2 * Driver interaction with Linux nl80211/cfg80211
3 * Copyright (c) 2002-2012, Jouni Malinen <j@w1.fi>
4 * Copyright (c) 2003-2004, Instant802 Networks, Inc.
5 * Copyright (c) 2005-2006, Devicescape Software, Inc.
6 * Copyright (c) 2007, Johannes Berg <johannes@sipsolutions.net>
7 * Copyright (c) 2009-2010, Atheros Communications
9 * This software may be distributed under the terms of the BSD license.
10 * See README for more details.
14 #include <sys/ioctl.h>
15 #include <sys/types.h>
19 #include <netlink/genl/genl.h>
20 #include <netlink/genl/family.h>
21 #include <netlink/genl/ctrl.h>
22 #include <linux/rtnetlink.h>
23 #include <netpacket/packet.h>
24 #include <linux/filter.h>
25 #include <linux/errqueue.h>
26 #include "nl80211_copy.h"
30 #include "utils/list.h"
31 #include "common/ieee802_11_defs.h"
32 #include "common/ieee802_11_common.h"
33 #include "l2_packet/l2_packet.h"
35 #include "linux_ioctl.h"
37 #include "radiotap_iter.h"
41 #ifndef SO_WIFI_STATUS
42 # if defined(__sparc__)
43 # define SO_WIFI_STATUS 0x0025
44 # elif defined(__parisc__)
45 # define SO_WIFI_STATUS 0x4022
47 # define SO_WIFI_STATUS 41
50 # define SCM_WIFI_STATUS SO_WIFI_STATUS
53 #ifndef SO_EE_ORIGIN_TXSTATUS
54 #define SO_EE_ORIGIN_TXSTATUS 4
57 #ifndef PACKET_TX_TIMESTAMP
58 #define PACKET_TX_TIMESTAMP 16
62 #include "android_drv.h"
64 /* system/core/libnl_2 in AOSP does not include nla_put_u32() */
65 int nla_put_u32(struct nl_msg *msg, int attrtype, uint32_t value)
67 return nla_put(msg, attrtype, sizeof(uint32_t), &value);
71 /* libnl 2.0 compatibility code */
72 #define nl_handle nl_sock
73 #define nl80211_handle_alloc nl_socket_alloc_cb
74 #define nl80211_handle_destroy nl_socket_free
77 * libnl 1.1 has a bug, it tries to allocate socket numbers densely
78 * but when you free a socket again it will mess up its bitmap and
79 * and use the wrong number the next time it needs a socket ID.
80 * Therefore, we wrap the handle alloc/destroy and add our own pid
83 static uint32_t port_bitmap[32] = { 0 };
85 static struct nl_handle *nl80211_handle_alloc(void *cb)
87 struct nl_handle *handle;
88 uint32_t pid = getpid() & 0x3FFFFF;
91 handle = nl_handle_alloc_cb(cb);
93 for (i = 0; i < 1024; i++) {
94 if (port_bitmap[i / 32] & (1 << (i % 32)))
96 port_bitmap[i / 32] |= 1 << (i % 32);
101 nl_socket_set_local_port(handle, pid);
106 static void nl80211_handle_destroy(struct nl_handle *handle)
108 uint32_t port = nl_socket_get_local_port(handle);
111 port_bitmap[port / 32] &= ~(1 << (port % 32));
113 nl_handle_destroy(handle);
115 #endif /* CONFIG_LIBNL20 */
118 static struct nl_handle * nl_create_handle(struct nl_cb *cb, const char *dbg)
120 struct nl_handle *handle;
122 handle = nl80211_handle_alloc(cb);
123 if (handle == NULL) {
124 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate netlink "
125 "callbacks (%s)", dbg);
129 if (genl_connect(handle)) {
130 wpa_printf(MSG_ERROR, "nl80211: Failed to connect to generic "
131 "netlink (%s)", dbg);
132 nl80211_handle_destroy(handle);
140 static void nl_destroy_handles(struct nl_handle **handle)
144 nl80211_handle_destroy(*handle);
150 #define IFF_LOWER_UP 0x10000 /* driver signals L1 up */
153 #define IFF_DORMANT 0x20000 /* driver signals dormant */
156 #ifndef IF_OPER_DORMANT
157 #define IF_OPER_DORMANT 5
163 struct nl80211_global {
164 struct dl_list interfaces;
166 struct netlink_data *netlink;
168 struct nl_handle *nl;
170 int ioctl_sock; /* socket for ioctl() use */
172 struct nl_handle *nl_event;
175 struct nl80211_wiphy_data {
180 struct nl_handle *nl_beacons;
186 static void nl80211_global_deinit(void *priv);
189 struct wpa_driver_nl80211_data *drv;
190 struct i802_bss *next;
192 char ifname[IFNAMSIZ + 1];
193 char brname[IFNAMSIZ];
194 unsigned int beacon_set:1;
195 unsigned int added_if_into_bridge:1;
196 unsigned int added_bridge:1;
197 unsigned int in_deinit:1;
204 struct nl_handle *nl_preq, *nl_mgmt;
207 struct nl80211_wiphy_data *wiphy_data;
208 struct dl_list wiphy_list;
211 struct wpa_driver_nl80211_data {
212 struct nl80211_global *global;
214 struct dl_list wiphy_list;
220 int ignore_if_down_event;
221 struct rfkill_data *rfkill;
222 struct wpa_driver_capa capa;
227 int scan_complete_events;
231 u8 auth_bssid[ETH_ALEN];
236 enum nl80211_iftype nlmode;
237 enum nl80211_iftype ap_scan_as_station;
238 unsigned int assoc_freq;
242 int monitor_refcount;
244 unsigned int disabled_11b_rates:1;
245 unsigned int pending_remain_on_chan:1;
246 unsigned int in_interface_list:1;
247 unsigned int device_ap_sme:1;
248 unsigned int poll_command_supported:1;
249 unsigned int data_tx_status:1;
250 unsigned int scan_for_auth:1;
251 unsigned int retry_auth:1;
252 unsigned int use_monitor:1;
253 unsigned int ignore_next_local_disconnect:1;
255 u64 remain_on_chan_cookie;
256 u64 send_action_cookie;
258 unsigned int last_mgmt_freq;
260 struct wpa_driver_scan_filter *filter_ssids;
261 size_t num_filter_ssids;
263 struct i802_bss first_bss;
268 int eapol_sock; /* socket for EAPOL frames */
270 int default_if_indices[16];
278 /* From failed authentication command */
280 u8 auth_bssid_[ETH_ALEN];
282 size_t auth_ssid_len;
286 u8 auth_wep_key[4][16];
287 size_t auth_wep_key_len[4];
288 int auth_wep_tx_keyidx;
289 int auth_local_state_change;
294 static void wpa_driver_nl80211_deinit(struct i802_bss *bss);
295 static void wpa_driver_nl80211_scan_timeout(void *eloop_ctx,
297 static int wpa_driver_nl80211_set_mode(struct i802_bss *bss,
298 enum nl80211_iftype nlmode);
300 wpa_driver_nl80211_finish_drv_init(struct wpa_driver_nl80211_data *drv);
301 static int wpa_driver_nl80211_mlme(struct wpa_driver_nl80211_data *drv,
302 const u8 *addr, int cmd, u16 reason_code,
303 int local_state_change);
304 static void nl80211_remove_monitor_interface(
305 struct wpa_driver_nl80211_data *drv);
306 static int nl80211_send_frame_cmd(struct i802_bss *bss,
307 unsigned int freq, unsigned int wait,
308 const u8 *buf, size_t buf_len, u64 *cookie,
309 int no_cck, int no_ack, int offchanok);
310 static int wpa_driver_nl80211_probe_req_report(struct i802_bss *bss,
313 static int android_pno_start(struct i802_bss *bss,
314 struct wpa_driver_scan_params *params);
315 static int android_pno_stop(struct i802_bss *bss);
319 static void add_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx);
320 static void del_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx);
321 static int have_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx);
322 static int wpa_driver_nl80211_if_remove(struct i802_bss *bss,
323 enum wpa_driver_if_type type,
326 static inline void add_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx)
330 static inline void del_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx)
334 static inline int have_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx)
340 static int wpa_driver_nl80211_set_freq(struct i802_bss *bss,
341 struct hostapd_freq_params *freq);
342 static int nl80211_disable_11b_rates(struct wpa_driver_nl80211_data *drv,
343 int ifindex, int disabled);
345 static int nl80211_leave_ibss(struct wpa_driver_nl80211_data *drv);
346 static int wpa_driver_nl80211_authenticate_retry(
347 struct wpa_driver_nl80211_data *drv);
350 static int is_ap_interface(enum nl80211_iftype nlmode)
352 return (nlmode == NL80211_IFTYPE_AP ||
353 nlmode == NL80211_IFTYPE_P2P_GO);
357 static int is_sta_interface(enum nl80211_iftype nlmode)
359 return (nlmode == NL80211_IFTYPE_STATION ||
360 nlmode == NL80211_IFTYPE_P2P_CLIENT);
364 static int is_p2p_interface(enum nl80211_iftype nlmode)
366 return (nlmode == NL80211_IFTYPE_P2P_CLIENT ||
367 nlmode == NL80211_IFTYPE_P2P_GO);
371 struct nl80211_bss_info_arg {
372 struct wpa_driver_nl80211_data *drv;
373 struct wpa_scan_results *res;
374 unsigned int assoc_freq;
375 u8 assoc_bssid[ETH_ALEN];
378 static int bss_info_handler(struct nl_msg *msg, void *arg);
382 static int ack_handler(struct nl_msg *msg, void *arg)
389 static int finish_handler(struct nl_msg *msg, void *arg)
396 static int error_handler(struct sockaddr_nl *nla, struct nlmsgerr *err,
405 static int no_seq_check(struct nl_msg *msg, void *arg)
411 static int send_and_recv(struct nl80211_global *global,
412 struct nl_handle *nl_handle, struct nl_msg *msg,
413 int (*valid_handler)(struct nl_msg *, void *),
419 cb = nl_cb_clone(global->nl_cb);
423 err = nl_send_auto_complete(nl_handle, msg);
429 nl_cb_err(cb, NL_CB_CUSTOM, error_handler, &err);
430 nl_cb_set(cb, NL_CB_FINISH, NL_CB_CUSTOM, finish_handler, &err);
431 nl_cb_set(cb, NL_CB_ACK, NL_CB_CUSTOM, ack_handler, &err);
434 nl_cb_set(cb, NL_CB_VALID, NL_CB_CUSTOM,
435 valid_handler, valid_data);
438 nl_recvmsgs(nl_handle, cb);
446 static int send_and_recv_msgs_global(struct nl80211_global *global,
448 int (*valid_handler)(struct nl_msg *, void *),
451 return send_and_recv(global, global->nl, msg, valid_handler,
456 static int send_and_recv_msgs(struct wpa_driver_nl80211_data *drv,
458 int (*valid_handler)(struct nl_msg *, void *),
461 return send_and_recv(drv->global, drv->global->nl, msg,
462 valid_handler, valid_data);
472 static int family_handler(struct nl_msg *msg, void *arg)
474 struct family_data *res = arg;
475 struct nlattr *tb[CTRL_ATTR_MAX + 1];
476 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
477 struct nlattr *mcgrp;
480 nla_parse(tb, CTRL_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
481 genlmsg_attrlen(gnlh, 0), NULL);
482 if (!tb[CTRL_ATTR_MCAST_GROUPS])
485 nla_for_each_nested(mcgrp, tb[CTRL_ATTR_MCAST_GROUPS], i) {
486 struct nlattr *tb2[CTRL_ATTR_MCAST_GRP_MAX + 1];
487 nla_parse(tb2, CTRL_ATTR_MCAST_GRP_MAX, nla_data(mcgrp),
488 nla_len(mcgrp), NULL);
489 if (!tb2[CTRL_ATTR_MCAST_GRP_NAME] ||
490 !tb2[CTRL_ATTR_MCAST_GRP_ID] ||
491 os_strncmp(nla_data(tb2[CTRL_ATTR_MCAST_GRP_NAME]),
493 nla_len(tb2[CTRL_ATTR_MCAST_GRP_NAME])) != 0)
495 res->id = nla_get_u32(tb2[CTRL_ATTR_MCAST_GRP_ID]);
503 static int nl_get_multicast_id(struct nl80211_global *global,
504 const char *family, const char *group)
508 struct family_data res = { group, -ENOENT };
513 genlmsg_put(msg, 0, 0, genl_ctrl_resolve(global->nl, "nlctrl"),
514 0, 0, CTRL_CMD_GETFAMILY, 0);
515 NLA_PUT_STRING(msg, CTRL_ATTR_FAMILY_NAME, family);
517 ret = send_and_recv_msgs_global(global, msg, family_handler, &res);
528 static void * nl80211_cmd(struct wpa_driver_nl80211_data *drv,
529 struct nl_msg *msg, int flags, uint8_t cmd)
531 return genlmsg_put(msg, 0, 0, drv->global->nl80211_id,
536 struct wiphy_idx_data {
541 static int netdev_info_handler(struct nl_msg *msg, void *arg)
543 struct nlattr *tb[NL80211_ATTR_MAX + 1];
544 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
545 struct wiphy_idx_data *info = arg;
547 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
548 genlmsg_attrlen(gnlh, 0), NULL);
550 if (tb[NL80211_ATTR_WIPHY])
551 info->wiphy_idx = nla_get_u32(tb[NL80211_ATTR_WIPHY]);
557 static int nl80211_get_wiphy_index(struct i802_bss *bss)
560 struct wiphy_idx_data data = {
568 nl80211_cmd(bss->drv, msg, 0, NL80211_CMD_GET_INTERFACE);
570 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, bss->ifindex);
572 if (send_and_recv_msgs(bss->drv, msg, netdev_info_handler, &data) == 0)
573 return data.wiphy_idx;
581 static int nl80211_register_beacons(struct wpa_driver_nl80211_data *drv,
582 struct nl80211_wiphy_data *w)
591 nl80211_cmd(drv, msg, 0, NL80211_CMD_REGISTER_BEACONS);
593 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, w->wiphy_idx);
595 ret = send_and_recv(drv->global, w->nl_beacons, msg, NULL, NULL);
598 wpa_printf(MSG_DEBUG, "nl80211: Register beacons command "
599 "failed: ret=%d (%s)",
600 ret, strerror(-ret));
601 goto nla_put_failure;
610 static void nl80211_recv_beacons(int sock, void *eloop_ctx, void *handle)
612 struct nl80211_wiphy_data *w = eloop_ctx;
614 wpa_printf(MSG_EXCESSIVE, "nl80211: Beacon event message available");
616 nl_recvmsgs(handle, w->nl_cb);
620 static int process_beacon_event(struct nl_msg *msg, void *arg)
622 struct nl80211_wiphy_data *w = arg;
623 struct wpa_driver_nl80211_data *drv;
624 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
625 struct nlattr *tb[NL80211_ATTR_MAX + 1];
626 union wpa_event_data event;
628 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
629 genlmsg_attrlen(gnlh, 0), NULL);
631 if (gnlh->cmd != NL80211_CMD_FRAME) {
632 wpa_printf(MSG_DEBUG, "nl80211: Unexpected beacon event? (%d)",
637 if (!tb[NL80211_ATTR_FRAME])
640 dl_list_for_each(drv, &w->drvs, struct wpa_driver_nl80211_data,
642 os_memset(&event, 0, sizeof(event));
643 event.rx_mgmt.frame = nla_data(tb[NL80211_ATTR_FRAME]);
644 event.rx_mgmt.frame_len = nla_len(tb[NL80211_ATTR_FRAME]);
645 wpa_supplicant_event(drv->ctx, EVENT_RX_MGMT, &event);
652 static struct nl80211_wiphy_data *
653 nl80211_get_wiphy_data_ap(struct i802_bss *bss)
655 static DEFINE_DL_LIST(nl80211_wiphys);
656 struct nl80211_wiphy_data *w;
657 int wiphy_idx, found = 0;
658 struct i802_bss *tmp_bss;
660 if (bss->wiphy_data != NULL)
661 return bss->wiphy_data;
663 wiphy_idx = nl80211_get_wiphy_index(bss);
665 dl_list_for_each(w, &nl80211_wiphys, struct nl80211_wiphy_data, list) {
666 if (w->wiphy_idx == wiphy_idx)
671 w = os_zalloc(sizeof(*w));
674 w->wiphy_idx = wiphy_idx;
675 dl_list_init(&w->bsss);
676 dl_list_init(&w->drvs);
678 w->nl_cb = nl_cb_alloc(NL_CB_DEFAULT);
683 nl_cb_set(w->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM, no_seq_check, NULL);
684 nl_cb_set(w->nl_cb, NL_CB_VALID, NL_CB_CUSTOM, process_beacon_event,
687 w->nl_beacons = nl_create_handle(bss->drv->global->nl_cb,
689 if (w->nl_beacons == NULL) {
694 if (nl80211_register_beacons(bss->drv, w)) {
695 nl_destroy_handles(&w->nl_beacons);
700 eloop_register_read_sock(nl_socket_get_fd(w->nl_beacons),
701 nl80211_recv_beacons, w, w->nl_beacons);
703 dl_list_add(&nl80211_wiphys, &w->list);
706 /* drv entry for this bss already there? */
707 dl_list_for_each(tmp_bss, &w->bsss, struct i802_bss, wiphy_list) {
708 if (tmp_bss->drv == bss->drv) {
715 dl_list_add(&w->drvs, &bss->drv->wiphy_list);
717 dl_list_add(&w->bsss, &bss->wiphy_list);
723 static void nl80211_put_wiphy_data_ap(struct i802_bss *bss)
725 struct nl80211_wiphy_data *w = bss->wiphy_data;
726 struct i802_bss *tmp_bss;
731 bss->wiphy_data = NULL;
732 dl_list_del(&bss->wiphy_list);
734 /* still any for this drv present? */
735 dl_list_for_each(tmp_bss, &w->bsss, struct i802_bss, wiphy_list) {
736 if (tmp_bss->drv == bss->drv) {
741 /* if not remove it */
743 dl_list_del(&bss->drv->wiphy_list);
745 if (!dl_list_empty(&w->bsss))
748 eloop_unregister_read_sock(nl_socket_get_fd(w->nl_beacons));
751 nl_destroy_handles(&w->nl_beacons);
752 dl_list_del(&w->list);
757 static int wpa_driver_nl80211_get_bssid(void *priv, u8 *bssid)
759 struct i802_bss *bss = priv;
760 struct wpa_driver_nl80211_data *drv = bss->drv;
761 if (!drv->associated)
763 os_memcpy(bssid, drv->bssid, ETH_ALEN);
768 static int wpa_driver_nl80211_get_ssid(void *priv, u8 *ssid)
770 struct i802_bss *bss = priv;
771 struct wpa_driver_nl80211_data *drv = bss->drv;
772 if (!drv->associated)
774 os_memcpy(ssid, drv->ssid, drv->ssid_len);
775 return drv->ssid_len;
779 static void wpa_driver_nl80211_event_link(struct wpa_driver_nl80211_data *drv,
780 char *buf, size_t len, int del)
782 union wpa_event_data event;
784 os_memset(&event, 0, sizeof(event));
785 if (len > sizeof(event.interface_status.ifname))
786 len = sizeof(event.interface_status.ifname) - 1;
787 os_memcpy(event.interface_status.ifname, buf, len);
788 event.interface_status.ievent = del ? EVENT_INTERFACE_REMOVED :
789 EVENT_INTERFACE_ADDED;
791 wpa_printf(MSG_DEBUG, "RTM_%sLINK, IFLA_IFNAME: Interface '%s' %s",
793 event.interface_status.ifname,
794 del ? "removed" : "added");
796 if (os_strcmp(drv->first_bss.ifname, event.interface_status.ifname) == 0) {
798 if (drv->if_removed) {
799 wpa_printf(MSG_DEBUG, "nl80211: if_removed "
800 "already set - ignore event");
805 if (if_nametoindex(drv->first_bss.ifname) == 0) {
806 wpa_printf(MSG_DEBUG, "nl80211: Interface %s "
807 "does not exist - ignore "
809 drv->first_bss.ifname);
812 if (!drv->if_removed) {
813 wpa_printf(MSG_DEBUG, "nl80211: if_removed "
814 "already cleared - ignore event");
821 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_STATUS, &event);
825 static int wpa_driver_nl80211_own_ifname(struct wpa_driver_nl80211_data *drv,
828 int attrlen, rta_len;
832 attr = (struct rtattr *) buf;
834 rta_len = RTA_ALIGN(sizeof(struct rtattr));
835 while (RTA_OK(attr, attrlen)) {
836 if (attr->rta_type == IFLA_IFNAME) {
837 if (os_strcmp(((char *) attr) + rta_len, drv->first_bss.ifname)
843 attr = RTA_NEXT(attr, attrlen);
850 static int wpa_driver_nl80211_own_ifindex(struct wpa_driver_nl80211_data *drv,
851 int ifindex, u8 *buf, size_t len)
853 if (drv->ifindex == ifindex)
856 if (drv->if_removed && wpa_driver_nl80211_own_ifname(drv, buf, len)) {
857 drv->first_bss.ifindex = if_nametoindex(drv->first_bss.ifname);
858 wpa_printf(MSG_DEBUG, "nl80211: Update ifindex for a removed "
860 wpa_driver_nl80211_finish_drv_init(drv);
868 static struct wpa_driver_nl80211_data *
869 nl80211_find_drv(struct nl80211_global *global, int idx, u8 *buf, size_t len)
871 struct wpa_driver_nl80211_data *drv;
872 dl_list_for_each(drv, &global->interfaces,
873 struct wpa_driver_nl80211_data, list) {
874 if (wpa_driver_nl80211_own_ifindex(drv, idx, buf, len) ||
875 have_ifidx(drv, idx))
882 static void wpa_driver_nl80211_event_rtm_newlink(void *ctx,
883 struct ifinfomsg *ifi,
886 struct nl80211_global *global = ctx;
887 struct wpa_driver_nl80211_data *drv;
888 int attrlen, rta_len;
891 char namebuf[IFNAMSIZ];
893 drv = nl80211_find_drv(global, ifi->ifi_index, buf, len);
895 wpa_printf(MSG_DEBUG, "nl80211: Ignore event for foreign "
896 "ifindex %d", ifi->ifi_index);
900 wpa_printf(MSG_DEBUG, "RTM_NEWLINK: operstate=%d ifi_flags=0x%x "
902 drv->operstate, ifi->ifi_flags,
903 (ifi->ifi_flags & IFF_UP) ? "[UP]" : "",
904 (ifi->ifi_flags & IFF_RUNNING) ? "[RUNNING]" : "",
905 (ifi->ifi_flags & IFF_LOWER_UP) ? "[LOWER_UP]" : "",
906 (ifi->ifi_flags & IFF_DORMANT) ? "[DORMANT]" : "");
908 if (!drv->if_disabled && !(ifi->ifi_flags & IFF_UP)) {
909 if (if_indextoname(ifi->ifi_index, namebuf) &&
910 linux_iface_up(drv->global->ioctl_sock,
911 drv->first_bss.ifname) > 0) {
912 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface down "
913 "event since interface %s is up", namebuf);
916 wpa_printf(MSG_DEBUG, "nl80211: Interface down");
917 if (drv->ignore_if_down_event) {
918 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface down "
919 "event generated by mode change");
920 drv->ignore_if_down_event = 0;
922 drv->if_disabled = 1;
923 wpa_supplicant_event(drv->ctx,
924 EVENT_INTERFACE_DISABLED, NULL);
928 if (drv->if_disabled && (ifi->ifi_flags & IFF_UP)) {
929 if (if_indextoname(ifi->ifi_index, namebuf) &&
930 linux_iface_up(drv->global->ioctl_sock,
931 drv->first_bss.ifname) == 0) {
932 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface up "
933 "event since interface %s is down",
935 } else if (if_nametoindex(drv->first_bss.ifname) == 0) {
936 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface up "
937 "event since interface %s does not exist",
938 drv->first_bss.ifname);
939 } else if (drv->if_removed) {
940 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface up "
941 "event since interface %s is marked "
942 "removed", drv->first_bss.ifname);
944 wpa_printf(MSG_DEBUG, "nl80211: Interface up");
945 drv->if_disabled = 0;
946 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_ENABLED,
952 * Some drivers send the association event before the operup event--in
953 * this case, lifting operstate in wpa_driver_nl80211_set_operstate()
954 * fails. This will hit us when wpa_supplicant does not need to do
955 * IEEE 802.1X authentication
957 if (drv->operstate == 1 &&
958 (ifi->ifi_flags & (IFF_LOWER_UP | IFF_DORMANT)) == IFF_LOWER_UP &&
959 !(ifi->ifi_flags & IFF_RUNNING))
960 netlink_send_oper_ifla(drv->global->netlink, drv->ifindex,
964 attr = (struct rtattr *) buf;
965 rta_len = RTA_ALIGN(sizeof(struct rtattr));
966 while (RTA_OK(attr, attrlen)) {
967 if (attr->rta_type == IFLA_IFNAME) {
968 wpa_driver_nl80211_event_link(
970 ((char *) attr) + rta_len,
971 attr->rta_len - rta_len, 0);
972 } else if (attr->rta_type == IFLA_MASTER)
973 brid = nla_get_u32((struct nlattr *) attr);
974 attr = RTA_NEXT(attr, attrlen);
977 if (ifi->ifi_family == AF_BRIDGE && brid) {
978 /* device has been added to bridge */
979 if_indextoname(brid, namebuf);
980 wpa_printf(MSG_DEBUG, "nl80211: Add ifindex %u for bridge %s",
982 add_ifidx(drv, brid);
987 static void wpa_driver_nl80211_event_rtm_dellink(void *ctx,
988 struct ifinfomsg *ifi,
991 struct nl80211_global *global = ctx;
992 struct wpa_driver_nl80211_data *drv;
993 int attrlen, rta_len;
997 drv = nl80211_find_drv(global, ifi->ifi_index, buf, len);
999 wpa_printf(MSG_DEBUG, "nl80211: Ignore dellink event for "
1000 "foreign ifindex %d", ifi->ifi_index);
1005 attr = (struct rtattr *) buf;
1007 rta_len = RTA_ALIGN(sizeof(struct rtattr));
1008 while (RTA_OK(attr, attrlen)) {
1009 if (attr->rta_type == IFLA_IFNAME) {
1010 wpa_driver_nl80211_event_link(
1012 ((char *) attr) + rta_len,
1013 attr->rta_len - rta_len, 1);
1014 } else if (attr->rta_type == IFLA_MASTER)
1015 brid = nla_get_u32((struct nlattr *) attr);
1016 attr = RTA_NEXT(attr, attrlen);
1019 if (ifi->ifi_family == AF_BRIDGE && brid) {
1020 /* device has been removed from bridge */
1021 char namebuf[IFNAMSIZ];
1022 if_indextoname(brid, namebuf);
1023 wpa_printf(MSG_DEBUG, "nl80211: Remove ifindex %u for bridge "
1024 "%s", brid, namebuf);
1025 del_ifidx(drv, brid);
1030 static void mlme_event_auth(struct wpa_driver_nl80211_data *drv,
1031 const u8 *frame, size_t len)
1033 const struct ieee80211_mgmt *mgmt;
1034 union wpa_event_data event;
1036 wpa_printf(MSG_DEBUG, "nl80211: Authenticate event");
1037 mgmt = (const struct ieee80211_mgmt *) frame;
1038 if (len < 24 + sizeof(mgmt->u.auth)) {
1039 wpa_printf(MSG_DEBUG, "nl80211: Too short association event "
1044 os_memcpy(drv->auth_bssid, mgmt->sa, ETH_ALEN);
1045 os_memset(&event, 0, sizeof(event));
1046 os_memcpy(event.auth.peer, mgmt->sa, ETH_ALEN);
1047 event.auth.auth_type = le_to_host16(mgmt->u.auth.auth_alg);
1048 event.auth.auth_transaction =
1049 le_to_host16(mgmt->u.auth.auth_transaction);
1050 event.auth.status_code = le_to_host16(mgmt->u.auth.status_code);
1051 if (len > 24 + sizeof(mgmt->u.auth)) {
1052 event.auth.ies = mgmt->u.auth.variable;
1053 event.auth.ies_len = len - 24 - sizeof(mgmt->u.auth);
1056 wpa_supplicant_event(drv->ctx, EVENT_AUTH, &event);
1060 static unsigned int nl80211_get_assoc_freq(struct wpa_driver_nl80211_data *drv)
1064 struct nl80211_bss_info_arg arg;
1066 os_memset(&arg, 0, sizeof(arg));
1067 msg = nlmsg_alloc();
1069 goto nla_put_failure;
1071 nl80211_cmd(drv, msg, NLM_F_DUMP, NL80211_CMD_GET_SCAN);
1072 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
1075 ret = send_and_recv_msgs(drv, msg, bss_info_handler, &arg);
1078 wpa_printf(MSG_DEBUG, "nl80211: Operating frequency for the "
1079 "associated BSS from scan results: %u MHz",
1081 return arg.assoc_freq ? arg.assoc_freq : drv->assoc_freq;
1083 wpa_printf(MSG_DEBUG, "nl80211: Scan result fetch failed: ret=%d "
1084 "(%s)", ret, strerror(-ret));
1087 return drv->assoc_freq;
1091 static void mlme_event_assoc(struct wpa_driver_nl80211_data *drv,
1092 const u8 *frame, size_t len)
1094 const struct ieee80211_mgmt *mgmt;
1095 union wpa_event_data event;
1098 wpa_printf(MSG_DEBUG, "nl80211: Associate event");
1099 mgmt = (const struct ieee80211_mgmt *) frame;
1100 if (len < 24 + sizeof(mgmt->u.assoc_resp)) {
1101 wpa_printf(MSG_DEBUG, "nl80211: Too short association event "
1106 status = le_to_host16(mgmt->u.assoc_resp.status_code);
1107 if (status != WLAN_STATUS_SUCCESS) {
1108 os_memset(&event, 0, sizeof(event));
1109 event.assoc_reject.bssid = mgmt->bssid;
1110 if (len > 24 + sizeof(mgmt->u.assoc_resp)) {
1111 event.assoc_reject.resp_ies =
1112 (u8 *) mgmt->u.assoc_resp.variable;
1113 event.assoc_reject.resp_ies_len =
1114 len - 24 - sizeof(mgmt->u.assoc_resp);
1116 event.assoc_reject.status_code = status;
1118 wpa_supplicant_event(drv->ctx, EVENT_ASSOC_REJECT, &event);
1122 drv->associated = 1;
1123 os_memcpy(drv->bssid, mgmt->sa, ETH_ALEN);
1125 os_memset(&event, 0, sizeof(event));
1126 if (len > 24 + sizeof(mgmt->u.assoc_resp)) {
1127 event.assoc_info.resp_ies = (u8 *) mgmt->u.assoc_resp.variable;
1128 event.assoc_info.resp_ies_len =
1129 len - 24 - sizeof(mgmt->u.assoc_resp);
1132 event.assoc_info.freq = drv->assoc_freq;
1134 wpa_supplicant_event(drv->ctx, EVENT_ASSOC, &event);
1138 static void mlme_event_connect(struct wpa_driver_nl80211_data *drv,
1139 enum nl80211_commands cmd, struct nlattr *status,
1140 struct nlattr *addr, struct nlattr *req_ie,
1141 struct nlattr *resp_ie)
1143 union wpa_event_data event;
1145 if (drv->capa.flags & WPA_DRIVER_FLAGS_SME) {
1147 * Avoid reporting two association events that would confuse
1150 wpa_printf(MSG_DEBUG, "nl80211: Ignore connect event (cmd=%d) "
1151 "when using userspace SME", cmd);
1155 if (cmd == NL80211_CMD_CONNECT)
1156 wpa_printf(MSG_DEBUG, "nl80211: Connect event");
1157 else if (cmd == NL80211_CMD_ROAM)
1158 wpa_printf(MSG_DEBUG, "nl80211: Roam event");
1160 os_memset(&event, 0, sizeof(event));
1161 if (cmd == NL80211_CMD_CONNECT &&
1162 nla_get_u16(status) != WLAN_STATUS_SUCCESS) {
1164 event.assoc_reject.bssid = nla_data(addr);
1166 event.assoc_reject.resp_ies = nla_data(resp_ie);
1167 event.assoc_reject.resp_ies_len = nla_len(resp_ie);
1169 event.assoc_reject.status_code = nla_get_u16(status);
1170 wpa_supplicant_event(drv->ctx, EVENT_ASSOC_REJECT, &event);
1174 drv->associated = 1;
1176 os_memcpy(drv->bssid, nla_data(addr), ETH_ALEN);
1179 event.assoc_info.req_ies = nla_data(req_ie);
1180 event.assoc_info.req_ies_len = nla_len(req_ie);
1183 event.assoc_info.resp_ies = nla_data(resp_ie);
1184 event.assoc_info.resp_ies_len = nla_len(resp_ie);
1187 event.assoc_info.freq = nl80211_get_assoc_freq(drv);
1189 wpa_supplicant_event(drv->ctx, EVENT_ASSOC, &event);
1193 static void mlme_event_disconnect(struct wpa_driver_nl80211_data *drv,
1194 struct nlattr *reason, struct nlattr *addr,
1195 struct nlattr *by_ap)
1197 union wpa_event_data data;
1198 unsigned int locally_generated = by_ap == NULL;
1200 if (drv->capa.flags & WPA_DRIVER_FLAGS_SME) {
1202 * Avoid reporting two disassociation events that could
1203 * confuse the core code.
1205 wpa_printf(MSG_DEBUG, "nl80211: Ignore disconnect "
1206 "event when using userspace SME");
1210 if (drv->ignore_next_local_disconnect) {
1211 drv->ignore_next_local_disconnect = 0;
1212 if (locally_generated) {
1213 wpa_printf(MSG_DEBUG, "nl80211: Ignore disconnect "
1214 "event triggered during reassociation");
1217 wpa_printf(MSG_WARNING, "nl80211: Was expecting local "
1218 "disconnect but got another disconnect "
1222 wpa_printf(MSG_DEBUG, "nl80211: Disconnect event");
1223 drv->associated = 0;
1224 os_memset(&data, 0, sizeof(data));
1226 data.deauth_info.reason_code = nla_get_u16(reason);
1227 data.deauth_info.locally_generated = by_ap == NULL;
1228 wpa_supplicant_event(drv->ctx, EVENT_DEAUTH, &data);
1232 static void mlme_event_ch_switch(struct wpa_driver_nl80211_data *drv,
1233 struct nlattr *freq, struct nlattr *type)
1235 union wpa_event_data data;
1237 int chan_offset = 0;
1239 wpa_printf(MSG_DEBUG, "nl80211: Channel switch event");
1244 switch (nla_get_u32(type)) {
1245 case NL80211_CHAN_NO_HT:
1248 case NL80211_CHAN_HT20:
1250 case NL80211_CHAN_HT40PLUS:
1253 case NL80211_CHAN_HT40MINUS:
1258 data.ch_switch.freq = nla_get_u32(freq);
1259 data.ch_switch.ht_enabled = ht_enabled;
1260 data.ch_switch.ch_offset = chan_offset;
1262 wpa_supplicant_event(drv->ctx, EVENT_CH_SWITCH, &data);
1266 static void mlme_timeout_event(struct wpa_driver_nl80211_data *drv,
1267 enum nl80211_commands cmd, struct nlattr *addr)
1269 union wpa_event_data event;
1270 enum wpa_event_type ev;
1272 if (nla_len(addr) != ETH_ALEN)
1275 wpa_printf(MSG_DEBUG, "nl80211: MLME event %d; timeout with " MACSTR,
1276 cmd, MAC2STR((u8 *) nla_data(addr)));
1278 if (cmd == NL80211_CMD_AUTHENTICATE)
1279 ev = EVENT_AUTH_TIMED_OUT;
1280 else if (cmd == NL80211_CMD_ASSOCIATE)
1281 ev = EVENT_ASSOC_TIMED_OUT;
1285 os_memset(&event, 0, sizeof(event));
1286 os_memcpy(event.timeout_event.addr, nla_data(addr), ETH_ALEN);
1287 wpa_supplicant_event(drv->ctx, ev, &event);
1291 static void mlme_event_mgmt(struct wpa_driver_nl80211_data *drv,
1292 struct nlattr *freq, struct nlattr *sig,
1293 const u8 *frame, size_t len)
1295 const struct ieee80211_mgmt *mgmt;
1296 union wpa_event_data event;
1300 wpa_printf(MSG_DEBUG, "nl80211: Frame event");
1301 mgmt = (const struct ieee80211_mgmt *) frame;
1303 wpa_printf(MSG_DEBUG, "nl80211: Too short action frame");
1307 fc = le_to_host16(mgmt->frame_control);
1308 stype = WLAN_FC_GET_STYPE(fc);
1311 ssi_signal = (s32) nla_get_u32(sig);
1313 os_memset(&event, 0, sizeof(event));
1315 event.rx_action.freq = nla_get_u32(freq);
1316 drv->last_mgmt_freq = event.rx_action.freq;
1318 if (stype == WLAN_FC_STYPE_ACTION) {
1319 event.rx_action.da = mgmt->da;
1320 event.rx_action.sa = mgmt->sa;
1321 event.rx_action.bssid = mgmt->bssid;
1322 event.rx_action.category = mgmt->u.action.category;
1323 event.rx_action.data = &mgmt->u.action.category + 1;
1324 event.rx_action.len = frame + len - event.rx_action.data;
1325 wpa_supplicant_event(drv->ctx, EVENT_RX_ACTION, &event);
1327 event.rx_mgmt.frame = frame;
1328 event.rx_mgmt.frame_len = len;
1329 event.rx_mgmt.ssi_signal = ssi_signal;
1330 wpa_supplicant_event(drv->ctx, EVENT_RX_MGMT, &event);
1335 static void mlme_event_mgmt_tx_status(struct wpa_driver_nl80211_data *drv,
1336 struct nlattr *cookie, const u8 *frame,
1337 size_t len, struct nlattr *ack)
1339 union wpa_event_data event;
1340 const struct ieee80211_hdr *hdr;
1343 wpa_printf(MSG_DEBUG, "nl80211: Frame TX status event");
1344 if (!is_ap_interface(drv->nlmode)) {
1350 cookie_val = nla_get_u64(cookie);
1351 wpa_printf(MSG_DEBUG, "nl80211: Action TX status:"
1352 " cookie=0%llx%s (ack=%d)",
1353 (long long unsigned int) cookie_val,
1354 cookie_val == drv->send_action_cookie ?
