driver_nl80211_event.c revision 203eadb9eda41a1dde4a583edb4684319e3f399e
1/* 2 * Driver interaction with Linux nl80211/cfg80211 - Event processing 3 * Copyright (c) 2002-2014, Jouni Malinen <j@w1.fi> 4 * Copyright (c) 2007, Johannes Berg <johannes@sipsolutions.net> 5 * Copyright (c) 2009-2010, Atheros Communications 6 * 7 * This software may be distributed under the terms of the BSD license. 8 * See README for more details. 9 */ 10 11#include "includes.h" 12#include <netlink/genl/genl.h> 13 14#include "utils/common.h" 15#include "utils/eloop.h" 16#include "common/qca-vendor.h" 17#include "common/qca-vendor-attr.h" 18#include "common/ieee802_11_defs.h" 19#include "common/ieee802_11_common.h" 20#include "driver_nl80211.h" 21 22 23static const char * nl80211_command_to_string(enum nl80211_commands cmd) 24{ 25#define C2S(x) case x: return #x; 26 switch (cmd) { 27 C2S(NL80211_CMD_UNSPEC) 28 C2S(NL80211_CMD_GET_WIPHY) 29 C2S(NL80211_CMD_SET_WIPHY) 30 C2S(NL80211_CMD_NEW_WIPHY) 31 C2S(NL80211_CMD_DEL_WIPHY) 32 C2S(NL80211_CMD_GET_INTERFACE) 33 C2S(NL80211_CMD_SET_INTERFACE) 34 C2S(NL80211_CMD_NEW_INTERFACE) 35 C2S(NL80211_CMD_DEL_INTERFACE) 36 C2S(NL80211_CMD_GET_KEY) 37 C2S(NL80211_CMD_SET_KEY) 38 C2S(NL80211_CMD_NEW_KEY) 39 C2S(NL80211_CMD_DEL_KEY) 40 C2S(NL80211_CMD_GET_BEACON) 41 C2S(NL80211_CMD_SET_BEACON) 42 C2S(NL80211_CMD_START_AP) 43 C2S(NL80211_CMD_STOP_AP) 44 C2S(NL80211_CMD_GET_STATION) 45 C2S(NL80211_CMD_SET_STATION) 46 C2S(NL80211_CMD_NEW_STATION) 47 C2S(NL80211_CMD_DEL_STATION) 48 C2S(NL80211_CMD_GET_MPATH) 49 C2S(NL80211_CMD_SET_MPATH) 50 C2S(NL80211_CMD_NEW_MPATH) 51 C2S(NL80211_CMD_DEL_MPATH) 52 C2S(NL80211_CMD_SET_BSS) 53 C2S(NL80211_CMD_SET_REG) 54 C2S(NL80211_CMD_REQ_SET_REG) 55 C2S(NL80211_CMD_GET_MESH_CONFIG) 56 C2S(NL80211_CMD_SET_MESH_CONFIG) 57 C2S(NL80211_CMD_SET_MGMT_EXTRA_IE) 58 C2S(NL80211_CMD_GET_REG) 59 C2S(NL80211_CMD_GET_SCAN) 60 C2S(NL80211_CMD_TRIGGER_SCAN) 61 C2S(NL80211_CMD_NEW_SCAN_RESULTS) 62 C2S(NL80211_CMD_SCAN_ABORTED) 63 C2S(NL80211_CMD_REG_CHANGE) 64 C2S(NL80211_CMD_AUTHENTICATE) 65 C2S(NL80211_CMD_ASSOCIATE) 66 C2S(NL80211_CMD_DEAUTHENTICATE) 67 C2S(NL80211_CMD_DISASSOCIATE) 68 C2S(NL80211_CMD_MICHAEL_MIC_FAILURE) 69 C2S(NL80211_CMD_REG_BEACON_HINT) 70 C2S(NL80211_CMD_JOIN_IBSS) 71 C2S(NL80211_CMD_LEAVE_IBSS) 72 C2S(NL80211_CMD_TESTMODE) 73 C2S(NL80211_CMD_CONNECT) 74 C2S(NL80211_CMD_ROAM) 75 C2S(NL80211_CMD_DISCONNECT) 76 C2S(NL80211_CMD_SET_WIPHY_NETNS) 77 C2S(NL80211_CMD_GET_SURVEY) 78 C2S(NL80211_CMD_NEW_SURVEY_RESULTS) 79 C2S(NL80211_CMD_SET_PMKSA) 80 C2S(NL80211_CMD_DEL_PMKSA) 81 C2S(NL80211_CMD_FLUSH_PMKSA) 82 C2S(NL80211_CMD_REMAIN_ON_CHANNEL) 83 C2S(NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL) 84 C2S(NL80211_CMD_SET_TX_BITRATE_MASK) 85 C2S(NL80211_CMD_REGISTER_FRAME) 86 C2S(NL80211_CMD_FRAME) 87 C2S(NL80211_CMD_FRAME_TX_STATUS) 88 C2S(NL80211_CMD_SET_POWER_SAVE) 89 C2S(NL80211_CMD_GET_POWER_SAVE) 90 C2S(NL80211_CMD_SET_CQM) 91 C2S(NL80211_CMD_NOTIFY_CQM) 92 C2S(NL80211_CMD_SET_CHANNEL) 93 C2S(NL80211_CMD_SET_WDS_PEER) 94 C2S(NL80211_CMD_FRAME_WAIT_CANCEL) 95 C2S(NL80211_CMD_JOIN_MESH) 96 C2S(NL80211_CMD_LEAVE_MESH) 97 C2S(NL80211_CMD_UNPROT_DEAUTHENTICATE) 98 C2S(NL80211_CMD_UNPROT_DISASSOCIATE) 99 C2S(NL80211_CMD_NEW_PEER_CANDIDATE) 100 C2S(NL80211_CMD_GET_WOWLAN) 101 C2S(NL80211_CMD_SET_WOWLAN) 102 C2S(NL80211_CMD_START_SCHED_SCAN) 103 C2S(NL80211_CMD_STOP_SCHED_SCAN) 104 C2S(NL80211_CMD_SCHED_SCAN_RESULTS) 105 C2S(NL80211_CMD_SCHED_SCAN_STOPPED) 106 C2S(NL80211_CMD_SET_REKEY_OFFLOAD) 107 C2S(NL80211_CMD_PMKSA_CANDIDATE) 108 C2S(NL80211_CMD_TDLS_OPER) 109 C2S(NL80211_CMD_TDLS_MGMT) 110 C2S(NL80211_CMD_UNEXPECTED_FRAME) 111 C2S(NL80211_CMD_PROBE_CLIENT) 112 C2S(NL80211_CMD_REGISTER_BEACONS) 113 C2S(NL80211_CMD_UNEXPECTED_4ADDR_FRAME) 114 C2S(NL80211_CMD_SET_NOACK_MAP) 115 C2S(NL80211_CMD_CH_SWITCH_NOTIFY) 116 C2S(NL80211_CMD_START_P2P_DEVICE) 117 C2S(NL80211_CMD_STOP_P2P_DEVICE) 118 C2S(NL80211_CMD_CONN_FAILED) 119 C2S(NL80211_CMD_SET_MCAST_RATE) 120 C2S(NL80211_CMD_SET_MAC_ACL) 121 C2S(NL80211_CMD_RADAR_DETECT) 122 C2S(NL80211_CMD_GET_PROTOCOL_FEATURES) 123 C2S(NL80211_CMD_UPDATE_FT_IES) 124 C2S(NL80211_CMD_FT_EVENT) 125 C2S(NL80211_CMD_CRIT_PROTOCOL_START) 126 C2S(NL80211_CMD_CRIT_PROTOCOL_STOP) 127 C2S(NL80211_CMD_GET_COALESCE) 128 C2S(NL80211_CMD_SET_COALESCE) 129 C2S(NL80211_CMD_CHANNEL_SWITCH) 130 C2S(NL80211_CMD_VENDOR) 131 C2S(NL80211_CMD_SET_QOS_MAP) 132 C2S(NL80211_CMD_ADD_TX_TS) 133 C2S(NL80211_CMD_DEL_TX_TS) 134 default: 135 return "NL80211_CMD_UNKNOWN"; 136 } 137#undef C2S 138} 139 140 141static void mlme_event_auth(struct wpa_driver_nl80211_data *drv, 142 const u8 *frame, size_t len) 143{ 144 const struct ieee80211_mgmt *mgmt; 145 union wpa_event_data event; 146 147 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME) && 148 drv->force_connect_cmd) { 149 /* 150 * Avoid reporting two association events that would confuse 151 * the core code. 152 */ 153 wpa_printf(MSG_DEBUG, 154 "nl80211: Ignore auth event when using driver SME"); 155 return; 156 } 157 158 wpa_printf(MSG_DEBUG, "nl80211: Authenticate event"); 159 mgmt = (const struct ieee80211_mgmt *) frame; 160 if (len < 24 + sizeof(mgmt->u.auth)) { 161 wpa_printf(MSG_DEBUG, "nl80211: Too short association event " 162 "frame"); 163 return; 164 } 165 166 os_memcpy(drv->auth_bssid, mgmt->sa, ETH_ALEN); 167 os_memset(drv->auth_attempt_bssid, 0, ETH_ALEN); 168 os_memset(&event, 0, sizeof(event)); 169 os_memcpy(event.auth.peer, mgmt->sa, ETH_ALEN); 170 event.auth.auth_type = le_to_host16(mgmt->u.auth.auth_alg); 171 event.auth.auth_transaction = 172 le_to_host16(mgmt->u.auth.auth_transaction); 173 event.auth.status_code = le_to_host16(mgmt->u.auth.status_code); 174 if (len > 24 + sizeof(mgmt->u.auth)) { 175 event.auth.ies = mgmt->u.auth.variable; 176 event.auth.ies_len = len - 24 - sizeof(mgmt->u.auth); 177 } 178 179 wpa_supplicant_event(drv->ctx, EVENT_AUTH, &event); 180} 181 182 183static void nl80211_parse_wmm_params(struct nlattr *wmm_attr, 184 struct wmm_params *wmm_params) 185{ 186 struct nlattr *wmm_info[NL80211_STA_WME_MAX + 1]; 187 static struct nla_policy wme_policy[NL80211_STA_WME_MAX + 1] = { 188 [NL80211_STA_WME_UAPSD_QUEUES] = { .type = NLA_U8 }, 189 }; 190 191 if (!wmm_attr || 192 nla_parse_nested(wmm_info, NL80211_STA_WME_MAX, wmm_attr, 193 wme_policy) || 194 !wmm_info[NL80211_STA_WME_UAPSD_QUEUES]) 195 return; 196 197 wmm_params->uapsd_queues = 198 nla_get_u8(wmm_info[NL80211_STA_WME_UAPSD_QUEUES]); 199 wmm_params->info_bitmap |= WMM_PARAMS_UAPSD_QUEUES_INFO; 200} 201 202 203static void mlme_event_assoc(struct wpa_driver_nl80211_data *drv, 204 const u8 *frame, size_t len, struct nlattr *wmm) 205{ 206 const struct ieee80211_mgmt *mgmt; 207 union wpa_event_data event; 208 u16 status; 209 210 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME) && 211 drv->force_connect_cmd) { 212 /* 213 * Avoid reporting two association events that would confuse 214 * the core code. 215 */ 216 wpa_printf(MSG_DEBUG, 217 "nl80211: Ignore assoc event when using driver SME"); 218 return; 219 } 220 221 wpa_printf(MSG_DEBUG, "nl80211: Associate event"); 222 mgmt = (const struct ieee80211_mgmt *) frame; 223 if (len < 24 + sizeof(mgmt->u.assoc_resp)) { 224 wpa_printf(MSG_DEBUG, "nl80211: Too short association event " 225 "frame"); 226 return; 227 } 228 229 status = le_to_host16(mgmt->u.assoc_resp.status_code); 230 if (status != WLAN_STATUS_SUCCESS) { 231 os_memset(&event, 0, sizeof(event)); 232 event.assoc_reject.bssid = mgmt->bssid; 233 if (len > 24 + sizeof(mgmt->u.assoc_resp)) { 234 event.assoc_reject.resp_ies = 235 (u8 *) mgmt->u.assoc_resp.variable; 236 event.assoc_reject.resp_ies_len = 237 len - 24 - sizeof(mgmt->u.assoc_resp); 238 } 239 event.assoc_reject.status_code = status; 240 241 wpa_supplicant_event(drv->ctx, EVENT_ASSOC_REJECT, &event); 242 return; 243 } 244 245 drv->associated = 1; 246 os_memcpy(drv->bssid, mgmt->sa, ETH_ALEN); 247 os_memcpy(drv->prev_bssid, mgmt->sa, ETH_ALEN); 248 249 os_memset(&event, 0, sizeof(event)); 250 if (len > 24 + sizeof(mgmt->u.assoc_resp)) { 251 event.assoc_info.resp_ies = (u8 *) mgmt->u.assoc_resp.variable; 252 event.assoc_info.resp_ies_len = 253 len - 24 - sizeof(mgmt->u.assoc_resp); 254 } 255 256 event.assoc_info.freq = drv->assoc_freq; 257 258 nl80211_parse_wmm_params(wmm, &event.assoc_info.wmm_params); 259 260 wpa_supplicant_event(drv->ctx, EVENT_ASSOC, &event); 261} 262 263 264static void mlme_event_connect(struct wpa_driver_nl80211_data *drv, 265 enum nl80211_commands cmd, struct nlattr *status, 266 struct nlattr *addr, struct nlattr *req_ie, 267 struct nlattr *resp_ie, 268 struct nlattr *authorized, 269 struct nlattr *key_replay_ctr, 270 struct nlattr *ptk_kck, 271 struct nlattr *ptk_kek) 272{ 273 union wpa_event_data event; 274 u16 status_code; 275 276 if (drv->capa.flags & WPA_DRIVER_FLAGS_SME) { 277 /* 278 * Avoid reporting two association events that would confuse 279 * the core code. 280 */ 281 wpa_printf(MSG_DEBUG, "nl80211: Ignore connect event (cmd=%d) " 282 "when using userspace SME", cmd); 283 return; 284 } 285 286 status_code = status ? nla_get_u16(status) : WLAN_STATUS_SUCCESS; 287 288 if (cmd == NL80211_CMD_CONNECT) { 289 wpa_printf(MSG_DEBUG, 290 "nl80211: Connect event (status=%u ignore_next_local_disconnect=%d)", 291 status_code, drv->ignore_next_local_disconnect); 292 } else if (cmd == NL80211_CMD_ROAM) { 293 wpa_printf(MSG_DEBUG, "nl80211: Roam event"); 294 } 295 296 os_memset(&event, 0, sizeof(event)); 297 if (cmd == NL80211_CMD_CONNECT && status_code != WLAN_STATUS_SUCCESS) { 298 if (addr) 299 event.assoc_reject.bssid = nla_data(addr); 300 if (drv->ignore_next_local_disconnect) { 301 drv->ignore_next_local_disconnect = 0; 302 if (!event.assoc_reject.bssid || 303 (os_memcmp(event.assoc_reject.bssid, 304 drv->auth_attempt_bssid, 305 ETH_ALEN) != 0)) { 306 /* 307 * Ignore the event that came without a BSSID or 308 * for the old connection since this is likely 309 * not relevant to the new Connect command. 310 */ 311 wpa_printf(MSG_DEBUG, 312 "nl80211: Ignore connection failure event triggered during reassociation"); 313 return; 314 } 315 } 316 if (resp_ie) { 317 event.assoc_reject.resp_ies = nla_data(resp_ie); 318 event.assoc_reject.resp_ies_len = nla_len(resp_ie); 319 } 320 event.assoc_reject.status_code = status_code; 321 wpa_supplicant_event(drv->ctx, EVENT_ASSOC_REJECT, &event); 322 return; 323 } 324 325 drv->associated = 1; 326 if (addr) { 327 os_memcpy(drv->bssid, nla_data(addr), ETH_ALEN); 328 os_memcpy(drv->prev_bssid, drv->bssid, ETH_ALEN); 329 } 330 331 if (req_ie) { 332 event.assoc_info.req_ies = nla_data(req_ie); 333 event.assoc_info.req_ies_len = nla_len(req_ie); 334 } 335 if (resp_ie) { 336 event.assoc_info.resp_ies = nla_data(resp_ie); 337 event.assoc_info.resp_ies_len = nla_len(resp_ie); 338 } 339 340 event.assoc_info.freq = nl80211_get_assoc_freq(drv); 341 342 if (authorized && nla_get_u8(authorized)) { 343 event.assoc_info.authorized = 1; 344 wpa_printf(MSG_DEBUG, "nl80211: connection authorized"); 345 } 346 if (key_replay_ctr) { 347 event.assoc_info.key_replay_ctr = nla_data(key_replay_ctr); 348 event.assoc_info.key_replay_ctr_len = nla_len(key_replay_ctr); 349 } 350 if (ptk_kck) { 351 event.assoc_info.ptk_kck = nla_data(ptk_kck); 352 event.assoc_info.ptk_kck_len = nla_len(ptk_kck); 353 } 354 if (ptk_kek) { 355 event.assoc_info.ptk_kek = nla_data(ptk_kek); 356 event.assoc_info.ptk_kek_len = nla_len(ptk_kek); 357 } 358 359 wpa_supplicant_event(drv->ctx, EVENT_ASSOC, &event); 360} 361 362 363static void mlme_event_disconnect(struct wpa_driver_nl80211_data *drv, 364 struct nlattr *reason, struct nlattr *addr, 365 struct nlattr *by_ap) 366{ 367 union wpa_event_data data; 368 unsigned int locally_generated = by_ap == NULL; 369 370 if (drv->capa.flags & WPA_DRIVER_FLAGS_SME) { 371 /* 372 * Avoid reporting two disassociation events that could 373 * confuse the core code. 374 */ 375 wpa_printf(MSG_DEBUG, "nl80211: Ignore disconnect " 376 "event when using userspace SME"); 377 return; 378 } 379 380 if (drv->ignore_next_local_disconnect) { 381 drv->ignore_next_local_disconnect = 0; 382 if (locally_generated) { 383 wpa_printf(MSG_DEBUG, "nl80211: Ignore disconnect " 384 "event triggered during reassociation"); 385 return; 386 } 387 wpa_printf(MSG_WARNING, "nl80211: Was expecting local " 388 "disconnect but got another disconnect " 389 "event first"); 390 } 391 392 wpa_printf(MSG_DEBUG, "nl80211: Disconnect event"); 393 nl80211_mark_disconnected(drv); 394 os_memset(&data, 0, sizeof(data)); 395 if (reason) 396 data.deauth_info.reason_code = nla_get_u16(reason); 397 data.deauth_info.locally_generated = by_ap == NULL; 398 wpa_supplicant_event(drv->ctx, EVENT_DEAUTH, &data); 399} 400 401 402static int calculate_chan_offset(int width, int freq, int cf1, int cf2) 403{ 404 int freq1 = 0; 405 406 switch (convert2width(width)) { 407 case CHAN_WIDTH_20_NOHT: 408 case CHAN_WIDTH_20: 409 return 0; 410 case CHAN_WIDTH_40: 411 freq1 = cf1 - 10; 412 break; 413 case CHAN_WIDTH_80: 414 freq1 = cf1 - 30; 415 break; 416 case CHAN_WIDTH_160: 417 freq1 = cf1 - 70; 418 break; 419 case CHAN_WIDTH_UNKNOWN: 420 case CHAN_WIDTH_80P80: 421 /* FIXME: implement this */ 422 return 0; 423 } 424 425 return (abs(freq - freq1) / 20) % 2 == 0 ? 1 : -1; 426} 427 428 429static void mlme_event_ch_switch(struct wpa_driver_nl80211_data *drv, 430 struct nlattr *ifindex, struct nlattr *freq, 431 struct nlattr *type, struct nlattr *bw, 432 struct nlattr *cf1, struct nlattr *cf2) 433{ 434 struct i802_bss *bss; 435 union wpa_event_data data; 436 int ht_enabled = 1; 437 int chan_offset = 0; 438 int ifidx; 439 440 wpa_printf(MSG_DEBUG, "nl80211: Channel switch event"); 441 442 if (!freq) 443 return; 444 445 ifidx = nla_get_u32(ifindex); 446 bss = get_bss_ifindex(drv, ifidx); 447 if (bss == NULL) { 448 wpa_printf(MSG_WARNING, "nl80211: Unknown ifindex (%d) for channel switch, ignoring", 449 ifidx); 450 return; 451 } 452 453 if (type) { 454 enum nl80211_channel_type ch_type = nla_get_u32(type); 455 456 wpa_printf(MSG_DEBUG, "nl80211: Channel type: %d", ch_type); 457 switch (ch_type) { 458 case NL80211_CHAN_NO_HT: 459 ht_enabled = 0; 460 break; 461 case NL80211_CHAN_HT20: 462 break; 463 case NL80211_CHAN_HT40PLUS: 464 chan_offset = 1; 465 break; 466 case NL80211_CHAN_HT40MINUS: 467 chan_offset = -1; 468 break; 469 } 470 } else if (bw && cf1) { 471 /* This can happen for example with VHT80 ch switch */ 472 chan_offset = calculate_chan_offset(nla_get_u32(bw), 473 nla_get_u32(freq), 474 nla_get_u32(cf1), 475 cf2 ? nla_get_u32(cf2) : 0); 476 } else { 477 wpa_printf(MSG_WARNING, "nl80211: Unknown secondary channel information - following channel definition calculations may fail"); 478 } 479 480 os_memset(&data, 0, sizeof(data)); 481 data.ch_switch.freq = nla_get_u32(freq); 482 data.ch_switch.ht_enabled = ht_enabled; 483 data.ch_switch.ch_offset = chan_offset; 484 if (bw) 485 data.ch_switch.ch_width = convert2width(nla_get_u32(bw)); 486 if (cf1) 487 data.ch_switch.cf1 = nla_get_u32(cf1); 488 if (cf2) 489 data.ch_switch.cf2 = nla_get_u32(cf2); 490 491 bss->freq = data.ch_switch.freq; 492 493 wpa_supplicant_event(bss->ctx, EVENT_CH_SWITCH, &data); 494} 495 496 497static void mlme_timeout_event(struct wpa_driver_nl80211_data *drv, 498 enum nl80211_commands cmd, struct nlattr *addr) 499{ 500 union wpa_event_data event; 501 enum wpa_event_type ev; 502 503 if (nla_len(addr) != ETH_ALEN) 504 return; 505 506 wpa_printf(MSG_DEBUG, "nl80211: MLME event %d; timeout with " MACSTR, 507 cmd, MAC2STR((u8 *) nla_data(addr))); 508 509 if (cmd == NL80211_CMD_AUTHENTICATE) 510 ev = EVENT_AUTH_TIMED_OUT; 511 else if (cmd == NL80211_CMD_ASSOCIATE) 512 ev = EVENT_ASSOC_TIMED_OUT; 513 else 514 return; 515 516 os_memset(&event, 0, sizeof(event)); 517 os_memcpy(event.timeout_event.addr, nla_data(addr), ETH_ALEN); 518 wpa_supplicant_event(drv->ctx, ev, &event); 519} 520 521 522static void mlme_event_mgmt(struct i802_bss *bss, 523 struct nlattr *freq, struct nlattr *sig, 524 const u8 *frame, size_t len) 525{ 526 struct wpa_driver_nl80211_data *drv = bss->drv; 527 const struct ieee80211_mgmt *mgmt; 528 union wpa_event_data event; 529 u16 fc, stype; 530 int ssi_signal = 0; 