Allow MLME frames to be sent without expecting an ACK (no retries)

[mech_eap.git] / src / drivers / driver_nl80211.c
diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c

index d962ac9..4884d62 100644 (file)
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
@@ -88,23 +88,11 @@ static void nl80211_handle_destroy(struct nl_handle *handle)
  
         nl_handle_destroy(handle);
  }
-
-static inline int __genl_ctrl_alloc_cache(struct nl_handle *h,
-                                         struct nl_cache **cache)
-{
-       struct nl_cache *tmp = genl_ctrl_alloc_cache(h);
-       if (!tmp)
-               return -ENOMEM;
-       *cache = tmp;
-       return 0;
-}
-#define genl_ctrl_alloc_cache __genl_ctrl_alloc_cache
  #endif /* CONFIG_LIBNL20 */
  
  
  struct nl80211_handles {
         struct nl_handle *handle;
-       struct nl_cache *cache;
  };
  
  
@@ -127,12 +115,6 @@ static int nl_create_handles(struct nl80211_handles *handles, struct nl_cb *cb,
                 goto err;
         }
  
-       if (genl_ctrl_alloc_cache(handles->handle, &handles->cache) < 0) {
-               wpa_printf(MSG_ERROR, "nl80211: Failed to allocate generic "
-                          "netlink cache (%s)", dbg);
-               goto err;
-       }
-
         return 0;
  err:
         nl80211_handle_destroy(handles->handle);
@@ -144,7 +126,6 @@ static void nl_destroy_handles(struct nl80211_handles *handles)
  {
         if (handles->handle == NULL)
                 return;
-       nl_cache_free(handles->cache);
         nl80211_handle_destroy(handles->handle);
         handles->handle = NULL;
  }
@@ -170,7 +151,7 @@ struct nl80211_global {
         struct netlink_data *netlink;
         struct nl_cb *nl_cb;
         struct nl80211_handles nl;
-       struct genl_family *nl80211;
+       int nl80211_id;
         int ioctl_sock; /* socket for ioctl() use */
  };
  
@@ -219,11 +200,12 @@ struct wpa_driver_nl80211_data {
  
         int monitor_sock;
         int monitor_ifidx;
-       int no_monitor_iface_capab;
-       int disable_11b_rates;
  
+       unsigned int disabled_11b_rates:1;
         unsigned int pending_remain_on_chan:1;
         unsigned int in_interface_list:1;
+       unsigned int device_ap_sme:1;
+       unsigned int poll_command_supported:1;
  
         u64 remain_on_chan_cookie;
         u64 send_action_cookie;
@@ -237,7 +219,7 @@ struct wpa_driver_nl80211_data {
         struct i802_bss first_bss;
  
  #ifdef CONFIG_AP
-       struct l2_packet_data *l2;
+       int eapol_tx_sock;
  #endif /* CONFIG_AP */
  
  #ifdef HOSTAPD
@@ -266,7 +248,8 @@ static void nl80211_remove_monitor_interface(
         struct wpa_driver_nl80211_data *drv);
  static int nl80211_send_frame_cmd(struct wpa_driver_nl80211_data *drv,
                                   unsigned int freq, unsigned int wait,
-                                 const u8 *buf, size_t buf_len, u64 *cookie);
+                                 const u8 *buf, size_t buf_len, u64 *cookie,
+                                 int no_cck);
  static int wpa_driver_nl80211_probe_req_report(void *priv, int report);
  
  #ifdef HOSTAPD
@@ -312,6 +295,13 @@ static int is_sta_interface(enum nl80211_iftype nlmode)
  }
  
  
+static int is_p2p_interface(enum nl80211_iftype nlmode)
+{
+       return (nlmode == NL80211_IFTYPE_P2P_CLIENT ||
+               nlmode == NL80211_IFTYPE_P2P_GO);
+}
+
+
  struct nl80211_bss_info_arg {
         struct wpa_driver_nl80211_data *drv;
         struct wpa_scan_results *res;
@@ -463,7 +453,7 @@ nla_put_failure:
  static void * nl80211_cmd(struct wpa_driver_nl80211_data *drv,
                           struct nl_msg *msg, int flags, uint8_t cmd)
  {
-       return genlmsg_put(msg, 0, 0, genl_family_get_id(drv->global->nl80211),
+       return genlmsg_put(msg, 0, 0, drv->global->nl80211_id,
                            0, flags, cmd, 0);
  }
  
