2 * Driver interaction with Linux nl80211/cfg80211
3 * Copyright (c) 2002-2012, Jouni Malinen <j@w1.fi>
4 * Copyright (c) 2003-2004, Instant802 Networks, Inc.
5 * Copyright (c) 2005-2006, Devicescape Software, Inc.
6 * Copyright (c) 2007, Johannes Berg <johannes@sipsolutions.net>
7 * Copyright (c) 2009-2010, Atheros Communications
9 * This software may be distributed under the terms of the BSD license.
10 * See README for more details.
14 #include <sys/ioctl.h>
15 #include <sys/types.h>
19 #include <netlink/genl/genl.h>
20 #include <netlink/genl/family.h>
21 #include <netlink/genl/ctrl.h>
22 #include <linux/rtnetlink.h>
23 #include <netpacket/packet.h>
24 #include <linux/filter.h>
25 #include <linux/errqueue.h>
26 #include "nl80211_copy.h"
30 #include "utils/list.h"
31 #include "common/ieee802_11_defs.h"
32 #include "common/ieee802_11_common.h"
33 #include "l2_packet/l2_packet.h"
35 #include "linux_ioctl.h"
37 #include "radiotap_iter.h"
41 #ifndef SO_WIFI_STATUS
42 # if defined(__sparc__)
43 # define SO_WIFI_STATUS 0x0025
44 # elif defined(__parisc__)
45 # define SO_WIFI_STATUS 0x4022
47 # define SO_WIFI_STATUS 41
50 # define SCM_WIFI_STATUS SO_WIFI_STATUS
53 #ifndef SO_EE_ORIGIN_TXSTATUS
54 #define SO_EE_ORIGIN_TXSTATUS 4
57 #ifndef PACKET_TX_TIMESTAMP
58 #define PACKET_TX_TIMESTAMP 16
62 #include "android_drv.h"
65 /* libnl 2.0 compatibility code */
66 #define nl_handle nl_sock
67 #define nl80211_handle_alloc nl_socket_alloc_cb
68 #define nl80211_handle_destroy nl_socket_free
71 * libnl 1.1 has a bug, it tries to allocate socket numbers densely
72 * but when you free a socket again it will mess up its bitmap and
73 * and use the wrong number the next time it needs a socket ID.
74 * Therefore, we wrap the handle alloc/destroy and add our own pid
77 static uint32_t port_bitmap[32] = { 0 };
79 static struct nl_handle *nl80211_handle_alloc(void *cb)
81 struct nl_handle *handle;
82 uint32_t pid = getpid() & 0x3FFFFF;
85 handle = nl_handle_alloc_cb(cb);
87 for (i = 0; i < 1024; i++) {
88 if (port_bitmap[i / 32] & (1 << (i % 32)))
90 port_bitmap[i / 32] |= 1 << (i % 32);
95 nl_socket_set_local_port(handle, pid);
100 static void nl80211_handle_destroy(struct nl_handle *handle)
102 uint32_t port = nl_socket_get_local_port(handle);
105 port_bitmap[port / 32] &= ~(1 << (port % 32));
107 nl_handle_destroy(handle);
109 #endif /* CONFIG_LIBNL20 */
112 static struct nl_handle * nl_create_handle(struct nl_cb *cb, const char *dbg)
114 struct nl_handle *handle;
116 handle = nl80211_handle_alloc(cb);
117 if (handle == NULL) {
118 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate netlink "
119 "callbacks (%s)", dbg);
123 if (genl_connect(handle)) {
124 wpa_printf(MSG_ERROR, "nl80211: Failed to connect to generic "
125 "netlink (%s)", dbg);
126 nl80211_handle_destroy(handle);
134 static void nl_destroy_handles(struct nl_handle **handle)
138 nl80211_handle_destroy(*handle);
144 #define IFF_LOWER_UP 0x10000 /* driver signals L1 up */
147 #define IFF_DORMANT 0x20000 /* driver signals dormant */
150 #ifndef IF_OPER_DORMANT
151 #define IF_OPER_DORMANT 5
157 struct nl80211_global {
158 struct dl_list interfaces;
160 struct netlink_data *netlink;
162 struct nl_handle *nl;
164 int ioctl_sock; /* socket for ioctl() use */
166 struct nl_handle *nl_event;
169 struct nl80211_wiphy_data {
174 struct nl_handle *nl_beacons;
180 static void nl80211_global_deinit(void *priv);
181 static void wpa_driver_nl80211_deinit(void *priv);
184 struct wpa_driver_nl80211_data *drv;
185 struct i802_bss *next;
187 char ifname[IFNAMSIZ + 1];
188 char brname[IFNAMSIZ];
189 unsigned int beacon_set:1;
190 unsigned int added_if_into_bridge:1;
191 unsigned int added_bridge:1;
197 struct nl_handle *nl_preq, *nl_mgmt;
200 struct nl80211_wiphy_data *wiphy_data;
201 struct dl_list wiphy_list;
204 struct wpa_driver_nl80211_data {
205 struct nl80211_global *global;
207 struct dl_list wiphy_list;
213 int ignore_if_down_event;
214 struct rfkill_data *rfkill;
215 struct wpa_driver_capa capa;
220 int scan_complete_events;
224 u8 auth_bssid[ETH_ALEN];
229 enum nl80211_iftype nlmode;
230 enum nl80211_iftype ap_scan_as_station;
231 unsigned int assoc_freq;
235 int monitor_refcount;
237 unsigned int disabled_11b_rates:1;
238 unsigned int pending_remain_on_chan:1;
239 unsigned int in_interface_list:1;
240 unsigned int device_ap_sme:1;
241 unsigned int poll_command_supported:1;
242 unsigned int data_tx_status:1;
243 unsigned int scan_for_auth:1;
244 unsigned int retry_auth:1;
245 unsigned int use_monitor:1;
247 u64 remain_on_chan_cookie;
248 u64 send_action_cookie;
250 unsigned int last_mgmt_freq;
252 struct wpa_driver_scan_filter *filter_ssids;
253 size_t num_filter_ssids;
255 struct i802_bss first_bss;
260 int eapol_sock; /* socket for EAPOL frames */
262 int default_if_indices[16];
270 /* From failed authentication command */
272 u8 auth_bssid_[ETH_ALEN];
274 size_t auth_ssid_len;
278 u8 auth_wep_key[4][16];
279 size_t auth_wep_key_len[4];
280 int auth_wep_tx_keyidx;
281 int auth_local_state_change;
286 static void wpa_driver_nl80211_scan_timeout(void *eloop_ctx,
288 static int wpa_driver_nl80211_set_mode(struct i802_bss *bss,
289 enum nl80211_iftype nlmode);
291 wpa_driver_nl80211_finish_drv_init(struct wpa_driver_nl80211_data *drv);
292 static int wpa_driver_nl80211_mlme(struct wpa_driver_nl80211_data *drv,
293 const u8 *addr, int cmd, u16 reason_code,
294 int local_state_change);
295 static void nl80211_remove_monitor_interface(
296 struct wpa_driver_nl80211_data *drv);
297 static int nl80211_send_frame_cmd(struct i802_bss *bss,
298 unsigned int freq, unsigned int wait,
299 const u8 *buf, size_t buf_len, u64 *cookie,
300 int no_cck, int no_ack, int offchanok);
301 static int wpa_driver_nl80211_probe_req_report(void *priv, int report);
303 static int android_pno_start(struct i802_bss *bss,
304 struct wpa_driver_scan_params *params);
305 static int android_pno_stop(struct i802_bss *bss);
309 static void add_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx);
310 static void del_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx);
311 static int have_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx);
312 static int wpa_driver_nl80211_if_remove(void *priv,
313 enum wpa_driver_if_type type,
316 static inline void add_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx)
320 static inline void del_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx)
324 static inline int have_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx)
330 static int i802_set_freq(void *priv, struct hostapd_freq_params *freq);
331 static int nl80211_disable_11b_rates(struct wpa_driver_nl80211_data *drv,
332 int ifindex, int disabled);
334 static int nl80211_leave_ibss(struct wpa_driver_nl80211_data *drv);
335 static int wpa_driver_nl80211_authenticate_retry(
336 struct wpa_driver_nl80211_data *drv);
339 static int is_ap_interface(enum nl80211_iftype nlmode)
341 return (nlmode == NL80211_IFTYPE_AP ||
342 nlmode == NL80211_IFTYPE_P2P_GO);
346 static int is_sta_interface(enum nl80211_iftype nlmode)
348 return (nlmode == NL80211_IFTYPE_STATION ||
349 nlmode == NL80211_IFTYPE_P2P_CLIENT);
353 static int is_p2p_interface(enum nl80211_iftype nlmode)
355 return (nlmode == NL80211_IFTYPE_P2P_CLIENT ||
356 nlmode == NL80211_IFTYPE_P2P_GO);
360 struct nl80211_bss_info_arg {
361 struct wpa_driver_nl80211_data *drv;
362 struct wpa_scan_results *res;
363 unsigned int assoc_freq;
364 u8 assoc_bssid[ETH_ALEN];
367 static int bss_info_handler(struct nl_msg *msg, void *arg);
371 static int ack_handler(struct nl_msg *msg, void *arg)
378 static int finish_handler(struct nl_msg *msg, void *arg)
385 static int error_handler(struct sockaddr_nl *nla, struct nlmsgerr *err,
394 static int no_seq_check(struct nl_msg *msg, void *arg)
400 static int send_and_recv(struct nl80211_global *global,
401 struct nl_handle *nl_handle, struct nl_msg *msg,
402 int (*valid_handler)(struct nl_msg *, void *),
408 cb = nl_cb_clone(global->nl_cb);
412 err = nl_send_auto_complete(nl_handle, msg);
418 nl_cb_err(cb, NL_CB_CUSTOM, error_handler, &err);
419 nl_cb_set(cb, NL_CB_FINISH, NL_CB_CUSTOM, finish_handler, &err);
420 nl_cb_set(cb, NL_CB_ACK, NL_CB_CUSTOM, ack_handler, &err);
423 nl_cb_set(cb, NL_CB_VALID, NL_CB_CUSTOM,
424 valid_handler, valid_data);
427 nl_recvmsgs(nl_handle, cb);
435 static int send_and_recv_msgs_global(struct nl80211_global *global,
437 int (*valid_handler)(struct nl_msg *, void *),
440 return send_and_recv(global, global->nl, msg, valid_handler,
445 static int send_and_recv_msgs(struct wpa_driver_nl80211_data *drv,
447 int (*valid_handler)(struct nl_msg *, void *),
450 return send_and_recv(drv->global, drv->global->nl, msg,
451 valid_handler, valid_data);
461 static int family_handler(struct nl_msg *msg, void *arg)
463 struct family_data *res = arg;
464 struct nlattr *tb[CTRL_ATTR_MAX + 1];
465 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
466 struct nlattr *mcgrp;
469 nla_parse(tb, CTRL_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
470 genlmsg_attrlen(gnlh, 0), NULL);
471 if (!tb[CTRL_ATTR_MCAST_GROUPS])
474 nla_for_each_nested(mcgrp, tb[CTRL_ATTR_MCAST_GROUPS], i) {
475 struct nlattr *tb2[CTRL_ATTR_MCAST_GRP_MAX + 1];
476 nla_parse(tb2, CTRL_ATTR_MCAST_GRP_MAX, nla_data(mcgrp),
477 nla_len(mcgrp), NULL);
478 if (!tb2[CTRL_ATTR_MCAST_GRP_NAME] ||
479 !tb2[CTRL_ATTR_MCAST_GRP_ID] ||
480 os_strncmp(nla_data(tb2[CTRL_ATTR_MCAST_GRP_NAME]),
482 nla_len(tb2[CTRL_ATTR_MCAST_GRP_NAME])) != 0)
484 res->id = nla_get_u32(tb2[CTRL_ATTR_MCAST_GRP_ID]);
492 static int nl_get_multicast_id(struct nl80211_global *global,
493 const char *family, const char *group)
497 struct family_data res = { group, -ENOENT };
502 genlmsg_put(msg, 0, 0, genl_ctrl_resolve(global->nl, "nlctrl"),
503 0, 0, CTRL_CMD_GETFAMILY, 0);
504 NLA_PUT_STRING(msg, CTRL_ATTR_FAMILY_NAME, family);
506 ret = send_and_recv_msgs_global(global, msg, family_handler, &res);
517 static void * nl80211_cmd(struct wpa_driver_nl80211_data *drv,
518 struct nl_msg *msg, int flags, uint8_t cmd)
520 return genlmsg_put(msg, 0, 0, drv->global->nl80211_id,
525 struct wiphy_idx_data {
530 static int netdev_info_handler(struct nl_msg *msg, void *arg)
532 struct nlattr *tb[NL80211_ATTR_MAX + 1];
533 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
534 struct wiphy_idx_data *info = arg;
536 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
537 genlmsg_attrlen(gnlh, 0), NULL);
539 if (tb[NL80211_ATTR_WIPHY])
540 info->wiphy_idx = nla_get_u32(tb[NL80211_ATTR_WIPHY]);
546 static int nl80211_get_wiphy_index(struct i802_bss *bss)
549 struct wiphy_idx_data data = {
557 nl80211_cmd(bss->drv, msg, 0, NL80211_CMD_GET_INTERFACE);
559 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, bss->ifindex);
561 if (send_and_recv_msgs(bss->drv, msg, netdev_info_handler, &data) == 0)
562 return data.wiphy_idx;
570 static int nl80211_register_beacons(struct wpa_driver_nl80211_data *drv,
571 struct nl80211_wiphy_data *w)
580 nl80211_cmd(drv, msg, 0, NL80211_CMD_REGISTER_BEACONS);
582 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, w->wiphy_idx);
584 ret = send_and_recv(drv->global, w->nl_beacons, msg, NULL, NULL);
587 wpa_printf(MSG_DEBUG, "nl80211: Register beacons command "
588 "failed: ret=%d (%s)",
589 ret, strerror(-ret));
590 goto nla_put_failure;
599 static void nl80211_recv_beacons(int sock, void *eloop_ctx, void *handle)
601 struct nl80211_wiphy_data *w = eloop_ctx;
603 wpa_printf(MSG_EXCESSIVE, "nl80211: Beacon event message available");
605 nl_recvmsgs(handle, w->nl_cb);
609 static int process_beacon_event(struct nl_msg *msg, void *arg)
611 struct nl80211_wiphy_data *w = arg;
612 struct wpa_driver_nl80211_data *drv;
613 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
614 struct nlattr *tb[NL80211_ATTR_MAX + 1];
615 union wpa_event_data event;
617 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
618 genlmsg_attrlen(gnlh, 0), NULL);
620 if (gnlh->cmd != NL80211_CMD_FRAME) {
621 wpa_printf(MSG_DEBUG, "nl80211: Unexpected beacon event? (%d)",
626 if (!tb[NL80211_ATTR_FRAME])
629 dl_list_for_each(drv, &w->drvs, struct wpa_driver_nl80211_data,
631 os_memset(&event, 0, sizeof(event));
632 event.rx_mgmt.frame = nla_data(tb[NL80211_ATTR_FRAME]);
633 event.rx_mgmt.frame_len = nla_len(tb[NL80211_ATTR_FRAME]);
634 wpa_supplicant_event(drv->ctx, EVENT_RX_MGMT, &event);
641 static struct nl80211_wiphy_data *
642 nl80211_get_wiphy_data_ap(struct i802_bss *bss)
644 static DEFINE_DL_LIST(nl80211_wiphys);
645 struct nl80211_wiphy_data *w;
646 int wiphy_idx, found = 0;
647 struct i802_bss *tmp_bss;
649 if (bss->wiphy_data != NULL)
650 return bss->wiphy_data;
652 wiphy_idx = nl80211_get_wiphy_index(bss);
654 dl_list_for_each(w, &nl80211_wiphys, struct nl80211_wiphy_data, list) {
655 if (w->wiphy_idx == wiphy_idx)
660 w = os_zalloc(sizeof(*w));
663 w->wiphy_idx = wiphy_idx;
664 dl_list_init(&w->bsss);
665 dl_list_init(&w->drvs);
667 w->nl_cb = nl_cb_alloc(NL_CB_DEFAULT);
672 nl_cb_set(w->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM, no_seq_check, NULL);
673 nl_cb_set(w->nl_cb, NL_CB_VALID, NL_CB_CUSTOM, process_beacon_event,
676 w->nl_beacons = nl_create_handle(bss->drv->global->nl_cb,
678 if (w->nl_beacons == NULL) {
683 if (nl80211_register_beacons(bss->drv, w)) {
684 nl_destroy_handles(&w->nl_beacons);
689 eloop_register_read_sock(nl_socket_get_fd(w->nl_beacons),
690 nl80211_recv_beacons, w, w->nl_beacons);
692 dl_list_add(&nl80211_wiphys, &w->list);
695 /* drv entry for this bss already there? */
696 dl_list_for_each(tmp_bss, &w->bsss, struct i802_bss, wiphy_list) {
697 if (tmp_bss->drv == bss->drv) {
704 dl_list_add(&w->drvs, &bss->drv->wiphy_list);
706 dl_list_add(&w->bsss, &bss->wiphy_list);
712 static void nl80211_put_wiphy_data_ap(struct i802_bss *bss)
714 struct nl80211_wiphy_data *w = bss->wiphy_data;
715 struct i802_bss *tmp_bss;
720 bss->wiphy_data = NULL;
721 dl_list_del(&bss->wiphy_list);
723 /* still any for this drv present? */
724 dl_list_for_each(tmp_bss, &w->bsss, struct i802_bss, wiphy_list) {
725 if (tmp_bss->drv == bss->drv) {
730 /* if not remove it */
732 dl_list_del(&bss->drv->wiphy_list);
734 if (!dl_list_empty(&w->bsss))
737 eloop_unregister_read_sock(nl_socket_get_fd(w->nl_beacons));
740 nl_destroy_handles(&w->nl_beacons);
741 dl_list_del(&w->list);
746 static int wpa_driver_nl80211_get_bssid(void *priv, u8 *bssid)
748 struct i802_bss *bss = priv;
749 struct wpa_driver_nl80211_data *drv = bss->drv;
750 if (!drv->associated)
752 os_memcpy(bssid, drv->bssid, ETH_ALEN);
757 static int wpa_driver_nl80211_get_ssid(void *priv, u8 *ssid)
759 struct i802_bss *bss = priv;
760 struct wpa_driver_nl80211_data *drv = bss->drv;
761 if (!drv->associated)
763 os_memcpy(ssid, drv->ssid, drv->ssid_len);
764 return drv->ssid_len;
768 static void wpa_driver_nl80211_event_link(struct wpa_driver_nl80211_data *drv,
769 char *buf, size_t len, int del)
771 union wpa_event_data event;
773 os_memset(&event, 0, sizeof(event));
774 if (len > sizeof(event.interface_status.ifname))
775 len = sizeof(event.interface_status.ifname) - 1;
776 os_memcpy(event.interface_status.ifname, buf, len);
777 event.interface_status.ievent = del ? EVENT_INTERFACE_REMOVED :
778 EVENT_INTERFACE_ADDED;
780 wpa_printf(MSG_DEBUG, "RTM_%sLINK, IFLA_IFNAME: Interface '%s' %s",
782 event.interface_status.ifname,
783 del ? "removed" : "added");
785 if (os_strcmp(drv->first_bss.ifname, event.interface_status.ifname) == 0) {
787 if (drv->if_removed) {
788 wpa_printf(MSG_DEBUG, "nl80211: if_removed "
789 "already set - ignore event");
794 if (if_nametoindex(drv->first_bss.ifname) == 0) {
795 wpa_printf(MSG_DEBUG, "nl80211: Interface %s "
796 "does not exist - ignore "
798 drv->first_bss.ifname);
801 if (!drv->if_removed) {
802 wpa_printf(MSG_DEBUG, "nl80211: if_removed "
803 "already cleared - ignore event");
810 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_STATUS, &event);
814 static int wpa_driver_nl80211_own_ifname(struct wpa_driver_nl80211_data *drv,
817 int attrlen, rta_len;
821 attr = (struct rtattr *) buf;
823 rta_len = RTA_ALIGN(sizeof(struct rtattr));
824 while (RTA_OK(attr, attrlen)) {
825 if (attr->rta_type == IFLA_IFNAME) {
826 if (os_strcmp(((char *) attr) + rta_len, drv->first_bss.ifname)
832 attr = RTA_NEXT(attr, attrlen);
839 static int wpa_driver_nl80211_own_ifindex(struct wpa_driver_nl80211_data *drv,
840 int ifindex, u8 *buf, size_t len)
842 if (drv->ifindex == ifindex)
845 if (drv->if_removed && wpa_driver_nl80211_own_ifname(drv, buf, len)) {
846 drv->first_bss.ifindex = if_nametoindex(drv->first_bss.ifname);
847 wpa_printf(MSG_DEBUG, "nl80211: Update ifindex for a removed "
849 wpa_driver_nl80211_finish_drv_init(drv);
857 static struct wpa_driver_nl80211_data *
858 nl80211_find_drv(struct nl80211_global *global, int idx, u8 *buf, size_t len)
860 struct wpa_driver_nl80211_data *drv;
861 dl_list_for_each(drv, &global->interfaces,
862 struct wpa_driver_nl80211_data, list) {
863 if (wpa_driver_nl80211_own_ifindex(drv, idx, buf, len) ||
864 have_ifidx(drv, idx))
871 static void wpa_driver_nl80211_event_rtm_newlink(void *ctx,
872 struct ifinfomsg *ifi,
875 struct nl80211_global *global = ctx;
876 struct wpa_driver_nl80211_data *drv;
877 int attrlen, rta_len;
880 char namebuf[IFNAMSIZ];
882 drv = nl80211_find_drv(global, ifi->ifi_index, buf, len);
884 wpa_printf(MSG_DEBUG, "nl80211: Ignore event for foreign "
885 "ifindex %d", ifi->ifi_index);
889 wpa_printf(MSG_DEBUG, "RTM_NEWLINK: operstate=%d ifi_flags=0x%x "
891 drv->operstate, ifi->ifi_flags,
892 (ifi->ifi_flags & IFF_UP) ? "[UP]" : "",
893 (ifi->ifi_flags & IFF_RUNNING) ? "[RUNNING]" : "",
894 (ifi->ifi_flags & IFF_LOWER_UP) ? "[LOWER_UP]" : "",
895 (ifi->ifi_flags & IFF_DORMANT) ? "[DORMANT]" : "");
897 if (!drv->if_disabled && !(ifi->ifi_flags & IFF_UP)) {
898 if (if_indextoname(ifi->ifi_index, namebuf) &&
899 linux_iface_up(drv->global->ioctl_sock,
900 drv->first_bss.ifname) > 0) {
901 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface down "
902 "event since interface %s is up", namebuf);
905 wpa_printf(MSG_DEBUG, "nl80211: Interface down");
906 if (drv->ignore_if_down_event) {
907 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface down "
908 "event generated by mode change");
909 drv->ignore_if_down_event = 0;
911 drv->if_disabled = 1;
912 wpa_supplicant_event(drv->ctx,
913 EVENT_INTERFACE_DISABLED, NULL);
917 if (drv->if_disabled && (ifi->ifi_flags & IFF_UP)) {
918 if (if_indextoname(ifi->ifi_index, namebuf) &&
919 linux_iface_up(drv->global->ioctl_sock,
920 drv->first_bss.ifname) == 0) {
921 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface up "
922 "event since interface %s is down",
924 } else if (if_nametoindex(drv->first_bss.ifname) == 0) {
925 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface up "
926 "event since interface %s does not exist",
927 drv->first_bss.ifname);
928 } else if (drv->if_removed) {
929 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface up "
930 "event since interface %s is marked "
931 "removed", drv->first_bss.ifname);
933 wpa_printf(MSG_DEBUG, "nl80211: Interface up");
934 drv->if_disabled = 0;
935 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_ENABLED,
941 * Some drivers send the association event before the operup event--in
942 * this case, lifting operstate in wpa_driver_nl80211_set_operstate()
943 * fails. This will hit us when wpa_supplicant does not need to do
944 * IEEE 802.1X authentication
946 if (drv->operstate == 1 &&
947 (ifi->ifi_flags & (IFF_LOWER_UP | IFF_DORMANT)) == IFF_LOWER_UP &&
948 !(ifi->ifi_flags & IFF_RUNNING))
949 netlink_send_oper_ifla(drv->global->netlink, drv->ifindex,
953 attr = (struct rtattr *) buf;
954 rta_len = RTA_ALIGN(sizeof(struct rtattr));
955 while (RTA_OK(attr, attrlen)) {
956 if (attr->rta_type == IFLA_IFNAME) {
957 wpa_driver_nl80211_event_link(
959 ((char *) attr) + rta_len,
960 attr->rta_len - rta_len, 0);
961 } else if (attr->rta_type == IFLA_MASTER)
962 brid = nla_get_u32((struct nlattr *) attr);
963 attr = RTA_NEXT(attr, attrlen);
966 if (ifi->ifi_family == AF_BRIDGE && brid) {
967 /* device has been added to bridge */
968 if_indextoname(brid, namebuf);
969 wpa_printf(MSG_DEBUG, "nl80211: Add ifindex %u for bridge %s",
971 add_ifidx(drv, brid);
976 static void wpa_driver_nl80211_event_rtm_dellink(void *ctx,
977 struct ifinfomsg *ifi,
980 struct nl80211_global *global = ctx;
981 struct wpa_driver_nl80211_data *drv;
982 int attrlen, rta_len;
986 drv = nl80211_find_drv(global, ifi->ifi_index, buf, len);
988 wpa_printf(MSG_DEBUG, "nl80211: Ignore dellink event for "
989 "foreign ifindex %d", ifi->ifi_index);
994 attr = (struct rtattr *) buf;
996 rta_len = RTA_ALIGN(sizeof(struct rtattr));
997 while (RTA_OK(attr, attrlen)) {
998 if (attr->rta_type == IFLA_IFNAME) {
999 wpa_driver_nl80211_event_link(
1001 ((char *) attr) + rta_len,
1002 attr->rta_len - rta_len, 1);
1003 } else if (attr->rta_type == IFLA_MASTER)
1004 brid = nla_get_u32((struct nlattr *) attr);
1005 attr = RTA_NEXT(attr, attrlen);
1008 if (ifi->ifi_family == AF_BRIDGE && brid) {
1009 /* device has been removed from bridge */
1010 char namebuf[IFNAMSIZ];
1011 if_indextoname(brid, namebuf);
1012 wpa_printf(MSG_DEBUG, "nl80211: Remove ifindex %u for bridge "
1013 "%s", brid, namebuf);
1014 del_ifidx(drv, brid);
1019 static void mlme_event_auth(struct wpa_driver_nl80211_data *drv,
1020 const u8 *frame, size_t len)
1022 const struct ieee80211_mgmt *mgmt;
1023 union wpa_event_data event;
1025 mgmt = (const struct ieee80211_mgmt *) frame;
1026 if (len < 24 + sizeof(mgmt->u.auth)) {
1027 wpa_printf(MSG_DEBUG, "nl80211: Too short association event "
1032 os_memcpy(drv->auth_bssid, mgmt->sa, ETH_ALEN);
1033 os_memset(&event, 0, sizeof(event));
1034 os_memcpy(event.auth.peer, mgmt->sa, ETH_ALEN);
1035 event.auth.auth_type = le_to_host16(mgmt->u.auth.auth_alg);
1036 event.auth.status_code = le_to_host16(mgmt->u.auth.status_code);
1037 if (len > 24 + sizeof(mgmt->u.auth)) {
1038 event.auth.ies = mgmt->u.auth.variable;
1039 event.auth.ies_len = len - 24 - sizeof(mgmt->u.auth);
1042 wpa_supplicant_event(drv->ctx, EVENT_AUTH, &event);
1046 static unsigned int nl80211_get_assoc_freq(struct wpa_driver_nl80211_data *drv)
1050 struct nl80211_bss_info_arg arg;
1052 os_memset(&arg, 0, sizeof(arg));
1053 msg = nlmsg_alloc();
1055 goto nla_put_failure;
1057 nl80211_cmd(drv, msg, NLM_F_DUMP, NL80211_CMD_GET_SCAN);
1058 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
1061 ret = send_and_recv_msgs(drv, msg, bss_info_handler, &arg);
1064 wpa_printf(MSG_DEBUG, "nl80211: Operating frequency for the "
1065 "associated BSS from scan results: %u MHz",
1067 return arg.assoc_freq ? arg.assoc_freq : drv->assoc_freq;
1069 wpa_printf(MSG_DEBUG, "nl80211: Scan result fetch failed: ret=%d "
1070 "(%s)", ret, strerror(-ret));
1073 return drv->assoc_freq;
1077 static void mlme_event_assoc(struct wpa_driver_nl80211_data *drv,
1078 const u8 *frame, size_t len)
1080 const struct ieee80211_mgmt *mgmt;
1081 union wpa_event_data event;
1084 mgmt = (const struct ieee80211_mgmt *) frame;
1085 if (len < 24 + sizeof(mgmt->u.assoc_resp)) {
1086 wpa_printf(MSG_DEBUG, "nl80211: Too short association event "
1091 status = le_to_host16(mgmt->u.assoc_resp.status_code);
1092 if (status != WLAN_STATUS_SUCCESS) {
1093 os_memset(&event, 0, sizeof(event));
1094 event.assoc_reject.bssid = mgmt->bssid;
1095 if (len > 24 + sizeof(mgmt->u.assoc_resp)) {
1096 event.assoc_reject.resp_ies =
1097 (u8 *) mgmt->u.assoc_resp.variable;
1098 event.assoc_reject.resp_ies_len =
1099 len - 24 - sizeof(mgmt->u.assoc_resp);
1101 event.assoc_reject.status_code = status;
1103 wpa_supplicant_event(drv->ctx, EVENT_ASSOC_REJECT, &event);
1107 drv->associated = 1;
1108 os_memcpy(drv->bssid, mgmt->sa, ETH_ALEN);
1110 os_memset(&event, 0, sizeof(event));
1111 if (len > 24 + sizeof(mgmt->u.assoc_resp)) {
1112 event.assoc_info.resp_ies = (u8 *) mgmt->u.assoc_resp.variable;
1113 event.assoc_info.resp_ies_len =
1114 len - 24 - sizeof(mgmt->u.assoc_resp);
1117 event.assoc_info.freq = drv->assoc_freq;
1119 wpa_supplicant_event(drv->ctx, EVENT_ASSOC, &event);
1123 static void mlme_event_connect(struct wpa_driver_nl80211_data *drv,
1124 enum nl80211_commands cmd, struct nlattr *status,
1125 struct nlattr *addr, struct nlattr *req_ie,
1126 struct nlattr *resp_ie)
1128 union wpa_event_data event;
1130 if (drv->capa.flags & WPA_DRIVER_FLAGS_SME) {
1132 * Avoid reporting two association events that would confuse
1135 wpa_printf(MSG_DEBUG, "nl80211: Ignore connect event (cmd=%d) "
1136 "when using userspace SME", cmd);
1140 os_memset(&event, 0, sizeof(event));
1141 if (cmd == NL80211_CMD_CONNECT &&
1142 nla_get_u16(status) != WLAN_STATUS_SUCCESS) {
1144 event.assoc_reject.bssid = nla_data(addr);
1146 event.assoc_reject.resp_ies = nla_data(resp_ie);
1147 event.assoc_reject.resp_ies_len = nla_len(resp_ie);
1149 event.assoc_reject.status_code = nla_get_u16(status);
1150 wpa_supplicant_event(drv->ctx, EVENT_ASSOC_REJECT, &event);
1154 drv->associated = 1;
1156 os_memcpy(drv->bssid, nla_data(addr), ETH_ALEN);
1159 event.assoc_info.req_ies = nla_data(req_ie);
1160 event.assoc_info.req_ies_len = nla_len(req_ie);
1163 event.assoc_info.resp_ies = nla_data(resp_ie);
1164 event.assoc_info.resp_ies_len = nla_len(resp_ie);
1167 event.assoc_info.freq = nl80211_get_assoc_freq(drv);
1169 wpa_supplicant_event(drv->ctx, EVENT_ASSOC, &event);
1173 static void mlme_event_disconnect(struct wpa_driver_nl80211_data *drv,
1174 struct nlattr *reason, struct nlattr *addr,
1175 struct nlattr *by_ap)
1177 union wpa_event_data data;
1179 if (drv->capa.flags & WPA_DRIVER_FLAGS_SME) {
1181 * Avoid reporting two disassociation events that could
1182 * confuse the core code.
1184 wpa_printf(MSG_DEBUG, "nl80211: Ignore disconnect "
1185 "event when using userspace SME");
1189 drv->associated = 0;
1190 os_memset(&data, 0, sizeof(data));
1192 data.disassoc_info.reason_code = nla_get_u16(reason);
1193 data.disassoc_info.locally_generated = by_ap == NULL;
1194 wpa_supplicant_event(drv->ctx, EVENT_DISASSOC, &data);
1198 static void mlme_timeout_event(struct wpa_driver_nl80211_data *drv,
1199 enum nl80211_commands cmd, struct nlattr *addr)
1201 union wpa_event_data event;
1202 enum wpa_event_type ev;
1204 if (nla_len(addr) != ETH_ALEN)
1207 wpa_printf(MSG_DEBUG, "nl80211: MLME event %d; timeout with " MACSTR,
1208 cmd, MAC2STR((u8 *) nla_data(addr)));
1210 if (cmd == NL80211_CMD_AUTHENTICATE)
1211 ev = EVENT_AUTH_TIMED_OUT;
1212 else if (cmd == NL80211_CMD_ASSOCIATE)
1213 ev = EVENT_ASSOC_TIMED_OUT;
1217 os_memset(&event, 0, sizeof(event));
1218 os_memcpy(event.timeout_event.addr, nla_data(addr), ETH_ALEN);
1219 wpa_supplicant_event(drv->ctx, ev, &event);
1223 static void mlme_event_mgmt(struct wpa_driver_nl80211_data *drv,
1224 struct nlattr *freq, struct nlattr *sig,
1225 const u8 *frame, size_t len)
1227 const struct ieee80211_mgmt *mgmt;
1228 union wpa_event_data event;
1232 mgmt = (const struct ieee80211_mgmt *) frame;
1234 wpa_printf(MSG_DEBUG, "nl80211: Too short action frame");
1238 fc = le_to_host16(mgmt->frame_control);
1239 stype = WLAN_FC_GET_STYPE(fc);
1242 ssi_signal = (s32) nla_get_u32(sig);
1244 os_memset(&event, 0, sizeof(event));
1246 event.rx_action.freq = nla_get_u32(freq);
1247 drv->last_mgmt_freq = event.rx_action.freq;
1249 if (stype == WLAN_FC_STYPE_ACTION) {
1250 event.rx_action.da = mgmt->da;
1251 event.rx_action.sa = mgmt->sa;
1252 event.rx_action.bssid = mgmt->bssid;
1253 event.rx_action.category = mgmt->u.action.category;
1254 event.rx_action.data = &mgmt->u.action.category + 1;
1255 event.rx_action.len = frame + len - event.rx_action.data;
1256 wpa_supplicant_event(drv->ctx, EVENT_RX_ACTION, &event);
1258 event.rx_mgmt.frame = frame;
1259 event.rx_mgmt.frame_len = len;
1260 event.rx_mgmt.ssi_signal = ssi_signal;
1261 wpa_supplicant_event(drv->ctx, EVENT_RX_MGMT, &event);
1266 static void mlme_event_mgmt_tx_status(struct wpa_driver_nl80211_data *drv,
1267 struct nlattr *cookie, const u8 *frame,
1268 size_t len, struct nlattr *ack)
1270 union wpa_event_data event;
1271 const struct ieee80211_hdr *hdr;
1274 if (!is_ap_interface(drv->nlmode)) {
1280 cookie_val = nla_get_u64(cookie);
1281 wpa_printf(MSG_DEBUG, "nl80211: Action TX status:"
1282 " cookie=0%llx%s (ack=%d)",
1283 (long long unsigned int) cookie_val,
1284 cookie_val == drv->send_action_cookie ?