1355 " (match)" : " (unknown)", ack != NULL);
1356 if (cookie_val != drv->send_action_cookie)
1360 hdr = (const struct ieee80211_hdr *) frame;
1361 fc = le_to_host16(hdr->frame_control);
1363 os_memset(&event, 0, sizeof(event));
1364 event.tx_status.type = WLAN_FC_GET_TYPE(fc);
1365 event.tx_status.stype = WLAN_FC_GET_STYPE(fc);
1366 event.tx_status.dst = hdr->addr1;
1367 event.tx_status.data = frame;
1368 event.tx_status.data_len = len;
1369 event.tx_status.ack = ack != NULL;
1370 wpa_supplicant_event(drv->ctx, EVENT_TX_STATUS, &event);
1374 static void mlme_event_deauth_disassoc(struct wpa_driver_nl80211_data *drv,
1375 enum wpa_event_type type,
1376 const u8 *frame, size_t len)
1378 const struct ieee80211_mgmt *mgmt;
1379 union wpa_event_data event;
1380 const u8 *bssid = NULL;
1381 u16 reason_code = 0;
1383 if (type == EVENT_DEAUTH)
1384 wpa_printf(MSG_DEBUG, "nl80211: Deauthenticate event");
1386 wpa_printf(MSG_DEBUG, "nl80211: Disassociate event");
1388 mgmt = (const struct ieee80211_mgmt *) frame;
1390 bssid = mgmt->bssid;
1392 if (drv->associated != 0 &&
1393 os_memcmp(bssid, drv->bssid, ETH_ALEN) != 0 &&
1394 os_memcmp(bssid, drv->auth_bssid, ETH_ALEN) != 0) {
1396 * We have presumably received this deauth as a
1397 * response to a clear_state_mismatch() outgoing
1398 * deauth. Don't let it take us offline!
1400 wpa_printf(MSG_DEBUG, "nl80211: Deauth received "
1401 "from Unknown BSSID " MACSTR " -- ignoring",
1407 drv->associated = 0;
1408 os_memset(&event, 0, sizeof(event));
1410 /* Note: Same offset for Reason Code in both frame subtypes */
1411 if (len >= 24 + sizeof(mgmt->u.deauth))
1412 reason_code = le_to_host16(mgmt->u.deauth.reason_code);
1414 if (type == EVENT_DISASSOC) {
1415 event.disassoc_info.locally_generated =
1416 !os_memcmp(mgmt->sa, drv->first_bss.addr, ETH_ALEN);
1417 event.disassoc_info.addr = bssid;
1418 event.disassoc_info.reason_code = reason_code;
1419 if (frame + len > mgmt->u.disassoc.variable) {
1420 event.disassoc_info.ie = mgmt->u.disassoc.variable;
1421 event.disassoc_info.ie_len = frame + len -
1422 mgmt->u.disassoc.variable;
1425 event.deauth_info.locally_generated =
1426 !os_memcmp(mgmt->sa, drv->first_bss.addr, ETH_ALEN);
1427 event.deauth_info.addr = bssid;
1428 event.deauth_info.reason_code = reason_code;
1429 if (frame + len > mgmt->u.deauth.variable) {
1430 event.deauth_info.ie = mgmt->u.deauth.variable;
1431 event.deauth_info.ie_len = frame + len -
1432 mgmt->u.deauth.variable;
1436 wpa_supplicant_event(drv->ctx, type, &event);
1440 static void mlme_event_unprot_disconnect(struct wpa_driver_nl80211_data *drv,
1441 enum wpa_event_type type,
1442 const u8 *frame, size_t len)
1444 const struct ieee80211_mgmt *mgmt;
1445 union wpa_event_data event;
1446 u16 reason_code = 0;
1448 if (type == EVENT_UNPROT_DEAUTH)
1449 wpa_printf(MSG_DEBUG, "nl80211: Unprot Deauthenticate event");
1451 wpa_printf(MSG_DEBUG, "nl80211: Unprot Disassociate event");
1456 mgmt = (const struct ieee80211_mgmt *) frame;
1458 os_memset(&event, 0, sizeof(event));
1459 /* Note: Same offset for Reason Code in both frame subtypes */
1460 if (len >= 24 + sizeof(mgmt->u.deauth))
1461 reason_code = le_to_host16(mgmt->u.deauth.reason_code);
1463 if (type == EVENT_UNPROT_DISASSOC) {
1464 event.unprot_disassoc.sa = mgmt->sa;
1465 event.unprot_disassoc.da = mgmt->da;
1466 event.unprot_disassoc.reason_code = reason_code;
1468 event.unprot_deauth.sa = mgmt->sa;
1469 event.unprot_deauth.da = mgmt->da;
1470 event.unprot_deauth.reason_code = reason_code;
1473 wpa_supplicant_event(drv->ctx, type, &event);
1477 static void mlme_event(struct wpa_driver_nl80211_data *drv,
1478 enum nl80211_commands cmd, struct nlattr *frame,
1479 struct nlattr *addr, struct nlattr *timed_out,
1480 struct nlattr *freq, struct nlattr *ack,
1481 struct nlattr *cookie, struct nlattr *sig)
1483 if (timed_out && addr) {
1484 mlme_timeout_event(drv, cmd, addr);
1488 if (frame == NULL) {
1489 wpa_printf(MSG_DEBUG, "nl80211: MLME event %d without frame "
1494 wpa_printf(MSG_DEBUG, "nl80211: MLME event %d", cmd);
1495 wpa_hexdump(MSG_MSGDUMP, "nl80211: MLME event frame",
1496 nla_data(frame), nla_len(frame));
1499 case NL80211_CMD_AUTHENTICATE:
1500 mlme_event_auth(drv, nla_data(frame), nla_len(frame));
1502 case NL80211_CMD_ASSOCIATE:
1503 mlme_event_assoc(drv, nla_data(frame), nla_len(frame));
1505 case NL80211_CMD_DEAUTHENTICATE:
1506 mlme_event_deauth_disassoc(drv, EVENT_DEAUTH,
1507 nla_data(frame), nla_len(frame));
1509 case NL80211_CMD_DISASSOCIATE:
1510 mlme_event_deauth_disassoc(drv, EVENT_DISASSOC,
1511 nla_data(frame), nla_len(frame));
1513 case NL80211_CMD_FRAME:
1514 mlme_event_mgmt(drv, freq, sig, nla_data(frame),
1517 case NL80211_CMD_FRAME_TX_STATUS:
1518 mlme_event_mgmt_tx_status(drv, cookie, nla_data(frame),
1519 nla_len(frame), ack);
1521 case NL80211_CMD_UNPROT_DEAUTHENTICATE:
1522 mlme_event_unprot_disconnect(drv, EVENT_UNPROT_DEAUTH,
1523 nla_data(frame), nla_len(frame));
1525 case NL80211_CMD_UNPROT_DISASSOCIATE:
1526 mlme_event_unprot_disconnect(drv, EVENT_UNPROT_DISASSOC,
1527 nla_data(frame), nla_len(frame));
1535 static void mlme_event_michael_mic_failure(struct i802_bss *bss,
1536 struct nlattr *tb[])
1538 union wpa_event_data data;
1540 wpa_printf(MSG_DEBUG, "nl80211: MLME event Michael MIC failure");
1541 os_memset(&data, 0, sizeof(data));
1542 if (tb[NL80211_ATTR_MAC]) {
1543 wpa_hexdump(MSG_DEBUG, "nl80211: Source MAC address",
1544 nla_data(tb[NL80211_ATTR_MAC]),
1545 nla_len(tb[NL80211_ATTR_MAC]));
1546 data.michael_mic_failure.src = nla_data(tb[NL80211_ATTR_MAC]);
1548 if (tb[NL80211_ATTR_KEY_SEQ]) {
1549 wpa_hexdump(MSG_DEBUG, "nl80211: TSC",
1550 nla_data(tb[NL80211_ATTR_KEY_SEQ]),
1551 nla_len(tb[NL80211_ATTR_KEY_SEQ]));
1553 if (tb[NL80211_ATTR_KEY_TYPE]) {
1554 enum nl80211_key_type key_type =
1555 nla_get_u32(tb[NL80211_ATTR_KEY_TYPE]);
1556 wpa_printf(MSG_DEBUG, "nl80211: Key Type %d", key_type);
1557 if (key_type == NL80211_KEYTYPE_PAIRWISE)
1558 data.michael_mic_failure.unicast = 1;
1560 data.michael_mic_failure.unicast = 1;
1562 if (tb[NL80211_ATTR_KEY_IDX]) {
1563 u8 key_id = nla_get_u8(tb[NL80211_ATTR_KEY_IDX]);
1564 wpa_printf(MSG_DEBUG, "nl80211: Key Id %d", key_id);
1567 wpa_supplicant_event(bss->ctx, EVENT_MICHAEL_MIC_FAILURE, &data);
1571 static void mlme_event_join_ibss(struct wpa_driver_nl80211_data *drv,
1572 struct nlattr *tb[])
1574 if (tb[NL80211_ATTR_MAC] == NULL) {
1575 wpa_printf(MSG_DEBUG, "nl80211: No address in IBSS joined "
1579 os_memcpy(drv->bssid, nla_data(tb[NL80211_ATTR_MAC]), ETH_ALEN);
1580 drv->associated = 1;
1581 wpa_printf(MSG_DEBUG, "nl80211: IBSS " MACSTR " joined",
1582 MAC2STR(drv->bssid));
1584 wpa_supplicant_event(drv->ctx, EVENT_ASSOC, NULL);
1588 static void mlme_event_remain_on_channel(struct wpa_driver_nl80211_data *drv,
1589 int cancel_event, struct nlattr *tb[])
1591 unsigned int freq, chan_type, duration;
1592 union wpa_event_data data;
1595 if (tb[NL80211_ATTR_WIPHY_FREQ])
1596 freq = nla_get_u32(tb[NL80211_ATTR_WIPHY_FREQ]);
1600 if (tb[NL80211_ATTR_WIPHY_CHANNEL_TYPE])
1601 chan_type = nla_get_u32(tb[NL80211_ATTR_WIPHY_CHANNEL_TYPE]);
1605 if (tb[NL80211_ATTR_DURATION])
1606 duration = nla_get_u32(tb[NL80211_ATTR_DURATION]);
1610 if (tb[NL80211_ATTR_COOKIE])
1611 cookie = nla_get_u64(tb[NL80211_ATTR_COOKIE]);
1615 wpa_printf(MSG_DEBUG, "nl80211: Remain-on-channel event (cancel=%d "
1616 "freq=%u channel_type=%u duration=%u cookie=0x%llx (%s))",
1617 cancel_event, freq, chan_type, duration,
1618 (long long unsigned int) cookie,
1619 cookie == drv->remain_on_chan_cookie ? "match" : "unknown");
1621 if (cookie != drv->remain_on_chan_cookie)
1622 return; /* not for us */
1625 drv->pending_remain_on_chan = 0;
1627 os_memset(&data, 0, sizeof(data));
1628 data.remain_on_channel.freq = freq;
1629 data.remain_on_channel.duration = duration;
1630 wpa_supplicant_event(drv->ctx, cancel_event ?
1631 EVENT_CANCEL_REMAIN_ON_CHANNEL :
1632 EVENT_REMAIN_ON_CHANNEL, &data);
1636 static void send_scan_event(struct wpa_driver_nl80211_data *drv, int aborted,
1637 struct nlattr *tb[])
1639 union wpa_event_data event;
1642 struct scan_info *info;
1643 #define MAX_REPORT_FREQS 50
1644 int freqs[MAX_REPORT_FREQS];
1647 if (drv->scan_for_auth) {
1648 drv->scan_for_auth = 0;
1649 wpa_printf(MSG_DEBUG, "nl80211: Scan results for missing "
1650 "cfg80211 BSS entry");
1651 wpa_driver_nl80211_authenticate_retry(drv);
1655 os_memset(&event, 0, sizeof(event));
1656 info = &event.scan_info;
1657 info->aborted = aborted;
1659 if (tb[NL80211_ATTR_SCAN_SSIDS]) {
1660 nla_for_each_nested(nl, tb[NL80211_ATTR_SCAN_SSIDS], rem) {
1661 struct wpa_driver_scan_ssid *s =
1662 &info->ssids[info->num_ssids];
1663 s->ssid = nla_data(nl);
1664 s->ssid_len = nla_len(nl);
1666 if (info->num_ssids == WPAS_MAX_SCAN_SSIDS)
1670 if (tb[NL80211_ATTR_SCAN_FREQUENCIES]) {
1671 nla_for_each_nested(nl, tb[NL80211_ATTR_SCAN_FREQUENCIES], rem)
1673 freqs[num_freqs] = nla_get_u32(nl);
1675 if (num_freqs == MAX_REPORT_FREQS - 1)
1678 info->freqs = freqs;
1679 info->num_freqs = num_freqs;
1681 wpa_supplicant_event(drv->ctx, EVENT_SCAN_RESULTS, &event);
1685 static int get_link_signal(struct nl_msg *msg, void *arg)
1687 struct nlattr *tb[NL80211_ATTR_MAX + 1];
1688 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
1689 struct nlattr *sinfo[NL80211_STA_INFO_MAX + 1];
1690 static struct nla_policy policy[NL80211_STA_INFO_MAX + 1] = {
1691 [NL80211_STA_INFO_SIGNAL] = { .type = NLA_U8 },
1693 struct nlattr *rinfo[NL80211_RATE_INFO_MAX + 1];
1694 static struct nla_policy rate_policy[NL80211_RATE_INFO_MAX + 1] = {
1695 [NL80211_RATE_INFO_BITRATE] = { .type = NLA_U16 },
1696 [NL80211_RATE_INFO_MCS] = { .type = NLA_U8 },
1697 [NL80211_RATE_INFO_40_MHZ_WIDTH] = { .type = NLA_FLAG },
1698 [NL80211_RATE_INFO_SHORT_GI] = { .type = NLA_FLAG },
1700 struct wpa_signal_info *sig_change = arg;
1702 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
1703 genlmsg_attrlen(gnlh, 0), NULL);
1704 if (!tb[NL80211_ATTR_STA_INFO] ||
1705 nla_parse_nested(sinfo, NL80211_STA_INFO_MAX,
1706 tb[NL80211_ATTR_STA_INFO], policy))
1708 if (!sinfo[NL80211_STA_INFO_SIGNAL])
1711 sig_change->current_signal =
1712 (s8) nla_get_u8(sinfo[NL80211_STA_INFO_SIGNAL]);
1714 if (sinfo[NL80211_STA_INFO_TX_BITRATE]) {
1715 if (nla_parse_nested(rinfo, NL80211_RATE_INFO_MAX,
1716 sinfo[NL80211_STA_INFO_TX_BITRATE],
1718 sig_change->current_txrate = 0;
1720 if (rinfo[NL80211_RATE_INFO_BITRATE]) {
1721 sig_change->current_txrate =
1723 NL80211_RATE_INFO_BITRATE]) * 100;
1732 static int nl80211_get_link_signal(struct wpa_driver_nl80211_data *drv,
1733 struct wpa_signal_info *sig)
1737 sig->current_signal = -9999;
1738 sig->current_txrate = 0;
1740 msg = nlmsg_alloc();
1744 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_STATION);
1746 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
1747 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, drv->bssid);
1749 return send_and_recv_msgs(drv, msg, get_link_signal, sig);
1756 static int get_link_noise(struct nl_msg *msg, void *arg)
1758 struct nlattr *tb[NL80211_ATTR_MAX + 1];
1759 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
1760 struct nlattr *sinfo[NL80211_SURVEY_INFO_MAX + 1];
1761 static struct nla_policy survey_policy[NL80211_SURVEY_INFO_MAX + 1] = {
1762 [NL80211_SURVEY_INFO_FREQUENCY] = { .type = NLA_U32 },
1763 [NL80211_SURVEY_INFO_NOISE] = { .type = NLA_U8 },
1765 struct wpa_signal_info *sig_change = arg;
1767 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
1768 genlmsg_attrlen(gnlh, 0), NULL);
1770 if (!tb[NL80211_ATTR_SURVEY_INFO]) {
1771 wpa_printf(MSG_DEBUG, "nl80211: survey data missing!");
1775 if (nla_parse_nested(sinfo, NL80211_SURVEY_INFO_MAX,
1776 tb[NL80211_ATTR_SURVEY_INFO],
1778 wpa_printf(MSG_DEBUG, "nl80211: failed to parse nested "
1783 if (!sinfo[NL80211_SURVEY_INFO_FREQUENCY])
1786 if (nla_get_u32(sinfo[NL80211_SURVEY_INFO_FREQUENCY]) !=
1787 sig_change->frequency)
1790 if (!sinfo[NL80211_SURVEY_INFO_NOISE])
1793 sig_change->current_noise =
1794 (s8) nla_get_u8(sinfo[NL80211_SURVEY_INFO_NOISE]);
1800 static int nl80211_get_link_noise(struct wpa_driver_nl80211_data *drv,
1801 struct wpa_signal_info *sig_change)
1805 sig_change->current_noise = 9999;
1806 sig_change->frequency = drv->assoc_freq;
1808 msg = nlmsg_alloc();
1812 nl80211_cmd(drv, msg, NLM_F_DUMP, NL80211_CMD_GET_SURVEY);
1814 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
1816 return send_and_recv_msgs(drv, msg, get_link_noise, sig_change);
1823 static int get_noise_for_scan_results(struct nl_msg *msg, void *arg)
1825 struct nlattr *tb[NL80211_ATTR_MAX + 1];
1826 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
1827 struct nlattr *sinfo[NL80211_SURVEY_INFO_MAX + 1];
1828 static struct nla_policy survey_policy[NL80211_SURVEY_INFO_MAX + 1] = {
1829 [NL80211_SURVEY_INFO_FREQUENCY] = { .type = NLA_U32 },
1830 [NL80211_SURVEY_INFO_NOISE] = { .type = NLA_U8 },
1832 struct wpa_scan_results *scan_results = arg;
1833 struct wpa_scan_res *scan_res;
1836 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
1837 genlmsg_attrlen(gnlh, 0), NULL);
1839 if (!tb[NL80211_ATTR_SURVEY_INFO]) {
1840 wpa_printf(MSG_DEBUG, "nl80211: Survey data missing");
1844 if (nla_parse_nested(sinfo, NL80211_SURVEY_INFO_MAX,
1845 tb[NL80211_ATTR_SURVEY_INFO],
1847 wpa_printf(MSG_DEBUG, "nl80211: Failed to parse nested "
1852 if (!sinfo[NL80211_SURVEY_INFO_NOISE])
1855 if (!sinfo[NL80211_SURVEY_INFO_FREQUENCY])
1858 for (i = 0; i < scan_results->num; ++i) {
1859 scan_res = scan_results->res[i];
1862 if ((int) nla_get_u32(sinfo[NL80211_SURVEY_INFO_FREQUENCY]) !=
1865 if (!(scan_res->flags & WPA_SCAN_NOISE_INVALID))
1867 scan_res->noise = (s8)
1868 nla_get_u8(sinfo[NL80211_SURVEY_INFO_NOISE]);
1869 scan_res->flags &= ~WPA_SCAN_NOISE_INVALID;
1876 static int nl80211_get_noise_for_scan_results(
1877 struct wpa_driver_nl80211_data *drv,
1878 struct wpa_scan_results *scan_res)
1882 msg = nlmsg_alloc();
1886 nl80211_cmd(drv, msg, NLM_F_DUMP, NL80211_CMD_GET_SURVEY);
1888 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
1890 return send_and_recv_msgs(drv, msg, get_noise_for_scan_results,
1898 static void nl80211_cqm_event(struct wpa_driver_nl80211_data *drv,
1899 struct nlattr *tb[])
1901 static struct nla_policy cqm_policy[NL80211_ATTR_CQM_MAX + 1] = {
1902 [NL80211_ATTR_CQM_RSSI_THOLD] = { .type = NLA_U32 },
1903 [NL80211_ATTR_CQM_RSSI_HYST] = { .type = NLA_U8 },
1904 [NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT] = { .type = NLA_U32 },
1905 [NL80211_ATTR_CQM_PKT_LOSS_EVENT] = { .type = NLA_U32 },
1907 struct nlattr *cqm[NL80211_ATTR_CQM_MAX + 1];
1908 enum nl80211_cqm_rssi_threshold_event event;
1909 union wpa_event_data ed;
1910 struct wpa_signal_info sig;
1913 if (tb[NL80211_ATTR_CQM] == NULL ||
1914 nla_parse_nested(cqm, NL80211_ATTR_CQM_MAX, tb[NL80211_ATTR_CQM],
1916 wpa_printf(MSG_DEBUG, "nl80211: Ignore invalid CQM event");
1920 os_memset(&ed, 0, sizeof(ed));
1922 if (cqm[NL80211_ATTR_CQM_PKT_LOSS_EVENT]) {
1923 if (!tb[NL80211_ATTR_MAC])
1925 os_memcpy(ed.low_ack.addr, nla_data(tb[NL80211_ATTR_MAC]),
1927 wpa_supplicant_event(drv->ctx, EVENT_STATION_LOW_ACK, &ed);
1931 if (cqm[NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT] == NULL)
1933 event = nla_get_u32(cqm[NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT]);
1935 if (event == NL80211_CQM_RSSI_THRESHOLD_EVENT_HIGH) {
1936 wpa_printf(MSG_DEBUG, "nl80211: Connection quality monitor "
1937 "event: RSSI high");
1938 ed.signal_change.above_threshold = 1;
1939 } else if (event == NL80211_CQM_RSSI_THRESHOLD_EVENT_LOW) {
1940 wpa_printf(MSG_DEBUG, "nl80211: Connection quality monitor "
1942 ed.signal_change.above_threshold = 0;
1946 res = nl80211_get_link_signal(drv, &sig);
1948 ed.signal_change.current_signal = sig.current_signal;
1949 ed.signal_change.current_txrate = sig.current_txrate;
1950 wpa_printf(MSG_DEBUG, "nl80211: Signal: %d dBm txrate: %d",
1951 sig.current_signal, sig.current_txrate);
1954 res = nl80211_get_link_noise(drv, &sig);
1956 ed.signal_change.current_noise = sig.current_noise;
1957 wpa_printf(MSG_DEBUG, "nl80211: Noise: %d dBm",
1961 wpa_supplicant_event(drv->ctx, EVENT_SIGNAL_CHANGE, &ed);
1965 static void nl80211_new_station_event(struct wpa_driver_nl80211_data *drv,
1969 union wpa_event_data data;
1971 if (tb[NL80211_ATTR_MAC] == NULL)
1973 addr = nla_data(tb[NL80211_ATTR_MAC]);
1974 wpa_printf(MSG_DEBUG, "nl80211: New station " MACSTR, MAC2STR(addr));
1976 if (is_ap_interface(drv->nlmode) && drv->device_ap_sme) {
1979 if (tb[NL80211_ATTR_IE]) {
1980 ies = nla_data(tb[NL80211_ATTR_IE]);
1981 ies_len = nla_len(tb[NL80211_ATTR_IE]);
1983 wpa_hexdump(MSG_DEBUG, "nl80211: Assoc Req IEs", ies, ies_len);
1984 drv_event_assoc(drv->ctx, addr, ies, ies_len, 0);
1988 if (drv->nlmode != NL80211_IFTYPE_ADHOC)
1991 os_memset(&data, 0, sizeof(data));
1992 os_memcpy(data.ibss_rsn_start.peer, addr, ETH_ALEN);
1993 wpa_supplicant_event(drv->ctx, EVENT_IBSS_RSN_START, &data);
1997 static void nl80211_del_station_event(struct wpa_driver_nl80211_data *drv,
2001 union wpa_event_data data;
2003 if (tb[NL80211_ATTR_MAC] == NULL)
2005 addr = nla_data(tb[NL80211_ATTR_MAC]);
2006 wpa_printf(MSG_DEBUG, "nl80211: Delete station " MACSTR,
2009 if (is_ap_interface(drv->nlmode) && drv->device_ap_sme) {
2010 drv_event_disassoc(drv->ctx, addr);
2014 if (drv->nlmode != NL80211_IFTYPE_ADHOC)
2017 os_memset(&data, 0, sizeof(data));
2018 os_memcpy(data.ibss_peer_lost.peer, addr, ETH_ALEN);
2019 wpa_supplicant_event(drv->ctx, EVENT_IBSS_PEER_LOST, &data);
2023 static void nl80211_rekey_offload_event(struct wpa_driver_nl80211_data *drv,
2026 struct nlattr *rekey_info[NUM_NL80211_REKEY_DATA];
2027 static struct nla_policy rekey_policy[NUM_NL80211_REKEY_DATA] = {
2028 [NL80211_REKEY_DATA_KEK] = {
2029 .minlen = NL80211_KEK_LEN,
2030 .maxlen = NL80211_KEK_LEN,
2032 [NL80211_REKEY_DATA_KCK] = {
2033 .minlen = NL80211_KCK_LEN,
2034 .maxlen = NL80211_KCK_LEN,
2036 [NL80211_REKEY_DATA_REPLAY_CTR] = {
2037 .minlen = NL80211_REPLAY_CTR_LEN,
2038 .maxlen = NL80211_REPLAY_CTR_LEN,
2041 union wpa_event_data data;
2043 if (!tb[NL80211_ATTR_MAC])
2045 if (!tb[NL80211_ATTR_REKEY_DATA])
2047 if (nla_parse_nested(rekey_info, MAX_NL80211_REKEY_DATA,
2048 tb[NL80211_ATTR_REKEY_DATA], rekey_policy))
2050 if (!rekey_info[NL80211_REKEY_DATA_REPLAY_CTR])
2053 os_memset(&data, 0, sizeof(data));
2054 data.driver_gtk_rekey.bssid = nla_data(tb[NL80211_ATTR_MAC]);
2055 wpa_printf(MSG_DEBUG, "nl80211: Rekey offload event for BSSID " MACSTR,
2056 MAC2STR(data.driver_gtk_rekey.bssid));
2057 data.driver_gtk_rekey.replay_ctr =
2058 nla_data(rekey_info[NL80211_REKEY_DATA_REPLAY_CTR]);
2059 wpa_hexdump(MSG_DEBUG, "nl80211: Rekey offload - Replay Counter",
2060 data.driver_gtk_rekey.replay_ctr, NL80211_REPLAY_CTR_LEN);
2061 wpa_supplicant_event(drv->ctx, EVENT_DRIVER_GTK_REKEY, &data);
2065 static void nl80211_pmksa_candidate_event(struct wpa_driver_nl80211_data *drv,
2068 struct nlattr *cand[NUM_NL80211_PMKSA_CANDIDATE];
2069 static struct nla_policy cand_policy[NUM_NL80211_PMKSA_CANDIDATE] = {
2070 [NL80211_PMKSA_CANDIDATE_INDEX] = { .type = NLA_U32 },
2071 [NL80211_PMKSA_CANDIDATE_BSSID] = {
2075 [NL80211_PMKSA_CANDIDATE_PREAUTH] = { .type = NLA_FLAG },
2077 union wpa_event_data data;
2079 wpa_printf(MSG_DEBUG, "nl80211: PMKSA candidate event");
2081 if (!tb[NL80211_ATTR_PMKSA_CANDIDATE])
2083 if (nla_parse_nested(cand, MAX_NL80211_PMKSA_CANDIDATE,
2084 tb[NL80211_ATTR_PMKSA_CANDIDATE], cand_policy))
2086 if (!cand[NL80211_PMKSA_CANDIDATE_INDEX] ||
2087 !cand[NL80211_PMKSA_CANDIDATE_BSSID])
2090 os_memset(&data, 0, sizeof(data));
2091 os_memcpy(data.pmkid_candidate.bssid,
2092 nla_data(cand[NL80211_PMKSA_CANDIDATE_BSSID]), ETH_ALEN);
2093 data.pmkid_candidate.index =
2094 nla_get_u32(cand[NL80211_PMKSA_CANDIDATE_INDEX]);
2095 data.pmkid_candidate.preauth =
2096 cand[NL80211_PMKSA_CANDIDATE_PREAUTH] != NULL;
2097 wpa_supplicant_event(drv->ctx, EVENT_PMKID_CANDIDATE, &data);
2101 static void nl80211_client_probe_event(struct wpa_driver_nl80211_data *drv,
2104 union wpa_event_data data;
2106 wpa_printf(MSG_DEBUG, "nl80211: Probe client event");
2108 if (!tb[NL80211_ATTR_MAC] || !tb[NL80211_ATTR_ACK])
2111 os_memset(&data, 0, sizeof(data));
2112 os_memcpy(data.client_poll.addr,
2113 nla_data(tb[NL80211_ATTR_MAC]), ETH_ALEN);
2115 wpa_supplicant_event(drv->ctx, EVENT_DRIVER_CLIENT_POLL_OK, &data);
2119 static void nl80211_tdls_oper_event(struct wpa_driver_nl80211_data *drv,
2122 union wpa_event_data data;
2124 wpa_printf(MSG_DEBUG, "nl80211: TDLS operation event");
2126 if (!tb[NL80211_ATTR_MAC] || !tb[NL80211_ATTR_TDLS_OPERATION])
2129 os_memset(&data, 0, sizeof(data));
2130 os_memcpy(data.tdls.peer, nla_data(tb[NL80211_ATTR_MAC]), ETH_ALEN);
2131 switch (nla_get_u8(tb[NL80211_ATTR_TDLS_OPERATION])) {
2132 case NL80211_TDLS_SETUP:
2133 wpa_printf(MSG_DEBUG, "nl80211: TDLS setup request for peer "
2134 MACSTR, MAC2STR(data.tdls.peer));
2135 data.tdls.oper = TDLS_REQUEST_SETUP;
2137 case NL80211_TDLS_TEARDOWN:
2138 wpa_printf(MSG_DEBUG, "nl80211: TDLS teardown request for peer "
2139 MACSTR, MAC2STR(data.tdls.peer));
2140 data.tdls.oper = TDLS_REQUEST_TEARDOWN;
2143 wpa_printf(MSG_DEBUG, "nl80211: Unsupported TDLS operatione "
2147 if (tb[NL80211_ATTR_REASON_CODE]) {
2148 data.tdls.reason_code =
2149 nla_get_u16(tb[NL80211_ATTR_REASON_CODE]);
2152 wpa_supplicant_event(drv->ctx, EVENT_TDLS, &data);
2156 static void nl80211_connect_failed_event(struct wpa_driver_nl80211_data *drv,
2159 union wpa_event_data data;
2162 wpa_printf(MSG_DEBUG, "nl80211: Connect failed event");
2164 if (!tb[NL80211_ATTR_MAC] || !tb[NL80211_ATTR_CONN_FAILED_REASON])
2167 os_memset(&data, 0, sizeof(data));
2168 os_memcpy(data.connect_failed_reason.addr,
2169 nla_data(tb[NL80211_ATTR_MAC]), ETH_ALEN);
2171 reason = nla_get_u32(tb[NL80211_ATTR_CONN_FAILED_REASON]);
2173 case NL80211_CONN_FAIL_MAX_CLIENTS:
2174 wpa_printf(MSG_DEBUG, "nl80211: Max client reached");
2175 data.connect_failed_reason.code = MAX_CLIENT_REACHED;
2177 case NL80211_CONN_FAIL_BLOCKED_CLIENT:
2178 wpa_printf(MSG_DEBUG, "nl80211: Blocked client " MACSTR
2179 " tried to connect",
2180 MAC2STR(data.connect_failed_reason.addr));
2181 data.connect_failed_reason.code = BLOCKED_CLIENT;
2184 wpa_printf(MSG_DEBUG, "nl8021l: Unknown connect failed reason "
2189 wpa_supplicant_event(drv->ctx, EVENT_CONNECT_FAILED_REASON, &data);
2193 static void nl80211_spurious_frame(struct i802_bss *bss, struct nlattr **tb,
2196 struct wpa_driver_nl80211_data *drv = bss->drv;
2197 union wpa_event_data event;
2199 if (!tb[NL80211_ATTR_MAC])
2202 os_memset(&event, 0, sizeof(event));
2203 event.rx_from_unknown.bssid = bss->addr;
2204 event.rx_from_unknown.addr = nla_data(tb[NL80211_ATTR_MAC]);
2205 event.rx_from_unknown.wds = wds;
2207 wpa_supplicant_event(drv->ctx, EVENT_RX_FROM_UNKNOWN, &event);
2211 static void do_process_drv_event(struct i802_bss *bss, int cmd,
2214 struct wpa_driver_nl80211_data *drv = bss->drv;
2216 if (drv->ap_scan_as_station != NL80211_IFTYPE_UNSPECIFIED &&
2217 (cmd == NL80211_CMD_NEW_SCAN_RESULTS ||
2218 cmd == NL80211_CMD_SCAN_ABORTED)) {
2219 wpa_driver_nl80211_set_mode(&drv->first_bss,
2220 drv->ap_scan_as_station);
2221 drv->ap_scan_as_station = NL80211_IFTYPE_UNSPECIFIED;
2225 case NL80211_CMD_TRIGGER_SCAN:
2226 wpa_printf(MSG_DEBUG, "nl80211: Scan trigger");
2228 case NL80211_CMD_START_SCHED_SCAN:
2229 wpa_printf(MSG_DEBUG, "nl80211: Sched scan started");
2231 case NL80211_CMD_SCHED_SCAN_STOPPED:
2232 wpa_printf(MSG_DEBUG, "nl80211: Sched scan stopped");
2233 wpa_supplicant_event(drv->ctx, EVENT_SCHED_SCAN_STOPPED, NULL);
2235 case NL80211_CMD_NEW_SCAN_RESULTS:
2236 wpa_printf(MSG_DEBUG, "nl80211: New scan results available");
2237 drv->scan_complete_events = 1;
2238 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv,
2240 send_scan_event(drv, 0, tb);
2242 case NL80211_CMD_SCHED_SCAN_RESULTS:
2243 wpa_printf(MSG_DEBUG,
2244 "nl80211: New sched scan results available");
2245 send_scan_event(drv, 0, tb);
2247 case NL80211_CMD_SCAN_ABORTED:
2248 wpa_printf(MSG_DEBUG, "nl80211: Scan aborted");
2250 * Need to indicate that scan results are available in order
2251 * not to make wpa_supplicant stop its scanning.
2253 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv,
2255 send_scan_event(drv, 1, tb);
2257 case NL80211_CMD_AUTHENTICATE:
2258 case NL80211_CMD_ASSOCIATE:
2259 case NL80211_CMD_DEAUTHENTICATE:
2260 case NL80211_CMD_DISASSOCIATE:
2261 case NL80211_CMD_FRAME_TX_STATUS:
2262 case NL80211_CMD_UNPROT_DEAUTHENTICATE:
2263 case NL80211_CMD_UNPROT_DISASSOCIATE:
2264 mlme_event(drv, cmd, tb[NL80211_ATTR_FRAME],
2265 tb[NL80211_ATTR_MAC], tb[NL80211_ATTR_TIMED_OUT],
2266 tb[NL80211_ATTR_WIPHY_FREQ], tb[NL80211_ATTR_ACK],
2267 tb[NL80211_ATTR_COOKIE],
2268 tb[NL80211_ATTR_RX_SIGNAL_DBM]);
2270 case NL80211_CMD_CONNECT:
2271 case NL80211_CMD_ROAM:
2272 mlme_event_connect(drv, cmd,
2273 tb[NL80211_ATTR_STATUS_CODE],
2274 tb[NL80211_ATTR_MAC],
2275 tb[NL80211_ATTR_REQ_IE],
2276 tb[NL80211_ATTR_RESP_IE]);
2278 case NL80211_CMD_CH_SWITCH_NOTIFY:
2279 mlme_event_ch_switch(drv, tb[NL80211_ATTR_WIPHY_FREQ],
2280 tb[NL80211_ATTR_WIPHY_CHANNEL_TYPE]);
2282 case NL80211_CMD_DISCONNECT:
2283 mlme_event_disconnect(drv, tb[NL80211_ATTR_REASON_CODE],
2284 tb[NL80211_ATTR_MAC],
2285 tb[NL80211_ATTR_DISCONNECTED_BY_AP]);
2287 case NL80211_CMD_MICHAEL_MIC_FAILURE:
2288 mlme_event_michael_mic_failure(bss, tb);
2290 case NL80211_CMD_JOIN_IBSS:
2291 mlme_event_join_ibss(drv, tb);
2293 case NL80211_CMD_REMAIN_ON_CHANNEL:
2294 mlme_event_remain_on_channel(drv, 0, tb);
2296 case NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL:
2297 mlme_event_remain_on_channel(drv, 1, tb);
2299 case NL80211_CMD_NOTIFY_CQM:
2300 nl80211_cqm_event(drv, tb);
2302 case NL80211_CMD_REG_CHANGE:
2303 wpa_printf(MSG_DEBUG, "nl80211: Regulatory domain change");
2304 wpa_supplicant_event(drv->ctx, EVENT_CHANNEL_LIST_CHANGED,
2307 case NL80211_CMD_REG_BEACON_HINT:
2308 wpa_printf(MSG_DEBUG, "nl80211: Regulatory beacon hint");
2309 wpa_supplicant_event(drv->ctx, EVENT_CHANNEL_LIST_CHANGED,
2312 case NL80211_CMD_NEW_STATION:
2313 nl80211_new_station_event(drv, tb);
2315 case NL80211_CMD_DEL_STATION:
2316 nl80211_del_station_event(drv, tb);
2318 case NL80211_CMD_SET_REKEY_OFFLOAD:
2319 nl80211_rekey_offload_event(drv, tb);
2321 case NL80211_CMD_PMKSA_CANDIDATE:
2322 nl80211_pmksa_candidate_event(drv, tb);
2324 case NL80211_CMD_PROBE_CLIENT:
2325 nl80211_client_probe_event(drv, tb);
2327 case NL80211_CMD_TDLS_OPER:
2328 nl80211_tdls_oper_event(drv, tb);
2330 case NL80211_CMD_CONN_FAILED:
2331 nl80211_connect_failed_event(drv, tb);
2334 wpa_printf(MSG_DEBUG, "nl80211: Ignored unknown event "
2341 static int process_drv_event(struct nl_msg *msg, void *arg)
2343 struct wpa_driver_nl80211_data *drv = arg;
2344 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
2345 struct nlattr *tb[NL80211_ATTR_MAX + 1];
2346 struct i802_bss *bss;
2349 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
2350 genlmsg_attrlen(gnlh, 0), NULL);
2352 if (tb[NL80211_ATTR_IFINDEX])
2353 ifidx = nla_get_u32(tb[NL80211_ATTR_IFINDEX]);
2355 for (bss = &drv->first_bss; bss; bss = bss->next) {
2356 if (ifidx == -1 || ifidx == bss->ifindex) {
2357 do_process_drv_event(bss, gnlh->cmd, tb);
2362 wpa_printf(MSG_DEBUG, "nl80211: Ignored event (cmd=%d) for foreign "
2363 "interface (ifindex %d)", gnlh->cmd, ifidx);
2369 static int process_global_event(struct nl_msg *msg, void *arg)
2371 struct nl80211_global *global = arg;
2372 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
2373 struct nlattr *tb[NL80211_ATTR_MAX + 1];
2374 struct wpa_driver_nl80211_data *drv, *tmp;
2376 struct i802_bss *bss;
2378 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
2379 genlmsg_attrlen(gnlh, 0), NULL);
2381 if (tb[NL80211_ATTR_IFINDEX])
2382 ifidx = nla_get_u32(tb[NL80211_ATTR_IFINDEX]);
2384 dl_list_for_each_safe(drv, tmp, &global->interfaces,
2385 struct wpa_driver_nl80211_data, list) {
2386 for (bss = &drv->first_bss; bss; bss = bss->next) {
2387 if (ifidx == -1 || ifidx == bss->ifindex) {
2388 do_process_drv_event(bss, gnlh->cmd, tb);
2398 static int process_bss_event(struct nl_msg *msg, void *arg)
2400 struct i802_bss *bss = arg;
2401 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
2402 struct nlattr *tb[NL80211_ATTR_MAX + 1];
2404 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
2405 genlmsg_attrlen(gnlh, 0), NULL);
2407 switch (gnlh->cmd) {
2408 case NL80211_CMD_FRAME:
2409 case NL80211_CMD_FRAME_TX_STATUS:
2410 mlme_event(bss->drv, gnlh->cmd, tb[NL80211_ATTR_FRAME],
2411 tb[NL80211_ATTR_MAC], tb[NL80211_ATTR_TIMED_OUT],
2412 tb[NL80211_ATTR_WIPHY_FREQ], tb[NL80211_ATTR_ACK],
2413 tb[NL80211_ATTR_COOKIE],
2414 tb[NL80211_ATTR_RX_SIGNAL_DBM]);
2416 case NL80211_CMD_UNEXPECTED_FRAME:
2417 nl80211_spurious_frame(bss, tb, 0);
2419 case NL80211_CMD_UNEXPECTED_4ADDR_FRAME:
2420 nl80211_spurious_frame(bss, tb, 1);
2423 wpa_printf(MSG_DEBUG, "nl80211: Ignored unknown event "
2424 "(cmd=%d)", gnlh->cmd);
2432 static void wpa_driver_nl80211_event_receive(int sock, void *eloop_ctx,
2435 struct nl_cb *cb = eloop_ctx;
2437 wpa_printf(MSG_DEBUG, "nl80211: Event message available");
2439 nl_recvmsgs(handle, cb);
2444 * wpa_driver_nl80211_set_country - ask nl80211 to set the regulatory domain
2445 * @priv: driver_nl80211 private data
2446 * @alpha2_arg: country to which to switch to
2447 * Returns: 0 on success, -1 on failure
2449 * This asks nl80211 to set the regulatory domain for given
2450 * country ISO / IEC alpha2.