@@ -601,6 +591,14 @@ static void wpa_driver_nl80211_event_rtm_newlink(void *ctx,
                    (ifi->ifi_flags & IFF_DORMANT) ? "[DORMANT]" : "");
  
         if (!drv->if_disabled && !(ifi->ifi_flags & IFF_UP)) {
+               char namebuf[IFNAMSIZ];
+               if (if_indextoname(ifi->ifi_index, namebuf) &&
+                   linux_iface_up(drv->global->ioctl_sock,
+                                  drv->first_bss.ifname) > 0) {
+                       wpa_printf(MSG_DEBUG, "nl80211: Ignore interface down "
+                                  "event since interface %s is up", namebuf);
+                       return;
+               }
                 wpa_printf(MSG_DEBUG, "nl80211: Interface down");
                 if (drv->ignore_if_down_event) {
                         wpa_printf(MSG_DEBUG, "nl80211: Ignore interface down "
@@ -1397,6 +1395,80 @@ static int nl80211_get_link_noise(struct wpa_driver_nl80211_data *drv,
  }
  
  
+static int get_noise_for_scan_results(struct nl_msg *msg, void *arg)
+{
+       struct nlattr *tb[NL80211_ATTR_MAX + 1];
+       struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
+       struct nlattr *sinfo[NL80211_SURVEY_INFO_MAX + 1];
+       static struct nla_policy survey_policy[NL80211_SURVEY_INFO_MAX + 1] = {
+               [NL80211_SURVEY_INFO_FREQUENCY] = { .type = NLA_U32 },
+               [NL80211_SURVEY_INFO_NOISE] = { .type = NLA_U8 },
+       };
+       struct wpa_scan_results *scan_results = arg;
+       struct wpa_scan_res *scan_res;
+       size_t i;
+
+       nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
+                 genlmsg_attrlen(gnlh, 0), NULL);
+
+       if (!tb[NL80211_ATTR_SURVEY_INFO]) {
+               wpa_printf(MSG_DEBUG, "nl80211: Survey data missing");
+               return NL_SKIP;
+       }
+
+       if (nla_parse_nested(sinfo, NL80211_SURVEY_INFO_MAX,
+                            tb[NL80211_ATTR_SURVEY_INFO],
+                            survey_policy)) {
+               wpa_printf(MSG_DEBUG, "nl80211: Failed to parse nested "
+                          "attributes");
+               return NL_SKIP;
+       }
+
+       if (!sinfo[NL80211_SURVEY_INFO_NOISE])
+               return NL_SKIP;
+
+       if (!sinfo[NL80211_SURVEY_INFO_FREQUENCY])
+               return NL_SKIP;
+
+       for (i = 0; i < scan_results->num; ++i) {
+               scan_res = scan_results->res[i];
+               if (!scan_res)
+                       continue;
+               if ((int) nla_get_u32(sinfo[NL80211_SURVEY_INFO_FREQUENCY]) !=
+                   scan_res->freq)
+                       continue;
+               if (!(scan_res->flags & WPA_SCAN_NOISE_INVALID))
+                       continue;
+               scan_res->noise = (s8)
+                       nla_get_u8(sinfo[NL80211_SURVEY_INFO_NOISE]);
+               scan_res->flags &= ~WPA_SCAN_NOISE_INVALID;
+       }
+
+       return NL_SKIP;
+}
+
+
+static int nl80211_get_noise_for_scan_results(
+       struct wpa_driver_nl80211_data *drv,
+       struct wpa_scan_results *scan_res)
+{
+       struct nl_msg *msg;
+
+       msg = nlmsg_alloc();
+       if (!msg)
+               return -ENOMEM;
+
+       nl80211_cmd(drv, msg, NLM_F_DUMP, NL80211_CMD_GET_SURVEY);
+
+       NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
+
+       return send_and_recv_msgs(drv, msg, get_noise_for_scan_results,
+                                 scan_res);
+ nla_put_failure:
+       return -ENOBUFS;
+}
+
+
  static void nl80211_cqm_event(struct wpa_driver_nl80211_data *drv,
                               struct nlattr *tb[])
  {
@@ -1475,7 +1547,7 @@ static void nl80211_new_station_event(struct wpa_driver_nl80211_data *drv,
         addr = nla_data(tb[NL80211_ATTR_MAC]);
         wpa_printf(MSG_DEBUG, "nl80211: New station " MACSTR, MAC2STR(addr));
  
-       if (is_ap_interface(drv->nlmode) && drv->no_monitor_iface_capab) {
+       if (is_ap_interface(drv->nlmode) && drv->device_ap_sme) {
                 u8 *ies = NULL;
                 size_t ies_len = 0;
                 if (tb[NL80211_ATTR_IE]) {
@@ -1508,7 +1580,7 @@ static void nl80211_del_station_event(struct wpa_driver_nl80211_data *drv,
         wpa_printf(MSG_DEBUG, "nl80211: Delete station " MACSTR,
                    MAC2STR(addr));
  
