1/* 2 * Driver interaction with Linux nl80211/cfg80211 3 * Copyright (c) 2002-2015, Jouni Malinen <j@w1.fi> 4 * Copyright (c) 2003-2004, Instant802 Networks, Inc. 5 * Copyright (c) 2005-2006, Devicescape Software, Inc. 6 * Copyright (c) 2007, Johannes Berg <johannes@sipsolutions.net> 7 * Copyright (c) 2009-2010, Atheros Communications 8 * 9 * This software may be distributed under the terms of the BSD license. 10 * See README for more details. 11 */ 12 13#include "includes.h" 14#include <sys/types.h> 15#include <fcntl.h> 16#include <net/if.h> 17#include <netlink/genl/genl.h> 18#include <netlink/genl/ctrl.h> 19#ifdef CONFIG_LIBNL3_ROUTE 20#include <netlink/route/neighbour.h> 21#endif /* CONFIG_LIBNL3_ROUTE */ 22#include <linux/rtnetlink.h> 23#include <netpacket/packet.h> 24#include <linux/errqueue.h> 25 26#include "common.h" 27#include "eloop.h" 28#include "common/qca-vendor.h" 29#include "common/qca-vendor-attr.h" 30#include "common/ieee802_11_defs.h" 31#include "common/ieee802_11_common.h" 32#include "l2_packet/l2_packet.h" 33#include "netlink.h" 34#include "linux_defines.h" 35#include "linux_ioctl.h" 36#include "radiotap.h" 37#include "radiotap_iter.h" 38#include "rfkill.h" 39#include "driver_nl80211.h" 40 41 42#ifndef CONFIG_LIBNL20 43/* 44 * libnl 1.1 has a bug, it tries to allocate socket numbers densely 45 * but when you free a socket again it will mess up its bitmap and 46 * and use the wrong number the next time it needs a socket ID. 47 * Therefore, we wrap the handle alloc/destroy and add our own pid 48 * accounting. 49 */ 50static uint32_t port_bitmap[32] = { 0 }; 51 52static struct nl_handle *nl80211_handle_alloc(void *cb) 53{ 54 struct nl_handle *handle; 55 uint32_t pid = getpid() & 0x3FFFFF; 56 int i; 57 58 handle = nl_handle_alloc_cb(cb); 59 60 for (i = 0; i < 1024; i++) { 61 if (port_bitmap[i / 32] & (1 << (i % 32))) 62 continue; 63 port_bitmap[i / 32] |= 1 << (i % 32); 64 pid += i << 22; 65 break; 66 } 67 68 nl_socket_set_local_port(handle, pid); 69 70 return handle; 71} 72 73static void nl80211_handle_destroy(struct nl_handle *handle) 74{ 75 uint32_t port = nl_socket_get_local_port(handle); 76 77 port >>= 22; 78 port_bitmap[port / 32] &= ~(1 << (port % 32)); 79 80 nl_handle_destroy(handle); 81} 82#endif /* CONFIG_LIBNL20 */ 83 84 85#ifdef ANDROID 86/* system/core/libnl_2 does not include nl_socket_set_nonblocking() */ 87#undef nl_socket_set_nonblocking 88#define nl_socket_set_nonblocking(h) android_nl_socket_set_nonblocking(h) 89 90#endif /* ANDROID */ 91 92 93static struct nl_handle * nl_create_handle(struct nl_cb *cb, const char *dbg) 94{ 95 struct nl_handle *handle; 96 97 handle = nl80211_handle_alloc(cb); 98 if (handle == NULL) { 99 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate netlink " 100 "callbacks (%s)", dbg); 101 return NULL; 102 } 103 104 if (genl_connect(handle)) { 105 wpa_printf(MSG_ERROR, "nl80211: Failed to connect to generic " 106 "netlink (%s)", dbg); 107 nl80211_handle_destroy(handle); 108 return NULL; 109 } 110 111 return handle; 112} 113 114 115static void nl_destroy_handles(struct nl_handle **handle) 116{ 117 if (*handle == NULL) 118 return; 119 nl80211_handle_destroy(*handle); 120 *handle = NULL; 121} 122 123 124#if __WORDSIZE == 64 125#define ELOOP_SOCKET_INVALID (intptr_t) 0x8888888888888889ULL 126#else 127#define ELOOP_SOCKET_INVALID (intptr_t) 0x88888889ULL 128#endif 129 130static void nl80211_register_eloop_read(struct nl_handle **handle, 131 eloop_sock_handler handler, 132 void *eloop_data) 133{ 134#ifdef CONFIG_LIBNL20 135 /* 136 * libnl uses a pretty small buffer (32 kB that gets converted to 64 kB) 137 * by default. It is possible to hit that limit in some cases where 138 * operations are blocked, e.g., with a burst of Deauthentication frames 139 * to hostapd and STA entry deletion. Try to increase the buffer to make 140 * this less likely to occur. 141 */ 142 if (nl_socket_set_buffer_size(*handle, 262144, 0) < 0) { 143 wpa_printf(MSG_DEBUG, 144 "nl80211: Could not set nl_socket RX buffer size: %s", 145 strerror(errno)); 146 /* continue anyway with the default (smaller) buffer */ 147 } 148#endif /* CONFIG_LIBNL20 */ 149 150 nl_socket_set_nonblocking(*handle); 151 eloop_register_read_sock(nl_socket_get_fd(*handle), handler, 152 eloop_data, *handle); 153 *handle = (void *) (((intptr_t) *handle) ^ ELOOP_SOCKET_INVALID); 154} 155 156 157static void nl80211_destroy_eloop_handle(struct nl_handle **handle) 158{ 159 *handle = (void *) (((intptr_t) *handle) ^ ELOOP_SOCKET_INVALID); 160 eloop_unregister_read_sock(nl_socket_get_fd(*handle)); 161 nl_destroy_handles(handle); 162} 163 164 165static void nl80211_global_deinit(void *priv); 166static void nl80211_check_global(struct nl80211_global *global); 167 168static void wpa_driver_nl80211_deinit(struct i802_bss *bss); 169static int wpa_driver_nl80211_set_mode_ibss(struct i802_bss *bss, 170 struct hostapd_freq_params *freq); 171 172static int 173wpa_driver_nl80211_finish_drv_init(struct wpa_driver_nl80211_data *drv, 174 const u8 *set_addr, int first, 175 const char *driver_params); 176static int nl80211_send_frame_cmd(struct i802_bss *bss, 177 unsigned int freq, unsigned int wait, 178 const u8 *buf, size_t buf_len, u64 *cookie, 179 int no_cck, int no_ack, int offchanok, 180 const u16 *csa_offs, size_t csa_offs_len); 181static int wpa_driver_nl80211_probe_req_report(struct i802_bss *bss, 182 int report); 183 184#define IFIDX_ANY -1 185 186static void add_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx, 187 int ifidx_reason); 188static void del_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx, 189 int ifidx_reason); 190static int have_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx, 191 int ifidx_reason); 192 193static int nl80211_set_channel(struct i802_bss *bss, 194 struct hostapd_freq_params *freq, int set_chan); 195static int nl80211_disable_11b_rates(struct wpa_driver_nl80211_data *drv, 196 int ifindex, int disabled); 197 198static int nl80211_leave_ibss(struct wpa_driver_nl80211_data *drv, 199 int reset_mode); 200 201static int i802_set_iface_flags(struct i802_bss *bss, int up); 202static int nl80211_set_param(void *priv, const char *param); 203 204 205/* Converts nl80211_chan_width to a common format */ 206enum