2 * Driver interaction with Linux nl80211/cfg80211
3 * Copyright (c) 2002-2010, Jouni Malinen <j@w1.fi>
4 * Copyright (c) 2003-2004, Instant802 Networks, Inc.
5 * Copyright (c) 2005-2006, Devicescape Software, Inc.
6 * Copyright (c) 2007, Johannes Berg <johannes@sipsolutions.net>
7 * Copyright (c) 2009-2010, Atheros Communications
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License version 2 as
11 * published by the Free Software Foundation.
13 * Alternatively, this software may be distributed under the terms of BSD
16 * See README and COPYING for more details.
20 #include <sys/ioctl.h>
21 #include <sys/types.h>
25 #include <netlink/genl/genl.h>
26 #include <netlink/genl/family.h>
27 #include <netlink/genl/ctrl.h>
28 #include <linux/rtnetlink.h>
29 #include <netpacket/packet.h>
30 #include <linux/filter.h>
31 #include "nl80211_copy.h"
35 #include "utils/list.h"
36 #include "common/ieee802_11_defs.h"
38 #include "linux_ioctl.h"
40 #include "radiotap_iter.h"
45 /* libnl 2.0 compatibility code */
46 #define nl_handle nl_sock
47 #define nl80211_handle_alloc nl_socket_alloc_cb
48 #define nl80211_handle_destroy nl_socket_free
51 * libnl 1.1 has a bug, it tries to allocate socket numbers densely
52 * but when you free a socket again it will mess up its bitmap and
53 * and use the wrong number the next time it needs a socket ID.
54 * Therefore, we wrap the handle alloc/destroy and add our own pid
57 static uint32_t port_bitmap[32] = { 0 };
59 static struct nl_handle *nl80211_handle_alloc(void *cb)
61 struct nl_handle *handle;
62 uint32_t pid = getpid() & 0x3FFFFF;
65 handle = nl_handle_alloc_cb(cb);
67 for (i = 0; i < 1024; i++) {
68 if (port_bitmap[i / 32] & (1 << (i % 32)))
70 port_bitmap[i / 32] |= 1 << (i % 32);
75 nl_socket_set_local_port(handle, pid);
80 static void nl80211_handle_destroy(struct nl_handle *handle)
82 uint32_t port = nl_socket_get_local_port(handle);
85 port_bitmap[port / 32] &= ~(1 << (port % 32));
87 nl_handle_destroy(handle);
89 #endif /* CONFIG_LIBNL20 */
93 #define IFF_LOWER_UP 0x10000 /* driver signals L1 up */
96 #define IFF_DORMANT 0x20000 /* driver signals dormant */
99 #ifndef IF_OPER_DORMANT
100 #define IF_OPER_DORMANT 5
106 struct nl80211_global {
107 struct dl_list interfaces;
111 struct wpa_driver_nl80211_data *drv;
112 struct i802_bss *next;
114 char ifname[IFNAMSIZ + 1];
115 unsigned int beacon_set:1;
118 struct wpa_driver_nl80211_data {
119 struct nl80211_global *global;
124 struct netlink_data *netlink;
125 int ioctl_sock; /* socket for ioctl() use */
126 char brname[IFNAMSIZ];
130 struct rfkill_data *rfkill;
131 struct wpa_driver_capa capa;
136 int scan_complete_events;
138 struct nl_handle *nl_handle;
139 struct nl_handle *nl_handle_event;
140 struct nl_handle *nl_handle_preq;
141 struct nl_cache *nl_cache;
142 struct nl_cache *nl_cache_event;
143 struct nl_cache *nl_cache_preq;
145 struct genl_family *nl80211;
147 u8 auth_bssid[ETH_ALEN];
153 int ap_scan_as_station;
154 unsigned int assoc_freq;
158 int disable_11b_rates;
160 unsigned int pending_remain_on_chan:1;
161 unsigned int added_bridge:1;
162 unsigned int added_if_into_bridge:1;
164 u64 remain_on_chan_cookie;
165 u64 send_action_cookie;
167 unsigned int last_mgmt_freq;
169 struct wpa_driver_scan_filter *filter_ssids;
170 size_t num_filter_ssids;
172 struct i802_bss first_bss;
175 int eapol_sock; /* socket for EAPOL frames */
177 int default_if_indices[16];
187 static void wpa_driver_nl80211_scan_timeout(void *eloop_ctx,
189 static int wpa_driver_nl80211_set_mode(void *priv, int mode);
191 wpa_driver_nl80211_finish_drv_init(struct wpa_driver_nl80211_data *drv);
192 static int wpa_driver_nl80211_mlme(struct wpa_driver_nl80211_data *drv,
193 const u8 *addr, int cmd, u16 reason_code,
194 int local_state_change);
195 static void nl80211_remove_monitor_interface(
196 struct wpa_driver_nl80211_data *drv);
197 static int nl80211_send_frame_cmd(struct wpa_driver_nl80211_data *drv,
198 unsigned int freq, const u8 *buf,
199 size_t buf_len, u64 *cookie);
200 static int wpa_driver_nl80211_probe_req_report(void *priv, int report);
203 static void add_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx);
204 static void del_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx);
205 static int have_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx);
206 static int wpa_driver_nl80211_if_remove(void *priv,
207 enum wpa_driver_if_type type,
210 static int have_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx)
216 static int i802_set_freq(void *priv, struct hostapd_freq_params *freq);
217 static int nl80211_disable_11b_rates(struct wpa_driver_nl80211_data *drv,
218 int ifindex, int disabled);
222 static int ack_handler(struct nl_msg *msg, void *arg)
229 static int finish_handler(struct nl_msg *msg, void *arg)
236 static int error_handler(struct sockaddr_nl *nla, struct nlmsgerr *err,
245 static int no_seq_check(struct nl_msg *msg, void *arg)
251 static int send_and_recv(struct wpa_driver_nl80211_data *drv,
252 struct nl_handle *nl_handle, struct nl_msg *msg,
253 int (*valid_handler)(struct nl_msg *, void *),
259 cb = nl_cb_clone(drv->nl_cb);
263 err = nl_send_auto_complete(nl_handle, msg);
269 nl_cb_err(cb, NL_CB_CUSTOM, error_handler, &err);
270 nl_cb_set(cb, NL_CB_FINISH, NL_CB_CUSTOM, finish_handler, &err);
271 nl_cb_set(cb, NL_CB_ACK, NL_CB_CUSTOM, ack_handler, &err);
274 nl_cb_set(cb, NL_CB_VALID, NL_CB_CUSTOM,
275 valid_handler, valid_data);
278 nl_recvmsgs(nl_handle, cb);
286 static int send_and_recv_msgs(struct wpa_driver_nl80211_data *drv,
288 int (*valid_handler)(struct nl_msg *, void *),
291 return send_and_recv(drv, drv->nl_handle, msg, valid_handler,
302 static int family_handler(struct nl_msg *msg, void *arg)
304 struct family_data *res = arg;
305 struct nlattr *tb[CTRL_ATTR_MAX + 1];
306 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
307 struct nlattr *mcgrp;
310 nla_parse(tb, CTRL_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
311 genlmsg_attrlen(gnlh, 0), NULL);
312 if (!tb[CTRL_ATTR_MCAST_GROUPS])
315 nla_for_each_nested(mcgrp, tb[CTRL_ATTR_MCAST_GROUPS], i) {
316 struct nlattr *tb2[CTRL_ATTR_MCAST_GRP_MAX + 1];
317 nla_parse(tb2, CTRL_ATTR_MCAST_GRP_MAX, nla_data(mcgrp),
318 nla_len(mcgrp), NULL);
319 if (!tb2[CTRL_ATTR_MCAST_GRP_NAME] ||
320 !tb2[CTRL_ATTR_MCAST_GRP_ID] ||
321 os_strncmp(nla_data(tb2[CTRL_ATTR_MCAST_GRP_NAME]),
323 nla_len(tb2[CTRL_ATTR_MCAST_GRP_NAME])) != 0)
325 res->id = nla_get_u32(tb2[CTRL_ATTR_MCAST_GRP_ID]);
333 static int nl_get_multicast_id(struct wpa_driver_nl80211_data *drv,
334 const char *family, const char *group)
338 struct family_data res = { group, -ENOENT };
343 genlmsg_put(msg, 0, 0, genl_ctrl_resolve(drv->nl_handle, "nlctrl"),
344 0, 0, CTRL_CMD_GETFAMILY, 0);
345 NLA_PUT_STRING(msg, CTRL_ATTR_FAMILY_NAME, family);
347 ret = send_and_recv_msgs(drv, msg, family_handler, &res);
358 static int wpa_driver_nl80211_get_bssid(void *priv, u8 *bssid)
360 struct i802_bss *bss = priv;
361 struct wpa_driver_nl80211_data *drv = bss->drv;
362 if (!drv->associated)
364 os_memcpy(bssid, drv->bssid, ETH_ALEN);
369 static int wpa_driver_nl80211_get_ssid(void *priv, u8 *ssid)
371 struct i802_bss *bss = priv;
372 struct wpa_driver_nl80211_data *drv = bss->drv;
373 if (!drv->associated)
375 os_memcpy(ssid, drv->ssid, drv->ssid_len);
376 return drv->ssid_len;
380 static void wpa_driver_nl80211_event_link(struct wpa_driver_nl80211_data *drv,
381 char *buf, size_t len, int del)
383 union wpa_event_data event;
385 os_memset(&event, 0, sizeof(event));
386 if (len > sizeof(event.interface_status.ifname))
387 len = sizeof(event.interface_status.ifname) - 1;
388 os_memcpy(event.interface_status.ifname, buf, len);
389 event.interface_status.ievent = del ? EVENT_INTERFACE_REMOVED :
390 EVENT_INTERFACE_ADDED;
392 wpa_printf(MSG_DEBUG, "RTM_%sLINK, IFLA_IFNAME: Interface '%s' %s",
394 event.interface_status.ifname,
395 del ? "removed" : "added");
397 if (os_strcmp(drv->first_bss.ifname, event.interface_status.ifname) == 0) {
404 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_STATUS, &event);
408 static int wpa_driver_nl80211_own_ifname(struct wpa_driver_nl80211_data *drv,
411 int attrlen, rta_len;
415 attr = (struct rtattr *) buf;
417 rta_len = RTA_ALIGN(sizeof(struct rtattr));
418 while (RTA_OK(attr, attrlen)) {
419 if (attr->rta_type == IFLA_IFNAME) {
420 if (os_strcmp(((char *) attr) + rta_len, drv->first_bss.ifname)
426 attr = RTA_NEXT(attr, attrlen);
433 static int wpa_driver_nl80211_own_ifindex(struct wpa_driver_nl80211_data *drv,
434 int ifindex, u8 *buf, size_t len)
436 if (drv->ifindex == ifindex)
439 if (drv->if_removed && wpa_driver_nl80211_own_ifname(drv, buf, len)) {
440 drv->first_bss.ifindex = if_nametoindex(drv->first_bss.ifname);
441 wpa_printf(MSG_DEBUG, "nl80211: Update ifindex for a removed "
443 wpa_driver_nl80211_finish_drv_init(drv);
451 static void wpa_driver_nl80211_event_rtm_newlink(void *ctx,
452 struct ifinfomsg *ifi,
455 struct wpa_driver_nl80211_data *drv = ctx;
456 int attrlen, rta_len;
460 if (!wpa_driver_nl80211_own_ifindex(drv, ifi->ifi_index, buf, len) &&
461 !have_ifidx(drv, ifi->ifi_index)) {
462 wpa_printf(MSG_DEBUG, "nl80211: Ignore event for foreign "
463 "ifindex %d", ifi->ifi_index);
467 wpa_printf(MSG_DEBUG, "RTM_NEWLINK: operstate=%d ifi_flags=0x%x "
469 drv->operstate, ifi->ifi_flags,
470 (ifi->ifi_flags & IFF_UP) ? "[UP]" : "",
471 (ifi->ifi_flags & IFF_RUNNING) ? "[RUNNING]" : "",
472 (ifi->ifi_flags & IFF_LOWER_UP) ? "[LOWER_UP]" : "",
473 (ifi->ifi_flags & IFF_DORMANT) ? "[DORMANT]" : "");
475 if (!drv->if_disabled && !(ifi->ifi_flags & IFF_UP)) {
476 wpa_printf(MSG_DEBUG, "nl80211: Interface down");
477 drv->if_disabled = 1;
478 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_DISABLED, NULL);
481 if (drv->if_disabled && (ifi->ifi_flags & IFF_UP)) {
482 wpa_printf(MSG_DEBUG, "nl80211: Interface up");
483 drv->if_disabled = 0;
484 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_ENABLED, NULL);
488 * Some drivers send the association event before the operup event--in
489 * this case, lifting operstate in wpa_driver_nl80211_set_operstate()
490 * fails. This will hit us when wpa_supplicant does not need to do
491 * IEEE 802.1X authentication
493 if (drv->operstate == 1 &&
494 (ifi->ifi_flags & (IFF_LOWER_UP | IFF_DORMANT)) == IFF_LOWER_UP &&
495 !(ifi->ifi_flags & IFF_RUNNING))
496 netlink_send_oper_ifla(drv->netlink, drv->ifindex,
500 attr = (struct rtattr *) buf;
501 rta_len = RTA_ALIGN(sizeof(struct rtattr));
502 while (RTA_OK(attr, attrlen)) {
503 if (attr->rta_type == IFLA_IFNAME) {
504 wpa_driver_nl80211_event_link(
506 ((char *) attr) + rta_len,
507 attr->rta_len - rta_len, 0);
508 } else if (attr->rta_type == IFLA_MASTER)
509 brid = nla_get_u32((struct nlattr *) attr);
510 attr = RTA_NEXT(attr, attrlen);
514 if (ifi->ifi_family == AF_BRIDGE && brid) {
515 /* device has been added to bridge */
516 char namebuf[IFNAMSIZ];
517 if_indextoname(brid, namebuf);
518 wpa_printf(MSG_DEBUG, "nl80211: Add ifindex %u for bridge %s",
520 add_ifidx(drv, brid);
526 static void wpa_driver_nl80211_event_rtm_dellink(void *ctx,
527 struct ifinfomsg *ifi,
530 struct wpa_driver_nl80211_data *drv = ctx;
531 int attrlen, rta_len;
536 attr = (struct rtattr *) buf;
538 rta_len = RTA_ALIGN(sizeof(struct rtattr));
539 while (RTA_OK(attr, attrlen)) {
540 if (attr->rta_type == IFLA_IFNAME) {
541 wpa_driver_nl80211_event_link(
543 ((char *) attr) + rta_len,
544 attr->rta_len - rta_len, 1);
545 } else if (attr->rta_type == IFLA_MASTER)
546 brid = nla_get_u32((struct nlattr *) attr);
547 attr = RTA_NEXT(attr, attrlen);
551 if (ifi->ifi_family == AF_BRIDGE && brid) {
552 /* device has been removed from bridge */
553 char namebuf[IFNAMSIZ];
554 if_indextoname(brid, namebuf);
555 wpa_printf(MSG_DEBUG, "nl80211: Remove ifindex %u for bridge "
556 "%s", brid, namebuf);
557 del_ifidx(drv, brid);
563 static void mlme_event_auth(struct wpa_driver_nl80211_data *drv,
564 const u8 *frame, size_t len)
566 const struct ieee80211_mgmt *mgmt;
567 union wpa_event_data event;
569 mgmt = (const struct ieee80211_mgmt *) frame;
570 if (len < 24 + sizeof(mgmt->u.auth)) {
571 wpa_printf(MSG_DEBUG, "nl80211: Too short association event "
576 os_memcpy(drv->auth_bssid, mgmt->sa, ETH_ALEN);
577 os_memset(&event, 0, sizeof(event));
578 os_memcpy(event.auth.peer, mgmt->sa, ETH_ALEN);
579 event.auth.auth_type = le_to_host16(mgmt->u.auth.auth_alg);
580 event.auth.status_code = le_to_host16(mgmt->u.auth.status_code);
581 if (len > 24 + sizeof(mgmt->u.auth)) {
582 event.auth.ies = mgmt->u.auth.variable;
583 event.auth.ies_len = len - 24 - sizeof(mgmt->u.auth);
586 wpa_supplicant_event(drv->ctx, EVENT_AUTH, &event);
590 static void mlme_event_assoc(struct wpa_driver_nl80211_data *drv,
591 const u8 *frame, size_t len)
593 const struct ieee80211_mgmt *mgmt;
594 union wpa_event_data event;
597 mgmt = (const struct ieee80211_mgmt *) frame;
598 if (len < 24 + sizeof(mgmt->u.assoc_resp)) {
599 wpa_printf(MSG_DEBUG, "nl80211: Too short association event "
604 status = le_to_host16(mgmt->u.assoc_resp.status_code);
605 if (status != WLAN_STATUS_SUCCESS) {
606 os_memset(&event, 0, sizeof(event));
607 event.assoc_reject.bssid = mgmt->bssid;
608 if (len > 24 + sizeof(mgmt->u.assoc_resp)) {
609 event.assoc_reject.resp_ies =
610 (u8 *) mgmt->u.assoc_resp.variable;
611 event.assoc_reject.resp_ies_len =
612 len - 24 - sizeof(mgmt->u.assoc_resp);
614 event.assoc_reject.status_code = status;
616 wpa_supplicant_event(drv->ctx, EVENT_ASSOC_REJECT, &event);
621 os_memcpy(drv->bssid, mgmt->sa, ETH_ALEN);
623 os_memset(&event, 0, sizeof(event));
624 if (len > 24 + sizeof(mgmt->u.assoc_resp)) {
625 event.assoc_info.resp_ies = (u8 *) mgmt->u.assoc_resp.variable;
626 event.assoc_info.resp_ies_len =
627 len - 24 - sizeof(mgmt->u.assoc_resp);
630 event.assoc_info.freq = drv->assoc_freq;
632 wpa_supplicant_event(drv->ctx, EVENT_ASSOC, &event);
636 static void mlme_event_connect(struct wpa_driver_nl80211_data *drv,
637 enum nl80211_commands cmd, struct nlattr *status,
638 struct nlattr *addr, struct nlattr *req_ie,
639 struct nlattr *resp_ie)
641 union wpa_event_data event;
643 if (drv->capa.flags & WPA_DRIVER_FLAGS_SME) {
645 * Avoid reporting two association events that would confuse
648 wpa_printf(MSG_DEBUG, "nl80211: Ignore connect event (cmd=%d) "
649 "when using userspace SME", cmd);
653 os_memset(&event, 0, sizeof(event));
654 if (cmd == NL80211_CMD_CONNECT &&
655 nla_get_u16(status) != WLAN_STATUS_SUCCESS) {
657 event.assoc_reject.bssid = nla_data(addr);
659 event.assoc_reject.resp_ies = nla_data(resp_ie);
660 event.assoc_reject.resp_ies_len = nla_len(resp_ie);
662 event.assoc_reject.status_code = nla_get_u16(status);
663 wpa_supplicant_event(drv->ctx, EVENT_ASSOC_REJECT, &event);
669 os_memcpy(drv->bssid, nla_data(addr), ETH_ALEN);
672 event.assoc_info.req_ies = nla_data(req_ie);
673 event.assoc_info.req_ies_len = nla_len(req_ie);
676 event.assoc_info.resp_ies = nla_data(resp_ie);
677 event.assoc_info.resp_ies_len = nla_len(resp_ie);
680 wpa_supplicant_event(drv->ctx, EVENT_ASSOC, &event);
684 static void mlme_timeout_event(struct wpa_driver_nl80211_data *drv,
685 enum nl80211_commands cmd, struct nlattr *addr)
687 union wpa_event_data event;
688 enum wpa_event_type ev;
690 if (nla_len(addr) != ETH_ALEN)
693 wpa_printf(MSG_DEBUG, "nl80211: MLME event %d; timeout with " MACSTR,
694 cmd, MAC2STR((u8 *) nla_data(addr)));
696 if (cmd == NL80211_CMD_AUTHENTICATE)
697 ev = EVENT_AUTH_TIMED_OUT;
698 else if (cmd == NL80211_CMD_ASSOCIATE)
699 ev = EVENT_ASSOC_TIMED_OUT;
703 os_memset(&event, 0, sizeof(event));
704 os_memcpy(event.timeout_event.addr, nla_data(addr), ETH_ALEN);
705 wpa_supplicant_event(drv->ctx, ev, &event);
709 static void mlme_event_mgmt(struct wpa_driver_nl80211_data *drv,
710 struct nlattr *freq, const u8 *frame, size_t len)
712 const struct ieee80211_mgmt *mgmt;
713 union wpa_event_data event;
716 mgmt = (const struct ieee80211_mgmt *) frame;
718 wpa_printf(MSG_DEBUG, "nl80211: Too short action frame");
722 fc = le_to_host16(mgmt->frame_control);
723 stype = WLAN_FC_GET_STYPE(fc);
725 os_memset(&event, 0, sizeof(event));
727 event.rx_action.freq = nla_get_u32(freq);
728 drv->last_mgmt_freq = event.rx_action.freq;
730 if (stype == WLAN_FC_STYPE_ACTION) {
731 event.rx_action.da = mgmt->da;
732 event.rx_action.sa = mgmt->sa;
733 event.rx_action.bssid = mgmt->bssid;
734 event.rx_action.category = mgmt->u.action.category;
735 event.rx_action.data = &mgmt->u.action.category + 1;
736 event.rx_action.len = frame + len - event.rx_action.data;
737 wpa_supplicant_event(drv->ctx, EVENT_RX_ACTION, &event);
739 event.rx_mgmt.frame = frame;
740 event.rx_mgmt.frame_len = len;
741 wpa_supplicant_event(drv->ctx, EVENT_RX_MGMT, &event);
746 static void mlme_event_action_tx_status(struct wpa_driver_nl80211_data *drv,
747 struct nlattr *cookie, const u8 *frame,
748 size_t len, struct nlattr *ack)
750 union wpa_event_data event;
751 const struct ieee80211_hdr *hdr;
758 cookie_val = nla_get_u64(cookie);
759 wpa_printf(MSG_DEBUG, "nl80211: Action TX status: cookie=0%llx%s "
761 (long long unsigned int) cookie_val,
762 cookie_val == drv->send_action_cookie ?
763 " (match)" : " (unknown)", ack != NULL);
764 if (cookie_val != drv->send_action_cookie)
767 hdr = (const struct ieee80211_hdr *) frame;
768 fc = le_to_host16(hdr->frame_control);
770 os_memset(&event, 0, sizeof(event));
771 event.tx_status.type = WLAN_FC_GET_TYPE(fc);
772 event.tx_status.stype = WLAN_FC_GET_STYPE(fc);
773 event.tx_status.dst = hdr->addr1;
774 event.tx_status.data = frame;
775 event.tx_status.data_len = len;
776 event.tx_status.ack = ack != NULL;
777 wpa_supplicant_event(drv->ctx, EVENT_TX_STATUS, &event);
781 static void mlme_event_deauth_disassoc(struct wpa_driver_nl80211_data *drv,
782 enum wpa_event_type type,
783 const u8 *frame, size_t len)
785 const struct ieee80211_mgmt *mgmt;
786 union wpa_event_data event;
787 const u8 *bssid = NULL;
790 mgmt = (const struct ieee80211_mgmt *) frame;
794 if (drv->associated != 0 &&
795 os_memcmp(bssid, drv->bssid, ETH_ALEN) != 0 &&
796 os_memcmp(bssid, drv->auth_bssid, ETH_ALEN) != 0) {
798 * We have presumably received this deauth as a
799 * response to a clear_state_mismatch() outgoing
800 * deauth. Don't let it take us offline!