-       if (is_ap_interface(drv->nlmode) && drv->no_monitor_iface_capab) {
+       if (is_ap_interface(drv->nlmode) && drv->device_ap_sme) {
                 drv_event_disassoc(drv->ctx, addr);
                 return;
         }
@@ -1598,6 +1670,22 @@ static void nl80211_pmksa_candidate_event(struct wpa_driver_nl80211_data *drv,
  }
  
  
+static void nl80211_client_probe_event(struct wpa_driver_nl80211_data *drv,
+                                      struct nlattr **tb)
+{
+       union wpa_event_data data;
+
+       if (!tb[NL80211_ATTR_MAC] || !tb[NL80211_ATTR_ACK])
+               return;
+
+       os_memset(&data, 0, sizeof(data));
+       os_memcpy(data.client_poll.addr,
+                 nla_data(tb[NL80211_ATTR_MAC]), ETH_ALEN);
+
+       wpa_supplicant_event(drv->ctx, EVENT_DRIVER_CLIENT_POLL_OK, &data);
+}
+
+
  static int process_event(struct nl_msg *msg, void *arg)
  {
         struct wpa_driver_nl80211_data *drv = arg;
@@ -1720,6 +1808,9 @@ static int process_event(struct nl_msg *msg, void *arg)
         case NL80211_CMD_PMKSA_CANDIDATE:
                 nl80211_pmksa_candidate_event(drv, tb);
                 break;
+       case NL80211_CMD_PROBE_CLIENT:
+               nl80211_client_probe_event(drv, tb);
+               break;
         default:
                 wpa_printf(MSG_DEBUG, "nl80211: Ignored unknown event "
                            "(cmd=%d)", gnlh->cmd);
@@ -1787,6 +1878,8 @@ struct wiphy_info_data {
         struct wpa_driver_capa *capa;
  
         unsigned int error:1;
+       unsigned int device_ap_sme:1;
+       unsigned int poll_command_supported:1;
  };
  
  
@@ -1918,6 +2011,9 @@ broken_combination:
                         case NL80211_CMD_START_SCHED_SCAN:
                                 capa->sched_scan_supported = 1;
                                 break;
+                       case NL80211_CMD_PROBE_CLIENT:
+                               info->poll_command_supported = 1;
+                               break;
                         }
                 }
         }
@@ -1968,6 +2064,9 @@ broken_combination:
                 }
         }
  
+       if (tb[NL80211_ATTR_DEVICE_AP_SME])
+               info->device_ap_sme = 1;
+
         return NL_SKIP;
  }
  
@@ -2025,6 +2124,9 @@ static int wpa_driver_nl80211_capa(struct wpa_driver_nl80211_data *drv)
         drv->capa.flags |= WPA_DRIVER_FLAGS_EAPOL_TX_STATUS;
         drv->capa.flags |= WPA_DRIVER_FLAGS_DEAUTH_TX_STATUS;
  
+       drv->device_ap_sme = info.device_ap_sme;
+       drv->poll_command_supported = info.poll_command_supported;
+
         return 0;
  }
  
@@ -2041,9 +2143,8 @@ static int wpa_driver_nl80211_init_nl_global(struct nl80211_global *global)
         if (nl_create_handles(&global->nl, global->nl_cb, "nl"))
                 return -1;
  
-       global->nl80211 = genl_ctrl_search_by_name(global->nl.cache,
-                                                  "nl80211");
-       if (global->nl80211 == NULL) {
+       global->nl80211_id = genl_ctrl_resolve(global->nl.handle, "nl80211");
+       if (global->nl80211_id < 0) {
                 wpa_printf(MSG_ERROR, "nl80211: 'nl80211' generic netlink not "
                            "found");
                 return -1;
@@ -2163,16 +2264,6 @@ static void nl80211_get_phy_name(struct wpa_driver_nl80211_data *drv)
  }
  
  
-#ifdef CONFIG_AP
-static void nl80211_l2_read(void *ctx, const u8 *src_addr, const u8 *buf,
-                           size_t len)
-{
-       wpa_printf(MSG_DEBUG, "nl80211: l2_packet read %u",
-                  (unsigned int) len);
-}
-#endif /* CONFIG_AP */
-
-
  /**
   * wpa_driver_nl80211_init - Initialize nl80211 driver interface
   * @ctx: context to be used when calling wpa_supplicant functions,
@@ -2188,6 +2279,8 @@ static void * wpa_driver_nl80211_init(void *ctx, const char *ifname,
         struct rfkill_config *rcfg;
         struct i802_bss *bss;
  
