2 * Driver interaction with Linux nl80211/cfg80211
3 * Copyright (c) 2002-2012, Jouni Malinen <j@w1.fi>
4 * Copyright (c) 2003-2004, Instant802 Networks, Inc.
5 * Copyright (c) 2005-2006, Devicescape Software, Inc.
6 * Copyright (c) 2007, Johannes Berg <johannes@sipsolutions.net>
7 * Copyright (c) 2009-2010, Atheros Communications
9 * This software may be distributed under the terms of the BSD license.
10 * See README for more details.
14 #include <sys/ioctl.h>
15 #include <sys/types.h>
19 #include <netlink/genl/genl.h>
20 #include <netlink/genl/family.h>
21 #include <netlink/genl/ctrl.h>
22 #include <linux/rtnetlink.h>
23 #include <netpacket/packet.h>
24 #include <linux/filter.h>
25 #include <linux/errqueue.h>
26 #include "nl80211_copy.h"
30 #include "utils/list.h"
31 #include "common/ieee802_11_defs.h"
32 #include "common/ieee802_11_common.h"
33 #include "l2_packet/l2_packet.h"
35 #include "linux_ioctl.h"
37 #include "radiotap_iter.h"
41 #ifndef SO_WIFI_STATUS
42 # if defined(__sparc__)
43 # define SO_WIFI_STATUS 0x0025
44 # elif defined(__parisc__)
45 # define SO_WIFI_STATUS 0x4022
47 # define SO_WIFI_STATUS 41
50 # define SCM_WIFI_STATUS SO_WIFI_STATUS
53 #ifndef SO_EE_ORIGIN_TXSTATUS
54 #define SO_EE_ORIGIN_TXSTATUS 4
57 #ifndef PACKET_TX_TIMESTAMP
58 #define PACKET_TX_TIMESTAMP 16
62 #include "android_drv.h"
64 /* system/core/libnl_2 in AOSP does not include nla_put_u32() */
65 int nla_put_u32(struct nl_msg *msg, int attrtype, uint32_t value)
67 return nla_put(msg, attrtype, sizeof(uint32_t), &value);
71 /* libnl 2.0 compatibility code */
72 #define nl_handle nl_sock
73 #define nl80211_handle_alloc nl_socket_alloc_cb
74 #define nl80211_handle_destroy nl_socket_free
77 * libnl 1.1 has a bug, it tries to allocate socket numbers densely
78 * but when you free a socket again it will mess up its bitmap and
79 * and use the wrong number the next time it needs a socket ID.
80 * Therefore, we wrap the handle alloc/destroy and add our own pid
83 static uint32_t port_bitmap[32] = { 0 };
85 static struct nl_handle *nl80211_handle_alloc(void *cb)
87 struct nl_handle *handle;
88 uint32_t pid = getpid() & 0x3FFFFF;
91 handle = nl_handle_alloc_cb(cb);
93 for (i = 0; i < 1024; i++) {
94 if (port_bitmap[i / 32] & (1 << (i % 32)))
96 port_bitmap[i / 32] |= 1 << (i % 32);
101 nl_socket_set_local_port(handle, pid);
106 static void nl80211_handle_destroy(struct nl_handle *handle)
108 uint32_t port = nl_socket_get_local_port(handle);
111 port_bitmap[port / 32] &= ~(1 << (port % 32));
113 nl_handle_destroy(handle);
115 #endif /* CONFIG_LIBNL20 */
118 static struct nl_handle * nl_create_handle(struct nl_cb *cb, const char *dbg)
120 struct nl_handle *handle;
122 handle = nl80211_handle_alloc(cb);
123 if (handle == NULL) {
124 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate netlink "
125 "callbacks (%s)", dbg);
129 if (genl_connect(handle)) {
130 wpa_printf(MSG_ERROR, "nl80211: Failed to connect to generic "
131 "netlink (%s)", dbg);
132 nl80211_handle_destroy(handle);
140 static void nl_destroy_handles(struct nl_handle **handle)
144 nl80211_handle_destroy(*handle);
150 #define IFF_LOWER_UP 0x10000 /* driver signals L1 up */
153 #define IFF_DORMANT 0x20000 /* driver signals dormant */
156 #ifndef IF_OPER_DORMANT
157 #define IF_OPER_DORMANT 5
163 struct nl80211_global {
164 struct dl_list interfaces;
166 struct netlink_data *netlink;
168 struct nl_handle *nl;
170 int ioctl_sock; /* socket for ioctl() use */
172 struct nl_handle *nl_event;
175 struct nl80211_wiphy_data {
180 struct nl_handle *nl_beacons;
186 static void nl80211_global_deinit(void *priv);
187 static void wpa_driver_nl80211_deinit(void *priv);
190 struct wpa_driver_nl80211_data *drv;
191 struct i802_bss *next;
193 char ifname[IFNAMSIZ + 1];
194 char brname[IFNAMSIZ];
195 unsigned int beacon_set:1;
196 unsigned int added_if_into_bridge:1;
197 unsigned int added_bridge:1;
198 unsigned int in_deinit:1;
204 struct nl_handle *nl_preq, *nl_mgmt;
207 struct nl80211_wiphy_data *wiphy_data;
208 struct dl_list wiphy_list;
211 struct wpa_driver_nl80211_data {
212 struct nl80211_global *global;
214 struct dl_list wiphy_list;
220 int ignore_if_down_event;
221 struct rfkill_data *rfkill;
222 struct wpa_driver_capa capa;
227 int scan_complete_events;
231 u8 auth_bssid[ETH_ALEN];
236 enum nl80211_iftype nlmode;
237 enum nl80211_iftype ap_scan_as_station;
238 unsigned int assoc_freq;
242 int monitor_refcount;
244 unsigned int disabled_11b_rates:1;
245 unsigned int pending_remain_on_chan:1;
246 unsigned int in_interface_list:1;
247 unsigned int device_ap_sme:1;
248 unsigned int poll_command_supported:1;
249 unsigned int data_tx_status:1;
250 unsigned int scan_for_auth:1;
251 unsigned int retry_auth:1;
252 unsigned int use_monitor:1;
254 u64 remain_on_chan_cookie;
255 u64 send_action_cookie;
257 unsigned int last_mgmt_freq;
259 struct wpa_driver_scan_filter *filter_ssids;
260 size_t num_filter_ssids;
262 struct i802_bss first_bss;
267 int eapol_sock; /* socket for EAPOL frames */
269 int default_if_indices[16];
277 /* From failed authentication command */
279 u8 auth_bssid_[ETH_ALEN];
281 size_t auth_ssid_len;
285 u8 auth_wep_key[4][16];
286 size_t auth_wep_key_len[4];
287 int auth_wep_tx_keyidx;
288 int auth_local_state_change;
293 static void wpa_driver_nl80211_scan_timeout(void *eloop_ctx,
295 static int wpa_driver_nl80211_set_mode(struct i802_bss *bss,
296 enum nl80211_iftype nlmode);
298 wpa_driver_nl80211_finish_drv_init(struct wpa_driver_nl80211_data *drv);
299 static int wpa_driver_nl80211_mlme(struct wpa_driver_nl80211_data *drv,
300 const u8 *addr, int cmd, u16 reason_code,
301 int local_state_change);
302 static void nl80211_remove_monitor_interface(
303 struct wpa_driver_nl80211_data *drv);
304 static int nl80211_send_frame_cmd(struct i802_bss *bss,
305 unsigned int freq, unsigned int wait,
306 const u8 *buf, size_t buf_len, u64 *cookie,
307 int no_cck, int no_ack, int offchanok);
308 static int wpa_driver_nl80211_probe_req_report(void *priv, int report);
310 static int android_pno_start(struct i802_bss *bss,
311 struct wpa_driver_scan_params *params);
312 static int android_pno_stop(struct i802_bss *bss);
316 static void add_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx);
317 static void del_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx);
318 static int have_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx);
319 static int wpa_driver_nl80211_if_remove(void *priv,
320 enum wpa_driver_if_type type,
323 static inline void add_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx)
327 static inline void del_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx)
331 static inline int have_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx)
337 static int i802_set_freq(void *priv, struct hostapd_freq_params *freq);
338 static int nl80211_disable_11b_rates(struct wpa_driver_nl80211_data *drv,
339 int ifindex, int disabled);
341 static int nl80211_leave_ibss(struct wpa_driver_nl80211_data *drv);
342 static int wpa_driver_nl80211_authenticate_retry(
343 struct wpa_driver_nl80211_data *drv);
346 static int is_ap_interface(enum nl80211_iftype nlmode)
348 return (nlmode == NL80211_IFTYPE_AP ||
349 nlmode == NL80211_IFTYPE_P2P_GO);
353 static int is_sta_interface(enum nl80211_iftype nlmode)
355 return (nlmode == NL80211_IFTYPE_STATION ||
356 nlmode == NL80211_IFTYPE_P2P_CLIENT);
360 static int is_p2p_interface(enum nl80211_iftype nlmode)
362 return (nlmode == NL80211_IFTYPE_P2P_CLIENT ||
363 nlmode == NL80211_IFTYPE_P2P_GO);
367 struct nl80211_bss_info_arg {
368 struct wpa_driver_nl80211_data *drv;
369 struct wpa_scan_results *res;
370 unsigned int assoc_freq;
371 u8 assoc_bssid[ETH_ALEN];
374 static int bss_info_handler(struct nl_msg *msg, void *arg);
378 static int ack_handler(struct nl_msg *msg, void *arg)
385 static int finish_handler(struct nl_msg *msg, void *arg)
392 static int error_handler(struct sockaddr_nl *nla, struct nlmsgerr *err,
401 static int no_seq_check(struct nl_msg *msg, void *arg)
407 static int send_and_recv(struct nl80211_global *global,
408 struct nl_handle *nl_handle, struct nl_msg *msg,
409 int (*valid_handler)(struct nl_msg *, void *),
415 cb = nl_cb_clone(global->nl_cb);
419 err = nl_send_auto_complete(nl_handle, msg);
425 nl_cb_err(cb, NL_CB_CUSTOM, error_handler, &err);
426 nl_cb_set(cb, NL_CB_FINISH, NL_CB_CUSTOM, finish_handler, &err);
427 nl_cb_set(cb, NL_CB_ACK, NL_CB_CUSTOM, ack_handler, &err);
430 nl_cb_set(cb, NL_CB_VALID, NL_CB_CUSTOM,
431 valid_handler, valid_data);
434 nl_recvmsgs(nl_handle, cb);
442 static int send_and_recv_msgs_global(struct nl80211_global *global,
444 int (*valid_handler)(struct nl_msg *, void *),
447 return send_and_recv(global, global->nl, msg, valid_handler,
452 static int send_and_recv_msgs(struct wpa_driver_nl80211_data *drv,
454 int (*valid_handler)(struct nl_msg *, void *),
457 return send_and_recv(drv->global, drv->global->nl, msg,
458 valid_handler, valid_data);
468 static int family_handler(struct nl_msg *msg, void *arg)
470 struct family_data *res = arg;
471 struct nlattr *tb[CTRL_ATTR_MAX + 1];
472 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
473 struct nlattr *mcgrp;
476 nla_parse(tb, CTRL_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
477 genlmsg_attrlen(gnlh, 0), NULL);
478 if (!tb[CTRL_ATTR_MCAST_GROUPS])
481 nla_for_each_nested(mcgrp, tb[CTRL_ATTR_MCAST_GROUPS], i) {
482 struct nlattr *tb2[CTRL_ATTR_MCAST_GRP_MAX + 1];
483 nla_parse(tb2, CTRL_ATTR_MCAST_GRP_MAX, nla_data(mcgrp),
484 nla_len(mcgrp), NULL);
485 if (!tb2[CTRL_ATTR_MCAST_GRP_NAME] ||
486 !tb2[CTRL_ATTR_MCAST_GRP_ID] ||
487 os_strncmp(nla_data(tb2[CTRL_ATTR_MCAST_GRP_NAME]),
489 nla_len(tb2[CTRL_ATTR_MCAST_GRP_NAME])) != 0)
491 res->id = nla_get_u32(tb2[CTRL_ATTR_MCAST_GRP_ID]);
499 static int nl_get_multicast_id(struct nl80211_global *global,
500 const char *family, const char *group)
504 struct family_data res = { group, -ENOENT };
509 genlmsg_put(msg, 0, 0, genl_ctrl_resolve(global->nl, "nlctrl"),
510 0, 0, CTRL_CMD_GETFAMILY, 0);
511 NLA_PUT_STRING(msg, CTRL_ATTR_FAMILY_NAME, family);
513 ret = send_and_recv_msgs_global(global, msg, family_handler, &res);
524 static void * nl80211_cmd(struct wpa_driver_nl80211_data *drv,
525 struct nl_msg *msg, int flags, uint8_t cmd)
527 return genlmsg_put(msg, 0, 0, drv->global->nl80211_id,
532 struct wiphy_idx_data {
537 static int netdev_info_handler(struct nl_msg *msg, void *arg)
539 struct nlattr *tb[NL80211_ATTR_MAX + 1];
540 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
541 struct wiphy_idx_data *info = arg;
543 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
544 genlmsg_attrlen(gnlh, 0), NULL);
546 if (tb[NL80211_ATTR_WIPHY])
547 info->wiphy_idx = nla_get_u32(tb[NL80211_ATTR_WIPHY]);
553 static int nl80211_get_wiphy_index(struct i802_bss *bss)
556 struct wiphy_idx_data data = {
564 nl80211_cmd(bss->drv, msg, 0, NL80211_CMD_GET_INTERFACE);
566 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, bss->ifindex);
568 if (send_and_recv_msgs(bss->drv, msg, netdev_info_handler, &data) == 0)
569 return data.wiphy_idx;
577 static int nl80211_register_beacons(struct wpa_driver_nl80211_data *drv,
578 struct nl80211_wiphy_data *w)
587 nl80211_cmd(drv, msg, 0, NL80211_CMD_REGISTER_BEACONS);
589 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, w->wiphy_idx);
591 ret = send_and_recv(drv->global, w->nl_beacons, msg, NULL, NULL);
594 wpa_printf(MSG_DEBUG, "nl80211: Register beacons command "
595 "failed: ret=%d (%s)",
596 ret, strerror(-ret));
597 goto nla_put_failure;
606 static void nl80211_recv_beacons(int sock, void *eloop_ctx, void *handle)
608 struct nl80211_wiphy_data *w = eloop_ctx;
610 wpa_printf(MSG_EXCESSIVE, "nl80211: Beacon event message available");
612 nl_recvmsgs(handle, w->nl_cb);
616 static int process_beacon_event(struct nl_msg *msg, void *arg)
618 struct nl80211_wiphy_data *w = arg;
619 struct wpa_driver_nl80211_data *drv;
620 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
621 struct nlattr *tb[NL80211_ATTR_MAX + 1];
622 union wpa_event_data event;
624 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
625 genlmsg_attrlen(gnlh, 0), NULL);
627 if (gnlh->cmd != NL80211_CMD_FRAME) {
628 wpa_printf(MSG_DEBUG, "nl80211: Unexpected beacon event? (%d)",
633 if (!tb[NL80211_ATTR_FRAME])
636 dl_list_for_each(drv, &w->drvs, struct wpa_driver_nl80211_data,
638 os_memset(&event, 0, sizeof(event));
639 event.rx_mgmt.frame = nla_data(tb[NL80211_ATTR_FRAME]);
640 event.rx_mgmt.frame_len = nla_len(tb[NL80211_ATTR_FRAME]);
641 wpa_supplicant_event(drv->ctx, EVENT_RX_MGMT, &event);
648 static struct nl80211_wiphy_data *
649 nl80211_get_wiphy_data_ap(struct i802_bss *bss)
651 static DEFINE_DL_LIST(nl80211_wiphys);
652 struct nl80211_wiphy_data *w;
653 int wiphy_idx, found = 0;
654 struct i802_bss *tmp_bss;
656 if (bss->wiphy_data != NULL)
657 return bss->wiphy_data;
659 wiphy_idx = nl80211_get_wiphy_index(bss);
661 dl_list_for_each(w, &nl80211_wiphys, struct nl80211_wiphy_data, list) {
662 if (w->wiphy_idx == wiphy_idx)
667 w = os_zalloc(sizeof(*w));
670 w->wiphy_idx = wiphy_idx;
671 dl_list_init(&w->bsss);
672 dl_list_init(&w->drvs);
674 w->nl_cb = nl_cb_alloc(NL_CB_DEFAULT);
679 nl_cb_set(w->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM, no_seq_check, NULL);
680 nl_cb_set(w->nl_cb, NL_CB_VALID, NL_CB_CUSTOM, process_beacon_event,
683 w->nl_beacons = nl_create_handle(bss->drv->global->nl_cb,
685 if (w->nl_beacons == NULL) {
690 if (nl80211_register_beacons(bss->drv, w)) {
691 nl_destroy_handles(&w->nl_beacons);
696 eloop_register_read_sock(nl_socket_get_fd(w->nl_beacons),
697 nl80211_recv_beacons, w, w->nl_beacons);
699 dl_list_add(&nl80211_wiphys, &w->list);
702 /* drv entry for this bss already there? */
703 dl_list_for_each(tmp_bss, &w->bsss, struct i802_bss, wiphy_list) {
704 if (tmp_bss->drv == bss->drv) {
711 dl_list_add(&w->drvs, &bss->drv->wiphy_list);
713 dl_list_add(&w->bsss, &bss->wiphy_list);
719 static void nl80211_put_wiphy_data_ap(struct i802_bss *bss)
721 struct nl80211_wiphy_data *w = bss->wiphy_data;
722 struct i802_bss *tmp_bss;
727 bss->wiphy_data = NULL;
728 dl_list_del(&bss->wiphy_list);
730 /* still any for this drv present? */
731 dl_list_for_each(tmp_bss, &w->bsss, struct i802_bss, wiphy_list) {
732 if (tmp_bss->drv == bss->drv) {
737 /* if not remove it */
739 dl_list_del(&bss->drv->wiphy_list);
741 if (!dl_list_empty(&w->bsss))
744 eloop_unregister_read_sock(nl_socket_get_fd(w->nl_beacons));
747 nl_destroy_handles(&w->nl_beacons);
748 dl_list_del(&w->list);
753 static int wpa_driver_nl80211_get_bssid(void *priv, u8 *bssid)
755 struct i802_bss *bss = priv;
756 struct wpa_driver_nl80211_data *drv = bss->drv;
757 if (!drv->associated)
759 os_memcpy(bssid, drv->bssid, ETH_ALEN);
764 static int wpa_driver_nl80211_get_ssid(void *priv, u8 *ssid)
766 struct i802_bss *bss = priv;
767 struct wpa_driver_nl80211_data *drv = bss->drv;
768 if (!drv->associated)
770 os_memcpy(ssid, drv->ssid, drv->ssid_len);
771 return drv->ssid_len;
775 static void wpa_driver_nl80211_event_link(struct wpa_driver_nl80211_data *drv,
776 char *buf, size_t len, int del)
778 union wpa_event_data event;
780 os_memset(&event, 0, sizeof(event));
781 if (len > sizeof(event.interface_status.ifname))
782 len = sizeof(event.interface_status.ifname) - 1;
783 os_memcpy(event.interface_status.ifname, buf, len);
784 event.interface_status.ievent = del ? EVENT_INTERFACE_REMOVED :
785 EVENT_INTERFACE_ADDED;
787 wpa_printf(MSG_DEBUG, "RTM_%sLINK, IFLA_IFNAME: Interface '%s' %s",
789 event.interface_status.ifname,
790 del ? "removed" : "added");
792 if (os_strcmp(drv->first_bss.ifname, event.interface_status.ifname) == 0) {
794 if (drv->if_removed) {
795 wpa_printf(MSG_DEBUG, "nl80211: if_removed "
796 "already set - ignore event");
801 if (if_nametoindex(drv->first_bss.ifname) == 0) {
802 wpa_printf(MSG_DEBUG, "nl80211: Interface %s "
803 "does not exist - ignore "
805 drv->first_bss.ifname);
808 if (!drv->if_removed) {
809 wpa_printf(MSG_DEBUG, "nl80211: if_removed "
810 "already cleared - ignore event");
817 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_STATUS, &event);
821 static int wpa_driver_nl80211_own_ifname(struct wpa_driver_nl80211_data *drv,
824 int attrlen, rta_len;
828 attr = (struct rtattr *) buf;
830 rta_len = RTA_ALIGN(sizeof(struct rtattr));
831 while (RTA_OK(attr, attrlen)) {
832 if (attr->rta_type == IFLA_IFNAME) {
833 if (os_strcmp(((char *) attr) + rta_len, drv->first_bss.ifname)
839 attr = RTA_NEXT(attr, attrlen);
846 static int wpa_driver_nl80211_own_ifindex(struct wpa_driver_nl80211_data *drv,
847 int ifindex, u8 *buf, size_t len)
849 if (drv->ifindex == ifindex)
852 if (drv->if_removed && wpa_driver_nl80211_own_ifname(drv, buf, len)) {
853 drv->first_bss.ifindex = if_nametoindex(drv->first_bss.ifname);
854 wpa_printf(MSG_DEBUG, "nl80211: Update ifindex for a removed "
856 wpa_driver_nl80211_finish_drv_init(drv);
864 static struct wpa_driver_nl80211_data *
865 nl80211_find_drv(struct nl80211_global *global, int idx, u8 *buf, size_t len)
867 struct wpa_driver_nl80211_data *drv;
868 dl_list_for_each(drv, &global->interfaces,
869 struct wpa_driver_nl80211_data, list) {
870 if (wpa_driver_nl80211_own_ifindex(drv, idx, buf, len) ||
871 have_ifidx(drv, idx))
878 static void wpa_driver_nl80211_event_rtm_newlink(void *ctx,
879 struct ifinfomsg *ifi,
882 struct nl80211_global *global = ctx;
883 struct wpa_driver_nl80211_data *drv;
884 int attrlen, rta_len;
887 char namebuf[IFNAMSIZ];
889 drv = nl80211_find_drv(global, ifi->ifi_index, buf, len);
891 wpa_printf(MSG_DEBUG, "nl80211: Ignore event for foreign "
892 "ifindex %d", ifi->ifi_index);
896 wpa_printf(MSG_DEBUG, "RTM_NEWLINK: operstate=%d ifi_flags=0x%x "
898 drv->operstate, ifi->ifi_flags,
899 (ifi->ifi_flags & IFF_UP) ? "[UP]" : "",
900 (ifi->ifi_flags & IFF_RUNNING) ? "[RUNNING]" : "",
901 (ifi->ifi_flags & IFF_LOWER_UP) ? "[LOWER_UP]" : "",
902 (ifi->ifi_flags & IFF_DORMANT) ? "[DORMANT]" : "");
904 if (!drv->if_disabled && !(ifi->ifi_flags & IFF_UP)) {
905 if (if_indextoname(ifi->ifi_index, namebuf) &&
906 linux_iface_up(drv->global->ioctl_sock,
907 drv->first_bss.ifname) > 0) {
908 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface down "
909 "event since interface %s is up", namebuf);
912 wpa_printf(MSG_DEBUG, "nl80211: Interface down");
913 if (drv->ignore_if_down_event) {
914 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface down "
915 "event generated by mode change");
916 drv->ignore_if_down_event = 0;
918 drv->if_disabled = 1;
919 wpa_supplicant_event(drv->ctx,
920 EVENT_INTERFACE_DISABLED, NULL);
924 if (drv->if_disabled && (ifi->ifi_flags & IFF_UP)) {
925 if (if_indextoname(ifi->ifi_index, namebuf) &&
926 linux_iface_up(drv->global->ioctl_sock,
927 drv->first_bss.ifname) == 0) {
928 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface up "
929 "event since interface %s is down",
931 } else if (if_nametoindex(drv->first_bss.ifname) == 0) {
932 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface up "
933 "event since interface %s does not exist",
934 drv->first_bss.ifname);
935 } else if (drv->if_removed) {
936 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface up "
937 "event since interface %s is marked "
938 "removed", drv->first_bss.ifname);
940 wpa_printf(MSG_DEBUG, "nl80211: Interface up");
941 drv->if_disabled = 0;
942 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_ENABLED,
948 * Some drivers send the association event before the operup event--in
949 * this case, lifting operstate in wpa_driver_nl80211_set_operstate()
950 * fails. This will hit us when wpa_supplicant does not need to do
951 * IEEE 802.1X authentication
953 if (drv->operstate == 1 &&
954 (ifi->ifi_flags & (IFF_LOWER_UP | IFF_DORMANT)) == IFF_LOWER_UP &&
955 !(ifi->ifi_flags & IFF_RUNNING))
956 netlink_send_oper_ifla(drv->global->netlink, drv->ifindex,
960 attr = (struct rtattr *) buf;
961 rta_len = RTA_ALIGN(sizeof(struct rtattr));
962 while (RTA_OK(attr, attrlen)) {
963 if (attr->rta_type == IFLA_IFNAME) {
964 wpa_driver_nl80211_event_link(
966 ((char *) attr) + rta_len,
967 attr->rta_len - rta_len, 0);
968 } else if (attr->rta_type == IFLA_MASTER)
969 brid = nla_get_u32((struct nlattr *) attr);
970 attr = RTA_NEXT(attr, attrlen);
973 if (ifi->ifi_family == AF_BRIDGE && brid) {
974 /* device has been added to bridge */
975 if_indextoname(brid, namebuf);
976 wpa_printf(MSG_DEBUG, "nl80211: Add ifindex %u for bridge %s",
978 add_ifidx(drv, brid);
983 static void wpa_driver_nl80211_event_rtm_dellink(void *ctx,
984 struct ifinfomsg *ifi,
987 struct nl80211_global *global = ctx;
988 struct wpa_driver_nl80211_data *drv;
989 int attrlen, rta_len;
993 drv = nl80211_find_drv(global, ifi->ifi_index, buf, len);
995 wpa_printf(MSG_DEBUG, "nl80211: Ignore dellink event for "
996 "foreign ifindex %d", ifi->ifi_index);
1001 attr = (struct rtattr *) buf;
1003 rta_len = RTA_ALIGN(sizeof(struct rtattr));
1004 while (RTA_OK(attr, attrlen)) {
1005 if (attr->rta_type == IFLA_IFNAME) {
1006 wpa_driver_nl80211_event_link(
1008 ((char *) attr) + rta_len,
1009 attr->rta_len - rta_len, 1);
1010 } else if (attr->rta_type == IFLA_MASTER)
1011 brid = nla_get_u32((struct nlattr *) attr);
1012 attr = RTA_NEXT(attr, attrlen);
1015 if (ifi->ifi_family == AF_BRIDGE && brid) {
1016 /* device has been removed from bridge */
1017 char namebuf[IFNAMSIZ];
1018 if_indextoname(brid, namebuf);
1019 wpa_printf(MSG_DEBUG, "nl80211: Remove ifindex %u for bridge "
1020 "%s", brid, namebuf);
1021 del_ifidx(drv, brid);
1026 static void mlme_event_auth(struct wpa_driver_nl80211_data *drv,
1027 const u8 *frame, size_t len)
1029 const struct ieee80211_mgmt *mgmt;
1030 union wpa_event_data event;
1032 mgmt = (const struct ieee80211_mgmt *) frame;
1033 if (len < 24 + sizeof(mgmt->u.auth)) {
1034 wpa_printf(MSG_DEBUG, "nl80211: Too short association event "
1039 os_memcpy(drv->auth_bssid, mgmt->sa, ETH_ALEN);
1040 os_memset(&event, 0, sizeof(event));
1041 os_memcpy(event.auth.peer, mgmt->sa, ETH_ALEN);
1042 event.auth.auth_type = le_to_host16(mgmt->u.auth.auth_alg);
1043 event.auth.status_code = le_to_host16(mgmt->u.auth.status_code);
1044 if (len > 24 + sizeof(mgmt->u.auth)) {
1045 event.auth.ies = mgmt->u.auth.variable;
1046 event.auth.ies_len = len - 24 - sizeof(mgmt->u.auth);
1049 wpa_supplicant_event(drv->ctx, EVENT_AUTH, &event);
1053 static unsigned int nl80211_get_assoc_freq(struct wpa_driver_nl80211_data *drv)
1057 struct nl80211_bss_info_arg arg;
1059 os_memset(&arg, 0, sizeof(arg));
1060 msg = nlmsg_alloc();
1062 goto nla_put_failure;
1064 nl80211_cmd(drv, msg, NLM_F_DUMP, NL80211_CMD_GET_SCAN);
1065 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
1068 ret = send_and_recv_msgs(drv, msg, bss_info_handler, &arg);
1071 wpa_printf(MSG_DEBUG, "nl80211: Operating frequency for the "
1072 "associated BSS from scan results: %u MHz",
1074 return arg.assoc_freq ? arg.assoc_freq : drv->assoc_freq;
1076 wpa_printf(MSG_DEBUG, "nl80211: Scan result fetch failed: ret=%d "
1077 "(%s)", ret, strerror(-ret));
1080 return drv->assoc_freq;
1084 static void mlme_event_assoc(struct wpa_driver_nl80211_data *drv,
1085 const u8 *frame, size_t len)
1087 const struct ieee80211_mgmt *mgmt;
1088 union wpa_event_data event;
1091 mgmt = (const struct ieee80211_mgmt *) frame;
1092 if (len < 24 + sizeof(mgmt->u.assoc_resp)) {
1093 wpa_printf(MSG_DEBUG, "nl80211: Too short association event "
1098 status = le_to_host16(mgmt->u.assoc_resp.status_code);
1099 if (status != WLAN_STATUS_SUCCESS) {
1100 os_memset(&event, 0, sizeof(event));
1101 event.assoc_reject.bssid = mgmt->bssid;
1102 if (len > 24 + sizeof(mgmt->u.assoc_resp)) {
1103 event.assoc_reject.resp_ies =
1104 (u8 *) mgmt->u.assoc_resp.variable;
1105 event.assoc_reject.resp_ies_len =
1106 len - 24 - sizeof(mgmt->u.assoc_resp);
1108 event.assoc_reject.status_code = status;
1110 wpa_supplicant_event(drv->ctx, EVENT_ASSOC_REJECT, &event);
1114 drv->associated = 1;
1115 os_memcpy(drv->bssid, mgmt->sa, ETH_ALEN);
1117 os_memset(&event, 0, sizeof(event));
1118 if (len > 24 + sizeof(mgmt->u.assoc_resp)) {
1119 event.assoc_info.resp_ies = (u8 *) mgmt->u.assoc_resp.variable;
1120 event.assoc_info.resp_ies_len =
1121 len - 24 - sizeof(mgmt->u.assoc_resp);
1124 event.assoc_info.freq = drv->assoc_freq;
1126 wpa_supplicant_event(drv->ctx, EVENT_ASSOC, &event);
1130 static void mlme_event_connect(struct wpa_driver_nl80211_data *drv,
1131 enum nl80211_commands cmd, struct nlattr *status,
1132 struct nlattr *addr, struct nlattr *req_ie,
1133 struct nlattr *resp_ie)
1135 union wpa_event_data event;
1137 if (drv->capa.flags & WPA_DRIVER_FLAGS_SME) {
1139 * Avoid reporting two association events that would confuse
1142 wpa_printf(MSG_DEBUG, "nl80211: Ignore connect event (cmd=%d) "
1143 "when using userspace SME", cmd);
1147 os_memset(&event, 0, sizeof(event));
1148 if (cmd == NL80211_CMD_CONNECT &&
1149 nla_get_u16(status) != WLAN_STATUS_SUCCESS) {
1151 event.assoc_reject.bssid = nla_data(addr);
1153 event.assoc_reject.resp_ies = nla_data(resp_ie);
1154 event.assoc_reject.resp_ies_len = nla_len(resp_ie);
1156 event.assoc_reject.status_code = nla_get_u16(status);
1157 wpa_supplicant_event(drv->ctx, EVENT_ASSOC_REJECT, &event);
1161 drv->associated = 1;
1163 os_memcpy(drv->bssid, nla_data(addr), ETH_ALEN);
1166 event.assoc_info.req_ies = nla_data(req_ie);
1167 event.assoc_info.req_ies_len = nla_len(req_ie);
1170 event.assoc_info.resp_ies = nla_data(resp_ie);
1171 event.assoc_info.resp_ies_len = nla_len(resp_ie);
1174 event.assoc_info.freq = nl80211_get_assoc_freq(drv);
1176 wpa_supplicant_event(drv->ctx, EVENT_ASSOC, &event);
1180 static void mlme_event_disconnect(struct wpa_driver_nl80211_data *drv,
1181 struct nlattr *reason, struct nlattr *addr,
1182 struct nlattr *by_ap)
1184 union wpa_event_data data;
1186 if (drv->capa.flags & WPA_DRIVER_FLAGS_SME) {
1188 * Avoid reporting two disassociation events that could
1189 * confuse the core code.
1191 wpa_printf(MSG_DEBUG, "nl80211: Ignore disconnect "
1192 "event when using userspace SME");
1196 drv->associated = 0;
1197 os_memset(&data, 0, sizeof(data));
1199 data.deauth_info.reason_code = nla_get_u16(reason);
1200 data.deauth_info.locally_generated = by_ap == NULL;
1201 wpa_supplicant_event(drv->ctx, EVENT_DEAUTH, &data);
1205 static void mlme_event_ch_switch(struct wpa_driver_nl80211_data *drv,
1206 struct nlattr *freq, struct nlattr *type)
1208 union wpa_event_data data;
1210 int chan_offset = 0;
1212 wpa_printf(MSG_DEBUG, "nl80211: Channel switch event");
1217 switch (nla_get_u32(type)) {
1218 case NL80211_CHAN_NO_HT:
1221 case NL80211_CHAN_HT20:
1223 case NL80211_CHAN_HT40PLUS:
1226 case NL80211_CHAN_HT40MINUS:
1231 data.ch_switch.freq = nla_get_u32(freq);
1232 data.ch_switch.ht_enabled = ht_enabled;
1233 data.ch_switch.ch_offset = chan_offset;
1235 wpa_supplicant_event(drv->ctx, EVENT_CH_SWITCH, &data);
1239 static void mlme_timeout_event(struct wpa_driver_nl80211_data *drv,
1240 enum nl80211_commands cmd, struct nlattr *addr)
1242 union wpa_event_data event;
1243 enum wpa_event_type ev;
1245 if (nla_len(addr) != ETH_ALEN)
1248 wpa_printf(MSG_DEBUG, "nl80211: MLME event %d; timeout with " MACSTR,
1249 cmd, MAC2STR((u8 *) nla_data(addr)));
1251 if (cmd == NL80211_CMD_AUTHENTICATE)
1252 ev = EVENT_AUTH_TIMED_OUT;
1253 else if (cmd == NL80211_CMD_ASSOCIATE)
1254 ev = EVENT_ASSOC_TIMED_OUT;
1258 os_memset(&event, 0, sizeof(event));
1259 os_memcpy(event.timeout_event.addr, nla_data(addr), ETH_ALEN);
1260 wpa_supplicant_event(drv->ctx, ev, &event);
1264 static void mlme_event_mgmt(struct wpa_driver_nl80211_data *drv,
1265 struct nlattr *freq, struct nlattr *sig,
1266 const u8 *frame, size_t len)
1268 const struct ieee80211_mgmt *mgmt;
1269 union wpa_event_data event;
1273 mgmt = (const struct ieee80211_mgmt *) frame;
1275 wpa_printf(MSG_DEBUG, "nl80211: Too short action frame");
1279 fc = le_to_host16(mgmt->frame_control);
1280 stype = WLAN_FC_GET_STYPE(fc);
1283 ssi_signal = (s32) nla_get_u32(sig);
1285 os_memset(&event, 0, sizeof(event));
1287 event.rx_action.freq = nla_get_u32(freq);
1288 drv->last_mgmt_freq = event.rx_action.freq;
1290 if (stype == WLAN_FC_STYPE_ACTION) {
1291 event.rx_action.da = mgmt->da;
1292 event.rx_action.sa = mgmt->sa;
1293 event.rx_action.bssid = mgmt->bssid;
1294 event.rx_action.category = mgmt->u.action.category;
1295 event.rx_action.data = &mgmt->u.action.category + 1;
1296 event.rx_action.len = frame + len - event.rx_action.data;
1297 wpa_supplicant_event(drv->ctx, EVENT_RX_ACTION, &event);
1299 event.rx_mgmt.frame = frame;
1300 event.rx_mgmt.frame_len = len;
1301 event.rx_mgmt.ssi_signal = ssi_signal;
1302 wpa_supplicant_event(drv->ctx, EVENT_RX_MGMT, &event);
1307 static void mlme_event_mgmt_tx_status(struct wpa_driver_nl80211_data *drv,
1308 struct nlattr *cookie, const u8 *frame,
1309 size_t len, struct nlattr *ack)
1311 union wpa_event_data event;
1312 const struct ieee80211_hdr *hdr;
1315 if (!is_ap_interface(drv->nlmode)) {
1321 cookie_val = nla_get_u64(cookie);
1322 wpa_printf(MSG_DEBUG, "nl80211: Action TX status:"
1323 " cookie=0%llx%s (ack=%d)",
1324 (long long unsigned int) cookie_val,
1325 cookie_val == drv->send_action_cookie ?
