0, sizeof(event));
2878 event.rx_from_unknown.bssid = bss->addr;
2879 event.rx_from_unknown.addr = nla_data(tb[NL80211_ATTR_MAC]);
2880 event.rx_from_unknown.wds = wds;
2882 wpa_supplicant_event(drv->ctx, EVENT_RX_FROM_UNKNOWN, &event);
2886 static void qca_nl80211_avoid_freq(struct wpa_driver_nl80211_data *drv,
2887 const u8 *data, size_t len)
2890 union wpa_event_data event;
2891 struct wpa_freq_range *range = NULL;
2892 const struct qca_avoid_freq_list *freq_range;
2894 freq_range = (const struct qca_avoid_freq_list *) data;
2895 if (len < sizeof(freq_range->count))
2898 count = freq_range->count;
2899 if (len < sizeof(freq_range->count) +
2900 count * sizeof(struct qca_avoid_freq_range)) {
2901 wpa_printf(MSG_DEBUG, "nl80211: Ignored too short avoid frequency list (len=%u)",
2902 (unsigned int) len);
2907 range = os_calloc(count, sizeof(struct wpa_freq_range));
2912 os_memset(&event, 0, sizeof(event));
2913 for (i = 0; i < count; i++) {
2914 unsigned int idx = event.freq_range.num;
2915 range[idx].min = freq_range->range[i].start_freq;
2916 range[idx].max = freq_range->range[i].end_freq;
2917 wpa_printf(MSG_DEBUG, "nl80211: Avoid frequency range: %u-%u",
2918 range[idx].min, range[idx].max);
2919 if (range[idx].min > range[idx].max) {
2920 wpa_printf(MSG_DEBUG, "nl80211: Ignore invalid frequency range");
2923 event.freq_range.num++;
2925 event.freq_range.range = range;
2927 wpa_supplicant_event(drv->ctx, EVENT_AVOID_FREQUENCIES, &event);
2933 static void nl80211_vendor_event_qca(struct wpa_driver_nl80211_data *drv,
2934 u32 subcmd, u8 *data, size_t len)
2937 case QCA_NL80211_VENDOR_SUBCMD_AVOID_FREQUENCY:
2938 qca_nl80211_avoid_freq(drv, data, len);
2941 wpa_printf(MSG_DEBUG,
2942 "nl80211: Ignore unsupported QCA vendor event %u",
2949 static void nl80211_vendor_event(struct wpa_driver_nl80211_data *drv,
2952 u32 vendor_id, subcmd, wiphy = 0;
2957 if (!tb[NL80211_ATTR_VENDOR_ID] ||
2958 !tb[NL80211_ATTR_VENDOR_SUBCMD])
2961 vendor_id = nla_get_u32(tb[NL80211_ATTR_VENDOR_ID]);
2962 subcmd = nla_get_u32(tb[NL80211_ATTR_VENDOR_SUBCMD]);
2964 if (tb[NL80211_ATTR_WIPHY])
2965 wiphy = nla_get_u32(tb[NL80211_ATTR_WIPHY]);
2967 wpa_printf(MSG_DEBUG, "nl80211: Vendor event: wiphy=%u vendor_id=0x%x subcmd=%u",
2968 wiphy, vendor_id, subcmd);
2970 if (tb[NL80211_ATTR_VENDOR_DATA]) {
2971 data = nla_data(tb[NL80211_ATTR_VENDOR_DATA]);
2972 len = nla_len(tb[NL80211_ATTR_VENDOR_DATA]);
2973 wpa_hexdump(MSG_MSGDUMP, "nl80211: Vendor data", data, len);
2976 wiphy_idx = nl80211_get_wiphy_index(drv->first_bss);
2977 if (wiphy_idx >= 0 && wiphy_idx != (int) wiphy) {
2978 wpa_printf(MSG_DEBUG, "nl80211: Ignore vendor event for foreign wiphy %u (own: %d)",
2983 switch (vendor_id) {
2985 nl80211_vendor_event_qca(drv, subcmd, data, len);
2988 wpa_printf(MSG_DEBUG, "nl80211: Ignore unsupported vendor event");
2994 static void nl80211_reg_change_event(struct wpa_driver_nl80211_data *drv,
2995 struct nlattr *tb[])
2997 union wpa_event_data data;
2998 enum nl80211_reg_initiator init;
3000 wpa_printf(MSG_DEBUG, "nl80211: Regulatory domain change");
3002 if (tb[NL80211_ATTR_REG_INITIATOR] == NULL)
3005 os_memset(&data, 0, sizeof(data));
3006 init = nla_get_u8(tb[NL80211_ATTR_REG_INITIATOR]);
3007 wpa_printf(MSG_DEBUG, " * initiator=%d", init);
3009 case NL80211_REGDOM_SET_BY_CORE:
3010 data.channel_list_changed.initiator = REGDOM_SET_BY_CORE;
3012 case NL80211_REGDOM_SET_BY_USER:
3013 data.channel_list_changed.initiator = REGDOM_SET_BY_USER;
3015 case NL80211_REGDOM_SET_BY_DRIVER:
3016 data.channel_list_changed.initiator = REGDOM_SET_BY_DRIVER;
3018 case NL80211_REGDOM_SET_BY_COUNTRY_IE:
3019 data.channel_list_changed.initiator = REGDOM_SET_BY_COUNTRY_IE;
3023 if (tb[NL80211_ATTR_REG_TYPE]) {
3024 enum nl80211_reg_type type;
3025 type = nla_get_u8(tb[NL80211_ATTR_REG_TYPE]);
3026 wpa_printf(MSG_DEBUG, " * type=%d", type);
3028 case NL80211_REGDOM_TYPE_COUNTRY:
3029 data.channel_list_changed.type = REGDOM_TYPE_COUNTRY;
3031 case NL80211_REGDOM_TYPE_WORLD:
3032 data.channel_list_changed.type = REGDOM_TYPE_WORLD;
3034 case NL80211_REGDOM_TYPE_CUSTOM_WORLD:
3035 data.channel_list_changed.type =
3036 REGDOM_TYPE_CUSTOM_WORLD;
3038 case NL80211_REGDOM_TYPE_INTERSECTION:
3039 data.channel_list_changed.type =
3040 REGDOM_TYPE_INTERSECTION;
3045 if (tb[NL80211_ATTR_REG_ALPHA2]) {
3046 os_strlcpy(data.channel_list_changed.alpha2,
3047 nla_get_string(tb[NL80211_ATTR_REG_ALPHA2]),
3048 sizeof(data.channel_list_changed.alpha2));
3049 wpa_printf(MSG_DEBUG, " * alpha2=%s",
3050 data.channel_list_changed.alpha2);
3053 wpa_supplicant_event(drv->ctx, EVENT_CHANNEL_LIST_CHANGED, &data);
3057 static void do_process_drv_event(struct i802_bss *bss, int cmd,
3060 struct wpa_driver_nl80211_data *drv = bss->drv;
3061 union wpa_event_data data;
3063 wpa_printf(MSG_DEBUG, "nl80211: Drv Event %d (%s) received for %s",
3064 cmd, nl80211_command_to_string(cmd), bss->ifname);
3066 if (drv->ap_scan_as_station != NL80211_IFTYPE_UNSPECIFIED &&
3067 (cmd == NL80211_CMD_NEW_SCAN_RESULTS ||
3068 cmd == NL80211_CMD_SCAN_ABORTED)) {
3069 wpa_driver_nl80211_set_mode(drv->first_bss,
3070 drv->ap_scan_as_station);
3071 drv->ap_scan_as_station = NL80211_IFTYPE_UNSPECIFIED;
3075 case NL80211_CMD_TRIGGER_SCAN:
3076 wpa_dbg(drv->ctx, MSG_DEBUG, "nl80211: Scan trigger");
3077 drv->scan_state = SCAN_STARTED;
3078 if (drv->scan_for_auth) {
3080 * Cannot indicate EVENT_SCAN_STARTED here since we skip
3081 * EVENT_SCAN_RESULTS in scan_for_auth case and the
3082 * upper layer implementation could get confused about
3085 wpa_printf(MSG_DEBUG, "nl80211: Do not indicate scan-start event due to internal scan_for_auth");
3088 wpa_supplicant_event(drv->ctx, EVENT_SCAN_STARTED, NULL);
3090 case NL80211_CMD_START_SCHED_SCAN:
3091 wpa_dbg(drv->ctx, MSG_DEBUG, "nl80211: Sched scan started");
3092 drv->scan_state = SCHED_SCAN_STARTED;
3094 case NL80211_CMD_SCHED_SCAN_STOPPED:
3095 wpa_dbg(drv->ctx, MSG_DEBUG, "nl80211: Sched scan stopped");
3096 drv->scan_state = SCHED_SCAN_STOPPED;
3097 wpa_supplicant_event(drv->ctx, EVENT_SCHED_SCAN_STOPPED, NULL);
3099 case NL80211_CMD_NEW_SCAN_RESULTS:
3100 wpa_dbg(drv->ctx, MSG_DEBUG,
3101 "nl80211: New scan results available");
3102 drv->scan_state = SCAN_COMPLETED;
3103 drv->scan_complete_events = 1;
3104 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv,
3106 send_scan_event(drv, 0, tb);
3108 case NL80211_CMD_SCHED_SCAN_RESULTS:
3109 wpa_dbg(drv->ctx, MSG_DEBUG,
3110 "nl80211: New sched scan results available");
3111 drv->scan_state = SCHED_SCAN_RESULTS;
3112 send_scan_event(drv, 0, tb);
3114 case NL80211_CMD_SCAN_ABORTED:
3115 wpa_dbg(drv->ctx, MSG_DEBUG, "nl80211: Scan aborted");
3116 drv->scan_state = SCAN_ABORTED;
3118 * Need to indicate that scan results are available in order
3119 * not to make wpa_supplicant stop its scanning.
3121 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv,
3123 send_scan_event(drv, 1, tb);
3125 case NL80211_CMD_AUTHENTICATE:
3126 case NL80211_CMD_ASSOCIATE:
3127 case NL80211_CMD_DEAUTHENTICATE:
3128 case NL80211_CMD_DISASSOCIATE:
3129 case NL80211_CMD_FRAME_TX_STATUS:
3130 case NL80211_CMD_UNPROT_DEAUTHENTICATE:
3131 case NL80211_CMD_UNPROT_DISASSOCIATE:
3132 mlme_event(bss, cmd, tb[NL80211_ATTR_FRAME],
3133 tb[NL80211_ATTR_MAC], tb[NL80211_ATTR_TIMED_OUT],
3134 tb[NL80211_ATTR_WIPHY_FREQ], tb[NL80211_ATTR_ACK],
3135 tb[NL80211_ATTR_COOKIE],
3136 tb[NL80211_ATTR_RX_SIGNAL_DBM]);
3138 case NL80211_CMD_CONNECT:
3139 case NL80211_CMD_ROAM:
3140 mlme_event_connect(drv, cmd,
3141 tb[NL80211_ATTR_STATUS_CODE],
3142 tb[NL80211_ATTR_MAC],
3143 tb[NL80211_ATTR_REQ_IE],
3144 tb[NL80211_ATTR_RESP_IE]);
3146 case NL80211_CMD_CH_SWITCH_NOTIFY:
3147 mlme_event_ch_switch(drv,
3148 tb[NL80211_ATTR_IFINDEX],
3149 tb[NL80211_ATTR_WIPHY_FREQ],
3150 tb[NL80211_ATTR_WIPHY_CHANNEL_TYPE],
3151 tb[NL80211_ATTR_CHANNEL_WIDTH],
3152 tb[NL80211_ATTR_CENTER_FREQ1],
3153 tb[NL80211_ATTR_CENTER_FREQ2]);
3155 case NL80211_CMD_DISCONNECT:
3156 mlme_event_disconnect(drv, tb[NL80211_ATTR_REASON_CODE],
3157 tb[NL80211_ATTR_MAC],
3158 tb[NL80211_ATTR_DISCONNECTED_BY_AP]);
3160 case NL80211_CMD_MICHAEL_MIC_FAILURE:
3161 mlme_event_michael_mic_failure(bss, tb);
3163 case NL80211_CMD_JOIN_IBSS:
3164 mlme_event_join_ibss(drv, tb);
3166 case NL80211_CMD_REMAIN_ON_CHANNEL:
3167 mlme_event_remain_on_channel(drv, 0, tb);
3169 case NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL:
3170 mlme_event_remain_on_channel(drv, 1, tb);
3172 case NL80211_CMD_NOTIFY_CQM:
3173 nl80211_cqm_event(drv, tb);
3175 case NL80211_CMD_REG_CHANGE:
3176 nl80211_reg_change_event(drv, tb);
3178 case NL80211_CMD_REG_BEACON_HINT:
3179 wpa_printf(MSG_DEBUG, "nl80211: Regulatory beacon hint");
3180 os_memset(&data, 0, sizeof(data));
3181 data.channel_list_changed.initiator = REGDOM_BEACON_HINT;
3182 wpa_supplicant_event(drv->ctx, EVENT_CHANNEL_LIST_CHANGED,
3185 case NL80211_CMD_NEW_STATION:
3186 nl80211_new_station_event(drv, tb);
3188 case NL80211_CMD_DEL_STATION:
3189 nl80211_del_station_event(drv, tb);
3191 case NL80211_CMD_SET_REKEY_OFFLOAD:
3192 nl80211_rekey_offload_event(drv, tb);
3194 case NL80211_CMD_PMKSA_CANDIDATE:
3195 nl80211_pmksa_candidate_event(drv, tb);
3197 case NL80211_CMD_PROBE_CLIENT:
3198 nl80211_client_probe_event(drv, tb);
3200 case NL80211_CMD_TDLS_OPER:
3201 nl80211_tdls_oper_event(drv, tb);
3203 case NL80211_CMD_CONN_FAILED:
3204 nl80211_connect_failed_event(drv, tb);
3206 case NL80211_CMD_FT_EVENT:
3207 mlme_event_ft_event(drv, tb);
3209 case NL80211_CMD_RADAR_DETECT:
3210 nl80211_radar_event(drv, tb);
3212 case NL80211_CMD_STOP_AP:
3213 nl80211_stop_ap(drv, tb);
3215 case NL80211_CMD_VENDOR:
3216 nl80211_vendor_event(drv, tb);
3219 wpa_dbg(drv->ctx, MSG_DEBUG, "nl80211: Ignored unknown event "
3226 static int process_drv_event(struct nl_msg *msg, void *arg)
3228 struct wpa_driver_nl80211_data *drv = arg;
3229 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
3230 struct nlattr *tb[NL80211_ATTR_MAX + 1];
3231 struct i802_bss *bss;
3234 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
3235 genlmsg_attrlen(gnlh, 0), NULL);
3237 if (tb[NL80211_ATTR_IFINDEX]) {
3238 ifidx = nla_get_u32(tb[NL80211_ATTR_IFINDEX]);
3240 for (bss = drv->first_bss; bss; bss = bss->next)
3241 if (ifidx == -1 || ifidx == bss->ifindex) {
3242 do_process_drv_event(bss, gnlh->cmd, tb);
3245 wpa_printf(MSG_DEBUG,
3246 "nl80211: Ignored event (cmd=%d) for foreign interface (ifindex %d)",
3248 } else if (tb[NL80211_ATTR_WDEV]) {
3249 u64 wdev_id = nla_get_u64(tb[NL80211_ATTR_WDEV]);
3250 wpa_printf(MSG_DEBUG, "nl80211: Process event on P2P device");
3251 for (bss = drv->first_bss; bss; bss = bss->next) {
3252 if (bss->wdev_id_set && wdev_id == bss->wdev_id) {
3253 do_process_drv_event(bss, gnlh->cmd, tb);
3257 wpa_printf(MSG_DEBUG,
3258 "nl80211: Ignored event (cmd=%d) for foreign interface (wdev 0x%llx)",
3259 gnlh->cmd, (long long unsigned int) wdev_id);
3266 static int process_global_event(struct nl_msg *msg, void *arg)
3268 struct nl80211_global *global = arg;
3269 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
3270 struct nlattr *tb[NL80211_ATTR_MAX + 1];
3271 struct wpa_driver_nl80211_data *drv, *tmp;
3273 struct i802_bss *bss;
3275 int wdev_id_set = 0;
3277 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
3278 genlmsg_attrlen(gnlh, 0), NULL);
3280 if (tb[NL80211_ATTR_IFINDEX])
3281 ifidx = nla_get_u32(tb[NL80211_ATTR_IFINDEX]);
3282 else if (tb[NL80211_ATTR_WDEV]) {
3283 wdev_id = nla_get_u64(tb[NL80211_ATTR_WDEV]);
3287 dl_list_for_each_safe(drv, tmp, &global->interfaces,
3288 struct wpa_driver_nl80211_data, list) {
3289 for (bss = drv->first_bss; bss; bss = bss->next) {
3290 if ((ifidx == -1 && !wdev_id_set) ||
3291 ifidx == bss->ifindex ||
3292 (wdev_id_set && bss->wdev_id_set &&
3293 wdev_id == bss->wdev_id)) {
3294 do_process_drv_event(bss, gnlh->cmd, tb);
3304 static int process_bss_event(struct nl_msg *msg, void *arg)
3306 struct i802_bss *bss = arg;
3307 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
3308 struct nlattr *tb[NL80211_ATTR_MAX + 1];
3310 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
3311 genlmsg_attrlen(gnlh, 0), NULL);
3313 wpa_printf(MSG_DEBUG, "nl80211: BSS Event %d (%s) received for %s",
3314 gnlh->cmd, nl80211_command_to_string(gnlh->cmd),
3317 switch (gnlh->cmd) {
3318 case NL80211_CMD_FRAME:
3319 case NL80211_CMD_FRAME_TX_STATUS:
3320 mlme_event(bss, gnlh->cmd, tb[NL80211_ATTR_FRAME],
3321 tb[NL80211_ATTR_MAC], tb[NL80211_ATTR_TIMED_OUT],
3322 tb[NL80211_ATTR_WIPHY_FREQ], tb[NL80211_ATTR_ACK],
3323 tb[NL80211_ATTR_COOKIE],
3324 tb[NL80211_ATTR_RX_SIGNAL_DBM]);
3326 case NL80211_CMD_UNEXPECTED_FRAME:
3327 nl80211_spurious_frame(bss, tb, 0);
3329 case NL80211_CMD_UNEXPECTED_4ADDR_FRAME:
3330 nl80211_spurious_frame(bss, tb, 1);
3333 wpa_printf(MSG_DEBUG, "nl80211: Ignored unknown event "
3334 "(cmd=%d)", gnlh->cmd);
3342 static void wpa_driver_nl80211_event_receive(int sock, void *eloop_ctx,
3345 struct nl_cb *cb = eloop_ctx;
3348 wpa_printf(MSG_MSGDUMP, "nl80211: Event message available");
3350 res = nl_recvmsgs(handle, cb);
3352 wpa_printf(MSG_INFO, "nl80211: %s->nl_recvmsgs failed: %d",
3359 * wpa_driver_nl80211_set_country - ask nl80211 to set the regulatory domain
3360 * @priv: driver_nl80211 private data
3361 * @alpha2_arg: country to which to switch to
3362 * Returns: 0 on success, -1 on failure
3364 * This asks nl80211 to set the regulatory domain for given
3365 * country ISO / IEC alpha2.
3367 static int wpa_driver_nl80211_set_country(void *priv, const char *alpha2_arg)
3369 struct i802_bss *bss = priv;
3370 struct wpa_driver_nl80211_data *drv = bss->drv;
3374 msg = nlmsg_alloc();
3378 alpha2[0] = alpha2_arg[0];
3379 alpha2[1] = alpha2_arg[1];
3382 nl80211_cmd(drv, msg, 0, NL80211_CMD_REQ_SET_REG);
3384 NLA_PUT_STRING(msg, NL80211_ATTR_REG_ALPHA2, alpha2);
3385 if (send_and_recv_msgs(drv, msg, NULL, NULL))
3394 static int nl80211_get_country(struct nl_msg *msg, void *arg)
3397 struct nlattr *tb_msg[NL80211_ATTR_MAX + 1];
3398 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
3400 nla_parse(tb_msg, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
3401 genlmsg_attrlen(gnlh, 0), NULL);
3402 if (!tb_msg[NL80211_ATTR_REG_ALPHA2]) {
3403 wpa_printf(MSG_DEBUG, "nl80211: No country information available");
3406 os_strlcpy(alpha2, nla_data(tb_msg[NL80211_ATTR_REG_ALPHA2]), 3);
3411 static int wpa_driver_nl80211_get_country(void *priv, char *alpha2)
3413 struct i802_bss *bss = priv;
3414 struct wpa_driver_nl80211_data *drv = bss->drv;
3418 msg = nlmsg_alloc();
3422 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_REG);
3424 ret = send_and_recv_msgs(drv, msg, nl80211_get_country, alpha2);
3432 static int protocol_feature_handler(struct nl_msg *msg, void *arg)
3435 struct nlattr *tb_msg[NL80211_ATTR_MAX + 1];
3436 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
3438 nla_parse(tb_msg, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
3439 genlmsg_attrlen(gnlh, 0), NULL);
3441 if (tb_msg[NL80211_ATTR_PROTOCOL_FEATURES])
3442 *feat = nla_get_u32(tb_msg[NL80211_ATTR_PROTOCOL_FEATURES]);
3448 static u32 get_nl80211_protocol_features(struct wpa_driver_nl80211_data *drv)
3453 msg = nlmsg_alloc();
3455 goto nla_put_failure;
3457 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_PROTOCOL_FEATURES);
3458 if (send_and_recv_msgs(drv, msg, protocol_feature_handler, &feat) == 0)
3468 struct wiphy_info_data {
3469 struct wpa_driver_nl80211_data *drv;
3470 struct wpa_driver_capa *capa;
3472 unsigned int num_multichan_concurrent;
3474 unsigned int error:1;
3475 unsigned int device_ap_sme:1;
3476 unsigned int poll_command_supported:1;
3477 unsigned int data_tx_status:1;
3478 unsigned int monitor_supported:1;
3479 unsigned int auth_supported:1;
3480 unsigned int connect_supported:1;
3481 unsigned int p2p_go_supported:1;
3482 unsigned int p2p_client_supported:1;
3483 unsigned int p2p_concurrent:1;
3484 unsigned int channel_switch_supported:1;
3485 unsigned int set_qos_map_supported:1;
3486 unsigned int have_low_prio_scan:1;
3490 static unsigned int probe_resp_offload_support(int supp_protocols)
3492 unsigned int prot = 0;
3494 if (supp_protocols & NL80211_PROBE_RESP_OFFLOAD_SUPPORT_WPS)
3495 prot |= WPA_DRIVER_PROBE_RESP_OFFLOAD_WPS;
3496 if (supp_protocols & NL80211_PROBE_RESP_OFFLOAD_SUPPORT_WPS2)
3497 prot |= WPA_DRIVER_PROBE_RESP_OFFLOAD_WPS2;
3498 if (supp_protocols & NL80211_PROBE_RESP_OFFLOAD_SUPPORT_P2P)
3499 prot |= WPA_DRIVER_PROBE_RESP_OFFLOAD_P2P;
3500 if (supp_protocols & NL80211_PROBE_RESP_OFFLOAD_SUPPORT_80211U)
3501 prot |= WPA_DRIVER_PROBE_RESP_OFFLOAD_INTERWORKING;
3507 static void wiphy_info_supported_iftypes(struct wiphy_info_data *info,
3510 struct nlattr *nl_mode;
3516 nla_for_each_nested(nl_mode, tb, i) {
3517 switch (nla_type(nl_mode)) {
3518 case NL80211_IFTYPE_AP:
3519 info->capa->flags |= WPA_DRIVER_FLAGS_AP;
3521 case NL80211_IFTYPE_ADHOC:
3522 info->capa->flags |= WPA_DRIVER_FLAGS_IBSS;
3524 case NL80211_IFTYPE_P2P_DEVICE:
3525 info->capa->flags |=
3526 WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE;
3528 case NL80211_IFTYPE_P2P_GO:
3529 info->p2p_go_supported = 1;
3531 case NL80211_IFTYPE_P2P_CLIENT:
3532 info->p2p_client_supported = 1;
3534 case NL80211_IFTYPE_MONITOR:
3535 info->monitor_supported = 1;
3542 static int wiphy_info_iface_comb_process(struct wiphy_info_data *info,
3543 struct nlattr *nl_combi)
3545 struct nlattr *tb_comb[NUM_NL80211_IFACE_COMB];
3546 struct nlattr *tb_limit[NUM_NL80211_IFACE_LIMIT];
3547 struct nlattr *nl_limit, *nl_mode;
3548 int err, rem_limit, rem_mode;
3549 int combination_has_p2p = 0, combination_has_mgd = 0;
3550 static struct nla_policy
3551 iface_combination_policy[NUM_NL80211_IFACE_COMB] = {
3552 [NL80211_IFACE_COMB_LIMITS] = { .type = NLA_NESTED },
3553 [NL80211_IFACE_COMB_MAXNUM] = { .type = NLA_U32 },
3554 [NL80211_IFACE_COMB_STA_AP_BI_MATCH] = { .type = NLA_FLAG },
3555 [NL80211_IFACE_COMB_NUM_CHANNELS] = { .type = NLA_U32 },
3556 [NL80211_IFACE_COMB_RADAR_DETECT_WIDTHS] = { .type = NLA_U32 },
3558 iface_limit_policy[NUM_NL80211_IFACE_LIMIT] = {
3559 [NL80211_IFACE_LIMIT_TYPES] = { .type = NLA_NESTED },
3560 [NL80211_IFACE_LIMIT_MAX] = { .type = NLA_U32 },
3563 err = nla_parse_nested(tb_comb, MAX_NL80211_IFACE_COMB,
3564 nl_combi, iface_combination_policy);
3565 if (err || !tb_comb[NL80211_IFACE_COMB_LIMITS] ||
3566 !tb_comb[NL80211_IFACE_COMB_MAXNUM] ||
3567 !tb_comb[NL80211_IFACE_COMB_NUM_CHANNELS])
3568 return 0; /* broken combination */
3570 if (tb_comb[NL80211_IFACE_COMB_RADAR_DETECT_WIDTHS])
3571 info->capa->flags |= WPA_DRIVER_FLAGS_RADAR;
3573 nla_for_each_nested(nl_limit, tb_comb[NL80211_IFACE_COMB_LIMITS],
3575 err = nla_parse_nested(tb_limit, MAX_NL80211_IFACE_LIMIT,
3576 nl_limit, iface_limit_policy);
3577 if (err || !tb_limit[NL80211_IFACE_LIMIT_TYPES])
3578 return 0; /* broken combination */
3580 nla_for_each_nested(nl_mode,
3581 tb_limit[NL80211_IFACE_LIMIT_TYPES],
3583 int ift = nla_type(nl_mode);
3584 if (ift == NL80211_IFTYPE_P2P_GO ||
3585 ift == NL80211_IFTYPE_P2P_CLIENT)
3586 combination_has_p2p = 1;
3587 if (ift == NL80211_IFTYPE_STATION)
3588 combination_has_mgd = 1;
3590 if (combination_has_p2p && combination_has_mgd)
3594 if (combination_has_p2p && combination_has_mgd) {
3595 unsigned int num_channels =
3596 nla_get_u32(tb_comb[NL80211_IFACE_COMB_NUM_CHANNELS]);
3598 info->p2p_concurrent = 1;
3599 if (info->num_multichan_concurrent < num_channels)
3600 info->num_multichan_concurrent = num_channels;
3607 static void wiphy_info_iface_comb(struct wiphy_info_data *info,
3610 struct nlattr *nl_combi;
3616 nla_for_each_nested(nl_combi, tb, rem_combi) {
3617 if (wiphy_info_iface_comb_process(info, nl_combi) > 0)
3623 static void wiphy_info_supp_cmds(struct wiphy_info_data *info,
3626 struct nlattr *nl_cmd;
3632 nla_for_each_nested(nl_cmd, tb, i) {
3633 switch (nla_get_u32(nl_cmd)) {
3634 case NL80211_CMD_AUTHENTICATE:
3635 info->auth_supported = 1;
3637 case NL80211_CMD_CONNECT:
3638 info->connect_supported = 1;
3640 case NL80211_CMD_START_SCHED_SCAN:
3641 info->capa->sched_scan_supported = 1;
3643 case NL80211_CMD_PROBE_CLIENT:
3644 info->poll_command_supported = 1;
3646 case NL80211_CMD_CHANNEL_SWITCH:
3647 info->channel_switch_supported = 1;
3649 case NL80211_CMD_SET_QOS_MAP:
3650 info->set_qos_map_supported = 1;
3657 static void wiphy_info_cipher_suites(struct wiphy_info_data *info,
3666 num = nla_len(tb) / sizeof(u32);
3667 ciphers = nla_data(tb);
3668 for (i = 0; i < num; i++) {
3671 wpa_printf(MSG_DEBUG, "nl80211: Supported cipher %02x-%02x-%02x:%d",
3672 c >> 24, (c >> 16) & 0xff,
3673 (c >> 8) & 0xff, c & 0xff);
3675 case WLAN_CIPHER_SUITE_CCMP_256:
3676 info->capa->enc |= WPA_DRIVER_CAPA_ENC_CCMP_256;
3678 case WLAN_CIPHER_SUITE_GCMP_256:
3679 info->capa->enc |= WPA_DRIVER_CAPA_ENC_GCMP_256;
3681 case WLAN_CIPHER_SUITE_CCMP:
3682 info->capa->enc |= WPA_DRIVER_CAPA_ENC_CCMP;
3684 case WLAN_CIPHER_SUITE_GCMP:
3685 info->capa->enc |= WPA_DRIVER_CAPA_ENC_GCMP;
3687 case WLAN_CIPHER_SUITE_TKIP:
3688 info->capa->enc |= WPA_DRIVER_CAPA_ENC_TKIP;
3690 case WLAN_CIPHER_SUITE_WEP104:
3691 info->capa->enc |= WPA_DRIVER_CAPA_ENC_WEP104;
3693 case WLAN_CIPHER_SUITE_WEP40:
3694 info->capa->enc |= WPA_DRIVER_CAPA_ENC_WEP40;
3696 case WLAN_CIPHER_SUITE_AES_CMAC:
3697 info->capa->enc |= WPA_DRIVER_CAPA_ENC_BIP;
3699 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
3700 info->capa->enc |= WPA_DRIVER_CAPA_ENC_BIP_GMAC_128;
3702 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
3703 info->capa->enc |= WPA_DRIVER_CAPA_ENC_BIP_GMAC_256;
3705 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
3706 info->capa->enc |= WPA_DRIVER_CAPA_ENC_BIP_CMAC_256;
3708 case WLAN_CIPHER_SUITE_NO_GROUP_ADDR:
3709 info->capa->enc |= WPA_DRIVER_CAPA_ENC_GTK_NOT_USED;
3716 static void wiphy_info_max_roc(struct wpa_driver_capa *capa,
3720 capa->max_remain_on_chan = nla_get_u32(tb);
3724 static void wiphy_info_tdls(struct wpa_driver_capa *capa, struct nlattr *tdls,
3725 struct nlattr *ext_setup)
3730 wpa_printf(MSG_DEBUG, "nl80211: TDLS supported");
3731 capa->flags |= WPA_DRIVER_FLAGS_TDLS_SUPPORT;
3734 wpa_printf(MSG_DEBUG, "nl80211: TDLS external setup");
3735 capa->flags |= WPA_DRIVER_FLAGS_TDLS_EXTERNAL_SETUP;
3740 static void wiphy_info_feature_flags(struct wiphy_info_data *info,
3744 struct wpa_driver_capa *capa = info->capa;
3749 flags = nla_get_u32(tb);
3751 if (flags & NL80211_FEATURE_SK_TX_STATUS)
3752 info->data_tx_status = 1;
3754 if (flags & NL80211_FEATURE_INACTIVITY_TIMER)
3755 capa->flags |= WPA_DRIVER_FLAGS_INACTIVITY_TIMER;
3757 if (flags & NL80211_FEATURE_SAE)
3758 capa->flags |= WPA_DRIVER_FLAGS_SAE;
3760 if (flags & NL80211_FEATURE_NEED_OBSS_SCAN)
3761 capa->flags |= WPA_DRIVER_FLAGS_OBSS_SCAN;
3763 if (flags & NL80211_FEATURE_AP_MODE_CHAN_WIDTH_CHANGE)
3764 capa->flags |= WPA_DRIVER_FLAGS_HT_2040_COEX;
3766 if (flags & NL80211_FEATURE_LOW_PRIORITY_SCAN)
3767 info->have_low_prio_scan = 1;
3771 static void wiphy_info_probe_resp_offload(struct wpa_driver_capa *capa,
3779 protocols = nla_get_u32(tb);
3780 wpa_printf(MSG_DEBUG, "nl80211: Supports Probe Response offload in AP "
3782 capa->flags |= WPA_DRIVER_FLAGS_PROBE_RESP_OFFLOAD;
3783 capa->probe_resp_offloads = probe_resp_offload_support(protocols);
3787 static void wiphy_info_wowlan_triggers(struct wpa_driver_capa *capa,
3790 struct nlattr *triggers[MAX_NL80211_WOWLAN_TRIG + 1];
3795 if (nla_parse_nested(triggers, MAX_NL80211_WOWLAN_TRIG,
3799 if (triggers[NL80211_WOWLAN_TRIG_ANY])
3800 capa->wowlan_triggers.any = 1;
3801 if (triggers[NL80211_WOWLAN_TRIG_DISCONNECT])
3802 capa->wowlan_triggers.disconnect = 1;
3803 if (triggers[NL80211_WOWLAN_TRIG_MAGIC_PKT])
3804 capa->wowlan_triggers.magic_pkt = 1;
3805 if (triggers[NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE])
3806 capa->wowlan_triggers.gtk_rekey_failure = 1;
3807 if (triggers[NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST])
3808 capa->wowlan_triggers.eap_identity_req = 1;
3809 if (triggers[NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE])
3810 capa->wowlan_triggers.four_way_handshake = 1;
3811 if (triggers[NL80211_WOWLAN_TRIG_RFKILL_RELEASE])
3812 capa->wowlan_triggers.rfkill_release = 1;
3816 static int wiphy_info_handler(struct nl_msg *msg, void *arg)
3818 struct nlattr *tb[NL80211_ATTR_MAX + 1];
3819 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
3820 struct wiphy_info_data *info = arg;
3821 struct wpa_driver_capa *capa = info->capa;
3822 struct wpa_driver_nl80211_data *drv = info->drv;
3824 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
3825 genlmsg_attrlen(gnlh, 0), NULL);
3827 if (tb[NL80211_ATTR_WIPHY_NAME])
3828 os_strlcpy(drv->phyname,
3829 nla_get_string(tb[NL80211_ATTR_WIPHY_NAME]),
3830 sizeof(drv->phyname));
3831 if (tb[NL80211_ATTR_MAX_NUM_SCAN_SSIDS])
3832 capa->max_scan_ssids =
3833 nla_get_u8(tb[NL80211_ATTR_MAX_NUM_SCAN_SSIDS]);
3835 if (tb[NL80211_ATTR_MAX_NUM_SCHED_SCAN_SSIDS])
3836 capa->max_sched_scan_ssids =
3837 nla_get_u8(tb[NL80211_ATTR_MAX_NUM_SCHED_SCAN_SSIDS]);
3839 if (tb[NL80211_ATTR_MAX_MATCH_SETS])
3840 capa->max_match_sets =
3841 nla_get_u8(tb[NL80211_ATTR_MAX_MATCH_SETS]);
3843 if (tb[NL80211_ATTR_MAC_ACL_MAX])
3844 capa->max_acl_mac_addrs =
3845 nla_get_u8(tb[NL80211_ATTR_MAC_ACL_MAX]);
3847 wiphy_info_supported_iftypes(info, tb[NL80211_ATTR_SUPPORTED_IFTYPES]);
3848 wiphy_info_iface_comb(info, tb[NL80211_ATTR_INTERFACE_COMBINATIONS]);
3849 wiphy_info_supp_cmds(info, tb[NL80211_ATTR_SUPPORTED_COMMANDS]);
3850 wiphy_info_cipher_suites(info, tb[NL80211_ATTR_CIPHER_SUITES]);
3852 if (tb[NL80211_ATTR_OFFCHANNEL_TX_OK]) {
3853 wpa_printf(MSG_DEBUG, "nl80211: Using driver-based "
3855 capa->flags |= WPA_DRIVER_FLAGS_OFFCHANNEL_TX;
3858 if (tb[NL80211_ATTR_ROAM_SUPPORT]) {
3859 wpa_printf(MSG_DEBUG, "nl80211: Using driver-based roaming");
3860 capa->flags |= WPA_DRIVER_FLAGS_BSS_SELECTION;
3863 wiphy_info_max_roc(capa,
3864 tb[NL80211_ATTR_MAX_REMAIN_ON_CHANNEL_DURATION]);
3866 if (tb[NL80211_ATTR_SUPPORT_AP_UAPSD])
3867 capa->flags |= WPA_DRIVER_FLAGS_AP_UAPSD;
3869 wiphy_info_tdls(capa, tb[NL80211_ATTR_TDLS_SUPPORT],
3870 tb[NL80211_ATTR_TDLS_EXTERNAL_SETUP]);
3872 if (tb[NL80211_ATTR_DEVICE_AP_SME])
3873 info->device_ap_sme = 1;
3875 wiphy_info_feature_flags(info, tb[NL80211_ATTR_FEATURE_FLAGS]);
3876 wiphy_info_probe_resp_offload(capa,
3877 tb[NL80211_ATTR_PROBE_RESP_OFFLOAD]);
3879 if (tb[NL80211_ATTR_EXT_CAPA] && tb[NL80211_ATTR_EXT_CAPA_MASK] &&
3880 drv->extended_capa == NULL) {
3881 drv->extended_capa =
3882 os_malloc(nla_len(tb[NL80211_ATTR_EXT_CAPA]));
3883 if (drv->extended_capa) {
3884 os_memcpy(drv->extended_capa,
3885 nla_data(tb[NL80211_ATTR_EXT_CAPA]),
3886 nla_len(tb[NL80211_ATTR_EXT_CAPA]));
3887 drv->extended_capa_len =
3888 nla_len(tb[NL80211_ATTR_EXT_CAPA]);
3890 drv->extended_capa_mask =
3891 os_malloc(nla_len(tb[NL80211_ATTR_EXT_CAPA]));
3892 if (drv->extended_capa_mask) {
3893 os_memcpy(drv->extended_capa_mask,
3894 nla_data(tb[NL80211_ATTR_EXT_CAPA]),
3895 nla_len(tb[NL80211_ATTR_EXT_CAPA]));
3897 os_free(drv->extended_capa);
3898 drv->extended_capa = NULL;
3899 drv->extended_capa_len = 0;
3903 if (tb[NL80211_ATTR_VENDOR_DATA]) {
3907 nla_for_each_nested(nl, tb[NL80211_ATTR_VENDOR_DATA], rem) {
3908 struct nl80211_vendor_cmd_info *vinfo;
3909 if (nla_len(nl) != sizeof(*vinfo)) {
3910 wpa_printf(MSG_DEBUG, "nl80211: Unexpected vendor data info");
3913 vinfo = nla_data(nl);
3914 switch (vinfo->subcmd) {
3915 case QCA_NL80211_VENDOR_SUBCMD_ROAMING:
3916 drv->roaming_vendor_cmd_avail = 1;
3918 case QCA_NL80211_VENDOR_SUBCMD_DFS_CAPABILITY:
3919 drv->dfs_vendor_cmd_avail = 1;
3923 wpa_printf(MSG_DEBUG, "nl80211: Supported vendor command: vendor_id=0x%x subcmd=%u",
3924 vinfo->vendor_id, vinfo->subcmd);
3928 if (tb[NL80211_ATTR_VENDOR_EVENTS]) {
3932 nla_for_each_nested(nl, tb[NL80211_ATTR_VENDOR_EVENTS], rem) {
3933 struct nl80211_vendor_cmd_info *vinfo;
3934 if (nla_len(nl) != sizeof(*vinfo)) {
3935 wpa_printf(MSG_DEBUG, "nl80211: Unexpected vendor data info");
3938 vinfo = nla_data(nl);
3939 wpa_printf(MSG_DEBUG, "nl80211: Supported vendor event: vendor_id=0x%x subcmd=%u",
3940 vinfo->vendor_id, vinfo->subcmd);
3944 wiphy_info_wowlan_triggers(capa,
3945 tb[NL80211_ATTR_WOWLAN_TRIGGERS_SUPPORTED]);
3947 if (tb[NL80211_ATTR_MAX_AP_ASSOC_STA])
3948 capa->max_stations =
3949 nla_get_u32(tb[NL80211_ATTR_MAX_AP_ASSOC_STA]);
3955 static int wpa_driver_nl80211_get_info(struct wpa_driver_nl80211_data *drv,
3956 struct wiphy_info_data *info)
3961 os_memset(info, 0, sizeof(*info));
3962 info->capa = &drv->capa;
3965 msg = nlmsg_alloc();
3969 feat = get_nl80211_protocol_features(drv);
3970 if (feat & NL80211_PROTOCOL_FEATURE_SPLIT_WIPHY_DUMP)
3971 nl80211_cmd(drv, msg, NLM_F_DUMP, NL80211_CMD_GET_WIPHY);
3973 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_WIPHY);
3975 NLA_PUT_FLAG(msg, NL80211_ATTR_SPLIT_WIPHY_DUMP);
3976 if (nl80211_set_iface_id(msg, drv->first_bss) < 0)
3977 goto nla_put_failure;
3979 if (send_and_recv_msgs(drv, msg, wiphy_info_handler, info))
3982 if (info->auth_supported)
3983 drv->capa.flags |= WPA_DRIVER_FLAGS_SME;
3984 else if (!info->connect_supported) {
3985 wpa_printf(MSG_INFO, "nl80211: Driver does not support "
3986 "authentication/association or connect commands");
3990 if (info->p2p_go_supported && info->p2p_client_supported)
3991 drv->capa.flags |= WPA_DRIVER_FLAGS_P2P_CAPABLE;
3992 if (info->p2p_concurrent) {
3993 wpa_printf(MSG_DEBUG, "nl80211: Use separate P2P group "
3994 "interface (driver advertised support)");
3995 drv->capa.flags |= WPA_DRIVER_FLAGS_P2P_CONCURRENT;
3996 drv->capa.flags |= WPA_DRIVER_FLAGS_P2P_MGMT_AND_NON_P2P;
3998 if (info->num_multichan_concurrent > 1) {
3999 wpa_printf(MSG_DEBUG, "nl80211: Enable multi-channel "
4000 "concurrent (driver advertised support)");
4001 drv->capa.num_multichan_concurrent =
4002 info->num_multichan_concurrent;
4005 /* default to 5000 since early versions of mac80211 don't set it */
4006 if (!drv->capa.max_remain_on_chan)
4007 drv->capa.max_remain_on_chan = 5000;
4009 if (info->channel_switch_supported)
4010 drv->capa.flags |= WPA_DRIVER_FLAGS_AP_CSA;
4019 static int wpa_driver_nl80211_capa(struct wpa_driver_nl80211_data *drv)
4021 struct wiphy_info_data info;
4022 if (wpa_driver_nl80211_get_info(drv, &info))
4028 drv->has_capability = 1;
4029 drv->capa.key_mgmt = WPA_DRIVER_CAPA_KEY_MGMT_WPA |
4030 WPA_DRIVER_CAPA_KEY_MGMT_WPA_PSK |
4031 WPA_DRIVER_CAPA_KEY_MGMT_WPA2 |
4032 WPA_DRIVER_CAPA_KEY_MGMT_WPA2_PSK;
4033 drv->capa.auth = WPA_DRIVER_AUTH_OPEN |
4034 WPA_DRIVER_AUTH_SHARED |
4035 WPA_DRIVER_AUTH_LEAP;
4037 drv->capa.flags |= WPA_DRIVER_FLAGS_SANE_ERROR_CODES;
4038 drv->capa.flags |= WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC_DONE;
4039 drv->capa.flags |= WPA_DRIVER_FLAGS_EAPOL_TX_STATUS;
4042 * As all cfg80211 drivers must support cases where the AP interface is
4043 * removed without the knowledge of wpa_supplicant/hostapd, e.g., in
4044 * case that the user space daemon has crashed, they must be able to
4045 * cleanup all stations and key entries in the AP tear down flow. Thus,
4046 * this flag can/should always be set for cfg80211 drivers.