+       if (global_priv == NULL)
+               return NULL;
         drv = os_zalloc(sizeof(*drv));
         if (drv == NULL)
                 return NULL;
@@ -2198,6 +2291,9 @@ static void * wpa_driver_nl80211_init(void *ctx, const char *ifname,
         os_strlcpy(bss->ifname, ifname, sizeof(bss->ifname));
         drv->monitor_ifidx = -1;
         drv->monitor_sock = -1;
+#ifdef CONFIG_AP
+       drv->eapol_tx_sock = -1;
+#endif /* CONFIG_AP */
         drv->ap_scan_as_station = NL80211_IFTYPE_UNSPECIFIED;
  
         if (wpa_driver_nl80211_init_nl(drv)) {
@@ -2224,8 +2320,7 @@ static void * wpa_driver_nl80211_init(void *ctx, const char *ifname,
                 goto failed;
  
  #ifdef CONFIG_AP
-       drv->l2 = l2_packet_init(ifname, NULL, ETH_P_EAPOL,
-                                nl80211_l2_read, drv, 0);
+       drv->eapol_tx_sock = socket(PF_PACKET, SOCK_DGRAM, 0);
  #endif /* CONFIG_AP */
  
         if (drv->global) {
@@ -2362,8 +2457,7 @@ wpa_driver_nl80211_finish_drv_init(struct wpa_driver_nl80211_data *drv)
          * dynamically added interface (e.g., P2P) that was already configured
          * with proper iftype.
          */
-       if ((drv->global == NULL ||
-            drv->ifindex != drv->global->if_add_ifindex) &&
+       if (drv->ifindex != drv->global->if_add_ifindex &&
             wpa_driver_nl80211_set_mode(bss, NL80211_IFTYPE_STATION) < 0) {
                 wpa_printf(MSG_ERROR, "nl80211: Could not configure driver to "
                            "use managed mode");
@@ -2444,8 +2538,8 @@ static void wpa_driver_nl80211_deinit(void *priv)
         struct wpa_driver_nl80211_data *drv = bss->drv;
  
  #ifdef CONFIG_AP
-       if (drv->l2)
-               l2_packet_deinit(drv->l2);
+       if (drv->eapol_tx_sock >= 0)
+               close(drv->eapol_tx_sock);
  #endif /* CONFIG_AP */
  
         if (drv->nl_preq.handle)
@@ -2487,7 +2581,7 @@ static void wpa_driver_nl80211_deinit(void *priv)
                 os_free(drv->if_indices);
  #endif /* HOSTAPD */
  
-       if (drv->disable_11b_rates)
+       if (drv->disabled_11b_rates)
                 nl80211_disable_11b_rates(drv, drv->ifindex, 0);
  
         netlink_send_oper_ifla(drv->global->netlink, drv->ifindex, 0,
@@ -2604,6 +2698,8 @@ static int wpa_driver_nl80211_scan(void *priv,
                 NLA_PUT(rates, NL80211_BAND_2GHZ, 8,
                         "\x0c\x12\x18\x24\x30\x48\x60\x6c");
                 nla_put_nested(msg, NL80211_ATTR_SCAN_SUPP_RATES, rates);
+
+               NLA_PUT_FLAG(msg, NL80211_ATTR_TX_NO_CCK_RATE);
         }
  
         ret = send_and_recv_msgs(drv, msg, NULL, NULL);
@@ -2947,7 +3043,7 @@ static int bss_info_handler(struct nl_msg *msg, void *arg)
                 r->flags |= WPA_SCAN_LEVEL_DBM | WPA_SCAN_QUAL_INVALID;
         } else if (bss[NL80211_BSS_SIGNAL_UNSPEC]) {
                 r->level = nla_get_u8(bss[NL80211_BSS_SIGNAL_UNSPEC]);
-               r->flags |= WPA_SCAN_LEVEL_INVALID;
+               r->flags |= WPA_SCAN_QUAL_INVALID;
         } else
                 r->flags |= WPA_SCAN_LEVEL_INVALID | WPA_SCAN_QUAL_INVALID;
         if (bss[NL80211_BSS_TSF])
@@ -3111,8 +3207,9 @@ nl80211_get_scan_results(struct wpa_driver_nl80211_data *drv)
         ret = send_and_recv_msgs(drv, msg, bss_info_handler, &arg);
         msg = NULL;
         if (ret == 0) {
-               wpa_printf(MSG_DEBUG, "Received scan results (%lu BSSes)",
-                          (unsigned long) res->num);
+               wpa_printf(MSG_DEBUG, "nl80211: Received scan results (%lu "
+                          "BSSes)", (unsigned long) res->num);
+               nl80211_get_noise_for_scan_results(drv, res);
                 return res;
         }
         wpa_printf(MSG_DEBUG, "nl80211: Scan result fetch failed: ret=%d "
@@ -3458,8 +3555,9 @@ static int wpa_driver_nl80211_mlme(struct wpa_driver_nl80211_data *drv,
         ret = send_and_recv_msgs(drv, msg, NULL, NULL);
         msg = NULL;
         if (ret) {
-               wpa_printf(MSG_DEBUG, "nl80211: MLME command failed: ret=%d "
-                          "(%s)", ret, strerror(-ret));
+               wpa_dbg(drv->ctx, MSG_DEBUG,
+                       "nl80211: MLME command failed: reason=%u ret=%d (%s)",
+                       reason_code, ret, strerror(-ret));
                 goto nla_put_failure;
         }
         ret = 0;
@@ -3598,8 +3696,9 @@ retry:
         ret = send_and_recv_msgs(drv, msg, NULL, NULL);
         msg = NULL;
         if (ret) {
-               wpa_printf(MSG_DEBUG, "nl80211: MLME command failed: ret=%d "
-                          "(%s)", ret, strerror(-ret));
+               wpa_dbg(drv->ctx, MSG_DEBUG,
+                       "nl80211: MLME command failed (auth): ret=%d (%s)",
+                       ret, strerror(-ret));
                 count++;
                 if (ret == -EALREADY && count == 1 && params->bssid &&
                     !params->local_state_change) {
@@ -4110,7 +4209,7 @@ static int wpa_driver_nl80211_send_frame(struct wpa_driver_nl80211_data *drv,
  