1326 " (match)" : " (unknown)", ack != NULL);
1327 if (cookie_val != drv->send_action_cookie)
1331 hdr = (const struct ieee80211_hdr *) frame;
1332 fc = le_to_host16(hdr->frame_control);
1334 os_memset(&event, 0, sizeof(event));
1335 event.tx_status.type = WLAN_FC_GET_TYPE(fc);
1336 event.tx_status.stype = WLAN_FC_GET_STYPE(fc);
1337 event.tx_status.dst = hdr->addr1;
1338 event.tx_status.data = frame;
1339 event.tx_status.data_len = len;
1340 event.tx_status.ack = ack != NULL;
1341 wpa_supplicant_event(drv->ctx, EVENT_TX_STATUS, &event);
1345 static void mlme_event_deauth_disassoc(struct wpa_driver_nl80211_data *drv,
1346 enum wpa_event_type type,
1347 const u8 *frame, size_t len)
1349 const struct ieee80211_mgmt *mgmt;
1350 union wpa_event_data event;
1351 const u8 *bssid = NULL;
1352 u16 reason_code = 0;
1354 mgmt = (const struct ieee80211_mgmt *) frame;
1356 bssid = mgmt->bssid;
1358 if (drv->associated != 0 &&
1359 os_memcmp(bssid, drv->bssid, ETH_ALEN) != 0 &&
1360 os_memcmp(bssid, drv->auth_bssid, ETH_ALEN) != 0) {
1362 * We have presumably received this deauth as a
1363 * response to a clear_state_mismatch() outgoing
1364 * deauth. Don't let it take us offline!
1366 wpa_printf(MSG_DEBUG, "nl80211: Deauth received "
1367 "from Unknown BSSID " MACSTR " -- ignoring",
1373 drv->associated = 0;
1374 os_memset(&event, 0, sizeof(event));
1376 /* Note: Same offset for Reason Code in both frame subtypes */
1377 if (len >= 24 + sizeof(mgmt->u.deauth))
1378 reason_code = le_to_host16(mgmt->u.deauth.reason_code);
1380 if (type == EVENT_DISASSOC) {
1381 event.disassoc_info.locally_generated =
1382 !os_memcmp(mgmt->sa, drv->first_bss.addr, ETH_ALEN);
1383 event.disassoc_info.addr = bssid;
1384 event.disassoc_info.reason_code = reason_code;
1385 if (frame + len > mgmt->u.disassoc.variable) {
1386 event.disassoc_info.ie = mgmt->u.disassoc.variable;
1387 event.disassoc_info.ie_len = frame + len -
1388 mgmt->u.disassoc.variable;
1391 event.deauth_info.locally_generated =
1392 !os_memcmp(mgmt->sa, drv->first_bss.addr, ETH_ALEN);
1393 event.deauth_info.addr = bssid;
1394 event.deauth_info.reason_code = reason_code;
1395 if (frame + len > mgmt->u.deauth.variable) {
1396 event.deauth_info.ie = mgmt->u.deauth.variable;
1397 event.deauth_info.ie_len = frame + len -
1398 mgmt->u.deauth.variable;
1402 wpa_supplicant_event(drv->ctx, type, &event);
1406 static void mlme_event_unprot_disconnect(struct wpa_driver_nl80211_data *drv,
1407 enum wpa_event_type type,
1408 const u8 *frame, size_t len)
1410 const struct ieee80211_mgmt *mgmt;
1411 union wpa_event_data event;
1412 u16 reason_code = 0;
1417 mgmt = (const struct ieee80211_mgmt *) frame;
1419 os_memset(&event, 0, sizeof(event));
1420 /* Note: Same offset for Reason Code in both frame subtypes */
1421 if (len >= 24 + sizeof(mgmt->u.deauth))
1422 reason_code = le_to_host16(mgmt->u.deauth.reason_code);
1424 if (type == EVENT_UNPROT_DISASSOC) {
1425 event.unprot_disassoc.sa = mgmt->sa;
1426 event.unprot_disassoc.da = mgmt->da;
1427 event.unprot_disassoc.reason_code = reason_code;
1429 event.unprot_deauth.sa = mgmt->sa;
1430 event.unprot_deauth.da = mgmt->da;
1431 event.unprot_deauth.reason_code = reason_code;
1434 wpa_supplicant_event(drv->ctx, type, &event);
1438 static void mlme_event(struct wpa_driver_nl80211_data *drv,
1439 enum nl80211_commands cmd, struct nlattr *frame,
1440 struct nlattr *addr, struct nlattr *timed_out,
1441 struct nlattr *freq, struct nlattr *ack,
1442 struct nlattr *cookie, struct nlattr *sig)
1444 if (timed_out && addr) {
1445 mlme_timeout_event(drv, cmd, addr);
1449 if (frame == NULL) {
1450 wpa_printf(MSG_DEBUG, "nl80211: MLME event %d without frame "
1455 wpa_printf(MSG_DEBUG, "nl80211: MLME event %d", cmd);
1456 wpa_hexdump(MSG_MSGDUMP, "nl80211: MLME event frame",
1457 nla_data(frame), nla_len(frame));
1460 case NL80211_CMD_AUTHENTICATE:
1461 mlme_event_auth(drv, nla_data(frame), nla_len(frame));
1463 case NL80211_CMD_ASSOCIATE:
1464 mlme_event_assoc(drv, nla_data(frame), nla_len(frame));
1466 case NL80211_CMD_DEAUTHENTICATE:
1467 mlme_event_deauth_disassoc(drv, EVENT_DEAUTH,
1468 nla_data(frame), nla_len(frame));
1470 case NL80211_CMD_DISASSOCIATE:
1471 mlme_event_deauth_disassoc(drv, EVENT_DISASSOC,
1472 nla_data(frame), nla_len(frame));
1474 case NL80211_CMD_FRAME:
1475 mlme_event_mgmt(drv, freq, sig, nla_data(frame),
1478 case NL80211_CMD_FRAME_TX_STATUS:
1479 mlme_event_mgmt_tx_status(drv, cookie, nla_data(frame),
1480 nla_len(frame), ack);
1482 case NL80211_CMD_UNPROT_DEAUTHENTICATE:
1483 mlme_event_unprot_disconnect(drv, EVENT_UNPROT_DEAUTH,
1484 nla_data(frame), nla_len(frame));
1486 case NL80211_CMD_UNPROT_DISASSOCIATE:
1487 mlme_event_unprot_disconnect(drv, EVENT_UNPROT_DISASSOC,
1488 nla_data(frame), nla_len(frame));
1496 static void mlme_event_michael_mic_failure(struct wpa_driver_nl80211_data *drv,
1497 struct nlattr *tb[])
1499 union wpa_event_data data;
1501 wpa_printf(MSG_DEBUG, "nl80211: MLME event Michael MIC failure");
1502 os_memset(&data, 0, sizeof(data));
1503 if (tb[NL80211_ATTR_MAC]) {
1504 wpa_hexdump(MSG_DEBUG, "nl80211: Source MAC address",
1505 nla_data(tb[NL80211_ATTR_MAC]),
1506 nla_len(tb[NL80211_ATTR_MAC]));
1507 data.michael_mic_failure.src = nla_data(tb[NL80211_ATTR_MAC]);
1509 if (tb[NL80211_ATTR_KEY_SEQ]) {
1510 wpa_hexdump(MSG_DEBUG, "nl80211: TSC",
1511 nla_data(tb[NL80211_ATTR_KEY_SEQ]),
1512 nla_len(tb[NL80211_ATTR_KEY_SEQ]));
1514 if (tb[NL80211_ATTR_KEY_TYPE]) {
1515 enum nl80211_key_type key_type =
1516 nla_get_u32(tb[NL80211_ATTR_KEY_TYPE]);
1517 wpa_printf(MSG_DEBUG, "nl80211: Key Type %d", key_type);
1518 if (key_type == NL80211_KEYTYPE_PAIRWISE)
1519 data.michael_mic_failure.unicast = 1;
1521 data.michael_mic_failure.unicast = 1;
1523 if (tb[NL80211_ATTR_KEY_IDX]) {
1524 u8 key_id = nla_get_u8(tb[NL80211_ATTR_KEY_IDX]);
1525 wpa_printf(MSG_DEBUG, "nl80211: Key Id %d", key_id);
1528 wpa_supplicant_event(drv->ctx, EVENT_MICHAEL_MIC_FAILURE, &data);
1532 static void mlme_event_join_ibss(struct wpa_driver_nl80211_data *drv,
1533 struct nlattr *tb[])
1535 if (tb[NL80211_ATTR_MAC] == NULL) {
1536 wpa_printf(MSG_DEBUG, "nl80211: No address in IBSS joined "
1540 os_memcpy(drv->bssid, nla_data(tb[NL80211_ATTR_MAC]), ETH_ALEN);
1541 drv->associated = 1;
1542 wpa_printf(MSG_DEBUG, "nl80211: IBSS " MACSTR " joined",
1543 MAC2STR(drv->bssid));
1545 wpa_supplicant_event(drv->ctx, EVENT_ASSOC, NULL);
1549 static void mlme_event_remain_on_channel(struct wpa_driver_nl80211_data *drv,
1550 int cancel_event, struct nlattr *tb[])
1552 unsigned int freq, chan_type, duration;
1553 union wpa_event_data data;
1556 if (tb[NL80211_ATTR_WIPHY_FREQ])
1557 freq = nla_get_u32(tb[NL80211_ATTR_WIPHY_FREQ]);
1561 if (tb[NL80211_ATTR_WIPHY_CHANNEL_TYPE])
1562 chan_type = nla_get_u32(tb[NL80211_ATTR_WIPHY_CHANNEL_TYPE]);
1566 if (tb[NL80211_ATTR_DURATION])
1567 duration = nla_get_u32(tb[NL80211_ATTR_DURATION]);
1571 if (tb[NL80211_ATTR_COOKIE])
1572 cookie = nla_get_u64(tb[NL80211_ATTR_COOKIE]);
1576 wpa_printf(MSG_DEBUG, "nl80211: Remain-on-channel event (cancel=%d "
1577 "freq=%u channel_type=%u duration=%u cookie=0x%llx (%s))",
1578 cancel_event, freq, chan_type, duration,
1579 (long long unsigned int) cookie,
1580 cookie == drv->remain_on_chan_cookie ? "match" : "unknown");
1582 if (cookie != drv->remain_on_chan_cookie)
1583 return; /* not for us */
1586 drv->pending_remain_on_chan = 0;
1588 os_memset(&data, 0, sizeof(data));
1589 data.remain_on_channel.freq = freq;
1590 data.remain_on_channel.duration = duration;
1591 wpa_supplicant_event(drv->ctx, cancel_event ?
1592 EVENT_CANCEL_REMAIN_ON_CHANNEL :
1593 EVENT_REMAIN_ON_CHANNEL, &data);
1597 static void send_scan_event(struct wpa_driver_nl80211_data *drv, int aborted,
1598 struct nlattr *tb[])
1600 union wpa_event_data event;
1603 struct scan_info *info;
1604 #define MAX_REPORT_FREQS 50
1605 int freqs[MAX_REPORT_FREQS];
1608 if (drv->scan_for_auth) {
1609 drv->scan_for_auth = 0;
1610 wpa_printf(MSG_DEBUG, "nl80211: Scan results for missing "
1611 "cfg80211 BSS entry");
1612 wpa_driver_nl80211_authenticate_retry(drv);
1616 os_memset(&event, 0, sizeof(event));
1617 info = &event.scan_info;
1618 info->aborted = aborted;
1620 if (tb[NL80211_ATTR_SCAN_SSIDS]) {
1621 nla_for_each_nested(nl, tb[NL80211_ATTR_SCAN_SSIDS], rem) {
1622 struct wpa_driver_scan_ssid *s =
1623 &info->ssids[info->num_ssids];
1624 s->ssid = nla_data(nl);
1625 s->ssid_len = nla_len(nl);
1627 if (info->num_ssids == WPAS_MAX_SCAN_SSIDS)
1631 if (tb[NL80211_ATTR_SCAN_FREQUENCIES]) {
1632 nla_for_each_nested(nl, tb[NL80211_ATTR_SCAN_FREQUENCIES], rem)
1634 freqs[num_freqs] = nla_get_u32(nl);
1636 if (num_freqs == MAX_REPORT_FREQS - 1)
1639 info->freqs = freqs;
1640 info->num_freqs = num_freqs;
1642 wpa_supplicant_event(drv->ctx, EVENT_SCAN_RESULTS, &event);
1646 static int get_link_signal(struct nl_msg *msg, void *arg)
1648 struct nlattr *tb[NL80211_ATTR_MAX + 1];
1649 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
1650 struct nlattr *sinfo[NL80211_STA_INFO_MAX + 1];
1651 static struct nla_policy policy[NL80211_STA_INFO_MAX + 1] = {
1652 [NL80211_STA_INFO_SIGNAL] = { .type = NLA_U8 },
1654 struct nlattr *rinfo[NL80211_RATE_INFO_MAX + 1];
1655 static struct nla_policy rate_policy[NL80211_RATE_INFO_MAX + 1] = {
1656 [NL80211_RATE_INFO_BITRATE] = { .type = NLA_U16 },
1657 [NL80211_RATE_INFO_MCS] = { .type = NLA_U8 },
1658 [NL80211_RATE_INFO_40_MHZ_WIDTH] = { .type = NLA_FLAG },
1659 [NL80211_RATE_INFO_SHORT_GI] = { .type = NLA_FLAG },
1661 struct wpa_signal_info *sig_change = arg;
1663 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
1664 genlmsg_attrlen(gnlh, 0), NULL);
1665 if (!tb[NL80211_ATTR_STA_INFO] ||
1666 nla_parse_nested(sinfo, NL80211_STA_INFO_MAX,
1667 tb[NL80211_ATTR_STA_INFO], policy))
1669 if (!sinfo[NL80211_STA_INFO_SIGNAL])
1672 sig_change->current_signal =
1673 (s8) nla_get_u8(sinfo[NL80211_STA_INFO_SIGNAL]);
1675 if (sinfo[NL80211_STA_INFO_TX_BITRATE]) {
1676 if (nla_parse_nested(rinfo, NL80211_RATE_INFO_MAX,
1677 sinfo[NL80211_STA_INFO_TX_BITRATE],
1679 sig_change->current_txrate = 0;
1681 if (rinfo[NL80211_RATE_INFO_BITRATE]) {
1682 sig_change->current_txrate =
1684 NL80211_RATE_INFO_BITRATE]) * 100;
1693 static int nl80211_get_link_signal(struct wpa_driver_nl80211_data *drv,
1694 struct wpa_signal_info *sig)
1698 sig->current_signal = -9999;
1699 sig->current_txrate = 0;
1701 msg = nlmsg_alloc();
1705 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_STATION);
1707 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
1708 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, drv->bssid);
1710 return send_and_recv_msgs(drv, msg, get_link_signal, sig);
1717 static int get_link_noise(struct nl_msg *msg, void *arg)
1719 struct nlattr *tb[NL80211_ATTR_MAX + 1];
1720 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
1721 struct nlattr *sinfo[NL80211_SURVEY_INFO_MAX + 1];
1722 static struct nla_policy survey_policy[NL80211_SURVEY_INFO_MAX + 1] = {
1723 [NL80211_SURVEY_INFO_FREQUENCY] = { .type = NLA_U32 },
1724 [NL80211_SURVEY_INFO_NOISE] = { .type = NLA_U8 },
1726 struct wpa_signal_info *sig_change = arg;
1728 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
1729 genlmsg_attrlen(gnlh, 0), NULL);
1731 if (!tb[NL80211_ATTR_SURVEY_INFO]) {
1732 wpa_printf(MSG_DEBUG, "nl80211: survey data missing!");
1736 if (nla_parse_nested(sinfo, NL80211_SURVEY_INFO_MAX,
1737 tb[NL80211_ATTR_SURVEY_INFO],
1739 wpa_printf(MSG_DEBUG, "nl80211: failed to parse nested "
1744 if (!sinfo[NL80211_SURVEY_INFO_FREQUENCY])
1747 if (nla_get_u32(sinfo[NL80211_SURVEY_INFO_FREQUENCY]) !=
1748 sig_change->frequency)
1751 if (!sinfo[NL80211_SURVEY_INFO_NOISE])
1754 sig_change->current_noise =
1755 (s8) nla_get_u8(sinfo[NL80211_SURVEY_INFO_NOISE]);
1761 static int nl80211_get_link_noise(struct wpa_driver_nl80211_data *drv,
1762 struct wpa_signal_info *sig_change)
1766 sig_change->current_noise = 9999;
1767 sig_change->frequency = drv->assoc_freq;
1769 msg = nlmsg_alloc();
1773 nl80211_cmd(drv, msg, NLM_F_DUMP, NL80211_CMD_GET_SURVEY);
1775 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
1777 return send_and_recv_msgs(drv, msg, get_link_noise, sig_change);
1784 static int get_noise_for_scan_results(struct nl_msg *msg, void *arg)
1786 struct nlattr *tb[NL80211_ATTR_MAX + 1];
1787 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
1788 struct nlattr *sinfo[NL80211_SURVEY_INFO_MAX + 1];
1789 static struct nla_policy survey_policy[NL80211_SURVEY_INFO_MAX + 1] = {
1790 [NL80211_SURVEY_INFO_FREQUENCY] = { .type = NLA_U32 },
1791 [NL80211_SURVEY_INFO_NOISE] = { .type = NLA_U8 },
1793 struct wpa_scan_results *scan_results = arg;
1794 struct wpa_scan_res *scan_res;
1797 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
1798 genlmsg_attrlen(gnlh, 0), NULL);
1800 if (!tb[NL80211_ATTR_SURVEY_INFO]) {
1801 wpa_printf(MSG_DEBUG, "nl80211: Survey data missing");
1805 if (nla_parse_nested(sinfo, NL80211_SURVEY_INFO_MAX,
1806 tb[NL80211_ATTR_SURVEY_INFO],
1808 wpa_printf(MSG_DEBUG, "nl80211: Failed to parse nested "
1813 if (!sinfo[NL80211_SURVEY_INFO_NOISE])
1816 if (!sinfo[NL80211_SURVEY_INFO_FREQUENCY])
1819 for (i = 0; i < scan_results->num; ++i) {
1820 scan_res = scan_results->res[i];
1823 if ((int) nla_get_u32(sinfo[NL80211_SURVEY_INFO_FREQUENCY]) !=
1826 if (!(scan_res->flags & WPA_SCAN_NOISE_INVALID))
1828 scan_res->noise = (s8)
1829 nla_get_u8(sinfo[NL80211_SURVEY_INFO_NOISE]);
1830 scan_res->flags &= ~WPA_SCAN_NOISE_INVALID;
1837 static int nl80211_get_noise_for_scan_results(
1838 struct wpa_driver_nl80211_data *drv,
1839 struct wpa_scan_results *scan_res)
1843 msg = nlmsg_alloc();
1847 nl80211_cmd(drv, msg, NLM_F_DUMP, NL80211_CMD_GET_SURVEY);
1849 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
1851 return send_and_recv_msgs(drv, msg, get_noise_for_scan_results,
1859 static void nl80211_cqm_event(struct wpa_driver_nl80211_data *drv,
1860 struct nlattr *tb[])
1862 static struct nla_policy cqm_policy[NL80211_ATTR_CQM_MAX + 1] = {
1863 [NL80211_ATTR_CQM_RSSI_THOLD] = { .type = NLA_U32 },
1864 [NL80211_ATTR_CQM_RSSI_HYST] = { .type = NLA_U8 },
1865 [NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT] = { .type = NLA_U32 },
1866 [NL80211_ATTR_CQM_PKT_LOSS_EVENT] = { .type = NLA_U32 },
1868 struct nlattr *cqm[NL80211_ATTR_CQM_MAX + 1];
1869 enum nl80211_cqm_rssi_threshold_event event;
1870 union wpa_event_data ed;
1871 struct wpa_signal_info sig;
1874 if (tb[NL80211_ATTR_CQM] == NULL ||
1875 nla_parse_nested(cqm, NL80211_ATTR_CQM_MAX, tb[NL80211_ATTR_CQM],
1877 wpa_printf(MSG_DEBUG, "nl80211: Ignore invalid CQM event");
1881 os_memset(&ed, 0, sizeof(ed));
1883 if (cqm[NL80211_ATTR_CQM_PKT_LOSS_EVENT]) {
1884 if (!tb[NL80211_ATTR_MAC])
1886 os_memcpy(ed.low_ack.addr, nla_data(tb[NL80211_ATTR_MAC]),
1888 wpa_supplicant_event(drv->ctx, EVENT_STATION_LOW_ACK, &ed);
1892 if (cqm[NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT] == NULL)
1894 event = nla_get_u32(cqm[NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT]);
1896 if (event == NL80211_CQM_RSSI_THRESHOLD_EVENT_HIGH) {
1897 wpa_printf(MSG_DEBUG, "nl80211: Connection quality monitor "
1898 "event: RSSI high");
1899 ed.signal_change.above_threshold = 1;
1900 } else if (event == NL80211_CQM_RSSI_THRESHOLD_EVENT_LOW) {
1901 wpa_printf(MSG_DEBUG, "nl80211: Connection quality monitor "
1903 ed.signal_change.above_threshold = 0;
1907 res = nl80211_get_link_signal(drv, &sig);
1909 ed.signal_change.current_signal = sig.current_signal;
1910 ed.signal_change.current_txrate = sig.current_txrate;
1911 wpa_printf(MSG_DEBUG, "nl80211: Signal: %d dBm txrate: %d",
1912 sig.current_signal, sig.current_txrate);
1915 res = nl80211_get_link_noise(drv, &sig);
1917 ed.signal_change.current_noise = sig.current_noise;
1918 wpa_printf(MSG_DEBUG, "nl80211: Noise: %d dBm",
1922 wpa_supplicant_event(drv->ctx, EVENT_SIGNAL_CHANGE, &ed);
1926 static void nl80211_new_station_event(struct wpa_driver_nl80211_data *drv,
1930 union wpa_event_data data;
1932 if (tb[NL80211_ATTR_MAC] == NULL)
1934 addr = nla_data(tb[NL80211_ATTR_MAC]);
1935 wpa_printf(MSG_DEBUG, "nl80211: New station " MACSTR, MAC2STR(addr));
1937 if (is_ap_interface(drv->nlmode) && drv->device_ap_sme) {
1940 if (tb[NL80211_ATTR_IE]) {
1941 ies = nla_data(tb[NL80211_ATTR_IE]);
1942 ies_len = nla_len(tb[NL80211_ATTR_IE]);
1944 wpa_hexdump(MSG_DEBUG, "nl80211: Assoc Req IEs", ies, ies_len);
1945 drv_event_assoc(drv->ctx, addr, ies, ies_len, 0);
1949 if (drv->nlmode != NL80211_IFTYPE_ADHOC)
1952 os_memset(&data, 0, sizeof(data));
1953 os_memcpy(data.ibss_rsn_start.peer, addr, ETH_ALEN);
1954 wpa_supplicant_event(drv->ctx, EVENT_IBSS_RSN_START, &data);
1958 static void nl80211_del_station_event(struct wpa_driver_nl80211_data *drv,
1962 union wpa_event_data data;
1964 if (tb[NL80211_ATTR_MAC] == NULL)
1966 addr = nla_data(tb[NL80211_ATTR_MAC]);
1967 wpa_printf(MSG_DEBUG, "nl80211: Delete station " MACSTR,
1970 if (is_ap_interface(drv->nlmode) && drv->device_ap_sme) {
1971 drv_event_disassoc(drv->ctx, addr);
1975 if (drv->nlmode != NL80211_IFTYPE_ADHOC)
1978 os_memset(&data, 0, sizeof(data));
1979 os_memcpy(data.ibss_peer_lost.peer, addr, ETH_ALEN);
1980 wpa_supplicant_event(drv->ctx, EVENT_IBSS_PEER_LOST, &data);
1984 static void nl80211_rekey_offload_event(struct wpa_driver_nl80211_data *drv,
1987 struct nlattr *rekey_info[NUM_NL80211_REKEY_DATA];
1988 static struct nla_policy rekey_policy[NUM_NL80211_REKEY_DATA] = {
1989 [NL80211_REKEY_DATA_KEK] = {
1990 .minlen = NL80211_KEK_LEN,
1991 .maxlen = NL80211_KEK_LEN,
1993 [NL80211_REKEY_DATA_KCK] = {
1994 .minlen = NL80211_KCK_LEN,
1995 .maxlen = NL80211_KCK_LEN,
1997 [NL80211_REKEY_DATA_REPLAY_CTR] = {
1998 .minlen = NL80211_REPLAY_CTR_LEN,
1999 .maxlen = NL80211_REPLAY_CTR_LEN,
2002 union wpa_event_data data;
2004 if (!tb[NL80211_ATTR_MAC])
2006 if (!tb[NL80211_ATTR_REKEY_DATA])
2008 if (nla_parse_nested(rekey_info, MAX_NL80211_REKEY_DATA,
2009 tb[NL80211_ATTR_REKEY_DATA], rekey_policy))
2011 if (!rekey_info[NL80211_REKEY_DATA_REPLAY_CTR])
2014 os_memset(&data, 0, sizeof(data));
2015 data.driver_gtk_rekey.bssid = nla_data(tb[NL80211_ATTR_MAC]);
2016 wpa_printf(MSG_DEBUG, "nl80211: Rekey offload event for BSSID " MACSTR,
2017 MAC2STR(data.driver_gtk_rekey.bssid));
2018 data.driver_gtk_rekey.replay_ctr =
2019 nla_data(rekey_info[NL80211_REKEY_DATA_REPLAY_CTR]);
2020 wpa_hexdump(MSG_DEBUG, "nl80211: Rekey offload - Replay Counter",
2021 data.driver_gtk_rekey.replay_ctr, NL80211_REPLAY_CTR_LEN);
2022 wpa_supplicant_event(drv->ctx, EVENT_DRIVER_GTK_REKEY, &data);
2026 static void nl80211_pmksa_candidate_event(struct wpa_driver_nl80211_data *drv,
2029 struct nlattr *cand[NUM_NL80211_PMKSA_CANDIDATE];
2030 static struct nla_policy cand_policy[NUM_NL80211_PMKSA_CANDIDATE] = {
2031 [NL80211_PMKSA_CANDIDATE_INDEX] = { .type = NLA_U32 },
2032 [NL80211_PMKSA_CANDIDATE_BSSID] = {
2036 [NL80211_PMKSA_CANDIDATE_PREAUTH] = { .type = NLA_FLAG },
2038 union wpa_event_data data;
2040 if (!tb[NL80211_ATTR_PMKSA_CANDIDATE])
2042 if (nla_parse_nested(cand, MAX_NL80211_PMKSA_CANDIDATE,
2043 tb[NL80211_ATTR_PMKSA_CANDIDATE], cand_policy))
2045 if (!cand[NL80211_PMKSA_CANDIDATE_INDEX] ||
2046 !cand[NL80211_PMKSA_CANDIDATE_BSSID])
2049 os_memset(&data, 0, sizeof(data));
2050 os_memcpy(data.pmkid_candidate.bssid,
2051 nla_data(cand[NL80211_PMKSA_CANDIDATE_BSSID]), ETH_ALEN);
2052 data.pmkid_candidate.index =
2053 nla_get_u32(cand[NL80211_PMKSA_CANDIDATE_INDEX]);
2054 data.pmkid_candidate.preauth =
2055 cand[NL80211_PMKSA_CANDIDATE_PREAUTH] != NULL;
2056 wpa_supplicant_event(drv->ctx, EVENT_PMKID_CANDIDATE, &data);
2060 static void nl80211_client_probe_event(struct wpa_driver_nl80211_data *drv,
2063 union wpa_event_data data;
2065 if (!tb[NL80211_ATTR_MAC] || !tb[NL80211_ATTR_ACK])
2068 os_memset(&data, 0, sizeof(data));
2069 os_memcpy(data.client_poll.addr,
2070 nla_data(tb[NL80211_ATTR_MAC]), ETH_ALEN);
2072 wpa_supplicant_event(drv->ctx, EVENT_DRIVER_CLIENT_POLL_OK, &data);
2076 static void nl80211_spurious_frame(struct i802_bss *bss, struct nlattr **tb,
2079 struct wpa_driver_nl80211_data *drv = bss->drv;
2080 union wpa_event_data event;
2082 if (!tb[NL80211_ATTR_MAC])
2085 os_memset(&event, 0, sizeof(event));
2086 event.rx_from_unknown.bssid = bss->addr;
2087 event.rx_from_unknown.addr = nla_data(tb[NL80211_ATTR_MAC]);
2088 event.rx_from_unknown.wds = wds;
2090 wpa_supplicant_event(drv->ctx, EVENT_RX_FROM_UNKNOWN, &event);
2094 static void do_process_drv_event(struct wpa_driver_nl80211_data *drv,
2095 int cmd, struct nlattr **tb)
2097 if (drv->ap_scan_as_station != NL80211_IFTYPE_UNSPECIFIED &&
2098 (cmd == NL80211_CMD_NEW_SCAN_RESULTS ||
2099 cmd == NL80211_CMD_SCAN_ABORTED)) {
2100 wpa_driver_nl80211_set_mode(&drv->first_bss,
2101 drv->ap_scan_as_station);
2102 drv->ap_scan_as_station = NL80211_IFTYPE_UNSPECIFIED;
2106 case NL80211_CMD_TRIGGER_SCAN:
2107 wpa_printf(MSG_DEBUG, "nl80211: Scan trigger");
2109 case NL80211_CMD_START_SCHED_SCAN:
2110 wpa_printf(MSG_DEBUG, "nl80211: Sched scan started");
2112 case NL80211_CMD_SCHED_SCAN_STOPPED:
2113 wpa_printf(MSG_DEBUG, "nl80211: Sched scan stopped");
2114 wpa_supplicant_event(drv->ctx, EVENT_SCHED_SCAN_STOPPED, NULL);
2116 case NL80211_CMD_NEW_SCAN_RESULTS:
2117 wpa_printf(MSG_DEBUG, "nl80211: New scan results available");
2118 drv->scan_complete_events = 1;
2119 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv,
2121 send_scan_event(drv, 0, tb);
2123 case NL80211_CMD_SCHED_SCAN_RESULTS:
2124 wpa_printf(MSG_DEBUG,
2125 "nl80211: New sched scan results available");
2126 send_scan_event(drv, 0, tb);
2128 case NL80211_CMD_SCAN_ABORTED:
2129 wpa_printf(MSG_DEBUG, "nl80211: Scan aborted");
2131 * Need to indicate that scan results are available in order
2132 * not to make wpa_supplicant stop its scanning.
2134 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv,
2136 send_scan_event(drv, 1, tb);
2138 case NL80211_CMD_AUTHENTICATE:
2139 case NL80211_CMD_ASSOCIATE:
2140 case NL80211_CMD_DEAUTHENTICATE:
2141 case NL80211_CMD_DISASSOCIATE:
2142 case NL80211_CMD_FRAME_TX_STATUS:
2143 case NL80211_CMD_UNPROT_DEAUTHENTICATE:
2144 case NL80211_CMD_UNPROT_DISASSOCIATE:
2145 mlme_event(drv, cmd, tb[NL80211_ATTR_FRAME],
2146 tb[NL80211_ATTR_MAC], tb[NL80211_ATTR_TIMED_OUT],
2147 tb[NL80211_ATTR_WIPHY_FREQ], tb[NL80211_ATTR_ACK],
2148 tb[NL80211_ATTR_COOKIE],
2149 tb[NL80211_ATTR_RX_SIGNAL_DBM]);
2151 case NL80211_CMD_CONNECT:
2152 case NL80211_CMD_ROAM:
2153 mlme_event_connect(drv, cmd,
2154 tb[NL80211_ATTR_STATUS_CODE],
2155 tb[NL80211_ATTR_MAC],
2156 tb[NL80211_ATTR_REQ_IE],
2157 tb[NL80211_ATTR_RESP_IE]);
2159 case NL80211_CMD_CH_SWITCH_NOTIFY:
2160 mlme_event_ch_switch(drv, tb[NL80211_ATTR_WIPHY_FREQ],
2161 tb[NL80211_ATTR_WIPHY_CHANNEL_TYPE]);
2163 case NL80211_CMD_DISCONNECT:
2164 mlme_event_disconnect(drv, tb[NL80211_ATTR_REASON_CODE],
2165 tb[NL80211_ATTR_MAC],
2166 tb[NL80211_ATTR_DISCONNECTED_BY_AP]);
2168 case NL80211_CMD_MICHAEL_MIC_FAILURE:
2169 mlme_event_michael_mic_failure(drv, tb);
2171 case NL80211_CMD_JOIN_IBSS:
2172 mlme_event_join_ibss(drv, tb);
2174 case NL80211_CMD_REMAIN_ON_CHANNEL:
2175 mlme_event_remain_on_channel(drv, 0, tb);
2177 case NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL:
2178 mlme_event_remain_on_channel(drv, 1, tb);
2180 case NL80211_CMD_NOTIFY_CQM:
2181 nl80211_cqm_event(drv, tb);
2183 case NL80211_CMD_REG_CHANGE:
2184 wpa_printf(MSG_DEBUG, "nl80211: Regulatory domain change");
2185 wpa_supplicant_event(drv->ctx, EVENT_CHANNEL_LIST_CHANGED,
2188 case NL80211_CMD_REG_BEACON_HINT:
2189 wpa_printf(MSG_DEBUG, "nl80211: Regulatory beacon hint");
2190 wpa_supplicant_event(drv->ctx, EVENT_CHANNEL_LIST_CHANGED,
2193 case NL80211_CMD_NEW_STATION:
2194 nl80211_new_station_event(drv, tb);
2196 case NL80211_CMD_DEL_STATION:
2197 nl80211_del_station_event(drv, tb);
2199 case NL80211_CMD_SET_REKEY_OFFLOAD:
2200 nl80211_rekey_offload_event(drv, tb);
2202 case NL80211_CMD_PMKSA_CANDIDATE:
2203 nl80211_pmksa_candidate_event(drv, tb);
2205 case NL80211_CMD_PROBE_CLIENT:
2206 nl80211_client_probe_event(drv, tb);
2209 wpa_printf(MSG_DEBUG, "nl80211: Ignored unknown event "
2216 static int process_drv_event(struct nl_msg *msg, void *arg)
2218 struct wpa_driver_nl80211_data *drv = arg;
2219 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
2220 struct nlattr *tb[NL80211_ATTR_MAX + 1];
2222 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
2223 genlmsg_attrlen(gnlh, 0), NULL);
2225 if (tb[NL80211_ATTR_IFINDEX]) {
2226 int ifindex = nla_get_u32(tb[NL80211_ATTR_IFINDEX]);
2227 if (ifindex != drv->ifindex && !have_ifidx(drv, ifindex)) {
2228 wpa_printf(MSG_DEBUG, "nl80211: Ignored event (cmd=%d)"
2229 " for foreign interface (ifindex %d)",
2230 gnlh->cmd, ifindex);
2235 do_process_drv_event(drv, gnlh->cmd, tb);
2240 static int process_global_event(struct nl_msg *msg, void *arg)
2242 struct nl80211_global *global = arg;
2243 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
2244 struct nlattr *tb[NL80211_ATTR_MAX + 1];
2245 struct wpa_driver_nl80211_data *drv, *tmp;
2248 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
2249 genlmsg_attrlen(gnlh, 0), NULL);
2251 if (tb[NL80211_ATTR_IFINDEX])
2252 ifidx = nla_get_u32(tb[NL80211_ATTR_IFINDEX]);
2254 dl_list_for_each_safe(drv, tmp, &global->interfaces,
2255 struct wpa_driver_nl80211_data, list) {
2256 if (ifidx == -1 || ifidx == drv->ifindex ||
2257 have_ifidx(drv, ifidx))
2258 do_process_drv_event(drv, gnlh->cmd, tb);
2265 static int process_bss_event(struct nl_msg *msg, void *arg)
2267 struct i802_bss *bss = arg;
2268 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
2269 struct nlattr *tb[NL80211_ATTR_MAX + 1];
2271 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
2272 genlmsg_attrlen(gnlh, 0), NULL);
2274 switch (gnlh->cmd) {
2275 case NL80211_CMD_FRAME:
2276 case NL80211_CMD_FRAME_TX_STATUS:
2277 mlme_event(bss->drv, gnlh->cmd, tb[NL80211_ATTR_FRAME],
2278 tb[NL80211_ATTR_MAC], tb[NL80211_ATTR_TIMED_OUT],
2279 tb[NL80211_ATTR_WIPHY_FREQ], tb[NL80211_ATTR_ACK],
2280 tb[NL80211_ATTR_COOKIE],
2281 tb[NL80211_ATTR_RX_SIGNAL_DBM]);
2283 case NL80211_CMD_UNEXPECTED_FRAME:
2284 nl80211_spurious_frame(bss, tb, 0);
2286 case NL80211_CMD_UNEXPECTED_4ADDR_FRAME:
2287 nl80211_spurious_frame(bss, tb, 1);
2290 wpa_printf(MSG_DEBUG, "nl80211: Ignored unknown event "
2291 "(cmd=%d)", gnlh->cmd);
2299 static void wpa_driver_nl80211_event_receive(int sock, void *eloop_ctx,
2302 struct nl_cb *cb = eloop_ctx;
2304 wpa_printf(MSG_DEBUG, "nl80211: Event message available");
2306 nl_recvmsgs(handle, cb);
2311 * wpa_driver_nl80211_set_country - ask nl80211 to set the regulatory domain
2312 * @priv: driver_nl80211 private data
2313 * @alpha2_arg: country to which to switch to
2314 * Returns: 0 on success, -1 on failure
2316 * This asks nl80211 to set the regulatory domain for given
2317 * country ISO / IEC alpha2.
