2 * Driver interaction with Linux nl80211/cfg80211
3 * Copyright (c) 2002-2010, Jouni Malinen <j@w1.fi>
4 * Copyright (c) 2003-2004, Instant802 Networks, Inc.
5 * Copyright (c) 2005-2006, Devicescape Software, Inc.
6 * Copyright (c) 2007, Johannes Berg <johannes@sipsolutions.net>
7 * Copyright (c) 2009-2010, Atheros Communications
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License version 2 as
11 * published by the Free Software Foundation.
13 * Alternatively, this software may be distributed under the terms of BSD
16 * See README and COPYING for more details.
20 #include <sys/ioctl.h>
22 #include <netlink/genl/genl.h>
23 #include <netlink/genl/family.h>
24 #include <netlink/genl/ctrl.h>
25 #include <netpacket/packet.h>
26 #include <linux/filter.h>
27 #include "nl80211_copy.h"
31 #include "common/ieee802_11_defs.h"
33 #include "linux_ioctl.h"
35 #include "radiotap_iter.h"
39 /* libnl 2.0 compatibility code */
40 #define nl_handle nl_sock
41 #define nl_handle_alloc_cb nl_socket_alloc_cb
42 #define nl_handle_destroy nl_socket_free
43 #endif /* CONFIG_LIBNL20 */
47 #define IFF_LOWER_UP 0x10000 /* driver signals L1 up */
50 #define IFF_DORMANT 0x20000 /* driver signals dormant */
53 #ifndef IF_OPER_DORMANT
54 #define IF_OPER_DORMANT 5
61 struct wpa_driver_nl80211_data *drv;
62 struct i802_bss *next;
64 char ifname[IFNAMSIZ + 1];
65 unsigned int beacon_set:1;
68 struct wpa_driver_nl80211_data {
70 struct netlink_data *netlink;
71 int ioctl_sock; /* socket for ioctl() use */
72 char brname[IFNAMSIZ];
75 struct wpa_driver_capa capa;
80 int scan_complete_events;
82 struct nl_handle *nl_handle;
83 struct nl_handle *nl_handle_event;
84 struct nl_cache *nl_cache;
85 struct nl_cache *nl_cache_event;
87 struct genl_family *nl80211;
89 u8 auth_bssid[ETH_ALEN];
95 int ap_scan_as_station;
96 unsigned int assoc_freq;
100 int probe_req_report;
101 int disable_11b_rates;
103 unsigned int pending_remain_on_chan:1;
104 unsigned int pending_send_action:1;
105 unsigned int added_bridge:1;
106 unsigned int added_if_into_bridge:1;
108 u64 remain_on_chan_cookie;
109 u64 send_action_cookie;
111 struct wpa_driver_scan_filter *filter_ssids;
112 size_t num_filter_ssids;
114 struct i802_bss first_bss;
117 int eapol_sock; /* socket for EAPOL frames */
119 int default_if_indices[16];
129 static void wpa_driver_nl80211_scan_timeout(void *eloop_ctx,
131 static int wpa_driver_nl80211_set_mode(void *priv, int mode);
133 wpa_driver_nl80211_finish_drv_init(struct wpa_driver_nl80211_data *drv);
134 static int wpa_driver_nl80211_mlme(struct wpa_driver_nl80211_data *drv,
135 const u8 *addr, int cmd, u16 reason_code);
136 static void nl80211_remove_monitor_interface(
137 struct wpa_driver_nl80211_data *drv);
140 static void add_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx);
141 static void del_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx);
142 static int i802_set_freq(void *priv, struct hostapd_freq_params *freq);
143 static int wpa_driver_nl80211_if_remove(void *priv,
144 enum wpa_driver_if_type type,
148 static void wpa_driver_nl80211_probe_req_report_timeout(void *eloop_ctx,
150 static int nl80211_disable_11b_rates(struct wpa_driver_nl80211_data *drv,
151 int ifindex, int disabled);
155 static int ack_handler(struct nl_msg *msg, void *arg)
162 static int finish_handler(struct nl_msg *msg, void *arg)
169 static int error_handler(struct sockaddr_nl *nla, struct nlmsgerr *err,
178 static int no_seq_check(struct nl_msg *msg, void *arg)
184 static int send_and_recv(struct wpa_driver_nl80211_data *drv,
185 struct nl_handle *nl_handle, struct nl_msg *msg,
186 int (*valid_handler)(struct nl_msg *, void *),
192 cb = nl_cb_clone(drv->nl_cb);
196 err = nl_send_auto_complete(nl_handle, msg);
202 nl_cb_err(cb, NL_CB_CUSTOM, error_handler, &err);
203 nl_cb_set(cb, NL_CB_FINISH, NL_CB_CUSTOM, finish_handler, &err);
204 nl_cb_set(cb, NL_CB_ACK, NL_CB_CUSTOM, ack_handler, &err);
207 nl_cb_set(cb, NL_CB_VALID, NL_CB_CUSTOM,
208 valid_handler, valid_data);
211 nl_recvmsgs(nl_handle, cb);
219 static int send_and_recv_msgs(struct wpa_driver_nl80211_data *drv,
221 int (*valid_handler)(struct nl_msg *, void *),
224 return send_and_recv(drv, drv->nl_handle, msg, valid_handler,
235 static int family_handler(struct nl_msg *msg, void *arg)
237 struct family_data *res = arg;
238 struct nlattr *tb[CTRL_ATTR_MAX + 1];
239 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
240 struct nlattr *mcgrp;
243 nla_parse(tb, CTRL_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
244 genlmsg_attrlen(gnlh, 0), NULL);
245 if (!tb[CTRL_ATTR_MCAST_GROUPS])
248 nla_for_each_nested(mcgrp, tb[CTRL_ATTR_MCAST_GROUPS], i) {
249 struct nlattr *tb2[CTRL_ATTR_MCAST_GRP_MAX + 1];
250 nla_parse(tb2, CTRL_ATTR_MCAST_GRP_MAX, nla_data(mcgrp),
251 nla_len(mcgrp), NULL);
252 if (!tb2[CTRL_ATTR_MCAST_GRP_NAME] ||
253 !tb2[CTRL_ATTR_MCAST_GRP_ID] ||
254 os_strncmp(nla_data(tb2[CTRL_ATTR_MCAST_GRP_NAME]),
256 nla_len(tb2[CTRL_ATTR_MCAST_GRP_NAME])) != 0)
258 res->id = nla_get_u32(tb2[CTRL_ATTR_MCAST_GRP_ID]);
266 static int nl_get_multicast_id(struct wpa_driver_nl80211_data *drv,
267 const char *family, const char *group)
271 struct family_data res = { group, -ENOENT };
276 genlmsg_put(msg, 0, 0, genl_ctrl_resolve(drv->nl_handle, "nlctrl"),
277 0, 0, CTRL_CMD_GETFAMILY, 0);
278 NLA_PUT_STRING(msg, CTRL_ATTR_FAMILY_NAME, family);
280 ret = send_and_recv_msgs(drv, msg, family_handler, &res);
291 static int wpa_driver_nl80211_get_bssid(void *priv, u8 *bssid)
293 struct i802_bss *bss = priv;
294 struct wpa_driver_nl80211_data *drv = bss->drv;
295 if (!drv->associated)
297 os_memcpy(bssid, drv->bssid, ETH_ALEN);
302 static int wpa_driver_nl80211_get_ssid(void *priv, u8 *ssid)
304 struct i802_bss *bss = priv;
305 struct wpa_driver_nl80211_data *drv = bss->drv;
306 if (!drv->associated)
308 os_memcpy(ssid, drv->ssid, drv->ssid_len);
309 return drv->ssid_len;
313 static void wpa_driver_nl80211_event_link(struct wpa_driver_nl80211_data *drv,
314 char *buf, size_t len, int del)
316 union wpa_event_data event;
318 os_memset(&event, 0, sizeof(event));
319 if (len > sizeof(event.interface_status.ifname))
320 len = sizeof(event.interface_status.ifname) - 1;
321 os_memcpy(event.interface_status.ifname, buf, len);
322 event.interface_status.ievent = del ? EVENT_INTERFACE_REMOVED :
323 EVENT_INTERFACE_ADDED;
325 wpa_printf(MSG_DEBUG, "RTM_%sLINK, IFLA_IFNAME: Interface '%s' %s",
327 event.interface_status.ifname,
328 del ? "removed" : "added");
330 if (os_strcmp(drv->first_bss.ifname, event.interface_status.ifname) == 0) {
337 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_STATUS, &event);
341 static int wpa_driver_nl80211_own_ifname(struct wpa_driver_nl80211_data *drv,
344 int attrlen, rta_len;
348 attr = (struct rtattr *) buf;
350 rta_len = RTA_ALIGN(sizeof(struct rtattr));
351 while (RTA_OK(attr, attrlen)) {
352 if (attr->rta_type == IFLA_IFNAME) {
353 if (os_strcmp(((char *) attr) + rta_len, drv->first_bss.ifname)
359 attr = RTA_NEXT(attr, attrlen);
366 static int wpa_driver_nl80211_own_ifindex(struct wpa_driver_nl80211_data *drv,
367 int ifindex, u8 *buf, size_t len)
369 if (drv->ifindex == ifindex)
372 if (drv->if_removed && wpa_driver_nl80211_own_ifname(drv, buf, len)) {
373 drv->first_bss.ifindex = if_nametoindex(drv->first_bss.ifname);
374 wpa_printf(MSG_DEBUG, "nl80211: Update ifindex for a removed "
376 wpa_driver_nl80211_finish_drv_init(drv);
384 static void wpa_driver_nl80211_event_rtm_newlink(void *ctx,
385 struct ifinfomsg *ifi,
388 struct wpa_driver_nl80211_data *drv = ctx;
389 int attrlen, rta_len;
392 if (!wpa_driver_nl80211_own_ifindex(drv, ifi->ifi_index, buf, len)) {
393 wpa_printf(MSG_DEBUG, "Ignore event for foreign ifindex %d",
398 wpa_printf(MSG_DEBUG, "RTM_NEWLINK: operstate=%d ifi_flags=0x%x "
400 drv->operstate, ifi->ifi_flags,
401 (ifi->ifi_flags & IFF_UP) ? "[UP]" : "",
402 (ifi->ifi_flags & IFF_RUNNING) ? "[RUNNING]" : "",
403 (ifi->ifi_flags & IFF_LOWER_UP) ? "[LOWER_UP]" : "",
404 (ifi->ifi_flags & IFF_DORMANT) ? "[DORMANT]" : "");
406 * Some drivers send the association event before the operup event--in
407 * this case, lifting operstate in wpa_driver_nl80211_set_operstate()
408 * fails. This will hit us when wpa_supplicant does not need to do
409 * IEEE 802.1X authentication
411 if (drv->operstate == 1 &&
412 (ifi->ifi_flags & (IFF_LOWER_UP | IFF_DORMANT)) == IFF_LOWER_UP &&
413 !(ifi->ifi_flags & IFF_RUNNING))
414 netlink_send_oper_ifla(drv->netlink, drv->ifindex,
418 attr = (struct rtattr *) buf;
419 rta_len = RTA_ALIGN(sizeof(struct rtattr));
420 while (RTA_OK(attr, attrlen)) {
421 if (attr->rta_type == IFLA_IFNAME) {
422 wpa_driver_nl80211_event_link(
424 ((char *) attr) + rta_len,
425 attr->rta_len - rta_len, 0);
427 attr = RTA_NEXT(attr, attrlen);
432 static void wpa_driver_nl80211_event_rtm_dellink(void *ctx,
433 struct ifinfomsg *ifi,
436 struct wpa_driver_nl80211_data *drv = ctx;
437 int attrlen, rta_len;
441 attr = (struct rtattr *) buf;
443 rta_len = RTA_ALIGN(sizeof(struct rtattr));
444 while (RTA_OK(attr, attrlen)) {
445 if (attr->rta_type == IFLA_IFNAME) {
446 wpa_driver_nl80211_event_link(
448 ((char *) attr) + rta_len,
449 attr->rta_len - rta_len, 1);
451 attr = RTA_NEXT(attr, attrlen);
456 static void mlme_event_auth(struct wpa_driver_nl80211_data *drv,
457 const u8 *frame, size_t len)
459 const struct ieee80211_mgmt *mgmt;
460 union wpa_event_data event;
462 mgmt = (const struct ieee80211_mgmt *) frame;
463 if (len < 24 + sizeof(mgmt->u.auth)) {
464 wpa_printf(MSG_DEBUG, "nl80211: Too short association event "
469 os_memcpy(drv->auth_bssid, mgmt->sa, ETH_ALEN);
470 os_memset(&event, 0, sizeof(event));
471 os_memcpy(event.auth.peer, mgmt->sa, ETH_ALEN);
472 event.auth.auth_type = le_to_host16(mgmt->u.auth.auth_alg);
473 event.auth.status_code = le_to_host16(mgmt->u.auth.status_code);
474 if (len > 24 + sizeof(mgmt->u.auth)) {
475 event.auth.ies = mgmt->u.auth.variable;
476 event.auth.ies_len = len - 24 - sizeof(mgmt->u.auth);
479 wpa_supplicant_event(drv->ctx, EVENT_AUTH, &event);
483 static void mlme_event_assoc(struct wpa_driver_nl80211_data *drv,
484 const u8 *frame, size_t len)
486 const struct ieee80211_mgmt *mgmt;
487 union wpa_event_data event;
490 mgmt = (const struct ieee80211_mgmt *) frame;
491 if (len < 24 + sizeof(mgmt->u.assoc_resp)) {
492 wpa_printf(MSG_DEBUG, "nl80211: Too short association event "
497 status = le_to_host16(mgmt->u.assoc_resp.status_code);
498 if (status != WLAN_STATUS_SUCCESS) {
499 os_memset(&event, 0, sizeof(event));
500 if (len > 24 + sizeof(mgmt->u.assoc_resp)) {
501 event.assoc_reject.resp_ies =
502 (u8 *) mgmt->u.assoc_resp.variable;
503 event.assoc_reject.resp_ies_len =
504 len - 24 - sizeof(mgmt->u.assoc_resp);
506 event.assoc_reject.status_code = status;
508 wpa_supplicant_event(drv->ctx, EVENT_ASSOC_REJECT, &event);
513 os_memcpy(drv->bssid, mgmt->sa, ETH_ALEN);
515 os_memset(&event, 0, sizeof(event));
516 if (len > 24 + sizeof(mgmt->u.assoc_resp)) {
517 event.assoc_info.resp_ies = (u8 *) mgmt->u.assoc_resp.variable;
518 event.assoc_info.resp_ies_len =
519 len - 24 - sizeof(mgmt->u.assoc_resp);
522 event.assoc_info.freq = drv->assoc_freq;
524 wpa_supplicant_event(drv->ctx, EVENT_ASSOC, &event);
528 static void mlme_event_connect(struct wpa_driver_nl80211_data *drv,
529 enum nl80211_commands cmd, struct nlattr *status,
530 struct nlattr *addr, struct nlattr *req_ie,
531 struct nlattr *resp_ie)
533 union wpa_event_data event;
535 if (drv->capa.flags & WPA_DRIVER_FLAGS_SME) {
537 * Avoid reporting two association events that would confuse
540 wpa_printf(MSG_DEBUG, "nl80211: Ignore connect event (cmd=%d) "
541 "when using userspace SME", cmd);
545 os_memset(&event, 0, sizeof(event));
546 if (cmd == NL80211_CMD_CONNECT &&
547 nla_get_u16(status) != WLAN_STATUS_SUCCESS) {
549 event.assoc_reject.resp_ies = nla_data(resp_ie);
550 event.assoc_reject.resp_ies_len = nla_len(resp_ie);
552 event.assoc_reject.status_code = nla_get_u16(status);
553 wpa_supplicant_event(drv->ctx, EVENT_ASSOC_REJECT, &event);
559 os_memcpy(drv->bssid, nla_data(addr), ETH_ALEN);
562 event.assoc_info.req_ies = nla_data(req_ie);
563 event.assoc_info.req_ies_len = nla_len(req_ie);
566 event.assoc_info.resp_ies = nla_data(resp_ie);
567 event.assoc_info.resp_ies_len = nla_len(resp_ie);
570 wpa_supplicant_event(drv->ctx, EVENT_ASSOC, &event);
574 static void mlme_timeout_event(struct wpa_driver_nl80211_data *drv,
575 enum nl80211_commands cmd, struct nlattr *addr)
577 union wpa_event_data event;
578 enum wpa_event_type ev;
580 if (nla_len(addr) != ETH_ALEN)
583 wpa_printf(MSG_DEBUG, "nl80211: MLME event %d; timeout with " MACSTR,
584 cmd, MAC2STR((u8 *) nla_data(addr)));
586 if (cmd == NL80211_CMD_AUTHENTICATE)
587 ev = EVENT_AUTH_TIMED_OUT;
588 else if (cmd == NL80211_CMD_ASSOCIATE)
589 ev = EVENT_ASSOC_TIMED_OUT;
593 os_memset(&event, 0, sizeof(event));
594 os_memcpy(event.timeout_event.addr, nla_data(addr), ETH_ALEN);
595 wpa_supplicant_event(drv->ctx, ev, &event);
599 static void mlme_event_action(struct wpa_driver_nl80211_data *drv,
600 struct nlattr *freq, const u8 *frame, size_t len)
602 const struct ieee80211_mgmt *mgmt;
603 union wpa_event_data event;
606 mgmt = (const struct ieee80211_mgmt *) frame;
608 wpa_printf(MSG_DEBUG, "nl80211: Too short action frame");
612 fc = le_to_host16(mgmt->frame_control);
613 stype = WLAN_FC_GET_STYPE(fc);
615 os_memset(&event, 0, sizeof(event));
616 event.rx_action.da = mgmt->da;
617 event.rx_action.sa = mgmt->sa;
618 event.rx_action.bssid = mgmt->bssid;
619 event.rx_action.category = mgmt->u.action.category;
620 event.rx_action.data = &mgmt->u.action.category + 1;
621 event.rx_action.len = frame + len - event.rx_action.data;
623 event.rx_action.freq = nla_get_u32(freq);
624 wpa_supplicant_event(drv->ctx, EVENT_RX_ACTION, &event);
628 static void mlme_event_action_tx_status(struct wpa_driver_nl80211_data *drv,
629 struct nlattr *cookie, const u8 *frame,
630 size_t len, struct nlattr *ack)
632 union wpa_event_data event;
633 const struct ieee80211_hdr *hdr;
640 cookie_val = nla_get_u64(cookie);
641 wpa_printf(MSG_DEBUG, "nl80211: Action TX status: cookie=0%llx%s",
642 (long long unsigned int) cookie_val,
643 cookie_val == drv->send_action_cookie ?
