2 * Driver interaction with Linux nl80211/cfg80211
3 * Copyright (c) 2002-2014, Jouni Malinen <j@w1.fi>
4 * Copyright (c) 2003-2004, Instant802 Networks, Inc.
5 * Copyright (c) 2005-2006, Devicescape Software, Inc.
6 * Copyright (c) 2007, Johannes Berg <johannes@sipsolutions.net>
7 * Copyright (c) 2009-2010, Atheros Communications
9 * This software may be distributed under the terms of the BSD license.
10 * See README for more details.
14 #include <sys/ioctl.h>
15 #include <sys/types.h>
19 #include <netlink/genl/genl.h>
20 #include <netlink/genl/family.h>
21 #include <netlink/genl/ctrl.h>
22 #ifdef CONFIG_LIBNL3_ROUTE
23 #include <netlink/route/neighbour.h>
24 #endif /* CONFIG_LIBNL3_ROUTE */
25 #include <linux/rtnetlink.h>
26 #include <netpacket/packet.h>
27 #include <linux/filter.h>
28 #include <linux/errqueue.h>
29 #include "nl80211_copy.h"
33 #include "utils/list.h"
34 #include "common/qca-vendor.h"
35 #include "common/qca-vendor-attr.h"
36 #include "common/ieee802_11_defs.h"
37 #include "common/ieee802_11_common.h"
38 #include "l2_packet/l2_packet.h"
40 #include "linux_ioctl.h"
42 #include "radiotap_iter.h"
46 #ifndef SO_WIFI_STATUS
47 # if defined(__sparc__)
48 # define SO_WIFI_STATUS 0x0025
49 # elif defined(__parisc__)
50 # define SO_WIFI_STATUS 0x4022
52 # define SO_WIFI_STATUS 41
55 # define SCM_WIFI_STATUS SO_WIFI_STATUS
58 #ifndef SO_EE_ORIGIN_TXSTATUS
59 #define SO_EE_ORIGIN_TXSTATUS 4
62 #ifndef PACKET_TX_TIMESTAMP
63 #define PACKET_TX_TIMESTAMP 16
67 #include "android_drv.h"
70 /* libnl 2.0 compatibility code */
71 #define nl_handle nl_sock
72 #define nl80211_handle_alloc nl_socket_alloc_cb
73 #define nl80211_handle_destroy nl_socket_free
76 * libnl 1.1 has a bug, it tries to allocate socket numbers densely
77 * but when you free a socket again it will mess up its bitmap and
78 * and use the wrong number the next time it needs a socket ID.
79 * Therefore, we wrap the handle alloc/destroy and add our own pid
82 static uint32_t port_bitmap[32] = { 0 };
84 static struct nl_handle *nl80211_handle_alloc(void *cb)
86 struct nl_handle *handle;
87 uint32_t pid = getpid() & 0x3FFFFF;
90 handle = nl_handle_alloc_cb(cb);
92 for (i = 0; i < 1024; i++) {
93 if (port_bitmap[i / 32] & (1 << (i % 32)))
95 port_bitmap[i / 32] |= 1 << (i % 32);
100 nl_socket_set_local_port(handle, pid);
105 static void nl80211_handle_destroy(struct nl_handle *handle)
107 uint32_t port = nl_socket_get_local_port(handle);
110 port_bitmap[port / 32] &= ~(1 << (port % 32));
112 nl_handle_destroy(handle);
114 #endif /* CONFIG_LIBNL20 */
118 /* system/core/libnl_2 does not include nl_socket_set_nonblocking() */
119 static int android_nl_socket_set_nonblocking(struct nl_handle *handle)
121 return fcntl(nl_socket_get_fd(handle), F_SETFL, O_NONBLOCK);
123 #undef nl_socket_set_nonblocking
124 #define nl_socket_set_nonblocking(h) android_nl_socket_set_nonblocking(h)
128 static struct nl_handle * nl_create_handle(struct nl_cb *cb, const char *dbg)
130 struct nl_handle *handle;
132 handle = nl80211_handle_alloc(cb);
133 if (handle == NULL) {
134 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate netlink "
135 "callbacks (%s)", dbg);
139 if (genl_connect(handle)) {
140 wpa_printf(MSG_ERROR, "nl80211: Failed to connect to generic "
141 "netlink (%s)", dbg);
142 nl80211_handle_destroy(handle);
150 static void nl_destroy_handles(struct nl_handle **handle)
154 nl80211_handle_destroy(*handle);
160 #define ELOOP_SOCKET_INVALID (intptr_t) 0x8888888888888889ULL
162 #define ELOOP_SOCKET_INVALID (intptr_t) 0x88888889ULL
165 static void nl80211_register_eloop_read(struct nl_handle **handle,
166 eloop_sock_handler handler,
169 nl_socket_set_nonblocking(*handle);
170 eloop_register_read_sock(nl_socket_get_fd(*handle), handler,
171 eloop_data, *handle);
172 *handle = (void *) (((intptr_t) *handle) ^ ELOOP_SOCKET_INVALID);
176 static void nl80211_destroy_eloop_handle(struct nl_handle **handle)
178 *handle = (void *) (((intptr_t) *handle) ^ ELOOP_SOCKET_INVALID);
179 eloop_unregister_read_sock(nl_socket_get_fd(*handle));
180 nl_destroy_handles(handle);
185 #define IFF_LOWER_UP 0x10000 /* driver signals L1 up */
188 #define IFF_DORMANT 0x20000 /* driver signals dormant */
191 #ifndef IF_OPER_DORMANT
192 #define IF_OPER_DORMANT 5
198 struct nl80211_global {
199 struct dl_list interfaces;
202 int if_add_wdevid_set;
203 struct netlink_data *netlink;
205 struct nl_handle *nl;
207 int ioctl_sock; /* socket for ioctl() use */
209 struct nl_handle *nl_event;
212 struct nl80211_wiphy_data {
217 struct nl_handle *nl_beacons;
223 static void nl80211_global_deinit(void *priv);
226 struct wpa_driver_nl80211_data *drv;
227 struct i802_bss *next;
230 char ifname[IFNAMSIZ + 1];
231 char brname[IFNAMSIZ];
232 unsigned int beacon_set:1;
233 unsigned int added_if_into_bridge:1;
234 unsigned int added_bridge:1;
235 unsigned int in_deinit:1;
236 unsigned int wdev_id_set:1;
237 unsigned int added_if:1;
238 unsigned int static_ap:1;
247 struct nl_handle *nl_preq, *nl_mgmt;
250 struct nl80211_wiphy_data *wiphy_data;
251 struct dl_list wiphy_list;
254 struct wpa_driver_nl80211_data {
255 struct nl80211_global *global;
257 struct dl_list wiphy_list;
259 u8 perm_addr[ETH_ALEN];
264 int ignore_if_down_event;
265 struct rfkill_data *rfkill;
266 struct wpa_driver_capa capa;
267 u8 *extended_capa, *extended_capa_mask;
268 unsigned int extended_capa_len;
273 int scan_complete_events;
275 NO_SCAN, SCAN_REQUESTED, SCAN_STARTED, SCAN_COMPLETED,
276 SCAN_ABORTED, SCHED_SCAN_STARTED, SCHED_SCAN_STOPPED,
282 u8 auth_bssid[ETH_ALEN];
283 u8 auth_attempt_bssid[ETH_ALEN];
285 u8 prev_bssid[ETH_ALEN];
289 enum nl80211_iftype nlmode;
290 enum nl80211_iftype ap_scan_as_station;
291 unsigned int assoc_freq;
295 int monitor_refcount;
297 unsigned int disabled_11b_rates:1;
298 unsigned int pending_remain_on_chan:1;
299 unsigned int in_interface_list:1;
300 unsigned int device_ap_sme:1;
301 unsigned int poll_command_supported:1;
302 unsigned int data_tx_status:1;
303 unsigned int scan_for_auth:1;
304 unsigned int retry_auth:1;
305 unsigned int use_monitor:1;
306 unsigned int ignore_next_local_disconnect:1;
307 unsigned int ignore_next_local_deauth:1;
308 unsigned int allow_p2p_device:1;
309 unsigned int hostapd:1;
310 unsigned int start_mode_ap:1;
311 unsigned int start_iface_up:1;
312 unsigned int test_use_roc_tx:1;
313 unsigned int ignore_deauth_event:1;
314 unsigned int roaming_vendor_cmd_avail:1;
315 unsigned int dfs_vendor_cmd_avail:1;
316 unsigned int have_low_prio_scan:1;
317 unsigned int force_connect_cmd:1;
318 unsigned int addr_changed:1;
320 u64 remain_on_chan_cookie;
321 u64 send_action_cookie;
323 unsigned int last_mgmt_freq;
325 struct wpa_driver_scan_filter *filter_ssids;
326 size_t num_filter_ssids;
328 struct i802_bss *first_bss;
332 int eapol_sock; /* socket for EAPOL frames */
334 struct nl_handle *rtnl_sk; /* nl_sock for NETLINK_ROUTE */
336 int default_if_indices[16];
340 /* From failed authentication command */
342 u8 auth_bssid_[ETH_ALEN];
344 size_t auth_ssid_len;
348 u8 auth_wep_key[4][16];
349 size_t auth_wep_key_len[4];
350 int auth_wep_tx_keyidx;
351 int auth_local_state_change;
356 static void wpa_driver_nl80211_deinit(struct i802_bss *bss);
357 static void wpa_driver_nl80211_scan_timeout(void *eloop_ctx,
359 static int wpa_driver_nl80211_set_mode(struct i802_bss *bss,
360 enum nl80211_iftype nlmode);
361 static int wpa_driver_nl80211_set_mode_ibss(struct i802_bss *bss,
362 struct hostapd_freq_params *freq);
365 wpa_driver_nl80211_finish_drv_init(struct wpa_driver_nl80211_data *drv,
366 const u8 *set_addr, int first);
367 static int wpa_driver_nl80211_mlme(struct wpa_driver_nl80211_data *drv,
368 const u8 *addr, int cmd, u16 reason_code,
369 int local_state_change);
370 static void nl80211_remove_monitor_interface(
371 struct wpa_driver_nl80211_data *drv);
372 static int nl80211_send_frame_cmd(struct i802_bss *bss,
373 unsigned int freq, unsigned int wait,
374 const u8 *buf, size_t buf_len, u64 *cookie,
375 int no_cck, int no_ack, int offchanok);
376 static int nl80211_register_frame(struct i802_bss *bss,
377 struct nl_handle *hl_handle,
378 u16 type, const u8 *match, size_t match_len);
379 static int wpa_driver_nl80211_probe_req_report(struct i802_bss *bss,
382 static int android_pno_start(struct i802_bss *bss,
383 struct wpa_driver_scan_params *params);
384 static int android_pno_stop(struct i802_bss *bss);
385 extern int wpa_driver_nl80211_driver_cmd(void *priv, char *cmd, char *buf,
389 #ifdef ANDROID_P2P_STUB
390 int wpa_driver_set_p2p_noa(void *priv, u8 count, int start, int duration) {
393 int wpa_driver_get_p2p_noa(void *priv, u8 *buf, size_t len) {
396 int wpa_driver_set_p2p_ps(void *priv, int legacy_ps, int opp_ps, int ctwindow) {
399 int wpa_driver_set_ap_wps_p2p_ie(void *priv, const struct wpabuf *beacon,
400 const struct wpabuf *proberesp,
401 const struct wpabuf *assocresp) {
404 #else /* ANDROID_P2P_STUB */
405 int wpa_driver_set_p2p_noa(void *priv, u8 count, int start, int duration);
406 int wpa_driver_get_p2p_noa(void *priv, u8 *buf, size_t len);
407 int wpa_driver_set_p2p_ps(void *priv, int legacy_ps, int opp_ps, int ctwindow);
408 int wpa_driver_set_ap_wps_p2p_ie(void *priv, const struct wpabuf *beacon,
409 const struct wpabuf *proberesp,
410 const struct wpabuf *assocresp);
411 #endif /* ANDROID_P2P_STUB */
412 #endif /* ANDROID_P2P */
414 static void add_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx);
415 static void del_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx);
416 static int have_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx);
417 static int wpa_driver_nl80211_if_remove(struct i802_bss *bss,
418 enum wpa_driver_if_type type,
421 static int nl80211_set_channel(struct i802_bss *bss,
422 struct hostapd_freq_params *freq, int set_chan);
423 static int nl80211_disable_11b_rates(struct wpa_driver_nl80211_data *drv,
424 int ifindex, int disabled);
426 static int nl80211_leave_ibss(struct wpa_driver_nl80211_data *drv);
427 static int wpa_driver_nl80211_authenticate_retry(
428 struct wpa_driver_nl80211_data *drv);
430 static int i802_set_freq(void *priv, struct hostapd_freq_params *freq);
431 static int i802_set_iface_flags(struct i802_bss *bss, int up);
434 static const char * nl80211_command_to_string(enum nl80211_commands cmd)
436 #define C2S(x) case x: return #x;
438 C2S(NL80211_CMD_UNSPEC)
439 C2S(NL80211_CMD_GET_WIPHY)
440 C2S(NL80211_CMD_SET_WIPHY)
441 C2S(NL80211_CMD_NEW_WIPHY)
442 C2S(NL80211_CMD_DEL_WIPHY)
443 C2S(NL80211_CMD_GET_INTERFACE)
444 C2S(NL80211_CMD_SET_INTERFACE)
445 C2S(NL80211_CMD_NEW_INTERFACE)
446 C2S(NL80211_CMD_DEL_INTERFACE)
447 C2S(NL80211_CMD_GET_KEY)
448 C2S(NL80211_CMD_SET_KEY)
449 C2S(NL80211_CMD_NEW_KEY)
450 C2S(NL80211_CMD_DEL_KEY)
451 C2S(NL80211_CMD_GET_BEACON)
452 C2S(NL80211_CMD_SET_BEACON)
453 C2S(NL80211_CMD_START_AP)
454 C2S(NL80211_CMD_STOP_AP)
455 C2S(NL80211_CMD_GET_STATION)
456 C2S(NL80211_CMD_SET_STATION)
457 C2S(NL80211_CMD_NEW_STATION)
458 C2S(NL80211_CMD_DEL_STATION)
459 C2S(NL80211_CMD_GET_MPATH)
460 C2S(NL80211_CMD_SET_MPATH)
461 C2S(NL80211_CMD_NEW_MPATH)
462 C2S(NL80211_CMD_DEL_MPATH)
463 C2S(NL80211_CMD_SET_BSS)
464 C2S(NL80211_CMD_SET_REG)
465 C2S(NL80211_CMD_REQ_SET_REG)
466 C2S(NL80211_CMD_GET_MESH_CONFIG)
467 C2S(NL80211_CMD_SET_MESH_CONFIG)
468 C2S(NL80211_CMD_SET_MGMT_EXTRA_IE)
469 C2S(NL80211_CMD_GET_REG)
470 C2S(NL80211_CMD_GET_SCAN)
471 C2S(NL80211_CMD_TRIGGER_SCAN)
472 C2S(NL80211_CMD_NEW_SCAN_RESULTS)
473 C2S(NL80211_CMD_SCAN_ABORTED)
474 C2S(NL80211_CMD_REG_CHANGE)
475 C2S(NL80211_CMD_AUTHENTICATE)
476 C2S(NL80211_CMD_ASSOCIATE)
477 C2S(NL80211_CMD_DEAUTHENTICATE)
478 C2S(NL80211_CMD_DISASSOCIATE)
479 C2S(NL80211_CMD_MICHAEL_MIC_FAILURE)
480 C2S(NL80211_CMD_REG_BEACON_HINT)
481 C2S(NL80211_CMD_JOIN_IBSS)
482 C2S(NL80211_CMD_LEAVE_IBSS)
483 C2S(NL80211_CMD_TESTMODE)
484 C2S(NL80211_CMD_CONNECT)
485 C2S(NL80211_CMD_ROAM)
486 C2S(NL80211_CMD_DISCONNECT)
487 C2S(NL80211_CMD_SET_WIPHY_NETNS)
488 C2S(NL80211_CMD_GET_SURVEY)
489 C2S(NL80211_CMD_NEW_SURVEY_RESULTS)
490 C2S(NL80211_CMD_SET_PMKSA)
491 C2S(NL80211_CMD_DEL_PMKSA)
492 C2S(NL80211_CMD_FLUSH_PMKSA)
493 C2S(NL80211_CMD_REMAIN_ON_CHANNEL)
494 C2S(NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL)
495 C2S(NL80211_CMD_SET_TX_BITRATE_MASK)
496 C2S(NL80211_CMD_REGISTER_FRAME)
497 C2S(NL80211_CMD_FRAME)
498 C2S(NL80211_CMD_FRAME_TX_STATUS)
499 C2S(NL80211_CMD_SET_POWER_SAVE)
500 C2S(NL80211_CMD_GET_POWER_SAVE)
501 C2S(NL80211_CMD_SET_CQM)
502 C2S(NL80211_CMD_NOTIFY_CQM)
503 C2S(NL80211_CMD_SET_CHANNEL)
504 C2S(NL80211_CMD_SET_WDS_PEER)
505 C2S(NL80211_CMD_FRAME_WAIT_CANCEL)
506 C2S(NL80211_CMD_JOIN_MESH)
507 C2S(NL80211_CMD_LEAVE_MESH)
508 C2S(NL80211_CMD_UNPROT_DEAUTHENTICATE)
509 C2S(NL80211_CMD_UNPROT_DISASSOCIATE)
510 C2S(NL80211_CMD_NEW_PEER_CANDIDATE)
511 C2S(NL80211_CMD_GET_WOWLAN)
512 C2S(NL80211_CMD_SET_WOWLAN)
513 C2S(NL80211_CMD_START_SCHED_SCAN)
514 C2S(NL80211_CMD_STOP_SCHED_SCAN)
515 C2S(NL80211_CMD_SCHED_SCAN_RESULTS)
516 C2S(NL80211_CMD_SCHED_SCAN_STOPPED)
517 C2S(NL80211_CMD_SET_REKEY_OFFLOAD)
518 C2S(NL80211_CMD_PMKSA_CANDIDATE)
519 C2S(NL80211_CMD_TDLS_OPER)
520 C2S(NL80211_CMD_TDLS_MGMT)
521 C2S(NL80211_CMD_UNEXPECTED_FRAME)
522 C2S(NL80211_CMD_PROBE_CLIENT)
523 C2S(NL80211_CMD_REGISTER_BEACONS)
524 C2S(NL80211_CMD_UNEXPECTED_4ADDR_FRAME)
525 C2S(NL80211_CMD_SET_NOACK_MAP)
526 C2S(NL80211_CMD_CH_SWITCH_NOTIFY)
527 C2S(NL80211_CMD_START_P2P_DEVICE)
528 C2S(NL80211_CMD_STOP_P2P_DEVICE)
529 C2S(NL80211_CMD_CONN_FAILED)
530 C2S(NL80211_CMD_SET_MCAST_RATE)
531 C2S(NL80211_CMD_SET_MAC_ACL)
532 C2S(NL80211_CMD_RADAR_DETECT)
533 C2S(NL80211_CMD_GET_PROTOCOL_FEATURES)
534 C2S(NL80211_CMD_UPDATE_FT_IES)
535 C2S(NL80211_CMD_FT_EVENT)
536 C2S(NL80211_CMD_CRIT_PROTOCOL_START)
537 C2S(NL80211_CMD_CRIT_PROTOCOL_STOP)
538 C2S(NL80211_CMD_GET_COALESCE)
539 C2S(NL80211_CMD_SET_COALESCE)
540 C2S(NL80211_CMD_CHANNEL_SWITCH)
541 C2S(NL80211_CMD_VENDOR)
542 C2S(NL80211_CMD_SET_QOS_MAP)
544 return "NL80211_CMD_UNKNOWN";
550 /* Converts nl80211_chan_width to a common format */
551 static enum chan_width convert2width(int width)
554 case NL80211_CHAN_WIDTH_20_NOHT:
555 return CHAN_WIDTH_20_NOHT;
556 case NL80211_CHAN_WIDTH_20:
557 return CHAN_WIDTH_20;
558 case NL80211_CHAN_WIDTH_40:
559 return CHAN_WIDTH_40;
560 case NL80211_CHAN_WIDTH_80:
561 return CHAN_WIDTH_80;
562 case NL80211_CHAN_WIDTH_80P80:
563 return CHAN_WIDTH_80P80;
564 case NL80211_CHAN_WIDTH_160:
565 return CHAN_WIDTH_160;
567 return CHAN_WIDTH_UNKNOWN;
571 static int is_ap_interface(enum nl80211_iftype nlmode)
573 return nlmode == NL80211_IFTYPE_AP ||
574 nlmode == NL80211_IFTYPE_P2P_GO;
578 static int is_sta_interface(enum nl80211_iftype nlmode)
580 return nlmode == NL80211_IFTYPE_STATION ||
581 nlmode == NL80211_IFTYPE_P2P_CLIENT;
585 static int is_p2p_net_interface(enum nl80211_iftype nlmode)
587 return nlmode == NL80211_IFTYPE_P2P_CLIENT ||
588 nlmode == NL80211_IFTYPE_P2P_GO;
592 static struct i802_bss * get_bss_ifindex(struct wpa_driver_nl80211_data *drv,
595 struct i802_bss *bss;
597 for (bss = drv->first_bss; bss; bss = bss->next) {
598 if (bss->ifindex == ifindex)
606 static void nl80211_mark_disconnected(struct wpa_driver_nl80211_data *drv)
609 os_memcpy(drv->prev_bssid, drv->bssid, ETH_ALEN);
611 os_memset(drv->bssid, 0, ETH_ALEN);
615 struct nl80211_bss_info_arg {
616 struct wpa_driver_nl80211_data *drv;
617 struct wpa_scan_results *res;
618 unsigned int assoc_freq;
619 unsigned int ibss_freq;
620 u8 assoc_bssid[ETH_ALEN];
623 static int bss_info_handler(struct nl_msg *msg, void *arg);
627 static int ack_handler(struct nl_msg *msg, void *arg)
634 static int finish_handler(struct nl_msg *msg, void *arg)
641 static int error_handler(struct sockaddr_nl *nla, struct nlmsgerr *err,
650 static int no_seq_check(struct nl_msg *msg, void *arg)
656 static int send_and_recv(struct nl80211_global *global,
657 struct nl_handle *nl_handle, struct nl_msg *msg,
658 int (*valid_handler)(struct nl_msg *, void *),
664 cb = nl_cb_clone(global->nl_cb);
668 err = nl_send_auto_complete(nl_handle, msg);
674 nl_cb_err(cb, NL_CB_CUSTOM, error_handler, &err);
675 nl_cb_set(cb, NL_CB_FINISH, NL_CB_CUSTOM, finish_handler, &err);
676 nl_cb_set(cb, NL_CB_ACK, NL_CB_CUSTOM, ack_handler, &err);
679 nl_cb_set(cb, NL_CB_VALID, NL_CB_CUSTOM,
680 valid_handler, valid_data);
683 int res = nl_recvmsgs(nl_handle, cb);
686 "nl80211: %s->nl_recvmsgs failed: %d",
697 static int send_and_recv_msgs_global(struct nl80211_global *global,
699 int (*valid_handler)(struct nl_msg *, void *),
702 return send_and_recv(global, global->nl, msg, valid_handler,
707 static int send_and_recv_msgs(struct wpa_driver_nl80211_data *drv,
709 int (*valid_handler)(struct nl_msg *, void *),
712 return send_and_recv(drv->global, drv->global->nl, msg,
713 valid_handler, valid_data);
723 static int nl80211_set_iface_id(struct nl_msg *msg, struct i802_bss *bss)
725 if (bss->wdev_id_set)
726 NLA_PUT_U64(msg, NL80211_ATTR_WDEV, bss->wdev_id);
728 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, bss->ifindex);
736 static int family_handler(struct nl_msg *msg, void *arg)
738 struct family_data *res = arg;
739 struct nlattr *tb[CTRL_ATTR_MAX + 1];
740 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
741 struct nlattr *mcgrp;
744 nla_parse(tb, CTRL_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
745 genlmsg_attrlen(gnlh, 0), NULL);
746 if (!tb[CTRL_ATTR_MCAST_GROUPS])
749 nla_for_each_nested(mcgrp, tb[CTRL_ATTR_MCAST_GROUPS], i) {
750 struct nlattr *tb2[CTRL_ATTR_MCAST_GRP_MAX + 1];
751 nla_parse(tb2, CTRL_ATTR_MCAST_GRP_MAX, nla_data(mcgrp),
752 nla_len(mcgrp), NULL);
753 if (!tb2[CTRL_ATTR_MCAST_GRP_NAME] ||
754 !tb2[CTRL_ATTR_MCAST_GRP_ID] ||
755 os_strncmp(nla_data(tb2[CTRL_ATTR_MCAST_GRP_NAME]),
757 nla_len(tb2[CTRL_ATTR_MCAST_GRP_NAME])) != 0)
759 res->id = nla_get_u32(tb2[CTRL_ATTR_MCAST_GRP_ID]);
767 static int nl_get_multicast_id(struct nl80211_global *global,
768 const char *family, const char *group)
772 struct family_data res = { group, -ENOENT };
777 genlmsg_put(msg, 0, 0, genl_ctrl_resolve(global->nl, "nlctrl"),
778 0, 0, CTRL_CMD_GETFAMILY, 0);
779 NLA_PUT_STRING(msg, CTRL_ATTR_FAMILY_NAME, family);
781 ret = send_and_recv_msgs_global(global, msg, family_handler, &res);
792 static void * nl80211_cmd(struct wpa_driver_nl80211_data *drv,
793 struct nl_msg *msg, int flags, uint8_t cmd)
795 return genlmsg_put(msg, 0, 0, drv->global->nl80211_id,
800 struct wiphy_idx_data {
802 enum nl80211_iftype nlmode;
807 static int netdev_info_handler(struct nl_msg *msg, void *arg)
809 struct nlattr *tb[NL80211_ATTR_MAX + 1];
810 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
811 struct wiphy_idx_data *info = arg;
813 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
814 genlmsg_attrlen(gnlh, 0), NULL);
816 if (tb[NL80211_ATTR_WIPHY])
817 info->wiphy_idx = nla_get_u32(tb[NL80211_ATTR_WIPHY]);
819 if (tb[NL80211_ATTR_IFTYPE])
820 info->nlmode = nla_get_u32(tb[NL80211_ATTR_IFTYPE]);
822 if (tb[NL80211_ATTR_MAC] && info->macaddr)
823 os_memcpy(info->macaddr, nla_data(tb[NL80211_ATTR_MAC]),
830 static int nl80211_get_wiphy_index(struct i802_bss *bss)
833 struct wiphy_idx_data data = {
840 return NL80211_IFTYPE_UNSPECIFIED;
842 nl80211_cmd(bss->drv, msg, 0, NL80211_CMD_GET_INTERFACE);
844 if (nl80211_set_iface_id(msg, bss) < 0)
845 goto nla_put_failure;
847 if (send_and_recv_msgs(bss->drv, msg, netdev_info_handler, &data) == 0)
848 return data.wiphy_idx;
856 static enum nl80211_iftype nl80211_get_ifmode(struct i802_bss *bss)
859 struct wiphy_idx_data data = {
860 .nlmode = NL80211_IFTYPE_UNSPECIFIED,
868 nl80211_cmd(bss->drv, msg, 0, NL80211_CMD_GET_INTERFACE);
870 if (nl80211_set_iface_id(msg, bss) < 0)
871 goto nla_put_failure;
873 if (send_and_recv_msgs(bss->drv, msg, netdev_info_handler, &data) == 0)
878 return NL80211_IFTYPE_UNSPECIFIED;
882 static int nl80211_get_macaddr(struct i802_bss *bss)
885 struct wiphy_idx_data data = {
886 .macaddr = bss->addr,
891 return NL80211_IFTYPE_UNSPECIFIED;
893 nl80211_cmd(bss->drv, msg, 0, NL80211_CMD_GET_INTERFACE);
894 if (nl80211_set_iface_id(msg, bss) < 0)
895 goto nla_put_failure;
897 return send_and_recv_msgs(bss->drv, msg, netdev_info_handler, &data);
901 return NL80211_IFTYPE_UNSPECIFIED;
905 static int nl80211_register_beacons(struct wpa_driver_nl80211_data *drv,
906 struct nl80211_wiphy_data *w)
915 nl80211_cmd(drv, msg, 0, NL80211_CMD_REGISTER_BEACONS);
917 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, w->wiphy_idx);
919 ret = send_and_recv(drv->global, w->nl_beacons, msg, NULL, NULL);
922 wpa_printf(MSG_DEBUG, "nl80211: Register beacons command "
923 "failed: ret=%d (%s)",
924 ret, strerror(-ret));
925 goto nla_put_failure;
934 static void nl80211_recv_beacons(int sock, void *eloop_ctx, void *handle)
936 struct nl80211_wiphy_data *w = eloop_ctx;
939 wpa_printf(MSG_EXCESSIVE, "nl80211: Beacon event message available");
941 res = nl_recvmsgs(handle, w->nl_cb);
943 wpa_printf(MSG_INFO, "nl80211: %s->nl_recvmsgs failed: %d",
949 static int process_beacon_event(struct nl_msg *msg, void *arg)
951 struct nl80211_wiphy_data *w = arg;
952 struct wpa_driver_nl80211_data *drv;
953 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
954 struct nlattr *tb[NL80211_ATTR_MAX + 1];
955 union wpa_event_data event;
957 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
958 genlmsg_attrlen(gnlh, 0), NULL);
960 if (gnlh->cmd != NL80211_CMD_FRAME) {
961 wpa_printf(MSG_DEBUG, "nl80211: Unexpected beacon event? (%d)",
966 if (!tb[NL80211_ATTR_FRAME])
969 dl_list_for_each(drv, &w->drvs, struct wpa_driver_nl80211_data,
971 os_memset(&event, 0, sizeof(event));
972 event.rx_mgmt.frame = nla_data(tb[NL80211_ATTR_FRAME]);
973 event.rx_mgmt.frame_len = nla_len(tb[NL80211_ATTR_FRAME]);
974 wpa_supplicant_event(drv->ctx, EVENT_RX_MGMT, &event);
981 static struct nl80211_wiphy_data *
982 nl80211_get_wiphy_data_ap(struct i802_bss *bss)
984 static DEFINE_DL_LIST(nl80211_wiphys);
985 struct nl80211_wiphy_data *w;
986 int wiphy_idx, found = 0;
987 struct i802_bss *tmp_bss;
989 if (bss->wiphy_data != NULL)
990 return bss->wiphy_data;
992 wiphy_idx = nl80211_get_wiphy_index(bss);
994 dl_list_for_each(w, &nl80211_wiphys, struct nl80211_wiphy_data, list) {
995 if (w->wiphy_idx == wiphy_idx)
1000 w = os_zalloc(sizeof(*w));
1003 w->wiphy_idx = wiphy_idx;
1004 dl_list_init(&w->bsss);
1005 dl_list_init(&w->drvs);
1007 w->nl_cb = nl_cb_alloc(NL_CB_DEFAULT);
1012 nl_cb_set(w->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM, no_seq_check, NULL);
1013 nl_cb_set(w->nl_cb, NL_CB_VALID, NL_CB_CUSTOM, process_beacon_event,
1016 w->nl_beacons = nl_create_handle(bss->drv->global->nl_cb,
1018 if (w->nl_beacons == NULL) {
1023 if (nl80211_register_beacons(bss->drv, w)) {
1024 nl_destroy_handles(&w->nl_beacons);
1029 nl80211_register_eloop_read(&w->nl_beacons, nl80211_recv_beacons, w);
1031 dl_list_add(&nl80211_wiphys, &w->list);
1034 /* drv entry for this bss already there? */
1035 dl_list_for_each(tmp_bss, &w->bsss, struct i802_bss, wiphy_list) {
1036 if (tmp_bss->drv == bss->drv) {
1043 dl_list_add(&w->drvs, &bss->drv->wiphy_list);
1045 dl_list_add(&w->bsss, &bss->wiphy_list);
1046 bss->wiphy_data = w;
1051 static void nl80211_put_wiphy_data_ap(struct i802_bss *bss)
1053 struct nl80211_wiphy_data *w = bss->wiphy_data;
1054 struct i802_bss *tmp_bss;
1059 bss->wiphy_data = NULL;
1060 dl_list_del(&bss->wiphy_list);
1062 /* still any for this drv present? */
1063 dl_list_for_each(tmp_bss, &w->bsss, struct i802_bss, wiphy_list) {
1064 if (tmp_bss->drv == bss->drv) {
1069 /* if not remove it */
1071 dl_list_del(&bss->drv->wiphy_list);
1073 if (!dl_list_empty(&w->bsss))
1076 nl80211_destroy_eloop_handle(&w->nl_beacons);
1078 nl_cb_put(w->nl_cb);
1079 dl_list_del(&w->list);
1084 static int wpa_driver_nl80211_get_bssid(void *priv, u8 *bssid)
1086 struct i802_bss *bss = priv;
1087 struct wpa_driver_nl80211_data *drv = bss->drv;
1088 if (!drv->associated)
1090 os_memcpy(bssid, drv->bssid, ETH_ALEN);
1095 static int wpa_driver_nl80211_get_ssid(void *priv, u8 *ssid)
1097 struct i802_bss *bss = priv;
1098 struct wpa_driver_nl80211_data *drv = bss->drv;
1099 if (!drv->associated)
1101 os_memcpy(ssid, drv->ssid, drv->ssid_len);
1102 return drv->ssid_len;
1106 static void wpa_driver_nl80211_event_newlink(
1107 struct wpa_driver_nl80211_data *drv, char *ifname)
1109 union wpa_event_data event;
1111 if (os_strcmp(drv->first_bss->ifname, ifname) == 0) {
1112 if (if_nametoindex(drv->first_bss->ifname) == 0) {
1113 wpa_printf(MSG_DEBUG, "nl80211: Interface %s does not exist - ignore RTM_NEWLINK",
1114 drv->first_bss->ifname);
1117 if (!drv->if_removed)
1119 wpa_printf(MSG_DEBUG, "nl80211: Mark if_removed=0 for %s based on RTM_NEWLINK event",
1120 drv->first_bss->ifname);
1121 drv->if_removed = 0;
1124 os_memset(&event, 0, sizeof(event));
1125 os_strlcpy(event.interface_status.ifname, ifname,
1126 sizeof(event.interface_status.ifname));
1127 event.interface_status.ievent = EVENT_INTERFACE_ADDED;
1128 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_STATUS, &event);
1132 static void wpa_driver_nl80211_event_dellink(
1133 struct wpa_driver_nl80211_data *drv, char *ifname)
1135 union wpa_event_data event;
1137 if (os_strcmp(drv->first_bss->ifname, ifname) == 0) {
1138 if (drv->if_removed) {
1139 wpa_printf(MSG_DEBUG, "nl80211: if_removed already set - ignore RTM_DELLINK event for %s",
1143 wpa_printf(MSG_DEBUG, "RTM_DELLINK: Interface '%s' removed - mark if_removed=1",
1145 drv->if_removed = 1;
1147 wpa_printf(MSG_DEBUG, "RTM_DELLINK: Interface '%s' removed",
1151 os_memset(&event, 0, sizeof(event));
1152 os_strlcpy(event.interface_status.ifname, ifname,
1153 sizeof(event.interface_status.ifname));
1154 event.interface_status.ievent = EVENT_INTERFACE_REMOVED;
1155 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_STATUS, &event);
1159 static int wpa_driver_nl80211_own_ifname(struct wpa_driver_nl80211_data *drv,
1160 u8 *buf, size_t len)
1162 int attrlen, rta_len;
1163 struct rtattr *attr;
1166 attr = (struct rtattr *) buf;
1168 rta_len = RTA_ALIGN(sizeof(struct rtattr));
1169 while (RTA_OK(attr, attrlen)) {
1170 if (attr->rta_type == IFLA_IFNAME) {
1171 if (os_strcmp(((char *) attr) + rta_len,
1172 drv->first_bss->ifname) == 0)
1177 attr = RTA_NEXT(attr, attrlen);
1184 static int wpa_driver_nl80211_own_ifindex(struct wpa_driver_nl80211_data *drv,
1185 int ifindex, u8 *buf, size_t len)
1187 if (drv->ifindex == ifindex)
1190 if (drv->if_removed && wpa_driver_nl80211_own_ifname(drv, buf, len)) {
1191 wpa_printf(MSG_DEBUG, "nl80211: Update ifindex for a removed "
1193 wpa_driver_nl80211_finish_drv_init(drv, NULL, 0);
1201 static struct wpa_driver_nl80211_data *
1202 nl80211_find_drv(struct nl80211_global *global, int idx, u8 *buf, size_t len)
1204 struct wpa_driver_nl80211_data *drv;
1205 dl_list_for_each(drv, &global->interfaces,
1206 struct wpa_driver_nl80211_data, list) {
1207 if (wpa_driver_nl80211_own_ifindex(drv, idx, buf, len) ||
1208 have_ifidx(drv, idx))
1215 static void wpa_driver_nl80211_event_rtm_newlink(void *ctx,
1216 struct ifinfomsg *ifi,
1217 u8 *buf, size_t len)
1219 struct nl80211_global *global = ctx;
1220 struct wpa_driver_nl80211_data *drv;
1222 struct rtattr *attr;
1224 char namebuf[IFNAMSIZ];
1225 char ifname[IFNAMSIZ + 1];
1226 char extra[100], *pos, *end;
1228 drv = nl80211_find_drv(global, ifi->ifi_index, buf, len);
1230 wpa_printf(MSG_DEBUG, "nl80211: Ignore RTM_NEWLINK event for foreign ifindex %d",
1237 end = pos + sizeof(extra);
1241 attr = (struct rtattr *) buf;
1242 while (RTA_OK(attr, attrlen)) {
1243 switch (attr->rta_type) {
1245 if (RTA_PAYLOAD(attr) >= IFNAMSIZ)
1247 os_memcpy(ifname, RTA_DATA(attr), RTA_PAYLOAD(attr));
1248 ifname[RTA_PAYLOAD(attr)] = '\0';
1251 brid = nla_get_u32((struct nlattr *) attr);
1252 pos += os_snprintf(pos, end - pos, " master=%u", brid);
1255 pos += os_snprintf(pos, end - pos, " wext");
1257 case IFLA_OPERSTATE:
1258 pos += os_snprintf(pos, end - pos, " operstate=%u",
1259 nla_get_u32((struct nlattr *) attr));
1262 pos += os_snprintf(pos, end - pos, " linkmode=%u",
1263 nla_get_u32((struct nlattr *) attr));
1266 attr = RTA_NEXT(attr, attrlen);
1268 extra[sizeof(extra) - 1] = '\0';
1270 wpa_printf(MSG_DEBUG, "RTM_NEWLINK: ifi_index=%d ifname=%s%s ifi_family=%d ifi_flags=0x%x (%s%s%s%s)",
1271 ifi->ifi_index, ifname, extra, ifi->ifi_family,
1273 (ifi->ifi_flags & IFF_UP) ? "[UP]" : "",
1274 (ifi->ifi_flags & IFF_RUNNING) ? "[RUNNING]" : "",
1275 (ifi->ifi_flags & IFF_LOWER_UP) ? "[LOWER_UP]" : "",
1276 (ifi->ifi_flags & IFF_DORMANT) ? "[DORMANT]" : "");
1278 if (!drv->if_disabled && !(ifi->ifi_flags & IFF_UP)) {
1279 if (if_indextoname(ifi->ifi_index, namebuf) &&
1280 linux_iface_up(drv->global->ioctl_sock,
1281 drv->first_bss->ifname) > 0) {
1282 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface down "
1283 "event since interface %s is up", namebuf);
1286 wpa_printf(MSG_DEBUG, "nl80211: Interface down");
1287 if (drv->ignore_if_down_event) {
1288 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface down "
1289 "event generated by mode change");
1290 drv->ignore_if_down_event = 0;
1292 drv->if_disabled = 1;
1293 wpa_supplicant_event(drv->ctx,
1294 EVENT_INTERFACE_DISABLED, NULL);
1297 * Try to get drv again, since it may be removed as
1298 * part of the EVENT_INTERFACE_DISABLED handling for
1299 * dynamic interfaces
1301 drv = nl80211_find_drv(global, ifi->ifi_index,
1308 if (drv->if_disabled && (ifi->ifi_flags & IFF_UP)) {
1309 if (if_indextoname(ifi->ifi_index, namebuf) &&
1310 linux_iface_up(drv->global->ioctl_sock,
1311 drv->first_bss->ifname) == 0) {
1312 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface up "
1313 "event since interface %s is down",
1315 } else if (if_nametoindex(drv->first_bss->ifname) == 0) {
1316 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface up "
1317 "event since interface %s does not exist",
1318 drv->first_bss->ifname);
1319 } else if (drv->if_removed) {
1320 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface up "
1321 "event since interface %s is marked "
1322 "removed", drv->first_bss->ifname);
1324 struct i802_bss *bss;
1327 /* Re-read MAC address as it may have changed */
1328 bss = get_bss_ifindex(drv, ifi->ifi_index);
1330 linux_get_ifhwaddr(drv->global->ioctl_sock,
1331 bss->ifname, addr) < 0) {
1332 wpa_printf(MSG_DEBUG,
1333 "nl80211: %s: failed to re-read MAC address",
1336 os_memcmp(addr, bss->addr, ETH_ALEN) != 0) {
1337 wpa_printf(MSG_DEBUG,
1338 "nl80211: Own MAC address on ifindex %d (%s) changed from "
1339 MACSTR " to " MACSTR,
1340 ifi->ifi_index, bss->ifname,
1343 os_memcpy(bss->addr, addr, ETH_ALEN);
1346 wpa_printf(MSG_DEBUG, "nl80211: Interface up");
1347 drv->if_disabled = 0;
1348 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_ENABLED,
1354 * Some drivers send the association event before the operup event--in
1355 * this case, lifting operstate in wpa_driver_nl80211_set_operstate()
1356 * fails. This will hit us when wpa_supplicant does not need to do
1357 * IEEE 802.1X authentication
1359 if (drv->operstate == 1 &&
1360 (ifi->ifi_flags & (IFF_LOWER_UP | IFF_DORMANT)) == IFF_LOWER_UP &&
1361 !(ifi->ifi_flags & IFF_RUNNING)) {
1362 wpa_printf(MSG_DEBUG, "nl80211: Set IF_OPER_UP again based on ifi_flags and expected operstate");
1363 netlink_send_oper_ifla(drv->global->netlink, drv->ifindex,
1368 wpa_driver_nl80211_event_newlink(drv, ifname);
1370 if (ifi->ifi_family == AF_BRIDGE && brid) {
1371 /* device has been added to bridge */
1372 if_indextoname(brid, namebuf);
1373 wpa_printf(MSG_DEBUG, "nl80211: Add ifindex %u for bridge %s",
1375 add_ifidx(drv, brid);
1380 static void wpa_driver_nl80211_event_rtm_dellink(void *ctx,
1381 struct ifinfomsg *ifi,
1382 u8 *buf, size_t len)
1384 struct nl80211_global *global = ctx;
1385 struct wpa_driver_nl80211_data *drv;
1387 struct rtattr *attr;
1389 char ifname[IFNAMSIZ + 1];
1390 char extra[100], *pos, *end;
1392 drv = nl80211_find_drv(global, ifi->ifi_index, buf, len);
1394 wpa_printf(MSG_DEBUG, "nl80211: Ignore RTM_DELLINK event for foreign ifindex %d",
1401 end = pos + sizeof(extra);
1405 attr = (struct rtattr *) buf;
1406 while (RTA_OK(attr, attrlen)) {
1407 switch (attr->rta_type) {
1409 if (RTA_PAYLOAD(attr) >= IFNAMSIZ)
1411 os_memcpy(ifname, RTA_DATA(attr), RTA_PAYLOAD(attr));
1412 ifname[RTA_PAYLOAD(attr)] = '\0';
1415 brid = nla_get_u32((struct nlattr *) attr);
1416 pos += os_snprintf(pos, end - pos, " master=%u", brid);
1418 case IFLA_OPERSTATE:
1419 pos += os_snprintf(pos, end - pos, " operstate=%u",
1420 nla_get_u32((struct nlattr *) attr));
1423 pos += os_snprintf(pos, end - pos, " linkmode=%u",
1424 nla_get_u32((struct nlattr *) attr));
1427 attr = RTA_NEXT(attr, attrlen);
1429 extra[sizeof(extra) - 1] = '\0';
1431 wpa_printf(MSG_DEBUG, "RTM_DELLINK: ifi_index=%d ifname=%s%s ifi_family=%d ifi_flags=0x%x (%s%s%s%s)",
1432 ifi->ifi_index, ifname, extra, ifi->ifi_family,
1434 (ifi->ifi_flags & IFF_UP) ? "[UP]" : "",
1435 (ifi->ifi_flags & IFF_RUNNING) ? "[RUNNING]" : "",
1436 (ifi->ifi_flags & IFF_LOWER_UP) ? "[LOWER_UP]" : "",
1437 (ifi->ifi_flags & IFF_DORMANT) ? "[DORMANT]" : "");
1439 if (ifname[0] && (ifi->ifi_family != AF_BRIDGE || !brid))
1440 wpa_driver_nl80211_event_dellink(drv, ifname);
1442 if (ifi->ifi_family == AF_BRIDGE && brid) {
1443 /* device has been removed from bridge */
1444 char namebuf[IFNAMSIZ];
1445 if_indextoname(brid, namebuf);
1446 wpa_printf(MSG_DEBUG, "nl80211: Remove ifindex %u for bridge "
1447 "%s", brid, namebuf);
1448 del_ifidx(drv, brid);
1453 static void mlme_event_auth(struct wpa_driver_nl80211_data *drv,
1454 const u8 *frame, size_t len)
1456 const struct ieee80211_mgmt *mgmt;
1457 union wpa_event_data event;
1459 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME) &&
1460 drv->force_connect_cmd) {
1462 * Avoid reporting two association events that would confuse
1465 wpa_printf(MSG_DEBUG,
1466 "nl80211: Ignore auth event when using driver SME");
1470 wpa_printf(MSG_DEBUG, "nl80211: Authenticate event");
1471 mgmt = (const struct ieee80211_mgmt *) frame;
1472 if (len < 24 + sizeof(mgmt->u.auth)) {
1473 wpa_printf(MSG_DEBUG, "nl80211: Too short association event "
1478 os_memcpy(drv->auth_bssid, mgmt->sa, ETH_ALEN);
1479 os_memset(drv->auth_attempt_bssid, 0, ETH_ALEN);
1480 os_memset(&event, 0, sizeof(event));
1481 os_memcpy(event.auth.peer, mgmt->sa, ETH_ALEN);
1482 event.auth.auth_type = le_to_host16(mgmt->u.auth.auth_alg);
1483 event.auth.auth_transaction =
1484 le_to_host16(mgmt->u.auth.auth_transaction);
1485 event.auth.status_code = le_to_host16(mgmt->u.auth.status_code);
1486 if (len > 24 + sizeof(mgmt->u.auth)) {
1487 event.auth.ies = mgmt->u.auth.variable;
1488 event.auth.ies_len = len - 24 - sizeof(mgmt->u.auth);
1491 wpa_supplicant_event(drv->ctx, EVENT_AUTH, &event);
1495 static unsigned int nl80211_get_assoc_freq(struct wpa_driver_nl80211_data *drv)
1499 struct nl80211_bss_info_arg arg;
1501 os_memset(&arg, 0, sizeof(arg));
1502 msg = nlmsg_alloc();
1504 goto nla_put_failure;
1506 nl80211_cmd(drv, msg, NLM_F_DUMP, NL80211_CMD_GET_SCAN);
1507 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
1510 ret = send_and_recv_msgs(drv, msg, bss_info_handler, &arg);
1513 unsigned int freq = drv->nlmode == NL80211_IFTYPE_ADHOC ?
1514 arg.ibss_freq : arg.assoc_freq;
1515 wpa_printf(MSG_DEBUG, "nl80211: Operating frequency for the "
1516 "associated BSS from scan results: %u MHz", freq);
1518 drv->assoc_freq = freq;
1519 return drv->assoc_freq;
1521 wpa_printf(MSG_DEBUG, "nl80211: Scan result fetch failed: ret=%d "
1522 "(%s)", ret, strerror(-ret));
1525 return drv->assoc_freq;
1529 static void mlme_event_assoc(struct wpa_driver_nl80211_data *drv,
1530 const u8 *frame, size_t len)
1532 const struct ieee80211_mgmt *mgmt;
1533 union wpa_event_data event;
1536 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME) &&
1537 drv->force_connect_cmd) {
1539 * Avoid reporting two association events that would confuse
1542 wpa_printf(MSG_DEBUG,
1543 "nl80211: Ignore assoc event when using driver SME");
1547 wpa_printf(MSG_DEBUG, "nl80211: Associate event");
1548 mgmt = (const struct ieee80211_mgmt *) frame;
1549 if (len < 24 + sizeof(mgmt->u.assoc_resp)) {
1550 wpa_printf(MSG_DEBUG, "nl80211: Too short association event "
1555 status = le_to_host16(mgmt->u.assoc_resp.status_code);
1556 if (status != WLAN_STATUS_SUCCESS) {
1557 os_memset(&event, 0, sizeof(event));
1558 event.assoc_reject.bssid = mgmt->bssid;
1559 if (len > 24 + sizeof(mgmt->u.assoc_resp)) {
1560 event.assoc_reject.resp_ies =
1561 (u8 *) mgmt->u.assoc_resp.variable;
1562 event.assoc_reject.resp_ies_len =
1563 len - 24 - sizeof(mgmt->u.assoc_resp);
1565 event.assoc_reject.status_code = status;
1567 wpa_supplicant_event(drv->ctx, EVENT_ASSOC_REJECT, &event);
1571 drv->associated = 1;
1572 os_memcpy(drv->bssid, mgmt->sa, ETH_ALEN);
1573 os_memcpy(drv->prev_bssid, mgmt->sa, ETH_ALEN);
1575 os_memset(&event, 0, sizeof(event));
1576 if (len > 24 + sizeof(mgmt->u.assoc_resp)) {
1577 event.assoc_info.resp_ies = (u8 *) mgmt->u.assoc_resp.variable;
1578 event.assoc_info.resp_ies_len =
1579 len - 24 - sizeof(mgmt->u.assoc_resp);
1582 event.assoc_info.freq = drv->assoc_freq;
1584 wpa_supplicant_event(drv->ctx, EVENT_ASSOC, &event);
1588 static void mlme_event_connect(struct wpa_driver_nl80211_data *drv,
1589 enum nl80211_commands cmd, struct nlattr *status,
1590 struct nlattr *addr, struct nlattr *req_ie,
1591 struct nlattr *resp_ie)
1593 union wpa_event_data event;
1595 if (drv->capa.flags & WPA_DRIVER_FLAGS_SME) {
1597 * Avoid reporting two association events that would confuse
1600 wpa_printf(MSG_DEBUG, "nl80211: Ignore connect event (cmd=%d) "
1601 "when using userspace SME", cmd);
1605 if (cmd == NL80211_CMD_CONNECT)
1606 wpa_printf(MSG_DEBUG, "nl80211: Connect event");
1607 else if (cmd == NL80211_CMD_ROAM)
1608 wpa_printf(MSG_DEBUG, "nl80211: Roam event");
1610 os_memset(&event, 0, sizeof(event));
1611 if (cmd == NL80211_CMD_CONNECT &&
1612 nla_get_u16(status) != WLAN_STATUS_SUCCESS) {
1614 event.assoc_reject.bssid = nla_data(addr);
1616 event.assoc_reject.resp_ies = nla_data(resp_ie);
1617 event.assoc_reject.resp_ies_len = nla_len(resp_ie);
1619 event.assoc_reject.status_code = nla_get_u16(status);
1620 wpa_supplicant_event(drv->ctx, EVENT_ASSOC_REJECT, &event);
1624 drv->associated = 1;
1626 os_memcpy(drv->bssid, nla_data(addr), ETH_ALEN);
1627 os_memcpy(drv->prev_bssid, drv->bssid, ETH_ALEN);
1631 event.assoc_info.req_ies = nla_data(req_ie);
1632 event.assoc_info.req_ies_len = nla_len(req_ie);
1635 event.assoc_info.resp_ies = nla_data(resp_ie);
1636 event.assoc_info.resp_ies_len = nla_len(resp_ie);
1639 event.assoc_info.freq = nl80211_get_assoc_freq(drv);
1641 wpa_supplicant_event(drv->ctx, EVENT_ASSOC, &event);
1645 static void mlme_event_disconnect(struct wpa_driver_nl80211_data *drv,
1646 struct nlattr *reason, struct nlattr *addr,
1647 struct nlattr *by_ap)
1649 union wpa_event_data data;
1650 unsigned int locally_generated = by_ap == NULL;
1652 if (drv->capa.flags & WPA_DRIVER_FLAGS_SME) {
1654 * Avoid reporting two disassociation events that could
1655 * confuse the core code.
