2 * WPA Supplicant - driver interaction with Linux nl80211/cfg80211
3 * Copyright (c) 2003-2008, Jouni Malinen <j@w1.fi>
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
9 * Alternatively, this software may be distributed under the terms of BSD
12 * See README and COPYING for more details.
16 #include <sys/ioctl.h>
17 #include <net/if_arp.h>
18 #include <netlink/genl/genl.h>
19 #include <netlink/genl/family.h>
20 #include <netlink/genl/ctrl.h>
21 #include "nl80211_copy.h"
22 #include "wireless_copy.h"
27 #include "ieee802_11_defs.h"
30 #define IFF_LOWER_UP 0x10000 /* driver signals L1 up */
33 #define IFF_DORMANT 0x20000 /* driver signals dormant */
36 #ifndef IF_OPER_DORMANT
37 #define IF_OPER_DORMANT 5
44 #ifndef NO_WEXT_COMPAT
46 * Fall back to WEXT association, if the kernel does not support nl80211 MLME
47 * commands. This is temporary backwards compatibility version that will be
48 * removed at some point.
51 #endif /* NO_WEXT_COMPAT */
54 struct wpa_driver_nl80211_data {
58 char ifname[IFNAMSIZ + 1];
61 struct wpa_driver_capa capa;
63 int we_version_compiled;
67 size_t assoc_req_ies_len;
69 size_t assoc_resp_ies_len;
71 /* for set_auth_alg fallback */
73 int auth_alg_fallback;
74 #endif /* WEXT_COMPAT */
78 char mlmedev[IFNAMSIZ + 1];
80 int scan_complete_events;
82 struct nl_handle *nl_handle;
83 struct nl_cache *nl_cache;
85 struct genl_family *nl80211;
94 static void wpa_driver_nl80211_scan_timeout(void *eloop_ctx,
96 static int wpa_driver_nl80211_set_mode(struct wpa_driver_nl80211_data *drv,
99 static int wpa_driver_nl80211_flush_pmkid(void *priv);
100 #endif /* WEXT_COMPAT */
101 static int wpa_driver_nl80211_get_range(void *priv);
103 wpa_driver_nl80211_finish_drv_init(struct wpa_driver_nl80211_data *drv);
107 static int ack_handler(struct nl_msg *msg, void *arg)
114 static int finish_handler(struct nl_msg *msg, void *arg)
121 static int error_handler(struct sockaddr_nl *nla, struct nlmsgerr *err,
129 static int send_and_recv_msgs(struct wpa_driver_nl80211_data *drv,
131 int (*valid_handler)(struct nl_msg *, void *),
137 cb = nl_cb_clone(drv->nl_cb);
141 err = nl_send_auto_complete(drv->nl_handle, msg);
147 nl_cb_err(cb, NL_CB_CUSTOM, error_handler, &err);
148 nl_cb_set(cb, NL_CB_FINISH, NL_CB_CUSTOM, finish_handler, &err);
149 nl_cb_set(cb, NL_CB_ACK, NL_CB_CUSTOM, ack_handler, &err);
152 nl_cb_set(cb, NL_CB_VALID, NL_CB_CUSTOM,
153 valid_handler, valid_data);
156 nl_recvmsgs(drv->nl_handle, cb);
170 static int family_handler(struct nl_msg *msg, void *arg)
172 struct family_data *res = arg;
173 struct nlattr *tb[CTRL_ATTR_MAX + 1];
174 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
175 struct nlattr *mcgrp;
178 nla_parse(tb, CTRL_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
179 genlmsg_attrlen(gnlh, 0), NULL);
180 if (!tb[CTRL_ATTR_MCAST_GROUPS])
183 nla_for_each_nested(mcgrp, tb[CTRL_ATTR_MCAST_GROUPS], i) {
184 struct nlattr *tb2[CTRL_ATTR_MCAST_GRP_MAX + 1];
185 nla_parse(tb2, CTRL_ATTR_MCAST_GRP_MAX, nla_data(mcgrp),
186 nla_len(mcgrp), NULL);
187 if (!tb2[CTRL_ATTR_MCAST_GRP_NAME] ||
188 !tb2[CTRL_ATTR_MCAST_GRP_ID] ||
189 os_strncmp(nla_data(tb2[CTRL_ATTR_MCAST_GRP_NAME]),
191 nla_len(tb2[CTRL_ATTR_MCAST_GRP_NAME])) != 0)
193 res->id = nla_get_u32(tb2[CTRL_ATTR_MCAST_GRP_ID]);
201 static int nl_get_multicast_id(struct wpa_driver_nl80211_data *drv,
202 const char *family, const char *group)
206 struct family_data res = { group, -ENOENT };
211 genlmsg_put(msg, 0, 0, genl_ctrl_resolve(drv->nl_handle, "nlctrl"),
212 0, 0, CTRL_CMD_GETFAMILY, 0);
213 NLA_PUT_STRING(msg, CTRL_ATTR_FAMILY_NAME, family);
215 ret = send_and_recv_msgs(drv, msg, family_handler, &res);
226 static int wpa_driver_nl80211_send_oper_ifla(
227 struct wpa_driver_nl80211_data *drv,
228 int linkmode, int operstate)
232 struct ifinfomsg ifinfo;
239 os_memset(&req, 0, sizeof(req));
241 req.hdr.nlmsg_len = NLMSG_LENGTH(sizeof(struct ifinfomsg));
242 req.hdr.nlmsg_type = RTM_SETLINK;
243 req.hdr.nlmsg_flags = NLM_F_REQUEST;
244 req.hdr.nlmsg_seq = ++nl_seq;
245 req.hdr.nlmsg_pid = 0;
247 req.ifinfo.ifi_family = AF_UNSPEC;
248 req.ifinfo.ifi_type = 0;
249 req.ifinfo.ifi_index = drv->ifindex;
250 req.ifinfo.ifi_flags = 0;
251 req.ifinfo.ifi_change = 0;
253 if (linkmode != -1) {
254 rta = (struct rtattr *)
255 ((char *) &req + NLMSG_ALIGN(req.hdr.nlmsg_len));
256 rta->rta_type = IFLA_LINKMODE;
257 rta->rta_len = RTA_LENGTH(sizeof(char));
258 *((char *) RTA_DATA(rta)) = linkmode;
259 req.hdr.nlmsg_len = NLMSG_ALIGN(req.hdr.nlmsg_len) +
260 RTA_LENGTH(sizeof(char));
262 if (operstate != -1) {
263 rta = (struct rtattr *)
264 ((char *) &req + NLMSG_ALIGN(req.hdr.nlmsg_len));
265 rta->rta_type = IFLA_OPERSTATE;
266 rta->rta_len = RTA_LENGTH(sizeof(char));
267 *((char *) RTA_DATA(rta)) = operstate;
268 req.hdr.nlmsg_len = NLMSG_ALIGN(req.hdr.nlmsg_len) +
269 RTA_LENGTH(sizeof(char));
272 wpa_printf(MSG_DEBUG, "WEXT: Operstate: linkmode=%d, operstate=%d",
273 linkmode, operstate);
275 ret = send(drv->wext_event_sock, &req, req.hdr.nlmsg_len, 0);
277 wpa_printf(MSG_DEBUG, "WEXT: Sending operstate IFLA failed: "
278 "%s (assume operstate is not supported)",
282 return ret < 0 ? -1 : 0;
286 static int wpa_driver_nl80211_set_auth_param(
287 struct wpa_driver_nl80211_data *drv, int idx, u32 value)
292 os_memset(&iwr, 0, sizeof(iwr));
293 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
294 iwr.u.param.flags = idx & IW_AUTH_INDEX;
295 iwr.u.param.value = value;
297 if (ioctl(drv->ioctl_sock, SIOCSIWAUTH, &iwr) < 0) {
298 if (errno != EOPNOTSUPP) {
299 wpa_printf(MSG_DEBUG, "WEXT: SIOCSIWAUTH(param %d "
300 "value 0x%x) failed: %s)",
301 idx, value, strerror(errno));
303 ret = errno == EOPNOTSUPP ? -2 : -1;
310 static int wpa_driver_nl80211_get_bssid(void *priv, u8 *bssid)
312 struct wpa_driver_nl80211_data *drv = priv;
314 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME)) {
318 os_memset(&iwr, 0, sizeof(iwr));
319 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
321 if (ioctl(drv->ioctl_sock, SIOCGIWAP, &iwr) < 0) {
322 perror("ioctl[SIOCGIWAP]");
325 os_memcpy(bssid, iwr.u.ap_addr.sa_data, ETH_ALEN);
329 #endif /* WEXT_COMPAT */
330 if (!drv->associated)
332 os_memcpy(bssid, drv->bssid, ETH_ALEN);
338 static int wpa_driver_nl80211_set_bssid(void *priv, const u8 *bssid)
340 struct wpa_driver_nl80211_data *drv = priv;
344 os_memset(&iwr, 0, sizeof(iwr));
345 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
346 iwr.u.ap_addr.sa_family = ARPHRD_ETHER;
348 os_memcpy(iwr.u.ap_addr.sa_data, bssid, ETH_ALEN);
350 os_memset(iwr.u.ap_addr.sa_data, 0, ETH_ALEN);
352 if (ioctl(drv->ioctl_sock, SIOCSIWAP, &iwr) < 0) {
353 perror("ioctl[SIOCSIWAP]");
359 #endif /* WEXT_COMPAT */
362 static int wpa_driver_nl80211_get_ssid(void *priv, u8 *ssid)
364 struct wpa_driver_nl80211_data *drv = priv;
366 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME)) {
370 os_memset(&iwr, 0, sizeof(iwr));
371 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
372 iwr.u.essid.pointer = (caddr_t) ssid;
373 iwr.u.essid.length = 32;
375 if (ioctl(drv->ioctl_sock, SIOCGIWESSID, &iwr) < 0) {
376 perror("ioctl[SIOCGIWESSID]");
379 ret = iwr.u.essid.length;
383 * Some drivers include nul termination in the SSID, so
384 * let's remove it here before further processing.
385 * WE-21 changes this to explicitly require the length
386 * _not_ to include nul termination.