644 " (match)" : " (unknown)");
645 if (cookie_val != drv->send_action_cookie)
648 hdr = (const struct ieee80211_hdr *) frame;
649 fc = le_to_host16(hdr->frame_control);
651 os_memset(&event, 0, sizeof(event));
652 event.tx_status.type = WLAN_FC_GET_TYPE(fc);
653 event.tx_status.stype = WLAN_FC_GET_STYPE(fc);
654 event.tx_status.dst = hdr->addr1;
655 event.tx_status.data = frame;
656 event.tx_status.data_len = len;
657 event.tx_status.ack = ack != NULL;
658 wpa_supplicant_event(drv->ctx, EVENT_TX_STATUS, &event);
662 static void mlme_event(struct wpa_driver_nl80211_data *drv,
663 enum nl80211_commands cmd, struct nlattr *frame,
664 struct nlattr *addr, struct nlattr *timed_out,
665 struct nlattr *freq, struct nlattr *ack,
666 struct nlattr *cookie)
668 if (timed_out && addr) {
669 mlme_timeout_event(drv, cmd, addr);
674 wpa_printf(MSG_DEBUG, "nl80211: MLME event %d without frame "
679 wpa_printf(MSG_DEBUG, "nl80211: MLME event %d", cmd);
680 wpa_hexdump(MSG_MSGDUMP, "nl80211: MLME event frame",
681 nla_data(frame), nla_len(frame));
684 case NL80211_CMD_AUTHENTICATE:
685 mlme_event_auth(drv, nla_data(frame), nla_len(frame));
687 case NL80211_CMD_ASSOCIATE:
688 mlme_event_assoc(drv, nla_data(frame), nla_len(frame));
690 case NL80211_CMD_DEAUTHENTICATE:
692 wpa_supplicant_event(drv->ctx, EVENT_DEAUTH, NULL);
694 case NL80211_CMD_DISASSOCIATE:
696 wpa_supplicant_event(drv->ctx, EVENT_DISASSOC, NULL);
698 case NL80211_CMD_ACTION:
699 mlme_event_action(drv, freq, nla_data(frame), nla_len(frame));
701 case NL80211_CMD_ACTION_TX_STATUS:
702 mlme_event_action_tx_status(drv, cookie, nla_data(frame),
703 nla_len(frame), ack);
711 static void mlme_event_michael_mic_failure(struct wpa_driver_nl80211_data *drv,
714 union wpa_event_data data;
716 wpa_printf(MSG_DEBUG, "nl80211: MLME event Michael MIC failure");
717 os_memset(&data, 0, sizeof(data));
718 if (tb[NL80211_ATTR_MAC]) {
719 wpa_hexdump(MSG_DEBUG, "nl80211: Source MAC address",
720 nla_data(tb[NL80211_ATTR_MAC]),
721 nla_len(tb[NL80211_ATTR_MAC]));
722 data.michael_mic_failure.src = nla_data(tb[NL80211_ATTR_MAC]);
724 if (tb[NL80211_ATTR_KEY_SEQ]) {
725 wpa_hexdump(MSG_DEBUG, "nl80211: TSC",
726 nla_data(tb[NL80211_ATTR_KEY_SEQ]),
727 nla_len(tb[NL80211_ATTR_KEY_SEQ]));
729 if (tb[NL80211_ATTR_KEY_TYPE]) {
730 enum nl80211_key_type key_type =
731 nla_get_u32(tb[NL80211_ATTR_KEY_TYPE]);
732 wpa_printf(MSG_DEBUG, "nl80211: Key Type %d", key_type);
733 if (key_type == NL80211_KEYTYPE_PAIRWISE)
734 data.michael_mic_failure.unicast = 1;
736 data.michael_mic_failure.unicast = 1;
738 if (tb[NL80211_ATTR_KEY_IDX]) {
739 u8 key_id = nla_get_u8(tb[NL80211_ATTR_KEY_IDX]);
740 wpa_printf(MSG_DEBUG, "nl80211: Key Id %d", key_id);
743 wpa_supplicant_event(drv->ctx, EVENT_MICHAEL_MIC_FAILURE, &data);
747 static void mlme_event_join_ibss(struct wpa_driver_nl80211_data *drv,
750 if (tb[NL80211_ATTR_MAC] == NULL) {
751 wpa_printf(MSG_DEBUG, "nl80211: No address in IBSS joined "
755 os_memcpy(drv->bssid, nla_data(tb[NL80211_ATTR_MAC]), ETH_ALEN);
757 wpa_printf(MSG_DEBUG, "nl80211: IBSS " MACSTR " joined",
758 MAC2STR(drv->bssid));
760 wpa_supplicant_event(drv->ctx, EVENT_ASSOC, NULL);
764 static void mlme_event_remain_on_channel(struct wpa_driver_nl80211_data *drv,
765 int cancel_event, struct nlattr *tb[])
767 unsigned int freq, chan_type, duration;
768 union wpa_event_data data;
771 if (tb[NL80211_ATTR_WIPHY_FREQ])
772 freq = nla_get_u32(tb[NL80211_ATTR_WIPHY_FREQ]);
776 if (tb[NL80211_ATTR_WIPHY_CHANNEL_TYPE])
777 chan_type = nla_get_u32(tb[NL80211_ATTR_WIPHY_CHANNEL_TYPE]);
781 if (tb[NL80211_ATTR_DURATION])
782 duration = nla_get_u32(tb[NL80211_ATTR_DURATION]);
786 if (tb[NL80211_ATTR_COOKIE])
787 cookie = nla_get_u64(tb[NL80211_ATTR_COOKIE]);
791 wpa_printf(MSG_DEBUG, "nl80211: Remain-on-channel event (cancel=%d "
792 "freq=%u channel_type=%u duration=%u cookie=0x%llx (%s))",
793 cancel_event, freq, chan_type, duration,
794 (long long unsigned int) cookie,
795 cookie == drv->remain_on_chan_cookie ? "match" : "unknown");
797 if (cookie != drv->remain_on_chan_cookie)
798 return; /* not for us */
800 drv->pending_remain_on_chan = !cancel_event;
802 os_memset(&data, 0, sizeof(data));
803 data.remain_on_channel.freq = freq;
804 data.remain_on_channel.duration = duration;
805 wpa_supplicant_event(drv->ctx, cancel_event ?
806 EVENT_CANCEL_REMAIN_ON_CHANNEL :
807 EVENT_REMAIN_ON_CHANNEL, &data);
811 static void send_scan_event(struct wpa_driver_nl80211_data *drv, int aborted,
814 union wpa_event_data event;
817 struct scan_info *info;
818 #define MAX_REPORT_FREQS 50
819 int freqs[MAX_REPORT_FREQS];
822 os_memset(&event, 0, sizeof(event));
823 info = &event.scan_info;
824 info->aborted = aborted;
826 if (tb[NL80211_ATTR_SCAN_SSIDS]) {
827 nla_for_each_nested(nl, tb[NL80211_ATTR_SCAN_SSIDS], rem) {
828 struct wpa_driver_scan_ssid *s =
829 &info->ssids[info->num_ssids];
830 s->ssid = nla_data(nl);
831 s->ssid_len = nla_len(nl);
833 if (info->num_ssids == WPAS_MAX_SCAN_SSIDS)
837 if (tb[NL80211_ATTR_SCAN_FREQUENCIES]) {
838 nla_for_each_nested(nl, tb[NL80211_ATTR_SCAN_FREQUENCIES], rem)
840 freqs[num_freqs] = nla_get_u32(nl);
842 if (num_freqs == MAX_REPORT_FREQS - 1)
846 info->num_freqs = num_freqs;
848 wpa_supplicant_event(drv->ctx, EVENT_SCAN_RESULTS, &event);
852 static int process_event(struct nl_msg *msg, void *arg)
854 struct wpa_driver_nl80211_data *drv = arg;
855 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
856 struct nlattr *tb[NL80211_ATTR_MAX + 1];
858 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
859 genlmsg_attrlen(gnlh, 0), NULL);
861 if (tb[NL80211_ATTR_IFINDEX]) {
862 int ifindex = nla_get_u32(tb[NL80211_ATTR_IFINDEX]);
863 if (ifindex != drv->ifindex) {
864 wpa_printf(MSG_DEBUG, "nl80211: Ignored event (cmd=%d)"
865 " for foreign interface (ifindex %d)",
871 if (drv->ap_scan_as_station &&
872 (gnlh->cmd == NL80211_CMD_NEW_SCAN_RESULTS ||
873 gnlh->cmd == NL80211_CMD_SCAN_ABORTED)) {
874 wpa_driver_nl80211_set_mode(&drv->first_bss,
876 drv->ap_scan_as_station = 0;
880 case NL80211_CMD_TRIGGER_SCAN:
881 wpa_printf(MSG_DEBUG, "nl80211: Scan trigger");
883 case NL80211_CMD_NEW_SCAN_RESULTS:
884 wpa_printf(MSG_DEBUG, "nl80211: New scan results available");
885 drv->scan_complete_events = 1;
886 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv,
888 send_scan_event(drv, 0, tb);
890 case NL80211_CMD_SCAN_ABORTED:
891 wpa_printf(MSG_DEBUG, "nl80211: Scan aborted");
893 * Need to indicate that scan results are available in order
894 * not to make wpa_supplicant stop its scanning.
896 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv,
898 send_scan_event(drv, 1, tb);
900 case NL80211_CMD_AUTHENTICATE:
901 case NL80211_CMD_ASSOCIATE:
902 case NL80211_CMD_DEAUTHENTICATE:
903 case NL80211_CMD_DISASSOCIATE:
904 case NL80211_CMD_ACTION:
905 case NL80211_CMD_ACTION_TX_STATUS:
906 mlme_event(drv, gnlh->cmd, tb[NL80211_ATTR_FRAME],
907 tb[NL80211_ATTR_MAC], tb[NL80211_ATTR_TIMED_OUT],
908 tb[NL80211_ATTR_WIPHY_FREQ], tb[NL80211_ATTR_ACK],
909 tb[NL80211_ATTR_COOKIE]);
911 case NL80211_CMD_CONNECT:
912 case NL80211_CMD_ROAM:
913 mlme_event_connect(drv, gnlh->cmd,
914 tb[NL80211_ATTR_STATUS_CODE],
915 tb[NL80211_ATTR_MAC],
916 tb[NL80211_ATTR_REQ_IE],
917 tb[NL80211_ATTR_RESP_IE]);
919 case NL80211_CMD_DISCONNECT:
920 if (drv->capa.flags & WPA_DRIVER_FLAGS_SME) {
922 * Avoid reporting two disassociation events that could
923 * confuse the core code.
925 wpa_printf(MSG_DEBUG, "nl80211: Ignore disconnect "
926 "event when using userspace SME");
930 wpa_supplicant_event(drv->ctx, EVENT_DISASSOC, NULL);
932 case NL80211_CMD_MICHAEL_MIC_FAILURE:
933 mlme_event_michael_mic_failure(drv, tb);
935 case NL80211_CMD_JOIN_IBSS:
936 mlme_event_join_ibss(drv, tb);
938 case NL80211_CMD_REMAIN_ON_CHANNEL:
939 mlme_event_remain_on_channel(drv, 0, tb);
941 case NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL:
942 mlme_event_remain_on_channel(drv, 1, tb);
945 wpa_printf(MSG_DEBUG, "nl80211: Ignored unknown event "
946 "(cmd=%d)", gnlh->cmd);
954 static void wpa_driver_nl80211_event_receive(int sock, void *eloop_ctx,
958 struct wpa_driver_nl80211_data *drv = eloop_ctx;
960 wpa_printf(MSG_DEBUG, "nl80211: Event message available");
962 cb = nl_cb_clone(drv->nl_cb);
965 nl_cb_set(cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM, no_seq_check, NULL);
966 nl_cb_set(cb, NL_CB_VALID, NL_CB_CUSTOM, process_event, drv);
967 nl_recvmsgs(drv->nl_handle_event, cb);
973 * wpa_driver_nl80211_set_country - ask nl80211 to set the regulatory domain
974 * @priv: driver_nl80211 private data
975 * @alpha2_arg: country to which to switch to
976 * Returns: 0 on success, -1 on failure
978 * This asks nl80211 to set the regulatory domain for given
979 * country ISO / IEC alpha2.
981 static int wpa_driver_nl80211_set_country(void *priv, const char *alpha2_arg)
983 struct i802_bss *bss = priv;
984 struct wpa_driver_nl80211_data *drv = bss->drv;
992 alpha2[0] = alpha2_arg[0];
993 alpha2[1] = alpha2_arg[1];
996 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
997 0, NL80211_CMD_REQ_SET_REG, 0);
999 NLA_PUT_STRING(msg, NL80211_ATTR_REG_ALPHA2, alpha2);
1000 if (send_and_recv_msgs(drv, msg, NULL, NULL))
1009 struct wiphy_info_data {
1013 int connect_supported;
1017 static int wiphy_info_handler(struct nl_msg *msg, void *arg)
1019 struct nlattr *tb[NL80211_ATTR_MAX + 1];
1020 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
1021 struct wiphy_info_data *info = arg;
1023 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
1024 genlmsg_attrlen(gnlh, 0), NULL);
1026 if (tb[NL80211_ATTR_MAX_NUM_SCAN_SSIDS])
1027 info->max_scan_ssids =
1028 nla_get_u8(tb[NL80211_ATTR_MAX_NUM_SCAN_SSIDS]);
1030 if (tb[NL80211_ATTR_SUPPORTED_IFTYPES]) {
1031 struct nlattr *nl_mode;
1033 nla_for_each_nested(nl_mode,
1034 tb[NL80211_ATTR_SUPPORTED_IFTYPES], i) {
1035 if (nl_mode->nla_type == NL80211_IFTYPE_AP) {
1036 info->ap_supported = 1;
1042 if (tb[NL80211_ATTR_SUPPORTED_COMMANDS]) {
1043 struct nlattr *nl_cmd;
1046 nla_for_each_nested(nl_cmd,
1047 tb[NL80211_ATTR_SUPPORTED_COMMANDS], i) {
1048 u32 cmd = nla_get_u32(nl_cmd);
1049 if (cmd == NL80211_CMD_AUTHENTICATE)
1050 info->auth_supported = 1;
1051 else if (cmd == NL80211_CMD_CONNECT)
1052 info->connect_supported = 1;
1060 static int wpa_driver_nl80211_get_info(struct wpa_driver_nl80211_data *drv,
1061 struct wiphy_info_data *info)
1065 os_memset(info, 0, sizeof(*info));
1066 msg = nlmsg_alloc();
1070 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
1071 0, NL80211_CMD_GET_WIPHY, 0);
1073 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->first_bss.ifindex);
1075 if (send_and_recv_msgs(drv, msg, wiphy_info_handler, info) == 0)
1084 static int wpa_driver_nl80211_capa(struct wpa_driver_nl80211_data *drv)
1086 struct wiphy_info_data info;
1087 if (wpa_driver_nl80211_get_info(drv, &info))
1089 drv->has_capability = 1;
1090 /* For now, assume TKIP, CCMP, WPA, WPA2 are supported */
1091 drv->capa.key_mgmt = WPA_DRIVER_CAPA_KEY_MGMT_WPA |
1092 WPA_DRIVER_CAPA_KEY_MGMT_WPA_PSK |
1093 WPA_DRIVER_CAPA_KEY_MGMT_WPA2 |
1094 WPA_DRIVER_CAPA_KEY_MGMT_WPA2_PSK;
1095 drv->capa.enc = WPA_DRIVER_CAPA_ENC_WEP40 |
1096 WPA_DRIVER_CAPA_ENC_WEP104 |
1097 WPA_DRIVER_CAPA_ENC_TKIP |
1098 WPA_DRIVER_CAPA_ENC_CCMP;
1099 drv->capa.auth = WPA_DRIVER_AUTH_OPEN |
1100 WPA_DRIVER_AUTH_SHARED |
1101 WPA_DRIVER_AUTH_LEAP;
1103 drv->capa.max_scan_ssids = info.max_scan_ssids;
1104 if (info.ap_supported)
1105 drv->capa.flags |= WPA_DRIVER_FLAGS_AP;
1107 if (info.auth_supported)
1108 drv->capa.flags |= WPA_DRIVER_FLAGS_SME;
1109 else if (!info.connect_supported) {
1110 wpa_printf(MSG_INFO, "nl80211: Driver does not support "
1111 "authentication/association or connect commands");
1115 drv->capa.flags |= WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC_DONE;
1119 #endif /* HOSTAPD */
1122 static int wpa_driver_nl80211_init_nl(struct wpa_driver_nl80211_data *drv,
1127 /* Initialize generic netlink and nl80211 */
1129 drv->nl_cb = nl_cb_alloc(NL_CB_DEFAULT);
1130 if (drv->nl_cb == NULL) {
1131 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate netlink "
1136 drv->nl_handle = nl_handle_alloc_cb(drv->nl_cb);
1137 if (drv->nl_handle == NULL) {
1138 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate netlink "
1143 drv->nl_handle_event = nl_handle_alloc_cb(drv->nl_cb);
1144 if (drv->nl_handle_event == NULL) {
1145 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate netlink "
1146 "callbacks (event)");
1150 if (genl_connect(drv->nl_handle)) {
1151 wpa_printf(MSG_ERROR, "nl80211: Failed to connect to generic "
1156 if (genl_connect(drv->nl_handle_event)) {
1157 wpa_printf(MSG_ERROR, "nl80211: Failed to connect to generic "
1162 #ifdef CONFIG_LIBNL20
1163 if (genl_ctrl_alloc_cache(drv->nl_handle, &drv->nl_cache) < 0) {
1164 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate generic "
1168 if (genl_ctrl_alloc_cache(drv->nl_handle_event, &drv->nl_cache_event) <
1170 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate generic "
1171 "netlink cache (event)");
1174 #else /* CONFIG_LIBNL20 */
1175 drv->nl_cache = genl_ctrl_alloc_cache(drv->nl_handle);
1176 if (drv->nl_cache == NULL) {
1177 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate generic "
1181 drv->nl_cache_event = genl_ctrl_alloc_cache(drv->nl_handle_event);
1182 if (drv->nl_cache_event == NULL) {
1183 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate generic "
1184 "netlink cache (event)");
1187 #endif /* CONFIG_LIBNL20 */
1189 drv->nl80211 = genl_ctrl_search_by_name(drv->nl_cache, "nl80211");
1190 if (drv->nl80211 == NULL) {
1191 wpa_printf(MSG_ERROR, "nl80211: 'nl80211' generic netlink not "
1196 ret = nl_get_multicast_id(drv, "nl80211", "scan");
1198 ret = nl_socket_add_membership(drv->nl_handle_event, ret);
1200 wpa_printf(MSG_ERROR, "nl80211: Could not add multicast "
1201 "membership for scan events: %d (%s)",
1202 ret, strerror(-ret));
1206 ret = nl_get_multicast_id(drv, "nl80211", "mlme");
1208 ret = nl_socket_add_membership(drv->nl_handle_event, ret);
1210 wpa_printf(MSG_ERROR, "nl80211: Could not add multicast "
1211 "membership for mlme events: %d (%s)",
1212 ret, strerror(-ret));
1216 eloop_register_read_sock(nl_socket_get_fd(drv->nl_handle_event),
1217 wpa_driver_nl80211_event_receive, drv, ctx);
1222 nl_cache_free(drv->nl_cache_event);
1224 nl_cache_free(drv->nl_cache);
1226 nl_handle_destroy(drv->nl_handle_event);
1228 nl_handle_destroy(drv->nl_handle);
1230 nl_cb_put(drv->nl_cb);
1237 * wpa_driver_nl80211_init - Initialize nl80211 driver interface
1238 * @ctx: context to be used when calling wpa_supplicant functions,
1239 * e.g., wpa_supplicant_event()
1240 * @ifname: interface name, e.g., wlan0
1241 * Returns: Pointer to private data, %NULL on failure
1243 static void * wpa_driver_nl80211_init(void *ctx, const char *ifname)
1245 struct wpa_driver_nl80211_data *drv;
1246 struct netlink_config *cfg;
1247 struct i802_bss *bss;
1249 drv = os_zalloc(sizeof(*drv));
1253 bss = &drv->first_bss;
1255 os_strlcpy(bss->ifname, ifname, sizeof(bss->ifname));
1256 drv->monitor_ifidx = -1;
1257 drv->monitor_sock = -1;
1258 drv->ioctl_sock = -1;
1260 if (wpa_driver_nl80211_init_nl(drv, ctx)) {
1265 drv->ioctl_sock = socket(PF_INET, SOCK_DGRAM, 0);
1266 if (drv->ioctl_sock < 0) {
1267 perror("socket(PF_INET,SOCK_DGRAM)");
1271 cfg = os_zalloc(sizeof(*cfg));
1275 cfg->newlink_cb = wpa_driver_nl80211_event_rtm_newlink;
1276 cfg->dellink_cb = wpa_driver_nl80211_event_rtm_dellink;
1277 drv->netlink = netlink_init(cfg);
1278 if (drv->netlink == NULL) {
1282 if (wpa_driver_nl80211_finish_drv_init(drv))
1288 netlink_deinit(drv->netlink);
1289 if (drv->ioctl_sock >= 0)
1290 close(drv->ioctl_sock);
1292 genl_family_put(drv->nl80211);
1293 nl_cache_free(drv->nl_cache);
1294 nl_handle_destroy(drv->nl_handle);
1295 nl_cb_put(drv->nl_cb);
1296 eloop_unregister_read_sock(nl_socket_get_fd(drv->nl_handle_event));
1303 static int nl80211_register_action_frame(struct wpa_driver_nl80211_data *drv,
1304 const u8 *match, size_t match_len)
1309 msg = nlmsg_alloc();
1313 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
1314 NL80211_CMD_REGISTER_ACTION, 0);
1316 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
1317 NLA_PUT(msg, NL80211_ATTR_FRAME_MATCH, match_len, match);
1319 ret = send_and_recv(drv, drv->nl_handle_event, msg, NULL, NULL);
1322 wpa_printf(MSG_DEBUG, "nl80211: Register Action command "
1323 "failed: ret=%d (%s)", ret, strerror(-ret));
1324 wpa_hexdump(MSG_DEBUG, "nl80211: Register Action match",
1326 goto nla_put_failure;
1335 static int nl80211_register_action_frames(struct wpa_driver_nl80211_data *drv)
1338 /* Public Action frames */
1339 return nl80211_register_action_frame(drv, (u8 *) "\x04", 1);
1342 /* FT Action frames */
1343 if (nl80211_register_action_frame(drv, (u8 *) "\x06", 1) < 0)
1346 drv->capa.key_mgmt |= WPA_DRIVER_CAPA_KEY_MGMT_FT |
1347 WPA_DRIVER_CAPA_KEY_MGMT_FT_PSK;
1354 wpa_driver_nl80211_finish_drv_init(struct wpa_driver_nl80211_data *drv)
1356 struct i802_bss *bss = &drv->first_bss;
1358 drv->ifindex = if_nametoindex(bss->ifname);
1359 drv->first_bss.ifindex = drv->ifindex;
1362 if (wpa_driver_nl80211_set_mode(bss, IEEE80211_MODE_INFRA) < 0) {
1363 wpa_printf(MSG_DEBUG, "nl80211: Could not configure driver to "
1364 "use managed mode");
1367 if (linux_set_iface_flags(drv->ioctl_sock, bss->ifname, 1)) {
1368 wpa_printf(MSG_ERROR, "Could not set interface '%s' UP",
1373 if (wpa_driver_nl80211_capa(drv))
1376 netlink_send_oper_ifla(drv->netlink, drv->ifindex,
1377 1, IF_OPER_DORMANT);
1378 #endif /* HOSTAPD */
1380 if (nl80211_register_action_frames(drv) < 0) {
1381 wpa_printf(MSG_DEBUG, "nl80211: Failed to register Action "
1382 "frame processing - ignore for now");
1384 * Older kernel versions did not support this, so ignore the
1385 * error for now. Some functionality may not be available
1394 static int wpa_driver_nl80211_del_beacon(struct wpa_driver_nl80211_data *drv)
1398 msg = nlmsg_alloc();
1402 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
1403 0, NL80211_CMD_DEL_BEACON, 0);
1404 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
1406 return send_and_recv_msgs(drv, msg, NULL, NULL);
1413 * wpa_driver_nl80211_deinit - Deinitialize nl80211 driver interface
1414 * @priv: Pointer to private nl80211 data from wpa_driver_nl80211_init()
1416 * Shut down driver interface and processing of driver events. Free
1417 * private data buffer if one was allocated in wpa_driver_nl80211_init().