2319 static int wpa_driver_nl80211_set_country(void *priv, const char *alpha2_arg)
2321 struct i802_bss *bss = priv;
2322 struct wpa_driver_nl80211_data *drv = bss->drv;
2326 msg = nlmsg_alloc();
2330 alpha2[0] = alpha2_arg[0];
2331 alpha2[1] = alpha2_arg[1];
2334 nl80211_cmd(drv, msg, 0, NL80211_CMD_REQ_SET_REG);
2336 NLA_PUT_STRING(msg, NL80211_ATTR_REG_ALPHA2, alpha2);
2337 if (send_and_recv_msgs(drv, msg, NULL, NULL))
2346 struct wiphy_info_data {
2347 struct wpa_driver_capa *capa;
2349 unsigned int error:1;
2350 unsigned int device_ap_sme:1;
2351 unsigned int poll_command_supported:1;
2352 unsigned int data_tx_status:1;
2353 unsigned int monitor_supported:1;
2357 static unsigned int probe_resp_offload_support(int supp_protocols)
2359 unsigned int prot = 0;
2361 if (supp_protocols & NL80211_PROBE_RESP_OFFLOAD_SUPPORT_WPS)
2362 prot |= WPA_DRIVER_PROBE_RESP_OFFLOAD_WPS;
2363 if (supp_protocols & NL80211_PROBE_RESP_OFFLOAD_SUPPORT_WPS2)
2364 prot |= WPA_DRIVER_PROBE_RESP_OFFLOAD_WPS2;
2365 if (supp_protocols & NL80211_PROBE_RESP_OFFLOAD_SUPPORT_P2P)
2366 prot |= WPA_DRIVER_PROBE_RESP_OFFLOAD_P2P;
2367 if (supp_protocols & NL80211_PROBE_RESP_OFFLOAD_SUPPORT_80211U)
2368 prot |= WPA_DRIVER_PROBE_RESP_OFFLOAD_INTERWORKING;
2374 static int wiphy_info_handler(struct nl_msg *msg, void *arg)
2376 struct nlattr *tb[NL80211_ATTR_MAX + 1];
2377 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
2378 struct wiphy_info_data *info = arg;
2379 int p2p_go_supported = 0, p2p_client_supported = 0;
2380 int p2p_concurrent = 0, p2p_multichan_concurrent = 0;
2381 int auth_supported = 0, connect_supported = 0;
2382 struct wpa_driver_capa *capa = info->capa;
2383 static struct nla_policy
2384 iface_combination_policy[NUM_NL80211_IFACE_COMB] = {
2385 [NL80211_IFACE_COMB_LIMITS] = { .type = NLA_NESTED },
2386 [NL80211_IFACE_COMB_MAXNUM] = { .type = NLA_U32 },
2387 [NL80211_IFACE_COMB_STA_AP_BI_MATCH] = { .type = NLA_FLAG },
2388 [NL80211_IFACE_COMB_NUM_CHANNELS] = { .type = NLA_U32 },
2390 iface_limit_policy[NUM_NL80211_IFACE_LIMIT] = {
2391 [NL80211_IFACE_LIMIT_TYPES] = { .type = NLA_NESTED },
2392 [NL80211_IFACE_LIMIT_MAX] = { .type = NLA_U32 },
2395 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
2396 genlmsg_attrlen(gnlh, 0), NULL);
2398 if (tb[NL80211_ATTR_MAX_NUM_SCAN_SSIDS])
2399 capa->max_scan_ssids =
2400 nla_get_u8(tb[NL80211_ATTR_MAX_NUM_SCAN_SSIDS]);
2402 if (tb[NL80211_ATTR_MAX_NUM_SCHED_SCAN_SSIDS])
2403 capa->max_sched_scan_ssids =
2404 nla_get_u8(tb[NL80211_ATTR_MAX_NUM_SCHED_SCAN_SSIDS]);
2406 if (tb[NL80211_ATTR_MAX_MATCH_SETS])
2407 capa->max_match_sets =
2408 nla_get_u8(tb[NL80211_ATTR_MAX_MATCH_SETS]);
2410 if (tb[NL80211_ATTR_SUPPORTED_IFTYPES]) {
2411 struct nlattr *nl_mode;
2413 nla_for_each_nested(nl_mode,
2414 tb[NL80211_ATTR_SUPPORTED_IFTYPES], i) {
2415 switch (nla_type(nl_mode)) {
2416 case NL80211_IFTYPE_AP:
2417 capa->flags |= WPA_DRIVER_FLAGS_AP;
2419 case NL80211_IFTYPE_P2P_GO:
2420 p2p_go_supported = 1;
2422 case NL80211_IFTYPE_P2P_CLIENT:
2423 p2p_client_supported = 1;
2425 case NL80211_IFTYPE_MONITOR:
2426 info->monitor_supported = 1;
2432 if (tb[NL80211_ATTR_INTERFACE_COMBINATIONS]) {
2433 struct nlattr *nl_combi;
2436 nla_for_each_nested(nl_combi,
2437 tb[NL80211_ATTR_INTERFACE_COMBINATIONS],
2439 struct nlattr *tb_comb[NUM_NL80211_IFACE_COMB];
2440 struct nlattr *tb_limit[NUM_NL80211_IFACE_LIMIT];
2441 struct nlattr *nl_limit, *nl_mode;
2442 int err, rem_limit, rem_mode;
2443 int combination_has_p2p = 0, combination_has_mgd = 0;
2445 err = nla_parse_nested(tb_comb, MAX_NL80211_IFACE_COMB,
2447 iface_combination_policy);
2448 if (err || !tb_comb[NL80211_IFACE_COMB_LIMITS] ||
2449 !tb_comb[NL80211_IFACE_COMB_MAXNUM] ||
2450 !tb_comb[NL80211_IFACE_COMB_NUM_CHANNELS])
2451 goto broken_combination;
2453 nla_for_each_nested(nl_limit,
2454 tb_comb[NL80211_IFACE_COMB_LIMITS],
2456 err = nla_parse_nested(tb_limit,
2457 MAX_NL80211_IFACE_LIMIT,
2459 iface_limit_policy);
2461 !tb_limit[NL80211_IFACE_LIMIT_TYPES])
2462 goto broken_combination;
2464 nla_for_each_nested(
2466 tb_limit[NL80211_IFACE_LIMIT_TYPES],
2468 int ift = nla_type(nl_mode);
2469 if (ift == NL80211_IFTYPE_P2P_GO ||
2470 ift == NL80211_IFTYPE_P2P_CLIENT)
2471 combination_has_p2p = 1;
2472 if (ift == NL80211_IFTYPE_STATION)
2473 combination_has_mgd = 1;
2475 if (combination_has_p2p && combination_has_mgd)
2479 if (combination_has_p2p && combination_has_mgd) {
2481 if (nla_get_u32(tb_comb[NL80211_IFACE_COMB_NUM_CHANNELS]) > 1)
2482 p2p_multichan_concurrent = 1;
2491 if (tb[NL80211_ATTR_SUPPORTED_COMMANDS]) {
2492 struct nlattr *nl_cmd;
2495 nla_for_each_nested(nl_cmd,
2496 tb[NL80211_ATTR_SUPPORTED_COMMANDS], i) {
2497 switch (nla_get_u32(nl_cmd)) {
2498 case NL80211_CMD_AUTHENTICATE:
2501 case NL80211_CMD_CONNECT:
2502 connect_supported = 1;
2504 case NL80211_CMD_START_SCHED_SCAN:
2505 capa->sched_scan_supported = 1;
2507 case NL80211_CMD_PROBE_CLIENT:
2508 info->poll_command_supported = 1;
2514 if (tb[NL80211_ATTR_OFFCHANNEL_TX_OK]) {
2515 wpa_printf(MSG_DEBUG, "nl80211: Using driver-based "
2517 capa->flags |= WPA_DRIVER_FLAGS_OFFCHANNEL_TX;
2520 if (tb[NL80211_ATTR_ROAM_SUPPORT]) {
2521 wpa_printf(MSG_DEBUG, "nl80211: Using driver-based roaming");
2522 capa->flags |= WPA_DRIVER_FLAGS_BSS_SELECTION;
2525 /* default to 5000 since early versions of mac80211 don't set it */
2526 capa->max_remain_on_chan = 5000;
2528 if (tb[NL80211_ATTR_SUPPORT_AP_UAPSD])
2529 capa->flags |= WPA_DRIVER_FLAGS_AP_UAPSD;
2531 if (tb[NL80211_ATTR_MAX_REMAIN_ON_CHANNEL_DURATION])
2532 capa->max_remain_on_chan =
2533 nla_get_u32(tb[NL80211_ATTR_MAX_REMAIN_ON_CHANNEL_DURATION]);
2536 capa->flags |= WPA_DRIVER_FLAGS_SME;
2537 else if (!connect_supported) {
2538 wpa_printf(MSG_INFO, "nl80211: Driver does not support "
2539 "authentication/association or connect commands");
2543 if (p2p_go_supported && p2p_client_supported)
2544 capa->flags |= WPA_DRIVER_FLAGS_P2P_CAPABLE;
2545 if (p2p_concurrent) {
2546 wpa_printf(MSG_DEBUG, "nl80211: Use separate P2P group "
2547 "interface (driver advertised support)");
2548 capa->flags |= WPA_DRIVER_FLAGS_P2P_CONCURRENT;
2549 capa->flags |= WPA_DRIVER_FLAGS_P2P_MGMT_AND_NON_P2P;
2551 if (p2p_multichan_concurrent) {
2552 wpa_printf(MSG_DEBUG, "nl80211: Enable multi-channel "
2553 "concurrent (driver advertised support)");
2555 WPA_DRIVER_FLAGS_MULTI_CHANNEL_CONCURRENT;
2559 if (tb[NL80211_ATTR_TDLS_SUPPORT]) {
2560 wpa_printf(MSG_DEBUG, "nl80211: TDLS supported");
2561 capa->flags |= WPA_DRIVER_FLAGS_TDLS_SUPPORT;
2563 if (tb[NL80211_ATTR_TDLS_EXTERNAL_SETUP]) {
2564 wpa_printf(MSG_DEBUG, "nl80211: TDLS external setup");
2566 WPA_DRIVER_FLAGS_TDLS_EXTERNAL_SETUP;
2570 if (tb[NL80211_ATTR_DEVICE_AP_SME])
2571 info->device_ap_sme = 1;
2573 if (tb[NL80211_ATTR_FEATURE_FLAGS]) {
2574 u32 flags = nla_get_u32(tb[NL80211_ATTR_FEATURE_FLAGS]);
2576 if (flags & NL80211_FEATURE_SK_TX_STATUS)
2577 info->data_tx_status = 1;
2579 if (flags & NL80211_FEATURE_INACTIVITY_TIMER)
2580 capa->flags |= WPA_DRIVER_FLAGS_INACTIVITY_TIMER;
2583 if (tb[NL80211_ATTR_PROBE_RESP_OFFLOAD]) {
2585 nla_get_u32(tb[NL80211_ATTR_PROBE_RESP_OFFLOAD]);
2586 wpa_printf(MSG_DEBUG, "nl80211: Supports Probe Response "
2587 "offload in AP mode");
2588 capa->flags |= WPA_DRIVER_FLAGS_PROBE_RESP_OFFLOAD;
2589 capa->probe_resp_offloads =
2590 probe_resp_offload_support(protocols);
2597 static int wpa_driver_nl80211_get_info(struct wpa_driver_nl80211_data *drv,
2598 struct wiphy_info_data *info)
2602 os_memset(info, 0, sizeof(*info));
2603 info->capa = &drv->capa;
2605 msg = nlmsg_alloc();
2609 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_WIPHY);
2611 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->first_bss.ifindex);
2613 if (send_and_recv_msgs(drv, msg, wiphy_info_handler, info) == 0)
2622 static int wpa_driver_nl80211_capa(struct wpa_driver_nl80211_data *drv)
2624 struct wiphy_info_data info;
2625 if (wpa_driver_nl80211_get_info(drv, &info))
2631 drv->has_capability = 1;
2632 /* For now, assume TKIP, CCMP, WPA, WPA2 are supported */
2633 drv->capa.key_mgmt = WPA_DRIVER_CAPA_KEY_MGMT_WPA |
2634 WPA_DRIVER_CAPA_KEY_MGMT_WPA_PSK |
2635 WPA_DRIVER_CAPA_KEY_MGMT_WPA2 |
2636 WPA_DRIVER_CAPA_KEY_MGMT_WPA2_PSK;
2637 drv->capa.enc = WPA_DRIVER_CAPA_ENC_WEP40 |
2638 WPA_DRIVER_CAPA_ENC_WEP104 |
2639 WPA_DRIVER_CAPA_ENC_TKIP |
2640 WPA_DRIVER_CAPA_ENC_CCMP;
2641 drv->capa.auth = WPA_DRIVER_AUTH_OPEN |
2642 WPA_DRIVER_AUTH_SHARED |
2643 WPA_DRIVER_AUTH_LEAP;
2645 drv->capa.flags |= WPA_DRIVER_FLAGS_SANE_ERROR_CODES;
2646 drv->capa.flags |= WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC_DONE;
2647 drv->capa.flags |= WPA_DRIVER_FLAGS_EAPOL_TX_STATUS;
2649 if (!info.device_ap_sme) {
2650 drv->capa.flags |= WPA_DRIVER_FLAGS_DEAUTH_TX_STATUS;
2653 * No AP SME is currently assumed to also indicate no AP MLME
2654 * in the driver/firmware.
2656 drv->capa.flags |= WPA_DRIVER_FLAGS_AP_MLME;
2659 drv->device_ap_sme = info.device_ap_sme;
2660 drv->poll_command_supported = info.poll_command_supported;
2661 drv->data_tx_status = info.data_tx_status;
2664 * If poll command is supported mac80211 is new enough to
2665 * have everything we need to not need monitor interfaces.
2667 drv->use_monitor = !info.poll_command_supported;
2669 if (drv->device_ap_sme && drv->use_monitor) {
2671 * Non-mac80211 drivers may not support monitor interface.
2672 * Make sure we do not get stuck with incorrect capability here
2673 * by explicitly testing this.
2675 if (!info.monitor_supported) {
2676 wpa_printf(MSG_DEBUG, "nl80211: Disable use_monitor "
2677 "with device_ap_sme since no monitor mode "
2678 "support detected");
2679 drv->use_monitor = 0;
2684 * If we aren't going to use monitor interfaces, but the
2685 * driver doesn't support data TX status, we won't get TX
2686 * status for EAPOL frames.
2688 if (!drv->use_monitor && !info.data_tx_status)
2689 drv->capa.flags &= ~WPA_DRIVER_FLAGS_EAPOL_TX_STATUS;
2696 static int android_genl_ctrl_resolve(struct nl_handle *handle,
2700 * Android ICS has very minimal genl_ctrl_resolve() implementation, so
2701 * need to work around that.
2703 struct nl_cache *cache = NULL;
2704 struct genl_family *nl80211 = NULL;
2707 if (genl_ctrl_alloc_cache(handle, &cache) < 0) {
2708 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate generic "
2713 nl80211 = genl_ctrl_search_by_name(cache, name);
2714 if (nl80211 == NULL)
2717 id = genl_family_get_id(nl80211);
2721 genl_family_put(nl80211);
2723 nl_cache_free(cache);
2727 #define genl_ctrl_resolve android_genl_ctrl_resolve
2728 #endif /* ANDROID */
2731 static int wpa_driver_nl80211_init_nl_global(struct nl80211_global *global)
2735 global->nl_cb = nl_cb_alloc(NL_CB_DEFAULT);
2736 if (global->nl_cb == NULL) {
2737 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate netlink "
2742 global->nl = nl_create_handle(global->nl_cb, "nl");
2743 if (global->nl == NULL)
2746 global->nl80211_id = genl_ctrl_resolve(global->nl, "nl80211");
2747 if (global->nl80211_id < 0) {
2748 wpa_printf(MSG_ERROR, "nl80211: 'nl80211' generic netlink not "
2753 global->nl_event = nl_create_handle(global->nl_cb, "event");
2754 if (global->nl_event == NULL)
2757 ret = nl_get_multicast_id(global, "nl80211", "scan");
2759 ret = nl_socket_add_membership(global->nl_event, ret);
2761 wpa_printf(MSG_ERROR, "nl80211: Could not add multicast "
2762 "membership for scan events: %d (%s)",
2763 ret, strerror(-ret));
2767 ret = nl_get_multicast_id(global, "nl80211", "mlme");
2769 ret = nl_socket_add_membership(global->nl_event, ret);
2771 wpa_printf(MSG_ERROR, "nl80211: Could not add multicast "
2772 "membership for mlme events: %d (%s)",
2773 ret, strerror(-ret));
2777 ret = nl_get_multicast_id(global, "nl80211", "regulatory");
2779 ret = nl_socket_add_membership(global->nl_event, ret);
2781 wpa_printf(MSG_DEBUG, "nl80211: Could not add multicast "
2782 "membership for regulatory events: %d (%s)",
2783 ret, strerror(-ret));
2784 /* Continue without regulatory events */
2787 nl_cb_set(global->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM,
2788 no_seq_check, NULL);
2789 nl_cb_set(global->nl_cb, NL_CB_VALID, NL_CB_CUSTOM,
2790 process_global_event, global);
2792 eloop_register_read_sock(nl_socket_get_fd(global->nl_event),
2793 wpa_driver_nl80211_event_receive,
2794 global->nl_cb, global->nl_event);
2799 nl_destroy_handles(&global->nl_event);
2800 nl_destroy_handles(&global->nl);
2801 nl_cb_put(global->nl_cb);
2802 global->nl_cb = NULL;
2807 static int wpa_driver_nl80211_init_nl(struct wpa_driver_nl80211_data *drv)
2809 drv->nl_cb = nl_cb_alloc(NL_CB_DEFAULT);
2811 wpa_printf(MSG_ERROR, "nl80211: Failed to alloc cb struct");
2815 nl_cb_set(drv->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM,
2816 no_seq_check, NULL);
2817 nl_cb_set(drv->nl_cb, NL_CB_VALID, NL_CB_CUSTOM,
2818 process_drv_event, drv);
2824 static void wpa_driver_nl80211_rfkill_blocked(void *ctx)
2826 wpa_printf(MSG_DEBUG, "nl80211: RFKILL blocked");
2828 * This may be for any interface; use ifdown event to disable
2834 static void wpa_driver_nl80211_rfkill_unblocked(void *ctx)
2836 struct wpa_driver_nl80211_data *drv = ctx;
2837 wpa_printf(MSG_DEBUG, "nl80211: RFKILL unblocked");
2838 if (linux_set_iface_flags(drv->global->ioctl_sock,
2839 drv->first_bss.ifname, 1)) {
2840 wpa_printf(MSG_DEBUG, "nl80211: Could not set interface UP "
2841 "after rfkill unblock");
2844 /* rtnetlink ifup handler will report interface as enabled */
2848 static void nl80211_get_phy_name(struct wpa_driver_nl80211_data *drv)
2850 /* Find phy (radio) to which this interface belongs */
2854 drv->phyname[0] = '\0';
2855 snprintf(buf, sizeof(buf) - 1, "/sys/class/net/%s/phy80211/name",
2856 drv->first_bss.ifname);
2857 f = open(buf, O_RDONLY);
2859 wpa_printf(MSG_DEBUG, "Could not open file %s: %s",
2860 buf, strerror(errno));
2864 rv = read(f, drv->phyname, sizeof(drv->phyname) - 1);
2867 wpa_printf(MSG_DEBUG, "Could not read file %s: %s",
2868 buf, strerror(errno));
2872 drv->phyname[rv] = '\0';
2873 pos = os_strchr(drv->phyname, '\n');
2876 wpa_printf(MSG_DEBUG, "nl80211: interface %s in phy %s",
2877 drv->first_bss.ifname, drv->phyname);
2881 static void wpa_driver_nl80211_handle_eapol_tx_status(int sock,
2885 struct wpa_driver_nl80211_data *drv = eloop_ctx;
2890 struct cmsghdr *cmsg;
2891 int res, found_ee = 0, found_wifi = 0, acked = 0;
2892 union wpa_event_data event;
2894 memset(&msg, 0, sizeof(msg));
2895 msg.msg_iov = &entry;
2897 entry.iov_base = data;
2898 entry.iov_len = sizeof(data);
2899 msg.msg_control = &control;
2900 msg.msg_controllen = sizeof(control);
2902 res = recvmsg(sock, &msg, MSG_ERRQUEUE);
2903 /* if error or not fitting 802.3 header, return */
2907 for (cmsg = CMSG_FIRSTHDR(&msg); cmsg; cmsg = CMSG_NXTHDR(&msg, cmsg))
2909 if (cmsg->cmsg_level == SOL_SOCKET &&
2910 cmsg->cmsg_type == SCM_WIFI_STATUS) {
2914 ack = (void *)CMSG_DATA(cmsg);
2918 if (cmsg->cmsg_level == SOL_PACKET &&
2919 cmsg->cmsg_type == PACKET_TX_TIMESTAMP) {
2920 struct sock_extended_err *err =
2921 (struct sock_extended_err *)CMSG_DATA(cmsg);
2923 if (err->ee_origin == SO_EE_ORIGIN_TXSTATUS)
2928 if (!found_ee || !found_wifi)
2931 memset(&event, 0, sizeof(event));
2932 event.eapol_tx_status.dst = data;
2933 event.eapol_tx_status.data = data + 14;
2934 event.eapol_tx_status.data_len = res - 14;
2935 event.eapol_tx_status.ack = acked;
2936 wpa_supplicant_event(drv->ctx, EVENT_EAPOL_TX_STATUS, &event);
2940 static int nl80211_init_bss(struct i802_bss *bss)
2942 bss->nl_cb = nl_cb_alloc(NL_CB_DEFAULT);
2946 nl_cb_set(bss->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM,
2947 no_seq_check, NULL);
2948 nl_cb_set(bss->nl_cb, NL_CB_VALID, NL_CB_CUSTOM,
2949 process_bss_event, bss);
2955 static void nl80211_destroy_bss(struct i802_bss *bss)
2957 nl_cb_put(bss->nl_cb);
2963 * wpa_driver_nl80211_init - Initialize nl80211 driver interface
2964 * @ctx: context to be used when calling wpa_supplicant functions,
2965 * e.g., wpa_supplicant_event()
2966 * @ifname: interface name, e.g., wlan0
2967 * @global_priv: private driver global data from global_init()
2968 * Returns: Pointer to private data, %NULL on failure
2970 static void * wpa_driver_nl80211_init(void *ctx, const char *ifname,
2973 struct wpa_driver_nl80211_data *drv;
2974 struct rfkill_config *rcfg;
2975 struct i802_bss *bss;
2977 if (global_priv == NULL)
2979 drv = os_zalloc(sizeof(*drv));
2982 drv->global = global_priv;
2984 bss = &drv->first_bss;
2986 os_strlcpy(bss->ifname, ifname, sizeof(bss->ifname));
2987 drv->monitor_ifidx = -1;
2988 drv->monitor_sock = -1;
2989 drv->eapol_tx_sock = -1;
2990 drv->ap_scan_as_station = NL80211_IFTYPE_UNSPECIFIED;
2992 if (wpa_driver_nl80211_init_nl(drv)) {
2997 if (nl80211_init_bss(bss))
3000 nl80211_get_phy_name(drv);
3002 rcfg = os_zalloc(sizeof(*rcfg));
3006 os_strlcpy(rcfg->ifname, ifname, sizeof(rcfg->ifname));
3007 rcfg->blocked_cb = wpa_driver_nl80211_rfkill_blocked;
3008 rcfg->unblocked_cb = wpa_driver_nl80211_rfkill_unblocked;
3009 drv->rfkill = rfkill_init(rcfg);
3010 if (drv->rfkill == NULL) {
3011 wpa_printf(MSG_DEBUG, "nl80211: RFKILL status not available");
3015 if (wpa_driver_nl80211_finish_drv_init(drv))
3018 drv->eapol_tx_sock = socket(PF_PACKET, SOCK_DGRAM, 0);
3019 if (drv->eapol_tx_sock < 0)
3022 if (drv->data_tx_status) {
3025 if (setsockopt(drv->eapol_tx_sock, SOL_SOCKET, SO_WIFI_STATUS,
3026 &enabled, sizeof(enabled)) < 0) {
3027 wpa_printf(MSG_DEBUG,
3028 "nl80211: wifi status sockopt failed\n");
3029 drv->data_tx_status = 0;
3030 if (!drv->use_monitor)
3032 ~WPA_DRIVER_FLAGS_EAPOL_TX_STATUS;
3034 eloop_register_read_sock(drv->eapol_tx_sock,
3035 wpa_driver_nl80211_handle_eapol_tx_status,
3041 dl_list_add(&drv->global->interfaces, &drv->list);
3042 drv->in_interface_list = 1;
3048 wpa_driver_nl80211_deinit(bss);
3053 static int nl80211_register_frame(struct i802_bss *bss,
3054 struct nl_handle *nl_handle,
3055 u16 type, const u8 *match, size_t match_len)
3057 struct wpa_driver_nl80211_data *drv = bss->drv;
3061 msg = nlmsg_alloc();
3065 wpa_printf(MSG_DEBUG, "nl80211: Register frame type=0x%x nl_handle=%p",
3067 wpa_hexdump(MSG_DEBUG, "nl80211: Register frame match",
3070 nl80211_cmd(drv, msg, 0, NL80211_CMD_REGISTER_ACTION);
3072 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, bss->ifindex);
3073 NLA_PUT_U16(msg, NL80211_ATTR_FRAME_TYPE, type);
3074 NLA_PUT(msg, NL80211_ATTR_FRAME_MATCH, match_len, match);
3076 ret = send_and_recv(drv->global, nl_handle, msg, NULL, NULL);
3079 wpa_printf(MSG_DEBUG, "nl80211: Register frame command "
3080 "failed (type=%u): ret=%d (%s)",
3081 type, ret, strerror(-ret));
3082 wpa_hexdump(MSG_DEBUG, "nl80211: Register frame match",
3084 goto nla_put_failure;
3093 static int nl80211_alloc_mgmt_handle(struct i802_bss *bss)
3095 struct wpa_driver_nl80211_data *drv = bss->drv;
3098 wpa_printf(MSG_DEBUG, "nl80211: Mgmt reporting "
3099 "already on! (nl_mgmt=%p)", bss->nl_mgmt);
3103 bss->nl_mgmt = nl_create_handle(drv->nl_cb, "mgmt");
3104 if (bss->nl_mgmt == NULL)
3107 eloop_register_read_sock(nl_socket_get_fd(bss->nl_mgmt),
3108 wpa_driver_nl80211_event_receive, bss->nl_cb,
3115 static int nl80211_register_action_frame(struct i802_bss *bss,
3116 const u8 *match, size_t match_len)
3118 u16 type = (WLAN_FC_TYPE_MGMT << 2) | (WLAN_FC_STYPE_ACTION << 4);
3119 return nl80211_register_frame(bss, bss->nl_mgmt,
3120 type, match, match_len);
3124 static int nl80211_mgmt_subscribe_non_ap(struct i802_bss *bss)
3126 struct wpa_driver_nl80211_data *drv = bss->drv;
3128 if (nl80211_alloc_mgmt_handle(bss))
3130 wpa_printf(MSG_DEBUG, "nl80211: Subscribe to mgmt frames with non-AP "
3131 "handle %p", bss->nl_mgmt);
3133 #if defined(CONFIG_P2P) || defined(CONFIG_INTERWORKING)
3134 /* GAS Initial Request */
3135 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0a", 2) < 0)
3137 /* GAS Initial Response */
3138 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0b", 2) < 0)
3140 /* GAS Comeback Request */
3141 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0c", 2) < 0)
3143 /* GAS Comeback Response */
3144 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0d", 2) < 0)
3146 #endif /* CONFIG_P2P || CONFIG_INTERWORKING */
3148 /* P2P Public Action */
3149 if (nl80211_register_action_frame(bss,
3150 (u8 *) "\x04\x09\x50\x6f\x9a\x09",
3154 if (nl80211_register_action_frame(bss,
3155 (u8 *) "\x7f\x50\x6f\x9a\x09",
3158 #endif /* CONFIG_P2P */
3159 #ifdef CONFIG_IEEE80211W
3160 /* SA Query Response */
3161 if (nl80211_register_action_frame(bss, (u8 *) "\x08\x01", 2) < 0)
3163 #endif /* CONFIG_IEEE80211W */
3165 if ((drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT)) {
3166 /* TDLS Discovery Response */
3167 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0e", 2) <
3171 #endif /* CONFIG_TDLS */
3173 /* FT Action frames */
3174 if (nl80211_register_action_frame(bss, (u8 *) "\x06", 1) < 0)
3177 drv->capa.key_mgmt |= WPA_DRIVER_CAPA_KEY_MGMT_FT |
3178 WPA_DRIVER_CAPA_KEY_MGMT_FT_PSK;
3180 /* WNM - BSS Transition Management Request */
3181 if (nl80211_register_action_frame(bss, (u8 *) "\x0a\x07", 2) < 0)
3188 static int nl80211_register_spurious_class3(struct i802_bss *bss)
3190 struct wpa_driver_nl80211_data *drv = bss->drv;
3194 msg = nlmsg_alloc();
3198 nl80211_cmd(drv, msg, 0, NL80211_CMD_UNEXPECTED_FRAME);
3200 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, bss->ifindex);
3202 ret = send_and_recv(drv->global, bss->nl_mgmt, msg, NULL, NULL);
3205 wpa_printf(MSG_DEBUG, "nl80211: Register spurious class3 "
3206 "failed: ret=%d (%s)",
3207 ret, strerror(-ret));
3208 goto nla_put_failure;
3217 static int nl80211_mgmt_subscribe_ap(struct i802_bss *bss)
3219 static const int stypes[] = {
3221 WLAN_FC_STYPE_ASSOC_REQ,
3222 WLAN_FC_STYPE_REASSOC_REQ,
3223 WLAN_FC_STYPE_DISASSOC,
3224 WLAN_FC_STYPE_DEAUTH,
3225 WLAN_FC_STYPE_ACTION,
3226 WLAN_FC_STYPE_PROBE_REQ,
3227 /* Beacon doesn't work as mac80211 doesn't currently allow
3228 * it, but it wouldn't really be the right thing anyway as
3229 * it isn't per interface ... maybe just dump the scan
3230 * results periodically for OLBC?
3232 // WLAN_FC_STYPE_BEACON,
3236 if (nl80211_alloc_mgmt_handle(bss))
3238 wpa_printf(MSG_DEBUG, "nl80211: Subscribe to mgmt frames with AP "
3239 "handle %p", bss->nl_mgmt);
3241 for (i = 0; i < sizeof(stypes) / sizeof(stypes[0]); i++) {
3242 if (nl80211_register_frame(bss, bss->nl_mgmt,
3243 (WLAN_FC_TYPE_MGMT << 2) |
3250 if (nl80211_register_spurious_class3(bss))
3253 if (nl80211_get_wiphy_data_ap(bss) == NULL)
3259 eloop_unregister_read_sock(nl_socket_get_fd(bss->nl_mgmt));
3260 nl_destroy_handles(&bss->nl_mgmt);
3265 static int nl80211_mgmt_subscribe_ap_dev_sme(struct i802_bss *bss)
3267 if (nl80211_alloc_mgmt_handle(bss))
3269 wpa_printf(MSG_DEBUG, "nl80211: Subscribe to mgmt frames with AP "
3270 "handle %p (device SME)", bss->nl_mgmt);
3272 if (nl80211_register_frame(bss, bss->nl_mgmt,
3273 (WLAN_FC_TYPE_MGMT << 2) |
3274 (WLAN_FC_STYPE_ACTION << 4),
3281 eloop_unregister_read_sock(nl_socket_get_fd(bss->nl_mgmt));
3282 nl_destroy_handles(&bss->nl_mgmt);
3287 static void nl80211_mgmt_unsubscribe(struct i802_bss *bss, const char *reason)
3289 if (bss->nl_mgmt == NULL)
3291 wpa_printf(MSG_DEBUG, "nl80211: Unsubscribe mgmt frames handle %p "
3292 "(%s)", bss->nl_mgmt, reason);
3293 eloop_unregister_read_sock(nl_socket_get_fd(bss->nl_mgmt));
3294 nl_destroy_handles(&bss->nl_mgmt);
3296 nl80211_put_wiphy_data_ap(bss);
3300 static void wpa_driver_nl80211_send_rfkill(void *eloop_ctx, void *timeout_ctx)
3302 wpa_supplicant_event(timeout_ctx, EVENT_INTERFACE_DISABLED, NULL);
3307 wpa_driver_nl80211_finish_drv_init(struct wpa_driver_nl80211_data *drv)
3309 struct i802_bss *bss = &drv->first_bss;
3310 int send_rfkill_event = 0;
3312 drv->ifindex = if_nametoindex(bss->ifname);
3313 drv->first_bss.ifindex = drv->ifindex;
3317 * Make sure the interface starts up in station mode unless this is a
3318 * dynamically added interface (e.g., P2P) that was already configured
3319 * with proper iftype.
3321 if (drv->ifindex != drv->global->if_add_ifindex &&
3322 wpa_driver_nl80211_set_mode(bss, NL80211_IFTYPE_STATION) < 0) {
3323 wpa_printf(MSG_ERROR, "nl80211: Could not configure driver to "
3324 "use managed mode");
3328 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 1)) {
3329 if (rfkill_is_blocked(drv->rfkill)) {
3330 wpa_printf(MSG_DEBUG, "nl80211: Could not yet enable "
3331 "interface '%s' due to rfkill",
3333 drv->if_disabled = 1;
3334 send_rfkill_event = 1;
3336 wpa_printf(MSG_ERROR, "nl80211: Could not set "
3337 "interface '%s' UP", bss->ifname);
3342 netlink_send_oper_ifla(drv->global->netlink, drv->ifindex,
3343 1, IF_OPER_DORMANT);
3344 #endif /* HOSTAPD */
3346 if (wpa_driver_nl80211_capa(drv))
3349 if (linux_get_ifhwaddr(drv->global->ioctl_sock, bss->ifname,
3353 if (send_rfkill_event) {
3354 eloop_register_timeout(0, 0, wpa_driver_nl80211_send_rfkill,
3362 static int wpa_driver_nl80211_del_beacon(struct wpa_driver_nl80211_data *drv)
3366 msg = nlmsg_alloc();
3370 nl80211_cmd(drv, msg, 0, NL80211_CMD_DEL_BEACON);
3371 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
3373 return send_and_recv_msgs(drv, msg, NULL, NULL);
3381 * wpa_driver_nl80211_deinit - Deinitialize nl80211 driver interface
3382 * @priv: Pointer to private nl80211 data from wpa_driver_nl80211_init()
3384 * Shut down driver interface and processing of driver events. Free
3385 * private data buffer if one was allocated in wpa_driver_nl80211_init().