531 int rx_freq = 0; 532 533 wpa_printf(MSG_MSGDUMP, "nl80211: Frame event"); 534 mgmt = (const struct ieee80211_mgmt *) frame; 535 if (len < 24) { 536 wpa_printf(MSG_DEBUG, "nl80211: Too short management frame"); 537 return; 538 } 539 540 fc = le_to_host16(mgmt->frame_control); 541 stype = WLAN_FC_GET_STYPE(fc); 542 543 if (sig) 544 ssi_signal = (s32) nla_get_u32(sig); 545 546 os_memset(&event, 0, sizeof(event)); 547 if (freq) { 548 event.rx_mgmt.freq = nla_get_u32(freq); 549 rx_freq = drv->last_mgmt_freq = event.rx_mgmt.freq; 550 } 551 wpa_printf(MSG_DEBUG, 552 "nl80211: RX frame sa=" MACSTR 553 " freq=%d ssi_signal=%d fc=0x%x seq_ctrl=0x%x stype=%u (%s) len=%u", 554 MAC2STR(mgmt->sa), rx_freq, ssi_signal, fc, 555 le_to_host16(mgmt->seq_ctrl), stype, fc2str(fc), 556 (unsigned int) len); 557 event.rx_mgmt.frame = frame; 558 event.rx_mgmt.frame_len = len; 559 event.rx_mgmt.ssi_signal = ssi_signal; 560 event.rx_mgmt.drv_priv = bss; 561 wpa_supplicant_event(drv->ctx, EVENT_RX_MGMT, &event); 562} 563 564 565static void mlme_event_mgmt_tx_status(struct wpa_driver_nl80211_data *drv, 566 struct nlattr *cookie, const u8 *frame, 567 size_t len, struct nlattr *ack) 568{ 569 union wpa_event_data event; 570 const struct ieee80211_hdr *hdr; 571 u16 fc; 572 573 wpa_printf(MSG_DEBUG, "nl80211: Frame TX status event"); 574 if (!is_ap_interface(drv->nlmode)) { 575 u64 cookie_val; 576 577 if (!cookie) 578 return; 579 580 cookie_val = nla_get_u64(cookie); 581 wpa_printf(MSG_DEBUG, "nl80211: Action TX status:" 582 " cookie=0%llx%s (ack=%d)", 583 (long long unsigned int) cookie_val, 584 cookie_val == drv->send_action_cookie ? 585 " (match)" : " (unknown)", ack != NULL); 586 if (cookie_val != drv->send_action_cookie) 587 return; 588 } 589 590 hdr = (const struct ieee80211_hdr *) frame; 591 fc = le_to_host16(hdr->frame_control); 592 593 os_memset(&event, 0, sizeof(event)); 594 event.tx_status.type = WLAN_FC_GET_TYPE(fc); 595 event.tx_status.stype = WLAN_FC_GET_STYPE(fc); 596 event.tx_status.dst = hdr->addr1; 597 event.tx_status.data = frame; 598 event.tx_status.data_len = len; 599 event.tx_status.ack = ack != NULL; 600 wpa_supplicant_event(drv->ctx, EVENT_TX_STATUS, &event); 601} 602 603 604static void mlme_event_deauth_disassoc(struct wpa_driver_nl80211_data *drv, 605 enum wpa_event_type type, 606 const u8 *frame, size_t len) 607{ 608 const struct ieee80211_mgmt *mgmt; 609 union wpa_event_data event; 610 const u8 *bssid = NULL; 611 u16 reason_code = 0; 612 613 if (type == EVENT_DEAUTH) 614 wpa_printf(MSG_DEBUG, "nl80211: Deauthenticate event"); 615 else 616 wpa_printf(MSG_DEBUG, "nl80211: Disassociate event"); 617 618 mgmt = (const struct ieee80211_mgmt *) frame; 619 if (len >= 24) { 620 bssid = mgmt->bssid; 621 622 if ((drv->capa.flags & WPA_DRIVER_FLAGS_SME) && 623 !drv->associated && 624 os_memcmp(bssid, drv->auth_bssid, ETH_ALEN) != 0 && 625 os_memcmp(bssid, drv->auth_attempt_bssid, ETH_ALEN) != 0 && 626 os_memcmp(bssid, drv->prev_bssid, ETH_ALEN) == 0) { 627 /* 628 * Avoid issues with some roaming cases where 629 * disconnection event for the old AP may show up after 630 * we have started connection with the new AP. 631 */ 632 wpa_printf(MSG_DEBUG, "nl80211: Ignore deauth/disassoc event from old AP " MACSTR " when already authenticating with " MACSTR, 633 MAC2STR(bssid), 634 MAC2STR(drv->auth_attempt_bssid)); 635 return; 636 } 637 638 if (drv->associated != 0 && 639 os_memcmp(bssid, drv->bssid, ETH_ALEN) != 0 && 640 os_memcmp(bssid, drv->auth_bssid, ETH_ALEN) != 0) { 641 /* 642 * We have presumably received this deauth as a 643 * response to a clear_state_mismatch() outgoing 644 * deauth. Don't let it take us offline! 645 */ 646 wpa_printf(MSG_DEBUG, "nl80211: Deauth received " 647 "from Unknown BSSID " MACSTR " -- ignoring", 648 MAC2STR(bssid)); 649 return; 650 } 651 } 652 653 nl80211_mark_disconnected(drv); 654 os_memset(&event, 0, sizeof(event)); 655 656 /* Note: Same offset for Reason Code in both frame subtypes */ 657 if (len >= 24 + sizeof(mgmt->u.deauth)) 658 reason_code = le_to_host16(mgmt->u.deauth.reason_code); 659 660 if (type == EVENT_DISASSOC) { 661 event.disassoc_info.locally_generated = 662 !os_memcmp(mgmt->sa, drv->first_bss->addr, ETH_ALEN); 663 event.disassoc_info.addr = bssid; 664 event.disassoc_info.reason_code = reason_code; 665 if (frame + len > mgmt->u.disassoc.variable) { 666 event.disassoc_info.ie = mgmt->u.disassoc.variable; 667 event.disassoc_info.ie_len = frame + len - 668 mgmt->u.disassoc.variable; 669 } 670 } else { 671 if (drv->ignore_deauth_event) { 672 wpa_printf(MSG_DEBUG, "nl80211: Ignore deauth event due to previous forced deauth-during-auth"); 673 drv->ignore_deauth_event = 0; 674 return; 675 } 676 event.deauth_info.locally_generated = 677 !os_memcmp(mgmt->sa, drv->first_bss->addr, ETH_ALEN); 678 if (drv->ignore_next_local_deauth) { 679 drv->ignore_next_local_deauth = 0; 680 if (event.deauth_info.locally_generated) { 681 wpa_printf(MSG_DEBUG, "nl80211: Ignore deauth event triggered due to own deauth request"); 682 return; 683 } 684 wpa_printf(MSG_WARNING, "nl80211: Was expecting local deauth but got another disconnect event first"); 685 } 686 event.deauth_info.addr = bssid; 687 event.deauth_info.reason_code = reason_code; 688 if (frame + len > mgmt->u.deauth.variable) { 689 event.deauth_info.ie = mgmt->u.deauth.variable; 690 event.deauth_info.ie_len = frame + len - 691 mgmt->u.deauth.variable; 692 } 693 } 694 695 wpa_supplicant_event(drv->ctx, type, &event); 696} 697 698 699static void mlme_event_unprot_disconnect(struct wpa_driver_nl80211_data *drv, 700 enum wpa_event_type type, 701 const u8 *frame, size_t len) 702{ 703 const struct ieee80211_mgmt *mgmt; 704 union wpa_event_data event; 705 u16 reason_code = 0; 706 707 if (type == EVENT_UNPROT_DEAUTH) 708 wpa_printf(MSG_DEBUG, "nl80211: Unprot Deauthenticate event"); 709 else 710 wpa_printf(MSG_DEBUG, "nl80211: Unprot Disassociate event"); 711 712 if (len < 24) 713 return; 714 715 mgmt = (const struct ieee80211_mgmt *) frame; 716 717 os_memset(&event, 0, sizeof(event)); 718 /* Note: Same offset for Reason Code in both frame subtypes */ 719 if (len >= 24 + sizeof(mgmt->u.deauth)) 720 reason_code = le_to_host16(mgmt->u.deauth.reason_code); 721 722 if (type == EVENT_UNPROT_DISASSOC) { 723 event.unprot_disassoc.sa = mgmt->sa; 724 event.unprot_disassoc.da = mgmt->da; 725 event.unprot_disassoc.reason_code = reason_code; 726 } else { 727 event.unprot_deauth.sa = mgmt->sa; 728 event.unprot_deauth.da = mgmt->da; 729 event.unprot_deauth.reason_code = reason_code; 730 } 731 732 wpa_supplicant_event(drv->ctx, type, &event); 733} 734 735 736static void mlme_event(struct i802_bss *bss, 737 enum nl80211_commands cmd, struct nlattr *frame, 738 struct nlattr *addr, struct nlattr *timed_out, 739 struct nlattr *freq, struct nlattr *ack, 740 struct nlattr *cookie, struct nlattr *sig, 741 struct nlattr *wmm) 742{ 743 struct wpa_driver_nl80211_data *drv = bss->drv; 744 const u8 *data; 745 size_t len; 746 747 if (timed_out && addr) { 748 mlme_timeout_event(drv, cmd, addr); 749 return; 750 } 751 752 if (frame == NULL) { 753 wpa_printf(MSG_DEBUG, 754 "nl80211: MLME event %d (%s) without frame data", 755 cmd, nl80211_command_to_string(cmd)); 756 return; 757 } 758 759 data = nla_data(frame); 760 len = nla_len(frame); 761 if (len < 4 + 2 * ETH_ALEN) { 762 wpa_printf(MSG_MSGDUMP, "nl80211: MLME event %d (%s) on %s(" 763 MACSTR ") - too short", 764 cmd, nl80211_command_to_string(cmd), bss->ifname, 765 MAC2STR(bss->addr)); 766 return; 767 } 768 wpa_printf(MSG_MSGDUMP, "nl80211: MLME event %d (%s) on %s(" MACSTR 769 ") A1=" MACSTR " A2=" MACSTR, cmd, 770 nl80211_command_to_string(cmd), bss->ifname, 771 MAC2STR(bss->addr), MAC2STR(data + 4), 772 MAC2STR(data + 4 + ETH_ALEN)); 773 if (cmd != NL80211_CMD_FRAME_TX_STATUS && !