2452 static int wpa_driver_nl80211_set_country(void *priv, const char *alpha2_arg)
2454 struct i802_bss *bss = priv;
2455 struct wpa_driver_nl80211_data *drv = bss->drv;
2459 msg = nlmsg_alloc();
2463 alpha2[0] = alpha2_arg[0];
2464 alpha2[1] = alpha2_arg[1];
2467 nl80211_cmd(drv, msg, 0, NL80211_CMD_REQ_SET_REG);
2469 NLA_PUT_STRING(msg, NL80211_ATTR_REG_ALPHA2, alpha2);
2470 if (send_and_recv_msgs(drv, msg, NULL, NULL))
2479 struct wiphy_info_data {
2480 struct wpa_driver_capa *capa;
2482 unsigned int error:1;
2483 unsigned int device_ap_sme:1;
2484 unsigned int poll_command_supported:1;
2485 unsigned int data_tx_status:1;
2486 unsigned int monitor_supported:1;
2490 static unsigned int probe_resp_offload_support(int supp_protocols)
2492 unsigned int prot = 0;
2494 if (supp_protocols & NL80211_PROBE_RESP_OFFLOAD_SUPPORT_WPS)
2495 prot |= WPA_DRIVER_PROBE_RESP_OFFLOAD_WPS;
2496 if (supp_protocols & NL80211_PROBE_RESP_OFFLOAD_SUPPORT_WPS2)
2497 prot |= WPA_DRIVER_PROBE_RESP_OFFLOAD_WPS2;
2498 if (supp_protocols & NL80211_PROBE_RESP_OFFLOAD_SUPPORT_P2P)
2499 prot |= WPA_DRIVER_PROBE_RESP_OFFLOAD_P2P;
2500 if (supp_protocols & NL80211_PROBE_RESP_OFFLOAD_SUPPORT_80211U)
2501 prot |= WPA_DRIVER_PROBE_RESP_OFFLOAD_INTERWORKING;
2507 static int wiphy_info_handler(struct nl_msg *msg, void *arg)
2509 struct nlattr *tb[NL80211_ATTR_MAX + 1];
2510 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
2511 struct wiphy_info_data *info = arg;
2512 int p2p_go_supported = 0, p2p_client_supported = 0;
2513 int p2p_concurrent = 0, p2p_multichan_concurrent = 0;
2514 int auth_supported = 0, connect_supported = 0;
2515 struct wpa_driver_capa *capa = info->capa;
2516 static struct nla_policy
2517 iface_combination_policy[NUM_NL80211_IFACE_COMB] = {
2518 [NL80211_IFACE_COMB_LIMITS] = { .type = NLA_NESTED },
2519 [NL80211_IFACE_COMB_MAXNUM] = { .type = NLA_U32 },
2520 [NL80211_IFACE_COMB_STA_AP_BI_MATCH] = { .type = NLA_FLAG },
2521 [NL80211_IFACE_COMB_NUM_CHANNELS] = { .type = NLA_U32 },
2523 iface_limit_policy[NUM_NL80211_IFACE_LIMIT] = {
2524 [NL80211_IFACE_LIMIT_TYPES] = { .type = NLA_NESTED },
2525 [NL80211_IFACE_LIMIT_MAX] = { .type = NLA_U32 },
2528 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
2529 genlmsg_attrlen(gnlh, 0), NULL);
2531 if (tb[NL80211_ATTR_MAX_NUM_SCAN_SSIDS])
2532 capa->max_scan_ssids =
2533 nla_get_u8(tb[NL80211_ATTR_MAX_NUM_SCAN_SSIDS]);
2535 if (tb[NL80211_ATTR_MAX_NUM_SCHED_SCAN_SSIDS])
2536 capa->max_sched_scan_ssids =
2537 nla_get_u8(tb[NL80211_ATTR_MAX_NUM_SCHED_SCAN_SSIDS]);
2539 if (tb[NL80211_ATTR_MAX_MATCH_SETS])
2540 capa->max_match_sets =
2541 nla_get_u8(tb[NL80211_ATTR_MAX_MATCH_SETS]);
2543 if (tb[NL80211_ATTR_SUPPORTED_IFTYPES]) {
2544 struct nlattr *nl_mode;
2546 nla_for_each_nested(nl_mode,
2547 tb[NL80211_ATTR_SUPPORTED_IFTYPES], i) {
2548 switch (nla_type(nl_mode)) {
2549 case NL80211_IFTYPE_AP:
2550 capa->flags |= WPA_DRIVER_FLAGS_AP;
2552 case NL80211_IFTYPE_P2P_GO:
2553 p2p_go_supported = 1;
2555 case NL80211_IFTYPE_P2P_CLIENT:
2556 p2p_client_supported = 1;
2558 case NL80211_IFTYPE_MONITOR:
2559 info->monitor_supported = 1;
2565 if (tb[NL80211_ATTR_INTERFACE_COMBINATIONS]) {
2566 struct nlattr *nl_combi;
2569 nla_for_each_nested(nl_combi,
2570 tb[NL80211_ATTR_INTERFACE_COMBINATIONS],
2572 struct nlattr *tb_comb[NUM_NL80211_IFACE_COMB];
2573 struct nlattr *tb_limit[NUM_NL80211_IFACE_LIMIT];
2574 struct nlattr *nl_limit, *nl_mode;
2575 int err, rem_limit, rem_mode;
2576 int combination_has_p2p = 0, combination_has_mgd = 0;
2578 err = nla_parse_nested(tb_comb, MAX_NL80211_IFACE_COMB,
2580 iface_combination_policy);
2581 if (err || !tb_comb[NL80211_IFACE_COMB_LIMITS] ||
2582 !tb_comb[NL80211_IFACE_COMB_MAXNUM] ||
2583 !tb_comb[NL80211_IFACE_COMB_NUM_CHANNELS])
2584 goto broken_combination;
2586 nla_for_each_nested(nl_limit,
2587 tb_comb[NL80211_IFACE_COMB_LIMITS],
2589 err = nla_parse_nested(tb_limit,
2590 MAX_NL80211_IFACE_LIMIT,
2592 iface_limit_policy);
2594 !tb_limit[NL80211_IFACE_LIMIT_TYPES])
2595 goto broken_combination;
2597 nla_for_each_nested(
2599 tb_limit[NL80211_IFACE_LIMIT_TYPES],
2601 int ift = nla_type(nl_mode);
2602 if (ift == NL80211_IFTYPE_P2P_GO ||
2603 ift == NL80211_IFTYPE_P2P_CLIENT)
2604 combination_has_p2p = 1;
2605 if (ift == NL80211_IFTYPE_STATION)
2606 combination_has_mgd = 1;
2608 if (combination_has_p2p && combination_has_mgd)
2612 if (combination_has_p2p && combination_has_mgd) {
2614 if (nla_get_u32(tb_comb[NL80211_IFACE_COMB_NUM_CHANNELS]) > 1)
2615 p2p_multichan_concurrent = 1;
2624 if (tb[NL80211_ATTR_SUPPORTED_COMMANDS]) {
2625 struct nlattr *nl_cmd;
2628 nla_for_each_nested(nl_cmd,
2629 tb[NL80211_ATTR_SUPPORTED_COMMANDS], i) {
2630 switch (nla_get_u32(nl_cmd)) {
2631 case NL80211_CMD_AUTHENTICATE:
2634 case NL80211_CMD_CONNECT:
2635 connect_supported = 1;
2637 case NL80211_CMD_START_SCHED_SCAN:
2638 capa->sched_scan_supported = 1;
2640 case NL80211_CMD_PROBE_CLIENT:
2641 info->poll_command_supported = 1;
2647 if (tb[NL80211_ATTR_OFFCHANNEL_TX_OK]) {
2648 wpa_printf(MSG_DEBUG, "nl80211: Using driver-based "
2650 capa->flags |= WPA_DRIVER_FLAGS_OFFCHANNEL_TX;
2653 if (tb[NL80211_ATTR_ROAM_SUPPORT]) {
2654 wpa_printf(MSG_DEBUG, "nl80211: Using driver-based roaming");
2655 capa->flags |= WPA_DRIVER_FLAGS_BSS_SELECTION;
2658 /* default to 5000 since early versions of mac80211 don't set it */
2659 capa->max_remain_on_chan = 5000;
2661 if (tb[NL80211_ATTR_SUPPORT_AP_UAPSD])
2662 capa->flags |= WPA_DRIVER_FLAGS_AP_UAPSD;
2664 if (tb[NL80211_ATTR_MAX_REMAIN_ON_CHANNEL_DURATION])
2665 capa->max_remain_on_chan =
2666 nla_get_u32(tb[NL80211_ATTR_MAX_REMAIN_ON_CHANNEL_DURATION]);
2669 capa->flags |= WPA_DRIVER_FLAGS_SME;
2670 else if (!connect_supported) {
2671 wpa_printf(MSG_INFO, "nl80211: Driver does not support "
2672 "authentication/association or connect commands");
2676 if (p2p_go_supported && p2p_client_supported)
2677 capa->flags |= WPA_DRIVER_FLAGS_P2P_CAPABLE;
2678 if (p2p_concurrent) {
2679 wpa_printf(MSG_DEBUG, "nl80211: Use separate P2P group "
2680 "interface (driver advertised support)");
2681 capa->flags |= WPA_DRIVER_FLAGS_P2P_CONCURRENT;
2682 capa->flags |= WPA_DRIVER_FLAGS_P2P_MGMT_AND_NON_P2P;
2684 if (p2p_multichan_concurrent) {
2685 wpa_printf(MSG_DEBUG, "nl80211: Enable multi-channel "
2686 "concurrent (driver advertised support)");
2688 WPA_DRIVER_FLAGS_MULTI_CHANNEL_CONCURRENT;
2692 if (tb[NL80211_ATTR_TDLS_SUPPORT]) {
2693 wpa_printf(MSG_DEBUG, "nl80211: TDLS supported");
2694 capa->flags |= WPA_DRIVER_FLAGS_TDLS_SUPPORT;
2696 if (tb[NL80211_ATTR_TDLS_EXTERNAL_SETUP]) {
2697 wpa_printf(MSG_DEBUG, "nl80211: TDLS external setup");
2699 WPA_DRIVER_FLAGS_TDLS_EXTERNAL_SETUP;
2703 if (tb[NL80211_ATTR_DEVICE_AP_SME])
2704 info->device_ap_sme = 1;
2706 if (tb[NL80211_ATTR_FEATURE_FLAGS]) {
2707 u32 flags = nla_get_u32(tb[NL80211_ATTR_FEATURE_FLAGS]);
2709 if (flags & NL80211_FEATURE_SK_TX_STATUS)
2710 info->data_tx_status = 1;
2712 if (flags & NL80211_FEATURE_INACTIVITY_TIMER)
2713 capa->flags |= WPA_DRIVER_FLAGS_INACTIVITY_TIMER;
2715 if (flags & NL80211_FEATURE_SAE)
2716 capa->flags |= WPA_DRIVER_FLAGS_SAE;
2718 if (flags & NL80211_FEATURE_NEED_OBSS_SCAN)
2719 capa->flags |= WPA_DRIVER_FLAGS_OBSS_SCAN;
2722 if (tb[NL80211_ATTR_PROBE_RESP_OFFLOAD]) {
2724 nla_get_u32(tb[NL80211_ATTR_PROBE_RESP_OFFLOAD]);
2725 wpa_printf(MSG_DEBUG, "nl80211: Supports Probe Response "
2726 "offload in AP mode");
2727 capa->flags |= WPA_DRIVER_FLAGS_PROBE_RESP_OFFLOAD;
2728 capa->probe_resp_offloads =
2729 probe_resp_offload_support(protocols);
2736 static int wpa_driver_nl80211_get_info(struct wpa_driver_nl80211_data *drv,
2737 struct wiphy_info_data *info)
2741 os_memset(info, 0, sizeof(*info));
2742 info->capa = &drv->capa;
2744 msg = nlmsg_alloc();
2748 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_WIPHY);
2750 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->first_bss.ifindex);
2752 if (send_and_recv_msgs(drv, msg, wiphy_info_handler, info) == 0)
2761 static int wpa_driver_nl80211_capa(struct wpa_driver_nl80211_data *drv)
2763 struct wiphy_info_data info;
2764 if (wpa_driver_nl80211_get_info(drv, &info))
2770 drv->has_capability = 1;
2771 /* For now, assume TKIP, CCMP, WPA, WPA2 are supported */
2772 drv->capa.key_mgmt = WPA_DRIVER_CAPA_KEY_MGMT_WPA |
2773 WPA_DRIVER_CAPA_KEY_MGMT_WPA_PSK |
2774 WPA_DRIVER_CAPA_KEY_MGMT_WPA2 |
2775 WPA_DRIVER_CAPA_KEY_MGMT_WPA2_PSK;
2776 drv->capa.enc = WPA_DRIVER_CAPA_ENC_WEP40 |
2777 WPA_DRIVER_CAPA_ENC_WEP104 |
2778 WPA_DRIVER_CAPA_ENC_TKIP |
2779 WPA_DRIVER_CAPA_ENC_CCMP;
2780 drv->capa.auth = WPA_DRIVER_AUTH_OPEN |
2781 WPA_DRIVER_AUTH_SHARED |
2782 WPA_DRIVER_AUTH_LEAP;
2784 drv->capa.flags |= WPA_DRIVER_FLAGS_SANE_ERROR_CODES;
2785 drv->capa.flags |= WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC_DONE;
2786 drv->capa.flags |= WPA_DRIVER_FLAGS_EAPOL_TX_STATUS;
2788 if (!info.device_ap_sme) {
2789 drv->capa.flags |= WPA_DRIVER_FLAGS_DEAUTH_TX_STATUS;
2792 * No AP SME is currently assumed to also indicate no AP MLME
2793 * in the driver/firmware.
2795 drv->capa.flags |= WPA_DRIVER_FLAGS_AP_MLME;
2798 drv->device_ap_sme = info.device_ap_sme;
2799 drv->poll_command_supported = info.poll_command_supported;
2800 drv->data_tx_status = info.data_tx_status;
2803 * If poll command and tx status are supported, mac80211 is new enough
2804 * to have everything we need to not need monitor interfaces.
2806 drv->use_monitor = !info.poll_command_supported || !info.data_tx_status;
2808 if (drv->device_ap_sme && drv->use_monitor) {
2810 * Non-mac80211 drivers may not support monitor interface.
2811 * Make sure we do not get stuck with incorrect capability here
2812 * by explicitly testing this.
2814 if (!info.monitor_supported) {
2815 wpa_printf(MSG_DEBUG, "nl80211: Disable use_monitor "
2816 "with device_ap_sme since no monitor mode "
2817 "support detected");
2818 drv->use_monitor = 0;
2823 * If we aren't going to use monitor interfaces, but the
2824 * driver doesn't support data TX status, we won't get TX
2825 * status for EAPOL frames.
2827 if (!drv->use_monitor && !info.data_tx_status)
2828 drv->capa.flags &= ~WPA_DRIVER_FLAGS_EAPOL_TX_STATUS;
2835 static int android_genl_ctrl_resolve(struct nl_handle *handle,
2839 * Android ICS has very minimal genl_ctrl_resolve() implementation, so
2840 * need to work around that.
2842 struct nl_cache *cache = NULL;
2843 struct genl_family *nl80211 = NULL;
2846 if (genl_ctrl_alloc_cache(handle, &cache) < 0) {
2847 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate generic "
2852 nl80211 = genl_ctrl_search_by_name(cache, name);
2853 if (nl80211 == NULL)
2856 id = genl_family_get_id(nl80211);
2860 genl_family_put(nl80211);
2862 nl_cache_free(cache);
2866 #define genl_ctrl_resolve android_genl_ctrl_resolve
2867 #endif /* ANDROID */
2870 static int wpa_driver_nl80211_init_nl_global(struct nl80211_global *global)
2874 global->nl_cb = nl_cb_alloc(NL_CB_DEFAULT);
2875 if (global->nl_cb == NULL) {
2876 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate netlink "
2881 global->nl = nl_create_handle(global->nl_cb, "nl");
2882 if (global->nl == NULL)
2885 global->nl80211_id = genl_ctrl_resolve(global->nl, "nl80211");
2886 if (global->nl80211_id < 0) {
2887 wpa_printf(MSG_ERROR, "nl80211: 'nl80211' generic netlink not "
2892 global->nl_event = nl_create_handle(global->nl_cb, "event");
2893 if (global->nl_event == NULL)
2896 ret = nl_get_multicast_id(global, "nl80211", "scan");
2898 ret = nl_socket_add_membership(global->nl_event, ret);
2900 wpa_printf(MSG_ERROR, "nl80211: Could not add multicast "
2901 "membership for scan events: %d (%s)",
2902 ret, strerror(-ret));
2906 ret = nl_get_multicast_id(global, "nl80211", "mlme");
2908 ret = nl_socket_add_membership(global->nl_event, ret);
2910 wpa_printf(MSG_ERROR, "nl80211: Could not add multicast "
2911 "membership for mlme events: %d (%s)",
2912 ret, strerror(-ret));
2916 ret = nl_get_multicast_id(global, "nl80211", "regulatory");
2918 ret = nl_socket_add_membership(global->nl_event, ret);
2920 wpa_printf(MSG_DEBUG, "nl80211: Could not add multicast "
2921 "membership for regulatory events: %d (%s)",
2922 ret, strerror(-ret));
2923 /* Continue without regulatory events */
2926 nl_cb_set(global->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM,
2927 no_seq_check, NULL);
2928 nl_cb_set(global->nl_cb, NL_CB_VALID, NL_CB_CUSTOM,
2929 process_global_event, global);
2931 eloop_register_read_sock(nl_socket_get_fd(global->nl_event),
2932 wpa_driver_nl80211_event_receive,
2933 global->nl_cb, global->nl_event);
2938 nl_destroy_handles(&global->nl_event);
2939 nl_destroy_handles(&global->nl);
2940 nl_cb_put(global->nl_cb);
2941 global->nl_cb = NULL;
2946 static int wpa_driver_nl80211_init_nl(struct wpa_driver_nl80211_data *drv)
2948 drv->nl_cb = nl_cb_alloc(NL_CB_DEFAULT);
2950 wpa_printf(MSG_ERROR, "nl80211: Failed to alloc cb struct");
2954 nl_cb_set(drv->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM,
2955 no_seq_check, NULL);
2956 nl_cb_set(drv->nl_cb, NL_CB_VALID, NL_CB_CUSTOM,
2957 process_drv_event, drv);
2963 static void wpa_driver_nl80211_rfkill_blocked(void *ctx)
2965 wpa_printf(MSG_DEBUG, "nl80211: RFKILL blocked");
2967 * This may be for any interface; use ifdown event to disable
2973 static void wpa_driver_nl80211_rfkill_unblocked(void *ctx)
2975 struct wpa_driver_nl80211_data *drv = ctx;
2976 wpa_printf(MSG_DEBUG, "nl80211: RFKILL unblocked");
2977 if (linux_set_iface_flags(drv->global->ioctl_sock,
2978 drv->first_bss.ifname, 1)) {
2979 wpa_printf(MSG_DEBUG, "nl80211: Could not set interface UP "
2980 "after rfkill unblock");
2983 /* rtnetlink ifup handler will report interface as enabled */
2987 static void nl80211_get_phy_name(struct wpa_driver_nl80211_data *drv)
2989 /* Find phy (radio) to which this interface belongs */
2993 drv->phyname[0] = '\0';
2994 snprintf(buf, sizeof(buf) - 1, "/sys/class/net/%s/phy80211/name",
2995 drv->first_bss.ifname);
2996 f = open(buf, O_RDONLY);
2998 wpa_printf(MSG_DEBUG, "Could not open file %s: %s",
2999 buf, strerror(errno));
3003 rv = read(f, drv->phyname, sizeof(drv->phyname) - 1);
3006 wpa_printf(MSG_DEBUG, "Could not read file %s: %s",
3007 buf, strerror(errno));
3011 drv->phyname[rv] = '\0';
3012 pos = os_strchr(drv->phyname, '\n');
3015 wpa_printf(MSG_DEBUG, "nl80211: interface %s in phy %s",
3016 drv->first_bss.ifname, drv->phyname);
3020 static void wpa_driver_nl80211_handle_eapol_tx_status(int sock,
3024 struct wpa_driver_nl80211_data *drv = eloop_ctx;
3029 struct cmsghdr *cmsg;
3030 int res, found_ee = 0, found_wifi = 0, acked = 0;
3031 union wpa_event_data event;
3033 memset(&msg, 0, sizeof(msg));
3034 msg.msg_iov = &entry;
3036 entry.iov_base = data;
3037 entry.iov_len = sizeof(data);
3038 msg.msg_control = &control;
3039 msg.msg_controllen = sizeof(control);
3041 res = recvmsg(sock, &msg, MSG_ERRQUEUE);
3042 /* if error or not fitting 802.3 header, return */
3046 for (cmsg = CMSG_FIRSTHDR(&msg); cmsg; cmsg = CMSG_NXTHDR(&msg, cmsg))
3048 if (cmsg->cmsg_level == SOL_SOCKET &&
3049 cmsg->cmsg_type == SCM_WIFI_STATUS) {
3053 ack = (void *)CMSG_DATA(cmsg);
3057 if (cmsg->cmsg_level == SOL_PACKET &&
3058 cmsg->cmsg_type == PACKET_TX_TIMESTAMP) {
3059 struct sock_extended_err *err =
3060 (struct sock_extended_err *)CMSG_DATA(cmsg);
3062 if (err->ee_origin == SO_EE_ORIGIN_TXSTATUS)
3067 if (!found_ee || !found_wifi)
3070 memset(&event, 0, sizeof(event));
3071 event.eapol_tx_status.dst = data;
3072 event.eapol_tx_status.data = data + 14;
3073 event.eapol_tx_status.data_len = res - 14;
3074 event.eapol_tx_status.ack = acked;
3075 wpa_supplicant_event(drv->ctx, EVENT_EAPOL_TX_STATUS, &event);
3079 static int nl80211_init_bss(struct i802_bss *bss)
3081 bss->nl_cb = nl_cb_alloc(NL_CB_DEFAULT);
3085 nl_cb_set(bss->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM,
3086 no_seq_check, NULL);
3087 nl_cb_set(bss->nl_cb, NL_CB_VALID, NL_CB_CUSTOM,
3088 process_bss_event, bss);
3094 static void nl80211_destroy_bss(struct i802_bss *bss)
3096 nl_cb_put(bss->nl_cb);
3102 * wpa_driver_nl80211_init - Initialize nl80211 driver interface
3103 * @ctx: context to be used when calling wpa_supplicant functions,
3104 * e.g., wpa_supplicant_event()
3105 * @ifname: interface name, e.g., wlan0
3106 * @global_priv: private driver global data from global_init()
3107 * Returns: Pointer to private data, %NULL on failure
3109 static void * wpa_driver_nl80211_init(void *ctx, const char *ifname,
3112 struct wpa_driver_nl80211_data *drv;
3113 struct rfkill_config *rcfg;
3114 struct i802_bss *bss;
3116 if (global_priv == NULL)
3118 drv = os_zalloc(sizeof(*drv));
3121 drv->global = global_priv;
3123 bss = &drv->first_bss;
3127 os_strlcpy(bss->ifname, ifname, sizeof(bss->ifname));
3128 drv->monitor_ifidx = -1;
3129 drv->monitor_sock = -1;
3130 drv->eapol_tx_sock = -1;
3131 drv->ap_scan_as_station = NL80211_IFTYPE_UNSPECIFIED;
3133 if (wpa_driver_nl80211_init_nl(drv)) {
3138 if (nl80211_init_bss(bss))
3141 nl80211_get_phy_name(drv);
3143 rcfg = os_zalloc(sizeof(*rcfg));
3147 os_strlcpy(rcfg->ifname, ifname, sizeof(rcfg->ifname));
3148 rcfg->blocked_cb = wpa_driver_nl80211_rfkill_blocked;
3149 rcfg->unblocked_cb = wpa_driver_nl80211_rfkill_unblocked;
3150 drv->rfkill = rfkill_init(rcfg);
3151 if (drv->rfkill == NULL) {
3152 wpa_printf(MSG_DEBUG, "nl80211: RFKILL status not available");
3156 if (wpa_driver_nl80211_finish_drv_init(drv))
3159 drv->eapol_tx_sock = socket(PF_PACKET, SOCK_DGRAM, 0);
3160 if (drv->eapol_tx_sock < 0)
3163 if (drv->data_tx_status) {
3166 if (setsockopt(drv->eapol_tx_sock, SOL_SOCKET, SO_WIFI_STATUS,
3167 &enabled, sizeof(enabled)) < 0) {
3168 wpa_printf(MSG_DEBUG,
3169 "nl80211: wifi status sockopt failed\n");
3170 drv->data_tx_status = 0;
3171 if (!drv->use_monitor)
3173 ~WPA_DRIVER_FLAGS_EAPOL_TX_STATUS;
3175 eloop_register_read_sock(drv->eapol_tx_sock,
3176 wpa_driver_nl80211_handle_eapol_tx_status,
3182 dl_list_add(&drv->global->interfaces, &drv->list);
3183 drv->in_interface_list = 1;
3189 wpa_driver_nl80211_deinit(bss);
3194 static int nl80211_register_frame(struct i802_bss *bss,
3195 struct nl_handle *nl_handle,
3196 u16 type, const u8 *match, size_t match_len)
3198 struct wpa_driver_nl80211_data *drv = bss->drv;
3202 msg = nlmsg_alloc();
3206 wpa_printf(MSG_DEBUG, "nl80211: Register frame type=0x%x nl_handle=%p",
3208 wpa_hexdump(MSG_DEBUG, "nl80211: Register frame match",
3211 nl80211_cmd(drv, msg, 0, NL80211_CMD_REGISTER_ACTION);
3213 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, bss->ifindex);
3214 NLA_PUT_U16(msg, NL80211_ATTR_FRAME_TYPE, type);
3215 NLA_PUT(msg, NL80211_ATTR_FRAME_MATCH, match_len, match);
3217 ret = send_and_recv(drv->global, nl_handle, msg, NULL, NULL);
3220 wpa_printf(MSG_DEBUG, "nl80211: Register frame command "
3221 "failed (type=%u): ret=%d (%s)",
3222 type, ret, strerror(-ret));
3223 wpa_hexdump(MSG_DEBUG, "nl80211: Register frame match",
3225 goto nla_put_failure;
3234 static int nl80211_alloc_mgmt_handle(struct i802_bss *bss)
3236 struct wpa_driver_nl80211_data *drv = bss->drv;
3239 wpa_printf(MSG_DEBUG, "nl80211: Mgmt reporting "
3240 "already on! (nl_mgmt=%p)", bss->nl_mgmt);
3244 bss->nl_mgmt = nl_create_handle(drv->nl_cb, "mgmt");
3245 if (bss->nl_mgmt == NULL)
3248 eloop_register_read_sock(nl_socket_get_fd(bss->nl_mgmt),
3249 wpa_driver_nl80211_event_receive, bss->nl_cb,
3256 static int nl80211_register_action_frame(struct i802_bss *bss,
3257 const u8 *match, size_t match_len)
3259 u16 type = (WLAN_FC_TYPE_MGMT << 2) | (WLAN_FC_STYPE_ACTION << 4);
3260 return nl80211_register_frame(bss, bss->nl_mgmt,
3261 type, match, match_len);
3265 static int nl80211_mgmt_subscribe_non_ap(struct i802_bss *bss)
3267 struct wpa_driver_nl80211_data *drv = bss->drv;
3269 if (nl80211_alloc_mgmt_handle(bss))
3271 wpa_printf(MSG_DEBUG, "nl80211: Subscribe to mgmt frames with non-AP "
3272 "handle %p", bss->nl_mgmt);
3274 #if defined(CONFIG_P2P) || defined(CONFIG_INTERWORKING)
3275 /* GAS Initial Request */
3276 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0a", 2) < 0)
3278 /* GAS Initial Response */
3279 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0b", 2) < 0)
3281 /* GAS Comeback Request */
3282 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0c", 2) < 0)
3284 /* GAS Comeback Response */
3285 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0d", 2) < 0)
3287 #endif /* CONFIG_P2P || CONFIG_INTERWORKING */
3289 /* P2P Public Action */
3290 if (nl80211_register_action_frame(bss,
3291 (u8 *) "\x04\x09\x50\x6f\x9a\x09",
3295 if (nl80211_register_action_frame(bss,
3296 (u8 *) "\x7f\x50\x6f\x9a\x09",
3299 #endif /* CONFIG_P2P */
3300 #ifdef CONFIG_IEEE80211W
3301 /* SA Query Response */
3302 if (nl80211_register_action_frame(bss, (u8 *) "\x08\x01", 2) < 0)
3304 #endif /* CONFIG_IEEE80211W */
3306 if ((drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT)) {
3307 /* TDLS Discovery Response */
3308 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0e", 2) <
3312 #endif /* CONFIG_TDLS */
3314 /* FT Action frames */
3315 if (nl80211_register_action_frame(bss, (u8 *) "\x06", 1) < 0)
3318 drv->capa.key_mgmt |= WPA_DRIVER_CAPA_KEY_MGMT_FT |
3319 WPA_DRIVER_CAPA_KEY_MGMT_FT_PSK;
3321 /* WNM - BSS Transition Management Request */
3322 if (nl80211_register_action_frame(bss, (u8 *) "\x0a\x07", 2) < 0)
3324 /* WNM-Sleep Mode Response */
3325 if (nl80211_register_action_frame(bss, (u8 *) "\x0a\x11", 2) < 0)
3332 static int nl80211_register_spurious_class3(struct i802_bss *bss)
3334 struct wpa_driver_nl80211_data *drv = bss->drv;
3338 msg = nlmsg_alloc();
3342 nl80211_cmd(drv, msg, 0, NL80211_CMD_UNEXPECTED_FRAME);
3344 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, bss->ifindex);
3346 ret = send_and_recv(drv->global, bss->nl_mgmt, msg, NULL, NULL);
3349 wpa_printf(MSG_DEBUG, "nl80211: Register spurious class3 "
3350 "failed: ret=%d (%s)",
3351 ret, strerror(-ret));
3352 goto nla_put_failure;
3361 static int nl80211_mgmt_subscribe_ap(struct i802_bss *bss)
3363 static const int stypes[] = {
3365 WLAN_FC_STYPE_ASSOC_REQ,
3366 WLAN_FC_STYPE_REASSOC_REQ,
3367 WLAN_FC_STYPE_DISASSOC,
3368 WLAN_FC_STYPE_DEAUTH,
3369 WLAN_FC_STYPE_ACTION,
3370 WLAN_FC_STYPE_PROBE_REQ,
3371 /* Beacon doesn't work as mac80211 doesn't currently allow
3372 * it, but it wouldn't really be the right thing anyway as
3373 * it isn't per interface ... maybe just dump the scan
3374 * results periodically for OLBC?
3376 // WLAN_FC_STYPE_BEACON,
3380 if (nl80211_alloc_mgmt_handle(bss))
3382 wpa_printf(MSG_DEBUG, "nl80211: Subscribe to mgmt frames with AP "
3383 "handle %p", bss->nl_mgmt);
3385 for (i = 0; i < sizeof(stypes) / sizeof(stypes[0]); i++) {
3386 if (nl80211_register_frame(bss, bss->nl_mgmt,
3387 (WLAN_FC_TYPE_MGMT << 2) |
3394 if (nl80211_register_spurious_class3(bss))
3397 if (nl80211_get_wiphy_data_ap(bss) == NULL)
3403 eloop_unregister_read_sock(nl_socket_get_fd(bss->nl_mgmt));
3404 nl_destroy_handles(&bss->nl_mgmt);
3409 static int nl80211_mgmt_subscribe_ap_dev_sme(struct i802_bss *bss)
3411 if (nl80211_alloc_mgmt_handle(bss))
3413 wpa_printf(MSG_DEBUG, "nl80211: Subscribe to mgmt frames with AP "
3414 "handle %p (device SME)", bss->nl_mgmt);
3416 if (nl80211_register_frame(bss, bss->nl_mgmt,
3417 (WLAN_FC_TYPE_MGMT << 2) |
3418 (WLAN_FC_STYPE_ACTION << 4),
3425 eloop_unregister_read_sock(nl_socket_get_fd(bss->nl_mgmt));
3426 nl_destroy_handles(&bss->nl_mgmt);
3431 static void nl80211_mgmt_unsubscribe(struct i802_bss *bss, const char *reason)
3433 if (bss->nl_mgmt == NULL)
3435 wpa_printf(MSG_DEBUG, "nl80211: Unsubscribe mgmt frames handle %p "
3436 "(%s)", bss->nl_mgmt, reason);
3437 eloop_unregister_read_sock(nl_socket_get_fd(bss->nl_mgmt));
3438 nl_destroy_handles(&bss->nl_mgmt);
3440 nl80211_put_wiphy_data_ap(bss);
3444 static void wpa_driver_nl80211_send_rfkill(void *eloop_ctx, void *timeout_ctx)
3446 wpa_supplicant_event(timeout_ctx, EVENT_INTERFACE_DISABLED, NULL);
3451 wpa_driver_nl80211_finish_drv_init(struct wpa_driver_nl80211_data *drv)
3453 struct i802_bss *bss = &drv->first_bss;
3454 int send_rfkill_event = 0;
3456 drv->ifindex = if_nametoindex(bss->ifname);
3457 drv->first_bss.ifindex = drv->ifindex;
3461 * Make sure the interface starts up in station mode unless this is a
3462 * dynamically added interface (e.g., P2P) that was already configured
3463 * with proper iftype.
3465 if (drv->ifindex != drv->global->if_add_ifindex &&
3466 wpa_driver_nl80211_set_mode(bss, NL80211_IFTYPE_STATION) < 0) {
3467 wpa_printf(MSG_ERROR, "nl80211: Could not configure driver to "
3468 "use managed mode");
3472 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 1)) {
3473 if (rfkill_is_blocked(drv->rfkill)) {
3474 wpa_printf(MSG_DEBUG, "nl80211: Could not yet enable "
3475 "interface '%s' due to rfkill",
3477 drv->if_disabled = 1;
3478 send_rfkill_event = 1;
3480 wpa_printf(MSG_ERROR, "nl80211: Could not set "
3481 "interface '%s' UP", bss->ifname);
3486 netlink_send_oper_ifla(drv->global->netlink, drv->ifindex,
3487 1, IF_OPER_DORMANT);
3488 #endif /* HOSTAPD */
3490 if (wpa_driver_nl80211_capa(drv))
3493 if (linux_get_ifhwaddr(drv->global->ioctl_sock, bss->ifname,
3497 if (send_rfkill_event) {
3498 eloop_register_timeout(0, 0, wpa_driver_nl80211_send_rfkill,
3506 static int wpa_driver_nl80211_del_beacon(struct wpa_driver_nl80211_data *drv)
3510 msg = nlmsg_alloc();
3514 nl80211_cmd(drv, msg, 0, NL80211_CMD_DEL_BEACON);
3515 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
3517 return send_and_recv_msgs(drv, msg, NULL, NULL);
3525 * wpa_driver_nl80211_deinit - Deinitialize nl80211 driver interface
3526 * @bss: Pointer to private nl80211 data from wpa_driver_nl80211_init()
3528 * Shut down driver interface and processing of driver events. Free
3529 * private data buffer if one was allocated in wpa_driver_nl80211_init().
