2 * Driver interaction with Linux nl80211/cfg80211
3 * Copyright (c) 2002-2014, Jouni Malinen <j@w1.fi>
4 * Copyright (c) 2003-2004, Instant802 Networks, Inc.
5 * Copyright (c) 2005-2006, Devicescape Software, Inc.
6 * Copyright (c) 2007, Johannes Berg <johannes@sipsolutions.net>
7 * Copyright (c) 2009-2010, Atheros Communications
9 * This software may be distributed under the terms of the BSD license.
10 * See README for more details.
14 #include <sys/ioctl.h>
15 #include <sys/types.h>
19 #include <netlink/genl/genl.h>
20 #include <netlink/genl/family.h>
21 #include <netlink/genl/ctrl.h>
22 #include <linux/rtnetlink.h>
23 #include <netpacket/packet.h>
24 #include <linux/filter.h>
25 #include <linux/errqueue.h>
26 #include "nl80211_copy.h"
30 #include "utils/list.h"
31 #include "common/qca-vendor.h"
32 #include "common/qca-vendor-attr.h"
33 #include "common/ieee802_11_defs.h"
34 #include "common/ieee802_11_common.h"
35 #include "l2_packet/l2_packet.h"
37 #include "linux_ioctl.h"
39 #include "radiotap_iter.h"
43 #ifndef SO_WIFI_STATUS
44 # if defined(__sparc__)
45 # define SO_WIFI_STATUS 0x0025
46 # elif defined(__parisc__)
47 # define SO_WIFI_STATUS 0x4022
49 # define SO_WIFI_STATUS 41
52 # define SCM_WIFI_STATUS SO_WIFI_STATUS
55 #ifndef SO_EE_ORIGIN_TXSTATUS
56 #define SO_EE_ORIGIN_TXSTATUS 4
59 #ifndef PACKET_TX_TIMESTAMP
60 #define PACKET_TX_TIMESTAMP 16
64 #include "android_drv.h"
67 /* libnl 2.0 compatibility code */
68 #define nl_handle nl_sock
69 #define nl80211_handle_alloc nl_socket_alloc_cb
70 #define nl80211_handle_destroy nl_socket_free
73 * libnl 1.1 has a bug, it tries to allocate socket numbers densely
74 * but when you free a socket again it will mess up its bitmap and
75 * and use the wrong number the next time it needs a socket ID.
76 * Therefore, we wrap the handle alloc/destroy and add our own pid
79 static uint32_t port_bitmap[32] = { 0 };
81 static struct nl_handle *nl80211_handle_alloc(void *cb)
83 struct nl_handle *handle;
84 uint32_t pid = getpid() & 0x3FFFFF;
87 handle = nl_handle_alloc_cb(cb);
89 for (i = 0; i < 1024; i++) {
90 if (port_bitmap[i / 32] & (1 << (i % 32)))
92 port_bitmap[i / 32] |= 1 << (i % 32);
97 nl_socket_set_local_port(handle, pid);
102 static void nl80211_handle_destroy(struct nl_handle *handle)
104 uint32_t port = nl_socket_get_local_port(handle);
107 port_bitmap[port / 32] &= ~(1 << (port % 32));
109 nl_handle_destroy(handle);
111 #endif /* CONFIG_LIBNL20 */
115 /* system/core/libnl_2 does not include nl_socket_set_nonblocking() */
116 static int android_nl_socket_set_nonblocking(struct nl_handle *handle)
118 return fcntl(nl_socket_get_fd(handle), F_SETFL, O_NONBLOCK);
120 #undef nl_socket_set_nonblocking
121 #define nl_socket_set_nonblocking(h) android_nl_socket_set_nonblocking(h)
125 static struct nl_handle * nl_create_handle(struct nl_cb *cb, const char *dbg)
127 struct nl_handle *handle;
129 handle = nl80211_handle_alloc(cb);
130 if (handle == NULL) {
131 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate netlink "
132 "callbacks (%s)", dbg);
136 if (genl_connect(handle)) {
137 wpa_printf(MSG_ERROR, "nl80211: Failed to connect to generic "
138 "netlink (%s)", dbg);
139 nl80211_handle_destroy(handle);
147 static void nl_destroy_handles(struct nl_handle **handle)
151 nl80211_handle_destroy(*handle);
157 #define ELOOP_SOCKET_INVALID (intptr_t) 0x8888888888888889ULL
159 #define ELOOP_SOCKET_INVALID (intptr_t) 0x88888889ULL
162 static void nl80211_register_eloop_read(struct nl_handle **handle,
163 eloop_sock_handler handler,
166 nl_socket_set_nonblocking(*handle);
167 eloop_register_read_sock(nl_socket_get_fd(*handle), handler,
168 eloop_data, *handle);
169 *handle = (void *) (((intptr_t) *handle) ^ ELOOP_SOCKET_INVALID);
173 static void nl80211_destroy_eloop_handle(struct nl_handle **handle)
175 *handle = (void *) (((intptr_t) *handle) ^ ELOOP_SOCKET_INVALID);
176 eloop_unregister_read_sock(nl_socket_get_fd(*handle));
177 nl_destroy_handles(handle);
182 #define IFF_LOWER_UP 0x10000 /* driver signals L1 up */
185 #define IFF_DORMANT 0x20000 /* driver signals dormant */
188 #ifndef IF_OPER_DORMANT
189 #define IF_OPER_DORMANT 5
195 struct nl80211_global {
196 struct dl_list interfaces;
199 int if_add_wdevid_set;
200 struct netlink_data *netlink;
202 struct nl_handle *nl;
204 int ioctl_sock; /* socket for ioctl() use */
206 struct nl_handle *nl_event;
209 struct nl80211_wiphy_data {
214 struct nl_handle *nl_beacons;
220 static void nl80211_global_deinit(void *priv);
223 struct wpa_driver_nl80211_data *drv;
224 struct i802_bss *next;
227 char ifname[IFNAMSIZ + 1];
228 char brname[IFNAMSIZ];
229 unsigned int beacon_set:1;
230 unsigned int added_if_into_bridge:1;
231 unsigned int added_bridge:1;
232 unsigned int in_deinit:1;
233 unsigned int wdev_id_set:1;
234 unsigned int added_if:1;
243 struct nl_handle *nl_preq, *nl_mgmt;
246 struct nl80211_wiphy_data *wiphy_data;
247 struct dl_list wiphy_list;
250 struct wpa_driver_nl80211_data {
251 struct nl80211_global *global;
253 struct dl_list wiphy_list;
259 int ignore_if_down_event;
260 struct rfkill_data *rfkill;
261 struct wpa_driver_capa capa;
262 u8 *extended_capa, *extended_capa_mask;
263 unsigned int extended_capa_len;
268 int scan_complete_events;
270 NO_SCAN, SCAN_REQUESTED, SCAN_STARTED, SCAN_COMPLETED,
271 SCAN_ABORTED, SCHED_SCAN_STARTED, SCHED_SCAN_STOPPED,
277 u8 auth_bssid[ETH_ALEN];
278 u8 auth_attempt_bssid[ETH_ALEN];
280 u8 prev_bssid[ETH_ALEN];
284 enum nl80211_iftype nlmode;
285 enum nl80211_iftype ap_scan_as_station;
286 unsigned int assoc_freq;
290 int monitor_refcount;
292 unsigned int disabled_11b_rates:1;
293 unsigned int pending_remain_on_chan:1;
294 unsigned int in_interface_list:1;
295 unsigned int device_ap_sme:1;
296 unsigned int poll_command_supported:1;
297 unsigned int data_tx_status:1;
298 unsigned int scan_for_auth:1;
299 unsigned int retry_auth:1;
300 unsigned int use_monitor:1;
301 unsigned int ignore_next_local_disconnect:1;
302 unsigned int ignore_next_local_deauth:1;
303 unsigned int allow_p2p_device:1;
304 unsigned int hostapd:1;
305 unsigned int start_mode_ap:1;
306 unsigned int start_iface_up:1;
307 unsigned int test_use_roc_tx:1;
308 unsigned int ignore_deauth_event:1;
309 unsigned int dfs_vendor_cmd_avail:1;
310 unsigned int have_low_prio_scan:1;
312 u64 remain_on_chan_cookie;
313 u64 send_action_cookie;
315 unsigned int last_mgmt_freq;
317 struct wpa_driver_scan_filter *filter_ssids;
318 size_t num_filter_ssids;
320 struct i802_bss *first_bss;
324 int eapol_sock; /* socket for EAPOL frames */
326 int default_if_indices[16];
330 /* From failed authentication command */
332 u8 auth_bssid_[ETH_ALEN];
334 size_t auth_ssid_len;
338 u8 auth_wep_key[4][16];
339 size_t auth_wep_key_len[4];
340 int auth_wep_tx_keyidx;
341 int auth_local_state_change;
346 static void wpa_driver_nl80211_deinit(struct i802_bss *bss);
347 static void wpa_driver_nl80211_scan_timeout(void *eloop_ctx,
349 static int wpa_driver_nl80211_set_mode(struct i802_bss *bss,
350 enum nl80211_iftype nlmode);
351 static int wpa_driver_nl80211_set_mode_ibss(struct i802_bss *bss, int freq);
354 wpa_driver_nl80211_finish_drv_init(struct wpa_driver_nl80211_data *drv,
355 const u8 *set_addr, int first);
356 static int wpa_driver_nl80211_mlme(struct wpa_driver_nl80211_data *drv,
357 const u8 *addr, int cmd, u16 reason_code,
358 int local_state_change);
359 static void nl80211_remove_monitor_interface(
360 struct wpa_driver_nl80211_data *drv);
361 static int nl80211_send_frame_cmd(struct i802_bss *bss,
362 unsigned int freq, unsigned int wait,
363 const u8 *buf, size_t buf_len, u64 *cookie,
364 int no_cck, int no_ack, int offchanok);
365 static int nl80211_register_frame(struct i802_bss *bss,
366 struct nl_handle *hl_handle,
367 u16 type, const u8 *match, size_t match_len);
368 static int wpa_driver_nl80211_probe_req_report(struct i802_bss *bss,
371 static int android_pno_start(struct i802_bss *bss,
372 struct wpa_driver_scan_params *params);
373 static int android_pno_stop(struct i802_bss *bss);
374 extern int wpa_driver_nl80211_driver_cmd(void *priv, char *cmd, char *buf,
378 #ifdef ANDROID_P2P_STUB
379 int wpa_driver_set_p2p_noa(void *priv, u8 count, int start, int duration) {
382 int wpa_driver_get_p2p_noa(void *priv, u8 *buf, size_t len) {
385 int wpa_driver_set_p2p_ps(void *priv, int legacy_ps, int opp_ps, int ctwindow) {
388 int wpa_driver_set_ap_wps_p2p_ie(void *priv, const struct wpabuf *beacon,
389 const struct wpabuf *proberesp,
390 const struct wpabuf *assocresp) {
393 #else /* ANDROID_P2P_STUB */
394 int wpa_driver_set_p2p_noa(void *priv, u8 count, int start, int duration);
395 int wpa_driver_get_p2p_noa(void *priv, u8 *buf, size_t len);
396 int wpa_driver_set_p2p_ps(void *priv, int legacy_ps, int opp_ps, int ctwindow);
397 int wpa_driver_set_ap_wps_p2p_ie(void *priv, const struct wpabuf *beacon,
398 const struct wpabuf *proberesp,
399 const struct wpabuf *assocresp);
400 #endif /* ANDROID_P2P_STUB */
401 #endif /* ANDROID_P2P */
403 static void add_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx);
404 static void del_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx);
405 static int have_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx);
406 static int wpa_driver_nl80211_if_remove(struct i802_bss *bss,
407 enum wpa_driver_if_type type,
410 static int nl80211_set_channel(struct i802_bss *bss,
411 struct hostapd_freq_params *freq, int set_chan);
412 static int nl80211_disable_11b_rates(struct wpa_driver_nl80211_data *drv,
413 int ifindex, int disabled);
415 static int nl80211_leave_ibss(struct wpa_driver_nl80211_data *drv);
416 static int wpa_driver_nl80211_authenticate_retry(
417 struct wpa_driver_nl80211_data *drv);
419 static int i802_set_freq(void *priv, struct hostapd_freq_params *freq);
420 static int i802_set_iface_flags(struct i802_bss *bss, int up);
423 static const char * nl80211_command_to_string(enum nl80211_commands cmd)
425 #define C2S(x) case x: return #x;
427 C2S(NL80211_CMD_UNSPEC)
428 C2S(NL80211_CMD_GET_WIPHY)
429 C2S(NL80211_CMD_SET_WIPHY)
430 C2S(NL80211_CMD_NEW_WIPHY)
431 C2S(NL80211_CMD_DEL_WIPHY)
432 C2S(NL80211_CMD_GET_INTERFACE)
433 C2S(NL80211_CMD_SET_INTERFACE)
434 C2S(NL80211_CMD_NEW_INTERFACE)
435 C2S(NL80211_CMD_DEL_INTERFACE)
436 C2S(NL80211_CMD_GET_KEY)
437 C2S(NL80211_CMD_SET_KEY)
438 C2S(NL80211_CMD_NEW_KEY)
439 C2S(NL80211_CMD_DEL_KEY)
440 C2S(NL80211_CMD_GET_BEACON)
441 C2S(NL80211_CMD_SET_BEACON)
442 C2S(NL80211_CMD_START_AP)
443 C2S(NL80211_CMD_STOP_AP)
444 C2S(NL80211_CMD_GET_STATION)
445 C2S(NL80211_CMD_SET_STATION)
446 C2S(NL80211_CMD_NEW_STATION)
447 C2S(NL80211_CMD_DEL_STATION)
448 C2S(NL80211_CMD_GET_MPATH)
449 C2S(NL80211_CMD_SET_MPATH)
450 C2S(NL80211_CMD_NEW_MPATH)
451 C2S(NL80211_CMD_DEL_MPATH)
452 C2S(NL80211_CMD_SET_BSS)
453 C2S(NL80211_CMD_SET_REG)
454 C2S(NL80211_CMD_REQ_SET_REG)
455 C2S(NL80211_CMD_GET_MESH_CONFIG)
456 C2S(NL80211_CMD_SET_MESH_CONFIG)
457 C2S(NL80211_CMD_SET_MGMT_EXTRA_IE)
458 C2S(NL80211_CMD_GET_REG)
459 C2S(NL80211_CMD_GET_SCAN)
460 C2S(NL80211_CMD_TRIGGER_SCAN)
461 C2S(NL80211_CMD_NEW_SCAN_RESULTS)
462 C2S(NL80211_CMD_SCAN_ABORTED)
463 C2S(NL80211_CMD_REG_CHANGE)
464 C2S(NL80211_CMD_AUTHENTICATE)
465 C2S(NL80211_CMD_ASSOCIATE)
466 C2S(NL80211_CMD_DEAUTHENTICATE)
467 C2S(NL80211_CMD_DISASSOCIATE)
468 C2S(NL80211_CMD_MICHAEL_MIC_FAILURE)
469 C2S(NL80211_CMD_REG_BEACON_HINT)
470 C2S(NL80211_CMD_JOIN_IBSS)
471 C2S(NL80211_CMD_LEAVE_IBSS)
472 C2S(NL80211_CMD_TESTMODE)
473 C2S(NL80211_CMD_CONNECT)
474 C2S(NL80211_CMD_ROAM)
475 C2S(NL80211_CMD_DISCONNECT)
476 C2S(NL80211_CMD_SET_WIPHY_NETNS)
477 C2S(NL80211_CMD_GET_SURVEY)
478 C2S(NL80211_CMD_NEW_SURVEY_RESULTS)
479 C2S(NL80211_CMD_SET_PMKSA)
480 C2S(NL80211_CMD_DEL_PMKSA)
481 C2S(NL80211_CMD_FLUSH_PMKSA)
482 C2S(NL80211_CMD_REMAIN_ON_CHANNEL)
483 C2S(NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL)
484 C2S(NL80211_CMD_SET_TX_BITRATE_MASK)
485 C2S(NL80211_CMD_REGISTER_FRAME)
486 C2S(NL80211_CMD_FRAME)
487 C2S(NL80211_CMD_FRAME_TX_STATUS)
488 C2S(NL80211_CMD_SET_POWER_SAVE)
489 C2S(NL80211_CMD_GET_POWER_SAVE)
490 C2S(NL80211_CMD_SET_CQM)
491 C2S(NL80211_CMD_NOTIFY_CQM)
492 C2S(NL80211_CMD_SET_CHANNEL)
493 C2S(NL80211_CMD_SET_WDS_PEER)
494 C2S(NL80211_CMD_FRAME_WAIT_CANCEL)
495 C2S(NL80211_CMD_JOIN_MESH)
496 C2S(NL80211_CMD_LEAVE_MESH)
497 C2S(NL80211_CMD_UNPROT_DEAUTHENTICATE)
498 C2S(NL80211_CMD_UNPROT_DISASSOCIATE)
499 C2S(NL80211_CMD_NEW_PEER_CANDIDATE)
500 C2S(NL80211_CMD_GET_WOWLAN)
501 C2S(NL80211_CMD_SET_WOWLAN)
502 C2S(NL80211_CMD_START_SCHED_SCAN)
503 C2S(NL80211_CMD_STOP_SCHED_SCAN)
504 C2S(NL80211_CMD_SCHED_SCAN_RESULTS)
505 C2S(NL80211_CMD_SCHED_SCAN_STOPPED)
506 C2S(NL80211_CMD_SET_REKEY_OFFLOAD)
507 C2S(NL80211_CMD_PMKSA_CANDIDATE)
508 C2S(NL80211_CMD_TDLS_OPER)
509 C2S(NL80211_CMD_TDLS_MGMT)
510 C2S(NL80211_CMD_UNEXPECTED_FRAME)
511 C2S(NL80211_CMD_PROBE_CLIENT)
512 C2S(NL80211_CMD_REGISTER_BEACONS)
513 C2S(NL80211_CMD_UNEXPECTED_4ADDR_FRAME)
514 C2S(NL80211_CMD_SET_NOACK_MAP)
515 C2S(NL80211_CMD_CH_SWITCH_NOTIFY)
516 C2S(NL80211_CMD_START_P2P_DEVICE)
517 C2S(NL80211_CMD_STOP_P2P_DEVICE)
518 C2S(NL80211_CMD_CONN_FAILED)
519 C2S(NL80211_CMD_SET_MCAST_RATE)
520 C2S(NL80211_CMD_SET_MAC_ACL)
521 C2S(NL80211_CMD_RADAR_DETECT)
522 C2S(NL80211_CMD_GET_PROTOCOL_FEATURES)
523 C2S(NL80211_CMD_UPDATE_FT_IES)
524 C2S(NL80211_CMD_FT_EVENT)
525 C2S(NL80211_CMD_CRIT_PROTOCOL_START)
526 C2S(NL80211_CMD_CRIT_PROTOCOL_STOP)
527 C2S(NL80211_CMD_GET_COALESCE)
528 C2S(NL80211_CMD_SET_COALESCE)
529 C2S(NL80211_CMD_CHANNEL_SWITCH)
530 C2S(NL80211_CMD_VENDOR)
531 C2S(NL80211_CMD_SET_QOS_MAP)
533 return "NL80211_CMD_UNKNOWN";
539 /* Converts nl80211_chan_width to a common format */
540 static enum chan_width convert2width(int width)
543 case NL80211_CHAN_WIDTH_20_NOHT:
544 return CHAN_WIDTH_20_NOHT;
545 case NL80211_CHAN_WIDTH_20:
546 return CHAN_WIDTH_20;
547 case NL80211_CHAN_WIDTH_40:
548 return CHAN_WIDTH_40;
549 case NL80211_CHAN_WIDTH_80:
550 return CHAN_WIDTH_80;
551 case NL80211_CHAN_WIDTH_80P80:
552 return CHAN_WIDTH_80P80;
553 case NL80211_CHAN_WIDTH_160:
554 return CHAN_WIDTH_160;
556 return CHAN_WIDTH_UNKNOWN;
560 static int is_ap_interface(enum nl80211_iftype nlmode)
562 return nlmode == NL80211_IFTYPE_AP ||
563 nlmode == NL80211_IFTYPE_P2P_GO;
567 static int is_sta_interface(enum nl80211_iftype nlmode)
569 return nlmode == NL80211_IFTYPE_STATION ||
570 nlmode == NL80211_IFTYPE_P2P_CLIENT;
574 static int is_p2p_net_interface(enum nl80211_iftype nlmode)
576 return nlmode == NL80211_IFTYPE_P2P_CLIENT ||
577 nlmode == NL80211_IFTYPE_P2P_GO;
581 static void nl80211_mark_disconnected(struct wpa_driver_nl80211_data *drv)
584 os_memcpy(drv->prev_bssid, drv->bssid, ETH_ALEN);
586 os_memset(drv->bssid, 0, ETH_ALEN);
590 struct nl80211_bss_info_arg {
591 struct wpa_driver_nl80211_data *drv;
592 struct wpa_scan_results *res;
593 unsigned int assoc_freq;
594 unsigned int ibss_freq;
595 u8 assoc_bssid[ETH_ALEN];
598 static int bss_info_handler(struct nl_msg *msg, void *arg);
602 static int ack_handler(struct nl_msg *msg, void *arg)
609 static int finish_handler(struct nl_msg *msg, void *arg)
616 static int error_handler(struct sockaddr_nl *nla, struct nlmsgerr *err,
625 static int no_seq_check(struct nl_msg *msg, void *arg)
631 static int send_and_recv(struct nl80211_global *global,
632 struct nl_handle *nl_handle, struct nl_msg *msg,
633 int (*valid_handler)(struct nl_msg *, void *),
639 cb = nl_cb_clone(global->nl_cb);
643 err = nl_send_auto_complete(nl_handle, msg);
649 nl_cb_err(cb, NL_CB_CUSTOM, error_handler, &err);
650 nl_cb_set(cb, NL_CB_FINISH, NL_CB_CUSTOM, finish_handler, &err);
651 nl_cb_set(cb, NL_CB_ACK, NL_CB_CUSTOM, ack_handler, &err);
654 nl_cb_set(cb, NL_CB_VALID, NL_CB_CUSTOM,
655 valid_handler, valid_data);
658 int res = nl_recvmsgs(nl_handle, cb);
661 "nl80211: %s->nl_recvmsgs failed: %d",
672 static int send_and_recv_msgs_global(struct nl80211_global *global,
674 int (*valid_handler)(struct nl_msg *, void *),
677 return send_and_recv(global, global->nl, msg, valid_handler,
682 static int send_and_recv_msgs(struct wpa_driver_nl80211_data *drv,
684 int (*valid_handler)(struct nl_msg *, void *),
687 return send_and_recv(drv->global, drv->global->nl, msg,
688 valid_handler, valid_data);
698 static int nl80211_set_iface_id(struct nl_msg *msg, struct i802_bss *bss)
700 if (bss->wdev_id_set)
701 NLA_PUT_U64(msg, NL80211_ATTR_WDEV, bss->wdev_id);
703 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, bss->ifindex);
711 static int family_handler(struct nl_msg *msg, void *arg)
713 struct family_data *res = arg;
714 struct nlattr *tb[CTRL_ATTR_MAX + 1];
715 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
716 struct nlattr *mcgrp;
719 nla_parse(tb, CTRL_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
720 genlmsg_attrlen(gnlh, 0), NULL);
721 if (!tb[CTRL_ATTR_MCAST_GROUPS])
724 nla_for_each_nested(mcgrp, tb[CTRL_ATTR_MCAST_GROUPS], i) {
725 struct nlattr *tb2[CTRL_ATTR_MCAST_GRP_MAX + 1];
726 nla_parse(tb2, CTRL_ATTR_MCAST_GRP_MAX, nla_data(mcgrp),
727 nla_len(mcgrp), NULL);
728 if (!tb2[CTRL_ATTR_MCAST_GRP_NAME] ||
729 !tb2[CTRL_ATTR_MCAST_GRP_ID] ||
730 os_strncmp(nla_data(tb2[CTRL_ATTR_MCAST_GRP_NAME]),
732 nla_len(tb2[CTRL_ATTR_MCAST_GRP_NAME])) != 0)
734 res->id = nla_get_u32(tb2[CTRL_ATTR_MCAST_GRP_ID]);
742 static int nl_get_multicast_id(struct nl80211_global *global,
743 const char *family, const char *group)
747 struct family_data res = { group, -ENOENT };
752 genlmsg_put(msg, 0, 0, genl_ctrl_resolve(global->nl, "nlctrl"),
753 0, 0, CTRL_CMD_GETFAMILY, 0);
754 NLA_PUT_STRING(msg, CTRL_ATTR_FAMILY_NAME, family);
756 ret = send_and_recv_msgs_global(global, msg, family_handler, &res);
767 static void * nl80211_cmd(struct wpa_driver_nl80211_data *drv,
768 struct nl_msg *msg, int flags, uint8_t cmd)
770 return genlmsg_put(msg, 0, 0, drv->global->nl80211_id,
775 struct wiphy_idx_data {
777 enum nl80211_iftype nlmode;
782 static int netdev_info_handler(struct nl_msg *msg, void *arg)
784 struct nlattr *tb[NL80211_ATTR_MAX + 1];
785 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
786 struct wiphy_idx_data *info = arg;
788 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
789 genlmsg_attrlen(gnlh, 0), NULL);
791 if (tb[NL80211_ATTR_WIPHY])
792 info->wiphy_idx = nla_get_u32(tb[NL80211_ATTR_WIPHY]);
794 if (tb[NL80211_ATTR_IFTYPE])
795 info->nlmode = nla_get_u32(tb[NL80211_ATTR_IFTYPE]);
797 if (tb[NL80211_ATTR_MAC] && info->macaddr)
798 os_memcpy(info->macaddr, nla_data(tb[NL80211_ATTR_MAC]),
805 static int nl80211_get_wiphy_index(struct i802_bss *bss)
808 struct wiphy_idx_data data = {
815 return NL80211_IFTYPE_UNSPECIFIED;
817 nl80211_cmd(bss->drv, msg, 0, NL80211_CMD_GET_INTERFACE);
819 if (nl80211_set_iface_id(msg, bss) < 0)
820 goto nla_put_failure;
822 if (send_and_recv_msgs(bss->drv, msg, netdev_info_handler, &data) == 0)
823 return data.wiphy_idx;
831 static enum nl80211_iftype nl80211_get_ifmode(struct i802_bss *bss)
834 struct wiphy_idx_data data = {
835 .nlmode = NL80211_IFTYPE_UNSPECIFIED,
843 nl80211_cmd(bss->drv, msg, 0, NL80211_CMD_GET_INTERFACE);
845 if (nl80211_set_iface_id(msg, bss) < 0)
846 goto nla_put_failure;
848 if (send_and_recv_msgs(bss->drv, msg, netdev_info_handler, &data) == 0)
853 return NL80211_IFTYPE_UNSPECIFIED;
857 static int nl80211_get_macaddr(struct i802_bss *bss)
860 struct wiphy_idx_data data = {
861 .macaddr = bss->addr,
866 return NL80211_IFTYPE_UNSPECIFIED;
868 nl80211_cmd(bss->drv, msg, 0, NL80211_CMD_GET_INTERFACE);
869 if (nl80211_set_iface_id(msg, bss) < 0)
870 goto nla_put_failure;
872 return send_and_recv_msgs(bss->drv, msg, netdev_info_handler, &data);
876 return NL80211_IFTYPE_UNSPECIFIED;
880 static int nl80211_register_beacons(struct wpa_driver_nl80211_data *drv,
881 struct nl80211_wiphy_data *w)
890 nl80211_cmd(drv, msg, 0, NL80211_CMD_REGISTER_BEACONS);
892 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, w->wiphy_idx);
894 ret = send_and_recv(drv->global, w->nl_beacons, msg, NULL, NULL);
897 wpa_printf(MSG_DEBUG, "nl80211: Register beacons command "
898 "failed: ret=%d (%s)",
899 ret, strerror(-ret));
900 goto nla_put_failure;
909 static void nl80211_recv_beacons(int sock, void *eloop_ctx, void *handle)
911 struct nl80211_wiphy_data *w = eloop_ctx;
914 wpa_printf(MSG_EXCESSIVE, "nl80211: Beacon event message available");
916 res = nl_recvmsgs(handle, w->nl_cb);
918 wpa_printf(MSG_INFO, "nl80211: %s->nl_recvmsgs failed: %d",
924 static int process_beacon_event(struct nl_msg *msg, void *arg)
926 struct nl80211_wiphy_data *w = arg;
927 struct wpa_driver_nl80211_data *drv;
928 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
929 struct nlattr *tb[NL80211_ATTR_MAX + 1];
930 union wpa_event_data event;
932 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
933 genlmsg_attrlen(gnlh, 0), NULL);
935 if (gnlh->cmd != NL80211_CMD_FRAME) {
936 wpa_printf(MSG_DEBUG, "nl80211: Unexpected beacon event? (%d)",
941 if (!tb[NL80211_ATTR_FRAME])
944 dl_list_for_each(drv, &w->drvs, struct wpa_driver_nl80211_data,
946 os_memset(&event, 0, sizeof(event));
947 event.rx_mgmt.frame = nla_data(tb[NL80211_ATTR_FRAME]);
948 event.rx_mgmt.frame_len = nla_len(tb[NL80211_ATTR_FRAME]);
949 wpa_supplicant_event(drv->ctx, EVENT_RX_MGMT, &event);
956 static struct nl80211_wiphy_data *
957 nl80211_get_wiphy_data_ap(struct i802_bss *bss)
959 static DEFINE_DL_LIST(nl80211_wiphys);
960 struct nl80211_wiphy_data *w;
961 int wiphy_idx, found = 0;
962 struct i802_bss *tmp_bss;
964 if (bss->wiphy_data != NULL)
965 return bss->wiphy_data;
967 wiphy_idx = nl80211_get_wiphy_index(bss);
969 dl_list_for_each(w, &nl80211_wiphys, struct nl80211_wiphy_data, list) {
970 if (w->wiphy_idx == wiphy_idx)
975 w = os_zalloc(sizeof(*w));
978 w->wiphy_idx = wiphy_idx;
979 dl_list_init(&w->bsss);
980 dl_list_init(&w->drvs);
982 w->nl_cb = nl_cb_alloc(NL_CB_DEFAULT);
987 nl_cb_set(w->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM, no_seq_check, NULL);
988 nl_cb_set(w->nl_cb, NL_CB_VALID, NL_CB_CUSTOM, process_beacon_event,
991 w->nl_beacons = nl_create_handle(bss->drv->global->nl_cb,
993 if (w->nl_beacons == NULL) {
998 if (nl80211_register_beacons(bss->drv, w)) {
999 nl_destroy_handles(&w->nl_beacons);
1004 nl80211_register_eloop_read(&w->nl_beacons, nl80211_recv_beacons, w);
1006 dl_list_add(&nl80211_wiphys, &w->list);
1009 /* drv entry for this bss already there? */
1010 dl_list_for_each(tmp_bss, &w->bsss, struct i802_bss, wiphy_list) {
1011 if (tmp_bss->drv == bss->drv) {
1018 dl_list_add(&w->drvs, &bss->drv->wiphy_list);
1020 dl_list_add(&w->bsss, &bss->wiphy_list);
1021 bss->wiphy_data = w;
1026 static void nl80211_put_wiphy_data_ap(struct i802_bss *bss)
1028 struct nl80211_wiphy_data *w = bss->wiphy_data;
1029 struct i802_bss *tmp_bss;
1034 bss->wiphy_data = NULL;
1035 dl_list_del(&bss->wiphy_list);
1037 /* still any for this drv present? */
1038 dl_list_for_each(tmp_bss, &w->bsss, struct i802_bss, wiphy_list) {
1039 if (tmp_bss->drv == bss->drv) {
1044 /* if not remove it */
1046 dl_list_del(&bss->drv->wiphy_list);
1048 if (!dl_list_empty(&w->bsss))
1051 nl80211_destroy_eloop_handle(&w->nl_beacons);
1053 nl_cb_put(w->nl_cb);
1054 dl_list_del(&w->list);
1059 static int wpa_driver_nl80211_get_bssid(void *priv, u8 *bssid)
1061 struct i802_bss *bss = priv;
1062 struct wpa_driver_nl80211_data *drv = bss->drv;
1063 if (!drv->associated)
1065 os_memcpy(bssid, drv->bssid, ETH_ALEN);
1070 static int wpa_driver_nl80211_get_ssid(void *priv, u8 *ssid)
1072 struct i802_bss *bss = priv;
1073 struct wpa_driver_nl80211_data *drv = bss->drv;
1074 if (!drv->associated)
1076 os_memcpy(ssid, drv->ssid, drv->ssid_len);
1077 return drv->ssid_len;
1081 static void wpa_driver_nl80211_event_newlink(
1082 struct wpa_driver_nl80211_data *drv, char *ifname)
1084 union wpa_event_data event;
1086 if (os_strcmp(drv->first_bss->ifname, ifname) == 0) {
1087 if (if_nametoindex(drv->first_bss->ifname) == 0) {
1088 wpa_printf(MSG_DEBUG, "nl80211: Interface %s does not exist - ignore RTM_NEWLINK",
1089 drv->first_bss->ifname);
1092 if (!drv->if_removed)
1094 wpa_printf(MSG_DEBUG, "nl80211: Mark if_removed=0 for %s based on RTM_NEWLINK event",
1095 drv->first_bss->ifname);
1096 drv->if_removed = 0;
1099 os_memset(&event, 0, sizeof(event));
1100 os_strlcpy(event.interface_status.ifname, ifname,
1101 sizeof(event.interface_status.ifname));
1102 event.interface_status.ievent = EVENT_INTERFACE_ADDED;
1103 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_STATUS, &event);
1107 static void wpa_driver_nl80211_event_dellink(
1108 struct wpa_driver_nl80211_data *drv, char *ifname)
1110 union wpa_event_data event;
1112 if (os_strcmp(drv->first_bss->ifname, ifname) == 0) {
1113 if (drv->if_removed) {
1114 wpa_printf(MSG_DEBUG, "nl80211: if_removed already set - ignore RTM_DELLINK event for %s",
1118 wpa_printf(MSG_DEBUG, "RTM_DELLINK: Interface '%s' removed - mark if_removed=1",
1120 drv->if_removed = 1;
1122 wpa_printf(MSG_DEBUG, "RTM_DELLINK: Interface '%s' removed",
1126 os_memset(&event, 0, sizeof(event));
1127 os_strlcpy(event.interface_status.ifname, ifname,
1128 sizeof(event.interface_status.ifname));
1129 event.interface_status.ievent = EVENT_INTERFACE_REMOVED;
1130 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_STATUS, &event);
1134 static int wpa_driver_nl80211_own_ifname(struct wpa_driver_nl80211_data *drv,
1135 u8 *buf, size_t len)
1137 int attrlen, rta_len;
1138 struct rtattr *attr;
1141 attr = (struct rtattr *) buf;
1143 rta_len = RTA_ALIGN(sizeof(struct rtattr));
1144 while (RTA_OK(attr, attrlen)) {
1145 if (attr->rta_type == IFLA_IFNAME) {
1146 if (os_strcmp(((char *) attr) + rta_len,
1147 drv->first_bss->ifname) == 0)
1152 attr = RTA_NEXT(attr, attrlen);
1159 static int wpa_driver_nl80211_own_ifindex(struct wpa_driver_nl80211_data *drv,
1160 int ifindex, u8 *buf, size_t len)
1162 if (drv->ifindex == ifindex)
1165 if (drv->if_removed && wpa_driver_nl80211_own_ifname(drv, buf, len)) {
1166 wpa_printf(MSG_DEBUG, "nl80211: Update ifindex for a removed "
1168 wpa_driver_nl80211_finish_drv_init(drv, NULL, 0);
1176 static struct wpa_driver_nl80211_data *
1177 nl80211_find_drv(struct nl80211_global *global, int idx, u8 *buf, size_t len)
1179 struct wpa_driver_nl80211_data *drv;
1180 dl_list_for_each(drv, &global->interfaces,
1181 struct wpa_driver_nl80211_data, list) {
1182 if (wpa_driver_nl80211_own_ifindex(drv, idx, buf, len) ||
1183 have_ifidx(drv, idx))
1190 static void wpa_driver_nl80211_event_rtm_newlink(void *ctx,
1191 struct ifinfomsg *ifi,
1192 u8 *buf, size_t len)
1194 struct nl80211_global *global = ctx;
1195 struct wpa_driver_nl80211_data *drv;
1197 struct rtattr *attr;
1199 char namebuf[IFNAMSIZ];
1200 char ifname[IFNAMSIZ + 1];
1201 char extra[100], *pos, *end;
1203 drv = nl80211_find_drv(global, ifi->ifi_index, buf, len);
1205 wpa_printf(MSG_DEBUG, "nl80211: Ignore RTM_NEWLINK event for foreign ifindex %d",
1212 end = pos + sizeof(extra);
1216 attr = (struct rtattr *) buf;
1217 while (RTA_OK(attr, attrlen)) {
1218 switch (attr->rta_type) {
1220 if (RTA_PAYLOAD(attr) >= IFNAMSIZ)
1222 os_memcpy(ifname, RTA_DATA(attr), RTA_PAYLOAD(attr));
1223 ifname[RTA_PAYLOAD(attr)] = '\0';
1226 brid = nla_get_u32((struct nlattr *) attr);
1227 pos += os_snprintf(pos, end - pos, " master=%u", brid);
1230 pos += os_snprintf(pos, end - pos, " wext");
1232 case IFLA_OPERSTATE:
1233 pos += os_snprintf(pos, end - pos, " operstate=%u",
1234 nla_get_u32((struct nlattr *) attr));
1237 pos += os_snprintf(pos, end - pos, " linkmode=%u",
1238 nla_get_u32((struct nlattr *) attr));
1241 attr = RTA_NEXT(attr, attrlen);
1243 extra[sizeof(extra) - 1] = '\0';
1245 wpa_printf(MSG_DEBUG, "RTM_NEWLINK: ifi_index=%d ifname=%s%s ifi_flags=0x%x (%s%s%s%s)",
1246 ifi->ifi_index, ifname, extra, ifi->ifi_flags,
1247 (ifi->ifi_flags & IFF_UP) ? "[UP]" : "",
1248 (ifi->ifi_flags & IFF_RUNNING) ? "[RUNNING]" : "",
1249 (ifi->ifi_flags & IFF_LOWER_UP) ? "[LOWER_UP]" : "",
1250 (ifi->ifi_flags & IFF_DORMANT) ? "[DORMANT]" : "");
1252 if (!drv->if_disabled && !(ifi->ifi_flags & IFF_UP)) {
1253 if (if_indextoname(ifi->ifi_index, namebuf) &&
1254 linux_iface_up(drv->global->ioctl_sock,
1255 drv->first_bss->ifname) > 0) {
1256 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface down "
1257 "event since interface %s is up", namebuf);
1260 wpa_printf(MSG_DEBUG, "nl80211: Interface down");
1261 if (drv->ignore_if_down_event) {
1262 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface down "
1263 "event generated by mode change");
1264 drv->ignore_if_down_event = 0;
1266 drv->if_disabled = 1;
1267 wpa_supplicant_event(drv->ctx,
1268 EVENT_INTERFACE_DISABLED, NULL);
1271 * Try to get drv again, since it may be removed as
1272 * part of the EVENT_INTERFACE_DISABLED handling for
1273 * dynamic interfaces
1275 drv = nl80211_find_drv(global, ifi->ifi_index,
1282 if (drv->if_disabled && (ifi->ifi_flags & IFF_UP)) {
1283 if (if_indextoname(ifi->ifi_index, namebuf) &&
1284 linux_iface_up(drv->global->ioctl_sock,
1285 drv->first_bss->ifname) == 0) {
1286 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface up "
1287 "event since interface %s is down",
1289 } else if (if_nametoindex(drv->first_bss->ifname) == 0) {
1290 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface up "
1291 "event since interface %s does not exist",
1292 drv->first_bss->ifname);
1293 } else if (drv->if_removed) {
1294 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface up "
1295 "event since interface %s is marked "
1296 "removed", drv->first_bss->ifname);
1298 wpa_printf(MSG_DEBUG, "nl80211: Interface up");
1299 drv->if_disabled = 0;
1300 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_ENABLED,
1306 * Some drivers send the association event before the operup event--in
1307 * this case, lifting operstate in wpa_driver_nl80211_set_operstate()
1308 * fails. This will hit us when wpa_supplicant does not need to do
1309 * IEEE 802.1X authentication
1311 if (drv->operstate == 1 &&
1312 (ifi->ifi_flags & (IFF_LOWER_UP | IFF_DORMANT)) == IFF_LOWER_UP &&
1313 !(ifi->ifi_flags & IFF_RUNNING)) {
1314 wpa_printf(MSG_DEBUG, "nl80211: Set IF_OPER_UP again based on ifi_flags and expected operstate");
1315 netlink_send_oper_ifla(drv->global->netlink, drv->ifindex,
1320 wpa_driver_nl80211_event_newlink(drv, ifname);
1322 if (ifi->ifi_family == AF_BRIDGE && brid) {
1323 /* device has been added to bridge */
1324 if_indextoname(brid, namebuf);
1325 wpa_printf(MSG_DEBUG, "nl80211: Add ifindex %u for bridge %s",
1327 add_ifidx(drv, brid);
1332 static void wpa_driver_nl80211_event_rtm_dellink(void *ctx,
1333 struct ifinfomsg *ifi,
1334 u8 *buf, size_t len)
1336 struct nl80211_global *global = ctx;
1337 struct wpa_driver_nl80211_data *drv;
1339 struct rtattr *attr;
1341 char ifname[IFNAMSIZ + 1];
1343 drv = nl80211_find_drv(global, ifi->ifi_index, buf, len);
1345 wpa_printf(MSG_DEBUG, "nl80211: Ignore RTM_DELLINK event for foreign ifindex %d",
1353 attr = (struct rtattr *) buf;
1354 while (RTA_OK(attr, attrlen)) {
1355 switch (attr->rta_type) {
1357 if (RTA_PAYLOAD(attr) >= IFNAMSIZ)
1359 os_memcpy(ifname, RTA_DATA(attr), RTA_PAYLOAD(attr));
1360 ifname[RTA_PAYLOAD(attr)] = '\0';
1363 brid = nla_get_u32((struct nlattr *) attr);
1366 attr = RTA_NEXT(attr, attrlen);
1370 wpa_driver_nl80211_event_dellink(drv, ifname);
1372 if (ifi->ifi_family == AF_BRIDGE && brid) {
1373 /* device has been removed from bridge */
1374 char namebuf[IFNAMSIZ];
1375 if_indextoname(brid, namebuf);
1376 wpa_printf(MSG_DEBUG, "nl80211: Remove ifindex %u for bridge "
1377 "%s", brid, namebuf);
1378 del_ifidx(drv, brid);
1383 static void mlme_event_auth(struct wpa_driver_nl80211_data *drv,
1384 const u8 *frame, size_t len)
1386 const struct ieee80211_mgmt *mgmt;
1387 union wpa_event_data event;
1389 wpa_printf(MSG_DEBUG, "nl80211: Authenticate event");
1390 mgmt = (const struct ieee80211_mgmt *) frame;
1391 if (len < 24 + sizeof(mgmt->u.auth)) {
1392 wpa_printf(MSG_DEBUG, "nl80211: Too short association event "
1397 os_memcpy(drv->auth_bssid, mgmt->sa, ETH_ALEN);
1398 os_memset(drv->auth_attempt_bssid, 0, ETH_ALEN);
1399 os_memset(&event, 0, sizeof(event));
1400 os_memcpy(event.auth.peer, mgmt->sa, ETH_ALEN);
1401 event.auth.auth_type = le_to_host16(mgmt->u.auth.auth_alg);
1402 event.auth.auth_transaction =
1403 le_to_host16(mgmt->u.auth.auth_transaction);
1404 event.auth.status_code = le_to_host16(mgmt->u.auth.status_code);
1405 if (len > 24 + sizeof(mgmt->u.auth)) {
1406 event.auth.ies = mgmt->u.auth.variable;
1407 event.auth.ies_len = len - 24 - sizeof(mgmt->u.auth);
1410 wpa_supplicant_event(drv->ctx, EVENT_AUTH, &event);
1414 static unsigned int nl80211_get_assoc_freq(struct wpa_driver_nl80211_data *drv)
1418 struct nl80211_bss_info_arg arg;
1420 os_memset(&arg, 0, sizeof(arg));
1421 msg = nlmsg_alloc();
1423 goto nla_put_failure;
1425 nl80211_cmd(drv, msg, NLM_F_DUMP, NL80211_CMD_GET_SCAN);
1426 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
1429 ret = send_and_recv_msgs(drv, msg, bss_info_handler, &arg);
1432 unsigned int freq = drv->nlmode == NL80211_IFTYPE_ADHOC ?
1433 arg.ibss_freq : arg.assoc_freq;
1434 wpa_printf(MSG_DEBUG, "nl80211: Operating frequency for the "
1435 "associated BSS from scan results: %u MHz", freq);
1437 drv->assoc_freq = freq;
1438 return drv->assoc_freq;
1440 wpa_printf(MSG_DEBUG, "nl80211: Scan result fetch failed: ret=%d "
1441 "(%s)", ret, strerror(-ret));
1444 return drv->assoc_freq;
1448 static void mlme_event_assoc(struct wpa_driver_nl80211_data *drv,
1449 const u8 *frame, size_t len)
1451 const struct ieee80211_mgmt *mgmt;
1452 union wpa_event_data event;
1455 wpa_printf(MSG_DEBUG, "nl80211: Associate event");
1456 mgmt = (const struct ieee80211_mgmt *) frame;
1457 if (len < 24 + sizeof(mgmt->u.assoc_resp)) {
1458 wpa_printf(MSG_DEBUG, "nl80211: Too short association event "
1463 status = le_to_host16(mgmt->u.assoc_resp.status_code);
1464 if (status != WLAN_STATUS_SUCCESS) {
1465 os_memset(&event, 0, sizeof(event));
1466 event.assoc_reject.bssid = mgmt->bssid;
1467 if (len > 24 + sizeof(mgmt->u.assoc_resp)) {
1468 event.assoc_reject.resp_ies =
1469 (u8 *) mgmt->u.assoc_resp.variable;
1470 event.assoc_reject.resp_ies_len =
1471 len - 24 - sizeof(mgmt->u.assoc_resp);
1473 event.assoc_reject.status_code = status;
1475 wpa_supplicant_event(drv->ctx, EVENT_ASSOC_REJECT, &event);
1479 drv->associated = 1;
1480 os_memcpy(drv->bssid, mgmt->sa, ETH_ALEN);
1481 os_memcpy(drv->prev_bssid, mgmt->sa, ETH_ALEN);
1483 os_memset(&event, 0, sizeof(event));
1484 if (len > 24 + sizeof(mgmt->u.assoc_resp)) {
1485 event.assoc_info.resp_ies = (u8 *) mgmt->u.assoc_resp.variable;
1486 event.assoc_info.resp_ies_len =
1487 len - 24 - sizeof(mgmt->u.assoc_resp);
1490 event.assoc_info.freq = drv->assoc_freq;
1492 wpa_supplicant_event(drv->ctx, EVENT_ASSOC, &event);
1496 static void mlme_event_connect(struct wpa_driver_nl80211_data *drv,
1497 enum nl80211_commands cmd, struct nlattr *status,
1498 struct nlattr *addr, struct nlattr *req_ie,
1499 struct nlattr *resp_ie)
1501 union wpa_event_data event;
1503 if (drv->capa.flags & WPA_DRIVER_FLAGS_SME) {
1505 * Avoid reporting two association events that would confuse
1508 wpa_printf(MSG_DEBUG, "nl80211: Ignore connect event (cmd=%d) "
1509 "when using userspace SME", cmd);
1513 if (cmd == NL80211_CMD_CONNECT)
1514 wpa_printf(MSG_DEBUG, "nl80211: Connect event");
1515 else if (cmd == NL80211_CMD_ROAM)
1516 wpa_printf(MSG_DEBUG, "nl80211: Roam event");
1518 os_memset(&event, 0, sizeof(event));
1519 if (cmd == NL80211_CMD_CONNECT &&
1520 nla_get_u16(status) != WLAN_STATUS_SUCCESS) {
1522 event.assoc_reject.bssid = nla_data(addr);
1524 event.assoc_reject.resp_ies = nla_data(resp_ie);
1525 event.assoc_reject.resp_ies_len = nla_len(resp_ie);
1527 event.assoc_reject.status_code = nla_get_u16(status);
1528 wpa_supplicant_event(drv->ctx, EVENT_ASSOC_REJECT, &event);
1532 drv->associated = 1;
1534 os_memcpy(drv->bssid, nla_data(addr), ETH_ALEN);
1535 os_memcpy(drv->prev_bssid, drv->bssid, ETH_ALEN);
1539 event.assoc_info.req_ies = nla_data(req_ie);
1540 event.assoc_info.req_ies_len = nla_len(req_ie);
1543 event.assoc_info.resp_ies = nla_data(resp_ie);
1544 event.assoc_info.resp_ies_len = nla_len(resp_ie);
1547 event.assoc_info.freq = nl80211_get_assoc_freq(drv);
1549 wpa_supplicant_event(drv->ctx, EVENT_ASSOC, &event);
1553 static void mlme_event_disconnect(struct wpa_driver_nl80211_data *drv,
1554 struct nlattr *reason, struct nlattr *addr,
1555 struct nlattr *by_ap)
1557 union wpa_event_data data;
1558 unsigned int locally_generated = by_ap == NULL;
1560 if (drv->capa.flags & WPA_DRIVER_FLAGS_SME) {
1562 * Avoid reporting two disassociation events that could
1563 * confuse the core code.