388 if (ret > 0 && ssid[ret - 1] == '\0' &&
389 drv->we_version_compiled < 21)
395 #endif /* WEXT_COMPAT */
396 if (!drv->associated)
398 os_memcpy(ssid, drv->ssid, drv->ssid_len);
399 return drv->ssid_len;
404 static int wpa_driver_nl80211_set_ssid(void *priv, const u8 *ssid,
407 struct wpa_driver_nl80211_data *drv = priv;
415 os_memset(&iwr, 0, sizeof(iwr));
416 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
417 /* flags: 1 = ESSID is active, 0 = not (promiscuous) */
418 iwr.u.essid.flags = (ssid_len != 0);
419 os_memset(buf, 0, sizeof(buf));
420 os_memcpy(buf, ssid, ssid_len);
421 iwr.u.essid.pointer = (caddr_t) buf;
422 if (drv->we_version_compiled < 21) {
423 /* For historic reasons, set SSID length to include one extra
424 * character, C string nul termination, even though SSID is
425 * really an octet string that should not be presented as a C
426 * string. Some Linux drivers decrement the length by one and
427 * can thus end up missing the last octet of the SSID if the
428 * length is not incremented here. WE-21 changes this to
429 * explicitly require the length _not_ to include nul
434 iwr.u.essid.length = ssid_len;
436 if (ioctl(drv->ioctl_sock, SIOCSIWESSID, &iwr) < 0) {
437 perror("ioctl[SIOCSIWESSID]");
445 static int wpa_driver_nl80211_set_freq(void *priv, int freq)
447 struct wpa_driver_nl80211_data *drv = priv;
451 os_memset(&iwr, 0, sizeof(iwr));
452 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
453 iwr.u.freq.m = freq * 100000;
456 if (ioctl(drv->ioctl_sock, SIOCSIWFREQ, &iwr) < 0) {
457 perror("ioctl[SIOCSIWFREQ]");
466 wpa_driver_nl80211_event_wireless_custom(void *ctx, char *custom)
468 union wpa_event_data data;
470 wpa_printf(MSG_MSGDUMP, "WEXT: Custom wireless event: '%s'",
473 os_memset(&data, 0, sizeof(data));
475 if (os_strncmp(custom, "MLME-MICHAELMICFAILURE.indication", 33) == 0) {
476 data.michael_mic_failure.unicast =
477 os_strstr(custom, " unicast ") != NULL;
478 /* TODO: parse parameters(?) */
479 wpa_supplicant_event(ctx, EVENT_MICHAEL_MIC_FAILURE, &data);
480 } else if (os_strncmp(custom, "ASSOCINFO(ReqIEs=", 17) == 0) {
486 bytes = strspn(spos, "0123456789abcdefABCDEF");
487 if (!bytes || (bytes & 1))
491 data.assoc_info.req_ies = os_malloc(bytes);
492 if (data.assoc_info.req_ies == NULL)
495 data.assoc_info.req_ies_len = bytes;
496 hexstr2bin(spos, data.assoc_info.req_ies, bytes);
500 data.assoc_info.resp_ies = NULL;
501 data.assoc_info.resp_ies_len = 0;
503 if (os_strncmp(spos, " RespIEs=", 9) == 0) {
506 bytes = strspn(spos, "0123456789abcdefABCDEF");
507 if (!bytes || (bytes & 1))
511 data.assoc_info.resp_ies = os_malloc(bytes);
512 if (data.assoc_info.resp_ies == NULL)
515 data.assoc_info.resp_ies_len = bytes;
516 hexstr2bin(spos, data.assoc_info.resp_ies, bytes);
519 wpa_supplicant_event(ctx, EVENT_ASSOCINFO, &data);
522 os_free(data.assoc_info.resp_ies);
523 os_free(data.assoc_info.req_ies);
524 #ifdef CONFIG_PEERKEY
525 } else if (os_strncmp(custom, "STKSTART.request=", 17) == 0) {
526 if (hwaddr_aton(custom + 17, data.stkstart.peer)) {
527 wpa_printf(MSG_DEBUG, "WEXT: unrecognized "
528 "STKSTART.request '%s'", custom + 17);
531 wpa_supplicant_event(ctx, EVENT_STKSTART, &data);
532 #endif /* CONFIG_PEERKEY */
535 #endif /* WEXT_COMPAT */
538 static int wpa_driver_nl80211_event_wireless_michaelmicfailure(
539 void *ctx, const char *ev, size_t len)
541 const struct iw_michaelmicfailure *mic;
542 union wpa_event_data data;
544 if (len < sizeof(*mic))
547 mic = (const struct iw_michaelmicfailure *) ev;
549 wpa_printf(MSG_DEBUG, "Michael MIC failure wireless event: "
550 "flags=0x%x src_addr=" MACSTR, mic->flags,
551 MAC2STR(mic->src_addr.sa_data));
553 os_memset(&data, 0, sizeof(data));
554 data.michael_mic_failure.unicast = !(mic->flags & IW_MICFAILURE_GROUP);
555 wpa_supplicant_event(ctx, EVENT_MICHAEL_MIC_FAILURE, &data);
562 static int wpa_driver_nl80211_event_wireless_pmkidcand(
563 struct wpa_driver_nl80211_data *drv, const char *ev, size_t len)
565 const struct iw_pmkid_cand *cand;
566 union wpa_event_data data;
569 if (len < sizeof(*cand))
572 cand = (const struct iw_pmkid_cand *) ev;
573 addr = (const u8 *) cand->bssid.sa_data;
575 wpa_printf(MSG_DEBUG, "PMKID candidate wireless event: "
576 "flags=0x%x index=%d bssid=" MACSTR, cand->flags,
577 cand->index, MAC2STR(addr));
579 os_memset(&data, 0, sizeof(data));
580 os_memcpy(data.pmkid_candidate.bssid, addr, ETH_ALEN);
581 data.pmkid_candidate.index = cand->index;
582 data.pmkid_candidate.preauth = cand->flags & IW_PMKID_CAND_PREAUTH;
583 wpa_supplicant_event(drv->ctx, EVENT_PMKID_CANDIDATE, &data);
589 static int wpa_driver_nl80211_event_wireless_assocreqie(
590 struct wpa_driver_nl80211_data *drv, const char *ev, int len)
595 wpa_hexdump(MSG_DEBUG, "AssocReq IE wireless event", (const u8 *) ev,
597 os_free(drv->assoc_req_ies);
598 drv->assoc_req_ies = os_malloc(len);
599 if (drv->assoc_req_ies == NULL) {
600 drv->assoc_req_ies_len = 0;
603 os_memcpy(drv->assoc_req_ies, ev, len);
604 drv->assoc_req_ies_len = len;
610 static int wpa_driver_nl80211_event_wireless_assocrespie(
611 struct wpa_driver_nl80211_data *drv, const char *ev, int len)
616 wpa_hexdump(MSG_DEBUG, "AssocResp IE wireless event", (const u8 *) ev,
618 os_free(drv->assoc_resp_ies);
619 drv->assoc_resp_ies = os_malloc(len);
620 if (drv->assoc_resp_ies == NULL) {
621 drv->assoc_resp_ies_len = 0;
624 os_memcpy(drv->assoc_resp_ies, ev, len);
625 drv->assoc_resp_ies_len = len;
631 static void wpa_driver_nl80211_event_assoc_ies(struct wpa_driver_nl80211_data *drv)
633 union wpa_event_data data;
635 if (drv->assoc_req_ies == NULL && drv->assoc_resp_ies == NULL)
638 os_memset(&data, 0, sizeof(data));
639 if (drv->assoc_req_ies) {
640 data.assoc_info.req_ies = drv->assoc_req_ies;
641 drv->assoc_req_ies = NULL;
642 data.assoc_info.req_ies_len = drv->assoc_req_ies_len;
644 if (drv->assoc_resp_ies) {
645 data.assoc_info.resp_ies = drv->assoc_resp_ies;
646 drv->assoc_resp_ies = NULL;
647 data.assoc_info.resp_ies_len = drv->assoc_resp_ies_len;
650 wpa_supplicant_event(drv->ctx, EVENT_ASSOCINFO, &data);
652 os_free(data.assoc_info.req_ies);
653 os_free(data.assoc_info.resp_ies);
655 #endif /* WEXT_COMPAT */
658 static void wpa_driver_nl80211_event_wireless(struct wpa_driver_nl80211_data *drv,
659 void *ctx, char *data, int len)
661 struct iw_event iwe_buf, *iwe = &iwe_buf;
662 char *pos, *end, *custom;
665 #endif /* WEXT_COMPAT */
670 while (pos + IW_EV_LCP_LEN <= end) {
671 /* Event data may be unaligned, so make a local, aligned copy
672 * before processing. */
673 os_memcpy(&iwe_buf, pos, IW_EV_LCP_LEN);
674 wpa_printf(MSG_DEBUG, "Wireless event: cmd=0x%x len=%d",
676 if (iwe->len <= IW_EV_LCP_LEN)
679 custom = pos + IW_EV_POINT_LEN;
680 if (drv->we_version_compiled > 18 &&
681 (iwe->cmd == IWEVMICHAELMICFAILURE ||
682 iwe->cmd == IWEVCUSTOM ||
683 iwe->cmd == IWEVASSOCREQIE ||
684 iwe->cmd == IWEVASSOCRESPIE ||