4048 drv->capa.flags |= WPA_DRIVER_FLAGS_AP_TEARDOWN_SUPPORT;
4050 if (!info.device_ap_sme) {
4051 drv->capa.flags |= WPA_DRIVER_FLAGS_DEAUTH_TX_STATUS;
4054 * No AP SME is currently assumed to also indicate no AP MLME
4055 * in the driver/firmware.
4057 drv->capa.flags |= WPA_DRIVER_FLAGS_AP_MLME;
4060 drv->device_ap_sme = info.device_ap_sme;
4061 drv->poll_command_supported = info.poll_command_supported;
4062 drv->data_tx_status = info.data_tx_status;
4063 if (info.set_qos_map_supported)
4064 drv->capa.flags |= WPA_DRIVER_FLAGS_QOS_MAPPING;
4065 drv->have_low_prio_scan = info.have_low_prio_scan;
4068 * If poll command and tx status are supported, mac80211 is new enough
4069 * to have everything we need to not need monitor interfaces.
4071 drv->use_monitor = !info.poll_command_supported || !info.data_tx_status;
4073 if (drv->device_ap_sme && drv->use_monitor) {
4075 * Non-mac80211 drivers may not support monitor interface.
4076 * Make sure we do not get stuck with incorrect capability here
4077 * by explicitly testing this.
4079 if (!info.monitor_supported) {
4080 wpa_printf(MSG_DEBUG, "nl80211: Disable use_monitor "
4081 "with device_ap_sme since no monitor mode "
4082 "support detected");
4083 drv->use_monitor = 0;
4088 * If we aren't going to use monitor interfaces, but the
4089 * driver doesn't support data TX status, we won't get TX
4090 * status for EAPOL frames.
4092 if (!drv->use_monitor && !info.data_tx_status)
4093 drv->capa.flags &= ~WPA_DRIVER_FLAGS_EAPOL_TX_STATUS;
4100 static int android_genl_ctrl_resolve(struct nl_handle *handle,
4104 * Android ICS has very minimal genl_ctrl_resolve() implementation, so
4105 * need to work around that.
4107 struct nl_cache *cache = NULL;
4108 struct genl_family *nl80211 = NULL;
4111 if (genl_ctrl_alloc_cache(handle, &cache) < 0) {
4112 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate generic "
4117 nl80211 = genl_ctrl_search_by_name(cache, name);
4118 if (nl80211 == NULL)
4121 id = genl_family_get_id(nl80211);
4125 genl_family_put(nl80211);
4127 nl_cache_free(cache);
4131 #define genl_ctrl_resolve android_genl_ctrl_resolve
4132 #endif /* ANDROID */
4135 static int wpa_driver_nl80211_init_nl_global(struct nl80211_global *global)
4139 global->nl_cb = nl_cb_alloc(NL_CB_DEFAULT);
4140 if (global->nl_cb == NULL) {
4141 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate netlink "
4146 global->nl = nl_create_handle(global->nl_cb, "nl");
4147 if (global->nl == NULL)
4150 global->nl80211_id = genl_ctrl_resolve(global->nl, "nl80211");
4151 if (global->nl80211_id < 0) {
4152 wpa_printf(MSG_ERROR, "nl80211: 'nl80211' generic netlink not "
4157 global->nl_event = nl_create_handle(global->nl_cb, "event");
4158 if (global->nl_event == NULL)
4161 ret = nl_get_multicast_id(global, "nl80211", "scan");
4163 ret = nl_socket_add_membership(global->nl_event, ret);
4165 wpa_printf(MSG_ERROR, "nl80211: Could not add multicast "
4166 "membership for scan events: %d (%s)",
4167 ret, strerror(-ret));
4171 ret = nl_get_multicast_id(global, "nl80211", "mlme");
4173 ret = nl_socket_add_membership(global->nl_event, ret);
4175 wpa_printf(MSG_ERROR, "nl80211: Could not add multicast "
4176 "membership for mlme events: %d (%s)",
4177 ret, strerror(-ret));
4181 ret = nl_get_multicast_id(global, "nl80211", "regulatory");
4183 ret = nl_socket_add_membership(global->nl_event, ret);
4185 wpa_printf(MSG_DEBUG, "nl80211: Could not add multicast "
4186 "membership for regulatory events: %d (%s)",
4187 ret, strerror(-ret));
4188 /* Continue without regulatory events */
4191 ret = nl_get_multicast_id(global, "nl80211", "vendor");
4193 ret = nl_socket_add_membership(global->nl_event, ret);
4195 wpa_printf(MSG_DEBUG, "nl80211: Could not add multicast "
4196 "membership for vendor events: %d (%s)",
4197 ret, strerror(-ret));
4198 /* Continue without vendor events */
4201 nl_cb_set(global->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM,
4202 no_seq_check, NULL);
4203 nl_cb_set(global->nl_cb, NL_CB_VALID, NL_CB_CUSTOM,
4204 process_global_event, global);
4206 nl80211_register_eloop_read(&global->nl_event,
4207 wpa_driver_nl80211_event_receive,
4213 nl_destroy_handles(&global->nl_event);
4214 nl_destroy_handles(&global->nl);
4215 nl_cb_put(global->nl_cb);
4216 global->nl_cb = NULL;
4221 static int wpa_driver_nl80211_init_nl(struct wpa_driver_nl80211_data *drv)
4223 drv->nl_cb = nl_cb_alloc(NL_CB_DEFAULT);
4225 wpa_printf(MSG_ERROR, "nl80211: Failed to alloc cb struct");
4229 nl_cb_set(drv->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM,
4230 no_seq_check, NULL);
4231 nl_cb_set(drv->nl_cb, NL_CB_VALID, NL_CB_CUSTOM,
4232 process_drv_event, drv);
4238 static void wpa_driver_nl80211_rfkill_blocked(void *ctx)
4240 wpa_printf(MSG_DEBUG, "nl80211: RFKILL blocked");
4242 * This may be for any interface; use ifdown event to disable
4248 static void wpa_driver_nl80211_rfkill_unblocked(void *ctx)
4250 struct wpa_driver_nl80211_data *drv = ctx;
4251 wpa_printf(MSG_DEBUG, "nl80211: RFKILL unblocked");
4252 if (i802_set_iface_flags(drv->first_bss, 1)) {
4253 wpa_printf(MSG_DEBUG, "nl80211: Could not set interface UP "
4254 "after rfkill unblock");
4257 /* rtnetlink ifup handler will report interface as enabled */
4261 static void wpa_driver_nl80211_handle_eapol_tx_status(int sock,
4265 struct wpa_driver_nl80211_data *drv = eloop_ctx;
4270 struct cmsghdr *cmsg;
4271 int res, found_ee = 0, found_wifi = 0, acked = 0;
4272 union wpa_event_data event;
4274 memset(&msg, 0, sizeof(msg));
4275 msg.msg_iov = &entry;
4277 entry.iov_base = data;
4278 entry.iov_len = sizeof(data);
4279 msg.msg_control = &control;
4280 msg.msg_controllen = sizeof(control);
4282 res = recvmsg(sock, &msg, MSG_ERRQUEUE);
4283 /* if error or not fitting 802.3 header, return */
4287 for (cmsg = CMSG_FIRSTHDR(&msg); cmsg; cmsg = CMSG_NXTHDR(&msg, cmsg))
4289 if (cmsg->cmsg_level == SOL_SOCKET &&
4290 cmsg->cmsg_type == SCM_WIFI_STATUS) {
4294 ack = (void *)CMSG_DATA(cmsg);
4298 if (cmsg->cmsg_level == SOL_PACKET &&
4299 cmsg->cmsg_type == PACKET_TX_TIMESTAMP) {
4300 struct sock_extended_err *err =
4301 (struct sock_extended_err *)CMSG_DATA(cmsg);
4303 if (err->ee_origin == SO_EE_ORIGIN_TXSTATUS)
4308 if (!found_ee || !found_wifi)
4311 memset(&event, 0, sizeof(event));
4312 event.eapol_tx_status.dst = data;
4313 event.eapol_tx_status.data = data + 14;
4314 event.eapol_tx_status.data_len = res - 14;
4315 event.eapol_tx_status.ack = acked;
4316 wpa_supplicant_event(drv->ctx, EVENT_EAPOL_TX_STATUS, &event);
4320 static int nl80211_init_bss(struct i802_bss *bss)
4322 bss->nl_cb = nl_cb_alloc(NL_CB_DEFAULT);
4326 nl_cb_set(bss->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM,
4327 no_seq_check, NULL);
4328 nl_cb_set(bss->nl_cb, NL_CB_VALID, NL_CB_CUSTOM,
4329 process_bss_event, bss);
4335 static void nl80211_destroy_bss(struct i802_bss *bss)
4337 nl_cb_put(bss->nl_cb);
4342 static void * wpa_driver_nl80211_drv_init(void *ctx, const char *ifname,
4343 void *global_priv, int hostapd,
4346 struct wpa_driver_nl80211_data *drv;
4347 struct rfkill_config *rcfg;
4348 struct i802_bss *bss;
4350 if (global_priv == NULL)
4352 drv = os_zalloc(sizeof(*drv));
4355 drv->global = global_priv;
4357 drv->hostapd = !!hostapd;
4358 drv->eapol_sock = -1;
4359 drv->num_if_indices = sizeof(drv->default_if_indices) / sizeof(int);
4360 drv->if_indices = drv->default_if_indices;
4362 drv->first_bss = os_zalloc(sizeof(*drv->first_bss));
4363 if (!drv->first_bss) {
4367 bss = drv->first_bss;
4371 os_strlcpy(bss->ifname, ifname, sizeof(bss->ifname));
4372 drv->monitor_ifidx = -1;
4373 drv->monitor_sock = -1;
4374 drv->eapol_tx_sock = -1;
4375 drv->ap_scan_as_station = NL80211_IFTYPE_UNSPECIFIED;
4377 if (wpa_driver_nl80211_init_nl(drv)) {
4382 if (nl80211_init_bss(bss))
4385 rcfg = os_zalloc(sizeof(*rcfg));
4389 os_strlcpy(rcfg->ifname, ifname, sizeof(rcfg->ifname));
4390 rcfg->blocked_cb = wpa_driver_nl80211_rfkill_blocked;
4391 rcfg->unblocked_cb = wpa_driver_nl80211_rfkill_unblocked;
4392 drv->rfkill = rfkill_init(rcfg);
4393 if (drv->rfkill == NULL) {
4394 wpa_printf(MSG_DEBUG, "nl80211: RFKILL status not available");
4398 if (linux_iface_up(drv->global->ioctl_sock, ifname) > 0)
4399 drv->start_iface_up = 1;
4401 if (wpa_driver_nl80211_finish_drv_init(drv, set_addr, 1))
4404 drv->eapol_tx_sock = socket(PF_PACKET, SOCK_DGRAM, 0);
4405 if (drv->eapol_tx_sock < 0)
4408 if (drv->data_tx_status) {
4411 if (setsockopt(drv->eapol_tx_sock, SOL_SOCKET, SO_WIFI_STATUS,
4412 &enabled, sizeof(enabled)) < 0) {
4413 wpa_printf(MSG_DEBUG,
4414 "nl80211: wifi status sockopt failed\n");
4415 drv->data_tx_status = 0;
4416 if (!drv->use_monitor)
4418 ~WPA_DRIVER_FLAGS_EAPOL_TX_STATUS;
4420 eloop_register_read_sock(drv->eapol_tx_sock,
4421 wpa_driver_nl80211_handle_eapol_tx_status,
4427 dl_list_add(&drv->global->interfaces, &drv->list);
4428 drv->in_interface_list = 1;
4434 wpa_driver_nl80211_deinit(bss);
4440 * wpa_driver_nl80211_init - Initialize nl80211 driver interface
4441 * @ctx: context to be used when calling wpa_supplicant functions,
4442 * e.g., wpa_supplicant_event()
4443 * @ifname: interface name, e.g., wlan0
4444 * @global_priv: private driver global data from global_init()
4445 * Returns: Pointer to private data, %NULL on failure
4447 static void * wpa_driver_nl80211_init(void *ctx, const char *ifname,
4450 return wpa_driver_nl80211_drv_init(ctx, ifname, global_priv, 0, NULL);
4454 static int nl80211_register_frame(struct i802_bss *bss,
4455 struct nl_handle *nl_handle,
4456 u16 type, const u8 *match, size_t match_len)
4458 struct wpa_driver_nl80211_data *drv = bss->drv;
4463 msg = nlmsg_alloc();
4468 wpa_snprintf_hex(buf, sizeof(buf), match, match_len);
4469 wpa_printf(MSG_DEBUG, "nl80211: Register frame type=0x%x (%s) nl_handle=%p match=%s",
4470 type, fc2str(type), nl_handle, buf);
4472 nl80211_cmd(drv, msg, 0, NL80211_CMD_REGISTER_ACTION);
4474 if (nl80211_set_iface_id(msg, bss) < 0)
4475 goto nla_put_failure;
4477 NLA_PUT_U16(msg, NL80211_ATTR_FRAME_TYPE, type);
4478 NLA_PUT(msg, NL80211_ATTR_FRAME_MATCH, match_len, match);
4480 ret = send_and_recv(drv->global, nl_handle, msg, NULL, NULL);
4483 wpa_printf(MSG_DEBUG, "nl80211: Register frame command "
4484 "failed (type=%u): ret=%d (%s)",
4485 type, ret, strerror(-ret));
4486 wpa_hexdump(MSG_DEBUG, "nl80211: Register frame match",
4488 goto nla_put_failure;
4497 static int nl80211_alloc_mgmt_handle(struct i802_bss *bss)
4499 struct wpa_driver_nl80211_data *drv = bss->drv;
4502 wpa_printf(MSG_DEBUG, "nl80211: Mgmt reporting "
4503 "already on! (nl_mgmt=%p)", bss->nl_mgmt);
4507 bss->nl_mgmt = nl_create_handle(drv->nl_cb, "mgmt");
4508 if (bss->nl_mgmt == NULL)
4515 static void nl80211_mgmt_handle_register_eloop(struct i802_bss *bss)
4517 nl80211_register_eloop_read(&bss->nl_mgmt,
4518 wpa_driver_nl80211_event_receive,
4523 static int nl80211_register_action_frame(struct i802_bss *bss,
4524 const u8 *match, size_t match_len)
4526 u16 type = (WLAN_FC_TYPE_MGMT << 2) | (WLAN_FC_STYPE_ACTION << 4);
4527 return nl80211_register_frame(bss, bss->nl_mgmt,
4528 type, match, match_len);
4532 static int nl80211_mgmt_subscribe_non_ap(struct i802_bss *bss)
4534 struct wpa_driver_nl80211_data *drv = bss->drv;
4537 if (nl80211_alloc_mgmt_handle(bss))
4539 wpa_printf(MSG_DEBUG, "nl80211: Subscribe to mgmt frames with non-AP "
4540 "handle %p", bss->nl_mgmt);
4542 if (drv->nlmode == NL80211_IFTYPE_ADHOC) {
4543 u16 type = (WLAN_FC_TYPE_MGMT << 2) | (WLAN_FC_STYPE_AUTH << 4);
4545 /* register for any AUTH message */
4546 nl80211_register_frame(bss, bss->nl_mgmt, type, NULL, 0);
4549 #ifdef CONFIG_INTERWORKING
4550 /* QoS Map Configure */
4551 if (nl80211_register_action_frame(bss, (u8 *) "\x01\x04", 2) < 0)
4553 #endif /* CONFIG_INTERWORKING */
4554 #if defined(CONFIG_P2P) || defined(CONFIG_INTERWORKING)
4555 /* GAS Initial Request */
4556 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0a", 2) < 0)
4558 /* GAS Initial Response */
4559 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0b", 2) < 0)
4561 /* GAS Comeback Request */
4562 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0c", 2) < 0)
4564 /* GAS Comeback Response */
4565 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0d", 2) < 0)
4567 /* Protected GAS Initial Request */
4568 if (nl80211_register_action_frame(bss, (u8 *) "\x09\x0a", 2) < 0)
4570 /* Protected GAS Initial Response */
4571 if (nl80211_register_action_frame(bss, (u8 *) "\x09\x0b", 2) < 0)
4573 /* Protected GAS Comeback Request */
4574 if (nl80211_register_action_frame(bss, (u8 *) "\x09\x0c", 2) < 0)
4576 /* Protected GAS Comeback Response */
4577 if (nl80211_register_action_frame(bss, (u8 *) "\x09\x0d", 2) < 0)
4579 #endif /* CONFIG_P2P || CONFIG_INTERWORKING */
4581 /* P2P Public Action */
4582 if (nl80211_register_action_frame(bss,
4583 (u8 *) "\x04\x09\x50\x6f\x9a\x09",
4587 if (nl80211_register_action_frame(bss,
4588 (u8 *) "\x7f\x50\x6f\x9a\x09",
4591 #endif /* CONFIG_P2P */
4592 #ifdef CONFIG_IEEE80211W
4593 /* SA Query Response */
4594 if (nl80211_register_action_frame(bss, (u8 *) "\x08\x01", 2) < 0)
4596 #endif /* CONFIG_IEEE80211W */
4598 if ((drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT)) {
4599 /* TDLS Discovery Response */
4600 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0e", 2) <
4604 #endif /* CONFIG_TDLS */
4606 /* FT Action frames */
4607 if (nl80211_register_action_frame(bss, (u8 *) "\x06", 1) < 0)
4610 drv->capa.key_mgmt |= WPA_DRIVER_CAPA_KEY_MGMT_FT |
4611 WPA_DRIVER_CAPA_KEY_MGMT_FT_PSK;
4613 /* WNM - BSS Transition Management Request */
4614 if (nl80211_register_action_frame(bss, (u8 *) "\x0a\x07", 2) < 0)
4616 /* WNM-Sleep Mode Response */
4617 if (nl80211_register_action_frame(bss, (u8 *) "\x0a\x11", 2) < 0)
4621 /* WNM-Notification */
4622 if (nl80211_register_action_frame(bss, (u8 *) "\x0a\x1a", 2) < 0)
4624 #endif /* CONFIG_HS20 */
4626 nl80211_mgmt_handle_register_eloop(bss);
4632 static int nl80211_register_spurious_class3(struct i802_bss *bss)
4634 struct wpa_driver_nl80211_data *drv = bss->drv;
4638 msg = nlmsg_alloc();
4642 nl80211_cmd(drv, msg, 0, NL80211_CMD_UNEXPECTED_FRAME);
4644 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, bss->ifindex);
4646 ret = send_and_recv(drv->global, bss->nl_mgmt, msg, NULL, NULL);
4649 wpa_printf(MSG_DEBUG, "nl80211: Register spurious class3 "
4650 "failed: ret=%d (%s)",
4651 ret, strerror(-ret));
4652 goto nla_put_failure;
4661 static int nl80211_mgmt_subscribe_ap(struct i802_bss *bss)
4663 static const int stypes[] = {
4665 WLAN_FC_STYPE_ASSOC_REQ,
4666 WLAN_FC_STYPE_REASSOC_REQ,
4667 WLAN_FC_STYPE_DISASSOC,
4668 WLAN_FC_STYPE_DEAUTH,
4669 WLAN_FC_STYPE_ACTION,
4670 WLAN_FC_STYPE_PROBE_REQ,
4671 /* Beacon doesn't work as mac80211 doesn't currently allow
4672 * it, but it wouldn't really be the right thing anyway as
4673 * it isn't per interface ... maybe just dump the scan
4674 * results periodically for OLBC?
4676 /* WLAN_FC_STYPE_BEACON, */
4680 if (nl80211_alloc_mgmt_handle(bss))
4682 wpa_printf(MSG_DEBUG, "nl80211: Subscribe to mgmt frames with AP "
4683 "handle %p", bss->nl_mgmt);
4685 for (i = 0; i < ARRAY_SIZE(stypes); i++) {
4686 if (nl80211_register_frame(bss, bss->nl_mgmt,
4687 (WLAN_FC_TYPE_MGMT << 2) |
4694 if (nl80211_register_spurious_class3(bss))
4697 if (nl80211_get_wiphy_data_ap(bss) == NULL)
4700 nl80211_mgmt_handle_register_eloop(bss);
4704 nl_destroy_handles(&bss->nl_mgmt);
4709 static int nl80211_mgmt_subscribe_ap_dev_sme(struct i802_bss *bss)
4711 if (nl80211_alloc_mgmt_handle(bss))
4713 wpa_printf(MSG_DEBUG, "nl80211: Subscribe to mgmt frames with AP "
4714 "handle %p (device SME)", bss->nl_mgmt);
4716 if (nl80211_register_frame(bss, bss->nl_mgmt,
4717 (WLAN_FC_TYPE_MGMT << 2) |
4718 (WLAN_FC_STYPE_ACTION << 4),
4722 nl80211_mgmt_handle_register_eloop(bss);
4726 nl_destroy_handles(&bss->nl_mgmt);
4731 static void nl80211_mgmt_unsubscribe(struct i802_bss *bss, const char *reason)
4733 if (bss->nl_mgmt == NULL)
4735 wpa_printf(MSG_DEBUG, "nl80211: Unsubscribe mgmt frames handle %p "
4736 "(%s)", bss->nl_mgmt, reason);
4737 nl80211_destroy_eloop_handle(&bss->nl_mgmt);
4739 nl80211_put_wiphy_data_ap(bss);
4743 static void wpa_driver_nl80211_send_rfkill(void *eloop_ctx, void *timeout_ctx)
4745 wpa_supplicant_event(timeout_ctx, EVENT_INTERFACE_DISABLED, NULL);
4749 static void nl80211_del_p2pdev(struct i802_bss *bss)
4751 struct wpa_driver_nl80211_data *drv = bss->drv;
4755 msg = nlmsg_alloc();
4759 nl80211_cmd(drv, msg, 0, NL80211_CMD_DEL_INTERFACE);
4760 NLA_PUT_U64(msg, NL80211_ATTR_WDEV, bss->wdev_id);
4762 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
4765 wpa_printf(MSG_DEBUG, "nl80211: Delete P2P Device %s (0x%llx): %s",
4766 bss->ifname, (long long unsigned int) bss->wdev_id,
4774 static int nl80211_set_p2pdev(struct i802_bss *bss, int start)
4776 struct wpa_driver_nl80211_data *drv = bss->drv;
4780 msg = nlmsg_alloc();
4785 nl80211_cmd(drv, msg, 0, NL80211_CMD_START_P2P_DEVICE);
4787 nl80211_cmd(drv, msg, 0, NL80211_CMD_STOP_P2P_DEVICE);
4789 NLA_PUT_U64(msg, NL80211_ATTR_WDEV, bss->wdev_id);
4791 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
4794 wpa_printf(MSG_DEBUG, "nl80211: %s P2P Device %s (0x%llx): %s",
4795 start ? "Start" : "Stop",
4796 bss->ifname, (long long unsigned int) bss->wdev_id,
4805 static int i802_set_iface_flags(struct i802_bss *bss, int up)
4807 enum nl80211_iftype nlmode;
4809 nlmode = nl80211_get_ifmode(bss);
4810 if (nlmode != NL80211_IFTYPE_P2P_DEVICE) {
4811 return linux_set_iface_flags(bss->drv->global->ioctl_sock,
4815 /* P2P Device has start/stop which is equivalent */
4816 return nl80211_set_p2pdev(bss, up);
4821 wpa_driver_nl80211_finish_drv_init(struct wpa_driver_nl80211_data *drv,
4822 const u8 *set_addr, int first)
4824 struct i802_bss *bss = drv->first_bss;
4825 int send_rfkill_event = 0;
4826 enum nl80211_iftype nlmode;
4828 drv->ifindex = if_nametoindex(bss->ifname);
4829 bss->ifindex = drv->ifindex;
4830 bss->wdev_id = drv->global->if_add_wdevid;
4831 bss->wdev_id_set = drv->global->if_add_wdevid_set;
4833 bss->if_dynamic = drv->ifindex == drv->global->if_add_ifindex;
4834 bss->if_dynamic = bss->if_dynamic || drv->global->if_add_wdevid_set;
4835 drv->global->if_add_wdevid_set = 0;
4837 if (!bss->if_dynamic && nl80211_get_ifmode(bss) == NL80211_IFTYPE_AP)
4840 if (wpa_driver_nl80211_capa(drv))
4843 wpa_printf(MSG_DEBUG, "nl80211: interface %s in phy %s",
4844 bss->ifname, drv->phyname);
4847 (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 0) ||
4848 linux_set_ifhwaddr(drv->global->ioctl_sock, bss->ifname,
4852 if (first && nl80211_get_ifmode(bss) == NL80211_IFTYPE_AP)
4853 drv->start_mode_ap = 1;
4855 if (drv->hostapd || bss->static_ap)
4856 nlmode = NL80211_IFTYPE_AP;
4857 else if (bss->if_dynamic)
4858 nlmode = nl80211_get_ifmode(bss);
4860 nlmode = NL80211_IFTYPE_STATION;
4862 if (wpa_driver_nl80211_set_mode(bss, nlmode) < 0) {
4863 wpa_printf(MSG_ERROR, "nl80211: Could not configure driver mode");
4867 if (nlmode == NL80211_IFTYPE_P2P_DEVICE)
4868 nl80211_get_macaddr(bss);
4870 if (!rfkill_is_blocked(drv->rfkill)) {
4871 int ret = i802_set_iface_flags(bss, 1);
4873 wpa_printf(MSG_ERROR, "nl80211: Could not set "
4874 "interface '%s' UP", bss->ifname);
4877 if (nlmode == NL80211_IFTYPE_P2P_DEVICE)
4880 wpa_printf(MSG_DEBUG, "nl80211: Could not yet enable "
4881 "interface '%s' due to rfkill", bss->ifname);
4882 if (nlmode == NL80211_IFTYPE_P2P_DEVICE)
4884 drv->if_disabled = 1;
4885 send_rfkill_event = 1;
4889 netlink_send_oper_ifla(drv->global->netlink, drv->ifindex,
4890 1, IF_OPER_DORMANT);
4892 if (linux_get_ifhwaddr(drv->global->ioctl_sock, bss->ifname,
4895 os_memcpy(drv->perm_addr, bss->addr, ETH_ALEN);
4897 if (send_rfkill_event) {
4898 eloop_register_timeout(0, 0, wpa_driver_nl80211_send_rfkill,
4906 static int wpa_driver_nl80211_del_beacon(struct wpa_driver_nl80211_data *drv)
4910 msg = nlmsg_alloc();
4914 wpa_printf(MSG_DEBUG, "nl80211: Remove beacon (ifindex=%d)",
4916 nl80211_cmd(drv, msg, 0, NL80211_CMD_DEL_BEACON);
4917 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
4919 return send_and_recv_msgs(drv, msg, NULL, NULL);
4927 * wpa_driver_nl80211_deinit - Deinitialize nl80211 driver interface
4928 * @bss: Pointer to private nl80211 data from wpa_driver_nl80211_init()
4930 * Shut down driver interface and processing of driver events. Free
4931 * private data buffer if one was allocated in wpa_driver_nl80211_init().
4933 static void wpa_driver_nl80211_deinit(struct i802_bss *bss)
4935 struct wpa_driver_nl80211_data *drv = bss->drv;
4938 if (drv->data_tx_status)
4939 eloop_unregister_read_sock(drv->eapol_tx_sock);
4940 if (drv->eapol_tx_sock >= 0)
4941 close(drv->eapol_tx_sock);
4944 wpa_driver_nl80211_probe_req_report(bss, 0);
4945 if (bss->added_if_into_bridge) {
4946 if (linux_br_del_if(drv->global->ioctl_sock, bss->brname,
4948 wpa_printf(MSG_INFO, "nl80211: Failed to remove "
4949 "interface %s from bridge %s: %s",
4950 bss->ifname, bss->brname, strerror(errno));
4952 nl80211_handle_destroy(drv->rtnl_sk);
4954 if (bss->added_bridge) {
4955 if (linux_br_del(drv->global->ioctl_sock, bss->brname) < 0)
4956 wpa_printf(MSG_INFO, "nl80211: Failed to remove "
4958 bss->brname, strerror(errno));
4961 nl80211_remove_monitor_interface(drv);
4963 if (is_ap_interface(drv->nlmode))
4964 wpa_driver_nl80211_del_beacon(drv);
4966 if (drv->eapol_sock >= 0) {
4967 eloop_unregister_read_sock(drv->eapol_sock);
4968 close(drv->eapol_sock);
4971 if (drv->if_indices != drv->default_if_indices)
4972 os_free(drv->if_indices);
4974 if (drv->disabled_11b_rates)
4975 nl80211_disable_11b_rates(drv, drv->ifindex, 0);
4977 netlink_send_oper_ifla(drv->global->netlink, drv->ifindex, 0,
4979 eloop_cancel_timeout(wpa_driver_nl80211_send_rfkill, drv, drv->ctx);
4980 rfkill_deinit(drv->rfkill);
4982 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv, drv->ctx);
4984 if (!drv->start_iface_up)
4985 (void) i802_set_iface_flags(bss, 0);
4987 if (drv->addr_changed) {
4988 linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 0);
4989 if (linux_set_ifhwaddr(drv->global->ioctl_sock, bss->ifname,
4990 drv->perm_addr) < 0) {
4991 wpa_printf(MSG_DEBUG,
4992 "nl80211: Could not restore permanent MAC address");
4996 if (drv->nlmode != NL80211_IFTYPE_P2P_DEVICE) {
4997 if (!drv->hostapd || !drv->start_mode_ap)
4998 wpa_driver_nl80211_set_mode(bss,
4999 NL80211_IFTYPE_STATION);
5000 nl80211_mgmt_unsubscribe(bss, "deinit");
5002 nl80211_mgmt_unsubscribe(bss, "deinit");
5003 nl80211_del_p2pdev(bss);
5005 nl_cb_put(drv->nl_cb);
5007 nl80211_destroy_bss(drv->first_bss);
5009 os_free(drv->filter_ssids);
5011 os_free(drv->auth_ie);
5013 if (drv->in_interface_list)
5014 dl_list_del(&drv->list);
5016 os_free(drv->extended_capa);
5017 os_free(drv->extended_capa_mask);
5018 os_free(drv->first_bss);
5024 * wpa_driver_nl80211_scan_timeout - Scan timeout to report scan completion
5025 * @eloop_ctx: Driver private data
5026 * @timeout_ctx: ctx argument given to wpa_driver_nl80211_init()
5028 * This function can be used as registered timeout when starting a scan to
5029 * generate a scan completed event if the driver does not report this.
5031 static void wpa_driver_nl80211_scan_timeout(void *eloop_ctx, void *timeout_ctx)
5033 struct wpa_driver_nl80211_data *drv = eloop_ctx;
5034 if (drv->ap_scan_as_station != NL80211_IFTYPE_UNSPECIFIED) {
5035 wpa_driver_nl80211_set_mode(drv->first_bss,
5036 drv->ap_scan_as_station);
5037 drv->ap_scan_as_station = NL80211_IFTYPE_UNSPECIFIED;
5039 wpa_printf(MSG_DEBUG, "Scan timeout - try to get results");
5040 wpa_supplicant_event(timeout_ctx, EVENT_SCAN_RESULTS, NULL);
5044 static struct nl_msg *
5045 nl80211_scan_common(struct wpa_driver_nl80211_data *drv, u8 cmd,
5046 struct wpa_driver_scan_params *params, u64 *wdev_id)
5052 msg = nlmsg_alloc();
5056 nl80211_cmd(drv, msg, 0, cmd);
5059 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
5061 NLA_PUT_U64(msg, NL80211_ATTR_WDEV, *wdev_id);
5063 if (params->num_ssids) {
5064 struct nlattr *ssids;
5066 ssids = nla_nest_start(msg, NL80211_ATTR_SCAN_SSIDS);
5069 for (i = 0; i < params->num_ssids; i++) {
5070 wpa_hexdump_ascii(MSG_MSGDUMP, "nl80211: Scan SSID",
5071 params->ssids[i].ssid,
5072 params->ssids[i].ssid_len);
5073 if (nla_put(msg, i + 1, params->ssids[i].ssid_len,
5074 params->ssids[i].ssid) < 0)
5077 nla_nest_end(msg, ssids);
5080 if (params->extra_ies) {
5081 wpa_hexdump(MSG_MSGDUMP, "nl80211: Scan extra IEs",
5082 params->extra_ies, params->extra_ies_len);
5083 if (nla_put(msg, NL80211_ATTR_IE, params->extra_ies_len,
5084 params->extra_ies) < 0)
5088 if (params->freqs) {
5089 struct nlattr *freqs;
5090 freqs = nla_nest_start(msg, NL80211_ATTR_SCAN_FREQUENCIES);
5093 for (i = 0; params->freqs[i]; i++) {
5094 wpa_printf(MSG_MSGDUMP, "nl80211: Scan frequency %u "
5095 "MHz", params->freqs[i]);
5096 if (nla_put_u32(msg, i + 1, params->freqs[i]) < 0)
5099 nla_nest_end(msg, freqs);
5102 os_free(drv->filter_ssids);
5103 drv->filter_ssids = params->filter_ssids;
5104 params->filter_ssids = NULL;
5105 drv->num_filter_ssids = params->num_filter_ssids;
5107 if (params->only_new_results) {
5108 wpa_printf(MSG_DEBUG, "nl80211: Add NL80211_SCAN_FLAG_FLUSH");
5109 scan_flags |= NL80211_SCAN_FLAG_FLUSH;
5112 if (params->low_priority && drv->have_low_prio_scan) {
5113 wpa_printf(MSG_DEBUG,
5114 "nl80211: Add NL80211_SCAN_FLAG_LOW_PRIORITY");
5115 scan_flags |= NL80211_SCAN_FLAG_LOW_PRIORITY;
5119 NLA_PUT_U32(msg, NL80211_ATTR_SCAN_FLAGS, scan_flags);
5131 * wpa_driver_nl80211_scan - Request the driver to initiate scan
5132 * @bss: Pointer to private driver data from wpa_driver_nl80211_init()
5133 * @params: Scan parameters
5134 * Returns: 0 on success, -1 on failure
5136 static int wpa_driver_nl80211_scan(struct i802_bss *bss,
5137 struct wpa_driver_scan_params *params)
5139 struct wpa_driver_nl80211_data *drv = bss->drv;
5140 int ret = -1, timeout;
5141 struct nl_msg *msg = NULL;
5143 wpa_dbg(drv->ctx, MSG_DEBUG, "nl80211: scan request");
5144 drv->scan_for_auth = 0;
5146 msg = nl80211_scan_common(drv, NL80211_CMD_TRIGGER_SCAN, params,
5147 bss->wdev_id_set ? &bss->wdev_id : NULL);
5151 if (params->p2p_probe) {
5152 struct nlattr *rates;
5154 wpa_printf(MSG_DEBUG, "nl80211: P2P probe - mask SuppRates");
5156 rates = nla_nest_start(msg, NL80211_ATTR_SCAN_SUPP_RATES);
5158 goto nla_put_failure;
5161 * Remove 2.4 GHz rates 1, 2, 5.5, 11 Mbps from supported rates
5162 * by masking out everything else apart from the OFDM rates 6,
5163 * 9, 12, 18, 24, 36, 48, 54 Mbps from non-MCS rates. All 5 GHz
5164 * rates are left enabled.
5166 NLA_PUT(msg, NL80211_BAND_2GHZ, 8,
5167 "\x0c\x12\x18\x24\x30\x48\x60\x6c");
5168 nla_nest_end(msg, rates);
5170 NLA_PUT_FLAG(msg, NL80211_ATTR_TX_NO_CCK_RATE);
5173 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
5176 wpa_printf(MSG_DEBUG, "nl80211: Scan trigger failed: ret=%d "
5177 "(%s)", ret, strerror(-ret));
5178 if (drv->hostapd && is_ap_interface(drv->nlmode)) {
5179 enum nl80211_iftype old_mode = drv->nlmode;
5182 * mac80211 does not allow scan requests in AP mode, so
5183 * try to do this in station mode.
5185 if (wpa_driver_nl80211_set_mode(
5186 bss, NL80211_IFTYPE_STATION))
5187 goto nla_put_failure;
5189 if (wpa_driver_nl80211_scan(bss, params)) {
5190 wpa_driver_nl80211_set_mode(bss, drv->nlmode);
5191 goto nla_put_failure;
5194 /* Restore AP mode when processing scan results */
5195 drv->ap_scan_as_station = old_mode;
5198 goto nla_put_failure;
5201 drv->scan_state = SCAN_REQUESTED;
5202 /* Not all drivers generate "scan completed" wireless event, so try to
5203 * read results after a timeout. */
5205 if (drv->scan_complete_events) {
5207 * The driver seems to deliver events to notify when scan is
5208 * complete, so use longer timeout to avoid race conditions
5209 * with scanning and following association request.