1565 wpa_printf(MSG_DEBUG, "nl80211: Ignore disconnect "
1566 "event when using userspace SME");
1570 if (drv->ignore_next_local_disconnect) {
1571 drv->ignore_next_local_disconnect = 0;
1572 if (locally_generated) {
1573 wpa_printf(MSG_DEBUG, "nl80211: Ignore disconnect "
1574 "event triggered during reassociation");
1577 wpa_printf(MSG_WARNING, "nl80211: Was expecting local "
1578 "disconnect but got another disconnect "
1582 wpa_printf(MSG_DEBUG, "nl80211: Disconnect event");
1583 nl80211_mark_disconnected(drv);
1584 os_memset(&data, 0, sizeof(data));
1586 data.deauth_info.reason_code = nla_get_u16(reason);
1587 data.deauth_info.locally_generated = by_ap == NULL;
1588 wpa_supplicant_event(drv->ctx, EVENT_DEAUTH, &data);
1592 static int calculate_chan_offset(int width, int freq, int cf1, int cf2)
1596 switch (convert2width(width)) {
1597 case CHAN_WIDTH_20_NOHT:
1606 case CHAN_WIDTH_160:
1609 case CHAN_WIDTH_UNKNOWN:
1610 case CHAN_WIDTH_80P80:
1611 /* FIXME: implement this */
1615 return (abs(freq - freq1) / 20) % 2 == 0 ? 1 : -1;
1619 static void mlme_event_ch_switch(struct wpa_driver_nl80211_data *drv,
1620 struct nlattr *ifindex, struct nlattr *freq,
1621 struct nlattr *type, struct nlattr *bw,
1622 struct nlattr *cf1, struct nlattr *cf2)
1624 struct i802_bss *bss;
1625 union wpa_event_data data;
1627 int chan_offset = 0;
1630 wpa_printf(MSG_DEBUG, "nl80211: Channel switch event");
1635 ifidx = nla_get_u32(ifindex);
1636 for (bss = drv->first_bss; bss; bss = bss->next)
1637 if (bss->ifindex == ifidx)
1641 wpa_printf(MSG_WARNING, "nl80211: Unknown ifindex (%d) for channel switch, ignoring",
1647 switch (nla_get_u32(type)) {
1648 case NL80211_CHAN_NO_HT:
1651 case NL80211_CHAN_HT20:
1653 case NL80211_CHAN_HT40PLUS:
1656 case NL80211_CHAN_HT40MINUS:
1660 } else if (bw && cf1) {
1661 /* This can happen for example with VHT80 ch switch */
1662 chan_offset = calculate_chan_offset(nla_get_u32(bw),
1665 cf2 ? nla_get_u32(cf2) : 0);
1667 wpa_printf(MSG_WARNING, "nl80211: Unknown secondary channel information - following channel definition calculations may fail");
1670 os_memset(&data, 0, sizeof(data));
1671 data.ch_switch.freq = nla_get_u32(freq);
1672 data.ch_switch.ht_enabled = ht_enabled;
1673 data.ch_switch.ch_offset = chan_offset;
1675 data.ch_switch.ch_width = convert2width(nla_get_u32(bw));
1677 data.ch_switch.cf1 = nla_get_u32(cf1);
1679 data.ch_switch.cf2 = nla_get_u32(cf2);
1681 bss->freq = data.ch_switch.freq;
1683 wpa_supplicant_event(drv->ctx, EVENT_CH_SWITCH, &data);
1687 static void mlme_timeout_event(struct wpa_driver_nl80211_data *drv,
1688 enum nl80211_commands cmd, struct nlattr *addr)
1690 union wpa_event_data event;
1691 enum wpa_event_type ev;
1693 if (nla_len(addr) != ETH_ALEN)
1696 wpa_printf(MSG_DEBUG, "nl80211: MLME event %d; timeout with " MACSTR,
1697 cmd, MAC2STR((u8 *) nla_data(addr)));
1699 if (cmd == NL80211_CMD_AUTHENTICATE)
1700 ev = EVENT_AUTH_TIMED_OUT;
1701 else if (cmd == NL80211_CMD_ASSOCIATE)
1702 ev = EVENT_ASSOC_TIMED_OUT;
1706 os_memset(&event, 0, sizeof(event));
1707 os_memcpy(event.timeout_event.addr, nla_data(addr), ETH_ALEN);
1708 wpa_supplicant_event(drv->ctx, ev, &event);
1712 static void mlme_event_mgmt(struct i802_bss *bss,
1713 struct nlattr *freq, struct nlattr *sig,
1714 const u8 *frame, size_t len)
1716 struct wpa_driver_nl80211_data *drv = bss->drv;
1717 const struct ieee80211_mgmt *mgmt;
1718 union wpa_event_data event;
1723 wpa_printf(MSG_MSGDUMP, "nl80211: Frame event");
1724 mgmt = (const struct ieee80211_mgmt *) frame;
1726 wpa_printf(MSG_DEBUG, "nl80211: Too short management frame");
1730 fc = le_to_host16(mgmt->frame_control);
1731 stype = WLAN_FC_GET_STYPE(fc);
1734 ssi_signal = (s32) nla_get_u32(sig);
1736 os_memset(&event, 0, sizeof(event));
1738 event.rx_mgmt.freq = nla_get_u32(freq);
1739 rx_freq = drv->last_mgmt_freq = event.rx_mgmt.freq;
1741 wpa_printf(MSG_DEBUG,
1742 "nl80211: RX frame sa=" MACSTR
1743 " freq=%d ssi_signal=%d stype=%u (%s) len=%u",
1744 MAC2STR(mgmt->sa), rx_freq, ssi_signal, stype, fc2str(fc),
1745 (unsigned int) len);
1746 event.rx_mgmt.frame = frame;
1747 event.rx_mgmt.frame_len = len;
1748 event.rx_mgmt.ssi_signal = ssi_signal;
1749 event.rx_mgmt.drv_priv = bss;
1750 wpa_supplicant_event(drv->ctx, EVENT_RX_MGMT, &event);
1754 static void mlme_event_mgmt_tx_status(struct wpa_driver_nl80211_data *drv,
1755 struct nlattr *cookie, const u8 *frame,
1756 size_t len, struct nlattr *ack)
1758 union wpa_event_data event;
1759 const struct ieee80211_hdr *hdr;
1762 wpa_printf(MSG_DEBUG, "nl80211: Frame TX status event");
1763 if (!is_ap_interface(drv->nlmode)) {
1769 cookie_val = nla_get_u64(cookie);
1770 wpa_printf(MSG_DEBUG, "nl80211: Action TX status:"
1771 " cookie=0%llx%s (ack=%d)",
1772 (long long unsigned int) cookie_val,
1773 cookie_val == drv->send_action_cookie ?
1774 " (match)" : " (unknown)", ack != NULL);
1775 if (cookie_val != drv->send_action_cookie)
1779 hdr = (const struct ieee80211_hdr *) frame;
1780 fc = le_to_host16(hdr->frame_control);
1782 os_memset(&event, 0, sizeof(event));
1783 event.tx_status.type = WLAN_FC_GET_TYPE(fc);
1784 event.tx_status.stype = WLAN_FC_GET_STYPE(fc);
1785 event.tx_status.dst = hdr->addr1;
1786 event.tx_status.data = frame;
1787 event.tx_status.data_len = len;
1788 event.tx_status.ack = ack != NULL;
1789 wpa_supplicant_event(drv->ctx, EVENT_TX_STATUS, &event);
1793 static void mlme_event_deauth_disassoc(struct wpa_driver_nl80211_data *drv,
1794 enum wpa_event_type type,
1795 const u8 *frame, size_t len)
1797 const struct ieee80211_mgmt *mgmt;
1798 union wpa_event_data event;
1799 const u8 *bssid = NULL;
1800 u16 reason_code = 0;
1802 if (type == EVENT_DEAUTH)
1803 wpa_printf(MSG_DEBUG, "nl80211: Deauthenticate event");
1805 wpa_printf(MSG_DEBUG, "nl80211: Disassociate event");
1807 mgmt = (const struct ieee80211_mgmt *) frame;
1809 bssid = mgmt->bssid;
1811 if ((drv->capa.flags & WPA_DRIVER_FLAGS_SME) &&
1813 os_memcmp(bssid, drv->auth_bssid, ETH_ALEN) != 0 &&
1814 os_memcmp(bssid, drv->auth_attempt_bssid, ETH_ALEN) != 0 &&
1815 os_memcmp(bssid, drv->prev_bssid, ETH_ALEN) == 0) {
1817 * Avoid issues with some roaming cases where
1818 * disconnection event for the old AP may show up after
1819 * we have started connection with the new AP.
1821 wpa_printf(MSG_DEBUG, "nl80211: Ignore deauth/disassoc event from old AP " MACSTR " when already authenticating with " MACSTR,
1823 MAC2STR(drv->auth_attempt_bssid));
1827 if (drv->associated != 0 &&
1828 os_memcmp(bssid, drv->bssid, ETH_ALEN) != 0 &&
1829 os_memcmp(bssid, drv->auth_bssid, ETH_ALEN) != 0) {
1831 * We have presumably received this deauth as a
1832 * response to a clear_state_mismatch() outgoing
1833 * deauth. Don't let it take us offline!
1835 wpa_printf(MSG_DEBUG, "nl80211: Deauth received "
1836 "from Unknown BSSID " MACSTR " -- ignoring",
1842 nl80211_mark_disconnected(drv);
1843 os_memset(&event, 0, sizeof(event));
1845 /* Note: Same offset for Reason Code in both frame subtypes */
1846 if (len >= 24 + sizeof(mgmt->u.deauth))
1847 reason_code = le_to_host16(mgmt->u.deauth.reason_code);
1849 if (type == EVENT_DISASSOC) {
1850 event.disassoc_info.locally_generated =
1851 !os_memcmp(mgmt->sa, drv->first_bss->addr, ETH_ALEN);
1852 event.disassoc_info.addr = bssid;
1853 event.disassoc_info.reason_code = reason_code;
1854 if (frame + len > mgmt->u.disassoc.variable) {
1855 event.disassoc_info.ie = mgmt->u.disassoc.variable;
1856 event.disassoc_info.ie_len = frame + len -
1857 mgmt->u.disassoc.variable;
1860 if (drv->ignore_deauth_event) {
1861 wpa_printf(MSG_DEBUG, "nl80211: Ignore deauth event due to previous forced deauth-during-auth");
1862 drv->ignore_deauth_event = 0;
1865 event.deauth_info.locally_generated =
1866 !os_memcmp(mgmt->sa, drv->first_bss->addr, ETH_ALEN);
1867 if (drv->ignore_next_local_deauth) {
1868 drv->ignore_next_local_deauth = 0;
1869 if (event.deauth_info.locally_generated) {
1870 wpa_printf(MSG_DEBUG, "nl80211: Ignore deauth event triggered due to own deauth request");
1873 wpa_printf(MSG_WARNING, "nl80211: Was expecting local deauth but got another disconnect event first");
1875 event.deauth_info.addr = bssid;
1876 event.deauth_info.reason_code = reason_code;
1877 if (frame + len > mgmt->u.deauth.variable) {
1878 event.deauth_info.ie = mgmt->u.deauth.variable;
1879 event.deauth_info.ie_len = frame + len -
1880 mgmt->u.deauth.variable;
1884 wpa_supplicant_event(drv->ctx, type, &event);
1888 static void mlme_event_unprot_disconnect(struct wpa_driver_nl80211_data *drv,
1889 enum wpa_event_type type,
1890 const u8 *frame, size_t len)
1892 const struct ieee80211_mgmt *mgmt;
1893 union wpa_event_data event;
1894 u16 reason_code = 0;
1896 if (type == EVENT_UNPROT_DEAUTH)
1897 wpa_printf(MSG_DEBUG, "nl80211: Unprot Deauthenticate event");
1899 wpa_printf(MSG_DEBUG, "nl80211: Unprot Disassociate event");
1904 mgmt = (const struct ieee80211_mgmt *) frame;
1906 os_memset(&event, 0, sizeof(event));
1907 /* Note: Same offset for Reason Code in both frame subtypes */
1908 if (len >= 24 + sizeof(mgmt->u.deauth))
1909 reason_code = le_to_host16(mgmt->u.deauth.reason_code);
1911 if (type == EVENT_UNPROT_DISASSOC) {
1912 event.unprot_disassoc.sa = mgmt->sa;
1913 event.unprot_disassoc.da = mgmt->da;
1914 event.unprot_disassoc.reason_code = reason_code;
1916 event.unprot_deauth.sa = mgmt->sa;
1917 event.unprot_deauth.da = mgmt->da;
1918 event.unprot_deauth.reason_code = reason_code;
1921 wpa_supplicant_event(drv->ctx, type, &event);
1925 static void mlme_event(struct i802_bss *bss,
1926 enum nl80211_commands cmd, struct nlattr *frame,
1927 struct nlattr *addr, struct nlattr *timed_out,
1928 struct nlattr *freq, struct nlattr *ack,
1929 struct nlattr *cookie, struct nlattr *sig)
1931 struct wpa_driver_nl80211_data *drv = bss->drv;
1935 if (timed_out && addr) {
1936 mlme_timeout_event(drv, cmd, addr);
1940 if (frame == NULL) {
1941 wpa_printf(MSG_DEBUG,
1942 "nl80211: MLME event %d (%s) without frame data",
1943 cmd, nl80211_command_to_string(cmd));
1947 data = nla_data(frame);
1948 len = nla_len(frame);
1949 if (len < 4 + 2 * ETH_ALEN) {
1950 wpa_printf(MSG_MSGDUMP, "nl80211: MLME event %d (%s) on %s("
1951 MACSTR ") - too short",
1952 cmd, nl80211_command_to_string(cmd), bss->ifname,
1953 MAC2STR(bss->addr));
1956 wpa_printf(MSG_MSGDUMP, "nl80211: MLME event %d (%s) on %s(" MACSTR
1957 ") A1=" MACSTR " A2=" MACSTR, cmd,
1958 nl80211_command_to_string(cmd), bss->ifname,
1959 MAC2STR(bss->addr), MAC2STR(data + 4),
1960 MAC2STR(data + 4 + ETH_ALEN));
1961 if (cmd != NL80211_CMD_FRAME_TX_STATUS && !(data[4] & 0x01) &&
1962 os_memcmp(bss->addr, data + 4, ETH_ALEN) != 0 &&
1963 os_memcmp(bss->addr, data + 4 + ETH_ALEN, ETH_ALEN) != 0) {
1964 wpa_printf(MSG_MSGDUMP, "nl80211: %s: Ignore MLME frame event "
1965 "for foreign address", bss->ifname);
1968 wpa_hexdump(MSG_MSGDUMP, "nl80211: MLME event frame",
1969 nla_data(frame), nla_len(frame));
1972 case NL80211_CMD_AUTHENTICATE:
1973 mlme_event_auth(drv, nla_data(frame), nla_len(frame));
1975 case NL80211_CMD_ASSOCIATE:
1976 mlme_event_assoc(drv, nla_data(frame), nla_len(frame));
1978 case NL80211_CMD_DEAUTHENTICATE:
1979 mlme_event_deauth_disassoc(drv, EVENT_DEAUTH,
1980 nla_data(frame), nla_len(frame));
1982 case NL80211_CMD_DISASSOCIATE:
1983 mlme_event_deauth_disassoc(drv, EVENT_DISASSOC,
1984 nla_data(frame), nla_len(frame));
1986 case NL80211_CMD_FRAME:
1987 mlme_event_mgmt(bss, freq, sig, nla_data(frame),
1990 case NL80211_CMD_FRAME_TX_STATUS:
1991 mlme_event_mgmt_tx_status(drv, cookie, nla_data(frame),
1992 nla_len(frame), ack);
1994 case NL80211_CMD_UNPROT_DEAUTHENTICATE:
1995 mlme_event_unprot_disconnect(drv, EVENT_UNPROT_DEAUTH,
1996 nla_data(frame), nla_len(frame));
1998 case NL80211_CMD_UNPROT_DISASSOCIATE:
1999 mlme_event_unprot_disconnect(drv, EVENT_UNPROT_DISASSOC,
2000 nla_data(frame), nla_len(frame));
2008 static void mlme_event_michael_mic_failure(struct i802_bss *bss,
2009 struct nlattr *tb[])
2011 union wpa_event_data data;
2013 wpa_printf(MSG_DEBUG, "nl80211: MLME event Michael MIC failure");
2014 os_memset(&data, 0, sizeof(data));
2015 if (tb[NL80211_ATTR_MAC]) {
2016 wpa_hexdump(MSG_DEBUG, "nl80211: Source MAC address",
2017 nla_data(tb[NL80211_ATTR_MAC]),
2018 nla_len(tb[NL80211_ATTR_MAC]));
2019 data.michael_mic_failure.src = nla_data(tb[NL80211_ATTR_MAC]);
2021 if (tb[NL80211_ATTR_KEY_SEQ]) {
2022 wpa_hexdump(MSG_DEBUG, "nl80211: TSC",
2023 nla_data(tb[NL80211_ATTR_KEY_SEQ]),
2024 nla_len(tb[NL80211_ATTR_KEY_SEQ]));
2026 if (tb[NL80211_ATTR_KEY_TYPE]) {
2027 enum nl80211_key_type key_type =
2028 nla_get_u32(tb[NL80211_ATTR_KEY_TYPE]);
2029 wpa_printf(MSG_DEBUG, "nl80211: Key Type %d", key_type);
2030 if (key_type == NL80211_KEYTYPE_PAIRWISE)
2031 data.michael_mic_failure.unicast = 1;
2033 data.michael_mic_failure.unicast = 1;
2035 if (tb[NL80211_ATTR_KEY_IDX]) {
2036 u8 key_id = nla_get_u8(tb[NL80211_ATTR_KEY_IDX]);
2037 wpa_printf(MSG_DEBUG, "nl80211: Key Id %d", key_id);
2040 wpa_supplicant_event(bss->ctx, EVENT_MICHAEL_MIC_FAILURE, &data);
2044 static void mlme_event_join_ibss(struct wpa_driver_nl80211_data *drv,
2045 struct nlattr *tb[])
2049 if (tb[NL80211_ATTR_MAC] == NULL) {
2050 wpa_printf(MSG_DEBUG, "nl80211: No address in IBSS joined "
2054 os_memcpy(drv->bssid, nla_data(tb[NL80211_ATTR_MAC]), ETH_ALEN);
2056 drv->associated = 1;
2057 wpa_printf(MSG_DEBUG, "nl80211: IBSS " MACSTR " joined",
2058 MAC2STR(drv->bssid));
2060 freq = nl80211_get_assoc_freq(drv);
2062 wpa_printf(MSG_DEBUG, "nl80211: IBSS on frequency %u MHz",
2064 drv->first_bss->freq = freq;
2067 wpa_supplicant_event(drv->ctx, EVENT_ASSOC, NULL);
2071 static void mlme_event_remain_on_channel(struct wpa_driver_nl80211_data *drv,
2072 int cancel_event, struct nlattr *tb[])
2074 unsigned int freq, chan_type, duration;
2075 union wpa_event_data data;
2078 if (tb[NL80211_ATTR_WIPHY_FREQ])
2079 freq = nla_get_u32(tb[NL80211_ATTR_WIPHY_FREQ]);
2083 if (tb[NL80211_ATTR_WIPHY_CHANNEL_TYPE])
2084 chan_type = nla_get_u32(tb[NL80211_ATTR_WIPHY_CHANNEL_TYPE]);
2088 if (tb[NL80211_ATTR_DURATION])
2089 duration = nla_get_u32(tb[NL80211_ATTR_DURATION]);
2093 if (tb[NL80211_ATTR_COOKIE])
2094 cookie = nla_get_u64(tb[NL80211_ATTR_COOKIE]);
2098 wpa_printf(MSG_DEBUG, "nl80211: Remain-on-channel event (cancel=%d "
2099 "freq=%u channel_type=%u duration=%u cookie=0x%llx (%s))",
2100 cancel_event, freq, chan_type, duration,
2101 (long long unsigned int) cookie,
2102 cookie == drv->remain_on_chan_cookie ? "match" : "unknown");
2104 if (cookie != drv->remain_on_chan_cookie)
2105 return; /* not for us */
2108 drv->pending_remain_on_chan = 0;
2110 os_memset(&data, 0, sizeof(data));
2111 data.remain_on_channel.freq = freq;
2112 data.remain_on_channel.duration = duration;
2113 wpa_supplicant_event(drv->ctx, cancel_event ?
2114 EVENT_CANCEL_REMAIN_ON_CHANNEL :
2115 EVENT_REMAIN_ON_CHANNEL, &data);
2119 static void mlme_event_ft_event(struct wpa_driver_nl80211_data *drv,
2120 struct nlattr *tb[])
2122 union wpa_event_data data;
2124 os_memset(&data, 0, sizeof(data));
2126 if (tb[NL80211_ATTR_IE]) {
2127 data.ft_ies.ies = nla_data(tb[NL80211_ATTR_IE]);
2128 data.ft_ies.ies_len = nla_len(tb[NL80211_ATTR_IE]);
2131 if (tb[NL80211_ATTR_IE_RIC]) {
2132 data.ft_ies.ric_ies = nla_data(tb[NL80211_ATTR_IE_RIC]);
2133 data.ft_ies.ric_ies_len = nla_len(tb[NL80211_ATTR_IE_RIC]);
2136 if (tb[NL80211_ATTR_MAC])
2137 os_memcpy(data.ft_ies.target_ap,
2138 nla_data(tb[NL80211_ATTR_MAC]), ETH_ALEN);
2140 wpa_printf(MSG_DEBUG, "nl80211: FT event target_ap " MACSTR,
2141 MAC2STR(data.ft_ies.target_ap));
2143 wpa_supplicant_event(drv->ctx, EVENT_FT_RESPONSE, &data);
2147 static void send_scan_event(struct wpa_driver_nl80211_data *drv, int aborted,
2148 struct nlattr *tb[])
2150 union wpa_event_data event;
2153 struct scan_info *info;
2154 #define MAX_REPORT_FREQS 50
2155 int freqs[MAX_REPORT_FREQS];
2158 if (drv->scan_for_auth) {
2159 drv->scan_for_auth = 0;
2160 wpa_printf(MSG_DEBUG, "nl80211: Scan results for missing "
2161 "cfg80211 BSS entry");
2162 wpa_driver_nl80211_authenticate_retry(drv);
2166 os_memset(&event, 0, sizeof(event));
2167 info = &event.scan_info;
2168 info->aborted = aborted;
2170 if (tb[NL80211_ATTR_SCAN_SSIDS]) {
2171 nla_for_each_nested(nl, tb[NL80211_ATTR_SCAN_SSIDS], rem) {
2172 struct wpa_driver_scan_ssid *s =
2173 &info->ssids[info->num_ssids];
2174 s->ssid = nla_data(nl);
2175 s->ssid_len = nla_len(nl);
2176 wpa_printf(MSG_DEBUG, "nl80211: Scan probed for SSID '%s'",
2177 wpa_ssid_txt(s->ssid, s->ssid_len));
2179 if (info->num_ssids == WPAS_MAX_SCAN_SSIDS)
2183 if (tb[NL80211_ATTR_SCAN_FREQUENCIES]) {
2184 char msg[200], *pos, *end;
2188 end = pos + sizeof(msg);
2191 nla_for_each_nested(nl, tb[NL80211_ATTR_SCAN_FREQUENCIES], rem)
2193 freqs[num_freqs] = nla_get_u32(nl);
2194 res = os_snprintf(pos, end - pos, " %d",
2196 if (res > 0 && end - pos > res)
2199 if (num_freqs == MAX_REPORT_FREQS - 1)
2202 info->freqs = freqs;
2203 info->num_freqs = num_freqs;
2204 wpa_printf(MSG_DEBUG, "nl80211: Scan included frequencies:%s",
2207 wpa_supplicant_event(drv->ctx, EVENT_SCAN_RESULTS, &event);
2211 static int get_link_signal(struct nl_msg *msg, void *arg)
2213 struct nlattr *tb[NL80211_ATTR_MAX + 1];
2214 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
2215 struct nlattr *sinfo[NL80211_STA_INFO_MAX + 1];
2216 static struct nla_policy policy[NL80211_STA_INFO_MAX + 1] = {
2217 [NL80211_STA_INFO_SIGNAL] = { .type = NLA_U8 },
2218 [NL80211_STA_INFO_SIGNAL_AVG] = { .type = NLA_U8 },
2220 struct nlattr *rinfo[NL80211_RATE_INFO_MAX + 1];
2221 static struct nla_policy rate_policy[NL80211_RATE_INFO_MAX + 1] = {
2222 [NL80211_RATE_INFO_BITRATE] = { .type = NLA_U16 },
2223 [NL80211_RATE_INFO_MCS] = { .type = NLA_U8 },
2224 [NL80211_RATE_INFO_40_MHZ_WIDTH] = { .type = NLA_FLAG },
2225 [NL80211_RATE_INFO_SHORT_GI] = { .type = NLA_FLAG },
2227 struct wpa_signal_info *sig_change = arg;
2229 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
2230 genlmsg_attrlen(gnlh, 0), NULL);
2231 if (!tb[NL80211_ATTR_STA_INFO] ||
2232 nla_parse_nested(sinfo, NL80211_STA_INFO_MAX,
2233 tb[NL80211_ATTR_STA_INFO], policy))
2235 if (!sinfo[NL80211_STA_INFO_SIGNAL])
2238 sig_change->current_signal =
2239 (s8) nla_get_u8(sinfo[NL80211_STA_INFO_SIGNAL]);
2241 if (sinfo[NL80211_STA_INFO_SIGNAL_AVG])
2242 sig_change->avg_signal =
2243 (s8) nla_get_u8(sinfo[NL80211_STA_INFO_SIGNAL_AVG]);
2245 sig_change->avg_signal = 0;
2247 if (sinfo[NL80211_STA_INFO_TX_BITRATE]) {
2248 if (nla_parse_nested(rinfo, NL80211_RATE_INFO_MAX,
2249 sinfo[NL80211_STA_INFO_TX_BITRATE],
2251 sig_change->current_txrate = 0;
2253 if (rinfo[NL80211_RATE_INFO_BITRATE]) {
2254 sig_change->current_txrate =
2256 NL80211_RATE_INFO_BITRATE]) * 100;
2265 static int nl80211_get_link_signal(struct wpa_driver_nl80211_data *drv,
2266 struct wpa_signal_info *sig)
2270 sig->current_signal = -9999;
2271 sig->current_txrate = 0;
2273 msg = nlmsg_alloc();
2277 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_STATION);
2279 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
2280 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, drv->bssid);
2282 return send_and_recv_msgs(drv, msg, get_link_signal, sig);
2289 static int get_link_noise(struct nl_msg *msg, void *arg)
2291 struct nlattr *tb[NL80211_ATTR_MAX + 1];
2292 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
2293 struct nlattr *sinfo[NL80211_SURVEY_INFO_MAX + 1];
2294 static struct nla_policy survey_policy[NL80211_SURVEY_INFO_MAX + 1] = {
2295 [NL80211_SURVEY_INFO_FREQUENCY] = { .type = NLA_U32 },
2296 [NL80211_SURVEY_INFO_NOISE] = { .type = NLA_U8 },
2298 struct wpa_signal_info *sig_change = arg;
2300 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
2301 genlmsg_attrlen(gnlh, 0), NULL);
2303 if (!tb[NL80211_ATTR_SURVEY_INFO]) {
2304 wpa_printf(MSG_DEBUG, "nl80211: survey data missing!");
2308 if (nla_parse_nested(sinfo, NL80211_SURVEY_INFO_MAX,
2309 tb[NL80211_ATTR_SURVEY_INFO],
2311 wpa_printf(MSG_DEBUG, "nl80211: failed to parse nested "
2316 if (!sinfo[NL80211_SURVEY_INFO_FREQUENCY])
2319 if (nla_get_u32(sinfo[NL80211_SURVEY_INFO_FREQUENCY]) !=
2320 sig_change->frequency)
2323 if (!sinfo[NL80211_SURVEY_INFO_NOISE])
2326 sig_change->current_noise =
2327 (s8) nla_get_u8(sinfo[NL80211_SURVEY_INFO_NOISE]);
2333 static int nl80211_get_link_noise(struct wpa_driver_nl80211_data *drv,
2334 struct wpa_signal_info *sig_change)
2338 sig_change->current_noise = 9999;
2339 sig_change->frequency = drv->assoc_freq;
2341 msg = nlmsg_alloc();
2345 nl80211_cmd(drv, msg, NLM_F_DUMP, NL80211_CMD_GET_SURVEY);
2347 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
2349 return send_and_recv_msgs(drv, msg, get_link_noise, sig_change);
2356 static int get_noise_for_scan_results(struct nl_msg *msg, void *arg)
2358 struct nlattr *tb[NL80211_ATTR_MAX + 1];
2359 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
2360 struct nlattr *sinfo[NL80211_SURVEY_INFO_MAX + 1];
2361 static struct nla_policy survey_policy[NL80211_SURVEY_INFO_MAX + 1] = {
2362 [NL80211_SURVEY_INFO_FREQUENCY] = { .type = NLA_U32 },
2363 [NL80211_SURVEY_INFO_NOISE] = { .type = NLA_U8 },
2365 struct wpa_scan_results *scan_results = arg;
2366 struct wpa_scan_res *scan_res;
2369 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
2370 genlmsg_attrlen(gnlh, 0), NULL);
2372 if (!tb[NL80211_ATTR_SURVEY_INFO]) {
2373 wpa_printf(MSG_DEBUG, "nl80211: Survey data missing");
2377 if (nla_parse_nested(sinfo, NL80211_SURVEY_INFO_MAX,
2378 tb[NL80211_ATTR_SURVEY_INFO],
2380 wpa_printf(MSG_DEBUG, "nl80211: Failed to parse nested "
2385 if (!sinfo[NL80211_SURVEY_INFO_NOISE])
2388 if (!sinfo[NL80211_SURVEY_INFO_FREQUENCY])
2391 for (i = 0; i < scan_results->num; ++i) {
2392 scan_res = scan_results->res[i];
2395 if ((int) nla_get_u32(sinfo[NL80211_SURVEY_INFO_FREQUENCY]) !=
2398 if (!(scan_res->flags & WPA_SCAN_NOISE_INVALID))
2400 scan_res->noise = (s8)
2401 nla_get_u8(sinfo[NL80211_SURVEY_INFO_NOISE]);
2402 scan_res->flags &= ~WPA_SCAN_NOISE_INVALID;
2409 static int nl80211_get_noise_for_scan_results(
2410 struct wpa_driver_nl80211_data *drv,
2411 struct wpa_scan_results *scan_res)
2415 msg = nlmsg_alloc();
2419 nl80211_cmd(drv, msg, NLM_F_DUMP, NL80211_CMD_GET_SURVEY);
2421 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
2423 return send_and_recv_msgs(drv, msg, get_noise_for_scan_results,
2431 static void nl80211_cqm_event(struct wpa_driver_nl80211_data *drv,
2432 struct nlattr *tb[])
2434 static struct nla_policy cqm_policy[NL80211_ATTR_CQM_MAX + 1] = {
2435 [NL80211_ATTR_CQM_RSSI_THOLD] = { .type = NLA_U32 },
2436 [NL80211_ATTR_CQM_RSSI_HYST] = { .type = NLA_U8 },
2437 [NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT] = { .type = NLA_U32 },
2438 [NL80211_ATTR_CQM_PKT_LOSS_EVENT] = { .type = NLA_U32 },
2440 struct nlattr *cqm[NL80211_ATTR_CQM_MAX + 1];
2441 enum nl80211_cqm_rssi_threshold_event event;
2442 union wpa_event_data ed;
2443 struct wpa_signal_info sig;
2446 if (tb[NL80211_ATTR_CQM] == NULL ||
2447 nla_parse_nested(cqm, NL80211_ATTR_CQM_MAX, tb[NL80211_ATTR_CQM],
2449 wpa_printf(MSG_DEBUG, "nl80211: Ignore invalid CQM event");
2453 os_memset(&ed, 0, sizeof(ed));
2455 if (cqm[NL80211_ATTR_CQM_PKT_LOSS_EVENT]) {
2456 if (!tb[NL80211_ATTR_MAC])
2458 os_memcpy(ed.low_ack.addr, nla_data(tb[NL80211_ATTR_MAC]),
2460 wpa_supplicant_event(drv->ctx, EVENT_STATION_LOW_ACK, &ed);
2464 if (cqm[NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT] == NULL)
2466 event = nla_get_u32(cqm[NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT]);
2468 if (event == NL80211_CQM_RSSI_THRESHOLD_EVENT_HIGH) {
2469 wpa_printf(MSG_DEBUG, "nl80211: Connection quality monitor "
2470 "event: RSSI high");
2471 ed.signal_change.above_threshold = 1;
2472 } else if (event == NL80211_CQM_RSSI_THRESHOLD_EVENT_LOW) {
2473 wpa_printf(MSG_DEBUG, "nl80211: Connection quality monitor "
2475 ed.signal_change.above_threshold = 0;
2479 res = nl80211_get_link_signal(drv, &sig);
2481 ed.signal_change.current_signal = sig.current_signal;
2482 ed.signal_change.current_txrate = sig.current_txrate;
2483 wpa_printf(MSG_DEBUG, "nl80211: Signal: %d dBm txrate: %d",
2484 sig.current_signal, sig.current_txrate);
2487 res = nl80211_get_link_noise(drv, &sig);
2489 ed.signal_change.current_noise = sig.current_noise;
2490 wpa_printf(MSG_DEBUG, "nl80211: Noise: %d dBm",
2494 wpa_supplicant_event(drv->ctx, EVENT_SIGNAL_CHANGE, &ed);
2498 static void nl80211_new_station_event(struct wpa_driver_nl80211_data *drv,
2502 union wpa_event_data data;
2504 if (tb[NL80211_ATTR_MAC] == NULL)
2506 addr = nla_data(tb[NL80211_ATTR_MAC]);
2507 wpa_printf(MSG_DEBUG, "nl80211: New station " MACSTR, MAC2STR(addr));
2509 if (is_ap_interface(drv->nlmode) && drv->device_ap_sme) {
2512 if (tb[NL80211_ATTR_IE]) {
2513 ies = nla_data(tb[NL80211_ATTR_IE]);
2514 ies_len = nla_len(tb[NL80211_ATTR_IE]);
2516 wpa_hexdump(MSG_DEBUG, "nl80211: Assoc Req IEs", ies, ies_len);
2517 drv_event_assoc(drv->ctx, addr, ies, ies_len, 0);
2521 if (drv->nlmode != NL80211_IFTYPE_ADHOC)
2524 os_memset(&data, 0, sizeof(data));
2525 os_memcpy(data.ibss_rsn_start.peer, addr, ETH_ALEN);
2526 wpa_supplicant_event(drv->ctx, EVENT_IBSS_RSN_START, &data);
2530 static void nl80211_del_station_event(struct wpa_driver_nl80211_data *drv,
2534 union wpa_event_data data;
2536 if (tb[NL80211_ATTR_MAC] == NULL)
2538 addr = nla_data(tb[NL80211_ATTR_MAC]);
2539 wpa_printf(MSG_DEBUG, "nl80211: Delete station " MACSTR,
2542 if (is_ap_interface(drv->nlmode) && drv->device_ap_sme) {
2543 drv_event_disassoc(drv->ctx, addr);
2547 if (drv->nlmode != NL80211_IFTYPE_ADHOC)
2550 os_memset(&data, 0, sizeof(data));
2551 os_memcpy(data.ibss_peer_lost.peer, addr, ETH_ALEN);
2552 wpa_supplicant_event(drv->ctx, EVENT_IBSS_PEER_LOST, &data);
2556 static void nl80211_rekey_offload_event(struct wpa_driver_nl80211_data *drv,
2559 struct nlattr *rekey_info[NUM_NL80211_REKEY_DATA];
2560 static struct nla_policy rekey_policy[NUM_NL80211_REKEY_DATA] = {
2561 [NL80211_REKEY_DATA_KEK] = {
2562 .minlen = NL80211_KEK_LEN,
2563 .maxlen = NL80211_KEK_LEN,
2565 [NL80211_REKEY_DATA_KCK] = {
2566 .minlen = NL80211_KCK_LEN,
2567 .maxlen = NL80211_KCK_LEN,
2569 [NL80211_REKEY_DATA_REPLAY_CTR] = {
2570 .minlen = NL80211_REPLAY_CTR_LEN,
2571 .maxlen = NL80211_REPLAY_CTR_LEN,
2574 union wpa_event_data data;
2576 if (!tb[NL80211_ATTR_MAC])
2578 if (!tb[NL80211_ATTR_REKEY_DATA])
2580 if (nla_parse_nested(rekey_info, MAX_NL80211_REKEY_DATA,
2581 tb[NL80211_ATTR_REKEY_DATA], rekey_policy))
2583 if (!rekey_info[NL80211_REKEY_DATA_REPLAY_CTR])
2586 os_memset(&data, 0, sizeof(data));
2587 data.driver_gtk_rekey.bssid = nla_data(tb[NL80211_ATTR_MAC]);
2588 wpa_printf(MSG_DEBUG, "nl80211: Rekey offload event for BSSID " MACSTR,
2589 MAC2STR(data.driver_gtk_rekey.bssid));
2590 data.driver_gtk_rekey.replay_ctr =
2591 nla_data(rekey_info[NL80211_REKEY_DATA_REPLAY_CTR]);
2592 wpa_hexdump(MSG_DEBUG, "nl80211: Rekey offload - Replay Counter",
2593 data.driver_gtk_rekey.replay_ctr, NL80211_REPLAY_CTR_LEN);
2594 wpa_supplicant_event(drv->ctx, EVENT_DRIVER_GTK_REKEY, &data);
2598 static void nl80211_pmksa_candidate_event(struct wpa_driver_nl80211_data *drv,
2601 struct nlattr *cand[NUM_NL80211_PMKSA_CANDIDATE];
2602 static struct nla_policy cand_policy[NUM_NL80211_PMKSA_CANDIDATE] = {
2603 [NL80211_PMKSA_CANDIDATE_INDEX] = { .type = NLA_U32 },
2604 [NL80211_PMKSA_CANDIDATE_BSSID] = {
2608 [NL80211_PMKSA_CANDIDATE_PREAUTH] = { .type = NLA_FLAG },
2610 union wpa_event_data data;
2612 wpa_printf(MSG_DEBUG, "nl80211: PMKSA candidate event");
2614 if (!tb[NL80211_ATTR_PMKSA_CANDIDATE])
2616 if (nla_parse_nested(cand, MAX_NL80211_PMKSA_CANDIDATE,
2617 tb[NL80211_ATTR_PMKSA_CANDIDATE], cand_policy))
2619 if (!cand[NL80211_PMKSA_CANDIDATE_INDEX] ||
2620 !cand[NL80211_PMKSA_CANDIDATE_BSSID])
2623 os_memset(&data, 0, sizeof(data));
2624 os_memcpy(data.pmkid_candidate.bssid,
2625 nla_data(cand[NL80211_PMKSA_CANDIDATE_BSSID]), ETH_ALEN);
2626 data.pmkid_candidate.index =
2627 nla_get_u32(cand[NL80211_PMKSA_CANDIDATE_INDEX]);
2628 data.pmkid_candidate.preauth =
2629 cand[NL80211_PMKSA_CANDIDATE_PREAUTH] != NULL;
2630 wpa_supplicant_event(drv->ctx, EVENT_PMKID_CANDIDATE, &data);
2634 static void nl80211_client_probe_event(struct wpa_driver_nl80211_data *drv,
2637 union wpa_event_data data;
2639 wpa_printf(MSG_DEBUG, "nl80211: Probe client event");
2641 if (!tb[NL80211_ATTR_MAC] || !tb[NL80211_ATTR_ACK])
2644 os_memset(&data, 0, sizeof(data));
2645 os_memcpy(data.client_poll.addr,
2646 nla_data(tb[NL80211_ATTR_MAC]), ETH_ALEN);
2648 wpa_supplicant_event(drv->ctx, EVENT_DRIVER_CLIENT_POLL_OK, &data);
2652 static void nl80211_tdls_oper_event(struct wpa_driver_nl80211_data *drv,
2655 union wpa_event_data data;
2657 wpa_printf(MSG_DEBUG, "nl80211: TDLS operation event");
2659 if (!tb[NL80211_ATTR_MAC] || !tb[NL80211_ATTR_TDLS_OPERATION])
2662 os_memset(&data, 0, sizeof(data));
2663 os_memcpy(data.tdls.peer, nla_data(tb[NL80211_ATTR_MAC]), ETH_ALEN);
2664 switch (nla_get_u8(tb[NL80211_ATTR_TDLS_OPERATION])) {
2665 case NL80211_TDLS_SETUP:
2666 wpa_printf(MSG_DEBUG, "nl80211: TDLS setup request for peer "
2667 MACSTR, MAC2STR(data.tdls.peer));
2668 data.tdls.oper = TDLS_REQUEST_SETUP;
2670 case NL80211_TDLS_TEARDOWN:
2671 wpa_printf(MSG_DEBUG, "nl80211: TDLS teardown request for peer "
2672 MACSTR, MAC2STR(data.tdls.peer));
2673 data.tdls.oper = TDLS_REQUEST_TEARDOWN;
2676 wpa_printf(MSG_DEBUG, "nl80211: Unsupported TDLS operatione "
2680 if (tb[NL80211_ATTR_REASON_CODE]) {
2681 data.tdls.reason_code =
2682 nla_get_u16(tb[NL80211_ATTR_REASON_CODE]);
2685 wpa_supplicant_event(drv->ctx, EVENT_TDLS, &data);
2689 static void nl80211_stop_ap(struct wpa_driver_nl80211_data *drv,
2692 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_UNAVAILABLE, NULL);
2696 static void nl80211_connect_failed_event(struct wpa_driver_nl80211_data *drv,
2699 union wpa_event_data data;
2702 wpa_printf(MSG_DEBUG, "nl80211: Connect failed event");
2704 if (!tb[NL80211_ATTR_MAC] || !tb[NL80211_ATTR_CONN_FAILED_REASON])
2707 os_memset(&data, 0, sizeof(data));
2708 os_memcpy(data.connect_failed_reason.addr,
2709 nla_data(tb[NL80211_ATTR_MAC]), ETH_ALEN);
2711 reason = nla_get_u32(tb[NL80211_ATTR_CONN_FAILED_REASON]);
2713 case NL80211_CONN_FAIL_MAX_CLIENTS:
2714 wpa_printf(MSG_DEBUG, "nl80211: Max client reached");
2715 data.connect_failed_reason.code = MAX_CLIENT_REACHED;
2717 case NL80211_CONN_FAIL_BLOCKED_CLIENT:
2718 wpa_printf(MSG_DEBUG, "nl80211: Blocked client " MACSTR
2719 " tried to connect",
2720 MAC2STR(data.connect_failed_reason.addr));
2721 data.connect_failed_reason.code = BLOCKED_CLIENT;
2724 wpa_printf(MSG_DEBUG, "nl8021l: Unknown connect failed reason "
2729 wpa_supplicant_event(drv->ctx, EVENT_CONNECT_FAILED_REASON, &data);
2733 static void nl80211_radar_event(struct wpa_driver_nl80211_data *drv,
2736 union wpa_event_data data;
2737 enum nl80211_radar_event event_type;
2739 if (!tb[NL80211_ATTR_WIPHY_FREQ] || !tb[NL80211_ATTR_RADAR_EVENT])
2742 os_memset(&data, 0, sizeof(data));
2743 data.dfs_event.freq = nla_get_u32(tb[NL80211_ATTR_WIPHY_FREQ]);
2744 event_type = nla_get_u32(tb[NL80211_ATTR_RADAR_EVENT]);
2746 /* Check HT params */
2747 if (tb[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) {
2748 data.dfs_event.ht_enabled = 1;
2749 data.dfs_event.chan_offset = 0;
2751 switch (nla_get_u32(tb[NL80211_ATTR_WIPHY_CHANNEL_TYPE])) {
2752 case NL80211_CHAN_NO_HT:
2753 data.dfs_event.ht_enabled = 0;
2755 case NL80211_CHAN_HT20:
2757 case NL80211_CHAN_HT40PLUS:
2758 data.dfs_event.chan_offset = 1;
2760 case NL80211_CHAN_HT40MINUS:
2761 data.dfs_event.chan_offset = -1;
2766 /* Get VHT params */
2767 if (tb[NL80211_ATTR_CHANNEL_WIDTH])
2768 data.dfs_event.chan_width =
2769 convert2width(nla_get_u32(
2770 tb[NL80211_ATTR_CHANNEL_WIDTH]));
2771 if (tb[NL80211_ATTR_CENTER_FREQ1])
2772 data.dfs_event.cf1 = nla_get_u32(tb[NL80211_ATTR_CENTER_FREQ1]);
2773 if (tb[NL80211_ATTR_CENTER_FREQ2])
2774 data.dfs_event.cf2 = nla_get_u32(tb[NL80211_ATTR_CENTER_FREQ2]);
2776 wpa_printf(MSG_DEBUG, "nl80211: DFS event on freq %d MHz, ht: %d, offset: %d, width: %d, cf1: %dMHz, cf2: %dMHz",
2777 data.dfs_event.freq, data.dfs_event.ht_enabled,
2778 data.dfs_event.chan_offset, data.dfs_event.chan_width,
2779 data.dfs_event.cf1, data.dfs_event.cf2);
2781 switch (event_type) {
2782 case NL80211_RADAR_DETECTED:
2783 wpa_supplicant_event(drv->ctx, EVENT_DFS_RADAR_DETECTED, &data);
2785 case NL80211_RADAR_CAC_FINISHED:
2786 wpa_supplicant_event(drv->ctx, EVENT_DFS_CAC_FINISHED, &data);
2788 case NL80211_RADAR_CAC_ABORTED:
2789 wpa_supplicant_event(drv->ctx, EVENT_DFS_CAC_ABORTED, &data);
2791 case NL80211_RADAR_NOP_FINISHED:
2792 wpa_supplicant_event(drv->ctx, EVENT_DFS_NOP_FINISHED, &data);
2795 wpa_printf(MSG_DEBUG, "nl80211: Unknown radar event %d "
2796 "received", event_type);
2802 static void nl80211_spurious_frame(struct i802_bss *bss, struct nlattr **tb,
2805 struct wpa_driver_nl80211_data *drv = bss->drv;
2806 union wpa_event_data event;
2808 if (!tb[NL80211_ATTR_MAC])
2811 os_memset(&event, 0, sizeof(event));
2812 event.rx_from_unknown.bssid = bss->addr;
2813 event.rx_from_unknown.addr = nla_data(tb[NL80211_ATTR_MAC]);
2814 event.rx_from_unknown.wds = wds;
2816 wpa_supplicant_event(drv->ctx, EVENT_RX_FROM_UNKNOWN, &event);
2820 static void qca_nl80211_avoid_freq(struct wpa_driver_nl80211_data *drv,
2821 const u8 *data, size_t len)
2824 union wpa_event_data event;
2825 struct wpa_freq_range *range = NULL;
2826 const struct qca_avoid_freq_list *freq_range;
2828 freq_range = (const struct qca_avoid_freq_list *) data;
2829 if (len < sizeof(freq_range->count))
2832 count = freq_range->count;
2833 if (len < sizeof(freq_range->count) +
2834 count * sizeof(struct qca_avoid_freq_range)) {
2835 wpa_printf(MSG_DEBUG, "nl80211: Ignored too short avoid frequency list (len=%u)",
2836 (unsigned int) len);
2841 range = os_calloc(count, sizeof(struct wpa_freq_range));
2846 os_memset(&event, 0, sizeof(event));
2847 for (i = 0; i < count; i++) {
2848 unsigned int idx = event.freq_range.num;
2849 range[idx].min = freq_range->range[i].start_freq;
2850 range[idx].max = freq_range->range[i].end_freq;
2851 wpa_printf(MSG_DEBUG, "nl80211: Avoid frequency range: %u-%u",
2852 range[idx].min, range[idx].max);
2853 if (range[idx].min > range[idx].max) {
2854 wpa_printf(MSG_DEBUG, "nl80211: Ignore invalid frequency range");
2857 event.freq_range.num++;
2859 event.freq_range.range = range;
2861 wpa_supplicant_event(drv->ctx, EVENT_AVOID_FREQUENCIES, &event);
2867 static void nl80211_vendor_event_qca(struct wpa_driver_nl80211_data *drv,
2868 u32 subcmd, u8 *data, size_t len)
2871 case QCA_NL80211_VENDOR_SUBCMD_AVOID_FREQUENCY:
2872 qca_nl80211_avoid_freq(drv, data, len);
2875 wpa_printf(MSG_DEBUG,
2876 "nl80211: Ignore unsupported QCA vendor event %u",
2883 static void nl80211_vendor_event(struct wpa_driver_nl80211_data *drv,
2886 u32 vendor_id, subcmd, wiphy = 0;
2891 if (!tb[NL80211_ATTR_VENDOR_ID] ||
2892 !tb[NL80211_ATTR_VENDOR_SUBCMD])
2895 vendor_id = nla_get_u32(tb[NL80211_ATTR_VENDOR_ID]);
2896 subcmd = nla_get_u32(tb[NL80211_ATTR_VENDOR_SUBCMD]);
2898 if (tb[NL80211_ATTR_WIPHY])
2899 wiphy = nla_get_u32(tb[NL80211_ATTR_WIPHY]);
2901 wpa_printf(MSG_DEBUG, "nl80211: Vendor event: wiphy=%u vendor_id=0x%x subcmd=%u",
2902 wiphy, vendor_id, subcmd);
2904 if (tb[NL80211_ATTR_VENDOR_DATA]) {
2905 data = nla_data(tb[NL80211_ATTR_VENDOR_DATA]);
2906 len = nla_len(tb[NL80211_ATTR_VENDOR_DATA]);
2907 wpa_hexdump(MSG_MSGDUMP, "nl80211: Vendor data", data, len);
2910 wiphy_idx = nl80211_get_wiphy_index(drv->first_bss);
2911 if (wiphy_idx >= 0 && wiphy_idx != (int) wiphy) {
2912 wpa_printf(MSG_DEBUG, "nl80211: Ignore vendor event for foreign wiphy %u (own: %d)",
2917 switch (vendor_id) {
2919 nl80211_vendor_event_qca(drv, subcmd, data, len);
2922 wpa_printf(MSG_DEBUG, "nl80211: Ignore unsupported vendor event");
2928 static void nl80211_reg_change_event(struct wpa_driver_nl80211_data *drv,
2929 struct nlattr *tb[])
2931 union wpa_event_data data;
2932 enum nl80211_reg_initiator init;
2934 wpa_printf(MSG_DEBUG, "nl80211: Regulatory domain change");
2936 if (tb[NL80211_ATTR_REG_INITIATOR] == NULL)
2939 os_memset(&data, 0, sizeof(data));
2940 init = nla_get_u8(tb[NL80211_ATTR_REG_INITIATOR]);
2941 wpa_printf(MSG_DEBUG, " * initiator=%d", init);
2943 case NL80211_REGDOM_SET_BY_CORE:
2944 data.channel_list_changed.initiator = REGDOM_SET_BY_CORE;
2946 case NL80211_REGDOM_SET_BY_USER:
2947 data.channel_list_changed.initiator = REGDOM_SET_BY_USER;
2949 case NL80211_REGDOM_SET_BY_DRIVER:
2950 data.channel_list_changed.initiator = REGDOM_SET_BY_DRIVER;
2952 case NL80211_REGDOM_SET_BY_COUNTRY_IE:
2953 data.channel_list_changed.initiator = REGDOM_SET_BY_COUNTRY_IE;
2957 if (tb[NL80211_ATTR_REG_TYPE]) {
2958 enum nl80211_reg_type type;
2959 type = nla_get_u8(tb[NL80211_ATTR_REG_TYPE]);
2960 wpa_printf(MSG_DEBUG, " * type=%d", type);
2962 case NL80211_REGDOM_TYPE_COUNTRY:
2963 data.channel_list_changed.type = REGDOM_TYPE_COUNTRY;
2965 case NL80211_REGDOM_TYPE_WORLD:
2966 data.channel_list_changed.type = REGDOM_TYPE_WORLD;
2968 case NL80211_REGDOM_TYPE_CUSTOM_WORLD:
2969 data.channel_list_changed.type =
2970 REGDOM_TYPE_CUSTOM_WORLD;
2972 case NL80211_REGDOM_TYPE_INTERSECTION:
2973 data.channel_list_changed.type =
2974 REGDOM_TYPE_INTERSECTION;
2979 if (tb[NL80211_ATTR_REG_ALPHA2]) {
2980 os_strlcpy(data.channel_list_changed.alpha2,
2981 nla_get_string(tb[NL80211_ATTR_REG_ALPHA2]),
2982 sizeof(data.channel_list_changed.alpha2));
2983 wpa_printf(MSG_DEBUG, " * alpha2=%s",
2984 data.channel_list_changed.alpha2);
2987 wpa_supplicant_event(drv->ctx, EVENT_CHANNEL_LIST_CHANGED, &data);
2991 static void do_process_drv_event(struct i802_bss *bss, int cmd,
2994 struct wpa_driver_nl80211_data *drv = bss->drv;
2995 union wpa_event_data data;
2997 wpa_printf(MSG_DEBUG, "nl80211: Drv Event %d (%s) received for %s",
2998 cmd, nl80211_command_to_string(cmd), bss->ifname);
3000 if (drv->ap_scan_as_station != NL80211_IFTYPE_UNSPECIFIED &&
3001 (cmd == NL80211_CMD_NEW_SCAN_RESULTS ||
3002 cmd == NL80211_CMD_SCAN_ABORTED)) {
3003 wpa_driver_nl80211_set_mode(drv->first_bss,
3004 drv->ap_scan_as_station);
3005 drv->ap_scan_as_station = NL80211_IFTYPE_UNSPECIFIED;
3009 case NL80211_CMD_TRIGGER_SCAN:
3010 wpa_dbg(drv->ctx, MSG_DEBUG, "nl80211: Scan trigger");
3011 drv->scan_state = SCAN_STARTED;
3012 if (drv->scan_for_auth) {
3014 * Cannot indicate EVENT_SCAN_STARTED here since we skip
3015 * EVENT_SCAN_RESULTS in scan_for_auth case and the
3016 * upper layer implementation could get confused about
3019 wpa_printf(MSG_DEBUG, "nl80211: Do not indicate scan-start event due to internal scan_for_auth");
3022 wpa_supplicant_event(drv->ctx, EVENT_SCAN_STARTED, NULL);
3024 case NL80211_CMD_START_SCHED_SCAN:
3025 wpa_dbg(drv->ctx, MSG_DEBUG, "nl80211: Sched scan started");
3026 drv->scan_state = SCHED_SCAN_STARTED;
3028 case NL80211_CMD_SCHED_SCAN_STOPPED:
3029 wpa_dbg(drv->ctx, MSG_DEBUG, "nl80211: Sched scan stopped");
3030 drv->scan_state = SCHED_SCAN_STOPPED;
3031 wpa_supplicant_event(drv->ctx, EVENT_SCHED_SCAN_STOPPED, NULL);
3033 case NL80211_CMD_NEW_SCAN_RESULTS:
3034 wpa_dbg(drv->ctx, MSG_DEBUG,
3035 "nl80211: New scan results available");
3036 drv->scan_state = SCAN_COMPLETED;
3037 drv->scan_complete_events = 1;
3038 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv,
3040 send_scan_event(drv, 0, tb);
3042 case NL80211_CMD_SCHED_SCAN_RESULTS:
3043 wpa_dbg(drv->ctx, MSG_DEBUG,
3044 "nl80211: New sched scan results available");
3045 drv->scan_state = SCHED_SCAN_RESULTS;
3046 send_scan_event(drv, 0, tb);
3048 case NL80211_CMD_SCAN_ABORTED:
3049 wpa_dbg(drv->ctx, MSG_DEBUG, "nl80211: Scan aborted");
3050 drv->scan_state = SCAN_ABORTED;
3052 * Need to indicate that scan results are available in order
3053 * not to make wpa_supplicant stop its scanning.