  
  static int wpa_driver_nl80211_send_mlme(void *priv, const u8 *data,
-                                       size_t data_len)
+                                       size_t data_len, int noack)
  {
         struct i802_bss *bss = priv;
         struct wpa_driver_nl80211_data *drv = bss->drv;
@@ -4130,12 +4229,12 @@ static int wpa_driver_nl80211_send_mlme(void *priv, const u8 *data,
                  * of wpa_supplicant.
                  */
                 return nl80211_send_frame_cmd(drv, drv->last_mgmt_freq, 0,
-                                             data, data_len, NULL);
+                                             data, data_len, NULL, 1);
         }
  
-       if (drv->no_monitor_iface_capab && is_ap_interface(drv->nlmode)) {
+       if (drv->device_ap_sme && is_ap_interface(drv->nlmode)) {
                 return nl80211_send_frame_cmd(drv, drv->ap_oper_freq, 0,
-                                             data, data_len, NULL);
+                                             data, data_len, NULL, 0);
         }
  
         if (WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT &&
@@ -4627,7 +4726,7 @@ static int nl80211_create_iface(struct wpa_driver_nl80211_data *drv,
                                                 wds);
         }
  
-       if (ret >= 0 && drv->disable_11b_rates)
+       if (ret >= 0 && is_p2p_interface(iftype))
                 nl80211_disable_11b_rates(drv, ret, 1);
  
         return ret;
@@ -4968,9 +5067,15 @@ nl80211_create_monitor_interface(struct wpa_driver_nl80211_data *drv)
                                      0);
  
         if (drv->monitor_ifidx == -EOPNOTSUPP) {
+               /*
+                * This is backward compatibility for a few versions of
+                * the kernel only that didn't advertise the right
+                * attributes for the only driver that then supported
+                * AP mode w/o monitor -- ath6kl.
+                */
                 wpa_printf(MSG_DEBUG, "nl80211: Driver does not support "
                            "monitor interface type - try to run without it");
-               drv->no_monitor_iface_capab = 1;
+               drv->device_ap_sme = 1;
         }
  
         if (drv->monitor_ifidx < 0)
@@ -5023,17 +5128,29 @@ nl80211_create_monitor_interface(struct wpa_driver_nl80211_data *drv)
  #ifdef CONFIG_AP
  static int nl80211_send_eapol_data(struct i802_bss *bss,
                                    const u8 *addr, const u8 *data,
-                                  size_t data_len, const u8 *own_addr)
+                                  size_t data_len)
  {
-       if (bss->drv->l2 == NULL) {
-               wpa_printf(MSG_DEBUG, "nl80211: No l2_packet to send EAPOL");
+       struct sockaddr_ll ll;
+       int ret;
+
+       if (bss->drv->eapol_tx_sock < 0) {
+               wpa_printf(MSG_DEBUG, "nl80211: No socket to send EAPOL");
                 return -1;
         }
  
-       if (l2_packet_send(bss->drv->l2, addr, ETH_P_EAPOL, data, data_len) <
-           0)
-               return -1;
-       return 0;
+       os_memset(&ll, 0, sizeof(ll));
+       ll.sll_family = AF_PACKET;
+       ll.sll_ifindex = bss->ifindex;
+       ll.sll_protocol = htons(ETH_P_PAE);
+       ll.sll_halen = ETH_ALEN;
+       os_memcpy(ll.sll_addr, addr, ETH_ALEN);
+       ret = sendto(bss->drv->eapol_tx_sock, data, data_len, 0,
+                    (struct sockaddr *) &ll, sizeof(ll));
+       if (ret < 0)
+               wpa_printf(MSG_ERROR, "nl80211: EAPOL TX: %s",
+                          strerror(errno));
+
+       return ret;
  }
  #endif /* CONFIG_AP */
  