(data[4] & 0x01) && 774 os_memcmp(bss->addr, data + 4, ETH_ALEN) != 0 && 775 os_memcmp(bss->addr, data + 4 + ETH_ALEN, ETH_ALEN) != 0) { 776 wpa_printf(MSG_MSGDUMP, "nl80211: %s: Ignore MLME frame event " 777 "for foreign address", bss->ifname); 778 return; 779 } 780 wpa_hexdump(MSG_MSGDUMP, "nl80211: MLME event frame", 781 nla_data(frame), nla_len(frame)); 782 783 switch (cmd) { 784 case NL80211_CMD_AUTHENTICATE: 785 mlme_event_auth(drv, nla_data(frame), nla_len(frame)); 786 break; 787 case NL80211_CMD_ASSOCIATE: 788 mlme_event_assoc(drv, nla_data(frame), nla_len(frame), wmm); 789 break; 790 case NL80211_CMD_DEAUTHENTICATE: 791 mlme_event_deauth_disassoc(drv, EVENT_DEAUTH, 792 nla_data(frame), nla_len(frame)); 793 break; 794 case NL80211_CMD_DISASSOCIATE: 795 mlme_event_deauth_disassoc(drv, EVENT_DISASSOC, 796 nla_data(frame), nla_len(frame)); 797 break; 798 case NL80211_CMD_FRAME: 799 mlme_event_mgmt(bss, freq, sig, nla_data(frame), 800 nla_len(frame)); 801 break; 802 case NL80211_CMD_FRAME_TX_STATUS: 803 mlme_event_mgmt_tx_status(drv, cookie, nla_data(frame), 804 nla_len(frame), ack); 805 break; 806 case NL80211_CMD_UNPROT_DEAUTHENTICATE: 807 mlme_event_unprot_disconnect(drv, EVENT_UNPROT_DEAUTH, 808 nla_data(frame), nla_len(frame)); 809 break; 810 case NL80211_CMD_UNPROT_DISASSOCIATE: 811 mlme_event_unprot_disconnect(drv, EVENT_UNPROT_DISASSOC, 812 nla_data(frame), nla_len(frame)); 813 break; 814 default: 815 break; 816 } 817} 818 819 820static void mlme_event_michael_mic_failure(struct i802_bss *bss, 821 struct nlattr *tb[]) 822{ 823 union wpa_event_data data; 824 825 wpa_printf(MSG_DEBUG, "nl80211: MLME event Michael MIC failure"); 826 os_memset(&data, 0, sizeof(data)); 827 if (tb[NL80211_ATTR_MAC]) { 828 wpa_hexdump(MSG_DEBUG, "nl80211: Source MAC address", 829 nla_data(tb[NL80211_ATTR_MAC]), 830 nla_len(tb[NL80211_ATTR_MAC])); 831 data.michael_mic_failure.src = nla_data(tb[NL80211_ATTR_MAC]); 832 } 833 if (tb[NL80211_ATTR_KEY_SEQ]) { 834 wpa_hexdump(MSG_DEBUG, "nl80211: TSC", 835 nla_data(tb[NL80211_ATTR_KEY_SEQ]), 836 nla_len(tb[NL80211_ATTR_KEY_SEQ])); 837 } 838 if (tb[NL80211_ATTR_KEY_TYPE]) { 839 enum nl80211_key_type key_type = 840 nla_get_u32(tb[NL80211_ATTR_KEY_TYPE]); 841 wpa_printf(MSG_DEBUG, "nl80211: Key Type %d", key_type); 842 if (key_type == NL80211_KEYTYPE_PAIRWISE) 843 data.michael_mic_failure.unicast = 1; 844 } else 845 data.michael_mic_failure.unicast = 1; 846 847 if (tb[NL80211_ATTR_KEY_IDX]) { 848 u8 key_id = nla_get_u8(tb[NL80211_ATTR_KEY_IDX]); 849 wpa_printf(MSG_DEBUG, "nl80211: Key Id %d", key_id); 850 } 851 852 wpa_supplicant_event(bss->ctx, EVENT_MICHAEL_MIC_FAILURE, &data); 853} 854 855 856static void mlme_event_join_ibss(struct wpa_driver_nl80211_data *drv, 857 struct nlattr *tb[]) 858{ 859 unsigned int freq; 860 861 if (tb[NL80211_ATTR_MAC] == NULL) { 862 wpa_printf(MSG_DEBUG, "nl80211: No address in IBSS joined " 863 "event"); 864 return; 865 } 866 os_memcpy(drv->bssid, nla_data(tb[NL80211_ATTR_MAC]), ETH_ALEN); 867 868 drv->associated = 1; 869 wpa_printf(MSG_DEBUG, "nl80211: IBSS " MACSTR " joined", 870 MAC2STR(drv->bssid)); 871 872 freq = nl80211_get_assoc_freq(drv); 873 if (freq) { 874 wpa_printf(MSG_DEBUG, "nl80211: IBSS on frequency %u MHz", 875 freq); 876 drv->first_bss->freq = freq; 877 } 878 879 wpa_supplicant_event(drv->ctx, EVENT_ASSOC, NULL); 880} 881 882 883static void mlme_event_remain_on_channel(struct wpa_driver_nl80211_data *drv, 884 int cancel_event, struct nlattr *tb[]) 885{ 886 unsigned int freq, chan_type, duration; 887 union wpa_event_data data; 888 u64 cookie; 889 890 if (tb[NL80211_ATTR_WIPHY_FREQ]) 891 freq = nla_get_u32(tb[NL80211_ATTR_WIPHY_FREQ]); 892 else 893 freq = 0; 894 895 if (tb[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) 896 chan_type = nla_get_u32(tb[NL80211_ATTR_WIPHY_CHANNEL_TYPE]); 897 else 898 chan_type = 0; 899 900 if (tb[NL80211_ATTR_DURATION]) 901 duration = nla_get_u32(tb[NL80211_ATTR_DURATION]); 902 else 903 duration = 0; 904 905 if (tb[NL80211_ATTR_COOKIE]) 906 cookie = nla_get_u64(tb[NL80211_ATTR_COOKIE]); 907 else 908 cookie = 0; 909 910 wpa_printf(MSG_DEBUG, "nl80211: Remain-on-channel event (cancel=%d " 911 "freq=%u channel_type=%u duration=%u cookie=0x%llx (%s))", 912 cancel_event, freq, chan_type, duration, 913 (long long unsigned int) cookie, 914 cookie == drv->remain_on_chan_cookie ? "match" : "unknown"); 915 916 if (cookie != drv->remain_on_chan_cookie) 917 return; /* not for us */ 918 919 if (cancel_event) 920 drv->pending_remain_on_chan = 0; 921 922 os_memset(&data, 0, sizeof(data)); 923 data.remain_on_channel.freq = freq; 924 data.remain_on_channel.duration = duration; 925 wpa_supplicant_event(drv->ctx, cancel_event ? 926 EVENT_CANCEL_REMAIN_ON_CHANNEL : 927 EVENT_REMAIN_ON_CHANNEL, &data); 928} 929 930 931static void mlme_event_ft_event(struct wpa_driver_nl80211_data *drv, 932 struct nlattr *tb[]) 933{ 934 union wpa_event_data data; 935 936 os_memset(&data, 0, sizeof(data)); 937 938 if (tb[NL80211_ATTR_IE]) { 939 data.ft_ies.ies = nla_data(tb[NL80211_ATTR_IE]); 940 data.ft_ies.ies_len = nla_len(tb[NL80211_ATTR_IE]); 941 } 942 943 if (tb[NL80211_ATTR_IE_RIC]) { 944 data.ft_ies.ric_ies = nla_data(tb[NL80211_ATTR_IE_RIC]); 945 data.ft_ies.ric_ies_len = nla_len(tb[NL80211_ATTR_IE_RIC]); 946 } 947 948 if (tb[NL80211_ATTR_MAC]) 949 os_memcpy(data.ft_ies.target_ap, 950 nla_data(tb[NL80211_ATTR_MAC]), ETH_ALEN); 951 952 wpa_printf(MSG_DEBUG, "nl80211: FT event target_ap " MACSTR, 953 MAC2STR(data.ft_ies.target_ap)); 954 955 wpa_supplicant_event(drv->ctx, EVENT_FT_RESPONSE, &data); 956} 957 958 959static void send_scan_event(struct wpa_driver_nl80211_data *drv, int aborted, 960 struct nlattr *tb[]) 961{ 962 union wpa_event_data event; 963 struct nlattr *nl; 964 int rem; 965 struct scan_info *info; 966#define MAX_REPORT_FREQS 50 967 int freqs[MAX_REPORT_FREQS]; 968 int num_freqs = 0; 969 970 if (drv->scan_for_auth) { 971 drv->scan_for_auth = 0; 972 wpa_printf(MSG_DEBUG, "nl80211: Scan results for missing " 973 "cfg80211 BSS entry"); 974 wpa_driver_nl80211_authenticate_retry(drv); 975 return; 976 } 977 978 os_memset(&event, 0, sizeof(event)); 979 info = &event.scan_info; 980 info->aborted = aborted; 981 982 if (tb[NL80211_ATTR_SCAN_SSIDS]) { 983 nla_for_each_nested(nl, tb[NL80211_ATTR_SCAN_SSIDS], rem) { 984 struct wpa_driver_scan_ssid *s = 985 &info->ssids[info->num_ssids]; 986 s->ssid = nla_data(nl); 987 s->ssid_len = nla_len(nl); 988 wpa_printf(MSG_DEBUG, "nl80211: Scan probed for SSID '%s'", 989 wpa_ssid_txt(s->ssid, s->ssid_len)); 990 info->num_ssids++; 991 if (info->num_ssids == WPAS_MAX_SCAN_SSIDS) 992 break; 993 } 994 } 995 if (tb[NL80211_ATTR_SCAN_FREQUENCIES]) { 996 char msg[200], *pos, *end; 997 int res; 998 999 pos = msg; 1000 end = pos + sizeof(msg); 1001 *pos = '\0'; 1002 1003 nla_for_each_nested(nl, tb[NL80211_ATTR_SCAN_FREQUENCIES], rem) 1004 { 1005 freqs[num_freqs] = nla_get_u32(nl); 1006 res = os_snprintf(pos, end - pos, " %d", 1007 freqs[num_freqs]); 1008 if (!os_snprintf_error(end - pos, res)) 1009 pos += res; 1010 num_freqs++; 1011 if (num_freqs == MAX_REPORT_FREQS - 1) 1012 break; 1013 } 1014 info->freqs = freqs; 1015 info->num_freqs = num_freqs; 1016 wpa_printf(MSG_DEBUG, "nl80211: Scan included frequencies:%s", 1017 msg); 1018 } 1019 wpa_supplicant_event(drv->ctx, EVENT_SCAN_RESULTS, &event); 1020} 1021 1022 1023static void nl80211_cqm_event(struct wpa_driver_nl80211_data *drv, 1024 struct nlattr *tb[]) 1025{ 1026 static struct nla_policy cqm_policy[NL80211_ATTR_CQM_MAX + 1] = { 1027 [NL80211_ATTR_CQM_RSSI_THOLD] = { .type = NLA_U32 }, 1028 [NL80211_ATTR_CQM_RSSI_HYST] = { .type = NLA_U8 }, 1029 [NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT] = { .type = NLA_U32 }, 1030 [NL80211_ATTR_CQM_PKT_LOSS_EVENT] = { .type = NLA_U32 }, 1031 }; 1032 struct nlattr *cqm[NL80211_ATTR_CQM_MAX + 1]; 1033 enum nl80211_cqm_rssi_threshold_event event; 1034 union wpa_event_data ed; 1035 struct wpa_signal_info sig; 1036 int res; 1037 1038 if (tb[NL80211_ATTR_CQM] == NULL || 1039 nla_parse_nested(cqm, NL80211_ATTR_CQM_MAX, tb[NL80211_ATTR_CQM], 1040 cqm_policy)) { 1041 wpa_printf(MSG_DEBUG, "nl80211: Ignore invalid CQM event"); 1042 return; 1043 } 1044 1045 os_memset(&ed, 0, sizeof(ed)); 1046 1047 if (cqm[NL80211_ATTR_CQM_PKT_LOSS_EVENT]) { 1048 if (!tb[NL80211_ATTR_MAC]) 1049 return; 1050 os_memcpy(ed.low_ack.addr, nla_data(tb[NL80211_ATTR_MAC]), 