1657 wpa_printf(MSG_DEBUG, "nl80211: Ignore disconnect "
1658 "event when using userspace SME");
1662 if (drv->ignore_next_local_disconnect) {
1663 drv->ignore_next_local_disconnect = 0;
1664 if (locally_generated) {
1665 wpa_printf(MSG_DEBUG, "nl80211: Ignore disconnect "
1666 "event triggered during reassociation");
1669 wpa_printf(MSG_WARNING, "nl80211: Was expecting local "
1670 "disconnect but got another disconnect "
1674 wpa_printf(MSG_DEBUG, "nl80211: Disconnect event");
1675 nl80211_mark_disconnected(drv);
1676 os_memset(&data, 0, sizeof(data));
1678 data.deauth_info.reason_code = nla_get_u16(reason);
1679 data.deauth_info.locally_generated = by_ap == NULL;
1680 wpa_supplicant_event(drv->ctx, EVENT_DEAUTH, &data);
1684 static int calculate_chan_offset(int width, int freq, int cf1, int cf2)
1688 switch (convert2width(width)) {
1689 case CHAN_WIDTH_20_NOHT:
1698 case CHAN_WIDTH_160:
1701 case CHAN_WIDTH_UNKNOWN:
1702 case CHAN_WIDTH_80P80:
1703 /* FIXME: implement this */
1707 return (abs(freq - freq1) / 20) % 2 == 0 ? 1 : -1;
1711 static void mlme_event_ch_switch(struct wpa_driver_nl80211_data *drv,
1712 struct nlattr *ifindex, struct nlattr *freq,
1713 struct nlattr *type, struct nlattr *bw,
1714 struct nlattr *cf1, struct nlattr *cf2)
1716 struct i802_bss *bss;
1717 union wpa_event_data data;
1719 int chan_offset = 0;
1722 wpa_printf(MSG_DEBUG, "nl80211: Channel switch event");
1727 ifidx = nla_get_u32(ifindex);
1728 bss = get_bss_ifindex(drv, ifidx);
1730 wpa_printf(MSG_WARNING, "nl80211: Unknown ifindex (%d) for channel switch, ignoring",
1736 switch (nla_get_u32(type)) {
1737 case NL80211_CHAN_NO_HT:
1740 case NL80211_CHAN_HT20:
1742 case NL80211_CHAN_HT40PLUS:
1745 case NL80211_CHAN_HT40MINUS:
1749 } else if (bw && cf1) {
1750 /* This can happen for example with VHT80 ch switch */
1751 chan_offset = calculate_chan_offset(nla_get_u32(bw),
1754 cf2 ? nla_get_u32(cf2) : 0);
1756 wpa_printf(MSG_WARNING, "nl80211: Unknown secondary channel information - following channel definition calculations may fail");
1759 os_memset(&data, 0, sizeof(data));
1760 data.ch_switch.freq = nla_get_u32(freq);
1761 data.ch_switch.ht_enabled = ht_enabled;
1762 data.ch_switch.ch_offset = chan_offset;
1764 data.ch_switch.ch_width = convert2width(nla_get_u32(bw));
1766 data.ch_switch.cf1 = nla_get_u32(cf1);
1768 data.ch_switch.cf2 = nla_get_u32(cf2);
1770 bss->freq = data.ch_switch.freq;
1772 wpa_supplicant_event(bss->ctx, EVENT_CH_SWITCH, &data);
1776 static void mlme_timeout_event(struct wpa_driver_nl80211_data *drv,
1777 enum nl80211_commands cmd, struct nlattr *addr)
1779 union wpa_event_data event;
1780 enum wpa_event_type ev;
1782 if (nla_len(addr) != ETH_ALEN)
1785 wpa_printf(MSG_DEBUG, "nl80211: MLME event %d; timeout with " MACSTR,
1786 cmd, MAC2STR((u8 *) nla_data(addr)));
1788 if (cmd == NL80211_CMD_AUTHENTICATE)
1789 ev = EVENT_AUTH_TIMED_OUT;
1790 else if (cmd == NL80211_CMD_ASSOCIATE)
1791 ev = EVENT_ASSOC_TIMED_OUT;
1795 os_memset(&event, 0, sizeof(event));
1796 os_memcpy(event.timeout_event.addr, nla_data(addr), ETH_ALEN);
1797 wpa_supplicant_event(drv->ctx, ev, &event);
1801 static void mlme_event_mgmt(struct i802_bss *bss,
1802 struct nlattr *freq, struct nlattr *sig,
1803 const u8 *frame, size_t len)
1805 struct wpa_driver_nl80211_data *drv = bss->drv;
1806 const struct ieee80211_mgmt *mgmt;
1807 union wpa_event_data event;
1812 wpa_printf(MSG_MSGDUMP, "nl80211: Frame event");
1813 mgmt = (const struct ieee80211_mgmt *) frame;
1815 wpa_printf(MSG_DEBUG, "nl80211: Too short management frame");
1819 fc = le_to_host16(mgmt->frame_control);
1820 stype = WLAN_FC_GET_STYPE(fc);
1823 ssi_signal = (s32) nla_get_u32(sig);
1825 os_memset(&event, 0, sizeof(event));
1827 event.rx_mgmt.freq = nla_get_u32(freq);
1828 rx_freq = drv->last_mgmt_freq = event.rx_mgmt.freq;
1830 wpa_printf(MSG_DEBUG,
1831 "nl80211: RX frame sa=" MACSTR
1832 " freq=%d ssi_signal=%d stype=%u (%s) len=%u",
1833 MAC2STR(mgmt->sa), rx_freq, ssi_signal, stype, fc2str(fc),
1834 (unsigned int) len);
1835 event.rx_mgmt.frame = frame;
1836 event.rx_mgmt.frame_len = len;
1837 event.rx_mgmt.ssi_signal = ssi_signal;
1838 event.rx_mgmt.drv_priv = bss;
1839 wpa_supplicant_event(drv->ctx, EVENT_RX_MGMT, &event);
1843 static void mlme_event_mgmt_tx_status(struct wpa_driver_nl80211_data *drv,
1844 struct nlattr *cookie, const u8 *frame,
1845 size_t len, struct nlattr *ack)
1847 union wpa_event_data event;
1848 const struct ieee80211_hdr *hdr;
1851 wpa_printf(MSG_DEBUG, "nl80211: Frame TX status event");
1852 if (!is_ap_interface(drv->nlmode)) {
1858 cookie_val = nla_get_u64(cookie);
1859 wpa_printf(MSG_DEBUG, "nl80211: Action TX status:"
1860 " cookie=0%llx%s (ack=%d)",
1861 (long long unsigned int) cookie_val,
1862 cookie_val == drv->send_action_cookie ?
1863 " (match)" : " (unknown)", ack != NULL);
1864 if (cookie_val != drv->send_action_cookie)
1868 hdr = (const struct ieee80211_hdr *) frame;
1869 fc = le_to_host16(hdr->frame_control);
1871 os_memset(&event, 0, sizeof(event));
1872 event.tx_status.type = WLAN_FC_GET_TYPE(fc);
1873 event.tx_status.stype = WLAN_FC_GET_STYPE(fc);
1874 event.tx_status.dst = hdr->addr1;
1875 event.tx_status.data = frame;
1876 event.tx_status.data_len = len;
1877 event.tx_status.ack = ack != NULL;
1878 wpa_supplicant_event(drv->ctx, EVENT_TX_STATUS, &event);
1882 static void mlme_event_deauth_disassoc(struct wpa_driver_nl80211_data *drv,
1883 enum wpa_event_type type,
1884 const u8 *frame, size_t len)
1886 const struct ieee80211_mgmt *mgmt;
1887 union wpa_event_data event;
1888 const u8 *bssid = NULL;
1889 u16 reason_code = 0;
1891 if (type == EVENT_DEAUTH)
1892 wpa_printf(MSG_DEBUG, "nl80211: Deauthenticate event");
1894 wpa_printf(MSG_DEBUG, "nl80211: Disassociate event");
1896 mgmt = (const struct ieee80211_mgmt *) frame;
1898 bssid = mgmt->bssid;
1900 if ((drv->capa.flags & WPA_DRIVER_FLAGS_SME) &&
1902 os_memcmp(bssid, drv->auth_bssid, ETH_ALEN) != 0 &&
1903 os_memcmp(bssid, drv->auth_attempt_bssid, ETH_ALEN) != 0 &&
1904 os_memcmp(bssid, drv->prev_bssid, ETH_ALEN) == 0) {
1906 * Avoid issues with some roaming cases where
1907 * disconnection event for the old AP may show up after
1908 * we have started connection with the new AP.
1910 wpa_printf(MSG_DEBUG, "nl80211: Ignore deauth/disassoc event from old AP " MACSTR " when already authenticating with " MACSTR,
1912 MAC2STR(drv->auth_attempt_bssid));
1916 if (drv->associated != 0 &&
1917 os_memcmp(bssid, drv->bssid, ETH_ALEN) != 0 &&
1918 os_memcmp(bssid, drv->auth_bssid, ETH_ALEN) != 0) {
1920 * We have presumably received this deauth as a
1921 * response to a clear_state_mismatch() outgoing
1922 * deauth. Don't let it take us offline!
1924 wpa_printf(MSG_DEBUG, "nl80211: Deauth received "
1925 "from Unknown BSSID " MACSTR " -- ignoring",
1931 nl80211_mark_disconnected(drv);
1932 os_memset(&event, 0, sizeof(event));
1934 /* Note: Same offset for Reason Code in both frame subtypes */
1935 if (len >= 24 + sizeof(mgmt->u.deauth))
1936 reason_code = le_to_host16(mgmt->u.deauth.reason_code);
1938 if (type == EVENT_DISASSOC) {
1939 event.disassoc_info.locally_generated =
1940 !os_memcmp(mgmt->sa, drv->first_bss->addr, ETH_ALEN);
1941 event.disassoc_info.addr = bssid;
1942 event.disassoc_info.reason_code = reason_code;
1943 if (frame + len > mgmt->u.disassoc.variable) {
1944 event.disassoc_info.ie = mgmt->u.disassoc.variable;
1945 event.disassoc_info.ie_len = frame + len -
1946 mgmt->u.disassoc.variable;
1949 if (drv->ignore_deauth_event) {
1950 wpa_printf(MSG_DEBUG, "nl80211: Ignore deauth event due to previous forced deauth-during-auth");
1951 drv->ignore_deauth_event = 0;
1954 event.deauth_info.locally_generated =
1955 !os_memcmp(mgmt->sa, drv->first_bss->addr, ETH_ALEN);
1956 if (drv->ignore_next_local_deauth) {
1957 drv->ignore_next_local_deauth = 0;
1958 if (event.deauth_info.locally_generated) {
1959 wpa_printf(MSG_DEBUG, "nl80211: Ignore deauth event triggered due to own deauth request");
1962 wpa_printf(MSG_WARNING, "nl80211: Was expecting local deauth but got another disconnect event first");
1964 event.deauth_info.addr = bssid;
1965 event.deauth_info.reason_code = reason_code;
1966 if (frame + len > mgmt->u.deauth.variable) {
1967 event.deauth_info.ie = mgmt->u.deauth.variable;
1968 event.deauth_info.ie_len = frame + len -
1969 mgmt->u.deauth.variable;
1973 wpa_supplicant_event(drv->ctx, type, &event);
1977 static void mlme_event_unprot_disconnect(struct wpa_driver_nl80211_data *drv,
1978 enum wpa_event_type type,
1979 const u8 *frame, size_t len)
1981 const struct ieee80211_mgmt *mgmt;
1982 union wpa_event_data event;
1983 u16 reason_code = 0;
1985 if (type == EVENT_UNPROT_DEAUTH)
1986 wpa_printf(MSG_DEBUG, "nl80211: Unprot Deauthenticate event");
1988 wpa_printf(MSG_DEBUG, "nl80211: Unprot Disassociate event");
1993 mgmt = (const struct ieee80211_mgmt *) frame;
1995 os_memset(&event, 0, sizeof(event));
1996 /* Note: Same offset for Reason Code in both frame subtypes */
1997 if (len >= 24 + sizeof(mgmt->u.deauth))
1998 reason_code = le_to_host16(mgmt->u.deauth.reason_code);
2000 if (type == EVENT_UNPROT_DISASSOC) {
2001 event.unprot_disassoc.sa = mgmt->sa;
2002 event.unprot_disassoc.da = mgmt->da;
2003 event.unprot_disassoc.reason_code = reason_code;
2005 event.unprot_deauth.sa = mgmt->sa;
2006 event.unprot_deauth.da = mgmt->da;
2007 event.unprot_deauth.reason_code = reason_code;
2010 wpa_supplicant_event(drv->ctx, type, &event);
2014 static void mlme_event(struct i802_bss *bss,
2015 enum nl80211_commands cmd, struct nlattr *frame,
2016 struct nlattr *addr, struct nlattr *timed_out,
2017 struct nlattr *freq, struct nlattr *ack,
2018 struct nlattr *cookie, struct nlattr *sig)
2020 struct wpa_driver_nl80211_data *drv = bss->drv;
2024 if (timed_out && addr) {
2025 mlme_timeout_event(drv, cmd, addr);
2029 if (frame == NULL) {
2030 wpa_printf(MSG_DEBUG,
2031 "nl80211: MLME event %d (%s) without frame data",
2032 cmd, nl80211_command_to_string(cmd));
2036 data = nla_data(frame);
2037 len = nla_len(frame);
2038 if (len < 4 + 2 * ETH_ALEN) {
2039 wpa_printf(MSG_MSGDUMP, "nl80211: MLME event %d (%s) on %s("
2040 MACSTR ") - too short",
2041 cmd, nl80211_command_to_string(cmd), bss->ifname,
2042 MAC2STR(bss->addr));
2045 wpa_printf(MSG_MSGDUMP, "nl80211: MLME event %d (%s) on %s(" MACSTR
2046 ") A1=" MACSTR " A2=" MACSTR, cmd,
2047 nl80211_command_to_string(cmd), bss->ifname,
2048 MAC2STR(bss->addr), MAC2STR(data + 4),
2049 MAC2STR(data + 4 + ETH_ALEN));
2050 if (cmd != NL80211_CMD_FRAME_TX_STATUS && !(data[4] & 0x01) &&
2051 os_memcmp(bss->addr, data + 4, ETH_ALEN) != 0 &&
2052 os_memcmp(bss->addr, data + 4 + ETH_ALEN, ETH_ALEN) != 0) {
2053 wpa_printf(MSG_MSGDUMP, "nl80211: %s: Ignore MLME frame event "
2054 "for foreign address", bss->ifname);
2057 wpa_hexdump(MSG_MSGDUMP, "nl80211: MLME event frame",
2058 nla_data(frame), nla_len(frame));
2061 case NL80211_CMD_AUTHENTICATE:
2062 mlme_event_auth(drv, nla_data(frame), nla_len(frame));
2064 case NL80211_CMD_ASSOCIATE:
2065 mlme_event_assoc(drv, nla_data(frame), nla_len(frame));
2067 case NL80211_CMD_DEAUTHENTICATE:
2068 mlme_event_deauth_disassoc(drv, EVENT_DEAUTH,
2069 nla_data(frame), nla_len(frame));
2071 case NL80211_CMD_DISASSOCIATE:
2072 mlme_event_deauth_disassoc(drv, EVENT_DISASSOC,
2073 nla_data(frame), nla_len(frame));
2075 case NL80211_CMD_FRAME:
2076 mlme_event_mgmt(bss, freq, sig, nla_data(frame),
2079 case NL80211_CMD_FRAME_TX_STATUS:
2080 mlme_event_mgmt_tx_status(drv, cookie, nla_data(frame),
2081 nla_len(frame), ack);
2083 case NL80211_CMD_UNPROT_DEAUTHENTICATE:
2084 mlme_event_unprot_disconnect(drv, EVENT_UNPROT_DEAUTH,
2085 nla_data(frame), nla_len(frame));
2087 case NL80211_CMD_UNPROT_DISASSOCIATE:
2088 mlme_event_unprot_disconnect(drv, EVENT_UNPROT_DISASSOC,
2089 nla_data(frame), nla_len(frame));
2097 static void mlme_event_michael_mic_failure(struct i802_bss *bss,
2098 struct nlattr *tb[])
2100 union wpa_event_data data;
2102 wpa_printf(MSG_DEBUG, "nl80211: MLME event Michael MIC failure");
2103 os_memset(&data, 0, sizeof(data));
2104 if (tb[NL80211_ATTR_MAC]) {
2105 wpa_hexdump(MSG_DEBUG, "nl80211: Source MAC address",
2106 nla_data(tb[NL80211_ATTR_MAC]),
2107 nla_len(tb[NL80211_ATTR_MAC]));
2108 data.michael_mic_failure.src = nla_data(tb[NL80211_ATTR_MAC]);
2110 if (tb[NL80211_ATTR_KEY_SEQ]) {
2111 wpa_hexdump(MSG_DEBUG, "nl80211: TSC",
2112 nla_data(tb[NL80211_ATTR_KEY_SEQ]),
2113 nla_len(tb[NL80211_ATTR_KEY_SEQ]));
2115 if (tb[NL80211_ATTR_KEY_TYPE]) {
2116 enum nl80211_key_type key_type =
2117 nla_get_u32(tb[NL80211_ATTR_KEY_TYPE]);
2118 wpa_printf(MSG_DEBUG, "nl80211: Key Type %d", key_type);
2119 if (key_type == NL80211_KEYTYPE_PAIRWISE)
2120 data.michael_mic_failure.unicast = 1;
2122 data.michael_mic_failure.unicast = 1;
2124 if (tb[NL80211_ATTR_KEY_IDX]) {
2125 u8 key_id = nla_get_u8(tb[NL80211_ATTR_KEY_IDX]);
2126 wpa_printf(MSG_DEBUG, "nl80211: Key Id %d", key_id);
2129 wpa_supplicant_event(bss->ctx, EVENT_MICHAEL_MIC_FAILURE, &data);
2133 static void mlme_event_join_ibss(struct wpa_driver_nl80211_data *drv,
2134 struct nlattr *tb[])
2138 if (tb[NL80211_ATTR_MAC] == NULL) {
2139 wpa_printf(MSG_DEBUG, "nl80211: No address in IBSS joined "
2143 os_memcpy(drv->bssid, nla_data(tb[NL80211_ATTR_MAC]), ETH_ALEN);
2145 drv->associated = 1;
2146 wpa_printf(MSG_DEBUG, "nl80211: IBSS " MACSTR " joined",
2147 MAC2STR(drv->bssid));
2149 freq = nl80211_get_assoc_freq(drv);
2151 wpa_printf(MSG_DEBUG, "nl80211: IBSS on frequency %u MHz",
2153 drv->first_bss->freq = freq;
2156 wpa_supplicant_event(drv->ctx, EVENT_ASSOC, NULL);
2160 static void mlme_event_remain_on_channel(struct wpa_driver_nl80211_data *drv,
2161 int cancel_event, struct nlattr *tb[])
2163 unsigned int freq, chan_type, duration;
2164 union wpa_event_data data;
2167 if (tb[NL80211_ATTR_WIPHY_FREQ])
2168 freq = nla_get_u32(tb[NL80211_ATTR_WIPHY_FREQ]);
2172 if (tb[NL80211_ATTR_WIPHY_CHANNEL_TYPE])
2173 chan_type = nla_get_u32(tb[NL80211_ATTR_WIPHY_CHANNEL_TYPE]);
2177 if (tb[NL80211_ATTR_DURATION])
2178 duration = nla_get_u32(tb[NL80211_ATTR_DURATION]);
2182 if (tb[NL80211_ATTR_COOKIE])
2183 cookie = nla_get_u64(tb[NL80211_ATTR_COOKIE]);
2187 wpa_printf(MSG_DEBUG, "nl80211: Remain-on-channel event (cancel=%d "
2188 "freq=%u channel_type=%u duration=%u cookie=0x%llx (%s))",
2189 cancel_event, freq, chan_type, duration,
2190 (long long unsigned int) cookie,
2191 cookie == drv->remain_on_chan_cookie ? "match" : "unknown");
2193 if (cookie != drv->remain_on_chan_cookie)
2194 return; /* not for us */
2197 drv->pending_remain_on_chan = 0;
2199 os_memset(&data, 0, sizeof(data));
2200 data.remain_on_channel.freq = freq;
2201 data.remain_on_channel.duration = duration;
2202 wpa_supplicant_event(drv->ctx, cancel_event ?
2203 EVENT_CANCEL_REMAIN_ON_CHANNEL :
2204 EVENT_REMAIN_ON_CHANNEL, &data);
2208 static void mlme_event_ft_event(struct wpa_driver_nl80211_data *drv,
2209 struct nlattr *tb[])
2211 union wpa_event_data data;
2213 os_memset(&data, 0, sizeof(data));
2215 if (tb[NL80211_ATTR_IE]) {
2216 data.ft_ies.ies = nla_data(tb[NL80211_ATTR_IE]);
2217 data.ft_ies.ies_len = nla_len(tb[NL80211_ATTR_IE]);
2220 if (tb[NL80211_ATTR_IE_RIC]) {
2221 data.ft_ies.ric_ies = nla_data(tb[NL80211_ATTR_IE_RIC]);
2222 data.ft_ies.ric_ies_len = nla_len(tb[NL80211_ATTR_IE_RIC]);
2225 if (tb[NL80211_ATTR_MAC])
2226 os_memcpy(data.ft_ies.target_ap,
2227 nla_data(tb[NL80211_ATTR_MAC]), ETH_ALEN);
2229 wpa_printf(MSG_DEBUG, "nl80211: FT event target_ap " MACSTR,
2230 MAC2STR(data.ft_ies.target_ap));
2232 wpa_supplicant_event(drv->ctx, EVENT_FT_RESPONSE, &data);
2236 static void send_scan_event(struct wpa_driver_nl80211_data *drv, int aborted,
2237 struct nlattr *tb[])
2239 union wpa_event_data event;
2242 struct scan_info *info;
2243 #define MAX_REPORT_FREQS 50
2244 int freqs[MAX_REPORT_FREQS];
2247 if (drv->scan_for_auth) {
2248 drv->scan_for_auth = 0;
2249 wpa_printf(MSG_DEBUG, "nl80211: Scan results for missing "
2250 "cfg80211 BSS entry");
2251 wpa_driver_nl80211_authenticate_retry(drv);
2255 os_memset(&event, 0, sizeof(event));
2256 info = &event.scan_info;
2257 info->aborted = aborted;
2259 if (tb[NL80211_ATTR_SCAN_SSIDS]) {
2260 nla_for_each_nested(nl, tb[NL80211_ATTR_SCAN_SSIDS], rem) {
2261 struct wpa_driver_scan_ssid *s =
2262 &info->ssids[info->num_ssids];
2263 s->ssid = nla_data(nl);
2264 s->ssid_len = nla_len(nl);
2265 wpa_printf(MSG_DEBUG, "nl80211: Scan probed for SSID '%s'",
2266 wpa_ssid_txt(s->ssid, s->ssid_len));
2268 if (info->num_ssids == WPAS_MAX_SCAN_SSIDS)
2272 if (tb[NL80211_ATTR_SCAN_FREQUENCIES]) {
2273 char msg[200], *pos, *end;
2277 end = pos + sizeof(msg);
2280 nla_for_each_nested(nl, tb[NL80211_ATTR_SCAN_FREQUENCIES], rem)
2282 freqs[num_freqs] = nla_get_u32(nl);
2283 res = os_snprintf(pos, end - pos, " %d",
2285 if (res > 0 && end - pos > res)
2288 if (num_freqs == MAX_REPORT_FREQS - 1)
2291 info->freqs = freqs;
2292 info->num_freqs = num_freqs;
2293 wpa_printf(MSG_DEBUG, "nl80211: Scan included frequencies:%s",
2296 wpa_supplicant_event(drv->ctx, EVENT_SCAN_RESULTS, &event);
2300 static int get_link_signal(struct nl_msg *msg, void *arg)
2302 struct nlattr *tb[NL80211_ATTR_MAX + 1];
2303 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
2304 struct nlattr *sinfo[NL80211_STA_INFO_MAX + 1];
2305 static struct nla_policy policy[NL80211_STA_INFO_MAX + 1] = {
2306 [NL80211_STA_INFO_SIGNAL] = { .type = NLA_U8 },
2307 [NL80211_STA_INFO_SIGNAL_AVG] = { .type = NLA_U8 },
2309 struct nlattr *rinfo[NL80211_RATE_INFO_MAX + 1];
2310 static struct nla_policy rate_policy[NL80211_RATE_INFO_MAX + 1] = {
2311 [NL80211_RATE_INFO_BITRATE] = { .type = NLA_U16 },
2312 [NL80211_RATE_INFO_MCS] = { .type = NLA_U8 },
2313 [NL80211_RATE_INFO_40_MHZ_WIDTH] = { .type = NLA_FLAG },
2314 [NL80211_RATE_INFO_SHORT_GI] = { .type = NLA_FLAG },
2316 struct wpa_signal_info *sig_change = arg;
2318 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
2319 genlmsg_attrlen(gnlh, 0), NULL);
2320 if (!tb[NL80211_ATTR_STA_INFO] ||
2321 nla_parse_nested(sinfo, NL80211_STA_INFO_MAX,
2322 tb[NL80211_ATTR_STA_INFO], policy))
2324 if (!sinfo[NL80211_STA_INFO_SIGNAL])
2327 sig_change->current_signal =
2328 (s8) nla_get_u8(sinfo[NL80211_STA_INFO_SIGNAL]);
2330 if (sinfo[NL80211_STA_INFO_SIGNAL_AVG])
2331 sig_change->avg_signal =
2332 (s8) nla_get_u8(sinfo[NL80211_STA_INFO_SIGNAL_AVG]);
2334 sig_change->avg_signal = 0;
2336 if (sinfo[NL80211_STA_INFO_TX_BITRATE]) {
2337 if (nla_parse_nested(rinfo, NL80211_RATE_INFO_MAX,
2338 sinfo[NL80211_STA_INFO_TX_BITRATE],
2340 sig_change->current_txrate = 0;
2342 if (rinfo[NL80211_RATE_INFO_BITRATE]) {
2343 sig_change->current_txrate =
2345 NL80211_RATE_INFO_BITRATE]) * 100;
2354 static int nl80211_get_link_signal(struct wpa_driver_nl80211_data *drv,
2355 struct wpa_signal_info *sig)
2359 sig->current_signal = -9999;
2360 sig->current_txrate = 0;
2362 msg = nlmsg_alloc();
2366 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_STATION);
2368 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
2369 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, drv->bssid);
2371 return send_and_recv_msgs(drv, msg, get_link_signal, sig);
2378 static int get_link_noise(struct nl_msg *msg, void *arg)
2380 struct nlattr *tb[NL80211_ATTR_MAX + 1];
2381 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
2382 struct nlattr *sinfo[NL80211_SURVEY_INFO_MAX + 1];
2383 static struct nla_policy survey_policy[NL80211_SURVEY_INFO_MAX + 1] = {
2384 [NL80211_SURVEY_INFO_FREQUENCY] = { .type = NLA_U32 },
2385 [NL80211_SURVEY_INFO_NOISE] = { .type = NLA_U8 },
2387 struct wpa_signal_info *sig_change = arg;
2389 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
2390 genlmsg_attrlen(gnlh, 0), NULL);
2392 if (!tb[NL80211_ATTR_SURVEY_INFO]) {
2393 wpa_printf(MSG_DEBUG, "nl80211: survey data missing!");
2397 if (nla_parse_nested(sinfo, NL80211_SURVEY_INFO_MAX,
2398 tb[NL80211_ATTR_SURVEY_INFO],
2400 wpa_printf(MSG_DEBUG, "nl80211: failed to parse nested "
2405 if (!sinfo[NL80211_SURVEY_INFO_FREQUENCY])
2408 if (nla_get_u32(sinfo[NL80211_SURVEY_INFO_FREQUENCY]) !=
2409 sig_change->frequency)
2412 if (!sinfo[NL80211_SURVEY_INFO_NOISE])
2415 sig_change->current_noise =
2416 (s8) nla_get_u8(sinfo[NL80211_SURVEY_INFO_NOISE]);
2422 static int nl80211_get_link_noise(struct wpa_driver_nl80211_data *drv,
2423 struct wpa_signal_info *sig_change)
2427 sig_change->current_noise = 9999;
2428 sig_change->frequency = drv->assoc_freq;
2430 msg = nlmsg_alloc();
2434 nl80211_cmd(drv, msg, NLM_F_DUMP, NL80211_CMD_GET_SURVEY);
2436 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
2438 return send_and_recv_msgs(drv, msg, get_link_noise, sig_change);
2445 static int get_noise_for_scan_results(struct nl_msg *msg, void *arg)
2447 struct nlattr *tb[NL80211_ATTR_MAX + 1];
2448 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
2449 struct nlattr *sinfo[NL80211_SURVEY_INFO_MAX + 1];
2450 static struct nla_policy survey_policy[NL80211_SURVEY_INFO_MAX + 1] = {
2451 [NL80211_SURVEY_INFO_FREQUENCY] = { .type = NLA_U32 },
2452 [NL80211_SURVEY_INFO_NOISE] = { .type = NLA_U8 },
2454 struct wpa_scan_results *scan_results = arg;
2455 struct wpa_scan_res *scan_res;
2458 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
2459 genlmsg_attrlen(gnlh, 0), NULL);
2461 if (!tb[NL80211_ATTR_SURVEY_INFO]) {
2462 wpa_printf(MSG_DEBUG, "nl80211: Survey data missing");
2466 if (nla_parse_nested(sinfo, NL80211_SURVEY_INFO_MAX,
2467 tb[NL80211_ATTR_SURVEY_INFO],
2469 wpa_printf(MSG_DEBUG, "nl80211: Failed to parse nested "
2474 if (!sinfo[NL80211_SURVEY_INFO_NOISE])
2477 if (!sinfo[NL80211_SURVEY_INFO_FREQUENCY])
2480 for (i = 0; i < scan_results->num; ++i) {
2481 scan_res = scan_results->res[i];
2484 if ((int) nla_get_u32(sinfo[NL80211_SURVEY_INFO_FREQUENCY]) !=
2487 if (!(scan_res->flags & WPA_SCAN_NOISE_INVALID))
2489 scan_res->noise = (s8)
2490 nla_get_u8(sinfo[NL80211_SURVEY_INFO_NOISE]);
2491 scan_res->flags &= ~WPA_SCAN_NOISE_INVALID;
2498 static int nl80211_get_noise_for_scan_results(
2499 struct wpa_driver_nl80211_data *drv,
2500 struct wpa_scan_results *scan_res)
2504 msg = nlmsg_alloc();
2508 nl80211_cmd(drv, msg, NLM_F_DUMP, NL80211_CMD_GET_SURVEY);
2510 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
2512 return send_and_recv_msgs(drv, msg, get_noise_for_scan_results,
2520 static void nl80211_cqm_event(struct wpa_driver_nl80211_data *drv,
2521 struct nlattr *tb[])
2523 static struct nla_policy cqm_policy[NL80211_ATTR_CQM_MAX + 1] = {
2524 [NL80211_ATTR_CQM_RSSI_THOLD] = { .type = NLA_U32 },
2525 [NL80211_ATTR_CQM_RSSI_HYST] = { .type = NLA_U8 },
2526 [NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT] = { .type = NLA_U32 },
2527 [NL80211_ATTR_CQM_PKT_LOSS_EVENT] = { .type = NLA_U32 },
2529 struct nlattr *cqm[NL80211_ATTR_CQM_MAX + 1];
2530 enum nl80211_cqm_rssi_threshold_event event;
2531 union wpa_event_data ed;
2532 struct wpa_signal_info sig;
2535 if (tb[NL80211_ATTR_CQM] == NULL ||
2536 nla_parse_nested(cqm, NL80211_ATTR_CQM_MAX, tb[NL80211_ATTR_CQM],
2538 wpa_printf(MSG_DEBUG, "nl80211: Ignore invalid CQM event");
2542 os_memset(&ed, 0, sizeof(ed));
2544 if (cqm[NL80211_ATTR_CQM_PKT_LOSS_EVENT]) {
2545 if (!tb[NL80211_ATTR_MAC])
2547 os_memcpy(ed.low_ack.addr, nla_data(tb[NL80211_ATTR_MAC]),
2549 wpa_supplicant_event(drv->ctx, EVENT_STATION_LOW_ACK, &ed);
2553 if (cqm[NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT] == NULL)
2555 event = nla_get_u32(cqm[NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT]);
2557 if (event == NL80211_CQM_RSSI_THRESHOLD_EVENT_HIGH) {
2558 wpa_printf(MSG_DEBUG, "nl80211: Connection quality monitor "
2559 "event: RSSI high");
2560 ed.signal_change.above_threshold = 1;
2561 } else if (event == NL80211_CQM_RSSI_THRESHOLD_EVENT_LOW) {
2562 wpa_printf(MSG_DEBUG, "nl80211: Connection quality monitor "
2564 ed.signal_change.above_threshold = 0;
2568 res = nl80211_get_link_signal(drv, &sig);
2570 ed.signal_change.current_signal = sig.current_signal;
2571 ed.signal_change.current_txrate = sig.current_txrate;
2572 wpa_printf(MSG_DEBUG, "nl80211: Signal: %d dBm txrate: %d",
2573 sig.current_signal, sig.current_txrate);
2576 res = nl80211_get_link_noise(drv, &sig);
2578 ed.signal_change.current_noise = sig.current_noise;
2579 wpa_printf(MSG_DEBUG, "nl80211: Noise: %d dBm",
2583 wpa_supplicant_event(drv->ctx, EVENT_SIGNAL_CHANGE, &ed);
2587 static void nl80211_new_peer_candidate(struct wpa_driver_nl80211_data *drv,
2591 union wpa_event_data data;
2593 if (drv->nlmode != NL80211_IFTYPE_MESH_POINT)
2596 if (!tb[NL80211_ATTR_MAC] || !tb[NL80211_ATTR_IE])
2599 addr = nla_data(tb[NL80211_ATTR_MAC]);
2600 wpa_printf(MSG_DEBUG, "nl80211: New peer candidate" MACSTR,
2603 os_memset(&data, 0, sizeof(data));
2604 data.mesh_peer.peer = addr;
2605 data.mesh_peer.ies = nla_data(tb[NL80211_ATTR_IE]);
2606 data.mesh_peer.ie_len = nla_len(tb[NL80211_ATTR_IE]);
2607 wpa_supplicant_event(drv->ctx, EVENT_NEW_PEER_CANDIDATE, &data);
2611 static void nl80211_new_station_event(struct wpa_driver_nl80211_data *drv,
2615 union wpa_event_data data;
2617 if (tb[NL80211_ATTR_MAC] == NULL)
2619 addr = nla_data(tb[NL80211_ATTR_MAC]);
2620 wpa_printf(MSG_DEBUG, "nl80211: New station " MACSTR, MAC2STR(addr));
2622 if (is_ap_interface(drv->nlmode) && drv->device_ap_sme) {
2625 if (tb[NL80211_ATTR_IE]) {
2626 ies = nla_data(tb[NL80211_ATTR_IE]);
2627 ies_len = nla_len(tb[NL80211_ATTR_IE]);
2629 wpa_hexdump(MSG_DEBUG, "nl80211: Assoc Req IEs", ies, ies_len);
2630 drv_event_assoc(drv->ctx, addr, ies, ies_len, 0);
2634 if (drv->nlmode != NL80211_IFTYPE_ADHOC)
2637 os_memset(&data, 0, sizeof(data));
2638 os_memcpy(data.ibss_rsn_start.peer, addr, ETH_ALEN);
2639 wpa_supplicant_event(drv->ctx, EVENT_IBSS_RSN_START, &data);
2643 static void nl80211_del_station_event(struct wpa_driver_nl80211_data *drv,
2647 union wpa_event_data data;
2649 if (tb[NL80211_ATTR_MAC] == NULL)
2651 addr = nla_data(tb[NL80211_ATTR_MAC]);
2652 wpa_printf(MSG_DEBUG, "nl80211: Delete station " MACSTR,
2655 if (is_ap_interface(drv->nlmode) && drv->device_ap_sme) {
2656 drv_event_disassoc(drv->ctx, addr);
2660 if (drv->nlmode != NL80211_IFTYPE_ADHOC)
2663 os_memset(&data, 0, sizeof(data));
2664 os_memcpy(data.ibss_peer_lost.peer, addr, ETH_ALEN);
2665 wpa_supplicant_event(drv->ctx, EVENT_IBSS_PEER_LOST, &data);
2669 static void nl80211_rekey_offload_event(struct wpa_driver_nl80211_data *drv,
2672 struct nlattr *rekey_info[NUM_NL80211_REKEY_DATA];
2673 static struct nla_policy rekey_policy[NUM_NL80211_REKEY_DATA] = {
2674 [NL80211_REKEY_DATA_KEK] = {
2675 .minlen = NL80211_KEK_LEN,
2676 .maxlen = NL80211_KEK_LEN,
2678 [NL80211_REKEY_DATA_KCK] = {
2679 .minlen = NL80211_KCK_LEN,
2680 .maxlen = NL80211_KCK_LEN,
2682 [NL80211_REKEY_DATA_REPLAY_CTR] = {
2683 .minlen = NL80211_REPLAY_CTR_LEN,
2684 .maxlen = NL80211_REPLAY_CTR_LEN,
2687 union wpa_event_data data;
2689 if (!tb[NL80211_ATTR_MAC])
2691 if (!tb[NL80211_ATTR_REKEY_DATA])
2693 if (nla_parse_nested(rekey_info, MAX_NL80211_REKEY_DATA,
2694 tb[NL80211_ATTR_REKEY_DATA], rekey_policy))
2696 if (!rekey_info[NL80211_REKEY_DATA_REPLAY_CTR])
2699 os_memset(&data, 0, sizeof(data));
2700 data.driver_gtk_rekey.bssid = nla_data(tb[NL80211_ATTR_MAC]);
2701 wpa_printf(MSG_DEBUG, "nl80211: Rekey offload event for BSSID " MACSTR,
2702 MAC2STR(data.driver_gtk_rekey.bssid));
2703 data.driver_gtk_rekey.replay_ctr =
2704 nla_data(rekey_info[NL80211_REKEY_DATA_REPLAY_CTR]);
2705 wpa_hexdump(MSG_DEBUG, "nl80211: Rekey offload - Replay Counter",
2706 data.driver_gtk_rekey.replay_ctr, NL80211_REPLAY_CTR_LEN);
2707 wpa_supplicant_event(drv->ctx, EVENT_DRIVER_GTK_REKEY, &data);
2711 static void nl80211_pmksa_candidate_event(struct wpa_driver_nl80211_data *drv,
2714 struct nlattr *cand[NUM_NL80211_PMKSA_CANDIDATE];
2715 static struct nla_policy cand_policy[NUM_NL80211_PMKSA_CANDIDATE] = {
2716 [NL80211_PMKSA_CANDIDATE_INDEX] = { .type = NLA_U32 },
2717 [NL80211_PMKSA_CANDIDATE_BSSID] = {
2721 [NL80211_PMKSA_CANDIDATE_PREAUTH] = { .type = NLA_FLAG },
2723 union wpa_event_data data;
2725 wpa_printf(MSG_DEBUG, "nl80211: PMKSA candidate event");
2727 if (!tb[NL80211_ATTR_PMKSA_CANDIDATE])
2729 if (nla_parse_nested(cand, MAX_NL80211_PMKSA_CANDIDATE,
2730 tb[NL80211_ATTR_PMKSA_CANDIDATE], cand_policy))
2732 if (!cand[NL80211_PMKSA_CANDIDATE_INDEX] ||
2733 !cand[NL80211_PMKSA_CANDIDATE_BSSID])
2736 os_memset(&data, 0, sizeof(data));
2737 os_memcpy(data.pmkid_candidate.bssid,
2738 nla_data(cand[NL80211_PMKSA_CANDIDATE_BSSID]), ETH_ALEN);
2739 data.pmkid_candidate.index =
2740 nla_get_u32(cand[NL80211_PMKSA_CANDIDATE_INDEX]);
2741 data.pmkid_candidate.preauth =
2742 cand[NL80211_PMKSA_CANDIDATE_PREAUTH] != NULL;
2743 wpa_supplicant_event(drv->ctx, EVENT_PMKID_CANDIDATE, &data);
2747 static void nl80211_client_probe_event(struct wpa_driver_nl80211_data *drv,
2750 union wpa_event_data data;
2752 wpa_printf(MSG_DEBUG, "nl80211: Probe client event");
2754 if (!tb[NL80211_ATTR_MAC] || !tb[NL80211_ATTR_ACK])
2757 os_memset(&data, 0, sizeof(data));
2758 os_memcpy(data.client_poll.addr,
2759 nla_data(tb[NL80211_ATTR_MAC]), ETH_ALEN);
2761 wpa_supplicant_event(drv->ctx, EVENT_DRIVER_CLIENT_POLL_OK, &data);
2765 static void nl80211_tdls_oper_event(struct wpa_driver_nl80211_data *drv,
2768 union wpa_event_data data;
2770 wpa_printf(MSG_DEBUG, "nl80211: TDLS operation event");
2772 if (!tb[NL80211_ATTR_MAC] || !tb[NL80211_ATTR_TDLS_OPERATION])
2775 os_memset(&data, 0, sizeof(data));
2776 os_memcpy(data.tdls.peer, nla_data(tb[NL80211_ATTR_MAC]), ETH_ALEN);
2777 switch (nla_get_u8(tb[NL80211_ATTR_TDLS_OPERATION])) {
2778 case NL80211_TDLS_SETUP:
2779 wpa_printf(MSG_DEBUG, "nl80211: TDLS setup request for peer "
2780 MACSTR, MAC2STR(data.tdls.peer));
2781 data.tdls.oper = TDLS_REQUEST_SETUP;
2783 case NL80211_TDLS_TEARDOWN:
2784 wpa_printf(MSG_DEBUG, "nl80211: TDLS teardown request for peer "
2785 MACSTR, MAC2STR(data.tdls.peer));
2786 data.tdls.oper = TDLS_REQUEST_TEARDOWN;
2789 wpa_printf(MSG_DEBUG, "nl80211: Unsupported TDLS operatione "
2793 if (tb[NL80211_ATTR_REASON_CODE]) {
2794 data.tdls.reason_code =
2795 nla_get_u16(tb[NL80211_ATTR_REASON_CODE]);
2798 wpa_supplicant_event(drv->ctx, EVENT_TDLS, &data);
2802 static void nl80211_stop_ap(struct wpa_driver_nl80211_data *drv,
2805 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_UNAVAILABLE, NULL);
2809 static void nl80211_connect_failed_event(struct wpa_driver_nl80211_data *drv,
2812 union wpa_event_data data;
2815 wpa_printf(MSG_DEBUG, "nl80211: Connect failed event");
2817 if (!tb[NL80211_ATTR_MAC] || !tb[NL80211_ATTR_CONN_FAILED_REASON])
2820 os_memset(&data, 0, sizeof(data));
2821 os_memcpy(data.connect_failed_reason.addr,
2822 nla_data(tb[NL80211_ATTR_MAC]), ETH_ALEN);
2824 reason = nla_get_u32(tb[NL80211_ATTR_CONN_FAILED_REASON]);
2826 case NL80211_CONN_FAIL_MAX_CLIENTS:
2827 wpa_printf(MSG_DEBUG, "nl80211: Max client reached");
2828 data.connect_failed_reason.code = MAX_CLIENT_REACHED;
2830 case NL80211_CONN_FAIL_BLOCKED_CLIENT:
2831 wpa_printf(MSG_DEBUG, "nl80211: Blocked client " MACSTR
2832 " tried to connect",
2833 MAC2STR(data.connect_failed_reason.addr));
2834 data.connect_failed_reason.code = BLOCKED_CLIENT;
2837 wpa_printf(MSG_DEBUG, "nl8021l: Unknown connect failed reason "
2842 wpa_supplicant_event(drv->ctx, EVENT_CONNECT_FAILED_REASON, &data);
2846 static void nl80211_radar_event(struct wpa_driver_nl80211_data *drv,
2849 union wpa_event_data data;
2850 enum nl80211_radar_event event_type;
2852 if (!tb[NL80211_ATTR_WIPHY_FREQ] || !tb[NL80211_ATTR_RADAR_EVENT])
2855 os_memset(&data, 0, sizeof(data));
2856 data.dfs_event.freq = nla_get_u32(tb[NL80211_ATTR_WIPHY_FREQ]);
2857 event_type = nla_get_u32(tb[NL80211_ATTR_RADAR_EVENT]);
2859 /* Check HT params */
2860 if (tb[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) {
2861 data.dfs_event.ht_enabled = 1;
2862 data.dfs_event.chan_offset = 0;
2864 switch (nla_get_u32(tb[NL80211_ATTR_WIPHY_CHANNEL_TYPE])) {
2865 case NL80211_CHAN_NO_HT:
2866 data.dfs_event.ht_enabled = 0;
2868 case NL80211_CHAN_HT20:
2870 case NL80211_CHAN_HT40PLUS:
2871 data.dfs_event.chan_offset = 1;
2873 case NL80211_CHAN_HT40MINUS:
2874 data.dfs_event.chan_offset = -1;
2879 /* Get VHT params */
2880 if (tb[NL80211_ATTR_CHANNEL_WIDTH])
2881 data.dfs_event.chan_width =
2882 convert2width(nla_get_u32(
2883 tb[NL80211_ATTR_CHANNEL_WIDTH]));
2884 if (tb[NL80211_ATTR_CENTER_FREQ1])
2885 data.dfs_event.cf1 = nla_get_u32(tb[NL80211_ATTR_CENTER_FREQ1]);
2886 if (tb[NL80211_ATTR_CENTER_FREQ2])
2887 data.dfs_event.cf2 = nla_get_u32(tb[NL80211_ATTR_CENTER_FREQ2]);
2889 wpa_printf(MSG_DEBUG, "nl80211: DFS event on freq %d MHz, ht: %d, offset: %d, width: %d, cf1: %dMHz, cf2: %dMHz",
2890 data.dfs_event.freq, data.dfs_event.ht_enabled,
2891 data.dfs_event.chan_offset, data.dfs_event.chan_width,
2892 data.dfs_event.cf1, data.dfs_event.cf2);
2894 switch (event_type) {
2895 case NL80211_RADAR_DETECTED:
2896 wpa_supplicant_event(drv->ctx, EVENT_DFS_RADAR_DETECTED, &data);
2898 case NL80211_RADAR_CAC_FINISHED:
2899 wpa_supplicant_event(drv->ctx, EVENT_DFS_CAC_FINISHED, &data);
2901 case NL80211_RADAR_CAC_ABORTED:
2902 wpa_supplicant_event(drv->ctx, EVENT_DFS_CAC_ABORTED, &data);
2904 case NL80211_RADAR_NOP_FINISHED:
2905 wpa_supplicant_event(drv->ctx, EVENT_DFS_NOP_FINISHED, &data);
2908 wpa_printf(MSG_DEBUG, "nl80211: Unknown radar event %d "
2909 "received", event_type);
2915 static void nl80211_spurious_frame(struct i802_bss *bss, struct nlattr **tb,
2918 struct wpa_driver_nl80211_data *drv = bss->drv;
2919 union wpa_event_data event;
2921 if (!tb[NL80211_ATTR_MAC])
2924 os_memset(&event, 0, sizeof(event));
2925 event.rx_from_unknown.bssid = bss->addr;
2926 event.rx_from_unknown.addr = nla_data(tb[NL80211_ATTR_MAC]);
2927 event.rx_from_unknown.wds = wds;
2929 wpa_supplicant_event(drv->ctx, EVENT_RX_FROM_UNKNOWN, &event);
2933 static void qca_nl80211_avoid_freq(struct wpa_driver_nl80211_data *drv,
2934 const u8 *data, size_t len)
2937 union wpa_event_data event;
2938 struct wpa_freq_range *range = NULL;
2939 const struct qca_avoid_freq_list *freq_range;
2941 freq_range = (const struct qca_avoid_freq_list *) data;
2942 if (len < sizeof(freq_range->count))
2945 count = freq_range->count;
2946 if (len < sizeof(freq_range->count) +
2947 count * sizeof(struct qca_avoid_freq_range)) {
2948 wpa_printf(MSG_DEBUG, "nl80211: Ignored too short avoid frequency list (len=%u)",
2949 (unsigned int) len);
2954 range = os_calloc(count, sizeof(struct wpa_freq_range));
2959 os_memset(&event, 0, sizeof(event));
2960 for (i = 0; i < count; i++) {
2961 unsigned int idx = event.freq_range.num;
2962 range[idx].min = freq_range->range[i].start_freq;
2963 range[idx].max = freq_range->range[i].end_freq;
2964 wpa_printf(MSG_DEBUG, "nl80211: Avoid frequency range: %u-%u",
2965 range[idx].min, range[idx].max);
2966 if (range[idx].min > range[idx].max) {
2967 wpa_printf(MSG_DEBUG, "nl80211: Ignore invalid frequency range");
2970 event.freq_range.num++;
2972 event.freq_range.range = range;
2974 wpa_supplicant_event(drv->ctx, EVENT_AVOID_FREQUENCIES, &event);
2980 static void nl80211_vendor_event_qca(struct wpa_driver_nl80211_data *drv,
2981 u32 subcmd, u8 *data, size_t len)
2984 case QCA_NL80211_VENDOR_SUBCMD_AVOID_FREQUENCY:
2985 qca_nl80211_avoid_freq(drv, data, len);
2988 wpa_printf(MSG_DEBUG,
2989 "nl80211: Ignore unsupported QCA vendor event %u",
2996 static void nl80211_vendor_event(struct wpa_driver_nl80211_data *drv,
2999 u32 vendor_id, subcmd, wiphy = 0;
3004 if (!tb[NL80211_ATTR_VENDOR_ID] ||
3005 !tb[NL80211_ATTR_VENDOR_SUBCMD])
3008 vendor_id = nla_get_u32(tb[NL80211_ATTR_VENDOR_ID]);
3009 subcmd = nla_get_u32(tb[NL80211_ATTR_VENDOR_SUBCMD]);
3011 if (tb[NL80211_ATTR_WIPHY])
3012 wiphy = nla_get_u32(tb[NL80211_ATTR_WIPHY]);
3014 wpa_printf(MSG_DEBUG, "nl80211: Vendor event: wiphy=%u vendor_id=0x%x subcmd=%u",
3015 wiphy, vendor_id, subcmd);
3017 if (tb[NL80211_ATTR_VENDOR_DATA]) {
3018 data = nla_data(tb[NL80211_ATTR_VENDOR_DATA]);
3019 len = nla_len(tb[NL80211_ATTR_VENDOR_DATA]);
3020 wpa_hexdump(MSG_MSGDUMP, "nl80211: Vendor data", data, len);
3023 wiphy_idx = nl80211_get_wiphy_index(drv->first_bss);
3024 if (wiphy_idx >= 0 && wiphy_idx != (int) wiphy) {
3025 wpa_printf(MSG_DEBUG, "nl80211: Ignore vendor event for foreign wiphy %u (own: %d)",
3030 switch (vendor_id) {
3032 nl80211_vendor_event_qca(drv, subcmd, data, len);
3035 wpa_printf(MSG_DEBUG, "nl80211: Ignore unsupported vendor event");
3041 static void nl80211_reg_change_event(struct wpa_driver_nl80211_data *drv,
3042 struct nlattr *tb[])
3044 union wpa_event_data data;
3045 enum nl80211_reg_initiator init;
3047 wpa_printf(MSG_DEBUG, "nl80211: Regulatory domain change");
3049 if (tb[NL80211_ATTR_REG_INITIATOR] == NULL)
3052 os_memset(&data, 0, sizeof(data));
3053 init = nla_get_u8(tb[NL80211_ATTR_REG_INITIATOR]);
3054 wpa_printf(MSG_DEBUG, " * initiator=%d", init);
3056 case NL80211_REGDOM_SET_BY_CORE:
3057 data.channel_list_changed.initiator = REGDOM_SET_BY_CORE;
3059 case NL80211_REGDOM_SET_BY_USER:
3060 data.channel_list_changed.initiator = REGDOM_SET_BY_USER;
3062 case NL80211_REGDOM_SET_BY_DRIVER:
3063 data.channel_list_changed.initiator = REGDOM_SET_BY_DRIVER;
3065 case NL80211_REGDOM_SET_BY_COUNTRY_IE:
3066 data.channel_list_changed.initiator = REGDOM_SET_BY_COUNTRY_IE;
3070 if (tb[NL80211_ATTR_REG_TYPE]) {
3071 enum nl80211_reg_type type;
3072 type = nla_get_u8(tb[NL80211_ATTR_REG_TYPE]);
3073 wpa_printf(MSG_DEBUG, " * type=%d", type);
3075 case NL80211_REGDOM_TYPE_COUNTRY:
3076 data.channel_list_changed.type = REGDOM_TYPE_COUNTRY;
3078 case NL80211_REGDOM_TYPE_WORLD:
3079 data.channel_list_changed.type = REGDOM_TYPE_WORLD;
3081 case NL80211_REGDOM_TYPE_CUSTOM_WORLD:
3082 data.channel_list_changed.type =
3083 REGDOM_TYPE_CUSTOM_WORLD;
3085 case NL80211_REGDOM_TYPE_INTERSECTION:
3086 data.channel_list_changed.type =
3087 REGDOM_TYPE_INTERSECTION;
3092 if (tb[NL80211_ATTR_REG_ALPHA2]) {
3093 os_strlcpy(data.channel_list_changed.alpha2,
3094 nla_get_string(tb[NL80211_ATTR_REG_ALPHA2]),
3095 sizeof(data.channel_list_changed.alpha2));
3096 wpa_printf(MSG_DEBUG, " * alpha2=%s",
3097 data.channel_list_changed.alpha2);
3100 wpa_supplicant_event(drv->ctx, EVENT_CHANNEL_LIST_CHANGED, &data);
3104 static void do_process_drv_event(struct i802_bss *bss, int cmd,
3107 struct wpa_driver_nl80211_data *drv = bss->drv;
3108 union wpa_event_data data;
3110 wpa_printf(MSG_DEBUG, "nl80211: Drv Event %d (%s) received for %s",
3111 cmd, nl80211_command_to_string(cmd), bss->ifname);
3113 if (drv->ap_scan_as_station != NL80211_IFTYPE_UNSPECIFIED &&
3114 (cmd == NL80211_CMD_NEW_SCAN_RESULTS ||
3115 cmd == NL80211_CMD_SCAN_ABORTED)) {
3116 wpa_driver_nl80211_set_mode(drv->first_bss,
3117 drv->ap_scan_as_station);
3118 drv->ap_scan_as_station = NL80211_IFTYPE_UNSPECIFIED;
3122 case NL80211_CMD_TRIGGER_SCAN:
3123 wpa_dbg(drv->ctx, MSG_DEBUG, "nl80211: Scan trigger");
3124 drv->scan_state = SCAN_STARTED;
3125 if (drv->scan_for_auth) {
3127 * Cannot indicate EVENT_SCAN_STARTED here since we skip
3128 * EVENT_SCAN_RESULTS in scan_for_auth case and the
3129 * upper layer implementation could get confused about
3132 wpa_printf(MSG_DEBUG, "nl80211: Do not indicate scan-start event due to internal scan_for_auth");
3135 wpa_supplicant_event(drv->ctx, EVENT_SCAN_STARTED, NULL);
3137 case NL80211_CMD_START_SCHED_SCAN:
3138 wpa_dbg(drv->ctx, MSG_DEBUG, "nl80211: Sched scan started");
3139 drv->scan_state = SCHED_SCAN_STARTED;
3141 case NL80211_CMD_SCHED_SCAN_STOPPED:
3142 wpa_dbg(drv->ctx, MSG_DEBUG, "nl80211: Sched scan stopped");
3143 drv->scan_state = SCHED_SCAN_STOPPED;
3144 wpa_supplicant_event(drv->ctx, EVENT_SCHED_SCAN_STOPPED, NULL);
3146 case NL80211_CMD_NEW_SCAN_RESULTS:
3147 wpa_dbg(drv->ctx, MSG_DEBUG,
3148 "nl80211: New scan results available");
3149 drv->scan_state = SCAN_COMPLETED;
3150 drv->scan_complete_events = 1;
3151 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv,
3153 send_scan_event(drv, 0, tb);
3155 case NL80211_CMD_SCHED_SCAN_RESULTS:
3156 wpa_dbg(drv->ctx, MSG_DEBUG,
3157 "nl80211: New sched scan results available");
3158 drv->scan_state = SCHED_SCAN_RESULTS;
3159 send_scan_event(drv, 0, tb);
3161 case NL80211_CMD_SCAN_ABORTED:
3162 wpa_dbg(drv->ctx, MSG_DEBUG, "nl80211: Scan aborted");
3163 drv->scan_state = SCAN_ABORTED;
3165 * Need to indicate that scan results are available in order
3166 * not to make wpa_supplicant stop its scanning.