@@ -5053,9 +5170,8 @@ static int wpa_driver_nl80211_hapd_send_eapol(
         int qos = flags & WPA_STA_WMM;
  
  #ifdef CONFIG_AP
-       if (drv->no_monitor_iface_capab)
-               return nl80211_send_eapol_data(bss, addr, data, data_len,
-                                              own_addr);
+       if (drv->device_ap_sme)
+               return nl80211_send_eapol_data(bss, addr, data, data_len);
  #endif /* CONFIG_AP */
  
         len = sizeof(*hdr) + (qos ? 2 : 0) + sizeof(rfc1042_header) + 2 +
@@ -5186,7 +5302,7 @@ static int wpa_driver_nl80211_ap(struct wpa_driver_nl80211_data *drv,
                 return -1;
         }
  
-       if (drv->no_monitor_iface_capab) {
+       if (drv->device_ap_sme) {
                 if (wpa_driver_nl80211_probe_req_report(&drv->first_bss, 1) < 0)
                 {
                         wpa_printf(MSG_DEBUG, "nl80211: Failed to enable "
@@ -5644,8 +5760,9 @@ static int wpa_driver_nl80211_associate(
         ret = send_and_recv_msgs(drv, msg, NULL, NULL);
         msg = NULL;
         if (ret) {
-               wpa_printf(MSG_DEBUG, "nl80211: MLME command failed: ret=%d "
-                          "(%s)", ret, strerror(-ret));
+               wpa_dbg(drv->ctx, MSG_DEBUG,
+                       "nl80211: MLME command failed (assoc): ret=%d (%s)",
+                       ret, strerror(-ret));
                 nl80211_dump_scan(drv);
                 goto nla_put_failure;
         }
@@ -5747,18 +5864,26 @@ static int wpa_driver_nl80211_set_mode(struct i802_bss *bss,
  done:
         if (!ret && is_ap_interface(nlmode)) {
                 /* Setup additional AP mode functionality if needed */
-               if (!drv->no_monitor_iface_capab && drv->monitor_ifidx < 0 &&
+               if (!drv->device_ap_sme && drv->monitor_ifidx < 0 &&
                     nl80211_create_monitor_interface(drv) &&
-                   !drv->no_monitor_iface_capab)
+                   !drv->device_ap_sme)
                         return -1;
         } else if (!ret && !is_ap_interface(nlmode)) {
                 /* Remove additional AP mode functionality */
-               if (was_ap && drv->no_monitor_iface_capab)
+               if (was_ap && drv->device_ap_sme)
                         wpa_driver_nl80211_probe_req_report(bss, 0);
                 nl80211_remove_monitor_interface(drv);
                 bss->beacon_set = 0;
         }
  
+       if (!ret && is_p2p_interface(drv->nlmode)) {
+               nl80211_disable_11b_rates(drv, drv->ifindex, 1);
+               drv->disabled_11b_rates = 1;
+       } else if (!ret && drv->disabled_11b_rates) {
+               nl80211_disable_11b_rates(drv, drv->ifindex, 0);
+               drv->disabled_11b_rates = 0;
+       }
+
         if (ret)
                 wpa_printf(MSG_DEBUG, "nl80211: Interface mode change to %d "
                            "from %d failed", nlmode, drv->nlmode);
@@ -6203,7 +6328,7 @@ static int i802_sta_deauth(void *priv, const u8 *own_addr, const u8 *addr,
         mgmt.u.deauth.reason_code = host_to_le16(reason);
         return wpa_driver_nl80211_send_mlme(bss, (u8 *) &mgmt,
                                             IEEE80211_HDRLEN +
-                                           sizeof(mgmt.u.deauth));
+                                           sizeof(mgmt.u.deauth), 0);
  }
  
  
@@ -6222,7 +6347,7 @@ static int i802_sta_disassoc(void *priv, const u8 *own_addr, const u8 *addr,
         mgmt.u.disassoc.reason_code = host_to_le16(reason);
         return wpa_driver_nl80211_send_mlme(bss, (u8 *) &mgmt,
                                             IEEE80211_HDRLEN +
-                                           sizeof(mgmt.u.disassoc));
+                                           sizeof(mgmt.u.disassoc), 0);
  }
  