1051 ETH_ALEN); 1052 wpa_supplicant_event(drv->ctx, EVENT_STATION_LOW_ACK, &ed); 1053 return; 1054 } 1055 1056 if (cqm[NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT] == NULL) 1057 return; 1058 event = nla_get_u32(cqm[NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT]); 1059 1060 if (event == NL80211_CQM_RSSI_THRESHOLD_EVENT_HIGH) { 1061 wpa_printf(MSG_DEBUG, "nl80211: Connection quality monitor " 1062 "event: RSSI high"); 1063 ed.signal_change.above_threshold = 1; 1064 } else if (event == NL80211_CQM_RSSI_THRESHOLD_EVENT_LOW) { 1065 wpa_printf(MSG_DEBUG, "nl80211: Connection quality monitor " 1066 "event: RSSI low"); 1067 ed.signal_change.above_threshold = 0; 1068 } else 1069 return; 1070 1071 res = nl80211_get_link_signal(drv, &sig); 1072 if (res == 0) { 1073 ed.signal_change.current_signal = sig.current_signal; 1074 ed.signal_change.current_txrate = sig.current_txrate; 1075 wpa_printf(MSG_DEBUG, "nl80211: Signal: %d dBm txrate: %d", 1076 sig.current_signal, sig.current_txrate); 1077 } 1078 1079 res = nl80211_get_link_noise(drv, &sig); 1080 if (res == 0) { 1081 ed.signal_change.current_noise = sig.current_noise; 1082 wpa_printf(MSG_DEBUG, "nl80211: Noise: %d dBm", 1083 sig.current_noise); 1084 } 1085 1086 wpa_supplicant_event(drv->ctx, EVENT_SIGNAL_CHANGE, &ed); 1087} 1088 1089 1090static void nl80211_new_peer_candidate(struct wpa_driver_nl80211_data *drv, 1091 struct nlattr **tb) 1092{ 1093 const u8 *addr; 1094 union wpa_event_data data; 1095 1096 if (drv->nlmode != NL80211_IFTYPE_MESH_POINT || 1097 !tb[NL80211_ATTR_MAC] || !tb[NL80211_ATTR_IE]) 1098 return; 1099 1100 addr = nla_data(tb[NL80211_ATTR_MAC]); 1101 wpa_printf(MSG_DEBUG, "nl80211: New peer candidate" MACSTR, 1102 MAC2STR(addr)); 1103 1104 os_memset(&data, 0, sizeof(data)); 1105 data.mesh_peer.peer = addr; 1106 data.mesh_peer.ies = nla_data(tb[NL80211_ATTR_IE]); 1107 data.mesh_peer.ie_len = nla_len(tb[NL80211_ATTR_IE]); 1108 wpa_supplicant_event(drv->ctx, EVENT_NEW_PEER_CANDIDATE, &data); 1109} 1110 1111 1112static void nl80211_new_station_event(struct wpa_driver_nl80211_data *drv, 1113 struct i802_bss *bss, 1114 struct nlattr **tb) 1115{ 1116 u8 *addr; 1117 union wpa_event_data data; 1118 1119 if (tb[NL80211_ATTR_MAC] == NULL) 1120 return; 1121 addr = nla_data(tb[NL80211_ATTR_MAC]); 1122 wpa_printf(MSG_DEBUG, "nl80211: New station " MACSTR, MAC2STR(addr)); 1123 1124 if (is_ap_interface(drv->nlmode) && drv->device_ap_sme) { 1125 u8 *ies = NULL; 1126 size_t ies_len = 0; 1127 if (tb[NL80211_ATTR_IE]) { 1128 ies = nla_data(tb[NL80211_ATTR_IE]); 1129 ies_len = nla_len(tb[NL80211_ATTR_IE]); 1130 } 1131 wpa_hexdump(MSG_DEBUG, "nl80211: Assoc Req IEs", ies, ies_len); 1132 drv_event_assoc(bss->ctx, addr, ies, ies_len, 0); 1133 return; 1134 } 1135 1136 if (drv->nlmode != NL80211_IFTYPE_ADHOC) 1137 return; 1138 1139 os_memset(&data, 0, sizeof(data)); 1140 os_memcpy(data.ibss_rsn_start.peer, addr, ETH_ALEN); 1141 wpa_supplicant_event(bss->ctx, EVENT_IBSS_RSN_START, &data); 1142} 1143 1144 1145static void nl80211_del_station_event(struct wpa_driver_nl80211_data *drv, 1146 struct nlattr **tb) 1147{ 1148 u8 *addr; 1149 union wpa_event_data data; 1150 1151 if (tb[NL80211_ATTR_MAC] == NULL) 1152 return; 1153 addr = nla_data(tb[NL80211_ATTR_MAC]); 1154 wpa_printf(MSG_DEBUG, "nl80211: Delete station " MACSTR, 1155 MAC2STR(addr)); 1156 1157 if (is_ap_interface(drv->nlmode) && drv->device_ap_sme) { 1158 drv_event_disassoc(drv->ctx, addr); 1159 return; 1160 } 1161 1162 if (drv->nlmode != NL80211_IFTYPE_ADHOC) 1163 return; 1164 1165 os_memset(&data, 0, sizeof(data)); 1166 os_memcpy(data.ibss_peer_lost.peer, addr, ETH_ALEN); 1167 wpa_supplicant_event(drv->ctx, EVENT_IBSS_PEER_LOST, &data); 1168} 1169 1170 1171static void nl80211_rekey_offload_event(struct wpa_driver_nl80211_data *drv, 1172 struct nlattr **tb) 1173{ 1174 struct nlattr *rekey_info[NUM_NL80211_REKEY_DATA]; 1175 static struct nla_policy rekey_policy[NUM_NL80211_REKEY_DATA] = { 1176 [NL80211_REKEY_DATA_KEK] = { 1177 .minlen = NL80211_KEK_LEN, 1178 .maxlen = NL80211_KEK_LEN, 1179 }, 1180 [NL80211_REKEY_DATA_KCK] = { 1181 .minlen = NL80211_KCK_LEN, 1182 .maxlen = NL80211_KCK_LEN, 1183 }, 1184 [NL80211_REKEY_DATA_REPLAY_CTR] = { 1185 .minlen = NL80211_REPLAY_CTR_LEN, 1186 .maxlen = NL80211_REPLAY_CTR_LEN, 1187 }, 1188 }; 1189 union wpa_event_data data; 1190 1191 if (!tb[NL80211_ATTR_MAC] || 1192 !tb[NL80211_ATTR_REKEY_DATA] || 1193 nla_parse_nested(rekey_info, MAX_NL80211_REKEY_DATA, 1194 tb[NL80211_ATTR_REKEY_DATA], rekey_policy) || 1195 !rekey_info[NL80211_REKEY_DATA_REPLAY_CTR]) 1196 return; 1197 1198 os_memset(&data, 0, sizeof(data)); 1199 data.driver_gtk_rekey.bssid = nla_data(tb[NL80211_ATTR_MAC]); 1200 wpa_printf(MSG_DEBUG, "nl80211: Rekey offload event for BSSID " MACSTR, 1201 MAC2STR(data.driver_gtk_rekey.bssid)); 1202 data.driver_gtk_rekey.replay_ctr = 1203 nla_data(rekey_info[NL80211_REKEY_DATA_REPLAY_CTR]); 1204 wpa_hexdump(MSG_DEBUG, "nl80211: Rekey offload - Replay Counter", 1205 data.driver_gtk_rekey.replay_ctr, NL80211_REPLAY_CTR_LEN); 1206 wpa_supplicant_event(drv->ctx, EVENT_DRIVER_GTK_REKEY, &data); 1207} 1208 1209 1210static void nl80211_pmksa_candidate_event(struct wpa_driver_nl80211_data *drv, 1211 struct nlattr **tb) 1212{ 1213 struct nlattr *cand[NUM_NL80211_PMKSA_CANDIDATE]; 1214 static struct nla_policy cand_policy[NUM_NL80211_PMKSA_CANDIDATE] = { 1215 [NL80211_PMKSA_CANDIDATE_INDEX] = { .type = NLA_U32 }, 1216 [NL80211_PMKSA_CANDIDATE_BSSID] = { 1217 .minlen = ETH_ALEN, 1218 .maxlen = ETH_ALEN, 1219 }, 1220 [NL80211_PMKSA_CANDIDATE_PREAUTH] = { .type = NLA_FLAG }, 1221 }; 1222 union wpa_event_data data; 1223 1224 wpa_printf(MSG_DEBUG, "nl80211: PMKSA candidate event"); 1225 1226 if (!tb[NL80211_ATTR_PMKSA_CANDIDATE] || 1227 nla_parse_nested(cand, MAX_NL80211_PMKSA_CANDIDATE, 1228 tb[NL80211_ATTR_PMKSA_CANDIDATE], cand_policy) || 1229 !cand[NL80211_PMKSA_CANDIDATE_INDEX] || 1230 !cand[NL80211_PMKSA_CANDIDATE_BSSID]) 1231 return; 1232 1233 os_memset(&data, 0, sizeof(data)); 1234 os_memcpy(data.pmkid_candidate.bssid, 1235 nla_data(cand[NL80211_PMKSA_CANDIDATE_BSSID]), ETH_ALEN); 1236 data.pmkid_candidate.index = 1237 nla_get_u32(cand[NL80211_PMKSA_CANDIDATE_INDEX]); 1238 data.pmkid_candidate.preauth = 1239 cand[NL80211_PMKSA_CANDIDATE_PREAUTH] != NULL; 1240 wpa_supplicant_event(drv->ctx, EVENT_PMKID_CANDIDATE, &data); 1241} 1242 1243 1244static void nl80211_client_probe_event(struct wpa_driver_nl80211_data *drv, 1245 struct nlattr **tb) 1246{ 1247 union wpa_event_data data; 1248 1249 wpa_printf(MSG_DEBUG, "nl80211: Probe client event"); 1250 1251 if (!tb[NL80211_ATTR_MAC] || !tb[NL80211_ATTR_ACK]) 1252 return; 1253 1254 os_memset(&data, 0, sizeof(data)); 1255 os_memcpy(data.client_poll.addr, 1256 nla_data(tb[NL80211_ATTR_MAC]), ETH_ALEN); 1257 1258 wpa_supplicant_event(drv->ctx, EVENT_DRIVER_CLIENT_POLL_OK, &data); 1259} 1260 1261 1262static void nl80211_tdls_oper_event(struct wpa_driver_nl80211_data *drv, 1263 struct nlattr **tb) 1264{ 1265 union wpa_event_data data; 1266 1267 wpa_printf(MSG_DEBUG, "nl80211: TDLS operation event"); 1268 1269 if (!tb[NL80211_ATTR_MAC] || !tb[NL80211_ATTR_TDLS_OPERATION]) 1270 return; 1271 1272 os_memset(&data, 0, sizeof(data)); 1273 os_memcpy(data.tdls.peer, nla_data(tb[NL80211_ATTR_MAC]), ETH_ALEN); 1274 switch (nla_get_u8(tb[NL80211_ATTR_TDLS_OPERATION])) { 1275 case NL80211_TDLS_SETUP: 1276 wpa_printf(MSG_DEBUG, "nl80211: TDLS setup request for peer " 1277 MACSTR, MAC2STR(data.tdls.peer)); 1278 data.tdls.oper = TDLS_REQUEST_SETUP; 1279 break; 1280 case NL80211_TDLS_TEARDOWN: 1281 wpa_printf(MSG_DEBUG, "nl80211: TDLS teardown request for peer " 1282 MACSTR, MAC2STR(data.tdls.peer)); 1283 data.tdls.oper = TDLS_REQUEST_TEARDOWN; 1284 break; 1285 default: 1286 wpa_printf(MSG_DEBUG, "nl80211: Unsupported TDLS operatione " 1287 "event"); 1288 return; 1289 } 1290 if (tb[NL80211_ATTR_REASON_CODE]) { 1291 data.tdls.reason_code = 1292 nla_get_u16(tb[NL80211_ATTR_REASON_CODE]); 1293 } 1294 1295 wpa_supplicant_event(drv->ctx, EVENT_TDLS, &data); 1296} 