3531 static void wpa_driver_nl80211_deinit(struct i802_bss *bss)
3533 struct wpa_driver_nl80211_data *drv = bss->drv;
3536 if (drv->data_tx_status)
3537 eloop_unregister_read_sock(drv->eapol_tx_sock);
3538 if (drv->eapol_tx_sock >= 0)
3539 close(drv->eapol_tx_sock);
3542 wpa_driver_nl80211_probe_req_report(bss, 0);
3543 if (bss->added_if_into_bridge) {
3544 if (linux_br_del_if(drv->global->ioctl_sock, bss->brname,
3546 wpa_printf(MSG_INFO, "nl80211: Failed to remove "
3547 "interface %s from bridge %s: %s",
3548 bss->ifname, bss->brname, strerror(errno));
3550 if (bss->added_bridge) {
3551 if (linux_br_del(drv->global->ioctl_sock, bss->brname) < 0)
3552 wpa_printf(MSG_INFO, "nl80211: Failed to remove "
3554 bss->brname, strerror(errno));
3557 nl80211_remove_monitor_interface(drv);
3559 if (is_ap_interface(drv->nlmode))
3560 wpa_driver_nl80211_del_beacon(drv);
3563 if (drv->last_freq_ht) {
3564 /* Clear HT flags from the driver */
3565 struct hostapd_freq_params freq;
3566 os_memset(&freq, 0, sizeof(freq));
3567 freq.freq = drv->last_freq;
3568 wpa_driver_nl80211_set_freq(bss, &freq);
3571 if (drv->eapol_sock >= 0) {
3572 eloop_unregister_read_sock(drv->eapol_sock);
3573 close(drv->eapol_sock);
3576 if (drv->if_indices != drv->default_if_indices)
3577 os_free(drv->if_indices);
3578 #endif /* HOSTAPD */
3580 if (drv->disabled_11b_rates)
3581 nl80211_disable_11b_rates(drv, drv->ifindex, 0);
3583 netlink_send_oper_ifla(drv->global->netlink, drv->ifindex, 0,
3585 rfkill_deinit(drv->rfkill);
3587 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv, drv->ctx);
3589 (void) linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 0);
3590 wpa_driver_nl80211_set_mode(bss, NL80211_IFTYPE_STATION);
3591 nl80211_mgmt_unsubscribe(bss, "deinit");
3593 nl_cb_put(drv->nl_cb);
3595 nl80211_destroy_bss(&drv->first_bss);
3597 os_free(drv->filter_ssids);
3599 os_free(drv->auth_ie);
3601 if (drv->in_interface_list)
3602 dl_list_del(&drv->list);
3609 * wpa_driver_nl80211_scan_timeout - Scan timeout to report scan completion
3610 * @eloop_ctx: Driver private data
3611 * @timeout_ctx: ctx argument given to wpa_driver_nl80211_init()
3613 * This function can be used as registered timeout when starting a scan to
3614 * generate a scan completed event if the driver does not report this.
3616 static void wpa_driver_nl80211_scan_timeout(void *eloop_ctx, void *timeout_ctx)
3618 struct wpa_driver_nl80211_data *drv = eloop_ctx;
3619 if (drv->ap_scan_as_station != NL80211_IFTYPE_UNSPECIFIED) {
3620 wpa_driver_nl80211_set_mode(&drv->first_bss,
3621 drv->ap_scan_as_station);
3622 drv->ap_scan_as_station = NL80211_IFTYPE_UNSPECIFIED;
3624 wpa_printf(MSG_DEBUG, "Scan timeout - try to get results");
3625 wpa_supplicant_event(timeout_ctx, EVENT_SCAN_RESULTS, NULL);
3629 static struct nl_msg *
3630 nl80211_scan_common(struct wpa_driver_nl80211_data *drv, u8 cmd,
3631 struct wpa_driver_scan_params *params)
3637 msg = nlmsg_alloc();
3641 nl80211_cmd(drv, msg, 0, cmd);
3643 if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, drv->ifindex) < 0)
3646 if (params->num_ssids) {
3647 struct nl_msg *ssids = nlmsg_alloc();
3650 for (i = 0; i < params->num_ssids; i++) {
3651 wpa_hexdump_ascii(MSG_MSGDUMP, "nl80211: Scan SSID",
3652 params->ssids[i].ssid,
3653 params->ssids[i].ssid_len);
3654 if (nla_put(ssids, i + 1, params->ssids[i].ssid_len,
3655 params->ssids[i].ssid) < 0) {
3660 err = nla_put_nested(msg, NL80211_ATTR_SCAN_SSIDS, ssids);
3666 if (params->extra_ies) {
3667 wpa_hexdump(MSG_MSGDUMP, "nl80211: Scan extra IEs",
3668 params->extra_ies, params->extra_ies_len);
3669 if (nla_put(msg, NL80211_ATTR_IE, params->extra_ies_len,
3670 params->extra_ies) < 0)
3674 if (params->freqs) {
3675 struct nl_msg *freqs = nlmsg_alloc();
3678 for (i = 0; params->freqs[i]; i++) {
3679 wpa_printf(MSG_MSGDUMP, "nl80211: Scan frequency %u "
3680 "MHz", params->freqs[i]);
3681 if (nla_put_u32(freqs, i + 1, params->freqs[i]) < 0) {
3686 err = nla_put_nested(msg, NL80211_ATTR_SCAN_FREQUENCIES,
3693 os_free(drv->filter_ssids);
3694 drv->filter_ssids = params->filter_ssids;
3695 params->filter_ssids = NULL;
3696 drv->num_filter_ssids = params->num_filter_ssids;
3707 * wpa_driver_nl80211_scan - Request the driver to initiate scan
3708 * @bss: Pointer to private driver data from wpa_driver_nl80211_init()
3709 * @params: Scan parameters
3710 * Returns: 0 on success, -1 on failure
3712 static int wpa_driver_nl80211_scan(struct i802_bss *bss,
3713 struct wpa_driver_scan_params *params)
3715 struct wpa_driver_nl80211_data *drv = bss->drv;
3716 int ret = -1, timeout;
3717 struct nl_msg *msg, *rates = NULL;
3719 drv->scan_for_auth = 0;
3721 msg = nl80211_scan_common(drv, NL80211_CMD_TRIGGER_SCAN, params);
3725 if (params->p2p_probe) {
3726 wpa_printf(MSG_DEBUG, "nl80211: P2P probe - mask SuppRates");
3728 rates = nlmsg_alloc();
3730 goto nla_put_failure;
3733 * Remove 2.4 GHz rates 1, 2, 5.5, 11 Mbps from supported rates
3734 * by masking out everything else apart from the OFDM rates 6,
3735 * 9, 12, 18, 24, 36, 48, 54 Mbps from non-MCS rates. All 5 GHz
3736 * rates are left enabled.
3738 NLA_PUT(rates, NL80211_BAND_2GHZ, 8,
3739 "\x0c\x12\x18\x24\x30\x48\x60\x6c");
3740 if (nla_put_nested(msg, NL80211_ATTR_SCAN_SUPP_RATES, rates) <
3742 goto nla_put_failure;
3744 NLA_PUT_FLAG(msg, NL80211_ATTR_TX_NO_CCK_RATE);
3747 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
3750 wpa_printf(MSG_DEBUG, "nl80211: Scan trigger failed: ret=%d "
3751 "(%s)", ret, strerror(-ret));
3753 if (is_ap_interface(drv->nlmode)) {
3755 * mac80211 does not allow scan requests in AP mode, so
3756 * try to do this in station mode.
3758 if (wpa_driver_nl80211_set_mode(
3759 bss, NL80211_IFTYPE_STATION))
3760 goto nla_put_failure;
3762 if (wpa_driver_nl80211_scan(bss, params)) {
3763 wpa_driver_nl80211_set_mode(bss, drv->nlmode);
3764 goto nla_put_failure;
3767 /* Restore AP mode when processing scan results */
3768 drv->ap_scan_as_station = drv->nlmode;
3771 goto nla_put_failure;
3773 goto nla_put_failure;
3774 #endif /* HOSTAPD */
3777 /* Not all drivers generate "scan completed" wireless event, so try to
3778 * read results after a timeout. */
3780 if (drv->scan_complete_events) {
3782 * The driver seems to deliver events to notify when scan is
3783 * complete, so use longer timeout to avoid race conditions
3784 * with scanning and following association request.
3788 wpa_printf(MSG_DEBUG, "Scan requested (ret=%d) - scan timeout %d "
3789 "seconds", ret, timeout);
3790 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv, drv->ctx);
3791 eloop_register_timeout(timeout, 0, wpa_driver_nl80211_scan_timeout,
3802 * wpa_driver_nl80211_sched_scan - Initiate a scheduled scan
3803 * @priv: Pointer to private driver data from wpa_driver_nl80211_init()
3804 * @params: Scan parameters
3805 * @interval: Interval between scan cycles in milliseconds
3806 * Returns: 0 on success, -1 on failure or if not supported
3808 static int wpa_driver_nl80211_sched_scan(void *priv,
3809 struct wpa_driver_scan_params *params,
3812 struct i802_bss *bss = priv;
3813 struct wpa_driver_nl80211_data *drv = bss->drv;
3816 struct nl_msg *match_set_ssid = NULL, *match_sets = NULL;
3817 struct nl_msg *match_set_rssi = NULL;
3821 if (!drv->capa.sched_scan_supported)
3822 return android_pno_start(bss, params);
3823 #endif /* ANDROID */
3825 msg = nl80211_scan_common(drv, NL80211_CMD_START_SCHED_SCAN, params);
3827 goto nla_put_failure;
3829 NLA_PUT_U32(msg, NL80211_ATTR_SCHED_SCAN_INTERVAL, interval);
3831 if ((drv->num_filter_ssids &&
3832 (int) drv->num_filter_ssids <= drv->capa.max_match_sets) ||
3833 params->filter_rssi) {
3834 match_sets = nlmsg_alloc();
3835 if (match_sets == NULL)
3836 goto nla_put_failure;
3838 for (i = 0; i < drv->num_filter_ssids; i++) {
3839 wpa_hexdump_ascii(MSG_MSGDUMP,
3840 "nl80211: Sched scan filter SSID",
3841 drv->filter_ssids[i].ssid,
3842 drv->filter_ssids[i].ssid_len);
3844 match_set_ssid = nlmsg_alloc();
3845 if (match_set_ssid == NULL)
3846 goto nla_put_failure;
3847 NLA_PUT(match_set_ssid,
3848 NL80211_ATTR_SCHED_SCAN_MATCH_SSID,
3849 drv->filter_ssids[i].ssid_len,
3850 drv->filter_ssids[i].ssid);
3852 if (nla_put_nested(match_sets, i + 1, match_set_ssid) <
3854 goto nla_put_failure;
3857 if (params->filter_rssi) {
3858 match_set_rssi = nlmsg_alloc();
3859 if (match_set_rssi == NULL)
3860 goto nla_put_failure;
3861 NLA_PUT_U32(match_set_rssi,
3862 NL80211_SCHED_SCAN_MATCH_ATTR_RSSI,
3863 params->filter_rssi);
3864 wpa_printf(MSG_MSGDUMP,
3865 "nl80211: Sched scan RSSI filter %d dBm",
3866 params->filter_rssi);
3867 if (nla_put_nested(match_sets, 0, match_set_rssi) < 0)
3868 goto nla_put_failure;
3871 if (nla_put_nested(msg, NL80211_ATTR_SCHED_SCAN_MATCH,
3873 goto nla_put_failure;
3876 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
3878 /* TODO: if we get an error here, we should fall back to normal scan */
3882 wpa_printf(MSG_DEBUG, "nl80211: Sched scan start failed: "
3883 "ret=%d (%s)", ret, strerror(-ret));
3884 goto nla_put_failure;
3887 wpa_printf(MSG_DEBUG, "nl80211: Sched scan requested (ret=%d) - "
3888 "scan interval %d msec", ret, interval);
3891 nlmsg_free(match_set_ssid);
3892 nlmsg_free(match_sets);
3893 nlmsg_free(match_set_rssi);
3900 * wpa_driver_nl80211_stop_sched_scan - Stop a scheduled scan
3901 * @priv: Pointer to private driver data from wpa_driver_nl80211_init()
3902 * Returns: 0 on success, -1 on failure or if not supported
3904 static int wpa_driver_nl80211_stop_sched_scan(void *priv)
3906 struct i802_bss *bss = priv;
3907 struct wpa_driver_nl80211_data *drv = bss->drv;
3912 if (!drv->capa.sched_scan_supported)
3913 return android_pno_stop(bss);
3914 #endif /* ANDROID */
3916 msg = nlmsg_alloc();
3920 nl80211_cmd(drv, msg, 0, NL80211_CMD_STOP_SCHED_SCAN);
3922 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
3924 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
3927 wpa_printf(MSG_DEBUG, "nl80211: Sched scan stop failed: "
3928 "ret=%d (%s)", ret, strerror(-ret));
3929 goto nla_put_failure;
3932 wpa_printf(MSG_DEBUG, "nl80211: Sched scan stop sent (ret=%d)", ret);
3940 static const u8 * nl80211_get_ie(const u8 *ies, size_t ies_len, u8 ie)
3942 const u8 *end, *pos;
3948 end = ies + ies_len;
3950 while (pos + 1 < end) {
3951 if (pos + 2 + pos[1] > end)
3962 static int nl80211_scan_filtered(struct wpa_driver_nl80211_data *drv,
3963 const u8 *ie, size_t ie_len)
3968 if (drv->filter_ssids == NULL)
3971 ssid = nl80211_get_ie(ie, ie_len, WLAN_EID_SSID);
3975 for (i = 0; i < drv->num_filter_ssids; i++) {
3976 if (ssid[1] == drv->filter_ssids[i].ssid_len &&
3977 os_memcmp(ssid + 2, drv->filter_ssids[i].ssid, ssid[1]) ==
3986 static int bss_info_handler(struct nl_msg *msg, void *arg)
3988 struct nlattr *tb[NL80211_ATTR_MAX + 1];
3989 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
3990 struct nlattr *bss[NL80211_BSS_MAX + 1];
3991 static struct nla_policy bss_policy[NL80211_BSS_MAX + 1] = {
3992 [NL80211_BSS_BSSID] = { .type = NLA_UNSPEC },
3993 [NL80211_BSS_FREQUENCY] = { .type = NLA_U32 },
3994 [NL80211_BSS_TSF] = { .type = NLA_U64 },
3995 [NL80211_BSS_BEACON_INTERVAL] = { .type = NLA_U16 },
3996 [NL80211_BSS_CAPABILITY] = { .type = NLA_U16 },
3997 [NL80211_BSS_INFORMATION_ELEMENTS] = { .type = NLA_UNSPEC },
3998 [NL80211_BSS_SIGNAL_MBM] = { .type = NLA_U32 },
3999 [NL80211_BSS_SIGNAL_UNSPEC] = { .type = NLA_U8 },
4000 [NL80211_BSS_STATUS] = { .type = NLA_U32 },
4001 [NL80211_BSS_SEEN_MS_AGO] = { .type = NLA_U32 },
4002 [NL80211_BSS_BEACON_IES] = { .type = NLA_UNSPEC },
4004 struct nl80211_bss_info_arg *_arg = arg;
4005 struct wpa_scan_results *res = _arg->res;
4006 struct wpa_scan_res **tmp;
4007 struct wpa_scan_res *r;
4008 const u8 *ie, *beacon_ie;
4009 size_t ie_len, beacon_ie_len;
4013 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
4014 genlmsg_attrlen(gnlh, 0), NULL);
4015 if (!tb[NL80211_ATTR_BSS])
4017 if (nla_parse_nested(bss, NL80211_BSS_MAX, tb[NL80211_ATTR_BSS],
4020 if (bss[NL80211_BSS_STATUS]) {
4021 enum nl80211_bss_status status;
4022 status = nla_get_u32(bss[NL80211_BSS_STATUS]);
4023 if (status == NL80211_BSS_STATUS_ASSOCIATED &&
4024 bss[NL80211_BSS_FREQUENCY]) {
4026 nla_get_u32(bss[NL80211_BSS_FREQUENCY]);
4027 wpa_printf(MSG_DEBUG, "nl80211: Associated on %u MHz",
4030 if (status == NL80211_BSS_STATUS_ASSOCIATED &&
4031 bss[NL80211_BSS_BSSID]) {
4032 os_memcpy(_arg->assoc_bssid,
4033 nla_data(bss[NL80211_BSS_BSSID]), ETH_ALEN);
4034 wpa_printf(MSG_DEBUG, "nl80211: Associated with "
4035 MACSTR, MAC2STR(_arg->assoc_bssid));
4040 if (bss[NL80211_BSS_INFORMATION_ELEMENTS]) {
4041 ie = nla_data(bss[NL80211_BSS_INFORMATION_ELEMENTS]);
4042 ie_len = nla_len(bss[NL80211_BSS_INFORMATION_ELEMENTS]);
4047 if (bss[NL80211_BSS_BEACON_IES]) {
4048 beacon_ie = nla_data(bss[NL80211_BSS_BEACON_IES]);
4049 beacon_ie_len = nla_len(bss[NL80211_BSS_BEACON_IES]);
4055 if (nl80211_scan_filtered(_arg->drv, ie ? ie : beacon_ie,
4056 ie ? ie_len : beacon_ie_len))
4059 r = os_zalloc(sizeof(*r) + ie_len + beacon_ie_len);
4062 if (bss[NL80211_BSS_BSSID])
4063 os_memcpy(r->bssid, nla_data(bss[NL80211_BSS_BSSID]),
4065 if (bss[NL80211_BSS_FREQUENCY])
4066 r->freq = nla_get_u32(bss[NL80211_BSS_FREQUENCY]);
4067 if (bss[NL80211_BSS_BEACON_INTERVAL])
4068 r->beacon_int = nla_get_u16(bss[NL80211_BSS_BEACON_INTERVAL]);
4069 if (bss[NL80211_BSS_CAPABILITY])
4070 r->caps = nla_get_u16(bss[NL80211_BSS_CAPABILITY]);
4071 r->flags |= WPA_SCAN_NOISE_INVALID;
4072 if (bss[NL80211_BSS_SIGNAL_MBM]) {
4073 r->level = nla_get_u32(bss[NL80211_BSS_SIGNAL_MBM]);
4074 r->level /= 100; /* mBm to dBm */
4075 r->flags |= WPA_SCAN_LEVEL_DBM | WPA_SCAN_QUAL_INVALID;
4076 } else if (bss[NL80211_BSS_SIGNAL_UNSPEC]) {
4077 r->level = nla_get_u8(bss[NL80211_BSS_SIGNAL_UNSPEC]);
4078 r->flags |= WPA_SCAN_QUAL_INVALID;
4080 r->flags |= WPA_SCAN_LEVEL_INVALID | WPA_SCAN_QUAL_INVALID;
4081 if (bss[NL80211_BSS_TSF])
4082 r->tsf = nla_get_u64(bss[NL80211_BSS_TSF]);
4083 if (bss[NL80211_BSS_SEEN_MS_AGO])
4084 r->age = nla_get_u32(bss[NL80211_BSS_SEEN_MS_AGO]);
4086 pos = (u8 *) (r + 1);
4088 os_memcpy(pos, ie, ie_len);
4091 r->beacon_ie_len = beacon_ie_len;
4093 os_memcpy(pos, beacon_ie, beacon_ie_len);
4095 if (bss[NL80211_BSS_STATUS]) {
4096 enum nl80211_bss_status status;
4097 status = nla_get_u32(bss[NL80211_BSS_STATUS]);
4099 case NL80211_BSS_STATUS_AUTHENTICATED:
4100 r->flags |= WPA_SCAN_AUTHENTICATED;
4102 case NL80211_BSS_STATUS_ASSOCIATED:
4103 r->flags |= WPA_SCAN_ASSOCIATED;
4111 * cfg80211 maintains separate BSS table entries for APs if the same
4112 * BSSID,SSID pair is seen on multiple channels. wpa_supplicant does
4113 * not use frequency as a separate key in the BSS table, so filter out
4114 * duplicated entries. Prefer associated BSS entry in such a case in
4115 * order to get the correct frequency into the BSS table.
4117 for (i = 0; i < res->num; i++) {
4119 if (os_memcmp(res->res[i]->bssid, r->bssid, ETH_ALEN) != 0)
4122 s1 = nl80211_get_ie((u8 *) (res->res[i] + 1),
4123 res->res[i]->ie_len, WLAN_EID_SSID);
4124 s2 = nl80211_get_ie((u8 *) (r + 1), r->ie_len, WLAN_EID_SSID);
4125 if (s1 == NULL || s2 == NULL || s1[1] != s2[1] ||
4126 os_memcmp(s1, s2, 2 + s1[1]) != 0)
4129 /* Same BSSID,SSID was already included in scan results */
4130 wpa_printf(MSG_DEBUG, "nl80211: Remove duplicated scan result "
4131 "for " MACSTR, MAC2STR(r->bssid));
4133 if ((r->flags & WPA_SCAN_ASSOCIATED) &&
4134 !(res->res[i]->flags & WPA_SCAN_ASSOCIATED)) {
4135 os_free(res->res[i]);
4142 tmp = os_realloc_array(res->res, res->num + 1,
4143 sizeof(struct wpa_scan_res *));
4148 tmp[res->num++] = r;
4155 static void clear_state_mismatch(struct wpa_driver_nl80211_data *drv,
4158 if (drv->capa.flags & WPA_DRIVER_FLAGS_SME) {
4159 wpa_printf(MSG_DEBUG, "nl80211: Clear possible state "
4160 "mismatch (" MACSTR ")", MAC2STR(addr));
4161 wpa_driver_nl80211_mlme(drv, addr,
4162 NL80211_CMD_DEAUTHENTICATE,
4163 WLAN_REASON_PREV_AUTH_NOT_VALID, 1);
4168 static void wpa_driver_nl80211_check_bss_status(
4169 struct wpa_driver_nl80211_data *drv, struct wpa_scan_results *res)
4173 for (i = 0; i < res->num; i++) {
4174 struct wpa_scan_res *r = res->res[i];
4175 if (r->flags & WPA_SCAN_AUTHENTICATED) {
4176 wpa_printf(MSG_DEBUG, "nl80211: Scan results "
4177 "indicates BSS status with " MACSTR
4178 " as authenticated",
4180 if (is_sta_interface(drv->nlmode) &&
4181 os_memcmp(r->bssid, drv->bssid, ETH_ALEN) != 0 &&
4182 os_memcmp(r->bssid, drv->auth_bssid, ETH_ALEN) !=
4184 wpa_printf(MSG_DEBUG, "nl80211: Unknown BSSID"
4185 " in local state (auth=" MACSTR
4186 " assoc=" MACSTR ")",
4187 MAC2STR(drv->auth_bssid),
4188 MAC2STR(drv->bssid));
4189 clear_state_mismatch(drv, r->bssid);
4193 if (r->flags & WPA_SCAN_ASSOCIATED) {
4194 wpa_printf(MSG_DEBUG, "nl80211: Scan results "
4195 "indicate BSS status with " MACSTR
4198 if (is_sta_interface(drv->nlmode) &&
4200 wpa_printf(MSG_DEBUG, "nl80211: Local state "
4201 "(not associated) does not match "
4203 clear_state_mismatch(drv, r->bssid);
4204 } else if (is_sta_interface(drv->nlmode) &&
4205 os_memcmp(drv->bssid, r->bssid, ETH_ALEN) !=
4207 wpa_printf(MSG_DEBUG, "nl80211: Local state "
4208 "(associated with " MACSTR ") does "
4209 "not match with BSS state",
4210 MAC2STR(drv->bssid));
4211 clear_state_mismatch(drv, r->bssid);
4212 clear_state_mismatch(drv, drv->bssid);
4219 static struct wpa_scan_results *
4220 nl80211_get_scan_results(struct wpa_driver_nl80211_data *drv)
4223 struct wpa_scan_results *res;
4225 struct nl80211_bss_info_arg arg;
4227 res = os_zalloc(sizeof(*res));
4230 msg = nlmsg_alloc();
4232 goto nla_put_failure;
4234 nl80211_cmd(drv, msg, NLM_F_DUMP, NL80211_CMD_GET_SCAN);
4235 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
4239 ret = send_and_recv_msgs(drv, msg, bss_info_handler, &arg);
4242 wpa_printf(MSG_DEBUG, "nl80211: Received scan results (%lu "
4243 "BSSes)", (unsigned long) res->num);
4244 nl80211_get_noise_for_scan_results(drv, res);
4247 wpa_printf(MSG_DEBUG, "nl80211: Scan result fetch failed: ret=%d "
4248 "(%s)", ret, strerror(-ret));
4251 wpa_scan_results_free(res);
4257 * wpa_driver_nl80211_get_scan_results - Fetch the latest scan results
4258 * @priv: Pointer to private wext data from wpa_driver_nl80211_init()
4259 * Returns: Scan results on success, -1 on failure
4261 static struct wpa_scan_results *
4262 wpa_driver_nl80211_get_scan_results(void *priv)
4264 struct i802_bss *bss = priv;
4265 struct wpa_driver_nl80211_data *drv = bss->drv;
4266 struct wpa_scan_results *res;
4268 res = nl80211_get_scan_results(drv);
4270 wpa_driver_nl80211_check_bss_status(drv, res);
4275 static void nl80211_dump_scan(struct wpa_driver_nl80211_data *drv)
4277 struct wpa_scan_results *res;
4280 res = nl80211_get_scan_results(drv);
4282 wpa_printf(MSG_DEBUG, "nl80211: Failed to get scan results");
4286 wpa_printf(MSG_DEBUG, "nl80211: Scan result dump");
4287 for (i = 0; i < res->num; i++) {
4288 struct wpa_scan_res *r = res->res[i];
4289 wpa_printf(MSG_DEBUG, "nl80211: %d/%d " MACSTR "%s%s",
4290 (int) i, (int) res->num, MAC2STR(r->bssid),
4291 r->flags & WPA_SCAN_AUTHENTICATED ? " [auth]" : "",
4292 r->flags & WPA_SCAN_ASSOCIATED ? " [assoc]" : "");
4295 wpa_scan_results_free(res);
4299 static int wpa_driver_nl80211_set_key(const char *ifname, struct i802_bss *bss,
4300 enum wpa_alg alg, const u8 *addr,
4301 int key_idx, int set_tx,
4302 const u8 *seq, size_t seq_len,
4303 const u8 *key, size_t key_len)
4305 struct wpa_driver_nl80211_data *drv = bss->drv;
4306 int ifindex = if_nametoindex(ifname);
4310 wpa_printf(MSG_DEBUG, "%s: ifindex=%d alg=%d addr=%p key_idx=%d "
4311 "set_tx=%d seq_len=%lu key_len=%lu",
4312 __func__, ifindex, alg, addr, key_idx, set_tx,
4313 (unsigned long) seq_len, (unsigned long) key_len);
4317 #endif /* CONFIG_TDLS */
4319 msg = nlmsg_alloc();
4323 if (alg == WPA_ALG_NONE) {
4324 nl80211_cmd(drv, msg, 0, NL80211_CMD_DEL_KEY);
4326 nl80211_cmd(drv, msg, 0, NL80211_CMD_NEW_KEY);
4327 NLA_PUT(msg, NL80211_ATTR_KEY_DATA, key_len, key);
4331 NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
4332 WLAN_CIPHER_SUITE_WEP40);
4334 NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
4335 WLAN_CIPHER_SUITE_WEP104);
4338 NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
4339 WLAN_CIPHER_SUITE_TKIP);
4342 NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
4343 WLAN_CIPHER_SUITE_CCMP);
4346 NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
4347 WLAN_CIPHER_SUITE_GCMP);
4350 NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
4351 WLAN_CIPHER_SUITE_AES_CMAC);
4354 NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
4355 WLAN_CIPHER_SUITE_SMS4);
4358 NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
4359 WLAN_CIPHER_SUITE_KRK);
4362 wpa_printf(MSG_ERROR, "%s: Unsupported encryption "
4363 "algorithm %d", __func__, alg);
4370 NLA_PUT(msg, NL80211_ATTR_KEY_SEQ, seq_len, seq);
4372 if (addr && !is_broadcast_ether_addr(addr)) {
4373 wpa_printf(MSG_DEBUG, " addr=" MACSTR, MAC2STR(addr));
4374 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
4376 if (alg != WPA_ALG_WEP && key_idx && !set_tx) {
4377 wpa_printf(MSG_DEBUG, " RSN IBSS RX GTK");
4378 NLA_PUT_U32(msg, NL80211_ATTR_KEY_TYPE,
4379 NL80211_KEYTYPE_GROUP);
4381 } else if (addr && is_broadcast_ether_addr(addr)) {
4382 struct nl_msg *types;
4384 wpa_printf(MSG_DEBUG, " broadcast key");
4385 types = nlmsg_alloc();
4387 goto nla_put_failure;
4388 NLA_PUT_FLAG(types, NL80211_KEY_DEFAULT_TYPE_MULTICAST);
4389 err = nla_put_nested(msg, NL80211_ATTR_KEY_DEFAULT_TYPES,
4393 goto nla_put_failure;
4395 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, key_idx);
4396 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifindex);
4398 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
4399 if ((ret == -ENOENT || ret == -ENOLINK) && alg == WPA_ALG_NONE)
4402 wpa_printf(MSG_DEBUG, "nl80211: set_key failed; err=%d %s)",
4403 ret, strerror(-ret));
4406 * If we failed or don't need to set the default TX key (below),
4409 if (ret || !set_tx || alg == WPA_ALG_NONE)
4411 if (is_ap_interface(drv->nlmode) && addr &&
4412 !is_broadcast_ether_addr(addr))
4415 msg = nlmsg_alloc();
4419 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_KEY);
4420 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, key_idx);
4421 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifindex);
4422 if (alg == WPA_ALG_IGTK)
4423 NLA_PUT_FLAG(msg, NL80211_ATTR_KEY_DEFAULT_MGMT);
4425 NLA_PUT_FLAG(msg, NL80211_ATTR_KEY_DEFAULT);
4426 if (addr && is_broadcast_ether_addr(addr)) {
4427 struct nl_msg *types;
4429 types = nlmsg_alloc();
4431 goto nla_put_failure;
4432 NLA_PUT_FLAG(types, NL80211_KEY_DEFAULT_TYPE_MULTICAST);
4433 err = nla_put_nested(msg, NL80211_ATTR_KEY_DEFAULT_TYPES,
4437 goto nla_put_failure;
4439 struct nl_msg *types;
4441 types = nlmsg_alloc();
4443 goto nla_put_failure;
4444 NLA_PUT_FLAG(types, NL80211_KEY_DEFAULT_TYPE_UNICAST);
4445 err = nla_put_nested(msg, NL80211_ATTR_KEY_DEFAULT_TYPES,
4449 goto nla_put_failure;
4452 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
4456 wpa_printf(MSG_DEBUG, "nl80211: set_key default failed; "
4457 "err=%d %s)", ret, strerror(-ret));
4466 static int nl_add_key(struct nl_msg *msg, enum wpa_alg alg,
4467 int key_idx, int defkey,
4468 const u8 *seq, size_t seq_len,
4469 const u8 *key, size_t key_len)
4471 struct nlattr *key_attr = nla_nest_start(msg, NL80211_ATTR_KEY);
4475 if (defkey && alg == WPA_ALG_IGTK)
4476 NLA_PUT_FLAG(msg, NL80211_KEY_DEFAULT_MGMT);
4478 NLA_PUT_FLAG(msg, NL80211_KEY_DEFAULT);
4480 NLA_PUT_U8(msg, NL80211_KEY_IDX, key_idx);
4485 NLA_PUT_U32(msg, NL80211_KEY_CIPHER,
4486 WLAN_CIPHER_SUITE_WEP40);
4488 NLA_PUT_U32(msg, NL80211_KEY_CIPHER,
4489 WLAN_CIPHER_SUITE_WEP104);
4492 NLA_PUT_U32(msg, NL80211_KEY_CIPHER, WLAN_CIPHER_SUITE_TKIP);
4495 NLA_PUT_U32(msg, NL80211_KEY_CIPHER, WLAN_CIPHER_SUITE_CCMP);
4498 NLA_PUT_U32(msg, NL80211_KEY_CIPHER, WLAN_CIPHER_SUITE_GCMP);
4501 NLA_PUT_U32(msg, NL80211_KEY_CIPHER,
4502 WLAN_CIPHER_SUITE_AES_CMAC);
4505 wpa_printf(MSG_ERROR, "%s: Unsupported encryption "
4506 "algorithm %d", __func__, alg);
4511 NLA_PUT(msg, NL80211_KEY_SEQ, seq_len, seq);
4513 NLA_PUT(msg, NL80211_KEY_DATA, key_len, key);
4515 nla_nest_end(msg, key_attr);
4523 static int nl80211_set_conn_keys(struct wpa_driver_associate_params *params,
4527 struct nlattr *nl_keys, *nl_key;
4529 for (i = 0; i < 4; i++) {
4530 if (!params->wep_key[i])
4535 if (params->wps == WPS_MODE_PRIVACY)
4537 if (params->pairwise_suite &&
4538 params->pairwise_suite != WPA_CIPHER_NONE)
4544 NLA_PUT_FLAG(msg, NL80211_ATTR_PRIVACY);
4546 nl_keys = nla_nest_start(msg, NL80211_ATTR_KEYS);
4548 goto nla_put_failure;
4550 for (i = 0; i < 4; i++) {
4551 if (!params->wep_key[i])
4554 nl_key = nla_nest_start(msg, i);
4556 goto nla_put_failure;
4558 NLA_PUT(msg, NL80211_KEY_DATA, params->wep_key_len[i],
4559 params->wep_key[i]);
4560 if (params->wep_key_len[i] == 5)
4561 NLA_PUT_U32(msg, NL80211_KEY_CIPHER,
4562 WLAN_CIPHER_SUITE_WEP40);
4564 NLA_PUT_U32(msg, NL80211_KEY_CIPHER,
4565 WLAN_CIPHER_SUITE_WEP104);
4567 NLA_PUT_U8(msg, NL80211_KEY_IDX, i);
4569 if (i == params->wep_tx_keyidx)
4570 NLA_PUT_FLAG(msg, NL80211_KEY_DEFAULT);
4572 nla_nest_end(msg, nl_key);
4574 nla_nest_end(msg, nl_keys);
4583 static int wpa_driver_nl80211_mlme(struct wpa_driver_nl80211_data *drv,
4584 const u8 *addr, int cmd, u16 reason_code,
4585 int local_state_change)
4590 msg = nlmsg_alloc();
4594 nl80211_cmd(drv, msg, 0, cmd);
4596 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
4597 NLA_PUT_U16(msg, NL80211_ATTR_REASON_CODE, reason_code);
4599 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
4600 if (local_state_change)
4601 NLA_PUT_FLAG(msg, NL80211_ATTR_LOCAL_STATE_CHANGE);
4603 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
4606 wpa_dbg(drv->ctx, MSG_DEBUG,
4607 "nl80211: MLME command failed: reason=%u ret=%d (%s)",
4608 reason_code, ret, strerror(-ret));
4609 goto nla_put_failure;
4619 static int wpa_driver_nl80211_disconnect(struct wpa_driver_nl80211_data *drv,
4622 wpa_printf(MSG_DEBUG, "%s(reason_code=%d)", __func__, reason_code);
4623 drv->associated = 0;
4624 drv->ignore_next_local_disconnect = 0;
4625 /* Disconnect command doesn't need BSSID - it uses cached value */
4626 return wpa_driver_nl80211_mlme(drv, NULL, NL80211_CMD_DISCONNECT,
4631 static int wpa_driver_nl80211_deauthenticate(struct i802_bss *bss,
4632 const u8 *addr, int reason_code)
4634 struct wpa_driver_nl80211_data *drv = bss->drv;
4635 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME))
4636 return wpa_driver_nl80211_disconnect(drv, reason_code);
4637 wpa_printf(MSG_DEBUG, "%s(addr=" MACSTR " reason_code=%d)",
4638 __func__, MAC2STR(addr), reason_code);
4639 drv->associated = 0;
4640 if (drv->nlmode == NL80211_IFTYPE_ADHOC)
4641 return nl80211_leave_ibss(drv);
4642 return wpa_driver_nl80211_mlme(drv, addr, NL80211_CMD_DEAUTHENTICATE,
4647 static void nl80211_copy_auth_params(struct wpa_driver_nl80211_data *drv,
4648 struct wpa_driver_auth_params *params)
4652 drv->auth_freq = params->freq;
4653 drv->auth_alg = params->auth_alg;
4654 drv->auth_wep_tx_keyidx = params->wep_tx_keyidx;
4655 drv->auth_local_state_change = params->local_state_change;
4656 drv->auth_p2p = params->p2p;
4659 os_memcpy(drv->auth_bssid_, params->bssid, ETH_ALEN);
4661 os_memset(drv->auth_bssid_, 0, ETH_ALEN);
4664 os_memcpy(drv->auth_ssid, params->ssid, params->ssid_len);
4665 drv->auth_ssid_len = params->ssid_len;
4667 drv->auth_ssid_len = 0;
4670 os_free(drv->auth_ie);
4671 drv->auth_ie = NULL;
4672 drv->auth_ie_len = 0;
4674 drv->auth_ie = os_malloc(params->ie_len);
4676 os_memcpy(drv->auth_ie, params->ie, params->ie_len);
4677 drv->auth_ie_len = params->ie_len;
4681 for (i = 0; i < 4; i++) {
4682 if (params->wep_key[i] && params->wep_key_len[i] &&
4683 params->wep_key_len[i] <= 16) {
4684 os_memcpy(drv->auth_wep_key[i], params->wep_key[i],
4685 params->wep_key_len[i]);
4686 drv->auth_wep_key_len[i] = params->wep_key_len[i];
4688 drv->auth_wep_key_len[i] = 0;
4693 static int wpa_driver_nl80211_authenticate(
4694 struct i802_bss *bss, struct wpa_driver_auth_params *params)
4696 struct wpa_driver_nl80211_data *drv = bss->drv;
4699 enum nl80211_auth_type type;
4700 enum nl80211_iftype nlmode;
4704 is_retry = drv->retry_auth;
4705 drv->retry_auth = 0;
4707 drv->associated = 0;
4708 os_memset(drv->auth_bssid, 0, ETH_ALEN);
4709 /* FIX: IBSS mode */
4710 nlmode = params->p2p ?