1285 " (match)" : " (unknown)", ack != NULL);
1286 if (cookie_val != drv->send_action_cookie)
1290 hdr = (const struct ieee80211_hdr *) frame;
1291 fc = le_to_host16(hdr->frame_control);
1293 os_memset(&event, 0, sizeof(event));
1294 event.tx_status.type = WLAN_FC_GET_TYPE(fc);
1295 event.tx_status.stype = WLAN_FC_GET_STYPE(fc);
1296 event.tx_status.dst = hdr->addr1;
1297 event.tx_status.data = frame;
1298 event.tx_status.data_len = len;
1299 event.tx_status.ack = ack != NULL;
1300 wpa_supplicant_event(drv->ctx, EVENT_TX_STATUS, &event);
1304 static void mlme_event_deauth_disassoc(struct wpa_driver_nl80211_data *drv,
1305 enum wpa_event_type type,
1306 const u8 *frame, size_t len)
1308 const struct ieee80211_mgmt *mgmt;
1309 union wpa_event_data event;
1310 const u8 *bssid = NULL;
1311 u16 reason_code = 0;
1313 mgmt = (const struct ieee80211_mgmt *) frame;
1315 bssid = mgmt->bssid;
1317 if (drv->associated != 0 &&
1318 os_memcmp(bssid, drv->bssid, ETH_ALEN) != 0 &&
1319 os_memcmp(bssid, drv->auth_bssid, ETH_ALEN) != 0) {
1321 * We have presumably received this deauth as a
1322 * response to a clear_state_mismatch() outgoing
1323 * deauth. Don't let it take us offline!
1325 wpa_printf(MSG_DEBUG, "nl80211: Deauth received "
1326 "from Unknown BSSID " MACSTR " -- ignoring",
1332 drv->associated = 0;
1333 os_memset(&event, 0, sizeof(event));
1335 /* Note: Same offset for Reason Code in both frame subtypes */
1336 if (len >= 24 + sizeof(mgmt->u.deauth))
1337 reason_code = le_to_host16(mgmt->u.deauth.reason_code);
1339 if (type == EVENT_DISASSOC) {
1340 event.disassoc_info.locally_generated =
1341 !os_memcmp(mgmt->sa, drv->first_bss.addr, ETH_ALEN);
1342 event.disassoc_info.addr = bssid;
1343 event.disassoc_info.reason_code = reason_code;
1344 if (frame + len > mgmt->u.disassoc.variable) {
1345 event.disassoc_info.ie = mgmt->u.disassoc.variable;
1346 event.disassoc_info.ie_len = frame + len -
1347 mgmt->u.disassoc.variable;
1350 event.deauth_info.locally_generated =
1351 !os_memcmp(mgmt->sa, drv->first_bss.addr, ETH_ALEN);
1352 event.deauth_info.addr = bssid;
1353 event.deauth_info.reason_code = reason_code;
1354 if (frame + len > mgmt->u.deauth.variable) {
1355 event.deauth_info.ie = mgmt->u.deauth.variable;
1356 event.deauth_info.ie_len = frame + len -
1357 mgmt->u.deauth.variable;
1361 wpa_supplicant_event(drv->ctx, type, &event);
1365 static void mlme_event_unprot_disconnect(struct wpa_driver_nl80211_data *drv,
1366 enum wpa_event_type type,
1367 const u8 *frame, size_t len)
1369 const struct ieee80211_mgmt *mgmt;
1370 union wpa_event_data event;
1371 u16 reason_code = 0;
1376 mgmt = (const struct ieee80211_mgmt *) frame;
1378 os_memset(&event, 0, sizeof(event));
1379 /* Note: Same offset for Reason Code in both frame subtypes */
1380 if (len >= 24 + sizeof(mgmt->u.deauth))
1381 reason_code = le_to_host16(mgmt->u.deauth.reason_code);
1383 if (type == EVENT_UNPROT_DISASSOC) {
1384 event.unprot_disassoc.sa = mgmt->sa;
1385 event.unprot_disassoc.da = mgmt->da;
1386 event.unprot_disassoc.reason_code = reason_code;
1388 event.unprot_deauth.sa = mgmt->sa;
1389 event.unprot_deauth.da = mgmt->da;
1390 event.unprot_deauth.reason_code = reason_code;
1393 wpa_supplicant_event(drv->ctx, type, &event);
1397 static void mlme_event(struct wpa_driver_nl80211_data *drv,
1398 enum nl80211_commands cmd, struct nlattr *frame,
1399 struct nlattr *addr, struct nlattr *timed_out,
1400 struct nlattr *freq, struct nlattr *ack,
1401 struct nlattr *cookie, struct nlattr *sig)
1403 if (timed_out && addr) {
1404 mlme_timeout_event(drv, cmd, addr);
1408 if (frame == NULL) {
1409 wpa_printf(MSG_DEBUG, "nl80211: MLME event %d without frame "
1414 wpa_printf(MSG_DEBUG, "nl80211: MLME event %d", cmd);
1415 wpa_hexdump(MSG_MSGDUMP, "nl80211: MLME event frame",
1416 nla_data(frame), nla_len(frame));
1419 case NL80211_CMD_AUTHENTICATE:
1420 mlme_event_auth(drv, nla_data(frame), nla_len(frame));
1422 case NL80211_CMD_ASSOCIATE:
1423 mlme_event_assoc(drv, nla_data(frame), nla_len(frame));
1425 case NL80211_CMD_DEAUTHENTICATE:
1426 mlme_event_deauth_disassoc(drv, EVENT_DEAUTH,
1427 nla_data(frame), nla_len(frame));
1429 case NL80211_CMD_DISASSOCIATE:
1430 mlme_event_deauth_disassoc(drv, EVENT_DISASSOC,
1431 nla_data(frame), nla_len(frame));
1433 case NL80211_CMD_FRAME:
1434 mlme_event_mgmt(drv, freq, sig, nla_data(frame),
1437 case NL80211_CMD_FRAME_TX_STATUS:
1438 mlme_event_mgmt_tx_status(drv, cookie, nla_data(frame),
1439 nla_len(frame), ack);
1441 case NL80211_CMD_UNPROT_DEAUTHENTICATE:
1442 mlme_event_unprot_disconnect(drv, EVENT_UNPROT_DEAUTH,
1443 nla_data(frame), nla_len(frame));
1445 case NL80211_CMD_UNPROT_DISASSOCIATE:
1446 mlme_event_unprot_disconnect(drv, EVENT_UNPROT_DISASSOC,
1447 nla_data(frame), nla_len(frame));
1455 static void mlme_event_michael_mic_failure(struct wpa_driver_nl80211_data *drv,
1456 struct nlattr *tb[])
1458 union wpa_event_data data;
1460 wpa_printf(MSG_DEBUG, "nl80211: MLME event Michael MIC failure");
1461 os_memset(&data, 0, sizeof(data));
1462 if (tb[NL80211_ATTR_MAC]) {
1463 wpa_hexdump(MSG_DEBUG, "nl80211: Source MAC address",
1464 nla_data(tb[NL80211_ATTR_MAC]),
1465 nla_len(tb[NL80211_ATTR_MAC]));
1466 data.michael_mic_failure.src = nla_data(tb[NL80211_ATTR_MAC]);
1468 if (tb[NL80211_ATTR_KEY_SEQ]) {
1469 wpa_hexdump(MSG_DEBUG, "nl80211: TSC",
1470 nla_data(tb[NL80211_ATTR_KEY_SEQ]),
1471 nla_len(tb[NL80211_ATTR_KEY_SEQ]));
1473 if (tb[NL80211_ATTR_KEY_TYPE]) {
1474 enum nl80211_key_type key_type =
1475 nla_get_u32(tb[NL80211_ATTR_KEY_TYPE]);
1476 wpa_printf(MSG_DEBUG, "nl80211: Key Type %d", key_type);
1477 if (key_type == NL80211_KEYTYPE_PAIRWISE)
1478 data.michael_mic_failure.unicast = 1;
1480 data.michael_mic_failure.unicast = 1;
1482 if (tb[NL80211_ATTR_KEY_IDX]) {
1483 u8 key_id = nla_get_u8(tb[NL80211_ATTR_KEY_IDX]);
1484 wpa_printf(MSG_DEBUG, "nl80211: Key Id %d", key_id);
1487 wpa_supplicant_event(drv->ctx, EVENT_MICHAEL_MIC_FAILURE, &data);
1491 static void mlme_event_join_ibss(struct wpa_driver_nl80211_data *drv,
1492 struct nlattr *tb[])
1494 if (tb[NL80211_ATTR_MAC] == NULL) {
1495 wpa_printf(MSG_DEBUG, "nl80211: No address in IBSS joined "
1499 os_memcpy(drv->bssid, nla_data(tb[NL80211_ATTR_MAC]), ETH_ALEN);
1500 drv->associated = 1;
1501 wpa_printf(MSG_DEBUG, "nl80211: IBSS " MACSTR " joined",
1502 MAC2STR(drv->bssid));
1504 wpa_supplicant_event(drv->ctx, EVENT_ASSOC, NULL);
1508 static void mlme_event_remain_on_channel(struct wpa_driver_nl80211_data *drv,
1509 int cancel_event, struct nlattr *tb[])
1511 unsigned int freq, chan_type, duration;
1512 union wpa_event_data data;
1515 if (tb[NL80211_ATTR_WIPHY_FREQ])
1516 freq = nla_get_u32(tb[NL80211_ATTR_WIPHY_FREQ]);
1520 if (tb[NL80211_ATTR_WIPHY_CHANNEL_TYPE])
1521 chan_type = nla_get_u32(tb[NL80211_ATTR_WIPHY_CHANNEL_TYPE]);
1525 if (tb[NL80211_ATTR_DURATION])
1526 duration = nla_get_u32(tb[NL80211_ATTR_DURATION]);
1530 if (tb[NL80211_ATTR_COOKIE])
1531 cookie = nla_get_u64(tb[NL80211_ATTR_COOKIE]);
1535 wpa_printf(MSG_DEBUG, "nl80211: Remain-on-channel event (cancel=%d "
1536 "freq=%u channel_type=%u duration=%u cookie=0x%llx (%s))",
1537 cancel_event, freq, chan_type, duration,
1538 (long long unsigned int) cookie,
1539 cookie == drv->remain_on_chan_cookie ? "match" : "unknown");
1541 if (cookie != drv->remain_on_chan_cookie)
1542 return; /* not for us */
1545 drv->pending_remain_on_chan = 0;
1547 os_memset(&data, 0, sizeof(data));
1548 data.remain_on_channel.freq = freq;
1549 data.remain_on_channel.duration = duration;
1550 wpa_supplicant_event(drv->ctx, cancel_event ?
1551 EVENT_CANCEL_REMAIN_ON_CHANNEL :
1552 EVENT_REMAIN_ON_CHANNEL, &data);
1556 static void send_scan_event(struct wpa_driver_nl80211_data *drv, int aborted,
1557 struct nlattr *tb[])
1559 union wpa_event_data event;
1562 struct scan_info *info;
1563 #define MAX_REPORT_FREQS 50
1564 int freqs[MAX_REPORT_FREQS];
1567 if (drv->scan_for_auth) {
1568 drv->scan_for_auth = 0;
1569 wpa_printf(MSG_DEBUG, "nl80211: Scan results for missing "
1570 "cfg80211 BSS entry");
1571 wpa_driver_nl80211_authenticate_retry(drv);
1575 os_memset(&event, 0, sizeof(event));
1576 info = &event.scan_info;
1577 info->aborted = aborted;
1579 if (tb[NL80211_ATTR_SCAN_SSIDS]) {
1580 nla_for_each_nested(nl, tb[NL80211_ATTR_SCAN_SSIDS], rem) {
1581 struct wpa_driver_scan_ssid *s =
1582 &info->ssids[info->num_ssids];
1583 s->ssid = nla_data(nl);
1584 s->ssid_len = nla_len(nl);
1586 if (info->num_ssids == WPAS_MAX_SCAN_SSIDS)
1590 if (tb[NL80211_ATTR_SCAN_FREQUENCIES]) {
1591 nla_for_each_nested(nl, tb[NL80211_ATTR_SCAN_FREQUENCIES], rem)
1593 freqs[num_freqs] = nla_get_u32(nl);
1595 if (num_freqs == MAX_REPORT_FREQS - 1)
1598 info->freqs = freqs;
1599 info->num_freqs = num_freqs;
1601 wpa_supplicant_event(drv->ctx, EVENT_SCAN_RESULTS, &event);
1605 static int get_link_signal(struct nl_msg *msg, void *arg)
1607 struct nlattr *tb[NL80211_ATTR_MAX + 1];
1608 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
1609 struct nlattr *sinfo[NL80211_STA_INFO_MAX + 1];
1610 static struct nla_policy policy[NL80211_STA_INFO_MAX + 1] = {
1611 [NL80211_STA_INFO_SIGNAL] = { .type = NLA_U8 },
1613 struct nlattr *rinfo[NL80211_RATE_INFO_MAX + 1];
1614 static struct nla_policy rate_policy[NL80211_RATE_INFO_MAX + 1] = {
1615 [NL80211_RATE_INFO_BITRATE] = { .type = NLA_U16 },
1616 [NL80211_RATE_INFO_MCS] = { .type = NLA_U8 },
1617 [NL80211_RATE_INFO_40_MHZ_WIDTH] = { .type = NLA_FLAG },
1618 [NL80211_RATE_INFO_SHORT_GI] = { .type = NLA_FLAG },
1620 struct wpa_signal_info *sig_change = arg;
1622 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
1623 genlmsg_attrlen(gnlh, 0), NULL);
1624 if (!tb[NL80211_ATTR_STA_INFO] ||
1625 nla_parse_nested(sinfo, NL80211_STA_INFO_MAX,
1626 tb[NL80211_ATTR_STA_INFO], policy))
1628 if (!sinfo[NL80211_STA_INFO_SIGNAL])
1631 sig_change->current_signal =
1632 (s8) nla_get_u8(sinfo[NL80211_STA_INFO_SIGNAL]);
1634 if (sinfo[NL80211_STA_INFO_TX_BITRATE]) {
1635 if (nla_parse_nested(rinfo, NL80211_RATE_INFO_MAX,
1636 sinfo[NL80211_STA_INFO_TX_BITRATE],
1638 sig_change->current_txrate = 0;
1640 if (rinfo[NL80211_RATE_INFO_BITRATE]) {
1641 sig_change->current_txrate =
1643 NL80211_RATE_INFO_BITRATE]) * 100;
1652 static int nl80211_get_link_signal(struct wpa_driver_nl80211_data *drv,
1653 struct wpa_signal_info *sig)
1657 sig->current_signal = -9999;
1658 sig->current_txrate = 0;
1660 msg = nlmsg_alloc();
1664 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_STATION);
1666 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
1667 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, drv->bssid);
1669 return send_and_recv_msgs(drv, msg, get_link_signal, sig);
1676 static int get_link_noise(struct nl_msg *msg, void *arg)
1678 struct nlattr *tb[NL80211_ATTR_MAX + 1];
1679 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
1680 struct nlattr *sinfo[NL80211_SURVEY_INFO_MAX + 1];
1681 static struct nla_policy survey_policy[NL80211_SURVEY_INFO_MAX + 1] = {
1682 [NL80211_SURVEY_INFO_FREQUENCY] = { .type = NLA_U32 },
1683 [NL80211_SURVEY_INFO_NOISE] = { .type = NLA_U8 },
1685 struct wpa_signal_info *sig_change = arg;
1687 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
1688 genlmsg_attrlen(gnlh, 0), NULL);
1690 if (!tb[NL80211_ATTR_SURVEY_INFO]) {
1691 wpa_printf(MSG_DEBUG, "nl80211: survey data missing!");
1695 if (nla_parse_nested(sinfo, NL80211_SURVEY_INFO_MAX,
1696 tb[NL80211_ATTR_SURVEY_INFO],
1698 wpa_printf(MSG_DEBUG, "nl80211: failed to parse nested "
1703 if (!sinfo[NL80211_SURVEY_INFO_FREQUENCY])
1706 if (nla_get_u32(sinfo[NL80211_SURVEY_INFO_FREQUENCY]) !=
1707 sig_change->frequency)
1710 if (!sinfo[NL80211_SURVEY_INFO_NOISE])
1713 sig_change->current_noise =
1714 (s8) nla_get_u8(sinfo[NL80211_SURVEY_INFO_NOISE]);
1720 static int nl80211_get_link_noise(struct wpa_driver_nl80211_data *drv,
1721 struct wpa_signal_info *sig_change)
1725 sig_change->current_noise = 9999;
1726 sig_change->frequency = drv->assoc_freq;
1728 msg = nlmsg_alloc();
1732 nl80211_cmd(drv, msg, NLM_F_DUMP, NL80211_CMD_GET_SURVEY);
1734 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
1736 return send_and_recv_msgs(drv, msg, get_link_noise, sig_change);
1743 static int get_noise_for_scan_results(struct nl_msg *msg, void *arg)
1745 struct nlattr *tb[NL80211_ATTR_MAX + 1];
1746 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
1747 struct nlattr *sinfo[NL80211_SURVEY_INFO_MAX + 1];
1748 static struct nla_policy survey_policy[NL80211_SURVEY_INFO_MAX + 1] = {
1749 [NL80211_SURVEY_INFO_FREQUENCY] = { .type = NLA_U32 },
1750 [NL80211_SURVEY_INFO_NOISE] = { .type = NLA_U8 },
1752 struct wpa_scan_results *scan_results = arg;
1753 struct wpa_scan_res *scan_res;
1756 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
1757 genlmsg_attrlen(gnlh, 0), NULL);
1759 if (!tb[NL80211_ATTR_SURVEY_INFO]) {
1760 wpa_printf(MSG_DEBUG, "nl80211: Survey data missing");
1764 if (nla_parse_nested(sinfo, NL80211_SURVEY_INFO_MAX,
1765 tb[NL80211_ATTR_SURVEY_INFO],
1767 wpa_printf(MSG_DEBUG, "nl80211: Failed to parse nested "
1772 if (!sinfo[NL80211_SURVEY_INFO_NOISE])
1775 if (!sinfo[NL80211_SURVEY_INFO_FREQUENCY])
1778 for (i = 0; i < scan_results->num; ++i) {
1779 scan_res = scan_results->res[i];
1782 if ((int) nla_get_u32(sinfo[NL80211_SURVEY_INFO_FREQUENCY]) !=
1785 if (!(scan_res->flags & WPA_SCAN_NOISE_INVALID))
1787 scan_res->noise = (s8)
1788 nla_get_u8(sinfo[NL80211_SURVEY_INFO_NOISE]);
1789 scan_res->flags &= ~WPA_SCAN_NOISE_INVALID;
1796 static int nl80211_get_noise_for_scan_results(
1797 struct wpa_driver_nl80211_data *drv,
1798 struct wpa_scan_results *scan_res)
1802 msg = nlmsg_alloc();
1806 nl80211_cmd(drv, msg, NLM_F_DUMP, NL80211_CMD_GET_SURVEY);
1808 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
1810 return send_and_recv_msgs(drv, msg, get_noise_for_scan_results,
1818 static void nl80211_cqm_event(struct wpa_driver_nl80211_data *drv,
1819 struct nlattr *tb[])
1821 static struct nla_policy cqm_policy[NL80211_ATTR_CQM_MAX + 1] = {
1822 [NL80211_ATTR_CQM_RSSI_THOLD] = { .type = NLA_U32 },
1823 [NL80211_ATTR_CQM_RSSI_HYST] = { .type = NLA_U8 },
1824 [NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT] = { .type = NLA_U32 },
1825 [NL80211_ATTR_CQM_PKT_LOSS_EVENT] = { .type = NLA_U32 },
1827 struct nlattr *cqm[NL80211_ATTR_CQM_MAX + 1];
1828 enum nl80211_cqm_rssi_threshold_event event;
1829 union wpa_event_data ed;
1830 struct wpa_signal_info sig;
1833 if (tb[NL80211_ATTR_CQM] == NULL ||
1834 nla_parse_nested(cqm, NL80211_ATTR_CQM_MAX, tb[NL80211_ATTR_CQM],
1836 wpa_printf(MSG_DEBUG, "nl80211: Ignore invalid CQM event");
1840 os_memset(&ed, 0, sizeof(ed));
1842 if (cqm[NL80211_ATTR_CQM_PKT_LOSS_EVENT]) {
1843 if (!tb[NL80211_ATTR_MAC])
1845 os_memcpy(ed.low_ack.addr, nla_data(tb[NL80211_ATTR_MAC]),
1847 wpa_supplicant_event(drv->ctx, EVENT_STATION_LOW_ACK, &ed);
1851 if (cqm[NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT] == NULL)
1853 event = nla_get_u32(cqm[NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT]);
1855 if (event == NL80211_CQM_RSSI_THRESHOLD_EVENT_HIGH) {
1856 wpa_printf(MSG_DEBUG, "nl80211: Connection quality monitor "
1857 "event: RSSI high");
1858 ed.signal_change.above_threshold = 1;
1859 } else if (event == NL80211_CQM_RSSI_THRESHOLD_EVENT_LOW) {
1860 wpa_printf(MSG_DEBUG, "nl80211: Connection quality monitor "
1862 ed.signal_change.above_threshold = 0;
1866 res = nl80211_get_link_signal(drv, &sig);
1868 ed.signal_change.current_signal = sig.current_signal;
1869 ed.signal_change.current_txrate = sig.current_txrate;
1870 wpa_printf(MSG_DEBUG, "nl80211: Signal: %d dBm txrate: %d",
1871 sig.current_signal, sig.current_txrate);
1874 res = nl80211_get_link_noise(drv, &sig);
1876 ed.signal_change.current_noise = sig.current_noise;
1877 wpa_printf(MSG_DEBUG, "nl80211: Noise: %d dBm",
1881 wpa_supplicant_event(drv->ctx, EVENT_SIGNAL_CHANGE, &ed);
1885 static void nl80211_new_station_event(struct wpa_driver_nl80211_data *drv,
1889 union wpa_event_data data;
1891 if (tb[NL80211_ATTR_MAC] == NULL)
1893 addr = nla_data(tb[NL80211_ATTR_MAC]);
1894 wpa_printf(MSG_DEBUG, "nl80211: New station " MACSTR, MAC2STR(addr));
1896 if (is_ap_interface(drv->nlmode) && drv->device_ap_sme) {
1899 if (tb[NL80211_ATTR_IE]) {
1900 ies = nla_data(tb[NL80211_ATTR_IE]);
1901 ies_len = nla_len(tb[NL80211_ATTR_IE]);
1903 wpa_hexdump(MSG_DEBUG, "nl80211: Assoc Req IEs", ies, ies_len);
1904 drv_event_assoc(drv->ctx, addr, ies, ies_len, 0);
1908 if (drv->nlmode != NL80211_IFTYPE_ADHOC)
1911 os_memset(&data, 0, sizeof(data));
1912 os_memcpy(data.ibss_rsn_start.peer, addr, ETH_ALEN);
1913 wpa_supplicant_event(drv->ctx, EVENT_IBSS_RSN_START, &data);
1917 static void nl80211_del_station_event(struct wpa_driver_nl80211_data *drv,
1921 union wpa_event_data data;
1923 if (tb[NL80211_ATTR_MAC] == NULL)
1925 addr = nla_data(tb[NL80211_ATTR_MAC]);
1926 wpa_printf(MSG_DEBUG, "nl80211: Delete station " MACSTR,
1929 if (is_ap_interface(drv->nlmode) && drv->device_ap_sme) {
1930 drv_event_disassoc(drv->ctx, addr);
1934 if (drv->nlmode != NL80211_IFTYPE_ADHOC)
1937 os_memset(&data, 0, sizeof(data));
1938 os_memcpy(data.ibss_peer_lost.peer, addr, ETH_ALEN);
1939 wpa_supplicant_event(drv->ctx, EVENT_IBSS_PEER_LOST, &data);
1943 static void nl80211_rekey_offload_event(struct wpa_driver_nl80211_data *drv,
1946 struct nlattr *rekey_info[NUM_NL80211_REKEY_DATA];
1947 static struct nla_policy rekey_policy[NUM_NL80211_REKEY_DATA] = {
1948 [NL80211_REKEY_DATA_KEK] = {
1949 .minlen = NL80211_KEK_LEN,
1950 .maxlen = NL80211_KEK_LEN,
1952 [NL80211_REKEY_DATA_KCK] = {
1953 .minlen = NL80211_KCK_LEN,
1954 .maxlen = NL80211_KCK_LEN,
1956 [NL80211_REKEY_DATA_REPLAY_CTR] = {
1957 .minlen = NL80211_REPLAY_CTR_LEN,
1958 .maxlen = NL80211_REPLAY_CTR_LEN,
1961 union wpa_event_data data;
1963 if (!tb[NL80211_ATTR_MAC])
1965 if (!tb[NL80211_ATTR_REKEY_DATA])
1967 if (nla_parse_nested(rekey_info, MAX_NL80211_REKEY_DATA,
1968 tb[NL80211_ATTR_REKEY_DATA], rekey_policy))
1970 if (!rekey_info[NL80211_REKEY_DATA_REPLAY_CTR])
1973 os_memset(&data, 0, sizeof(data));
1974 data.driver_gtk_rekey.bssid = nla_data(tb[NL80211_ATTR_MAC]);
1975 wpa_printf(MSG_DEBUG, "nl80211: Rekey offload event for BSSID " MACSTR,
1976 MAC2STR(data.driver_gtk_rekey.bssid));
1977 data.driver_gtk_rekey.replay_ctr =
1978 nla_data(rekey_info[NL80211_REKEY_DATA_REPLAY_CTR]);
1979 wpa_hexdump(MSG_DEBUG, "nl80211: Rekey offload - Replay Counter",
1980 data.driver_gtk_rekey.replay_ctr, NL80211_REPLAY_CTR_LEN);
1981 wpa_supplicant_event(drv->ctx, EVENT_DRIVER_GTK_REKEY, &data);
1985 static void nl80211_pmksa_candidate_event(struct wpa_driver_nl80211_data *drv,
1988 struct nlattr *cand[NUM_NL80211_PMKSA_CANDIDATE];
1989 static struct nla_policy cand_policy[NUM_NL80211_PMKSA_CANDIDATE] = {
1990 [NL80211_PMKSA_CANDIDATE_INDEX] = { .type = NLA_U32 },
1991 [NL80211_PMKSA_CANDIDATE_BSSID] = {
1995 [NL80211_PMKSA_CANDIDATE_PREAUTH] = { .type = NLA_FLAG },
1997 union wpa_event_data data;
1999 if (!tb[NL80211_ATTR_PMKSA_CANDIDATE])
2001 if (nla_parse_nested(cand, MAX_NL80211_PMKSA_CANDIDATE,
2002 tb[NL80211_ATTR_PMKSA_CANDIDATE], cand_policy))
2004 if (!cand[NL80211_PMKSA_CANDIDATE_INDEX] ||
2005 !cand[NL80211_PMKSA_CANDIDATE_BSSID])
2008 os_memset(&data, 0, sizeof(data));
2009 os_memcpy(data.pmkid_candidate.bssid,
2010 nla_data(cand[NL80211_PMKSA_CANDIDATE_BSSID]), ETH_ALEN);
2011 data.pmkid_candidate.index =
2012 nla_get_u32(cand[NL80211_PMKSA_CANDIDATE_INDEX]);
2013 data.pmkid_candidate.preauth =
2014 cand[NL80211_PMKSA_CANDIDATE_PREAUTH] != NULL;
2015 wpa_supplicant_event(drv->ctx, EVENT_PMKID_CANDIDATE, &data);
2019 static void nl80211_client_probe_event(struct wpa_driver_nl80211_data *drv,
2022 union wpa_event_data data;
2024 if (!tb[NL80211_ATTR_MAC] || !tb[NL80211_ATTR_ACK])
2027 os_memset(&data, 0, sizeof(data));
2028 os_memcpy(data.client_poll.addr,
2029 nla_data(tb[NL80211_ATTR_MAC]), ETH_ALEN);
2031 wpa_supplicant_event(drv->ctx, EVENT_DRIVER_CLIENT_POLL_OK, &data);
2035 static void nl80211_spurious_frame(struct i802_bss *bss, struct nlattr **tb,
2038 struct wpa_driver_nl80211_data *drv = bss->drv;
2039 union wpa_event_data event;
2041 if (!tb[NL80211_ATTR_MAC])
2044 os_memset(&event, 0, sizeof(event));
2045 event.rx_from_unknown.bssid = bss->addr;
2046 event.rx_from_unknown.addr = nla_data(tb[NL80211_ATTR_MAC]);
2047 event.rx_from_unknown.wds = wds;
2049 wpa_supplicant_event(drv->ctx, EVENT_RX_FROM_UNKNOWN, &event);
2053 static void do_process_drv_event(struct wpa_driver_nl80211_data *drv,
2054 int cmd, struct nlattr **tb)
2056 if (drv->ap_scan_as_station != NL80211_IFTYPE_UNSPECIFIED &&
2057 (cmd == NL80211_CMD_NEW_SCAN_RESULTS ||
2058 cmd == NL80211_CMD_SCAN_ABORTED)) {
2059 wpa_driver_nl80211_set_mode(&drv->first_bss,
2060 drv->ap_scan_as_station);
2061 drv->ap_scan_as_station = NL80211_IFTYPE_UNSPECIFIED;
2065 case NL80211_CMD_TRIGGER_SCAN:
2066 wpa_printf(MSG_DEBUG, "nl80211: Scan trigger");
2068 case NL80211_CMD_START_SCHED_SCAN:
2069 wpa_printf(MSG_DEBUG, "nl80211: Sched scan started");
2071 case NL80211_CMD_SCHED_SCAN_STOPPED:
2072 wpa_printf(MSG_DEBUG, "nl80211: Sched scan stopped");
2073 wpa_supplicant_event(drv->ctx, EVENT_SCHED_SCAN_STOPPED, NULL);
2075 case NL80211_CMD_NEW_SCAN_RESULTS:
2076 wpa_printf(MSG_DEBUG, "nl80211: New scan results available");
2077 drv->scan_complete_events = 1;
2078 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv,
2080 send_scan_event(drv, 0, tb);
2082 case NL80211_CMD_SCHED_SCAN_RESULTS:
2083 wpa_printf(MSG_DEBUG,
2084 "nl80211: New sched scan results available");
2085 send_scan_event(drv, 0, tb);
2087 case NL80211_CMD_SCAN_ABORTED:
2088 wpa_printf(MSG_DEBUG, "nl80211: Scan aborted");
2090 * Need to indicate that scan results are available in order
2091 * not to make wpa_supplicant stop its scanning.
2093 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv,
2095 send_scan_event(drv, 1, tb);
2097 case NL80211_CMD_AUTHENTICATE:
2098 case NL80211_CMD_ASSOCIATE:
2099 case NL80211_CMD_DEAUTHENTICATE:
2100 case NL80211_CMD_DISASSOCIATE:
2101 case NL80211_CMD_FRAME_TX_STATUS:
2102 case NL80211_CMD_UNPROT_DEAUTHENTICATE:
2103 case NL80211_CMD_UNPROT_DISASSOCIATE:
2104 mlme_event(drv, cmd, tb[NL80211_ATTR_FRAME],
2105 tb[NL80211_ATTR_MAC], tb[NL80211_ATTR_TIMED_OUT],
2106 tb[NL80211_ATTR_WIPHY_FREQ], tb[NL80211_ATTR_ACK],
2107 tb[NL80211_ATTR_COOKIE],
2108 tb[NL80211_ATTR_RX_SIGNAL_DBM]);
2110 case NL80211_CMD_CONNECT:
2111 case NL80211_CMD_ROAM:
2112 mlme_event_connect(drv, cmd,
2113 tb[NL80211_ATTR_STATUS_CODE],
2114 tb[NL80211_ATTR_MAC],
2115 tb[NL80211_ATTR_REQ_IE],
2116 tb[NL80211_ATTR_RESP_IE]);
2118 case NL80211_CMD_DISCONNECT:
2119 mlme_event_disconnect(drv, tb[NL80211_ATTR_REASON_CODE],
2120 tb[NL80211_ATTR_MAC],
2121 tb[NL80211_ATTR_DISCONNECTED_BY_AP]);
2123 case NL80211_CMD_MICHAEL_MIC_FAILURE:
2124 mlme_event_michael_mic_failure(drv, tb);
2126 case NL80211_CMD_JOIN_IBSS:
2127 mlme_event_join_ibss(drv, tb);
2129 case NL80211_CMD_REMAIN_ON_CHANNEL:
2130 mlme_event_remain_on_channel(drv, 0, tb);
2132 case NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL:
2133 mlme_event_remain_on_channel(drv, 1, tb);
2135 case NL80211_CMD_NOTIFY_CQM:
2136 nl80211_cqm_event(drv, tb);
2138 case NL80211_CMD_REG_CHANGE:
2139 wpa_printf(MSG_DEBUG, "nl80211: Regulatory domain change");
2140 wpa_supplicant_event(drv->ctx, EVENT_CHANNEL_LIST_CHANGED,
2143 case NL80211_CMD_REG_BEACON_HINT:
2144 wpa_printf(MSG_DEBUG, "nl80211: Regulatory beacon hint");
2145 wpa_supplicant_event(drv->ctx, EVENT_CHANNEL_LIST_CHANGED,
2148 case NL80211_CMD_NEW_STATION:
2149 nl80211_new_station_event(drv, tb);
2151 case NL80211_CMD_DEL_STATION:
2152 nl80211_del_station_event(drv, tb);
2154 case NL80211_CMD_SET_REKEY_OFFLOAD:
2155 nl80211_rekey_offload_event(drv, tb);
2157 case NL80211_CMD_PMKSA_CANDIDATE:
2158 nl80211_pmksa_candidate_event(drv, tb);
2160 case NL80211_CMD_PROBE_CLIENT:
2161 nl80211_client_probe_event(drv, tb);
2164 wpa_printf(MSG_DEBUG, "nl80211: Ignored unknown event "
2171 static int process_drv_event(struct nl_msg *msg, void *arg)
2173 struct wpa_driver_nl80211_data *drv = arg;
2174 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
2175 struct nlattr *tb[NL80211_ATTR_MAX + 1];
2177 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
2178 genlmsg_attrlen(gnlh, 0), NULL);
2180 if (tb[NL80211_ATTR_IFINDEX]) {
2181 int ifindex = nla_get_u32(tb[NL80211_ATTR_IFINDEX]);
2182 if (ifindex != drv->ifindex && !have_ifidx(drv, ifindex)) {
2183 wpa_printf(MSG_DEBUG, "nl80211: Ignored event (cmd=%d)"
2184 " for foreign interface (ifindex %d)",
2185 gnlh->cmd, ifindex);
2190 do_process_drv_event(drv, gnlh->cmd, tb);
2195 static int process_global_event(struct nl_msg *msg, void *arg)
2197 struct nl80211_global *global = arg;
2198 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
2199 struct nlattr *tb[NL80211_ATTR_MAX + 1];
2200 struct wpa_driver_nl80211_data *drv;
2203 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
2204 genlmsg_attrlen(gnlh, 0), NULL);
2206 if (tb[NL80211_ATTR_IFINDEX])
2207 ifidx = nla_get_u32(tb[NL80211_ATTR_IFINDEX]);
2209 dl_list_for_each(drv, &global->interfaces,
2210 struct wpa_driver_nl80211_data, list) {
2211 if (ifidx == -1 || ifidx == drv->ifindex ||
2212 have_ifidx(drv, ifidx))
2213 do_process_drv_event(drv, gnlh->cmd, tb);
2220 static int process_bss_event(struct nl_msg *msg, void *arg)
2222 struct i802_bss *bss = arg;
2223 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
2224 struct nlattr *tb[NL80211_ATTR_MAX + 1];
2226 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
2227 genlmsg_attrlen(gnlh, 0), NULL);
2229 switch (gnlh->cmd) {
2230 case NL80211_CMD_FRAME:
2231 case NL80211_CMD_FRAME_TX_STATUS:
2232 mlme_event(bss->drv, gnlh->cmd, tb[NL80211_ATTR_FRAME],
2233 tb[NL80211_ATTR_MAC], tb[NL80211_ATTR_TIMED_OUT],
2234 tb[NL80211_ATTR_WIPHY_FREQ], tb[NL80211_ATTR_ACK],
2235 tb[NL80211_ATTR_COOKIE],
2236 tb[NL80211_ATTR_RX_SIGNAL_DBM]);
2238 case NL80211_CMD_UNEXPECTED_FRAME:
2239 nl80211_spurious_frame(bss, tb, 0);
2241 case NL80211_CMD_UNEXPECTED_4ADDR_FRAME:
2242 nl80211_spurious_frame(bss, tb, 1);
2245 wpa_printf(MSG_DEBUG, "nl80211: Ignored unknown event "
2246 "(cmd=%d)", gnlh->cmd);
2254 static void wpa_driver_nl80211_event_receive(int sock, void *eloop_ctx,
2257 struct nl_cb *cb = eloop_ctx;
2259 wpa_printf(MSG_DEBUG, "nl80211: Event message available");
2261 nl_recvmsgs(handle, cb);
2266 * wpa_driver_nl80211_set_country - ask nl80211 to set the regulatory domain
2267 * @priv: driver_nl80211 private data
2268 * @alpha2_arg: country to which to switch to
2269 * Returns: 0 on success, -1 on failure
2271 * This asks nl80211 to set the regulatory domain for given
2272 * country ISO / IEC alpha2.