1297 1298 1299static void nl80211_stop_ap(struct wpa_driver_nl80211_data *drv, 1300 struct nlattr **tb) 1301{ 1302 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_UNAVAILABLE, NULL); 1303} 1304 1305 1306static void nl80211_connect_failed_event(struct wpa_driver_nl80211_data *drv, 1307 struct nlattr **tb) 1308{ 1309 union wpa_event_data data; 1310 u32 reason; 1311 1312 wpa_printf(MSG_DEBUG, "nl80211: Connect failed event"); 1313 1314 if (!tb[NL80211_ATTR_MAC] || !tb[NL80211_ATTR_CONN_FAILED_REASON]) 1315 return; 1316 1317 os_memset(&data, 0, sizeof(data)); 1318 os_memcpy(data.connect_failed_reason.addr, 1319 nla_data(tb[NL80211_ATTR_MAC]), ETH_ALEN); 1320 1321 reason = nla_get_u32(tb[NL80211_ATTR_CONN_FAILED_REASON]); 1322 switch (reason) { 1323 case NL80211_CONN_FAIL_MAX_CLIENTS: 1324 wpa_printf(MSG_DEBUG, "nl80211: Max client reached"); 1325 data.connect_failed_reason.code = MAX_CLIENT_REACHED; 1326 break; 1327 case NL80211_CONN_FAIL_BLOCKED_CLIENT: 1328 wpa_printf(MSG_DEBUG, "nl80211: Blocked client " MACSTR 1329 " tried to connect", 1330 MAC2STR(data.connect_failed_reason.addr)); 1331 data.connect_failed_reason.code = BLOCKED_CLIENT; 1332 break; 1333 default: 1334 wpa_printf(MSG_DEBUG, "nl8021l: Unknown connect failed reason " 1335 "%u", reason); 1336 return; 1337 } 1338 1339 wpa_supplicant_event(drv->ctx, EVENT_CONNECT_FAILED_REASON, &data); 1340} 1341 1342 1343static void nl80211_radar_event(struct wpa_driver_nl80211_data *drv, 1344 struct nlattr **tb) 1345{ 1346 union wpa_event_data data; 1347 enum nl80211_radar_event event_type; 1348 1349 if (!tb[NL80211_ATTR_WIPHY_FREQ] || !tb[NL80211_ATTR_RADAR_EVENT]) 1350 return; 1351 1352 os_memset(&data, 0, sizeof(data)); 1353 data.dfs_event.freq = nla_get_u32(tb[NL80211_ATTR_WIPHY_FREQ]); 1354 event_type = nla_get_u32(tb[NL80211_ATTR_RADAR_EVENT]); 1355 1356 /* Check HT params */ 1357 if (tb[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) { 1358 data.dfs_event.ht_enabled = 1; 1359 data.dfs_event.chan_offset = 0; 1360 1361 switch (nla_get_u32(tb[NL80211_ATTR_WIPHY_CHANNEL_TYPE])) { 1362 case NL80211_CHAN_NO_HT: 1363 data.dfs_event.ht_enabled = 0; 1364 break; 1365 case NL80211_CHAN_HT20: 1366 break; 1367 case NL80211_CHAN_HT40PLUS: 1368 data.dfs_event.chan_offset = 1; 1369 break; 1370 case NL80211_CHAN_HT40MINUS: 1371 data.dfs_event.chan_offset = -1; 1372 break; 1373 } 1374 } 1375 1376 /* Get VHT params */ 1377 if (tb[NL80211_ATTR_CHANNEL_WIDTH]) 1378 data.dfs_event.chan_width = 1379 convert2width(nla_get_u32( 1380 tb[NL80211_ATTR_CHANNEL_WIDTH])); 1381 if (tb[NL80211_ATTR_CENTER_FREQ1]) 1382 data.dfs_event.cf1 = nla_get_u32(tb[NL80211_ATTR_CENTER_FREQ1]); 1383 if (tb[NL80211_ATTR_CENTER_FREQ2]) 1384 data.dfs_event.cf2 = nla_get_u32(tb[NL80211_ATTR_CENTER_FREQ2]); 1385 1386 wpa_printf(MSG_DEBUG, "nl80211: DFS event on freq %d MHz, ht: %d, offset: %d, width: %d, cf1: %dMHz, cf2: %dMHz", 1387 data.dfs_event.freq, data.dfs_event.ht_enabled, 1388 data.dfs_event.chan_offset, data.dfs_event.chan_width, 1389 data.dfs_event.cf1, data.dfs_event.cf2); 1390 1391 switch (event_type) { 1392 case NL80211_RADAR_DETECTED: 1393 wpa_supplicant_event(drv->ctx, EVENT_DFS_RADAR_DETECTED, &data); 1394 break; 1395 case NL80211_RADAR_CAC_FINISHED: 1396 wpa_supplicant_event(drv->ctx, EVENT_DFS_CAC_FINISHED, &data); 1397 break; 1398 case NL80211_RADAR_CAC_ABORTED: 1399 wpa_supplicant_event(drv->ctx, EVENT_DFS_CAC_ABORTED, &data); 1400 break; 1401 case NL80211_RADAR_NOP_FINISHED: 1402 wpa_supplicant_event(drv->ctx, EVENT_DFS_NOP_FINISHED, &data); 1403 break; 1404 default: 1405 wpa_printf(MSG_DEBUG, "nl80211: Unknown radar event %d " 1406 "received", event_type); 1407 break; 1408 } 1409} 1410 1411 1412static void nl80211_spurious_frame(struct i802_bss *bss, struct nlattr **tb, 1413 int wds) 1414{ 1415 struct wpa_driver_nl80211_data *drv = bss->drv; 1416 union wpa_event_data event; 1417 1418 if (!tb[NL80211_ATTR_MAC]) 1419 return; 1420 1421 os_memset(&event, 0, sizeof(event)); 1422 event.rx_from_unknown.bssid = bss->addr; 1423 event.rx_from_unknown.addr = nla_data(tb[NL80211_ATTR_MAC]); 1424 event.rx_from_unknown.wds = wds; 1425 1426 wpa_supplicant_event(drv->ctx, EVENT_RX_FROM_UNKNOWN, &event); 1427} 1428 1429 1430static void qca_nl80211_avoid_freq(struct wpa_driver_nl80211_data *drv, 1431 const u8 *data, size_t len) 1432{ 1433 u32 i, count; 1434 union wpa_event_data event; 1435 struct wpa_freq_range *range = NULL; 1436 const struct qca_avoid_freq_list *freq_range; 1437 1438 freq_range = (const struct qca_avoid_freq_list *) data; 1439 if (len < sizeof(freq_range->count)) 1440 return; 1441 1442 count = freq_range->count; 1443 if (len < sizeof(freq_range->count) + 1444 count * sizeof(struct qca_avoid_freq_range)) { 1445 wpa_printf(MSG_DEBUG, "nl80211: Ignored too short avoid frequency list (len=%u)", 1446 (unsigned int) len); 1447 return; 1448 } 1449 1450 if (count > 0) { 1451 range = os_calloc(count, sizeof(struct wpa_freq_range)); 1452 if (range == NULL) 1453 return; 1454 } 1455 1456 os_memset(&event, 0, sizeof(event)); 1457 for (i = 0; i < count; i++) { 1458 unsigned int idx = event.freq_range.num; 1459 range[idx].min = freq_range->range[i].start_freq; 1460 range[idx].max = freq_range->range[i].end_freq; 1461 wpa_printf(MSG_DEBUG, "nl80211: Avoid frequency range: %u-%u", 1462 range[idx].min, range[idx].max); 1463 if (range[idx].min > range[idx].max) { 1464 wpa_printf(MSG_DEBUG, "nl80211: Ignore invalid frequency range"); 1465 continue; 1466 } 1467 event.freq_range.num++; 1468 } 1469 event.freq_range.range = range; 1470 1471 wpa_supplicant_event(drv->ctx, EVENT_AVOID_FREQUENCIES, &event); 1472 1473 os_free(range); 1474} 1475 1476 1477static void qca_nl80211_acs_select_ch(struct wpa_driver_nl80211_data *drv, 1478 const u8 *data, size_t len) 1479{ 1480 struct nlattr *tb[QCA_WLAN_VENDOR_ATTR_ACS_MAX + 1]; 1481 union wpa_event_data event; 1482 1483 wpa_printf(MSG_DEBUG, 1484 "nl80211: ACS channel selection vendor event received"); 1485 1486 if (nla_parse(tb, QCA_WLAN_VENDOR_ATTR_ACS_MAX, 1487 (struct nlattr *) data, len, NULL) || 1488 !tb[QCA_WLAN_VENDOR_ATTR_ACS_PRIMARY_CHANNEL] || 1489 !tb[QCA_WLAN_VENDOR_ATTR_ACS_SECONDARY_CHANNEL]) 1490 return; 1491 1492 os_memset(&event, 0, sizeof(event)); 1493 event.acs_selected_channels.pri_channel = 1494 nla_get_u8(tb[QCA_WLAN_VENDOR_ATTR_ACS_PRIMARY_CHANNEL]); 1495 event.acs_selected_channels.sec_channel = 1496 nla_get_u8(tb[QCA_WLAN_VENDOR_ATTR_ACS_SECONDARY_CHANNEL]); 1497 1498 wpa_supplicant_event(drv->ctx, EVENT_ACS_CHANNEL_SELECTED, &event); 1499} 1500 1501 1502static void qca_nl80211_key_mgmt_auth(struct wpa_driver_nl80211_data *drv, 1503 const u8 *data, size_t len) 1504{ 1505 struct nlattr *tb[QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_MAX + 1]; 1506 u8 *bssid; 1507 1508 wpa_printf(MSG_DEBUG, 1509 "nl80211: Key management roam+auth vendor event received"); 1510 1511 if (nla_parse(tb, QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_MAX, 1512 (struct nlattr *) data, len, NULL) || 1513 !tb[QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_BSSID] || 1514 nla_len(tb[QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_BSSID]) != ETH_ALEN || 1515 !tb[QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_REQ_IE] || 1516 !tb[QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_RESP_IE] || 1517 !tb[QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_AUTHORIZED]) 1518 return; 1519 1520 bssid = nla_data(tb[QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_BSSID]); 1521 wpa_printf(MSG_DEBUG, " * roam BSSID " MACSTR, MAC2STR(bssid)); 1522 1523 mlme_event_connect(drv, NL80211_CMD_ROAM, NULL, 1524 tb[QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_BSSID], 1525 tb[QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_REQ_IE], 1526 tb[QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_RESP_IE], 1527 tb[QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_AUTHORIZED], 1528 tb[QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_KEY_REPLAY_CTR], 1529 tb[QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_PTK_KCK], 1530 