5213 wpa_printf(MSG_DEBUG, "Scan requested (ret=%d) - scan timeout %d "
5214 "seconds", ret, timeout);
5215 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv, drv->ctx);
5216 eloop_register_timeout(timeout, 0, wpa_driver_nl80211_scan_timeout,
5226 * wpa_driver_nl80211_sched_scan - Initiate a scheduled scan
5227 * @priv: Pointer to private driver data from wpa_driver_nl80211_init()
5228 * @params: Scan parameters
5229 * @interval: Interval between scan cycles in milliseconds
5230 * Returns: 0 on success, -1 on failure or if not supported
5232 static int wpa_driver_nl80211_sched_scan(void *priv,
5233 struct wpa_driver_scan_params *params,
5236 struct i802_bss *bss = priv;
5237 struct wpa_driver_nl80211_data *drv = bss->drv;
5242 wpa_dbg(drv->ctx, MSG_DEBUG, "nl80211: sched_scan request");
5245 if (!drv->capa.sched_scan_supported)
5246 return android_pno_start(bss, params);
5247 #endif /* ANDROID */
5249 msg = nl80211_scan_common(drv, NL80211_CMD_START_SCHED_SCAN, params,
5250 bss->wdev_id_set ? &bss->wdev_id : NULL);
5252 goto nla_put_failure;
5254 NLA_PUT_U32(msg, NL80211_ATTR_SCHED_SCAN_INTERVAL, interval);
5256 if ((drv->num_filter_ssids &&
5257 (int) drv->num_filter_ssids <= drv->capa.max_match_sets) ||
5258 params->filter_rssi) {
5259 struct nlattr *match_sets;
5260 match_sets = nla_nest_start(msg, NL80211_ATTR_SCHED_SCAN_MATCH);
5261 if (match_sets == NULL)
5262 goto nla_put_failure;
5264 for (i = 0; i < drv->num_filter_ssids; i++) {
5265 struct nlattr *match_set_ssid;
5266 wpa_hexdump_ascii(MSG_MSGDUMP,
5267 "nl80211: Sched scan filter SSID",
5268 drv->filter_ssids[i].ssid,
5269 drv->filter_ssids[i].ssid_len);
5271 match_set_ssid = nla_nest_start(msg, i + 1);
5272 if (match_set_ssid == NULL)
5273 goto nla_put_failure;
5274 NLA_PUT(msg, NL80211_ATTR_SCHED_SCAN_MATCH_SSID,
5275 drv->filter_ssids[i].ssid_len,
5276 drv->filter_ssids[i].ssid);
5277 if (params->filter_rssi)
5279 NL80211_SCHED_SCAN_MATCH_ATTR_RSSI,
5280 params->filter_rssi);
5282 nla_nest_end(msg, match_set_ssid);
5286 * Due to backward compatibility code, newer kernels treat this
5287 * matchset (with only an RSSI filter) as the default for all
5288 * other matchsets, unless it's the only one, in which case the
5289 * matchset will actually allow all SSIDs above the RSSI.
5291 if (params->filter_rssi) {
5292 struct nlattr *match_set_rssi;
5293 match_set_rssi = nla_nest_start(msg, 0);
5294 if (match_set_rssi == NULL)
5295 goto nla_put_failure;
5296 NLA_PUT_U32(msg, NL80211_SCHED_SCAN_MATCH_ATTR_RSSI,
5297 params->filter_rssi);
5298 wpa_printf(MSG_MSGDUMP,
5299 "nl80211: Sched scan RSSI filter %d dBm",
5300 params->filter_rssi);
5301 nla_nest_end(msg, match_set_rssi);
5304 nla_nest_end(msg, match_sets);
5307 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
5309 /* TODO: if we get an error here, we should fall back to normal scan */
5313 wpa_printf(MSG_DEBUG, "nl80211: Sched scan start failed: "
5314 "ret=%d (%s)", ret, strerror(-ret));
5315 goto nla_put_failure;
5318 wpa_printf(MSG_DEBUG, "nl80211: Sched scan requested (ret=%d) - "
5319 "scan interval %d msec", ret, interval);
5328 * wpa_driver_nl80211_stop_sched_scan - Stop a scheduled scan
5329 * @priv: Pointer to private driver data from wpa_driver_nl80211_init()
5330 * Returns: 0 on success, -1 on failure or if not supported
5332 static int wpa_driver_nl80211_stop_sched_scan(void *priv)
5334 struct i802_bss *bss = priv;
5335 struct wpa_driver_nl80211_data *drv = bss->drv;
5340 if (!drv->capa.sched_scan_supported)
5341 return android_pno_stop(bss);
5342 #endif /* ANDROID */
5344 msg = nlmsg_alloc();
5348 nl80211_cmd(drv, msg, 0, NL80211_CMD_STOP_SCHED_SCAN);
5350 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
5352 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
5355 wpa_printf(MSG_DEBUG, "nl80211: Sched scan stop failed: "
5356 "ret=%d (%s)", ret, strerror(-ret));
5357 goto nla_put_failure;
5360 wpa_printf(MSG_DEBUG, "nl80211: Sched scan stop sent (ret=%d)", ret);
5368 static const u8 * nl80211_get_ie(const u8 *ies, size_t ies_len, u8 ie)
5370 const u8 *end, *pos;
5376 end = ies + ies_len;
5378 while (pos + 1 < end) {
5379 if (pos + 2 + pos[1] > end)
5390 static int nl80211_scan_filtered(struct wpa_driver_nl80211_data *drv,
5391 const u8 *ie, size_t ie_len)
5396 if (drv->filter_ssids == NULL)
5399 ssid = nl80211_get_ie(ie, ie_len, WLAN_EID_SSID);
5403 for (i = 0; i < drv->num_filter_ssids; i++) {
5404 if (ssid[1] == drv->filter_ssids[i].ssid_len &&
5405 os_memcmp(ssid + 2, drv->filter_ssids[i].ssid, ssid[1]) ==
5414 static int bss_info_handler(struct nl_msg *msg, void *arg)
5416 struct nlattr *tb[NL80211_ATTR_MAX + 1];
5417 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
5418 struct nlattr *bss[NL80211_BSS_MAX + 1];
5419 static struct nla_policy bss_policy[NL80211_BSS_MAX + 1] = {
5420 [NL80211_BSS_BSSID] = { .type = NLA_UNSPEC },
5421 [NL80211_BSS_FREQUENCY] = { .type = NLA_U32 },
5422 [NL80211_BSS_TSF] = { .type = NLA_U64 },
5423 [NL80211_BSS_BEACON_INTERVAL] = { .type = NLA_U16 },
5424 [NL80211_BSS_CAPABILITY] = { .type = NLA_U16 },
5425 [NL80211_BSS_INFORMATION_ELEMENTS] = { .type = NLA_UNSPEC },
5426 [NL80211_BSS_SIGNAL_MBM] = { .type = NLA_U32 },
5427 [NL80211_BSS_SIGNAL_UNSPEC] = { .type = NLA_U8 },
5428 [NL80211_BSS_STATUS] = { .type = NLA_U32 },
5429 [NL80211_BSS_SEEN_MS_AGO] = { .type = NLA_U32 },
5430 [NL80211_BSS_BEACON_IES] = { .type = NLA_UNSPEC },
5432 struct nl80211_bss_info_arg *_arg = arg;
5433 struct wpa_scan_results *res = _arg->res;
5434 struct wpa_scan_res **tmp;
5435 struct wpa_scan_res *r;
5436 const u8 *ie, *beacon_ie;
5437 size_t ie_len, beacon_ie_len;
5441 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
5442 genlmsg_attrlen(gnlh, 0), NULL);
5443 if (!tb[NL80211_ATTR_BSS])
5445 if (nla_parse_nested(bss, NL80211_BSS_MAX, tb[NL80211_ATTR_BSS],
5448 if (bss[NL80211_BSS_STATUS]) {
5449 enum nl80211_bss_status status;
5450 status = nla_get_u32(bss[NL80211_BSS_STATUS]);
5451 if (status == NL80211_BSS_STATUS_ASSOCIATED &&
5452 bss[NL80211_BSS_FREQUENCY]) {
5454 nla_get_u32(bss[NL80211_BSS_FREQUENCY]);
5455 wpa_printf(MSG_DEBUG, "nl80211: Associated on %u MHz",
5458 if (status == NL80211_BSS_STATUS_IBSS_JOINED &&
5459 bss[NL80211_BSS_FREQUENCY]) {
5461 nla_get_u32(bss[NL80211_BSS_FREQUENCY]);
5462 wpa_printf(MSG_DEBUG, "nl80211: IBSS-joined on %u MHz",
5465 if (status == NL80211_BSS_STATUS_ASSOCIATED &&
5466 bss[NL80211_BSS_BSSID]) {
5467 os_memcpy(_arg->assoc_bssid,
5468 nla_data(bss[NL80211_BSS_BSSID]), ETH_ALEN);
5469 wpa_printf(MSG_DEBUG, "nl80211: Associated with "
5470 MACSTR, MAC2STR(_arg->assoc_bssid));
5475 if (bss[NL80211_BSS_INFORMATION_ELEMENTS]) {
5476 ie = nla_data(bss[NL80211_BSS_INFORMATION_ELEMENTS]);
5477 ie_len = nla_len(bss[NL80211_BSS_INFORMATION_ELEMENTS]);
5482 if (bss[NL80211_BSS_BEACON_IES]) {
5483 beacon_ie = nla_data(bss[NL80211_BSS_BEACON_IES]);
5484 beacon_ie_len = nla_len(bss[NL80211_BSS_BEACON_IES]);
5490 if (nl80211_scan_filtered(_arg->drv, ie ? ie : beacon_ie,
5491 ie ? ie_len : beacon_ie_len))
5494 r = os_zalloc(sizeof(*r) + ie_len + beacon_ie_len);
5497 if (bss[NL80211_BSS_BSSID])
5498 os_memcpy(r->bssid, nla_data(bss[NL80211_BSS_BSSID]),
5500 if (bss[NL80211_BSS_FREQUENCY])
5501 r->freq = nla_get_u32(bss[NL80211_BSS_FREQUENCY]);
5502 if (bss[NL80211_BSS_BEACON_INTERVAL])
5503 r->beacon_int = nla_get_u16(bss[NL80211_BSS_BEACON_INTERVAL]);
5504 if (bss[NL80211_BSS_CAPABILITY])
5505 r->caps = nla_get_u16(bss[NL80211_BSS_CAPABILITY]);
5506 r->flags |= WPA_SCAN_NOISE_INVALID;
5507 if (bss[NL80211_BSS_SIGNAL_MBM]) {
5508 r->level = nla_get_u32(bss[NL80211_BSS_SIGNAL_MBM]);
5509 r->level /= 100; /* mBm to dBm */
5510 r->flags |= WPA_SCAN_LEVEL_DBM | WPA_SCAN_QUAL_INVALID;
5511 } else if (bss[NL80211_BSS_SIGNAL_UNSPEC]) {
5512 r->level = nla_get_u8(bss[NL80211_BSS_SIGNAL_UNSPEC]);
5513 r->flags |= WPA_SCAN_QUAL_INVALID;
5515 r->flags |= WPA_SCAN_LEVEL_INVALID | WPA_SCAN_QUAL_INVALID;
5516 if (bss[NL80211_BSS_TSF])
5517 r->tsf = nla_get_u64(bss[NL80211_BSS_TSF]);
5518 if (bss[NL80211_BSS_SEEN_MS_AGO])
5519 r->age = nla_get_u32(bss[NL80211_BSS_SEEN_MS_AGO]);
5521 pos = (u8 *) (r + 1);
5523 os_memcpy(pos, ie, ie_len);
5526 r->beacon_ie_len = beacon_ie_len;
5528 os_memcpy(pos, beacon_ie, beacon_ie_len);
5530 if (bss[NL80211_BSS_STATUS]) {
5531 enum nl80211_bss_status status;
5532 status = nla_get_u32(bss[NL80211_BSS_STATUS]);
5534 case NL80211_BSS_STATUS_AUTHENTICATED:
5535 r->flags |= WPA_SCAN_AUTHENTICATED;
5537 case NL80211_BSS_STATUS_ASSOCIATED:
5538 r->flags |= WPA_SCAN_ASSOCIATED;
5546 * cfg80211 maintains separate BSS table entries for APs if the same
5547 * BSSID,SSID pair is seen on multiple channels. wpa_supplicant does
5548 * not use frequency as a separate key in the BSS table, so filter out
5549 * duplicated entries. Prefer associated BSS entry in such a case in
5550 * order to get the correct frequency into the BSS table. Similarly,
5551 * prefer newer entries over older.
5553 for (i = 0; i < res->num; i++) {
5555 if (os_memcmp(res->res[i]->bssid, r->bssid, ETH_ALEN) != 0)
5558 s1 = nl80211_get_ie((u8 *) (res->res[i] + 1),
5559 res->res[i]->ie_len, WLAN_EID_SSID);
5560 s2 = nl80211_get_ie((u8 *) (r + 1), r->ie_len, WLAN_EID_SSID);
5561 if (s1 == NULL || s2 == NULL || s1[1] != s2[1] ||
5562 os_memcmp(s1, s2, 2 + s1[1]) != 0)
5565 /* Same BSSID,SSID was already included in scan results */
5566 wpa_printf(MSG_DEBUG, "nl80211: Remove duplicated scan result "
5567 "for " MACSTR, MAC2STR(r->bssid));
5569 if (((r->flags & WPA_SCAN_ASSOCIATED) &&
5570 !(res->res[i]->flags & WPA_SCAN_ASSOCIATED)) ||
5571 r->age < res->res[i]->age) {
5572 os_free(res->res[i]);
5579 tmp = os_realloc_array(res->res, res->num + 1,
5580 sizeof(struct wpa_scan_res *));
5585 tmp[res->num++] = r;
5592 static void clear_state_mismatch(struct wpa_driver_nl80211_data *drv,
5595 if (drv->capa.flags & WPA_DRIVER_FLAGS_SME) {
5596 wpa_printf(MSG_DEBUG, "nl80211: Clear possible state "
5597 "mismatch (" MACSTR ")", MAC2STR(addr));
5598 wpa_driver_nl80211_mlme(drv, addr,
5599 NL80211_CMD_DEAUTHENTICATE,
5600 WLAN_REASON_PREV_AUTH_NOT_VALID, 1);
5605 static void wpa_driver_nl80211_check_bss_status(
5606 struct wpa_driver_nl80211_data *drv, struct wpa_scan_results *res)
5610 for (i = 0; i < res->num; i++) {
5611 struct wpa_scan_res *r = res->res[i];
5612 if (r->flags & WPA_SCAN_AUTHENTICATED) {
5613 wpa_printf(MSG_DEBUG, "nl80211: Scan results "
5614 "indicates BSS status with " MACSTR
5615 " as authenticated",
5617 if (is_sta_interface(drv->nlmode) &&
5618 os_memcmp(r->bssid, drv->bssid, ETH_ALEN) != 0 &&
5619 os_memcmp(r->bssid, drv->auth_bssid, ETH_ALEN) !=
5621 wpa_printf(MSG_DEBUG, "nl80211: Unknown BSSID"
5622 " in local state (auth=" MACSTR
5623 " assoc=" MACSTR ")",
5624 MAC2STR(drv->auth_bssid),
5625 MAC2STR(drv->bssid));
5626 clear_state_mismatch(drv, r->bssid);
5630 if (r->flags & WPA_SCAN_ASSOCIATED) {
5631 wpa_printf(MSG_DEBUG, "nl80211: Scan results "
5632 "indicate BSS status with " MACSTR
5635 if (is_sta_interface(drv->nlmode) &&
5637 wpa_printf(MSG_DEBUG, "nl80211: Local state "
5638 "(not associated) does not match "
5640 clear_state_mismatch(drv, r->bssid);
5641 } else if (is_sta_interface(drv->nlmode) &&
5642 os_memcmp(drv->bssid, r->bssid, ETH_ALEN) !=
5644 wpa_printf(MSG_DEBUG, "nl80211: Local state "
5645 "(associated with " MACSTR ") does "
5646 "not match with BSS state",
5647 MAC2STR(drv->bssid));
5648 clear_state_mismatch(drv, r->bssid);
5649 clear_state_mismatch(drv, drv->bssid);
5656 static struct wpa_scan_results *
5657 nl80211_get_scan_results(struct wpa_driver_nl80211_data *drv)
5660 struct wpa_scan_results *res;
5662 struct nl80211_bss_info_arg arg;
5664 res = os_zalloc(sizeof(*res));
5667 msg = nlmsg_alloc();
5669 goto nla_put_failure;
5671 nl80211_cmd(drv, msg, NLM_F_DUMP, NL80211_CMD_GET_SCAN);
5672 if (nl80211_set_iface_id(msg, drv->first_bss) < 0)
5673 goto nla_put_failure;
5677 ret = send_and_recv_msgs(drv, msg, bss_info_handler, &arg);
5680 wpa_printf(MSG_DEBUG, "nl80211: Received scan results (%lu "
5681 "BSSes)", (unsigned long) res->num);
5682 nl80211_get_noise_for_scan_results(drv, res);
5685 wpa_printf(MSG_DEBUG, "nl80211: Scan result fetch failed: ret=%d "
5686 "(%s)", ret, strerror(-ret));
5689 wpa_scan_results_free(res);
5695 * wpa_driver_nl80211_get_scan_results - Fetch the latest scan results
5696 * @priv: Pointer to private wext data from wpa_driver_nl80211_init()
5697 * Returns: Scan results on success, -1 on failure
5699 static struct wpa_scan_results *
5700 wpa_driver_nl80211_get_scan_results(void *priv)
5702 struct i802_bss *bss = priv;
5703 struct wpa_driver_nl80211_data *drv = bss->drv;
5704 struct wpa_scan_results *res;
5706 res = nl80211_get_scan_results(drv);
5708 wpa_driver_nl80211_check_bss_status(drv, res);
5713 static void nl80211_dump_scan(struct wpa_driver_nl80211_data *drv)
5715 struct wpa_scan_results *res;
5718 res = nl80211_get_scan_results(drv);
5720 wpa_printf(MSG_DEBUG, "nl80211: Failed to get scan results");
5724 wpa_printf(MSG_DEBUG, "nl80211: Scan result dump");
5725 for (i = 0; i < res->num; i++) {
5726 struct wpa_scan_res *r = res->res[i];
5727 wpa_printf(MSG_DEBUG, "nl80211: %d/%d " MACSTR "%s%s",
5728 (int) i, (int) res->num, MAC2STR(r->bssid),
5729 r->flags & WPA_SCAN_AUTHENTICATED ? " [auth]" : "",
5730 r->flags & WPA_SCAN_ASSOCIATED ? " [assoc]" : "");
5733 wpa_scan_results_free(res);
5737 static u32 wpa_alg_to_cipher_suite(enum wpa_alg alg, size_t key_len)
5742 return WLAN_CIPHER_SUITE_WEP40;
5743 return WLAN_CIPHER_SUITE_WEP104;
5745 return WLAN_CIPHER_SUITE_TKIP;
5747 return WLAN_CIPHER_SUITE_CCMP;
5749 return WLAN_CIPHER_SUITE_GCMP;
5750 case WPA_ALG_CCMP_256:
5751 return WLAN_CIPHER_SUITE_CCMP_256;
5752 case WPA_ALG_GCMP_256:
5753 return WLAN_CIPHER_SUITE_GCMP_256;
5755 return WLAN_CIPHER_SUITE_AES_CMAC;
5756 case WPA_ALG_BIP_GMAC_128:
5757 return WLAN_CIPHER_SUITE_BIP_GMAC_128;
5758 case WPA_ALG_BIP_GMAC_256:
5759 return WLAN_CIPHER_SUITE_BIP_GMAC_256;
5760 case WPA_ALG_BIP_CMAC_256:
5761 return WLAN_CIPHER_SUITE_BIP_CMAC_256;
5763 return WLAN_CIPHER_SUITE_SMS4;
5765 return WLAN_CIPHER_SUITE_KRK;
5768 wpa_printf(MSG_ERROR, "nl80211: Unexpected encryption algorithm %d",
5773 wpa_printf(MSG_ERROR, "nl80211: Unsupported encryption algorithm %d",
5779 static u32 wpa_cipher_to_cipher_suite(unsigned int cipher)
5782 case WPA_CIPHER_CCMP_256:
5783 return WLAN_CIPHER_SUITE_CCMP_256;
5784 case WPA_CIPHER_GCMP_256:
5785 return WLAN_CIPHER_SUITE_GCMP_256;
5786 case WPA_CIPHER_CCMP:
5787 return WLAN_CIPHER_SUITE_CCMP;
5788 case WPA_CIPHER_GCMP:
5789 return WLAN_CIPHER_SUITE_GCMP;
5790 case WPA_CIPHER_TKIP:
5791 return WLAN_CIPHER_SUITE_TKIP;
5792 case WPA_CIPHER_WEP104:
5793 return WLAN_CIPHER_SUITE_WEP104;
5794 case WPA_CIPHER_WEP40:
5795 return WLAN_CIPHER_SUITE_WEP40;
5796 case WPA_CIPHER_GTK_NOT_USED:
5797 return WLAN_CIPHER_SUITE_NO_GROUP_ADDR;
5804 static int wpa_cipher_to_cipher_suites(unsigned int ciphers, u32 suites[],
5809 if (num_suites < max_suites && ciphers & WPA_CIPHER_CCMP_256)
5810 suites[num_suites++] = WLAN_CIPHER_SUITE_CCMP_256;
5811 if (num_suites < max_suites && ciphers & WPA_CIPHER_GCMP_256)
5812 suites[num_suites++] = WLAN_CIPHER_SUITE_GCMP_256;
5813 if (num_suites < max_suites && ciphers & WPA_CIPHER_CCMP)
5814 suites[num_suites++] = WLAN_CIPHER_SUITE_CCMP;
5815 if (num_suites < max_suites && ciphers & WPA_CIPHER_GCMP)
5816 suites[num_suites++] = WLAN_CIPHER_SUITE_GCMP;
5817 if (num_suites < max_suites && ciphers & WPA_CIPHER_TKIP)
5818 suites[num_suites++] = WLAN_CIPHER_SUITE_TKIP;
5819 if (num_suites < max_suites && ciphers & WPA_CIPHER_WEP104)
5820 suites[num_suites++] = WLAN_CIPHER_SUITE_WEP104;
5821 if (num_suites < max_suites && ciphers & WPA_CIPHER_WEP40)
5822 suites[num_suites++] = WLAN_CIPHER_SUITE_WEP40;
5828 static int wpa_driver_nl80211_set_key(const char *ifname, struct i802_bss *bss,
5829 enum wpa_alg alg, const u8 *addr,
5830 int key_idx, int set_tx,
5831 const u8 *seq, size_t seq_len,
5832 const u8 *key, size_t key_len)
5834 struct wpa_driver_nl80211_data *drv = bss->drv;
5840 /* Ignore for P2P Device */
5841 if (drv->nlmode == NL80211_IFTYPE_P2P_DEVICE)
5844 ifindex = if_nametoindex(ifname);
5845 wpa_printf(MSG_DEBUG, "%s: ifindex=%d (%s) alg=%d addr=%p key_idx=%d "
5846 "set_tx=%d seq_len=%lu key_len=%lu",
5847 __func__, ifindex, ifname, alg, addr, key_idx, set_tx,
5848 (unsigned long) seq_len, (unsigned long) key_len);
5850 if (key_idx == -1) {
5854 #endif /* CONFIG_TDLS */
5856 msg = nlmsg_alloc();
5860 if (alg == WPA_ALG_NONE) {
5861 nl80211_cmd(drv, msg, 0, NL80211_CMD_DEL_KEY);
5863 nl80211_cmd(drv, msg, 0, NL80211_CMD_NEW_KEY);
5864 NLA_PUT(msg, NL80211_ATTR_KEY_DATA, key_len, key);
5865 wpa_hexdump_key(MSG_DEBUG, "nl80211: KEY_DATA", key, key_len);
5866 NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
5867 wpa_alg_to_cipher_suite(alg, key_len));
5870 if (seq && seq_len) {
5871 NLA_PUT(msg, NL80211_ATTR_KEY_SEQ, seq_len, seq);
5872 wpa_hexdump(MSG_DEBUG, "nl80211: KEY_SEQ", seq, seq_len);
5875 if (addr && !is_broadcast_ether_addr(addr)) {
5876 wpa_printf(MSG_DEBUG, " addr=" MACSTR, MAC2STR(addr));
5877 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
5879 if (alg != WPA_ALG_WEP && key_idx && !set_tx) {
5880 wpa_printf(MSG_DEBUG, " RSN IBSS RX GTK");
5881 NLA_PUT_U32(msg, NL80211_ATTR_KEY_TYPE,
5882 NL80211_KEYTYPE_GROUP);
5884 } else if (addr && is_broadcast_ether_addr(addr)) {
5885 struct nlattr *types;
5887 wpa_printf(MSG_DEBUG, " broadcast key");
5889 types = nla_nest_start(msg, NL80211_ATTR_KEY_DEFAULT_TYPES);
5891 goto nla_put_failure;
5892 NLA_PUT_FLAG(msg, NL80211_KEY_DEFAULT_TYPE_MULTICAST);
5893 nla_nest_end(msg, types);
5895 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, key_idx);
5896 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifindex);
5898 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
5899 if ((ret == -ENOENT || ret == -ENOLINK) && alg == WPA_ALG_NONE)
5902 wpa_printf(MSG_DEBUG, "nl80211: set_key failed; err=%d %s)",
5903 ret, strerror(-ret));
5906 * If we failed or don't need to set the default TX key (below),
5909 if (ret || !set_tx || alg == WPA_ALG_NONE || tdls)
5911 if (is_ap_interface(drv->nlmode) && addr &&
5912 !is_broadcast_ether_addr(addr))
5915 msg = nlmsg_alloc();
5919 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_KEY);
5920 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, key_idx);
5921 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifindex);
5922 if (alg == WPA_ALG_IGTK)
5923 NLA_PUT_FLAG(msg, NL80211_ATTR_KEY_DEFAULT_MGMT);
5925 NLA_PUT_FLAG(msg, NL80211_ATTR_KEY_DEFAULT);
5926 if (addr && is_broadcast_ether_addr(addr)) {
5927 struct nlattr *types;
5929 types = nla_nest_start(msg, NL80211_ATTR_KEY_DEFAULT_TYPES);
5931 goto nla_put_failure;
5932 NLA_PUT_FLAG(msg, NL80211_KEY_DEFAULT_TYPE_MULTICAST);
5933 nla_nest_end(msg, types);
5935 struct nlattr *types;
5937 types = nla_nest_start(msg, NL80211_ATTR_KEY_DEFAULT_TYPES);
5939 goto nla_put_failure;
5940 NLA_PUT_FLAG(msg, NL80211_KEY_DEFAULT_TYPE_UNICAST);
5941 nla_nest_end(msg, types);
5944 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
5948 wpa_printf(MSG_DEBUG, "nl80211: set_key default failed; "
5949 "err=%d %s)", ret, strerror(-ret));
5958 static int nl_add_key(struct nl_msg *msg, enum wpa_alg alg,
5959 int key_idx, int defkey,
5960 const u8 *seq, size_t seq_len,
5961 const u8 *key, size_t key_len)
5963 struct nlattr *key_attr = nla_nest_start(msg, NL80211_ATTR_KEY);
5967 if (defkey && alg == WPA_ALG_IGTK)
5968 NLA_PUT_FLAG(msg, NL80211_KEY_DEFAULT_MGMT);
5970 NLA_PUT_FLAG(msg, NL80211_KEY_DEFAULT);
5972 NLA_PUT_U8(msg, NL80211_KEY_IDX, key_idx);
5974 NLA_PUT_U32(msg, NL80211_KEY_CIPHER,
5975 wpa_alg_to_cipher_suite(alg, key_len));
5978 NLA_PUT(msg, NL80211_KEY_SEQ, seq_len, seq);
5980 NLA_PUT(msg, NL80211_KEY_DATA, key_len, key);
5982 nla_nest_end(msg, key_attr);
5990 static int nl80211_set_conn_keys(struct wpa_driver_associate_params *params,
5994 struct nlattr *nl_keys, *nl_key;
5996 for (i = 0; i < 4; i++) {
5997 if (!params->wep_key[i])
6002 if (params->wps == WPS_MODE_PRIVACY)
6004 if (params->pairwise_suite &&
6005 params->pairwise_suite != WPA_CIPHER_NONE)
6011 NLA_PUT_FLAG(msg, NL80211_ATTR_PRIVACY);
6013 nl_keys = nla_nest_start(msg, NL80211_ATTR_KEYS);
6015 goto nla_put_failure;
6017 for (i = 0; i < 4; i++) {
6018 if (!params->wep_key[i])
6021 nl_key = nla_nest_start(msg, i);
6023 goto nla_put_failure;
6025 NLA_PUT(msg, NL80211_KEY_DATA, params->wep_key_len[i],
6026 params->wep_key[i]);
6027 if (params->wep_key_len[i] == 5)
6028 NLA_PUT_U32(msg, NL80211_KEY_CIPHER,
6029 WLAN_CIPHER_SUITE_WEP40);
6031 NLA_PUT_U32(msg, NL80211_KEY_CIPHER,
6032 WLAN_CIPHER_SUITE_WEP104);
6034 NLA_PUT_U8(msg, NL80211_KEY_IDX, i);
6036 if (i == params->wep_tx_keyidx)
6037 NLA_PUT_FLAG(msg, NL80211_KEY_DEFAULT);
6039 nla_nest_end(msg, nl_key);
6041 nla_nest_end(msg, nl_keys);
6050 static int wpa_driver_nl80211_mlme(struct wpa_driver_nl80211_data *drv,
6051 const u8 *addr, int cmd, u16 reason_code,
6052 int local_state_change)
6057 msg = nlmsg_alloc();
6061 nl80211_cmd(drv, msg, 0, cmd);
6063 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
6064 NLA_PUT_U16(msg, NL80211_ATTR_REASON_CODE, reason_code);
6066 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
6067 if (local_state_change)
6068 NLA_PUT_FLAG(msg, NL80211_ATTR_LOCAL_STATE_CHANGE);
6070 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
6073 wpa_dbg(drv->ctx, MSG_DEBUG,
6074 "nl80211: MLME command failed: reason=%u ret=%d (%s)",
6075 reason_code, ret, strerror(-ret));
6076 goto nla_put_failure;
6086 static int wpa_driver_nl80211_disconnect(struct wpa_driver_nl80211_data *drv,
6091 wpa_printf(MSG_DEBUG, "%s(reason_code=%d)", __func__, reason_code);
6092 nl80211_mark_disconnected(drv);
6093 /* Disconnect command doesn't need BSSID - it uses cached value */
6094 ret = wpa_driver_nl80211_mlme(drv, NULL, NL80211_CMD_DISCONNECT,
6097 * For locally generated disconnect, supplicant already generates a
6098 * DEAUTH event, so ignore the event from NL80211.
6100 drv->ignore_next_local_disconnect = ret == 0;
6106 static int wpa_driver_nl80211_deauthenticate(struct i802_bss *bss,
6107 const u8 *addr, int reason_code)
6109 struct wpa_driver_nl80211_data *drv = bss->drv;
6112 if (drv->nlmode == NL80211_IFTYPE_ADHOC) {
6113 nl80211_mark_disconnected(drv);
6114 return nl80211_leave_ibss(drv);
6116 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME))
6117 return wpa_driver_nl80211_disconnect(drv, reason_code);
6118 wpa_printf(MSG_DEBUG, "%s(addr=" MACSTR " reason_code=%d)",
6119 __func__, MAC2STR(addr), reason_code);
6120 nl80211_mark_disconnected(drv);
6121 ret = wpa_driver_nl80211_mlme(drv, addr, NL80211_CMD_DEAUTHENTICATE,
6124 * For locally generated deauthenticate, supplicant already generates a
6125 * DEAUTH event, so ignore the event from NL80211.
6127 drv->ignore_next_local_deauth = ret == 0;
6132 static void nl80211_copy_auth_params(struct wpa_driver_nl80211_data *drv,
6133 struct wpa_driver_auth_params *params)
6137 drv->auth_freq = params->freq;
6138 drv->auth_alg = params->auth_alg;
6139 drv->auth_wep_tx_keyidx = params->wep_tx_keyidx;
6140 drv->auth_local_state_change = params->local_state_change;
6141 drv->auth_p2p = params->p2p;
6144 os_memcpy(drv->auth_bssid_, params->bssid, ETH_ALEN);
6146 os_memset(drv->auth_bssid_, 0, ETH_ALEN);
6149 os_memcpy(drv->auth_ssid, params->ssid, params->ssid_len);
6150 drv->auth_ssid_len = params->ssid_len;
6152 drv->auth_ssid_len = 0;
6155 os_free(drv->auth_ie);
6156 drv->auth_ie = NULL;
6157 drv->auth_ie_len = 0;
6159 drv->auth_ie = os_malloc(params->ie_len);
6161 os_memcpy(drv->auth_ie, params->ie, params->ie_len);
6162 drv->auth_ie_len = params->ie_len;
6166 for (i = 0; i < 4; i++) {
6167 if (params->wep_key[i] && params->wep_key_len[i] &&
6168 params->wep_key_len[i] <= 16) {
6169 os_memcpy(drv->auth_wep_key[i], params->wep_key[i],
6170 params->wep_key_len[i]);
6171 drv->auth_wep_key_len[i] = params->wep_key_len[i];
6173 drv->auth_wep_key_len[i] = 0;
6178 static int wpa_driver_nl80211_authenticate(
6179 struct i802_bss *bss, struct wpa_driver_auth_params *params)
6181 struct wpa_driver_nl80211_data *drv = bss->drv;
6184 enum nl80211_auth_type type;
6185 enum nl80211_iftype nlmode;
6189 is_retry = drv->retry_auth;
6190 drv->retry_auth = 0;
6191 drv->ignore_deauth_event = 0;
6193 nl80211_mark_disconnected(drv);
6194 os_memset(drv->auth_bssid, 0, ETH_ALEN);
6196 os_memcpy(drv->auth_attempt_bssid, params->bssid, ETH_ALEN);
6198 os_memset(drv->auth_attempt_bssid, 0, ETH_ALEN);
6199 /* FIX: IBSS mode */
6200 nlmode = params->p2p ?
6201 NL80211_IFTYPE_P2P_CLIENT : NL80211_IFTYPE_STATION;
6202 if (drv->nlmode != nlmode &&
6203 wpa_driver_nl80211_set_mode(bss, nlmode) < 0)
6207 msg = nlmsg_alloc();
6211 wpa_printf(MSG_DEBUG, "nl80211: Authenticate (ifindex=%d)",
6214 nl80211_cmd(drv, msg, 0, NL80211_CMD_AUTHENTICATE);
6216 for (i = 0; i < 4; i++) {
6217 if (!params->wep_key[i])
6219 wpa_driver_nl80211_set_key(bss->ifname, bss, WPA_ALG_WEP,
6221 i == params->wep_tx_keyidx, NULL, 0,
6223 params->wep_key_len[i]);
6224 if (params->wep_tx_keyidx != i)
6226 if (nl_add_key(msg, WPA_ALG_WEP, i, 1, NULL, 0,
6227 params->wep_key[i], params->wep_key_len[i])) {
6233 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
6234 if (params->bssid) {
6235 wpa_printf(MSG_DEBUG, " * bssid=" MACSTR,
6236 MAC2STR(params->bssid));
6237 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid);
6240 wpa_printf(MSG_DEBUG, " * freq=%d", params->freq);
6241 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, params->freq);
6244 wpa_hexdump_ascii(MSG_DEBUG, " * SSID",
6245 params->ssid, params->ssid_len);
6246 NLA_PUT(msg, NL80211_ATTR_SSID, params->ssid_len,
6249 wpa_hexdump(MSG_DEBUG, " * IEs", params->ie, params->ie_len);
6251 NLA_PUT(msg, NL80211_ATTR_IE, params->ie_len, params->ie);
6252 if (params->sae_data) {
6253 wpa_hexdump(MSG_DEBUG, " * SAE data", params->sae_data,
6254 params->sae_data_len);
6255 NLA_PUT(msg, NL80211_ATTR_SAE_DATA, params->sae_data_len,
6258 if (params->auth_alg & WPA_AUTH_ALG_OPEN)
6259 type = NL80211_AUTHTYPE_OPEN_SYSTEM;
6260 else if (params->auth_alg & WPA_AUTH_ALG_SHARED)
6261 type = NL80211_AUTHTYPE_SHARED_KEY;
6262 else if (params->auth_alg & WPA_AUTH_ALG_LEAP)
6263 type = NL80211_AUTHTYPE_NETWORK_EAP;
6264 else if (params->auth_alg & WPA_AUTH_ALG_FT)
6265 type = NL80211_AUTHTYPE_FT;
6266 else if (params->auth_alg & WPA_AUTH_ALG_SAE)
6267 type = NL80211_AUTHTYPE_SAE;
6269 goto nla_put_failure;
6270 wpa_printf(MSG_DEBUG, " * Auth Type %d", type);
6271 NLA_PUT_U32(msg, NL80211_ATTR_AUTH_TYPE, type);
6272 if (params->local_state_change) {
6273 wpa_printf(MSG_DEBUG, " * Local state change only");
6274 NLA_PUT_FLAG(msg, NL80211_ATTR_LOCAL_STATE_CHANGE);
6277 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
6280 wpa_dbg(drv->ctx, MSG_DEBUG,
6281 "nl80211: MLME command failed (auth): ret=%d (%s)",
6282 ret, strerror(-ret));
6284 if (ret == -EALREADY && count == 1 && params->bssid &&
6285 !params->local_state_change) {
6287 * mac80211 does not currently accept new
6288 * authentication if we are already authenticated. As a
6289 * workaround, force deauthentication and try again.
6291 wpa_printf(MSG_DEBUG, "nl80211: Retry authentication "
6292 "after forced deauthentication");
6293 drv->ignore_deauth_event = 1;
6294 wpa_driver_nl80211_deauthenticate(
6296 WLAN_REASON_PREV_AUTH_NOT_VALID);
6301 if (ret == -ENOENT && params->freq && !is_retry) {
6303 * cfg80211 has likely expired the BSS entry even
6304 * though it was previously available in our internal
6305 * BSS table. To recover quickly, start a single
6306 * channel scan on the specified channel.
6308 struct wpa_driver_scan_params scan;
6311 os_memset(&scan, 0, sizeof(scan));
6314 scan.ssids[0].ssid = params->ssid;
6315 scan.ssids[0].ssid_len = params->ssid_len;
6317 freqs[0] = params->freq;
6320 wpa_printf(MSG_DEBUG, "nl80211: Trigger single "
6321 "channel scan to refresh cfg80211 BSS "
6323 ret = wpa_driver_nl80211_scan(bss, &scan);
6325 nl80211_copy_auth_params(drv, params);
6326 drv->scan_for_auth = 1;
6328 } else if (is_retry) {
6330 * Need to indicate this with an event since the return
6331 * value from the retry is not delivered to core code.