685 iwe->cmd == IWEVPMKIDCAND)) {
686 /* WE-19 removed the pointer from struct iw_point */
687 char *dpos = (char *) &iwe_buf.u.data.length;
688 int dlen = dpos - (char *) &iwe_buf;
689 os_memcpy(dpos, pos + IW_EV_LCP_LEN,
690 sizeof(struct iw_event) - dlen);
692 os_memcpy(&iwe_buf, pos, sizeof(struct iw_event));
693 custom += IW_EV_POINT_OFF;
699 if (drv->capa.flags & WPA_DRIVER_FLAGS_SME)
701 wpa_printf(MSG_DEBUG, "Wireless event: new AP: "
703 MAC2STR((u8 *) iwe->u.ap_addr.sa_data));
704 if (is_zero_ether_addr(
705 (const u8 *) iwe->u.ap_addr.sa_data) ||
706 os_memcmp(iwe->u.ap_addr.sa_data,
707 "\x44\x44\x44\x44\x44\x44", ETH_ALEN) ==
709 os_free(drv->assoc_req_ies);
710 drv->assoc_req_ies = NULL;
711 os_free(drv->assoc_resp_ies);
712 drv->assoc_resp_ies = NULL;
713 wpa_supplicant_event(ctx, EVENT_DISASSOC,
717 wpa_driver_nl80211_event_assoc_ies(drv);
718 wpa_supplicant_event(ctx, EVENT_ASSOC, NULL);
721 #endif /* WEXT_COMPAT */
722 case IWEVMICHAELMICFAILURE:
723 wpa_driver_nl80211_event_wireless_michaelmicfailure(
724 ctx, custom, iwe->u.data.length);
728 if (drv->capa.flags & WPA_DRIVER_FLAGS_SME)
730 if (custom + iwe->u.data.length > end)
732 buf = os_malloc(iwe->u.data.length + 1);
735 os_memcpy(buf, custom, iwe->u.data.length);
736 buf[iwe->u.data.length] = '\0';
737 wpa_driver_nl80211_event_wireless_custom(ctx, buf);
741 if (drv->capa.flags & WPA_DRIVER_FLAGS_SME)
743 wpa_driver_nl80211_event_wireless_assocreqie(
744 drv, custom, iwe->u.data.length);
746 case IWEVASSOCRESPIE:
747 if (drv->capa.flags & WPA_DRIVER_FLAGS_SME)
749 wpa_driver_nl80211_event_wireless_assocrespie(
750 drv, custom, iwe->u.data.length);
753 wpa_driver_nl80211_event_wireless_pmkidcand(
754 drv, custom, iwe->u.data.length);
756 #endif /* WEXT_COMPAT */
764 static void wpa_driver_nl80211_event_link(struct wpa_driver_nl80211_data *drv,
765 void *ctx, char *buf, size_t len,
768 union wpa_event_data event;
770 os_memset(&event, 0, sizeof(event));
771 if (len > sizeof(event.interface_status.ifname))
772 len = sizeof(event.interface_status.ifname) - 1;
773 os_memcpy(event.interface_status.ifname, buf, len);
774 event.interface_status.ievent = del ? EVENT_INTERFACE_REMOVED :
775 EVENT_INTERFACE_ADDED;
777 wpa_printf(MSG_DEBUG, "RTM_%sLINK, IFLA_IFNAME: Interface '%s' %s",
779 event.interface_status.ifname,
780 del ? "removed" : "added");
782 if (os_strcmp(drv->ifname, event.interface_status.ifname) == 0) {
789 wpa_supplicant_event(ctx, EVENT_INTERFACE_STATUS, &event);
793 static int wpa_driver_nl80211_own_ifname(struct wpa_driver_nl80211_data *drv,
796 struct ifinfomsg *ifi;
797 int attrlen, _nlmsg_len, rta_len;
802 _nlmsg_len = NLMSG_ALIGN(sizeof(struct ifinfomsg));
804 attrlen = h->nlmsg_len - _nlmsg_len;
808 attr = (struct rtattr *) (((char *) ifi) + _nlmsg_len);
810 rta_len = RTA_ALIGN(sizeof(struct rtattr));
811 while (RTA_OK(attr, attrlen)) {
812 if (attr->rta_type == IFLA_IFNAME) {
813 if (os_strcmp(((char *) attr) + rta_len, drv->ifname)
819 attr = RTA_NEXT(attr, attrlen);
826 static int wpa_driver_nl80211_own_ifindex(struct wpa_driver_nl80211_data *drv,
827 int ifindex, struct nlmsghdr *h)
829 if (drv->ifindex == ifindex)
832 if (drv->if_removed && wpa_driver_nl80211_own_ifname(drv, h)) {
833 drv->ifindex = if_nametoindex(drv->ifname);
834 wpa_printf(MSG_DEBUG, "nl80211: Update ifindex for a removed "
836 wpa_driver_nl80211_finish_drv_init(drv);
844 static void wpa_driver_nl80211_event_rtm_newlink(struct wpa_driver_nl80211_data *drv,
845 void *ctx, struct nlmsghdr *h,
848 struct ifinfomsg *ifi;
849 int attrlen, _nlmsg_len, rta_len;
850 struct rtattr * attr;
852 if (len < sizeof(*ifi))
857 if (!wpa_driver_nl80211_own_ifindex(drv, ifi->ifi_index, h)) {
858 wpa_printf(MSG_DEBUG, "Ignore event for foreign ifindex %d",
863 wpa_printf(MSG_DEBUG, "RTM_NEWLINK: operstate=%d ifi_flags=0x%x "
865 drv->operstate, ifi->ifi_flags,
866 (ifi->ifi_flags & IFF_UP) ? "[UP]" : "",
867 (ifi->ifi_flags & IFF_RUNNING) ? "[RUNNING]" : "",
868 (ifi->ifi_flags & IFF_LOWER_UP) ? "[LOWER_UP]" : "",
869 (ifi->ifi_flags & IFF_DORMANT) ? "[DORMANT]" : "");
871 * Some drivers send the association event before the operup event--in
872 * this case, lifting operstate in wpa_driver_nl80211_set_operstate()
873 * fails. This will hit us when wpa_supplicant does not need to do
874 * IEEE 802.1X authentication
876 if (drv->operstate == 1 &&
877 (ifi->ifi_flags & (IFF_LOWER_UP | IFF_DORMANT)) == IFF_LOWER_UP &&
878 !(ifi->ifi_flags & IFF_RUNNING))
879 wpa_driver_nl80211_send_oper_ifla(drv, -1, IF_OPER_UP);
881 _nlmsg_len = NLMSG_ALIGN(sizeof(struct ifinfomsg));
883 attrlen = h->nlmsg_len - _nlmsg_len;
887 attr = (struct rtattr *) (((char *) ifi) + _nlmsg_len);
889 rta_len = RTA_ALIGN(sizeof(struct rtattr));
890 while (RTA_OK(attr, attrlen)) {
891 if (attr->rta_type == IFLA_WIRELESS) {
892 wpa_driver_nl80211_event_wireless(
893 drv, ctx, ((char *) attr) + rta_len,
894 attr->rta_len - rta_len);
895 } else if (attr->rta_type == IFLA_IFNAME) {
896 wpa_driver_nl80211_event_link(
898 ((char *) attr) + rta_len,
899 attr->rta_len - rta_len, 0);
901 attr = RTA_NEXT(attr, attrlen);
906 static void wpa_driver_nl80211_event_rtm_dellink(struct wpa_driver_nl80211_data *drv,
907 void *ctx, struct nlmsghdr *h,
910 struct ifinfomsg *ifi;
911 int attrlen, _nlmsg_len, rta_len;
912 struct rtattr * attr;
914 if (len < sizeof(*ifi))
919 _nlmsg_len = NLMSG_ALIGN(sizeof(struct ifinfomsg));
921 attrlen = h->nlmsg_len - _nlmsg_len;
925 attr = (struct rtattr *) (((char *) ifi) + _nlmsg_len);
927 rta_len = RTA_ALIGN(sizeof(struct rtattr));
928 while (RTA_OK(attr, attrlen)) {
929 if (attr->rta_type == IFLA_IFNAME) {
930 wpa_driver_nl80211_event_link(
932 ((char *) attr) + rta_len,
933 attr->rta_len - rta_len, 1);
935 attr = RTA_NEXT(attr, attrlen);
940 static void wpa_driver_nl80211_event_receive_wext(int sock, void *eloop_ctx,
945 struct sockaddr_nl from;
951 fromlen = sizeof(from);
952 left = recvfrom(sock, buf, sizeof(buf), MSG_DONTWAIT,
953 (struct sockaddr *) &from, &fromlen);
955 if (errno != EINTR && errno != EAGAIN)
956 perror("recvfrom(netlink)");
960 h = (struct nlmsghdr *) buf;
961 while (left >= (int) sizeof(*h)) {
965 plen = len - sizeof(*h);
966 if (len > left || plen < 0) {
967 wpa_printf(MSG_DEBUG, "Malformed netlink message: "
968 "len=%d left=%d plen=%d",
973 switch (h->nlmsg_type) {
975 wpa_driver_nl80211_event_rtm_newlink(eloop_ctx, sock_ctx,
979 wpa_driver_nl80211_event_rtm_dellink(eloop_ctx, sock_ctx,
984 len = NLMSG_ALIGN(len);
986 h = (struct nlmsghdr *) ((char *) h + len);
990 wpa_printf(MSG_DEBUG, "%d extra bytes in the end of netlink "
994 if (--max_events > 0) {
996 * Try to receive all events in one eloop call in order to
997 * limit race condition on cases where AssocInfo event, Assoc
998 * event, and EAPOL frames are received more or less at the
999 * same time. We want to process the event messages first
1000 * before starting EAPOL processing.