3055 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv,
3057 send_scan_event(drv, 1, tb);
3059 case NL80211_CMD_AUTHENTICATE:
3060 case NL80211_CMD_ASSOCIATE:
3061 case NL80211_CMD_DEAUTHENTICATE:
3062 case NL80211_CMD_DISASSOCIATE:
3063 case NL80211_CMD_FRAME_TX_STATUS:
3064 case NL80211_CMD_UNPROT_DEAUTHENTICATE:
3065 case NL80211_CMD_UNPROT_DISASSOCIATE:
3066 mlme_event(bss, cmd, tb[NL80211_ATTR_FRAME],
3067 tb[NL80211_ATTR_MAC], tb[NL80211_ATTR_TIMED_OUT],
3068 tb[NL80211_ATTR_WIPHY_FREQ], tb[NL80211_ATTR_ACK],
3069 tb[NL80211_ATTR_COOKIE],
3070 tb[NL80211_ATTR_RX_SIGNAL_DBM]);
3072 case NL80211_CMD_CONNECT:
3073 case NL80211_CMD_ROAM:
3074 mlme_event_connect(drv, cmd,
3075 tb[NL80211_ATTR_STATUS_CODE],
3076 tb[NL80211_ATTR_MAC],
3077 tb[NL80211_ATTR_REQ_IE],
3078 tb[NL80211_ATTR_RESP_IE]);
3080 case NL80211_CMD_CH_SWITCH_NOTIFY:
3081 mlme_event_ch_switch(drv,
3082 tb[NL80211_ATTR_IFINDEX],
3083 tb[NL80211_ATTR_WIPHY_FREQ],
3084 tb[NL80211_ATTR_WIPHY_CHANNEL_TYPE],
3085 tb[NL80211_ATTR_CHANNEL_WIDTH],
3086 tb[NL80211_ATTR_CENTER_FREQ1],
3087 tb[NL80211_ATTR_CENTER_FREQ2]);
3089 case NL80211_CMD_DISCONNECT:
3090 mlme_event_disconnect(drv, tb[NL80211_ATTR_REASON_CODE],
3091 tb[NL80211_ATTR_MAC],
3092 tb[NL80211_ATTR_DISCONNECTED_BY_AP]);
3094 case NL80211_CMD_MICHAEL_MIC_FAILURE:
3095 mlme_event_michael_mic_failure(bss, tb);
3097 case NL80211_CMD_JOIN_IBSS:
3098 mlme_event_join_ibss(drv, tb);
3100 case NL80211_CMD_REMAIN_ON_CHANNEL:
3101 mlme_event_remain_on_channel(drv, 0, tb);
3103 case NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL:
3104 mlme_event_remain_on_channel(drv, 1, tb);
3106 case NL80211_CMD_NOTIFY_CQM:
3107 nl80211_cqm_event(drv, tb);
3109 case NL80211_CMD_REG_CHANGE:
3110 nl80211_reg_change_event(drv, tb);
3112 case NL80211_CMD_REG_BEACON_HINT:
3113 wpa_printf(MSG_DEBUG, "nl80211: Regulatory beacon hint");
3114 os_memset(&data, 0, sizeof(data));
3115 data.channel_list_changed.initiator = REGDOM_BEACON_HINT;
3116 wpa_supplicant_event(drv->ctx, EVENT_CHANNEL_LIST_CHANGED,
3119 case NL80211_CMD_NEW_STATION:
3120 nl80211_new_station_event(drv, tb);
3122 case NL80211_CMD_DEL_STATION:
3123 nl80211_del_station_event(drv, tb);
3125 case NL80211_CMD_SET_REKEY_OFFLOAD:
3126 nl80211_rekey_offload_event(drv, tb);
3128 case NL80211_CMD_PMKSA_CANDIDATE:
3129 nl80211_pmksa_candidate_event(drv, tb);
3131 case NL80211_CMD_PROBE_CLIENT:
3132 nl80211_client_probe_event(drv, tb);
3134 case NL80211_CMD_TDLS_OPER:
3135 nl80211_tdls_oper_event(drv, tb);
3137 case NL80211_CMD_CONN_FAILED:
3138 nl80211_connect_failed_event(drv, tb);
3140 case NL80211_CMD_FT_EVENT:
3141 mlme_event_ft_event(drv, tb);
3143 case NL80211_CMD_RADAR_DETECT:
3144 nl80211_radar_event(drv, tb);
3146 case NL80211_CMD_STOP_AP:
3147 nl80211_stop_ap(drv, tb);
3149 case NL80211_CMD_VENDOR:
3150 nl80211_vendor_event(drv, tb);
3153 wpa_dbg(drv->ctx, MSG_DEBUG, "nl80211: Ignored unknown event "
3160 static int process_drv_event(struct nl_msg *msg, void *arg)
3162 struct wpa_driver_nl80211_data *drv = arg;
3163 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
3164 struct nlattr *tb[NL80211_ATTR_MAX + 1];
3165 struct i802_bss *bss;
3168 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
3169 genlmsg_attrlen(gnlh, 0), NULL);
3171 if (tb[NL80211_ATTR_IFINDEX]) {
3172 ifidx = nla_get_u32(tb[NL80211_ATTR_IFINDEX]);
3174 for (bss = drv->first_bss; bss; bss = bss->next)
3175 if (ifidx == -1 || ifidx == bss->ifindex) {
3176 do_process_drv_event(bss, gnlh->cmd, tb);
3179 wpa_printf(MSG_DEBUG,
3180 "nl80211: Ignored event (cmd=%d) for foreign interface (ifindex %d)",
3182 } else if (tb[NL80211_ATTR_WDEV]) {
3183 u64 wdev_id = nla_get_u64(tb[NL80211_ATTR_WDEV]);
3184 wpa_printf(MSG_DEBUG, "nl80211: Process event on P2P device");
3185 for (bss = drv->first_bss; bss; bss = bss->next) {
3186 if (bss->wdev_id_set && wdev_id == bss->wdev_id) {
3187 do_process_drv_event(bss, gnlh->cmd, tb);
3191 wpa_printf(MSG_DEBUG,
3192 "nl80211: Ignored event (cmd=%d) for foreign interface (wdev 0x%llx)",
3193 gnlh->cmd, (long long unsigned int) wdev_id);
3200 static int process_global_event(struct nl_msg *msg, void *arg)
3202 struct nl80211_global *global = arg;
3203 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
3204 struct nlattr *tb[NL80211_ATTR_MAX + 1];
3205 struct wpa_driver_nl80211_data *drv, *tmp;
3207 struct i802_bss *bss;
3209 int wdev_id_set = 0;
3211 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
3212 genlmsg_attrlen(gnlh, 0), NULL);
3214 if (tb[NL80211_ATTR_IFINDEX])
3215 ifidx = nla_get_u32(tb[NL80211_ATTR_IFINDEX]);
3216 else if (tb[NL80211_ATTR_WDEV]) {
3217 wdev_id = nla_get_u64(tb[NL80211_ATTR_WDEV]);
3221 dl_list_for_each_safe(drv, tmp, &global->interfaces,
3222 struct wpa_driver_nl80211_data, list) {
3223 for (bss = drv->first_bss; bss; bss = bss->next) {
3224 if ((ifidx == -1 && !wdev_id_set) ||
3225 ifidx == bss->ifindex ||
3226 (wdev_id_set && bss->wdev_id_set &&
3227 wdev_id == bss->wdev_id)) {
3228 do_process_drv_event(bss, gnlh->cmd, tb);
3238 static int process_bss_event(struct nl_msg *msg, void *arg)
3240 struct i802_bss *bss = arg;
3241 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
3242 struct nlattr *tb[NL80211_ATTR_MAX + 1];
3244 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
3245 genlmsg_attrlen(gnlh, 0), NULL);
3247 wpa_printf(MSG_DEBUG, "nl80211: BSS Event %d (%s) received for %s",
3248 gnlh->cmd, nl80211_command_to_string(gnlh->cmd),
3251 switch (gnlh->cmd) {
3252 case NL80211_CMD_FRAME:
3253 case NL80211_CMD_FRAME_TX_STATUS:
3254 mlme_event(bss, gnlh->cmd, tb[NL80211_ATTR_FRAME],
3255 tb[NL80211_ATTR_MAC], tb[NL80211_ATTR_TIMED_OUT],
3256 tb[NL80211_ATTR_WIPHY_FREQ], tb[NL80211_ATTR_ACK],
3257 tb[NL80211_ATTR_COOKIE],
3258 tb[NL80211_ATTR_RX_SIGNAL_DBM]);
3260 case NL80211_CMD_UNEXPECTED_FRAME:
3261 nl80211_spurious_frame(bss, tb, 0);
3263 case NL80211_CMD_UNEXPECTED_4ADDR_FRAME:
3264 nl80211_spurious_frame(bss, tb, 1);
3267 wpa_printf(MSG_DEBUG, "nl80211: Ignored unknown event "
3268 "(cmd=%d)", gnlh->cmd);
3276 static void wpa_driver_nl80211_event_receive(int sock, void *eloop_ctx,
3279 struct nl_cb *cb = eloop_ctx;
3282 wpa_printf(MSG_MSGDUMP, "nl80211: Event message available");
3284 res = nl_recvmsgs(handle, cb);
3286 wpa_printf(MSG_INFO, "nl80211: %s->nl_recvmsgs failed: %d",
3293 * wpa_driver_nl80211_set_country - ask nl80211 to set the regulatory domain
3294 * @priv: driver_nl80211 private data
3295 * @alpha2_arg: country to which to switch to
3296 * Returns: 0 on success, -1 on failure
3298 * This asks nl80211 to set the regulatory domain for given
3299 * country ISO / IEC alpha2.
3301 static int wpa_driver_nl80211_set_country(void *priv, const char *alpha2_arg)
3303 struct i802_bss *bss = priv;
3304 struct wpa_driver_nl80211_data *drv = bss->drv;
3308 msg = nlmsg_alloc();
3312 alpha2[0] = alpha2_arg[0];
3313 alpha2[1] = alpha2_arg[1];
3316 nl80211_cmd(drv, msg, 0, NL80211_CMD_REQ_SET_REG);
3318 NLA_PUT_STRING(msg, NL80211_ATTR_REG_ALPHA2, alpha2);
3319 if (send_and_recv_msgs(drv, msg, NULL, NULL))
3328 static int nl80211_get_country(struct nl_msg *msg, void *arg)
3331 struct nlattr *tb_msg[NL80211_ATTR_MAX + 1];
3332 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
3334 nla_parse(tb_msg, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
3335 genlmsg_attrlen(gnlh, 0), NULL);
3336 if (!tb_msg[NL80211_ATTR_REG_ALPHA2]) {
3337 wpa_printf(MSG_DEBUG, "nl80211: No country information available");
3340 os_strlcpy(alpha2, nla_data(tb_msg[NL80211_ATTR_REG_ALPHA2]), 3);
3345 static int wpa_driver_nl80211_get_country(void *priv, char *alpha2)
3347 struct i802_bss *bss = priv;
3348 struct wpa_driver_nl80211_data *drv = bss->drv;
3352 msg = nlmsg_alloc();
3356 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_REG);
3358 ret = send_and_recv_msgs(drv, msg, nl80211_get_country, alpha2);
3366 static int protocol_feature_handler(struct nl_msg *msg, void *arg)
3369 struct nlattr *tb_msg[NL80211_ATTR_MAX + 1];
3370 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
3372 nla_parse(tb_msg, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
3373 genlmsg_attrlen(gnlh, 0), NULL);
3375 if (tb_msg[NL80211_ATTR_PROTOCOL_FEATURES])
3376 *feat = nla_get_u32(tb_msg[NL80211_ATTR_PROTOCOL_FEATURES]);
3382 static u32 get_nl80211_protocol_features(struct wpa_driver_nl80211_data *drv)
3387 msg = nlmsg_alloc();
3389 goto nla_put_failure;
3391 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_PROTOCOL_FEATURES);
3392 if (send_and_recv_msgs(drv, msg, protocol_feature_handler, &feat) == 0)
3402 struct wiphy_info_data {
3403 struct wpa_driver_nl80211_data *drv;
3404 struct wpa_driver_capa *capa;
3406 unsigned int num_multichan_concurrent;
3408 unsigned int error:1;
3409 unsigned int device_ap_sme:1;
3410 unsigned int poll_command_supported:1;
3411 unsigned int data_tx_status:1;
3412 unsigned int monitor_supported:1;
3413 unsigned int auth_supported:1;
3414 unsigned int connect_supported:1;
3415 unsigned int p2p_go_supported:1;
3416 unsigned int p2p_client_supported:1;
3417 unsigned int p2p_concurrent:1;
3418 unsigned int channel_switch_supported:1;
3419 unsigned int set_qos_map_supported:1;
3420 unsigned int have_low_prio_scan:1;
3424 static unsigned int probe_resp_offload_support(int supp_protocols)
3426 unsigned int prot = 0;
3428 if (supp_protocols & NL80211_PROBE_RESP_OFFLOAD_SUPPORT_WPS)
3429 prot |= WPA_DRIVER_PROBE_RESP_OFFLOAD_WPS;
3430 if (supp_protocols & NL80211_PROBE_RESP_OFFLOAD_SUPPORT_WPS2)
3431 prot |= WPA_DRIVER_PROBE_RESP_OFFLOAD_WPS2;
3432 if (supp_protocols & NL80211_PROBE_RESP_OFFLOAD_SUPPORT_P2P)
3433 prot |= WPA_DRIVER_PROBE_RESP_OFFLOAD_P2P;
3434 if (supp_protocols & NL80211_PROBE_RESP_OFFLOAD_SUPPORT_80211U)
3435 prot |= WPA_DRIVER_PROBE_RESP_OFFLOAD_INTERWORKING;
3441 static void wiphy_info_supported_iftypes(struct wiphy_info_data *info,
3444 struct nlattr *nl_mode;
3450 nla_for_each_nested(nl_mode, tb, i) {
3451 switch (nla_type(nl_mode)) {
3452 case NL80211_IFTYPE_AP:
3453 info->capa->flags |= WPA_DRIVER_FLAGS_AP;
3455 case NL80211_IFTYPE_ADHOC:
3456 info->capa->flags |= WPA_DRIVER_FLAGS_IBSS;
3458 case NL80211_IFTYPE_P2P_DEVICE:
3459 info->capa->flags |=
3460 WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE;
3462 case NL80211_IFTYPE_P2P_GO:
3463 info->p2p_go_supported = 1;
3465 case NL80211_IFTYPE_P2P_CLIENT:
3466 info->p2p_client_supported = 1;
3468 case NL80211_IFTYPE_MONITOR:
3469 info->monitor_supported = 1;
3476 static int wiphy_info_iface_comb_process(struct wiphy_info_data *info,
3477 struct nlattr *nl_combi)
3479 struct nlattr *tb_comb[NUM_NL80211_IFACE_COMB];
3480 struct nlattr *tb_limit[NUM_NL80211_IFACE_LIMIT];
3481 struct nlattr *nl_limit, *nl_mode;
3482 int err, rem_limit, rem_mode;
3483 int combination_has_p2p = 0, combination_has_mgd = 0;
3484 static struct nla_policy
3485 iface_combination_policy[NUM_NL80211_IFACE_COMB] = {
3486 [NL80211_IFACE_COMB_LIMITS] = { .type = NLA_NESTED },
3487 [NL80211_IFACE_COMB_MAXNUM] = { .type = NLA_U32 },
3488 [NL80211_IFACE_COMB_STA_AP_BI_MATCH] = { .type = NLA_FLAG },
3489 [NL80211_IFACE_COMB_NUM_CHANNELS] = { .type = NLA_U32 },
3490 [NL80211_IFACE_COMB_RADAR_DETECT_WIDTHS] = { .type = NLA_U32 },
3492 iface_limit_policy[NUM_NL80211_IFACE_LIMIT] = {
3493 [NL80211_IFACE_LIMIT_TYPES] = { .type = NLA_NESTED },
3494 [NL80211_IFACE_LIMIT_MAX] = { .type = NLA_U32 },
3497 err = nla_parse_nested(tb_comb, MAX_NL80211_IFACE_COMB,
3498 nl_combi, iface_combination_policy);
3499 if (err || !tb_comb[NL80211_IFACE_COMB_LIMITS] ||
3500 !tb_comb[NL80211_IFACE_COMB_MAXNUM] ||
3501 !tb_comb[NL80211_IFACE_COMB_NUM_CHANNELS])
3502 return 0; /* broken combination */
3504 if (tb_comb[NL80211_IFACE_COMB_RADAR_DETECT_WIDTHS])
3505 info->capa->flags |= WPA_DRIVER_FLAGS_RADAR;
3507 nla_for_each_nested(nl_limit, tb_comb[NL80211_IFACE_COMB_LIMITS],
3509 err = nla_parse_nested(tb_limit, MAX_NL80211_IFACE_LIMIT,
3510 nl_limit, iface_limit_policy);
3511 if (err || !tb_limit[NL80211_IFACE_LIMIT_TYPES])
3512 return 0; /* broken combination */
3514 nla_for_each_nested(nl_mode,
3515 tb_limit[NL80211_IFACE_LIMIT_TYPES],
3517 int ift = nla_type(nl_mode);
3518 if (ift == NL80211_IFTYPE_P2P_GO ||
3519 ift == NL80211_IFTYPE_P2P_CLIENT)
3520 combination_has_p2p = 1;
3521 if (ift == NL80211_IFTYPE_STATION)
3522 combination_has_mgd = 1;
3524 if (combination_has_p2p && combination_has_mgd)
3528 if (combination_has_p2p && combination_has_mgd) {
3529 unsigned int num_channels =
3530 nla_get_u32(tb_comb[NL80211_IFACE_COMB_NUM_CHANNELS]);
3532 info->p2p_concurrent = 1;
3533 if (info->num_multichan_concurrent < num_channels)
3534 info->num_multichan_concurrent = num_channels;
3541 static void wiphy_info_iface_comb(struct wiphy_info_data *info,
3544 struct nlattr *nl_combi;
3550 nla_for_each_nested(nl_combi, tb, rem_combi) {
3551 if (wiphy_info_iface_comb_process(info, nl_combi) > 0)
3557 static void wiphy_info_supp_cmds(struct wiphy_info_data *info,
3560 struct nlattr *nl_cmd;
3566 nla_for_each_nested(nl_cmd, tb, i) {
3567 switch (nla_get_u32(nl_cmd)) {
3568 case NL80211_CMD_AUTHENTICATE:
3569 info->auth_supported = 1;
3571 case NL80211_CMD_CONNECT:
3572 info->connect_supported = 1;
3574 case NL80211_CMD_START_SCHED_SCAN:
3575 info->capa->sched_scan_supported = 1;
3577 case NL80211_CMD_PROBE_CLIENT:
3578 info->poll_command_supported = 1;
3580 case NL80211_CMD_CHANNEL_SWITCH:
3581 info->channel_switch_supported = 1;
3583 case NL80211_CMD_SET_QOS_MAP:
3584 info->set_qos_map_supported = 1;
3591 static void wiphy_info_cipher_suites(struct wiphy_info_data *info,
3600 num = nla_len(tb) / sizeof(u32);
3601 ciphers = nla_data(tb);
3602 for (i = 0; i < num; i++) {
3605 wpa_printf(MSG_DEBUG, "nl80211: Supported cipher %02x-%02x-%02x:%d",
3606 c >> 24, (c >> 16) & 0xff,
3607 (c >> 8) & 0xff, c & 0xff);
3609 case WLAN_CIPHER_SUITE_CCMP_256:
3610 info->capa->enc |= WPA_DRIVER_CAPA_ENC_CCMP_256;
3612 case WLAN_CIPHER_SUITE_GCMP_256:
3613 info->capa->enc |= WPA_DRIVER_CAPA_ENC_GCMP_256;
3615 case WLAN_CIPHER_SUITE_CCMP:
3616 info->capa->enc |= WPA_DRIVER_CAPA_ENC_CCMP;
3618 case WLAN_CIPHER_SUITE_GCMP:
3619 info->capa->enc |= WPA_DRIVER_CAPA_ENC_GCMP;
3621 case WLAN_CIPHER_SUITE_TKIP:
3622 info->capa->enc |= WPA_DRIVER_CAPA_ENC_TKIP;
3624 case WLAN_CIPHER_SUITE_WEP104:
3625 info->capa->enc |= WPA_DRIVER_CAPA_ENC_WEP104;
3627 case WLAN_CIPHER_SUITE_WEP40:
3628 info->capa->enc |= WPA_DRIVER_CAPA_ENC_WEP40;
3630 case WLAN_CIPHER_SUITE_AES_CMAC:
3631 info->capa->enc |= WPA_DRIVER_CAPA_ENC_BIP;
3633 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
3634 info->capa->enc |= WPA_DRIVER_CAPA_ENC_BIP_GMAC_128;
3636 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
3637 info->capa->enc |= WPA_DRIVER_CAPA_ENC_BIP_GMAC_256;
3639 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
3640 info->capa->enc |= WPA_DRIVER_CAPA_ENC_BIP_CMAC_256;
3642 case WLAN_CIPHER_SUITE_NO_GROUP_ADDR:
3643 info->capa->enc |= WPA_DRIVER_CAPA_ENC_GTK_NOT_USED;
3650 static void wiphy_info_max_roc(struct wpa_driver_capa *capa,
3654 capa->max_remain_on_chan = nla_get_u32(tb);
3658 static void wiphy_info_tdls(struct wpa_driver_capa *capa, struct nlattr *tdls,
3659 struct nlattr *ext_setup)
3664 wpa_printf(MSG_DEBUG, "nl80211: TDLS supported");
3665 capa->flags |= WPA_DRIVER_FLAGS_TDLS_SUPPORT;
3668 wpa_printf(MSG_DEBUG, "nl80211: TDLS external setup");
3669 capa->flags |= WPA_DRIVER_FLAGS_TDLS_EXTERNAL_SETUP;
3674 static void wiphy_info_feature_flags(struct wiphy_info_data *info,
3678 struct wpa_driver_capa *capa = info->capa;
3683 flags = nla_get_u32(tb);
3685 if (flags & NL80211_FEATURE_SK_TX_STATUS)
3686 info->data_tx_status = 1;
3688 if (flags & NL80211_FEATURE_INACTIVITY_TIMER)
3689 capa->flags |= WPA_DRIVER_FLAGS_INACTIVITY_TIMER;
3691 if (flags & NL80211_FEATURE_SAE)
3692 capa->flags |= WPA_DRIVER_FLAGS_SAE;
3694 if (flags & NL80211_FEATURE_NEED_OBSS_SCAN)
3695 capa->flags |= WPA_DRIVER_FLAGS_OBSS_SCAN;
3697 if (flags & NL80211_FEATURE_AP_MODE_CHAN_WIDTH_CHANGE)
3698 capa->flags |= WPA_DRIVER_FLAGS_HT_2040_COEX;
3700 if (flags & NL80211_FEATURE_LOW_PRIORITY_SCAN)
3701 info->have_low_prio_scan = 1;
3705 static void wiphy_info_probe_resp_offload(struct wpa_driver_capa *capa,
3713 protocols = nla_get_u32(tb);
3714 wpa_printf(MSG_DEBUG, "nl80211: Supports Probe Response offload in AP "
3716 capa->flags |= WPA_DRIVER_FLAGS_PROBE_RESP_OFFLOAD;
3717 capa->probe_resp_offloads = probe_resp_offload_support(protocols);
3721 static void wiphy_info_wowlan_triggers(struct wpa_driver_capa *capa,
3724 struct nlattr *triggers[MAX_NL80211_WOWLAN_TRIG + 1];
3729 if (nla_parse_nested(triggers, MAX_NL80211_WOWLAN_TRIG,
3733 if (triggers[NL80211_WOWLAN_TRIG_ANY])
3734 capa->wowlan_triggers.any = 1;
3735 if (triggers[NL80211_WOWLAN_TRIG_DISCONNECT])
3736 capa->wowlan_triggers.disconnect = 1;
3737 if (triggers[NL80211_WOWLAN_TRIG_MAGIC_PKT])
3738 capa->wowlan_triggers.magic_pkt = 1;
3739 if (triggers[NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE])
3740 capa->wowlan_triggers.gtk_rekey_failure = 1;
3741 if (triggers[NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST])
3742 capa->wowlan_triggers.eap_identity_req = 1;
3743 if (triggers[NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE])
3744 capa->wowlan_triggers.four_way_handshake = 1;
3745 if (triggers[NL80211_WOWLAN_TRIG_RFKILL_RELEASE])
3746 capa->wowlan_triggers.rfkill_release = 1;
3750 static int wiphy_info_handler(struct nl_msg *msg, void *arg)
3752 struct nlattr *tb[NL80211_ATTR_MAX + 1];
3753 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
3754 struct wiphy_info_data *info = arg;
3755 struct wpa_driver_capa *capa = info->capa;
3756 struct wpa_driver_nl80211_data *drv = info->drv;
3758 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
3759 genlmsg_attrlen(gnlh, 0), NULL);
3761 if (tb[NL80211_ATTR_WIPHY_NAME])
3762 os_strlcpy(drv->phyname,
3763 nla_get_string(tb[NL80211_ATTR_WIPHY_NAME]),
3764 sizeof(drv->phyname));
3765 if (tb[NL80211_ATTR_MAX_NUM_SCAN_SSIDS])
3766 capa->max_scan_ssids =
3767 nla_get_u8(tb[NL80211_ATTR_MAX_NUM_SCAN_SSIDS]);
3769 if (tb[NL80211_ATTR_MAX_NUM_SCHED_SCAN_SSIDS])
3770 capa->max_sched_scan_ssids =
3771 nla_get_u8(tb[NL80211_ATTR_MAX_NUM_SCHED_SCAN_SSIDS]);
3773 if (tb[NL80211_ATTR_MAX_MATCH_SETS])
3774 capa->max_match_sets =
3775 nla_get_u8(tb[NL80211_ATTR_MAX_MATCH_SETS]);
3777 if (tb[NL80211_ATTR_MAC_ACL_MAX])
3778 capa->max_acl_mac_addrs =
3779 nla_get_u8(tb[NL80211_ATTR_MAC_ACL_MAX]);
3781 wiphy_info_supported_iftypes(info, tb[NL80211_ATTR_SUPPORTED_IFTYPES]);
3782 wiphy_info_iface_comb(info, tb[NL80211_ATTR_INTERFACE_COMBINATIONS]);
3783 wiphy_info_supp_cmds(info, tb[NL80211_ATTR_SUPPORTED_COMMANDS]);
3784 wiphy_info_cipher_suites(info, tb[NL80211_ATTR_CIPHER_SUITES]);
3786 if (tb[NL80211_ATTR_OFFCHANNEL_TX_OK]) {
3787 wpa_printf(MSG_DEBUG, "nl80211: Using driver-based "
3789 capa->flags |= WPA_DRIVER_FLAGS_OFFCHANNEL_TX;
3792 if (tb[NL80211_ATTR_ROAM_SUPPORT]) {
3793 wpa_printf(MSG_DEBUG, "nl80211: Using driver-based roaming");
3794 capa->flags |= WPA_DRIVER_FLAGS_BSS_SELECTION;
3797 wiphy_info_max_roc(capa,
3798 tb[NL80211_ATTR_MAX_REMAIN_ON_CHANNEL_DURATION]);
3800 if (tb[NL80211_ATTR_SUPPORT_AP_UAPSD])
3801 capa->flags |= WPA_DRIVER_FLAGS_AP_UAPSD;
3803 wiphy_info_tdls(capa, tb[NL80211_ATTR_TDLS_SUPPORT],
3804 tb[NL80211_ATTR_TDLS_EXTERNAL_SETUP]);
3806 if (tb[NL80211_ATTR_DEVICE_AP_SME])
3807 info->device_ap_sme = 1;
3809 wiphy_info_feature_flags(info, tb[NL80211_ATTR_FEATURE_FLAGS]);
3810 wiphy_info_probe_resp_offload(capa,
3811 tb[NL80211_ATTR_PROBE_RESP_OFFLOAD]);
3813 if (tb[NL80211_ATTR_EXT_CAPA] && tb[NL80211_ATTR_EXT_CAPA_MASK] &&
3814 drv->extended_capa == NULL) {
3815 drv->extended_capa =
3816 os_malloc(nla_len(tb[NL80211_ATTR_EXT_CAPA]));
3817 if (drv->extended_capa) {
3818 os_memcpy(drv->extended_capa,
3819 nla_data(tb[NL80211_ATTR_EXT_CAPA]),
3820 nla_len(tb[NL80211_ATTR_EXT_CAPA]));
3821 drv->extended_capa_len =
3822 nla_len(tb[NL80211_ATTR_EXT_CAPA]);
3824 drv->extended_capa_mask =
3825 os_malloc(nla_len(tb[NL80211_ATTR_EXT_CAPA]));
3826 if (drv->extended_capa_mask) {
3827 os_memcpy(drv->extended_capa_mask,
3828 nla_data(tb[NL80211_ATTR_EXT_CAPA]),
3829 nla_len(tb[NL80211_ATTR_EXT_CAPA]));
3831 os_free(drv->extended_capa);
3832 drv->extended_capa = NULL;
3833 drv->extended_capa_len = 0;
3837 if (tb[NL80211_ATTR_VENDOR_DATA]) {
3841 nla_for_each_nested(nl, tb[NL80211_ATTR_VENDOR_DATA], rem) {
3842 struct nl80211_vendor_cmd_info *vinfo;
3843 if (nla_len(nl) != sizeof(*vinfo)) {
3844 wpa_printf(MSG_DEBUG, "nl80211: Unexpected vendor data info");
3847 vinfo = nla_data(nl);
3848 if (vinfo->subcmd ==
3849 QCA_NL80211_VENDOR_SUBCMD_DFS_CAPABILITY)
3850 drv->dfs_vendor_cmd_avail = 1;
3852 wpa_printf(MSG_DEBUG, "nl80211: Supported vendor command: vendor_id=0x%x subcmd=%u",
3853 vinfo->vendor_id, vinfo->subcmd);
3857 if (tb[NL80211_ATTR_VENDOR_EVENTS]) {
3861 nla_for_each_nested(nl, tb[NL80211_ATTR_VENDOR_EVENTS], rem) {
3862 struct nl80211_vendor_cmd_info *vinfo;
3863 if (nla_len(nl) != sizeof(*vinfo)) {
3864 wpa_printf(MSG_DEBUG, "nl80211: Unexpected vendor data info");
3867 vinfo = nla_data(nl);
3868 wpa_printf(MSG_DEBUG, "nl80211: Supported vendor event: vendor_id=0x%x subcmd=%u",
3869 vinfo->vendor_id, vinfo->subcmd);
3873 wiphy_info_wowlan_triggers(capa,
3874 tb[NL80211_ATTR_WOWLAN_TRIGGERS_SUPPORTED]);
3876 if (tb[NL80211_ATTR_MAX_AP_ASSOC_STA])
3877 capa->max_stations =
3878 nla_get_u32(tb[NL80211_ATTR_MAX_AP_ASSOC_STA]);
3884 static int wpa_driver_nl80211_get_info(struct wpa_driver_nl80211_data *drv,
3885 struct wiphy_info_data *info)
3890 os_memset(info, 0, sizeof(*info));
3891 info->capa = &drv->capa;
3894 msg = nlmsg_alloc();
3898 feat = get_nl80211_protocol_features(drv);
3899 if (feat & NL80211_PROTOCOL_FEATURE_SPLIT_WIPHY_DUMP)
3900 nl80211_cmd(drv, msg, NLM_F_DUMP, NL80211_CMD_GET_WIPHY);
3902 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_WIPHY);
3904 NLA_PUT_FLAG(msg, NL80211_ATTR_SPLIT_WIPHY_DUMP);
3905 if (nl80211_set_iface_id(msg, drv->first_bss) < 0)
3906 goto nla_put_failure;
3908 if (send_and_recv_msgs(drv, msg, wiphy_info_handler, info))
3911 if (info->auth_supported)
3912 drv->capa.flags |= WPA_DRIVER_FLAGS_SME;
3913 else if (!info->connect_supported) {
3914 wpa_printf(MSG_INFO, "nl80211: Driver does not support "
3915 "authentication/association or connect commands");
3919 if (info->p2p_go_supported && info->p2p_client_supported)
3920 drv->capa.flags |= WPA_DRIVER_FLAGS_P2P_CAPABLE;
3921 if (info->p2p_concurrent) {
3922 wpa_printf(MSG_DEBUG, "nl80211: Use separate P2P group "
3923 "interface (driver advertised support)");
3924 drv->capa.flags |= WPA_DRIVER_FLAGS_P2P_CONCURRENT;
3925 drv->capa.flags |= WPA_DRIVER_FLAGS_P2P_MGMT_AND_NON_P2P;
3927 if (info->num_multichan_concurrent > 1) {
3928 wpa_printf(MSG_DEBUG, "nl80211: Enable multi-channel "
3929 "concurrent (driver advertised support)");
3930 drv->capa.num_multichan_concurrent =
3931 info->num_multichan_concurrent;
3934 /* default to 5000 since early versions of mac80211 don't set it */
3935 if (!drv->capa.max_remain_on_chan)
3936 drv->capa.max_remain_on_chan = 5000;
3938 if (info->channel_switch_supported)
3939 drv->capa.flags |= WPA_DRIVER_FLAGS_AP_CSA;
3948 static int wpa_driver_nl80211_capa(struct wpa_driver_nl80211_data *drv)
3950 struct wiphy_info_data info;
3951 if (wpa_driver_nl80211_get_info(drv, &info))
3957 drv->has_capability = 1;
3958 drv->capa.key_mgmt = WPA_DRIVER_CAPA_KEY_MGMT_WPA |
3959 WPA_DRIVER_CAPA_KEY_MGMT_WPA_PSK |
3960 WPA_DRIVER_CAPA_KEY_MGMT_WPA2 |
3961 WPA_DRIVER_CAPA_KEY_MGMT_WPA2_PSK;
3962 drv->capa.auth = WPA_DRIVER_AUTH_OPEN |
3963 WPA_DRIVER_AUTH_SHARED |
3964 WPA_DRIVER_AUTH_LEAP;
3966 drv->capa.flags |= WPA_DRIVER_FLAGS_SANE_ERROR_CODES;
3967 drv->capa.flags |= WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC_DONE;
3968 drv->capa.flags |= WPA_DRIVER_FLAGS_EAPOL_TX_STATUS;
3971 * As all cfg80211 drivers must support cases where the AP interface is
3972 * removed without the knowledge of wpa_supplicant/hostapd, e.g., in
3973 * case that the user space daemon has crashed, they must be able to
3974 * cleanup all stations and key entries in the AP tear down flow. Thus,
3975 * this flag can/should always be set for cfg80211 drivers.
3977 drv->capa.flags |= WPA_DRIVER_FLAGS_AP_TEARDOWN_SUPPORT;
3979 if (!info.device_ap_sme) {
3980 drv->capa.flags |= WPA_DRIVER_FLAGS_DEAUTH_TX_STATUS;
3983 * No AP SME is currently assumed to also indicate no AP MLME
3984 * in the driver/firmware.
3986 drv->capa.flags |= WPA_DRIVER_FLAGS_AP_MLME;
3989 drv->device_ap_sme = info.device_ap_sme;
3990 drv->poll_command_supported = info.poll_command_supported;
3991 drv->data_tx_status = info.data_tx_status;
3992 if (info.set_qos_map_supported)
3993 drv->capa.flags |= WPA_DRIVER_FLAGS_QOS_MAPPING;
3994 drv->have_low_prio_scan = info.have_low_prio_scan;
3997 * If poll command and tx status are supported, mac80211 is new enough
3998 * to have everything we need to not need monitor interfaces.
4000 drv->use_monitor = !info.poll_command_supported || !info.data_tx_status;
4002 if (drv->device_ap_sme && drv->use_monitor) {
4004 * Non-mac80211 drivers may not support monitor interface.
4005 * Make sure we do not get stuck with incorrect capability here
4006 * by explicitly testing this.
4008 if (!info.monitor_supported) {
4009 wpa_printf(MSG_DEBUG, "nl80211: Disable use_monitor "
4010 "with device_ap_sme since no monitor mode "
4011 "support detected");
4012 drv->use_monitor = 0;
4017 * If we aren't going to use monitor interfaces, but the
4018 * driver doesn't support data TX status, we won't get TX
4019 * status for EAPOL frames.
4021 if (!drv->use_monitor && !info.data_tx_status)
4022 drv->capa.flags &= ~WPA_DRIVER_FLAGS_EAPOL_TX_STATUS;
4029 static int android_genl_ctrl_resolve(struct nl_handle *handle,
4033 * Android ICS has very minimal genl_ctrl_resolve() implementation, so
4034 * need to work around that.
4036 struct nl_cache *cache = NULL;
4037 struct genl_family *nl80211 = NULL;
4040 if (genl_ctrl_alloc_cache(handle, &cache) < 0) {
4041 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate generic "
4046 nl80211 = genl_ctrl_search_by_name(cache, name);
4047 if (nl80211 == NULL)
4050 id = genl_family_get_id(nl80211);
4054 genl_family_put(nl80211);
4056 nl_cache_free(cache);
4060 #define genl_ctrl_resolve android_genl_ctrl_resolve
4061 #endif /* ANDROID */
4064 static int wpa_driver_nl80211_init_nl_global(struct nl80211_global *global)
4068 global->nl_cb = nl_cb_alloc(NL_CB_DEFAULT);
4069 if (global->nl_cb == NULL) {
4070 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate netlink "
4075 global->nl = nl_create_handle(global->nl_cb, "nl");
4076 if (global->nl == NULL)
4079 global->nl80211_id = genl_ctrl_resolve(global->nl, "nl80211");
4080 if (global->nl80211_id < 0) {
4081 wpa_printf(MSG_ERROR, "nl80211: 'nl80211' generic netlink not "
4086 global->nl_event = nl_create_handle(global->nl_cb, "event");
4087 if (global->nl_event == NULL)
4090 ret = nl_get_multicast_id(global, "nl80211", "scan");
4092 ret = nl_socket_add_membership(global->nl_event, ret);
4094 wpa_printf(MSG_ERROR, "nl80211: Could not add multicast "
4095 "membership for scan events: %d (%s)",
4096 ret, strerror(-ret));
4100 ret = nl_get_multicast_id(global, "nl80211", "mlme");
4102 ret = nl_socket_add_membership(global->nl_event, ret);
4104 wpa_printf(MSG_ERROR, "nl80211: Could not add multicast "
4105 "membership for mlme events: %d (%s)",
4106 ret, strerror(-ret));
4110 ret = nl_get_multicast_id(global, "nl80211", "regulatory");
4112 ret = nl_socket_add_membership(global->nl_event, ret);
4114 wpa_printf(MSG_DEBUG, "nl80211: Could not add multicast "
4115 "membership for regulatory events: %d (%s)",
4116 ret, strerror(-ret));
4117 /* Continue without regulatory events */
4120 ret = nl_get_multicast_id(global, "nl80211", "vendor");
4122 ret = nl_socket_add_membership(global->nl_event, ret);
4124 wpa_printf(MSG_DEBUG, "nl80211: Could not add multicast "
4125 "membership for vendor events: %d (%s)",
4126 ret, strerror(-ret));
4127 /* Continue without vendor events */
4130 nl_cb_set(global->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM,
4131 no_seq_check, NULL);
4132 nl_cb_set(global->nl_cb, NL_CB_VALID, NL_CB_CUSTOM,
4133 process_global_event, global);
4135 nl80211_register_eloop_read(&global->nl_event,
4136 wpa_driver_nl80211_event_receive,
4142 nl_destroy_handles(&global->nl_event);
4143 nl_destroy_handles(&global->nl);
4144 nl_cb_put(global->nl_cb);
4145 global->nl_cb = NULL;
4150 static int wpa_driver_nl80211_init_nl(struct wpa_driver_nl80211_data *drv)
4152 drv->nl_cb = nl_cb_alloc(NL_CB_DEFAULT);
4154 wpa_printf(MSG_ERROR, "nl80211: Failed to alloc cb struct");
4158 nl_cb_set(drv->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM,
4159 no_seq_check, NULL);
4160 nl_cb_set(drv->nl_cb, NL_CB_VALID, NL_CB_CUSTOM,
4161 process_drv_event, drv);
4167 static void wpa_driver_nl80211_rfkill_blocked(void *ctx)
4169 wpa_printf(MSG_DEBUG, "nl80211: RFKILL blocked");
4171 * This may be for any interface; use ifdown event to disable
4177 static void wpa_driver_nl80211_rfkill_unblocked(void *ctx)
4179 struct wpa_driver_nl80211_data *drv = ctx;
4180 wpa_printf(MSG_DEBUG, "nl80211: RFKILL unblocked");
4181 if (i802_set_iface_flags(drv->first_bss, 1)) {
4182 wpa_printf(MSG_DEBUG, "nl80211: Could not set interface UP "
4183 "after rfkill unblock");
4186 /* rtnetlink ifup handler will report interface as enabled */
4190 static void wpa_driver_nl80211_handle_eapol_tx_status(int sock,
4194 struct wpa_driver_nl80211_data *drv = eloop_ctx;
4199 struct cmsghdr *cmsg;
4200 int res, found_ee = 0, found_wifi = 0, acked = 0;
4201 union wpa_event_data event;
4203 memset(&msg, 0, sizeof(msg));
4204 msg.msg_iov = &entry;
4206 entry.iov_base = data;
4207 entry.iov_len = sizeof(data);
4208 msg.msg_control = &control;
4209 msg.msg_controllen = sizeof(control);
4211 res = recvmsg(sock, &msg, MSG_ERRQUEUE);
4212 /* if error or not fitting 802.3 header, return */
4216 for (cmsg = CMSG_FIRSTHDR(&msg); cmsg; cmsg = CMSG_NXTHDR(&msg, cmsg))
4218 if (cmsg->cmsg_level == SOL_SOCKET &&
4219 cmsg->cmsg_type == SCM_WIFI_STATUS) {
4223 ack = (void *)CMSG_DATA(cmsg);
4227 if (cmsg->cmsg_level == SOL_PACKET &&
4228 cmsg->cmsg_type == PACKET_TX_TIMESTAMP) {
4229 struct sock_extended_err *err =
4230 (struct sock_extended_err *)CMSG_DATA(cmsg);
4232 if (err->ee_origin == SO_EE_ORIGIN_TXSTATUS)
4237 if (!found_ee || !found_wifi)
4240 memset(&event, 0, sizeof(event));
4241 event.eapol_tx_status.dst = data;
4242 event.eapol_tx_status.data = data + 14;
4243 event.eapol_tx_status.data_len = res - 14;
4244 event.eapol_tx_status.ack = acked;
4245 wpa_supplicant_event(drv->ctx, EVENT_EAPOL_TX_STATUS, &event);
4249 static int nl80211_init_bss(struct i802_bss *bss)
4251 bss->nl_cb = nl_cb_alloc(NL_CB_DEFAULT);
4255 nl_cb_set(bss->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM,
4256 no_seq_check, NULL);
4257 nl_cb_set(bss->nl_cb, NL_CB_VALID, NL_CB_CUSTOM,
4258 process_bss_event, bss);
4264 static void nl80211_destroy_bss(struct i802_bss *bss)
4266 nl_cb_put(bss->nl_cb);
4271 static void * wpa_driver_nl80211_drv_init(void *ctx, const char *ifname,
4272 void *global_priv, int hostapd,
4275 struct wpa_driver_nl80211_data *drv;
4276 struct rfkill_config *rcfg;
4277 struct i802_bss *bss;
4279 if (global_priv == NULL)
4281 drv = os_zalloc(sizeof(*drv));
4284 drv->global = global_priv;
4286 drv->hostapd = !!hostapd;
4287 drv->eapol_sock = -1;
4288 drv->num_if_indices = sizeof(drv->default_if_indices) / sizeof(int);
4289 drv->if_indices = drv->default_if_indices;
4291 drv->first_bss = os_zalloc(sizeof(*drv->first_bss));
4292 if (!drv->first_bss) {
4296 bss = drv->first_bss;
4300 os_strlcpy(bss->ifname, ifname, sizeof(bss->ifname));
4301 drv->monitor_ifidx = -1;
4302 drv->monitor_sock = -1;
4303 drv->eapol_tx_sock = -1;
4304 drv->ap_scan_as_station = NL80211_IFTYPE_UNSPECIFIED;
4306 if (wpa_driver_nl80211_init_nl(drv)) {
4311 if (nl80211_init_bss(bss))
4314 rcfg = os_zalloc(sizeof(*rcfg));
4318 os_strlcpy(rcfg->ifname, ifname, sizeof(rcfg->ifname));
4319 rcfg->blocked_cb = wpa_driver_nl80211_rfkill_blocked;
4320 rcfg->unblocked_cb = wpa_driver_nl80211_rfkill_unblocked;
4321 drv->rfkill = rfkill_init(rcfg);
4322 if (drv->rfkill == NULL) {
4323 wpa_printf(MSG_DEBUG, "nl80211: RFKILL status not available");
4327 if (linux_iface_up(drv->global->ioctl_sock, ifname) > 0)
4328 drv->start_iface_up = 1;
4330 if (wpa_driver_nl80211_finish_drv_init(drv, set_addr, 1))
4333 drv->eapol_tx_sock = socket(PF_PACKET, SOCK_DGRAM, 0);
4334 if (drv->eapol_tx_sock < 0)
4337 if (drv->data_tx_status) {
4340 if (setsockopt(drv->eapol_tx_sock, SOL_SOCKET, SO_WIFI_STATUS,
4341 &enabled, sizeof(enabled)) < 0) {
4342 wpa_printf(MSG_DEBUG,
4343 "nl80211: wifi status sockopt failed\n");
4344 drv->data_tx_status = 0;
4345 if (!drv->use_monitor)
4347 ~WPA_DRIVER_FLAGS_EAPOL_TX_STATUS;
4349 eloop_register_read_sock(drv->eapol_tx_sock,
4350 wpa_driver_nl80211_handle_eapol_tx_status,
4356 dl_list_add(&drv->global->interfaces, &drv->list);
4357 drv->in_interface_list = 1;
4363 wpa_driver_nl80211_deinit(bss);
4369 * wpa_driver_nl80211_init - Initialize nl80211 driver interface
4370 * @ctx: context to be used when calling wpa_supplicant functions,
4371 * e.g., wpa_supplicant_event()
4372 * @ifname: interface name, e.g., wlan0
4373 * @global_priv: private driver global data from global_init()
4374 * Returns: Pointer to private data, %NULL on failure
4376 static void * wpa_driver_nl80211_init(void *ctx, const char *ifname,
4379 return wpa_driver_nl80211_drv_init(ctx, ifname, global_priv, 0, NULL);
4383 static int nl80211_register_frame(struct i802_bss *bss,
4384 struct nl_handle *nl_handle,
4385 u16 type, const u8 *match, size_t match_len)
4387 struct wpa_driver_nl80211_data *drv = bss->drv;
4392 msg = nlmsg_alloc();
4397 wpa_snprintf_hex(buf, sizeof(buf), match, match_len);
4398 wpa_printf(MSG_DEBUG, "nl80211: Register frame type=0x%x (%s) nl_handle=%p match=%s",
4399 type, fc2str(type), nl_handle, buf);
4401 nl80211_cmd(drv, msg, 0, NL80211_CMD_REGISTER_ACTION);
4403 if (nl80211_set_iface_id(msg, bss) < 0)
4404 goto nla_put_failure;
4406 NLA_PUT_U16(msg, NL80211_ATTR_FRAME_TYPE, type);
4407 NLA_PUT(msg, NL80211_ATTR_FRAME_MATCH, match_len, match);
4409 ret = send_and_recv(drv->global, nl_handle, msg, NULL, NULL);
4412 wpa_printf(MSG_DEBUG, "nl80211: Register frame command "
4413 "failed (type=%u): ret=%d (%s)",
4414 type, ret, strerror(-ret));
4415 wpa_hexdump(MSG_DEBUG, "nl80211: Register frame match",
4417 goto nla_put_failure;
4426 static int nl80211_alloc_mgmt_handle(struct i802_bss *bss)
4428 struct wpa_driver_nl80211_data *drv = bss->drv;
4431 wpa_printf(MSG_DEBUG, "nl80211: Mgmt reporting "
4432 "already on! (nl_mgmt=%p)", bss->nl_mgmt);
4436 bss->nl_mgmt = nl_create_handle(drv->nl_cb, "mgmt");
4437 if (bss->nl_mgmt == NULL)
4444 static void nl80211_mgmt_handle_register_eloop(struct i802_bss *bss)
4446 nl80211_register_eloop_read(&bss->nl_mgmt,
4447 wpa_driver_nl80211_event_receive,
4452 static int nl80211_register_action_frame(struct i802_bss *bss,
4453 const u8 *match, size_t match_len)
4455 u16 type = (WLAN_FC_TYPE_MGMT << 2) | (WLAN_FC_STYPE_ACTION << 4);
4456 return nl80211_register_frame(bss, bss->nl_mgmt,
4457 type, match, match_len);
4461 static int nl80211_mgmt_subscribe_non_ap(struct i802_bss *bss)
4463 struct wpa_driver_nl80211_data *drv = bss->drv;
4466 if (nl80211_alloc_mgmt_handle(bss))
4468 wpa_printf(MSG_DEBUG, "nl80211: Subscribe to mgmt frames with non-AP "
4469 "handle %p", bss->nl_mgmt);
4471 if (drv->nlmode == NL80211_IFTYPE_ADHOC) {
4472 u16 type = (WLAN_FC_TYPE_MGMT << 2) | (WLAN_FC_STYPE_AUTH << 4);
4474 /* register for any AUTH message */
4475 nl80211_register_frame(bss, bss->nl_mgmt, type, NULL, 0);
4478 #ifdef CONFIG_INTERWORKING
4479 /* QoS Map Configure */
4480 if (nl80211_register_action_frame(bss, (u8 *) "\x01\x04", 2) < 0)
4482 #endif /* CONFIG_INTERWORKING */
4483 #if defined(CONFIG_P2P) || defined(CONFIG_INTERWORKING)
4484 /* GAS Initial Request */
4485 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0a", 2) < 0)
4487 /* GAS Initial Response */
4488 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0b", 2) < 0)
4490 /* GAS Comeback Request */
4491 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0c", 2) < 0)
4493 /* GAS Comeback Response */
4494 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0d", 2) < 0)
4496 /* Protected GAS Initial Request */
4497 if (nl80211_register_action_frame(bss, (u8 *) "\x09\x0a", 2) < 0)
4499 /* Protected GAS Initial Response */
4500 if (nl80211_register_action_frame(bss, (u8 *) "\x09\x0b", 2) < 0)
4502 /* Protected GAS Comeback Request */
4503 if (nl80211_register_action_frame(bss, (u8 *) "\x09\x0c", 2) < 0)
4505 /* Protected GAS Comeback Response */
4506 if (nl80211_register_action_frame(bss, (u8 *) "\x09\x0d", 2) < 0)
4508 #endif /* CONFIG_P2P || CONFIG_INTERWORKING */
4510 /* P2P Public Action */
4511 if (nl80211_register_action_frame(bss,
4512 (u8 *) "\x04\x09\x50\x6f\x9a\x09",
4516 if (nl80211_register_action_frame(bss,
4517 (u8 *) "\x7f\x50\x6f\x9a\x09",
4520 #endif /* CONFIG_P2P */
4521 #ifdef CONFIG_IEEE80211W
4522 /* SA Query Response */
4523 if (nl80211_register_action_frame(bss, (u8 *) "\x08\x01", 2) < 0)
4525 #endif /* CONFIG_IEEE80211W */
4527 if ((drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT)) {
4528 /* TDLS Discovery Response */
4529 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0e", 2) <
4533 #endif /* CONFIG_TDLS */
4535 /* FT Action frames */
4536 if (nl80211_register_action_frame(bss, (u8 *) "\x06", 1) < 0)
4539 drv->capa.key_mgmt |= WPA_DRIVER_CAPA_KEY_MGMT_FT |
4540 WPA_DRIVER_CAPA_KEY_MGMT_FT_PSK;
4542 /* WNM - BSS Transition Management Request */
4543 if (nl80211_register_action_frame(bss, (u8 *) "\x0a\x07", 2) < 0)
4545 /* WNM-Sleep Mode Response */
4546 if (nl80211_register_action_frame(bss, (u8 *) "\x0a\x11", 2) < 0)
4550 /* WNM-Notification */
4551 if (nl80211_register_action_frame(bss, (u8 *) "\x0a\x1a", 2) < 0)
4553 #endif /* CONFIG_HS20 */
4555 nl80211_mgmt_handle_register_eloop(bss);
4561 static int nl80211_register_spurious_class3(struct i802_bss *bss)
4563 struct wpa_driver_nl80211_data *drv = bss->drv;
4567 msg = nlmsg_alloc();
4571 nl80211_cmd(drv, msg, 0, NL80211_CMD_UNEXPECTED_FRAME);
4573 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, bss->ifindex);
4575 ret = send_and_recv(drv->global, bss->nl_mgmt, msg, NULL, NULL);
4578 wpa_printf(MSG_DEBUG, "nl80211: Register spurious class3 "
4579 "failed: ret=%d (%s)",
4580 ret, strerror(-ret));
4581 goto nla_put_failure;
4590 static int nl80211_mgmt_subscribe_ap(struct i802_bss *bss)
4592 static const int stypes[] = {
4594 WLAN_FC_STYPE_ASSOC_REQ,
4595 WLAN_FC_STYPE_REASSOC_REQ,
4596 WLAN_FC_STYPE_DISASSOC,
4597 WLAN_FC_STYPE_DEAUTH,
4598 WLAN_FC_STYPE_ACTION,
4599 WLAN_FC_STYPE_PROBE_REQ,
4600 /* Beacon doesn't work as mac80211 doesn't currently allow
4601 * it, but it wouldn't really be the right thing anyway as
4602 * it isn't per interface ... maybe just dump the scan
4603 * results periodically for OLBC?