1419 static void wpa_driver_nl80211_deinit(void *priv)
1421 struct i802_bss *bss = priv;
1422 struct wpa_driver_nl80211_data *drv = bss->drv;
1424 if (drv->added_if_into_bridge) {
1425 if (linux_br_del_if(drv->ioctl_sock, drv->brname, bss->ifname)
1427 wpa_printf(MSG_INFO, "nl80211: Failed to remove "
1428 "interface %s from bridge %s: %s",
1429 bss->ifname, drv->brname, strerror(errno));
1431 if (drv->added_bridge) {
1432 if (linux_br_del(drv->ioctl_sock, drv->brname) < 0)
1433 wpa_printf(MSG_INFO, "nl80211: Failed to remove "
1435 drv->brname, strerror(errno));
1438 nl80211_remove_monitor_interface(drv);
1440 if (drv->nlmode == NL80211_IFTYPE_AP)
1441 wpa_driver_nl80211_del_beacon(drv);
1444 if (drv->last_freq_ht) {
1445 /* Clear HT flags from the driver */
1446 struct hostapd_freq_params freq;
1447 os_memset(&freq, 0, sizeof(freq));
1448 freq.freq = drv->last_freq;
1449 i802_set_freq(priv, &freq);
1452 if (drv->eapol_sock >= 0) {
1453 eloop_unregister_read_sock(drv->eapol_sock);
1454 close(drv->eapol_sock);
1457 if (drv->if_indices != drv->default_if_indices)
1458 os_free(drv->if_indices);
1459 #endif /* HOSTAPD */
1461 if (drv->disable_11b_rates)
1462 nl80211_disable_11b_rates(drv, drv->ifindex, 0);
1464 netlink_send_oper_ifla(drv->netlink, drv->ifindex, 0, IF_OPER_UP);
1465 netlink_deinit(drv->netlink);
1467 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv, drv->ctx);
1469 (void) linux_set_iface_flags(drv->ioctl_sock, bss->ifname, 0);
1470 wpa_driver_nl80211_set_mode(bss, IEEE80211_MODE_INFRA);
1472 if (drv->ioctl_sock >= 0)
1473 close(drv->ioctl_sock);
1475 eloop_unregister_read_sock(nl_socket_get_fd(drv->nl_handle_event));
1476 genl_family_put(drv->nl80211);
1477 nl_cache_free(drv->nl_cache);
1478 nl_cache_free(drv->nl_cache_event);
1479 nl_handle_destroy(drv->nl_handle);
1480 nl_handle_destroy(drv->nl_handle_event);
1481 nl_cb_put(drv->nl_cb);
1483 eloop_cancel_timeout(wpa_driver_nl80211_probe_req_report_timeout,
1486 os_free(drv->filter_ssids);
1493 * wpa_driver_nl80211_scan_timeout - Scan timeout to report scan completion
1494 * @eloop_ctx: Driver private data
1495 * @timeout_ctx: ctx argument given to wpa_driver_nl80211_init()
1497 * This function can be used as registered timeout when starting a scan to
1498 * generate a scan completed event if the driver does not report this.
1500 static void wpa_driver_nl80211_scan_timeout(void *eloop_ctx, void *timeout_ctx)
1502 struct wpa_driver_nl80211_data *drv = eloop_ctx;
1503 if (drv->ap_scan_as_station) {
1504 wpa_driver_nl80211_set_mode(&drv->first_bss,
1506 drv->ap_scan_as_station = 0;
1508 wpa_printf(MSG_DEBUG, "Scan timeout - try to get results");
1509 wpa_supplicant_event(timeout_ctx, EVENT_SCAN_RESULTS, NULL);
1514 * wpa_driver_nl80211_scan - Request the driver to initiate scan
1515 * @priv: Pointer to private driver data from wpa_driver_nl80211_init()
1516 * @params: Scan parameters
1517 * Returns: 0 on success, -1 on failure
1519 static int wpa_driver_nl80211_scan(void *priv,
1520 struct wpa_driver_scan_params *params)
1522 struct i802_bss *bss = priv;
1523 struct wpa_driver_nl80211_data *drv = bss->drv;
1524 int ret = 0, timeout;
1525 struct nl_msg *msg, *ssids, *freqs;
1528 msg = nlmsg_alloc();
1529 ssids = nlmsg_alloc();
1530 freqs = nlmsg_alloc();
1531 if (!msg || !ssids || !freqs) {
1538 os_free(drv->filter_ssids);
1539 drv->filter_ssids = params->filter_ssids;
1540 params->filter_ssids = NULL;
1541 drv->num_filter_ssids = params->num_filter_ssids;
1543 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
1544 NL80211_CMD_TRIGGER_SCAN, 0);
1546 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
1548 for (i = 0; i < params->num_ssids; i++) {
1549 wpa_hexdump_ascii(MSG_MSGDUMP, "nl80211: Scan SSID",
1550 params->ssids[i].ssid,
1551 params->ssids[i].ssid_len);
1552 NLA_PUT(ssids, i + 1, params->ssids[i].ssid_len,
1553 params->ssids[i].ssid);
1555 if (params->num_ssids)
1556 nla_put_nested(msg, NL80211_ATTR_SCAN_SSIDS, ssids);
1558 if (params->extra_ies) {
1559 wpa_hexdump_ascii(MSG_MSGDUMP, "nl80211: Scan extra IEs",
1560 params->extra_ies, params->extra_ies_len);
1561 NLA_PUT(msg, NL80211_ATTR_IE, params->extra_ies_len,
1565 if (params->freqs) {
1566 for (i = 0; params->freqs[i]; i++) {
1567 wpa_printf(MSG_MSGDUMP, "nl80211: Scan frequency %u "
1568 "MHz", params->freqs[i]);
1569 NLA_PUT_U32(freqs, i + 1, params->freqs[i]);
1571 nla_put_nested(msg, NL80211_ATTR_SCAN_FREQUENCIES, freqs);
1574 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
1577 wpa_printf(MSG_DEBUG, "nl80211: Scan trigger failed: ret=%d "
1578 "(%s)", ret, strerror(-ret));
1580 if (drv->nlmode == NL80211_IFTYPE_AP) {
1582 * mac80211 does not allow scan requests in AP mode, so
1583 * try to do this in station mode.
1585 if (wpa_driver_nl80211_set_mode(bss,
1586 IEEE80211_MODE_INFRA))
1587 goto nla_put_failure;
1589 if (wpa_driver_nl80211_scan(drv, params)) {
1590 wpa_driver_nl80211_set_mode(bss,
1592 goto nla_put_failure;
1595 /* Restore AP mode when processing scan results */
1596 drv->ap_scan_as_station = 1;
1599 goto nla_put_failure;
1601 goto nla_put_failure;
1602 #endif /* HOSTAPD */
1605 /* Not all drivers generate "scan completed" wireless event, so try to
1606 * read results after a timeout. */
1608 if (drv->scan_complete_events) {
1610 * The driver seems to deliver events to notify when scan is
1611 * complete, so use longer timeout to avoid race conditions
1612 * with scanning and following association request.
1616 wpa_printf(MSG_DEBUG, "Scan requested (ret=%d) - scan timeout %d "
1617 "seconds", ret, timeout);
1618 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv, drv->ctx);
1619 eloop_register_timeout(timeout, 0, wpa_driver_nl80211_scan_timeout,
1630 static const u8 * nl80211_get_ie(const u8 *ies, size_t ies_len, u8 ie)
1632 const u8 *end, *pos;
1638 end = ies + ies_len;
1640 while (pos + 1 < end) {
1641 if (pos + 2 + pos[1] > end)
1652 static int nl80211_scan_filtered(struct wpa_driver_nl80211_data *drv,
1653 const u8 *ie, size_t ie_len)
1658 if (drv->filter_ssids == NULL)
1661 ssid = nl80211_get_ie(ie, ie_len, WLAN_EID_SSID);
1665 for (i = 0; i < drv->num_filter_ssids; i++) {
1666 if (ssid[1] == drv->filter_ssids[i].ssid_len &&
1667 os_memcmp(ssid + 2, drv->filter_ssids[i].ssid, ssid[1]) ==
1676 struct nl80211_bss_info_arg {
1677 struct wpa_driver_nl80211_data *drv;
1678 struct wpa_scan_results *res;
1681 static int bss_info_handler(struct nl_msg *msg, void *arg)
1683 struct nlattr *tb[NL80211_ATTR_MAX + 1];
1684 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
1685 struct nlattr *bss[NL80211_BSS_MAX + 1];
1686 static struct nla_policy bss_policy[NL80211_BSS_MAX + 1] = {
1687 [NL80211_BSS_BSSID] = { .type = NLA_UNSPEC },
1688 [NL80211_BSS_FREQUENCY] = { .type = NLA_U32 },
1689 [NL80211_BSS_TSF] = { .type = NLA_U64 },
1690 [NL80211_BSS_BEACON_INTERVAL] = { .type = NLA_U16 },
1691 [NL80211_BSS_CAPABILITY] = { .type = NLA_U16 },
1692 [NL80211_BSS_INFORMATION_ELEMENTS] = { .type = NLA_UNSPEC },
1693 [NL80211_BSS_SIGNAL_MBM] = { .type = NLA_U32 },
1694 [NL80211_BSS_SIGNAL_UNSPEC] = { .type = NLA_U8 },
1695 [NL80211_BSS_STATUS] = { .type = NLA_U32 },
1696 [NL80211_BSS_SEEN_MS_AGO] = { .type = NLA_U32 },
1697 [NL80211_BSS_BEACON_IES] = { .type = NLA_UNSPEC },
1699 struct nl80211_bss_info_arg *_arg = arg;
1700 struct wpa_scan_results *res = _arg->res;
1701 struct wpa_scan_res **tmp;
1702 struct wpa_scan_res *r;
1703 const u8 *ie, *beacon_ie;
1704 size_t ie_len, beacon_ie_len;
1707 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
1708 genlmsg_attrlen(gnlh, 0), NULL);
1709 if (!tb[NL80211_ATTR_BSS])
1711 if (nla_parse_nested(bss, NL80211_BSS_MAX, tb[NL80211_ATTR_BSS],
1714 if (bss[NL80211_BSS_INFORMATION_ELEMENTS]) {
1715 ie = nla_data(bss[NL80211_BSS_INFORMATION_ELEMENTS]);
1716 ie_len = nla_len(bss[NL80211_BSS_INFORMATION_ELEMENTS]);
1721 if (bss[NL80211_BSS_BEACON_IES]) {
1722 beacon_ie = nla_data(bss[NL80211_BSS_BEACON_IES]);
1723 beacon_ie_len = nla_len(bss[NL80211_BSS_BEACON_IES]);
1729 if (nl80211_scan_filtered(_arg->drv, ie ? ie : beacon_ie,
1730 ie ? ie_len : beacon_ie_len))
1733 r = os_zalloc(sizeof(*r) + ie_len + beacon_ie_len);
1736 if (bss[NL80211_BSS_BSSID])
1737 os_memcpy(r->bssid, nla_data(bss[NL80211_BSS_BSSID]),
1739 if (bss[NL80211_BSS_FREQUENCY])
1740 r->freq = nla_get_u32(bss[NL80211_BSS_FREQUENCY]);
1741 if (bss[NL80211_BSS_BEACON_INTERVAL])
1742 r->beacon_int = nla_get_u16(bss[NL80211_BSS_BEACON_INTERVAL]);
1743 if (bss[NL80211_BSS_CAPABILITY])
1744 r->caps = nla_get_u16(bss[NL80211_BSS_CAPABILITY]);
1745 r->flags |= WPA_SCAN_NOISE_INVALID;
1746 if (bss[NL80211_BSS_SIGNAL_MBM]) {
1747 r->level = nla_get_u32(bss[NL80211_BSS_SIGNAL_MBM]);
1748 r->level /= 100; /* mBm to dBm */
1749 r->flags |= WPA_SCAN_LEVEL_DBM | WPA_SCAN_QUAL_INVALID;
1750 } else if (bss[NL80211_BSS_SIGNAL_UNSPEC]) {
1751 r->level = nla_get_u8(bss[NL80211_BSS_SIGNAL_UNSPEC]);
1752 r->flags |= WPA_SCAN_LEVEL_INVALID;
1754 r->flags |= WPA_SCAN_LEVEL_INVALID | WPA_SCAN_QUAL_INVALID;
1755 if (bss[NL80211_BSS_TSF])
1756 r->tsf = nla_get_u64(bss[NL80211_BSS_TSF]);
1757 if (bss[NL80211_BSS_SEEN_MS_AGO])
1758 r->age = nla_get_u32(bss[NL80211_BSS_SEEN_MS_AGO]);
1760 pos = (u8 *) (r + 1);
1762 os_memcpy(pos, ie, ie_len);
1765 r->beacon_ie_len = beacon_ie_len;
1767 os_memcpy(pos, beacon_ie, beacon_ie_len);
1769 if (bss[NL80211_BSS_STATUS]) {
1770 enum nl80211_bss_status status;
1771 status = nla_get_u32(bss[NL80211_BSS_STATUS]);
1773 case NL80211_BSS_STATUS_AUTHENTICATED:
1774 r->flags |= WPA_SCAN_AUTHENTICATED;
1776 case NL80211_BSS_STATUS_ASSOCIATED:
1777 r->flags |= WPA_SCAN_ASSOCIATED;
1784 tmp = os_realloc(res->res,
1785 (res->num + 1) * sizeof(struct wpa_scan_res *));
1790 tmp[res->num++] = r;
1797 static void clear_state_mismatch(struct wpa_driver_nl80211_data *drv,
1800 if (drv->capa.flags & WPA_DRIVER_FLAGS_SME) {
1801 wpa_printf(MSG_DEBUG, "nl80211: Clear possible state "
1802 "mismatch (" MACSTR ")", MAC2STR(addr));
1803 wpa_driver_nl80211_mlme(drv, addr,
1804 NL80211_CMD_DEAUTHENTICATE,
1805 WLAN_REASON_PREV_AUTH_NOT_VALID);
1810 static void wpa_driver_nl80211_check_bss_status(
1811 struct wpa_driver_nl80211_data *drv, struct wpa_scan_results *res)
1815 for (i = 0; i < res->num; i++) {
1816 struct wpa_scan_res *r = res->res[i];
1817 if (r->flags & WPA_SCAN_AUTHENTICATED) {
1818 wpa_printf(MSG_DEBUG, "nl80211: Scan results "
1819 "indicates BSS status with " MACSTR
1820 " as authenticated",
1822 if (drv->nlmode == NL80211_IFTYPE_STATION &&
1823 os_memcmp(r->bssid, drv->bssid, ETH_ALEN) != 0 &&
1824 os_memcmp(r->bssid, drv->auth_bssid, ETH_ALEN) !=
1826 wpa_printf(MSG_DEBUG, "nl80211: Unknown BSSID"
1827 " in local state (auth=" MACSTR
1828 " assoc=" MACSTR ")",
1829 MAC2STR(drv->auth_bssid),
1830 MAC2STR(drv->bssid));
1831 clear_state_mismatch(drv, r->bssid);
1835 if (r->flags & WPA_SCAN_ASSOCIATED) {
1836 wpa_printf(MSG_DEBUG, "nl80211: Scan results "
1837 "indicate BSS status with " MACSTR
1840 if (drv->nlmode == NL80211_IFTYPE_STATION &&
1842 wpa_printf(MSG_DEBUG, "nl80211: Local state "
1843 "(not associated) does not match "
1845 clear_state_mismatch(drv, r->bssid);
1846 } else if (drv->nlmode == NL80211_IFTYPE_STATION &&
1847 os_memcmp(drv->bssid, r->bssid, ETH_ALEN) !=
1849 wpa_printf(MSG_DEBUG, "nl80211: Local state "
1850 "(associated with " MACSTR ") does "
1851 "not match with BSS state",
1852 MAC2STR(drv->bssid));
1853 clear_state_mismatch(drv, r->bssid);
1854 clear_state_mismatch(drv, drv->bssid);
1861 static void wpa_scan_results_free(struct wpa_scan_results *res)
1868 for (i = 0; i < res->num; i++)
1869 os_free(res->res[i]);
1875 static struct wpa_scan_results *
1876 nl80211_get_scan_results(struct wpa_driver_nl80211_data *drv)
1879 struct wpa_scan_results *res;
1881 struct nl80211_bss_info_arg arg;
1883 res = os_zalloc(sizeof(*res));
1886 msg = nlmsg_alloc();
1888 goto nla_put_failure;
1890 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, NLM_F_DUMP,
1891 NL80211_CMD_GET_SCAN, 0);
1892 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
1896 ret = send_and_recv_msgs(drv, msg, bss_info_handler, &arg);
1899 wpa_printf(MSG_DEBUG, "Received scan results (%lu BSSes)",
1900 (unsigned long) res->num);
1903 wpa_printf(MSG_DEBUG, "nl80211: Scan result fetch failed: ret=%d "
1904 "(%s)", ret, strerror(-ret));
1907 wpa_scan_results_free(res);
1913 * wpa_driver_nl80211_get_scan_results - Fetch the latest scan results
1914 * @priv: Pointer to private wext data from wpa_driver_nl80211_init()
1915 * Returns: Scan results on success, -1 on failure
1917 static struct wpa_scan_results *
1918 wpa_driver_nl80211_get_scan_results(void *priv)
1920 struct i802_bss *bss = priv;
1921 struct wpa_driver_nl80211_data *drv = bss->drv;
1922 struct wpa_scan_results *res;
1924 res = nl80211_get_scan_results(drv);
1926 wpa_driver_nl80211_check_bss_status(drv, res);
1931 static void nl80211_dump_scan(struct wpa_driver_nl80211_data *drv)
1933 struct wpa_scan_results *res;
1936 res = nl80211_get_scan_results(drv);
1938 wpa_printf(MSG_DEBUG, "nl80211: Failed to get scan results");
1942 wpa_printf(MSG_DEBUG, "nl80211: Scan result dump");
1943 for (i = 0; i < res->num; i++) {
1944 struct wpa_scan_res *r = res->res[i];
1945 wpa_printf(MSG_DEBUG, "nl80211: %d/%d " MACSTR "%s%s",
1946 (int) i, (int) res->num, MAC2STR(r->bssid),
1947 r->flags & WPA_SCAN_AUTHENTICATED ? " [auth]" : "",
1948 r->flags & WPA_SCAN_ASSOCIATED ? " [assoc]" : "");
1951 wpa_scan_results_free(res);
1955 static int wpa_driver_nl80211_set_key(const char *ifname, void *priv,
1956 enum wpa_alg alg, const u8 *addr,
1957 int key_idx, int set_tx,
1958 const u8 *seq, size_t seq_len,
1959 const u8 *key, size_t key_len)
1961 struct i802_bss *bss = priv;
1962 struct wpa_driver_nl80211_data *drv = bss->drv;
1963 int ifindex = if_nametoindex(ifname);
1967 wpa_printf(MSG_DEBUG, "%s: ifindex=%d alg=%d addr=%p key_idx=%d "
1968 "set_tx=%d seq_len=%lu key_len=%lu",
1969 __func__, ifindex, alg, addr, key_idx, set_tx,
1970 (unsigned long) seq_len, (unsigned long) key_len);
1972 msg = nlmsg_alloc();
1976 if (alg == WPA_ALG_NONE) {
1977 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
1978 0, NL80211_CMD_DEL_KEY, 0);
1980 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
1981 0, NL80211_CMD_NEW_KEY, 0);
1982 NLA_PUT(msg, NL80211_ATTR_KEY_DATA, key_len, key);
1986 NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
1987 WLAN_CIPHER_SUITE_WEP40);
1989 NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
1990 WLAN_CIPHER_SUITE_WEP104);
1993 NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
1994 WLAN_CIPHER_SUITE_TKIP);
1997 NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
1998 WLAN_CIPHER_SUITE_CCMP);
2001 NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
2002 WLAN_CIPHER_SUITE_AES_CMAC);
2005 wpa_printf(MSG_ERROR, "%s: Unsupported encryption "
2006 "algorithm %d", __func__, alg);
2013 NLA_PUT(msg, NL80211_ATTR_KEY_SEQ, seq_len, seq);
2015 if (addr && os_memcmp(addr, "\xff\xff\xff\xff\xff\xff", ETH_ALEN) != 0)
2017 wpa_printf(MSG_DEBUG, " addr=" MACSTR, MAC2STR(addr));
2018 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
2020 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, key_idx);
2021 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifindex);
2023 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
2024 if ((ret == -ENOENT || ret == -ENOLINK) && alg == WPA_ALG_NONE)
2027 wpa_printf(MSG_DEBUG, "nl80211: set_key failed; err=%d %s)",
2028 ret, strerror(-ret));
2031 * If we failed or don't need to set the default TX key (below),
2034 if (ret || !set_tx || alg == WPA_ALG_NONE)
2036 #ifdef HOSTAPD /* FIX: is this needed? */
2039 #endif /* HOSTAPD */
2041 msg = nlmsg_alloc();
2045 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