802 wpa_printf(MSG_DEBUG, "nl80211: Deauth received "
803 "from Unknown BSSID " MACSTR " -- ignoring",
810 os_memset(&event, 0, sizeof(event));
812 /* Note: Same offset for Reason Code in both frame subtypes */
813 if (len >= 24 + sizeof(mgmt->u.deauth))
814 reason_code = le_to_host16(mgmt->u.deauth.reason_code);
816 if (type == EVENT_DISASSOC) {
817 event.disassoc_info.addr = bssid;
818 event.disassoc_info.reason_code = reason_code;
819 if (frame + len > mgmt->u.disassoc.variable) {
820 event.disassoc_info.ie = mgmt->u.disassoc.variable;
821 event.disassoc_info.ie_len = frame + len -
822 mgmt->u.disassoc.variable;
825 event.deauth_info.addr = bssid;
826 event.deauth_info.reason_code = reason_code;
827 if (frame + len > mgmt->u.deauth.variable) {
828 event.deauth_info.ie = mgmt->u.deauth.variable;
829 event.deauth_info.ie_len = frame + len -
830 mgmt->u.deauth.variable;
834 wpa_supplicant_event(drv->ctx, type, &event);
838 static void mlme_event(struct wpa_driver_nl80211_data *drv,
839 enum nl80211_commands cmd, struct nlattr *frame,
840 struct nlattr *addr, struct nlattr *timed_out,
841 struct nlattr *freq, struct nlattr *ack,
842 struct nlattr *cookie)
844 if (timed_out && addr) {
845 mlme_timeout_event(drv, cmd, addr);
850 wpa_printf(MSG_DEBUG, "nl80211: MLME event %d without frame "
855 wpa_printf(MSG_DEBUG, "nl80211: MLME event %d", cmd);
856 wpa_hexdump(MSG_MSGDUMP, "nl80211: MLME event frame",
857 nla_data(frame), nla_len(frame));
860 case NL80211_CMD_AUTHENTICATE:
861 mlme_event_auth(drv, nla_data(frame), nla_len(frame));
863 case NL80211_CMD_ASSOCIATE:
864 mlme_event_assoc(drv, nla_data(frame), nla_len(frame));
866 case NL80211_CMD_DEAUTHENTICATE:
867 mlme_event_deauth_disassoc(drv, EVENT_DEAUTH,
868 nla_data(frame), nla_len(frame));
870 case NL80211_CMD_DISASSOCIATE:
871 mlme_event_deauth_disassoc(drv, EVENT_DISASSOC,
872 nla_data(frame), nla_len(frame));
874 case NL80211_CMD_FRAME:
875 mlme_event_mgmt(drv, freq, nla_data(frame), nla_len(frame));
877 case NL80211_CMD_FRAME_TX_STATUS:
878 mlme_event_action_tx_status(drv, cookie, nla_data(frame),
879 nla_len(frame), ack);
887 static void mlme_event_michael_mic_failure(struct wpa_driver_nl80211_data *drv,
890 union wpa_event_data data;
892 wpa_printf(MSG_DEBUG, "nl80211: MLME event Michael MIC failure");
893 os_memset(&data, 0, sizeof(data));
894 if (tb[NL80211_ATTR_MAC]) {
895 wpa_hexdump(MSG_DEBUG, "nl80211: Source MAC address",
896 nla_data(tb[NL80211_ATTR_MAC]),
897 nla_len(tb[NL80211_ATTR_MAC]));
898 data.michael_mic_failure.src = nla_data(tb[NL80211_ATTR_MAC]);
900 if (tb[NL80211_ATTR_KEY_SEQ]) {
901 wpa_hexdump(MSG_DEBUG, "nl80211: TSC",
902 nla_data(tb[NL80211_ATTR_KEY_SEQ]),
903 nla_len(tb[NL80211_ATTR_KEY_SEQ]));
905 if (tb[NL80211_ATTR_KEY_TYPE]) {
906 enum nl80211_key_type key_type =
907 nla_get_u32(tb[NL80211_ATTR_KEY_TYPE]);
908 wpa_printf(MSG_DEBUG, "nl80211: Key Type %d", key_type);
909 if (key_type == NL80211_KEYTYPE_PAIRWISE)
910 data.michael_mic_failure.unicast = 1;
912 data.michael_mic_failure.unicast = 1;
914 if (tb[NL80211_ATTR_KEY_IDX]) {
915 u8 key_id = nla_get_u8(tb[NL80211_ATTR_KEY_IDX]);
916 wpa_printf(MSG_DEBUG, "nl80211: Key Id %d", key_id);
919 wpa_supplicant_event(drv->ctx, EVENT_MICHAEL_MIC_FAILURE, &data);
923 static void mlme_event_join_ibss(struct wpa_driver_nl80211_data *drv,
926 if (tb[NL80211_ATTR_MAC] == NULL) {
927 wpa_printf(MSG_DEBUG, "nl80211: No address in IBSS joined "
931 os_memcpy(drv->bssid, nla_data(tb[NL80211_ATTR_MAC]), ETH_ALEN);
933 wpa_printf(MSG_DEBUG, "nl80211: IBSS " MACSTR " joined",
934 MAC2STR(drv->bssid));
936 wpa_supplicant_event(drv->ctx, EVENT_ASSOC, NULL);
940 static void mlme_event_remain_on_channel(struct wpa_driver_nl80211_data *drv,
941 int cancel_event, struct nlattr *tb[])
943 unsigned int freq, chan_type, duration;
944 union wpa_event_data data;
947 if (tb[NL80211_ATTR_WIPHY_FREQ])
948 freq = nla_get_u32(tb[NL80211_ATTR_WIPHY_FREQ]);
952 if (tb[NL80211_ATTR_WIPHY_CHANNEL_TYPE])
953 chan_type = nla_get_u32(tb[NL80211_ATTR_WIPHY_CHANNEL_TYPE]);
957 if (tb[NL80211_ATTR_DURATION])
958 duration = nla_get_u32(tb[NL80211_ATTR_DURATION]);
962 if (tb[NL80211_ATTR_COOKIE])
963 cookie = nla_get_u64(tb[NL80211_ATTR_COOKIE]);
967 wpa_printf(MSG_DEBUG, "nl80211: Remain-on-channel event (cancel=%d "
968 "freq=%u channel_type=%u duration=%u cookie=0x%llx (%s))",
969 cancel_event, freq, chan_type, duration,
970 (long long unsigned int) cookie,
971 cookie == drv->remain_on_chan_cookie ? "match" : "unknown");
973 if (cookie != drv->remain_on_chan_cookie)
974 return; /* not for us */
976 drv->pending_remain_on_chan = !cancel_event;
978 os_memset(&data, 0, sizeof(data));
979 data.remain_on_channel.freq = freq;
980 data.remain_on_channel.duration = duration;
981 wpa_supplicant_event(drv->ctx, cancel_event ?
982 EVENT_CANCEL_REMAIN_ON_CHANNEL :
983 EVENT_REMAIN_ON_CHANNEL, &data);
987 static void send_scan_event(struct wpa_driver_nl80211_data *drv, int aborted,
990 union wpa_event_data event;
993 struct scan_info *info;
994 #define MAX_REPORT_FREQS 50
995 int freqs[MAX_REPORT_FREQS];
998 os_memset(&event, 0, sizeof(event));
999 info = &event.scan_info;
1000 info->aborted = aborted;
1002 if (tb[NL80211_ATTR_SCAN_SSIDS]) {
1003 nla_for_each_nested(nl, tb[NL80211_ATTR_SCAN_SSIDS], rem) {
1004 struct wpa_driver_scan_ssid *s =
1005 &info->ssids[info->num_ssids];
1006 s->ssid = nla_data(nl);
1007 s->ssid_len = nla_len(nl);
1009 if (info->num_ssids == WPAS_MAX_SCAN_SSIDS)
1013 if (tb[NL80211_ATTR_SCAN_FREQUENCIES]) {
1014 nla_for_each_nested(nl, tb[NL80211_ATTR_SCAN_FREQUENCIES], rem)
1016 freqs[num_freqs] = nla_get_u32(nl);
1018 if (num_freqs == MAX_REPORT_FREQS - 1)
1021 info->freqs = freqs;
1022 info->num_freqs = num_freqs;
1024 wpa_supplicant_event(drv->ctx, EVENT_SCAN_RESULTS, &event);
1028 static int get_link_signal(struct nl_msg *msg, void *arg)
1030 struct nlattr *tb[NL80211_ATTR_MAX + 1];
1031 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
1032 struct nlattr *sinfo[NL80211_STA_INFO_MAX + 1];
1033 static struct nla_policy policy[NL80211_STA_INFO_MAX + 1] = {
1034 [NL80211_STA_INFO_SIGNAL] = { .type = NLA_U8 },
1036 struct nlattr *rinfo[NL80211_RATE_INFO_MAX + 1];
1037 static struct nla_policy rate_policy[NL80211_RATE_INFO_MAX + 1] = {
1038 [NL80211_RATE_INFO_BITRATE] = { .type = NLA_U16 },
1039 [NL80211_RATE_INFO_MCS] = { .type = NLA_U8 },
1040 [NL80211_RATE_INFO_40_MHZ_WIDTH] = { .type = NLA_FLAG },
1041 [NL80211_RATE_INFO_SHORT_GI] = { .type = NLA_FLAG },
1043 struct signal_change *sig_change = arg;
1045 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
1046 genlmsg_attrlen(gnlh, 0), NULL);
1047 if (!tb[NL80211_ATTR_STA_INFO] ||
1048 nla_parse_nested(sinfo, NL80211_STA_INFO_MAX,
1049 tb[NL80211_ATTR_STA_INFO], policy))
1051 if (!sinfo[NL80211_STA_INFO_SIGNAL])
1054 sig_change->current_signal =
1055 (s8) nla_get_u8(sinfo[NL80211_STA_INFO_SIGNAL]);
1057 if (sinfo[NL80211_STA_INFO_TX_BITRATE]) {
1058 if (nla_parse_nested(rinfo, NL80211_RATE_INFO_MAX,
1059 sinfo[NL80211_STA_INFO_TX_BITRATE],
1061 sig_change->current_txrate = 0;
1063 if (rinfo[NL80211_RATE_INFO_BITRATE]) {
1064 sig_change->current_txrate =
1066 NL80211_RATE_INFO_BITRATE]) * 100;
1075 static int nl80211_get_link_signal(struct wpa_driver_nl80211_data *drv,
1076 struct signal_change *sig)
1080 sig->current_signal = -9999;
1081 sig->current_txrate = 0;
1083 msg = nlmsg_alloc();
1087 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
1088 0, NL80211_CMD_GET_STATION, 0);
1090 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
1091 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, drv->bssid);
1093 return send_and_recv_msgs(drv, msg, get_link_signal, sig);
1099 static int get_link_noise(struct nl_msg *msg, void *arg)
1101 struct nlattr *tb[NL80211_ATTR_MAX + 1];
1102 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
1103 struct nlattr *sinfo[NL80211_SURVEY_INFO_MAX + 1];
1104 static struct nla_policy survey_policy[NL80211_SURVEY_INFO_MAX + 1] = {
1105 [NL80211_SURVEY_INFO_FREQUENCY] = { .type = NLA_U32 },
1106 [NL80211_SURVEY_INFO_NOISE] = { .type = NLA_U8 },
1108 struct signal_change *sig_change = arg;
1110 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
1111 genlmsg_attrlen(gnlh, 0), NULL);
1113 if (!tb[NL80211_ATTR_SURVEY_INFO]) {
1114 wpa_printf(MSG_DEBUG, "nl80211: survey data missing!");
1118 if (nla_parse_nested(sinfo, NL80211_SURVEY_INFO_MAX,
1119 tb[NL80211_ATTR_SURVEY_INFO],
1121 wpa_printf(MSG_DEBUG, "nl80211: failed to parse nested "
1126 if (!sinfo[NL80211_SURVEY_INFO_FREQUENCY])
1129 if (nla_get_u32(sinfo[NL80211_SURVEY_INFO_FREQUENCY]) !=
1130 sig_change->frequency)
1133 if (!sinfo[NL80211_SURVEY_INFO_NOISE])
1136 sig_change->current_noise =
1137 (s8) nla_get_u8(sinfo[NL80211_SURVEY_INFO_NOISE]);
1143 static int nl80211_get_link_noise(struct wpa_driver_nl80211_data *drv,
1144 struct signal_change *sig_change)
1148 sig_change->current_noise = 9999;
1149 sig_change->frequency = drv->assoc_freq;
1151 msg = nlmsg_alloc();
1155 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
1156 NLM_F_DUMP, NL80211_CMD_GET_SURVEY, 0);
1158 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
1160 return send_and_recv_msgs(drv, msg, get_link_noise, sig_change);
1166 static void nl80211_cqm_event(struct wpa_driver_nl80211_data *drv,
1167 struct nlattr *tb[])
1169 static struct nla_policy cqm_policy[NL80211_ATTR_CQM_MAX + 1] = {
1170 [NL80211_ATTR_CQM_RSSI_THOLD] = { .type = NLA_U32 },
1171 [NL80211_ATTR_CQM_RSSI_HYST] = { .type = NLA_U8 },
1172 [NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT] = { .type = NLA_U32 },
1174 struct nlattr *cqm[NL80211_ATTR_CQM_MAX + 1];
1175 enum nl80211_cqm_rssi_threshold_event event;
1176 union wpa_event_data ed;
1177 struct signal_change sig;
1180 if (tb[NL80211_ATTR_CQM] == NULL ||
1181 nla_parse_nested(cqm, NL80211_ATTR_CQM_MAX, tb[NL80211_ATTR_CQM],
1183 wpa_printf(MSG_DEBUG, "nl80211: Ignore invalid CQM event");
1187 if (cqm[NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT] == NULL)
1189 event = nla_get_u32(cqm[NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT]);
1191 os_memset(&ed, 0, sizeof(ed));
1193 if (event == NL80211_CQM_RSSI_THRESHOLD_EVENT_HIGH) {
1194 wpa_printf(MSG_DEBUG, "nl80211: Connection quality monitor "
1195 "event: RSSI high");
1196 ed.signal_change.above_threshold = 1;
1197 } else if (event == NL80211_CQM_RSSI_THRESHOLD_EVENT_LOW) {
1198 wpa_printf(MSG_DEBUG, "nl80211: Connection quality monitor "
1200 ed.signal_change.above_threshold = 0;
1204 res = nl80211_get_link_signal(drv, &sig);
1206 ed.signal_change.current_signal = sig.current_signal;
1207 ed.signal_change.current_txrate = sig.current_txrate;
1208 wpa_printf(MSG_DEBUG, "nl80211: Signal: %d dBm txrate: %d",
1209 sig.current_signal, sig.current_txrate);
1212 res = nl80211_get_link_noise(drv, &sig);
1214 ed.signal_change.current_noise = sig.current_noise;
1215 wpa_printf(MSG_DEBUG, "nl80211: Noise: %d dBm",
1219 wpa_supplicant_event(drv->ctx, EVENT_SIGNAL_CHANGE, &ed);
1223 static void nl80211_new_station_event(struct wpa_driver_nl80211_data *drv,
1227 union wpa_event_data data;
1229 if (tb[NL80211_ATTR_MAC] == NULL)
1231 addr = nla_data(tb[NL80211_ATTR_MAC]);
1232 wpa_printf(MSG_DEBUG, "nl80211: New station " MACSTR, MAC2STR(addr));
1233 if (drv->nlmode != NL80211_IFTYPE_ADHOC)
1236 os_memset(&data, 0, sizeof(data));
1237 os_memcpy(data.ibss_rsn_start.peer, addr, ETH_ALEN);
1238 wpa_supplicant_event(drv->ctx, EVENT_IBSS_RSN_START, &data);
1242 static int process_event(struct nl_msg *msg, void *arg)
1244 struct wpa_driver_nl80211_data *drv = arg;
1245 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
1246 struct nlattr *tb[NL80211_ATTR_MAX + 1];
1247 union wpa_event_data data;
1249 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
1250 genlmsg_attrlen(gnlh, 0), NULL);
1252 if (tb[NL80211_ATTR_IFINDEX]) {
1253 int ifindex = nla_get_u32(tb[NL80211_ATTR_IFINDEX]);
1254 if (ifindex != drv->ifindex && !have_ifidx(drv, ifindex)) {
1255 wpa_printf(MSG_DEBUG, "nl80211: Ignored event (cmd=%d)"
1256 " for foreign interface (ifindex %d)",
1257 gnlh->cmd, ifindex);
1262 if (drv->ap_scan_as_station &&
1263 (gnlh->cmd == NL80211_CMD_NEW_SCAN_RESULTS ||
1264 gnlh->cmd == NL80211_CMD_SCAN_ABORTED)) {
1265 wpa_driver_nl80211_set_mode(&drv->first_bss,
1267 drv->ap_scan_as_station = 0;
1270 switch (gnlh->cmd) {
1271 case NL80211_CMD_TRIGGER_SCAN:
1272 wpa_printf(MSG_DEBUG, "nl80211: Scan trigger");
1274 case NL80211_CMD_NEW_SCAN_RESULTS:
1275 wpa_printf(MSG_DEBUG, "nl80211: New scan results available");
1276 drv->scan_complete_events = 1;
1277 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv,
1279 send_scan_event(drv, 0, tb);
1281 case NL80211_CMD_SCAN_ABORTED:
1282 wpa_printf(MSG_DEBUG, "nl80211: Scan aborted");
1284 * Need to indicate that scan results are available in order
1285 * not to make wpa_supplicant stop its scanning.
1287 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv,
1289 send_scan_event(drv, 1, tb);
1291 case NL80211_CMD_AUTHENTICATE:
1292 case NL80211_CMD_ASSOCIATE:
1293 case NL80211_CMD_DEAUTHENTICATE:
1294 case NL80211_CMD_DISASSOCIATE:
1295 case NL80211_CMD_FRAME:
1296 case NL80211_CMD_FRAME_TX_STATUS:
1297 mlme_event(drv, gnlh->cmd, tb[NL80211_ATTR_FRAME],
1298 tb[NL80211_ATTR_MAC], tb[NL80211_ATTR_TIMED_OUT],
1299 tb[NL80211_ATTR_WIPHY_FREQ], tb[NL80211_ATTR_ACK],
1300 tb[NL80211_ATTR_COOKIE]);
1302 case NL80211_CMD_CONNECT:
1303 case NL80211_CMD_ROAM:
1304 mlme_event_connect(drv, gnlh->cmd,
1305 tb[NL80211_ATTR_STATUS_CODE],
1306 tb[NL80211_ATTR_MAC],
1307 tb[NL80211_ATTR_REQ_IE],
1308 tb[NL80211_ATTR_RESP_IE]);
1310 case NL80211_CMD_DISCONNECT:
1311 if (drv->capa.flags & WPA_DRIVER_FLAGS_SME) {
1313 * Avoid reporting two disassociation events that could
1314 * confuse the core code.
1316 wpa_printf(MSG_DEBUG, "nl80211: Ignore disconnect "
1317 "event when using userspace SME");
1320 drv->associated = 0;
1321 os_memset(&data, 0, sizeof(data));
1322 if (tb[NL80211_ATTR_REASON_CODE])
1323 data.disassoc_info.reason_code =
1324 nla_get_u16(tb[NL80211_ATTR_REASON_CODE]);
1325 wpa_supplicant_event(drv->ctx, EVENT_DISASSOC, &data);
1327 case NL80211_CMD_MICHAEL_MIC_FAILURE:
1328 mlme_event_michael_mic_failure(drv, tb);
1330 case NL80211_CMD_JOIN_IBSS:
1331 mlme_event_join_ibss(drv, tb);
1333 case NL80211_CMD_REMAIN_ON_CHANNEL:
1334 mlme_event_remain_on_channel(drv, 0, tb);
1336 case NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL:
1337 mlme_event_remain_on_channel(drv, 1, tb);
1339 case NL80211_CMD_NOTIFY_CQM:
1340 nl80211_cqm_event(drv, tb);
1342 case NL80211_CMD_REG_CHANGE:
1343 wpa_printf(MSG_DEBUG, "nl80211: Regulatory domain change");
1344 wpa_supplicant_event(drv->ctx, EVENT_CHANNEL_LIST_CHANGED,
1347 case NL80211_CMD_REG_BEACON_HINT:
1348 wpa_printf(MSG_DEBUG, "nl80211: Regulatory beacon hint");
1349 wpa_supplicant_event(drv->ctx, EVENT_CHANNEL_LIST_CHANGED,
1352 case NL80211_CMD_NEW_STATION:
1353 nl80211_new_station_event(drv, tb);
1356 wpa_printf(MSG_DEBUG, "nl80211: Ignored unknown event "
1357 "(cmd=%d)", gnlh->cmd);
1365 static void wpa_driver_nl80211_event_receive(int sock, void *eloop_ctx,
1369 struct wpa_driver_nl80211_data *drv = eloop_ctx;
1371 wpa_printf(MSG_DEBUG, "nl80211: Event message available");
1373 cb = nl_cb_clone(drv->nl_cb);
1376 nl_cb_set(cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM, no_seq_check, NULL);
1377 nl_cb_set(cb, NL_CB_VALID, NL_CB_CUSTOM, process_event, drv);
1378 nl_recvmsgs(handle, cb);
1384 * wpa_driver_nl80211_set_country - ask nl80211 to set the regulatory domain
1385 * @priv: driver_nl80211 private data
1386 * @alpha2_arg: country to which to switch to
1387 * Returns: 0 on success, -1 on failure
1389 * This asks nl80211 to set the regulatory domain for given
1390 * country ISO / IEC alpha2.