4711 NL80211_IFTYPE_P2P_CLIENT : NL80211_IFTYPE_STATION;
4712 if (drv->nlmode != nlmode &&
4713 wpa_driver_nl80211_set_mode(bss, nlmode) < 0)
4717 msg = nlmsg_alloc();
4721 wpa_printf(MSG_DEBUG, "nl80211: Authenticate (ifindex=%d)",
4724 nl80211_cmd(drv, msg, 0, NL80211_CMD_AUTHENTICATE);
4726 for (i = 0; i < 4; i++) {
4727 if (!params->wep_key[i])
4729 wpa_driver_nl80211_set_key(bss->ifname, bss, WPA_ALG_WEP,
4731 i == params->wep_tx_keyidx, NULL, 0,
4733 params->wep_key_len[i]);
4734 if (params->wep_tx_keyidx != i)
4736 if (nl_add_key(msg, WPA_ALG_WEP, i, 1, NULL, 0,
4737 params->wep_key[i], params->wep_key_len[i])) {
4743 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
4744 if (params->bssid) {
4745 wpa_printf(MSG_DEBUG, " * bssid=" MACSTR,
4746 MAC2STR(params->bssid));
4747 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid);
4750 wpa_printf(MSG_DEBUG, " * freq=%d", params->freq);
4751 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, params->freq);
4754 wpa_hexdump_ascii(MSG_DEBUG, " * SSID",
4755 params->ssid, params->ssid_len);
4756 NLA_PUT(msg, NL80211_ATTR_SSID, params->ssid_len,
4759 wpa_hexdump(MSG_DEBUG, " * IEs", params->ie, params->ie_len);
4761 NLA_PUT(msg, NL80211_ATTR_IE, params->ie_len, params->ie);
4762 if (params->sae_data) {
4763 wpa_hexdump(MSG_DEBUG, " * SAE data", params->sae_data,
4764 params->sae_data_len);
4765 NLA_PUT(msg, NL80211_ATTR_SAE_DATA, params->sae_data_len,
4768 if (params->auth_alg & WPA_AUTH_ALG_OPEN)
4769 type = NL80211_AUTHTYPE_OPEN_SYSTEM;
4770 else if (params->auth_alg & WPA_AUTH_ALG_SHARED)
4771 type = NL80211_AUTHTYPE_SHARED_KEY;
4772 else if (params->auth_alg & WPA_AUTH_ALG_LEAP)
4773 type = NL80211_AUTHTYPE_NETWORK_EAP;
4774 else if (params->auth_alg & WPA_AUTH_ALG_FT)
4775 type = NL80211_AUTHTYPE_FT;
4776 else if (params->auth_alg & WPA_AUTH_ALG_SAE)
4777 type = NL80211_AUTHTYPE_SAE;
4779 goto nla_put_failure;
4780 wpa_printf(MSG_DEBUG, " * Auth Type %d", type);
4781 NLA_PUT_U32(msg, NL80211_ATTR_AUTH_TYPE, type);
4782 if (params->local_state_change) {
4783 wpa_printf(MSG_DEBUG, " * Local state change only");
4784 NLA_PUT_FLAG(msg, NL80211_ATTR_LOCAL_STATE_CHANGE);
4787 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
4790 wpa_dbg(drv->ctx, MSG_DEBUG,
4791 "nl80211: MLME command failed (auth): ret=%d (%s)",
4792 ret, strerror(-ret));
4794 if (ret == -EALREADY && count == 1 && params->bssid &&
4795 !params->local_state_change) {
4797 * mac80211 does not currently accept new
4798 * authentication if we are already authenticated. As a
4799 * workaround, force deauthentication and try again.
4801 wpa_printf(MSG_DEBUG, "nl80211: Retry authentication "
4802 "after forced deauthentication");
4803 wpa_driver_nl80211_deauthenticate(
4805 WLAN_REASON_PREV_AUTH_NOT_VALID);
4810 if (ret == -ENOENT && params->freq && !is_retry) {
4812 * cfg80211 has likely expired the BSS entry even
4813 * though it was previously available in our internal
4814 * BSS table. To recover quickly, start a single
4815 * channel scan on the specified channel.
4817 struct wpa_driver_scan_params scan;
4820 os_memset(&scan, 0, sizeof(scan));
4823 scan.ssids[0].ssid = params->ssid;
4824 scan.ssids[0].ssid_len = params->ssid_len;
4826 freqs[0] = params->freq;
4829 wpa_printf(MSG_DEBUG, "nl80211: Trigger single "
4830 "channel scan to refresh cfg80211 BSS "
4832 ret = wpa_driver_nl80211_scan(bss, &scan);
4834 nl80211_copy_auth_params(drv, params);
4835 drv->scan_for_auth = 1;
4837 } else if (is_retry) {
4839 * Need to indicate this with an event since the return
4840 * value from the retry is not delivered to core code.
4842 union wpa_event_data event;
4843 wpa_printf(MSG_DEBUG, "nl80211: Authentication retry "
4845 os_memset(&event, 0, sizeof(event));
4846 os_memcpy(event.timeout_event.addr, drv->auth_bssid_,
4848 wpa_supplicant_event(drv->ctx, EVENT_AUTH_TIMED_OUT,
4852 goto nla_put_failure;
4855 wpa_printf(MSG_DEBUG, "nl80211: Authentication request send "
4864 static int wpa_driver_nl80211_authenticate_retry(
4865 struct wpa_driver_nl80211_data *drv)
4867 struct wpa_driver_auth_params params;
4868 struct i802_bss *bss = &drv->first_bss;
4871 wpa_printf(MSG_DEBUG, "nl80211: Try to authenticate again");
4873 os_memset(¶ms, 0, sizeof(params));
4874 params.freq = drv->auth_freq;
4875 params.auth_alg = drv->auth_alg;
4876 params.wep_tx_keyidx = drv->auth_wep_tx_keyidx;
4877 params.local_state_change = drv->auth_local_state_change;
4878 params.p2p = drv->auth_p2p;
4880 if (!is_zero_ether_addr(drv->auth_bssid_))
4881 params.bssid = drv->auth_bssid_;
4883 if (drv->auth_ssid_len) {
4884 params.ssid = drv->auth_ssid;
4885 params.ssid_len = drv->auth_ssid_len;
4888 params.ie = drv->auth_ie;
4889 params.ie_len = drv->auth_ie_len;
4891 for (i = 0; i < 4; i++) {
4892 if (drv->auth_wep_key_len[i]) {
4893 params.wep_key[i] = drv->auth_wep_key[i];
4894 params.wep_key_len[i] = drv->auth_wep_key_len[i];
4898 drv->retry_auth = 1;
4899 return wpa_driver_nl80211_authenticate(bss, ¶ms);
4903 struct phy_info_arg {
4905 struct hostapd_hw_modes *modes;
4908 static int phy_info_handler(struct nl_msg *msg, void *arg)
4910 struct nlattr *tb_msg[NL80211_ATTR_MAX + 1];
4911 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
4912 struct phy_info_arg *phy_info = arg;
4914 struct nlattr *tb_band[NL80211_BAND_ATTR_MAX + 1];
4916 struct nlattr *tb_freq[NL80211_FREQUENCY_ATTR_MAX + 1];
4917 static struct nla_policy freq_policy[NL80211_FREQUENCY_ATTR_MAX + 1] = {
4918 [NL80211_FREQUENCY_ATTR_FREQ] = { .type = NLA_U32 },
4919 [NL80211_FREQUENCY_ATTR_DISABLED] = { .type = NLA_FLAG },
4920 [NL80211_FREQUENCY_ATTR_PASSIVE_SCAN] = { .type = NLA_FLAG },
4921 [NL80211_FREQUENCY_ATTR_NO_IBSS] = { .type = NLA_FLAG },
4922 [NL80211_FREQUENCY_ATTR_RADAR] = { .type = NLA_FLAG },
4923 [NL80211_FREQUENCY_ATTR_MAX_TX_POWER] = { .type = NLA_U32 },
4926 struct nlattr *tb_rate[NL80211_BITRATE_ATTR_MAX + 1];
4927 static struct nla_policy rate_policy[NL80211_BITRATE_ATTR_MAX + 1] = {
4928 [NL80211_BITRATE_ATTR_RATE] = { .type = NLA_U32 },
4929 [NL80211_BITRATE_ATTR_2GHZ_SHORTPREAMBLE] = { .type = NLA_FLAG },
4932 struct nlattr *nl_band;
4933 struct nlattr *nl_freq;
4934 struct nlattr *nl_rate;
4935 int rem_band, rem_freq, rem_rate;
4936 struct hostapd_hw_modes *mode;
4937 int idx, mode_is_set;
4939 nla_parse(tb_msg, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
4940 genlmsg_attrlen(gnlh, 0), NULL);
4942 if (!tb_msg[NL80211_ATTR_WIPHY_BANDS])
4945 nla_for_each_nested(nl_band, tb_msg[NL80211_ATTR_WIPHY_BANDS], rem_band) {
4946 mode = os_realloc_array(phy_info->modes,
4947 *phy_info->num_modes + 1,
4951 phy_info->modes = mode;
4955 mode = &phy_info->modes[*(phy_info->num_modes)];
4956 memset(mode, 0, sizeof(*mode));
4957 mode->flags = HOSTAPD_MODE_FLAG_HT_INFO_KNOWN;
4958 *(phy_info->num_modes) += 1;
4960 nla_parse(tb_band, NL80211_BAND_ATTR_MAX, nla_data(nl_band),
4961 nla_len(nl_band), NULL);
4963 if (tb_band[NL80211_BAND_ATTR_HT_CAPA]) {
4964 mode->ht_capab = nla_get_u16(
4965 tb_band[NL80211_BAND_ATTR_HT_CAPA]);
4968 if (tb_band[NL80211_BAND_ATTR_HT_AMPDU_FACTOR]) {
4969 mode->a_mpdu_params |= nla_get_u8(
4970 tb_band[NL80211_BAND_ATTR_HT_AMPDU_FACTOR]) &
4974 if (tb_band[NL80211_BAND_ATTR_HT_AMPDU_DENSITY]) {
4975 mode->a_mpdu_params |= nla_get_u8(
4976 tb_band[NL80211_BAND_ATTR_HT_AMPDU_DENSITY]) <<
4980 if (tb_band[NL80211_BAND_ATTR_HT_MCS_SET] &&
4981 nla_len(tb_band[NL80211_BAND_ATTR_HT_MCS_SET])) {
4983 mcs = nla_data(tb_band[NL80211_BAND_ATTR_HT_MCS_SET]);
4984 os_memcpy(mode->mcs_set, mcs, 16);
4987 if (tb_band[NL80211_BAND_ATTR_VHT_CAPA]) {
4988 mode->vht_capab = nla_get_u32(
4989 tb_band[NL80211_BAND_ATTR_VHT_CAPA]);
4992 if (tb_band[NL80211_BAND_ATTR_VHT_MCS_SET] &&
4993 nla_len(tb_band[NL80211_BAND_ATTR_VHT_MCS_SET])) {
4995 mcs = nla_data(tb_band[NL80211_BAND_ATTR_VHT_MCS_SET]);
4996 os_memcpy(mode->vht_mcs_set, mcs, 8);
4999 nla_for_each_nested(nl_freq, tb_band[NL80211_BAND_ATTR_FREQS], rem_freq) {
5000 nla_parse(tb_freq, NL80211_FREQUENCY_ATTR_MAX, nla_data(nl_freq),
5001 nla_len(nl_freq), freq_policy);
5002 if (!tb_freq[NL80211_FREQUENCY_ATTR_FREQ])
5004 mode->num_channels++;
5007 mode->channels = os_calloc(mode->num_channels,
5008 sizeof(struct hostapd_channel_data));
5009 if (!mode->channels)
5014 nla_for_each_nested(nl_freq, tb_band[NL80211_BAND_ATTR_FREQS], rem_freq) {
5015 nla_parse(tb_freq, NL80211_FREQUENCY_ATTR_MAX, nla_data(nl_freq),
5016 nla_len(nl_freq), freq_policy);
5017 if (!tb_freq[NL80211_FREQUENCY_ATTR_FREQ])
5020 mode->channels[idx].freq = nla_get_u32(tb_freq[NL80211_FREQUENCY_ATTR_FREQ]);
5021 mode->channels[idx].flag = 0;
5024 /* crude heuristic */
5025 if (mode->channels[idx].freq < 4000)
5026 mode->mode = HOSTAPD_MODE_IEEE80211B;
5027 else if (mode->channels[idx].freq > 50000)
5028 mode->mode = HOSTAPD_MODE_IEEE80211AD;
5030 mode->mode = HOSTAPD_MODE_IEEE80211A;
5034 switch (mode->mode) {
5035 case HOSTAPD_MODE_IEEE80211AD:
5036 mode->channels[idx].chan =
5037 (mode->channels[idx].freq - 56160) /
5040 case HOSTAPD_MODE_IEEE80211A:
5041 mode->channels[idx].chan =
5042 mode->channels[idx].freq / 5 - 1000;
5044 case HOSTAPD_MODE_IEEE80211B:
5045 case HOSTAPD_MODE_IEEE80211G:
5046 if (mode->channels[idx].freq == 2484)
5047 mode->channels[idx].chan = 14;
5049 mode->channels[idx].chan =
5050 (mode->channels[idx].freq -
5057 if (tb_freq[NL80211_FREQUENCY_ATTR_DISABLED])
5058 mode->channels[idx].flag |=
5059 HOSTAPD_CHAN_DISABLED;
5060 if (tb_freq[NL80211_FREQUENCY_ATTR_PASSIVE_SCAN])
5061 mode->channels[idx].flag |=
5062 HOSTAPD_CHAN_PASSIVE_SCAN;
5063 if (tb_freq[NL80211_FREQUENCY_ATTR_NO_IBSS])
5064 mode->channels[idx].flag |=
5065 HOSTAPD_CHAN_NO_IBSS;
5066 if (tb_freq[NL80211_FREQUENCY_ATTR_RADAR])
5067 mode->channels[idx].flag |=
5070 if (tb_freq[NL80211_FREQUENCY_ATTR_MAX_TX_POWER] &&
5071 !tb_freq[NL80211_FREQUENCY_ATTR_DISABLED])
5072 mode->channels[idx].max_tx_power =
5073 nla_get_u32(tb_freq[NL80211_FREQUENCY_ATTR_MAX_TX_POWER]) / 100;
5078 nla_for_each_nested(nl_rate, tb_band[NL80211_BAND_ATTR_RATES], rem_rate) {
5079 nla_parse(tb_rate, NL80211_BITRATE_ATTR_MAX, nla_data(nl_rate),
5080 nla_len(nl_rate), rate_policy);
5081 if (!tb_rate[NL80211_BITRATE_ATTR_RATE])
5086 mode->rates = os_calloc(mode->num_rates, sizeof(int));
5092 nla_for_each_nested(nl_rate, tb_band[NL80211_BAND_ATTR_RATES], rem_rate) {
5093 nla_parse(tb_rate, NL80211_BITRATE_ATTR_MAX, nla_data(nl_rate),
5094 nla_len(nl_rate), rate_policy);
5095 if (!tb_rate[NL80211_BITRATE_ATTR_RATE])
5097 mode->rates[idx] = nla_get_u32(tb_rate[NL80211_BITRATE_ATTR_RATE]);
5099 /* crude heuristic */
5100 if (mode->mode == HOSTAPD_MODE_IEEE80211B &&
5101 mode->rates[idx] > 200)
5102 mode->mode = HOSTAPD_MODE_IEEE80211G;
5111 static struct hostapd_hw_modes *
5112 wpa_driver_nl80211_add_11b(struct hostapd_hw_modes *modes, u16 *num_modes)
5115 struct hostapd_hw_modes *mode11g = NULL, *nmodes, *mode;
5116 int i, mode11g_idx = -1;
5118 /* If only 802.11g mode is included, use it to construct matching
5119 * 802.11b mode data. */
5121 for (m = 0; m < *num_modes; m++) {
5122 if (modes[m].mode == HOSTAPD_MODE_IEEE80211B)
5123 return modes; /* 802.11b already included */
5124 if (modes[m].mode == HOSTAPD_MODE_IEEE80211G)
5128 if (mode11g_idx < 0)
5129 return modes; /* 2.4 GHz band not supported at all */
5131 nmodes = os_realloc_array(modes, *num_modes + 1, sizeof(*nmodes));
5133 return modes; /* Could not add 802.11b mode */
5135 mode = &nmodes[*num_modes];
5136 os_memset(mode, 0, sizeof(*mode));
5140 mode->mode = HOSTAPD_MODE_IEEE80211B;
5142 mode11g = &modes[mode11g_idx];
5143 mode->num_channels = mode11g->num_channels;
5144 mode->channels = os_malloc(mode11g->num_channels *
5145 sizeof(struct hostapd_channel_data));
5146 if (mode->channels == NULL) {
5148 return modes; /* Could not add 802.11b mode */
5150 os_memcpy(mode->channels, mode11g->channels,
5151 mode11g->num_channels * sizeof(struct hostapd_channel_data));
5153 mode->num_rates = 0;
5154 mode->rates = os_malloc(4 * sizeof(int));
5155 if (mode->rates == NULL) {
5156 os_free(mode->channels);
5158 return modes; /* Could not add 802.11b mode */
5161 for (i = 0; i < mode11g->num_rates; i++) {
5162 if (mode11g->rates[i] != 10 && mode11g->rates[i] != 20 &&
5163 mode11g->rates[i] != 55 && mode11g->rates[i] != 110)
5165 mode->rates[mode->num_rates] = mode11g->rates[i];
5167 if (mode->num_rates == 4)
5171 if (mode->num_rates == 0) {
5172 os_free(mode->channels);
5173 os_free(mode->rates);
5175 return modes; /* No 802.11b rates */
5178 wpa_printf(MSG_DEBUG, "nl80211: Added 802.11b mode based on 802.11g "
5185 static void nl80211_set_ht40_mode(struct hostapd_hw_modes *mode, int start,
5190 for (c = 0; c < mode->num_channels; c++) {
5191 struct hostapd_channel_data *chan = &mode->channels[c];
5192 if (chan->freq - 10 >= start && chan->freq + 10 <= end)
5193 chan->flag |= HOSTAPD_CHAN_HT40;
5198 static void nl80211_set_ht40_mode_sec(struct hostapd_hw_modes *mode, int start,
5203 for (c = 0; c < mode->num_channels; c++) {
5204 struct hostapd_channel_data *chan = &mode->channels[c];
5205 if (!(chan->flag & HOSTAPD_CHAN_HT40))
5207 if (chan->freq - 30 >= start && chan->freq - 10 <= end)
5208 chan->flag |= HOSTAPD_CHAN_HT40MINUS;
5209 if (chan->freq + 10 >= start && chan->freq + 30 <= end)
5210 chan->flag |= HOSTAPD_CHAN_HT40PLUS;
5215 static void nl80211_reg_rule_ht40(struct nlattr *tb[],
5216 struct phy_info_arg *results)
5218 u32 start, end, max_bw;
5221 if (tb[NL80211_ATTR_FREQ_RANGE_START] == NULL ||
5222 tb[NL80211_ATTR_FREQ_RANGE_END] == NULL ||
5223 tb[NL80211_ATTR_FREQ_RANGE_MAX_BW] == NULL)
5226 start = nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_START]) / 1000;
5227 end = nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_END]) / 1000;
5228 max_bw = nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_MAX_BW]) / 1000;
5230 wpa_printf(MSG_DEBUG, "nl80211: %u-%u @ %u MHz",
5231 start, end, max_bw);
5235 for (m = 0; m < *results->num_modes; m++) {
5236 if (!(results->modes[m].ht_capab &
5237 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET))
5239 nl80211_set_ht40_mode(&results->modes[m], start, end);
5244 static void nl80211_reg_rule_sec(struct nlattr *tb[],
5245 struct phy_info_arg *results)
5247 u32 start, end, max_bw;
5250 if (tb[NL80211_ATTR_FREQ_RANGE_START] == NULL ||
5251 tb[NL80211_ATTR_FREQ_RANGE_END] == NULL ||
5252 tb[NL80211_ATTR_FREQ_RANGE_MAX_BW] == NULL)
5255 start = nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_START]) / 1000;
5256 end = nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_END]) / 1000;
5257 max_bw = nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_MAX_BW]) / 1000;
5262 for (m = 0; m < *results->num_modes; m++) {
5263 if (!(results->modes[m].ht_capab &
5264 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET))
5266 nl80211_set_ht40_mode_sec(&results->modes[m], start, end);
5271 static int nl80211_get_reg(struct nl_msg *msg, void *arg)
5273 struct phy_info_arg *results = arg;
5274 struct nlattr *tb_msg[NL80211_ATTR_MAX + 1];
5275 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
5276 struct nlattr *nl_rule;
5277 struct nlattr *tb_rule[NL80211_FREQUENCY_ATTR_MAX + 1];
5279 static struct nla_policy reg_policy[NL80211_FREQUENCY_ATTR_MAX + 1] = {
5280 [NL80211_ATTR_REG_RULE_FLAGS] = { .type = NLA_U32 },
5281 [NL80211_ATTR_FREQ_RANGE_START] = { .type = NLA_U32 },
5282 [NL80211_ATTR_FREQ_RANGE_END] = { .type = NLA_U32 },
5283 [NL80211_ATTR_FREQ_RANGE_MAX_BW] = { .type = NLA_U32 },
5284 [NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN] = { .type = NLA_U32 },
5285 [NL80211_ATTR_POWER_RULE_MAX_EIRP] = { .type = NLA_U32 },
5288 nla_parse(tb_msg, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
5289 genlmsg_attrlen(gnlh, 0), NULL);
5290 if (!tb_msg[NL80211_ATTR_REG_ALPHA2] ||
5291 !tb_msg[NL80211_ATTR_REG_RULES]) {
5292 wpa_printf(MSG_DEBUG, "nl80211: No regulatory information "
5297 wpa_printf(MSG_DEBUG, "nl80211: Regulatory information - country=%s",
5298 (char *) nla_data(tb_msg[NL80211_ATTR_REG_ALPHA2]));
5300 nla_for_each_nested(nl_rule, tb_msg[NL80211_ATTR_REG_RULES], rem_rule)
5302 nla_parse(tb_rule, NL80211_FREQUENCY_ATTR_MAX,
5303 nla_data(nl_rule), nla_len(nl_rule), reg_policy);
5304 nl80211_reg_rule_ht40(tb_rule, results);
5307 nla_for_each_nested(nl_rule, tb_msg[NL80211_ATTR_REG_RULES], rem_rule)
5309 nla_parse(tb_rule, NL80211_FREQUENCY_ATTR_MAX,
5310 nla_data(nl_rule), nla_len(nl_rule), reg_policy);
5311 nl80211_reg_rule_sec(tb_rule, results);
5318 static int nl80211_set_ht40_flags(struct wpa_driver_nl80211_data *drv,
5319 struct phy_info_arg *results)
5323 msg = nlmsg_alloc();
5327 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_REG);
5328 return send_and_recv_msgs(drv, msg, nl80211_get_reg, results);
5332 static struct hostapd_hw_modes *
5333 wpa_driver_nl80211_get_hw_feature_data(void *priv, u16 *num_modes, u16 *flags)
5335 struct i802_bss *bss = priv;
5336 struct wpa_driver_nl80211_data *drv = bss->drv;
5338 struct phy_info_arg result = {
5339 .num_modes = num_modes,
5346 msg = nlmsg_alloc();
5350 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_WIPHY);
5352 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
5354 if (send_and_recv_msgs(drv, msg, phy_info_handler, &result) == 0) {
5355 nl80211_set_ht40_flags(drv, &result);
5356 return wpa_driver_nl80211_add_11b(result.modes, num_modes);
5365 static int wpa_driver_nl80211_send_mntr(struct wpa_driver_nl80211_data *drv,
5366 const void *data, size_t len,
5367 int encrypt, int noack)
5370 0x00, 0x00, /* radiotap version */
5371 0x0e, 0x00, /* radiotap length */
5372 0x02, 0xc0, 0x00, 0x00, /* bmap: flags, tx and rx flags */
5373 IEEE80211_RADIOTAP_F_FRAG, /* F_FRAG (fragment if required) */
5375 0x00, 0x00, /* RX and TX flags to indicate that */
5376 0x00, 0x00, /* this is the injected frame directly */
5378 struct iovec iov[2] = {
5380 .iov_base = &rtap_hdr,
5381 .iov_len = sizeof(rtap_hdr),
5384 .iov_base = (void *) data,
5388 struct msghdr msg = {
5393 .msg_control = NULL,
5394 .msg_controllen = 0,
5401 rtap_hdr[8] |= IEEE80211_RADIOTAP_F_WEP;
5403 if (drv->monitor_sock < 0) {
5404 wpa_printf(MSG_DEBUG, "nl80211: No monitor socket available "
5405 "for %s", __func__);
5410 txflags |= IEEE80211_RADIOTAP_F_TX_NOACK;
5411 WPA_PUT_LE16(&rtap_hdr[12], txflags);
5413 res = sendmsg(drv->monitor_sock, &msg, 0);
5415 wpa_printf(MSG_INFO, "nl80211: sendmsg: %s", strerror(errno));
5422 static int wpa_driver_nl80211_send_frame(struct i802_bss *bss,
5423 const void *data, size_t len,
5424 int encrypt, int noack,
5425 unsigned int freq, int no_cck,
5426 int offchanok, unsigned int wait_time)
5428 struct wpa_driver_nl80211_data *drv = bss->drv;
5434 if (drv->use_monitor)
5435 return wpa_driver_nl80211_send_mntr(drv, data, len,
5438 return nl80211_send_frame_cmd(bss, freq, wait_time, data, len,
5439 &cookie, no_cck, noack, offchanok);
5443 static int wpa_driver_nl80211_send_mlme(struct i802_bss *bss, const u8 *data,
5444 size_t data_len, int noack,
5445 unsigned int freq, int no_cck,
5447 unsigned int wait_time)
5449 struct wpa_driver_nl80211_data *drv = bss->drv;
5450 struct ieee80211_mgmt *mgmt;
5454 mgmt = (struct ieee80211_mgmt *) data;
5455 fc = le_to_host16(mgmt->frame_control);
5457 if (is_sta_interface(drv->nlmode) &&
5458 WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT &&
5459 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_PROBE_RESP) {
5461 * The use of last_mgmt_freq is a bit of a hack,
5462 * but it works due to the single-threaded nature
5463 * of wpa_supplicant.
5466 freq = drv->last_mgmt_freq;
5467 return nl80211_send_frame_cmd(bss, freq, 0,
5468 data, data_len, NULL, 1, noack,
5472 if (drv->device_ap_sme && is_ap_interface(drv->nlmode)) {
5475 return nl80211_send_frame_cmd(bss, freq,
5476 (int) freq == bss->freq ? 0 :
5479 &drv->send_action_cookie,
5480 no_cck, noack, offchanok);
5483 if (WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT &&
5484 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_AUTH) {
5486 * Only one of the authentication frame types is encrypted.
5487 * In order for static WEP encryption to work properly (i.e.,
5488 * to not encrypt the frame), we need to tell mac80211 about
5489 * the frames that must not be encrypted.