2274 static int wpa_driver_nl80211_set_country(void *priv, const char *alpha2_arg)
2276 struct i802_bss *bss = priv;
2277 struct wpa_driver_nl80211_data *drv = bss->drv;
2281 msg = nlmsg_alloc();
2285 alpha2[0] = alpha2_arg[0];
2286 alpha2[1] = alpha2_arg[1];
2289 nl80211_cmd(drv, msg, 0, NL80211_CMD_REQ_SET_REG);
2291 NLA_PUT_STRING(msg, NL80211_ATTR_REG_ALPHA2, alpha2);
2292 if (send_and_recv_msgs(drv, msg, NULL, NULL))
2301 struct wiphy_info_data {
2302 struct wpa_driver_capa *capa;
2304 unsigned int error:1;
2305 unsigned int device_ap_sme:1;
2306 unsigned int poll_command_supported:1;
2307 unsigned int data_tx_status:1;
2308 unsigned int monitor_supported:1;
2312 static unsigned int probe_resp_offload_support(int supp_protocols)
2314 unsigned int prot = 0;
2316 if (supp_protocols & NL80211_PROBE_RESP_OFFLOAD_SUPPORT_WPS)
2317 prot |= WPA_DRIVER_PROBE_RESP_OFFLOAD_WPS;
2318 if (supp_protocols & NL80211_PROBE_RESP_OFFLOAD_SUPPORT_WPS2)
2319 prot |= WPA_DRIVER_PROBE_RESP_OFFLOAD_WPS2;
2320 if (supp_protocols & NL80211_PROBE_RESP_OFFLOAD_SUPPORT_P2P)
2321 prot |= WPA_DRIVER_PROBE_RESP_OFFLOAD_P2P;
2322 if (supp_protocols & NL80211_PROBE_RESP_OFFLOAD_SUPPORT_80211U)
2323 prot |= WPA_DRIVER_PROBE_RESP_OFFLOAD_INTERWORKING;
2329 static int wiphy_info_handler(struct nl_msg *msg, void *arg)
2331 struct nlattr *tb[NL80211_ATTR_MAX + 1];
2332 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
2333 struct wiphy_info_data *info = arg;
2334 int p2p_go_supported = 0, p2p_client_supported = 0;
2335 int p2p_concurrent = 0;
2336 int auth_supported = 0, connect_supported = 0;
2337 struct wpa_driver_capa *capa = info->capa;
2338 static struct nla_policy
2339 iface_combination_policy[NUM_NL80211_IFACE_COMB] = {
2340 [NL80211_IFACE_COMB_LIMITS] = { .type = NLA_NESTED },
2341 [NL80211_IFACE_COMB_MAXNUM] = { .type = NLA_U32 },
2342 [NL80211_IFACE_COMB_STA_AP_BI_MATCH] = { .type = NLA_FLAG },
2343 [NL80211_IFACE_COMB_NUM_CHANNELS] = { .type = NLA_U32 },
2345 iface_limit_policy[NUM_NL80211_IFACE_LIMIT] = {
2346 [NL80211_IFACE_LIMIT_TYPES] = { .type = NLA_NESTED },
2347 [NL80211_IFACE_LIMIT_MAX] = { .type = NLA_U32 },
2350 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
2351 genlmsg_attrlen(gnlh, 0), NULL);
2353 if (tb[NL80211_ATTR_MAX_NUM_SCAN_SSIDS])
2354 capa->max_scan_ssids =
2355 nla_get_u8(tb[NL80211_ATTR_MAX_NUM_SCAN_SSIDS]);
2357 if (tb[NL80211_ATTR_MAX_NUM_SCHED_SCAN_SSIDS])
2358 capa->max_sched_scan_ssids =
2359 nla_get_u8(tb[NL80211_ATTR_MAX_NUM_SCHED_SCAN_SSIDS]);
2361 if (tb[NL80211_ATTR_MAX_MATCH_SETS])
2362 capa->max_match_sets =
2363 nla_get_u8(tb[NL80211_ATTR_MAX_MATCH_SETS]);
2365 if (tb[NL80211_ATTR_SUPPORTED_IFTYPES]) {
2366 struct nlattr *nl_mode;
2368 nla_for_each_nested(nl_mode,
2369 tb[NL80211_ATTR_SUPPORTED_IFTYPES], i) {
2370 switch (nla_type(nl_mode)) {
2371 case NL80211_IFTYPE_AP:
2372 capa->flags |= WPA_DRIVER_FLAGS_AP;
2374 case NL80211_IFTYPE_P2P_GO:
2375 p2p_go_supported = 1;
2377 case NL80211_IFTYPE_P2P_CLIENT:
2378 p2p_client_supported = 1;
2380 case NL80211_IFTYPE_MONITOR:
2381 info->monitor_supported = 1;
2387 if (tb[NL80211_ATTR_INTERFACE_COMBINATIONS]) {
2388 struct nlattr *nl_combi;
2391 nla_for_each_nested(nl_combi,
2392 tb[NL80211_ATTR_INTERFACE_COMBINATIONS],
2394 struct nlattr *tb_comb[NUM_NL80211_IFACE_COMB];
2395 struct nlattr *tb_limit[NUM_NL80211_IFACE_LIMIT];
2396 struct nlattr *nl_limit, *nl_mode;
2397 int err, rem_limit, rem_mode;
2398 int combination_has_p2p = 0, combination_has_mgd = 0;
2400 err = nla_parse_nested(tb_comb, MAX_NL80211_IFACE_COMB,
2402 iface_combination_policy);
2403 if (err || !tb_comb[NL80211_IFACE_COMB_LIMITS] ||
2404 !tb_comb[NL80211_IFACE_COMB_MAXNUM] ||
2405 !tb_comb[NL80211_IFACE_COMB_NUM_CHANNELS])
2406 goto broken_combination;
2408 nla_for_each_nested(nl_limit,
2409 tb_comb[NL80211_IFACE_COMB_LIMITS],
2411 err = nla_parse_nested(tb_limit,
2412 MAX_NL80211_IFACE_LIMIT,
2414 iface_limit_policy);
2416 !tb_limit[NL80211_IFACE_LIMIT_TYPES])
2417 goto broken_combination;
2419 nla_for_each_nested(
2421 tb_limit[NL80211_IFACE_LIMIT_TYPES],
2423 int ift = nla_type(nl_mode);
2424 if (ift == NL80211_IFTYPE_P2P_GO ||
2425 ift == NL80211_IFTYPE_P2P_CLIENT)
2426 combination_has_p2p = 1;
2427 if (ift == NL80211_IFTYPE_STATION)
2428 combination_has_mgd = 1;
2430 if (combination_has_p2p && combination_has_mgd)
2434 if (combination_has_p2p && combination_has_mgd) {
2444 if (tb[NL80211_ATTR_SUPPORTED_COMMANDS]) {
2445 struct nlattr *nl_cmd;
2448 nla_for_each_nested(nl_cmd,
2449 tb[NL80211_ATTR_SUPPORTED_COMMANDS], i) {
2450 switch (nla_get_u32(nl_cmd)) {
2451 case NL80211_CMD_AUTHENTICATE:
2454 case NL80211_CMD_CONNECT:
2455 connect_supported = 1;
2457 case NL80211_CMD_START_SCHED_SCAN:
2458 capa->sched_scan_supported = 1;
2460 case NL80211_CMD_PROBE_CLIENT:
2461 info->poll_command_supported = 1;
2467 if (tb[NL80211_ATTR_OFFCHANNEL_TX_OK]) {
2468 wpa_printf(MSG_DEBUG, "nl80211: Using driver-based "
2470 capa->flags |= WPA_DRIVER_FLAGS_OFFCHANNEL_TX;
2473 if (tb[NL80211_ATTR_ROAM_SUPPORT]) {
2474 wpa_printf(MSG_DEBUG, "nl80211: Using driver-based roaming");
2475 capa->flags |= WPA_DRIVER_FLAGS_BSS_SELECTION;
2478 /* default to 5000 since early versions of mac80211 don't set it */
2479 capa->max_remain_on_chan = 5000;
2481 if (tb[NL80211_ATTR_SUPPORT_AP_UAPSD])
2482 capa->flags |= WPA_DRIVER_FLAGS_AP_UAPSD;
2484 if (tb[NL80211_ATTR_MAX_REMAIN_ON_CHANNEL_DURATION])
2485 capa->max_remain_on_chan =
2486 nla_get_u32(tb[NL80211_ATTR_MAX_REMAIN_ON_CHANNEL_DURATION]);
2489 capa->flags |= WPA_DRIVER_FLAGS_SME;
2490 else if (!connect_supported) {
2491 wpa_printf(MSG_INFO, "nl80211: Driver does not support "
2492 "authentication/association or connect commands");
2496 if (p2p_go_supported && p2p_client_supported)
2497 capa->flags |= WPA_DRIVER_FLAGS_P2P_CAPABLE;
2498 if (p2p_concurrent) {
2499 wpa_printf(MSG_DEBUG, "nl80211: Use separate P2P group "
2500 "interface (driver advertised support)");
2501 capa->flags |= WPA_DRIVER_FLAGS_P2P_CONCURRENT;
2502 capa->flags |= WPA_DRIVER_FLAGS_P2P_MGMT_AND_NON_P2P;
2505 if (tb[NL80211_ATTR_TDLS_SUPPORT]) {
2506 wpa_printf(MSG_DEBUG, "nl80211: TDLS supported");
2507 capa->flags |= WPA_DRIVER_FLAGS_TDLS_SUPPORT;
2509 if (tb[NL80211_ATTR_TDLS_EXTERNAL_SETUP]) {
2510 wpa_printf(MSG_DEBUG, "nl80211: TDLS external setup");
2512 WPA_DRIVER_FLAGS_TDLS_EXTERNAL_SETUP;
2516 if (tb[NL80211_ATTR_DEVICE_AP_SME])
2517 info->device_ap_sme = 1;
2519 if (tb[NL80211_ATTR_FEATURE_FLAGS]) {
2520 u32 flags = nla_get_u32(tb[NL80211_ATTR_FEATURE_FLAGS]);
2522 if (flags & NL80211_FEATURE_SK_TX_STATUS)
2523 info->data_tx_status = 1;
2525 if (flags & NL80211_FEATURE_INACTIVITY_TIMER)
2526 capa->flags |= WPA_DRIVER_FLAGS_INACTIVITY_TIMER;
2529 if (tb[NL80211_ATTR_PROBE_RESP_OFFLOAD]) {
2531 nla_get_u32(tb[NL80211_ATTR_PROBE_RESP_OFFLOAD]);
2532 wpa_printf(MSG_DEBUG, "nl80211: Supports Probe Response "
2533 "offload in AP mode");
2534 capa->flags |= WPA_DRIVER_FLAGS_PROBE_RESP_OFFLOAD;
2535 capa->probe_resp_offloads =
2536 probe_resp_offload_support(protocols);
2543 static int wpa_driver_nl80211_get_info(struct wpa_driver_nl80211_data *drv,
2544 struct wiphy_info_data *info)
2548 os_memset(info, 0, sizeof(*info));
2549 info->capa = &drv->capa;
2551 msg = nlmsg_alloc();
2555 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_WIPHY);
2557 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->first_bss.ifindex);
2559 if (send_and_recv_msgs(drv, msg, wiphy_info_handler, info) == 0)
2568 static int wpa_driver_nl80211_capa(struct wpa_driver_nl80211_data *drv)
2570 struct wiphy_info_data info;
2571 if (wpa_driver_nl80211_get_info(drv, &info))
2577 drv->has_capability = 1;
2578 /* For now, assume TKIP, CCMP, WPA, WPA2 are supported */
2579 drv->capa.key_mgmt = WPA_DRIVER_CAPA_KEY_MGMT_WPA |
2580 WPA_DRIVER_CAPA_KEY_MGMT_WPA_PSK |
2581 WPA_DRIVER_CAPA_KEY_MGMT_WPA2 |
2582 WPA_DRIVER_CAPA_KEY_MGMT_WPA2_PSK;
2583 drv->capa.enc = WPA_DRIVER_CAPA_ENC_WEP40 |
2584 WPA_DRIVER_CAPA_ENC_WEP104 |
2585 WPA_DRIVER_CAPA_ENC_TKIP |
2586 WPA_DRIVER_CAPA_ENC_CCMP;
2587 drv->capa.auth = WPA_DRIVER_AUTH_OPEN |
2588 WPA_DRIVER_AUTH_SHARED |
2589 WPA_DRIVER_AUTH_LEAP;
2591 drv->capa.flags |= WPA_DRIVER_FLAGS_SANE_ERROR_CODES;
2592 drv->capa.flags |= WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC_DONE;
2593 drv->capa.flags |= WPA_DRIVER_FLAGS_EAPOL_TX_STATUS;
2595 if (!info.device_ap_sme)
2596 drv->capa.flags |= WPA_DRIVER_FLAGS_DEAUTH_TX_STATUS;
2598 drv->device_ap_sme = info.device_ap_sme;
2599 drv->poll_command_supported = info.poll_command_supported;
2600 drv->data_tx_status = info.data_tx_status;
2603 * If poll command is supported mac80211 is new enough to
2604 * have everything we need to not need monitor interfaces.
2606 drv->use_monitor = !info.poll_command_supported;
2608 if (drv->device_ap_sme && drv->use_monitor) {
2610 * Non-mac80211 drivers may not support monitor interface.
2611 * Make sure we do not get stuck with incorrect capability here
2612 * by explicitly testing this.
2614 if (!info.monitor_supported) {
2615 wpa_printf(MSG_DEBUG, "nl80211: Disable use_monitor "
2616 "with device_ap_sme since no monitor mode "
2617 "support detected");
2618 drv->use_monitor = 0;
2623 * If we aren't going to use monitor interfaces, but the
2624 * driver doesn't support data TX status, we won't get TX
2625 * status for EAPOL frames.
2627 if (!drv->use_monitor && !info.data_tx_status)
2628 drv->capa.flags &= ~WPA_DRIVER_FLAGS_EAPOL_TX_STATUS;
2635 static int android_genl_ctrl_resolve(struct nl_handle *handle,
2639 * Android ICS has very minimal genl_ctrl_resolve() implementation, so
2640 * need to work around that.
2642 struct nl_cache *cache = NULL;
2643 struct genl_family *nl80211 = NULL;
2646 if (genl_ctrl_alloc_cache(handle, &cache) < 0) {
2647 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate generic "
2652 nl80211 = genl_ctrl_search_by_name(cache, name);
2653 if (nl80211 == NULL)
2656 id = genl_family_get_id(nl80211);
2660 genl_family_put(nl80211);
2662 nl_cache_free(cache);
2666 #define genl_ctrl_resolve android_genl_ctrl_resolve
2667 #endif /* ANDROID */
2670 static int wpa_driver_nl80211_init_nl_global(struct nl80211_global *global)
2674 global->nl_cb = nl_cb_alloc(NL_CB_DEFAULT);
2675 if (global->nl_cb == NULL) {
2676 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate netlink "
2681 global->nl = nl_create_handle(global->nl_cb, "nl");
2682 if (global->nl == NULL)
2685 global->nl80211_id = genl_ctrl_resolve(global->nl, "nl80211");
2686 if (global->nl80211_id < 0) {
2687 wpa_printf(MSG_ERROR, "nl80211: 'nl80211' generic netlink not "
2692 global->nl_event = nl_create_handle(global->nl_cb, "event");
2693 if (global->nl_event == NULL)
2696 ret = nl_get_multicast_id(global, "nl80211", "scan");
2698 ret = nl_socket_add_membership(global->nl_event, ret);
2700 wpa_printf(MSG_ERROR, "nl80211: Could not add multicast "
2701 "membership for scan events: %d (%s)",
2702 ret, strerror(-ret));
2706 ret = nl_get_multicast_id(global, "nl80211", "mlme");
2708 ret = nl_socket_add_membership(global->nl_event, ret);
2710 wpa_printf(MSG_ERROR, "nl80211: Could not add multicast "
2711 "membership for mlme events: %d (%s)",
2712 ret, strerror(-ret));
2716 ret = nl_get_multicast_id(global, "nl80211", "regulatory");
2718 ret = nl_socket_add_membership(global->nl_event, ret);
2720 wpa_printf(MSG_DEBUG, "nl80211: Could not add multicast "
2721 "membership for regulatory events: %d (%s)",
2722 ret, strerror(-ret));
2723 /* Continue without regulatory events */
2726 nl_cb_set(global->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM,
2727 no_seq_check, NULL);
2728 nl_cb_set(global->nl_cb, NL_CB_VALID, NL_CB_CUSTOM,
2729 process_global_event, global);
2731 eloop_register_read_sock(nl_socket_get_fd(global->nl_event),
2732 wpa_driver_nl80211_event_receive,
2733 global->nl_cb, global->nl_event);
2738 nl_destroy_handles(&global->nl_event);
2739 nl_destroy_handles(&global->nl);
2740 nl_cb_put(global->nl_cb);
2741 global->nl_cb = NULL;
2746 static int wpa_driver_nl80211_init_nl(struct wpa_driver_nl80211_data *drv)
2748 drv->nl_cb = nl_cb_alloc(NL_CB_DEFAULT);
2750 wpa_printf(MSG_ERROR, "nl80211: Failed to alloc cb struct");
2754 nl_cb_set(drv->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM,
2755 no_seq_check, NULL);
2756 nl_cb_set(drv->nl_cb, NL_CB_VALID, NL_CB_CUSTOM,
2757 process_drv_event, drv);
2763 static void wpa_driver_nl80211_rfkill_blocked(void *ctx)
2765 wpa_printf(MSG_DEBUG, "nl80211: RFKILL blocked");
2767 * This may be for any interface; use ifdown event to disable
2773 static void wpa_driver_nl80211_rfkill_unblocked(void *ctx)
2775 struct wpa_driver_nl80211_data *drv = ctx;
2776 wpa_printf(MSG_DEBUG, "nl80211: RFKILL unblocked");
2777 if (linux_set_iface_flags(drv->global->ioctl_sock,
2778 drv->first_bss.ifname, 1)) {
2779 wpa_printf(MSG_DEBUG, "nl80211: Could not set interface UP "
2780 "after rfkill unblock");
2783 /* rtnetlink ifup handler will report interface as enabled */
2787 static void nl80211_get_phy_name(struct wpa_driver_nl80211_data *drv)
2789 /* Find phy (radio) to which this interface belongs */
2793 drv->phyname[0] = '\0';
2794 snprintf(buf, sizeof(buf) - 1, "/sys/class/net/%s/phy80211/name",
2795 drv->first_bss.ifname);
2796 f = open(buf, O_RDONLY);
2798 wpa_printf(MSG_DEBUG, "Could not open file %s: %s",
2799 buf, strerror(errno));
2803 rv = read(f, drv->phyname, sizeof(drv->phyname) - 1);
2806 wpa_printf(MSG_DEBUG, "Could not read file %s: %s",
2807 buf, strerror(errno));
2811 drv->phyname[rv] = '\0';
2812 pos = os_strchr(drv->phyname, '\n');
2815 wpa_printf(MSG_DEBUG, "nl80211: interface %s in phy %s",
2816 drv->first_bss.ifname, drv->phyname);
2820 static void wpa_driver_nl80211_handle_eapol_tx_status(int sock,
2824 struct wpa_driver_nl80211_data *drv = eloop_ctx;
2832 struct cmsghdr *cmsg;
2833 int res, found_ee = 0, found_wifi = 0, acked = 0;
2834 union wpa_event_data event;
2836 memset(&msg, 0, sizeof(msg));
2837 msg.msg_iov = &entry;
2839 entry.iov_base = data;
2840 entry.iov_len = sizeof(data);
2841 msg.msg_control = &control;
2842 msg.msg_controllen = sizeof(control);
2844 res = recvmsg(sock, &msg, MSG_ERRQUEUE);
2845 /* if error or not fitting 802.3 header, return */
2849 for (cmsg = CMSG_FIRSTHDR(&msg); cmsg; cmsg = CMSG_NXTHDR(&msg, cmsg))
2851 if (cmsg->cmsg_level == SOL_SOCKET &&
2852 cmsg->cmsg_type == SCM_WIFI_STATUS) {
2856 ack = (void *)CMSG_DATA(cmsg);
2860 if (cmsg->cmsg_level == SOL_PACKET &&
2861 cmsg->cmsg_type == PACKET_TX_TIMESTAMP) {
2862 struct sock_extended_err *err =
2863 (struct sock_extended_err *)CMSG_DATA(cmsg);
2865 if (err->ee_origin == SO_EE_ORIGIN_TXSTATUS)
2870 if (!found_ee || !found_wifi)
2873 memset(&event, 0, sizeof(event));
2874 event.eapol_tx_status.dst = data;
2875 event.eapol_tx_status.data = data + 14;
2876 event.eapol_tx_status.data_len = res - 14;
2877 event.eapol_tx_status.ack = acked;
2878 wpa_supplicant_event(drv->ctx, EVENT_EAPOL_TX_STATUS, &event);
2882 static int nl80211_init_bss(struct i802_bss *bss)
2884 bss->nl_cb = nl_cb_alloc(NL_CB_DEFAULT);
2888 nl_cb_set(bss->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM,
2889 no_seq_check, NULL);
2890 nl_cb_set(bss->nl_cb, NL_CB_VALID, NL_CB_CUSTOM,
2891 process_bss_event, bss);
2897 static void nl80211_destroy_bss(struct i802_bss *bss)
2899 nl_cb_put(bss->nl_cb);
2905 * wpa_driver_nl80211_init - Initialize nl80211 driver interface
2906 * @ctx: context to be used when calling wpa_supplicant functions,
2907 * e.g., wpa_supplicant_event()
2908 * @ifname: interface name, e.g., wlan0
2909 * @global_priv: private driver global data from global_init()
2910 * Returns: Pointer to private data, %NULL on failure
2912 static void * wpa_driver_nl80211_init(void *ctx, const char *ifname,
2915 struct wpa_driver_nl80211_data *drv;
2916 struct rfkill_config *rcfg;
2917 struct i802_bss *bss;
2919 if (global_priv == NULL)
2921 drv = os_zalloc(sizeof(*drv));
2924 drv->global = global_priv;
2926 bss = &drv->first_bss;
2928 os_strlcpy(bss->ifname, ifname, sizeof(bss->ifname));
2929 drv->monitor_ifidx = -1;
2930 drv->monitor_sock = -1;
2931 drv->eapol_tx_sock = -1;
2932 drv->ap_scan_as_station = NL80211_IFTYPE_UNSPECIFIED;
2934 if (wpa_driver_nl80211_init_nl(drv)) {
2939 if (nl80211_init_bss(bss))
2942 nl80211_get_phy_name(drv);
2944 rcfg = os_zalloc(sizeof(*rcfg));
2948 os_strlcpy(rcfg->ifname, ifname, sizeof(rcfg->ifname));
2949 rcfg->blocked_cb = wpa_driver_nl80211_rfkill_blocked;
2950 rcfg->unblocked_cb = wpa_driver_nl80211_rfkill_unblocked;
2951 drv->rfkill = rfkill_init(rcfg);
2952 if (drv->rfkill == NULL) {
2953 wpa_printf(MSG_DEBUG, "nl80211: RFKILL status not available");
2957 if (wpa_driver_nl80211_finish_drv_init(drv))
2960 drv->eapol_tx_sock = socket(PF_PACKET, SOCK_DGRAM, 0);
2961 if (drv->eapol_tx_sock < 0)
2964 if (drv->data_tx_status) {
2967 if (setsockopt(drv->eapol_tx_sock, SOL_SOCKET, SO_WIFI_STATUS,
2968 &enabled, sizeof(enabled)) < 0) {
2969 wpa_printf(MSG_DEBUG,
2970 "nl80211: wifi status sockopt failed\n");
2971 drv->data_tx_status = 0;
2972 if (!drv->use_monitor)
2974 ~WPA_DRIVER_FLAGS_EAPOL_TX_STATUS;
2976 eloop_register_read_sock(drv->eapol_tx_sock,
2977 wpa_driver_nl80211_handle_eapol_tx_status,
2983 dl_list_add(&drv->global->interfaces, &drv->list);
2984 drv->in_interface_list = 1;
2990 wpa_driver_nl80211_deinit(bss);
2995 static int nl80211_register_frame(struct i802_bss *bss,
2996 struct nl_handle *nl_handle,
2997 u16 type, const u8 *match, size_t match_len)
2999 struct wpa_driver_nl80211_data *drv = bss->drv;
3003 msg = nlmsg_alloc();
3007 wpa_printf(MSG_DEBUG, "nl80211: Register frame type=0x%x nl_handle=%p",
3009 wpa_hexdump(MSG_DEBUG, "nl80211: Register frame match",
3012 nl80211_cmd(drv, msg, 0, NL80211_CMD_REGISTER_ACTION);
3014 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, bss->ifindex);
3015 NLA_PUT_U16(msg, NL80211_ATTR_FRAME_TYPE, type);
3016 NLA_PUT(msg, NL80211_ATTR_FRAME_MATCH, match_len, match);
3018 ret = send_and_recv(drv->global, nl_handle, msg, NULL, NULL);
3021 wpa_printf(MSG_DEBUG, "nl80211: Register frame command "
3022 "failed (type=%u): ret=%d (%s)",
3023 type, ret, strerror(-ret));
3024 wpa_hexdump(MSG_DEBUG, "nl80211: Register frame match",
3026 goto nla_put_failure;
3035 static int nl80211_alloc_mgmt_handle(struct i802_bss *bss)
3037 struct wpa_driver_nl80211_data *drv = bss->drv;
3040 wpa_printf(MSG_DEBUG, "nl80211: Mgmt reporting "
3041 "already on! (nl_mgmt=%p)", bss->nl_mgmt);
3045 bss->nl_mgmt = nl_create_handle(drv->nl_cb, "mgmt");
3046 if (bss->nl_mgmt == NULL)
3049 eloop_register_read_sock(nl_socket_get_fd(bss->nl_mgmt),
3050 wpa_driver_nl80211_event_receive, bss->nl_cb,
3057 static int nl80211_register_action_frame(struct i802_bss *bss,
3058 const u8 *match, size_t match_len)
3060 u16 type = (WLAN_FC_TYPE_MGMT << 2) | (WLAN_FC_STYPE_ACTION << 4);
3061 return nl80211_register_frame(bss, bss->nl_mgmt,
3062 type, match, match_len);
3066 static int nl80211_mgmt_subscribe_non_ap(struct i802_bss *bss)
3068 struct wpa_driver_nl80211_data *drv = bss->drv;
3070 if (nl80211_alloc_mgmt_handle(bss))
3072 wpa_printf(MSG_DEBUG, "nl80211: Subscribe to mgmt frames with non-AP "
3073 "handle %p", bss->nl_mgmt);
3075 #if defined(CONFIG_P2P) || defined(CONFIG_INTERWORKING)
3076 /* GAS Initial Request */
3077 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0a", 2) < 0)
3079 /* GAS Initial Response */
3080 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0b", 2) < 0)
3082 /* GAS Comeback Request */
3083 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0c", 2) < 0)
3085 /* GAS Comeback Response */
3086 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0d", 2) < 0)
3088 #endif /* CONFIG_P2P || CONFIG_INTERWORKING */
3090 /* P2P Public Action */
3091 if (nl80211_register_action_frame(bss,
3092 (u8 *) "\x04\x09\x50\x6f\x9a\x09",
3096 if (nl80211_register_action_frame(bss,
3097 (u8 *) "\x7f\x50\x6f\x9a\x09",
3100 #endif /* CONFIG_P2P */
3101 #ifdef CONFIG_IEEE80211W
3102 /* SA Query Response */
3103 if (nl80211_register_action_frame(bss, (u8 *) "\x08\x01", 2) < 0)
3105 #endif /* CONFIG_IEEE80211W */
3107 if ((drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT)) {
3108 /* TDLS Discovery Response */
3109 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0e", 2) <
3113 #endif /* CONFIG_TDLS */
3115 /* FT Action frames */
3116 if (nl80211_register_action_frame(bss, (u8 *) "\x06", 1) < 0)
3119 drv->capa.key_mgmt |= WPA_DRIVER_CAPA_KEY_MGMT_FT |
3120 WPA_DRIVER_CAPA_KEY_MGMT_FT_PSK;
3122 /* WNM - BSS Transition Management Request */
3123 if (nl80211_register_action_frame(bss, (u8 *) "\x0a\x07", 2) < 0)
3130 static int nl80211_register_spurious_class3(struct i802_bss *bss)
3132 struct wpa_driver_nl80211_data *drv = bss->drv;
3136 msg = nlmsg_alloc();
3140 nl80211_cmd(drv, msg, 0, NL80211_CMD_UNEXPECTED_FRAME);
3142 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, bss->ifindex);
3144 ret = send_and_recv(drv->global, bss->nl_mgmt, msg, NULL, NULL);
3147 wpa_printf(MSG_DEBUG, "nl80211: Register spurious class3 "
3148 "failed: ret=%d (%s)",
3149 ret, strerror(-ret));
3150 goto nla_put_failure;
3159 static int nl80211_mgmt_subscribe_ap(struct i802_bss *bss)
3161 static const int stypes[] = {
3163 WLAN_FC_STYPE_ASSOC_REQ,
3164 WLAN_FC_STYPE_REASSOC_REQ,
3165 WLAN_FC_STYPE_DISASSOC,
3166 WLAN_FC_STYPE_DEAUTH,
3167 WLAN_FC_STYPE_ACTION,
3168 WLAN_FC_STYPE_PROBE_REQ,
3169 /* Beacon doesn't work as mac80211 doesn't currently allow
3170 * it, but it wouldn't really be the right thing anyway as
3171 * it isn't per interface ... maybe just dump the scan
3172 * results periodically for OLBC?
3174 // WLAN_FC_STYPE_BEACON,
3178 if (nl80211_alloc_mgmt_handle(bss))
3180 wpa_printf(MSG_DEBUG, "nl80211: Subscribe to mgmt frames with AP "
3181 "handle %p", bss->nl_mgmt);
3183 for (i = 0; i < sizeof(stypes) / sizeof(stypes[0]); i++) {
3184 if (nl80211_register_frame(bss, bss->nl_mgmt,
3185 (WLAN_FC_TYPE_MGMT << 2) |
3192 if (nl80211_register_spurious_class3(bss))
3195 if (nl80211_get_wiphy_data_ap(bss) == NULL)
3201 eloop_unregister_read_sock(nl_socket_get_fd(bss->nl_mgmt));
3202 nl_destroy_handles(&bss->nl_mgmt);
3207 static int nl80211_mgmt_subscribe_ap_dev_sme(struct i802_bss *bss)
3209 if (nl80211_alloc_mgmt_handle(bss))
3211 wpa_printf(MSG_DEBUG, "nl80211: Subscribe to mgmt frames with AP "
3212 "handle %p (device SME)", bss->nl_mgmt);
3214 if (nl80211_register_frame(bss, bss->nl_mgmt,
3215 (WLAN_FC_TYPE_MGMT << 2) |
3216 (WLAN_FC_STYPE_ACTION << 4),
3223 eloop_unregister_read_sock(nl_socket_get_fd(bss->nl_mgmt));
3224 nl_destroy_handles(&bss->nl_mgmt);
3229 static void nl80211_mgmt_unsubscribe(struct i802_bss *bss, const char *reason)
3231 if (bss->nl_mgmt == NULL)
3233 wpa_printf(MSG_DEBUG, "nl80211: Unsubscribe mgmt frames handle %p "
3234 "(%s)", bss->nl_mgmt, reason);
3235 eloop_unregister_read_sock(nl_socket_get_fd(bss->nl_mgmt));
3236 nl_destroy_handles(&bss->nl_mgmt);
3238 nl80211_put_wiphy_data_ap(bss);
3242 static void wpa_driver_nl80211_send_rfkill(void *eloop_ctx, void *timeout_ctx)
3244 wpa_supplicant_event(timeout_ctx, EVENT_INTERFACE_DISABLED, NULL);
3249 wpa_driver_nl80211_finish_drv_init(struct wpa_driver_nl80211_data *drv)
3251 struct i802_bss *bss = &drv->first_bss;
3252 int send_rfkill_event = 0;
3254 drv->ifindex = if_nametoindex(bss->ifname);
3255 drv->first_bss.ifindex = drv->ifindex;
3259 * Make sure the interface starts up in station mode unless this is a
3260 * dynamically added interface (e.g., P2P) that was already configured
3261 * with proper iftype.
3263 if (drv->ifindex != drv->global->if_add_ifindex &&
3264 wpa_driver_nl80211_set_mode(bss, NL80211_IFTYPE_STATION) < 0) {
3265 wpa_printf(MSG_ERROR, "nl80211: Could not configure driver to "
3266 "use managed mode");
3270 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 1)) {
3271 if (rfkill_is_blocked(drv->rfkill)) {
3272 wpa_printf(MSG_DEBUG, "nl80211: Could not yet enable "
3273 "interface '%s' due to rfkill",
3275 drv->if_disabled = 1;
3276 send_rfkill_event = 1;
3278 wpa_printf(MSG_ERROR, "nl80211: Could not set "
3279 "interface '%s' UP", bss->ifname);
3284 netlink_send_oper_ifla(drv->global->netlink, drv->ifindex,
3285 1, IF_OPER_DORMANT);
3286 #endif /* HOSTAPD */
3288 if (wpa_driver_nl80211_capa(drv))
3291 if (linux_get_ifhwaddr(drv->global->ioctl_sock, bss->ifname,
3295 if (send_rfkill_event) {
3296 eloop_register_timeout(0, 0, wpa_driver_nl80211_send_rfkill,
3304 static int wpa_driver_nl80211_del_beacon(struct wpa_driver_nl80211_data *drv)
3308 msg = nlmsg_alloc();
3312 nl80211_cmd(drv, msg, 0, NL80211_CMD_DEL_BEACON);
3313 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
3315 return send_and_recv_msgs(drv, msg, NULL, NULL);
3323 * wpa_driver_nl80211_deinit - Deinitialize nl80211 driver interface
3324 * @priv: Pointer to private nl80211 data from wpa_driver_nl80211_init()
3326 * Shut down driver interface and processing of driver events. Free
3327 * private data buffer if one was allocated in wpa_driver_nl80211_init().