4605 /* WLAN_FC_STYPE_BEACON, */
4609 if (nl80211_alloc_mgmt_handle(bss))
4611 wpa_printf(MSG_DEBUG, "nl80211: Subscribe to mgmt frames with AP "
4612 "handle %p", bss->nl_mgmt);
4614 for (i = 0; i < ARRAY_SIZE(stypes); i++) {
4615 if (nl80211_register_frame(bss, bss->nl_mgmt,
4616 (WLAN_FC_TYPE_MGMT << 2) |
4623 if (nl80211_register_spurious_class3(bss))
4626 if (nl80211_get_wiphy_data_ap(bss) == NULL)
4629 nl80211_mgmt_handle_register_eloop(bss);
4633 nl_destroy_handles(&bss->nl_mgmt);
4638 static int nl80211_mgmt_subscribe_ap_dev_sme(struct i802_bss *bss)
4640 if (nl80211_alloc_mgmt_handle(bss))
4642 wpa_printf(MSG_DEBUG, "nl80211: Subscribe to mgmt frames with AP "
4643 "handle %p (device SME)", bss->nl_mgmt);
4645 if (nl80211_register_frame(bss, bss->nl_mgmt,
4646 (WLAN_FC_TYPE_MGMT << 2) |
4647 (WLAN_FC_STYPE_ACTION << 4),
4651 nl80211_mgmt_handle_register_eloop(bss);
4655 nl_destroy_handles(&bss->nl_mgmt);
4660 static void nl80211_mgmt_unsubscribe(struct i802_bss *bss, const char *reason)
4662 if (bss->nl_mgmt == NULL)
4664 wpa_printf(MSG_DEBUG, "nl80211: Unsubscribe mgmt frames handle %p "
4665 "(%s)", bss->nl_mgmt, reason);
4666 nl80211_destroy_eloop_handle(&bss->nl_mgmt);
4668 nl80211_put_wiphy_data_ap(bss);
4672 static void wpa_driver_nl80211_send_rfkill(void *eloop_ctx, void *timeout_ctx)
4674 wpa_supplicant_event(timeout_ctx, EVENT_INTERFACE_DISABLED, NULL);
4678 static void nl80211_del_p2pdev(struct i802_bss *bss)
4680 struct wpa_driver_nl80211_data *drv = bss->drv;
4684 msg = nlmsg_alloc();
4688 nl80211_cmd(drv, msg, 0, NL80211_CMD_DEL_INTERFACE);
4689 NLA_PUT_U64(msg, NL80211_ATTR_WDEV, bss->wdev_id);
4691 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
4694 wpa_printf(MSG_DEBUG, "nl80211: Delete P2P Device %s (0x%llx): %s",
4695 bss->ifname, (long long unsigned int) bss->wdev_id,
4703 static int nl80211_set_p2pdev(struct i802_bss *bss, int start)
4705 struct wpa_driver_nl80211_data *drv = bss->drv;
4709 msg = nlmsg_alloc();
4714 nl80211_cmd(drv, msg, 0, NL80211_CMD_START_P2P_DEVICE);
4716 nl80211_cmd(drv, msg, 0, NL80211_CMD_STOP_P2P_DEVICE);
4718 NLA_PUT_U64(msg, NL80211_ATTR_WDEV, bss->wdev_id);
4720 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
4723 wpa_printf(MSG_DEBUG, "nl80211: %s P2P Device %s (0x%llx): %s",
4724 start ? "Start" : "Stop",
4725 bss->ifname, (long long unsigned int) bss->wdev_id,
4734 static int i802_set_iface_flags(struct i802_bss *bss, int up)
4736 enum nl80211_iftype nlmode;
4738 nlmode = nl80211_get_ifmode(bss);
4739 if (nlmode != NL80211_IFTYPE_P2P_DEVICE) {
4740 return linux_set_iface_flags(bss->drv->global->ioctl_sock,
4744 /* P2P Device has start/stop which is equivalent */
4745 return nl80211_set_p2pdev(bss, up);
4750 wpa_driver_nl80211_finish_drv_init(struct wpa_driver_nl80211_data *drv,
4751 const u8 *set_addr, int first)
4753 struct i802_bss *bss = drv->first_bss;
4754 int send_rfkill_event = 0;
4755 enum nl80211_iftype nlmode;
4757 drv->ifindex = if_nametoindex(bss->ifname);
4758 bss->ifindex = drv->ifindex;
4759 bss->wdev_id = drv->global->if_add_wdevid;
4760 bss->wdev_id_set = drv->global->if_add_wdevid_set;
4762 bss->if_dynamic = drv->ifindex == drv->global->if_add_ifindex;
4763 bss->if_dynamic = bss->if_dynamic || drv->global->if_add_wdevid_set;
4764 drv->global->if_add_wdevid_set = 0;
4766 if (wpa_driver_nl80211_capa(drv))
4769 wpa_printf(MSG_DEBUG, "nl80211: interface %s in phy %s",
4770 bss->ifname, drv->phyname);
4773 (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 0) ||
4774 linux_set_ifhwaddr(drv->global->ioctl_sock, bss->ifname,
4778 if (first && nl80211_get_ifmode(bss) == NL80211_IFTYPE_AP)
4779 drv->start_mode_ap = 1;
4782 nlmode = NL80211_IFTYPE_AP;
4783 else if (bss->if_dynamic)
4784 nlmode = nl80211_get_ifmode(bss);
4786 nlmode = NL80211_IFTYPE_STATION;
4788 if (wpa_driver_nl80211_set_mode(bss, nlmode) < 0) {
4789 wpa_printf(MSG_ERROR, "nl80211: Could not configure driver mode");
4793 if (nlmode == NL80211_IFTYPE_P2P_DEVICE)
4794 nl80211_get_macaddr(bss);
4796 if (!rfkill_is_blocked(drv->rfkill)) {
4797 int ret = i802_set_iface_flags(bss, 1);
4799 wpa_printf(MSG_ERROR, "nl80211: Could not set "
4800 "interface '%s' UP", bss->ifname);
4803 if (nlmode == NL80211_IFTYPE_P2P_DEVICE)
4806 wpa_printf(MSG_DEBUG, "nl80211: Could not yet enable "
4807 "interface '%s' due to rfkill", bss->ifname);
4808 if (nlmode == NL80211_IFTYPE_P2P_DEVICE)
4810 drv->if_disabled = 1;
4811 send_rfkill_event = 1;
4815 netlink_send_oper_ifla(drv->global->netlink, drv->ifindex,
4816 1, IF_OPER_DORMANT);
4818 if (linux_get_ifhwaddr(drv->global->ioctl_sock, bss->ifname,
4822 if (send_rfkill_event) {
4823 eloop_register_timeout(0, 0, wpa_driver_nl80211_send_rfkill,
4831 static int wpa_driver_nl80211_del_beacon(struct wpa_driver_nl80211_data *drv)
4835 msg = nlmsg_alloc();
4839 wpa_printf(MSG_DEBUG, "nl80211: Remove beacon (ifindex=%d)",
4841 nl80211_cmd(drv, msg, 0, NL80211_CMD_DEL_BEACON);
4842 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
4844 return send_and_recv_msgs(drv, msg, NULL, NULL);
4852 * wpa_driver_nl80211_deinit - Deinitialize nl80211 driver interface
4853 * @bss: Pointer to private nl80211 data from wpa_driver_nl80211_init()
4855 * Shut down driver interface and processing of driver events. Free
4856 * private data buffer if one was allocated in wpa_driver_nl80211_init().
4858 static void wpa_driver_nl80211_deinit(struct i802_bss *bss)
4860 struct wpa_driver_nl80211_data *drv = bss->drv;
4863 if (drv->data_tx_status)
4864 eloop_unregister_read_sock(drv->eapol_tx_sock);
4865 if (drv->eapol_tx_sock >= 0)
4866 close(drv->eapol_tx_sock);
4869 wpa_driver_nl80211_probe_req_report(bss, 0);
4870 if (bss->added_if_into_bridge) {
4871 if (linux_br_del_if(drv->global->ioctl_sock, bss->brname,
4873 wpa_printf(MSG_INFO, "nl80211: Failed to remove "
4874 "interface %s from bridge %s: %s",
4875 bss->ifname, bss->brname, strerror(errno));
4877 if (bss->added_bridge) {
4878 if (linux_br_del(drv->global->ioctl_sock, bss->brname) < 0)
4879 wpa_printf(MSG_INFO, "nl80211: Failed to remove "
4881 bss->brname, strerror(errno));
4884 nl80211_remove_monitor_interface(drv);
4886 if (is_ap_interface(drv->nlmode))
4887 wpa_driver_nl80211_del_beacon(drv);
4889 if (drv->eapol_sock >= 0) {
4890 eloop_unregister_read_sock(drv->eapol_sock);
4891 close(drv->eapol_sock);
4894 if (drv->if_indices != drv->default_if_indices)
4895 os_free(drv->if_indices);
4897 if (drv->disabled_11b_rates)
4898 nl80211_disable_11b_rates(drv, drv->ifindex, 0);
4900 netlink_send_oper_ifla(drv->global->netlink, drv->ifindex, 0,
4902 eloop_cancel_timeout(wpa_driver_nl80211_send_rfkill, drv, drv->ctx);
4903 rfkill_deinit(drv->rfkill);
4905 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv, drv->ctx);
4907 if (!drv->start_iface_up)
4908 (void) i802_set_iface_flags(bss, 0);
4909 if (drv->nlmode != NL80211_IFTYPE_P2P_DEVICE) {
4910 if (!drv->hostapd || !drv->start_mode_ap)
4911 wpa_driver_nl80211_set_mode(bss,
4912 NL80211_IFTYPE_STATION);
4913 nl80211_mgmt_unsubscribe(bss, "deinit");
4915 nl80211_mgmt_unsubscribe(bss, "deinit");
4916 nl80211_del_p2pdev(bss);
4918 nl_cb_put(drv->nl_cb);
4920 nl80211_destroy_bss(drv->first_bss);
4922 os_free(drv->filter_ssids);
4924 os_free(drv->auth_ie);
4926 if (drv->in_interface_list)
4927 dl_list_del(&drv->list);
4929 os_free(drv->extended_capa);
4930 os_free(drv->extended_capa_mask);
4931 os_free(drv->first_bss);
4937 * wpa_driver_nl80211_scan_timeout - Scan timeout to report scan completion
4938 * @eloop_ctx: Driver private data
4939 * @timeout_ctx: ctx argument given to wpa_driver_nl80211_init()
4941 * This function can be used as registered timeout when starting a scan to
4942 * generate a scan completed event if the driver does not report this.
4944 static void wpa_driver_nl80211_scan_timeout(void *eloop_ctx, void *timeout_ctx)
4946 struct wpa_driver_nl80211_data *drv = eloop_ctx;
4947 if (drv->ap_scan_as_station != NL80211_IFTYPE_UNSPECIFIED) {
4948 wpa_driver_nl80211_set_mode(drv->first_bss,
4949 drv->ap_scan_as_station);
4950 drv->ap_scan_as_station = NL80211_IFTYPE_UNSPECIFIED;
4952 wpa_printf(MSG_DEBUG, "Scan timeout - try to get results");
4953 wpa_supplicant_event(timeout_ctx, EVENT_SCAN_RESULTS, NULL);
4957 static struct nl_msg *
4958 nl80211_scan_common(struct wpa_driver_nl80211_data *drv, u8 cmd,
4959 struct wpa_driver_scan_params *params, u64 *wdev_id)
4965 msg = nlmsg_alloc();
4969 nl80211_cmd(drv, msg, 0, cmd);
4972 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
4974 NLA_PUT_U64(msg, NL80211_ATTR_WDEV, *wdev_id);
4976 if (params->num_ssids) {
4977 struct nlattr *ssids;
4979 ssids = nla_nest_start(msg, NL80211_ATTR_SCAN_SSIDS);
4982 for (i = 0; i < params->num_ssids; i++) {
4983 wpa_hexdump_ascii(MSG_MSGDUMP, "nl80211: Scan SSID",
4984 params->ssids[i].ssid,
4985 params->ssids[i].ssid_len);
4986 if (nla_put(msg, i + 1, params->ssids[i].ssid_len,
4987 params->ssids[i].ssid) < 0)
4990 nla_nest_end(msg, ssids);
4993 if (params->extra_ies) {
4994 wpa_hexdump(MSG_MSGDUMP, "nl80211: Scan extra IEs",
4995 params->extra_ies, params->extra_ies_len);
4996 if (nla_put(msg, NL80211_ATTR_IE, params->extra_ies_len,
4997 params->extra_ies) < 0)
5001 if (params->freqs) {
5002 struct nlattr *freqs;
5003 freqs = nla_nest_start(msg, NL80211_ATTR_SCAN_FREQUENCIES);
5006 for (i = 0; params->freqs[i]; i++) {
5007 wpa_printf(MSG_MSGDUMP, "nl80211: Scan frequency %u "
5008 "MHz", params->freqs[i]);
5009 if (nla_put_u32(msg, i + 1, params->freqs[i]) < 0)
5012 nla_nest_end(msg, freqs);
5015 os_free(drv->filter_ssids);
5016 drv->filter_ssids = params->filter_ssids;
5017 params->filter_ssids = NULL;
5018 drv->num_filter_ssids = params->num_filter_ssids;
5020 if (params->only_new_results) {
5021 wpa_printf(MSG_DEBUG, "nl80211: Add NL80211_SCAN_FLAG_FLUSH");
5022 scan_flags |= NL80211_SCAN_FLAG_FLUSH;
5025 if (params->low_priority && drv->have_low_prio_scan) {
5026 wpa_printf(MSG_DEBUG,
5027 "nl80211: Add NL80211_SCAN_FLAG_LOW_PRIORITY");
5028 scan_flags |= NL80211_SCAN_FLAG_LOW_PRIORITY;
5032 NLA_PUT_U32(msg, NL80211_ATTR_SCAN_FLAGS, scan_flags);
5044 * wpa_driver_nl80211_scan - Request the driver to initiate scan
5045 * @bss: Pointer to private driver data from wpa_driver_nl80211_init()
5046 * @params: Scan parameters
5047 * Returns: 0 on success, -1 on failure
5049 static int wpa_driver_nl80211_scan(struct i802_bss *bss,
5050 struct wpa_driver_scan_params *params)
5052 struct wpa_driver_nl80211_data *drv = bss->drv;
5053 int ret = -1, timeout;
5054 struct nl_msg *msg = NULL;
5056 wpa_dbg(drv->ctx, MSG_DEBUG, "nl80211: scan request");
5057 drv->scan_for_auth = 0;
5059 msg = nl80211_scan_common(drv, NL80211_CMD_TRIGGER_SCAN, params,
5060 bss->wdev_id_set ? &bss->wdev_id : NULL);
5064 if (params->p2p_probe) {
5065 struct nlattr *rates;
5067 wpa_printf(MSG_DEBUG, "nl80211: P2P probe - mask SuppRates");
5069 rates = nla_nest_start(msg, NL80211_ATTR_SCAN_SUPP_RATES);
5071 goto nla_put_failure;
5074 * Remove 2.4 GHz rates 1, 2, 5.5, 11 Mbps from supported rates
5075 * by masking out everything else apart from the OFDM rates 6,
5076 * 9, 12, 18, 24, 36, 48, 54 Mbps from non-MCS rates. All 5 GHz
5077 * rates are left enabled.
5079 NLA_PUT(msg, NL80211_BAND_2GHZ, 8,
5080 "\x0c\x12\x18\x24\x30\x48\x60\x6c");
5081 nla_nest_end(msg, rates);
5083 NLA_PUT_FLAG(msg, NL80211_ATTR_TX_NO_CCK_RATE);
5086 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
5089 wpa_printf(MSG_DEBUG, "nl80211: Scan trigger failed: ret=%d "
5090 "(%s)", ret, strerror(-ret));
5091 if (drv->hostapd && is_ap_interface(drv->nlmode)) {
5092 enum nl80211_iftype old_mode = drv->nlmode;
5095 * mac80211 does not allow scan requests in AP mode, so
5096 * try to do this in station mode.
5098 if (wpa_driver_nl80211_set_mode(
5099 bss, NL80211_IFTYPE_STATION))
5100 goto nla_put_failure;
5102 if (wpa_driver_nl80211_scan(bss, params)) {
5103 wpa_driver_nl80211_set_mode(bss, drv->nlmode);
5104 goto nla_put_failure;
5107 /* Restore AP mode when processing scan results */
5108 drv->ap_scan_as_station = old_mode;
5111 goto nla_put_failure;
5114 drv->scan_state = SCAN_REQUESTED;
5115 /* Not all drivers generate "scan completed" wireless event, so try to
5116 * read results after a timeout. */
5118 if (drv->scan_complete_events) {
5120 * The driver seems to deliver events to notify when scan is
5121 * complete, so use longer timeout to avoid race conditions
5122 * with scanning and following association request.
5126 wpa_printf(MSG_DEBUG, "Scan requested (ret=%d) - scan timeout %d "
5127 "seconds", ret, timeout);
5128 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv, drv->ctx);
5129 eloop_register_timeout(timeout, 0, wpa_driver_nl80211_scan_timeout,
5139 * wpa_driver_nl80211_sched_scan - Initiate a scheduled scan
5140 * @priv: Pointer to private driver data from wpa_driver_nl80211_init()
5141 * @params: Scan parameters
5142 * @interval: Interval between scan cycles in milliseconds
5143 * Returns: 0 on success, -1 on failure or if not supported
5145 static int wpa_driver_nl80211_sched_scan(void *priv,
5146 struct wpa_driver_scan_params *params,
5149 struct i802_bss *bss = priv;
5150 struct wpa_driver_nl80211_data *drv = bss->drv;
5155 wpa_dbg(drv->ctx, MSG_DEBUG, "nl80211: sched_scan request");
5158 if (!drv->capa.sched_scan_supported)
5159 return android_pno_start(bss, params);
5160 #endif /* ANDROID */
5162 msg = nl80211_scan_common(drv, NL80211_CMD_START_SCHED_SCAN, params,
5163 bss->wdev_id_set ? &bss->wdev_id : NULL);
5165 goto nla_put_failure;
5167 NLA_PUT_U32(msg, NL80211_ATTR_SCHED_SCAN_INTERVAL, interval);
5169 if ((drv->num_filter_ssids &&
5170 (int) drv->num_filter_ssids <= drv->capa.max_match_sets) ||
5171 params->filter_rssi) {
5172 struct nlattr *match_sets;
5173 match_sets = nla_nest_start(msg, NL80211_ATTR_SCHED_SCAN_MATCH);
5174 if (match_sets == NULL)
5175 goto nla_put_failure;
5177 for (i = 0; i < drv->num_filter_ssids; i++) {
5178 struct nlattr *match_set_ssid;
5179 wpa_hexdump_ascii(MSG_MSGDUMP,
5180 "nl80211: Sched scan filter SSID",
5181 drv->filter_ssids[i].ssid,
5182 drv->filter_ssids[i].ssid_len);
5184 match_set_ssid = nla_nest_start(msg, i + 1);
5185 if (match_set_ssid == NULL)
5186 goto nla_put_failure;
5187 NLA_PUT(msg, NL80211_ATTR_SCHED_SCAN_MATCH_SSID,
5188 drv->filter_ssids[i].ssid_len,
5189 drv->filter_ssids[i].ssid);
5190 if (params->filter_rssi)
5192 NL80211_SCHED_SCAN_MATCH_ATTR_RSSI,
5193 params->filter_rssi);
5195 nla_nest_end(msg, match_set_ssid);
5199 * Due to backward compatibility code, newer kernels treat this
5200 * matchset (with only an RSSI filter) as the default for all
5201 * other matchsets, unless it's the only one, in which case the
5202 * matchset will actually allow all SSIDs above the RSSI.
5204 if (params->filter_rssi) {
5205 struct nlattr *match_set_rssi;
5206 match_set_rssi = nla_nest_start(msg, 0);
5207 if (match_set_rssi == NULL)
5208 goto nla_put_failure;
5209 NLA_PUT_U32(msg, NL80211_SCHED_SCAN_MATCH_ATTR_RSSI,
5210 params->filter_rssi);
5211 wpa_printf(MSG_MSGDUMP,
5212 "nl80211: Sched scan RSSI filter %d dBm",
5213 params->filter_rssi);
5214 nla_nest_end(msg, match_set_rssi);
5217 nla_nest_end(msg, match_sets);
5220 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
5222 /* TODO: if we get an error here, we should fall back to normal scan */
5226 wpa_printf(MSG_DEBUG, "nl80211: Sched scan start failed: "
5227 "ret=%d (%s)", ret, strerror(-ret));
5228 goto nla_put_failure;
5231 wpa_printf(MSG_DEBUG, "nl80211: Sched scan requested (ret=%d) - "
5232 "scan interval %d msec", ret, interval);
5241 * wpa_driver_nl80211_stop_sched_scan - Stop a scheduled scan
5242 * @priv: Pointer to private driver data from wpa_driver_nl80211_init()
5243 * Returns: 0 on success, -1 on failure or if not supported
5245 static int wpa_driver_nl80211_stop_sched_scan(void *priv)
5247 struct i802_bss *bss = priv;
5248 struct wpa_driver_nl80211_data *drv = bss->drv;
5253 if (!drv->capa.sched_scan_supported)
5254 return android_pno_stop(bss);
5255 #endif /* ANDROID */
5257 msg = nlmsg_alloc();
5261 nl80211_cmd(drv, msg, 0, NL80211_CMD_STOP_SCHED_SCAN);
5263 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
5265 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
5268 wpa_printf(MSG_DEBUG, "nl80211: Sched scan stop failed: "
5269 "ret=%d (%s)", ret, strerror(-ret));
5270 goto nla_put_failure;
5273 wpa_printf(MSG_DEBUG, "nl80211: Sched scan stop sent (ret=%d)", ret);
5281 static const u8 * nl80211_get_ie(const u8 *ies, size_t ies_len, u8 ie)
5283 const u8 *end, *pos;
5289 end = ies + ies_len;
5291 while (pos + 1 < end) {
5292 if (pos + 2 + pos[1] > end)
5303 static int nl80211_scan_filtered(struct wpa_driver_nl80211_data *drv,
5304 const u8 *ie, size_t ie_len)
5309 if (drv->filter_ssids == NULL)
5312 ssid = nl80211_get_ie(ie, ie_len, WLAN_EID_SSID);
5316 for (i = 0; i < drv->num_filter_ssids; i++) {
5317 if (ssid[1] == drv->filter_ssids[i].ssid_len &&
5318 os_memcmp(ssid + 2, drv->filter_ssids[i].ssid, ssid[1]) ==
5327 static int bss_info_handler(struct nl_msg *msg, void *arg)
5329 struct nlattr *tb[NL80211_ATTR_MAX + 1];
5330 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
5331 struct nlattr *bss[NL80211_BSS_MAX + 1];
5332 static struct nla_policy bss_policy[NL80211_BSS_MAX + 1] = {
5333 [NL80211_BSS_BSSID] = { .type = NLA_UNSPEC },
5334 [NL80211_BSS_FREQUENCY] = { .type = NLA_U32 },
5335 [NL80211_BSS_TSF] = { .type = NLA_U64 },
5336 [NL80211_BSS_BEACON_INTERVAL] = { .type = NLA_U16 },
5337 [NL80211_BSS_CAPABILITY] = { .type = NLA_U16 },
5338 [NL80211_BSS_INFORMATION_ELEMENTS] = { .type = NLA_UNSPEC },
5339 [NL80211_BSS_SIGNAL_MBM] = { .type = NLA_U32 },
5340 [NL80211_BSS_SIGNAL_UNSPEC] = { .type = NLA_U8 },
5341 [NL80211_BSS_STATUS] = { .type = NLA_U32 },
5342 [NL80211_BSS_SEEN_MS_AGO] = { .type = NLA_U32 },
5343 [NL80211_BSS_BEACON_IES] = { .type = NLA_UNSPEC },
5345 struct nl80211_bss_info_arg *_arg = arg;
5346 struct wpa_scan_results *res = _arg->res;
5347 struct wpa_scan_res **tmp;
5348 struct wpa_scan_res *r;
5349 const u8 *ie, *beacon_ie;
5350 size_t ie_len, beacon_ie_len;
5354 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
5355 genlmsg_attrlen(gnlh, 0), NULL);
5356 if (!tb[NL80211_ATTR_BSS])
5358 if (nla_parse_nested(bss, NL80211_BSS_MAX, tb[NL80211_ATTR_BSS],
5361 if (bss[NL80211_BSS_STATUS]) {
5362 enum nl80211_bss_status status;
5363 status = nla_get_u32(bss[NL80211_BSS_STATUS]);
5364 if (status == NL80211_BSS_STATUS_ASSOCIATED &&
5365 bss[NL80211_BSS_FREQUENCY]) {
5367 nla_get_u32(bss[NL80211_BSS_FREQUENCY]);
5368 wpa_printf(MSG_DEBUG, "nl80211: Associated on %u MHz",
5371 if (status == NL80211_BSS_STATUS_IBSS_JOINED &&
5372 bss[NL80211_BSS_FREQUENCY]) {
5374 nla_get_u32(bss[NL80211_BSS_FREQUENCY]);
5375 wpa_printf(MSG_DEBUG, "nl80211: IBSS-joined on %u MHz",
5378 if (status == NL80211_BSS_STATUS_ASSOCIATED &&
5379 bss[NL80211_BSS_BSSID]) {
5380 os_memcpy(_arg->assoc_bssid,
5381 nla_data(bss[NL80211_BSS_BSSID]), ETH_ALEN);
5382 wpa_printf(MSG_DEBUG, "nl80211: Associated with "
5383 MACSTR, MAC2STR(_arg->assoc_bssid));
5388 if (bss[NL80211_BSS_INFORMATION_ELEMENTS]) {
5389 ie = nla_data(bss[NL80211_BSS_INFORMATION_ELEMENTS]);
5390 ie_len = nla_len(bss[NL80211_BSS_INFORMATION_ELEMENTS]);
5395 if (bss[NL80211_BSS_BEACON_IES]) {
5396 beacon_ie = nla_data(bss[NL80211_BSS_BEACON_IES]);
5397 beacon_ie_len = nla_len(bss[NL80211_BSS_BEACON_IES]);
5403 if (nl80211_scan_filtered(_arg->drv, ie ? ie : beacon_ie,
5404 ie ? ie_len : beacon_ie_len))
5407 r = os_zalloc(sizeof(*r) + ie_len + beacon_ie_len);
5410 if (bss[NL80211_BSS_BSSID])
5411 os_memcpy(r->bssid, nla_data(bss[NL80211_BSS_BSSID]),
5413 if (bss[NL80211_BSS_FREQUENCY])
5414 r->freq = nla_get_u32(bss[NL80211_BSS_FREQUENCY]);
5415 if (bss[NL80211_BSS_BEACON_INTERVAL])
5416 r->beacon_int = nla_get_u16(bss[NL80211_BSS_BEACON_INTERVAL]);
5417 if (bss[NL80211_BSS_CAPABILITY])
5418 r->caps = nla_get_u16(bss[NL80211_BSS_CAPABILITY]);
5419 r->flags |= WPA_SCAN_NOISE_INVALID;
5420 if (bss[NL80211_BSS_SIGNAL_MBM]) {
5421 r->level = nla_get_u32(bss[NL80211_BSS_SIGNAL_MBM]);
5422 r->level /= 100; /* mBm to dBm */
5423 r->flags |= WPA_SCAN_LEVEL_DBM | WPA_SCAN_QUAL_INVALID;
5424 } else if (bss[NL80211_BSS_SIGNAL_UNSPEC]) {
5425 r->level = nla_get_u8(bss[NL80211_BSS_SIGNAL_UNSPEC]);
5426 r->flags |= WPA_SCAN_QUAL_INVALID;
5428 r->flags |= WPA_SCAN_LEVEL_INVALID | WPA_SCAN_QUAL_INVALID;
5429 if (bss[NL80211_BSS_TSF])
5430 r->tsf = nla_get_u64(bss[NL80211_BSS_TSF]);
5431 if (bss[NL80211_BSS_SEEN_MS_AGO])
5432 r->age = nla_get_u32(bss[NL80211_BSS_SEEN_MS_AGO]);
5434 pos = (u8 *) (r + 1);
5436 os_memcpy(pos, ie, ie_len);
5439 r->beacon_ie_len = beacon_ie_len;
5441 os_memcpy(pos, beacon_ie, beacon_ie_len);
5443 if (bss[NL80211_BSS_STATUS]) {
5444 enum nl80211_bss_status status;
5445 status = nla_get_u32(bss[NL80211_BSS_STATUS]);
5447 case NL80211_BSS_STATUS_AUTHENTICATED:
5448 r->flags |= WPA_SCAN_AUTHENTICATED;
5450 case NL80211_BSS_STATUS_ASSOCIATED:
5451 r->flags |= WPA_SCAN_ASSOCIATED;
5459 * cfg80211 maintains separate BSS table entries for APs if the same
5460 * BSSID,SSID pair is seen on multiple channels. wpa_supplicant does
5461 * not use frequency as a separate key in the BSS table, so filter out
5462 * duplicated entries. Prefer associated BSS entry in such a case in
5463 * order to get the correct frequency into the BSS table. Similarly,
5464 * prefer newer entries over older.
5466 for (i = 0; i < res->num; i++) {
5468 if (os_memcmp(res->res[i]->bssid, r->bssid, ETH_ALEN) != 0)
5471 s1 = nl80211_get_ie((u8 *) (res->res[i] + 1),
5472 res->res[i]->ie_len, WLAN_EID_SSID);
5473 s2 = nl80211_get_ie((u8 *) (r + 1), r->ie_len, WLAN_EID_SSID);
5474 if (s1 == NULL || s2 == NULL || s1[1] != s2[1] ||
5475 os_memcmp(s1, s2, 2 + s1[1]) != 0)
5478 /* Same BSSID,SSID was already included in scan results */
5479 wpa_printf(MSG_DEBUG, "nl80211: Remove duplicated scan result "
5480 "for " MACSTR, MAC2STR(r->bssid));
5482 if (((r->flags & WPA_SCAN_ASSOCIATED) &&
5483 !(res->res[i]->flags & WPA_SCAN_ASSOCIATED)) ||
5484 r->age < res->res[i]->age) {
5485 os_free(res->res[i]);
5492 tmp = os_realloc_array(res->res, res->num + 1,
5493 sizeof(struct wpa_scan_res *));
5498 tmp[res->num++] = r;
5505 static void clear_state_mismatch(struct wpa_driver_nl80211_data *drv,
5508 if (drv->capa.flags & WPA_DRIVER_FLAGS_SME) {
5509 wpa_printf(MSG_DEBUG, "nl80211: Clear possible state "
5510 "mismatch (" MACSTR ")", MAC2STR(addr));
5511 wpa_driver_nl80211_mlme(drv, addr,
5512 NL80211_CMD_DEAUTHENTICATE,
5513 WLAN_REASON_PREV_AUTH_NOT_VALID, 1);
5518 static void wpa_driver_nl80211_check_bss_status(
5519 struct wpa_driver_nl80211_data *drv, struct wpa_scan_results *res)
5523 for (i = 0; i < res->num; i++) {
5524 struct wpa_scan_res *r = res->res[i];
5525 if (r->flags & WPA_SCAN_AUTHENTICATED) {
5526 wpa_printf(MSG_DEBUG, "nl80211: Scan results "
5527 "indicates BSS status with " MACSTR
5528 " as authenticated",
5530 if (is_sta_interface(drv->nlmode) &&
5531 os_memcmp(r->bssid, drv->bssid, ETH_ALEN) != 0 &&
5532 os_memcmp(r->bssid, drv->auth_bssid, ETH_ALEN) !=
5534 wpa_printf(MSG_DEBUG, "nl80211: Unknown BSSID"
5535 " in local state (auth=" MACSTR
5536 " assoc=" MACSTR ")",
5537 MAC2STR(drv->auth_bssid),
5538 MAC2STR(drv->bssid));
5539 clear_state_mismatch(drv, r->bssid);
5543 if (r->flags & WPA_SCAN_ASSOCIATED) {
5544 wpa_printf(MSG_DEBUG, "nl80211: Scan results "
5545 "indicate BSS status with " MACSTR
5548 if (is_sta_interface(drv->nlmode) &&
5550 wpa_printf(MSG_DEBUG, "nl80211: Local state "
5551 "(not associated) does not match "
5553 clear_state_mismatch(drv, r->bssid);
5554 } else if (is_sta_interface(drv->nlmode) &&
5555 os_memcmp(drv->bssid, r->bssid, ETH_ALEN) !=
5557 wpa_printf(MSG_DEBUG, "nl80211: Local state "
5558 "(associated with " MACSTR ") does "
5559 "not match with BSS state",
5560 MAC2STR(drv->bssid));
5561 clear_state_mismatch(drv, r->bssid);
5562 clear_state_mismatch(drv, drv->bssid);
5569 static struct wpa_scan_results *
5570 nl80211_get_scan_results(struct wpa_driver_nl80211_data *drv)
5573 struct wpa_scan_results *res;
5575 struct nl80211_bss_info_arg arg;
5577 res = os_zalloc(sizeof(*res));
5580 msg = nlmsg_alloc();
5582 goto nla_put_failure;
5584 nl80211_cmd(drv, msg, NLM_F_DUMP, NL80211_CMD_GET_SCAN);
5585 if (nl80211_set_iface_id(msg, drv->first_bss) < 0)
5586 goto nla_put_failure;
5590 ret = send_and_recv_msgs(drv, msg, bss_info_handler, &arg);
5593 wpa_printf(MSG_DEBUG, "nl80211: Received scan results (%lu "
5594 "BSSes)", (unsigned long) res->num);
5595 nl80211_get_noise_for_scan_results(drv, res);
5598 wpa_printf(MSG_DEBUG, "nl80211: Scan result fetch failed: ret=%d "
5599 "(%s)", ret, strerror(-ret));
5602 wpa_scan_results_free(res);
5608 * wpa_driver_nl80211_get_scan_results - Fetch the latest scan results
5609 * @priv: Pointer to private wext data from wpa_driver_nl80211_init()
5610 * Returns: Scan results on success, -1 on failure
5612 static struct wpa_scan_results *
5613 wpa_driver_nl80211_get_scan_results(void *priv)
5615 struct i802_bss *bss = priv;
5616 struct wpa_driver_nl80211_data *drv = bss->drv;
5617 struct wpa_scan_results *res;
5619 res = nl80211_get_scan_results(drv);
5621 wpa_driver_nl80211_check_bss_status(drv, res);
5626 static void nl80211_dump_scan(struct wpa_driver_nl80211_data *drv)
5628 struct wpa_scan_results *res;
5631 res = nl80211_get_scan_results(drv);
5633 wpa_printf(MSG_DEBUG, "nl80211: Failed to get scan results");
5637 wpa_printf(MSG_DEBUG, "nl80211: Scan result dump");
5638 for (i = 0; i < res->num; i++) {
5639 struct wpa_scan_res *r = res->res[i];
5640 wpa_printf(MSG_DEBUG, "nl80211: %d/%d " MACSTR "%s%s",
5641 (int) i, (int) res->num, MAC2STR(r->bssid),
5642 r->flags & WPA_SCAN_AUTHENTICATED ? " [auth]" : "",
5643 r->flags & WPA_SCAN_ASSOCIATED ? " [assoc]" : "");
5646 wpa_scan_results_free(res);
5650 static u32 wpa_alg_to_cipher_suite(enum wpa_alg alg, size_t key_len)
5655 return WLAN_CIPHER_SUITE_WEP40;
5656 return WLAN_CIPHER_SUITE_WEP104;
5658 return WLAN_CIPHER_SUITE_TKIP;
5660 return WLAN_CIPHER_SUITE_CCMP;
5662 return WLAN_CIPHER_SUITE_GCMP;
5663 case WPA_ALG_CCMP_256:
5664 return WLAN_CIPHER_SUITE_CCMP_256;
5665 case WPA_ALG_GCMP_256:
5666 return WLAN_CIPHER_SUITE_GCMP_256;
5668 return WLAN_CIPHER_SUITE_AES_CMAC;
5669 case WPA_ALG_BIP_GMAC_128:
5670 return WLAN_CIPHER_SUITE_BIP_GMAC_128;
5671 case WPA_ALG_BIP_GMAC_256:
5672 return WLAN_CIPHER_SUITE_BIP_GMAC_256;
5673 case WPA_ALG_BIP_CMAC_256:
5674 return WLAN_CIPHER_SUITE_BIP_CMAC_256;
5676 return WLAN_CIPHER_SUITE_SMS4;
5678 return WLAN_CIPHER_SUITE_KRK;
5681 wpa_printf(MSG_ERROR, "nl80211: Unexpected encryption algorithm %d",
5686 wpa_printf(MSG_ERROR, "nl80211: Unsupported encryption algorithm %d",
5692 static u32 wpa_cipher_to_cipher_suite(unsigned int cipher)
5695 case WPA_CIPHER_CCMP_256:
5696 return WLAN_CIPHER_SUITE_CCMP_256;
5697 case WPA_CIPHER_GCMP_256:
5698 return WLAN_CIPHER_SUITE_GCMP_256;
5699 case WPA_CIPHER_CCMP:
5700 return WLAN_CIPHER_SUITE_CCMP;
5701 case WPA_CIPHER_GCMP:
5702 return WLAN_CIPHER_SUITE_GCMP;
5703 case WPA_CIPHER_TKIP:
5704 return WLAN_CIPHER_SUITE_TKIP;
5705 case WPA_CIPHER_WEP104:
5706 return WLAN_CIPHER_SUITE_WEP104;
5707 case WPA_CIPHER_WEP40:
5708 return WLAN_CIPHER_SUITE_WEP40;
5709 case WPA_CIPHER_GTK_NOT_USED:
5710 return WLAN_CIPHER_SUITE_NO_GROUP_ADDR;
5717 static int wpa_cipher_to_cipher_suites(unsigned int ciphers, u32 suites[],
5722 if (num_suites < max_suites && ciphers & WPA_CIPHER_CCMP_256)
5723 suites[num_suites++] = WLAN_CIPHER_SUITE_CCMP_256;
5724 if (num_suites < max_suites && ciphers & WPA_CIPHER_GCMP_256)
5725 suites[num_suites++] = WLAN_CIPHER_SUITE_GCMP_256;
5726 if (num_suites < max_suites && ciphers & WPA_CIPHER_CCMP)
5727 suites[num_suites++] = WLAN_CIPHER_SUITE_CCMP;
5728 if (num_suites < max_suites && ciphers & WPA_CIPHER_GCMP)
5729 suites[num_suites++] = WLAN_CIPHER_SUITE_GCMP;
5730 if (num_suites < max_suites && ciphers & WPA_CIPHER_TKIP)
5731 suites[num_suites++] = WLAN_CIPHER_SUITE_TKIP;
5732 if (num_suites < max_suites && ciphers & WPA_CIPHER_WEP104)
5733 suites[num_suites++] = WLAN_CIPHER_SUITE_WEP104;
5734 if (num_suites < max_suites && ciphers & WPA_CIPHER_WEP40)
5735 suites[num_suites++] = WLAN_CIPHER_SUITE_WEP40;
5741 static int wpa_driver_nl80211_set_key(const char *ifname, struct i802_bss *bss,
5742 enum wpa_alg alg, const u8 *addr,
5743 int key_idx, int set_tx,
5744 const u8 *seq, size_t seq_len,
5745 const u8 *key, size_t key_len)
5747 struct wpa_driver_nl80211_data *drv = bss->drv;
5753 /* Ignore for P2P Device */
5754 if (drv->nlmode == NL80211_IFTYPE_P2P_DEVICE)
5757 ifindex = if_nametoindex(ifname);
5758 wpa_printf(MSG_DEBUG, "%s: ifindex=%d (%s) alg=%d addr=%p key_idx=%d "
5759 "set_tx=%d seq_len=%lu key_len=%lu",
5760 __func__, ifindex, ifname, alg, addr, key_idx, set_tx,
5761 (unsigned long) seq_len, (unsigned long) key_len);
5763 if (key_idx == -1) {
5767 #endif /* CONFIG_TDLS */
5769 msg = nlmsg_alloc();
5773 if (alg == WPA_ALG_NONE) {
5774 nl80211_cmd(drv, msg, 0, NL80211_CMD_DEL_KEY);
5776 nl80211_cmd(drv, msg, 0, NL80211_CMD_NEW_KEY);
5777 NLA_PUT(msg, NL80211_ATTR_KEY_DATA, key_len, key);
5778 wpa_hexdump_key(MSG_DEBUG, "nl80211: KEY_DATA", key, key_len);
5779 NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
5780 wpa_alg_to_cipher_suite(alg, key_len));
5783 if (seq && seq_len) {
5784 NLA_PUT(msg, NL80211_ATTR_KEY_SEQ, seq_len, seq);
5785 wpa_hexdump(MSG_DEBUG, "nl80211: KEY_SEQ", seq, seq_len);
5788 if (addr && !is_broadcast_ether_addr(addr)) {
5789 wpa_printf(MSG_DEBUG, " addr=" MACSTR, MAC2STR(addr));
5790 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
5792 if (alg != WPA_ALG_WEP && key_idx && !set_tx) {
5793 wpa_printf(MSG_DEBUG, " RSN IBSS RX GTK");
5794 NLA_PUT_U32(msg, NL80211_ATTR_KEY_TYPE,
5795 NL80211_KEYTYPE_GROUP);
5797 } else if (addr && is_broadcast_ether_addr(addr)) {
5798 struct nlattr *types;
5800 wpa_printf(MSG_DEBUG, " broadcast key");
5802 types = nla_nest_start(msg, NL80211_ATTR_KEY_DEFAULT_TYPES);
5804 goto nla_put_failure;
5805 NLA_PUT_FLAG(msg, NL80211_KEY_DEFAULT_TYPE_MULTICAST);
5806 nla_nest_end(msg, types);
5808 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, key_idx);
5809 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifindex);
5811 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
5812 if ((ret == -ENOENT || ret == -ENOLINK) && alg == WPA_ALG_NONE)
5815 wpa_printf(MSG_DEBUG, "nl80211: set_key failed; err=%d %s)",
5816 ret, strerror(-ret));
5819 * If we failed or don't need to set the default TX key (below),
5822 if (ret || !set_tx || alg == WPA_ALG_NONE || tdls)
5824 if (is_ap_interface(drv->nlmode) && addr &&
5825 !is_broadcast_ether_addr(addr))
5828 msg = nlmsg_alloc();
5832 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_KEY);
5833 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, key_idx);
5834 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifindex);
5835 if (alg == WPA_ALG_IGTK)
5836 NLA_PUT_FLAG(msg, NL80211_ATTR_KEY_DEFAULT_MGMT);
5838 NLA_PUT_FLAG(msg, NL80211_ATTR_KEY_DEFAULT);
5839 if (addr && is_broadcast_ether_addr(addr)) {
5840 struct nlattr *types;
5842 types = nla_nest_start(msg, NL80211_ATTR_KEY_DEFAULT_TYPES);
5844 goto nla_put_failure;
5845 NLA_PUT_FLAG(msg, NL80211_KEY_DEFAULT_TYPE_MULTICAST);
5846 nla_nest_end(msg, types);
5848 struct nlattr *types;
5850 types = nla_nest_start(msg, NL80211_ATTR_KEY_DEFAULT_TYPES);
5852 goto nla_put_failure;
5853 NLA_PUT_FLAG(msg, NL80211_KEY_DEFAULT_TYPE_UNICAST);
5854 nla_nest_end(msg, types);
5857 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
5861 wpa_printf(MSG_DEBUG, "nl80211: set_key default failed; "
5862 "err=%d %s)", ret, strerror(-ret));
5871 static int nl_add_key(struct nl_msg *msg, enum wpa_alg alg,
5872 int key_idx, int defkey,
5873 const u8 *seq, size_t seq_len,
5874 const u8 *key, size_t key_len)
5876 struct nlattr *key_attr = nla_nest_start(msg, NL80211_ATTR_KEY);
5880 if (defkey && alg == WPA_ALG_IGTK)
5881 NLA_PUT_FLAG(msg, NL80211_KEY_DEFAULT_MGMT);
5883 NLA_PUT_FLAG(msg, NL80211_KEY_DEFAULT);
5885 NLA_PUT_U8(msg, NL80211_KEY_IDX, key_idx);
5887 NLA_PUT_U32(msg, NL80211_KEY_CIPHER,
5888 wpa_alg_to_cipher_suite(alg, key_len));
5891 NLA_PUT(msg, NL80211_KEY_SEQ, seq_len, seq);
5893 NLA_PUT(msg, NL80211_KEY_DATA, key_len, key);
5895 nla_nest_end(msg, key_attr);
5903 static int nl80211_set_conn_keys(struct wpa_driver_associate_params *params,
5907 struct nlattr *nl_keys, *nl_key;
5909 for (i = 0; i < 4; i++) {
5910 if (!params->wep_key[i])
5915 if (params->wps == WPS_MODE_PRIVACY)
5917 if (params->pairwise_suite &&
5918 params->pairwise_suite != WPA_CIPHER_NONE)
5924 NLA_PUT_FLAG(msg, NL80211_ATTR_PRIVACY);
5926 nl_keys = nla_nest_start(msg, NL80211_ATTR_KEYS);
5928 goto nla_put_failure;
5930 for (i = 0; i < 4; i++) {
5931 if (!params->wep_key[i])
5934 nl_key = nla_nest_start(msg, i);
5936 goto nla_put_failure;
5938 NLA_PUT(msg, NL80211_KEY_DATA, params->wep_key_len[i],
5939 params->wep_key[i]);
5940 if (params->wep_key_len[i] == 5)
5941 NLA_PUT_U32(msg, NL80211_KEY_CIPHER,
5942 WLAN_CIPHER_SUITE_WEP40);
5944 NLA_PUT_U32(msg, NL80211_KEY_CIPHER,
5945 WLAN_CIPHER_SUITE_WEP104);
5947 NLA_PUT_U8(msg, NL80211_KEY_IDX, i);
5949 if (i == params->wep_tx_keyidx)
5950 NLA_PUT_FLAG(msg, NL80211_KEY_DEFAULT);
5952 nla_nest_end(msg, nl_key);
5954 nla_nest_end(msg, nl_keys);
5963 static int wpa_driver_nl80211_mlme(struct wpa_driver_nl80211_data *drv,
5964 const u8 *addr, int cmd, u16 reason_code,
5965 int local_state_change)
5970 msg = nlmsg_alloc();
5974 nl80211_cmd(drv, msg, 0, cmd);
5976 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
5977 NLA_PUT_U16(msg, NL80211_ATTR_REASON_CODE, reason_code);
5979 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
5980 if (local_state_change)
5981 NLA_PUT_FLAG(msg, NL80211_ATTR_LOCAL_STATE_CHANGE);
5983 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
5986 wpa_dbg(drv->ctx, MSG_DEBUG,
5987 "nl80211: MLME command failed: reason=%u ret=%d (%s)",
5988 reason_code, ret, strerror(-ret));
5989 goto nla_put_failure;
5999 static int wpa_driver_nl80211_disconnect(struct wpa_driver_nl80211_data *drv,
6004 wpa_printf(MSG_DEBUG, "%s(reason_code=%d)", __func__, reason_code);
6005 nl80211_mark_disconnected(drv);
6006 /* Disconnect command doesn't need BSSID - it uses cached value */
6007 ret = wpa_driver_nl80211_mlme(drv, NULL, NL80211_CMD_DISCONNECT,
6010 * For locally generated disconnect, supplicant already generates a
6011 * DEAUTH event, so ignore the event from NL80211.
6013 drv->ignore_next_local_disconnect = ret == 0;
6019 static int wpa_driver_nl80211_deauthenticate(struct i802_bss *bss,
6020 const u8 *addr, int reason_code)
6022 struct wpa_driver_nl80211_data *drv = bss->drv;
6025 if (drv->nlmode == NL80211_IFTYPE_ADHOC) {
6026 nl80211_mark_disconnected(drv);
6027 return nl80211_leave_ibss(drv);
6029 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME))
6030 return wpa_driver_nl80211_disconnect(drv, reason_code);
6031 wpa_printf(MSG_DEBUG, "%s(addr=" MACSTR " reason_code=%d)",
6032 __func__, MAC2STR(addr), reason_code);
6033 nl80211_mark_disconnected(drv);
6034 ret = wpa_driver_nl80211_mlme(drv, addr, NL80211_CMD_DEAUTHENTICATE,
6037 * For locally generated deauthenticate, supplicant already generates a
6038 * DEAUTH event, so ignore the event from NL80211.