2046 0, NL80211_CMD_SET_KEY, 0);
2047 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, key_idx);
2048 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifindex);
2049 if (alg == WPA_ALG_IGTK)
2050 NLA_PUT_FLAG(msg, NL80211_ATTR_KEY_DEFAULT_MGMT);
2052 NLA_PUT_FLAG(msg, NL80211_ATTR_KEY_DEFAULT);
2054 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
2058 wpa_printf(MSG_DEBUG, "nl80211: set_key default failed; "
2059 "err=%d %s)", ret, strerror(-ret));
2067 static int nl_add_key(struct nl_msg *msg, enum wpa_alg alg,
2068 int key_idx, int defkey,
2069 const u8 *seq, size_t seq_len,
2070 const u8 *key, size_t key_len)
2072 struct nlattr *key_attr = nla_nest_start(msg, NL80211_ATTR_KEY);
2076 if (defkey && alg == WPA_ALG_IGTK)
2077 NLA_PUT_FLAG(msg, NL80211_KEY_DEFAULT_MGMT);
2079 NLA_PUT_FLAG(msg, NL80211_KEY_DEFAULT);
2081 NLA_PUT_U8(msg, NL80211_KEY_IDX, key_idx);
2086 NLA_PUT_U32(msg, NL80211_KEY_CIPHER,
2087 WLAN_CIPHER_SUITE_WEP40);
2089 NLA_PUT_U32(msg, NL80211_KEY_CIPHER,
2090 WLAN_CIPHER_SUITE_WEP104);
2093 NLA_PUT_U32(msg, NL80211_KEY_CIPHER, WLAN_CIPHER_SUITE_TKIP);
2096 NLA_PUT_U32(msg, NL80211_KEY_CIPHER, WLAN_CIPHER_SUITE_CCMP);
2099 NLA_PUT_U32(msg, NL80211_KEY_CIPHER,
2100 WLAN_CIPHER_SUITE_AES_CMAC);
2103 wpa_printf(MSG_ERROR, "%s: Unsupported encryption "
2104 "algorithm %d", __func__, alg);
2109 NLA_PUT(msg, NL80211_KEY_SEQ, seq_len, seq);
2111 NLA_PUT(msg, NL80211_KEY_DATA, key_len, key);
2113 nla_nest_end(msg, key_attr);
2121 static int nl80211_set_conn_keys(struct wpa_driver_associate_params *params,
2125 struct nlattr *nl_keys, *nl_key;
2127 for (i = 0; i < 4; i++) {
2128 if (!params->wep_key[i])
2136 NLA_PUT_FLAG(msg, NL80211_ATTR_PRIVACY);
2138 nl_keys = nla_nest_start(msg, NL80211_ATTR_KEYS);
2140 goto nla_put_failure;
2142 for (i = 0; i < 4; i++) {
2143 if (!params->wep_key[i])
2146 nl_key = nla_nest_start(msg, i);
2148 goto nla_put_failure;
2150 NLA_PUT(msg, NL80211_KEY_DATA, params->wep_key_len[i],
2151 params->wep_key[i]);
2152 if (params->wep_key_len[i] == 5)
2153 NLA_PUT_U32(msg, NL80211_KEY_CIPHER,
2154 WLAN_CIPHER_SUITE_WEP40);
2156 NLA_PUT_U32(msg, NL80211_KEY_CIPHER,
2157 WLAN_CIPHER_SUITE_WEP104);
2159 NLA_PUT_U8(msg, NL80211_KEY_IDX, i);
2161 if (i == params->wep_tx_keyidx)
2162 NLA_PUT_FLAG(msg, NL80211_KEY_DEFAULT);
2164 nla_nest_end(msg, nl_key);
2166 nla_nest_end(msg, nl_keys);
2175 static int wpa_driver_nl80211_mlme(struct wpa_driver_nl80211_data *drv,
2176 const u8 *addr, int cmd, u16 reason_code)
2181 msg = nlmsg_alloc();
2185 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0, cmd, 0);
2187 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
2188 NLA_PUT_U16(msg, NL80211_ATTR_REASON_CODE, reason_code);
2189 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
2191 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
2194 wpa_printf(MSG_DEBUG, "nl80211: MLME command failed: ret=%d "
2195 "(%s)", ret, strerror(-ret));
2196 goto nla_put_failure;
2206 static int wpa_driver_nl80211_disconnect(struct wpa_driver_nl80211_data *drv,
2207 const u8 *addr, int reason_code)
2209 wpa_printf(MSG_DEBUG, "%s", __func__);
2210 drv->associated = 0;
2211 return wpa_driver_nl80211_mlme(drv, addr, NL80211_CMD_DISCONNECT,
2216 static int wpa_driver_nl80211_deauthenticate(void *priv, const u8 *addr,
2219 struct i802_bss *bss = priv;
2220 struct wpa_driver_nl80211_data *drv = bss->drv;
2221 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME))
2222 return wpa_driver_nl80211_disconnect(drv, addr, reason_code);
2223 wpa_printf(MSG_DEBUG, "%s", __func__);
2224 drv->associated = 0;
2225 return wpa_driver_nl80211_mlme(drv, addr, NL80211_CMD_DEAUTHENTICATE,
2230 static int wpa_driver_nl80211_disassociate(void *priv, const u8 *addr,
2233 struct i802_bss *bss = priv;
2234 struct wpa_driver_nl80211_data *drv = bss->drv;
2235 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME))
2236 return wpa_driver_nl80211_disconnect(drv, addr, reason_code);
2237 wpa_printf(MSG_DEBUG, "%s", __func__);
2238 drv->associated = 0;
2239 return wpa_driver_nl80211_mlme(drv, addr, NL80211_CMD_DISASSOCIATE,
2244 static int wpa_driver_nl80211_authenticate(
2245 void *priv, struct wpa_driver_auth_params *params)
2247 struct i802_bss *bss = priv;
2248 struct wpa_driver_nl80211_data *drv = bss->drv;
2251 enum nl80211_auth_type type;
2254 drv->associated = 0;
2255 os_memset(drv->auth_bssid, 0, ETH_ALEN);
2256 /* FIX: IBSS mode */
2257 if (drv->nlmode != NL80211_IFTYPE_STATION)
2258 wpa_driver_nl80211_set_mode(priv, IEEE80211_MODE_INFRA);
2260 if (wpa_driver_nl80211_set_mode(priv, IEEE80211_MODE_INFRA) < 0)
2264 msg = nlmsg_alloc();
2268 wpa_printf(MSG_DEBUG, "nl80211: Authenticate (ifindex=%d)",
2271 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
2272 NL80211_CMD_AUTHENTICATE, 0);
2274 for (i = 0; i < 4; i++) {
2275 if (!params->wep_key[i])
2277 wpa_driver_nl80211_set_key(bss->ifname, priv, WPA_ALG_WEP,
2279 i == params->wep_tx_keyidx, NULL, 0,
2281 params->wep_key_len[i]);
2282 if (params->wep_tx_keyidx != i)
2284 if (nl_add_key(msg, WPA_ALG_WEP, i, 1, NULL, 0,
2285 params->wep_key[i], params->wep_key_len[i])) {
2291 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
2292 if (params->bssid) {
2293 wpa_printf(MSG_DEBUG, " * bssid=" MACSTR,
2294 MAC2STR(params->bssid));
2295 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid);
2298 wpa_printf(MSG_DEBUG, " * freq=%d", params->freq);
2299 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, params->freq);
2302 wpa_hexdump_ascii(MSG_DEBUG, " * SSID",
2303 params->ssid, params->ssid_len);
2304 NLA_PUT(msg, NL80211_ATTR_SSID, params->ssid_len,
2307 wpa_hexdump(MSG_DEBUG, " * IEs", params->ie, params->ie_len);
2309 NLA_PUT(msg, NL80211_ATTR_IE, params->ie_len, params->ie);
2311 * TODO: if multiple auth_alg options enabled, try them one by one if
2312 * the AP rejects authentication due to unknown auth alg
2314 if (params->auth_alg & WPA_AUTH_ALG_OPEN)
2315 type = NL80211_AUTHTYPE_OPEN_SYSTEM;
2316 else if (params->auth_alg & WPA_AUTH_ALG_SHARED)
2317 type = NL80211_AUTHTYPE_SHARED_KEY;
2318 else if (params->auth_alg & WPA_AUTH_ALG_LEAP)
2319 type = NL80211_AUTHTYPE_NETWORK_EAP;
2320 else if (params->auth_alg & WPA_AUTH_ALG_FT)
2321 type = NL80211_AUTHTYPE_FT;
2323 goto nla_put_failure;
2324 wpa_printf(MSG_DEBUG, " * Auth Type %d", type);
2325 NLA_PUT_U32(msg, NL80211_ATTR_AUTH_TYPE, type);
2327 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
2330 wpa_printf(MSG_DEBUG, "nl80211: MLME command failed: ret=%d "
2331 "(%s)", ret, strerror(-ret));
2333 if (ret == -EALREADY && count == 1 && params->bssid) {
2335 * mac80211 does not currently accept new
2336 * authentication if we are already authenticated. As a
2337 * workaround, force deauthentication and try again.
2339 wpa_printf(MSG_DEBUG, "nl80211: Retry authentication "
2340 "after forced deauthentication");
2341 wpa_driver_nl80211_deauthenticate(
2343 WLAN_REASON_PREV_AUTH_NOT_VALID);
2347 goto nla_put_failure;
2350 wpa_printf(MSG_DEBUG, "nl80211: Authentication request send "
2359 struct phy_info_arg {
2361 struct hostapd_hw_modes *modes;
2364 static int phy_info_handler(struct nl_msg *msg, void *arg)
2366 struct nlattr *tb_msg[NL80211_ATTR_MAX + 1];
2367 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
2368 struct phy_info_arg *phy_info = arg;
2370 struct nlattr *tb_band[NL80211_BAND_ATTR_MAX + 1];
2372 struct nlattr *tb_freq[NL80211_FREQUENCY_ATTR_MAX + 1];
2373 static struct nla_policy freq_policy[NL80211_FREQUENCY_ATTR_MAX + 1] = {
2374 [NL80211_FREQUENCY_ATTR_FREQ] = { .type = NLA_U32 },
2375 [NL80211_FREQUENCY_ATTR_DISABLED] = { .type = NLA_FLAG },
2376 [NL80211_FREQUENCY_ATTR_PASSIVE_SCAN] = { .type = NLA_FLAG },
2377 [NL80211_FREQUENCY_ATTR_NO_IBSS] = { .type = NLA_FLAG },
2378 [NL80211_FREQUENCY_ATTR_RADAR] = { .type = NLA_FLAG },
2379 [NL80211_FREQUENCY_ATTR_MAX_TX_POWER] = { .type = NLA_U32 },
2382 struct nlattr *tb_rate[NL80211_BITRATE_ATTR_MAX + 1];
2383 static struct nla_policy rate_policy[NL80211_BITRATE_ATTR_MAX + 1] = {
2384 [NL80211_BITRATE_ATTR_RATE] = { .type = NLA_U32 },
2385 [NL80211_BITRATE_ATTR_2GHZ_SHORTPREAMBLE] = { .type = NLA_FLAG },
2388 struct nlattr *nl_band;
2389 struct nlattr *nl_freq;
2390 struct nlattr *nl_rate;
2391 int rem_band, rem_freq, rem_rate;
2392 struct hostapd_hw_modes *mode;
2393 int idx, mode_is_set;
2395 nla_parse(tb_msg, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
2396 genlmsg_attrlen(gnlh, 0), NULL);
2398 if (!tb_msg[NL80211_ATTR_WIPHY_BANDS])
2401 nla_for_each_nested(nl_band, tb_msg[NL80211_ATTR_WIPHY_BANDS], rem_band) {
2402 mode = os_realloc(phy_info->modes, (*phy_info->num_modes + 1) * sizeof(*mode));
2405 phy_info->modes = mode;
2409 mode = &phy_info->modes[*(phy_info->num_modes)];
2410 memset(mode, 0, sizeof(*mode));
2411 *(phy_info->num_modes) += 1;
2413 nla_parse(tb_band, NL80211_BAND_ATTR_MAX, nla_data(nl_band),
2414 nla_len(nl_band), NULL);
2416 if (tb_band[NL80211_BAND_ATTR_HT_CAPA]) {
2417 mode->ht_capab = nla_get_u16(
2418 tb_band[NL80211_BAND_ATTR_HT_CAPA]);
2421 if (tb_band[NL80211_BAND_ATTR_HT_AMPDU_FACTOR]) {
2422 mode->a_mpdu_params |= nla_get_u8(
2423 tb_band[NL80211_BAND_ATTR_HT_AMPDU_FACTOR]) &
2427 if (tb_band[NL80211_BAND_ATTR_HT_AMPDU_DENSITY]) {
2428 mode->a_mpdu_params |= nla_get_u8(
2429 tb_band[NL80211_BAND_ATTR_HT_AMPDU_DENSITY]) <<
2433 if (tb_band[NL80211_BAND_ATTR_HT_MCS_SET] &&
2434 nla_len(tb_band[NL80211_BAND_ATTR_HT_MCS_SET])) {
2436 mcs = nla_data(tb_band[NL80211_BAND_ATTR_HT_MCS_SET]);
2437 os_memcpy(mode->mcs_set, mcs, 16);
2440 nla_for_each_nested(nl_freq, tb_band[NL80211_BAND_ATTR_FREQS], rem_freq) {
2441 nla_parse(tb_freq, NL80211_FREQUENCY_ATTR_MAX, nla_data(nl_freq),
2442 nla_len(nl_freq), freq_policy);
2443 if (!tb_freq[NL80211_FREQUENCY_ATTR_FREQ])
2445 mode->num_channels++;
2448 mode->channels = os_zalloc(mode->num_channels * sizeof(struct hostapd_channel_data));
2449 if (!mode->channels)
2454 nla_for_each_nested(nl_freq, tb_band[NL80211_BAND_ATTR_FREQS], rem_freq) {
2455 nla_parse(tb_freq, NL80211_FREQUENCY_ATTR_MAX, nla_data(nl_freq),
2456 nla_len(nl_freq), freq_policy);
2457 if (!tb_freq[NL80211_FREQUENCY_ATTR_FREQ])
2460 mode->channels[idx].freq = nla_get_u32(tb_freq[NL80211_FREQUENCY_ATTR_FREQ]);
2461 mode->channels[idx].flag = 0;
2464 /* crude heuristic */
2465 if (mode->channels[idx].freq < 4000)
2466 mode->mode = HOSTAPD_MODE_IEEE80211B;
2468 mode->mode = HOSTAPD_MODE_IEEE80211A;
2472 /* crude heuristic */
2473 if (mode->channels[idx].freq < 4000)
2474 if (mode->channels[idx].freq == 2484)
2475 mode->channels[idx].chan = 14;
2477 mode->channels[idx].chan = (mode->channels[idx].freq - 2407) / 5;
2479 mode->channels[idx].chan = mode->channels[idx].freq/5 - 1000;
2481 if (tb_freq[NL80211_FREQUENCY_ATTR_DISABLED])
2482 mode->channels[idx].flag |=
2483 HOSTAPD_CHAN_DISABLED;
2484 if (tb_freq[NL80211_FREQUENCY_ATTR_PASSIVE_SCAN])
2485 mode->channels[idx].flag |=
2486 HOSTAPD_CHAN_PASSIVE_SCAN;
2487 if (tb_freq[NL80211_FREQUENCY_ATTR_NO_IBSS])
2488 mode->channels[idx].flag |=
2489 HOSTAPD_CHAN_NO_IBSS;
2490 if (tb_freq[NL80211_FREQUENCY_ATTR_RADAR])
2491 mode->channels[idx].flag |=
2494 if (tb_freq[NL80211_FREQUENCY_ATTR_MAX_TX_POWER] &&
2495 !tb_freq[NL80211_FREQUENCY_ATTR_DISABLED])
2496 mode->channels[idx].max_tx_power =
2497 nla_get_u32(tb_freq[NL80211_FREQUENCY_ATTR_MAX_TX_POWER]) / 100;
2502 nla_for_each_nested(nl_rate, tb_band[NL80211_BAND_ATTR_RATES], rem_rate) {
2503 nla_parse(tb_rate, NL80211_BITRATE_ATTR_MAX, nla_data(nl_rate),
2504 nla_len(nl_rate), rate_policy);
2505 if (!tb_rate[NL80211_BITRATE_ATTR_RATE])
2510 mode->rates = os_zalloc(mode->num_rates * sizeof(int));
2516 nla_for_each_nested(nl_rate, tb_band[NL80211_BAND_ATTR_RATES], rem_rate) {
2517 nla_parse(tb_rate, NL80211_BITRATE_ATTR_MAX, nla_data(nl_rate),
2518 nla_len(nl_rate), rate_policy);
2519 if (!tb_rate[NL80211_BITRATE_ATTR_RATE])
2521 mode->rates[idx] = nla_get_u32(tb_rate[NL80211_BITRATE_ATTR_RATE]);
2523 /* crude heuristic */
2524 if (mode->mode == HOSTAPD_MODE_IEEE80211B &&
2525 mode->rates[idx] > 200)
2526 mode->mode = HOSTAPD_MODE_IEEE80211G;
2535 static struct hostapd_hw_modes *
2536 wpa_driver_nl80211_add_11b(struct hostapd_hw_modes *modes, u16 *num_modes)
2539 struct hostapd_hw_modes *mode11g = NULL, *nmodes, *mode;
2540 int i, mode11g_idx = -1;
2542 /* If only 802.11g mode is included, use it to construct matching
2543 * 802.11b mode data. */
2545 for (m = 0; m < *num_modes; m++) {
2546 if (modes[m].mode == HOSTAPD_MODE_IEEE80211B)
2547 return modes; /* 802.11b already included */
2548 if (modes[m].mode == HOSTAPD_MODE_IEEE80211G)
2552 if (mode11g_idx < 0)
2553 return modes; /* 2.4 GHz band not supported at all */
2555 nmodes = os_realloc(modes, (*num_modes + 1) * sizeof(*nmodes));
2557 return modes; /* Could not add 802.11b mode */
2559 mode = &nmodes[*num_modes];
2560 os_memset(mode, 0, sizeof(*mode));
2564 mode->mode = HOSTAPD_MODE_IEEE80211B;
2566 mode11g = &modes[mode11g_idx];
2567 mode->num_channels = mode11g->num_channels;
2568 mode->channels = os_malloc(mode11g->num_channels *
2569 sizeof(struct hostapd_channel_data));
2570 if (mode->channels == NULL) {
2572 return modes; /* Could not add 802.11b mode */
2574 os_memcpy(mode->channels, mode11g->channels,
2575 mode11g->num_channels * sizeof(struct hostapd_channel_data));
2577 mode->num_rates = 0;
2578 mode->rates = os_malloc(4 * sizeof(int));
2579 if (mode->rates == NULL) {
2580 os_free(mode->channels);
2582 return modes; /* Could not add 802.11b mode */
2585 for (i = 0; i < mode11g->num_rates; i++) {
2586 if (mode11g->rates[i] != 10 && mode11g->rates[i] != 20 &&
2587 mode11g->rates[i] != 55 && mode11g->rates[i] != 110)
2589 mode->rates[mode->num_rates] = mode11g->rates[i];
2591 if (mode->num_rates == 4)
2595 if (mode->num_rates == 0) {
2596 os_free(mode->channels);
2597 os_free(mode->rates);
2599 return modes; /* No 802.11b rates */
2602 wpa_printf(MSG_DEBUG, "nl80211: Added 802.11b mode based on 802.11g "
2609 static struct hostapd_hw_modes *
2610 wpa_driver_nl80211_get_hw_feature_data(void *priv, u16 *num_modes, u16 *flags)
2612 struct i802_bss *bss = priv;
2613 struct wpa_driver_nl80211_data *drv = bss->drv;
2615 struct phy_info_arg result = {
2616 .num_modes = num_modes,
2623 msg = nlmsg_alloc();
2627 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
2628 0, NL80211_CMD_GET_WIPHY, 0);
2630 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
2632 if (send_and_recv_msgs(drv, msg, phy_info_handler, &result) == 0)
2633 return wpa_driver_nl80211_add_11b(result.modes, num_modes);
2639 static int wpa_driver_nl80211_send_frame(struct wpa_driver_nl80211_data *drv,
2640 const void *data, size_t len,
2644 0x00, 0x00, /* radiotap version */
2645 0x0e, 0x00, /* radiotap length */
2646 0x02, 0xc0, 0x00, 0x00, /* bmap: flags, tx and rx flags */
2647 IEEE80211_RADIOTAP_F_FRAG, /* F_FRAG (fragment if required) */
2649 0x00, 0x00, /* RX and TX flags to indicate that */
2650 0x00, 0x00, /* this is the injected frame directly */
2652 struct iovec iov[2] = {
2654 .iov_base = &rtap_hdr,
2655 .iov_len = sizeof(rtap_hdr),
2658 .iov_base = (void *) data,
2662 struct msghdr msg = {
2667 .msg_control = NULL,
2668 .msg_controllen = 0,
2673 rtap_hdr[8] |= IEEE80211_RADIOTAP_F_WEP;
2675 return sendmsg(drv->monitor_sock, &msg, 0);
2679 static int wpa_driver_nl80211_send_mlme(void *priv, const u8 *data,
2682 struct i802_bss *bss = priv;
2683 struct wpa_driver_nl80211_data *drv = bss->drv;
2684 struct ieee80211_mgmt *mgmt;
2688 mgmt = (struct ieee80211_mgmt *) data;
2689 fc = le_to_host16(mgmt->frame_control);
2691 if (WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT &&
2692 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_AUTH) {
2694 * Only one of the authentication frame types is encrypted.