chan_width convert2width(int width) 207{ 208 switch (width) { 209 case NL80211_CHAN_WIDTH_20_NOHT: 210 return CHAN_WIDTH_20_NOHT; 211 case NL80211_CHAN_WIDTH_20: 212 return CHAN_WIDTH_20; 213 case NL80211_CHAN_WIDTH_40: 214 return CHAN_WIDTH_40; 215 case NL80211_CHAN_WIDTH_80: 216 return CHAN_WIDTH_80; 217 case NL80211_CHAN_WIDTH_80P80: 218 return CHAN_WIDTH_80P80; 219 case NL80211_CHAN_WIDTH_160: 220 return CHAN_WIDTH_160; 221 } 222 return CHAN_WIDTH_UNKNOWN; 223} 224 225 226int is_ap_interface(enum nl80211_iftype nlmode) 227{ 228 return nlmode == NL80211_IFTYPE_AP || 229 nlmode == NL80211_IFTYPE_P2P_GO; 230} 231 232 233int is_sta_interface(enum nl80211_iftype nlmode) 234{ 235 return nlmode == NL80211_IFTYPE_STATION || 236 nlmode == NL80211_IFTYPE_P2P_CLIENT; 237} 238 239 240static int is_p2p_net_interface(enum nl80211_iftype nlmode) 241{ 242 return nlmode == NL80211_IFTYPE_P2P_CLIENT || 243 nlmode == NL80211_IFTYPE_P2P_GO; 244} 245 246 247struct i802_bss * get_bss_ifindex(struct wpa_driver_nl80211_data *drv, 248 int ifindex) 249{ 250 struct i802_bss *bss; 251 252 for (bss = drv->first_bss; bss; bss = bss->next) { 253 if (bss->ifindex == ifindex) 254 return bss; 255 } 256 257 return NULL; 258} 259 260 261static int is_mesh_interface(enum nl80211_iftype nlmode) 262{ 263 return nlmode == NL80211_IFTYPE_MESH_POINT; 264} 265 266 267void nl80211_mark_disconnected(struct wpa_driver_nl80211_data *drv) 268{ 269 if (drv->associated) 270 os_memcpy(drv->prev_bssid, drv->bssid, ETH_ALEN); 271 drv->associated = 0; 272 os_memset(drv->bssid, 0, ETH_ALEN); 273} 274 275 276/* nl80211 code */ 277static int ack_handler(struct nl_msg *msg, void *arg) 278{ 279 int *err = arg; 280 *err = 0; 281 return NL_STOP; 282} 283 284static int finish_handler(struct nl_msg *msg, void *arg) 285{ 286 int *ret = arg; 287 *ret = 0; 288 return NL_SKIP; 289} 290 291static int error_handler(struct sockaddr_nl *nla, struct nlmsgerr *err, 292 void *arg) 293{ 294 int *ret = arg; 295 *ret = err->error; 296 return NL_SKIP; 297} 298 299 300static int no_seq_check(struct nl_msg *msg, void *arg) 301{ 302 return NL_OK; 303} 304 305 306static void nl80211_nlmsg_clear(struct nl_msg *msg) 307{ 308 /* 309 * Clear nlmsg data, e.g., to make sure key material is not left in 310 * heap memory for unnecessarily long time. 311 */ 312 if (msg) { 313 struct nlmsghdr *hdr = nlmsg_hdr(msg); 314 void *data = nlmsg_data(hdr); 315 /* 316 * This would use nlmsg_datalen() or the older nlmsg_len() if 317 * only libnl were to maintain a stable API.. Neither will work 318 * with all released versions, so just calculate the length 319 * here. 320 */ 321 int len = hdr->nlmsg_len - NLMSG_HDRLEN; 322 323 os_memset(data, 0, len); 324 } 325} 326 327 328static int send_and_recv(struct nl80211_global *global, 329 struct nl_handle *nl_handle, struct nl_msg *msg, 330 int (*valid_handler)(struct nl_msg *, void *), 331 void *valid_data) 332{ 333 struct nl_cb *cb; 334 int err = -ENOMEM; 335 336 if (!msg) 337 return -ENOMEM; 338 339 cb = nl_cb_clone(global->nl_cb); 340 if (!cb) 341 goto out; 342 343 err = nl_send_auto_complete(nl_handle, msg); 344 if (err < 0) 345 goto out; 346 347 err = 1; 348 349 nl_cb_err(cb, NL_CB_CUSTOM, error_handler, &err); 350 nl_cb_set(cb, NL_CB_FINISH, NL_CB_CUSTOM, finish_handler, &err); 351 nl_cb_set(cb, NL_CB_ACK, NL_CB_CUSTOM, ack_handler, &err); 352 353 if (valid_handler) 354 nl_cb_set(cb, NL_CB_VALID, NL_CB_CUSTOM, 355 valid_handler, valid_data); 356 357 while (err > 0) { 358 int res = nl_recvmsgs(nl_handle, cb); 359 if (res < 0) { 360 wpa_printf(MSG_INFO, 361 "nl80211: %s->nl_recvmsgs failed: %d", 362 __func__, res); 363 } 364 } 365 out: 366 nl_cb_put(cb); 367 if (!valid_handler && valid_data == (void *) -1) 368 nl80211_nlmsg_clear(msg); 369 nlmsg_free(msg); 370 return err; 371} 372 373 374int send_and_recv_msgs(struct wpa_driver_nl80211_data *drv, 375 struct nl_msg *msg, 376 int (*valid_handler)(struct nl_msg *, void *), 377 void *valid_data) 378{ 379 return send_and_recv(drv->global, drv->global->nl, msg, 380 valid_handler, valid_data); 381} 382 383 384struct family_data { 385 const char *group; 386 int id; 387}; 388 389 390static int family_handler(struct nl_msg *msg, void *arg) 391{ 392 struct family_data *res = arg; 393 struct nlattr *tb[CTRL_ATTR_MAX + 1]; 394 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); 395 struct nlattr *mcgrp; 396 int i; 397 398 nla_parse(tb, CTRL_ATTR_MAX, genlmsg_attrdata(gnlh, 0), 399 genlmsg_attrlen(gnlh, 0), NULL); 400 if (!tb[CTRL_ATTR_MCAST_GROUPS]) 401 return NL_SKIP; 402 403 nla_for_each_nested(mcgrp, tb[CTRL_ATTR_MCAST_GROUPS], i) { 404 struct nlattr *tb2[CTRL_ATTR_MCAST_GRP_MAX + 1]; 405 nla_parse(tb2, CTRL_ATTR_MCAST_GRP_MAX, nla_data(mcgrp), 406 nla_len(mcgrp), NULL); 407 if (!tb2[CTRL_ATTR_MCAST_GRP_NAME] || 408 !tb2[CTRL_ATTR_MCAST_GRP_ID] || 409 os_strncmp(nla_data(tb2[CTRL_ATTR_MCAST_GRP_NAME]), 410 res->group, 411 nla_len(tb2[CTRL_ATTR_MCAST_GRP_NAME])) != 0) 412 continue; 413 res->id = nla_get_u32(tb2[CTRL_ATTR_MCAST_GRP_ID]); 414 break; 415 }; 416 417 return NL_SKIP; 418} 419 420 421static int nl_get_multicast_id(struct nl80211_global *global, 422 const char *family, const char *group) 423{ 424 struct nl_msg *msg; 425 int ret; 426 struct family_data res = { group, -ENOENT }; 427 428 msg = nlmsg_alloc(); 429 if (!msg) 430 return -ENOMEM; 431 if (!genlmsg_put(msg, 0, 0, genl_ctrl_resolve(global->nl, "nlctrl"), 432 0, 0, CTRL_CMD_GETFAMILY, 0) || 433 nla_put_string(msg, CTRL_ATTR_FAMILY_NAME, family)) { 434 nlmsg_free(msg); 435 return -1; 436 } 437 438 ret = send_and_recv(global, global->nl, msg, family_handler, &res); 439 if (ret == 0) 440 ret = res.id; 441 return ret; 442} 443 444 445void * nl80211_cmd(struct wpa_driver_nl80211_data *drv, 446 struct nl_msg *msg, int flags, uint8_t cmd) 447{ 448 return genlmsg_put(msg, 0, 0, drv->global->nl80211_id, 449 0, flags, cmd, 0); 450} 451 452 453static int nl80211_set_iface_id(struct nl_msg *msg, struct i802_bss *bss) 454{ 455 if (bss->wdev_id_set) 456 return nla_put_u64(msg, NL80211_ATTR_WDEV, bss->wdev_id); 457 return nla_put_u32(msg, NL80211_ATTR_IFINDEX, bss->ifindex); 458} 459 460 461struct nl_msg * nl80211_cmd_msg(struct i802_bss *bss, int flags, uint8_t cmd) 462{ 463 struct