3387 static void wpa_driver_nl80211_deinit(void *priv)
3389 struct i802_bss *bss = priv;
3390 struct wpa_driver_nl80211_data *drv = bss->drv;
3393 if (drv->data_tx_status)
3394 eloop_unregister_read_sock(drv->eapol_tx_sock);
3395 if (drv->eapol_tx_sock >= 0)
3396 close(drv->eapol_tx_sock);
3399 wpa_driver_nl80211_probe_req_report(bss, 0);
3400 if (bss->added_if_into_bridge) {
3401 if (linux_br_del_if(drv->global->ioctl_sock, bss->brname,
3403 wpa_printf(MSG_INFO, "nl80211: Failed to remove "
3404 "interface %s from bridge %s: %s",
3405 bss->ifname, bss->brname, strerror(errno));
3407 if (bss->added_bridge) {
3408 if (linux_br_del(drv->global->ioctl_sock, bss->brname) < 0)
3409 wpa_printf(MSG_INFO, "nl80211: Failed to remove "
3411 bss->brname, strerror(errno));
3414 nl80211_remove_monitor_interface(drv);
3416 if (is_ap_interface(drv->nlmode))
3417 wpa_driver_nl80211_del_beacon(drv);
3420 if (drv->last_freq_ht) {
3421 /* Clear HT flags from the driver */
3422 struct hostapd_freq_params freq;
3423 os_memset(&freq, 0, sizeof(freq));
3424 freq.freq = drv->last_freq;
3425 i802_set_freq(priv, &freq);
3428 if (drv->eapol_sock >= 0) {
3429 eloop_unregister_read_sock(drv->eapol_sock);
3430 close(drv->eapol_sock);
3433 if (drv->if_indices != drv->default_if_indices)
3434 os_free(drv->if_indices);
3435 #endif /* HOSTAPD */
3437 if (drv->disabled_11b_rates)
3438 nl80211_disable_11b_rates(drv, drv->ifindex, 0);
3440 netlink_send_oper_ifla(drv->global->netlink, drv->ifindex, 0,
3442 rfkill_deinit(drv->rfkill);
3444 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv, drv->ctx);
3446 (void) linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 0);
3447 wpa_driver_nl80211_set_mode(bss, NL80211_IFTYPE_STATION);
3448 nl80211_mgmt_unsubscribe(bss, "deinit");
3450 nl_cb_put(drv->nl_cb);
3452 nl80211_destroy_bss(&drv->first_bss);
3454 os_free(drv->filter_ssids);
3456 os_free(drv->auth_ie);
3458 if (drv->in_interface_list)
3459 dl_list_del(&drv->list);
3466 * wpa_driver_nl80211_scan_timeout - Scan timeout to report scan completion
3467 * @eloop_ctx: Driver private data
3468 * @timeout_ctx: ctx argument given to wpa_driver_nl80211_init()
3470 * This function can be used as registered timeout when starting a scan to
3471 * generate a scan completed event if the driver does not report this.
3473 static void wpa_driver_nl80211_scan_timeout(void *eloop_ctx, void *timeout_ctx)
3475 struct wpa_driver_nl80211_data *drv = eloop_ctx;
3476 if (drv->ap_scan_as_station != NL80211_IFTYPE_UNSPECIFIED) {
3477 wpa_driver_nl80211_set_mode(&drv->first_bss,
3478 drv->ap_scan_as_station);
3479 drv->ap_scan_as_station = NL80211_IFTYPE_UNSPECIFIED;
3481 wpa_printf(MSG_DEBUG, "Scan timeout - try to get results");
3482 wpa_supplicant_event(timeout_ctx, EVENT_SCAN_RESULTS, NULL);
3486 static struct nl_msg *
3487 nl80211_scan_common(struct wpa_driver_nl80211_data *drv, u8 cmd,
3488 struct wpa_driver_scan_params *params)
3494 msg = nlmsg_alloc();
3498 nl80211_cmd(drv, msg, 0, cmd);
3500 if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, drv->ifindex) < 0)
3503 if (params->num_ssids) {
3504 struct nl_msg *ssids = nlmsg_alloc();
3507 for (i = 0; i < params->num_ssids; i++) {
3508 wpa_hexdump_ascii(MSG_MSGDUMP, "nl80211: Scan SSID",
3509 params->ssids[i].ssid,
3510 params->ssids[i].ssid_len);
3511 if (nla_put(ssids, i + 1, params->ssids[i].ssid_len,
3512 params->ssids[i].ssid) < 0) {
3517 err = nla_put_nested(msg, NL80211_ATTR_SCAN_SSIDS, ssids);
3523 if (params->extra_ies) {
3524 wpa_hexdump(MSG_MSGDUMP, "nl80211: Scan extra IEs",
3525 params->extra_ies, params->extra_ies_len);
3526 if (nla_put(msg, NL80211_ATTR_IE, params->extra_ies_len,
3527 params->extra_ies) < 0)
3531 if (params->freqs) {
3532 struct nl_msg *freqs = nlmsg_alloc();
3535 for (i = 0; params->freqs[i]; i++) {
3536 wpa_printf(MSG_MSGDUMP, "nl80211: Scan frequency %u "
3537 "MHz", params->freqs[i]);
3538 if (nla_put_u32(freqs, i + 1, params->freqs[i]) < 0) {
3543 err = nla_put_nested(msg, NL80211_ATTR_SCAN_FREQUENCIES,
3550 os_free(drv->filter_ssids);
3551 drv->filter_ssids = params->filter_ssids;
3552 params->filter_ssids = NULL;
3553 drv->num_filter_ssids = params->num_filter_ssids;
3564 * wpa_driver_nl80211_scan - Request the driver to initiate scan
3565 * @priv: Pointer to private driver data from wpa_driver_nl80211_init()
3566 * @params: Scan parameters
3567 * Returns: 0 on success, -1 on failure
3569 static int wpa_driver_nl80211_scan(void *priv,
3570 struct wpa_driver_scan_params *params)
3572 struct i802_bss *bss = priv;
3573 struct wpa_driver_nl80211_data *drv = bss->drv;
3574 int ret = -1, timeout;
3575 struct nl_msg *msg, *rates = NULL;
3577 drv->scan_for_auth = 0;
3579 msg = nl80211_scan_common(drv, NL80211_CMD_TRIGGER_SCAN, params);
3583 if (params->p2p_probe) {
3584 wpa_printf(MSG_DEBUG, "nl80211: P2P probe - mask SuppRates");
3586 rates = nlmsg_alloc();
3588 goto nla_put_failure;
3591 * Remove 2.4 GHz rates 1, 2, 5.5, 11 Mbps from supported rates
3592 * by masking out everything else apart from the OFDM rates 6,
3593 * 9, 12, 18, 24, 36, 48, 54 Mbps from non-MCS rates. All 5 GHz
3594 * rates are left enabled.
3596 NLA_PUT(rates, NL80211_BAND_2GHZ, 8,
3597 "\x0c\x12\x18\x24\x30\x48\x60\x6c");
3598 if (nla_put_nested(msg, NL80211_ATTR_SCAN_SUPP_RATES, rates) <
3600 goto nla_put_failure;
3602 NLA_PUT_FLAG(msg, NL80211_ATTR_TX_NO_CCK_RATE);
3605 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
3608 wpa_printf(MSG_DEBUG, "nl80211: Scan trigger failed: ret=%d "
3609 "(%s)", ret, strerror(-ret));
3611 if (is_ap_interface(drv->nlmode)) {
3613 * mac80211 does not allow scan requests in AP mode, so
3614 * try to do this in station mode.
3616 if (wpa_driver_nl80211_set_mode(
3617 bss, NL80211_IFTYPE_STATION))
3618 goto nla_put_failure;
3620 if (wpa_driver_nl80211_scan(drv, params)) {
3621 wpa_driver_nl80211_set_mode(bss, drv->nlmode);
3622 goto nla_put_failure;
3625 /* Restore AP mode when processing scan results */
3626 drv->ap_scan_as_station = drv->nlmode;
3629 goto nla_put_failure;
3631 goto nla_put_failure;
3632 #endif /* HOSTAPD */
3635 /* Not all drivers generate "scan completed" wireless event, so try to
3636 * read results after a timeout. */
3638 if (drv->scan_complete_events) {
3640 * The driver seems to deliver events to notify when scan is
3641 * complete, so use longer timeout to avoid race conditions
3642 * with scanning and following association request.
3646 wpa_printf(MSG_DEBUG, "Scan requested (ret=%d) - scan timeout %d "
3647 "seconds", ret, timeout);
3648 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv, drv->ctx);
3649 eloop_register_timeout(timeout, 0, wpa_driver_nl80211_scan_timeout,
3660 * wpa_driver_nl80211_sched_scan - Initiate a scheduled scan
3661 * @priv: Pointer to private driver data from wpa_driver_nl80211_init()
3662 * @params: Scan parameters
3663 * @interval: Interval between scan cycles in milliseconds
3664 * Returns: 0 on success, -1 on failure or if not supported
3666 static int wpa_driver_nl80211_sched_scan(void *priv,
3667 struct wpa_driver_scan_params *params,
3670 struct i802_bss *bss = priv;
3671 struct wpa_driver_nl80211_data *drv = bss->drv;
3674 struct nl_msg *match_set_ssid = NULL, *match_sets = NULL;
3675 struct nl_msg *match_set_rssi = NULL;
3679 if (!drv->capa.sched_scan_supported)
3680 return android_pno_start(bss, params);
3681 #endif /* ANDROID */
3683 msg = nl80211_scan_common(drv, NL80211_CMD_START_SCHED_SCAN, params);
3685 goto nla_put_failure;
3687 NLA_PUT_U32(msg, NL80211_ATTR_SCHED_SCAN_INTERVAL, interval);
3689 if ((drv->num_filter_ssids &&
3690 (int) drv->num_filter_ssids <= drv->capa.max_match_sets) ||
3691 params->filter_rssi) {
3692 match_sets = nlmsg_alloc();
3693 if (match_sets == NULL)
3694 goto nla_put_failure;
3696 for (i = 0; i < drv->num_filter_ssids; i++) {
3697 wpa_hexdump_ascii(MSG_MSGDUMP,
3698 "nl80211: Sched scan filter SSID",
3699 drv->filter_ssids[i].ssid,
3700 drv->filter_ssids[i].ssid_len);
3702 match_set_ssid = nlmsg_alloc();
3703 if (match_set_ssid == NULL)
3704 goto nla_put_failure;
3705 NLA_PUT(match_set_ssid,
3706 NL80211_ATTR_SCHED_SCAN_MATCH_SSID,
3707 drv->filter_ssids[i].ssid_len,
3708 drv->filter_ssids[i].ssid);
3710 if (nla_put_nested(match_sets, i + 1, match_set_ssid) <
3712 goto nla_put_failure;
3715 if (params->filter_rssi) {
3716 match_set_rssi = nlmsg_alloc();
3717 if (match_set_rssi == NULL)
3718 goto nla_put_failure;
3719 NLA_PUT_U32(match_set_rssi,
3720 NL80211_SCHED_SCAN_MATCH_ATTR_RSSI,
3721 params->filter_rssi);
3722 wpa_printf(MSG_MSGDUMP,
3723 "nl80211: Sched scan RSSI filter %d dBm",
3724 params->filter_rssi);
3725 if (nla_put_nested(match_sets, 0, match_set_rssi) < 0)
3726 goto nla_put_failure;
3729 if (nla_put_nested(msg, NL80211_ATTR_SCHED_SCAN_MATCH,
3731 goto nla_put_failure;
3734 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
3736 /* TODO: if we get an error here, we should fall back to normal scan */
3740 wpa_printf(MSG_DEBUG, "nl80211: Sched scan start failed: "
3741 "ret=%d (%s)", ret, strerror(-ret));
3742 goto nla_put_failure;
3745 wpa_printf(MSG_DEBUG, "nl80211: Sched scan requested (ret=%d) - "
3746 "scan interval %d msec", ret, interval);
3749 nlmsg_free(match_set_ssid);
3750 nlmsg_free(match_sets);
3751 nlmsg_free(match_set_rssi);
3758 * wpa_driver_nl80211_stop_sched_scan - Stop a scheduled scan
3759 * @priv: Pointer to private driver data from wpa_driver_nl80211_init()
3760 * Returns: 0 on success, -1 on failure or if not supported
3762 static int wpa_driver_nl80211_stop_sched_scan(void *priv)
3764 struct i802_bss *bss = priv;
3765 struct wpa_driver_nl80211_data *drv = bss->drv;
3770 if (!drv->capa.sched_scan_supported)
3771 return android_pno_stop(bss);
3772 #endif /* ANDROID */
3774 msg = nlmsg_alloc();
3778 nl80211_cmd(drv, msg, 0, NL80211_CMD_STOP_SCHED_SCAN);
3780 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
3782 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
3785 wpa_printf(MSG_DEBUG, "nl80211: Sched scan stop failed: "
3786 "ret=%d (%s)", ret, strerror(-ret));
3787 goto nla_put_failure;
3790 wpa_printf(MSG_DEBUG, "nl80211: Sched scan stop sent (ret=%d)", ret);
3798 static const u8 * nl80211_get_ie(const u8 *ies, size_t ies_len, u8 ie)
3800 const u8 *end, *pos;
3806 end = ies + ies_len;
3808 while (pos + 1 < end) {
3809 if (pos + 2 + pos[1] > end)
3820 static int nl80211_scan_filtered(struct wpa_driver_nl80211_data *drv,
3821 const u8 *ie, size_t ie_len)
3826 if (drv->filter_ssids == NULL)
3829 ssid = nl80211_get_ie(ie, ie_len, WLAN_EID_SSID);
3833 for (i = 0; i < drv->num_filter_ssids; i++) {
3834 if (ssid[1] == drv->filter_ssids[i].ssid_len &&
3835 os_memcmp(ssid + 2, drv->filter_ssids[i].ssid, ssid[1]) ==
3844 static int bss_info_handler(struct nl_msg *msg, void *arg)
3846 struct nlattr *tb[NL80211_ATTR_MAX + 1];
3847 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
3848 struct nlattr *bss[NL80211_BSS_MAX + 1];
3849 static struct nla_policy bss_policy[NL80211_BSS_MAX + 1] = {
3850 [NL80211_BSS_BSSID] = { .type = NLA_UNSPEC },
3851 [NL80211_BSS_FREQUENCY] = { .type = NLA_U32 },
3852 [NL80211_BSS_TSF] = { .type = NLA_U64 },
3853 [NL80211_BSS_BEACON_INTERVAL] = { .type = NLA_U16 },
3854 [NL80211_BSS_CAPABILITY] = { .type = NLA_U16 },
3855 [NL80211_BSS_INFORMATION_ELEMENTS] = { .type = NLA_UNSPEC },
3856 [NL80211_BSS_SIGNAL_MBM] = { .type = NLA_U32 },
3857 [NL80211_BSS_SIGNAL_UNSPEC] = { .type = NLA_U8 },
3858 [NL80211_BSS_STATUS] = { .type = NLA_U32 },
3859 [NL80211_BSS_SEEN_MS_AGO] = { .type = NLA_U32 },
3860 [NL80211_BSS_BEACON_IES] = { .type = NLA_UNSPEC },
3862 struct nl80211_bss_info_arg *_arg = arg;
3863 struct wpa_scan_results *res = _arg->res;
3864 struct wpa_scan_res **tmp;
3865 struct wpa_scan_res *r;
3866 const u8 *ie, *beacon_ie;
3867 size_t ie_len, beacon_ie_len;
3871 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
3872 genlmsg_attrlen(gnlh, 0), NULL);
3873 if (!tb[NL80211_ATTR_BSS])
3875 if (nla_parse_nested(bss, NL80211_BSS_MAX, tb[NL80211_ATTR_BSS],
3878 if (bss[NL80211_BSS_STATUS]) {
3879 enum nl80211_bss_status status;
3880 status = nla_get_u32(bss[NL80211_BSS_STATUS]);
3881 if (status == NL80211_BSS_STATUS_ASSOCIATED &&
3882 bss[NL80211_BSS_FREQUENCY]) {
3884 nla_get_u32(bss[NL80211_BSS_FREQUENCY]);
3885 wpa_printf(MSG_DEBUG, "nl80211: Associated on %u MHz",
3888 if (status == NL80211_BSS_STATUS_ASSOCIATED &&
3889 bss[NL80211_BSS_BSSID]) {
3890 os_memcpy(_arg->assoc_bssid,
3891 nla_data(bss[NL80211_BSS_BSSID]), ETH_ALEN);
3892 wpa_printf(MSG_DEBUG, "nl80211: Associated with "
3893 MACSTR, MAC2STR(_arg->assoc_bssid));
3898 if (bss[NL80211_BSS_INFORMATION_ELEMENTS]) {
3899 ie = nla_data(bss[NL80211_BSS_INFORMATION_ELEMENTS]);
3900 ie_len = nla_len(bss[NL80211_BSS_INFORMATION_ELEMENTS]);
3905 if (bss[NL80211_BSS_BEACON_IES]) {
3906 beacon_ie = nla_data(bss[NL80211_BSS_BEACON_IES]);
3907 beacon_ie_len = nla_len(bss[NL80211_BSS_BEACON_IES]);
3913 if (nl80211_scan_filtered(_arg->drv, ie ? ie : beacon_ie,
3914 ie ? ie_len : beacon_ie_len))
3917 r = os_zalloc(sizeof(*r) + ie_len + beacon_ie_len);
3920 if (bss[NL80211_BSS_BSSID])
3921 os_memcpy(r->bssid, nla_data(bss[NL80211_BSS_BSSID]),
3923 if (bss[NL80211_BSS_FREQUENCY])
3924 r->freq = nla_get_u32(bss[NL80211_BSS_FREQUENCY]);
3925 if (bss[NL80211_BSS_BEACON_INTERVAL])
3926 r->beacon_int = nla_get_u16(bss[NL80211_BSS_BEACON_INTERVAL]);
3927 if (bss[NL80211_BSS_CAPABILITY])
3928 r->caps = nla_get_u16(bss[NL80211_BSS_CAPABILITY]);
3929 r->flags |= WPA_SCAN_NOISE_INVALID;
3930 if (bss[NL80211_BSS_SIGNAL_MBM]) {
3931 r->level = nla_get_u32(bss[NL80211_BSS_SIGNAL_MBM]);
3932 r->level /= 100; /* mBm to dBm */
3933 r->flags |= WPA_SCAN_LEVEL_DBM | WPA_SCAN_QUAL_INVALID;
3934 } else if (bss[NL80211_BSS_SIGNAL_UNSPEC]) {
3935 r->level = nla_get_u8(bss[NL80211_BSS_SIGNAL_UNSPEC]);
3936 r->flags |= WPA_SCAN_QUAL_INVALID;
3938 r->flags |= WPA_SCAN_LEVEL_INVALID | WPA_SCAN_QUAL_INVALID;
3939 if (bss[NL80211_BSS_TSF])
3940 r->tsf = nla_get_u64(bss[NL80211_BSS_TSF]);
3941 if (bss[NL80211_BSS_SEEN_MS_AGO])
3942 r->age = nla_get_u32(bss[NL80211_BSS_SEEN_MS_AGO]);
3944 pos = (u8 *) (r + 1);
3946 os_memcpy(pos, ie, ie_len);
3949 r->beacon_ie_len = beacon_ie_len;
3951 os_memcpy(pos, beacon_ie, beacon_ie_len);
3953 if (bss[NL80211_BSS_STATUS]) {
3954 enum nl80211_bss_status status;
3955 status = nla_get_u32(bss[NL80211_BSS_STATUS]);
3957 case NL80211_BSS_STATUS_AUTHENTICATED:
3958 r->flags |= WPA_SCAN_AUTHENTICATED;
3960 case NL80211_BSS_STATUS_ASSOCIATED:
3961 r->flags |= WPA_SCAN_ASSOCIATED;
3969 * cfg80211 maintains separate BSS table entries for APs if the same
3970 * BSSID,SSID pair is seen on multiple channels. wpa_supplicant does
3971 * not use frequency as a separate key in the BSS table, so filter out
3972 * duplicated entries. Prefer associated BSS entry in such a case in
3973 * order to get the correct frequency into the BSS table.
3975 for (i = 0; i < res->num; i++) {
3977 if (os_memcmp(res->res[i]->bssid, r->bssid, ETH_ALEN) != 0)
3980 s1 = nl80211_get_ie((u8 *) (res->res[i] + 1),
3981 res->res[i]->ie_len, WLAN_EID_SSID);
3982 s2 = nl80211_get_ie((u8 *) (r + 1), r->ie_len, WLAN_EID_SSID);
3983 if (s1 == NULL || s2 == NULL || s1[1] != s2[1] ||
3984 os_memcmp(s1, s2, 2 + s1[1]) != 0)
3987 /* Same BSSID,SSID was already included in scan results */
3988 wpa_printf(MSG_DEBUG, "nl80211: Remove duplicated scan result "
3989 "for " MACSTR, MAC2STR(r->bssid));
3991 if ((r->flags & WPA_SCAN_ASSOCIATED) &&
3992 !(res->res[i]->flags & WPA_SCAN_ASSOCIATED)) {
3993 os_free(res->res[i]);
4000 tmp = os_realloc_array(res->res, res->num + 1,
4001 sizeof(struct wpa_scan_res *));
4006 tmp[res->num++] = r;
4013 static void clear_state_mismatch(struct wpa_driver_nl80211_data *drv,
4016 if (drv->capa.flags & WPA_DRIVER_FLAGS_SME) {
4017 wpa_printf(MSG_DEBUG, "nl80211: Clear possible state "
4018 "mismatch (" MACSTR ")", MAC2STR(addr));
4019 wpa_driver_nl80211_mlme(drv, addr,
4020 NL80211_CMD_DEAUTHENTICATE,
4021 WLAN_REASON_PREV_AUTH_NOT_VALID, 1);
4026 static void wpa_driver_nl80211_check_bss_status(
4027 struct wpa_driver_nl80211_data *drv, struct wpa_scan_results *res)
4031 for (i = 0; i < res->num; i++) {
4032 struct wpa_scan_res *r = res->res[i];
4033 if (r->flags & WPA_SCAN_AUTHENTICATED) {
4034 wpa_printf(MSG_DEBUG, "nl80211: Scan results "
4035 "indicates BSS status with " MACSTR
4036 " as authenticated",
4038 if (is_sta_interface(drv->nlmode) &&
4039 os_memcmp(r->bssid, drv->bssid, ETH_ALEN) != 0 &&
4040 os_memcmp(r->bssid, drv->auth_bssid, ETH_ALEN) !=
4042 wpa_printf(MSG_DEBUG, "nl80211: Unknown BSSID"
4043 " in local state (auth=" MACSTR
4044 " assoc=" MACSTR ")",
4045 MAC2STR(drv->auth_bssid),
4046 MAC2STR(drv->bssid));
4047 clear_state_mismatch(drv, r->bssid);
4051 if (r->flags & WPA_SCAN_ASSOCIATED) {
4052 wpa_printf(MSG_DEBUG, "nl80211: Scan results "
4053 "indicate BSS status with " MACSTR
4056 if (is_sta_interface(drv->nlmode) &&
4058 wpa_printf(MSG_DEBUG, "nl80211: Local state "
4059 "(not associated) does not match "
4061 clear_state_mismatch(drv, r->bssid);
4062 } else if (is_sta_interface(drv->nlmode) &&
4063 os_memcmp(drv->bssid, r->bssid, ETH_ALEN) !=
4065 wpa_printf(MSG_DEBUG, "nl80211: Local state "
4066 "(associated with " MACSTR ") does "
4067 "not match with BSS state",
4068 MAC2STR(drv->bssid));
4069 clear_state_mismatch(drv, r->bssid);
4070 clear_state_mismatch(drv, drv->bssid);
4077 static struct wpa_scan_results *
4078 nl80211_get_scan_results(struct wpa_driver_nl80211_data *drv)
4081 struct wpa_scan_results *res;
4083 struct nl80211_bss_info_arg arg;
4085 res = os_zalloc(sizeof(*res));
4088 msg = nlmsg_alloc();
4090 goto nla_put_failure;
4092 nl80211_cmd(drv, msg, NLM_F_DUMP, NL80211_CMD_GET_SCAN);
4093 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
4097 ret = send_and_recv_msgs(drv, msg, bss_info_handler, &arg);
4100 wpa_printf(MSG_DEBUG, "nl80211: Received scan results (%lu "
4101 "BSSes)", (unsigned long) res->num);
4102 nl80211_get_noise_for_scan_results(drv, res);
4105 wpa_printf(MSG_DEBUG, "nl80211: Scan result fetch failed: ret=%d "
4106 "(%s)", ret, strerror(-ret));
4109 wpa_scan_results_free(res);
4115 * wpa_driver_nl80211_get_scan_results - Fetch the latest scan results
4116 * @priv: Pointer to private wext data from wpa_driver_nl80211_init()
4117 * Returns: Scan results on success, -1 on failure
4119 static struct wpa_scan_results *
4120 wpa_driver_nl80211_get_scan_results(void *priv)
4122 struct i802_bss *bss = priv;
4123 struct wpa_driver_nl80211_data *drv = bss->drv;
4124 struct wpa_scan_results *res;
4126 res = nl80211_get_scan_results(drv);
4128 wpa_driver_nl80211_check_bss_status(drv, res);
4133 static void nl80211_dump_scan(struct wpa_driver_nl80211_data *drv)
4135 struct wpa_scan_results *res;
4138 res = nl80211_get_scan_results(drv);
4140 wpa_printf(MSG_DEBUG, "nl80211: Failed to get scan results");
4144 wpa_printf(MSG_DEBUG, "nl80211: Scan result dump");
4145 for (i = 0; i < res->num; i++) {
4146 struct wpa_scan_res *r = res->res[i];
4147 wpa_printf(MSG_DEBUG, "nl80211: %d/%d " MACSTR "%s%s",
4148 (int) i, (int) res->num, MAC2STR(r->bssid),
4149 r->flags & WPA_SCAN_AUTHENTICATED ? " [auth]" : "",
4150 r->flags & WPA_SCAN_ASSOCIATED ? " [assoc]" : "");
4153 wpa_scan_results_free(res);
4157 static int wpa_driver_nl80211_set_key(const char *ifname, void *priv,
4158 enum wpa_alg alg, const u8 *addr,
4159 int key_idx, int set_tx,
4160 const u8 *seq, size_t seq_len,
4161 const u8 *key, size_t key_len)
4163 struct i802_bss *bss = priv;
4164 struct wpa_driver_nl80211_data *drv = bss->drv;
4165 int ifindex = if_nametoindex(ifname);
4169 wpa_printf(MSG_DEBUG, "%s: ifindex=%d alg=%d addr=%p key_idx=%d "
4170 "set_tx=%d seq_len=%lu key_len=%lu",
4171 __func__, ifindex, alg, addr, key_idx, set_tx,
4172 (unsigned long) seq_len, (unsigned long) key_len);
4176 #endif /* CONFIG_TDLS */
4178 msg = nlmsg_alloc();
4182 if (alg == WPA_ALG_NONE) {
4183 nl80211_cmd(drv, msg, 0, NL80211_CMD_DEL_KEY);
4185 nl80211_cmd(drv, msg, 0, NL80211_CMD_NEW_KEY);
4186 NLA_PUT(msg, NL80211_ATTR_KEY_DATA, key_len, key);
4190 NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
4191 WLAN_CIPHER_SUITE_WEP40);
4193 NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
4194 WLAN_CIPHER_SUITE_WEP104);
4197 NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
4198 WLAN_CIPHER_SUITE_TKIP);
4201 NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
4202 WLAN_CIPHER_SUITE_CCMP);
4205 NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
4206 WLAN_CIPHER_SUITE_GCMP);
4209 NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
4210 WLAN_CIPHER_SUITE_AES_CMAC);
4213 wpa_printf(MSG_ERROR, "%s: Unsupported encryption "
4214 "algorithm %d", __func__, alg);
4221 NLA_PUT(msg, NL80211_ATTR_KEY_SEQ, seq_len, seq);
4223 if (addr && !is_broadcast_ether_addr(addr)) {
4224 wpa_printf(MSG_DEBUG, " addr=" MACSTR, MAC2STR(addr));
4225 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
4227 if (alg != WPA_ALG_WEP && key_idx && !set_tx) {
4228 wpa_printf(MSG_DEBUG, " RSN IBSS RX GTK");
4229 NLA_PUT_U32(msg, NL80211_ATTR_KEY_TYPE,
4230 NL80211_KEYTYPE_GROUP);
4232 } else if (addr && is_broadcast_ether_addr(addr)) {
4233 struct nl_msg *types;
4235 wpa_printf(MSG_DEBUG, " broadcast key");
4236 types = nlmsg_alloc();
4238 goto nla_put_failure;
4239 NLA_PUT_FLAG(types, NL80211_KEY_DEFAULT_TYPE_MULTICAST);
4240 err = nla_put_nested(msg, NL80211_ATTR_KEY_DEFAULT_TYPES,
4244 goto nla_put_failure;
4246 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, key_idx);
4247 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifindex);
4249 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
4250 if ((ret == -ENOENT || ret == -ENOLINK) && alg == WPA_ALG_NONE)
4253 wpa_printf(MSG_DEBUG, "nl80211: set_key failed; err=%d %s)",
4254 ret, strerror(-ret));
4257 * If we failed or don't need to set the default TX key (below),
4260 if (ret || !set_tx || alg == WPA_ALG_NONE)
4262 if (is_ap_interface(drv->nlmode) && addr &&
4263 !is_broadcast_ether_addr(addr))
4266 msg = nlmsg_alloc();
4270 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_KEY);
4271 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, key_idx);
4272 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifindex);
4273 if (alg == WPA_ALG_IGTK)
4274 NLA_PUT_FLAG(msg, NL80211_ATTR_KEY_DEFAULT_MGMT);
4276 NLA_PUT_FLAG(msg, NL80211_ATTR_KEY_DEFAULT);
4277 if (addr && is_broadcast_ether_addr(addr)) {
4278 struct nl_msg *types;
4280 types = nlmsg_alloc();
4282 goto nla_put_failure;
4283 NLA_PUT_FLAG(types, NL80211_KEY_DEFAULT_TYPE_MULTICAST);
4284 err = nla_put_nested(msg, NL80211_ATTR_KEY_DEFAULT_TYPES,
4288 goto nla_put_failure;
4290 struct nl_msg *types;
4292 types = nlmsg_alloc();
4294 goto nla_put_failure;
4295 NLA_PUT_FLAG(types, NL80211_KEY_DEFAULT_TYPE_UNICAST);
4296 err = nla_put_nested(msg, NL80211_ATTR_KEY_DEFAULT_TYPES,
4300 goto nla_put_failure;
4303 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
4307 wpa_printf(MSG_DEBUG, "nl80211: set_key default failed; "
4308 "err=%d %s)", ret, strerror(-ret));
4317 static int nl_add_key(struct nl_msg *msg, enum wpa_alg alg,
4318 int key_idx, int defkey,
4319 const u8 *seq, size_t seq_len,
4320 const u8 *key, size_t key_len)
4322 struct nlattr *key_attr = nla_nest_start(msg, NL80211_ATTR_KEY);
4326 if (defkey && alg == WPA_ALG_IGTK)
4327 NLA_PUT_FLAG(msg, NL80211_KEY_DEFAULT_MGMT);
4329 NLA_PUT_FLAG(msg, NL80211_KEY_DEFAULT);
4331 NLA_PUT_U8(msg, NL80211_KEY_IDX, key_idx);
4336 NLA_PUT_U32(msg, NL80211_KEY_CIPHER,
4337 WLAN_CIPHER_SUITE_WEP40);
4339 NLA_PUT_U32(msg, NL80211_KEY_CIPHER,
4340 WLAN_CIPHER_SUITE_WEP104);
4343 NLA_PUT_U32(msg, NL80211_KEY_CIPHER, WLAN_CIPHER_SUITE_TKIP);
4346 NLA_PUT_U32(msg, NL80211_KEY_CIPHER, WLAN_CIPHER_SUITE_CCMP);
4349 NLA_PUT_U32(msg, NL80211_KEY_CIPHER, WLAN_CIPHER_SUITE_GCMP);
4352 NLA_PUT_U32(msg, NL80211_KEY_CIPHER,
4353 WLAN_CIPHER_SUITE_AES_CMAC);
4356 wpa_printf(MSG_ERROR, "%s: Unsupported encryption "
4357 "algorithm %d", __func__, alg);
4362 NLA_PUT(msg, NL80211_KEY_SEQ, seq_len, seq);
4364 NLA_PUT(msg, NL80211_KEY_DATA, key_len, key);
4366 nla_nest_end(msg, key_attr);
4374 static int nl80211_set_conn_keys(struct wpa_driver_associate_params *params,
4378 struct nlattr *nl_keys, *nl_key;
4380 for (i = 0; i < 4; i++) {
4381 if (!params->wep_key[i])
4386 if (params->wps == WPS_MODE_PRIVACY)
4388 if (params->pairwise_suite &&
4389 params->pairwise_suite != WPA_CIPHER_NONE)
4395 NLA_PUT_FLAG(msg, NL80211_ATTR_PRIVACY);
4397 nl_keys = nla_nest_start(msg, NL80211_ATTR_KEYS);
4399 goto nla_put_failure;
4401 for (i = 0; i < 4; i++) {
4402 if (!params->wep_key[i])
4405 nl_key = nla_nest_start(msg, i);
4407 goto nla_put_failure;
4409 NLA_PUT(msg, NL80211_KEY_DATA, params->wep_key_len[i],
4410 params->wep_key[i]);
4411 if (params->wep_key_len[i] == 5)
4412 NLA_PUT_U32(msg, NL80211_KEY_CIPHER,
4413 WLAN_CIPHER_SUITE_WEP40);
4415 NLA_PUT_U32(msg, NL80211_KEY_CIPHER,
4416 WLAN_CIPHER_SUITE_WEP104);
4418 NLA_PUT_U8(msg, NL80211_KEY_IDX, i);
4420 if (i == params->wep_tx_keyidx)
4421 NLA_PUT_FLAG(msg, NL80211_KEY_DEFAULT);
4423 nla_nest_end(msg, nl_key);
4425 nla_nest_end(msg, nl_keys);
4434 static int wpa_driver_nl80211_mlme(struct wpa_driver_nl80211_data *drv,
4435 const u8 *addr, int cmd, u16 reason_code,
4436 int local_state_change)
4441 msg = nlmsg_alloc();
4445 nl80211_cmd(drv, msg, 0, cmd);
4447 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
4448 NLA_PUT_U16(msg, NL80211_ATTR_REASON_CODE, reason_code);
4449 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
4450 if (local_state_change)
4451 NLA_PUT_FLAG(msg, NL80211_ATTR_LOCAL_STATE_CHANGE);
4453 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
4456 wpa_dbg(drv->ctx, MSG_DEBUG,
4457 "nl80211: MLME command failed: reason=%u ret=%d (%s)",
4458 reason_code, ret, strerror(-ret));
4459 goto nla_put_failure;
4469 static int wpa_driver_nl80211_disconnect(struct wpa_driver_nl80211_data *drv,
4470 const u8 *addr, int reason_code)
4472 wpa_printf(MSG_DEBUG, "%s(addr=" MACSTR " reason_code=%d)",
4473 __func__, MAC2STR(addr), reason_code);
4474 drv->associated = 0;
4475 return wpa_driver_nl80211_mlme(drv, addr, NL80211_CMD_DISCONNECT,
4480 static int wpa_driver_nl80211_deauthenticate(void *priv, const u8 *addr,
4483 struct i802_bss *bss = priv;
4484 struct wpa_driver_nl80211_data *drv = bss->drv;
4485 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME))
4486 return wpa_driver_nl80211_disconnect(drv, addr, reason_code);
4487 wpa_printf(MSG_DEBUG, "%s(addr=" MACSTR " reason_code=%d)",
4488 __func__, MAC2STR(addr), reason_code);
4489 drv->associated = 0;
4490 if (drv->nlmode == NL80211_IFTYPE_ADHOC)
4491 return nl80211_leave_ibss(drv);
4492 return wpa_driver_nl80211_mlme(drv, addr, NL80211_CMD_DEAUTHENTICATE,
4497 static int wpa_driver_nl80211_disassociate(void *priv, const u8 *addr,
4500 struct i802_bss *bss = priv;
4501 struct wpa_driver_nl80211_data *drv = bss->drv;
4502 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME))
4503 return wpa_driver_nl80211_disconnect(drv, addr, reason_code);
4504 wpa_printf(MSG_DEBUG, "%s", __func__);
4505 drv->associated = 0;
4506 return wpa_driver_nl80211_mlme(drv, addr, NL80211_CMD_DISASSOCIATE,
4511 static void nl80211_copy_auth_params(struct wpa_driver_nl80211_data *drv,
4512 struct wpa_driver_auth_params *params)
4516 drv->auth_freq = params->freq;
4517 drv->auth_alg = params->auth_alg;
4518 drv->auth_wep_tx_keyidx = params->wep_tx_keyidx;
4519 drv->auth_local_state_change = params->local_state_change;
4520 drv->auth_p2p = params->p2p;
4523 os_memcpy(drv->auth_bssid_, params->bssid, ETH_ALEN);
4525 os_memset(drv->auth_bssid_, 0, ETH_ALEN);
4528 os_memcpy(drv->auth_ssid, params->ssid, params->ssid_len);
4529 drv->auth_ssid_len = params->ssid_len;
4531 drv->auth_ssid_len = 0;
4534 os_free(drv->auth_ie);
4535 drv->auth_ie = NULL;
4536 drv->auth_ie_len = 0;
4538 drv->auth_ie = os_malloc(params->ie_len);
4540 os_memcpy(drv->auth_ie, params->ie, params->ie_len);
4541 drv->auth_ie_len = params->ie_len;
4545 for (i = 0; i < 4; i++) {
4546 if (params->wep_key[i] && params->wep_key_len[i] &&
4547 params->wep_key_len[i] <= 16) {
4548 os_memcpy(drv->auth_wep_key[i], params->wep_key[i],
4549 params->wep_key_len[i]);
4550 drv->auth_wep_key_len[i] = params->wep_key_len[i];
4552 drv->auth_wep_key_len[i] = 0;
4557 static int wpa_driver_nl80211_authenticate(
4558 void *priv, struct wpa_driver_auth_params *params)
4560 struct i802_bss *bss = priv;
4561 struct wpa_driver_nl80211_data *drv = bss->drv;
4564 enum nl80211_auth_type type;
4565 enum nl80211_iftype nlmode;
4569 is_retry = drv->retry_auth;
4570 drv->retry_auth = 0;
4572 drv->associated = 0;
4573 os_memset(drv->auth_bssid, 0, ETH_ALEN);
4574 /* FIX: IBSS mode */
4575 nlmode = params->p2p ?