1007 static int no_seq_check(struct nl_msg *msg, void *arg)
1013 static void mlme_event_auth(struct wpa_driver_nl80211_data *drv,
1014 const u8 *frame, size_t len)
1016 const struct ieee80211_mgmt *mgmt;
1017 union wpa_event_data event;
1019 mgmt = (const struct ieee80211_mgmt *) frame;
1020 if (len < 24 + sizeof(mgmt->u.auth)) {
1021 wpa_printf(MSG_DEBUG, "nl80211: Too short association event "
1026 os_memset(&event, 0, sizeof(event));
1027 os_memcpy(event.auth.peer, mgmt->sa, ETH_ALEN);
1028 event.auth.auth_type = le_to_host16(mgmt->u.auth.auth_alg);
1029 event.auth.status_code = le_to_host16(mgmt->u.auth.status_code);
1030 if (len > 24 + sizeof(mgmt->u.auth)) {
1031 event.auth.ies = mgmt->u.auth.variable;
1032 event.auth.ies_len = len - 24 - sizeof(mgmt->u.auth);
1035 wpa_supplicant_event(drv->ctx, EVENT_AUTH, &event);
1039 static void mlme_event_assoc(struct wpa_driver_nl80211_data *drv,
1040 const u8 *frame, size_t len)
1042 const struct ieee80211_mgmt *mgmt;
1043 union wpa_event_data event;
1046 mgmt = (const struct ieee80211_mgmt *) frame;
1047 if (len < 24 + sizeof(mgmt->u.assoc_resp)) {
1048 wpa_printf(MSG_DEBUG, "nl80211: Too short association event "
1053 status = le_to_host16(mgmt->u.assoc_resp.status_code);
1054 if (status != WLAN_STATUS_SUCCESS) {
1055 wpa_printf(MSG_DEBUG, "nl80211: Association failed: status "
1057 /* TODO: notify SME so that things like SA Query and comeback
1058 * time can be implemented */
1062 drv->associated = 1;
1063 os_memcpy(drv->bssid, mgmt->sa, ETH_ALEN);
1065 os_memset(&event, 0, sizeof(event));
1066 if (len > 24 + sizeof(mgmt->u.assoc_resp)) {
1067 event.assoc_info.resp_ies = (u8 *) mgmt->u.assoc_resp.variable;
1068 event.assoc_info.resp_ies_len =
1069 len - 24 - sizeof(mgmt->u.assoc_req);
1072 wpa_supplicant_event(drv->ctx, EVENT_ASSOC, &event);
1076 static void mlme_event(struct wpa_driver_nl80211_data *drv,
1077 enum nl80211_commands cmd, struct nlattr *frame)
1079 if (frame == NULL) {
1080 wpa_printf(MSG_DEBUG, "nl80211: MLME event %d without frame "
1085 wpa_printf(MSG_DEBUG, "nl80211: MLME event %d", cmd);
1086 wpa_hexdump(MSG_MSGDUMP, "nl80211: MLME event frame",
1087 nla_data(frame), nla_len(frame));
1090 case NL80211_CMD_AUTHENTICATE:
1091 mlme_event_auth(drv, nla_data(frame), nla_len(frame));
1093 case NL80211_CMD_ASSOCIATE:
1094 mlme_event_assoc(drv, nla_data(frame), nla_len(frame));
1096 case NL80211_CMD_DEAUTHENTICATE:
1097 drv->associated = 0;
1098 wpa_supplicant_event(drv->ctx, EVENT_DEAUTH, NULL);
1100 case NL80211_CMD_DISASSOCIATE:
1101 drv->associated = 0;
1102 wpa_supplicant_event(drv->ctx, EVENT_DISASSOC, NULL);
1110 static int process_event(struct nl_msg *msg, void *arg)
1112 struct wpa_driver_nl80211_data *drv = arg;
1113 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
1114 struct nlattr *tb[NL80211_ATTR_MAX + 1];
1116 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
1117 genlmsg_attrlen(gnlh, 0), NULL);
1119 if (tb[NL80211_ATTR_IFINDEX]) {
1120 int ifindex = nla_get_u32(tb[NL80211_ATTR_IFINDEX]);
1121 if (ifindex != drv->ifindex) {
1122 wpa_printf(MSG_DEBUG, "nl80211: Ignored event (cmd=%d)"
1123 " for foreign interface (ifindex %d)",
1124 gnlh->cmd, ifindex);
1129 switch (gnlh->cmd) {
1130 case NL80211_CMD_NEW_SCAN_RESULTS:
1131 wpa_printf(MSG_DEBUG, "nl80211: New scan results available");
1132 drv->scan_complete_events = 1;
1133 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv,
1135 wpa_supplicant_event(drv->ctx, EVENT_SCAN_RESULTS, NULL);
1137 case NL80211_CMD_SCAN_ABORTED:
1138 wpa_printf(MSG_DEBUG, "nl80211: Scan aborted");
1140 * Need to indicate that scan results are available in order
1141 * not to make wpa_supplicant stop its scanning.
1143 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv,
1145 wpa_supplicant_event(drv->ctx, EVENT_SCAN_RESULTS, NULL);
1147 case NL80211_CMD_AUTHENTICATE:
1148 case NL80211_CMD_ASSOCIATE:
1149 case NL80211_CMD_DEAUTHENTICATE:
1150 case NL80211_CMD_DISASSOCIATE:
1151 mlme_event(drv, gnlh->cmd, tb[NL80211_ATTR_FRAME]);
1154 wpa_printf(MSG_DEBUG, "nl80211: Ignored unknown event "
1155 "(cmd=%d)", gnlh->cmd);
1163 static void wpa_driver_nl80211_event_receive(int sock, void *eloop_ctx,
1167 struct wpa_driver_nl80211_data *drv = eloop_ctx;
1169 wpa_printf(MSG_DEBUG, "nl80211: Event message available");
1171 cb = nl_cb_clone(drv->nl_cb);
1174 nl_cb_set(cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM, no_seq_check, NULL);
1175 nl_cb_set(cb, NL_CB_VALID, NL_CB_CUSTOM, process_event, drv);
1176 nl_recvmsgs(drv->nl_handle, cb);
1181 static int wpa_driver_nl80211_get_ifflags_ifname(struct wpa_driver_nl80211_data *drv,
1182 const char *ifname, int *flags)
1186 os_memset(&ifr, 0, sizeof(ifr));
1187 os_strlcpy(ifr.ifr_name, ifname, IFNAMSIZ);
1188 if (ioctl(drv->ioctl_sock, SIOCGIFFLAGS, (caddr_t) &ifr) < 0) {
1189 perror("ioctl[SIOCGIFFLAGS]");
1192 *flags = ifr.ifr_flags & 0xffff;
1198 * wpa_driver_nl80211_get_ifflags - Get interface flags (SIOCGIFFLAGS)
1199 * @drv: driver_nl80211 private data
1200 * @flags: Pointer to returned flags value
1201 * Returns: 0 on success, -1 on failure
1203 static int wpa_driver_nl80211_get_ifflags(struct wpa_driver_nl80211_data *drv,
1206 return wpa_driver_nl80211_get_ifflags_ifname(drv, drv->ifname, flags);
1210 static int wpa_driver_nl80211_set_ifflags_ifname(
1211 struct wpa_driver_nl80211_data *drv,
1212 const char *ifname, int flags)
1216 os_memset(&ifr, 0, sizeof(ifr));
1217 os_strlcpy(ifr.ifr_name, ifname, IFNAMSIZ);
1218 ifr.ifr_flags = flags & 0xffff;
1219 if (ioctl(drv->ioctl_sock, SIOCSIFFLAGS, (caddr_t) &ifr) < 0) {
1220 perror("SIOCSIFFLAGS");
1228 * wpa_driver_nl80211_set_ifflags - Set interface flags (SIOCSIFFLAGS)
1229 * @drv: driver_nl80211 private data
1230 * @flags: New value for flags
1231 * Returns: 0 on success, -1 on failure
1233 static int wpa_driver_nl80211_set_ifflags(struct wpa_driver_nl80211_data *drv,
1236 return wpa_driver_nl80211_set_ifflags_ifname(drv, drv->ifname, flags);
1241 * wpa_driver_nl80211_set_country - ask nl80211 to set the regulatory domain
1242 * @priv: driver_nl80211 private data
1243 * @alpha2_arg: country to which to switch to
1244 * Returns: 0 on success, -1 on failure
1246 * This asks nl80211 to set the regulatory domain for given
1247 * country ISO / IEC alpha2.
1249 static int wpa_driver_nl80211_set_country(void *priv, const char *alpha2_arg)
1251 struct wpa_driver_nl80211_data *drv = priv;
1255 msg = nlmsg_alloc();
1257 goto nla_put_failure;
1259 alpha2[0] = alpha2_arg[0];
1260 alpha2[1] = alpha2_arg[1];
1263 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
1264 0, NL80211_CMD_REQ_SET_REG, 0);
1266 NLA_PUT_STRING(msg, NL80211_ATTR_REG_ALPHA2, alpha2);
1267 if (send_and_recv_msgs(drv, msg, NULL, NULL))
1275 struct wiphy_info_data {
1281 static int wiphy_info_handler(struct nl_msg *msg, void *arg)
1283 struct nlattr *tb[NL80211_ATTR_MAX + 1];
1284 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
1285 struct wiphy_info_data *info = arg;
1287 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
1288 genlmsg_attrlen(gnlh, 0), NULL);
1290 if (tb[NL80211_ATTR_MAX_NUM_SCAN_SSIDS])
1291 info->max_scan_ssids =
1292 nla_get_u8(tb[NL80211_ATTR_MAX_NUM_SCAN_SSIDS]);
1294 if (tb[NL80211_ATTR_SUPPORTED_IFTYPES]) {
1295 struct nlattr *nl_mode;
1297 nla_for_each_nested(nl_mode,
1298 tb[NL80211_ATTR_SUPPORTED_IFTYPES], i) {
1299 if (nl_mode->nla_type == NL80211_IFTYPE_AP) {
1300 info->ap_supported = 1;
1310 static int wpa_driver_nl80211_get_info(struct wpa_driver_nl80211_data *drv,
1311 struct wiphy_info_data *info)
1315 os_memset(info, 0, sizeof(*info));
1316 msg = nlmsg_alloc();
1320 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
1321 0, NL80211_CMD_GET_WIPHY, 0);
1323 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
1325 if (send_and_recv_msgs(drv, msg, wiphy_info_handler, info) == 0)
1334 static void wpa_driver_nl80211_capa(struct wpa_driver_nl80211_data *drv)