1392 static int wpa_driver_nl80211_set_country(void *priv, const char *alpha2_arg)
1394 struct i802_bss *bss = priv;
1395 struct wpa_driver_nl80211_data *drv = bss->drv;
1399 msg = nlmsg_alloc();
1403 alpha2[0] = alpha2_arg[0];
1404 alpha2[1] = alpha2_arg[1];
1407 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
1408 0, NL80211_CMD_REQ_SET_REG, 0);
1410 NLA_PUT_STRING(msg, NL80211_ATTR_REG_ALPHA2, alpha2);
1411 if (send_and_recv_msgs(drv, msg, NULL, NULL))
1420 struct wiphy_info_data {
1424 int connect_supported;
1428 static int wiphy_info_handler(struct nl_msg *msg, void *arg)
1430 struct nlattr *tb[NL80211_ATTR_MAX + 1];
1431 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
1432 struct wiphy_info_data *info = arg;
1434 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
1435 genlmsg_attrlen(gnlh, 0), NULL);
1437 if (tb[NL80211_ATTR_MAX_NUM_SCAN_SSIDS])
1438 info->max_scan_ssids =
1439 nla_get_u8(tb[NL80211_ATTR_MAX_NUM_SCAN_SSIDS]);
1441 if (tb[NL80211_ATTR_SUPPORTED_IFTYPES]) {
1442 struct nlattr *nl_mode;
1444 nla_for_each_nested(nl_mode,
1445 tb[NL80211_ATTR_SUPPORTED_IFTYPES], i) {
1446 if (nl_mode->nla_type == NL80211_IFTYPE_AP) {
1447 info->ap_supported = 1;
1453 if (tb[NL80211_ATTR_SUPPORTED_COMMANDS]) {
1454 struct nlattr *nl_cmd;
1457 nla_for_each_nested(nl_cmd,
1458 tb[NL80211_ATTR_SUPPORTED_COMMANDS], i) {
1459 u32 cmd = nla_get_u32(nl_cmd);
1460 if (cmd == NL80211_CMD_AUTHENTICATE)
1461 info->auth_supported = 1;
1462 else if (cmd == NL80211_CMD_CONNECT)
1463 info->connect_supported = 1;
1471 static int wpa_driver_nl80211_get_info(struct wpa_driver_nl80211_data *drv,
1472 struct wiphy_info_data *info)
1476 os_memset(info, 0, sizeof(*info));
1477 msg = nlmsg_alloc();
1481 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
1482 0, NL80211_CMD_GET_WIPHY, 0);
1484 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->first_bss.ifindex);
1486 if (send_and_recv_msgs(drv, msg, wiphy_info_handler, info) == 0)
1495 static int wpa_driver_nl80211_capa(struct wpa_driver_nl80211_data *drv)
1497 struct wiphy_info_data info;
1498 if (wpa_driver_nl80211_get_info(drv, &info))
1500 drv->has_capability = 1;
1501 /* For now, assume TKIP, CCMP, WPA, WPA2 are supported */
1502 drv->capa.key_mgmt = WPA_DRIVER_CAPA_KEY_MGMT_WPA |
1503 WPA_DRIVER_CAPA_KEY_MGMT_WPA_PSK |
1504 WPA_DRIVER_CAPA_KEY_MGMT_WPA2 |
1505 WPA_DRIVER_CAPA_KEY_MGMT_WPA2_PSK;
1506 drv->capa.enc = WPA_DRIVER_CAPA_ENC_WEP40 |
1507 WPA_DRIVER_CAPA_ENC_WEP104 |
1508 WPA_DRIVER_CAPA_ENC_TKIP |
1509 WPA_DRIVER_CAPA_ENC_CCMP;
1510 drv->capa.auth = WPA_DRIVER_AUTH_OPEN |
1511 WPA_DRIVER_AUTH_SHARED |
1512 WPA_DRIVER_AUTH_LEAP;
1514 drv->capa.max_scan_ssids = info.max_scan_ssids;
1515 if (info.ap_supported)
1516 drv->capa.flags |= WPA_DRIVER_FLAGS_AP;
1518 if (info.auth_supported)
1519 drv->capa.flags |= WPA_DRIVER_FLAGS_SME;
1520 else if (!info.connect_supported) {
1521 wpa_printf(MSG_INFO, "nl80211: Driver does not support "
1522 "authentication/association or connect commands");
1526 drv->capa.flags |= WPA_DRIVER_FLAGS_SANE_ERROR_CODES;
1527 drv->capa.flags |= WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC_DONE;
1528 drv->capa.flags |= WPA_DRIVER_FLAGS_P2P_CAPABLE;
1529 drv->capa.max_remain_on_chan = 5000;
1533 #endif /* HOSTAPD */
1536 static int wpa_driver_nl80211_init_nl(struct wpa_driver_nl80211_data *drv)
1540 /* Initialize generic netlink and nl80211 */
1542 drv->nl_cb = nl_cb_alloc(NL_CB_DEFAULT);
1543 if (drv->nl_cb == NULL) {
1544 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate netlink "
1549 drv->nl_handle = nl80211_handle_alloc(drv->nl_cb);
1550 if (drv->nl_handle == NULL) {
1551 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate netlink "
1556 drv->nl_handle_event = nl80211_handle_alloc(drv->nl_cb);
1557 if (drv->nl_handle_event == NULL) {
1558 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate netlink "
1559 "callbacks (event)");
1563 if (genl_connect(drv->nl_handle)) {
1564 wpa_printf(MSG_ERROR, "nl80211: Failed to connect to generic "
1569 if (genl_connect(drv->nl_handle_event)) {
1570 wpa_printf(MSG_ERROR, "nl80211: Failed to connect to generic "
1575 #ifdef CONFIG_LIBNL20
1576 if (genl_ctrl_alloc_cache(drv->nl_handle, &drv->nl_cache) < 0) {
1577 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate generic "
1581 if (genl_ctrl_alloc_cache(drv->nl_handle_event, &drv->nl_cache_event) <
1583 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate generic "
1584 "netlink cache (event)");
1587 #else /* CONFIG_LIBNL20 */
1588 drv->nl_cache = genl_ctrl_alloc_cache(drv->nl_handle);
1589 if (drv->nl_cache == NULL) {
1590 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate generic "
1594 drv->nl_cache_event = genl_ctrl_alloc_cache(drv->nl_handle_event);
1595 if (drv->nl_cache_event == NULL) {
1596 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate generic "
1597 "netlink cache (event)");
1600 #endif /* CONFIG_LIBNL20 */
1602 drv->nl80211 = genl_ctrl_search_by_name(drv->nl_cache, "nl80211");
1603 if (drv->nl80211 == NULL) {
1604 wpa_printf(MSG_ERROR, "nl80211: 'nl80211' generic netlink not "
1609 ret = nl_get_multicast_id(drv, "nl80211", "scan");
1611 ret = nl_socket_add_membership(drv->nl_handle_event, ret);
1613 wpa_printf(MSG_ERROR, "nl80211: Could not add multicast "
1614 "membership for scan events: %d (%s)",
1615 ret, strerror(-ret));
1619 ret = nl_get_multicast_id(drv, "nl80211", "mlme");
1621 ret = nl_socket_add_membership(drv->nl_handle_event, ret);
1623 wpa_printf(MSG_ERROR, "nl80211: Could not add multicast "
1624 "membership for mlme events: %d (%s)",
1625 ret, strerror(-ret));
1629 ret = nl_get_multicast_id(drv, "nl80211", "regulatory");
1631 ret = nl_socket_add_membership(drv->nl_handle_event, ret);
1633 wpa_printf(MSG_DEBUG, "nl80211: Could not add multicast "
1634 "membership for regulatory events: %d (%s)",
1635 ret, strerror(-ret));
1636 /* Continue without regulatory events */
1639 eloop_register_read_sock(nl_socket_get_fd(drv->nl_handle_event),
1640 wpa_driver_nl80211_event_receive, drv,
1641 drv->nl_handle_event);
1646 nl_cache_free(drv->nl_cache_event);
1648 nl_cache_free(drv->nl_cache);
1650 nl80211_handle_destroy(drv->nl_handle_event);
1652 nl80211_handle_destroy(drv->nl_handle);
1654 nl_cb_put(drv->nl_cb);
1660 static void wpa_driver_nl80211_rfkill_blocked(void *ctx)
1662 wpa_printf(MSG_DEBUG, "nl80211: RFKILL blocked");
1664 * This may be for any interface; use ifdown event to disable
1670 static void wpa_driver_nl80211_rfkill_unblocked(void *ctx)
1672 struct wpa_driver_nl80211_data *drv = ctx;
1673 wpa_printf(MSG_DEBUG, "nl80211: RFKILL unblocked");
1674 if (linux_set_iface_flags(drv->ioctl_sock, drv->first_bss.ifname, 1)) {
1675 wpa_printf(MSG_DEBUG, "nl80211: Could not set interface UP "
1676 "after rfkill unblock");
1679 /* rtnetlink ifup handler will report interface as enabled */
1683 static void nl80211_get_phy_name(struct wpa_driver_nl80211_data *drv)
1685 /* Find phy (radio) to which this interface belongs */
1689 drv->phyname[0] = '\0';
1690 snprintf(buf, sizeof(buf) - 1, "/sys/class/net/%s/phy80211/name",
1691 drv->first_bss.ifname);
1692 f = open(buf, O_RDONLY);
1694 wpa_printf(MSG_DEBUG, "Could not open file %s: %s",
1695 buf, strerror(errno));
1699 rv = read(f, drv->phyname, sizeof(drv->phyname) - 1);
1702 wpa_printf(MSG_DEBUG, "Could not read file %s: %s",
1703 buf, strerror(errno));
1707 drv->phyname[rv] = '\0';
1708 pos = os_strchr(drv->phyname, '\n');
1711 wpa_printf(MSG_DEBUG, "nl80211: interface %s in phy %s",
1712 drv->first_bss.ifname, drv->phyname);
1717 * wpa_driver_nl80211_init - Initialize nl80211 driver interface
1718 * @ctx: context to be used when calling wpa_supplicant functions,
1719 * e.g., wpa_supplicant_event()
1720 * @ifname: interface name, e.g., wlan0
1721 * @global_priv: private driver global data from global_init()
1722 * Returns: Pointer to private data, %NULL on failure
1724 static void * wpa_driver_nl80211_init(void *ctx, const char *ifname,
1727 struct wpa_driver_nl80211_data *drv;
1728 struct netlink_config *cfg;
1729 struct rfkill_config *rcfg;
1730 struct i802_bss *bss;
1732 drv = os_zalloc(sizeof(*drv));
1735 drv->global = global_priv;
1737 dl_list_add(&drv->global->interfaces, &drv->list);
1739 bss = &drv->first_bss;
1741 os_strlcpy(bss->ifname, ifname, sizeof(bss->ifname));
1742 drv->monitor_ifidx = -1;
1743 drv->monitor_sock = -1;
1744 drv->ioctl_sock = -1;
1746 if (wpa_driver_nl80211_init_nl(drv)) {
1751 nl80211_get_phy_name(drv);
1753 drv->ioctl_sock = socket(PF_INET, SOCK_DGRAM, 0);
1754 if (drv->ioctl_sock < 0) {
1755 perror("socket(PF_INET,SOCK_DGRAM)");
1759 cfg = os_zalloc(sizeof(*cfg));
1763 cfg->newlink_cb = wpa_driver_nl80211_event_rtm_newlink;
1764 cfg->dellink_cb = wpa_driver_nl80211_event_rtm_dellink;
1765 drv->netlink = netlink_init(cfg);
1766 if (drv->netlink == NULL) {
1771 rcfg = os_zalloc(sizeof(*rcfg));
1775 os_strlcpy(rcfg->ifname, ifname, sizeof(rcfg->ifname));
1776 rcfg->blocked_cb = wpa_driver_nl80211_rfkill_blocked;
1777 rcfg->unblocked_cb = wpa_driver_nl80211_rfkill_unblocked;
1778 drv->rfkill = rfkill_init(rcfg);
1779 if (drv->rfkill == NULL) {
1780 wpa_printf(MSG_DEBUG, "nl80211: RFKILL status not available");
1784 if (wpa_driver_nl80211_finish_drv_init(drv))
1790 rfkill_deinit(drv->rfkill);
1791 netlink_deinit(drv->netlink);
1792 if (drv->ioctl_sock >= 0)
1793 close(drv->ioctl_sock);
1795 genl_family_put(drv->nl80211);
1796 nl_cache_free(drv->nl_cache);
1797 nl80211_handle_destroy(drv->nl_handle);
1798 nl_cb_put(drv->nl_cb);
1799 eloop_unregister_read_sock(nl_socket_get_fd(drv->nl_handle_event));
1806 static int nl80211_register_frame(struct wpa_driver_nl80211_data *drv,
1807 struct nl_handle *nl_handle,
1808 u16 type, const u8 *match, size_t match_len)
1813 msg = nlmsg_alloc();
1817 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
1818 NL80211_CMD_REGISTER_ACTION, 0);
1820 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
1821 NLA_PUT_U16(msg, NL80211_ATTR_FRAME_TYPE, type);
1822 NLA_PUT(msg, NL80211_ATTR_FRAME_MATCH, match_len, match);
1824 ret = send_and_recv(drv, nl_handle, msg, NULL, NULL);
1827 wpa_printf(MSG_DEBUG, "nl80211: Register frame command "
1828 "failed (type=%u): ret=%d (%s)",
1829 type, ret, strerror(-ret));
1830 wpa_hexdump(MSG_DEBUG, "nl80211: Register frame match",
1832 goto nla_put_failure;
1841 static int nl80211_register_action_frame(struct wpa_driver_nl80211_data *drv,
1842 const u8 *match, size_t match_len)
1844 u16 type = (WLAN_FC_TYPE_MGMT << 2) | (WLAN_FC_STYPE_ACTION << 4);
1845 return nl80211_register_frame(drv, drv->nl_handle_event,
1846 type, match, match_len);
1850 static int nl80211_register_action_frames(struct wpa_driver_nl80211_data *drv)
1853 /* GAS Initial Request */
1854 if (nl80211_register_action_frame(drv, (u8 *) "\x04\x0a", 2) < 0)
1856 /* GAS Initial Response */
1857 if (nl80211_register_action_frame(drv, (u8 *) "\x04\x0b", 2) < 0)
1859 /* GAS Comeback Request */
1860 if (nl80211_register_action_frame(drv, (u8 *) "\x04\x0c", 2) < 0)
1862 /* GAS Comeback Response */
1863 if (nl80211_register_action_frame(drv, (u8 *) "\x04\x0d", 2) < 0)
1865 /* P2P Public Action */
1866 if (nl80211_register_action_frame(drv,
1867 (u8 *) "\x04\x09\x50\x6f\x9a\x09",
1871 if (nl80211_register_action_frame(drv,
1872 (u8 *) "\x7f\x50\x6f\x9a\x09",
1875 #endif /* CONFIG_P2P */
1877 /* FT Action frames */
1878 if (nl80211_register_action_frame(drv, (u8 *) "\x06", 1) < 0)
1881 drv->capa.key_mgmt |= WPA_DRIVER_CAPA_KEY_MGMT_FT |
1882 WPA_DRIVER_CAPA_KEY_MGMT_FT_PSK;
1888 static void wpa_driver_nl80211_send_rfkill(void *eloop_ctx, void *timeout_ctx)
1890 wpa_supplicant_event(timeout_ctx, EVENT_INTERFACE_DISABLED, NULL);
1895 wpa_driver_nl80211_finish_drv_init(struct wpa_driver_nl80211_data *drv)
1897 struct i802_bss *bss = &drv->first_bss;
1898 int send_rfkill_event = 0;
1900 drv->ifindex = if_nametoindex(bss->ifname);
1901 drv->first_bss.ifindex = drv->ifindex;
1904 if (wpa_driver_nl80211_set_mode(bss, IEEE80211_MODE_INFRA) < 0) {
1905 wpa_printf(MSG_DEBUG, "nl80211: Could not configure driver to "
1906 "use managed mode");
1909 if (linux_set_iface_flags(drv->ioctl_sock, bss->ifname, 1)) {
1910 if (rfkill_is_blocked(drv->rfkill)) {
1911 wpa_printf(MSG_DEBUG, "nl80211: Could not yet enable "
1912 "interface '%s' due to rfkill",
1914 drv->if_disabled = 1;
1915 send_rfkill_event = 1;
1917 wpa_printf(MSG_ERROR, "nl80211: Could not set "
1918 "interface '%s' UP", bss->ifname);
1923 if (wpa_driver_nl80211_capa(drv))
1926 netlink_send_oper_ifla(drv->netlink, drv->ifindex,
1927 1, IF_OPER_DORMANT);
1928 #endif /* HOSTAPD */
1930 linux_get_ifhwaddr(drv->ioctl_sock, bss->ifname, drv->addr);
1932 if (nl80211_register_action_frames(drv) < 0) {
1933 wpa_printf(MSG_DEBUG, "nl80211: Failed to register Action "
1934 "frame processing - ignore for now");
1936 * Older kernel versions did not support this, so ignore the
1937 * error for now. Some functionality may not be available
1942 if (send_rfkill_event) {
1943 eloop_register_timeout(0, 0, wpa_driver_nl80211_send_rfkill,
1951 static int wpa_driver_nl80211_del_beacon(struct wpa_driver_nl80211_data *drv)
1955 msg = nlmsg_alloc();
1959 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
1960 0, NL80211_CMD_DEL_BEACON, 0);
1961 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
1963 return send_and_recv_msgs(drv, msg, NULL, NULL);
1970 * wpa_driver_nl80211_deinit - Deinitialize nl80211 driver interface
1971 * @priv: Pointer to private nl80211 data from wpa_driver_nl80211_init()
1973 * Shut down driver interface and processing of driver events. Free
1974 * private data buffer if one was allocated in wpa_driver_nl80211_init().
1976 static void wpa_driver_nl80211_deinit(void *priv)
1978 struct i802_bss *bss = priv;
1979 struct wpa_driver_nl80211_data *drv = bss->drv;
1981 if (drv->nl_handle_preq)
1982 wpa_driver_nl80211_probe_req_report(bss, 0);
1983 if (drv->added_if_into_bridge) {
1984 if (linux_br_del_if(drv->ioctl_sock, drv->brname, bss->ifname)
1986 wpa_printf(MSG_INFO, "nl80211: Failed to remove "
1987 "interface %s from bridge %s: %s",
1988 bss->ifname, drv->brname, strerror(errno));
1990 if (drv->added_bridge) {
1991 if (linux_br_del(drv->ioctl_sock, drv->brname) < 0)
1992 wpa_printf(MSG_INFO, "nl80211: Failed to remove "
1994 drv->brname, strerror(errno));
1997 nl80211_remove_monitor_interface(drv);
1999 if (drv->nlmode == NL80211_IFTYPE_AP)
2000 wpa_driver_nl80211_del_beacon(drv);
2003 if (drv->last_freq_ht) {
2004 /* Clear HT flags from the driver */
2005 struct hostapd_freq_params freq;
2006 os_memset(&freq, 0, sizeof(freq));
2007 freq.freq = drv->last_freq;
2008 i802_set_freq(priv, &freq);
2011 if (drv->eapol_sock >= 0) {
2012 eloop_unregister_read_sock(drv->eapol_sock);
2013 close(drv->eapol_sock);
2016 if (drv->if_indices != drv->default_if_indices)
2017 os_free(drv->if_indices);
2018 #endif /* HOSTAPD */
2020 if (drv->disable_11b_rates)
2021 nl80211_disable_11b_rates(drv, drv->ifindex, 0);
2023 netlink_send_oper_ifla(drv->netlink, drv->ifindex, 0, IF_OPER_UP);
2024 netlink_deinit(drv->netlink);
2025 rfkill_deinit(drv->rfkill);
2027 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv, drv->ctx);
2029 (void) linux_set_iface_flags(drv->ioctl_sock, bss->ifname, 0);
2030 wpa_driver_nl80211_set_mode(bss, IEEE80211_MODE_INFRA);
2032 if (drv->ioctl_sock >= 0)
2033 close(drv->ioctl_sock);
2035 eloop_unregister_read_sock(nl_socket_get_fd(drv->nl_handle_event));
2036 genl_family_put(drv->nl80211);
2037 nl_cache_free(drv->nl_cache);
2038 nl_cache_free(drv->nl_cache_event);
2039 nl80211_handle_destroy(drv->nl_handle);
2040 nl80211_handle_destroy(drv->nl_handle_event);
2041 nl_cb_put(drv->nl_cb);
2043 os_free(drv->filter_ssids);
2046 dl_list_del(&drv->list);
2053 * wpa_driver_nl80211_scan_timeout - Scan timeout to report scan completion
2054 * @eloop_ctx: Driver private data
2055 * @timeout_ctx: ctx argument given to wpa_driver_nl80211_init()
2057 * This function can be used as registered timeout when starting a scan to
2058 * generate a scan completed event if the driver does not report this.
2060 static void wpa_driver_nl80211_scan_timeout(void *eloop_ctx, void *timeout_ctx)
2062 struct wpa_driver_nl80211_data *drv = eloop_ctx;
2063 if (drv->ap_scan_as_station) {
2064 wpa_driver_nl80211_set_mode(&drv->first_bss,
2066 drv->ap_scan_as_station = 0;
2068 wpa_printf(MSG_DEBUG, "Scan timeout - try to get results");
2069 wpa_supplicant_event(timeout_ctx, EVENT_SCAN_RESULTS, NULL);
2074 * wpa_driver_nl80211_scan - Request the driver to initiate scan
2075 * @priv: Pointer to private driver data from wpa_driver_nl80211_init()
2076 * @params: Scan parameters
2077 * Returns: 0 on success, -1 on failure
2079 static int wpa_driver_nl80211_scan(void *priv,
2080 struct wpa_driver_scan_params *params)
2082 struct i802_bss *bss = priv;
2083 struct wpa_driver_nl80211_data *drv = bss->drv;
2084 int ret = 0, timeout;
2085 struct nl_msg *msg, *ssids, *freqs;
2088 msg = nlmsg_alloc();
2089 ssids = nlmsg_alloc();
2090 freqs = nlmsg_alloc();
2091 if (!msg || !ssids || !freqs) {
2098 os_free(drv->filter_ssids);
2099 drv->filter_ssids = params->filter_ssids;
2100 params->filter_ssids = NULL;
2101 drv->num_filter_ssids = params->num_filter_ssids;
2103 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
2104 NL80211_CMD_TRIGGER_SCAN, 0);
2106 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
2108 for (i = 0; i < params->num_ssids; i++) {
2109 wpa_hexdump_ascii(MSG_MSGDUMP, "nl80211: Scan SSID",
2110 params->ssids[i].ssid,
2111 params->ssids[i].ssid_len);
2112 NLA_PUT(ssids, i + 1, params->ssids[i].ssid_len,
2113 params->ssids[i].ssid);
2115 if (params->num_ssids)
2116 nla_put_nested(msg, NL80211_ATTR_SCAN_SSIDS, ssids);
2118 if (params->extra_ies) {
2119 wpa_hexdump_ascii(MSG_MSGDUMP, "nl80211: Scan extra IEs",
2120 params->extra_ies, params->extra_ies_len);
2121 NLA_PUT(msg, NL80211_ATTR_IE, params->extra_ies_len,
2125 if (params->freqs) {
2126 for (i = 0; params->freqs[i]; i++) {
2127 wpa_printf(MSG_MSGDUMP, "nl80211: Scan frequency %u "
2128 "MHz", params->freqs[i]);
2129 NLA_PUT_U32(freqs, i + 1, params->freqs[i]);
2131 nla_put_nested(msg, NL80211_ATTR_SCAN_FREQUENCIES, freqs);
2134 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
2137 wpa_printf(MSG_DEBUG, "nl80211: Scan trigger failed: ret=%d "
2138 "(%s)", ret, strerror(-ret));
2140 if (drv->nlmode == NL80211_IFTYPE_AP) {
2142 * mac80211 does not allow scan requests in AP mode, so
2143 * try to do this in station mode.
2145 if (wpa_driver_nl80211_set_mode(bss,
2146 IEEE80211_MODE_INFRA))
2147 goto nla_put_failure;
2149 if (wpa_driver_nl80211_scan(drv, params)) {
2150 wpa_driver_nl80211_set_mode(bss,
2152 goto nla_put_failure;
2155 /* Restore AP mode when processing scan results */
2156 drv->ap_scan_as_station = 1;
2159 goto nla_put_failure;
2161 goto nla_put_failure;
2162 #endif /* HOSTAPD */
2165 /* Not all drivers generate "scan completed" wireless event, so try to
2166 * read results after a timeout. */
2168 if (drv->scan_complete_events) {
2170 * The driver seems to deliver events to notify when scan is
2171 * complete, so use longer timeout to avoid race conditions
2172 * with scanning and following association request.