nl_msg *msg; 464 465 msg = nlmsg_alloc(); 466 if (!msg) 467 return NULL; 468 469 if (!nl80211_cmd(bss->drv, msg, flags, cmd) || 470 nl80211_set_iface_id(msg, bss) < 0) { 471 nlmsg_free(msg); 472 return NULL; 473 } 474 475 return msg; 476} 477 478 479static struct nl_msg * 480nl80211_ifindex_msg(struct wpa_driver_nl80211_data *drv, int ifindex, 481 int flags, uint8_t cmd) 482{ 483 struct nl_msg *msg; 484 485 msg = nlmsg_alloc(); 486 if (!msg) 487 return NULL; 488 489 if (!nl80211_cmd(drv, msg, flags, cmd) || 490 nla_put_u32(msg, NL80211_ATTR_IFINDEX, ifindex)) { 491 nlmsg_free(msg); 492 return NULL; 493 } 494 495 return msg; 496} 497 498 499struct nl_msg * nl80211_drv_msg(struct wpa_driver_nl80211_data *drv, int flags, 500 uint8_t cmd) 501{ 502 return nl80211_ifindex_msg(drv, drv->ifindex, flags, cmd); 503} 504 505 506struct nl_msg * nl80211_bss_msg(struct i802_bss *bss, int flags, uint8_t cmd) 507{ 508 return nl80211_ifindex_msg(bss->drv, bss->ifindex, flags, cmd); 509} 510 511 512struct wiphy_idx_data { 513 int wiphy_idx; 514 enum nl80211_iftype nlmode; 515 u8 *macaddr; 516}; 517 518 519static int netdev_info_handler(struct nl_msg *msg, void *arg) 520{ 521 struct nlattr *tb[NL80211_ATTR_MAX + 1]; 522 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); 523 struct wiphy_idx_data *info = arg; 524 525 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), 526 genlmsg_attrlen(gnlh, 0), NULL); 527 528 if (tb[NL80211_ATTR_WIPHY]) 529 info->wiphy_idx = nla_get_u32(tb[NL80211_ATTR_WIPHY]); 530 531 if (tb[NL80211_ATTR_IFTYPE]) 532 info->nlmode = nla_get_u32(tb[NL80211_ATTR_IFTYPE]); 533 534 if (tb[NL80211_ATTR_MAC] && info->macaddr) 535 os_memcpy(info->macaddr, nla_data(tb[NL80211_ATTR_MAC]), 536 ETH_ALEN); 537 538 return NL_SKIP; 539} 540 541 542int nl80211_get_wiphy_index(struct i802_bss *bss) 543{ 544 struct nl_msg *msg; 545 struct wiphy_idx_data data = { 546 .wiphy_idx = -1, 547 .macaddr = NULL, 548 }; 549 550 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_GET_INTERFACE))) 551 return -1; 552 553 if (send_and_recv_msgs(bss->drv, msg, netdev_info_handler, &data) == 0) 554 return data.wiphy_idx; 555 return -1; 556} 557 558 559static enum nl80211_iftype nl80211_get_ifmode(struct i802_bss *bss) 560{ 561 struct nl_msg *msg; 562 struct wiphy_idx_data data = { 563 .nlmode = NL80211_IFTYPE_UNSPECIFIED, 564 .macaddr = NULL, 565 }; 566 567 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_GET_INTERFACE))) 568 return NL80211_IFTYPE_UNSPECIFIED; 569 570 if (send_and_recv_msgs(bss->drv, msg, netdev_info_handler, &data) == 0) 571 return data.nlmode; 572 return NL80211_IFTYPE_UNSPECIFIED; 573} 574 575 576static int nl80211_get_macaddr(struct i802_bss *bss) 577{ 578 struct nl_msg *msg; 579 struct wiphy_idx_data data = { 580 .macaddr = bss->addr, 581 }; 582 583 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_GET_INTERFACE))) 584 return -1; 585 586 return send_and_recv_msgs(bss->drv, msg, netdev_info_handler, &data); 587} 588 589 590static int nl80211_register_beacons(struct wpa_driver_nl80211_data *drv, 591 struct nl80211_wiphy_data *w) 592{ 593 struct nl_msg *msg; 594 int ret; 595 596 msg = nlmsg_alloc(); 597 if (!msg) 598 return -1; 599 600 if (!nl80211_cmd(drv, msg, 0, NL80211_CMD_REGISTER_BEACONS) || 601 nla_put_u32(msg, NL80211_ATTR_WIPHY, w->wiphy_idx)) { 602 nlmsg_free(msg); 603 return -1; 604 } 605 606 ret = send_and_recv(drv->global, w->nl_beacons, msg, NULL, NULL); 607 if (ret) { 608 wpa_printf(MSG_DEBUG, "nl80211: Register beacons command " 609 "failed: ret=%d (%s)", 610 ret, strerror(-ret)); 611 } 612 return ret; 613} 614 615 616static void nl80211_recv_beacons(int sock, void *eloop_ctx, void *handle) 617{ 618 struct nl80211_wiphy_data *w = eloop_ctx; 619 int res; 620 621 wpa_printf(MSG_EXCESSIVE, "nl80211: Beacon event message available"); 622 623 res = nl_recvmsgs(handle, w->nl_cb); 624 if (res < 0) { 625 wpa_printf(MSG_INFO, "nl80211: %s->nl_recvmsgs failed: %d", 626 __func__, res); 627 } 628} 629 630 631static int process_beacon_event(struct nl_msg *msg, void *arg) 632{ 633 struct nl80211_wiphy_data *w = arg; 634 struct wpa_driver_nl80211_data *drv; 635 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); 636 struct nlattr *tb[NL80211_ATTR_MAX + 1]; 637 union wpa_event_data event; 638 639 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), 640 genlmsg_attrlen(gnlh, 0), NULL); 641 642 if (gnlh->cmd != NL80211_CMD_FRAME) { 643 wpa_printf(MSG_DEBUG, "nl80211: Unexpected beacon event? (%d)", 644 gnlh->cmd); 645 return NL_SKIP; 646 } 647 648 if (!tb[NL80211_ATTR_FRAME]) 649 return NL_SKIP; 650 651 dl_list_for_each(drv, &w->drvs, struct wpa_driver_nl80211_data, 652 wiphy_list) { 653 os_memset(&event, 0, sizeof(event)); 654 event.rx_mgmt.frame = nla_data(tb[NL80211_ATTR_FRAME]); 655 event.rx_mgmt.frame_len = nla_len(tb[NL80211_ATTR_FRAME]); 656 wpa_supplicant_event(drv->ctx, EVENT_RX_MGMT, &event); 657 } 658 659 return NL_SKIP; 660} 661 662 663static struct nl80211_wiphy_data * 664nl80211_get_wiphy_data_ap(struct i802_bss *bss) 665{ 666 static DEFINE_DL_LIST(nl80211_wiphys); 667 struct nl80211_wiphy_data *w; 668 int wiphy_idx, found = 0; 669 struct i802_bss *tmp_bss; 670 671 if (bss->wiphy_data != NULL) 672 return bss->wiphy_data; 673 674 wiphy_idx = nl80211_get_wiphy_index(bss); 675 676 dl_list_for_each(w, &nl80211_wiphys, struct nl80211_wiphy_data, list) { 677 if (w->wiphy_idx == wiphy_idx) 678 goto add; 679 } 680 681 /* alloc new one */ 682 w = os_zalloc(sizeof(*w)); 683 if (w == NULL) 684 return NULL; 685 w->wiphy_idx = wiphy_idx; 686 dl_list_init(&w->bsss); 687 dl_list_init(&w->drvs); 688 689 w->nl_cb = nl_cb_alloc(NL_CB_DEFAULT); 690 if (!w->nl_cb) { 691 os_free(w); 692 return NULL; 693 } 694 nl_cb_set(w->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM, no_seq_check, NULL); 695 nl_cb_set(w->nl_cb, NL_CB_VALID, NL_CB_CUSTOM, process_beacon_event, 696 w); 697 698 w->nl_beacons = nl_create_handle(bss->drv->global->nl_cb, 699 "wiphy beacons"); 700 if (w->nl_beacons == NULL) { 701 os_free(w); 702 return NULL; 703 } 704 705 if (nl80211_register_beacons(bss->drv, w)) { 706 nl_destroy_handles(&w->nl_beacons); 707 os_free(w); 708 return NULL; 709 } 710 711 nl80211_register_eloop_read(&w->nl_beacons, nl80211_recv_beacons, w); 