1336 struct wiphy_info_data info;
1337 if (wpa_driver_nl80211_get_info(drv, &info))
1339 drv->has_capability = 1;
1340 drv->capa.max_scan_ssids = info.max_scan_ssids;
1341 if (info.ap_supported)
1342 drv->capa.flags |= WPA_DRIVER_FLAGS_AP;
1347 * wpa_driver_nl80211_init - Initialize nl80211 driver interface
1348 * @ctx: context to be used when calling wpa_supplicant functions,
1349 * e.g., wpa_supplicant_event()
1350 * @ifname: interface name, e.g., wlan0
1351 * Returns: Pointer to private data, %NULL on failure
1353 static void * wpa_driver_nl80211_init(void *ctx, const char *ifname)
1356 struct sockaddr_nl local;
1357 struct wpa_driver_nl80211_data *drv;
1359 drv = os_zalloc(sizeof(*drv));
1363 os_strlcpy(drv->ifname, ifname, sizeof(drv->ifname));
1365 drv->nl_cb = nl_cb_alloc(NL_CB_DEFAULT);
1366 if (drv->nl_cb == NULL) {
1367 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate netlink "
1372 drv->nl_handle = nl_handle_alloc_cb(drv->nl_cb);
1373 if (drv->nl_handle == NULL) {
1374 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate netlink "
1379 if (genl_connect(drv->nl_handle)) {
1380 wpa_printf(MSG_ERROR, "nl80211: Failed to connect to generic "
1385 drv->nl_cache = genl_ctrl_alloc_cache(drv->nl_handle);
1386 if (drv->nl_cache == NULL) {
1387 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate generic "
1392 drv->nl80211 = genl_ctrl_search_by_name(drv->nl_cache, "nl80211");
1393 if (drv->nl80211 == NULL) {
1394 wpa_printf(MSG_ERROR, "nl80211: 'nl80211' generic netlink not "
1399 ret = nl_get_multicast_id(drv, "nl80211", "scan");
1401 ret = nl_socket_add_membership(drv->nl_handle, ret);
1403 wpa_printf(MSG_ERROR, "nl80211: Could not add multicast "
1404 "membership for scan events: %d (%s)",
1405 ret, strerror(-ret));
1409 ret = nl_get_multicast_id(drv, "nl80211", "mlme");
1411 ret = nl_socket_add_membership(drv->nl_handle, ret);
1414 wpa_printf(MSG_DEBUG, "nl80211: Could not add multicast "
1415 "membership for mlme events: %d (%s)",
1416 ret, strerror(-ret));
1417 /* Use WEXT for association request */
1419 drv->capa.flags |= WPA_DRIVER_FLAGS_SME;
1420 #else /* WEXT_COMPAT */
1422 wpa_printf(MSG_ERROR, "nl80211: Could not add multicast "
1423 "membership for mlme events: %d (%s)",
1424 ret, strerror(-ret));
1427 drv->capa.flags |= WPA_DRIVER_FLAGS_SME;
1428 #endif /* WEXT_COMPAT */
1430 eloop_register_read_sock(nl_socket_get_fd(drv->nl_handle),
1431 wpa_driver_nl80211_event_receive, drv, ctx);
1433 drv->ioctl_sock = socket(PF_INET, SOCK_DGRAM, 0);
1434 if (drv->ioctl_sock < 0) {
1435 perror("socket(PF_INET,SOCK_DGRAM)");
1439 s = socket(PF_NETLINK, SOCK_RAW, NETLINK_ROUTE);
1441 perror("socket(PF_NETLINK,SOCK_RAW,NETLINK_ROUTE)");
1445 os_memset(&local, 0, sizeof(local));
1446 local.nl_family = AF_NETLINK;
1447 local.nl_groups = RTMGRP_LINK;
1448 if (bind(s, (struct sockaddr *) &local, sizeof(local)) < 0) {
1449 perror("bind(netlink)");
1454 eloop_register_read_sock(s, wpa_driver_nl80211_event_receive_wext, drv,
1456 drv->wext_event_sock = s;
1458 if (wpa_driver_nl80211_finish_drv_init(drv))
1464 eloop_unregister_read_sock(drv->wext_event_sock);
1465 close(drv->wext_event_sock);
1467 close(drv->ioctl_sock);
1469 genl_family_put(drv->nl80211);
1471 nl_cache_free(drv->nl_cache);
1473 nl_handle_destroy(drv->nl_handle);
1475 nl_cb_put(drv->nl_cb);
1483 wpa_driver_nl80211_finish_drv_init(struct wpa_driver_nl80211_data *drv)
1487 drv->ifindex = if_nametoindex(drv->ifname);
1489 if (wpa_driver_nl80211_set_mode(drv, 0) < 0) {
1490 wpa_printf(MSG_DEBUG, "nl80211: Could not configure driver to "
1491 "use managed mode");
1494 if (wpa_driver_nl80211_get_ifflags(drv, &flags) != 0) {
1495 wpa_printf(MSG_ERROR, "Could not get interface '%s' flags",
1499 if (!(flags & IFF_UP)) {
1500 if (wpa_driver_nl80211_set_ifflags(drv, flags | IFF_UP) != 0) {
1501 wpa_printf(MSG_ERROR, "Could not set interface '%s' "
1509 * Make sure that the driver does not have any obsolete PMKID entries.
1511 wpa_driver_nl80211_flush_pmkid(drv);
1512 #endif /* WEXT_COMPAT */
1514 wpa_driver_nl80211_get_range(drv);
1516 wpa_driver_nl80211_capa(drv);
1518 wpa_driver_nl80211_send_oper_ifla(drv, 1, IF_OPER_DORMANT);
1525 * wpa_driver_nl80211_deinit - Deinitialize nl80211 driver interface
1526 * @priv: Pointer to private nl80211 data from wpa_driver_nl80211_init()
1528 * Shut down driver interface and processing of driver events. Free
1529 * private data buffer if one was allocated in wpa_driver_nl80211_init().
1531 static void wpa_driver_nl80211_deinit(void *priv)
1533 struct wpa_driver_nl80211_data *drv = priv;
1536 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv, drv->ctx);
1540 * Clear possibly configured driver parameters in order to make it
1541 * easier to use the driver after wpa_supplicant has been terminated.
1543 (void) wpa_driver_nl80211_set_bssid(drv,
1544 (u8 *) "\x00\x00\x00\x00\x00\x00");
1545 #endif /* WEXT_COMPAT */
1546 wpa_driver_nl80211_set_auth_param(drv, IW_AUTH_DROP_UNENCRYPTED, 0);
1548 wpa_driver_nl80211_send_oper_ifla(priv, 0, IF_OPER_UP);
1550 eloop_unregister_read_sock(drv->wext_event_sock);
1552 if (wpa_driver_nl80211_get_ifflags(drv, &flags) == 0)
1553 (void) wpa_driver_nl80211_set_ifflags(drv, flags & ~IFF_UP);
1554 wpa_driver_nl80211_set_mode(drv, 0);
1556 close(drv->wext_event_sock);
1557 close(drv->ioctl_sock);
1559 os_free(drv->assoc_req_ies);
1560 os_free(drv->assoc_resp_ies);
1561 #endif /* WEXT_COMPAT */
1563 eloop_unregister_read_sock(nl_socket_get_fd(drv->nl_handle));
1564 genl_family_put(drv->nl80211);
1565 nl_cache_free(drv->nl_cache);
1566 nl_handle_destroy(drv->nl_handle);
1567 nl_cb_put(drv->nl_cb);
1574 * wpa_driver_nl80211_scan_timeout - Scan timeout to report scan completion
1575 * @eloop_ctx: Unused
1576 * @timeout_ctx: ctx argument given to wpa_driver_nl80211_init()
1578 * This function can be used as registered timeout when starting a scan to
1579 * generate a scan completed event if the driver does not report this.
1581 static void wpa_driver_nl80211_scan_timeout(void *eloop_ctx, void *timeout_ctx)
1583 wpa_printf(MSG_DEBUG, "Scan timeout - try to get results");
1584 wpa_supplicant_event(timeout_ctx, EVENT_SCAN_RESULTS, NULL);
1589 * wpa_driver_nl80211_scan - Request the driver to initiate scan
1590 * @priv: Pointer to private wext data from wpa_driver_nl80211_init()
1591 * @params: Scan parameters
1592 * Returns: 0 on success, -1 on failure
1594 static int wpa_driver_nl80211_scan(void *priv,
1595 struct wpa_driver_scan_params *params)
1597 struct wpa_driver_nl80211_data *drv = priv;
1598 int ret = 0, timeout;
1599 struct nl_msg *msg, *ssids, *freqs;
1602 msg = nlmsg_alloc();
1603 ssids = nlmsg_alloc();
1604 freqs = nlmsg_alloc();
1605 if (!msg || !ssids || !freqs) {
1612 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
1613 NL80211_CMD_TRIGGER_SCAN, 0);
1615 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
1617 for (i = 0; i < params->num_ssids; i++) {
1618 NLA_PUT(ssids, i + 1, params->ssids[i].ssid_len,
1619 params->ssids[i].ssid);
1621 if (params->num_ssids)
1622 nla_put_nested(msg, NL80211_ATTR_SCAN_SSIDS, ssids);
1624 if (params->extra_ies) {
1625 NLA_PUT(msg, NL80211_ATTR_IE, params->extra_ies_len,
1629 if (params->freqs) {
1630 for (i = 0; params->freqs[i]; i++)
1631 NLA_PUT_U32(freqs, i + 1, params->freqs[i]);
1632 nla_put_nested(msg, NL80211_ATTR_SCAN_FREQUENCIES, freqs);
1635 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
1638 wpa_printf(MSG_DEBUG, "nl80211: Scan trigger failed: ret=%d "
1639 "(%s)", ret, strerror(-ret));
1640 goto nla_put_failure;
1643 /* Not all drivers generate "scan completed" wireless event, so try to
1644 * read results after a timeout. */
1646 if (drv->scan_complete_events) {
1648 * The driver seems to deliver events to notify when scan is
1649 * complete, so use longer timeout to avoid race conditions
1650 * with scanning and following association request.
