2 * Driver interaction with Linux nl80211/cfg80211
3 * Copyright (c) 2002-2010, Jouni Malinen <j@w1.fi>
4 * Copyright (c) 2003-2004, Instant802 Networks, Inc.
5 * Copyright (c) 2005-2006, Devicescape Software, Inc.
6 * Copyright (c) 2007, Johannes Berg <johannes@sipsolutions.net>
7 * Copyright (c) 2009-2010, Atheros Communications
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License version 2 as
11 * published by the Free Software Foundation.
13 * Alternatively, this software may be distributed under the terms of BSD
16 * See README and COPYING for more details.
20 #include <sys/ioctl.h>
21 #include <sys/types.h>
25 #include <netlink/genl/genl.h>
26 #include <netlink/genl/family.h>
27 #include <netlink/genl/ctrl.h>
28 #include <linux/rtnetlink.h>
29 #include <netpacket/packet.h>
30 #include <linux/filter.h>
31 #include "nl80211_copy.h"
35 #include "utils/list.h"
36 #include "common/ieee802_11_defs.h"
37 #include "common/ieee802_11_common.h"
38 #include "l2_packet/l2_packet.h"
40 #include "linux_ioctl.h"
42 #include "radiotap_iter.h"
47 /* libnl 2.0 compatibility code */
48 #define nl_handle nl_sock
49 #define nl80211_handle_alloc nl_socket_alloc_cb
50 #define nl80211_handle_destroy nl_socket_free
53 * libnl 1.1 has a bug, it tries to allocate socket numbers densely
54 * but when you free a socket again it will mess up its bitmap and
55 * and use the wrong number the next time it needs a socket ID.
56 * Therefore, we wrap the handle alloc/destroy and add our own pid
59 static uint32_t port_bitmap[32] = { 0 };
61 static struct nl_handle *nl80211_handle_alloc(void *cb)
63 struct nl_handle *handle;
64 uint32_t pid = getpid() & 0x3FFFFF;
67 handle = nl_handle_alloc_cb(cb);
69 for (i = 0; i < 1024; i++) {
70 if (port_bitmap[i / 32] & (1 << (i % 32)))
72 port_bitmap[i / 32] |= 1 << (i % 32);
77 nl_socket_set_local_port(handle, pid);
82 static void nl80211_handle_destroy(struct nl_handle *handle)
84 uint32_t port = nl_socket_get_local_port(handle);
87 port_bitmap[port / 32] &= ~(1 << (port % 32));
89 nl_handle_destroy(handle);
92 static inline int __genl_ctrl_alloc_cache(struct nl_handle *h,
93 struct nl_cache **cache)
95 struct nl_cache *tmp = genl_ctrl_alloc_cache(h);
101 #define genl_ctrl_alloc_cache __genl_ctrl_alloc_cache
102 #endif /* CONFIG_LIBNL20 */
105 struct nl80211_handles {
106 struct nl_handle *handle;
107 struct nl_cache *cache;
111 static int nl_create_handles(struct nl80211_handles *handles, struct nl_cb *cb,
117 handles->handle = nl80211_handle_alloc(cb);
118 if (handles->handle == NULL) {
119 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate netlink "
120 "callbacks (%s)", dbg);
124 if (genl_connect(handles->handle)) {
125 wpa_printf(MSG_ERROR, "nl80211: Failed to connect to generic "
126 "netlink (%s)", dbg);
130 if (genl_ctrl_alloc_cache(handles->handle, &handles->cache) < 0) {
131 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate generic "
132 "netlink cache (%s)", dbg);
138 nl80211_handle_destroy(handles->handle);
143 static void nl_destroy_handles(struct nl80211_handles *handles)
145 if (handles->handle == NULL)
147 nl_cache_free(handles->cache);
148 nl80211_handle_destroy(handles->handle);
149 handles->handle = NULL;
154 #define IFF_LOWER_UP 0x10000 /* driver signals L1 up */
157 #define IFF_DORMANT 0x20000 /* driver signals dormant */
160 #ifndef IF_OPER_DORMANT
161 #define IF_OPER_DORMANT 5
167 struct nl80211_global {
168 struct dl_list interfaces;
170 struct netlink_data *netlink;
172 struct nl80211_handles nl;
173 struct genl_family *nl80211;
174 int ioctl_sock; /* socket for ioctl() use */
177 static void nl80211_global_deinit(void *priv);
178 static void wpa_driver_nl80211_deinit(void *priv);
181 struct wpa_driver_nl80211_data *drv;
182 struct i802_bss *next;
184 char ifname[IFNAMSIZ + 1];
185 char brname[IFNAMSIZ];
186 unsigned int beacon_set:1;
187 unsigned int added_if_into_bridge:1;
188 unsigned int added_bridge:1;
191 struct wpa_driver_nl80211_data {
192 struct nl80211_global *global;
200 int ignore_if_down_event;
201 struct rfkill_data *rfkill;
202 struct wpa_driver_capa capa;
207 int scan_complete_events;
209 struct nl80211_handles nl_event, nl_preq;
211 u8 auth_bssid[ETH_ALEN];
216 enum nl80211_iftype nlmode;
217 enum nl80211_iftype ap_scan_as_station;
218 unsigned int assoc_freq;
222 int no_monitor_iface_capab;
223 int disable_11b_rates;
225 unsigned int pending_remain_on_chan:1;
226 unsigned int in_interface_list:1;
228 u64 remain_on_chan_cookie;
229 u64 send_action_cookie;
231 unsigned int last_mgmt_freq;
232 unsigned int ap_oper_freq;
234 struct wpa_driver_scan_filter *filter_ssids;
235 size_t num_filter_ssids;
237 struct i802_bss first_bss;
240 struct l2_packet_data *l2;
241 #endif /* CONFIG_AP */
244 int eapol_sock; /* socket for EAPOL frames */
246 int default_if_indices[16];
256 static void wpa_driver_nl80211_scan_timeout(void *eloop_ctx,
258 static int wpa_driver_nl80211_set_mode(struct i802_bss *bss,
259 enum nl80211_iftype nlmode);
261 wpa_driver_nl80211_finish_drv_init(struct wpa_driver_nl80211_data *drv);
262 static int wpa_driver_nl80211_mlme(struct wpa_driver_nl80211_data *drv,
263 const u8 *addr, int cmd, u16 reason_code,
264 int local_state_change);
265 static void nl80211_remove_monitor_interface(
266 struct wpa_driver_nl80211_data *drv);
267 static int nl80211_send_frame_cmd(struct wpa_driver_nl80211_data *drv,
268 unsigned int freq, unsigned int wait,
269 const u8 *buf, size_t buf_len, u64 *cookie,
271 static int wpa_driver_nl80211_probe_req_report(void *priv, int report);
274 static void add_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx);
275 static void del_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx);
276 static int have_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx);
277 static int wpa_driver_nl80211_if_remove(void *priv,
278 enum wpa_driver_if_type type,
281 static inline void add_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx)
285 static inline void del_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx)
289 static inline int have_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx)
295 static int i802_set_freq(void *priv, struct hostapd_freq_params *freq);
296 static int nl80211_disable_11b_rates(struct wpa_driver_nl80211_data *drv,
297 int ifindex, int disabled);
299 static int nl80211_leave_ibss(struct wpa_driver_nl80211_data *drv);
302 static int is_ap_interface(enum nl80211_iftype nlmode)
304 return (nlmode == NL80211_IFTYPE_AP ||
305 nlmode == NL80211_IFTYPE_P2P_GO);
309 static int is_sta_interface(enum nl80211_iftype nlmode)
311 return (nlmode == NL80211_IFTYPE_STATION ||
312 nlmode == NL80211_IFTYPE_P2P_CLIENT);
316 struct nl80211_bss_info_arg {
317 struct wpa_driver_nl80211_data *drv;
318 struct wpa_scan_results *res;
319 unsigned int assoc_freq;
320 u8 assoc_bssid[ETH_ALEN];
323 static int bss_info_handler(struct nl_msg *msg, void *arg);
327 static int ack_handler(struct nl_msg *msg, void *arg)
334 static int finish_handler(struct nl_msg *msg, void *arg)
341 static int error_handler(struct sockaddr_nl *nla, struct nlmsgerr *err,
350 static int no_seq_check(struct nl_msg *msg, void *arg)
356 static int send_and_recv(struct wpa_driver_nl80211_data *drv,
357 struct nl_handle *nl_handle, struct nl_msg *msg,
358 int (*valid_handler)(struct nl_msg *, void *),
364 cb = nl_cb_clone(drv->global->nl_cb);
368 err = nl_send_auto_complete(nl_handle, msg);
374 nl_cb_err(cb, NL_CB_CUSTOM, error_handler, &err);
375 nl_cb_set(cb, NL_CB_FINISH, NL_CB_CUSTOM, finish_handler, &err);
376 nl_cb_set(cb, NL_CB_ACK, NL_CB_CUSTOM, ack_handler, &err);
379 nl_cb_set(cb, NL_CB_VALID, NL_CB_CUSTOM,
380 valid_handler, valid_data);
383 nl_recvmsgs(nl_handle, cb);
391 static int send_and_recv_msgs(struct wpa_driver_nl80211_data *drv,
393 int (*valid_handler)(struct nl_msg *, void *),
396 return send_and_recv(drv, drv->global->nl.handle, msg, valid_handler,
407 static int family_handler(struct nl_msg *msg, void *arg)
409 struct family_data *res = arg;
410 struct nlattr *tb[CTRL_ATTR_MAX + 1];
411 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
412 struct nlattr *mcgrp;
415 nla_parse(tb, CTRL_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
416 genlmsg_attrlen(gnlh, 0), NULL);
417 if (!tb[CTRL_ATTR_MCAST_GROUPS])
420 nla_for_each_nested(mcgrp, tb[CTRL_ATTR_MCAST_GROUPS], i) {
421 struct nlattr *tb2[CTRL_ATTR_MCAST_GRP_MAX + 1];
422 nla_parse(tb2, CTRL_ATTR_MCAST_GRP_MAX, nla_data(mcgrp),
423 nla_len(mcgrp), NULL);
424 if (!tb2[CTRL_ATTR_MCAST_GRP_NAME] ||
425 !tb2[CTRL_ATTR_MCAST_GRP_ID] ||
426 os_strncmp(nla_data(tb2[CTRL_ATTR_MCAST_GRP_NAME]),
428 nla_len(tb2[CTRL_ATTR_MCAST_GRP_NAME])) != 0)
430 res->id = nla_get_u32(tb2[CTRL_ATTR_MCAST_GRP_ID]);
438 static int nl_get_multicast_id(struct wpa_driver_nl80211_data *drv,
439 const char *family, const char *group)
443 struct family_data res = { group, -ENOENT };
448 genlmsg_put(msg, 0, 0,
449 genl_ctrl_resolve(drv->global->nl.handle, "nlctrl"),
450 0, 0, CTRL_CMD_GETFAMILY, 0);
451 NLA_PUT_STRING(msg, CTRL_ATTR_FAMILY_NAME, family);
453 ret = send_and_recv_msgs(drv, msg, family_handler, &res);
464 static void * nl80211_cmd(struct wpa_driver_nl80211_data *drv,
465 struct nl_msg *msg, int flags, uint8_t cmd)
467 return genlmsg_put(msg, 0, 0, genl_family_get_id(drv->global->nl80211),
472 static int wpa_driver_nl80211_get_bssid(void *priv, u8 *bssid)
474 struct i802_bss *bss = priv;
475 struct wpa_driver_nl80211_data *drv = bss->drv;
476 if (!drv->associated)
478 os_memcpy(bssid, drv->bssid, ETH_ALEN);
483 static int wpa_driver_nl80211_get_ssid(void *priv, u8 *ssid)
485 struct i802_bss *bss = priv;
486 struct wpa_driver_nl80211_data *drv = bss->drv;
487 if (!drv->associated)
489 os_memcpy(ssid, drv->ssid, drv->ssid_len);
490 return drv->ssid_len;
494 static void wpa_driver_nl80211_event_link(struct wpa_driver_nl80211_data *drv,
495 char *buf, size_t len, int del)
497 union wpa_event_data event;
499 os_memset(&event, 0, sizeof(event));
500 if (len > sizeof(event.interface_status.ifname))
501 len = sizeof(event.interface_status.ifname) - 1;
502 os_memcpy(event.interface_status.ifname, buf, len);
503 event.interface_status.ievent = del ? EVENT_INTERFACE_REMOVED :
504 EVENT_INTERFACE_ADDED;
506 wpa_printf(MSG_DEBUG, "RTM_%sLINK, IFLA_IFNAME: Interface '%s' %s",
508 event.interface_status.ifname,
509 del ? "removed" : "added");
511 if (os_strcmp(drv->first_bss.ifname, event.interface_status.ifname) == 0) {
518 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_STATUS, &event);
522 static int wpa_driver_nl80211_own_ifname(struct wpa_driver_nl80211_data *drv,
525 int attrlen, rta_len;
529 attr = (struct rtattr *) buf;
531 rta_len = RTA_ALIGN(sizeof(struct rtattr));
532 while (RTA_OK(attr, attrlen)) {
533 if (attr->rta_type == IFLA_IFNAME) {
534 if (os_strcmp(((char *) attr) + rta_len, drv->first_bss.ifname)
540 attr = RTA_NEXT(attr, attrlen);
547 static int wpa_driver_nl80211_own_ifindex(struct wpa_driver_nl80211_data *drv,
548 int ifindex, u8 *buf, size_t len)
550 if (drv->ifindex == ifindex)
553 if (drv->if_removed && wpa_driver_nl80211_own_ifname(drv, buf, len)) {
554 drv->first_bss.ifindex = if_nametoindex(drv->first_bss.ifname);
555 wpa_printf(MSG_DEBUG, "nl80211: Update ifindex for a removed "
557 wpa_driver_nl80211_finish_drv_init(drv);
565 static struct wpa_driver_nl80211_data *
566 nl80211_find_drv(struct nl80211_global *global, int idx, u8 *buf, size_t len)
568 struct wpa_driver_nl80211_data *drv;
569 dl_list_for_each(drv, &global->interfaces,
570 struct wpa_driver_nl80211_data, list) {
571 if (wpa_driver_nl80211_own_ifindex(drv, idx, buf, len) ||
572 have_ifidx(drv, idx))
579 static void wpa_driver_nl80211_event_rtm_newlink(void *ctx,
580 struct ifinfomsg *ifi,
583 struct nl80211_global *global = ctx;
584 struct wpa_driver_nl80211_data *drv;
585 int attrlen, rta_len;
589 drv = nl80211_find_drv(global, ifi->ifi_index, buf, len);
591 wpa_printf(MSG_DEBUG, "nl80211: Ignore event for foreign "
592 "ifindex %d", ifi->ifi_index);
596 wpa_printf(MSG_DEBUG, "RTM_NEWLINK: operstate=%d ifi_flags=0x%x "
598 drv->operstate, ifi->ifi_flags,
599 (ifi->ifi_flags & IFF_UP) ? "[UP]" : "",
600 (ifi->ifi_flags & IFF_RUNNING) ? "[RUNNING]" : "",
601 (ifi->ifi_flags & IFF_LOWER_UP) ? "[LOWER_UP]" : "",
602 (ifi->ifi_flags & IFF_DORMANT) ? "[DORMANT]" : "");
604 if (!drv->if_disabled && !(ifi->ifi_flags & IFF_UP)) {
605 char namebuf[IFNAMSIZ];
606 if (if_indextoname(ifi->ifi_index, namebuf) &&
607 linux_iface_up(drv->global->ioctl_sock,
608 drv->first_bss.ifname) > 0) {
609 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface down "
610 "event since interface %s is up", namebuf);
613 wpa_printf(MSG_DEBUG, "nl80211: Interface down");
614 if (drv->ignore_if_down_event) {
615 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface down "
616 "event generated by mode change");
617 drv->ignore_if_down_event = 0;
619 drv->if_disabled = 1;
620 wpa_supplicant_event(drv->ctx,
621 EVENT_INTERFACE_DISABLED, NULL);
625 if (drv->if_disabled && (ifi->ifi_flags & IFF_UP)) {
626 wpa_printf(MSG_DEBUG, "nl80211: Interface up");
627 drv->if_disabled = 0;
628 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_ENABLED, NULL);
632 * Some drivers send the association event before the operup event--in
633 * this case, lifting operstate in wpa_driver_nl80211_set_operstate()
634 * fails. This will hit us when wpa_supplicant does not need to do
635 * IEEE 802.1X authentication
637 if (drv->operstate == 1 &&
638 (ifi->ifi_flags & (IFF_LOWER_UP | IFF_DORMANT)) == IFF_LOWER_UP &&
639 !(ifi->ifi_flags & IFF_RUNNING))
640 netlink_send_oper_ifla(drv->global->netlink, drv->ifindex,
644 attr = (struct rtattr *) buf;
645 rta_len = RTA_ALIGN(sizeof(struct rtattr));
646 while (RTA_OK(attr, attrlen)) {
647 if (attr->rta_type == IFLA_IFNAME) {
648 wpa_driver_nl80211_event_link(
650 ((char *) attr) + rta_len,
651 attr->rta_len - rta_len, 0);
652 } else if (attr->rta_type == IFLA_MASTER)
653 brid = nla_get_u32((struct nlattr *) attr);
654 attr = RTA_NEXT(attr, attrlen);
657 if (ifi->ifi_family == AF_BRIDGE && brid) {
658 /* device has been added to bridge */
659 char namebuf[IFNAMSIZ];
660 if_indextoname(brid, namebuf);
661 wpa_printf(MSG_DEBUG, "nl80211: Add ifindex %u for bridge %s",
663 add_ifidx(drv, brid);
668 static void wpa_driver_nl80211_event_rtm_dellink(void *ctx,
669 struct ifinfomsg *ifi,
672 struct nl80211_global *global = ctx;
673 struct wpa_driver_nl80211_data *drv;
674 int attrlen, rta_len;
678 drv = nl80211_find_drv(global, ifi->ifi_index, buf, len);
680 wpa_printf(MSG_DEBUG, "nl80211: Ignore dellink event for "
681 "foreign ifindex %d", ifi->ifi_index);
686 attr = (struct rtattr *) buf;
688 rta_len = RTA_ALIGN(sizeof(struct rtattr));
689 while (RTA_OK(attr, attrlen)) {
690 if (attr->rta_type == IFLA_IFNAME) {
691 wpa_driver_nl80211_event_link(
693 ((char *) attr) + rta_len,
694 attr->rta_len - rta_len, 1);
695 } else if (attr->rta_type == IFLA_MASTER)
696 brid = nla_get_u32((struct nlattr *) attr);
697 attr = RTA_NEXT(attr, attrlen);
700 if (ifi->ifi_family == AF_BRIDGE && brid) {
701 /* device has been removed from bridge */
702 char namebuf[IFNAMSIZ];
703 if_indextoname(brid, namebuf);
704 wpa_printf(MSG_DEBUG, "nl80211: Remove ifindex %u for bridge "
705 "%s", brid, namebuf);
706 del_ifidx(drv, brid);
711 static void mlme_event_auth(struct wpa_driver_nl80211_data *drv,
712 const u8 *frame, size_t len)
714 const struct ieee80211_mgmt *mgmt;
715 union wpa_event_data event;
717 mgmt = (const struct ieee80211_mgmt *) frame;
718 if (len < 24 + sizeof(mgmt->u.auth)) {
719 wpa_printf(MSG_DEBUG, "nl80211: Too short association event "
724 os_memcpy(drv->auth_bssid, mgmt->sa, ETH_ALEN);
725 os_memset(&event, 0, sizeof(event));
726 os_memcpy(event.auth.peer, mgmt->sa, ETH_ALEN);
727 event.auth.auth_type = le_to_host16(mgmt->u.auth.auth_alg);
728 event.auth.status_code = le_to_host16(mgmt->u.auth.status_code);
729 if (len > 24 + sizeof(mgmt->u.auth)) {
730 event.auth.ies = mgmt->u.auth.variable;
731 event.auth.ies_len = len - 24 - sizeof(mgmt->u.auth);
734 wpa_supplicant_event(drv->ctx, EVENT_AUTH, &event);
738 static unsigned int nl80211_get_assoc_freq(struct wpa_driver_nl80211_data *drv)
742 struct nl80211_bss_info_arg arg;
744 os_memset(&arg, 0, sizeof(arg));
747 goto nla_put_failure;
749 nl80211_cmd(drv, msg, NLM_F_DUMP, NL80211_CMD_GET_SCAN);
750 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
753 ret = send_and_recv_msgs(drv, msg, bss_info_handler, &arg);
756 wpa_printf(MSG_DEBUG, "nl80211: Operating frequency for the "
757 "associated BSS from scan results: %u MHz",
759 return arg.assoc_freq ? arg.assoc_freq : drv->assoc_freq;
761 wpa_printf(MSG_DEBUG, "nl80211: Scan result fetch failed: ret=%d "
762 "(%s)", ret, strerror(-ret));
765 return drv->assoc_freq;
769 static void mlme_event_assoc(struct wpa_driver_nl80211_data *drv,
770 const u8 *frame, size_t len)
772 const struct ieee80211_mgmt *mgmt;
773 union wpa_event_data event;
776 mgmt = (const struct ieee80211_mgmt *) frame;
777 if (len < 24 + sizeof(mgmt->u.assoc_resp)) {
778 wpa_printf(MSG_DEBUG, "nl80211: Too short association event "
783 status = le_to_host16(mgmt->u.assoc_resp.status_code);
784 if (status != WLAN_STATUS_SUCCESS) {
785 os_memset(&event, 0, sizeof(event));
786 event.assoc_reject.bssid = mgmt->bssid;
787 if (len > 24 + sizeof(mgmt->u.assoc_resp)) {
788 event.assoc_reject.resp_ies =
789 (u8 *) mgmt->u.assoc_resp.variable;
790 event.assoc_reject.resp_ies_len =
791 len - 24 - sizeof(mgmt->u.assoc_resp);
793 event.assoc_reject.status_code = status;
795 wpa_supplicant_event(drv->ctx, EVENT_ASSOC_REJECT, &event);
800 os_memcpy(drv->bssid, mgmt->sa, ETH_ALEN);
802 os_memset(&event, 0, sizeof(event));
803 if (len > 24 + sizeof(mgmt->u.assoc_resp)) {
804 event.assoc_info.resp_ies = (u8 *) mgmt->u.assoc_resp.variable;
805 event.assoc_info.resp_ies_len =
806 len - 24 - sizeof(mgmt->u.assoc_resp);
809 event.assoc_info.freq = drv->assoc_freq;
811 wpa_supplicant_event(drv->ctx, EVENT_ASSOC, &event);
815 static void mlme_event_connect(struct wpa_driver_nl80211_data *drv,
816 enum nl80211_commands cmd, struct nlattr *status,
817 struct nlattr *addr, struct nlattr *req_ie,
818 struct nlattr *resp_ie)
820 union wpa_event_data event;
822 if (drv->capa.flags & WPA_DRIVER_FLAGS_SME) {
824 * Avoid reporting two association events that would confuse
827 wpa_printf(MSG_DEBUG, "nl80211: Ignore connect event (cmd=%d) "
828 "when using userspace SME", cmd);
832 os_memset(&event, 0, sizeof(event));
833 if (cmd == NL80211_CMD_CONNECT &&
834 nla_get_u16(status) != WLAN_STATUS_SUCCESS) {
836 event.assoc_reject.bssid = nla_data(addr);
838 event.assoc_reject.resp_ies = nla_data(resp_ie);
839 event.assoc_reject.resp_ies_len = nla_len(resp_ie);
841 event.assoc_reject.status_code = nla_get_u16(status);
842 wpa_supplicant_event(drv->ctx, EVENT_ASSOC_REJECT, &event);
848 os_memcpy(drv->bssid, nla_data(addr), ETH_ALEN);
851 event.assoc_info.req_ies = nla_data(req_ie);
852 event.assoc_info.req_ies_len = nla_len(req_ie);
855 event.assoc_info.resp_ies = nla_data(resp_ie);
856 event.assoc_info.resp_ies_len = nla_len(resp_ie);
859 event.assoc_info.freq = nl80211_get_assoc_freq(drv);
861 wpa_supplicant_event(drv->ctx, EVENT_ASSOC, &event);
865 static void mlme_event_disconnect(struct wpa_driver_nl80211_data *drv,
866 struct nlattr *reason, struct nlattr *addr)
868 union wpa_event_data data;
870 if (drv->capa.flags & WPA_DRIVER_FLAGS_SME) {
872 * Avoid reporting two disassociation events that could
873 * confuse the core code.
875 wpa_printf(MSG_DEBUG, "nl80211: Ignore disconnect "
876 "event when using userspace SME");
881 os_memset(&data, 0, sizeof(data));
883 data.disassoc_info.reason_code = nla_get_u16(reason);
884 wpa_supplicant_event(drv->ctx, EVENT_DISASSOC, &data);
888 static void mlme_timeout_event(struct wpa_driver_nl80211_data *drv,
889 enum nl80211_commands cmd, struct nlattr *addr)
891 union wpa_event_data event;
892 enum wpa_event_type ev;
894 if (nla_len(addr) != ETH_ALEN)
897 wpa_printf(MSG_DEBUG, "nl80211: MLME event %d; timeout with " MACSTR,
898 cmd, MAC2STR((u8 *) nla_data(addr)));
900 if (cmd == NL80211_CMD_AUTHENTICATE)
901 ev = EVENT_AUTH_TIMED_OUT;
902 else if (cmd == NL80211_CMD_ASSOCIATE)
903 ev = EVENT_ASSOC_TIMED_OUT;
907 os_memset(&event, 0, sizeof(event));
908 os_memcpy(event.timeout_event.addr, nla_data(addr), ETH_ALEN);
909 wpa_supplicant_event(drv->ctx, ev, &event);
913 static void mlme_event_mgmt(struct wpa_driver_nl80211_data *drv,
914 struct nlattr *freq, const u8 *frame, size_t len)
916 const struct ieee80211_mgmt *mgmt;
917 union wpa_event_data event;
920 mgmt = (const struct ieee80211_mgmt *) frame;
922 wpa_printf(MSG_DEBUG, "nl80211: Too short action frame");
926 fc = le_to_host16(mgmt->frame_control);
927 stype = WLAN_FC_GET_STYPE(fc);
929 os_memset(&event, 0, sizeof(event));
931 event.rx_action.freq = nla_get_u32(freq);
932 drv->last_mgmt_freq = event.rx_action.freq;
934 if (stype == WLAN_FC_STYPE_ACTION) {
935 event.rx_action.da = mgmt->da;
936 event.rx_action.sa = mgmt->sa;
937 event.rx_action.bssid = mgmt->bssid;
938 event.rx_action.category = mgmt->u.action.category;
939 event.rx_action.data = &mgmt->u.action.category + 1;
940 event.rx_action.len = frame + len - event.rx_action.data;
941 wpa_supplicant_event(drv->ctx, EVENT_RX_ACTION, &event);
943 event.rx_mgmt.frame = frame;
944 event.rx_mgmt.frame_len = len;
945 wpa_supplicant_event(drv->ctx, EVENT_RX_MGMT, &event);
950 static void mlme_event_action_tx_status(struct wpa_driver_nl80211_data *drv,
951 struct nlattr *cookie, const u8 *frame,
952 size_t len, struct nlattr *ack)
954 union wpa_event_data event;
955 const struct ieee80211_hdr *hdr;
962 cookie_val = nla_get_u64(cookie);
963 wpa_printf(MSG_DEBUG, "nl80211: Action TX status: cookie=0%llx%s "
965 (long long unsigned int) cookie_val,
966 cookie_val == drv->send_action_cookie ?
967 " (match)" : " (unknown)", ack != NULL);
968 if (cookie_val != drv->send_action_cookie)
971 hdr = (const struct ieee80211_hdr *) frame;
972 fc = le_to_host16(hdr->frame_control);
974 os_memset(&event, 0, sizeof(event));
975 event.tx_status.type = WLAN_FC_GET_TYPE(fc);
976 event.tx_status.stype = WLAN_FC_GET_STYPE(fc);
977 event.tx_status.dst = hdr->addr1;
978 event.tx_status.data = frame;
979 event.tx_status.data_len = len;
980 event.tx_status.ack = ack != NULL;
981 wpa_supplicant_event(drv->ctx, EVENT_TX_STATUS, &event);
985 static void mlme_event_deauth_disassoc(struct wpa_driver_nl80211_data *drv,
986 enum wpa_event_type type,
987 const u8 *frame, size_t len)
989 const struct ieee80211_mgmt *mgmt;
990 union wpa_event_data event;
991 const u8 *bssid = NULL;
994 mgmt = (const struct ieee80211_mgmt *) frame;
998 if (drv->associated != 0 &&
999 os_memcmp(bssid, drv->bssid, ETH_ALEN) != 0 &&
1000 os_memcmp(bssid, drv->auth_bssid, ETH_ALEN) != 0) {
1002 * We have presumably received this deauth as a
1003 * response to a clear_state_mismatch() outgoing
1004 * deauth. Don't let it take us offline!