2176 wpa_printf(MSG_DEBUG, "Scan requested (ret=%d) - scan timeout %d "
2177 "seconds", ret, timeout);
2178 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv, drv->ctx);
2179 eloop_register_timeout(timeout, 0, wpa_driver_nl80211_scan_timeout,
2190 static const u8 * nl80211_get_ie(const u8 *ies, size_t ies_len, u8 ie)
2192 const u8 *end, *pos;
2198 end = ies + ies_len;
2200 while (pos + 1 < end) {
2201 if (pos + 2 + pos[1] > end)
2212 static int nl80211_scan_filtered(struct wpa_driver_nl80211_data *drv,
2213 const u8 *ie, size_t ie_len)
2218 if (drv->filter_ssids == NULL)
2221 ssid = nl80211_get_ie(ie, ie_len, WLAN_EID_SSID);
2225 for (i = 0; i < drv->num_filter_ssids; i++) {
2226 if (ssid[1] == drv->filter_ssids[i].ssid_len &&
2227 os_memcmp(ssid + 2, drv->filter_ssids[i].ssid, ssid[1]) ==
2236 struct nl80211_bss_info_arg {
2237 struct wpa_driver_nl80211_data *drv;
2238 struct wpa_scan_results *res;
2241 static int bss_info_handler(struct nl_msg *msg, void *arg)
2243 struct nlattr *tb[NL80211_ATTR_MAX + 1];
2244 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
2245 struct nlattr *bss[NL80211_BSS_MAX + 1];
2246 static struct nla_policy bss_policy[NL80211_BSS_MAX + 1] = {
2247 [NL80211_BSS_BSSID] = { .type = NLA_UNSPEC },
2248 [NL80211_BSS_FREQUENCY] = { .type = NLA_U32 },
2249 [NL80211_BSS_TSF] = { .type = NLA_U64 },
2250 [NL80211_BSS_BEACON_INTERVAL] = { .type = NLA_U16 },
2251 [NL80211_BSS_CAPABILITY] = { .type = NLA_U16 },
2252 [NL80211_BSS_INFORMATION_ELEMENTS] = { .type = NLA_UNSPEC },
2253 [NL80211_BSS_SIGNAL_MBM] = { .type = NLA_U32 },
2254 [NL80211_BSS_SIGNAL_UNSPEC] = { .type = NLA_U8 },
2255 [NL80211_BSS_STATUS] = { .type = NLA_U32 },
2256 [NL80211_BSS_SEEN_MS_AGO] = { .type = NLA_U32 },
2257 [NL80211_BSS_BEACON_IES] = { .type = NLA_UNSPEC },
2259 struct nl80211_bss_info_arg *_arg = arg;
2260 struct wpa_scan_results *res = _arg->res;
2261 struct wpa_scan_res **tmp;
2262 struct wpa_scan_res *r;
2263 const u8 *ie, *beacon_ie;
2264 size_t ie_len, beacon_ie_len;
2267 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
2268 genlmsg_attrlen(gnlh, 0), NULL);
2269 if (!tb[NL80211_ATTR_BSS])
2271 if (nla_parse_nested(bss, NL80211_BSS_MAX, tb[NL80211_ATTR_BSS],
2274 if (bss[NL80211_BSS_INFORMATION_ELEMENTS]) {
2275 ie = nla_data(bss[NL80211_BSS_INFORMATION_ELEMENTS]);
2276 ie_len = nla_len(bss[NL80211_BSS_INFORMATION_ELEMENTS]);
2281 if (bss[NL80211_BSS_BEACON_IES]) {
2282 beacon_ie = nla_data(bss[NL80211_BSS_BEACON_IES]);
2283 beacon_ie_len = nla_len(bss[NL80211_BSS_BEACON_IES]);
2289 if (nl80211_scan_filtered(_arg->drv, ie ? ie : beacon_ie,
2290 ie ? ie_len : beacon_ie_len))
2293 r = os_zalloc(sizeof(*r) + ie_len + beacon_ie_len);
2296 if (bss[NL80211_BSS_BSSID])
2297 os_memcpy(r->bssid, nla_data(bss[NL80211_BSS_BSSID]),
2299 if (bss[NL80211_BSS_FREQUENCY])
2300 r->freq = nla_get_u32(bss[NL80211_BSS_FREQUENCY]);
2301 if (bss[NL80211_BSS_BEACON_INTERVAL])
2302 r->beacon_int = nla_get_u16(bss[NL80211_BSS_BEACON_INTERVAL]);
2303 if (bss[NL80211_BSS_CAPABILITY])
2304 r->caps = nla_get_u16(bss[NL80211_BSS_CAPABILITY]);
2305 r->flags |= WPA_SCAN_NOISE_INVALID;
2306 if (bss[NL80211_BSS_SIGNAL_MBM]) {
2307 r->level = nla_get_u32(bss[NL80211_BSS_SIGNAL_MBM]);
2308 r->level /= 100; /* mBm to dBm */
2309 r->flags |= WPA_SCAN_LEVEL_DBM | WPA_SCAN_QUAL_INVALID;
2310 } else if (bss[NL80211_BSS_SIGNAL_UNSPEC]) {
2311 r->level = nla_get_u8(bss[NL80211_BSS_SIGNAL_UNSPEC]);
2312 r->flags |= WPA_SCAN_LEVEL_INVALID;
2314 r->flags |= WPA_SCAN_LEVEL_INVALID | WPA_SCAN_QUAL_INVALID;
2315 if (bss[NL80211_BSS_TSF])
2316 r->tsf = nla_get_u64(bss[NL80211_BSS_TSF]);
2317 if (bss[NL80211_BSS_SEEN_MS_AGO])
2318 r->age = nla_get_u32(bss[NL80211_BSS_SEEN_MS_AGO]);
2320 pos = (u8 *) (r + 1);
2322 os_memcpy(pos, ie, ie_len);
2325 r->beacon_ie_len = beacon_ie_len;
2327 os_memcpy(pos, beacon_ie, beacon_ie_len);
2329 if (bss[NL80211_BSS_STATUS]) {
2330 enum nl80211_bss_status status;
2331 status = nla_get_u32(bss[NL80211_BSS_STATUS]);
2333 case NL80211_BSS_STATUS_AUTHENTICATED:
2334 r->flags |= WPA_SCAN_AUTHENTICATED;
2336 case NL80211_BSS_STATUS_ASSOCIATED:
2337 r->flags |= WPA_SCAN_ASSOCIATED;
2344 tmp = os_realloc(res->res,
2345 (res->num + 1) * sizeof(struct wpa_scan_res *));
2350 tmp[res->num++] = r;
2357 static void clear_state_mismatch(struct wpa_driver_nl80211_data *drv,
2360 if (drv->capa.flags & WPA_DRIVER_FLAGS_SME) {
2361 wpa_printf(MSG_DEBUG, "nl80211: Clear possible state "
2362 "mismatch (" MACSTR ")", MAC2STR(addr));
2363 wpa_driver_nl80211_mlme(drv, addr,
2364 NL80211_CMD_DEAUTHENTICATE,
2365 WLAN_REASON_PREV_AUTH_NOT_VALID, 1);
2370 static void wpa_driver_nl80211_check_bss_status(
2371 struct wpa_driver_nl80211_data *drv, struct wpa_scan_results *res)
2375 for (i = 0; i < res->num; i++) {
2376 struct wpa_scan_res *r = res->res[i];
2377 if (r->flags & WPA_SCAN_AUTHENTICATED) {
2378 wpa_printf(MSG_DEBUG, "nl80211: Scan results "
2379 "indicates BSS status with " MACSTR
2380 " as authenticated",
2382 if (drv->nlmode == NL80211_IFTYPE_STATION &&
2383 os_memcmp(r->bssid, drv->bssid, ETH_ALEN) != 0 &&
2384 os_memcmp(r->bssid, drv->auth_bssid, ETH_ALEN) !=
2386 wpa_printf(MSG_DEBUG, "nl80211: Unknown BSSID"
2387 " in local state (auth=" MACSTR
2388 " assoc=" MACSTR ")",
2389 MAC2STR(drv->auth_bssid),
2390 MAC2STR(drv->bssid));
2391 clear_state_mismatch(drv, r->bssid);
2395 if (r->flags & WPA_SCAN_ASSOCIATED) {
2396 wpa_printf(MSG_DEBUG, "nl80211: Scan results "
2397 "indicate BSS status with " MACSTR
2400 if (drv->nlmode == NL80211_IFTYPE_STATION &&
2402 wpa_printf(MSG_DEBUG, "nl80211: Local state "
2403 "(not associated) does not match "
2405 clear_state_mismatch(drv, r->bssid);
2406 } else if (drv->nlmode == NL80211_IFTYPE_STATION &&
2407 os_memcmp(drv->bssid, r->bssid, ETH_ALEN) !=
2409 wpa_printf(MSG_DEBUG, "nl80211: Local state "
2410 "(associated with " MACSTR ") does "
2411 "not match with BSS state",
2412 MAC2STR(drv->bssid));
2413 clear_state_mismatch(drv, r->bssid);
2414 clear_state_mismatch(drv, drv->bssid);
2421 static void wpa_scan_results_free(struct wpa_scan_results *res)
2428 for (i = 0; i < res->num; i++)
2429 os_free(res->res[i]);
2435 static struct wpa_scan_results *
2436 nl80211_get_scan_results(struct wpa_driver_nl80211_data *drv)
2439 struct wpa_scan_results *res;
2441 struct nl80211_bss_info_arg arg;
2443 res = os_zalloc(sizeof(*res));
2446 msg = nlmsg_alloc();
2448 goto nla_put_failure;
2450 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, NLM_F_DUMP,
2451 NL80211_CMD_GET_SCAN, 0);
2452 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
2456 ret = send_and_recv_msgs(drv, msg, bss_info_handler, &arg);
2459 wpa_printf(MSG_DEBUG, "Received scan results (%lu BSSes)",
2460 (unsigned long) res->num);
2463 wpa_printf(MSG_DEBUG, "nl80211: Scan result fetch failed: ret=%d "
2464 "(%s)", ret, strerror(-ret));
2467 wpa_scan_results_free(res);
2473 * wpa_driver_nl80211_get_scan_results - Fetch the latest scan results
2474 * @priv: Pointer to private wext data from wpa_driver_nl80211_init()
2475 * Returns: Scan results on success, -1 on failure
2477 static struct wpa_scan_results *
2478 wpa_driver_nl80211_get_scan_results(void *priv)
2480 struct i802_bss *bss = priv;
2481 struct wpa_driver_nl80211_data *drv = bss->drv;
2482 struct wpa_scan_results *res;
2484 res = nl80211_get_scan_results(drv);
2486 wpa_driver_nl80211_check_bss_status(drv, res);
2491 static void nl80211_dump_scan(struct wpa_driver_nl80211_data *drv)
2493 struct wpa_scan_results *res;
2496 res = nl80211_get_scan_results(drv);
2498 wpa_printf(MSG_DEBUG, "nl80211: Failed to get scan results");
2502 wpa_printf(MSG_DEBUG, "nl80211: Scan result dump");
2503 for (i = 0; i < res->num; i++) {
2504 struct wpa_scan_res *r = res->res[i];
2505 wpa_printf(MSG_DEBUG, "nl80211: %d/%d " MACSTR "%s%s",
2506 (int) i, (int) res->num, MAC2STR(r->bssid),
2507 r->flags & WPA_SCAN_AUTHENTICATED ? " [auth]" : "",
2508 r->flags & WPA_SCAN_ASSOCIATED ? " [assoc]" : "");
2511 wpa_scan_results_free(res);
2515 static int wpa_driver_nl80211_set_key(const char *ifname, void *priv,
2516 enum wpa_alg alg, const u8 *addr,
2517 int key_idx, int set_tx,
2518 const u8 *seq, size_t seq_len,
2519 const u8 *key, size_t key_len)
2521 struct i802_bss *bss = priv;
2522 struct wpa_driver_nl80211_data *drv = bss->drv;
2523 int ifindex = if_nametoindex(ifname);
2527 wpa_printf(MSG_DEBUG, "%s: ifindex=%d alg=%d addr=%p key_idx=%d "
2528 "set_tx=%d seq_len=%lu key_len=%lu",
2529 __func__, ifindex, alg, addr, key_idx, set_tx,
2530 (unsigned long) seq_len, (unsigned long) key_len);
2532 msg = nlmsg_alloc();
2536 if (alg == WPA_ALG_NONE) {
2537 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
2538 0, NL80211_CMD_DEL_KEY, 0);
2540 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
2541 0, NL80211_CMD_NEW_KEY, 0);
2542 NLA_PUT(msg, NL80211_ATTR_KEY_DATA, key_len, key);
2546 NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
2547 WLAN_CIPHER_SUITE_WEP40);
2549 NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
2550 WLAN_CIPHER_SUITE_WEP104);
2553 NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
2554 WLAN_CIPHER_SUITE_TKIP);
2557 NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
2558 WLAN_CIPHER_SUITE_CCMP);
2561 NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
2562 WLAN_CIPHER_SUITE_AES_CMAC);
2565 wpa_printf(MSG_ERROR, "%s: Unsupported encryption "
2566 "algorithm %d", __func__, alg);
2573 NLA_PUT(msg, NL80211_ATTR_KEY_SEQ, seq_len, seq);
2575 if (addr && os_memcmp(addr, "\xff\xff\xff\xff\xff\xff", ETH_ALEN) != 0)
2577 wpa_printf(MSG_DEBUG, " addr=" MACSTR, MAC2STR(addr));
2578 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
2580 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, key_idx);
2581 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifindex);
2583 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
2584 if ((ret == -ENOENT || ret == -ENOLINK) && alg == WPA_ALG_NONE)
2587 wpa_printf(MSG_DEBUG, "nl80211: set_key failed; err=%d %s)",
2588 ret, strerror(-ret));
2591 * If we failed or don't need to set the default TX key (below),
2594 if (ret || !set_tx || alg == WPA_ALG_NONE)
2600 if (drv->nlmode == NL80211_IFTYPE_AP && addr)
2602 #endif /* HOSTAPD */
2604 msg = nlmsg_alloc();
2608 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
2609 0, NL80211_CMD_SET_KEY, 0);
2610 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, key_idx);
2611 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifindex);
2612 if (alg == WPA_ALG_IGTK)
2613 NLA_PUT_FLAG(msg, NL80211_ATTR_KEY_DEFAULT_MGMT);
2615 NLA_PUT_FLAG(msg, NL80211_ATTR_KEY_DEFAULT);
2617 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
2621 wpa_printf(MSG_DEBUG, "nl80211: set_key default failed; "
2622 "err=%d %s)", ret, strerror(-ret));
2630 static int nl_add_key(struct nl_msg *msg, enum wpa_alg alg,
2631 int key_idx, int defkey,
2632 const u8 *seq, size_t seq_len,
2633 const u8 *key, size_t key_len)
2635 struct nlattr *key_attr = nla_nest_start(msg, NL80211_ATTR_KEY);
2639 if (defkey && alg == WPA_ALG_IGTK)
2640 NLA_PUT_FLAG(msg, NL80211_KEY_DEFAULT_MGMT);
2642 NLA_PUT_FLAG(msg, NL80211_KEY_DEFAULT);
2644 NLA_PUT_U8(msg, NL80211_KEY_IDX, key_idx);
2649 NLA_PUT_U32(msg, NL80211_KEY_CIPHER,
2650 WLAN_CIPHER_SUITE_WEP40);
2652 NLA_PUT_U32(msg, NL80211_KEY_CIPHER,
2653 WLAN_CIPHER_SUITE_WEP104);
2656 NLA_PUT_U32(msg, NL80211_KEY_CIPHER, WLAN_CIPHER_SUITE_TKIP);
2659 NLA_PUT_U32(msg, NL80211_KEY_CIPHER, WLAN_CIPHER_SUITE_CCMP);
2662 NLA_PUT_U32(msg, NL80211_KEY_CIPHER,
2663 WLAN_CIPHER_SUITE_AES_CMAC);
2666 wpa_printf(MSG_ERROR, "%s: Unsupported encryption "
2667 "algorithm %d", __func__, alg);
2672 NLA_PUT(msg, NL80211_KEY_SEQ, seq_len, seq);
2674 NLA_PUT(msg, NL80211_KEY_DATA, key_len, key);
2676 nla_nest_end(msg, key_attr);
2684 static int nl80211_set_conn_keys(struct wpa_driver_associate_params *params,
2688 struct nlattr *nl_keys, *nl_key;
2690 for (i = 0; i < 4; i++) {
2691 if (!params->wep_key[i])
2696 if (params->wps == WPS_MODE_PRIVACY)
2698 if (params->pairwise_suite &&
2699 params->pairwise_suite != WPA_CIPHER_NONE)
2705 NLA_PUT_FLAG(msg, NL80211_ATTR_PRIVACY);
2707 nl_keys = nla_nest_start(msg, NL80211_ATTR_KEYS);
2709 goto nla_put_failure;
2711 for (i = 0; i < 4; i++) {
2712 if (!params->wep_key[i])
2715 nl_key = nla_nest_start(msg, i);
2717 goto nla_put_failure;
2719 NLA_PUT(msg, NL80211_KEY_DATA, params->wep_key_len[i],
2720 params->wep_key[i]);
2721 if (params->wep_key_len[i] == 5)
2722 NLA_PUT_U32(msg, NL80211_KEY_CIPHER,
2723 WLAN_CIPHER_SUITE_WEP40);
2725 NLA_PUT_U32(msg, NL80211_KEY_CIPHER,
2726 WLAN_CIPHER_SUITE_WEP104);
2728 NLA_PUT_U8(msg, NL80211_KEY_IDX, i);
2730 if (i == params->wep_tx_keyidx)
2731 NLA_PUT_FLAG(msg, NL80211_KEY_DEFAULT);
2733 nla_nest_end(msg, nl_key);
2735 nla_nest_end(msg, nl_keys);
2744 static int wpa_driver_nl80211_mlme(struct wpa_driver_nl80211_data *drv,
2745 const u8 *addr, int cmd, u16 reason_code,
2746 int local_state_change)
2751 msg = nlmsg_alloc();
2755 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0, cmd, 0);
2757 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
2758 NLA_PUT_U16(msg, NL80211_ATTR_REASON_CODE, reason_code);
2759 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
2760 if (local_state_change)
2761 NLA_PUT_FLAG(msg, NL80211_ATTR_LOCAL_STATE_CHANGE);
2763 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
2766 wpa_printf(MSG_DEBUG, "nl80211: MLME command failed: ret=%d "
2767 "(%s)", ret, strerror(-ret));
2768 goto nla_put_failure;
2778 static int wpa_driver_nl80211_disconnect(struct wpa_driver_nl80211_data *drv,
2779 const u8 *addr, int reason_code)
2781 wpa_printf(MSG_DEBUG, "%s(addr=" MACSTR " reason_code=%d)",
2782 __func__, MAC2STR(addr), reason_code);
2783 drv->associated = 0;
2784 return wpa_driver_nl80211_mlme(drv, addr, NL80211_CMD_DISCONNECT,
2789 static int wpa_driver_nl80211_deauthenticate(void *priv, const u8 *addr,
2792 struct i802_bss *bss = priv;
2793 struct wpa_driver_nl80211_data *drv = bss->drv;
2794 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME))
2795 return wpa_driver_nl80211_disconnect(drv, addr, reason_code);
2796 wpa_printf(MSG_DEBUG, "%s(addr=" MACSTR " reason_code=%d)",
2797 __func__, MAC2STR(addr), reason_code);
2798 drv->associated = 0;
2799 return wpa_driver_nl80211_mlme(drv, addr, NL80211_CMD_DEAUTHENTICATE,
2804 static int wpa_driver_nl80211_disassociate(void *priv, const u8 *addr,
2807 struct i802_bss *bss = priv;
2808 struct wpa_driver_nl80211_data *drv = bss->drv;
2809 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME))
2810 return wpa_driver_nl80211_disconnect(drv, addr, reason_code);
2811 wpa_printf(MSG_DEBUG, "%s", __func__);
2812 drv->associated = 0;
2813 return wpa_driver_nl80211_mlme(drv, addr, NL80211_CMD_DISASSOCIATE,
2818 static int wpa_driver_nl80211_authenticate(
2819 void *priv, struct wpa_driver_auth_params *params)
2821 struct i802_bss *bss = priv;
2822 struct wpa_driver_nl80211_data *drv = bss->drv;
2825 enum nl80211_auth_type type;
2828 drv->associated = 0;
2829 os_memset(drv->auth_bssid, 0, ETH_ALEN);
2830 /* FIX: IBSS mode */
2831 if (drv->nlmode != NL80211_IFTYPE_STATION)
2832 wpa_driver_nl80211_set_mode(priv, IEEE80211_MODE_INFRA);
2834 if (wpa_driver_nl80211_set_mode(priv, IEEE80211_MODE_INFRA) < 0)
2838 msg = nlmsg_alloc();
2842 wpa_printf(MSG_DEBUG, "nl80211: Authenticate (ifindex=%d)",
2845 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
2846 NL80211_CMD_AUTHENTICATE, 0);
2848 for (i = 0; i < 4; i++) {
2849 if (!params->wep_key[i])
2851 wpa_driver_nl80211_set_key(bss->ifname, priv, WPA_ALG_WEP,
2853 i == params->wep_tx_keyidx, NULL, 0,
2855 params->wep_key_len[i]);
2856 if (params->wep_tx_keyidx != i)
2858 if (nl_add_key(msg, WPA_ALG_WEP, i, 1, NULL, 0,
2859 params->wep_key[i], params->wep_key_len[i])) {
2865 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
2866 if (params->bssid) {
2867 wpa_printf(MSG_DEBUG, " * bssid=" MACSTR,
2868 MAC2STR(params->bssid));
2869 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid);
2872 wpa_printf(MSG_DEBUG, " * freq=%d", params->freq);
2873 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, params->freq);
2876 wpa_hexdump_ascii(MSG_DEBUG, " * SSID",
2877 params->ssid, params->ssid_len);
2878 NLA_PUT(msg, NL80211_ATTR_SSID, params->ssid_len,
2881 wpa_hexdump(MSG_DEBUG, " * IEs", params->ie, params->ie_len);
2883 NLA_PUT(msg, NL80211_ATTR_IE, params->ie_len, params->ie);
2884 if (params->auth_alg & WPA_AUTH_ALG_OPEN)
2885 type = NL80211_AUTHTYPE_OPEN_SYSTEM;
2886 else if (params->auth_alg & WPA_AUTH_ALG_SHARED)
2887 type = NL80211_AUTHTYPE_SHARED_KEY;
2888 else if (params->auth_alg & WPA_AUTH_ALG_LEAP)
2889 type = NL80211_AUTHTYPE_NETWORK_EAP;
2890 else if (params->auth_alg & WPA_AUTH_ALG_FT)
2891 type = NL80211_AUTHTYPE_FT;
2893 goto nla_put_failure;
2894 wpa_printf(MSG_DEBUG, " * Auth Type %d", type);
2895 NLA_PUT_U32(msg, NL80211_ATTR_AUTH_TYPE, type);
2896 if (params->local_state_change) {
2897 wpa_printf(MSG_DEBUG, " * Local state change only");
2898 NLA_PUT_FLAG(msg, NL80211_ATTR_LOCAL_STATE_CHANGE);
2901 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
2904 wpa_printf(MSG_DEBUG, "nl80211: MLME command failed: ret=%d "
2905 "(%s)", ret, strerror(-ret));
2907 if (ret == -EALREADY && count == 1 && params->bssid &&
2908 !params->local_state_change) {
2910 * mac80211 does not currently accept new
2911 * authentication if we are already authenticated. As a
2912 * workaround, force deauthentication and try again.