1654 wpa_printf(MSG_DEBUG, "Scan requested (ret=%d) - scan timeout %d "
1655 "seconds", ret, timeout);
1656 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv, drv->ctx);
1657 eloop_register_timeout(timeout, 0, wpa_driver_nl80211_scan_timeout,
1668 static int bss_info_handler(struct nl_msg *msg, void *arg)
1670 struct nlattr *tb[NL80211_ATTR_MAX + 1];
1671 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
1672 struct nlattr *bss[NL80211_BSS_MAX + 1];
1673 static struct nla_policy bss_policy[NL80211_BSS_MAX + 1] = {
1674 [NL80211_BSS_BSSID] = { .type = NLA_UNSPEC },
1675 [NL80211_BSS_FREQUENCY] = { .type = NLA_U32 },
1676 [NL80211_BSS_TSF] = { .type = NLA_U64 },
1677 [NL80211_BSS_BEACON_INTERVAL] = { .type = NLA_U16 },
1678 [NL80211_BSS_CAPABILITY] = { .type = NLA_U16 },
1679 [NL80211_BSS_INFORMATION_ELEMENTS] = { .type = NLA_UNSPEC },
1680 [NL80211_BSS_SIGNAL_MBM] = { .type = NLA_U32 },
1681 [NL80211_BSS_SIGNAL_UNSPEC] = { .type = NLA_U8 },
1683 struct wpa_scan_results *res = arg;
1684 struct wpa_scan_res **tmp;
1685 struct wpa_scan_res *r;
1689 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
1690 genlmsg_attrlen(gnlh, 0), NULL);
1691 if (!tb[NL80211_ATTR_BSS])
1693 if (nla_parse_nested(bss, NL80211_BSS_MAX, tb[NL80211_ATTR_BSS],
1696 if (bss[NL80211_BSS_INFORMATION_ELEMENTS]) {
1697 ie = nla_data(bss[NL80211_BSS_INFORMATION_ELEMENTS]);
1698 ie_len = nla_len(bss[NL80211_BSS_INFORMATION_ELEMENTS]);
1704 r = os_zalloc(sizeof(*r) + ie_len);
1707 if (bss[NL80211_BSS_BSSID])
1708 os_memcpy(r->bssid, nla_data(bss[NL80211_BSS_BSSID]),
1710 if (bss[NL80211_BSS_FREQUENCY])
1711 r->freq = nla_get_u32(bss[NL80211_BSS_FREQUENCY]);
1712 if (bss[NL80211_BSS_BEACON_INTERVAL])
1713 r->beacon_int = nla_get_u16(bss[NL80211_BSS_BEACON_INTERVAL]);
1714 if (bss[NL80211_BSS_CAPABILITY])
1715 r->caps = nla_get_u16(bss[NL80211_BSS_CAPABILITY]);
1716 r->flags |= WPA_SCAN_NOISE_INVALID;
1717 if (bss[NL80211_BSS_SIGNAL_MBM]) {
1718 r->level = nla_get_u32(bss[NL80211_BSS_SIGNAL_MBM]);
1719 r->level /= 100; /* mBm to dBm */
1720 r->flags |= WPA_SCAN_LEVEL_DBM | WPA_SCAN_QUAL_INVALID;
1721 } else if (bss[NL80211_BSS_SIGNAL_UNSPEC]) {
1722 r->level = nla_get_u8(bss[NL80211_BSS_SIGNAL_UNSPEC]);
1723 r->flags |= WPA_SCAN_LEVEL_INVALID;
1725 r->flags |= WPA_SCAN_LEVEL_INVALID | WPA_SCAN_QUAL_INVALID;
1726 if (bss[NL80211_BSS_TSF])
1727 r->tsf = nla_get_u64(bss[NL80211_BSS_TSF]);
1730 os_memcpy(r + 1, ie, ie_len);
1732 tmp = os_realloc(res->res,
1733 (res->num + 1) * sizeof(struct wpa_scan_res *));
1738 tmp[res->num++] = r;
1746 * wpa_driver_nl80211_get_scan_results - Fetch the latest scan results
1747 * @priv: Pointer to private wext data from wpa_driver_nl80211_init()
1748 * Returns: Scan results on success, -1 on failure
1750 static struct wpa_scan_results *
1751 wpa_driver_nl80211_get_scan_results(void *priv)
1753 struct wpa_driver_nl80211_data *drv = priv;
1755 struct wpa_scan_results *res;
1758 res = os_zalloc(sizeof(*res));
1761 msg = nlmsg_alloc();
1763 goto nla_put_failure;
1765 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, NLM_F_DUMP,
1766 NL80211_CMD_GET_SCAN, 0);
1767 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
1769 ret = send_and_recv_msgs(drv, msg, bss_info_handler, res);
1772 wpa_printf(MSG_DEBUG, "Received scan results (%lu BSSes)",
1773 (unsigned long) res->num);
1776 wpa_printf(MSG_DEBUG, "nl80211: Scan result fetch failed: ret=%d "
1777 "(%s)", ret, strerror(-ret));
1780 wpa_scan_results_free(res);
1785 static int wpa_driver_nl80211_get_range(void *priv)
1787 struct wpa_driver_nl80211_data *drv = priv;
1788 struct iw_range *range;
1794 * Use larger buffer than struct iw_range in order to allow the
1795 * structure to grow in the future.
1797 buflen = sizeof(struct iw_range) + 500;
1798 range = os_zalloc(buflen);
1802 os_memset(&iwr, 0, sizeof(iwr));
1803 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
1804 iwr.u.data.pointer = (caddr_t) range;
1805 iwr.u.data.length = buflen;
1807 minlen = ((char *) &range->enc_capa) - (char *) range +
1808 sizeof(range->enc_capa);
1810 if (ioctl(drv->ioctl_sock, SIOCGIWRANGE, &iwr) < 0) {
1811 perror("ioctl[SIOCGIWRANGE]");
1814 } else if (iwr.u.data.length >= minlen &&
1815 range->we_version_compiled >= 18) {
1816 wpa_printf(MSG_DEBUG, "SIOCGIWRANGE: WE(compiled)=%d "
1817 "WE(source)=%d enc_capa=0x%x",
1818 range->we_version_compiled,
1819 range->we_version_source,
1821 drv->has_capability = 1;
1822 drv->we_version_compiled = range->we_version_compiled;
1823 if (range->enc_capa & IW_ENC_CAPA_WPA) {
1824 drv->capa.key_mgmt |= WPA_DRIVER_CAPA_KEY_MGMT_WPA |
1825 WPA_DRIVER_CAPA_KEY_MGMT_WPA_PSK;
1827 if (range->enc_capa & IW_ENC_CAPA_WPA2) {
1828 drv->capa.key_mgmt |= WPA_DRIVER_CAPA_KEY_MGMT_WPA2 |
1829 WPA_DRIVER_CAPA_KEY_MGMT_WPA2_PSK;
1831 drv->capa.enc |= WPA_DRIVER_CAPA_ENC_WEP40 |
1832 WPA_DRIVER_CAPA_ENC_WEP104;
1833 if (range->enc_capa & IW_ENC_CAPA_CIPHER_TKIP)
1834 drv->capa.enc |= WPA_DRIVER_CAPA_ENC_TKIP;
1835 if (range->enc_capa & IW_ENC_CAPA_CIPHER_CCMP)
1836 drv->capa.enc |= WPA_DRIVER_CAPA_ENC_CCMP;
1837 wpa_printf(MSG_DEBUG, " capabilities: key_mgmt 0x%x enc 0x%x",
1838 drv->capa.key_mgmt, drv->capa.enc);
1840 wpa_printf(MSG_DEBUG, "SIOCGIWRANGE: too old (short) data - "
1841 "assuming WPA is not supported");
1850 static int wpa_driver_nl80211_set_wpa(void *priv, int enabled)
1852 struct wpa_driver_nl80211_data *drv = priv;
1853 if (drv->capa.flags & WPA_DRIVER_FLAGS_SME)
1855 wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
1857 return wpa_driver_nl80211_set_auth_param(drv, IW_AUTH_WPA_ENABLED,
1860 #endif /* WEXT_COMPAT */
1863 static int wpa_driver_nl80211_set_key(void *priv, wpa_alg alg,
1864 const u8 *addr, int key_idx,
1865 int set_tx, const u8 *seq,
1867 const u8 *key, size_t key_len)
1869 struct wpa_driver_nl80211_data *drv = priv;
1873 wpa_printf(MSG_DEBUG, "%s: alg=%d addr=%p key_idx=%d set_tx=%d "
1874 "seq_len=%lu key_len=%lu",
1875 __func__, alg, addr, key_idx, set_tx,
1876 (unsigned long) seq_len, (unsigned long) key_len);
1878 msg = nlmsg_alloc();
1882 if (alg == WPA_ALG_NONE) {
1883 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
1884 NL80211_CMD_DEL_KEY, 0);
1886 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
1887 NL80211_CMD_NEW_KEY, 0);
1888 NLA_PUT(msg, NL80211_ATTR_KEY_DATA, key_len, key);
1892 NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
1895 NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
1899 NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER, 0x000FAC02);
1902 NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER, 0x000FAC04);
1910 if (addr && os_memcmp(addr, "\xff\xff\xff\xff\xff\xff", ETH_ALEN) != 0)
1912 wpa_printf(MSG_DEBUG, " addr=" MACSTR, MAC2STR(addr));
1913 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
1915 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, key_idx);
1916 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
1918 err = send_and_recv_msgs(drv, msg, NULL, NULL);
1920 wpa_printf(MSG_DEBUG, "nl80211: set_key failed; err=%d", err);
1924 if (set_tx && alg != WPA_ALG_NONE) {
1925 msg = nlmsg_alloc();
1929 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
1930 0, NL80211_CMD_SET_KEY, 0);
1931 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, key_idx);
1932 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
1933 NLA_PUT_FLAG(msg, NL80211_ATTR_KEY_DEFAULT);
1935 err = send_and_recv_msgs(drv, msg, NULL, NULL);
1937 wpa_printf(MSG_DEBUG, "nl80211: set default key "
1938 "failed; err=%d", err);
1951 static int wpa_driver_nl80211_set_countermeasures(void *priv,
1954 struct wpa_driver_nl80211_data *drv = priv;
1955 if (drv->capa.flags & WPA_DRIVER_FLAGS_SME)
1957 wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
1958 return wpa_driver_nl80211_set_auth_param(drv,
1959 IW_AUTH_TKIP_COUNTERMEASURES,
1962 #endif /* WEXT_COMPAT */
1966 static int wpa_driver_nl80211_mlme_wext(struct wpa_driver_nl80211_data *drv,
1967 const u8 *addr, int cmd,
1971 struct iw_mlme mlme;
1974 os_memset(&iwr, 0, sizeof(iwr));
1975 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
1976 os_memset(&mlme, 0, sizeof(mlme));
1978 mlme.reason_code = reason_code;