6040 drv->ignore_next_local_deauth = ret == 0;
6045 static void nl80211_copy_auth_params(struct wpa_driver_nl80211_data *drv,
6046 struct wpa_driver_auth_params *params)
6050 drv->auth_freq = params->freq;
6051 drv->auth_alg = params->auth_alg;
6052 drv->auth_wep_tx_keyidx = params->wep_tx_keyidx;
6053 drv->auth_local_state_change = params->local_state_change;
6054 drv->auth_p2p = params->p2p;
6057 os_memcpy(drv->auth_bssid_, params->bssid, ETH_ALEN);
6059 os_memset(drv->auth_bssid_, 0, ETH_ALEN);
6062 os_memcpy(drv->auth_ssid, params->ssid, params->ssid_len);
6063 drv->auth_ssid_len = params->ssid_len;
6065 drv->auth_ssid_len = 0;
6068 os_free(drv->auth_ie);
6069 drv->auth_ie = NULL;
6070 drv->auth_ie_len = 0;
6072 drv->auth_ie = os_malloc(params->ie_len);
6074 os_memcpy(drv->auth_ie, params->ie, params->ie_len);
6075 drv->auth_ie_len = params->ie_len;
6079 for (i = 0; i < 4; i++) {
6080 if (params->wep_key[i] && params->wep_key_len[i] &&
6081 params->wep_key_len[i] <= 16) {
6082 os_memcpy(drv->auth_wep_key[i], params->wep_key[i],
6083 params->wep_key_len[i]);
6084 drv->auth_wep_key_len[i] = params->wep_key_len[i];
6086 drv->auth_wep_key_len[i] = 0;
6091 static int wpa_driver_nl80211_authenticate(
6092 struct i802_bss *bss, struct wpa_driver_auth_params *params)
6094 struct wpa_driver_nl80211_data *drv = bss->drv;
6097 enum nl80211_auth_type type;
6098 enum nl80211_iftype nlmode;
6102 is_retry = drv->retry_auth;
6103 drv->retry_auth = 0;
6104 drv->ignore_deauth_event = 0;
6106 nl80211_mark_disconnected(drv);
6107 os_memset(drv->auth_bssid, 0, ETH_ALEN);
6109 os_memcpy(drv->auth_attempt_bssid, params->bssid, ETH_ALEN);
6111 os_memset(drv->auth_attempt_bssid, 0, ETH_ALEN);
6112 /* FIX: IBSS mode */
6113 nlmode = params->p2p ?
6114 NL80211_IFTYPE_P2P_CLIENT : NL80211_IFTYPE_STATION;
6115 if (drv->nlmode != nlmode &&
6116 wpa_driver_nl80211_set_mode(bss, nlmode) < 0)
6120 msg = nlmsg_alloc();
6124 wpa_printf(MSG_DEBUG, "nl80211: Authenticate (ifindex=%d)",
6127 nl80211_cmd(drv, msg, 0, NL80211_CMD_AUTHENTICATE);
6129 for (i = 0; i < 4; i++) {
6130 if (!params->wep_key[i])
6132 wpa_driver_nl80211_set_key(bss->ifname, bss, WPA_ALG_WEP,
6134 i == params->wep_tx_keyidx, NULL, 0,
6136 params->wep_key_len[i]);
6137 if (params->wep_tx_keyidx != i)
6139 if (nl_add_key(msg, WPA_ALG_WEP, i, 1, NULL, 0,
6140 params->wep_key[i], params->wep_key_len[i])) {
6146 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
6147 if (params->bssid) {
6148 wpa_printf(MSG_DEBUG, " * bssid=" MACSTR,
6149 MAC2STR(params->bssid));
6150 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid);
6153 wpa_printf(MSG_DEBUG, " * freq=%d", params->freq);
6154 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, params->freq);
6157 wpa_hexdump_ascii(MSG_DEBUG, " * SSID",
6158 params->ssid, params->ssid_len);
6159 NLA_PUT(msg, NL80211_ATTR_SSID, params->ssid_len,
6162 wpa_hexdump(MSG_DEBUG, " * IEs", params->ie, params->ie_len);
6164 NLA_PUT(msg, NL80211_ATTR_IE, params->ie_len, params->ie);
6165 if (params->sae_data) {
6166 wpa_hexdump(MSG_DEBUG, " * SAE data", params->sae_data,
6167 params->sae_data_len);
6168 NLA_PUT(msg, NL80211_ATTR_SAE_DATA, params->sae_data_len,
6171 if (params->auth_alg & WPA_AUTH_ALG_OPEN)
6172 type = NL80211_AUTHTYPE_OPEN_SYSTEM;
6173 else if (params->auth_alg & WPA_AUTH_ALG_SHARED)
6174 type = NL80211_AUTHTYPE_SHARED_KEY;
6175 else if (params->auth_alg & WPA_AUTH_ALG_LEAP)
6176 type = NL80211_AUTHTYPE_NETWORK_EAP;
6177 else if (params->auth_alg & WPA_AUTH_ALG_FT)
6178 type = NL80211_AUTHTYPE_FT;
6179 else if (params->auth_alg & WPA_AUTH_ALG_SAE)
6180 type = NL80211_AUTHTYPE_SAE;
6182 goto nla_put_failure;
6183 wpa_printf(MSG_DEBUG, " * Auth Type %d", type);
6184 NLA_PUT_U32(msg, NL80211_ATTR_AUTH_TYPE, type);
6185 if (params->local_state_change) {
6186 wpa_printf(MSG_DEBUG, " * Local state change only");
6187 NLA_PUT_FLAG(msg, NL80211_ATTR_LOCAL_STATE_CHANGE);
6190 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
6193 wpa_dbg(drv->ctx, MSG_DEBUG,
6194 "nl80211: MLME command failed (auth): ret=%d (%s)",
6195 ret, strerror(-ret));
6197 if (ret == -EALREADY && count == 1 && params->bssid &&
6198 !params->local_state_change) {
6200 * mac80211 does not currently accept new
6201 * authentication if we are already authenticated. As a
6202 * workaround, force deauthentication and try again.
6204 wpa_printf(MSG_DEBUG, "nl80211: Retry authentication "
6205 "after forced deauthentication");
6206 drv->ignore_deauth_event = 1;
6207 wpa_driver_nl80211_deauthenticate(
6209 WLAN_REASON_PREV_AUTH_NOT_VALID);
6214 if (ret == -ENOENT && params->freq && !is_retry) {
6216 * cfg80211 has likely expired the BSS entry even
6217 * though it was previously available in our internal
6218 * BSS table. To recover quickly, start a single
6219 * channel scan on the specified channel.
6221 struct wpa_driver_scan_params scan;
6224 os_memset(&scan, 0, sizeof(scan));
6227 scan.ssids[0].ssid = params->ssid;
6228 scan.ssids[0].ssid_len = params->ssid_len;
6230 freqs[0] = params->freq;
6233 wpa_printf(MSG_DEBUG, "nl80211: Trigger single "
6234 "channel scan to refresh cfg80211 BSS "
6236 ret = wpa_driver_nl80211_scan(bss, &scan);
6238 nl80211_copy_auth_params(drv, params);
6239 drv->scan_for_auth = 1;
6241 } else if (is_retry) {
6243 * Need to indicate this with an event since the return
6244 * value from the retry is not delivered to core code.
6246 union wpa_event_data event;
6247 wpa_printf(MSG_DEBUG, "nl80211: Authentication retry "
6249 os_memset(&event, 0, sizeof(event));
6250 os_memcpy(event.timeout_event.addr, drv->auth_bssid_,
6252 wpa_supplicant_event(drv->ctx, EVENT_AUTH_TIMED_OUT,
6256 goto nla_put_failure;
6259 wpa_printf(MSG_DEBUG, "nl80211: Authentication request send "
6268 static int wpa_driver_nl80211_authenticate_retry(
6269 struct wpa_driver_nl80211_data *drv)
6271 struct wpa_driver_auth_params params;
6272 struct i802_bss *bss = drv->first_bss;
6275 wpa_printf(MSG_DEBUG, "nl80211: Try to authenticate again");
6277 os_memset(¶ms, 0, sizeof(params));
6278 params.freq = drv->auth_freq;
6279 params.auth_alg = drv->auth_alg;
6280 params.wep_tx_keyidx = drv->auth_wep_tx_keyidx;
6281 params.local_state_change = drv->auth_local_state_change;
6282 params.p2p = drv->auth_p2p;
6284 if (!is_zero_ether_addr(drv->auth_bssid_))
6285 params.bssid = drv->auth_bssid_;
6287 if (drv->auth_ssid_len) {
6288 params.ssid = drv->auth_ssid;
6289 params.ssid_len = drv->auth_ssid_len;
6292 params.ie = drv->auth_ie;
6293 params.ie_len = drv->auth_ie_len;
6295 for (i = 0; i < 4; i++) {
6296 if (drv->auth_wep_key_len[i]) {
6297 params.wep_key[i] = drv->auth_wep_key[i];
6298 params.wep_key_len[i] = drv->auth_wep_key_len[i];
6302 drv->retry_auth = 1;
6303 return wpa_driver_nl80211_authenticate(bss, ¶ms);
6307 struct phy_info_arg {
6309 struct hostapd_hw_modes *modes;
6310 int last_mode, last_chan_idx;
6313 static void phy_info_ht_capa(struct hostapd_hw_modes *mode, struct nlattr *capa,
6314 struct nlattr *ampdu_factor,
6315 struct nlattr *ampdu_density,
6316 struct nlattr *mcs_set)
6319 mode->ht_capab = nla_get_u16(capa);
6322 mode->a_mpdu_params |= nla_get_u8(ampdu_factor) & 0x03;
6325 mode->a_mpdu_params |= nla_get_u8(ampdu_density) << 2;
6327 if (mcs_set && nla_len(mcs_set) >= 16) {
6329 mcs = nla_data(mcs_set);
6330 os_memcpy(mode->mcs_set, mcs, 16);
6335 static void phy_info_vht_capa(struct hostapd_hw_modes *mode,
6336 struct nlattr *capa,
6337 struct nlattr *mcs_set)
6340 mode->vht_capab = nla_get_u32(capa);
6342 if (mcs_set && nla_len(mcs_set) >= 8) {
6344 mcs = nla_data(mcs_set);
6345 os_memcpy(mode->vht_mcs_set, mcs, 8);
6350 static void phy_info_freq(struct hostapd_hw_modes *mode,
6351 struct hostapd_channel_data *chan,
6352 struct nlattr *tb_freq[])
6355 chan->freq = nla_get_u32(tb_freq[NL80211_FREQUENCY_ATTR_FREQ]);
6357 chan->dfs_cac_ms = 0;
6358 if (ieee80211_freq_to_chan(chan->freq, &channel) != NUM_HOSTAPD_MODES)
6359 chan->chan = channel;
6361 if (tb_freq[NL80211_FREQUENCY_ATTR_DISABLED])
6362 chan->flag |= HOSTAPD_CHAN_DISABLED;
6363 if (tb_freq[NL80211_FREQUENCY_ATTR_NO_IR])
6364 chan->flag |= HOSTAPD_CHAN_PASSIVE_SCAN | HOSTAPD_CHAN_NO_IBSS;
6365 if (tb_freq[NL80211_FREQUENCY_ATTR_RADAR])
6366 chan->flag |= HOSTAPD_CHAN_RADAR;
6368 if (tb_freq[NL80211_FREQUENCY_ATTR_DFS_STATE]) {
6369 enum nl80211_dfs_state state =
6370 nla_get_u32(tb_freq[NL80211_FREQUENCY_ATTR_DFS_STATE]);
6373 case NL80211_DFS_USABLE:
6374 chan->flag |= HOSTAPD_CHAN_DFS_USABLE;
6376 case NL80211_DFS_AVAILABLE:
6377 chan->flag |= HOSTAPD_CHAN_DFS_AVAILABLE;
6379 case NL80211_DFS_UNAVAILABLE:
6380 chan->flag |= HOSTAPD_CHAN_DFS_UNAVAILABLE;
6385 if (tb_freq[NL80211_FREQUENCY_ATTR_DFS_CAC_TIME]) {
6386 chan->dfs_cac_ms = nla_get_u32(
6387 tb_freq[NL80211_FREQUENCY_ATTR_DFS_CAC_TIME]);
6392 static int phy_info_freqs(struct phy_info_arg *phy_info,
6393 struct hostapd_hw_modes *mode, struct nlattr *tb)
6395 static struct nla_policy freq_policy[NL80211_FREQUENCY_ATTR_MAX + 1] = {
6396 [NL80211_FREQUENCY_ATTR_FREQ] = { .type = NLA_U32 },
6397 [NL80211_FREQUENCY_ATTR_DISABLED] = { .type = NLA_FLAG },
6398 [NL80211_FREQUENCY_ATTR_NO_IR] = { .type = NLA_FLAG },
6399 [NL80211_FREQUENCY_ATTR_RADAR] = { .type = NLA_FLAG },
6400 [NL80211_FREQUENCY_ATTR_MAX_TX_POWER] = { .type = NLA_U32 },
6401 [NL80211_FREQUENCY_ATTR_DFS_STATE] = { .type = NLA_U32 },
6403 int new_channels = 0;
6404 struct hostapd_channel_data *channel;
6405 struct nlattr *tb_freq[NL80211_FREQUENCY_ATTR_MAX + 1];
6406 struct nlattr *nl_freq;
6412 nla_for_each_nested(nl_freq, tb, rem_freq) {
6413 nla_parse(tb_freq, NL80211_FREQUENCY_ATTR_MAX,
6414 nla_data(nl_freq), nla_len(nl_freq), freq_policy);
6415 if (!tb_freq[NL80211_FREQUENCY_ATTR_FREQ])
6420 channel = os_realloc_array(mode->channels,
6421 mode->num_channels + new_channels,
6422 sizeof(struct hostapd_channel_data));
6426 mode->channels = channel;
6427 mode->num_channels += new_channels;
6429 idx = phy_info->last_chan_idx;
6431 nla_for_each_nested(nl_freq, tb, rem_freq) {
6432 nla_parse(tb_freq, NL80211_FREQUENCY_ATTR_MAX,
6433 nla_data(nl_freq), nla_len(nl_freq), freq_policy);
6434 if (!tb_freq[NL80211_FREQUENCY_ATTR_FREQ])
6436 phy_info_freq(mode, &mode->channels[idx], tb_freq);
6439 phy_info->last_chan_idx = idx;
6445 static int phy_info_rates(struct hostapd_hw_modes *mode, struct nlattr *tb)
6447 static struct nla_policy rate_policy[NL80211_BITRATE_ATTR_MAX + 1] = {
6448 [NL80211_BITRATE_ATTR_RATE] = { .type = NLA_U32 },
6449 [NL80211_BITRATE_ATTR_2GHZ_SHORTPREAMBLE] =
6450 { .type = NLA_FLAG },
6452 struct nlattr *tb_rate[NL80211_BITRATE_ATTR_MAX + 1];
6453 struct nlattr *nl_rate;
6459 nla_for_each_nested(nl_rate, tb, rem_rate) {
6460 nla_parse(tb_rate, NL80211_BITRATE_ATTR_MAX,
6461 nla_data(nl_rate), nla_len(nl_rate),
6463 if (!tb_rate[NL80211_BITRATE_ATTR_RATE])
6468 mode->rates = os_calloc(mode->num_rates, sizeof(int));
6474 nla_for_each_nested(nl_rate, tb, rem_rate) {
6475 nla_parse(tb_rate, NL80211_BITRATE_ATTR_MAX,
6476 nla_data(nl_rate), nla_len(nl_rate),
6478 if (!tb_rate[NL80211_BITRATE_ATTR_RATE])
6480 mode->rates[idx] = nla_get_u32(
6481 tb_rate[NL80211_BITRATE_ATTR_RATE]);
6489 static int phy_info_band(struct phy_info_arg *phy_info, struct nlattr *nl_band)
6491 struct nlattr *tb_band[NL80211_BAND_ATTR_MAX + 1];
6492 struct hostapd_hw_modes *mode;
6495 if (phy_info->last_mode != nl_band->nla_type) {
6496 mode = os_realloc_array(phy_info->modes,
6497 *phy_info->num_modes + 1,
6501 phy_info->modes = mode;
6503 mode = &phy_info->modes[*(phy_info->num_modes)];
6504 os_memset(mode, 0, sizeof(*mode));
6505 mode->mode = NUM_HOSTAPD_MODES;
6506 mode->flags = HOSTAPD_MODE_FLAG_HT_INFO_KNOWN |
6507 HOSTAPD_MODE_FLAG_VHT_INFO_KNOWN;
6510 * Unsupported VHT MCS stream is defined as value 3, so the VHT
6511 * MCS RX/TX map must be initialized with 0xffff to mark all 8
6512 * possible streams as unsupported. This will be overridden if
6513 * driver advertises VHT support.
6515 mode->vht_mcs_set[0] = 0xff;
6516 mode->vht_mcs_set[1] = 0xff;
6517 mode->vht_mcs_set[4] = 0xff;
6518 mode->vht_mcs_set[5] = 0xff;
6520 *(phy_info->num_modes) += 1;
6521 phy_info->last_mode = nl_band->nla_type;
6522 phy_info->last_chan_idx = 0;
6524 mode = &phy_info->modes[*(phy_info->num_modes) - 1];
6526 nla_parse(tb_band, NL80211_BAND_ATTR_MAX, nla_data(nl_band),
6527 nla_len(nl_band), NULL);
6529 phy_info_ht_capa(mode, tb_band[NL80211_BAND_ATTR_HT_CAPA],
6530 tb_band[NL80211_BAND_ATTR_HT_AMPDU_FACTOR],
6531 tb_band[NL80211_BAND_ATTR_HT_AMPDU_DENSITY],
6532 tb_band[NL80211_BAND_ATTR_HT_MCS_SET]);
6533 phy_info_vht_capa(mode, tb_band[NL80211_BAND_ATTR_VHT_CAPA],
6534 tb_band[NL80211_BAND_ATTR_VHT_MCS_SET]);
6535 ret = phy_info_freqs(phy_info, mode, tb_band[NL80211_BAND_ATTR_FREQS]);
6538 ret = phy_info_rates(mode, tb_band[NL80211_BAND_ATTR_RATES]);
6546 static int phy_info_handler(struct nl_msg *msg, void *arg)
6548 struct nlattr *tb_msg[NL80211_ATTR_MAX + 1];
6549 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
6550 struct phy_info_arg *phy_info = arg;
6551 struct nlattr *nl_band;
6554 nla_parse(tb_msg, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
6555 genlmsg_attrlen(gnlh, 0), NULL);
6557 if (!tb_msg[NL80211_ATTR_WIPHY_BANDS])
6560 nla_for_each_nested(nl_band, tb_msg[NL80211_ATTR_WIPHY_BANDS], rem_band)
6562 int res = phy_info_band(phy_info, nl_band);
6571 static struct hostapd_hw_modes *
6572 wpa_driver_nl80211_postprocess_modes(struct hostapd_hw_modes *modes,
6576 struct hostapd_hw_modes *mode11g = NULL, *nmodes, *mode;
6577 int i, mode11g_idx = -1;
6579 /* heuristic to set up modes */
6580 for (m = 0; m < *num_modes; m++) {
6581 if (!modes[m].num_channels)
6583 if (modes[m].channels[0].freq < 4000) {
6584 modes[m].mode = HOSTAPD_MODE_IEEE80211B;
6585 for (i = 0; i < modes[m].num_rates; i++) {
6586 if (modes[m].rates[i] > 200) {
6587 modes[m].mode = HOSTAPD_MODE_IEEE80211G;
6591 } else if (modes[m].channels[0].freq > 50000)
6592 modes[m].mode = HOSTAPD_MODE_IEEE80211AD;
6594 modes[m].mode = HOSTAPD_MODE_IEEE80211A;
6597 /* If only 802.11g mode is included, use it to construct matching
6598 * 802.11b mode data. */
6600 for (m = 0; m < *num_modes; m++) {
6601 if (modes[m].mode == HOSTAPD_MODE_IEEE80211B)
6602 return modes; /* 802.11b already included */
6603 if (modes[m].mode == HOSTAPD_MODE_IEEE80211G)
6607 if (mode11g_idx < 0)
6608 return modes; /* 2.4 GHz band not supported at all */
6610 nmodes = os_realloc_array(modes, *num_modes + 1, sizeof(*nmodes));
6612 return modes; /* Could not add 802.11b mode */
6614 mode = &nmodes[*num_modes];
6615 os_memset(mode, 0, sizeof(*mode));
6619 mode->mode = HOSTAPD_MODE_IEEE80211B;
6621 mode11g = &modes[mode11g_idx];
6622 mode->num_channels = mode11g->num_channels;
6623 mode->channels = os_malloc(mode11g->num_channels *
6624 sizeof(struct hostapd_channel_data));
6625 if (mode->channels == NULL) {
6627 return modes; /* Could not add 802.11b mode */
6629 os_memcpy(mode->channels, mode11g->channels,
6630 mode11g->num_channels * sizeof(struct hostapd_channel_data));
6632 mode->num_rates = 0;
6633 mode->rates = os_malloc(4 * sizeof(int));
6634 if (mode->rates == NULL) {
6635 os_free(mode->channels);
6637 return modes; /* Could not add 802.11b mode */
6640 for (i = 0; i < mode11g->num_rates; i++) {
6641 if (mode11g->rates[i] != 10 && mode11g->rates[i] != 20 &&
6642 mode11g->rates[i] != 55 && mode11g->rates[i] != 110)
6644 mode->rates[mode->num_rates] = mode11g->rates[i];
6646 if (mode->num_rates == 4)
6650 if (mode->num_rates == 0) {
6651 os_free(mode->channels);
6652 os_free(mode->rates);
6654 return modes; /* No 802.11b rates */
6657 wpa_printf(MSG_DEBUG, "nl80211: Added 802.11b mode based on 802.11g "
6664 static void nl80211_set_ht40_mode(struct hostapd_hw_modes *mode, int start,
6669 for (c = 0; c < mode->num_channels; c++) {
6670 struct hostapd_channel_data *chan = &mode->channels[c];
6671 if (chan->freq - 10 >= start && chan->freq + 10 <= end)
6672 chan->flag |= HOSTAPD_CHAN_HT40;
6677 static void nl80211_set_ht40_mode_sec(struct hostapd_hw_modes *mode, int start,
6682 for (c = 0; c < mode->num_channels; c++) {
6683 struct hostapd_channel_data *chan = &mode->channels[c];
6684 if (!(chan->flag & HOSTAPD_CHAN_HT40))
6686 if (chan->freq - 30 >= start && chan->freq - 10 <= end)
6687 chan->flag |= HOSTAPD_CHAN_HT40MINUS;
6688 if (chan->freq + 10 >= start && chan->freq + 30 <= end)
6689 chan->flag |= HOSTAPD_CHAN_HT40PLUS;
6694 static void nl80211_reg_rule_max_eirp(u32 start, u32 end, u32 max_eirp,
6695 struct phy_info_arg *results)
6699 for (m = 0; m < *results->num_modes; m++) {
6701 struct hostapd_hw_modes *mode = &results->modes[m];
6703 for (c = 0; c < mode->num_channels; c++) {
6704 struct hostapd_channel_data *chan = &mode->channels[c];
6705 if ((u32) chan->freq - 10 >= start &&
6706 (u32) chan->freq + 10 <= end)
6707 chan->max_tx_power = max_eirp;
6713 static void nl80211_reg_rule_ht40(u32 start, u32 end,
6714 struct phy_info_arg *results)
6718 for (m = 0; m < *results->num_modes; m++) {
6719 if (!(results->modes[m].ht_capab &
6720 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET))
6722 nl80211_set_ht40_mode(&results->modes[m], start, end);
6727 static void nl80211_reg_rule_sec(struct nlattr *tb[],
6728 struct phy_info_arg *results)
6730 u32 start, end, max_bw;
6733 if (tb[NL80211_ATTR_FREQ_RANGE_START] == NULL ||
6734 tb[NL80211_ATTR_FREQ_RANGE_END] == NULL ||
6735 tb[NL80211_ATTR_FREQ_RANGE_MAX_BW] == NULL)
6738 start = nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_START]) / 1000;
6739 end = nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_END]) / 1000;
6740 max_bw = nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_MAX_BW]) / 1000;
6745 for (m = 0; m < *results->num_modes; m++) {
6746 if (!(results->modes[m].ht_capab &
6747 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET))
6749 nl80211_set_ht40_mode_sec(&results->modes[m], start, end);
6754 static void nl80211_set_vht_mode(struct hostapd_hw_modes *mode, int start,
6759 for (c = 0; c < mode->num_channels; c++) {
6760 struct hostapd_channel_data *chan = &mode->channels[c];
6761 if (chan->freq - 10 >= start && chan->freq + 70 <= end)
6762 chan->flag |= HOSTAPD_CHAN_VHT_10_70;
6764 if (chan->freq - 30 >= start && chan->freq + 50 <= end)
6765 chan->flag |= HOSTAPD_CHAN_VHT_30_50;
6767 if (chan->freq - 50 >= start && chan->freq + 30 <= end)
6768 chan->flag |= HOSTAPD_CHAN_VHT_50_30;
6770 if (chan->freq - 70 >= start && chan->freq + 10 <= end)
6771 chan->flag |= HOSTAPD_CHAN_VHT_70_10;
6776 static void nl80211_reg_rule_vht(struct nlattr *tb[],
6777 struct phy_info_arg *results)
6779 u32 start, end, max_bw;
6782 if (tb[NL80211_ATTR_FREQ_RANGE_START] == NULL ||
6783 tb[NL80211_ATTR_FREQ_RANGE_END] == NULL ||
6784 tb[NL80211_ATTR_FREQ_RANGE_MAX_BW] == NULL)
6787 start = nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_START]) / 1000;
6788 end = nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_END]) / 1000;
6789 max_bw = nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_MAX_BW]) / 1000;
6794 for (m = 0; m < *results->num_modes; m++) {
6795 if (!(results->modes[m].ht_capab &
6796 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET))
6798 /* TODO: use a real VHT support indication */
6799 if (!results->modes[m].vht_capab)
6802 nl80211_set_vht_mode(&results->modes[m], start, end);
6807 static const char * dfs_domain_name(enum nl80211_dfs_regions region)
6810 case NL80211_DFS_UNSET:
6812 case NL80211_DFS_FCC:
6814 case NL80211_DFS_ETSI:
6816 case NL80211_DFS_JP:
6819 return "DFS-invalid";
6824 static int nl80211_get_reg(struct nl_msg *msg, void *arg)
6826 struct phy_info_arg *results = arg;
6827 struct nlattr *tb_msg[NL80211_ATTR_MAX + 1];
6828 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
6829 struct nlattr *nl_rule;
6830 struct nlattr *tb_rule[NL80211_FREQUENCY_ATTR_MAX + 1];
6832 static struct nla_policy reg_policy[NL80211_FREQUENCY_ATTR_MAX + 1] = {
6833 [NL80211_ATTR_REG_RULE_FLAGS] = { .type = NLA_U32 },
6834 [NL80211_ATTR_FREQ_RANGE_START] = { .type = NLA_U32 },
6835 [NL80211_ATTR_FREQ_RANGE_END] = { .type = NLA_U32 },
6836 [NL80211_ATTR_FREQ_RANGE_MAX_BW] = { .type = NLA_U32 },
6837 [NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN] = { .type = NLA_U32 },
6838 [NL80211_ATTR_POWER_RULE_MAX_EIRP] = { .type = NLA_U32 },
6841 nla_parse(tb_msg, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
6842 genlmsg_attrlen(gnlh, 0), NULL);
6843 if (!tb_msg[NL80211_ATTR_REG_ALPHA2] ||
6844 !tb_msg[NL80211_ATTR_REG_RULES]) {
6845 wpa_printf(MSG_DEBUG, "nl80211: No regulatory information "
6850 if (tb_msg[NL80211_ATTR_DFS_REGION]) {
6851 enum nl80211_dfs_regions dfs_domain;
6852 dfs_domain = nla_get_u8(tb_msg[NL80211_ATTR_DFS_REGION]);
6853 wpa_printf(MSG_DEBUG, "nl80211: Regulatory information - country=%s (%s)",
6854 (char *) nla_data(tb_msg[NL80211_ATTR_REG_ALPHA2]),
6855 dfs_domain_name(dfs_domain));
6857 wpa_printf(MSG_DEBUG, "nl80211: Regulatory information - country=%s",
6858 (char *) nla_data(tb_msg[NL80211_ATTR_REG_ALPHA2]));
6861 nla_for_each_nested(nl_rule, tb_msg[NL80211_ATTR_REG_RULES], rem_rule)
6863 u32 start, end, max_eirp = 0, max_bw = 0, flags = 0;
6864 nla_parse(tb_rule, NL80211_FREQUENCY_ATTR_MAX,
6865 nla_data(nl_rule), nla_len(nl_rule), reg_policy);
6866 if (tb_rule[NL80211_ATTR_FREQ_RANGE_START] == NULL ||
6867 tb_rule[NL80211_ATTR_FREQ_RANGE_END] == NULL)
6869 start = nla_get_u32(tb_rule[NL80211_ATTR_FREQ_RANGE_START]) / 1000;
6870 end = nla_get_u32(tb_rule[NL80211_ATTR_FREQ_RANGE_END]) / 1000;
6871 if (tb_rule[NL80211_ATTR_POWER_RULE_MAX_EIRP])
6872 max_eirp = nla_get_u32(tb_rule[NL80211_ATTR_POWER_RULE_MAX_EIRP]) / 100;
6873 if (tb_rule[NL80211_ATTR_FREQ_RANGE_MAX_BW])
6874 max_bw = nla_get_u32(tb_rule[NL80211_ATTR_FREQ_RANGE_MAX_BW]) / 1000;
6875 if (tb_rule[NL80211_ATTR_REG_RULE_FLAGS])
6876 flags = nla_get_u32(tb_rule[NL80211_ATTR_REG_RULE_FLAGS]);
6878 wpa_printf(MSG_DEBUG, "nl80211: %u-%u @ %u MHz %u mBm%s%s%s%s%s%s%s%s",
6879 start, end, max_bw, max_eirp,
6880 flags & NL80211_RRF_NO_OFDM ? " (no OFDM)" : "",
6881 flags & NL80211_RRF_NO_CCK ? " (no CCK)" : "",
6882 flags & NL80211_RRF_NO_INDOOR ? " (no indoor)" : "",
6883 flags & NL80211_RRF_NO_OUTDOOR ? " (no outdoor)" :
6885 flags & NL80211_RRF_DFS ? " (DFS)" : "",
6886 flags & NL80211_RRF_PTP_ONLY ? " (PTP only)" : "",
6887 flags & NL80211_RRF_PTMP_ONLY ? " (PTMP only)" : "",
6888 flags & NL80211_RRF_NO_IR ? " (no IR)" : "");
6890 nl80211_reg_rule_ht40(start, end, results);
6891 if (tb_rule[NL80211_ATTR_POWER_RULE_MAX_EIRP])
6892 nl80211_reg_rule_max_eirp(start, end, max_eirp,
6896 nla_for_each_nested(nl_rule, tb_msg[NL80211_ATTR_REG_RULES], rem_rule)
6898 nla_parse(tb_rule, NL80211_FREQUENCY_ATTR_MAX,
6899 nla_data(nl_rule), nla_len(nl_rule), reg_policy);
6900 nl80211_reg_rule_sec(tb_rule, results);
6903 nla_for_each_nested(nl_rule, tb_msg[NL80211_ATTR_REG_RULES], rem_rule)
6905 nla_parse(tb_rule, NL80211_FREQUENCY_ATTR_MAX,
6906 nla_data(nl_rule), nla_len(nl_rule), reg_policy);
6907 nl80211_reg_rule_vht(tb_rule, results);
6914 static int nl80211_set_regulatory_flags(struct wpa_driver_nl80211_data *drv,
6915 struct phy_info_arg *results)
6919 msg = nlmsg_alloc();
6923 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_REG);
6924 return send_and_recv_msgs(drv, msg, nl80211_get_reg, results);
6928 static struct hostapd_hw_modes *
6929 wpa_driver_nl80211_get_hw_feature_data(void *priv, u16 *num_modes, u16 *flags)
6932 struct i802_bss *bss = priv;
6933 struct wpa_driver_nl80211_data *drv = bss->drv;
6935 struct phy_info_arg result = {
6936 .num_modes = num_modes,
6944 msg = nlmsg_alloc();
6948 feat = get_nl80211_protocol_features(drv);
6949 if (feat & NL80211_PROTOCOL_FEATURE_SPLIT_WIPHY_DUMP)
6950 nl80211_cmd(drv, msg, NLM_F_DUMP, NL80211_CMD_GET_WIPHY);
6952 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_WIPHY);
6954 NLA_PUT_FLAG(msg, NL80211_ATTR_SPLIT_WIPHY_DUMP);
6955 if (nl80211_set_iface_id(msg, bss) < 0)
6956 goto nla_put_failure;
6958 if (send_and_recv_msgs(drv, msg, phy_info_handler, &result) == 0) {
6959 nl80211_set_regulatory_flags(drv, &result);
6960 return wpa_driver_nl80211_postprocess_modes(result.modes,
6970 static int wpa_driver_nl80211_send_mntr(struct wpa_driver_nl80211_data *drv,
6971 const void *data, size_t len,
6972 int encrypt, int noack)
6975 0x00, 0x00, /* radiotap version */
6976 0x0e, 0x00, /* radiotap length */
6977 0x02, 0xc0, 0x00, 0x00, /* bmap: flags, tx and rx flags */
6978 IEEE80211_RADIOTAP_F_FRAG, /* F_FRAG (fragment if required) */
6980 0x00, 0x00, /* RX and TX flags to indicate that */
6981 0x00, 0x00, /* this is the injected frame directly */
6983 struct iovec iov[2] = {
6985 .iov_base = &rtap_hdr,
6986 .iov_len = sizeof(rtap_hdr),
6989 .iov_base = (void *) data,
6993 struct msghdr msg = {
6998 .msg_control = NULL,
6999 .msg_controllen = 0,
7006 rtap_hdr[8] |= IEEE80211_RADIOTAP_F_WEP;
7008 if (drv->monitor_sock < 0) {
7009 wpa_printf(MSG_DEBUG, "nl80211: No monitor socket available "
7010 "for %s", __func__);
7015 txflags |= IEEE80211_RADIOTAP_F_TX_NOACK;
7016 WPA_PUT_LE16(&rtap_hdr[12], txflags);
7018 res = sendmsg(drv->monitor_sock, &msg, 0);
7020 wpa_printf(MSG_INFO, "nl80211: sendmsg: %s", strerror(errno));
7027 static int wpa_driver_nl80211_send_frame(struct i802_bss *bss,
7028 const void *data, size_t len,
7029 int encrypt, int noack,
7030 unsigned int freq, int no_cck,
7031 int offchanok, unsigned int wait_time)
7033 struct wpa_driver_nl80211_data *drv = bss->drv;
7037 if (freq == 0 && drv->nlmode == NL80211_IFTYPE_ADHOC) {
7038 freq = nl80211_get_assoc_freq(drv);
7039 wpa_printf(MSG_DEBUG,
7040 "nl80211: send_frame - Use assoc_freq=%u for IBSS",
7044 wpa_printf(MSG_DEBUG, "nl80211: send_frame - Use bss->freq=%u",
7049 if (drv->use_monitor) {
7050 wpa_printf(MSG_DEBUG, "nl80211: send_frame(freq=%u bss->freq=%u) -> send_mntr",
7052 return wpa_driver_nl80211_send_mntr(drv, data, len,
7056 wpa_printf(MSG_DEBUG, "nl80211: send_frame -> send_frame_cmd");
7057 res = nl80211_send_frame_cmd(bss, freq, wait_time, data, len,
7058 &cookie, no_cck, noack, offchanok);
7059 if (res == 0 && !noack) {
7060 const struct ieee80211_mgmt *mgmt;
7063 mgmt = (const struct ieee80211_mgmt *) data;
7064 fc = le_to_host16(mgmt->frame_control);
7065 if (WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT &&
7066 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_ACTION) {
7067 wpa_printf(MSG_MSGDUMP,
7068 "nl80211: Update send_action_cookie from 0x%llx to 0x%llx",
7069 (long long unsigned int)
7070 drv->send_action_cookie,
7071 (long long unsigned int) cookie);
7072 drv->send_action_cookie = cookie;
7080 static int wpa_driver_nl80211_send_mlme(struct i802_bss *bss, const u8 *data,
7081 size_t data_len, int noack,
7082 unsigned int freq, int no_cck,
7084 unsigned int wait_time)
7086 struct wpa_driver_nl80211_data *drv = bss->drv;
7087 struct ieee80211_mgmt *mgmt;
7091 mgmt = (struct ieee80211_mgmt *) data;
7092 fc = le_to_host16(mgmt->frame_control);
7093 wpa_printf(MSG_DEBUG, "nl80211: send_mlme - da= " MACSTR
7094 " noack=%d freq=%u no_cck=%d offchanok=%d wait_time=%u fc=0x%x (%s) nlmode=%d",
7095 MAC2STR(mgmt->da), noack, freq, no_cck, offchanok, wait_time,
7096 fc, fc2str(fc), drv->nlmode);
7098 if ((is_sta_interface(drv->nlmode) ||
7099 drv->nlmode == NL80211_IFTYPE_P2P_DEVICE) &&
7100 WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT &&
7101 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_PROBE_RESP) {
7103 * The use of last_mgmt_freq is a bit of a hack,
7104 * but it works due to the single-threaded nature
7105 * of wpa_supplicant.
7108 wpa_printf(MSG_DEBUG, "nl80211: Use last_mgmt_freq=%d",
7109 drv->last_mgmt_freq);
7110 freq = drv->last_mgmt_freq;
7112 return nl80211_send_frame_cmd(bss, freq, 0,
7113 data, data_len, NULL, 1, noack,
7117 if (drv->device_ap_sme && is_ap_interface(drv->nlmode)) {
7119 wpa_printf(MSG_DEBUG, "nl80211: Use bss->freq=%d",
7123 return nl80211_send_frame_cmd(bss, freq,
7124 (int) freq == bss->freq ? 0 :
7127 &drv->send_action_cookie,
7128 no_cck, noack, offchanok);
7131 if (WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT &&
7132 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_AUTH) {
7134 * Only one of the authentication frame types is encrypted.
7135 * In order for static WEP encryption to work properly (i.e.,
7136 * to not encrypt the frame), we need to tell mac80211 about
7137 * the frames that must not be encrypted.
7139 u16 auth_alg = le_to_host16(mgmt->u.auth.auth_alg);
7140 u16 auth_trans = le_to_host16(mgmt->u.auth.auth_transaction);
7141 if (auth_alg != WLAN_AUTH_SHARED_KEY || auth_trans != 3)
7145 wpa_printf(MSG_DEBUG, "nl80211: send_mlme -> send_frame");
7146 return wpa_driver_nl80211_send_frame(bss, data, data_len, encrypt,
7147 noack, freq, no_cck, offchanok,
7152 static int nl80211_set_bss(struct i802_bss *bss, int cts, int preamble,
7153 int slot, int ht_opmode, int ap_isolate,
7156 struct wpa_driver_nl80211_data *drv = bss->drv;
7159 msg = nlmsg_alloc();
7163 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_BSS);
7166 NLA_PUT_U8(msg, NL80211_ATTR_BSS_CTS_PROT, cts);
7168 NLA_PUT_U8(msg, NL80211_ATTR_BSS_SHORT_PREAMBLE, preamble);
7170 NLA_PUT_U8(msg, NL80211_ATTR_BSS_SHORT_SLOT_TIME, slot);
7172 NLA_PUT_U16(msg, NL80211_ATTR_BSS_HT_OPMODE, ht_opmode);
7173 if (ap_isolate >= 0)
7174 NLA_PUT_U8(msg, NL80211_ATTR_AP_ISOLATE, ap_isolate);
7177 u8 rates[NL80211_MAX_SUPP_RATES];
7181 for (i = 0; i < NL80211_MAX_SUPP_RATES && basic_rates[i] >= 0;
7183 rates[rates_len++] = basic_rates[i] / 5;
7185 NLA_PUT(msg, NL80211_ATTR_BSS_BASIC_RATES, rates_len, rates);
7188 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(bss->ifname));
7190 return send_and_recv_msgs(drv, msg, NULL, NULL);
7197 static int wpa_driver_nl80211_set_acl(void *priv,
7198 struct hostapd_acl_params *params)
7200 struct i802_bss *bss = priv;
7201 struct wpa_driver_nl80211_data *drv = bss->drv;
7207 if (!(drv->capa.max_acl_mac_addrs))
7210 if (params->num_mac_acl > drv->capa.max_acl_mac_addrs)
7213 msg = nlmsg_alloc();
7217 wpa_printf(MSG_DEBUG, "nl80211: Set %s ACL (num_mac_acl=%u)",
7218 params->acl_policy ? "Accept" : "Deny", params->num_mac_acl);
7220 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_MAC_ACL);
7222 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
7224 NLA_PUT_U32(msg, NL80211_ATTR_ACL_POLICY, params->acl_policy ?
7225 NL80211_ACL_POLICY_DENY_UNLESS_LISTED :
7226 NL80211_ACL_POLICY_ACCEPT_UNLESS_LISTED);
7228 acl = nla_nest_start(msg, NL80211_ATTR_MAC_ADDRS);
7230 goto nla_put_failure;
7232 for (i = 0; i < params->num_mac_acl; i++)
7233 NLA_PUT(msg, i + 1, ETH_ALEN, params->mac_acl[i].addr);
7235 nla_nest_end(msg, acl);
7237 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
7240 wpa_printf(MSG_DEBUG, "nl80211: Failed to set MAC ACL: %d (%s)",
7241 ret, strerror(-ret));
7251 static int wpa_driver_nl80211_set_ap(void *priv,
7252 struct wpa_driver_ap_params *params)
7254 struct i802_bss *bss = priv;
7255 struct wpa_driver_nl80211_data *drv = bss->drv;
7257 u8 cmd = NL80211_CMD_NEW_BEACON;
7260 int ifindex = if_nametoindex(bss->ifname);
7262 u32 suites[10], suite;
7265 beacon_set = bss->beacon_set;
7267 msg = nlmsg_alloc();
7271 wpa_printf(MSG_DEBUG, "nl80211: Set beacon (beacon_set=%d)",
7274 cmd = NL80211_CMD_SET_BEACON;
7276 nl80211_cmd(drv, msg, 0, cmd);
7277 wpa_hexdump(MSG_DEBUG, "nl80211: Beacon head",
7278 params->head, params->head_len);
7279 NLA_PUT(msg, NL80211_ATTR_BEACON_HEAD, params->head_len, params->head);
7280 wpa_hexdump(MSG_DEBUG, "nl80211: Beacon tail",
7281 params->tail, params->tail_len);
7282 NLA_PUT(msg, NL80211_ATTR_BEACON_TAIL, params->tail_len, params->tail);
7283 wpa_printf(MSG_DEBUG, "nl80211: ifindex=%d", ifindex);
7284 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifindex);
7285 wpa_printf(MSG_DEBUG, "nl80211: beacon_int=%d", params->beacon_int);
7286 NLA_PUT_U32(msg, NL80211_ATTR_BEACON_INTERVAL, params->beacon_int);
7287 wpa_printf(MSG_DEBUG, "nl80211: dtim_period=%d", params->dtim_period);
7288 NLA_PUT_U32(msg, NL80211_ATTR_DTIM_PERIOD, params->dtim_period);
7289 wpa_hexdump_ascii(MSG_DEBUG, "nl80211: ssid",
7290 params->ssid, params->ssid_len);
7291 NLA_PUT(msg, NL80211_ATTR_SSID, params->ssid_len,
7293 if (params->proberesp && params->proberesp_len) {
7294 wpa_hexdump(MSG_DEBUG, "nl80211: proberesp (offload)",
7295 params->proberesp, params->proberesp_len);
7296 NLA_PUT(msg, NL80211_ATTR_PROBE_RESP, params->proberesp_len,
7299 switch (params->hide_ssid) {
7300 case NO_SSID_HIDING:
7301 wpa_printf(MSG_DEBUG, "nl80211: hidden SSID not in use");
7302 NLA_PUT_U32(msg, NL80211_ATTR_HIDDEN_SSID,
7303 NL80211_HIDDEN_SSID_NOT_IN_USE);
7305 case HIDDEN_SSID_ZERO_LEN:
7306 wpa_printf(MSG_DEBUG, "nl80211: hidden SSID zero len");
7307 NLA_PUT_U32(msg, NL80211_ATTR_HIDDEN_SSID,
7308 NL80211_HIDDEN_SSID_ZERO_LEN);
7310 case HIDDEN_SSID_ZERO_CONTENTS:
7311 wpa_printf(MSG_DEBUG, "nl80211: hidden SSID zero contents");
7312 NLA_PUT_U32(msg, NL80211_ATTR_HIDDEN_SSID,
7313 NL80211_HIDDEN_SSID_ZERO_CONTENTS);
7316 wpa_printf(MSG_DEBUG, "nl80211: privacy=%d", params->privacy);
7317 if (params->privacy)
7318 NLA_PUT_FLAG(msg, NL80211_ATTR_PRIVACY);
7319 wpa_printf(MSG_DEBUG, "nl80211: auth_algs=0x%x", params->auth_algs);
7320 if ((params->auth_algs & (WPA_AUTH_ALG_OPEN | WPA_AUTH_ALG_SHARED)) ==
7321 (WPA_AUTH_ALG_OPEN | WPA_AUTH_ALG_SHARED)) {
7322 /* Leave out the attribute */
7323 } else if (params->auth_algs & WPA_AUTH_ALG_SHARED)
7324 NLA_PUT_U32(msg, NL80211_ATTR_AUTH_TYPE,
7325 NL80211_AUTHTYPE_SHARED_KEY);
7327 NLA_PUT_U32(msg, NL80211_ATTR_AUTH_TYPE,
7328 NL80211_AUTHTYPE_OPEN_SYSTEM);
7330 wpa_printf(MSG_DEBUG, "nl80211: wpa_version=0x%x", params->wpa_version);
7332 if (params->wpa_version & WPA_PROTO_WPA)
7333 ver |= NL80211_WPA_VERSION_1;
7334 if (params->wpa_version & WPA_PROTO_RSN)
7335 ver |= NL80211_WPA_VERSION_2;
7337 NLA_PUT_U32(msg, NL80211_ATTR_WPA_VERSIONS, ver);
7339 wpa_printf(MSG_DEBUG, "nl80211: key_mgmt_suites=0x%x",
7340 params->key_mgmt_suites);
7342 if (params->key_mgmt_suites & WPA_KEY_MGMT_IEEE8021X)
7343 suites[num_suites++] = WLAN_AKM_SUITE_8021X;
7344 if (params->key_mgmt_suites & WPA_KEY_MGMT_PSK)
7345 suites[num_suites++] = WLAN_AKM_SUITE_PSK;
7347 NLA_PUT(msg, NL80211_ATTR_AKM_SUITES,
7348 num_suites * sizeof(u32), suites);
7351 if (params->key_mgmt_suites & WPA_KEY_MGMT_IEEE8021X &&
7352 params->pairwise_ciphers & (WPA_CIPHER_WEP104 | WPA_CIPHER_WEP40))
7353 NLA_PUT_FLAG(msg, NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT);
7355 wpa_printf(MSG_DEBUG, "nl80211: pairwise_ciphers=0x%x",
7356 params->pairwise_ciphers);
7357 num_suites = wpa_cipher_to_cipher_suites(params->pairwise_ciphers,
7358 suites, ARRAY_SIZE(suites));
7360 NLA_PUT(msg, NL80211_ATTR_CIPHER_SUITES_PAIRWISE,
7361 num_suites * sizeof(u32), suites);
7364 wpa_printf(MSG_DEBUG, "nl80211: group_cipher=0x%x",
7365 params->group_cipher);
7366 suite = wpa_cipher_to_cipher_suite(params->group_cipher);
7368 NLA_PUT_U32(msg, NL80211_ATTR_CIPHER_SUITE_GROUP, suite);
7370 if (params->beacon_ies) {
7371 wpa_hexdump_buf(MSG_DEBUG, "nl80211: beacon_ies",
7372 params->beacon_ies);
7373 NLA_PUT(msg, NL80211_ATTR_IE, wpabuf_len(params->beacon_ies),
7374 wpabuf_head(params->beacon_ies));
7376 if (params->proberesp_ies) {
7377 wpa_hexdump_buf(MSG_DEBUG, "nl80211: proberesp_ies",
7378 params->proberesp_ies);
7379 NLA_PUT(msg, NL80211_ATTR_IE_PROBE_RESP,
7380 wpabuf_len(params->proberesp_ies),
7381 wpabuf_head(params->proberesp_ies));
7383 if (params->assocresp_ies) {
7384 wpa_hexdump_buf(MSG_DEBUG, "nl80211: assocresp_ies",
7385 params->assocresp_ies);
7386 NLA_PUT(msg, NL80211_ATTR_IE_ASSOC_RESP,
7387 wpabuf_len(params->assocresp_ies),
7388 wpabuf_head(params->assocresp_ies));
7391 if (drv->capa.flags & WPA_DRIVER_FLAGS_INACTIVITY_TIMER) {
7392 wpa_printf(MSG_DEBUG, "nl80211: ap_max_inactivity=%d",
7393 params->ap_max_inactivity);
7394 NLA_PUT_U16(msg, NL80211_ATTR_INACTIVITY_TIMEOUT,
7395 params->ap_max_inactivity);
7398 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
7400 wpa_printf(MSG_DEBUG, "nl80211: Beacon set failed: %d (%s)",
7401 ret, strerror(-ret));
7403 bss->beacon_set = 1;
7404 nl80211_set_bss(bss, params->cts_protect, params->preamble,
7405 params->short_slot_time, params->ht_opmode,
7406 params->isolate, params->basic_rates);
7407 if (beacon_set && params->freq &&
7408 params->freq->bandwidth != bss->bandwidth) {
7409 wpa_printf(MSG_DEBUG,
7410 "nl80211: Update BSS %s bandwidth: %d -> %d",
7411 bss->ifname, bss->bandwidth,
7412 params->freq->bandwidth);
7413 ret = nl80211_set_channel(bss, params->freq, 1);
7415 wpa_printf(MSG_DEBUG,
7416 "nl80211: Frequency set failed: %d (%s)",
7417 ret, strerror(-ret));
7419 wpa_printf(MSG_DEBUG,
7420 "nl80211: Frequency set succeeded for ht2040 coex");
7421 bss->bandwidth = params->freq->bandwidth;
7423 } else if (!beacon_set) {
7425 * cfg80211 updates the driver on frequence change in AP
7426 * mode only at the point when beaconing is started, so
7427 * set the initial value here.
7429 bss->bandwidth = params->freq->bandwidth;
7439 static int nl80211_put_freq_params(struct nl_msg *msg,
7440 struct hostapd_freq_params *freq)
7442 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, freq->freq);
7443 if (freq->vht_enabled) {
7444 switch (freq->bandwidth) {
7446 NLA_PUT_U32(msg, NL80211_ATTR_CHANNEL_WIDTH,
7447 NL80211_CHAN_WIDTH_20);
7450 NLA_PUT_U32(msg, NL80211_ATTR_CHANNEL_WIDTH,
7451 NL80211_CHAN_WIDTH_40);
7454 if (freq->center_freq2)
7455 NLA_PUT_U32(msg, NL80211_ATTR_CHANNEL_WIDTH,
7456 NL80211_CHAN_WIDTH_80P80);
7458 NLA_PUT_U32(msg, NL80211_ATTR_CHANNEL_WIDTH,
7459 NL80211_CHAN_WIDTH_80);
7462 NLA_PUT_U32(msg, NL80211_ATTR_CHANNEL_WIDTH,
7463 NL80211_CHAN_WIDTH_160);
7468 NLA_PUT_U32(msg, NL80211_ATTR_CENTER_FREQ1, freq->center_freq1);
7469 if (freq->center_freq2)
7470 NLA_PUT_U32(msg, NL80211_ATTR_CENTER_FREQ2,
7471 freq->center_freq2);
7472 } else if (freq->ht_enabled) {
7473 switch (freq->sec_channel_offset) {
7475 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE,
7476 NL80211_CHAN_HT40MINUS);
7479 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE,
7480 NL80211_CHAN_HT40PLUS);
7483 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE,
7495 static int nl80211_set_channel(struct i802_bss *bss,
7496 struct hostapd_freq_params *freq, int set_chan)
7498 struct wpa_driver_nl80211_data *drv = bss->drv;
7502 wpa_printf(MSG_DEBUG,
7503 "nl80211: Set freq %d (ht_enabled=%d, vht_enabled=%d, bandwidth=%d MHz, cf1=%d MHz, cf2=%d MHz)",
7504 freq->freq, freq->ht_enabled, freq->vht_enabled,
7505 freq->bandwidth, freq->center_freq1, freq->center_freq2);
7506 msg = nlmsg_alloc();
7510 nl80211_cmd(drv, msg, 0, set_chan ? NL80211_CMD_SET_CHANNEL :
7511 NL80211_CMD_SET_WIPHY);
7513 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
7514 if (nl80211_put_freq_params(msg, freq) < 0)
7515 goto nla_put_failure;
7517 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
7520 bss->freq = freq->freq;
7523 wpa_printf(MSG_DEBUG, "nl80211: Failed to set channel (freq=%d): "
7524 "%d (%s)", freq->freq, ret, strerror(-ret));
7531 static u32 sta_flags_nl80211(int flags)
7535 if (flags & WPA_STA_AUTHORIZED)
7536 f |= BIT(NL80211_STA_FLAG_AUTHORIZED);
7537 if (flags & WPA_STA_WMM)
7538 f |= BIT(NL80211_STA_FLAG_WME);
7539 if (flags & WPA_STA_SHORT_PREAMBLE)
7540 f |= BIT(NL80211_STA_FLAG_SHORT_PREAMBLE);
7541 if (flags & WPA_STA_MFP)
7542 f |= BIT(NL80211_STA_FLAG_MFP);
7543 if (flags & WPA_STA_TDLS_PEER)
7544 f |= BIT(NL80211_STA_FLAG_TDLS_PEER);
7550 static int wpa_driver_nl80211_sta_add(void *priv,
7551 struct hostapd_sta_add_params *params)
7553 struct i802_bss *bss = priv;
7554 struct wpa_driver_nl80211_data *drv = bss->drv;
7556 struct nl80211_sta_flag_update upd;
7559 if ((params->flags & WPA_STA_TDLS_PEER) &&
7560 !(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT))
7563 msg = nlmsg_alloc();
7567 wpa_printf(MSG_DEBUG, "nl80211: %s STA " MACSTR,
7568 params->set ? "Set" : "Add", MAC2STR(params->addr));
7569 nl80211_cmd(drv, msg, 0, params->set ? NL80211_CMD_SET_STATION :
7570 NL80211_CMD_NEW_STATION);
7572 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(bss->ifname));
7573 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, params->addr);
7574 NLA_PUT(msg, NL80211_ATTR_STA_SUPPORTED_RATES, params->supp_rates_len,
7575 params->supp_rates);
7576 wpa_hexdump(MSG_DEBUG, " * supported rates", params->supp_rates,
7577 params->supp_rates_len);
7580 wpa_printf(MSG_DEBUG, " * aid=%u", params->aid);
7581 NLA_PUT_U16(msg, NL80211_ATTR_STA_AID, params->aid);
7584 * cfg80211 validates that AID is non-zero, so we have
7585 * to make this a non-zero value for the TDLS case where
7586 * a dummy STA entry is used for now.