1006 wpa_printf(MSG_DEBUG, "nl80211: Deauth received "
1007 "from Unknown BSSID " MACSTR " -- ignoring",
1013 drv->associated = 0;
1014 os_memset(&event, 0, sizeof(event));
1016 /* Note: Same offset for Reason Code in both frame subtypes */
1017 if (len >= 24 + sizeof(mgmt->u.deauth))
1018 reason_code = le_to_host16(mgmt->u.deauth.reason_code);
1020 if (type == EVENT_DISASSOC) {
1021 event.disassoc_info.addr = bssid;
1022 event.disassoc_info.reason_code = reason_code;
1023 if (frame + len > mgmt->u.disassoc.variable) {
1024 event.disassoc_info.ie = mgmt->u.disassoc.variable;
1025 event.disassoc_info.ie_len = frame + len -
1026 mgmt->u.disassoc.variable;
1029 event.deauth_info.addr = bssid;
1030 event.deauth_info.reason_code = reason_code;
1031 if (frame + len > mgmt->u.deauth.variable) {
1032 event.deauth_info.ie = mgmt->u.deauth.variable;
1033 event.deauth_info.ie_len = frame + len -
1034 mgmt->u.deauth.variable;
1038 wpa_supplicant_event(drv->ctx, type, &event);
1042 static void mlme_event_unprot_disconnect(struct wpa_driver_nl80211_data *drv,
1043 enum wpa_event_type type,
1044 const u8 *frame, size_t len)
1046 const struct ieee80211_mgmt *mgmt;
1047 union wpa_event_data event;
1048 u16 reason_code = 0;
1053 mgmt = (const struct ieee80211_mgmt *) frame;
1055 os_memset(&event, 0, sizeof(event));
1056 /* Note: Same offset for Reason Code in both frame subtypes */
1057 if (len >= 24 + sizeof(mgmt->u.deauth))
1058 reason_code = le_to_host16(mgmt->u.deauth.reason_code);
1060 if (type == EVENT_UNPROT_DISASSOC) {
1061 event.unprot_disassoc.sa = mgmt->sa;
1062 event.unprot_disassoc.da = mgmt->da;
1063 event.unprot_disassoc.reason_code = reason_code;
1065 event.unprot_deauth.sa = mgmt->sa;
1066 event.unprot_deauth.da = mgmt->da;
1067 event.unprot_deauth.reason_code = reason_code;
1070 wpa_supplicant_event(drv->ctx, type, &event);
1074 static void mlme_event(struct wpa_driver_nl80211_data *drv,
1075 enum nl80211_commands cmd, struct nlattr *frame,
1076 struct nlattr *addr, struct nlattr *timed_out,
1077 struct nlattr *freq, struct nlattr *ack,
1078 struct nlattr *cookie)
1080 if (timed_out && addr) {
1081 mlme_timeout_event(drv, cmd, addr);
1085 if (frame == NULL) {
1086 wpa_printf(MSG_DEBUG, "nl80211: MLME event %d without frame "
1091 wpa_printf(MSG_DEBUG, "nl80211: MLME event %d", cmd);
1092 wpa_hexdump(MSG_MSGDUMP, "nl80211: MLME event frame",
1093 nla_data(frame), nla_len(frame));
1096 case NL80211_CMD_AUTHENTICATE:
1097 mlme_event_auth(drv, nla_data(frame), nla_len(frame));
1099 case NL80211_CMD_ASSOCIATE:
1100 mlme_event_assoc(drv, nla_data(frame), nla_len(frame));
1102 case NL80211_CMD_DEAUTHENTICATE:
1103 mlme_event_deauth_disassoc(drv, EVENT_DEAUTH,
1104 nla_data(frame), nla_len(frame));
1106 case NL80211_CMD_DISASSOCIATE:
1107 mlme_event_deauth_disassoc(drv, EVENT_DISASSOC,
1108 nla_data(frame), nla_len(frame));
1110 case NL80211_CMD_FRAME:
1111 mlme_event_mgmt(drv, freq, nla_data(frame), nla_len(frame));
1113 case NL80211_CMD_FRAME_TX_STATUS:
1114 mlme_event_action_tx_status(drv, cookie, nla_data(frame),
1115 nla_len(frame), ack);
1117 case NL80211_CMD_UNPROT_DEAUTHENTICATE:
1118 mlme_event_unprot_disconnect(drv, EVENT_UNPROT_DEAUTH,
1119 nla_data(frame), nla_len(frame));
1121 case NL80211_CMD_UNPROT_DISASSOCIATE:
1122 mlme_event_unprot_disconnect(drv, EVENT_UNPROT_DISASSOC,
1123 nla_data(frame), nla_len(frame));
1131 static void mlme_event_michael_mic_failure(struct wpa_driver_nl80211_data *drv,
1132 struct nlattr *tb[])
1134 union wpa_event_data data;
1136 wpa_printf(MSG_DEBUG, "nl80211: MLME event Michael MIC failure");
1137 os_memset(&data, 0, sizeof(data));
1138 if (tb[NL80211_ATTR_MAC]) {
1139 wpa_hexdump(MSG_DEBUG, "nl80211: Source MAC address",
1140 nla_data(tb[NL80211_ATTR_MAC]),
1141 nla_len(tb[NL80211_ATTR_MAC]));
1142 data.michael_mic_failure.src = nla_data(tb[NL80211_ATTR_MAC]);
1144 if (tb[NL80211_ATTR_KEY_SEQ]) {
1145 wpa_hexdump(MSG_DEBUG, "nl80211: TSC",
1146 nla_data(tb[NL80211_ATTR_KEY_SEQ]),
1147 nla_len(tb[NL80211_ATTR_KEY_SEQ]));
1149 if (tb[NL80211_ATTR_KEY_TYPE]) {
1150 enum nl80211_key_type key_type =
1151 nla_get_u32(tb[NL80211_ATTR_KEY_TYPE]);
1152 wpa_printf(MSG_DEBUG, "nl80211: Key Type %d", key_type);
1153 if (key_type == NL80211_KEYTYPE_PAIRWISE)
1154 data.michael_mic_failure.unicast = 1;
1156 data.michael_mic_failure.unicast = 1;
1158 if (tb[NL80211_ATTR_KEY_IDX]) {
1159 u8 key_id = nla_get_u8(tb[NL80211_ATTR_KEY_IDX]);
1160 wpa_printf(MSG_DEBUG, "nl80211: Key Id %d", key_id);
1163 wpa_supplicant_event(drv->ctx, EVENT_MICHAEL_MIC_FAILURE, &data);
1167 static void mlme_event_join_ibss(struct wpa_driver_nl80211_data *drv,
1168 struct nlattr *tb[])
1170 if (tb[NL80211_ATTR_MAC] == NULL) {
1171 wpa_printf(MSG_DEBUG, "nl80211: No address in IBSS joined "
1175 os_memcpy(drv->bssid, nla_data(tb[NL80211_ATTR_MAC]), ETH_ALEN);
1176 drv->associated = 1;
1177 wpa_printf(MSG_DEBUG, "nl80211: IBSS " MACSTR " joined",
1178 MAC2STR(drv->bssid));
1180 wpa_supplicant_event(drv->ctx, EVENT_ASSOC, NULL);
1184 static void mlme_event_remain_on_channel(struct wpa_driver_nl80211_data *drv,
1185 int cancel_event, struct nlattr *tb[])
1187 unsigned int freq, chan_type, duration;
1188 union wpa_event_data data;
1191 if (tb[NL80211_ATTR_WIPHY_FREQ])
1192 freq = nla_get_u32(tb[NL80211_ATTR_WIPHY_FREQ]);
1196 if (tb[NL80211_ATTR_WIPHY_CHANNEL_TYPE])
1197 chan_type = nla_get_u32(tb[NL80211_ATTR_WIPHY_CHANNEL_TYPE]);
1201 if (tb[NL80211_ATTR_DURATION])
1202 duration = nla_get_u32(tb[NL80211_ATTR_DURATION]);
1206 if (tb[NL80211_ATTR_COOKIE])
1207 cookie = nla_get_u64(tb[NL80211_ATTR_COOKIE]);
1211 wpa_printf(MSG_DEBUG, "nl80211: Remain-on-channel event (cancel=%d "
1212 "freq=%u channel_type=%u duration=%u cookie=0x%llx (%s))",
1213 cancel_event, freq, chan_type, duration,
1214 (long long unsigned int) cookie,
1215 cookie == drv->remain_on_chan_cookie ? "match" : "unknown");
1217 if (cookie != drv->remain_on_chan_cookie)
1218 return; /* not for us */
1221 drv->pending_remain_on_chan = 0;
1223 os_memset(&data, 0, sizeof(data));
1224 data.remain_on_channel.freq = freq;
1225 data.remain_on_channel.duration = duration;
1226 wpa_supplicant_event(drv->ctx, cancel_event ?
1227 EVENT_CANCEL_REMAIN_ON_CHANNEL :
1228 EVENT_REMAIN_ON_CHANNEL, &data);
1232 static void send_scan_event(struct wpa_driver_nl80211_data *drv, int aborted,
1233 struct nlattr *tb[])
1235 union wpa_event_data event;
1238 struct scan_info *info;
1239 #define MAX_REPORT_FREQS 50
1240 int freqs[MAX_REPORT_FREQS];
1243 os_memset(&event, 0, sizeof(event));
1244 info = &event.scan_info;
1245 info->aborted = aborted;
1247 if (tb[NL80211_ATTR_SCAN_SSIDS]) {
1248 nla_for_each_nested(nl, tb[NL80211_ATTR_SCAN_SSIDS], rem) {
1249 struct wpa_driver_scan_ssid *s =
1250 &info->ssids[info->num_ssids];
1251 s->ssid = nla_data(nl);
1252 s->ssid_len = nla_len(nl);
1254 if (info->num_ssids == WPAS_MAX_SCAN_SSIDS)
1258 if (tb[NL80211_ATTR_SCAN_FREQUENCIES]) {
1259 nla_for_each_nested(nl, tb[NL80211_ATTR_SCAN_FREQUENCIES], rem)
1261 freqs[num_freqs] = nla_get_u32(nl);
1263 if (num_freqs == MAX_REPORT_FREQS - 1)
1266 info->freqs = freqs;
1267 info->num_freqs = num_freqs;
1269 wpa_supplicant_event(drv->ctx, EVENT_SCAN_RESULTS, &event);
1273 static int get_link_signal(struct nl_msg *msg, void *arg)
1275 struct nlattr *tb[NL80211_ATTR_MAX + 1];
1276 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
1277 struct nlattr *sinfo[NL80211_STA_INFO_MAX + 1];
1278 static struct nla_policy policy[NL80211_STA_INFO_MAX + 1] = {
1279 [NL80211_STA_INFO_SIGNAL] = { .type = NLA_U8 },
1281 struct nlattr *rinfo[NL80211_RATE_INFO_MAX + 1];
1282 static struct nla_policy rate_policy[NL80211_RATE_INFO_MAX + 1] = {
1283 [NL80211_RATE_INFO_BITRATE] = { .type = NLA_U16 },
1284 [NL80211_RATE_INFO_MCS] = { .type = NLA_U8 },
1285 [NL80211_RATE_INFO_40_MHZ_WIDTH] = { .type = NLA_FLAG },
1286 [NL80211_RATE_INFO_SHORT_GI] = { .type = NLA_FLAG },
1288 struct wpa_signal_info *sig_change = arg;
1290 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
1291 genlmsg_attrlen(gnlh, 0), NULL);
1292 if (!tb[NL80211_ATTR_STA_INFO] ||
1293 nla_parse_nested(sinfo, NL80211_STA_INFO_MAX,
1294 tb[NL80211_ATTR_STA_INFO], policy))
1296 if (!sinfo[NL80211_STA_INFO_SIGNAL])
1299 sig_change->current_signal =
1300 (s8) nla_get_u8(sinfo[NL80211_STA_INFO_SIGNAL]);
1302 if (sinfo[NL80211_STA_INFO_TX_BITRATE]) {
1303 if (nla_parse_nested(rinfo, NL80211_RATE_INFO_MAX,
1304 sinfo[NL80211_STA_INFO_TX_BITRATE],
1306 sig_change->current_txrate = 0;
1308 if (rinfo[NL80211_RATE_INFO_BITRATE]) {
1309 sig_change->current_txrate =
1311 NL80211_RATE_INFO_BITRATE]) * 100;
1320 static int nl80211_get_link_signal(struct wpa_driver_nl80211_data *drv,
1321 struct wpa_signal_info *sig)
1325 sig->current_signal = -9999;
1326 sig->current_txrate = 0;
1328 msg = nlmsg_alloc();
1332 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_STATION);
1334 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
1335 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, drv->bssid);
1337 return send_and_recv_msgs(drv, msg, get_link_signal, sig);
1343 static int get_link_noise(struct nl_msg *msg, void *arg)
1345 struct nlattr *tb[NL80211_ATTR_MAX + 1];
1346 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
1347 struct nlattr *sinfo[NL80211_SURVEY_INFO_MAX + 1];
1348 static struct nla_policy survey_policy[NL80211_SURVEY_INFO_MAX + 1] = {
1349 [NL80211_SURVEY_INFO_FREQUENCY] = { .type = NLA_U32 },
1350 [NL80211_SURVEY_INFO_NOISE] = { .type = NLA_U8 },
1352 struct wpa_signal_info *sig_change = arg;
1354 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
1355 genlmsg_attrlen(gnlh, 0), NULL);
1357 if (!tb[NL80211_ATTR_SURVEY_INFO]) {
1358 wpa_printf(MSG_DEBUG, "nl80211: survey data missing!");
1362 if (nla_parse_nested(sinfo, NL80211_SURVEY_INFO_MAX,
1363 tb[NL80211_ATTR_SURVEY_INFO],
1365 wpa_printf(MSG_DEBUG, "nl80211: failed to parse nested "
1370 if (!sinfo[NL80211_SURVEY_INFO_FREQUENCY])
1373 if (nla_get_u32(sinfo[NL80211_SURVEY_INFO_FREQUENCY]) !=
1374 sig_change->frequency)
1377 if (!sinfo[NL80211_SURVEY_INFO_NOISE])
1380 sig_change->current_noise =
1381 (s8) nla_get_u8(sinfo[NL80211_SURVEY_INFO_NOISE]);
1387 static int nl80211_get_link_noise(struct wpa_driver_nl80211_data *drv,
1388 struct wpa_signal_info *sig_change)
1392 sig_change->current_noise = 9999;
1393 sig_change->frequency = drv->assoc_freq;
1395 msg = nlmsg_alloc();
1399 nl80211_cmd(drv, msg, NLM_F_DUMP, NL80211_CMD_GET_SURVEY);
1401 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
1403 return send_and_recv_msgs(drv, msg, get_link_noise, sig_change);
1409 static void nl80211_cqm_event(struct wpa_driver_nl80211_data *drv,
1410 struct nlattr *tb[])
1412 static struct nla_policy cqm_policy[NL80211_ATTR_CQM_MAX + 1] = {
1413 [NL80211_ATTR_CQM_RSSI_THOLD] = { .type = NLA_U32 },
1414 [NL80211_ATTR_CQM_RSSI_HYST] = { .type = NLA_U8 },
1415 [NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT] = { .type = NLA_U32 },
1416 [NL80211_ATTR_CQM_PKT_LOSS_EVENT] = { .type = NLA_U32 },
1418 struct nlattr *cqm[NL80211_ATTR_CQM_MAX + 1];
1419 enum nl80211_cqm_rssi_threshold_event event;
1420 union wpa_event_data ed;
1421 struct wpa_signal_info sig;
1424 if (tb[NL80211_ATTR_CQM] == NULL ||
1425 nla_parse_nested(cqm, NL80211_ATTR_CQM_MAX, tb[NL80211_ATTR_CQM],
1427 wpa_printf(MSG_DEBUG, "nl80211: Ignore invalid CQM event");
1431 os_memset(&ed, 0, sizeof(ed));
1433 if (cqm[NL80211_ATTR_CQM_PKT_LOSS_EVENT]) {
1434 if (!tb[NL80211_ATTR_MAC])
1436 os_memcpy(ed.low_ack.addr, nla_data(tb[NL80211_ATTR_MAC]),
1438 wpa_supplicant_event(drv->ctx, EVENT_STATION_LOW_ACK, &ed);
1442 if (cqm[NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT] == NULL)
1444 event = nla_get_u32(cqm[NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT]);
1446 if (event == NL80211_CQM_RSSI_THRESHOLD_EVENT_HIGH) {
1447 wpa_printf(MSG_DEBUG, "nl80211: Connection quality monitor "
1448 "event: RSSI high");
1449 ed.signal_change.above_threshold = 1;
1450 } else if (event == NL80211_CQM_RSSI_THRESHOLD_EVENT_LOW) {
1451 wpa_printf(MSG_DEBUG, "nl80211: Connection quality monitor "
1453 ed.signal_change.above_threshold = 0;
1457 res = nl80211_get_link_signal(drv, &sig);
1459 ed.signal_change.current_signal = sig.current_signal;
1460 ed.signal_change.current_txrate = sig.current_txrate;
1461 wpa_printf(MSG_DEBUG, "nl80211: Signal: %d dBm txrate: %d",
1462 sig.current_signal, sig.current_txrate);
1465 res = nl80211_get_link_noise(drv, &sig);
1467 ed.signal_change.current_noise = sig.current_noise;
1468 wpa_printf(MSG_DEBUG, "nl80211: Noise: %d dBm",
1472 wpa_supplicant_event(drv->ctx, EVENT_SIGNAL_CHANGE, &ed);
1476 static void nl80211_new_station_event(struct wpa_driver_nl80211_data *drv,
1480 union wpa_event_data data;
1482 if (tb[NL80211_ATTR_MAC] == NULL)
1484 addr = nla_data(tb[NL80211_ATTR_MAC]);
1485 wpa_printf(MSG_DEBUG, "nl80211: New station " MACSTR, MAC2STR(addr));
1487 if (is_ap_interface(drv->nlmode) && drv->no_monitor_iface_capab) {
1490 if (tb[NL80211_ATTR_IE]) {
1491 ies = nla_data(tb[NL80211_ATTR_IE]);
1492 ies_len = nla_len(tb[NL80211_ATTR_IE]);
1494 wpa_hexdump(MSG_DEBUG, "nl80211: Assoc Req IEs", ies, ies_len);
1495 drv_event_assoc(drv->ctx, addr, ies, ies_len, 0);
1499 if (drv->nlmode != NL80211_IFTYPE_ADHOC)
1502 os_memset(&data, 0, sizeof(data));
1503 os_memcpy(data.ibss_rsn_start.peer, addr, ETH_ALEN);
1504 wpa_supplicant_event(drv->ctx, EVENT_IBSS_RSN_START, &data);
1508 static void nl80211_del_station_event(struct wpa_driver_nl80211_data *drv,
1512 union wpa_event_data data;
1514 if (tb[NL80211_ATTR_MAC] == NULL)
1516 addr = nla_data(tb[NL80211_ATTR_MAC]);
1517 wpa_printf(MSG_DEBUG, "nl80211: Delete station " MACSTR,
1520 if (is_ap_interface(drv->nlmode) && drv->no_monitor_iface_capab) {
1521 drv_event_disassoc(drv->ctx, addr);
1525 if (drv->nlmode != NL80211_IFTYPE_ADHOC)
1528 os_memset(&data, 0, sizeof(data));
1529 os_memcpy(data.ibss_peer_lost.peer, addr, ETH_ALEN);
1530 wpa_supplicant_event(drv->ctx, EVENT_IBSS_PEER_LOST, &data);
1534 static void nl80211_rekey_offload_event(struct wpa_driver_nl80211_data *drv,
1537 struct nlattr *rekey_info[NUM_NL80211_REKEY_DATA];
1538 static struct nla_policy rekey_policy[NUM_NL80211_REKEY_DATA] = {
1539 [NL80211_REKEY_DATA_KEK] = {
1540 .minlen = NL80211_KEK_LEN,
1541 .maxlen = NL80211_KEK_LEN,
1543 [NL80211_REKEY_DATA_KCK] = {
1544 .minlen = NL80211_KCK_LEN,
1545 .maxlen = NL80211_KCK_LEN,
1547 [NL80211_REKEY_DATA_REPLAY_CTR] = {
1548 .minlen = NL80211_REPLAY_CTR_LEN,
1549 .maxlen = NL80211_REPLAY_CTR_LEN,
1552 union wpa_event_data data;
1554 if (!tb[NL80211_ATTR_MAC])
1556 if (!tb[NL80211_ATTR_REKEY_DATA])
1558 if (nla_parse_nested(rekey_info, MAX_NL80211_REKEY_DATA,
1559 tb[NL80211_ATTR_REKEY_DATA], rekey_policy))
1561 if (!rekey_info[NL80211_REKEY_DATA_REPLAY_CTR])
1564 os_memset(&data, 0, sizeof(data));
1565 data.driver_gtk_rekey.bssid = nla_data(tb[NL80211_ATTR_MAC]);
1566 wpa_printf(MSG_DEBUG, "nl80211: Rekey offload event for BSSID " MACSTR,
1567 MAC2STR(data.driver_gtk_rekey.bssid));
1568 data.driver_gtk_rekey.replay_ctr =
1569 nla_data(rekey_info[NL80211_REKEY_DATA_REPLAY_CTR]);
1570 wpa_hexdump(MSG_DEBUG, "nl80211: Rekey offload - Replay Counter",
1571 data.driver_gtk_rekey.replay_ctr, NL80211_REPLAY_CTR_LEN);
1572 wpa_supplicant_event(drv->ctx, EVENT_DRIVER_GTK_REKEY, &data);
1576 static void nl80211_pmksa_candidate_event(struct wpa_driver_nl80211_data *drv,
1579 struct nlattr *cand[NUM_NL80211_PMKSA_CANDIDATE];
1580 static struct nla_policy cand_policy[NUM_NL80211_PMKSA_CANDIDATE] = {
1581 [NL80211_PMKSA_CANDIDATE_INDEX] = { .type = NLA_U32 },
1582 [NL80211_PMKSA_CANDIDATE_BSSID] = {
1586 [NL80211_PMKSA_CANDIDATE_PREAUTH] = { .type = NLA_FLAG },
1588 union wpa_event_data data;
1590 if (!tb[NL80211_ATTR_PMKSA_CANDIDATE])
1592 if (nla_parse_nested(cand, MAX_NL80211_PMKSA_CANDIDATE,
1593 tb[NL80211_ATTR_PMKSA_CANDIDATE], cand_policy))
1595 if (!cand[NL80211_PMKSA_CANDIDATE_INDEX] ||
1596 !cand[NL80211_PMKSA_CANDIDATE_BSSID])
1599 os_memset(&data, 0, sizeof(data));
1600 os_memcpy(data.pmkid_candidate.bssid,
1601 nla_data(cand[NL80211_PMKSA_CANDIDATE_BSSID]), ETH_ALEN);
1602 data.pmkid_candidate.index =
1603 nla_get_u32(cand[NL80211_PMKSA_CANDIDATE_INDEX]);
1604 data.pmkid_candidate.preauth =
1605 cand[NL80211_PMKSA_CANDIDATE_PREAUTH] != NULL;
1606 wpa_supplicant_event(drv->ctx, EVENT_PMKID_CANDIDATE, &data);
1610 static int process_event(struct nl_msg *msg, void *arg)
1612 struct wpa_driver_nl80211_data *drv = arg;
1613 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
1614 struct nlattr *tb[NL80211_ATTR_MAX + 1];
1616 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
1617 genlmsg_attrlen(gnlh, 0), NULL);
1619 if (tb[NL80211_ATTR_IFINDEX]) {
1620 int ifindex = nla_get_u32(tb[NL80211_ATTR_IFINDEX]);
1621 if (ifindex != drv->ifindex && !have_ifidx(drv, ifindex)) {
1622 wpa_printf(MSG_DEBUG, "nl80211: Ignored event (cmd=%d)"
1623 " for foreign interface (ifindex %d)",
1624 gnlh->cmd, ifindex);
1629 if (drv->ap_scan_as_station != NL80211_IFTYPE_UNSPECIFIED &&
1630 (gnlh->cmd == NL80211_CMD_NEW_SCAN_RESULTS ||
1631 gnlh->cmd == NL80211_CMD_SCAN_ABORTED)) {
1632 wpa_driver_nl80211_set_mode(&drv->first_bss,
1633 drv->ap_scan_as_station);
1634 drv->ap_scan_as_station = NL80211_IFTYPE_UNSPECIFIED;
1637 switch (gnlh->cmd) {
1638 case NL80211_CMD_TRIGGER_SCAN:
1639 wpa_printf(MSG_DEBUG, "nl80211: Scan trigger");
1641 case NL80211_CMD_START_SCHED_SCAN:
1642 wpa_printf(MSG_DEBUG, "nl80211: Sched scan started");
1644 case NL80211_CMD_SCHED_SCAN_STOPPED:
1645 wpa_printf(MSG_DEBUG, "nl80211: Sched scan stopped");
1646 wpa_supplicant_event(drv->ctx, EVENT_SCHED_SCAN_STOPPED, NULL);
1648 case NL80211_CMD_NEW_SCAN_RESULTS:
1649 wpa_printf(MSG_DEBUG, "nl80211: New scan results available");
1650 drv->scan_complete_events = 1;
1651 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv,
1653 send_scan_event(drv, 0, tb);
1655 case NL80211_CMD_SCHED_SCAN_RESULTS:
1656 wpa_printf(MSG_DEBUG,
1657 "nl80211: New sched scan results available");
1658 send_scan_event(drv, 0, tb);
1660 case NL80211_CMD_SCAN_ABORTED:
1661 wpa_printf(MSG_DEBUG, "nl80211: Scan aborted");
1663 * Need to indicate that scan results are available in order
1664 * not to make wpa_supplicant stop its scanning.
1666 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv,
1668 send_scan_event(drv, 1, tb);
1670 case NL80211_CMD_AUTHENTICATE:
1671 case NL80211_CMD_ASSOCIATE:
1672 case NL80211_CMD_DEAUTHENTICATE:
1673 case NL80211_CMD_DISASSOCIATE:
1674 case NL80211_CMD_FRAME:
1675 case NL80211_CMD_FRAME_TX_STATUS:
1676 case NL80211_CMD_UNPROT_DEAUTHENTICATE:
1677 case NL80211_CMD_UNPROT_DISASSOCIATE:
1678 mlme_event(drv, gnlh->cmd, tb[NL80211_ATTR_FRAME],
1679 tb[NL80211_ATTR_MAC], tb[NL80211_ATTR_TIMED_OUT],
1680 tb[NL80211_ATTR_WIPHY_FREQ], tb[NL80211_ATTR_ACK],
1681 tb[NL80211_ATTR_COOKIE]);
1683 case NL80211_CMD_CONNECT:
1684 case NL80211_CMD_ROAM:
1685 mlme_event_connect(drv, gnlh->cmd,
1686 tb[NL80211_ATTR_STATUS_CODE],
1687 tb[NL80211_ATTR_MAC],
1688 tb[NL80211_ATTR_REQ_IE],
1689 tb[NL80211_ATTR_RESP_IE]);
1691 case NL80211_CMD_DISCONNECT:
1692 mlme_event_disconnect(drv, tb[NL80211_ATTR_REASON_CODE],
1693 tb[NL80211_ATTR_MAC]);
1695 case NL80211_CMD_MICHAEL_MIC_FAILURE:
1696 mlme_event_michael_mic_failure(drv, tb);
1698 case NL80211_CMD_JOIN_IBSS:
1699 mlme_event_join_ibss(drv, tb);
1701 case NL80211_CMD_REMAIN_ON_CHANNEL:
1702 mlme_event_remain_on_channel(drv, 0, tb);
1704 case NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL:
1705 mlme_event_remain_on_channel(drv, 1, tb);
1707 case NL80211_CMD_NOTIFY_CQM:
1708 nl80211_cqm_event(drv, tb);
1710 case NL80211_CMD_REG_CHANGE:
1711 wpa_printf(MSG_DEBUG, "nl80211: Regulatory domain change");
1712 wpa_supplicant_event(drv->ctx, EVENT_CHANNEL_LIST_CHANGED,
1715 case NL80211_CMD_REG_BEACON_HINT:
1716 wpa_printf(MSG_DEBUG, "nl80211: Regulatory beacon hint");
1717 wpa_supplicant_event(drv->ctx, EVENT_CHANNEL_LIST_CHANGED,
1720 case NL80211_CMD_NEW_STATION:
1721 nl80211_new_station_event(drv, tb);
1723 case NL80211_CMD_DEL_STATION:
1724 nl80211_del_station_event(drv, tb);
1726 case NL80211_CMD_SET_REKEY_OFFLOAD:
1727 nl80211_rekey_offload_event(drv, tb);
1729 case NL80211_CMD_PMKSA_CANDIDATE:
1730 nl80211_pmksa_candidate_event(drv, tb);
1733 wpa_printf(MSG_DEBUG, "nl80211: Ignored unknown event "
1734 "(cmd=%d)", gnlh->cmd);
1742 static void wpa_driver_nl80211_event_receive(int sock, void *eloop_ctx,
1746 struct wpa_driver_nl80211_data *drv = eloop_ctx;
1748 wpa_printf(MSG_DEBUG, "nl80211: Event message available");
1750 cb = nl_cb_clone(drv->global->nl_cb);
1753 nl_cb_set(cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM, no_seq_check, NULL);
1754 nl_cb_set(cb, NL_CB_VALID, NL_CB_CUSTOM, process_event, drv);
1755 nl_recvmsgs(handle, cb);
1761 * wpa_driver_nl80211_set_country - ask nl80211 to set the regulatory domain
1762 * @priv: driver_nl80211 private data
1763 * @alpha2_arg: country to which to switch to
1764 * Returns: 0 on success, -1 on failure
1766 * This asks nl80211 to set the regulatory domain for given
1767 * country ISO / IEC alpha2.