2695 * In order for static WEP encryption to work properly (i.e.,
2696 * to not encrypt the frame), we need to tell mac80211 about
2697 * the frames that must not be encrypted.
2699 u16 auth_alg = le_to_host16(mgmt->u.auth.auth_alg);
2700 u16 auth_trans = le_to_host16(mgmt->u.auth.auth_transaction);
2701 if (auth_alg != WLAN_AUTH_SHARED_KEY || auth_trans != 3)
2705 return wpa_driver_nl80211_send_frame(drv, data, data_len, encrypt);
2709 static int wpa_driver_nl80211_set_beacon(void *priv,
2710 const u8 *head, size_t head_len,
2711 const u8 *tail, size_t tail_len,
2712 int dtim_period, int beacon_int)
2714 struct i802_bss *bss = priv;
2715 struct wpa_driver_nl80211_data *drv = bss->drv;
2717 u8 cmd = NL80211_CMD_NEW_BEACON;
2720 int ifindex = if_nametoindex(bss->ifname);
2722 beacon_set = bss->beacon_set;
2724 msg = nlmsg_alloc();
2728 wpa_printf(MSG_DEBUG, "nl80211: Set beacon (beacon_set=%d)",
2731 cmd = NL80211_CMD_SET_BEACON;
2733 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
2735 NLA_PUT(msg, NL80211_ATTR_BEACON_HEAD, head_len, head);
2736 NLA_PUT(msg, NL80211_ATTR_BEACON_TAIL, tail_len, tail);
2737 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifindex);
2738 NLA_PUT_U32(msg, NL80211_ATTR_BEACON_INTERVAL, beacon_int);
2739 NLA_PUT_U32(msg, NL80211_ATTR_DTIM_PERIOD, dtim_period);
2741 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
2743 wpa_printf(MSG_DEBUG, "nl80211: Beacon set failed: %d (%s)",
2744 ret, strerror(-ret));
2746 bss->beacon_set = 1;
2754 static int wpa_driver_nl80211_set_freq(struct wpa_driver_nl80211_data *drv,
2755 int freq, int ht_enabled,
2756 int sec_channel_offset)
2761 msg = nlmsg_alloc();
2765 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
2766 NL80211_CMD_SET_WIPHY, 0);
2768 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
2769 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, freq);
2771 switch (sec_channel_offset) {
2773 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE,
2774 NL80211_CHAN_HT40MINUS);
2777 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE,
2778 NL80211_CHAN_HT40PLUS);
2781 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE,
2787 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
2790 wpa_printf(MSG_DEBUG, "nl80211: Failed to set channel (freq=%d): "
2791 "%d (%s)", freq, ret, strerror(-ret));
2797 static int wpa_driver_nl80211_sta_add(void *priv,
2798 struct hostapd_sta_add_params *params)
2800 struct i802_bss *bss = priv;
2801 struct wpa_driver_nl80211_data *drv = bss->drv;
2805 msg = nlmsg_alloc();
2809 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
2810 0, NL80211_CMD_NEW_STATION, 0);
2812 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(bss->ifname));
2813 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, params->addr);
2814 NLA_PUT_U16(msg, NL80211_ATTR_STA_AID, params->aid);
2815 NLA_PUT(msg, NL80211_ATTR_STA_SUPPORTED_RATES, params->supp_rates_len,
2816 params->supp_rates);
2817 NLA_PUT_U16(msg, NL80211_ATTR_STA_LISTEN_INTERVAL,
2818 params->listen_interval);
2819 if (params->ht_capabilities) {
2820 NLA_PUT(msg, NL80211_ATTR_HT_CAPABILITY,
2821 sizeof(*params->ht_capabilities),
2822 params->ht_capabilities);
2825 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
2827 wpa_printf(MSG_DEBUG, "nl80211: NL80211_CMD_NEW_STATION "
2828 "result: %d (%s)", ret, strerror(-ret));
2836 static int wpa_driver_nl80211_sta_remove(void *priv, const u8 *addr)
2838 struct i802_bss *bss = priv;
2839 struct wpa_driver_nl80211_data *drv = bss->drv;
2843 msg = nlmsg_alloc();
2847 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
2848 0, NL80211_CMD_DEL_STATION, 0);
2850 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
2851 if_nametoindex(bss->ifname));
2852 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
2854 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
2863 static void nl80211_remove_iface(struct wpa_driver_nl80211_data *drv,
2868 wpa_printf(MSG_DEBUG, "nl80211: Remove interface ifindex=%d", ifidx);
2871 /* stop listening for EAPOL on this interface */
2872 del_ifidx(drv, ifidx);
2873 #endif /* HOSTAPD */
2875 msg = nlmsg_alloc();
2877 goto nla_put_failure;
2879 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
2880 0, NL80211_CMD_DEL_INTERFACE, 0);
2881 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifidx);
2883 if (send_and_recv_msgs(drv, msg, NULL, NULL) == 0)
2886 wpa_printf(MSG_ERROR, "Failed to remove interface (ifidx=%d)", ifidx);
2890 static int nl80211_create_iface_once(struct wpa_driver_nl80211_data *drv,
2892 enum nl80211_iftype iftype,
2893 const u8 *addr, int wds)
2895 struct nl_msg *msg, *flags = NULL;
2899 msg = nlmsg_alloc();
2903 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
2904 0, NL80211_CMD_NEW_INTERFACE, 0);
2905 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
2906 NLA_PUT_STRING(msg, NL80211_ATTR_IFNAME, ifname);
2907 NLA_PUT_U32(msg, NL80211_ATTR_IFTYPE, iftype);
2909 if (iftype == NL80211_IFTYPE_MONITOR) {
2912 flags = nlmsg_alloc();
2914 goto nla_put_failure;
2916 NLA_PUT_FLAG(flags, NL80211_MNTR_FLAG_COOK_FRAMES);
2918 err = nla_put_nested(msg, NL80211_ATTR_MNTR_FLAGS, flags);
2923 goto nla_put_failure;
2925 NLA_PUT_U8(msg, NL80211_ATTR_4ADDR, wds);
2928 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
2931 wpa_printf(MSG_ERROR, "Failed to create interface %s: %d (%s)",
2932 ifname, ret, strerror(-ret));
2936 ifidx = if_nametoindex(ifname);
2937 wpa_printf(MSG_DEBUG, "nl80211: New interface %s created: ifindex=%d",
2944 /* start listening for EAPOL on this interface */
2945 add_ifidx(drv, ifidx);
2946 #endif /* HOSTAPD */
2948 if (addr && iftype != NL80211_IFTYPE_MONITOR &&
2949 linux_set_ifhwaddr(drv->ioctl_sock, ifname, addr)) {
2950 nl80211_remove_iface(drv, ifidx);
2958 static int nl80211_create_iface(struct wpa_driver_nl80211_data *drv,
2959 const char *ifname, enum nl80211_iftype iftype,
2960 const u8 *addr, int wds)
2964 ret = nl80211_create_iface_once(drv, ifname, iftype, addr, wds);
2966 /* if error occured and interface exists already */
2967 if (ret == -ENFILE && if_nametoindex(ifname)) {
2968 wpa_printf(MSG_INFO, "Try to remove and re-create %s", ifname);
2970 /* Try to remove the interface that was already there. */
2971 nl80211_remove_iface(drv, if_nametoindex(ifname));
2973 /* Try to create the interface again */
2974 ret = nl80211_create_iface_once(drv, ifname, iftype, addr,
2978 if (ret >= 0 && drv->disable_11b_rates)
2979 nl80211_disable_11b_rates(drv, ret, 1);
2985 static void handle_tx_callback(void *ctx, u8 *buf, size_t len, int ok)
2987 struct ieee80211_hdr *hdr;
2989 union wpa_event_data event;
2991 hdr = (struct ieee80211_hdr *) buf;
2992 fc = le_to_host16(hdr->frame_control);
2994 os_memset(&event, 0, sizeof(event));
2995 event.tx_status.type = WLAN_FC_GET_TYPE(fc);
2996 event.tx_status.stype = WLAN_FC_GET_STYPE(fc);
2997 event.tx_status.dst = hdr->addr1;
2998 event.tx_status.data = buf;
2999 event.tx_status.data_len = len;
3000 event.tx_status.ack = ok;
3001 wpa_supplicant_event(ctx, EVENT_TX_STATUS, &event);
3005 static void from_unknown_sta(struct wpa_driver_nl80211_data *drv,
3006 u8 *buf, size_t len)
3008 union wpa_event_data event;
3009 os_memset(&event, 0, sizeof(event));
3010 event.rx_from_unknown.frame = buf;
3011 event.rx_from_unknown.len = len;
3012 wpa_supplicant_event(drv->ctx, EVENT_RX_FROM_UNKNOWN, &event);
3016 static void handle_frame(struct wpa_driver_nl80211_data *drv,
3017 u8 *buf, size_t len, int datarate, int ssi_signal)
3019 struct ieee80211_hdr *hdr;
3021 union wpa_event_data event;
3023 hdr = (struct ieee80211_hdr *) buf;
3024 fc = le_to_host16(hdr->frame_control);
3026 switch (WLAN_FC_GET_TYPE(fc)) {
3027 case WLAN_FC_TYPE_MGMT:
3028 os_memset(&event, 0, sizeof(event));
3029 event.rx_mgmt.frame = buf;
3030 event.rx_mgmt.frame_len = len;
3031 event.rx_mgmt.datarate = datarate;
3032 event.rx_mgmt.ssi_signal = ssi_signal;
3033 wpa_supplicant_event(drv->ctx, EVENT_RX_MGMT, &event);
3035 case WLAN_FC_TYPE_CTRL:
3036 /* can only get here with PS-Poll frames */
3037 wpa_printf(MSG_DEBUG, "CTRL");
3038 from_unknown_sta(drv, buf, len);
3040 case WLAN_FC_TYPE_DATA:
3041 from_unknown_sta(drv, buf, len);
3047 static void handle_monitor_read(int sock, void *eloop_ctx, void *sock_ctx)
3049 struct wpa_driver_nl80211_data *drv = eloop_ctx;
3051 unsigned char buf[3000];
3052 struct ieee80211_radiotap_iterator iter;
3054 int datarate = 0, ssi_signal = 0;
3055 int injected = 0, failed = 0, rxflags = 0;
3057 len = recv(sock, buf, sizeof(buf), 0);
3063 if (drv->nlmode == NL80211_IFTYPE_STATION && !drv->probe_req_report) {
3064 wpa_printf(MSG_DEBUG, "nl80211: Ignore monitor interface "
3065 "frame since Probe Request reporting is disabled");
3069 if (ieee80211_radiotap_iterator_init(&iter, (void*)buf, len)) {
3070 printf("received invalid radiotap frame\n");
3075 ret = ieee80211_radiotap_iterator_next(&iter);
3079 printf("received invalid radiotap frame (%d)\n", ret);
3082 switch (iter.this_arg_index) {
3083 case IEEE80211_RADIOTAP_FLAGS:
3084 if (*iter.this_arg & IEEE80211_RADIOTAP_F_FCS)
3087 case IEEE80211_RADIOTAP_RX_FLAGS:
3090 case IEEE80211_RADIOTAP_TX_FLAGS:
3092 failed = le_to_host16((*(uint16_t *) iter.this_arg)) &
3093 IEEE80211_RADIOTAP_F_TX_FAIL;
3095 case IEEE80211_RADIOTAP_DATA_RETRIES:
3097 case IEEE80211_RADIOTAP_CHANNEL:
3098 /* TODO: convert from freq/flags to channel number */
3100 case IEEE80211_RADIOTAP_RATE:
3101 datarate = *iter.this_arg * 5;
3103 case IEEE80211_RADIOTAP_DB_ANTSIGNAL:
3104 ssi_signal = *iter.this_arg;
3109 if (rxflags && injected)
3113 handle_frame(drv, buf + iter.max_length,
3114 len - iter.max_length, datarate, ssi_signal);
3116 handle_tx_callback(drv->ctx, buf + iter.max_length,
3117 len - iter.max_length, !failed);
3122 * we post-process the filter code later and rewrite
3123 * this to the offset to the last instruction
3128 static struct sock_filter msock_filter_insns[] = {
3130 * do a little-endian load of the radiotap length field
3132 /* load lower byte into A */
3133 BPF_STMT(BPF_LD | BPF_B | BPF_ABS, 2),
3134 /* put it into X (== index register) */
3135 BPF_STMT(BPF_MISC| BPF_TAX, 0),
3136 /* load upper byte into A */
3137 BPF_STMT(BPF_LD | BPF_B | BPF_ABS, 3),
3138 /* left-shift it by 8 */
3139 BPF_STMT(BPF_ALU | BPF_LSH | BPF_K, 8),
3141 BPF_STMT(BPF_ALU | BPF_OR | BPF_X, 0),
3142 /* put result into X */
3143 BPF_STMT(BPF_MISC| BPF_TAX, 0),
3146 * Allow management frames through, this also gives us those
3147 * management frames that we sent ourselves with status
3149 /* load the lower byte of the IEEE 802.11 frame control field */
3150 BPF_STMT(BPF_LD | BPF_B | BPF_IND, 0),
3151 /* mask off frame type and version */
3152 BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0xF),
3153 /* accept frame if it's both 0, fall through otherwise */
3154 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 0, PASS, 0),
3157 * TODO: add a bit to radiotap RX flags that indicates
3158 * that the sending station is not associated, then
3159 * add a filter here that filters on our DA and that flag
3160 * to allow us to deauth frames to that bad station.
3162 * Not a regression -- we didn't do it before either.