2914 wpa_printf(MSG_DEBUG, "nl80211: Retry authentication "
2915 "after forced deauthentication");
2916 wpa_driver_nl80211_deauthenticate(
2918 WLAN_REASON_PREV_AUTH_NOT_VALID);
2922 goto nla_put_failure;
2925 wpa_printf(MSG_DEBUG, "nl80211: Authentication request send "
2934 struct phy_info_arg {
2936 struct hostapd_hw_modes *modes;
2939 static int phy_info_handler(struct nl_msg *msg, void *arg)
2941 struct nlattr *tb_msg[NL80211_ATTR_MAX + 1];
2942 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
2943 struct phy_info_arg *phy_info = arg;
2945 struct nlattr *tb_band[NL80211_BAND_ATTR_MAX + 1];
2947 struct nlattr *tb_freq[NL80211_FREQUENCY_ATTR_MAX + 1];
2948 static struct nla_policy freq_policy[NL80211_FREQUENCY_ATTR_MAX + 1] = {
2949 [NL80211_FREQUENCY_ATTR_FREQ] = { .type = NLA_U32 },
2950 [NL80211_FREQUENCY_ATTR_DISABLED] = { .type = NLA_FLAG },
2951 [NL80211_FREQUENCY_ATTR_PASSIVE_SCAN] = { .type = NLA_FLAG },
2952 [NL80211_FREQUENCY_ATTR_NO_IBSS] = { .type = NLA_FLAG },
2953 [NL80211_FREQUENCY_ATTR_RADAR] = { .type = NLA_FLAG },
2954 [NL80211_FREQUENCY_ATTR_MAX_TX_POWER] = { .type = NLA_U32 },
2957 struct nlattr *tb_rate[NL80211_BITRATE_ATTR_MAX + 1];
2958 static struct nla_policy rate_policy[NL80211_BITRATE_ATTR_MAX + 1] = {
2959 [NL80211_BITRATE_ATTR_RATE] = { .type = NLA_U32 },
2960 [NL80211_BITRATE_ATTR_2GHZ_SHORTPREAMBLE] = { .type = NLA_FLAG },
2963 struct nlattr *nl_band;
2964 struct nlattr *nl_freq;
2965 struct nlattr *nl_rate;
2966 int rem_band, rem_freq, rem_rate;
2967 struct hostapd_hw_modes *mode;
2968 int idx, mode_is_set;
2970 nla_parse(tb_msg, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
2971 genlmsg_attrlen(gnlh, 0), NULL);
2973 if (!tb_msg[NL80211_ATTR_WIPHY_BANDS])
2976 nla_for_each_nested(nl_band, tb_msg[NL80211_ATTR_WIPHY_BANDS], rem_band) {
2977 mode = os_realloc(phy_info->modes, (*phy_info->num_modes + 1) * sizeof(*mode));
2980 phy_info->modes = mode;
2984 mode = &phy_info->modes[*(phy_info->num_modes)];
2985 memset(mode, 0, sizeof(*mode));
2986 *(phy_info->num_modes) += 1;
2988 nla_parse(tb_band, NL80211_BAND_ATTR_MAX, nla_data(nl_band),
2989 nla_len(nl_band), NULL);
2991 if (tb_band[NL80211_BAND_ATTR_HT_CAPA]) {
2992 mode->ht_capab = nla_get_u16(
2993 tb_band[NL80211_BAND_ATTR_HT_CAPA]);
2996 if (tb_band[NL80211_BAND_ATTR_HT_AMPDU_FACTOR]) {
2997 mode->a_mpdu_params |= nla_get_u8(
2998 tb_band[NL80211_BAND_ATTR_HT_AMPDU_FACTOR]) &
3002 if (tb_band[NL80211_BAND_ATTR_HT_AMPDU_DENSITY]) {
3003 mode->a_mpdu_params |= nla_get_u8(
3004 tb_band[NL80211_BAND_ATTR_HT_AMPDU_DENSITY]) <<
3008 if (tb_band[NL80211_BAND_ATTR_HT_MCS_SET] &&
3009 nla_len(tb_band[NL80211_BAND_ATTR_HT_MCS_SET])) {
3011 mcs = nla_data(tb_band[NL80211_BAND_ATTR_HT_MCS_SET]);
3012 os_memcpy(mode->mcs_set, mcs, 16);
3015 nla_for_each_nested(nl_freq, tb_band[NL80211_BAND_ATTR_FREQS], rem_freq) {
3016 nla_parse(tb_freq, NL80211_FREQUENCY_ATTR_MAX, nla_data(nl_freq),
3017 nla_len(nl_freq), freq_policy);
3018 if (!tb_freq[NL80211_FREQUENCY_ATTR_FREQ])
3020 mode->num_channels++;
3023 mode->channels = os_zalloc(mode->num_channels * sizeof(struct hostapd_channel_data));
3024 if (!mode->channels)
3029 nla_for_each_nested(nl_freq, tb_band[NL80211_BAND_ATTR_FREQS], rem_freq) {
3030 nla_parse(tb_freq, NL80211_FREQUENCY_ATTR_MAX, nla_data(nl_freq),
3031 nla_len(nl_freq), freq_policy);
3032 if (!tb_freq[NL80211_FREQUENCY_ATTR_FREQ])
3035 mode->channels[idx].freq = nla_get_u32(tb_freq[NL80211_FREQUENCY_ATTR_FREQ]);
3036 mode->channels[idx].flag = 0;
3039 /* crude heuristic */
3040 if (mode->channels[idx].freq < 4000)
3041 mode->mode = HOSTAPD_MODE_IEEE80211B;
3043 mode->mode = HOSTAPD_MODE_IEEE80211A;
3047 /* crude heuristic */
3048 if (mode->channels[idx].freq < 4000)
3049 if (mode->channels[idx].freq == 2484)
3050 mode->channels[idx].chan = 14;
3052 mode->channels[idx].chan = (mode->channels[idx].freq - 2407) / 5;
3054 mode->channels[idx].chan = mode->channels[idx].freq/5 - 1000;
3056 if (tb_freq[NL80211_FREQUENCY_ATTR_DISABLED])
3057 mode->channels[idx].flag |=
3058 HOSTAPD_CHAN_DISABLED;
3059 if (tb_freq[NL80211_FREQUENCY_ATTR_PASSIVE_SCAN])
3060 mode->channels[idx].flag |=
3061 HOSTAPD_CHAN_PASSIVE_SCAN;
3062 if (tb_freq[NL80211_FREQUENCY_ATTR_NO_IBSS])
3063 mode->channels[idx].flag |=
3064 HOSTAPD_CHAN_NO_IBSS;
3065 if (tb_freq[NL80211_FREQUENCY_ATTR_RADAR])
3066 mode->channels[idx].flag |=
3069 if (tb_freq[NL80211_FREQUENCY_ATTR_MAX_TX_POWER] &&
3070 !tb_freq[NL80211_FREQUENCY_ATTR_DISABLED])
3071 mode->channels[idx].max_tx_power =
3072 nla_get_u32(tb_freq[NL80211_FREQUENCY_ATTR_MAX_TX_POWER]) / 100;
3077 nla_for_each_nested(nl_rate, tb_band[NL80211_BAND_ATTR_RATES], rem_rate) {
3078 nla_parse(tb_rate, NL80211_BITRATE_ATTR_MAX, nla_data(nl_rate),
3079 nla_len(nl_rate), rate_policy);
3080 if (!tb_rate[NL80211_BITRATE_ATTR_RATE])
3085 mode->rates = os_zalloc(mode->num_rates * sizeof(int));
3091 nla_for_each_nested(nl_rate, tb_band[NL80211_BAND_ATTR_RATES], rem_rate) {
3092 nla_parse(tb_rate, NL80211_BITRATE_ATTR_MAX, nla_data(nl_rate),
3093 nla_len(nl_rate), rate_policy);
3094 if (!tb_rate[NL80211_BITRATE_ATTR_RATE])
3096 mode->rates[idx] = nla_get_u32(tb_rate[NL80211_BITRATE_ATTR_RATE]);
3098 /* crude heuristic */
3099 if (mode->mode == HOSTAPD_MODE_IEEE80211B &&
3100 mode->rates[idx] > 200)
3101 mode->mode = HOSTAPD_MODE_IEEE80211G;
3110 static struct hostapd_hw_modes *
3111 wpa_driver_nl80211_add_11b(struct hostapd_hw_modes *modes, u16 *num_modes)
3114 struct hostapd_hw_modes *mode11g = NULL, *nmodes, *mode;
3115 int i, mode11g_idx = -1;
3117 /* If only 802.11g mode is included, use it to construct matching
3118 * 802.11b mode data. */
3120 for (m = 0; m < *num_modes; m++) {
3121 if (modes[m].mode == HOSTAPD_MODE_IEEE80211B)
3122 return modes; /* 802.11b already included */
3123 if (modes[m].mode == HOSTAPD_MODE_IEEE80211G)
3127 if (mode11g_idx < 0)
3128 return modes; /* 2.4 GHz band not supported at all */
3130 nmodes = os_realloc(modes, (*num_modes + 1) * sizeof(*nmodes));
3132 return modes; /* Could not add 802.11b mode */
3134 mode = &nmodes[*num_modes];
3135 os_memset(mode, 0, sizeof(*mode));
3139 mode->mode = HOSTAPD_MODE_IEEE80211B;
3141 mode11g = &modes[mode11g_idx];
3142 mode->num_channels = mode11g->num_channels;
3143 mode->channels = os_malloc(mode11g->num_channels *
3144 sizeof(struct hostapd_channel_data));
3145 if (mode->channels == NULL) {
3147 return modes; /* Could not add 802.11b mode */
3149 os_memcpy(mode->channels, mode11g->channels,
3150 mode11g->num_channels * sizeof(struct hostapd_channel_data));
3152 mode->num_rates = 0;
3153 mode->rates = os_malloc(4 * sizeof(int));
3154 if (mode->rates == NULL) {
3155 os_free(mode->channels);
3157 return modes; /* Could not add 802.11b mode */
3160 for (i = 0; i < mode11g->num_rates; i++) {
3161 if (mode11g->rates[i] != 10 && mode11g->rates[i] != 20 &&
3162 mode11g->rates[i] != 55 && mode11g->rates[i] != 110)
3164 mode->rates[mode->num_rates] = mode11g->rates[i];
3166 if (mode->num_rates == 4)
3170 if (mode->num_rates == 0) {
3171 os_free(mode->channels);
3172 os_free(mode->rates);
3174 return modes; /* No 802.11b rates */
3177 wpa_printf(MSG_DEBUG, "nl80211: Added 802.11b mode based on 802.11g "
3184 static void nl80211_set_ht40_mode(struct hostapd_hw_modes *mode, int start,
3189 for (c = 0; c < mode->num_channels; c++) {
3190 struct hostapd_channel_data *chan = &mode->channels[c];
3191 if (chan->freq - 10 >= start && chan->freq + 10 <= end)
3192 chan->flag |= HOSTAPD_CHAN_HT40;
3197 static void nl80211_set_ht40_mode_sec(struct hostapd_hw_modes *mode, int start,
3202 for (c = 0; c < mode->num_channels; c++) {
3203 struct hostapd_channel_data *chan = &mode->channels[c];
3204 if (!(chan->flag & HOSTAPD_CHAN_HT40))
3206 if (chan->freq - 30 >= start && chan->freq - 10 <= end)
3207 chan->flag |= HOSTAPD_CHAN_HT40MINUS;
3208 if (chan->freq + 10 >= start && chan->freq + 30 <= end)
3209 chan->flag |= HOSTAPD_CHAN_HT40PLUS;
3214 static void nl80211_reg_rule_ht40(struct nlattr *tb[],
3215 struct phy_info_arg *results)
3217 u32 start, end, max_bw;
3220 if (tb[NL80211_ATTR_FREQ_RANGE_START] == NULL ||
3221 tb[NL80211_ATTR_FREQ_RANGE_END] == NULL ||
3222 tb[NL80211_ATTR_FREQ_RANGE_MAX_BW] == NULL)
3225 start = nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_START]) / 1000;
3226 end = nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_END]) / 1000;
3227 max_bw = nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_MAX_BW]) / 1000;
3229 wpa_printf(MSG_DEBUG, "nl80211: %u-%u @ %u MHz",
3230 start, end, max_bw);
3234 for (m = 0; m < *results->num_modes; m++) {
3235 if (!(results->modes[m].ht_capab &
3236 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET))
3238 nl80211_set_ht40_mode(&results->modes[m], start, end);
3243 static void nl80211_reg_rule_sec(struct nlattr *tb[],
3244 struct phy_info_arg *results)
3246 u32 start, end, max_bw;
3249 if (tb[NL80211_ATTR_FREQ_RANGE_START] == NULL ||
3250 tb[NL80211_ATTR_FREQ_RANGE_END] == NULL ||
3251 tb[NL80211_ATTR_FREQ_RANGE_MAX_BW] == NULL)
3254 start = nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_START]) / 1000;
3255 end = nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_END]) / 1000;
3256 max_bw = nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_MAX_BW]) / 1000;
3261 for (m = 0; m < *results->num_modes; m++) {
3262 if (!(results->modes[m].ht_capab &
3263 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET))
3265 nl80211_set_ht40_mode_sec(&results->modes[m], start, end);
3270 static int nl80211_get_reg(struct nl_msg *msg, void *arg)
3272 struct phy_info_arg *results = arg;
3273 struct nlattr *tb_msg[NL80211_ATTR_MAX + 1];
3274 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
3275 struct nlattr *nl_rule;
3276 struct nlattr *tb_rule[NL80211_FREQUENCY_ATTR_MAX + 1];
3278 static struct nla_policy reg_policy[NL80211_FREQUENCY_ATTR_MAX + 1] = {
3279 [NL80211_ATTR_REG_RULE_FLAGS] = { .type = NLA_U32 },
3280 [NL80211_ATTR_FREQ_RANGE_START] = { .type = NLA_U32 },
3281 [NL80211_ATTR_FREQ_RANGE_END] = { .type = NLA_U32 },
3282 [NL80211_ATTR_FREQ_RANGE_MAX_BW] = { .type = NLA_U32 },
3283 [NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN] = { .type = NLA_U32 },
3284 [NL80211_ATTR_POWER_RULE_MAX_EIRP] = { .type = NLA_U32 },
3287 nla_parse(tb_msg, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
3288 genlmsg_attrlen(gnlh, 0), NULL);
3289 if (!tb_msg[NL80211_ATTR_REG_ALPHA2] ||
3290 !tb_msg[NL80211_ATTR_REG_RULES]) {
3291 wpa_printf(MSG_DEBUG, "nl80211: No regulatory information "
3296 wpa_printf(MSG_DEBUG, "nl80211: Regulatory information - country=%s",
3297 (char *) nla_data(tb_msg[NL80211_ATTR_REG_ALPHA2]));
3299 nla_for_each_nested(nl_rule, tb_msg[NL80211_ATTR_REG_RULES], rem_rule)
3301 nla_parse(tb_rule, NL80211_FREQUENCY_ATTR_MAX,
3302 nla_data(nl_rule), nla_len(nl_rule), reg_policy);
3303 nl80211_reg_rule_ht40(tb_rule, results);
3306 nla_for_each_nested(nl_rule, tb_msg[NL80211_ATTR_REG_RULES], rem_rule)
3308 nla_parse(tb_rule, NL80211_FREQUENCY_ATTR_MAX,
3309 nla_data(nl_rule), nla_len(nl_rule), reg_policy);
3310 nl80211_reg_rule_sec(tb_rule, results);
3317 static int nl80211_set_ht40_flags(struct wpa_driver_nl80211_data *drv,
3318 struct phy_info_arg *results)
3322 msg = nlmsg_alloc();
3326 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
3327 0, NL80211_CMD_GET_REG, 0);
3328 return send_and_recv_msgs(drv, msg, nl80211_get_reg, results);
3332 static struct hostapd_hw_modes *
3333 wpa_driver_nl80211_get_hw_feature_data(void *priv, u16 *num_modes, u16 *flags)
3335 struct i802_bss *bss = priv;
3336 struct wpa_driver_nl80211_data *drv = bss->drv;
3338 struct phy_info_arg result = {
3339 .num_modes = num_modes,
3346 msg = nlmsg_alloc();
3350 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
3351 0, NL80211_CMD_GET_WIPHY, 0);
3353 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
3355 if (send_and_recv_msgs(drv, msg, phy_info_handler, &result) == 0) {
3356 nl80211_set_ht40_flags(drv, &result);
3357 return wpa_driver_nl80211_add_11b(result.modes, num_modes);
3364 static int wpa_driver_nl80211_send_frame(struct wpa_driver_nl80211_data *drv,
3365 const void *data, size_t len,
3369 0x00, 0x00, /* radiotap version */
3370 0x0e, 0x00, /* radiotap length */
3371 0x02, 0xc0, 0x00, 0x00, /* bmap: flags, tx and rx flags */
3372 IEEE80211_RADIOTAP_F_FRAG, /* F_FRAG (fragment if required) */
3374 0x00, 0x00, /* RX and TX flags to indicate that */
3375 0x00, 0x00, /* this is the injected frame directly */
3377 struct iovec iov[2] = {
3379 .iov_base = &rtap_hdr,
3380 .iov_len = sizeof(rtap_hdr),
3383 .iov_base = (void *) data,
3387 struct msghdr msg = {
3392 .msg_control = NULL,
3393 .msg_controllen = 0,
3399 rtap_hdr[8] |= IEEE80211_RADIOTAP_F_WEP;
3401 res = sendmsg(drv->monitor_sock, &msg, 0);
3403 wpa_printf(MSG_INFO, "nl80211: sendmsg: %s", strerror(errno));
3410 static int wpa_driver_nl80211_send_mlme(void *priv, const u8 *data,
3413 struct i802_bss *bss = priv;
3414 struct wpa_driver_nl80211_data *drv = bss->drv;
3415 struct ieee80211_mgmt *mgmt;
3419 mgmt = (struct ieee80211_mgmt *) data;
3420 fc = le_to_host16(mgmt->frame_control);
3422 if (drv->nlmode == NL80211_IFTYPE_STATION &&
3423 WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT &&
3424 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_PROBE_RESP) {
3426 * The use of last_mgmt_freq is a bit of a hack,
3427 * but it works due to the single-threaded nature
3428 * of wpa_supplicant.
3430 return nl80211_send_frame_cmd(drv, drv->last_mgmt_freq,
3431 data, data_len, NULL);
3434 if (WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT &&
3435 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_AUTH) {
3437 * Only one of the authentication frame types is encrypted.
3438 * In order for static WEP encryption to work properly (i.e.,
3439 * to not encrypt the frame), we need to tell mac80211 about
3440 * the frames that must not be encrypted.
3442 u16 auth_alg = le_to_host16(mgmt->u.auth.auth_alg);
3443 u16 auth_trans = le_to_host16(mgmt->u.auth.auth_transaction);
3444 if (auth_alg != WLAN_AUTH_SHARED_KEY || auth_trans != 3)
3448 return wpa_driver_nl80211_send_frame(drv, data, data_len, encrypt);
3452 static int wpa_driver_nl80211_set_beacon(void *priv,
3453 const u8 *head, size_t head_len,
3454 const u8 *tail, size_t tail_len,
3455 int dtim_period, int beacon_int)
3457 struct i802_bss *bss = priv;
3458 struct wpa_driver_nl80211_data *drv = bss->drv;
3460 u8 cmd = NL80211_CMD_NEW_BEACON;
3463 int ifindex = if_nametoindex(bss->ifname);
3465 beacon_set = bss->beacon_set;
3467 msg = nlmsg_alloc();
3471 wpa_printf(MSG_DEBUG, "nl80211: Set beacon (beacon_set=%d)",
3474 cmd = NL80211_CMD_SET_BEACON;
3476 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
3478 NLA_PUT(msg, NL80211_ATTR_BEACON_HEAD, head_len, head);
3479 NLA_PUT(msg, NL80211_ATTR_BEACON_TAIL, tail_len, tail);
3480 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifindex);
3481 NLA_PUT_U32(msg, NL80211_ATTR_BEACON_INTERVAL, beacon_int);
3482 NLA_PUT_U32(msg, NL80211_ATTR_DTIM_PERIOD, dtim_period);
3484 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
3486 wpa_printf(MSG_DEBUG, "nl80211: Beacon set failed: %d (%s)",
3487 ret, strerror(-ret));
3489 bss->beacon_set = 1;
3497 static int wpa_driver_nl80211_set_freq(struct wpa_driver_nl80211_data *drv,
3498 int freq, int ht_enabled,
3499 int sec_channel_offset)
3504 msg = nlmsg_alloc();
3508 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
3509 NL80211_CMD_SET_WIPHY, 0);
3511 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
3512 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, freq);
3514 switch (sec_channel_offset) {
3516 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE,
3517 NL80211_CHAN_HT40MINUS);
3520 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE,
3521 NL80211_CHAN_HT40PLUS);
3524 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE,
3530 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
3533 wpa_printf(MSG_DEBUG, "nl80211: Failed to set channel (freq=%d): "
3534 "%d (%s)", freq, ret, strerror(-ret));
3540 static int wpa_driver_nl80211_sta_add(void *priv,
3541 struct hostapd_sta_add_params *params)
3543 struct i802_bss *bss = priv;
3544 struct wpa_driver_nl80211_data *drv = bss->drv;
3548 msg = nlmsg_alloc();
3552 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
3553 0, NL80211_CMD_NEW_STATION, 0);
3555 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(bss->ifname));
3556 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, params->addr);
3557 NLA_PUT_U16(msg, NL80211_ATTR_STA_AID, params->aid);
3558 NLA_PUT(msg, NL80211_ATTR_STA_SUPPORTED_RATES, params->supp_rates_len,
3559 params->supp_rates);
3560 NLA_PUT_U16(msg, NL80211_ATTR_STA_LISTEN_INTERVAL,
3561 params->listen_interval);
3562 if (params->ht_capabilities) {
3563 NLA_PUT(msg, NL80211_ATTR_HT_CAPABILITY,
3564 sizeof(*params->ht_capabilities),
3565 params->ht_capabilities);
3568 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
3570 wpa_printf(MSG_DEBUG, "nl80211: NL80211_CMD_NEW_STATION "
3571 "result: %d (%s)", ret, strerror(-ret));
3579 static int wpa_driver_nl80211_sta_remove(void *priv, const u8 *addr)
3581 struct i802_bss *bss = priv;
3582 struct wpa_driver_nl80211_data *drv = bss->drv;
3586 msg = nlmsg_alloc();
3590 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
3591 0, NL80211_CMD_DEL_STATION, 0);
3593 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
3594 if_nametoindex(bss->ifname));
3595 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
3597 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
3606 static void nl80211_remove_iface(struct wpa_driver_nl80211_data *drv,
3611 wpa_printf(MSG_DEBUG, "nl80211: Remove interface ifindex=%d", ifidx);
3614 /* stop listening for EAPOL on this interface */
3615 del_ifidx(drv, ifidx);
3616 #endif /* HOSTAPD */
3618 msg = nlmsg_alloc();
3620 goto nla_put_failure;
3622 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
3623 0, NL80211_CMD_DEL_INTERFACE, 0);
3624 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifidx);
3626 if (send_and_recv_msgs(drv, msg, NULL, NULL) == 0)
3629 wpa_printf(MSG_ERROR, "Failed to remove interface (ifidx=%d)", ifidx);
3633 static int nl80211_create_iface_once(struct wpa_driver_nl80211_data *drv,
3635 enum nl80211_iftype iftype,
3636 const u8 *addr, int wds)
3638 struct nl_msg *msg, *flags = NULL;
3642 msg = nlmsg_alloc();
3646 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
3647 0, NL80211_CMD_NEW_INTERFACE, 0);
3648 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
3649 NLA_PUT_STRING(msg, NL80211_ATTR_IFNAME, ifname);
3650 NLA_PUT_U32(msg, NL80211_ATTR_IFTYPE, iftype);
3652 if (iftype == NL80211_IFTYPE_MONITOR) {
3655 flags = nlmsg_alloc();
3657 goto nla_put_failure;
3659 NLA_PUT_FLAG(flags, NL80211_MNTR_FLAG_COOK_FRAMES);
3661 err = nla_put_nested(msg, NL80211_ATTR_MNTR_FLAGS, flags);
3666 goto nla_put_failure;
3668 NLA_PUT_U8(msg, NL80211_ATTR_4ADDR, wds);
3671 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
3674 wpa_printf(MSG_ERROR, "Failed to create interface %s: %d (%s)",
3675 ifname, ret, strerror(-ret));
3679 ifidx = if_nametoindex(ifname);
3680 wpa_printf(MSG_DEBUG, "nl80211: New interface %s created: ifindex=%d",
3687 /* start listening for EAPOL on this interface */
3688 add_ifidx(drv, ifidx);
3689 #endif /* HOSTAPD */
3691 if (addr && iftype != NL80211_IFTYPE_MONITOR &&
3692 linux_set_ifhwaddr(drv->ioctl_sock, ifname, addr)) {
3693 nl80211_remove_iface(drv, ifidx);
3701 static int nl80211_create_iface(struct wpa_driver_nl80211_data *drv,
3702 const char *ifname, enum nl80211_iftype iftype,
3703 const u8 *addr, int wds)
3707 ret = nl80211_create_iface_once(drv, ifname, iftype, addr, wds);
3709 /* if error occured and interface exists already */
3710 if (ret == -ENFILE && if_nametoindex(ifname)) {
3711 wpa_printf(MSG_INFO, "Try to remove and re-create %s", ifname);
3713 /* Try to remove the interface that was already there. */
3714 nl80211_remove_iface(drv, if_nametoindex(ifname));
3716 /* Try to create the interface again */
3717 ret = nl80211_create_iface_once(drv, ifname, iftype, addr,
3721 if (ret >= 0 && drv->disable_11b_rates)
3722 nl80211_disable_11b_rates(drv, ret, 1);
3728 static void handle_tx_callback(void *ctx, u8 *buf, size_t len, int ok)
3730 struct ieee80211_hdr *hdr;
3732 union wpa_event_data event;
3734 hdr = (struct ieee80211_hdr *) buf;
3735 fc = le_to_host16(hdr->frame_control);
3737 os_memset(&event, 0, sizeof(event));
3738 event.tx_status.type = WLAN_FC_GET_TYPE(fc);
3739 event.tx_status.stype = WLAN_FC_GET_STYPE(fc);
3740 event.tx_status.dst = hdr->addr1;
3741 event.tx_status.data = buf;
3742 event.tx_status.data_len = len;
3743 event.tx_status.ack = ok;
3744 wpa_supplicant_event(ctx, EVENT_TX_STATUS, &event);
3748 static void from_unknown_sta(struct wpa_driver_nl80211_data *drv,
3749 u8 *buf, size_t len)
3751 union wpa_event_data event;
3752 os_memset(&event, 0, sizeof(event));
3753 event.rx_from_unknown.frame = buf;
3754 event.rx_from_unknown.len = len;
3755 wpa_supplicant_event(drv->ctx, EVENT_RX_FROM_UNKNOWN, &event);
3759 static void handle_frame(struct wpa_driver_nl80211_data *drv,
3760 u8 *buf, size_t len, int datarate, int ssi_signal)
3762 struct ieee80211_hdr *hdr;
3764 union wpa_event_data event;
3766 hdr = (struct ieee80211_hdr *) buf;
3767 fc = le_to_host16(hdr->frame_control);
3769 switch (WLAN_FC_GET_TYPE(fc)) {
3770 case WLAN_FC_TYPE_MGMT:
3771 os_memset(&event, 0, sizeof(event));
3772 event.rx_mgmt.frame = buf;
3773 event.rx_mgmt.frame_len = len;
3774 event.rx_mgmt.datarate = datarate;
3775 event.rx_mgmt.ssi_signal = ssi_signal;
3776 wpa_supplicant_event(drv->ctx, EVENT_RX_MGMT, &event);
3778 case WLAN_FC_TYPE_CTRL:
3779 /* can only get here with PS-Poll frames */
3780 wpa_printf(MSG_DEBUG, "CTRL");
3781 from_unknown_sta(drv, buf, len);
3783 case WLAN_FC_TYPE_DATA:
3784 from_unknown_sta(drv, buf, len);
3790 static void handle_monitor_read(int sock, void *eloop_ctx, void *sock_ctx)
3792 struct wpa_driver_nl80211_data *drv = eloop_ctx;
3794 unsigned char buf[3000];
3795 struct ieee80211_radiotap_iterator iter;
3797 int datarate = 0, ssi_signal = 0;
3798 int injected = 0, failed = 0, rxflags = 0;
3800 len = recv(sock, buf, sizeof(buf), 0);
3806 if (ieee80211_radiotap_iterator_init(&iter, (void*)buf, len)) {
3807 printf("received invalid radiotap frame\n");
3812 ret = ieee80211_radiotap_iterator_next(&iter);
3816 printf("received invalid radiotap frame (%d)\n", ret);
3819 switch (iter.this_arg_index) {
3820 case IEEE80211_RADIOTAP_FLAGS:
3821 if (*iter.this_arg & IEEE80211_RADIOTAP_F_FCS)
3824 case IEEE80211_RADIOTAP_RX_FLAGS:
3827 case IEEE80211_RADIOTAP_TX_FLAGS:
3829 failed = le_to_host16((*(uint16_t *) iter.this_arg)) &
3830 IEEE80211_RADIOTAP_F_TX_FAIL;
3832 case IEEE80211_RADIOTAP_DATA_RETRIES:
3834 case IEEE80211_RADIOTAP_CHANNEL:
3835 /* TODO: convert from freq/flags to channel number */
3837 case IEEE80211_RADIOTAP_RATE:
3838 datarate = *iter.this_arg * 5;
3840 case IEEE80211_RADIOTAP_DB_ANTSIGNAL:
3841 ssi_signal = *iter.this_arg;
3846 if (rxflags && injected)
3850 handle_frame(drv, buf + iter.max_length,
3851 len - iter.max_length, datarate, ssi_signal);
3853 handle_tx_callback(drv->ctx, buf + iter.max_length,
3854 len - iter.max_length, !failed);
3859 * we post-process the filter code later and rewrite
3860 * this to the offset to the last instruction
3865 static struct sock_filter msock_filter_insns[] = {
3867 * do a little-endian load of the radiotap length field
3869 /* load lower byte into A */
3870 BPF_STMT(BPF_LD | BPF_B | BPF_ABS, 2),
3871 /* put it into X (== index register) */
3872 BPF_STMT(BPF_MISC| BPF_TAX, 0),
3873 /* load upper byte into A */
3874 BPF_STMT(BPF_LD | BPF_B | BPF_ABS, 3),
3875 /* left-shift it by 8 */
3876 BPF_STMT(BPF_ALU | BPF_LSH | BPF_K, 8),
3878 BPF_STMT(BPF_ALU | BPF_OR | BPF_X, 0),
3879 /* put result into X */
3880 BPF_STMT(BPF_MISC| BPF_TAX, 0),
3883 * Allow management frames through, this also gives us those
3884 * management frames that we sent ourselves with status
3886 /* load the lower byte of the IEEE 802.11 frame control field */
3887 BPF_STMT(BPF_LD | BPF_B | BPF_IND, 0),
3888 /* mask off frame type and version */
3889 BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0xF),
3890 /* accept frame if it's both 0, fall through otherwise */
3891 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 0, PASS, 0),
3894 * TODO: add a bit to radiotap RX flags that indicates
3895 * that the sending station is not associated, then
3896 * add a filter here that filters on our DA and that flag
3897 * to allow us to deauth frames to that bad station.