6333 union wpa_event_data event;
6334 wpa_printf(MSG_DEBUG, "nl80211: Authentication retry "
6336 os_memset(&event, 0, sizeof(event));
6337 os_memcpy(event.timeout_event.addr, drv->auth_bssid_,
6339 wpa_supplicant_event(drv->ctx, EVENT_AUTH_TIMED_OUT,
6343 goto nla_put_failure;
6346 wpa_printf(MSG_DEBUG, "nl80211: Authentication request send "
6355 static int wpa_driver_nl80211_authenticate_retry(
6356 struct wpa_driver_nl80211_data *drv)
6358 struct wpa_driver_auth_params params;
6359 struct i802_bss *bss = drv->first_bss;
6362 wpa_printf(MSG_DEBUG, "nl80211: Try to authenticate again");
6364 os_memset(¶ms, 0, sizeof(params));
6365 params.freq = drv->auth_freq;
6366 params.auth_alg = drv->auth_alg;
6367 params.wep_tx_keyidx = drv->auth_wep_tx_keyidx;
6368 params.local_state_change = drv->auth_local_state_change;
6369 params.p2p = drv->auth_p2p;
6371 if (!is_zero_ether_addr(drv->auth_bssid_))
6372 params.bssid = drv->auth_bssid_;
6374 if (drv->auth_ssid_len) {
6375 params.ssid = drv->auth_ssid;
6376 params.ssid_len = drv->auth_ssid_len;
6379 params.ie = drv->auth_ie;
6380 params.ie_len = drv->auth_ie_len;
6382 for (i = 0; i < 4; i++) {
6383 if (drv->auth_wep_key_len[i]) {
6384 params.wep_key[i] = drv->auth_wep_key[i];
6385 params.wep_key_len[i] = drv->auth_wep_key_len[i];
6389 drv->retry_auth = 1;
6390 return wpa_driver_nl80211_authenticate(bss, ¶ms);
6394 struct phy_info_arg {
6396 struct hostapd_hw_modes *modes;
6397 int last_mode, last_chan_idx;
6400 static void phy_info_ht_capa(struct hostapd_hw_modes *mode, struct nlattr *capa,
6401 struct nlattr *ampdu_factor,
6402 struct nlattr *ampdu_density,
6403 struct nlattr *mcs_set)
6406 mode->ht_capab = nla_get_u16(capa);
6409 mode->a_mpdu_params |= nla_get_u8(ampdu_factor) & 0x03;
6412 mode->a_mpdu_params |= nla_get_u8(ampdu_density) << 2;
6414 if (mcs_set && nla_len(mcs_set) >= 16) {
6416 mcs = nla_data(mcs_set);
6417 os_memcpy(mode->mcs_set, mcs, 16);
6422 static void phy_info_vht_capa(struct hostapd_hw_modes *mode,
6423 struct nlattr *capa,
6424 struct nlattr *mcs_set)
6427 mode->vht_capab = nla_get_u32(capa);
6429 if (mcs_set && nla_len(mcs_set) >= 8) {
6431 mcs = nla_data(mcs_set);
6432 os_memcpy(mode->vht_mcs_set, mcs, 8);
6437 static void phy_info_freq(struct hostapd_hw_modes *mode,
6438 struct hostapd_channel_data *chan,
6439 struct nlattr *tb_freq[])
6442 chan->freq = nla_get_u32(tb_freq[NL80211_FREQUENCY_ATTR_FREQ]);
6444 chan->dfs_cac_ms = 0;
6445 if (ieee80211_freq_to_chan(chan->freq, &channel) != NUM_HOSTAPD_MODES)
6446 chan->chan = channel;
6448 if (tb_freq[NL80211_FREQUENCY_ATTR_DISABLED])
6449 chan->flag |= HOSTAPD_CHAN_DISABLED;
6450 if (tb_freq[NL80211_FREQUENCY_ATTR_NO_IR])
6451 chan->flag |= HOSTAPD_CHAN_PASSIVE_SCAN | HOSTAPD_CHAN_NO_IBSS;
6452 if (tb_freq[NL80211_FREQUENCY_ATTR_RADAR])
6453 chan->flag |= HOSTAPD_CHAN_RADAR;
6455 if (tb_freq[NL80211_FREQUENCY_ATTR_DFS_STATE]) {
6456 enum nl80211_dfs_state state =
6457 nla_get_u32(tb_freq[NL80211_FREQUENCY_ATTR_DFS_STATE]);
6460 case NL80211_DFS_USABLE:
6461 chan->flag |= HOSTAPD_CHAN_DFS_USABLE;
6463 case NL80211_DFS_AVAILABLE:
6464 chan->flag |= HOSTAPD_CHAN_DFS_AVAILABLE;
6466 case NL80211_DFS_UNAVAILABLE:
6467 chan->flag |= HOSTAPD_CHAN_DFS_UNAVAILABLE;
6472 if (tb_freq[NL80211_FREQUENCY_ATTR_DFS_CAC_TIME]) {
6473 chan->dfs_cac_ms = nla_get_u32(
6474 tb_freq[NL80211_FREQUENCY_ATTR_DFS_CAC_TIME]);
6479 static int phy_info_freqs(struct phy_info_arg *phy_info,
6480 struct hostapd_hw_modes *mode, struct nlattr *tb)
6482 static struct nla_policy freq_policy[NL80211_FREQUENCY_ATTR_MAX + 1] = {
6483 [NL80211_FREQUENCY_ATTR_FREQ] = { .type = NLA_U32 },
6484 [NL80211_FREQUENCY_ATTR_DISABLED] = { .type = NLA_FLAG },
6485 [NL80211_FREQUENCY_ATTR_NO_IR] = { .type = NLA_FLAG },
6486 [NL80211_FREQUENCY_ATTR_RADAR] = { .type = NLA_FLAG },
6487 [NL80211_FREQUENCY_ATTR_MAX_TX_POWER] = { .type = NLA_U32 },
6488 [NL80211_FREQUENCY_ATTR_DFS_STATE] = { .type = NLA_U32 },
6490 int new_channels = 0;
6491 struct hostapd_channel_data *channel;
6492 struct nlattr *tb_freq[NL80211_FREQUENCY_ATTR_MAX + 1];
6493 struct nlattr *nl_freq;
6499 nla_for_each_nested(nl_freq, tb, rem_freq) {
6500 nla_parse(tb_freq, NL80211_FREQUENCY_ATTR_MAX,
6501 nla_data(nl_freq), nla_len(nl_freq), freq_policy);
6502 if (!tb_freq[NL80211_FREQUENCY_ATTR_FREQ])
6507 channel = os_realloc_array(mode->channels,
6508 mode->num_channels + new_channels,
6509 sizeof(struct hostapd_channel_data));
6513 mode->channels = channel;
6514 mode->num_channels += new_channels;
6516 idx = phy_info->last_chan_idx;
6518 nla_for_each_nested(nl_freq, tb, rem_freq) {
6519 nla_parse(tb_freq, NL80211_FREQUENCY_ATTR_MAX,
6520 nla_data(nl_freq), nla_len(nl_freq), freq_policy);
6521 if (!tb_freq[NL80211_FREQUENCY_ATTR_FREQ])
6523 phy_info_freq(mode, &mode->channels[idx], tb_freq);
6526 phy_info->last_chan_idx = idx;
6532 static int phy_info_rates(struct hostapd_hw_modes *mode, struct nlattr *tb)
6534 static struct nla_policy rate_policy[NL80211_BITRATE_ATTR_MAX + 1] = {
6535 [NL80211_BITRATE_ATTR_RATE] = { .type = NLA_U32 },
6536 [NL80211_BITRATE_ATTR_2GHZ_SHORTPREAMBLE] =
6537 { .type = NLA_FLAG },
6539 struct nlattr *tb_rate[NL80211_BITRATE_ATTR_MAX + 1];
6540 struct nlattr *nl_rate;
6546 nla_for_each_nested(nl_rate, tb, rem_rate) {
6547 nla_parse(tb_rate, NL80211_BITRATE_ATTR_MAX,
6548 nla_data(nl_rate), nla_len(nl_rate),
6550 if (!tb_rate[NL80211_BITRATE_ATTR_RATE])
6555 mode->rates = os_calloc(mode->num_rates, sizeof(int));
6561 nla_for_each_nested(nl_rate, tb, rem_rate) {
6562 nla_parse(tb_rate, NL80211_BITRATE_ATTR_MAX,
6563 nla_data(nl_rate), nla_len(nl_rate),
6565 if (!tb_rate[NL80211_BITRATE_ATTR_RATE])
6567 mode->rates[idx] = nla_get_u32(
6568 tb_rate[NL80211_BITRATE_ATTR_RATE]);
6576 static int phy_info_band(struct phy_info_arg *phy_info, struct nlattr *nl_band)
6578 struct nlattr *tb_band[NL80211_BAND_ATTR_MAX + 1];
6579 struct hostapd_hw_modes *mode;
6582 if (phy_info->last_mode != nl_band->nla_type) {
6583 mode = os_realloc_array(phy_info->modes,
6584 *phy_info->num_modes + 1,
6588 phy_info->modes = mode;
6590 mode = &phy_info->modes[*(phy_info->num_modes)];
6591 os_memset(mode, 0, sizeof(*mode));
6592 mode->mode = NUM_HOSTAPD_MODES;
6593 mode->flags = HOSTAPD_MODE_FLAG_HT_INFO_KNOWN |
6594 HOSTAPD_MODE_FLAG_VHT_INFO_KNOWN;
6597 * Unsupported VHT MCS stream is defined as value 3, so the VHT
6598 * MCS RX/TX map must be initialized with 0xffff to mark all 8
6599 * possible streams as unsupported. This will be overridden if
6600 * driver advertises VHT support.
6602 mode->vht_mcs_set[0] = 0xff;
6603 mode->vht_mcs_set[1] = 0xff;
6604 mode->vht_mcs_set[4] = 0xff;
6605 mode->vht_mcs_set[5] = 0xff;
6607 *(phy_info->num_modes) += 1;
6608 phy_info->last_mode = nl_band->nla_type;
6609 phy_info->last_chan_idx = 0;
6611 mode = &phy_info->modes[*(phy_info->num_modes) - 1];
6613 nla_parse(tb_band, NL80211_BAND_ATTR_MAX, nla_data(nl_band),
6614 nla_len(nl_band), NULL);
6616 phy_info_ht_capa(mode, tb_band[NL80211_BAND_ATTR_HT_CAPA],
6617 tb_band[NL80211_BAND_ATTR_HT_AMPDU_FACTOR],
6618 tb_band[NL80211_BAND_ATTR_HT_AMPDU_DENSITY],
6619 tb_band[NL80211_BAND_ATTR_HT_MCS_SET]);
6620 phy_info_vht_capa(mode, tb_band[NL80211_BAND_ATTR_VHT_CAPA],
6621 tb_band[NL80211_BAND_ATTR_VHT_MCS_SET]);
6622 ret = phy_info_freqs(phy_info, mode, tb_band[NL80211_BAND_ATTR_FREQS]);
6625 ret = phy_info_rates(mode, tb_band[NL80211_BAND_ATTR_RATES]);
6633 static int phy_info_handler(struct nl_msg *msg, void *arg)
6635 struct nlattr *tb_msg[NL80211_ATTR_MAX + 1];
6636 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
6637 struct phy_info_arg *phy_info = arg;
6638 struct nlattr *nl_band;
6641 nla_parse(tb_msg, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
6642 genlmsg_attrlen(gnlh, 0), NULL);
6644 if (!tb_msg[NL80211_ATTR_WIPHY_BANDS])
6647 nla_for_each_nested(nl_band, tb_msg[NL80211_ATTR_WIPHY_BANDS], rem_band)
6649 int res = phy_info_band(phy_info, nl_band);
6658 static struct hostapd_hw_modes *
6659 wpa_driver_nl80211_postprocess_modes(struct hostapd_hw_modes *modes,
6663 struct hostapd_hw_modes *mode11g = NULL, *nmodes, *mode;
6664 int i, mode11g_idx = -1;
6666 /* heuristic to set up modes */
6667 for (m = 0; m < *num_modes; m++) {
6668 if (!modes[m].num_channels)
6670 if (modes[m].channels[0].freq < 4000) {
6671 modes[m].mode = HOSTAPD_MODE_IEEE80211B;
6672 for (i = 0; i < modes[m].num_rates; i++) {
6673 if (modes[m].rates[i] > 200) {
6674 modes[m].mode = HOSTAPD_MODE_IEEE80211G;
6678 } else if (modes[m].channels[0].freq > 50000)
6679 modes[m].mode = HOSTAPD_MODE_IEEE80211AD;
6681 modes[m].mode = HOSTAPD_MODE_IEEE80211A;
6684 /* If only 802.11g mode is included, use it to construct matching
6685 * 802.11b mode data. */
6687 for (m = 0; m < *num_modes; m++) {
6688 if (modes[m].mode == HOSTAPD_MODE_IEEE80211B)
6689 return modes; /* 802.11b already included */
6690 if (modes[m].mode == HOSTAPD_MODE_IEEE80211G)
6694 if (mode11g_idx < 0)
6695 return modes; /* 2.4 GHz band not supported at all */
6697 nmodes = os_realloc_array(modes, *num_modes + 1, sizeof(*nmodes));
6699 return modes; /* Could not add 802.11b mode */
6701 mode = &nmodes[*num_modes];
6702 os_memset(mode, 0, sizeof(*mode));
6706 mode->mode = HOSTAPD_MODE_IEEE80211B;
6708 mode11g = &modes[mode11g_idx];
6709 mode->num_channels = mode11g->num_channels;
6710 mode->channels = os_malloc(mode11g->num_channels *
6711 sizeof(struct hostapd_channel_data));
6712 if (mode->channels == NULL) {
6714 return modes; /* Could not add 802.11b mode */
6716 os_memcpy(mode->channels, mode11g->channels,
6717 mode11g->num_channels * sizeof(struct hostapd_channel_data));
6719 mode->num_rates = 0;
6720 mode->rates = os_malloc(4 * sizeof(int));
6721 if (mode->rates == NULL) {
6722 os_free(mode->channels);
6724 return modes; /* Could not add 802.11b mode */
6727 for (i = 0; i < mode11g->num_rates; i++) {
6728 if (mode11g->rates[i] != 10 && mode11g->rates[i] != 20 &&
6729 mode11g->rates[i] != 55 && mode11g->rates[i] != 110)
6731 mode->rates[mode->num_rates] = mode11g->rates[i];
6733 if (mode->num_rates == 4)
6737 if (mode->num_rates == 0) {
6738 os_free(mode->channels);
6739 os_free(mode->rates);
6741 return modes; /* No 802.11b rates */
6744 wpa_printf(MSG_DEBUG, "nl80211: Added 802.11b mode based on 802.11g "
6751 static void nl80211_set_ht40_mode(struct hostapd_hw_modes *mode, int start,
6756 for (c = 0; c < mode->num_channels; c++) {
6757 struct hostapd_channel_data *chan = &mode->channels[c];
6758 if (chan->freq - 10 >= start && chan->freq + 10 <= end)
6759 chan->flag |= HOSTAPD_CHAN_HT40;
6764 static void nl80211_set_ht40_mode_sec(struct hostapd_hw_modes *mode, int start,
6769 for (c = 0; c < mode->num_channels; c++) {
6770 struct hostapd_channel_data *chan = &mode->channels[c];
6771 if (!(chan->flag & HOSTAPD_CHAN_HT40))
6773 if (chan->freq - 30 >= start && chan->freq - 10 <= end)
6774 chan->flag |= HOSTAPD_CHAN_HT40MINUS;
6775 if (chan->freq + 10 >= start && chan->freq + 30 <= end)
6776 chan->flag |= HOSTAPD_CHAN_HT40PLUS;
6781 static void nl80211_reg_rule_max_eirp(u32 start, u32 end, u32 max_eirp,
6782 struct phy_info_arg *results)
6786 for (m = 0; m < *results->num_modes; m++) {
6788 struct hostapd_hw_modes *mode = &results->modes[m];
6790 for (c = 0; c < mode->num_channels; c++) {
6791 struct hostapd_channel_data *chan = &mode->channels[c];
6792 if ((u32) chan->freq - 10 >= start &&
6793 (u32) chan->freq + 10 <= end)
6794 chan->max_tx_power = max_eirp;
6800 static void nl80211_reg_rule_ht40(u32 start, u32 end,
6801 struct phy_info_arg *results)
6805 for (m = 0; m < *results->num_modes; m++) {
6806 if (!(results->modes[m].ht_capab &
6807 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET))
6809 nl80211_set_ht40_mode(&results->modes[m], start, end);
6814 static void nl80211_reg_rule_sec(struct nlattr *tb[],
6815 struct phy_info_arg *results)
6817 u32 start, end, max_bw;
6820 if (tb[NL80211_ATTR_FREQ_RANGE_START] == NULL ||
6821 tb[NL80211_ATTR_FREQ_RANGE_END] == NULL ||
6822 tb[NL80211_ATTR_FREQ_RANGE_MAX_BW] == NULL)
6825 start = nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_START]) / 1000;
6826 end = nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_END]) / 1000;
6827 max_bw = nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_MAX_BW]) / 1000;
6832 for (m = 0; m < *results->num_modes; m++) {
6833 if (!(results->modes[m].ht_capab &
6834 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET))
6836 nl80211_set_ht40_mode_sec(&results->modes[m], start, end);
6841 static void nl80211_set_vht_mode(struct hostapd_hw_modes *mode, int start,
6846 for (c = 0; c < mode->num_channels; c++) {
6847 struct hostapd_channel_data *chan = &mode->channels[c];
6848 if (chan->freq - 10 >= start && chan->freq + 70 <= end)
6849 chan->flag |= HOSTAPD_CHAN_VHT_10_70;
6851 if (chan->freq - 30 >= start && chan->freq + 50 <= end)
6852 chan->flag |= HOSTAPD_CHAN_VHT_30_50;
6854 if (chan->freq - 50 >= start && chan->freq + 30 <= end)
6855 chan->flag |= HOSTAPD_CHAN_VHT_50_30;
6857 if (chan->freq - 70 >= start && chan->freq + 10 <= end)
6858 chan->flag |= HOSTAPD_CHAN_VHT_70_10;
6863 static void nl80211_reg_rule_vht(struct nlattr *tb[],
6864 struct phy_info_arg *results)
6866 u32 start, end, max_bw;
6869 if (tb[NL80211_ATTR_FREQ_RANGE_START] == NULL ||
6870 tb[NL80211_ATTR_FREQ_RANGE_END] == NULL ||
6871 tb[NL80211_ATTR_FREQ_RANGE_MAX_BW] == NULL)
6874 start = nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_START]) / 1000;
6875 end = nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_END]) / 1000;
6876 max_bw = nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_MAX_BW]) / 1000;
6881 for (m = 0; m < *results->num_modes; m++) {
6882 if (!(results->modes[m].ht_capab &
6883 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET))
6885 /* TODO: use a real VHT support indication */
6886 if (!results->modes[m].vht_capab)
6889 nl80211_set_vht_mode(&results->modes[m], start, end);
6894 static const char * dfs_domain_name(enum nl80211_dfs_regions region)
6897 case NL80211_DFS_UNSET:
6899 case NL80211_DFS_FCC:
6901 case NL80211_DFS_ETSI:
6903 case NL80211_DFS_JP:
6906 return "DFS-invalid";
6911 static int nl80211_get_reg(struct nl_msg *msg, void *arg)
6913 struct phy_info_arg *results = arg;
6914 struct nlattr *tb_msg[NL80211_ATTR_MAX + 1];
6915 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
6916 struct nlattr *nl_rule;
6917 struct nlattr *tb_rule[NL80211_FREQUENCY_ATTR_MAX + 1];
6919 static struct nla_policy reg_policy[NL80211_FREQUENCY_ATTR_MAX + 1] = {
6920 [NL80211_ATTR_REG_RULE_FLAGS] = { .type = NLA_U32 },
6921 [NL80211_ATTR_FREQ_RANGE_START] = { .type = NLA_U32 },
6922 [NL80211_ATTR_FREQ_RANGE_END] = { .type = NLA_U32 },
6923 [NL80211_ATTR_FREQ_RANGE_MAX_BW] = { .type = NLA_U32 },
6924 [NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN] = { .type = NLA_U32 },
6925 [NL80211_ATTR_POWER_RULE_MAX_EIRP] = { .type = NLA_U32 },
6928 nla_parse(tb_msg, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
6929 genlmsg_attrlen(gnlh, 0), NULL);
6930 if (!tb_msg[NL80211_ATTR_REG_ALPHA2] ||
6931 !tb_msg[NL80211_ATTR_REG_RULES]) {
6932 wpa_printf(MSG_DEBUG, "nl80211: No regulatory information "
6937 if (tb_msg[NL80211_ATTR_DFS_REGION]) {
6938 enum nl80211_dfs_regions dfs_domain;
6939 dfs_domain = nla_get_u8(tb_msg[NL80211_ATTR_DFS_REGION]);
6940 wpa_printf(MSG_DEBUG, "nl80211: Regulatory information - country=%s (%s)",
6941 (char *) nla_data(tb_msg[NL80211_ATTR_REG_ALPHA2]),
6942 dfs_domain_name(dfs_domain));
6944 wpa_printf(MSG_DEBUG, "nl80211: Regulatory information - country=%s",
6945 (char *) nla_data(tb_msg[NL80211_ATTR_REG_ALPHA2]));
6948 nla_for_each_nested(nl_rule, tb_msg[NL80211_ATTR_REG_RULES], rem_rule)
6950 u32 start, end, max_eirp = 0, max_bw = 0, flags = 0;
6951 nla_parse(tb_rule, NL80211_FREQUENCY_ATTR_MAX,
6952 nla_data(nl_rule), nla_len(nl_rule), reg_policy);
6953 if (tb_rule[NL80211_ATTR_FREQ_RANGE_START] == NULL ||
6954 tb_rule[NL80211_ATTR_FREQ_RANGE_END] == NULL)
6956 start = nla_get_u32(tb_rule[NL80211_ATTR_FREQ_RANGE_START]) / 1000;
6957 end = nla_get_u32(tb_rule[NL80211_ATTR_FREQ_RANGE_END]) / 1000;
6958 if (tb_rule[NL80211_ATTR_POWER_RULE_MAX_EIRP])
6959 max_eirp = nla_get_u32(tb_rule[NL80211_ATTR_POWER_RULE_MAX_EIRP]) / 100;
6960 if (tb_rule[NL80211_ATTR_FREQ_RANGE_MAX_BW])
6961 max_bw = nla_get_u32(tb_rule[NL80211_ATTR_FREQ_RANGE_MAX_BW]) / 1000;
6962 if (tb_rule[NL80211_ATTR_REG_RULE_FLAGS])
6963 flags = nla_get_u32(tb_rule[NL80211_ATTR_REG_RULE_FLAGS]);
6965 wpa_printf(MSG_DEBUG, "nl80211: %u-%u @ %u MHz %u mBm%s%s%s%s%s%s%s%s",
6966 start, end, max_bw, max_eirp,
6967 flags & NL80211_RRF_NO_OFDM ? " (no OFDM)" : "",
6968 flags & NL80211_RRF_NO_CCK ? " (no CCK)" : "",
6969 flags & NL80211_RRF_NO_INDOOR ? " (no indoor)" : "",
6970 flags & NL80211_RRF_NO_OUTDOOR ? " (no outdoor)" :
6972 flags & NL80211_RRF_DFS ? " (DFS)" : "",
6973 flags & NL80211_RRF_PTP_ONLY ? " (PTP only)" : "",
6974 flags & NL80211_RRF_PTMP_ONLY ? " (PTMP only)" : "",
6975 flags & NL80211_RRF_NO_IR ? " (no IR)" : "");
6977 nl80211_reg_rule_ht40(start, end, results);
6978 if (tb_rule[NL80211_ATTR_POWER_RULE_MAX_EIRP])
6979 nl80211_reg_rule_max_eirp(start, end, max_eirp,
6983 nla_for_each_nested(nl_rule, tb_msg[NL80211_ATTR_REG_RULES], rem_rule)
6985 nla_parse(tb_rule, NL80211_FREQUENCY_ATTR_MAX,
6986 nla_data(nl_rule), nla_len(nl_rule), reg_policy);
6987 nl80211_reg_rule_sec(tb_rule, results);
6990 nla_for_each_nested(nl_rule, tb_msg[NL80211_ATTR_REG_RULES], rem_rule)
6992 nla_parse(tb_rule, NL80211_FREQUENCY_ATTR_MAX,
6993 nla_data(nl_rule), nla_len(nl_rule), reg_policy);
6994 nl80211_reg_rule_vht(tb_rule, results);
7001 static int nl80211_set_regulatory_flags(struct wpa_driver_nl80211_data *drv,
7002 struct phy_info_arg *results)
7006 msg = nlmsg_alloc();
7010 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_REG);
7011 return send_and_recv_msgs(drv, msg, nl80211_get_reg, results);
7015 static struct hostapd_hw_modes *
7016 wpa_driver_nl80211_get_hw_feature_data(void *priv, u16 *num_modes, u16 *flags)
7019 struct i802_bss *bss = priv;
7020 struct wpa_driver_nl80211_data *drv = bss->drv;
7022 struct phy_info_arg result = {
7023 .num_modes = num_modes,
7031 msg = nlmsg_alloc();
7035 feat = get_nl80211_protocol_features(drv);
7036 if (feat & NL80211_PROTOCOL_FEATURE_SPLIT_WIPHY_DUMP)
7037 nl80211_cmd(drv, msg, NLM_F_DUMP, NL80211_CMD_GET_WIPHY);
7039 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_WIPHY);
7041 NLA_PUT_FLAG(msg, NL80211_ATTR_SPLIT_WIPHY_DUMP);
7042 if (nl80211_set_iface_id(msg, bss) < 0)
7043 goto nla_put_failure;
7045 if (send_and_recv_msgs(drv, msg, phy_info_handler, &result) == 0) {
7046 nl80211_set_regulatory_flags(drv, &result);
7047 return wpa_driver_nl80211_postprocess_modes(result.modes,
7057 static int wpa_driver_nl80211_send_mntr(struct wpa_driver_nl80211_data *drv,
7058 const void *data, size_t len,
7059 int encrypt, int noack)
7062 0x00, 0x00, /* radiotap version */
7063 0x0e, 0x00, /* radiotap length */
7064 0x02, 0xc0, 0x00, 0x00, /* bmap: flags, tx and rx flags */
7065 IEEE80211_RADIOTAP_F_FRAG, /* F_FRAG (fragment if required) */
7067 0x00, 0x00, /* RX and TX flags to indicate that */
7068 0x00, 0x00, /* this is the injected frame directly */
7070 struct iovec iov[2] = {
7072 .iov_base = &rtap_hdr,
7073 .iov_len = sizeof(rtap_hdr),
7076 .iov_base = (void *) data,
7080 struct msghdr msg = {
7085 .msg_control = NULL,
7086 .msg_controllen = 0,
7093 rtap_hdr[8] |= IEEE80211_RADIOTAP_F_WEP;
7095 if (drv->monitor_sock < 0) {
7096 wpa_printf(MSG_DEBUG, "nl80211: No monitor socket available "
7097 "for %s", __func__);
7102 txflags |= IEEE80211_RADIOTAP_F_TX_NOACK;
7103 WPA_PUT_LE16(&rtap_hdr[12], txflags);
7105 res = sendmsg(drv->monitor_sock, &msg, 0);
7107 wpa_printf(MSG_INFO, "nl80211: sendmsg: %s", strerror(errno));
7114 static int wpa_driver_nl80211_send_frame(struct i802_bss *bss,
7115 const void *data, size_t len,
7116 int encrypt, int noack,
7117 unsigned int freq, int no_cck,
7118 int offchanok, unsigned int wait_time)
7120 struct wpa_driver_nl80211_data *drv = bss->drv;
7124 if (freq == 0 && drv->nlmode == NL80211_IFTYPE_ADHOC) {
7125 freq = nl80211_get_assoc_freq(drv);
7126 wpa_printf(MSG_DEBUG,
7127 "nl80211: send_frame - Use assoc_freq=%u for IBSS",
7131 wpa_printf(MSG_DEBUG, "nl80211: send_frame - Use bss->freq=%u",
7136 if (drv->use_monitor) {
7137 wpa_printf(MSG_DEBUG, "nl80211: send_frame(freq=%u bss->freq=%u) -> send_mntr",
7139 return wpa_driver_nl80211_send_mntr(drv, data, len,
7143 wpa_printf(MSG_DEBUG, "nl80211: send_frame -> send_frame_cmd");
7144 res = nl80211_send_frame_cmd(bss, freq, wait_time, data, len,
7145 &cookie, no_cck, noack, offchanok);
7146 if (res == 0 && !noack) {
7147 const struct ieee80211_mgmt *mgmt;
7150 mgmt = (const struct ieee80211_mgmt *) data;
7151 fc = le_to_host16(mgmt->frame_control);
7152 if (WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT &&
7153 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_ACTION) {
7154 wpa_printf(MSG_MSGDUMP,
7155 "nl80211: Update send_action_cookie from 0x%llx to 0x%llx",
7156 (long long unsigned int)
7157 drv->send_action_cookie,
7158 (long long unsigned int) cookie);
7159 drv->send_action_cookie = cookie;
7167 static int wpa_driver_nl80211_send_mlme(struct i802_bss *bss, const u8 *data,
7168 size_t data_len, int noack,
7169 unsigned int freq, int no_cck,
7171 unsigned int wait_time)
7173 struct wpa_driver_nl80211_data *drv = bss->drv;
7174 struct ieee80211_mgmt *mgmt;
7178 mgmt = (struct ieee80211_mgmt *) data;
7179 fc = le_to_host16(mgmt->frame_control);
7180 wpa_printf(MSG_DEBUG, "nl80211: send_mlme - da= " MACSTR
7181 " noack=%d freq=%u no_cck=%d offchanok=%d wait_time=%u fc=0x%x (%s) nlmode=%d",
7182 MAC2STR(mgmt->da), noack, freq, no_cck, offchanok, wait_time,
7183 fc, fc2str(fc), drv->nlmode);
7185 if ((is_sta_interface(drv->nlmode) ||
7186 drv->nlmode == NL80211_IFTYPE_P2P_DEVICE) &&
7187 WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT &&
7188 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_PROBE_RESP) {
7190 * The use of last_mgmt_freq is a bit of a hack,
7191 * but it works due to the single-threaded nature
7192 * of wpa_supplicant.
7195 wpa_printf(MSG_DEBUG, "nl80211: Use last_mgmt_freq=%d",
7196 drv->last_mgmt_freq);
7197 freq = drv->last_mgmt_freq;
7199 return nl80211_send_frame_cmd(bss, freq, 0,
7200 data, data_len, NULL, 1, noack,
7204 if (drv->device_ap_sme && is_ap_interface(drv->nlmode)) {
7206 wpa_printf(MSG_DEBUG, "nl80211: Use bss->freq=%d",
7210 return nl80211_send_frame_cmd(bss, freq,
7211 (int) freq == bss->freq ? 0 :
7214 &drv->send_action_cookie,
7215 no_cck, noack, offchanok);
7218 if (WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT &&
7219 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_AUTH) {
7221 * Only one of the authentication frame types is encrypted.
7222 * In order for static WEP encryption to work properly (i.e.,
7223 * to not encrypt the frame), we need to tell mac80211 about
7224 * the frames that must not be encrypted.
7226 u16 auth_alg = le_to_host16(mgmt->u.auth.auth_alg);
7227 u16 auth_trans = le_to_host16(mgmt->u.auth.auth_transaction);
7228 if (auth_alg != WLAN_AUTH_SHARED_KEY || auth_trans != 3)
7232 wpa_printf(MSG_DEBUG, "nl80211: send_mlme -> send_frame");
7233 return wpa_driver_nl80211_send_frame(bss, data, data_len, encrypt,
7234 noack, freq, no_cck, offchanok,
7239 static int nl80211_set_bss(struct i802_bss *bss, int cts, int preamble,
7240 int slot, int ht_opmode, int ap_isolate,
7243 struct wpa_driver_nl80211_data *drv = bss->drv;
7246 msg = nlmsg_alloc();
7250 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_BSS);
7253 NLA_PUT_U8(msg, NL80211_ATTR_BSS_CTS_PROT, cts);
7255 NLA_PUT_U8(msg, NL80211_ATTR_BSS_SHORT_PREAMBLE, preamble);
7257 NLA_PUT_U8(msg, NL80211_ATTR_BSS_SHORT_SLOT_TIME, slot);
7259 NLA_PUT_U16(msg, NL80211_ATTR_BSS_HT_OPMODE, ht_opmode);
7260 if (ap_isolate >= 0)
7261 NLA_PUT_U8(msg, NL80211_ATTR_AP_ISOLATE, ap_isolate);
7264 u8 rates[NL80211_MAX_SUPP_RATES];
7268 for (i = 0; i < NL80211_MAX_SUPP_RATES && basic_rates[i] >= 0;
7270 rates[rates_len++] = basic_rates[i] / 5;
7272 NLA_PUT(msg, NL80211_ATTR_BSS_BASIC_RATES, rates_len, rates);
7275 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(bss->ifname));
7277 return send_and_recv_msgs(drv, msg, NULL, NULL);
7284 static int wpa_driver_nl80211_set_acl(void *priv,
7285 struct hostapd_acl_params *params)
7287 struct i802_bss *bss = priv;
7288 struct wpa_driver_nl80211_data *drv = bss->drv;
7294 if (!(drv->capa.max_acl_mac_addrs))
7297 if (params->num_mac_acl > drv->capa.max_acl_mac_addrs)
7300 msg = nlmsg_alloc();
7304 wpa_printf(MSG_DEBUG, "nl80211: Set %s ACL (num_mac_acl=%u)",
7305 params->acl_policy ? "Accept" : "Deny", params->num_mac_acl);
7307 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_MAC_ACL);
7309 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
7311 NLA_PUT_U32(msg, NL80211_ATTR_ACL_POLICY, params->acl_policy ?
7312 NL80211_ACL_POLICY_DENY_UNLESS_LISTED :
7313 NL80211_ACL_POLICY_ACCEPT_UNLESS_LISTED);
7315 acl = nla_nest_start(msg, NL80211_ATTR_MAC_ADDRS);
7317 goto nla_put_failure;
7319 for (i = 0; i < params->num_mac_acl; i++)
7320 NLA_PUT(msg, i + 1, ETH_ALEN, params->mac_acl[i].addr);
7322 nla_nest_end(msg, acl);
7324 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
7327 wpa_printf(MSG_DEBUG, "nl80211: Failed to set MAC ACL: %d (%s)",
7328 ret, strerror(-ret));
7338 static int wpa_driver_nl80211_set_ap(void *priv,
7339 struct wpa_driver_ap_params *params)
7341 struct i802_bss *bss = priv;
7342 struct wpa_driver_nl80211_data *drv = bss->drv;
7344 u8 cmd = NL80211_CMD_NEW_BEACON;
7347 int ifindex = if_nametoindex(bss->ifname);
7349 u32 suites[10], suite;
7352 beacon_set = bss->beacon_set;
7354 msg = nlmsg_alloc();
7358 wpa_printf(MSG_DEBUG, "nl80211: Set beacon (beacon_set=%d)",
7361 cmd = NL80211_CMD_SET_BEACON;
7363 nl80211_cmd(drv, msg, 0, cmd);
7364 wpa_hexdump(MSG_DEBUG, "nl80211: Beacon head",
7365 params->head, params->head_len);
7366 NLA_PUT(msg, NL80211_ATTR_BEACON_HEAD, params->head_len, params->head);
7367 wpa_hexdump(MSG_DEBUG, "nl80211: Beacon tail",
7368 params->tail, params->tail_len);
7369 NLA_PUT(msg, NL80211_ATTR_BEACON_TAIL, params->tail_len, params->tail);
7370 wpa_printf(MSG_DEBUG, "nl80211: ifindex=%d", ifindex);
7371 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifindex);
7372 wpa_printf(MSG_DEBUG, "nl80211: beacon_int=%d", params->beacon_int);
7373 NLA_PUT_U32(msg, NL80211_ATTR_BEACON_INTERVAL, params->beacon_int);
7374 wpa_printf(MSG_DEBUG, "nl80211: dtim_period=%d", params->dtim_period);
7375 NLA_PUT_U32(msg, NL80211_ATTR_DTIM_PERIOD, params->dtim_period);
7376 wpa_hexdump_ascii(MSG_DEBUG, "nl80211: ssid",
7377 params->ssid, params->ssid_len);
7378 NLA_PUT(msg, NL80211_ATTR_SSID, params->ssid_len,
7380 if (params->proberesp && params->proberesp_len) {
7381 wpa_hexdump(MSG_DEBUG, "nl80211: proberesp (offload)",
7382 params->proberesp, params->proberesp_len);
7383 NLA_PUT(msg, NL80211_ATTR_PROBE_RESP, params->proberesp_len,
7386 switch (params->hide_ssid) {
7387 case NO_SSID_HIDING:
7388 wpa_printf(MSG_DEBUG, "nl80211: hidden SSID not in use");
7389 NLA_PUT_U32(msg, NL80211_ATTR_HIDDEN_SSID,
7390 NL80211_HIDDEN_SSID_NOT_IN_USE);
7392 case HIDDEN_SSID_ZERO_LEN:
7393 wpa_printf(MSG_DEBUG, "nl80211: hidden SSID zero len");
7394 NLA_PUT_U32(msg, NL80211_ATTR_HIDDEN_SSID,
7395 NL80211_HIDDEN_SSID_ZERO_LEN);
7397 case HIDDEN_SSID_ZERO_CONTENTS:
7398 wpa_printf(MSG_DEBUG, "nl80211: hidden SSID zero contents");
7399 NLA_PUT_U32(msg, NL80211_ATTR_HIDDEN_SSID,
7400 NL80211_HIDDEN_SSID_ZERO_CONTENTS);
7403 wpa_printf(MSG_DEBUG, "nl80211: privacy=%d", params->privacy);
7404 if (params->privacy)
7405 NLA_PUT_FLAG(msg, NL80211_ATTR_PRIVACY);
7406 wpa_printf(MSG_DEBUG, "nl80211: auth_algs=0x%x", params->auth_algs);
7407 if ((params->auth_algs & (WPA_AUTH_ALG_OPEN | WPA_AUTH_ALG_SHARED)) ==
7408 (WPA_AUTH_ALG_OPEN | WPA_AUTH_ALG_SHARED)) {
7409 /* Leave out the attribute */
7410 } else if (params->auth_algs & WPA_AUTH_ALG_SHARED)
7411 NLA_PUT_U32(msg, NL80211_ATTR_AUTH_TYPE,
7412 NL80211_AUTHTYPE_SHARED_KEY);
7414 NLA_PUT_U32(msg, NL80211_ATTR_AUTH_TYPE,
7415 NL80211_AUTHTYPE_OPEN_SYSTEM);
7417 wpa_printf(MSG_DEBUG, "nl80211: wpa_version=0x%x", params->wpa_version);
7419 if (params->wpa_version & WPA_PROTO_WPA)
7420 ver |= NL80211_WPA_VERSION_1;
7421 if (params->wpa_version & WPA_PROTO_RSN)
7422 ver |= NL80211_WPA_VERSION_2;
7424 NLA_PUT_U32(msg, NL80211_ATTR_WPA_VERSIONS, ver);
7426 wpa_printf(MSG_DEBUG, "nl80211: key_mgmt_suites=0x%x",
7427 params->key_mgmt_suites);
7429 if (params->key_mgmt_suites & WPA_KEY_MGMT_IEEE8021X)
7430 suites[num_suites++] = WLAN_AKM_SUITE_8021X;
7431 if (params->key_mgmt_suites & WPA_KEY_MGMT_PSK)
7432 suites[num_suites++] = WLAN_AKM_SUITE_PSK;
7434 NLA_PUT(msg, NL80211_ATTR_AKM_SUITES,
7435 num_suites * sizeof(u32), suites);
7438 if (params->key_mgmt_suites & WPA_KEY_MGMT_IEEE8021X &&
7439 params->pairwise_ciphers & (WPA_CIPHER_WEP104 | WPA_CIPHER_WEP40))
7440 NLA_PUT_FLAG(msg, NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT);
7442 wpa_printf(MSG_DEBUG, "nl80211: pairwise_ciphers=0x%x",
7443 params->pairwise_ciphers);
7444 num_suites = wpa_cipher_to_cipher_suites(params->pairwise_ciphers,
7445 suites, ARRAY_SIZE(suites));
7447 NLA_PUT(msg, NL80211_ATTR_CIPHER_SUITES_PAIRWISE,
7448 num_suites * sizeof(u32), suites);
7451 wpa_printf(MSG_DEBUG, "nl80211: group_cipher=0x%x",
7452 params->group_cipher);
7453 suite = wpa_cipher_to_cipher_suite(params->group_cipher);
7455 NLA_PUT_U32(msg, NL80211_ATTR_CIPHER_SUITE_GROUP, suite);
7457 if (params->beacon_ies) {
7458 wpa_hexdump_buf(MSG_DEBUG, "nl80211: beacon_ies",
7459 params->beacon_ies);
7460 NLA_PUT(msg, NL80211_ATTR_IE, wpabuf_len(params->beacon_ies),
7461 wpabuf_head(params->beacon_ies));
7463 if (params->proberesp_ies) {
7464 wpa_hexdump_buf(MSG_DEBUG, "nl80211: proberesp_ies",
7465 params->proberesp_ies);
7466 NLA_PUT(msg, NL80211_ATTR_IE_PROBE_RESP,
7467 wpabuf_len(params->proberesp_ies),
7468 wpabuf_head(params->proberesp_ies));
7470 if (params->assocresp_ies) {
7471 wpa_hexdump_buf(MSG_DEBUG, "nl80211: assocresp_ies",
7472 params->assocresp_ies);
7473 NLA_PUT(msg, NL80211_ATTR_IE_ASSOC_RESP,
7474 wpabuf_len(params->assocresp_ies),
7475 wpabuf_head(params->assocresp_ies));
7478 if (drv->capa.flags & WPA_DRIVER_FLAGS_INACTIVITY_TIMER) {
7479 wpa_printf(MSG_DEBUG, "nl80211: ap_max_inactivity=%d",
7480 params->ap_max_inactivity);
7481 NLA_PUT_U16(msg, NL80211_ATTR_INACTIVITY_TIMEOUT,
7482 params->ap_max_inactivity);
7485 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
7487 wpa_printf(MSG_DEBUG, "nl80211: Beacon set failed: %d (%s)",
7488 ret, strerror(-ret));
7490 bss->beacon_set = 1;
7491 nl80211_set_bss(bss, params->cts_protect, params->preamble,
7492 params->short_slot_time, params->ht_opmode,
7493 params->isolate, params->basic_rates);
7494 if (beacon_set && params->freq &&
7495 params->freq->bandwidth != bss->bandwidth) {
7496 wpa_printf(MSG_DEBUG,
7497 "nl80211: Update BSS %s bandwidth: %d -> %d",
7498 bss->ifname, bss->bandwidth,
7499 params->freq->bandwidth);
7500 ret = nl80211_set_channel(bss, params->freq, 1);
7502 wpa_printf(MSG_DEBUG,
7503 "nl80211: Frequency set failed: %d (%s)",
7504 ret, strerror(-ret));
7506 wpa_printf(MSG_DEBUG,
7507 "nl80211: Frequency set succeeded for ht2040 coex");
7508 bss->bandwidth = params->freq->bandwidth;
7510 } else if (!beacon_set) {
7512 * cfg80211 updates the driver on frequence change in AP
7513 * mode only at the point when beaconing is started, so
7514 * set the initial value here.