3168 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv,
3170 send_scan_event(drv, 1, tb);
3172 case NL80211_CMD_AUTHENTICATE:
3173 case NL80211_CMD_ASSOCIATE:
3174 case NL80211_CMD_DEAUTHENTICATE:
3175 case NL80211_CMD_DISASSOCIATE:
3176 case NL80211_CMD_FRAME_TX_STATUS:
3177 case NL80211_CMD_UNPROT_DEAUTHENTICATE:
3178 case NL80211_CMD_UNPROT_DISASSOCIATE:
3179 mlme_event(bss, cmd, tb[NL80211_ATTR_FRAME],
3180 tb[NL80211_ATTR_MAC], tb[NL80211_ATTR_TIMED_OUT],
3181 tb[NL80211_ATTR_WIPHY_FREQ], tb[NL80211_ATTR_ACK],
3182 tb[NL80211_ATTR_COOKIE],
3183 tb[NL80211_ATTR_RX_SIGNAL_DBM]);
3185 case NL80211_CMD_CONNECT:
3186 case NL80211_CMD_ROAM:
3187 mlme_event_connect(drv, cmd,
3188 tb[NL80211_ATTR_STATUS_CODE],
3189 tb[NL80211_ATTR_MAC],
3190 tb[NL80211_ATTR_REQ_IE],
3191 tb[NL80211_ATTR_RESP_IE]);
3193 case NL80211_CMD_CH_SWITCH_NOTIFY:
3194 mlme_event_ch_switch(drv,
3195 tb[NL80211_ATTR_IFINDEX],
3196 tb[NL80211_ATTR_WIPHY_FREQ],
3197 tb[NL80211_ATTR_WIPHY_CHANNEL_TYPE],
3198 tb[NL80211_ATTR_CHANNEL_WIDTH],
3199 tb[NL80211_ATTR_CENTER_FREQ1],
3200 tb[NL80211_ATTR_CENTER_FREQ2]);
3202 case NL80211_CMD_DISCONNECT:
3203 mlme_event_disconnect(drv, tb[NL80211_ATTR_REASON_CODE],
3204 tb[NL80211_ATTR_MAC],
3205 tb[NL80211_ATTR_DISCONNECTED_BY_AP]);
3207 case NL80211_CMD_MICHAEL_MIC_FAILURE:
3208 mlme_event_michael_mic_failure(bss, tb);
3210 case NL80211_CMD_JOIN_IBSS:
3211 mlme_event_join_ibss(drv, tb);
3213 case NL80211_CMD_REMAIN_ON_CHANNEL:
3214 mlme_event_remain_on_channel(drv, 0, tb);
3216 case NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL:
3217 mlme_event_remain_on_channel(drv, 1, tb);
3219 case NL80211_CMD_NOTIFY_CQM:
3220 nl80211_cqm_event(drv, tb);
3222 case NL80211_CMD_REG_CHANGE:
3223 nl80211_reg_change_event(drv, tb);
3225 case NL80211_CMD_REG_BEACON_HINT:
3226 wpa_printf(MSG_DEBUG, "nl80211: Regulatory beacon hint");
3227 os_memset(&data, 0, sizeof(data));
3228 data.channel_list_changed.initiator = REGDOM_BEACON_HINT;
3229 wpa_supplicant_event(drv->ctx, EVENT_CHANNEL_LIST_CHANGED,
3232 case NL80211_CMD_NEW_STATION:
3233 nl80211_new_station_event(drv, tb);
3235 case NL80211_CMD_DEL_STATION:
3236 nl80211_del_station_event(drv, tb);
3238 case NL80211_CMD_SET_REKEY_OFFLOAD:
3239 nl80211_rekey_offload_event(drv, tb);
3241 case NL80211_CMD_PMKSA_CANDIDATE:
3242 nl80211_pmksa_candidate_event(drv, tb);
3244 case NL80211_CMD_PROBE_CLIENT:
3245 nl80211_client_probe_event(drv, tb);
3247 case NL80211_CMD_TDLS_OPER:
3248 nl80211_tdls_oper_event(drv, tb);
3250 case NL80211_CMD_CONN_FAILED:
3251 nl80211_connect_failed_event(drv, tb);
3253 case NL80211_CMD_FT_EVENT:
3254 mlme_event_ft_event(drv, tb);
3256 case NL80211_CMD_RADAR_DETECT:
3257 nl80211_radar_event(drv, tb);
3259 case NL80211_CMD_STOP_AP:
3260 nl80211_stop_ap(drv, tb);
3262 case NL80211_CMD_VENDOR:
3263 nl80211_vendor_event(drv, tb);
3265 case NL80211_CMD_NEW_PEER_CANDIDATE:
3266 nl80211_new_peer_candidate(drv, tb);
3269 wpa_dbg(drv->ctx, MSG_DEBUG, "nl80211: Ignored unknown event "
3276 static int process_drv_event(struct nl_msg *msg, void *arg)
3278 struct wpa_driver_nl80211_data *drv = arg;
3279 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
3280 struct nlattr *tb[NL80211_ATTR_MAX + 1];
3281 struct i802_bss *bss;
3284 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
3285 genlmsg_attrlen(gnlh, 0), NULL);
3287 if (tb[NL80211_ATTR_IFINDEX]) {
3288 ifidx = nla_get_u32(tb[NL80211_ATTR_IFINDEX]);
3290 for (bss = drv->first_bss; bss; bss = bss->next)
3291 if (ifidx == -1 || ifidx == bss->ifindex) {
3292 do_process_drv_event(bss, gnlh->cmd, tb);
3295 wpa_printf(MSG_DEBUG,
3296 "nl80211: Ignored event (cmd=%d) for foreign interface (ifindex %d)",
3298 } else if (tb[NL80211_ATTR_WDEV]) {
3299 u64 wdev_id = nla_get_u64(tb[NL80211_ATTR_WDEV]);
3300 wpa_printf(MSG_DEBUG, "nl80211: Process event on P2P device");
3301 for (bss = drv->first_bss; bss; bss = bss->next) {
3302 if (bss->wdev_id_set && wdev_id == bss->wdev_id) {
3303 do_process_drv_event(bss, gnlh->cmd, tb);
3307 wpa_printf(MSG_DEBUG,
3308 "nl80211: Ignored event (cmd=%d) for foreign interface (wdev 0x%llx)",
3309 gnlh->cmd, (long long unsigned int) wdev_id);
3316 static int process_global_event(struct nl_msg *msg, void *arg)
3318 struct nl80211_global *global = arg;
3319 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
3320 struct nlattr *tb[NL80211_ATTR_MAX + 1];
3321 struct wpa_driver_nl80211_data *drv, *tmp;
3323 struct i802_bss *bss;
3325 int wdev_id_set = 0;
3327 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
3328 genlmsg_attrlen(gnlh, 0), NULL);
3330 if (tb[NL80211_ATTR_IFINDEX])
3331 ifidx = nla_get_u32(tb[NL80211_ATTR_IFINDEX]);
3332 else if (tb[NL80211_ATTR_WDEV]) {
3333 wdev_id = nla_get_u64(tb[NL80211_ATTR_WDEV]);
3337 dl_list_for_each_safe(drv, tmp, &global->interfaces,
3338 struct wpa_driver_nl80211_data, list) {
3339 for (bss = drv->first_bss; bss; bss = bss->next) {
3340 if ((ifidx == -1 && !wdev_id_set) ||
3341 ifidx == bss->ifindex ||
3342 (wdev_id_set && bss->wdev_id_set &&
3343 wdev_id == bss->wdev_id)) {
3344 do_process_drv_event(bss, gnlh->cmd, tb);
3354 static int process_bss_event(struct nl_msg *msg, void *arg)
3356 struct i802_bss *bss = arg;
3357 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
3358 struct nlattr *tb[NL80211_ATTR_MAX + 1];
3360 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
3361 genlmsg_attrlen(gnlh, 0), NULL);
3363 wpa_printf(MSG_DEBUG, "nl80211: BSS Event %d (%s) received for %s",
3364 gnlh->cmd, nl80211_command_to_string(gnlh->cmd),
3367 switch (gnlh->cmd) {
3368 case NL80211_CMD_FRAME:
3369 case NL80211_CMD_FRAME_TX_STATUS:
3370 mlme_event(bss, gnlh->cmd, tb[NL80211_ATTR_FRAME],
3371 tb[NL80211_ATTR_MAC], tb[NL80211_ATTR_TIMED_OUT],
3372 tb[NL80211_ATTR_WIPHY_FREQ], tb[NL80211_ATTR_ACK],
3373 tb[NL80211_ATTR_COOKIE],
3374 tb[NL80211_ATTR_RX_SIGNAL_DBM]);
3376 case NL80211_CMD_UNEXPECTED_FRAME:
3377 nl80211_spurious_frame(bss, tb, 0);
3379 case NL80211_CMD_UNEXPECTED_4ADDR_FRAME:
3380 nl80211_spurious_frame(bss, tb, 1);
3383 wpa_printf(MSG_DEBUG, "nl80211: Ignored unknown event "
3384 "(cmd=%d)", gnlh->cmd);
3392 static void wpa_driver_nl80211_event_receive(int sock, void *eloop_ctx,
3395 struct nl_cb *cb = eloop_ctx;
3398 wpa_printf(MSG_MSGDUMP, "nl80211: Event message available");
3400 res = nl_recvmsgs(handle, cb);
3402 wpa_printf(MSG_INFO, "nl80211: %s->nl_recvmsgs failed: %d",
3409 * wpa_driver_nl80211_set_country - ask nl80211 to set the regulatory domain
3410 * @priv: driver_nl80211 private data
3411 * @alpha2_arg: country to which to switch to
3412 * Returns: 0 on success, -1 on failure
3414 * This asks nl80211 to set the regulatory domain for given
3415 * country ISO / IEC alpha2.
3417 static int wpa_driver_nl80211_set_country(void *priv, const char *alpha2_arg)
3419 struct i802_bss *bss = priv;
3420 struct wpa_driver_nl80211_data *drv = bss->drv;
3424 msg = nlmsg_alloc();
3428 alpha2[0] = alpha2_arg[0];
3429 alpha2[1] = alpha2_arg[1];
3432 nl80211_cmd(drv, msg, 0, NL80211_CMD_REQ_SET_REG);
3434 NLA_PUT_STRING(msg, NL80211_ATTR_REG_ALPHA2, alpha2);
3435 if (send_and_recv_msgs(drv, msg, NULL, NULL))
3444 static int nl80211_get_country(struct nl_msg *msg, void *arg)
3447 struct nlattr *tb_msg[NL80211_ATTR_MAX + 1];
3448 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
3450 nla_parse(tb_msg, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
3451 genlmsg_attrlen(gnlh, 0), NULL);
3452 if (!tb_msg[NL80211_ATTR_REG_ALPHA2]) {
3453 wpa_printf(MSG_DEBUG, "nl80211: No country information available");
3456 os_strlcpy(alpha2, nla_data(tb_msg[NL80211_ATTR_REG_ALPHA2]), 3);
3461 static int wpa_driver_nl80211_get_country(void *priv, char *alpha2)
3463 struct i802_bss *bss = priv;
3464 struct wpa_driver_nl80211_data *drv = bss->drv;
3468 msg = nlmsg_alloc();
3472 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_REG);
3474 ret = send_and_recv_msgs(drv, msg, nl80211_get_country, alpha2);
3482 static int protocol_feature_handler(struct nl_msg *msg, void *arg)
3485 struct nlattr *tb_msg[NL80211_ATTR_MAX + 1];
3486 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
3488 nla_parse(tb_msg, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
3489 genlmsg_attrlen(gnlh, 0), NULL);
3491 if (tb_msg[NL80211_ATTR_PROTOCOL_FEATURES])
3492 *feat = nla_get_u32(tb_msg[NL80211_ATTR_PROTOCOL_FEATURES]);
3498 static u32 get_nl80211_protocol_features(struct wpa_driver_nl80211_data *drv)
3503 msg = nlmsg_alloc();
3505 goto nla_put_failure;
3507 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_PROTOCOL_FEATURES);
3508 if (send_and_recv_msgs(drv, msg, protocol_feature_handler, &feat) == 0)
3518 struct wiphy_info_data {
3519 struct wpa_driver_nl80211_data *drv;
3520 struct wpa_driver_capa *capa;
3522 unsigned int num_multichan_concurrent;
3524 unsigned int error:1;
3525 unsigned int device_ap_sme:1;
3526 unsigned int poll_command_supported:1;
3527 unsigned int data_tx_status:1;
3528 unsigned int monitor_supported:1;
3529 unsigned int auth_supported:1;
3530 unsigned int connect_supported:1;
3531 unsigned int p2p_go_supported:1;
3532 unsigned int p2p_client_supported:1;
3533 unsigned int p2p_concurrent:1;
3534 unsigned int channel_switch_supported:1;
3535 unsigned int set_qos_map_supported:1;
3536 unsigned int have_low_prio_scan:1;
3540 static unsigned int probe_resp_offload_support(int supp_protocols)
3542 unsigned int prot = 0;
3544 if (supp_protocols & NL80211_PROBE_RESP_OFFLOAD_SUPPORT_WPS)
3545 prot |= WPA_DRIVER_PROBE_RESP_OFFLOAD_WPS;
3546 if (supp_protocols & NL80211_PROBE_RESP_OFFLOAD_SUPPORT_WPS2)
3547 prot |= WPA_DRIVER_PROBE_RESP_OFFLOAD_WPS2;
3548 if (supp_protocols & NL80211_PROBE_RESP_OFFLOAD_SUPPORT_P2P)
3549 prot |= WPA_DRIVER_PROBE_RESP_OFFLOAD_P2P;
3550 if (supp_protocols & NL80211_PROBE_RESP_OFFLOAD_SUPPORT_80211U)
3551 prot |= WPA_DRIVER_PROBE_RESP_OFFLOAD_INTERWORKING;
3557 static void wiphy_info_supported_iftypes(struct wiphy_info_data *info,
3560 struct nlattr *nl_mode;
3566 nla_for_each_nested(nl_mode, tb, i) {
3567 switch (nla_type(nl_mode)) {
3568 case NL80211_IFTYPE_AP:
3569 info->capa->flags |= WPA_DRIVER_FLAGS_AP;
3571 case NL80211_IFTYPE_MESH_POINT:
3572 info->capa->flags |= WPA_DRIVER_FLAGS_MESH;
3574 case NL80211_IFTYPE_ADHOC:
3575 info->capa->flags |= WPA_DRIVER_FLAGS_IBSS;
3577 case NL80211_IFTYPE_P2P_DEVICE:
3578 info->capa->flags |=
3579 WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE;
3581 case NL80211_IFTYPE_P2P_GO:
3582 info->p2p_go_supported = 1;
3584 case NL80211_IFTYPE_P2P_CLIENT:
3585 info->p2p_client_supported = 1;
3587 case NL80211_IFTYPE_MONITOR:
3588 info->monitor_supported = 1;
3595 static int wiphy_info_iface_comb_process(struct wiphy_info_data *info,
3596 struct nlattr *nl_combi)
3598 struct nlattr *tb_comb[NUM_NL80211_IFACE_COMB];
3599 struct nlattr *tb_limit[NUM_NL80211_IFACE_LIMIT];
3600 struct nlattr *nl_limit, *nl_mode;
3601 int err, rem_limit, rem_mode;
3602 int combination_has_p2p = 0, combination_has_mgd = 0;
3603 static struct nla_policy
3604 iface_combination_policy[NUM_NL80211_IFACE_COMB] = {
3605 [NL80211_IFACE_COMB_LIMITS] = { .type = NLA_NESTED },
3606 [NL80211_IFACE_COMB_MAXNUM] = { .type = NLA_U32 },
3607 [NL80211_IFACE_COMB_STA_AP_BI_MATCH] = { .type = NLA_FLAG },
3608 [NL80211_IFACE_COMB_NUM_CHANNELS] = { .type = NLA_U32 },
3609 [NL80211_IFACE_COMB_RADAR_DETECT_WIDTHS] = { .type = NLA_U32 },
3611 iface_limit_policy[NUM_NL80211_IFACE_LIMIT] = {
3612 [NL80211_IFACE_LIMIT_TYPES] = { .type = NLA_NESTED },
3613 [NL80211_IFACE_LIMIT_MAX] = { .type = NLA_U32 },
3616 err = nla_parse_nested(tb_comb, MAX_NL80211_IFACE_COMB,
3617 nl_combi, iface_combination_policy);
3618 if (err || !tb_comb[NL80211_IFACE_COMB_LIMITS] ||
3619 !tb_comb[NL80211_IFACE_COMB_MAXNUM] ||
3620 !tb_comb[NL80211_IFACE_COMB_NUM_CHANNELS])
3621 return 0; /* broken combination */
3623 if (tb_comb[NL80211_IFACE_COMB_RADAR_DETECT_WIDTHS])
3624 info->capa->flags |= WPA_DRIVER_FLAGS_RADAR;
3626 nla_for_each_nested(nl_limit, tb_comb[NL80211_IFACE_COMB_LIMITS],
3628 err = nla_parse_nested(tb_limit, MAX_NL80211_IFACE_LIMIT,
3629 nl_limit, iface_limit_policy);
3630 if (err || !tb_limit[NL80211_IFACE_LIMIT_TYPES])
3631 return 0; /* broken combination */
3633 nla_for_each_nested(nl_mode,
3634 tb_limit[NL80211_IFACE_LIMIT_TYPES],
3636 int ift = nla_type(nl_mode);
3637 if (ift == NL80211_IFTYPE_P2P_GO ||
3638 ift == NL80211_IFTYPE_P2P_CLIENT)
3639 combination_has_p2p = 1;
3640 if (ift == NL80211_IFTYPE_STATION)
3641 combination_has_mgd = 1;
3643 if (combination_has_p2p && combination_has_mgd)
3647 if (combination_has_p2p && combination_has_mgd) {
3648 unsigned int num_channels =
3649 nla_get_u32(tb_comb[NL80211_IFACE_COMB_NUM_CHANNELS]);
3651 info->p2p_concurrent = 1;
3652 if (info->num_multichan_concurrent < num_channels)
3653 info->num_multichan_concurrent = num_channels;
3660 static void wiphy_info_iface_comb(struct wiphy_info_data *info,
3663 struct nlattr *nl_combi;
3669 nla_for_each_nested(nl_combi, tb, rem_combi) {
3670 if (wiphy_info_iface_comb_process(info, nl_combi) > 0)
3676 static void wiphy_info_supp_cmds(struct wiphy_info_data *info,
3679 struct nlattr *nl_cmd;
3685 nla_for_each_nested(nl_cmd, tb, i) {
3686 switch (nla_get_u32(nl_cmd)) {
3687 case NL80211_CMD_AUTHENTICATE:
3688 info->auth_supported = 1;
3690 case NL80211_CMD_CONNECT:
3691 info->connect_supported = 1;
3693 case NL80211_CMD_START_SCHED_SCAN:
3694 info->capa->sched_scan_supported = 1;
3696 case NL80211_CMD_PROBE_CLIENT:
3697 info->poll_command_supported = 1;
3699 case NL80211_CMD_CHANNEL_SWITCH:
3700 info->channel_switch_supported = 1;
3702 case NL80211_CMD_SET_QOS_MAP:
3703 info->set_qos_map_supported = 1;
3710 static void wiphy_info_cipher_suites(struct wiphy_info_data *info,
3719 num = nla_len(tb) / sizeof(u32);
3720 ciphers = nla_data(tb);
3721 for (i = 0; i < num; i++) {
3724 wpa_printf(MSG_DEBUG, "nl80211: Supported cipher %02x-%02x-%02x:%d",
3725 c >> 24, (c >> 16) & 0xff,
3726 (c >> 8) & 0xff, c & 0xff);
3728 case WLAN_CIPHER_SUITE_CCMP_256:
3729 info->capa->enc |= WPA_DRIVER_CAPA_ENC_CCMP_256;
3731 case WLAN_CIPHER_SUITE_GCMP_256:
3732 info->capa->enc |= WPA_DRIVER_CAPA_ENC_GCMP_256;
3734 case WLAN_CIPHER_SUITE_CCMP:
3735 info->capa->enc |= WPA_DRIVER_CAPA_ENC_CCMP;
3737 case WLAN_CIPHER_SUITE_GCMP:
3738 info->capa->enc |= WPA_DRIVER_CAPA_ENC_GCMP;
3740 case WLAN_CIPHER_SUITE_TKIP:
3741 info->capa->enc |= WPA_DRIVER_CAPA_ENC_TKIP;
3743 case WLAN_CIPHER_SUITE_WEP104:
3744 info->capa->enc |= WPA_DRIVER_CAPA_ENC_WEP104;
3746 case WLAN_CIPHER_SUITE_WEP40:
3747 info->capa->enc |= WPA_DRIVER_CAPA_ENC_WEP40;
3749 case WLAN_CIPHER_SUITE_AES_CMAC:
3750 info->capa->enc |= WPA_DRIVER_CAPA_ENC_BIP;
3752 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
3753 info->capa->enc |= WPA_DRIVER_CAPA_ENC_BIP_GMAC_128;
3755 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
3756 info->capa->enc |= WPA_DRIVER_CAPA_ENC_BIP_GMAC_256;
3758 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
3759 info->capa->enc |= WPA_DRIVER_CAPA_ENC_BIP_CMAC_256;
3761 case WLAN_CIPHER_SUITE_NO_GROUP_ADDR:
3762 info->capa->enc |= WPA_DRIVER_CAPA_ENC_GTK_NOT_USED;
3769 static void wiphy_info_max_roc(struct wpa_driver_capa *capa,
3773 capa->max_remain_on_chan = nla_get_u32(tb);
3777 static void wiphy_info_tdls(struct wpa_driver_capa *capa, struct nlattr *tdls,
3778 struct nlattr *ext_setup)
3783 wpa_printf(MSG_DEBUG, "nl80211: TDLS supported");
3784 capa->flags |= WPA_DRIVER_FLAGS_TDLS_SUPPORT;
3787 wpa_printf(MSG_DEBUG, "nl80211: TDLS external setup");
3788 capa->flags |= WPA_DRIVER_FLAGS_TDLS_EXTERNAL_SETUP;
3793 static void wiphy_info_feature_flags(struct wiphy_info_data *info,
3797 struct wpa_driver_capa *capa = info->capa;
3802 flags = nla_get_u32(tb);
3804 if (flags & NL80211_FEATURE_SK_TX_STATUS)
3805 info->data_tx_status = 1;
3807 if (flags & NL80211_FEATURE_INACTIVITY_TIMER)
3808 capa->flags |= WPA_DRIVER_FLAGS_INACTIVITY_TIMER;
3810 if (flags & NL80211_FEATURE_SAE)
3811 capa->flags |= WPA_DRIVER_FLAGS_SAE;
3813 if (flags & NL80211_FEATURE_NEED_OBSS_SCAN)
3814 capa->flags |= WPA_DRIVER_FLAGS_OBSS_SCAN;
3816 if (flags & NL80211_FEATURE_AP_MODE_CHAN_WIDTH_CHANGE)
3817 capa->flags |= WPA_DRIVER_FLAGS_HT_2040_COEX;
3819 if (flags & NL80211_FEATURE_LOW_PRIORITY_SCAN)
3820 info->have_low_prio_scan = 1;
3824 static void wiphy_info_probe_resp_offload(struct wpa_driver_capa *capa,
3832 protocols = nla_get_u32(tb);
3833 wpa_printf(MSG_DEBUG, "nl80211: Supports Probe Response offload in AP "
3835 capa->flags |= WPA_DRIVER_FLAGS_PROBE_RESP_OFFLOAD;
3836 capa->probe_resp_offloads = probe_resp_offload_support(protocols);
3840 static void wiphy_info_wowlan_triggers(struct wpa_driver_capa *capa,
3843 struct nlattr *triggers[MAX_NL80211_WOWLAN_TRIG + 1];
3848 if (nla_parse_nested(triggers, MAX_NL80211_WOWLAN_TRIG,
3852 if (triggers[NL80211_WOWLAN_TRIG_ANY])
3853 capa->wowlan_triggers.any = 1;
3854 if (triggers[NL80211_WOWLAN_TRIG_DISCONNECT])
3855 capa->wowlan_triggers.disconnect = 1;
3856 if (triggers[NL80211_WOWLAN_TRIG_MAGIC_PKT])
3857 capa->wowlan_triggers.magic_pkt = 1;
3858 if (triggers[NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE])
3859 capa->wowlan_triggers.gtk_rekey_failure = 1;
3860 if (triggers[NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST])
3861 capa->wowlan_triggers.eap_identity_req = 1;
3862 if (triggers[NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE])
3863 capa->wowlan_triggers.four_way_handshake = 1;
3864 if (triggers[NL80211_WOWLAN_TRIG_RFKILL_RELEASE])
3865 capa->wowlan_triggers.rfkill_release = 1;
3869 static int wiphy_info_handler(struct nl_msg *msg, void *arg)
3871 struct nlattr *tb[NL80211_ATTR_MAX + 1];
3872 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
3873 struct wiphy_info_data *info = arg;
3874 struct wpa_driver_capa *capa = info->capa;
3875 struct wpa_driver_nl80211_data *drv = info->drv;
3877 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
3878 genlmsg_attrlen(gnlh, 0), NULL);
3880 if (tb[NL80211_ATTR_WIPHY_NAME])
3881 os_strlcpy(drv->phyname,
3882 nla_get_string(tb[NL80211_ATTR_WIPHY_NAME]),
3883 sizeof(drv->phyname));
3884 if (tb[NL80211_ATTR_MAX_NUM_SCAN_SSIDS])
3885 capa->max_scan_ssids =
3886 nla_get_u8(tb[NL80211_ATTR_MAX_NUM_SCAN_SSIDS]);
3888 if (tb[NL80211_ATTR_MAX_NUM_SCHED_SCAN_SSIDS])
3889 capa->max_sched_scan_ssids =
3890 nla_get_u8(tb[NL80211_ATTR_MAX_NUM_SCHED_SCAN_SSIDS]);
3892 if (tb[NL80211_ATTR_MAX_MATCH_SETS])
3893 capa->max_match_sets =
3894 nla_get_u8(tb[NL80211_ATTR_MAX_MATCH_SETS]);
3896 if (tb[NL80211_ATTR_MAC_ACL_MAX])
3897 capa->max_acl_mac_addrs =
3898 nla_get_u8(tb[NL80211_ATTR_MAC_ACL_MAX]);
3900 wiphy_info_supported_iftypes(info, tb[NL80211_ATTR_SUPPORTED_IFTYPES]);
3901 wiphy_info_iface_comb(info, tb[NL80211_ATTR_INTERFACE_COMBINATIONS]);
3902 wiphy_info_supp_cmds(info, tb[NL80211_ATTR_SUPPORTED_COMMANDS]);
3903 wiphy_info_cipher_suites(info, tb[NL80211_ATTR_CIPHER_SUITES]);
3905 if (tb[NL80211_ATTR_OFFCHANNEL_TX_OK]) {
3906 wpa_printf(MSG_DEBUG, "nl80211: Using driver-based "
3908 capa->flags |= WPA_DRIVER_FLAGS_OFFCHANNEL_TX;
3911 if (tb[NL80211_ATTR_ROAM_SUPPORT]) {
3912 wpa_printf(MSG_DEBUG, "nl80211: Using driver-based roaming");
3913 capa->flags |= WPA_DRIVER_FLAGS_BSS_SELECTION;
3916 wiphy_info_max_roc(capa,
3917 tb[NL80211_ATTR_MAX_REMAIN_ON_CHANNEL_DURATION]);
3919 if (tb[NL80211_ATTR_SUPPORT_AP_UAPSD])
3920 capa->flags |= WPA_DRIVER_FLAGS_AP_UAPSD;
3922 wiphy_info_tdls(capa, tb[NL80211_ATTR_TDLS_SUPPORT],
3923 tb[NL80211_ATTR_TDLS_EXTERNAL_SETUP]);
3925 if (tb[NL80211_ATTR_DEVICE_AP_SME])
3926 info->device_ap_sme = 1;
3928 wiphy_info_feature_flags(info, tb[NL80211_ATTR_FEATURE_FLAGS]);
3929 wiphy_info_probe_resp_offload(capa,
3930 tb[NL80211_ATTR_PROBE_RESP_OFFLOAD]);
3932 if (tb[NL80211_ATTR_EXT_CAPA] && tb[NL80211_ATTR_EXT_CAPA_MASK] &&
3933 drv->extended_capa == NULL) {
3934 drv->extended_capa =
3935 os_malloc(nla_len(tb[NL80211_ATTR_EXT_CAPA]));
3936 if (drv->extended_capa) {
3937 os_memcpy(drv->extended_capa,
3938 nla_data(tb[NL80211_ATTR_EXT_CAPA]),
3939 nla_len(tb[NL80211_ATTR_EXT_CAPA]));
3940 drv->extended_capa_len =
3941 nla_len(tb[NL80211_ATTR_EXT_CAPA]);
3943 drv->extended_capa_mask =
3944 os_malloc(nla_len(tb[NL80211_ATTR_EXT_CAPA]));
3945 if (drv->extended_capa_mask) {
3946 os_memcpy(drv->extended_capa_mask,
3947 nla_data(tb[NL80211_ATTR_EXT_CAPA]),
3948 nla_len(tb[NL80211_ATTR_EXT_CAPA]));
3950 os_free(drv->extended_capa);
3951 drv->extended_capa = NULL;
3952 drv->extended_capa_len = 0;
3956 if (tb[NL80211_ATTR_VENDOR_DATA]) {
3960 nla_for_each_nested(nl, tb[NL80211_ATTR_VENDOR_DATA], rem) {
3961 struct nl80211_vendor_cmd_info *vinfo;
3962 if (nla_len(nl) != sizeof(*vinfo)) {
3963 wpa_printf(MSG_DEBUG, "nl80211: Unexpected vendor data info");
3966 vinfo = nla_data(nl);
3967 switch (vinfo->subcmd) {
3968 case QCA_NL80211_VENDOR_SUBCMD_ROAMING:
3969 drv->roaming_vendor_cmd_avail = 1;
3971 case QCA_NL80211_VENDOR_SUBCMD_DFS_CAPABILITY:
3972 drv->dfs_vendor_cmd_avail = 1;
3976 wpa_printf(MSG_DEBUG, "nl80211: Supported vendor command: vendor_id=0x%x subcmd=%u",
3977 vinfo->vendor_id, vinfo->subcmd);
3981 if (tb[NL80211_ATTR_VENDOR_EVENTS]) {
3985 nla_for_each_nested(nl, tb[NL80211_ATTR_VENDOR_EVENTS], rem) {
3986 struct nl80211_vendor_cmd_info *vinfo;
3987 if (nla_len(nl) != sizeof(*vinfo)) {
3988 wpa_printf(MSG_DEBUG, "nl80211: Unexpected vendor data info");
3991 vinfo = nla_data(nl);
3992 wpa_printf(MSG_DEBUG, "nl80211: Supported vendor event: vendor_id=0x%x subcmd=%u",
3993 vinfo->vendor_id, vinfo->subcmd);
3997 wiphy_info_wowlan_triggers(capa,
3998 tb[NL80211_ATTR_WOWLAN_TRIGGERS_SUPPORTED]);
4000 if (tb[NL80211_ATTR_MAX_AP_ASSOC_STA])
4001 capa->max_stations =
4002 nla_get_u32(tb[NL80211_ATTR_MAX_AP_ASSOC_STA]);
4008 static int wpa_driver_nl80211_get_info(struct wpa_driver_nl80211_data *drv,
4009 struct wiphy_info_data *info)
4014 os_memset(info, 0, sizeof(*info));
4015 info->capa = &drv->capa;
4018 msg = nlmsg_alloc();
4022 feat = get_nl80211_protocol_features(drv);
4023 if (feat & NL80211_PROTOCOL_FEATURE_SPLIT_WIPHY_DUMP)
4024 nl80211_cmd(drv, msg, NLM_F_DUMP, NL80211_CMD_GET_WIPHY);
4026 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_WIPHY);
4028 NLA_PUT_FLAG(msg, NL80211_ATTR_SPLIT_WIPHY_DUMP);
4029 if (nl80211_set_iface_id(msg, drv->first_bss) < 0)
4030 goto nla_put_failure;
4032 if (send_and_recv_msgs(drv, msg, wiphy_info_handler, info))
4035 if (info->auth_supported)
4036 drv->capa.flags |= WPA_DRIVER_FLAGS_SME;
4037 else if (!info->connect_supported) {
4038 wpa_printf(MSG_INFO, "nl80211: Driver does not support "
4039 "authentication/association or connect commands");
4043 if (info->p2p_go_supported && info->p2p_client_supported)
4044 drv->capa.flags |= WPA_DRIVER_FLAGS_P2P_CAPABLE;
4045 if (info->p2p_concurrent) {
4046 wpa_printf(MSG_DEBUG, "nl80211: Use separate P2P group "
4047 "interface (driver advertised support)");
4048 drv->capa.flags |= WPA_DRIVER_FLAGS_P2P_CONCURRENT;
4049 drv->capa.flags |= WPA_DRIVER_FLAGS_P2P_MGMT_AND_NON_P2P;
4051 if (info->num_multichan_concurrent > 1) {
4052 wpa_printf(MSG_DEBUG, "nl80211: Enable multi-channel "
4053 "concurrent (driver advertised support)");
4054 drv->capa.num_multichan_concurrent =
4055 info->num_multichan_concurrent;
4058 /* default to 5000 since early versions of mac80211 don't set it */
4059 if (!drv->capa.max_remain_on_chan)
4060 drv->capa.max_remain_on_chan = 5000;
4062 if (info->channel_switch_supported)
4063 drv->capa.flags |= WPA_DRIVER_FLAGS_AP_CSA;
4072 static int wpa_driver_nl80211_capa(struct wpa_driver_nl80211_data *drv)
4074 struct wiphy_info_data info;
4075 if (wpa_driver_nl80211_get_info(drv, &info))
4081 drv->has_capability = 1;
4082 drv->capa.key_mgmt = WPA_DRIVER_CAPA_KEY_MGMT_WPA |
4083 WPA_DRIVER_CAPA_KEY_MGMT_WPA_PSK |
4084 WPA_DRIVER_CAPA_KEY_MGMT_WPA2 |
4085 WPA_DRIVER_CAPA_KEY_MGMT_WPA2_PSK;
4086 drv->capa.auth = WPA_DRIVER_AUTH_OPEN |
4087 WPA_DRIVER_AUTH_SHARED |
4088 WPA_DRIVER_AUTH_LEAP;
4090 drv->capa.flags |= WPA_DRIVER_FLAGS_SANE_ERROR_CODES;
4091 drv->capa.flags |= WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC_DONE;
4092 drv->capa.flags |= WPA_DRIVER_FLAGS_EAPOL_TX_STATUS;
4095 * As all cfg80211 drivers must support cases where the AP interface is
4096 * removed without the knowledge of wpa_supplicant/hostapd, e.g., in
4097 * case that the user space daemon has crashed, they must be able to
4098 * cleanup all stations and key entries in the AP tear down flow. Thus,
4099 * this flag can/should always be set for cfg80211 drivers.
4101 drv->capa.flags |= WPA_DRIVER_FLAGS_AP_TEARDOWN_SUPPORT;
4103 if (!info.device_ap_sme) {
4104 drv->capa.flags |= WPA_DRIVER_FLAGS_DEAUTH_TX_STATUS;
4107 * No AP SME is currently assumed to also indicate no AP MLME
4108 * in the driver/firmware.
4110 drv->capa.flags |= WPA_DRIVER_FLAGS_AP_MLME;
4113 drv->device_ap_sme = info.device_ap_sme;
4114 drv->poll_command_supported = info.poll_command_supported;
4115 drv->data_tx_status = info.data_tx_status;
4116 if (info.set_qos_map_supported)
4117 drv->capa.flags |= WPA_DRIVER_FLAGS_QOS_MAPPING;
4118 drv->have_low_prio_scan = info.have_low_prio_scan;
4121 * If poll command and tx status are supported, mac80211 is new enough
4122 * to have everything we need to not need monitor interfaces.
4124 drv->use_monitor = !info.poll_command_supported || !info.data_tx_status;
4126 if (drv->device_ap_sme && drv->use_monitor) {
4128 * Non-mac80211 drivers may not support monitor interface.
4129 * Make sure we do not get stuck with incorrect capability here
4130 * by explicitly testing this.
4132 if (!info.monitor_supported) {
4133 wpa_printf(MSG_DEBUG, "nl80211: Disable use_monitor "
4134 "with device_ap_sme since no monitor mode "
4135 "support detected");
4136 drv->use_monitor = 0;
4141 * If we aren't going to use monitor interfaces, but the
4142 * driver doesn't support data TX status, we won't get TX
4143 * status for EAPOL frames.
4145 if (!drv->use_monitor && !info.data_tx_status)
4146 drv->capa.flags &= ~WPA_DRIVER_FLAGS_EAPOL_TX_STATUS;
4153 static int android_genl_ctrl_resolve(struct nl_handle *handle,
4157 * Android ICS has very minimal genl_ctrl_resolve() implementation, so
4158 * need to work around that.
4160 struct nl_cache *cache = NULL;
4161 struct genl_family *nl80211 = NULL;
4164 if (genl_ctrl_alloc_cache(handle, &cache) < 0) {
4165 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate generic "
4170 nl80211 = genl_ctrl_search_by_name(cache, name);
4171 if (nl80211 == NULL)
4174 id = genl_family_get_id(nl80211);
4178 genl_family_put(nl80211);
4180 nl_cache_free(cache);
4184 #define genl_ctrl_resolve android_genl_ctrl_resolve
4185 #endif /* ANDROID */
4188 static int wpa_driver_nl80211_init_nl_global(struct nl80211_global *global)
4192 global->nl_cb = nl_cb_alloc(NL_CB_DEFAULT);
4193 if (global->nl_cb == NULL) {
4194 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate netlink "
4199 global->nl = nl_create_handle(global->nl_cb, "nl");
4200 if (global->nl == NULL)
4203 global->nl80211_id = genl_ctrl_resolve(global->nl, "nl80211");
4204 if (global->nl80211_id < 0) {
4205 wpa_printf(MSG_ERROR, "nl80211: 'nl80211' generic netlink not "
4210 global->nl_event = nl_create_handle(global->nl_cb, "event");
4211 if (global->nl_event == NULL)
4214 ret = nl_get_multicast_id(global, "nl80211", "scan");
4216 ret = nl_socket_add_membership(global->nl_event, ret);
4218 wpa_printf(MSG_ERROR, "nl80211: Could not add multicast "
4219 "membership for scan events: %d (%s)",
4220 ret, strerror(-ret));
4224 ret = nl_get_multicast_id(global, "nl80211", "mlme");
4226 ret = nl_socket_add_membership(global->nl_event, ret);
4228 wpa_printf(MSG_ERROR, "nl80211: Could not add multicast "
4229 "membership for mlme events: %d (%s)",
4230 ret, strerror(-ret));
4234 ret = nl_get_multicast_id(global, "nl80211", "regulatory");
4236 ret = nl_socket_add_membership(global->nl_event, ret);
4238 wpa_printf(MSG_DEBUG, "nl80211: Could not add multicast "
4239 "membership for regulatory events: %d (%s)",
4240 ret, strerror(-ret));
4241 /* Continue without regulatory events */
4244 ret = nl_get_multicast_id(global, "nl80211", "vendor");
4246 ret = nl_socket_add_membership(global->nl_event, ret);
4248 wpa_printf(MSG_DEBUG, "nl80211: Could not add multicast "
4249 "membership for vendor events: %d (%s)",
4250 ret, strerror(-ret));
4251 /* Continue without vendor events */
4254 nl_cb_set(global->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM,
4255 no_seq_check, NULL);
4256 nl_cb_set(global->nl_cb, NL_CB_VALID, NL_CB_CUSTOM,
4257 process_global_event, global);
4259 nl80211_register_eloop_read(&global->nl_event,
4260 wpa_driver_nl80211_event_receive,
4266 nl_destroy_handles(&global->nl_event);
4267 nl_destroy_handles(&global->nl);
4268 nl_cb_put(global->nl_cb);
4269 global->nl_cb = NULL;
4274 static int wpa_driver_nl80211_init_nl(struct wpa_driver_nl80211_data *drv)
4276 drv->nl_cb = nl_cb_alloc(NL_CB_DEFAULT);
4278 wpa_printf(MSG_ERROR, "nl80211: Failed to alloc cb struct");
4282 nl_cb_set(drv->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM,
4283 no_seq_check, NULL);
4284 nl_cb_set(drv->nl_cb, NL_CB_VALID, NL_CB_CUSTOM,
4285 process_drv_event, drv);
4291 static void wpa_driver_nl80211_rfkill_blocked(void *ctx)
4293 wpa_printf(MSG_DEBUG, "nl80211: RFKILL blocked");
4295 * This may be for any interface; use ifdown event to disable
4301 static void wpa_driver_nl80211_rfkill_unblocked(void *ctx)
4303 struct wpa_driver_nl80211_data *drv = ctx;
4304 wpa_printf(MSG_DEBUG, "nl80211: RFKILL unblocked");
4305 if (i802_set_iface_flags(drv->first_bss, 1)) {
4306 wpa_printf(MSG_DEBUG, "nl80211: Could not set interface UP "
4307 "after rfkill unblock");
4310 /* rtnetlink ifup handler will report interface as enabled */
4314 static void wpa_driver_nl80211_handle_eapol_tx_status(int sock,
4318 struct wpa_driver_nl80211_data *drv = eloop_ctx;
4323 struct cmsghdr *cmsg;
4324 int res, found_ee = 0, found_wifi = 0, acked = 0;
4325 union wpa_event_data event;
4327 memset(&msg, 0, sizeof(msg));
4328 msg.msg_iov = &entry;
4330 entry.iov_base = data;
4331 entry.iov_len = sizeof(data);
4332 msg.msg_control = &control;
4333 msg.msg_controllen = sizeof(control);
4335 res = recvmsg(sock, &msg, MSG_ERRQUEUE);
4336 /* if error or not fitting 802.3 header, return */
4340 for (cmsg = CMSG_FIRSTHDR(&msg); cmsg; cmsg = CMSG_NXTHDR(&msg, cmsg))
4342 if (cmsg->cmsg_level == SOL_SOCKET &&
4343 cmsg->cmsg_type == SCM_WIFI_STATUS) {
4347 ack = (void *)CMSG_DATA(cmsg);
4351 if (cmsg->cmsg_level == SOL_PACKET &&
4352 cmsg->cmsg_type == PACKET_TX_TIMESTAMP) {
4353 struct sock_extended_err *err =
4354 (struct sock_extended_err *)CMSG_DATA(cmsg);
4356 if (err->ee_origin == SO_EE_ORIGIN_TXSTATUS)
4361 if (!found_ee || !found_wifi)
4364 memset(&event, 0, sizeof(event));
4365 event.eapol_tx_status.dst = data;
4366 event.eapol_tx_status.data = data + 14;
4367 event.eapol_tx_status.data_len = res - 14;
4368 event.eapol_tx_status.ack = acked;
4369 wpa_supplicant_event(drv->ctx, EVENT_EAPOL_TX_STATUS, &event);
4373 static int nl80211_init_bss(struct i802_bss *bss)
4375 bss->nl_cb = nl_cb_alloc(NL_CB_DEFAULT);
4379 nl_cb_set(bss->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM,
4380 no_seq_check, NULL);
4381 nl_cb_set(bss->nl_cb, NL_CB_VALID, NL_CB_CUSTOM,
4382 process_bss_event, bss);
4388 static void nl80211_destroy_bss(struct i802_bss *bss)
4390 nl_cb_put(bss->nl_cb);
4395 static void * wpa_driver_nl80211_drv_init(void *ctx, const char *ifname,
4396 void *global_priv, int hostapd,
4399 struct wpa_driver_nl80211_data *drv;
4400 struct rfkill_config *rcfg;
4401 struct i802_bss *bss;
4403 if (global_priv == NULL)
4405 drv = os_zalloc(sizeof(*drv));
4408 drv->global = global_priv;
4410 drv->hostapd = !!hostapd;
4411 drv->eapol_sock = -1;
4412 drv->num_if_indices = sizeof(drv->default_if_indices) / sizeof(int);
4413 drv->if_indices = drv->default_if_indices;
4415 drv->first_bss = os_zalloc(sizeof(*drv->first_bss));
4416 if (!drv->first_bss) {
4420 bss = drv->first_bss;
4424 os_strlcpy(bss->ifname, ifname, sizeof(bss->ifname));
4425 drv->monitor_ifidx = -1;
4426 drv->monitor_sock = -1;
4427 drv->eapol_tx_sock = -1;
4428 drv->ap_scan_as_station = NL80211_IFTYPE_UNSPECIFIED;
4430 if (wpa_driver_nl80211_init_nl(drv)) {
4435 if (nl80211_init_bss(bss))
4438 rcfg = os_zalloc(sizeof(*rcfg));
4442 os_strlcpy(rcfg->ifname, ifname, sizeof(rcfg->ifname));
4443 rcfg->blocked_cb = wpa_driver_nl80211_rfkill_blocked;
4444 rcfg->unblocked_cb = wpa_driver_nl80211_rfkill_unblocked;
4445 drv->rfkill = rfkill_init(rcfg);
4446 if (drv->rfkill == NULL) {
4447 wpa_printf(MSG_DEBUG, "nl80211: RFKILL status not available");
4451 if (linux_iface_up(drv->global->ioctl_sock, ifname) > 0)
4452 drv->start_iface_up = 1;
4454 if (wpa_driver_nl80211_finish_drv_init(drv, set_addr, 1))
4457 drv->eapol_tx_sock = socket(PF_PACKET, SOCK_DGRAM, 0);
4458 if (drv->eapol_tx_sock < 0)
4461 if (drv->data_tx_status) {
4464 if (setsockopt(drv->eapol_tx_sock, SOL_SOCKET, SO_WIFI_STATUS,
4465 &enabled, sizeof(enabled)) < 0) {
4466 wpa_printf(MSG_DEBUG,
4467 "nl80211: wifi status sockopt failed\n");
4468 drv->data_tx_status = 0;
4469 if (!drv->use_monitor)
4471 ~WPA_DRIVER_FLAGS_EAPOL_TX_STATUS;
4473 eloop_register_read_sock(drv->eapol_tx_sock,
4474 wpa_driver_nl80211_handle_eapol_tx_status,
4480 dl_list_add(&drv->global->interfaces, &drv->list);
4481 drv->in_interface_list = 1;
4487 wpa_driver_nl80211_deinit(bss);
4493 * wpa_driver_nl80211_init - Initialize nl80211 driver interface
4494 * @ctx: context to be used when calling wpa_supplicant functions,
4495 * e.g., wpa_supplicant_event()
4496 * @ifname: interface name, e.g., wlan0
4497 * @global_priv: private driver global data from global_init()
4498 * Returns: Pointer to private data, %NULL on failure
4500 static void * wpa_driver_nl80211_init(void *ctx, const char *ifname,
4503 return wpa_driver_nl80211_drv_init(ctx, ifname, global_priv, 0, NULL);
4507 static int nl80211_register_frame(struct i802_bss *bss,
4508 struct nl_handle *nl_handle,
4509 u16 type, const u8 *match, size_t match_len)
4511 struct wpa_driver_nl80211_data *drv = bss->drv;
4516 msg = nlmsg_alloc();
4521 wpa_snprintf_hex(buf, sizeof(buf), match, match_len);
4522 wpa_printf(MSG_DEBUG, "nl80211: Register frame type=0x%x (%s) nl_handle=%p match=%s",
4523 type, fc2str(type), nl_handle, buf);
4525 nl80211_cmd(drv, msg, 0, NL80211_CMD_REGISTER_ACTION);
4527 if (nl80211_set_iface_id(msg, bss) < 0)
4528 goto nla_put_failure;
4530 NLA_PUT_U16(msg, NL80211_ATTR_FRAME_TYPE, type);
4531 NLA_PUT(msg, NL80211_ATTR_FRAME_MATCH, match_len, match);
4533 ret = send_and_recv(drv->global, nl_handle, msg, NULL, NULL);
4536 wpa_printf(MSG_DEBUG, "nl80211: Register frame command "
4537 "failed (type=%u): ret=%d (%s)",
4538 type, ret, strerror(-ret));
4539 wpa_hexdump(MSG_DEBUG, "nl80211: Register frame match",
4541 goto nla_put_failure;
4550 static int nl80211_alloc_mgmt_handle(struct i802_bss *bss)
4552 struct wpa_driver_nl80211_data *drv = bss->drv;
4555 wpa_printf(MSG_DEBUG, "nl80211: Mgmt reporting "
4556 "already on! (nl_mgmt=%p)", bss->nl_mgmt);
4560 bss->nl_mgmt = nl_create_handle(drv->nl_cb, "mgmt");
4561 if (bss->nl_mgmt == NULL)
4568 static void nl80211_mgmt_handle_register_eloop(struct i802_bss *bss)
4570 nl80211_register_eloop_read(&bss->nl_mgmt,
4571 wpa_driver_nl80211_event_receive,
4576 static int nl80211_register_action_frame(struct i802_bss *bss,
4577 const u8 *match, size_t match_len)
4579 u16 type = (WLAN_FC_TYPE_MGMT << 2) | (WLAN_FC_STYPE_ACTION << 4);
4580 return nl80211_register_frame(bss, bss->nl_mgmt,
4581 type, match, match_len);
4585 static int nl80211_mgmt_subscribe_non_ap(struct i802_bss *bss)
4587 struct wpa_driver_nl80211_data *drv = bss->drv;
4590 if (nl80211_alloc_mgmt_handle(bss))
4592 wpa_printf(MSG_DEBUG, "nl80211: Subscribe to mgmt frames with non-AP "
4593 "handle %p", bss->nl_mgmt);
4595 if (drv->nlmode == NL80211_IFTYPE_ADHOC) {
4596 u16 type = (WLAN_FC_TYPE_MGMT << 2) | (WLAN_FC_STYPE_AUTH << 4);
4598 /* register for any AUTH message */
4599 nl80211_register_frame(bss, bss->nl_mgmt, type, NULL, 0);
4602 #ifdef CONFIG_INTERWORKING
4603 /* QoS Map Configure */
4604 if (nl80211_register_action_frame(bss, (u8 *) "\x01\x04", 2) < 0)
4606 #endif /* CONFIG_INTERWORKING */
4607 #if defined(CONFIG_P2P) || defined(CONFIG_INTERWORKING)
4608 /* GAS Initial Request */
4609 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0a", 2) < 0)
4611 /* GAS Initial Response */
4612 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0b", 2) < 0)
4614 /* GAS Comeback Request */
4615 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0c", 2) < 0)
4617 /* GAS Comeback Response */
4618 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0d", 2) < 0)
4620 /* Protected GAS Initial Request */
4621 if (nl80211_register_action_frame(bss, (u8 *) "\x09\x0a", 2) < 0)
4623 /* Protected GAS Initial Response */
4624 if (nl80211_register_action_frame(bss, (u8 *) "\x09\x0b", 2) < 0)
4626 /* Protected GAS Comeback Request */
4627 if (nl80211_register_action_frame(bss, (u8 *) "\x09\x0c", 2) < 0)
4629 /* Protected GAS Comeback Response */
4630 if (nl80211_register_action_frame(bss, (u8 *) "\x09\x0d", 2) < 0)
4632 #endif /* CONFIG_P2P || CONFIG_INTERWORKING */
4634 /* P2P Public Action */
4635 if (nl80211_register_action_frame(bss,
4636 (u8 *) "\x04\x09\x50\x6f\x9a\x09",
4640 if (nl80211_register_action_frame(bss,
4641 (u8 *) "\x7f\x50\x6f\x9a\x09",
4644 #endif /* CONFIG_P2P */
4645 #ifdef CONFIG_IEEE80211W
4646 /* SA Query Response */
4647 if (nl80211_register_action_frame(bss, (u8 *) "\x08\x01", 2) < 0)
4649 #endif /* CONFIG_IEEE80211W */
4651 if ((drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT)) {
4652 /* TDLS Discovery Response */
4653 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0e", 2) <
4657 #endif /* CONFIG_TDLS */
4659 /* FT Action frames */
4660 if (nl80211_register_action_frame(bss, (u8 *) "\x06", 1) < 0)
4663 drv->capa.key_mgmt |= WPA_DRIVER_CAPA_KEY_MGMT_FT |
4664 WPA_DRIVER_CAPA_KEY_MGMT_FT_PSK;
4666 /* WNM - BSS Transition Management Request */
4667 if (nl80211_register_action_frame(bss, (u8 *) "\x0a\x07", 2) < 0)
4669 /* WNM-Sleep Mode Response */
4670 if (nl80211_register_action_frame(bss, (u8 *) "\x0a\x11", 2) < 0)
4674 /* WNM-Notification */
4675 if (nl80211_register_action_frame(bss, (u8 *) "\x0a\x1a", 2) < 0)
4677 #endif /* CONFIG_HS20 */
4679 nl80211_mgmt_handle_register_eloop(bss);
4685 static int nl80211_register_spurious_class3(struct i802_bss *bss)
4687 struct wpa_driver_nl80211_data *drv = bss->drv;
4691 msg = nlmsg_alloc();
4695 nl80211_cmd(drv, msg, 0, NL80211_CMD_UNEXPECTED_FRAME);
4697 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, bss->ifindex);
4699 ret = send_and_recv(drv->global, bss->nl_mgmt, msg, NULL, NULL);
4702 wpa_printf(MSG_DEBUG, "nl80211: Register spurious class3 "
4703 "failed: ret=%d (%s)",
4704 ret, strerror(-ret));
4705 goto nla_put_failure;
4714 static int nl80211_mgmt_subscribe_ap(struct i802_bss *bss)
4716 static const int stypes[] = {
4718 WLAN_FC_STYPE_ASSOC_REQ,
4719 WLAN_FC_STYPE_REASSOC_REQ,
4720 WLAN_FC_STYPE_DISASSOC,
4721 WLAN_FC_STYPE_DEAUTH,
4722 WLAN_FC_STYPE_ACTION,
4723 WLAN_FC_STYPE_PROBE_REQ,
4724 /* Beacon doesn't work as mac80211 doesn't currently allow
4725 * it, but it wouldn't really be the right thing anyway as
4726 * it isn't per interface ... maybe just dump the scan
4727 * results periodically for OLBC?