1979 mlme.addr.sa_family = ARPHRD_ETHER;
1980 os_memcpy(mlme.addr.sa_data, addr, ETH_ALEN);
1981 iwr.u.data.pointer = (caddr_t) &mlme;
1982 iwr.u.data.length = sizeof(mlme);
1984 if (ioctl(drv->ioctl_sock, SIOCSIWMLME, &iwr) < 0) {
1985 perror("ioctl[SIOCSIWMLME]");
1991 #endif /* WEXT_COMPAT */
1994 static int wpa_driver_nl80211_mlme(struct wpa_driver_nl80211_data *drv,
1995 const u8 *addr, int cmd, u16 reason_code)
2000 msg = nlmsg_alloc();
2004 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0, cmd, 0);
2006 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
2007 NLA_PUT_U16(msg, NL80211_ATTR_REASON_CODE, reason_code);
2008 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
2010 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
2013 wpa_printf(MSG_DEBUG, "nl80211: MLME command failed: ret=%d "
2014 "(%s)", ret, strerror(-ret));
2015 goto nla_put_failure;
2025 static int wpa_driver_nl80211_deauthenticate(void *priv, const u8 *addr,
2028 struct wpa_driver_nl80211_data *drv = priv;
2029 wpa_printf(MSG_DEBUG, "%s", __func__);
2031 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME))
2032 return wpa_driver_nl80211_mlme_wext(drv, addr, IW_MLME_DEAUTH,
2034 #endif /* WEXT_COMPAT */
2036 return wpa_driver_nl80211_mlme(drv, addr, NL80211_CMD_DEAUTHENTICATE,
2041 static int wpa_driver_nl80211_disassociate(void *priv, const u8 *addr,
2044 struct wpa_driver_nl80211_data *drv = priv;
2045 wpa_printf(MSG_DEBUG, "%s", __func__);
2047 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME))
2048 return wpa_driver_nl80211_mlme_wext(drv, addr,
2051 #endif /* WEXT_COMPAT */
2052 return wpa_driver_nl80211_mlme(drv, addr, NL80211_CMD_DISASSOCIATE,
2058 static int wpa_driver_nl80211_set_gen_ie(void *priv, const u8 *ie,
2061 struct wpa_driver_nl80211_data *drv = priv;
2065 if (drv->capa.flags & WPA_DRIVER_FLAGS_SME)
2067 os_memset(&iwr, 0, sizeof(iwr));
2068 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
2069 iwr.u.data.pointer = (caddr_t) ie;
2070 iwr.u.data.length = ie_len;
2072 if (ioctl(drv->ioctl_sock, SIOCSIWGENIE, &iwr) < 0) {
2073 perror("ioctl[SIOCSIWGENIE]");
2081 static int wpa_driver_nl80211_cipher2wext(int cipher)
2085 return IW_AUTH_CIPHER_NONE;
2087 return IW_AUTH_CIPHER_WEP40;
2089 return IW_AUTH_CIPHER_TKIP;
2091 return IW_AUTH_CIPHER_CCMP;
2093 return IW_AUTH_CIPHER_WEP104;
2100 static int wpa_driver_nl80211_keymgmt2wext(int keymgmt)
2103 case KEY_MGMT_802_1X:
2104 case KEY_MGMT_802_1X_NO_WPA:
2105 return IW_AUTH_KEY_MGMT_802_1X;
2107 return IW_AUTH_KEY_MGMT_PSK;
2115 wpa_driver_nl80211_auth_alg_fallback(struct wpa_driver_nl80211_data *drv,
2116 struct wpa_driver_associate_params *params)
2121 wpa_printf(MSG_DEBUG, "WEXT: Driver did not support "
2122 "SIOCSIWAUTH for AUTH_ALG, trying SIOCSIWENCODE");
2124 os_memset(&iwr, 0, sizeof(iwr));
2125 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
2126 /* Just changing mode, not actual keys */
2127 iwr.u.encoding.flags = 0;
2128 iwr.u.encoding.pointer = (caddr_t) NULL;
2129 iwr.u.encoding.length = 0;
2132 * Note: IW_ENCODE_{OPEN,RESTRICTED} can be interpreted to mean two
2133 * different things. Here they are used to indicate Open System vs.
2134 * Shared Key authentication algorithm. However, some drivers may use
2135 * them to select between open/restricted WEP encrypted (open = allow
2136 * both unencrypted and encrypted frames; restricted = only allow
2137 * encrypted frames).
2140 if (!drv->use_crypt) {
2141 iwr.u.encoding.flags |= IW_ENCODE_DISABLED;
2143 if (params->auth_alg & AUTH_ALG_OPEN_SYSTEM)
2144 iwr.u.encoding.flags |= IW_ENCODE_OPEN;
2145 if (params->auth_alg & AUTH_ALG_SHARED_KEY)
2146 iwr.u.encoding.flags |= IW_ENCODE_RESTRICTED;
2149 if (ioctl(drv->ioctl_sock, SIOCSIWENCODE, &iwr) < 0) {
2150 perror("ioctl[SIOCSIWENCODE]");
2158 static int wpa_driver_nl80211_set_auth_alg(struct wpa_driver_nl80211_data *drv,
2163 if (auth_alg & AUTH_ALG_OPEN_SYSTEM)
2164 algs |= IW_AUTH_ALG_OPEN_SYSTEM;
2165 if (auth_alg & AUTH_ALG_SHARED_KEY)
2166 algs |= IW_AUTH_ALG_SHARED_KEY;
2167 if (auth_alg & AUTH_ALG_LEAP)
2168 algs |= IW_AUTH_ALG_LEAP;
2170 /* at least one algorithm should be set */
2171 algs = IW_AUTH_ALG_OPEN_SYSTEM;
2174 res = wpa_driver_nl80211_set_auth_param(drv, IW_AUTH_80211_AUTH_ALG,
2176 drv->auth_alg_fallback = res == -2;
2181 static int wpa_driver_nl80211_associate_wext(
2182 void *priv, struct wpa_driver_associate_params *params)
2184 struct wpa_driver_nl80211_data *drv = priv;
2186 int allow_unencrypted_eapol;
2189 wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
2191 wpa_driver_nl80211_set_mode(drv, params->mode);
2192 wpa_driver_nl80211_set_auth_alg(drv, params->auth_alg);
2195 * If the driver did not support SIOCSIWAUTH, fallback to
2196 * SIOCSIWENCODE here.
2198 if (drv->auth_alg_fallback &&
2199 wpa_driver_nl80211_auth_alg_fallback(drv, params) < 0)
2202 if (!params->bssid &&
2203 wpa_driver_nl80211_set_bssid(drv, NULL) < 0)
2206 /* TODO: should consider getting wpa version and cipher/key_mgmt suites
2207 * from configuration, not from here, where only the selected suite is
2209 if (wpa_driver_nl80211_set_gen_ie(drv, params->wpa_ie, params->wpa_ie_len)
2212 if (params->wpa_ie == NULL || params->wpa_ie_len == 0)
2213 value = IW_AUTH_WPA_VERSION_DISABLED;
2214 else if (params->wpa_ie[0] == WLAN_EID_RSN)
2215 value = IW_AUTH_WPA_VERSION_WPA2;
2217 value = IW_AUTH_WPA_VERSION_WPA;
2218 if (wpa_driver_nl80211_set_auth_param(drv,
2219 IW_AUTH_WPA_VERSION, value) < 0)
2221 value = wpa_driver_nl80211_cipher2wext(params->pairwise_suite);
2222 if (wpa_driver_nl80211_set_auth_param(drv,
2223 IW_AUTH_CIPHER_PAIRWISE, value) < 0)
2225 value = wpa_driver_nl80211_cipher2wext(params->group_suite);
2226 if (wpa_driver_nl80211_set_auth_param(drv,
2227 IW_AUTH_CIPHER_GROUP, value) < 0)
2229 value = wpa_driver_nl80211_keymgmt2wext(params->key_mgmt_suite);
2230 if (wpa_driver_nl80211_set_auth_param(drv,
2231 IW_AUTH_KEY_MGMT, value) < 0)
2233 value = params->key_mgmt_suite != KEY_MGMT_NONE ||
2234 params->pairwise_suite != CIPHER_NONE ||
2235 params->group_suite != CIPHER_NONE ||
2237 if (wpa_driver_nl80211_set_auth_param(drv,
2238 IW_AUTH_PRIVACY_INVOKED, value) < 0)
2241 /* Allow unencrypted EAPOL messages even if pairwise keys are set when
2242 * not using WPA. IEEE 802.1X specifies that these frames are not
2243 * encrypted, but WPA encrypts them when pairwise keys are in use. */
2244 if (params->key_mgmt_suite == KEY_MGMT_802_1X ||
2245 params->key_mgmt_suite == KEY_MGMT_PSK)
2246 allow_unencrypted_eapol = 0;
2248 allow_unencrypted_eapol = 1;
2250 if (wpa_driver_nl80211_set_auth_param(drv,
2251 IW_AUTH_RX_UNENCRYPTED_EAPOL,
2252 allow_unencrypted_eapol) < 0)
2254 if (params->freq && wpa_driver_nl80211_set_freq(drv, params->freq) < 0)
2256 if (wpa_driver_nl80211_set_ssid(drv, params->ssid, params->ssid_len) < 0)
2258 if (params->bssid &&
2259 wpa_driver_nl80211_set_bssid(drv, params->bssid) < 0)
2264 #endif /* WEXT_COMPAT */
2267 static int wpa_driver_nl80211_authenticate(
2268 void *priv, struct wpa_driver_auth_params *params)
2270 struct wpa_driver_nl80211_data *drv = priv;
2273 enum nl80211_auth_type type;
2275 drv->associated = 0;
2277 msg = nlmsg_alloc();
2281 wpa_printf(MSG_DEBUG, "nl80211: Authenticate (ifindex=%d)",
2283 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
2284 NL80211_CMD_AUTHENTICATE, 0);
2286 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
2287 if (params->bssid) {
2288 wpa_printf(MSG_DEBUG, " * bssid=" MACSTR,
2289 MAC2STR(params->bssid));
2290 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid);
2293 wpa_printf(MSG_DEBUG, " * freq=%d", params->freq);
2294 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, params->freq);
2297 wpa_hexdump_ascii(MSG_DEBUG, " * SSID",
2298 params->ssid, params->ssid_len);
2299 NLA_PUT(msg, NL80211_ATTR_SSID, params->ssid_len,
2302 wpa_hexdump(MSG_DEBUG, " * IEs", params->ie, params->ie_len);
2304 NLA_PUT(msg, NL80211_ATTR_IE, params->ie_len, params->ie);
2306 * TODO: if multiple auth_alg options enabled, try them one by one if
2307 * the AP rejects authentication due to unknown auth alg
2309 if (params->auth_alg & AUTH_ALG_OPEN_SYSTEM)
2310 type = NL80211_AUTHTYPE_OPEN_SYSTEM;