3329 static void wpa_driver_nl80211_deinit(void *priv)
3331 struct i802_bss *bss = priv;
3332 struct wpa_driver_nl80211_data *drv = bss->drv;
3334 if (drv->data_tx_status)
3335 eloop_unregister_read_sock(drv->eapol_tx_sock);
3336 if (drv->eapol_tx_sock >= 0)
3337 close(drv->eapol_tx_sock);
3340 wpa_driver_nl80211_probe_req_report(bss, 0);
3341 if (bss->added_if_into_bridge) {
3342 if (linux_br_del_if(drv->global->ioctl_sock, bss->brname,
3344 wpa_printf(MSG_INFO, "nl80211: Failed to remove "
3345 "interface %s from bridge %s: %s",
3346 bss->ifname, bss->brname, strerror(errno));
3348 if (bss->added_bridge) {
3349 if (linux_br_del(drv->global->ioctl_sock, bss->brname) < 0)
3350 wpa_printf(MSG_INFO, "nl80211: Failed to remove "
3352 bss->brname, strerror(errno));
3355 nl80211_remove_monitor_interface(drv);
3357 if (is_ap_interface(drv->nlmode))
3358 wpa_driver_nl80211_del_beacon(drv);
3361 if (drv->last_freq_ht) {
3362 /* Clear HT flags from the driver */
3363 struct hostapd_freq_params freq;
3364 os_memset(&freq, 0, sizeof(freq));
3365 freq.freq = drv->last_freq;
3366 i802_set_freq(priv, &freq);
3369 if (drv->eapol_sock >= 0) {
3370 eloop_unregister_read_sock(drv->eapol_sock);
3371 close(drv->eapol_sock);
3374 if (drv->if_indices != drv->default_if_indices)
3375 os_free(drv->if_indices);
3376 #endif /* HOSTAPD */
3378 if (drv->disabled_11b_rates)
3379 nl80211_disable_11b_rates(drv, drv->ifindex, 0);
3381 netlink_send_oper_ifla(drv->global->netlink, drv->ifindex, 0,
3383 rfkill_deinit(drv->rfkill);
3385 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv, drv->ctx);
3387 (void) linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 0);
3388 wpa_driver_nl80211_set_mode(bss, NL80211_IFTYPE_STATION);
3389 nl80211_mgmt_unsubscribe(bss, "deinit");
3391 nl_cb_put(drv->nl_cb);
3393 nl80211_destroy_bss(&drv->first_bss);
3395 os_free(drv->filter_ssids);
3397 os_free(drv->auth_ie);
3399 if (drv->in_interface_list)
3400 dl_list_del(&drv->list);
3407 * wpa_driver_nl80211_scan_timeout - Scan timeout to report scan completion
3408 * @eloop_ctx: Driver private data
3409 * @timeout_ctx: ctx argument given to wpa_driver_nl80211_init()
3411 * This function can be used as registered timeout when starting a scan to
3412 * generate a scan completed event if the driver does not report this.
3414 static void wpa_driver_nl80211_scan_timeout(void *eloop_ctx, void *timeout_ctx)
3416 struct wpa_driver_nl80211_data *drv = eloop_ctx;
3417 if (drv->ap_scan_as_station != NL80211_IFTYPE_UNSPECIFIED) {
3418 wpa_driver_nl80211_set_mode(&drv->first_bss,
3419 drv->ap_scan_as_station);
3420 drv->ap_scan_as_station = NL80211_IFTYPE_UNSPECIFIED;
3422 wpa_printf(MSG_DEBUG, "Scan timeout - try to get results");
3423 wpa_supplicant_event(timeout_ctx, EVENT_SCAN_RESULTS, NULL);
3428 * wpa_driver_nl80211_scan - Request the driver to initiate scan
3429 * @priv: Pointer to private driver data from wpa_driver_nl80211_init()
3430 * @params: Scan parameters
3431 * Returns: 0 on success, -1 on failure
3433 static int wpa_driver_nl80211_scan(void *priv,
3434 struct wpa_driver_scan_params *params)
3436 struct i802_bss *bss = priv;
3437 struct wpa_driver_nl80211_data *drv = bss->drv;
3438 int ret = 0, timeout;
3439 struct nl_msg *msg, *ssids, *freqs, *rates;
3442 drv->scan_for_auth = 0;
3444 msg = nlmsg_alloc();
3445 ssids = nlmsg_alloc();
3446 freqs = nlmsg_alloc();
3447 rates = nlmsg_alloc();
3448 if (!msg || !ssids || !freqs || !rates) {
3456 os_free(drv->filter_ssids);
3457 drv->filter_ssids = params->filter_ssids;
3458 params->filter_ssids = NULL;
3459 drv->num_filter_ssids = params->num_filter_ssids;
3461 nl80211_cmd(drv, msg, 0, NL80211_CMD_TRIGGER_SCAN);
3463 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
3465 for (i = 0; i < params->num_ssids; i++) {
3466 wpa_hexdump_ascii(MSG_MSGDUMP, "nl80211: Scan SSID",
3467 params->ssids[i].ssid,
3468 params->ssids[i].ssid_len);
3469 NLA_PUT(ssids, i + 1, params->ssids[i].ssid_len,
3470 params->ssids[i].ssid);
3472 if (params->num_ssids)
3473 nla_put_nested(msg, NL80211_ATTR_SCAN_SSIDS, ssids);
3475 if (params->extra_ies) {
3476 wpa_hexdump(MSG_MSGDUMP, "nl80211: Scan extra IEs",
3477 params->extra_ies, params->extra_ies_len);
3478 NLA_PUT(msg, NL80211_ATTR_IE, params->extra_ies_len,
3482 if (params->freqs) {
3483 for (i = 0; params->freqs[i]; i++) {
3484 wpa_printf(MSG_MSGDUMP, "nl80211: Scan frequency %u "
3485 "MHz", params->freqs[i]);
3486 NLA_PUT_U32(freqs, i + 1, params->freqs[i]);
3488 nla_put_nested(msg, NL80211_ATTR_SCAN_FREQUENCIES, freqs);
3491 if (params->p2p_probe) {
3492 wpa_printf(MSG_DEBUG, "nl80211: P2P probe - mask SuppRates");
3495 * Remove 2.4 GHz rates 1, 2, 5.5, 11 Mbps from supported rates
3496 * by masking out everything else apart from the OFDM rates 6,
3497 * 9, 12, 18, 24, 36, 48, 54 Mbps from non-MCS rates. All 5 GHz
3498 * rates are left enabled.
3500 NLA_PUT(rates, NL80211_BAND_2GHZ, 8,
3501 "\x0c\x12\x18\x24\x30\x48\x60\x6c");
3502 nla_put_nested(msg, NL80211_ATTR_SCAN_SUPP_RATES, rates);
3504 NLA_PUT_FLAG(msg, NL80211_ATTR_TX_NO_CCK_RATE);
3507 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
3510 wpa_printf(MSG_DEBUG, "nl80211: Scan trigger failed: ret=%d "
3511 "(%s)", ret, strerror(-ret));
3513 if (is_ap_interface(drv->nlmode)) {
3515 * mac80211 does not allow scan requests in AP mode, so
3516 * try to do this in station mode.
3518 if (wpa_driver_nl80211_set_mode(
3519 bss, NL80211_IFTYPE_STATION))
3520 goto nla_put_failure;
3522 if (wpa_driver_nl80211_scan(drv, params)) {
3523 wpa_driver_nl80211_set_mode(bss, drv->nlmode);
3524 goto nla_put_failure;
3527 /* Restore AP mode when processing scan results */
3528 drv->ap_scan_as_station = drv->nlmode;
3531 goto nla_put_failure;
3533 goto nla_put_failure;
3534 #endif /* HOSTAPD */
3537 /* Not all drivers generate "scan completed" wireless event, so try to
3538 * read results after a timeout. */
3540 if (drv->scan_complete_events) {
3542 * The driver seems to deliver events to notify when scan is
3543 * complete, so use longer timeout to avoid race conditions
3544 * with scanning and following association request.
3548 wpa_printf(MSG_DEBUG, "Scan requested (ret=%d) - scan timeout %d "
3549 "seconds", ret, timeout);
3550 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv, drv->ctx);
3551 eloop_register_timeout(timeout, 0, wpa_driver_nl80211_scan_timeout,
3564 * wpa_driver_nl80211_sched_scan - Initiate a scheduled scan
3565 * @priv: Pointer to private driver data from wpa_driver_nl80211_init()
3566 * @params: Scan parameters
3567 * @interval: Interval between scan cycles in milliseconds
3568 * Returns: 0 on success, -1 on failure or if not supported
3570 static int wpa_driver_nl80211_sched_scan(void *priv,
3571 struct wpa_driver_scan_params *params,
3574 struct i802_bss *bss = priv;
3575 struct wpa_driver_nl80211_data *drv = bss->drv;
3577 struct nl_msg *msg, *ssids, *freqs, *match_set_ssid, *match_sets;
3581 if (!drv->capa.sched_scan_supported)
3582 return android_pno_start(bss, params);
3583 #endif /* ANDROID */
3585 msg = nlmsg_alloc();
3586 ssids = nlmsg_alloc();
3587 freqs = nlmsg_alloc();
3588 if (!msg || !ssids || !freqs) {
3595 os_free(drv->filter_ssids);
3596 drv->filter_ssids = params->filter_ssids;
3597 params->filter_ssids = NULL;
3598 drv->num_filter_ssids = params->num_filter_ssids;
3600 nl80211_cmd(drv, msg, 0, NL80211_CMD_START_SCHED_SCAN);
3602 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
3604 NLA_PUT_U32(msg, NL80211_ATTR_SCHED_SCAN_INTERVAL, interval);
3606 if (drv->num_filter_ssids &&
3607 (int) drv->num_filter_ssids <= drv->capa.max_match_sets) {
3608 match_sets = nlmsg_alloc();
3610 for (i = 0; i < drv->num_filter_ssids; i++) {
3611 wpa_hexdump_ascii(MSG_MSGDUMP,
3612 "nl80211: Sched scan filter SSID",
3613 drv->filter_ssids[i].ssid,
3614 drv->filter_ssids[i].ssid_len);
3616 match_set_ssid = nlmsg_alloc();
3617 nla_put(match_set_ssid,
3618 NL80211_ATTR_SCHED_SCAN_MATCH_SSID,
3619 drv->filter_ssids[i].ssid_len,
3620 drv->filter_ssids[i].ssid);
3622 nla_put_nested(match_sets, i + 1, match_set_ssid);
3624 nlmsg_free(match_set_ssid);
3627 nla_put_nested(msg, NL80211_ATTR_SCHED_SCAN_MATCH,
3629 nlmsg_free(match_sets);
3632 for (i = 0; i < params->num_ssids; i++) {
3633 wpa_hexdump_ascii(MSG_MSGDUMP, "nl80211: Sched scan SSID",
3634 params->ssids[i].ssid,
3635 params->ssids[i].ssid_len);
3636 NLA_PUT(ssids, i + 1, params->ssids[i].ssid_len,
3637 params->ssids[i].ssid);
3639 if (params->num_ssids)
3640 nla_put_nested(msg, NL80211_ATTR_SCAN_SSIDS, ssids);
3642 if (params->extra_ies) {
3643 wpa_hexdump_ascii(MSG_MSGDUMP, "nl80211: Sched scan extra IEs",
3644 params->extra_ies, params->extra_ies_len);
3645 NLA_PUT(msg, NL80211_ATTR_IE, params->extra_ies_len,
3649 if (params->freqs) {
3650 for (i = 0; params->freqs[i]; i++) {
3651 wpa_printf(MSG_MSGDUMP, "nl80211: Scan frequency %u "
3652 "MHz", params->freqs[i]);
3653 NLA_PUT_U32(freqs, i + 1, params->freqs[i]);
3655 nla_put_nested(msg, NL80211_ATTR_SCAN_FREQUENCIES, freqs);
3658 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
3660 /* TODO: if we get an error here, we should fall back to normal scan */
3664 wpa_printf(MSG_DEBUG, "nl80211: Sched scan start failed: "
3665 "ret=%d (%s)", ret, strerror(-ret));
3666 goto nla_put_failure;
3669 wpa_printf(MSG_DEBUG, "nl80211: Sched scan requested (ret=%d) - "
3670 "scan interval %d msec", ret, interval);
3681 * wpa_driver_nl80211_stop_sched_scan - Stop a scheduled scan
3682 * @priv: Pointer to private driver data from wpa_driver_nl80211_init()
3683 * Returns: 0 on success, -1 on failure or if not supported
3685 static int wpa_driver_nl80211_stop_sched_scan(void *priv)
3687 struct i802_bss *bss = priv;
3688 struct wpa_driver_nl80211_data *drv = bss->drv;
3693 if (!drv->capa.sched_scan_supported)
3694 return android_pno_stop(bss);
3695 #endif /* ANDROID */
3697 msg = nlmsg_alloc();
3701 nl80211_cmd(drv, msg, 0, NL80211_CMD_STOP_SCHED_SCAN);
3703 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
3705 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
3708 wpa_printf(MSG_DEBUG, "nl80211: Sched scan stop failed: "
3709 "ret=%d (%s)", ret, strerror(-ret));
3710 goto nla_put_failure;
3713 wpa_printf(MSG_DEBUG, "nl80211: Sched scan stop sent (ret=%d)", ret);
3721 static const u8 * nl80211_get_ie(const u8 *ies, size_t ies_len, u8 ie)
3723 const u8 *end, *pos;
3729 end = ies + ies_len;
3731 while (pos + 1 < end) {
3732 if (pos + 2 + pos[1] > end)
3743 static int nl80211_scan_filtered(struct wpa_driver_nl80211_data *drv,
3744 const u8 *ie, size_t ie_len)
3749 if (drv->filter_ssids == NULL)
3752 ssid = nl80211_get_ie(ie, ie_len, WLAN_EID_SSID);
3756 for (i = 0; i < drv->num_filter_ssids; i++) {
3757 if (ssid[1] == drv->filter_ssids[i].ssid_len &&
3758 os_memcmp(ssid + 2, drv->filter_ssids[i].ssid, ssid[1]) ==
3767 static int bss_info_handler(struct nl_msg *msg, void *arg)
3769 struct nlattr *tb[NL80211_ATTR_MAX + 1];
3770 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
3771 struct nlattr *bss[NL80211_BSS_MAX + 1];
3772 static struct nla_policy bss_policy[NL80211_BSS_MAX + 1] = {
3773 [NL80211_BSS_BSSID] = { .type = NLA_UNSPEC },
3774 [NL80211_BSS_FREQUENCY] = { .type = NLA_U32 },
3775 [NL80211_BSS_TSF] = { .type = NLA_U64 },
3776 [NL80211_BSS_BEACON_INTERVAL] = { .type = NLA_U16 },
3777 [NL80211_BSS_CAPABILITY] = { .type = NLA_U16 },
3778 [NL80211_BSS_INFORMATION_ELEMENTS] = { .type = NLA_UNSPEC },
3779 [NL80211_BSS_SIGNAL_MBM] = { .type = NLA_U32 },
3780 [NL80211_BSS_SIGNAL_UNSPEC] = { .type = NLA_U8 },
3781 [NL80211_BSS_STATUS] = { .type = NLA_U32 },
3782 [NL80211_BSS_SEEN_MS_AGO] = { .type = NLA_U32 },
3783 [NL80211_BSS_BEACON_IES] = { .type = NLA_UNSPEC },
3785 struct nl80211_bss_info_arg *_arg = arg;
3786 struct wpa_scan_results *res = _arg->res;
3787 struct wpa_scan_res **tmp;
3788 struct wpa_scan_res *r;
3789 const u8 *ie, *beacon_ie;
3790 size_t ie_len, beacon_ie_len;
3794 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
3795 genlmsg_attrlen(gnlh, 0), NULL);
3796 if (!tb[NL80211_ATTR_BSS])
3798 if (nla_parse_nested(bss, NL80211_BSS_MAX, tb[NL80211_ATTR_BSS],
3801 if (bss[NL80211_BSS_STATUS]) {
3802 enum nl80211_bss_status status;
3803 status = nla_get_u32(bss[NL80211_BSS_STATUS]);
3804 if (status == NL80211_BSS_STATUS_ASSOCIATED &&
3805 bss[NL80211_BSS_FREQUENCY]) {
3807 nla_get_u32(bss[NL80211_BSS_FREQUENCY]);
3808 wpa_printf(MSG_DEBUG, "nl80211: Associated on %u MHz",
3811 if (status == NL80211_BSS_STATUS_ASSOCIATED &&
3812 bss[NL80211_BSS_BSSID]) {
3813 os_memcpy(_arg->assoc_bssid,
3814 nla_data(bss[NL80211_BSS_BSSID]), ETH_ALEN);
3815 wpa_printf(MSG_DEBUG, "nl80211: Associated with "
3816 MACSTR, MAC2STR(_arg->assoc_bssid));
3821 if (bss[NL80211_BSS_INFORMATION_ELEMENTS]) {
3822 ie = nla_data(bss[NL80211_BSS_INFORMATION_ELEMENTS]);
3823 ie_len = nla_len(bss[NL80211_BSS_INFORMATION_ELEMENTS]);
3828 if (bss[NL80211_BSS_BEACON_IES]) {
3829 beacon_ie = nla_data(bss[NL80211_BSS_BEACON_IES]);
3830 beacon_ie_len = nla_len(bss[NL80211_BSS_BEACON_IES]);
3836 if (nl80211_scan_filtered(_arg->drv, ie ? ie : beacon_ie,
3837 ie ? ie_len : beacon_ie_len))
3840 r = os_zalloc(sizeof(*r) + ie_len + beacon_ie_len);
3843 if (bss[NL80211_BSS_BSSID])
3844 os_memcpy(r->bssid, nla_data(bss[NL80211_BSS_BSSID]),
3846 if (bss[NL80211_BSS_FREQUENCY])
3847 r->freq = nla_get_u32(bss[NL80211_BSS_FREQUENCY]);
3848 if (bss[NL80211_BSS_BEACON_INTERVAL])
3849 r->beacon_int = nla_get_u16(bss[NL80211_BSS_BEACON_INTERVAL]);
3850 if (bss[NL80211_BSS_CAPABILITY])
3851 r->caps = nla_get_u16(bss[NL80211_BSS_CAPABILITY]);
3852 r->flags |= WPA_SCAN_NOISE_INVALID;
3853 if (bss[NL80211_BSS_SIGNAL_MBM]) {
3854 r->level = nla_get_u32(bss[NL80211_BSS_SIGNAL_MBM]);
3855 r->level /= 100; /* mBm to dBm */
3856 r->flags |= WPA_SCAN_LEVEL_DBM | WPA_SCAN_QUAL_INVALID;
3857 } else if (bss[NL80211_BSS_SIGNAL_UNSPEC]) {
3858 r->level = nla_get_u8(bss[NL80211_BSS_SIGNAL_UNSPEC]);
3859 r->flags |= WPA_SCAN_QUAL_INVALID;
3861 r->flags |= WPA_SCAN_LEVEL_INVALID | WPA_SCAN_QUAL_INVALID;
3862 if (bss[NL80211_BSS_TSF])
3863 r->tsf = nla_get_u64(bss[NL80211_BSS_TSF]);
3864 if (bss[NL80211_BSS_SEEN_MS_AGO])
3865 r->age = nla_get_u32(bss[NL80211_BSS_SEEN_MS_AGO]);
3867 pos = (u8 *) (r + 1);
3869 os_memcpy(pos, ie, ie_len);
3872 r->beacon_ie_len = beacon_ie_len;
3874 os_memcpy(pos, beacon_ie, beacon_ie_len);
3876 if (bss[NL80211_BSS_STATUS]) {
3877 enum nl80211_bss_status status;
3878 status = nla_get_u32(bss[NL80211_BSS_STATUS]);
3880 case NL80211_BSS_STATUS_AUTHENTICATED:
3881 r->flags |= WPA_SCAN_AUTHENTICATED;
3883 case NL80211_BSS_STATUS_ASSOCIATED:
3884 r->flags |= WPA_SCAN_ASSOCIATED;
3892 * cfg80211 maintains separate BSS table entries for APs if the same
3893 * BSSID,SSID pair is seen on multiple channels. wpa_supplicant does
3894 * not use frequency as a separate key in the BSS table, so filter out
3895 * duplicated entries. Prefer associated BSS entry in such a case in
3896 * order to get the correct frequency into the BSS table.
3898 for (i = 0; i < res->num; i++) {
3900 if (os_memcmp(res->res[i]->bssid, r->bssid, ETH_ALEN) != 0)
3903 s1 = nl80211_get_ie((u8 *) (res->res[i] + 1),
3904 res->res[i]->ie_len, WLAN_EID_SSID);
3905 s2 = nl80211_get_ie((u8 *) (r + 1), r->ie_len, WLAN_EID_SSID);
3906 if (s1 == NULL || s2 == NULL || s1[1] != s2[1] ||
3907 os_memcmp(s1, s2, 2 + s1[1]) != 0)
3910 /* Same BSSID,SSID was already included in scan results */
3911 wpa_printf(MSG_DEBUG, "nl80211: Remove duplicated scan result "
3912 "for " MACSTR, MAC2STR(r->bssid));
3914 if ((r->flags & WPA_SCAN_ASSOCIATED) &&
3915 !(res->res[i]->flags & WPA_SCAN_ASSOCIATED)) {
3916 os_free(res->res[i]);
3923 tmp = os_realloc(res->res,
3924 (res->num + 1) * sizeof(struct wpa_scan_res *));
3929 tmp[res->num++] = r;
3936 static void clear_state_mismatch(struct wpa_driver_nl80211_data *drv,
3939 if (drv->capa.flags & WPA_DRIVER_FLAGS_SME) {
3940 wpa_printf(MSG_DEBUG, "nl80211: Clear possible state "
3941 "mismatch (" MACSTR ")", MAC2STR(addr));
3942 wpa_driver_nl80211_mlme(drv, addr,
3943 NL80211_CMD_DEAUTHENTICATE,
3944 WLAN_REASON_PREV_AUTH_NOT_VALID, 1);
3949 static void wpa_driver_nl80211_check_bss_status(
3950 struct wpa_driver_nl80211_data *drv, struct wpa_scan_results *res)
3954 for (i = 0; i < res->num; i++) {
3955 struct wpa_scan_res *r = res->res[i];
3956 if (r->flags & WPA_SCAN_AUTHENTICATED) {
3957 wpa_printf(MSG_DEBUG, "nl80211: Scan results "
3958 "indicates BSS status with " MACSTR
3959 " as authenticated",
3961 if (is_sta_interface(drv->nlmode) &&
3962 os_memcmp(r->bssid, drv->bssid, ETH_ALEN) != 0 &&
3963 os_memcmp(r->bssid, drv->auth_bssid, ETH_ALEN) !=
3965 wpa_printf(MSG_DEBUG, "nl80211: Unknown BSSID"
3966 " in local state (auth=" MACSTR
3967 " assoc=" MACSTR ")",
3968 MAC2STR(drv->auth_bssid),
3969 MAC2STR(drv->bssid));
3970 clear_state_mismatch(drv, r->bssid);
3974 if (r->flags & WPA_SCAN_ASSOCIATED) {
3975 wpa_printf(MSG_DEBUG, "nl80211: Scan results "
3976 "indicate BSS status with " MACSTR
3979 if (is_sta_interface(drv->nlmode) &&
3981 wpa_printf(MSG_DEBUG, "nl80211: Local state "
3982 "(not associated) does not match "
3984 clear_state_mismatch(drv, r->bssid);
3985 } else if (is_sta_interface(drv->nlmode) &&
3986 os_memcmp(drv->bssid, r->bssid, ETH_ALEN) !=
3988 wpa_printf(MSG_DEBUG, "nl80211: Local state "
3989 "(associated with " MACSTR ") does "
3990 "not match with BSS state",
3991 MAC2STR(drv->bssid));
3992 clear_state_mismatch(drv, r->bssid);
3993 clear_state_mismatch(drv, drv->bssid);
4000 static struct wpa_scan_results *
4001 nl80211_get_scan_results(struct wpa_driver_nl80211_data *drv)
4004 struct wpa_scan_results *res;
4006 struct nl80211_bss_info_arg arg;
4008 res = os_zalloc(sizeof(*res));
4011 msg = nlmsg_alloc();
4013 goto nla_put_failure;
4015 nl80211_cmd(drv, msg, NLM_F_DUMP, NL80211_CMD_GET_SCAN);
4016 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
4020 ret = send_and_recv_msgs(drv, msg, bss_info_handler, &arg);
4023 wpa_printf(MSG_DEBUG, "nl80211: Received scan results (%lu "
4024 "BSSes)", (unsigned long) res->num);
4025 nl80211_get_noise_for_scan_results(drv, res);
4028 wpa_printf(MSG_DEBUG, "nl80211: Scan result fetch failed: ret=%d "
4029 "(%s)", ret, strerror(-ret));
4032 wpa_scan_results_free(res);
4038 * wpa_driver_nl80211_get_scan_results - Fetch the latest scan results
4039 * @priv: Pointer to private wext data from wpa_driver_nl80211_init()
4040 * Returns: Scan results on success, -1 on failure
4042 static struct wpa_scan_results *
4043 wpa_driver_nl80211_get_scan_results(void *priv)
4045 struct i802_bss *bss = priv;
4046 struct wpa_driver_nl80211_data *drv = bss->drv;
4047 struct wpa_scan_results *res;
4049 res = nl80211_get_scan_results(drv);
4051 wpa_driver_nl80211_check_bss_status(drv, res);
4056 static void nl80211_dump_scan(struct wpa_driver_nl80211_data *drv)
4058 struct wpa_scan_results *res;
4061 res = nl80211_get_scan_results(drv);
4063 wpa_printf(MSG_DEBUG, "nl80211: Failed to get scan results");
4067 wpa_printf(MSG_DEBUG, "nl80211: Scan result dump");
4068 for (i = 0; i < res->num; i++) {
4069 struct wpa_scan_res *r = res->res[i];
4070 wpa_printf(MSG_DEBUG, "nl80211: %d/%d " MACSTR "%s%s",
4071 (int) i, (int) res->num, MAC2STR(r->bssid),
4072 r->flags & WPA_SCAN_AUTHENTICATED ? " [auth]" : "",
4073 r->flags & WPA_SCAN_ASSOCIATED ? " [assoc]" : "");
4076 wpa_scan_results_free(res);
4080 static int wpa_driver_nl80211_set_key(const char *ifname, void *priv,
4081 enum wpa_alg alg, const u8 *addr,
4082 int key_idx, int set_tx,
4083 const u8 *seq, size_t seq_len,
4084 const u8 *key, size_t key_len)
4086 struct i802_bss *bss = priv;
4087 struct wpa_driver_nl80211_data *drv = bss->drv;
4088 int ifindex = if_nametoindex(ifname);
4092 wpa_printf(MSG_DEBUG, "%s: ifindex=%d alg=%d addr=%p key_idx=%d "
4093 "set_tx=%d seq_len=%lu key_len=%lu",
4094 __func__, ifindex, alg, addr, key_idx, set_tx,
4095 (unsigned long) seq_len, (unsigned long) key_len);
4099 #endif /* CONFIG_TDLS */
4101 msg = nlmsg_alloc();
4105 if (alg == WPA_ALG_NONE) {
4106 nl80211_cmd(drv, msg, 0, NL80211_CMD_DEL_KEY);
4108 nl80211_cmd(drv, msg, 0, NL80211_CMD_NEW_KEY);
4109 NLA_PUT(msg, NL80211_ATTR_KEY_DATA, key_len, key);
4113 NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
4114 WLAN_CIPHER_SUITE_WEP40);
4116 NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
4117 WLAN_CIPHER_SUITE_WEP104);
4120 NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
4121 WLAN_CIPHER_SUITE_TKIP);
4124 NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
4125 WLAN_CIPHER_SUITE_CCMP);
4128 NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
4129 WLAN_CIPHER_SUITE_AES_CMAC);
4132 wpa_printf(MSG_ERROR, "%s: Unsupported encryption "
4133 "algorithm %d", __func__, alg);
4140 NLA_PUT(msg, NL80211_ATTR_KEY_SEQ, seq_len, seq);
4142 if (addr && !is_broadcast_ether_addr(addr)) {
4143 wpa_printf(MSG_DEBUG, " addr=" MACSTR, MAC2STR(addr));
4144 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
4146 if (alg != WPA_ALG_WEP && key_idx && !set_tx) {
4147 wpa_printf(MSG_DEBUG, " RSN IBSS RX GTK");
4148 NLA_PUT_U32(msg, NL80211_ATTR_KEY_TYPE,
4149 NL80211_KEYTYPE_GROUP);
4151 } else if (addr && is_broadcast_ether_addr(addr)) {
4152 struct nl_msg *types;
4154 wpa_printf(MSG_DEBUG, " broadcast key");
4155 types = nlmsg_alloc();
4157 goto nla_put_failure;
4158 NLA_PUT_FLAG(types, NL80211_KEY_DEFAULT_TYPE_MULTICAST);
4159 err = nla_put_nested(msg, NL80211_ATTR_KEY_DEFAULT_TYPES,
4163 goto nla_put_failure;
4165 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, key_idx);
4166 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifindex);
4168 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
4169 if ((ret == -ENOENT || ret == -ENOLINK) && alg == WPA_ALG_NONE)
4172 wpa_printf(MSG_DEBUG, "nl80211: set_key failed; err=%d %s)",
4173 ret, strerror(-ret));
4176 * If we failed or don't need to set the default TX key (below),
4179 if (ret || !set_tx || alg == WPA_ALG_NONE)
4181 if (is_ap_interface(drv->nlmode) && addr &&
4182 !is_broadcast_ether_addr(addr))
4185 msg = nlmsg_alloc();
4189 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_KEY);
4190 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, key_idx);
4191 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifindex);
4192 if (alg == WPA_ALG_IGTK)
4193 NLA_PUT_FLAG(msg, NL80211_ATTR_KEY_DEFAULT_MGMT);
4195 NLA_PUT_FLAG(msg, NL80211_ATTR_KEY_DEFAULT);
4196 if (addr && is_broadcast_ether_addr(addr)) {
4197 struct nl_msg *types;
4199 types = nlmsg_alloc();
4201 goto nla_put_failure;
4202 NLA_PUT_FLAG(types, NL80211_KEY_DEFAULT_TYPE_MULTICAST);
4203 err = nla_put_nested(msg, NL80211_ATTR_KEY_DEFAULT_TYPES,
4207 goto nla_put_failure;
4209 struct nl_msg *types;
4211 types = nlmsg_alloc();
4213 goto nla_put_failure;
4214 NLA_PUT_FLAG(types, NL80211_KEY_DEFAULT_TYPE_UNICAST);
4215 err = nla_put_nested(msg, NL80211_ATTR_KEY_DEFAULT_TYPES,
4219 goto nla_put_failure;
4222 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
4226 wpa_printf(MSG_DEBUG, "nl80211: set_key default failed; "
4227 "err=%d %s)", ret, strerror(-ret));
4236 static int nl_add_key(struct nl_msg *msg, enum wpa_alg alg,
4237 int key_idx, int defkey,
4238 const u8 *seq, size_t seq_len,
4239 const u8 *key, size_t key_len)
4241 struct nlattr *key_attr = nla_nest_start(msg, NL80211_ATTR_KEY);
4245 if (defkey && alg == WPA_ALG_IGTK)
4246 NLA_PUT_FLAG(msg, NL80211_KEY_DEFAULT_MGMT);
4248 NLA_PUT_FLAG(msg, NL80211_KEY_DEFAULT);
4250 NLA_PUT_U8(msg, NL80211_KEY_IDX, key_idx);
4255 NLA_PUT_U32(msg, NL80211_KEY_CIPHER,
4256 WLAN_CIPHER_SUITE_WEP40);
4258 NLA_PUT_U32(msg, NL80211_KEY_CIPHER,
4259 WLAN_CIPHER_SUITE_WEP104);
4262 NLA_PUT_U32(msg, NL80211_KEY_CIPHER, WLAN_CIPHER_SUITE_TKIP);
4265 NLA_PUT_U32(msg, NL80211_KEY_CIPHER, WLAN_CIPHER_SUITE_CCMP);
4268 NLA_PUT_U32(msg, NL80211_KEY_CIPHER,
4269 WLAN_CIPHER_SUITE_AES_CMAC);
4272 wpa_printf(MSG_ERROR, "%s: Unsupported encryption "
4273 "algorithm %d", __func__, alg);
4278 NLA_PUT(msg, NL80211_KEY_SEQ, seq_len, seq);
4280 NLA_PUT(msg, NL80211_KEY_DATA, key_len, key);
4282 nla_nest_end(msg, key_attr);
4290 static int nl80211_set_conn_keys(struct wpa_driver_associate_params *params,
4294 struct nlattr *nl_keys, *nl_key;
4296 for (i = 0; i < 4; i++) {
4297 if (!params->wep_key[i])
4302 if (params->wps == WPS_MODE_PRIVACY)
4304 if (params->pairwise_suite &&
4305 params->pairwise_suite != WPA_CIPHER_NONE)
4311 NLA_PUT_FLAG(msg, NL80211_ATTR_PRIVACY);
4313 nl_keys = nla_nest_start(msg, NL80211_ATTR_KEYS);
4315 goto nla_put_failure;
4317 for (i = 0; i < 4; i++) {
4318 if (!params->wep_key[i])
4321 nl_key = nla_nest_start(msg, i);
4323 goto nla_put_failure;
4325 NLA_PUT(msg, NL80211_KEY_DATA, params->wep_key_len[i],
4326 params->wep_key[i]);
4327 if (params->wep_key_len[i] == 5)
4328 NLA_PUT_U32(msg, NL80211_KEY_CIPHER,
4329 WLAN_CIPHER_SUITE_WEP40);
4331 NLA_PUT_U32(msg, NL80211_KEY_CIPHER,
4332 WLAN_CIPHER_SUITE_WEP104);
4334 NLA_PUT_U8(msg, NL80211_KEY_IDX, i);
4336 if (i == params->wep_tx_keyidx)
4337 NLA_PUT_FLAG(msg, NL80211_KEY_DEFAULT);
4339 nla_nest_end(msg, nl_key);
4341 nla_nest_end(msg, nl_keys);
4350 static int wpa_driver_nl80211_mlme(struct wpa_driver_nl80211_data *drv,
4351 const u8 *addr, int cmd, u16 reason_code,
4352 int local_state_change)
4357 msg = nlmsg_alloc();
4361 nl80211_cmd(drv, msg, 0, cmd);
4363 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
4364 NLA_PUT_U16(msg, NL80211_ATTR_REASON_CODE, reason_code);
4365 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
4366 if (local_state_change)
4367 NLA_PUT_FLAG(msg, NL80211_ATTR_LOCAL_STATE_CHANGE);
4369 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
4372 wpa_dbg(drv->ctx, MSG_DEBUG,
4373 "nl80211: MLME command failed: reason=%u ret=%d (%s)",
4374 reason_code, ret, strerror(-ret));
4375 goto nla_put_failure;
4385 static int wpa_driver_nl80211_disconnect(struct wpa_driver_nl80211_data *drv,
4386 const u8 *addr, int reason_code)
4388 wpa_printf(MSG_DEBUG, "%s(addr=" MACSTR " reason_code=%d)",
4389 __func__, MAC2STR(addr), reason_code);
4390 drv->associated = 0;
4391 return wpa_driver_nl80211_mlme(drv, addr, NL80211_CMD_DISCONNECT,
4396 static int wpa_driver_nl80211_deauthenticate(void *priv, const u8 *addr,
4399 struct i802_bss *bss = priv;
4400 struct wpa_driver_nl80211_data *drv = bss->drv;
4401 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME))
4402 return wpa_driver_nl80211_disconnect(drv, addr, reason_code);
4403 wpa_printf(MSG_DEBUG, "%s(addr=" MACSTR " reason_code=%d)",
4404 __func__, MAC2STR(addr), reason_code);
4405 drv->associated = 0;
4406 if (drv->nlmode == NL80211_IFTYPE_ADHOC)
4407 return nl80211_leave_ibss(drv);
4408 return wpa_driver_nl80211_mlme(drv, addr, NL80211_CMD_DEAUTHENTICATE,
4413 static int wpa_driver_nl80211_disassociate(void *priv, const u8 *addr,
4416 struct i802_bss *bss = priv;
4417 struct wpa_driver_nl80211_data *drv = bss->drv;
4418 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME))
4419 return wpa_driver_nl80211_disconnect(drv, addr, reason_code);
4420 wpa_printf(MSG_DEBUG, "%s", __func__);
4421 drv->associated = 0;
4422 return wpa_driver_nl80211_mlme(drv, addr, NL80211_CMD_DISASSOCIATE,
4427 static void nl80211_copy_auth_params(struct wpa_driver_nl80211_data *drv,
4428 struct wpa_driver_auth_params *params)
4432 drv->auth_freq = params->freq;
4433 drv->auth_alg = params->auth_alg;
4434 drv->auth_wep_tx_keyidx = params->wep_tx_keyidx;
4435 drv->auth_local_state_change = params->local_state_change;
4436 drv->auth_p2p = params->p2p;
4439 os_memcpy(drv->auth_bssid_, params->bssid, ETH_ALEN);
4441 os_memset(drv->auth_bssid_, 0, ETH_ALEN);
4444 os_memcpy(drv->auth_ssid, params->ssid, params->ssid_len);
4445 drv->auth_ssid_len = params->ssid_len;
4447 drv->auth_ssid_len = 0;
4450 os_free(drv->auth_ie);
4451 drv->auth_ie = NULL;
4452 drv->auth_ie_len = 0;
4454 drv->auth_ie = os_malloc(params->ie_len);
4456 os_memcpy(drv->auth_ie, params->ie, params->ie_len);
4457 drv->auth_ie_len = params->ie_len;
4461 for (i = 0; i < 4; i++) {
4462 if (params->wep_key[i] && params->wep_key_len[i] &&
4463 params->wep_key_len[i] <= 16) {
4464 os_memcpy(drv->auth_wep_key[i], params->wep_key[i],
4465 params->wep_key_len[i]);
4466 drv->auth_wep_key_len[i] = params->wep_key_len[i];
4468 drv->auth_wep_key_len[i] = 0;
4473 static int wpa_driver_nl80211_authenticate(
4474 void *priv, struct wpa_driver_auth_params *params)
4476 struct i802_bss *bss = priv;
4477 struct wpa_driver_nl80211_data *drv = bss->drv;
4480 enum nl80211_auth_type type;
4481 enum nl80211_iftype nlmode;
4485 is_retry = drv->retry_auth;
4486 drv->retry_auth = 0;
4488 drv->associated = 0;
4489 os_memset(drv->auth_bssid, 0, ETH_ALEN);
4490 /* FIX: IBSS mode */
4491 nlmode = params->p2p ?