712 713 dl_list_add(&nl80211_wiphys, &w->list); 714 715add: 716 /* drv entry for this bss already there? */ 717 dl_list_for_each(tmp_bss, &w->bsss, struct i802_bss, wiphy_list) { 718 if (tmp_bss->drv == bss->drv) { 719 found = 1; 720 break; 721 } 722 } 723 /* if not add it */ 724 if (!found) 725 dl_list_add(&w->drvs, &bss->drv->wiphy_list); 726 727 dl_list_add(&w->bsss, &bss->wiphy_list); 728 bss->wiphy_data = w; 729 return w; 730} 731 732 733static void nl80211_put_wiphy_data_ap(struct i802_bss *bss) 734{ 735 struct nl80211_wiphy_data *w = bss->wiphy_data; 736 struct i802_bss *tmp_bss; 737 int found = 0; 738 739 if (w == NULL) 740 return; 741 bss->wiphy_data = NULL; 742 dl_list_del(&bss->wiphy_list); 743 744 /* still any for this drv present? */ 745 dl_list_for_each(tmp_bss, &w->bsss, struct i802_bss, wiphy_list) { 746 if (tmp_bss->drv == bss->drv) { 747 found = 1; 748 break; 749 } 750 } 751 /* if not remove it */ 752 if (!found) 753 dl_list_del(&bss->drv->wiphy_list); 754 755 if (!dl_list_empty(&w->bsss)) 756 return; 757 758 nl80211_destroy_eloop_handle(&w->nl_beacons); 759 760 nl_cb_put(w->nl_cb); 761 dl_list_del(&w->list); 762 os_free(w); 763} 764 765 766static unsigned int nl80211_get_ifindex(void *priv) 767{ 768 struct i802_bss *bss = priv; 769 struct wpa_driver_nl80211_data *drv = bss->drv; 770 771 return drv->ifindex; 772} 773 774 775static int wpa_driver_nl80211_get_bssid(void *priv, u8 *bssid) 776{ 777 struct i802_bss *bss = priv; 778 struct wpa_driver_nl80211_data *drv = bss->drv; 779 if (!drv->associated) 780 return -1; 781 os_memcpy(bssid, drv->bssid, ETH_ALEN); 782 return 0; 783} 784 785 786static int wpa_driver_nl80211_get_ssid(void *priv, u8 *ssid) 787{ 788 struct i802_bss *bss = priv; 789 struct wpa_driver_nl80211_data *drv = bss->drv; 790 if (!drv->associated) 791 return -1; 792 os_memcpy(ssid, drv->ssid, drv->ssid_len); 793 return drv->ssid_len; 794} 795 796 797static void wpa_driver_nl80211_event_newlink( 798 struct nl80211_global *global, struct wpa_driver_nl80211_data *drv, 799 int ifindex, const char *ifname) 800{ 801 union wpa_event_data event; 802 803 if (drv && os_strcmp(drv->first_bss->ifname, ifname) == 0) { 804 if (if_nametoindex(drv->first_bss->ifname) == 0) { 805 wpa_printf(MSG_DEBUG, "nl80211: Interface %s does not exist - ignore RTM_NEWLINK", 806 drv->first_bss->ifname); 807 return; 808 } 809 if (!drv->if_removed) 810 return; 811 wpa_printf(MSG_DEBUG, "nl80211: Mark if_removed=0 for %s based on RTM_NEWLINK event", 812 drv->first_bss->ifname); 813 drv->if_removed = 0; 814 } 815 816 os_memset(&event, 0, sizeof(event)); 817 event.interface_status.ifindex = ifindex; 818 os_strlcpy(event.interface_status.ifname, ifname, 819 sizeof(event.interface_status.ifname)); 820 event.interface_status.ievent = EVENT_INTERFACE_ADDED; 821 if (drv) 822 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_STATUS, &event); 823 else 824 wpa_supplicant_event_global(global->ctx, EVENT_INTERFACE_STATUS, 825 &event); 826} 827 828 829static void wpa_driver_nl80211_event_dellink( 830 struct nl80211_global *global, struct wpa_driver_nl80211_data *drv, 831 int ifindex, const char *ifname) 832{ 833 union wpa_event_data event; 834 835 if (drv && os_strcmp(drv->first_bss->ifname, ifname) == 0) { 836 if (drv->if_removed) { 837 wpa_printf(MSG_DEBUG, "nl80211: if_removed already set - ignore RTM_DELLINK event for %s", 838 ifname); 839 return; 840 } 841 wpa_printf(MSG_DEBUG, "RTM_DELLINK: Interface '%s' removed - mark if_removed=1", 842 ifname); 843 drv->if_removed = 1; 844 } else { 845 wpa_printf(MSG_DEBUG, "RTM_DELLINK: Interface '%s' removed", 846 ifname); 847 } 848 849 os_memset(&event, 0, sizeof(event)); 850 event.interface_status.ifindex = ifindex; 851 os_strlcpy(event.interface_status.ifname, ifname, 852 sizeof(event.interface_status.ifname)); 853 event.interface_status.ievent = EVENT_INTERFACE_REMOVED; 854 if (drv) 855 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_STATUS, &event); 856 else 857 wpa_supplicant_event_global(global->ctx, EVENT_INTERFACE_STATUS, 858 &event); 859} 860 861 862static int wpa_driver_nl80211_own_ifname(struct wpa_driver_nl80211_data *drv, 863 u8 *buf, size_t len) 864{ 865 int attrlen, rta_len; 866 struct rtattr *attr; 867 868 attrlen = len; 869 attr = (struct rtattr *) buf; 870 871 rta_len = RTA_ALIGN(sizeof(struct rtattr)); 872 while (RTA_OK(attr, attrlen)) { 873 if (attr->rta_type == IFLA_IFNAME) { 874 if (os_strcmp(((char *) attr) + rta_len, 875 drv->first_bss->ifname) == 0) 876 return 1; 877 else 878 break; 879 } 880 attr = RTA_NEXT(attr, attrlen); 881 } 882 883 return 0; 884} 885 886 887static int wpa_driver_nl80211_own_ifindex(struct wpa_driver_nl80211_data *drv, 888 int ifindex, u8 *buf, size_t len) 889{ 890 if (drv->ifindex == ifindex) 891 return 1; 892 893 if (drv->if_removed && wpa_driver_nl80211_own_ifname(drv, buf, len)) { 894 nl80211_check_global(drv->global); 895 wpa_printf(MSG_DEBUG, "nl80211: Update ifindex for a removed " 896 "interface"); 897 wpa_driver_nl80211_finish_drv_init(drv, NULL, 0, NULL); 898 return 1; 899 } 900 901 return 0; 902} 903 904 905static struct wpa_driver_nl80211_data * 906nl80211_find_drv(struct nl80211_global *global, int idx, u8 *buf, size_t len) 907{ 908 struct wpa_driver_nl80211_data *drv; 909 dl_list_for_each(drv, &global->interfaces, 910 struct wpa_driver_nl80211_data, list) { 911 if (wpa_driver_nl80211_own_ifindex(drv, idx, buf, len) || 912 have_ifidx(drv, idx, IFIDX_ANY)) 913 return drv; 914 } 915 return NULL; 916} 917 918 919static void wpa_driver_nl80211_event_rtm_newlink(void *ctx, 920 struct ifinfomsg *ifi, 921 u8 *buf, size_t len) 922{ 923 struct nl80211_global *global = ctx; 924 struct wpa_driver_nl80211_data *drv; 925 int attrlen; 926 struct rtattr *attr; 927 u32 brid = 0; 928 char namebuf[IFNAMSIZ]; 929 char ifname[IFNAMSIZ + 1]; 930 char extra[100], *pos, *end; 931 932 extra[0] = '\0'; 933 pos = extra; 934 end = pos + sizeof(extra); 935 ifname[0] = '\0'; 936 937 attrlen = len; 938 attr = (struct rtattr *) buf; 939 while (RTA_OK(attr, attrlen)) { 940 switch (attr->rta_type) { 941 case IFLA_IFNAME: 942 if (RTA_PAYLOAD(attr) >= IFNAMSIZ) 943 break; 944 os_memcpy(ifname, RTA_DATA(attr), RTA_PAYLOAD(attr)); 945 ifname[RTA_PAYLOAD(attr)] = '\0'; 