4729 /* WLAN_FC_STYPE_BEACON, */
4733 if (nl80211_alloc_mgmt_handle(bss))
4735 wpa_printf(MSG_DEBUG, "nl80211: Subscribe to mgmt frames with AP "
4736 "handle %p", bss->nl_mgmt);
4738 for (i = 0; i < ARRAY_SIZE(stypes); i++) {
4739 if (nl80211_register_frame(bss, bss->nl_mgmt,
4740 (WLAN_FC_TYPE_MGMT << 2) |
4747 if (nl80211_register_spurious_class3(bss))
4750 if (nl80211_get_wiphy_data_ap(bss) == NULL)
4753 nl80211_mgmt_handle_register_eloop(bss);
4757 nl_destroy_handles(&bss->nl_mgmt);
4762 static int nl80211_mgmt_subscribe_ap_dev_sme(struct i802_bss *bss)
4764 if (nl80211_alloc_mgmt_handle(bss))
4766 wpa_printf(MSG_DEBUG, "nl80211: Subscribe to mgmt frames with AP "
4767 "handle %p (device SME)", bss->nl_mgmt);
4769 if (nl80211_register_frame(bss, bss->nl_mgmt,
4770 (WLAN_FC_TYPE_MGMT << 2) |
4771 (WLAN_FC_STYPE_ACTION << 4),
4775 nl80211_mgmt_handle_register_eloop(bss);
4779 nl_destroy_handles(&bss->nl_mgmt);
4784 static void nl80211_mgmt_unsubscribe(struct i802_bss *bss, const char *reason)
4786 if (bss->nl_mgmt == NULL)
4788 wpa_printf(MSG_DEBUG, "nl80211: Unsubscribe mgmt frames handle %p "
4789 "(%s)", bss->nl_mgmt, reason);
4790 nl80211_destroy_eloop_handle(&bss->nl_mgmt);
4792 nl80211_put_wiphy_data_ap(bss);
4796 static void wpa_driver_nl80211_send_rfkill(void *eloop_ctx, void *timeout_ctx)
4798 wpa_supplicant_event(timeout_ctx, EVENT_INTERFACE_DISABLED, NULL);
4802 static void nl80211_del_p2pdev(struct i802_bss *bss)
4804 struct wpa_driver_nl80211_data *drv = bss->drv;
4808 msg = nlmsg_alloc();
4812 nl80211_cmd(drv, msg, 0, NL80211_CMD_DEL_INTERFACE);
4813 NLA_PUT_U64(msg, NL80211_ATTR_WDEV, bss->wdev_id);
4815 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
4818 wpa_printf(MSG_DEBUG, "nl80211: Delete P2P Device %s (0x%llx): %s",
4819 bss->ifname, (long long unsigned int) bss->wdev_id,
4827 static int nl80211_set_p2pdev(struct i802_bss *bss, int start)
4829 struct wpa_driver_nl80211_data *drv = bss->drv;
4833 msg = nlmsg_alloc();
4838 nl80211_cmd(drv, msg, 0, NL80211_CMD_START_P2P_DEVICE);
4840 nl80211_cmd(drv, msg, 0, NL80211_CMD_STOP_P2P_DEVICE);
4842 NLA_PUT_U64(msg, NL80211_ATTR_WDEV, bss->wdev_id);
4844 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
4847 wpa_printf(MSG_DEBUG, "nl80211: %s P2P Device %s (0x%llx): %s",
4848 start ? "Start" : "Stop",
4849 bss->ifname, (long long unsigned int) bss->wdev_id,
4858 static int i802_set_iface_flags(struct i802_bss *bss, int up)
4860 enum nl80211_iftype nlmode;
4862 nlmode = nl80211_get_ifmode(bss);
4863 if (nlmode != NL80211_IFTYPE_P2P_DEVICE) {
4864 return linux_set_iface_flags(bss->drv->global->ioctl_sock,
4868 /* P2P Device has start/stop which is equivalent */
4869 return nl80211_set_p2pdev(bss, up);
4874 wpa_driver_nl80211_finish_drv_init(struct wpa_driver_nl80211_data *drv,
4875 const u8 *set_addr, int first)
4877 struct i802_bss *bss = drv->first_bss;
4878 int send_rfkill_event = 0;
4879 enum nl80211_iftype nlmode;
4881 drv->ifindex = if_nametoindex(bss->ifname);
4882 bss->ifindex = drv->ifindex;
4883 bss->wdev_id = drv->global->if_add_wdevid;
4884 bss->wdev_id_set = drv->global->if_add_wdevid_set;
4886 bss->if_dynamic = drv->ifindex == drv->global->if_add_ifindex;
4887 bss->if_dynamic = bss->if_dynamic || drv->global->if_add_wdevid_set;
4888 drv->global->if_add_wdevid_set = 0;
4890 if (!bss->if_dynamic && nl80211_get_ifmode(bss) == NL80211_IFTYPE_AP)
4893 if (wpa_driver_nl80211_capa(drv))
4896 wpa_printf(MSG_DEBUG, "nl80211: interface %s in phy %s",
4897 bss->ifname, drv->phyname);
4900 (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 0) ||
4901 linux_set_ifhwaddr(drv->global->ioctl_sock, bss->ifname,
4905 if (first && nl80211_get_ifmode(bss) == NL80211_IFTYPE_AP)
4906 drv->start_mode_ap = 1;
4908 if (drv->hostapd || bss->static_ap)
4909 nlmode = NL80211_IFTYPE_AP;
4910 else if (bss->if_dynamic)
4911 nlmode = nl80211_get_ifmode(bss);
4913 nlmode = NL80211_IFTYPE_STATION;
4915 if (wpa_driver_nl80211_set_mode(bss, nlmode) < 0) {
4916 wpa_printf(MSG_ERROR, "nl80211: Could not configure driver mode");
4920 if (nlmode == NL80211_IFTYPE_P2P_DEVICE)
4921 nl80211_get_macaddr(bss);
4923 if (!rfkill_is_blocked(drv->rfkill)) {
4924 int ret = i802_set_iface_flags(bss, 1);
4926 wpa_printf(MSG_ERROR, "nl80211: Could not set "
4927 "interface '%s' UP", bss->ifname);
4930 if (nlmode == NL80211_IFTYPE_P2P_DEVICE)
4933 wpa_printf(MSG_DEBUG, "nl80211: Could not yet enable "
4934 "interface '%s' due to rfkill", bss->ifname);
4935 if (nlmode == NL80211_IFTYPE_P2P_DEVICE)
4937 drv->if_disabled = 1;
4938 send_rfkill_event = 1;
4942 netlink_send_oper_ifla(drv->global->netlink, drv->ifindex,
4943 1, IF_OPER_DORMANT);
4945 if (linux_get_ifhwaddr(drv->global->ioctl_sock, bss->ifname,
4948 os_memcpy(drv->perm_addr, bss->addr, ETH_ALEN);
4950 if (send_rfkill_event) {
4951 eloop_register_timeout(0, 0, wpa_driver_nl80211_send_rfkill,
4959 static int wpa_driver_nl80211_del_beacon(struct wpa_driver_nl80211_data *drv)
4963 msg = nlmsg_alloc();
4967 wpa_printf(MSG_DEBUG, "nl80211: Remove beacon (ifindex=%d)",
4969 nl80211_cmd(drv, msg, 0, NL80211_CMD_DEL_BEACON);
4970 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
4972 return send_and_recv_msgs(drv, msg, NULL, NULL);
4980 * wpa_driver_nl80211_deinit - Deinitialize nl80211 driver interface
4981 * @bss: Pointer to private nl80211 data from wpa_driver_nl80211_init()
4983 * Shut down driver interface and processing of driver events. Free
4984 * private data buffer if one was allocated in wpa_driver_nl80211_init().
4986 static void wpa_driver_nl80211_deinit(struct i802_bss *bss)
4988 struct wpa_driver_nl80211_data *drv = bss->drv;
4991 if (drv->data_tx_status)
4992 eloop_unregister_read_sock(drv->eapol_tx_sock);
4993 if (drv->eapol_tx_sock >= 0)
4994 close(drv->eapol_tx_sock);
4997 wpa_driver_nl80211_probe_req_report(bss, 0);
4998 if (bss->added_if_into_bridge) {
4999 if (linux_br_del_if(drv->global->ioctl_sock, bss->brname,
5001 wpa_printf(MSG_INFO, "nl80211: Failed to remove "
5002 "interface %s from bridge %s: %s",
5003 bss->ifname, bss->brname, strerror(errno));
5005 nl80211_handle_destroy(drv->rtnl_sk);
5007 if (bss->added_bridge) {
5008 if (linux_br_del(drv->global->ioctl_sock, bss->brname) < 0)
5009 wpa_printf(MSG_INFO, "nl80211: Failed to remove "
5011 bss->brname, strerror(errno));
5014 nl80211_remove_monitor_interface(drv);
5016 if (is_ap_interface(drv->nlmode))
5017 wpa_driver_nl80211_del_beacon(drv);
5019 if (drv->eapol_sock >= 0) {
5020 eloop_unregister_read_sock(drv->eapol_sock);
5021 close(drv->eapol_sock);
5024 if (drv->if_indices != drv->default_if_indices)
5025 os_free(drv->if_indices);
5027 if (drv->disabled_11b_rates)
5028 nl80211_disable_11b_rates(drv, drv->ifindex, 0);
5030 netlink_send_oper_ifla(drv->global->netlink, drv->ifindex, 0,
5032 eloop_cancel_timeout(wpa_driver_nl80211_send_rfkill, drv, drv->ctx);
5033 rfkill_deinit(drv->rfkill);
5035 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv, drv->ctx);
5037 if (!drv->start_iface_up)
5038 (void) i802_set_iface_flags(bss, 0);
5040 if (drv->addr_changed) {
5041 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname,
5043 wpa_printf(MSG_DEBUG,
5044 "nl80211: Could not set interface down to restore permanent MAC address");
5046 if (linux_set_ifhwaddr(drv->global->ioctl_sock, bss->ifname,
5047 drv->perm_addr) < 0) {
5048 wpa_printf(MSG_DEBUG,
5049 "nl80211: Could not restore permanent MAC address");
5053 if (drv->nlmode != NL80211_IFTYPE_P2P_DEVICE) {
5054 if (!drv->hostapd || !drv->start_mode_ap)
5055 wpa_driver_nl80211_set_mode(bss,
5056 NL80211_IFTYPE_STATION);
5057 nl80211_mgmt_unsubscribe(bss, "deinit");
5059 nl80211_mgmt_unsubscribe(bss, "deinit");
5060 nl80211_del_p2pdev(bss);
5062 nl_cb_put(drv->nl_cb);
5064 nl80211_destroy_bss(drv->first_bss);
5066 os_free(drv->filter_ssids);
5068 os_free(drv->auth_ie);
5070 if (drv->in_interface_list)
5071 dl_list_del(&drv->list);
5073 os_free(drv->extended_capa);
5074 os_free(drv->extended_capa_mask);
5075 os_free(drv->first_bss);
5081 * wpa_driver_nl80211_scan_timeout - Scan timeout to report scan completion
5082 * @eloop_ctx: Driver private data
5083 * @timeout_ctx: ctx argument given to wpa_driver_nl80211_init()
5085 * This function can be used as registered timeout when starting a scan to
5086 * generate a scan completed event if the driver does not report this.
5088 static void wpa_driver_nl80211_scan_timeout(void *eloop_ctx, void *timeout_ctx)
5090 struct wpa_driver_nl80211_data *drv = eloop_ctx;
5091 if (drv->ap_scan_as_station != NL80211_IFTYPE_UNSPECIFIED) {
5092 wpa_driver_nl80211_set_mode(drv->first_bss,
5093 drv->ap_scan_as_station);
5094 drv->ap_scan_as_station = NL80211_IFTYPE_UNSPECIFIED;
5096 wpa_printf(MSG_DEBUG, "Scan timeout - try to get results");
5097 wpa_supplicant_event(timeout_ctx, EVENT_SCAN_RESULTS, NULL);
5101 static struct nl_msg *
5102 nl80211_scan_common(struct wpa_driver_nl80211_data *drv, u8 cmd,
5103 struct wpa_driver_scan_params *params, u64 *wdev_id)
5109 msg = nlmsg_alloc();
5113 nl80211_cmd(drv, msg, 0, cmd);
5116 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
5118 NLA_PUT_U64(msg, NL80211_ATTR_WDEV, *wdev_id);
5120 if (params->num_ssids) {
5121 struct nlattr *ssids;
5123 ssids = nla_nest_start(msg, NL80211_ATTR_SCAN_SSIDS);
5126 for (i = 0; i < params->num_ssids; i++) {
5127 wpa_hexdump_ascii(MSG_MSGDUMP, "nl80211: Scan SSID",
5128 params->ssids[i].ssid,
5129 params->ssids[i].ssid_len);
5130 if (nla_put(msg, i + 1, params->ssids[i].ssid_len,
5131 params->ssids[i].ssid) < 0)
5134 nla_nest_end(msg, ssids);
5137 if (params->extra_ies) {
5138 wpa_hexdump(MSG_MSGDUMP, "nl80211: Scan extra IEs",
5139 params->extra_ies, params->extra_ies_len);
5140 if (nla_put(msg, NL80211_ATTR_IE, params->extra_ies_len,
5141 params->extra_ies) < 0)
5145 if (params->freqs) {
5146 struct nlattr *freqs;
5147 freqs = nla_nest_start(msg, NL80211_ATTR_SCAN_FREQUENCIES);
5150 for (i = 0; params->freqs[i]; i++) {
5151 wpa_printf(MSG_MSGDUMP, "nl80211: Scan frequency %u "
5152 "MHz", params->freqs[i]);
5153 if (nla_put_u32(msg, i + 1, params->freqs[i]) < 0)
5156 nla_nest_end(msg, freqs);
5159 os_free(drv->filter_ssids);
5160 drv->filter_ssids = params->filter_ssids;
5161 params->filter_ssids = NULL;
5162 drv->num_filter_ssids = params->num_filter_ssids;
5164 if (params->only_new_results) {
5165 wpa_printf(MSG_DEBUG, "nl80211: Add NL80211_SCAN_FLAG_FLUSH");
5166 scan_flags |= NL80211_SCAN_FLAG_FLUSH;
5169 if (params->low_priority && drv->have_low_prio_scan) {
5170 wpa_printf(MSG_DEBUG,
5171 "nl80211: Add NL80211_SCAN_FLAG_LOW_PRIORITY");
5172 scan_flags |= NL80211_SCAN_FLAG_LOW_PRIORITY;
5176 NLA_PUT_U32(msg, NL80211_ATTR_SCAN_FLAGS, scan_flags);
5188 * wpa_driver_nl80211_scan - Request the driver to initiate scan
5189 * @bss: Pointer to private driver data from wpa_driver_nl80211_init()
5190 * @params: Scan parameters
5191 * Returns: 0 on success, -1 on failure
5193 static int wpa_driver_nl80211_scan(struct i802_bss *bss,
5194 struct wpa_driver_scan_params *params)
5196 struct wpa_driver_nl80211_data *drv = bss->drv;
5197 int ret = -1, timeout;
5198 struct nl_msg *msg = NULL;
5200 wpa_dbg(drv->ctx, MSG_DEBUG, "nl80211: scan request");
5201 drv->scan_for_auth = 0;
5203 msg = nl80211_scan_common(drv, NL80211_CMD_TRIGGER_SCAN, params,
5204 bss->wdev_id_set ? &bss->wdev_id : NULL);
5208 if (params->p2p_probe) {
5209 struct nlattr *rates;
5211 wpa_printf(MSG_DEBUG, "nl80211: P2P probe - mask SuppRates");
5213 rates = nla_nest_start(msg, NL80211_ATTR_SCAN_SUPP_RATES);
5215 goto nla_put_failure;
5218 * Remove 2.4 GHz rates 1, 2, 5.5, 11 Mbps from supported rates
5219 * by masking out everything else apart from the OFDM rates 6,
5220 * 9, 12, 18, 24, 36, 48, 54 Mbps from non-MCS rates. All 5 GHz
5221 * rates are left enabled.
5223 NLA_PUT(msg, NL80211_BAND_2GHZ, 8,
5224 "\x0c\x12\x18\x24\x30\x48\x60\x6c");
5225 nla_nest_end(msg, rates);
5227 NLA_PUT_FLAG(msg, NL80211_ATTR_TX_NO_CCK_RATE);
5230 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
5233 wpa_printf(MSG_DEBUG, "nl80211: Scan trigger failed: ret=%d "
5234 "(%s)", ret, strerror(-ret));
5235 if (drv->hostapd && is_ap_interface(drv->nlmode)) {
5236 enum nl80211_iftype old_mode = drv->nlmode;
5239 * mac80211 does not allow scan requests in AP mode, so
5240 * try to do this in station mode.
5242 if (wpa_driver_nl80211_set_mode(
5243 bss, NL80211_IFTYPE_STATION))
5244 goto nla_put_failure;
5246 if (wpa_driver_nl80211_scan(bss, params)) {
5247 wpa_driver_nl80211_set_mode(bss, drv->nlmode);
5248 goto nla_put_failure;
5251 /* Restore AP mode when processing scan results */
5252 drv->ap_scan_as_station = old_mode;
5255 goto nla_put_failure;
5258 drv->scan_state = SCAN_REQUESTED;
5259 /* Not all drivers generate "scan completed" wireless event, so try to
5260 * read results after a timeout. */
5262 if (drv->scan_complete_events) {
5264 * The driver seems to deliver events to notify when scan is
5265 * complete, so use longer timeout to avoid race conditions
5266 * with scanning and following association request.
5270 wpa_printf(MSG_DEBUG, "Scan requested (ret=%d) - scan timeout %d "
5271 "seconds", ret, timeout);
5272 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv, drv->ctx);
5273 eloop_register_timeout(timeout, 0, wpa_driver_nl80211_scan_timeout,
5283 * wpa_driver_nl80211_sched_scan - Initiate a scheduled scan
5284 * @priv: Pointer to private driver data from wpa_driver_nl80211_init()
5285 * @params: Scan parameters
5286 * @interval: Interval between scan cycles in milliseconds
5287 * Returns: 0 on success, -1 on failure or if not supported
5289 static int wpa_driver_nl80211_sched_scan(void *priv,
5290 struct wpa_driver_scan_params *params,
5293 struct i802_bss *bss = priv;
5294 struct wpa_driver_nl80211_data *drv = bss->drv;
5299 wpa_dbg(drv->ctx, MSG_DEBUG, "nl80211: sched_scan request");
5302 if (!drv->capa.sched_scan_supported)
5303 return android_pno_start(bss, params);
5304 #endif /* ANDROID */
5306 msg = nl80211_scan_common(drv, NL80211_CMD_START_SCHED_SCAN, params,
5307 bss->wdev_id_set ? &bss->wdev_id : NULL);
5309 goto nla_put_failure;
5311 NLA_PUT_U32(msg, NL80211_ATTR_SCHED_SCAN_INTERVAL, interval);
5313 if ((drv->num_filter_ssids &&
5314 (int) drv->num_filter_ssids <= drv->capa.max_match_sets) ||
5315 params->filter_rssi) {
5316 struct nlattr *match_sets;
5317 match_sets = nla_nest_start(msg, NL80211_ATTR_SCHED_SCAN_MATCH);
5318 if (match_sets == NULL)
5319 goto nla_put_failure;
5321 for (i = 0; i < drv->num_filter_ssids; i++) {
5322 struct nlattr *match_set_ssid;
5323 wpa_hexdump_ascii(MSG_MSGDUMP,
5324 "nl80211: Sched scan filter SSID",
5325 drv->filter_ssids[i].ssid,
5326 drv->filter_ssids[i].ssid_len);
5328 match_set_ssid = nla_nest_start(msg, i + 1);
5329 if (match_set_ssid == NULL)
5330 goto nla_put_failure;
5331 NLA_PUT(msg, NL80211_ATTR_SCHED_SCAN_MATCH_SSID,
5332 drv->filter_ssids[i].ssid_len,
5333 drv->filter_ssids[i].ssid);
5334 if (params->filter_rssi)
5336 NL80211_SCHED_SCAN_MATCH_ATTR_RSSI,
5337 params->filter_rssi);
5339 nla_nest_end(msg, match_set_ssid);
5343 * Due to backward compatibility code, newer kernels treat this
5344 * matchset (with only an RSSI filter) as the default for all
5345 * other matchsets, unless it's the only one, in which case the
5346 * matchset will actually allow all SSIDs above the RSSI.
5348 if (params->filter_rssi) {
5349 struct nlattr *match_set_rssi;
5350 match_set_rssi = nla_nest_start(msg, 0);
5351 if (match_set_rssi == NULL)
5352 goto nla_put_failure;
5353 NLA_PUT_U32(msg, NL80211_SCHED_SCAN_MATCH_ATTR_RSSI,
5354 params->filter_rssi);
5355 wpa_printf(MSG_MSGDUMP,
5356 "nl80211: Sched scan RSSI filter %d dBm",
5357 params->filter_rssi);
5358 nla_nest_end(msg, match_set_rssi);
5361 nla_nest_end(msg, match_sets);
5364 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
5366 /* TODO: if we get an error here, we should fall back to normal scan */
5370 wpa_printf(MSG_DEBUG, "nl80211: Sched scan start failed: "
5371 "ret=%d (%s)", ret, strerror(-ret));
5372 goto nla_put_failure;
5375 wpa_printf(MSG_DEBUG, "nl80211: Sched scan requested (ret=%d) - "
5376 "scan interval %d msec", ret, interval);
5385 * wpa_driver_nl80211_stop_sched_scan - Stop a scheduled scan
5386 * @priv: Pointer to private driver data from wpa_driver_nl80211_init()
5387 * Returns: 0 on success, -1 on failure or if not supported
5389 static int wpa_driver_nl80211_stop_sched_scan(void *priv)
5391 struct i802_bss *bss = priv;
5392 struct wpa_driver_nl80211_data *drv = bss->drv;
5397 if (!drv->capa.sched_scan_supported)
5398 return android_pno_stop(bss);
5399 #endif /* ANDROID */
5401 msg = nlmsg_alloc();
5405 nl80211_cmd(drv, msg, 0, NL80211_CMD_STOP_SCHED_SCAN);
5407 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
5409 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
5412 wpa_printf(MSG_DEBUG, "nl80211: Sched scan stop failed: "
5413 "ret=%d (%s)", ret, strerror(-ret));
5414 goto nla_put_failure;
5417 wpa_printf(MSG_DEBUG, "nl80211: Sched scan stop sent (ret=%d)", ret);
5425 static const u8 * nl80211_get_ie(const u8 *ies, size_t ies_len, u8 ie)
5427 const u8 *end, *pos;
5433 end = ies + ies_len;
5435 while (pos + 1 < end) {
5436 if (pos + 2 + pos[1] > end)
5447 static int nl80211_scan_filtered(struct wpa_driver_nl80211_data *drv,
5448 const u8 *ie, size_t ie_len)
5453 if (drv->filter_ssids == NULL)
5456 ssid = nl80211_get_ie(ie, ie_len, WLAN_EID_SSID);
5460 for (i = 0; i < drv->num_filter_ssids; i++) {
5461 if (ssid[1] == drv->filter_ssids[i].ssid_len &&
5462 os_memcmp(ssid + 2, drv->filter_ssids[i].ssid, ssid[1]) ==
5471 static int bss_info_handler(struct nl_msg *msg, void *arg)
5473 struct nlattr *tb[NL80211_ATTR_MAX + 1];
5474 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
5475 struct nlattr *bss[NL80211_BSS_MAX + 1];
5476 static struct nla_policy bss_policy[NL80211_BSS_MAX + 1] = {
5477 [NL80211_BSS_BSSID] = { .type = NLA_UNSPEC },
5478 [NL80211_BSS_FREQUENCY] = { .type = NLA_U32 },
5479 [NL80211_BSS_TSF] = { .type = NLA_U64 },
5480 [NL80211_BSS_BEACON_INTERVAL] = { .type = NLA_U16 },
5481 [NL80211_BSS_CAPABILITY] = { .type = NLA_U16 },
5482 [NL80211_BSS_INFORMATION_ELEMENTS] = { .type = NLA_UNSPEC },
5483 [NL80211_BSS_SIGNAL_MBM] = { .type = NLA_U32 },
5484 [NL80211_BSS_SIGNAL_UNSPEC] = { .type = NLA_U8 },
5485 [NL80211_BSS_STATUS] = { .type = NLA_U32 },
5486 [NL80211_BSS_SEEN_MS_AGO] = { .type = NLA_U32 },
5487 [NL80211_BSS_BEACON_IES] = { .type = NLA_UNSPEC },
5489 struct nl80211_bss_info_arg *_arg = arg;
5490 struct wpa_scan_results *res = _arg->res;
5491 struct wpa_scan_res **tmp;
5492 struct wpa_scan_res *r;
5493 const u8 *ie, *beacon_ie;
5494 size_t ie_len, beacon_ie_len;
5498 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
5499 genlmsg_attrlen(gnlh, 0), NULL);
5500 if (!tb[NL80211_ATTR_BSS])
5502 if (nla_parse_nested(bss, NL80211_BSS_MAX, tb[NL80211_ATTR_BSS],
5505 if (bss[NL80211_BSS_STATUS]) {
5506 enum nl80211_bss_status status;
5507 status = nla_get_u32(bss[NL80211_BSS_STATUS]);
5508 if (status == NL80211_BSS_STATUS_ASSOCIATED &&
5509 bss[NL80211_BSS_FREQUENCY]) {
5511 nla_get_u32(bss[NL80211_BSS_FREQUENCY]);
5512 wpa_printf(MSG_DEBUG, "nl80211: Associated on %u MHz",
5515 if (status == NL80211_BSS_STATUS_IBSS_JOINED &&
5516 bss[NL80211_BSS_FREQUENCY]) {
5518 nla_get_u32(bss[NL80211_BSS_FREQUENCY]);
5519 wpa_printf(MSG_DEBUG, "nl80211: IBSS-joined on %u MHz",
5522 if (status == NL80211_BSS_STATUS_ASSOCIATED &&
5523 bss[NL80211_BSS_BSSID]) {
5524 os_memcpy(_arg->assoc_bssid,
5525 nla_data(bss[NL80211_BSS_BSSID]), ETH_ALEN);
5526 wpa_printf(MSG_DEBUG, "nl80211: Associated with "
5527 MACSTR, MAC2STR(_arg->assoc_bssid));
5532 if (bss[NL80211_BSS_INFORMATION_ELEMENTS]) {
5533 ie = nla_data(bss[NL80211_BSS_INFORMATION_ELEMENTS]);
5534 ie_len = nla_len(bss[NL80211_BSS_INFORMATION_ELEMENTS]);
5539 if (bss[NL80211_BSS_BEACON_IES]) {
5540 beacon_ie = nla_data(bss[NL80211_BSS_BEACON_IES]);
5541 beacon_ie_len = nla_len(bss[NL80211_BSS_BEACON_IES]);
5547 if (nl80211_scan_filtered(_arg->drv, ie ? ie : beacon_ie,
5548 ie ? ie_len : beacon_ie_len))
5551 r = os_zalloc(sizeof(*r) + ie_len + beacon_ie_len);
5554 if (bss[NL80211_BSS_BSSID])
5555 os_memcpy(r->bssid, nla_data(bss[NL80211_BSS_BSSID]),
5557 if (bss[NL80211_BSS_FREQUENCY])
5558 r->freq = nla_get_u32(bss[NL80211_BSS_FREQUENCY]);
5559 if (bss[NL80211_BSS_BEACON_INTERVAL])
5560 r->beacon_int = nla_get_u16(bss[NL80211_BSS_BEACON_INTERVAL]);
5561 if (bss[NL80211_BSS_CAPABILITY])
5562 r->caps = nla_get_u16(bss[NL80211_BSS_CAPABILITY]);
5563 r->flags |= WPA_SCAN_NOISE_INVALID;
5564 if (bss[NL80211_BSS_SIGNAL_MBM]) {
5565 r->level = nla_get_u32(bss[NL80211_BSS_SIGNAL_MBM]);
5566 r->level /= 100; /* mBm to dBm */
5567 r->flags |= WPA_SCAN_LEVEL_DBM | WPA_SCAN_QUAL_INVALID;
5568 } else if (bss[NL80211_BSS_SIGNAL_UNSPEC]) {
5569 r->level = nla_get_u8(bss[NL80211_BSS_SIGNAL_UNSPEC]);
5570 r->flags |= WPA_SCAN_QUAL_INVALID;
5572 r->flags |= WPA_SCAN_LEVEL_INVALID | WPA_SCAN_QUAL_INVALID;
5573 if (bss[NL80211_BSS_TSF])
5574 r->tsf = nla_get_u64(bss[NL80211_BSS_TSF]);
5575 if (bss[NL80211_BSS_SEEN_MS_AGO])
5576 r->age = nla_get_u32(bss[NL80211_BSS_SEEN_MS_AGO]);
5578 pos = (u8 *) (r + 1);
5580 os_memcpy(pos, ie, ie_len);
5583 r->beacon_ie_len = beacon_ie_len;
5585 os_memcpy(pos, beacon_ie, beacon_ie_len);
5587 if (bss[NL80211_BSS_STATUS]) {
5588 enum nl80211_bss_status status;
5589 status = nla_get_u32(bss[NL80211_BSS_STATUS]);
5591 case NL80211_BSS_STATUS_AUTHENTICATED:
5592 r->flags |= WPA_SCAN_AUTHENTICATED;
5594 case NL80211_BSS_STATUS_ASSOCIATED:
5595 r->flags |= WPA_SCAN_ASSOCIATED;
5603 * cfg80211 maintains separate BSS table entries for APs if the same
5604 * BSSID,SSID pair is seen on multiple channels. wpa_supplicant does
5605 * not use frequency as a separate key in the BSS table, so filter out
5606 * duplicated entries. Prefer associated BSS entry in such a case in
5607 * order to get the correct frequency into the BSS table. Similarly,
5608 * prefer newer entries over older.
5610 for (i = 0; i < res->num; i++) {
5612 if (os_memcmp(res->res[i]->bssid, r->bssid, ETH_ALEN) != 0)
5615 s1 = nl80211_get_ie((u8 *) (res->res[i] + 1),
5616 res->res[i]->ie_len, WLAN_EID_SSID);
5617 s2 = nl80211_get_ie((u8 *) (r + 1), r->ie_len, WLAN_EID_SSID);
5618 if (s1 == NULL || s2 == NULL || s1[1] != s2[1] ||
5619 os_memcmp(s1, s2, 2 + s1[1]) != 0)
5622 /* Same BSSID,SSID was already included in scan results */
5623 wpa_printf(MSG_DEBUG, "nl80211: Remove duplicated scan result "
5624 "for " MACSTR, MAC2STR(r->bssid));
5626 if (((r->flags & WPA_SCAN_ASSOCIATED) &&
5627 !(res->res[i]->flags & WPA_SCAN_ASSOCIATED)) ||
5628 r->age < res->res[i]->age) {
5629 os_free(res->res[i]);
5636 tmp = os_realloc_array(res->res, res->num + 1,
5637 sizeof(struct wpa_scan_res *));
5642 tmp[res->num++] = r;
5649 static void clear_state_mismatch(struct wpa_driver_nl80211_data *drv,
5652 if (drv->capa.flags & WPA_DRIVER_FLAGS_SME) {
5653 wpa_printf(MSG_DEBUG, "nl80211: Clear possible state "
5654 "mismatch (" MACSTR ")", MAC2STR(addr));
5655 wpa_driver_nl80211_mlme(drv, addr,
5656 NL80211_CMD_DEAUTHENTICATE,
5657 WLAN_REASON_PREV_AUTH_NOT_VALID, 1);
5662 static void wpa_driver_nl80211_check_bss_status(
5663 struct wpa_driver_nl80211_data *drv, struct wpa_scan_results *res)
5667 for (i = 0; i < res->num; i++) {
5668 struct wpa_scan_res *r = res->res[i];
5669 if (r->flags & WPA_SCAN_AUTHENTICATED) {
5670 wpa_printf(MSG_DEBUG, "nl80211: Scan results "
5671 "indicates BSS status with " MACSTR
5672 " as authenticated",
5674 if (is_sta_interface(drv->nlmode) &&
5675 os_memcmp(r->bssid, drv->bssid, ETH_ALEN) != 0 &&
5676 os_memcmp(r->bssid, drv->auth_bssid, ETH_ALEN) !=
5678 wpa_printf(MSG_DEBUG, "nl80211: Unknown BSSID"
5679 " in local state (auth=" MACSTR
5680 " assoc=" MACSTR ")",
5681 MAC2STR(drv->auth_bssid),
5682 MAC2STR(drv->bssid));
5683 clear_state_mismatch(drv, r->bssid);
5687 if (r->flags & WPA_SCAN_ASSOCIATED) {
5688 wpa_printf(MSG_DEBUG, "nl80211: Scan results "
5689 "indicate BSS status with " MACSTR
5692 if (is_sta_interface(drv->nlmode) &&
5694 wpa_printf(MSG_DEBUG, "nl80211: Local state "
5695 "(not associated) does not match "
5697 clear_state_mismatch(drv, r->bssid);
5698 } else if (is_sta_interface(drv->nlmode) &&
5699 os_memcmp(drv->bssid, r->bssid, ETH_ALEN) !=
5701 wpa_printf(MSG_DEBUG, "nl80211: Local state "
5702 "(associated with " MACSTR ") does "
5703 "not match with BSS state",
5704 MAC2STR(drv->bssid));
5705 clear_state_mismatch(drv, r->bssid);
5706 clear_state_mismatch(drv, drv->bssid);
5713 static struct wpa_scan_results *
5714 nl80211_get_scan_results(struct wpa_driver_nl80211_data *drv)
5717 struct wpa_scan_results *res;
5719 struct nl80211_bss_info_arg arg;
5721 res = os_zalloc(sizeof(*res));
5724 msg = nlmsg_alloc();
5726 goto nla_put_failure;
5728 nl80211_cmd(drv, msg, NLM_F_DUMP, NL80211_CMD_GET_SCAN);
5729 if (nl80211_set_iface_id(msg, drv->first_bss) < 0)
5730 goto nla_put_failure;
5734 ret = send_and_recv_msgs(drv, msg, bss_info_handler, &arg);
5737 wpa_printf(MSG_DEBUG, "nl80211: Received scan results (%lu "
5738 "BSSes)", (unsigned long) res->num);
5739 nl80211_get_noise_for_scan_results(drv, res);
5742 wpa_printf(MSG_DEBUG, "nl80211: Scan result fetch failed: ret=%d "
5743 "(%s)", ret, strerror(-ret));
5746 wpa_scan_results_free(res);
5752 * wpa_driver_nl80211_get_scan_results - Fetch the latest scan results
5753 * @priv: Pointer to private wext data from wpa_driver_nl80211_init()
5754 * Returns: Scan results on success, -1 on failure
5756 static struct wpa_scan_results *
5757 wpa_driver_nl80211_get_scan_results(void *priv)
5759 struct i802_bss *bss = priv;
5760 struct wpa_driver_nl80211_data *drv = bss->drv;
5761 struct wpa_scan_results *res;
5763 res = nl80211_get_scan_results(drv);
5765 wpa_driver_nl80211_check_bss_status(drv, res);
5770 static void nl80211_dump_scan(struct wpa_driver_nl80211_data *drv)
5772 struct wpa_scan_results *res;
5775 res = nl80211_get_scan_results(drv);
5777 wpa_printf(MSG_DEBUG, "nl80211: Failed to get scan results");
5781 wpa_printf(MSG_DEBUG, "nl80211: Scan result dump");
5782 for (i = 0; i < res->num; i++) {
5783 struct wpa_scan_res *r = res->res[i];
5784 wpa_printf(MSG_DEBUG, "nl80211: %d/%d " MACSTR "%s%s",
5785 (int) i, (int) res->num, MAC2STR(r->bssid),
5786 r->flags & WPA_SCAN_AUTHENTICATED ? " [auth]" : "",
5787 r->flags & WPA_SCAN_ASSOCIATED ? " [assoc]" : "");
5790 wpa_scan_results_free(res);
5794 static u32 wpa_alg_to_cipher_suite(enum wpa_alg alg, size_t key_len)
5799 return WLAN_CIPHER_SUITE_WEP40;
5800 return WLAN_CIPHER_SUITE_WEP104;
5802 return WLAN_CIPHER_SUITE_TKIP;
5804 return WLAN_CIPHER_SUITE_CCMP;
5806 return WLAN_CIPHER_SUITE_GCMP;
5807 case WPA_ALG_CCMP_256:
5808 return WLAN_CIPHER_SUITE_CCMP_256;
5809 case WPA_ALG_GCMP_256:
5810 return WLAN_CIPHER_SUITE_GCMP_256;
5812 return WLAN_CIPHER_SUITE_AES_CMAC;
5813 case WPA_ALG_BIP_GMAC_128:
5814 return WLAN_CIPHER_SUITE_BIP_GMAC_128;
5815 case WPA_ALG_BIP_GMAC_256:
5816 return WLAN_CIPHER_SUITE_BIP_GMAC_256;
5817 case WPA_ALG_BIP_CMAC_256:
5818 return WLAN_CIPHER_SUITE_BIP_CMAC_256;
5820 return WLAN_CIPHER_SUITE_SMS4;
5822 return WLAN_CIPHER_SUITE_KRK;
5825 wpa_printf(MSG_ERROR, "nl80211: Unexpected encryption algorithm %d",
5830 wpa_printf(MSG_ERROR, "nl80211: Unsupported encryption algorithm %d",
5836 static u32 wpa_cipher_to_cipher_suite(unsigned int cipher)
5839 case WPA_CIPHER_CCMP_256:
5840 return WLAN_CIPHER_SUITE_CCMP_256;
5841 case WPA_CIPHER_GCMP_256:
5842 return WLAN_CIPHER_SUITE_GCMP_256;
5843 case WPA_CIPHER_CCMP:
5844 return WLAN_CIPHER_SUITE_CCMP;
5845 case WPA_CIPHER_GCMP:
5846 return WLAN_CIPHER_SUITE_GCMP;
5847 case WPA_CIPHER_TKIP:
5848 return WLAN_CIPHER_SUITE_TKIP;
5849 case WPA_CIPHER_WEP104:
5850 return WLAN_CIPHER_SUITE_WEP104;
5851 case WPA_CIPHER_WEP40:
5852 return WLAN_CIPHER_SUITE_WEP40;
5853 case WPA_CIPHER_GTK_NOT_USED:
5854 return WLAN_CIPHER_SUITE_NO_GROUP_ADDR;
5861 static int wpa_cipher_to_cipher_suites(unsigned int ciphers, u32 suites[],
5866 if (num_suites < max_suites && ciphers & WPA_CIPHER_CCMP_256)
5867 suites[num_suites++] = WLAN_CIPHER_SUITE_CCMP_256;
5868 if (num_suites < max_suites && ciphers & WPA_CIPHER_GCMP_256)
5869 suites[num_suites++] = WLAN_CIPHER_SUITE_GCMP_256;
5870 if (num_suites < max_suites && ciphers & WPA_CIPHER_CCMP)
5871 suites[num_suites++] = WLAN_CIPHER_SUITE_CCMP;
5872 if (num_suites < max_suites && ciphers & WPA_CIPHER_GCMP)
5873 suites[num_suites++] = WLAN_CIPHER_SUITE_GCMP;
5874 if (num_suites < max_suites && ciphers & WPA_CIPHER_TKIP)
5875 suites[num_suites++] = WLAN_CIPHER_SUITE_TKIP;
5876 if (num_suites < max_suites && ciphers & WPA_CIPHER_WEP104)
5877 suites[num_suites++] = WLAN_CIPHER_SUITE_WEP104;
5878 if (num_suites < max_suites && ciphers & WPA_CIPHER_WEP40)
5879 suites[num_suites++] = WLAN_CIPHER_SUITE_WEP40;
5885 static int wpa_driver_nl80211_set_key(const char *ifname, struct i802_bss *bss,
5886 enum wpa_alg alg, const u8 *addr,
5887 int key_idx, int set_tx,
5888 const u8 *seq, size_t seq_len,
5889 const u8 *key, size_t key_len)
5891 struct wpa_driver_nl80211_data *drv = bss->drv;
5897 /* Ignore for P2P Device */
5898 if (drv->nlmode == NL80211_IFTYPE_P2P_DEVICE)
5901 ifindex = if_nametoindex(ifname);
5902 wpa_printf(MSG_DEBUG, "%s: ifindex=%d (%s) alg=%d addr=%p key_idx=%d "
5903 "set_tx=%d seq_len=%lu key_len=%lu",
5904 __func__, ifindex, ifname, alg, addr, key_idx, set_tx,
5905 (unsigned long) seq_len, (unsigned long) key_len);
5907 if (key_idx == -1) {
5911 #endif /* CONFIG_TDLS */
5913 msg = nlmsg_alloc();
5917 if (alg == WPA_ALG_NONE) {
5918 nl80211_cmd(drv, msg, 0, NL80211_CMD_DEL_KEY);
5920 nl80211_cmd(drv, msg, 0, NL80211_CMD_NEW_KEY);
5921 NLA_PUT(msg, NL80211_ATTR_KEY_DATA, key_len, key);
5922 wpa_hexdump_key(MSG_DEBUG, "nl80211: KEY_DATA", key, key_len);
5923 NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
5924 wpa_alg_to_cipher_suite(alg, key_len));
5927 if (seq && seq_len) {
5928 NLA_PUT(msg, NL80211_ATTR_KEY_SEQ, seq_len, seq);
5929 wpa_hexdump(MSG_DEBUG, "nl80211: KEY_SEQ", seq, seq_len);
5932 if (addr && !is_broadcast_ether_addr(addr)) {
5933 wpa_printf(MSG_DEBUG, " addr=" MACSTR, MAC2STR(addr));
5934 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
5936 if (alg != WPA_ALG_WEP && key_idx && !set_tx) {
5937 wpa_printf(MSG_DEBUG, " RSN IBSS RX GTK");
5938 NLA_PUT_U32(msg, NL80211_ATTR_KEY_TYPE,
5939 NL80211_KEYTYPE_GROUP);
5941 } else if (addr && is_broadcast_ether_addr(addr)) {
5942 struct nlattr *types;
5944 wpa_printf(MSG_DEBUG, " broadcast key");
5946 types = nla_nest_start(msg, NL80211_ATTR_KEY_DEFAULT_TYPES);
5948 goto nla_put_failure;
5949 NLA_PUT_FLAG(msg, NL80211_KEY_DEFAULT_TYPE_MULTICAST);
5950 nla_nest_end(msg, types);
5952 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, key_idx);
5953 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifindex);
5955 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
5956 if ((ret == -ENOENT || ret == -ENOLINK) && alg == WPA_ALG_NONE)
5959 wpa_printf(MSG_DEBUG, "nl80211: set_key failed; err=%d %s)",
5960 ret, strerror(-ret));
5963 * If we failed or don't need to set the default TX key (below),
5966 if (ret || !set_tx || alg == WPA_ALG_NONE || tdls)
5968 if (is_ap_interface(drv->nlmode) && addr &&
5969 !is_broadcast_ether_addr(addr))
5972 msg = nlmsg_alloc();
5976 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_KEY);
5977 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, key_idx);
5978 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifindex);
5979 if (alg == WPA_ALG_IGTK)
5980 NLA_PUT_FLAG(msg, NL80211_ATTR_KEY_DEFAULT_MGMT);
5982 NLA_PUT_FLAG(msg, NL80211_ATTR_KEY_DEFAULT);
5983 if (addr && is_broadcast_ether_addr(addr)) {
5984 struct nlattr *types;
5986 types = nla_nest_start(msg, NL80211_ATTR_KEY_DEFAULT_TYPES);
5988 goto nla_put_failure;
5989 NLA_PUT_FLAG(msg, NL80211_KEY_DEFAULT_TYPE_MULTICAST);
5990 nla_nest_end(msg, types);
5992 struct nlattr *types;
5994 types = nla_nest_start(msg, NL80211_ATTR_KEY_DEFAULT_TYPES);
5996 goto nla_put_failure;
5997 NLA_PUT_FLAG(msg, NL80211_KEY_DEFAULT_TYPE_UNICAST);
5998 nla_nest_end(msg, types);
6001 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
6005 wpa_printf(MSG_DEBUG, "nl80211: set_key default failed; "
6006 "err=%d %s)", ret, strerror(-ret));
6015 static int nl_add_key(struct nl_msg *msg, enum wpa_alg alg,
6016 int key_idx, int defkey,
6017 const u8 *seq, size_t seq_len,
6018 const u8 *key, size_t key_len)
6020 struct nlattr *key_attr = nla_nest_start(msg, NL80211_ATTR_KEY);
6024 if (defkey && alg == WPA_ALG_IGTK)
6025 NLA_PUT_FLAG(msg, NL80211_KEY_DEFAULT_MGMT);
6027 NLA_PUT_FLAG(msg, NL80211_KEY_DEFAULT);
6029 NLA_PUT_U8(msg, NL80211_KEY_IDX, key_idx);
6031 NLA_PUT_U32(msg, NL80211_KEY_CIPHER,
6032 wpa_alg_to_cipher_suite(alg, key_len));
6035 NLA_PUT(msg, NL80211_KEY_SEQ, seq_len, seq);
6037 NLA_PUT(msg, NL80211_KEY_DATA, key_len, key);
6039 nla_nest_end(msg, key_attr);
6047 static int nl80211_set_conn_keys(struct wpa_driver_associate_params *params,
6051 struct nlattr *nl_keys, *nl_key;
6053 for (i = 0; i < 4; i++) {
6054 if (!params->wep_key[i])
6059 if (params->wps == WPS_MODE_PRIVACY)
6061 if (params->pairwise_suite &&
6062 params->pairwise_suite != WPA_CIPHER_NONE)
6068 NLA_PUT_FLAG(msg, NL80211_ATTR_PRIVACY);
6070 nl_keys = nla_nest_start(msg, NL80211_ATTR_KEYS);
6072 goto nla_put_failure;
6074 for (i = 0; i < 4; i++) {
6075 if (!params->wep_key[i])
6078 nl_key = nla_nest_start(msg, i);
6080 goto nla_put_failure;
6082 NLA_PUT(msg, NL80211_KEY_DATA, params->wep_key_len[i],
6083 params->wep_key[i]);
6084 if (params->wep_key_len[i] == 5)
6085 NLA_PUT_U32(msg, NL80211_KEY_CIPHER,
6086 WLAN_CIPHER_SUITE_WEP40);
6088 NLA_PUT_U32(msg, NL80211_KEY_CIPHER,
6089 WLAN_CIPHER_SUITE_WEP104);
6091 NLA_PUT_U8(msg, NL80211_KEY_IDX, i);
6093 if (i == params->wep_tx_keyidx)
6094 NLA_PUT_FLAG(msg, NL80211_KEY_DEFAULT);
6096 nla_nest_end(msg, nl_key);
6098 nla_nest_end(msg, nl_keys);
6107 static int wpa_driver_nl80211_mlme(struct wpa_driver_nl80211_data *drv,
6108 const u8 *addr, int cmd, u16 reason_code,
6109 int local_state_change)
6114 msg = nlmsg_alloc();
6118 nl80211_cmd(drv, msg, 0, cmd);
6120 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
6121 NLA_PUT_U16(msg, NL80211_ATTR_REASON_CODE, reason_code);
6123 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
6124 if (local_state_change)
6125 NLA_PUT_FLAG(msg, NL80211_ATTR_LOCAL_STATE_CHANGE);
6127 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
6130 wpa_dbg(drv->ctx, MSG_DEBUG,
6131 "nl80211: MLME command failed: reason=%u ret=%d (%s)",
6132 reason_code, ret, strerror(-ret));
6133 goto nla_put_failure;
6143 static int wpa_driver_nl80211_disconnect(struct wpa_driver_nl80211_data *drv,
6148 wpa_printf(MSG_DEBUG, "%s(reason_code=%d)", __func__, reason_code);
6149 nl80211_mark_disconnected(drv);
6150 /* Disconnect command doesn't need BSSID - it uses cached value */
6151 ret = wpa_driver_nl80211_mlme(drv, NULL, NL80211_CMD_DISCONNECT,
6154 * For locally generated disconnect, supplicant already generates a
6155 * DEAUTH event, so ignore the event from NL80211.
6157 drv->ignore_next_local_disconnect = ret == 0;
6163 static int wpa_driver_nl80211_deauthenticate(struct i802_bss *bss,
6164 const u8 *addr, int reason_code)
6166 struct wpa_driver_nl80211_data *drv = bss->drv;
6169 if (drv->nlmode == NL80211_IFTYPE_ADHOC) {
6170 nl80211_mark_disconnected(drv);
6171 return nl80211_leave_ibss(drv);
6173 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME))
6174 return wpa_driver_nl80211_disconnect(drv, reason_code);
6175 wpa_printf(MSG_DEBUG, "%s(addr=" MACSTR " reason_code=%d)",
6176 __func__, MAC2STR(addr), reason_code);
6177 nl80211_mark_disconnected(drv);
6178 ret = wpa_driver_nl80211_mlme(drv, addr, NL80211_CMD_DEAUTHENTICATE,
6181 * For locally generated deauthenticate, supplicant already generates a
6182 * DEAUTH event, so ignore the event from NL80211.
6184 drv->ignore_next_local_deauth = ret == 0;
6189 static void nl80211_copy_auth_params(struct wpa_driver_nl80211_data *drv,
6190 struct wpa_driver_auth_params *params)
6194 drv->auth_freq = params->freq;
6195 drv->auth_alg = params->auth_alg;
6196 drv->auth_wep_tx_keyidx = params->wep_tx_keyidx;
6197 drv->auth_local_state_change = params->local_state_change;
6198 drv->auth_p2p = params->p2p;
6201 os_memcpy(drv->auth_bssid_, params->bssid, ETH_ALEN);
6203 os_memset(drv->auth_bssid_, 0, ETH_ALEN);
6206 os_memcpy(drv->auth_ssid, params->ssid, params->ssid_len);
6207 drv->auth_ssid_len = params->ssid_len;
6209 drv->auth_ssid_len = 0;
6212 os_free(drv->auth_ie);
6213 drv->auth_ie = NULL;
6214 drv->auth_ie_len = 0;
6216 drv->auth_ie = os_malloc(params->ie_len);
6218 os_memcpy(drv->auth_ie, params->ie, params->ie_len);
6219 drv->auth_ie_len = params->ie_len;
6223 for (i = 0; i < 4; i++) {
6224 if (params->wep_key[i] && params->wep_key_len[i] &&
6225 params->wep_key_len[i] <= 16) {
6226 os_memcpy(drv->auth_wep_key[i], params->wep_key[i],
6227 params->wep_key_len[i]);
6228 drv->auth_wep_key_len[i] = params->wep_key_len[i];
6230 drv->auth_wep_key_len[i] = 0;
6235 static int wpa_driver_nl80211_authenticate(
6236 struct i802_bss *bss, struct wpa_driver_auth_params *params)
6238 struct wpa_driver_nl80211_data *drv = bss->drv;
6241 enum nl80211_auth_type type;
6242 enum nl80211_iftype nlmode;
6246 is_retry = drv->retry_auth;
6247 drv->retry_auth = 0;
6248 drv->ignore_deauth_event = 0;
6250 nl80211_mark_disconnected(drv);
6251 os_memset(drv->auth_bssid, 0, ETH_ALEN);
6253 os_memcpy(drv->auth_attempt_bssid, params->bssid, ETH_ALEN);
6255 os_memset(drv->auth_attempt_bssid, 0, ETH_ALEN);
6256 /* FIX: IBSS mode */
6257 nlmode = params->p2p ?