3899 * For now allow all To DS data frames through.
3901 /* load the IEEE 802.11 frame control field */
3902 BPF_STMT(BPF_LD | BPF_H | BPF_IND, 0),
3903 /* mask off frame type, version and DS status */
3904 BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0x0F03),
3905 /* accept frame if version 0, type 2 and To DS, fall through otherwise
3907 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 0x0801, PASS, 0),
3911 * drop non-data frames
3913 /* load the lower byte of the frame control field */
3914 BPF_STMT(BPF_LD | BPF_B | BPF_IND, 0),
3915 /* mask off QoS bit */
3916 BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0x0c),
3917 /* drop non-data frames */
3918 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 8, 0, FAIL),
3920 /* load the upper byte of the frame control field */
3921 BPF_STMT(BPF_LD | BPF_B | BPF_IND, 1),
3922 /* mask off toDS/fromDS */
3923 BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0x03),
3924 /* accept WDS frames */
3925 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 3, PASS, 0),
3928 * add header length to index
3930 /* load the lower byte of the frame control field */
3931 BPF_STMT(BPF_LD | BPF_B | BPF_IND, 0),
3932 /* mask off QoS bit */
3933 BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0x80),
3934 /* right shift it by 6 to give 0 or 2 */
3935 BPF_STMT(BPF_ALU | BPF_RSH | BPF_K, 6),
3936 /* add data frame header length */
3937 BPF_STMT(BPF_ALU | BPF_ADD | BPF_K, 24),
3938 /* add index, was start of 802.11 header */
3939 BPF_STMT(BPF_ALU | BPF_ADD | BPF_X, 0),
3940 /* move to index, now start of LL header */
3941 BPF_STMT(BPF_MISC | BPF_TAX, 0),
3944 * Accept empty data frames, we use those for
3947 BPF_STMT(BPF_LD | BPF_W | BPF_LEN, 0),
3948 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_X, 0, PASS, 0),
3951 * Accept EAPOL frames
3953 BPF_STMT(BPF_LD | BPF_W | BPF_IND, 0),
3954 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 0xAAAA0300, 0, FAIL),
3955 BPF_STMT(BPF_LD | BPF_W | BPF_IND, 4),
3956 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 0x0000888E, PASS, FAIL),
3958 /* keep these last two statements or change the code below */
3959 /* return 0 == "DROP" */
3960 BPF_STMT(BPF_RET | BPF_K, 0),
3961 /* return ~0 == "keep all" */
3962 BPF_STMT(BPF_RET | BPF_K, ~0),
3965 static struct sock_fprog msock_filter = {
3966 .len = sizeof(msock_filter_insns)/sizeof(msock_filter_insns[0]),
3967 .filter = msock_filter_insns,
3971 static int add_monitor_filter(int s)
3975 /* rewrite all PASS/FAIL jump offsets */
3976 for (idx = 0; idx < msock_filter.len; idx++) {
3977 struct sock_filter *insn = &msock_filter_insns[idx];
3979 if (BPF_CLASS(insn->code) == BPF_JMP) {
3980 if (insn->code == (BPF_JMP|BPF_JA)) {
3981 if (insn->k == PASS)
3982 insn->k = msock_filter.len - idx - 2;
3983 else if (insn->k == FAIL)
3984 insn->k = msock_filter.len - idx - 3;
3987 if (insn->jt == PASS)
3988 insn->jt = msock_filter.len - idx - 2;
3989 else if (insn->jt == FAIL)
3990 insn->jt = msock_filter.len - idx - 3;
3992 if (insn->jf == PASS)
3993 insn->jf = msock_filter.len - idx - 2;
3994 else if (insn->jf == FAIL)
3995 insn->jf = msock_filter.len - idx - 3;
3999 if (setsockopt(s, SOL_SOCKET, SO_ATTACH_FILTER,
4000 &msock_filter, sizeof(msock_filter))) {
4001 perror("SO_ATTACH_FILTER");
4009 static void nl80211_remove_monitor_interface(
4010 struct wpa_driver_nl80211_data *drv)
4012 if (drv->monitor_ifidx >= 0) {
4013 nl80211_remove_iface(drv, drv->monitor_ifidx);
4014 drv->monitor_ifidx = -1;
4016 if (drv->monitor_sock >= 0) {
4017 eloop_unregister_read_sock(drv->monitor_sock);
4018 close(drv->monitor_sock);
4019 drv->monitor_sock = -1;
4025 nl80211_create_monitor_interface(struct wpa_driver_nl80211_data *drv)
4028 struct sockaddr_ll ll;
4032 snprintf(buf, IFNAMSIZ, "mon.%s", drv->first_bss.ifname);
4033 buf[IFNAMSIZ - 1] = '\0';
4035 drv->monitor_ifidx =
4036 nl80211_create_iface(drv, buf, NL80211_IFTYPE_MONITOR, NULL,
4039 if (drv->monitor_ifidx < 0)
4042 if (linux_set_iface_flags(drv->ioctl_sock, buf, 1))
4045 memset(&ll, 0, sizeof(ll));
4046 ll.sll_family = AF_PACKET;
4047 ll.sll_ifindex = drv->monitor_ifidx;
4048 drv->monitor_sock = socket(PF_PACKET, SOCK_RAW, htons(ETH_P_ALL));
4049 if (drv->monitor_sock < 0) {
4050 perror("socket[PF_PACKET,SOCK_RAW]");
4054 if (add_monitor_filter(drv->monitor_sock)) {
4055 wpa_printf(MSG_INFO, "Failed to set socket filter for monitor "
4056 "interface; do filtering in user space");
4057 /* This works, but will cost in performance. */
4060 if (bind(drv->monitor_sock, (struct sockaddr *) &ll, sizeof(ll)) < 0) {
4061 perror("monitor socket bind");
4065 optlen = sizeof(optval);
4068 (drv->monitor_sock, SOL_SOCKET, SO_PRIORITY, &optval, optlen)) {
4069 perror("Failed to set socket priority");
4073 if (eloop_register_read_sock(drv->monitor_sock, handle_monitor_read,
4075 printf("Could not register monitor read socket\n");
4081 nl80211_remove_monitor_interface(drv);
4086 static const u8 rfc1042_header[6] = { 0xaa, 0xaa, 0x03, 0x00, 0x00, 0x00 };
4088 static int wpa_driver_nl80211_hapd_send_eapol(
4089 void *priv, const u8 *addr, const u8 *data,
4090 size_t data_len, int encrypt, const u8 *own_addr)
4092 struct i802_bss *bss = priv;
4093 struct wpa_driver_nl80211_data *drv = bss->drv;
4094 struct ieee80211_hdr *hdr;
4099 int qos = sta->flags & WPA_STA_WMM;
4104 len = sizeof(*hdr) + (qos ? 2 : 0) + sizeof(rfc1042_header) + 2 +
4106 hdr = os_zalloc(len);
4108 printf("malloc() failed for i802_send_data(len=%lu)\n",
4109 (unsigned long) len);
4113 hdr->frame_control =
4114 IEEE80211_FC(WLAN_FC_TYPE_DATA, WLAN_FC_STYPE_DATA);
4115 hdr->frame_control |= host_to_le16(WLAN_FC_FROMDS);
4117 hdr->frame_control |= host_to_le16(WLAN_FC_ISWEP);
4118 #if 0 /* To be enabled if qos determination is added above */
4120 hdr->frame_control |=
4121 host_to_le16(WLAN_FC_STYPE_QOS_DATA << 4);
4125 memcpy(hdr->IEEE80211_DA_FROMDS, addr, ETH_ALEN);
4126 memcpy(hdr->IEEE80211_BSSID_FROMDS, own_addr, ETH_ALEN);
4127 memcpy(hdr->IEEE80211_SA_FROMDS, own_addr, ETH_ALEN);
4128 pos = (u8 *) (hdr + 1);
4130 #if 0 /* To be enabled if qos determination is added above */
4132 /* add an empty QoS header if needed */
4139 memcpy(pos, rfc1042_header, sizeof(rfc1042_header));
4140 pos += sizeof(rfc1042_header);
4141 WPA_PUT_BE16(pos, ETH_P_PAE);
4143 memcpy(pos, data, data_len);
4145 res = wpa_driver_nl80211_send_frame(drv, (u8 *) hdr, len, encrypt);
4147 wpa_printf(MSG_ERROR, "i802_send_eapol - packet len: %lu - "
4149 (unsigned long) len, errno, strerror(errno));
4157 static u32 sta_flags_nl80211(int flags)
4161 if (flags & WPA_STA_AUTHORIZED)
4162 f |= BIT(NL80211_STA_FLAG_AUTHORIZED);
4163 if (flags & WPA_STA_WMM)
4164 f |= BIT(NL80211_STA_FLAG_WME);
4165 if (flags & WPA_STA_SHORT_PREAMBLE)
4166 f |= BIT(NL80211_STA_FLAG_SHORT_PREAMBLE);
4167 if (flags & WPA_STA_MFP)
4168 f |= BIT(NL80211_STA_FLAG_MFP);
4174 static int wpa_driver_nl80211_sta_set_flags(void *priv, const u8 *addr,
4176 int flags_or, int flags_and)
4178 struct i802_bss *bss = priv;
4179 struct wpa_driver_nl80211_data *drv = bss->drv;
4180 struct nl_msg *msg, *flags = NULL;
4181 struct nl80211_sta_flag_update upd;
4183 msg = nlmsg_alloc();
4187 flags = nlmsg_alloc();
4193 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
4194 0, NL80211_CMD_SET_STATION, 0);
4196 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
4197 if_nametoindex(bss->ifname));
4198 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
4201 * Backwards compatibility version using NL80211_ATTR_STA_FLAGS. This
4202 * can be removed eventually.
4204 if (total_flags & WPA_STA_AUTHORIZED)
4205 NLA_PUT_FLAG(flags, NL80211_STA_FLAG_AUTHORIZED);
4207 if (total_flags & WPA_STA_WMM)
4208 NLA_PUT_FLAG(flags, NL80211_STA_FLAG_WME);
4210 if (total_flags & WPA_STA_SHORT_PREAMBLE)
4211 NLA_PUT_FLAG(flags, NL80211_STA_FLAG_SHORT_PREAMBLE);
4213 if (total_flags & WPA_STA_MFP)
4214 NLA_PUT_FLAG(flags, NL80211_STA_FLAG_MFP);
4216 if (nla_put_nested(msg, NL80211_ATTR_STA_FLAGS, flags))
4217 goto nla_put_failure;
4219 os_memset(&upd, 0, sizeof(upd));
4220 upd.mask = sta_flags_nl80211(flags_or | ~flags_and);
4221 upd.set = sta_flags_nl80211(flags_or);
4222 NLA_PUT(msg, NL80211_ATTR_STA_FLAGS2, sizeof(upd), &upd);
4226 return send_and_recv_msgs(drv, msg, NULL, NULL);
4233 static int wpa_driver_nl80211_ap(struct wpa_driver_nl80211_data *drv,
4234 struct wpa_driver_associate_params *params)
4237 wpa_printf(MSG_DEBUG, "nl80211: Setup AP operations for P2P "
4239 if (wpa_driver_nl80211_set_mode(&drv->first_bss, params->mode) ||
4240 wpa_driver_nl80211_set_freq(drv, params->freq, 0, 0)) {
4241 nl80211_remove_monitor_interface(drv);
4245 /* TODO: setup monitor interface (and add code somewhere to remove this
4246 * when AP mode is stopped; associate with mode != 2 or drv_deinit) */
4252 static int nl80211_leave_ibss(struct wpa_driver_nl80211_data *drv)
4257 msg = nlmsg_alloc();
4261 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
4262 NL80211_CMD_LEAVE_IBSS, 0);
4263 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
4264 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
4267 wpa_printf(MSG_DEBUG, "nl80211: Leave IBSS failed: ret=%d "
4268 "(%s)", ret, strerror(-ret));
4269 goto nla_put_failure;
4273 wpa_printf(MSG_DEBUG, "nl80211: Leave IBSS request sent successfully");
4281 static int wpa_driver_nl80211_ibss(struct wpa_driver_nl80211_data *drv,
4282 struct wpa_driver_associate_params *params)
4288 wpa_printf(MSG_DEBUG, "nl80211: Join IBSS (ifindex=%d)", drv->ifindex);
4290 if (wpa_driver_nl80211_set_mode(&drv->first_bss, params->mode)) {
4291 wpa_printf(MSG_INFO, "nl80211: Failed to set interface into "
4297 msg = nlmsg_alloc();
4301 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
4302 NL80211_CMD_JOIN_IBSS, 0);
4303 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
4305 if (params->ssid == NULL || params->ssid_len > sizeof(drv->ssid))
4306 goto nla_put_failure;
4308 wpa_hexdump_ascii(MSG_DEBUG, " * SSID",
4309 params->ssid, params->ssid_len);
4310 NLA_PUT(msg, NL80211_ATTR_SSID, params->ssid_len,
4312 os_memcpy(drv->ssid, params->ssid, params->ssid_len);
4313 drv->ssid_len = params->ssid_len;
4315 wpa_printf(MSG_DEBUG, " * freq=%d", params->freq);
4316 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, params->freq);
4318 ret = nl80211_set_conn_keys(params, msg);
4320 goto nla_put_failure;
4322 if (params->wpa_ie) {
4323 wpa_hexdump(MSG_DEBUG,
4324 " * Extra IEs for Beacon/Probe Response frames",
4325 params->wpa_ie, params->wpa_ie_len);
4326 NLA_PUT(msg, NL80211_ATTR_IE, params->wpa_ie_len,
4330 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
4333 wpa_printf(MSG_DEBUG, "nl80211: Join IBSS failed: ret=%d (%s)",
4334 ret, strerror(-ret));
4336 if (ret == -EALREADY && count == 1) {
4337 wpa_printf(MSG_DEBUG, "nl80211: Retry IBSS join after "
4339 nl80211_leave_ibss(drv);
4344 goto nla_put_failure;
4347 wpa_printf(MSG_DEBUG, "nl80211: Join IBSS request sent successfully");
4355 static int wpa_driver_nl80211_connect(
4356 struct wpa_driver_nl80211_data *drv,
4357 struct wpa_driver_associate_params *params)
4360 enum nl80211_auth_type type;
4363 msg = nlmsg_alloc();
4367 wpa_printf(MSG_DEBUG, "nl80211: Connect (ifindex=%d)", drv->ifindex);
4368 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
4369 NL80211_CMD_CONNECT, 0);
4371 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
4372 if (params->bssid) {
4373 wpa_printf(MSG_DEBUG, " * bssid=" MACSTR,
4374 MAC2STR(params->bssid));
4375 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid);
4378 wpa_printf(MSG_DEBUG, " * freq=%d", params->freq);
4379 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, params->freq);
4382 wpa_hexdump_ascii(MSG_DEBUG, " * SSID",
4383 params->ssid, params->ssid_len);
4384 NLA_PUT(msg, NL80211_ATTR_SSID, params->ssid_len,
4386 if (params->ssid_len > sizeof(drv->ssid))
4387 goto nla_put_failure;
4388 os_memcpy(drv->ssid, params->ssid, params->ssid_len);
4389 drv->ssid_len = params->ssid_len;
4391 wpa_hexdump(MSG_DEBUG, " * IEs", params->wpa_ie, params->wpa_ie_len);
4393 NLA_PUT(msg, NL80211_ATTR_IE, params->wpa_ie_len,
4396 if (params->auth_alg & WPA_AUTH_ALG_OPEN)
4397 type = NL80211_AUTHTYPE_OPEN_SYSTEM;
4398 else if (params->auth_alg & WPA_AUTH_ALG_SHARED)
4399 type = NL80211_AUTHTYPE_SHARED_KEY;
4400 else if (params->auth_alg & WPA_AUTH_ALG_LEAP)
4401 type = NL80211_AUTHTYPE_NETWORK_EAP;
4402 else if (params->auth_alg & WPA_AUTH_ALG_FT)
4403 type = NL80211_AUTHTYPE_FT;
4405 goto nla_put_failure;
4407 wpa_printf(MSG_DEBUG, " * Auth Type %d", type);
4408 NLA_PUT_U32(msg, NL80211_ATTR_AUTH_TYPE, type);
4410 if (params->wpa_ie && params->wpa_ie_len) {
4411 enum nl80211_wpa_versions ver;
4413 if (params->wpa_ie[0] == WLAN_EID_RSN)
4414 ver = NL80211_WPA_VERSION_2;
4416 ver = NL80211_WPA_VERSION_1;
4418 wpa_printf(MSG_DEBUG, " * WPA Version %d", ver);
4419 NLA_PUT_U32(msg, NL80211_ATTR_WPA_VERSIONS, ver);
4422 if (params->pairwise_suite != CIPHER_NONE) {
4425 switch (params->pairwise_suite) {
4427 cipher = WLAN_CIPHER_SUITE_WEP40;
4430 cipher = WLAN_CIPHER_SUITE_WEP104;
4433 cipher = WLAN_CIPHER_SUITE_CCMP;
4437 cipher = WLAN_CIPHER_SUITE_TKIP;
4440 NLA_PUT_U32(msg, NL80211_ATTR_CIPHER_SUITES_PAIRWISE, cipher);
4443 if (params->group_suite != CIPHER_NONE) {
4446 switch (params->group_suite) {
4448 cipher = WLAN_CIPHER_SUITE_WEP40;
4451 cipher = WLAN_CIPHER_SUITE_WEP104;
4454 cipher = WLAN_CIPHER_SUITE_CCMP;
4458 cipher = WLAN_CIPHER_SUITE_TKIP;
4461 NLA_PUT_U32(msg, NL80211_ATTR_CIPHER_SUITE_GROUP, cipher);
4464 if (params->key_mgmt_suite == KEY_MGMT_802_1X ||
4465 params->key_mgmt_suite == KEY_MGMT_PSK) {
4466 int mgmt = WLAN_AKM_SUITE_PSK;
4468 switch (params->key_mgmt_suite) {
4469 case KEY_MGMT_802_1X:
4470 mgmt = WLAN_AKM_SUITE_8021X;
4474 mgmt = WLAN_AKM_SUITE_PSK;
4477 NLA_PUT_U32(msg, NL80211_ATTR_AKM_SUITES, mgmt);
4480 ret = nl80211_set_conn_keys(params, msg);
4482 goto nla_put_failure;
4484 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
4487 wpa_printf(MSG_DEBUG, "nl80211: MLME connect failed: ret=%d "
4488 "(%s)", ret, strerror(-ret));
4489 goto nla_put_failure;
4492 wpa_printf(MSG_DEBUG, "nl80211: Connect request send successfully");
4501 static int wpa_driver_nl80211_associate(
4502 void *priv, struct wpa_driver_associate_params *params)
4504 struct i802_bss *bss = priv;
4505 struct wpa_driver_nl80211_data *drv = bss->drv;
4509 if (params->mode == IEEE80211_MODE_AP)
4510 return wpa_driver_nl80211_ap(drv, params);
4512 if (params->mode == IEEE80211_MODE_IBSS)
4513 return wpa_driver_nl80211_ibss(drv, params);
4515 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME)) {
4516 if (wpa_driver_nl80211_set_mode(priv, params->mode) < 0)
4518 return wpa_driver_nl80211_connect(drv, params);
4521 drv->associated = 0;
4523 msg = nlmsg_alloc();
4527 wpa_printf(MSG_DEBUG, "nl80211: Associate (ifindex=%d)",
4529 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
4530 NL80211_CMD_ASSOCIATE, 0);
4532 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
4533 if (params->bssid) {
4534 wpa_printf(MSG_DEBUG, " * bssid=" MACSTR,
4535 MAC2STR(params->bssid));
4536 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid);
4539 wpa_printf(MSG_DEBUG, " * freq=%d", params->freq);
4540 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, params->freq);
4541 drv->assoc_freq = params->freq;
4543 drv->assoc_freq = 0;
4545 wpa_hexdump_ascii(MSG_DEBUG, " * SSID",
4546 params->ssid, params->ssid_len);
4547 NLA_PUT(msg, NL80211_ATTR_SSID, params->ssid_len,
4549 if (params->ssid_len > sizeof(drv->ssid))
4550 goto nla_put_failure;
4551 os_memcpy(drv->ssid, params->ssid, params->ssid_len);
4552 drv->ssid_len = params->ssid_len;
4554 wpa_hexdump(MSG_DEBUG, " * IEs", params->wpa_ie, params->wpa_ie_len);
4556 NLA_PUT(msg, NL80211_ATTR_IE, params->wpa_ie_len,
4559 #ifdef CONFIG_IEEE80211W
4560 if (params->mgmt_frame_protection == MGMT_FRAME_PROTECTION_REQUIRED)
4561 NLA_PUT_U32(msg, NL80211_ATTR_USE_MFP, NL80211_MFP_REQUIRED);
4562 #endif /* CONFIG_IEEE80211W */
4564 NLA_PUT_FLAG(msg, NL80211_ATTR_CONTROL_PORT);
4566 if (params->prev_bssid) {
4567 wpa_printf(MSG_DEBUG, " * prev_bssid=" MACSTR,
4568 MAC2STR(params->prev_bssid));
4569 NLA_PUT(msg, NL80211_ATTR_PREV_BSSID, ETH_ALEN,
4570 params->prev_bssid);
4574 wpa_printf(MSG_DEBUG, " * P2P group");
4576 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
4579 wpa_printf(MSG_DEBUG, "nl80211: MLME command failed: ret=%d "
4580 "(%s)", ret, strerror(-ret));
4581 nl80211_dump_scan(drv);
4582 goto nla_put_failure;
4585 wpa_printf(MSG_DEBUG, "nl80211: Association request send "
4594 static int nl80211_set_mode(struct wpa_driver_nl80211_data *drv,
4595 int ifindex, int mode)
4600 msg = nlmsg_alloc();
4604 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