4492 NL80211_IFTYPE_P2P_CLIENT : NL80211_IFTYPE_STATION;
4493 if (drv->nlmode != nlmode &&
4494 wpa_driver_nl80211_set_mode(priv, nlmode) < 0)
4498 msg = nlmsg_alloc();
4502 wpa_printf(MSG_DEBUG, "nl80211: Authenticate (ifindex=%d)",
4505 nl80211_cmd(drv, msg, 0, NL80211_CMD_AUTHENTICATE);
4507 for (i = 0; i < 4; i++) {
4508 if (!params->wep_key[i])
4510 wpa_driver_nl80211_set_key(bss->ifname, priv, WPA_ALG_WEP,
4512 i == params->wep_tx_keyidx, NULL, 0,
4514 params->wep_key_len[i]);
4515 if (params->wep_tx_keyidx != i)
4517 if (nl_add_key(msg, WPA_ALG_WEP, i, 1, NULL, 0,
4518 params->wep_key[i], params->wep_key_len[i])) {
4524 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
4525 if (params->bssid) {
4526 wpa_printf(MSG_DEBUG, " * bssid=" MACSTR,
4527 MAC2STR(params->bssid));
4528 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid);
4531 wpa_printf(MSG_DEBUG, " * freq=%d", params->freq);
4532 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, params->freq);
4535 wpa_hexdump_ascii(MSG_DEBUG, " * SSID",
4536 params->ssid, params->ssid_len);
4537 NLA_PUT(msg, NL80211_ATTR_SSID, params->ssid_len,
4540 wpa_hexdump(MSG_DEBUG, " * IEs", params->ie, params->ie_len);
4542 NLA_PUT(msg, NL80211_ATTR_IE, params->ie_len, params->ie);
4543 if (params->auth_alg & WPA_AUTH_ALG_OPEN)
4544 type = NL80211_AUTHTYPE_OPEN_SYSTEM;
4545 else if (params->auth_alg & WPA_AUTH_ALG_SHARED)
4546 type = NL80211_AUTHTYPE_SHARED_KEY;
4547 else if (params->auth_alg & WPA_AUTH_ALG_LEAP)
4548 type = NL80211_AUTHTYPE_NETWORK_EAP;
4549 else if (params->auth_alg & WPA_AUTH_ALG_FT)
4550 type = NL80211_AUTHTYPE_FT;
4552 goto nla_put_failure;
4553 wpa_printf(MSG_DEBUG, " * Auth Type %d", type);
4554 NLA_PUT_U32(msg, NL80211_ATTR_AUTH_TYPE, type);
4555 if (params->local_state_change) {
4556 wpa_printf(MSG_DEBUG, " * Local state change only");
4557 NLA_PUT_FLAG(msg, NL80211_ATTR_LOCAL_STATE_CHANGE);
4560 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
4563 wpa_dbg(drv->ctx, MSG_DEBUG,
4564 "nl80211: MLME command failed (auth): ret=%d (%s)",
4565 ret, strerror(-ret));
4567 if (ret == -EALREADY && count == 1 && params->bssid &&
4568 !params->local_state_change) {
4570 * mac80211 does not currently accept new
4571 * authentication if we are already authenticated. As a
4572 * workaround, force deauthentication and try again.
4574 wpa_printf(MSG_DEBUG, "nl80211: Retry authentication "
4575 "after forced deauthentication");
4576 wpa_driver_nl80211_deauthenticate(
4578 WLAN_REASON_PREV_AUTH_NOT_VALID);
4583 if (ret == -ENOENT && params->freq && !is_retry) {
4585 * cfg80211 has likely expired the BSS entry even
4586 * though it was previously available in our internal
4587 * BSS table. To recover quickly, start a single
4588 * channel scan on the specified channel.
4590 struct wpa_driver_scan_params scan;
4593 os_memset(&scan, 0, sizeof(scan));
4596 scan.ssids[0].ssid = params->ssid;
4597 scan.ssids[0].ssid_len = params->ssid_len;
4599 freqs[0] = params->freq;
4602 wpa_printf(MSG_DEBUG, "nl80211: Trigger single "
4603 "channel scan to refresh cfg80211 BSS "
4605 ret = wpa_driver_nl80211_scan(bss, &scan);
4607 nl80211_copy_auth_params(drv, params);
4608 drv->scan_for_auth = 1;
4610 } else if (is_retry) {
4612 * Need to indicate this with an event since the return
4613 * value from the retry is not delivered to core code.
4615 union wpa_event_data event;
4616 wpa_printf(MSG_DEBUG, "nl80211: Authentication retry "
4618 os_memset(&event, 0, sizeof(event));
4619 os_memcpy(event.timeout_event.addr, drv->auth_bssid_,
4621 wpa_supplicant_event(drv->ctx, EVENT_AUTH_TIMED_OUT,
4625 goto nla_put_failure;
4628 wpa_printf(MSG_DEBUG, "nl80211: Authentication request send "
4637 static int wpa_driver_nl80211_authenticate_retry(
4638 struct wpa_driver_nl80211_data *drv)
4640 struct wpa_driver_auth_params params;
4641 struct i802_bss *bss = &drv->first_bss;
4644 wpa_printf(MSG_DEBUG, "nl80211: Try to authenticate again");
4646 os_memset(¶ms, 0, sizeof(params));
4647 params.freq = drv->auth_freq;
4648 params.auth_alg = drv->auth_alg;
4649 params.wep_tx_keyidx = drv->auth_wep_tx_keyidx;
4650 params.local_state_change = drv->auth_local_state_change;
4651 params.p2p = drv->auth_p2p;
4653 if (!is_zero_ether_addr(drv->auth_bssid_))
4654 params.bssid = drv->auth_bssid_;
4656 if (drv->auth_ssid_len) {
4657 params.ssid = drv->auth_ssid;
4658 params.ssid_len = drv->auth_ssid_len;
4661 params.ie = drv->auth_ie;
4662 params.ie_len = drv->auth_ie_len;
4664 for (i = 0; i < 4; i++) {
4665 if (drv->auth_wep_key_len[i]) {
4666 params.wep_key[i] = drv->auth_wep_key[i];
4667 params.wep_key_len[i] = drv->auth_wep_key_len[i];
4671 drv->retry_auth = 1;
4672 return wpa_driver_nl80211_authenticate(bss, ¶ms);
4676 struct phy_info_arg {
4678 struct hostapd_hw_modes *modes;
4681 static int phy_info_handler(struct nl_msg *msg, void *arg)
4683 struct nlattr *tb_msg[NL80211_ATTR_MAX + 1];
4684 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
4685 struct phy_info_arg *phy_info = arg;
4687 struct nlattr *tb_band[NL80211_BAND_ATTR_MAX + 1];
4689 struct nlattr *tb_freq[NL80211_FREQUENCY_ATTR_MAX + 1];
4690 static struct nla_policy freq_policy[NL80211_FREQUENCY_ATTR_MAX + 1] = {
4691 [NL80211_FREQUENCY_ATTR_FREQ] = { .type = NLA_U32 },
4692 [NL80211_FREQUENCY_ATTR_DISABLED] = { .type = NLA_FLAG },
4693 [NL80211_FREQUENCY_ATTR_PASSIVE_SCAN] = { .type = NLA_FLAG },
4694 [NL80211_FREQUENCY_ATTR_NO_IBSS] = { .type = NLA_FLAG },
4695 [NL80211_FREQUENCY_ATTR_RADAR] = { .type = NLA_FLAG },
4696 [NL80211_FREQUENCY_ATTR_MAX_TX_POWER] = { .type = NLA_U32 },
4699 struct nlattr *tb_rate[NL80211_BITRATE_ATTR_MAX + 1];
4700 static struct nla_policy rate_policy[NL80211_BITRATE_ATTR_MAX + 1] = {
4701 [NL80211_BITRATE_ATTR_RATE] = { .type = NLA_U32 },
4702 [NL80211_BITRATE_ATTR_2GHZ_SHORTPREAMBLE] = { .type = NLA_FLAG },
4705 struct nlattr *nl_band;
4706 struct nlattr *nl_freq;
4707 struct nlattr *nl_rate;
4708 int rem_band, rem_freq, rem_rate;
4709 struct hostapd_hw_modes *mode;
4710 int idx, mode_is_set;
4712 nla_parse(tb_msg, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
4713 genlmsg_attrlen(gnlh, 0), NULL);
4715 if (!tb_msg[NL80211_ATTR_WIPHY_BANDS])
4718 nla_for_each_nested(nl_band, tb_msg[NL80211_ATTR_WIPHY_BANDS], rem_band) {
4719 mode = os_realloc(phy_info->modes, (*phy_info->num_modes + 1) * sizeof(*mode));
4722 phy_info->modes = mode;
4726 mode = &phy_info->modes[*(phy_info->num_modes)];
4727 memset(mode, 0, sizeof(*mode));
4728 mode->flags = HOSTAPD_MODE_FLAG_HT_INFO_KNOWN;
4729 *(phy_info->num_modes) += 1;
4731 nla_parse(tb_band, NL80211_BAND_ATTR_MAX, nla_data(nl_band),
4732 nla_len(nl_band), NULL);
4734 if (tb_band[NL80211_BAND_ATTR_HT_CAPA]) {
4735 mode->ht_capab = nla_get_u16(
4736 tb_band[NL80211_BAND_ATTR_HT_CAPA]);
4739 if (tb_band[NL80211_BAND_ATTR_HT_AMPDU_FACTOR]) {
4740 mode->a_mpdu_params |= nla_get_u8(
4741 tb_band[NL80211_BAND_ATTR_HT_AMPDU_FACTOR]) &
4745 if (tb_band[NL80211_BAND_ATTR_HT_AMPDU_DENSITY]) {
4746 mode->a_mpdu_params |= nla_get_u8(
4747 tb_band[NL80211_BAND_ATTR_HT_AMPDU_DENSITY]) <<
4751 if (tb_band[NL80211_BAND_ATTR_HT_MCS_SET] &&
4752 nla_len(tb_band[NL80211_BAND_ATTR_HT_MCS_SET])) {
4754 mcs = nla_data(tb_band[NL80211_BAND_ATTR_HT_MCS_SET]);
4755 os_memcpy(mode->mcs_set, mcs, 16);
4758 nla_for_each_nested(nl_freq, tb_band[NL80211_BAND_ATTR_FREQS], rem_freq) {
4759 nla_parse(tb_freq, NL80211_FREQUENCY_ATTR_MAX, nla_data(nl_freq),
4760 nla_len(nl_freq), freq_policy);
4761 if (!tb_freq[NL80211_FREQUENCY_ATTR_FREQ])
4763 mode->num_channels++;
4766 mode->channels = os_zalloc(mode->num_channels * sizeof(struct hostapd_channel_data));
4767 if (!mode->channels)
4772 nla_for_each_nested(nl_freq, tb_band[NL80211_BAND_ATTR_FREQS], rem_freq) {
4773 nla_parse(tb_freq, NL80211_FREQUENCY_ATTR_MAX, nla_data(nl_freq),
4774 nla_len(nl_freq), freq_policy);
4775 if (!tb_freq[NL80211_FREQUENCY_ATTR_FREQ])
4778 mode->channels[idx].freq = nla_get_u32(tb_freq[NL80211_FREQUENCY_ATTR_FREQ]);
4779 mode->channels[idx].flag = 0;
4782 /* crude heuristic */
4783 if (mode->channels[idx].freq < 4000)
4784 mode->mode = HOSTAPD_MODE_IEEE80211B;
4786 mode->mode = HOSTAPD_MODE_IEEE80211A;
4790 /* crude heuristic */
4791 if (mode->channels[idx].freq < 4000)
4792 if (mode->channels[idx].freq == 2484)
4793 mode->channels[idx].chan = 14;
4795 mode->channels[idx].chan = (mode->channels[idx].freq - 2407) / 5;
4797 mode->channels[idx].chan = mode->channels[idx].freq/5 - 1000;
4799 if (tb_freq[NL80211_FREQUENCY_ATTR_DISABLED])
4800 mode->channels[idx].flag |=
4801 HOSTAPD_CHAN_DISABLED;
4802 if (tb_freq[NL80211_FREQUENCY_ATTR_PASSIVE_SCAN])
4803 mode->channels[idx].flag |=
4804 HOSTAPD_CHAN_PASSIVE_SCAN;
4805 if (tb_freq[NL80211_FREQUENCY_ATTR_NO_IBSS])
4806 mode->channels[idx].flag |=
4807 HOSTAPD_CHAN_NO_IBSS;
4808 if (tb_freq[NL80211_FREQUENCY_ATTR_RADAR])
4809 mode->channels[idx].flag |=
4812 if (tb_freq[NL80211_FREQUENCY_ATTR_MAX_TX_POWER] &&
4813 !tb_freq[NL80211_FREQUENCY_ATTR_DISABLED])
4814 mode->channels[idx].max_tx_power =
4815 nla_get_u32(tb_freq[NL80211_FREQUENCY_ATTR_MAX_TX_POWER]) / 100;
4820 nla_for_each_nested(nl_rate, tb_band[NL80211_BAND_ATTR_RATES], rem_rate) {
4821 nla_parse(tb_rate, NL80211_BITRATE_ATTR_MAX, nla_data(nl_rate),
4822 nla_len(nl_rate), rate_policy);
4823 if (!tb_rate[NL80211_BITRATE_ATTR_RATE])
4828 mode->rates = os_zalloc(mode->num_rates * sizeof(int));
4834 nla_for_each_nested(nl_rate, tb_band[NL80211_BAND_ATTR_RATES], rem_rate) {
4835 nla_parse(tb_rate, NL80211_BITRATE_ATTR_MAX, nla_data(nl_rate),
4836 nla_len(nl_rate), rate_policy);
4837 if (!tb_rate[NL80211_BITRATE_ATTR_RATE])
4839 mode->rates[idx] = nla_get_u32(tb_rate[NL80211_BITRATE_ATTR_RATE]);
4841 /* crude heuristic */
4842 if (mode->mode == HOSTAPD_MODE_IEEE80211B &&
4843 mode->rates[idx] > 200)
4844 mode->mode = HOSTAPD_MODE_IEEE80211G;
4853 static struct hostapd_hw_modes *
4854 wpa_driver_nl80211_add_11b(struct hostapd_hw_modes *modes, u16 *num_modes)
4857 struct hostapd_hw_modes *mode11g = NULL, *nmodes, *mode;
4858 int i, mode11g_idx = -1;
4860 /* If only 802.11g mode is included, use it to construct matching
4861 * 802.11b mode data. */
4863 for (m = 0; m < *num_modes; m++) {
4864 if (modes[m].mode == HOSTAPD_MODE_IEEE80211B)
4865 return modes; /* 802.11b already included */
4866 if (modes[m].mode == HOSTAPD_MODE_IEEE80211G)
4870 if (mode11g_idx < 0)
4871 return modes; /* 2.4 GHz band not supported at all */
4873 nmodes = os_realloc(modes, (*num_modes + 1) * sizeof(*nmodes));
4875 return modes; /* Could not add 802.11b mode */
4877 mode = &nmodes[*num_modes];
4878 os_memset(mode, 0, sizeof(*mode));
4882 mode->mode = HOSTAPD_MODE_IEEE80211B;
4884 mode11g = &modes[mode11g_idx];
4885 mode->num_channels = mode11g->num_channels;
4886 mode->channels = os_malloc(mode11g->num_channels *
4887 sizeof(struct hostapd_channel_data));
4888 if (mode->channels == NULL) {
4890 return modes; /* Could not add 802.11b mode */
4892 os_memcpy(mode->channels, mode11g->channels,
4893 mode11g->num_channels * sizeof(struct hostapd_channel_data));
4895 mode->num_rates = 0;
4896 mode->rates = os_malloc(4 * sizeof(int));
4897 if (mode->rates == NULL) {
4898 os_free(mode->channels);
4900 return modes; /* Could not add 802.11b mode */
4903 for (i = 0; i < mode11g->num_rates; i++) {
4904 if (mode11g->rates[i] != 10 && mode11g->rates[i] != 20 &&
4905 mode11g->rates[i] != 55 && mode11g->rates[i] != 110)
4907 mode->rates[mode->num_rates] = mode11g->rates[i];
4909 if (mode->num_rates == 4)
4913 if (mode->num_rates == 0) {
4914 os_free(mode->channels);
4915 os_free(mode->rates);
4917 return modes; /* No 802.11b rates */
4920 wpa_printf(MSG_DEBUG, "nl80211: Added 802.11b mode based on 802.11g "
4927 static void nl80211_set_ht40_mode(struct hostapd_hw_modes *mode, int start,
4932 for (c = 0; c < mode->num_channels; c++) {
4933 struct hostapd_channel_data *chan = &mode->channels[c];
4934 if (chan->freq - 10 >= start && chan->freq + 10 <= end)
4935 chan->flag |= HOSTAPD_CHAN_HT40;
4940 static void nl80211_set_ht40_mode_sec(struct hostapd_hw_modes *mode, int start,
4945 for (c = 0; c < mode->num_channels; c++) {
4946 struct hostapd_channel_data *chan = &mode->channels[c];
4947 if (!(chan->flag & HOSTAPD_CHAN_HT40))
4949 if (chan->freq - 30 >= start && chan->freq - 10 <= end)
4950 chan->flag |= HOSTAPD_CHAN_HT40MINUS;
4951 if (chan->freq + 10 >= start && chan->freq + 30 <= end)
4952 chan->flag |= HOSTAPD_CHAN_HT40PLUS;
4957 static void nl80211_reg_rule_ht40(struct nlattr *tb[],
4958 struct phy_info_arg *results)
4960 u32 start, end, max_bw;
4963 if (tb[NL80211_ATTR_FREQ_RANGE_START] == NULL ||
4964 tb[NL80211_ATTR_FREQ_RANGE_END] == NULL ||
4965 tb[NL80211_ATTR_FREQ_RANGE_MAX_BW] == NULL)
4968 start = nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_START]) / 1000;
4969 end = nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_END]) / 1000;
4970 max_bw = nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_MAX_BW]) / 1000;
4972 wpa_printf(MSG_DEBUG, "nl80211: %u-%u @ %u MHz",
4973 start, end, max_bw);
4977 for (m = 0; m < *results->num_modes; m++) {
4978 if (!(results->modes[m].ht_capab &
4979 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET))
4981 nl80211_set_ht40_mode(&results->modes[m], start, end);
4986 static void nl80211_reg_rule_sec(struct nlattr *tb[],
4987 struct phy_info_arg *results)
4989 u32 start, end, max_bw;
4992 if (tb[NL80211_ATTR_FREQ_RANGE_START] == NULL ||
4993 tb[NL80211_ATTR_FREQ_RANGE_END] == NULL ||
4994 tb[NL80211_ATTR_FREQ_RANGE_MAX_BW] == NULL)
4997 start = nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_START]) / 1000;
4998 end = nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_END]) / 1000;
4999 max_bw = nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_MAX_BW]) / 1000;
5004 for (m = 0; m < *results->num_modes; m++) {
5005 if (!(results->modes[m].ht_capab &
5006 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET))
5008 nl80211_set_ht40_mode_sec(&results->modes[m], start, end);
5013 static int nl80211_get_reg(struct nl_msg *msg, void *arg)
5015 struct phy_info_arg *results = arg;
5016 struct nlattr *tb_msg[NL80211_ATTR_MAX + 1];
5017 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
5018 struct nlattr *nl_rule;
5019 struct nlattr *tb_rule[NL80211_FREQUENCY_ATTR_MAX + 1];
5021 static struct nla_policy reg_policy[NL80211_FREQUENCY_ATTR_MAX + 1] = {
5022 [NL80211_ATTR_REG_RULE_FLAGS] = { .type = NLA_U32 },
5023 [NL80211_ATTR_FREQ_RANGE_START] = { .type = NLA_U32 },
5024 [NL80211_ATTR_FREQ_RANGE_END] = { .type = NLA_U32 },
5025 [NL80211_ATTR_FREQ_RANGE_MAX_BW] = { .type = NLA_U32 },
5026 [NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN] = { .type = NLA_U32 },
5027 [NL80211_ATTR_POWER_RULE_MAX_EIRP] = { .type = NLA_U32 },
5030 nla_parse(tb_msg, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
5031 genlmsg_attrlen(gnlh, 0), NULL);
5032 if (!tb_msg[NL80211_ATTR_REG_ALPHA2] ||
5033 !tb_msg[NL80211_ATTR_REG_RULES]) {
5034 wpa_printf(MSG_DEBUG, "nl80211: No regulatory information "
5039 wpa_printf(MSG_DEBUG, "nl80211: Regulatory information - country=%s",
5040 (char *) nla_data(tb_msg[NL80211_ATTR_REG_ALPHA2]));
5042 nla_for_each_nested(nl_rule, tb_msg[NL80211_ATTR_REG_RULES], rem_rule)
5044 nla_parse(tb_rule, NL80211_FREQUENCY_ATTR_MAX,
5045 nla_data(nl_rule), nla_len(nl_rule), reg_policy);
5046 nl80211_reg_rule_ht40(tb_rule, results);
5049 nla_for_each_nested(nl_rule, tb_msg[NL80211_ATTR_REG_RULES], rem_rule)
5051 nla_parse(tb_rule, NL80211_FREQUENCY_ATTR_MAX,
5052 nla_data(nl_rule), nla_len(nl_rule), reg_policy);
5053 nl80211_reg_rule_sec(tb_rule, results);
5060 static int nl80211_set_ht40_flags(struct wpa_driver_nl80211_data *drv,
5061 struct phy_info_arg *results)
5065 msg = nlmsg_alloc();
5069 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_REG);
5070 return send_and_recv_msgs(drv, msg, nl80211_get_reg, results);
5074 static struct hostapd_hw_modes *
5075 wpa_driver_nl80211_get_hw_feature_data(void *priv, u16 *num_modes, u16 *flags)
5077 struct i802_bss *bss = priv;
5078 struct wpa_driver_nl80211_data *drv = bss->drv;
5080 struct phy_info_arg result = {
5081 .num_modes = num_modes,
5088 msg = nlmsg_alloc();
5092 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_WIPHY);
5094 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
5096 if (send_and_recv_msgs(drv, msg, phy_info_handler, &result) == 0) {
5097 nl80211_set_ht40_flags(drv, &result);
5098 return wpa_driver_nl80211_add_11b(result.modes, num_modes);
5107 static int wpa_driver_nl80211_send_mntr(struct wpa_driver_nl80211_data *drv,
5108 const void *data, size_t len,
5109 int encrypt, int noack)
5112 0x00, 0x00, /* radiotap version */
5113 0x0e, 0x00, /* radiotap length */
5114 0x02, 0xc0, 0x00, 0x00, /* bmap: flags, tx and rx flags */
5115 IEEE80211_RADIOTAP_F_FRAG, /* F_FRAG (fragment if required) */
5117 0x00, 0x00, /* RX and TX flags to indicate that */
5118 0x00, 0x00, /* this is the injected frame directly */
5120 struct iovec iov[2] = {
5122 .iov_base = &rtap_hdr,
5123 .iov_len = sizeof(rtap_hdr),
5126 .iov_base = (void *) data,
5130 struct msghdr msg = {
5135 .msg_control = NULL,
5136 .msg_controllen = 0,
5143 rtap_hdr[8] |= IEEE80211_RADIOTAP_F_WEP;
5145 if (drv->monitor_sock < 0) {
5146 wpa_printf(MSG_DEBUG, "nl80211: No monitor socket available "
5147 "for %s", __func__);
5152 txflags |= IEEE80211_RADIOTAP_F_TX_NOACK;
5153 *(le16 *) &rtap_hdr[12] = host_to_le16(txflags);
5155 res = sendmsg(drv->monitor_sock, &msg, 0);
5157 wpa_printf(MSG_INFO, "nl80211: sendmsg: %s", strerror(errno));
5164 static int wpa_driver_nl80211_send_frame(struct i802_bss *bss,
5165 const void *data, size_t len,
5166 int encrypt, int noack,
5167 unsigned int freq, int no_cck,
5168 int offchanok, unsigned int wait_time)
5170 struct wpa_driver_nl80211_data *drv = bss->drv;
5176 if (drv->use_monitor)
5177 return wpa_driver_nl80211_send_mntr(drv, data, len,
5180 return nl80211_send_frame_cmd(bss, freq, wait_time, data, len,
5181 &cookie, no_cck, noack, offchanok);
5185 static int wpa_driver_nl80211_send_mlme_freq(struct i802_bss *bss,
5187 size_t data_len, int noack,
5188 unsigned int freq, int no_cck,
5190 unsigned int wait_time)
5192 struct wpa_driver_nl80211_data *drv = bss->drv;
5193 struct ieee80211_mgmt *mgmt;
5197 mgmt = (struct ieee80211_mgmt *) data;
5198 fc = le_to_host16(mgmt->frame_control);
5200 if (is_sta_interface(drv->nlmode) &&
5201 WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT &&
5202 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_PROBE_RESP) {
5204 * The use of last_mgmt_freq is a bit of a hack,
5205 * but it works due to the single-threaded nature
5206 * of wpa_supplicant.
5209 freq = drv->last_mgmt_freq;
5210 return nl80211_send_frame_cmd(bss, freq, 0,
5211 data, data_len, NULL, 1, noack,
5215 if (drv->device_ap_sme && is_ap_interface(drv->nlmode)) {
5218 return nl80211_send_frame_cmd(bss, freq, 0,
5220 &drv->send_action_cookie,
5221 no_cck, noack, offchanok);
5224 if (WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT &&
5225 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_AUTH) {
5227 * Only one of the authentication frame types is encrypted.
5228 * In order for static WEP encryption to work properly (i.e.,
5229 * to not encrypt the frame), we need to tell mac80211 about
5230 * the frames that must not be encrypted.