1769 static int wpa_driver_nl80211_set_country(void *priv, const char *alpha2_arg)
1771 struct i802_bss *bss = priv;
1772 struct wpa_driver_nl80211_data *drv = bss->drv;
1776 msg = nlmsg_alloc();
1780 alpha2[0] = alpha2_arg[0];
1781 alpha2[1] = alpha2_arg[1];
1784 nl80211_cmd(drv, msg, 0, NL80211_CMD_REQ_SET_REG);
1786 NLA_PUT_STRING(msg, NL80211_ATTR_REG_ALPHA2, alpha2);
1787 if (send_and_recv_msgs(drv, msg, NULL, NULL))
1795 struct wiphy_info_data {
1796 struct wpa_driver_capa *capa;
1798 unsigned int error:1;
1802 static int wiphy_info_handler(struct nl_msg *msg, void *arg)
1804 struct nlattr *tb[NL80211_ATTR_MAX + 1];
1805 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
1806 struct wiphy_info_data *info = arg;
1807 int p2p_go_supported = 0, p2p_client_supported = 0;
1808 int p2p_concurrent = 0;
1809 int auth_supported = 0, connect_supported = 0;
1810 struct wpa_driver_capa *capa = info->capa;
1811 static struct nla_policy
1812 iface_combination_policy[NUM_NL80211_IFACE_COMB] = {
1813 [NL80211_IFACE_COMB_LIMITS] = { .type = NLA_NESTED },
1814 [NL80211_IFACE_COMB_MAXNUM] = { .type = NLA_U32 },
1815 [NL80211_IFACE_COMB_STA_AP_BI_MATCH] = { .type = NLA_FLAG },
1816 [NL80211_IFACE_COMB_NUM_CHANNELS] = { .type = NLA_U32 },
1818 iface_limit_policy[NUM_NL80211_IFACE_LIMIT] = {
1819 [NL80211_IFACE_LIMIT_TYPES] = { .type = NLA_NESTED },
1820 [NL80211_IFACE_LIMIT_MAX] = { .type = NLA_U32 },
1823 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
1824 genlmsg_attrlen(gnlh, 0), NULL);
1826 if (tb[NL80211_ATTR_MAX_NUM_SCAN_SSIDS])
1827 capa->max_scan_ssids =
1828 nla_get_u8(tb[NL80211_ATTR_MAX_NUM_SCAN_SSIDS]);
1830 if (tb[NL80211_ATTR_MAX_NUM_SCHED_SCAN_SSIDS])
1831 capa->max_sched_scan_ssids =
1832 nla_get_u8(tb[NL80211_ATTR_MAX_NUM_SCHED_SCAN_SSIDS]);
1834 if (tb[NL80211_ATTR_MAX_MATCH_SETS])
1835 capa->max_match_sets =
1836 nla_get_u8(tb[NL80211_ATTR_MAX_MATCH_SETS]);
1838 if (tb[NL80211_ATTR_SUPPORTED_IFTYPES]) {
1839 struct nlattr *nl_mode;
1841 nla_for_each_nested(nl_mode,
1842 tb[NL80211_ATTR_SUPPORTED_IFTYPES], i) {
1843 switch (nla_type(nl_mode)) {
1844 case NL80211_IFTYPE_AP:
1845 capa->flags |= WPA_DRIVER_FLAGS_AP;
1847 case NL80211_IFTYPE_P2P_GO:
1848 p2p_go_supported = 1;
1850 case NL80211_IFTYPE_P2P_CLIENT:
1851 p2p_client_supported = 1;
1857 if (tb[NL80211_ATTR_INTERFACE_COMBINATIONS]) {
1858 struct nlattr *nl_combi;
1861 nla_for_each_nested(nl_combi,
1862 tb[NL80211_ATTR_INTERFACE_COMBINATIONS],
1864 struct nlattr *tb_comb[NUM_NL80211_IFACE_COMB];
1865 struct nlattr *tb_limit[NUM_NL80211_IFACE_LIMIT];
1866 struct nlattr *nl_limit, *nl_mode;
1867 int err, rem_limit, rem_mode;
1868 int combination_has_p2p = 0, combination_has_mgd = 0;
1870 err = nla_parse_nested(tb_comb, MAX_NL80211_IFACE_COMB,
1872 iface_combination_policy);
1873 if (err || !tb_comb[NL80211_IFACE_COMB_LIMITS] ||
1874 !tb_comb[NL80211_IFACE_COMB_MAXNUM] ||
1875 !tb_comb[NL80211_IFACE_COMB_NUM_CHANNELS])
1876 goto broken_combination;
1878 nla_for_each_nested(nl_limit,
1879 tb_comb[NL80211_IFACE_COMB_LIMITS],
1881 err = nla_parse_nested(tb_limit,
1882 MAX_NL80211_IFACE_LIMIT,
1884 iface_limit_policy);
1886 !tb_limit[NL80211_IFACE_LIMIT_TYPES])
1887 goto broken_combination;
1889 nla_for_each_nested(
1891 tb_limit[NL80211_IFACE_LIMIT_TYPES],
1893 int ift = nla_type(nl_mode);
1894 if (ift == NL80211_IFTYPE_P2P_GO ||
1895 ift == NL80211_IFTYPE_P2P_CLIENT)
1896 combination_has_p2p = 1;
1897 if (ift == NL80211_IFTYPE_STATION)
1898 combination_has_mgd = 1;
1900 if (combination_has_p2p && combination_has_mgd)
1904 if (combination_has_p2p && combination_has_mgd) {
1914 if (tb[NL80211_ATTR_SUPPORTED_COMMANDS]) {
1915 struct nlattr *nl_cmd;
1918 nla_for_each_nested(nl_cmd,
1919 tb[NL80211_ATTR_SUPPORTED_COMMANDS], i) {
1920 switch (nla_get_u32(nl_cmd)) {
1921 case NL80211_CMD_AUTHENTICATE:
1924 case NL80211_CMD_CONNECT:
1925 connect_supported = 1;
1927 case NL80211_CMD_START_SCHED_SCAN:
1928 capa->sched_scan_supported = 1;
1934 if (tb[NL80211_ATTR_OFFCHANNEL_TX_OK]) {
1935 wpa_printf(MSG_DEBUG, "nl80211: Using driver-based "
1937 capa->flags |= WPA_DRIVER_FLAGS_OFFCHANNEL_TX;
1940 if (tb[NL80211_ATTR_ROAM_SUPPORT]) {
1941 wpa_printf(MSG_DEBUG, "nl80211: Using driver-based roaming");
1942 capa->flags |= WPA_DRIVER_FLAGS_BSS_SELECTION;
1945 /* default to 5000 since early versions of mac80211 don't set it */
1946 capa->max_remain_on_chan = 5000;
1948 if (tb[NL80211_ATTR_MAX_REMAIN_ON_CHANNEL_DURATION])
1949 capa->max_remain_on_chan =
1950 nla_get_u32(tb[NL80211_ATTR_MAX_REMAIN_ON_CHANNEL_DURATION]);
1953 capa->flags |= WPA_DRIVER_FLAGS_SME;
1954 else if (!connect_supported) {
1955 wpa_printf(MSG_INFO, "nl80211: Driver does not support "
1956 "authentication/association or connect commands");
1960 if (p2p_go_supported && p2p_client_supported)
1961 capa->flags |= WPA_DRIVER_FLAGS_P2P_CAPABLE;
1962 if (p2p_concurrent) {
1963 wpa_printf(MSG_DEBUG, "nl80211: Use separate P2P group "
1964 "interface (driver advertised support)");
1965 capa->flags |= WPA_DRIVER_FLAGS_P2P_CONCURRENT;
1966 capa->flags |= WPA_DRIVER_FLAGS_P2P_MGMT_AND_NON_P2P;
1969 if (tb[NL80211_ATTR_TDLS_SUPPORT]) {
1970 wpa_printf(MSG_DEBUG, "nl80211: TDLS supported");
1971 capa->flags |= WPA_DRIVER_FLAGS_TDLS_SUPPORT;
1973 if (tb[NL80211_ATTR_TDLS_EXTERNAL_SETUP]) {
1974 wpa_printf(MSG_DEBUG, "nl80211: TDLS external setup");
1976 WPA_DRIVER_FLAGS_TDLS_EXTERNAL_SETUP;
1984 static int wpa_driver_nl80211_get_info(struct wpa_driver_nl80211_data *drv,
1985 struct wiphy_info_data *info)
1989 os_memset(info, 0, sizeof(*info));
1990 info->capa = &drv->capa;
1992 msg = nlmsg_alloc();
1996 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_WIPHY);
1998 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->first_bss.ifindex);
2000 if (send_and_recv_msgs(drv, msg, wiphy_info_handler, info) == 0)
2009 static int wpa_driver_nl80211_capa(struct wpa_driver_nl80211_data *drv)
2011 struct wiphy_info_data info;
2012 if (wpa_driver_nl80211_get_info(drv, &info))
2018 drv->has_capability = 1;
2019 /* For now, assume TKIP, CCMP, WPA, WPA2 are supported */
2020 drv->capa.key_mgmt = WPA_DRIVER_CAPA_KEY_MGMT_WPA |
2021 WPA_DRIVER_CAPA_KEY_MGMT_WPA_PSK |
2022 WPA_DRIVER_CAPA_KEY_MGMT_WPA2 |
2023 WPA_DRIVER_CAPA_KEY_MGMT_WPA2_PSK;
2024 drv->capa.enc = WPA_DRIVER_CAPA_ENC_WEP40 |
2025 WPA_DRIVER_CAPA_ENC_WEP104 |
2026 WPA_DRIVER_CAPA_ENC_TKIP |
2027 WPA_DRIVER_CAPA_ENC_CCMP;
2028 drv->capa.auth = WPA_DRIVER_AUTH_OPEN |
2029 WPA_DRIVER_AUTH_SHARED |
2030 WPA_DRIVER_AUTH_LEAP;
2032 drv->capa.flags |= WPA_DRIVER_FLAGS_SANE_ERROR_CODES;
2033 drv->capa.flags |= WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC_DONE;
2034 drv->capa.flags |= WPA_DRIVER_FLAGS_EAPOL_TX_STATUS;
2035 drv->capa.flags |= WPA_DRIVER_FLAGS_DEAUTH_TX_STATUS;
2041 static int wpa_driver_nl80211_init_nl_global(struct nl80211_global *global)
2043 global->nl_cb = nl_cb_alloc(NL_CB_DEFAULT);
2044 if (global->nl_cb == NULL) {
2045 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate netlink "
2050 if (nl_create_handles(&global->nl, global->nl_cb, "nl"))
2053 global->nl80211 = genl_ctrl_search_by_name(global->nl.cache,
2055 if (global->nl80211 == NULL) {
2056 wpa_printf(MSG_ERROR, "nl80211: 'nl80211' generic netlink not "
2065 static int wpa_driver_nl80211_init_nl(struct wpa_driver_nl80211_data *drv)
2067 struct nl80211_global *global = drv->global;
2070 /* Initialize generic netlink and nl80211 */
2072 if (nl_create_handles(&drv->nl_event, global->nl_cb, "event"))
2075 ret = nl_get_multicast_id(drv, "nl80211", "scan");
2077 ret = nl_socket_add_membership(drv->nl_event.handle, ret);
2079 wpa_printf(MSG_ERROR, "nl80211: Could not add multicast "
2080 "membership for scan events: %d (%s)",
2081 ret, strerror(-ret));
2085 ret = nl_get_multicast_id(drv, "nl80211", "mlme");
2087 ret = nl_socket_add_membership(drv->nl_event.handle, ret);
2089 wpa_printf(MSG_ERROR, "nl80211: Could not add multicast "
2090 "membership for mlme events: %d (%s)",
2091 ret, strerror(-ret));
2095 ret = nl_get_multicast_id(drv, "nl80211", "regulatory");
2097 ret = nl_socket_add_membership(drv->nl_event.handle, ret);
2099 wpa_printf(MSG_DEBUG, "nl80211: Could not add multicast "
2100 "membership for regulatory events: %d (%s)",
2101 ret, strerror(-ret));
2102 /* Continue without regulatory events */
2105 eloop_register_read_sock(nl_socket_get_fd(drv->nl_event.handle),
2106 wpa_driver_nl80211_event_receive, drv,
2107 drv->nl_event.handle);
2112 nl_destroy_handles(&drv->nl_event);
2118 static void wpa_driver_nl80211_rfkill_blocked(void *ctx)
2120 wpa_printf(MSG_DEBUG, "nl80211: RFKILL blocked");
2122 * This may be for any interface; use ifdown event to disable
2128 static void wpa_driver_nl80211_rfkill_unblocked(void *ctx)
2130 struct wpa_driver_nl80211_data *drv = ctx;
2131 wpa_printf(MSG_DEBUG, "nl80211: RFKILL unblocked");
2132 if (linux_set_iface_flags(drv->global->ioctl_sock,
2133 drv->first_bss.ifname, 1)) {
2134 wpa_printf(MSG_DEBUG, "nl80211: Could not set interface UP "
2135 "after rfkill unblock");
2138 /* rtnetlink ifup handler will report interface as enabled */
2142 static void nl80211_get_phy_name(struct wpa_driver_nl80211_data *drv)
2144 /* Find phy (radio) to which this interface belongs */
2148 drv->phyname[0] = '\0';
2149 snprintf(buf, sizeof(buf) - 1, "/sys/class/net/%s/phy80211/name",
2150 drv->first_bss.ifname);
2151 f = open(buf, O_RDONLY);
2153 wpa_printf(MSG_DEBUG, "Could not open file %s: %s",
2154 buf, strerror(errno));
2158 rv = read(f, drv->phyname, sizeof(drv->phyname) - 1);
2161 wpa_printf(MSG_DEBUG, "Could not read file %s: %s",
2162 buf, strerror(errno));
2166 drv->phyname[rv] = '\0';
2167 pos = os_strchr(drv->phyname, '\n');
2170 wpa_printf(MSG_DEBUG, "nl80211: interface %s in phy %s",
2171 drv->first_bss.ifname, drv->phyname);
2176 static void nl80211_l2_read(void *ctx, const u8 *src_addr, const u8 *buf,
2179 wpa_printf(MSG_DEBUG, "nl80211: l2_packet read %u",
2180 (unsigned int) len);
2182 #endif /* CONFIG_AP */
2186 * wpa_driver_nl80211_init - Initialize nl80211 driver interface
2187 * @ctx: context to be used when calling wpa_supplicant functions,
2188 * e.g., wpa_supplicant_event()
2189 * @ifname: interface name, e.g., wlan0
2190 * @global_priv: private driver global data from global_init()
2191 * Returns: Pointer to private data, %NULL on failure
2193 static void * wpa_driver_nl80211_init(void *ctx, const char *ifname,
2196 struct wpa_driver_nl80211_data *drv;
2197 struct rfkill_config *rcfg;
2198 struct i802_bss *bss;
2200 drv = os_zalloc(sizeof(*drv));
2203 drv->global = global_priv;
2205 bss = &drv->first_bss;
2207 os_strlcpy(bss->ifname, ifname, sizeof(bss->ifname));
2208 drv->monitor_ifidx = -1;
2209 drv->monitor_sock = -1;
2210 drv->ap_scan_as_station = NL80211_IFTYPE_UNSPECIFIED;
2212 if (wpa_driver_nl80211_init_nl(drv)) {
2217 nl80211_get_phy_name(drv);
2219 rcfg = os_zalloc(sizeof(*rcfg));
2223 os_strlcpy(rcfg->ifname, ifname, sizeof(rcfg->ifname));
2224 rcfg->blocked_cb = wpa_driver_nl80211_rfkill_blocked;
2225 rcfg->unblocked_cb = wpa_driver_nl80211_rfkill_unblocked;
2226 drv->rfkill = rfkill_init(rcfg);
2227 if (drv->rfkill == NULL) {
2228 wpa_printf(MSG_DEBUG, "nl80211: RFKILL status not available");
2232 if (wpa_driver_nl80211_finish_drv_init(drv))
2236 drv->l2 = l2_packet_init(ifname, NULL, ETH_P_EAPOL,
2237 nl80211_l2_read, drv, 0);
2238 #endif /* CONFIG_AP */
2241 dl_list_add(&drv->global->interfaces, &drv->list);
2242 drv->in_interface_list = 1;
2248 wpa_driver_nl80211_deinit(bss);
2253 static int nl80211_register_frame(struct wpa_driver_nl80211_data *drv,
2254 struct nl_handle *nl_handle,
2255 u16 type, const u8 *match, size_t match_len)
2260 msg = nlmsg_alloc();
2264 nl80211_cmd(drv, msg, 0, NL80211_CMD_REGISTER_ACTION);
2266 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
2267 NLA_PUT_U16(msg, NL80211_ATTR_FRAME_TYPE, type);
2268 NLA_PUT(msg, NL80211_ATTR_FRAME_MATCH, match_len, match);
2270 ret = send_and_recv(drv, nl_handle, msg, NULL, NULL);
2273 wpa_printf(MSG_DEBUG, "nl80211: Register frame command "
2274 "failed (type=%u): ret=%d (%s)",
2275 type, ret, strerror(-ret));
2276 wpa_hexdump(MSG_DEBUG, "nl80211: Register frame match",
2278 goto nla_put_failure;
2287 static int nl80211_register_action_frame(struct wpa_driver_nl80211_data *drv,
2288 const u8 *match, size_t match_len)
2290 u16 type = (WLAN_FC_TYPE_MGMT << 2) | (WLAN_FC_STYPE_ACTION << 4);
2291 return nl80211_register_frame(drv, drv->nl_event.handle,
2292 type, match, match_len);
2296 static int nl80211_register_action_frames(struct wpa_driver_nl80211_data *drv)
2298 #if defined(CONFIG_P2P) || defined(CONFIG_INTERWORKING)
2299 /* GAS Initial Request */
2300 if (nl80211_register_action_frame(drv, (u8 *) "\x04\x0a", 2) < 0)
2302 /* GAS Initial Response */
2303 if (nl80211_register_action_frame(drv, (u8 *) "\x04\x0b", 2) < 0)
2305 /* GAS Comeback Request */
2306 if (nl80211_register_action_frame(drv, (u8 *) "\x04\x0c", 2) < 0)
2308 /* GAS Comeback Response */
2309 if (nl80211_register_action_frame(drv, (u8 *) "\x04\x0d", 2) < 0)
2311 #endif /* CONFIG_P2P || CONFIG_INTERWORKING */
2313 /* P2P Public Action */
2314 if (nl80211_register_action_frame(drv,
2315 (u8 *) "\x04\x09\x50\x6f\x9a\x09",
2319 if (nl80211_register_action_frame(drv,
2320 (u8 *) "\x7f\x50\x6f\x9a\x09",
2323 #endif /* CONFIG_P2P */
2324 #ifdef CONFIG_IEEE80211W
2325 /* SA Query Response */
2326 if (nl80211_register_action_frame(drv, (u8 *) "\x08\x01", 2) < 0)
2328 #endif /* CONFIG_IEEE80211W */
2330 if ((drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT)) {
2331 /* TDLS Discovery Response */
2332 if (nl80211_register_action_frame(drv, (u8 *) "\x04\x0e", 2) <
2336 #endif /* CONFIG_TDLS */
2338 /* FT Action frames */
2339 if (nl80211_register_action_frame(drv, (u8 *) "\x06", 1) < 0)
2342 drv->capa.key_mgmt |= WPA_DRIVER_CAPA_KEY_MGMT_FT |
2343 WPA_DRIVER_CAPA_KEY_MGMT_FT_PSK;
2345 /* WNM - BSS Transition Management Request */
2346 if (nl80211_register_action_frame(drv, (u8 *) "\x0a\x07", 2) < 0)
2353 static void wpa_driver_nl80211_send_rfkill(void *eloop_ctx, void *timeout_ctx)
2355 wpa_supplicant_event(timeout_ctx, EVENT_INTERFACE_DISABLED, NULL);
2360 wpa_driver_nl80211_finish_drv_init(struct wpa_driver_nl80211_data *drv)
2362 struct i802_bss *bss = &drv->first_bss;
2363 int send_rfkill_event = 0;
2365 drv->ifindex = if_nametoindex(bss->ifname);
2366 drv->first_bss.ifindex = drv->ifindex;
2370 * Make sure the interface starts up in station mode unless this is a
2371 * dynamically added interface (e.g., P2P) that was already configured
2372 * with proper iftype.
2374 if ((drv->global == NULL ||
2375 drv->ifindex != drv->global->if_add_ifindex) &&
2376 wpa_driver_nl80211_set_mode(bss, NL80211_IFTYPE_STATION) < 0) {
2377 wpa_printf(MSG_ERROR, "nl80211: Could not configure driver to "
2378 "use managed mode");
2382 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 1)) {
2383 if (rfkill_is_blocked(drv->rfkill)) {
2384 wpa_printf(MSG_DEBUG, "nl80211: Could not yet enable "
2385 "interface '%s' due to rfkill",
2387 drv->if_disabled = 1;
2388 send_rfkill_event = 1;
2390 wpa_printf(MSG_ERROR, "nl80211: Could not set "
2391 "interface '%s' UP", bss->ifname);
2396 netlink_send_oper_ifla(drv->global->netlink, drv->ifindex,
2397 1, IF_OPER_DORMANT);
2398 #endif /* HOSTAPD */
2400 if (wpa_driver_nl80211_capa(drv))
2403 if (linux_get_ifhwaddr(drv->global->ioctl_sock, bss->ifname,
2407 if (nl80211_register_action_frames(drv) < 0) {
2408 wpa_printf(MSG_DEBUG, "nl80211: Failed to register Action "
2409 "frame processing - ignore for now");
2411 * Older kernel versions did not support this, so ignore the
2412 * error for now. Some functionality may not be available
2417 if (send_rfkill_event) {
2418 eloop_register_timeout(0, 0, wpa_driver_nl80211_send_rfkill,
2426 static int wpa_driver_nl80211_del_beacon(struct wpa_driver_nl80211_data *drv)
2430 msg = nlmsg_alloc();
2434 nl80211_cmd(drv, msg, 0, NL80211_CMD_DEL_BEACON);
2435 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
2437 return send_and_recv_msgs(drv, msg, NULL, NULL);
2444 * wpa_driver_nl80211_deinit - Deinitialize nl80211 driver interface
2445 * @priv: Pointer to private nl80211 data from wpa_driver_nl80211_init()
2447 * Shut down driver interface and processing of driver events. Free
2448 * private data buffer if one was allocated in wpa_driver_nl80211_init().
2450 static void wpa_driver_nl80211_deinit(void *priv)
2452 struct i802_bss *bss = priv;
2453 struct wpa_driver_nl80211_data *drv = bss->drv;
2457 l2_packet_deinit(drv->l2);
2458 #endif /* CONFIG_AP */
2460 if (drv->nl_preq.handle)
2461 wpa_driver_nl80211_probe_req_report(bss, 0);
2462 if (bss->added_if_into_bridge) {
2463 if (linux_br_del_if(drv->global->ioctl_sock, bss->brname,
2465 wpa_printf(MSG_INFO, "nl80211: Failed to remove "
2466 "interface %s from bridge %s: %s",
2467 bss->ifname, bss->brname, strerror(errno));
2469 if (bss->added_bridge) {
2470 if (linux_br_del(drv->global->ioctl_sock, bss->brname) < 0)
2471 wpa_printf(MSG_INFO, "nl80211: Failed to remove "
2473 bss->brname, strerror(errno));
2476 nl80211_remove_monitor_interface(drv);
2478 if (is_ap_interface(drv->nlmode))
2479 wpa_driver_nl80211_del_beacon(drv);
2482 if (drv->last_freq_ht) {
2483 /* Clear HT flags from the driver */
2484 struct hostapd_freq_params freq;
2485 os_memset(&freq, 0, sizeof(freq));
2486 freq.freq = drv->last_freq;
2487 i802_set_freq(priv, &freq);
2490 if (drv->eapol_sock >= 0) {
2491 eloop_unregister_read_sock(drv->eapol_sock);
2492 close(drv->eapol_sock);
2495 if (drv->if_indices != drv->default_if_indices)
2496 os_free(drv->if_indices);
2497 #endif /* HOSTAPD */
2499 if (drv->disable_11b_rates) {
2500 drv->disable_11b_rates = 0;
2501 nl80211_disable_11b_rates(drv, drv->ifindex, 0);
2504 netlink_send_oper_ifla(drv->global->netlink, drv->ifindex, 0,
2506 rfkill_deinit(drv->rfkill);
2508 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv, drv->ctx);
2510 (void) linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 0);
2511 wpa_driver_nl80211_set_mode(bss, NL80211_IFTYPE_STATION);
2513 eloop_unregister_read_sock(nl_socket_get_fd(drv->nl_event.handle));
2514 nl_destroy_handles(&drv->nl_event);
2516 os_free(drv->filter_ssids);
2518 if (drv->in_interface_list)
2519 dl_list_del(&drv->list);
2526 * wpa_driver_nl80211_scan_timeout - Scan timeout to report scan completion
2527 * @eloop_ctx: Driver private data
2528 * @timeout_ctx: ctx argument given to wpa_driver_nl80211_init()
2530 * This function can be used as registered timeout when starting a scan to
2531 * generate a scan completed event if the driver does not report this.
2533 static void wpa_driver_nl80211_scan_timeout(void *eloop_ctx, void *timeout_ctx)
2535 struct wpa_driver_nl80211_data *drv = eloop_ctx;
2536 if (drv->ap_scan_as_station != NL80211_IFTYPE_UNSPECIFIED) {
2537 wpa_driver_nl80211_set_mode(&drv->first_bss,
2538 drv->ap_scan_as_station);
2539 drv->ap_scan_as_station = NL80211_IFTYPE_UNSPECIFIED;
2541 wpa_printf(MSG_DEBUG, "Scan timeout - try to get results");
2542 wpa_supplicant_event(timeout_ctx, EVENT_SCAN_RESULTS, NULL);
2547 * wpa_driver_nl80211_scan - Request the driver to initiate scan
2548 * @priv: Pointer to private driver data from wpa_driver_nl80211_init()
2549 * @params: Scan parameters
2550 * Returns: 0 on success, -1 on failure
2552 static int wpa_driver_nl80211_scan(void *priv,
2553 struct wpa_driver_scan_params *params)
2555 struct i802_bss *bss = priv;
2556 struct wpa_driver_nl80211_data *drv = bss->drv;
2557 int ret = 0, timeout;
2558 struct nl_msg *msg, *ssids, *freqs, *rates;
2561 msg = nlmsg_alloc();
2562 ssids = nlmsg_alloc();
2563 freqs = nlmsg_alloc();
2564 rates = nlmsg_alloc();
2565 if (!msg || !ssids || !freqs || !rates) {
2573 os_free(drv->filter_ssids);
2574 drv->filter_ssids = params->filter_ssids;
2575 params->filter_ssids = NULL;
2576 drv->num_filter_ssids = params->num_filter_ssids;
2578 nl80211_cmd(drv, msg, 0, NL80211_CMD_TRIGGER_SCAN);
2580 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
2582 for (i = 0; i < params->num_ssids; i++) {
2583 wpa_hexdump_ascii(MSG_MSGDUMP, "nl80211: Scan SSID",
2584 params->ssids[i].ssid,
2585 params->ssids[i].ssid_len);
2586 NLA_PUT(ssids, i + 1, params->ssids[i].ssid_len,
2587 params->ssids[i].ssid);
2589 if (params->num_ssids)
2590 nla_put_nested(msg, NL80211_ATTR_SCAN_SSIDS, ssids);
2592 if (params->extra_ies) {
2593 wpa_hexdump_ascii(MSG_MSGDUMP, "nl80211: Scan extra IEs",
2594 params->extra_ies, params->extra_ies_len);
2595 NLA_PUT(msg, NL80211_ATTR_IE, params->extra_ies_len,
2599 if (params->freqs) {
2600 for (i = 0; params->freqs[i]; i++) {
2601 wpa_printf(MSG_MSGDUMP, "nl80211: Scan frequency %u "
2602 "MHz", params->freqs[i]);
2603 NLA_PUT_U32(freqs, i + 1, params->freqs[i]);
2605 nla_put_nested(msg, NL80211_ATTR_SCAN_FREQUENCIES, freqs);
2608 if (params->p2p_probe) {
2610 * Remove 2.4 GHz rates 1, 2, 5.5, 11 Mbps from supported rates
2611 * by masking out everything else apart from the OFDM rates 6,
2612 * 9, 12, 18, 24, 36, 48, 54 Mbps from non-MCS rates. All 5 GHz
2613 * rates are left enabled.
2615 NLA_PUT(rates, NL80211_BAND_2GHZ, 8,
2616 "\x0c\x12\x18\x24\x30\x48\x60\x6c");
2617 nla_put_nested(msg, NL80211_ATTR_SCAN_SUPP_RATES, rates);
2619 NLA_PUT_FLAG(msg, NL80211_ATTR_TX_NO_CCK_RATE);
2622 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
2625 wpa_printf(MSG_DEBUG, "nl80211: Scan trigger failed: ret=%d "
2626 "(%s)", ret, strerror(-ret));
2628 if (is_ap_interface(drv->nlmode)) {
2630 * mac80211 does not allow scan requests in AP mode, so
2631 * try to do this in station mode.
2633 if (wpa_driver_nl80211_set_mode(
2634 bss, NL80211_IFTYPE_STATION))
2635 goto nla_put_failure;
2637 if (wpa_driver_nl80211_scan(drv, params)) {
2638 wpa_driver_nl80211_set_mode(bss, drv->nlmode);
2639 goto nla_put_failure;
2642 /* Restore AP mode when processing scan results */
2643 drv->ap_scan_as_station = drv->nlmode;
2646 goto nla_put_failure;
2648 goto nla_put_failure;
2649 #endif /* HOSTAPD */
2652 /* Not all drivers generate "scan completed" wireless event, so try to
2653 * read results after a timeout. */
2655 if (drv->scan_complete_events) {
2657 * The driver seems to deliver events to notify when scan is
2658 * complete, so use longer timeout to avoid race conditions
2659 * with scanning and following association request.