6258 NL80211_IFTYPE_P2P_CLIENT : NL80211_IFTYPE_STATION;
6259 if (drv->nlmode != nlmode &&
6260 wpa_driver_nl80211_set_mode(bss, nlmode) < 0)
6264 msg = nlmsg_alloc();
6268 wpa_printf(MSG_DEBUG, "nl80211: Authenticate (ifindex=%d)",
6271 nl80211_cmd(drv, msg, 0, NL80211_CMD_AUTHENTICATE);
6273 for (i = 0; i < 4; i++) {
6274 if (!params->wep_key[i])
6276 wpa_driver_nl80211_set_key(bss->ifname, bss, WPA_ALG_WEP,
6278 i == params->wep_tx_keyidx, NULL, 0,
6280 params->wep_key_len[i]);
6281 if (params->wep_tx_keyidx != i)
6283 if (nl_add_key(msg, WPA_ALG_WEP, i, 1, NULL, 0,
6284 params->wep_key[i], params->wep_key_len[i])) {
6290 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
6291 if (params->bssid) {
6292 wpa_printf(MSG_DEBUG, " * bssid=" MACSTR,
6293 MAC2STR(params->bssid));
6294 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid);
6297 wpa_printf(MSG_DEBUG, " * freq=%d", params->freq);
6298 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, params->freq);
6301 wpa_hexdump_ascii(MSG_DEBUG, " * SSID",
6302 params->ssid, params->ssid_len);
6303 NLA_PUT(msg, NL80211_ATTR_SSID, params->ssid_len,
6306 wpa_hexdump(MSG_DEBUG, " * IEs", params->ie, params->ie_len);
6308 NLA_PUT(msg, NL80211_ATTR_IE, params->ie_len, params->ie);
6309 if (params->sae_data) {
6310 wpa_hexdump(MSG_DEBUG, " * SAE data", params->sae_data,
6311 params->sae_data_len);
6312 NLA_PUT(msg, NL80211_ATTR_SAE_DATA, params->sae_data_len,
6315 if (params->auth_alg & WPA_AUTH_ALG_OPEN)
6316 type = NL80211_AUTHTYPE_OPEN_SYSTEM;
6317 else if (params->auth_alg & WPA_AUTH_ALG_SHARED)
6318 type = NL80211_AUTHTYPE_SHARED_KEY;
6319 else if (params->auth_alg & WPA_AUTH_ALG_LEAP)
6320 type = NL80211_AUTHTYPE_NETWORK_EAP;
6321 else if (params->auth_alg & WPA_AUTH_ALG_FT)
6322 type = NL80211_AUTHTYPE_FT;
6323 else if (params->auth_alg & WPA_AUTH_ALG_SAE)
6324 type = NL80211_AUTHTYPE_SAE;
6326 goto nla_put_failure;
6327 wpa_printf(MSG_DEBUG, " * Auth Type %d", type);
6328 NLA_PUT_U32(msg, NL80211_ATTR_AUTH_TYPE, type);
6329 if (params->local_state_change) {
6330 wpa_printf(MSG_DEBUG, " * Local state change only");
6331 NLA_PUT_FLAG(msg, NL80211_ATTR_LOCAL_STATE_CHANGE);
6334 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
6337 wpa_dbg(drv->ctx, MSG_DEBUG,
6338 "nl80211: MLME command failed (auth): ret=%d (%s)",
6339 ret, strerror(-ret));
6341 if (ret == -EALREADY && count == 1 && params->bssid &&
6342 !params->local_state_change) {
6344 * mac80211 does not currently accept new
6345 * authentication if we are already authenticated. As a
6346 * workaround, force deauthentication and try again.
6348 wpa_printf(MSG_DEBUG, "nl80211: Retry authentication "
6349 "after forced deauthentication");
6350 drv->ignore_deauth_event = 1;
6351 wpa_driver_nl80211_deauthenticate(
6353 WLAN_REASON_PREV_AUTH_NOT_VALID);
6358 if (ret == -ENOENT && params->freq && !is_retry) {
6360 * cfg80211 has likely expired the BSS entry even
6361 * though it was previously available in our internal
6362 * BSS table. To recover quickly, start a single
6363 * channel scan on the specified channel.
6365 struct wpa_driver_scan_params scan;
6368 os_memset(&scan, 0, sizeof(scan));
6371 scan.ssids[0].ssid = params->ssid;
6372 scan.ssids[0].ssid_len = params->ssid_len;
6374 freqs[0] = params->freq;
6377 wpa_printf(MSG_DEBUG, "nl80211: Trigger single "
6378 "channel scan to refresh cfg80211 BSS "
6380 ret = wpa_driver_nl80211_scan(bss, &scan);
6382 nl80211_copy_auth_params(drv, params);
6383 drv->scan_for_auth = 1;
6385 } else if (is_retry) {
6387 * Need to indicate this with an event since the return
6388 * value from the retry is not delivered to core code.
6390 union wpa_event_data event;
6391 wpa_printf(MSG_DEBUG, "nl80211: Authentication retry "
6393 os_memset(&event, 0, sizeof(event));
6394 os_memcpy(event.timeout_event.addr, drv->auth_bssid_,
6396 wpa_supplicant_event(drv->ctx, EVENT_AUTH_TIMED_OUT,
6400 goto nla_put_failure;
6403 wpa_printf(MSG_DEBUG, "nl80211: Authentication request send "
6412 static int wpa_driver_nl80211_authenticate_retry(
6413 struct wpa_driver_nl80211_data *drv)
6415 struct wpa_driver_auth_params params;
6416 struct i802_bss *bss = drv->first_bss;
6419 wpa_printf(MSG_DEBUG, "nl80211: Try to authenticate again");
6421 os_memset(¶ms, 0, sizeof(params));
6422 params.freq = drv->auth_freq;
6423 params.auth_alg = drv->auth_alg;
6424 params.wep_tx_keyidx = drv->auth_wep_tx_keyidx;
6425 params.local_state_change = drv->auth_local_state_change;
6426 params.p2p = drv->auth_p2p;
6428 if (!is_zero_ether_addr(drv->auth_bssid_))
6429 params.bssid = drv->auth_bssid_;
6431 if (drv->auth_ssid_len) {
6432 params.ssid = drv->auth_ssid;
6433 params.ssid_len = drv->auth_ssid_len;
6436 params.ie = drv->auth_ie;
6437 params.ie_len = drv->auth_ie_len;
6439 for (i = 0; i < 4; i++) {
6440 if (drv->auth_wep_key_len[i]) {
6441 params.wep_key[i] = drv->auth_wep_key[i];
6442 params.wep_key_len[i] = drv->auth_wep_key_len[i];
6446 drv->retry_auth = 1;
6447 return wpa_driver_nl80211_authenticate(bss, ¶ms);
6451 struct phy_info_arg {
6453 struct hostapd_hw_modes *modes;
6454 int last_mode, last_chan_idx;
6457 static void phy_info_ht_capa(struct hostapd_hw_modes *mode, struct nlattr *capa,
6458 struct nlattr *ampdu_factor,
6459 struct nlattr *ampdu_density,
6460 struct nlattr *mcs_set)
6463 mode->ht_capab = nla_get_u16(capa);
6466 mode->a_mpdu_params |= nla_get_u8(ampdu_factor) & 0x03;
6469 mode->a_mpdu_params |= nla_get_u8(ampdu_density) << 2;
6471 if (mcs_set && nla_len(mcs_set) >= 16) {
6473 mcs = nla_data(mcs_set);
6474 os_memcpy(mode->mcs_set, mcs, 16);
6479 static void phy_info_vht_capa(struct hostapd_hw_modes *mode,
6480 struct nlattr *capa,
6481 struct nlattr *mcs_set)
6484 mode->vht_capab = nla_get_u32(capa);
6486 if (mcs_set && nla_len(mcs_set) >= 8) {
6488 mcs = nla_data(mcs_set);
6489 os_memcpy(mode->vht_mcs_set, mcs, 8);
6494 static void phy_info_freq(struct hostapd_hw_modes *mode,
6495 struct hostapd_channel_data *chan,
6496 struct nlattr *tb_freq[])
6499 chan->freq = nla_get_u32(tb_freq[NL80211_FREQUENCY_ATTR_FREQ]);
6501 chan->dfs_cac_ms = 0;
6502 if (ieee80211_freq_to_chan(chan->freq, &channel) != NUM_HOSTAPD_MODES)
6503 chan->chan = channel;
6505 if (tb_freq[NL80211_FREQUENCY_ATTR_DISABLED])
6506 chan->flag |= HOSTAPD_CHAN_DISABLED;
6507 if (tb_freq[NL80211_FREQUENCY_ATTR_NO_IR])
6508 chan->flag |= HOSTAPD_CHAN_PASSIVE_SCAN | HOSTAPD_CHAN_NO_IBSS;
6509 if (tb_freq[NL80211_FREQUENCY_ATTR_RADAR])
6510 chan->flag |= HOSTAPD_CHAN_RADAR;
6512 if (tb_freq[NL80211_FREQUENCY_ATTR_DFS_STATE]) {
6513 enum nl80211_dfs_state state =
6514 nla_get_u32(tb_freq[NL80211_FREQUENCY_ATTR_DFS_STATE]);
6517 case NL80211_DFS_USABLE:
6518 chan->flag |= HOSTAPD_CHAN_DFS_USABLE;
6520 case NL80211_DFS_AVAILABLE:
6521 chan->flag |= HOSTAPD_CHAN_DFS_AVAILABLE;
6523 case NL80211_DFS_UNAVAILABLE:
6524 chan->flag |= HOSTAPD_CHAN_DFS_UNAVAILABLE;
6529 if (tb_freq[NL80211_FREQUENCY_ATTR_DFS_CAC_TIME]) {
6530 chan->dfs_cac_ms = nla_get_u32(
6531 tb_freq[NL80211_FREQUENCY_ATTR_DFS_CAC_TIME]);
6536 static int phy_info_freqs(struct phy_info_arg *phy_info,
6537 struct hostapd_hw_modes *mode, struct nlattr *tb)
6539 static struct nla_policy freq_policy[NL80211_FREQUENCY_ATTR_MAX + 1] = {
6540 [NL80211_FREQUENCY_ATTR_FREQ] = { .type = NLA_U32 },
6541 [NL80211_FREQUENCY_ATTR_DISABLED] = { .type = NLA_FLAG },
6542 [NL80211_FREQUENCY_ATTR_NO_IR] = { .type = NLA_FLAG },
6543 [NL80211_FREQUENCY_ATTR_RADAR] = { .type = NLA_FLAG },
6544 [NL80211_FREQUENCY_ATTR_MAX_TX_POWER] = { .type = NLA_U32 },
6545 [NL80211_FREQUENCY_ATTR_DFS_STATE] = { .type = NLA_U32 },
6547 int new_channels = 0;
6548 struct hostapd_channel_data *channel;
6549 struct nlattr *tb_freq[NL80211_FREQUENCY_ATTR_MAX + 1];
6550 struct nlattr *nl_freq;
6556 nla_for_each_nested(nl_freq, tb, rem_freq) {
6557 nla_parse(tb_freq, NL80211_FREQUENCY_ATTR_MAX,
6558 nla_data(nl_freq), nla_len(nl_freq), freq_policy);
6559 if (!tb_freq[NL80211_FREQUENCY_ATTR_FREQ])
6564 channel = os_realloc_array(mode->channels,
6565 mode->num_channels + new_channels,
6566 sizeof(struct hostapd_channel_data));
6570 mode->channels = channel;
6571 mode->num_channels += new_channels;
6573 idx = phy_info->last_chan_idx;
6575 nla_for_each_nested(nl_freq, tb, rem_freq) {
6576 nla_parse(tb_freq, NL80211_FREQUENCY_ATTR_MAX,
6577 nla_data(nl_freq), nla_len(nl_freq), freq_policy);
6578 if (!tb_freq[NL80211_FREQUENCY_ATTR_FREQ])
6580 phy_info_freq(mode, &mode->channels[idx], tb_freq);
6583 phy_info->last_chan_idx = idx;
6589 static int phy_info_rates(struct hostapd_hw_modes *mode, struct nlattr *tb)
6591 static struct nla_policy rate_policy[NL80211_BITRATE_ATTR_MAX + 1] = {
6592 [NL80211_BITRATE_ATTR_RATE] = { .type = NLA_U32 },
6593 [NL80211_BITRATE_ATTR_2GHZ_SHORTPREAMBLE] =
6594 { .type = NLA_FLAG },
6596 struct nlattr *tb_rate[NL80211_BITRATE_ATTR_MAX + 1];
6597 struct nlattr *nl_rate;
6603 nla_for_each_nested(nl_rate, tb, rem_rate) {
6604 nla_parse(tb_rate, NL80211_BITRATE_ATTR_MAX,
6605 nla_data(nl_rate), nla_len(nl_rate),
6607 if (!tb_rate[NL80211_BITRATE_ATTR_RATE])
6612 mode->rates = os_calloc(mode->num_rates, sizeof(int));
6618 nla_for_each_nested(nl_rate, tb, rem_rate) {
6619 nla_parse(tb_rate, NL80211_BITRATE_ATTR_MAX,
6620 nla_data(nl_rate), nla_len(nl_rate),
6622 if (!tb_rate[NL80211_BITRATE_ATTR_RATE])
6624 mode->rates[idx] = nla_get_u32(
6625 tb_rate[NL80211_BITRATE_ATTR_RATE]);
6633 static int phy_info_band(struct phy_info_arg *phy_info, struct nlattr *nl_band)
6635 struct nlattr *tb_band[NL80211_BAND_ATTR_MAX + 1];
6636 struct hostapd_hw_modes *mode;
6639 if (phy_info->last_mode != nl_band->nla_type) {
6640 mode = os_realloc_array(phy_info->modes,
6641 *phy_info->num_modes + 1,
6645 phy_info->modes = mode;
6647 mode = &phy_info->modes[*(phy_info->num_modes)];
6648 os_memset(mode, 0, sizeof(*mode));
6649 mode->mode = NUM_HOSTAPD_MODES;
6650 mode->flags = HOSTAPD_MODE_FLAG_HT_INFO_KNOWN |
6651 HOSTAPD_MODE_FLAG_VHT_INFO_KNOWN;
6654 * Unsupported VHT MCS stream is defined as value 3, so the VHT
6655 * MCS RX/TX map must be initialized with 0xffff to mark all 8
6656 * possible streams as unsupported. This will be overridden if
6657 * driver advertises VHT support.
6659 mode->vht_mcs_set[0] = 0xff;
6660 mode->vht_mcs_set[1] = 0xff;
6661 mode->vht_mcs_set[4] = 0xff;
6662 mode->vht_mcs_set[5] = 0xff;
6664 *(phy_info->num_modes) += 1;
6665 phy_info->last_mode = nl_band->nla_type;
6666 phy_info->last_chan_idx = 0;
6668 mode = &phy_info->modes[*(phy_info->num_modes) - 1];
6670 nla_parse(tb_band, NL80211_BAND_ATTR_MAX, nla_data(nl_band),
6671 nla_len(nl_band), NULL);
6673 phy_info_ht_capa(mode, tb_band[NL80211_BAND_ATTR_HT_CAPA],
6674 tb_band[NL80211_BAND_ATTR_HT_AMPDU_FACTOR],
6675 tb_band[NL80211_BAND_ATTR_HT_AMPDU_DENSITY],
6676 tb_band[NL80211_BAND_ATTR_HT_MCS_SET]);
6677 phy_info_vht_capa(mode, tb_band[NL80211_BAND_ATTR_VHT_CAPA],
6678 tb_band[NL80211_BAND_ATTR_VHT_MCS_SET]);
6679 ret = phy_info_freqs(phy_info, mode, tb_band[NL80211_BAND_ATTR_FREQS]);
6682 ret = phy_info_rates(mode, tb_band[NL80211_BAND_ATTR_RATES]);
6690 static int phy_info_handler(struct nl_msg *msg, void *arg)
6692 struct nlattr *tb_msg[NL80211_ATTR_MAX + 1];
6693 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
6694 struct phy_info_arg *phy_info = arg;
6695 struct nlattr *nl_band;
6698 nla_parse(tb_msg, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
6699 genlmsg_attrlen(gnlh, 0), NULL);
6701 if (!tb_msg[NL80211_ATTR_WIPHY_BANDS])
6704 nla_for_each_nested(nl_band, tb_msg[NL80211_ATTR_WIPHY_BANDS], rem_band)
6706 int res = phy_info_band(phy_info, nl_band);
6715 static struct hostapd_hw_modes *
6716 wpa_driver_nl80211_postprocess_modes(struct hostapd_hw_modes *modes,
6720 struct hostapd_hw_modes *mode11g = NULL, *nmodes, *mode;
6721 int i, mode11g_idx = -1;
6723 /* heuristic to set up modes */
6724 for (m = 0; m < *num_modes; m++) {
6725 if (!modes[m].num_channels)
6727 if (modes[m].channels[0].freq < 4000) {
6728 modes[m].mode = HOSTAPD_MODE_IEEE80211B;
6729 for (i = 0; i < modes[m].num_rates; i++) {
6730 if (modes[m].rates[i] > 200) {
6731 modes[m].mode = HOSTAPD_MODE_IEEE80211G;
6735 } else if (modes[m].channels[0].freq > 50000)
6736 modes[m].mode = HOSTAPD_MODE_IEEE80211AD;
6738 modes[m].mode = HOSTAPD_MODE_IEEE80211A;
6741 /* If only 802.11g mode is included, use it to construct matching
6742 * 802.11b mode data. */
6744 for (m = 0; m < *num_modes; m++) {
6745 if (modes[m].mode == HOSTAPD_MODE_IEEE80211B)
6746 return modes; /* 802.11b already included */
6747 if (modes[m].mode == HOSTAPD_MODE_IEEE80211G)
6751 if (mode11g_idx < 0)
6752 return modes; /* 2.4 GHz band not supported at all */
6754 nmodes = os_realloc_array(modes, *num_modes + 1, sizeof(*nmodes));
6756 return modes; /* Could not add 802.11b mode */
6758 mode = &nmodes[*num_modes];
6759 os_memset(mode, 0, sizeof(*mode));
6763 mode->mode = HOSTAPD_MODE_IEEE80211B;
6765 mode11g = &modes[mode11g_idx];
6766 mode->num_channels = mode11g->num_channels;
6767 mode->channels = os_malloc(mode11g->num_channels *
6768 sizeof(struct hostapd_channel_data));
6769 if (mode->channels == NULL) {
6771 return modes; /* Could not add 802.11b mode */
6773 os_memcpy(mode->channels, mode11g->channels,
6774 mode11g->num_channels * sizeof(struct hostapd_channel_data));
6776 mode->num_rates = 0;
6777 mode->rates = os_malloc(4 * sizeof(int));
6778 if (mode->rates == NULL) {
6779 os_free(mode->channels);
6781 return modes; /* Could not add 802.11b mode */
6784 for (i = 0; i < mode11g->num_rates; i++) {
6785 if (mode11g->rates[i] != 10 && mode11g->rates[i] != 20 &&
6786 mode11g->rates[i] != 55 && mode11g->rates[i] != 110)
6788 mode->rates[mode->num_rates] = mode11g->rates[i];
6790 if (mode->num_rates == 4)
6794 if (mode->num_rates == 0) {
6795 os_free(mode->channels);
6796 os_free(mode->rates);
6798 return modes; /* No 802.11b rates */
6801 wpa_printf(MSG_DEBUG, "nl80211: Added 802.11b mode based on 802.11g "
6808 static void nl80211_set_ht40_mode(struct hostapd_hw_modes *mode, int start,
6813 for (c = 0; c < mode->num_channels; c++) {
6814 struct hostapd_channel_data *chan = &mode->channels[c];
6815 if (chan->freq - 10 >= start && chan->freq + 10 <= end)
6816 chan->flag |= HOSTAPD_CHAN_HT40;
6821 static void nl80211_set_ht40_mode_sec(struct hostapd_hw_modes *mode, int start,
6826 for (c = 0; c < mode->num_channels; c++) {
6827 struct hostapd_channel_data *chan = &mode->channels[c];
6828 if (!(chan->flag & HOSTAPD_CHAN_HT40))
6830 if (chan->freq - 30 >= start && chan->freq - 10 <= end)
6831 chan->flag |= HOSTAPD_CHAN_HT40MINUS;
6832 if (chan->freq + 10 >= start && chan->freq + 30 <= end)
6833 chan->flag |= HOSTAPD_CHAN_HT40PLUS;
6838 static void nl80211_reg_rule_max_eirp(u32 start, u32 end, u32 max_eirp,
6839 struct phy_info_arg *results)
6843 for (m = 0; m < *results->num_modes; m++) {
6845 struct hostapd_hw_modes *mode = &results->modes[m];
6847 for (c = 0; c < mode->num_channels; c++) {
6848 struct hostapd_channel_data *chan = &mode->channels[c];
6849 if ((u32) chan->freq - 10 >= start &&
6850 (u32) chan->freq + 10 <= end)
6851 chan->max_tx_power = max_eirp;
6857 static void nl80211_reg_rule_ht40(u32 start, u32 end,
6858 struct phy_info_arg *results)
6862 for (m = 0; m < *results->num_modes; m++) {
6863 if (!(results->modes[m].ht_capab &
6864 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET))
6866 nl80211_set_ht40_mode(&results->modes[m], start, end);
6871 static void nl80211_reg_rule_sec(struct nlattr *tb[],
6872 struct phy_info_arg *results)
6874 u32 start, end, max_bw;
6877 if (tb[NL80211_ATTR_FREQ_RANGE_START] == NULL ||
6878 tb[NL80211_ATTR_FREQ_RANGE_END] == NULL ||
6879 tb[NL80211_ATTR_FREQ_RANGE_MAX_BW] == NULL)
6882 start = nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_START]) / 1000;
6883 end = nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_END]) / 1000;
6884 max_bw = nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_MAX_BW]) / 1000;
6889 for (m = 0; m < *results->num_modes; m++) {
6890 if (!(results->modes[m].ht_capab &
6891 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET))
6893 nl80211_set_ht40_mode_sec(&results->modes[m], start, end);
6898 static void nl80211_set_vht_mode(struct hostapd_hw_modes *mode, int start,
6903 for (c = 0; c < mode->num_channels; c++) {
6904 struct hostapd_channel_data *chan = &mode->channels[c];
6905 if (chan->freq - 10 >= start && chan->freq + 70 <= end)
6906 chan->flag |= HOSTAPD_CHAN_VHT_10_70;
6908 if (chan->freq - 30 >= start && chan->freq + 50 <= end)
6909 chan->flag |= HOSTAPD_CHAN_VHT_30_50;
6911 if (chan->freq - 50 >= start && chan->freq + 30 <= end)
6912 chan->flag |= HOSTAPD_CHAN_VHT_50_30;
6914 if (chan->freq - 70 >= start && chan->freq + 10 <= end)
6915 chan->flag |= HOSTAPD_CHAN_VHT_70_10;
6920 static void nl80211_reg_rule_vht(struct nlattr *tb[],
6921 struct phy_info_arg *results)
6923 u32 start, end, max_bw;
6926 if (tb[NL80211_ATTR_FREQ_RANGE_START] == NULL ||
6927 tb[NL80211_ATTR_FREQ_RANGE_END] == NULL ||
6928 tb[NL80211_ATTR_FREQ_RANGE_MAX_BW] == NULL)
6931 start = nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_START]) / 1000;
6932 end = nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_END]) / 1000;
6933 max_bw = nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_MAX_BW]) / 1000;
6938 for (m = 0; m < *results->num_modes; m++) {
6939 if (!(results->modes[m].ht_capab &
6940 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET))
6942 /* TODO: use a real VHT support indication */
6943 if (!results->modes[m].vht_capab)
6946 nl80211_set_vht_mode(&results->modes[m], start, end);
6951 static const char * dfs_domain_name(enum nl80211_dfs_regions region)
6954 case NL80211_DFS_UNSET:
6956 case NL80211_DFS_FCC:
6958 case NL80211_DFS_ETSI:
6960 case NL80211_DFS_JP:
6963 return "DFS-invalid";
6968 static int nl80211_get_reg(struct nl_msg *msg, void *arg)
6970 struct phy_info_arg *results = arg;
6971 struct nlattr *tb_msg[NL80211_ATTR_MAX + 1];
6972 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
6973 struct nlattr *nl_rule;
6974 struct nlattr *tb_rule[NL80211_FREQUENCY_ATTR_MAX + 1];
6976 static struct nla_policy reg_policy[NL80211_FREQUENCY_ATTR_MAX + 1] = {
6977 [NL80211_ATTR_REG_RULE_FLAGS] = { .type = NLA_U32 },
6978 [NL80211_ATTR_FREQ_RANGE_START] = { .type = NLA_U32 },
6979 [NL80211_ATTR_FREQ_RANGE_END] = { .type = NLA_U32 },
6980 [NL80211_ATTR_FREQ_RANGE_MAX_BW] = { .type = NLA_U32 },
6981 [NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN] = { .type = NLA_U32 },
6982 [NL80211_ATTR_POWER_RULE_MAX_EIRP] = { .type = NLA_U32 },
6985 nla_parse(tb_msg, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
6986 genlmsg_attrlen(gnlh, 0), NULL);
6987 if (!tb_msg[NL80211_ATTR_REG_ALPHA2] ||
6988 !tb_msg[NL80211_ATTR_REG_RULES]) {
6989 wpa_printf(MSG_DEBUG, "nl80211: No regulatory information "
6994 if (tb_msg[NL80211_ATTR_DFS_REGION]) {
6995 enum nl80211_dfs_regions dfs_domain;
6996 dfs_domain = nla_get_u8(tb_msg[NL80211_ATTR_DFS_REGION]);
6997 wpa_printf(MSG_DEBUG, "nl80211: Regulatory information - country=%s (%s)",
6998 (char *) nla_data(tb_msg[NL80211_ATTR_REG_ALPHA2]),
6999 dfs_domain_name(dfs_domain));
7001 wpa_printf(MSG_DEBUG, "nl80211: Regulatory information - country=%s",
7002 (char *) nla_data(tb_msg[NL80211_ATTR_REG_ALPHA2]));
7005 nla_for_each_nested(nl_rule, tb_msg[NL80211_ATTR_REG_RULES], rem_rule)
7007 u32 start, end, max_eirp = 0, max_bw = 0, flags = 0;
7008 nla_parse(tb_rule, NL80211_FREQUENCY_ATTR_MAX,
7009 nla_data(nl_rule), nla_len(nl_rule), reg_policy);
7010 if (tb_rule[NL80211_ATTR_FREQ_RANGE_START] == NULL ||
7011 tb_rule[NL80211_ATTR_FREQ_RANGE_END] == NULL)
7013 start = nla_get_u32(tb_rule[NL80211_ATTR_FREQ_RANGE_START]) / 1000;
7014 end = nla_get_u32(tb_rule[NL80211_ATTR_FREQ_RANGE_END]) / 1000;
7015 if (tb_rule[NL80211_ATTR_POWER_RULE_MAX_EIRP])
7016 max_eirp = nla_get_u32(tb_rule[NL80211_ATTR_POWER_RULE_MAX_EIRP]) / 100;
7017 if (tb_rule[NL80211_ATTR_FREQ_RANGE_MAX_BW])
7018 max_bw = nla_get_u32(tb_rule[NL80211_ATTR_FREQ_RANGE_MAX_BW]) / 1000;
7019 if (tb_rule[NL80211_ATTR_REG_RULE_FLAGS])
7020 flags = nla_get_u32(tb_rule[NL80211_ATTR_REG_RULE_FLAGS]);
7022 wpa_printf(MSG_DEBUG, "nl80211: %u-%u @ %u MHz %u mBm%s%s%s%s%s%s%s%s",
7023 start, end, max_bw, max_eirp,
7024 flags & NL80211_RRF_NO_OFDM ? " (no OFDM)" : "",
7025 flags & NL80211_RRF_NO_CCK ? " (no CCK)" : "",
7026 flags & NL80211_RRF_NO_INDOOR ? " (no indoor)" : "",
7027 flags & NL80211_RRF_NO_OUTDOOR ? " (no outdoor)" :
7029 flags & NL80211_RRF_DFS ? " (DFS)" : "",
7030 flags & NL80211_RRF_PTP_ONLY ? " (PTP only)" : "",
7031 flags & NL80211_RRF_PTMP_ONLY ? " (PTMP only)" : "",
7032 flags & NL80211_RRF_NO_IR ? " (no IR)" : "");
7034 nl80211_reg_rule_ht40(start, end, results);
7035 if (tb_rule[NL80211_ATTR_POWER_RULE_MAX_EIRP])
7036 nl80211_reg_rule_max_eirp(start, end, max_eirp,
7040 nla_for_each_nested(nl_rule, tb_msg[NL80211_ATTR_REG_RULES], rem_rule)
7042 nla_parse(tb_rule, NL80211_FREQUENCY_ATTR_MAX,
7043 nla_data(nl_rule), nla_len(nl_rule), reg_policy);
7044 nl80211_reg_rule_sec(tb_rule, results);
7047 nla_for_each_nested(nl_rule, tb_msg[NL80211_ATTR_REG_RULES], rem_rule)
7049 nla_parse(tb_rule, NL80211_FREQUENCY_ATTR_MAX,
7050 nla_data(nl_rule), nla_len(nl_rule), reg_policy);
7051 nl80211_reg_rule_vht(tb_rule, results);
7058 static int nl80211_set_regulatory_flags(struct wpa_driver_nl80211_data *drv,
7059 struct phy_info_arg *results)
7063 msg = nlmsg_alloc();
7067 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_REG);
7068 return send_and_recv_msgs(drv, msg, nl80211_get_reg, results);
7072 static struct hostapd_hw_modes *
7073 wpa_driver_nl80211_get_hw_feature_data(void *priv, u16 *num_modes, u16 *flags)
7076 struct i802_bss *bss = priv;
7077 struct wpa_driver_nl80211_data *drv = bss->drv;
7079 struct phy_info_arg result = {
7080 .num_modes = num_modes,
7088 msg = nlmsg_alloc();
7092 feat = get_nl80211_protocol_features(drv);
7093 if (feat & NL80211_PROTOCOL_FEATURE_SPLIT_WIPHY_DUMP)
7094 nl80211_cmd(drv, msg, NLM_F_DUMP, NL80211_CMD_GET_WIPHY);
7096 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_WIPHY);
7098 NLA_PUT_FLAG(msg, NL80211_ATTR_SPLIT_WIPHY_DUMP);
7099 if (nl80211_set_iface_id(msg, bss) < 0)
7100 goto nla_put_failure;
7102 if (send_and_recv_msgs(drv, msg, phy_info_handler, &result) == 0) {
7103 nl80211_set_regulatory_flags(drv, &result);
7104 return wpa_driver_nl80211_postprocess_modes(result.modes,
7114 static int wpa_driver_nl80211_send_mntr(struct wpa_driver_nl80211_data *drv,
7115 const void *data, size_t len,
7116 int encrypt, int noack)
7119 0x00, 0x00, /* radiotap version */
7120 0x0e, 0x00, /* radiotap length */
7121 0x02, 0xc0, 0x00, 0x00, /* bmap: flags, tx and rx flags */
7122 IEEE80211_RADIOTAP_F_FRAG, /* F_FRAG (fragment if required) */
7124 0x00, 0x00, /* RX and TX flags to indicate that */
7125 0x00, 0x00, /* this is the injected frame directly */
7127 struct iovec iov[2] = {
7129 .iov_base = &rtap_hdr,
7130 .iov_len = sizeof(rtap_hdr),
7133 .iov_base = (void *) data,
7137 struct msghdr msg = {
7142 .msg_control = NULL,
7143 .msg_controllen = 0,
7150 rtap_hdr[8] |= IEEE80211_RADIOTAP_F_WEP;
7152 if (drv->monitor_sock < 0) {
7153 wpa_printf(MSG_DEBUG, "nl80211: No monitor socket available "
7154 "for %s", __func__);
7159 txflags |= IEEE80211_RADIOTAP_F_TX_NOACK;
7160 WPA_PUT_LE16(&rtap_hdr[12], txflags);
7162 res = sendmsg(drv->monitor_sock, &msg, 0);
7164 wpa_printf(MSG_INFO, "nl80211: sendmsg: %s", strerror(errno));
7171 static int wpa_driver_nl80211_send_frame(struct i802_bss *bss,
7172 const void *data, size_t len,
7173 int encrypt, int noack,
7174 unsigned int freq, int no_cck,
7175 int offchanok, unsigned int wait_time)
7177 struct wpa_driver_nl80211_data *drv = bss->drv;
7181 if (freq == 0 && drv->nlmode == NL80211_IFTYPE_ADHOC) {
7182 freq = nl80211_get_assoc_freq(drv);
7183 wpa_printf(MSG_DEBUG,
7184 "nl80211: send_frame - Use assoc_freq=%u for IBSS",
7188 wpa_printf(MSG_DEBUG, "nl80211: send_frame - Use bss->freq=%u",
7193 if (drv->use_monitor) {
7194 wpa_printf(MSG_DEBUG, "nl80211: send_frame(freq=%u bss->freq=%u) -> send_mntr",
7196 return wpa_driver_nl80211_send_mntr(drv, data, len,
7200 wpa_printf(MSG_DEBUG, "nl80211: send_frame -> send_frame_cmd");
7201 res = nl80211_send_frame_cmd(bss, freq, wait_time, data, len,
7202 &cookie, no_cck, noack, offchanok);
7203 if (res == 0 && !noack) {
7204 const struct ieee80211_mgmt *mgmt;
7207 mgmt = (const struct ieee80211_mgmt *) data;
7208 fc = le_to_host16(mgmt->frame_control);
7209 if (WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT &&
7210 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_ACTION) {
7211 wpa_printf(MSG_MSGDUMP,
7212 "nl80211: Update send_action_cookie from 0x%llx to 0x%llx",
7213 (long long unsigned int)
7214 drv->send_action_cookie,
7215 (long long unsigned int) cookie);
7216 drv->send_action_cookie = cookie;
7224 static int wpa_driver_nl80211_send_mlme(struct i802_bss *bss, const u8 *data,
7225 size_t data_len, int noack,
7226 unsigned int freq, int no_cck,
7228 unsigned int wait_time)
7230 struct wpa_driver_nl80211_data *drv = bss->drv;
7231 struct ieee80211_mgmt *mgmt;
7235 mgmt = (struct ieee80211_mgmt *) data;
7236 fc = le_to_host16(mgmt->frame_control);
7237 wpa_printf(MSG_DEBUG, "nl80211: send_mlme - da= " MACSTR
7238 " noack=%d freq=%u no_cck=%d offchanok=%d wait_time=%u fc=0x%x (%s) nlmode=%d",
7239 MAC2STR(mgmt->da), noack, freq, no_cck, offchanok, wait_time,
7240 fc, fc2str(fc), drv->nlmode);
7242 if ((is_sta_interface(drv->nlmode) ||
7243 drv->nlmode == NL80211_IFTYPE_P2P_DEVICE) &&
7244 WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT &&
7245 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_PROBE_RESP) {
7247 * The use of last_mgmt_freq is a bit of a hack,
7248 * but it works due to the single-threaded nature
7249 * of wpa_supplicant.
7252 wpa_printf(MSG_DEBUG, "nl80211: Use last_mgmt_freq=%d",
7253 drv->last_mgmt_freq);
7254 freq = drv->last_mgmt_freq;
7256 return nl80211_send_frame_cmd(bss, freq, 0,
7257 data, data_len, NULL, 1, noack,
7261 if (drv->device_ap_sme && is_ap_interface(drv->nlmode)) {
7263 wpa_printf(MSG_DEBUG, "nl80211: Use bss->freq=%d",
7267 return nl80211_send_frame_cmd(bss, freq,
7268 (int) freq == bss->freq ? 0 :
7271 &drv->send_action_cookie,
7272 no_cck, noack, offchanok);
7275 if (WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT &&
7276 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_AUTH) {
7278 * Only one of the authentication frame types is encrypted.
7279 * In order for static WEP encryption to work properly (i.e.,
7280 * to not encrypt the frame), we need to tell mac80211 about
7281 * the frames that must not be encrypted.
7283 u16 auth_alg = le_to_host16(mgmt->u.auth.auth_alg);
7284 u16 auth_trans = le_to_host16(mgmt->u.auth.auth_transaction);
7285 if (auth_alg != WLAN_AUTH_SHARED_KEY || auth_trans != 3)
7289 wpa_printf(MSG_DEBUG, "nl80211: send_mlme -> send_frame");
7290 return wpa_driver_nl80211_send_frame(bss, data, data_len, encrypt,
7291 noack, freq, no_cck, offchanok,
7296 static int nl80211_set_bss(struct i802_bss *bss, int cts, int preamble,
7297 int slot, int ht_opmode, int ap_isolate,
7300 struct wpa_driver_nl80211_data *drv = bss->drv;
7303 msg = nlmsg_alloc();
7307 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_BSS);
7310 NLA_PUT_U8(msg, NL80211_ATTR_BSS_CTS_PROT, cts);
7312 NLA_PUT_U8(msg, NL80211_ATTR_BSS_SHORT_PREAMBLE, preamble);
7314 NLA_PUT_U8(msg, NL80211_ATTR_BSS_SHORT_SLOT_TIME, slot);
7316 NLA_PUT_U16(msg, NL80211_ATTR_BSS_HT_OPMODE, ht_opmode);
7317 if (ap_isolate >= 0)
7318 NLA_PUT_U8(msg, NL80211_ATTR_AP_ISOLATE, ap_isolate);
7321 u8 rates[NL80211_MAX_SUPP_RATES];
7325 for (i = 0; i < NL80211_MAX_SUPP_RATES && basic_rates[i] >= 0;
7327 rates[rates_len++] = basic_rates[i] / 5;
7329 NLA_PUT(msg, NL80211_ATTR_BSS_BASIC_RATES, rates_len, rates);
7332 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(bss->ifname));
7334 return send_and_recv_msgs(drv, msg, NULL, NULL);
7341 static int wpa_driver_nl80211_set_acl(void *priv,
7342 struct hostapd_acl_params *params)
7344 struct i802_bss *bss = priv;
7345 struct wpa_driver_nl80211_data *drv = bss->drv;
7351 if (!(drv->capa.max_acl_mac_addrs))
7354 if (params->num_mac_acl > drv->capa.max_acl_mac_addrs)
7357 msg = nlmsg_alloc();
7361 wpa_printf(MSG_DEBUG, "nl80211: Set %s ACL (num_mac_acl=%u)",
7362 params->acl_policy ? "Accept" : "Deny", params->num_mac_acl);
7364 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_MAC_ACL);
7366 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
7368 NLA_PUT_U32(msg, NL80211_ATTR_ACL_POLICY, params->acl_policy ?
7369 NL80211_ACL_POLICY_DENY_UNLESS_LISTED :
7370 NL80211_ACL_POLICY_ACCEPT_UNLESS_LISTED);
7372 acl = nla_nest_start(msg, NL80211_ATTR_MAC_ADDRS);
7374 goto nla_put_failure;
7376 for (i = 0; i < params->num_mac_acl; i++)
7377 NLA_PUT(msg, i + 1, ETH_ALEN, params->mac_acl[i].addr);
7379 nla_nest_end(msg, acl);
7381 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
7384 wpa_printf(MSG_DEBUG, "nl80211: Failed to set MAC ACL: %d (%s)",
7385 ret, strerror(-ret));
7395 static int wpa_driver_nl80211_set_ap(void *priv,
7396 struct wpa_driver_ap_params *params)
7398 struct i802_bss *bss = priv;
7399 struct wpa_driver_nl80211_data *drv = bss->drv;
7401 u8 cmd = NL80211_CMD_NEW_BEACON;
7404 int ifindex = if_nametoindex(bss->ifname);
7406 u32 suites[10], suite;
7409 beacon_set = bss->beacon_set;
7411 msg = nlmsg_alloc();
7415 wpa_printf(MSG_DEBUG, "nl80211: Set beacon (beacon_set=%d)",
7418 cmd = NL80211_CMD_SET_BEACON;
7420 nl80211_cmd(drv, msg, 0, cmd);
7421 wpa_hexdump(MSG_DEBUG, "nl80211: Beacon head",
7422 params->head, params->head_len);
7423 NLA_PUT(msg, NL80211_ATTR_BEACON_HEAD, params->head_len, params->head);
7424 wpa_hexdump(MSG_DEBUG, "nl80211: Beacon tail",
7425 params->tail, params->tail_len);
7426 NLA_PUT(msg, NL80211_ATTR_BEACON_TAIL, params->tail_len, params->tail);
7427 wpa_printf(MSG_DEBUG, "nl80211: ifindex=%d", ifindex);
7428 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifindex);
7429 wpa_printf(MSG_DEBUG, "nl80211: beacon_int=%d", params->beacon_int);
7430 NLA_PUT_U32(msg, NL80211_ATTR_BEACON_INTERVAL, params->beacon_int);
7431 wpa_printf(MSG_DEBUG, "nl80211: dtim_period=%d", params->dtim_period);
7432 NLA_PUT_U32(msg, NL80211_ATTR_DTIM_PERIOD, params->dtim_period);
7433 wpa_hexdump_ascii(MSG_DEBUG, "nl80211: ssid",
7434 params->ssid, params->ssid_len);
7435 NLA_PUT(msg, NL80211_ATTR_SSID, params->ssid_len,
7437 if (params->proberesp && params->proberesp_len) {
7438 wpa_hexdump(MSG_DEBUG, "nl80211: proberesp (offload)",
7439 params->proberesp, params->proberesp_len);
7440 NLA_PUT(msg, NL80211_ATTR_PROBE_RESP, params->proberesp_len,
7443 switch (params->hide_ssid) {
7444 case NO_SSID_HIDING:
7445 wpa_printf(MSG_DEBUG, "nl80211: hidden SSID not in use");
7446 NLA_PUT_U32(msg, NL80211_ATTR_HIDDEN_SSID,
7447 NL80211_HIDDEN_SSID_NOT_IN_USE);
7449 case HIDDEN_SSID_ZERO_LEN:
7450 wpa_printf(MSG_DEBUG, "nl80211: hidden SSID zero len");
7451 NLA_PUT_U32(msg, NL80211_ATTR_HIDDEN_SSID,
7452 NL80211_HIDDEN_SSID_ZERO_LEN);
7454 case HIDDEN_SSID_ZERO_CONTENTS:
7455 wpa_printf(MSG_DEBUG, "nl80211: hidden SSID zero contents");
7456 NLA_PUT_U32(msg, NL80211_ATTR_HIDDEN_SSID,
7457 NL80211_HIDDEN_SSID_ZERO_CONTENTS);
7460 wpa_printf(MSG_DEBUG, "nl80211: privacy=%d", params->privacy);
7461 if (params->privacy)
7462 NLA_PUT_FLAG(msg, NL80211_ATTR_PRIVACY);
7463 wpa_printf(MSG_DEBUG, "nl80211: auth_algs=0x%x", params->auth_algs);
7464 if ((params->auth_algs & (WPA_AUTH_ALG_OPEN | WPA_AUTH_ALG_SHARED)) ==
7465 (WPA_AUTH_ALG_OPEN | WPA_AUTH_ALG_SHARED)) {
7466 /* Leave out the attribute */
7467 } else if (params->auth_algs & WPA_AUTH_ALG_SHARED)
7468 NLA_PUT_U32(msg, NL80211_ATTR_AUTH_TYPE,
7469 NL80211_AUTHTYPE_SHARED_KEY);
7471 NLA_PUT_U32(msg, NL80211_ATTR_AUTH_TYPE,
7472 NL80211_AUTHTYPE_OPEN_SYSTEM);
7474 wpa_printf(MSG_DEBUG, "nl80211: wpa_version=0x%x", params->wpa_version);
7476 if (params->wpa_version & WPA_PROTO_WPA)
7477 ver |= NL80211_WPA_VERSION_1;
7478 if (params->wpa_version & WPA_PROTO_RSN)
7479 ver |= NL80211_WPA_VERSION_2;
7481 NLA_PUT_U32(msg, NL80211_ATTR_WPA_VERSIONS, ver);
7483 wpa_printf(MSG_DEBUG, "nl80211: key_mgmt_suites=0x%x",
7484 params->key_mgmt_suites);
7486 if (params->key_mgmt_suites & WPA_KEY_MGMT_IEEE8021X)
7487 suites[num_suites++] = WLAN_AKM_SUITE_8021X;
7488 if (params->key_mgmt_suites & WPA_KEY_MGMT_PSK)
7489 suites[num_suites++] = WLAN_AKM_SUITE_PSK;
7491 NLA_PUT(msg, NL80211_ATTR_AKM_SUITES,
7492 num_suites * sizeof(u32), suites);
7495 if (params->key_mgmt_suites & WPA_KEY_MGMT_IEEE8021X &&
7496 params->pairwise_ciphers & (WPA_CIPHER_WEP104 | WPA_CIPHER_WEP40))
7497 NLA_PUT_FLAG(msg, NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT);
7499 wpa_printf(MSG_DEBUG, "nl80211: pairwise_ciphers=0x%x",
7500 params->pairwise_ciphers);
7501 num_suites = wpa_cipher_to_cipher_suites(params->pairwise_ciphers,
7502 suites, ARRAY_SIZE(suites));
7504 NLA_PUT(msg, NL80211_ATTR_CIPHER_SUITES_PAIRWISE,
7505 num_suites * sizeof(u32), suites);
7508 wpa_printf(MSG_DEBUG, "nl80211: group_cipher=0x%x",
7509 params->group_cipher);
7510 suite = wpa_cipher_to_cipher_suite(params->group_cipher);
7512 NLA_PUT_U32(msg, NL80211_ATTR_CIPHER_SUITE_GROUP, suite);
7514 if (params->beacon_ies) {
7515 wpa_hexdump_buf(MSG_DEBUG, "nl80211: beacon_ies",
7516 params->beacon_ies);
7517 NLA_PUT(msg, NL80211_ATTR_IE, wpabuf_len(params->beacon_ies),
7518 wpabuf_head(params->beacon_ies));
7520 if (params->proberesp_ies) {
7521 wpa_hexdump_buf(MSG_DEBUG, "nl80211: proberesp_ies",
7522 params->proberesp_ies);
7523 NLA_PUT(msg, NL80211_ATTR_IE_PROBE_RESP,
7524 wpabuf_len(params->proberesp_ies),
7525 wpabuf_head(params->proberesp_ies));
7527 if (params->assocresp_ies) {
7528 wpa_hexdump_buf(MSG_DEBUG, "nl80211: assocresp_ies",
7529 params->assocresp_ies);
7530 NLA_PUT(msg, NL80211_ATTR_IE_ASSOC_RESP,
7531 wpabuf_len(params->assocresp_ies),
7532 wpabuf_head(params->assocresp_ies));
7535 if (drv->capa.flags & WPA_DRIVER_FLAGS_INACTIVITY_TIMER) {
7536 wpa_printf(MSG_DEBUG, "nl80211: ap_max_inactivity=%d",
7537 params->ap_max_inactivity);
7538 NLA_PUT_U16(msg, NL80211_ATTR_INACTIVITY_TIMEOUT,
7539 params->ap_max_inactivity);
7542 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
7544 wpa_printf(MSG_DEBUG, "nl80211: Beacon set failed: %d (%s)",
7545 ret, strerror(-ret));
7547 bss->beacon_set = 1;
7548 nl80211_set_bss(bss, params->cts_protect, params->preamble,
7549 params->short_slot_time, params->ht_opmode,
7550 params->isolate, params->basic_rates);
7551 if (beacon_set && params->freq &&
7552 params->freq->bandwidth != bss->bandwidth) {
7553 wpa_printf(MSG_DEBUG,
7554 "nl80211: Update BSS %s bandwidth: %d -> %d",
7555 bss->ifname, bss->bandwidth,
7556 params->freq->bandwidth);
7557 ret = nl80211_set_channel(bss, params->freq, 1);
7559 wpa_printf(MSG_DEBUG,
7560 "nl80211: Frequency set failed: %d (%s)",
7561 ret, strerror(-ret));
7563 wpa_printf(MSG_DEBUG,
7564 "nl80211: Frequency set succeeded for ht2040 coex");
7565 bss->bandwidth = params->freq->bandwidth;
7567 } else if (!beacon_set) {
7569 * cfg80211 updates the driver on frequence change in AP
7570 * mode only at the point when beaconing is started, so
7571 * set the initial value here.
7573 bss->bandwidth = params->freq->bandwidth;
7583 static int nl80211_put_freq_params(struct nl_msg *msg,
7584 struct hostapd_freq_params *freq)
7586 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, freq->freq);
7587 if (freq->vht_enabled) {
7588 switch (freq->bandwidth) {
7590 NLA_PUT_U32(msg, NL80211_ATTR_CHANNEL_WIDTH,
7591 NL80211_CHAN_WIDTH_20);
7594 NLA_PUT_U32(msg, NL80211_ATTR_CHANNEL_WIDTH,
7595 NL80211_CHAN_WIDTH_40);
7598 if (freq->center_freq2)
7599 NLA_PUT_U32(msg, NL80211_ATTR_CHANNEL_WIDTH,
7600 NL80211_CHAN_WIDTH_80P80);
7602 NLA_PUT_U32(msg, NL80211_ATTR_CHANNEL_WIDTH,
7603 NL80211_CHAN_WIDTH_80);
7606 NLA_PUT_U32(msg, NL80211_ATTR_CHANNEL_WIDTH,
7607 NL80211_CHAN_WIDTH_160);
7612 NLA_PUT_U32(msg, NL80211_ATTR_CENTER_FREQ1, freq->center_freq1);
7613 if (freq->center_freq2)
7614 NLA_PUT_U32(msg, NL80211_ATTR_CENTER_FREQ2,
7615 freq->center_freq2);
7616 } else if (freq->ht_enabled) {
7617 switch (freq->sec_channel_offset) {
7619 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE,
7620 NL80211_CHAN_HT40MINUS);
7623 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE,
7624 NL80211_CHAN_HT40PLUS);
7627 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE,
7639 static int nl80211_set_channel(struct i802_bss *bss,
7640 struct hostapd_freq_params *freq, int set_chan)
7642 struct wpa_driver_nl80211_data *drv = bss->drv;
7646 wpa_printf(MSG_DEBUG,
7647 "nl80211: Set freq %d (ht_enabled=%d, vht_enabled=%d, bandwidth=%d MHz, cf1=%d MHz, cf2=%d MHz)",
7648 freq->freq, freq->ht_enabled, freq->vht_enabled,
7649 freq->bandwidth, freq->center_freq1, freq->center_freq2);
7650 msg = nlmsg_alloc();
7654 nl80211_cmd(drv, msg, 0, set_chan ? NL80211_CMD_SET_CHANNEL :
7655 NL80211_CMD_SET_WIPHY);
7657 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
7658 if (nl80211_put_freq_params(msg, freq) < 0)
7659 goto nla_put_failure;
7661 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
7664 bss->freq = freq->freq;
7667 wpa_printf(MSG_DEBUG, "nl80211: Failed to set channel (freq=%d): "
7668 "%d (%s)", freq->freq, ret, strerror(-ret));
7675 static u32 sta_flags_nl80211(int flags)
7679 if (flags & WPA_STA_AUTHORIZED)
7680 f |= BIT(NL80211_STA_FLAG_AUTHORIZED);
7681 if (flags & WPA_STA_WMM)
7682 f |= BIT(NL80211_STA_FLAG_WME);
7683 if (flags & WPA_STA_SHORT_PREAMBLE)
7684 f |= BIT(NL80211_STA_FLAG_SHORT_PREAMBLE);
7685 if (flags & WPA_STA_MFP)
7686 f |= BIT(NL80211_STA_FLAG_MFP);
7687 if (flags & WPA_STA_TDLS_PEER)
7688 f |= BIT(NL80211_STA_FLAG_TDLS_PEER);
7694 static int wpa_driver_nl80211_sta_add(void *priv,
7695 struct hostapd_sta_add_params *params)
7697 struct i802_bss *bss = priv;
7698 struct wpa_driver_nl80211_data *drv = bss->drv;
7700 struct nl80211_sta_flag_update upd;
7703 if ((params->flags & WPA_STA_TDLS_PEER) &&
7704 !(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT))
7707 msg = nlmsg_alloc();
7711 wpa_printf(MSG_DEBUG, "nl80211: %s STA " MACSTR,
7712 params->set ? "Set" : "Add", MAC2STR(params->addr));
7713 nl80211_cmd(drv, msg, 0, params->set ? NL80211_CMD_SET_STATION :
7714 NL80211_CMD_NEW_STATION);
7716 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(bss->ifname));
7717 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, params->addr);
7718 NLA_PUT(msg, NL80211_ATTR_STA_SUPPORTED_RATES, params->supp_rates_len,
7719 params->supp_rates);
7720 wpa_hexdump(MSG_DEBUG, " * supported rates", params->supp_rates,
7721 params->supp_rates_len);
7724 wpa_printf(MSG_DEBUG, " * aid=%u", params->aid);
7725 NLA_PUT_U16(msg, NL80211_ATTR_STA_AID, params->aid);
7728 * cfg80211 validates that AID is non-zero, so we have
7729 * to make this a non-zero value for the TDLS case where
7730 * a dummy STA entry is used for now.