7588 wpa_printf(MSG_DEBUG, " * aid=1 (TDLS workaround)");
7589 NLA_PUT_U16(msg, NL80211_ATTR_STA_AID, 1);
7591 wpa_printf(MSG_DEBUG, " * listen_interval=%u",
7592 params->listen_interval);
7593 NLA_PUT_U16(msg, NL80211_ATTR_STA_LISTEN_INTERVAL,
7594 params->listen_interval);
7595 } else if (params->aid && (params->flags & WPA_STA_TDLS_PEER)) {
7596 wpa_printf(MSG_DEBUG, " * peer_aid=%u", params->aid);
7597 NLA_PUT_U16(msg, NL80211_ATTR_PEER_AID, params->aid);
7599 if (params->ht_capabilities) {
7600 wpa_hexdump(MSG_DEBUG, " * ht_capabilities",
7601 (u8 *) params->ht_capabilities,
7602 sizeof(*params->ht_capabilities));
7603 NLA_PUT(msg, NL80211_ATTR_HT_CAPABILITY,
7604 sizeof(*params->ht_capabilities),
7605 params->ht_capabilities);
7608 if (params->vht_capabilities) {
7609 wpa_hexdump(MSG_DEBUG, " * vht_capabilities",
7610 (u8 *) params->vht_capabilities,
7611 sizeof(*params->vht_capabilities));
7612 NLA_PUT(msg, NL80211_ATTR_VHT_CAPABILITY,
7613 sizeof(*params->vht_capabilities),
7614 params->vht_capabilities);
7617 if (params->vht_opmode_enabled) {
7618 wpa_printf(MSG_DEBUG, " * opmode=%u", params->vht_opmode);
7619 NLA_PUT_U8(msg, NL80211_ATTR_OPMODE_NOTIF,
7620 params->vht_opmode);
7623 wpa_printf(MSG_DEBUG, " * capability=0x%x", params->capability);
7624 NLA_PUT_U16(msg, NL80211_ATTR_STA_CAPABILITY, params->capability);
7626 if (params->ext_capab) {
7627 wpa_hexdump(MSG_DEBUG, " * ext_capab",
7628 params->ext_capab, params->ext_capab_len);
7629 NLA_PUT(msg, NL80211_ATTR_STA_EXT_CAPABILITY,
7630 params->ext_capab_len, params->ext_capab);
7633 if (params->supp_channels) {
7634 wpa_hexdump(MSG_DEBUG, " * supported channels",
7635 params->supp_channels, params->supp_channels_len);
7636 NLA_PUT(msg, NL80211_ATTR_STA_SUPPORTED_CHANNELS,
7637 params->supp_channels_len, params->supp_channels);
7640 if (params->supp_oper_classes) {
7641 wpa_hexdump(MSG_DEBUG, " * supported operating classes",
7642 params->supp_oper_classes,
7643 params->supp_oper_classes_len);
7644 NLA_PUT(msg, NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES,
7645 params->supp_oper_classes_len,
7646 params->supp_oper_classes);
7649 os_memset(&upd, 0, sizeof(upd));
7650 upd.mask = sta_flags_nl80211(params->flags);
7652 wpa_printf(MSG_DEBUG, " * flags set=0x%x mask=0x%x",
7654 NLA_PUT(msg, NL80211_ATTR_STA_FLAGS2, sizeof(upd), &upd);
7656 if (params->flags & WPA_STA_WMM) {
7657 struct nlattr *wme = nla_nest_start(msg, NL80211_ATTR_STA_WME);
7660 goto nla_put_failure;
7662 wpa_printf(MSG_DEBUG, " * qosinfo=0x%x", params->qosinfo);
7663 NLA_PUT_U8(msg, NL80211_STA_WME_UAPSD_QUEUES,
7664 params->qosinfo & WMM_QOSINFO_STA_AC_MASK);
7665 NLA_PUT_U8(msg, NL80211_STA_WME_MAX_SP,
7666 (params->qosinfo >> WMM_QOSINFO_STA_SP_SHIFT) &
7667 WMM_QOSINFO_STA_SP_MASK);
7668 nla_nest_end(msg, wme);
7671 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
7674 wpa_printf(MSG_DEBUG, "nl80211: NL80211_CMD_%s_STATION "
7675 "result: %d (%s)", params->set ? "SET" : "NEW", ret,
7685 static int wpa_driver_nl80211_sta_remove(struct i802_bss *bss, const u8 *addr)
7687 struct wpa_driver_nl80211_data *drv = bss->drv;
7691 msg = nlmsg_alloc();
7695 nl80211_cmd(drv, msg, 0, NL80211_CMD_DEL_STATION);
7697 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
7698 if_nametoindex(bss->ifname));
7699 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
7701 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
7702 wpa_printf(MSG_DEBUG, "nl80211: sta_remove -> DEL_STATION %s " MACSTR
7704 bss->ifname, MAC2STR(addr), ret, strerror(-ret));
7714 static void nl80211_remove_iface(struct wpa_driver_nl80211_data *drv,
7718 struct wpa_driver_nl80211_data *drv2;
7720 wpa_printf(MSG_DEBUG, "nl80211: Remove interface ifindex=%d", ifidx);
7722 /* stop listening for EAPOL on this interface */
7723 dl_list_for_each(drv2, &drv->global->interfaces,
7724 struct wpa_driver_nl80211_data, list)
7725 del_ifidx(drv2, ifidx);
7727 msg = nlmsg_alloc();
7729 goto nla_put_failure;
7731 nl80211_cmd(drv, msg, 0, NL80211_CMD_DEL_INTERFACE);
7732 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifidx);
7734 if (send_and_recv_msgs(drv, msg, NULL, NULL) == 0)
7739 wpa_printf(MSG_ERROR, "Failed to remove interface (ifidx=%d)", ifidx);
7743 static const char * nl80211_iftype_str(enum nl80211_iftype mode)
7746 case NL80211_IFTYPE_ADHOC:
7748 case NL80211_IFTYPE_STATION:
7750 case NL80211_IFTYPE_AP:
7752 case NL80211_IFTYPE_AP_VLAN:
7754 case NL80211_IFTYPE_WDS:
7756 case NL80211_IFTYPE_MONITOR:
7758 case NL80211_IFTYPE_MESH_POINT:
7759 return "MESH_POINT";
7760 case NL80211_IFTYPE_P2P_CLIENT:
7761 return "P2P_CLIENT";
7762 case NL80211_IFTYPE_P2P_GO:
7764 case NL80211_IFTYPE_P2P_DEVICE:
7765 return "P2P_DEVICE";
7772 static int nl80211_create_iface_once(struct wpa_driver_nl80211_data *drv,
7774 enum nl80211_iftype iftype,
7775 const u8 *addr, int wds,
7776 int (*handler)(struct nl_msg *, void *),
7783 wpa_printf(MSG_DEBUG, "nl80211: Create interface iftype %d (%s)",
7784 iftype, nl80211_iftype_str(iftype));
7786 msg = nlmsg_alloc();
7790 nl80211_cmd(drv, msg, 0, NL80211_CMD_NEW_INTERFACE);
7791 if (nl80211_set_iface_id(msg, drv->first_bss) < 0)
7792 goto nla_put_failure;
7793 NLA_PUT_STRING(msg, NL80211_ATTR_IFNAME, ifname);
7794 NLA_PUT_U32(msg, NL80211_ATTR_IFTYPE, iftype);
7796 if (iftype == NL80211_IFTYPE_MONITOR) {
7797 struct nlattr *flags;
7799 flags = nla_nest_start(msg, NL80211_ATTR_MNTR_FLAGS);
7801 goto nla_put_failure;
7803 NLA_PUT_FLAG(msg, NL80211_MNTR_FLAG_COOK_FRAMES);
7805 nla_nest_end(msg, flags);
7807 NLA_PUT_U8(msg, NL80211_ATTR_4ADDR, wds);
7811 * Tell cfg80211 that the interface belongs to the socket that created
7812 * it, and the interface should be deleted when the socket is closed.
7814 NLA_PUT_FLAG(msg, NL80211_ATTR_IFACE_SOCKET_OWNER);
7816 ret = send_and_recv_msgs(drv, msg, handler, arg);
7821 wpa_printf(MSG_ERROR, "Failed to create interface %s: %d (%s)",
7822 ifname, ret, strerror(-ret));
7826 if (iftype == NL80211_IFTYPE_P2P_DEVICE)
7829 ifidx = if_nametoindex(ifname);
7830 wpa_printf(MSG_DEBUG, "nl80211: New interface %s created: ifindex=%d",
7837 * Some virtual interfaces need to process EAPOL packets and events on
7838 * the parent interface. This is used mainly with hostapd.
7841 iftype == NL80211_IFTYPE_AP_VLAN ||
7842 iftype == NL80211_IFTYPE_WDS ||
7843 iftype == NL80211_IFTYPE_MONITOR) {
7844 /* start listening for EAPOL on this interface */
7845 add_ifidx(drv, ifidx);
7848 if (addr && iftype != NL80211_IFTYPE_MONITOR &&
7849 linux_set_ifhwaddr(drv->global->ioctl_sock, ifname, addr)) {
7850 nl80211_remove_iface(drv, ifidx);
7858 static int nl80211_create_iface(struct wpa_driver_nl80211_data *drv,
7859 const char *ifname, enum nl80211_iftype iftype,
7860 const u8 *addr, int wds,
7861 int (*handler)(struct nl_msg *, void *),
7862 void *arg, int use_existing)
7866 ret = nl80211_create_iface_once(drv, ifname, iftype, addr, wds, handler,
7869 /* if error occurred and interface exists already */
7870 if (ret == -ENFILE && if_nametoindex(ifname)) {
7872 wpa_printf(MSG_DEBUG, "nl80211: Continue using existing interface %s",
7874 if (addr && iftype != NL80211_IFTYPE_MONITOR &&
7875 linux_set_ifhwaddr(drv->global->ioctl_sock, ifname,
7877 (linux_set_iface_flags(drv->global->ioctl_sock,
7879 linux_set_ifhwaddr(drv->global->ioctl_sock, ifname,
7881 linux_set_iface_flags(drv->global->ioctl_sock,
7886 wpa_printf(MSG_INFO, "Try to remove and re-create %s", ifname);
7888 /* Try to remove the interface that was already there. */
7889 nl80211_remove_iface(drv, if_nametoindex(ifname));
7891 /* Try to create the interface again */
7892 ret = nl80211_create_iface_once(drv, ifname, iftype, addr,
7896 if (ret >= 0 && is_p2p_net_interface(iftype))
7897 nl80211_disable_11b_rates(drv, ret, 1);
7903 static void handle_tx_callback(void *ctx, u8 *buf, size_t len, int ok)
7905 struct ieee80211_hdr *hdr;
7907 union wpa_event_data event;
7909 hdr = (struct ieee80211_hdr *) buf;
7910 fc = le_to_host16(hdr->frame_control);
7912 os_memset(&event, 0, sizeof(event));
7913 event.tx_status.type = WLAN_FC_GET_TYPE(fc);
7914 event.tx_status.stype = WLAN_FC_GET_STYPE(fc);
7915 event.tx_status.dst = hdr->addr1;
7916 event.tx_status.data = buf;
7917 event.tx_status.data_len = len;
7918 event.tx_status.ack = ok;
7919 wpa_supplicant_event(ctx, EVENT_TX_STATUS, &event);
7923 static void from_unknown_sta(struct wpa_driver_nl80211_data *drv,
7924 u8 *buf, size_t len)
7926 struct ieee80211_hdr *hdr = (void *)buf;
7928 union wpa_event_data event;
7930 if (len < sizeof(*hdr))
7933 fc = le_to_host16(hdr->frame_control);
7935 os_memset(&event, 0, sizeof(event));
7936 event.rx_from_unknown.bssid = get_hdr_bssid(hdr, len);
7937 event.rx_from_unknown.addr = hdr->addr2;
7938 event.rx_from_unknown.wds = (fc & (WLAN_FC_FROMDS | WLAN_FC_TODS)) ==
7939 (WLAN_FC_FROMDS | WLAN_FC_TODS);
7940 wpa_supplicant_event(drv->ctx, EVENT_RX_FROM_UNKNOWN, &event);
7944 static void handle_frame(struct wpa_driver_nl80211_data *drv,
7945 u8 *buf, size_t len, int datarate, int ssi_signal)
7947 struct ieee80211_hdr *hdr;
7949 union wpa_event_data event;
7951 hdr = (struct ieee80211_hdr *) buf;
7952 fc = le_to_host16(hdr->frame_control);
7954 switch (WLAN_FC_GET_TYPE(fc)) {
7955 case WLAN_FC_TYPE_MGMT:
7956 os_memset(&event, 0, sizeof(event));
7957 event.rx_mgmt.frame = buf;
7958 event.rx_mgmt.frame_len = len;
7959 event.rx_mgmt.datarate = datarate;
7960 event.rx_mgmt.ssi_signal = ssi_signal;
7961 wpa_supplicant_event(drv->ctx, EVENT_RX_MGMT, &event);
7963 case WLAN_FC_TYPE_CTRL:
7964 /* can only get here with PS-Poll frames */
7965 wpa_printf(MSG_DEBUG, "CTRL");
7966 from_unknown_sta(drv, buf, len);
7968 case WLAN_FC_TYPE_DATA:
7969 from_unknown_sta(drv, buf, len);
7975 static void handle_monitor_read(int sock, void *eloop_ctx, void *sock_ctx)
7977 struct wpa_driver_nl80211_data *drv = eloop_ctx;
7979 unsigned char buf[3000];
7980 struct ieee80211_radiotap_iterator iter;
7982 int datarate = 0, ssi_signal = 0;
7983 int injected = 0, failed = 0, rxflags = 0;
7985 len = recv(sock, buf, sizeof(buf), 0);
7987 wpa_printf(MSG_ERROR, "nl80211: Monitor socket recv failed: %s",
7992 if (ieee80211_radiotap_iterator_init(&iter, (void *) buf, len, NULL)) {
7993 wpa_printf(MSG_INFO, "nl80211: received invalid radiotap frame");
7998 ret = ieee80211_radiotap_iterator_next(&iter);
8002 wpa_printf(MSG_INFO, "nl80211: received invalid radiotap frame (%d)",
8006 switch (iter.this_arg_index) {
8007 case IEEE80211_RADIOTAP_FLAGS:
8008 if (*iter.this_arg & IEEE80211_RADIOTAP_F_FCS)
8011 case IEEE80211_RADIOTAP_RX_FLAGS:
8014 case IEEE80211_RADIOTAP_TX_FLAGS:
8016 failed = le_to_host16((*(uint16_t *) iter.this_arg)) &
8017 IEEE80211_RADIOTAP_F_TX_FAIL;
8019 case IEEE80211_RADIOTAP_DATA_RETRIES:
8021 case IEEE80211_RADIOTAP_CHANNEL:
8022 /* TODO: convert from freq/flags to channel number */
8024 case IEEE80211_RADIOTAP_RATE:
8025 datarate = *iter.this_arg * 5;
8027 case IEEE80211_RADIOTAP_DBM_ANTSIGNAL:
8028 ssi_signal = (s8) *iter.this_arg;
8033 if (rxflags && injected)
8037 handle_frame(drv, buf + iter._max_length,
8038 len - iter._max_length, datarate, ssi_signal);
8040 handle_tx_callback(drv->ctx, buf + iter._max_length,
8041 len - iter._max_length, !failed);
8046 * we post-process the filter code later and rewrite
8047 * this to the offset to the last instruction
8052 static struct sock_filter msock_filter_insns[] = {
8054 * do a little-endian load of the radiotap length field
8056 /* load lower byte into A */
8057 BPF_STMT(BPF_LD | BPF_B | BPF_ABS, 2),
8058 /* put it into X (== index register) */
8059 BPF_STMT(BPF_MISC| BPF_TAX, 0),
8060 /* load upper byte into A */
8061 BPF_STMT(BPF_LD | BPF_B | BPF_ABS, 3),
8062 /* left-shift it by 8 */
8063 BPF_STMT(BPF_ALU | BPF_LSH | BPF_K, 8),
8065 BPF_STMT(BPF_ALU | BPF_OR | BPF_X, 0),
8066 /* put result into X */
8067 BPF_STMT(BPF_MISC| BPF_TAX, 0),
8070 * Allow management frames through, this also gives us those
8071 * management frames that we sent ourselves with status
8073 /* load the lower byte of the IEEE 802.11 frame control field */
8074 BPF_STMT(BPF_LD | BPF_B | BPF_IND, 0),
8075 /* mask off frame type and version */
8076 BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0xF),
8077 /* accept frame if it's both 0, fall through otherwise */
8078 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 0, PASS, 0),
8081 * TODO: add a bit to radiotap RX flags that indicates
8082 * that the sending station is not associated, then
8083 * add a filter here that filters on our DA and that flag
8084 * to allow us to deauth frames to that bad station.
8086 * For now allow all To DS data frames through.
8088 /* load the IEEE 802.11 frame control field */
8089 BPF_STMT(BPF_LD | BPF_H | BPF_IND, 0),
8090 /* mask off frame type, version and DS status */
8091 BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0x0F03),
8092 /* accept frame if version 0, type 2 and To DS, fall through otherwise
8094 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 0x0801, PASS, 0),
8098 * drop non-data frames
8100 /* load the lower byte of the frame control field */
8101 BPF_STMT(BPF_LD | BPF_B | BPF_IND, 0),
8102 /* mask off QoS bit */
8103 BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0x0c),
8104 /* drop non-data frames */
8105 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 8, 0, FAIL),
8107 /* load the upper byte of the frame control field */
8108 BPF_STMT(BPF_LD | BPF_B | BPF_IND, 1),
8109 /* mask off toDS/fromDS */
8110 BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0x03),
8111 /* accept WDS frames */
8112 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 3, PASS, 0),
8115 * add header length to index
8117 /* load the lower byte of the frame control field */
8118 BPF_STMT(BPF_LD | BPF_B | BPF_IND, 0),
8119 /* mask off QoS bit */
8120 BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0x80),
8121 /* right shift it by 6 to give 0 or 2 */
8122 BPF_STMT(BPF_ALU | BPF_RSH | BPF_K, 6),
8123 /* add data frame header length */
8124 BPF_STMT(BPF_ALU | BPF_ADD | BPF_K, 24),
8125 /* add index, was start of 802.11 header */
8126 BPF_STMT(BPF_ALU | BPF_ADD | BPF_X, 0),
8127 /* move to index, now start of LL header */
8128 BPF_STMT(BPF_MISC | BPF_TAX, 0),
8131 * Accept empty data frames, we use those for
8134 BPF_STMT(BPF_LD | BPF_W | BPF_LEN, 0),
8135 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_X, 0, PASS, 0),
8138 * Accept EAPOL frames
8140 BPF_STMT(BPF_LD | BPF_W | BPF_IND, 0),
8141 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 0xAAAA0300, 0, FAIL),
8142 BPF_STMT(BPF_LD | BPF_W | BPF_IND, 4),
8143 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 0x0000888E, PASS, FAIL),
8145 /* keep these last two statements or change the code below */
8146 /* return 0 == "DROP" */
8147 BPF_STMT(BPF_RET | BPF_K, 0),
8148 /* return ~0 == "keep all" */
8149 BPF_STMT(BPF_RET | BPF_K, ~0),
8152 static struct sock_fprog msock_filter = {
8153 .len = ARRAY_SIZE(msock_filter_insns),
8154 .filter = msock_filter_insns,
8158 static int add_monitor_filter(int s)
8162 /* rewrite all PASS/FAIL jump offsets */
8163 for (idx = 0; idx < msock_filter.len; idx++) {
8164 struct sock_filter *insn = &msock_filter_insns[idx];
8166 if (BPF_CLASS(insn->code) == BPF_JMP) {
8167 if (insn->code == (BPF_JMP|BPF_JA)) {
8168 if (insn->k == PASS)
8169 insn->k = msock_filter.len - idx - 2;
8170 else if (insn->k == FAIL)
8171 insn->k = msock_filter.len - idx - 3;
8174 if (insn->jt == PASS)
8175 insn->jt = msock_filter.len - idx - 2;
8176 else if (insn->jt == FAIL)
8177 insn->jt = msock_filter.len - idx - 3;
8179 if (insn->jf == PASS)
8180 insn->jf = msock_filter.len - idx - 2;
8181 else if (insn->jf == FAIL)
8182 insn->jf = msock_filter.len - idx - 3;
8186 if (setsockopt(s, SOL_SOCKET, SO_ATTACH_FILTER,
8187 &msock_filter, sizeof(msock_filter))) {
8188 wpa_printf(MSG_ERROR, "nl80211: setsockopt(SO_ATTACH_FILTER) failed: %s",
8197 static void nl80211_remove_monitor_interface(
8198 struct wpa_driver_nl80211_data *drv)
8200 if (drv->monitor_refcount > 0)
8201 drv->monitor_refcount--;
8202 wpa_printf(MSG_DEBUG, "nl80211: Remove monitor interface: refcount=%d",
8203 drv->monitor_refcount);
8204 if (drv->monitor_refcount > 0)
8207 if (drv->monitor_ifidx >= 0) {
8208 nl80211_remove_iface(drv, drv->monitor_ifidx);
8209 drv->monitor_ifidx = -1;
8211 if (drv->monitor_sock >= 0) {
8212 eloop_unregister_read_sock(drv->monitor_sock);
8213 close(drv->monitor_sock);
8214 drv->monitor_sock = -1;
8220 nl80211_create_monitor_interface(struct wpa_driver_nl80211_data *drv)
8223 struct sockaddr_ll ll;
8227 if (drv->monitor_ifidx >= 0) {
8228 drv->monitor_refcount++;
8229 wpa_printf(MSG_DEBUG, "nl80211: Re-use existing monitor interface: refcount=%d",
8230 drv->monitor_refcount);
8234 if (os_strncmp(drv->first_bss->ifname, "p2p-", 4) == 0) {
8236 * P2P interface name is of the format p2p-%s-%d. For monitor
8237 * interface name corresponding to P2P GO, replace "p2p-" with
8238 * "mon-" to retain the same interface name length and to
8239 * indicate that it is a monitor interface.
8241 snprintf(buf, IFNAMSIZ, "mon-%s", drv->first_bss->ifname + 4);
8243 /* Non-P2P interface with AP functionality. */
8244 snprintf(buf, IFNAMSIZ, "mon.%s", drv->first_bss->ifname);
8247 buf[IFNAMSIZ - 1] = '\0';
8249 drv->monitor_ifidx =
8250 nl80211_create_iface(drv, buf, NL80211_IFTYPE_MONITOR, NULL,
8253 if (drv->monitor_ifidx == -EOPNOTSUPP) {
8255 * This is backward compatibility for a few versions of
8256 * the kernel only that didn't advertise the right
8257 * attributes for the only driver that then supported
8258 * AP mode w/o monitor -- ath6kl.
8260 wpa_printf(MSG_DEBUG, "nl80211: Driver does not support "
8261 "monitor interface type - try to run without it");
8262 drv->device_ap_sme = 1;
8265 if (drv->monitor_ifidx < 0)
8268 if (linux_set_iface_flags(drv->global->ioctl_sock, buf, 1))
8271 memset(&ll, 0, sizeof(ll));
8272 ll.sll_family = AF_PACKET;
8273 ll.sll_ifindex = drv->monitor_ifidx;
8274 drv->monitor_sock = socket(PF_PACKET, SOCK_RAW, htons(ETH_P_ALL));
8275 if (drv->monitor_sock < 0) {
8276 wpa_printf(MSG_ERROR, "nl80211: socket[PF_PACKET,SOCK_RAW] failed: %s",
8281 if (add_monitor_filter(drv->monitor_sock)) {
8282 wpa_printf(MSG_INFO, "Failed to set socket filter for monitor "
8283 "interface; do filtering in user space");
8284 /* This works, but will cost in performance. */
8287 if (bind(drv->monitor_sock, (struct sockaddr *) &ll, sizeof(ll)) < 0) {
8288 wpa_printf(MSG_ERROR, "nl80211: monitor socket bind failed: %s",
8293 optlen = sizeof(optval);
8296 (drv->monitor_sock, SOL_SOCKET, SO_PRIORITY, &optval, optlen)) {
8297 wpa_printf(MSG_ERROR, "nl80211: Failed to set socket priority: %s",
8302 if (eloop_register_read_sock(drv->monitor_sock, handle_monitor_read,
8304 wpa_printf(MSG_INFO, "nl80211: Could not register monitor read socket");
8308 drv->monitor_refcount++;
8311 nl80211_remove_monitor_interface(drv);
8316 static int nl80211_setup_ap(struct i802_bss *bss)
8318 struct wpa_driver_nl80211_data *drv = bss->drv;
8320 wpa_printf(MSG_DEBUG, "nl80211: Setup AP(%s) - device_ap_sme=%d use_monitor=%d",
8321 bss->ifname, drv->device_ap_sme, drv->use_monitor);
8324 * Disable Probe Request reporting unless we need it in this way for
8325 * devices that include the AP SME, in the other case (unless using
8326 * monitor iface) we'll get it through the nl_mgmt socket instead.
8328 if (!drv->device_ap_sme)
8329 wpa_driver_nl80211_probe_req_report(bss, 0);
8331 if (!drv->device_ap_sme && !drv->use_monitor)
8332 if (nl80211_mgmt_subscribe_ap(bss))
8335 if (drv->device_ap_sme && !drv->use_monitor)
8336 if (nl80211_mgmt_subscribe_ap_dev_sme(bss))
8339 if (!drv->device_ap_sme && drv->use_monitor &&
8340 nl80211_create_monitor_interface(drv) &&
8341 !drv->device_ap_sme)
8344 if (drv->device_ap_sme &&
8345 wpa_driver_nl80211_probe_req_report(bss, 1) < 0) {
8346 wpa_printf(MSG_DEBUG, "nl80211: Failed to enable "
8347 "Probe Request frame reporting in AP mode");
8348 /* Try to survive without this */
8355 static void nl80211_teardown_ap(struct i802_bss *bss)
8357 struct wpa_driver_nl80211_data *drv = bss->drv;
8359 wpa_printf(MSG_DEBUG, "nl80211: Teardown AP(%s) - device_ap_sme=%d use_monitor=%d",
8360 bss->ifname, drv->device_ap_sme, drv->use_monitor);
8361 if (drv->device_ap_sme) {
8362 wpa_driver_nl80211_probe_req_report(bss, 0);
8363 if (!drv->use_monitor)
8364 nl80211_mgmt_unsubscribe(bss, "AP teardown (dev SME)");
8365 } else if (drv->use_monitor)
8366 nl80211_remove_monitor_interface(drv);
8368 nl80211_mgmt_unsubscribe(bss, "AP teardown");
8370 bss->beacon_set = 0;
8374 static int nl80211_send_eapol_data(struct i802_bss *bss,
8375 const u8 *addr, const u8 *data,
8378 struct sockaddr_ll ll;
8381 if (bss->drv->eapol_tx_sock < 0) {
8382 wpa_printf(MSG_DEBUG, "nl80211: No socket to send EAPOL");
8386 os_memset(&ll, 0, sizeof(ll));
8387 ll.sll_family = AF_PACKET;
8388 ll.sll_ifindex = bss->ifindex;
8389 ll.sll_protocol = htons(ETH_P_PAE);
8390 ll.sll_halen = ETH_ALEN;
8391 os_memcpy(ll.sll_addr, addr, ETH_ALEN);
8392 ret = sendto(bss->drv->eapol_tx_sock, data, data_len, 0,
8393 (struct sockaddr *) &ll, sizeof(ll));
8395 wpa_printf(MSG_ERROR, "nl80211: EAPOL TX: %s",
8402 static const u8 rfc1042_header[6] = { 0xaa, 0xaa, 0x03, 0x00, 0x00, 0x00 };
8404 static int wpa_driver_nl80211_hapd_send_eapol(
8405 void *priv, const u8 *addr, const u8 *data,
8406 size_t data_len, int encrypt, const u8 *own_addr, u32 flags)
8408 struct i802_bss *bss = priv;
8409 struct wpa_driver_nl80211_data *drv = bss->drv;
8410 struct ieee80211_hdr *hdr;
8414 int qos = flags & WPA_STA_WMM;
8416 if (drv->device_ap_sme || !drv->use_monitor)
8417 return nl80211_send_eapol_data(bss, addr, data, data_len);
8419 len = sizeof(*hdr) + (qos ? 2 : 0) + sizeof(rfc1042_header) + 2 +
8421 hdr = os_zalloc(len);
8423 wpa_printf(MSG_INFO, "nl80211: Failed to allocate EAPOL buffer(len=%lu)",
8424 (unsigned long) len);
8428 hdr->frame_control =
8429 IEEE80211_FC(WLAN_FC_TYPE_DATA, WLAN_FC_STYPE_DATA);
8430 hdr->frame_control |= host_to_le16(WLAN_FC_FROMDS);
8432 hdr->frame_control |= host_to_le16(WLAN_FC_ISWEP);
8434 hdr->frame_control |=
8435 host_to_le16(WLAN_FC_STYPE_QOS_DATA << 4);
8438 memcpy(hdr->IEEE80211_DA_FROMDS, addr, ETH_ALEN);
8439 memcpy(hdr->IEEE80211_BSSID_FROMDS, own_addr, ETH_ALEN);
8440 memcpy(hdr->IEEE80211_SA_FROMDS, own_addr, ETH_ALEN);
8441 pos = (u8 *) (hdr + 1);
8444 /* Set highest priority in QoS header */
8450 memcpy(pos, rfc1042_header, sizeof(rfc1042_header));
8451 pos += sizeof(rfc1042_header);
8452 WPA_PUT_BE16(pos, ETH_P_PAE);
8454 memcpy(pos, data, data_len);
8456 res = wpa_driver_nl80211_send_frame(bss, (u8 *) hdr, len, encrypt, 0,
8459 wpa_printf(MSG_ERROR, "i802_send_eapol - packet len: %lu - "
8461 (unsigned long) len, errno, strerror(errno));
8469 static int wpa_driver_nl80211_sta_set_flags(void *priv, const u8 *addr,
8471 int flags_or, int flags_and)
8473 struct i802_bss *bss = priv;
8474 struct wpa_driver_nl80211_data *drv = bss->drv;
8476 struct nlattr *flags;
8477 struct nl80211_sta_flag_update upd;
8479 msg = nlmsg_alloc();
8483 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_STATION);
8485 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
8486 if_nametoindex(bss->ifname));
8487 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
8490 * Backwards compatibility version using NL80211_ATTR_STA_FLAGS. This
8491 * can be removed eventually.
8493 flags = nla_nest_start(msg, NL80211_ATTR_STA_FLAGS);
8495 goto nla_put_failure;
8496 if (total_flags & WPA_STA_AUTHORIZED)
8497 NLA_PUT_FLAG(msg, NL80211_STA_FLAG_AUTHORIZED);
8499 if (total_flags & WPA_STA_WMM)
8500 NLA_PUT_FLAG(msg, NL80211_STA_FLAG_WME);
8502 if (total_flags & WPA_STA_SHORT_PREAMBLE)
8503 NLA_PUT_FLAG(msg, NL80211_STA_FLAG_SHORT_PREAMBLE);
8505 if (total_flags & WPA_STA_MFP)
8506 NLA_PUT_FLAG(msg, NL80211_STA_FLAG_MFP);
8508 if (total_flags & WPA_STA_TDLS_PEER)
8509 NLA_PUT_FLAG(msg, NL80211_STA_FLAG_TDLS_PEER);
8511 nla_nest_end(msg, flags);
8513 os_memset(&upd, 0, sizeof(upd));
8514 upd.mask = sta_flags_nl80211(flags_or | ~flags_and);
8515 upd.set = sta_flags_nl80211(flags_or);
8516 NLA_PUT(msg, NL80211_ATTR_STA_FLAGS2, sizeof(upd), &upd);
8518 return send_and_recv_msgs(drv, msg, NULL, NULL);
8525 static int wpa_driver_nl80211_ap(struct wpa_driver_nl80211_data *drv,
8526 struct wpa_driver_associate_params *params)
8528 enum nl80211_iftype nlmode, old_mode;
8529 struct hostapd_freq_params freq = {
8530 .freq = params->freq,
8534 wpa_printf(MSG_DEBUG, "nl80211: Setup AP operations for P2P "
8536 nlmode = NL80211_IFTYPE_P2P_GO;
8538 nlmode = NL80211_IFTYPE_AP;
8540 old_mode = drv->nlmode;
8541 if (wpa_driver_nl80211_set_mode(drv->first_bss, nlmode)) {
8542 nl80211_remove_monitor_interface(drv);
8546 if (nl80211_set_channel(drv->first_bss, &freq, 0)) {
8547 if (old_mode != nlmode)
8548 wpa_driver_nl80211_set_mode(drv->first_bss, old_mode);
8549 nl80211_remove_monitor_interface(drv);
8557 static int nl80211_leave_ibss(struct wpa_driver_nl80211_data *drv)
8562 msg = nlmsg_alloc();
8566 nl80211_cmd(drv, msg, 0, NL80211_CMD_LEAVE_IBSS);
8567 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
8568 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
8571 wpa_printf(MSG_DEBUG, "nl80211: Leave IBSS failed: ret=%d "
8572 "(%s)", ret, strerror(-ret));
8573 goto nla_put_failure;
8577 wpa_printf(MSG_DEBUG, "nl80211: Leave IBSS request sent successfully");
8580 if (wpa_driver_nl80211_set_mode(drv->first_bss,
8581 NL80211_IFTYPE_STATION)) {
8582 wpa_printf(MSG_INFO, "nl80211: Failed to set interface into "
8591 static int wpa_driver_nl80211_ibss(struct wpa_driver_nl80211_data *drv,
8592 struct wpa_driver_associate_params *params)
8598 wpa_printf(MSG_DEBUG, "nl80211: Join IBSS (ifindex=%d)", drv->ifindex);
8600 if (wpa_driver_nl80211_set_mode_ibss(drv->first_bss, params->freq)) {
8601 wpa_printf(MSG_INFO, "nl80211: Failed to set interface into "
8607 msg = nlmsg_alloc();
8611 nl80211_cmd(drv, msg, 0, NL80211_CMD_JOIN_IBSS);
8612 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
8614 if (params->ssid == NULL || params->ssid_len > sizeof(drv->ssid))
8615 goto nla_put_failure;
8617 wpa_hexdump_ascii(MSG_DEBUG, " * SSID",
8618 params->ssid, params->ssid_len);
8619 NLA_PUT(msg, NL80211_ATTR_SSID, params->ssid_len,
8621 os_memcpy(drv->ssid, params->ssid, params->ssid_len);
8622 drv->ssid_len = params->ssid_len;
8624 wpa_printf(MSG_DEBUG, " * freq=%d", params->freq);
8625 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, params->freq);
8627 if (params->beacon_int > 0) {
8628 wpa_printf(MSG_DEBUG, " * beacon_int=%d", params->beacon_int);
8629 NLA_PUT_U32(msg, NL80211_ATTR_BEACON_INTERVAL,
8630 params->beacon_int);
8633 ret = nl80211_set_conn_keys(params, msg);
8635 goto nla_put_failure;
8637 if (params->bssid && params->fixed_bssid) {
8638 wpa_printf(MSG_DEBUG, " * BSSID=" MACSTR,
8639 MAC2STR(params->bssid));
8640 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid);
8643 if (params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
8644 params->key_mgmt_suite == WPA_KEY_MGMT_PSK ||
8645 params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
8646 params->key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256) {
8647 wpa_printf(MSG_DEBUG, " * control port");
8648 NLA_PUT_FLAG(msg, NL80211_ATTR_CONTROL_PORT);
8651 if (params->wpa_ie) {
8652 wpa_hexdump(MSG_DEBUG,
8653 " * Extra IEs for Beacon/Probe Response frames",
8654 params->wpa_ie, params->wpa_ie_len);
8655 NLA_PUT(msg, NL80211_ATTR_IE, params->wpa_ie_len,
8659 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
8662 wpa_printf(MSG_DEBUG, "nl80211: Join IBSS failed: ret=%d (%s)",
8663 ret, strerror(-ret));
8665 if (ret == -EALREADY && count == 1) {
8666 wpa_printf(MSG_DEBUG, "nl80211: Retry IBSS join after "
8668 nl80211_leave_ibss(drv);
8673 goto nla_put_failure;
8676 wpa_printf(MSG_DEBUG, "nl80211: Join IBSS request sent successfully");
8684 static int nl80211_connect_common(struct wpa_driver_nl80211_data *drv,
8685 struct wpa_driver_associate_params *params,
8688 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
8690 if (params->bssid) {
8691 wpa_printf(MSG_DEBUG, " * bssid=" MACSTR,
8692 MAC2STR(params->bssid));
8693 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid);
8696 if (params->bssid_hint) {
8697 wpa_printf(MSG_DEBUG, " * bssid_hint=" MACSTR,
8698 MAC2STR(params->bssid_hint));
8699 NLA_PUT(msg, NL80211_ATTR_MAC_HINT, ETH_ALEN,
8700 params->bssid_hint);
8704 wpa_printf(MSG_DEBUG, " * freq=%d", params->freq);
8705 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, params->freq);
8706 drv->assoc_freq = params->freq;
8708 drv->assoc_freq = 0;
8710 if (params->freq_hint) {
8711 wpa_printf(MSG_DEBUG, " * freq_hint=%d", params->freq_hint);
8712 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ_HINT,
8716 if (params->bg_scan_period >= 0) {
8717 wpa_printf(MSG_DEBUG, " * bg scan period=%d",
8718 params->bg_scan_period);
8719 NLA_PUT_U16(msg, NL80211_ATTR_BG_SCAN_PERIOD,
8720 params->bg_scan_period);
8724 wpa_hexdump_ascii(MSG_DEBUG, " * SSID",
8725 params->ssid, params->ssid_len);
8726 NLA_PUT(msg, NL80211_ATTR_SSID, params->ssid_len,
8728 if (params->ssid_len > sizeof(drv->ssid))
8729 goto nla_put_failure;
8730 os_memcpy(drv->ssid, params->ssid, params->ssid_len);
8731 drv->ssid_len = params->ssid_len;
8734 wpa_hexdump(MSG_DEBUG, " * IEs", params->wpa_ie, params->wpa_ie_len);
8736 NLA_PUT(msg, NL80211_ATTR_IE, params->wpa_ie_len,
8739 if (params->wpa_proto) {
8740 enum nl80211_wpa_versions ver = 0;
8742 if (params->wpa_proto & WPA_PROTO_WPA)
8743 ver |= NL80211_WPA_VERSION_1;
8744 if (params->wpa_proto & WPA_PROTO_RSN)
8745 ver |= NL80211_WPA_VERSION_2;
8747 wpa_printf(MSG_DEBUG, " * WPA Versions 0x%x", ver);
8748 NLA_PUT_U32(msg, NL80211_ATTR_WPA_VERSIONS, ver);
8751 if (params->pairwise_suite != WPA_CIPHER_NONE) {
8752 u32 cipher = wpa_cipher_to_cipher_suite(params->pairwise_suite);
8753 wpa_printf(MSG_DEBUG, " * pairwise=0x%x", cipher);
8754 NLA_PUT_U32(msg, NL80211_ATTR_CIPHER_SUITES_PAIRWISE, cipher);
8757 if (params->group_suite == WPA_CIPHER_GTK_NOT_USED &&
8758 !(drv->capa.enc & WPA_DRIVER_CAPA_ENC_GTK_NOT_USED)) {
8760 * This is likely to work even though many drivers do not
8761 * advertise support for operations without GTK.
8763 wpa_printf(MSG_DEBUG, " * skip group cipher configuration for GTK_NOT_USED due to missing driver support advertisement");
8764 } else if (params->group_suite != WPA_CIPHER_NONE) {
8765 u32 cipher = wpa_cipher_to_cipher_suite(params->group_suite);
8766 wpa_printf(MSG_DEBUG, " * group=0x%x", cipher);
8767 NLA_PUT_U32(msg, NL80211_ATTR_CIPHER_SUITE_GROUP, cipher);
8770 if (params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
8771 params->key_mgmt_suite == WPA_KEY_MGMT_PSK ||
8772 params->key_mgmt_suite == WPA_KEY_MGMT_FT_IEEE8021X ||
8773 params->key_mgmt_suite == WPA_KEY_MGMT_FT_PSK ||
8774 params->key_mgmt_suite == WPA_KEY_MGMT_CCKM ||
8775 params->key_mgmt_suite == WPA_KEY_MGMT_OSEN ||
8776 params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
8777 params->key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256) {
8778 int mgmt = WLAN_AKM_SUITE_PSK;
8780 switch (params->key_mgmt_suite) {
8781 case WPA_KEY_MGMT_CCKM:
8782 mgmt = WLAN_AKM_SUITE_CCKM;
8784 case WPA_KEY_MGMT_IEEE8021X:
8785 mgmt = WLAN_AKM_SUITE_8021X;
8787 case WPA_KEY_MGMT_FT_IEEE8021X:
8788 mgmt = WLAN_AKM_SUITE_FT_8021X;
8790 case WPA_KEY_MGMT_FT_PSK:
8791 mgmt = WLAN_AKM_SUITE_FT_PSK;
8793 case WPA_KEY_MGMT_IEEE8021X_SHA256:
8794 mgmt = WLAN_AKM_SUITE_8021X_SHA256;
8796 case WPA_KEY_MGMT_PSK_SHA256:
8797 mgmt = WLAN_AKM_SUITE_PSK_SHA256;
8799 case WPA_KEY_MGMT_OSEN:
8800 mgmt = WLAN_AKM_SUITE_OSEN;
8802 case WPA_KEY_MGMT_PSK:
8804 mgmt = WLAN_AKM_SUITE_PSK;
8807 wpa_printf(MSG_DEBUG, " * akm=0x%x", mgmt);
8808 NLA_PUT_U32(msg, NL80211_ATTR_AKM_SUITES, mgmt);
8811 NLA_PUT_FLAG(msg, NL80211_ATTR_CONTROL_PORT);
8813 if (params->mgmt_frame_protection == MGMT_FRAME_PROTECTION_REQUIRED)
8814 NLA_PUT_U32(msg, NL80211_ATTR_USE_MFP, NL80211_MFP_REQUIRED);
8816 if (params->disable_ht)
8817 NLA_PUT_FLAG(msg, NL80211_ATTR_DISABLE_HT);
8819 if (params->htcaps && params->htcaps_mask) {
8820 int sz = sizeof(struct ieee80211_ht_capabilities);
8821 wpa_hexdump(MSG_DEBUG, " * htcaps", params->htcaps, sz);
8822 NLA_PUT(msg, NL80211_ATTR_HT_CAPABILITY, sz, params->htcaps);
8823 wpa_hexdump(MSG_DEBUG, " * htcaps_mask",
8824 params->htcaps_mask, sz);
8825 NLA_PUT(msg, NL80211_ATTR_HT_CAPABILITY_MASK, sz,
8826 params->htcaps_mask);
8829 #ifdef CONFIG_VHT_OVERRIDES
8830 if (params->disable_vht) {
8831 wpa_printf(MSG_DEBUG, " * VHT disabled");
8832 NLA_PUT_FLAG(msg, NL80211_ATTR_DISABLE_VHT);
8835 if (params->vhtcaps && params->vhtcaps_mask) {
8836 int sz = sizeof(struct ieee80211_vht_capabilities);
8837 wpa_hexdump(MSG_DEBUG, " * vhtcaps", params->vhtcaps, sz);
8838 NLA_PUT(msg, NL80211_ATTR_VHT_CAPABILITY, sz, params->vhtcaps);
8839 wpa_hexdump(MSG_DEBUG, " * vhtcaps_mask",
8840 params->vhtcaps_mask, sz);
8841 NLA_PUT(msg, NL80211_ATTR_VHT_CAPABILITY_MASK, sz,
8842 params->vhtcaps_mask);
8844 #endif /* CONFIG_VHT_OVERRIDES */
8847 wpa_printf(MSG_DEBUG, " * P2P group");
8855 static int wpa_driver_nl80211_try_connect(
8856 struct wpa_driver_nl80211_data *drv,
8857 struct wpa_driver_associate_params *params)
8860 enum nl80211_auth_type type;
8864 msg = nlmsg_alloc();
8868 wpa_printf(MSG_DEBUG, "nl80211: Connect (ifindex=%d)", drv->ifindex);
8869 nl80211_cmd(drv, msg, 0, NL80211_CMD_CONNECT);
8871 ret = nl80211_connect_common(drv, params, msg);
8873 goto nla_put_failure;
8876 if (params->auth_alg & WPA_AUTH_ALG_OPEN)
8878 if (params->auth_alg & WPA_AUTH_ALG_SHARED)
8880 if (params->auth_alg & WPA_AUTH_ALG_LEAP)
8883 wpa_printf(MSG_DEBUG, " * Leave out Auth Type for automatic "
8885 goto skip_auth_type;
8888 if (params->auth_alg & WPA_AUTH_ALG_OPEN)
8889 type = NL80211_AUTHTYPE_OPEN_SYSTEM;
8890 else if (params->auth_alg & WPA_AUTH_ALG_SHARED)
8891 type = NL80211_AUTHTYPE_SHARED_KEY;
8892 else if (params->auth_alg & WPA_AUTH_ALG_LEAP)
8893 type = NL80211_AUTHTYPE_NETWORK_EAP;
8894 else if (params->auth_alg & WPA_AUTH_ALG_FT)
8895 type = NL80211_AUTHTYPE_FT;
8897 goto nla_put_failure;
8899 wpa_printf(MSG_DEBUG, " * Auth Type %d", type);
8900 NLA_PUT_U32(msg, NL80211_ATTR_AUTH_TYPE, type);
8903 ret = nl80211_set_conn_keys(params, msg);
8905 goto nla_put_failure;
8907 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
8910 wpa_printf(MSG_DEBUG, "nl80211: MLME connect failed: ret=%d "
8911 "(%s)", ret, strerror(-ret));
8912 goto nla_put_failure;
8915 wpa_printf(MSG_DEBUG, "nl80211: Connect request send successfully");
8924 static int wpa_driver_nl80211_connect(
8925 struct wpa_driver_nl80211_data *drv,
8926 struct wpa_driver_associate_params *params)
8928 int ret = wpa_driver_nl80211_try_connect(drv, params);
8929 if (ret == -EALREADY) {
8931 * cfg80211 does not currently accept new connections if
8932 * we are already connected. As a workaround, force
8933 * disconnection and try again.
8935 wpa_printf(MSG_DEBUG, "nl80211: Explicitly "
8936 "disconnecting before reassociation "
8938 if (wpa_driver_nl80211_disconnect(
8939 drv, WLAN_REASON_PREV_AUTH_NOT_VALID))
8941 ret = wpa_driver_nl80211_try_connect(drv, params);
8947 static int wpa_driver_nl80211_associate(
8948 void *priv, struct wpa_driver_associate_params *params)
8950 struct i802_bss *bss = priv;
8951 struct wpa_driver_nl80211_data *drv = bss->drv;
8955 if (params->mode == IEEE80211_MODE_AP)
8956 return wpa_driver_nl80211_ap(drv, params);
8958 if (params->mode == IEEE80211_MODE_IBSS)
8959 return wpa_driver_nl80211_ibss(drv, params);
8961 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME)) {
8962 enum nl80211_iftype nlmode = params->p2p ?
8963 NL80211_IFTYPE_P2P_CLIENT : NL80211_IFTYPE_STATION;
8965 if (wpa_driver_nl80211_set_mode(priv, nlmode) < 0)
8967 return wpa_driver_nl80211_connect(drv, params);
8970 nl80211_mark_disconnected(drv);
8972 msg = nlmsg_alloc();
8976 wpa_printf(MSG_DEBUG, "nl80211: Associate (ifindex=%d)",
8978 nl80211_cmd(drv, msg, 0, NL80211_CMD_ASSOCIATE);
8980 ret = nl80211_connect_common(drv, params, msg);
8982 goto nla_put_failure;
8984 if (params->prev_bssid) {
8985 wpa_printf(MSG_DEBUG, " * prev_bssid=" MACSTR,
8986 MAC2STR(params->prev_bssid));
8987 NLA_PUT(msg, NL80211_ATTR_PREV_BSSID, ETH_ALEN,
8988 params->prev_bssid);
8991 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
8994 wpa_dbg(drv->ctx, MSG_DEBUG,
8995 "nl80211: MLME command failed (assoc): ret=%d (%s)",
8996 ret, strerror(-ret));
8997 nl80211_dump_scan(drv);
8998 goto nla_put_failure;
9001 wpa_printf(MSG_DEBUG, "nl80211: Association request send "
9010 static int nl80211_set_mode(struct wpa_driver_nl80211_data *drv,
9011 int ifindex, enum nl80211_iftype mode)
9016 wpa_printf(MSG_DEBUG, "nl80211: Set mode ifindex %d iftype %d (%s)",
9017 ifindex, mode, nl80211_iftype_str(mode));
9019 msg = nlmsg_alloc();
9023 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_INTERFACE);
9024 if (nl80211_set_iface_id(msg, drv->first_bss) < 0)
9025 goto nla_put_failure;
9026 NLA_PUT_U32(msg, NL80211_ATTR_IFTYPE, mode);
9028 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
9034 wpa_printf(MSG_DEBUG, "nl80211: Failed to set interface %d to mode %d:"
9035 " %d (%s)", ifindex, mode, ret, strerror(-ret));
9040 static int wpa_driver_nl80211_set_mode_impl(
9041 struct i802_bss *bss,
9042 enum nl80211_iftype nlmode,
9043 struct hostapd_freq_params *desired_freq_params)
9045 struct wpa_driver_nl80211_data *drv = bss->drv;
9048 int was_ap = is_ap_interface(drv->nlmode);
9050 int mode_switch_res;
9052 mode_switch_res = nl80211_set_mode(drv, drv->ifindex, nlmode);
9053 if (mode_switch_res && nlmode == nl80211_get_ifmode(bss))
9054 mode_switch_res = 0;
9056 if (mode_switch_res == 0) {
9057 drv->nlmode = nlmode;
9062 if (mode_switch_res == -ENODEV)
9065 if (nlmode == drv->nlmode) {
9066 wpa_printf(MSG_DEBUG, "nl80211: Interface already in "
9067 "requested mode - ignore error");
9069 goto done; /* Already in the requested mode */
9072 /* mac80211 doesn't allow mode changes while the device is up, so
9073 * take the device down, try to set the mode again, and bring the
9076 wpa_printf(MSG_DEBUG, "nl80211: Try mode change after setting "
9078 for (i = 0; i < 10; i++) {
9079 res = i802_set_iface_flags(bss, 0);
9080 if (res == -EACCES || res == -ENODEV)
9083 wpa_printf(MSG_DEBUG, "nl80211: Failed to set "
9085 os_sleep(0, 100000);
9090 * Setting the mode will fail for some drivers if the phy is
9091 * on a frequency that the mode is disallowed in.