4605 0, NL80211_CMD_SET_INTERFACE, 0);
4606 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifindex);
4607 NLA_PUT_U32(msg, NL80211_ATTR_IFTYPE, mode);
4609 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
4613 wpa_printf(MSG_DEBUG, "nl80211: Failed to set interface %d to mode %d:"
4614 " %d (%s)", ifindex, mode, ret, strerror(-ret));
4619 static int wpa_driver_nl80211_set_mode(void *priv, int mode)
4621 struct i802_bss *bss = priv;
4622 struct wpa_driver_nl80211_data *drv = bss->drv;
4629 nlmode = NL80211_IFTYPE_STATION;
4632 nlmode = NL80211_IFTYPE_ADHOC;
4635 nlmode = NL80211_IFTYPE_AP;
4641 if (nl80211_set_mode(drv, drv->ifindex, nlmode) == 0) {
4642 drv->nlmode = nlmode;
4647 if (nlmode == drv->nlmode) {
4648 wpa_printf(MSG_DEBUG, "nl80211: Interface already in "
4649 "requested mode - ignore error");
4651 goto done; /* Already in the requested mode */
4654 /* mac80211 doesn't allow mode changes while the device is up, so
4655 * take the device down, try to set the mode again, and bring the
4658 wpa_printf(MSG_DEBUG, "nl80211: Try mode change after setting "
4660 for (i = 0; i < 10; i++) {
4661 if (linux_set_iface_flags(drv->ioctl_sock, bss->ifname, 0) ==
4663 /* Try to set the mode again while the interface is
4665 ret = nl80211_set_mode(drv, drv->ifindex, nlmode);
4666 if (linux_set_iface_flags(drv->ioctl_sock, bss->ifname,
4672 wpa_printf(MSG_DEBUG, "nl80211: Failed to set "
4674 os_sleep(0, 100000);
4678 wpa_printf(MSG_DEBUG, "nl80211: Mode change succeeded while "
4679 "interface is down");
4680 drv->nlmode = nlmode;
4684 if (!ret && nlmode == NL80211_IFTYPE_AP) {
4685 /* Setup additional AP mode functionality if needed */
4686 if (drv->monitor_ifidx < 0 &&
4687 nl80211_create_monitor_interface(drv))
4689 } else if (!ret && nlmode != NL80211_IFTYPE_AP) {
4690 /* Remove additional AP mode functionality */
4691 nl80211_remove_monitor_interface(drv);
4692 bss->beacon_set = 0;
4696 wpa_printf(MSG_DEBUG, "nl80211: Interface mode change to %d "
4697 "from %d failed", nlmode, drv->nlmode);
4703 static int wpa_driver_nl80211_get_capa(void *priv,
4704 struct wpa_driver_capa *capa)
4706 struct i802_bss *bss = priv;
4707 struct wpa_driver_nl80211_data *drv = bss->drv;
4708 if (!drv->has_capability)
4710 os_memcpy(capa, &drv->capa, sizeof(*capa));
4715 static int wpa_driver_nl80211_set_operstate(void *priv, int state)
4717 struct i802_bss *bss = priv;
4718 struct wpa_driver_nl80211_data *drv = bss->drv;
4720 wpa_printf(MSG_DEBUG, "%s: operstate %d->%d (%s)",
4721 __func__, drv->operstate, state, state ? "UP" : "DORMANT");
4722 drv->operstate = state;
4723 return netlink_send_oper_ifla(drv->netlink, drv->ifindex, -1,
4724 state ? IF_OPER_UP : IF_OPER_DORMANT);
4728 static int wpa_driver_nl80211_set_supp_port(void *priv, int authorized)
4730 struct i802_bss *bss = priv;
4731 struct wpa_driver_nl80211_data *drv = bss->drv;
4733 struct nl80211_sta_flag_update upd;
4735 msg = nlmsg_alloc();
4739 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
4740 0, NL80211_CMD_SET_STATION, 0);
4742 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
4743 if_nametoindex(bss->ifname));
4744 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, drv->bssid);
4746 os_memset(&upd, 0, sizeof(upd));
4747 upd.mask = BIT(NL80211_STA_FLAG_AUTHORIZED);
4749 upd.set = BIT(NL80211_STA_FLAG_AUTHORIZED);
4750 NLA_PUT(msg, NL80211_ATTR_STA_FLAGS2, sizeof(upd), &upd);
4752 return send_and_recv_msgs(drv, msg, NULL, NULL);
4760 static void add_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx)
4765 wpa_printf(MSG_DEBUG, "nl80211: Add own interface ifindex %d",
4767 for (i = 0; i < drv->num_if_indices; i++) {
4768 if (drv->if_indices[i] == 0) {
4769 drv->if_indices[i] = ifidx;
4774 if (drv->if_indices != drv->default_if_indices)
4775 old = drv->if_indices;
4779 drv->if_indices = os_realloc(old,
4780 sizeof(int) * (drv->num_if_indices + 1));
4781 if (!drv->if_indices) {
4783 drv->if_indices = drv->default_if_indices;
4785 drv->if_indices = old;
4786 wpa_printf(MSG_ERROR, "Failed to reallocate memory for "
4788 wpa_printf(MSG_ERROR, "Ignoring EAPOL on interface %d", ifidx);
4791 os_memcpy(drv->if_indices, drv->default_if_indices,
4792 sizeof(drv->default_if_indices));
4793 drv->if_indices[drv->num_if_indices] = ifidx;
4794 drv->num_if_indices++;
4798 static void del_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx)
4802 for (i = 0; i < drv->num_if_indices; i++) {
4803 if (drv->if_indices[i] == ifidx) {
4804 drv->if_indices[i] = 0;
4811 static int have_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx)
4815 for (i = 0; i < drv->num_if_indices; i++)
4816 if (drv->if_indices[i] == ifidx)
4823 static inline int min_int(int a, int b)
4831 static int get_key_handler(struct nl_msg *msg, void *arg)
4833 struct nlattr *tb[NL80211_ATTR_MAX + 1];
4834 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
4836 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
4837 genlmsg_attrlen(gnlh, 0), NULL);
4840 * TODO: validate the key index and mac address!
4841 * Otherwise, there's a race condition as soon as
4842 * the kernel starts sending key notifications.
4845 if (tb[NL80211_ATTR_KEY_SEQ])
4846 memcpy(arg, nla_data(tb[NL80211_ATTR_KEY_SEQ]),
4847 min_int(nla_len(tb[NL80211_ATTR_KEY_SEQ]), 6));
4852 static int i802_get_seqnum(const char *iface, void *priv, const u8 *addr,
4855 struct i802_bss *bss = priv;
4856 struct wpa_driver_nl80211_data *drv = bss->drv;
4859 msg = nlmsg_alloc();
4863 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
4864 0, NL80211_CMD_GET_KEY, 0);
4867 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
4868 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, idx);
4869 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(iface));
4873 return send_and_recv_msgs(drv, msg, get_key_handler, seq);
4879 static int i802_set_rate_sets(void *priv, int *supp_rates, int *basic_rates,
4882 struct i802_bss *bss = priv;
4883 struct wpa_driver_nl80211_data *drv = bss->drv;
4885 u8 rates[NL80211_MAX_SUPP_RATES];
4889 msg = nlmsg_alloc();
4893 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
4894 NL80211_CMD_SET_BSS, 0);
4896 for (i = 0; i < NL80211_MAX_SUPP_RATES && basic_rates[i] >= 0; i++)
4897 rates[rates_len++] = basic_rates[i] / 5;
4899 NLA_PUT(msg, NL80211_ATTR_BSS_BASIC_RATES, rates_len, rates);
4901 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(bss->ifname));
4903 return send_and_recv_msgs(drv, msg, NULL, NULL);
4908 #endif /* HOSTAPD */
4911 /* Set kernel driver on given frequency (MHz) */
4912 static int i802_set_freq(void *priv, struct hostapd_freq_params *freq)
4914 struct i802_bss *bss = priv;
4915 struct wpa_driver_nl80211_data *drv = bss->drv;
4916 return wpa_driver_nl80211_set_freq(drv, freq->freq, freq->ht_enabled,
4917 freq->sec_channel_offset);
4923 static int i802_set_rts(void *priv, int rts)
4925 struct i802_bss *bss = priv;
4926 struct wpa_driver_nl80211_data *drv = bss->drv;
4931 msg = nlmsg_alloc();
4940 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
4941 0, NL80211_CMD_SET_WIPHY, 0);
4942 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
4943 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_RTS_THRESHOLD, val);
4945 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
4949 wpa_printf(MSG_DEBUG, "nl80211: Failed to set RTS threshold %d: "
4950 "%d (%s)", rts, ret, strerror(-ret));
4955 static int i802_set_frag(void *priv, int frag)
4957 struct i802_bss *bss = priv;
4958 struct wpa_driver_nl80211_data *drv = bss->drv;
4963 msg = nlmsg_alloc();
4972 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
4973 0, NL80211_CMD_SET_WIPHY, 0);
4974 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
4975 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FRAG_THRESHOLD, val);
4977 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
4981 wpa_printf(MSG_DEBUG, "nl80211: Failed to set fragmentation threshold "
4982 "%d: %d (%s)", frag, ret, strerror(-ret));
4987 static int i802_flush(void *priv)
4989 struct i802_bss *bss = priv;
4990 struct wpa_driver_nl80211_data *drv = bss->drv;
4993 msg = nlmsg_alloc();
4997 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
4998 0, NL80211_CMD_DEL_STATION, 0);
5001 * XXX: FIX! this needs to flush all VLANs too
5003 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
5004 if_nametoindex(bss->ifname));
5006 return send_and_recv_msgs(drv, msg, NULL, NULL);
5012 static int get_sta_handler(struct nl_msg *msg, void *arg)
5014 struct nlattr *tb[NL80211_ATTR_MAX + 1];
5015 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
5016 struct hostap_sta_driver_data *data = arg;
5017 struct nlattr *stats[NL80211_STA_INFO_MAX + 1];
5018 static struct nla_policy stats_policy[NL80211_STA_INFO_MAX + 1] = {
5019 [NL80211_STA_INFO_INACTIVE_TIME] = { .type = NLA_U32 },
5020 [NL80211_STA_INFO_RX_BYTES] = { .type = NLA_U32 },
5021 [NL80211_STA_INFO_TX_BYTES] = { .type = NLA_U32 },
5022 [NL80211_STA_INFO_RX_PACKETS] = { .type = NLA_U32 },
5023 [NL80211_STA_INFO_TX_PACKETS] = { .type = NLA_U32 },
5026 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
5027 genlmsg_attrlen(gnlh, 0), NULL);
5030 * TODO: validate the interface and mac address!
5031 * Otherwise, there's a race condition as soon as
5032 * the kernel starts sending station notifications.
5035 if (!tb[NL80211_ATTR_STA_INFO]) {
5036 wpa_printf(MSG_DEBUG, "sta stats missing!");
5039 if (nla_parse_nested(stats, NL80211_STA_INFO_MAX,
5040 tb[NL80211_ATTR_STA_INFO],
5042 wpa_printf(MSG_DEBUG, "failed to parse nested attributes!");
5046 if (stats[NL80211_STA_INFO_INACTIVE_TIME])
5047 data->inactive_msec =
5048 nla_get_u32(stats[NL80211_STA_INFO_INACTIVE_TIME]);
5049 if (stats[NL80211_STA_INFO_RX_BYTES])
5050 data->rx_bytes = nla_get_u32(stats[NL80211_STA_INFO_RX_BYTES]);
5051 if (stats[NL80211_STA_INFO_TX_BYTES])
5052 data->tx_bytes = nla_get_u32(stats[NL80211_STA_INFO_TX_BYTES]);
5053 if (stats[NL80211_STA_INFO_RX_PACKETS])
5055 nla_get_u32(stats[NL80211_STA_INFO_RX_PACKETS]);
5056 if (stats[NL80211_STA_INFO_TX_PACKETS])
5058 nla_get_u32(stats[NL80211_STA_INFO_TX_PACKETS]);
5063 static int i802_read_sta_data(void *priv, struct hostap_sta_driver_data *data,
5066 struct i802_bss *bss = priv;
5067 struct wpa_driver_nl80211_data *drv = bss->drv;
5070 os_memset(data, 0, sizeof(*data));
5071 msg = nlmsg_alloc();
5075 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
5076 0, NL80211_CMD_GET_STATION, 0);
5078 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
5079 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(bss->ifname));
5081 return send_and_recv_msgs(drv, msg, get_sta_handler, data);
5087 static int i802_set_tx_queue_params(void *priv, int queue, int aifs,
5088 int cw_min, int cw_max, int burst_time)
5090 struct i802_bss *bss = priv;
5091 struct wpa_driver_nl80211_data *drv = bss->drv;
5093 struct nlattr *txq, *params;
5095 msg = nlmsg_alloc();
5099 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
5100 0, NL80211_CMD_SET_WIPHY, 0);
5102 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(bss->ifname));
5104 txq = nla_nest_start(msg, NL80211_ATTR_WIPHY_TXQ_PARAMS);
5106 goto nla_put_failure;
5108 /* We are only sending parameters for a single TXQ at a time */
5109 params = nla_nest_start(msg, 1);
5111 goto nla_put_failure;
5115 NLA_PUT_U8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_VO);
5118 NLA_PUT_U8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_VI);
5121 NLA_PUT_U8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_BE);
5124 NLA_PUT_U8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_BK);
5127 /* Burst time is configured in units of 0.1 msec and TXOP parameter in
5128 * 32 usec, so need to convert the value here. */
5129 NLA_PUT_U16(msg, NL80211_TXQ_ATTR_TXOP, (burst_time * 100 + 16) / 32);
5130 NLA_PUT_U16(msg, NL80211_TXQ_ATTR_CWMIN, cw_min);
5131 NLA_PUT_U16(msg, NL80211_TXQ_ATTR_CWMAX, cw_max);
5132 NLA_PUT_U8(msg, NL80211_TXQ_ATTR_AIFS, aifs);
5134 nla_nest_end(msg, params);
5136 nla_nest_end(msg, txq);
5138 if (send_and_recv_msgs(drv, msg, NULL, NULL) == 0)
5145 static int i802_set_bss(void *priv, int cts, int preamble, int slot)
5147 struct i802_bss *bss = priv;
5148 struct wpa_driver_nl80211_data *drv = bss->drv;
5151 msg = nlmsg_alloc();
5155 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
5156 NL80211_CMD_SET_BSS, 0);
5159 NLA_PUT_U8(msg, NL80211_ATTR_BSS_CTS_PROT, cts);
5161 NLA_PUT_U8(msg, NL80211_ATTR_BSS_SHORT_PREAMBLE, preamble);
5163 NLA_PUT_U8(msg, NL80211_ATTR_BSS_SHORT_SLOT_TIME, slot);
5165 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(bss->ifname));
5167 return send_and_recv_msgs(drv, msg, NULL, NULL);
5173 static int i802_set_cts_protect(void *priv, int value)
5175 return i802_set_bss(priv, value, -1, -1);
5179 static int i802_set_preamble(void *priv, int value)
5181 return i802_set_bss(priv, -1, value, -1);
5185 static int i802_set_short_slot_time(void *priv, int value)
5187 return i802_set_bss(priv, -1, -1, value);
5191 static int i802_set_sta_vlan(void *priv, const u8 *addr,
5192 const char *ifname, int vlan_id)
5194 struct i802_bss *bss = priv;
5195 struct wpa_driver_nl80211_data *drv = bss->drv;
5199 msg = nlmsg_alloc();
5203 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
5204 0, NL80211_CMD_SET_STATION, 0);
5206 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
5207 if_nametoindex(bss->ifname));
5208 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
5209 NLA_PUT_U32(msg, NL80211_ATTR_STA_VLAN,
5210 if_nametoindex(ifname));
5212 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
5214 wpa_printf(MSG_ERROR, "nl80211: NL80211_ATTR_STA_VLAN (addr="
5215 MACSTR " ifname=%s vlan_id=%d) failed: %d (%s)",
5216 MAC2STR(addr), ifname, vlan_id, ret,
5224 static int i802_set_wds_sta(void *priv, const u8 *addr, int aid, int val,
5225 const char *bridge_ifname)
5227 struct i802_bss *bss = priv;
5228 struct wpa_driver_nl80211_data *drv = bss->drv;
5229 char name[IFNAMSIZ + 1];
5231 os_snprintf(name, sizeof(name), "%s.sta%d", bss->ifname, aid);
5232 wpa_printf(MSG_DEBUG, "nl80211: Set WDS STA addr=" MACSTR
5233 " aid=%d val=%d name=%s", MAC2STR(addr), aid, val, name);
5235 if (!if_nametoindex(name)) {
5236 if (nl80211_create_iface(drv, name,
5237 NL80211_IFTYPE_AP_VLAN,
5240 if (bridge_ifname &&
5241 linux_br_add_if(drv->ioctl_sock, bridge_ifname,
5245 linux_set_iface_flags(drv->ioctl_sock, name, 1);
5246 return i802_set_sta_vlan(priv, addr, name, 0);
5248 i802_set_sta_vlan(priv, addr, bss->ifname, 0);
5249 return wpa_driver_nl80211_if_remove(priv, WPA_IF_AP_VLAN,
5255 static void handle_eapol(int sock, void *eloop_ctx, void *sock_ctx)
5257 struct wpa_driver_nl80211_data *drv = eloop_ctx;
5258 struct sockaddr_ll lladdr;
5259 unsigned char buf[3000];
5261 socklen_t fromlen = sizeof(lladdr);
5263 len = recvfrom(sock, buf, sizeof(buf), 0,
5264 (struct sockaddr *)&lladdr, &fromlen);
5270 if (have_ifidx(drv, lladdr.sll_ifindex))
5271 drv_event_eapol_rx(drv->ctx, lladdr.sll_addr, buf, len);
5275 static int i802_get_inact_sec(void *priv, const u8 *addr)
5277 struct hostap_sta_driver_data data;
5280 data.inactive_msec = (unsigned long) -1;
5281 ret = i802_read_sta_data(priv, &data, addr);
5282 if (ret || data.inactive_msec == (unsigned long) -1)
5284 return data.inactive_msec / 1000;
5288 static int i802_sta_clear_stats(void *priv, const u8 *addr)
5297 static int i802_sta_deauth(void *priv, const u8 *own_addr, const u8 *addr,
5300 struct i802_bss *bss = priv;
5301 struct ieee80211_mgmt mgmt;
5303 memset(&mgmt, 0, sizeof(mgmt));
5304 mgmt.frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT,
5305 WLAN_FC_STYPE_DEAUTH);
5306 memcpy(mgmt.da, addr, ETH_ALEN);
5307 memcpy(mgmt.sa, own_addr, ETH_ALEN);
5308 memcpy(mgmt.bssid, own_addr, ETH_ALEN);
5309 mgmt.u.deauth.reason_code = host_to_le16(reason);
5310 return wpa_driver_nl80211_send_mlme(bss, (u8 *) &mgmt,
5312 sizeof(mgmt.u.deauth));
5316 static int i802_sta_disassoc(void *priv, const u8 *own_addr, const u8 *addr,
5319 struct i802_bss *bss = priv;
5320 struct ieee80211_mgmt mgmt;
5322 memset(&mgmt, 0, sizeof(mgmt));
5323 mgmt.frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT,
5324 WLAN_FC_STYPE_DISASSOC);
5325 memcpy(mgmt.da, addr, ETH_ALEN);
5326 memcpy(mgmt.sa, own_addr, ETH_ALEN);
5327 memcpy(mgmt.bssid, own_addr, ETH_ALEN);
5328 mgmt.u.disassoc.reason_code = host_to_le16(reason);
5329 return wpa_driver_nl80211_send_mlme(bss, (u8 *) &mgmt,
5331 sizeof(mgmt.u.disassoc));
5335 static int i802_check_bridge(struct wpa_driver_nl80211_data *drv,
5336 const char *brname, const char *ifname)
5339 char in_br[IFNAMSIZ];
5341 os_strlcpy(drv->brname, brname, IFNAMSIZ);
5342 ifindex = if_nametoindex(brname);
5345 * Bridge was configured, but the bridge device does
5346 * not exist. Try to add it now.