  #endif /* HOSTAPD || CONFIG_AP */
@@ -6733,7 +6858,7 @@ static int cookie_handler(struct nl_msg *msg, void *arg)
  static int nl80211_send_frame_cmd(struct wpa_driver_nl80211_data *drv,
                                   unsigned int freq, unsigned int wait,
                                   const u8 *buf, size_t buf_len,
-                                 u64 *cookie_out)
+                                 u64 *cookie_out, int no_cck)
  {
         struct nl_msg *msg;
         u64 cookie;
@@ -6750,6 +6875,9 @@ static int nl80211_send_frame_cmd(struct wpa_driver_nl80211_data *drv,
         if (wait)
                 NLA_PUT_U32(msg, NL80211_ATTR_DURATION, wait);
         NLA_PUT_FLAG(msg, NL80211_ATTR_OFFCHANNEL_TX_OK);
+       if (no_cck)
+               NLA_PUT_FLAG(msg, NL80211_ATTR_TX_NO_CCK_RATE);
+
         NLA_PUT(msg, NL80211_ATTR_FRAME, buf_len, buf);
  
         cookie = 0;
@@ -6777,7 +6905,8 @@ static int wpa_driver_nl80211_send_action(void *priv, unsigned int freq,
                                           unsigned int wait_time,
                                           const u8 *dst, const u8 *src,
                                           const u8 *bssid,
-                                         const u8 *data, size_t data_len)
+                                         const u8 *data, size_t data_len,
+                                         int no_cck)
  {
         struct i802_bss *bss = priv;
         struct wpa_driver_nl80211_data *drv = bss->drv;
@@ -6786,7 +6915,7 @@ static int wpa_driver_nl80211_send_action(void *priv, unsigned int freq,
         struct ieee80211_hdr *hdr;
  
         wpa_printf(MSG_DEBUG, "nl80211: Send Action frame (ifindex=%d, "
-                  "wait=%d ms)", drv->ifindex, wait_time);
+                  "wait=%d ms no_cck=%d)", drv->ifindex, wait_time, no_cck);
  
         buf = os_zalloc(24 + data_len);
         if (buf == NULL)
@@ -6800,11 +6929,13 @@ static int wpa_driver_nl80211_send_action(void *priv, unsigned int freq,
         os_memcpy(hdr->addr3, bssid, ETH_ALEN);
  
         if (is_ap_interface(drv->nlmode))
-               ret = wpa_driver_nl80211_send_mlme(priv, buf, 24 + data_len);
+               ret = wpa_driver_nl80211_send_mlme(priv, buf, 24 + data_len,
+                                                  0);
         else
                 ret = nl80211_send_frame_cmd(drv, freq, wait_time, buf,
                                              24 + data_len,
-                                            &drv->send_action_cookie);
+                                            &drv->send_action_cookie,
+                                            no_cck);
  
         os_free(buf);
         return ret;
@@ -6978,8 +7109,10 @@ static int nl80211_disable_11b_rates(struct wpa_driver_nl80211_data *drv,
         band = nla_nest_start(msg, NL80211_BAND_2GHZ);
         if (!band)
                 goto nla_put_failure;
-       NLA_PUT(msg, NL80211_TXRATE_LEGACY, 8,
-               "\x0c\x12\x18\x24\x30\x48\x60\x6c");
+       if (disabled) {
+               NLA_PUT(msg, NL80211_TXRATE_LEGACY, 8,
+                       "\x0c\x12\x18\x24\x30\x48\x60\x6c");
+       }
         nla_nest_end(msg, band);
  
         nla_nest_end(msg, bands);
@@ -6999,15 +7132,6 @@ nla_put_failure:
  }
  
  
-static int wpa_driver_nl80211_disable_11b_rates(void *priv, int disabled)
-{
-       struct i802_bss *bss = priv;
-       struct wpa_driver_nl80211_data *drv = bss->drv;
-       drv->disable_11b_rates = disabled;
-       return nl80211_disable_11b_rates(drv, drv->ifindex, disabled);
-}
-
-
  static int wpa_driver_nl80211_deinit_ap(void *priv)
  {
         struct i802_bss *bss = priv;
@@ -7074,7 +7198,7 @@ static int nl80211_send_ft_action(void *priv, u8 action, const u8 *target_ap,
  
         ret = wpa_driver_nl80211_send_action(bss, drv->assoc_freq, 0,
                                              drv->bssid, own_addr, drv->bssid,
-                                            data, data_len);
+                                            data, data_len, 0);
         os_free(data);
  
         return ret;
@@ -7133,6 +7257,44 @@ static int nl80211_signal_poll(void *priv, struct wpa_signal_info *si)
  }
  