7732 wpa_printf(MSG_DEBUG, " * aid=1 (TDLS workaround)");
7733 NLA_PUT_U16(msg, NL80211_ATTR_STA_AID, 1);
7735 wpa_printf(MSG_DEBUG, " * listen_interval=%u",
7736 params->listen_interval);
7737 NLA_PUT_U16(msg, NL80211_ATTR_STA_LISTEN_INTERVAL,
7738 params->listen_interval);
7739 } else if (params->aid && (params->flags & WPA_STA_TDLS_PEER)) {
7740 wpa_printf(MSG_DEBUG, " * peer_aid=%u", params->aid);
7741 NLA_PUT_U16(msg, NL80211_ATTR_PEER_AID, params->aid);
7743 if (params->ht_capabilities) {
7744 wpa_hexdump(MSG_DEBUG, " * ht_capabilities",
7745 (u8 *) params->ht_capabilities,
7746 sizeof(*params->ht_capabilities));
7747 NLA_PUT(msg, NL80211_ATTR_HT_CAPABILITY,
7748 sizeof(*params->ht_capabilities),
7749 params->ht_capabilities);
7752 if (params->vht_capabilities) {
7753 wpa_hexdump(MSG_DEBUG, " * vht_capabilities",
7754 (u8 *) params->vht_capabilities,
7755 sizeof(*params->vht_capabilities));
7756 NLA_PUT(msg, NL80211_ATTR_VHT_CAPABILITY,
7757 sizeof(*params->vht_capabilities),
7758 params->vht_capabilities);
7761 if (params->vht_opmode_enabled) {
7762 wpa_printf(MSG_DEBUG, " * opmode=%u", params->vht_opmode);
7763 NLA_PUT_U8(msg, NL80211_ATTR_OPMODE_NOTIF,
7764 params->vht_opmode);
7767 wpa_printf(MSG_DEBUG, " * capability=0x%x", params->capability);
7768 NLA_PUT_U16(msg, NL80211_ATTR_STA_CAPABILITY, params->capability);
7770 if (params->ext_capab) {
7771 wpa_hexdump(MSG_DEBUG, " * ext_capab",
7772 params->ext_capab, params->ext_capab_len);
7773 NLA_PUT(msg, NL80211_ATTR_STA_EXT_CAPABILITY,
7774 params->ext_capab_len, params->ext_capab);
7777 if (params->supp_channels) {
7778 wpa_hexdump(MSG_DEBUG, " * supported channels",
7779 params->supp_channels, params->supp_channels_len);
7780 NLA_PUT(msg, NL80211_ATTR_STA_SUPPORTED_CHANNELS,
7781 params->supp_channels_len, params->supp_channels);
7784 if (params->supp_oper_classes) {
7785 wpa_hexdump(MSG_DEBUG, " * supported operating classes",
7786 params->supp_oper_classes,
7787 params->supp_oper_classes_len);
7788 NLA_PUT(msg, NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES,
7789 params->supp_oper_classes_len,
7790 params->supp_oper_classes);
7793 os_memset(&upd, 0, sizeof(upd));
7794 upd.set = sta_flags_nl80211(params->flags);
7795 upd.mask = upd.set | sta_flags_nl80211(params->flags_mask);
7796 wpa_printf(MSG_DEBUG, " * flags set=0x%x mask=0x%x",
7798 NLA_PUT(msg, NL80211_ATTR_STA_FLAGS2, sizeof(upd), &upd);
7800 if (params->flags & WPA_STA_WMM) {
7801 struct nlattr *wme = nla_nest_start(msg, NL80211_ATTR_STA_WME);
7804 goto nla_put_failure;
7806 wpa_printf(MSG_DEBUG, " * qosinfo=0x%x", params->qosinfo);
7807 NLA_PUT_U8(msg, NL80211_STA_WME_UAPSD_QUEUES,
7808 params->qosinfo & WMM_QOSINFO_STA_AC_MASK);
7809 NLA_PUT_U8(msg, NL80211_STA_WME_MAX_SP,
7810 (params->qosinfo >> WMM_QOSINFO_STA_SP_SHIFT) &
7811 WMM_QOSINFO_STA_SP_MASK);
7812 nla_nest_end(msg, wme);
7815 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
7818 wpa_printf(MSG_DEBUG, "nl80211: NL80211_CMD_%s_STATION "
7819 "result: %d (%s)", params->set ? "SET" : "NEW", ret,
7829 static void rtnl_neigh_delete_fdb_entry(struct i802_bss *bss, const u8 *addr)
7831 #ifdef CONFIG_LIBNL3_ROUTE
7832 struct wpa_driver_nl80211_data *drv = bss->drv;
7833 struct rtnl_neigh *rn;
7834 struct nl_addr *nl_addr;
7837 rn = rtnl_neigh_alloc();
7841 rtnl_neigh_set_family(rn, AF_BRIDGE);
7842 rtnl_neigh_set_ifindex(rn, bss->ifindex);
7843 nl_addr = nl_addr_build(AF_BRIDGE, (void *) addr, ETH_ALEN);
7848 rtnl_neigh_set_lladdr(rn, nl_addr);
7850 err = rtnl_neigh_delete(drv->rtnl_sk, rn, 0);
7852 wpa_printf(MSG_DEBUG, "nl80211: bridge FDB entry delete for "
7853 MACSTR " ifindex=%d failed: %s", MAC2STR(addr),
7854 bss->ifindex, nl_geterror(err));
7856 wpa_printf(MSG_DEBUG, "nl80211: deleted bridge FDB entry for "
7857 MACSTR, MAC2STR(addr));
7860 nl_addr_put(nl_addr);
7862 #endif /* CONFIG_LIBNL3_ROUTE */
7866 static int wpa_driver_nl80211_sta_remove(struct i802_bss *bss, const u8 *addr,
7867 int deauth, u16 reason_code)
7869 struct wpa_driver_nl80211_data *drv = bss->drv;
7873 msg = nlmsg_alloc();
7877 nl80211_cmd(drv, msg, 0, NL80211_CMD_DEL_STATION);
7879 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
7880 if_nametoindex(bss->ifname));
7881 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
7883 NLA_PUT_U8(msg, NL80211_ATTR_MGMT_SUBTYPE,
7884 WLAN_FC_STYPE_DISASSOC);
7885 else if (deauth == 1)
7886 NLA_PUT_U8(msg, NL80211_ATTR_MGMT_SUBTYPE,
7887 WLAN_FC_STYPE_DEAUTH);
7889 NLA_PUT_U16(msg, NL80211_ATTR_REASON_CODE, reason_code);
7891 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
7892 wpa_printf(MSG_DEBUG, "nl80211: sta_remove -> DEL_STATION %s " MACSTR
7894 bss->ifname, MAC2STR(addr), ret, strerror(-ret));
7897 rtnl_neigh_delete_fdb_entry(bss, addr);
7908 static void nl80211_remove_iface(struct wpa_driver_nl80211_data *drv,
7912 struct wpa_driver_nl80211_data *drv2;
7914 wpa_printf(MSG_DEBUG, "nl80211: Remove interface ifindex=%d", ifidx);
7916 /* stop listening for EAPOL on this interface */
7917 dl_list_for_each(drv2, &drv->global->interfaces,
7918 struct wpa_driver_nl80211_data, list)
7919 del_ifidx(drv2, ifidx);
7921 msg = nlmsg_alloc();
7923 goto nla_put_failure;
7925 nl80211_cmd(drv, msg, 0, NL80211_CMD_DEL_INTERFACE);
7926 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifidx);
7928 if (send_and_recv_msgs(drv, msg, NULL, NULL) == 0)
7933 wpa_printf(MSG_ERROR, "Failed to remove interface (ifidx=%d)", ifidx);
7937 static const char * nl80211_iftype_str(enum nl80211_iftype mode)
7940 case NL80211_IFTYPE_ADHOC:
7942 case NL80211_IFTYPE_STATION:
7944 case NL80211_IFTYPE_AP:
7946 case NL80211_IFTYPE_AP_VLAN:
7948 case NL80211_IFTYPE_WDS:
7950 case NL80211_IFTYPE_MONITOR:
7952 case NL80211_IFTYPE_MESH_POINT:
7953 return "MESH_POINT";
7954 case NL80211_IFTYPE_P2P_CLIENT:
7955 return "P2P_CLIENT";
7956 case NL80211_IFTYPE_P2P_GO:
7958 case NL80211_IFTYPE_P2P_DEVICE:
7959 return "P2P_DEVICE";
7966 static int nl80211_create_iface_once(struct wpa_driver_nl80211_data *drv,
7968 enum nl80211_iftype iftype,
7969 const u8 *addr, int wds,
7970 int (*handler)(struct nl_msg *, void *),
7977 wpa_printf(MSG_DEBUG, "nl80211: Create interface iftype %d (%s)",
7978 iftype, nl80211_iftype_str(iftype));
7980 msg = nlmsg_alloc();
7984 nl80211_cmd(drv, msg, 0, NL80211_CMD_NEW_INTERFACE);
7985 if (nl80211_set_iface_id(msg, drv->first_bss) < 0)
7986 goto nla_put_failure;
7987 NLA_PUT_STRING(msg, NL80211_ATTR_IFNAME, ifname);
7988 NLA_PUT_U32(msg, NL80211_ATTR_IFTYPE, iftype);
7990 if (iftype == NL80211_IFTYPE_MONITOR) {
7991 struct nlattr *flags;
7993 flags = nla_nest_start(msg, NL80211_ATTR_MNTR_FLAGS);
7995 goto nla_put_failure;
7997 NLA_PUT_FLAG(msg, NL80211_MNTR_FLAG_COOK_FRAMES);
7999 nla_nest_end(msg, flags);
8001 NLA_PUT_U8(msg, NL80211_ATTR_4ADDR, wds);
8005 * Tell cfg80211 that the interface belongs to the socket that created
8006 * it, and the interface should be deleted when the socket is closed.
8008 NLA_PUT_FLAG(msg, NL80211_ATTR_IFACE_SOCKET_OWNER);
8010 ret = send_and_recv_msgs(drv, msg, handler, arg);
8015 wpa_printf(MSG_ERROR, "Failed to create interface %s: %d (%s)",
8016 ifname, ret, strerror(-ret));
8020 if (iftype == NL80211_IFTYPE_P2P_DEVICE)
8023 ifidx = if_nametoindex(ifname);
8024 wpa_printf(MSG_DEBUG, "nl80211: New interface %s created: ifindex=%d",
8031 * Some virtual interfaces need to process EAPOL packets and events on
8032 * the parent interface. This is used mainly with hostapd.
8035 iftype == NL80211_IFTYPE_AP_VLAN ||
8036 iftype == NL80211_IFTYPE_WDS ||
8037 iftype == NL80211_IFTYPE_MONITOR) {
8038 /* start listening for EAPOL on this interface */
8039 add_ifidx(drv, ifidx);
8042 if (addr && iftype != NL80211_IFTYPE_MONITOR &&
8043 linux_set_ifhwaddr(drv->global->ioctl_sock, ifname, addr)) {
8044 nl80211_remove_iface(drv, ifidx);
8052 static int nl80211_create_iface(struct wpa_driver_nl80211_data *drv,
8053 const char *ifname, enum nl80211_iftype iftype,
8054 const u8 *addr, int wds,
8055 int (*handler)(struct nl_msg *, void *),
8056 void *arg, int use_existing)
8060 ret = nl80211_create_iface_once(drv, ifname, iftype, addr, wds, handler,
8063 /* if error occurred and interface exists already */
8064 if (ret == -ENFILE && if_nametoindex(ifname)) {
8066 wpa_printf(MSG_DEBUG, "nl80211: Continue using existing interface %s",
8068 if (addr && iftype != NL80211_IFTYPE_MONITOR &&
8069 linux_set_ifhwaddr(drv->global->ioctl_sock, ifname,
8071 (linux_set_iface_flags(drv->global->ioctl_sock,
8073 linux_set_ifhwaddr(drv->global->ioctl_sock, ifname,
8075 linux_set_iface_flags(drv->global->ioctl_sock,
8080 wpa_printf(MSG_INFO, "Try to remove and re-create %s", ifname);
8082 /* Try to remove the interface that was already there. */
8083 nl80211_remove_iface(drv, if_nametoindex(ifname));
8085 /* Try to create the interface again */
8086 ret = nl80211_create_iface_once(drv, ifname, iftype, addr,
8090 if (ret >= 0 && is_p2p_net_interface(iftype))
8091 nl80211_disable_11b_rates(drv, ret, 1);
8097 static void handle_tx_callback(void *ctx, u8 *buf, size_t len, int ok)
8099 struct ieee80211_hdr *hdr;
8101 union wpa_event_data event;
8103 hdr = (struct ieee80211_hdr *) buf;
8104 fc = le_to_host16(hdr->frame_control);
8106 os_memset(&event, 0, sizeof(event));
8107 event.tx_status.type = WLAN_FC_GET_TYPE(fc);
8108 event.tx_status.stype = WLAN_FC_GET_STYPE(fc);
8109 event.tx_status.dst = hdr->addr1;
8110 event.tx_status.data = buf;
8111 event.tx_status.data_len = len;
8112 event.tx_status.ack = ok;
8113 wpa_supplicant_event(ctx, EVENT_TX_STATUS, &event);
8117 static void from_unknown_sta(struct wpa_driver_nl80211_data *drv,
8118 u8 *buf, size_t len)
8120 struct ieee80211_hdr *hdr = (void *)buf;
8122 union wpa_event_data event;
8124 if (len < sizeof(*hdr))
8127 fc = le_to_host16(hdr->frame_control);
8129 os_memset(&event, 0, sizeof(event));
8130 event.rx_from_unknown.bssid = get_hdr_bssid(hdr, len);
8131 event.rx_from_unknown.addr = hdr->addr2;
8132 event.rx_from_unknown.wds = (fc & (WLAN_FC_FROMDS | WLAN_FC_TODS)) ==
8133 (WLAN_FC_FROMDS | WLAN_FC_TODS);
8134 wpa_supplicant_event(drv->ctx, EVENT_RX_FROM_UNKNOWN, &event);
8138 static void handle_frame(struct wpa_driver_nl80211_data *drv,
8139 u8 *buf, size_t len, int datarate, int ssi_signal)
8141 struct ieee80211_hdr *hdr;
8143 union wpa_event_data event;
8145 hdr = (struct ieee80211_hdr *) buf;
8146 fc = le_to_host16(hdr->frame_control);
8148 switch (WLAN_FC_GET_TYPE(fc)) {
8149 case WLAN_FC_TYPE_MGMT:
8150 os_memset(&event, 0, sizeof(event));
8151 event.rx_mgmt.frame = buf;
8152 event.rx_mgmt.frame_len = len;
8153 event.rx_mgmt.datarate = datarate;
8154 event.rx_mgmt.ssi_signal = ssi_signal;
8155 wpa_supplicant_event(drv->ctx, EVENT_RX_MGMT, &event);
8157 case WLAN_FC_TYPE_CTRL:
8158 /* can only get here with PS-Poll frames */
8159 wpa_printf(MSG_DEBUG, "CTRL");
8160 from_unknown_sta(drv, buf, len);
8162 case WLAN_FC_TYPE_DATA:
8163 from_unknown_sta(drv, buf, len);
8169 static void handle_monitor_read(int sock, void *eloop_ctx, void *sock_ctx)
8171 struct wpa_driver_nl80211_data *drv = eloop_ctx;
8173 unsigned char buf[3000];
8174 struct ieee80211_radiotap_iterator iter;
8176 int datarate = 0, ssi_signal = 0;
8177 int injected = 0, failed = 0, rxflags = 0;
8179 len = recv(sock, buf, sizeof(buf), 0);
8181 wpa_printf(MSG_ERROR, "nl80211: Monitor socket recv failed: %s",
8186 if (ieee80211_radiotap_iterator_init(&iter, (void *) buf, len, NULL)) {
8187 wpa_printf(MSG_INFO, "nl80211: received invalid radiotap frame");
8192 ret = ieee80211_radiotap_iterator_next(&iter);
8196 wpa_printf(MSG_INFO, "nl80211: received invalid radiotap frame (%d)",
8200 switch (iter.this_arg_index) {
8201 case IEEE80211_RADIOTAP_FLAGS:
8202 if (*iter.this_arg & IEEE80211_RADIOTAP_F_FCS)
8205 case IEEE80211_RADIOTAP_RX_FLAGS:
8208 case IEEE80211_RADIOTAP_TX_FLAGS:
8210 failed = le_to_host16((*(uint16_t *) iter.this_arg)) &
8211 IEEE80211_RADIOTAP_F_TX_FAIL;
8213 case IEEE80211_RADIOTAP_DATA_RETRIES:
8215 case IEEE80211_RADIOTAP_CHANNEL:
8216 /* TODO: convert from freq/flags to channel number */
8218 case IEEE80211_RADIOTAP_RATE:
8219 datarate = *iter.this_arg * 5;
8221 case IEEE80211_RADIOTAP_DBM_ANTSIGNAL:
8222 ssi_signal = (s8) *iter.this_arg;
8227 if (rxflags && injected)
8231 handle_frame(drv, buf + iter._max_length,
8232 len - iter._max_length, datarate, ssi_signal);
8234 handle_tx_callback(drv->ctx, buf + iter._max_length,
8235 len - iter._max_length, !failed);
8240 * we post-process the filter code later and rewrite
8241 * this to the offset to the last instruction
8246 static struct sock_filter msock_filter_insns[] = {
8248 * do a little-endian load of the radiotap length field
8250 /* load lower byte into A */
8251 BPF_STMT(BPF_LD | BPF_B | BPF_ABS, 2),
8252 /* put it into X (== index register) */
8253 BPF_STMT(BPF_MISC| BPF_TAX, 0),
8254 /* load upper byte into A */
8255 BPF_STMT(BPF_LD | BPF_B | BPF_ABS, 3),
8256 /* left-shift it by 8 */
8257 BPF_STMT(BPF_ALU | BPF_LSH | BPF_K, 8),
8259 BPF_STMT(BPF_ALU | BPF_OR | BPF_X, 0),
8260 /* put result into X */
8261 BPF_STMT(BPF_MISC| BPF_TAX, 0),
8264 * Allow management frames through, this also gives us those
8265 * management frames that we sent ourselves with status
8267 /* load the lower byte of the IEEE 802.11 frame control field */
8268 BPF_STMT(BPF_LD | BPF_B | BPF_IND, 0),
8269 /* mask off frame type and version */
8270 BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0xF),
8271 /* accept frame if it's both 0, fall through otherwise */
8272 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 0, PASS, 0),
8275 * TODO: add a bit to radiotap RX flags that indicates
8276 * that the sending station is not associated, then
8277 * add a filter here that filters on our DA and that flag
8278 * to allow us to deauth frames to that bad station.
8280 * For now allow all To DS data frames through.
8282 /* load the IEEE 802.11 frame control field */
8283 BPF_STMT(BPF_LD | BPF_H | BPF_IND, 0),
8284 /* mask off frame type, version and DS status */
8285 BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0x0F03),
8286 /* accept frame if version 0, type 2 and To DS, fall through otherwise
8288 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 0x0801, PASS, 0),
8292 * drop non-data frames
8294 /* load the lower byte of the frame control field */
8295 BPF_STMT(BPF_LD | BPF_B | BPF_IND, 0),
8296 /* mask off QoS bit */
8297 BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0x0c),
8298 /* drop non-data frames */
8299 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 8, 0, FAIL),
8301 /* load the upper byte of the frame control field */
8302 BPF_STMT(BPF_LD | BPF_B | BPF_IND, 1),
8303 /* mask off toDS/fromDS */
8304 BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0x03),
8305 /* accept WDS frames */
8306 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 3, PASS, 0),
8309 * add header length to index
8311 /* load the lower byte of the frame control field */
8312 BPF_STMT(BPF_LD | BPF_B | BPF_IND, 0),
8313 /* mask off QoS bit */
8314 BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0x80),
8315 /* right shift it by 6 to give 0 or 2 */
8316 BPF_STMT(BPF_ALU | BPF_RSH | BPF_K, 6),
8317 /* add data frame header length */
8318 BPF_STMT(BPF_ALU | BPF_ADD | BPF_K, 24),
8319 /* add index, was start of 802.11 header */
8320 BPF_STMT(BPF_ALU | BPF_ADD | BPF_X, 0),
8321 /* move to index, now start of LL header */
8322 BPF_STMT(BPF_MISC | BPF_TAX, 0),
8325 * Accept empty data frames, we use those for
8328 BPF_STMT(BPF_LD | BPF_W | BPF_LEN, 0),
8329 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_X, 0, PASS, 0),
8332 * Accept EAPOL frames
8334 BPF_STMT(BPF_LD | BPF_W | BPF_IND, 0),
8335 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 0xAAAA0300, 0, FAIL),
8336 BPF_STMT(BPF_LD | BPF_W | BPF_IND, 4),
8337 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 0x0000888E, PASS, FAIL),
8339 /* keep these last two statements or change the code below */
8340 /* return 0 == "DROP" */
8341 BPF_STMT(BPF_RET | BPF_K, 0),
8342 /* return ~0 == "keep all" */
8343 BPF_STMT(BPF_RET | BPF_K, ~0),
8346 static struct sock_fprog msock_filter = {
8347 .len = ARRAY_SIZE(msock_filter_insns),
8348 .filter = msock_filter_insns,
8352 static int add_monitor_filter(int s)
8356 /* rewrite all PASS/FAIL jump offsets */
8357 for (idx = 0; idx < msock_filter.len; idx++) {
8358 struct sock_filter *insn = &msock_filter_insns[idx];
8360 if (BPF_CLASS(insn->code) == BPF_JMP) {
8361 if (insn->code == (BPF_JMP|BPF_JA)) {
8362 if (insn->k == PASS)
8363 insn->k = msock_filter.len - idx - 2;
8364 else if (insn->k == FAIL)
8365 insn->k = msock_filter.len - idx - 3;
8368 if (insn->jt == PASS)
8369 insn->jt = msock_filter.len - idx - 2;
8370 else if (insn->jt == FAIL)
8371 insn->jt = msock_filter.len - idx - 3;
8373 if (insn->jf == PASS)
8374 insn->jf = msock_filter.len - idx - 2;
8375 else if (insn->jf == FAIL)
8376 insn->jf = msock_filter.len - idx - 3;
8380 if (setsockopt(s, SOL_SOCKET, SO_ATTACH_FILTER,
8381 &msock_filter, sizeof(msock_filter))) {
8382 wpa_printf(MSG_ERROR, "nl80211: setsockopt(SO_ATTACH_FILTER) failed: %s",
8391 static void nl80211_remove_monitor_interface(
8392 struct wpa_driver_nl80211_data *drv)
8394 if (drv->monitor_refcount > 0)
8395 drv->monitor_refcount--;
8396 wpa_printf(MSG_DEBUG, "nl80211: Remove monitor interface: refcount=%d",
8397 drv->monitor_refcount);
8398 if (drv->monitor_refcount > 0)
8401 if (drv->monitor_ifidx >= 0) {
8402 nl80211_remove_iface(drv, drv->monitor_ifidx);
8403 drv->monitor_ifidx = -1;
8405 if (drv->monitor_sock >= 0) {
8406 eloop_unregister_read_sock(drv->monitor_sock);
8407 close(drv->monitor_sock);
8408 drv->monitor_sock = -1;
8414 nl80211_create_monitor_interface(struct wpa_driver_nl80211_data *drv)
8417 struct sockaddr_ll ll;
8421 if (drv->monitor_ifidx >= 0) {
8422 drv->monitor_refcount++;
8423 wpa_printf(MSG_DEBUG, "nl80211: Re-use existing monitor interface: refcount=%d",
8424 drv->monitor_refcount);
8428 if (os_strncmp(drv->first_bss->ifname, "p2p-", 4) == 0) {
8430 * P2P interface name is of the format p2p-%s-%d. For monitor
8431 * interface name corresponding to P2P GO, replace "p2p-" with
8432 * "mon-" to retain the same interface name length and to
8433 * indicate that it is a monitor interface.
8435 snprintf(buf, IFNAMSIZ, "mon-%s", drv->first_bss->ifname + 4);
8437 /* Non-P2P interface with AP functionality. */
8438 snprintf(buf, IFNAMSIZ, "mon.%s", drv->first_bss->ifname);
8441 buf[IFNAMSIZ - 1] = '\0';
8443 drv->monitor_ifidx =
8444 nl80211_create_iface(drv, buf, NL80211_IFTYPE_MONITOR, NULL,
8447 if (drv->monitor_ifidx == -EOPNOTSUPP) {
8449 * This is backward compatibility for a few versions of
8450 * the kernel only that didn't advertise the right
8451 * attributes for the only driver that then supported
8452 * AP mode w/o monitor -- ath6kl.
8454 wpa_printf(MSG_DEBUG, "nl80211: Driver does not support "
8455 "monitor interface type - try to run without it");
8456 drv->device_ap_sme = 1;
8459 if (drv->monitor_ifidx < 0)
8462 if (linux_set_iface_flags(drv->global->ioctl_sock, buf, 1))
8465 memset(&ll, 0, sizeof(ll));
8466 ll.sll_family = AF_PACKET;
8467 ll.sll_ifindex = drv->monitor_ifidx;
8468 drv->monitor_sock = socket(PF_PACKET, SOCK_RAW, htons(ETH_P_ALL));
8469 if (drv->monitor_sock < 0) {
8470 wpa_printf(MSG_ERROR, "nl80211: socket[PF_PACKET,SOCK_RAW] failed: %s",
8475 if (add_monitor_filter(drv->monitor_sock)) {
8476 wpa_printf(MSG_INFO, "Failed to set socket filter for monitor "
8477 "interface; do filtering in user space");
8478 /* This works, but will cost in performance. */
8481 if (bind(drv->monitor_sock, (struct sockaddr *) &ll, sizeof(ll)) < 0) {
8482 wpa_printf(MSG_ERROR, "nl80211: monitor socket bind failed: %s",
8487 optlen = sizeof(optval);
8490 (drv->monitor_sock, SOL_SOCKET, SO_PRIORITY, &optval, optlen)) {
8491 wpa_printf(MSG_ERROR, "nl80211: Failed to set socket priority: %s",
8496 if (eloop_register_read_sock(drv->monitor_sock, handle_monitor_read,
8498 wpa_printf(MSG_INFO, "nl80211: Could not register monitor read socket");
8502 drv->monitor_refcount++;
8505 nl80211_remove_monitor_interface(drv);
8510 static int nl80211_setup_ap(struct i802_bss *bss)
8512 struct wpa_driver_nl80211_data *drv = bss->drv;
8514 wpa_printf(MSG_DEBUG, "nl80211: Setup AP(%s) - device_ap_sme=%d use_monitor=%d",
8515 bss->ifname, drv->device_ap_sme, drv->use_monitor);
8518 * Disable Probe Request reporting unless we need it in this way for
8519 * devices that include the AP SME, in the other case (unless using
8520 * monitor iface) we'll get it through the nl_mgmt socket instead.
8522 if (!drv->device_ap_sme)
8523 wpa_driver_nl80211_probe_req_report(bss, 0);
8525 if (!drv->device_ap_sme && !drv->use_monitor)
8526 if (nl80211_mgmt_subscribe_ap(bss))
8529 if (drv->device_ap_sme && !drv->use_monitor)
8530 if (nl80211_mgmt_subscribe_ap_dev_sme(bss))
8533 if (!drv->device_ap_sme && drv->use_monitor &&
8534 nl80211_create_monitor_interface(drv) &&
8535 !drv->device_ap_sme)
8538 if (drv->device_ap_sme &&
8539 wpa_driver_nl80211_probe_req_report(bss, 1) < 0) {
8540 wpa_printf(MSG_DEBUG, "nl80211: Failed to enable "
8541 "Probe Request frame reporting in AP mode");
8542 /* Try to survive without this */
8549 static void nl80211_teardown_ap(struct i802_bss *bss)
8551 struct wpa_driver_nl80211_data *drv = bss->drv;
8553 wpa_printf(MSG_DEBUG, "nl80211: Teardown AP(%s) - device_ap_sme=%d use_monitor=%d",
8554 bss->ifname, drv->device_ap_sme, drv->use_monitor);
8555 if (drv->device_ap_sme) {
8556 wpa_driver_nl80211_probe_req_report(bss, 0);
8557 if (!drv->use_monitor)
8558 nl80211_mgmt_unsubscribe(bss, "AP teardown (dev SME)");
8559 } else if (drv->use_monitor)
8560 nl80211_remove_monitor_interface(drv);
8562 nl80211_mgmt_unsubscribe(bss, "AP teardown");
8564 bss->beacon_set = 0;
8568 static int nl80211_send_eapol_data(struct i802_bss *bss,
8569 const u8 *addr, const u8 *data,
8572 struct sockaddr_ll ll;
8575 if (bss->drv->eapol_tx_sock < 0) {
8576 wpa_printf(MSG_DEBUG, "nl80211: No socket to send EAPOL");
8580 os_memset(&ll, 0, sizeof(ll));
8581 ll.sll_family = AF_PACKET;
8582 ll.sll_ifindex = bss->ifindex;
8583 ll.sll_protocol = htons(ETH_P_PAE);
8584 ll.sll_halen = ETH_ALEN;
8585 os_memcpy(ll.sll_addr, addr, ETH_ALEN);
8586 ret = sendto(bss->drv->eapol_tx_sock, data, data_len, 0,
8587 (struct sockaddr *) &ll, sizeof(ll));
8589 wpa_printf(MSG_ERROR, "nl80211: EAPOL TX: %s",
8596 static const u8 rfc1042_header[6] = { 0xaa, 0xaa, 0x03, 0x00, 0x00, 0x00 };
8598 static int wpa_driver_nl80211_hapd_send_eapol(
8599 void *priv, const u8 *addr, const u8 *data,
8600 size_t data_len, int encrypt, const u8 *own_addr, u32 flags)
8602 struct i802_bss *bss = priv;
8603 struct wpa_driver_nl80211_data *drv = bss->drv;
8604 struct ieee80211_hdr *hdr;
8608 int qos = flags & WPA_STA_WMM;
8610 if (drv->device_ap_sme || !drv->use_monitor)
8611 return nl80211_send_eapol_data(bss, addr, data, data_len);
8613 len = sizeof(*hdr) + (qos ? 2 : 0) + sizeof(rfc1042_header) + 2 +
8615 hdr = os_zalloc(len);
8617 wpa_printf(MSG_INFO, "nl80211: Failed to allocate EAPOL buffer(len=%lu)",
8618 (unsigned long) len);
8622 hdr->frame_control =
8623 IEEE80211_FC(WLAN_FC_TYPE_DATA, WLAN_FC_STYPE_DATA);
8624 hdr->frame_control |= host_to_le16(WLAN_FC_FROMDS);
8626 hdr->frame_control |= host_to_le16(WLAN_FC_ISWEP);
8628 hdr->frame_control |=
8629 host_to_le16(WLAN_FC_STYPE_QOS_DATA << 4);
8632 memcpy(hdr->IEEE80211_DA_FROMDS, addr, ETH_ALEN);
8633 memcpy(hdr->IEEE80211_BSSID_FROMDS, own_addr, ETH_ALEN);
8634 memcpy(hdr->IEEE80211_SA_FROMDS, own_addr, ETH_ALEN);
8635 pos = (u8 *) (hdr + 1);
8638 /* Set highest priority in QoS header */
8644 memcpy(pos, rfc1042_header, sizeof(rfc1042_header));
8645 pos += sizeof(rfc1042_header);
8646 WPA_PUT_BE16(pos, ETH_P_PAE);
8648 memcpy(pos, data, data_len);
8650 res = wpa_driver_nl80211_send_frame(bss, (u8 *) hdr, len, encrypt, 0,
8653 wpa_printf(MSG_ERROR, "i802_send_eapol - packet len: %lu - "
8655 (unsigned long) len, errno, strerror(errno));
8663 static int wpa_driver_nl80211_sta_set_flags(void *priv, const u8 *addr,
8665 int flags_or, int flags_and)
8667 struct i802_bss *bss = priv;
8668 struct wpa_driver_nl80211_data *drv = bss->drv;
8670 struct nlattr *flags;
8671 struct nl80211_sta_flag_update upd;
8673 wpa_printf(MSG_DEBUG, "nl80211: Set STA flags - ifname=%s addr=" MACSTR
8674 " total_flags=0x%x flags_or=0x%x flags_and=0x%x authorized=%d",
8675 bss->ifname, MAC2STR(addr), total_flags, flags_or, flags_and,
8676 !!(total_flags & WPA_STA_AUTHORIZED));
8678 msg = nlmsg_alloc();
8682 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_STATION);
8684 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
8685 if_nametoindex(bss->ifname));
8686 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
8689 * Backwards compatibility version using NL80211_ATTR_STA_FLAGS. This
8690 * can be removed eventually.
8692 flags = nla_nest_start(msg, NL80211_ATTR_STA_FLAGS);
8694 goto nla_put_failure;
8695 if (total_flags & WPA_STA_AUTHORIZED)
8696 NLA_PUT_FLAG(msg, NL80211_STA_FLAG_AUTHORIZED);
8698 if (total_flags & WPA_STA_WMM)
8699 NLA_PUT_FLAG(msg, NL80211_STA_FLAG_WME);
8701 if (total_flags & WPA_STA_SHORT_PREAMBLE)
8702 NLA_PUT_FLAG(msg, NL80211_STA_FLAG_SHORT_PREAMBLE);
8704 if (total_flags & WPA_STA_MFP)
8705 NLA_PUT_FLAG(msg, NL80211_STA_FLAG_MFP);
8707 if (total_flags & WPA_STA_TDLS_PEER)
8708 NLA_PUT_FLAG(msg, NL80211_STA_FLAG_TDLS_PEER);
8710 nla_nest_end(msg, flags);
8712 os_memset(&upd, 0, sizeof(upd));
8713 upd.mask = sta_flags_nl80211(flags_or | ~flags_and);
8714 upd.set = sta_flags_nl80211(flags_or);
8715 NLA_PUT(msg, NL80211_ATTR_STA_FLAGS2, sizeof(upd), &upd);
8717 return send_and_recv_msgs(drv, msg, NULL, NULL);
8724 static int wpa_driver_nl80211_ap(struct wpa_driver_nl80211_data *drv,
8725 struct wpa_driver_associate_params *params)
8727 enum nl80211_iftype nlmode, old_mode;
8730 wpa_printf(MSG_DEBUG, "nl80211: Setup AP operations for P2P "
8732 nlmode = NL80211_IFTYPE_P2P_GO;
8734 nlmode = NL80211_IFTYPE_AP;
8736 old_mode = drv->nlmode;
8737 if (wpa_driver_nl80211_set_mode(drv->first_bss, nlmode)) {
8738 nl80211_remove_monitor_interface(drv);
8742 if (nl80211_set_channel(drv->first_bss, ¶ms->freq, 0)) {
8743 if (old_mode != nlmode)
8744 wpa_driver_nl80211_set_mode(drv->first_bss, old_mode);
8745 nl80211_remove_monitor_interface(drv);
8753 static int nl80211_leave_ibss(struct wpa_driver_nl80211_data *drv)
8758 msg = nlmsg_alloc();
8762 nl80211_cmd(drv, msg, 0, NL80211_CMD_LEAVE_IBSS);
8763 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
8764 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
8767 wpa_printf(MSG_DEBUG, "nl80211: Leave IBSS failed: ret=%d "
8768 "(%s)", ret, strerror(-ret));
8769 goto nla_put_failure;
8773 wpa_printf(MSG_DEBUG, "nl80211: Leave IBSS request sent successfully");
8776 if (wpa_driver_nl80211_set_mode(drv->first_bss,
8777 NL80211_IFTYPE_STATION)) {
8778 wpa_printf(MSG_INFO, "nl80211: Failed to set interface into "
8787 static int wpa_driver_nl80211_ibss(struct wpa_driver_nl80211_data *drv,
8788 struct wpa_driver_associate_params *params)
8794 wpa_printf(MSG_DEBUG, "nl80211: Join IBSS (ifindex=%d)", drv->ifindex);
8796 if (wpa_driver_nl80211_set_mode_ibss(drv->first_bss, ¶ms->freq)) {
8797 wpa_printf(MSG_INFO, "nl80211: Failed to set interface into "
8803 msg = nlmsg_alloc();
8807 nl80211_cmd(drv, msg, 0, NL80211_CMD_JOIN_IBSS);
8808 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
8810 if (params->ssid == NULL || params->ssid_len > sizeof(drv->ssid))
8811 goto nla_put_failure;
8813 wpa_hexdump_ascii(MSG_DEBUG, " * SSID",
8814 params->ssid, params->ssid_len);
8815 NLA_PUT(msg, NL80211_ATTR_SSID, params->ssid_len,
8817 os_memcpy(drv->ssid, params->ssid, params->ssid_len);
8818 drv->ssid_len = params->ssid_len;
8820 wpa_printf(MSG_DEBUG, " * freq=%d", params->freq.freq);
8821 wpa_printf(MSG_DEBUG, " * ht_enabled=%d", params->freq.ht_enabled);
8822 wpa_printf(MSG_DEBUG, " * sec_channel_offset=%d",
8823 params->freq.sec_channel_offset);
8824 wpa_printf(MSG_DEBUG, " * vht_enabled=%d", params->freq.vht_enabled);
8825 wpa_printf(MSG_DEBUG, " * center_freq1=%d", params->freq.center_freq1);
8826 wpa_printf(MSG_DEBUG, " * center_freq2=%d", params->freq.center_freq2);
8827 wpa_printf(MSG_DEBUG, " * bandwidth=%d", params->freq.bandwidth);
8828 if (nl80211_put_freq_params(msg, ¶ms->freq) < 0)
8829 goto nla_put_failure;
8831 if (params->beacon_int > 0) {
8832 wpa_printf(MSG_DEBUG, " * beacon_int=%d", params->beacon_int);
8833 NLA_PUT_U32(msg, NL80211_ATTR_BEACON_INTERVAL,
8834 params->beacon_int);
8837 ret = nl80211_set_conn_keys(params, msg);
8839 goto nla_put_failure;
8841 if (params->bssid && params->fixed_bssid) {
8842 wpa_printf(MSG_DEBUG, " * BSSID=" MACSTR,
8843 MAC2STR(params->bssid));
8844 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid);
8847 if (params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
8848 params->key_mgmt_suite == WPA_KEY_MGMT_PSK ||
8849 params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
8850 params->key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256) {
8851 wpa_printf(MSG_DEBUG, " * control port");
8852 NLA_PUT_FLAG(msg, NL80211_ATTR_CONTROL_PORT);
8855 if (params->wpa_ie) {
8856 wpa_hexdump(MSG_DEBUG,
8857 " * Extra IEs for Beacon/Probe Response frames",
8858 params->wpa_ie, params->wpa_ie_len);
8859 NLA_PUT(msg, NL80211_ATTR_IE, params->wpa_ie_len,
8863 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
8866 wpa_printf(MSG_DEBUG, "nl80211: Join IBSS failed: ret=%d (%s)",
8867 ret, strerror(-ret));
8869 if (ret == -EALREADY && count == 1) {
8870 wpa_printf(MSG_DEBUG, "nl80211: Retry IBSS join after "
8872 nl80211_leave_ibss(drv);
8877 goto nla_put_failure;
8880 wpa_printf(MSG_DEBUG, "nl80211: Join IBSS request sent successfully");
8888 static int nl80211_connect_common(struct wpa_driver_nl80211_data *drv,
8889 struct wpa_driver_associate_params *params,
8892 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
8894 if (params->bssid) {
8895 wpa_printf(MSG_DEBUG, " * bssid=" MACSTR,
8896 MAC2STR(params->bssid));
8897 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid);
8900 if (params->bssid_hint) {
8901 wpa_printf(MSG_DEBUG, " * bssid_hint=" MACSTR,
8902 MAC2STR(params->bssid_hint));
8903 NLA_PUT(msg, NL80211_ATTR_MAC_HINT, ETH_ALEN,
8904 params->bssid_hint);
8907 if (params->freq.freq) {
8908 wpa_printf(MSG_DEBUG, " * freq=%d", params->freq.freq);
8909 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, params->freq.freq);
8910 drv->assoc_freq = params->freq.freq;
8912 drv->assoc_freq = 0;
8914 if (params->freq_hint) {
8915 wpa_printf(MSG_DEBUG, " * freq_hint=%d", params->freq_hint);
8916 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ_HINT,
8920 if (params->bg_scan_period >= 0) {
8921 wpa_printf(MSG_DEBUG, " * bg scan period=%d",
8922 params->bg_scan_period);
8923 NLA_PUT_U16(msg, NL80211_ATTR_BG_SCAN_PERIOD,
8924 params->bg_scan_period);
8928 wpa_hexdump_ascii(MSG_DEBUG, " * SSID",
8929 params->ssid, params->ssid_len);
8930 NLA_PUT(msg, NL80211_ATTR_SSID, params->ssid_len,
8932 if (params->ssid_len > sizeof(drv->ssid))
8933 goto nla_put_failure;
8934 os_memcpy(drv->ssid, params->ssid, params->ssid_len);
8935 drv->ssid_len = params->ssid_len;
8938 wpa_hexdump(MSG_DEBUG, " * IEs", params->wpa_ie, params->wpa_ie_len);
8940 NLA_PUT(msg, NL80211_ATTR_IE, params->wpa_ie_len,
8943 if (params->wpa_proto) {
8944 enum nl80211_wpa_versions ver = 0;
8946 if (params->wpa_proto & WPA_PROTO_WPA)
8947 ver |= NL80211_WPA_VERSION_1;
8948 if (params->wpa_proto & WPA_PROTO_RSN)
8949 ver |= NL80211_WPA_VERSION_2;
8951 wpa_printf(MSG_DEBUG, " * WPA Versions 0x%x", ver);
8952 NLA_PUT_U32(msg, NL80211_ATTR_WPA_VERSIONS, ver);
8955 if (params->pairwise_suite != WPA_CIPHER_NONE) {
8956 u32 cipher = wpa_cipher_to_cipher_suite(params->pairwise_suite);
8957 wpa_printf(MSG_DEBUG, " * pairwise=0x%x", cipher);
8958 NLA_PUT_U32(msg, NL80211_ATTR_CIPHER_SUITES_PAIRWISE, cipher);
8961 if (params->group_suite == WPA_CIPHER_GTK_NOT_USED &&
8962 !(drv->capa.enc & WPA_DRIVER_CAPA_ENC_GTK_NOT_USED)) {
8964 * This is likely to work even though many drivers do not
8965 * advertise support for operations without GTK.
8967 wpa_printf(MSG_DEBUG, " * skip group cipher configuration for GTK_NOT_USED due to missing driver support advertisement");
8968 } else if (params->group_suite != WPA_CIPHER_NONE) {
8969 u32 cipher = wpa_cipher_to_cipher_suite(params->group_suite);
8970 wpa_printf(MSG_DEBUG, " * group=0x%x", cipher);
8971 NLA_PUT_U32(msg, NL80211_ATTR_CIPHER_SUITE_GROUP, cipher);
8974 if (params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
8975 params->key_mgmt_suite == WPA_KEY_MGMT_PSK ||
8976 params->key_mgmt_suite == WPA_KEY_MGMT_FT_IEEE8021X ||
8977 params->key_mgmt_suite == WPA_KEY_MGMT_FT_PSK ||
8978 params->key_mgmt_suite == WPA_KEY_MGMT_CCKM ||
8979 params->key_mgmt_suite == WPA_KEY_MGMT_OSEN ||
8980 params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
8981 params->key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256) {
8982 int mgmt = WLAN_AKM_SUITE_PSK;
8984 switch (params->key_mgmt_suite) {
8985 case WPA_KEY_MGMT_CCKM:
8986 mgmt = WLAN_AKM_SUITE_CCKM;
8988 case WPA_KEY_MGMT_IEEE8021X:
8989 mgmt = WLAN_AKM_SUITE_8021X;
8991 case WPA_KEY_MGMT_FT_IEEE8021X:
8992 mgmt = WLAN_AKM_SUITE_FT_8021X;
8994 case WPA_KEY_MGMT_FT_PSK:
8995 mgmt = WLAN_AKM_SUITE_FT_PSK;
8997 case WPA_KEY_MGMT_IEEE8021X_SHA256:
8998 mgmt = WLAN_AKM_SUITE_8021X_SHA256;
9000 case WPA_KEY_MGMT_PSK_SHA256:
9001 mgmt = WLAN_AKM_SUITE_PSK_SHA256;
9003 case WPA_KEY_MGMT_OSEN:
9004 mgmt = WLAN_AKM_SUITE_OSEN;
9006 case WPA_KEY_MGMT_PSK:
9008 mgmt = WLAN_AKM_SUITE_PSK;
9011 wpa_printf(MSG_DEBUG, " * akm=0x%x", mgmt);
9012 NLA_PUT_U32(msg, NL80211_ATTR_AKM_SUITES, mgmt);
9015 NLA_PUT_FLAG(msg, NL80211_ATTR_CONTROL_PORT);
9017 if (params->mgmt_frame_protection == MGMT_FRAME_PROTECTION_REQUIRED)
9018 NLA_PUT_U32(msg, NL80211_ATTR_USE_MFP, NL80211_MFP_REQUIRED);
9020 if (params->disable_ht)
9021 NLA_PUT_FLAG(msg, NL80211_ATTR_DISABLE_HT);
9023 if (params->htcaps && params->htcaps_mask) {
9024 int sz = sizeof(struct ieee80211_ht_capabilities);
9025 wpa_hexdump(MSG_DEBUG, " * htcaps", params->htcaps, sz);
9026 NLA_PUT(msg, NL80211_ATTR_HT_CAPABILITY, sz, params->htcaps);
9027 wpa_hexdump(MSG_DEBUG, " * htcaps_mask",
9028 params->htcaps_mask, sz);
9029 NLA_PUT(msg, NL80211_ATTR_HT_CAPABILITY_MASK, sz,
9030 params->htcaps_mask);
9033 #ifdef CONFIG_VHT_OVERRIDES
9034 if (params->disable_vht) {
9035 wpa_printf(MSG_DEBUG, " * VHT disabled");
9036 NLA_PUT_FLAG(msg, NL80211_ATTR_DISABLE_VHT);
9039 if (params->vhtcaps && params->vhtcaps_mask) {
9040 int sz = sizeof(struct ieee80211_vht_capabilities);
9041 wpa_hexdump(MSG_DEBUG, " * vhtcaps", params->vhtcaps, sz);
9042 NLA_PUT(msg, NL80211_ATTR_VHT_CAPABILITY, sz, params->vhtcaps);
9043 wpa_hexdump(MSG_DEBUG, " * vhtcaps_mask",
9044 params->vhtcaps_mask, sz);
9045 NLA_PUT(msg, NL80211_ATTR_VHT_CAPABILITY_MASK, sz,
9046 params->vhtcaps_mask);
9048 #endif /* CONFIG_VHT_OVERRIDES */
9051 wpa_printf(MSG_DEBUG, " * P2P group");
9059 static int wpa_driver_nl80211_try_connect(
9060 struct wpa_driver_nl80211_data *drv,
9061 struct wpa_driver_associate_params *params)
9064 enum nl80211_auth_type type;
9068 msg = nlmsg_alloc();
9072 wpa_printf(MSG_DEBUG, "nl80211: Connect (ifindex=%d)", drv->ifindex);
9073 nl80211_cmd(drv, msg, 0, NL80211_CMD_CONNECT);
9075 ret = nl80211_connect_common(drv, params, msg);
9077 goto nla_put_failure;
9080 if (params->auth_alg & WPA_AUTH_ALG_OPEN)
9082 if (params->auth_alg & WPA_AUTH_ALG_SHARED)
9084 if (params->auth_alg & WPA_AUTH_ALG_LEAP)
9087 wpa_printf(MSG_DEBUG, " * Leave out Auth Type for automatic "
9089 goto skip_auth_type;
9092 if (params->auth_alg & WPA_AUTH_ALG_OPEN)
9093 type = NL80211_AUTHTYPE_OPEN_SYSTEM;
9094 else if (params->auth_alg & WPA_AUTH_ALG_SHARED)
9095 type = NL80211_AUTHTYPE_SHARED_KEY;
9096 else if (params->auth_alg & WPA_AUTH_ALG_LEAP)
9097 type = NL80211_AUTHTYPE_NETWORK_EAP;
9098 else if (params->auth_alg & WPA_AUTH_ALG_FT)
9099 type = NL80211_AUTHTYPE_FT;
9101 goto nla_put_failure;
9103 wpa_printf(MSG_DEBUG, " * Auth Type %d", type);
9104 NLA_PUT_U32(msg, NL80211_ATTR_AUTH_TYPE, type);
9107 ret = nl80211_set_conn_keys(params, msg);
9109 goto nla_put_failure;
9111 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
9114 wpa_printf(MSG_DEBUG, "nl80211: MLME connect failed: ret=%d "
9115 "(%s)", ret, strerror(-ret));
9116 goto nla_put_failure;
9119 wpa_printf(MSG_DEBUG, "nl80211: Connect request send successfully");
9128 static int wpa_driver_nl80211_connect(
9129 struct wpa_driver_nl80211_data *drv,
9130 struct wpa_driver_associate_params *params)
9132 int ret = wpa_driver_nl80211_try_connect(drv, params);
9133 if (ret == -EALREADY) {
9135 * cfg80211 does not currently accept new connections if
9136 * we are already connected. As a workaround, force
9137 * disconnection and try again.
9139 wpa_printf(MSG_DEBUG, "nl80211: Explicitly "
9140 "disconnecting before reassociation "
9142 if (wpa_driver_nl80211_disconnect(
9143 drv, WLAN_REASON_PREV_AUTH_NOT_VALID))
9145 ret = wpa_driver_nl80211_try_connect(drv, params);
9151 static int wpa_driver_nl80211_associate(
9152 void *priv, struct wpa_driver_associate_params *params)
9154 struct i802_bss *bss = priv;
9155 struct wpa_driver_nl80211_data *drv = bss->drv;
9159 if (params->mode == IEEE80211_MODE_AP)
9160 return wpa_driver_nl80211_ap(drv, params);
9162 if (params->mode == IEEE80211_MODE_IBSS)
9163 return wpa_driver_nl80211_ibss(drv, params);
9165 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME)) {
9166 enum nl80211_iftype nlmode = params->p2p ?
9167 NL80211_IFTYPE_P2P_CLIENT : NL80211_IFTYPE_STATION;
9169 if (wpa_driver_nl80211_set_mode(priv, nlmode) < 0)
9171 return wpa_driver_nl80211_connect(drv, params);
9174 nl80211_mark_disconnected(drv);
9176 msg = nlmsg_alloc();
9180 wpa_printf(MSG_DEBUG, "nl80211: Associate (ifindex=%d)",
9182 nl80211_cmd(drv, msg, 0, NL80211_CMD_ASSOCIATE);
9184 ret = nl80211_connect_common(drv, params, msg);
9186 goto nla_put_failure;
9188 if (params->prev_bssid) {
9189 wpa_printf(MSG_DEBUG, " * prev_bssid=" MACSTR,
9190 MAC2STR(params->prev_bssid));
9191 NLA_PUT(msg, NL80211_ATTR_PREV_BSSID, ETH_ALEN,
9192 params->prev_bssid);
9195 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
9198 wpa_dbg(drv->ctx, MSG_DEBUG,
9199 "nl80211: MLME command failed (assoc): ret=%d (%s)",
9200 ret, strerror(-ret));
9201 nl80211_dump_scan(drv);
9202 goto nla_put_failure;
9205 wpa_printf(MSG_DEBUG, "nl80211: Association request send "
9214 static int nl80211_set_mode(struct wpa_driver_nl80211_data *drv,
9215 int ifindex, enum nl80211_iftype mode)
9220 wpa_printf(MSG_DEBUG, "nl80211: Set mode ifindex %d iftype %d (%s)",
9221 ifindex, mode, nl80211_iftype_str(mode));
9223 msg = nlmsg_alloc();
9227 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_INTERFACE);
9228 if (nl80211_set_iface_id(msg, drv->first_bss) < 0)
9229 goto nla_put_failure;
9230 NLA_PUT_U32(msg, NL80211_ATTR_IFTYPE, mode);
9232 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
9238 wpa_printf(MSG_DEBUG, "nl80211: Failed to set interface %d to mode %d:"
9239 " %d (%s)", ifindex, mode, ret, strerror(-ret));
9244 static int wpa_driver_nl80211_set_mode_impl(
9245 struct i802_bss *bss,
9246 enum nl80211_iftype nlmode,
9247 struct hostapd_freq_params *desired_freq_params)
9249 struct wpa_driver_nl80211_data *drv = bss->drv;
9252 int was_ap = is_ap_interface(drv->nlmode);
9254 int mode_switch_res;
9256 mode_switch_res = nl80211_set_mode(drv, drv->ifindex, nlmode);
9257 if (mode_switch_res && nlmode == nl80211_get_ifmode(bss))
9258 mode_switch_res = 0;
9260 if (mode_switch_res == 0) {
9261 drv->nlmode = nlmode;
9266 if (mode_switch_res == -ENODEV)
9269 if (nlmode == drv->nlmode) {
9270 wpa_printf(MSG_DEBUG, "nl80211: Interface already in "
9271 "requested mode - ignore error");
9273 goto done; /* Already in the requested mode */
9276 /* mac80211 doesn't allow mode changes while the device is up, so
9277 * take the device down, try to set the mode again, and bring the
9280 wpa_printf(MSG_DEBUG, "nl80211: Try mode change after setting "
9282 for (i = 0; i < 10; i++) {
9283 res = i802_set_iface_flags(bss, 0);
9284 if (res == -EACCES || res == -ENODEV)
9287 wpa_printf(MSG_DEBUG, "nl80211: Failed to set "
9289 os_sleep(0, 100000);
9294 * Setting the mode will fail for some drivers if the phy is
9295 * on a frequency that the mode is disallowed in.