946 break; 947 case IFLA_MASTER: 948 brid = nla_get_u32((struct nlattr *) attr); 949 pos += os_snprintf(pos, end - pos, " master=%u", brid); 950 break; 951 case IFLA_WIRELESS: 952 pos += os_snprintf(pos, end - pos, " wext"); 953 break; 954 case IFLA_OPERSTATE: 955 pos += os_snprintf(pos, end - pos, " operstate=%u", 956 nla_get_u32((struct nlattr *) attr)); 957 break; 958 case IFLA_LINKMODE: 959 pos += os_snprintf(pos, end - pos, " linkmode=%u", 960 nla_get_u32((struct nlattr *) attr)); 961 break; 962 } 963 attr = RTA_NEXT(attr, attrlen); 964 } 965 extra[sizeof(extra) - 1] = '\0'; 966 967 wpa_printf(MSG_DEBUG, "RTM_NEWLINK: ifi_index=%d ifname=%s%s ifi_family=%d ifi_flags=0x%x (%s%s%s%s)", 968 ifi->ifi_index, ifname, extra, ifi->ifi_family, 969 ifi->ifi_flags, 970 (ifi->ifi_flags & IFF_UP) ? "[UP]" : "", 971 (ifi->ifi_flags & IFF_RUNNING) ? "[RUNNING]" : "", 972 (ifi->ifi_flags & IFF_LOWER_UP) ? "[LOWER_UP]" : "", 973 (ifi->ifi_flags & IFF_DORMANT) ? "[DORMANT]" : ""); 974 975 drv = nl80211_find_drv(global, ifi->ifi_index, buf, len); 976 if (!drv) 977 goto event_newlink; 978 979 if (!drv->if_disabled && !(ifi->ifi_flags & IFF_UP)) { 980 namebuf[0] = '\0'; 981 if (if_indextoname(ifi->ifi_index, namebuf) && 982 linux_iface_up(drv->global->ioctl_sock, namebuf) > 0) { 983 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface down " 984 "event since interface %s is up", namebuf); 985 drv->ignore_if_down_event = 0; 986 return; 987 } 988 wpa_printf(MSG_DEBUG, "nl80211: Interface down (%s/%s)", 989 namebuf, ifname); 990 if (os_strcmp(drv->first_bss->ifname, ifname) != 0) { 991 wpa_printf(MSG_DEBUG, 992 "nl80211: Not the main interface (%s) - do not indicate interface down", 993 drv->first_bss->ifname); 994 } else if (drv->ignore_if_down_event) { 995 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface down " 996 "event generated by mode change"); 997 drv->ignore_if_down_event = 0; 998 } else { 999 drv->if_disabled = 1; 1000 wpa_supplicant_event(drv->ctx, 1001 EVENT_INTERFACE_DISABLED, NULL); 1002 1003 /* 1004 * Try to get drv again, since it may be removed as 1005 * part of the EVENT_INTERFACE_DISABLED handling for 1006 * dynamic interfaces 1007 */ 1008 drv = nl80211_find_drv(global, ifi->ifi_index, 1009 buf, len); 1010 if (!drv) 1011 return; 1012 } 1013 } 1014 1015 if (drv->if_disabled && (ifi->ifi_flags & IFF_UP)) { 1016 if (if_indextoname(ifi->ifi_index, namebuf) && 1017 linux_iface_up(drv->global->ioctl_sock, namebuf) == 0) { 1018 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface up " 1019 "event since interface %s is down", 1020 namebuf); 1021 } else if (if_nametoindex(drv->first_bss->ifname) == 0) { 1022 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface up " 1023 "event since interface %s does not exist", 1024 drv->first_bss->ifname); 1025 } else if (drv->if_removed) { 1026 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface up " 1027 "event since interface %s is marked " 1028 "removed", drv->first_bss->ifname); 1029 } else { 1030 struct i802_bss *bss; 1031 u8 addr[ETH_ALEN]; 1032 1033 /* Re-read MAC address as it may have changed */ 1034 bss = get_bss_ifindex(drv, ifi->ifi_index); 1035 if (bss && 1036 linux_get_ifhwaddr(drv->global->ioctl_sock, 1037 bss->ifname, addr) < 0) { 1038 wpa_printf(MSG_DEBUG, 1039 "nl80211: %s: failed to re-read MAC address", 1040 bss->ifname); 1041 } else if (bss && 1042 os_memcmp(addr, bss->addr, ETH_ALEN) != 0) { 1043 wpa_printf(MSG_DEBUG, 1044 "nl80211: Own MAC address on ifindex %d (%s) changed from " 1045 MACSTR " to " MACSTR, 1046 ifi->ifi_index, bss->ifname, 1047 MAC2STR(bss->addr), 1048 MAC2STR(addr)); 1049 os_memcpy(bss->addr, addr, ETH_ALEN); 1050 } 1051 1052 wpa_printf(MSG_DEBUG, "nl80211: Interface up"); 1053 drv->if_disabled = 0; 1054 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_ENABLED, 1055 NULL); 1056 } 1057 } 1058 1059 /* 1060 * Some drivers send the association event before the operup event--in 1061 * this case, lifting operstate in wpa_driver_nl80211_set_operstate() 1062 * fails. This will hit us when wpa_supplicant does not need to do 1063 * IEEE 802.1X authentication 1064 */ 1065 if (drv->operstate == 1 && 1066 (ifi->ifi_flags & (IFF_LOWER_UP | IFF_DORMANT)) == IFF_LOWER_UP && 1067 !(ifi->ifi_flags & IFF_RUNNING)) { 1068 wpa_printf(MSG_DEBUG, "nl80211: Set IF_OPER_UP again based on ifi_flags and expected operstate"); 1069 netlink_send_oper_ifla(drv->global->netlink, drv->ifindex, 1070 -1, IF_OPER_UP); 1071 } 1072 1073event_newlink: 1074 if (ifname[0]) 1075 wpa_driver_nl80211_event_newlink(global, drv, ifi->ifi_index, 1076 ifname); 1077 1078 if (ifi->ifi_family == AF_BRIDGE && brid && drv) { 1079 struct i802_bss *bss; 1080 1081 /* device has been added to bridge */ 1082 if (!if_indextoname(brid, namebuf)) { 1083 wpa_printf(MSG_DEBUG, 1084 "nl80211: Could not find bridge ifname for ifindex %u", 1085 brid); 1086 return; 1087 } 1088 wpa_printf(MSG_DEBUG, "nl80211: Add ifindex %u for bridge %s", 1089 brid, namebuf); 1090 add_ifidx(drv, brid, ifi->ifi_index); 1091 1092 for (bss = drv->first_bss; bss; bss = bss->next) { 1093 if (os_strcmp(ifname, bss->ifname) == 0) { 1094 os_strlcpy(bss->brname, namebuf, IFNAMSIZ); 1095 break; 1096 } 1097 } 1098 } 1099} 1100 1101 1102static void wpa_driver_nl80211_event_rtm_dellink(void *ctx, 1103 struct ifinfomsg *ifi, 1104 u8 *buf, size_t len) 1105{ 1106 struct nl80211_global *global = ctx; 1107 struct wpa_driver_nl80211_data *drv; 1108 int attrlen; 1109 struct rtattr *attr; 1110 u32 brid = 0; 1111 char ifname[IFNAMSIZ + 1]; 1112 char extra[100], *pos, *end; 1113 1114 extra[0] = '\0'; 1115 pos = extra; 1116 end = pos + sizeof(extra); 1117 ifname[0] = '\0'; 1118 1119 attrlen = len; 1120 attr = (struct rtattr *) buf; 1121 while (RTA_OK(attr, attrlen)) { 1122 switch (attr->rta_type) { 1123 case IFLA_IFNAME: 1124 if (RTA_PAYLOAD(attr) >= IFNAMSIZ) 1125 break; 1126 os_memcpy(ifname, RTA_DATA(attr), RTA_PAYLOAD(attr)); 1127 ifname[RTA_PAYLOAD(attr)] = '\0'; 1128 break; 1129 case IFLA_MASTER: 1130 brid = nla_get_u32((struct nlattr *) attr); 1131 pos += os_snprintf(pos, end - pos, " master=%u", brid); 1132 break; 1133 case IFLA_OPERSTATE: 1134 pos += os_snprintf(pos, end - pos, " operstate=%u", 1135 nla_get_u32((struct