tb[QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_PTK_KEK]); 1531} 1532 1533 1534static void qca_nl80211_dfs_offload_radar_event( 1535 struct wpa_driver_nl80211_data *drv, u32 subcmd, u8 *msg, int length) 1536{ 1537 union wpa_event_data data; 1538 struct nlattr *tb[NL80211_ATTR_MAX + 1]; 1539 1540 wpa_printf(MSG_DEBUG, 1541 "nl80211: DFS offload radar vendor event received"); 1542 1543 if (nla_parse(tb, NL80211_ATTR_MAX, 1544 (struct nlattr *) msg, length, NULL)) 1545 return; 1546 1547 if (!tb[NL80211_ATTR_WIPHY_FREQ]) { 1548 wpa_printf(MSG_INFO, 1549 "nl80211: Error parsing WIPHY_FREQ in FS offload radar vendor event"); 1550 return; 1551 } 1552 1553 os_memset(&data, 0, sizeof(data)); 1554 data.dfs_event.freq = nla_get_u32(tb[NL80211_ATTR_WIPHY_FREQ]); 1555 1556 wpa_printf(MSG_DEBUG, "nl80211: DFS event on freq %d MHz", 1557 data.dfs_event.freq); 1558 1559 /* Check HT params */ 1560 if (tb[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) { 1561 data.dfs_event.ht_enabled = 1; 1562 data.dfs_event.chan_offset = 0; 1563 1564 switch (nla_get_u32(tb[NL80211_ATTR_WIPHY_CHANNEL_TYPE])) { 1565 case NL80211_CHAN_NO_HT: 1566 data.dfs_event.ht_enabled = 0; 1567 break; 1568 case NL80211_CHAN_HT20: 1569 break; 1570 case NL80211_CHAN_HT40PLUS: 1571 data.dfs_event.chan_offset = 1; 1572 break; 1573 case NL80211_CHAN_HT40MINUS: 1574 data.dfs_event.chan_offset = -1; 1575 break; 1576 } 1577 } 1578 1579 /* Get VHT params */ 1580 if (tb[NL80211_ATTR_CHANNEL_WIDTH]) 1581 data.dfs_event.chan_width = 1582 convert2width(nla_get_u32( 1583 tb[NL80211_ATTR_CHANNEL_WIDTH])); 1584 if (tb[NL80211_ATTR_CENTER_FREQ1]) 1585 data.dfs_event.cf1 = nla_get_u32(tb[NL80211_ATTR_CENTER_FREQ1]); 1586 if (tb[NL80211_ATTR_CENTER_FREQ2]) 1587 data.dfs_event.cf2 = nla_get_u32(tb[NL80211_ATTR_CENTER_FREQ2]); 1588 1589 wpa_printf(MSG_DEBUG, "nl80211: DFS event on freq %d MHz, ht: %d, " 1590 "offset: %d, width: %d, cf1: %dMHz, cf2: %dMHz", 1591 data.dfs_event.freq, data.dfs_event.ht_enabled, 1592 data.dfs_event.chan_offset, data.dfs_event.chan_width, 1593 data.dfs_event.cf1, data.dfs_event.cf2); 1594 1595 switch (subcmd) { 1596 case QCA_NL80211_VENDOR_SUBCMD_DFS_OFFLOAD_RADAR_DETECTED: 1597 wpa_supplicant_event(drv->ctx, EVENT_DFS_RADAR_DETECTED, &data); 1598 break; 1599 case QCA_NL80211_VENDOR_SUBCMD_DFS_OFFLOAD_CAC_STARTED: 1600 wpa_supplicant_event(drv->ctx, EVENT_DFS_CAC_STARTED, &data); 1601 break; 1602 case QCA_NL80211_VENDOR_SUBCMD_DFS_OFFLOAD_CAC_FINISHED: 1603 wpa_supplicant_event(drv->ctx, EVENT_DFS_CAC_FINISHED, &data); 1604 break; 1605 case QCA_NL80211_VENDOR_SUBCMD_DFS_OFFLOAD_CAC_ABORTED: 1606 wpa_supplicant_event(drv->ctx, EVENT_DFS_CAC_ABORTED, &data); 1607 break; 1608 case QCA_NL80211_VENDOR_SUBCMD_DFS_OFFLOAD_CAC_NOP_FINISHED: 1609 wpa_supplicant_event(drv->ctx, EVENT_DFS_NOP_FINISHED, &data); 1610 break; 1611 default: 1612 wpa_printf(MSG_DEBUG, 1613 "nl80211: Unknown DFS offload radar event %d received", 1614 subcmd); 1615 break; 1616 } 1617} 1618 1619 1620static void nl80211_vendor_event_qca(struct wpa_driver_nl80211_data *drv, 1621 u32 subcmd, u8 *data, size_t len) 1622{ 1623 switch (subcmd) { 1624 case QCA_NL80211_VENDOR_SUBCMD_TEST: 1625 wpa_hexdump(MSG_DEBUG, "nl80211: QCA test event", data, len); 1626 break; 1627 case QCA_NL80211_VENDOR_SUBCMD_AVOID_FREQUENCY: 1628 qca_nl80211_avoid_freq(drv, data, len); 1629 break; 1630 case QCA_NL80211_VENDOR_SUBCMD_KEY_MGMT_ROAM_AUTH: 1631 qca_nl80211_key_mgmt_auth(drv, data, len); 1632 break; 1633 case QCA_NL80211_VENDOR_SUBCMD_DO_ACS: 1634 qca_nl80211_acs_select_ch(drv, data, len); 1635 break; 1636 case QCA_NL80211_VENDOR_SUBCMD_DFS_OFFLOAD_CAC_STARTED: 1637 case QCA_NL80211_VENDOR_SUBCMD_DFS_OFFLOAD_CAC_FINISHED: 1638 case QCA_NL80211_VENDOR_SUBCMD_DFS_OFFLOAD_CAC_ABORTED: 1639 case QCA_NL80211_VENDOR_SUBCMD_DFS_OFFLOAD_CAC_NOP_FINISHED: 1640 case QCA_NL80211_VENDOR_SUBCMD_DFS_OFFLOAD_RADAR_DETECTED: 1641 qca_nl80211_dfs_offload_radar_event(drv, subcmd, data, len); 1642 break; 1643 default: 1644 wpa_printf(MSG_DEBUG, 1645 "nl80211: Ignore unsupported QCA vendor event %u", 1646 subcmd); 1647 break; 1648 } 1649} 1650 1651 1652static void nl80211_vendor_event(struct wpa_driver_nl80211_data *drv, 1653 struct nlattr **tb) 1654{ 1655 u32 vendor_id, subcmd, wiphy = 0; 1656 int wiphy_idx; 1657 u8 *data = NULL; 1658 size_t len = 0; 1659 1660 if (!tb[NL80211_ATTR_VENDOR_ID] || 1661 !tb[NL80211_ATTR_VENDOR_SUBCMD]) 1662 return; 1663 1664 vendor_id = nla_get_u32(tb[NL80211_ATTR_VENDOR_ID]); 1665 subcmd = nla_get_u32(tb[NL80211_ATTR_VENDOR_SUBCMD]); 1666 1667 if (tb[NL80211_ATTR_WIPHY]) 1668 wiphy = nla_get_u32(tb[NL80211_ATTR_WIPHY]); 1669 1670 wpa_printf(MSG_DEBUG, "nl80211: Vendor event: wiphy=%u vendor_id=0x%x subcmd=%u", 1671 wiphy, vendor_id, subcmd); 1672 1673 if (tb[NL80211_ATTR_VENDOR_DATA]) { 1674 data = nla_data(tb[NL80211_ATTR_VENDOR_DATA]); 1675 len = nla_len(tb[NL80211_ATTR_VENDOR_DATA]); 1676 wpa_hexdump(MSG_MSGDUMP, "nl80211: Vendor data", data, len); 1677 } 1678 1679 wiphy_idx = nl80211_get_wiphy_index(drv->first_bss); 1680 if (wiphy_idx >= 0 && wiphy_idx != (int) wiphy) { 1681 wpa_printf(MSG_DEBUG, "nl80211: Ignore vendor event for foreign wiphy %u (own: %d)", 1682 wiphy, wiphy_idx); 1683 return; 1684 } 1685 1686 switch (vendor_id) { 1687 case OUI_QCA: 1688 nl80211_vendor_event_qca(drv, subcmd, data, len); 1689 break; 1690 default: 1691 wpa_printf(MSG_DEBUG, "nl80211: Ignore unsupported vendor event"); 1692 break; 1693 } 1694} 1695 1696 1697static void nl80211_reg_change_event(struct wpa_driver_nl80211_data *drv, 1698 struct nlattr *tb[]) 1699{ 1700 union wpa_event_data data; 1701 enum nl80211_reg_initiator init; 1702 1703 wpa_printf(MSG_DEBUG, "nl80211: Regulatory domain change"); 1704 1705 if (tb[NL80211_ATTR_REG_INITIATOR] == NULL) 1706 return; 1707 1708 os_memset(&data, 0, sizeof(data)); 1709 init = nla_get_u8(tb[NL80211_ATTR_REG_INITIATOR]); 1710 wpa_printf(MSG_DEBUG, " * initiator=%d", init); 1711 switch (init) { 1712 case NL80211_REGDOM_SET_BY_CORE: 1713 data.channel_list_changed.initiator = REGDOM_SET_BY_CORE; 1714 break; 1715 case NL80211_REGDOM_SET_BY_USER: 1716 data.channel_list_changed.initiator = REGDOM_SET_BY_USER; 1717 break; 1718 case NL80211_REGDOM_SET_BY_DRIVER: 1719 data.channel_list_changed.initiator = REGDOM_SET_BY_DRIVER; 1720 break; 1721 case NL80211_REGDOM_SET_BY_COUNTRY_IE: 1722 data.channel_list_changed.initiator = REGDOM_SET_BY_COUNTRY_IE; 1723 break; 1724 } 1725 1726 if (tb[NL80211_ATTR_REG_TYPE]) { 1727 enum nl80211_reg_type type; 1728 type = nla_get_u8(tb[NL80211_ATTR_REG_TYPE]); 1729 wpa_printf(MSG_DEBUG, " * type=%d", type); 1730 switch (type) { 1731 case NL80211_REGDOM_TYPE_COUNTRY: 1732 data.channel_list_changed.type = REGDOM_TYPE_COUNTRY; 1733 break; 1734 case NL80211_REGDOM_TYPE_WORLD: 1735 data.channel_list_changed.type = REGDOM_TYPE_WORLD; 1736 break; 1737 case NL80211_REGDOM_TYPE_CUSTOM_WORLD: 1738 data.channel_list_changed.type = 1739 REGDOM_TYPE_CUSTOM_WORLD; 1740 break; 1741 case NL80211_REGDOM_TYPE_INTERSECTION: 1742 data.channel_list_changed.type = 1743 REGDOM_TYPE_INTERSECTION; 1744 break; 1745 } 1746 } 1747 1748 if (tb[NL80211_ATTR_REG_ALPHA2]) { 1749 os_strlcpy(data.channel_list_changed.alpha2, 1750 nla_get_string(tb[NL80211_ATTR_REG_ALPHA2]), 1751 sizeof(data.channel_list_changed.alpha2)); 1752 wpa_printf(MSG_DEBUG, " * alpha2=%s", 1753 data.channel_list_changed.alpha2); 1754 } 1755 1756 wpa_supplicant_event(drv->ctx, EVENT_CHANNEL_LIST_CHANGED, &data); 1757} 1758 1759 1760static void do_process_drv_event(struct i802_bss *bss, int cmd, 1761 struct nlattr **tb) 1762{ 1763 struct wpa_driver_nl80211_data *drv = bss->drv; 1764 union wpa_event_data data; 1765 1766 wpa_printf(MSG_DEBUG, "nl80211: Drv Event %d (%s) received for %s", 1767 cmd, nl80211_command_to_string(cmd), bss->ifname); 1768 1769 if (cmd == NL80211_CMD_ROAM && 1770 (drv->capa.flags & WPA_DRIVER_FLAGS_KEY_MGMT_OFFLOAD)) { 1771 /* 1772 * Device will use roam+auth vendor event to indicate 1773 * roaming, so ignore the regular roam event. 