2311 else if (params->auth_alg & AUTH_ALG_SHARED_KEY)
2312 type = NL80211_AUTHTYPE_SHARED_KEY;
2313 else if (params->auth_alg & AUTH_ALG_LEAP)
2314 type = NL80211_AUTHTYPE_NETWORK_EAP;
2315 else if (params->auth_alg & AUTH_ALG_FT)
2316 type = NL80211_AUTHTYPE_FT;
2318 goto nla_put_failure;
2319 wpa_printf(MSG_DEBUG, " * Auth Type %d", type);
2320 NLA_PUT_U32(msg, NL80211_ATTR_AUTH_TYPE, type);
2322 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
2325 wpa_printf(MSG_DEBUG, "nl80211: MLME command failed: ret=%d "
2326 "(%s)", ret, strerror(-ret));
2327 goto nla_put_failure;
2330 wpa_printf(MSG_DEBUG, "nl80211: Authentication request send "
2340 static int wpa_driver_nl80211_set_freq2(
2341 struct wpa_driver_nl80211_data *drv,
2342 struct wpa_driver_associate_params *params)
2346 msg = nlmsg_alloc();
2350 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
2351 NL80211_CMD_SET_WIPHY, 0);
2353 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
2355 /* TODO: proper channel configuration */
2356 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, 2437);
2358 if (send_and_recv_msgs(drv, msg, NULL, NULL) == 0)
2365 static int wpa_driver_nl80211_ap(struct wpa_driver_nl80211_data *drv,
2366 struct wpa_driver_associate_params *params)
2368 if (wpa_driver_nl80211_set_mode(drv, params->mode) ||
2369 wpa_driver_nl80211_set_freq2(drv, params))
2372 /* TODO: setup monitor interface (and add code somewhere to remove this
2373 * when AP mode is stopped; associate with mode != 2 or drv_deinit) */
2374 /* TODO: setup beacon */
2378 #endif /* CONFIG_AP */
2381 static int wpa_driver_nl80211_associate(
2382 void *priv, struct wpa_driver_associate_params *params)
2384 struct wpa_driver_nl80211_data *drv = priv;
2389 if (params->mode == 2)
2390 return wpa_driver_nl80211_ap(drv, params);
2391 #endif /* CONFIG_AP */
2393 wpa_driver_nl80211_set_auth_param(drv, IW_AUTH_DROP_UNENCRYPTED,
2394 params->drop_unencrypted);
2397 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME))
2398 return wpa_driver_nl80211_associate_wext(drv, params);
2399 #endif /* WEXT_COMPAT */
2401 drv->associated = 0;
2403 msg = nlmsg_alloc();
2407 wpa_printf(MSG_DEBUG, "nl80211: Associate (ifindex=%d)",
2409 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
2410 NL80211_CMD_ASSOCIATE, 0);
2412 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
2413 if (params->bssid) {
2414 wpa_printf(MSG_DEBUG, " * bssid=" MACSTR,
2415 MAC2STR(params->bssid));
2416 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid);
2419 wpa_printf(MSG_DEBUG, " * freq=%d", params->freq);
2420 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, params->freq);
2423 wpa_hexdump_ascii(MSG_DEBUG, " * SSID",
2424 params->ssid, params->ssid_len);
2425 NLA_PUT(msg, NL80211_ATTR_SSID, params->ssid_len,
2427 if (params->ssid_len > sizeof(drv->ssid))
2428 goto nla_put_failure;
2429 os_memcpy(drv->ssid, params->ssid, params->ssid_len);
2430 drv->ssid_len = params->ssid_len;
2432 wpa_hexdump(MSG_DEBUG, " * IEs", params->wpa_ie, params->wpa_ie_len);
2434 NLA_PUT(msg, NL80211_ATTR_IE, params->wpa_ie_len,
2437 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
2440 wpa_printf(MSG_DEBUG, "nl80211: MLME command failed: ret=%d "
2441 "(%s)", ret, strerror(-ret));
2442 goto nla_put_failure;
2445 wpa_printf(MSG_DEBUG, "nl80211: Association request send "
2455 * wpa_driver_nl80211_set_mode - Set wireless mode (infra/adhoc), SIOCSIWMODE
2456 * @drv: Pointer to private driver data from wpa_driver_nl80211_init()
2457 * @mode: 0 = infra/BSS (associate with an AP), 1 = adhoc/IBSS
2458 * Returns: 0 on success, -1 on failure
2460 static int wpa_driver_nl80211_set_mode(struct wpa_driver_nl80211_data *drv,
2463 int ret = -1, flags;
2469 nlmode = NL80211_IFTYPE_STATION;
2472 nlmode = NL80211_IFTYPE_ADHOC;
2475 nlmode = NL80211_IFTYPE_AP;
2481 msg = nlmsg_alloc();
2485 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
2486 0, NL80211_CMD_SET_INTERFACE, 0);
2487 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
2488 NLA_PUT_U32(msg, NL80211_ATTR_IFTYPE, nlmode);
2490 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
2497 wpa_printf(MSG_ERROR, "nl80211: Failed to set interface mode: %d (%s)",
2498 ret, strerror(-ret));
2502 /* mac80211 doesn't allow mode changes while the device is up, so
2503 * take the device down, try to set the mode again, and bring the
2506 if (wpa_driver_nl80211_get_ifflags(drv, &flags) == 0) {
2507 (void) wpa_driver_nl80211_set_ifflags(drv, flags & ~IFF_UP);
2509 /* Try to set the mode again while the interface is down */
2510 msg = nlmsg_alloc();
2514 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
2515 0, NL80211_CMD_SET_INTERFACE, 0);
2516 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
2517 NLA_PUT_U32(msg, NL80211_ATTR_IFTYPE, nlmode);
2518 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
2520 wpa_printf(MSG_ERROR, "Failed to set interface %s "
2521 "mode(try_again): %d (%s)",
2522 drv->ifname, ret, strerror(-ret));
2525 /* Ignore return value of get_ifflags to ensure that the device
2526 * is always up like it was before this function was called.
2528 (void) wpa_driver_nl80211_get_ifflags(drv, &flags);
2529 (void) wpa_driver_nl80211_set_ifflags(drv, flags | IFF_UP);
2538 static int wpa_driver_nl80211_pmksa(struct wpa_driver_nl80211_data *drv,
2539 u32 cmd, const u8 *bssid, const u8 *pmkid)
2542 struct iw_pmksa pmksa;
2545 os_memset(&iwr, 0, sizeof(iwr));
2546 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
2547 os_memset(&pmksa, 0, sizeof(pmksa));
2549 pmksa.bssid.sa_family = ARPHRD_ETHER;
2551 os_memcpy(pmksa.bssid.sa_data, bssid, ETH_ALEN);
2553 os_memcpy(pmksa.pmkid, pmkid, IW_PMKID_LEN);
2554 iwr.u.data.pointer = (caddr_t) &pmksa;
2555 iwr.u.data.length = sizeof(pmksa);
2557 if (ioctl(drv->ioctl_sock, SIOCSIWPMKSA, &iwr) < 0) {
2558 if (errno != EOPNOTSUPP)
2559 perror("ioctl[SIOCSIWPMKSA]");
2567 static int wpa_driver_nl80211_add_pmkid(void *priv, const u8 *bssid,
2570 struct wpa_driver_nl80211_data *drv = priv;
2571 return wpa_driver_nl80211_pmksa(drv, IW_PMKSA_ADD, bssid, pmkid);
2575 static int wpa_driver_nl80211_remove_pmkid(void *priv, const u8 *bssid,
2578 struct wpa_driver_nl80211_data *drv = priv;
2579 return wpa_driver_nl80211_pmksa(drv, IW_PMKSA_REMOVE, bssid, pmkid);
2583 static int wpa_driver_nl80211_flush_pmkid(void *priv)
2585 struct wpa_driver_nl80211_data *drv = priv;
2586 return wpa_driver_nl80211_pmksa(drv, IW_PMKSA_FLUSH, NULL, NULL);
2589 #endif /* WEXT_COMPAT */
2592 static int wpa_driver_nl80211_get_capa(void *priv,
2593 struct wpa_driver_capa *capa)
2595 struct wpa_driver_nl80211_data *drv = priv;
2596 if (!drv->has_capability)
2598 os_memcpy(capa, &drv->capa, sizeof(*capa));
2603 static int wpa_driver_nl80211_set_operstate(void *priv, int state)
2605 struct wpa_driver_nl80211_data *drv = priv;
2607 wpa_printf(MSG_DEBUG, "%s: operstate %d->%d (%s)",
2608 __func__, drv->operstate, state, state ? "UP" : "DORMANT");
2609 drv->operstate = state;
2610 return wpa_driver_nl80211_send_oper_ifla(
2611 drv, -1, state ? IF_OPER_UP : IF_OPER_DORMANT);
2615 const struct wpa_driver_ops wpa_driver_nl80211_ops = {
2617 .desc = "Linux nl80211/cfg80211",
2618 .get_bssid = wpa_driver_nl80211_get_bssid,
2619 .get_ssid = wpa_driver_nl80211_get_ssid,
2620 .set_key = wpa_driver_nl80211_set_key,
2621 .scan2 = wpa_driver_nl80211_scan,
2622 .get_scan_results2 = wpa_driver_nl80211_get_scan_results,
2623 .deauthenticate = wpa_driver_nl80211_deauthenticate,
2624 .disassociate = wpa_driver_nl80211_disassociate,
2625 .authenticate = wpa_driver_nl80211_authenticate,
2626 .associate = wpa_driver_nl80211_associate,
2627 .init = wpa_driver_nl80211_init,
2628 .deinit = wpa_driver_nl80211_deinit,
2629 .get_capa = wpa_driver_nl80211_get_capa,
2630 .set_operstate = wpa_driver_nl80211_set_operstate,
2631 .set_country = wpa_driver_nl80211_set_country,
2633 .set_wpa = wpa_driver_nl80211_set_wpa,
2634 .set_countermeasures = wpa_driver_nl80211_set_countermeasures,
2635 .add_pmkid = wpa_driver_nl80211_add_pmkid,
2636 .remove_pmkid = wpa_driver_nl80211_remove_pmkid,
2637 .flush_pmkid = wpa_driver_nl80211_flush_pmkid,
2638 #endif /* WEXT_COMPAT */