3167 * drop non-data frames
3169 /* load the lower byte of the frame control field */
3170 BPF_STMT(BPF_LD | BPF_B | BPF_IND, 0),
3171 /* mask off QoS bit */
3172 BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0x0c),
3173 /* drop non-data frames */
3174 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 8, 0, FAIL),
3176 /* load the upper byte of the frame control field */
3177 BPF_STMT(BPF_LD | BPF_B | BPF_IND, 1),
3178 /* mask off toDS/fromDS */
3179 BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0x03),
3180 /* accept WDS frames */
3181 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 3, PASS, 0),
3184 * add header length to index
3186 /* load the lower byte of the frame control field */
3187 BPF_STMT(BPF_LD | BPF_B | BPF_IND, 0),
3188 /* mask off QoS bit */
3189 BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0x80),
3190 /* right shift it by 6 to give 0 or 2 */
3191 BPF_STMT(BPF_ALU | BPF_RSH | BPF_K, 6),
3192 /* add data frame header length */
3193 BPF_STMT(BPF_ALU | BPF_ADD | BPF_K, 24),
3194 /* add index, was start of 802.11 header */
3195 BPF_STMT(BPF_ALU | BPF_ADD | BPF_X, 0),
3196 /* move to index, now start of LL header */
3197 BPF_STMT(BPF_MISC | BPF_TAX, 0),
3200 * Accept empty data frames, we use those for
3203 BPF_STMT(BPF_LD | BPF_W | BPF_LEN, 0),
3204 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_X, 0, PASS, 0),
3207 * Accept EAPOL frames
3209 BPF_STMT(BPF_LD | BPF_W | BPF_IND, 0),
3210 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 0xAAAA0300, 0, FAIL),
3211 BPF_STMT(BPF_LD | BPF_W | BPF_IND, 4),
3212 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 0x0000888E, PASS, FAIL),
3214 /* keep these last two statements or change the code below */
3215 /* return 0 == "DROP" */
3216 BPF_STMT(BPF_RET | BPF_K, 0),
3217 /* return ~0 == "keep all" */
3218 BPF_STMT(BPF_RET | BPF_K, ~0),
3221 static struct sock_fprog msock_filter = {
3222 .len = sizeof(msock_filter_insns)/sizeof(msock_filter_insns[0]),
3223 .filter = msock_filter_insns,
3227 static int add_monitor_filter(int s)
3231 /* rewrite all PASS/FAIL jump offsets */
3232 for (idx = 0; idx < msock_filter.len; idx++) {
3233 struct sock_filter *insn = &msock_filter_insns[idx];
3235 if (BPF_CLASS(insn->code) == BPF_JMP) {
3236 if (insn->code == (BPF_JMP|BPF_JA)) {
3237 if (insn->k == PASS)
3238 insn->k = msock_filter.len - idx - 2;
3239 else if (insn->k == FAIL)
3240 insn->k = msock_filter.len - idx - 3;
3243 if (insn->jt == PASS)
3244 insn->jt = msock_filter.len - idx - 2;
3245 else if (insn->jt == FAIL)
3246 insn->jt = msock_filter.len - idx - 3;
3248 if (insn->jf == PASS)
3249 insn->jf = msock_filter.len - idx - 2;
3250 else if (insn->jf == FAIL)
3251 insn->jf = msock_filter.len - idx - 3;
3255 if (setsockopt(s, SOL_SOCKET, SO_ATTACH_FILTER,
3256 &msock_filter, sizeof(msock_filter))) {
3257 perror("SO_ATTACH_FILTER");
3265 static void nl80211_remove_monitor_interface(
3266 struct wpa_driver_nl80211_data *drv)
3268 if (drv->monitor_ifidx >= 0) {
3269 nl80211_remove_iface(drv, drv->monitor_ifidx);
3270 drv->monitor_ifidx = -1;
3272 if (drv->monitor_sock >= 0) {
3273 eloop_unregister_read_sock(drv->monitor_sock);
3274 close(drv->monitor_sock);
3275 drv->monitor_sock = -1;
3281 nl80211_create_monitor_interface(struct wpa_driver_nl80211_data *drv)
3284 struct sockaddr_ll ll;
3288 snprintf(buf, IFNAMSIZ, "mon.%s", drv->first_bss.ifname);
3289 buf[IFNAMSIZ - 1] = '\0';
3291 drv->monitor_ifidx =
3292 nl80211_create_iface(drv, buf, NL80211_IFTYPE_MONITOR, NULL,
3295 if (drv->monitor_ifidx < 0)
3298 if (linux_set_iface_flags(drv->ioctl_sock, buf, 1))
3301 memset(&ll, 0, sizeof(ll));
3302 ll.sll_family = AF_PACKET;
3303 ll.sll_ifindex = drv->monitor_ifidx;
3304 drv->monitor_sock = socket(PF_PACKET, SOCK_RAW, htons(ETH_P_ALL));
3305 if (drv->monitor_sock < 0) {
3306 perror("socket[PF_PACKET,SOCK_RAW]");
3310 if (add_monitor_filter(drv->monitor_sock)) {
3311 wpa_printf(MSG_INFO, "Failed to set socket filter for monitor "
3312 "interface; do filtering in user space");
3313 /* This works, but will cost in performance. */
3316 if (bind(drv->monitor_sock, (struct sockaddr *) &ll, sizeof(ll)) < 0) {
3317 perror("monitor socket bind");
3321 optlen = sizeof(optval);
3324 (drv->monitor_sock, SOL_SOCKET, SO_PRIORITY, &optval, optlen)) {
3325 perror("Failed to set socket priority");
3329 if (eloop_register_read_sock(drv->monitor_sock, handle_monitor_read,
3331 printf("Could not register monitor read socket\n");
3337 nl80211_remove_monitor_interface(drv);
3342 static const u8 rfc1042_header[6] = { 0xaa, 0xaa, 0x03, 0x00, 0x00, 0x00 };
3344 static int wpa_driver_nl80211_hapd_send_eapol(
3345 void *priv, const u8 *addr, const u8 *data,
3346 size_t data_len, int encrypt, const u8 *own_addr)
3348 struct i802_bss *bss = priv;
3349 struct wpa_driver_nl80211_data *drv = bss->drv;
3350 struct ieee80211_hdr *hdr;
3355 int qos = sta->flags & WPA_STA_WMM;
3360 len = sizeof(*hdr) + (qos ? 2 : 0) + sizeof(rfc1042_header) + 2 +
3362 hdr = os_zalloc(len);
3364 printf("malloc() failed for i802_send_data(len=%lu)\n",
3365 (unsigned long) len);
3369 hdr->frame_control =
3370 IEEE80211_FC(WLAN_FC_TYPE_DATA, WLAN_FC_STYPE_DATA);
3371 hdr->frame_control |= host_to_le16(WLAN_FC_FROMDS);
3373 hdr->frame_control |= host_to_le16(WLAN_FC_ISWEP);
3374 #if 0 /* To be enabled if qos determination is added above */
3376 hdr->frame_control |=
3377 host_to_le16(WLAN_FC_STYPE_QOS_DATA << 4);
3381 memcpy(hdr->IEEE80211_DA_FROMDS, addr, ETH_ALEN);
3382 memcpy(hdr->IEEE80211_BSSID_FROMDS, own_addr, ETH_ALEN);
3383 memcpy(hdr->IEEE80211_SA_FROMDS, own_addr, ETH_ALEN);
3384 pos = (u8 *) (hdr + 1);
3386 #if 0 /* To be enabled if qos determination is added above */
3388 /* add an empty QoS header if needed */
3395 memcpy(pos, rfc1042_header, sizeof(rfc1042_header));
3396 pos += sizeof(rfc1042_header);
3397 WPA_PUT_BE16(pos, ETH_P_PAE);
3399 memcpy(pos, data, data_len);
3401 res = wpa_driver_nl80211_send_frame(drv, (u8 *) hdr, len, encrypt);
3403 wpa_printf(MSG_ERROR, "i802_send_eapol - packet len: %lu - "
3405 (unsigned long) len, errno, strerror(errno));
3413 static u32 sta_flags_nl80211(int flags)
3417 if (flags & WPA_STA_AUTHORIZED)
3418 f |= BIT(NL80211_STA_FLAG_AUTHORIZED);
3419 if (flags & WPA_STA_WMM)
3420 f |= BIT(NL80211_STA_FLAG_WME);
3421 if (flags & WPA_STA_SHORT_PREAMBLE)
3422 f |= BIT(NL80211_STA_FLAG_SHORT_PREAMBLE);
3423 if (flags & WPA_STA_MFP)
3424 f |= BIT(NL80211_STA_FLAG_MFP);
3430 static int wpa_driver_nl80211_sta_set_flags(void *priv, const u8 *addr,
3432 int flags_or, int flags_and)
3434 struct i802_bss *bss = priv;
3435 struct wpa_driver_nl80211_data *drv = bss->drv;
3436 struct nl_msg *msg, *flags = NULL;
3437 struct nl80211_sta_flag_update upd;
3439 msg = nlmsg_alloc();
3443 flags = nlmsg_alloc();
3449 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
3450 0, NL80211_CMD_SET_STATION, 0);
3452 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
3453 if_nametoindex(bss->ifname));
3454 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
3457 * Backwards compatibility version using NL80211_ATTR_STA_FLAGS. This
3458 * can be removed eventually.
3460 if (total_flags & WPA_STA_AUTHORIZED)
3461 NLA_PUT_FLAG(flags, NL80211_STA_FLAG_AUTHORIZED);
3463 if (total_flags & WPA_STA_WMM)
3464 NLA_PUT_FLAG(flags, NL80211_STA_FLAG_WME);
3466 if (total_flags & WPA_STA_SHORT_PREAMBLE)
3467 NLA_PUT_FLAG(flags, NL80211_STA_FLAG_SHORT_PREAMBLE);
3469 if (total_flags & WPA_STA_MFP)
3470 NLA_PUT_FLAG(flags, NL80211_STA_FLAG_MFP);
3472 if (nla_put_nested(msg, NL80211_ATTR_STA_FLAGS, flags))
3473 goto nla_put_failure;
3475 os_memset(&upd, 0, sizeof(upd));
3476 upd.mask = sta_flags_nl80211(flags_or | ~flags_and);
3477 upd.set = sta_flags_nl80211(flags_or);
3478 NLA_PUT(msg, NL80211_ATTR_STA_FLAGS2, sizeof(upd), &upd);
3482 return send_and_recv_msgs(drv, msg, NULL, NULL);
3489 static int wpa_driver_nl80211_ap(struct wpa_driver_nl80211_data *drv,
3490 struct wpa_driver_associate_params *params)
3492 if (wpa_driver_nl80211_set_mode(&drv->first_bss, params->mode) ||
3493 wpa_driver_nl80211_set_freq(drv, params->freq, 0, 0)) {
3494 nl80211_remove_monitor_interface(drv);
3498 /* TODO: setup monitor interface (and add code somewhere to remove this
3499 * when AP mode is stopped; associate with mode != 2 or drv_deinit) */
3505 static int nl80211_leave_ibss(struct wpa_driver_nl80211_data *drv)
3510 msg = nlmsg_alloc();
3514 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
3515 NL80211_CMD_LEAVE_IBSS, 0);
3516 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
3517 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
3520 wpa_printf(MSG_DEBUG, "nl80211: Leave IBSS failed: ret=%d "
3521 "(%s)", ret, strerror(-ret));
3522 goto nla_put_failure;
3526 wpa_printf(MSG_DEBUG, "nl80211: Leave IBSS request sent successfully");
3534 static int wpa_driver_nl80211_ibss(struct wpa_driver_nl80211_data *drv,
3535 struct wpa_driver_associate_params *params)
3541 wpa_printf(MSG_DEBUG, "nl80211: Join IBSS (ifindex=%d)", drv->ifindex);
3543 if (wpa_driver_nl80211_set_mode(&drv->first_bss, params->mode)) {
3544 wpa_printf(MSG_INFO, "nl80211: Failed to set interface into "
3550 msg = nlmsg_alloc();
3554 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
3555 NL80211_CMD_JOIN_IBSS, 0);
3556 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
3558 if (params->ssid == NULL || params->ssid_len > sizeof(drv->ssid))
3559 goto nla_put_failure;
3561 wpa_hexdump_ascii(MSG_DEBUG, " * SSID",
3562 params->ssid, params->ssid_len);
3563 NLA_PUT(msg, NL80211_ATTR_SSID, params->ssid_len,
3565 os_memcpy(drv->ssid, params->ssid, params->ssid_len);
3566 drv->ssid_len = params->ssid_len;
3568 wpa_printf(MSG_DEBUG, " * freq=%d", params->freq);
3569 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, params->freq);
3571 ret = nl80211_set_conn_keys(params, msg);
3573 goto nla_put_failure;
3575 if (params->wpa_ie) {
3576 wpa_hexdump(MSG_DEBUG,
3577 " * Extra IEs for Beacon/Probe Response frames",
3578 params->wpa_ie, params->wpa_ie_len);
3579 NLA_PUT(msg, NL80211_ATTR_IE, params->wpa_ie_len,
3583 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
3586 wpa_printf(MSG_DEBUG, "nl80211: Join IBSS failed: ret=%d (%s)",
3587 ret, strerror(-ret));
3589 if (ret == -EALREADY && count == 1) {
3590 wpa_printf(MSG_DEBUG, "nl80211: Retry IBSS join after "
3592 nl80211_leave_ibss(drv);
3597 goto nla_put_failure;
3600 wpa_printf(MSG_DEBUG, "nl80211: Join IBSS request sent successfully");
3608 static int wpa_driver_nl80211_connect(
3609 struct wpa_driver_nl80211_data *drv,
3610 struct wpa_driver_associate_params *params)
3613 enum nl80211_auth_type type;
3616 msg = nlmsg_alloc();
3620 wpa_printf(MSG_DEBUG, "nl80211: Connect (ifindex=%d)", drv->ifindex);
3621 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
3622 NL80211_CMD_CONNECT, 0);
3624 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
3625 if (params->bssid) {
3626 wpa_printf(MSG_DEBUG, " * bssid=" MACSTR,
3627 MAC2STR(params->bssid));
3628 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid);
3631 wpa_printf(MSG_DEBUG, " * freq=%d", params->freq);
3632 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, params->freq);
3635 wpa_hexdump_ascii(MSG_DEBUG, " * SSID",
3636 params->ssid, params->ssid_len);
3637 NLA_PUT(msg, NL80211_ATTR_SSID, params->ssid_len,
3639 if (params->ssid_len > sizeof(drv->ssid))
3640 goto nla_put_failure;
3641 os_memcpy(drv->ssid, params->ssid, params->ssid_len);
3642 drv->ssid_len = params->ssid_len;
3644 wpa_hexdump(MSG_DEBUG, " * IEs", params->wpa_ie, params->wpa_ie_len);
3646 NLA_PUT(msg, NL80211_ATTR_IE, params->wpa_ie_len,
3649 if (params->auth_alg & WPA_AUTH_ALG_OPEN)
3650 type = NL80211_AUTHTYPE_OPEN_SYSTEM;
3651 else if (params->auth_alg & WPA_AUTH_ALG_SHARED)
3652 type = NL80211_AUTHTYPE_SHARED_KEY;
3653 else if (params->auth_alg & WPA_AUTH_ALG_LEAP)
3654 type = NL80211_AUTHTYPE_NETWORK_EAP;
3655 else if (params->auth_alg & WPA_AUTH_ALG_FT)
3656 type = NL80211_AUTHTYPE_FT;
3658 goto nla_put_failure;
3660 wpa_printf(MSG_DEBUG, " * Auth Type %d", type);
3661 NLA_PUT_U32(msg, NL80211_ATTR_AUTH_TYPE, type);
3663 if (params->wpa_ie && params->wpa_ie_len) {
3664 enum nl80211_wpa_versions ver;
3666 if (params->wpa_ie[0] == WLAN_EID_RSN)
3667 ver = NL80211_WPA_VERSION_2;
3669 ver = NL80211_WPA_VERSION_1;
3671 wpa_printf(MSG_DEBUG, " * WPA Version %d", ver);
3672 NLA_PUT_U32(msg, NL80211_ATTR_WPA_VERSIONS, ver);
3675 if (params->pairwise_suite != CIPHER_NONE) {
3678 switch (params->pairwise_suite) {
3680 cipher = WLAN_CIPHER_SUITE_WEP40;
3683 cipher = WLAN_CIPHER_SUITE_WEP104;
3686 cipher = WLAN_CIPHER_SUITE_CCMP;
3690 cipher = WLAN_CIPHER_SUITE_TKIP;
3693 NLA_PUT_U32(msg, NL80211_ATTR_CIPHER_SUITES_PAIRWISE, cipher);
3696 if (params->group_suite != CIPHER_NONE) {
3699 switch (params->group_suite) {
3701 cipher = WLAN_CIPHER_SUITE_WEP40;
3704 cipher = WLAN_CIPHER_SUITE_WEP104;
3707 cipher = WLAN_CIPHER_SUITE_CCMP;
3711 cipher = WLAN_CIPHER_SUITE_TKIP;
3714 NLA_PUT_U32(msg, NL80211_ATTR_CIPHER_SUITE_GROUP, cipher);
3717 if (params->key_mgmt_suite == KEY_MGMT_802_1X ||
3718 params->key_mgmt_suite == KEY_MGMT_PSK) {
3719 int mgmt = WLAN_AKM_SUITE_PSK;
3721 switch (params->key_mgmt_suite) {
3722 case KEY_MGMT_802_1X:
3723 mgmt = WLAN_AKM_SUITE_8021X;
3727 mgmt = WLAN_AKM_SUITE_PSK;
3730 NLA_PUT_U32(msg, NL80211_ATTR_AKM_SUITES, mgmt);
3733 ret = nl80211_set_conn_keys(params, msg);
3735 goto nla_put_failure;
3737 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
3740 wpa_printf(MSG_DEBUG, "nl80211: MLME connect failed: ret=%d "
3741 "(%s)", ret, strerror(-ret));
3742 goto nla_put_failure;
3745 wpa_printf(MSG_DEBUG, "nl80211: Connect request send successfully");
3754 static int wpa_driver_nl80211_associate(
3755 void *priv, struct wpa_driver_associate_params *params)
3757 struct i802_bss *bss = priv;
3758 struct wpa_driver_nl80211_data *drv = bss->drv;
3762 if (params->mode == IEEE80211_MODE_AP)
3763 return wpa_driver_nl80211_ap(drv, params);
3765 if (params->mode == IEEE80211_MODE_IBSS)
3766 return wpa_driver_nl80211_ibss(drv, params);
3768 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME)) {
3769 if (wpa_driver_nl80211_set_mode(priv, params->mode) < 0)
3771 return wpa_driver_nl80211_connect(drv, params);
3774 drv->associated = 0;
3776 msg = nlmsg_alloc();
3780 wpa_printf(MSG_DEBUG, "nl80211: Associate (ifindex=%d)",
3782 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
3783 NL80211_CMD_ASSOCIATE, 0);
3785 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
3786 if (params->bssid) {
3787 wpa_printf(MSG_DEBUG, " * bssid=" MACSTR,
3788 MAC2STR(params->bssid));
3789 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid);
3792 wpa_printf(MSG_DEBUG, " * freq=%d", params->freq);
3793 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, params->freq);
3794 drv->assoc_freq = params->freq;
3796 drv->assoc_freq = 0;
3798 wpa_hexdump_ascii(MSG_DEBUG, " * SSID",
3799 params->ssid, params->ssid_len);
3800 NLA_PUT(msg, NL80211_ATTR_SSID, params->ssid_len,
3802 if (params->ssid_len > sizeof(drv->ssid))
3803 goto nla_put_failure;
3804 os_memcpy(drv->ssid, params->ssid, params->ssid_len);
3805 drv->ssid_len = params->ssid_len;
3807 wpa_hexdump(MSG_DEBUG, " * IEs", params->wpa_ie, params->wpa_ie_len);
3809 NLA_PUT(msg, NL80211_ATTR_IE, params->wpa_ie_len,
3812 #ifdef CONFIG_IEEE80211W
3813 if (params->mgmt_frame_protection == MGMT_FRAME_PROTECTION_REQUIRED)
3814 NLA_PUT_U32(msg, NL80211_ATTR_USE_MFP, NL80211_MFP_REQUIRED);
3815 #endif /* CONFIG_IEEE80211W */
3817 NLA_PUT_FLAG(msg, NL80211_ATTR_CONTROL_PORT);
3819 if (params->prev_bssid) {
3820 wpa_printf(MSG_DEBUG, " * prev_bssid=" MACSTR,
3821 MAC2STR(params->prev_bssid));
3822 NLA_PUT(msg, NL80211_ATTR_PREV_BSSID, ETH_ALEN,
3823 params->prev_bssid);
3826 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
3829 wpa_printf(MSG_DEBUG, "nl80211: MLME command failed: ret=%d "
3830 "(%s)", ret, strerror(-ret));
3831 nl80211_dump_scan(drv);
3832 goto nla_put_failure;
3835 wpa_printf(MSG_DEBUG, "nl80211: Association request send "