nlattr *) attr)); 1136 break; 1137 case IFLA_LINKMODE: 1138 pos += os_snprintf(pos, end - pos, " linkmode=%u", 1139 nla_get_u32((struct nlattr *) attr)); 1140 break; 1141 } 1142 attr = RTA_NEXT(attr, attrlen); 1143 } 1144 extra[sizeof(extra) - 1] = '\0'; 1145 1146 wpa_printf(MSG_DEBUG, "RTM_DELLINK: ifi_index=%d ifname=%s%s ifi_family=%d ifi_flags=0x%x (%s%s%s%s)", 1147 ifi->ifi_index, ifname, extra, ifi->ifi_family, 1148 ifi->ifi_flags, 1149 (ifi->ifi_flags & IFF_UP) ? "[UP]" : "", 1150 (ifi->ifi_flags & IFF_RUNNING) ? "[RUNNING]" : "", 1151 (ifi->ifi_flags & IFF_LOWER_UP) ? "[LOWER_UP]" : "", 1152 (ifi->ifi_flags & IFF_DORMANT) ? "[DORMANT]" : ""); 1153 1154 drv = nl80211_find_drv(global, ifi->ifi_index, buf, len); 1155 1156 if (ifi->ifi_family == AF_BRIDGE && brid && drv) { 1157 /* device has been removed from bridge */ 1158 char namebuf[IFNAMSIZ]; 1159 1160 if (!if_indextoname(brid, namebuf)) { 1161 wpa_printf(MSG_DEBUG, 1162 "nl80211: Could not find bridge ifname for ifindex %u", 1163 brid); 1164 } else { 1165 wpa_printf(MSG_DEBUG, 1166 "nl80211: Remove ifindex %u for bridge %s", 1167 brid, namebuf); 1168 } 1169 del_ifidx(drv, brid, ifi->ifi_index); 1170 } 1171 1172 if (ifi->ifi_family != AF_BRIDGE || !brid) 1173 wpa_driver_nl80211_event_dellink(global, drv, ifi->ifi_index, 1174 ifname); 1175} 1176 1177 1178unsigned int nl80211_get_assoc_freq(struct wpa_driver_nl80211_data *drv) 1179{ 1180 struct nl_msg *msg; 1181 int ret; 1182 struct nl80211_bss_info_arg arg; 1183 1184 msg = nl80211_drv_msg(drv, NLM_F_DUMP, NL80211_CMD_GET_SCAN); 1185 os_memset(&arg, 0, sizeof(arg)); 1186 arg.drv = drv; 1187 ret = send_and_recv_msgs(drv, msg, bss_info_handler, &arg); 1188 if (ret == 0) { 1189 unsigned int freq = drv->nlmode == NL80211_IFTYPE_ADHOC ? 1190 arg.ibss_freq : arg.assoc_freq; 1191 wpa_printf(MSG_DEBUG, "nl80211: Operating frequency for the " 1192 "associated BSS from scan results: %u MHz", freq); 1193 if (freq) 1194 drv->assoc_freq = freq; 1195 return drv->assoc_freq; 1196 } 1197 wpa_printf(MSG_DEBUG, "nl80211: Scan result fetch failed: ret=%d " 1198 "(%s)", ret, strerror(-ret)); 1199 return drv->assoc_freq; 1200} 1201 1202 1203static int get_link_signal(struct nl_msg *msg, void *arg) 1204{ 1205 struct nlattr *tb[NL80211_ATTR_MAX + 1]; 1206 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); 1207 struct nlattr *sinfo[NL80211_STA_INFO_MAX + 1]; 1208 static struct nla_policy policy[NL80211_STA_INFO_MAX + 1] = { 1209 [NL80211_STA_INFO_SIGNAL] = { .type = NLA_U8 }, 1210 [NL80211_STA_INFO_SIGNAL_AVG] = { .type = NLA_U8 }, 1211 [NL80211_STA_INFO_BEACON_SIGNAL_AVG] = { .type = NLA_U8 }, 1212 }; 1213 struct nlattr *rinfo[NL80211_RATE_INFO_MAX + 1]; 1214 static struct nla_policy rate_policy[NL80211_RATE_INFO_MAX + 1] = { 1215 [NL80211_RATE_INFO_BITRATE] = { .type = NLA_U16 }, 1216 [NL80211_RATE_INFO_MCS] = { .type = NLA_U8 }, 1217 [NL80211_RATE_INFO_40_MHZ_WIDTH] = { .type = NLA_FLAG }, 1218 [NL80211_RATE_INFO_SHORT_GI] = { .type = NLA_FLAG }, 1219 }; 1220 struct wpa_signal_info *sig_change = arg; 1221 1222 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), 1223 genlmsg_attrlen(gnlh, 0), NULL); 1224 if (!tb[NL80211_ATTR_STA_INFO] || 1225 nla_parse_nested(sinfo, NL80211_STA_INFO_MAX, 1226 tb[NL80211_ATTR_STA_INFO], policy)) 1227 return NL_SKIP; 1228 if (!sinfo[NL80211_STA_INFO_SIGNAL]) 1229 return NL_SKIP; 1230 1231 sig_change->current_signal = 1232 (s8) nla_get_u8(sinfo[NL80211_STA_INFO_SIGNAL]); 1233 1234 if (sinfo[NL80211_STA_INFO_SIGNAL_AVG]) 1235 sig_change->avg_signal = 1236 (s8) nla_get_u8(sinfo[NL80211_STA_INFO_SIGNAL_AVG]); 1237 else 1238 sig_change->avg_signal = 0; 1239 1240 if (sinfo[NL80211_STA_INFO_BEACON_SIGNAL_AVG]) 1241 sig_change->avg_beacon_signal = 1242 (s8) 1243 nla_get_u8(sinfo[NL80211_STA_INFO_BEACON_SIGNAL_AVG]); 1244 else 1245 sig_change->avg_beacon_signal = 0; 1246 1247 if (sinfo[NL80211_STA_INFO_TX_BITRATE]) { 1248 if (nla_parse_nested(rinfo, NL80211_RATE_INFO_MAX, 1249 sinfo[NL80211_STA_INFO_TX_BITRATE], 1250 rate_policy)) { 1251 sig_change->current_txrate = 0; 1252 } else { 1253 if (rinfo[NL80211_RATE_INFO_BITRATE]) { 1254 sig_change->current_txrate = 1255 nla_get_u16(rinfo[ 1256 NL80211_RATE_INFO_BITRATE]) * 100; 1257 } 1258 } 1259 } 1260 1261 return NL_SKIP; 1262} 1263 1264 1265int nl80211_get_link_signal(struct wpa_driver_nl80211_data *drv, 1266 struct wpa_signal_info *sig) 1267{ 1268 struct nl_msg *msg; 1269 1270 sig->current_signal = -9999; 1271 sig->current_txrate = 0; 1272 1273 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_GET_STATION)) || 1274 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, drv->bssid)) { 1275 nlmsg_free(msg); 1276 return -ENOBUFS; 1277 } 1278 1279 return send_and_recv_msgs(drv, msg, get_link_signal, sig); 1280} 1281 1282 1283static int get_link_noise(struct nl_msg *msg, void *arg) 1284{ 1285 struct nlattr *tb[NL80211_ATTR_MAX + 1]; 1286 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); 1287 struct nlattr *sinfo[NL80211_SURVEY_INFO_MAX + 1]; 1288 static struct nla_policy survey_policy[NL80211_SURVEY_INFO_MAX + 1] = { 1289 [NL80211_SURVEY_INFO_FREQUENCY] = { .type = NLA_U32 }, 1290 [NL80211_SURVEY_INFO_NOISE] = { .type = NLA_U8 }, 1291 }; 1292 struct wpa_signal_info *sig_change = arg; 1293 1294 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), 1295 genlmsg_attrlen(gnlh, 0), NULL); 1296 1297 if (!tb[NL80211_ATTR_SURVEY_INFO]) { 1298 wpa_printf(MSG_DEBUG, "nl80211: survey data missing!"); 1299 return NL_SKIP; 1300 } 1301 1302 if (nla_parse_nested(sinfo, NL80211_SURVEY_INFO_MAX, 1303 tb[NL80211_ATTR_SURVEY_INFO], 1304 survey_policy)) { 1305 wpa_printf(MSG_DEBUG, "nl80211: failed to parse nested " 1306 "attributes!"); 1307 return NL_SKIP; 1308 } 1309 1310 if (!sinfo[NL80211_SURVEY_INFO_FREQUENCY]) 1311 return NL_SKIP; 1312 1313 if (nla_get_u32(sinfo[NL80211_SURVEY_INFO_FREQUENCY]) != 1314 sig_change->frequency) 1315 return NL_SKIP; 1316 1317 if (!sinfo[NL80211_SURVEY_INFO_NOISE]) 1318 return NL_SKIP; 1319 1320 sig_change->current_noise = 1321 (s8) nla_get_u8(sinfo[NL80211_SURVEY_INFO_NOISE]); 1322 1323 return NL_SKIP; 1324} 1325 1326 1327int nl80211_get_link_noise(struct wpa_driver_nl80211_data *drv, 1328 struct wpa_signal_info *sig_change) 1329{ 1330 