5348 if (linux_br_add(drv->ioctl_sock, brname) < 0) {
5349 wpa_printf(MSG_ERROR, "nl80211: Failed to add the "
5350 "bridge interface %s: %s",
5351 brname, strerror(errno));
5354 drv->added_bridge = 1;
5355 add_ifidx(drv, if_nametoindex(brname));
5358 if (linux_br_get(in_br, ifname) == 0) {
5359 if (os_strcmp(in_br, brname) == 0)
5360 return 0; /* already in the bridge */
5362 wpa_printf(MSG_DEBUG, "nl80211: Removing interface %s from "
5363 "bridge %s", ifname, in_br);
5364 if (linux_br_del_if(drv->ioctl_sock, in_br, ifname) < 0) {
5365 wpa_printf(MSG_ERROR, "nl80211: Failed to "
5366 "remove interface %s from bridge "
5368 ifname, brname, strerror(errno));
5373 wpa_printf(MSG_DEBUG, "nl80211: Adding interface %s into bridge %s",
5375 if (linux_br_add_if(drv->ioctl_sock, brname, ifname) < 0) {
5376 wpa_printf(MSG_ERROR, "nl80211: Failed to add interface %s "
5377 "into bridge %s: %s",
5378 ifname, brname, strerror(errno));
5381 drv->added_if_into_bridge = 1;
5387 static void *i802_init(struct hostapd_data *hapd,
5388 struct wpa_init_params *params)
5390 struct wpa_driver_nl80211_data *drv;
5391 struct i802_bss *bss;
5393 char brname[IFNAMSIZ];
5394 int ifindex, br_ifindex;
5397 bss = wpa_driver_nl80211_init(hapd, params->ifname, NULL);
5402 if (linux_br_get(brname, params->ifname) == 0) {
5403 wpa_printf(MSG_DEBUG, "nl80211: Interface %s is in bridge %s",
5404 params->ifname, brname);
5405 br_ifindex = if_nametoindex(brname);
5411 drv->num_if_indices = sizeof(drv->default_if_indices) / sizeof(int);
5412 drv->if_indices = drv->default_if_indices;
5413 for (i = 0; i < params->num_bridge; i++) {
5414 if (params->bridge[i]) {
5415 ifindex = if_nametoindex(params->bridge[i]);
5417 add_ifidx(drv, ifindex);
5418 if (ifindex == br_ifindex)
5422 if (!br_added && br_ifindex &&
5423 (params->num_bridge == 0 || !params->bridge[0]))
5424 add_ifidx(drv, br_ifindex);
5426 /* start listening for EAPOL on the default AP interface */
5427 add_ifidx(drv, drv->ifindex);
5429 if (linux_set_iface_flags(drv->ioctl_sock, bss->ifname, 0))
5432 if (params->bssid) {
5433 if (linux_set_ifhwaddr(drv->ioctl_sock, bss->ifname,
5438 if (wpa_driver_nl80211_set_mode(bss, IEEE80211_MODE_AP)) {
5439 wpa_printf(MSG_ERROR, "nl80211: Failed to set interface %s "
5440 "into AP mode", bss->ifname);
5444 if (params->num_bridge && params->bridge[0] &&
5445 i802_check_bridge(drv, params->bridge[0], params->ifname) < 0)
5448 if (linux_set_iface_flags(drv->ioctl_sock, bss->ifname, 1))
5451 drv->eapol_sock = socket(PF_PACKET, SOCK_DGRAM, htons(ETH_P_PAE));
5452 if (drv->eapol_sock < 0) {
5453 perror("socket(PF_PACKET, SOCK_DGRAM, ETH_P_PAE)");
5457 if (eloop_register_read_sock(drv->eapol_sock, handle_eapol, drv, NULL))
5459 printf("Could not register read socket for eapol\n");
5463 if (linux_get_ifhwaddr(drv->ioctl_sock, bss->ifname, params->own_addr))
5469 nl80211_remove_monitor_interface(drv);
5470 if (drv->ioctl_sock >= 0)
5471 close(drv->ioctl_sock);
5473 genl_family_put(drv->nl80211);
5474 nl_cache_free(drv->nl_cache);
5475 nl80211_handle_destroy(drv->nl_handle);
5476 nl_cb_put(drv->nl_cb);
5483 static void i802_deinit(void *priv)
5485 wpa_driver_nl80211_deinit(priv);
5488 #endif /* HOSTAPD */
5491 static enum nl80211_iftype wpa_driver_nl80211_if_type(
5492 enum wpa_driver_if_type type)
5495 case WPA_IF_STATION:
5496 case WPA_IF_P2P_CLIENT:
5497 case WPA_IF_P2P_GROUP:
5498 return NL80211_IFTYPE_STATION;
5499 case WPA_IF_AP_VLAN:
5500 return NL80211_IFTYPE_AP_VLAN;
5503 return NL80211_IFTYPE_AP;
5511 static int nl80211_addr_in_use(struct nl80211_global *global, const u8 *addr)
5513 struct wpa_driver_nl80211_data *drv;
5514 dl_list_for_each(drv, &global->interfaces,
5515 struct wpa_driver_nl80211_data, list) {
5516 if (os_memcmp(addr, drv->addr, ETH_ALEN) == 0)
5523 static int nl80211_p2p_interface_addr(struct wpa_driver_nl80211_data *drv,
5531 os_memcpy(new_addr, drv->addr, ETH_ALEN);
5532 for (idx = 0; idx < 64; idx++) {
5533 new_addr[0] = drv->addr[0] | 0x02;
5534 new_addr[0] ^= idx << 2;
5535 if (!nl80211_addr_in_use(drv->global, new_addr))
5541 wpa_printf(MSG_DEBUG, "nl80211: Assigned new P2P Interface Address "
5542 MACSTR, MAC2STR(new_addr));
5547 #endif /* CONFIG_P2P */
5550 static int wpa_driver_nl80211_if_add(void *priv, enum wpa_driver_if_type type,
5551 const char *ifname, const u8 *addr,
5552 void *bss_ctx, void **drv_priv,
5553 char *force_ifname, u8 *if_addr)
5555 struct i802_bss *bss = priv;
5556 struct wpa_driver_nl80211_data *drv = bss->drv;
5559 struct i802_bss *new_bss = NULL;
5561 if (type == WPA_IF_AP_BSS) {
5562 new_bss = os_zalloc(sizeof(*new_bss));
5563 if (new_bss == NULL)
5566 #endif /* HOSTAPD */
5569 os_memcpy(if_addr, addr, ETH_ALEN);
5570 ifidx = nl80211_create_iface(drv, ifname,
5571 wpa_driver_nl80211_if_type(type), addr,
5576 #endif /* HOSTAPD */
5581 linux_get_ifhwaddr(drv->ioctl_sock, bss->ifname, if_addr) < 0) {
5582 nl80211_remove_iface(drv, ifidx);
5588 (type == WPA_IF_P2P_CLIENT || type == WPA_IF_P2P_GROUP ||
5589 type == WPA_IF_P2P_GO)) {
5590 /* Enforce unique P2P Interface Address */
5591 u8 new_addr[ETH_ALEN], own_addr[ETH_ALEN];
5593 if (linux_get_ifhwaddr(drv->ioctl_sock, bss->ifname, own_addr)
5595 linux_get_ifhwaddr(drv->ioctl_sock, ifname, new_addr) < 0)
5597 nl80211_remove_iface(drv, ifidx);
5600 if (os_memcmp(own_addr, new_addr, ETH_ALEN) == 0) {
5601 wpa_printf(MSG_DEBUG, "nl80211: Allocate new address "
5602 "for P2P group interface");
5603 if (nl80211_p2p_interface_addr(drv, new_addr) < 0) {
5604 nl80211_remove_iface(drv, ifidx);
5607 if (linux_set_ifhwaddr(drv->ioctl_sock, ifname,
5609 nl80211_remove_iface(drv, ifidx);
5612 os_memcpy(if_addr, new_addr, ETH_ALEN);
5615 #endif /* CONFIG_P2P */
5618 if (type == WPA_IF_AP_BSS) {
5619 if (linux_set_iface_flags(drv->ioctl_sock, ifname, 1)) {
5620 nl80211_remove_iface(drv, ifidx);
5624 os_strlcpy(new_bss->ifname, ifname, IFNAMSIZ);
5625 new_bss->ifindex = ifidx;
5627 new_bss->next = drv->first_bss.next;
5628 drv->first_bss.next = new_bss;
5630 *drv_priv = new_bss;
5632 #endif /* HOSTAPD */
5638 static int wpa_driver_nl80211_if_remove(void *priv,
5639 enum wpa_driver_if_type type,
5642 struct i802_bss *bss = priv;
5643 struct wpa_driver_nl80211_data *drv = bss->drv;
5644 int ifindex = if_nametoindex(ifname);
5646 wpa_printf(MSG_DEBUG, "nl80211: %s(type=%d ifname=%s) ifindex=%d",
5647 __func__, type, ifname, ifindex);
5650 nl80211_remove_iface(drv, ifindex);
5653 if (type != WPA_IF_AP_BSS)
5656 if (bss != &drv->first_bss) {
5657 struct i802_bss *tbss = &drv->first_bss;
5660 if (tbss->next != bss)
5663 tbss->next = bss->next;
5668 #endif /* HOSTAPD */
5674 static int cookie_handler(struct nl_msg *msg, void *arg)
5676 struct nlattr *tb[NL80211_ATTR_MAX + 1];
5677 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
5679 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
5680 genlmsg_attrlen(gnlh, 0), NULL);
5681 if (tb[NL80211_ATTR_COOKIE])
5682 *cookie = nla_get_u64(tb[NL80211_ATTR_COOKIE]);
5687 static int nl80211_send_frame_cmd(struct wpa_driver_nl80211_data *drv,
5688 unsigned int freq, const u8 *buf,
5689 size_t buf_len, u64 *cookie_out)
5695 msg = nlmsg_alloc();
5699 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
5700 NL80211_CMD_FRAME, 0);
5702 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
5703 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, freq);
5704 NLA_PUT(msg, NL80211_ATTR_FRAME, buf_len, buf);
5707 ret = send_and_recv_msgs(drv, msg, cookie_handler, &cookie);
5710 wpa_printf(MSG_DEBUG, "nl80211: Frame command failed: ret=%d "
5711 "(%s)", ret, strerror(-ret));
5712 goto nla_put_failure;
5714 wpa_printf(MSG_DEBUG, "nl80211: Frame TX command accepted; "
5715 "cookie 0x%llx", (long long unsigned int) cookie);
5718 *cookie_out = cookie;
5726 static int wpa_driver_nl80211_send_action(void *priv, unsigned int freq,
5727 const u8 *dst, const u8 *src,
5729 const u8 *data, size_t data_len)
5731 struct i802_bss *bss = priv;
5732 struct wpa_driver_nl80211_data *drv = bss->drv;
5735 struct ieee80211_hdr *hdr;
5737 wpa_printf(MSG_DEBUG, "nl80211: Send Action frame (ifindex=%d)",
5740 buf = os_zalloc(24 + data_len);
5743 os_memcpy(buf + 24, data, data_len);
5744 hdr = (struct ieee80211_hdr *) buf;
5745 hdr->frame_control =
5746 IEEE80211_FC(WLAN_FC_TYPE_MGMT, WLAN_FC_STYPE_ACTION);
5747 os_memcpy(hdr->addr1, dst, ETH_ALEN);
5748 os_memcpy(hdr->addr2, src, ETH_ALEN);
5749 os_memcpy(hdr->addr3, bssid, ETH_ALEN);
5751 if (drv->nlmode == NL80211_IFTYPE_AP)
5752 ret = wpa_driver_nl80211_send_mlme(priv, buf, 24 + data_len);
5754 ret = nl80211_send_frame_cmd(drv, freq, buf, 24 + data_len,
5755 &drv->send_action_cookie);
5762 static int wpa_driver_nl80211_remain_on_channel(void *priv, unsigned int freq,
5763 unsigned int duration)
5765 struct i802_bss *bss = priv;
5766 struct wpa_driver_nl80211_data *drv = bss->drv;
5771 msg = nlmsg_alloc();
5775 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
5776 NL80211_CMD_REMAIN_ON_CHANNEL, 0);
5778 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
5779 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, freq);
5780 NLA_PUT_U32(msg, NL80211_ATTR_DURATION, duration);
5783 ret = send_and_recv_msgs(drv, msg, cookie_handler, &cookie);
5785 wpa_printf(MSG_DEBUG, "nl80211: Remain-on-channel cookie "
5786 "0x%llx for freq=%u MHz duration=%u",
5787 (long long unsigned int) cookie, freq, duration);
5788 drv->remain_on_chan_cookie = cookie;
5791 wpa_printf(MSG_DEBUG, "nl80211: Failed to request remain-on-channel "
5792 "(freq=%d duration=%u): %d (%s)",
5793 freq, duration, ret, strerror(-ret));
5799 static int wpa_driver_nl80211_cancel_remain_on_channel(void *priv)
5801 struct i802_bss *bss = priv;
5802 struct wpa_driver_nl80211_data *drv = bss->drv;
5806 if (!drv->pending_remain_on_chan) {
5807 wpa_printf(MSG_DEBUG, "nl80211: No pending remain-on-channel "
5812 wpa_printf(MSG_DEBUG, "nl80211: Cancel remain-on-channel with cookie "
5814 (long long unsigned int) drv->remain_on_chan_cookie);
5816 msg = nlmsg_alloc();
5820 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
5821 NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL, 0);
5823 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
5824 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, drv->remain_on_chan_cookie);
5826 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
5829 wpa_printf(MSG_DEBUG, "nl80211: Failed to cancel remain-on-channel: "
5830 "%d (%s)", ret, strerror(-ret));
5836 static int wpa_driver_nl80211_probe_req_report(void *priv, int report)
5838 struct i802_bss *bss = priv;
5839 struct wpa_driver_nl80211_data *drv = bss->drv;
5841 if (drv->nlmode != NL80211_IFTYPE_STATION) {
5842 wpa_printf(MSG_DEBUG, "nl80211: probe_req_report control only "
5843 "allowed in station mode (iftype=%d)",
5849 if (drv->nl_handle_preq) {
5850 eloop_unregister_read_sock(
5851 nl_socket_get_fd(drv->nl_handle_preq));
5852 nl_cache_free(drv->nl_cache_preq);
5853 nl80211_handle_destroy(drv->nl_handle_preq);
5854 drv->nl_handle_preq = NULL;
5859 if (drv->nl_handle_preq) {
5860 wpa_printf(MSG_DEBUG, "nl80211: Probe Request reporting "
5865 drv->nl_handle_preq = nl80211_handle_alloc(drv->nl_cb);
5866 if (drv->nl_handle_preq == NULL) {
5867 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate "
5868 "netlink callbacks (preq)");
5872 if (genl_connect(drv->nl_handle_preq)) {
5873 wpa_printf(MSG_ERROR, "nl80211: Failed to connect to "
5874 "generic netlink (preq)");
5879 #ifdef CONFIG_LIBNL20
5880 if (genl_ctrl_alloc_cache(drv->nl_handle_preq,
5881 &drv->nl_cache_preq) < 0) {
5882 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate generic "
5883 "netlink cache (preq)");
5886 #else /* CONFIG_LIBNL20 */
5887 drv->nl_cache_preq = genl_ctrl_alloc_cache(drv->nl_handle_preq);
5888 if (drv->nl_cache_preq == NULL) {
5889 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate generic "
5890 "netlink cache (preq)");
5893 #endif /* CONFIG_LIBNL20 */
5895 if (nl80211_register_frame(drv, drv->nl_handle_preq,
5896 (WLAN_FC_TYPE_MGMT << 2) |
5897 (WLAN_FC_STYPE_PROBE_REQ << 4),
5902 eloop_register_read_sock(nl_socket_get_fd(drv->nl_handle_preq),
5903 wpa_driver_nl80211_event_receive, drv,
5904 drv->nl_handle_preq);
5909 nl_cache_free(drv->nl_cache_preq);
5911 nl80211_handle_destroy(drv->nl_handle_preq);
5912 drv->nl_handle_preq = NULL;
5918 static int nl80211_disable_11b_rates(struct wpa_driver_nl80211_data *drv,
5919 int ifindex, int disabled)
5922 struct nlattr *bands, *band;
5925 msg = nlmsg_alloc();
5929 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
5930 NL80211_CMD_SET_TX_BITRATE_MASK, 0);
5931 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifindex);
5933 bands = nla_nest_start(msg, NL80211_ATTR_TX_RATES);
5935 goto nla_put_failure;
5938 * Disable 2 GHz rates 1, 2, 5.5, 11 Mbps by masking out everything
5939 * else apart from 6, 9, 12, 18, 24, 36, 48, 54 Mbps from non-MCS
5940 * rates. All 5 GHz rates are left enabled.
5942 band = nla_nest_start(msg, NL80211_BAND_2GHZ);
5944 goto nla_put_failure;
5945 NLA_PUT(msg, NL80211_TXRATE_LEGACY, 8,
5946 "\x0c\x12\x18\x24\x30\x48\x60\x6c");
5947 nla_nest_end(msg, band);
5949 nla_nest_end(msg, bands);
5951 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
5954 wpa_printf(MSG_DEBUG, "nl80211: Set TX rates failed: ret=%d "
5955 "(%s)", ret, strerror(-ret));
5966 static int wpa_driver_nl80211_disable_11b_rates(void *priv, int disabled)
5968 struct i802_bss *bss = priv;
5969 struct wpa_driver_nl80211_data *drv = bss->drv;
5970 drv->disable_11b_rates = disabled;
5971 return nl80211_disable_11b_rates(drv, drv->ifindex, disabled);
5975 static int wpa_driver_nl80211_deinit_ap(void *priv)
5977 struct i802_bss *bss = priv;
5978 struct wpa_driver_nl80211_data *drv = bss->drv;
5979 if (drv->nlmode != NL80211_IFTYPE_AP)
5981 wpa_driver_nl80211_del_beacon(drv);
5982 return wpa_driver_nl80211_set_mode(priv, IEEE80211_MODE_INFRA);
5986 static void wpa_driver_nl80211_resume(void *priv)
5988 struct i802_bss *bss = priv;
5989 struct wpa_driver_nl80211_data *drv = bss->drv;
5990 if (linux_set_iface_flags(drv->ioctl_sock, bss->ifname, 1)) {
5991 wpa_printf(MSG_DEBUG, "nl80211: Failed to set interface up on "
5997 static int nl80211_send_ft_action(void *priv, u8 action, const u8 *target_ap,
5998 const u8 *ies, size_t ies_len)
6000 struct i802_bss *bss = priv;
6001 struct wpa_driver_nl80211_data *drv = bss->drv;
6005 u8 own_addr[ETH_ALEN];
6007 if (linux_get_ifhwaddr(drv->ioctl_sock, bss->ifname, own_addr) < 0)
6011 wpa_printf(MSG_ERROR, "nl80211: Unsupported send_ft_action "
6012 "action %d", action);
6017 * Action frame payload:
6018 * Category[1] = 6 (Fast BSS Transition)
6019 * Action[1] = 1 (Fast BSS Transition Request)
6025 data_len = 2 + 2 * ETH_ALEN + ies_len;
6026 data = os_malloc(data_len);
6030 *pos++ = 0x06; /* FT Action category */
6032 os_memcpy(pos, own_addr, ETH_ALEN);
6034 os_memcpy(pos, target_ap, ETH_ALEN);
6036 os_memcpy(pos, ies, ies_len);
6038 ret = wpa_driver_nl80211_send_action(bss, drv->assoc_freq, drv->bssid,
6039 own_addr, drv->bssid,
6047 static int nl80211_signal_monitor(void *priv, int threshold, int hysteresis)
6049 struct i802_bss *bss = priv;
6050 struct wpa_driver_nl80211_data *drv = bss->drv;
6051 struct nl_msg *msg, *cqm = NULL;
6053 wpa_printf(MSG_DEBUG, "nl80211: Signal monitor threshold=%d "
6054 "hysteresis=%d", threshold, hysteresis);
6056 msg = nlmsg_alloc();
6060 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
6061 0, NL80211_CMD_SET_CQM, 0);
6063 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, bss->ifindex);
6065 cqm = nlmsg_alloc();
6069 NLA_PUT_U32(cqm, NL80211_ATTR_CQM_RSSI_THOLD, threshold);
6070 NLA_PUT_U32(cqm, NL80211_ATTR_CQM_RSSI_HYST, hysteresis);
6071 nla_put_nested(msg, NL80211_ATTR_CQM, cqm);
6073 if (send_and_recv_msgs(drv, msg, NULL, NULL) == 0)
6085 static int nl80211_send_frame(void *priv, const u8 *data, size_t data_len,
6088 struct i802_bss *bss = priv;
6089 struct wpa_driver_nl80211_data *drv = bss->drv;
6090 return wpa_driver_nl80211_send_frame(drv, data, data_len, encrypt);
6094 static int nl80211_set_intra_bss(void *priv, int enabled)
6096 struct i802_bss *bss = priv;
6097 struct wpa_driver_nl80211_data *drv = bss->drv;
6100 msg = nlmsg_alloc();
6104 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
6105 NL80211_CMD_SET_BSS, 0);
6107 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(bss->ifname));
6108 NLA_PUT_U8(msg, NL80211_ATTR_AP_ISOLATE, !enabled);
6110 return send_and_recv_msgs(drv, msg, NULL, NULL);
6116 static int nl80211_set_param(void *priv, const char *param)
6118 wpa_printf(MSG_DEBUG, "nl80211: driver param='%s'", param);
6123 if (os_strstr(param, "use_p2p_group_interface=1")) {
6124 struct i802_bss *bss = priv;
6125 struct wpa_driver_nl80211_data *drv = bss->drv;
6127 wpa_printf(MSG_DEBUG, "nl80211: Use separate P2P group "
6129 drv->capa.flags |= WPA_DRIVER_FLAGS_P2P_CONCURRENT;
6130 drv->capa.flags |= WPA_DRIVER_FLAGS_P2P_MGMT_AND_NON_P2P;
6132 #endif /* CONFIG_P2P */
6138 static void * nl80211_global_init(void)
6140 struct nl80211_global *global;
6141 global = os_zalloc(sizeof(*global));
6144 dl_list_init(&global->interfaces);
6149 static void nl80211_global_deinit(void *priv)
6151 struct nl80211_global *global = priv;
6154 if (!dl_list_empty(&global->interfaces)) {
6155 wpa_printf(MSG_ERROR, "nl80211: %u interface(s) remain at "
6156 "nl80211_global_deinit",
6157 dl_list_len(&global->interfaces));
6163 static const char * nl80211_get_radio_name(void *priv)
6165 struct i802_bss *bss = priv;
6166 struct wpa_driver_nl80211_data *drv = bss->drv;
6167 return drv->phyname;
6171 const struct wpa_driver_ops wpa_driver_nl80211_ops = {
6173 .desc = "Linux nl80211/cfg80211",
6174 .get_bssid = wpa_driver_nl80211_get_bssid,
6175 .get_ssid = wpa_driver_nl80211_get_ssid,
6176 .set_key = wpa_driver_nl80211_set_key,
6177 .scan2 = wpa_driver_nl80211_scan,
6178 .get_scan_results2 = wpa_driver_nl80211_get_scan_results,
6179 .deauthenticate = wpa_driver_nl80211_deauthenticate,
6180 .disassociate = wpa_driver_nl80211_disassociate,
6181 .authenticate = wpa_driver_nl80211_authenticate,
6182 .associate = wpa_driver_nl80211_associate,
6183 .global_init = nl80211_global_init,
6184 .global_deinit = nl80211_global_deinit,
6185 .init2 = wpa_driver_nl80211_init,
6186 .deinit = wpa_driver_nl80211_deinit,
6187 .get_capa = wpa_driver_nl80211_get_capa,
6188 .set_operstate = wpa_driver_nl80211_set_operstate,
6189 .set_supp_port = wpa_driver_nl80211_set_supp_port,
6190 .set_country = wpa_driver_nl80211_set_country,
6191 .set_beacon = wpa_driver_nl80211_set_beacon,
6192 .if_add = wpa_driver_nl80211_if_add,
6193 .if_remove = wpa_driver_nl80211_if_remove,
6194 .send_mlme = wpa_driver_nl80211_send_mlme,
6195 .get_hw_feature_data = wpa_driver_nl80211_get_hw_feature_data,
6196 .sta_add = wpa_driver_nl80211_sta_add,
6197 .sta_remove = wpa_driver_nl80211_sta_remove,
6198 .hapd_send_eapol = wpa_driver_nl80211_hapd_send_eapol,
6199 .sta_set_flags = wpa_driver_nl80211_sta_set_flags,
6201 .hapd_init = i802_init,
6202 .hapd_deinit = i802_deinit,
6203 .get_seqnum = i802_get_seqnum,
6204 .flush = i802_flush,
6205 .read_sta_data = i802_read_sta_data,
6206 .sta_deauth = i802_sta_deauth,
6207 .sta_disassoc = i802_sta_disassoc,
6208 .get_inact_sec = i802_get_inact_sec,
6209 .sta_clear_stats = i802_sta_clear_stats,
6210 .set_rts = i802_set_rts,
6211 .set_frag = i802_set_frag,
6212 .set_rate_sets = i802_set_rate_sets,
6213 .set_cts_protect = i802_set_cts_protect,
6214 .set_preamble = i802_set_preamble,
6215 .set_short_slot_time = i802_set_short_slot_time,
6216 .set_tx_queue_params = i802_set_tx_queue_params,
6217 .set_sta_vlan = i802_set_sta_vlan,
6218 .set_wds_sta = i802_set_wds_sta,
6219 #endif /* HOSTAPD */
6220 .set_freq = i802_set_freq,
6221 .send_action = wpa_driver_nl80211_send_action,
6222 .remain_on_channel = wpa_driver_nl80211_remain_on_channel,
6223 .cancel_remain_on_channel =
6224 wpa_driver_nl80211_cancel_remain_on_channel,
6225 .probe_req_report = wpa_driver_nl80211_probe_req_report,
6226 .disable_11b_rates = wpa_driver_nl80211_disable_11b_rates,
6227 .deinit_ap = wpa_driver_nl80211_deinit_ap,
6228 .resume = wpa_driver_nl80211_resume,
6229 .send_ft_action = nl80211_send_ft_action,
6230 .signal_monitor = nl80211_signal_monitor,
6231 .send_frame = nl80211_send_frame,
6232 .set_intra_bss = nl80211_set_intra_bss,
6233 .set_param = nl80211_set_param,
6234 .get_radio_name = nl80211_get_radio_name,