  
+static int wpa_driver_nl80211_shared_freq(void *priv)
+{
+       struct i802_bss *bss = priv;
+       struct wpa_driver_nl80211_data *drv = bss->drv;
+       struct wpa_driver_nl80211_data *driver;
+       int freq = 0;
+
+       /*
+        * If the same PHY is in connected state with some other interface,
+        * then retrieve the assoc freq.
+        */
+       wpa_printf(MSG_DEBUG, "nl80211: Get shared freq for PHY %s",
+                  drv->phyname);
+
+       dl_list_for_each(driver, &drv->global->interfaces,
+                        struct wpa_driver_nl80211_data, list) {
+               if (drv == driver ||
+                   os_strcmp(drv->phyname, driver->phyname) != 0 ||
+                   !driver->associated)
+                       continue;
+
+               wpa_printf(MSG_DEBUG, "nl80211: Found a match for PHY %s - %s "
+                          MACSTR,
+                          driver->phyname, driver->first_bss.ifname,
+                          MAC2STR(driver->addr));
+               freq = nl80211_get_assoc_freq(driver);
+               wpa_printf(MSG_DEBUG, "nl80211: Shared freq for PHY %s: %d",
+                          drv->phyname, freq);
+       }
+
+       if (!freq)
+               wpa_printf(MSG_DEBUG, "nl80211: No shared interface for "
+                          "PHY (%s) in associated state", drv->phyname);
+
+       return freq;
+}
+
+
  static int nl80211_send_frame(void *priv, const u8 *data, size_t data_len,
                               int encrypt)
  {
@@ -7220,8 +7382,6 @@ static void nl80211_global_deinit(void *priv)
         if (global->netlink)
                 netlink_deinit(global->netlink);
  
-       if (global->nl80211)
-               genl_family_put(global->nl80211);
         nl_destroy_handles(&global->nl);
  
         if (global->nl_cb)
@@ -7324,10 +7484,11 @@ static void nl80211_set_rekey_info(void *priv, const u8 *kek, const u8 *kck,
  }
  
  
-static void nl80211_poll_client(void *priv, const u8 *own_addr, const u8 *addr,
-                               int qos)
+static void nl80211_send_null_frame(struct i802_bss *bss, const u8 *own_addr,
+                                   const u8 *addr, int qos)
  {
-       struct i802_bss *bss = priv;
+       /* send data frame to poll STA and check whether
+        * this frame is ACKed */
         struct {
                 struct ieee80211_hdr hdr;
                 u16 qos_ctl;
@@ -7355,11 +7516,38 @@ static void nl80211_poll_client(void *priv, const u8 *own_addr, const u8 *addr,
         os_memcpy(nulldata.hdr.IEEE80211_BSSID_FROMDS, own_addr, ETH_ALEN);
         os_memcpy(nulldata.hdr.IEEE80211_SA_FROMDS, own_addr, ETH_ALEN);
  
-       if (wpa_driver_nl80211_send_mlme(bss, (u8 *) &nulldata, size) < 0)
+       if (wpa_driver_nl80211_send_mlme(bss, (u8 *) &nulldata, size, 0) < 0)
                 wpa_printf(MSG_DEBUG, "nl80211_send_null_frame: Failed to "
                            "send poll frame");
  }
  
+static void nl80211_poll_client(void *priv, const u8 *own_addr, const u8 *addr,
+                               int qos)
+{
+       struct i802_bss *bss = priv;
+       struct wpa_driver_nl80211_data *drv = bss->drv;
+       struct nl_msg *msg;
+
+       if (!drv->poll_command_supported) {
+               nl80211_send_null_frame(bss, own_addr, addr, qos);
+               return;
+       }
+
+       msg = nlmsg_alloc();
+       if (!msg)
+               return;
+
+       nl80211_cmd(drv, msg, 0, NL80211_CMD_PROBE_CLIENT);
+
+       NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, bss->ifindex);
+       NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
+
+       send_and_recv_msgs(drv, msg, NULL, NULL);
+       return;
+ nla_put_failure:
+       nlmsg_free(msg);
+}
+
  
  #ifdef CONFIG_TDLS
  
@@ -7507,13 +7695,13 @@ const struct wpa_driver_ops wpa_driver_nl80211_ops = {
         .cancel_remain_on_channel =
         wpa_driver_nl80211_cancel_remain_on_channel,
         .probe_req_report = wpa_driver_nl80211_probe_req_report,
-       .disable_11b_rates = wpa_driver_nl80211_disable_11b_rates,
         .deinit_ap = wpa_driver_nl80211_deinit_ap,
         .resume = wpa_driver_nl80211_resume,
         .send_ft_action = nl80211_send_ft_action,
         .signal_monitor = nl80211_signal_monitor,
         .signal_poll = nl80211_signal_poll,
         .send_frame = nl80211_send_frame,
+       .shared_freq = wpa_driver_nl80211_shared_freq,
         .set_param = nl80211_set_param,
         .get_radio_name = nl80211_get_radio_name,
         .add_pmkid = nl80211_add_pmkid,