struct nl_msg *msg; 1331 1332 sig_change->current_noise = 9999; 1333 sig_change->frequency = drv->assoc_freq; 1334 1335 msg = nl80211_drv_msg(drv, NLM_F_DUMP, NL80211_CMD_GET_SURVEY); 1336 return send_and_recv_msgs(drv, msg, get_link_noise, sig_change); 1337} 1338 1339 1340static void wpa_driver_nl80211_event_receive(int sock, void *eloop_ctx, 1341 void *handle) 1342{ 1343 struct nl_cb *cb = eloop_ctx; 1344 int res; 1345 1346 wpa_printf(MSG_MSGDUMP, "nl80211: Event message available"); 1347 1348 res = nl_recvmsgs(handle, cb); 1349 if (res < 0) { 1350 wpa_printf(MSG_INFO, "nl80211: %s->nl_recvmsgs failed: %d", 1351 __func__, res); 1352 } 1353} 1354 1355 1356/** 1357 * wpa_driver_nl80211_set_country - ask nl80211 to set the regulatory domain 1358 * @priv: driver_nl80211 private data 1359 * @alpha2_arg: country to which to switch to 1360 * Returns: 0 on success, -1 on failure 1361 * 1362 * This asks nl80211 to set the regulatory domain for given 1363 * country ISO / IEC alpha2. 1364 */ 1365static int wpa_driver_nl80211_set_country(void *priv, const char *alpha2_arg) 1366{ 1367 struct i802_bss *bss = priv; 1368 struct wpa_driver_nl80211_data *drv = bss->drv; 1369 char alpha2[3]; 1370 struct nl_msg *msg; 1371 1372 msg = nlmsg_alloc(); 1373 if (!msg) 1374 return -ENOMEM; 1375 1376 alpha2[0] = alpha2_arg[0]; 1377 alpha2[1] = alpha2_arg[1]; 1378 alpha2[2] = '\0'; 1379 1380 if (!nl80211_cmd(drv, msg, 0, NL80211_CMD_REQ_SET_REG) || 1381 nla_put_string(msg, NL80211_ATTR_REG_ALPHA2, alpha2)) { 1382 nlmsg_free(msg); 1383 return -EINVAL; 1384 } 1385 if (send_and_recv_msgs(drv, msg, NULL, NULL)) 1386 return -EINVAL; 1387 return 0; 1388} 1389 1390 1391static int nl80211_get_country(struct nl_msg *msg, void *arg) 1392{ 1393 char *alpha2 = arg; 1394 struct nlattr *tb_msg[NL80211_ATTR_MAX + 1]; 1395 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); 1396 1397 nla_parse(tb_msg, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), 1398 genlmsg_attrlen(gnlh, 0), NULL); 1399 if (!tb_msg[NL80211_ATTR_REG_ALPHA2]) { 1400 wpa_printf(MSG_DEBUG, "nl80211: No country information available"); 1401 return NL_SKIP; 1402 } 1403 os_strlcpy(alpha2, nla_data(tb_msg[NL80211_ATTR_REG_ALPHA2]), 3); 1404 return NL_SKIP; 1405} 1406 1407 1408static int wpa_driver_nl80211_get_country(void *priv, char *alpha2) 1409{ 1410 struct i802_bss *bss = priv; 1411 struct wpa_driver_nl80211_data *drv = bss->drv; 1412 struct nl_msg *msg; 1413 int ret; 1414 1415 msg = nlmsg_alloc(); 1416 if (!msg) 1417 return -ENOMEM; 1418 1419 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_REG); 1420 alpha2[0] = '\0'; 1421 ret = send_and_recv_msgs(drv, msg, nl80211_get_country, alpha2); 1422 if (!alpha2[0]) 1423 ret = -1; 1424 1425 return ret; 1426} 1427 1428 1429static int wpa_driver_nl80211_init_nl_global(struct nl80211_global *global) 1430{ 1431 int ret; 1432 1433 global->nl_cb = nl_cb_alloc(NL_CB_DEFAULT); 1434 if (global->nl_cb == NULL) { 1435 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate netlink " 1436 "callbacks"); 1437 return -1; 1438 } 1439 1440 global->nl = nl_create_handle(global->nl_cb, "nl"); 1441 if (global->nl == NULL) 1442 goto err; 1443 1444 global->nl80211_id = genl_ctrl_resolve(global->nl, "nl80211"); 1445 if (global->nl80211_id < 0) { 1446 wpa_printf(MSG_ERROR, "nl80211: 'nl80211' generic netlink not " 1447 "found"); 1448 goto err; 1449 } 1450 1451 global->nl_event = nl_create_handle(global->nl_cb, "event"); 1452 if (global->nl_event == NULL) 1453 goto err; 1454 1455 ret = nl_get_multicast_id(global, "nl80211", "scan"); 1456 if (ret >= 0) 1457 ret = nl_socket_add_membership(global->nl_event, ret); 1458 if (ret < 0) { 1459 wpa_printf(MSG_ERROR, "nl80211: Could not add multicast " 1460 "membership for scan events: %d (%s)", 1461 ret, strerror(-ret)); 1462 goto err; 1463 } 1464 1465 ret = nl_get_multicast_id(global, "nl80211", "mlme"); 1466 if (ret >= 0) 1467 ret = nl_socket_add_membership(global->nl_event, ret); 1468 if (ret < 0) { 1469 wpa_printf(MSG_ERROR, "nl80211: Could not add multicast " 1470 "membership for mlme events: %d (%s)", 1471 ret, strerror(-ret)); 1472 goto err; 1473 } 1474 1475 ret = nl_get_multicast_id(global, "nl80211", "regulatory"); 1476 if (ret >= 0) 1477 ret = nl_socket_add_membership(global->nl_event, ret); 1478 if (ret < 0) { 1479 wpa_printf(MSG_DEBUG, "nl80211: Could not add multicast " 1480 "membership for regulatory events: %d (%s)", 1481 ret, strerror(-ret)); 1482 /* Continue without regulatory events */ 1483 } 1484 1485 ret = nl_get_multicast_id(global, "nl80211", "vendor"); 1486 if (ret >= 0) 1487 ret = nl_socket_add_membership(global->nl_event, ret); 1488 if (ret < 0) { 1489 wpa_printf(MSG_DEBUG, "nl80211: Could not add multicast " 1490 "membership for vendor events: %d (%s)", 1491 ret, strerror(-ret)); 1492 /* Continue without vendor events */ 1493 } 1494 1495 nl_cb_set(global->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM, 1496 no_seq_check, NULL); 1497 nl_cb_set(global->nl_cb, NL_CB_VALID, NL_CB_CUSTOM, 1498 process_global_event, global); 1499 1500 nl80211_register_eloop_read(&global->nl_event, 1501 wpa_driver_nl80211_event_receive, 1502 global->nl_cb); 1503 1504 return 0; 1505 1506err: 1507 nl_destroy_handles(&global->nl_event); 1508 nl_destroy_handles(&global->nl); 1509 nl_cb_put(global->nl_cb); 1510 global->nl_cb = NULL; 1511 return -1; 1512} 1513 1514 1515static void nl80211_check_global(struct nl80211_global *global) 1516{ 1517 struct nl_handle *handle; 1518 const char *groups[] = { "scan", "mlme", "regulatory", "vendor", NULL }; 1519 int ret; 1520 unsigned int i; 1521 1522 /* 1523 * Try to re-add memberships to handle case of cfg80211 getting reloaded 1524 * and all registration having been cleared. 1525 */ 1526 handle = (void *) (((intptr_t) global->nl_event) ^ 1527 ELOOP_SOCKET_INVALID); 1528 1529 for (i = 0; groups[i]; i++) { 1530 ret = nl_get_multicast_id(global, "nl80211", groups[i]); 1531 if (ret >= 0) 1532 ret = nl_socket_add_membership(handle, ret); 1533 if (ret < 0) { 1534 wpa_printf(MSG_INFO, 1535 "nl80211: Could not re-add multicast membership for %s events: %d (%s)", 1536 groups[i], ret, strerror(-ret)); 1537 } 1538 } 1539} 1540 1541 1542static void wpa_driver_nl80211_rfkill_blocked(void *ctx) 1543{ 1544 struct wpa_driver_nl80211_data *drv = ctx; 1545 1546 wpa_printf(MSG_DEBUG, "nl80211: RFKILL blocked"); 1547 1548 /* 1549 * rtnetlink ifdown handler will report interfaces other than the P2P 1550 * Device interface as disabled. 