4576 NL80211_IFTYPE_P2P_CLIENT : NL80211_IFTYPE_STATION;
4577 if (drv->nlmode != nlmode &&
4578 wpa_driver_nl80211_set_mode(priv, nlmode) < 0)
4582 msg = nlmsg_alloc();
4586 wpa_printf(MSG_DEBUG, "nl80211: Authenticate (ifindex=%d)",
4589 nl80211_cmd(drv, msg, 0, NL80211_CMD_AUTHENTICATE);
4591 for (i = 0; i < 4; i++) {
4592 if (!params->wep_key[i])
4594 wpa_driver_nl80211_set_key(bss->ifname, priv, WPA_ALG_WEP,
4596 i == params->wep_tx_keyidx, NULL, 0,
4598 params->wep_key_len[i]);
4599 if (params->wep_tx_keyidx != i)
4601 if (nl_add_key(msg, WPA_ALG_WEP, i, 1, NULL, 0,
4602 params->wep_key[i], params->wep_key_len[i])) {
4608 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
4609 if (params->bssid) {
4610 wpa_printf(MSG_DEBUG, " * bssid=" MACSTR,
4611 MAC2STR(params->bssid));
4612 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid);
4615 wpa_printf(MSG_DEBUG, " * freq=%d", params->freq);
4616 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, params->freq);
4619 wpa_hexdump_ascii(MSG_DEBUG, " * SSID",
4620 params->ssid, params->ssid_len);
4621 NLA_PUT(msg, NL80211_ATTR_SSID, params->ssid_len,
4624 wpa_hexdump(MSG_DEBUG, " * IEs", params->ie, params->ie_len);
4626 NLA_PUT(msg, NL80211_ATTR_IE, params->ie_len, params->ie);
4627 if (params->auth_alg & WPA_AUTH_ALG_OPEN)
4628 type = NL80211_AUTHTYPE_OPEN_SYSTEM;
4629 else if (params->auth_alg & WPA_AUTH_ALG_SHARED)
4630 type = NL80211_AUTHTYPE_SHARED_KEY;
4631 else if (params->auth_alg & WPA_AUTH_ALG_LEAP)
4632 type = NL80211_AUTHTYPE_NETWORK_EAP;
4633 else if (params->auth_alg & WPA_AUTH_ALG_FT)
4634 type = NL80211_AUTHTYPE_FT;
4636 goto nla_put_failure;
4637 wpa_printf(MSG_DEBUG, " * Auth Type %d", type);
4638 NLA_PUT_U32(msg, NL80211_ATTR_AUTH_TYPE, type);
4639 if (params->local_state_change) {
4640 wpa_printf(MSG_DEBUG, " * Local state change only");
4641 NLA_PUT_FLAG(msg, NL80211_ATTR_LOCAL_STATE_CHANGE);
4644 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
4647 wpa_dbg(drv->ctx, MSG_DEBUG,
4648 "nl80211: MLME command failed (auth): ret=%d (%s)",
4649 ret, strerror(-ret));
4651 if (ret == -EALREADY && count == 1 && params->bssid &&
4652 !params->local_state_change) {
4654 * mac80211 does not currently accept new
4655 * authentication if we are already authenticated. As a
4656 * workaround, force deauthentication and try again.
4658 wpa_printf(MSG_DEBUG, "nl80211: Retry authentication "
4659 "after forced deauthentication");
4660 wpa_driver_nl80211_deauthenticate(
4662 WLAN_REASON_PREV_AUTH_NOT_VALID);
4667 if (ret == -ENOENT && params->freq && !is_retry) {
4669 * cfg80211 has likely expired the BSS entry even
4670 * though it was previously available in our internal
4671 * BSS table. To recover quickly, start a single
4672 * channel scan on the specified channel.
4674 struct wpa_driver_scan_params scan;
4677 os_memset(&scan, 0, sizeof(scan));
4680 scan.ssids[0].ssid = params->ssid;
4681 scan.ssids[0].ssid_len = params->ssid_len;
4683 freqs[0] = params->freq;
4686 wpa_printf(MSG_DEBUG, "nl80211: Trigger single "
4687 "channel scan to refresh cfg80211 BSS "
4689 ret = wpa_driver_nl80211_scan(bss, &scan);
4691 nl80211_copy_auth_params(drv, params);
4692 drv->scan_for_auth = 1;
4694 } else if (is_retry) {
4696 * Need to indicate this with an event since the return
4697 * value from the retry is not delivered to core code.
4699 union wpa_event_data event;
4700 wpa_printf(MSG_DEBUG, "nl80211: Authentication retry "
4702 os_memset(&event, 0, sizeof(event));
4703 os_memcpy(event.timeout_event.addr, drv->auth_bssid_,
4705 wpa_supplicant_event(drv->ctx, EVENT_AUTH_TIMED_OUT,
4709 goto nla_put_failure;
4712 wpa_printf(MSG_DEBUG, "nl80211: Authentication request send "
4721 static int wpa_driver_nl80211_authenticate_retry(
4722 struct wpa_driver_nl80211_data *drv)
4724 struct wpa_driver_auth_params params;
4725 struct i802_bss *bss = &drv->first_bss;
4728 wpa_printf(MSG_DEBUG, "nl80211: Try to authenticate again");
4730 os_memset(¶ms, 0, sizeof(params));
4731 params.freq = drv->auth_freq;
4732 params.auth_alg = drv->auth_alg;
4733 params.wep_tx_keyidx = drv->auth_wep_tx_keyidx;
4734 params.local_state_change = drv->auth_local_state_change;
4735 params.p2p = drv->auth_p2p;
4737 if (!is_zero_ether_addr(drv->auth_bssid_))
4738 params.bssid = drv->auth_bssid_;
4740 if (drv->auth_ssid_len) {
4741 params.ssid = drv->auth_ssid;
4742 params.ssid_len = drv->auth_ssid_len;
4745 params.ie = drv->auth_ie;
4746 params.ie_len = drv->auth_ie_len;
4748 for (i = 0; i < 4; i++) {
4749 if (drv->auth_wep_key_len[i]) {
4750 params.wep_key[i] = drv->auth_wep_key[i];
4751 params.wep_key_len[i] = drv->auth_wep_key_len[i];
4755 drv->retry_auth = 1;
4756 return wpa_driver_nl80211_authenticate(bss, ¶ms);
4760 struct phy_info_arg {
4762 struct hostapd_hw_modes *modes;
4765 static int phy_info_handler(struct nl_msg *msg, void *arg)
4767 struct nlattr *tb_msg[NL80211_ATTR_MAX + 1];
4768 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
4769 struct phy_info_arg *phy_info = arg;
4771 struct nlattr *tb_band[NL80211_BAND_ATTR_MAX + 1];
4773 struct nlattr *tb_freq[NL80211_FREQUENCY_ATTR_MAX + 1];
4774 static struct nla_policy freq_policy[NL80211_FREQUENCY_ATTR_MAX + 1] = {
4775 [NL80211_FREQUENCY_ATTR_FREQ] = { .type = NLA_U32 },
4776 [NL80211_FREQUENCY_ATTR_DISABLED] = { .type = NLA_FLAG },
4777 [NL80211_FREQUENCY_ATTR_PASSIVE_SCAN] = { .type = NLA_FLAG },
4778 [NL80211_FREQUENCY_ATTR_NO_IBSS] = { .type = NLA_FLAG },
4779 [NL80211_FREQUENCY_ATTR_RADAR] = { .type = NLA_FLAG },
4780 [NL80211_FREQUENCY_ATTR_MAX_TX_POWER] = { .type = NLA_U32 },
4783 struct nlattr *tb_rate[NL80211_BITRATE_ATTR_MAX + 1];
4784 static struct nla_policy rate_policy[NL80211_BITRATE_ATTR_MAX + 1] = {
4785 [NL80211_BITRATE_ATTR_RATE] = { .type = NLA_U32 },
4786 [NL80211_BITRATE_ATTR_2GHZ_SHORTPREAMBLE] = { .type = NLA_FLAG },
4789 struct nlattr *nl_band;
4790 struct nlattr *nl_freq;
4791 struct nlattr *nl_rate;
4792 int rem_band, rem_freq, rem_rate;
4793 struct hostapd_hw_modes *mode;
4794 int idx, mode_is_set;
4796 nla_parse(tb_msg, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
4797 genlmsg_attrlen(gnlh, 0), NULL);
4799 if (!tb_msg[NL80211_ATTR_WIPHY_BANDS])
4802 nla_for_each_nested(nl_band, tb_msg[NL80211_ATTR_WIPHY_BANDS], rem_band) {
4803 mode = os_realloc_array(phy_info->modes,
4804 *phy_info->num_modes + 1,
4808 phy_info->modes = mode;
4812 mode = &phy_info->modes[*(phy_info->num_modes)];
4813 memset(mode, 0, sizeof(*mode));
4814 mode->flags = HOSTAPD_MODE_FLAG_HT_INFO_KNOWN;
4815 *(phy_info->num_modes) += 1;
4817 nla_parse(tb_band, NL80211_BAND_ATTR_MAX, nla_data(nl_band),
4818 nla_len(nl_band), NULL);
4820 if (tb_band[NL80211_BAND_ATTR_HT_CAPA]) {
4821 mode->ht_capab = nla_get_u16(
4822 tb_band[NL80211_BAND_ATTR_HT_CAPA]);
4825 if (tb_band[NL80211_BAND_ATTR_HT_AMPDU_FACTOR]) {
4826 mode->a_mpdu_params |= nla_get_u8(
4827 tb_band[NL80211_BAND_ATTR_HT_AMPDU_FACTOR]) &
4831 if (tb_band[NL80211_BAND_ATTR_HT_AMPDU_DENSITY]) {
4832 mode->a_mpdu_params |= nla_get_u8(
4833 tb_band[NL80211_BAND_ATTR_HT_AMPDU_DENSITY]) <<
4837 if (tb_band[NL80211_BAND_ATTR_HT_MCS_SET] &&
4838 nla_len(tb_band[NL80211_BAND_ATTR_HT_MCS_SET])) {
4840 mcs = nla_data(tb_band[NL80211_BAND_ATTR_HT_MCS_SET]);
4841 os_memcpy(mode->mcs_set, mcs, 16);
4844 if (tb_band[NL80211_BAND_ATTR_VHT_CAPA]) {
4845 mode->vht_capab = nla_get_u32(
4846 tb_band[NL80211_BAND_ATTR_VHT_CAPA]);
4849 if (tb_band[NL80211_BAND_ATTR_VHT_MCS_SET] &&
4850 nla_len(tb_band[NL80211_BAND_ATTR_VHT_MCS_SET])) {
4852 mcs = nla_data(tb_band[NL80211_BAND_ATTR_VHT_MCS_SET]);
4853 os_memcpy(mode->vht_mcs_set, mcs, 8);
4856 nla_for_each_nested(nl_freq, tb_band[NL80211_BAND_ATTR_FREQS], rem_freq) {
4857 nla_parse(tb_freq, NL80211_FREQUENCY_ATTR_MAX, nla_data(nl_freq),
4858 nla_len(nl_freq), freq_policy);
4859 if (!tb_freq[NL80211_FREQUENCY_ATTR_FREQ])
4861 mode->num_channels++;
4864 mode->channels = os_calloc(mode->num_channels,
4865 sizeof(struct hostapd_channel_data));
4866 if (!mode->channels)
4871 nla_for_each_nested(nl_freq, tb_band[NL80211_BAND_ATTR_FREQS], rem_freq) {
4872 nla_parse(tb_freq, NL80211_FREQUENCY_ATTR_MAX, nla_data(nl_freq),
4873 nla_len(nl_freq), freq_policy);
4874 if (!tb_freq[NL80211_FREQUENCY_ATTR_FREQ])
4877 mode->channels[idx].freq = nla_get_u32(tb_freq[NL80211_FREQUENCY_ATTR_FREQ]);
4878 mode->channels[idx].flag = 0;
4881 /* crude heuristic */
4882 if (mode->channels[idx].freq < 4000)
4883 mode->mode = HOSTAPD_MODE_IEEE80211B;
4885 mode->mode = HOSTAPD_MODE_IEEE80211A;
4889 /* crude heuristic */
4890 if (mode->channels[idx].freq < 4000)
4891 if (mode->channels[idx].freq == 2484)
4892 mode->channels[idx].chan = 14;
4894 mode->channels[idx].chan = (mode->channels[idx].freq - 2407) / 5;
4896 mode->channels[idx].chan = mode->channels[idx].freq/5 - 1000;
4898 if (tb_freq[NL80211_FREQUENCY_ATTR_DISABLED])
4899 mode->channels[idx].flag |=
4900 HOSTAPD_CHAN_DISABLED;
4901 if (tb_freq[NL80211_FREQUENCY_ATTR_PASSIVE_SCAN])
4902 mode->channels[idx].flag |=
4903 HOSTAPD_CHAN_PASSIVE_SCAN;
4904 if (tb_freq[NL80211_FREQUENCY_ATTR_NO_IBSS])
4905 mode->channels[idx].flag |=
4906 HOSTAPD_CHAN_NO_IBSS;
4907 if (tb_freq[NL80211_FREQUENCY_ATTR_RADAR])
4908 mode->channels[idx].flag |=
4911 if (tb_freq[NL80211_FREQUENCY_ATTR_MAX_TX_POWER] &&
4912 !tb_freq[NL80211_FREQUENCY_ATTR_DISABLED])
4913 mode->channels[idx].max_tx_power =
4914 nla_get_u32(tb_freq[NL80211_FREQUENCY_ATTR_MAX_TX_POWER]) / 100;
4919 nla_for_each_nested(nl_rate, tb_band[NL80211_BAND_ATTR_RATES], rem_rate) {
4920 nla_parse(tb_rate, NL80211_BITRATE_ATTR_MAX, nla_data(nl_rate),
4921 nla_len(nl_rate), rate_policy);
4922 if (!tb_rate[NL80211_BITRATE_ATTR_RATE])
4927 mode->rates = os_calloc(mode->num_rates, sizeof(int));
4933 nla_for_each_nested(nl_rate, tb_band[NL80211_BAND_ATTR_RATES], rem_rate) {
4934 nla_parse(tb_rate, NL80211_BITRATE_ATTR_MAX, nla_data(nl_rate),
4935 nla_len(nl_rate), rate_policy);
4936 if (!tb_rate[NL80211_BITRATE_ATTR_RATE])
4938 mode->rates[idx] = nla_get_u32(tb_rate[NL80211_BITRATE_ATTR_RATE]);
4940 /* crude heuristic */
4941 if (mode->mode == HOSTAPD_MODE_IEEE80211B &&
4942 mode->rates[idx] > 200)
4943 mode->mode = HOSTAPD_MODE_IEEE80211G;
4952 static struct hostapd_hw_modes *
4953 wpa_driver_nl80211_add_11b(struct hostapd_hw_modes *modes, u16 *num_modes)
4956 struct hostapd_hw_modes *mode11g = NULL, *nmodes, *mode;
4957 int i, mode11g_idx = -1;
4959 /* If only 802.11g mode is included, use it to construct matching
4960 * 802.11b mode data. */
4962 for (m = 0; m < *num_modes; m++) {
4963 if (modes[m].mode == HOSTAPD_MODE_IEEE80211B)
4964 return modes; /* 802.11b already included */
4965 if (modes[m].mode == HOSTAPD_MODE_IEEE80211G)
4969 if (mode11g_idx < 0)
4970 return modes; /* 2.4 GHz band not supported at all */
4972 nmodes = os_realloc_array(modes, *num_modes + 1, sizeof(*nmodes));
4974 return modes; /* Could not add 802.11b mode */
4976 mode = &nmodes[*num_modes];
4977 os_memset(mode, 0, sizeof(*mode));
4981 mode->mode = HOSTAPD_MODE_IEEE80211B;
4983 mode11g = &modes[mode11g_idx];
4984 mode->num_channels = mode11g->num_channels;
4985 mode->channels = os_malloc(mode11g->num_channels *
4986 sizeof(struct hostapd_channel_data));
4987 if (mode->channels == NULL) {
4989 return modes; /* Could not add 802.11b mode */
4991 os_memcpy(mode->channels, mode11g->channels,
4992 mode11g->num_channels * sizeof(struct hostapd_channel_data));
4994 mode->num_rates = 0;
4995 mode->rates = os_malloc(4 * sizeof(int));
4996 if (mode->rates == NULL) {
4997 os_free(mode->channels);
4999 return modes; /* Could not add 802.11b mode */
5002 for (i = 0; i < mode11g->num_rates; i++) {
5003 if (mode11g->rates[i] != 10 && mode11g->rates[i] != 20 &&
5004 mode11g->rates[i] != 55 && mode11g->rates[i] != 110)
5006 mode->rates[mode->num_rates] = mode11g->rates[i];
5008 if (mode->num_rates == 4)
5012 if (mode->num_rates == 0) {
5013 os_free(mode->channels);
5014 os_free(mode->rates);
5016 return modes; /* No 802.11b rates */
5019 wpa_printf(MSG_DEBUG, "nl80211: Added 802.11b mode based on 802.11g "
5026 static void nl80211_set_ht40_mode(struct hostapd_hw_modes *mode, int start,
5031 for (c = 0; c < mode->num_channels; c++) {
5032 struct hostapd_channel_data *chan = &mode->channels[c];
5033 if (chan->freq - 10 >= start && chan->freq + 10 <= end)
5034 chan->flag |= HOSTAPD_CHAN_HT40;
5039 static void nl80211_set_ht40_mode_sec(struct hostapd_hw_modes *mode, int start,
5044 for (c = 0; c < mode->num_channels; c++) {
5045 struct hostapd_channel_data *chan = &mode->channels[c];
5046 if (!(chan->flag & HOSTAPD_CHAN_HT40))
5048 if (chan->freq - 30 >= start && chan->freq - 10 <= end)
5049 chan->flag |= HOSTAPD_CHAN_HT40MINUS;
5050 if (chan->freq + 10 >= start && chan->freq + 30 <= end)
5051 chan->flag |= HOSTAPD_CHAN_HT40PLUS;
5056 static void nl80211_reg_rule_ht40(struct nlattr *tb[],
5057 struct phy_info_arg *results)
5059 u32 start, end, max_bw;
5062 if (tb[NL80211_ATTR_FREQ_RANGE_START] == NULL ||
5063 tb[NL80211_ATTR_FREQ_RANGE_END] == NULL ||
5064 tb[NL80211_ATTR_FREQ_RANGE_MAX_BW] == NULL)
5067 start = nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_START]) / 1000;
5068 end = nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_END]) / 1000;
5069 max_bw = nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_MAX_BW]) / 1000;
5071 wpa_printf(MSG_DEBUG, "nl80211: %u-%u @ %u MHz",
5072 start, end, max_bw);
5076 for (m = 0; m < *results->num_modes; m++) {
5077 if (!(results->modes[m].ht_capab &
5078 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET))
5080 nl80211_set_ht40_mode(&results->modes[m], start, end);
5085 static void nl80211_reg_rule_sec(struct nlattr *tb[],
5086 struct phy_info_arg *results)
5088 u32 start, end, max_bw;
5091 if (tb[NL80211_ATTR_FREQ_RANGE_START] == NULL ||
5092 tb[NL80211_ATTR_FREQ_RANGE_END] == NULL ||
5093 tb[NL80211_ATTR_FREQ_RANGE_MAX_BW] == NULL)
5096 start = nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_START]) / 1000;
5097 end = nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_END]) / 1000;
5098 max_bw = nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_MAX_BW]) / 1000;
5103 for (m = 0; m < *results->num_modes; m++) {
5104 if (!(results->modes[m].ht_capab &
5105 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET))
5107 nl80211_set_ht40_mode_sec(&results->modes[m], start, end);
5112 static int nl80211_get_reg(struct nl_msg *msg, void *arg)
5114 struct phy_info_arg *results = arg;
5115 struct nlattr *tb_msg[NL80211_ATTR_MAX + 1];
5116 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
5117 struct nlattr *nl_rule;
5118 struct nlattr *tb_rule[NL80211_FREQUENCY_ATTR_MAX + 1];
5120 static struct nla_policy reg_policy[NL80211_FREQUENCY_ATTR_MAX + 1] = {
5121 [NL80211_ATTR_REG_RULE_FLAGS] = { .type = NLA_U32 },
5122 [NL80211_ATTR_FREQ_RANGE_START] = { .type = NLA_U32 },
5123 [NL80211_ATTR_FREQ_RANGE_END] = { .type = NLA_U32 },
5124 [NL80211_ATTR_FREQ_RANGE_MAX_BW] = { .type = NLA_U32 },
5125 [NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN] = { .type = NLA_U32 },
5126 [NL80211_ATTR_POWER_RULE_MAX_EIRP] = { .type = NLA_U32 },
5129 nla_parse(tb_msg, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
5130 genlmsg_attrlen(gnlh, 0), NULL);
5131 if (!tb_msg[NL80211_ATTR_REG_ALPHA2] ||
5132 !tb_msg[NL80211_ATTR_REG_RULES]) {
5133 wpa_printf(MSG_DEBUG, "nl80211: No regulatory information "
5138 wpa_printf(MSG_DEBUG, "nl80211: Regulatory information - country=%s",
5139 (char *) nla_data(tb_msg[NL80211_ATTR_REG_ALPHA2]));
5141 nla_for_each_nested(nl_rule, tb_msg[NL80211_ATTR_REG_RULES], rem_rule)
5143 nla_parse(tb_rule, NL80211_FREQUENCY_ATTR_MAX,
5144 nla_data(nl_rule), nla_len(nl_rule), reg_policy);
5145 nl80211_reg_rule_ht40(tb_rule, results);
5148 nla_for_each_nested(nl_rule, tb_msg[NL80211_ATTR_REG_RULES], rem_rule)
5150 nla_parse(tb_rule, NL80211_FREQUENCY_ATTR_MAX,
5151 nla_data(nl_rule), nla_len(nl_rule), reg_policy);
5152 nl80211_reg_rule_sec(tb_rule, results);
5159 static int nl80211_set_ht40_flags(struct wpa_driver_nl80211_data *drv,
5160 struct phy_info_arg *results)
5164 msg = nlmsg_alloc();
5168 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_REG);
5169 return send_and_recv_msgs(drv, msg, nl80211_get_reg, results);
5173 static struct hostapd_hw_modes *
5174 wpa_driver_nl80211_get_hw_feature_data(void *priv, u16 *num_modes, u16 *flags)
5176 struct i802_bss *bss = priv;
5177 struct wpa_driver_nl80211_data *drv = bss->drv;
5179 struct phy_info_arg result = {
5180 .num_modes = num_modes,
5187 msg = nlmsg_alloc();
5191 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_WIPHY);
5193 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
5195 if (send_and_recv_msgs(drv, msg, phy_info_handler, &result) == 0) {
5196 nl80211_set_ht40_flags(drv, &result);
5197 return wpa_driver_nl80211_add_11b(result.modes, num_modes);
5206 static int wpa_driver_nl80211_send_mntr(struct wpa_driver_nl80211_data *drv,
5207 const void *data, size_t len,
5208 int encrypt, int noack)
5211 0x00, 0x00, /* radiotap version */
5212 0x0e, 0x00, /* radiotap length */
5213 0x02, 0xc0, 0x00, 0x00, /* bmap: flags, tx and rx flags */
5214 IEEE80211_RADIOTAP_F_FRAG, /* F_FRAG (fragment if required) */
5216 0x00, 0x00, /* RX and TX flags to indicate that */
5217 0x00, 0x00, /* this is the injected frame directly */
5219 struct iovec iov[2] = {
5221 .iov_base = &rtap_hdr,
5222 .iov_len = sizeof(rtap_hdr),
5225 .iov_base = (void *) data,
5229 struct msghdr msg = {
5234 .msg_control = NULL,
5235 .msg_controllen = 0,
5242 rtap_hdr[8] |= IEEE80211_RADIOTAP_F_WEP;
5244 if (drv->monitor_sock < 0) {
5245 wpa_printf(MSG_DEBUG, "nl80211: No monitor socket available "
5246 "for %s", __func__);
5251 txflags |= IEEE80211_RADIOTAP_F_TX_NOACK;
5252 *(le16 *) &rtap_hdr[12] = host_to_le16(txflags);
5254 res = sendmsg(drv->monitor_sock, &msg, 0);
5256 wpa_printf(MSG_INFO, "nl80211: sendmsg: %s", strerror(errno));
5263 static int wpa_driver_nl80211_send_frame(struct i802_bss *bss,
5264 const void *data, size_t len,
5265 int encrypt, int noack,
5266 unsigned int freq, int no_cck,
5267 int offchanok, unsigned int wait_time)
5269 struct wpa_driver_nl80211_data *drv = bss->drv;
5275 if (drv->use_monitor)
5276 return wpa_driver_nl80211_send_mntr(drv, data, len,
5279 return nl80211_send_frame_cmd(bss, freq, wait_time, data, len,
5280 &cookie, no_cck, noack, offchanok);
5284 static int wpa_driver_nl80211_send_mlme_freq(struct i802_bss *bss,
5286 size_t data_len, int noack,
5287 unsigned int freq, int no_cck,
5289 unsigned int wait_time)
5291 struct wpa_driver_nl80211_data *drv = bss->drv;
5292 struct ieee80211_mgmt *mgmt;
5296 mgmt = (struct ieee80211_mgmt *) data;
5297 fc = le_to_host16(mgmt->frame_control);
5299 if (is_sta_interface(drv->nlmode) &&
5300 WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT &&
5301 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_PROBE_RESP) {
5303 * The use of last_mgmt_freq is a bit of a hack,
5304 * but it works due to the single-threaded nature
5305 * of wpa_supplicant.
5308 freq = drv->last_mgmt_freq;
5309 return nl80211_send_frame_cmd(bss, freq, 0,
5310 data, data_len, NULL, 1, noack,
5314 if (drv->device_ap_sme && is_ap_interface(drv->nlmode)) {
5317 return nl80211_send_frame_cmd(bss, freq,
5318 (int) freq == bss->freq ? 0 :
5321 &drv->send_action_cookie,
5322 no_cck, noack, offchanok);
5325 if (WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT &&
5326 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_AUTH) {
5328 * Only one of the authentication frame types is encrypted.
5329 * In order for static WEP encryption to work properly (i.e.,
5330 * to not encrypt the frame), we need to tell mac80211 about
5331 * the frames that must not be encrypted.