9093 if (desired_freq_params) {
9094 res = i802_set_freq(bss, desired_freq_params);
9096 wpa_printf(MSG_DEBUG,
9097 "nl80211: Failed to set frequency on interface");
9101 /* Try to set the mode again while the interface is down */
9102 mode_switch_res = nl80211_set_mode(drv, drv->ifindex, nlmode);
9103 if (mode_switch_res == -EBUSY) {
9104 wpa_printf(MSG_DEBUG,
9105 "nl80211: Delaying mode set while interface going down");
9106 os_sleep(0, 100000);
9109 ret = mode_switch_res;
9114 wpa_printf(MSG_DEBUG, "nl80211: Mode change succeeded while "
9115 "interface is down");
9116 drv->nlmode = nlmode;
9117 drv->ignore_if_down_event = 1;
9120 /* Bring the interface back up */
9121 res = linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 1);
9123 wpa_printf(MSG_DEBUG,
9124 "nl80211: Failed to set interface up after switching mode");
9130 wpa_printf(MSG_DEBUG, "nl80211: Interface mode change to %d "
9131 "from %d failed", nlmode, drv->nlmode);
9135 if (is_p2p_net_interface(nlmode))
9136 nl80211_disable_11b_rates(drv, drv->ifindex, 1);
9137 else if (drv->disabled_11b_rates)
9138 nl80211_disable_11b_rates(drv, drv->ifindex, 0);
9140 if (is_ap_interface(nlmode)) {
9141 nl80211_mgmt_unsubscribe(bss, "start AP");
9142 /* Setup additional AP mode functionality if needed */
9143 if (nl80211_setup_ap(bss))
9145 } else if (was_ap) {
9146 /* Remove additional AP mode functionality */
9147 nl80211_teardown_ap(bss);
9149 nl80211_mgmt_unsubscribe(bss, "mode change");
9152 if (!bss->in_deinit && !is_ap_interface(nlmode) &&
9153 nl80211_mgmt_subscribe_non_ap(bss) < 0)
9154 wpa_printf(MSG_DEBUG, "nl80211: Failed to register Action "
9155 "frame processing - ignore for now");
9161 static int dfs_info_handler(struct nl_msg *msg, void *arg)
9163 struct nlattr *tb[NL80211_ATTR_MAX + 1];
9164 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
9165 int *dfs_capability_ptr = arg;
9167 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
9168 genlmsg_attrlen(gnlh, 0), NULL);
9170 if (tb[NL80211_ATTR_VENDOR_DATA]) {
9171 struct nlattr *nl_vend = tb[NL80211_ATTR_VENDOR_DATA];
9172 struct nlattr *tb_vendor[QCA_WLAN_VENDOR_ATTR_MAX + 1];
9174 nla_parse(tb_vendor, QCA_WLAN_VENDOR_ATTR_MAX,
9175 nla_data(nl_vend), nla_len(nl_vend), NULL);
9177 if (tb_vendor[QCA_WLAN_VENDOR_ATTR_DFS]) {
9179 val = nla_get_u32(tb_vendor[QCA_WLAN_VENDOR_ATTR_DFS]);
9180 wpa_printf(MSG_DEBUG, "nl80211: DFS offload capability: %u",
9182 *dfs_capability_ptr = val;
9190 static int wpa_driver_nl80211_set_mode(struct i802_bss *bss,
9191 enum nl80211_iftype nlmode)
9193 return wpa_driver_nl80211_set_mode_impl(bss, nlmode, NULL);
9197 static int wpa_driver_nl80211_set_mode_ibss(struct i802_bss *bss, int freq)
9199 struct hostapd_freq_params freq_params;
9200 os_memset(&freq_params, 0, sizeof(freq_params));
9201 freq_params.freq = freq;
9202 return wpa_driver_nl80211_set_mode_impl(bss, NL80211_IFTYPE_ADHOC,
9207 static int wpa_driver_nl80211_get_capa(void *priv,
9208 struct wpa_driver_capa *capa)
9210 struct i802_bss *bss = priv;
9211 struct wpa_driver_nl80211_data *drv = bss->drv;
9213 int dfs_capability = 0;
9216 if (!drv->has_capability)
9218 os_memcpy(capa, &drv->capa, sizeof(*capa));
9219 if (drv->extended_capa && drv->extended_capa_mask) {
9220 capa->extended_capa = drv->extended_capa;
9221 capa->extended_capa_mask = drv->extended_capa_mask;
9222 capa->extended_capa_len = drv->extended_capa_len;
9225 if ((capa->flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) &&
9226 !drv->allow_p2p_device) {
9227 wpa_printf(MSG_DEBUG, "nl80211: Do not indicate P2P_DEVICE support (p2p_device=1 driver param not specified)");
9228 capa->flags &= ~WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE;
9231 if (drv->dfs_vendor_cmd_avail == 1) {
9232 msg = nlmsg_alloc();
9236 nl80211_cmd(drv, msg, 0, NL80211_CMD_VENDOR);
9238 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
9239 NLA_PUT_U32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA);
9240 NLA_PUT_U32(msg, NL80211_ATTR_VENDOR_SUBCMD,
9241 QCA_NL80211_VENDOR_SUBCMD_DFS_CAPABILITY);
9243 ret = send_and_recv_msgs(drv, msg, dfs_info_handler,
9247 capa->flags |= WPA_DRIVER_FLAGS_DFS_OFFLOAD;
9259 static int wpa_driver_nl80211_set_operstate(void *priv, int state)
9261 struct i802_bss *bss = priv;
9262 struct wpa_driver_nl80211_data *drv = bss->drv;
9264 wpa_printf(MSG_DEBUG, "nl80211: Set %s operstate %d->%d (%s)",
9265 bss->ifname, drv->operstate, state,
9266 state ? "UP" : "DORMANT");
9267 drv->operstate = state;
9268 return netlink_send_oper_ifla(drv->global->netlink, drv->ifindex, -1,
9269 state ? IF_OPER_UP : IF_OPER_DORMANT);
9273 static int wpa_driver_nl80211_set_supp_port(void *priv, int authorized)
9275 struct i802_bss *bss = priv;
9276 struct wpa_driver_nl80211_data *drv = bss->drv;
9278 struct nl80211_sta_flag_update upd;
9281 if (!drv->associated && is_zero_ether_addr(drv->bssid) && !authorized) {
9282 wpa_printf(MSG_DEBUG, "nl80211: Skip set_supp_port(unauthorized) while not associated");
9286 wpa_printf(MSG_DEBUG, "nl80211: Set supplicant port %sauthorized for "
9287 MACSTR, authorized ? "" : "un", MAC2STR(drv->bssid));
9289 msg = nlmsg_alloc();
9293 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_STATION);
9295 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
9296 if_nametoindex(bss->ifname));
9297 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, drv->bssid);
9299 os_memset(&upd, 0, sizeof(upd));
9300 upd.mask = BIT(NL80211_STA_FLAG_AUTHORIZED);
9302 upd.set = BIT(NL80211_STA_FLAG_AUTHORIZED);
9303 NLA_PUT(msg, NL80211_ATTR_STA_FLAGS2, sizeof(upd), &upd);
9305 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
9311 wpa_printf(MSG_DEBUG, "nl80211: Failed to set STA flag: %d (%s)",
9312 ret, strerror(-ret));
9317 /* Set kernel driver on given frequency (MHz) */
9318 static int i802_set_freq(void *priv, struct hostapd_freq_params *freq)
9320 struct i802_bss *bss = priv;
9321 return nl80211_set_channel(bss, freq, 0);
9325 static inline int min_int(int a, int b)
9333 static int get_key_handler(struct nl_msg *msg, void *arg)
9335 struct nlattr *tb[NL80211_ATTR_MAX + 1];
9336 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
9338 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
9339 genlmsg_attrlen(gnlh, 0), NULL);
9342 * TODO: validate the key index and mac address!
9343 * Otherwise, there's a race condition as soon as
9344 * the kernel starts sending key notifications.
9347 if (tb[NL80211_ATTR_KEY_SEQ])
9348 memcpy(arg, nla_data(tb[NL80211_ATTR_KEY_SEQ]),
9349 min_int(nla_len(tb[NL80211_ATTR_KEY_SEQ]), 6));
9354 static int i802_get_seqnum(const char *iface, void *priv, const u8 *addr,
9357 struct i802_bss *bss = priv;
9358 struct wpa_driver_nl80211_data *drv = bss->drv;
9361 msg = nlmsg_alloc();
9365 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_KEY);
9368 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
9369 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, idx);
9370 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(iface));
9374 return send_and_recv_msgs(drv, msg, get_key_handler, seq);
9381 static int i802_set_rts(void *priv, int rts)
9383 struct i802_bss *bss = priv;
9384 struct wpa_driver_nl80211_data *drv = bss->drv;
9389 msg = nlmsg_alloc();
9398 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_WIPHY);
9399 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
9400 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_RTS_THRESHOLD, val);
9402 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
9408 wpa_printf(MSG_DEBUG, "nl80211: Failed to set RTS threshold %d: "
9409 "%d (%s)", rts, ret, strerror(-ret));
9414 static int i802_set_frag(void *priv, int frag)
9416 struct i802_bss *bss = priv;
9417 struct wpa_driver_nl80211_data *drv = bss->drv;
9422 msg = nlmsg_alloc();
9431 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_WIPHY);
9432 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
9433 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FRAG_THRESHOLD, val);
9435 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
9441 wpa_printf(MSG_DEBUG, "nl80211: Failed to set fragmentation threshold "
9442 "%d: %d (%s)", frag, ret, strerror(-ret));
9447 static int i802_flush(void *priv)
9449 struct i802_bss *bss = priv;
9450 struct wpa_driver_nl80211_data *drv = bss->drv;
9454 msg = nlmsg_alloc();
9458 wpa_printf(MSG_DEBUG, "nl80211: flush -> DEL_STATION %s (all)",
9460 nl80211_cmd(drv, msg, 0, NL80211_CMD_DEL_STATION);
9463 * XXX: FIX! this needs to flush all VLANs too
9465 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
9466 if_nametoindex(bss->ifname));
9468 res = send_and_recv_msgs(drv, msg, NULL, NULL);
9470 wpa_printf(MSG_DEBUG, "nl80211: Station flush failed: ret=%d "
9471 "(%s)", res, strerror(-res));
9480 static int get_sta_handler(struct nl_msg *msg, void *arg)
9482 struct nlattr *tb[NL80211_ATTR_MAX + 1];
9483 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
9484 struct hostap_sta_driver_data *data = arg;
9485 struct nlattr *stats[NL80211_STA_INFO_MAX + 1];
9486 static struct nla_policy stats_policy[NL80211_STA_INFO_MAX + 1] = {
9487 [NL80211_STA_INFO_INACTIVE_TIME] = { .type = NLA_U32 },
9488 [NL80211_STA_INFO_RX_BYTES] = { .type = NLA_U32 },
9489 [NL80211_STA_INFO_TX_BYTES] = { .type = NLA_U32 },
9490 [NL80211_STA_INFO_RX_PACKETS] = { .type = NLA_U32 },
9491 [NL80211_STA_INFO_TX_PACKETS] = { .type = NLA_U32 },
9492 [NL80211_STA_INFO_TX_FAILED] = { .type = NLA_U32 },
9495 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
9496 genlmsg_attrlen(gnlh, 0), NULL);
9499 * TODO: validate the interface and mac address!
9500 * Otherwise, there's a race condition as soon as
9501 * the kernel starts sending station notifications.
9504 if (!tb[NL80211_ATTR_STA_INFO]) {
9505 wpa_printf(MSG_DEBUG, "sta stats missing!");
9508 if (nla_parse_nested(stats, NL80211_STA_INFO_MAX,
9509 tb[NL80211_ATTR_STA_INFO],
9511 wpa_printf(MSG_DEBUG, "failed to parse nested attributes!");
9515 if (stats[NL80211_STA_INFO_INACTIVE_TIME])
9516 data->inactive_msec =
9517 nla_get_u32(stats[NL80211_STA_INFO_INACTIVE_TIME]);
9518 if (stats[NL80211_STA_INFO_RX_BYTES])
9519 data->rx_bytes = nla_get_u32(stats[NL80211_STA_INFO_RX_BYTES]);
9520 if (stats[NL80211_STA_INFO_TX_BYTES])
9521 data->tx_bytes = nla_get_u32(stats[NL80211_STA_INFO_TX_BYTES]);
9522 if (stats[NL80211_STA_INFO_RX_PACKETS])
9524 nla_get_u32(stats[NL80211_STA_INFO_RX_PACKETS]);
9525 if (stats[NL80211_STA_INFO_TX_PACKETS])
9527 nla_get_u32(stats[NL80211_STA_INFO_TX_PACKETS]);
9528 if (stats[NL80211_STA_INFO_TX_FAILED])
9529 data->tx_retry_failed =
9530 nla_get_u32(stats[NL80211_STA_INFO_TX_FAILED]);
9535 static int i802_read_sta_data(struct i802_bss *bss,
9536 struct hostap_sta_driver_data *data,
9539 struct wpa_driver_nl80211_data *drv = bss->drv;
9542 os_memset(data, 0, sizeof(*data));
9543 msg = nlmsg_alloc();
9547 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_STATION);
9549 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
9550 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(bss->ifname));
9552 return send_and_recv_msgs(drv, msg, get_sta_handler, data);
9559 static int i802_set_tx_queue_params(void *priv, int queue, int aifs,
9560 int cw_min, int cw_max, int burst_time)
9562 struct i802_bss *bss = priv;
9563 struct wpa_driver_nl80211_data *drv = bss->drv;
9565 struct nlattr *txq, *params;
9567 msg = nlmsg_alloc();
9571 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_WIPHY);
9573 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(bss->ifname));
9575 txq = nla_nest_start(msg, NL80211_ATTR_WIPHY_TXQ_PARAMS);
9577 goto nla_put_failure;
9579 /* We are only sending parameters for a single TXQ at a time */
9580 params = nla_nest_start(msg, 1);
9582 goto nla_put_failure;
9586 NLA_PUT_U8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_VO);
9589 NLA_PUT_U8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_VI);
9592 NLA_PUT_U8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_BE);
9595 NLA_PUT_U8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_BK);
9598 /* Burst time is configured in units of 0.1 msec and TXOP parameter in
9599 * 32 usec, so need to convert the value here. */
9600 NLA_PUT_U16(msg, NL80211_TXQ_ATTR_TXOP, (burst_time * 100 + 16) / 32);
9601 NLA_PUT_U16(msg, NL80211_TXQ_ATTR_CWMIN, cw_min);
9602 NLA_PUT_U16(msg, NL80211_TXQ_ATTR_CWMAX, cw_max);
9603 NLA_PUT_U8(msg, NL80211_TXQ_ATTR_AIFS, aifs);
9605 nla_nest_end(msg, params);
9607 nla_nest_end(msg, txq);
9609 if (send_and_recv_msgs(drv, msg, NULL, NULL) == 0)
9618 static int i802_set_sta_vlan(struct i802_bss *bss, const u8 *addr,
9619 const char *ifname, int vlan_id)
9621 struct wpa_driver_nl80211_data *drv = bss->drv;
9625 msg = nlmsg_alloc();
9629 wpa_printf(MSG_DEBUG, "nl80211: %s[%d]: set_sta_vlan(" MACSTR
9630 ", ifname=%s[%d], vlan_id=%d)",
9631 bss->ifname, if_nametoindex(bss->ifname),
9632 MAC2STR(addr), ifname, if_nametoindex(ifname), vlan_id);
9633 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_STATION);
9635 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
9636 if_nametoindex(bss->ifname));
9637 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
9638 NLA_PUT_U32(msg, NL80211_ATTR_STA_VLAN,
9639 if_nametoindex(ifname));
9641 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
9644 wpa_printf(MSG_ERROR, "nl80211: NL80211_ATTR_STA_VLAN (addr="
9645 MACSTR " ifname=%s vlan_id=%d) failed: %d (%s)",
9646 MAC2STR(addr), ifname, vlan_id, ret,
9655 static int i802_get_inact_sec(void *priv, const u8 *addr)
9657 struct hostap_sta_driver_data data;
9660 data.inactive_msec = (unsigned long) -1;
9661 ret = i802_read_sta_data(priv, &data, addr);
9662 if (ret || data.inactive_msec == (unsigned long) -1)
9664 return data.inactive_msec / 1000;
9668 static int i802_sta_clear_stats(void *priv, const u8 *addr)
9677 static int i802_sta_deauth(void *priv, const u8 *own_addr, const u8 *addr,
9680 struct i802_bss *bss = priv;
9681 struct wpa_driver_nl80211_data *drv = bss->drv;
9682 struct ieee80211_mgmt mgmt;
9684 if (drv->device_ap_sme)
9685 return wpa_driver_nl80211_sta_remove(bss, addr);
9687 memset(&mgmt, 0, sizeof(mgmt));
9688 mgmt.frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT,
9689 WLAN_FC_STYPE_DEAUTH);
9690 memcpy(mgmt.da, addr, ETH_ALEN);
9691 memcpy(mgmt.sa, own_addr, ETH_ALEN);
9692 memcpy(mgmt.bssid, own_addr, ETH_ALEN);
9693 mgmt.u.deauth.reason_code = host_to_le16(reason);
9694 return wpa_driver_nl80211_send_mlme(bss, (u8 *) &mgmt,
9696 sizeof(mgmt.u.deauth), 0, 0, 0, 0,
9701 static int i802_sta_disassoc(void *priv, const u8 *own_addr, const u8 *addr,
9704 struct i802_bss *bss = priv;
9705 struct wpa_driver_nl80211_data *drv = bss->drv;
9706 struct ieee80211_mgmt mgmt;
9708 if (drv->device_ap_sme)
9709 return wpa_driver_nl80211_sta_remove(bss, addr);
9711 memset(&mgmt, 0, sizeof(mgmt));
9712 mgmt.frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT,
9713 WLAN_FC_STYPE_DISASSOC);
9714 memcpy(mgmt.da, addr, ETH_ALEN);
9715 memcpy(mgmt.sa, own_addr, ETH_ALEN);
9716 memcpy(mgmt.bssid, own_addr, ETH_ALEN);
9717 mgmt.u.disassoc.reason_code = host_to_le16(reason);
9718 return wpa_driver_nl80211_send_mlme(bss, (u8 *) &mgmt,
9720 sizeof(mgmt.u.disassoc), 0, 0, 0, 0,
9725 static void dump_ifidx(struct wpa_driver_nl80211_data *drv)
9727 char buf[200], *pos, *end;
9731 end = pos + sizeof(buf);
9733 for (i = 0; i < drv->num_if_indices; i++) {
9734 if (!drv->if_indices[i])
9736 res = os_snprintf(pos, end - pos, " %d", drv->if_indices[i]);
9737 if (res < 0 || res >= end - pos)
9743 wpa_printf(MSG_DEBUG, "nl80211: if_indices[%d]:%s",
9744 drv->num_if_indices, buf);
9748 static void add_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx)
9753 wpa_printf(MSG_DEBUG, "nl80211: Add own interface ifindex %d",
9755 if (have_ifidx(drv, ifidx)) {
9756 wpa_printf(MSG_DEBUG, "nl80211: ifindex %d already in the list",
9760 for (i = 0; i < drv->num_if_indices; i++) {
9761 if (drv->if_indices[i] == 0) {
9762 drv->if_indices[i] = ifidx;
9768 if (drv->if_indices != drv->default_if_indices)
9769 old = drv->if_indices;
9773 drv->if_indices = os_realloc_array(old, drv->num_if_indices + 1,
9775 if (!drv->if_indices) {
9777 drv->if_indices = drv->default_if_indices;
9779 drv->if_indices = old;
9780 wpa_printf(MSG_ERROR, "Failed to reallocate memory for "
9782 wpa_printf(MSG_ERROR, "Ignoring EAPOL on interface %d", ifidx);
9785 os_memcpy(drv->if_indices, drv->default_if_indices,
9786 sizeof(drv->default_if_indices));
9787 drv->if_indices[drv->num_if_indices] = ifidx;
9788 drv->num_if_indices++;
9793 static void del_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx)
9797 for (i = 0; i < drv->num_if_indices; i++) {
9798 if (drv->if_indices[i] == ifidx) {
9799 drv->if_indices[i] = 0;
9807 static int have_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx)
9811 for (i = 0; i < drv->num_if_indices; i++)
9812 if (drv->if_indices[i] == ifidx)
9819 static int i802_set_wds_sta(void *priv, const u8 *addr, int aid, int val,
9820 const char *bridge_ifname, char *ifname_wds)
9822 struct i802_bss *bss = priv;
9823 struct wpa_driver_nl80211_data *drv = bss->drv;
9824 char name[IFNAMSIZ + 1];
9826 os_snprintf(name, sizeof(name), "%s.sta%d", bss->ifname, aid);
9828 os_strlcpy(ifname_wds, name, IFNAMSIZ + 1);
9830 wpa_printf(MSG_DEBUG, "nl80211: Set WDS STA addr=" MACSTR
9831 " aid=%d val=%d name=%s", MAC2STR(addr), aid, val, name);
9833 if (!if_nametoindex(name)) {
9834 if (nl80211_create_iface(drv, name,
9835 NL80211_IFTYPE_AP_VLAN,
9836 bss->addr, 1, NULL, NULL, 0) <
9839 if (bridge_ifname &&
9840 linux_br_add_if(drv->global->ioctl_sock,
9841 bridge_ifname, name) < 0)
9844 if (linux_set_iface_flags(drv->global->ioctl_sock, name, 1)) {
9845 wpa_printf(MSG_ERROR, "nl80211: Failed to set WDS STA "
9846 "interface %s up", name);
9848 return i802_set_sta_vlan(priv, addr, name, 0);
9851 linux_br_del_if(drv->global->ioctl_sock, bridge_ifname,
9854 i802_set_sta_vlan(priv, addr, bss->ifname, 0);
9855 nl80211_remove_iface(drv, if_nametoindex(name));
9861 static void handle_eapol(int sock, void *eloop_ctx, void *sock_ctx)
9863 struct wpa_driver_nl80211_data *drv = eloop_ctx;
9864 struct sockaddr_ll lladdr;
9865 unsigned char buf[3000];
9867 socklen_t fromlen = sizeof(lladdr);
9869 len = recvfrom(sock, buf, sizeof(buf), 0,
9870 (struct sockaddr *)&lladdr, &fromlen);
9872 wpa_printf(MSG_ERROR, "nl80211: EAPOL recv failed: %s",
9877 if (have_ifidx(drv, lladdr.sll_ifindex))
9878 drv_event_eapol_rx(drv->ctx, lladdr.sll_addr, buf, len);
9882 static int i802_check_bridge(struct wpa_driver_nl80211_data *drv,
9883 struct i802_bss *bss,
9884 const char *brname, const char *ifname)
9887 char in_br[IFNAMSIZ];
9889 os_strlcpy(bss->brname, brname, IFNAMSIZ);
9890 ifindex = if_nametoindex(brname);
9893 * Bridge was configured, but the bridge device does
9894 * not exist. Try to add it now.
9896 if (linux_br_add(drv->global->ioctl_sock, brname) < 0) {
9897 wpa_printf(MSG_ERROR, "nl80211: Failed to add the "
9898 "bridge interface %s: %s",
9899 brname, strerror(errno));
9902 bss->added_bridge = 1;
9903 add_ifidx(drv, if_nametoindex(brname));
9906 if (linux_br_get(in_br, ifname) == 0) {
9907 if (os_strcmp(in_br, brname) == 0)
9908 return 0; /* already in the bridge */
9910 wpa_printf(MSG_DEBUG, "nl80211: Removing interface %s from "
9911 "bridge %s", ifname, in_br);
9912 if (linux_br_del_if(drv->global->ioctl_sock, in_br, ifname) <
9914 wpa_printf(MSG_ERROR, "nl80211: Failed to "
9915 "remove interface %s from bridge "
9917 ifname, brname, strerror(errno));
9922 wpa_printf(MSG_DEBUG, "nl80211: Adding interface %s into bridge %s",
9924 if (linux_br_add_if(drv->global->ioctl_sock, brname, ifname) < 0) {
9925 wpa_printf(MSG_ERROR, "nl80211: Failed to add interface %s "
9926 "into bridge %s: %s",
9927 ifname, brname, strerror(errno));
9930 bss->added_if_into_bridge = 1;
9936 static void *i802_init(struct hostapd_data *hapd,
9937 struct wpa_init_params *params)
9939 struct wpa_driver_nl80211_data *drv;
9940 struct i802_bss *bss;
9942 char brname[IFNAMSIZ];
9943 int ifindex, br_ifindex;
9946 bss = wpa_driver_nl80211_drv_init(hapd, params->ifname,
9947 params->global_priv, 1,
9954 if (linux_br_get(brname, params->ifname) == 0) {
9955 wpa_printf(MSG_DEBUG, "nl80211: Interface %s is in bridge %s",
9956 params->ifname, brname);
9957 br_ifindex = if_nametoindex(brname);
9963 for (i = 0; i < params->num_bridge; i++) {
9964 if (params->bridge[i]) {
9965 ifindex = if_nametoindex(params->bridge[i]);
9967 add_ifidx(drv, ifindex);
9968 if (ifindex == br_ifindex)
9972 if (!br_added && br_ifindex &&
9973 (params->num_bridge == 0 || !params->bridge[0]))
9974 add_ifidx(drv, br_ifindex);
9976 /* start listening for EAPOL on the default AP interface */
9977 add_ifidx(drv, drv->ifindex);
9979 if (params->num_bridge && params->bridge[0] &&
9980 i802_check_bridge(drv, bss, params->bridge[0], params->ifname) < 0)
9983 drv->eapol_sock = socket(PF_PACKET, SOCK_DGRAM, htons(ETH_P_PAE));
9984 if (drv->eapol_sock < 0) {
9985 wpa_printf(MSG_ERROR, "nl80211: socket(PF_PACKET, SOCK_DGRAM, ETH_P_PAE) failed: %s",
9990 if (eloop_register_read_sock(drv->eapol_sock, handle_eapol, drv, NULL))
9992 wpa_printf(MSG_INFO, "nl80211: Could not register read socket for eapol");
9996 if (linux_get_ifhwaddr(drv->global->ioctl_sock, bss->ifname,
10000 memcpy(bss->addr, params->own_addr, ETH_ALEN);
10005 wpa_driver_nl80211_deinit(bss);
10010 static void i802_deinit(void *priv)
10012 struct i802_bss *bss = priv;
10013 wpa_driver_nl80211_deinit(bss);
10017 static enum nl80211_iftype wpa_driver_nl80211_if_type(
10018 enum wpa_driver_if_type type)
10021 case WPA_IF_STATION:
10022 return NL80211_IFTYPE_STATION;
10023 case WPA_IF_P2P_CLIENT:
10024 case WPA_IF_P2P_GROUP:
10025 return NL80211_IFTYPE_P2P_CLIENT;
10026 case WPA_IF_AP_VLAN:
10027 return NL80211_IFTYPE_AP_VLAN;
10028 case WPA_IF_AP_BSS:
10029 return NL80211_IFTYPE_AP;
10030 case WPA_IF_P2P_GO:
10031 return NL80211_IFTYPE_P2P_GO;
10032 case WPA_IF_P2P_DEVICE:
10033 return NL80211_IFTYPE_P2P_DEVICE;
10041 static int nl80211_addr_in_use(struct nl80211_global *global, const u8 *addr)
10043 struct wpa_driver_nl80211_data *drv;
10044 dl_list_for_each(drv, &global->interfaces,
10045 struct wpa_driver_nl80211_data, list) {
10046 if (os_memcmp(addr, drv->first_bss->addr, ETH_ALEN) == 0)
10053 static int nl80211_p2p_interface_addr(struct wpa_driver_nl80211_data *drv,
10061 os_memcpy(new_addr, drv->first_bss->addr, ETH_ALEN);
10062 for (idx = 0; idx < 64; idx++) {
10063 new_addr[0] = drv->first_bss->addr[0] | 0x02;
10064 new_addr[0] ^= idx << 2;
10065 if (!nl80211_addr_in_use(drv->global, new_addr))
10071 wpa_printf(MSG_DEBUG, "nl80211: Assigned new P2P Interface Address "
10072 MACSTR, MAC2STR(new_addr));
10077 #endif /* CONFIG_P2P */
10083 u8 macaddr[ETH_ALEN];
10086 static int nl80211_wdev_handler(struct nl_msg *msg, void *arg)
10088 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
10089 struct nlattr *tb[NL80211_ATTR_MAX + 1];
10090 struct wdev_info *wi = arg;
10092 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
10093 genlmsg_attrlen(gnlh, 0), NULL);
10094 if (tb[NL80211_ATTR_WDEV]) {
10095 wi->wdev_id = nla_get_u64(tb[NL80211_ATTR_WDEV]);
10096 wi->wdev_id_set = 1;
10099 if (tb[NL80211_ATTR_MAC])
10100 os_memcpy(wi->macaddr, nla_data(tb[NL80211_ATTR_MAC]),
10107 static int wpa_driver_nl80211_if_add(void *priv, enum wpa_driver_if_type type,
10108 const char *ifname, const u8 *addr,
10109 void *bss_ctx, void **drv_priv,
10110 char *force_ifname, u8 *if_addr,
10111 const char *bridge, int use_existing)
10113 enum nl80211_iftype nlmode;
10114 struct i802_bss *bss = priv;
10115 struct wpa_driver_nl80211_data *drv = bss->drv;
10120 os_memcpy(if_addr, addr, ETH_ALEN);
10121 nlmode = wpa_driver_nl80211_if_type(type);
10122 if (nlmode == NL80211_IFTYPE_P2P_DEVICE) {
10123 struct wdev_info p2pdev_info;
10125 os_memset(&p2pdev_info, 0, sizeof(p2pdev_info));
10126 ifidx = nl80211_create_iface(drv, ifname, nlmode, addr,
10127 0, nl80211_wdev_handler,
10128 &p2pdev_info, use_existing);
10129 if (!p2pdev_info.wdev_id_set || ifidx != 0) {
10130 wpa_printf(MSG_ERROR, "nl80211: Failed to create a P2P Device interface %s",
10135 drv->global->if_add_wdevid = p2pdev_info.wdev_id;
10136 drv->global->if_add_wdevid_set = p2pdev_info.wdev_id_set;
10137 if (!is_zero_ether_addr(p2pdev_info.macaddr))
10138 os_memcpy(if_addr, p2pdev_info.macaddr, ETH_ALEN);
10139 wpa_printf(MSG_DEBUG, "nl80211: New P2P Device interface %s (0x%llx) created",
10141 (long long unsigned int) p2pdev_info.wdev_id);
10143 ifidx = nl80211_create_iface(drv, ifname, nlmode, addr,
10144 0, NULL, NULL, use_existing);
10145 if (use_existing && ifidx == -ENFILE) {
10147 ifidx = if_nametoindex(ifname);
10148 } else if (ifidx < 0) {
10154 if (drv->nlmode == NL80211_IFTYPE_P2P_DEVICE)
10155 os_memcpy(if_addr, bss->addr, ETH_ALEN);
10156 else if (linux_get_ifhwaddr(drv->global->ioctl_sock,
10157 bss->ifname, if_addr) < 0) {
10159 nl80211_remove_iface(drv, ifidx);
10166 (type == WPA_IF_P2P_CLIENT || type == WPA_IF_P2P_GROUP ||
10167 type == WPA_IF_P2P_GO)) {
10168 /* Enforce unique P2P Interface Address */
10169 u8 new_addr[ETH_ALEN];
10171 if (linux_get_ifhwaddr(drv->global->ioctl_sock, ifname,
10174 nl80211_remove_iface(drv, ifidx);
10177 if (nl80211_addr_in_use(drv->global, new_addr)) {
10178 wpa_printf(MSG_DEBUG, "nl80211: Allocate new address "
10179 "for P2P group interface");
10180 if (nl80211_p2p_interface_addr(drv, new_addr) < 0) {
10182 nl80211_remove_iface(drv, ifidx);
10185 if (linux_set_ifhwaddr(drv->global->ioctl_sock, ifname,
10188 nl80211_remove_iface(drv, ifidx);
10192 os_memcpy(if_addr, new_addr, ETH_ALEN);
10194 #endif /* CONFIG_P2P */
10196 if (type == WPA_IF_AP_BSS) {
10197 struct i802_bss *new_bss = os_zalloc(sizeof(*new_bss));
10198 if (new_bss == NULL) {
10200 nl80211_remove_iface(drv, ifidx);
10205 i802_check_bridge(drv, new_bss, bridge, ifname) < 0) {
10206 wpa_printf(MSG_ERROR, "nl80211: Failed to add the new "
10207 "interface %s to a bridge %s",
10210 nl80211_remove_iface(drv, ifidx);
10215 if (linux_set_iface_flags(drv->global->ioctl_sock, ifname, 1))
10218 nl80211_remove_iface(drv, ifidx);
10222 os_strlcpy(new_bss->ifname, ifname, IFNAMSIZ);
10223 os_memcpy(new_bss->addr, if_addr, ETH_ALEN);
10224 new_bss->ifindex = ifidx;
10225 new_bss->drv = drv;
10226 new_bss->next = drv->first_bss->next;
10227 new_bss->freq = drv->first_bss->freq;
10228 new_bss->ctx = bss_ctx;
10229 new_bss->added_if = added;
10230 drv->first_bss->next = new_bss;
10232 *drv_priv = new_bss;
10233 nl80211_init_bss(new_bss);
10235 /* Subscribe management frames for this WPA_IF_AP_BSS */
10236 if (nl80211_setup_ap(new_bss))
10241 drv->global->if_add_ifindex = ifidx;
10244 * Some virtual interfaces need to process EAPOL packets and events on
10245 * the parent interface. This is used mainly with hostapd.
10249 nlmode == NL80211_IFTYPE_AP_VLAN ||
10250 nlmode == NL80211_IFTYPE_WDS ||
10251 nlmode == NL80211_IFTYPE_MONITOR))
10252 add_ifidx(drv, ifidx);
10258 static int wpa_driver_nl80211_if_remove(struct i802_bss *bss,
10259 enum wpa_driver_if_type type,
10260 const char *ifname)
10262 struct wpa_driver_nl80211_data *drv = bss->drv;
10263 int ifindex = if_nametoindex(ifname);
10265 wpa_printf(MSG_DEBUG, "nl80211: %s(type=%d ifname=%s) ifindex=%d added_if=%d",
10266 __func__, type, ifname, ifindex, bss->added_if);
10267 if (ifindex > 0 && (bss->added_if || bss->ifindex != ifindex))
10268 nl80211_remove_iface(drv, ifindex);
10269 else if (ifindex > 0 && !bss->added_if) {
10270 struct wpa_driver_nl80211_data *drv2;
10271 dl_list_for_each(drv2, &drv->global->interfaces,
10272 struct wpa_driver_nl80211_data, list)
10273 del_ifidx(drv2, ifindex);
10276 if (type != WPA_IF_AP_BSS)
10279 if (bss->added_if_into_bridge) {
10280 if (linux_br_del_if(drv->global->ioctl_sock, bss->brname,
10282 wpa_printf(MSG_INFO, "nl80211: Failed to remove "
10283 "interface %s from bridge %s: %s",
10284 bss->ifname, bss->brname, strerror(errno));
10286 if (bss->added_bridge) {
10287 if (linux_br_del(drv->global->ioctl_sock, bss->brname) < 0)
10288 wpa_printf(MSG_INFO, "nl80211: Failed to remove "
10290 bss->brname, strerror(errno));
10293 if (bss != drv->first_bss) {
10294 struct i802_bss *tbss;
10296 wpa_printf(MSG_DEBUG, "nl80211: Not the first BSS - remove it");
10297 for (tbss = drv->first_bss; tbss; tbss = tbss->next) {
10298 if (tbss->next == bss) {
10299 tbss->next = bss->next;
10300 /* Unsubscribe management frames */
10301 nl80211_teardown_ap(bss);
10302 nl80211_destroy_bss(bss);
10303 if (!bss->added_if)
10304 i802_set_iface_flags(bss, 0);
10311 wpa_printf(MSG_INFO, "nl80211: %s - could not find "
10312 "BSS %p in the list", __func__, bss);
10314 wpa_printf(MSG_DEBUG, "nl80211: First BSS - reassign context");
10315 nl80211_teardown_ap(bss);
10316 if (!bss->added_if && !drv->first_bss->next)
10317 wpa_driver_nl80211_del_beacon(drv);
10318 nl80211_destroy_bss(bss);
10319 if (!bss->added_if)
10320 i802_set_iface_flags(bss, 0);
10321 if (drv->first_bss->next) {
10322 drv->first_bss = drv->first_bss->next;
10323 drv->ctx = drv->first_bss->ctx;
10326 wpa_printf(MSG_DEBUG, "nl80211: No second BSS to reassign context to");
10334 static int cookie_handler(struct nl_msg *msg, void *arg)
10336 struct nlattr *tb[NL80211_ATTR_MAX + 1];
10337 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
10339 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
10340 genlmsg_attrlen(gnlh, 0), NULL);
10341 if (tb[NL80211_ATTR_COOKIE])
10342 *cookie = nla_get_u64(tb[NL80211_ATTR_COOKIE]);
10347 static int nl80211_send_frame_cmd(struct i802_bss *bss,
10348 unsigned int freq, unsigned int wait,
10349 const u8 *buf, size_t buf_len,
10350 u64 *cookie_out, int no_cck, int no_ack,
10353 struct wpa_driver_nl80211_data *drv = bss->drv;
10354 struct nl_msg *msg;
10358 msg = nlmsg_alloc();
10362 wpa_printf(MSG_MSGDUMP, "nl80211: CMD_FRAME freq=%u wait=%u no_cck=%d "
10363 "no_ack=%d offchanok=%d",
10364 freq, wait, no_cck, no_ack, offchanok);
10365 wpa_hexdump(MSG_MSGDUMP, "CMD_FRAME", buf, buf_len);
10366 nl80211_cmd(drv, msg, 0, NL80211_CMD_FRAME);
10368 if (nl80211_set_iface_id(msg, bss) < 0)
10369 goto nla_put_failure;
10371 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, freq);
10373 NLA_PUT_U32(msg, NL80211_ATTR_DURATION, wait);
10374 if (offchanok && ((drv->capa.flags & WPA_DRIVER_FLAGS_OFFCHANNEL_TX) ||
10375 drv->test_use_roc_tx))
10376 NLA_PUT_FLAG(msg, NL80211_ATTR_OFFCHANNEL_TX_OK);
10378 NLA_PUT_FLAG(msg, NL80211_ATTR_TX_NO_CCK_RATE);
10380 NLA_PUT_FLAG(msg, NL80211_ATTR_DONT_WAIT_FOR_ACK);
10382 NLA_PUT(msg, NL80211_ATTR_FRAME, buf_len, buf);
10385 ret = send_and_recv_msgs(drv, msg, cookie_handler, &cookie);
10388 wpa_printf(MSG_DEBUG, "nl80211: Frame command failed: ret=%d "
10389 "(%s) (freq=%u wait=%u)", ret, strerror(-ret),
10391 goto nla_put_failure;
10393 wpa_printf(MSG_MSGDUMP, "nl80211: Frame TX command accepted%s; "
10394 "cookie 0x%llx", no_ack ? " (no ACK)" : "",
10395 (long long unsigned int) cookie);
10398 *cookie_out = no_ack ? (u64) -1 : cookie;
10406 static int wpa_driver_nl80211_send_action(struct i802_bss *bss,
10408 unsigned int wait_time,
10409 const u8 *dst, const u8 *src,
10411 const u8 *data, size_t data_len,
10414 struct wpa_driver_nl80211_data *drv = bss->drv;
10417 struct ieee80211_hdr *hdr;
10419 wpa_printf(MSG_DEBUG, "nl80211: Send Action frame (ifindex=%d, "
10420 "freq=%u MHz wait=%d ms no_cck=%d)",
10421 drv->ifindex, freq, wait_time, no_cck);
10423 buf = os_zalloc(24 + data_len);
10426 os_memcpy(buf + 24, data, data_len);
10427 hdr = (struct ieee80211_hdr *) buf;
10428 hdr->frame_control =
10429 IEEE80211_FC(WLAN_FC_TYPE_MGMT, WLAN_FC_STYPE_ACTION);
10430 os_memcpy(hdr->addr1, dst, ETH_ALEN);
10431 os_memcpy(hdr->addr2, src, ETH_ALEN);
10432 os_memcpy(hdr->addr3, bssid, ETH_ALEN);
10434 if (is_ap_interface(drv->nlmode) &&
10435 (!(drv->capa.flags & WPA_DRIVER_FLAGS_OFFCHANNEL_TX) ||
10436 (int) freq == bss->freq || drv->device_ap_sme ||
10437 !drv->use_monitor))
10438 ret = wpa_driver_nl80211_send_mlme(bss, buf, 24 + data_len,
10439 0, freq, no_cck, 1,
10442 ret = nl80211_send_frame_cmd(bss, freq, wait_time, buf,
10444 &drv->send_action_cookie,
10452 static void wpa_driver_nl80211_send_action_cancel_wait(void *priv)
10454 struct i802_bss *bss = priv;
10455 struct wpa_driver_nl80211_data *drv = bss->drv;
10456 struct nl_msg *msg;
10459 msg = nlmsg_alloc();
10463 wpa_printf(MSG_DEBUG, "nl80211: Cancel TX frame wait: cookie=0x%llx",
10464 (long long unsigned int) drv->send_action_cookie);
10465 nl80211_cmd(drv, msg, 0, NL80211_CMD_FRAME_WAIT_CANCEL);
10467 if (nl80211_set_iface_id(msg, bss) < 0)
10468 goto nla_put_failure;
10469 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, drv->send_action_cookie);
10471 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
10474 wpa_printf(MSG_DEBUG, "nl80211: wait cancel failed: ret=%d "
10475 "(%s)", ret, strerror(-ret));
10482 static int wpa_driver_nl80211_remain_on_channel(void *priv, unsigned int freq,
10483 unsigned int duration)
10485 struct i802_bss *bss = priv;
10486 struct wpa_driver_nl80211_data *drv = bss->drv;
10487 struct nl_msg *msg;
10491 msg = nlmsg_alloc();
10495 nl80211_cmd(drv, msg, 0, NL80211_CMD_REMAIN_ON_CHANNEL);
10497 if (nl80211_set_iface_id(msg, bss) < 0)
10498 goto nla_put_failure;
10500 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, freq);
10501 NLA_PUT_U32(msg, NL80211_ATTR_DURATION, duration);
10504 ret = send_and_recv_msgs(drv, msg, cookie_handler, &cookie);
10507 wpa_printf(MSG_DEBUG, "nl80211: Remain-on-channel cookie "
10508 "0x%llx for freq=%u MHz duration=%u",
10509 (long long unsigned int) cookie, freq, duration);
10510 drv->remain_on_chan_cookie = cookie;
10511 drv->pending_remain_on_chan = 1;
10514 wpa_printf(MSG_DEBUG, "nl80211: Failed to request remain-on-channel "
10515 "(freq=%d duration=%u): %d (%s)",
10516 freq, duration, ret, strerror(-ret));
10523 static int wpa_driver_nl80211_cancel_remain_on_channel(void *priv)
10525 struct i802_bss *bss = priv;
10526 struct wpa_driver_nl80211_data *drv = bss->drv;
10527 struct nl_msg *msg;
10530 if (!drv->pending_remain_on_chan) {
10531 wpa_printf(MSG_DEBUG, "nl80211: No pending remain-on-channel "
10536 wpa_printf(MSG_DEBUG, "nl80211: Cancel remain-on-channel with cookie "
10538 (long long unsigned int) drv->remain_on_chan_cookie);
10540 msg = nlmsg_alloc();
10544 nl80211_cmd(drv, msg, 0, NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL);
10546 if (nl80211_set_iface_id(msg, bss) < 0)
10547 goto nla_put_failure;
10549 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, drv->remain_on_chan_cookie);
10551 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
10555 wpa_printf(MSG_DEBUG, "nl80211: Failed to cancel remain-on-channel: "
10556 "%d (%s)", ret, strerror(-ret));
10563 static int wpa_driver_nl80211_probe_req_report(struct i802_bss *bss, int report)
10565 struct wpa_driver_nl80211_data *drv = bss->drv;
10568 if (bss->nl_preq && drv->device_ap_sme &&
10569 is_ap_interface(drv->nlmode)) {
10571 * Do not disable Probe Request reporting that was
10572 * enabled in nl80211_setup_ap().
10574 wpa_printf(MSG_DEBUG, "nl80211: Skip disabling of "
10575 "Probe Request reporting nl_preq=%p while "
10576 "in AP mode", bss->nl_preq);
10577 } else if (bss->nl_preq) {
10578 wpa_printf(MSG_DEBUG, "nl80211: Disable Probe Request "
10579 "reporting nl_preq=%p", bss->nl_preq);
10580 nl80211_destroy_eloop_handle(&bss->nl_preq);
10585 if (bss->nl_preq) {
10586 wpa_printf(MSG_DEBUG, "nl80211: Probe Request reporting "
10587 "already on! nl_preq=%p", bss->nl_preq);
10591 bss->nl_preq = nl_create_handle(drv->global->nl_cb, "preq");
10592 if (bss->nl_preq == NULL)
10594 wpa_printf(MSG_DEBUG, "nl80211: Enable Probe Request "
10595 "reporting nl_preq=%p", bss->nl_preq);
10597 if (nl80211_register_frame(bss, bss->nl_preq,
10598 (WLAN_FC_TYPE_MGMT << 2) |
10599 (WLAN_FC_STYPE_PROBE_REQ << 4),
10603 nl80211_register_eloop_read(&bss->nl_preq,
10604 wpa_driver_nl80211_event_receive,
10610 nl_destroy_handles(&bss->nl_preq);
10615 static int nl80211_disable_11b_rates(struct wpa_driver_nl80211_data *drv,
10616 int ifindex, int disabled)
10618 struct nl_msg *msg;
10619 struct nlattr *bands, *band;
10622 msg = nlmsg_alloc();
10626 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_TX_BITRATE_MASK);
10627 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifindex);
10629 bands = nla_nest_start(msg, NL80211_ATTR_TX_RATES);
10631 goto nla_put_failure;
10634 * Disable 2 GHz rates 1, 2, 5.5, 11 Mbps by masking out everything
10635 * else apart from 6, 9, 12, 18, 24, 36, 48, 54 Mbps from non-MCS
10636 * rates. All 5 GHz rates are left enabled.
10638 band = nla_nest_start(msg, NL80211_BAND_2GHZ);
10640 goto nla_put_failure;
10642 NLA_PUT(msg, NL80211_TXRATE_LEGACY, 8,
10643 "\x0c\x12\x18\x24\x30\x48\x60\x6c");
10645 nla_nest_end(msg, band);
10647 nla_nest_end(msg, bands);
10649 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
10652 wpa_printf(MSG_DEBUG, "nl80211: Set TX rates failed: ret=%d "
10653 "(%s)", ret, strerror(-ret));
10655 drv->disabled_11b_rates = disabled;
10665 static int wpa_driver_nl80211_deinit_ap(void *priv)
10667 struct i802_bss *bss = priv;
10668 struct wpa_driver_nl80211_data *drv = bss->drv;
10669 if (!is_ap_interface(drv->nlmode))
10671 wpa_driver_nl80211_del_beacon(drv);
10674 * If the P2P GO interface was dynamically added, then it is
10675 * possible that the interface change to station is not possible.
10677 if (drv->nlmode == NL80211_IFTYPE_P2P_GO && bss->if_dynamic)
10680 return wpa_driver_nl80211_set_mode(priv, NL80211_IFTYPE_STATION);
10684 static int wpa_driver_nl80211_stop_ap(void *priv)
10686 struct i802_bss *bss = priv;
10687 struct wpa_driver_nl80211_data *drv = bss->drv;
10688 if (!is_ap_interface(drv->nlmode))
10690 wpa_driver_nl80211_del_beacon(drv);
10691 bss->beacon_set = 0;
10696 static int wpa_driver_nl80211_deinit_p2p_cli(void *priv)
10698 struct i802_bss *bss = priv;
10699 struct wpa_driver_nl80211_data *drv = bss->drv;
10700 if (drv->nlmode != NL80211_IFTYPE_P2P_CLIENT)
10704 * If the P2P Client interface was dynamically added, then it is
10705 * possible that the interface change to station is not possible.
10707 if (bss->if_dynamic)
10710 return wpa_driver_nl80211_set_mode(priv, NL80211_IFTYPE_STATION);
10714 static void wpa_driver_nl80211_resume(void *priv)
10716 struct i802_bss *bss = priv;
10718 if (i802_set_iface_flags(bss, 1))
10719 wpa_printf(MSG_DEBUG, "nl80211: Failed to set interface up on resume event");
10723 static int nl80211_send_ft_action(void *priv, u8 action, const u8 *target_ap,
10724 const u8 *ies, size_t ies_len)
10726 struct i802_bss *bss = priv;
10727 struct wpa_driver_nl80211_data *drv = bss->drv;
10731 const u8 *own_addr = bss->addr;
10734 wpa_printf(MSG_ERROR, "nl80211: Unsupported send_ft_action "
10735 "action %d", action);
10740 * Action frame payload:
10741 * Category[1] = 6 (Fast BSS Transition)
10742 * Action[1] = 1 (Fast BSS Transition Request)
10744 * Target AP Address
10748 data_len = 2 + 2 * ETH_ALEN + ies_len;
10749 data = os_malloc(data_len);
10753 *pos++ = 0x06; /* FT Action category */
10755 os_memcpy(pos, own_addr, ETH_ALEN);
10757 os_memcpy(pos, target_ap, ETH_ALEN);
10759 os_memcpy(pos, ies, ies_len);
10761 ret = wpa_driver_nl80211_send_action(bss, drv->assoc_freq, 0,
10762 drv->bssid, own_addr, drv->bssid,
10763 data, data_len, 0);
10770 static int nl80211_signal_monitor(void *priv, int threshold, int hysteresis)
10772 struct i802_bss *bss = priv;
10773 struct wpa_driver_nl80211_data *drv = bss->drv;
10774 struct nl_msg *msg;
10775 struct nlattr *cqm;
10778 wpa_printf(MSG_DEBUG, "nl80211: Signal monitor threshold=%d "
10779 "hysteresis=%d", threshold, hysteresis);
10781 msg = nlmsg_alloc();
10785 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_CQM);
10787 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, bss->ifindex);
10789 cqm = nla_nest_start(msg, NL80211_ATTR_CQM);
10791 goto nla_put_failure;
10793 NLA_PUT_U32(msg, NL80211_ATTR_CQM_RSSI_THOLD, threshold);
10794 NLA_PUT_U32(msg, NL80211_ATTR_CQM_RSSI_HYST, hysteresis);
10795 nla_nest_end(msg, cqm);
10797 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
10806 static int get_channel_width(struct nl_msg *msg, void *arg)
10808 struct nlattr *tb[NL80211_ATTR_MAX + 1];
10809 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
10810 struct wpa_signal_info *sig_change = arg;
10812 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
10813 genlmsg_attrlen(gnlh, 0), NULL);
10815 sig_change->center_frq1 = -1;
10816 sig_change->center_frq2 = -1;
10817 sig_change->chanwidth = CHAN_WIDTH_UNKNOWN;
10819 if (tb[NL80211_ATTR_CHANNEL_WIDTH]) {
10820 sig_change->chanwidth = convert2width(
10821 nla_get_u32(tb[NL80211_ATTR_CHANNEL_WIDTH]));
10822 if (tb[NL80211_ATTR_CENTER_FREQ1])
10823 sig_change->center_frq1 =
10824 nla_get_u32(tb[NL80211_ATTR_CENTER_FREQ1]);
10825 if (tb[NL80211_ATTR_CENTER_FREQ2])
10826 sig_change->center_frq2 =
10827 nla_get_u32(tb[NL80211_ATTR_CENTER_FREQ2]);
10834 static int nl80211_get_channel_width(struct wpa_driver_nl80211_data *drv,
10835 struct wpa_signal_info *sig)
10837 struct nl_msg *msg;
10839 msg = nlmsg_alloc();
10843 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_INTERFACE);
10844 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
10846 return send_and_recv_msgs(drv, msg, get_channel_width, sig);
10854 static int nl80211_signal_poll(void *priv, struct wpa_signal_info *si)
10856 struct i802_bss *bss = priv;
10857 struct wpa_driver_nl80211_data *drv = bss->drv;
10860 os_memset(si, 0, sizeof(*si));
10861 res = nl80211_get_link_signal(drv, si);
10865 res = nl80211_get_channel_width(drv, si);
10869 return nl80211_get_link_noise(drv, si);
10873 static int wpa_driver_nl80211_shared_freq(void *priv)
10875 struct i802_bss *bss = priv;
10876 struct wpa_driver_nl80211_data *drv = bss->drv;
10877 struct wpa_driver_nl80211_data *driver;
10881 * If the same PHY is in connected state with some other interface,
10882 * then retrieve the assoc freq.