2663 wpa_printf(MSG_DEBUG, "Scan requested (ret=%d) - scan timeout %d "
2664 "seconds", ret, timeout);
2665 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv, drv->ctx);
2666 eloop_register_timeout(timeout, 0, wpa_driver_nl80211_scan_timeout,
2679 * wpa_driver_nl80211_sched_scan - Initiate a scheduled scan
2680 * @priv: Pointer to private driver data from wpa_driver_nl80211_init()
2681 * @params: Scan parameters
2682 * @interval: Interval between scan cycles in milliseconds
2683 * Returns: 0 on success, -1 on failure or if not supported
2685 static int wpa_driver_nl80211_sched_scan(void *priv,
2686 struct wpa_driver_scan_params *params,
2689 struct i802_bss *bss = priv;
2690 struct wpa_driver_nl80211_data *drv = bss->drv;
2692 struct nl_msg *msg, *ssids, *freqs, *match_set_ssid, *match_sets;
2695 msg = nlmsg_alloc();
2696 ssids = nlmsg_alloc();
2697 freqs = nlmsg_alloc();
2698 if (!msg || !ssids || !freqs) {
2705 os_free(drv->filter_ssids);
2706 drv->filter_ssids = params->filter_ssids;
2707 params->filter_ssids = NULL;
2708 drv->num_filter_ssids = params->num_filter_ssids;
2710 nl80211_cmd(drv, msg, 0, NL80211_CMD_START_SCHED_SCAN);
2712 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
2714 NLA_PUT_U32(msg, NL80211_ATTR_SCHED_SCAN_INTERVAL, interval);
2716 if (drv->num_filter_ssids) {
2717 match_sets = nlmsg_alloc();
2719 for (i = 0; i < drv->num_filter_ssids; i++) {
2720 wpa_hexdump_ascii(MSG_MSGDUMP,
2721 "nl80211: Sched scan filter SSID",
2722 drv->filter_ssids[i].ssid,
2723 drv->filter_ssids[i].ssid_len);
2725 match_set_ssid = nlmsg_alloc();
2726 nla_put(match_set_ssid,
2727 NL80211_ATTR_SCHED_SCAN_MATCH_SSID,
2728 drv->filter_ssids[i].ssid_len,
2729 drv->filter_ssids[i].ssid);
2731 nla_put_nested(match_sets, i + 1, match_set_ssid);
2733 nlmsg_free(match_set_ssid);
2736 nla_put_nested(msg, NL80211_ATTR_SCHED_SCAN_MATCH,
2738 nlmsg_free(match_sets);
2741 for (i = 0; i < params->num_ssids; i++) {
2742 wpa_hexdump_ascii(MSG_MSGDUMP, "nl80211: Sched scan SSID",
2743 params->ssids[i].ssid,
2744 params->ssids[i].ssid_len);
2745 NLA_PUT(ssids, i + 1, params->ssids[i].ssid_len,
2746 params->ssids[i].ssid);
2748 if (params->num_ssids)
2749 nla_put_nested(msg, NL80211_ATTR_SCAN_SSIDS, ssids);
2751 if (params->extra_ies) {
2752 wpa_hexdump_ascii(MSG_MSGDUMP, "nl80211: Sched scan extra IEs",
2753 params->extra_ies, params->extra_ies_len);
2754 NLA_PUT(msg, NL80211_ATTR_IE, params->extra_ies_len,
2758 if (params->freqs) {
2759 for (i = 0; params->freqs[i]; i++) {
2760 wpa_printf(MSG_MSGDUMP, "nl80211: Scan frequency %u "
2761 "MHz", params->freqs[i]);
2762 NLA_PUT_U32(freqs, i + 1, params->freqs[i]);
2764 nla_put_nested(msg, NL80211_ATTR_SCAN_FREQUENCIES, freqs);
2767 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
2769 /* TODO: if we get an error here, we should fall back to normal scan */
2773 wpa_printf(MSG_DEBUG, "nl80211: Sched scan start failed: "
2774 "ret=%d (%s)", ret, strerror(-ret));
2775 goto nla_put_failure;
2778 wpa_printf(MSG_DEBUG, "nl80211: Sched scan requested (ret=%d) - "
2779 "scan interval %d msec", ret, interval);
2790 * wpa_driver_nl80211_stop_sched_scan - Stop a scheduled scan
2791 * @priv: Pointer to private driver data from wpa_driver_nl80211_init()
2792 * Returns: 0 on success, -1 on failure or if not supported
2794 static int wpa_driver_nl80211_stop_sched_scan(void *priv)
2796 struct i802_bss *bss = priv;
2797 struct wpa_driver_nl80211_data *drv = bss->drv;
2801 msg = nlmsg_alloc();
2805 nl80211_cmd(drv, msg, 0, NL80211_CMD_STOP_SCHED_SCAN);
2807 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
2809 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
2812 wpa_printf(MSG_DEBUG, "nl80211: Sched scan stop failed: "
2813 "ret=%d (%s)", ret, strerror(-ret));
2814 goto nla_put_failure;
2817 wpa_printf(MSG_DEBUG, "nl80211: Sched scan stop sent (ret=%d)", ret);
2825 static const u8 * nl80211_get_ie(const u8 *ies, size_t ies_len, u8 ie)
2827 const u8 *end, *pos;
2833 end = ies + ies_len;
2835 while (pos + 1 < end) {
2836 if (pos + 2 + pos[1] > end)
2847 static int nl80211_scan_filtered(struct wpa_driver_nl80211_data *drv,
2848 const u8 *ie, size_t ie_len)
2853 if (drv->filter_ssids == NULL)
2856 ssid = nl80211_get_ie(ie, ie_len, WLAN_EID_SSID);
2860 for (i = 0; i < drv->num_filter_ssids; i++) {
2861 if (ssid[1] == drv->filter_ssids[i].ssid_len &&
2862 os_memcmp(ssid + 2, drv->filter_ssids[i].ssid, ssid[1]) ==
2871 static int bss_info_handler(struct nl_msg *msg, void *arg)
2873 struct nlattr *tb[NL80211_ATTR_MAX + 1];
2874 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
2875 struct nlattr *bss[NL80211_BSS_MAX + 1];
2876 static struct nla_policy bss_policy[NL80211_BSS_MAX + 1] = {
2877 [NL80211_BSS_BSSID] = { .type = NLA_UNSPEC },
2878 [NL80211_BSS_FREQUENCY] = { .type = NLA_U32 },
2879 [NL80211_BSS_TSF] = { .type = NLA_U64 },
2880 [NL80211_BSS_BEACON_INTERVAL] = { .type = NLA_U16 },
2881 [NL80211_BSS_CAPABILITY] = { .type = NLA_U16 },
2882 [NL80211_BSS_INFORMATION_ELEMENTS] = { .type = NLA_UNSPEC },
2883 [NL80211_BSS_SIGNAL_MBM] = { .type = NLA_U32 },
2884 [NL80211_BSS_SIGNAL_UNSPEC] = { .type = NLA_U8 },
2885 [NL80211_BSS_STATUS] = { .type = NLA_U32 },
2886 [NL80211_BSS_SEEN_MS_AGO] = { .type = NLA_U32 },
2887 [NL80211_BSS_BEACON_IES] = { .type = NLA_UNSPEC },
2889 struct nl80211_bss_info_arg *_arg = arg;
2890 struct wpa_scan_results *res = _arg->res;
2891 struct wpa_scan_res **tmp;
2892 struct wpa_scan_res *r;
2893 const u8 *ie, *beacon_ie;
2894 size_t ie_len, beacon_ie_len;
2898 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
2899 genlmsg_attrlen(gnlh, 0), NULL);
2900 if (!tb[NL80211_ATTR_BSS])
2902 if (nla_parse_nested(bss, NL80211_BSS_MAX, tb[NL80211_ATTR_BSS],
2905 if (bss[NL80211_BSS_STATUS]) {
2906 enum nl80211_bss_status status;
2907 status = nla_get_u32(bss[NL80211_BSS_STATUS]);
2908 if (status == NL80211_BSS_STATUS_ASSOCIATED &&
2909 bss[NL80211_BSS_FREQUENCY]) {
2911 nla_get_u32(bss[NL80211_BSS_FREQUENCY]);
2912 wpa_printf(MSG_DEBUG, "nl80211: Associated on %u MHz",
2915 if (status == NL80211_BSS_STATUS_ASSOCIATED &&
2916 bss[NL80211_BSS_BSSID]) {
2917 os_memcpy(_arg->assoc_bssid,
2918 nla_data(bss[NL80211_BSS_BSSID]), ETH_ALEN);
2919 wpa_printf(MSG_DEBUG, "nl80211: Associated with "
2920 MACSTR, MAC2STR(_arg->assoc_bssid));
2925 if (bss[NL80211_BSS_INFORMATION_ELEMENTS]) {
2926 ie = nla_data(bss[NL80211_BSS_INFORMATION_ELEMENTS]);
2927 ie_len = nla_len(bss[NL80211_BSS_INFORMATION_ELEMENTS]);
2932 if (bss[NL80211_BSS_BEACON_IES]) {
2933 beacon_ie = nla_data(bss[NL80211_BSS_BEACON_IES]);
2934 beacon_ie_len = nla_len(bss[NL80211_BSS_BEACON_IES]);
2940 if (nl80211_scan_filtered(_arg->drv, ie ? ie : beacon_ie,
2941 ie ? ie_len : beacon_ie_len))
2944 r = os_zalloc(sizeof(*r) + ie_len + beacon_ie_len);
2947 if (bss[NL80211_BSS_BSSID])
2948 os_memcpy(r->bssid, nla_data(bss[NL80211_BSS_BSSID]),
2950 if (bss[NL80211_BSS_FREQUENCY])
2951 r->freq = nla_get_u32(bss[NL80211_BSS_FREQUENCY]);
2952 if (bss[NL80211_BSS_BEACON_INTERVAL])
2953 r->beacon_int = nla_get_u16(bss[NL80211_BSS_BEACON_INTERVAL]);
2954 if (bss[NL80211_BSS_CAPABILITY])
2955 r->caps = nla_get_u16(bss[NL80211_BSS_CAPABILITY]);
2956 r->flags |= WPA_SCAN_NOISE_INVALID;
2957 if (bss[NL80211_BSS_SIGNAL_MBM]) {
2958 r->level = nla_get_u32(bss[NL80211_BSS_SIGNAL_MBM]);
2959 r->level /= 100; /* mBm to dBm */
2960 r->flags |= WPA_SCAN_LEVEL_DBM | WPA_SCAN_QUAL_INVALID;
2961 } else if (bss[NL80211_BSS_SIGNAL_UNSPEC]) {
2962 r->level = nla_get_u8(bss[NL80211_BSS_SIGNAL_UNSPEC]);
2963 r->flags |= WPA_SCAN_LEVEL_INVALID;
2965 r->flags |= WPA_SCAN_LEVEL_INVALID | WPA_SCAN_QUAL_INVALID;
2966 if (bss[NL80211_BSS_TSF])
2967 r->tsf = nla_get_u64(bss[NL80211_BSS_TSF]);
2968 if (bss[NL80211_BSS_SEEN_MS_AGO])
2969 r->age = nla_get_u32(bss[NL80211_BSS_SEEN_MS_AGO]);
2971 pos = (u8 *) (r + 1);
2973 os_memcpy(pos, ie, ie_len);
2976 r->beacon_ie_len = beacon_ie_len;
2978 os_memcpy(pos, beacon_ie, beacon_ie_len);
2980 if (bss[NL80211_BSS_STATUS]) {
2981 enum nl80211_bss_status status;
2982 status = nla_get_u32(bss[NL80211_BSS_STATUS]);
2984 case NL80211_BSS_STATUS_AUTHENTICATED:
2985 r->flags |= WPA_SCAN_AUTHENTICATED;
2987 case NL80211_BSS_STATUS_ASSOCIATED:
2988 r->flags |= WPA_SCAN_ASSOCIATED;
2996 * cfg80211 maintains separate BSS table entries for APs if the same
2997 * BSSID,SSID pair is seen on multiple channels. wpa_supplicant does
2998 * not use frequency as a separate key in the BSS table, so filter out
2999 * duplicated entries. Prefer associated BSS entry in such a case in
3000 * order to get the correct frequency into the BSS table.
3002 for (i = 0; i < res->num; i++) {
3004 if (os_memcmp(res->res[i]->bssid, r->bssid, ETH_ALEN) != 0)
3007 s1 = nl80211_get_ie((u8 *) (res->res[i] + 1),
3008 res->res[i]->ie_len, WLAN_EID_SSID);
3009 s2 = nl80211_get_ie((u8 *) (r + 1), r->ie_len, WLAN_EID_SSID);
3010 if (s1 == NULL || s2 == NULL || s1[1] != s2[1] ||
3011 os_memcmp(s1, s2, 2 + s1[1]) != 0)
3014 /* Same BSSID,SSID was already included in scan results */
3015 wpa_printf(MSG_DEBUG, "nl80211: Remove duplicated scan result "
3016 "for " MACSTR, MAC2STR(r->bssid));
3018 if ((r->flags & WPA_SCAN_ASSOCIATED) &&
3019 !(res->res[i]->flags & WPA_SCAN_ASSOCIATED)) {
3020 os_free(res->res[i]);
3027 tmp = os_realloc(res->res,
3028 (res->num + 1) * sizeof(struct wpa_scan_res *));
3033 tmp[res->num++] = r;
3040 static void clear_state_mismatch(struct wpa_driver_nl80211_data *drv,
3043 if (drv->capa.flags & WPA_DRIVER_FLAGS_SME) {
3044 wpa_printf(MSG_DEBUG, "nl80211: Clear possible state "
3045 "mismatch (" MACSTR ")", MAC2STR(addr));
3046 wpa_driver_nl80211_mlme(drv, addr,
3047 NL80211_CMD_DEAUTHENTICATE,
3048 WLAN_REASON_PREV_AUTH_NOT_VALID, 1);
3053 static void wpa_driver_nl80211_check_bss_status(
3054 struct wpa_driver_nl80211_data *drv, struct wpa_scan_results *res)
3058 for (i = 0; i < res->num; i++) {
3059 struct wpa_scan_res *r = res->res[i];
3060 if (r->flags & WPA_SCAN_AUTHENTICATED) {
3061 wpa_printf(MSG_DEBUG, "nl80211: Scan results "
3062 "indicates BSS status with " MACSTR
3063 " as authenticated",
3065 if (is_sta_interface(drv->nlmode) &&
3066 os_memcmp(r->bssid, drv->bssid, ETH_ALEN) != 0 &&
3067 os_memcmp(r->bssid, drv->auth_bssid, ETH_ALEN) !=
3069 wpa_printf(MSG_DEBUG, "nl80211: Unknown BSSID"
3070 " in local state (auth=" MACSTR
3071 " assoc=" MACSTR ")",
3072 MAC2STR(drv->auth_bssid),
3073 MAC2STR(drv->bssid));
3074 clear_state_mismatch(drv, r->bssid);
3078 if (r->flags & WPA_SCAN_ASSOCIATED) {
3079 wpa_printf(MSG_DEBUG, "nl80211: Scan results "
3080 "indicate BSS status with " MACSTR
3083 if (is_sta_interface(drv->nlmode) &&
3085 wpa_printf(MSG_DEBUG, "nl80211: Local state "
3086 "(not associated) does not match "
3088 clear_state_mismatch(drv, r->bssid);
3089 } else if (is_sta_interface(drv->nlmode) &&
3090 os_memcmp(drv->bssid, r->bssid, ETH_ALEN) !=
3092 wpa_printf(MSG_DEBUG, "nl80211: Local state "
3093 "(associated with " MACSTR ") does "
3094 "not match with BSS state",
3095 MAC2STR(drv->bssid));
3096 clear_state_mismatch(drv, r->bssid);
3097 clear_state_mismatch(drv, drv->bssid);
3104 static struct wpa_scan_results *
3105 nl80211_get_scan_results(struct wpa_driver_nl80211_data *drv)
3108 struct wpa_scan_results *res;
3110 struct nl80211_bss_info_arg arg;
3112 res = os_zalloc(sizeof(*res));
3115 msg = nlmsg_alloc();
3117 goto nla_put_failure;
3119 nl80211_cmd(drv, msg, NLM_F_DUMP, NL80211_CMD_GET_SCAN);
3120 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
3124 ret = send_and_recv_msgs(drv, msg, bss_info_handler, &arg);
3127 wpa_printf(MSG_DEBUG, "Received scan results (%lu BSSes)",
3128 (unsigned long) res->num);
3131 wpa_printf(MSG_DEBUG, "nl80211: Scan result fetch failed: ret=%d "
3132 "(%s)", ret, strerror(-ret));
3135 wpa_scan_results_free(res);
3141 * wpa_driver_nl80211_get_scan_results - Fetch the latest scan results
3142 * @priv: Pointer to private wext data from wpa_driver_nl80211_init()
3143 * Returns: Scan results on success, -1 on failure
3145 static struct wpa_scan_results *
3146 wpa_driver_nl80211_get_scan_results(void *priv)
3148 struct i802_bss *bss = priv;
3149 struct wpa_driver_nl80211_data *drv = bss->drv;
3150 struct wpa_scan_results *res;
3152 res = nl80211_get_scan_results(drv);
3154 wpa_driver_nl80211_check_bss_status(drv, res);
3159 static void nl80211_dump_scan(struct wpa_driver_nl80211_data *drv)
3161 struct wpa_scan_results *res;
3164 res = nl80211_get_scan_results(drv);
3166 wpa_printf(MSG_DEBUG, "nl80211: Failed to get scan results");
3170 wpa_printf(MSG_DEBUG, "nl80211: Scan result dump");
3171 for (i = 0; i < res->num; i++) {
3172 struct wpa_scan_res *r = res->res[i];
3173 wpa_printf(MSG_DEBUG, "nl80211: %d/%d " MACSTR "%s%s",
3174 (int) i, (int) res->num, MAC2STR(r->bssid),
3175 r->flags & WPA_SCAN_AUTHENTICATED ? " [auth]" : "",
3176 r->flags & WPA_SCAN_ASSOCIATED ? " [assoc]" : "");
3179 wpa_scan_results_free(res);
3183 static int wpa_driver_nl80211_set_key(const char *ifname, void *priv,
3184 enum wpa_alg alg, const u8 *addr,
3185 int key_idx, int set_tx,
3186 const u8 *seq, size_t seq_len,
3187 const u8 *key, size_t key_len)
3189 struct i802_bss *bss = priv;
3190 struct wpa_driver_nl80211_data *drv = bss->drv;
3191 int ifindex = if_nametoindex(ifname);
3195 wpa_printf(MSG_DEBUG, "%s: ifindex=%d alg=%d addr=%p key_idx=%d "
3196 "set_tx=%d seq_len=%lu key_len=%lu",
3197 __func__, ifindex, alg, addr, key_idx, set_tx,
3198 (unsigned long) seq_len, (unsigned long) key_len);
3202 #endif /* CONFIG_TDLS */
3204 msg = nlmsg_alloc();
3208 if (alg == WPA_ALG_NONE) {
3209 nl80211_cmd(drv, msg, 0, NL80211_CMD_DEL_KEY);
3211 nl80211_cmd(drv, msg, 0, NL80211_CMD_NEW_KEY);
3212 NLA_PUT(msg, NL80211_ATTR_KEY_DATA, key_len, key);
3216 NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
3217 WLAN_CIPHER_SUITE_WEP40);
3219 NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
3220 WLAN_CIPHER_SUITE_WEP104);
3223 NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
3224 WLAN_CIPHER_SUITE_TKIP);
3227 NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
3228 WLAN_CIPHER_SUITE_CCMP);
3231 NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
3232 WLAN_CIPHER_SUITE_AES_CMAC);
3235 wpa_printf(MSG_ERROR, "%s: Unsupported encryption "
3236 "algorithm %d", __func__, alg);
3243 NLA_PUT(msg, NL80211_ATTR_KEY_SEQ, seq_len, seq);
3245 if (addr && !is_broadcast_ether_addr(addr)) {
3246 wpa_printf(MSG_DEBUG, " addr=" MACSTR, MAC2STR(addr));
3247 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
3249 if (alg != WPA_ALG_WEP && key_idx && !set_tx) {
3250 wpa_printf(MSG_DEBUG, " RSN IBSS RX GTK");
3251 NLA_PUT_U32(msg, NL80211_ATTR_KEY_TYPE,
3252 NL80211_KEYTYPE_GROUP);
3254 } else if (addr && is_broadcast_ether_addr(addr)) {
3255 struct nl_msg *types;
3257 wpa_printf(MSG_DEBUG, " broadcast key");
3258 types = nlmsg_alloc();
3260 goto nla_put_failure;
3261 NLA_PUT_FLAG(types, NL80211_KEY_DEFAULT_TYPE_MULTICAST);
3262 err = nla_put_nested(msg, NL80211_ATTR_KEY_DEFAULT_TYPES,
3266 goto nla_put_failure;
3268 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, key_idx);
3269 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifindex);
3271 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
3272 if ((ret == -ENOENT || ret == -ENOLINK) && alg == WPA_ALG_NONE)
3275 wpa_printf(MSG_DEBUG, "nl80211: set_key failed; err=%d %s)",
3276 ret, strerror(-ret));
3279 * If we failed or don't need to set the default TX key (below),
3282 if (ret || !set_tx || alg == WPA_ALG_NONE)
3284 if (is_ap_interface(drv->nlmode) && addr &&
3285 !is_broadcast_ether_addr(addr))
3288 msg = nlmsg_alloc();
3292 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_KEY);
3293 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, key_idx);
3294 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifindex);
3295 if (alg == WPA_ALG_IGTK)
3296 NLA_PUT_FLAG(msg, NL80211_ATTR_KEY_DEFAULT_MGMT);
3298 NLA_PUT_FLAG(msg, NL80211_ATTR_KEY_DEFAULT);
3299 if (addr && is_broadcast_ether_addr(addr)) {
3300 struct nl_msg *types;
3302 types = nlmsg_alloc();
3304 goto nla_put_failure;
3305 NLA_PUT_FLAG(types, NL80211_KEY_DEFAULT_TYPE_MULTICAST);
3306 err = nla_put_nested(msg, NL80211_ATTR_KEY_DEFAULT_TYPES,
3310 goto nla_put_failure;
3312 struct nl_msg *types;
3314 types = nlmsg_alloc();
3316 goto nla_put_failure;
3317 NLA_PUT_FLAG(types, NL80211_KEY_DEFAULT_TYPE_UNICAST);
3318 err = nla_put_nested(msg, NL80211_ATTR_KEY_DEFAULT_TYPES,
3322 goto nla_put_failure;
3325 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
3329 wpa_printf(MSG_DEBUG, "nl80211: set_key default failed; "
3330 "err=%d %s)", ret, strerror(-ret));
3338 static int nl_add_key(struct nl_msg *msg, enum wpa_alg alg,
3339 int key_idx, int defkey,
3340 const u8 *seq, size_t seq_len,
3341 const u8 *key, size_t key_len)
3343 struct nlattr *key_attr = nla_nest_start(msg, NL80211_ATTR_KEY);
3347 if (defkey && alg == WPA_ALG_IGTK)
3348 NLA_PUT_FLAG(msg, NL80211_KEY_DEFAULT_MGMT);
3350 NLA_PUT_FLAG(msg, NL80211_KEY_DEFAULT);
3352 NLA_PUT_U8(msg, NL80211_KEY_IDX, key_idx);
3357 NLA_PUT_U32(msg, NL80211_KEY_CIPHER,
3358 WLAN_CIPHER_SUITE_WEP40);
3360 NLA_PUT_U32(msg, NL80211_KEY_CIPHER,
3361 WLAN_CIPHER_SUITE_WEP104);
3364 NLA_PUT_U32(msg, NL80211_KEY_CIPHER, WLAN_CIPHER_SUITE_TKIP);
3367 NLA_PUT_U32(msg, NL80211_KEY_CIPHER, WLAN_CIPHER_SUITE_CCMP);
3370 NLA_PUT_U32(msg, NL80211_KEY_CIPHER,
3371 WLAN_CIPHER_SUITE_AES_CMAC);
3374 wpa_printf(MSG_ERROR, "%s: Unsupported encryption "
3375 "algorithm %d", __func__, alg);
3380 NLA_PUT(msg, NL80211_KEY_SEQ, seq_len, seq);
3382 NLA_PUT(msg, NL80211_KEY_DATA, key_len, key);
3384 nla_nest_end(msg, key_attr);
3392 static int nl80211_set_conn_keys(struct wpa_driver_associate_params *params,
3396 struct nlattr *nl_keys, *nl_key;
3398 for (i = 0; i < 4; i++) {
3399 if (!params->wep_key[i])
3404 if (params->wps == WPS_MODE_PRIVACY)
3406 if (params->pairwise_suite &&
3407 params->pairwise_suite != WPA_CIPHER_NONE)
3413 NLA_PUT_FLAG(msg, NL80211_ATTR_PRIVACY);
3415 nl_keys = nla_nest_start(msg, NL80211_ATTR_KEYS);
3417 goto nla_put_failure;
3419 for (i = 0; i < 4; i++) {
3420 if (!params->wep_key[i])
3423 nl_key = nla_nest_start(msg, i);
3425 goto nla_put_failure;
3427 NLA_PUT(msg, NL80211_KEY_DATA, params->wep_key_len[i],
3428 params->wep_key[i]);
3429 if (params->wep_key_len[i] == 5)
3430 NLA_PUT_U32(msg, NL80211_KEY_CIPHER,
3431 WLAN_CIPHER_SUITE_WEP40);
3433 NLA_PUT_U32(msg, NL80211_KEY_CIPHER,
3434 WLAN_CIPHER_SUITE_WEP104);
3436 NLA_PUT_U8(msg, NL80211_KEY_IDX, i);
3438 if (i == params->wep_tx_keyidx)
3439 NLA_PUT_FLAG(msg, NL80211_KEY_DEFAULT);
3441 nla_nest_end(msg, nl_key);
3443 nla_nest_end(msg, nl_keys);
3452 static int wpa_driver_nl80211_mlme(struct wpa_driver_nl80211_data *drv,
3453 const u8 *addr, int cmd, u16 reason_code,
3454 int local_state_change)
3459 msg = nlmsg_alloc();
3463 nl80211_cmd(drv, msg, 0, cmd);
3465 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
3466 NLA_PUT_U16(msg, NL80211_ATTR_REASON_CODE, reason_code);
3467 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
3468 if (local_state_change)
3469 NLA_PUT_FLAG(msg, NL80211_ATTR_LOCAL_STATE_CHANGE);
3471 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
3474 wpa_printf(MSG_DEBUG, "nl80211: MLME command failed: ret=%d "
3475 "(%s)", ret, strerror(-ret));
3476 goto nla_put_failure;
3486 static int wpa_driver_nl80211_disconnect(struct wpa_driver_nl80211_data *drv,
3487 const u8 *addr, int reason_code)
3489 wpa_printf(MSG_DEBUG, "%s(addr=" MACSTR " reason_code=%d)",
3490 __func__, MAC2STR(addr), reason_code);
3491 drv->associated = 0;
3492 return wpa_driver_nl80211_mlme(drv, addr, NL80211_CMD_DISCONNECT,
3497 static int wpa_driver_nl80211_deauthenticate(void *priv, const u8 *addr,
3500 struct i802_bss *bss = priv;
3501 struct wpa_driver_nl80211_data *drv = bss->drv;
3502 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME))
3503 return wpa_driver_nl80211_disconnect(drv, addr, reason_code);
3504 wpa_printf(MSG_DEBUG, "%s(addr=" MACSTR " reason_code=%d)",
3505 __func__, MAC2STR(addr), reason_code);
3506 drv->associated = 0;
3507 if (drv->nlmode == NL80211_IFTYPE_ADHOC)
3508 return nl80211_leave_ibss(drv);
3509 return wpa_driver_nl80211_mlme(drv, addr, NL80211_CMD_DEAUTHENTICATE,
3514 static int wpa_driver_nl80211_disassociate(void *priv, const u8 *addr,
3517 struct i802_bss *bss = priv;
3518 struct wpa_driver_nl80211_data *drv = bss->drv;
3519 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME))
3520 return wpa_driver_nl80211_disconnect(drv, addr, reason_code);
3521 wpa_printf(MSG_DEBUG, "%s", __func__);
3522 drv->associated = 0;
3523 return wpa_driver_nl80211_mlme(drv, addr, NL80211_CMD_DISASSOCIATE,
3528 static int wpa_driver_nl80211_authenticate(
3529 void *priv, struct wpa_driver_auth_params *params)
3531 struct i802_bss *bss = priv;
3532 struct wpa_driver_nl80211_data *drv = bss->drv;
3535 enum nl80211_auth_type type;
3536 enum nl80211_iftype nlmode;
3539 drv->associated = 0;
3540 os_memset(drv->auth_bssid, 0, ETH_ALEN);
3541 /* FIX: IBSS mode */
3542 nlmode = params->p2p ?
3543 NL80211_IFTYPE_P2P_CLIENT : NL80211_IFTYPE_STATION;
3544 if (drv->nlmode != nlmode &&
3545 wpa_driver_nl80211_set_mode(priv, nlmode) < 0)
3549 msg = nlmsg_alloc();
3553 wpa_printf(MSG_DEBUG, "nl80211: Authenticate (ifindex=%d)",
3556 nl80211_cmd(drv, msg, 0, NL80211_CMD_AUTHENTICATE);
3558 for (i = 0; i < 4; i++) {
3559 if (!params->wep_key[i])
3561 wpa_driver_nl80211_set_key(bss->ifname, priv, WPA_ALG_WEP,
3563 i == params->wep_tx_keyidx, NULL, 0,
3565 params->wep_key_len[i]);
3566 if (params->wep_tx_keyidx != i)
3568 if (nl_add_key(msg, WPA_ALG_WEP, i, 1, NULL, 0,
3569 params->wep_key[i], params->wep_key_len[i])) {
3575 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
3576 if (params->bssid) {
3577 wpa_printf(MSG_DEBUG, " * bssid=" MACSTR,
3578 MAC2STR(params->bssid));
3579 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid);
3582 wpa_printf(MSG_DEBUG, " * freq=%d", params->freq);
3583 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, params->freq);
3586 wpa_hexdump_ascii(MSG_DEBUG, " * SSID",
3587 params->ssid, params->ssid_len);
3588 NLA_PUT(msg, NL80211_ATTR_SSID, params->ssid_len,
3591 wpa_hexdump(MSG_DEBUG, " * IEs", params->ie, params->ie_len);
3593 NLA_PUT(msg, NL80211_ATTR_IE, params->ie_len, params->ie);
3594 if (params->auth_alg & WPA_AUTH_ALG_OPEN)
3595 type = NL80211_AUTHTYPE_OPEN_SYSTEM;
3596 else if (params->auth_alg & WPA_AUTH_ALG_SHARED)
3597 type = NL80211_AUTHTYPE_SHARED_KEY;
3598 else if (params->auth_alg & WPA_AUTH_ALG_LEAP)
3599 type = NL80211_AUTHTYPE_NETWORK_EAP;
3600 else if (params->auth_alg & WPA_AUTH_ALG_FT)
3601 type = NL80211_AUTHTYPE_FT;
3603 goto nla_put_failure;
3604 wpa_printf(MSG_DEBUG, " * Auth Type %d", type);
3605 NLA_PUT_U32(msg, NL80211_ATTR_AUTH_TYPE, type);
3606 if (params->local_state_change) {
3607 wpa_printf(MSG_DEBUG, " * Local state change only");
3608 NLA_PUT_FLAG(msg, NL80211_ATTR_LOCAL_STATE_CHANGE);
3611 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
3614 wpa_printf(MSG_DEBUG, "nl80211: MLME command failed: ret=%d "
3615 "(%s)", ret, strerror(-ret));
3617 if (ret == -EALREADY && count == 1 && params->bssid &&
3618 !params->local_state_change) {
3620 * mac80211 does not currently accept new
3621 * authentication if we are already authenticated. As a
3622 * workaround, force deauthentication and try again.