3844 static int nl80211_set_mode(struct wpa_driver_nl80211_data *drv,
3845 int ifindex, int mode)
3850 msg = nlmsg_alloc();
3854 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
3855 0, NL80211_CMD_SET_INTERFACE, 0);
3856 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifindex);
3857 NLA_PUT_U32(msg, NL80211_ATTR_IFTYPE, mode);
3859 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
3863 wpa_printf(MSG_DEBUG, "nl80211: Failed to set interface %d to mode %d:"
3864 " %d (%s)", ifindex, mode, ret, strerror(-ret));
3869 static int wpa_driver_nl80211_set_mode(void *priv, int mode)
3871 struct i802_bss *bss = priv;
3872 struct wpa_driver_nl80211_data *drv = bss->drv;
3878 nlmode = NL80211_IFTYPE_STATION;
3881 nlmode = NL80211_IFTYPE_ADHOC;
3884 nlmode = NL80211_IFTYPE_AP;
3890 if (nl80211_set_mode(drv, drv->ifindex, nlmode) == 0) {
3891 drv->nlmode = nlmode;
3896 if (nlmode == drv->nlmode) {
3897 wpa_printf(MSG_DEBUG, "nl80211: Interface already in "
3898 "requested mode - ignore error");
3900 goto done; /* Already in the requested mode */
3903 /* mac80211 doesn't allow mode changes while the device is up, so
3904 * take the device down, try to set the mode again, and bring the
3907 if (linux_set_iface_flags(drv->ioctl_sock, bss->ifname, 0) == 0) {
3908 /* Try to set the mode again while the interface is down */
3909 ret = nl80211_set_mode(drv, drv->ifindex, nlmode);
3910 if (linux_set_iface_flags(drv->ioctl_sock, bss->ifname, 1))
3915 wpa_printf(MSG_DEBUG, "nl80211: Mode change succeeded while "
3916 "interface is down");
3917 drv->nlmode = nlmode;
3921 if (!ret && nlmode == NL80211_IFTYPE_AP) {
3922 /* Setup additional AP mode functionality if needed */
3923 if (drv->monitor_ifidx < 0 &&
3924 nl80211_create_monitor_interface(drv))
3926 } else if (!ret && nlmode != NL80211_IFTYPE_AP) {
3927 /* Remove additional AP mode functionality */
3928 nl80211_remove_monitor_interface(drv);
3929 bss->beacon_set = 0;
3933 wpa_printf(MSG_DEBUG, "nl80211: Interface mode change to %d "
3934 "from %d failed", nlmode, drv->nlmode);
3940 static int wpa_driver_nl80211_get_capa(void *priv,
3941 struct wpa_driver_capa *capa)
3943 struct i802_bss *bss = priv;
3944 struct wpa_driver_nl80211_data *drv = bss->drv;
3945 if (!drv->has_capability)
3947 os_memcpy(capa, &drv->capa, sizeof(*capa));
3952 static int wpa_driver_nl80211_set_operstate(void *priv, int state)
3954 struct i802_bss *bss = priv;
3955 struct wpa_driver_nl80211_data *drv = bss->drv;
3957 wpa_printf(MSG_DEBUG, "%s: operstate %d->%d (%s)",
3958 __func__, drv->operstate, state, state ? "UP" : "DORMANT");
3959 drv->operstate = state;
3960 return netlink_send_oper_ifla(drv->netlink, drv->ifindex, -1,
3961 state ? IF_OPER_UP : IF_OPER_DORMANT);
3965 static int wpa_driver_nl80211_set_supp_port(void *priv, int authorized)
3967 struct i802_bss *bss = priv;
3968 struct wpa_driver_nl80211_data *drv = bss->drv;
3970 struct nl80211_sta_flag_update upd;
3972 msg = nlmsg_alloc();
3976 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
3977 0, NL80211_CMD_SET_STATION, 0);
3979 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
3980 if_nametoindex(bss->ifname));
3981 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, drv->bssid);
3983 os_memset(&upd, 0, sizeof(upd));
3984 upd.mask = BIT(NL80211_STA_FLAG_AUTHORIZED);
3986 upd.set = BIT(NL80211_STA_FLAG_AUTHORIZED);
3987 NLA_PUT(msg, NL80211_ATTR_STA_FLAGS2, sizeof(upd), &upd);
3989 return send_and_recv_msgs(drv, msg, NULL, NULL);
3997 static void add_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx)
4002 wpa_printf(MSG_DEBUG, "nl80211: Add own interface ifindex %d",
4004 for (i = 0; i < drv->num_if_indices; i++) {
4005 if (drv->if_indices[i] == 0) {
4006 drv->if_indices[i] = ifidx;
4011 if (drv->if_indices != drv->default_if_indices)
4012 old = drv->if_indices;
4016 drv->if_indices = os_realloc(old,
4017 sizeof(int) * (drv->num_if_indices + 1));
4018 if (!drv->if_indices) {
4020 drv->if_indices = drv->default_if_indices;
4022 drv->if_indices = old;
4023 wpa_printf(MSG_ERROR, "Failed to reallocate memory for "
4025 wpa_printf(MSG_ERROR, "Ignoring EAPOL on interface %d", ifidx);
4028 drv->if_indices[drv->num_if_indices] = ifidx;
4029 drv->num_if_indices++;
4033 static void del_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx)
4037 for (i = 0; i < drv->num_if_indices; i++) {
4038 if (drv->if_indices[i] == ifidx) {
4039 drv->if_indices[i] = 0;
4046 static int have_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx)
4050 for (i = 0; i < drv->num_if_indices; i++)
4051 if (drv->if_indices[i] == ifidx)
4058 static inline int min_int(int a, int b)
4066 static int get_key_handler(struct nl_msg *msg, void *arg)
4068 struct nlattr *tb[NL80211_ATTR_MAX + 1];
4069 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
4071 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
4072 genlmsg_attrlen(gnlh, 0), NULL);
4075 * TODO: validate the key index and mac address!
4076 * Otherwise, there's a race condition as soon as
4077 * the kernel starts sending key notifications.
4080 if (tb[NL80211_ATTR_KEY_SEQ])
4081 memcpy(arg, nla_data(tb[NL80211_ATTR_KEY_SEQ]),
4082 min_int(nla_len(tb[NL80211_ATTR_KEY_SEQ]), 6));
4087 static int i802_get_seqnum(const char *iface, void *priv, const u8 *addr,
4090 struct i802_bss *bss = priv;
4091 struct wpa_driver_nl80211_data *drv = bss->drv;
4094 msg = nlmsg_alloc();
4098 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
4099 0, NL80211_CMD_GET_KEY, 0);
4102 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
4103 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, idx);
4104 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(iface));
4108 return send_and_recv_msgs(drv, msg, get_key_handler, seq);
4114 static int i802_set_rate_sets(void *priv, int *supp_rates, int *basic_rates,
4117 struct i802_bss *bss = priv;
4118 struct wpa_driver_nl80211_data *drv = bss->drv;
4120 u8 rates[NL80211_MAX_SUPP_RATES];
4124 msg = nlmsg_alloc();
4128 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
4129 NL80211_CMD_SET_BSS, 0);
4131 for (i = 0; i < NL80211_MAX_SUPP_RATES && basic_rates[i] >= 0; i++)
4132 rates[rates_len++] = basic_rates[i] / 5;
4134 NLA_PUT(msg, NL80211_ATTR_BSS_BASIC_RATES, rates_len, rates);
4136 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(bss->ifname));
4138 return send_and_recv_msgs(drv, msg, NULL, NULL);
4144 /* Set kernel driver on given frequency (MHz) */
4145 static int i802_set_freq(void *priv, struct hostapd_freq_params *freq)
4147 struct i802_bss *bss = priv;
4148 struct wpa_driver_nl80211_data *drv = bss->drv;
4149 return wpa_driver_nl80211_set_freq(drv, freq->freq, freq->ht_enabled,
4150 freq->sec_channel_offset);
4154 static int i802_set_rts(void *priv, int rts)
4156 struct i802_bss *bss = priv;
4157 struct wpa_driver_nl80211_data *drv = bss->drv;
4162 msg = nlmsg_alloc();
4171 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
4172 0, NL80211_CMD_SET_WIPHY, 0);
4173 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
4174 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_RTS_THRESHOLD, val);
4176 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
4180 wpa_printf(MSG_DEBUG, "nl80211: Failed to set RTS threshold %d: "
4181 "%d (%s)", rts, ret, strerror(-ret));
4186 static int i802_set_frag(void *priv, int frag)
4188 struct i802_bss *bss = priv;
4189 struct wpa_driver_nl80211_data *drv = bss->drv;
4194 msg = nlmsg_alloc();
4203 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
4204 0, NL80211_CMD_SET_WIPHY, 0);
4205 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
4206 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FRAG_THRESHOLD, val);
4208 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
4212 wpa_printf(MSG_DEBUG, "nl80211: Failed to set fragmentation threshold "
4213 "%d: %d (%s)", frag, ret, strerror(-ret));
4218 static int i802_flush(void *priv)
4220 struct i802_bss *bss = priv;
4221 struct wpa_driver_nl80211_data *drv = bss->drv;
4224 msg = nlmsg_alloc();
4228 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
4229 0, NL80211_CMD_DEL_STATION, 0);
4232 * XXX: FIX! this needs to flush all VLANs too
4234 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
4235 if_nametoindex(bss->ifname));
4237 return send_and_recv_msgs(drv, msg, NULL, NULL);
4243 static int get_sta_handler(struct nl_msg *msg, void *arg)
4245 struct nlattr *tb[NL80211_ATTR_MAX + 1];
4246 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
4247 struct hostap_sta_driver_data *data = arg;
4248 struct nlattr *stats[NL80211_STA_INFO_MAX + 1];
4249 static struct nla_policy stats_policy[NL80211_STA_INFO_MAX + 1] = {
4250 [NL80211_STA_INFO_INACTIVE_TIME] = { .type = NLA_U32 },
4251 [NL80211_STA_INFO_RX_BYTES] = { .type = NLA_U32 },
4252 [NL80211_STA_INFO_TX_BYTES] = { .type = NLA_U32 },
4253 [NL80211_STA_INFO_RX_PACKETS] = { .type = NLA_U32 },
4254 [NL80211_STA_INFO_TX_PACKETS] = { .type = NLA_U32 },
4257 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
4258 genlmsg_attrlen(gnlh, 0), NULL);
4261 * TODO: validate the interface and mac address!
4262 * Otherwise, there's a race condition as soon as
4263 * the kernel starts sending station notifications.
4266 if (!tb[NL80211_ATTR_STA_INFO]) {
4267 wpa_printf(MSG_DEBUG, "sta stats missing!");
4270 if (nla_parse_nested(stats, NL80211_STA_INFO_MAX,
4271 tb[NL80211_ATTR_STA_INFO],
4273 wpa_printf(MSG_DEBUG, "failed to parse nested attributes!");
4277 if (stats[NL80211_STA_INFO_INACTIVE_TIME])
4278 data->inactive_msec =
4279 nla_get_u32(stats[NL80211_STA_INFO_INACTIVE_TIME]);
4280 if (stats[NL80211_STA_INFO_RX_BYTES])
4281 data->rx_bytes = nla_get_u32(stats[NL80211_STA_INFO_RX_BYTES]);
4282 if (stats[NL80211_STA_INFO_TX_BYTES])
4283 data->tx_bytes = nla_get_u32(stats[NL80211_STA_INFO_TX_BYTES]);
4284 if (stats[NL80211_STA_INFO_RX_PACKETS])
4286 nla_get_u32(stats[NL80211_STA_INFO_RX_PACKETS]);
4287 if (stats[NL80211_STA_INFO_TX_PACKETS])
4289 nla_get_u32(stats[NL80211_STA_INFO_TX_PACKETS]);
4294 static int i802_read_sta_data(void *priv, struct hostap_sta_driver_data *data,
4297 struct i802_bss *bss = priv;
4298 struct wpa_driver_nl80211_data *drv = bss->drv;
4301 os_memset(data, 0, sizeof(*data));
4302 msg = nlmsg_alloc();
4306 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
4307 0, NL80211_CMD_GET_STATION, 0);
4309 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
4310 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(bss->ifname));
4312 return send_and_recv_msgs(drv, msg, get_sta_handler, data);
4318 static int i802_set_tx_queue_params(void *priv, int queue, int aifs,
4319 int cw_min, int cw_max, int burst_time)
4321 struct i802_bss *bss = priv;
4322 struct wpa_driver_nl80211_data *drv = bss->drv;
4324 struct nlattr *txq, *params;
4326 msg = nlmsg_alloc();
4330 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
4331 0, NL80211_CMD_SET_WIPHY, 0);
4333 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(bss->ifname));
4335 txq = nla_nest_start(msg, NL80211_ATTR_WIPHY_TXQ_PARAMS);
4337 goto nla_put_failure;
4339 /* We are only sending parameters for a single TXQ at a time */
4340 params = nla_nest_start(msg, 1);
4342 goto nla_put_failure;
4344 NLA_PUT_U8(msg, NL80211_TXQ_ATTR_QUEUE, queue);
4345 /* Burst time is configured in units of 0.1 msec and TXOP parameter in
4346 * 32 usec, so need to convert the value here. */
4347 NLA_PUT_U16(msg, NL80211_TXQ_ATTR_TXOP, (burst_time * 100 + 16) / 32);
4348 NLA_PUT_U16(msg, NL80211_TXQ_ATTR_CWMIN, cw_min);
4349 NLA_PUT_U16(msg, NL80211_TXQ_ATTR_CWMAX, cw_max);
4350 NLA_PUT_U8(msg, NL80211_TXQ_ATTR_AIFS, aifs);
4352 nla_nest_end(msg, params);
4354 nla_nest_end(msg, txq);
4356 if (send_and_recv_msgs(drv, msg, NULL, NULL) == 0)
4363 static int i802_set_bss(void *priv, int cts, int preamble, int slot)
4365 struct i802_bss *bss = priv;
4366 struct wpa_driver_nl80211_data *drv = bss->drv;
4369 msg = nlmsg_alloc();
4373 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
4374 NL80211_CMD_SET_BSS, 0);
4377 NLA_PUT_U8(msg, NL80211_ATTR_BSS_CTS_PROT, cts);
4379 NLA_PUT_U8(msg, NL80211_ATTR_BSS_SHORT_PREAMBLE, preamble);
4381 NLA_PUT_U8(msg, NL80211_ATTR_BSS_SHORT_SLOT_TIME, slot);
4383 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(bss->ifname));
4385 return send_and_recv_msgs(drv, msg, NULL, NULL);
4391 static int i802_set_cts_protect(void *priv, int value)
4393 return i802_set_bss(priv, value, -1, -1);
4397 static int i802_set_preamble(void *priv, int value)
4399 return i802_set_bss(priv, -1, value, -1);
4403 static int i802_set_short_slot_time(void *priv, int value)
4405 return i802_set_bss(priv, -1, -1, value);
4409 static int i802_set_sta_vlan(void *priv, const u8 *addr,
4410 const char *ifname, int vlan_id)
4412 struct i802_bss *bss = priv;
4413 struct wpa_driver_nl80211_data *drv = bss->drv;
4416 msg = nlmsg_alloc();
4420 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
4421 0, NL80211_CMD_SET_STATION, 0);
4423 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
4424 if_nametoindex(bss->ifname));
4425 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
4426 NLA_PUT_U32(msg, NL80211_ATTR_STA_VLAN,
4427 if_nametoindex(ifname));
4429 return send_and_recv_msgs(drv, msg, NULL, NULL);
4435 static int i802_set_wds_sta(void *priv, const u8 *addr, int aid, int val)
4437 struct i802_bss *bss = priv;
4438 struct wpa_driver_nl80211_data *drv = bss->drv;
4439 char name[IFNAMSIZ + 1];
4441 os_snprintf(name, sizeof(name), "%s.sta%d", bss->ifname, aid);
4442 wpa_printf(MSG_DEBUG, "nl80211: Set WDS STA addr=" MACSTR
4443 " aid=%d val=%d name=%s", MAC2STR(addr), aid, val, name);
4445 if (nl80211_create_iface(drv, name, NL80211_IFTYPE_AP_VLAN,
4448 linux_set_iface_flags(drv->ioctl_sock, name, 1);
4449 return i802_set_sta_vlan(priv, addr, name, 0);
4451 i802_set_sta_vlan(priv, addr, bss->ifname, 0);
4452 return wpa_driver_nl80211_if_remove(priv, WPA_IF_AP_VLAN,
4458 static void handle_eapol(int sock, void *eloop_ctx, void *sock_ctx)
4460 struct wpa_driver_nl80211_data *drv = eloop_ctx;
4461 struct sockaddr_ll lladdr;
4462 unsigned char buf[3000];
4464 socklen_t fromlen = sizeof(lladdr);
4466 len = recvfrom(sock, buf, sizeof(buf), 0,
4467 (struct sockaddr *)&lladdr, &fromlen);
4473 if (have_ifidx(drv, lladdr.sll_ifindex))
4474 drv_event_eapol_rx(drv->ctx, lladdr.sll_addr, buf, len);
4478 static int i802_get_inact_sec(void *priv, const u8 *addr)
4480 struct hostap_sta_driver_data data;
4483 data.inactive_msec = (unsigned long) -1;
4484 ret = i802_read_sta_data(priv, &data, addr);
4485 if (ret || data.inactive_msec == (unsigned long) -1)
4487 return data.inactive_msec / 1000;
4491 static int i802_sta_clear_stats(void *priv, const u8 *addr)
4500 static int i802_sta_deauth(void *priv, const u8 *own_addr, const u8 *addr,
4503 struct i802_bss *bss = priv;
4504 struct ieee80211_mgmt mgmt;
4506 memset(&mgmt, 0, sizeof(mgmt));
4507 mgmt.frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT,
4508 WLAN_FC_STYPE_DEAUTH);
4509 memcpy(mgmt.da, addr, ETH_ALEN);
4510 memcpy(mgmt.sa, own_addr, ETH_ALEN);
4511 memcpy(mgmt.bssid, own_addr, ETH_ALEN);
4512 mgmt.u.deauth.reason_code = host_to_le16(reason);
4513 return wpa_driver_nl80211_send_mlme(bss, (u8 *) &mgmt,
4515 sizeof(mgmt.u.deauth));
4519 static int i802_sta_disassoc(void *priv, const u8 *own_addr, const u8 *addr,
4522 struct i802_bss *bss = priv;
4523 struct ieee80211_mgmt mgmt;
4525 memset(&mgmt, 0, sizeof(mgmt));
4526 mgmt.frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT,
4527 WLAN_FC_STYPE_DISASSOC);
4528 memcpy(mgmt.da, addr, ETH_ALEN);
4529 memcpy(mgmt.sa, own_addr, ETH_ALEN);
4530 memcpy(mgmt.bssid, own_addr, ETH_ALEN);
4531 mgmt.u.disassoc.reason_code = host_to_le16(reason);
4532 return wpa_driver_nl80211_send_mlme(bss, (u8 *) &mgmt,
4534 sizeof(mgmt.u.disassoc));
4538 static int i802_check_bridge(struct wpa_driver_nl80211_data *drv,
4539 const char *brname, const char *ifname)
4542 char in_br[IFNAMSIZ];
4544 os_strlcpy(drv->brname, brname, IFNAMSIZ);
4545 ifindex = if_nametoindex(brname);
4548 * Bridge was configured, but the bridge device does
4549 * not exist. Try to add it now.