5232 u16 auth_alg = le_to_host16(mgmt->u.auth.auth_alg);
5233 u16 auth_trans = le_to_host16(mgmt->u.auth.auth_transaction);
5234 if (auth_alg != WLAN_AUTH_SHARED_KEY || auth_trans != 3)
5238 return wpa_driver_nl80211_send_frame(bss, data, data_len, encrypt,
5239 noack, freq, no_cck, offchanok,
5244 static int wpa_driver_nl80211_send_mlme(void *priv, const u8 *data,
5245 size_t data_len, int noack)
5247 struct i802_bss *bss = priv;
5248 return wpa_driver_nl80211_send_mlme_freq(bss, data, data_len, noack,
5253 static int nl80211_set_bss(struct i802_bss *bss, int cts, int preamble,
5254 int slot, int ht_opmode, int ap_isolate,
5257 struct wpa_driver_nl80211_data *drv = bss->drv;
5260 msg = nlmsg_alloc();
5264 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_BSS);
5267 NLA_PUT_U8(msg, NL80211_ATTR_BSS_CTS_PROT, cts);
5269 NLA_PUT_U8(msg, NL80211_ATTR_BSS_SHORT_PREAMBLE, preamble);
5271 NLA_PUT_U8(msg, NL80211_ATTR_BSS_SHORT_SLOT_TIME, slot);
5273 NLA_PUT_U16(msg, NL80211_ATTR_BSS_HT_OPMODE, ht_opmode);
5274 if (ap_isolate >= 0)
5275 NLA_PUT_U8(msg, NL80211_ATTR_AP_ISOLATE, ap_isolate);
5278 u8 rates[NL80211_MAX_SUPP_RATES];
5282 for (i = 0; i < NL80211_MAX_SUPP_RATES && basic_rates[i] >= 0;
5284 rates[rates_len++] = basic_rates[i] / 5;
5286 NLA_PUT(msg, NL80211_ATTR_BSS_BASIC_RATES, rates_len, rates);
5289 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(bss->ifname));
5291 return send_and_recv_msgs(drv, msg, NULL, NULL);
5298 static int wpa_driver_nl80211_set_ap(void *priv,
5299 struct wpa_driver_ap_params *params)
5301 struct i802_bss *bss = priv;
5302 struct wpa_driver_nl80211_data *drv = bss->drv;
5304 u8 cmd = NL80211_CMD_NEW_BEACON;
5307 int ifindex = if_nametoindex(bss->ifname);
5312 beacon_set = bss->beacon_set;
5314 msg = nlmsg_alloc();
5318 wpa_printf(MSG_DEBUG, "nl80211: Set beacon (beacon_set=%d)",
5321 cmd = NL80211_CMD_SET_BEACON;
5323 nl80211_cmd(drv, msg, 0, cmd);
5324 NLA_PUT(msg, NL80211_ATTR_BEACON_HEAD, params->head_len, params->head);
5325 NLA_PUT(msg, NL80211_ATTR_BEACON_TAIL, params->tail_len, params->tail);
5326 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifindex);
5327 NLA_PUT_U32(msg, NL80211_ATTR_BEACON_INTERVAL, params->beacon_int);
5328 NLA_PUT_U32(msg, NL80211_ATTR_DTIM_PERIOD, params->dtim_period);
5329 NLA_PUT(msg, NL80211_ATTR_SSID, params->ssid_len,
5331 if (params->proberesp && params->proberesp_len)
5332 NLA_PUT(msg, NL80211_ATTR_PROBE_RESP, params->proberesp_len,
5334 switch (params->hide_ssid) {
5335 case NO_SSID_HIDING:
5336 NLA_PUT_U32(msg, NL80211_ATTR_HIDDEN_SSID,
5337 NL80211_HIDDEN_SSID_NOT_IN_USE);
5339 case HIDDEN_SSID_ZERO_LEN:
5340 NLA_PUT_U32(msg, NL80211_ATTR_HIDDEN_SSID,
5341 NL80211_HIDDEN_SSID_ZERO_LEN);
5343 case HIDDEN_SSID_ZERO_CONTENTS:
5344 NLA_PUT_U32(msg, NL80211_ATTR_HIDDEN_SSID,
5345 NL80211_HIDDEN_SSID_ZERO_CONTENTS);
5348 if (params->privacy)
5349 NLA_PUT_FLAG(msg, NL80211_ATTR_PRIVACY);
5350 if ((params->auth_algs & (WPA_AUTH_ALG_OPEN | WPA_AUTH_ALG_SHARED)) ==
5351 (WPA_AUTH_ALG_OPEN | WPA_AUTH_ALG_SHARED)) {
5352 /* Leave out the attribute */
5353 } else if (params->auth_algs & WPA_AUTH_ALG_SHARED)
5354 NLA_PUT_U32(msg, NL80211_ATTR_AUTH_TYPE,
5355 NL80211_AUTHTYPE_SHARED_KEY);
5357 NLA_PUT_U32(msg, NL80211_ATTR_AUTH_TYPE,
5358 NL80211_AUTHTYPE_OPEN_SYSTEM);
5361 if (params->wpa_version & WPA_PROTO_WPA)
5362 ver |= NL80211_WPA_VERSION_1;
5363 if (params->wpa_version & WPA_PROTO_RSN)
5364 ver |= NL80211_WPA_VERSION_2;
5366 NLA_PUT_U32(msg, NL80211_ATTR_WPA_VERSIONS, ver);
5369 if (params->key_mgmt_suites & WPA_KEY_MGMT_IEEE8021X)
5370 suites[num_suites++] = WLAN_AKM_SUITE_8021X;
5371 if (params->key_mgmt_suites & WPA_KEY_MGMT_PSK)
5372 suites[num_suites++] = WLAN_AKM_SUITE_PSK;
5374 NLA_PUT(msg, NL80211_ATTR_AKM_SUITES,
5375 num_suites * sizeof(u32), suites);
5378 if (params->key_mgmt_suites & WPA_KEY_MGMT_IEEE8021X &&
5379 params->pairwise_ciphers & (WPA_CIPHER_WEP104 | WPA_CIPHER_WEP40))
5380 NLA_PUT_FLAG(msg, NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT);
5383 if (params->pairwise_ciphers & WPA_CIPHER_CCMP)
5384 suites[num_suites++] = WLAN_CIPHER_SUITE_CCMP;
5385 if (params->pairwise_ciphers & WPA_CIPHER_TKIP)
5386 suites[num_suites++] = WLAN_CIPHER_SUITE_TKIP;
5387 if (params->pairwise_ciphers & WPA_CIPHER_WEP104)
5388 suites[num_suites++] = WLAN_CIPHER_SUITE_WEP104;
5389 if (params->pairwise_ciphers & WPA_CIPHER_WEP40)
5390 suites[num_suites++] = WLAN_CIPHER_SUITE_WEP40;
5392 NLA_PUT(msg, NL80211_ATTR_CIPHER_SUITES_PAIRWISE,
5393 num_suites * sizeof(u32), suites);
5396 switch (params->group_cipher) {
5397 case WPA_CIPHER_CCMP:
5398 NLA_PUT_U32(msg, NL80211_ATTR_CIPHER_SUITE_GROUP,
5399 WLAN_CIPHER_SUITE_CCMP);
5401 case WPA_CIPHER_TKIP:
5402 NLA_PUT_U32(msg, NL80211_ATTR_CIPHER_SUITE_GROUP,
5403 WLAN_CIPHER_SUITE_TKIP);
5405 case WPA_CIPHER_WEP104:
5406 NLA_PUT_U32(msg, NL80211_ATTR_CIPHER_SUITE_GROUP,
5407 WLAN_CIPHER_SUITE_WEP104);
5409 case WPA_CIPHER_WEP40:
5410 NLA_PUT_U32(msg, NL80211_ATTR_CIPHER_SUITE_GROUP,
5411 WLAN_CIPHER_SUITE_WEP40);
5415 if (params->beacon_ies) {
5416 NLA_PUT(msg, NL80211_ATTR_IE, wpabuf_len(params->beacon_ies),
5417 wpabuf_head(params->beacon_ies));
5419 if (params->proberesp_ies) {
5420 NLA_PUT(msg, NL80211_ATTR_IE_PROBE_RESP,
5421 wpabuf_len(params->proberesp_ies),
5422 wpabuf_head(params->proberesp_ies));
5424 if (params->assocresp_ies) {
5425 NLA_PUT(msg, NL80211_ATTR_IE_ASSOC_RESP,
5426 wpabuf_len(params->assocresp_ies),
5427 wpabuf_head(params->assocresp_ies));
5430 if (drv->capa.flags & WPA_DRIVER_FLAGS_INACTIVITY_TIMER) {
5431 NLA_PUT_U16(msg, NL80211_ATTR_INACTIVITY_TIMEOUT,
5432 params->ap_max_inactivity);
5435 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
5437 wpa_printf(MSG_DEBUG, "nl80211: Beacon set failed: %d (%s)",
5438 ret, strerror(-ret));
5440 bss->beacon_set = 1;
5441 nl80211_set_bss(bss, params->cts_protect, params->preamble,
5442 params->short_slot_time, params->ht_opmode,
5443 params->isolate, params->basic_rates);
5452 static int wpa_driver_nl80211_set_freq(struct i802_bss *bss,
5453 int freq, int ht_enabled,
5454 int sec_channel_offset)
5456 struct wpa_driver_nl80211_data *drv = bss->drv;
5460 wpa_printf(MSG_DEBUG, "nl80211: Set freq %d (ht_enabled=%d "
5461 "sec_channel_offset=%d)",
5462 freq, ht_enabled, sec_channel_offset);
5463 msg = nlmsg_alloc();
5467 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_WIPHY);
5469 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
5470 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, freq);
5472 switch (sec_channel_offset) {
5474 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE,
5475 NL80211_CHAN_HT40MINUS);
5478 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE,
5479 NL80211_CHAN_HT40PLUS);
5482 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE,
5488 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
5494 wpa_printf(MSG_DEBUG, "nl80211: Failed to set channel (freq=%d): "
5495 "%d (%s)", freq, ret, strerror(-ret));
5502 static u32 sta_flags_nl80211(int flags)
5506 if (flags & WPA_STA_AUTHORIZED)
5507 f |= BIT(NL80211_STA_FLAG_AUTHORIZED);
5508 if (flags & WPA_STA_WMM)
5509 f |= BIT(NL80211_STA_FLAG_WME);
5510 if (flags & WPA_STA_SHORT_PREAMBLE)
5511 f |= BIT(NL80211_STA_FLAG_SHORT_PREAMBLE);
5512 if (flags & WPA_STA_MFP)
5513 f |= BIT(NL80211_STA_FLAG_MFP);
5514 if (flags & WPA_STA_TDLS_PEER)
5515 f |= BIT(NL80211_STA_FLAG_TDLS_PEER);
5521 static int wpa_driver_nl80211_sta_add(void *priv,
5522 struct hostapd_sta_add_params *params)
5524 struct i802_bss *bss = priv;
5525 struct wpa_driver_nl80211_data *drv = bss->drv;
5526 struct nl_msg *msg, *wme = NULL;
5527 struct nl80211_sta_flag_update upd;
5530 if ((params->flags & WPA_STA_TDLS_PEER) &&
5531 !(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT))
5534 msg = nlmsg_alloc();
5538 nl80211_cmd(drv, msg, 0, params->set ? NL80211_CMD_SET_STATION :
5539 NL80211_CMD_NEW_STATION);
5541 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(bss->ifname));
5542 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, params->addr);
5543 NLA_PUT(msg, NL80211_ATTR_STA_SUPPORTED_RATES, params->supp_rates_len,
5544 params->supp_rates);
5546 NLA_PUT_U16(msg, NL80211_ATTR_STA_AID, params->aid);
5547 NLA_PUT_U16(msg, NL80211_ATTR_STA_LISTEN_INTERVAL,
5548 params->listen_interval);
5550 if (params->ht_capabilities) {
5551 NLA_PUT(msg, NL80211_ATTR_HT_CAPABILITY,
5552 sizeof(*params->ht_capabilities),
5553 params->ht_capabilities);
5556 os_memset(&upd, 0, sizeof(upd));
5557 upd.mask = sta_flags_nl80211(params->flags);
5559 NLA_PUT(msg, NL80211_ATTR_STA_FLAGS2, sizeof(upd), &upd);
5561 if (params->flags & WPA_STA_WMM) {
5562 wme = nlmsg_alloc();
5564 goto nla_put_failure;
5566 NLA_PUT_U8(wme, NL80211_STA_WME_UAPSD_QUEUES,
5567 params->qosinfo & WMM_QOSINFO_STA_AC_MASK);
5568 NLA_PUT_U8(wme, NL80211_STA_WME_MAX_SP,
5569 (params->qosinfo > WMM_QOSINFO_STA_SP_SHIFT) &
5570 WMM_QOSINFO_STA_SP_MASK);
5571 nla_put_nested(msg, NL80211_ATTR_STA_WME, wme);
5574 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
5577 wpa_printf(MSG_DEBUG, "nl80211: NL80211_CMD_%s_STATION "
5578 "result: %d (%s)", params->set ? "SET" : "NEW", ret,
5589 static int wpa_driver_nl80211_sta_remove(void *priv, const u8 *addr)
5591 struct i802_bss *bss = priv;
5592 struct wpa_driver_nl80211_data *drv = bss->drv;
5596 msg = nlmsg_alloc();
5600 nl80211_cmd(drv, msg, 0, NL80211_CMD_DEL_STATION);
5602 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
5603 if_nametoindex(bss->ifname));
5604 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
5606 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
5616 static void nl80211_remove_iface(struct wpa_driver_nl80211_data *drv,
5621 wpa_printf(MSG_DEBUG, "nl80211: Remove interface ifindex=%d", ifidx);
5623 /* stop listening for EAPOL on this interface */
5624 del_ifidx(drv, ifidx);
5626 msg = nlmsg_alloc();
5628 goto nla_put_failure;
5630 nl80211_cmd(drv, msg, 0, NL80211_CMD_DEL_INTERFACE);
5631 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifidx);
5633 if (send_and_recv_msgs(drv, msg, NULL, NULL) == 0)
5638 wpa_printf(MSG_ERROR, "Failed to remove interface (ifidx=%d)", ifidx);
5642 static const char * nl80211_iftype_str(enum nl80211_iftype mode)
5645 case NL80211_IFTYPE_ADHOC:
5647 case NL80211_IFTYPE_STATION:
5649 case NL80211_IFTYPE_AP:
5651 case NL80211_IFTYPE_MONITOR:
5653 case NL80211_IFTYPE_P2P_CLIENT:
5654 return "P2P_CLIENT";
5655 case NL80211_IFTYPE_P2P_GO:
5663 static int nl80211_create_iface_once(struct wpa_driver_nl80211_data *drv,
5665 enum nl80211_iftype iftype,
5666 const u8 *addr, int wds)
5668 struct nl_msg *msg, *flags = NULL;
5672 wpa_printf(MSG_DEBUG, "nl80211: Create interface iftype %d (%s)",
5673 iftype, nl80211_iftype_str(iftype));
5675 msg = nlmsg_alloc();
5679 nl80211_cmd(drv, msg, 0, NL80211_CMD_NEW_INTERFACE);
5680 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
5681 NLA_PUT_STRING(msg, NL80211_ATTR_IFNAME, ifname);
5682 NLA_PUT_U32(msg, NL80211_ATTR_IFTYPE, iftype);
5684 if (iftype == NL80211_IFTYPE_MONITOR) {
5687 flags = nlmsg_alloc();
5689 goto nla_put_failure;
5691 NLA_PUT_FLAG(flags, NL80211_MNTR_FLAG_COOK_FRAMES);
5693 err = nla_put_nested(msg, NL80211_ATTR_MNTR_FLAGS, flags);
5698 goto nla_put_failure;
5700 NLA_PUT_U8(msg, NL80211_ATTR_4ADDR, wds);
5703 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
5708 wpa_printf(MSG_ERROR, "Failed to create interface %s: %d (%s)",
5709 ifname, ret, strerror(-ret));
5713 ifidx = if_nametoindex(ifname);
5714 wpa_printf(MSG_DEBUG, "nl80211: New interface %s created: ifindex=%d",
5720 /* start listening for EAPOL on this interface */
5721 add_ifidx(drv, ifidx);
5723 if (addr && iftype != NL80211_IFTYPE_MONITOR &&
5724 linux_set_ifhwaddr(drv->global->ioctl_sock, ifname, addr)) {
5725 nl80211_remove_iface(drv, ifidx);
5733 static int nl80211_create_iface(struct wpa_driver_nl80211_data *drv,
5734 const char *ifname, enum nl80211_iftype iftype,
5735 const u8 *addr, int wds)
5739 ret = nl80211_create_iface_once(drv, ifname, iftype, addr, wds);
5741 /* if error occurred and interface exists already */
5742 if (ret == -ENFILE && if_nametoindex(ifname)) {
5743 wpa_printf(MSG_INFO, "Try to remove and re-create %s", ifname);
5745 /* Try to remove the interface that was already there. */
5746 nl80211_remove_iface(drv, if_nametoindex(ifname));
5748 /* Try to create the interface again */
5749 ret = nl80211_create_iface_once(drv, ifname, iftype, addr,
5753 if (ret >= 0 && is_p2p_interface(iftype))
5754 nl80211_disable_11b_rates(drv, ret, 1);
5760 static void handle_tx_callback(void *ctx, u8 *buf, size_t len, int ok)
5762 struct ieee80211_hdr *hdr;
5764 union wpa_event_data event;
5766 hdr = (struct ieee80211_hdr *) buf;
5767 fc = le_to_host16(hdr->frame_control);
5769 os_memset(&event, 0, sizeof(event));
5770 event.tx_status.type = WLAN_FC_GET_TYPE(fc);
5771 event.tx_status.stype = WLAN_FC_GET_STYPE(fc);
5772 event.tx_status.dst = hdr->addr1;
5773 event.tx_status.data = buf;
5774 event.tx_status.data_len = len;
5775 event.tx_status.ack = ok;
5776 wpa_supplicant_event(ctx, EVENT_TX_STATUS, &event);
5780 static void from_unknown_sta(struct wpa_driver_nl80211_data *drv,
5781 u8 *buf, size_t len)
5783 struct ieee80211_hdr *hdr = (void *)buf;
5785 union wpa_event_data event;
5787 if (len < sizeof(*hdr))
5790 fc = le_to_host16(hdr->frame_control);
5792 os_memset(&event, 0, sizeof(event));
5793 event.rx_from_unknown.bssid = get_hdr_bssid(hdr, len);
5794 event.rx_from_unknown.addr = hdr->addr2;
5795 event.rx_from_unknown.wds = (fc & (WLAN_FC_FROMDS | WLAN_FC_TODS)) ==
5796 (WLAN_FC_FROMDS | WLAN_FC_TODS);
5797 wpa_supplicant_event(drv->ctx, EVENT_RX_FROM_UNKNOWN, &event);
5801 static void handle_frame(struct wpa_driver_nl80211_data *drv,
5802 u8 *buf, size_t len, int datarate, int ssi_signal)
5804 struct ieee80211_hdr *hdr;
5806 union wpa_event_data event;
5808 hdr = (struct ieee80211_hdr *) buf;
5809 fc = le_to_host16(hdr->frame_control);
5811 switch (WLAN_FC_GET_TYPE(fc)) {
5812 case WLAN_FC_TYPE_MGMT:
5813 os_memset(&event, 0, sizeof(event));
5814 event.rx_mgmt.frame = buf;
5815 event.rx_mgmt.frame_len = len;
5816 event.rx_mgmt.datarate = datarate;
5817 event.rx_mgmt.ssi_signal = ssi_signal;
5818 wpa_supplicant_event(drv->ctx, EVENT_RX_MGMT, &event);
5820 case WLAN_FC_TYPE_CTRL:
5821 /* can only get here with PS-Poll frames */
5822 wpa_printf(MSG_DEBUG, "CTRL");
5823 from_unknown_sta(drv, buf, len);
5825 case WLAN_FC_TYPE_DATA:
5826 from_unknown_sta(drv, buf, len);
5832 static void handle_monitor_read(int sock, void *eloop_ctx, void *sock_ctx)
5834 struct wpa_driver_nl80211_data *drv = eloop_ctx;
5836 unsigned char buf[3000];
5837 struct ieee80211_radiotap_iterator iter;
5839 int datarate = 0, ssi_signal = 0;
5840 int injected = 0, failed = 0, rxflags = 0;
5842 len = recv(sock, buf, sizeof(buf), 0);
5848 if (ieee80211_radiotap_iterator_init(&iter, (void*)buf, len)) {
5849 printf("received invalid radiotap frame\n");
5854 ret = ieee80211_radiotap_iterator_next(&iter);
5858 printf("received invalid radiotap frame (%d)\n", ret);
5861 switch (iter.this_arg_index) {
5862 case IEEE80211_RADIOTAP_FLAGS:
5863 if (*iter.this_arg & IEEE80211_RADIOTAP_F_FCS)
5866 case IEEE80211_RADIOTAP_RX_FLAGS:
5869 case IEEE80211_RADIOTAP_TX_FLAGS:
5871 failed = le_to_host16((*(uint16_t *) iter.this_arg)) &
5872 IEEE80211_RADIOTAP_F_TX_FAIL;
5874 case IEEE80211_RADIOTAP_DATA_RETRIES:
5876 case IEEE80211_RADIOTAP_CHANNEL:
5877 /* TODO: convert from freq/flags to channel number */
5879 case IEEE80211_RADIOTAP_RATE:
5880 datarate = *iter.this_arg * 5;
5882 case IEEE80211_RADIOTAP_DBM_ANTSIGNAL:
5883 ssi_signal = (s8) *iter.this_arg;
5888 if (rxflags && injected)
5892 handle_frame(drv, buf + iter.max_length,
5893 len - iter.max_length, datarate, ssi_signal);
5895 handle_tx_callback(drv->ctx, buf + iter.max_length,
5896 len - iter.max_length, !failed);
5901 * we post-process the filter code later and rewrite
5902 * this to the offset to the last instruction
5907 static struct sock_filter msock_filter_insns[] = {
5909 * do a little-endian load of the radiotap length field
5911 /* load lower byte into A */
5912 BPF_STMT(BPF_LD | BPF_B | BPF_ABS, 2),
5913 /* put it into X (== index register) */
5914 BPF_STMT(BPF_MISC| BPF_TAX, 0),
5915 /* load upper byte into A */
5916 BPF_STMT(BPF_LD | BPF_B | BPF_ABS, 3),
5917 /* left-shift it by 8 */
5918 BPF_STMT(BPF_ALU | BPF_LSH | BPF_K, 8),
5920 BPF_STMT(BPF_ALU | BPF_OR | BPF_X, 0),
5921 /* put result into X */
5922 BPF_STMT(BPF_MISC| BPF_TAX, 0),
5925 * Allow management frames through, this also gives us those
5926 * management frames that we sent ourselves with status
5928 /* load the lower byte of the IEEE 802.11 frame control field */
5929 BPF_STMT(BPF_LD | BPF_B | BPF_IND, 0),
5930 /* mask off frame type and version */
5931 BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0xF),
5932 /* accept frame if it's both 0, fall through otherwise */
5933 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 0, PASS, 0),
5936 * TODO: add a bit to radiotap RX flags that indicates
5937 * that the sending station is not associated, then
5938 * add a filter here that filters on our DA and that flag
5939 * to allow us to deauth frames to that bad station.
5941 * For now allow all To DS data frames through.
5943 /* load the IEEE 802.11 frame control field */
5944 BPF_STMT(BPF_LD | BPF_H | BPF_IND, 0),
5945 /* mask off frame type, version and DS status */
5946 BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0x0F03),
5947 /* accept frame if version 0, type 2 and To DS, fall through otherwise
5949 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 0x0801, PASS, 0),
5953 * drop non-data frames
5955 /* load the lower byte of the frame control field */
5956 BPF_STMT(BPF_LD | BPF_B | BPF_IND, 0),
5957 /* mask off QoS bit */
5958 BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0x0c),
5959 /* drop non-data frames */
5960 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 8, 0, FAIL),
5962 /* load the upper byte of the frame control field */
5963 BPF_STMT(BPF_LD | BPF_B | BPF_IND, 1),
5964 /* mask off toDS/fromDS */
5965 BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0x03),
5966 /* accept WDS frames */
5967 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 3, PASS, 0),
5970 * add header length to index
5972 /* load the lower byte of the frame control field */
5973 BPF_STMT(BPF_LD | BPF_B | BPF_IND, 0),
5974 /* mask off QoS bit */
5975 BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0x80),
5976 /* right shift it by 6 to give 0 or 2 */
5977 BPF_STMT(BPF_ALU | BPF_RSH | BPF_K, 6),
5978 /* add data frame header length */
5979 BPF_STMT(BPF_ALU | BPF_ADD | BPF_K, 24),
5980 /* add index, was start of 802.11 header */
5981 BPF_STMT(BPF_ALU | BPF_ADD | BPF_X, 0),
5982 /* move to index, now start of LL header */
5983 BPF_STMT(BPF_MISC | BPF_TAX, 0),
5986 * Accept empty data frames, we use those for
5989 BPF_STMT(BPF_LD | BPF_W | BPF_LEN, 0),
5990 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_X, 0, PASS, 0),
5993 * Accept EAPOL frames
5995 BPF_STMT(BPF_LD | BPF_W | BPF_IND, 0),
5996 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 0xAAAA0300, 0, FAIL),
5997 BPF_STMT(BPF_LD | BPF_W | BPF_IND, 4),
5998 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 0x0000888E, PASS, FAIL),
6000 /* keep these last two statements or change the code below */
6001 /* return 0 == "DROP" */
6002 BPF_STMT(BPF_RET | BPF_K, 0),
6003 /* return ~0 == "keep all" */
6004 BPF_STMT(BPF_RET | BPF_K, ~0),
6007 static struct sock_fprog msock_filter = {
6008 .len = sizeof(msock_filter_insns)/sizeof(msock_filter_insns[0]),
6009 .filter = msock_filter_insns,
6013 static int add_monitor_filter(int s)
6017 /* rewrite all PASS/FAIL jump offsets */
6018 for (idx = 0; idx < msock_filter.len; idx++) {
6019 struct sock_filter *insn = &msock_filter_insns[idx];
6021 if (BPF_CLASS(insn->code) == BPF_JMP) {
6022 if (insn->code == (BPF_JMP|BPF_JA)) {
6023 if (insn->k == PASS)
6024 insn->k = msock_filter.len - idx - 2;
6025 else if (insn->k == FAIL)
6026 insn->k = msock_filter.len - idx - 3;
6029 if (insn->jt == PASS)
6030 insn->jt = msock_filter.len - idx - 2;
6031 else if (insn->jt == FAIL)
6032 insn->jt = msock_filter.len - idx - 3;
6034 if (insn->jf == PASS)
6035 insn->jf = msock_filter.len - idx - 2;
6036 else if (insn->jf == FAIL)
6037 insn->jf = msock_filter.len - idx - 3;
6041 if (setsockopt(s, SOL_SOCKET, SO_ATTACH_FILTER,
6042 &msock_filter, sizeof(msock_filter))) {
6043 perror("SO_ATTACH_FILTER");
6051 static void nl80211_remove_monitor_interface(
6052 struct wpa_driver_nl80211_data *drv)
6054 drv->monitor_refcount--;
6055 if (drv->monitor_refcount > 0)
6058 if (drv->monitor_ifidx >= 0) {
6059 nl80211_remove_iface(drv, drv->monitor_ifidx);
6060 drv->monitor_ifidx = -1;
6062 if (drv->monitor_sock >= 0) {
6063 eloop_unregister_read_sock(drv->monitor_sock);
6064 close(drv->monitor_sock);
6065 drv->monitor_sock = -1;
6071 nl80211_create_monitor_interface(struct wpa_driver_nl80211_data *drv)
6074 struct sockaddr_ll ll;
6078 if (drv->monitor_ifidx >= 0) {
6079 drv->monitor_refcount++;
6083 if (os_strncmp(drv->first_bss.ifname, "p2p-", 4) == 0) {
6085 * P2P interface name is of the format p2p-%s-%d. For monitor
6086 * interface name corresponding to P2P GO, replace "p2p-" with
6087 * "mon-" to retain the same interface name length and to
6088 * indicate that it is a monitor interface.
6090 snprintf(buf, IFNAMSIZ, "mon-%s", drv->first_bss.ifname + 4);
6092 /* Non-P2P interface with AP functionality. */
6093 snprintf(buf, IFNAMSIZ, "mon.%s", drv->first_bss.ifname);
6096 buf[IFNAMSIZ - 1] = '\0';
6098 drv->monitor_ifidx =
6099 nl80211_create_iface(drv, buf, NL80211_IFTYPE_MONITOR, NULL,
6102 if (drv->monitor_ifidx == -EOPNOTSUPP) {
6104 * This is backward compatibility for a few versions of
6105 * the kernel only that didn't advertise the right
6106 * attributes for the only driver that then supported
6107 * AP mode w/o monitor -- ath6kl.
6109 wpa_printf(MSG_DEBUG, "nl80211: Driver does not support "
6110 "monitor interface type - try to run without it");
6111 drv->device_ap_sme = 1;
6114 if (drv->monitor_ifidx < 0)
6117 if (linux_set_iface_flags(drv->global->ioctl_sock, buf, 1))
6120 memset(&ll, 0, sizeof(ll));
6121 ll.sll_family = AF_PACKET;
6122 ll.sll_ifindex = drv->monitor_ifidx;
6123 drv->monitor_sock = socket(PF_PACKET, SOCK_RAW, htons(ETH_P_ALL));
6124 if (drv->monitor_sock < 0) {
6125 perror("socket[PF_PACKET,SOCK_RAW]");
6129 if (add_monitor_filter(drv->monitor_sock)) {
6130 wpa_printf(MSG_INFO, "Failed to set socket filter for monitor "
6131 "interface; do filtering in user space");
6132 /* This works, but will cost in performance. */
6135 if (bind(drv->monitor_sock, (struct sockaddr *) &ll, sizeof(ll)) < 0) {
6136 perror("monitor socket bind");
6140 optlen = sizeof(optval);
6143 (drv->monitor_sock, SOL_SOCKET, SO_PRIORITY, &optval, optlen)) {
6144 perror("Failed to set socket priority");
6148 if (eloop_register_read_sock(drv->monitor_sock, handle_monitor_read,
6150 printf("Could not register monitor read socket\n");
6156 nl80211_remove_monitor_interface(drv);
6161 static int nl80211_setup_ap(struct i802_bss *bss)
6163 struct wpa_driver_nl80211_data *drv = bss->drv;
6165 wpa_printf(MSG_DEBUG, "nl80211: Setup AP - device_ap_sme=%d "
6166 "use_monitor=%d", drv->device_ap_sme, drv->use_monitor);
6169 * Disable Probe Request reporting unless we need it in this way for
6170 * devices that include the AP SME, in the other case (unless using
6171 * monitor iface) we'll get it through the nl_mgmt socket instead.
6173 if (!drv->device_ap_sme)
6174 wpa_driver_nl80211_probe_req_report(bss, 0);
6176 if (!drv->device_ap_sme && !drv->use_monitor)
6177 if (nl80211_mgmt_subscribe_ap(bss))
6180 if (drv->device_ap_sme && !drv->use_monitor)
6181 if (nl80211_mgmt_subscribe_ap_dev_sme(bss))
6184 if (!drv->device_ap_sme && drv->use_monitor &&
6185 nl80211_create_monitor_interface(drv) &&
6186 !drv->device_ap_sme)
6189 if (drv->device_ap_sme &&
6190 wpa_driver_nl80211_probe_req_report(bss, 1) < 0) {
6191 wpa_printf(MSG_DEBUG, "nl80211: Failed to enable "
6192 "Probe Request frame reporting in AP mode");
6193 /* Try to survive without this */
6200 static void nl80211_teardown_ap(struct i802_bss *bss)
6202 struct wpa_driver_nl80211_data *drv = bss->drv;
6204 if (drv->device_ap_sme) {
6205 wpa_driver_nl80211_probe_req_report(bss, 0);
6206 if (!drv->use_monitor)
6207 nl80211_mgmt_unsubscribe(bss, "AP teardown (dev SME)");
6208 } else if (drv->use_monitor)
6209 nl80211_remove_monitor_interface(drv);
6211 nl80211_mgmt_unsubscribe(bss, "AP teardown");
6213 bss->beacon_set = 0;
6217 static int nl80211_send_eapol_data(struct i802_bss *bss,
6218 const u8 *addr, const u8 *data,
6221 struct sockaddr_ll ll;
6224 if (bss->drv->eapol_tx_sock < 0) {
6225 wpa_printf(MSG_DEBUG, "nl80211: No socket to send EAPOL");
6229 os_memset(&ll, 0, sizeof(ll));
6230 ll.sll_family = AF_PACKET;
6231 ll.sll_ifindex = bss->ifindex;
6232 ll.sll_protocol = htons(ETH_P_PAE);
6233 ll.sll_halen = ETH_ALEN;
6234 os_memcpy(ll.sll_addr, addr, ETH_ALEN);
6235 ret = sendto(bss->drv->eapol_tx_sock, data, data_len, 0,
6236 (struct sockaddr *) &ll, sizeof(ll));
6238 wpa_printf(MSG_ERROR, "nl80211: EAPOL TX: %s",
6245 static const u8 rfc1042_header[6] = { 0xaa, 0xaa, 0x03, 0x00, 0x00, 0x00 };
6247 static int wpa_driver_nl80211_hapd_send_eapol(
6248 void *priv, const u8 *addr, const u8 *data,
6249 size_t data_len, int encrypt, const u8 *own_addr, u32 flags)
6251 struct i802_bss *bss = priv;
6252 struct wpa_driver_nl80211_data *drv = bss->drv;
6253 struct ieee80211_hdr *hdr;
6257 int qos = flags & WPA_STA_WMM;
6259 if (drv->device_ap_sme || !drv->use_monitor)
6260 return nl80211_send_eapol_data(bss, addr, data, data_len);
6262 len = sizeof(*hdr) + (qos ? 2 : 0) + sizeof(rfc1042_header) + 2 +
6264 hdr = os_zalloc(len);
6266 printf("malloc() failed for i802_send_data(len=%lu)\n",
6267 (unsigned long) len);
6271 hdr->frame_control =
6272 IEEE80211_FC(WLAN_FC_TYPE_DATA, WLAN_FC_STYPE_DATA);
6273 hdr->frame_control |= host_to_le16(WLAN_FC_FROMDS);
6275 hdr->frame_control |= host_to_le16(WLAN_FC_ISWEP);
6277 hdr->frame_control |=
6278 host_to_le16(WLAN_FC_STYPE_QOS_DATA << 4);
6281 memcpy(hdr->IEEE80211_DA_FROMDS, addr, ETH_ALEN);
6282 memcpy(hdr->IEEE80211_BSSID_FROMDS, own_addr, ETH_ALEN);
6283 memcpy(hdr->IEEE80211_SA_FROMDS, own_addr, ETH_ALEN);
6284 pos = (u8 *) (hdr + 1);
6287 /* add an empty QoS header if needed */
6293 memcpy(pos, rfc1042_header, sizeof(rfc1042_header));
6294 pos += sizeof(rfc1042_header);
6295 WPA_PUT_BE16(pos, ETH_P_PAE);
6297 memcpy(pos, data, data_len);
6299 res = wpa_driver_nl80211_send_frame(bss, (u8 *) hdr, len, encrypt, 0,
6302 wpa_printf(MSG_ERROR, "i802_send_eapol - packet len: %lu - "
6304 (unsigned long) len, errno, strerror(errno));
6312 static int wpa_driver_nl80211_sta_set_flags(void *priv, const u8 *addr,
6314 int flags_or, int flags_and)
6316 struct i802_bss *bss = priv;
6317 struct wpa_driver_nl80211_data *drv = bss->drv;
6318 struct nl_msg *msg, *flags = NULL;
6319 struct nl80211_sta_flag_update upd;
6321 msg = nlmsg_alloc();
6325 flags = nlmsg_alloc();
6331 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_STATION);
6333 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
6334 if_nametoindex(bss->ifname));
6335 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
6338 * Backwards compatibility version using NL80211_ATTR_STA_FLAGS. This
6339 * can be removed eventually.
6341 if (total_flags & WPA_STA_AUTHORIZED)
6342 NLA_PUT_FLAG(flags, NL80211_STA_FLAG_AUTHORIZED);
6344 if (total_flags & WPA_STA_WMM)
6345 NLA_PUT_FLAG(flags, NL80211_STA_FLAG_WME);
6347 if (total_flags & WPA_STA_SHORT_PREAMBLE)
6348 NLA_PUT_FLAG(flags, NL80211_STA_FLAG_SHORT_PREAMBLE);
6350 if (total_flags & WPA_STA_MFP)
6351 NLA_PUT_FLAG(flags, NL80211_STA_FLAG_MFP);
6353 if (total_flags & WPA_STA_TDLS_PEER)
6354 NLA_PUT_FLAG(flags, NL80211_STA_FLAG_TDLS_PEER);
6356 if (nla_put_nested(msg, NL80211_ATTR_STA_FLAGS, flags))
6357 goto nla_put_failure;
6359 os_memset(&upd, 0, sizeof(upd));
6360 upd.mask = sta_flags_nl80211(flags_or | ~flags_and);
6361 upd.set = sta_flags_nl80211(flags_or);
6362 NLA_PUT(msg, NL80211_ATTR_STA_FLAGS2, sizeof(upd), &upd);
6366 return send_and_recv_msgs(drv, msg, NULL, NULL);
6374 static int wpa_driver_nl80211_ap(struct wpa_driver_nl80211_data *drv,
6375 struct wpa_driver_associate_params *params)
6377 enum nl80211_iftype nlmode;
6380 wpa_printf(MSG_DEBUG, "nl80211: Setup AP operations for P2P "
6382 nlmode = NL80211_IFTYPE_P2P_GO;
6384 nlmode = NL80211_IFTYPE_AP;
6386 if (wpa_driver_nl80211_set_mode(&drv->first_bss, nlmode) ||
6387 wpa_driver_nl80211_set_freq(&drv->first_bss, params->freq, 0, 0)) {
6388 nl80211_remove_monitor_interface(drv);
6396 static int nl80211_leave_ibss(struct wpa_driver_nl80211_data *drv)
6401 msg = nlmsg_alloc();
6405 nl80211_cmd(drv, msg, 0, NL80211_CMD_LEAVE_IBSS);
6406 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
6407 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
6410 wpa_printf(MSG_DEBUG, "nl80211: Leave IBSS failed: ret=%d "
6411 "(%s)", ret, strerror(-ret));
6412 goto nla_put_failure;
6416 wpa_printf(MSG_DEBUG, "nl80211: Leave IBSS request sent successfully");
6424 static int wpa_driver_nl80211_ibss(struct wpa_driver_nl80211_data *drv,
6425 struct wpa_driver_associate_params *params)
6431 wpa_printf(MSG_DEBUG, "nl80211: Join IBSS (ifindex=%d)", drv->ifindex);
6433 if (wpa_driver_nl80211_set_mode(&drv->first_bss,
6434 NL80211_IFTYPE_ADHOC)) {
6435 wpa_printf(MSG_INFO, "nl80211: Failed to set interface into "
6441 msg = nlmsg_alloc();
6445 nl80211_cmd(drv, msg, 0, NL80211_CMD_JOIN_IBSS);
6446 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
6448 if (params->ssid == NULL || params->ssid_len > sizeof(drv->ssid))
6449 goto nla_put_failure;
6451 wpa_hexdump_ascii(MSG_DEBUG, " * SSID",
6452 params->ssid, params->ssid_len);
6453 NLA_PUT(msg, NL80211_ATTR_SSID, params->ssid_len,
6455 os_memcpy(drv->ssid, params->ssid, params->ssid_len);
6456 drv->ssid_len = params->ssid_len;
6458 wpa_printf(MSG_DEBUG, " * freq=%d", params->freq);
6459 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, params->freq);
6461 ret = nl80211_set_conn_keys(params, msg);
6463 goto nla_put_failure;
6465 if (params->bssid && params->fixed_bssid) {
6466 wpa_printf(MSG_DEBUG, " * BSSID=" MACSTR,
6467 MAC2STR(params->bssid));
6468 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid);
6471 if (params->key_mgmt_suite == KEY_MGMT_802_1X ||
6472 params->key_mgmt_suite == KEY_MGMT_PSK ||
6473 params->key_mgmt_suite == KEY_MGMT_802_1X_SHA256 ||
6474 params->key_mgmt_suite == KEY_MGMT_PSK_SHA256) {
6475 wpa_printf(MSG_DEBUG, " * control port");
6476 NLA_PUT_FLAG(msg, NL80211_ATTR_CONTROL_PORT);
6479 if (params->wpa_ie) {
6480 wpa_hexdump(MSG_DEBUG,
6481 " * Extra IEs for Beacon/Probe Response frames",
6482 params->wpa_ie, params->wpa_ie_len);
6483 NLA_PUT(msg, NL80211_ATTR_IE, params->wpa_ie_len,
6487 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
6490 wpa_printf(MSG_DEBUG, "nl80211: Join IBSS failed: ret=%d (%s)",
6491 ret, strerror(-ret));
6493 if (ret == -EALREADY && count == 1) {
6494 wpa_printf(MSG_DEBUG, "nl80211: Retry IBSS join after "
6496 nl80211_leave_ibss(drv);
6501 goto nla_put_failure;
6504 wpa_printf(MSG_DEBUG, "nl80211: Join IBSS request sent successfully");
6512 static unsigned int nl80211_get_assoc_bssid(struct wpa_driver_nl80211_data *drv,
6517 struct nl80211_bss_info_arg arg;
6519 os_memset(&arg, 0, sizeof(arg));
6520 msg = nlmsg_alloc();
6522 goto nla_put_failure;
6524 nl80211_cmd(drv, msg, NLM_F_DUMP, NL80211_CMD_GET_SCAN);
6525 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
6528 ret = send_and_recv_msgs(drv, msg, bss_info_handler, &arg);
6531 if (is_zero_ether_addr(arg.assoc_bssid))
6533 os_memcpy(bssid, arg.assoc_bssid, ETH_ALEN);
6536 wpa_printf(MSG_DEBUG, "nl80211: Scan result fetch failed: ret=%d "
6537 "(%s)", ret, strerror(-ret));
6540 return drv->assoc_freq;
6544 static int nl80211_disconnect(struct wpa_driver_nl80211_data *drv,
6549 if (bssid == NULL) {
6550 int res = nl80211_get_assoc_bssid(drv, addr);
6556 return wpa_driver_nl80211_disconnect(drv, bssid,
6557 WLAN_REASON_PREV_AUTH_NOT_VALID);
6561 static int wpa_driver_nl80211_connect(
6562 struct wpa_driver_nl80211_data *drv,
6563 struct wpa_driver_associate_params *params)
6566 enum nl80211_auth_type type;
6570 msg = nlmsg_alloc();
6574 wpa_printf(MSG_DEBUG, "nl80211: Connect (ifindex=%d)", drv->ifindex);
6575 nl80211_cmd(drv, msg, 0, NL80211_CMD_CONNECT);
6577 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
6578 if (params->bssid) {
6579 wpa_printf(MSG_DEBUG, " * bssid=" MACSTR,
6580 MAC2STR(params->bssid));
6581 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid);
6584 wpa_printf(MSG_DEBUG, " * freq=%d", params->freq);
6585 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, params->freq);
6587 if (params->bg_scan_period >= 0) {
6588 wpa_printf(MSG_DEBUG, " * bg scan period=%d",
6589 params->bg_scan_period);
6590 NLA_PUT_U16(msg, NL80211_ATTR_BG_SCAN_PERIOD,
6591 params->bg_scan_period);
6594 wpa_hexdump_ascii(MSG_DEBUG, " * SSID",
6595 params->ssid, params->ssid_len);
6596 NLA_PUT(msg, NL80211_ATTR_SSID, params->ssid_len,
6598 if (params->ssid_len > sizeof(drv->ssid))
6599 goto nla_put_failure;
6600 os_memcpy(drv->ssid, params->ssid, params->ssid_len);
6601 drv->ssid_len = params->ssid_len;
6603 wpa_hexdump(MSG_DEBUG, " * IEs", params->wpa_ie, params->wpa_ie_len);
6605 NLA_PUT(msg, NL80211_ATTR_IE, params->wpa_ie_len,
6609 if (params->auth_alg & WPA_AUTH_ALG_OPEN)
6611 if (params->auth_alg & WPA_AUTH_ALG_SHARED)
6613 if (params->auth_alg & WPA_AUTH_ALG_LEAP)
6616 wpa_printf(MSG_DEBUG, " * Leave out Auth Type for automatic "
6618 goto skip_auth_type;
6621 if (params->auth_alg & WPA_AUTH_ALG_OPEN)
6622 type = NL80211_AUTHTYPE_OPEN_SYSTEM;
6623 else if (params->auth_alg & WPA_AUTH_ALG_SHARED)
6624 type = NL80211_AUTHTYPE_SHARED_KEY;
6625 else if (params->auth_alg & WPA_AUTH_ALG_LEAP)
6626 type = NL80211_AUTHTYPE_NETWORK_EAP;
6627 else if (params->auth_alg & WPA_AUTH_ALG_FT)
6628 type = NL80211_AUTHTYPE_FT;
6630 goto nla_put_failure;
6632 wpa_printf(MSG_DEBUG, " * Auth Type %d", type);
6633 NLA_PUT_U32(msg, NL80211_ATTR_AUTH_TYPE, type);
6636 if (params->wpa_proto) {
6637 enum nl80211_wpa_versions ver = 0;
6639 if (params->wpa_proto & WPA_PROTO_WPA)
6640 ver |= NL80211_WPA_VERSION_1;
6641 if (params->wpa_proto & WPA_PROTO_RSN)
6642 ver |= NL80211_WPA_VERSION_2;
6644 wpa_printf(MSG_DEBUG, " * WPA Versions 0x%x", ver);
6645 NLA_PUT_U32(msg, NL80211_ATTR_WPA_VERSIONS, ver);
6648 if (params->pairwise_suite != CIPHER_NONE) {
6651 switch (params->pairwise_suite) {
6653 cipher = WLAN_CIPHER_SUITE_WEP40;
6656 cipher = WLAN_CIPHER_SUITE_WEP104;
6659 cipher = WLAN_CIPHER_SUITE_CCMP;
6663 cipher = WLAN_CIPHER_SUITE_TKIP;
6666 NLA_PUT_U32(msg, NL80211_ATTR_CIPHER_SUITES_PAIRWISE, cipher);
6669 if (params->group_suite != CIPHER_NONE) {
6672 switch (params->group_suite) {
6674 cipher = WLAN_CIPHER_SUITE_WEP40;
6677 cipher = WLAN_CIPHER_SUITE_WEP104;
6680 cipher = WLAN_CIPHER_SUITE_CCMP;
6684 cipher = WLAN_CIPHER_SUITE_TKIP;
6687 NLA_PUT_U32(msg, NL80211_ATTR_CIPHER_SUITE_GROUP, cipher);
6690 if (params->key_mgmt_suite == KEY_MGMT_802_1X ||
6691 params->key_mgmt_suite == KEY_MGMT_PSK) {
6692 int mgmt = WLAN_AKM_SUITE_PSK;
6694 switch (params->key_mgmt_suite) {
6695 case KEY_MGMT_802_1X:
6696 mgmt = WLAN_AKM_SUITE_8021X;
6700 mgmt = WLAN_AKM_SUITE_PSK;
6703 NLA_PUT_U32(msg, NL80211_ATTR_AKM_SUITES, mgmt);
6706 if (params->disable_ht)
6707 NLA_PUT_FLAG(msg, NL80211_ATTR_DISABLE_HT);
6709 if (params->htcaps && params->htcaps_mask) {
6710 int sz = sizeof(struct ieee80211_ht_capabilities);
6711 NLA_PUT(msg, NL80211_ATTR_HT_CAPABILITY, sz, params->htcaps);
6712 NLA_PUT(msg, NL80211_ATTR_HT_CAPABILITY_MASK, sz,
6713 params->htcaps_mask);
6716 ret = nl80211_set_conn_keys(params, msg);
6718 goto nla_put_failure;
6720 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
6723 wpa_printf(MSG_DEBUG, "nl80211: MLME connect failed: ret=%d "
6724 "(%s)", ret, strerror(-ret));
6726 * cfg80211 does not currently accept new connection if we are
6727 * already connected. As a workaround, force disconnection and
6728 * try again once the driver indicates it completed
6731 if (ret == -EALREADY)
6732 nl80211_disconnect(drv, params->bssid);
6733 goto nla_put_failure;
6736 wpa_printf(MSG_DEBUG, "nl80211: Connect request send successfully");
6745 static int wpa_driver_nl80211_associate(
6746 void *priv, struct wpa_driver_associate_params *params)
6748 struct i802_bss *bss = priv;
6749 struct wpa_driver_nl80211_data *drv = bss->drv;
6753 if (params->mode == IEEE80211_MODE_AP)
6754 return wpa_driver_nl80211_ap(drv, params);
6756 if (params->mode == IEEE80211_MODE_IBSS)
6757 return wpa_driver_nl80211_ibss(drv, params);
6759 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME)) {
6760 enum nl80211_iftype nlmode = params->p2p ?