3624 wpa_printf(MSG_DEBUG, "nl80211: Retry authentication "
3625 "after forced deauthentication");
3626 wpa_driver_nl80211_deauthenticate(
3628 WLAN_REASON_PREV_AUTH_NOT_VALID);
3632 goto nla_put_failure;
3635 wpa_printf(MSG_DEBUG, "nl80211: Authentication request send "
3644 struct phy_info_arg {
3646 struct hostapd_hw_modes *modes;
3649 static int phy_info_handler(struct nl_msg *msg, void *arg)
3651 struct nlattr *tb_msg[NL80211_ATTR_MAX + 1];
3652 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
3653 struct phy_info_arg *phy_info = arg;
3655 struct nlattr *tb_band[NL80211_BAND_ATTR_MAX + 1];
3657 struct nlattr *tb_freq[NL80211_FREQUENCY_ATTR_MAX + 1];
3658 static struct nla_policy freq_policy[NL80211_FREQUENCY_ATTR_MAX + 1] = {
3659 [NL80211_FREQUENCY_ATTR_FREQ] = { .type = NLA_U32 },
3660 [NL80211_FREQUENCY_ATTR_DISABLED] = { .type = NLA_FLAG },
3661 [NL80211_FREQUENCY_ATTR_PASSIVE_SCAN] = { .type = NLA_FLAG },
3662 [NL80211_FREQUENCY_ATTR_NO_IBSS] = { .type = NLA_FLAG },
3663 [NL80211_FREQUENCY_ATTR_RADAR] = { .type = NLA_FLAG },
3664 [NL80211_FREQUENCY_ATTR_MAX_TX_POWER] = { .type = NLA_U32 },
3667 struct nlattr *tb_rate[NL80211_BITRATE_ATTR_MAX + 1];
3668 static struct nla_policy rate_policy[NL80211_BITRATE_ATTR_MAX + 1] = {
3669 [NL80211_BITRATE_ATTR_RATE] = { .type = NLA_U32 },
3670 [NL80211_BITRATE_ATTR_2GHZ_SHORTPREAMBLE] = { .type = NLA_FLAG },
3673 struct nlattr *nl_band;
3674 struct nlattr *nl_freq;
3675 struct nlattr *nl_rate;
3676 int rem_band, rem_freq, rem_rate;
3677 struct hostapd_hw_modes *mode;
3678 int idx, mode_is_set;
3680 nla_parse(tb_msg, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
3681 genlmsg_attrlen(gnlh, 0), NULL);
3683 if (!tb_msg[NL80211_ATTR_WIPHY_BANDS])
3686 nla_for_each_nested(nl_band, tb_msg[NL80211_ATTR_WIPHY_BANDS], rem_band) {
3687 mode = os_realloc(phy_info->modes, (*phy_info->num_modes + 1) * sizeof(*mode));
3690 phy_info->modes = mode;
3694 mode = &phy_info->modes[*(phy_info->num_modes)];
3695 memset(mode, 0, sizeof(*mode));
3696 mode->flags = HOSTAPD_MODE_FLAG_HT_INFO_KNOWN;
3697 *(phy_info->num_modes) += 1;
3699 nla_parse(tb_band, NL80211_BAND_ATTR_MAX, nla_data(nl_band),
3700 nla_len(nl_band), NULL);
3702 if (tb_band[NL80211_BAND_ATTR_HT_CAPA]) {
3703 mode->ht_capab = nla_get_u16(
3704 tb_band[NL80211_BAND_ATTR_HT_CAPA]);
3707 if (tb_band[NL80211_BAND_ATTR_HT_AMPDU_FACTOR]) {
3708 mode->a_mpdu_params |= nla_get_u8(
3709 tb_band[NL80211_BAND_ATTR_HT_AMPDU_FACTOR]) &
3713 if (tb_band[NL80211_BAND_ATTR_HT_AMPDU_DENSITY]) {
3714 mode->a_mpdu_params |= nla_get_u8(
3715 tb_band[NL80211_BAND_ATTR_HT_AMPDU_DENSITY]) <<
3719 if (tb_band[NL80211_BAND_ATTR_HT_MCS_SET] &&
3720 nla_len(tb_band[NL80211_BAND_ATTR_HT_MCS_SET])) {
3722 mcs = nla_data(tb_band[NL80211_BAND_ATTR_HT_MCS_SET]);
3723 os_memcpy(mode->mcs_set, mcs, 16);
3726 nla_for_each_nested(nl_freq, tb_band[NL80211_BAND_ATTR_FREQS], rem_freq) {
3727 nla_parse(tb_freq, NL80211_FREQUENCY_ATTR_MAX, nla_data(nl_freq),
3728 nla_len(nl_freq), freq_policy);
3729 if (!tb_freq[NL80211_FREQUENCY_ATTR_FREQ])
3731 mode->num_channels++;
3734 mode->channels = os_zalloc(mode->num_channels * sizeof(struct hostapd_channel_data));
3735 if (!mode->channels)
3740 nla_for_each_nested(nl_freq, tb_band[NL80211_BAND_ATTR_FREQS], rem_freq) {
3741 nla_parse(tb_freq, NL80211_FREQUENCY_ATTR_MAX, nla_data(nl_freq),
3742 nla_len(nl_freq), freq_policy);
3743 if (!tb_freq[NL80211_FREQUENCY_ATTR_FREQ])
3746 mode->channels[idx].freq = nla_get_u32(tb_freq[NL80211_FREQUENCY_ATTR_FREQ]);
3747 mode->channels[idx].flag = 0;
3750 /* crude heuristic */
3751 if (mode->channels[idx].freq < 4000)
3752 mode->mode = HOSTAPD_MODE_IEEE80211B;
3754 mode->mode = HOSTAPD_MODE_IEEE80211A;
3758 /* crude heuristic */
3759 if (mode->channels[idx].freq < 4000)
3760 if (mode->channels[idx].freq == 2484)
3761 mode->channels[idx].chan = 14;
3763 mode->channels[idx].chan = (mode->channels[idx].freq - 2407) / 5;
3765 mode->channels[idx].chan = mode->channels[idx].freq/5 - 1000;
3767 if (tb_freq[NL80211_FREQUENCY_ATTR_DISABLED])
3768 mode->channels[idx].flag |=
3769 HOSTAPD_CHAN_DISABLED;
3770 if (tb_freq[NL80211_FREQUENCY_ATTR_PASSIVE_SCAN])
3771 mode->channels[idx].flag |=
3772 HOSTAPD_CHAN_PASSIVE_SCAN;
3773 if (tb_freq[NL80211_FREQUENCY_ATTR_NO_IBSS])
3774 mode->channels[idx].flag |=
3775 HOSTAPD_CHAN_NO_IBSS;
3776 if (tb_freq[NL80211_FREQUENCY_ATTR_RADAR])
3777 mode->channels[idx].flag |=
3780 if (tb_freq[NL80211_FREQUENCY_ATTR_MAX_TX_POWER] &&
3781 !tb_freq[NL80211_FREQUENCY_ATTR_DISABLED])
3782 mode->channels[idx].max_tx_power =
3783 nla_get_u32(tb_freq[NL80211_FREQUENCY_ATTR_MAX_TX_POWER]) / 100;
3788 nla_for_each_nested(nl_rate, tb_band[NL80211_BAND_ATTR_RATES], rem_rate) {
3789 nla_parse(tb_rate, NL80211_BITRATE_ATTR_MAX, nla_data(nl_rate),
3790 nla_len(nl_rate), rate_policy);
3791 if (!tb_rate[NL80211_BITRATE_ATTR_RATE])
3796 mode->rates = os_zalloc(mode->num_rates * sizeof(int));
3802 nla_for_each_nested(nl_rate, tb_band[NL80211_BAND_ATTR_RATES], rem_rate) {
3803 nla_parse(tb_rate, NL80211_BITRATE_ATTR_MAX, nla_data(nl_rate),
3804 nla_len(nl_rate), rate_policy);
3805 if (!tb_rate[NL80211_BITRATE_ATTR_RATE])
3807 mode->rates[idx] = nla_get_u32(tb_rate[NL80211_BITRATE_ATTR_RATE]);
3809 /* crude heuristic */
3810 if (mode->mode == HOSTAPD_MODE_IEEE80211B &&
3811 mode->rates[idx] > 200)
3812 mode->mode = HOSTAPD_MODE_IEEE80211G;
3821 static struct hostapd_hw_modes *
3822 wpa_driver_nl80211_add_11b(struct hostapd_hw_modes *modes, u16 *num_modes)
3825 struct hostapd_hw_modes *mode11g = NULL, *nmodes, *mode;
3826 int i, mode11g_idx = -1;
3828 /* If only 802.11g mode is included, use it to construct matching
3829 * 802.11b mode data. */
3831 for (m = 0; m < *num_modes; m++) {
3832 if (modes[m].mode == HOSTAPD_MODE_IEEE80211B)
3833 return modes; /* 802.11b already included */
3834 if (modes[m].mode == HOSTAPD_MODE_IEEE80211G)
3838 if (mode11g_idx < 0)
3839 return modes; /* 2.4 GHz band not supported at all */
3841 nmodes = os_realloc(modes, (*num_modes + 1) * sizeof(*nmodes));
3843 return modes; /* Could not add 802.11b mode */
3845 mode = &nmodes[*num_modes];
3846 os_memset(mode, 0, sizeof(*mode));
3850 mode->mode = HOSTAPD_MODE_IEEE80211B;
3852 mode11g = &modes[mode11g_idx];
3853 mode->num_channels = mode11g->num_channels;
3854 mode->channels = os_malloc(mode11g->num_channels *
3855 sizeof(struct hostapd_channel_data));
3856 if (mode->channels == NULL) {
3858 return modes; /* Could not add 802.11b mode */
3860 os_memcpy(mode->channels, mode11g->channels,
3861 mode11g->num_channels * sizeof(struct hostapd_channel_data));
3863 mode->num_rates = 0;
3864 mode->rates = os_malloc(4 * sizeof(int));
3865 if (mode->rates == NULL) {
3866 os_free(mode->channels);
3868 return modes; /* Could not add 802.11b mode */
3871 for (i = 0; i < mode11g->num_rates; i++) {
3872 if (mode11g->rates[i] != 10 && mode11g->rates[i] != 20 &&
3873 mode11g->rates[i] != 55 && mode11g->rates[i] != 110)
3875 mode->rates[mode->num_rates] = mode11g->rates[i];
3877 if (mode->num_rates == 4)
3881 if (mode->num_rates == 0) {
3882 os_free(mode->channels);
3883 os_free(mode->rates);
3885 return modes; /* No 802.11b rates */
3888 wpa_printf(MSG_DEBUG, "nl80211: Added 802.11b mode based on 802.11g "
3895 static void nl80211_set_ht40_mode(struct hostapd_hw_modes *mode, int start,
3900 for (c = 0; c < mode->num_channels; c++) {
3901 struct hostapd_channel_data *chan = &mode->channels[c];
3902 if (chan->freq - 10 >= start && chan->freq + 10 <= end)
3903 chan->flag |= HOSTAPD_CHAN_HT40;
3908 static void nl80211_set_ht40_mode_sec(struct hostapd_hw_modes *mode, int start,
3913 for (c = 0; c < mode->num_channels; c++) {
3914 struct hostapd_channel_data *chan = &mode->channels[c];
3915 if (!(chan->flag & HOSTAPD_CHAN_HT40))
3917 if (chan->freq - 30 >= start && chan->freq - 10 <= end)
3918 chan->flag |= HOSTAPD_CHAN_HT40MINUS;
3919 if (chan->freq + 10 >= start && chan->freq + 30 <= end)
3920 chan->flag |= HOSTAPD_CHAN_HT40PLUS;
3925 static void nl80211_reg_rule_ht40(struct nlattr *tb[],
3926 struct phy_info_arg *results)
3928 u32 start, end, max_bw;
3931 if (tb[NL80211_ATTR_FREQ_RANGE_START] == NULL ||
3932 tb[NL80211_ATTR_FREQ_RANGE_END] == NULL ||
3933 tb[NL80211_ATTR_FREQ_RANGE_MAX_BW] == NULL)
3936 start = nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_START]) / 1000;
3937 end = nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_END]) / 1000;
3938 max_bw = nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_MAX_BW]) / 1000;
3940 wpa_printf(MSG_DEBUG, "nl80211: %u-%u @ %u MHz",
3941 start, end, max_bw);
3945 for (m = 0; m < *results->num_modes; m++) {
3946 if (!(results->modes[m].ht_capab &
3947 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET))
3949 nl80211_set_ht40_mode(&results->modes[m], start, end);
3954 static void nl80211_reg_rule_sec(struct nlattr *tb[],
3955 struct phy_info_arg *results)
3957 u32 start, end, max_bw;
3960 if (tb[NL80211_ATTR_FREQ_RANGE_START] == NULL ||
3961 tb[NL80211_ATTR_FREQ_RANGE_END] == NULL ||
3962 tb[NL80211_ATTR_FREQ_RANGE_MAX_BW] == NULL)
3965 start = nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_START]) / 1000;
3966 end = nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_END]) / 1000;
3967 max_bw = nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_MAX_BW]) / 1000;
3972 for (m = 0; m < *results->num_modes; m++) {
3973 if (!(results->modes[m].ht_capab &
3974 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET))
3976 nl80211_set_ht40_mode_sec(&results->modes[m], start, end);
3981 static int nl80211_get_reg(struct nl_msg *msg, void *arg)
3983 struct phy_info_arg *results = arg;
3984 struct nlattr *tb_msg[NL80211_ATTR_MAX + 1];
3985 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
3986 struct nlattr *nl_rule;
3987 struct nlattr *tb_rule[NL80211_FREQUENCY_ATTR_MAX + 1];
3989 static struct nla_policy reg_policy[NL80211_FREQUENCY_ATTR_MAX + 1] = {
3990 [NL80211_ATTR_REG_RULE_FLAGS] = { .type = NLA_U32 },
3991 [NL80211_ATTR_FREQ_RANGE_START] = { .type = NLA_U32 },
3992 [NL80211_ATTR_FREQ_RANGE_END] = { .type = NLA_U32 },
3993 [NL80211_ATTR_FREQ_RANGE_MAX_BW] = { .type = NLA_U32 },
3994 [NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN] = { .type = NLA_U32 },
3995 [NL80211_ATTR_POWER_RULE_MAX_EIRP] = { .type = NLA_U32 },
3998 nla_parse(tb_msg, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
3999 genlmsg_attrlen(gnlh, 0), NULL);
4000 if (!tb_msg[NL80211_ATTR_REG_ALPHA2] ||
4001 !tb_msg[NL80211_ATTR_REG_RULES]) {
4002 wpa_printf(MSG_DEBUG, "nl80211: No regulatory information "
4007 wpa_printf(MSG_DEBUG, "nl80211: Regulatory information - country=%s",
4008 (char *) nla_data(tb_msg[NL80211_ATTR_REG_ALPHA2]));
4010 nla_for_each_nested(nl_rule, tb_msg[NL80211_ATTR_REG_RULES], rem_rule)
4012 nla_parse(tb_rule, NL80211_FREQUENCY_ATTR_MAX,
4013 nla_data(nl_rule), nla_len(nl_rule), reg_policy);
4014 nl80211_reg_rule_ht40(tb_rule, results);
4017 nla_for_each_nested(nl_rule, tb_msg[NL80211_ATTR_REG_RULES], rem_rule)
4019 nla_parse(tb_rule, NL80211_FREQUENCY_ATTR_MAX,
4020 nla_data(nl_rule), nla_len(nl_rule), reg_policy);
4021 nl80211_reg_rule_sec(tb_rule, results);
4028 static int nl80211_set_ht40_flags(struct wpa_driver_nl80211_data *drv,
4029 struct phy_info_arg *results)
4033 msg = nlmsg_alloc();
4037 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_REG);
4038 return send_and_recv_msgs(drv, msg, nl80211_get_reg, results);
4042 static struct hostapd_hw_modes *
4043 wpa_driver_nl80211_get_hw_feature_data(void *priv, u16 *num_modes, u16 *flags)
4045 struct i802_bss *bss = priv;
4046 struct wpa_driver_nl80211_data *drv = bss->drv;
4048 struct phy_info_arg result = {
4049 .num_modes = num_modes,
4056 msg = nlmsg_alloc();
4060 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_WIPHY);
4062 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
4064 if (send_and_recv_msgs(drv, msg, phy_info_handler, &result) == 0) {
4065 nl80211_set_ht40_flags(drv, &result);
4066 return wpa_driver_nl80211_add_11b(result.modes, num_modes);
4073 static int wpa_driver_nl80211_send_frame(struct wpa_driver_nl80211_data *drv,
4074 const void *data, size_t len,
4078 0x00, 0x00, /* radiotap version */
4079 0x0e, 0x00, /* radiotap length */
4080 0x02, 0xc0, 0x00, 0x00, /* bmap: flags, tx and rx flags */
4081 IEEE80211_RADIOTAP_F_FRAG, /* F_FRAG (fragment if required) */
4083 0x00, 0x00, /* RX and TX flags to indicate that */
4084 0x00, 0x00, /* this is the injected frame directly */
4086 struct iovec iov[2] = {
4088 .iov_base = &rtap_hdr,
4089 .iov_len = sizeof(rtap_hdr),
4092 .iov_base = (void *) data,
4096 struct msghdr msg = {
4101 .msg_control = NULL,
4102 .msg_controllen = 0,
4108 rtap_hdr[8] |= IEEE80211_RADIOTAP_F_WEP;
4110 if (drv->monitor_sock < 0) {
4111 wpa_printf(MSG_DEBUG, "nl80211: No monitor socket available "
4112 "for %s", __func__);
4116 res = sendmsg(drv->monitor_sock, &msg, 0);
4118 wpa_printf(MSG_INFO, "nl80211: sendmsg: %s", strerror(errno));
4125 static int wpa_driver_nl80211_send_mlme(void *priv, const u8 *data,
4128 struct i802_bss *bss = priv;
4129 struct wpa_driver_nl80211_data *drv = bss->drv;
4130 struct ieee80211_mgmt *mgmt;
4134 mgmt = (struct ieee80211_mgmt *) data;
4135 fc = le_to_host16(mgmt->frame_control);
4137 if (is_sta_interface(drv->nlmode) &&
4138 WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT &&
4139 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_PROBE_RESP) {
4141 * The use of last_mgmt_freq is a bit of a hack,
4142 * but it works due to the single-threaded nature
4143 * of wpa_supplicant.
4145 return nl80211_send_frame_cmd(drv, drv->last_mgmt_freq, 0,
4146 data, data_len, NULL, 1);
4149 if (drv->no_monitor_iface_capab && is_ap_interface(drv->nlmode)) {
4150 return nl80211_send_frame_cmd(drv, drv->ap_oper_freq, 0,
4151 data, data_len, NULL, 0);
4154 if (WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT &&
4155 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_AUTH) {
4157 * Only one of the authentication frame types is encrypted.
4158 * In order for static WEP encryption to work properly (i.e.,
4159 * to not encrypt the frame), we need to tell mac80211 about
4160 * the frames that must not be encrypted.
4162 u16 auth_alg = le_to_host16(mgmt->u.auth.auth_alg);
4163 u16 auth_trans = le_to_host16(mgmt->u.auth.auth_transaction);
4164 if (auth_alg != WLAN_AUTH_SHARED_KEY || auth_trans != 3)
4168 return wpa_driver_nl80211_send_frame(drv, data, data_len, encrypt);
4172 static int nl80211_set_ap_isolate(struct i802_bss *bss, int enabled)
4174 struct wpa_driver_nl80211_data *drv = bss->drv;
4177 msg = nlmsg_alloc();
4181 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_BSS);
4183 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(bss->ifname));
4184 NLA_PUT_U8(msg, NL80211_ATTR_AP_ISOLATE, enabled);
4186 return send_and_recv_msgs(drv, msg, NULL, NULL);
4192 static int nl80211_set_bss(struct i802_bss *bss, int cts, int preamble,
4193 int slot, int ht_opmode)
4195 struct wpa_driver_nl80211_data *drv = bss->drv;
4198 msg = nlmsg_alloc();
4202 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_BSS);
4205 NLA_PUT_U8(msg, NL80211_ATTR_BSS_CTS_PROT, cts);
4207 NLA_PUT_U8(msg, NL80211_ATTR_BSS_SHORT_PREAMBLE, preamble);
4209 NLA_PUT_U8(msg, NL80211_ATTR_BSS_SHORT_SLOT_TIME, slot);
4211 NLA_PUT_U16(msg, NL80211_ATTR_BSS_HT_OPMODE, ht_opmode);
4212 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(bss->ifname));
4214 return send_and_recv_msgs(drv, msg, NULL, NULL);
4220 static int wpa_driver_nl80211_set_ap(void *priv,
4221 struct wpa_driver_ap_params *params)
4223 struct i802_bss *bss = priv;
4224 struct wpa_driver_nl80211_data *drv = bss->drv;
4226 u8 cmd = NL80211_CMD_NEW_BEACON;
4229 int ifindex = if_nametoindex(bss->ifname);
4234 beacon_set = bss->beacon_set;
4236 msg = nlmsg_alloc();
4240 wpa_printf(MSG_DEBUG, "nl80211: Set beacon (beacon_set=%d)",
4243 cmd = NL80211_CMD_SET_BEACON;
4245 nl80211_cmd(drv, msg, 0, cmd);
4246 NLA_PUT(msg, NL80211_ATTR_BEACON_HEAD, params->head_len, params->head);
4247 NLA_PUT(msg, NL80211_ATTR_BEACON_TAIL, params->tail_len, params->tail);
4248 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifindex);
4249 NLA_PUT_U32(msg, NL80211_ATTR_BEACON_INTERVAL, params->beacon_int);
4250 NLA_PUT_U32(msg, NL80211_ATTR_DTIM_PERIOD, params->dtim_period);
4251 NLA_PUT(msg, NL80211_ATTR_SSID, params->ssid_len,
4253 switch (params->hide_ssid) {
4254 case NO_SSID_HIDING:
4255 NLA_PUT_U32(msg, NL80211_ATTR_HIDDEN_SSID,
4256 NL80211_HIDDEN_SSID_NOT_IN_USE);
4258 case HIDDEN_SSID_ZERO_LEN:
4259 NLA_PUT_U32(msg, NL80211_ATTR_HIDDEN_SSID,
4260 NL80211_HIDDEN_SSID_ZERO_LEN);
4262 case HIDDEN_SSID_ZERO_CONTENTS:
4263 NLA_PUT_U32(msg, NL80211_ATTR_HIDDEN_SSID,
4264 NL80211_HIDDEN_SSID_ZERO_CONTENTS);
4267 if (params->privacy)
4268 NLA_PUT_FLAG(msg, NL80211_ATTR_PRIVACY);
4269 if ((params->auth_algs & (WPA_AUTH_ALG_OPEN | WPA_AUTH_ALG_SHARED)) ==
4270 (WPA_AUTH_ALG_OPEN | WPA_AUTH_ALG_SHARED)) {
4271 /* Leave out the attribute */
4272 } else if (params->auth_algs & WPA_AUTH_ALG_SHARED)
4273 NLA_PUT_U32(msg, NL80211_ATTR_AUTH_TYPE,
4274 NL80211_AUTHTYPE_SHARED_KEY);
4276 NLA_PUT_U32(msg, NL80211_ATTR_AUTH_TYPE,
4277 NL80211_AUTHTYPE_OPEN_SYSTEM);
4280 if (params->wpa_version & WPA_PROTO_WPA)
4281 ver |= NL80211_WPA_VERSION_1;
4282 if (params->wpa_version & WPA_PROTO_RSN)
4283 ver |= NL80211_WPA_VERSION_2;
4285 NLA_PUT_U32(msg, NL80211_ATTR_WPA_VERSIONS, ver);
4288 if (params->key_mgmt_suites & WPA_KEY_MGMT_IEEE8021X)
4289 suites[num_suites++] = WLAN_AKM_SUITE_8021X;
4290 if (params->key_mgmt_suites & WPA_KEY_MGMT_PSK)
4291 suites[num_suites++] = WLAN_AKM_SUITE_PSK;
4293 NLA_PUT(msg, NL80211_ATTR_AKM_SUITES,
4294 num_suites * sizeof(u32), suites);
4298 if (params->pairwise_ciphers & WPA_CIPHER_CCMP)
4299 suites[num_suites++] = WLAN_CIPHER_SUITE_CCMP;
4300 if (params->pairwise_ciphers & WPA_CIPHER_TKIP)
4301 suites[num_suites++] = WLAN_CIPHER_SUITE_TKIP;
4302 if (params->pairwise_ciphers & WPA_CIPHER_WEP104)
4303 suites[num_suites++] = WLAN_CIPHER_SUITE_WEP104;
4304 if (params->pairwise_ciphers & WPA_CIPHER_WEP40)
4305 suites[num_suites++] = WLAN_CIPHER_SUITE_WEP40;
4307 NLA_PUT(msg, NL80211_ATTR_CIPHER_SUITES_PAIRWISE,
4308 num_suites * sizeof(u32), suites);
4311 switch (params->group_cipher) {
4312 case WPA_CIPHER_CCMP:
4313 NLA_PUT_U32(msg, NL80211_ATTR_CIPHER_SUITE_GROUP,
4314 WLAN_CIPHER_SUITE_CCMP);
4316 case WPA_CIPHER_TKIP:
4317 NLA_PUT_U32(msg, NL80211_ATTR_CIPHER_SUITE_GROUP,
4318 WLAN_CIPHER_SUITE_TKIP);
4320 case WPA_CIPHER_WEP104:
4321 NLA_PUT_U32(msg, NL80211_ATTR_CIPHER_SUITE_GROUP,
4322 WLAN_CIPHER_SUITE_WEP104);
4324 case WPA_CIPHER_WEP40:
4325 NLA_PUT_U32(msg, NL80211_ATTR_CIPHER_SUITE_GROUP,
4326 WLAN_CIPHER_SUITE_WEP40);
4330 if (params->beacon_ies) {
4331 NLA_PUT(msg, NL80211_ATTR_IE, wpabuf_len(params->beacon_ies),
4332 wpabuf_head(params->beacon_ies));
4334 if (params->proberesp_ies) {
4335 NLA_PUT(msg, NL80211_ATTR_IE_PROBE_RESP,
4336 wpabuf_len(params->proberesp_ies),
4337 wpabuf_head(params->proberesp_ies));
4339 if (params->assocresp_ies) {
4340 NLA_PUT(msg, NL80211_ATTR_IE_ASSOC_RESP,
4341 wpabuf_len(params->assocresp_ies),
4342 wpabuf_head(params->assocresp_ies));
4345 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
4347 wpa_printf(MSG_DEBUG, "nl80211: Beacon set failed: %d (%s)",
4348 ret, strerror(-ret));
4350 bss->beacon_set = 1;
4351 ret = nl80211_set_ap_isolate(bss, params->isolate);
4352 if (!params->isolate && ret) {
4353 wpa_printf(MSG_DEBUG, "nl80211: Ignore AP isolation "
4354 "configuration error since isolation is "
4359 nl80211_set_bss(bss, params->cts_protect, params->preamble,
4360 params->short_slot_time, params->ht_opmode);
4368 static int wpa_driver_nl80211_set_freq(struct wpa_driver_nl80211_data *drv,
4369 int freq, int ht_enabled,
4370 int sec_channel_offset)
4375 wpa_printf(MSG_DEBUG, "nl80211: Set freq %d (ht_enabled=%d "
4376 "sec_channel_offset=%d)",
4377 freq, ht_enabled, sec_channel_offset);
4378 msg = nlmsg_alloc();
4382 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_WIPHY);
4384 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
4385 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, freq);
4387 switch (sec_channel_offset) {
4389 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE,
4390 NL80211_CHAN_HT40MINUS);
4393 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE,
4394 NL80211_CHAN_HT40PLUS);
4397 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE,
4403 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
4406 wpa_printf(MSG_DEBUG, "nl80211: Failed to set channel (freq=%d): "
4407 "%d (%s)", freq, ret, strerror(-ret));
4413 static u32 sta_flags_nl80211(int flags)
4417 if (flags & WPA_STA_AUTHORIZED)
4418 f |= BIT(NL80211_STA_FLAG_AUTHORIZED);
4419 if (flags & WPA_STA_WMM)
4420 f |= BIT(NL80211_STA_FLAG_WME);
4421 if (flags & WPA_STA_SHORT_PREAMBLE)
4422 f |= BIT(NL80211_STA_FLAG_SHORT_PREAMBLE);
4423 if (flags & WPA_STA_MFP)
4424 f |= BIT(NL80211_STA_FLAG_MFP);
4425 if (flags & WPA_STA_TDLS_PEER)
4426 f |= BIT(NL80211_STA_FLAG_TDLS_PEER);
4432 static int wpa_driver_nl80211_sta_add(void *priv,
4433 struct hostapd_sta_add_params *params)
4435 struct i802_bss *bss = priv;
4436 struct wpa_driver_nl80211_data *drv = bss->drv;
4438 struct nl80211_sta_flag_update upd;
4441 if ((params->flags & WPA_STA_TDLS_PEER) &&
4442 !(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT))
4445 msg = nlmsg_alloc();
4449 nl80211_cmd(drv, msg, 0, params->set ? NL80211_CMD_SET_STATION :
4450 NL80211_CMD_NEW_STATION);
4452 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(bss->ifname));
4453 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, params->addr);
4454 NLA_PUT(msg, NL80211_ATTR_STA_SUPPORTED_RATES, params->supp_rates_len,
4455 params->supp_rates);
4457 NLA_PUT_U16(msg, NL80211_ATTR_STA_AID, params->aid);
4458 NLA_PUT_U16(msg, NL80211_ATTR_STA_LISTEN_INTERVAL,
4459 params->listen_interval);
4461 if (params->ht_capabilities) {
4462 NLA_PUT(msg, NL80211_ATTR_HT_CAPABILITY,
4463 sizeof(*params->ht_capabilities),
4464 params->ht_capabilities);
4467 os_memset(&upd, 0, sizeof(upd));
4468 upd.mask = sta_flags_nl80211(params->flags);
4470 NLA_PUT(msg, NL80211_ATTR_STA_FLAGS2, sizeof(upd), &upd);
4472 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
4474 wpa_printf(MSG_DEBUG, "nl80211: NL80211_CMD_%s_STATION "
4475 "result: %d (%s)", params->set ? "SET" : "NEW", ret,
4484 static int wpa_driver_nl80211_sta_remove(void *priv, const u8 *addr)
4486 struct i802_bss *bss = priv;
4487 struct wpa_driver_nl80211_data *drv = bss->drv;
4491 msg = nlmsg_alloc();
4495 nl80211_cmd(drv, msg, 0, NL80211_CMD_DEL_STATION);
4497 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
4498 if_nametoindex(bss->ifname));
4499 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
4501 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
4510 static void nl80211_remove_iface(struct wpa_driver_nl80211_data *drv,
4515 wpa_printf(MSG_DEBUG, "nl80211: Remove interface ifindex=%d", ifidx);
4517 /* stop listening for EAPOL on this interface */
4518 del_ifidx(drv, ifidx);
4520 msg = nlmsg_alloc();
4522 goto nla_put_failure;
4524 nl80211_cmd(drv, msg, 0, NL80211_CMD_DEL_INTERFACE);
4525 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifidx);
4527 if (send_and_recv_msgs(drv, msg, NULL, NULL) == 0)
4530 wpa_printf(MSG_ERROR, "Failed to remove interface (ifidx=%d)", ifidx);
4534 static const char * nl80211_iftype_str(enum nl80211_iftype mode)
4537 case NL80211_IFTYPE_ADHOC:
4539 case NL80211_IFTYPE_STATION:
4541 case NL80211_IFTYPE_AP:
4543 case NL80211_IFTYPE_MONITOR:
4545 case NL80211_IFTYPE_P2P_CLIENT:
4546 return "P2P_CLIENT";
4547 case NL80211_IFTYPE_P2P_GO:
4555 static int nl80211_create_iface_once(struct wpa_driver_nl80211_data *drv,
4557 enum nl80211_iftype iftype,
4558 const u8 *addr, int wds)
4560 struct nl_msg *msg, *flags = NULL;
4564 wpa_printf(MSG_DEBUG, "nl80211: Create interface iftype %d (%s)",
4565 iftype, nl80211_iftype_str(iftype));
4567 msg = nlmsg_alloc();
4571 nl80211_cmd(drv, msg, 0, NL80211_CMD_NEW_INTERFACE);
4572 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
4573 NLA_PUT_STRING(msg, NL80211_ATTR_IFNAME, ifname);
4574 NLA_PUT_U32(msg, NL80211_ATTR_IFTYPE, iftype);
4576 if (iftype == NL80211_IFTYPE_MONITOR) {
4579 flags = nlmsg_alloc();
4581 goto nla_put_failure;
4583 NLA_PUT_FLAG(flags, NL80211_MNTR_FLAG_COOK_FRAMES);
4585 err = nla_put_nested(msg, NL80211_ATTR_MNTR_FLAGS, flags);
4590 goto nla_put_failure;
4592 NLA_PUT_U8(msg, NL80211_ATTR_4ADDR, wds);
4595 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
4598 wpa_printf(MSG_ERROR, "Failed to create interface %s: %d (%s)",
4599 ifname, ret, strerror(-ret));
4603 ifidx = if_nametoindex(ifname);
4604 wpa_printf(MSG_DEBUG, "nl80211: New interface %s created: ifindex=%d",
4610 /* start listening for EAPOL on this interface */
4611 add_ifidx(drv, ifidx);
4613 if (addr && iftype != NL80211_IFTYPE_MONITOR &&
4614 linux_set_ifhwaddr(drv->global->ioctl_sock, ifname, addr)) {
4615 nl80211_remove_iface(drv, ifidx);
4623 static int nl80211_create_iface(struct wpa_driver_nl80211_data *drv,
4624 const char *ifname, enum nl80211_iftype iftype,
4625 const u8 *addr, int wds)
4629 ret = nl80211_create_iface_once(drv, ifname, iftype, addr, wds);
4631 /* if error occurred and interface exists already */
4632 if (ret == -ENFILE && if_nametoindex(ifname)) {
4633 wpa_printf(MSG_INFO, "Try to remove and re-create %s", ifname);
4635 /* Try to remove the interface that was already there. */
4636 nl80211_remove_iface(drv, if_nametoindex(ifname));
4638 /* Try to create the interface again */
4639 ret = nl80211_create_iface_once(drv, ifname, iftype, addr,
4643 if (ret >= 0 && drv->disable_11b_rates)
4644 nl80211_disable_11b_rates(drv, ret, 1);
4650 static void handle_tx_callback(void *ctx, u8 *buf, size_t len, int ok)
4652 struct ieee80211_hdr *hdr;
4654 union wpa_event_data event;
4656 hdr = (struct ieee80211_hdr *) buf;
4657 fc = le_to_host16(hdr->frame_control);
4659 os_memset(&event, 0, sizeof(event));
4660 event.tx_status.type = WLAN_FC_GET_TYPE(fc);
4661 event.tx_status.stype = WLAN_FC_GET_STYPE(fc);
4662 event.tx_status.dst = hdr->addr1;
4663 event.tx_status.data = buf;
4664 event.tx_status.data_len = len;
4665 event.tx_status.ack = ok;
4666 wpa_supplicant_event(ctx, EVENT_TX_STATUS, &event);
4670 static void from_unknown_sta(struct wpa_driver_nl80211_data *drv,
4671 u8 *buf, size_t len)
4673 struct ieee80211_hdr *hdr = (void *)buf;
4675 union wpa_event_data event;
4677 if (len < sizeof(*hdr))
4680 fc = le_to_host16(hdr->frame_control);
4682 os_memset(&event, 0, sizeof(event));
4683 event.rx_from_unknown.bssid = get_hdr_bssid(hdr, len);
4684 event.rx_from_unknown.addr = hdr->addr2;
4685 event.rx_from_unknown.wds = (fc & (WLAN_FC_FROMDS | WLAN_FC_TODS)) ==
4686 (WLAN_FC_FROMDS | WLAN_FC_TODS);
4687 wpa_supplicant_event(drv->ctx, EVENT_RX_FROM_UNKNOWN, &event);
4691 static void handle_frame(struct wpa_driver_nl80211_data *drv,
4692 u8 *buf, size_t len, int datarate, int ssi_signal)
4694 struct ieee80211_hdr *hdr;
4696 union wpa_event_data event;
4698 hdr = (struct ieee80211_hdr *) buf;
4699 fc = le_to_host16(hdr->frame_control);
4701 switch (WLAN_FC_GET_TYPE(fc)) {
4702 case WLAN_FC_TYPE_MGMT:
4703 os_memset(&event, 0, sizeof(event));
4704 event.rx_mgmt.frame = buf;
4705 event.rx_mgmt.frame_len = len;
4706 event.rx_mgmt.datarate = datarate;
4707 event.rx_mgmt.ssi_signal = ssi_signal;
4708 wpa_supplicant_event(drv->ctx, EVENT_RX_MGMT, &event);
4710 case WLAN_FC_TYPE_CTRL:
4711 /* can only get here with PS-Poll frames */
4712 wpa_printf(MSG_DEBUG, "CTRL");
4713 from_unknown_sta(drv, buf, len);
4715 case WLAN_FC_TYPE_DATA:
4716 from_unknown_sta(drv, buf, len);
4722 static void handle_monitor_read(int sock, void *eloop_ctx, void *sock_ctx)
4724 struct wpa_driver_nl80211_data *drv = eloop_ctx;
4726 unsigned char buf[3000];
4727 struct ieee80211_radiotap_iterator iter;
4729 int datarate = 0, ssi_signal = 0;
4730 int injected = 0, failed = 0, rxflags = 0;
4732 len = recv(sock, buf, sizeof(buf), 0);
4738 if (ieee80211_radiotap_iterator_init(&iter, (void*)buf, len)) {
4739 printf("received invalid radiotap frame\n");
4744 ret = ieee80211_radiotap_iterator_next(&iter);
4748 printf("received invalid radiotap frame (%d)\n", ret);
4751 switch (iter.this_arg_index) {
4752 case IEEE80211_RADIOTAP_FLAGS:
4753 if (*iter.this_arg & IEEE80211_RADIOTAP_F_FCS)
4756 case IEEE80211_RADIOTAP_RX_FLAGS:
4759 case IEEE80211_RADIOTAP_TX_FLAGS:
4761 failed = le_to_host16((*(uint16_t *) iter.this_arg)) &
4762 IEEE80211_RADIOTAP_F_TX_FAIL;
4764 case IEEE80211_RADIOTAP_DATA_RETRIES:
4766 case IEEE80211_RADIOTAP_CHANNEL:
4767 /* TODO: convert from freq/flags to channel number */
4769 case IEEE80211_RADIOTAP_RATE:
4770 datarate = *iter.this_arg * 5;
4772 case IEEE80211_RADIOTAP_DB_ANTSIGNAL:
4773 ssi_signal = *iter.this_arg;
4778 if (rxflags && injected)
4782 handle_frame(drv, buf + iter.max_length,
4783 len - iter.max_length, datarate, ssi_signal);
4785 handle_tx_callback(drv->ctx, buf + iter.max_length,
4786 len - iter.max_length, !failed);
4791 * we post-process the filter code later and rewrite
4792 * this to the offset to the last instruction
4797 static struct sock_filter msock_filter_insns[] = {
4799 * do a little-endian load of the radiotap length field
4801 /* load lower byte into A */
4802 BPF_STMT(BPF_LD | BPF_B | BPF_ABS, 2),
4803 /* put it into X (== index register) */
4804 BPF_STMT(BPF_MISC| BPF_TAX, 0),
4805 /* load upper byte into A */
4806 BPF_STMT(BPF_LD | BPF_B | BPF_ABS, 3),
4807 /* left-shift it by 8 */
4808 BPF_STMT(BPF_ALU | BPF_LSH | BPF_K, 8),
4810 BPF_STMT(BPF_ALU | BPF_OR | BPF_X, 0),
4811 /* put result into X */
4812 BPF_STMT(BPF_MISC| BPF_TAX, 0),
4815 * Allow management frames through, this also gives us those
4816 * management frames that we sent ourselves with status
4818 /* load the lower byte of the IEEE 802.11 frame control field */
4819 BPF_STMT(BPF_LD | BPF_B | BPF_IND, 0),
4820 /* mask off frame type and version */
4821 BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0xF),
4822 /* accept frame if it's both 0, fall through otherwise */
4823 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 0, PASS, 0),
4826 * TODO: add a bit to radiotap RX flags that indicates
4827 * that the sending station is not associated, then
4828 * add a filter here that filters on our DA and that flag
4829 * to allow us to deauth frames to that bad station.
4831 * For now allow all To DS data frames through.
4833 /* load the IEEE 802.11 frame control field */
4834 BPF_STMT(BPF_LD | BPF_H | BPF_IND, 0),
4835 /* mask off frame type, version and DS status */
4836 BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0x0F03),
4837 /* accept frame if version 0, type 2 and To DS, fall through otherwise
4839 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 0x0801, PASS, 0),
4843 * drop non-data frames
4845 /* load the lower byte of the frame control field */
4846 BPF_STMT(BPF_LD | BPF_B | BPF_IND, 0),
4847 /* mask off QoS bit */
4848 BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0x0c),
4849 /* drop non-data frames */
4850 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 8, 0, FAIL),
4852 /* load the upper byte of the frame control field */
4853 BPF_STMT(BPF_LD | BPF_B | BPF_IND, 1),
4854 /* mask off toDS/fromDS */
4855 BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0x03),
4856 /* accept WDS frames */
4857 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 3, PASS, 0),
4860 * add header length to index
4862 /* load the lower byte of the frame control field */
4863 BPF_STMT(BPF_LD | BPF_B | BPF_IND, 0),
4864 /* mask off QoS bit */
4865 BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0x80),
4866 /* right shift it by 6 to give 0 or 2 */
4867 BPF_STMT(BPF_ALU | BPF_RSH | BPF_K, 6),
4868 /* add data frame header length */
4869 BPF_STMT(BPF_ALU | BPF_ADD | BPF_K, 24),
4870 /* add index, was start of 802.11 header */
4871 BPF_STMT(BPF_ALU | BPF_ADD | BPF_X, 0),
4872 /* move to index, now start of LL header */
4873 BPF_STMT(BPF_MISC | BPF_TAX, 0),
4876 * Accept empty data frames, we use those for
4879 BPF_STMT(BPF_LD | BPF_W | BPF_LEN, 0),
4880 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_X, 0, PASS, 0),
4883 * Accept EAPOL frames
4885 BPF_STMT(BPF_LD | BPF_W | BPF_IND, 0),
4886 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 0xAAAA0300, 0, FAIL),
4887 BPF_STMT(BPF_LD | BPF_W | BPF_IND, 4),
4888 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 0x0000888E, PASS, FAIL),
4890 /* keep these last two statements or change the code below */
4891 /* return 0 == "DROP" */
4892 BPF_STMT(BPF_RET | BPF_K, 0),
4893 /* return ~0 == "keep all" */
4894 BPF_STMT(BPF_RET | BPF_K, ~0),
4897 static struct sock_fprog msock_filter = {
4898 .len = sizeof(msock_filter_insns)/sizeof(msock_filter_insns[0]),
4899 .filter = msock_filter_insns,
4903 static int add_monitor_filter(int s)
4907 /* rewrite all PASS/FAIL jump offsets */
4908 for (idx = 0; idx < msock_filter.len; idx++) {
4909 struct sock_filter *insn = &msock_filter_insns[idx];
4911 if (BPF_CLASS(insn->code) == BPF_JMP) {
4912 if (insn->code == (BPF_JMP|BPF_JA)) {
4913 if (insn->k == PASS)
4914 insn->k = msock_filter.len - idx - 2;
4915 else if (insn->k == FAIL)
4916 insn->k = msock_filter.len - idx - 3;
4919 if (insn->jt == PASS)
4920 insn->jt = msock_filter.len - idx - 2;
4921 else if (insn->jt == FAIL)
4922 insn->jt = msock_filter.len - idx - 3;
4924 if (insn->jf == PASS)
4925 insn->jf = msock_filter.len - idx - 2;
4926 else if (insn->jf == FAIL)
4927 insn->jf = msock_filter.len - idx - 3;
4931 if (setsockopt(s, SOL_SOCKET, SO_ATTACH_FILTER,
4932 &msock_filter, sizeof(msock_filter))) {
4933 perror("SO_ATTACH_FILTER");
4941 static void nl80211_remove_monitor_interface(
4942 struct wpa_driver_nl80211_data *drv)
4944 if (drv->monitor_ifidx >= 0) {
4945 nl80211_remove_iface(drv, drv->monitor_ifidx);
4946 drv->monitor_ifidx = -1;
4948 if (drv->monitor_sock >= 0) {
4949 eloop_unregister_read_sock(drv->monitor_sock);
4950 close(drv->monitor_sock);
4951 drv->monitor_sock = -1;
4957 nl80211_create_monitor_interface(struct wpa_driver_nl80211_data *drv)
4960 struct sockaddr_ll ll;
4964 if (os_strncmp(drv->first_bss.ifname, "p2p-", 4) == 0) {
4966 * P2P interface name is of the format p2p-%s-%d. For monitor
4967 * interface name corresponding to P2P GO, replace "p2p-" with
4968 * "mon-" to retain the same interface name length and to
4969 * indicate that it is a monitor interface.
4971 snprintf(buf, IFNAMSIZ, "mon-%s", drv->first_bss.ifname + 4);
4973 /* Non-P2P interface with AP functionality. */
4974 snprintf(buf, IFNAMSIZ, "mon.%s", drv->first_bss.ifname);
4977 buf[IFNAMSIZ - 1] = '\0';
4979 drv->monitor_ifidx =
4980 nl80211_create_iface(drv, buf, NL80211_IFTYPE_MONITOR, NULL,
4983 if (drv->monitor_ifidx == -EOPNOTSUPP) {
4984 wpa_printf(MSG_DEBUG, "nl80211: Driver does not support "
4985 "monitor interface type - try to run without it");
4986 drv->no_monitor_iface_capab = 1;
4989 if (drv->monitor_ifidx < 0)
4992 if (linux_set_iface_flags(drv->global->ioctl_sock, buf, 1))
4995 memset(&ll, 0, sizeof(ll));
4996 ll.sll_family = AF_PACKET;
4997 ll.sll_ifindex = drv->monitor_ifidx;
4998 drv->monitor_sock = socket(PF_PACKET, SOCK_RAW, htons(ETH_P_ALL));
4999 if (drv->monitor_sock < 0) {
5000 perror("socket[PF_PACKET,SOCK_RAW]");
5004 if (add_monitor_filter(drv->monitor_sock)) {
5005 wpa_printf(MSG_INFO, "Failed to set socket filter for monitor "
5006 "interface; do filtering in user space");
5007 /* This works, but will cost in performance. */
5010 if (bind(drv->monitor_sock, (struct sockaddr *) &ll, sizeof(ll)) < 0) {
5011 perror("monitor socket bind");
5015 optlen = sizeof(optval);
5018 (drv->monitor_sock, SOL_SOCKET, SO_PRIORITY, &optval, optlen)) {
5019 perror("Failed to set socket priority");
5023 if (eloop_register_read_sock(drv->monitor_sock, handle_monitor_read,
5025 printf("Could not register monitor read socket\n");
5031 nl80211_remove_monitor_interface(drv);
5037 static int nl80211_send_eapol_data(struct i802_bss *bss,
5038 const u8 *addr, const u8 *data,
5039 size_t data_len, const u8 *own_addr)
5041 if (bss->drv->l2 == NULL) {
5042 wpa_printf(MSG_DEBUG, "nl80211: No l2_packet to send EAPOL");
5046 if (l2_packet_send(bss->drv->l2, addr, ETH_P_EAPOL, data, data_len) <
5051 #endif /* CONFIG_AP */
5054 static const u8 rfc1042_header[6] = { 0xaa, 0xaa, 0x03, 0x00, 0x00, 0x00 };
5056 static int wpa_driver_nl80211_hapd_send_eapol(
5057 void *priv, const u8 *addr, const u8 *data,
5058 size_t data_len, int encrypt, const u8 *own_addr, u32 flags)
5060 struct i802_bss *bss = priv;
5061 struct wpa_driver_nl80211_data *drv = bss->drv;
5062 struct ieee80211_hdr *hdr;
5066 int qos = flags & WPA_STA_WMM;
5069 if (drv->no_monitor_iface_capab)
5070 return nl80211_send_eapol_data(bss, addr, data, data_len,
5072 #endif /* CONFIG_AP */
5074 len = sizeof(*hdr) + (qos ? 2 : 0) + sizeof(rfc1042_header) + 2 +
5076 hdr = os_zalloc(len);
5078 printf("malloc() failed for i802_send_data(len=%lu)\n",
5079 (unsigned long) len);
5083 hdr->frame_control =
5084 IEEE80211_FC(WLAN_FC_TYPE_DATA, WLAN_FC_STYPE_DATA);
5085 hdr->frame_control |= host_to_le16(WLAN_FC_FROMDS);
5087 hdr->frame_control |= host_to_le16(WLAN_FC_ISWEP);
5089 hdr->frame_control |=
5090 host_to_le16(WLAN_FC_STYPE_QOS_DATA << 4);
5093 memcpy(hdr->IEEE80211_DA_FROMDS, addr, ETH_ALEN);
5094 memcpy(hdr->IEEE80211_BSSID_FROMDS, own_addr, ETH_ALEN);
5095 memcpy(hdr->IEEE80211_SA_FROMDS, own_addr, ETH_ALEN);
5096 pos = (u8 *) (hdr + 1);
5099 /* add an empty QoS header if needed */
5105 memcpy(pos, rfc1042_header, sizeof(rfc1042_header));
5106 pos += sizeof(rfc1042_header);
5107 WPA_PUT_BE16(pos, ETH_P_PAE);
5109 memcpy(pos, data, data_len);
5111 res = wpa_driver_nl80211_send_frame(drv, (u8 *) hdr, len, encrypt);
5113 wpa_printf(MSG_ERROR, "i802_send_eapol - packet len: %lu - "
5115 (unsigned long) len, errno, strerror(errno));
5123 static int wpa_driver_nl80211_sta_set_flags(void *priv, const u8 *addr,
5125 int flags_or, int flags_and)
5127 struct i802_bss *bss = priv;
5128 struct wpa_driver_nl80211_data *drv = bss->drv;
5129 struct nl_msg *msg, *flags = NULL;
5130 struct nl80211_sta_flag_update upd;
5132 msg = nlmsg_alloc();
5136 flags = nlmsg_alloc();
5142 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_STATION);
5144 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
5145 if_nametoindex(bss->ifname));
5146 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
5149 * Backwards compatibility version using NL80211_ATTR_STA_FLAGS. This
5150 * can be removed eventually.
5152 if (total_flags & WPA_STA_AUTHORIZED)
5153 NLA_PUT_FLAG(flags, NL80211_STA_FLAG_AUTHORIZED);
5155 if (total_flags & WPA_STA_WMM)
5156 NLA_PUT_FLAG(flags, NL80211_STA_FLAG_WME);
5158 if (total_flags & WPA_STA_SHORT_PREAMBLE)
5159 NLA_PUT_FLAG(flags, NL80211_STA_FLAG_SHORT_PREAMBLE);
5161 if (total_flags & WPA_STA_MFP)
5162 NLA_PUT_FLAG(flags, NL80211_STA_FLAG_MFP);
5164 if (total_flags & WPA_STA_TDLS_PEER)
5165 NLA_PUT_FLAG(flags, NL80211_STA_FLAG_TDLS_PEER);
5167 if (nla_put_nested(msg, NL80211_ATTR_STA_FLAGS, flags))
5168 goto nla_put_failure;
5170 os_memset(&upd, 0, sizeof(upd));
5171 upd.mask = sta_flags_nl80211(flags_or | ~flags_and);
5172 upd.set = sta_flags_nl80211(flags_or);
5173 NLA_PUT(msg, NL80211_ATTR_STA_FLAGS2, sizeof(upd), &upd);
5177 return send_and_recv_msgs(drv, msg, NULL, NULL);
5184 static int wpa_driver_nl80211_ap(struct wpa_driver_nl80211_data *drv,
5185 struct wpa_driver_associate_params *params)
5187 enum nl80211_iftype nlmode;
5190 wpa_printf(MSG_DEBUG, "nl80211: Setup AP operations for P2P "
5192 nlmode = NL80211_IFTYPE_P2P_GO;
5194 nlmode = NL80211_IFTYPE_AP;
5196 if (wpa_driver_nl80211_set_mode(&drv->first_bss, nlmode) ||
5197 wpa_driver_nl80211_set_freq(drv, params->freq, 0, 0)) {
5198 nl80211_remove_monitor_interface(drv);
5202 if (drv->no_monitor_iface_capab) {
5203 if (wpa_driver_nl80211_probe_req_report(&drv->first_bss, 1) < 0)
5205 wpa_printf(MSG_DEBUG, "nl80211: Failed to enable "
5206 "Probe Request frame reporting in AP mode");
5207 /* Try to survive without this */
5211 drv->ap_oper_freq = params->freq;
5217 static int nl80211_leave_ibss(struct wpa_driver_nl80211_data *drv)
5222 msg = nlmsg_alloc();
5226 nl80211_cmd(drv, msg, 0, NL80211_CMD_LEAVE_IBSS);
5227 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
5228 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
5231 wpa_printf(MSG_DEBUG, "nl80211: Leave IBSS failed: ret=%d "
5232 "(%s)", ret, strerror(-ret));
5233 goto nla_put_failure;
5237 wpa_printf(MSG_DEBUG, "nl80211: Leave IBSS request sent successfully");
5245 static int wpa_driver_nl80211_ibss(struct wpa_driver_nl80211_data *drv,
5246 struct wpa_driver_associate_params *params)
5252 wpa_printf(MSG_DEBUG, "nl80211: Join IBSS (ifindex=%d)", drv->ifindex);
5254 if (wpa_driver_nl80211_set_mode(&drv->first_bss,
5255 NL80211_IFTYPE_ADHOC)) {
5256 wpa_printf(MSG_INFO, "nl80211: Failed to set interface into "
5262 msg = nlmsg_alloc();
5266 nl80211_cmd(drv, msg, 0, NL80211_CMD_JOIN_IBSS);
5267 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
5269 if (params->ssid == NULL || params->ssid_len > sizeof(drv->ssid))
5270 goto nla_put_failure;
5272 wpa_hexdump_ascii(MSG_DEBUG, " * SSID",
5273 params->ssid, params->ssid_len);
5274 NLA_PUT(msg, NL80211_ATTR_SSID, params->ssid_len,
5276 os_memcpy(drv->ssid, params->ssid, params->ssid_len);
5277 drv->ssid_len = params->ssid_len;
5279 wpa_printf(MSG_DEBUG, " * freq=%d", params->freq);
5280 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, params->freq);
5282 ret = nl80211_set_conn_keys(params, msg);
5284 goto nla_put_failure;
5286 if (params->wpa_ie) {
5287 wpa_hexdump(MSG_DEBUG,
5288 " * Extra IEs for Beacon/Probe Response frames",
5289 params->wpa_ie, params->wpa_ie_len);
5290 NLA_PUT(msg, NL80211_ATTR_IE, params->wpa_ie_len,
5294 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
5297 wpa_printf(MSG_DEBUG, "nl80211: Join IBSS failed: ret=%d (%s)",
5298 ret, strerror(-ret));
5300 if (ret == -EALREADY && count == 1) {
5301 wpa_printf(MSG_DEBUG, "nl80211: Retry IBSS join after "
5303 nl80211_leave_ibss(drv);
5308 goto nla_put_failure;
5311 wpa_printf(MSG_DEBUG, "nl80211: Join IBSS request sent successfully");
5319 static unsigned int nl80211_get_assoc_bssid(struct wpa_driver_nl80211_data *drv,
5324 struct nl80211_bss_info_arg arg;
5326 os_memset(&arg, 0, sizeof(arg));
5327 msg = nlmsg_alloc();
5329 goto nla_put_failure;
5331 nl80211_cmd(drv, msg, NLM_F_DUMP, NL80211_CMD_GET_SCAN);
5332 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
5335 ret = send_and_recv_msgs(drv, msg, bss_info_handler, &arg);
5338 if (is_zero_ether_addr(arg.assoc_bssid))
5340 os_memcpy(bssid, arg.assoc_bssid, ETH_ALEN);
5343 wpa_printf(MSG_DEBUG, "nl80211: Scan result fetch failed: ret=%d "
5344 "(%s)", ret, strerror(-ret));
5347 return drv->assoc_freq;
5351 static int nl80211_disconnect(struct wpa_driver_nl80211_data *drv,
5356 if (bssid == NULL) {
5357 int res = nl80211_get_assoc_bssid(drv, addr);
5363 return wpa_driver_nl80211_disconnect(drv, bssid,
5364 WLAN_REASON_PREV_AUTH_NOT_VALID);
5368 static int wpa_driver_nl80211_connect(
5369 struct wpa_driver_nl80211_data *drv,
5370 struct wpa_driver_associate_params *params)
5373 enum nl80211_auth_type type;
5377 msg = nlmsg_alloc();
5381 wpa_printf(MSG_DEBUG, "nl80211: Connect (ifindex=%d)", drv->ifindex);
5382 nl80211_cmd(drv, msg, 0, NL80211_CMD_CONNECT);
5384 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
5385 if (params->bssid) {
5386 wpa_printf(MSG_DEBUG, " * bssid=" MACSTR,
5387 MAC2STR(params->bssid));
5388 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid);
5391 wpa_printf(MSG_DEBUG, " * freq=%d", params->freq);
5392 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, params->freq);
5395 wpa_hexdump_ascii(MSG_DEBUG, " * SSID",
5396 params->ssid, params->ssid_len);
5397 NLA_PUT(msg, NL80211_ATTR_SSID, params->ssid_len,
5399 if (params->ssid_len > sizeof(drv->ssid))
5400 goto nla_put_failure;
5401 os_memcpy(drv->ssid, params->ssid, params->ssid_len);
5402 drv->ssid_len = params->ssid_len;
5404 wpa_hexdump(MSG_DEBUG, " * IEs", params->wpa_ie, params->wpa_ie_len);
5406 NLA_PUT(msg, NL80211_ATTR_IE, params->wpa_ie_len,
5410 if (params->auth_alg & WPA_AUTH_ALG_OPEN)
5412 if (params->auth_alg & WPA_AUTH_ALG_SHARED)
5414 if (params->auth_alg & WPA_AUTH_ALG_LEAP)
5417 wpa_printf(MSG_DEBUG, " * Leave out Auth Type for automatic "
5419 goto skip_auth_type;
5422 if (params->auth_alg & WPA_AUTH_ALG_OPEN)
5423 type = NL80211_AUTHTYPE_OPEN_SYSTEM;
5424 else if (params->auth_alg & WPA_AUTH_ALG_SHARED)
5425 type = NL80211_AUTHTYPE_SHARED_KEY;
5426 else if (params->auth_alg & WPA_AUTH_ALG_LEAP)
5427 type = NL80211_AUTHTYPE_NETWORK_EAP;
5428 else if (params->auth_alg & WPA_AUTH_ALG_FT)
5429 type = NL80211_AUTHTYPE_FT;
5431 goto nla_put_failure;
5433 wpa_printf(MSG_DEBUG, " * Auth Type %d", type);
5434 NLA_PUT_U32(msg, NL80211_ATTR_AUTH_TYPE, type);
5437 if (params->wpa_proto) {
5438 enum nl80211_wpa_versions ver = 0;
5440 if (params->wpa_proto & WPA_PROTO_WPA)
5441 ver |= NL80211_WPA_VERSION_1;
5442 if (params->wpa_proto & WPA_PROTO_RSN)
5443 ver |= NL80211_WPA_VERSION_2;
5445 wpa_printf(MSG_DEBUG, " * WPA Versions 0x%x", ver);
5446 NLA_PUT_U32(msg, NL80211_ATTR_WPA_VERSIONS, ver);
5449 if (params->pairwise_suite != CIPHER_NONE) {
5452 switch (params->pairwise_suite) {
5454 cipher = WLAN_CIPHER_SUITE_WEP40;
5457 cipher = WLAN_CIPHER_SUITE_WEP104;
5460 cipher = WLAN_CIPHER_SUITE_CCMP;
5464 cipher = WLAN_CIPHER_SUITE_TKIP;
5467 NLA_PUT_U32(msg, NL80211_ATTR_CIPHER_SUITES_PAIRWISE, cipher);
5470 if (params->group_suite != CIPHER_NONE) {
5473 switch (params->group_suite) {
5475 cipher = WLAN_CIPHER_SUITE_WEP40;
5478 cipher = WLAN_CIPHER_SUITE_WEP104;
5481 cipher = WLAN_CIPHER_SUITE_CCMP;
5485 cipher = WLAN_CIPHER_SUITE_TKIP;
5488 NLA_PUT_U32(msg, NL80211_ATTR_CIPHER_SUITE_GROUP, cipher);
5491 if (params->key_mgmt_suite == KEY_MGMT_802_1X ||
5492 params->key_mgmt_suite == KEY_MGMT_PSK) {
5493 int mgmt = WLAN_AKM_SUITE_PSK;
5495 switch (params->key_mgmt_suite) {
5496 case KEY_MGMT_802_1X:
5497 mgmt = WLAN_AKM_SUITE_8021X;
5501 mgmt = WLAN_AKM_SUITE_PSK;
5504 NLA_PUT_U32(msg, NL80211_ATTR_AKM_SUITES, mgmt);
5507 ret = nl80211_set_conn_keys(params, msg);
5509 goto nla_put_failure;
5511 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
5514 wpa_printf(MSG_DEBUG, "nl80211: MLME connect failed: ret=%d "
5515 "(%s)", ret, strerror(-ret));
5517 * cfg80211 does not currently accept new connection if we are
5518 * already connected. As a workaround, force disconnection and
5519 * try again once the driver indicates it completed
5522 if (ret == -EALREADY)
5523 nl80211_disconnect(drv, params->bssid);
5524 goto nla_put_failure;
5527 wpa_printf(MSG_DEBUG, "nl80211: Connect request send successfully");
5536 static int wpa_driver_nl80211_associate(
5537 void *priv, struct wpa_driver_associate_params *params)
5539 struct i802_bss *bss = priv;
5540 struct wpa_driver_nl80211_data *drv = bss->drv;
5544 if (params->mode == IEEE80211_MODE_AP)
5545 return wpa_driver_nl80211_ap(drv, params);
5547 if (params->mode == IEEE80211_MODE_IBSS)
5548 return wpa_driver_nl80211_ibss(drv, params);
5550 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME)) {
5551 enum nl80211_iftype nlmode = params->p2p ?