7516 bss->bandwidth = params->freq->bandwidth;
7526 static int nl80211_put_freq_params(struct nl_msg *msg,
7527 struct hostapd_freq_params *freq)
7529 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, freq->freq);
7530 if (freq->vht_enabled) {
7531 switch (freq->bandwidth) {
7533 NLA_PUT_U32(msg, NL80211_ATTR_CHANNEL_WIDTH,
7534 NL80211_CHAN_WIDTH_20);
7537 NLA_PUT_U32(msg, NL80211_ATTR_CHANNEL_WIDTH,
7538 NL80211_CHAN_WIDTH_40);
7541 if (freq->center_freq2)
7542 NLA_PUT_U32(msg, NL80211_ATTR_CHANNEL_WIDTH,
7543 NL80211_CHAN_WIDTH_80P80);
7545 NLA_PUT_U32(msg, NL80211_ATTR_CHANNEL_WIDTH,
7546 NL80211_CHAN_WIDTH_80);
7549 NLA_PUT_U32(msg, NL80211_ATTR_CHANNEL_WIDTH,
7550 NL80211_CHAN_WIDTH_160);
7555 NLA_PUT_U32(msg, NL80211_ATTR_CENTER_FREQ1, freq->center_freq1);
7556 if (freq->center_freq2)
7557 NLA_PUT_U32(msg, NL80211_ATTR_CENTER_FREQ2,
7558 freq->center_freq2);
7559 } else if (freq->ht_enabled) {
7560 switch (freq->sec_channel_offset) {
7562 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE,
7563 NL80211_CHAN_HT40MINUS);
7566 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE,
7567 NL80211_CHAN_HT40PLUS);
7570 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE,
7582 static int nl80211_set_channel(struct i802_bss *bss,
7583 struct hostapd_freq_params *freq, int set_chan)
7585 struct wpa_driver_nl80211_data *drv = bss->drv;
7589 wpa_printf(MSG_DEBUG,
7590 "nl80211: Set freq %d (ht_enabled=%d, vht_enabled=%d, bandwidth=%d MHz, cf1=%d MHz, cf2=%d MHz)",
7591 freq->freq, freq->ht_enabled, freq->vht_enabled,
7592 freq->bandwidth, freq->center_freq1, freq->center_freq2);
7593 msg = nlmsg_alloc();
7597 nl80211_cmd(drv, msg, 0, set_chan ? NL80211_CMD_SET_CHANNEL :
7598 NL80211_CMD_SET_WIPHY);
7600 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
7601 if (nl80211_put_freq_params(msg, freq) < 0)
7602 goto nla_put_failure;
7604 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
7607 bss->freq = freq->freq;
7610 wpa_printf(MSG_DEBUG, "nl80211: Failed to set channel (freq=%d): "
7611 "%d (%s)", freq->freq, ret, strerror(-ret));
7618 static u32 sta_flags_nl80211(int flags)
7622 if (flags & WPA_STA_AUTHORIZED)
7623 f |= BIT(NL80211_STA_FLAG_AUTHORIZED);
7624 if (flags & WPA_STA_WMM)
7625 f |= BIT(NL80211_STA_FLAG_WME);
7626 if (flags & WPA_STA_SHORT_PREAMBLE)
7627 f |= BIT(NL80211_STA_FLAG_SHORT_PREAMBLE);
7628 if (flags & WPA_STA_MFP)
7629 f |= BIT(NL80211_STA_FLAG_MFP);
7630 if (flags & WPA_STA_TDLS_PEER)
7631 f |= BIT(NL80211_STA_FLAG_TDLS_PEER);
7637 static int wpa_driver_nl80211_sta_add(void *priv,
7638 struct hostapd_sta_add_params *params)
7640 struct i802_bss *bss = priv;
7641 struct wpa_driver_nl80211_data *drv = bss->drv;
7643 struct nl80211_sta_flag_update upd;
7646 if ((params->flags & WPA_STA_TDLS_PEER) &&
7647 !(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT))
7650 msg = nlmsg_alloc();
7654 wpa_printf(MSG_DEBUG, "nl80211: %s STA " MACSTR,
7655 params->set ? "Set" : "Add", MAC2STR(params->addr));
7656 nl80211_cmd(drv, msg, 0, params->set ? NL80211_CMD_SET_STATION :
7657 NL80211_CMD_NEW_STATION);
7659 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(bss->ifname));
7660 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, params->addr);
7661 NLA_PUT(msg, NL80211_ATTR_STA_SUPPORTED_RATES, params->supp_rates_len,
7662 params->supp_rates);
7663 wpa_hexdump(MSG_DEBUG, " * supported rates", params->supp_rates,
7664 params->supp_rates_len);
7667 wpa_printf(MSG_DEBUG, " * aid=%u", params->aid);
7668 NLA_PUT_U16(msg, NL80211_ATTR_STA_AID, params->aid);
7671 * cfg80211 validates that AID is non-zero, so we have
7672 * to make this a non-zero value for the TDLS case where
7673 * a dummy STA entry is used for now.
7675 wpa_printf(MSG_DEBUG, " * aid=1 (TDLS workaround)");
7676 NLA_PUT_U16(msg, NL80211_ATTR_STA_AID, 1);
7678 wpa_printf(MSG_DEBUG, " * listen_interval=%u",
7679 params->listen_interval);
7680 NLA_PUT_U16(msg, NL80211_ATTR_STA_LISTEN_INTERVAL,
7681 params->listen_interval);
7682 } else if (params->aid && (params->flags & WPA_STA_TDLS_PEER)) {
7683 wpa_printf(MSG_DEBUG, " * peer_aid=%u", params->aid);
7684 NLA_PUT_U16(msg, NL80211_ATTR_PEER_AID, params->aid);
7686 if (params->ht_capabilities) {
7687 wpa_hexdump(MSG_DEBUG, " * ht_capabilities",
7688 (u8 *) params->ht_capabilities,
7689 sizeof(*params->ht_capabilities));
7690 NLA_PUT(msg, NL80211_ATTR_HT_CAPABILITY,
7691 sizeof(*params->ht_capabilities),
7692 params->ht_capabilities);
7695 if (params->vht_capabilities) {
7696 wpa_hexdump(MSG_DEBUG, " * vht_capabilities",
7697 (u8 *) params->vht_capabilities,
7698 sizeof(*params->vht_capabilities));
7699 NLA_PUT(msg, NL80211_ATTR_VHT_CAPABILITY,
7700 sizeof(*params->vht_capabilities),
7701 params->vht_capabilities);
7704 if (params->vht_opmode_enabled) {
7705 wpa_printf(MSG_DEBUG, " * opmode=%u", params->vht_opmode);
7706 NLA_PUT_U8(msg, NL80211_ATTR_OPMODE_NOTIF,
7707 params->vht_opmode);
7710 wpa_printf(MSG_DEBUG, " * capability=0x%x", params->capability);
7711 NLA_PUT_U16(msg, NL80211_ATTR_STA_CAPABILITY, params->capability);
7713 if (params->ext_capab) {
7714 wpa_hexdump(MSG_DEBUG, " * ext_capab",
7715 params->ext_capab, params->ext_capab_len);
7716 NLA_PUT(msg, NL80211_ATTR_STA_EXT_CAPABILITY,
7717 params->ext_capab_len, params->ext_capab);
7720 if (params->supp_channels) {
7721 wpa_hexdump(MSG_DEBUG, " * supported channels",
7722 params->supp_channels, params->supp_channels_len);
7723 NLA_PUT(msg, NL80211_ATTR_STA_SUPPORTED_CHANNELS,
7724 params->supp_channels_len, params->supp_channels);
7727 if (params->supp_oper_classes) {
7728 wpa_hexdump(MSG_DEBUG, " * supported operating classes",
7729 params->supp_oper_classes,
7730 params->supp_oper_classes_len);
7731 NLA_PUT(msg, NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES,
7732 params->supp_oper_classes_len,
7733 params->supp_oper_classes);
7736 os_memset(&upd, 0, sizeof(upd));
7737 upd.mask = sta_flags_nl80211(params->flags);
7739 wpa_printf(MSG_DEBUG, " * flags set=0x%x mask=0x%x",
7741 NLA_PUT(msg, NL80211_ATTR_STA_FLAGS2, sizeof(upd), &upd);
7743 if (params->flags & WPA_STA_WMM) {
7744 struct nlattr *wme = nla_nest_start(msg, NL80211_ATTR_STA_WME);
7747 goto nla_put_failure;
7749 wpa_printf(MSG_DEBUG, " * qosinfo=0x%x", params->qosinfo);
7750 NLA_PUT_U8(msg, NL80211_STA_WME_UAPSD_QUEUES,
7751 params->qosinfo & WMM_QOSINFO_STA_AC_MASK);
7752 NLA_PUT_U8(msg, NL80211_STA_WME_MAX_SP,
7753 (params->qosinfo >> WMM_QOSINFO_STA_SP_SHIFT) &
7754 WMM_QOSINFO_STA_SP_MASK);
7755 nla_nest_end(msg, wme);
7758 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
7761 wpa_printf(MSG_DEBUG, "nl80211: NL80211_CMD_%s_STATION "
7762 "result: %d (%s)", params->set ? "SET" : "NEW", ret,
7772 static void rtnl_neigh_delete_fdb_entry(struct i802_bss *bss, const u8 *addr)
7774 #ifdef CONFIG_LIBNL3_ROUTE
7775 struct wpa_driver_nl80211_data *drv = bss->drv;
7776 struct rtnl_neigh *rn;
7777 struct nl_addr *nl_addr;
7780 rn = rtnl_neigh_alloc();
7784 rtnl_neigh_set_family(rn, AF_BRIDGE);
7785 rtnl_neigh_set_ifindex(rn, bss->ifindex);
7786 nl_addr = nl_addr_build(AF_BRIDGE, (void *) addr, ETH_ALEN);
7791 rtnl_neigh_set_lladdr(rn, nl_addr);
7793 err = rtnl_neigh_delete(drv->rtnl_sk, rn, 0);
7795 wpa_printf(MSG_DEBUG, "nl80211: bridge FDB entry delete for "
7796 MACSTR " ifindex=%d failed: %s", MAC2STR(addr),
7797 bss->ifindex, nl_geterror(err));
7799 wpa_printf(MSG_DEBUG, "nl80211: deleted bridge FDB entry for "
7800 MACSTR, MAC2STR(addr));
7803 nl_addr_put(nl_addr);
7805 #endif /* CONFIG_LIBNL3_ROUTE */
7809 static int wpa_driver_nl80211_sta_remove(struct i802_bss *bss, const u8 *addr)
7811 struct wpa_driver_nl80211_data *drv = bss->drv;
7815 msg = nlmsg_alloc();
7819 nl80211_cmd(drv, msg, 0, NL80211_CMD_DEL_STATION);
7821 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
7822 if_nametoindex(bss->ifname));
7823 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
7825 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
7826 wpa_printf(MSG_DEBUG, "nl80211: sta_remove -> DEL_STATION %s " MACSTR
7828 bss->ifname, MAC2STR(addr), ret, strerror(-ret));
7831 rtnl_neigh_delete_fdb_entry(bss, addr);
7842 static void nl80211_remove_iface(struct wpa_driver_nl80211_data *drv,
7846 struct wpa_driver_nl80211_data *drv2;
7848 wpa_printf(MSG_DEBUG, "nl80211: Remove interface ifindex=%d", ifidx);
7850 /* stop listening for EAPOL on this interface */
7851 dl_list_for_each(drv2, &drv->global->interfaces,
7852 struct wpa_driver_nl80211_data, list)
7853 del_ifidx(drv2, ifidx);
7855 msg = nlmsg_alloc();
7857 goto nla_put_failure;
7859 nl80211_cmd(drv, msg, 0, NL80211_CMD_DEL_INTERFACE);
7860 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifidx);
7862 if (send_and_recv_msgs(drv, msg, NULL, NULL) == 0)
7867 wpa_printf(MSG_ERROR, "Failed to remove interface (ifidx=%d)", ifidx);
7871 static const char * nl80211_iftype_str(enum nl80211_iftype mode)
7874 case NL80211_IFTYPE_ADHOC:
7876 case NL80211_IFTYPE_STATION:
7878 case NL80211_IFTYPE_AP:
7880 case NL80211_IFTYPE_AP_VLAN:
7882 case NL80211_IFTYPE_WDS:
7884 case NL80211_IFTYPE_MONITOR:
7886 case NL80211_IFTYPE_MESH_POINT:
7887 return "MESH_POINT";
7888 case NL80211_IFTYPE_P2P_CLIENT:
7889 return "P2P_CLIENT";
7890 case NL80211_IFTYPE_P2P_GO:
7892 case NL80211_IFTYPE_P2P_DEVICE:
7893 return "P2P_DEVICE";
7900 static int nl80211_create_iface_once(struct wpa_driver_nl80211_data *drv,
7902 enum nl80211_iftype iftype,
7903 const u8 *addr, int wds,
7904 int (*handler)(struct nl_msg *, void *),
7911 wpa_printf(MSG_DEBUG, "nl80211: Create interface iftype %d (%s)",
7912 iftype, nl80211_iftype_str(iftype));
7914 msg = nlmsg_alloc();
7918 nl80211_cmd(drv, msg, 0, NL80211_CMD_NEW_INTERFACE);
7919 if (nl80211_set_iface_id(msg, drv->first_bss) < 0)
7920 goto nla_put_failure;
7921 NLA_PUT_STRING(msg, NL80211_ATTR_IFNAME, ifname);
7922 NLA_PUT_U32(msg, NL80211_ATTR_IFTYPE, iftype);
7924 if (iftype == NL80211_IFTYPE_MONITOR) {
7925 struct nlattr *flags;
7927 flags = nla_nest_start(msg, NL80211_ATTR_MNTR_FLAGS);
7929 goto nla_put_failure;
7931 NLA_PUT_FLAG(msg, NL80211_MNTR_FLAG_COOK_FRAMES);
7933 nla_nest_end(msg, flags);
7935 NLA_PUT_U8(msg, NL80211_ATTR_4ADDR, wds);
7939 * Tell cfg80211 that the interface belongs to the socket that created
7940 * it, and the interface should be deleted when the socket is closed.
7942 NLA_PUT_FLAG(msg, NL80211_ATTR_IFACE_SOCKET_OWNER);
7944 ret = send_and_recv_msgs(drv, msg, handler, arg);
7949 wpa_printf(MSG_ERROR, "Failed to create interface %s: %d (%s)",
7950 ifname, ret, strerror(-ret));
7954 if (iftype == NL80211_IFTYPE_P2P_DEVICE)
7957 ifidx = if_nametoindex(ifname);
7958 wpa_printf(MSG_DEBUG, "nl80211: New interface %s created: ifindex=%d",
7965 * Some virtual interfaces need to process EAPOL packets and events on
7966 * the parent interface. This is used mainly with hostapd.
7969 iftype == NL80211_IFTYPE_AP_VLAN ||
7970 iftype == NL80211_IFTYPE_WDS ||
7971 iftype == NL80211_IFTYPE_MONITOR) {
7972 /* start listening for EAPOL on this interface */
7973 add_ifidx(drv, ifidx);
7976 if (addr && iftype != NL80211_IFTYPE_MONITOR &&
7977 linux_set_ifhwaddr(drv->global->ioctl_sock, ifname, addr)) {
7978 nl80211_remove_iface(drv, ifidx);
7986 static int nl80211_create_iface(struct wpa_driver_nl80211_data *drv,
7987 const char *ifname, enum nl80211_iftype iftype,
7988 const u8 *addr, int wds,
7989 int (*handler)(struct nl_msg *, void *),
7990 void *arg, int use_existing)
7994 ret = nl80211_create_iface_once(drv, ifname, iftype, addr, wds, handler,
7997 /* if error occurred and interface exists already */
7998 if (ret == -ENFILE && if_nametoindex(ifname)) {
8000 wpa_printf(MSG_DEBUG, "nl80211: Continue using existing interface %s",
8002 if (addr && iftype != NL80211_IFTYPE_MONITOR &&
8003 linux_set_ifhwaddr(drv->global->ioctl_sock, ifname,
8005 (linux_set_iface_flags(drv->global->ioctl_sock,
8007 linux_set_ifhwaddr(drv->global->ioctl_sock, ifname,
8009 linux_set_iface_flags(drv->global->ioctl_sock,
8014 wpa_printf(MSG_INFO, "Try to remove and re-create %s", ifname);
8016 /* Try to remove the interface that was already there. */
8017 nl80211_remove_iface(drv, if_nametoindex(ifname));
8019 /* Try to create the interface again */
8020 ret = nl80211_create_iface_once(drv, ifname, iftype, addr,
8024 if (ret >= 0 && is_p2p_net_interface(iftype))
8025 nl80211_disable_11b_rates(drv, ret, 1);
8031 static void handle_tx_callback(void *ctx, u8 *buf, size_t len, int ok)
8033 struct ieee80211_hdr *hdr;
8035 union wpa_event_data event;
8037 hdr = (struct ieee80211_hdr *) buf;
8038 fc = le_to_host16(hdr->frame_control);
8040 os_memset(&event, 0, sizeof(event));
8041 event.tx_status.type = WLAN_FC_GET_TYPE(fc);
8042 event.tx_status.stype = WLAN_FC_GET_STYPE(fc);
8043 event.tx_status.dst = hdr->addr1;
8044 event.tx_status.data = buf;
8045 event.tx_status.data_len = len;
8046 event.tx_status.ack = ok;
8047 wpa_supplicant_event(ctx, EVENT_TX_STATUS, &event);
8051 static void from_unknown_sta(struct wpa_driver_nl80211_data *drv,
8052 u8 *buf, size_t len)
8054 struct ieee80211_hdr *hdr = (void *)buf;
8056 union wpa_event_data event;
8058 if (len < sizeof(*hdr))
8061 fc = le_to_host16(hdr->frame_control);
8063 os_memset(&event, 0, sizeof(event));
8064 event.rx_from_unknown.bssid = get_hdr_bssid(hdr, len);
8065 event.rx_from_unknown.addr = hdr->addr2;
8066 event.rx_from_unknown.wds = (fc & (WLAN_FC_FROMDS | WLAN_FC_TODS)) ==
8067 (WLAN_FC_FROMDS | WLAN_FC_TODS);
8068 wpa_supplicant_event(drv->ctx, EVENT_RX_FROM_UNKNOWN, &event);
8072 static void handle_frame(struct wpa_driver_nl80211_data *drv,
8073 u8 *buf, size_t len, int datarate, int ssi_signal)
8075 struct ieee80211_hdr *hdr;
8077 union wpa_event_data event;
8079 hdr = (struct ieee80211_hdr *) buf;
8080 fc = le_to_host16(hdr->frame_control);
8082 switch (WLAN_FC_GET_TYPE(fc)) {
8083 case WLAN_FC_TYPE_MGMT:
8084 os_memset(&event, 0, sizeof(event));
8085 event.rx_mgmt.frame = buf;
8086 event.rx_mgmt.frame_len = len;
8087 event.rx_mgmt.datarate = datarate;
8088 event.rx_mgmt.ssi_signal = ssi_signal;
8089 wpa_supplicant_event(drv->ctx, EVENT_RX_MGMT, &event);
8091 case WLAN_FC_TYPE_CTRL:
8092 /* can only get here with PS-Poll frames */
8093 wpa_printf(MSG_DEBUG, "CTRL");
8094 from_unknown_sta(drv, buf, len);
8096 case WLAN_FC_TYPE_DATA:
8097 from_unknown_sta(drv, buf, len);
8103 static void handle_monitor_read(int sock, void *eloop_ctx, void *sock_ctx)
8105 struct wpa_driver_nl80211_data *drv = eloop_ctx;
8107 unsigned char buf[3000];
8108 struct ieee80211_radiotap_iterator iter;
8110 int datarate = 0, ssi_signal = 0;
8111 int injected = 0, failed = 0, rxflags = 0;
8113 len = recv(sock, buf, sizeof(buf), 0);
8115 wpa_printf(MSG_ERROR, "nl80211: Monitor socket recv failed: %s",
8120 if (ieee80211_radiotap_iterator_init(&iter, (void *) buf, len, NULL)) {
8121 wpa_printf(MSG_INFO, "nl80211: received invalid radiotap frame");
8126 ret = ieee80211_radiotap_iterator_next(&iter);
8130 wpa_printf(MSG_INFO, "nl80211: received invalid radiotap frame (%d)",
8134 switch (iter.this_arg_index) {
8135 case IEEE80211_RADIOTAP_FLAGS:
8136 if (*iter.this_arg & IEEE80211_RADIOTAP_F_FCS)
8139 case IEEE80211_RADIOTAP_RX_FLAGS:
8142 case IEEE80211_RADIOTAP_TX_FLAGS:
8144 failed = le_to_host16((*(uint16_t *) iter.this_arg)) &
8145 IEEE80211_RADIOTAP_F_TX_FAIL;
8147 case IEEE80211_RADIOTAP_DATA_RETRIES:
8149 case IEEE80211_RADIOTAP_CHANNEL:
8150 /* TODO: convert from freq/flags to channel number */
8152 case IEEE80211_RADIOTAP_RATE:
8153 datarate = *iter.this_arg * 5;
8155 case IEEE80211_RADIOTAP_DBM_ANTSIGNAL:
8156 ssi_signal = (s8) *iter.this_arg;
8161 if (rxflags && injected)
8165 handle_frame(drv, buf + iter._max_length,
8166 len - iter._max_length, datarate, ssi_signal);
8168 handle_tx_callback(drv->ctx, buf + iter._max_length,
8169 len - iter._max_length, !failed);
8174 * we post-process the filter code later and rewrite
8175 * this to the offset to the last instruction
8180 static struct sock_filter msock_filter_insns[] = {
8182 * do a little-endian load of the radiotap length field
8184 /* load lower byte into A */
8185 BPF_STMT(BPF_LD | BPF_B | BPF_ABS, 2),
8186 /* put it into X (== index register) */
8187 BPF_STMT(BPF_MISC| BPF_TAX, 0),
8188 /* load upper byte into A */
8189 BPF_STMT(BPF_LD | BPF_B | BPF_ABS, 3),
8190 /* left-shift it by 8 */
8191 BPF_STMT(BPF_ALU | BPF_LSH | BPF_K, 8),
8193 BPF_STMT(BPF_ALU | BPF_OR | BPF_X, 0),
8194 /* put result into X */
8195 BPF_STMT(BPF_MISC| BPF_TAX, 0),
8198 * Allow management frames through, this also gives us those
8199 * management frames that we sent ourselves with status
8201 /* load the lower byte of the IEEE 802.11 frame control field */
8202 BPF_STMT(BPF_LD | BPF_B | BPF_IND, 0),
8203 /* mask off frame type and version */
8204 BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0xF),
8205 /* accept frame if it's both 0, fall through otherwise */
8206 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 0, PASS, 0),
8209 * TODO: add a bit to radiotap RX flags that indicates
8210 * that the sending station is not associated, then
8211 * add a filter here that filters on our DA and that flag
8212 * to allow us to deauth frames to that bad station.
8214 * For now allow all To DS data frames through.
8216 /* load the IEEE 802.11 frame control field */
8217 BPF_STMT(BPF_LD | BPF_H | BPF_IND, 0),
8218 /* mask off frame type, version and DS status */
8219 BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0x0F03),
8220 /* accept frame if version 0, type 2 and To DS, fall through otherwise
8222 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 0x0801, PASS, 0),
8226 * drop non-data frames
8228 /* load the lower byte of the frame control field */
8229 BPF_STMT(BPF_LD | BPF_B | BPF_IND, 0),
8230 /* mask off QoS bit */
8231 BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0x0c),
8232 /* drop non-data frames */
8233 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 8, 0, FAIL),
8235 /* load the upper byte of the frame control field */
8236 BPF_STMT(BPF_LD | BPF_B | BPF_IND, 1),
8237 /* mask off toDS/fromDS */
8238 BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0x03),
8239 /* accept WDS frames */
8240 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 3, PASS, 0),
8243 * add header length to index
8245 /* load the lower byte of the frame control field */
8246 BPF_STMT(BPF_LD | BPF_B | BPF_IND, 0),
8247 /* mask off QoS bit */
8248 BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0x80),
8249 /* right shift it by 6 to give 0 or 2 */
8250 BPF_STMT(BPF_ALU | BPF_RSH | BPF_K, 6),
8251 /* add data frame header length */
8252 BPF_STMT(BPF_ALU | BPF_ADD | BPF_K, 24),
8253 /* add index, was start of 802.11 header */
8254 BPF_STMT(BPF_ALU | BPF_ADD | BPF_X, 0),
8255 /* move to index, now start of LL header */
8256 BPF_STMT(BPF_MISC | BPF_TAX, 0),
8259 * Accept empty data frames, we use those for
8262 BPF_STMT(BPF_LD | BPF_W | BPF_LEN, 0),
8263 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_X, 0, PASS, 0),
8266 * Accept EAPOL frames
8268 BPF_STMT(BPF_LD | BPF_W | BPF_IND, 0),
8269 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 0xAAAA0300, 0, FAIL),
8270 BPF_STMT(BPF_LD | BPF_W | BPF_IND, 4),
8271 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 0x0000888E, PASS, FAIL),
8273 /* keep these last two statements or change the code below */
8274 /* return 0 == "DROP" */
8275 BPF_STMT(BPF_RET | BPF_K, 0),
8276 /* return ~0 == "keep all" */
8277 BPF_STMT(BPF_RET | BPF_K, ~0),
8280 static struct sock_fprog msock_filter = {
8281 .len = ARRAY_SIZE(msock_filter_insns),
8282 .filter = msock_filter_insns,
8286 static int add_monitor_filter(int s)
8290 /* rewrite all PASS/FAIL jump offsets */
8291 for (idx = 0; idx < msock_filter.len; idx++) {
8292 struct sock_filter *insn = &msock_filter_insns[idx];
8294 if (BPF_CLASS(insn->code) == BPF_JMP) {
8295 if (insn->code == (BPF_JMP|BPF_JA)) {
8296 if (insn->k == PASS)
8297 insn->k = msock_filter.len - idx - 2;
8298 else if (insn->k == FAIL)
8299 insn->k = msock_filter.len - idx - 3;
8302 if (insn->jt == PASS)
8303 insn->jt = msock_filter.len - idx - 2;
8304 else if (insn->jt == FAIL)
8305 insn->jt = msock_filter.len - idx - 3;
8307 if (insn->jf == PASS)
8308 insn->jf = msock_filter.len - idx - 2;
8309 else if (insn->jf == FAIL)
8310 insn->jf = msock_filter.len - idx - 3;
8314 if (setsockopt(s, SOL_SOCKET, SO_ATTACH_FILTER,
8315 &msock_filter, sizeof(msock_filter))) {
8316 wpa_printf(MSG_ERROR, "nl80211: setsockopt(SO_ATTACH_FILTER) failed: %s",
8325 static void nl80211_remove_monitor_interface(
8326 struct wpa_driver_nl80211_data *drv)
8328 if (drv->monitor_refcount > 0)
8329 drv->monitor_refcount--;
8330 wpa_printf(MSG_DEBUG, "nl80211: Remove monitor interface: refcount=%d",
8331 drv->monitor_refcount);
8332 if (drv->monitor_refcount > 0)
8335 if (drv->monitor_ifidx >= 0) {
8336 nl80211_remove_iface(drv, drv->monitor_ifidx);
8337 drv->monitor_ifidx = -1;
8339 if (drv->monitor_sock >= 0) {
8340 eloop_unregister_read_sock(drv->monitor_sock);
8341 close(drv->monitor_sock);
8342 drv->monitor_sock = -1;
8348 nl80211_create_monitor_interface(struct wpa_driver_nl80211_data *drv)
8351 struct sockaddr_ll ll;
8355 if (drv->monitor_ifidx >= 0) {
8356 drv->monitor_refcount++;
8357 wpa_printf(MSG_DEBUG, "nl80211: Re-use existing monitor interface: refcount=%d",
8358 drv->monitor_refcount);
8362 if (os_strncmp(drv->first_bss->ifname, "p2p-", 4) == 0) {
8364 * P2P interface name is of the format p2p-%s-%d. For monitor
8365 * interface name corresponding to P2P GO, replace "p2p-" with
8366 * "mon-" to retain the same interface name length and to
8367 * indicate that it is a monitor interface.
8369 snprintf(buf, IFNAMSIZ, "mon-%s", drv->first_bss->ifname + 4);
8371 /* Non-P2P interface with AP functionality. */
8372 snprintf(buf, IFNAMSIZ, "mon.%s", drv->first_bss->ifname);
8375 buf[IFNAMSIZ - 1] = '\0';
8377 drv->monitor_ifidx =
8378 nl80211_create_iface(drv, buf, NL80211_IFTYPE_MONITOR, NULL,
8381 if (drv->monitor_ifidx == -EOPNOTSUPP) {
8383 * This is backward compatibility for a few versions of
8384 * the kernel only that didn't advertise the right
8385 * attributes for the only driver that then supported
8386 * AP mode w/o monitor -- ath6kl.
8388 wpa_printf(MSG_DEBUG, "nl80211: Driver does not support "
8389 "monitor interface type - try to run without it");
8390 drv->device_ap_sme = 1;
8393 if (drv->monitor_ifidx < 0)
8396 if (linux_set_iface_flags(drv->global->ioctl_sock, buf, 1))
8399 memset(&ll, 0, sizeof(ll));
8400 ll.sll_family = AF_PACKET;
8401 ll.sll_ifindex = drv->monitor_ifidx;
8402 drv->monitor_sock = socket(PF_PACKET, SOCK_RAW, htons(ETH_P_ALL));
8403 if (drv->monitor_sock < 0) {
8404 wpa_printf(MSG_ERROR, "nl80211: socket[PF_PACKET,SOCK_RAW] failed: %s",
8409 if (add_monitor_filter(drv->monitor_sock)) {
8410 wpa_printf(MSG_INFO, "Failed to set socket filter for monitor "
8411 "interface; do filtering in user space");
8412 /* This works, but will cost in performance. */
8415 if (bind(drv->monitor_sock, (struct sockaddr *) &ll, sizeof(ll)) < 0) {
8416 wpa_printf(MSG_ERROR, "nl80211: monitor socket bind failed: %s",
8421 optlen = sizeof(optval);
8424 (drv->monitor_sock, SOL_SOCKET, SO_PRIORITY, &optval, optlen)) {
8425 wpa_printf(MSG_ERROR, "nl80211: Failed to set socket priority: %s",
8430 if (eloop_register_read_sock(drv->monitor_sock, handle_monitor_read,
8432 wpa_printf(MSG_INFO, "nl80211: Could not register monitor read socket");
8436 drv->monitor_refcount++;
8439 nl80211_remove_monitor_interface(drv);
8444 static int nl80211_setup_ap(struct i802_bss *bss)
8446 struct wpa_driver_nl80211_data *drv = bss->drv;
8448 wpa_printf(MSG_DEBUG, "nl80211: Setup AP(%s) - device_ap_sme=%d use_monitor=%d",
8449 bss->ifname, drv->device_ap_sme, drv->use_monitor);
8452 * Disable Probe Request reporting unless we need it in this way for
8453 * devices that include the AP SME, in the other case (unless using
8454 * monitor iface) we'll get it through the nl_mgmt socket instead.
8456 if (!drv->device_ap_sme)
8457 wpa_driver_nl80211_probe_req_report(bss, 0);
8459 if (!drv->device_ap_sme && !drv->use_monitor)
8460 if (nl80211_mgmt_subscribe_ap(bss))
8463 if (drv->device_ap_sme && !drv->use_monitor)
8464 if (nl80211_mgmt_subscribe_ap_dev_sme(bss))
8467 if (!drv->device_ap_sme && drv->use_monitor &&
8468 nl80211_create_monitor_interface(drv) &&
8469 !drv->device_ap_sme)
8472 if (drv->device_ap_sme &&
8473 wpa_driver_nl80211_probe_req_report(bss, 1) < 0) {
8474 wpa_printf(MSG_DEBUG, "nl80211: Failed to enable "
8475 "Probe Request frame reporting in AP mode");
8476 /* Try to survive without this */
8483 static void nl80211_teardown_ap(struct i802_bss *bss)
8485 struct wpa_driver_nl80211_data *drv = bss->drv;
8487 wpa_printf(MSG_DEBUG, "nl80211: Teardown AP(%s) - device_ap_sme=%d use_monitor=%d",
8488 bss->ifname, drv->device_ap_sme, drv->use_monitor);
8489 if (drv->device_ap_sme) {
8490 wpa_driver_nl80211_probe_req_report(bss, 0);
8491 if (!drv->use_monitor)
8492 nl80211_mgmt_unsubscribe(bss, "AP teardown (dev SME)");
8493 } else if (drv->use_monitor)
8494 nl80211_remove_monitor_interface(drv);
8496 nl80211_mgmt_unsubscribe(bss, "AP teardown");
8498 bss->beacon_set = 0;
8502 static int nl80211_send_eapol_data(struct i802_bss *bss,
8503 const u8 *addr, const u8 *data,
8506 struct sockaddr_ll ll;
8509 if (bss->drv->eapol_tx_sock < 0) {
8510 wpa_printf(MSG_DEBUG, "nl80211: No socket to send EAPOL");
8514 os_memset(&ll, 0, sizeof(ll));
8515 ll.sll_family = AF_PACKET;
8516 ll.sll_ifindex = bss->ifindex;
8517 ll.sll_protocol = htons(ETH_P_PAE);
8518 ll.sll_halen = ETH_ALEN;
8519 os_memcpy(ll.sll_addr, addr, ETH_ALEN);
8520 ret = sendto(bss->drv->eapol_tx_sock, data, data_len, 0,
8521 (struct sockaddr *) &ll, sizeof(ll));
8523 wpa_printf(MSG_ERROR, "nl80211: EAPOL TX: %s",
8530 static const u8 rfc1042_header[6] = { 0xaa, 0xaa, 0x03, 0x00, 0x00, 0x00 };
8532 static int wpa_driver_nl80211_hapd_send_eapol(
8533 void *priv, const u8 *addr, const u8 *data,
8534 size_t data_len, int encrypt, const u8 *own_addr, u32 flags)
8536 struct i802_bss *bss = priv;
8537 struct wpa_driver_nl80211_data *drv = bss->drv;
8538 struct ieee80211_hdr *hdr;
8542 int qos = flags & WPA_STA_WMM;
8544 if (drv->device_ap_sme || !drv->use_monitor)
8545 return nl80211_send_eapol_data(bss, addr, data, data_len);
8547 len = sizeof(*hdr) + (qos ? 2 : 0) + sizeof(rfc1042_header) + 2 +
8549 hdr = os_zalloc(len);
8551 wpa_printf(MSG_INFO, "nl80211: Failed to allocate EAPOL buffer(len=%lu)",
8552 (unsigned long) len);
8556 hdr->frame_control =
8557 IEEE80211_FC(WLAN_FC_TYPE_DATA, WLAN_FC_STYPE_DATA);
8558 hdr->frame_control |= host_to_le16(WLAN_FC_FROMDS);
8560 hdr->frame_control |= host_to_le16(WLAN_FC_ISWEP);
8562 hdr->frame_control |=
8563 host_to_le16(WLAN_FC_STYPE_QOS_DATA << 4);
8566 memcpy(hdr->IEEE80211_DA_FROMDS, addr, ETH_ALEN);
8567 memcpy(hdr->IEEE80211_BSSID_FROMDS, own_addr, ETH_ALEN);
8568 memcpy(hdr->IEEE80211_SA_FROMDS, own_addr, ETH_ALEN);
8569 pos = (u8 *) (hdr + 1);
8572 /* Set highest priority in QoS header */
8578 memcpy(pos, rfc1042_header, sizeof(rfc1042_header));
8579 pos += sizeof(rfc1042_header);
8580 WPA_PUT_BE16(pos, ETH_P_PAE);
8582 memcpy(pos, data, data_len);
8584 res = wpa_driver_nl80211_send_frame(bss, (u8 *) hdr, len, encrypt, 0,
8587 wpa_printf(MSG_ERROR, "i802_send_eapol - packet len: %lu - "
8589 (unsigned long) len, errno, strerror(errno));
8597 static int wpa_driver_nl80211_sta_set_flags(void *priv, const u8 *addr,
8599 int flags_or, int flags_and)
8601 struct i802_bss *bss = priv;
8602 struct wpa_driver_nl80211_data *drv = bss->drv;
8604 struct nlattr *flags;
8605 struct nl80211_sta_flag_update upd;
8607 wpa_printf(MSG_DEBUG, "nl80211: Set STA flags - ifname=%s addr=" MACSTR
8608 " total_flags=0x%x flags_or=0x%x flags_and=0x%x authorized=%d",
8609 bss->ifname, MAC2STR(addr), total_flags, flags_or, flags_and,
8610 !!(total_flags & WPA_STA_AUTHORIZED));
8612 msg = nlmsg_alloc();
8616 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_STATION);
8618 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
8619 if_nametoindex(bss->ifname));
8620 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
8623 * Backwards compatibility version using NL80211_ATTR_STA_FLAGS. This
8624 * can be removed eventually.