6761 NL80211_IFTYPE_P2P_CLIENT : NL80211_IFTYPE_STATION;
6763 if (wpa_driver_nl80211_set_mode(priv, nlmode) < 0)
6765 return wpa_driver_nl80211_connect(drv, params);
6768 drv->associated = 0;
6770 msg = nlmsg_alloc();
6774 wpa_printf(MSG_DEBUG, "nl80211: Associate (ifindex=%d)",
6776 nl80211_cmd(drv, msg, 0, NL80211_CMD_ASSOCIATE);
6778 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
6779 if (params->bssid) {
6780 wpa_printf(MSG_DEBUG, " * bssid=" MACSTR,
6781 MAC2STR(params->bssid));
6782 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid);
6785 wpa_printf(MSG_DEBUG, " * freq=%d", params->freq);
6786 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, params->freq);
6787 drv->assoc_freq = params->freq;
6789 drv->assoc_freq = 0;
6790 if (params->bg_scan_period >= 0) {
6791 wpa_printf(MSG_DEBUG, " * bg scan period=%d",
6792 params->bg_scan_period);
6793 NLA_PUT_U16(msg, NL80211_ATTR_BG_SCAN_PERIOD,
6794 params->bg_scan_period);
6797 wpa_hexdump_ascii(MSG_DEBUG, " * SSID",
6798 params->ssid, params->ssid_len);
6799 NLA_PUT(msg, NL80211_ATTR_SSID, params->ssid_len,
6801 if (params->ssid_len > sizeof(drv->ssid))
6802 goto nla_put_failure;
6803 os_memcpy(drv->ssid, params->ssid, params->ssid_len);
6804 drv->ssid_len = params->ssid_len;
6806 wpa_hexdump(MSG_DEBUG, " * IEs", params->wpa_ie, params->wpa_ie_len);
6808 NLA_PUT(msg, NL80211_ATTR_IE, params->wpa_ie_len,
6811 if (params->pairwise_suite != CIPHER_NONE) {
6814 switch (params->pairwise_suite) {
6816 cipher = WLAN_CIPHER_SUITE_WEP40;
6819 cipher = WLAN_CIPHER_SUITE_WEP104;
6822 cipher = WLAN_CIPHER_SUITE_CCMP;
6826 cipher = WLAN_CIPHER_SUITE_TKIP;
6829 wpa_printf(MSG_DEBUG, " * pairwise=0x%x", cipher);
6830 NLA_PUT_U32(msg, NL80211_ATTR_CIPHER_SUITES_PAIRWISE, cipher);
6833 if (params->group_suite != CIPHER_NONE) {
6836 switch (params->group_suite) {
6838 cipher = WLAN_CIPHER_SUITE_WEP40;
6841 cipher = WLAN_CIPHER_SUITE_WEP104;
6844 cipher = WLAN_CIPHER_SUITE_CCMP;
6848 cipher = WLAN_CIPHER_SUITE_TKIP;
6851 wpa_printf(MSG_DEBUG, " * group=0x%x", cipher);
6852 NLA_PUT_U32(msg, NL80211_ATTR_CIPHER_SUITE_GROUP, cipher);
6855 #ifdef CONFIG_IEEE80211W
6856 if (params->mgmt_frame_protection == MGMT_FRAME_PROTECTION_REQUIRED)
6857 NLA_PUT_U32(msg, NL80211_ATTR_USE_MFP, NL80211_MFP_REQUIRED);
6858 #endif /* CONFIG_IEEE80211W */
6860 NLA_PUT_FLAG(msg, NL80211_ATTR_CONTROL_PORT);
6862 if (params->prev_bssid) {
6863 wpa_printf(MSG_DEBUG, " * prev_bssid=" MACSTR,
6864 MAC2STR(params->prev_bssid));
6865 NLA_PUT(msg, NL80211_ATTR_PREV_BSSID, ETH_ALEN,
6866 params->prev_bssid);
6869 if (params->disable_ht)
6870 NLA_PUT_FLAG(msg, NL80211_ATTR_DISABLE_HT);
6872 if (params->htcaps && params->htcaps_mask) {
6873 int sz = sizeof(struct ieee80211_ht_capabilities);
6874 NLA_PUT(msg, NL80211_ATTR_HT_CAPABILITY, sz, params->htcaps);
6875 NLA_PUT(msg, NL80211_ATTR_HT_CAPABILITY_MASK, sz,
6876 params->htcaps_mask);
6880 wpa_printf(MSG_DEBUG, " * P2P group");
6882 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
6885 wpa_dbg(drv->ctx, MSG_DEBUG,
6886 "nl80211: MLME command failed (assoc): ret=%d (%s)",
6887 ret, strerror(-ret));
6888 nl80211_dump_scan(drv);
6889 goto nla_put_failure;
6892 wpa_printf(MSG_DEBUG, "nl80211: Association request send "
6901 static int nl80211_set_mode(struct wpa_driver_nl80211_data *drv,
6902 int ifindex, enum nl80211_iftype mode)
6907 wpa_printf(MSG_DEBUG, "nl80211: Set mode ifindex %d iftype %d (%s)",
6908 ifindex, mode, nl80211_iftype_str(mode));
6910 msg = nlmsg_alloc();
6914 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_INTERFACE);
6915 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifindex);
6916 NLA_PUT_U32(msg, NL80211_ATTR_IFTYPE, mode);
6918 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
6924 wpa_printf(MSG_DEBUG, "nl80211: Failed to set interface %d to mode %d:"
6925 " %d (%s)", ifindex, mode, ret, strerror(-ret));
6930 static int wpa_driver_nl80211_set_mode(struct i802_bss *bss,
6931 enum nl80211_iftype nlmode)
6933 struct wpa_driver_nl80211_data *drv = bss->drv;
6936 int was_ap = is_ap_interface(drv->nlmode);
6939 res = nl80211_set_mode(drv, drv->ifindex, nlmode);
6941 drv->nlmode = nlmode;
6949 if (nlmode == drv->nlmode) {
6950 wpa_printf(MSG_DEBUG, "nl80211: Interface already in "
6951 "requested mode - ignore error");
6953 goto done; /* Already in the requested mode */
6956 /* mac80211 doesn't allow mode changes while the device is up, so
6957 * take the device down, try to set the mode again, and bring the
6960 wpa_printf(MSG_DEBUG, "nl80211: Try mode change after setting "
6962 for (i = 0; i < 10; i++) {
6963 res = linux_set_iface_flags(drv->global->ioctl_sock,
6965 if (res == -EACCES || res == -ENODEV)
6968 /* Try to set the mode again while the interface is
6970 ret = nl80211_set_mode(drv, drv->ifindex, nlmode);
6973 res = linux_set_iface_flags(drv->global->ioctl_sock,
6977 else if (ret != -EBUSY)
6980 wpa_printf(MSG_DEBUG, "nl80211: Failed to set "
6982 os_sleep(0, 100000);
6986 wpa_printf(MSG_DEBUG, "nl80211: Mode change succeeded while "
6987 "interface is down");
6988 drv->nlmode = nlmode;
6989 drv->ignore_if_down_event = 1;
6994 wpa_printf(MSG_DEBUG, "nl80211: Interface mode change to %d "
6995 "from %d failed", nlmode, drv->nlmode);
6999 if (is_ap_interface(nlmode)) {
7000 nl80211_mgmt_unsubscribe(bss, "start AP");
7001 /* Setup additional AP mode functionality if needed */
7002 if (nl80211_setup_ap(bss))
7004 } else if (was_ap) {
7005 /* Remove additional AP mode functionality */
7006 nl80211_teardown_ap(bss);
7008 nl80211_mgmt_unsubscribe(bss, "mode change");
7011 if (!is_ap_interface(nlmode) &&
7012 nl80211_mgmt_subscribe_non_ap(bss) < 0)
7013 wpa_printf(MSG_DEBUG, "nl80211: Failed to register Action "
7014 "frame processing - ignore for now");
7020 static int wpa_driver_nl80211_get_capa(void *priv,
7021 struct wpa_driver_capa *capa)
7023 struct i802_bss *bss = priv;
7024 struct wpa_driver_nl80211_data *drv = bss->drv;
7025 if (!drv->has_capability)
7027 os_memcpy(capa, &drv->capa, sizeof(*capa));
7032 static int wpa_driver_nl80211_set_operstate(void *priv, int state)
7034 struct i802_bss *bss = priv;
7035 struct wpa_driver_nl80211_data *drv = bss->drv;
7037 wpa_printf(MSG_DEBUG, "%s: operstate %d->%d (%s)",
7038 __func__, drv->operstate, state, state ? "UP" : "DORMANT");
7039 drv->operstate = state;
7040 return netlink_send_oper_ifla(drv->global->netlink, drv->ifindex, -1,
7041 state ? IF_OPER_UP : IF_OPER_DORMANT);
7045 static int wpa_driver_nl80211_set_supp_port(void *priv, int authorized)
7047 struct i802_bss *bss = priv;
7048 struct wpa_driver_nl80211_data *drv = bss->drv;
7050 struct nl80211_sta_flag_update upd;
7052 msg = nlmsg_alloc();
7056 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_STATION);
7058 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
7059 if_nametoindex(bss->ifname));
7060 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, drv->bssid);
7062 os_memset(&upd, 0, sizeof(upd));
7063 upd.mask = BIT(NL80211_STA_FLAG_AUTHORIZED);
7065 upd.set = BIT(NL80211_STA_FLAG_AUTHORIZED);
7066 NLA_PUT(msg, NL80211_ATTR_STA_FLAGS2, sizeof(upd), &upd);
7068 return send_and_recv_msgs(drv, msg, NULL, NULL);
7075 /* Set kernel driver on given frequency (MHz) */
7076 static int i802_set_freq(void *priv, struct hostapd_freq_params *freq)
7078 struct i802_bss *bss = priv;
7079 return wpa_driver_nl80211_set_freq(bss, freq->freq, freq->ht_enabled,
7080 freq->sec_channel_offset);
7084 #if defined(HOSTAPD) || defined(CONFIG_AP)
7086 static inline int min_int(int a, int b)
7094 static int get_key_handler(struct nl_msg *msg, void *arg)
7096 struct nlattr *tb[NL80211_ATTR_MAX + 1];
7097 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
7099 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
7100 genlmsg_attrlen(gnlh, 0), NULL);
7103 * TODO: validate the key index and mac address!
7104 * Otherwise, there's a race condition as soon as
7105 * the kernel starts sending key notifications.
7108 if (tb[NL80211_ATTR_KEY_SEQ])
7109 memcpy(arg, nla_data(tb[NL80211_ATTR_KEY_SEQ]),
7110 min_int(nla_len(tb[NL80211_ATTR_KEY_SEQ]), 6));
7115 static int i802_get_seqnum(const char *iface, void *priv, const u8 *addr,
7118 struct i802_bss *bss = priv;
7119 struct wpa_driver_nl80211_data *drv = bss->drv;
7122 msg = nlmsg_alloc();
7126 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_KEY);
7129 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
7130 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, idx);
7131 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(iface));
7135 return send_and_recv_msgs(drv, msg, get_key_handler, seq);
7142 static int i802_set_rts(void *priv, int rts)
7144 struct i802_bss *bss = priv;
7145 struct wpa_driver_nl80211_data *drv = bss->drv;
7150 msg = nlmsg_alloc();
7159 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_WIPHY);
7160 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
7161 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_RTS_THRESHOLD, val);
7163 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
7169 wpa_printf(MSG_DEBUG, "nl80211: Failed to set RTS threshold %d: "
7170 "%d (%s)", rts, ret, strerror(-ret));
7175 static int i802_set_frag(void *priv, int frag)
7177 struct i802_bss *bss = priv;
7178 struct wpa_driver_nl80211_data *drv = bss->drv;
7183 msg = nlmsg_alloc();
7192 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_WIPHY);
7193 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
7194 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FRAG_THRESHOLD, val);
7196 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
7202 wpa_printf(MSG_DEBUG, "nl80211: Failed to set fragmentation threshold "
7203 "%d: %d (%s)", frag, ret, strerror(-ret));
7208 static int i802_flush(void *priv)
7210 struct i802_bss *bss = priv;
7211 struct wpa_driver_nl80211_data *drv = bss->drv;
7215 msg = nlmsg_alloc();
7219 nl80211_cmd(drv, msg, 0, NL80211_CMD_DEL_STATION);
7222 * XXX: FIX! this needs to flush all VLANs too
7224 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
7225 if_nametoindex(bss->ifname));
7227 res = send_and_recv_msgs(drv, msg, NULL, NULL);
7229 wpa_printf(MSG_DEBUG, "nl80211: Station flush failed: ret=%d "
7230 "(%s)", res, strerror(-res));
7239 static int get_sta_handler(struct nl_msg *msg, void *arg)
7241 struct nlattr *tb[NL80211_ATTR_MAX + 1];
7242 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
7243 struct hostap_sta_driver_data *data = arg;
7244 struct nlattr *stats[NL80211_STA_INFO_MAX + 1];
7245 static struct nla_policy stats_policy[NL80211_STA_INFO_MAX + 1] = {
7246 [NL80211_STA_INFO_INACTIVE_TIME] = { .type = NLA_U32 },
7247 [NL80211_STA_INFO_RX_BYTES] = { .type = NLA_U32 },
7248 [NL80211_STA_INFO_TX_BYTES] = { .type = NLA_U32 },
7249 [NL80211_STA_INFO_RX_PACKETS] = { .type = NLA_U32 },
7250 [NL80211_STA_INFO_TX_PACKETS] = { .type = NLA_U32 },
7253 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
7254 genlmsg_attrlen(gnlh, 0), NULL);
7257 * TODO: validate the interface and mac address!
7258 * Otherwise, there's a race condition as soon as
7259 * the kernel starts sending station notifications.
7262 if (!tb[NL80211_ATTR_STA_INFO]) {
7263 wpa_printf(MSG_DEBUG, "sta stats missing!");
7266 if (nla_parse_nested(stats, NL80211_STA_INFO_MAX,
7267 tb[NL80211_ATTR_STA_INFO],
7269 wpa_printf(MSG_DEBUG, "failed to parse nested attributes!");
7273 if (stats[NL80211_STA_INFO_INACTIVE_TIME])
7274 data->inactive_msec =
7275 nla_get_u32(stats[NL80211_STA_INFO_INACTIVE_TIME]);
7276 if (stats[NL80211_STA_INFO_RX_BYTES])
7277 data->rx_bytes = nla_get_u32(stats[NL80211_STA_INFO_RX_BYTES]);
7278 if (stats[NL80211_STA_INFO_TX_BYTES])
7279 data->tx_bytes = nla_get_u32(stats[NL80211_STA_INFO_TX_BYTES]);
7280 if (stats[NL80211_STA_INFO_RX_PACKETS])
7282 nla_get_u32(stats[NL80211_STA_INFO_RX_PACKETS]);
7283 if (stats[NL80211_STA_INFO_TX_PACKETS])
7285 nla_get_u32(stats[NL80211_STA_INFO_TX_PACKETS]);
7290 static int i802_read_sta_data(void *priv, struct hostap_sta_driver_data *data,
7293 struct i802_bss *bss = priv;
7294 struct wpa_driver_nl80211_data *drv = bss->drv;
7297 os_memset(data, 0, sizeof(*data));
7298 msg = nlmsg_alloc();
7302 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_STATION);
7304 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
7305 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(bss->ifname));
7307 return send_and_recv_msgs(drv, msg, get_sta_handler, data);
7314 static int i802_set_tx_queue_params(void *priv, int queue, int aifs,
7315 int cw_min, int cw_max, int burst_time)
7317 struct i802_bss *bss = priv;
7318 struct wpa_driver_nl80211_data *drv = bss->drv;
7320 struct nlattr *txq, *params;
7322 msg = nlmsg_alloc();
7326 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_WIPHY);
7328 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(bss->ifname));
7330 txq = nla_nest_start(msg, NL80211_ATTR_WIPHY_TXQ_PARAMS);
7332 goto nla_put_failure;
7334 /* We are only sending parameters for a single TXQ at a time */
7335 params = nla_nest_start(msg, 1);
7337 goto nla_put_failure;
7341 NLA_PUT_U8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_VO);
7344 NLA_PUT_U8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_VI);
7347 NLA_PUT_U8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_BE);
7350 NLA_PUT_U8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_BK);
7353 /* Burst time is configured in units of 0.1 msec and TXOP parameter in
7354 * 32 usec, so need to convert the value here. */
7355 NLA_PUT_U16(msg, NL80211_TXQ_ATTR_TXOP, (burst_time * 100 + 16) / 32);
7356 NLA_PUT_U16(msg, NL80211_TXQ_ATTR_CWMIN, cw_min);
7357 NLA_PUT_U16(msg, NL80211_TXQ_ATTR_CWMAX, cw_max);
7358 NLA_PUT_U8(msg, NL80211_TXQ_ATTR_AIFS, aifs);
7360 nla_nest_end(msg, params);
7362 nla_nest_end(msg, txq);
7364 if (send_and_recv_msgs(drv, msg, NULL, NULL) == 0)
7373 static int i802_set_sta_vlan(void *priv, const u8 *addr,
7374 const char *ifname, int vlan_id)
7376 struct i802_bss *bss = priv;
7377 struct wpa_driver_nl80211_data *drv = bss->drv;
7381 msg = nlmsg_alloc();
7385 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_STATION);
7387 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
7388 if_nametoindex(bss->ifname));
7389 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
7390 NLA_PUT_U32(msg, NL80211_ATTR_STA_VLAN,
7391 if_nametoindex(ifname));
7393 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
7396 wpa_printf(MSG_ERROR, "nl80211: NL80211_ATTR_STA_VLAN (addr="
7397 MACSTR " ifname=%s vlan_id=%d) failed: %d (%s)",
7398 MAC2STR(addr), ifname, vlan_id, ret,
7407 static int i802_get_inact_sec(void *priv, const u8 *addr)
7409 struct hostap_sta_driver_data data;
7412 data.inactive_msec = (unsigned long) -1;
7413 ret = i802_read_sta_data(priv, &data, addr);
7414 if (ret || data.inactive_msec == (unsigned long) -1)
7416 return data.inactive_msec / 1000;
7420 static int i802_sta_clear_stats(void *priv, const u8 *addr)
7429 static int i802_sta_deauth(void *priv, const u8 *own_addr, const u8 *addr,
7432 struct i802_bss *bss = priv;
7433 struct wpa_driver_nl80211_data *drv = bss->drv;
7434 struct ieee80211_mgmt mgmt;
7436 if (drv->device_ap_sme)
7437 return wpa_driver_nl80211_sta_remove(bss, addr);
7439 memset(&mgmt, 0, sizeof(mgmt));
7440 mgmt.frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT,
7441 WLAN_FC_STYPE_DEAUTH);
7442 memcpy(mgmt.da, addr, ETH_ALEN);
7443 memcpy(mgmt.sa, own_addr, ETH_ALEN);
7444 memcpy(mgmt.bssid, own_addr, ETH_ALEN);
7445 mgmt.u.deauth.reason_code = host_to_le16(reason);
7446 return wpa_driver_nl80211_send_mlme(bss, (u8 *) &mgmt,
7448 sizeof(mgmt.u.deauth), 0);
7452 static int i802_sta_disassoc(void *priv, const u8 *own_addr, const u8 *addr,
7455 struct i802_bss *bss = priv;
7456 struct wpa_driver_nl80211_data *drv = bss->drv;
7457 struct ieee80211_mgmt mgmt;
7459 if (drv->device_ap_sme)
7460 return wpa_driver_nl80211_sta_remove(bss, addr);
7462 memset(&mgmt, 0, sizeof(mgmt));
7463 mgmt.frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT,
7464 WLAN_FC_STYPE_DISASSOC);
7465 memcpy(mgmt.da, addr, ETH_ALEN);
7466 memcpy(mgmt.sa, own_addr, ETH_ALEN);
7467 memcpy(mgmt.bssid, own_addr, ETH_ALEN);
7468 mgmt.u.disassoc.reason_code = host_to_le16(reason);
7469 return wpa_driver_nl80211_send_mlme(bss, (u8 *) &mgmt,
7471 sizeof(mgmt.u.disassoc), 0);
7474 #endif /* HOSTAPD || CONFIG_AP */
7478 static void add_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx)
7483 wpa_printf(MSG_DEBUG, "nl80211: Add own interface ifindex %d",
7485 for (i = 0; i < drv->num_if_indices; i++) {
7486 if (drv->if_indices[i] == 0) {
7487 drv->if_indices[i] = ifidx;
7492 if (drv->if_indices != drv->default_if_indices)
7493 old = drv->if_indices;
7497 drv->if_indices = os_realloc(old,
7498 sizeof(int) * (drv->num_if_indices + 1));
7499 if (!drv->if_indices) {
7501 drv->if_indices = drv->default_if_indices;
7503 drv->if_indices = old;
7504 wpa_printf(MSG_ERROR, "Failed to reallocate memory for "
7506 wpa_printf(MSG_ERROR, "Ignoring EAPOL on interface %d", ifidx);
7509 os_memcpy(drv->if_indices, drv->default_if_indices,
7510 sizeof(drv->default_if_indices));
7511 drv->if_indices[drv->num_if_indices] = ifidx;
7512 drv->num_if_indices++;
7516 static void del_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx)
7520 for (i = 0; i < drv->num_if_indices; i++) {
7521 if (drv->if_indices[i] == ifidx) {
7522 drv->if_indices[i] = 0;
7529 static int have_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx)
7533 for (i = 0; i < drv->num_if_indices; i++)
7534 if (drv->if_indices[i] == ifidx)
7541 static int i802_set_wds_sta(void *priv, const u8 *addr, int aid, int val,
7542 const char *bridge_ifname)
7544 struct i802_bss *bss = priv;
7545 struct wpa_driver_nl80211_data *drv = bss->drv;
7546 char name[IFNAMSIZ + 1];
7548 os_snprintf(name, sizeof(name), "%s.sta%d", bss->ifname, aid);
7549 wpa_printf(MSG_DEBUG, "nl80211: Set WDS STA addr=" MACSTR
7550 " aid=%d val=%d name=%s", MAC2STR(addr), aid, val, name);
7552 if (!if_nametoindex(name)) {
7553 if (nl80211_create_iface(drv, name,
7554 NL80211_IFTYPE_AP_VLAN,
7557 if (bridge_ifname &&
7558 linux_br_add_if(drv->global->ioctl_sock,
7559 bridge_ifname, name) < 0)
7562 linux_set_iface_flags(drv->global->ioctl_sock, name, 1);
7563 return i802_set_sta_vlan(priv, addr, name, 0);
7565 i802_set_sta_vlan(priv, addr, bss->ifname, 0);
7566 return wpa_driver_nl80211_if_remove(priv, WPA_IF_AP_VLAN,
7572 static void handle_eapol(int sock, void *eloop_ctx, void *sock_ctx)
7574 struct wpa_driver_nl80211_data *drv = eloop_ctx;
7575 struct sockaddr_ll lladdr;
7576 unsigned char buf[3000];
7578 socklen_t fromlen = sizeof(lladdr);
7580 len = recvfrom(sock, buf, sizeof(buf), 0,
7581 (struct sockaddr *)&lladdr, &fromlen);
7587 if (have_ifidx(drv, lladdr.sll_ifindex))
7588 drv_event_eapol_rx(drv->ctx, lladdr.sll_addr, buf, len);
7592 static int i802_check_bridge(struct wpa_driver_nl80211_data *drv,
7593 struct i802_bss *bss,
7594 const char *brname, const char *ifname)
7597 char in_br[IFNAMSIZ];
7599 os_strlcpy(bss->brname, brname, IFNAMSIZ);
7600 ifindex = if_nametoindex(brname);
7603 * Bridge was configured, but the bridge device does
7604 * not exist. Try to add it now.