5491 u16 auth_alg = le_to_host16(mgmt->u.auth.auth_alg);
5492 u16 auth_trans = le_to_host16(mgmt->u.auth.auth_transaction);
5493 if (auth_alg != WLAN_AUTH_SHARED_KEY || auth_trans != 3)
5497 return wpa_driver_nl80211_send_frame(bss, data, data_len, encrypt,
5498 noack, freq, no_cck, offchanok,
5503 static int nl80211_set_bss(struct i802_bss *bss, int cts, int preamble,
5504 int slot, int ht_opmode, int ap_isolate,
5507 struct wpa_driver_nl80211_data *drv = bss->drv;
5510 msg = nlmsg_alloc();
5514 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_BSS);
5517 NLA_PUT_U8(msg, NL80211_ATTR_BSS_CTS_PROT, cts);
5519 NLA_PUT_U8(msg, NL80211_ATTR_BSS_SHORT_PREAMBLE, preamble);
5521 NLA_PUT_U8(msg, NL80211_ATTR_BSS_SHORT_SLOT_TIME, slot);
5523 NLA_PUT_U16(msg, NL80211_ATTR_BSS_HT_OPMODE, ht_opmode);
5524 if (ap_isolate >= 0)
5525 NLA_PUT_U8(msg, NL80211_ATTR_AP_ISOLATE, ap_isolate);
5528 u8 rates[NL80211_MAX_SUPP_RATES];
5532 for (i = 0; i < NL80211_MAX_SUPP_RATES && basic_rates[i] >= 0;
5534 rates[rates_len++] = basic_rates[i] / 5;
5536 NLA_PUT(msg, NL80211_ATTR_BSS_BASIC_RATES, rates_len, rates);
5539 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(bss->ifname));
5541 return send_and_recv_msgs(drv, msg, NULL, NULL);
5548 static int wpa_driver_nl80211_set_ap(void *priv,
5549 struct wpa_driver_ap_params *params)
5551 struct i802_bss *bss = priv;
5552 struct wpa_driver_nl80211_data *drv = bss->drv;
5554 u8 cmd = NL80211_CMD_NEW_BEACON;
5557 int ifindex = if_nametoindex(bss->ifname);
5562 beacon_set = bss->beacon_set;
5564 msg = nlmsg_alloc();
5568 wpa_printf(MSG_DEBUG, "nl80211: Set beacon (beacon_set=%d)",
5571 cmd = NL80211_CMD_SET_BEACON;
5573 nl80211_cmd(drv, msg, 0, cmd);
5574 NLA_PUT(msg, NL80211_ATTR_BEACON_HEAD, params->head_len, params->head);
5575 NLA_PUT(msg, NL80211_ATTR_BEACON_TAIL, params->tail_len, params->tail);
5576 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifindex);
5577 NLA_PUT_U32(msg, NL80211_ATTR_BEACON_INTERVAL, params->beacon_int);
5578 NLA_PUT_U32(msg, NL80211_ATTR_DTIM_PERIOD, params->dtim_period);
5579 NLA_PUT(msg, NL80211_ATTR_SSID, params->ssid_len,
5581 if (params->proberesp && params->proberesp_len)
5582 NLA_PUT(msg, NL80211_ATTR_PROBE_RESP, params->proberesp_len,
5584 switch (params->hide_ssid) {
5585 case NO_SSID_HIDING:
5586 NLA_PUT_U32(msg, NL80211_ATTR_HIDDEN_SSID,
5587 NL80211_HIDDEN_SSID_NOT_IN_USE);
5589 case HIDDEN_SSID_ZERO_LEN:
5590 NLA_PUT_U32(msg, NL80211_ATTR_HIDDEN_SSID,
5591 NL80211_HIDDEN_SSID_ZERO_LEN);
5593 case HIDDEN_SSID_ZERO_CONTENTS:
5594 NLA_PUT_U32(msg, NL80211_ATTR_HIDDEN_SSID,
5595 NL80211_HIDDEN_SSID_ZERO_CONTENTS);
5598 if (params->privacy)
5599 NLA_PUT_FLAG(msg, NL80211_ATTR_PRIVACY);
5600 if ((params->auth_algs & (WPA_AUTH_ALG_OPEN | WPA_AUTH_ALG_SHARED)) ==
5601 (WPA_AUTH_ALG_OPEN | WPA_AUTH_ALG_SHARED)) {
5602 /* Leave out the attribute */
5603 } else if (params->auth_algs & WPA_AUTH_ALG_SHARED)
5604 NLA_PUT_U32(msg, NL80211_ATTR_AUTH_TYPE,
5605 NL80211_AUTHTYPE_SHARED_KEY);
5607 NLA_PUT_U32(msg, NL80211_ATTR_AUTH_TYPE,
5608 NL80211_AUTHTYPE_OPEN_SYSTEM);
5611 if (params->wpa_version & WPA_PROTO_WPA)
5612 ver |= NL80211_WPA_VERSION_1;
5613 if (params->wpa_version & WPA_PROTO_RSN)
5614 ver |= NL80211_WPA_VERSION_2;
5616 NLA_PUT_U32(msg, NL80211_ATTR_WPA_VERSIONS, ver);
5619 if (params->key_mgmt_suites & WPA_KEY_MGMT_IEEE8021X)
5620 suites[num_suites++] = WLAN_AKM_SUITE_8021X;
5621 if (params->key_mgmt_suites & WPA_KEY_MGMT_PSK)
5622 suites[num_suites++] = WLAN_AKM_SUITE_PSK;
5624 NLA_PUT(msg, NL80211_ATTR_AKM_SUITES,
5625 num_suites * sizeof(u32), suites);
5628 if (params->key_mgmt_suites & WPA_KEY_MGMT_IEEE8021X &&
5629 params->pairwise_ciphers & (WPA_CIPHER_WEP104 | WPA_CIPHER_WEP40))
5630 NLA_PUT_FLAG(msg, NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT);
5633 if (params->pairwise_ciphers & WPA_CIPHER_CCMP)
5634 suites[num_suites++] = WLAN_CIPHER_SUITE_CCMP;
5635 if (params->pairwise_ciphers & WPA_CIPHER_GCMP)
5636 suites[num_suites++] = WLAN_CIPHER_SUITE_GCMP;
5637 if (params->pairwise_ciphers & WPA_CIPHER_TKIP)
5638 suites[num_suites++] = WLAN_CIPHER_SUITE_TKIP;
5639 if (params->pairwise_ciphers & WPA_CIPHER_WEP104)
5640 suites[num_suites++] = WLAN_CIPHER_SUITE_WEP104;
5641 if (params->pairwise_ciphers & WPA_CIPHER_WEP40)
5642 suites[num_suites++] = WLAN_CIPHER_SUITE_WEP40;
5644 NLA_PUT(msg, NL80211_ATTR_CIPHER_SUITES_PAIRWISE,
5645 num_suites * sizeof(u32), suites);
5648 switch (params->group_cipher) {
5649 case WPA_CIPHER_CCMP:
5650 NLA_PUT_U32(msg, NL80211_ATTR_CIPHER_SUITE_GROUP,
5651 WLAN_CIPHER_SUITE_CCMP);
5653 case WPA_CIPHER_GCMP:
5654 NLA_PUT_U32(msg, NL80211_ATTR_CIPHER_SUITE_GROUP,
5655 WLAN_CIPHER_SUITE_GCMP);
5657 case WPA_CIPHER_TKIP:
5658 NLA_PUT_U32(msg, NL80211_ATTR_CIPHER_SUITE_GROUP,
5659 WLAN_CIPHER_SUITE_TKIP);
5661 case WPA_CIPHER_WEP104:
5662 NLA_PUT_U32(msg, NL80211_ATTR_CIPHER_SUITE_GROUP,
5663 WLAN_CIPHER_SUITE_WEP104);
5665 case WPA_CIPHER_WEP40:
5666 NLA_PUT_U32(msg, NL80211_ATTR_CIPHER_SUITE_GROUP,
5667 WLAN_CIPHER_SUITE_WEP40);
5671 if (params->beacon_ies) {
5672 NLA_PUT(msg, NL80211_ATTR_IE, wpabuf_len(params->beacon_ies),
5673 wpabuf_head(params->beacon_ies));
5675 if (params->proberesp_ies) {
5676 NLA_PUT(msg, NL80211_ATTR_IE_PROBE_RESP,
5677 wpabuf_len(params->proberesp_ies),
5678 wpabuf_head(params->proberesp_ies));
5680 if (params->assocresp_ies) {
5681 NLA_PUT(msg, NL80211_ATTR_IE_ASSOC_RESP,
5682 wpabuf_len(params->assocresp_ies),
5683 wpabuf_head(params->assocresp_ies));
5686 if (drv->capa.flags & WPA_DRIVER_FLAGS_INACTIVITY_TIMER) {
5687 NLA_PUT_U16(msg, NL80211_ATTR_INACTIVITY_TIMEOUT,
5688 params->ap_max_inactivity);
5691 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
5693 wpa_printf(MSG_DEBUG, "nl80211: Beacon set failed: %d (%s)",
5694 ret, strerror(-ret));
5696 bss->beacon_set = 1;
5697 nl80211_set_bss(bss, params->cts_protect, params->preamble,
5698 params->short_slot_time, params->ht_opmode,
5699 params->isolate, params->basic_rates);
5708 static int wpa_driver_nl80211_set_freq(struct i802_bss *bss,
5709 struct hostapd_freq_params *freq)
5711 struct wpa_driver_nl80211_data *drv = bss->drv;
5715 wpa_printf(MSG_DEBUG, "nl80211: Set freq %d (ht_enabled=%d, vht_enabled=%d,"
5716 " bandwidth=%d MHz, cf1=%d MHz, cf2=%d MHz)",
5717 freq->freq, freq->ht_enabled, freq->vht_enabled,
5718 freq->bandwidth, freq->center_freq1, freq->center_freq2);
5719 msg = nlmsg_alloc();
5723 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_WIPHY);
5725 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
5726 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, freq->freq);
5727 if (freq->vht_enabled) {
5728 switch (freq->bandwidth) {
5730 NLA_PUT_U32(msg, NL80211_ATTR_CHANNEL_WIDTH,
5731 NL80211_CHAN_WIDTH_20);
5734 NLA_PUT_U32(msg, NL80211_ATTR_CHANNEL_WIDTH,
5735 NL80211_CHAN_WIDTH_40);
5738 if (freq->center_freq2)
5739 NLA_PUT_U32(msg, NL80211_ATTR_CHANNEL_WIDTH,
5740 NL80211_CHAN_WIDTH_80P80);
5742 NLA_PUT_U32(msg, NL80211_ATTR_CHANNEL_WIDTH,
5743 NL80211_CHAN_WIDTH_80);
5746 NLA_PUT_U32(msg, NL80211_ATTR_CHANNEL_WIDTH,
5747 NL80211_CHAN_WIDTH_160);
5752 NLA_PUT_U32(msg, NL80211_ATTR_CENTER_FREQ1, freq->center_freq1);
5753 if (freq->center_freq2)
5754 NLA_PUT_U32(msg, NL80211_ATTR_CENTER_FREQ2,
5755 freq->center_freq2);
5756 } else if (freq->ht_enabled) {
5757 switch (freq->sec_channel_offset) {
5759 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE,
5760 NL80211_CHAN_HT40MINUS);
5763 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE,
5764 NL80211_CHAN_HT40PLUS);
5767 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE,
5773 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
5776 bss->freq = freq->freq;
5779 wpa_printf(MSG_DEBUG, "nl80211: Failed to set channel (freq=%d): "
5780 "%d (%s)", freq->freq, ret, strerror(-ret));
5787 static u32 sta_flags_nl80211(int flags)
5791 if (flags & WPA_STA_AUTHORIZED)
5792 f |= BIT(NL80211_STA_FLAG_AUTHORIZED);
5793 if (flags & WPA_STA_WMM)
5794 f |= BIT(NL80211_STA_FLAG_WME);
5795 if (flags & WPA_STA_SHORT_PREAMBLE)
5796 f |= BIT(NL80211_STA_FLAG_SHORT_PREAMBLE);
5797 if (flags & WPA_STA_MFP)
5798 f |= BIT(NL80211_STA_FLAG_MFP);
5799 if (flags & WPA_STA_TDLS_PEER)
5800 f |= BIT(NL80211_STA_FLAG_TDLS_PEER);
5806 static int wpa_driver_nl80211_sta_add(void *priv,
5807 struct hostapd_sta_add_params *params)
5809 struct i802_bss *bss = priv;
5810 struct wpa_driver_nl80211_data *drv = bss->drv;
5811 struct nl_msg *msg, *wme = NULL;
5812 struct nl80211_sta_flag_update upd;
5815 if ((params->flags & WPA_STA_TDLS_PEER) &&
5816 !(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT))
5819 msg = nlmsg_alloc();
5823 wpa_printf(MSG_DEBUG, "nl80211: %s STA " MACSTR,
5824 params->set ? "Set" : "Add", MAC2STR(params->addr));
5825 nl80211_cmd(drv, msg, 0, params->set ? NL80211_CMD_SET_STATION :
5826 NL80211_CMD_NEW_STATION);
5828 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(bss->ifname));
5829 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, params->addr);
5830 NLA_PUT(msg, NL80211_ATTR_STA_SUPPORTED_RATES, params->supp_rates_len,
5831 params->supp_rates);
5832 wpa_hexdump(MSG_DEBUG, " * supported rates", params->supp_rates,
5833 params->supp_rates_len);
5835 wpa_printf(MSG_DEBUG, " * aid=%u", params->aid);
5836 NLA_PUT_U16(msg, NL80211_ATTR_STA_AID, params->aid);
5837 wpa_printf(MSG_DEBUG, " * listen_interval=%u",
5838 params->listen_interval);
5839 NLA_PUT_U16(msg, NL80211_ATTR_STA_LISTEN_INTERVAL,
5840 params->listen_interval);
5842 if (params->ht_capabilities) {
5843 wpa_hexdump(MSG_DEBUG, " * ht_capabilities",
5844 (u8 *) params->ht_capabilities,
5845 sizeof(*params->ht_capabilities));
5846 NLA_PUT(msg, NL80211_ATTR_HT_CAPABILITY,
5847 sizeof(*params->ht_capabilities),
5848 params->ht_capabilities);
5851 if (params->vht_capabilities) {
5852 wpa_hexdump(MSG_DEBUG, " * vht_capabilities",
5853 (u8 *) params->vht_capabilities,
5854 sizeof(*params->vht_capabilities));
5855 NLA_PUT(msg, NL80211_ATTR_VHT_CAPABILITY,
5856 sizeof(*params->vht_capabilities),
5857 params->vht_capabilities);
5860 wpa_printf(MSG_DEBUG, " * capability=0x%x", params->capability);
5861 NLA_PUT_U16(msg, NL80211_ATTR_STA_CAPABILITY, params->capability);
5863 if (params->ext_capab) {
5864 wpa_hexdump(MSG_DEBUG, " * ext_capab",
5865 params->ext_capab, params->ext_capab_len);
5866 NLA_PUT(msg, NL80211_ATTR_STA_EXT_CAPABILITY,
5867 params->ext_capab_len, params->ext_capab);
5870 os_memset(&upd, 0, sizeof(upd));
5871 upd.mask = sta_flags_nl80211(params->flags);
5873 wpa_printf(MSG_DEBUG, " * flags set=0x%x mask=0x%x",
5875 NLA_PUT(msg, NL80211_ATTR_STA_FLAGS2, sizeof(upd), &upd);
5877 if (params->flags & WPA_STA_WMM) {
5878 wme = nlmsg_alloc();
5880 goto nla_put_failure;
5882 wpa_printf(MSG_DEBUG, " * qosinfo=0x%x", params->qosinfo);
5883 NLA_PUT_U8(wme, NL80211_STA_WME_UAPSD_QUEUES,
5884 params->qosinfo & WMM_QOSINFO_STA_AC_MASK);
5885 NLA_PUT_U8(wme, NL80211_STA_WME_MAX_SP,
5886 (params->qosinfo >> WMM_QOSINFO_STA_SP_SHIFT) &
5887 WMM_QOSINFO_STA_SP_MASK);
5888 if (nla_put_nested(msg, NL80211_ATTR_STA_WME, wme) < 0)
5889 goto nla_put_failure;
5892 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
5895 wpa_printf(MSG_DEBUG, "nl80211: NL80211_CMD_%s_STATION "
5896 "result: %d (%s)", params->set ? "SET" : "NEW", ret,
5907 static int wpa_driver_nl80211_sta_remove(struct i802_bss *bss, const u8 *addr)
5909 struct wpa_driver_nl80211_data *drv = bss->drv;
5913 msg = nlmsg_alloc();
5917 nl80211_cmd(drv, msg, 0, NL80211_CMD_DEL_STATION);
5919 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
5920 if_nametoindex(bss->ifname));
5921 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
5923 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
5933 static void nl80211_remove_iface(struct wpa_driver_nl80211_data *drv,
5938 wpa_printf(MSG_DEBUG, "nl80211: Remove interface ifindex=%d", ifidx);
5940 /* stop listening for EAPOL on this interface */
5941 del_ifidx(drv, ifidx);
5943 msg = nlmsg_alloc();
5945 goto nla_put_failure;
5947 nl80211_cmd(drv, msg, 0, NL80211_CMD_DEL_INTERFACE);
5948 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifidx);
5950 if (send_and_recv_msgs(drv, msg, NULL, NULL) == 0)
5955 wpa_printf(MSG_ERROR, "Failed to remove interface (ifidx=%d)", ifidx);
5959 static const char * nl80211_iftype_str(enum nl80211_iftype mode)
5962 case NL80211_IFTYPE_ADHOC:
5964 case NL80211_IFTYPE_STATION:
5966 case NL80211_IFTYPE_AP:
5968 case NL80211_IFTYPE_MONITOR:
5970 case NL80211_IFTYPE_P2P_CLIENT:
5971 return "P2P_CLIENT";
5972 case NL80211_IFTYPE_P2P_GO:
5980 static int nl80211_create_iface_once(struct wpa_driver_nl80211_data *drv,
5982 enum nl80211_iftype iftype,
5983 const u8 *addr, int wds)
5985 struct nl_msg *msg, *flags = NULL;
5989 wpa_printf(MSG_DEBUG, "nl80211: Create interface iftype %d (%s)",
5990 iftype, nl80211_iftype_str(iftype));
5992 msg = nlmsg_alloc();
5996 nl80211_cmd(drv, msg, 0, NL80211_CMD_NEW_INTERFACE);
5997 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
5998 NLA_PUT_STRING(msg, NL80211_ATTR_IFNAME, ifname);
5999 NLA_PUT_U32(msg, NL80211_ATTR_IFTYPE, iftype);
6001 if (iftype == NL80211_IFTYPE_MONITOR) {
6004 flags = nlmsg_alloc();
6006 goto nla_put_failure;
6008 NLA_PUT_FLAG(flags, NL80211_MNTR_FLAG_COOK_FRAMES);
6010 err = nla_put_nested(msg, NL80211_ATTR_MNTR_FLAGS, flags);
6015 goto nla_put_failure;
6017 NLA_PUT_U8(msg, NL80211_ATTR_4ADDR, wds);
6020 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
6025 wpa_printf(MSG_ERROR, "Failed to create interface %s: %d (%s)",
6026 ifname, ret, strerror(-ret));
6030 ifidx = if_nametoindex(ifname);
6031 wpa_printf(MSG_DEBUG, "nl80211: New interface %s created: ifindex=%d",
6037 /* start listening for EAPOL on this interface */
6038 add_ifidx(drv, ifidx);
6040 if (addr && iftype != NL80211_IFTYPE_MONITOR &&
6041 linux_set_ifhwaddr(drv->global->ioctl_sock, ifname, addr)) {
6042 nl80211_remove_iface(drv, ifidx);
6050 static int nl80211_create_iface(struct wpa_driver_nl80211_data *drv,
6051 const char *ifname, enum nl80211_iftype iftype,
6052 const u8 *addr, int wds)
6056 ret = nl80211_create_iface_once(drv, ifname, iftype, addr, wds);
6058 /* if error occurred and interface exists already */
6059 if (ret == -ENFILE && if_nametoindex(ifname)) {
6060 wpa_printf(MSG_INFO, "Try to remove and re-create %s", ifname);
6062 /* Try to remove the interface that was already there. */
6063 nl80211_remove_iface(drv, if_nametoindex(ifname));
6065 /* Try to create the interface again */
6066 ret = nl80211_create_iface_once(drv, ifname, iftype, addr,
6070 if (ret >= 0 && is_p2p_interface(iftype))
6071 nl80211_disable_11b_rates(drv, ret, 1);
6077 static void handle_tx_callback(void *ctx, u8 *buf, size_t len, int ok)
6079 struct ieee80211_hdr *hdr;
6081 union wpa_event_data event;
6083 hdr = (struct ieee80211_hdr *) buf;
6084 fc = le_to_host16(hdr->frame_control);
6086 os_memset(&event, 0, sizeof(event));
6087 event.tx_status.type = WLAN_FC_GET_TYPE(fc);
6088 event.tx_status.stype = WLAN_FC_GET_STYPE(fc);
6089 event.tx_status.dst = hdr->addr1;
6090 event.tx_status.data = buf;
6091 event.tx_status.data_len = len;
6092 event.tx_status.ack = ok;
6093 wpa_supplicant_event(ctx, EVENT_TX_STATUS, &event);
6097 static void from_unknown_sta(struct wpa_driver_nl80211_data *drv,
6098 u8 *buf, size_t len)
6100 struct ieee80211_hdr *hdr = (void *)buf;
6102 union wpa_event_data event;
6104 if (len < sizeof(*hdr))
6107 fc = le_to_host16(hdr->frame_control);
6109 os_memset(&event, 0, sizeof(event));
6110 event.rx_from_unknown.bssid = get_hdr_bssid(hdr, len);
6111 event.rx_from_unknown.addr = hdr->addr2;
6112 event.rx_from_unknown.wds = (fc & (WLAN_FC_FROMDS | WLAN_FC_TODS)) ==
6113 (WLAN_FC_FROMDS | WLAN_FC_TODS);
6114 wpa_supplicant_event(drv->ctx, EVENT_RX_FROM_UNKNOWN, &event);
6118 static void handle_frame(struct wpa_driver_nl80211_data *drv,
6119 u8 *buf, size_t len, int datarate, int ssi_signal)
6121 struct ieee80211_hdr *hdr;
6123 union wpa_event_data event;
6125 hdr = (struct ieee80211_hdr *) buf;
6126 fc = le_to_host16(hdr->frame_control);
6128 switch (WLAN_FC_GET_TYPE(fc)) {
6129 case WLAN_FC_TYPE_MGMT:
6130 os_memset(&event, 0, sizeof(event));
6131 event.rx_mgmt.frame = buf;
6132 event.rx_mgmt.frame_len = len;
6133 event.rx_mgmt.datarate = datarate;
6134 event.rx_mgmt.ssi_signal = ssi_signal;
6135 wpa_supplicant_event(drv->ctx, EVENT_RX_MGMT, &event);
6137 case WLAN_FC_TYPE_CTRL:
6138 /* can only get here with PS-Poll frames */
6139 wpa_printf(MSG_DEBUG, "CTRL");
6140 from_unknown_sta(drv, buf, len);
6142 case WLAN_FC_TYPE_DATA:
6143 from_unknown_sta(drv, buf, len);
6149 static void handle_monitor_read(int sock, void *eloop_ctx, void *sock_ctx)
6151 struct wpa_driver_nl80211_data *drv = eloop_ctx;
6153 unsigned char buf[3000];
6154 struct ieee80211_radiotap_iterator iter;
6156 int datarate = 0, ssi_signal = 0;
6157 int injected = 0, failed = 0, rxflags = 0;
6159 len = recv(sock, buf, sizeof(buf), 0);
6165 if (ieee80211_radiotap_iterator_init(&iter, (void*)buf, len)) {
6166 printf("received invalid radiotap frame\n");
6171 ret = ieee80211_radiotap_iterator_next(&iter);
6175 printf("received invalid radiotap frame (%d)\n", ret);
6178 switch (iter.this_arg_index) {
6179 case IEEE80211_RADIOTAP_FLAGS:
6180 if (*iter.this_arg & IEEE80211_RADIOTAP_F_FCS)
6183 case IEEE80211_RADIOTAP_RX_FLAGS:
6186 case IEEE80211_RADIOTAP_TX_FLAGS:
6188 failed = le_to_host16((*(uint16_t *) iter.this_arg)) &
6189 IEEE80211_RADIOTAP_F_TX_FAIL;
6191 case IEEE80211_RADIOTAP_DATA_RETRIES:
6193 case IEEE80211_RADIOTAP_CHANNEL:
6194 /* TODO: convert from freq/flags to channel number */
6196 case IEEE80211_RADIOTAP_RATE:
6197 datarate = *iter.this_arg * 5;
6199 case IEEE80211_RADIOTAP_DBM_ANTSIGNAL:
6200 ssi_signal = (s8) *iter.this_arg;
6205 if (rxflags && injected)
6209 handle_frame(drv, buf + iter.max_length,
6210 len - iter.max_length, datarate, ssi_signal);
6212 handle_tx_callback(drv->ctx, buf + iter.max_length,
6213 len - iter.max_length, !failed);
6218 * we post-process the filter code later and rewrite
6219 * this to the offset to the last instruction
6224 static struct sock_filter msock_filter_insns[] = {
6226 * do a little-endian load of the radiotap length field
6228 /* load lower byte into A */
6229 BPF_STMT(BPF_LD | BPF_B | BPF_ABS, 2),
6230 /* put it into X (== index register) */
6231 BPF_STMT(BPF_MISC| BPF_TAX, 0),
6232 /* load upper byte into A */
6233 BPF_STMT(BPF_LD | BPF_B | BPF_ABS, 3),
6234 /* left-shift it by 8 */
6235 BPF_STMT(BPF_ALU | BPF_LSH | BPF_K, 8),
6237 BPF_STMT(BPF_ALU | BPF_OR | BPF_X, 0),
6238 /* put result into X */
6239 BPF_STMT(BPF_MISC| BPF_TAX, 0),
6242 * Allow management frames through, this also gives us those
6243 * management frames that we sent ourselves with status
6245 /* load the lower byte of the IEEE 802.11 frame control field */
6246 BPF_STMT(BPF_LD | BPF_B | BPF_IND, 0),
6247 /* mask off frame type and version */
6248 BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0xF),
6249 /* accept frame if it's both 0, fall through otherwise */
6250 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 0, PASS, 0),
6253 * TODO: add a bit to radiotap RX flags that indicates
6254 * that the sending station is not associated, then
6255 * add a filter here that filters on our DA and that flag
6256 * to allow us to deauth frames to that bad station.
6258 * For now allow all To DS data frames through.
6260 /* load the IEEE 802.11 frame control field */
6261 BPF_STMT(BPF_LD | BPF_H | BPF_IND, 0),
6262 /* mask off frame type, version and DS status */
6263 BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0x0F03),
6264 /* accept frame if version 0, type 2 and To DS, fall through otherwise
6266 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 0x0801, PASS, 0),
6270 * drop non-data frames
6272 /* load the lower byte of the frame control field */
6273 BPF_STMT(BPF_LD | BPF_B | BPF_IND, 0),
6274 /* mask off QoS bit */
6275 BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0x0c),
6276 /* drop non-data frames */
6277 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 8, 0, FAIL),
6279 /* load the upper byte of the frame control field */
6280 BPF_STMT(BPF_LD | BPF_B | BPF_IND, 1),
6281 /* mask off toDS/fromDS */
6282 BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0x03),
6283 /* accept WDS frames */
6284 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 3, PASS, 0),
6287 * add header length to index
6289 /* load the lower byte of the frame control field */
6290 BPF_STMT(BPF_LD | BPF_B | BPF_IND, 0),
6291 /* mask off QoS bit */
6292 BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0x80),
6293 /* right shift it by 6 to give 0 or 2 */
6294 BPF_STMT(BPF_ALU | BPF_RSH | BPF_K, 6),
6295 /* add data frame header length */
6296 BPF_STMT(BPF_ALU | BPF_ADD | BPF_K, 24),
6297 /* add index, was start of 802.11 header */
6298 BPF_STMT(BPF_ALU | BPF_ADD | BPF_X, 0),
6299 /* move to index, now start of LL header */
6300 BPF_STMT(BPF_MISC | BPF_TAX, 0),
6303 * Accept empty data frames, we use those for
6306 BPF_STMT(BPF_LD | BPF_W | BPF_LEN, 0),
6307 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_X, 0, PASS, 0),
6310 * Accept EAPOL frames
6312 BPF_STMT(BPF_LD | BPF_W | BPF_IND, 0),
6313 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 0xAAAA0300, 0, FAIL),
6314 BPF_STMT(BPF_LD | BPF_W | BPF_IND, 4),
6315 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 0x0000888E, PASS, FAIL),
6317 /* keep these last two statements or change the code below */
6318 /* return 0 == "DROP" */
6319 BPF_STMT(BPF_RET | BPF_K, 0),
6320 /* return ~0 == "keep all" */
6321 BPF_STMT(BPF_RET | BPF_K, ~0),
6324 static struct sock_fprog msock_filter = {
6325 .len = sizeof(msock_filter_insns)/sizeof(msock_filter_insns[0]),
6326 .filter = msock_filter_insns,
6330 static int add_monitor_filter(int s)
6334 /* rewrite all PASS/FAIL jump offsets */
6335 for (idx = 0; idx < msock_filter.len; idx++) {
6336 struct sock_filter *insn = &msock_filter_insns[idx];
6338 if (BPF_CLASS(insn->code) == BPF_JMP) {
6339 if (insn->code == (BPF_JMP|BPF_JA)) {
6340 if (insn->k == PASS)
6341 insn->k = msock_filter.len - idx - 2;
6342 else if (insn->k == FAIL)
6343 insn->k = msock_filter.len - idx - 3;
6346 if (insn->jt == PASS)
6347 insn->jt = msock_filter.len - idx - 2;
6348 else if (insn->jt == FAIL)
6349 insn->jt = msock_filter.len - idx - 3;
6351 if (insn->jf == PASS)
6352 insn->jf = msock_filter.len - idx - 2;
6353 else if (insn->jf == FAIL)
6354 insn->jf = msock_filter.len - idx - 3;
6358 if (setsockopt(s, SOL_SOCKET, SO_ATTACH_FILTER,
6359 &msock_filter, sizeof(msock_filter))) {
6360 perror("SO_ATTACH_FILTER");
6368 static void nl80211_remove_monitor_interface(
6369 struct wpa_driver_nl80211_data *drv)
6371 drv->monitor_refcount--;
6372 if (drv->monitor_refcount > 0)
6375 if (drv->monitor_ifidx >= 0) {
6376 nl80211_remove_iface(drv, drv->monitor_ifidx);
6377 drv->monitor_ifidx = -1;
6379 if (drv->monitor_sock >= 0) {
6380 eloop_unregister_read_sock(drv->monitor_sock);
6381 close(drv->monitor_sock);
6382 drv->monitor_sock = -1;
6388 nl80211_create_monitor_interface(struct wpa_driver_nl80211_data *drv)
6391 struct sockaddr_ll ll;
6395 if (drv->monitor_ifidx >= 0) {
6396 drv->monitor_refcount++;
6400 if (os_strncmp(drv->first_bss.ifname, "p2p-", 4) == 0) {
6402 * P2P interface name is of the format p2p-%s-%d. For monitor
6403 * interface name corresponding to P2P GO, replace "p2p-" with
6404 * "mon-" to retain the same interface name length and to
6405 * indicate that it is a monitor interface.
6407 snprintf(buf, IFNAMSIZ, "mon-%s", drv->first_bss.ifname + 4);
6409 /* Non-P2P interface with AP functionality. */
6410 snprintf(buf, IFNAMSIZ, "mon.%s", drv->first_bss.ifname);
6413 buf[IFNAMSIZ - 1] = '\0';
6415 drv->monitor_ifidx =
6416 nl80211_create_iface(drv, buf, NL80211_IFTYPE_MONITOR, NULL,
6419 if (drv->monitor_ifidx == -EOPNOTSUPP) {
6421 * This is backward compatibility for a few versions of
6422 * the kernel only that didn't advertise the right
6423 * attributes for the only driver that then supported
6424 * AP mode w/o monitor -- ath6kl.
6426 wpa_printf(MSG_DEBUG, "nl80211: Driver does not support "
6427 "monitor interface type - try to run without it");
6428 drv->device_ap_sme = 1;
6431 if (drv->monitor_ifidx < 0)
6434 if (linux_set_iface_flags(drv->global->ioctl_sock, buf, 1))
6437 memset(&ll, 0, sizeof(ll));
6438 ll.sll_family = AF_PACKET;
6439 ll.sll_ifindex = drv->monitor_ifidx;
6440 drv->monitor_sock = socket(PF_PACKET, SOCK_RAW, htons(ETH_P_ALL));
6441 if (drv->monitor_sock < 0) {
6442 perror("socket[PF_PACKET,SOCK_RAW]");
6446 if (add_monitor_filter(drv->monitor_sock)) {
6447 wpa_printf(MSG_INFO, "Failed to set socket filter for monitor "
6448 "interface; do filtering in user space");
6449 /* This works, but will cost in performance. */
6452 if (bind(drv->monitor_sock, (struct sockaddr *) &ll, sizeof(ll)) < 0) {
6453 perror("monitor socket bind");
6457 optlen = sizeof(optval);
6460 (drv->monitor_sock, SOL_SOCKET, SO_PRIORITY, &optval, optlen)) {
6461 perror("Failed to set socket priority");
6465 if (eloop_register_read_sock(drv->monitor_sock, handle_monitor_read,
6467 printf("Could not register monitor read socket\n");
6473 nl80211_remove_monitor_interface(drv);
6478 static int nl80211_setup_ap(struct i802_bss *bss)
6480 struct wpa_driver_nl80211_data *drv = bss->drv;
6482 wpa_printf(MSG_DEBUG, "nl80211: Setup AP - device_ap_sme=%d "
6483 "use_monitor=%d", drv->device_ap_sme, drv->use_monitor);
6486 * Disable Probe Request reporting unless we need it in this way for
6487 * devices that include the AP SME, in the other case (unless using
6488 * monitor iface) we'll get it through the nl_mgmt socket instead.
6490 if (!drv->device_ap_sme)
6491 wpa_driver_nl80211_probe_req_report(bss, 0);
6493 if (!drv->device_ap_sme && !drv->use_monitor)
6494 if (nl80211_mgmt_subscribe_ap(bss))
6497 if (drv->device_ap_sme && !drv->use_monitor)
6498 if (nl80211_mgmt_subscribe_ap_dev_sme(bss))
6501 if (!drv->device_ap_sme && drv->use_monitor &&
6502 nl80211_create_monitor_interface(drv) &&
6503 !drv->device_ap_sme)
6506 if (drv->device_ap_sme &&
6507 wpa_driver_nl80211_probe_req_report(bss, 1) < 0) {
6508 wpa_printf(MSG_DEBUG, "nl80211: Failed to enable "
6509 "Probe Request frame reporting in AP mode");
6510 /* Try to survive without this */
6517 static void nl80211_teardown_ap(struct i802_bss *bss)
6519 struct wpa_driver_nl80211_data *drv = bss->drv;
6521 if (drv->device_ap_sme) {
6522 wpa_driver_nl80211_probe_req_report(bss, 0);
6523 if (!drv->use_monitor)
6524 nl80211_mgmt_unsubscribe(bss, "AP teardown (dev SME)");
6525 } else if (drv->use_monitor)
6526 nl80211_remove_monitor_interface(drv);
6528 nl80211_mgmt_unsubscribe(bss, "AP teardown");
6530 bss->beacon_set = 0;
6534 static int nl80211_send_eapol_data(struct i802_bss *bss,
6535 const u8 *addr, const u8 *data,
6538 struct sockaddr_ll ll;
6541 if (bss->drv->eapol_tx_sock < 0) {
6542 wpa_printf(MSG_DEBUG, "nl80211: No socket to send EAPOL");
6546 os_memset(&ll, 0, sizeof(ll));
6547 ll.sll_family = AF_PACKET;
6548 ll.sll_ifindex = bss->ifindex;
6549 ll.sll_protocol = htons(ETH_P_PAE);
6550 ll.sll_halen = ETH_ALEN;
6551 os_memcpy(ll.sll_addr, addr, ETH_ALEN);
6552 ret = sendto(bss->drv->eapol_tx_sock, data, data_len, 0,
6553 (struct sockaddr *) &ll, sizeof(ll));
6555 wpa_printf(MSG_ERROR, "nl80211: EAPOL TX: %s",
6562 static const u8 rfc1042_header[6] = { 0xaa, 0xaa, 0x03, 0x00, 0x00, 0x00 };
6564 static int wpa_driver_nl80211_hapd_send_eapol(
6565 void *priv, const u8 *addr, const u8 *data,
6566 size_t data_len, int encrypt, const u8 *own_addr, u32 flags)
6568 struct i802_bss *bss = priv;
6569 struct wpa_driver_nl80211_data *drv = bss->drv;
6570 struct ieee80211_hdr *hdr;
6574 int qos = flags & WPA_STA_WMM;
6576 if (drv->device_ap_sme || !drv->use_monitor)
6577 return nl80211_send_eapol_data(bss, addr, data, data_len);
6579 len = sizeof(*hdr) + (qos ? 2 : 0) + sizeof(rfc1042_header) + 2 +
6581 hdr = os_zalloc(len);
6583 printf("malloc() failed for i802_send_data(len=%lu)\n",
6584 (unsigned long) len);
6588 hdr->frame_control =
6589 IEEE80211_FC(WLAN_FC_TYPE_DATA, WLAN_FC_STYPE_DATA);
6590 hdr->frame_control |= host_to_le16(WLAN_FC_FROMDS);
6592 hdr->frame_control |= host_to_le16(WLAN_FC_ISWEP);
6594 hdr->frame_control |=
6595 host_to_le16(WLAN_FC_STYPE_QOS_DATA << 4);
6598 memcpy(hdr->IEEE80211_DA_FROMDS, addr, ETH_ALEN);
6599 memcpy(hdr->IEEE80211_BSSID_FROMDS, own_addr, ETH_ALEN);
6600 memcpy(hdr->IEEE80211_SA_FROMDS, own_addr, ETH_ALEN);
6601 pos = (u8 *) (hdr + 1);
6604 /* Set highest priority in QoS header */
6610 memcpy(pos, rfc1042_header, sizeof(rfc1042_header));
6611 pos += sizeof(rfc1042_header);
6612 WPA_PUT_BE16(pos, ETH_P_PAE);
6614 memcpy(pos, data, data_len);
6616 res = wpa_driver_nl80211_send_frame(bss, (u8 *) hdr, len, encrypt, 0,
6619 wpa_printf(MSG_ERROR, "i802_send_eapol - packet len: %lu - "
6621 (unsigned long) len, errno, strerror(errno));
6629 static int wpa_driver_nl80211_sta_set_flags(void *priv, const u8 *addr,
6631 int flags_or, int flags_and)
6633 struct i802_bss *bss = priv;
6634 struct wpa_driver_nl80211_data *drv = bss->drv;
6635 struct nl_msg *msg, *flags = NULL;
6636 struct nl80211_sta_flag_update upd;
6638 msg = nlmsg_alloc();
6642 flags = nlmsg_alloc();
6648 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_STATION);
6650 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
6651 if_nametoindex(bss->ifname));
6652 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
6655 * Backwards compatibility version using NL80211_ATTR_STA_FLAGS. This
6656 * can be removed eventually.
6658 if (total_flags & WPA_STA_AUTHORIZED)
6659 NLA_PUT_FLAG(flags, NL80211_STA_FLAG_AUTHORIZED);
6661 if (total_flags & WPA_STA_WMM)
6662 NLA_PUT_FLAG(flags, NL80211_STA_FLAG_WME);
6664 if (total_flags & WPA_STA_SHORT_PREAMBLE)
6665 NLA_PUT_FLAG(flags, NL80211_STA_FLAG_SHORT_PREAMBLE);
6667 if (total_flags & WPA_STA_MFP)
6668 NLA_PUT_FLAG(flags, NL80211_STA_FLAG_MFP);
6670 if (total_flags & WPA_STA_TDLS_PEER)
6671 NLA_PUT_FLAG(flags, NL80211_STA_FLAG_TDLS_PEER);
6673 if (nla_put_nested(msg, NL80211_ATTR_STA_FLAGS, flags))
6674 goto nla_put_failure;
6676 os_memset(&upd, 0, sizeof(upd));
6677 upd.mask = sta_flags_nl80211(flags_or | ~flags_and);
6678 upd.set = sta_flags_nl80211(flags_or);
6679 NLA_PUT(msg, NL80211_ATTR_STA_FLAGS2, sizeof(upd), &upd);
6683 return send_and_recv_msgs(drv, msg, NULL, NULL);
6691 static int wpa_driver_nl80211_ap(struct wpa_driver_nl80211_data *drv,
6692 struct wpa_driver_associate_params *params)
6694 enum nl80211_iftype nlmode, old_mode;
6695 struct hostapd_freq_params freq = {
6696 .freq = params->freq,
6700 wpa_printf(MSG_DEBUG, "nl80211: Setup AP operations for P2P "
6702 nlmode = NL80211_IFTYPE_P2P_GO;
6704 nlmode = NL80211_IFTYPE_AP;
6706 old_mode = drv->nlmode;
6707 if (wpa_driver_nl80211_set_mode(&drv->first_bss, nlmode)) {
6708 nl80211_remove_monitor_interface(drv);
6712 if (wpa_driver_nl80211_set_freq(&drv->first_bss, &freq)) {
6713 if (old_mode != nlmode)
6714 wpa_driver_nl80211_set_mode(&drv->first_bss, old_mode);
6715 nl80211_remove_monitor_interface(drv);
6723 static int nl80211_leave_ibss(struct wpa_driver_nl80211_data *drv)
6728 msg = nlmsg_alloc();
6732 nl80211_cmd(drv, msg, 0, NL80211_CMD_LEAVE_IBSS);
6733 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
6734 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
6737 wpa_printf(MSG_DEBUG, "nl80211: Leave IBSS failed: ret=%d "
6738 "(%s)", ret, strerror(-ret));
6739 goto nla_put_failure;
6743 wpa_printf(MSG_DEBUG, "nl80211: Leave IBSS request sent successfully");
6751 static int wpa_driver_nl80211_ibss(struct wpa_driver_nl80211_data *drv,
6752 struct wpa_driver_associate_params *params)
6758 wpa_printf(MSG_DEBUG, "nl80211: Join IBSS (ifindex=%d)", drv->ifindex);
6760 if (wpa_driver_nl80211_set_mode(&drv->first_bss,
6761 NL80211_IFTYPE_ADHOC)) {
6762 wpa_printf(MSG_INFO, "nl80211: Failed to set interface into "
6768 msg = nlmsg_alloc();
6772 nl80211_cmd(drv, msg, 0, NL80211_CMD_JOIN_IBSS);
6773 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
6775 if (params->ssid == NULL || params->ssid_len > sizeof(drv->ssid))
6776 goto nla_put_failure;
6778 wpa_hexdump_ascii(MSG_DEBUG, " * SSID",
6779 params->ssid, params->ssid_len);
6780 NLA_PUT(msg, NL80211_ATTR_SSID, params->ssid_len,
6782 os_memcpy(drv->ssid, params->ssid, params->ssid_len);
6783 drv->ssid_len = params->ssid_len;
6785 wpa_printf(MSG_DEBUG, " * freq=%d", params->freq);
6786 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, params->freq);
6788 ret = nl80211_set_conn_keys(params, msg);
6790 goto nla_put_failure;
6792 if (params->bssid && params->fixed_bssid) {
6793 wpa_printf(MSG_DEBUG, " * BSSID=" MACSTR,
6794 MAC2STR(params->bssid));
6795 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid);
6798 if (params->key_mgmt_suite == KEY_MGMT_802_1X ||
6799 params->key_mgmt_suite == KEY_MGMT_PSK ||
6800 params->key_mgmt_suite == KEY_MGMT_802_1X_SHA256 ||
6801 params->key_mgmt_suite == KEY_MGMT_PSK_SHA256) {
6802 wpa_printf(MSG_DEBUG, " * control port");
6803 NLA_PUT_FLAG(msg, NL80211_ATTR_CONTROL_PORT);
6806 if (params->wpa_ie) {
6807 wpa_hexdump(MSG_DEBUG,
6808 " * Extra IEs for Beacon/Probe Response frames",
6809 params->wpa_ie, params->wpa_ie_len);
6810 NLA_PUT(msg, NL80211_ATTR_IE, params->wpa_ie_len,
6814 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
6817 wpa_printf(MSG_DEBUG, "nl80211: Join IBSS failed: ret=%d (%s)",
6818 ret, strerror(-ret));
6820 if (ret == -EALREADY && count == 1) {
6821 wpa_printf(MSG_DEBUG, "nl80211: Retry IBSS join after "
6823 nl80211_leave_ibss(drv);
6828 goto nla_put_failure;
6831 wpa_printf(MSG_DEBUG, "nl80211: Join IBSS request sent successfully");
6839 static int wpa_driver_nl80211_try_connect(
6840 struct wpa_driver_nl80211_data *drv,
6841 struct wpa_driver_associate_params *params)
6844 enum nl80211_auth_type type;
6848 msg = nlmsg_alloc();
6852 wpa_printf(MSG_DEBUG, "nl80211: Connect (ifindex=%d)", drv->ifindex);
6853 nl80211_cmd(drv, msg, 0, NL80211_CMD_CONNECT);
6855 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
6856 if (params->bssid) {
6857 wpa_printf(MSG_DEBUG, " * bssid=" MACSTR,
6858 MAC2STR(params->bssid));
6859 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid);
6862 wpa_printf(MSG_DEBUG, " * freq=%d", params->freq);
6863 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, params->freq);
6865 if (params->bg_scan_period >= 0) {
6866 wpa_printf(MSG_DEBUG, " * bg scan period=%d",
6867 params->bg_scan_period);
6868 NLA_PUT_U16(msg, NL80211_ATTR_BG_SCAN_PERIOD,
6869 params->bg_scan_period);
6872 wpa_hexdump_ascii(MSG_DEBUG, " * SSID",
6873 params->ssid, params->ssid_len);
6874 NLA_PUT(msg, NL80211_ATTR_SSID, params->ssid_len,
6876 if (params->ssid_len > sizeof(drv->ssid))
6877 goto nla_put_failure;
6878 os_memcpy(drv->ssid, params->ssid, params->ssid_len);
6879 drv->ssid_len = params->ssid_len;
6881 wpa_hexdump(MSG_DEBUG, " * IEs", params->wpa_ie, params->wpa_ie_len);
6883 NLA_PUT(msg, NL80211_ATTR_IE, params->wpa_ie_len,
6887 if (params->auth_alg & WPA_AUTH_ALG_OPEN)
6889 if (params->auth_alg & WPA_AUTH_ALG_SHARED)
6891 if (params->auth_alg & WPA_AUTH_ALG_LEAP)
6894 wpa_printf(MSG_DEBUG, " * Leave out Auth Type for automatic "
6896 goto skip_auth_type;
6899 if (params->auth_alg & WPA_AUTH_ALG_OPEN)
6900 type = NL80211_AUTHTYPE_OPEN_SYSTEM;
6901 else if (params->auth_alg & WPA_AUTH_ALG_SHARED)
6902 type = NL80211_AUTHTYPE_SHARED_KEY;
6903 else if (params->auth_alg & WPA_AUTH_ALG_LEAP)
6904 type = NL80211_AUTHTYPE_NETWORK_EAP;
6905 else if (params->auth_alg & WPA_AUTH_ALG_FT)
6906 type = NL80211_AUTHTYPE_FT;
6908 goto nla_put_failure;
6910 wpa_printf(MSG_DEBUG, " * Auth Type %d", type);
6911 NLA_PUT_U32(msg, NL80211_ATTR_AUTH_TYPE, type);
6914 if (params->wpa_proto) {
6915 enum nl80211_wpa_versions ver = 0;
6917 if (params->wpa_proto & WPA_PROTO_WPA)
6918 ver |= NL80211_WPA_VERSION_1;
6919 if (params->wpa_proto & WPA_PROTO_RSN)
6920 ver |= NL80211_WPA_VERSION_2;
6922 wpa_printf(MSG_DEBUG, " * WPA Versions 0x%x", ver);
6923 NLA_PUT_U32(msg, NL80211_ATTR_WPA_VERSIONS, ver);
6926 if (params->pairwise_suite != CIPHER_NONE) {
6929 switch (params->pairwise_suite) {
6931 cipher = WLAN_CIPHER_SUITE_SMS4;
6934 cipher = WLAN_CIPHER_SUITE_WEP40;
6937 cipher = WLAN_CIPHER_SUITE_WEP104;
6940 cipher = WLAN_CIPHER_SUITE_CCMP;
6943 cipher = WLAN_CIPHER_SUITE_GCMP;
6947 cipher = WLAN_CIPHER_SUITE_TKIP;
6950 NLA_PUT_U32(msg, NL80211_ATTR_CIPHER_SUITES_PAIRWISE, cipher);
6953 if (params->group_suite != CIPHER_NONE) {
6956 switch (params->group_suite) {
6958 cipher = WLAN_CIPHER_SUITE_SMS4;
6961 cipher = WLAN_CIPHER_SUITE_WEP40;
6964 cipher = WLAN_CIPHER_SUITE_WEP104;
6967 cipher = WLAN_CIPHER_SUITE_CCMP;
6970 cipher = WLAN_CIPHER_SUITE_GCMP;
6974 cipher = WLAN_CIPHER_SUITE_TKIP;
6977 NLA_PUT_U32(msg, NL80211_ATTR_CIPHER_SUITE_GROUP, cipher);
6980 if (params->key_mgmt_suite == KEY_MGMT_802_1X ||
6981 params->key_mgmt_suite == KEY_MGMT_PSK ||
6982 params->key_mgmt_suite == KEY_MGMT_CCKM) {
6983 int mgmt = WLAN_AKM_SUITE_PSK;
6985 switch (params->key_mgmt_suite) {
6987 mgmt = WLAN_AKM_SUITE_CCKM;
6989 case KEY_MGMT_802_1X:
6990 mgmt = WLAN_AKM_SUITE_8021X;
6994 mgmt = WLAN_AKM_SUITE_PSK;
6997 NLA_PUT_U32(msg, NL80211_ATTR_AKM_SUITES, mgmt);
7000 #ifdef CONFIG_IEEE80211W
7001 if (params->mgmt_frame_protection == MGMT_FRAME_PROTECTION_REQUIRED)
7002 NLA_PUT_U32(msg, NL80211_ATTR_USE_MFP, NL80211_MFP_REQUIRED);
7003 #endif /* CONFIG_IEEE80211W */
7005 if (params->disable_ht)
7006 NLA_PUT_FLAG(msg, NL80211_ATTR_DISABLE_HT);
7008 if (params->htcaps && params->htcaps_mask) {
7009 int sz = sizeof(struct ieee80211_ht_capabilities);
7010 NLA_PUT(msg, NL80211_ATTR_HT_CAPABILITY, sz, params->htcaps);
7011 NLA_PUT(msg, NL80211_ATTR_HT_CAPABILITY_MASK, sz,
7012 params->htcaps_mask);
7015 ret = nl80211_set_conn_keys(params, msg);
7017 goto nla_put_failure;
7019 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
7022 wpa_printf(MSG_DEBUG, "nl80211: MLME connect failed: ret=%d "
7023 "(%s)", ret, strerror(-ret));
7024 goto nla_put_failure;
7027 wpa_printf(MSG_DEBUG, "nl80211: Connect request send successfully");
7036 static int wpa_driver_nl80211_connect(
7037 struct wpa_driver_nl80211_data *drv,
7038 struct wpa_driver_associate_params *params)
7040 int ret = wpa_driver_nl80211_try_connect(drv, params);
7041 if (ret == -EALREADY) {
7043 * cfg80211 does not currently accept new connections if
7044 * we are already connected. As a workaround, force
7045 * disconnection and try again.