10884 wpa_printf(MSG_DEBUG, "nl80211: Get shared freq for PHY %s",
10887 dl_list_for_each(driver, &drv->global->interfaces,
10888 struct wpa_driver_nl80211_data, list) {
10889 if (drv == driver ||
10890 os_strcmp(drv->phyname, driver->phyname) != 0 ||
10891 !driver->associated)
10894 wpa_printf(MSG_DEBUG, "nl80211: Found a match for PHY %s - %s "
10896 driver->phyname, driver->first_bss->ifname,
10897 MAC2STR(driver->first_bss->addr));
10898 if (is_ap_interface(driver->nlmode))
10899 freq = driver->first_bss->freq;
10901 freq = nl80211_get_assoc_freq(driver);
10902 wpa_printf(MSG_DEBUG, "nl80211: Shared freq for PHY %s: %d",
10903 drv->phyname, freq);
10907 wpa_printf(MSG_DEBUG, "nl80211: No shared interface for "
10908 "PHY (%s) in associated state", drv->phyname);
10914 static int nl80211_send_frame(void *priv, const u8 *data, size_t data_len,
10917 struct i802_bss *bss = priv;
10918 return wpa_driver_nl80211_send_frame(bss, data, data_len, encrypt, 0,
10923 static int nl80211_set_param(void *priv, const char *param)
10925 wpa_printf(MSG_DEBUG, "nl80211: driver param='%s'", param);
10930 if (os_strstr(param, "use_p2p_group_interface=1")) {
10931 struct i802_bss *bss = priv;
10932 struct wpa_driver_nl80211_data *drv = bss->drv;
10934 wpa_printf(MSG_DEBUG, "nl80211: Use separate P2P group "
10936 drv->capa.flags |= WPA_DRIVER_FLAGS_P2P_CONCURRENT;
10937 drv->capa.flags |= WPA_DRIVER_FLAGS_P2P_MGMT_AND_NON_P2P;
10940 if (os_strstr(param, "p2p_device=1")) {
10941 struct i802_bss *bss = priv;
10942 struct wpa_driver_nl80211_data *drv = bss->drv;
10943 drv->allow_p2p_device = 1;
10945 #endif /* CONFIG_P2P */
10947 if (os_strstr(param, "use_monitor=1")) {
10948 struct i802_bss *bss = priv;
10949 struct wpa_driver_nl80211_data *drv = bss->drv;
10950 drv->use_monitor = 1;
10953 if (os_strstr(param, "force_connect_cmd=1")) {
10954 struct i802_bss *bss = priv;
10955 struct wpa_driver_nl80211_data *drv = bss->drv;
10956 drv->capa.flags &= ~WPA_DRIVER_FLAGS_SME;
10959 if (os_strstr(param, "no_offchannel_tx=1")) {
10960 struct i802_bss *bss = priv;
10961 struct wpa_driver_nl80211_data *drv = bss->drv;
10962 drv->capa.flags &= ~WPA_DRIVER_FLAGS_OFFCHANNEL_TX;
10963 drv->test_use_roc_tx = 1;
10970 static void * nl80211_global_init(void)
10972 struct nl80211_global *global;
10973 struct netlink_config *cfg;
10975 global = os_zalloc(sizeof(*global));
10976 if (global == NULL)
10978 global->ioctl_sock = -1;
10979 dl_list_init(&global->interfaces);
10980 global->if_add_ifindex = -1;
10982 cfg = os_zalloc(sizeof(*cfg));
10987 cfg->newlink_cb = wpa_driver_nl80211_event_rtm_newlink;
10988 cfg->dellink_cb = wpa_driver_nl80211_event_rtm_dellink;
10989 global->netlink = netlink_init(cfg);
10990 if (global->netlink == NULL) {
10995 if (wpa_driver_nl80211_init_nl_global(global) < 0)
10998 global->ioctl_sock = socket(PF_INET, SOCK_DGRAM, 0);
10999 if (global->ioctl_sock < 0) {
11000 wpa_printf(MSG_ERROR, "nl80211: socket(PF_INET,SOCK_DGRAM) failed: %s",
11008 nl80211_global_deinit(global);
11013 static void nl80211_global_deinit(void *priv)
11015 struct nl80211_global *global = priv;
11016 if (global == NULL)
11018 if (!dl_list_empty(&global->interfaces)) {
11019 wpa_printf(MSG_ERROR, "nl80211: %u interface(s) remain at "
11020 "nl80211_global_deinit",
11021 dl_list_len(&global->interfaces));
11024 if (global->netlink)
11025 netlink_deinit(global->netlink);
11027 nl_destroy_handles(&global->nl);
11029 if (global->nl_event)
11030 nl80211_destroy_eloop_handle(&global->nl_event);
11032 nl_cb_put(global->nl_cb);
11034 if (global->ioctl_sock >= 0)
11035 close(global->ioctl_sock);
11041 static const char * nl80211_get_radio_name(void *priv)
11043 struct i802_bss *bss = priv;
11044 struct wpa_driver_nl80211_data *drv = bss->drv;
11045 return drv->phyname;
11049 static int nl80211_pmkid(struct i802_bss *bss, int cmd, const u8 *bssid,
11052 struct nl_msg *msg;
11054 msg = nlmsg_alloc();
11058 nl80211_cmd(bss->drv, msg, 0, cmd);
11060 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(bss->ifname));
11062 NLA_PUT(msg, NL80211_ATTR_PMKID, 16, pmkid);
11064 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid);
11066 return send_and_recv_msgs(bss->drv, msg, NULL, NULL);
11073 static int nl80211_add_pmkid(void *priv, const u8 *bssid, const u8 *pmkid)
11075 struct i802_bss *bss = priv;
11076 wpa_printf(MSG_DEBUG, "nl80211: Add PMKID for " MACSTR, MAC2STR(bssid));
11077 return nl80211_pmkid(bss, NL80211_CMD_SET_PMKSA, bssid, pmkid);
11081 static int nl80211_remove_pmkid(void *priv, const u8 *bssid, const u8 *pmkid)
11083 struct i802_bss *bss = priv;
11084 wpa_printf(MSG_DEBUG, "nl80211: Delete PMKID for " MACSTR,
11086 return nl80211_pmkid(bss, NL80211_CMD_DEL_PMKSA, bssid, pmkid);
11090 static int nl80211_flush_pmkid(void *priv)
11092 struct i802_bss *bss = priv;
11093 wpa_printf(MSG_DEBUG, "nl80211: Flush PMKIDs");
11094 return nl80211_pmkid(bss, NL80211_CMD_FLUSH_PMKSA, NULL, NULL);
11098 static void clean_survey_results(struct survey_results *survey_results)
11100 struct freq_survey *survey, *tmp;
11102 if (dl_list_empty(&survey_results->survey_list))
11105 dl_list_for_each_safe(survey, tmp, &survey_results->survey_list,
11106 struct freq_survey, list) {
11107 dl_list_del(&survey->list);
11113 static void add_survey(struct nlattr **sinfo, u32 ifidx,
11114 struct dl_list *survey_list)
11116 struct freq_survey *survey;
11118 survey = os_zalloc(sizeof(struct freq_survey));
11122 survey->ifidx = ifidx;
11123 survey->freq = nla_get_u32(sinfo[NL80211_SURVEY_INFO_FREQUENCY]);
11124 survey->filled = 0;
11126 if (sinfo[NL80211_SURVEY_INFO_NOISE]) {
11127 survey->nf = (int8_t)
11128 nla_get_u8(sinfo[NL80211_SURVEY_INFO_NOISE]);
11129 survey->filled |= SURVEY_HAS_NF;
11132 if (sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME]) {
11133 survey->channel_time =
11134 nla_get_u64(sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME]);
11135 survey->filled |= SURVEY_HAS_CHAN_TIME;
11138 if (sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_BUSY]) {
11139 survey->channel_time_busy =
11140 nla_get_u64(sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_BUSY]);
11141 survey->filled |= SURVEY_HAS_CHAN_TIME_BUSY;
11144 if (sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_RX]) {
11145 survey->channel_time_rx =
11146 nla_get_u64(sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_RX]);
11147 survey->filled |= SURVEY_HAS_CHAN_TIME_RX;
11150 if (sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_TX]) {
11151 survey->channel_time_tx =
11152 nla_get_u64(sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_TX]);
11153 survey->filled |= SURVEY_HAS_CHAN_TIME_TX;
11156 wpa_printf(MSG_DEBUG, "nl80211: Freq survey dump event (freq=%d MHz noise=%d channel_time=%ld busy_time=%ld tx_time=%ld rx_time=%ld filled=%04x)",
11159 (unsigned long int) survey->channel_time,
11160 (unsigned long int) survey->channel_time_busy,
11161 (unsigned long int) survey->channel_time_tx,
11162 (unsigned long int) survey->channel_time_rx,
11165 dl_list_add_tail(survey_list, &survey->list);
11169 static int check_survey_ok(struct nlattr **sinfo, u32 surveyed_freq,
11170 unsigned int freq_filter)
11175 return freq_filter == surveyed_freq;
11179 static int survey_handler(struct nl_msg *msg, void *arg)
11181 struct nlattr *tb[NL80211_ATTR_MAX + 1];
11182 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
11183 struct nlattr *sinfo[NL80211_SURVEY_INFO_MAX + 1];
11184 struct survey_results *survey_results;
11185 u32 surveyed_freq = 0;
11188 static struct nla_policy survey_policy[NL80211_SURVEY_INFO_MAX + 1] = {
11189 [NL80211_SURVEY_INFO_FREQUENCY] = { .type = NLA_U32 },
11190 [NL80211_SURVEY_INFO_NOISE] = { .type = NLA_U8 },
11193 survey_results = (struct survey_results *) arg;
11195 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
11196 genlmsg_attrlen(gnlh, 0), NULL);
11198 if (!tb[NL80211_ATTR_IFINDEX])
11201 ifidx = nla_get_u32(tb[NL80211_ATTR_IFINDEX]);
11203 if (!tb[NL80211_ATTR_SURVEY_INFO])
11206 if (nla_parse_nested(sinfo, NL80211_SURVEY_INFO_MAX,
11207 tb[NL80211_ATTR_SURVEY_INFO],
11211 if (!sinfo[NL80211_SURVEY_INFO_FREQUENCY]) {
11212 wpa_printf(MSG_ERROR, "nl80211: Invalid survey data");
11216 surveyed_freq = nla_get_u32(sinfo[NL80211_SURVEY_INFO_FREQUENCY]);
11218 if (!check_survey_ok(sinfo, surveyed_freq,
11219 survey_results->freq_filter))
11222 if (survey_results->freq_filter &&
11223 survey_results->freq_filter != surveyed_freq) {
11224 wpa_printf(MSG_EXCESSIVE, "nl80211: Ignoring survey data for freq %d MHz",
11229 add_survey(sinfo, ifidx, &survey_results->survey_list);
11235 static int wpa_driver_nl80211_get_survey(void *priv, unsigned int freq)
11237 struct i802_bss *bss = priv;
11238 struct wpa_driver_nl80211_data *drv = bss->drv;
11239 struct nl_msg *msg;
11240 int err = -ENOBUFS;
11241 union wpa_event_data data;
11242 struct survey_results *survey_results;
11244 os_memset(&data, 0, sizeof(data));
11245 survey_results = &data.survey_results;
11247 dl_list_init(&survey_results->survey_list);
11249 msg = nlmsg_alloc();
11251 goto nla_put_failure;
11253 nl80211_cmd(drv, msg, NLM_F_DUMP, NL80211_CMD_GET_SURVEY);
11255 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
11258 data.survey_results.freq_filter = freq;
11261 wpa_printf(MSG_DEBUG, "nl80211: Fetch survey data");
11262 err = send_and_recv_msgs(drv, msg, survey_handler,
11267 wpa_printf(MSG_ERROR, "nl80211: Failed to process survey data");
11271 wpa_supplicant_event(drv->ctx, EVENT_SURVEY, &data);
11274 clean_survey_results(survey_results);
11280 static void nl80211_set_rekey_info(void *priv, const u8 *kek, const u8 *kck,
11281 const u8 *replay_ctr)
11283 struct i802_bss *bss = priv;
11284 struct wpa_driver_nl80211_data *drv = bss->drv;
11285 struct nlattr *replay_nested;
11286 struct nl_msg *msg;
11288 msg = nlmsg_alloc();
11292 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_REKEY_OFFLOAD);
11294 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, bss->ifindex);
11296 replay_nested = nla_nest_start(msg, NL80211_ATTR_REKEY_DATA);
11297 if (!replay_nested)
11298 goto nla_put_failure;
11300 NLA_PUT(msg, NL80211_REKEY_DATA_KEK, NL80211_KEK_LEN, kek);
11301 NLA_PUT(msg, NL80211_REKEY_DATA_KCK, NL80211_KCK_LEN, kck);
11302 NLA_PUT(msg, NL80211_REKEY_DATA_REPLAY_CTR, NL80211_REPLAY_CTR_LEN,
11305 nla_nest_end(msg, replay_nested);
11307 send_and_recv_msgs(drv, msg, NULL, NULL);
11314 static void nl80211_send_null_frame(struct i802_bss *bss, const u8 *own_addr,
11315 const u8 *addr, int qos)
11317 /* send data frame to poll STA and check whether
11318 * this frame is ACKed */
11320 struct ieee80211_hdr hdr;
11322 } STRUCT_PACKED nulldata;
11325 /* Send data frame to poll STA and check whether this frame is ACKed */
11327 os_memset(&nulldata, 0, sizeof(nulldata));
11330 nulldata.hdr.frame_control =
11331 IEEE80211_FC(WLAN_FC_TYPE_DATA,
11332 WLAN_FC_STYPE_QOS_NULL);
11333 size = sizeof(nulldata);
11335 nulldata.hdr.frame_control =
11336 IEEE80211_FC(WLAN_FC_TYPE_DATA,
11337 WLAN_FC_STYPE_NULLFUNC);
11338 size = sizeof(struct ieee80211_hdr);
11341 nulldata.hdr.frame_control |= host_to_le16(WLAN_FC_FROMDS);
11342 os_memcpy(nulldata.hdr.IEEE80211_DA_FROMDS, addr, ETH_ALEN);
11343 os_memcpy(nulldata.hdr.IEEE80211_BSSID_FROMDS, own_addr, ETH_ALEN);
11344 os_memcpy(nulldata.hdr.IEEE80211_SA_FROMDS, own_addr, ETH_ALEN);
11346 if (wpa_driver_nl80211_send_mlme(bss, (u8 *) &nulldata, size, 0, 0, 0,
11348 wpa_printf(MSG_DEBUG, "nl80211_send_null_frame: Failed to "
11349 "send poll frame");
11352 static void nl80211_poll_client(void *priv, const u8 *own_addr, const u8 *addr,
11355 struct i802_bss *bss = priv;
11356 struct wpa_driver_nl80211_data *drv = bss->drv;
11357 struct nl_msg *msg;
11359 if (!drv->poll_command_supported) {
11360 nl80211_send_null_frame(bss, own_addr, addr, qos);
11364 msg = nlmsg_alloc();
11368 nl80211_cmd(drv, msg, 0, NL80211_CMD_PROBE_CLIENT);
11370 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, bss->ifindex);
11371 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
11373 send_and_recv_msgs(drv, msg, NULL, NULL);
11380 static int nl80211_set_power_save(struct i802_bss *bss, int enabled)
11382 struct nl_msg *msg;
11384 msg = nlmsg_alloc();
11388 nl80211_cmd(bss->drv, msg, 0, NL80211_CMD_SET_POWER_SAVE);
11389 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, bss->ifindex);
11390 NLA_PUT_U32(msg, NL80211_ATTR_PS_STATE,
11391 enabled ? NL80211_PS_ENABLED : NL80211_PS_DISABLED);
11392 return send_and_recv_msgs(bss->drv, msg, NULL, NULL);
11399 static int nl80211_set_p2p_powersave(void *priv, int legacy_ps, int opp_ps,
11402 struct i802_bss *bss = priv;
11404 wpa_printf(MSG_DEBUG, "nl80211: set_p2p_powersave (legacy_ps=%d "
11405 "opp_ps=%d ctwindow=%d)", legacy_ps, opp_ps, ctwindow);
11407 if (opp_ps != -1 || ctwindow != -1) {
11409 wpa_driver_set_p2p_ps(priv, legacy_ps, opp_ps, ctwindow);
11410 #else /* ANDROID_P2P */
11411 return -1; /* Not yet supported */
11412 #endif /* ANDROID_P2P */
11415 if (legacy_ps == -1)
11417 if (legacy_ps != 0 && legacy_ps != 1)
11418 return -1; /* Not yet supported */
11420 return nl80211_set_power_save(bss, legacy_ps);
11424 static int nl80211_start_radar_detection(void *priv,
11425 struct hostapd_freq_params *freq)
11427 struct i802_bss *bss = priv;
11428 struct wpa_driver_nl80211_data *drv = bss->drv;
11429 struct nl_msg *msg;
11432 wpa_printf(MSG_DEBUG, "nl80211: Start radar detection (CAC) %d MHz (ht_enabled=%d, vht_enabled=%d, bandwidth=%d MHz, cf1=%d MHz, cf2=%d MHz)",
11433 freq->freq, freq->ht_enabled, freq->vht_enabled,
11434 freq->bandwidth, freq->center_freq1, freq->center_freq2);
11436 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_RADAR)) {
11437 wpa_printf(MSG_DEBUG, "nl80211: Driver does not support radar "
11442 msg = nlmsg_alloc();
11446 nl80211_cmd(bss->drv, msg, 0, NL80211_CMD_RADAR_DETECT);
11447 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
11448 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, freq->freq);
11450 if (freq->vht_enabled) {
11451 switch (freq->bandwidth) {
11453 NLA_PUT_U32(msg, NL80211_ATTR_CHANNEL_WIDTH,
11454 NL80211_CHAN_WIDTH_20);
11457 NLA_PUT_U32(msg, NL80211_ATTR_CHANNEL_WIDTH,
11458 NL80211_CHAN_WIDTH_40);
11461 if (freq->center_freq2)
11462 NLA_PUT_U32(msg, NL80211_ATTR_CHANNEL_WIDTH,
11463 NL80211_CHAN_WIDTH_80P80);
11465 NLA_PUT_U32(msg, NL80211_ATTR_CHANNEL_WIDTH,
11466 NL80211_CHAN_WIDTH_80);
11469 NLA_PUT_U32(msg, NL80211_ATTR_CHANNEL_WIDTH,
11470 NL80211_CHAN_WIDTH_160);
11475 NLA_PUT_U32(msg, NL80211_ATTR_CENTER_FREQ1, freq->center_freq1);
11476 if (freq->center_freq2)
11477 NLA_PUT_U32(msg, NL80211_ATTR_CENTER_FREQ2,
11478 freq->center_freq2);
11479 } else if (freq->ht_enabled) {
11480 switch (freq->sec_channel_offset) {
11482 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE,
11483 NL80211_CHAN_HT40MINUS);
11486 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE,
11487 NL80211_CHAN_HT40PLUS);
11490 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE,
11491 NL80211_CHAN_HT20);
11496 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
11499 wpa_printf(MSG_DEBUG, "nl80211: Failed to start radar detection: "
11500 "%d (%s)", ret, strerror(-ret));
11507 static int nl80211_send_tdls_mgmt(void *priv, const u8 *dst, u8 action_code,
11508 u8 dialog_token, u16 status_code,
11509 u32 peer_capab, const u8 *buf, size_t len)
11511 struct i802_bss *bss = priv;
11512 struct wpa_driver_nl80211_data *drv = bss->drv;
11513 struct nl_msg *msg;
11515 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT))
11516 return -EOPNOTSUPP;
11521 msg = nlmsg_alloc();
11525 nl80211_cmd(drv, msg, 0, NL80211_CMD_TDLS_MGMT);
11526 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
11527 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, dst);
11528 NLA_PUT_U8(msg, NL80211_ATTR_TDLS_ACTION, action_code);
11529 NLA_PUT_U8(msg, NL80211_ATTR_TDLS_DIALOG_TOKEN, dialog_token);
11530 NLA_PUT_U16(msg, NL80211_ATTR_STATUS_CODE, status_code);
11533 * The internal enum tdls_peer_capability definition is
11534 * currently identical with the nl80211 enum
11535 * nl80211_tdls_peer_capability, so no conversion is needed
11538 NLA_PUT_U32(msg, NL80211_ATTR_TDLS_PEER_CAPABILITY, peer_capab);
11540 NLA_PUT(msg, NL80211_ATTR_IE, len, buf);
11542 return send_and_recv_msgs(drv, msg, NULL, NULL);
11550 static int nl80211_tdls_oper(void *priv, enum tdls_oper oper, const u8 *peer)
11552 struct i802_bss *bss = priv;
11553 struct wpa_driver_nl80211_data *drv = bss->drv;
11554 struct nl_msg *msg;
11555 enum nl80211_tdls_operation nl80211_oper;
11557 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT))
11558 return -EOPNOTSUPP;
11561 case TDLS_DISCOVERY_REQ:
11562 nl80211_oper = NL80211_TDLS_DISCOVERY_REQ;
11565 nl80211_oper = NL80211_TDLS_SETUP;
11567 case TDLS_TEARDOWN:
11568 nl80211_oper = NL80211_TDLS_TEARDOWN;
11570 case TDLS_ENABLE_LINK:
11571 nl80211_oper = NL80211_TDLS_ENABLE_LINK;
11573 case TDLS_DISABLE_LINK:
11574 nl80211_oper = NL80211_TDLS_DISABLE_LINK;
11584 msg = nlmsg_alloc();
11588 nl80211_cmd(drv, msg, 0, NL80211_CMD_TDLS_OPER);
11589 NLA_PUT_U8(msg, NL80211_ATTR_TDLS_OPERATION, nl80211_oper);
11590 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
11591 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, peer);
11593 return send_and_recv_msgs(drv, msg, NULL, NULL);
11600 #endif /* CONFIG TDLS */
11605 typedef struct android_wifi_priv_cmd {
11609 } android_wifi_priv_cmd;
11611 static int drv_errors = 0;
11613 static void wpa_driver_send_hang_msg(struct wpa_driver_nl80211_data *drv)
11616 if (drv_errors > DRV_NUMBER_SEQUENTIAL_ERRORS) {
11618 wpa_msg(drv->ctx, MSG_INFO, WPA_EVENT_DRIVER_STATE "HANGED");
11623 static int android_priv_cmd(struct i802_bss *bss, const char *cmd)
11625 struct wpa_driver_nl80211_data *drv = bss->drv;
11627 android_wifi_priv_cmd priv_cmd;
11628 char buf[MAX_DRV_CMD_SIZE];
11631 os_memset(&ifr, 0, sizeof(ifr));
11632 os_memset(&priv_cmd, 0, sizeof(priv_cmd));
11633 os_strlcpy(ifr.ifr_name, bss->ifname, IFNAMSIZ);
11635 os_memset(buf, 0, sizeof(buf));
11636 os_strlcpy(buf, cmd, sizeof(buf));
11638 priv_cmd.buf = buf;
11639 priv_cmd.used_len = sizeof(buf);
11640 priv_cmd.total_len = sizeof(buf);
11641 ifr.ifr_data = &priv_cmd;
11643 ret = ioctl(drv->global->ioctl_sock, SIOCDEVPRIVATE + 1, &ifr);
11645 wpa_printf(MSG_ERROR, "%s: failed to issue private commands",
11647 wpa_driver_send_hang_msg(drv);
11656 static int android_pno_start(struct i802_bss *bss,
11657 struct wpa_driver_scan_params *params)
11659 struct wpa_driver_nl80211_data *drv = bss->drv;
11661 android_wifi_priv_cmd priv_cmd;
11662 int ret = 0, i = 0, bp;
11663 char buf[WEXT_PNO_MAX_COMMAND_SIZE];
11665 bp = WEXT_PNOSETUP_HEADER_SIZE;
11666 os_memcpy(buf, WEXT_PNOSETUP_HEADER, bp);
11667 buf[bp++] = WEXT_PNO_TLV_PREFIX;
11668 buf[bp++] = WEXT_PNO_TLV_VERSION;
11669 buf[bp++] = WEXT_PNO_TLV_SUBVERSION;
11670 buf[bp++] = WEXT_PNO_TLV_RESERVED;
11672 while (i < WEXT_PNO_AMOUNT && (size_t) i < params->num_ssids) {
11673 /* Check that there is enough space needed for 1 more SSID, the
11674 * other sections and null termination */
11675 if ((bp + WEXT_PNO_SSID_HEADER_SIZE + MAX_SSID_LEN +
11676 WEXT_PNO_NONSSID_SECTIONS_SIZE + 1) >= (int) sizeof(buf))
11678 wpa_hexdump_ascii(MSG_DEBUG, "For PNO Scan",
11679 params->ssids[i].ssid,
11680 params->ssids[i].ssid_len);
11681 buf[bp++] = WEXT_PNO_SSID_SECTION;
11682 buf[bp++] = params->ssids[i].ssid_len;
11683 os_memcpy(&buf[bp], params->ssids[i].ssid,
11684 params->ssids[i].ssid_len);
11685 bp += params->ssids[i].ssid_len;
11689 buf[bp++] = WEXT_PNO_SCAN_INTERVAL_SECTION;
11690 os_snprintf(&buf[bp], WEXT_PNO_SCAN_INTERVAL_LENGTH + 1, "%x",
11691 WEXT_PNO_SCAN_INTERVAL);
11692 bp += WEXT_PNO_SCAN_INTERVAL_LENGTH;
11694 buf[bp++] = WEXT_PNO_REPEAT_SECTION;
11695 os_snprintf(&buf[bp], WEXT_PNO_REPEAT_LENGTH + 1, "%x",
11697 bp += WEXT_PNO_REPEAT_LENGTH;
11699 buf[bp++] = WEXT_PNO_MAX_REPEAT_SECTION;
11700 os_snprintf(&buf[bp], WEXT_PNO_MAX_REPEAT_LENGTH + 1, "%x",
11701 WEXT_PNO_MAX_REPEAT);
11702 bp += WEXT_PNO_MAX_REPEAT_LENGTH + 1;
11704 memset(&ifr, 0, sizeof(ifr));
11705 memset(&priv_cmd, 0, sizeof(priv_cmd));
11706 os_strlcpy(ifr.ifr_name, bss->ifname, IFNAMSIZ);
11708 priv_cmd.buf = buf;
11709 priv_cmd.used_len = bp;
11710 priv_cmd.total_len = bp;
11711 ifr.ifr_data = &priv_cmd;
11713 ret = ioctl(drv->global->ioctl_sock, SIOCDEVPRIVATE + 1, &ifr);
11716 wpa_printf(MSG_ERROR, "ioctl[SIOCSIWPRIV] (pnosetup): %d",
11718 wpa_driver_send_hang_msg(drv);
11724 return android_priv_cmd(bss, "PNOFORCE 1");
11728 static int android_pno_stop(struct i802_bss *bss)
11730 return android_priv_cmd(bss, "PNOFORCE 0");
11733 #endif /* ANDROID */
11736 static int driver_nl80211_set_key(const char *ifname, void *priv,
11737 enum wpa_alg alg, const u8 *addr,
11738 int key_idx, int set_tx,
11739 const u8 *seq, size_t seq_len,
11740 const u8 *key, size_t key_len)
11742 struct i802_bss *bss = priv;
11743 return wpa_driver_nl80211_set_key(ifname, bss, alg, addr, key_idx,
11744 set_tx, seq, seq_len, key, key_len);
11748 static int driver_nl80211_scan2(void *priv,
11749 struct wpa_driver_scan_params *params)
11751 struct i802_bss *bss = priv;
11752 return wpa_driver_nl80211_scan(bss, params);
11756 static int driver_nl80211_deauthenticate(void *priv, const u8 *addr,
11759 struct i802_bss *bss = priv;
11760 return wpa_driver_nl80211_deauthenticate(bss, addr, reason_code);
11764 static int driver_nl80211_authenticate(void *priv,
11765 struct wpa_driver_auth_params *params)
11767 struct i802_bss *bss = priv;
11768 return wpa_driver_nl80211_authenticate(bss, params);
11772 static void driver_nl80211_deinit(void *priv)
11774 struct i802_bss *bss = priv;
11775 wpa_driver_nl80211_deinit(bss);
11779 static int driver_nl80211_if_remove(void *priv, enum wpa_driver_if_type type,
11780 const char *ifname)
11782 struct i802_bss *bss = priv;
11783 return wpa_driver_nl80211_if_remove(bss, type, ifname);
11787 static int driver_nl80211_send_mlme(void *priv, const u8 *data,
11788 size_t data_len, int noack)
11790 struct i802_bss *bss = priv;
11791 return wpa_driver_nl80211_send_mlme(bss, data, data_len, noack,
11796 static int driver_nl80211_sta_remove(void *priv, const u8 *addr)
11798 struct i802_bss *bss = priv;
11799 return wpa_driver_nl80211_sta_remove(bss, addr);
11803 static int driver_nl80211_set_sta_vlan(void *priv, const u8 *addr,
11804 const char *ifname, int vlan_id)
11806 struct i802_bss *bss = priv;
11807 return i802_set_sta_vlan(bss, addr, ifname, vlan_id);
11811 static int driver_nl80211_read_sta_data(void *priv,
11812 struct hostap_sta_driver_data *data,
11815 struct i802_bss *bss = priv;
11816 return i802_read_sta_data(bss, data, addr);
11820 static int driver_nl80211_send_action(void *priv, unsigned int freq,
11821 unsigned int wait_time,
11822 const u8 *dst, const u8 *src,
11824 const u8 *data, size_t data_len,
11827 struct i802_bss *bss = priv;
11828 return wpa_driver_nl80211_send_action(bss, freq, wait_time, dst, src,
11829 bssid, data, data_len, no_cck);
11833 static int driver_nl80211_probe_req_report(void *priv, int report)
11835 struct i802_bss *bss = priv;
11836 return wpa_driver_nl80211_probe_req_report(bss, report);
11840 static int wpa_driver_nl80211_update_ft_ies(void *priv, const u8 *md,
11841 const u8 *ies, size_t ies_len)
11844 struct nl_msg *msg;
11845 struct i802_bss *bss = priv;
11846 struct wpa_driver_nl80211_data *drv = bss->drv;
11847 u16 mdid = WPA_GET_LE16(md);
11849 msg = nlmsg_alloc();
11853 wpa_printf(MSG_DEBUG, "nl80211: Updating FT IEs");
11854 nl80211_cmd(drv, msg, 0, NL80211_CMD_UPDATE_FT_IES);
11855 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
11856 NLA_PUT(msg, NL80211_ATTR_IE, ies_len, ies);
11857 NLA_PUT_U16(msg, NL80211_ATTR_MDID, mdid);
11859 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
11861 wpa_printf(MSG_DEBUG, "nl80211: update_ft_ies failed "
11862 "err=%d (%s)", ret, strerror(-ret));
11873 const u8 * wpa_driver_nl80211_get_macaddr(void *priv)
11875 struct i802_bss *bss = priv;
11876 struct wpa_driver_nl80211_data *drv = bss->drv;
11878 if (drv->nlmode != NL80211_IFTYPE_P2P_DEVICE)
11885 static const char * scan_state_str(enum scan_states scan_state)
11887 switch (scan_state) {
11890 case SCAN_REQUESTED:
11891 return "SCAN_REQUESTED";
11893 return "SCAN_STARTED";
11894 case SCAN_COMPLETED:
11895 return "SCAN_COMPLETED";
11897 return "SCAN_ABORTED";
11898 case SCHED_SCAN_STARTED:
11899 return "SCHED_SCAN_STARTED";
11900 case SCHED_SCAN_STOPPED:
11901 return "SCHED_SCAN_STOPPED";
11902 case SCHED_SCAN_RESULTS:
11903 return "SCHED_SCAN_RESULTS";
11910 static int wpa_driver_nl80211_status(void *priv, char *buf, size_t buflen)
11912 struct i802_bss *bss = priv;
11913 struct wpa_driver_nl80211_data *drv = bss->drv;
11918 end = buf + buflen;
11920 res = os_snprintf(pos, end - pos,
11924 "addr=" MACSTR "\n"
11930 MAC2STR(bss->addr),
11932 bss->beacon_set ? "beacon_set=1\n" : "",
11933 bss->added_if_into_bridge ?
11934 "added_if_into_bridge=1\n" : "",
11935 bss->added_bridge ? "added_bridge=1\n" : "",
11936 bss->in_deinit ? "in_deinit=1\n" : "",
11937 bss->if_dynamic ? "if_dynamic=1\n" : "");
11938 if (res < 0 || res >= end - pos)
11942 if (bss->wdev_id_set) {
11943 res = os_snprintf(pos, end - pos, "wdev_id=%llu\n",
11944 (unsigned long long) bss->wdev_id);
11945 if (res < 0 || res >= end - pos)
11950 res = os_snprintf(pos, end - pos,
11955 "auth_bssid=" MACSTR "\n"
11956 "auth_attempt_bssid=" MACSTR "\n"
11957 "bssid=" MACSTR "\n"
11958 "prev_bssid=" MACSTR "\n"
11961 "monitor_sock=%d\n"
11962 "monitor_ifidx=%d\n"
11963 "monitor_refcount=%d\n"
11964 "last_mgmt_freq=%u\n"
11965 "eapol_tx_sock=%d\n"
11966 "%s%s%s%s%s%s%s%s%s%s%s%s%s%s",
11970 scan_state_str(drv->scan_state),
11971 MAC2STR(drv->auth_bssid),
11972 MAC2STR(drv->auth_attempt_bssid),
11973 MAC2STR(drv->bssid),
11974 MAC2STR(drv->prev_bssid),
11978 drv->monitor_ifidx,
11979 drv->monitor_refcount,
11980 drv->last_mgmt_freq,
11981 drv->eapol_tx_sock,
11982 drv->ignore_if_down_event ?
11983 "ignore_if_down_event=1\n" : "",
11984 drv->scan_complete_events ?
11985 "scan_complete_events=1\n" : "",
11986 drv->disabled_11b_rates ?
11987 "disabled_11b_rates=1\n" : "",
11988 drv->pending_remain_on_chan ?
11989 "pending_remain_on_chan=1\n" : "",
11990 drv->in_interface_list ? "in_interface_list=1\n" : "",
11991 drv->device_ap_sme ? "device_ap_sme=1\n" : "",
11992 drv->poll_command_supported ?
11993 "poll_command_supported=1\n" : "",
11994 drv->data_tx_status ? "data_tx_status=1\n" : "",
11995 drv->scan_for_auth ? "scan_for_auth=1\n" : "",
11996 drv->retry_auth ? "retry_auth=1\n" : "",
11997 drv->use_monitor ? "use_monitor=1\n" : "",
11998 drv->ignore_next_local_disconnect ?
11999 "ignore_next_local_disconnect=1\n" : "",
12000 drv->ignore_next_local_deauth ?
12001 "ignore_next_local_deauth=1\n" : "",
12002 drv->allow_p2p_device ? "allow_p2p_device=1\n" : "");
12003 if (res < 0 || res >= end - pos)
12007 if (drv->has_capability) {
12008 res = os_snprintf(pos, end - pos,
12009 "capa.key_mgmt=0x%x\n"
12012 "capa.flags=0x%x\n"
12013 "capa.max_scan_ssids=%d\n"
12014 "capa.max_sched_scan_ssids=%d\n"
12015 "capa.sched_scan_supported=%d\n"
12016 "capa.max_match_sets=%d\n"
12017 "capa.max_remain_on_chan=%u\n"
12018 "capa.max_stations=%u\n"
12019 "capa.probe_resp_offloads=0x%x\n"
12020 "capa.max_acl_mac_addrs=%u\n"
12021 "capa.num_multichan_concurrent=%u\n",
12022 drv->capa.key_mgmt,
12026 drv->capa.max_scan_ssids,
12027 drv->capa.max_sched_scan_ssids,
12028 drv->capa.sched_scan_supported,
12029 drv->capa.max_match_sets,
12030 drv->capa.max_remain_on_chan,
12031 drv->capa.max_stations,
12032 drv->capa.probe_resp_offloads,
12033 drv->capa.max_acl_mac_addrs,
12034 drv->capa.num_multichan_concurrent);
12035 if (res < 0 || res >= end - pos)
12044 static int set_beacon_data(struct nl_msg *msg, struct beacon_data *settings)
12046 if (settings->head)
12047 NLA_PUT(msg, NL80211_ATTR_BEACON_HEAD,
12048 settings->head_len, settings->head);
12050 if (settings->tail)
12051 NLA_PUT(msg, NL80211_ATTR_BEACON_TAIL,
12052 settings->tail_len, settings->tail);
12054 if (settings->beacon_ies)
12055 NLA_PUT(msg, NL80211_ATTR_IE,
12056 settings->beacon_ies_len, settings->beacon_ies);
12058 if (settings->proberesp_ies)
12059 NLA_PUT(msg, NL80211_ATTR_IE_PROBE_RESP,
12060 settings->proberesp_ies_len, settings->proberesp_ies);
12062 if (settings->assocresp_ies)
12064 NL80211_ATTR_IE_ASSOC_RESP,
12065 settings->assocresp_ies_len, settings->assocresp_ies);
12067 if (settings->probe_resp)
12068 NLA_PUT(msg, NL80211_ATTR_PROBE_RESP,
12069 settings->probe_resp_len, settings->probe_resp);
12078 static int nl80211_switch_channel(void *priv, struct csa_settings *settings)
12080 struct nl_msg *msg;
12081 struct i802_bss *bss = priv;
12082 struct wpa_driver_nl80211_data *drv = bss->drv;
12083 struct nlattr *beacon_csa;
12084 int ret = -ENOBUFS;
12086 wpa_printf(MSG_DEBUG, "nl80211: Channel switch request (cs_count=%u block_tx=%u freq=%d width=%d cf1=%d cf2=%d)",
12087 settings->cs_count, settings->block_tx,
12088 settings->freq_params.freq, settings->freq_params.bandwidth,
12089 settings->freq_params.center_freq1,
12090 settings->freq_params.center_freq2);
12092 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_AP_CSA)) {
12093 wpa_printf(MSG_DEBUG, "nl80211: Driver does not support channel switch command");
12094 return -EOPNOTSUPP;
12097 if ((drv->nlmode != NL80211_IFTYPE_AP) &&
12098 (drv->nlmode != NL80211_IFTYPE_P2P_GO))
12099 return -EOPNOTSUPP;
12101 /* check settings validity */
12102 if (!settings->beacon_csa.tail ||
12103 ((settings->beacon_csa.tail_len <=
12104 settings->counter_offset_beacon) ||
12105 (settings->beacon_csa.tail[settings->counter_offset_beacon] !=
12106 settings->cs_count)))
12109 if (settings->beacon_csa.probe_resp &&
12110 ((settings->beacon_csa.probe_resp_len <=
12111 settings->counter_offset_presp) ||
12112 (settings->beacon_csa.probe_resp[settings->counter_offset_presp] !=
12113 settings->cs_count)))
12116 msg = nlmsg_alloc();
12120 nl80211_cmd(drv, msg, 0, NL80211_CMD_CHANNEL_SWITCH);
12121 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
12122 NLA_PUT_U32(msg, NL80211_ATTR_CH_SWITCH_COUNT, settings->cs_count);
12123 ret = nl80211_put_freq_params(msg, &settings->freq_params);
12127 if (settings->block_tx)
12128 NLA_PUT_FLAG(msg, NL80211_ATTR_CH_SWITCH_BLOCK_TX);
12130 /* beacon_after params */
12131 ret = set_beacon_data(msg, &settings->beacon_after);
12135 /* beacon_csa params */
12136 beacon_csa = nla_nest_start(msg, NL80211_ATTR_CSA_IES);
12138 goto nla_put_failure;
12140 ret = set_beacon_data(msg, &settings->beacon_csa);
12144 NLA_PUT_U16(msg, NL80211_ATTR_CSA_C_OFF_BEACON,
12145 settings->counter_offset_beacon);
12147 if (settings->beacon_csa.probe_resp)
12148 NLA_PUT_U16(msg, NL80211_ATTR_CSA_C_OFF_PRESP,
12149 settings->counter_offset_presp);
12151 nla_nest_end(msg, beacon_csa);
12152 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
12154 wpa_printf(MSG_DEBUG, "nl80211: switch_channel failed err=%d (%s)",
12155 ret, strerror(-ret));
12163 wpa_printf(MSG_DEBUG, "nl80211: Could not build channel switch request");
12168 #ifdef CONFIG_TESTING_OPTIONS
12169 static int cmd_reply_handler(struct nl_msg *msg, void *arg)
12171 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
12172 struct wpabuf *buf = arg;
12177 if ((size_t) genlmsg_attrlen(gnlh, 0) > wpabuf_tailroom(buf)) {
12178 wpa_printf(MSG_INFO, "nl80211: insufficient buffer space for reply");
12182 wpabuf_put_data(buf, genlmsg_attrdata(gnlh, 0),
12183 genlmsg_attrlen(gnlh, 0));
12187 #endif /* CONFIG_TESTING_OPTIONS */
12190 static int vendor_reply_handler(struct nl_msg *msg, void *arg)
12192 struct nlattr *tb[NL80211_ATTR_MAX + 1];
12193 struct nlattr *nl_vendor_reply, *nl;
12194 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
12195 struct wpabuf *buf = arg;
12201 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
12202 genlmsg_attrlen(gnlh, 0), NULL);
12203 nl_vendor_reply = tb[NL80211_ATTR_VENDOR_DATA];
12205 if (!nl_vendor_reply)
12208 if ((size_t) nla_len(nl_vendor_reply) > wpabuf_tailroom(buf)) {
12209 wpa_printf(MSG_INFO, "nl80211: Vendor command: insufficient buffer space for reply");
12213 nla_for_each_nested(nl, nl_vendor_reply, rem) {
12214 wpabuf_put_data(buf, nla_data(nl), nla_len(nl));
12221 static int nl80211_vendor_cmd(void *priv, unsigned int vendor_id,
12222 unsigned int subcmd, const u8 *data,
12223 size_t data_len, struct wpabuf *buf)
12225 struct i802_bss *bss = priv;
12226 struct wpa_driver_nl80211_data *drv = bss->drv;
12227 struct nl_msg *msg;
12230 msg = nlmsg_alloc();
12234 #ifdef CONFIG_TESTING_OPTIONS
12235 if (vendor_id == 0xffffffff) {
12236 nl80211_cmd(drv, msg, 0, subcmd);
12237 if (nlmsg_append(msg, (void *) data, data_len, NLMSG_ALIGNTO) <
12239 goto nla_put_failure;
12240 ret = send_and_recv_msgs(drv, msg, cmd_reply_handler, buf);
12242 wpa_printf(MSG_DEBUG, "nl80211: command failed err=%d",
12246 #endif /* CONFIG_TESTING_OPTIONS */
12248 nl80211_cmd(drv, msg, 0, NL80211_CMD_VENDOR);
12249 if (nl80211_set_iface_id(msg, bss) < 0)
12250 goto nla_put_failure;
12251 NLA_PUT_U32(msg, NL80211_ATTR_VENDOR_ID, vendor_id);
12252 NLA_PUT_U32(msg, NL80211_ATTR_VENDOR_SUBCMD, subcmd);
12254 NLA_PUT(msg, NL80211_ATTR_VENDOR_DATA, data_len, data);
12256 ret = send_and_recv_msgs(drv, msg, vendor_reply_handler, buf);
12258 wpa_printf(MSG_DEBUG, "nl80211: vendor command failed err=%d",
12268 static int nl80211_set_qos_map(void *priv, const u8 *qos_map_set,
12269 u8 qos_map_set_len)
12271 struct i802_bss *bss = priv;
12272 struct wpa_driver_nl80211_data *drv = bss->drv;
12273 struct nl_msg *msg;
12276 msg = nlmsg_alloc();
12280 wpa_hexdump(MSG_DEBUG, "nl80211: Setting QoS Map",
12281 qos_map_set, qos_map_set_len);
12283 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_QOS_MAP);
12284 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
12285 NLA_PUT(msg, NL80211_ATTR_QOS_MAP, qos_map_set_len, qos_map_set);
12287 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
12289 wpa_printf(MSG_DEBUG, "nl80211: Setting QoS Map failed");
12299 static int nl80211_set_wowlan(void *priv,
12300 const struct wowlan_triggers *triggers)
12302 struct i802_bss *bss = priv;
12303 struct wpa_driver_nl80211_data *drv = bss->drv;
12304 struct nl_msg *msg;
12305 struct nlattr *wowlan_triggers;
12308 msg = nlmsg_alloc();
12312 wpa_printf(MSG_DEBUG, "nl80211: Setting wowlan");
12314 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_WOWLAN);
12315 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
12317 wowlan_triggers = nla_nest_start(msg, NL80211_ATTR_WOWLAN_TRIGGERS);
12318 if (!wowlan_triggers)
12319 goto nla_put_failure;
12322 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_ANY);
12323 if (triggers->disconnect)
12324 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_DISCONNECT);
12325 if (triggers->magic_pkt)
12326 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_MAGIC_PKT);
12327 if (triggers->gtk_rekey_failure)
12328 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE);
12329 if (triggers->eap_identity_req)
12330 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST);
12331 if (triggers->four_way_handshake)
12332 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE);
12333 if (triggers->rfkill_release)
12334 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_RFKILL_RELEASE);
12336 nla_nest_end(msg, wowlan_triggers);
12338 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
12340 wpa_printf(MSG_DEBUG, "nl80211: Setting wowlan failed");
12350 const struct wpa_driver_ops wpa_driver_nl80211_ops = {
12352 .desc = "Linux nl80211/cfg80211",
12353 .get_bssid = wpa_driver_nl80211_get_bssid,
12354 .get_ssid = wpa_driver_nl80211_get_ssid,
12355 .set_key = driver_nl80211_set_key,
12356 .scan2 = driver_nl80211_scan2,
12357 .sched_scan = wpa_driver_nl80211_sched_scan,
12358 .stop_sched_scan = wpa_driver_nl80211_stop_sched_scan,
12359 .get_scan_results2 = wpa_driver_nl80211_get_scan_results,
12360 .deauthenticate = driver_nl80211_deauthenticate,
12361 .authenticate = driver_nl80211_authenticate,
12362 .associate = wpa_driver_nl80211_associate,
12363 .global_init = nl80211_global_init,
12364 .global_deinit = nl80211_global_deinit,
12365 .init2 = wpa_driver_nl80211_init,
12366 .deinit = driver_nl80211_deinit,
12367 .get_capa = wpa_driver_nl80211_get_capa,
12368 .set_operstate = wpa_driver_nl80211_set_operstate,
12369 .set_supp_port = wpa_driver_nl80211_set_supp_port,
12370 .set_country = wpa_driver_nl80211_set_country,
12371 .get_country = wpa_driver_nl80211_get_country,
12372 .set_ap = wpa_driver_nl80211_set_ap,
12373 .set_acl = wpa_driver_nl80211_set_acl,
12374 .if_add = wpa_driver_nl80211_if_add,
12375 .if_remove = driver_nl80211_if_remove,
12376 .send_mlme = driver_nl80211_send_mlme,
12377 .get_hw_feature_data = wpa_driver_nl80211_get_hw_feature_data,
12378 .sta_add = wpa_driver_nl80211_sta_add,
12379 .sta_remove = driver_nl80211_sta_remove,
12380 .hapd_send_eapol = wpa_driver_nl80211_hapd_send_eapol,
12381 .sta_set_flags = wpa_driver_nl80211_sta_set_flags,
12382 .hapd_init = i802_init,
12383 .hapd_deinit = i802_deinit,
12384 .set_wds_sta = i802_set_wds_sta,
12385 .get_seqnum = i802_get_seqnum,
12386 .flush = i802_flush,
12387 .get_inact_sec = i802_get_inact_sec,
12388 .sta_clear_stats = i802_sta_clear_stats,
12389 .set_rts = i802_set_rts,
12390 .set_frag = i802_set_frag,
12391 .set_tx_queue_params = i802_set_tx_queue_params,
12392 .set_sta_vlan = driver_nl80211_set_sta_vlan,
12393 .sta_deauth = i802_sta_deauth,
12394 .sta_disassoc = i802_sta_disassoc,
12395 .read_sta_data = driver_nl80211_read_sta_data,
12396 .set_freq = i802_set_freq,
12397 .send_action = driver_nl80211_send_action,
12398 .send_action_cancel_wait = wpa_driver_nl80211_send_action_cancel_wait,
12399 .remain_on_channel = wpa_driver_nl80211_remain_on_channel,
12400 .cancel_remain_on_channel =
12401 wpa_driver_nl80211_cancel_remain_on_channel,
12402 .probe_req_report = driver_nl80211_probe_req_report,
12403 .deinit_ap = wpa_driver_nl80211_deinit_ap,
12404 .deinit_p2p_cli = wpa_driver_nl80211_deinit_p2p_cli,
12405 .resume = wpa_driver_nl80211_resume,
12406 .send_ft_action = nl80211_send_ft_action,
12407 .signal_monitor = nl80211_signal_monitor,
12408 .signal_poll = nl80211_signal_poll,
12409 .send_frame = nl80211_send_frame,
12410 .shared_freq = wpa_driver_nl80211_shared_freq,
12411 .set_param = nl80211_set_param,
12412 .get_radio_name = nl80211_get_radio_name,
12413 .add_pmkid = nl80211_add_pmkid,
12414 .remove_pmkid = nl80211_remove_pmkid,
12415 .flush_pmkid = nl80211_flush_pmkid,
12416 .set_rekey_info = nl80211_set_rekey_info,
12417 .poll_client = nl80211_poll_client,
12418 .set_p2p_powersave = nl80211_set_p2p_powersave,
12419 .start_dfs_cac = nl80211_start_radar_detection,
12420 .stop_ap = wpa_driver_nl80211_stop_ap,
12422 .send_tdls_mgmt = nl80211_send_tdls_mgmt,
12423 .tdls_oper = nl80211_tdls_oper,
12424 #endif /* CONFIG_TDLS */
12425 .update_ft_ies = wpa_driver_nl80211_update_ft_ies,
12426 .get_mac_addr = wpa_driver_nl80211_get_macaddr,
12427 .get_survey = wpa_driver_nl80211_get_survey,
12428 .status = wpa_driver_nl80211_status,
12429 .switch_channel = nl80211_switch_channel,
12431 .set_noa = wpa_driver_set_p2p_noa,
12432 .get_noa = wpa_driver_get_p2p_noa,
12433 .set_ap_wps_ie = wpa_driver_set_ap_wps_p2p_ie,
12434 #endif /* ANDROID_P2P */
12436 .driver_cmd = wpa_driver_nl80211_driver_cmd,
12437 #endif /* ANDROID */
12438 .vendor_cmd = nl80211_vendor_cmd,
12439 .set_qos_map = nl80211_set_qos_map,
12440 .set_wowlan = nl80211_set_wowlan,