5552 NL80211_IFTYPE_P2P_CLIENT : NL80211_IFTYPE_STATION;
5554 if (wpa_driver_nl80211_set_mode(priv, nlmode) < 0)
5556 return wpa_driver_nl80211_connect(drv, params);
5559 drv->associated = 0;
5561 msg = nlmsg_alloc();
5565 wpa_printf(MSG_DEBUG, "nl80211: Associate (ifindex=%d)",
5567 nl80211_cmd(drv, msg, 0, NL80211_CMD_ASSOCIATE);
5569 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
5570 if (params->bssid) {
5571 wpa_printf(MSG_DEBUG, " * bssid=" MACSTR,
5572 MAC2STR(params->bssid));
5573 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid);
5576 wpa_printf(MSG_DEBUG, " * freq=%d", params->freq);
5577 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, params->freq);
5578 drv->assoc_freq = params->freq;
5580 drv->assoc_freq = 0;
5582 wpa_hexdump_ascii(MSG_DEBUG, " * SSID",
5583 params->ssid, params->ssid_len);
5584 NLA_PUT(msg, NL80211_ATTR_SSID, params->ssid_len,
5586 if (params->ssid_len > sizeof(drv->ssid))
5587 goto nla_put_failure;
5588 os_memcpy(drv->ssid, params->ssid, params->ssid_len);
5589 drv->ssid_len = params->ssid_len;
5591 wpa_hexdump(MSG_DEBUG, " * IEs", params->wpa_ie, params->wpa_ie_len);
5593 NLA_PUT(msg, NL80211_ATTR_IE, params->wpa_ie_len,
5596 if (params->pairwise_suite != CIPHER_NONE) {
5599 switch (params->pairwise_suite) {
5601 cipher = WLAN_CIPHER_SUITE_WEP40;
5604 cipher = WLAN_CIPHER_SUITE_WEP104;
5607 cipher = WLAN_CIPHER_SUITE_CCMP;
5611 cipher = WLAN_CIPHER_SUITE_TKIP;
5614 wpa_printf(MSG_DEBUG, " * pairwise=0x%x", cipher);
5615 NLA_PUT_U32(msg, NL80211_ATTR_CIPHER_SUITES_PAIRWISE, cipher);
5618 if (params->group_suite != CIPHER_NONE) {
5621 switch (params->group_suite) {
5623 cipher = WLAN_CIPHER_SUITE_WEP40;
5626 cipher = WLAN_CIPHER_SUITE_WEP104;
5629 cipher = WLAN_CIPHER_SUITE_CCMP;
5633 cipher = WLAN_CIPHER_SUITE_TKIP;
5636 wpa_printf(MSG_DEBUG, " * group=0x%x", cipher);
5637 NLA_PUT_U32(msg, NL80211_ATTR_CIPHER_SUITE_GROUP, cipher);
5640 #ifdef CONFIG_IEEE80211W
5641 if (params->mgmt_frame_protection == MGMT_FRAME_PROTECTION_REQUIRED)
5642 NLA_PUT_U32(msg, NL80211_ATTR_USE_MFP, NL80211_MFP_REQUIRED);
5643 #endif /* CONFIG_IEEE80211W */
5645 NLA_PUT_FLAG(msg, NL80211_ATTR_CONTROL_PORT);
5647 if (params->prev_bssid) {
5648 wpa_printf(MSG_DEBUG, " * prev_bssid=" MACSTR,
5649 MAC2STR(params->prev_bssid));
5650 NLA_PUT(msg, NL80211_ATTR_PREV_BSSID, ETH_ALEN,
5651 params->prev_bssid);
5655 wpa_printf(MSG_DEBUG, " * P2P group");
5657 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
5660 wpa_printf(MSG_DEBUG, "nl80211: MLME command failed: ret=%d "
5661 "(%s)", ret, strerror(-ret));
5662 nl80211_dump_scan(drv);
5663 goto nla_put_failure;
5666 wpa_printf(MSG_DEBUG, "nl80211: Association request send "
5675 static int nl80211_set_mode(struct wpa_driver_nl80211_data *drv,
5676 int ifindex, enum nl80211_iftype mode)
5681 wpa_printf(MSG_DEBUG, "nl80211: Set mode ifindex %d iftype %d (%s)",
5682 ifindex, mode, nl80211_iftype_str(mode));
5684 msg = nlmsg_alloc();
5688 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_INTERFACE);
5689 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifindex);
5690 NLA_PUT_U32(msg, NL80211_ATTR_IFTYPE, mode);
5692 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
5696 wpa_printf(MSG_DEBUG, "nl80211: Failed to set interface %d to mode %d:"
5697 " %d (%s)", ifindex, mode, ret, strerror(-ret));
5702 static int wpa_driver_nl80211_set_mode(struct i802_bss *bss,
5703 enum nl80211_iftype nlmode)
5705 struct wpa_driver_nl80211_data *drv = bss->drv;
5708 int was_ap = is_ap_interface(drv->nlmode);
5710 if (nl80211_set_mode(drv, drv->ifindex, nlmode) == 0) {
5711 drv->nlmode = nlmode;
5716 if (nlmode == drv->nlmode) {
5717 wpa_printf(MSG_DEBUG, "nl80211: Interface already in "
5718 "requested mode - ignore error");
5720 goto done; /* Already in the requested mode */
5723 /* mac80211 doesn't allow mode changes while the device is up, so
5724 * take the device down, try to set the mode again, and bring the
5727 wpa_printf(MSG_DEBUG, "nl80211: Try mode change after setting "
5729 for (i = 0; i < 10; i++) {
5731 res = linux_set_iface_flags(drv->global->ioctl_sock,
5733 if (res == -EACCES || res == -ENODEV)
5736 /* Try to set the mode again while the interface is
5738 ret = nl80211_set_mode(drv, drv->ifindex, nlmode);
5741 res = linux_set_iface_flags(drv->global->ioctl_sock,
5745 else if (ret != -EBUSY)
5748 wpa_printf(MSG_DEBUG, "nl80211: Failed to set "
5750 os_sleep(0, 100000);
5754 wpa_printf(MSG_DEBUG, "nl80211: Mode change succeeded while "
5755 "interface is down");
5756 drv->nlmode = nlmode;
5757 drv->ignore_if_down_event = 1;
5761 if (!ret && is_ap_interface(nlmode)) {
5762 /* Setup additional AP mode functionality if needed */
5763 if (!drv->no_monitor_iface_capab && drv->monitor_ifidx < 0 &&
5764 nl80211_create_monitor_interface(drv) &&
5765 !drv->no_monitor_iface_capab)
5767 } else if (!ret && !is_ap_interface(nlmode)) {
5768 /* Remove additional AP mode functionality */
5769 if (was_ap && drv->no_monitor_iface_capab)
5770 wpa_driver_nl80211_probe_req_report(bss, 0);
5771 nl80211_remove_monitor_interface(drv);
5772 bss->beacon_set = 0;
5775 if (!ret && drv->disable_11b_rates)
5776 nl80211_disable_11b_rates(drv, drv->ifindex, 1);
5779 wpa_printf(MSG_DEBUG, "nl80211: Interface mode change to %d "
5780 "from %d failed", nlmode, drv->nlmode);
5786 static int wpa_driver_nl80211_get_capa(void *priv,
5787 struct wpa_driver_capa *capa)
5789 struct i802_bss *bss = priv;
5790 struct wpa_driver_nl80211_data *drv = bss->drv;
5791 if (!drv->has_capability)
5793 os_memcpy(capa, &drv->capa, sizeof(*capa));
5798 static int wpa_driver_nl80211_set_operstate(void *priv, int state)
5800 struct i802_bss *bss = priv;
5801 struct wpa_driver_nl80211_data *drv = bss->drv;
5803 wpa_printf(MSG_DEBUG, "%s: operstate %d->%d (%s)",
5804 __func__, drv->operstate, state, state ? "UP" : "DORMANT");
5805 drv->operstate = state;
5806 return netlink_send_oper_ifla(drv->global->netlink, drv->ifindex, -1,
5807 state ? IF_OPER_UP : IF_OPER_DORMANT);
5811 static int wpa_driver_nl80211_set_supp_port(void *priv, int authorized)
5813 struct i802_bss *bss = priv;
5814 struct wpa_driver_nl80211_data *drv = bss->drv;
5816 struct nl80211_sta_flag_update upd;
5818 msg = nlmsg_alloc();
5822 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_STATION);
5824 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
5825 if_nametoindex(bss->ifname));
5826 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, drv->bssid);
5828 os_memset(&upd, 0, sizeof(upd));
5829 upd.mask = BIT(NL80211_STA_FLAG_AUTHORIZED);
5831 upd.set = BIT(NL80211_STA_FLAG_AUTHORIZED);
5832 NLA_PUT(msg, NL80211_ATTR_STA_FLAGS2, sizeof(upd), &upd);
5834 return send_and_recv_msgs(drv, msg, NULL, NULL);
5840 /* Set kernel driver on given frequency (MHz) */
5841 static int i802_set_freq(void *priv, struct hostapd_freq_params *freq)
5843 struct i802_bss *bss = priv;
5844 struct wpa_driver_nl80211_data *drv = bss->drv;
5845 return wpa_driver_nl80211_set_freq(drv, freq->freq, freq->ht_enabled,
5846 freq->sec_channel_offset);
5850 #if defined(HOSTAPD) || defined(CONFIG_AP)
5852 static inline int min_int(int a, int b)
5860 static int get_key_handler(struct nl_msg *msg, void *arg)
5862 struct nlattr *tb[NL80211_ATTR_MAX + 1];
5863 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
5865 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
5866 genlmsg_attrlen(gnlh, 0), NULL);
5869 * TODO: validate the key index and mac address!
5870 * Otherwise, there's a race condition as soon as
5871 * the kernel starts sending key notifications.
5874 if (tb[NL80211_ATTR_KEY_SEQ])
5875 memcpy(arg, nla_data(tb[NL80211_ATTR_KEY_SEQ]),
5876 min_int(nla_len(tb[NL80211_ATTR_KEY_SEQ]), 6));
5881 static int i802_get_seqnum(const char *iface, void *priv, const u8 *addr,
5884 struct i802_bss *bss = priv;
5885 struct wpa_driver_nl80211_data *drv = bss->drv;
5888 msg = nlmsg_alloc();
5892 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_KEY);
5895 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
5896 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, idx);
5897 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(iface));
5901 return send_and_recv_msgs(drv, msg, get_key_handler, seq);
5907 static int i802_set_rate_sets(void *priv, int *supp_rates, int *basic_rates,
5910 struct i802_bss *bss = priv;
5911 struct wpa_driver_nl80211_data *drv = bss->drv;
5913 u8 rates[NL80211_MAX_SUPP_RATES];
5917 msg = nlmsg_alloc();
5921 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_BSS);
5923 for (i = 0; i < NL80211_MAX_SUPP_RATES && basic_rates[i] >= 0; i++)
5924 rates[rates_len++] = basic_rates[i] / 5;
5926 NLA_PUT(msg, NL80211_ATTR_BSS_BASIC_RATES, rates_len, rates);
5928 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(bss->ifname));
5930 return send_and_recv_msgs(drv, msg, NULL, NULL);
5936 static int i802_set_rts(void *priv, int rts)
5938 struct i802_bss *bss = priv;
5939 struct wpa_driver_nl80211_data *drv = bss->drv;
5944 msg = nlmsg_alloc();
5953 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_WIPHY);
5954 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
5955 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_RTS_THRESHOLD, val);
5957 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
5961 wpa_printf(MSG_DEBUG, "nl80211: Failed to set RTS threshold %d: "
5962 "%d (%s)", rts, ret, strerror(-ret));
5967 static int i802_set_frag(void *priv, int frag)
5969 struct i802_bss *bss = priv;
5970 struct wpa_driver_nl80211_data *drv = bss->drv;
5975 msg = nlmsg_alloc();
5984 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_WIPHY);
5985 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
5986 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FRAG_THRESHOLD, val);
5988 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
5992 wpa_printf(MSG_DEBUG, "nl80211: Failed to set fragmentation threshold "
5993 "%d: %d (%s)", frag, ret, strerror(-ret));
5998 static int i802_flush(void *priv)
6000 struct i802_bss *bss = priv;
6001 struct wpa_driver_nl80211_data *drv = bss->drv;
6004 msg = nlmsg_alloc();
6008 nl80211_cmd(drv, msg, 0, NL80211_CMD_DEL_STATION);
6011 * XXX: FIX! this needs to flush all VLANs too
6013 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
6014 if_nametoindex(bss->ifname));
6016 return send_and_recv_msgs(drv, msg, NULL, NULL);
6022 static int get_sta_handler(struct nl_msg *msg, void *arg)
6024 struct nlattr *tb[NL80211_ATTR_MAX + 1];
6025 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
6026 struct hostap_sta_driver_data *data = arg;
6027 struct nlattr *stats[NL80211_STA_INFO_MAX + 1];
6028 static struct nla_policy stats_policy[NL80211_STA_INFO_MAX + 1] = {
6029 [NL80211_STA_INFO_INACTIVE_TIME] = { .type = NLA_U32 },
6030 [NL80211_STA_INFO_RX_BYTES] = { .type = NLA_U32 },
6031 [NL80211_STA_INFO_TX_BYTES] = { .type = NLA_U32 },
6032 [NL80211_STA_INFO_RX_PACKETS] = { .type = NLA_U32 },
6033 [NL80211_STA_INFO_TX_PACKETS] = { .type = NLA_U32 },
6036 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
6037 genlmsg_attrlen(gnlh, 0), NULL);
6040 * TODO: validate the interface and mac address!
6041 * Otherwise, there's a race condition as soon as
6042 * the kernel starts sending station notifications.
6045 if (!tb[NL80211_ATTR_STA_INFO]) {
6046 wpa_printf(MSG_DEBUG, "sta stats missing!");
6049 if (nla_parse_nested(stats, NL80211_STA_INFO_MAX,
6050 tb[NL80211_ATTR_STA_INFO],
6052 wpa_printf(MSG_DEBUG, "failed to parse nested attributes!");
6056 if (stats[NL80211_STA_INFO_INACTIVE_TIME])
6057 data->inactive_msec =
6058 nla_get_u32(stats[NL80211_STA_INFO_INACTIVE_TIME]);
6059 if (stats[NL80211_STA_INFO_RX_BYTES])
6060 data->rx_bytes = nla_get_u32(stats[NL80211_STA_INFO_RX_BYTES]);
6061 if (stats[NL80211_STA_INFO_TX_BYTES])
6062 data->tx_bytes = nla_get_u32(stats[NL80211_STA_INFO_TX_BYTES]);
6063 if (stats[NL80211_STA_INFO_RX_PACKETS])
6065 nla_get_u32(stats[NL80211_STA_INFO_RX_PACKETS]);
6066 if (stats[NL80211_STA_INFO_TX_PACKETS])
6068 nla_get_u32(stats[NL80211_STA_INFO_TX_PACKETS]);
6073 static int i802_read_sta_data(void *priv, struct hostap_sta_driver_data *data,
6076 struct i802_bss *bss = priv;
6077 struct wpa_driver_nl80211_data *drv = bss->drv;
6080 os_memset(data, 0, sizeof(*data));
6081 msg = nlmsg_alloc();
6085 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_STATION);
6087 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
6088 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(bss->ifname));
6090 return send_and_recv_msgs(drv, msg, get_sta_handler, data);
6096 static int i802_set_tx_queue_params(void *priv, int queue, int aifs,
6097 int cw_min, int cw_max, int burst_time)
6099 struct i802_bss *bss = priv;
6100 struct wpa_driver_nl80211_data *drv = bss->drv;
6102 struct nlattr *txq, *params;
6104 msg = nlmsg_alloc();
6108 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_WIPHY);
6110 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(bss->ifname));
6112 txq = nla_nest_start(msg, NL80211_ATTR_WIPHY_TXQ_PARAMS);
6114 goto nla_put_failure;
6116 /* We are only sending parameters for a single TXQ at a time */
6117 params = nla_nest_start(msg, 1);
6119 goto nla_put_failure;
6123 NLA_PUT_U8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_VO);
6126 NLA_PUT_U8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_VI);
6129 NLA_PUT_U8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_BE);
6132 NLA_PUT_U8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_BK);
6135 /* Burst time is configured in units of 0.1 msec and TXOP parameter in
6136 * 32 usec, so need to convert the value here. */
6137 NLA_PUT_U16(msg, NL80211_TXQ_ATTR_TXOP, (burst_time * 100 + 16) / 32);
6138 NLA_PUT_U16(msg, NL80211_TXQ_ATTR_CWMIN, cw_min);
6139 NLA_PUT_U16(msg, NL80211_TXQ_ATTR_CWMAX, cw_max);
6140 NLA_PUT_U8(msg, NL80211_TXQ_ATTR_AIFS, aifs);
6142 nla_nest_end(msg, params);
6144 nla_nest_end(msg, txq);
6146 if (send_and_recv_msgs(drv, msg, NULL, NULL) == 0)
6153 static int i802_set_sta_vlan(void *priv, const u8 *addr,
6154 const char *ifname, int vlan_id)
6156 struct i802_bss *bss = priv;
6157 struct wpa_driver_nl80211_data *drv = bss->drv;
6161 msg = nlmsg_alloc();
6165 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_STATION);
6167 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
6168 if_nametoindex(bss->ifname));
6169 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
6170 NLA_PUT_U32(msg, NL80211_ATTR_STA_VLAN,
6171 if_nametoindex(ifname));
6173 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
6175 wpa_printf(MSG_ERROR, "nl80211: NL80211_ATTR_STA_VLAN (addr="
6176 MACSTR " ifname=%s vlan_id=%d) failed: %d (%s)",
6177 MAC2STR(addr), ifname, vlan_id, ret,
6185 static int i802_get_inact_sec(void *priv, const u8 *addr)
6187 struct hostap_sta_driver_data data;
6190 data.inactive_msec = (unsigned long) -1;
6191 ret = i802_read_sta_data(priv, &data, addr);
6192 if (ret || data.inactive_msec == (unsigned long) -1)
6194 return data.inactive_msec / 1000;
6198 static int i802_sta_clear_stats(void *priv, const u8 *addr)
6207 static int i802_sta_deauth(void *priv, const u8 *own_addr, const u8 *addr,
6210 struct i802_bss *bss = priv;
6211 struct ieee80211_mgmt mgmt;
6213 memset(&mgmt, 0, sizeof(mgmt));
6214 mgmt.frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT,
6215 WLAN_FC_STYPE_DEAUTH);
6216 memcpy(mgmt.da, addr, ETH_ALEN);
6217 memcpy(mgmt.sa, own_addr, ETH_ALEN);
6218 memcpy(mgmt.bssid, own_addr, ETH_ALEN);
6219 mgmt.u.deauth.reason_code = host_to_le16(reason);
6220 return wpa_driver_nl80211_send_mlme(bss, (u8 *) &mgmt,
6222 sizeof(mgmt.u.deauth));
6226 static int i802_sta_disassoc(void *priv, const u8 *own_addr, const u8 *addr,
6229 struct i802_bss *bss = priv;
6230 struct ieee80211_mgmt mgmt;
6232 memset(&mgmt, 0, sizeof(mgmt));
6233 mgmt.frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT,
6234 WLAN_FC_STYPE_DISASSOC);
6235 memcpy(mgmt.da, addr, ETH_ALEN);
6236 memcpy(mgmt.sa, own_addr, ETH_ALEN);
6237 memcpy(mgmt.bssid, own_addr, ETH_ALEN);
6238 mgmt.u.disassoc.reason_code = host_to_le16(reason);
6239 return wpa_driver_nl80211_send_mlme(bss, (u8 *) &mgmt,
6241 sizeof(mgmt.u.disassoc));
6244 #endif /* HOSTAPD || CONFIG_AP */
6248 static void add_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx)
6253 wpa_printf(MSG_DEBUG, "nl80211: Add own interface ifindex %d",
6255 for (i = 0; i < drv->num_if_indices; i++) {
6256 if (drv->if_indices[i] == 0) {
6257 drv->if_indices[i] = ifidx;
6262 if (drv->if_indices != drv->default_if_indices)
6263 old = drv->if_indices;
6267 drv->if_indices = os_realloc(old,
6268 sizeof(int) * (drv->num_if_indices + 1));
6269 if (!drv->if_indices) {
6271 drv->if_indices = drv->default_if_indices;
6273 drv->if_indices = old;
6274 wpa_printf(MSG_ERROR, "Failed to reallocate memory for "
6276 wpa_printf(MSG_ERROR, "Ignoring EAPOL on interface %d", ifidx);
6279 os_memcpy(drv->if_indices, drv->default_if_indices,
6280 sizeof(drv->default_if_indices));
6281 drv->if_indices[drv->num_if_indices] = ifidx;
6282 drv->num_if_indices++;
6286 static void del_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx)
6290 for (i = 0; i < drv->num_if_indices; i++) {
6291 if (drv->if_indices[i] == ifidx) {
6292 drv->if_indices[i] = 0;
6299 static int have_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx)
6303 for (i = 0; i < drv->num_if_indices; i++)
6304 if (drv->if_indices[i] == ifidx)
6311 static int i802_set_wds_sta(void *priv, const u8 *addr, int aid, int val,
6312 const char *bridge_ifname)
6314 struct i802_bss *bss = priv;
6315 struct wpa_driver_nl80211_data *drv = bss->drv;
6316 char name[IFNAMSIZ + 1];
6318 os_snprintf(name, sizeof(name), "%s.sta%d", bss->ifname, aid);
6319 wpa_printf(MSG_DEBUG, "nl80211: Set WDS STA addr=" MACSTR
6320 " aid=%d val=%d name=%s", MAC2STR(addr), aid, val, name);
6322 if (!if_nametoindex(name)) {
6323 if (nl80211_create_iface(drv, name,
6324 NL80211_IFTYPE_AP_VLAN,
6327 if (bridge_ifname &&
6328 linux_br_add_if(drv->global->ioctl_sock,
6329 bridge_ifname, name) < 0)
6332 linux_set_iface_flags(drv->global->ioctl_sock, name, 1);
6333 return i802_set_sta_vlan(priv, addr, name, 0);
6335 i802_set_sta_vlan(priv, addr, bss->ifname, 0);
6336 return wpa_driver_nl80211_if_remove(priv, WPA_IF_AP_VLAN,
6342 static void handle_eapol(int sock, void *eloop_ctx, void *sock_ctx)
6344 struct wpa_driver_nl80211_data *drv = eloop_ctx;
6345 struct sockaddr_ll lladdr;
6346 unsigned char buf[3000];
6348 socklen_t fromlen = sizeof(lladdr);
6350 len = recvfrom(sock, buf, sizeof(buf), 0,
6351 (struct sockaddr *)&lladdr, &fromlen);
6357 if (have_ifidx(drv, lladdr.sll_ifindex))
6358 drv_event_eapol_rx(drv->ctx, lladdr.sll_addr, buf, len);
6362 static int i802_check_bridge(struct wpa_driver_nl80211_data *drv,
6363 struct i802_bss *bss,
6364 const char *brname, const char *ifname)
6367 char in_br[IFNAMSIZ];
6369 os_strlcpy(bss->brname, brname, IFNAMSIZ);
6370 ifindex = if_nametoindex(brname);
6373 * Bridge was configured, but the bridge device does
6374 * not exist. Try to add it now.