8626 flags = nla_nest_start(msg, NL80211_ATTR_STA_FLAGS);
8628 goto nla_put_failure;
8629 if (total_flags & WPA_STA_AUTHORIZED)
8630 NLA_PUT_FLAG(msg, NL80211_STA_FLAG_AUTHORIZED);
8632 if (total_flags & WPA_STA_WMM)
8633 NLA_PUT_FLAG(msg, NL80211_STA_FLAG_WME);
8635 if (total_flags & WPA_STA_SHORT_PREAMBLE)
8636 NLA_PUT_FLAG(msg, NL80211_STA_FLAG_SHORT_PREAMBLE);
8638 if (total_flags & WPA_STA_MFP)
8639 NLA_PUT_FLAG(msg, NL80211_STA_FLAG_MFP);
8641 if (total_flags & WPA_STA_TDLS_PEER)
8642 NLA_PUT_FLAG(msg, NL80211_STA_FLAG_TDLS_PEER);
8644 nla_nest_end(msg, flags);
8646 os_memset(&upd, 0, sizeof(upd));
8647 upd.mask = sta_flags_nl80211(flags_or | ~flags_and);
8648 upd.set = sta_flags_nl80211(flags_or);
8649 NLA_PUT(msg, NL80211_ATTR_STA_FLAGS2, sizeof(upd), &upd);
8651 return send_and_recv_msgs(drv, msg, NULL, NULL);
8658 static int wpa_driver_nl80211_ap(struct wpa_driver_nl80211_data *drv,
8659 struct wpa_driver_associate_params *params)
8661 enum nl80211_iftype nlmode, old_mode;
8662 struct hostapd_freq_params freq = {
8663 .freq = params->freq,
8667 wpa_printf(MSG_DEBUG, "nl80211: Setup AP operations for P2P "
8669 nlmode = NL80211_IFTYPE_P2P_GO;
8671 nlmode = NL80211_IFTYPE_AP;
8673 old_mode = drv->nlmode;
8674 if (wpa_driver_nl80211_set_mode(drv->first_bss, nlmode)) {
8675 nl80211_remove_monitor_interface(drv);
8679 if (nl80211_set_channel(drv->first_bss, &freq, 0)) {
8680 if (old_mode != nlmode)
8681 wpa_driver_nl80211_set_mode(drv->first_bss, old_mode);
8682 nl80211_remove_monitor_interface(drv);
8690 static int nl80211_leave_ibss(struct wpa_driver_nl80211_data *drv)
8695 msg = nlmsg_alloc();
8699 nl80211_cmd(drv, msg, 0, NL80211_CMD_LEAVE_IBSS);
8700 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
8701 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
8704 wpa_printf(MSG_DEBUG, "nl80211: Leave IBSS failed: ret=%d "
8705 "(%s)", ret, strerror(-ret));
8706 goto nla_put_failure;
8710 wpa_printf(MSG_DEBUG, "nl80211: Leave IBSS request sent successfully");
8713 if (wpa_driver_nl80211_set_mode(drv->first_bss,
8714 NL80211_IFTYPE_STATION)) {
8715 wpa_printf(MSG_INFO, "nl80211: Failed to set interface into "
8724 static int wpa_driver_nl80211_ibss(struct wpa_driver_nl80211_data *drv,
8725 struct wpa_driver_associate_params *params)
8731 wpa_printf(MSG_DEBUG, "nl80211: Join IBSS (ifindex=%d)", drv->ifindex);
8733 if (wpa_driver_nl80211_set_mode_ibss(drv->first_bss, params->freq)) {
8734 wpa_printf(MSG_INFO, "nl80211: Failed to set interface into "
8740 msg = nlmsg_alloc();
8744 nl80211_cmd(drv, msg, 0, NL80211_CMD_JOIN_IBSS);
8745 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
8747 if (params->ssid == NULL || params->ssid_len > sizeof(drv->ssid))
8748 goto nla_put_failure;
8750 wpa_hexdump_ascii(MSG_DEBUG, " * SSID",
8751 params->ssid, params->ssid_len);
8752 NLA_PUT(msg, NL80211_ATTR_SSID, params->ssid_len,
8754 os_memcpy(drv->ssid, params->ssid, params->ssid_len);
8755 drv->ssid_len = params->ssid_len;
8757 wpa_printf(MSG_DEBUG, " * freq=%d", params->freq);
8758 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, params->freq);
8760 if (params->beacon_int > 0) {
8761 wpa_printf(MSG_DEBUG, " * beacon_int=%d", params->beacon_int);
8762 NLA_PUT_U32(msg, NL80211_ATTR_BEACON_INTERVAL,
8763 params->beacon_int);
8766 ret = nl80211_set_conn_keys(params, msg);
8768 goto nla_put_failure;
8770 if (params->bssid && params->fixed_bssid) {
8771 wpa_printf(MSG_DEBUG, " * BSSID=" MACSTR,
8772 MAC2STR(params->bssid));
8773 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid);
8776 if (params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
8777 params->key_mgmt_suite == WPA_KEY_MGMT_PSK ||
8778 params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
8779 params->key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256) {
8780 wpa_printf(MSG_DEBUG, " * control port");
8781 NLA_PUT_FLAG(msg, NL80211_ATTR_CONTROL_PORT);
8784 if (params->wpa_ie) {
8785 wpa_hexdump(MSG_DEBUG,
8786 " * Extra IEs for Beacon/Probe Response frames",
8787 params->wpa_ie, params->wpa_ie_len);
8788 NLA_PUT(msg, NL80211_ATTR_IE, params->wpa_ie_len,
8792 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
8795 wpa_printf(MSG_DEBUG, "nl80211: Join IBSS failed: ret=%d (%s)",
8796 ret, strerror(-ret));
8798 if (ret == -EALREADY && count == 1) {
8799 wpa_printf(MSG_DEBUG, "nl80211: Retry IBSS join after "
8801 nl80211_leave_ibss(drv);
8806 goto nla_put_failure;
8809 wpa_printf(MSG_DEBUG, "nl80211: Join IBSS request sent successfully");
8817 static int nl80211_connect_common(struct wpa_driver_nl80211_data *drv,
8818 struct wpa_driver_associate_params *params,
8821 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
8823 if (params->bssid) {
8824 wpa_printf(MSG_DEBUG, " * bssid=" MACSTR,
8825 MAC2STR(params->bssid));
8826 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid);
8829 if (params->bssid_hint) {
8830 wpa_printf(MSG_DEBUG, " * bssid_hint=" MACSTR,
8831 MAC2STR(params->bssid_hint));
8832 NLA_PUT(msg, NL80211_ATTR_MAC_HINT, ETH_ALEN,
8833 params->bssid_hint);
8837 wpa_printf(MSG_DEBUG, " * freq=%d", params->freq);
8838 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, params->freq);
8839 drv->assoc_freq = params->freq;
8841 drv->assoc_freq = 0;
8843 if (params->freq_hint) {
8844 wpa_printf(MSG_DEBUG, " * freq_hint=%d", params->freq_hint);
8845 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ_HINT,
8849 if (params->bg_scan_period >= 0) {
8850 wpa_printf(MSG_DEBUG, " * bg scan period=%d",
8851 params->bg_scan_period);
8852 NLA_PUT_U16(msg, NL80211_ATTR_BG_SCAN_PERIOD,
8853 params->bg_scan_period);
8857 wpa_hexdump_ascii(MSG_DEBUG, " * SSID",
8858 params->ssid, params->ssid_len);
8859 NLA_PUT(msg, NL80211_ATTR_SSID, params->ssid_len,
8861 if (params->ssid_len > sizeof(drv->ssid))
8862 goto nla_put_failure;
8863 os_memcpy(drv->ssid, params->ssid, params->ssid_len);
8864 drv->ssid_len = params->ssid_len;
8867 wpa_hexdump(MSG_DEBUG, " * IEs", params->wpa_ie, params->wpa_ie_len);
8869 NLA_PUT(msg, NL80211_ATTR_IE, params->wpa_ie_len,
8872 if (params->wpa_proto) {
8873 enum nl80211_wpa_versions ver = 0;
8875 if (params->wpa_proto & WPA_PROTO_WPA)
8876 ver |= NL80211_WPA_VERSION_1;
8877 if (params->wpa_proto & WPA_PROTO_RSN)
8878 ver |= NL80211_WPA_VERSION_2;
8880 wpa_printf(MSG_DEBUG, " * WPA Versions 0x%x", ver);
8881 NLA_PUT_U32(msg, NL80211_ATTR_WPA_VERSIONS, ver);
8884 if (params->pairwise_suite != WPA_CIPHER_NONE) {
8885 u32 cipher = wpa_cipher_to_cipher_suite(params->pairwise_suite);
8886 wpa_printf(MSG_DEBUG, " * pairwise=0x%x", cipher);
8887 NLA_PUT_U32(msg, NL80211_ATTR_CIPHER_SUITES_PAIRWISE, cipher);
8890 if (params->group_suite == WPA_CIPHER_GTK_NOT_USED &&
8891 !(drv->capa.enc & WPA_DRIVER_CAPA_ENC_GTK_NOT_USED)) {
8893 * This is likely to work even though many drivers do not
8894 * advertise support for operations without GTK.
8896 wpa_printf(MSG_DEBUG, " * skip group cipher configuration for GTK_NOT_USED due to missing driver support advertisement");
8897 } else if (params->group_suite != WPA_CIPHER_NONE) {
8898 u32 cipher = wpa_cipher_to_cipher_suite(params->group_suite);
8899 wpa_printf(MSG_DEBUG, " * group=0x%x", cipher);
8900 NLA_PUT_U32(msg, NL80211_ATTR_CIPHER_SUITE_GROUP, cipher);
8903 if (params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
8904 params->key_mgmt_suite == WPA_KEY_MGMT_PSK ||
8905 params->key_mgmt_suite == WPA_KEY_MGMT_FT_IEEE8021X ||
8906 params->key_mgmt_suite == WPA_KEY_MGMT_FT_PSK ||
8907 params->key_mgmt_suite == WPA_KEY_MGMT_CCKM ||
8908 params->key_mgmt_suite == WPA_KEY_MGMT_OSEN ||
8909 params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
8910 params->key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256) {
8911 int mgmt = WLAN_AKM_SUITE_PSK;
8913 switch (params->key_mgmt_suite) {
8914 case WPA_KEY_MGMT_CCKM:
8915 mgmt = WLAN_AKM_SUITE_CCKM;
8917 case WPA_KEY_MGMT_IEEE8021X:
8918 mgmt = WLAN_AKM_SUITE_8021X;
8920 case WPA_KEY_MGMT_FT_IEEE8021X:
8921 mgmt = WLAN_AKM_SUITE_FT_8021X;
8923 case WPA_KEY_MGMT_FT_PSK:
8924 mgmt = WLAN_AKM_SUITE_FT_PSK;
8926 case WPA_KEY_MGMT_IEEE8021X_SHA256:
8927 mgmt = WLAN_AKM_SUITE_8021X_SHA256;
8929 case WPA_KEY_MGMT_PSK_SHA256:
8930 mgmt = WLAN_AKM_SUITE_PSK_SHA256;
8932 case WPA_KEY_MGMT_OSEN:
8933 mgmt = WLAN_AKM_SUITE_OSEN;
8935 case WPA_KEY_MGMT_PSK:
8937 mgmt = WLAN_AKM_SUITE_PSK;
8940 wpa_printf(MSG_DEBUG, " * akm=0x%x", mgmt);
8941 NLA_PUT_U32(msg, NL80211_ATTR_AKM_SUITES, mgmt);
8944 NLA_PUT_FLAG(msg, NL80211_ATTR_CONTROL_PORT);
8946 if (params->mgmt_frame_protection == MGMT_FRAME_PROTECTION_REQUIRED)
8947 NLA_PUT_U32(msg, NL80211_ATTR_USE_MFP, NL80211_MFP_REQUIRED);
8949 if (params->disable_ht)
8950 NLA_PUT_FLAG(msg, NL80211_ATTR_DISABLE_HT);
8952 if (params->htcaps && params->htcaps_mask) {
8953 int sz = sizeof(struct ieee80211_ht_capabilities);
8954 wpa_hexdump(MSG_DEBUG, " * htcaps", params->htcaps, sz);
8955 NLA_PUT(msg, NL80211_ATTR_HT_CAPABILITY, sz, params->htcaps);
8956 wpa_hexdump(MSG_DEBUG, " * htcaps_mask",
8957 params->htcaps_mask, sz);
8958 NLA_PUT(msg, NL80211_ATTR_HT_CAPABILITY_MASK, sz,
8959 params->htcaps_mask);
8962 #ifdef CONFIG_VHT_OVERRIDES
8963 if (params->disable_vht) {
8964 wpa_printf(MSG_DEBUG, " * VHT disabled");
8965 NLA_PUT_FLAG(msg, NL80211_ATTR_DISABLE_VHT);
8968 if (params->vhtcaps && params->vhtcaps_mask) {
8969 int sz = sizeof(struct ieee80211_vht_capabilities);
8970 wpa_hexdump(MSG_DEBUG, " * vhtcaps", params->vhtcaps, sz);
8971 NLA_PUT(msg, NL80211_ATTR_VHT_CAPABILITY, sz, params->vhtcaps);
8972 wpa_hexdump(MSG_DEBUG, " * vhtcaps_mask",
8973 params->vhtcaps_mask, sz);
8974 NLA_PUT(msg, NL80211_ATTR_VHT_CAPABILITY_MASK, sz,
8975 params->vhtcaps_mask);
8977 #endif /* CONFIG_VHT_OVERRIDES */
8980 wpa_printf(MSG_DEBUG, " * P2P group");
8988 static int wpa_driver_nl80211_try_connect(
8989 struct wpa_driver_nl80211_data *drv,
8990 struct wpa_driver_associate_params *params)
8993 enum nl80211_auth_type type;
8997 msg = nlmsg_alloc();
9001 wpa_printf(MSG_DEBUG, "nl80211: Connect (ifindex=%d)", drv->ifindex);
9002 nl80211_cmd(drv, msg, 0, NL80211_CMD_CONNECT);
9004 ret = nl80211_connect_common(drv, params, msg);
9006 goto nla_put_failure;
9009 if (params->auth_alg & WPA_AUTH_ALG_OPEN)
9011 if (params->auth_alg & WPA_AUTH_ALG_SHARED)
9013 if (params->auth_alg & WPA_AUTH_ALG_LEAP)
9016 wpa_printf(MSG_DEBUG, " * Leave out Auth Type for automatic "
9018 goto skip_auth_type;
9021 if (params->auth_alg & WPA_AUTH_ALG_OPEN)
9022 type = NL80211_AUTHTYPE_OPEN_SYSTEM;
9023 else if (params->auth_alg & WPA_AUTH_ALG_SHARED)
9024 type = NL80211_AUTHTYPE_SHARED_KEY;
9025 else if (params->auth_alg & WPA_AUTH_ALG_LEAP)
9026 type = NL80211_AUTHTYPE_NETWORK_EAP;
9027 else if (params->auth_alg & WPA_AUTH_ALG_FT)
9028 type = NL80211_AUTHTYPE_FT;
9030 goto nla_put_failure;
9032 wpa_printf(MSG_DEBUG, " * Auth Type %d", type);
9033 NLA_PUT_U32(msg, NL80211_ATTR_AUTH_TYPE, type);
9036 ret = nl80211_set_conn_keys(params, msg);
9038 goto nla_put_failure;
9040 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
9043 wpa_printf(MSG_DEBUG, "nl80211: MLME connect failed: ret=%d "
9044 "(%s)", ret, strerror(-ret));
9045 goto nla_put_failure;
9048 wpa_printf(MSG_DEBUG, "nl80211: Connect request send successfully");
9057 static int wpa_driver_nl80211_connect(
9058 struct wpa_driver_nl80211_data *drv,
9059 struct wpa_driver_associate_params *params)
9061 int ret = wpa_driver_nl80211_try_connect(drv, params);
9062 if (ret == -EALREADY) {
9064 * cfg80211 does not currently accept new connections if
9065 * we are already connected. As a workaround, force
9066 * disconnection and try again.
9068 wpa_printf(MSG_DEBUG, "nl80211: Explicitly "
9069 "disconnecting before reassociation "
9071 if (wpa_driver_nl80211_disconnect(
9072 drv, WLAN_REASON_PREV_AUTH_NOT_VALID))
9074 ret = wpa_driver_nl80211_try_connect(drv, params);
9080 static int wpa_driver_nl80211_associate(
9081 void *priv, struct wpa_driver_associate_params *params)
9083 struct i802_bss *bss = priv;
9084 struct wpa_driver_nl80211_data *drv = bss->drv;
9088 if (params->mode == IEEE80211_MODE_AP)
9089 return wpa_driver_nl80211_ap(drv, params);
9091 if (params->mode == IEEE80211_MODE_IBSS)
9092 return wpa_driver_nl80211_ibss(drv, params);
9094 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME)) {
9095 enum nl80211_iftype nlmode = params->p2p ?
9096 NL80211_IFTYPE_P2P_CLIENT : NL80211_IFTYPE_STATION;
9098 if (wpa_driver_nl80211_set_mode(priv, nlmode) < 0)
9100 return wpa_driver_nl80211_connect(drv, params);
9103 nl80211_mark_disconnected(drv);
9105 msg = nlmsg_alloc();
9109 wpa_printf(MSG_DEBUG, "nl80211: Associate (ifindex=%d)",
9111 nl80211_cmd(drv, msg, 0, NL80211_CMD_ASSOCIATE);
9113 ret = nl80211_connect_common(drv, params, msg);
9115 goto nla_put_failure;
9117 if (params->prev_bssid) {
9118 wpa_printf(MSG_DEBUG, " * prev_bssid=" MACSTR,
9119 MAC2STR(params->prev_bssid));
9120 NLA_PUT(msg, NL80211_ATTR_PREV_BSSID, ETH_ALEN,
9121 params->prev_bssid);
9124 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
9127 wpa_dbg(drv->ctx, MSG_DEBUG,
9128 "nl80211: MLME command failed (assoc): ret=%d (%s)",
9129 ret, strerror(-ret));
9130 nl80211_dump_scan(drv);
9131 goto nla_put_failure;
9134 wpa_printf(MSG_DEBUG, "nl80211: Association request send "
9143 static int nl80211_set_mode(struct wpa_driver_nl80211_data *drv,
9144 int ifindex, enum nl80211_iftype mode)
9149 wpa_printf(MSG_DEBUG, "nl80211: Set mode ifindex %d iftype %d (%s)",
9150 ifindex, mode, nl80211_iftype_str(mode));
9152 msg = nlmsg_alloc();
9156 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_INTERFACE);
9157 if (nl80211_set_iface_id(msg, drv->first_bss) < 0)
9158 goto nla_put_failure;
9159 NLA_PUT_U32(msg, NL80211_ATTR_IFTYPE, mode);
9161 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
9167 wpa_printf(MSG_DEBUG, "nl80211: Failed to set interface %d to mode %d:"
9168 " %d (%s)", ifindex, mode, ret, strerror(-ret));
9173 static int wpa_driver_nl80211_set_mode_impl(
9174 struct i802_bss *bss,
9175 enum nl80211_iftype nlmode,
9176 struct hostapd_freq_params *desired_freq_params)
9178 struct wpa_driver_nl80211_data *drv = bss->drv;
9181 int was_ap = is_ap_interface(drv->nlmode);
9183 int mode_switch_res;
9185 mode_switch_res = nl80211_set_mode(drv, drv->ifindex, nlmode);
9186 if (mode_switch_res && nlmode == nl80211_get_ifmode(bss))
9187 mode_switch_res = 0;
9189 if (mode_switch_res == 0) {
9190 drv->nlmode = nlmode;
9195 if (mode_switch_res == -ENODEV)
9198 if (nlmode == drv->nlmode) {
9199 wpa_printf(MSG_DEBUG, "nl80211: Interface already in "
9200 "requested mode - ignore error");
9202 goto done; /* Already in the requested mode */
9205 /* mac80211 doesn't allow mode changes while the device is up, so
9206 * take the device down, try to set the mode again, and bring the
9209 wpa_printf(MSG_DEBUG, "nl80211: Try mode change after setting "
9211 for (i = 0; i < 10; i++) {
9212 res = i802_set_iface_flags(bss, 0);
9213 if (res == -EACCES || res == -ENODEV)
9216 wpa_printf(MSG_DEBUG, "nl80211: Failed to set "
9218 os_sleep(0, 100000);
9223 * Setting the mode will fail for some drivers if the phy is
9224 * on a frequency that the mode is disallowed in.
9226 if (desired_freq_params) {
9227 res = i802_set_freq(bss, desired_freq_params);
9229 wpa_printf(MSG_DEBUG,
9230 "nl80211: Failed to set frequency on interface");
9234 /* Try to set the mode again while the interface is down */
9235 mode_switch_res = nl80211_set_mode(drv, drv->ifindex, nlmode);
9236 if (mode_switch_res == -EBUSY) {
9237 wpa_printf(MSG_DEBUG,
9238 "nl80211: Delaying mode set while interface going down");
9239 os_sleep(0, 100000);
9242 ret = mode_switch_res;
9247 wpa_printf(MSG_DEBUG, "nl80211: Mode change succeeded while "
9248 "interface is down");
9249 drv->nlmode = nlmode;
9250 drv->ignore_if_down_event = 1;
9253 /* Bring the interface back up */
9254 res = linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 1);
9256 wpa_printf(MSG_DEBUG,
9257 "nl80211: Failed to set interface up after switching mode");
9263 wpa_printf(MSG_DEBUG, "nl80211: Interface mode change to %d "
9264 "from %d failed", nlmode, drv->nlmode);
9268 if (is_p2p_net_interface(nlmode))
9269 nl80211_disable_11b_rates(drv, drv->ifindex, 1);
9270 else if (drv->disabled_11b_rates)
9271 nl80211_disable_11b_rates(drv, drv->ifindex, 0);
9273 if (is_ap_interface(nlmode)) {
9274 nl80211_mgmt_unsubscribe(bss, "start AP");
9275 /* Setup additional AP mode functionality if needed */
9276 if (nl80211_setup_ap(bss))
9278 } else if (was_ap) {
9279 /* Remove additional AP mode functionality */
9280 nl80211_teardown_ap(bss);
9282 nl80211_mgmt_unsubscribe(bss, "mode change");
9285 if (!bss->in_deinit && !is_ap_interface(nlmode) &&
9286 nl80211_mgmt_subscribe_non_ap(bss) < 0)
9287 wpa_printf(MSG_DEBUG, "nl80211: Failed to register Action "
9288 "frame processing - ignore for now");
9294 static int dfs_info_handler(struct nl_msg *msg, void *arg)
9296 struct nlattr *tb[NL80211_ATTR_MAX + 1];
9297 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
9298 int *dfs_capability_ptr = arg;
9300 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
9301 genlmsg_attrlen(gnlh, 0), NULL);
9303 if (tb[NL80211_ATTR_VENDOR_DATA]) {
9304 struct nlattr *nl_vend = tb[NL80211_ATTR_VENDOR_DATA];
9305 struct nlattr *tb_vendor[QCA_WLAN_VENDOR_ATTR_MAX + 1];
9307 nla_parse(tb_vendor, QCA_WLAN_VENDOR_ATTR_MAX,
9308 nla_data(nl_vend), nla_len(nl_vend), NULL);
9310 if (tb_vendor[QCA_WLAN_VENDOR_ATTR_DFS]) {
9312 val = nla_get_u32(tb_vendor[QCA_WLAN_VENDOR_ATTR_DFS]);
9313 wpa_printf(MSG_DEBUG, "nl80211: DFS offload capability: %u",
9315 *dfs_capability_ptr = val;
9323 static int wpa_driver_nl80211_set_mode(struct i802_bss *bss,
9324 enum nl80211_iftype nlmode)
9326 return wpa_driver_nl80211_set_mode_impl(bss, nlmode, NULL);
9330 static int wpa_driver_nl80211_set_mode_ibss(struct i802_bss *bss, int freq)
9332 struct hostapd_freq_params freq_params;
9333 os_memset(&freq_params, 0, sizeof(freq_params));
9334 freq_params.freq = freq;
9335 return wpa_driver_nl80211_set_mode_impl(bss, NL80211_IFTYPE_ADHOC,
9340 static int wpa_driver_nl80211_get_capa(void *priv,
9341 struct wpa_driver_capa *capa)
9343 struct i802_bss *bss = priv;
9344 struct wpa_driver_nl80211_data *drv = bss->drv;
9346 int dfs_capability = 0;
9349 if (!drv->has_capability)
9351 os_memcpy(capa, &drv->capa, sizeof(*capa));
9352 if (drv->extended_capa && drv->extended_capa_mask) {
9353 capa->extended_capa = drv->extended_capa;
9354 capa->extended_capa_mask = drv->extended_capa_mask;
9355 capa->extended_capa_len = drv->extended_capa_len;
9358 if ((capa->flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) &&
9359 !drv->allow_p2p_device) {
9360 wpa_printf(MSG_DEBUG, "nl80211: Do not indicate P2P_DEVICE support (p2p_device=1 driver param not specified)");
9361 capa->flags &= ~WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE;
9364 if (drv->dfs_vendor_cmd_avail == 1) {
9365 msg = nlmsg_alloc();
9369 nl80211_cmd(drv, msg, 0, NL80211_CMD_VENDOR);
9371 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
9372 NLA_PUT_U32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA);
9373 NLA_PUT_U32(msg, NL80211_ATTR_VENDOR_SUBCMD,
9374 QCA_NL80211_VENDOR_SUBCMD_DFS_CAPABILITY);
9376 ret = send_and_recv_msgs(drv, msg, dfs_info_handler,
9380 capa->flags |= WPA_DRIVER_FLAGS_DFS_OFFLOAD;
9392 static int wpa_driver_nl80211_set_operstate(void *priv, int state)
9394 struct i802_bss *bss = priv;
9395 struct wpa_driver_nl80211_data *drv = bss->drv;
9397 wpa_printf(MSG_DEBUG, "nl80211: Set %s operstate %d->%d (%s)",
9398 bss->ifname, drv->operstate, state,
9399 state ? "UP" : "DORMANT");
9400 drv->operstate = state;
9401 return netlink_send_oper_ifla(drv->global->netlink, drv->ifindex, -1,
9402 state ? IF_OPER_UP : IF_OPER_DORMANT);
9406 static int wpa_driver_nl80211_set_supp_port(void *priv, int authorized)
9408 struct i802_bss *bss = priv;
9409 struct wpa_driver_nl80211_data *drv = bss->drv;
9411 struct nl80211_sta_flag_update upd;
9414 if (!drv->associated && is_zero_ether_addr(drv->bssid) && !authorized) {
9415 wpa_printf(MSG_DEBUG, "nl80211: Skip set_supp_port(unauthorized) while not associated");
9419 wpa_printf(MSG_DEBUG, "nl80211: Set supplicant port %sauthorized for "
9420 MACSTR, authorized ? "" : "un", MAC2STR(drv->bssid));
9422 msg = nlmsg_alloc();
9426 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_STATION);
9428 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
9429 if_nametoindex(bss->ifname));
9430 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, drv->bssid);
9432 os_memset(&upd, 0, sizeof(upd));
9433 upd.mask = BIT(NL80211_STA_FLAG_AUTHORIZED);
9435 upd.set = BIT(NL80211_STA_FLAG_AUTHORIZED);
9436 NLA_PUT(msg, NL80211_ATTR_STA_FLAGS2, sizeof(upd), &upd);
9438 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
9444 wpa_printf(MSG_DEBUG, "nl80211: Failed to set STA flag: %d (%s)",
9445 ret, strerror(-ret));
9450 /* Set kernel driver on given frequency (MHz) */
9451 static int i802_set_freq(void *priv, struct hostapd_freq_params *freq)
9453 struct i802_bss *bss = priv;
9454 return nl80211_set_channel(bss, freq, 0);
9458 static inline int min_int(int a, int b)
9466 static int get_key_handler(struct nl_msg *msg, void *arg)
9468 struct nlattr *tb[NL80211_ATTR_MAX + 1];
9469 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
9471 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
9472 genlmsg_attrlen(gnlh, 0), NULL);
9475 * TODO: validate the key index and mac address!
9476 * Otherwise, there's a race condition as soon as
9477 * the kernel starts sending key notifications.
9480 if (tb[NL80211_ATTR_KEY_SEQ])
9481 memcpy(arg, nla_data(tb[NL80211_ATTR_KEY_SEQ]),
9482 min_int(nla_len(tb[NL80211_ATTR_KEY_SEQ]), 6));
9487 static int i802_get_seqnum(const char *iface, void *priv, const u8 *addr,
9490 struct i802_bss *bss = priv;
9491 struct wpa_driver_nl80211_data *drv = bss->drv;
9494 msg = nlmsg_alloc();
9498 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_KEY);
9501 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
9502 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, idx);
9503 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(iface));
9507 return send_and_recv_msgs(drv, msg, get_key_handler, seq);
9514 static int i802_set_rts(void *priv, int rts)
9516 struct i802_bss *bss = priv;
9517 struct wpa_driver_nl80211_data *drv = bss->drv;
9522 msg = nlmsg_alloc();
9531 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_WIPHY);
9532 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
9533 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_RTS_THRESHOLD, val);
9535 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
9541 wpa_printf(MSG_DEBUG, "nl80211: Failed to set RTS threshold %d: "
9542 "%d (%s)", rts, ret, strerror(-ret));
9547 static int i802_set_frag(void *priv, int frag)
9549 struct i802_bss *bss = priv;
9550 struct wpa_driver_nl80211_data *drv = bss->drv;
9555 msg = nlmsg_alloc();
9564 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_WIPHY);
9565 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
9566 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FRAG_THRESHOLD, val);
9568 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
9574 wpa_printf(MSG_DEBUG, "nl80211: Failed to set fragmentation threshold "
9575 "%d: %d (%s)", frag, ret, strerror(-ret));
9580 static int i802_flush(void *priv)
9582 struct i802_bss *bss = priv;
9583 struct wpa_driver_nl80211_data *drv = bss->drv;
9587 msg = nlmsg_alloc();
9591 wpa_printf(MSG_DEBUG, "nl80211: flush -> DEL_STATION %s (all)",
9593 nl80211_cmd(drv, msg, 0, NL80211_CMD_DEL_STATION);
9596 * XXX: FIX! this needs to flush all VLANs too
9598 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
9599 if_nametoindex(bss->ifname));
9601 res = send_and_recv_msgs(drv, msg, NULL, NULL);
9603 wpa_printf(MSG_DEBUG, "nl80211: Station flush failed: ret=%d "
9604 "(%s)", res, strerror(-res));
9613 static int get_sta_handler(struct nl_msg *msg, void *arg)
9615 struct nlattr *tb[NL80211_ATTR_MAX + 1];
9616 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
9617 struct hostap_sta_driver_data *data = arg;
9618 struct nlattr *stats[NL80211_STA_INFO_MAX + 1];
9619 static struct nla_policy stats_policy[NL80211_STA_INFO_MAX + 1] = {
9620 [NL80211_STA_INFO_INACTIVE_TIME] = { .type = NLA_U32 },
9621 [NL80211_STA_INFO_RX_BYTES] = { .type = NLA_U32 },
9622 [NL80211_STA_INFO_TX_BYTES] = { .type = NLA_U32 },
9623 [NL80211_STA_INFO_RX_PACKETS] = { .type = NLA_U32 },
9624 [NL80211_STA_INFO_TX_PACKETS] = { .type = NLA_U32 },
9625 [NL80211_STA_INFO_TX_FAILED] = { .type = NLA_U32 },
9628 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
9629 genlmsg_attrlen(gnlh, 0), NULL);
9632 * TODO: validate the interface and mac address!
9633 * Otherwise, there's a race condition as soon as
9634 * the kernel starts sending station notifications.
9637 if (!tb[NL80211_ATTR_STA_INFO]) {
9638 wpa_printf(MSG_DEBUG, "sta stats missing!");
9641 if (nla_parse_nested(stats, NL80211_STA_INFO_MAX,
9642 tb[NL80211_ATTR_STA_INFO],
9644 wpa_printf(MSG_DEBUG, "failed to parse nested attributes!");
9648 if (stats[NL80211_STA_INFO_INACTIVE_TIME])
9649 data->inactive_msec =
9650 nla_get_u32(stats[NL80211_STA_INFO_INACTIVE_TIME]);
9651 if (stats[NL80211_STA_INFO_RX_BYTES])
9652 data->rx_bytes = nla_get_u32(stats[NL80211_STA_INFO_RX_BYTES]);
9653 if (stats[NL80211_STA_INFO_TX_BYTES])
9654 data->tx_bytes = nla_get_u32(stats[NL80211_STA_INFO_TX_BYTES]);
9655 if (stats[NL80211_STA_INFO_RX_PACKETS])
9657 nla_get_u32(stats[NL80211_STA_INFO_RX_PACKETS]);
9658 if (stats[NL80211_STA_INFO_TX_PACKETS])
9660 nla_get_u32(stats[NL80211_STA_INFO_TX_PACKETS]);
9661 if (stats[NL80211_STA_INFO_TX_FAILED])
9662 data->tx_retry_failed =
9663 nla_get_u32(stats[NL80211_STA_INFO_TX_FAILED]);
9668 static int i802_read_sta_data(struct i802_bss *bss,
9669 struct hostap_sta_driver_data *data,
9672 struct wpa_driver_nl80211_data *drv = bss->drv;
9675 os_memset(data, 0, sizeof(*data));
9676 msg = nlmsg_alloc();
9680 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_STATION);
9682 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
9683 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(bss->ifname));
9685 return send_and_recv_msgs(drv, msg, get_sta_handler, data);
9692 static int i802_set_tx_queue_params(void *priv, int queue, int aifs,
9693 int cw_min, int cw_max, int burst_time)
9695 struct i802_bss *bss = priv;
9696 struct wpa_driver_nl80211_data *drv = bss->drv;
9698 struct nlattr *txq, *params;
9700 msg = nlmsg_alloc();
9704 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_WIPHY);
9706 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(bss->ifname));
9708 txq = nla_nest_start(msg, NL80211_ATTR_WIPHY_TXQ_PARAMS);
9710 goto nla_put_failure;
9712 /* We are only sending parameters for a single TXQ at a time */
9713 params = nla_nest_start(msg, 1);
9715 goto nla_put_failure;
9719 NLA_PUT_U8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_VO);
9722 NLA_PUT_U8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_VI);
9725 NLA_PUT_U8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_BE);
9728 NLA_PUT_U8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_BK);
9731 /* Burst time is configured in units of 0.1 msec and TXOP parameter in
9732 * 32 usec, so need to convert the value here. */
9733 NLA_PUT_U16(msg, NL80211_TXQ_ATTR_TXOP, (burst_time * 100 + 16) / 32);
9734 NLA_PUT_U16(msg, NL80211_TXQ_ATTR_CWMIN, cw_min);
9735 NLA_PUT_U16(msg, NL80211_TXQ_ATTR_CWMAX, cw_max);
9736 NLA_PUT_U8(msg, NL80211_TXQ_ATTR_AIFS, aifs);
9738 nla_nest_end(msg, params);
9740 nla_nest_end(msg, txq);
9742 if (send_and_recv_msgs(drv, msg, NULL, NULL) == 0)
9751 static int i802_set_sta_vlan(struct i802_bss *bss, const u8 *addr,
9752 const char *ifname, int vlan_id)
9754 struct wpa_driver_nl80211_data *drv = bss->drv;
9758 msg = nlmsg_alloc();
9762 wpa_printf(MSG_DEBUG, "nl80211: %s[%d]: set_sta_vlan(" MACSTR
9763 ", ifname=%s[%d], vlan_id=%d)",
9764 bss->ifname, if_nametoindex(bss->ifname),
9765 MAC2STR(addr), ifname, if_nametoindex(ifname), vlan_id);
9766 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_STATION);
9768 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
9769 if_nametoindex(bss->ifname));
9770 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
9771 NLA_PUT_U32(msg, NL80211_ATTR_STA_VLAN,
9772 if_nametoindex(ifname));
9774 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
9777 wpa_printf(MSG_ERROR, "nl80211: NL80211_ATTR_STA_VLAN (addr="
9778 MACSTR " ifname=%s vlan_id=%d) failed: %d (%s)",
9779 MAC2STR(addr), ifname, vlan_id, ret,
9788 static int i802_get_inact_sec(void *priv, const u8 *addr)
9790 struct hostap_sta_driver_data data;
9793 data.inactive_msec = (unsigned long) -1;
9794 ret = i802_read_sta_data(priv, &data, addr);
9795 if (ret || data.inactive_msec == (unsigned long) -1)
9797 return data.inactive_msec / 1000;
9801 static int i802_sta_clear_stats(void *priv, const u8 *addr)
9810 static int i802_sta_deauth(void *priv, const u8 *own_addr, const u8 *addr,
9813 struct i802_bss *bss = priv;
9814 struct wpa_driver_nl80211_data *drv = bss->drv;
9815 struct ieee80211_mgmt mgmt;
9817 if (drv->device_ap_sme)
9818 return wpa_driver_nl80211_sta_remove(bss, addr);
9820 memset(&mgmt, 0, sizeof(mgmt));
9821 mgmt.frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT,
9822 WLAN_FC_STYPE_DEAUTH);
9823 memcpy(mgmt.da, addr, ETH_ALEN);
9824 memcpy(mgmt.sa, own_addr, ETH_ALEN);
9825 memcpy(mgmt.bssid, own_addr, ETH_ALEN);
9826 mgmt.u.deauth.reason_code = host_to_le16(reason);
9827 return wpa_driver_nl80211_send_mlme(bss, (u8 *) &mgmt,
9829 sizeof(mgmt.u.deauth), 0, 0, 0, 0,
9834 static int i802_sta_disassoc(void *priv, const u8 *own_addr, const u8 *addr,
9837 struct i802_bss *bss = priv;
9838 struct wpa_driver_nl80211_data *drv = bss->drv;
9839 struct ieee80211_mgmt mgmt;
9841 if (drv->device_ap_sme)
9842 return wpa_driver_nl80211_sta_remove(bss, addr);
9844 memset(&mgmt, 0, sizeof(mgmt));
9845 mgmt.frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT,
9846 WLAN_FC_STYPE_DISASSOC);
9847 memcpy(mgmt.da, addr, ETH_ALEN);
9848 memcpy(mgmt.sa, own_addr, ETH_ALEN);
9849 memcpy(mgmt.bssid, own_addr, ETH_ALEN);
9850 mgmt.u.disassoc.reason_code = host_to_le16(reason);
9851 return wpa_driver_nl80211_send_mlme(bss, (u8 *) &mgmt,
9853 sizeof(mgmt.u.disassoc), 0, 0, 0, 0,
9858 static void dump_ifidx(struct wpa_driver_nl80211_data *drv)
9860 char buf[200], *pos, *end;
9864 end = pos + sizeof(buf);
9866 for (i = 0; i < drv->num_if_indices; i++) {
9867 if (!drv->if_indices[i])
9869 res = os_snprintf(pos, end - pos, " %d", drv->if_indices[i]);
9870 if (res < 0 || res >= end - pos)
9876 wpa_printf(MSG_DEBUG, "nl80211: if_indices[%d]:%s",
9877 drv->num_if_indices, buf);
9881 static void add_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx)
9886 wpa_printf(MSG_DEBUG, "nl80211: Add own interface ifindex %d",
9888 if (have_ifidx(drv, ifidx)) {
9889 wpa_printf(MSG_DEBUG, "nl80211: ifindex %d already in the list",
9893 for (i = 0; i < drv->num_if_indices; i++) {
9894 if (drv->if_indices[i] == 0) {
9895 drv->if_indices[i] = ifidx;
9901 if (drv->if_indices != drv->default_if_indices)
9902 old = drv->if_indices;
9906 drv->if_indices = os_realloc_array(old, drv->num_if_indices + 1,
9908 if (!drv->if_indices) {
9910 drv->if_indices = drv->default_if_indices;
9912 drv->if_indices = old;
9913 wpa_printf(MSG_ERROR, "Failed to reallocate memory for "
9915 wpa_printf(MSG_ERROR, "Ignoring EAPOL on interface %d", ifidx);
9918 os_memcpy(drv->if_indices, drv->default_if_indices,
9919 sizeof(drv->default_if_indices));
9920 drv->if_indices[drv->num_if_indices] = ifidx;
9921 drv->num_if_indices++;
9926 static void del_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx)
9930 for (i = 0; i < drv->num_if_indices; i++) {
9931 if (drv->if_indices[i] == ifidx) {
9932 drv->if_indices[i] = 0;
9940 static int have_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx)
9944 for (i = 0; i < drv->num_if_indices; i++)
9945 if (drv->if_indices[i] == ifidx)
9952 static int i802_set_wds_sta(void *priv, const u8 *addr, int aid, int val,
9953 const char *bridge_ifname, char *ifname_wds)
9955 struct i802_bss *bss = priv;
9956 struct wpa_driver_nl80211_data *drv = bss->drv;
9957 char name[IFNAMSIZ + 1];
9959 os_snprintf(name, sizeof(name), "%s.sta%d", bss->ifname, aid);
9961 os_strlcpy(ifname_wds, name, IFNAMSIZ + 1);
9963 wpa_printf(MSG_DEBUG, "nl80211: Set WDS STA addr=" MACSTR
9964 " aid=%d val=%d name=%s", MAC2STR(addr), aid, val, name);
9966 if (!if_nametoindex(name)) {
9967 if (nl80211_create_iface(drv, name,
9968 NL80211_IFTYPE_AP_VLAN,
9969 bss->addr, 1, NULL, NULL, 0) <
9972 if (bridge_ifname &&
9973 linux_br_add_if(drv->global->ioctl_sock,
9974 bridge_ifname, name) < 0)
9977 if (linux_set_iface_flags(drv->global->ioctl_sock, name, 1)) {
9978 wpa_printf(MSG_ERROR, "nl80211: Failed to set WDS STA "
9979 "interface %s up", name);
9981 return i802_set_sta_vlan(priv, addr, name, 0);
9984 linux_br_del_if(drv->global->ioctl_sock, bridge_ifname,
9987 i802_set_sta_vlan(priv, addr, bss->ifname, 0);
9988 nl80211_remove_iface(drv, if_nametoindex(name));
9994 static void handle_eapol(int sock, void *eloop_ctx, void *sock_ctx)
9996 struct wpa_driver_nl80211_data *drv = eloop_ctx;
9997 struct sockaddr_ll lladdr;
9998 unsigned char buf[3000];
10000 socklen_t fromlen = sizeof(lladdr);
10002 len = recvfrom(sock, buf, sizeof(buf), 0,
10003 (struct sockaddr *)&lladdr, &fromlen);
10005 wpa_printf(MSG_ERROR, "nl80211: EAPOL recv failed: %s",
10010 if (have_ifidx(drv, lladdr.sll_ifindex))
10011 drv_event_eapol_rx(drv->ctx, lladdr.sll_addr, buf, len);
10015 static int i802_check_bridge(struct wpa_driver_nl80211_data *drv,
10016 struct i802_bss *bss,
10017 const char *brname, const char *ifname)
10020 char in_br[IFNAMSIZ];
10022 os_strlcpy(bss->brname, brname, IFNAMSIZ);
10023 ifindex = if_nametoindex(brname);
10024 if (ifindex == 0) {
10026 * Bridge was configured, but the bridge device does
10027 * not exist. Try to add it now.