5333 u16 auth_alg = le_to_host16(mgmt->u.auth.auth_alg);
5334 u16 auth_trans = le_to_host16(mgmt->u.auth.auth_transaction);
5335 if (auth_alg != WLAN_AUTH_SHARED_KEY || auth_trans != 3)
5339 return wpa_driver_nl80211_send_frame(bss, data, data_len, encrypt,
5340 noack, freq, no_cck, offchanok,
5345 static int wpa_driver_nl80211_send_mlme(void *priv, const u8 *data,
5346 size_t data_len, int noack)
5348 struct i802_bss *bss = priv;
5349 return wpa_driver_nl80211_send_mlme_freq(bss, data, data_len, noack,
5354 static int nl80211_set_bss(struct i802_bss *bss, int cts, int preamble,
5355 int slot, int ht_opmode, int ap_isolate,
5358 struct wpa_driver_nl80211_data *drv = bss->drv;
5361 msg = nlmsg_alloc();
5365 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_BSS);
5368 NLA_PUT_U8(msg, NL80211_ATTR_BSS_CTS_PROT, cts);
5370 NLA_PUT_U8(msg, NL80211_ATTR_BSS_SHORT_PREAMBLE, preamble);
5372 NLA_PUT_U8(msg, NL80211_ATTR_BSS_SHORT_SLOT_TIME, slot);
5374 NLA_PUT_U16(msg, NL80211_ATTR_BSS_HT_OPMODE, ht_opmode);
5375 if (ap_isolate >= 0)
5376 NLA_PUT_U8(msg, NL80211_ATTR_AP_ISOLATE, ap_isolate);
5379 u8 rates[NL80211_MAX_SUPP_RATES];
5383 for (i = 0; i < NL80211_MAX_SUPP_RATES && basic_rates[i] >= 0;
5385 rates[rates_len++] = basic_rates[i] / 5;
5387 NLA_PUT(msg, NL80211_ATTR_BSS_BASIC_RATES, rates_len, rates);
5390 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(bss->ifname));
5392 return send_and_recv_msgs(drv, msg, NULL, NULL);
5399 static int wpa_driver_nl80211_set_ap(void *priv,
5400 struct wpa_driver_ap_params *params)
5402 struct i802_bss *bss = priv;
5403 struct wpa_driver_nl80211_data *drv = bss->drv;
5405 u8 cmd = NL80211_CMD_NEW_BEACON;
5408 int ifindex = if_nametoindex(bss->ifname);
5413 beacon_set = bss->beacon_set;
5415 msg = nlmsg_alloc();
5419 wpa_printf(MSG_DEBUG, "nl80211: Set beacon (beacon_set=%d)",
5422 cmd = NL80211_CMD_SET_BEACON;
5424 nl80211_cmd(drv, msg, 0, cmd);
5425 NLA_PUT(msg, NL80211_ATTR_BEACON_HEAD, params->head_len, params->head);
5426 NLA_PUT(msg, NL80211_ATTR_BEACON_TAIL, params->tail_len, params->tail);
5427 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifindex);
5428 NLA_PUT_U32(msg, NL80211_ATTR_BEACON_INTERVAL, params->beacon_int);
5429 NLA_PUT_U32(msg, NL80211_ATTR_DTIM_PERIOD, params->dtim_period);
5430 NLA_PUT(msg, NL80211_ATTR_SSID, params->ssid_len,
5432 if (params->proberesp && params->proberesp_len)
5433 NLA_PUT(msg, NL80211_ATTR_PROBE_RESP, params->proberesp_len,
5435 switch (params->hide_ssid) {
5436 case NO_SSID_HIDING:
5437 NLA_PUT_U32(msg, NL80211_ATTR_HIDDEN_SSID,
5438 NL80211_HIDDEN_SSID_NOT_IN_USE);
5440 case HIDDEN_SSID_ZERO_LEN:
5441 NLA_PUT_U32(msg, NL80211_ATTR_HIDDEN_SSID,
5442 NL80211_HIDDEN_SSID_ZERO_LEN);
5444 case HIDDEN_SSID_ZERO_CONTENTS:
5445 NLA_PUT_U32(msg, NL80211_ATTR_HIDDEN_SSID,
5446 NL80211_HIDDEN_SSID_ZERO_CONTENTS);
5449 if (params->privacy)
5450 NLA_PUT_FLAG(msg, NL80211_ATTR_PRIVACY);
5451 if ((params->auth_algs & (WPA_AUTH_ALG_OPEN | WPA_AUTH_ALG_SHARED)) ==
5452 (WPA_AUTH_ALG_OPEN | WPA_AUTH_ALG_SHARED)) {
5453 /* Leave out the attribute */
5454 } else if (params->auth_algs & WPA_AUTH_ALG_SHARED)
5455 NLA_PUT_U32(msg, NL80211_ATTR_AUTH_TYPE,
5456 NL80211_AUTHTYPE_SHARED_KEY);
5458 NLA_PUT_U32(msg, NL80211_ATTR_AUTH_TYPE,
5459 NL80211_AUTHTYPE_OPEN_SYSTEM);
5462 if (params->wpa_version & WPA_PROTO_WPA)
5463 ver |= NL80211_WPA_VERSION_1;
5464 if (params->wpa_version & WPA_PROTO_RSN)
5465 ver |= NL80211_WPA_VERSION_2;
5467 NLA_PUT_U32(msg, NL80211_ATTR_WPA_VERSIONS, ver);
5470 if (params->key_mgmt_suites & WPA_KEY_MGMT_IEEE8021X)
5471 suites[num_suites++] = WLAN_AKM_SUITE_8021X;
5472 if (params->key_mgmt_suites & WPA_KEY_MGMT_PSK)
5473 suites[num_suites++] = WLAN_AKM_SUITE_PSK;
5475 NLA_PUT(msg, NL80211_ATTR_AKM_SUITES,
5476 num_suites * sizeof(u32), suites);
5479 if (params->key_mgmt_suites & WPA_KEY_MGMT_IEEE8021X &&
5480 params->pairwise_ciphers & (WPA_CIPHER_WEP104 | WPA_CIPHER_WEP40))
5481 NLA_PUT_FLAG(msg, NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT);
5484 if (params->pairwise_ciphers & WPA_CIPHER_CCMP)
5485 suites[num_suites++] = WLAN_CIPHER_SUITE_CCMP;
5486 if (params->pairwise_ciphers & WPA_CIPHER_GCMP)
5487 suites[num_suites++] = WLAN_CIPHER_SUITE_GCMP;
5488 if (params->pairwise_ciphers & WPA_CIPHER_TKIP)
5489 suites[num_suites++] = WLAN_CIPHER_SUITE_TKIP;
5490 if (params->pairwise_ciphers & WPA_CIPHER_WEP104)
5491 suites[num_suites++] = WLAN_CIPHER_SUITE_WEP104;
5492 if (params->pairwise_ciphers & WPA_CIPHER_WEP40)
5493 suites[num_suites++] = WLAN_CIPHER_SUITE_WEP40;
5495 NLA_PUT(msg, NL80211_ATTR_CIPHER_SUITES_PAIRWISE,
5496 num_suites * sizeof(u32), suites);
5499 switch (params->group_cipher) {
5500 case WPA_CIPHER_CCMP:
5501 NLA_PUT_U32(msg, NL80211_ATTR_CIPHER_SUITE_GROUP,
5502 WLAN_CIPHER_SUITE_CCMP);
5504 case WPA_CIPHER_GCMP:
5505 NLA_PUT_U32(msg, NL80211_ATTR_CIPHER_SUITE_GROUP,
5506 WLAN_CIPHER_SUITE_GCMP);
5508 case WPA_CIPHER_TKIP:
5509 NLA_PUT_U32(msg, NL80211_ATTR_CIPHER_SUITE_GROUP,
5510 WLAN_CIPHER_SUITE_TKIP);
5512 case WPA_CIPHER_WEP104:
5513 NLA_PUT_U32(msg, NL80211_ATTR_CIPHER_SUITE_GROUP,
5514 WLAN_CIPHER_SUITE_WEP104);
5516 case WPA_CIPHER_WEP40:
5517 NLA_PUT_U32(msg, NL80211_ATTR_CIPHER_SUITE_GROUP,
5518 WLAN_CIPHER_SUITE_WEP40);
5522 if (params->beacon_ies) {
5523 NLA_PUT(msg, NL80211_ATTR_IE, wpabuf_len(params->beacon_ies),
5524 wpabuf_head(params->beacon_ies));
5526 if (params->proberesp_ies) {
5527 NLA_PUT(msg, NL80211_ATTR_IE_PROBE_RESP,
5528 wpabuf_len(params->proberesp_ies),
5529 wpabuf_head(params->proberesp_ies));
5531 if (params->assocresp_ies) {
5532 NLA_PUT(msg, NL80211_ATTR_IE_ASSOC_RESP,
5533 wpabuf_len(params->assocresp_ies),
5534 wpabuf_head(params->assocresp_ies));
5537 if (drv->capa.flags & WPA_DRIVER_FLAGS_INACTIVITY_TIMER) {
5538 NLA_PUT_U16(msg, NL80211_ATTR_INACTIVITY_TIMEOUT,
5539 params->ap_max_inactivity);
5542 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
5544 wpa_printf(MSG_DEBUG, "nl80211: Beacon set failed: %d (%s)",
5545 ret, strerror(-ret));
5547 bss->beacon_set = 1;
5548 nl80211_set_bss(bss, params->cts_protect, params->preamble,
5549 params->short_slot_time, params->ht_opmode,
5550 params->isolate, params->basic_rates);
5559 static int wpa_driver_nl80211_set_freq(struct i802_bss *bss,
5560 int freq, int ht_enabled,
5561 int sec_channel_offset)
5563 struct wpa_driver_nl80211_data *drv = bss->drv;
5567 wpa_printf(MSG_DEBUG, "nl80211: Set freq %d (ht_enabled=%d "
5568 "sec_channel_offset=%d)",
5569 freq, ht_enabled, sec_channel_offset);
5570 msg = nlmsg_alloc();
5574 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_WIPHY);
5576 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
5577 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, freq);
5579 switch (sec_channel_offset) {
5581 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE,
5582 NL80211_CHAN_HT40MINUS);
5585 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE,
5586 NL80211_CHAN_HT40PLUS);
5589 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE,
5595 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
5601 wpa_printf(MSG_DEBUG, "nl80211: Failed to set channel (freq=%d): "
5602 "%d (%s)", freq, ret, strerror(-ret));
5609 static u32 sta_flags_nl80211(int flags)
5613 if (flags & WPA_STA_AUTHORIZED)
5614 f |= BIT(NL80211_STA_FLAG_AUTHORIZED);
5615 if (flags & WPA_STA_WMM)
5616 f |= BIT(NL80211_STA_FLAG_WME);
5617 if (flags & WPA_STA_SHORT_PREAMBLE)
5618 f |= BIT(NL80211_STA_FLAG_SHORT_PREAMBLE);
5619 if (flags & WPA_STA_MFP)
5620 f |= BIT(NL80211_STA_FLAG_MFP);
5621 if (flags & WPA_STA_TDLS_PEER)
5622 f |= BIT(NL80211_STA_FLAG_TDLS_PEER);
5628 static int wpa_driver_nl80211_sta_add(void *priv,
5629 struct hostapd_sta_add_params *params)
5631 struct i802_bss *bss = priv;
5632 struct wpa_driver_nl80211_data *drv = bss->drv;
5633 struct nl_msg *msg, *wme = NULL;
5634 struct nl80211_sta_flag_update upd;
5637 if ((params->flags & WPA_STA_TDLS_PEER) &&
5638 !(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT))
5641 msg = nlmsg_alloc();
5645 nl80211_cmd(drv, msg, 0, params->set ? NL80211_CMD_SET_STATION :
5646 NL80211_CMD_NEW_STATION);
5648 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(bss->ifname));
5649 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, params->addr);
5650 NLA_PUT(msg, NL80211_ATTR_STA_SUPPORTED_RATES, params->supp_rates_len,
5651 params->supp_rates);
5653 NLA_PUT_U16(msg, NL80211_ATTR_STA_AID, params->aid);
5654 NLA_PUT_U16(msg, NL80211_ATTR_STA_LISTEN_INTERVAL,
5655 params->listen_interval);
5657 if (params->ht_capabilities) {
5658 NLA_PUT(msg, NL80211_ATTR_HT_CAPABILITY,
5659 sizeof(*params->ht_capabilities),
5660 params->ht_capabilities);
5663 os_memset(&upd, 0, sizeof(upd));
5664 upd.mask = sta_flags_nl80211(params->flags);
5666 NLA_PUT(msg, NL80211_ATTR_STA_FLAGS2, sizeof(upd), &upd);
5668 if (params->flags & WPA_STA_WMM) {
5669 wme = nlmsg_alloc();
5671 goto nla_put_failure;
5673 NLA_PUT_U8(wme, NL80211_STA_WME_UAPSD_QUEUES,
5674 params->qosinfo & WMM_QOSINFO_STA_AC_MASK);
5675 NLA_PUT_U8(wme, NL80211_STA_WME_MAX_SP,
5676 (params->qosinfo > WMM_QOSINFO_STA_SP_SHIFT) &
5677 WMM_QOSINFO_STA_SP_MASK);
5678 if (nla_put_nested(msg, NL80211_ATTR_STA_WME, wme) < 0)
5679 goto nla_put_failure;
5682 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
5685 wpa_printf(MSG_DEBUG, "nl80211: NL80211_CMD_%s_STATION "
5686 "result: %d (%s)", params->set ? "SET" : "NEW", ret,
5697 static int wpa_driver_nl80211_sta_remove(void *priv, const u8 *addr)
5699 struct i802_bss *bss = priv;
5700 struct wpa_driver_nl80211_data *drv = bss->drv;
5704 msg = nlmsg_alloc();
5708 nl80211_cmd(drv, msg, 0, NL80211_CMD_DEL_STATION);
5710 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
5711 if_nametoindex(bss->ifname));
5712 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
5714 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
5724 static void nl80211_remove_iface(struct wpa_driver_nl80211_data *drv,
5729 wpa_printf(MSG_DEBUG, "nl80211: Remove interface ifindex=%d", ifidx);
5731 /* stop listening for EAPOL on this interface */
5732 del_ifidx(drv, ifidx);
5734 msg = nlmsg_alloc();
5736 goto nla_put_failure;
5738 nl80211_cmd(drv, msg, 0, NL80211_CMD_DEL_INTERFACE);
5739 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifidx);
5741 if (send_and_recv_msgs(drv, msg, NULL, NULL) == 0)
5746 wpa_printf(MSG_ERROR, "Failed to remove interface (ifidx=%d)", ifidx);
5750 static const char * nl80211_iftype_str(enum nl80211_iftype mode)
5753 case NL80211_IFTYPE_ADHOC:
5755 case NL80211_IFTYPE_STATION:
5757 case NL80211_IFTYPE_AP:
5759 case NL80211_IFTYPE_MONITOR:
5761 case NL80211_IFTYPE_P2P_CLIENT:
5762 return "P2P_CLIENT";
5763 case NL80211_IFTYPE_P2P_GO:
5771 static int nl80211_create_iface_once(struct wpa_driver_nl80211_data *drv,
5773 enum nl80211_iftype iftype,
5774 const u8 *addr, int wds)
5776 struct nl_msg *msg, *flags = NULL;
5780 wpa_printf(MSG_DEBUG, "nl80211: Create interface iftype %d (%s)",
5781 iftype, nl80211_iftype_str(iftype));
5783 msg = nlmsg_alloc();
5787 nl80211_cmd(drv, msg, 0, NL80211_CMD_NEW_INTERFACE);
5788 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
5789 NLA_PUT_STRING(msg, NL80211_ATTR_IFNAME, ifname);
5790 NLA_PUT_U32(msg, NL80211_ATTR_IFTYPE, iftype);
5792 if (iftype == NL80211_IFTYPE_MONITOR) {
5795 flags = nlmsg_alloc();
5797 goto nla_put_failure;
5799 NLA_PUT_FLAG(flags, NL80211_MNTR_FLAG_COOK_FRAMES);
5801 err = nla_put_nested(msg, NL80211_ATTR_MNTR_FLAGS, flags);
5806 goto nla_put_failure;
5808 NLA_PUT_U8(msg, NL80211_ATTR_4ADDR, wds);
5811 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
5816 wpa_printf(MSG_ERROR, "Failed to create interface %s: %d (%s)",
5817 ifname, ret, strerror(-ret));
5821 ifidx = if_nametoindex(ifname);
5822 wpa_printf(MSG_DEBUG, "nl80211: New interface %s created: ifindex=%d",
5828 /* start listening for EAPOL on this interface */
5829 add_ifidx(drv, ifidx);
5831 if (addr && iftype != NL80211_IFTYPE_MONITOR &&
5832 linux_set_ifhwaddr(drv->global->ioctl_sock, ifname, addr)) {
5833 nl80211_remove_iface(drv, ifidx);
5841 static int nl80211_create_iface(struct wpa_driver_nl80211_data *drv,
5842 const char *ifname, enum nl80211_iftype iftype,
5843 const u8 *addr, int wds)
5847 ret = nl80211_create_iface_once(drv, ifname, iftype, addr, wds);
5849 /* if error occurred and interface exists already */
5850 if (ret == -ENFILE && if_nametoindex(ifname)) {
5851 wpa_printf(MSG_INFO, "Try to remove and re-create %s", ifname);
5853 /* Try to remove the interface that was already there. */
5854 nl80211_remove_iface(drv, if_nametoindex(ifname));
5856 /* Try to create the interface again */
5857 ret = nl80211_create_iface_once(drv, ifname, iftype, addr,
5861 if (ret >= 0 && is_p2p_interface(iftype))
5862 nl80211_disable_11b_rates(drv, ret, 1);
5868 static void handle_tx_callback(void *ctx, u8 *buf, size_t len, int ok)
5870 struct ieee80211_hdr *hdr;
5872 union wpa_event_data event;
5874 hdr = (struct ieee80211_hdr *) buf;
5875 fc = le_to_host16(hdr->frame_control);
5877 os_memset(&event, 0, sizeof(event));
5878 event.tx_status.type = WLAN_FC_GET_TYPE(fc);
5879 event.tx_status.stype = WLAN_FC_GET_STYPE(fc);
5880 event.tx_status.dst = hdr->addr1;
5881 event.tx_status.data = buf;
5882 event.tx_status.data_len = len;
5883 event.tx_status.ack = ok;
5884 wpa_supplicant_event(ctx, EVENT_TX_STATUS, &event);
5888 static void from_unknown_sta(struct wpa_driver_nl80211_data *drv,
5889 u8 *buf, size_t len)
5891 struct ieee80211_hdr *hdr = (void *)buf;
5893 union wpa_event_data event;
5895 if (len < sizeof(*hdr))
5898 fc = le_to_host16(hdr->frame_control);
5900 os_memset(&event, 0, sizeof(event));
5901 event.rx_from_unknown.bssid = get_hdr_bssid(hdr, len);
5902 event.rx_from_unknown.addr = hdr->addr2;
5903 event.rx_from_unknown.wds = (fc & (WLAN_FC_FROMDS | WLAN_FC_TODS)) ==
5904 (WLAN_FC_FROMDS | WLAN_FC_TODS);
5905 wpa_supplicant_event(drv->ctx, EVENT_RX_FROM_UNKNOWN, &event);
5909 static void handle_frame(struct wpa_driver_nl80211_data *drv,
5910 u8 *buf, size_t len, int datarate, int ssi_signal)
5912 struct ieee80211_hdr *hdr;
5914 union wpa_event_data event;
5916 hdr = (struct ieee80211_hdr *) buf;
5917 fc = le_to_host16(hdr->frame_control);
5919 switch (WLAN_FC_GET_TYPE(fc)) {
5920 case WLAN_FC_TYPE_MGMT:
5921 os_memset(&event, 0, sizeof(event));
5922 event.rx_mgmt.frame = buf;
5923 event.rx_mgmt.frame_len = len;
5924 event.rx_mgmt.datarate = datarate;
5925 event.rx_mgmt.ssi_signal = ssi_signal;
5926 wpa_supplicant_event(drv->ctx, EVENT_RX_MGMT, &event);
5928 case WLAN_FC_TYPE_CTRL:
5929 /* can only get here with PS-Poll frames */
5930 wpa_printf(MSG_DEBUG, "CTRL");
5931 from_unknown_sta(drv, buf, len);
5933 case WLAN_FC_TYPE_DATA:
5934 from_unknown_sta(drv, buf, len);
5940 static void handle_monitor_read(int sock, void *eloop_ctx, void *sock_ctx)
5942 struct wpa_driver_nl80211_data *drv = eloop_ctx;
5944 unsigned char buf[3000];
5945 struct ieee80211_radiotap_iterator iter;
5947 int datarate = 0, ssi_signal = 0;
5948 int injected = 0, failed = 0, rxflags = 0;
5950 len = recv(sock, buf, sizeof(buf), 0);
5956 if (ieee80211_radiotap_iterator_init(&iter, (void*)buf, len)) {
5957 printf("received invalid radiotap frame\n");
5962 ret = ieee80211_radiotap_iterator_next(&iter);
5966 printf("received invalid radiotap frame (%d)\n", ret);
5969 switch (iter.this_arg_index) {
5970 case IEEE80211_RADIOTAP_FLAGS:
5971 if (*iter.this_arg & IEEE80211_RADIOTAP_F_FCS)
5974 case IEEE80211_RADIOTAP_RX_FLAGS:
5977 case IEEE80211_RADIOTAP_TX_FLAGS:
5979 failed = le_to_host16((*(uint16_t *) iter.this_arg)) &
5980 IEEE80211_RADIOTAP_F_TX_FAIL;
5982 case IEEE80211_RADIOTAP_DATA_RETRIES:
5984 case IEEE80211_RADIOTAP_CHANNEL:
5985 /* TODO: convert from freq/flags to channel number */
5987 case IEEE80211_RADIOTAP_RATE:
5988 datarate = *iter.this_arg * 5;
5990 case IEEE80211_RADIOTAP_DBM_ANTSIGNAL:
5991 ssi_signal = (s8) *iter.this_arg;
5996 if (rxflags && injected)
6000 handle_frame(drv, buf + iter.max_length,
6001 len - iter.max_length, datarate, ssi_signal);
6003 handle_tx_callback(drv->ctx, buf + iter.max_length,
6004 len - iter.max_length, !failed);
6009 * we post-process the filter code later and rewrite
6010 * this to the offset to the last instruction
6015 static struct sock_filter msock_filter_insns[] = {
6017 * do a little-endian load of the radiotap length field
6019 /* load lower byte into A */
6020 BPF_STMT(BPF_LD | BPF_B | BPF_ABS, 2),
6021 /* put it into X (== index register) */
6022 BPF_STMT(BPF_MISC| BPF_TAX, 0),
6023 /* load upper byte into A */
6024 BPF_STMT(BPF_LD | BPF_B | BPF_ABS, 3),
6025 /* left-shift it by 8 */
6026 BPF_STMT(BPF_ALU | BPF_LSH | BPF_K, 8),
6028 BPF_STMT(BPF_ALU | BPF_OR | BPF_X, 0),
6029 /* put result into X */
6030 BPF_STMT(BPF_MISC| BPF_TAX, 0),
6033 * Allow management frames through, this also gives us those
6034 * management frames that we sent ourselves with status
6036 /* load the lower byte of the IEEE 802.11 frame control field */
6037 BPF_STMT(BPF_LD | BPF_B | BPF_IND, 0),
6038 /* mask off frame type and version */
6039 BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0xF),
6040 /* accept frame if it's both 0, fall through otherwise */
6041 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 0, PASS, 0),
6044 * TODO: add a bit to radiotap RX flags that indicates
6045 * that the sending station is not associated, then
6046 * add a filter here that filters on our DA and that flag
6047 * to allow us to deauth frames to that bad station.
6049 * For now allow all To DS data frames through.
6051 /* load the IEEE 802.11 frame control field */
6052 BPF_STMT(BPF_LD | BPF_H | BPF_IND, 0),
6053 /* mask off frame type, version and DS status */
6054 BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0x0F03),
6055 /* accept frame if version 0, type 2 and To DS, fall through otherwise
6057 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 0x0801, PASS, 0),
6061 * drop non-data frames
6063 /* load the lower byte of the frame control field */
6064 BPF_STMT(BPF_LD | BPF_B | BPF_IND, 0),
6065 /* mask off QoS bit */
6066 BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0x0c),
6067 /* drop non-data frames */
6068 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 8, 0, FAIL),
6070 /* load the upper byte of the frame control field */
6071 BPF_STMT(BPF_LD | BPF_B | BPF_IND, 1),
6072 /* mask off toDS/fromDS */
6073 BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0x03),
6074 /* accept WDS frames */
6075 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 3, PASS, 0),
6078 * add header length to index
6080 /* load the lower byte of the frame control field */
6081 BPF_STMT(BPF_LD | BPF_B | BPF_IND, 0),
6082 /* mask off QoS bit */
6083 BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0x80),
6084 /* right shift it by 6 to give 0 or 2 */
6085 BPF_STMT(BPF_ALU | BPF_RSH | BPF_K, 6),
6086 /* add data frame header length */
6087 BPF_STMT(BPF_ALU | BPF_ADD | BPF_K, 24),
6088 /* add index, was start of 802.11 header */
6089 BPF_STMT(BPF_ALU | BPF_ADD | BPF_X, 0),
6090 /* move to index, now start of LL header */
6091 BPF_STMT(BPF_MISC | BPF_TAX, 0),
6094 * Accept empty data frames, we use those for
6097 BPF_STMT(BPF_LD | BPF_W | BPF_LEN, 0),
6098 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_X, 0, PASS, 0),
6101 * Accept EAPOL frames
6103 BPF_STMT(BPF_LD | BPF_W | BPF_IND, 0),
6104 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 0xAAAA0300, 0, FAIL),
6105 BPF_STMT(BPF_LD | BPF_W | BPF_IND, 4),
6106 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 0x0000888E, PASS, FAIL),
6108 /* keep these last two statements or change the code below */
6109 /* return 0 == "DROP" */
6110 BPF_STMT(BPF_RET | BPF_K, 0),
6111 /* return ~0 == "keep all" */
6112 BPF_STMT(BPF_RET | BPF_K, ~0),
6115 static struct sock_fprog msock_filter = {
6116 .len = sizeof(msock_filter_insns)/sizeof(msock_filter_insns[0]),
6117 .filter = msock_filter_insns,
6121 static int add_monitor_filter(int s)
6125 /* rewrite all PASS/FAIL jump offsets */
6126 for (idx = 0; idx < msock_filter.len; idx++) {
6127 struct sock_filter *insn = &msock_filter_insns[idx];
6129 if (BPF_CLASS(insn->code) == BPF_JMP) {
6130 if (insn->code == (BPF_JMP|BPF_JA)) {
6131 if (insn->k == PASS)
6132 insn->k = msock_filter.len - idx - 2;
6133 else if (insn->k == FAIL)
6134 insn->k = msock_filter.len - idx - 3;
6137 if (insn->jt == PASS)
6138 insn->jt = msock_filter.len - idx - 2;
6139 else if (insn->jt == FAIL)
6140 insn->jt = msock_filter.len - idx - 3;
6142 if (insn->jf == PASS)
6143 insn->jf = msock_filter.len - idx - 2;
6144 else if (insn->jf == FAIL)
6145 insn->jf = msock_filter.len - idx - 3;
6149 if (setsockopt(s, SOL_SOCKET, SO_ATTACH_FILTER,
6150 &msock_filter, sizeof(msock_filter))) {
6151 perror("SO_ATTACH_FILTER");
6159 static void nl80211_remove_monitor_interface(
6160 struct wpa_driver_nl80211_data *drv)
6162 drv->monitor_refcount--;
6163 if (drv->monitor_refcount > 0)
6166 if (drv->monitor_ifidx >= 0) {
6167 nl80211_remove_iface(drv, drv->monitor_ifidx);
6168 drv->monitor_ifidx = -1;
6170 if (drv->monitor_sock >= 0) {
6171 eloop_unregister_read_sock(drv->monitor_sock);
6172 close(drv->monitor_sock);
6173 drv->monitor_sock = -1;
6179 nl80211_create_monitor_interface(struct wpa_driver_nl80211_data *drv)
6182 struct sockaddr_ll ll;
6186 if (drv->monitor_ifidx >= 0) {
6187 drv->monitor_refcount++;
6191 if (os_strncmp(drv->first_bss.ifname, "p2p-", 4) == 0) {
6193 * P2P interface name is of the format p2p-%s-%d. For monitor
6194 * interface name corresponding to P2P GO, replace "p2p-" with
6195 * "mon-" to retain the same interface name length and to
6196 * indicate that it is a monitor interface.
6198 snprintf(buf, IFNAMSIZ, "mon-%s", drv->first_bss.ifname + 4);
6200 /* Non-P2P interface with AP functionality. */
6201 snprintf(buf, IFNAMSIZ, "mon.%s", drv->first_bss.ifname);
6204 buf[IFNAMSIZ - 1] = '\0';
6206 drv->monitor_ifidx =
6207 nl80211_create_iface(drv, buf, NL80211_IFTYPE_MONITOR, NULL,
6210 if (drv->monitor_ifidx == -EOPNOTSUPP) {
6212 * This is backward compatibility for a few versions of
6213 * the kernel only that didn't advertise the right
6214 * attributes for the only driver that then supported
6215 * AP mode w/o monitor -- ath6kl.
6217 wpa_printf(MSG_DEBUG, "nl80211: Driver does not support "
6218 "monitor interface type - try to run without it");
6219 drv->device_ap_sme = 1;
6222 if (drv->monitor_ifidx < 0)
6225 if (linux_set_iface_flags(drv->global->ioctl_sock, buf, 1))
6228 memset(&ll, 0, sizeof(ll));
6229 ll.sll_family = AF_PACKET;
6230 ll.sll_ifindex = drv->monitor_ifidx;
6231 drv->monitor_sock = socket(PF_PACKET, SOCK_RAW, htons(ETH_P_ALL));
6232 if (drv->monitor_sock < 0) {
6233 perror("socket[PF_PACKET,SOCK_RAW]");
6237 if (add_monitor_filter(drv->monitor_sock)) {
6238 wpa_printf(MSG_INFO, "Failed to set socket filter for monitor "
6239 "interface; do filtering in user space");
6240 /* This works, but will cost in performance. */
6243 if (bind(drv->monitor_sock, (struct sockaddr *) &ll, sizeof(ll)) < 0) {
6244 perror("monitor socket bind");
6248 optlen = sizeof(optval);
6251 (drv->monitor_sock, SOL_SOCKET, SO_PRIORITY, &optval, optlen)) {
6252 perror("Failed to set socket priority");
6256 if (eloop_register_read_sock(drv->monitor_sock, handle_monitor_read,
6258 printf("Could not register monitor read socket\n");
6264 nl80211_remove_monitor_interface(drv);
6269 static int nl80211_setup_ap(struct i802_bss *bss)
6271 struct wpa_driver_nl80211_data *drv = bss->drv;
6273 wpa_printf(MSG_DEBUG, "nl80211: Setup AP - device_ap_sme=%d "
6274 "use_monitor=%d", drv->device_ap_sme, drv->use_monitor);
6277 * Disable Probe Request reporting unless we need it in this way for
6278 * devices that include the AP SME, in the other case (unless using
6279 * monitor iface) we'll get it through the nl_mgmt socket instead.
6281 if (!drv->device_ap_sme)
6282 wpa_driver_nl80211_probe_req_report(bss, 0);
6284 if (!drv->device_ap_sme && !drv->use_monitor)
6285 if (nl80211_mgmt_subscribe_ap(bss))
6288 if (drv->device_ap_sme && !drv->use_monitor)
6289 if (nl80211_mgmt_subscribe_ap_dev_sme(bss))
6292 if (!drv->device_ap_sme && drv->use_monitor &&
6293 nl80211_create_monitor_interface(drv) &&
6294 !drv->device_ap_sme)
6297 if (drv->device_ap_sme &&
6298 wpa_driver_nl80211_probe_req_report(bss, 1) < 0) {
6299 wpa_printf(MSG_DEBUG, "nl80211: Failed to enable "
6300 "Probe Request frame reporting in AP mode");
6301 /* Try to survive without this */
6308 static void nl80211_teardown_ap(struct i802_bss *bss)
6310 struct wpa_driver_nl80211_data *drv = bss->drv;
6312 if (drv->device_ap_sme) {
6313 wpa_driver_nl80211_probe_req_report(bss, 0);
6314 if (!drv->use_monitor)
6315 nl80211_mgmt_unsubscribe(bss, "AP teardown (dev SME)");
6316 } else if (drv->use_monitor)
6317 nl80211_remove_monitor_interface(drv);
6319 nl80211_mgmt_unsubscribe(bss, "AP teardown");
6321 bss->beacon_set = 0;
6325 static int nl80211_send_eapol_data(struct i802_bss *bss,
6326 const u8 *addr, const u8 *data,
6329 struct sockaddr_ll ll;
6332 if (bss->drv->eapol_tx_sock < 0) {
6333 wpa_printf(MSG_DEBUG, "nl80211: No socket to send EAPOL");
6337 os_memset(&ll, 0, sizeof(ll));
6338 ll.sll_family = AF_PACKET;
6339 ll.sll_ifindex = bss->ifindex;
6340 ll.sll_protocol = htons(ETH_P_PAE);
6341 ll.sll_halen = ETH_ALEN;
6342 os_memcpy(ll.sll_addr, addr, ETH_ALEN);
6343 ret = sendto(bss->drv->eapol_tx_sock, data, data_len, 0,
6344 (struct sockaddr *) &ll, sizeof(ll));
6346 wpa_printf(MSG_ERROR, "nl80211: EAPOL TX: %s",
6353 static const u8 rfc1042_header[6] = { 0xaa, 0xaa, 0x03, 0x00, 0x00, 0x00 };
6355 static int wpa_driver_nl80211_hapd_send_eapol(
6356 void *priv, const u8 *addr, const u8 *data,
6357 size_t data_len, int encrypt, const u8 *own_addr, u32 flags)
6359 struct i802_bss *bss = priv;
6360 struct wpa_driver_nl80211_data *drv = bss->drv;
6361 struct ieee80211_hdr *hdr;
6365 int qos = flags & WPA_STA_WMM;
6367 if (drv->device_ap_sme || !drv->use_monitor)
6368 return nl80211_send_eapol_data(bss, addr, data, data_len);
6370 len = sizeof(*hdr) + (qos ? 2 : 0) + sizeof(rfc1042_header) + 2 +
6372 hdr = os_zalloc(len);
6374 printf("malloc() failed for i802_send_data(len=%lu)\n",
6375 (unsigned long) len);
6379 hdr->frame_control =
6380 IEEE80211_FC(WLAN_FC_TYPE_DATA, WLAN_FC_STYPE_DATA);
6381 hdr->frame_control |= host_to_le16(WLAN_FC_FROMDS);
6383 hdr->frame_control |= host_to_le16(WLAN_FC_ISWEP);
6385 hdr->frame_control |=
6386 host_to_le16(WLAN_FC_STYPE_QOS_DATA << 4);
6389 memcpy(hdr->IEEE80211_DA_FROMDS, addr, ETH_ALEN);
6390 memcpy(hdr->IEEE80211_BSSID_FROMDS, own_addr, ETH_ALEN);
6391 memcpy(hdr->IEEE80211_SA_FROMDS, own_addr, ETH_ALEN);
6392 pos = (u8 *) (hdr + 1);
6395 /* Set highest priority in QoS header */
6401 memcpy(pos, rfc1042_header, sizeof(rfc1042_header));
6402 pos += sizeof(rfc1042_header);
6403 WPA_PUT_BE16(pos, ETH_P_PAE);
6405 memcpy(pos, data, data_len);
6407 res = wpa_driver_nl80211_send_frame(bss, (u8 *) hdr, len, encrypt, 0,
6410 wpa_printf(MSG_ERROR, "i802_send_eapol - packet len: %lu - "
6412 (unsigned long) len, errno, strerror(errno));
6420 static int wpa_driver_nl80211_sta_set_flags(void *priv, const u8 *addr,
6422 int flags_or, int flags_and)
6424 struct i802_bss *bss = priv;
6425 struct wpa_driver_nl80211_data *drv = bss->drv;
6426 struct nl_msg *msg, *flags = NULL;
6427 struct nl80211_sta_flag_update upd;
6429 msg = nlmsg_alloc();
6433 flags = nlmsg_alloc();
6439 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_STATION);
6441 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
6442 if_nametoindex(bss->ifname));
6443 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
6446 * Backwards compatibility version using NL80211_ATTR_STA_FLAGS. This
6447 * can be removed eventually.
6449 if (total_flags & WPA_STA_AUTHORIZED)
6450 NLA_PUT_FLAG(flags, NL80211_STA_FLAG_AUTHORIZED);
6452 if (total_flags & WPA_STA_WMM)
6453 NLA_PUT_FLAG(flags, NL80211_STA_FLAG_WME);
6455 if (total_flags & WPA_STA_SHORT_PREAMBLE)
6456 NLA_PUT_FLAG(flags, NL80211_STA_FLAG_SHORT_PREAMBLE);
6458 if (total_flags & WPA_STA_MFP)
6459 NLA_PUT_FLAG(flags, NL80211_STA_FLAG_MFP);
6461 if (total_flags & WPA_STA_TDLS_PEER)
6462 NLA_PUT_FLAG(flags, NL80211_STA_FLAG_TDLS_PEER);
6464 if (nla_put_nested(msg, NL80211_ATTR_STA_FLAGS, flags))
6465 goto nla_put_failure;
6467 os_memset(&upd, 0, sizeof(upd));
6468 upd.mask = sta_flags_nl80211(flags_or | ~flags_and);
6469 upd.set = sta_flags_nl80211(flags_or);
6470 NLA_PUT(msg, NL80211_ATTR_STA_FLAGS2, sizeof(upd), &upd);
6474 return send_and_recv_msgs(drv, msg, NULL, NULL);
6482 static int wpa_driver_nl80211_ap(struct wpa_driver_nl80211_data *drv,
6483 struct wpa_driver_associate_params *params)
6485 enum nl80211_iftype nlmode;
6488 wpa_printf(MSG_DEBUG, "nl80211: Setup AP operations for P2P "
6490 nlmode = NL80211_IFTYPE_P2P_GO;
6492 nlmode = NL80211_IFTYPE_AP;
6494 if (wpa_driver_nl80211_set_mode(&drv->first_bss, nlmode) ||
6495 wpa_driver_nl80211_set_freq(&drv->first_bss, params->freq, 0, 0)) {
6496 nl80211_remove_monitor_interface(drv);
6504 static int nl80211_leave_ibss(struct wpa_driver_nl80211_data *drv)
6509 msg = nlmsg_alloc();
6513 nl80211_cmd(drv, msg, 0, NL80211_CMD_LEAVE_IBSS);
6514 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
6515 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
6518 wpa_printf(MSG_DEBUG, "nl80211: Leave IBSS failed: ret=%d "
6519 "(%s)", ret, strerror(-ret));
6520 goto nla_put_failure;
6524 wpa_printf(MSG_DEBUG, "nl80211: Leave IBSS request sent successfully");
6532 static int wpa_driver_nl80211_ibss(struct wpa_driver_nl80211_data *drv,
6533 struct wpa_driver_associate_params *params)
6539 wpa_printf(MSG_DEBUG, "nl80211: Join IBSS (ifindex=%d)", drv->ifindex);
6541 if (wpa_driver_nl80211_set_mode(&drv->first_bss,
6542 NL80211_IFTYPE_ADHOC)) {
6543 wpa_printf(MSG_INFO, "nl80211: Failed to set interface into "
6549 msg = nlmsg_alloc();
6553 nl80211_cmd(drv, msg, 0, NL80211_CMD_JOIN_IBSS);
6554 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
6556 if (params->ssid == NULL || params->ssid_len > sizeof(drv->ssid))
6557 goto nla_put_failure;
6559 wpa_hexdump_ascii(MSG_DEBUG, " * SSID",
6560 params->ssid, params->ssid_len);
6561 NLA_PUT(msg, NL80211_ATTR_SSID, params->ssid_len,
6563 os_memcpy(drv->ssid, params->ssid, params->ssid_len);
6564 drv->ssid_len = params->ssid_len;
6566 wpa_printf(MSG_DEBUG, " * freq=%d", params->freq);
6567 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, params->freq);
6569 ret = nl80211_set_conn_keys(params, msg);
6571 goto nla_put_failure;
6573 if (params->bssid && params->fixed_bssid) {
6574 wpa_printf(MSG_DEBUG, " * BSSID=" MACSTR,
6575 MAC2STR(params->bssid));
6576 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid);
6579 if (params->key_mgmt_suite == KEY_MGMT_802_1X ||
6580 params->key_mgmt_suite == KEY_MGMT_PSK ||
6581 params->key_mgmt_suite == KEY_MGMT_802_1X_SHA256 ||
6582 params->key_mgmt_suite == KEY_MGMT_PSK_SHA256) {
6583 wpa_printf(MSG_DEBUG, " * control port");
6584 NLA_PUT_FLAG(msg, NL80211_ATTR_CONTROL_PORT);
6587 if (params->wpa_ie) {
6588 wpa_hexdump(MSG_DEBUG,
6589 " * Extra IEs for Beacon/Probe Response frames",
6590 params->wpa_ie, params->wpa_ie_len);
6591 NLA_PUT(msg, NL80211_ATTR_IE, params->wpa_ie_len,
6595 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
6598 wpa_printf(MSG_DEBUG, "nl80211: Join IBSS failed: ret=%d (%s)",
6599 ret, strerror(-ret));
6601 if (ret == -EALREADY && count == 1) {
6602 wpa_printf(MSG_DEBUG, "nl80211: Retry IBSS join after "
6604 nl80211_leave_ibss(drv);
6609 goto nla_put_failure;
6612 wpa_printf(MSG_DEBUG, "nl80211: Join IBSS request sent successfully");
6620 static unsigned int nl80211_get_assoc_bssid(struct wpa_driver_nl80211_data *drv,
6625 struct nl80211_bss_info_arg arg;
6627 os_memset(&arg, 0, sizeof(arg));
6628 msg = nlmsg_alloc();
6630 goto nla_put_failure;
6632 nl80211_cmd(drv, msg, NLM_F_DUMP, NL80211_CMD_GET_SCAN);
6633 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
6636 ret = send_and_recv_msgs(drv, msg, bss_info_handler, &arg);
6639 if (is_zero_ether_addr(arg.assoc_bssid))
6641 os_memcpy(bssid, arg.assoc_bssid, ETH_ALEN);
6644 wpa_printf(MSG_DEBUG, "nl80211: Scan result fetch failed: ret=%d "
6645 "(%s)", ret, strerror(-ret));
6648 return drv->assoc_freq;
6652 static int nl80211_disconnect(struct wpa_driver_nl80211_data *drv,
6657 if (bssid == NULL) {
6658 int res = nl80211_get_assoc_bssid(drv, addr);
6664 return wpa_driver_nl80211_disconnect(drv, bssid,
6665 WLAN_REASON_PREV_AUTH_NOT_VALID);
6669 static int wpa_driver_nl80211_connect(
6670 struct wpa_driver_nl80211_data *drv,
6671 struct wpa_driver_associate_params *params)
6674 enum nl80211_auth_type type;
6678 msg = nlmsg_alloc();
6682 wpa_printf(MSG_DEBUG, "nl80211: Connect (ifindex=%d)", drv->ifindex);
6683 nl80211_cmd(drv, msg, 0, NL80211_CMD_CONNECT);
6685 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
6686 if (params->bssid) {
6687 wpa_printf(MSG_DEBUG, " * bssid=" MACSTR,
6688 MAC2STR(params->bssid));
6689 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid);
6692 wpa_printf(MSG_DEBUG, " * freq=%d", params->freq);
6693 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, params->freq);
6695 if (params->bg_scan_period >= 0) {
6696 wpa_printf(MSG_DEBUG, " * bg scan period=%d",
6697 params->bg_scan_period);
6698 NLA_PUT_U16(msg, NL80211_ATTR_BG_SCAN_PERIOD,
6699 params->bg_scan_period);
6702 wpa_hexdump_ascii(MSG_DEBUG, " * SSID",
6703 params->ssid, params->ssid_len);
6704 NLA_PUT(msg, NL80211_ATTR_SSID, params->ssid_len,
6706 if (params->ssid_len > sizeof(drv->ssid))
6707 goto nla_put_failure;
6708 os_memcpy(drv->ssid, params->ssid, params->ssid_len);
6709 drv->ssid_len = params->ssid_len;
6711 wpa_hexdump(MSG_DEBUG, " * IEs", params->wpa_ie, params->wpa_ie_len);
6713 NLA_PUT(msg, NL80211_ATTR_IE, params->wpa_ie_len,
6717 if (params->auth_alg & WPA_AUTH_ALG_OPEN)
6719 if (params->auth_alg & WPA_AUTH_ALG_SHARED)
6721 if (params->auth_alg & WPA_AUTH_ALG_LEAP)
6724 wpa_printf(MSG_DEBUG, " * Leave out Auth Type for automatic "
6726 goto skip_auth_type;
6729 if (params->auth_alg & WPA_AUTH_ALG_OPEN)
6730 type = NL80211_AUTHTYPE_OPEN_SYSTEM;
6731 else if (params->auth_alg & WPA_AUTH_ALG_SHARED)
6732 type = NL80211_AUTHTYPE_SHARED_KEY;
6733 else if (params->auth_alg & WPA_AUTH_ALG_LEAP)
6734 type = NL80211_AUTHTYPE_NETWORK_EAP;
6735 else if (params->auth_alg & WPA_AUTH_ALG_FT)
6736 type = NL80211_AUTHTYPE_FT;
6738 goto nla_put_failure;
6740 wpa_printf(MSG_DEBUG, " * Auth Type %d", type);
6741 NLA_PUT_U32(msg, NL80211_ATTR_AUTH_TYPE, type);
6744 if (params->wpa_proto) {
6745 enum nl80211_wpa_versions ver = 0;
6747 if (params->wpa_proto & WPA_PROTO_WPA)
6748 ver |= NL80211_WPA_VERSION_1;
6749 if (params->wpa_proto & WPA_PROTO_RSN)
6750 ver |= NL80211_WPA_VERSION_2;
6752 wpa_printf(MSG_DEBUG, " * WPA Versions 0x%x", ver);
6753 NLA_PUT_U32(msg, NL80211_ATTR_WPA_VERSIONS, ver);
6756 if (params->pairwise_suite != CIPHER_NONE) {
6759 switch (params->pairwise_suite) {
6761 cipher = WLAN_CIPHER_SUITE_WEP40;
6764 cipher = WLAN_CIPHER_SUITE_WEP104;
6767 cipher = WLAN_CIPHER_SUITE_CCMP;
6770 cipher = WLAN_CIPHER_SUITE_GCMP;
6774 cipher = WLAN_CIPHER_SUITE_TKIP;
6777 NLA_PUT_U32(msg, NL80211_ATTR_CIPHER_SUITES_PAIRWISE, cipher);
6780 if (params->group_suite != CIPHER_NONE) {
6783 switch (params->group_suite) {
6785 cipher = WLAN_CIPHER_SUITE_WEP40;
6788 cipher = WLAN_CIPHER_SUITE_WEP104;
6791 cipher = WLAN_CIPHER_SUITE_CCMP;
6794 cipher = WLAN_CIPHER_SUITE_GCMP;
6798 cipher = WLAN_CIPHER_SUITE_TKIP;
6801 NLA_PUT_U32(msg, NL80211_ATTR_CIPHER_SUITE_GROUP, cipher);
6804 if (params->key_mgmt_suite == KEY_MGMT_802_1X ||
6805 params->key_mgmt_suite == KEY_MGMT_PSK) {
6806 int mgmt = WLAN_AKM_SUITE_PSK;
6808 switch (params->key_mgmt_suite) {
6809 case KEY_MGMT_802_1X:
6810 mgmt = WLAN_AKM_SUITE_8021X;
6814 mgmt = WLAN_AKM_SUITE_PSK;
6817 NLA_PUT_U32(msg, NL80211_ATTR_AKM_SUITES, mgmt);
6820 if (params->disable_ht)
6821 NLA_PUT_FLAG(msg, NL80211_ATTR_DISABLE_HT);
6823 if (params->htcaps && params->htcaps_mask) {
6824 int sz = sizeof(struct ieee80211_ht_capabilities);
6825 NLA_PUT(msg, NL80211_ATTR_HT_CAPABILITY, sz, params->htcaps);
6826 NLA_PUT(msg, NL80211_ATTR_HT_CAPABILITY_MASK, sz,
6827 params->htcaps_mask);
6830 ret = nl80211_set_conn_keys(params, msg);
6832 goto nla_put_failure;
6834 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
6837 wpa_printf(MSG_DEBUG, "nl80211: MLME connect failed: ret=%d "
6838 "(%s)", ret, strerror(-ret));
6840 * cfg80211 does not currently accept new connection if we are
6841 * already connected. As a workaround, force disconnection and
6842 * try again once the driver indicates it completed
6845 if (ret == -EALREADY)
6846 nl80211_disconnect(drv, params->bssid);
6847 goto nla_put_failure;
6850 wpa_printf(MSG_DEBUG, "nl80211: Connect request send successfully");
6859 static int wpa_driver_nl80211_associate(
6860 void *priv, struct wpa_driver_associate_params *params)
6862 struct i802_bss *bss = priv;
6863 struct wpa_driver_nl80211_data *drv = bss->drv;
6867 if (params->mode == IEEE80211_MODE_AP)
6868 return wpa_driver_nl80211_ap(drv, params);
6870 if (params->mode == IEEE80211_MODE_IBSS)
6871 return wpa_driver_nl80211_ibss(drv, params);
6873 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME)) {
6874 enum nl80211_iftype nlmode = params->p2p ?