7047 wpa_printf(MSG_DEBUG, "nl80211: Explicitly "
7048 "disconnecting before reassociation "
7050 if (wpa_driver_nl80211_disconnect(
7051 drv, WLAN_REASON_PREV_AUTH_NOT_VALID))
7053 /* Ignore the next local disconnect message. */
7054 drv->ignore_next_local_disconnect = 1;
7055 ret = wpa_driver_nl80211_try_connect(drv, params);
7061 static int wpa_driver_nl80211_associate(
7062 void *priv, struct wpa_driver_associate_params *params)
7064 struct i802_bss *bss = priv;
7065 struct wpa_driver_nl80211_data *drv = bss->drv;
7069 if (params->mode == IEEE80211_MODE_AP)
7070 return wpa_driver_nl80211_ap(drv, params);
7072 if (params->mode == IEEE80211_MODE_IBSS)
7073 return wpa_driver_nl80211_ibss(drv, params);
7075 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME)) {
7076 enum nl80211_iftype nlmode = params->p2p ?
7077 NL80211_IFTYPE_P2P_CLIENT : NL80211_IFTYPE_STATION;
7079 if (wpa_driver_nl80211_set_mode(priv, nlmode) < 0)
7081 return wpa_driver_nl80211_connect(drv, params);
7084 drv->associated = 0;
7086 msg = nlmsg_alloc();
7090 wpa_printf(MSG_DEBUG, "nl80211: Associate (ifindex=%d)",
7092 nl80211_cmd(drv, msg, 0, NL80211_CMD_ASSOCIATE);
7094 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
7095 if (params->bssid) {
7096 wpa_printf(MSG_DEBUG, " * bssid=" MACSTR,
7097 MAC2STR(params->bssid));
7098 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid);
7101 wpa_printf(MSG_DEBUG, " * freq=%d", params->freq);
7102 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, params->freq);
7103 drv->assoc_freq = params->freq;
7105 drv->assoc_freq = 0;
7106 if (params->bg_scan_period >= 0) {
7107 wpa_printf(MSG_DEBUG, " * bg scan period=%d",
7108 params->bg_scan_period);
7109 NLA_PUT_U16(msg, NL80211_ATTR_BG_SCAN_PERIOD,
7110 params->bg_scan_period);
7113 wpa_hexdump_ascii(MSG_DEBUG, " * SSID",
7114 params->ssid, params->ssid_len);
7115 NLA_PUT(msg, NL80211_ATTR_SSID, params->ssid_len,
7117 if (params->ssid_len > sizeof(drv->ssid))
7118 goto nla_put_failure;
7119 os_memcpy(drv->ssid, params->ssid, params->ssid_len);
7120 drv->ssid_len = params->ssid_len;
7122 wpa_hexdump(MSG_DEBUG, " * IEs", params->wpa_ie, params->wpa_ie_len);
7124 NLA_PUT(msg, NL80211_ATTR_IE, params->wpa_ie_len,
7127 if (params->pairwise_suite != CIPHER_NONE) {
7130 switch (params->pairwise_suite) {
7132 cipher = WLAN_CIPHER_SUITE_WEP40;
7135 cipher = WLAN_CIPHER_SUITE_WEP104;
7138 cipher = WLAN_CIPHER_SUITE_CCMP;
7141 cipher = WLAN_CIPHER_SUITE_GCMP;
7145 cipher = WLAN_CIPHER_SUITE_TKIP;
7148 wpa_printf(MSG_DEBUG, " * pairwise=0x%x", cipher);
7149 NLA_PUT_U32(msg, NL80211_ATTR_CIPHER_SUITES_PAIRWISE, cipher);
7152 if (params->group_suite != CIPHER_NONE) {
7155 switch (params->group_suite) {
7157 cipher = WLAN_CIPHER_SUITE_WEP40;
7160 cipher = WLAN_CIPHER_SUITE_WEP104;
7163 cipher = WLAN_CIPHER_SUITE_CCMP;
7166 cipher = WLAN_CIPHER_SUITE_GCMP;
7170 cipher = WLAN_CIPHER_SUITE_TKIP;
7173 wpa_printf(MSG_DEBUG, " * group=0x%x", cipher);
7174 NLA_PUT_U32(msg, NL80211_ATTR_CIPHER_SUITE_GROUP, cipher);
7177 #ifdef CONFIG_IEEE80211W
7178 if (params->mgmt_frame_protection == MGMT_FRAME_PROTECTION_REQUIRED)
7179 NLA_PUT_U32(msg, NL80211_ATTR_USE_MFP, NL80211_MFP_REQUIRED);
7180 #endif /* CONFIG_IEEE80211W */
7182 NLA_PUT_FLAG(msg, NL80211_ATTR_CONTROL_PORT);
7184 if (params->prev_bssid) {
7185 wpa_printf(MSG_DEBUG, " * prev_bssid=" MACSTR,
7186 MAC2STR(params->prev_bssid));
7187 NLA_PUT(msg, NL80211_ATTR_PREV_BSSID, ETH_ALEN,
7188 params->prev_bssid);
7191 if (params->disable_ht)
7192 NLA_PUT_FLAG(msg, NL80211_ATTR_DISABLE_HT);
7194 if (params->htcaps && params->htcaps_mask) {
7195 int sz = sizeof(struct ieee80211_ht_capabilities);
7196 NLA_PUT(msg, NL80211_ATTR_HT_CAPABILITY, sz, params->htcaps);
7197 NLA_PUT(msg, NL80211_ATTR_HT_CAPABILITY_MASK, sz,
7198 params->htcaps_mask);
7202 wpa_printf(MSG_DEBUG, " * P2P group");
7204 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
7207 wpa_dbg(drv->ctx, MSG_DEBUG,
7208 "nl80211: MLME command failed (assoc): ret=%d (%s)",
7209 ret, strerror(-ret));
7210 nl80211_dump_scan(drv);
7211 goto nla_put_failure;
7214 wpa_printf(MSG_DEBUG, "nl80211: Association request send "
7223 static int nl80211_set_mode(struct wpa_driver_nl80211_data *drv,
7224 int ifindex, enum nl80211_iftype mode)
7229 wpa_printf(MSG_DEBUG, "nl80211: Set mode ifindex %d iftype %d (%s)",
7230 ifindex, mode, nl80211_iftype_str(mode));
7232 msg = nlmsg_alloc();
7236 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_INTERFACE);
7237 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifindex);
7238 NLA_PUT_U32(msg, NL80211_ATTR_IFTYPE, mode);
7240 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
7246 wpa_printf(MSG_DEBUG, "nl80211: Failed to set interface %d to mode %d:"
7247 " %d (%s)", ifindex, mode, ret, strerror(-ret));
7252 static int wpa_driver_nl80211_set_mode(struct i802_bss *bss,
7253 enum nl80211_iftype nlmode)
7255 struct wpa_driver_nl80211_data *drv = bss->drv;
7258 int was_ap = is_ap_interface(drv->nlmode);
7261 res = nl80211_set_mode(drv, drv->ifindex, nlmode);
7263 drv->nlmode = nlmode;
7271 if (nlmode == drv->nlmode) {
7272 wpa_printf(MSG_DEBUG, "nl80211: Interface already in "
7273 "requested mode - ignore error");
7275 goto done; /* Already in the requested mode */
7278 /* mac80211 doesn't allow mode changes while the device is up, so
7279 * take the device down, try to set the mode again, and bring the
7282 wpa_printf(MSG_DEBUG, "nl80211: Try mode change after setting "
7284 for (i = 0; i < 10; i++) {
7285 res = linux_set_iface_flags(drv->global->ioctl_sock,
7287 if (res == -EACCES || res == -ENODEV)
7290 /* Try to set the mode again while the interface is
7292 ret = nl80211_set_mode(drv, drv->ifindex, nlmode);
7295 res = linux_set_iface_flags(drv->global->ioctl_sock,
7299 else if (ret != -EBUSY)
7302 wpa_printf(MSG_DEBUG, "nl80211: Failed to set "
7304 os_sleep(0, 100000);
7308 wpa_printf(MSG_DEBUG, "nl80211: Mode change succeeded while "
7309 "interface is down");
7310 drv->nlmode = nlmode;
7311 drv->ignore_if_down_event = 1;
7316 wpa_printf(MSG_DEBUG, "nl80211: Interface mode change to %d "
7317 "from %d failed", nlmode, drv->nlmode);
7321 if (is_p2p_interface(nlmode))
7322 nl80211_disable_11b_rates(drv, drv->ifindex, 1);
7323 else if (drv->disabled_11b_rates)
7324 nl80211_disable_11b_rates(drv, drv->ifindex, 0);
7326 if (is_ap_interface(nlmode)) {
7327 nl80211_mgmt_unsubscribe(bss, "start AP");
7328 /* Setup additional AP mode functionality if needed */
7329 if (nl80211_setup_ap(bss))
7331 } else if (was_ap) {
7332 /* Remove additional AP mode functionality */
7333 nl80211_teardown_ap(bss);
7335 nl80211_mgmt_unsubscribe(bss, "mode change");
7338 if (!bss->in_deinit && !is_ap_interface(nlmode) &&
7339 nl80211_mgmt_subscribe_non_ap(bss) < 0)
7340 wpa_printf(MSG_DEBUG, "nl80211: Failed to register Action "
7341 "frame processing - ignore for now");
7347 static int wpa_driver_nl80211_get_capa(void *priv,
7348 struct wpa_driver_capa *capa)
7350 struct i802_bss *bss = priv;
7351 struct wpa_driver_nl80211_data *drv = bss->drv;
7352 if (!drv->has_capability)
7354 os_memcpy(capa, &drv->capa, sizeof(*capa));
7359 static int wpa_driver_nl80211_set_operstate(void *priv, int state)
7361 struct i802_bss *bss = priv;
7362 struct wpa_driver_nl80211_data *drv = bss->drv;
7364 wpa_printf(MSG_DEBUG, "%s: operstate %d->%d (%s)",
7365 __func__, drv->operstate, state, state ? "UP" : "DORMANT");
7366 drv->operstate = state;
7367 return netlink_send_oper_ifla(drv->global->netlink, drv->ifindex, -1,
7368 state ? IF_OPER_UP : IF_OPER_DORMANT);
7372 static int wpa_driver_nl80211_set_supp_port(void *priv, int authorized)
7374 struct i802_bss *bss = priv;
7375 struct wpa_driver_nl80211_data *drv = bss->drv;
7377 struct nl80211_sta_flag_update upd;
7379 msg = nlmsg_alloc();
7383 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_STATION);
7385 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
7386 if_nametoindex(bss->ifname));
7387 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, drv->bssid);
7389 os_memset(&upd, 0, sizeof(upd));
7390 upd.mask = BIT(NL80211_STA_FLAG_AUTHORIZED);
7392 upd.set = BIT(NL80211_STA_FLAG_AUTHORIZED);
7393 NLA_PUT(msg, NL80211_ATTR_STA_FLAGS2, sizeof(upd), &upd);
7395 return send_and_recv_msgs(drv, msg, NULL, NULL);
7402 /* Set kernel driver on given frequency (MHz) */
7403 static int i802_set_freq(void *priv, struct hostapd_freq_params *freq)
7405 struct i802_bss *bss = priv;
7406 return wpa_driver_nl80211_set_freq(bss, freq);
7410 #if defined(HOSTAPD) || defined(CONFIG_AP)
7412 static inline int min_int(int a, int b)
7420 static int get_key_handler(struct nl_msg *msg, void *arg)
7422 struct nlattr *tb[NL80211_ATTR_MAX + 1];
7423 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
7425 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
7426 genlmsg_attrlen(gnlh, 0), NULL);
7429 * TODO: validate the key index and mac address!
7430 * Otherwise, there's a race condition as soon as
7431 * the kernel starts sending key notifications.
7434 if (tb[NL80211_ATTR_KEY_SEQ])
7435 memcpy(arg, nla_data(tb[NL80211_ATTR_KEY_SEQ]),
7436 min_int(nla_len(tb[NL80211_ATTR_KEY_SEQ]), 6));
7441 static int i802_get_seqnum(const char *iface, void *priv, const u8 *addr,
7444 struct i802_bss *bss = priv;
7445 struct wpa_driver_nl80211_data *drv = bss->drv;
7448 msg = nlmsg_alloc();
7452 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_KEY);
7455 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
7456 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, idx);
7457 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(iface));
7461 return send_and_recv_msgs(drv, msg, get_key_handler, seq);
7468 static int i802_set_rts(void *priv, int rts)
7470 struct i802_bss *bss = priv;
7471 struct wpa_driver_nl80211_data *drv = bss->drv;
7476 msg = nlmsg_alloc();
7485 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_WIPHY);
7486 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
7487 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_RTS_THRESHOLD, val);
7489 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
7495 wpa_printf(MSG_DEBUG, "nl80211: Failed to set RTS threshold %d: "
7496 "%d (%s)", rts, ret, strerror(-ret));
7501 static int i802_set_frag(void *priv, int frag)
7503 struct i802_bss *bss = priv;
7504 struct wpa_driver_nl80211_data *drv = bss->drv;
7509 msg = nlmsg_alloc();
7518 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_WIPHY);
7519 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
7520 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FRAG_THRESHOLD, val);
7522 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
7528 wpa_printf(MSG_DEBUG, "nl80211: Failed to set fragmentation threshold "
7529 "%d: %d (%s)", frag, ret, strerror(-ret));
7534 static int i802_flush(void *priv)
7536 struct i802_bss *bss = priv;
7537 struct wpa_driver_nl80211_data *drv = bss->drv;
7541 msg = nlmsg_alloc();
7545 nl80211_cmd(drv, msg, 0, NL80211_CMD_DEL_STATION);
7548 * XXX: FIX! this needs to flush all VLANs too
7550 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
7551 if_nametoindex(bss->ifname));
7553 res = send_and_recv_msgs(drv, msg, NULL, NULL);
7555 wpa_printf(MSG_DEBUG, "nl80211: Station flush failed: ret=%d "
7556 "(%s)", res, strerror(-res));
7564 #endif /* HOSTAPD || CONFIG_AP */
7567 static int get_sta_handler(struct nl_msg *msg, void *arg)
7569 struct nlattr *tb[NL80211_ATTR_MAX + 1];
7570 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
7571 struct hostap_sta_driver_data *data = arg;
7572 struct nlattr *stats[NL80211_STA_INFO_MAX + 1];
7573 static struct nla_policy stats_policy[NL80211_STA_INFO_MAX + 1] = {
7574 [NL80211_STA_INFO_INACTIVE_TIME] = { .type = NLA_U32 },
7575 [NL80211_STA_INFO_RX_BYTES] = { .type = NLA_U32 },
7576 [NL80211_STA_INFO_TX_BYTES] = { .type = NLA_U32 },
7577 [NL80211_STA_INFO_RX_PACKETS] = { .type = NLA_U32 },
7578 [NL80211_STA_INFO_TX_PACKETS] = { .type = NLA_U32 },
7579 [NL80211_STA_INFO_TX_FAILED] = { .type = NLA_U32 },
7582 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
7583 genlmsg_attrlen(gnlh, 0), NULL);
7586 * TODO: validate the interface and mac address!
7587 * Otherwise, there's a race condition as soon as
7588 * the kernel starts sending station notifications.
7591 if (!tb[NL80211_ATTR_STA_INFO]) {
7592 wpa_printf(MSG_DEBUG, "sta stats missing!");
7595 if (nla_parse_nested(stats, NL80211_STA_INFO_MAX,
7596 tb[NL80211_ATTR_STA_INFO],
7598 wpa_printf(MSG_DEBUG, "failed to parse nested attributes!");
7602 if (stats[NL80211_STA_INFO_INACTIVE_TIME])
7603 data->inactive_msec =
7604 nla_get_u32(stats[NL80211_STA_INFO_INACTIVE_TIME]);
7605 if (stats[NL80211_STA_INFO_RX_BYTES])
7606 data->rx_bytes = nla_get_u32(stats[NL80211_STA_INFO_RX_BYTES]);
7607 if (stats[NL80211_STA_INFO_TX_BYTES])
7608 data->tx_bytes = nla_get_u32(stats[NL80211_STA_INFO_TX_BYTES]);
7609 if (stats[NL80211_STA_INFO_RX_PACKETS])
7611 nla_get_u32(stats[NL80211_STA_INFO_RX_PACKETS]);
7612 if (stats[NL80211_STA_INFO_TX_PACKETS])
7614 nla_get_u32(stats[NL80211_STA_INFO_TX_PACKETS]);
7615 if (stats[NL80211_STA_INFO_TX_FAILED])
7616 data->tx_retry_failed =
7617 nla_get_u32(stats[NL80211_STA_INFO_TX_FAILED]);
7622 static int i802_read_sta_data(struct i802_bss *bss,
7623 struct hostap_sta_driver_data *data,
7626 struct wpa_driver_nl80211_data *drv = bss->drv;
7629 os_memset(data, 0, sizeof(*data));
7630 msg = nlmsg_alloc();
7634 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_STATION);
7636 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
7637 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(bss->ifname));
7639 return send_and_recv_msgs(drv, msg, get_sta_handler, data);
7646 #if defined(HOSTAPD) || defined(CONFIG_AP)
7648 static int i802_set_tx_queue_params(void *priv, int queue, int aifs,
7649 int cw_min, int cw_max, int burst_time)
7651 struct i802_bss *bss = priv;
7652 struct wpa_driver_nl80211_data *drv = bss->drv;
7654 struct nlattr *txq, *params;
7656 msg = nlmsg_alloc();
7660 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_WIPHY);
7662 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(bss->ifname));
7664 txq = nla_nest_start(msg, NL80211_ATTR_WIPHY_TXQ_PARAMS);
7666 goto nla_put_failure;
7668 /* We are only sending parameters for a single TXQ at a time */
7669 params = nla_nest_start(msg, 1);
7671 goto nla_put_failure;
7675 NLA_PUT_U8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_VO);
7678 NLA_PUT_U8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_VI);
7681 NLA_PUT_U8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_BE);
7684 NLA_PUT_U8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_BK);
7687 /* Burst time is configured in units of 0.1 msec and TXOP parameter in
7688 * 32 usec, so need to convert the value here. */
7689 NLA_PUT_U16(msg, NL80211_TXQ_ATTR_TXOP, (burst_time * 100 + 16) / 32);
7690 NLA_PUT_U16(msg, NL80211_TXQ_ATTR_CWMIN, cw_min);
7691 NLA_PUT_U16(msg, NL80211_TXQ_ATTR_CWMAX, cw_max);
7692 NLA_PUT_U8(msg, NL80211_TXQ_ATTR_AIFS, aifs);
7694 nla_nest_end(msg, params);
7696 nla_nest_end(msg, txq);
7698 if (send_and_recv_msgs(drv, msg, NULL, NULL) == 0)
7707 static int i802_set_sta_vlan(struct i802_bss *bss, const u8 *addr,
7708 const char *ifname, int vlan_id)
7710 struct wpa_driver_nl80211_data *drv = bss->drv;
7714 msg = nlmsg_alloc();
7718 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_STATION);
7720 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
7721 if_nametoindex(bss->ifname));
7722 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
7723 NLA_PUT_U32(msg, NL80211_ATTR_STA_VLAN,
7724 if_nametoindex(ifname));
7726 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
7729 wpa_printf(MSG_ERROR, "nl80211: NL80211_ATTR_STA_VLAN (addr="
7730 MACSTR " ifname=%s vlan_id=%d) failed: %d (%s)",
7731 MAC2STR(addr), ifname, vlan_id, ret,
7740 static int i802_get_inact_sec(void *priv, const u8 *addr)
7742 struct hostap_sta_driver_data data;
7745 data.inactive_msec = (unsigned long) -1;
7746 ret = i802_read_sta_data(priv, &data, addr);
7747 if (ret || data.inactive_msec == (unsigned long) -1)
7749 return data.inactive_msec / 1000;
7753 static int i802_sta_clear_stats(void *priv, const u8 *addr)
7762 static int i802_sta_deauth(void *priv, const u8 *own_addr, const u8 *addr,
7765 struct i802_bss *bss = priv;
7766 struct wpa_driver_nl80211_data *drv = bss->drv;
7767 struct ieee80211_mgmt mgmt;
7769 if (drv->device_ap_sme)
7770 return wpa_driver_nl80211_sta_remove(bss, addr);
7772 memset(&mgmt, 0, sizeof(mgmt));
7773 mgmt.frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT,
7774 WLAN_FC_STYPE_DEAUTH);
7775 memcpy(mgmt.da, addr, ETH_ALEN);
7776 memcpy(mgmt.sa, own_addr, ETH_ALEN);
7777 memcpy(mgmt.bssid, own_addr, ETH_ALEN);
7778 mgmt.u.deauth.reason_code = host_to_le16(reason);
7779 return wpa_driver_nl80211_send_mlme(bss, (u8 *) &mgmt,
7781 sizeof(mgmt.u.deauth), 0, 0, 0, 0,
7786 static int i802_sta_disassoc(void *priv, const u8 *own_addr, const u8 *addr,
7789 struct i802_bss *bss = priv;
7790 struct wpa_driver_nl80211_data *drv = bss->drv;
7791 struct ieee80211_mgmt mgmt;
7793 if (drv->device_ap_sme)
7794 return wpa_driver_nl80211_sta_remove(bss, addr);
7796 memset(&mgmt, 0, sizeof(mgmt));
7797 mgmt.frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT,
7798 WLAN_FC_STYPE_DISASSOC);
7799 memcpy(mgmt.da, addr, ETH_ALEN);
7800 memcpy(mgmt.sa, own_addr, ETH_ALEN);
7801 memcpy(mgmt.bssid, own_addr, ETH_ALEN);
7802 mgmt.u.disassoc.reason_code = host_to_le16(reason);
7803 return wpa_driver_nl80211_send_mlme(bss, (u8 *) &mgmt,
7805 sizeof(mgmt.u.disassoc), 0, 0, 0, 0,
7809 #endif /* HOSTAPD || CONFIG_AP */
7813 static void add_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx)
7818 wpa_printf(MSG_DEBUG, "nl80211: Add own interface ifindex %d",
7820 for (i = 0; i < drv->num_if_indices; i++) {
7821 if (drv->if_indices[i] == 0) {
7822 drv->if_indices[i] = ifidx;
7827 if (drv->if_indices != drv->default_if_indices)
7828 old = drv->if_indices;
7832 drv->if_indices = os_realloc_array(old, drv->num_if_indices + 1,
7834 if (!drv->if_indices) {
7836 drv->if_indices = drv->default_if_indices;
7838 drv->if_indices = old;
7839 wpa_printf(MSG_ERROR, "Failed to reallocate memory for "
7841 wpa_printf(MSG_ERROR, "Ignoring EAPOL on interface %d", ifidx);
7844 os_memcpy(drv->if_indices, drv->default_if_indices,
7845 sizeof(drv->default_if_indices));
7846 drv->if_indices[drv->num_if_indices] = ifidx;
7847 drv->num_if_indices++;
7851 static void del_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx)
7855 for (i = 0; i < drv->num_if_indices; i++) {
7856 if (drv->if_indices[i] == ifidx) {
7857 drv->if_indices[i] = 0;
7864 static int have_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx)
7868 for (i = 0; i < drv->num_if_indices; i++)
7869 if (drv->if_indices[i] == ifidx)
7876 static int i802_set_wds_sta(void *priv, const u8 *addr, int aid, int val,
7877 const char *bridge_ifname)
7879 struct i802_bss *bss = priv;
7880 struct wpa_driver_nl80211_data *drv = bss->drv;
7881 char name[IFNAMSIZ + 1];
7883 os_snprintf(name, sizeof(name), "%s.sta%d", bss->ifname, aid);
7884 wpa_printf(MSG_DEBUG, "nl80211: Set WDS STA addr=" MACSTR
7885 " aid=%d val=%d name=%s", MAC2STR(addr), aid, val, name);
7887 if (!if_nametoindex(name)) {
7888 if (nl80211_create_iface(drv, name,
7889 NL80211_IFTYPE_AP_VLAN,
7892 if (bridge_ifname &&
7893 linux_br_add_if(drv->global->ioctl_sock,
7894 bridge_ifname, name) < 0)
7897 if (linux_set_iface_flags(drv->global->ioctl_sock, name, 1)) {
7898 wpa_printf(MSG_ERROR, "nl80211: Failed to set WDS STA "
7899 "interface %s up", name);
7901 return i802_set_sta_vlan(priv, addr, name, 0);
7904 linux_br_del_if(drv->global->ioctl_sock, bridge_ifname,
7907 i802_set_sta_vlan(priv, addr, bss->ifname, 0);
7908 return wpa_driver_nl80211_if_remove(priv, WPA_IF_AP_VLAN,
7914 static void handle_eapol(int sock, void *eloop_ctx, void *sock_ctx)
7916 struct wpa_driver_nl80211_data *drv = eloop_ctx;
7917 struct sockaddr_ll lladdr;
7918 unsigned char buf[3000];
7920 socklen_t fromlen = sizeof(lladdr);
7922 len = recvfrom(sock, buf, sizeof(buf), 0,
7923 (struct sockaddr *)&lladdr, &fromlen);
7929 if (have_ifidx(drv, lladdr.sll_ifindex))
7930 drv_event_eapol_rx(drv->ctx, lladdr.sll_addr, buf, len);
7934 static int i802_check_bridge(struct wpa_driver_nl80211_data *drv,
7935 struct i802_bss *bss,
7936 const char *brname, const char *ifname)
7939 char in_br[IFNAMSIZ];
7941 os_strlcpy(bss->brname, brname, IFNAMSIZ);
7942 ifindex = if_nametoindex(brname);
7945 * Bridge was configured, but the bridge device does
7946 * not exist. Try to add it now.
7948 if (linux_br_add(drv->global->ioctl_sock, brname) < 0) {
7949 wpa_printf(MSG_ERROR, "nl80211: Failed to add the "
7950 "bridge interface %s: %s",
7951 brname, strerror(errno));
7954 bss->added_bridge = 1;
7955 add_ifidx(drv, if_nametoindex(brname));
7958 if (linux_br_get(in_br, ifname) == 0) {
7959 if (os_strcmp(in_br, brname) == 0)
7960 return 0; /* already in the bridge */
7962 wpa_printf(MSG_DEBUG, "nl80211: Removing interface %s from "
7963 "bridge %s", ifname, in_br);
7964 if (linux_br_del_if(drv->global->ioctl_sock, in_br, ifname) <
7966 wpa_printf(MSG_ERROR, "nl80211: Failed to "
7967 "remove interface %s from bridge "
7969 ifname, brname, strerror(errno));
7974 wpa_printf(MSG_DEBUG, "nl80211: Adding interface %s into bridge %s",
7976 if (linux_br_add_if(drv->global->ioctl_sock, brname, ifname) < 0) {
7977 wpa_printf(MSG_ERROR, "nl80211: Failed to add interface %s "
7978 "into bridge %s: %s",
7979 ifname, brname, strerror(errno));
7982 bss->added_if_into_bridge = 1;
7988 static void *i802_init(struct hostapd_data *hapd,
7989 struct wpa_init_params *params)
7991 struct wpa_driver_nl80211_data *drv;
7992 struct i802_bss *bss;
7994 char brname[IFNAMSIZ];
7995 int ifindex, br_ifindex;
7998 bss = wpa_driver_nl80211_init(hapd, params->ifname,
7999 params->global_priv);
8004 drv->nlmode = NL80211_IFTYPE_AP;
8005 drv->eapol_sock = -1;
8007 if (linux_br_get(brname, params->ifname) == 0) {
8008 wpa_printf(MSG_DEBUG, "nl80211: Interface %s is in bridge %s",
8009 params->ifname, brname);
8010 br_ifindex = if_nametoindex(brname);
8016 drv->num_if_indices = sizeof(drv->default_if_indices) / sizeof(int);
8017 drv->if_indices = drv->default_if_indices;
8018 for (i = 0; i < params->num_bridge; i++) {
8019 if (params->bridge[i]) {
8020 ifindex = if_nametoindex(params->bridge[i]);
8022 add_ifidx(drv, ifindex);
8023 if (ifindex == br_ifindex)
8027 if (!br_added && br_ifindex &&
8028 (params->num_bridge == 0 || !params->bridge[0]))
8029 add_ifidx(drv, br_ifindex);
8031 /* start listening for EAPOL on the default AP interface */
8032 add_ifidx(drv, drv->ifindex);
8034 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 0))
8037 if (params->bssid) {
8038 if (linux_set_ifhwaddr(drv->global->ioctl_sock, bss->ifname,
8043 if (wpa_driver_nl80211_set_mode(bss, drv->nlmode)) {
8044 wpa_printf(MSG_ERROR, "nl80211: Failed to set interface %s "
8045 "into AP mode", bss->ifname);
8049 if (params->num_bridge && params->bridge[0] &&
8050 i802_check_bridge(drv, bss, params->bridge[0], params->ifname) < 0)
8053 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 1))
8056 drv->eapol_sock = socket(PF_PACKET, SOCK_DGRAM, htons(ETH_P_PAE));
8057 if (drv->eapol_sock < 0) {
8058 perror("socket(PF_PACKET, SOCK_DGRAM, ETH_P_PAE)");
8062 if (eloop_register_read_sock(drv->eapol_sock, handle_eapol, drv, NULL))
8064 printf("Could not register read socket for eapol\n");
8068 if (linux_get_ifhwaddr(drv->global->ioctl_sock, bss->ifname,
8072 memcpy(bss->addr, params->own_addr, ETH_ALEN);
8077 wpa_driver_nl80211_deinit(bss);
8082 static void i802_deinit(void *priv)
8084 struct i802_bss *bss = priv;
8085 wpa_driver_nl80211_deinit(bss);
8088 #endif /* HOSTAPD */
8091 static enum nl80211_iftype wpa_driver_nl80211_if_type(
8092 enum wpa_driver_if_type type)
8095 case WPA_IF_STATION:
8096 return NL80211_IFTYPE_STATION;
8097 case WPA_IF_P2P_CLIENT:
8098 case WPA_IF_P2P_GROUP:
8099 return NL80211_IFTYPE_P2P_CLIENT;
8100 case WPA_IF_AP_VLAN:
8101 return NL80211_IFTYPE_AP_VLAN;
8103 return NL80211_IFTYPE_AP;
8105 return NL80211_IFTYPE_P2P_GO;
8113 static int nl80211_addr_in_use(struct nl80211_global *global, const u8 *addr)
8115 struct wpa_driver_nl80211_data *drv;
8116 dl_list_for_each(drv, &global->interfaces,
8117 struct wpa_driver_nl80211_data, list) {
8118 if (os_memcmp(addr, drv->first_bss.addr, ETH_ALEN) == 0)
8125 static int nl80211_p2p_interface_addr(struct wpa_driver_nl80211_data *drv,
8133 os_memcpy(new_addr, drv->first_bss.addr, ETH_ALEN);
8134 for (idx = 0; idx < 64; idx++) {
8135 new_addr[0] = drv->first_bss.addr[0] | 0x02;
8136 new_addr[0] ^= idx << 2;
8137 if (!nl80211_addr_in_use(drv->global, new_addr))
8143 wpa_printf(MSG_DEBUG, "nl80211: Assigned new P2P Interface Address "
8144 MACSTR, MAC2STR(new_addr));
8149 #endif /* CONFIG_P2P */
8152 static int wpa_driver_nl80211_if_add(void *priv, enum wpa_driver_if_type type,
8153 const char *ifname, const u8 *addr,
8154 void *bss_ctx, void **drv_priv,
8155 char *force_ifname, u8 *if_addr,
8158 struct i802_bss *bss = priv;
8159 struct wpa_driver_nl80211_data *drv = bss->drv;
8162 struct i802_bss *new_bss = NULL;
8164 if (type == WPA_IF_AP_BSS) {
8165 new_bss = os_zalloc(sizeof(*new_bss));
8166 if (new_bss == NULL)
8169 #endif /* HOSTAPD */
8172 os_memcpy(if_addr, addr, ETH_ALEN);
8173 ifidx = nl80211_create_iface(drv, ifname,
8174 wpa_driver_nl80211_if_type(type), addr,
8179 #endif /* HOSTAPD */
8184 linux_get_ifhwaddr(drv->global->ioctl_sock, bss->ifname,
8186 nl80211_remove_iface(drv, ifidx);
8192 (type == WPA_IF_P2P_CLIENT || type == WPA_IF_P2P_GROUP ||
8193 type == WPA_IF_P2P_GO)) {
8194 /* Enforce unique P2P Interface Address */
8195 u8 new_addr[ETH_ALEN], own_addr[ETH_ALEN];
8197 if (linux_get_ifhwaddr(drv->global->ioctl_sock, bss->ifname,
8199 linux_get_ifhwaddr(drv->global->ioctl_sock, ifname,
8201 nl80211_remove_iface(drv, ifidx);
8204 if (os_memcmp(own_addr, new_addr, ETH_ALEN) == 0) {
8205 wpa_printf(MSG_DEBUG, "nl80211: Allocate new address "
8206 "for P2P group interface");
8207 if (nl80211_p2p_interface_addr(drv, new_addr) < 0) {
8208 nl80211_remove_iface(drv, ifidx);
8211 if (linux_set_ifhwaddr(drv->global->ioctl_sock, ifname,
8213 nl80211_remove_iface(drv, ifidx);
8217 os_memcpy(if_addr, new_addr, ETH_ALEN);
8219 #endif /* CONFIG_P2P */
8223 i802_check_bridge(drv, new_bss, bridge, ifname) < 0) {
8224 wpa_printf(MSG_ERROR, "nl80211: Failed to add the new "
8225 "interface %s to a bridge %s", ifname, bridge);
8226 nl80211_remove_iface(drv, ifidx);
8231 if (type == WPA_IF_AP_BSS) {
8232 if (linux_set_iface_flags(drv->global->ioctl_sock, ifname, 1))
8234 nl80211_remove_iface(drv, ifidx);
8238 os_strlcpy(new_bss->ifname, ifname, IFNAMSIZ);
8239 os_memcpy(new_bss->addr, if_addr, ETH_ALEN);
8240 new_bss->ifindex = ifidx;
8242 new_bss->next = drv->first_bss.next;
8243 new_bss->freq = drv->first_bss.freq;
8244 new_bss->ctx = bss_ctx;
8245 drv->first_bss.next = new_bss;
8247 *drv_priv = new_bss;
8248 nl80211_init_bss(new_bss);
8250 /* Subscribe management frames for this WPA_IF_AP_BSS */
8251 if (nl80211_setup_ap(new_bss))
8254 #endif /* HOSTAPD */
8257 drv->global->if_add_ifindex = ifidx;
8263 static int wpa_driver_nl80211_if_remove(struct i802_bss *bss,
8264 enum wpa_driver_if_type type,
8267 struct wpa_driver_nl80211_data *drv = bss->drv;
8268 int ifindex = if_nametoindex(ifname);
8270 wpa_printf(MSG_DEBUG, "nl80211: %s(type=%d ifname=%s) ifindex=%d",
8271 __func__, type, ifname, ifindex);
8275 nl80211_remove_iface(drv, ifindex);
8278 if (type != WPA_IF_AP_BSS)
8281 if (bss->added_if_into_bridge) {
8282 if (linux_br_del_if(drv->global->ioctl_sock, bss->brname,
8284 wpa_printf(MSG_INFO, "nl80211: Failed to remove "
8285 "interface %s from bridge %s: %s",
8286 bss->ifname, bss->brname, strerror(errno));
8288 if (bss->added_bridge) {
8289 if (linux_br_del(drv->global->ioctl_sock, bss->brname) < 0)
8290 wpa_printf(MSG_INFO, "nl80211: Failed to remove "
8292 bss->brname, strerror(errno));
8295 if (bss != &drv->first_bss) {
8296 struct i802_bss *tbss;
8298 for (tbss = &drv->first_bss; tbss; tbss = tbss->next) {
8299 if (tbss->next == bss) {
8300 tbss->next = bss->next;
8301 /* Unsubscribe management frames */
8302 nl80211_teardown_ap(bss);
8303 nl80211_destroy_bss(bss);
8310 wpa_printf(MSG_INFO, "nl80211: %s - could not find "
8311 "BSS %p in the list", __func__, bss);
8313 #endif /* HOSTAPD */
8319 static int cookie_handler(struct nl_msg *msg, void *arg)
8321 struct nlattr *tb[NL80211_ATTR_MAX + 1];
8322 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
8324 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
8325 genlmsg_attrlen(gnlh, 0), NULL);
8326 if (tb[NL80211_ATTR_COOKIE])
8327 *cookie = nla_get_u64(tb[NL80211_ATTR_COOKIE]);
8332 static int nl80211_send_frame_cmd(struct i802_bss *bss,
8333 unsigned int freq, unsigned int wait,
8334 const u8 *buf, size_t buf_len,
8335 u64 *cookie_out, int no_cck, int no_ack,
8338 struct wpa_driver_nl80211_data *drv = bss->drv;
8343 msg = nlmsg_alloc();
8347 wpa_printf(MSG_DEBUG, "nl80211: CMD_FRAME freq=%u wait=%u no_cck=%d "
8348 "no_ack=%d offchanok=%d",
8349 freq, wait, no_cck, no_ack, offchanok);
8350 nl80211_cmd(drv, msg, 0, NL80211_CMD_FRAME);
8352 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, bss->ifindex);
8353 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, freq);
8355 NLA_PUT_U32(msg, NL80211_ATTR_DURATION, wait);
8356 if (offchanok && (drv->capa.flags & WPA_DRIVER_FLAGS_OFFCHANNEL_TX))
8357 NLA_PUT_FLAG(msg, NL80211_ATTR_OFFCHANNEL_TX_OK);
8359 NLA_PUT_FLAG(msg, NL80211_ATTR_TX_NO_CCK_RATE);
8361 NLA_PUT_FLAG(msg, NL80211_ATTR_DONT_WAIT_FOR_ACK);
8363 NLA_PUT(msg, NL80211_ATTR_FRAME, buf_len, buf);
8366 ret = send_and_recv_msgs(drv, msg, cookie_handler, &cookie);
8369 wpa_printf(MSG_DEBUG, "nl80211: Frame command failed: ret=%d "
8370 "(%s) (freq=%u wait=%u)", ret, strerror(-ret),
8372 goto nla_put_failure;
8374 wpa_printf(MSG_DEBUG, "nl80211: Frame TX command accepted%s; "
8375 "cookie 0x%llx", no_ack ? " (no ACK)" : "",
8376 (long long unsigned int) cookie);
8379 *cookie_out = no_ack ? (u64) -1 : cookie;
8387 static int wpa_driver_nl80211_send_action(struct i802_bss *bss,
8389 unsigned int wait_time,
8390 const u8 *dst, const u8 *src,
8392 const u8 *data, size_t data_len,
8395 struct wpa_driver_nl80211_data *drv = bss->drv;
8398 struct ieee80211_hdr *hdr;
8400 wpa_printf(MSG_DEBUG, "nl80211: Send Action frame (ifindex=%d, "
8401 "freq=%u MHz wait=%d ms no_cck=%d)",
8402 drv->ifindex, freq, wait_time, no_cck);
8404 buf = os_zalloc(24 + data_len);
8407 os_memcpy(buf + 24, data, data_len);
8408 hdr = (struct ieee80211_hdr *) buf;
8409 hdr->frame_control =
8410 IEEE80211_FC(WLAN_FC_TYPE_MGMT, WLAN_FC_STYPE_ACTION);
8411 os_memcpy(hdr->addr1, dst, ETH_ALEN);
8412 os_memcpy(hdr->addr2, src, ETH_ALEN);
8413 os_memcpy(hdr->addr3, bssid, ETH_ALEN);
8415 if (is_ap_interface(drv->nlmode))
8416 ret = wpa_driver_nl80211_send_mlme(bss, buf, 24 + data_len,
8420 ret = nl80211_send_frame_cmd(bss, freq, wait_time, buf,
8422 &drv->send_action_cookie,
8430 static void wpa_driver_nl80211_send_action_cancel_wait(void *priv)
8432 struct i802_bss *bss = priv;
8433 struct wpa_driver_nl80211_data *drv = bss->drv;
8437 msg = nlmsg_alloc();
8441 nl80211_cmd(drv, msg, 0, NL80211_CMD_FRAME_WAIT_CANCEL);
8443 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
8444 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, drv->send_action_cookie);
8446 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
8449 wpa_printf(MSG_DEBUG, "nl80211: wait cancel failed: ret=%d "
8450 "(%s)", ret, strerror(-ret));
8457 static int wpa_driver_nl80211_remain_on_channel(void *priv, unsigned int freq,
8458 unsigned int duration)
8460 struct i802_bss *bss = priv;
8461 struct wpa_driver_nl80211_data *drv = bss->drv;
8466 msg = nlmsg_alloc();
8470 nl80211_cmd(drv, msg, 0, NL80211_CMD_REMAIN_ON_CHANNEL);
8472 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
8473 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, freq);
8474 NLA_PUT_U32(msg, NL80211_ATTR_DURATION, duration);
8477 ret = send_and_recv_msgs(drv, msg, cookie_handler, &cookie);
8480 wpa_printf(MSG_DEBUG, "nl80211: Remain-on-channel cookie "
8481 "0x%llx for freq=%u MHz duration=%u",
8482 (long long unsigned int) cookie, freq, duration);
8483 drv->remain_on_chan_cookie = cookie;
8484 drv->pending_remain_on_chan = 1;
8487 wpa_printf(MSG_DEBUG, "nl80211: Failed to request remain-on-channel "
8488 "(freq=%d duration=%u): %d (%s)",
8489 freq, duration, ret, strerror(-ret));
8496 static int wpa_driver_nl80211_cancel_remain_on_channel(void *priv)
8498 struct i802_bss *bss = priv;
8499 struct wpa_driver_nl80211_data *drv = bss->drv;
8503 if (!drv->pending_remain_on_chan) {
8504 wpa_printf(MSG_DEBUG, "nl80211: No pending remain-on-channel "
8509 wpa_printf(MSG_DEBUG, "nl80211: Cancel remain-on-channel with cookie "
8511 (long long unsigned int) drv->remain_on_chan_cookie);
8513 msg = nlmsg_alloc();
8517 nl80211_cmd(drv, msg, 0, NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL);
8519 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
8520 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, drv->remain_on_chan_cookie);
8522 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
8526 wpa_printf(MSG_DEBUG, "nl80211: Failed to cancel remain-on-channel: "
8527 "%d (%s)", ret, strerror(-ret));
8534 static int wpa_driver_nl80211_probe_req_report(struct i802_bss *bss, int report)
8536 struct wpa_driver_nl80211_data *drv = bss->drv;
8539 if (bss->nl_preq && drv->device_ap_sme &&
8540 is_ap_interface(drv->nlmode)) {
8542 * Do not disable Probe Request reporting that was
8543 * enabled in nl80211_setup_ap().