6376 if (linux_br_add(drv->global->ioctl_sock, brname) < 0) {
6377 wpa_printf(MSG_ERROR, "nl80211: Failed to add the "
6378 "bridge interface %s: %s",
6379 brname, strerror(errno));
6382 bss->added_bridge = 1;
6383 add_ifidx(drv, if_nametoindex(brname));
6386 if (linux_br_get(in_br, ifname) == 0) {
6387 if (os_strcmp(in_br, brname) == 0)
6388 return 0; /* already in the bridge */
6390 wpa_printf(MSG_DEBUG, "nl80211: Removing interface %s from "
6391 "bridge %s", ifname, in_br);
6392 if (linux_br_del_if(drv->global->ioctl_sock, in_br, ifname) <
6394 wpa_printf(MSG_ERROR, "nl80211: Failed to "
6395 "remove interface %s from bridge "
6397 ifname, brname, strerror(errno));
6402 wpa_printf(MSG_DEBUG, "nl80211: Adding interface %s into bridge %s",
6404 if (linux_br_add_if(drv->global->ioctl_sock, brname, ifname) < 0) {
6405 wpa_printf(MSG_ERROR, "nl80211: Failed to add interface %s "
6406 "into bridge %s: %s",
6407 ifname, brname, strerror(errno));
6410 bss->added_if_into_bridge = 1;
6416 static void *i802_init(struct hostapd_data *hapd,
6417 struct wpa_init_params *params)
6419 struct wpa_driver_nl80211_data *drv;
6420 struct i802_bss *bss;
6422 char brname[IFNAMSIZ];
6423 int ifindex, br_ifindex;
6426 bss = wpa_driver_nl80211_init(hapd, params->ifname,
6427 params->global_priv);
6432 drv->nlmode = NL80211_IFTYPE_AP;
6433 drv->eapol_sock = -1;
6435 if (linux_br_get(brname, params->ifname) == 0) {
6436 wpa_printf(MSG_DEBUG, "nl80211: Interface %s is in bridge %s",
6437 params->ifname, brname);
6438 br_ifindex = if_nametoindex(brname);
6444 drv->num_if_indices = sizeof(drv->default_if_indices) / sizeof(int);
6445 drv->if_indices = drv->default_if_indices;
6446 for (i = 0; i < params->num_bridge; i++) {
6447 if (params->bridge[i]) {
6448 ifindex = if_nametoindex(params->bridge[i]);
6450 add_ifidx(drv, ifindex);
6451 if (ifindex == br_ifindex)
6455 if (!br_added && br_ifindex &&
6456 (params->num_bridge == 0 || !params->bridge[0]))
6457 add_ifidx(drv, br_ifindex);
6459 /* start listening for EAPOL on the default AP interface */
6460 add_ifidx(drv, drv->ifindex);
6462 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 0))
6465 if (params->bssid) {
6466 if (linux_set_ifhwaddr(drv->global->ioctl_sock, bss->ifname,
6471 if (wpa_driver_nl80211_set_mode(bss, drv->nlmode)) {
6472 wpa_printf(MSG_ERROR, "nl80211: Failed to set interface %s "
6473 "into AP mode", bss->ifname);
6477 if (params->num_bridge && params->bridge[0] &&
6478 i802_check_bridge(drv, bss, params->bridge[0], params->ifname) < 0)
6481 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 1))
6484 drv->eapol_sock = socket(PF_PACKET, SOCK_DGRAM, htons(ETH_P_PAE));
6485 if (drv->eapol_sock < 0) {
6486 perror("socket(PF_PACKET, SOCK_DGRAM, ETH_P_PAE)");
6490 if (eloop_register_read_sock(drv->eapol_sock, handle_eapol, drv, NULL))
6492 printf("Could not register read socket for eapol\n");
6496 if (linux_get_ifhwaddr(drv->global->ioctl_sock, bss->ifname,
6503 wpa_driver_nl80211_deinit(bss);
6508 static void i802_deinit(void *priv)
6510 wpa_driver_nl80211_deinit(priv);
6513 #endif /* HOSTAPD */
6516 static enum nl80211_iftype wpa_driver_nl80211_if_type(
6517 enum wpa_driver_if_type type)
6520 case WPA_IF_STATION:
6521 return NL80211_IFTYPE_STATION;
6522 case WPA_IF_P2P_CLIENT:
6523 case WPA_IF_P2P_GROUP:
6524 return NL80211_IFTYPE_P2P_CLIENT;
6525 case WPA_IF_AP_VLAN:
6526 return NL80211_IFTYPE_AP_VLAN;
6528 return NL80211_IFTYPE_AP;
6530 return NL80211_IFTYPE_P2P_GO;
6538 static int nl80211_addr_in_use(struct nl80211_global *global, const u8 *addr)
6540 struct wpa_driver_nl80211_data *drv;
6541 dl_list_for_each(drv, &global->interfaces,
6542 struct wpa_driver_nl80211_data, list) {
6543 if (os_memcmp(addr, drv->addr, ETH_ALEN) == 0)
6550 static int nl80211_p2p_interface_addr(struct wpa_driver_nl80211_data *drv,
6558 os_memcpy(new_addr, drv->addr, ETH_ALEN);
6559 for (idx = 0; idx < 64; idx++) {
6560 new_addr[0] = drv->addr[0] | 0x02;
6561 new_addr[0] ^= idx << 2;
6562 if (!nl80211_addr_in_use(drv->global, new_addr))
6568 wpa_printf(MSG_DEBUG, "nl80211: Assigned new P2P Interface Address "
6569 MACSTR, MAC2STR(new_addr));
6574 #endif /* CONFIG_P2P */
6577 static int wpa_driver_nl80211_if_add(void *priv, enum wpa_driver_if_type type,
6578 const char *ifname, const u8 *addr,
6579 void *bss_ctx, void **drv_priv,
6580 char *force_ifname, u8 *if_addr,
6583 struct i802_bss *bss = priv;
6584 struct wpa_driver_nl80211_data *drv = bss->drv;
6587 struct i802_bss *new_bss = NULL;
6589 if (type == WPA_IF_AP_BSS) {
6590 new_bss = os_zalloc(sizeof(*new_bss));
6591 if (new_bss == NULL)
6594 #endif /* HOSTAPD */
6597 os_memcpy(if_addr, addr, ETH_ALEN);
6598 ifidx = nl80211_create_iface(drv, ifname,
6599 wpa_driver_nl80211_if_type(type), addr,
6604 #endif /* HOSTAPD */
6609 linux_get_ifhwaddr(drv->global->ioctl_sock, bss->ifname,
6611 nl80211_remove_iface(drv, ifidx);
6617 (type == WPA_IF_P2P_CLIENT || type == WPA_IF_P2P_GROUP ||
6618 type == WPA_IF_P2P_GO)) {
6619 /* Enforce unique P2P Interface Address */
6620 u8 new_addr[ETH_ALEN], own_addr[ETH_ALEN];
6622 if (linux_get_ifhwaddr(drv->global->ioctl_sock, bss->ifname,
6624 linux_get_ifhwaddr(drv->global->ioctl_sock, ifname,
6626 nl80211_remove_iface(drv, ifidx);
6629 if (os_memcmp(own_addr, new_addr, ETH_ALEN) == 0) {
6630 wpa_printf(MSG_DEBUG, "nl80211: Allocate new address "
6631 "for P2P group interface");
6632 if (nl80211_p2p_interface_addr(drv, new_addr) < 0) {
6633 nl80211_remove_iface(drv, ifidx);
6636 if (linux_set_ifhwaddr(drv->global->ioctl_sock, ifname,
6638 nl80211_remove_iface(drv, ifidx);
6642 os_memcpy(if_addr, new_addr, ETH_ALEN);
6644 #endif /* CONFIG_P2P */
6648 i802_check_bridge(drv, new_bss, bridge, ifname) < 0) {
6649 wpa_printf(MSG_ERROR, "nl80211: Failed to add the new "
6650 "interface %s to a bridge %s", ifname, bridge);
6651 nl80211_remove_iface(drv, ifidx);
6656 if (type == WPA_IF_AP_BSS) {
6657 if (linux_set_iface_flags(drv->global->ioctl_sock, ifname, 1))
6659 nl80211_remove_iface(drv, ifidx);
6663 os_strlcpy(new_bss->ifname, ifname, IFNAMSIZ);
6664 new_bss->ifindex = ifidx;
6666 new_bss->next = drv->first_bss.next;
6667 drv->first_bss.next = new_bss;
6669 *drv_priv = new_bss;
6671 #endif /* HOSTAPD */
6674 drv->global->if_add_ifindex = ifidx;
6680 static int wpa_driver_nl80211_if_remove(void *priv,
6681 enum wpa_driver_if_type type,
6684 struct i802_bss *bss = priv;
6685 struct wpa_driver_nl80211_data *drv = bss->drv;
6686 int ifindex = if_nametoindex(ifname);
6688 wpa_printf(MSG_DEBUG, "nl80211: %s(type=%d ifname=%s) ifindex=%d",
6689 __func__, type, ifname, ifindex);
6694 if (bss->added_if_into_bridge) {
6695 if (linux_br_del_if(drv->global->ioctl_sock, bss->brname,
6697 wpa_printf(MSG_INFO, "nl80211: Failed to remove "
6698 "interface %s from bridge %s: %s",
6699 bss->ifname, bss->brname, strerror(errno));
6701 if (bss->added_bridge) {
6702 if (linux_br_del(drv->global->ioctl_sock, bss->brname) < 0)
6703 wpa_printf(MSG_INFO, "nl80211: Failed to remove "
6705 bss->brname, strerror(errno));
6707 #endif /* HOSTAPD */
6709 nl80211_remove_iface(drv, ifindex);
6712 if (type != WPA_IF_AP_BSS)
6715 if (bss != &drv->first_bss) {
6716 struct i802_bss *tbss;
6718 for (tbss = &drv->first_bss; tbss; tbss = tbss->next) {
6719 if (tbss->next == bss) {
6720 tbss->next = bss->next;
6727 wpa_printf(MSG_INFO, "nl80211: %s - could not find "
6728 "BSS %p in the list", __func__, bss);
6730 #endif /* HOSTAPD */
6736 static int cookie_handler(struct nl_msg *msg, void *arg)
6738 struct nlattr *tb[NL80211_ATTR_MAX + 1];
6739 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
6741 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
6742 genlmsg_attrlen(gnlh, 0), NULL);
6743 if (tb[NL80211_ATTR_COOKIE])
6744 *cookie = nla_get_u64(tb[NL80211_ATTR_COOKIE]);
6749 static int nl80211_send_frame_cmd(struct wpa_driver_nl80211_data *drv,
6750 unsigned int freq, unsigned int wait,
6751 const u8 *buf, size_t buf_len,
6752 u64 *cookie_out, int no_cck)
6758 msg = nlmsg_alloc();
6762 nl80211_cmd(drv, msg, 0, NL80211_CMD_FRAME);
6764 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
6765 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, freq);
6767 NLA_PUT_U32(msg, NL80211_ATTR_DURATION, wait);
6768 NLA_PUT_FLAG(msg, NL80211_ATTR_OFFCHANNEL_TX_OK);
6770 NLA_PUT_FLAG(msg, NL80211_ATTR_TX_NO_CCK_RATE);
6772 NLA_PUT(msg, NL80211_ATTR_FRAME, buf_len, buf);
6775 ret = send_and_recv_msgs(drv, msg, cookie_handler, &cookie);
6778 wpa_printf(MSG_DEBUG, "nl80211: Frame command failed: ret=%d "
6779 "(%s) (freq=%u wait=%u)", ret, strerror(-ret),
6781 goto nla_put_failure;
6783 wpa_printf(MSG_DEBUG, "nl80211: Frame TX command accepted; "
6784 "cookie 0x%llx", (long long unsigned int) cookie);
6787 *cookie_out = cookie;
6795 static int wpa_driver_nl80211_send_action(void *priv, unsigned int freq,
6796 unsigned int wait_time,
6797 const u8 *dst, const u8 *src,
6799 const u8 *data, size_t data_len,
6802 struct i802_bss *bss = priv;
6803 struct wpa_driver_nl80211_data *drv = bss->drv;
6806 struct ieee80211_hdr *hdr;
6808 wpa_printf(MSG_DEBUG, "nl80211: Send Action frame (ifindex=%d, "
6809 "wait=%d ms no_cck=%d)", drv->ifindex, wait_time, no_cck);
6811 buf = os_zalloc(24 + data_len);
6814 os_memcpy(buf + 24, data, data_len);
6815 hdr = (struct ieee80211_hdr *) buf;
6816 hdr->frame_control =
6817 IEEE80211_FC(WLAN_FC_TYPE_MGMT, WLAN_FC_STYPE_ACTION);
6818 os_memcpy(hdr->addr1, dst, ETH_ALEN);
6819 os_memcpy(hdr->addr2, src, ETH_ALEN);
6820 os_memcpy(hdr->addr3, bssid, ETH_ALEN);
6822 if (is_ap_interface(drv->nlmode))
6823 ret = wpa_driver_nl80211_send_mlme(priv, buf, 24 + data_len);
6825 ret = nl80211_send_frame_cmd(drv, freq, wait_time, buf,
6827 &drv->send_action_cookie,
6835 static void wpa_driver_nl80211_send_action_cancel_wait(void *priv)
6837 struct i802_bss *bss = priv;
6838 struct wpa_driver_nl80211_data *drv = bss->drv;
6842 msg = nlmsg_alloc();
6846 nl80211_cmd(drv, msg, 0, NL80211_CMD_FRAME_WAIT_CANCEL);
6848 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
6849 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, drv->send_action_cookie);
6851 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
6854 wpa_printf(MSG_DEBUG, "nl80211: wait cancel failed: ret=%d "
6855 "(%s)", ret, strerror(-ret));
6862 static int wpa_driver_nl80211_remain_on_channel(void *priv, unsigned int freq,
6863 unsigned int duration)
6865 struct i802_bss *bss = priv;
6866 struct wpa_driver_nl80211_data *drv = bss->drv;
6871 msg = nlmsg_alloc();
6875 nl80211_cmd(drv, msg, 0, NL80211_CMD_REMAIN_ON_CHANNEL);
6877 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
6878 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, freq);
6879 NLA_PUT_U32(msg, NL80211_ATTR_DURATION, duration);
6882 ret = send_and_recv_msgs(drv, msg, cookie_handler, &cookie);
6884 wpa_printf(MSG_DEBUG, "nl80211: Remain-on-channel cookie "
6885 "0x%llx for freq=%u MHz duration=%u",
6886 (long long unsigned int) cookie, freq, duration);
6887 drv->remain_on_chan_cookie = cookie;
6888 drv->pending_remain_on_chan = 1;
6891 wpa_printf(MSG_DEBUG, "nl80211: Failed to request remain-on-channel "
6892 "(freq=%d duration=%u): %d (%s)",
6893 freq, duration, ret, strerror(-ret));
6899 static int wpa_driver_nl80211_cancel_remain_on_channel(void *priv)
6901 struct i802_bss *bss = priv;
6902 struct wpa_driver_nl80211_data *drv = bss->drv;
6906 if (!drv->pending_remain_on_chan) {
6907 wpa_printf(MSG_DEBUG, "nl80211: No pending remain-on-channel "
6912 wpa_printf(MSG_DEBUG, "nl80211: Cancel remain-on-channel with cookie "
6914 (long long unsigned int) drv->remain_on_chan_cookie);
6916 msg = nlmsg_alloc();
6920 nl80211_cmd(drv, msg, 0, NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL);
6922 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
6923 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, drv->remain_on_chan_cookie);
6925 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
6928 wpa_printf(MSG_DEBUG, "nl80211: Failed to cancel remain-on-channel: "
6929 "%d (%s)", ret, strerror(-ret));
6935 static int wpa_driver_nl80211_probe_req_report(void *priv, int report)
6937 struct i802_bss *bss = priv;
6938 struct wpa_driver_nl80211_data *drv = bss->drv;
6941 if (drv->nl_preq.handle) {
6942 eloop_unregister_read_sock(
6943 nl_socket_get_fd(drv->nl_preq.handle));
6944 nl_destroy_handles(&drv->nl_preq);
6949 if (drv->nl_preq.handle) {
6950 wpa_printf(MSG_DEBUG, "nl80211: Probe Request reporting "
6955 if (nl_create_handles(&drv->nl_preq, drv->global->nl_cb, "preq"))
6958 if (nl80211_register_frame(drv, drv->nl_preq.handle,
6959 (WLAN_FC_TYPE_MGMT << 2) |
6960 (WLAN_FC_STYPE_PROBE_REQ << 4),
6964 eloop_register_read_sock(nl_socket_get_fd(drv->nl_preq.handle),
6965 wpa_driver_nl80211_event_receive, drv,
6966 drv->nl_preq.handle);
6971 nl_destroy_handles(&drv->nl_preq);
6976 static int nl80211_disable_11b_rates(struct wpa_driver_nl80211_data *drv,
6977 int ifindex, int disabled)
6980 struct nlattr *bands, *band;
6983 msg = nlmsg_alloc();
6987 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_TX_BITRATE_MASK);
6988 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifindex);
6990 bands = nla_nest_start(msg, NL80211_ATTR_TX_RATES);
6992 goto nla_put_failure;
6995 * Disable 2 GHz rates 1, 2, 5.5, 11 Mbps by masking out everything
6996 * else apart from 6, 9, 12, 18, 24, 36, 48, 54 Mbps from non-MCS
6997 * rates. All 5 GHz rates are left enabled.
6999 band = nla_nest_start(msg, NL80211_BAND_2GHZ);
7001 goto nla_put_failure;
7003 NLA_PUT(msg, NL80211_TXRATE_LEGACY, 8,
7004 "\x0c\x12\x18\x24\x30\x48\x60\x6c");
7006 nla_nest_end(msg, band);
7008 nla_nest_end(msg, bands);
7010 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
7013 wpa_printf(MSG_DEBUG, "nl80211: Set TX rates failed: ret=%d "
7014 "(%s)", ret, strerror(-ret));
7025 static int wpa_driver_nl80211_disable_11b_rates(void *priv, int disabled)
7027 struct i802_bss *bss = priv;
7028 struct wpa_driver_nl80211_data *drv = bss->drv;
7029 drv->disable_11b_rates = disabled;
7030 return nl80211_disable_11b_rates(drv, drv->ifindex, disabled);
7034 static int wpa_driver_nl80211_deinit_ap(void *priv)
7036 struct i802_bss *bss = priv;
7037 struct wpa_driver_nl80211_data *drv = bss->drv;
7038 if (!is_ap_interface(drv->nlmode))
7040 wpa_driver_nl80211_del_beacon(drv);
7041 return wpa_driver_nl80211_set_mode(priv, NL80211_IFTYPE_STATION);
7045 static void wpa_driver_nl80211_resume(void *priv)
7047 struct i802_bss *bss = priv;
7048 struct wpa_driver_nl80211_data *drv = bss->drv;
7049 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 1)) {
7050 wpa_printf(MSG_DEBUG, "nl80211: Failed to set interface up on "
7056 static int nl80211_send_ft_action(void *priv, u8 action, const u8 *target_ap,
7057 const u8 *ies, size_t ies_len)
7059 struct i802_bss *bss = priv;
7060 struct wpa_driver_nl80211_data *drv = bss->drv;
7064 u8 own_addr[ETH_ALEN];
7066 if (linux_get_ifhwaddr(drv->global->ioctl_sock, bss->ifname,
7071 wpa_printf(MSG_ERROR, "nl80211: Unsupported send_ft_action "
7072 "action %d", action);
7077 * Action frame payload:
7078 * Category[1] = 6 (Fast BSS Transition)
7079 * Action[1] = 1 (Fast BSS Transition Request)
7085 data_len = 2 + 2 * ETH_ALEN + ies_len;
7086 data = os_malloc(data_len);
7090 *pos++ = 0x06; /* FT Action category */
7092 os_memcpy(pos, own_addr, ETH_ALEN);
7094 os_memcpy(pos, target_ap, ETH_ALEN);
7096 os_memcpy(pos, ies, ies_len);
7098 ret = wpa_driver_nl80211_send_action(bss, drv->assoc_freq, 0,
7099 drv->bssid, own_addr, drv->bssid,
7107 static int nl80211_signal_monitor(void *priv, int threshold, int hysteresis)
7109 struct i802_bss *bss = priv;
7110 struct wpa_driver_nl80211_data *drv = bss->drv;
7111 struct nl_msg *msg, *cqm = NULL;
7113 wpa_printf(MSG_DEBUG, "nl80211: Signal monitor threshold=%d "
7114 "hysteresis=%d", threshold, hysteresis);
7116 msg = nlmsg_alloc();
7120 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_CQM);
7122 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, bss->ifindex);
7124 cqm = nlmsg_alloc();
7128 NLA_PUT_U32(cqm, NL80211_ATTR_CQM_RSSI_THOLD, threshold);
7129 NLA_PUT_U32(cqm, NL80211_ATTR_CQM_RSSI_HYST, hysteresis);
7130 nla_put_nested(msg, NL80211_ATTR_CQM, cqm);
7132 if (send_and_recv_msgs(drv, msg, NULL, NULL) == 0)
7144 static int nl80211_signal_poll(void *priv, struct wpa_signal_info *si)
7146 struct i802_bss *bss = priv;
7147 struct wpa_driver_nl80211_data *drv = bss->drv;
7150 os_memset(si, 0, sizeof(*si));
7151 res = nl80211_get_link_signal(drv, si);
7155 return nl80211_get_link_noise(drv, si);
7159 static int nl80211_send_frame(void *priv, const u8 *data, size_t data_len,
7162 struct i802_bss *bss = priv;
7163 struct wpa_driver_nl80211_data *drv = bss->drv;
7164 return wpa_driver_nl80211_send_frame(drv, data, data_len, encrypt);
7168 static int nl80211_set_param(void *priv, const char *param)
7170 wpa_printf(MSG_DEBUG, "nl80211: driver param='%s'", param);
7175 if (os_strstr(param, "use_p2p_group_interface=1")) {
7176 struct i802_bss *bss = priv;
7177 struct wpa_driver_nl80211_data *drv = bss->drv;
7179 wpa_printf(MSG_DEBUG, "nl80211: Use separate P2P group "
7181 drv->capa.flags |= WPA_DRIVER_FLAGS_P2P_CONCURRENT;
7182 drv->capa.flags |= WPA_DRIVER_FLAGS_P2P_MGMT_AND_NON_P2P;
7184 #endif /* CONFIG_P2P */
7190 static void * nl80211_global_init(void)
7192 struct nl80211_global *global;
7193 struct netlink_config *cfg;
7195 global = os_zalloc(sizeof(*global));
7198 global->ioctl_sock = -1;
7199 dl_list_init(&global->interfaces);
7200 global->if_add_ifindex = -1;
7202 cfg = os_zalloc(sizeof(*cfg));
7207 cfg->newlink_cb = wpa_driver_nl80211_event_rtm_newlink;
7208 cfg->dellink_cb = wpa_driver_nl80211_event_rtm_dellink;
7209 global->netlink = netlink_init(cfg);
7210 if (global->netlink == NULL) {
7215 if (wpa_driver_nl80211_init_nl_global(global) < 0)
7218 global->ioctl_sock = socket(PF_INET, SOCK_DGRAM, 0);
7219 if (global->ioctl_sock < 0) {
7220 perror("socket(PF_INET,SOCK_DGRAM)");
7227 nl80211_global_deinit(global);
7232 static void nl80211_global_deinit(void *priv)
7234 struct nl80211_global *global = priv;
7237 if (!dl_list_empty(&global->interfaces)) {
7238 wpa_printf(MSG_ERROR, "nl80211: %u interface(s) remain at "
7239 "nl80211_global_deinit",
7240 dl_list_len(&global->interfaces));
7243 if (global->netlink)
7244 netlink_deinit(global->netlink);
7246 if (global->nl80211)
7247 genl_family_put(global->nl80211);
7248 nl_destroy_handles(&global->nl);
7251 nl_cb_put(global->nl_cb);
7253 if (global->ioctl_sock >= 0)
7254 close(global->ioctl_sock);
7260 static const char * nl80211_get_radio_name(void *priv)
7262 struct i802_bss *bss = priv;
7263 struct wpa_driver_nl80211_data *drv = bss->drv;
7264 return drv->phyname;
7268 static int nl80211_pmkid(struct i802_bss *bss, int cmd, const u8 *bssid,
7273 msg = nlmsg_alloc();
7277 nl80211_cmd(bss->drv, msg, 0, cmd);
7279 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(bss->ifname));
7281 NLA_PUT(msg, NL80211_ATTR_PMKID, 16, pmkid);
7283 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid);
7285 return send_and_recv_msgs(bss->drv, msg, NULL, NULL);
7291 static int nl80211_add_pmkid(void *priv, const u8 *bssid, const u8 *pmkid)
7293 struct i802_bss *bss = priv;
7294 wpa_printf(MSG_DEBUG, "nl80211: Add PMKID for " MACSTR, MAC2STR(bssid));
7295 return nl80211_pmkid(bss, NL80211_CMD_SET_PMKSA, bssid, pmkid);
7299 static int nl80211_remove_pmkid(void *priv, const u8 *bssid, const u8 *pmkid)
7301 struct i802_bss *bss = priv;
7302 wpa_printf(MSG_DEBUG, "nl80211: Delete PMKID for " MACSTR,
7304 return nl80211_pmkid(bss, NL80211_CMD_DEL_PMKSA, bssid, pmkid);
7308 static int nl80211_flush_pmkid(void *priv)
7310 struct i802_bss *bss = priv;
7311 wpa_printf(MSG_DEBUG, "nl80211: Flush PMKIDs");
7312 return nl80211_pmkid(bss, NL80211_CMD_FLUSH_PMKSA, NULL, NULL);
7316 static void nl80211_set_rekey_info(void *priv, const u8 *kek, const u8 *kck,
7317 const u8 *replay_ctr)
7319 struct i802_bss *bss = priv;
7320 struct wpa_driver_nl80211_data *drv = bss->drv;
7321 struct nlattr *replay_nested;
7324 msg = nlmsg_alloc();
7328 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_REKEY_OFFLOAD);
7330 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, bss->ifindex);
7332 replay_nested = nla_nest_start(msg, NL80211_ATTR_REKEY_DATA);
7334 goto nla_put_failure;
7336 NLA_PUT(msg, NL80211_REKEY_DATA_KEK, NL80211_KEK_LEN, kek);
7337 NLA_PUT(msg, NL80211_REKEY_DATA_KCK, NL80211_KCK_LEN, kck);
7338 NLA_PUT(msg, NL80211_REKEY_DATA_REPLAY_CTR, NL80211_REPLAY_CTR_LEN,
7341 nla_nest_end(msg, replay_nested);
7343 send_and_recv_msgs(drv, msg, NULL, NULL);
7350 static void nl80211_poll_client(void *priv, const u8 *own_addr, const u8 *addr,
7353 struct i802_bss *bss = priv;
7355 struct ieee80211_hdr hdr;
7357 } STRUCT_PACKED nulldata;
7360 /* Send data frame to poll STA and check whether this frame is ACKed */
7362 os_memset(&nulldata, 0, sizeof(nulldata));
7365 nulldata.hdr.frame_control =
7366 IEEE80211_FC(WLAN_FC_TYPE_DATA,
7367 WLAN_FC_STYPE_QOS_NULL);
7368 size = sizeof(nulldata);
7370 nulldata.hdr.frame_control =
7371 IEEE80211_FC(WLAN_FC_TYPE_DATA,
7372 WLAN_FC_STYPE_NULLFUNC);
7373 size = sizeof(struct ieee80211_hdr);
7376 nulldata.hdr.frame_control |= host_to_le16(WLAN_FC_FROMDS);
7377 os_memcpy(nulldata.hdr.IEEE80211_DA_FROMDS, addr, ETH_ALEN);
7378 os_memcpy(nulldata.hdr.IEEE80211_BSSID_FROMDS, own_addr, ETH_ALEN);
7379 os_memcpy(nulldata.hdr.IEEE80211_SA_FROMDS, own_addr, ETH_ALEN);
7381 if (wpa_driver_nl80211_send_mlme(bss, (u8 *) &nulldata, size) < 0)
7382 wpa_printf(MSG_DEBUG, "nl80211_send_null_frame: Failed to "
7389 static int nl80211_send_tdls_mgmt(void *priv, const u8 *dst, u8 action_code,
7390 u8 dialog_token, u16 status_code,
7391 const u8 *buf, size_t len)
7393 struct i802_bss *bss = priv;
7394 struct wpa_driver_nl80211_data *drv = bss->drv;
7397 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT))
7403 msg = nlmsg_alloc();
7407 nl80211_cmd(drv, msg, 0, NL80211_CMD_TDLS_MGMT);
7408 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
7409 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, dst);
7410 NLA_PUT_U8(msg, NL80211_ATTR_TDLS_ACTION, action_code);
7411 NLA_PUT_U8(msg, NL80211_ATTR_TDLS_DIALOG_TOKEN, dialog_token);
7412 NLA_PUT_U16(msg, NL80211_ATTR_STATUS_CODE, status_code);
7413 NLA_PUT(msg, NL80211_ATTR_IE, len, buf);
7415 return send_and_recv_msgs(drv, msg, NULL, NULL);
7423 static int nl80211_tdls_oper(void *priv, enum tdls_oper oper, const u8 *peer)
7425 struct i802_bss *bss = priv;
7426 struct wpa_driver_nl80211_data *drv = bss->drv;
7428 enum nl80211_tdls_operation nl80211_oper;
7430 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT))
7434 case TDLS_DISCOVERY_REQ:
7435 nl80211_oper = NL80211_TDLS_DISCOVERY_REQ;
7438 nl80211_oper = NL80211_TDLS_SETUP;
7441 nl80211_oper = NL80211_TDLS_TEARDOWN;
7443 case TDLS_ENABLE_LINK:
7444 nl80211_oper = NL80211_TDLS_ENABLE_LINK;
7446 case TDLS_DISABLE_LINK:
7447 nl80211_oper = NL80211_TDLS_DISABLE_LINK;
7457 msg = nlmsg_alloc();
7461 nl80211_cmd(drv, msg, 0, NL80211_CMD_TDLS_OPER);
7462 NLA_PUT_U8(msg, NL80211_ATTR_TDLS_OPERATION, nl80211_oper);
7463 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
7464 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, peer);
7466 return send_and_recv_msgs(drv, msg, NULL, NULL);
7473 #endif /* CONFIG TDLS */
7476 const struct wpa_driver_ops wpa_driver_nl80211_ops = {
7478 .desc = "Linux nl80211/cfg80211",
7479 .get_bssid = wpa_driver_nl80211_get_bssid,
7480 .get_ssid = wpa_driver_nl80211_get_ssid,
7481 .set_key = wpa_driver_nl80211_set_key,
7482 .scan2 = wpa_driver_nl80211_scan,
7483 .sched_scan = wpa_driver_nl80211_sched_scan,
7484 .stop_sched_scan = wpa_driver_nl80211_stop_sched_scan,
7485 .get_scan_results2 = wpa_driver_nl80211_get_scan_results,
7486 .deauthenticate = wpa_driver_nl80211_deauthenticate,
7487 .disassociate = wpa_driver_nl80211_disassociate,
7488 .authenticate = wpa_driver_nl80211_authenticate,
7489 .associate = wpa_driver_nl80211_associate,
7490 .global_init = nl80211_global_init,
7491 .global_deinit = nl80211_global_deinit,
7492 .init2 = wpa_driver_nl80211_init,
7493 .deinit = wpa_driver_nl80211_deinit,
7494 .get_capa = wpa_driver_nl80211_get_capa,
7495 .set_operstate = wpa_driver_nl80211_set_operstate,
7496 .set_supp_port = wpa_driver_nl80211_set_supp_port,
7497 .set_country = wpa_driver_nl80211_set_country,
7498 .set_ap = wpa_driver_nl80211_set_ap,
7499 .if_add = wpa_driver_nl80211_if_add,
7500 .if_remove = wpa_driver_nl80211_if_remove,
7501 .send_mlme = wpa_driver_nl80211_send_mlme,
7502 .get_hw_feature_data = wpa_driver_nl80211_get_hw_feature_data,
7503 .sta_add = wpa_driver_nl80211_sta_add,
7504 .sta_remove = wpa_driver_nl80211_sta_remove,
7505 .hapd_send_eapol = wpa_driver_nl80211_hapd_send_eapol,
7506 .sta_set_flags = wpa_driver_nl80211_sta_set_flags,
7508 .hapd_init = i802_init,
7509 .hapd_deinit = i802_deinit,
7510 .set_wds_sta = i802_set_wds_sta,
7511 #endif /* HOSTAPD */
7512 #if defined(HOSTAPD) || defined(CONFIG_AP)
7513 .get_seqnum = i802_get_seqnum,
7514 .flush = i802_flush,
7515 .read_sta_data = i802_read_sta_data,
7516 .get_inact_sec = i802_get_inact_sec,
7517 .sta_clear_stats = i802_sta_clear_stats,
7518 .set_rts = i802_set_rts,
7519 .set_frag = i802_set_frag,
7520 .set_tx_queue_params = i802_set_tx_queue_params,
7521 .set_sta_vlan = i802_set_sta_vlan,
7522 .set_rate_sets = i802_set_rate_sets,
7523 .sta_deauth = i802_sta_deauth,
7524 .sta_disassoc = i802_sta_disassoc,
7525 #endif /* HOSTAPD || CONFIG_AP */
7526 .set_freq = i802_set_freq,
7527 .send_action = wpa_driver_nl80211_send_action,
7528 .send_action_cancel_wait = wpa_driver_nl80211_send_action_cancel_wait,
7529 .remain_on_channel = wpa_driver_nl80211_remain_on_channel,
7530 .cancel_remain_on_channel =
7531 wpa_driver_nl80211_cancel_remain_on_channel,
7532 .probe_req_report = wpa_driver_nl80211_probe_req_report,
7533 .disable_11b_rates = wpa_driver_nl80211_disable_11b_rates,
7534 .deinit_ap = wpa_driver_nl80211_deinit_ap,
7535 .resume = wpa_driver_nl80211_resume,
7536 .send_ft_action = nl80211_send_ft_action,
7537 .signal_monitor = nl80211_signal_monitor,
7538 .signal_poll = nl80211_signal_poll,
7539 .send_frame = nl80211_send_frame,
7540 .set_param = nl80211_set_param,
7541 .get_radio_name = nl80211_get_radio_name,
7542 .add_pmkid = nl80211_add_pmkid,
7543 .remove_pmkid = nl80211_remove_pmkid,
7544 .flush_pmkid = nl80211_flush_pmkid,
7545 .set_rekey_info = nl80211_set_rekey_info,
7546 .poll_client = nl80211_poll_client,
7548 .send_tdls_mgmt = nl80211_send_tdls_mgmt,
7549 .tdls_oper = nl80211_tdls_oper,
7550 #endif /* CONFIG_TDLS */