6875 NL80211_IFTYPE_P2P_CLIENT : NL80211_IFTYPE_STATION;
6877 if (wpa_driver_nl80211_set_mode(priv, nlmode) < 0)
6879 return wpa_driver_nl80211_connect(drv, params);
6882 drv->associated = 0;
6884 msg = nlmsg_alloc();
6888 wpa_printf(MSG_DEBUG, "nl80211: Associate (ifindex=%d)",
6890 nl80211_cmd(drv, msg, 0, NL80211_CMD_ASSOCIATE);
6892 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
6893 if (params->bssid) {
6894 wpa_printf(MSG_DEBUG, " * bssid=" MACSTR,
6895 MAC2STR(params->bssid));
6896 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid);
6899 wpa_printf(MSG_DEBUG, " * freq=%d", params->freq);
6900 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, params->freq);
6901 drv->assoc_freq = params->freq;
6903 drv->assoc_freq = 0;
6904 if (params->bg_scan_period >= 0) {
6905 wpa_printf(MSG_DEBUG, " * bg scan period=%d",
6906 params->bg_scan_period);
6907 NLA_PUT_U16(msg, NL80211_ATTR_BG_SCAN_PERIOD,
6908 params->bg_scan_period);
6911 wpa_hexdump_ascii(MSG_DEBUG, " * SSID",
6912 params->ssid, params->ssid_len);
6913 NLA_PUT(msg, NL80211_ATTR_SSID, params->ssid_len,
6915 if (params->ssid_len > sizeof(drv->ssid))
6916 goto nla_put_failure;
6917 os_memcpy(drv->ssid, params->ssid, params->ssid_len);
6918 drv->ssid_len = params->ssid_len;
6920 wpa_hexdump(MSG_DEBUG, " * IEs", params->wpa_ie, params->wpa_ie_len);
6922 NLA_PUT(msg, NL80211_ATTR_IE, params->wpa_ie_len,
6925 if (params->pairwise_suite != CIPHER_NONE) {
6928 switch (params->pairwise_suite) {
6930 cipher = WLAN_CIPHER_SUITE_WEP40;
6933 cipher = WLAN_CIPHER_SUITE_WEP104;
6936 cipher = WLAN_CIPHER_SUITE_CCMP;
6939 cipher = WLAN_CIPHER_SUITE_GCMP;
6943 cipher = WLAN_CIPHER_SUITE_TKIP;
6946 wpa_printf(MSG_DEBUG, " * pairwise=0x%x", cipher);
6947 NLA_PUT_U32(msg, NL80211_ATTR_CIPHER_SUITES_PAIRWISE, cipher);
6950 if (params->group_suite != CIPHER_NONE) {
6953 switch (params->group_suite) {
6955 cipher = WLAN_CIPHER_SUITE_WEP40;
6958 cipher = WLAN_CIPHER_SUITE_WEP104;
6961 cipher = WLAN_CIPHER_SUITE_CCMP;
6964 cipher = WLAN_CIPHER_SUITE_GCMP;
6968 cipher = WLAN_CIPHER_SUITE_TKIP;
6971 wpa_printf(MSG_DEBUG, " * group=0x%x", cipher);
6972 NLA_PUT_U32(msg, NL80211_ATTR_CIPHER_SUITE_GROUP, cipher);
6975 #ifdef CONFIG_IEEE80211W
6976 if (params->mgmt_frame_protection == MGMT_FRAME_PROTECTION_REQUIRED)
6977 NLA_PUT_U32(msg, NL80211_ATTR_USE_MFP, NL80211_MFP_REQUIRED);
6978 #endif /* CONFIG_IEEE80211W */
6980 NLA_PUT_FLAG(msg, NL80211_ATTR_CONTROL_PORT);
6982 if (params->prev_bssid) {
6983 wpa_printf(MSG_DEBUG, " * prev_bssid=" MACSTR,
6984 MAC2STR(params->prev_bssid));
6985 NLA_PUT(msg, NL80211_ATTR_PREV_BSSID, ETH_ALEN,
6986 params->prev_bssid);
6989 if (params->disable_ht)
6990 NLA_PUT_FLAG(msg, NL80211_ATTR_DISABLE_HT);
6992 if (params->htcaps && params->htcaps_mask) {
6993 int sz = sizeof(struct ieee80211_ht_capabilities);
6994 NLA_PUT(msg, NL80211_ATTR_HT_CAPABILITY, sz, params->htcaps);
6995 NLA_PUT(msg, NL80211_ATTR_HT_CAPABILITY_MASK, sz,
6996 params->htcaps_mask);
7000 wpa_printf(MSG_DEBUG, " * P2P group");
7002 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
7005 wpa_dbg(drv->ctx, MSG_DEBUG,
7006 "nl80211: MLME command failed (assoc): ret=%d (%s)",
7007 ret, strerror(-ret));
7008 nl80211_dump_scan(drv);
7009 goto nla_put_failure;
7012 wpa_printf(MSG_DEBUG, "nl80211: Association request send "
7021 static int nl80211_set_mode(struct wpa_driver_nl80211_data *drv,
7022 int ifindex, enum nl80211_iftype mode)
7027 wpa_printf(MSG_DEBUG, "nl80211: Set mode ifindex %d iftype %d (%s)",
7028 ifindex, mode, nl80211_iftype_str(mode));
7030 msg = nlmsg_alloc();
7034 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_INTERFACE);
7035 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifindex);
7036 NLA_PUT_U32(msg, NL80211_ATTR_IFTYPE, mode);
7038 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
7044 wpa_printf(MSG_DEBUG, "nl80211: Failed to set interface %d to mode %d:"
7045 " %d (%s)", ifindex, mode, ret, strerror(-ret));
7050 static int wpa_driver_nl80211_set_mode(struct i802_bss *bss,
7051 enum nl80211_iftype nlmode)
7053 struct wpa_driver_nl80211_data *drv = bss->drv;
7056 int was_ap = is_ap_interface(drv->nlmode);
7059 res = nl80211_set_mode(drv, drv->ifindex, nlmode);
7061 drv->nlmode = nlmode;
7069 if (nlmode == drv->nlmode) {
7070 wpa_printf(MSG_DEBUG, "nl80211: Interface already in "
7071 "requested mode - ignore error");
7073 goto done; /* Already in the requested mode */
7076 /* mac80211 doesn't allow mode changes while the device is up, so
7077 * take the device down, try to set the mode again, and bring the
7080 wpa_printf(MSG_DEBUG, "nl80211: Try mode change after setting "
7082 for (i = 0; i < 10; i++) {
7083 res = linux_set_iface_flags(drv->global->ioctl_sock,
7085 if (res == -EACCES || res == -ENODEV)
7088 /* Try to set the mode again while the interface is
7090 ret = nl80211_set_mode(drv, drv->ifindex, nlmode);
7093 res = linux_set_iface_flags(drv->global->ioctl_sock,
7097 else if (ret != -EBUSY)
7100 wpa_printf(MSG_DEBUG, "nl80211: Failed to set "
7102 os_sleep(0, 100000);
7106 wpa_printf(MSG_DEBUG, "nl80211: Mode change succeeded while "
7107 "interface is down");
7108 drv->nlmode = nlmode;
7109 drv->ignore_if_down_event = 1;
7114 wpa_printf(MSG_DEBUG, "nl80211: Interface mode change to %d "
7115 "from %d failed", nlmode, drv->nlmode);
7119 if (is_p2p_interface(nlmode))
7120 nl80211_disable_11b_rates(drv, drv->ifindex, 1);
7121 else if (drv->disabled_11b_rates)
7122 nl80211_disable_11b_rates(drv, drv->ifindex, 0);
7124 if (is_ap_interface(nlmode)) {
7125 nl80211_mgmt_unsubscribe(bss, "start AP");
7126 /* Setup additional AP mode functionality if needed */
7127 if (nl80211_setup_ap(bss))
7129 } else if (was_ap) {
7130 /* Remove additional AP mode functionality */
7131 nl80211_teardown_ap(bss);
7133 nl80211_mgmt_unsubscribe(bss, "mode change");
7136 if (!bss->in_deinit && !is_ap_interface(nlmode) &&
7137 nl80211_mgmt_subscribe_non_ap(bss) < 0)
7138 wpa_printf(MSG_DEBUG, "nl80211: Failed to register Action "
7139 "frame processing - ignore for now");
7145 static int wpa_driver_nl80211_get_capa(void *priv,
7146 struct wpa_driver_capa *capa)
7148 struct i802_bss *bss = priv;
7149 struct wpa_driver_nl80211_data *drv = bss->drv;
7150 if (!drv->has_capability)
7152 os_memcpy(capa, &drv->capa, sizeof(*capa));
7157 static int wpa_driver_nl80211_set_operstate(void *priv, int state)
7159 struct i802_bss *bss = priv;
7160 struct wpa_driver_nl80211_data *drv = bss->drv;
7162 wpa_printf(MSG_DEBUG, "%s: operstate %d->%d (%s)",
7163 __func__, drv->operstate, state, state ? "UP" : "DORMANT");
7164 drv->operstate = state;
7165 return netlink_send_oper_ifla(drv->global->netlink, drv->ifindex, -1,
7166 state ? IF_OPER_UP : IF_OPER_DORMANT);
7170 static int wpa_driver_nl80211_set_supp_port(void *priv, int authorized)
7172 struct i802_bss *bss = priv;
7173 struct wpa_driver_nl80211_data *drv = bss->drv;
7175 struct nl80211_sta_flag_update upd;
7177 msg = nlmsg_alloc();
7181 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_STATION);
7183 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
7184 if_nametoindex(bss->ifname));
7185 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, drv->bssid);
7187 os_memset(&upd, 0, sizeof(upd));
7188 upd.mask = BIT(NL80211_STA_FLAG_AUTHORIZED);
7190 upd.set = BIT(NL80211_STA_FLAG_AUTHORIZED);
7191 NLA_PUT(msg, NL80211_ATTR_STA_FLAGS2, sizeof(upd), &upd);
7193 return send_and_recv_msgs(drv, msg, NULL, NULL);
7200 /* Set kernel driver on given frequency (MHz) */
7201 static int i802_set_freq(void *priv, struct hostapd_freq_params *freq)
7203 struct i802_bss *bss = priv;
7204 return wpa_driver_nl80211_set_freq(bss, freq->freq, freq->ht_enabled,
7205 freq->sec_channel_offset);
7209 #if defined(HOSTAPD) || defined(CONFIG_AP)
7211 static inline int min_int(int a, int b)
7219 static int get_key_handler(struct nl_msg *msg, void *arg)
7221 struct nlattr *tb[NL80211_ATTR_MAX + 1];
7222 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
7224 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
7225 genlmsg_attrlen(gnlh, 0), NULL);
7228 * TODO: validate the key index and mac address!
7229 * Otherwise, there's a race condition as soon as
7230 * the kernel starts sending key notifications.
7233 if (tb[NL80211_ATTR_KEY_SEQ])
7234 memcpy(arg, nla_data(tb[NL80211_ATTR_KEY_SEQ]),
7235 min_int(nla_len(tb[NL80211_ATTR_KEY_SEQ]), 6));
7240 static int i802_get_seqnum(const char *iface, void *priv, const u8 *addr,
7243 struct i802_bss *bss = priv;
7244 struct wpa_driver_nl80211_data *drv = bss->drv;
7247 msg = nlmsg_alloc();
7251 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_KEY);
7254 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
7255 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, idx);
7256 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(iface));
7260 return send_and_recv_msgs(drv, msg, get_key_handler, seq);
7267 static int i802_set_rts(void *priv, int rts)
7269 struct i802_bss *bss = priv;
7270 struct wpa_driver_nl80211_data *drv = bss->drv;
7275 msg = nlmsg_alloc();
7284 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_WIPHY);
7285 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
7286 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_RTS_THRESHOLD, val);
7288 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
7294 wpa_printf(MSG_DEBUG, "nl80211: Failed to set RTS threshold %d: "
7295 "%d (%s)", rts, ret, strerror(-ret));
7300 static int i802_set_frag(void *priv, int frag)
7302 struct i802_bss *bss = priv;
7303 struct wpa_driver_nl80211_data *drv = bss->drv;
7308 msg = nlmsg_alloc();
7317 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_WIPHY);
7318 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
7319 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FRAG_THRESHOLD, val);
7321 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
7327 wpa_printf(MSG_DEBUG, "nl80211: Failed to set fragmentation threshold "
7328 "%d: %d (%s)", frag, ret, strerror(-ret));
7333 static int i802_flush(void *priv)
7335 struct i802_bss *bss = priv;
7336 struct wpa_driver_nl80211_data *drv = bss->drv;
7340 msg = nlmsg_alloc();
7344 nl80211_cmd(drv, msg, 0, NL80211_CMD_DEL_STATION);
7347 * XXX: FIX! this needs to flush all VLANs too
7349 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
7350 if_nametoindex(bss->ifname));
7352 res = send_and_recv_msgs(drv, msg, NULL, NULL);
7354 wpa_printf(MSG_DEBUG, "nl80211: Station flush failed: ret=%d "
7355 "(%s)", res, strerror(-res));
7363 #endif /* HOSTAPD || CONFIG_AP */
7366 static int get_sta_handler(struct nl_msg *msg, void *arg)
7368 struct nlattr *tb[NL80211_ATTR_MAX + 1];
7369 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
7370 struct hostap_sta_driver_data *data = arg;
7371 struct nlattr *stats[NL80211_STA_INFO_MAX + 1];
7372 static struct nla_policy stats_policy[NL80211_STA_INFO_MAX + 1] = {
7373 [NL80211_STA_INFO_INACTIVE_TIME] = { .type = NLA_U32 },
7374 [NL80211_STA_INFO_RX_BYTES] = { .type = NLA_U32 },
7375 [NL80211_STA_INFO_TX_BYTES] = { .type = NLA_U32 },
7376 [NL80211_STA_INFO_RX_PACKETS] = { .type = NLA_U32 },
7377 [NL80211_STA_INFO_TX_PACKETS] = { .type = NLA_U32 },
7378 [NL80211_STA_INFO_TX_FAILED] = { .type = NLA_U32 },
7381 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
7382 genlmsg_attrlen(gnlh, 0), NULL);
7385 * TODO: validate the interface and mac address!
7386 * Otherwise, there's a race condition as soon as
7387 * the kernel starts sending station notifications.
7390 if (!tb[NL80211_ATTR_STA_INFO]) {
7391 wpa_printf(MSG_DEBUG, "sta stats missing!");
7394 if (nla_parse_nested(stats, NL80211_STA_INFO_MAX,
7395 tb[NL80211_ATTR_STA_INFO],
7397 wpa_printf(MSG_DEBUG, "failed to parse nested attributes!");
7401 if (stats[NL80211_STA_INFO_INACTIVE_TIME])
7402 data->inactive_msec =
7403 nla_get_u32(stats[NL80211_STA_INFO_INACTIVE_TIME]);
7404 if (stats[NL80211_STA_INFO_RX_BYTES])
7405 data->rx_bytes = nla_get_u32(stats[NL80211_STA_INFO_RX_BYTES]);
7406 if (stats[NL80211_STA_INFO_TX_BYTES])
7407 data->tx_bytes = nla_get_u32(stats[NL80211_STA_INFO_TX_BYTES]);
7408 if (stats[NL80211_STA_INFO_RX_PACKETS])
7410 nla_get_u32(stats[NL80211_STA_INFO_RX_PACKETS]);
7411 if (stats[NL80211_STA_INFO_TX_PACKETS])
7413 nla_get_u32(stats[NL80211_STA_INFO_TX_PACKETS]);
7414 if (stats[NL80211_STA_INFO_TX_FAILED])
7415 data->tx_retry_failed =
7416 nla_get_u32(stats[NL80211_STA_INFO_TX_FAILED]);
7421 static int i802_read_sta_data(void *priv, struct hostap_sta_driver_data *data,
7424 struct i802_bss *bss = priv;
7425 struct wpa_driver_nl80211_data *drv = bss->drv;
7428 os_memset(data, 0, sizeof(*data));
7429 msg = nlmsg_alloc();
7433 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_STATION);
7435 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
7436 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(bss->ifname));
7438 return send_and_recv_msgs(drv, msg, get_sta_handler, data);
7445 #if defined(HOSTAPD) || defined(CONFIG_AP)
7447 static int i802_set_tx_queue_params(void *priv, int queue, int aifs,
7448 int cw_min, int cw_max, int burst_time)
7450 struct i802_bss *bss = priv;
7451 struct wpa_driver_nl80211_data *drv = bss->drv;
7453 struct nlattr *txq, *params;
7455 msg = nlmsg_alloc();
7459 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_WIPHY);
7461 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(bss->ifname));
7463 txq = nla_nest_start(msg, NL80211_ATTR_WIPHY_TXQ_PARAMS);
7465 goto nla_put_failure;
7467 /* We are only sending parameters for a single TXQ at a time */
7468 params = nla_nest_start(msg, 1);
7470 goto nla_put_failure;
7474 NLA_PUT_U8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_VO);
7477 NLA_PUT_U8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_VI);
7480 NLA_PUT_U8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_BE);
7483 NLA_PUT_U8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_BK);
7486 /* Burst time is configured in units of 0.1 msec and TXOP parameter in
7487 * 32 usec, so need to convert the value here. */
7488 NLA_PUT_U16(msg, NL80211_TXQ_ATTR_TXOP, (burst_time * 100 + 16) / 32);
7489 NLA_PUT_U16(msg, NL80211_TXQ_ATTR_CWMIN, cw_min);
7490 NLA_PUT_U16(msg, NL80211_TXQ_ATTR_CWMAX, cw_max);
7491 NLA_PUT_U8(msg, NL80211_TXQ_ATTR_AIFS, aifs);
7493 nla_nest_end(msg, params);
7495 nla_nest_end(msg, txq);
7497 if (send_and_recv_msgs(drv, msg, NULL, NULL) == 0)
7506 static int i802_set_sta_vlan(void *priv, const u8 *addr,
7507 const char *ifname, int vlan_id)
7509 struct i802_bss *bss = priv;
7510 struct wpa_driver_nl80211_data *drv = bss->drv;
7514 msg = nlmsg_alloc();
7518 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_STATION);
7520 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
7521 if_nametoindex(bss->ifname));
7522 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
7523 NLA_PUT_U32(msg, NL80211_ATTR_STA_VLAN,
7524 if_nametoindex(ifname));
7526 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
7529 wpa_printf(MSG_ERROR, "nl80211: NL80211_ATTR_STA_VLAN (addr="
7530 MACSTR " ifname=%s vlan_id=%d) failed: %d (%s)",
7531 MAC2STR(addr), ifname, vlan_id, ret,
7540 static int i802_get_inact_sec(void *priv, const u8 *addr)
7542 struct hostap_sta_driver_data data;
7545 data.inactive_msec = (unsigned long) -1;
7546 ret = i802_read_sta_data(priv, &data, addr);
7547 if (ret || data.inactive_msec == (unsigned long) -1)
7549 return data.inactive_msec / 1000;
7553 static int i802_sta_clear_stats(void *priv, const u8 *addr)
7562 static int i802_sta_deauth(void *priv, const u8 *own_addr, const u8 *addr,
7565 struct i802_bss *bss = priv;
7566 struct wpa_driver_nl80211_data *drv = bss->drv;
7567 struct ieee80211_mgmt mgmt;
7569 if (drv->device_ap_sme)
7570 return wpa_driver_nl80211_sta_remove(bss, addr);
7572 memset(&mgmt, 0, sizeof(mgmt));
7573 mgmt.frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT,
7574 WLAN_FC_STYPE_DEAUTH);
7575 memcpy(mgmt.da, addr, ETH_ALEN);
7576 memcpy(mgmt.sa, own_addr, ETH_ALEN);
7577 memcpy(mgmt.bssid, own_addr, ETH_ALEN);
7578 mgmt.u.deauth.reason_code = host_to_le16(reason);
7579 return wpa_driver_nl80211_send_mlme(bss, (u8 *) &mgmt,
7581 sizeof(mgmt.u.deauth), 0);
7585 static int i802_sta_disassoc(void *priv, const u8 *own_addr, const u8 *addr,
7588 struct i802_bss *bss = priv;
7589 struct wpa_driver_nl80211_data *drv = bss->drv;
7590 struct ieee80211_mgmt mgmt;
7592 if (drv->device_ap_sme)
7593 return wpa_driver_nl80211_sta_remove(bss, addr);
7595 memset(&mgmt, 0, sizeof(mgmt));
7596 mgmt.frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT,
7597 WLAN_FC_STYPE_DISASSOC);
7598 memcpy(mgmt.da, addr, ETH_ALEN);
7599 memcpy(mgmt.sa, own_addr, ETH_ALEN);
7600 memcpy(mgmt.bssid, own_addr, ETH_ALEN);
7601 mgmt.u.disassoc.reason_code = host_to_le16(reason);
7602 return wpa_driver_nl80211_send_mlme(bss, (u8 *) &mgmt,
7604 sizeof(mgmt.u.disassoc), 0);
7607 #endif /* HOSTAPD || CONFIG_AP */
7611 static void add_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx)
7616 wpa_printf(MSG_DEBUG, "nl80211: Add own interface ifindex %d",
7618 for (i = 0; i < drv->num_if_indices; i++) {
7619 if (drv->if_indices[i] == 0) {
7620 drv->if_indices[i] = ifidx;
7625 if (drv->if_indices != drv->default_if_indices)
7626 old = drv->if_indices;
7630 drv->if_indices = os_realloc_array(old, drv->num_if_indices + 1,
7632 if (!drv->if_indices) {
7634 drv->if_indices = drv->default_if_indices;
7636 drv->if_indices = old;
7637 wpa_printf(MSG_ERROR, "Failed to reallocate memory for "
7639 wpa_printf(MSG_ERROR, "Ignoring EAPOL on interface %d", ifidx);
7642 os_memcpy(drv->if_indices, drv->default_if_indices,
7643 sizeof(drv->default_if_indices));
7644 drv->if_indices[drv->num_if_indices] = ifidx;
7645 drv->num_if_indices++;
7649 static void del_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx)
7653 for (i = 0; i < drv->num_if_indices; i++) {
7654 if (drv->if_indices[i] == ifidx) {
7655 drv->if_indices[i] = 0;
7662 static int have_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx)
7666 for (i = 0; i < drv->num_if_indices; i++)
7667 if (drv->if_indices[i] == ifidx)
7674 static int i802_set_wds_sta(void *priv, const u8 *addr, int aid, int val,
7675 const char *bridge_ifname)
7677 struct i802_bss *bss = priv;
7678 struct wpa_driver_nl80211_data *drv = bss->drv;
7679 char name[IFNAMSIZ + 1];
7681 os_snprintf(name, sizeof(name), "%s.sta%d", bss->ifname, aid);
7682 wpa_printf(MSG_DEBUG, "nl80211: Set WDS STA addr=" MACSTR
7683 " aid=%d val=%d name=%s", MAC2STR(addr), aid, val, name);
7685 if (!if_nametoindex(name)) {
7686 if (nl80211_create_iface(drv, name,
7687 NL80211_IFTYPE_AP_VLAN,
7690 if (bridge_ifname &&
7691 linux_br_add_if(drv->global->ioctl_sock,
7692 bridge_ifname, name) < 0)
7695 if (linux_set_iface_flags(drv->global->ioctl_sock, name, 1)) {
7696 wpa_printf(MSG_ERROR, "nl80211: Failed to set WDS STA "
7697 "interface %s up", name);
7699 return i802_set_sta_vlan(priv, addr, name, 0);
7702 linux_br_del_if(drv->global->ioctl_sock, bridge_ifname,
7705 i802_set_sta_vlan(priv, addr, bss->ifname, 0);
7706 return wpa_driver_nl80211_if_remove(priv, WPA_IF_AP_VLAN,
7712 static void handle_eapol(int sock, void *eloop_ctx, void *sock_ctx)
7714 struct wpa_driver_nl80211_data *drv = eloop_ctx;
7715 struct sockaddr_ll lladdr;
7716 unsigned char buf[3000];
7718 socklen_t fromlen = sizeof(lladdr);
7720 len = recvfrom(sock, buf, sizeof(buf), 0,
7721 (struct sockaddr *)&lladdr, &fromlen);
7727 if (have_ifidx(drv, lladdr.sll_ifindex))
7728 drv_event_eapol_rx(drv->ctx, lladdr.sll_addr, buf, len);
7732 static int i802_check_bridge(struct wpa_driver_nl80211_data *drv,
7733 struct i802_bss *bss,
7734 const char *brname, const char *ifname)
7737 char in_br[IFNAMSIZ];
7739 os_strlcpy(bss->brname, brname, IFNAMSIZ);
7740 ifindex = if_nametoindex(brname);
7743 * Bridge was configured, but the bridge device does
7744 * not exist. Try to add it now.