8545 wpa_printf(MSG_DEBUG, "nl80211: Skip disabling of "
8546 "Probe Request reporting nl_preq=%p while "
8547 "in AP mode", bss->nl_preq);
8548 } else if (bss->nl_preq) {
8549 wpa_printf(MSG_DEBUG, "nl80211: Disable Probe Request "
8550 "reporting nl_preq=%p", bss->nl_preq);
8551 eloop_unregister_read_sock(
8552 nl_socket_get_fd(bss->nl_preq));
8553 nl_destroy_handles(&bss->nl_preq);
8559 wpa_printf(MSG_DEBUG, "nl80211: Probe Request reporting "
8560 "already on! nl_preq=%p", bss->nl_preq);
8564 bss->nl_preq = nl_create_handle(drv->global->nl_cb, "preq");
8565 if (bss->nl_preq == NULL)
8567 wpa_printf(MSG_DEBUG, "nl80211: Enable Probe Request "
8568 "reporting nl_preq=%p", bss->nl_preq);
8570 if (nl80211_register_frame(bss, bss->nl_preq,
8571 (WLAN_FC_TYPE_MGMT << 2) |
8572 (WLAN_FC_STYPE_PROBE_REQ << 4),
8576 eloop_register_read_sock(nl_socket_get_fd(bss->nl_preq),
8577 wpa_driver_nl80211_event_receive, bss->nl_cb,
8583 nl_destroy_handles(&bss->nl_preq);
8588 static int nl80211_disable_11b_rates(struct wpa_driver_nl80211_data *drv,
8589 int ifindex, int disabled)
8592 struct nlattr *bands, *band;
8595 msg = nlmsg_alloc();
8599 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_TX_BITRATE_MASK);
8600 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifindex);
8602 bands = nla_nest_start(msg, NL80211_ATTR_TX_RATES);
8604 goto nla_put_failure;
8607 * Disable 2 GHz rates 1, 2, 5.5, 11 Mbps by masking out everything
8608 * else apart from 6, 9, 12, 18, 24, 36, 48, 54 Mbps from non-MCS
8609 * rates. All 5 GHz rates are left enabled.
8611 band = nla_nest_start(msg, NL80211_BAND_2GHZ);
8613 goto nla_put_failure;
8615 NLA_PUT(msg, NL80211_TXRATE_LEGACY, 8,
8616 "\x0c\x12\x18\x24\x30\x48\x60\x6c");
8618 nla_nest_end(msg, band);
8620 nla_nest_end(msg, bands);
8622 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
8625 wpa_printf(MSG_DEBUG, "nl80211: Set TX rates failed: ret=%d "
8626 "(%s)", ret, strerror(-ret));
8628 drv->disabled_11b_rates = disabled;
8638 static int wpa_driver_nl80211_deinit_ap(void *priv)
8640 struct i802_bss *bss = priv;
8641 struct wpa_driver_nl80211_data *drv = bss->drv;
8642 if (!is_ap_interface(drv->nlmode))
8644 wpa_driver_nl80211_del_beacon(drv);
8645 return wpa_driver_nl80211_set_mode(priv, NL80211_IFTYPE_STATION);
8649 static int wpa_driver_nl80211_deinit_p2p_cli(void *priv)
8651 struct i802_bss *bss = priv;
8652 struct wpa_driver_nl80211_data *drv = bss->drv;
8653 if (drv->nlmode != NL80211_IFTYPE_P2P_CLIENT)
8655 return wpa_driver_nl80211_set_mode(priv, NL80211_IFTYPE_STATION);
8659 static void wpa_driver_nl80211_resume(void *priv)
8661 struct i802_bss *bss = priv;
8662 struct wpa_driver_nl80211_data *drv = bss->drv;
8663 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 1)) {
8664 wpa_printf(MSG_DEBUG, "nl80211: Failed to set interface up on "
8670 static int nl80211_send_ft_action(void *priv, u8 action, const u8 *target_ap,
8671 const u8 *ies, size_t ies_len)
8673 struct i802_bss *bss = priv;
8674 struct wpa_driver_nl80211_data *drv = bss->drv;
8678 const u8 *own_addr = bss->addr;
8681 wpa_printf(MSG_ERROR, "nl80211: Unsupported send_ft_action "
8682 "action %d", action);
8687 * Action frame payload:
8688 * Category[1] = 6 (Fast BSS Transition)
8689 * Action[1] = 1 (Fast BSS Transition Request)
8695 data_len = 2 + 2 * ETH_ALEN + ies_len;
8696 data = os_malloc(data_len);
8700 *pos++ = 0x06; /* FT Action category */
8702 os_memcpy(pos, own_addr, ETH_ALEN);
8704 os_memcpy(pos, target_ap, ETH_ALEN);
8706 os_memcpy(pos, ies, ies_len);
8708 ret = wpa_driver_nl80211_send_action(bss, drv->assoc_freq, 0,
8709 drv->bssid, own_addr, drv->bssid,
8717 static int nl80211_signal_monitor(void *priv, int threshold, int hysteresis)
8719 struct i802_bss *bss = priv;
8720 struct wpa_driver_nl80211_data *drv = bss->drv;
8721 struct nl_msg *msg, *cqm = NULL;
8724 wpa_printf(MSG_DEBUG, "nl80211: Signal monitor threshold=%d "
8725 "hysteresis=%d", threshold, hysteresis);
8727 msg = nlmsg_alloc();
8731 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_CQM);
8733 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, bss->ifindex);
8735 cqm = nlmsg_alloc();
8737 goto nla_put_failure;
8739 NLA_PUT_U32(cqm, NL80211_ATTR_CQM_RSSI_THOLD, threshold);
8740 NLA_PUT_U32(cqm, NL80211_ATTR_CQM_RSSI_HYST, hysteresis);
8741 if (nla_put_nested(msg, NL80211_ATTR_CQM, cqm) < 0)
8742 goto nla_put_failure;
8744 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
8754 static int nl80211_signal_poll(void *priv, struct wpa_signal_info *si)
8756 struct i802_bss *bss = priv;
8757 struct wpa_driver_nl80211_data *drv = bss->drv;
8760 os_memset(si, 0, sizeof(*si));
8761 res = nl80211_get_link_signal(drv, si);
8765 return nl80211_get_link_noise(drv, si);
8769 static int wpa_driver_nl80211_shared_freq(void *priv)
8771 struct i802_bss *bss = priv;
8772 struct wpa_driver_nl80211_data *drv = bss->drv;
8773 struct wpa_driver_nl80211_data *driver;
8777 * If the same PHY is in connected state with some other interface,
8778 * then retrieve the assoc freq.
8780 wpa_printf(MSG_DEBUG, "nl80211: Get shared freq for PHY %s",
8783 dl_list_for_each(driver, &drv->global->interfaces,
8784 struct wpa_driver_nl80211_data, list) {
8785 if (drv == driver ||
8786 os_strcmp(drv->phyname, driver->phyname) != 0 ||
8787 !driver->associated)
8790 wpa_printf(MSG_DEBUG, "nl80211: Found a match for PHY %s - %s "
8792 driver->phyname, driver->first_bss.ifname,
8793 MAC2STR(driver->first_bss.addr));
8794 if (is_ap_interface(driver->nlmode))
8795 freq = driver->first_bss.freq;
8797 freq = nl80211_get_assoc_freq(driver);
8798 wpa_printf(MSG_DEBUG, "nl80211: Shared freq for PHY %s: %d",
8799 drv->phyname, freq);
8803 wpa_printf(MSG_DEBUG, "nl80211: No shared interface for "
8804 "PHY (%s) in associated state", drv->phyname);
8810 static int nl80211_send_frame(void *priv, const u8 *data, size_t data_len,
8813 struct i802_bss *bss = priv;
8814 return wpa_driver_nl80211_send_frame(bss, data, data_len, encrypt, 0,
8819 static int nl80211_set_param(void *priv, const char *param)
8821 wpa_printf(MSG_DEBUG, "nl80211: driver param='%s'", param);
8826 if (os_strstr(param, "use_p2p_group_interface=1")) {
8827 struct i802_bss *bss = priv;
8828 struct wpa_driver_nl80211_data *drv = bss->drv;
8830 wpa_printf(MSG_DEBUG, "nl80211: Use separate P2P group "
8832 drv->capa.flags |= WPA_DRIVER_FLAGS_P2P_CONCURRENT;
8833 drv->capa.flags |= WPA_DRIVER_FLAGS_P2P_MGMT_AND_NON_P2P;
8835 #endif /* CONFIG_P2P */
8841 static void * nl80211_global_init(void)
8843 struct nl80211_global *global;
8844 struct netlink_config *cfg;
8846 global = os_zalloc(sizeof(*global));
8849 global->ioctl_sock = -1;
8850 dl_list_init(&global->interfaces);
8851 global->if_add_ifindex = -1;
8853 cfg = os_zalloc(sizeof(*cfg));
8858 cfg->newlink_cb = wpa_driver_nl80211_event_rtm_newlink;
8859 cfg->dellink_cb = wpa_driver_nl80211_event_rtm_dellink;
8860 global->netlink = netlink_init(cfg);
8861 if (global->netlink == NULL) {
8866 if (wpa_driver_nl80211_init_nl_global(global) < 0)
8869 global->ioctl_sock = socket(PF_INET, SOCK_DGRAM, 0);
8870 if (global->ioctl_sock < 0) {
8871 perror("socket(PF_INET,SOCK_DGRAM)");
8878 nl80211_global_deinit(global);
8883 static void nl80211_global_deinit(void *priv)
8885 struct nl80211_global *global = priv;
8888 if (!dl_list_empty(&global->interfaces)) {
8889 wpa_printf(MSG_ERROR, "nl80211: %u interface(s) remain at "
8890 "nl80211_global_deinit",
8891 dl_list_len(&global->interfaces));
8894 if (global->netlink)
8895 netlink_deinit(global->netlink);
8897 nl_destroy_handles(&global->nl);
8899 if (global->nl_event) {
8900 eloop_unregister_read_sock(
8901 nl_socket_get_fd(global->nl_event));
8902 nl_destroy_handles(&global->nl_event);
8905 nl_cb_put(global->nl_cb);
8907 if (global->ioctl_sock >= 0)
8908 close(global->ioctl_sock);
8914 static const char * nl80211_get_radio_name(void *priv)
8916 struct i802_bss *bss = priv;
8917 struct wpa_driver_nl80211_data *drv = bss->drv;
8918 return drv->phyname;
8922 static int nl80211_pmkid(struct i802_bss *bss, int cmd, const u8 *bssid,
8927 msg = nlmsg_alloc();
8931 nl80211_cmd(bss->drv, msg, 0, cmd);
8933 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(bss->ifname));
8935 NLA_PUT(msg, NL80211_ATTR_PMKID, 16, pmkid);
8937 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid);
8939 return send_and_recv_msgs(bss->drv, msg, NULL, NULL);
8946 static int nl80211_add_pmkid(void *priv, const u8 *bssid, const u8 *pmkid)
8948 struct i802_bss *bss = priv;
8949 wpa_printf(MSG_DEBUG, "nl80211: Add PMKID for " MACSTR, MAC2STR(bssid));
8950 return nl80211_pmkid(bss, NL80211_CMD_SET_PMKSA, bssid, pmkid);
8954 static int nl80211_remove_pmkid(void *priv, const u8 *bssid, const u8 *pmkid)
8956 struct i802_bss *bss = priv;
8957 wpa_printf(MSG_DEBUG, "nl80211: Delete PMKID for " MACSTR,
8959 return nl80211_pmkid(bss, NL80211_CMD_DEL_PMKSA, bssid, pmkid);
8963 static int nl80211_flush_pmkid(void *priv)
8965 struct i802_bss *bss = priv;
8966 wpa_printf(MSG_DEBUG, "nl80211: Flush PMKIDs");
8967 return nl80211_pmkid(bss, NL80211_CMD_FLUSH_PMKSA, NULL, NULL);
8971 static void nl80211_set_rekey_info(void *priv, const u8 *kek, const u8 *kck,
8972 const u8 *replay_ctr)
8974 struct i802_bss *bss = priv;
8975 struct wpa_driver_nl80211_data *drv = bss->drv;
8976 struct nlattr *replay_nested;
8979 msg = nlmsg_alloc();
8983 nl80211_cmd(drv, msg, 0, NL80211_CMD_SET_REKEY_OFFLOAD);
8985 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, bss->ifindex);
8987 replay_nested = nla_nest_start(msg, NL80211_ATTR_REKEY_DATA);
8989 goto nla_put_failure;
8991 NLA_PUT(msg, NL80211_REKEY_DATA_KEK, NL80211_KEK_LEN, kek);
8992 NLA_PUT(msg, NL80211_REKEY_DATA_KCK, NL80211_KCK_LEN, kck);
8993 NLA_PUT(msg, NL80211_REKEY_DATA_REPLAY_CTR, NL80211_REPLAY_CTR_LEN,
8996 nla_nest_end(msg, replay_nested);
8998 send_and_recv_msgs(drv, msg, NULL, NULL);
9005 static void nl80211_send_null_frame(struct i802_bss *bss, const u8 *own_addr,
9006 const u8 *addr, int qos)
9008 /* send data frame to poll STA and check whether
9009 * this frame is ACKed */
9011 struct ieee80211_hdr hdr;
9013 } STRUCT_PACKED nulldata;
9016 /* Send data frame to poll STA and check whether this frame is ACKed */
9018 os_memset(&nulldata, 0, sizeof(nulldata));
9021 nulldata.hdr.frame_control =
9022 IEEE80211_FC(WLAN_FC_TYPE_DATA,
9023 WLAN_FC_STYPE_QOS_NULL);
9024 size = sizeof(nulldata);
9026 nulldata.hdr.frame_control =
9027 IEEE80211_FC(WLAN_FC_TYPE_DATA,
9028 WLAN_FC_STYPE_NULLFUNC);
9029 size = sizeof(struct ieee80211_hdr);
9032 nulldata.hdr.frame_control |= host_to_le16(WLAN_FC_FROMDS);
9033 os_memcpy(nulldata.hdr.IEEE80211_DA_FROMDS, addr, ETH_ALEN);
9034 os_memcpy(nulldata.hdr.IEEE80211_BSSID_FROMDS, own_addr, ETH_ALEN);
9035 os_memcpy(nulldata.hdr.IEEE80211_SA_FROMDS, own_addr, ETH_ALEN);
9037 if (wpa_driver_nl80211_send_mlme(bss, (u8 *) &nulldata, size, 0, 0, 0,
9039 wpa_printf(MSG_DEBUG, "nl80211_send_null_frame: Failed to "
9043 static void nl80211_poll_client(void *priv, const u8 *own_addr, const u8 *addr,
9046 struct i802_bss *bss = priv;
9047 struct wpa_driver_nl80211_data *drv = bss->drv;
9050 if (!drv->poll_command_supported) {
9051 nl80211_send_null_frame(bss, own_addr, addr, qos);
9055 msg = nlmsg_alloc();
9059 nl80211_cmd(drv, msg, 0, NL80211_CMD_PROBE_CLIENT);
9061 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, bss->ifindex);
9062 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
9064 send_and_recv_msgs(drv, msg, NULL, NULL);
9071 static int nl80211_set_power_save(struct i802_bss *bss, int enabled)
9075 msg = nlmsg_alloc();
9079 nl80211_cmd(bss->drv, msg, 0, NL80211_CMD_SET_POWER_SAVE);
9080 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, bss->ifindex);
9081 NLA_PUT_U32(msg, NL80211_ATTR_PS_STATE,
9082 enabled ? NL80211_PS_ENABLED : NL80211_PS_DISABLED);
9083 return send_and_recv_msgs(bss->drv, msg, NULL, NULL);
9090 static int nl80211_set_p2p_powersave(void *priv, int legacy_ps, int opp_ps,
9093 struct i802_bss *bss = priv;
9095 wpa_printf(MSG_DEBUG, "nl80211: set_p2p_powersave (legacy_ps=%d "
9096 "opp_ps=%d ctwindow=%d)", legacy_ps, opp_ps, ctwindow);
9098 if (opp_ps != -1 || ctwindow != -1)
9099 return -1; /* Not yet supported */
9101 if (legacy_ps == -1)
9103 if (legacy_ps != 0 && legacy_ps != 1)
9104 return -1; /* Not yet supported */
9106 return nl80211_set_power_save(bss, legacy_ps);
9112 static int nl80211_send_tdls_mgmt(void *priv, const u8 *dst, u8 action_code,
9113 u8 dialog_token, u16 status_code,
9114 const u8 *buf, size_t len)
9116 struct i802_bss *bss = priv;
9117 struct wpa_driver_nl80211_data *drv = bss->drv;
9120 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT))
9126 msg = nlmsg_alloc();
9130 nl80211_cmd(drv, msg, 0, NL80211_CMD_TDLS_MGMT);
9131 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
9132 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, dst);
9133 NLA_PUT_U8(msg, NL80211_ATTR_TDLS_ACTION, action_code);
9134 NLA_PUT_U8(msg, NL80211_ATTR_TDLS_DIALOG_TOKEN, dialog_token);
9135 NLA_PUT_U16(msg, NL80211_ATTR_STATUS_CODE, status_code);
9136 NLA_PUT(msg, NL80211_ATTR_IE, len, buf);
9138 return send_and_recv_msgs(drv, msg, NULL, NULL);
9146 static int nl80211_tdls_oper(void *priv, enum tdls_oper oper, const u8 *peer)
9148 struct i802_bss *bss = priv;
9149 struct wpa_driver_nl80211_data *drv = bss->drv;
9151 enum nl80211_tdls_operation nl80211_oper;
9153 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT))
9157 case TDLS_DISCOVERY_REQ:
9158 nl80211_oper = NL80211_TDLS_DISCOVERY_REQ;
9161 nl80211_oper = NL80211_TDLS_SETUP;
9164 nl80211_oper = NL80211_TDLS_TEARDOWN;
9166 case TDLS_ENABLE_LINK:
9167 nl80211_oper = NL80211_TDLS_ENABLE_LINK;
9169 case TDLS_DISABLE_LINK:
9170 nl80211_oper = NL80211_TDLS_DISABLE_LINK;
9180 msg = nlmsg_alloc();
9184 nl80211_cmd(drv, msg, 0, NL80211_CMD_TDLS_OPER);
9185 NLA_PUT_U8(msg, NL80211_ATTR_TDLS_OPERATION, nl80211_oper);
9186 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
9187 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, peer);
9189 return send_and_recv_msgs(drv, msg, NULL, NULL);
9196 #endif /* CONFIG TDLS */
9201 typedef struct android_wifi_priv_cmd {
9205 } android_wifi_priv_cmd;
9207 static int drv_errors = 0;
9209 static void wpa_driver_send_hang_msg(struct wpa_driver_nl80211_data *drv)
9212 if (drv_errors > DRV_NUMBER_SEQUENTIAL_ERRORS) {
9214 wpa_msg(drv->ctx, MSG_INFO, WPA_EVENT_DRIVER_STATE "HANGED");
9219 static int android_priv_cmd(struct i802_bss *bss, const char *cmd)
9221 struct wpa_driver_nl80211_data *drv = bss->drv;
9223 android_wifi_priv_cmd priv_cmd;
9224 char buf[MAX_DRV_CMD_SIZE];
9227 os_memset(&ifr, 0, sizeof(ifr));
9228 os_memset(&priv_cmd, 0, sizeof(priv_cmd));
9229 os_strlcpy(ifr.ifr_name, bss->ifname, IFNAMSIZ);
9231 os_memset(buf, 0, sizeof(buf));
9232 os_strlcpy(buf, cmd, sizeof(buf));
9235 priv_cmd.used_len = sizeof(buf);
9236 priv_cmd.total_len = sizeof(buf);
9237 ifr.ifr_data = &priv_cmd;
9239 ret = ioctl(drv->global->ioctl_sock, SIOCDEVPRIVATE + 1, &ifr);
9241 wpa_printf(MSG_ERROR, "%s: failed to issue private commands",
9243 wpa_driver_send_hang_msg(drv);
9252 static int android_pno_start(struct i802_bss *bss,
9253 struct wpa_driver_scan_params *params)
9255 struct wpa_driver_nl80211_data *drv = bss->drv;
9257 android_wifi_priv_cmd priv_cmd;
9258 int ret = 0, i = 0, bp;
9259 char buf[WEXT_PNO_MAX_COMMAND_SIZE];
9261 bp = WEXT_PNOSETUP_HEADER_SIZE;
9262 os_memcpy(buf, WEXT_PNOSETUP_HEADER, bp);
9263 buf[bp++] = WEXT_PNO_TLV_PREFIX;
9264 buf[bp++] = WEXT_PNO_TLV_VERSION;
9265 buf[bp++] = WEXT_PNO_TLV_SUBVERSION;
9266 buf[bp++] = WEXT_PNO_TLV_RESERVED;
9268 while (i < WEXT_PNO_AMOUNT && (size_t) i < params->num_ssids) {
9269 /* Check that there is enough space needed for 1 more SSID, the
9270 * other sections and null termination */
9271 if ((bp + WEXT_PNO_SSID_HEADER_SIZE + MAX_SSID_LEN +
9272 WEXT_PNO_NONSSID_SECTIONS_SIZE + 1) >= (int) sizeof(buf))
9274 wpa_hexdump_ascii(MSG_DEBUG, "For PNO Scan",
9275 params->ssids[i].ssid,
9276 params->ssids[i].ssid_len);
9277 buf[bp++] = WEXT_PNO_SSID_SECTION;
9278 buf[bp++] = params->ssids[i].ssid_len;
9279 os_memcpy(&buf[bp], params->ssids[i].ssid,
9280 params->ssids[i].ssid_len);
9281 bp += params->ssids[i].ssid_len;
9285 buf[bp++] = WEXT_PNO_SCAN_INTERVAL_SECTION;
9286 os_snprintf(&buf[bp], WEXT_PNO_SCAN_INTERVAL_LENGTH + 1, "%x",
9287 WEXT_PNO_SCAN_INTERVAL);
9288 bp += WEXT_PNO_SCAN_INTERVAL_LENGTH;
9290 buf[bp++] = WEXT_PNO_REPEAT_SECTION;
9291 os_snprintf(&buf[bp], WEXT_PNO_REPEAT_LENGTH + 1, "%x",
9293 bp += WEXT_PNO_REPEAT_LENGTH;
9295 buf[bp++] = WEXT_PNO_MAX_REPEAT_SECTION;
9296 os_snprintf(&buf[bp], WEXT_PNO_MAX_REPEAT_LENGTH + 1, "%x",
9297 WEXT_PNO_MAX_REPEAT);
9298 bp += WEXT_PNO_MAX_REPEAT_LENGTH + 1;
9300 memset(&ifr, 0, sizeof(ifr));
9301 memset(&priv_cmd, 0, sizeof(priv_cmd));
9302 os_strncpy(ifr.ifr_name, bss->ifname, IFNAMSIZ);
9305 priv_cmd.used_len = bp;
9306 priv_cmd.total_len = bp;
9307 ifr.ifr_data = &priv_cmd;
9309 ret = ioctl(drv->global->ioctl_sock, SIOCDEVPRIVATE + 1, &ifr);
9312 wpa_printf(MSG_ERROR, "ioctl[SIOCSIWPRIV] (pnosetup): %d",
9314 wpa_driver_send_hang_msg(drv);
9320 return android_priv_cmd(bss, "PNOFORCE 1");
9324 static int android_pno_stop(struct i802_bss *bss)
9326 return android_priv_cmd(bss, "PNOFORCE 0");
9329 #endif /* ANDROID */
9332 static int driver_nl80211_set_key(const char *ifname, void *priv,
9333 enum wpa_alg alg, const u8 *addr,
9334 int key_idx, int set_tx,
9335 const u8 *seq, size_t seq_len,
9336 const u8 *key, size_t key_len)
9338 struct i802_bss *bss = priv;
9339 return wpa_driver_nl80211_set_key(ifname, bss, alg, addr, key_idx,
9340 set_tx, seq, seq_len, key, key_len);
9344 static int driver_nl80211_scan2(void *priv,
9345 struct wpa_driver_scan_params *params)
9347 struct i802_bss *bss = priv;
9348 return wpa_driver_nl80211_scan(bss, params);
9352 static int driver_nl80211_deauthenticate(void *priv, const u8 *addr,
9355 struct i802_bss *bss = priv;
9356 return wpa_driver_nl80211_deauthenticate(bss, addr, reason_code);
9360 static int driver_nl80211_authenticate(void *priv,
9361 struct wpa_driver_auth_params *params)
9363 struct i802_bss *bss = priv;
9364 return wpa_driver_nl80211_authenticate(bss, params);
9368 static void driver_nl80211_deinit(void *priv)
9370 struct i802_bss *bss = priv;
9371 wpa_driver_nl80211_deinit(bss);
9375 static int driver_nl80211_if_remove(void *priv, enum wpa_driver_if_type type,
9378 struct i802_bss *bss = priv;
9379 return wpa_driver_nl80211_if_remove(bss, type, ifname);
9383 static int driver_nl80211_send_mlme(void *priv, const u8 *data,
9384 size_t data_len, int noack)
9386 struct i802_bss *bss = priv;
9387 return wpa_driver_nl80211_send_mlme(bss, data, data_len, noack,
9392 static int driver_nl80211_sta_remove(void *priv, const u8 *addr)
9394 struct i802_bss *bss = priv;
9395 return wpa_driver_nl80211_sta_remove(bss, addr);
9399 #if defined(HOSTAPD) || defined(CONFIG_AP)
9400 static int driver_nl80211_set_sta_vlan(void *priv, const u8 *addr,
9401 const char *ifname, int vlan_id)
9403 struct i802_bss *bss = priv;
9404 return i802_set_sta_vlan(bss, addr, ifname, vlan_id);
9406 #endif /* HOSTAPD || CONFIG_AP */
9409 static int driver_nl80211_read_sta_data(void *priv,
9410 struct hostap_sta_driver_data *data,
9413 struct i802_bss *bss = priv;
9414 return i802_read_sta_data(bss, data, addr);
9418 static int driver_nl80211_send_action(void *priv, unsigned int freq,
9419 unsigned int wait_time,
9420 const u8 *dst, const u8 *src,
9422 const u8 *data, size_t data_len,
9425 struct i802_bss *bss = priv;
9426 return wpa_driver_nl80211_send_action(bss, freq, wait_time, dst, src,
9427 bssid, data, data_len, no_cck);
9431 static int driver_nl80211_probe_req_report(void *priv, int report)
9433 struct i802_bss *bss = priv;
9434 return wpa_driver_nl80211_probe_req_report(bss, report);
9438 const struct wpa_driver_ops wpa_driver_nl80211_ops = {
9440 .desc = "Linux nl80211/cfg80211",
9441 .get_bssid = wpa_driver_nl80211_get_bssid,
9442 .get_ssid = wpa_driver_nl80211_get_ssid,
9443 .set_key = driver_nl80211_set_key,
9444 .scan2 = driver_nl80211_scan2,
9445 .sched_scan = wpa_driver_nl80211_sched_scan,
9446 .stop_sched_scan = wpa_driver_nl80211_stop_sched_scan,
9447 .get_scan_results2 = wpa_driver_nl80211_get_scan_results,
9448 .deauthenticate = driver_nl80211_deauthenticate,
9449 .authenticate = driver_nl80211_authenticate,
9450 .associate = wpa_driver_nl80211_associate,
9451 .global_init = nl80211_global_init,
9452 .global_deinit = nl80211_global_deinit,
9453 .init2 = wpa_driver_nl80211_init,
9454 .deinit = driver_nl80211_deinit,
9455 .get_capa = wpa_driver_nl80211_get_capa,
9456 .set_operstate = wpa_driver_nl80211_set_operstate,
9457 .set_supp_port = wpa_driver_nl80211_set_supp_port,
9458 .set_country = wpa_driver_nl80211_set_country,
9459 .set_ap = wpa_driver_nl80211_set_ap,
9460 .if_add = wpa_driver_nl80211_if_add,
9461 .if_remove = driver_nl80211_if_remove,
9462 .send_mlme = driver_nl80211_send_mlme,
9463 .get_hw_feature_data = wpa_driver_nl80211_get_hw_feature_data,
9464 .sta_add = wpa_driver_nl80211_sta_add,
9465 .sta_remove = driver_nl80211_sta_remove,
9466 .hapd_send_eapol = wpa_driver_nl80211_hapd_send_eapol,
9467 .sta_set_flags = wpa_driver_nl80211_sta_set_flags,
9469 .hapd_init = i802_init,
9470 .hapd_deinit = i802_deinit,
9471 .set_wds_sta = i802_set_wds_sta,
9472 #endif /* HOSTAPD */
9473 #if defined(HOSTAPD) || defined(CONFIG_AP)
9474 .get_seqnum = i802_get_seqnum,
9475 .flush = i802_flush,
9476 .get_inact_sec = i802_get_inact_sec,
9477 .sta_clear_stats = i802_sta_clear_stats,
9478 .set_rts = i802_set_rts,
9479 .set_frag = i802_set_frag,
9480 .set_tx_queue_params = i802_set_tx_queue_params,
9481 .set_sta_vlan = driver_nl80211_set_sta_vlan,
9482 .sta_deauth = i802_sta_deauth,
9483 .sta_disassoc = i802_sta_disassoc,
9484 #endif /* HOSTAPD || CONFIG_AP */
9485 .read_sta_data = driver_nl80211_read_sta_data,
9486 .set_freq = i802_set_freq,
9487 .send_action = driver_nl80211_send_action,
9488 .send_action_cancel_wait = wpa_driver_nl80211_send_action_cancel_wait,
9489 .remain_on_channel = wpa_driver_nl80211_remain_on_channel,
9490 .cancel_remain_on_channel =
9491 wpa_driver_nl80211_cancel_remain_on_channel,
9492 .probe_req_report = driver_nl80211_probe_req_report,
9493 .deinit_ap = wpa_driver_nl80211_deinit_ap,
9494 .deinit_p2p_cli = wpa_driver_nl80211_deinit_p2p_cli,
9495 .resume = wpa_driver_nl80211_resume,
9496 .send_ft_action = nl80211_send_ft_action,
9497 .signal_monitor = nl80211_signal_monitor,
9498 .signal_poll = nl80211_signal_poll,
9499 .send_frame = nl80211_send_frame,
9500 .shared_freq = wpa_driver_nl80211_shared_freq,
9501 .set_param = nl80211_set_param,
9502 .get_radio_name = nl80211_get_radio_name,
9503 .add_pmkid = nl80211_add_pmkid,
9504 .remove_pmkid = nl80211_remove_pmkid,
9505 .flush_pmkid = nl80211_flush_pmkid,
9506 .set_rekey_info = nl80211_set_rekey_info,
9507 .poll_client = nl80211_poll_client,
9508 .set_p2p_powersave = nl80211_set_p2p_powersave,
9510 .send_tdls_mgmt = nl80211_send_tdls_mgmt,
9511 .tdls_oper = nl80211_tdls_oper,
9512 #endif /* CONFIG_TDLS */
projects / mech_eap.git / blob