9297 if (desired_freq_params) {
9298 res = i802_set_freq(bss, desired_freq_params);
9300 wpa_printf(MSG_DEBUG,
9301 "nl80211: Failed to set frequency on interface");
9305 /* Try to set the mode again while the interface is down */
9306 mode_switch_res = nl80211_set_mode(drv, drv->ifindex, nlmode);
9307 if (mode_switch_res == -EBUSY) {
9308 wpa_printf(MSG_DEBUG,
9309 "nl80211: Delaying mode set while interface going down");
9310 os_sleep(0, 100000);
9313 ret = mode_switch_res;
9318 wpa_printf(MSG_DEBUG, "nl80211: Mode change succeeded while "
9319 "interface is down");
9320 drv->nlmode = nlmode;
9321 drv->ignore_if_down_event = 1;
9324 /* Bring the interface back up */
9325 res = linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 1);
9327 wpa_printf(MSG_DEBUG,
9328 "nl80211: Failed to set interface up after switching mode");
9334 wpa_printf(MSG_DEBUG, "nl80211: Interface mode change to %d "
9335 "from %d failed", nlmode, drv->nlmode);
9339 if (is_p2p_net_interface(nlmode))
9340 nl80211_disable_11b_rates(drv, drv->ifindex, 1);
9341 else if (drv->disabled_11b_rates)
9342 nl80211_disable_11b_rates(drv, drv->ifindex, 0);
9344 if (is_ap_interface(nlmode)) {
9345 nl80211_mgmt_unsubscribe(bss, "start AP");
9346 /* Setup additional AP mode functionality if needed */
9347 if (nl80211_setup_ap(bss))
9349 } else if (was_ap) {
9350 /* Remove additional AP mode functionality */
9351 nl80211_teardown_ap(bss);
9353 nl80211_mgmt_unsubscribe(bss, "mode change");
9356 if (!bss->in_deinit && !is_ap_interface(nlmode) &&
9357 nl80211_mgmt_subscribe_non_ap(bss) < 0)
9358 wpa_printf(MSG_DEBUG, "nl80211: Failed to register Action "
9359 "frame processing - ignore for now");
9365 static int dfs_info_handler(struct nl_msg *msg, void *arg)
9367 struct nlattr *tb[NL80211_ATTR_MAX + 1];
9368 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
9369 int *dfs_capability_ptr = arg;
9371 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
9372 genlmsg_attrlen(gnlh, 0), NULL);
9374 if (tb[NL80211_ATTR_VENDOR_DATA]) {
9375 struct nlattr *nl_vend = tb[NL80211_ATTR_VENDOR_DATA];
9376 struct nlattr *tb_vendor[QCA_WLAN_VENDOR_ATTR_MAX + 1];
9378 nla_parse(tb_vendor, QCA_WLAN_VENDOR_ATTR_MAX,
9379 nla_data(nl_vend), nla_len(nl_vend), NULL);
9381 if (tb_vendor[QCA_WLAN_VENDOR_ATTR_DFS]) {
9383 val = nla_get_u32(tb_vendor[QCA_WLAN_VENDOR_ATTR_DFS]);
9384 wpa_printf(MSG_DEBUG, "nl80211: DFS offload capability: %u",
9386 *dfs_capability_ptr = val;
9394 static int wpa_driver_nl80211_set_mode(struct i802_bss *bss,
9395 enum nl80211_iftype nlmode)
9397 return wpa_driver_nl80211_set_mode_impl(bss, nlmode, NULL);
9401 static int wpa_driver_nl80211_set_mode_ibss(struct i802_bss *bss,
9402 struct hostapd_freq_params *freq)
9404 return wpa_driver_nl80211_set_mode_impl(bss, NL80211_IFTYPE_ADHOC,
9409 static int wpa_driver_nl80211_get_capa(void *priv,
9410 struct wpa_driver_capa *capa)
9412 struct i802_bss *bss = priv;
9413 struct wpa_driver_nl80211_data *drv = bss->drv;
9415 int dfs_capability = 0;
9418 if (!drv->has_capability)
9420 os_memcpy(capa, &drv->capa, sizeof(*capa));
9421 if (drv->extended_capa && drv->extended_capa_mask) {
9422 capa->extended_capa = drv->extended_capa;
9423 capa->extended_capa_mask = drv->extended_capa_mask;
9424 capa->extended_capa_len = drv->extended_capa_len;
9427 if ((capa->flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) &&
9428 !drv->allow_p2p_device) {
9429 wpa_printf(MSG_DEBUG, "nl80211: Do not indicate P2P_DEVICE support (p2p_device=1 driver param not specified)");
9430 capa->flags &= ~WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE;
9433 if (drv->dfs_vendor_cmd_avail == 1) {
9434 msg = nlmsg_alloc();
9438 nl80211_cmd(drv, msg, 0, NL80211_CMD_VENDOR);
9440 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
9441 NLA_PUT_U32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA);
9442 NLA_PUT_U32(msg, NL80211_ATTR_VENDOR_SUBCMD,
9443 QCA_NL80211_VENDOR_SUBCMD_DFS_CAPABILITY);
9445 ret = send_and_recv_msgs(drv, msg, dfs_info_handler,
9449 capa->flags |= WPA_DRIVER_FLAGS_DFS_OFFLOAD;
9461 static int wpa_driver_nl80211_set_operstate(void *priv, int state)
9463 struct i802_bss *bss = priv;
9464 struct wpa_driver_nl80211_data *drv = bss->drv;
9466 wpa_printf(MSG_DEBUG, "nl80211: Set %s operstate %d->%d (%s)",
9467 bss->ifname, drv->operstate, state,
9468 state ? "UP" : "DORMANT");
9469 drv->operstate = state;
9470 return netlink_send_oper_ifla(drv->global->netlink, drv->ifindex, -1,
9471 state ? IF_OPER_UP : IF_OPER_DORMANT);
9475 static int wpa_driver_nl80211_set_supp_port(void *priv, int authorized)
9477 struct i802_bss *bss = priv;
9478 struct wpa_driver_nl80211_data *drv = bss->drv;
9480 struct nl80211_sta_flag_update upd;
9483 if (!drv->associated && is_zero_ether_addr(drv->bssid) && !authorized) {
9484 wpa_printf(MSG_DEBUG, "nl80211: Skip set_supp_port(unauthorized) while not associated");
9488 wpa_printf(MSG_DEBUG, "nl80211: Set supplicant port %sauthorized for "
9489 MACSTR, authorized ? "" : "un", MAC2STR(drv->bssid));
9491 msg = nlmsg_alloc();
9495 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_STATION);
9497 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
9498 if_nametoindex(bss->ifname));
9499 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, drv->bssid);
9501 os_memset(&upd, 0, sizeof(upd));
9502 upd.mask = BIT(NL80211_STA_FLAG_AUTHORIZED);
9504 upd.set = BIT(NL80211_STA_FLAG_AUTHORIZED);
9505 NLA_PUT(msg, NL80211_ATTR_STA_FLAGS2, sizeof(upd), &upd);
9507 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
9513 wpa_printf(MSG_DEBUG, "nl80211: Failed to set STA flag: %d (%s)",
9514 ret, strerror(-ret));
9519 /* Set kernel driver on given frequency (MHz) */
9520 static int i802_set_freq(void *priv, struct hostapd_freq_params *freq)
9522 struct i802_bss *bss = priv;
9523 return nl80211_set_channel(bss, freq, 0);
9527 static inline int min_int(int a, int b)
9535 static int get_key_handler(struct nl_msg *msg, void *arg)
9537 struct nlattr *tb[NL80211_ATTR_MAX + 1];
9538 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
9540 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
9541 genlmsg_attrlen(gnlh, 0), NULL);
9544 * TODO: validate the key index and mac address!
9545 * Otherwise, there's a race condition as soon as
9546 * the kernel starts sending key notifications.
9549 if (tb[NL80211_ATTR_KEY_SEQ])
9550 memcpy(arg, nla_data(tb[NL80211_ATTR_KEY_SEQ]),
9551 min_int(nla_len(tb[NL80211_ATTR_KEY_SEQ]), 6));
9556 static int i802_get_seqnum(const char *iface, void *priv, const u8 *addr,
9559 struct i802_bss *bss = priv;
9560 struct wpa_driver_nl80211_data *drv = bss->drv;
9563 msg = nlmsg_alloc();
9567 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_KEY);
9570 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
9571 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, idx);
9572 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(iface));
9576 return send_and_recv_msgs(drv, msg, get_key_handler, seq);
9583 static int i802_set_rts(void *priv, int rts)
9585 struct i802_bss *bss = priv;
9586 struct wpa_driver_nl80211_data *drv = bss->drv;
9591 msg = nlmsg_alloc();
9600 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_WIPHY);
9601 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
9602 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_RTS_THRESHOLD, val);
9604 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
9610 wpa_printf(MSG_DEBUG, "nl80211: Failed to set RTS threshold %d: "
9611 "%d (%s)", rts, ret, strerror(-ret));
9616 static int i802_set_frag(void *priv, int frag)
9618 struct i802_bss *bss = priv;
9619 struct wpa_driver_nl80211_data *drv = bss->drv;
9624 msg = nlmsg_alloc();
9633 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_WIPHY);
9634 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
9635 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FRAG_THRESHOLD, val);
9637 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
9643 wpa_printf(MSG_DEBUG, "nl80211: Failed to set fragmentation threshold "
9644 "%d: %d (%s)", frag, ret, strerror(-ret));
9649 static int i802_flush(void *priv)
9651 struct i802_bss *bss = priv;
9652 struct wpa_driver_nl80211_data *drv = bss->drv;
9656 msg = nlmsg_alloc();
9660 wpa_printf(MSG_DEBUG, "nl80211: flush -> DEL_STATION %s (all)",
9662 nl80211_cmd(drv, msg, 0, NL80211_CMD_DEL_STATION);
9665 * XXX: FIX! this needs to flush all VLANs too
9667 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
9668 if_nametoindex(bss->ifname));
9670 res = send_and_recv_msgs(drv, msg, NULL, NULL);
9672 wpa_printf(MSG_DEBUG, "nl80211: Station flush failed: ret=%d "
9673 "(%s)", res, strerror(-res));
9682 static int get_sta_handler(struct nl_msg *msg, void *arg)
9684 struct nlattr *tb[NL80211_ATTR_MAX + 1];
9685 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
9686 struct hostap_sta_driver_data *data = arg;
9687 struct nlattr *stats[NL80211_STA_INFO_MAX + 1];
9688 static struct nla_policy stats_policy[NL80211_STA_INFO_MAX + 1] = {
9689 [NL80211_STA_INFO_INACTIVE_TIME] = { .type = NLA_U32 },
9690 [NL80211_STA_INFO_RX_BYTES] = { .type = NLA_U32 },
9691 [NL80211_STA_INFO_TX_BYTES] = { .type = NLA_U32 },
9692 [NL80211_STA_INFO_RX_PACKETS] = { .type = NLA_U32 },
9693 [NL80211_STA_INFO_TX_PACKETS] = { .type = NLA_U32 },
9694 [NL80211_STA_INFO_TX_FAILED] = { .type = NLA_U32 },
9697 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
9698 genlmsg_attrlen(gnlh, 0), NULL);
9701 * TODO: validate the interface and mac address!
9702 * Otherwise, there's a race condition as soon as
9703 * the kernel starts sending station notifications.
9706 if (!tb[NL80211_ATTR_STA_INFO]) {
9707 wpa_printf(MSG_DEBUG, "sta stats missing!");
9710 if (nla_parse_nested(stats, NL80211_STA_INFO_MAX,
9711 tb[NL80211_ATTR_STA_INFO],
9713 wpa_printf(MSG_DEBUG, "failed to parse nested attributes!");
9717 if (stats[NL80211_STA_INFO_INACTIVE_TIME])
9718 data->inactive_msec =
9719 nla_get_u32(stats[NL80211_STA_INFO_INACTIVE_TIME]);
9720 if (stats[NL80211_STA_INFO_RX_BYTES])
9721 data->rx_bytes = nla_get_u32(stats[NL80211_STA_INFO_RX_BYTES]);
9722 if (stats[NL80211_STA_INFO_TX_BYTES])
9723 data->tx_bytes = nla_get_u32(stats[NL80211_STA_INFO_TX_BYTES]);
9724 if (stats[NL80211_STA_INFO_RX_PACKETS])
9726 nla_get_u32(stats[NL80211_STA_INFO_RX_PACKETS]);
9727 if (stats[NL80211_STA_INFO_TX_PACKETS])
9729 nla_get_u32(stats[NL80211_STA_INFO_TX_PACKETS]);
9730 if (stats[NL80211_STA_INFO_TX_FAILED])
9731 data->tx_retry_failed =
9732 nla_get_u32(stats[NL80211_STA_INFO_TX_FAILED]);
9737 static int i802_read_sta_data(struct i802_bss *bss,
9738 struct hostap_sta_driver_data *data,
9741 struct wpa_driver_nl80211_data *drv = bss->drv;
9744 os_memset(data, 0, sizeof(*data));
9745 msg = nlmsg_alloc();
9749 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_STATION);
9751 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
9752 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(bss->ifname));
9754 return send_and_recv_msgs(drv, msg, get_sta_handler, data);
9761 static int i802_set_tx_queue_params(void *priv, int queue, int aifs,
9762 int cw_min, int cw_max, int burst_time)
9764 struct i802_bss *bss = priv;
9765 struct wpa_driver_nl80211_data *drv = bss->drv;
9767 struct nlattr *txq, *params;
9769 msg = nlmsg_alloc();
9773 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_WIPHY);
9775 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(bss->ifname));
9777 txq = nla_nest_start(msg, NL80211_ATTR_WIPHY_TXQ_PARAMS);
9779 goto nla_put_failure;
9781 /* We are only sending parameters for a single TXQ at a time */
9782 params = nla_nest_start(msg, 1);
9784 goto nla_put_failure;
9788 NLA_PUT_U8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_VO);
9791 NLA_PUT_U8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_VI);
9794 NLA_PUT_U8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_BE);
9797 NLA_PUT_U8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_BK);
9800 /* Burst time is configured in units of 0.1 msec and TXOP parameter in
9801 * 32 usec, so need to convert the value here. */
9802 NLA_PUT_U16(msg, NL80211_TXQ_ATTR_TXOP, (burst_time * 100 + 16) / 32);
9803 NLA_PUT_U16(msg, NL80211_TXQ_ATTR_CWMIN, cw_min);
9804 NLA_PUT_U16(msg, NL80211_TXQ_ATTR_CWMAX, cw_max);
9805 NLA_PUT_U8(msg, NL80211_TXQ_ATTR_AIFS, aifs);
9807 nla_nest_end(msg, params);
9809 nla_nest_end(msg, txq);
9811 if (send_and_recv_msgs(drv, msg, NULL, NULL) == 0)
9820 static int i802_set_sta_vlan(struct i802_bss *bss, const u8 *addr,
9821 const char *ifname, int vlan_id)
9823 struct wpa_driver_nl80211_data *drv = bss->drv;
9827 msg = nlmsg_alloc();
9831 wpa_printf(MSG_DEBUG, "nl80211: %s[%d]: set_sta_vlan(" MACSTR
9832 ", ifname=%s[%d], vlan_id=%d)",
9833 bss->ifname, if_nametoindex(bss->ifname),
9834 MAC2STR(addr), ifname, if_nametoindex(ifname), vlan_id);
9835 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_STATION);
9837 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
9838 if_nametoindex(bss->ifname));
9839 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
9840 NLA_PUT_U32(msg, NL80211_ATTR_STA_VLAN,
9841 if_nametoindex(ifname));
9843 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
9846 wpa_printf(MSG_ERROR, "nl80211: NL80211_ATTR_STA_VLAN (addr="
9847 MACSTR " ifname=%s vlan_id=%d) failed: %d (%s)",
9848 MAC2STR(addr), ifname, vlan_id, ret,
9857 static int i802_get_inact_sec(void *priv, const u8 *addr)
9859 struct hostap_sta_driver_data data;
9862 data.inactive_msec = (unsigned long) -1;
9863 ret = i802_read_sta_data(priv, &data, addr);
9864 if (ret || data.inactive_msec == (unsigned long) -1)
9866 return data.inactive_msec / 1000;
9870 static int i802_sta_clear_stats(void *priv, const u8 *addr)
9879 static int i802_sta_deauth(void *priv, const u8 *own_addr, const u8 *addr,
9882 struct i802_bss *bss = priv;
9883 struct wpa_driver_nl80211_data *drv = bss->drv;
9884 struct ieee80211_mgmt mgmt;
9886 if (drv->device_ap_sme)
9887 return wpa_driver_nl80211_sta_remove(bss, addr, 1, reason);
9889 memset(&mgmt, 0, sizeof(mgmt));
9890 mgmt.frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT,
9891 WLAN_FC_STYPE_DEAUTH);
9892 memcpy(mgmt.da, addr, ETH_ALEN);
9893 memcpy(mgmt.sa, own_addr, ETH_ALEN);
9894 memcpy(mgmt.bssid, own_addr, ETH_ALEN);
9895 mgmt.u.deauth.reason_code = host_to_le16(reason);
9896 return wpa_driver_nl80211_send_mlme(bss, (u8 *) &mgmt,
9898 sizeof(mgmt.u.deauth), 0, 0, 0, 0,
9903 static int i802_sta_disassoc(void *priv, const u8 *own_addr, const u8 *addr,
9906 struct i802_bss *bss = priv;
9907 struct wpa_driver_nl80211_data *drv = bss->drv;
9908 struct ieee80211_mgmt mgmt;
9910 if (drv->device_ap_sme)
9911 return wpa_driver_nl80211_sta_remove(bss, addr, 0, reason);
9913 memset(&mgmt, 0, sizeof(mgmt));
9914 mgmt.frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT,
9915 WLAN_FC_STYPE_DISASSOC);
9916 memcpy(mgmt.da, addr, ETH_ALEN);
9917 memcpy(mgmt.sa, own_addr, ETH_ALEN);
9918 memcpy(mgmt.bssid, own_addr, ETH_ALEN);
9919 mgmt.u.disassoc.reason_code = host_to_le16(reason);
9920 return wpa_driver_nl80211_send_mlme(bss, (u8 *) &mgmt,
9922 sizeof(mgmt.u.disassoc), 0, 0, 0, 0,
9927 static void dump_ifidx(struct wpa_driver_nl80211_data *drv)
9929 char buf[200], *pos, *end;
9933 end = pos + sizeof(buf);
9935 for (i = 0; i < drv->num_if_indices; i++) {
9936 if (!drv->if_indices[i])
9938 res = os_snprintf(pos, end - pos, " %d", drv->if_indices[i]);
9939 if (res < 0 || res >= end - pos)
9945 wpa_printf(MSG_DEBUG, "nl80211: if_indices[%d]:%s",
9946 drv->num_if_indices, buf);
9950 static void add_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx)
9955 wpa_printf(MSG_DEBUG, "nl80211: Add own interface ifindex %d",
9957 if (have_ifidx(drv, ifidx)) {
9958 wpa_printf(MSG_DEBUG, "nl80211: ifindex %d already in the list",
9962 for (i = 0; i < drv->num_if_indices; i++) {
9963 if (drv->if_indices[i] == 0) {
9964 drv->if_indices[i] = ifidx;
9970 if (drv->if_indices != drv->default_if_indices)
9971 old = drv->if_indices;
9975 drv->if_indices = os_realloc_array(old, drv->num_if_indices + 1,
9977 if (!drv->if_indices) {
9979 drv->if_indices = drv->default_if_indices;
9981 drv->if_indices = old;
9982 wpa_printf(MSG_ERROR, "Failed to reallocate memory for "
9984 wpa_printf(MSG_ERROR, "Ignoring EAPOL on interface %d", ifidx);
9987 os_memcpy(drv->if_indices, drv->default_if_indices,
9988 sizeof(drv->default_if_indices));
9989 drv->if_indices[drv->num_if_indices] = ifidx;
9990 drv->num_if_indices++;
9995 static void del_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx)
9999 for (i = 0; i < drv->num_if_indices; i++) {
10000 if (drv->if_indices[i] == ifidx) {
10001 drv->if_indices[i] = 0;
10009 static int have_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx)
10013 for (i = 0; i < drv->num_if_indices; i++)
10014 if (drv->if_indices[i] == ifidx)
10021 static int i802_set_wds_sta(void *priv, const u8 *addr, int aid, int val,
10022 const char *bridge_ifname, char *ifname_wds)
10024 struct i802_bss *bss = priv;
10025 struct wpa_driver_nl80211_data *drv = bss->drv;
10026 char name[IFNAMSIZ + 1];
10028 os_snprintf(name, sizeof(name), "%s.sta%d", bss->ifname, aid);
10030 os_strlcpy(ifname_wds, name, IFNAMSIZ + 1);
10032 wpa_printf(MSG_DEBUG, "nl80211: Set WDS STA addr=" MACSTR
10033 " aid=%d val=%d name=%s", MAC2STR(addr), aid, val, name);
10035 if (!if_nametoindex(name)) {
10036 if (nl80211_create_iface(drv, name,
10037 NL80211_IFTYPE_AP_VLAN,
10038 bss->addr, 1, NULL, NULL, 0) <
10041 if (bridge_ifname &&
10042 linux_br_add_if(drv->global->ioctl_sock,
10043 bridge_ifname, name) < 0)
10046 if (linux_set_iface_flags(drv->global->ioctl_sock, name, 1)) {
10047 wpa_printf(MSG_ERROR, "nl80211: Failed to set WDS STA "
10048 "interface %s up", name);
10050 return i802_set_sta_vlan(priv, addr, name, 0);
10053 linux_br_del_if(drv->global->ioctl_sock, bridge_ifname,
10056 i802_set_sta_vlan(priv, addr, bss->ifname, 0);
10057 nl80211_remove_iface(drv, if_nametoindex(name));
10063 static void handle_eapol(int sock, void *eloop_ctx, void *sock_ctx)
10065 struct wpa_driver_nl80211_data *drv = eloop_ctx;
10066 struct sockaddr_ll lladdr;
10067 unsigned char buf[3000];
10069 socklen_t fromlen = sizeof(lladdr);
10071 len = recvfrom(sock, buf, sizeof(buf), 0,
10072 (struct sockaddr *)&lladdr, &fromlen);
10074 wpa_printf(MSG_ERROR, "nl80211: EAPOL recv failed: %s",
10079 if (have_ifidx(drv, lladdr.sll_ifindex))
10080 drv_event_eapol_rx(drv->ctx, lladdr.sll_addr, buf, len);
10084 static int i802_check_bridge(struct wpa_driver_nl80211_data *drv,
10085 struct i802_bss *bss,
10086 const char *brname, const char *ifname)
10089 char in_br[IFNAMSIZ];
10091 os_strlcpy(bss->brname, brname, IFNAMSIZ);
10092 ifindex = if_nametoindex(brname);
10093 if (ifindex == 0) {
10095 * Bridge was configured, but the bridge device does
10096 * not exist. Try to add it now.
10098 if (linux_br_add(drv->global->ioctl_sock, brname) < 0) {
10099 wpa_printf(MSG_ERROR, "nl80211: Failed to add the "
10100 "bridge interface %s: %s",
10101 brname, strerror(errno));
10104 bss->added_bridge = 1;
10105 add_ifidx(drv, if_nametoindex(brname));
10108 if (linux_br_get(in_br, ifname) == 0) {
10109 if (os_strcmp(in_br, brname) == 0)
10110 return 0; /* already in the bridge */
10112 wpa_printf(MSG_DEBUG, "nl80211: Removing interface %s from "
10113 "bridge %s", ifname, in_br);
10114 if (linux_br_del_if(drv->global->ioctl_sock, in_br, ifname) <
10116 wpa_printf(MSG_ERROR, "nl80211: Failed to "
10117 "remove interface %s from bridge "
10119 ifname, brname, strerror(errno));
10124 wpa_printf(MSG_DEBUG, "nl80211: Adding interface %s into bridge %s",
10126 if (linux_br_add_if(drv->global->ioctl_sock, brname, ifname) < 0) {
10127 wpa_printf(MSG_ERROR, "nl80211: Failed to add interface %s "
10128 "into bridge %s: %s",
10129 ifname, brname, strerror(errno));
10132 bss->added_if_into_bridge = 1;
10138 static void *i802_init(struct hostapd_data *hapd,
10139 struct wpa_init_params *params)
10141 struct wpa_driver_nl80211_data *drv;
10142 struct i802_bss *bss;
10144 char brname[IFNAMSIZ];
10145 int ifindex, br_ifindex;
10148 bss = wpa_driver_nl80211_drv_init(hapd, params->ifname,
10149 params->global_priv, 1,
10156 if (linux_br_get(brname, params->ifname) == 0) {
10157 wpa_printf(MSG_DEBUG, "nl80211: Interface %s is in bridge %s",
10158 params->ifname, brname);
10159 br_ifindex = if_nametoindex(brname);
10165 for (i = 0; i < params->num_bridge; i++) {
10166 if (params->bridge[i]) {
10167 ifindex = if_nametoindex(params->bridge[i]);
10169 add_ifidx(drv, ifindex);
10170 if (ifindex == br_ifindex)
10174 if (!br_added && br_ifindex &&
10175 (params->num_bridge == 0 || !params->bridge[0]))
10176 add_ifidx(drv, br_ifindex);
10178 /* start listening for EAPOL on the default AP interface */
10179 add_ifidx(drv, drv->ifindex);
10181 if (params->num_bridge && params->bridge[0] &&
10182 i802_check_bridge(drv, bss, params->bridge[0], params->ifname) < 0)
10185 #ifdef CONFIG_LIBNL3_ROUTE
10186 if (bss->added_if_into_bridge) {
10187 drv->rtnl_sk = nl_socket_alloc();
10188 if (drv->rtnl_sk == NULL) {
10189 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate nl_sock");
10193 if (nl_connect(drv->rtnl_sk, NETLINK_ROUTE)) {
10194 wpa_printf(MSG_ERROR, "nl80211: Failed to connect nl_sock to NETLINK_ROUTE: %s",
10199 #endif /* CONFIG_LIBNL3_ROUTE */
10201 drv->eapol_sock = socket(PF_PACKET, SOCK_DGRAM, htons(ETH_P_PAE));
10202 if (drv->eapol_sock < 0) {
10203 wpa_printf(MSG_ERROR, "nl80211: socket(PF_PACKET, SOCK_DGRAM, ETH_P_PAE) failed: %s",
10208 if (eloop_register_read_sock(drv->eapol_sock, handle_eapol, drv, NULL))
10210 wpa_printf(MSG_INFO, "nl80211: Could not register read socket for eapol");
10214 if (linux_get_ifhwaddr(drv->global->ioctl_sock, bss->ifname,
10217 os_memcpy(drv->perm_addr, params->own_addr, ETH_ALEN);
10219 memcpy(bss->addr, params->own_addr, ETH_ALEN);
10224 wpa_driver_nl80211_deinit(bss);
10229 static void i802_deinit(void *priv)
10231 struct i802_bss *bss = priv;
10232 wpa_driver_nl80211_deinit(bss);
10236 static enum nl80211_iftype wpa_driver_nl80211_if_type(
10237 enum wpa_driver_if_type type)
10240 case WPA_IF_STATION:
10241 return NL80211_IFTYPE_STATION;
10242 case WPA_IF_P2P_CLIENT:
10243 case WPA_IF_P2P_GROUP:
10244 return NL80211_IFTYPE_P2P_CLIENT;
10245 case WPA_IF_AP_VLAN:
10246 return NL80211_IFTYPE_AP_VLAN;
10247 case WPA_IF_AP_BSS:
10248 return NL80211_IFTYPE_AP;
10249 case WPA_IF_P2P_GO:
10250 return NL80211_IFTYPE_P2P_GO;
10251 case WPA_IF_P2P_DEVICE:
10252 return NL80211_IFTYPE_P2P_DEVICE;
10260 static int nl80211_addr_in_use(struct nl80211_global *global, const u8 *addr)
10262 struct wpa_driver_nl80211_data *drv;
10263 dl_list_for_each(drv, &global->interfaces,
10264 struct wpa_driver_nl80211_data, list) {
10265 if (os_memcmp(addr, drv->first_bss->addr, ETH_ALEN) == 0)
10272 static int nl80211_p2p_interface_addr(struct wpa_driver_nl80211_data *drv,
10280 os_memcpy(new_addr, drv->first_bss->addr, ETH_ALEN);
10281 for (idx = 0; idx < 64; idx++) {
10282 new_addr[0] = drv->first_bss->addr[0] | 0x02;
10283 new_addr[0] ^= idx << 2;
10284 if (!nl80211_addr_in_use(drv->global, new_addr))
10290 wpa_printf(MSG_DEBUG, "nl80211: Assigned new P2P Interface Address "
10291 MACSTR, MAC2STR(new_addr));
10296 #endif /* CONFIG_P2P */
10302 u8 macaddr[ETH_ALEN];
10305 static int nl80211_wdev_handler(struct nl_msg *msg, void *arg)
10307 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
10308 struct nlattr *tb[NL80211_ATTR_MAX + 1];
10309 struct wdev_info *wi = arg;
10311 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
10312 genlmsg_attrlen(gnlh, 0), NULL);
10313 if (tb[NL80211_ATTR_WDEV]) {
10314 wi->wdev_id = nla_get_u64(tb[NL80211_ATTR_WDEV]);
10315 wi->wdev_id_set = 1;
10318 if (tb[NL80211_ATTR_MAC])
10319 os_memcpy(wi->macaddr, nla_data(tb[NL80211_ATTR_MAC]),
10326 static int wpa_driver_nl80211_if_add(void *priv, enum wpa_driver_if_type type,
10327 const char *ifname, const u8 *addr,
10328 void *bss_ctx, void **drv_priv,
10329 char *force_ifname, u8 *if_addr,
10330 const char *bridge, int use_existing)
10332 enum nl80211_iftype nlmode;
10333 struct i802_bss *bss = priv;
10334 struct wpa_driver_nl80211_data *drv = bss->drv;
10339 os_memcpy(if_addr, addr, ETH_ALEN);
10340 nlmode = wpa_driver_nl80211_if_type(type);
10341 if (nlmode == NL80211_IFTYPE_P2P_DEVICE) {
10342 struct wdev_info p2pdev_info;
10344 os_memset(&p2pdev_info, 0, sizeof(p2pdev_info));
10345 ifidx = nl80211_create_iface(drv, ifname, nlmode, addr,
10346 0, nl80211_wdev_handler,
10347 &p2pdev_info, use_existing);
10348 if (!p2pdev_info.wdev_id_set || ifidx != 0) {
10349 wpa_printf(MSG_ERROR, "nl80211: Failed to create a P2P Device interface %s",
10354 drv->global->if_add_wdevid = p2pdev_info.wdev_id;
10355 drv->global->if_add_wdevid_set = p2pdev_info.wdev_id_set;
10356 if (!is_zero_ether_addr(p2pdev_info.macaddr))
10357 os_memcpy(if_addr, p2pdev_info.macaddr, ETH_ALEN);
10358 wpa_printf(MSG_DEBUG, "nl80211: New P2P Device interface %s (0x%llx) created",
10360 (long long unsigned int) p2pdev_info.wdev_id);
10362 ifidx = nl80211_create_iface(drv, ifname, nlmode, addr,
10363 0, NULL, NULL, use_existing);
10364 if (use_existing && ifidx == -ENFILE) {
10366 ifidx = if_nametoindex(ifname);
10367 } else if (ifidx < 0) {
10373 if (drv->nlmode == NL80211_IFTYPE_P2P_DEVICE)
10374 os_memcpy(if_addr, bss->addr, ETH_ALEN);
10375 else if (linux_get_ifhwaddr(drv->global->ioctl_sock,
10376 bss->ifname, if_addr) < 0) {
10378 nl80211_remove_iface(drv, ifidx);
10385 (type == WPA_IF_P2P_CLIENT || type == WPA_IF_P2P_GROUP ||
10386 type == WPA_IF_P2P_GO)) {
10387 /* Enforce unique P2P Interface Address */
10388 u8 new_addr[ETH_ALEN];
10390 if (linux_get_ifhwaddr(drv->global->ioctl_sock, ifname,
10393 nl80211_remove_iface(drv, ifidx);
10396 if (nl80211_addr_in_use(drv->global, new_addr)) {
10397 wpa_printf(MSG_DEBUG, "nl80211: Allocate new address "
10398 "for P2P group interface");
10399 if (nl80211_p2p_interface_addr(drv, new_addr) < 0) {
10401 nl80211_remove_iface(drv, ifidx);
10404 if (linux_set_ifhwaddr(drv->global->ioctl_sock, ifname,
10407 nl80211_remove_iface(drv, ifidx);
10411 os_memcpy(if_addr, new_addr, ETH_ALEN);
10413 #endif /* CONFIG_P2P */
10415 if (type == WPA_IF_AP_BSS) {
10416 struct i802_bss *new_bss = os_zalloc(sizeof(*new_bss));
10417 if (new_bss == NULL) {
10419 nl80211_remove_iface(drv, ifidx);
10424 i802_check_bridge(drv, new_bss, bridge, ifname) < 0) {
10425 wpa_printf(MSG_ERROR, "nl80211: Failed to add the new "
10426 "interface %s to a bridge %s",
10429 nl80211_remove_iface(drv, ifidx);
10434 if (linux_set_iface_flags(drv->global->ioctl_sock, ifname, 1))
10437 nl80211_remove_iface(drv, ifidx);
10441 os_strlcpy(new_bss->ifname, ifname, IFNAMSIZ);
10442 os_memcpy(new_bss->addr, if_addr, ETH_ALEN);
10443 new_bss->ifindex = ifidx;
10444 new_bss->drv = drv;
10445 new_bss->next = drv->first_bss->next;
10446 new_bss->freq = drv->first_bss->freq;
10447 new_bss->ctx = bss_ctx;
10448 new_bss->added_if = added;
10449 drv->first_bss->next = new_bss;
10451 *drv_priv = new_bss;
10452 nl80211_init_bss(new_bss);
10454 /* Subscribe management frames for this WPA_IF_AP_BSS */
10455 if (nl80211_setup_ap(new_bss))
10460 drv->global->if_add_ifindex = ifidx;
10463 * Some virtual interfaces need to process EAPOL packets and events on
10464 * the parent interface. This is used mainly with hostapd.
10468 nlmode == NL80211_IFTYPE_AP_VLAN ||
10469 nlmode == NL80211_IFTYPE_WDS ||
10470 nlmode == NL80211_IFTYPE_MONITOR))
10471 add_ifidx(drv, ifidx);
10477 static int wpa_driver_nl80211_if_remove(struct i802_bss *bss,
10478 enum wpa_driver_if_type type,
10479 const char *ifname)
10481 struct wpa_driver_nl80211_data *drv = bss->drv;
10482 int ifindex = if_nametoindex(ifname);
10484 wpa_printf(MSG_DEBUG, "nl80211: %s(type=%d ifname=%s) ifindex=%d added_if=%d",
10485 __func__, type, ifname, ifindex, bss->added_if);
10486 if (ifindex > 0 && (bss->added_if || bss->ifindex != ifindex))
10487 nl80211_remove_iface(drv, ifindex);
10488 else if (ifindex > 0 && !bss->added_if) {
10489 struct wpa_driver_nl80211_data *drv2;
10490 dl_list_for_each(drv2, &drv->global->interfaces,
10491 struct wpa_driver_nl80211_data, list)
10492 del_ifidx(drv2, ifindex);
10495 if (type != WPA_IF_AP_BSS)
10498 if (bss->added_if_into_bridge) {
10499 if (linux_br_del_if(drv->global->ioctl_sock, bss->brname,
10501 wpa_printf(MSG_INFO, "nl80211: Failed to remove "
10502 "interface %s from bridge %s: %s",
10503 bss->ifname, bss->brname, strerror(errno));
10505 if (bss->added_bridge) {
10506 if (linux_br_del(drv->global->ioctl_sock, bss->brname) < 0)
10507 wpa_printf(MSG_INFO, "nl80211: Failed to remove "
10509 bss->brname, strerror(errno));
10512 if (bss != drv->first_bss) {
10513 struct i802_bss *tbss;
10515 wpa_printf(MSG_DEBUG, "nl80211: Not the first BSS - remove it");
10516 for (tbss = drv->first_bss; tbss; tbss = tbss->next) {
10517 if (tbss->next == bss) {
10518 tbss->next = bss->next;
10519 /* Unsubscribe management frames */
10520 nl80211_teardown_ap(bss);
10521 nl80211_destroy_bss(bss);
10522 if (!bss->added_if)
10523 i802_set_iface_flags(bss, 0);
10530 wpa_printf(MSG_INFO, "nl80211: %s - could not find "
10531 "BSS %p in the list", __func__, bss);
10533 wpa_printf(MSG_DEBUG, "nl80211: First BSS - reassign context");
10534 nl80211_teardown_ap(bss);
10535 if (!bss->added_if && !drv->first_bss->next)
10536 wpa_driver_nl80211_del_beacon(drv);
10537 nl80211_destroy_bss(bss);
10538 if (!bss->added_if)
10539 i802_set_iface_flags(bss, 0);
10540 if (drv->first_bss->next) {
10541 drv->first_bss = drv->first_bss->next;
10542 drv->ctx = drv->first_bss->ctx;
10545 wpa_printf(MSG_DEBUG, "nl80211: No second BSS to reassign context to");
10553 static int cookie_handler(struct nl_msg *msg, void *arg)
10555 struct nlattr *tb[NL80211_ATTR_MAX + 1];
10556 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
10558 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
10559 genlmsg_attrlen(gnlh, 0), NULL);
10560 if (tb[NL80211_ATTR_COOKIE])
10561 *cookie = nla_get_u64(tb[NL80211_ATTR_COOKIE]);
10566 static int nl80211_send_frame_cmd(struct i802_bss *bss,
10567 unsigned int freq, unsigned int wait,
10568 const u8 *buf, size_t buf_len,
10569 u64 *cookie_out, int no_cck, int no_ack,
10572 struct wpa_driver_nl80211_data *drv = bss->drv;
10573 struct nl_msg *msg;
10577 msg = nlmsg_alloc();
10581 wpa_printf(MSG_MSGDUMP, "nl80211: CMD_FRAME freq=%u wait=%u no_cck=%d "
10582 "no_ack=%d offchanok=%d",
10583 freq, wait, no_cck, no_ack, offchanok);
10584 wpa_hexdump(MSG_MSGDUMP, "CMD_FRAME", buf, buf_len);
10585 nl80211_cmd(drv, msg, 0, NL80211_CMD_FRAME);
10587 if (nl80211_set_iface_id(msg, bss) < 0)
10588 goto nla_put_failure;
10590 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, freq);
10592 NLA_PUT_U32(msg, NL80211_ATTR_DURATION, wait);
10593 if (offchanok && ((drv->capa.flags & WPA_DRIVER_FLAGS_OFFCHANNEL_TX) ||
10594 drv->test_use_roc_tx))
10595 NLA_PUT_FLAG(msg, NL80211_ATTR_OFFCHANNEL_TX_OK);
10597 NLA_PUT_FLAG(msg, NL80211_ATTR_TX_NO_CCK_RATE);
10599 NLA_PUT_FLAG(msg, NL80211_ATTR_DONT_WAIT_FOR_ACK);
10601 NLA_PUT(msg, NL80211_ATTR_FRAME, buf_len, buf);
10604 ret = send_and_recv_msgs(drv, msg, cookie_handler, &cookie);
10607 wpa_printf(MSG_DEBUG, "nl80211: Frame command failed: ret=%d "
10608 "(%s) (freq=%u wait=%u)", ret, strerror(-ret),
10610 goto nla_put_failure;
10612 wpa_printf(MSG_MSGDUMP, "nl80211: Frame TX command accepted%s; "
10613 "cookie 0x%llx", no_ack ? " (no ACK)" : "",
10614 (long long unsigned int) cookie);
10617 *cookie_out = no_ack ? (u64) -1 : cookie;
10625 static int wpa_driver_nl80211_send_action(struct i802_bss *bss,
10627 unsigned int wait_time,
10628 const u8 *dst, const u8 *src,
10630 const u8 *data, size_t data_len,
10633 struct wpa_driver_nl80211_data *drv = bss->drv;
10636 struct ieee80211_hdr *hdr;
10638 wpa_printf(MSG_DEBUG, "nl80211: Send Action frame (ifindex=%d, "
10639 "freq=%u MHz wait=%d ms no_cck=%d)",
10640 drv->ifindex, freq, wait_time, no_cck);
10642 buf = os_zalloc(24 + data_len);
10645 os_memcpy(buf + 24, data, data_len);
10646 hdr = (struct ieee80211_hdr *) buf;
10647 hdr->frame_control =
10648 IEEE80211_FC(WLAN_FC_TYPE_MGMT, WLAN_FC_STYPE_ACTION);
10649 os_memcpy(hdr->addr1, dst, ETH_ALEN);
10650 os_memcpy(hdr->addr2, src, ETH_ALEN);
10651 os_memcpy(hdr->addr3, bssid, ETH_ALEN);
10653 if (is_ap_interface(drv->nlmode) &&
10654 (!(drv->capa.flags & WPA_DRIVER_FLAGS_OFFCHANNEL_TX) ||
10655 (int) freq == bss->freq || drv->device_ap_sme ||
10656 !drv->use_monitor))
10657 ret = wpa_driver_nl80211_send_mlme(bss, buf, 24 + data_len,
10658 0, freq, no_cck, 1,
10661 ret = nl80211_send_frame_cmd(bss, freq, wait_time, buf,
10663 &drv->send_action_cookie,
10671 static void wpa_driver_nl80211_send_action_cancel_wait(void *priv)
10673 struct i802_bss *bss = priv;
10674 struct wpa_driver_nl80211_data *drv = bss->drv;
10675 struct nl_msg *msg;
10678 msg = nlmsg_alloc();
10682 wpa_printf(MSG_DEBUG, "nl80211: Cancel TX frame wait: cookie=0x%llx",
10683 (long long unsigned int) drv->send_action_cookie);
10684 nl80211_cmd(drv, msg, 0, NL80211_CMD_FRAME_WAIT_CANCEL);
10686 if (nl80211_set_iface_id(msg, bss) < 0)
10687 goto nla_put_failure;
10688 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, drv->send_action_cookie);
10690 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
10693 wpa_printf(MSG_DEBUG, "nl80211: wait cancel failed: ret=%d "
10694 "(%s)", ret, strerror(-ret));
10701 static int wpa_driver_nl80211_remain_on_channel(void *priv, unsigned int freq,
10702 unsigned int duration)
10704 struct i802_bss *bss = priv;
10705 struct wpa_driver_nl80211_data *drv = bss->drv;
10706 struct nl_msg *msg;
10710 msg = nlmsg_alloc();
10714 nl80211_cmd(drv, msg, 0, NL80211_CMD_REMAIN_ON_CHANNEL);
10716 if (nl80211_set_iface_id(msg, bss) < 0)
10717 goto nla_put_failure;
10719 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, freq);
10720 NLA_PUT_U32(msg, NL80211_ATTR_DURATION, duration);
10723 ret = send_and_recv_msgs(drv, msg, cookie_handler, &cookie);
10726 wpa_printf(MSG_DEBUG, "nl80211: Remain-on-channel cookie "
10727 "0x%llx for freq=%u MHz duration=%u",
10728 (long long unsigned int) cookie, freq, duration);
10729 drv->remain_on_chan_cookie = cookie;
10730 drv->pending_remain_on_chan = 1;
10733 wpa_printf(MSG_DEBUG, "nl80211: Failed to request remain-on-channel "
10734 "(freq=%d duration=%u): %d (%s)",
10735 freq, duration, ret, strerror(-ret));
10742 static int wpa_driver_nl80211_cancel_remain_on_channel(void *priv)
10744 struct i802_bss *bss = priv;
10745 struct wpa_driver_nl80211_data *drv = bss->drv;
10746 struct nl_msg *msg;
10749 if (!drv->pending_remain_on_chan) {
10750 wpa_printf(MSG_DEBUG, "nl80211: No pending remain-on-channel "
10755 wpa_printf(MSG_DEBUG, "nl80211: Cancel remain-on-channel with cookie "
10757 (long long unsigned int) drv->remain_on_chan_cookie);
10759 msg = nlmsg_alloc();
10763 nl80211_cmd(drv, msg, 0, NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL);
10765 if (nl80211_set_iface_id(msg, bss) < 0)
10766 goto nla_put_failure;
10768 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, drv->remain_on_chan_cookie);
10770 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
10774 wpa_printf(MSG_DEBUG, "nl80211: Failed to cancel remain-on-channel: "
10775 "%d (%s)", ret, strerror(-ret));
10782 static int wpa_driver_nl80211_probe_req_report(struct i802_bss *bss, int report)
10784 struct wpa_driver_nl80211_data *drv = bss->drv;
10787 if (bss->nl_preq && drv->device_ap_sme &&
10788 is_ap_interface(drv->nlmode) && !bss->in_deinit &&
10791 * Do not disable Probe Request reporting that was
10792 * enabled in nl80211_setup_ap().
10794 wpa_printf(MSG_DEBUG, "nl80211: Skip disabling of "
10795 "Probe Request reporting nl_preq=%p while "
10796 "in AP mode", bss->nl_preq);
10797 } else if (bss->nl_preq) {
10798 wpa_printf(MSG_DEBUG, "nl80211: Disable Probe Request "
10799 "reporting nl_preq=%p", bss->nl_preq);
10800 nl80211_destroy_eloop_handle(&bss->nl_preq);
10805 if (bss->nl_preq) {
10806 wpa_printf(MSG_DEBUG, "nl80211: Probe Request reporting "
10807 "already on! nl_preq=%p", bss->nl_preq);
10811 bss->nl_preq = nl_create_handle(drv->global->nl_cb, "preq");
10812 if (bss->nl_preq == NULL)
10814 wpa_printf(MSG_DEBUG, "nl80211: Enable Probe Request "
10815 "reporting nl_preq=%p", bss->nl_preq);
10817 if (nl80211_register_frame(bss, bss->nl_preq,
10818 (WLAN_FC_TYPE_MGMT << 2) |
10819 (WLAN_FC_STYPE_PROBE_REQ << 4),
10823 nl80211_register_eloop_read(&bss->nl_preq,
10824 wpa_driver_nl80211_event_receive,
10830 nl_destroy_handles(&bss->nl_preq);
10835 static int nl80211_disable_11b_rates(struct wpa_driver_nl80211_data *drv,
10836 int ifindex, int disabled)
10838 struct nl_msg *msg;
10839 struct nlattr *bands, *band;
10842 msg = nlmsg_alloc();
10846 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_TX_BITRATE_MASK);
10847 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifindex);
10849 bands = nla_nest_start(msg, NL80211_ATTR_TX_RATES);
10851 goto nla_put_failure;
10854 * Disable 2 GHz rates 1, 2, 5.5, 11 Mbps by masking out everything
10855 * else apart from 6, 9, 12, 18, 24, 36, 48, 54 Mbps from non-MCS
10856 * rates. All 5 GHz rates are left enabled.
10858 band = nla_nest_start(msg, NL80211_BAND_2GHZ);
10860 goto nla_put_failure;
10862 NLA_PUT(msg, NL80211_TXRATE_LEGACY, 8,
10863 "\x0c\x12\x18\x24\x30\x48\x60\x6c");
10865 nla_nest_end(msg, band);
10867 nla_nest_end(msg, bands);
10869 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
10872 wpa_printf(MSG_DEBUG, "nl80211: Set TX rates failed: ret=%d "
10873 "(%s)", ret, strerror(-ret));
10875 drv->disabled_11b_rates = disabled;
10885 static int wpa_driver_nl80211_deinit_ap(void *priv)
10887 struct i802_bss *bss = priv;
10888 struct wpa_driver_nl80211_data *drv = bss->drv;
10889 if (!is_ap_interface(drv->nlmode))
10891 wpa_driver_nl80211_del_beacon(drv);
10894 * If the P2P GO interface was dynamically added, then it is
10895 * possible that the interface change to station is not possible.
10897 if (drv->nlmode == NL80211_IFTYPE_P2P_GO && bss->if_dynamic)
10900 return wpa_driver_nl80211_set_mode(priv, NL80211_IFTYPE_STATION);
10904 static int wpa_driver_nl80211_stop_ap(void *priv)
10906 struct i802_bss *bss = priv;
10907 struct wpa_driver_nl80211_data *drv = bss->drv;
10908 if (!is_ap_interface(drv->nlmode))
10910 wpa_driver_nl80211_del_beacon(drv);
10911 bss->beacon_set = 0;
10916 static int wpa_driver_nl80211_deinit_p2p_cli(void *priv)
10918 struct i802_bss *bss = priv;
10919 struct wpa_driver_nl80211_data *drv = bss->drv;
10920 if (drv->nlmode != NL80211_IFTYPE_P2P_CLIENT)
10924 * If the P2P Client interface was dynamically added, then it is
10925 * possible that the interface change to station is not possible.
10927 if (bss->if_dynamic)
10930 return wpa_driver_nl80211_set_mode(priv, NL80211_IFTYPE_STATION);
10934 static void wpa_driver_nl80211_resume(void *priv)
10936 struct i802_bss *bss = priv;
10938 if (i802_set_iface_flags(bss, 1))
10939 wpa_printf(MSG_DEBUG, "nl80211: Failed to set interface up on resume event");
10943 static int nl80211_send_ft_action(void *priv, u8 action, const u8 *target_ap,
10944 const u8 *ies, size_t ies_len)
10946 struct i802_bss *bss = priv;
10947 struct wpa_driver_nl80211_data *drv = bss->drv;
10951 const u8 *own_addr = bss->addr;
10954 wpa_printf(MSG_ERROR, "nl80211: Unsupported send_ft_action "
10955 "action %d", action);
10960 * Action frame payload:
10961 * Category[1] = 6 (Fast BSS Transition)
10962 * Action[1] = 1 (Fast BSS Transition Request)
10964 * Target AP Address
10968 data_len = 2 + 2 * ETH_ALEN + ies_len;
10969 data = os_malloc(data_len);
10973 *pos++ = 0x06; /* FT Action category */
10975 os_memcpy(pos, own_addr, ETH_ALEN);
10977 os_memcpy(pos, target_ap, ETH_ALEN);
10979 os_memcpy(pos, ies, ies_len);
10981 ret = wpa_driver_nl80211_send_action(bss, drv->assoc_freq, 0,
10982 drv->bssid, own_addr, drv->bssid,
10983 data, data_len, 0);
10990 static int nl80211_signal_monitor(void *priv, int threshold, int hysteresis)
10992 struct i802_bss *bss = priv;
10993 struct wpa_driver_nl80211_data *drv = bss->drv;
10994 struct nl_msg *msg;
10995 struct nlattr *cqm;
10998 wpa_printf(MSG_DEBUG, "nl80211: Signal monitor threshold=%d "
10999 "hysteresis=%d", threshold, hysteresis);
11001 msg = nlmsg_alloc();
11005 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_CQM);
11007 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, bss->ifindex);
11009 cqm = nla_nest_start(msg, NL80211_ATTR_CQM);
11011 goto nla_put_failure;
11013 NLA_PUT_U32(msg, NL80211_ATTR_CQM_RSSI_THOLD, threshold);
11014 NLA_PUT_U32(msg, NL80211_ATTR_CQM_RSSI_HYST, hysteresis);
11015 nla_nest_end(msg, cqm);
11017 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
11026 static int get_channel_width(struct nl_msg *msg, void *arg)
11028 struct nlattr *tb[NL80211_ATTR_MAX + 1];
11029 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
11030 struct wpa_signal_info *sig_change = arg;
11032 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
11033 genlmsg_attrlen(gnlh, 0), NULL);
11035 sig_change->center_frq1 = -1;
11036 sig_change->center_frq2 = -1;
11037 sig_change->chanwidth = CHAN_WIDTH_UNKNOWN;
11039 if (tb[NL80211_ATTR_CHANNEL_WIDTH]) {
11040 sig_change->chanwidth = convert2width(
11041 nla_get_u32(tb[NL80211_ATTR_CHANNEL_WIDTH]));
11042 if (tb[NL80211_ATTR_CENTER_FREQ1])
11043 sig_change->center_frq1 =
11044 nla_get_u32(tb[NL80211_ATTR_CENTER_FREQ1]);
11045 if (tb[NL80211_ATTR_CENTER_FREQ2])
11046 sig_change->center_frq2 =
11047 nla_get_u32(tb[NL80211_ATTR_CENTER_FREQ2]);
11054 static int nl80211_get_channel_width(struct wpa_driver_nl80211_data *drv,
11055 struct wpa_signal_info *sig)
11057 struct nl_msg *msg;
11059 msg = nlmsg_alloc();
11063 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_INTERFACE);
11064 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
11066 return send_and_recv_msgs(drv, msg, get_channel_width, sig);
11074 static int nl80211_signal_poll(void *priv, struct wpa_signal_info *si)
11076 struct i802_bss *bss = priv;
11077 struct wpa_driver_nl80211_data *drv = bss->drv;
11080 os_memset(si, 0, sizeof(*si));
11081 res = nl80211_get_link_signal(drv, si);
11085 res = nl80211_get_channel_width(drv, si);
11089 return nl80211_get_link_noise(drv, si);
11093 static int wpa_driver_nl80211_shared_freq(void *priv)
11095 struct i802_bss *bss = priv;
11096 struct wpa_driver_nl80211_data *drv = bss->drv;
11097 struct wpa_driver_nl80211_data *driver;
11101 * If the same PHY is in connected state with some other interface,
11102 * then retrieve the assoc freq.