7606 if (linux_br_add(drv->global->ioctl_sock, brname) < 0) {
7607 wpa_printf(MSG_ERROR, "nl80211: Failed to add the "
7608 "bridge interface %s: %s",
7609 brname, strerror(errno));
7612 bss->added_bridge = 1;
7613 add_ifidx(drv, if_nametoindex(brname));
7616 if (linux_br_get(in_br, ifname) == 0) {
7617 if (os_strcmp(in_br, brname) == 0)
7618 return 0; /* already in the bridge */
7620 wpa_printf(MSG_DEBUG, "nl80211: Removing interface %s from "
7621 "bridge %s", ifname, in_br);
7622 if (linux_br_del_if(drv->global->ioctl_sock, in_br, ifname) <
7624 wpa_printf(MSG_ERROR, "nl80211: Failed to "
7625 "remove interface %s from bridge "
7627 ifname, brname, strerror(errno));
7632 wpa_printf(MSG_DEBUG, "nl80211: Adding interface %s into bridge %s",
7634 if (linux_br_add_if(drv->global->ioctl_sock, brname, ifname) < 0) {
7635 wpa_printf(MSG_ERROR, "nl80211: Failed to add interface %s "
7636 "into bridge %s: %s",
7637 ifname, brname, strerror(errno));
7640 bss->added_if_into_bridge = 1;
7646 static void *i802_init(struct hostapd_data *hapd,
7647 struct wpa_init_params *params)
7649 struct wpa_driver_nl80211_data *drv;
7650 struct i802_bss *bss;
7652 char brname[IFNAMSIZ];
7653 int ifindex, br_ifindex;
7656 bss = wpa_driver_nl80211_init(hapd, params->ifname,
7657 params->global_priv);
7662 drv->nlmode = NL80211_IFTYPE_AP;
7663 drv->eapol_sock = -1;
7665 if (linux_br_get(brname, params->ifname) == 0) {
7666 wpa_printf(MSG_DEBUG, "nl80211: Interface %s is in bridge %s",
7667 params->ifname, brname);
7668 br_ifindex = if_nametoindex(brname);
7674 drv->num_if_indices = sizeof(drv->default_if_indices) / sizeof(int);
7675 drv->if_indices = drv->default_if_indices;
7676 for (i = 0; i < params->num_bridge; i++) {
7677 if (params->bridge[i]) {
7678 ifindex = if_nametoindex(params->bridge[i]);
7680 add_ifidx(drv, ifindex);
7681 if (ifindex == br_ifindex)
7685 if (!br_added && br_ifindex &&
7686 (params->num_bridge == 0 || !params->bridge[0]))
7687 add_ifidx(drv, br_ifindex);
7689 /* start listening for EAPOL on the default AP interface */
7690 add_ifidx(drv, drv->ifindex);
7692 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 0))
7695 if (params->bssid) {
7696 if (linux_set_ifhwaddr(drv->global->ioctl_sock, bss->ifname,
7701 if (wpa_driver_nl80211_set_mode(bss, drv->nlmode)) {
7702 wpa_printf(MSG_ERROR, "nl80211: Failed to set interface %s "
7703 "into AP mode", bss->ifname);
7707 if (params->num_bridge && params->bridge[0] &&
7708 i802_check_bridge(drv, bss, params->bridge[0], params->ifname) < 0)
7711 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 1))
7714 drv->eapol_sock = socket(PF_PACKET, SOCK_DGRAM, htons(ETH_P_PAE));
7715 if (drv->eapol_sock < 0) {
7716 perror("socket(PF_PACKET, SOCK_DGRAM, ETH_P_PAE)");
7720 if (eloop_register_read_sock(drv->eapol_sock, handle_eapol, drv, NULL))
7722 printf("Could not register read socket for eapol\n");
7726 if (linux_get_ifhwaddr(drv->global->ioctl_sock, bss->ifname,
7730 memcpy(bss->addr, params->own_addr, ETH_ALEN);
7735 wpa_driver_nl80211_deinit(bss);
7740 static void i802_deinit(void *priv)
7742 wpa_driver_nl80211_deinit(priv);
7745 #endif /* HOSTAPD */
7748 static enum nl80211_iftype wpa_driver_nl80211_if_type(
7749 enum wpa_driver_if_type type)
7752 case WPA_IF_STATION:
7753 return NL80211_IFTYPE_STATION;
7754 case WPA_IF_P2P_CLIENT:
7755 case WPA_IF_P2P_GROUP:
7756 return NL80211_IFTYPE_P2P_CLIENT;
7757 case WPA_IF_AP_VLAN:
7758 return NL80211_IFTYPE_AP_VLAN;
7760 return NL80211_IFTYPE_AP;
7762 return NL80211_IFTYPE_P2P_GO;
7770 static int nl80211_addr_in_use(struct nl80211_global *global, const u8 *addr)
7772 struct wpa_driver_nl80211_data *drv;
7773 dl_list_for_each(drv, &global->interfaces,
7774 struct wpa_driver_nl80211_data, list) {
7775 if (os_memcmp(addr, drv->first_bss.addr, ETH_ALEN) == 0)
7782 static int nl80211_p2p_interface_addr(struct wpa_driver_nl80211_data *drv,
7790 os_memcpy(new_addr, drv->first_bss.addr, ETH_ALEN);
7791 for (idx = 0; idx < 64; idx++) {
7792 new_addr[0] = drv->first_bss.addr[0] | 0x02;
7793 new_addr[0] ^= idx << 2;
7794 if (!nl80211_addr_in_use(drv->global, new_addr))
7800 wpa_printf(MSG_DEBUG, "nl80211: Assigned new P2P Interface Address "
7801 MACSTR, MAC2STR(new_addr));
7806 #endif /* CONFIG_P2P */
7809 static int wpa_driver_nl80211_if_add(void *priv, enum wpa_driver_if_type type,
7810 const char *ifname, const u8 *addr,
7811 void *bss_ctx, void **drv_priv,
7812 char *force_ifname, u8 *if_addr,
7815 struct i802_bss *bss = priv;
7816 struct wpa_driver_nl80211_data *drv = bss->drv;
7819 struct i802_bss *new_bss = NULL;
7821 if (type == WPA_IF_AP_BSS) {
7822 new_bss = os_zalloc(sizeof(*new_bss));
7823 if (new_bss == NULL)
7826 #endif /* HOSTAPD */
7829 os_memcpy(if_addr, addr, ETH_ALEN);
7830 ifidx = nl80211_create_iface(drv, ifname,
7831 wpa_driver_nl80211_if_type(type), addr,
7836 #endif /* HOSTAPD */
7841 linux_get_ifhwaddr(drv->global->ioctl_sock, bss->ifname,
7843 nl80211_remove_iface(drv, ifidx);
7849 (type == WPA_IF_P2P_CLIENT || type == WPA_IF_P2P_GROUP ||
7850 type == WPA_IF_P2P_GO)) {
7851 /* Enforce unique P2P Interface Address */
7852 u8 new_addr[ETH_ALEN], own_addr[ETH_ALEN];
7854 if (linux_get_ifhwaddr(drv->global->ioctl_sock, bss->ifname,
7856 linux_get_ifhwaddr(drv->global->ioctl_sock, ifname,
7858 nl80211_remove_iface(drv, ifidx);
7861 if (os_memcmp(own_addr, new_addr, ETH_ALEN) == 0) {
7862 wpa_printf(MSG_DEBUG, "nl80211: Allocate new address "
7863 "for P2P group interface");
7864 if (nl80211_p2p_interface_addr(drv, new_addr) < 0) {
7865 nl80211_remove_iface(drv, ifidx);
7868 if (linux_set_ifhwaddr(drv->global->ioctl_sock, ifname,
7870 nl80211_remove_iface(drv, ifidx);
7874 os_memcpy(if_addr, new_addr, ETH_ALEN);
7876 #endif /* CONFIG_P2P */
7880 i802_check_bridge(drv, new_bss, bridge, ifname) < 0) {
7881 wpa_printf(MSG_ERROR, "nl80211: Failed to add the new "
7882 "interface %s to a bridge %s", ifname, bridge);
7883 nl80211_remove_iface(drv, ifidx);
7888 if (type == WPA_IF_AP_BSS) {
7889 if (linux_set_iface_flags(drv->global->ioctl_sock, ifname, 1))
7891 nl80211_remove_iface(drv, ifidx);
7895 os_strlcpy(new_bss->ifname, ifname, IFNAMSIZ);
7896 os_memcpy(new_bss->addr, if_addr, ETH_ALEN);
7897 new_bss->ifindex = ifidx;
7899 new_bss->next = drv->first_bss.next;
7900 new_bss->freq = drv->first_bss.freq;
7901 drv->first_bss.next = new_bss;
7903 *drv_priv = new_bss;
7904 nl80211_init_bss(new_bss);
7906 /* Subscribe management frames for this WPA_IF_AP_BSS */
7907 if (nl80211_setup_ap(new_bss))
7910 #endif /* HOSTAPD */
7913 drv->global->if_add_ifindex = ifidx;
7919 static int wpa_driver_nl80211_if_remove(void *priv,
7920 enum wpa_driver_if_type type,
7923 struct i802_bss *bss = priv;
7924 struct wpa_driver_nl80211_data *drv = bss->drv;
7925 int ifindex = if_nametoindex(ifname);
7927 wpa_printf(MSG_DEBUG, "nl80211: %s(type=%d ifname=%s) ifindex=%d",
7928 __func__, type, ifname, ifindex);
7933 if (bss->added_if_into_bridge) {
7934 if (linux_br_del_if(drv->global->ioctl_sock, bss->brname,
7936 wpa_printf(MSG_INFO, "nl80211: Failed to remove "
7937 "interface %s from bridge %s: %s",
7938 bss->ifname, bss->brname, strerror(errno));
7940 if (bss->added_bridge) {
7941 if (linux_br_del(drv->global->ioctl_sock, bss->brname) < 0)
7942 wpa_printf(MSG_INFO, "nl80211: Failed to remove "
7944 bss->brname, strerror(errno));
7946 #endif /* HOSTAPD */
7948 nl80211_remove_iface(drv, ifindex);
7951 if (type != WPA_IF_AP_BSS)
7954 if (bss != &drv->first_bss) {
7955 struct i802_bss *tbss;
7957 for (tbss = &drv->first_bss; tbss; tbss = tbss->next) {
7958 if (tbss->next == bss) {
7959 tbss->next = bss->next;
7960 /* Unsubscribe management frames */
7961 nl80211_teardown_ap(bss);
7962 nl80211_destroy_bss(bss);
7969 wpa_printf(MSG_INFO, "nl80211: %s - could not find "
7970 "BSS %p in the list", __func__, bss);
7972 #endif /* HOSTAPD */
7978 static int cookie_handler(struct nl_msg *msg, void *arg)
7980 struct nlattr *tb[NL80211_ATTR_MAX + 1];
7981 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
7983 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
7984 genlmsg_attrlen(gnlh, 0), NULL);
7985 if (tb[NL80211_ATTR_COOKIE])
7986 *cookie = nla_get_u64(tb[NL80211_ATTR_COOKIE]);
7991 static int nl80211_send_frame_cmd(struct i802_bss *bss,
7992 unsigned int freq, unsigned int wait,
7993 const u8 *buf, size_t buf_len,
7994 u64 *cookie_out, int no_cck, int no_ack,
7997 struct wpa_driver_nl80211_data *drv = bss->drv;
8002 msg = nlmsg_alloc();
8006 nl80211_cmd(drv, msg, 0, NL80211_CMD_FRAME);
8008 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, bss->ifindex);
8009 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, freq);
8011 NLA_PUT_U32(msg, NL80211_ATTR_DURATION, wait);
8012 if (offchanok && (drv->capa.flags & WPA_DRIVER_FLAGS_OFFCHANNEL_TX))
8013 NLA_PUT_FLAG(msg, NL80211_ATTR_OFFCHANNEL_TX_OK);
8015 NLA_PUT_FLAG(msg, NL80211_ATTR_TX_NO_CCK_RATE);
8017 NLA_PUT_FLAG(msg, NL80211_ATTR_DONT_WAIT_FOR_ACK);
8019 NLA_PUT(msg, NL80211_ATTR_FRAME, buf_len, buf);
8022 ret = send_and_recv_msgs(drv, msg, cookie_handler, &cookie);
8025 wpa_printf(MSG_DEBUG, "nl80211: Frame command failed: ret=%d "
8026 "(%s) (freq=%u wait=%u)", ret, strerror(-ret),
8028 goto nla_put_failure;
8030 wpa_printf(MSG_DEBUG, "nl80211: Frame TX command accepted%s; "
8031 "cookie 0x%llx", no_ack ? " (no ACK)" : "",
8032 (long long unsigned int) cookie);
8035 *cookie_out = no_ack ? (u64) -1 : cookie;
8043 static int wpa_driver_nl80211_send_action(void *priv, unsigned int freq,
8044 unsigned int wait_time,
8045 const u8 *dst, const u8 *src,
8047 const u8 *data, size_t data_len,
8050 struct i802_bss *bss = priv;
8051 struct wpa_driver_nl80211_data *drv = bss->drv;
8054 struct ieee80211_hdr *hdr;
8056 wpa_printf(MSG_DEBUG, "nl80211: Send Action frame (ifindex=%d, "
8057 "freq=%u MHz wait=%d ms no_cck=%d)",
8058 drv->ifindex, freq, wait_time, no_cck);
8060 buf = os_zalloc(24 + data_len);
8063 os_memcpy(buf + 24, data, data_len);
8064 hdr = (struct ieee80211_hdr *) buf;
8065 hdr->frame_control =
8066 IEEE80211_FC(WLAN_FC_TYPE_MGMT, WLAN_FC_STYPE_ACTION);
8067 os_memcpy(hdr->addr1, dst, ETH_ALEN);
8068 os_memcpy(hdr->addr2, src, ETH_ALEN);
8069 os_memcpy(hdr->addr3, bssid, ETH_ALEN);
8071 if (is_ap_interface(drv->nlmode))
8072 ret = wpa_driver_nl80211_send_mlme_freq(priv, buf,
8077 ret = nl80211_send_frame_cmd(bss, freq, wait_time, buf,
8079 &drv->send_action_cookie,
8087 static void wpa_driver_nl80211_send_action_cancel_wait(void *priv)
8089 struct i802_bss *bss = priv;
8090 struct wpa_driver_nl80211_data *drv = bss->drv;
8094 msg = nlmsg_alloc();
8098 nl80211_cmd(drv, msg, 0, NL80211_CMD_FRAME_WAIT_CANCEL);
8100 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
8101 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, drv->send_action_cookie);
8103 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
8106 wpa_printf(MSG_DEBUG, "nl80211: wait cancel failed: ret=%d "
8107 "(%s)", ret, strerror(-ret));
8114 static int wpa_driver_nl80211_remain_on_channel(void *priv, unsigned int freq,
8115 unsigned int duration)
8117 struct i802_bss *bss = priv;
8118 struct wpa_driver_nl80211_data *drv = bss->drv;
8123 msg = nlmsg_alloc();
8127 nl80211_cmd(drv, msg, 0, NL80211_CMD_REMAIN_ON_CHANNEL);
8129 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
8130 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, freq);
8131 NLA_PUT_U32(msg, NL80211_ATTR_DURATION, duration);
8134 ret = send_and_recv_msgs(drv, msg, cookie_handler, &cookie);
8137 wpa_printf(MSG_DEBUG, "nl80211: Remain-on-channel cookie "
8138 "0x%llx for freq=%u MHz duration=%u",
8139 (long long unsigned int) cookie, freq, duration);
8140 drv->remain_on_chan_cookie = cookie;
8141 drv->pending_remain_on_chan = 1;
8144 wpa_printf(MSG_DEBUG, "nl80211: Failed to request remain-on-channel "
8145 "(freq=%d duration=%u): %d (%s)",
8146 freq, duration, ret, strerror(-ret));
8153 static int wpa_driver_nl80211_cancel_remain_on_channel(void *priv)
8155 struct i802_bss *bss = priv;
8156 struct wpa_driver_nl80211_data *drv = bss->drv;
8160 if (!drv->pending_remain_on_chan) {
8161 wpa_printf(MSG_DEBUG, "nl80211: No pending remain-on-channel "
8166 wpa_printf(MSG_DEBUG, "nl80211: Cancel remain-on-channel with cookie "
8168 (long long unsigned int) drv->remain_on_chan_cookie);
8170 msg = nlmsg_alloc();
8174 nl80211_cmd(drv, msg, 0, NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL);
8176 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
8177 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, drv->remain_on_chan_cookie);
8179 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
8183 wpa_printf(MSG_DEBUG, "nl80211: Failed to cancel remain-on-channel: "
8184 "%d (%s)", ret, strerror(-ret));
8191 static int wpa_driver_nl80211_probe_req_report(void *priv, int report)
8193 struct i802_bss *bss = priv;
8194 struct wpa_driver_nl80211_data *drv = bss->drv;
8197 if (bss->nl_preq && drv->device_ap_sme &&
8198 is_ap_interface(drv->nlmode)) {
8200 * Do not disable Probe Request reporting that was
8201 * enabled in nl80211_setup_ap().
8203 wpa_printf(MSG_DEBUG, "nl80211: Skip disabling of "
8204 "Probe Request reporting nl_preq=%p while "
8205 "in AP mode", bss->nl_preq);
8206 } else if (bss->nl_preq) {
8207 wpa_printf(MSG_DEBUG, "nl80211: Disable Probe Request "
8208 "reporting nl_preq=%p", bss->nl_preq);
8209 eloop_unregister_read_sock(
8210 nl_socket_get_fd(bss->nl_preq));
8211 nl_destroy_handles(&bss->nl_preq);
8217 wpa_printf(MSG_DEBUG, "nl80211: Probe Request reporting "
8218 "already on! nl_preq=%p", bss->nl_preq);
8222 bss->nl_preq = nl_create_handle(drv->global->nl_cb, "preq");
8223 if (bss->nl_preq == NULL)
8225 wpa_printf(MSG_DEBUG, "nl80211: Enable Probe Request "
8226 "reporting nl_preq=%p", bss->nl_preq);
8228 if (nl80211_register_frame(bss, bss->nl_preq,
8229 (WLAN_FC_TYPE_MGMT << 2) |
8230 (WLAN_FC_STYPE_PROBE_REQ << 4),
8234 eloop_register_read_sock(nl_socket_get_fd(bss->nl_preq),
8235 wpa_driver_nl80211_event_receive, bss->nl_cb,
8241 nl_destroy_handles(&bss->nl_preq);
8246 static int nl80211_disable_11b_rates(struct wpa_driver_nl80211_data *drv,
8247 int ifindex, int disabled)
8250 struct nlattr *bands, *band;
8253 msg = nlmsg_alloc();
8257 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_TX_BITRATE_MASK);
8258 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifindex);
8260 bands = nla_nest_start(msg, NL80211_ATTR_TX_RATES);
8262 goto nla_put_failure;
8265 * Disable 2 GHz rates 1, 2, 5.5, 11 Mbps by masking out everything
8266 * else apart from 6, 9, 12, 18, 24, 36, 48, 54 Mbps from non-MCS
8267 * rates. All 5 GHz rates are left enabled.
8269 band = nla_nest_start(msg, NL80211_BAND_2GHZ);
8271 goto nla_put_failure;
8273 NLA_PUT(msg, NL80211_TXRATE_LEGACY, 8,
8274 "\x0c\x12\x18\x24\x30\x48\x60\x6c");
8276 nla_nest_end(msg, band);
8278 nla_nest_end(msg, bands);
8280 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
8283 wpa_printf(MSG_DEBUG, "nl80211: Set TX rates failed: ret=%d "
8284 "(%s)", ret, strerror(-ret));
8295 static int wpa_driver_nl80211_deinit_ap(void *priv)
8297 struct i802_bss *bss = priv;
8298 struct wpa_driver_nl80211_data *drv = bss->drv;
8299 if (!is_ap_interface(drv->nlmode))
8301 wpa_driver_nl80211_del_beacon(drv);
8302 return wpa_driver_nl80211_set_mode(priv, NL80211_IFTYPE_STATION);
8306 static void wpa_driver_nl80211_resume(void *priv)
8308 struct i802_bss *bss = priv;
8309 struct wpa_driver_nl80211_data *drv = bss->drv;
8310 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 1)) {
8311 wpa_printf(MSG_DEBUG, "nl80211: Failed to set interface up on "
8317 static int nl80211_send_ft_action(void *priv, u8 action, const u8 *target_ap,
8318 const u8 *ies, size_t ies_len)
8320 struct i802_bss *bss = priv;
8321 struct wpa_driver_nl80211_data *drv = bss->drv;
8325 const u8 *own_addr = bss->addr;
8328 wpa_printf(MSG_ERROR, "nl80211: Unsupported send_ft_action "
8329 "action %d", action);
8334 * Action frame payload:
8335 * Category[1] = 6 (Fast BSS Transition)
8336 * Action[1] = 1 (Fast BSS Transition Request)
8342 data_len = 2 + 2 * ETH_ALEN + ies_len;
8343 data = os_malloc(data_len);
8347 *pos++ = 0x06; /* FT Action category */
8349 os_memcpy(pos, own_addr, ETH_ALEN);
8351 os_memcpy(pos, target_ap, ETH_ALEN);
8353 os_memcpy(pos, ies, ies_len);
8355 ret = wpa_driver_nl80211_send_action(bss, drv->assoc_freq, 0,
8356 drv->bssid, own_addr, drv->bssid,
8364 static int nl80211_signal_monitor(void *priv, int threshold, int hysteresis)
8366 struct i802_bss *bss = priv;
8367 struct wpa_driver_nl80211_data *drv = bss->drv;
8368 struct nl_msg *msg, *cqm = NULL;
8370 wpa_printf(MSG_DEBUG, "nl80211: Signal monitor threshold=%d "
8371 "hysteresis=%d", threshold, hysteresis);
8373 msg = nlmsg_alloc();
8377 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_CQM);
8379 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, bss->ifindex);
8381 cqm = nlmsg_alloc();
8385 NLA_PUT_U32(cqm, NL80211_ATTR_CQM_RSSI_THOLD, threshold);
8386 NLA_PUT_U32(cqm, NL80211_ATTR_CQM_RSSI_HYST, hysteresis);
8387 nla_put_nested(msg, NL80211_ATTR_CQM, cqm);
8389 if (send_and_recv_msgs(drv, msg, NULL, NULL) == 0)
8400 static int nl80211_signal_poll(void *priv, struct wpa_signal_info *si)
8402 struct i802_bss *bss = priv;
8403 struct wpa_driver_nl80211_data *drv = bss->drv;
8406 os_memset(si, 0, sizeof(*si));
8407 res = nl80211_get_link_signal(drv, si);
8411 return nl80211_get_link_noise(drv, si);
8415 static int wpa_driver_nl80211_shared_freq(void *priv)
8417 struct i802_bss *bss = priv;
8418 struct wpa_driver_nl80211_data *drv = bss->drv;
8419 struct wpa_driver_nl80211_data *driver;
8423 * If the same PHY is in connected state with some other interface,
8424 * then retrieve the assoc freq.
8426 wpa_printf(MSG_DEBUG, "nl80211: Get shared freq for PHY %s",
8429 dl_list_for_each(driver, &drv->global->interfaces,
8430 struct wpa_driver_nl80211_data, list) {
8431 if (drv == driver ||
8432 os_strcmp(drv->phyname, driver->phyname) != 0 ||
8433 !driver->associated)
8436 wpa_printf(MSG_DEBUG, "nl80211: Found a match for PHY %s - %s "
8438 driver->phyname, driver->first_bss.ifname,
8439 MAC2STR(driver->first_bss.addr));
8440 freq = nl80211_get_assoc_freq(driver);
8441 wpa_printf(MSG_DEBUG, "nl80211: Shared freq for PHY %s: %d",
8442 drv->phyname, freq);
8446 wpa_printf(MSG_DEBUG, "nl80211: No shared interface for "
8447 "PHY (%s) in associated state", drv->phyname);
8453 static int nl80211_send_frame(void *priv, const u8 *data, size_t data_len,
8456 struct i802_bss *bss = priv;
8457 return wpa_driver_nl80211_send_frame(bss, data, data_len, encrypt, 0,
8462 static int nl80211_set_param(void *priv, const char *param)
8464 wpa_printf(MSG_DEBUG, "nl80211: driver param='%s'", param);
8469 if (os_strstr(param, "use_p2p_group_interface=1")) {
8470 struct i802_bss *bss = priv;
8471 struct wpa_driver_nl80211_data *drv = bss->drv;
8473 wpa_printf(MSG_DEBUG, "nl80211: Use separate P2P group "
8475 drv->capa.flags |= WPA_DRIVER_FLAGS_P2P_CONCURRENT;
8476 drv->capa.flags |= WPA_DRIVER_FLAGS_P2P_MGMT_AND_NON_P2P;
8478 #endif /* CONFIG_P2P */
8484 static void * nl80211_global_init(void)
8486 struct nl80211_global *global;
8487 struct netlink_config *cfg;
8489 global = os_zalloc(sizeof(*global));
8492 global->ioctl_sock = -1;
8493 dl_list_init(&global->interfaces);
8494 global->if_add_ifindex = -1;
8496 cfg = os_zalloc(sizeof(*cfg));
8501 cfg->newlink_cb = wpa_driver_nl80211_event_rtm_newlink;
8502 cfg->dellink_cb = wpa_driver_nl80211_event_rtm_dellink;
8503 global->netlink = netlink_init(cfg);
8504 if (global->netlink == NULL) {
8509 if (wpa_driver_nl80211_init_nl_global(global) < 0)
8512 global->ioctl_sock = socket(PF_INET, SOCK_DGRAM, 0);
8513 if (global->ioctl_sock < 0) {
8514 perror("socket(PF_INET,SOCK_DGRAM)");
8521 nl80211_global_deinit(global);
8526 static void nl80211_global_deinit(void *priv)
8528 struct nl80211_global *global = priv;
8531 if (!dl_list_empty(&global->interfaces)) {
8532 wpa_printf(MSG_ERROR, "nl80211: %u interface(s) remain at "
8533 "nl80211_global_deinit",
8534 dl_list_len(&global->interfaces));
8537 if (global->netlink)
8538 netlink_deinit(global->netlink);
8540 nl_destroy_handles(&global->nl);
8542 if (global->nl_event) {
8543 eloop_unregister_read_sock(
8544 nl_socket_get_fd(global->nl_event));
8545 nl_destroy_handles(&global->nl_event);
8548 nl_cb_put(global->nl_cb);
8550 if (global->ioctl_sock >= 0)
8551 close(global->ioctl_sock);
8557 static const char * nl80211_get_radio_name(void *priv)
8559 struct i802_bss *bss = priv;
8560 struct wpa_driver_nl80211_data *drv = bss->drv;
8561 return drv->phyname;
8565 static int nl80211_pmkid(struct i802_bss *bss, int cmd, const u8 *bssid,
8570 msg = nlmsg_alloc();
8574 nl80211_cmd(bss->drv, msg, 0, cmd);
8576 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(bss->ifname));
8578 NLA_PUT(msg, NL80211_ATTR_PMKID, 16, pmkid);
8580 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid);
8582 return send_and_recv_msgs(bss->drv, msg, NULL, NULL);
8589 static int nl80211_add_pmkid(void *priv, const u8 *bssid, const u8 *pmkid)
8591 struct i802_bss *bss = priv;
8592 wpa_printf(MSG_DEBUG, "nl80211: Add PMKID for " MACSTR, MAC2STR(bssid));
8593 return nl80211_pmkid(bss, NL80211_CMD_SET_PMKSA, bssid, pmkid);
8597 static int nl80211_remove_pmkid(void *priv, const u8 *bssid, const u8 *pmkid)
8599 struct i802_bss *bss = priv;
8600 wpa_printf(MSG_DEBUG, "nl80211: Delete PMKID for " MACSTR,
8602 return nl80211_pmkid(bss, NL80211_CMD_DEL_PMKSA, bssid, pmkid);
8606 static int nl80211_flush_pmkid(void *priv)
8608 struct i802_bss *bss = priv;
8609 wpa_printf(MSG_DEBUG, "nl80211: Flush PMKIDs");
8610 return nl80211_pmkid(bss, NL80211_CMD_FLUSH_PMKSA, NULL, NULL);
8614 static void nl80211_set_rekey_info(void *priv, const u8 *kek, const u8 *kck,
8615 const u8 *replay_ctr)
8617 struct i802_bss *bss = priv;
8618 struct wpa_driver_nl80211_data *drv = bss->drv;
8619 struct nlattr *replay_nested;
8622 msg = nlmsg_alloc();
8626 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_REKEY_OFFLOAD);
8628 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, bss->ifindex);
8630 replay_nested = nla_nest_start(msg, NL80211_ATTR_REKEY_DATA);
8632 goto nla_put_failure;
8634 NLA_PUT(msg, NL80211_REKEY_DATA_KEK, NL80211_KEK_LEN, kek);
8635 NLA_PUT(msg, NL80211_REKEY_DATA_KCK, NL80211_KCK_LEN, kck);
8636 NLA_PUT(msg, NL80211_REKEY_DATA_REPLAY_CTR, NL80211_REPLAY_CTR_LEN,
8639 nla_nest_end(msg, replay_nested);
8641 send_and_recv_msgs(drv, msg, NULL, NULL);
8648 static void nl80211_send_null_frame(struct i802_bss *bss, const u8 *own_addr,
8649 const u8 *addr, int qos)
8651 /* send data frame to poll STA and check whether
8652 * this frame is ACKed */
8654 struct ieee80211_hdr hdr;
8656 } STRUCT_PACKED nulldata;
8659 /* Send data frame to poll STA and check whether this frame is ACKed */
8661 os_memset(&nulldata, 0, sizeof(nulldata));
8664 nulldata.hdr.frame_control =
8665 IEEE80211_FC(WLAN_FC_TYPE_DATA,
8666 WLAN_FC_STYPE_QOS_NULL);
8667 size = sizeof(nulldata);
8669 nulldata.hdr.frame_control =
8670 IEEE80211_FC(WLAN_FC_TYPE_DATA,
8671 WLAN_FC_STYPE_NULLFUNC);
8672 size = sizeof(struct ieee80211_hdr);
8675 nulldata.hdr.frame_control |= host_to_le16(WLAN_FC_FROMDS);
8676 os_memcpy(nulldata.hdr.IEEE80211_DA_FROMDS, addr, ETH_ALEN);
8677 os_memcpy(nulldata.hdr.IEEE80211_BSSID_FROMDS, own_addr, ETH_ALEN);
8678 os_memcpy(nulldata.hdr.IEEE80211_SA_FROMDS, own_addr, ETH_ALEN);
8680 if (wpa_driver_nl80211_send_mlme(bss, (u8 *) &nulldata, size, 0) < 0)
8681 wpa_printf(MSG_DEBUG, "nl80211_send_null_frame: Failed to "
8685 static void nl80211_poll_client(void *priv, const u8 *own_addr, const u8 *addr,
8688 struct i802_bss *bss = priv;
8689 struct wpa_driver_nl80211_data *drv = bss->drv;
8692 if (!drv->poll_command_supported) {
8693 nl80211_send_null_frame(bss, own_addr, addr, qos);
8697 msg = nlmsg_alloc();
8701 nl80211_cmd(drv, msg, 0, NL80211_CMD_PROBE_CLIENT);
8703 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, bss->ifindex);
8704 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
8706 send_and_recv_msgs(drv, msg, NULL, NULL);
8713 static int nl80211_set_power_save(struct i802_bss *bss, int enabled)
8717 msg = nlmsg_alloc();
8721 nl80211_cmd(bss->drv, msg, 0, NL80211_CMD_SET_POWER_SAVE);
8722 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, bss->ifindex);
8723 NLA_PUT_U32(msg, NL80211_ATTR_PS_STATE,
8724 enabled ? NL80211_PS_ENABLED : NL80211_PS_DISABLED);
8725 return send_and_recv_msgs(bss->drv, msg, NULL, NULL);
8732 static int nl80211_set_p2p_powersave(void *priv, int legacy_ps, int opp_ps,
8735 struct i802_bss *bss = priv;
8737 wpa_printf(MSG_DEBUG, "nl80211: set_p2p_powersave (legacy_ps=%d "
8738 "opp_ps=%d ctwindow=%d)", legacy_ps, opp_ps, ctwindow);
8740 if (opp_ps != -1 || ctwindow != -1)
8741 return -1; /* Not yet supported */
8743 if (legacy_ps == -1)
8745 if (legacy_ps != 0 && legacy_ps != 1)
8746 return -1; /* Not yet supported */
8748 return nl80211_set_power_save(bss, legacy_ps);
8754 static int nl80211_send_tdls_mgmt(void *priv, const u8 *dst, u8 action_code,
8755 u8 dialog_token, u16 status_code,
8756 const u8 *buf, size_t len)
8758 struct i802_bss *bss = priv;
8759 struct wpa_driver_nl80211_data *drv = bss->drv;
8762 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT))
8768 msg = nlmsg_alloc();
8772 nl80211_cmd(drv, msg, 0, NL80211_CMD_TDLS_MGMT);
8773 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
8774 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, dst);
8775 NLA_PUT_U8(msg, NL80211_ATTR_TDLS_ACTION, action_code);
8776 NLA_PUT_U8(msg, NL80211_ATTR_TDLS_DIALOG_TOKEN, dialog_token);
8777 NLA_PUT_U16(msg, NL80211_ATTR_STATUS_CODE, status_code);
8778 NLA_PUT(msg, NL80211_ATTR_IE, len, buf);
8780 return send_and_recv_msgs(drv, msg, NULL, NULL);
8788 static int nl80211_tdls_oper(void *priv, enum tdls_oper oper, const u8 *peer)
8790 struct i802_bss *bss = priv;
8791 struct wpa_driver_nl80211_data *drv = bss->drv;
8793 enum nl80211_tdls_operation nl80211_oper;
8795 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT))
8799 case TDLS_DISCOVERY_REQ:
8800 nl80211_oper = NL80211_TDLS_DISCOVERY_REQ;
8803 nl80211_oper = NL80211_TDLS_SETUP;
8806 nl80211_oper = NL80211_TDLS_TEARDOWN;
8808 case TDLS_ENABLE_LINK:
8809 nl80211_oper = NL80211_TDLS_ENABLE_LINK;
8811 case TDLS_DISABLE_LINK:
8812 nl80211_oper = NL80211_TDLS_DISABLE_LINK;
8822 msg = nlmsg_alloc();
8826 nl80211_cmd(drv, msg, 0, NL80211_CMD_TDLS_OPER);
8827 NLA_PUT_U8(msg, NL80211_ATTR_TDLS_OPERATION, nl80211_oper);
8828 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
8829 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, peer);
8831 return send_and_recv_msgs(drv, msg, NULL, NULL);
8838 #endif /* CONFIG TDLS */
8843 typedef struct android_wifi_priv_cmd {
8847 } android_wifi_priv_cmd;
8849 static int drv_errors = 0;
8851 static void wpa_driver_send_hang_msg(struct wpa_driver_nl80211_data *drv)
8854 if (drv_errors > DRV_NUMBER_SEQUENTIAL_ERRORS) {
8856 wpa_msg(drv->ctx, MSG_INFO, WPA_EVENT_DRIVER_STATE "HANGED");
8861 static int android_priv_cmd(struct i802_bss *bss, const char *cmd)
8863 struct wpa_driver_nl80211_data *drv = bss->drv;
8865 android_wifi_priv_cmd priv_cmd;
8866 char buf[MAX_DRV_CMD_SIZE];
8869 os_memset(&ifr, 0, sizeof(ifr));
8870 os_memset(&priv_cmd, 0, sizeof(priv_cmd));
8871 os_strlcpy(ifr.ifr_name, bss->ifname, IFNAMSIZ);
8873 os_memset(buf, 0, sizeof(buf));
8874 os_strlcpy(buf, cmd, sizeof(buf));
8877 priv_cmd.used_len = sizeof(buf);
8878 priv_cmd.total_len = sizeof(buf);
8879 ifr.ifr_data = &priv_cmd;
8881 ret = ioctl(drv->global->ioctl_sock, SIOCDEVPRIVATE + 1, &ifr);
8883 wpa_printf(MSG_ERROR, "%s: failed to issue private commands",
8885 wpa_driver_send_hang_msg(drv);
8894 static int android_pno_start(struct i802_bss *bss,
8895 struct wpa_driver_scan_params *params)
8897 struct wpa_driver_nl80211_data *drv = bss->drv;
8899 android_wifi_priv_cmd priv_cmd;
8900 int ret = 0, i = 0, bp;
8901 char buf[WEXT_PNO_MAX_COMMAND_SIZE];
8903 bp = WEXT_PNOSETUP_HEADER_SIZE;
8904 os_memcpy(buf, WEXT_PNOSETUP_HEADER, bp);
8905 buf[bp++] = WEXT_PNO_TLV_PREFIX;
8906 buf[bp++] = WEXT_PNO_TLV_VERSION;
8907 buf[bp++] = WEXT_PNO_TLV_SUBVERSION;
8908 buf[bp++] = WEXT_PNO_TLV_RESERVED;
8910 while (i < WEXT_PNO_AMOUNT && (size_t) i < params->num_ssids) {
8911 /* Check that there is enough space needed for 1 more SSID, the
8912 * other sections and null termination */
8913 if ((bp + WEXT_PNO_SSID_HEADER_SIZE + MAX_SSID_LEN +
8914 WEXT_PNO_NONSSID_SECTIONS_SIZE + 1) >= (int) sizeof(buf))
8916 wpa_hexdump_ascii(MSG_DEBUG, "For PNO Scan",
8917 params->ssids[i].ssid,
8918 params->ssids[i].ssid_len);
8919 buf[bp++] = WEXT_PNO_SSID_SECTION;
8920 buf[bp++] = params->ssids[i].ssid_len;
8921 os_memcpy(&buf[bp], params->ssids[i].ssid,
8922 params->ssids[i].ssid_len);
8923 bp += params->ssids[i].ssid_len;
8927 buf[bp++] = WEXT_PNO_SCAN_INTERVAL_SECTION;
8928 os_snprintf(&buf[bp], WEXT_PNO_SCAN_INTERVAL_LENGTH + 1, "%x",
8929 WEXT_PNO_SCAN_INTERVAL);
8930 bp += WEXT_PNO_SCAN_INTERVAL_LENGTH;
8932 buf[bp++] = WEXT_PNO_REPEAT_SECTION;
8933 os_snprintf(&buf[bp], WEXT_PNO_REPEAT_LENGTH + 1, "%x",
8935 bp += WEXT_PNO_REPEAT_LENGTH;
8937 buf[bp++] = WEXT_PNO_MAX_REPEAT_SECTION;
8938 os_snprintf(&buf[bp], WEXT_PNO_MAX_REPEAT_LENGTH + 1, "%x",
8939 WEXT_PNO_MAX_REPEAT);
8940 bp += WEXT_PNO_MAX_REPEAT_LENGTH + 1;
8942 memset(&ifr, 0, sizeof(ifr));
8943 memset(&priv_cmd, 0, sizeof(priv_cmd));
8944 os_strncpy(ifr.ifr_name, bss->ifname, IFNAMSIZ);
8947 priv_cmd.used_len = bp;
8948 priv_cmd.total_len = bp;
8949 ifr.ifr_data = &priv_cmd;
8951 ret = ioctl(drv->global->ioctl_sock, SIOCDEVPRIVATE + 1, &ifr);
8954 wpa_printf(MSG_ERROR, "ioctl[SIOCSIWPRIV] (pnosetup): %d",
8956 wpa_driver_send_hang_msg(drv);
8962 return android_priv_cmd(bss, "PNOFORCE 1");
8966 static int android_pno_stop(struct i802_bss *bss)
8968 return android_priv_cmd(bss, "PNOFORCE 0");
8971 #endif /* ANDROID */
8974 const struct wpa_driver_ops wpa_driver_nl80211_ops = {
8976 .desc = "Linux nl80211/cfg80211",
8977 .get_bssid = wpa_driver_nl80211_get_bssid,
8978 .get_ssid = wpa_driver_nl80211_get_ssid,
8979 .set_key = wpa_driver_nl80211_set_key,
8980 .scan2 = wpa_driver_nl80211_scan,
8981 .sched_scan = wpa_driver_nl80211_sched_scan,
8982 .stop_sched_scan = wpa_driver_nl80211_stop_sched_scan,
8983 .get_scan_results2 = wpa_driver_nl80211_get_scan_results,
8984 .deauthenticate = wpa_driver_nl80211_deauthenticate,
8985 .disassociate = wpa_driver_nl80211_disassociate,
8986 .authenticate = wpa_driver_nl80211_authenticate,
8987 .associate = wpa_driver_nl80211_associate,
8988 .global_init = nl80211_global_init,
8989 .global_deinit = nl80211_global_deinit,
8990 .init2 = wpa_driver_nl80211_init,
8991 .deinit = wpa_driver_nl80211_deinit,
8992 .get_capa = wpa_driver_nl80211_get_capa,
8993 .set_operstate = wpa_driver_nl80211_set_operstate,
8994 .set_supp_port = wpa_driver_nl80211_set_supp_port,
8995 .set_country = wpa_driver_nl80211_set_country,
8996 .set_ap = wpa_driver_nl80211_set_ap,
8997 .if_add = wpa_driver_nl80211_if_add,
8998 .if_remove = wpa_driver_nl80211_if_remove,
8999 .send_mlme = wpa_driver_nl80211_send_mlme,
9000 .get_hw_feature_data = wpa_driver_nl80211_get_hw_feature_data,
9001 .sta_add = wpa_driver_nl80211_sta_add,
9002 .sta_remove = wpa_driver_nl80211_sta_remove,
9003 .hapd_send_eapol = wpa_driver_nl80211_hapd_send_eapol,
9004 .sta_set_flags = wpa_driver_nl80211_sta_set_flags,
9006 .hapd_init = i802_init,
9007 .hapd_deinit = i802_deinit,
9008 .set_wds_sta = i802_set_wds_sta,
9009 #endif /* HOSTAPD */
9010 #if defined(HOSTAPD) || defined(CONFIG_AP)
9011 .get_seqnum = i802_get_seqnum,
9012 .flush = i802_flush,
9013 .read_sta_data = i802_read_sta_data,
9014 .get_inact_sec = i802_get_inact_sec,
9015 .sta_clear_stats = i802_sta_clear_stats,
9016 .set_rts = i802_set_rts,
9017 .set_frag = i802_set_frag,
9018 .set_tx_queue_params = i802_set_tx_queue_params,
9019 .set_sta_vlan = i802_set_sta_vlan,
9020 .sta_deauth = i802_sta_deauth,
9021 .sta_disassoc = i802_sta_disassoc,
9022 #endif /* HOSTAPD || CONFIG_AP */
9023 .set_freq = i802_set_freq,
9024 .send_action = wpa_driver_nl80211_send_action,
9025 .send_action_cancel_wait = wpa_driver_nl80211_send_action_cancel_wait,
9026 .remain_on_channel = wpa_driver_nl80211_remain_on_channel,
9027 .cancel_remain_on_channel =
9028 wpa_driver_nl80211_cancel_remain_on_channel,
9029 .probe_req_report = wpa_driver_nl80211_probe_req_report,
9030 .deinit_ap = wpa_driver_nl80211_deinit_ap,
9031 .resume = wpa_driver_nl80211_resume,
9032 .send_ft_action = nl80211_send_ft_action,
9033 .signal_monitor = nl80211_signal_monitor,
9034 .signal_poll = nl80211_signal_poll,
9035 .send_frame = nl80211_send_frame,
9036 .shared_freq = wpa_driver_nl80211_shared_freq,
9037 .set_param = nl80211_set_param,
9038 .get_radio_name = nl80211_get_radio_name,
9039 .add_pmkid = nl80211_add_pmkid,
9040 .remove_pmkid = nl80211_remove_pmkid,
9041 .flush_pmkid = nl80211_flush_pmkid,
9042 .set_rekey_info = nl80211_set_rekey_info,
9043 .poll_client = nl80211_poll_client,
9044 .set_p2p_powersave = nl80211_set_p2p_powersave,
9046 .send_tdls_mgmt = nl80211_send_tdls_mgmt,
9047 .tdls_oper = nl80211_tdls_oper,
9048 #endif /* CONFIG_TDLS */