1774 */ 1775 wpa_printf(MSG_DEBUG, 1776 "nl80211: Ignore roam event (cmd=%d), device will use vendor event roam+auth", 1777 cmd); 1778 return; 1779 } 1780 1781 if (drv->ap_scan_as_station != NL80211_IFTYPE_UNSPECIFIED && 1782 (cmd == NL80211_CMD_NEW_SCAN_RESULTS || 1783 cmd == NL80211_CMD_SCAN_ABORTED)) { 1784 wpa_driver_nl80211_set_mode(drv->first_bss, 1785 drv->ap_scan_as_station); 1786 drv->ap_scan_as_station = NL80211_IFTYPE_UNSPECIFIED; 1787 } 1788 1789 switch (cmd) { 1790 case NL80211_CMD_TRIGGER_SCAN: 1791 wpa_dbg(drv->ctx, MSG_DEBUG, "nl80211: Scan trigger"); 1792 drv->scan_state = SCAN_STARTED; 1793 if (drv->scan_for_auth) { 1794 /* 1795 * Cannot indicate EVENT_SCAN_STARTED here since we skip 1796 * EVENT_SCAN_RESULTS in scan_for_auth case and the 1797 * upper layer implementation could get confused about 1798 * scanning state. 1799 */ 1800 wpa_printf(MSG_DEBUG, "nl80211: Do not indicate scan-start event due to internal scan_for_auth"); 1801 break; 1802 } 1803 wpa_supplicant_event(drv->ctx, EVENT_SCAN_STARTED, NULL); 1804 break; 1805 case NL80211_CMD_START_SCHED_SCAN: 1806 wpa_dbg(drv->ctx, MSG_DEBUG, "nl80211: Sched scan started"); 1807 drv->scan_state = SCHED_SCAN_STARTED; 1808 break; 1809 case NL80211_CMD_SCHED_SCAN_STOPPED: 1810 wpa_dbg(drv->ctx, MSG_DEBUG, "nl80211: Sched scan stopped"); 1811 drv->scan_state = SCHED_SCAN_STOPPED; 1812 wpa_supplicant_event(drv->ctx, EVENT_SCHED_SCAN_STOPPED, NULL); 1813 break; 1814 case NL80211_CMD_NEW_SCAN_RESULTS: 1815 wpa_dbg(drv->ctx, MSG_DEBUG, 1816 "nl80211: New scan results available"); 1817 drv->scan_state = SCAN_COMPLETED; 1818 drv->scan_complete_events = 1; 1819 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv, 1820 drv->ctx); 1821 send_scan_event(drv, 0, tb); 1822 break; 1823 case NL80211_CMD_SCHED_SCAN_RESULTS: 1824 wpa_dbg(drv->ctx, MSG_DEBUG, 1825 "nl80211: New sched scan results available"); 1826 drv->scan_state = SCHED_SCAN_RESULTS; 1827 send_scan_event(drv, 0, tb); 1828 break; 1829 case NL80211_CMD_SCAN_ABORTED: 1830 wpa_dbg(drv->ctx, MSG_DEBUG, "nl80211: Scan aborted"); 1831 drv->scan_state = SCAN_ABORTED; 1832 /* 1833 * Need to indicate that scan results are available in order 1834 * not to make wpa_supplicant stop its scanning. 1835 */ 1836 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv, 1837 drv->ctx); 1838 send_scan_event(drv, 1, tb); 1839 break; 1840 case NL80211_CMD_AUTHENTICATE: 1841 case NL80211_CMD_ASSOCIATE: 1842 case NL80211_CMD_DEAUTHENTICATE: 1843 case NL80211_CMD_DISASSOCIATE: 1844 case NL80211_CMD_FRAME_TX_STATUS: 1845 case NL80211_CMD_UNPROT_DEAUTHENTICATE: 1846 case NL80211_CMD_UNPROT_DISASSOCIATE: 1847 mlme_event(bss, cmd, tb[NL80211_ATTR_FRAME], 1848 tb[NL80211_ATTR_MAC], tb[NL80211_ATTR_TIMED_OUT], 1849 tb[NL80211_ATTR_WIPHY_FREQ], tb[NL80211_ATTR_ACK], 1850 tb[NL80211_ATTR_COOKIE], 1851 tb[NL80211_ATTR_RX_SIGNAL_DBM], 1852 tb[NL80211_ATTR_STA_WME]); 1853 break; 1854 case NL80211_CMD_CONNECT: 1855 case NL80211_CMD_ROAM: 1856 mlme_event_connect(drv, cmd, 1857 tb[NL80211_ATTR_STATUS_CODE], 1858 tb[NL80211_ATTR_MAC], 1859 tb[NL80211_ATTR_REQ_IE], 1860 tb[NL80211_ATTR_RESP_IE], 1861 NULL, NULL, NULL, NULL); 1862 break; 1863 case NL80211_CMD_CH_SWITCH_NOTIFY: 1864 mlme_event_ch_switch(drv, 1865 tb[NL80211_ATTR_IFINDEX], 1866 tb[NL80211_ATTR_WIPHY_FREQ], 1867 tb[NL80211_ATTR_WIPHY_CHANNEL_TYPE], 1868 tb[NL80211_ATTR_CHANNEL_WIDTH], 1869 tb[NL80211_ATTR_CENTER_FREQ1], 1870 tb[NL80211_ATTR_CENTER_FREQ2]); 1871 break; 1872 case NL80211_CMD_DISCONNECT: 1873 mlme_event_disconnect(drv, tb[NL80211_ATTR_REASON_CODE], 1874 tb[NL80211_ATTR_MAC], 1875 tb[NL80211_ATTR_DISCONNECTED_BY_AP]); 1876 break; 1877 case NL80211_CMD_MICHAEL_MIC_FAILURE: 1878 mlme_event_michael_mic_failure(bss, tb); 1879 break; 1880 case NL80211_CMD_JOIN_IBSS: 1881 mlme_event_join_ibss(drv, tb); 1882 break; 1883 case NL80211_CMD_REMAIN_ON_CHANNEL: 1884 mlme_event_remain_on_channel(drv, 0, tb); 1885 break; 1886 case NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL: 1887 mlme_event_remain_on_channel(drv, 1, tb); 1888 break; 1889 case NL80211_CMD_NOTIFY_CQM: 1890 nl80211_cqm_event(drv, tb); 1891 break; 1892 case NL80211_CMD_REG_CHANGE: 1893 nl80211_reg_change_event(drv, tb); 1894 break; 1895 case NL80211_CMD_REG_BEACON_HINT: 1896 wpa_printf(MSG_DEBUG, "nl80211: Regulatory beacon hint"); 1897 os_memset(&data, 0, sizeof(data)); 1898 data.channel_list_changed.initiator = REGDOM_BEACON_HINT; 1899 wpa_supplicant_event(drv->ctx, EVENT_CHANNEL_LIST_CHANGED, 1900 &data); 1901 break; 1902 case NL80211_CMD_NEW_STATION: 1903 nl80211_new_station_event(drv, bss, tb); 1904 break; 1905 case NL80211_CMD_DEL_STATION: 1906 nl80211_del_station_event(drv, tb); 1907 break; 1908 case NL80211_CMD_SET_REKEY_OFFLOAD: 1909 nl80211_rekey_offload_event(drv, tb); 1910 break; 1911 case NL80211_CMD_PMKSA_CANDIDATE: 1912 nl80211_pmksa_candidate_event(drv, tb); 1913 break; 1914 case NL80211_CMD_PROBE_CLIENT: 1915 nl80211_client_probe_event(drv, tb); 1916 break; 1917 case NL80211_CMD_TDLS_OPER: 1918 nl80211_tdls_oper_event(drv, tb); 1919 break; 1920 case NL80211_CMD_CONN_FAILED: 1921 nl80211_connect_failed_event(drv, tb); 1922 break; 1923 case NL80211_CMD_FT_EVENT: 1924 mlme_event_ft_event(drv, tb); 1925 break; 1926 case NL80211_CMD_RADAR_DETECT: 1927 nl80211_radar_event(drv, tb); 1928 break; 1929 case NL80211_CMD_STOP_AP: 1930 nl80211_stop_ap(drv, tb); 1931 break; 1932 case NL80211_CMD_VENDOR: 1933 nl80211_vendor_event(drv, tb); 1934 break; 1935 case NL80211_CMD_NEW_PEER_CANDIDATE: 1936 nl80211_new_peer_candidate(drv, tb); 1937 break; 1938 default: 1939 wpa_dbg(drv->ctx, MSG_DEBUG, "nl80211: Ignored unknown event " 1940 "(cmd=%d)", cmd); 1941 break; 1942 } 1943} 1944 1945 1946int process_global_event(struct nl_msg *msg, void *arg) 1947{ 1948 struct nl80211_global *global = arg; 1949 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); 1950 struct nlattr *tb[NL80211_ATTR_MAX + 1]; 1951 struct wpa_driver_nl80211_data *drv, *tmp; 1952 int ifidx = -1; 1953 struct i802_bss *bss; 1954 u64 wdev_id = 0; 1955 int wdev_id_set = 0; 1956 1957 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), 1958 genlmsg_attrlen(gnlh, 0), NULL); 1959 1960 if (tb[NL80211_ATTR_IFINDEX]) 1961 ifidx = nla_get_u32(tb[NL80211_ATTR_IFINDEX]); 1962 else if (tb[NL80211_ATTR_WDEV]) { 1963 wdev_id = nla_get_u64(tb[NL80211_ATTR_WDEV]); 1964 wdev_id_set = 1; 1965 } 1966 1967 dl_list_for_each_safe(drv, tmp, &global->interfaces, 1968 struct wpa_driver_nl80211_data, list) { 1969 for (bss = drv->first_bss; bss; bss = bss->next) { 1970 if ((ifidx == -1 && !wdev_id_set) || 1971 ifidx == bss->ifindex || 1972 (wdev_id_set && bss->wdev_id_set && 1973 wdev_id == bss->wdev_id)) { 1974 do_process_drv_event(bss, gnlh->cmd, tb); 1975 return NL_SKIP; 1976 } 1977 } 1978 wpa_printf(MSG_DEBUG, 1979 "nl80211: Ignored event (cmd=%d) for foreign interface (ifindex %d wdev 0x%llx)", 1980 gnlh->cmd, ifidx, (long long unsigned int) wdev_id); 1981 } 1982 1983 return NL_SKIP; 1984} 1985 1986 1987int process_bss_event(struct nl_msg *msg, void *arg) 1988{ 1989 struct i802_bss *bss = arg; 1990 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); 1991 struct nlattr *tb[NL80211_ATTR_MAX + 1]; 1992 1993 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), 1994 genlmsg_attrlen(gnlh, 0), NULL); 1995 1996 wpa_printf(MSG_DEBUG, "nl80211: BSS Event %d (%s) received for %s", 1997 gnlh->cmd, nl80211_command_to_string(gnlh->cmd), 1998 bss->ifname); 1999 2000 switch (gnlh->cmd) { 2001 case NL80211_CMD_FRAME: 2002 case NL80211_CMD_FRAME_TX_STATUS: 2003 mlme_event(bss, gnlh->cmd, tb[NL80211_ATTR_FRAME], 2004 tb[NL80211_ATTR_MAC], tb[NL80211_ATTR_TIMED_OUT], 2005 tb[NL80211_ATTR_WIPHY_FREQ], tb[NL80211_ATTR_ACK], 2006 tb[NL80211_ATTR_COOKIE], 2007 tb[NL80211_ATTR_RX_SIGNAL_DBM], 2008 tb[NL80211_ATTR_STA_WME]); 2009 break; 2010 case NL80211_CMD_UNEXPECTED_FRAME: 2011 nl80211_spurious_frame(bss, tb, 0); 2012 break; 2013 case NL80211_CMD_UNEXPECTED_4ADDR_FRAME: 2014 nl80211_spurious_frame(bss, tb, 1); 2015 break; 2016 default: 2017 wpa_printf(MSG_DEBUG, "nl80211: Ignored unknown event " 2018 "(cmd=%d)", gnlh->cmd); 2019 break; 2020 } 2021 2022 return NL_SKIP; 2023} 2024