11104 wpa_printf(MSG_DEBUG, "nl80211: Get shared freq for PHY %s",
11107 dl_list_for_each(driver, &drv->global->interfaces,
11108 struct wpa_driver_nl80211_data, list) {
11109 if (drv == driver ||
11110 os_strcmp(drv->phyname, driver->phyname) != 0 ||
11111 !driver->associated)
11114 wpa_printf(MSG_DEBUG, "nl80211: Found a match for PHY %s - %s "
11116 driver->phyname, driver->first_bss->ifname,
11117 MAC2STR(driver->first_bss->addr));
11118 if (is_ap_interface(driver->nlmode))
11119 freq = driver->first_bss->freq;
11121 freq = nl80211_get_assoc_freq(driver);
11122 wpa_printf(MSG_DEBUG, "nl80211: Shared freq for PHY %s: %d",
11123 drv->phyname, freq);
11127 wpa_printf(MSG_DEBUG, "nl80211: No shared interface for "
11128 "PHY (%s) in associated state", drv->phyname);
11134 static int nl80211_send_frame(void *priv, const u8 *data, size_t data_len,
11137 struct i802_bss *bss = priv;
11138 return wpa_driver_nl80211_send_frame(bss, data, data_len, encrypt, 0,
11143 static int nl80211_set_param(void *priv, const char *param)
11145 wpa_printf(MSG_DEBUG, "nl80211: driver param='%s'", param);
11150 if (os_strstr(param, "use_p2p_group_interface=1")) {
11151 struct i802_bss *bss = priv;
11152 struct wpa_driver_nl80211_data *drv = bss->drv;
11154 wpa_printf(MSG_DEBUG, "nl80211: Use separate P2P group "
11156 drv->capa.flags |= WPA_DRIVER_FLAGS_P2P_CONCURRENT;
11157 drv->capa.flags |= WPA_DRIVER_FLAGS_P2P_MGMT_AND_NON_P2P;
11160 if (os_strstr(param, "p2p_device=1")) {
11161 struct i802_bss *bss = priv;
11162 struct wpa_driver_nl80211_data *drv = bss->drv;
11163 drv->allow_p2p_device = 1;
11165 #endif /* CONFIG_P2P */
11167 if (os_strstr(param, "use_monitor=1")) {
11168 struct i802_bss *bss = priv;
11169 struct wpa_driver_nl80211_data *drv = bss->drv;
11170 drv->use_monitor = 1;
11173 if (os_strstr(param, "force_connect_cmd=1")) {
11174 struct i802_bss *bss = priv;
11175 struct wpa_driver_nl80211_data *drv = bss->drv;
11176 drv->capa.flags &= ~WPA_DRIVER_FLAGS_SME;
11177 drv->force_connect_cmd = 1;
11180 if (os_strstr(param, "no_offchannel_tx=1")) {
11181 struct i802_bss *bss = priv;
11182 struct wpa_driver_nl80211_data *drv = bss->drv;
11183 drv->capa.flags &= ~WPA_DRIVER_FLAGS_OFFCHANNEL_TX;
11184 drv->test_use_roc_tx = 1;
11191 static void * nl80211_global_init(void)
11193 struct nl80211_global *global;
11194 struct netlink_config *cfg;
11196 global = os_zalloc(sizeof(*global));
11197 if (global == NULL)
11199 global->ioctl_sock = -1;
11200 dl_list_init(&global->interfaces);
11201 global->if_add_ifindex = -1;
11203 cfg = os_zalloc(sizeof(*cfg));
11208 cfg->newlink_cb = wpa_driver_nl80211_event_rtm_newlink;
11209 cfg->dellink_cb = wpa_driver_nl80211_event_rtm_dellink;
11210 global->netlink = netlink_init(cfg);
11211 if (global->netlink == NULL) {
11216 if (wpa_driver_nl80211_init_nl_global(global) < 0)
11219 global->ioctl_sock = socket(PF_INET, SOCK_DGRAM, 0);
11220 if (global->ioctl_sock < 0) {
11221 wpa_printf(MSG_ERROR, "nl80211: socket(PF_INET,SOCK_DGRAM) failed: %s",
11229 nl80211_global_deinit(global);
11234 static void nl80211_global_deinit(void *priv)
11236 struct nl80211_global *global = priv;
11237 if (global == NULL)
11239 if (!dl_list_empty(&global->interfaces)) {
11240 wpa_printf(MSG_ERROR, "nl80211: %u interface(s) remain at "
11241 "nl80211_global_deinit",
11242 dl_list_len(&global->interfaces));
11245 if (global->netlink)
11246 netlink_deinit(global->netlink);
11248 nl_destroy_handles(&global->nl);
11250 if (global->nl_event)
11251 nl80211_destroy_eloop_handle(&global->nl_event);
11253 nl_cb_put(global->nl_cb);
11255 if (global->ioctl_sock >= 0)
11256 close(global->ioctl_sock);
11262 static const char * nl80211_get_radio_name(void *priv)
11264 struct i802_bss *bss = priv;
11265 struct wpa_driver_nl80211_data *drv = bss->drv;
11266 return drv->phyname;
11270 static int nl80211_pmkid(struct i802_bss *bss, int cmd, const u8 *bssid,
11273 struct nl_msg *msg;
11275 msg = nlmsg_alloc();
11279 nl80211_cmd(bss->drv, msg, 0, cmd);
11281 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(bss->ifname));
11283 NLA_PUT(msg, NL80211_ATTR_PMKID, 16, pmkid);
11285 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid);
11287 return send_and_recv_msgs(bss->drv, msg, NULL, NULL);
11294 static int nl80211_add_pmkid(void *priv, const u8 *bssid, const u8 *pmkid)
11296 struct i802_bss *bss = priv;
11297 wpa_printf(MSG_DEBUG, "nl80211: Add PMKID for " MACSTR, MAC2STR(bssid));
11298 return nl80211_pmkid(bss, NL80211_CMD_SET_PMKSA, bssid, pmkid);
11302 static int nl80211_remove_pmkid(void *priv, const u8 *bssid, const u8 *pmkid)
11304 struct i802_bss *bss = priv;
11305 wpa_printf(MSG_DEBUG, "nl80211: Delete PMKID for " MACSTR,
11307 return nl80211_pmkid(bss, NL80211_CMD_DEL_PMKSA, bssid, pmkid);
11311 static int nl80211_flush_pmkid(void *priv)
11313 struct i802_bss *bss = priv;
11314 wpa_printf(MSG_DEBUG, "nl80211: Flush PMKIDs");
11315 return nl80211_pmkid(bss, NL80211_CMD_FLUSH_PMKSA, NULL, NULL);
11319 static void clean_survey_results(struct survey_results *survey_results)
11321 struct freq_survey *survey, *tmp;
11323 if (dl_list_empty(&survey_results->survey_list))
11326 dl_list_for_each_safe(survey, tmp, &survey_results->survey_list,
11327 struct freq_survey, list) {
11328 dl_list_del(&survey->list);
11334 static void add_survey(struct nlattr **sinfo, u32 ifidx,
11335 struct dl_list *survey_list)
11337 struct freq_survey *survey;
11339 survey = os_zalloc(sizeof(struct freq_survey));
11343 survey->ifidx = ifidx;
11344 survey->freq = nla_get_u32(sinfo[NL80211_SURVEY_INFO_FREQUENCY]);
11345 survey->filled = 0;
11347 if (sinfo[NL80211_SURVEY_INFO_NOISE]) {
11348 survey->nf = (int8_t)
11349 nla_get_u8(sinfo[NL80211_SURVEY_INFO_NOISE]);
11350 survey->filled |= SURVEY_HAS_NF;
11353 if (sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME]) {
11354 survey->channel_time =
11355 nla_get_u64(sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME]);
11356 survey->filled |= SURVEY_HAS_CHAN_TIME;
11359 if (sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_BUSY]) {
11360 survey->channel_time_busy =
11361 nla_get_u64(sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_BUSY]);
11362 survey->filled |= SURVEY_HAS_CHAN_TIME_BUSY;
11365 if (sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_RX]) {
11366 survey->channel_time_rx =
11367 nla_get_u64(sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_RX]);
11368 survey->filled |= SURVEY_HAS_CHAN_TIME_RX;
11371 if (sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_TX]) {
11372 survey->channel_time_tx =
11373 nla_get_u64(sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_TX]);
11374 survey->filled |= SURVEY_HAS_CHAN_TIME_TX;
11377 wpa_printf(MSG_DEBUG, "nl80211: Freq survey dump event (freq=%d MHz noise=%d channel_time=%ld busy_time=%ld tx_time=%ld rx_time=%ld filled=%04x)",
11380 (unsigned long int) survey->channel_time,
11381 (unsigned long int) survey->channel_time_busy,
11382 (unsigned long int) survey->channel_time_tx,
11383 (unsigned long int) survey->channel_time_rx,
11386 dl_list_add_tail(survey_list, &survey->list);
11390 static int check_survey_ok(struct nlattr **sinfo, u32 surveyed_freq,
11391 unsigned int freq_filter)
11396 return freq_filter == surveyed_freq;
11400 static int survey_handler(struct nl_msg *msg, void *arg)
11402 struct nlattr *tb[NL80211_ATTR_MAX + 1];
11403 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
11404 struct nlattr *sinfo[NL80211_SURVEY_INFO_MAX + 1];
11405 struct survey_results *survey_results;
11406 u32 surveyed_freq = 0;
11409 static struct nla_policy survey_policy[NL80211_SURVEY_INFO_MAX + 1] = {
11410 [NL80211_SURVEY_INFO_FREQUENCY] = { .type = NLA_U32 },
11411 [NL80211_SURVEY_INFO_NOISE] = { .type = NLA_U8 },
11414 survey_results = (struct survey_results *) arg;
11416 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
11417 genlmsg_attrlen(gnlh, 0), NULL);
11419 if (!tb[NL80211_ATTR_IFINDEX])
11422 ifidx = nla_get_u32(tb[NL80211_ATTR_IFINDEX]);
11424 if (!tb[NL80211_ATTR_SURVEY_INFO])
11427 if (nla_parse_nested(sinfo, NL80211_SURVEY_INFO_MAX,
11428 tb[NL80211_ATTR_SURVEY_INFO],
11432 if (!sinfo[NL80211_SURVEY_INFO_FREQUENCY]) {
11433 wpa_printf(MSG_ERROR, "nl80211: Invalid survey data");
11437 surveyed_freq = nla_get_u32(sinfo[NL80211_SURVEY_INFO_FREQUENCY]);
11439 if (!check_survey_ok(sinfo, surveyed_freq,
11440 survey_results->freq_filter))
11443 if (survey_results->freq_filter &&
11444 survey_results->freq_filter != surveyed_freq) {
11445 wpa_printf(MSG_EXCESSIVE, "nl80211: Ignoring survey data for freq %d MHz",
11450 add_survey(sinfo, ifidx, &survey_results->survey_list);
11456 static int wpa_driver_nl80211_get_survey(void *priv, unsigned int freq)
11458 struct i802_bss *bss = priv;
11459 struct wpa_driver_nl80211_data *drv = bss->drv;
11460 struct nl_msg *msg;
11461 int err = -ENOBUFS;
11462 union wpa_event_data data;
11463 struct survey_results *survey_results;
11465 os_memset(&data, 0, sizeof(data));
11466 survey_results = &data.survey_results;
11468 dl_list_init(&survey_results->survey_list);
11470 msg = nlmsg_alloc();
11472 goto nla_put_failure;
11474 nl80211_cmd(drv, msg, NLM_F_DUMP, NL80211_CMD_GET_SURVEY);
11476 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
11479 data.survey_results.freq_filter = freq;
11482 wpa_printf(MSG_DEBUG, "nl80211: Fetch survey data");
11483 err = send_and_recv_msgs(drv, msg, survey_handler,
11488 wpa_printf(MSG_ERROR, "nl80211: Failed to process survey data");
11492 wpa_supplicant_event(drv->ctx, EVENT_SURVEY, &data);
11495 clean_survey_results(survey_results);
11501 static void nl80211_set_rekey_info(void *priv, const u8 *kek, const u8 *kck,
11502 const u8 *replay_ctr)
11504 struct i802_bss *bss = priv;
11505 struct wpa_driver_nl80211_data *drv = bss->drv;
11506 struct nlattr *replay_nested;
11507 struct nl_msg *msg;
11509 msg = nlmsg_alloc();
11513 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_REKEY_OFFLOAD);
11515 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, bss->ifindex);
11517 replay_nested = nla_nest_start(msg, NL80211_ATTR_REKEY_DATA);
11518 if (!replay_nested)
11519 goto nla_put_failure;
11521 NLA_PUT(msg, NL80211_REKEY_DATA_KEK, NL80211_KEK_LEN, kek);
11522 NLA_PUT(msg, NL80211_REKEY_DATA_KCK, NL80211_KCK_LEN, kck);
11523 NLA_PUT(msg, NL80211_REKEY_DATA_REPLAY_CTR, NL80211_REPLAY_CTR_LEN,
11526 nla_nest_end(msg, replay_nested);
11528 send_and_recv_msgs(drv, msg, NULL, NULL);
11535 static void nl80211_send_null_frame(struct i802_bss *bss, const u8 *own_addr,
11536 const u8 *addr, int qos)
11538 /* send data frame to poll STA and check whether
11539 * this frame is ACKed */
11541 struct ieee80211_hdr hdr;
11543 } STRUCT_PACKED nulldata;
11546 /* Send data frame to poll STA and check whether this frame is ACKed */
11548 os_memset(&nulldata, 0, sizeof(nulldata));
11551 nulldata.hdr.frame_control =
11552 IEEE80211_FC(WLAN_FC_TYPE_DATA,
11553 WLAN_FC_STYPE_QOS_NULL);
11554 size = sizeof(nulldata);
11556 nulldata.hdr.frame_control =
11557 IEEE80211_FC(WLAN_FC_TYPE_DATA,
11558 WLAN_FC_STYPE_NULLFUNC);
11559 size = sizeof(struct ieee80211_hdr);
11562 nulldata.hdr.frame_control |= host_to_le16(WLAN_FC_FROMDS);
11563 os_memcpy(nulldata.hdr.IEEE80211_DA_FROMDS, addr, ETH_ALEN);
11564 os_memcpy(nulldata.hdr.IEEE80211_BSSID_FROMDS, own_addr, ETH_ALEN);
11565 os_memcpy(nulldata.hdr.IEEE80211_SA_FROMDS, own_addr, ETH_ALEN);
11567 if (wpa_driver_nl80211_send_mlme(bss, (u8 *) &nulldata, size, 0, 0, 0,
11569 wpa_printf(MSG_DEBUG, "nl80211_send_null_frame: Failed to "
11570 "send poll frame");
11573 static void nl80211_poll_client(void *priv, const u8 *own_addr, const u8 *addr,
11576 struct i802_bss *bss = priv;
11577 struct wpa_driver_nl80211_data *drv = bss->drv;
11578 struct nl_msg *msg;
11580 if (!drv->poll_command_supported) {
11581 nl80211_send_null_frame(bss, own_addr, addr, qos);
11585 msg = nlmsg_alloc();
11589 nl80211_cmd(drv, msg, 0, NL80211_CMD_PROBE_CLIENT);
11591 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, bss->ifindex);
11592 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
11594 send_and_recv_msgs(drv, msg, NULL, NULL);
11601 static int nl80211_set_power_save(struct i802_bss *bss, int enabled)
11603 struct nl_msg *msg;
11605 msg = nlmsg_alloc();
11609 nl80211_cmd(bss->drv, msg, 0, NL80211_CMD_SET_POWER_SAVE);
11610 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, bss->ifindex);
11611 NLA_PUT_U32(msg, NL80211_ATTR_PS_STATE,
11612 enabled ? NL80211_PS_ENABLED : NL80211_PS_DISABLED);
11613 return send_and_recv_msgs(bss->drv, msg, NULL, NULL);
11620 static int nl80211_set_p2p_powersave(void *priv, int legacy_ps, int opp_ps,
11623 struct i802_bss *bss = priv;
11625 wpa_printf(MSG_DEBUG, "nl80211: set_p2p_powersave (legacy_ps=%d "
11626 "opp_ps=%d ctwindow=%d)", legacy_ps, opp_ps, ctwindow);
11628 if (opp_ps != -1 || ctwindow != -1) {
11630 wpa_driver_set_p2p_ps(priv, legacy_ps, opp_ps, ctwindow);
11631 #else /* ANDROID_P2P */
11632 return -1; /* Not yet supported */
11633 #endif /* ANDROID_P2P */
11636 if (legacy_ps == -1)
11638 if (legacy_ps != 0 && legacy_ps != 1)
11639 return -1; /* Not yet supported */
11641 return nl80211_set_power_save(bss, legacy_ps);
11645 static int nl80211_start_radar_detection(void *priv,
11646 struct hostapd_freq_params *freq)
11648 struct i802_bss *bss = priv;
11649 struct wpa_driver_nl80211_data *drv = bss->drv;
11650 struct nl_msg *msg;
11653 wpa_printf(MSG_DEBUG, "nl80211: Start radar detection (CAC) %d MHz (ht_enabled=%d, vht_enabled=%d, bandwidth=%d MHz, cf1=%d MHz, cf2=%d MHz)",
11654 freq->freq, freq->ht_enabled, freq->vht_enabled,
11655 freq->bandwidth, freq->center_freq1, freq->center_freq2);
11657 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_RADAR)) {
11658 wpa_printf(MSG_DEBUG, "nl80211: Driver does not support radar "
11663 msg = nlmsg_alloc();
11667 nl80211_cmd(bss->drv, msg, 0, NL80211_CMD_RADAR_DETECT);
11668 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
11670 if (nl80211_put_freq_params(msg, freq) < 0)
11671 goto nla_put_failure;
11673 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
11677 wpa_printf(MSG_DEBUG, "nl80211: Failed to start radar detection: "
11678 "%d (%s)", ret, strerror(-ret));
11686 static int nl80211_send_tdls_mgmt(void *priv, const u8 *dst, u8 action_code,
11687 u8 dialog_token, u16 status_code,
11688 u32 peer_capab, int initiator, const u8 *buf,
11691 struct i802_bss *bss = priv;
11692 struct wpa_driver_nl80211_data *drv = bss->drv;
11693 struct nl_msg *msg;
11695 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT))
11696 return -EOPNOTSUPP;
11701 msg = nlmsg_alloc();
11705 nl80211_cmd(drv, msg, 0, NL80211_CMD_TDLS_MGMT);
11706 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
11707 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, dst);
11708 NLA_PUT_U8(msg, NL80211_ATTR_TDLS_ACTION, action_code);
11709 NLA_PUT_U8(msg, NL80211_ATTR_TDLS_DIALOG_TOKEN, dialog_token);
11710 NLA_PUT_U16(msg, NL80211_ATTR_STATUS_CODE, status_code);
11713 * The internal enum tdls_peer_capability definition is
11714 * currently identical with the nl80211 enum
11715 * nl80211_tdls_peer_capability, so no conversion is needed
11718 NLA_PUT_U32(msg, NL80211_ATTR_TDLS_PEER_CAPABILITY, peer_capab);
11721 NLA_PUT_FLAG(msg, NL80211_ATTR_TDLS_INITIATOR);
11722 NLA_PUT(msg, NL80211_ATTR_IE, len, buf);
11724 return send_and_recv_msgs(drv, msg, NULL, NULL);
11732 static int nl80211_tdls_oper(void *priv, enum tdls_oper oper, const u8 *peer)
11734 struct i802_bss *bss = priv;
11735 struct wpa_driver_nl80211_data *drv = bss->drv;
11736 struct nl_msg *msg;
11737 enum nl80211_tdls_operation nl80211_oper;
11739 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT))
11740 return -EOPNOTSUPP;
11743 case TDLS_DISCOVERY_REQ:
11744 nl80211_oper = NL80211_TDLS_DISCOVERY_REQ;
11747 nl80211_oper = NL80211_TDLS_SETUP;
11749 case TDLS_TEARDOWN:
11750 nl80211_oper = NL80211_TDLS_TEARDOWN;
11752 case TDLS_ENABLE_LINK:
11753 nl80211_oper = NL80211_TDLS_ENABLE_LINK;
11755 case TDLS_DISABLE_LINK:
11756 nl80211_oper = NL80211_TDLS_DISABLE_LINK;
11766 msg = nlmsg_alloc();
11770 nl80211_cmd(drv, msg, 0, NL80211_CMD_TDLS_OPER);
11771 NLA_PUT_U8(msg, NL80211_ATTR_TDLS_OPERATION, nl80211_oper);
11772 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
11773 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, peer);
11775 return send_and_recv_msgs(drv, msg, NULL, NULL);
11782 #endif /* CONFIG TDLS */
11787 typedef struct android_wifi_priv_cmd {
11791 } android_wifi_priv_cmd;
11793 static int drv_errors = 0;
11795 static void wpa_driver_send_hang_msg(struct wpa_driver_nl80211_data *drv)
11798 if (drv_errors > DRV_NUMBER_SEQUENTIAL_ERRORS) {
11800 wpa_msg(drv->ctx, MSG_INFO, WPA_EVENT_DRIVER_STATE "HANGED");
11805 static int android_priv_cmd(struct i802_bss *bss, const char *cmd)
11807 struct wpa_driver_nl80211_data *drv = bss->drv;
11809 android_wifi_priv_cmd priv_cmd;
11810 char buf[MAX_DRV_CMD_SIZE];
11813 os_memset(&ifr, 0, sizeof(ifr));
11814 os_memset(&priv_cmd, 0, sizeof(priv_cmd));
11815 os_strlcpy(ifr.ifr_name, bss->ifname, IFNAMSIZ);
11817 os_memset(buf, 0, sizeof(buf));
11818 os_strlcpy(buf, cmd, sizeof(buf));
11820 priv_cmd.buf = buf;
11821 priv_cmd.used_len = sizeof(buf);
11822 priv_cmd.total_len = sizeof(buf);
11823 ifr.ifr_data = &priv_cmd;
11825 ret = ioctl(drv->global->ioctl_sock, SIOCDEVPRIVATE + 1, &ifr);
11827 wpa_printf(MSG_ERROR, "%s: failed to issue private commands",
11829 wpa_driver_send_hang_msg(drv);
11838 static int android_pno_start(struct i802_bss *bss,
11839 struct wpa_driver_scan_params *params)
11841 struct wpa_driver_nl80211_data *drv = bss->drv;
11843 android_wifi_priv_cmd priv_cmd;
11844 int ret = 0, i = 0, bp;
11845 char buf[WEXT_PNO_MAX_COMMAND_SIZE];
11847 bp = WEXT_PNOSETUP_HEADER_SIZE;
11848 os_memcpy(buf, WEXT_PNOSETUP_HEADER, bp);
11849 buf[bp++] = WEXT_PNO_TLV_PREFIX;
11850 buf[bp++] = WEXT_PNO_TLV_VERSION;
11851 buf[bp++] = WEXT_PNO_TLV_SUBVERSION;
11852 buf[bp++] = WEXT_PNO_TLV_RESERVED;
11854 while (i < WEXT_PNO_AMOUNT && (size_t) i < params->num_ssids) {
11855 /* Check that there is enough space needed for 1 more SSID, the
11856 * other sections and null termination */
11857 if ((bp + WEXT_PNO_SSID_HEADER_SIZE + MAX_SSID_LEN +
11858 WEXT_PNO_NONSSID_SECTIONS_SIZE + 1) >= (int) sizeof(buf))
11860 wpa_hexdump_ascii(MSG_DEBUG, "For PNO Scan",
11861 params->ssids[i].ssid,
11862 params->ssids[i].ssid_len);
11863 buf[bp++] = WEXT_PNO_SSID_SECTION;
11864 buf[bp++] = params->ssids[i].ssid_len;
11865 os_memcpy(&buf[bp], params->ssids[i].ssid,
11866 params->ssids[i].ssid_len);
11867 bp += params->ssids[i].ssid_len;
11871 buf[bp++] = WEXT_PNO_SCAN_INTERVAL_SECTION;
11872 os_snprintf(&buf[bp], WEXT_PNO_SCAN_INTERVAL_LENGTH + 1, "%x",
11873 WEXT_PNO_SCAN_INTERVAL);
11874 bp += WEXT_PNO_SCAN_INTERVAL_LENGTH;
11876 buf[bp++] = WEXT_PNO_REPEAT_SECTION;
11877 os_snprintf(&buf[bp], WEXT_PNO_REPEAT_LENGTH + 1, "%x",
11879 bp += WEXT_PNO_REPEAT_LENGTH;
11881 buf[bp++] = WEXT_PNO_MAX_REPEAT_SECTION;
11882 os_snprintf(&buf[bp], WEXT_PNO_MAX_REPEAT_LENGTH + 1, "%x",
11883 WEXT_PNO_MAX_REPEAT);
11884 bp += WEXT_PNO_MAX_REPEAT_LENGTH + 1;
11886 memset(&ifr, 0, sizeof(ifr));
11887 memset(&priv_cmd, 0, sizeof(priv_cmd));
11888 os_strlcpy(ifr.ifr_name, bss->ifname, IFNAMSIZ);
11890 priv_cmd.buf = buf;
11891 priv_cmd.used_len = bp;
11892 priv_cmd.total_len = bp;
11893 ifr.ifr_data = &priv_cmd;
11895 ret = ioctl(drv->global->ioctl_sock, SIOCDEVPRIVATE + 1, &ifr);
11898 wpa_printf(MSG_ERROR, "ioctl[SIOCSIWPRIV] (pnosetup): %d",
11900 wpa_driver_send_hang_msg(drv);
11906 return android_priv_cmd(bss, "PNOFORCE 1");
11910 static int android_pno_stop(struct i802_bss *bss)
11912 return android_priv_cmd(bss, "PNOFORCE 0");
11915 #endif /* ANDROID */
11918 static int driver_nl80211_set_key(const char *ifname, void *priv,
11919 enum wpa_alg alg, const u8 *addr,
11920 int key_idx, int set_tx,
11921 const u8 *seq, size_t seq_len,
11922 const u8 *key, size_t key_len)
11924 struct i802_bss *bss = priv;
11925 return wpa_driver_nl80211_set_key(ifname, bss, alg, addr, key_idx,
11926 set_tx, seq, seq_len, key, key_len);
11930 static int driver_nl80211_scan2(void *priv,
11931 struct wpa_driver_scan_params *params)
11933 struct i802_bss *bss = priv;
11934 return wpa_driver_nl80211_scan(bss, params);
11938 static int driver_nl80211_deauthenticate(void *priv, const u8 *addr,
11941 struct i802_bss *bss = priv;
11942 return wpa_driver_nl80211_deauthenticate(bss, addr, reason_code);
11946 static int driver_nl80211_authenticate(void *priv,
11947 struct wpa_driver_auth_params *params)
11949 struct i802_bss *bss = priv;
11950 return wpa_driver_nl80211_authenticate(bss, params);
11954 static void driver_nl80211_deinit(void *priv)
11956 struct i802_bss *bss = priv;
11957 wpa_driver_nl80211_deinit(bss);
11961 static int driver_nl80211_if_remove(void *priv, enum wpa_driver_if_type type,
11962 const char *ifname)
11964 struct i802_bss *bss = priv;
11965 return wpa_driver_nl80211_if_remove(bss, type, ifname);
11969 static int driver_nl80211_send_mlme(void *priv, const u8 *data,
11970 size_t data_len, int noack)
11972 struct i802_bss *bss = priv;
11973 return wpa_driver_nl80211_send_mlme(bss, data, data_len, noack,
11978 static int driver_nl80211_sta_remove(void *priv, const u8 *addr)
11980 struct i802_bss *bss = priv;
11981 return wpa_driver_nl80211_sta_remove(bss, addr, -1, 0);
11985 static int driver_nl80211_set_sta_vlan(void *priv, const u8 *addr,
11986 const char *ifname, int vlan_id)
11988 struct i802_bss *bss = priv;
11989 return i802_set_sta_vlan(bss, addr, ifname, vlan_id);
11993 static int driver_nl80211_read_sta_data(void *priv,
11994 struct hostap_sta_driver_data *data,
11997 struct i802_bss *bss = priv;
11998 return i802_read_sta_data(bss, data, addr);
12002 static int driver_nl80211_send_action(void *priv, unsigned int freq,
12003 unsigned int wait_time,
12004 const u8 *dst, const u8 *src,
12006 const u8 *data, size_t data_len,
12009 struct i802_bss *bss = priv;
12010 return wpa_driver_nl80211_send_action(bss, freq, wait_time, dst, src,
12011 bssid, data, data_len, no_cck);
12015 static int driver_nl80211_probe_req_report(void *priv, int report)
12017 struct i802_bss *bss = priv;
12018 return wpa_driver_nl80211_probe_req_report(bss, report);
12022 static int wpa_driver_nl80211_update_ft_ies(void *priv, const u8 *md,
12023 const u8 *ies, size_t ies_len)
12026 struct nl_msg *msg;
12027 struct i802_bss *bss = priv;
12028 struct wpa_driver_nl80211_data *drv = bss->drv;
12029 u16 mdid = WPA_GET_LE16(md);
12031 msg = nlmsg_alloc();
12035 wpa_printf(MSG_DEBUG, "nl80211: Updating FT IEs");
12036 nl80211_cmd(drv, msg, 0, NL80211_CMD_UPDATE_FT_IES);
12037 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
12038 NLA_PUT(msg, NL80211_ATTR_IE, ies_len, ies);
12039 NLA_PUT_U16(msg, NL80211_ATTR_MDID, mdid);
12041 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
12043 wpa_printf(MSG_DEBUG, "nl80211: update_ft_ies failed "
12044 "err=%d (%s)", ret, strerror(-ret));
12055 const u8 * wpa_driver_nl80211_get_macaddr(void *priv)
12057 struct i802_bss *bss = priv;
12058 struct wpa_driver_nl80211_data *drv = bss->drv;
12060 if (drv->nlmode != NL80211_IFTYPE_P2P_DEVICE)
12067 static const char * scan_state_str(enum scan_states scan_state)
12069 switch (scan_state) {
12072 case SCAN_REQUESTED:
12073 return "SCAN_REQUESTED";
12075 return "SCAN_STARTED";
12076 case SCAN_COMPLETED:
12077 return "SCAN_COMPLETED";
12079 return "SCAN_ABORTED";
12080 case SCHED_SCAN_STARTED:
12081 return "SCHED_SCAN_STARTED";
12082 case SCHED_SCAN_STOPPED:
12083 return "SCHED_SCAN_STOPPED";
12084 case SCHED_SCAN_RESULTS:
12085 return "SCHED_SCAN_RESULTS";
12092 static int wpa_driver_nl80211_status(void *priv, char *buf, size_t buflen)
12094 struct i802_bss *bss = priv;
12095 struct wpa_driver_nl80211_data *drv = bss->drv;
12100 end = buf + buflen;
12102 res = os_snprintf(pos, end - pos,
12106 "addr=" MACSTR "\n"
12112 MAC2STR(bss->addr),
12114 bss->beacon_set ? "beacon_set=1\n" : "",
12115 bss->added_if_into_bridge ?
12116 "added_if_into_bridge=1\n" : "",
12117 bss->added_bridge ? "added_bridge=1\n" : "",
12118 bss->in_deinit ? "in_deinit=1\n" : "",
12119 bss->if_dynamic ? "if_dynamic=1\n" : "");
12120 if (res < 0 || res >= end - pos)
12124 if (bss->wdev_id_set) {
12125 res = os_snprintf(pos, end - pos, "wdev_id=%llu\n",
12126 (unsigned long long) bss->wdev_id);
12127 if (res < 0 || res >= end - pos)
12132 res = os_snprintf(pos, end - pos,
12134 "perm_addr=" MACSTR "\n"
12138 "auth_bssid=" MACSTR "\n"
12139 "auth_attempt_bssid=" MACSTR "\n"
12140 "bssid=" MACSTR "\n"
12141 "prev_bssid=" MACSTR "\n"
12144 "monitor_sock=%d\n"
12145 "monitor_ifidx=%d\n"
12146 "monitor_refcount=%d\n"
12147 "last_mgmt_freq=%u\n"
12148 "eapol_tx_sock=%d\n"
12149 "%s%s%s%s%s%s%s%s%s%s%s%s%s%s",
12151 MAC2STR(drv->perm_addr),
12154 scan_state_str(drv->scan_state),
12155 MAC2STR(drv->auth_bssid),
12156 MAC2STR(drv->auth_attempt_bssid),
12157 MAC2STR(drv->bssid),
12158 MAC2STR(drv->prev_bssid),
12162 drv->monitor_ifidx,
12163 drv->monitor_refcount,
12164 drv->last_mgmt_freq,
12165 drv->eapol_tx_sock,
12166 drv->ignore_if_down_event ?
12167 "ignore_if_down_event=1\n" : "",
12168 drv->scan_complete_events ?
12169 "scan_complete_events=1\n" : "",
12170 drv->disabled_11b_rates ?
12171 "disabled_11b_rates=1\n" : "",
12172 drv->pending_remain_on_chan ?
12173 "pending_remain_on_chan=1\n" : "",
12174 drv->in_interface_list ? "in_interface_list=1\n" : "",
12175 drv->device_ap_sme ? "device_ap_sme=1\n" : "",
12176 drv->poll_command_supported ?
12177 "poll_command_supported=1\n" : "",
12178 drv->data_tx_status ? "data_tx_status=1\n" : "",
12179 drv->scan_for_auth ? "scan_for_auth=1\n" : "",
12180 drv->retry_auth ? "retry_auth=1\n" : "",
12181 drv->use_monitor ? "use_monitor=1\n" : "",
12182 drv->ignore_next_local_disconnect ?
12183 "ignore_next_local_disconnect=1\n" : "",
12184 drv->ignore_next_local_deauth ?
12185 "ignore_next_local_deauth=1\n" : "",
12186 drv->allow_p2p_device ? "allow_p2p_device=1\n" : "");
12187 if (res < 0 || res >= end - pos)
12191 if (drv->has_capability) {
12192 res = os_snprintf(pos, end - pos,
12193 "capa.key_mgmt=0x%x\n"
12196 "capa.flags=0x%llx\n"
12197 "capa.max_scan_ssids=%d\n"
12198 "capa.max_sched_scan_ssids=%d\n"
12199 "capa.sched_scan_supported=%d\n"
12200 "capa.max_match_sets=%d\n"
12201 "capa.max_remain_on_chan=%u\n"
12202 "capa.max_stations=%u\n"
12203 "capa.probe_resp_offloads=0x%x\n"
12204 "capa.max_acl_mac_addrs=%u\n"
12205 "capa.num_multichan_concurrent=%u\n",
12206 drv->capa.key_mgmt,
12209 (unsigned long long) drv->capa.flags,
12210 drv->capa.max_scan_ssids,
12211 drv->capa.max_sched_scan_ssids,
12212 drv->capa.sched_scan_supported,
12213 drv->capa.max_match_sets,
12214 drv->capa.max_remain_on_chan,
12215 drv->capa.max_stations,
12216 drv->capa.probe_resp_offloads,
12217 drv->capa.max_acl_mac_addrs,
12218 drv->capa.num_multichan_concurrent);
12219 if (res < 0 || res >= end - pos)
12228 static int set_beacon_data(struct nl_msg *msg, struct beacon_data *settings)
12230 if (settings->head)
12231 NLA_PUT(msg, NL80211_ATTR_BEACON_HEAD,
12232 settings->head_len, settings->head);
12234 if (settings->tail)
12235 NLA_PUT(msg, NL80211_ATTR_BEACON_TAIL,
12236 settings->tail_len, settings->tail);
12238 if (settings->beacon_ies)
12239 NLA_PUT(msg, NL80211_ATTR_IE,
12240 settings->beacon_ies_len, settings->beacon_ies);
12242 if (settings->proberesp_ies)
12243 NLA_PUT(msg, NL80211_ATTR_IE_PROBE_RESP,
12244 settings->proberesp_ies_len, settings->proberesp_ies);
12246 if (settings->assocresp_ies)
12248 NL80211_ATTR_IE_ASSOC_RESP,
12249 settings->assocresp_ies_len, settings->assocresp_ies);
12251 if (settings->probe_resp)
12252 NLA_PUT(msg, NL80211_ATTR_PROBE_RESP,
12253 settings->probe_resp_len, settings->probe_resp);
12262 static int nl80211_switch_channel(void *priv, struct csa_settings *settings)
12264 struct nl_msg *msg;
12265 struct i802_bss *bss = priv;
12266 struct wpa_driver_nl80211_data *drv = bss->drv;
12267 struct nlattr *beacon_csa;
12268 int ret = -ENOBUFS;
12270 wpa_printf(MSG_DEBUG, "nl80211: Channel switch request (cs_count=%u block_tx=%u freq=%d width=%d cf1=%d cf2=%d)",
12271 settings->cs_count, settings->block_tx,
12272 settings->freq_params.freq, settings->freq_params.bandwidth,
12273 settings->freq_params.center_freq1,
12274 settings->freq_params.center_freq2);
12276 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_AP_CSA)) {
12277 wpa_printf(MSG_DEBUG, "nl80211: Driver does not support channel switch command");
12278 return -EOPNOTSUPP;
12281 if ((drv->nlmode != NL80211_IFTYPE_AP) &&
12282 (drv->nlmode != NL80211_IFTYPE_P2P_GO))
12283 return -EOPNOTSUPP;
12285 /* check settings validity */
12286 if (!settings->beacon_csa.tail ||
12287 ((settings->beacon_csa.tail_len <=
12288 settings->counter_offset_beacon) ||
12289 (settings->beacon_csa.tail[settings->counter_offset_beacon] !=
12290 settings->cs_count)))
12293 if (settings->beacon_csa.probe_resp &&
12294 ((settings->beacon_csa.probe_resp_len <=
12295 settings->counter_offset_presp) ||
12296 (settings->beacon_csa.probe_resp[settings->counter_offset_presp] !=
12297 settings->cs_count)))
12300 msg = nlmsg_alloc();
12304 nl80211_cmd(drv, msg, 0, NL80211_CMD_CHANNEL_SWITCH);
12305 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, bss->ifindex);
12306 NLA_PUT_U32(msg, NL80211_ATTR_CH_SWITCH_COUNT, settings->cs_count);
12307 ret = nl80211_put_freq_params(msg, &settings->freq_params);
12311 if (settings->block_tx)
12312 NLA_PUT_FLAG(msg, NL80211_ATTR_CH_SWITCH_BLOCK_TX);
12314 /* beacon_after params */
12315 ret = set_beacon_data(msg, &settings->beacon_after);
12319 /* beacon_csa params */
12320 beacon_csa = nla_nest_start(msg, NL80211_ATTR_CSA_IES);
12322 goto nla_put_failure;
12324 ret = set_beacon_data(msg, &settings->beacon_csa);
12328 NLA_PUT_U16(msg, NL80211_ATTR_CSA_C_OFF_BEACON,
12329 settings->counter_offset_beacon);
12331 if (settings->beacon_csa.probe_resp)
12332 NLA_PUT_U16(msg, NL80211_ATTR_CSA_C_OFF_PRESP,
12333 settings->counter_offset_presp);
12335 nla_nest_end(msg, beacon_csa);
12336 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
12338 wpa_printf(MSG_DEBUG, "nl80211: switch_channel failed err=%d (%s)",
12339 ret, strerror(-ret));
12347 wpa_printf(MSG_DEBUG, "nl80211: Could not build channel switch request");
12352 #ifdef CONFIG_TESTING_OPTIONS
12353 static int cmd_reply_handler(struct nl_msg *msg, void *arg)
12355 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
12356 struct wpabuf *buf = arg;
12361 if ((size_t) genlmsg_attrlen(gnlh, 0) > wpabuf_tailroom(buf)) {
12362 wpa_printf(MSG_INFO, "nl80211: insufficient buffer space for reply");
12366 wpabuf_put_data(buf, genlmsg_attrdata(gnlh, 0),
12367 genlmsg_attrlen(gnlh, 0));
12371 #endif /* CONFIG_TESTING_OPTIONS */
12374 static int vendor_reply_handler(struct nl_msg *msg, void *arg)
12376 struct nlattr *tb[NL80211_ATTR_MAX + 1];
12377 struct nlattr *nl_vendor_reply, *nl;
12378 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
12379 struct wpabuf *buf = arg;
12385 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
12386 genlmsg_attrlen(gnlh, 0), NULL);
12387 nl_vendor_reply = tb[NL80211_ATTR_VENDOR_DATA];
12389 if (!nl_vendor_reply)
12392 if ((size_t) nla_len(nl_vendor_reply) > wpabuf_tailroom(buf)) {
12393 wpa_printf(MSG_INFO, "nl80211: Vendor command: insufficient buffer space for reply");
12397 nla_for_each_nested(nl, nl_vendor_reply, rem) {
12398 wpabuf_put_data(buf, nla_data(nl), nla_len(nl));
12405 static int nl80211_vendor_cmd(void *priv, unsigned int vendor_id,
12406 unsigned int subcmd, const u8 *data,
12407 size_t data_len, struct wpabuf *buf)
12409 struct i802_bss *bss = priv;
12410 struct wpa_driver_nl80211_data *drv = bss->drv;
12411 struct nl_msg *msg;
12414 msg = nlmsg_alloc();
12418 #ifdef CONFIG_TESTING_OPTIONS
12419 if (vendor_id == 0xffffffff) {
12420 nl80211_cmd(drv, msg, 0, subcmd);
12421 if (nlmsg_append(msg, (void *) data, data_len, NLMSG_ALIGNTO) <
12423 goto nla_put_failure;
12424 ret = send_and_recv_msgs(drv, msg, cmd_reply_handler, buf);
12426 wpa_printf(MSG_DEBUG, "nl80211: command failed err=%d",
12430 #endif /* CONFIG_TESTING_OPTIONS */
12432 nl80211_cmd(drv, msg, 0, NL80211_CMD_VENDOR);
12433 if (nl80211_set_iface_id(msg, bss) < 0)
12434 goto nla_put_failure;
12435 NLA_PUT_U32(msg, NL80211_ATTR_VENDOR_ID, vendor_id);
12436 NLA_PUT_U32(msg, NL80211_ATTR_VENDOR_SUBCMD, subcmd);
12438 NLA_PUT(msg, NL80211_ATTR_VENDOR_DATA, data_len, data);
12440 ret = send_and_recv_msgs(drv, msg, vendor_reply_handler, buf);
12442 wpa_printf(MSG_DEBUG, "nl80211: vendor command failed err=%d",
12452 static int nl80211_set_qos_map(void *priv, const u8 *qos_map_set,
12453 u8 qos_map_set_len)
12455 struct i802_bss *bss = priv;
12456 struct wpa_driver_nl80211_data *drv = bss->drv;
12457 struct nl_msg *msg;
12460 msg = nlmsg_alloc();
12464 wpa_hexdump(MSG_DEBUG, "nl80211: Setting QoS Map",
12465 qos_map_set, qos_map_set_len);
12467 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_QOS_MAP);
12468 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
12469 NLA_PUT(msg, NL80211_ATTR_QOS_MAP, qos_map_set_len, qos_map_set);
12471 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
12473 wpa_printf(MSG_DEBUG, "nl80211: Setting QoS Map failed");
12483 static int nl80211_set_wowlan(void *priv,
12484 const struct wowlan_triggers *triggers)
12486 struct i802_bss *bss = priv;
12487 struct wpa_driver_nl80211_data *drv = bss->drv;
12488 struct nl_msg *msg;
12489 struct nlattr *wowlan_triggers;
12492 msg = nlmsg_alloc();
12496 wpa_printf(MSG_DEBUG, "nl80211: Setting wowlan");
12498 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_WOWLAN);
12499 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
12501 wowlan_triggers = nla_nest_start(msg, NL80211_ATTR_WOWLAN_TRIGGERS);
12502 if (!wowlan_triggers)
12503 goto nla_put_failure;
12506 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_ANY);
12507 if (triggers->disconnect)
12508 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_DISCONNECT);
12509 if (triggers->magic_pkt)
12510 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_MAGIC_PKT);
12511 if (triggers->gtk_rekey_failure)
12512 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE);
12513 if (triggers->eap_identity_req)
12514 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST);
12515 if (triggers->four_way_handshake)
12516 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE);
12517 if (triggers->rfkill_release)
12518 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_RFKILL_RELEASE);
12520 nla_nest_end(msg, wowlan_triggers);
12522 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
12524 wpa_printf(MSG_DEBUG, "nl80211: Setting wowlan failed");
12534 static int nl80211_roaming(void *priv, int allowed, const u8 *bssid)
12536 struct i802_bss *bss = priv;
12537 struct wpa_driver_nl80211_data *drv = bss->drv;
12538 struct nl_msg *msg;
12539 struct nlattr *params;
12541 wpa_printf(MSG_DEBUG, "nl80211: Roaming policy: allowed=%d", allowed);
12543 if (!drv->roaming_vendor_cmd_avail) {
12544 wpa_printf(MSG_DEBUG,
12545 "nl80211: Ignore roaming policy change since driver does not provide command for setting it");
12549 msg = nlmsg_alloc();
12553 nl80211_cmd(drv, msg, 0, NL80211_CMD_VENDOR);
12555 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
12556 NLA_PUT_U32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA);
12557 NLA_PUT_U32(msg, NL80211_ATTR_VENDOR_SUBCMD,
12558 QCA_NL80211_VENDOR_SUBCMD_ROAMING);
12560 params = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA);
12562 goto nla_put_failure;
12563 NLA_PUT_U32(msg, QCA_WLAN_VENDOR_ATTR_ROAMING_POLICY,
12564 allowed ? QCA_ROAMING_ALLOWED_WITHIN_ESS :
12565 QCA_ROAMING_NOT_ALLOWED);
12567 NLA_PUT(msg, QCA_WLAN_VENDOR_ATTR_MAC_ADDR, ETH_ALEN, bssid);
12568 nla_nest_end(msg, params);
12570 return send_and_recv_msgs(drv, msg, NULL, NULL);
12578 static int nl80211_set_mac_addr(void *priv, const u8 *addr)
12580 struct i802_bss *bss = priv;
12581 struct wpa_driver_nl80211_data *drv = bss->drv;
12582 int new_addr = addr != NULL;
12585 addr = drv->perm_addr;
12587 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 0) < 0)
12590 if (linux_set_ifhwaddr(drv->global->ioctl_sock, bss->ifname, addr) < 0)
12592 wpa_printf(MSG_DEBUG,
12593 "nl80211: failed to set_mac_addr for %s to " MACSTR,
12594 bss->ifname, MAC2STR(addr));
12595 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname,
12597 wpa_printf(MSG_DEBUG,
12598 "nl80211: Could not restore interface UP after failed set_mac_addr");
12603 wpa_printf(MSG_DEBUG, "nl80211: set_mac_addr for %s to " MACSTR,
12604 bss->ifname, MAC2STR(addr));
12605 drv->addr_changed = new_addr;
12606 os_memcpy(bss->addr, addr, ETH_ALEN);
12608 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 1) < 0)
12610 wpa_printf(MSG_DEBUG,
12611 "nl80211: Could not restore interface UP after set_mac_addr");
12620 static int wpa_driver_nl80211_init_mesh(void *priv)
12622 if (wpa_driver_nl80211_set_mode(priv, NL80211_IFTYPE_MESH_POINT)) {
12623 wpa_printf(MSG_INFO,
12624 "nl80211: Failed to set interface into mesh mode");
12632 wpa_driver_nl80211_join_mesh(void *priv,
12633 struct wpa_driver_mesh_join_params *params)
12635 struct i802_bss *bss = priv;
12636 struct wpa_driver_nl80211_data *drv = bss->drv;
12637 struct nl_msg *msg;
12638 struct nlattr *container;
12641 msg = nlmsg_alloc();
12645 wpa_printf(MSG_DEBUG, "nl80211: mesh join (ifindex=%d)", drv->ifindex);
12646 nl80211_cmd(drv, msg, 0, NL80211_CMD_JOIN_MESH);
12648 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
12649 /* XXX: need chtype too in case we want HT */
12650 if (params->freq) {
12651 wpa_printf(MSG_DEBUG, " * freq=%d", params->freq);
12652 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, params->freq);
12655 if (params->basic_rates) {
12656 u8 rates[NL80211_MAX_SUPP_RATES];
12660 for (i = 0; i < NL80211_MAX_SUPP_RATES; i++) {
12661 if (params->basic_rates[i] < 0)
12663 rates[rates_len++] = params->basic_rates[i] / 5;
12666 NLA_PUT(msg, NL80211_ATTR_BSS_BASIC_RATES, rates_len, rates);
12669 if (params->meshid) {
12670 wpa_hexdump_ascii(MSG_DEBUG, " * SSID",
12671 params->meshid, params->meshid_len);
12672 NLA_PUT(msg, NL80211_ATTR_MESH_ID, params->meshid_len,
12676 wpa_printf(MSG_DEBUG, " * flags=%08X", params->flags);
12678 container = nla_nest_start(msg, NL80211_ATTR_MESH_SETUP);
12680 goto nla_put_failure;
12683 wpa_hexdump(MSG_DEBUG, " * IEs", params->ies, params->ie_len);
12684 NLA_PUT(msg, NL80211_MESH_SETUP_IE, params->ie_len,
12687 /* WPA_DRIVER_MESH_FLAG_OPEN_AUTH is treated as default by nl80211 */
12688 if (params->flags & WPA_DRIVER_MESH_FLAG_SAE_AUTH) {
12689 NLA_PUT_U8(msg, NL80211_MESH_SETUP_AUTH_PROTOCOL, 0x1);
12690 NLA_PUT_FLAG(msg, NL80211_MESH_SETUP_USERSPACE_AUTH);
12692 if (params->flags & WPA_DRIVER_MESH_FLAG_AMPE)
12693 NLA_PUT_FLAG(msg, NL80211_MESH_SETUP_USERSPACE_AMPE);
12694 if (params->flags & WPA_DRIVER_MESH_FLAG_USER_MPM)
12695 NLA_PUT_FLAG(msg, NL80211_MESH_SETUP_USERSPACE_MPM);
12696 nla_nest_end(msg, container);
12698 container = nla_nest_start(msg, NL80211_ATTR_MESH_CONFIG);
12700 goto nla_put_failure;
12702 if (!(params->conf.flags & WPA_DRIVER_MESH_CONF_FLAG_AUTO_PLINKS))
12703 NLA_PUT_U32(msg, NL80211_MESHCONF_AUTO_OPEN_PLINKS, 0);
12704 nla_nest_end(msg, container);
12706 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
12709 wpa_printf(MSG_DEBUG, "nl80211: mesh join failed: ret=%d (%s)",
12710 ret, strerror(-ret));
12711 goto nla_put_failure;
12714 bss->freq = params->freq;
12715 wpa_printf(MSG_DEBUG, "nl80211: mesh join request send successfully");
12724 static int wpa_driver_nl80211_leave_mesh(void *priv)
12726 struct i802_bss *bss = priv;
12727 struct wpa_driver_nl80211_data *drv = bss->drv;
12728 struct nl_msg *msg;
12731 msg = nlmsg_alloc();
12735 wpa_printf(MSG_DEBUG, "nl80211: mesh leave (ifindex=%d)", drv->ifindex);
12736 nl80211_cmd(drv, msg, 0, NL80211_CMD_LEAVE_MESH);
12737 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
12739 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
12742 wpa_printf(MSG_DEBUG, "nl80211: mesh leave failed: ret=%d (%s)",
12743 ret, strerror(-ret));
12744 goto nla_put_failure;
12747 wpa_printf(MSG_DEBUG, "nl80211: mesh leave request send successfully");
12754 #endif /* CONFIG_MESH */
12757 const struct wpa_driver_ops wpa_driver_nl80211_ops = {
12759 .desc = "Linux nl80211/cfg80211",
12760 .get_bssid = wpa_driver_nl80211_get_bssid,
12761 .get_ssid = wpa_driver_nl80211_get_ssid,
12762 .set_key = driver_nl80211_set_key,
12763 .scan2 = driver_nl80211_scan2,
12764 .sched_scan = wpa_driver_nl80211_sched_scan,
12765 .stop_sched_scan = wpa_driver_nl80211_stop_sched_scan,
12766 .get_scan_results2 = wpa_driver_nl80211_get_scan_results,
12767 .deauthenticate = driver_nl80211_deauthenticate,
12768 .authenticate = driver_nl80211_authenticate,
12769 .associate = wpa_driver_nl80211_associate,
12770 .global_init = nl80211_global_init,
12771 .global_deinit = nl80211_global_deinit,
12772 .init2 = wpa_driver_nl80211_init,
12773 .deinit = driver_nl80211_deinit,
12774 .get_capa = wpa_driver_nl80211_get_capa,
12775 .set_operstate = wpa_driver_nl80211_set_operstate,
12776 .set_supp_port = wpa_driver_nl80211_set_supp_port,
12777 .set_country = wpa_driver_nl80211_set_country,
12778 .get_country = wpa_driver_nl80211_get_country,
12779 .set_ap = wpa_driver_nl80211_set_ap,
12780 .set_acl = wpa_driver_nl80211_set_acl,
12781 .if_add = wpa_driver_nl80211_if_add,
12782 .if_remove = driver_nl80211_if_remove,
12783 .send_mlme = driver_nl80211_send_mlme,
12784 .get_hw_feature_data = wpa_driver_nl80211_get_hw_feature_data,
12785 .sta_add = wpa_driver_nl80211_sta_add,
12786 .sta_remove = driver_nl80211_sta_remove,
12787 .hapd_send_eapol = wpa_driver_nl80211_hapd_send_eapol,
12788 .sta_set_flags = wpa_driver_nl80211_sta_set_flags,
12789 .hapd_init = i802_init,
12790 .hapd_deinit = i802_deinit,
12791 .set_wds_sta = i802_set_wds_sta,
12792 .get_seqnum = i802_get_seqnum,
12793 .flush = i802_flush,
12794 .get_inact_sec = i802_get_inact_sec,
12795 .sta_clear_stats = i802_sta_clear_stats,
12796 .set_rts = i802_set_rts,
12797 .set_frag = i802_set_frag,
12798 .set_tx_queue_params = i802_set_tx_queue_params,
12799 .set_sta_vlan = driver_nl80211_set_sta_vlan,
12800 .sta_deauth = i802_sta_deauth,
12801 .sta_disassoc = i802_sta_disassoc,
12802 .read_sta_data = driver_nl80211_read_sta_data,
12803 .set_freq = i802_set_freq,
12804 .send_action = driver_nl80211_send_action,
12805 .send_action_cancel_wait = wpa_driver_nl80211_send_action_cancel_wait,
12806 .remain_on_channel = wpa_driver_nl80211_remain_on_channel,
12807 .cancel_remain_on_channel =
12808 wpa_driver_nl80211_cancel_remain_on_channel,
12809 .probe_req_report = driver_nl80211_probe_req_report,
12810 .deinit_ap = wpa_driver_nl80211_deinit_ap,
12811 .deinit_p2p_cli = wpa_driver_nl80211_deinit_p2p_cli,
12812 .resume = wpa_driver_nl80211_resume,
12813 .send_ft_action = nl80211_send_ft_action,
12814 .signal_monitor = nl80211_signal_monitor,
12815 .signal_poll = nl80211_signal_poll,
12816 .send_frame = nl80211_send_frame,
12817 .shared_freq = wpa_driver_nl80211_shared_freq,
12818 .set_param = nl80211_set_param,
12819 .get_radio_name = nl80211_get_radio_name,
12820 .add_pmkid = nl80211_add_pmkid,
12821 .remove_pmkid = nl80211_remove_pmkid,
12822 .flush_pmkid = nl80211_flush_pmkid,
12823 .set_rekey_info = nl80211_set_rekey_info,
12824 .poll_client = nl80211_poll_client,
12825 .set_p2p_powersave = nl80211_set_p2p_powersave,
12826 .start_dfs_cac = nl80211_start_radar_detection,
12827 .stop_ap = wpa_driver_nl80211_stop_ap,
12829 .send_tdls_mgmt = nl80211_send_tdls_mgmt,
12830 .tdls_oper = nl80211_tdls_oper,
12831 #endif /* CONFIG_TDLS */
12832 .update_ft_ies = wpa_driver_nl80211_update_ft_ies,
12833 .get_mac_addr = wpa_driver_nl80211_get_macaddr,
12834 .get_survey = wpa_driver_nl80211_get_survey,
12835 .status = wpa_driver_nl80211_status,
12836 .switch_channel = nl80211_switch_channel,
12838 .set_noa = wpa_driver_set_p2p_noa,
12839 .get_noa = wpa_driver_get_p2p_noa,
12840 .set_ap_wps_ie = wpa_driver_set_ap_wps_p2p_ie,
12841 #endif /* ANDROID_P2P */
12843 .driver_cmd = wpa_driver_nl80211_driver_cmd,
12844 #endif /* ANDROID */
12845 .vendor_cmd = nl80211_vendor_cmd,
12846 .set_qos_map = nl80211_set_qos_map,
12847 .set_wowlan = nl80211_set_wowlan,
12848 .roaming = nl80211_roaming,
12849 .set_mac_addr = nl80211_set_mac_addr,
12851 .init_mesh = wpa_driver_nl80211_init_mesh,
12852 .join_mesh = wpa_driver_nl80211_join_mesh,
12853 .leave_mesh = wpa_driver_nl80211_leave_mesh,
12854 #endif /* CONFIG_MESH */