10029 if (linux_br_add(drv->global->ioctl_sock, brname) < 0) {
10030 wpa_printf(MSG_ERROR, "nl80211: Failed to add the "
10031 "bridge interface %s: %s",
10032 brname, strerror(errno));
10035 bss->added_bridge = 1;
10036 add_ifidx(drv, if_nametoindex(brname));
10039 if (linux_br_get(in_br, ifname) == 0) {
10040 if (os_strcmp(in_br, brname) == 0)
10041 return 0; /* already in the bridge */
10043 wpa_printf(MSG_DEBUG, "nl80211: Removing interface %s from "
10044 "bridge %s", ifname, in_br);
10045 if (linux_br_del_if(drv->global->ioctl_sock, in_br, ifname) <
10047 wpa_printf(MSG_ERROR, "nl80211: Failed to "
10048 "remove interface %s from bridge "
10050 ifname, brname, strerror(errno));
10055 wpa_printf(MSG_DEBUG, "nl80211: Adding interface %s into bridge %s",
10057 if (linux_br_add_if(drv->global->ioctl_sock, brname, ifname) < 0) {
10058 wpa_printf(MSG_ERROR, "nl80211: Failed to add interface %s "
10059 "into bridge %s: %s",
10060 ifname, brname, strerror(errno));
10063 bss->added_if_into_bridge = 1;
10069 static void *i802_init(struct hostapd_data *hapd,
10070 struct wpa_init_params *params)
10072 struct wpa_driver_nl80211_data *drv;
10073 struct i802_bss *bss;
10075 char brname[IFNAMSIZ];
10076 int ifindex, br_ifindex;
10079 bss = wpa_driver_nl80211_drv_init(hapd, params->ifname,
10080 params->global_priv, 1,
10087 if (linux_br_get(brname, params->ifname) == 0) {
10088 wpa_printf(MSG_DEBUG, "nl80211: Interface %s is in bridge %s",
10089 params->ifname, brname);
10090 br_ifindex = if_nametoindex(brname);
10096 for (i = 0; i < params->num_bridge; i++) {
10097 if (params->bridge[i]) {
10098 ifindex = if_nametoindex(params->bridge[i]);
10100 add_ifidx(drv, ifindex);
10101 if (ifindex == br_ifindex)
10105 if (!br_added && br_ifindex &&
10106 (params->num_bridge == 0 || !params->bridge[0]))
10107 add_ifidx(drv, br_ifindex);
10109 /* start listening for EAPOL on the default AP interface */
10110 add_ifidx(drv, drv->ifindex);
10112 if (params->num_bridge && params->bridge[0] &&
10113 i802_check_bridge(drv, bss, params->bridge[0], params->ifname) < 0)
10116 #ifdef CONFIG_LIBNL3_ROUTE
10117 if (bss->added_if_into_bridge) {
10118 drv->rtnl_sk = nl_socket_alloc();
10119 if (drv->rtnl_sk == NULL) {
10120 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate nl_sock");
10124 if (nl_connect(drv->rtnl_sk, NETLINK_ROUTE)) {
10125 wpa_printf(MSG_ERROR, "nl80211: Failed to connect nl_sock to NETLINK_ROUTE: %s",
10130 #endif /* CONFIG_LIBNL3_ROUTE */
10132 drv->eapol_sock = socket(PF_PACKET, SOCK_DGRAM, htons(ETH_P_PAE));
10133 if (drv->eapol_sock < 0) {
10134 wpa_printf(MSG_ERROR, "nl80211: socket(PF_PACKET, SOCK_DGRAM, ETH_P_PAE) failed: %s",
10139 if (eloop_register_read_sock(drv->eapol_sock, handle_eapol, drv, NULL))
10141 wpa_printf(MSG_INFO, "nl80211: Could not register read socket for eapol");
10145 if (linux_get_ifhwaddr(drv->global->ioctl_sock, bss->ifname,
10148 os_memcpy(drv->perm_addr, params->own_addr, ETH_ALEN);
10150 memcpy(bss->addr, params->own_addr, ETH_ALEN);
10155 wpa_driver_nl80211_deinit(bss);
10160 static void i802_deinit(void *priv)
10162 struct i802_bss *bss = priv;
10163 wpa_driver_nl80211_deinit(bss);
10167 static enum nl80211_iftype wpa_driver_nl80211_if_type(
10168 enum wpa_driver_if_type type)
10171 case WPA_IF_STATION:
10172 return NL80211_IFTYPE_STATION;
10173 case WPA_IF_P2P_CLIENT:
10174 case WPA_IF_P2P_GROUP:
10175 return NL80211_IFTYPE_P2P_CLIENT;
10176 case WPA_IF_AP_VLAN:
10177 return NL80211_IFTYPE_AP_VLAN;
10178 case WPA_IF_AP_BSS:
10179 return NL80211_IFTYPE_AP;
10180 case WPA_IF_P2P_GO:
10181 return NL80211_IFTYPE_P2P_GO;
10182 case WPA_IF_P2P_DEVICE:
10183 return NL80211_IFTYPE_P2P_DEVICE;
10191 static int nl80211_addr_in_use(struct nl80211_global *global, const u8 *addr)
10193 struct wpa_driver_nl80211_data *drv;
10194 dl_list_for_each(drv, &global->interfaces,
10195 struct wpa_driver_nl80211_data, list) {
10196 if (os_memcmp(addr, drv->first_bss->addr, ETH_ALEN) == 0)
10203 static int nl80211_p2p_interface_addr(struct wpa_driver_nl80211_data *drv,
10211 os_memcpy(new_addr, drv->first_bss->addr, ETH_ALEN);
10212 for (idx = 0; idx < 64; idx++) {
10213 new_addr[0] = drv->first_bss->addr[0] | 0x02;
10214 new_addr[0] ^= idx << 2;
10215 if (!nl80211_addr_in_use(drv->global, new_addr))
10221 wpa_printf(MSG_DEBUG, "nl80211: Assigned new P2P Interface Address "
10222 MACSTR, MAC2STR(new_addr));
10227 #endif /* CONFIG_P2P */
10233 u8 macaddr[ETH_ALEN];
10236 static int nl80211_wdev_handler(struct nl_msg *msg, void *arg)
10238 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
10239 struct nlattr *tb[NL80211_ATTR_MAX + 1];
10240 struct wdev_info *wi = arg;
10242 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
10243 genlmsg_attrlen(gnlh, 0), NULL);
10244 if (tb[NL80211_ATTR_WDEV]) {
10245 wi->wdev_id = nla_get_u64(tb[NL80211_ATTR_WDEV]);
10246 wi->wdev_id_set = 1;
10249 if (tb[NL80211_ATTR_MAC])
10250 os_memcpy(wi->macaddr, nla_data(tb[NL80211_ATTR_MAC]),
10257 static int wpa_driver_nl80211_if_add(void *priv, enum wpa_driver_if_type type,
10258 const char *ifname, const u8 *addr,
10259 void *bss_ctx, void **drv_priv,
10260 char *force_ifname, u8 *if_addr,
10261 const char *bridge, int use_existing)
10263 enum nl80211_iftype nlmode;
10264 struct i802_bss *bss = priv;
10265 struct wpa_driver_nl80211_data *drv = bss->drv;
10270 os_memcpy(if_addr, addr, ETH_ALEN);
10271 nlmode = wpa_driver_nl80211_if_type(type);
10272 if (nlmode == NL80211_IFTYPE_P2P_DEVICE) {
10273 struct wdev_info p2pdev_info;
10275 os_memset(&p2pdev_info, 0, sizeof(p2pdev_info));
10276 ifidx = nl80211_create_iface(drv, ifname, nlmode, addr,
10277 0, nl80211_wdev_handler,
10278 &p2pdev_info, use_existing);
10279 if (!p2pdev_info.wdev_id_set || ifidx != 0) {
10280 wpa_printf(MSG_ERROR, "nl80211: Failed to create a P2P Device interface %s",
10285 drv->global->if_add_wdevid = p2pdev_info.wdev_id;
10286 drv->global->if_add_wdevid_set = p2pdev_info.wdev_id_set;
10287 if (!is_zero_ether_addr(p2pdev_info.macaddr))
10288 os_memcpy(if_addr, p2pdev_info.macaddr, ETH_ALEN);
10289 wpa_printf(MSG_DEBUG, "nl80211: New P2P Device interface %s (0x%llx) created",
10291 (long long unsigned int) p2pdev_info.wdev_id);
10293 ifidx = nl80211_create_iface(drv, ifname, nlmode, addr,
10294 0, NULL, NULL, use_existing);
10295 if (use_existing && ifidx == -ENFILE) {
10297 ifidx = if_nametoindex(ifname);
10298 } else if (ifidx < 0) {
10304 if (drv->nlmode == NL80211_IFTYPE_P2P_DEVICE)
10305 os_memcpy(if_addr, bss->addr, ETH_ALEN);
10306 else if (linux_get_ifhwaddr(drv->global->ioctl_sock,
10307 bss->ifname, if_addr) < 0) {
10309 nl80211_remove_iface(drv, ifidx);
10316 (type == WPA_IF_P2P_CLIENT || type == WPA_IF_P2P_GROUP ||
10317 type == WPA_IF_P2P_GO)) {
10318 /* Enforce unique P2P Interface Address */
10319 u8 new_addr[ETH_ALEN];
10321 if (linux_get_ifhwaddr(drv->global->ioctl_sock, ifname,
10324 nl80211_remove_iface(drv, ifidx);
10327 if (nl80211_addr_in_use(drv->global, new_addr)) {
10328 wpa_printf(MSG_DEBUG, "nl80211: Allocate new address "
10329 "for P2P group interface");
10330 if (nl80211_p2p_interface_addr(drv, new_addr) < 0) {
10332 nl80211_remove_iface(drv, ifidx);
10335 if (linux_set_ifhwaddr(drv->global->ioctl_sock, ifname,
10338 nl80211_remove_iface(drv, ifidx);
10342 os_memcpy(if_addr, new_addr, ETH_ALEN);
10344 #endif /* CONFIG_P2P */
10346 if (type == WPA_IF_AP_BSS) {
10347 struct i802_bss *new_bss = os_zalloc(sizeof(*new_bss));
10348 if (new_bss == NULL) {
10350 nl80211_remove_iface(drv, ifidx);
10355 i802_check_bridge(drv, new_bss, bridge, ifname) < 0) {
10356 wpa_printf(MSG_ERROR, "nl80211: Failed to add the new "
10357 "interface %s to a bridge %s",
10360 nl80211_remove_iface(drv, ifidx);
10365 if (linux_set_iface_flags(drv->global->ioctl_sock, ifname, 1))
10368 nl80211_remove_iface(drv, ifidx);
10372 os_strlcpy(new_bss->ifname, ifname, IFNAMSIZ);
10373 os_memcpy(new_bss->addr, if_addr, ETH_ALEN);
10374 new_bss->ifindex = ifidx;
10375 new_bss->drv = drv;
10376 new_bss->next = drv->first_bss->next;
10377 new_bss->freq = drv->first_bss->freq;
10378 new_bss->ctx = bss_ctx;
10379 new_bss->added_if = added;
10380 drv->first_bss->next = new_bss;
10382 *drv_priv = new_bss;
10383 nl80211_init_bss(new_bss);
10385 /* Subscribe management frames for this WPA_IF_AP_BSS */
10386 if (nl80211_setup_ap(new_bss))
10391 drv->global->if_add_ifindex = ifidx;
10394 * Some virtual interfaces need to process EAPOL packets and events on
10395 * the parent interface. This is used mainly with hostapd.
10399 nlmode == NL80211_IFTYPE_AP_VLAN ||
10400 nlmode == NL80211_IFTYPE_WDS ||
10401 nlmode == NL80211_IFTYPE_MONITOR))
10402 add_ifidx(drv, ifidx);
10408 static int wpa_driver_nl80211_if_remove(struct i802_bss *bss,
10409 enum wpa_driver_if_type type,
10410 const char *ifname)
10412 struct wpa_driver_nl80211_data *drv = bss->drv;
10413 int ifindex = if_nametoindex(ifname);
10415 wpa_printf(MSG_DEBUG, "nl80211: %s(type=%d ifname=%s) ifindex=%d added_if=%d",
10416 __func__, type, ifname, ifindex, bss->added_if);
10417 if (ifindex > 0 && (bss->added_if || bss->ifindex != ifindex))
10418 nl80211_remove_iface(drv, ifindex);
10419 else if (ifindex > 0 && !bss->added_if) {
10420 struct wpa_driver_nl80211_data *drv2;
10421 dl_list_for_each(drv2, &drv->global->interfaces,
10422 struct wpa_driver_nl80211_data, list)
10423 del_ifidx(drv2, ifindex);
10426 if (type != WPA_IF_AP_BSS)
10429 if (bss->added_if_into_bridge) {
10430 if (linux_br_del_if(drv->global->ioctl_sock, bss->brname,
10432 wpa_printf(MSG_INFO, "nl80211: Failed to remove "
10433 "interface %s from bridge %s: %s",
10434 bss->ifname, bss->brname, strerror(errno));
10436 if (bss->added_bridge) {
10437 if (linux_br_del(drv->global->ioctl_sock, bss->brname) < 0)
10438 wpa_printf(MSG_INFO, "nl80211: Failed to remove "
10440 bss->brname, strerror(errno));
10443 if (bss != drv->first_bss) {
10444 struct i802_bss *tbss;
10446 wpa_printf(MSG_DEBUG, "nl80211: Not the first BSS - remove it");
10447 for (tbss = drv->first_bss; tbss; tbss = tbss->next) {
10448 if (tbss->next == bss) {
10449 tbss->next = bss->next;
10450 /* Unsubscribe management frames */
10451 nl80211_teardown_ap(bss);
10452 nl80211_destroy_bss(bss);
10453 if (!bss->added_if)
10454 i802_set_iface_flags(bss, 0);
10461 wpa_printf(MSG_INFO, "nl80211: %s - could not find "
10462 "BSS %p in the list", __func__, bss);
10464 wpa_printf(MSG_DEBUG, "nl80211: First BSS - reassign context");
10465 nl80211_teardown_ap(bss);
10466 if (!bss->added_if && !drv->first_bss->next)
10467 wpa_driver_nl80211_del_beacon(drv);
10468 nl80211_destroy_bss(bss);
10469 if (!bss->added_if)
10470 i802_set_iface_flags(bss, 0);
10471 if (drv->first_bss->next) {
10472 drv->first_bss = drv->first_bss->next;
10473 drv->ctx = drv->first_bss->ctx;
10476 wpa_printf(MSG_DEBUG, "nl80211: No second BSS to reassign context to");
10484 static int cookie_handler(struct nl_msg *msg, void *arg)
10486 struct nlattr *tb[NL80211_ATTR_MAX + 1];
10487 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
10489 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
10490 genlmsg_attrlen(gnlh, 0), NULL);
10491 if (tb[NL80211_ATTR_COOKIE])
10492 *cookie = nla_get_u64(tb[NL80211_ATTR_COOKIE]);
10497 static int nl80211_send_frame_cmd(struct i802_bss *bss,
10498 unsigned int freq, unsigned int wait,
10499 const u8 *buf, size_t buf_len,
10500 u64 *cookie_out, int no_cck, int no_ack,
10503 struct wpa_driver_nl80211_data *drv = bss->drv;
10504 struct nl_msg *msg;
10508 msg = nlmsg_alloc();
10512 wpa_printf(MSG_MSGDUMP, "nl80211: CMD_FRAME freq=%u wait=%u no_cck=%d "
10513 "no_ack=%d offchanok=%d",
10514 freq, wait, no_cck, no_ack, offchanok);
10515 wpa_hexdump(MSG_MSGDUMP, "CMD_FRAME", buf, buf_len);
10516 nl80211_cmd(drv, msg, 0, NL80211_CMD_FRAME);
10518 if (nl80211_set_iface_id(msg, bss) < 0)
10519 goto nla_put_failure;
10521 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, freq);
10523 NLA_PUT_U32(msg, NL80211_ATTR_DURATION, wait);
10524 if (offchanok && ((drv->capa.flags & WPA_DRIVER_FLAGS_OFFCHANNEL_TX) ||
10525 drv->test_use_roc_tx))
10526 NLA_PUT_FLAG(msg, NL80211_ATTR_OFFCHANNEL_TX_OK);
10528 NLA_PUT_FLAG(msg, NL80211_ATTR_TX_NO_CCK_RATE);
10530 NLA_PUT_FLAG(msg, NL80211_ATTR_DONT_WAIT_FOR_ACK);
10532 NLA_PUT(msg, NL80211_ATTR_FRAME, buf_len, buf);
10535 ret = send_and_recv_msgs(drv, msg, cookie_handler, &cookie);
10538 wpa_printf(MSG_DEBUG, "nl80211: Frame command failed: ret=%d "
10539 "(%s) (freq=%u wait=%u)", ret, strerror(-ret),
10541 goto nla_put_failure;
10543 wpa_printf(MSG_MSGDUMP, "nl80211: Frame TX command accepted%s; "
10544 "cookie 0x%llx", no_ack ? " (no ACK)" : "",
10545 (long long unsigned int) cookie);
10548 *cookie_out = no_ack ? (u64) -1 : cookie;
10556 static int wpa_driver_nl80211_send_action(struct i802_bss *bss,
10558 unsigned int wait_time,
10559 const u8 *dst, const u8 *src,
10561 const u8 *data, size_t data_len,
10564 struct wpa_driver_nl80211_data *drv = bss->drv;
10567 struct ieee80211_hdr *hdr;
10569 wpa_printf(MSG_DEBUG, "nl80211: Send Action frame (ifindex=%d, "
10570 "freq=%u MHz wait=%d ms no_cck=%d)",
10571 drv->ifindex, freq, wait_time, no_cck);
10573 buf = os_zalloc(24 + data_len);
10576 os_memcpy(buf + 24, data, data_len);
10577 hdr = (struct ieee80211_hdr *) buf;
10578 hdr->frame_control =
10579 IEEE80211_FC(WLAN_FC_TYPE_MGMT, WLAN_FC_STYPE_ACTION);
10580 os_memcpy(hdr->addr1, dst, ETH_ALEN);
10581 os_memcpy(hdr->addr2, src, ETH_ALEN);
10582 os_memcpy(hdr->addr3, bssid, ETH_ALEN);
10584 if (is_ap_interface(drv->nlmode) &&
10585 (!(drv->capa.flags & WPA_DRIVER_FLAGS_OFFCHANNEL_TX) ||
10586 (int) freq == bss->freq || drv->device_ap_sme ||
10587 !drv->use_monitor))
10588 ret = wpa_driver_nl80211_send_mlme(bss, buf, 24 + data_len,
10589 0, freq, no_cck, 1,
10592 ret = nl80211_send_frame_cmd(bss, freq, wait_time, buf,
10594 &drv->send_action_cookie,
10602 static void wpa_driver_nl80211_send_action_cancel_wait(void *priv)
10604 struct i802_bss *bss = priv;
10605 struct wpa_driver_nl80211_data *drv = bss->drv;
10606 struct nl_msg *msg;
10609 msg = nlmsg_alloc();
10613 wpa_printf(MSG_DEBUG, "nl80211: Cancel TX frame wait: cookie=0x%llx",
10614 (long long unsigned int) drv->send_action_cookie);
10615 nl80211_cmd(drv, msg, 0, NL80211_CMD_FRAME_WAIT_CANCEL);
10617 if (nl80211_set_iface_id(msg, bss) < 0)
10618 goto nla_put_failure;
10619 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, drv->send_action_cookie);
10621 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
10624 wpa_printf(MSG_DEBUG, "nl80211: wait cancel failed: ret=%d "
10625 "(%s)", ret, strerror(-ret));
10632 static int wpa_driver_nl80211_remain_on_channel(void *priv, unsigned int freq,
10633 unsigned int duration)
10635 struct i802_bss *bss = priv;
10636 struct wpa_driver_nl80211_data *drv = bss->drv;
10637 struct nl_msg *msg;
10641 msg = nlmsg_alloc();
10645 nl80211_cmd(drv, msg, 0, NL80211_CMD_REMAIN_ON_CHANNEL);
10647 if (nl80211_set_iface_id(msg, bss) < 0)
10648 goto nla_put_failure;
10650 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, freq);
10651 NLA_PUT_U32(msg, NL80211_ATTR_DURATION, duration);
10654 ret = send_and_recv_msgs(drv, msg, cookie_handler, &cookie);
10657 wpa_printf(MSG_DEBUG, "nl80211: Remain-on-channel cookie "
10658 "0x%llx for freq=%u MHz duration=%u",
10659 (long long unsigned int) cookie, freq, duration);
10660 drv->remain_on_chan_cookie = cookie;
10661 drv->pending_remain_on_chan = 1;
10664 wpa_printf(MSG_DEBUG, "nl80211: Failed to request remain-on-channel "
10665 "(freq=%d duration=%u): %d (%s)",
10666 freq, duration, ret, strerror(-ret));
10673 static int wpa_driver_nl80211_cancel_remain_on_channel(void *priv)
10675 struct i802_bss *bss = priv;
10676 struct wpa_driver_nl80211_data *drv = bss->drv;
10677 struct nl_msg *msg;
10680 if (!drv->pending_remain_on_chan) {
10681 wpa_printf(MSG_DEBUG, "nl80211: No pending remain-on-channel "
10686 wpa_printf(MSG_DEBUG, "nl80211: Cancel remain-on-channel with cookie "
10688 (long long unsigned int) drv->remain_on_chan_cookie);
10690 msg = nlmsg_alloc();
10694 nl80211_cmd(drv, msg, 0, NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL);
10696 if (nl80211_set_iface_id(msg, bss) < 0)
10697 goto nla_put_failure;
10699 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, drv->remain_on_chan_cookie);
10701 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
10705 wpa_printf(MSG_DEBUG, "nl80211: Failed to cancel remain-on-channel: "
10706 "%d (%s)", ret, strerror(-ret));
10713 static int wpa_driver_nl80211_probe_req_report(struct i802_bss *bss, int report)
10715 struct wpa_driver_nl80211_data *drv = bss->drv;
10718 if (bss->nl_preq && drv->device_ap_sme &&
10719 is_ap_interface(drv->nlmode) && !bss->in_deinit &&
10722 * Do not disable Probe Request reporting that was
10723 * enabled in nl80211_setup_ap().
10725 wpa_printf(MSG_DEBUG, "nl80211: Skip disabling of "
10726 "Probe Request reporting nl_preq=%p while "
10727 "in AP mode", bss->nl_preq);
10728 } else if (bss->nl_preq) {
10729 wpa_printf(MSG_DEBUG, "nl80211: Disable Probe Request "
10730 "reporting nl_preq=%p", bss->nl_preq);
10731 nl80211_destroy_eloop_handle(&bss->nl_preq);
10736 if (bss->nl_preq) {
10737 wpa_printf(MSG_DEBUG, "nl80211: Probe Request reporting "
10738 "already on! nl_preq=%p", bss->nl_preq);
10742 bss->nl_preq = nl_create_handle(drv->global->nl_cb, "preq");
10743 if (bss->nl_preq == NULL)
10745 wpa_printf(MSG_DEBUG, "nl80211: Enable Probe Request "
10746 "reporting nl_preq=%p", bss->nl_preq);
10748 if (nl80211_register_frame(bss, bss->nl_preq,
10749 (WLAN_FC_TYPE_MGMT << 2) |
10750 (WLAN_FC_STYPE_PROBE_REQ << 4),
10754 nl80211_register_eloop_read(&bss->nl_preq,
10755 wpa_driver_nl80211_event_receive,
10761 nl_destroy_handles(&bss->nl_preq);
10766 static int nl80211_disable_11b_rates(struct wpa_driver_nl80211_data *drv,
10767 int ifindex, int disabled)
10769 struct nl_msg *msg;
10770 struct nlattr *bands, *band;
10773 msg = nlmsg_alloc();
10777 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_TX_BITRATE_MASK);
10778 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifindex);
10780 bands = nla_nest_start(msg, NL80211_ATTR_TX_RATES);
10782 goto nla_put_failure;
10785 * Disable 2 GHz rates 1, 2, 5.5, 11 Mbps by masking out everything
10786 * else apart from 6, 9, 12, 18, 24, 36, 48, 54 Mbps from non-MCS
10787 * rates. All 5 GHz rates are left enabled.
10789 band = nla_nest_start(msg, NL80211_BAND_2GHZ);
10791 goto nla_put_failure;
10793 NLA_PUT(msg, NL80211_TXRATE_LEGACY, 8,
10794 "\x0c\x12\x18\x24\x30\x48\x60\x6c");
10796 nla_nest_end(msg, band);
10798 nla_nest_end(msg, bands);
10800 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
10803 wpa_printf(MSG_DEBUG, "nl80211: Set TX rates failed: ret=%d "
10804 "(%s)", ret, strerror(-ret));
10806 drv->disabled_11b_rates = disabled;
10816 static int wpa_driver_nl80211_deinit_ap(void *priv)
10818 struct i802_bss *bss = priv;
10819 struct wpa_driver_nl80211_data *drv = bss->drv;
10820 if (!is_ap_interface(drv->nlmode))
10822 wpa_driver_nl80211_del_beacon(drv);
10825 * If the P2P GO interface was dynamically added, then it is
10826 * possible that the interface change to station is not possible.
10828 if (drv->nlmode == NL80211_IFTYPE_P2P_GO && bss->if_dynamic)
10831 return wpa_driver_nl80211_set_mode(priv, NL80211_IFTYPE_STATION);
10835 static int wpa_driver_nl80211_stop_ap(void *priv)
10837 struct i802_bss *bss = priv;
10838 struct wpa_driver_nl80211_data *drv = bss->drv;
10839 if (!is_ap_interface(drv->nlmode))
10841 wpa_driver_nl80211_del_beacon(drv);
10842 bss->beacon_set = 0;
10847 static int wpa_driver_nl80211_deinit_p2p_cli(void *priv)
10849 struct i802_bss *bss = priv;
10850 struct wpa_driver_nl80211_data *drv = bss->drv;
10851 if (drv->nlmode != NL80211_IFTYPE_P2P_CLIENT)
10855 * If the P2P Client interface was dynamically added, then it is
10856 * possible that the interface change to station is not possible.
10858 if (bss->if_dynamic)
10861 return wpa_driver_nl80211_set_mode(priv, NL80211_IFTYPE_STATION);
10865 static void wpa_driver_nl80211_resume(void *priv)
10867 struct i802_bss *bss = priv;
10869 if (i802_set_iface_flags(bss, 1))
10870 wpa_printf(MSG_DEBUG, "nl80211: Failed to set interface up on resume event");
10874 static int nl80211_send_ft_action(void *priv, u8 action, const u8 *target_ap,
10875 const u8 *ies, size_t ies_len)
10877 struct i802_bss *bss = priv;
10878 struct wpa_driver_nl80211_data *drv = bss->drv;
10882 const u8 *own_addr = bss->addr;
10885 wpa_printf(MSG_ERROR, "nl80211: Unsupported send_ft_action "
10886 "action %d", action);
10891 * Action frame payload:
10892 * Category[1] = 6 (Fast BSS Transition)
10893 * Action[1] = 1 (Fast BSS Transition Request)
10895 * Target AP Address
10899 data_len = 2 + 2 * ETH_ALEN + ies_len;
10900 data = os_malloc(data_len);
10904 *pos++ = 0x06; /* FT Action category */
10906 os_memcpy(pos, own_addr, ETH_ALEN);
10908 os_memcpy(pos, target_ap, ETH_ALEN);
10910 os_memcpy(pos, ies, ies_len);
10912 ret = wpa_driver_nl80211_send_action(bss, drv->assoc_freq, 0,
10913 drv->bssid, own_addr, drv->bssid,
10914 data, data_len, 0);
10921 static int nl80211_signal_monitor(void *priv, int threshold, int hysteresis)
10923 struct i802_bss *bss = priv;
10924 struct wpa_driver_nl80211_data *drv = bss->drv;
10925 struct nl_msg *msg;
10926 struct nlattr *cqm;
10929 wpa_printf(MSG_DEBUG, "nl80211: Signal monitor threshold=%d "
10930 "hysteresis=%d", threshold, hysteresis);
10932 msg = nlmsg_alloc();
10936 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_CQM);
10938 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, bss->ifindex);
10940 cqm = nla_nest_start(msg, NL80211_ATTR_CQM);
10942 goto nla_put_failure;
10944 NLA_PUT_U32(msg, NL80211_ATTR_CQM_RSSI_THOLD, threshold);
10945 NLA_PUT_U32(msg, NL80211_ATTR_CQM_RSSI_HYST, hysteresis);
10946 nla_nest_end(msg, cqm);
10948 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
10957 static int get_channel_width(struct nl_msg *msg, void *arg)
10959 struct nlattr *tb[NL80211_ATTR_MAX + 1];
10960 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
10961 struct wpa_signal_info *sig_change = arg;
10963 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
10964 genlmsg_attrlen(gnlh, 0), NULL);
10966 sig_change->center_frq1 = -1;
10967 sig_change->center_frq2 = -1;
10968 sig_change->chanwidth = CHAN_WIDTH_UNKNOWN;
10970 if (tb[NL80211_ATTR_CHANNEL_WIDTH]) {
10971 sig_change->chanwidth = convert2width(
10972 nla_get_u32(tb[NL80211_ATTR_CHANNEL_WIDTH]));
10973 if (tb[NL80211_ATTR_CENTER_FREQ1])
10974 sig_change->center_frq1 =
10975 nla_get_u32(tb[NL80211_ATTR_CENTER_FREQ1]);
10976 if (tb[NL80211_ATTR_CENTER_FREQ2])
10977 sig_change->center_frq2 =
10978 nla_get_u32(tb[NL80211_ATTR_CENTER_FREQ2]);
10985 static int nl80211_get_channel_width(struct wpa_driver_nl80211_data *drv,
10986 struct wpa_signal_info *sig)
10988 struct nl_msg *msg;
10990 msg = nlmsg_alloc();
10994 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_INTERFACE);
10995 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
10997 return send_and_recv_msgs(drv, msg, get_channel_width, sig);
11005 static int nl80211_signal_poll(void *priv, struct wpa_signal_info *si)
11007 struct i802_bss *bss = priv;
11008 struct wpa_driver_nl80211_data *drv = bss->drv;
11011 os_memset(si, 0, sizeof(*si));
11012 res = nl80211_get_link_signal(drv, si);
11016 res = nl80211_get_channel_width(drv, si);
11020 return nl80211_get_link_noise(drv, si);
11024 static int wpa_driver_nl80211_shared_freq(void *priv)
11026 struct i802_bss *bss = priv;
11027 struct wpa_driver_nl80211_data *drv = bss->drv;
11028 struct wpa_driver_nl80211_data *driver;
11032 * If the same PHY is in connected state with some other interface,
11033 * then retrieve the assoc freq.