7746 if (linux_br_add(drv->global->ioctl_sock, brname) < 0) {
7747 wpa_printf(MSG_ERROR, "nl80211: Failed to add the "
7748 "bridge interface %s: %s",
7749 brname, strerror(errno));
7752 bss->added_bridge = 1;
7753 add_ifidx(drv, if_nametoindex(brname));
7756 if (linux_br_get(in_br, ifname) == 0) {
7757 if (os_strcmp(in_br, brname) == 0)
7758 return 0; /* already in the bridge */
7760 wpa_printf(MSG_DEBUG, "nl80211: Removing interface %s from "
7761 "bridge %s", ifname, in_br);
7762 if (linux_br_del_if(drv->global->ioctl_sock, in_br, ifname) <
7764 wpa_printf(MSG_ERROR, "nl80211: Failed to "
7765 "remove interface %s from bridge "
7767 ifname, brname, strerror(errno));
7772 wpa_printf(MSG_DEBUG, "nl80211: Adding interface %s into bridge %s",
7774 if (linux_br_add_if(drv->global->ioctl_sock, brname, ifname) < 0) {
7775 wpa_printf(MSG_ERROR, "nl80211: Failed to add interface %s "
7776 "into bridge %s: %s",
7777 ifname, brname, strerror(errno));
7780 bss->added_if_into_bridge = 1;
7786 static void *i802_init(struct hostapd_data *hapd,
7787 struct wpa_init_params *params)
7789 struct wpa_driver_nl80211_data *drv;
7790 struct i802_bss *bss;
7792 char brname[IFNAMSIZ];
7793 int ifindex, br_ifindex;
7796 bss = wpa_driver_nl80211_init(hapd, params->ifname,
7797 params->global_priv);
7802 drv->nlmode = NL80211_IFTYPE_AP;
7803 drv->eapol_sock = -1;
7805 if (linux_br_get(brname, params->ifname) == 0) {
7806 wpa_printf(MSG_DEBUG, "nl80211: Interface %s is in bridge %s",
7807 params->ifname, brname);
7808 br_ifindex = if_nametoindex(brname);
7814 drv->num_if_indices = sizeof(drv->default_if_indices) / sizeof(int);
7815 drv->if_indices = drv->default_if_indices;
7816 for (i = 0; i < params->num_bridge; i++) {
7817 if (params->bridge[i]) {
7818 ifindex = if_nametoindex(params->bridge[i]);
7820 add_ifidx(drv, ifindex);
7821 if (ifindex == br_ifindex)
7825 if (!br_added && br_ifindex &&
7826 (params->num_bridge == 0 || !params->bridge[0]))
7827 add_ifidx(drv, br_ifindex);
7829 /* start listening for EAPOL on the default AP interface */
7830 add_ifidx(drv, drv->ifindex);
7832 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 0))
7835 if (params->bssid) {
7836 if (linux_set_ifhwaddr(drv->global->ioctl_sock, bss->ifname,
7841 if (wpa_driver_nl80211_set_mode(bss, drv->nlmode)) {
7842 wpa_printf(MSG_ERROR, "nl80211: Failed to set interface %s "
7843 "into AP mode", bss->ifname);
7847 if (params->num_bridge && params->bridge[0] &&
7848 i802_check_bridge(drv, bss, params->bridge[0], params->ifname) < 0)
7851 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 1))
7854 drv->eapol_sock = socket(PF_PACKET, SOCK_DGRAM, htons(ETH_P_PAE));
7855 if (drv->eapol_sock < 0) {
7856 perror("socket(PF_PACKET, SOCK_DGRAM, ETH_P_PAE)");
7860 if (eloop_register_read_sock(drv->eapol_sock, handle_eapol, drv, NULL))
7862 printf("Could not register read socket for eapol\n");
7866 if (linux_get_ifhwaddr(drv->global->ioctl_sock, bss->ifname,
7870 memcpy(bss->addr, params->own_addr, ETH_ALEN);
7875 wpa_driver_nl80211_deinit(bss);
7880 static void i802_deinit(void *priv)
7882 wpa_driver_nl80211_deinit(priv);
7885 #endif /* HOSTAPD */
7888 static enum nl80211_iftype wpa_driver_nl80211_if_type(
7889 enum wpa_driver_if_type type)
7892 case WPA_IF_STATION:
7893 return NL80211_IFTYPE_STATION;
7894 case WPA_IF_P2P_CLIENT:
7895 case WPA_IF_P2P_GROUP:
7896 return NL80211_IFTYPE_P2P_CLIENT;
7897 case WPA_IF_AP_VLAN:
7898 return NL80211_IFTYPE_AP_VLAN;
7900 return NL80211_IFTYPE_AP;
7902 return NL80211_IFTYPE_P2P_GO;
7910 static int nl80211_addr_in_use(struct nl80211_global *global, const u8 *addr)
7912 struct wpa_driver_nl80211_data *drv;
7913 dl_list_for_each(drv, &global->interfaces,
7914 struct wpa_driver_nl80211_data, list) {
7915 if (os_memcmp(addr, drv->first_bss.addr, ETH_ALEN) == 0)
7922 static int nl80211_p2p_interface_addr(struct wpa_driver_nl80211_data *drv,
7930 os_memcpy(new_addr, drv->first_bss.addr, ETH_ALEN);
7931 for (idx = 0; idx < 64; idx++) {
7932 new_addr[0] = drv->first_bss.addr[0] | 0x02;
7933 new_addr[0] ^= idx << 2;
7934 if (!nl80211_addr_in_use(drv->global, new_addr))
7940 wpa_printf(MSG_DEBUG, "nl80211: Assigned new P2P Interface Address "
7941 MACSTR, MAC2STR(new_addr));
7946 #endif /* CONFIG_P2P */
7949 static int wpa_driver_nl80211_if_add(void *priv, enum wpa_driver_if_type type,
7950 const char *ifname, const u8 *addr,
7951 void *bss_ctx, void **drv_priv,
7952 char *force_ifname, u8 *if_addr,
7955 struct i802_bss *bss = priv;
7956 struct wpa_driver_nl80211_data *drv = bss->drv;
7959 struct i802_bss *new_bss = NULL;
7961 if (type == WPA_IF_AP_BSS) {
7962 new_bss = os_zalloc(sizeof(*new_bss));
7963 if (new_bss == NULL)
7966 #endif /* HOSTAPD */
7969 os_memcpy(if_addr, addr, ETH_ALEN);
7970 ifidx = nl80211_create_iface(drv, ifname,
7971 wpa_driver_nl80211_if_type(type), addr,
7976 #endif /* HOSTAPD */
7981 linux_get_ifhwaddr(drv->global->ioctl_sock, bss->ifname,
7983 nl80211_remove_iface(drv, ifidx);
7989 (type == WPA_IF_P2P_CLIENT || type == WPA_IF_P2P_GROUP ||
7990 type == WPA_IF_P2P_GO)) {
7991 /* Enforce unique P2P Interface Address */
7992 u8 new_addr[ETH_ALEN], own_addr[ETH_ALEN];
7994 if (linux_get_ifhwaddr(drv->global->ioctl_sock, bss->ifname,
7996 linux_get_ifhwaddr(drv->global->ioctl_sock, ifname,
7998 nl80211_remove_iface(drv, ifidx);
8001 if (os_memcmp(own_addr, new_addr, ETH_ALEN) == 0) {
8002 wpa_printf(MSG_DEBUG, "nl80211: Allocate new address "
8003 "for P2P group interface");
8004 if (nl80211_p2p_interface_addr(drv, new_addr) < 0) {
8005 nl80211_remove_iface(drv, ifidx);
8008 if (linux_set_ifhwaddr(drv->global->ioctl_sock, ifname,
8010 nl80211_remove_iface(drv, ifidx);
8014 os_memcpy(if_addr, new_addr, ETH_ALEN);
8016 #endif /* CONFIG_P2P */
8020 i802_check_bridge(drv, new_bss, bridge, ifname) < 0) {
8021 wpa_printf(MSG_ERROR, "nl80211: Failed to add the new "
8022 "interface %s to a bridge %s", ifname, bridge);
8023 nl80211_remove_iface(drv, ifidx);
8028 if (type == WPA_IF_AP_BSS) {
8029 if (linux_set_iface_flags(drv->global->ioctl_sock, ifname, 1))
8031 nl80211_remove_iface(drv, ifidx);
8035 os_strlcpy(new_bss->ifname, ifname, IFNAMSIZ);
8036 os_memcpy(new_bss->addr, if_addr, ETH_ALEN);
8037 new_bss->ifindex = ifidx;
8039 new_bss->next = drv->first_bss.next;
8040 new_bss->freq = drv->first_bss.freq;
8041 drv->first_bss.next = new_bss;
8043 *drv_priv = new_bss;
8044 nl80211_init_bss(new_bss);
8046 /* Subscribe management frames for this WPA_IF_AP_BSS */
8047 if (nl80211_setup_ap(new_bss))
8050 #endif /* HOSTAPD */
8053 drv->global->if_add_ifindex = ifidx;
8059 static int wpa_driver_nl80211_if_remove(void *priv,
8060 enum wpa_driver_if_type type,
8063 struct i802_bss *bss = priv;
8064 struct wpa_driver_nl80211_data *drv = bss->drv;
8065 int ifindex = if_nametoindex(ifname);
8067 wpa_printf(MSG_DEBUG, "nl80211: %s(type=%d ifname=%s) ifindex=%d",
8068 __func__, type, ifname, ifindex);
8072 nl80211_remove_iface(drv, ifindex);
8075 if (type != WPA_IF_AP_BSS)
8078 if (bss->added_if_into_bridge) {
8079 if (linux_br_del_if(drv->global->ioctl_sock, bss->brname,
8081 wpa_printf(MSG_INFO, "nl80211: Failed to remove "
8082 "interface %s from bridge %s: %s",
8083 bss->ifname, bss->brname, strerror(errno));
8085 if (bss->added_bridge) {
8086 if (linux_br_del(drv->global->ioctl_sock, bss->brname) < 0)
8087 wpa_printf(MSG_INFO, "nl80211: Failed to remove "
8089 bss->brname, strerror(errno));
8092 if (bss != &drv->first_bss) {
8093 struct i802_bss *tbss;
8095 for (tbss = &drv->first_bss; tbss; tbss = tbss->next) {
8096 if (tbss->next == bss) {
8097 tbss->next = bss->next;
8098 /* Unsubscribe management frames */
8099 nl80211_teardown_ap(bss);
8100 nl80211_destroy_bss(bss);
8107 wpa_printf(MSG_INFO, "nl80211: %s - could not find "
8108 "BSS %p in the list", __func__, bss);
8110 #endif /* HOSTAPD */
8116 static int cookie_handler(struct nl_msg *msg, void *arg)
8118 struct nlattr *tb[NL80211_ATTR_MAX + 1];
8119 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
8121 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
8122 genlmsg_attrlen(gnlh, 0), NULL);
8123 if (tb[NL80211_ATTR_COOKIE])
8124 *cookie = nla_get_u64(tb[NL80211_ATTR_COOKIE]);
8129 static int nl80211_send_frame_cmd(struct i802_bss *bss,
8130 unsigned int freq, unsigned int wait,
8131 const u8 *buf, size_t buf_len,
8132 u64 *cookie_out, int no_cck, int no_ack,
8135 struct wpa_driver_nl80211_data *drv = bss->drv;
8140 msg = nlmsg_alloc();
8144 wpa_printf(MSG_DEBUG, "nl80211: CMD_FRAME freq=%u wait=%u no_cck=%d "
8145 "no_ack=%d offchanok=%d",
8146 freq, wait, no_cck, no_ack, offchanok);
8147 nl80211_cmd(drv, msg, 0, NL80211_CMD_FRAME);
8149 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, bss->ifindex);
8150 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, freq);
8152 NLA_PUT_U32(msg, NL80211_ATTR_DURATION, wait);
8153 if (offchanok && (drv->capa.flags & WPA_DRIVER_FLAGS_OFFCHANNEL_TX))
8154 NLA_PUT_FLAG(msg, NL80211_ATTR_OFFCHANNEL_TX_OK);
8156 NLA_PUT_FLAG(msg, NL80211_ATTR_TX_NO_CCK_RATE);
8158 NLA_PUT_FLAG(msg, NL80211_ATTR_DONT_WAIT_FOR_ACK);
8160 NLA_PUT(msg, NL80211_ATTR_FRAME, buf_len, buf);
8163 ret = send_and_recv_msgs(drv, msg, cookie_handler, &cookie);
8166 wpa_printf(MSG_DEBUG, "nl80211: Frame command failed: ret=%d "
8167 "(%s) (freq=%u wait=%u)", ret, strerror(-ret),
8169 goto nla_put_failure;
8171 wpa_printf(MSG_DEBUG, "nl80211: Frame TX command accepted%s; "
8172 "cookie 0x%llx", no_ack ? " (no ACK)" : "",
8173 (long long unsigned int) cookie);
8176 *cookie_out = no_ack ? (u64) -1 : cookie;
8184 static int wpa_driver_nl80211_send_action(void *priv, unsigned int freq,
8185 unsigned int wait_time,
8186 const u8 *dst, const u8 *src,
8188 const u8 *data, size_t data_len,
8191 struct i802_bss *bss = priv;
8192 struct wpa_driver_nl80211_data *drv = bss->drv;
8195 struct ieee80211_hdr *hdr;
8197 wpa_printf(MSG_DEBUG, "nl80211: Send Action frame (ifindex=%d, "
8198 "freq=%u MHz wait=%d ms no_cck=%d)",
8199 drv->ifindex, freq, wait_time, no_cck);
8201 buf = os_zalloc(24 + data_len);
8204 os_memcpy(buf + 24, data, data_len);
8205 hdr = (struct ieee80211_hdr *) buf;
8206 hdr->frame_control =
8207 IEEE80211_FC(WLAN_FC_TYPE_MGMT, WLAN_FC_STYPE_ACTION);
8208 os_memcpy(hdr->addr1, dst, ETH_ALEN);
8209 os_memcpy(hdr->addr2, src, ETH_ALEN);
8210 os_memcpy(hdr->addr3, bssid, ETH_ALEN);
8212 if (is_ap_interface(drv->nlmode))
8213 ret = wpa_driver_nl80211_send_mlme_freq(priv, buf,
8218 ret = nl80211_send_frame_cmd(bss, freq, wait_time, buf,
8220 &drv->send_action_cookie,
8228 static void wpa_driver_nl80211_send_action_cancel_wait(void *priv)
8230 struct i802_bss *bss = priv;
8231 struct wpa_driver_nl80211_data *drv = bss->drv;
8235 msg = nlmsg_alloc();
8239 nl80211_cmd(drv, msg, 0, NL80211_CMD_FRAME_WAIT_CANCEL);
8241 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
8242 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, drv->send_action_cookie);
8244 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
8247 wpa_printf(MSG_DEBUG, "nl80211: wait cancel failed: ret=%d "
8248 "(%s)", ret, strerror(-ret));
8255 static int wpa_driver_nl80211_remain_on_channel(void *priv, unsigned int freq,
8256 unsigned int duration)
8258 struct i802_bss *bss = priv;
8259 struct wpa_driver_nl80211_data *drv = bss->drv;
8264 msg = nlmsg_alloc();
8268 nl80211_cmd(drv, msg, 0, NL80211_CMD_REMAIN_ON_CHANNEL);
8270 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
8271 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, freq);
8272 NLA_PUT_U32(msg, NL80211_ATTR_DURATION, duration);
8275 ret = send_and_recv_msgs(drv, msg, cookie_handler, &cookie);
8278 wpa_printf(MSG_DEBUG, "nl80211: Remain-on-channel cookie "
8279 "0x%llx for freq=%u MHz duration=%u",
8280 (long long unsigned int) cookie, freq, duration);
8281 drv->remain_on_chan_cookie = cookie;
8282 drv->pending_remain_on_chan = 1;
8285 wpa_printf(MSG_DEBUG, "nl80211: Failed to request remain-on-channel "
8286 "(freq=%d duration=%u): %d (%s)",
8287 freq, duration, ret, strerror(-ret));
8294 static int wpa_driver_nl80211_cancel_remain_on_channel(void *priv)
8296 struct i802_bss *bss = priv;
8297 struct wpa_driver_nl80211_data *drv = bss->drv;
8301 if (!drv->pending_remain_on_chan) {
8302 wpa_printf(MSG_DEBUG, "nl80211: No pending remain-on-channel "
8307 wpa_printf(MSG_DEBUG, "nl80211: Cancel remain-on-channel with cookie "
8309 (long long unsigned int) drv->remain_on_chan_cookie);
8311 msg = nlmsg_alloc();
8315 nl80211_cmd(drv, msg, 0, NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL);
8317 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
8318 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, drv->remain_on_chan_cookie);
8320 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
8324 wpa_printf(MSG_DEBUG, "nl80211: Failed to cancel remain-on-channel: "
8325 "%d (%s)", ret, strerror(-ret));
8332 static int wpa_driver_nl80211_probe_req_report(void *priv, int report)
8334 struct i802_bss *bss = priv;
8335 struct wpa_driver_nl80211_data *drv = bss->drv;
8338 if (bss->nl_preq && drv->device_ap_sme &&
8339 is_ap_interface(drv->nlmode)) {
8341 * Do not disable Probe Request reporting that was
8342 * enabled in nl80211_setup_ap().
8344 wpa_printf(MSG_DEBUG, "nl80211: Skip disabling of "
8345 "Probe Request reporting nl_preq=%p while "
8346 "in AP mode", bss->nl_preq);
8347 } else if (bss->nl_preq) {
8348 wpa_printf(MSG_DEBUG, "nl80211: Disable Probe Request "
8349 "reporting nl_preq=%p", bss->nl_preq);
8350 eloop_unregister_read_sock(
8351 nl_socket_get_fd(bss->nl_preq));
8352 nl_destroy_handles(&bss->nl_preq);
8358 wpa_printf(MSG_DEBUG, "nl80211: Probe Request reporting "
8359 "already on! nl_preq=%p", bss->nl_preq);
8363 bss->nl_preq = nl_create_handle(drv->global->nl_cb, "preq");
8364 if (bss->nl_preq == NULL)
8366 wpa_printf(MSG_DEBUG, "nl80211: Enable Probe Request "
8367 "reporting nl_preq=%p", bss->nl_preq);
8369 if (nl80211_register_frame(bss, bss->nl_preq,
8370 (WLAN_FC_TYPE_MGMT << 2) |
8371 (WLAN_FC_STYPE_PROBE_REQ << 4),
8375 eloop_register_read_sock(nl_socket_get_fd(bss->nl_preq),
8376 wpa_driver_nl80211_event_receive, bss->nl_cb,
8382 nl_destroy_handles(&bss->nl_preq);
8387 static int nl80211_disable_11b_rates(struct wpa_driver_nl80211_data *drv,
8388 int ifindex, int disabled)
8391 struct nlattr *bands, *band;
8394 msg = nlmsg_alloc();
8398 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_TX_BITRATE_MASK);
8399 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifindex);
8401 bands = nla_nest_start(msg, NL80211_ATTR_TX_RATES);
8403 goto nla_put_failure;
8406 * Disable 2 GHz rates 1, 2, 5.5, 11 Mbps by masking out everything
8407 * else apart from 6, 9, 12, 18, 24, 36, 48, 54 Mbps from non-MCS
8408 * rates. All 5 GHz rates are left enabled.
8410 band = nla_nest_start(msg, NL80211_BAND_2GHZ);
8412 goto nla_put_failure;
8414 NLA_PUT(msg, NL80211_TXRATE_LEGACY, 8,
8415 "\x0c\x12\x18\x24\x30\x48\x60\x6c");
8417 nla_nest_end(msg, band);
8419 nla_nest_end(msg, bands);
8421 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
8424 wpa_printf(MSG_DEBUG, "nl80211: Set TX rates failed: ret=%d "
8425 "(%s)", ret, strerror(-ret));
8427 drv->disabled_11b_rates = disabled;
8437 static int wpa_driver_nl80211_deinit_ap(void *priv)
8439 struct i802_bss *bss = priv;
8440 struct wpa_driver_nl80211_data *drv = bss->drv;
8441 if (!is_ap_interface(drv->nlmode))
8443 wpa_driver_nl80211_del_beacon(drv);
8444 return wpa_driver_nl80211_set_mode(priv, NL80211_IFTYPE_STATION);
8448 static int wpa_driver_nl80211_deinit_p2p_cli(void *priv)
8450 struct i802_bss *bss = priv;
8451 struct wpa_driver_nl80211_data *drv = bss->drv;
8452 if (drv->nlmode != NL80211_IFTYPE_P2P_CLIENT)
8454 return wpa_driver_nl80211_set_mode(priv, NL80211_IFTYPE_STATION);
8458 static void wpa_driver_nl80211_resume(void *priv)
8460 struct i802_bss *bss = priv;
8461 struct wpa_driver_nl80211_data *drv = bss->drv;
8462 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 1)) {
8463 wpa_printf(MSG_DEBUG, "nl80211: Failed to set interface up on "
8469 static int nl80211_send_ft_action(void *priv, u8 action, const u8 *target_ap,
8470 const u8 *ies, size_t ies_len)
8472 struct i802_bss *bss = priv;
8473 struct wpa_driver_nl80211_data *drv = bss->drv;
8477 const u8 *own_addr = bss->addr;
8480 wpa_printf(MSG_ERROR, "nl80211: Unsupported send_ft_action "
8481 "action %d", action);
8486 * Action frame payload:
8487 * Category[1] = 6 (Fast BSS Transition)
8488 * Action[1] = 1 (Fast BSS Transition Request)
8494 data_len = 2 + 2 * ETH_ALEN + ies_len;
8495 data = os_malloc(data_len);
8499 *pos++ = 0x06; /* FT Action category */
8501 os_memcpy(pos, own_addr, ETH_ALEN);
8503 os_memcpy(pos, target_ap, ETH_ALEN);
8505 os_memcpy(pos, ies, ies_len);
8507 ret = wpa_driver_nl80211_send_action(bss, drv->assoc_freq, 0,
8508 drv->bssid, own_addr, drv->bssid,
8516 static int nl80211_signal_monitor(void *priv, int threshold, int hysteresis)
8518 struct i802_bss *bss = priv;
8519 struct wpa_driver_nl80211_data *drv = bss->drv;
8520 struct nl_msg *msg, *cqm = NULL;
8523 wpa_printf(MSG_DEBUG, "nl80211: Signal monitor threshold=%d "
8524 "hysteresis=%d", threshold, hysteresis);
8526 msg = nlmsg_alloc();
8530 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_CQM);
8532 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, bss->ifindex);
8534 cqm = nlmsg_alloc();
8536 goto nla_put_failure;
8538 NLA_PUT_U32(cqm, NL80211_ATTR_CQM_RSSI_THOLD, threshold);
8539 NLA_PUT_U32(cqm, NL80211_ATTR_CQM_RSSI_HYST, hysteresis);
8540 if (nla_put_nested(msg, NL80211_ATTR_CQM, cqm) < 0)
8541 goto nla_put_failure;
8543 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
8553 static int nl80211_signal_poll(void *priv, struct wpa_signal_info *si)
8555 struct i802_bss *bss = priv;
8556 struct wpa_driver_nl80211_data *drv = bss->drv;
8559 os_memset(si, 0, sizeof(*si));
8560 res = nl80211_get_link_signal(drv, si);
8564 return nl80211_get_link_noise(drv, si);
8568 static int wpa_driver_nl80211_shared_freq(void *priv)
8570 struct i802_bss *bss = priv;
8571 struct wpa_driver_nl80211_data *drv = bss->drv;
8572 struct wpa_driver_nl80211_data *driver;
8576 * If the same PHY is in connected state with some other interface,
8577 * then retrieve the assoc freq.
8579 wpa_printf(MSG_DEBUG, "nl80211: Get shared freq for PHY %s",
8582 dl_list_for_each(driver, &drv->global->interfaces,
8583 struct wpa_driver_nl80211_data, list) {
8584 if (drv == driver ||
8585 os_strcmp(drv->phyname, driver->phyname) != 0 ||
8586 !driver->associated)
8589 wpa_printf(MSG_DEBUG, "nl80211: Found a match for PHY %s - %s "
8591 driver->phyname, driver->first_bss.ifname,
8592 MAC2STR(driver->first_bss.addr));
8593 if (is_ap_interface(driver->nlmode))
8594 freq = driver->first_bss.freq;
8596 freq = nl80211_get_assoc_freq(driver);
8597 wpa_printf(MSG_DEBUG, "nl80211: Shared freq for PHY %s: %d",
8598 drv->phyname, freq);
8602 wpa_printf(MSG_DEBUG, "nl80211: No shared interface for "
8603 "PHY (%s) in associated state", drv->phyname);
8609 static int nl80211_send_frame(void *priv, const u8 *data, size_t data_len,
8612 struct i802_bss *bss = priv;
8613 return wpa_driver_nl80211_send_frame(bss, data, data_len, encrypt, 0,
8618 static int nl80211_set_param(void *priv, const char *param)
8620 wpa_printf(MSG_DEBUG, "nl80211: driver param='%s'", param);
8625 if (os_strstr(param, "use_p2p_group_interface=1")) {
8626 struct i802_bss *bss = priv;
8627 struct wpa_driver_nl80211_data *drv = bss->drv;
8629 wpa_printf(MSG_DEBUG, "nl80211: Use separate P2P group "
8631 drv->capa.flags |= WPA_DRIVER_FLAGS_P2P_CONCURRENT;
8632 drv->capa.flags |= WPA_DRIVER_FLAGS_P2P_MGMT_AND_NON_P2P;
8634 #endif /* CONFIG_P2P */
8640 static void * nl80211_global_init(void)
8642 struct nl80211_global *global;
8643 struct netlink_config *cfg;
8645 global = os_zalloc(sizeof(*global));
8648 global->ioctl_sock = -1;
8649 dl_list_init(&global->interfaces);
8650 global->if_add_ifindex = -1;
8652 cfg = os_zalloc(sizeof(*cfg));
8657 cfg->newlink_cb = wpa_driver_nl80211_event_rtm_newlink;
8658 cfg->dellink_cb = wpa_driver_nl80211_event_rtm_dellink;
8659 global->netlink = netlink_init(cfg);
8660 if (global->netlink == NULL) {
8665 if (wpa_driver_nl80211_init_nl_global(global) < 0)
8668 global->ioctl_sock = socket(PF_INET, SOCK_DGRAM, 0);
8669 if (global->ioctl_sock < 0) {
8670 perror("socket(PF_INET,SOCK_DGRAM)");
8677 nl80211_global_deinit(global);
8682 static void nl80211_global_deinit(void *priv)
8684 struct nl80211_global *global = priv;
8687 if (!dl_list_empty(&global->interfaces)) {
8688 wpa_printf(MSG_ERROR, "nl80211: %u interface(s) remain at "
8689 "nl80211_global_deinit",
8690 dl_list_len(&global->interfaces));
8693 if (global->netlink)
8694 netlink_deinit(global->netlink);
8696 nl_destroy_handles(&global->nl);
8698 if (global->nl_event) {
8699 eloop_unregister_read_sock(
8700 nl_socket_get_fd(global->nl_event));
8701 nl_destroy_handles(&global->nl_event);
8704 nl_cb_put(global->nl_cb);
8706 if (global->ioctl_sock >= 0)
8707 close(global->ioctl_sock);
8713 static const char * nl80211_get_radio_name(void *priv)
8715 struct i802_bss *bss = priv;
8716 struct wpa_driver_nl80211_data *drv = bss->drv;
8717 return drv->phyname;
8721 static int nl80211_pmkid(struct i802_bss *bss, int cmd, const u8 *bssid,
8726 msg = nlmsg_alloc();
8730 nl80211_cmd(bss->drv, msg, 0, cmd);
8732 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(bss->ifname));
8734 NLA_PUT(msg, NL80211_ATTR_PMKID, 16, pmkid);
8736 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid);
8738 return send_and_recv_msgs(bss->drv, msg, NULL, NULL);
8745 static int nl80211_add_pmkid(void *priv, const u8 *bssid, const u8 *pmkid)
8747 struct i802_bss *bss = priv;
8748 wpa_printf(MSG_DEBUG, "nl80211: Add PMKID for " MACSTR, MAC2STR(bssid));
8749 return nl80211_pmkid(bss, NL80211_CMD_SET_PMKSA, bssid, pmkid);
8753 static int nl80211_remove_pmkid(void *priv, const u8 *bssid, const u8 *pmkid)
8755 struct i802_bss *bss = priv;
8756 wpa_printf(MSG_DEBUG, "nl80211: Delete PMKID for " MACSTR,
8758 return nl80211_pmkid(bss, NL80211_CMD_DEL_PMKSA, bssid, pmkid);
8762 static int nl80211_flush_pmkid(void *priv)
8764 struct i802_bss *bss = priv;
8765 wpa_printf(MSG_DEBUG, "nl80211: Flush PMKIDs");
8766 return nl80211_pmkid(bss, NL80211_CMD_FLUSH_PMKSA, NULL, NULL);
8770 static void nl80211_set_rekey_info(void *priv, const u8 *kek, const u8 *kck,
8771 const u8 *replay_ctr)
8773 struct i802_bss *bss = priv;
8774 struct wpa_driver_nl80211_data *drv = bss->drv;
8775 struct nlattr *replay_nested;
8778 msg = nlmsg_alloc();
8782 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_REKEY_OFFLOAD);
8784 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, bss->ifindex);
8786 replay_nested = nla_nest_start(msg, NL80211_ATTR_REKEY_DATA);
8788 goto nla_put_failure;
8790 NLA_PUT(msg, NL80211_REKEY_DATA_KEK, NL80211_KEK_LEN, kek);
8791 NLA_PUT(msg, NL80211_REKEY_DATA_KCK, NL80211_KCK_LEN, kck);
8792 NLA_PUT(msg, NL80211_REKEY_DATA_REPLAY_CTR, NL80211_REPLAY_CTR_LEN,
8795 nla_nest_end(msg, replay_nested);
8797 send_and_recv_msgs(drv, msg, NULL, NULL);
8804 static void nl80211_send_null_frame(struct i802_bss *bss, const u8 *own_addr,
8805 const u8 *addr, int qos)
8807 /* send data frame to poll STA and check whether
8808 * this frame is ACKed */
8810 struct ieee80211_hdr hdr;
8812 } STRUCT_PACKED nulldata;
8815 /* Send data frame to poll STA and check whether this frame is ACKed */
8817 os_memset(&nulldata, 0, sizeof(nulldata));
8820 nulldata.hdr.frame_control =
8821 IEEE80211_FC(WLAN_FC_TYPE_DATA,
8822 WLAN_FC_STYPE_QOS_NULL);
8823 size = sizeof(nulldata);
8825 nulldata.hdr.frame_control =
8826 IEEE80211_FC(WLAN_FC_TYPE_DATA,
8827 WLAN_FC_STYPE_NULLFUNC);
8828 size = sizeof(struct ieee80211_hdr);
8831 nulldata.hdr.frame_control |= host_to_le16(WLAN_FC_FROMDS);
8832 os_memcpy(nulldata.hdr.IEEE80211_DA_FROMDS, addr, ETH_ALEN);
8833 os_memcpy(nulldata.hdr.IEEE80211_BSSID_FROMDS, own_addr, ETH_ALEN);
8834 os_memcpy(nulldata.hdr.IEEE80211_SA_FROMDS, own_addr, ETH_ALEN);
8836 if (wpa_driver_nl80211_send_mlme(bss, (u8 *) &nulldata, size, 0) < 0)
8837 wpa_printf(MSG_DEBUG, "nl80211_send_null_frame: Failed to "
8841 static void nl80211_poll_client(void *priv, const u8 *own_addr, const u8 *addr,
8844 struct i802_bss *bss = priv;
8845 struct wpa_driver_nl80211_data *drv = bss->drv;
8848 if (!drv->poll_command_supported) {
8849 nl80211_send_null_frame(bss, own_addr, addr, qos);
8853 msg = nlmsg_alloc();
8857 nl80211_cmd(drv, msg, 0, NL80211_CMD_PROBE_CLIENT);
8859 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, bss->ifindex);
8860 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
8862 send_and_recv_msgs(drv, msg, NULL, NULL);
8869 static int nl80211_set_power_save(struct i802_bss *bss, int enabled)
8873 msg = nlmsg_alloc();
8877 nl80211_cmd(bss->drv, msg, 0, NL80211_CMD_SET_POWER_SAVE);
8878 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, bss->ifindex);
8879 NLA_PUT_U32(msg, NL80211_ATTR_PS_STATE,
8880 enabled ? NL80211_PS_ENABLED : NL80211_PS_DISABLED);
8881 return send_and_recv_msgs(bss->drv, msg, NULL, NULL);
8888 static int nl80211_set_p2p_powersave(void *priv, int legacy_ps, int opp_ps,
8891 struct i802_bss *bss = priv;
8893 wpa_printf(MSG_DEBUG, "nl80211: set_p2p_powersave (legacy_ps=%d "
8894 "opp_ps=%d ctwindow=%d)", legacy_ps, opp_ps, ctwindow);
8896 if (opp_ps != -1 || ctwindow != -1)
8897 return -1; /* Not yet supported */
8899 if (legacy_ps == -1)
8901 if (legacy_ps != 0 && legacy_ps != 1)
8902 return -1; /* Not yet supported */
8904 return nl80211_set_power_save(bss, legacy_ps);
8910 static int nl80211_send_tdls_mgmt(void *priv, const u8 *dst, u8 action_code,
8911 u8 dialog_token, u16 status_code,
8912 const u8 *buf, size_t len)
8914 struct i802_bss *bss = priv;
8915 struct wpa_driver_nl80211_data *drv = bss->drv;
8918 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT))
8924 msg = nlmsg_alloc();
8928 nl80211_cmd(drv, msg, 0, NL80211_CMD_TDLS_MGMT);
8929 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
8930 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, dst);
8931 NLA_PUT_U8(msg, NL80211_ATTR_TDLS_ACTION, action_code);
8932 NLA_PUT_U8(msg, NL80211_ATTR_TDLS_DIALOG_TOKEN, dialog_token);
8933 NLA_PUT_U16(msg, NL80211_ATTR_STATUS_CODE, status_code);
8934 NLA_PUT(msg, NL80211_ATTR_IE, len, buf);
8936 return send_and_recv_msgs(drv, msg, NULL, NULL);
8944 static int nl80211_tdls_oper(void *priv, enum tdls_oper oper, const u8 *peer)
8946 struct i802_bss *bss = priv;
8947 struct wpa_driver_nl80211_data *drv = bss->drv;
8949 enum nl80211_tdls_operation nl80211_oper;
8951 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT))
8955 case TDLS_DISCOVERY_REQ:
8956 nl80211_oper = NL80211_TDLS_DISCOVERY_REQ;
8959 nl80211_oper = NL80211_TDLS_SETUP;
8962 nl80211_oper = NL80211_TDLS_TEARDOWN;
8964 case TDLS_ENABLE_LINK:
8965 nl80211_oper = NL80211_TDLS_ENABLE_LINK;
8967 case TDLS_DISABLE_LINK:
8968 nl80211_oper = NL80211_TDLS_DISABLE_LINK;
8978 msg = nlmsg_alloc();
8982 nl80211_cmd(drv, msg, 0, NL80211_CMD_TDLS_OPER);
8983 NLA_PUT_U8(msg, NL80211_ATTR_TDLS_OPERATION, nl80211_oper);
8984 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
8985 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, peer);
8987 return send_and_recv_msgs(drv, msg, NULL, NULL);
8994 #endif /* CONFIG TDLS */
8999 typedef struct android_wifi_priv_cmd {
9003 } android_wifi_priv_cmd;
9005 static int drv_errors = 0;
9007 static void wpa_driver_send_hang_msg(struct wpa_driver_nl80211_data *drv)
9010 if (drv_errors > DRV_NUMBER_SEQUENTIAL_ERRORS) {
9012 wpa_msg(drv->ctx, MSG_INFO, WPA_EVENT_DRIVER_STATE "HANGED");
9017 static int android_priv_cmd(struct i802_bss *bss, const char *cmd)
9019 struct wpa_driver_nl80211_data *drv = bss->drv;
9021 android_wifi_priv_cmd priv_cmd;
9022 char buf[MAX_DRV_CMD_SIZE];
9025 os_memset(&ifr, 0, sizeof(ifr));
9026 os_memset(&priv_cmd, 0, sizeof(priv_cmd));
9027 os_strlcpy(ifr.ifr_name, bss->ifname, IFNAMSIZ);
9029 os_memset(buf, 0, sizeof(buf));
9030 os_strlcpy(buf, cmd, sizeof(buf));
9033 priv_cmd.used_len = sizeof(buf);
9034 priv_cmd.total_len = sizeof(buf);
9035 ifr.ifr_data = &priv_cmd;
9037 ret = ioctl(drv->global->ioctl_sock, SIOCDEVPRIVATE + 1, &ifr);
9039 wpa_printf(MSG_ERROR, "%s: failed to issue private commands",
9041 wpa_driver_send_hang_msg(drv);
9050 static int android_pno_start(struct i802_bss *bss,
9051 struct wpa_driver_scan_params *params)
9053 struct wpa_driver_nl80211_data *drv = bss->drv;
9055 android_wifi_priv_cmd priv_cmd;
9056 int ret = 0, i = 0, bp;
9057 char buf[WEXT_PNO_MAX_COMMAND_SIZE];
9059 bp = WEXT_PNOSETUP_HEADER_SIZE;
9060 os_memcpy(buf, WEXT_PNOSETUP_HEADER, bp);
9061 buf[bp++] = WEXT_PNO_TLV_PREFIX;
9062 buf[bp++] = WEXT_PNO_TLV_VERSION;
9063 buf[bp++] = WEXT_PNO_TLV_SUBVERSION;
9064 buf[bp++] = WEXT_PNO_TLV_RESERVED;
9066 while (i < WEXT_PNO_AMOUNT && (size_t) i < params->num_ssids) {
9067 /* Check that there is enough space needed for 1 more SSID, the
9068 * other sections and null termination */
9069 if ((bp + WEXT_PNO_SSID_HEADER_SIZE + MAX_SSID_LEN +
9070 WEXT_PNO_NONSSID_SECTIONS_SIZE + 1) >= (int) sizeof(buf))
9072 wpa_hexdump_ascii(MSG_DEBUG, "For PNO Scan",
9073 params->ssids[i].ssid,
9074 params->ssids[i].ssid_len);
9075 buf[bp++] = WEXT_PNO_SSID_SECTION;
9076 buf[bp++] = params->ssids[i].ssid_len;
9077 os_memcpy(&buf[bp], params->ssids[i].ssid,
9078 params->ssids[i].ssid_len);
9079 bp += params->ssids[i].ssid_len;
9083 buf[bp++] = WEXT_PNO_SCAN_INTERVAL_SECTION;
9084 os_snprintf(&buf[bp], WEXT_PNO_SCAN_INTERVAL_LENGTH + 1, "%x",
9085 WEXT_PNO_SCAN_INTERVAL);
9086 bp += WEXT_PNO_SCAN_INTERVAL_LENGTH;
9088 buf[bp++] = WEXT_PNO_REPEAT_SECTION;
9089 os_snprintf(&buf[bp], WEXT_PNO_REPEAT_LENGTH + 1, "%x",
9091 bp += WEXT_PNO_REPEAT_LENGTH;
9093 buf[bp++] = WEXT_PNO_MAX_REPEAT_SECTION;
9094 os_snprintf(&buf[bp], WEXT_PNO_MAX_REPEAT_LENGTH + 1, "%x",
9095 WEXT_PNO_MAX_REPEAT);
9096 bp += WEXT_PNO_MAX_REPEAT_LENGTH + 1;
9098 memset(&ifr, 0, sizeof(ifr));
9099 memset(&priv_cmd, 0, sizeof(priv_cmd));
9100 os_strncpy(ifr.ifr_name, bss->ifname, IFNAMSIZ);
9103 priv_cmd.used_len = bp;
9104 priv_cmd.total_len = bp;
9105 ifr.ifr_data = &priv_cmd;
9107 ret = ioctl(drv->global->ioctl_sock, SIOCDEVPRIVATE + 1, &ifr);
9110 wpa_printf(MSG_ERROR, "ioctl[SIOCSIWPRIV] (pnosetup): %d",
9112 wpa_driver_send_hang_msg(drv);
9118 return android_priv_cmd(bss, "PNOFORCE 1");
9122 static int android_pno_stop(struct i802_bss *bss)
9124 return android_priv_cmd(bss, "PNOFORCE 0");
9127 #endif /* ANDROID */
9130 const struct wpa_driver_ops wpa_driver_nl80211_ops = {
9132 .desc = "Linux nl80211/cfg80211",
9133 .get_bssid = wpa_driver_nl80211_get_bssid,
9134 .get_ssid = wpa_driver_nl80211_get_ssid,
9135 .set_key = wpa_driver_nl80211_set_key,
9136 .scan2 = wpa_driver_nl80211_scan,
9137 .sched_scan = wpa_driver_nl80211_sched_scan,
9138 .stop_sched_scan = wpa_driver_nl80211_stop_sched_scan,
9139 .get_scan_results2 = wpa_driver_nl80211_get_scan_results,
9140 .deauthenticate = wpa_driver_nl80211_deauthenticate,
9141 .disassociate = wpa_driver_nl80211_disassociate,
9142 .authenticate = wpa_driver_nl80211_authenticate,
9143 .associate = wpa_driver_nl80211_associate,
9144 .global_init = nl80211_global_init,
9145 .global_deinit = nl80211_global_deinit,
9146 .init2 = wpa_driver_nl80211_init,
9147 .deinit = wpa_driver_nl80211_deinit,
9148 .get_capa = wpa_driver_nl80211_get_capa,
9149 .set_operstate = wpa_driver_nl80211_set_operstate,
9150 .set_supp_port = wpa_driver_nl80211_set_supp_port,
9151 .set_country = wpa_driver_nl80211_set_country,
9152 .set_ap = wpa_driver_nl80211_set_ap,
9153 .if_add = wpa_driver_nl80211_if_add,
9154 .if_remove = wpa_driver_nl80211_if_remove,
9155 .send_mlme = wpa_driver_nl80211_send_mlme,
9156 .get_hw_feature_data = wpa_driver_nl80211_get_hw_feature_data,
9157 .sta_add = wpa_driver_nl80211_sta_add,
9158 .sta_remove = wpa_driver_nl80211_sta_remove,
9159 .hapd_send_eapol = wpa_driver_nl80211_hapd_send_eapol,
9160 .sta_set_flags = wpa_driver_nl80211_sta_set_flags,
9162 .hapd_init = i802_init,
9163 .hapd_deinit = i802_deinit,
9164 .set_wds_sta = i802_set_wds_sta,
9165 #endif /* HOSTAPD */
9166 #if defined(HOSTAPD) || defined(CONFIG_AP)
9167 .get_seqnum = i802_get_seqnum,
9168 .flush = i802_flush,
9169 .get_inact_sec = i802_get_inact_sec,
9170 .sta_clear_stats = i802_sta_clear_stats,
9171 .set_rts = i802_set_rts,
9172 .set_frag = i802_set_frag,
9173 .set_tx_queue_params = i802_set_tx_queue_params,
9174 .set_sta_vlan = i802_set_sta_vlan,
9175 .sta_deauth = i802_sta_deauth,
9176 .sta_disassoc = i802_sta_disassoc,
9177 #endif /* HOSTAPD || CONFIG_AP */
9178 .read_sta_data = i802_read_sta_data,
9179 .set_freq = i802_set_freq,
9180 .send_action = wpa_driver_nl80211_send_action,
9181 .send_action_cancel_wait = wpa_driver_nl80211_send_action_cancel_wait,
9182 .remain_on_channel = wpa_driver_nl80211_remain_on_channel,
9183 .cancel_remain_on_channel =
9184 wpa_driver_nl80211_cancel_remain_on_channel,
9185 .probe_req_report = wpa_driver_nl80211_probe_req_report,
9186 .deinit_ap = wpa_driver_nl80211_deinit_ap,
9187 .deinit_p2p_cli = wpa_driver_nl80211_deinit_p2p_cli,
9188 .resume = wpa_driver_nl80211_resume,
9189 .send_ft_action = nl80211_send_ft_action,
9190 .signal_monitor = nl80211_signal_monitor,
9191 .signal_poll = nl80211_signal_poll,
9192 .send_frame = nl80211_send_frame,
9193 .shared_freq = wpa_driver_nl80211_shared_freq,
9194 .set_param = nl80211_set_param,
9195 .get_radio_name = nl80211_get_radio_name,
9196 .add_pmkid = nl80211_add_pmkid,
9197 .remove_pmkid = nl80211_remove_pmkid,
9198 .flush_pmkid = nl80211_flush_pmkid,
9199 .set_rekey_info = nl80211_set_rekey_info,
9200 .poll_client = nl80211_poll_client,
9201 .set_p2p_powersave = nl80211_set_p2p_powersave,
9203 .send_tdls_mgmt = nl80211_send_tdls_mgmt,
9204 .tdls_oper = nl80211_tdls_oper,
9205 #endif /* CONFIG_TDLS */
projects / mech_eap.git / blob