4551 if (linux_br_add(drv->ioctl_sock, brname) < 0) {
4552 wpa_printf(MSG_ERROR, "nl80211: Failed to add the "
4553 "bridge interface %s: %s",
4554 brname, strerror(errno));
4557 drv->added_bridge = 1;
4558 add_ifidx(drv, if_nametoindex(brname));
4561 if (linux_br_get(in_br, ifname) == 0) {
4562 if (os_strcmp(in_br, brname) == 0)
4563 return 0; /* already in the bridge */
4565 wpa_printf(MSG_DEBUG, "nl80211: Removing interface %s from "
4566 "bridge %s", ifname, in_br);
4567 if (linux_br_del_if(drv->ioctl_sock, in_br, ifname) < 0) {
4568 wpa_printf(MSG_ERROR, "nl80211: Failed to "
4569 "remove interface %s from bridge "
4571 ifname, brname, strerror(errno));
4576 wpa_printf(MSG_DEBUG, "nl80211: Adding interface %s into bridge %s",
4578 if (linux_br_add_if(drv->ioctl_sock, brname, ifname) < 0) {
4579 wpa_printf(MSG_ERROR, "nl80211: Failed to add interface %s "
4580 "into bridge %s: %s",
4581 ifname, brname, strerror(errno));
4584 drv->added_if_into_bridge = 1;
4590 static void *i802_init(struct hostapd_data *hapd,
4591 struct wpa_init_params *params)
4593 struct wpa_driver_nl80211_data *drv;
4594 struct i802_bss *bss;
4596 char brname[IFNAMSIZ];
4597 int ifindex, br_ifindex;
4600 bss = wpa_driver_nl80211_init(hapd, params->ifname);
4605 if (linux_br_get(brname, params->ifname) == 0) {
4606 wpa_printf(MSG_DEBUG, "nl80211: Interface %s is in bridge %s",
4607 params->ifname, brname);
4608 br_ifindex = if_nametoindex(brname);
4614 drv->num_if_indices = sizeof(drv->default_if_indices) / sizeof(int);
4615 drv->if_indices = drv->default_if_indices;
4616 for (i = 0; i < params->num_bridge; i++) {
4617 if (params->bridge[i]) {
4618 ifindex = if_nametoindex(params->bridge[i]);
4620 add_ifidx(drv, ifindex);
4621 if (ifindex == br_ifindex)
4625 if (!br_added && br_ifindex &&
4626 (params->num_bridge == 0 || !params->bridge[0]))
4627 add_ifidx(drv, br_ifindex);
4629 /* start listening for EAPOL on the default AP interface */
4630 add_ifidx(drv, drv->ifindex);
4632 if (linux_set_iface_flags(drv->ioctl_sock, bss->ifname, 0))
4635 if (params->bssid) {
4636 if (linux_set_ifhwaddr(drv->ioctl_sock, bss->ifname,
4641 if (wpa_driver_nl80211_set_mode(bss, IEEE80211_MODE_AP)) {
4642 wpa_printf(MSG_ERROR, "nl80211: Failed to set interface %s "
4643 "into AP mode", bss->ifname);
4647 if (params->num_bridge && params->bridge[0] &&
4648 i802_check_bridge(drv, params->bridge[0], params->ifname) < 0)
4651 if (linux_set_iface_flags(drv->ioctl_sock, bss->ifname, 1))
4654 drv->eapol_sock = socket(PF_PACKET, SOCK_DGRAM, htons(ETH_P_PAE));
4655 if (drv->eapol_sock < 0) {
4656 perror("socket(PF_PACKET, SOCK_DGRAM, ETH_P_PAE)");
4660 if (eloop_register_read_sock(drv->eapol_sock, handle_eapol, drv, NULL))
4662 printf("Could not register read socket for eapol\n");
4666 if (linux_get_ifhwaddr(drv->ioctl_sock, bss->ifname, params->own_addr))
4672 nl80211_remove_monitor_interface(drv);
4673 if (drv->ioctl_sock >= 0)
4674 close(drv->ioctl_sock);
4676 genl_family_put(drv->nl80211);
4677 nl_cache_free(drv->nl_cache);
4678 nl_handle_destroy(drv->nl_handle);
4679 nl_cb_put(drv->nl_cb);
4686 static void i802_deinit(void *priv)
4688 wpa_driver_nl80211_deinit(priv);
4691 #endif /* HOSTAPD */
4694 static enum nl80211_iftype wpa_driver_nl80211_if_type(
4695 enum wpa_driver_if_type type)
4698 case WPA_IF_STATION:
4699 return NL80211_IFTYPE_STATION;
4700 case WPA_IF_AP_VLAN:
4701 return NL80211_IFTYPE_AP_VLAN;
4703 return NL80211_IFTYPE_AP;
4709 static int wpa_driver_nl80211_if_add(void *priv, enum wpa_driver_if_type type,
4710 const char *ifname, const u8 *addr,
4711 void *bss_ctx, void **drv_priv)
4713 struct i802_bss *bss = priv;
4714 struct wpa_driver_nl80211_data *drv = bss->drv;
4717 struct i802_bss *new_bss = NULL;
4719 if (type == WPA_IF_AP_BSS) {
4720 new_bss = os_zalloc(sizeof(*new_bss));
4721 if (new_bss == NULL)
4724 #endif /* HOSTAPD */
4726 ifidx = nl80211_create_iface(drv, ifname,
4727 wpa_driver_nl80211_if_type(type), addr,
4732 #endif /* HOSTAPD */
4737 if (type == WPA_IF_AP_BSS) {
4738 if (linux_set_iface_flags(drv->ioctl_sock, ifname, 1)) {
4739 nl80211_remove_iface(drv, ifidx);
4743 os_strlcpy(new_bss->ifname, ifname, IFNAMSIZ);
4744 new_bss->ifindex = ifidx;
4746 new_bss->next = drv->first_bss.next;
4747 drv->first_bss.next = new_bss;
4749 *drv_priv = new_bss;
4751 #endif /* HOSTAPD */
4757 static int wpa_driver_nl80211_if_remove(void *priv,
4758 enum wpa_driver_if_type type,
4761 struct i802_bss *bss = priv;
4762 struct wpa_driver_nl80211_data *drv = bss->drv;
4763 int ifindex = if_nametoindex(ifname);
4765 wpa_printf(MSG_DEBUG, "nl80211: %s(type=%d ifname=%s) ifindex=%d",
4766 __func__, type, ifname, ifindex);
4769 nl80211_remove_iface(drv, ifindex);
4772 if (type != WPA_IF_AP_BSS)
4775 if (bss != &drv->first_bss) {
4776 struct i802_bss *tbss = &drv->first_bss;
4779 if (tbss->next != bss)
4782 tbss->next = bss->next;
4787 #endif /* HOSTAPD */
4793 static int cookie_handler(struct nl_msg *msg, void *arg)
4795 struct nlattr *tb[NL80211_ATTR_MAX + 1];
4796 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
4798 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
4799 genlmsg_attrlen(gnlh, 0), NULL);
4800 if (tb[NL80211_ATTR_COOKIE])
4801 *cookie = nla_get_u64(tb[NL80211_ATTR_COOKIE]);
4806 static int wpa_driver_nl80211_send_action(void *priv, unsigned int freq,
4807 const u8 *dst, const u8 *src,
4809 const u8 *data, size_t data_len)
4811 struct i802_bss *bss = priv;
4812 struct wpa_driver_nl80211_data *drv = bss->drv;
4816 struct ieee80211_hdr *hdr;
4819 wpa_printf(MSG_DEBUG, "nl80211: Send Action frame (ifindex=%d)",
4822 buf = os_zalloc(24 + data_len);
4825 os_memcpy(buf + 24, data, data_len);
4826 hdr = (struct ieee80211_hdr *) buf;
4827 hdr->frame_control =
4828 IEEE80211_FC(WLAN_FC_TYPE_MGMT, WLAN_FC_STYPE_ACTION);
4829 os_memcpy(hdr->addr1, dst, ETH_ALEN);
4830 os_memcpy(hdr->addr2, src, ETH_ALEN);
4831 os_memcpy(hdr->addr3, bssid, ETH_ALEN);
4833 if (drv->nlmode == NL80211_IFTYPE_AP) {
4834 ret = wpa_driver_nl80211_send_mlme(priv, buf, 24 + data_len);
4839 msg = nlmsg_alloc();
4843 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
4844 NL80211_CMD_ACTION, 0);
4846 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
4847 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, freq);
4848 NLA_PUT(msg, NL80211_ATTR_FRAME, 24 + data_len, buf);
4852 ret = send_and_recv_msgs(drv, msg, cookie_handler, &cookie);
4855 wpa_printf(MSG_DEBUG, "nl80211: Action command failed: ret=%d "
4856 "(%s)", ret, strerror(-ret));
4857 goto nla_put_failure;
4859 wpa_printf(MSG_DEBUG, "nl80211: Action TX command accepted; "
4860 "cookie 0x%llx", (long long unsigned int) cookie);
4861 drv->send_action_cookie = cookie;
4862 drv->pending_send_action = 1;
4871 static int wpa_driver_nl80211_remain_on_channel(void *priv, unsigned int freq,
4872 unsigned int duration)
4874 struct i802_bss *bss = priv;
4875 struct wpa_driver_nl80211_data *drv = bss->drv;
4880 msg = nlmsg_alloc();
4884 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
4885 NL80211_CMD_REMAIN_ON_CHANNEL, 0);
4887 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
4888 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, freq);
4889 NLA_PUT_U32(msg, NL80211_ATTR_DURATION, duration);
4892 ret = send_and_recv_msgs(drv, msg, cookie_handler, &cookie);
4894 wpa_printf(MSG_DEBUG, "nl80211: Remain-on-channel cookie "
4895 "0x%llx for freq=%u MHz duration=%u",
4896 (long long unsigned int) cookie, freq, duration);
4897 drv->remain_on_chan_cookie = cookie;
4900 wpa_printf(MSG_DEBUG, "nl80211: Failed to request remain-on-channel "
4901 "(freq=%d): %d (%s)", freq, ret, strerror(-ret));
4907 static int wpa_driver_nl80211_cancel_remain_on_channel(void *priv)
4909 struct i802_bss *bss = priv;
4910 struct wpa_driver_nl80211_data *drv = bss->drv;
4914 if (!drv->pending_remain_on_chan) {
4915 wpa_printf(MSG_DEBUG, "nl80211: No pending remain-on-channel "
4920 wpa_printf(MSG_DEBUG, "nl80211: Cancel remain-on-channel with cookie "
4922 (long long unsigned int) drv->remain_on_chan_cookie);
4924 msg = nlmsg_alloc();
4928 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
4929 NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL, 0);
4931 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
4932 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, drv->remain_on_chan_cookie);
4934 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
4937 wpa_printf(MSG_DEBUG, "nl80211: Failed to cancel remain-on-channel: "
4938 "%d (%s)", ret, strerror(-ret));
4944 static void wpa_driver_nl80211_probe_req_report_timeout(void *eloop_ctx,
4947 struct wpa_driver_nl80211_data *drv = eloop_ctx;
4948 if (drv->monitor_ifidx < 0)
4949 return; /* monitor interface already removed */
4951 if (drv->nlmode != NL80211_IFTYPE_STATION)
4952 return; /* not in station mode anymore */
4954 if (drv->probe_req_report)
4955 return; /* reporting enabled */
4957 wpa_printf(MSG_DEBUG, "nl80211: Remove monitor interface due to no "
4958 "Probe Request reporting needed anymore");
4959 nl80211_remove_monitor_interface(drv);
4963 static int wpa_driver_nl80211_probe_req_report(void *priv, int report)
4965 struct i802_bss *bss = priv;
4966 struct wpa_driver_nl80211_data *drv = bss->drv;
4968 if (drv->nlmode != NL80211_IFTYPE_STATION) {
4969 wpa_printf(MSG_DEBUG, "nl80211: probe_req_report control only "
4970 "allowed in station mode (iftype=%d)",
4974 drv->probe_req_report = report;
4977 eloop_cancel_timeout(
4978 wpa_driver_nl80211_probe_req_report_timeout,
4980 if (drv->monitor_ifidx < 0 &&
4981 nl80211_create_monitor_interface(drv))
4985 * It takes a while to remove the monitor interface, so try to
4986 * avoid doing this if it is needed again shortly. Instead,
4987 * schedule the interface to be removed later if no need for it
4990 wpa_printf(MSG_DEBUG, "nl80211: Scheduling monitor interface "
4991 "to be removed after 10 seconds of no use");
4992 eloop_register_timeout(
4993 10, 0, wpa_driver_nl80211_probe_req_report_timeout,
5001 static int wpa_driver_nl80211_alloc_interface_addr(void *priv, u8 *addr,
5004 struct i802_bss *bss = priv;
5005 struct wpa_driver_nl80211_data *drv = bss->drv;
5010 if (linux_get_ifhwaddr(drv->ioctl_sock, bss->ifname, addr) < 0)
5013 if (addr[0] & 0x02) {
5014 /* TODO: add support for generating multiple addresses */
5017 addr[0] = 0x02; /* locally administered */
5023 static void wpa_driver_nl80211_release_interface_addr(void *priv,
5026 /* TODO: keep list of allocated address and release them here */
5030 static int nl80211_disable_11b_rates(struct wpa_driver_nl80211_data *drv,
5031 int ifindex, int disabled)
5034 struct nlattr *bands, *band;
5037 msg = nlmsg_alloc();
5041 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
5042 NL80211_CMD_SET_TX_BITRATE_MASK, 0);
5043 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifindex);
5045 bands = nla_nest_start(msg, NL80211_ATTR_TX_RATES);
5047 goto nla_put_failure;
5050 * Disable 2 GHz rates 1, 2, 5.5, 11 Mbps by masking out everything
5051 * else apart from 6, 9, 12, 18, 24, 36, 48, 54 Mbps from non-MCS
5052 * rates. All 5 GHz rates are left enabled.
5054 band = nla_nest_start(msg, NL80211_BAND_2GHZ);
5056 goto nla_put_failure;
5057 NLA_PUT(msg, NL80211_TXRATE_LEGACY, 8,
5058 "\x0c\x12\x18\x24\x30\x48\x60\x6c");
5059 nla_nest_end(msg, band);
5061 nla_nest_end(msg, bands);
5063 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
5066 wpa_printf(MSG_DEBUG, "nl80211: Set TX rates failed: ret=%d "
5067 "(%s)", ret, strerror(-ret));
5078 static int wpa_driver_nl80211_disable_11b_rates(void *priv, int disabled)
5080 struct i802_bss *bss = priv;
5081 struct wpa_driver_nl80211_data *drv = bss->drv;
5082 drv->disable_11b_rates = disabled;
5083 return nl80211_disable_11b_rates(drv, drv->ifindex, disabled);
5087 static int wpa_driver_nl80211_deinit_ap(void *priv)
5089 struct i802_bss *bss = priv;
5090 struct wpa_driver_nl80211_data *drv = bss->drv;
5091 if (drv->nlmode != NL80211_IFTYPE_AP)
5093 wpa_driver_nl80211_del_beacon(drv);
5094 return wpa_driver_nl80211_set_mode(priv, IEEE80211_MODE_INFRA);
5098 static void wpa_driver_nl80211_resume(void *priv)
5100 struct i802_bss *bss = priv;
5101 struct wpa_driver_nl80211_data *drv = bss->drv;
5102 if (linux_set_iface_flags(drv->ioctl_sock, bss->ifname, 1)) {
5103 wpa_printf(MSG_DEBUG, "nl80211: Failed to set interface up on "
5109 static int nl80211_send_ft_action(void *priv, u8 action, const u8 *target_ap,
5110 const u8 *ies, size_t ies_len)
5112 struct i802_bss *bss = priv;
5113 struct wpa_driver_nl80211_data *drv = bss->drv;
5117 u8 own_addr[ETH_ALEN];
5119 if (linux_get_ifhwaddr(drv->ioctl_sock, bss->ifname, own_addr) < 0)
5123 wpa_printf(MSG_ERROR, "nl80211: Unsupported send_ft_action "
5124 "action %d", action);
5129 * Action frame payload:
5130 * Category[1] = 6 (Fast BSS Transition)
5131 * Action[1] = 1 (Fast BSS Transition Request)
5137 data_len = 2 + 2 * ETH_ALEN + ies_len;
5138 data = os_malloc(data_len);
5142 *pos++ = 0x06; /* FT Action category */
5144 os_memcpy(pos, own_addr, ETH_ALEN);
5146 os_memcpy(pos, target_ap, ETH_ALEN);
5148 os_memcpy(pos, ies, ies_len);
5150 ret = wpa_driver_nl80211_send_action(bss, drv->assoc_freq, drv->bssid,
5151 own_addr, drv->bssid,
5159 const struct wpa_driver_ops wpa_driver_nl80211_ops = {
5161 .desc = "Linux nl80211/cfg80211",
5162 .get_bssid = wpa_driver_nl80211_get_bssid,
5163 .get_ssid = wpa_driver_nl80211_get_ssid,
5164 .set_key = wpa_driver_nl80211_set_key,
5165 .scan2 = wpa_driver_nl80211_scan,
5166 .get_scan_results2 = wpa_driver_nl80211_get_scan_results,
5167 .deauthenticate = wpa_driver_nl80211_deauthenticate,
5168 .disassociate = wpa_driver_nl80211_disassociate,
5169 .authenticate = wpa_driver_nl80211_authenticate,
5170 .associate = wpa_driver_nl80211_associate,
5171 .init = wpa_driver_nl80211_init,
5172 .deinit = wpa_driver_nl80211_deinit,
5173 .get_capa = wpa_driver_nl80211_get_capa,
5174 .set_operstate = wpa_driver_nl80211_set_operstate,
5175 .set_supp_port = wpa_driver_nl80211_set_supp_port,
5176 .set_country = wpa_driver_nl80211_set_country,
5177 .set_beacon = wpa_driver_nl80211_set_beacon,
5178 .if_add = wpa_driver_nl80211_if_add,
5179 .if_remove = wpa_driver_nl80211_if_remove,
5180 .send_mlme = wpa_driver_nl80211_send_mlme,
5181 .get_hw_feature_data = wpa_driver_nl80211_get_hw_feature_data,
5182 .sta_add = wpa_driver_nl80211_sta_add,
5183 .sta_remove = wpa_driver_nl80211_sta_remove,
5184 .hapd_send_eapol = wpa_driver_nl80211_hapd_send_eapol,
5185 .sta_set_flags = wpa_driver_nl80211_sta_set_flags,
5187 .hapd_init = i802_init,
5188 .hapd_deinit = i802_deinit,
5189 .get_seqnum = i802_get_seqnum,
5190 .flush = i802_flush,
5191 .read_sta_data = i802_read_sta_data,
5192 .sta_deauth = i802_sta_deauth,
5193 .sta_disassoc = i802_sta_disassoc,
5194 .get_inact_sec = i802_get_inact_sec,
5195 .sta_clear_stats = i802_sta_clear_stats,
5196 .set_freq = i802_set_freq,
5197 .set_rts = i802_set_rts,
5198 .set_frag = i802_set_frag,
5199 .set_rate_sets = i802_set_rate_sets,
5200 .set_cts_protect = i802_set_cts_protect,
5201 .set_preamble = i802_set_preamble,
5202 .set_short_slot_time = i802_set_short_slot_time,
5203 .set_tx_queue_params = i802_set_tx_queue_params,
5204 .set_sta_vlan = i802_set_sta_vlan,
5205 .set_wds_sta = i802_set_wds_sta,
5206 #endif /* HOSTAPD */
5207 .send_action = wpa_driver_nl80211_send_action,
5208 .remain_on_channel = wpa_driver_nl80211_remain_on_channel,
5209 .cancel_remain_on_channel =
5210 wpa_driver_nl80211_cancel_remain_on_channel,
5211 .probe_req_report = wpa_driver_nl80211_probe_req_report,
5212 .alloc_interface_addr = wpa_driver_nl80211_alloc_interface_addr,
5213 .release_interface_addr = wpa_driver_nl80211_release_interface_addr,
5214 .disable_11b_rates = wpa_driver_nl80211_disable_11b_rates,
5215 .deinit_ap = wpa_driver_nl80211_deinit_ap,
5216 .resume = wpa_driver_nl80211_resume,
5217 .send_ft_action = nl80211_send_ft_action,