11035 wpa_printf(MSG_DEBUG, "nl80211: Get shared freq for PHY %s",
11038 dl_list_for_each(driver, &drv->global->interfaces,
11039 struct wpa_driver_nl80211_data, list) {
11040 if (drv == driver ||
11041 os_strcmp(drv->phyname, driver->phyname) != 0 ||
11042 !driver->associated)
11045 wpa_printf(MSG_DEBUG, "nl80211: Found a match for PHY %s - %s "
11047 driver->phyname, driver->first_bss->ifname,
11048 MAC2STR(driver->first_bss->addr));
11049 if (is_ap_interface(driver->nlmode))
11050 freq = driver->first_bss->freq;
11052 freq = nl80211_get_assoc_freq(driver);
11053 wpa_printf(MSG_DEBUG, "nl80211: Shared freq for PHY %s: %d",
11054 drv->phyname, freq);
11058 wpa_printf(MSG_DEBUG, "nl80211: No shared interface for "
11059 "PHY (%s) in associated state", drv->phyname);
11065 static int nl80211_send_frame(void *priv, const u8 *data, size_t data_len,
11068 struct i802_bss *bss = priv;
11069 return wpa_driver_nl80211_send_frame(bss, data, data_len, encrypt, 0,
11074 static int nl80211_set_param(void *priv, const char *param)
11076 wpa_printf(MSG_DEBUG, "nl80211: driver param='%s'", param);
11081 if (os_strstr(param, "use_p2p_group_interface=1")) {
11082 struct i802_bss *bss = priv;
11083 struct wpa_driver_nl80211_data *drv = bss->drv;
11085 wpa_printf(MSG_DEBUG, "nl80211: Use separate P2P group "
11087 drv->capa.flags |= WPA_DRIVER_FLAGS_P2P_CONCURRENT;
11088 drv->capa.flags |= WPA_DRIVER_FLAGS_P2P_MGMT_AND_NON_P2P;
11091 if (os_strstr(param, "p2p_device=1")) {
11092 struct i802_bss *bss = priv;
11093 struct wpa_driver_nl80211_data *drv = bss->drv;
11094 drv->allow_p2p_device = 1;
11096 #endif /* CONFIG_P2P */
11098 if (os_strstr(param, "use_monitor=1")) {
11099 struct i802_bss *bss = priv;
11100 struct wpa_driver_nl80211_data *drv = bss->drv;
11101 drv->use_monitor = 1;
11104 if (os_strstr(param, "force_connect_cmd=1")) {
11105 struct i802_bss *bss = priv;
11106 struct wpa_driver_nl80211_data *drv = bss->drv;
11107 drv->capa.flags &= ~WPA_DRIVER_FLAGS_SME;
11108 drv->force_connect_cmd = 1;
11111 if (os_strstr(param, "no_offchannel_tx=1")) {
11112 struct i802_bss *bss = priv;
11113 struct wpa_driver_nl80211_data *drv = bss->drv;
11114 drv->capa.flags &= ~WPA_DRIVER_FLAGS_OFFCHANNEL_TX;
11115 drv->test_use_roc_tx = 1;
11122 static void * nl80211_global_init(void)
11124 struct nl80211_global *global;
11125 struct netlink_config *cfg;
11127 global = os_zalloc(sizeof(*global));
11128 if (global == NULL)
11130 global->ioctl_sock = -1;
11131 dl_list_init(&global->interfaces);
11132 global->if_add_ifindex = -1;
11134 cfg = os_zalloc(sizeof(*cfg));
11139 cfg->newlink_cb = wpa_driver_nl80211_event_rtm_newlink;
11140 cfg->dellink_cb = wpa_driver_nl80211_event_rtm_dellink;
11141 global->netlink = netlink_init(cfg);
11142 if (global->netlink == NULL) {
11147 if (wpa_driver_nl80211_init_nl_global(global) < 0)
11150 global->ioctl_sock = socket(PF_INET, SOCK_DGRAM, 0);
11151 if (global->ioctl_sock < 0) {
11152 wpa_printf(MSG_ERROR, "nl80211: socket(PF_INET,SOCK_DGRAM) failed: %s",
11160 nl80211_global_deinit(global);
11165 static void nl80211_global_deinit(void *priv)
11167 struct nl80211_global *global = priv;
11168 if (global == NULL)
11170 if (!dl_list_empty(&global->interfaces)) {
11171 wpa_printf(MSG_ERROR, "nl80211: %u interface(s) remain at "
11172 "nl80211_global_deinit",
11173 dl_list_len(&global->interfaces));
11176 if (global->netlink)
11177 netlink_deinit(global->netlink);
11179 nl_destroy_handles(&global->nl);
11181 if (global->nl_event)
11182 nl80211_destroy_eloop_handle(&global->nl_event);
11184 nl_cb_put(global->nl_cb);
11186 if (global->ioctl_sock >= 0)
11187 close(global->ioctl_sock);
11193 static const char * nl80211_get_radio_name(void *priv)
11195 struct i802_bss *bss = priv;
11196 struct wpa_driver_nl80211_data *drv = bss->drv;
11197 return drv->phyname;
11201 static int nl80211_pmkid(struct i802_bss *bss, int cmd, const u8 *bssid,
11204 struct nl_msg *msg;
11206 msg = nlmsg_alloc();
11210 nl80211_cmd(bss->drv, msg, 0, cmd);
11212 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(bss->ifname));
11214 NLA_PUT(msg, NL80211_ATTR_PMKID, 16, pmkid);
11216 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid);
11218 return send_and_recv_msgs(bss->drv, msg, NULL, NULL);
11225 static int nl80211_add_pmkid(void *priv, const u8 *bssid, const u8 *pmkid)
11227 struct i802_bss *bss = priv;
11228 wpa_printf(MSG_DEBUG, "nl80211: Add PMKID for " MACSTR, MAC2STR(bssid));
11229 return nl80211_pmkid(bss, NL80211_CMD_SET_PMKSA, bssid, pmkid);
11233 static int nl80211_remove_pmkid(void *priv, const u8 *bssid, const u8 *pmkid)
11235 struct i802_bss *bss = priv;
11236 wpa_printf(MSG_DEBUG, "nl80211: Delete PMKID for " MACSTR,
11238 return nl80211_pmkid(bss, NL80211_CMD_DEL_PMKSA, bssid, pmkid);
11242 static int nl80211_flush_pmkid(void *priv)
11244 struct i802_bss *bss = priv;
11245 wpa_printf(MSG_DEBUG, "nl80211: Flush PMKIDs");
11246 return nl80211_pmkid(bss, NL80211_CMD_FLUSH_PMKSA, NULL, NULL);
11250 static void clean_survey_results(struct survey_results *survey_results)
11252 struct freq_survey *survey, *tmp;
11254 if (dl_list_empty(&survey_results->survey_list))
11257 dl_list_for_each_safe(survey, tmp, &survey_results->survey_list,
11258 struct freq_survey, list) {
11259 dl_list_del(&survey->list);
11265 static void add_survey(struct nlattr **sinfo, u32 ifidx,
11266 struct dl_list *survey_list)
11268 struct freq_survey *survey;
11270 survey = os_zalloc(sizeof(struct freq_survey));
11274 survey->ifidx = ifidx;
11275 survey->freq = nla_get_u32(sinfo[NL80211_SURVEY_INFO_FREQUENCY]);
11276 survey->filled = 0;
11278 if (sinfo[NL80211_SURVEY_INFO_NOISE]) {
11279 survey->nf = (int8_t)
11280 nla_get_u8(sinfo[NL80211_SURVEY_INFO_NOISE]);
11281 survey->filled |= SURVEY_HAS_NF;
11284 if (sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME]) {
11285 survey->channel_time =
11286 nla_get_u64(sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME]);
11287 survey->filled |= SURVEY_HAS_CHAN_TIME;
11290 if (sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_BUSY]) {
11291 survey->channel_time_busy =
11292 nla_get_u64(sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_BUSY]);
11293 survey->filled |= SURVEY_HAS_CHAN_TIME_BUSY;
11296 if (sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_RX]) {
11297 survey->channel_time_rx =
11298 nla_get_u64(sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_RX]);
11299 survey->filled |= SURVEY_HAS_CHAN_TIME_RX;
11302 if (sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_TX]) {
11303 survey->channel_time_tx =
11304 nla_get_u64(sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_TX]);
11305 survey->filled |= SURVEY_HAS_CHAN_TIME_TX;
11308 wpa_printf(MSG_DEBUG, "nl80211: Freq survey dump event (freq=%d MHz noise=%d channel_time=%ld busy_time=%ld tx_time=%ld rx_time=%ld filled=%04x)",
11311 (unsigned long int) survey->channel_time,
11312 (unsigned long int) survey->channel_time_busy,
11313 (unsigned long int) survey->channel_time_tx,
11314 (unsigned long int) survey->channel_time_rx,
11317 dl_list_add_tail(survey_list, &survey->list);
11321 static int check_survey_ok(struct nlattr **sinfo, u32 surveyed_freq,
11322 unsigned int freq_filter)
11327 return freq_filter == surveyed_freq;
11331 static int survey_handler(struct nl_msg *msg, void *arg)
11333 struct nlattr *tb[NL80211_ATTR_MAX + 1];
11334 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
11335 struct nlattr *sinfo[NL80211_SURVEY_INFO_MAX + 1];
11336 struct survey_results *survey_results;
11337 u32 surveyed_freq = 0;
11340 static struct nla_policy survey_policy[NL80211_SURVEY_INFO_MAX + 1] = {
11341 [NL80211_SURVEY_INFO_FREQUENCY] = { .type = NLA_U32 },
11342 [NL80211_SURVEY_INFO_NOISE] = { .type = NLA_U8 },
11345 survey_results = (struct survey_results *) arg;
11347 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
11348 genlmsg_attrlen(gnlh, 0), NULL);
11350 if (!tb[NL80211_ATTR_IFINDEX])
11353 ifidx = nla_get_u32(tb[NL80211_ATTR_IFINDEX]);
11355 if (!tb[NL80211_ATTR_SURVEY_INFO])
11358 if (nla_parse_nested(sinfo, NL80211_SURVEY_INFO_MAX,
11359 tb[NL80211_ATTR_SURVEY_INFO],
11363 if (!sinfo[NL80211_SURVEY_INFO_FREQUENCY]) {
11364 wpa_printf(MSG_ERROR, "nl80211: Invalid survey data");
11368 surveyed_freq = nla_get_u32(sinfo[NL80211_SURVEY_INFO_FREQUENCY]);
11370 if (!check_survey_ok(sinfo, surveyed_freq,
11371 survey_results->freq_filter))
11374 if (survey_results->freq_filter &&
11375 survey_results->freq_filter != surveyed_freq) {
11376 wpa_printf(MSG_EXCESSIVE, "nl80211: Ignoring survey data for freq %d MHz",
11381 add_survey(sinfo, ifidx, &survey_results->survey_list);
11387 static int wpa_driver_nl80211_get_survey(void *priv, unsigned int freq)
11389 struct i802_bss *bss = priv;
11390 struct wpa_driver_nl80211_data *drv = bss->drv;
11391 struct nl_msg *msg;
11392 int err = -ENOBUFS;
11393 union wpa_event_data data;
11394 struct survey_results *survey_results;
11396 os_memset(&data, 0, sizeof(data));
11397 survey_results = &data.survey_results;
11399 dl_list_init(&survey_results->survey_list);
11401 msg = nlmsg_alloc();
11403 goto nla_put_failure;
11405 nl80211_cmd(drv, msg, NLM_F_DUMP, NL80211_CMD_GET_SURVEY);
11407 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
11410 data.survey_results.freq_filter = freq;
11413 wpa_printf(MSG_DEBUG, "nl80211: Fetch survey data");
11414 err = send_and_recv_msgs(drv, msg, survey_handler,
11419 wpa_printf(MSG_ERROR, "nl80211: Failed to process survey data");
11423 wpa_supplicant_event(drv->ctx, EVENT_SURVEY, &data);
11426 clean_survey_results(survey_results);
11432 static void nl80211_set_rekey_info(void *priv, const u8 *kek, const u8 *kck,
11433 const u8 *replay_ctr)
11435 struct i802_bss *bss = priv;
11436 struct wpa_driver_nl80211_data *drv = bss->drv;
11437 struct nlattr *replay_nested;
11438 struct nl_msg *msg;
11440 msg = nlmsg_alloc();
11444 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_REKEY_OFFLOAD);
11446 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, bss->ifindex);
11448 replay_nested = nla_nest_start(msg, NL80211_ATTR_REKEY_DATA);
11449 if (!replay_nested)
11450 goto nla_put_failure;
11452 NLA_PUT(msg, NL80211_REKEY_DATA_KEK, NL80211_KEK_LEN, kek);
11453 NLA_PUT(msg, NL80211_REKEY_DATA_KCK, NL80211_KCK_LEN, kck);
11454 NLA_PUT(msg, NL80211_REKEY_DATA_REPLAY_CTR, NL80211_REPLAY_CTR_LEN,
11457 nla_nest_end(msg, replay_nested);
11459 send_and_recv_msgs(drv, msg, NULL, NULL);
11466 static void nl80211_send_null_frame(struct i802_bss *bss, const u8 *own_addr,
11467 const u8 *addr, int qos)
11469 /* send data frame to poll STA and check whether
11470 * this frame is ACKed */
11472 struct ieee80211_hdr hdr;
11474 } STRUCT_PACKED nulldata;
11477 /* Send data frame to poll STA and check whether this frame is ACKed */
11479 os_memset(&nulldata, 0, sizeof(nulldata));
11482 nulldata.hdr.frame_control =
11483 IEEE80211_FC(WLAN_FC_TYPE_DATA,
11484 WLAN_FC_STYPE_QOS_NULL);
11485 size = sizeof(nulldata);
11487 nulldata.hdr.frame_control =
11488 IEEE80211_FC(WLAN_FC_TYPE_DATA,
11489 WLAN_FC_STYPE_NULLFUNC);
11490 size = sizeof(struct ieee80211_hdr);
11493 nulldata.hdr.frame_control |= host_to_le16(WLAN_FC_FROMDS);
11494 os_memcpy(nulldata.hdr.IEEE80211_DA_FROMDS, addr, ETH_ALEN);
11495 os_memcpy(nulldata.hdr.IEEE80211_BSSID_FROMDS, own_addr, ETH_ALEN);
11496 os_memcpy(nulldata.hdr.IEEE80211_SA_FROMDS, own_addr, ETH_ALEN);
11498 if (wpa_driver_nl80211_send_mlme(bss, (u8 *) &nulldata, size, 0, 0, 0,
11500 wpa_printf(MSG_DEBUG, "nl80211_send_null_frame: Failed to "
11501 "send poll frame");
11504 static void nl80211_poll_client(void *priv, const u8 *own_addr, const u8 *addr,
11507 struct i802_bss *bss = priv;
11508 struct wpa_driver_nl80211_data *drv = bss->drv;
11509 struct nl_msg *msg;
11511 if (!drv->poll_command_supported) {
11512 nl80211_send_null_frame(bss, own_addr, addr, qos);
11516 msg = nlmsg_alloc();
11520 nl80211_cmd(drv, msg, 0, NL80211_CMD_PROBE_CLIENT);
11522 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, bss->ifindex);
11523 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
11525 send_and_recv_msgs(drv, msg, NULL, NULL);
11532 static int nl80211_set_power_save(struct i802_bss *bss, int enabled)
11534 struct nl_msg *msg;
11536 msg = nlmsg_alloc();
11540 nl80211_cmd(bss->drv, msg, 0, NL80211_CMD_SET_POWER_SAVE);
11541 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, bss->ifindex);
11542 NLA_PUT_U32(msg, NL80211_ATTR_PS_STATE,
11543 enabled ? NL80211_PS_ENABLED : NL80211_PS_DISABLED);
11544 return send_and_recv_msgs(bss->drv, msg, NULL, NULL);
11551 static int nl80211_set_p2p_powersave(void *priv, int legacy_ps, int opp_ps,
11554 struct i802_bss *bss = priv;
11556 wpa_printf(MSG_DEBUG, "nl80211: set_p2p_powersave (legacy_ps=%d "
11557 "opp_ps=%d ctwindow=%d)", legacy_ps, opp_ps, ctwindow);
11559 if (opp_ps != -1 || ctwindow != -1) {
11561 wpa_driver_set_p2p_ps(priv, legacy_ps, opp_ps, ctwindow);
11562 #else /* ANDROID_P2P */
11563 return -1; /* Not yet supported */
11564 #endif /* ANDROID_P2P */
11567 if (legacy_ps == -1)
11569 if (legacy_ps != 0 && legacy_ps != 1)
11570 return -1; /* Not yet supported */
11572 return nl80211_set_power_save(bss, legacy_ps);
11576 static int nl80211_start_radar_detection(void *priv,
11577 struct hostapd_freq_params *freq)
11579 struct i802_bss *bss = priv;
11580 struct wpa_driver_nl80211_data *drv = bss->drv;
11581 struct nl_msg *msg;
11584 wpa_printf(MSG_DEBUG, "nl80211: Start radar detection (CAC) %d MHz (ht_enabled=%d, vht_enabled=%d, bandwidth=%d MHz, cf1=%d MHz, cf2=%d MHz)",
11585 freq->freq, freq->ht_enabled, freq->vht_enabled,
11586 freq->bandwidth, freq->center_freq1, freq->center_freq2);
11588 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_RADAR)) {
11589 wpa_printf(MSG_DEBUG, "nl80211: Driver does not support radar "
11594 msg = nlmsg_alloc();
11598 nl80211_cmd(bss->drv, msg, 0, NL80211_CMD_RADAR_DETECT);
11599 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
11601 if (nl80211_put_freq_params(msg, freq) < 0)
11602 goto nla_put_failure;
11604 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
11608 wpa_printf(MSG_DEBUG, "nl80211: Failed to start radar detection: "
11609 "%d (%s)", ret, strerror(-ret));
11617 static int nl80211_send_tdls_mgmt(void *priv, const u8 *dst, u8 action_code,
11618 u8 dialog_token, u16 status_code,
11619 u32 peer_capab, int initiator, const u8 *buf,
11622 struct i802_bss *bss = priv;
11623 struct wpa_driver_nl80211_data *drv = bss->drv;
11624 struct nl_msg *msg;
11626 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT))
11627 return -EOPNOTSUPP;
11632 msg = nlmsg_alloc();
11636 nl80211_cmd(drv, msg, 0, NL80211_CMD_TDLS_MGMT);
11637 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
11638 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, dst);
11639 NLA_PUT_U8(msg, NL80211_ATTR_TDLS_ACTION, action_code);
11640 NLA_PUT_U8(msg, NL80211_ATTR_TDLS_DIALOG_TOKEN, dialog_token);
11641 NLA_PUT_U16(msg, NL80211_ATTR_STATUS_CODE, status_code);
11644 * The internal enum tdls_peer_capability definition is
11645 * currently identical with the nl80211 enum
11646 * nl80211_tdls_peer_capability, so no conversion is needed
11649 NLA_PUT_U32(msg, NL80211_ATTR_TDLS_PEER_CAPABILITY, peer_capab);
11652 NLA_PUT_FLAG(msg, NL80211_ATTR_TDLS_INITIATOR);
11653 NLA_PUT(msg, NL80211_ATTR_IE, len, buf);
11655 return send_and_recv_msgs(drv, msg, NULL, NULL);
11663 static int nl80211_tdls_oper(void *priv, enum tdls_oper oper, const u8 *peer)
11665 struct i802_bss *bss = priv;
11666 struct wpa_driver_nl80211_data *drv = bss->drv;
11667 struct nl_msg *msg;
11668 enum nl80211_tdls_operation nl80211_oper;
11670 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT))
11671 return -EOPNOTSUPP;
11674 case TDLS_DISCOVERY_REQ:
11675 nl80211_oper = NL80211_TDLS_DISCOVERY_REQ;
11678 nl80211_oper = NL80211_TDLS_SETUP;
11680 case TDLS_TEARDOWN:
11681 nl80211_oper = NL80211_TDLS_TEARDOWN;
11683 case TDLS_ENABLE_LINK:
11684 nl80211_oper = NL80211_TDLS_ENABLE_LINK;
11686 case TDLS_DISABLE_LINK:
11687 nl80211_oper = NL80211_TDLS_DISABLE_LINK;
11697 msg = nlmsg_alloc();
11701 nl80211_cmd(drv, msg, 0, NL80211_CMD_TDLS_OPER);
11702 NLA_PUT_U8(msg, NL80211_ATTR_TDLS_OPERATION, nl80211_oper);
11703 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
11704 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, peer);
11706 return send_and_recv_msgs(drv, msg, NULL, NULL);
11713 #endif /* CONFIG TDLS */
11718 typedef struct android_wifi_priv_cmd {
11722 } android_wifi_priv_cmd;
11724 static int drv_errors = 0;
11726 static void wpa_driver_send_hang_msg(struct wpa_driver_nl80211_data *drv)
11729 if (drv_errors > DRV_NUMBER_SEQUENTIAL_ERRORS) {
11731 wpa_msg(drv->ctx, MSG_INFO, WPA_EVENT_DRIVER_STATE "HANGED");
11736 static int android_priv_cmd(struct i802_bss *bss, const char *cmd)
11738 struct wpa_driver_nl80211_data *drv = bss->drv;
11740 android_wifi_priv_cmd priv_cmd;
11741 char buf[MAX_DRV_CMD_SIZE];
11744 os_memset(&ifr, 0, sizeof(ifr));
11745 os_memset(&priv_cmd, 0, sizeof(priv_cmd));
11746 os_strlcpy(ifr.ifr_name, bss->ifname, IFNAMSIZ);
11748 os_memset(buf, 0, sizeof(buf));
11749 os_strlcpy(buf, cmd, sizeof(buf));
11751 priv_cmd.buf = buf;
11752 priv_cmd.used_len = sizeof(buf);
11753 priv_cmd.total_len = sizeof(buf);
11754 ifr.ifr_data = &priv_cmd;
11756 ret = ioctl(drv->global->ioctl_sock, SIOCDEVPRIVATE + 1, &ifr);
11758 wpa_printf(MSG_ERROR, "%s: failed to issue private commands",
11760 wpa_driver_send_hang_msg(drv);
11769 static int android_pno_start(struct i802_bss *bss,
11770 struct wpa_driver_scan_params *params)
11772 struct wpa_driver_nl80211_data *drv = bss->drv;
11774 android_wifi_priv_cmd priv_cmd;
11775 int ret = 0, i = 0, bp;
11776 char buf[WEXT_PNO_MAX_COMMAND_SIZE];
11778 bp = WEXT_PNOSETUP_HEADER_SIZE;
11779 os_memcpy(buf, WEXT_PNOSETUP_HEADER, bp);
11780 buf[bp++] = WEXT_PNO_TLV_PREFIX;
11781 buf[bp++] = WEXT_PNO_TLV_VERSION;
11782 buf[bp++] = WEXT_PNO_TLV_SUBVERSION;
11783 buf[bp++] = WEXT_PNO_TLV_RESERVED;
11785 while (i < WEXT_PNO_AMOUNT && (size_t) i < params->num_ssids) {
11786 /* Check that there is enough space needed for 1 more SSID, the
11787 * other sections and null termination */
11788 if ((bp + WEXT_PNO_SSID_HEADER_SIZE + MAX_SSID_LEN +
11789 WEXT_PNO_NONSSID_SECTIONS_SIZE + 1) >= (int) sizeof(buf))
11791 wpa_hexdump_ascii(MSG_DEBUG, "For PNO Scan",
11792 params->ssids[i].ssid,
11793 params->ssids[i].ssid_len);
11794 buf[bp++] = WEXT_PNO_SSID_SECTION;
11795 buf[bp++] = params->ssids[i].ssid_len;
11796 os_memcpy(&buf[bp], params->ssids[i].ssid,
11797 params->ssids[i].ssid_len);
11798 bp += params->ssids[i].ssid_len;
11802 buf[bp++] = WEXT_PNO_SCAN_INTERVAL_SECTION;
11803 os_snprintf(&buf[bp], WEXT_PNO_SCAN_INTERVAL_LENGTH + 1, "%x",
11804 WEXT_PNO_SCAN_INTERVAL);
11805 bp += WEXT_PNO_SCAN_INTERVAL_LENGTH;
11807 buf[bp++] = WEXT_PNO_REPEAT_SECTION;
11808 os_snprintf(&buf[bp], WEXT_PNO_REPEAT_LENGTH + 1, "%x",
11810 bp += WEXT_PNO_REPEAT_LENGTH;
11812 buf[bp++] = WEXT_PNO_MAX_REPEAT_SECTION;
11813 os_snprintf(&buf[bp], WEXT_PNO_MAX_REPEAT_LENGTH + 1, "%x",
11814 WEXT_PNO_MAX_REPEAT);
11815 bp += WEXT_PNO_MAX_REPEAT_LENGTH + 1;
11817 memset(&ifr, 0, sizeof(ifr));
11818 memset(&priv_cmd, 0, sizeof(priv_cmd));
11819 os_strlcpy(ifr.ifr_name, bss->ifname, IFNAMSIZ);
11821 priv_cmd.buf = buf;
11822 priv_cmd.used_len = bp;
11823 priv_cmd.total_len = bp;
11824 ifr.ifr_data = &priv_cmd;
11826 ret = ioctl(drv->global->ioctl_sock, SIOCDEVPRIVATE + 1, &ifr);
11829 wpa_printf(MSG_ERROR, "ioctl[SIOCSIWPRIV] (pnosetup): %d",
11831 wpa_driver_send_hang_msg(drv);
11837 return android_priv_cmd(bss, "PNOFORCE 1");
11841 static int android_pno_stop(struct i802_bss *bss)
11843 return android_priv_cmd(bss, "PNOFORCE 0");
11846 #endif /* ANDROID */
11849 static int driver_nl80211_set_key(const char *ifname, void *priv,
11850 enum wpa_alg alg, const u8 *addr,
11851 int key_idx, int set_tx,
11852 const u8 *seq, size_t seq_len,
11853 const u8 *key, size_t key_len)
11855 struct i802_bss *bss = priv;
11856 return wpa_driver_nl80211_set_key(ifname, bss, alg, addr, key_idx,
11857 set_tx, seq, seq_len, key, key_len);
11861 static int driver_nl80211_scan2(void *priv,
11862 struct wpa_driver_scan_params *params)
11864 struct i802_bss *bss = priv;
11865 return wpa_driver_nl80211_scan(bss, params);
11869 static int driver_nl80211_deauthenticate(void *priv, const u8 *addr,
11872 struct i802_bss *bss = priv;
11873 return wpa_driver_nl80211_deauthenticate(bss, addr, reason_code);
11877 static int driver_nl80211_authenticate(void *priv,
11878 struct wpa_driver_auth_params *params)
11880 struct i802_bss *bss = priv;
11881 return wpa_driver_nl80211_authenticate(bss, params);
11885 static void driver_nl80211_deinit(void *priv)
11887 struct i802_bss *bss = priv;
11888 wpa_driver_nl80211_deinit(bss);
11892 static int driver_nl80211_if_remove(void *priv, enum wpa_driver_if_type type,
11893 const char *ifname)
11895 struct i802_bss *bss = priv;
11896 return wpa_driver_nl80211_if_remove(bss, type, ifname);
11900 static int driver_nl80211_send_mlme(void *priv, const u8 *data,
11901 size_t data_len, int noack)
11903 struct i802_bss *bss = priv;
11904 return wpa_driver_nl80211_send_mlme(bss, data, data_len, noack,
11909 static int driver_nl80211_sta_remove(void *priv, const u8 *addr)
11911 struct i802_bss *bss = priv;
11912 return wpa_driver_nl80211_sta_remove(bss, addr);
11916 static int driver_nl80211_set_sta_vlan(void *priv, const u8 *addr,
11917 const char *ifname, int vlan_id)
11919 struct i802_bss *bss = priv;
11920 return i802_set_sta_vlan(bss, addr, ifname, vlan_id);
11924 static int driver_nl80211_read_sta_data(void *priv,
11925 struct hostap_sta_driver_data *data,
11928 struct i802_bss *bss = priv;
11929 return i802_read_sta_data(bss, data, addr);
11933 static int driver_nl80211_send_action(void *priv, unsigned int freq,
11934 unsigned int wait_time,
11935 const u8 *dst, const u8 *src,
11937 const u8 *data, size_t data_len,
11940 struct i802_bss *bss = priv;
11941 return wpa_driver_nl80211_send_action(bss, freq, wait_time, dst, src,
11942 bssid, data, data_len, no_cck);
11946 static int driver_nl80211_probe_req_report(void *priv, int report)
11948 struct i802_bss *bss = priv;
11949 return wpa_driver_nl80211_probe_req_report(bss, report);
11953 static int wpa_driver_nl80211_update_ft_ies(void *priv, const u8 *md,
11954 const u8 *ies, size_t ies_len)
11957 struct nl_msg *msg;
11958 struct i802_bss *bss = priv;
11959 struct wpa_driver_nl80211_data *drv = bss->drv;
11960 u16 mdid = WPA_GET_LE16(md);
11962 msg = nlmsg_alloc();
11966 wpa_printf(MSG_DEBUG, "nl80211: Updating FT IEs");
11967 nl80211_cmd(drv, msg, 0, NL80211_CMD_UPDATE_FT_IES);
11968 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
11969 NLA_PUT(msg, NL80211_ATTR_IE, ies_len, ies);
11970 NLA_PUT_U16(msg, NL80211_ATTR_MDID, mdid);
11972 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
11974 wpa_printf(MSG_DEBUG, "nl80211: update_ft_ies failed "
11975 "err=%d (%s)", ret, strerror(-ret));
11986 const u8 * wpa_driver_nl80211_get_macaddr(void *priv)
11988 struct i802_bss *bss = priv;
11989 struct wpa_driver_nl80211_data *drv = bss->drv;
11991 if (drv->nlmode != NL80211_IFTYPE_P2P_DEVICE)
11998 static const char * scan_state_str(enum scan_states scan_state)
12000 switch (scan_state) {
12003 case SCAN_REQUESTED:
12004 return "SCAN_REQUESTED";
12006 return "SCAN_STARTED";
12007 case SCAN_COMPLETED:
12008 return "SCAN_COMPLETED";
12010 return "SCAN_ABORTED";
12011 case SCHED_SCAN_STARTED:
12012 return "SCHED_SCAN_STARTED";
12013 case SCHED_SCAN_STOPPED:
12014 return "SCHED_SCAN_STOPPED";
12015 case SCHED_SCAN_RESULTS:
12016 return "SCHED_SCAN_RESULTS";
12023 static int wpa_driver_nl80211_status(void *priv, char *buf, size_t buflen)
12025 struct i802_bss *bss = priv;
12026 struct wpa_driver_nl80211_data *drv = bss->drv;
12031 end = buf + buflen;
12033 res = os_snprintf(pos, end - pos,
12037 "addr=" MACSTR "\n"
12043 MAC2STR(bss->addr),
12045 bss->beacon_set ? "beacon_set=1\n" : "",
12046 bss->added_if_into_bridge ?
12047 "added_if_into_bridge=1\n" : "",
12048 bss->added_bridge ? "added_bridge=1\n" : "",
12049 bss->in_deinit ? "in_deinit=1\n" : "",
12050 bss->if_dynamic ? "if_dynamic=1\n" : "");
12051 if (res < 0 || res >= end - pos)
12055 if (bss->wdev_id_set) {
12056 res = os_snprintf(pos, end - pos, "wdev_id=%llu\n",
12057 (unsigned long long) bss->wdev_id);
12058 if (res < 0 || res >= end - pos)
12063 res = os_snprintf(pos, end - pos,
12065 "perm_addr=" MACSTR "\n"
12069 "auth_bssid=" MACSTR "\n"
12070 "auth_attempt_bssid=" MACSTR "\n"
12071 "bssid=" MACSTR "\n"
12072 "prev_bssid=" MACSTR "\n"
12075 "monitor_sock=%d\n"
12076 "monitor_ifidx=%d\n"
12077 "monitor_refcount=%d\n"
12078 "last_mgmt_freq=%u\n"
12079 "eapol_tx_sock=%d\n"
12080 "%s%s%s%s%s%s%s%s%s%s%s%s%s%s",
12082 MAC2STR(drv->perm_addr),
12085 scan_state_str(drv->scan_state),
12086 MAC2STR(drv->auth_bssid),
12087 MAC2STR(drv->auth_attempt_bssid),
12088 MAC2STR(drv->bssid),
12089 MAC2STR(drv->prev_bssid),
12093 drv->monitor_ifidx,
12094 drv->monitor_refcount,
12095 drv->last_mgmt_freq,
12096 drv->eapol_tx_sock,
12097 drv->ignore_if_down_event ?
12098 "ignore_if_down_event=1\n" : "",
12099 drv->scan_complete_events ?
12100 "scan_complete_events=1\n" : "",
12101 drv->disabled_11b_rates ?
12102 "disabled_11b_rates=1\n" : "",
12103 drv->pending_remain_on_chan ?
12104 "pending_remain_on_chan=1\n" : "",
12105 drv->in_interface_list ? "in_interface_list=1\n" : "",
12106 drv->device_ap_sme ? "device_ap_sme=1\n" : "",
12107 drv->poll_command_supported ?
12108 "poll_command_supported=1\n" : "",
12109 drv->data_tx_status ? "data_tx_status=1\n" : "",
12110 drv->scan_for_auth ? "scan_for_auth=1\n" : "",
12111 drv->retry_auth ? "retry_auth=1\n" : "",
12112 drv->use_monitor ? "use_monitor=1\n" : "",
12113 drv->ignore_next_local_disconnect ?
12114 "ignore_next_local_disconnect=1\n" : "",
12115 drv->ignore_next_local_deauth ?
12116 "ignore_next_local_deauth=1\n" : "",
12117 drv->allow_p2p_device ? "allow_p2p_device=1\n" : "");
12118 if (res < 0 || res >= end - pos)
12122 if (drv->has_capability) {
12123 res = os_snprintf(pos, end - pos,
12124 "capa.key_mgmt=0x%x\n"
12127 "capa.flags=0x%x\n"
12128 "capa.max_scan_ssids=%d\n"
12129 "capa.max_sched_scan_ssids=%d\n"
12130 "capa.sched_scan_supported=%d\n"
12131 "capa.max_match_sets=%d\n"
12132 "capa.max_remain_on_chan=%u\n"
12133 "capa.max_stations=%u\n"
12134 "capa.probe_resp_offloads=0x%x\n"
12135 "capa.max_acl_mac_addrs=%u\n"
12136 "capa.num_multichan_concurrent=%u\n",
12137 drv->capa.key_mgmt,
12141 drv->capa.max_scan_ssids,
12142 drv->capa.max_sched_scan_ssids,
12143 drv->capa.sched_scan_supported,
12144 drv->capa.max_match_sets,
12145 drv->capa.max_remain_on_chan,
12146 drv->capa.max_stations,
12147 drv->capa.probe_resp_offloads,
12148 drv->capa.max_acl_mac_addrs,
12149 drv->capa.num_multichan_concurrent);
12150 if (res < 0 || res >= end - pos)
12159 static int set_beacon_data(struct nl_msg *msg, struct beacon_data *settings)
12161 if (settings->head)
12162 NLA_PUT(msg, NL80211_ATTR_BEACON_HEAD,
12163 settings->head_len, settings->head);
12165 if (settings->tail)
12166 NLA_PUT(msg, NL80211_ATTR_BEACON_TAIL,
12167 settings->tail_len, settings->tail);
12169 if (settings->beacon_ies)
12170 NLA_PUT(msg, NL80211_ATTR_IE,
12171 settings->beacon_ies_len, settings->beacon_ies);
12173 if (settings->proberesp_ies)
12174 NLA_PUT(msg, NL80211_ATTR_IE_PROBE_RESP,
12175 settings->proberesp_ies_len, settings->proberesp_ies);
12177 if (settings->assocresp_ies)
12179 NL80211_ATTR_IE_ASSOC_RESP,
12180 settings->assocresp_ies_len, settings->assocresp_ies);
12182 if (settings->probe_resp)
12183 NLA_PUT(msg, NL80211_ATTR_PROBE_RESP,
12184 settings->probe_resp_len, settings->probe_resp);
12193 static int nl80211_switch_channel(void *priv, struct csa_settings *settings)
12195 struct nl_msg *msg;
12196 struct i802_bss *bss = priv;
12197 struct wpa_driver_nl80211_data *drv = bss->drv;
12198 struct nlattr *beacon_csa;
12199 int ret = -ENOBUFS;
12201 wpa_printf(MSG_DEBUG, "nl80211: Channel switch request (cs_count=%u block_tx=%u freq=%d width=%d cf1=%d cf2=%d)",
12202 settings->cs_count, settings->block_tx,
12203 settings->freq_params.freq, settings->freq_params.bandwidth,
12204 settings->freq_params.center_freq1,
12205 settings->freq_params.center_freq2);
12207 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_AP_CSA)) {
12208 wpa_printf(MSG_DEBUG, "nl80211: Driver does not support channel switch command");
12209 return -EOPNOTSUPP;
12212 if ((drv->nlmode != NL80211_IFTYPE_AP) &&
12213 (drv->nlmode != NL80211_IFTYPE_P2P_GO))
12214 return -EOPNOTSUPP;
12216 /* check settings validity */
12217 if (!settings->beacon_csa.tail ||
12218 ((settings->beacon_csa.tail_len <=
12219 settings->counter_offset_beacon) ||
12220 (settings->beacon_csa.tail[settings->counter_offset_beacon] !=
12221 settings->cs_count)))
12224 if (settings->beacon_csa.probe_resp &&
12225 ((settings->beacon_csa.probe_resp_len <=
12226 settings->counter_offset_presp) ||
12227 (settings->beacon_csa.probe_resp[settings->counter_offset_presp] !=
12228 settings->cs_count)))
12231 msg = nlmsg_alloc();
12235 nl80211_cmd(drv, msg, 0, NL80211_CMD_CHANNEL_SWITCH);
12236 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, bss->ifindex);
12237 NLA_PUT_U32(msg, NL80211_ATTR_CH_SWITCH_COUNT, settings->cs_count);
12238 ret = nl80211_put_freq_params(msg, &settings->freq_params);
12242 if (settings->block_tx)
12243 NLA_PUT_FLAG(msg, NL80211_ATTR_CH_SWITCH_BLOCK_TX);
12245 /* beacon_after params */
12246 ret = set_beacon_data(msg, &settings->beacon_after);
12250 /* beacon_csa params */
12251 beacon_csa = nla_nest_start(msg, NL80211_ATTR_CSA_IES);
12253 goto nla_put_failure;
12255 ret = set_beacon_data(msg, &settings->beacon_csa);
12259 NLA_PUT_U16(msg, NL80211_ATTR_CSA_C_OFF_BEACON,
12260 settings->counter_offset_beacon);
12262 if (settings->beacon_csa.probe_resp)
12263 NLA_PUT_U16(msg, NL80211_ATTR_CSA_C_OFF_PRESP,
12264 settings->counter_offset_presp);
12266 nla_nest_end(msg, beacon_csa);
12267 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
12269 wpa_printf(MSG_DEBUG, "nl80211: switch_channel failed err=%d (%s)",
12270 ret, strerror(-ret));
12278 wpa_printf(MSG_DEBUG, "nl80211: Could not build channel switch request");
12283 #ifdef CONFIG_TESTING_OPTIONS
12284 static int cmd_reply_handler(struct nl_msg *msg, void *arg)
12286 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
12287 struct wpabuf *buf = arg;
12292 if ((size_t) genlmsg_attrlen(gnlh, 0) > wpabuf_tailroom(buf)) {
12293 wpa_printf(MSG_INFO, "nl80211: insufficient buffer space for reply");
12297 wpabuf_put_data(buf, genlmsg_attrdata(gnlh, 0),
12298 genlmsg_attrlen(gnlh, 0));
12302 #endif /* CONFIG_TESTING_OPTIONS */
12305 static int vendor_reply_handler(struct nl_msg *msg, void *arg)
12307 struct nlattr *tb[NL80211_ATTR_MAX + 1];
12308 struct nlattr *nl_vendor_reply, *nl;
12309 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
12310 struct wpabuf *buf = arg;
12316 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
12317 genlmsg_attrlen(gnlh, 0), NULL);
12318 nl_vendor_reply = tb[NL80211_ATTR_VENDOR_DATA];
12320 if (!nl_vendor_reply)
12323 if ((size_t) nla_len(nl_vendor_reply) > wpabuf_tailroom(buf)) {
12324 wpa_printf(MSG_INFO, "nl80211: Vendor command: insufficient buffer space for reply");
12328 nla_for_each_nested(nl, nl_vendor_reply, rem) {
12329 wpabuf_put_data(buf, nla_data(nl), nla_len(nl));
12336 static int nl80211_vendor_cmd(void *priv, unsigned int vendor_id,
12337 unsigned int subcmd, const u8 *data,
12338 size_t data_len, struct wpabuf *buf)
12340 struct i802_bss *bss = priv;
12341 struct wpa_driver_nl80211_data *drv = bss->drv;
12342 struct nl_msg *msg;
12345 msg = nlmsg_alloc();
12349 #ifdef CONFIG_TESTING_OPTIONS
12350 if (vendor_id == 0xffffffff) {
12351 nl80211_cmd(drv, msg, 0, subcmd);
12352 if (nlmsg_append(msg, (void *) data, data_len, NLMSG_ALIGNTO) <
12354 goto nla_put_failure;
12355 ret = send_and_recv_msgs(drv, msg, cmd_reply_handler, buf);
12357 wpa_printf(MSG_DEBUG, "nl80211: command failed err=%d",
12361 #endif /* CONFIG_TESTING_OPTIONS */
12363 nl80211_cmd(drv, msg, 0, NL80211_CMD_VENDOR);
12364 if (nl80211_set_iface_id(msg, bss) < 0)
12365 goto nla_put_failure;
12366 NLA_PUT_U32(msg, NL80211_ATTR_VENDOR_ID, vendor_id);
12367 NLA_PUT_U32(msg, NL80211_ATTR_VENDOR_SUBCMD, subcmd);
12369 NLA_PUT(msg, NL80211_ATTR_VENDOR_DATA, data_len, data);
12371 ret = send_and_recv_msgs(drv, msg, vendor_reply_handler, buf);
12373 wpa_printf(MSG_DEBUG, "nl80211: vendor command failed err=%d",
12383 static int nl80211_set_qos_map(void *priv, const u8 *qos_map_set,
12384 u8 qos_map_set_len)
12386 struct i802_bss *bss = priv;
12387 struct wpa_driver_nl80211_data *drv = bss->drv;
12388 struct nl_msg *msg;
12391 msg = nlmsg_alloc();
12395 wpa_hexdump(MSG_DEBUG, "nl80211: Setting QoS Map",
12396 qos_map_set, qos_map_set_len);
12398 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_QOS_MAP);
12399 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
12400 NLA_PUT(msg, NL80211_ATTR_QOS_MAP, qos_map_set_len, qos_map_set);
12402 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
12404 wpa_printf(MSG_DEBUG, "nl80211: Setting QoS Map failed");
12414 static int nl80211_set_wowlan(void *priv,
12415 const struct wowlan_triggers *triggers)
12417 struct i802_bss *bss = priv;
12418 struct wpa_driver_nl80211_data *drv = bss->drv;
12419 struct nl_msg *msg;
12420 struct nlattr *wowlan_triggers;
12423 msg = nlmsg_alloc();
12427 wpa_printf(MSG_DEBUG, "nl80211: Setting wowlan");
12429 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_WOWLAN);
12430 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
12432 wowlan_triggers = nla_nest_start(msg, NL80211_ATTR_WOWLAN_TRIGGERS);
12433 if (!wowlan_triggers)
12434 goto nla_put_failure;
12437 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_ANY);
12438 if (triggers->disconnect)
12439 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_DISCONNECT);
12440 if (triggers->magic_pkt)
12441 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_MAGIC_PKT);
12442 if (triggers->gtk_rekey_failure)
12443 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE);
12444 if (triggers->eap_identity_req)
12445 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST);
12446 if (triggers->four_way_handshake)
12447 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE);
12448 if (triggers->rfkill_release)
12449 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_RFKILL_RELEASE);
12451 nla_nest_end(msg, wowlan_triggers);
12453 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
12455 wpa_printf(MSG_DEBUG, "nl80211: Setting wowlan failed");
12465 static int nl80211_roaming(void *priv, int allowed, const u8 *bssid)
12467 struct i802_bss *bss = priv;
12468 struct wpa_driver_nl80211_data *drv = bss->drv;
12469 struct nl_msg *msg;
12470 struct nlattr *params;
12472 wpa_printf(MSG_DEBUG, "nl80211: Roaming policy: allowed=%d", allowed);
12474 if (!drv->roaming_vendor_cmd_avail) {
12475 wpa_printf(MSG_DEBUG,
12476 "nl80211: Ignore roaming policy change since driver does not provide command for setting it");
12480 msg = nlmsg_alloc();
12484 nl80211_cmd(drv, msg, 0, NL80211_CMD_VENDOR);
12486 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
12487 NLA_PUT_U32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA);
12488 NLA_PUT_U32(msg, NL80211_ATTR_VENDOR_SUBCMD,
12489 QCA_NL80211_VENDOR_SUBCMD_ROAMING);
12491 params = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA);
12493 goto nla_put_failure;
12494 NLA_PUT_U32(msg, QCA_WLAN_VENDOR_ATTR_ROAMING_POLICY,
12495 allowed ? QCA_ROAMING_ALLOWED_WITHIN_ESS :
12496 QCA_ROAMING_NOT_ALLOWED);
12498 NLA_PUT(msg, QCA_WLAN_VENDOR_ATTR_MAC_ADDR, ETH_ALEN, bssid);
12499 nla_nest_end(msg, params);
12501 return send_and_recv_msgs(drv, msg, NULL, NULL);
12509 static int nl80211_set_mac_addr(void *priv, const u8 *addr)
12511 struct i802_bss *bss = priv;
12512 struct wpa_driver_nl80211_data *drv = bss->drv;
12513 int new_addr = addr != NULL;
12516 addr = drv->perm_addr;
12518 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 0) < 0)
12521 if (linux_set_ifhwaddr(drv->global->ioctl_sock, bss->ifname, addr) < 0)
12523 wpa_printf(MSG_DEBUG,
12524 "nl80211: failed to set_mac_addr for %s to " MACSTR,
12525 bss->ifname, MAC2STR(addr));
12526 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname,
12528 wpa_printf(MSG_DEBUG,
12529 "nl80211: Could not restore interface UP after failed set_mac_addr");
12534 wpa_printf(MSG_DEBUG, "nl80211: set_mac_addr for %s to " MACSTR,
12535 bss->ifname, MAC2STR(addr));
12536 drv->addr_changed = new_addr;
12537 os_memcpy(bss->addr, addr, ETH_ALEN);
12539 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 1) < 0)
12541 wpa_printf(MSG_DEBUG,
12542 "nl80211: Could not restore interface UP after set_mac_addr");
12549 const struct wpa_driver_ops wpa_driver_nl80211_ops = {
12551 .desc = "Linux nl80211/cfg80211",
12552 .get_bssid = wpa_driver_nl80211_get_bssid,
12553 .get_ssid = wpa_driver_nl80211_get_ssid,
12554 .set_key = driver_nl80211_set_key,
12555 .scan2 = driver_nl80211_scan2,
12556 .sched_scan = wpa_driver_nl80211_sched_scan,
12557 .stop_sched_scan = wpa_driver_nl80211_stop_sched_scan,
12558 .get_scan_results2 = wpa_driver_nl80211_get_scan_results,
12559 .deauthenticate = driver_nl80211_deauthenticate,
12560 .authenticate = driver_nl80211_authenticate,
12561 .associate = wpa_driver_nl80211_associate,
12562 .global_init = nl80211_global_init,
12563 .global_deinit = nl80211_global_deinit,
12564 .init2 = wpa_driver_nl80211_init,
12565 .deinit = driver_nl80211_deinit,
12566 .get_capa = wpa_driver_nl80211_get_capa,
12567 .set_operstate = wpa_driver_nl80211_set_operstate,
12568 .set_supp_port = wpa_driver_nl80211_set_supp_port,
12569 .set_country = wpa_driver_nl80211_set_country,
12570 .get_country = wpa_driver_nl80211_get_country,
12571 .set_ap = wpa_driver_nl80211_set_ap,
12572 .set_acl = wpa_driver_nl80211_set_acl,
12573 .if_add = wpa_driver_nl80211_if_add,
12574 .if_remove = driver_nl80211_if_remove,
12575 .send_mlme = driver_nl80211_send_mlme,
12576 .get_hw_feature_data = wpa_driver_nl80211_get_hw_feature_data,
12577 .sta_add = wpa_driver_nl80211_sta_add,
12578 .sta_remove = driver_nl80211_sta_remove,
12579 .hapd_send_eapol = wpa_driver_nl80211_hapd_send_eapol,
12580 .sta_set_flags = wpa_driver_nl80211_sta_set_flags,
12581 .hapd_init = i802_init,
12582 .hapd_deinit = i802_deinit,
12583 .set_wds_sta = i802_set_wds_sta,
12584 .get_seqnum = i802_get_seqnum,
12585 .flush = i802_flush,
12586 .get_inact_sec = i802_get_inact_sec,
12587 .sta_clear_stats = i802_sta_clear_stats,
12588 .set_rts = i802_set_rts,
12589 .set_frag = i802_set_frag,
12590 .set_tx_queue_params = i802_set_tx_queue_params,
12591 .set_sta_vlan = driver_nl80211_set_sta_vlan,
12592 .sta_deauth = i802_sta_deauth,
12593 .sta_disassoc = i802_sta_disassoc,
12594 .read_sta_data = driver_nl80211_read_sta_data,
12595 .set_freq = i802_set_freq,
12596 .send_action = driver_nl80211_send_action,
12597 .send_action_cancel_wait = wpa_driver_nl80211_send_action_cancel_wait,
12598 .remain_on_channel = wpa_driver_nl80211_remain_on_channel,
12599 .cancel_remain_on_channel =
12600 wpa_driver_nl80211_cancel_remain_on_channel,
12601 .probe_req_report = driver_nl80211_probe_req_report,
12602 .deinit_ap = wpa_driver_nl80211_deinit_ap,
12603 .deinit_p2p_cli = wpa_driver_nl80211_deinit_p2p_cli,
12604 .resume = wpa_driver_nl80211_resume,
12605 .send_ft_action = nl80211_send_ft_action,
12606 .signal_monitor = nl80211_signal_monitor,
12607 .signal_poll = nl80211_signal_poll,
12608 .send_frame = nl80211_send_frame,
12609 .shared_freq = wpa_driver_nl80211_shared_freq,
12610 .set_param = nl80211_set_param,
12611 .get_radio_name = nl80211_get_radio_name,
12612 .add_pmkid = nl80211_add_pmkid,
12613 .remove_pmkid = nl80211_remove_pmkid,
12614 .flush_pmkid = nl80211_flush_pmkid,
12615 .set_rekey_info = nl80211_set_rekey_info,
12616 .poll_client = nl80211_poll_client,
12617 .set_p2p_powersave = nl80211_set_p2p_powersave,
12618 .start_dfs_cac = nl80211_start_radar_detection,
12619 .stop_ap = wpa_driver_nl80211_stop_ap,
12621 .send_tdls_mgmt = nl80211_send_tdls_mgmt,
12622 .tdls_oper = nl80211_tdls_oper,
12623 #endif /* CONFIG_TDLS */
12624 .update_ft_ies = wpa_driver_nl80211_update_ft_ies,
12625 .get_mac_addr = wpa_driver_nl80211_get_macaddr,
12626 .get_survey = wpa_driver_nl80211_get_survey,
12627 .status = wpa_driver_nl80211_status,
12628 .switch_channel = nl80211_switch_channel,
12630 .set_noa = wpa_driver_set_p2p_noa,
12631 .get_noa = wpa_driver_get_p2p_noa,
12632 .set_ap_wps_ie = wpa_driver_set_ap_wps_p2p_ie,
12633 #endif /* ANDROID_P2P */
12635 .driver_cmd = wpa_driver_nl80211_driver_cmd,
12636 #endif /* ANDROID */
12637 .vendor_cmd = nl80211_vendor_cmd,
12638 .set_qos_map = nl80211_set_qos_map,
12639 .set_wowlan = nl80211_set_wowlan,
12640 .roaming = nl80211_roaming,
12641 .set_mac_addr = nl80211_set_mac_addr,