1551 */ 1552 if (drv->nlmode == NL80211_IFTYPE_P2P_DEVICE) 1553 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_DISABLED, NULL); 1554} 1555 1556 1557static void wpa_driver_nl80211_rfkill_unblocked(void *ctx) 1558{ 1559 struct wpa_driver_nl80211_data *drv = ctx; 1560 wpa_printf(MSG_DEBUG, "nl80211: RFKILL unblocked"); 1561 if (i802_set_iface_flags(drv->first_bss, 1)) { 1562 wpa_printf(MSG_DEBUG, "nl80211: Could not set interface UP " 1563 "after rfkill unblock"); 1564 return; 1565 } 1566 1567 if (is_p2p_net_interface(drv->nlmode)) 1568 nl80211_disable_11b_rates(drv, drv->ifindex, 1); 1569 1570 /* 1571 * rtnetlink ifup handler will report interfaces other than the P2P 1572 * Device interface as enabled. 1573 */ 1574 if (drv->nlmode == NL80211_IFTYPE_P2P_DEVICE) 1575 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_ENABLED, NULL); 1576} 1577 1578 1579static void wpa_driver_nl80211_handle_eapol_tx_status(int sock, 1580 void *eloop_ctx, 1581 void *handle) 1582{ 1583 struct wpa_driver_nl80211_data *drv = eloop_ctx; 1584 u8 data[2048]; 1585 struct msghdr msg; 1586 struct iovec entry; 1587 u8 control[512]; 1588 struct cmsghdr *cmsg; 1589 int res, found_ee = 0, found_wifi = 0, acked = 0; 1590 union wpa_event_data event; 1591 1592 memset(&msg, 0, sizeof(msg)); 1593 msg.msg_iov = &entry; 1594 msg.msg_iovlen = 1; 1595 entry.iov_base = data; 1596 entry.iov_len = sizeof(data); 1597 msg.msg_control = &control; 1598 msg.msg_controllen = sizeof(control); 1599 1600 res = recvmsg(sock, &msg, MSG_ERRQUEUE); 1601 /* if error or not fitting 802.3 header, return */ 1602 if (res < 14) 1603 return; 1604 1605 for (cmsg = CMSG_FIRSTHDR(&msg); cmsg; cmsg = CMSG_NXTHDR(&msg, cmsg)) 1606 { 1607 if (cmsg->cmsg_level == SOL_SOCKET && 1608 cmsg->cmsg_type == SCM_WIFI_STATUS) { 1609 int *ack; 1610 1611 found_wifi = 1; 1612 ack = (void *)CMSG_DATA(cmsg); 1613 acked = *ack; 1614 } 1615 1616 if (cmsg->cmsg_level == SOL_PACKET && 1617 cmsg->cmsg_type == PACKET_TX_TIMESTAMP) { 1618 struct sock_extended_err *err = 1619 (struct sock_extended_err *)CMSG_DATA(cmsg); 1620 1621 if (err->ee_origin == SO_EE_ORIGIN_TXSTATUS) 1622 found_ee = 1; 1623 } 1624 } 1625 1626 if (!found_ee || !found_wifi) 1627 return; 1628 1629 memset(&event, 0, sizeof(event)); 1630 event.eapol_tx_status.dst = data; 1631 event.eapol_tx_status.data = data + 14; 1632 event.eapol_tx_status.data_len = res - 14; 1633 event.eapol_tx_status.ack = acked; 1634 wpa_supplicant_event(drv->ctx, EVENT_EAPOL_TX_STATUS, &event); 1635} 1636 1637 1638static int nl80211_init_bss(struct i802_bss *bss) 1639{ 1640 bss->nl_cb = nl_cb_alloc(NL_CB_DEFAULT); 1641 if (!bss->nl_cb) 1642 return -1; 1643 1644 nl_cb_set(bss->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM, 1645 no_seq_check, NULL); 1646 nl_cb_set(bss->nl_cb, NL_CB_VALID, NL_CB_CUSTOM, 1647 process_bss_event, bss); 1648 1649 return 0; 1650} 1651 1652 1653static void nl80211_destroy_bss(struct i802_bss *bss) 1654{ 1655 nl_cb_put(bss->nl_cb); 1656 bss->nl_cb = NULL; 1657} 1658 1659 1660static void 1661wpa_driver_nl80211_drv_init_rfkill(struct wpa_driver_nl80211_data *drv) 1662{ 1663 struct rfkill_config *rcfg; 1664 1665 if (drv->rfkill) 1666 return; 1667 1668 rcfg = os_zalloc(sizeof(*rcfg)); 1669 if (!rcfg) 1670 return; 1671 1672 rcfg->ctx = drv; 1673 1674 /* rfkill uses netdev sysfs for initialization. However, P2P Device is 1675 * not associated with a netdev, so use the name of some other interface 1676 * sharing the same wiphy as the P2P Device interface. 1677 * 1678 * Note: This is valid, as a P2P Device interface is always dynamically 1679 * created and is created only once another wpa_s interface was added. 1680 */ 1681 if (drv->nlmode == NL80211_IFTYPE_P2P_DEVICE) { 1682 struct nl80211_global *global = drv->global; 1683 struct wpa_driver_nl80211_data *tmp1; 1684 1685 dl_list_for_each(tmp1, &global->interfaces, 1686 struct wpa_driver_nl80211_data, list) { 1687 if (drv == tmp1 || drv->wiphy_idx != tmp1->wiphy_idx || 1688 !tmp1->rfkill) 1689 continue; 1690 1691 wpa_printf(MSG_DEBUG, 1692 "nl80211: Use (%s) to initialize P2P Device rfkill", 1693 tmp1->first_bss->ifname); 1694 os_strlcpy(rcfg->ifname, tmp1->first_bss->ifname, 1695 sizeof(rcfg->ifname)); 1696 break; 1697 } 1698 } else { 1699 os_strlcpy(rcfg->ifname, drv->first_bss->ifname, 1700 sizeof(rcfg->ifname)); 1701 } 1702 1703 rcfg->blocked_cb = wpa_driver_nl80211_rfkill_blocked; 1704 rcfg->unblocked_cb = wpa_driver_nl80211_rfkill_unblocked; 1705 drv->rfkill = rfkill_init(rcfg); 1706 if (!drv->rfkill) { 1707 wpa_printf(MSG_DEBUG, "nl80211: RFKILL status not available"); 1708 os_free(rcfg); 1709 } 1710} 1711 1712 1713static void * wpa_driver_nl80211_drv_init(void *ctx, const char *ifname, 1714 void *global_priv, int hostapd, 1715 const u8 *set_addr, 1716 const char *driver_params) 1717{ 1718 struct wpa_driver_nl80211_data *drv; 1719 struct i802_bss *bss; 1720 1721 if (global_priv == NULL) 1722 return NULL; 1723 drv = os_zalloc(sizeof(*drv)); 1724 if (drv == NULL) 1725 return NULL; 1726 drv->global = global_priv; 1727 drv->ctx = ctx; 1728 drv->hostapd = !!hostapd; 1729 drv->eapol_sock = -1; 1730 1731 /* 1732 * There is no driver capability flag for this, so assume it is 1733 * supported and disable this on first attempt to use if the driver 1734 * rejects the command due to missing support. 1735 */ 1736 drv->set_rekey_offload = 1; 1737 1738 drv->num_if_indices = sizeof(drv->default_if_indices) / sizeof(int); 1739 drv->if_indices = drv->default_if_indices; 1740 drv->if_indices_reason = drv->default_if_indices_reason; 1741 1742 drv->first_bss = os_zalloc(sizeof(*drv->first_bss)); 1743 if (!drv->first_bss) { 1744 os_free(drv); 1745 return NULL; 1746 } 1747 bss = drv->first_bss; 1748 bss->drv = drv; 1749 bss->ctx = ctx; 1750 1751 os_strlcpy(bss->ifname, ifname, sizeof(bss->ifname)); 1752 drv->monitor_ifidx = -1; 1753 drv->monitor_sock = -1; 1754 drv->eapol_tx_sock = -1; 1755 drv->ap_scan_as_station = NL80211_IFTYPE_UNSPECIFIED; 1756 1757 if (nl80211_init_bss(bss)) 1758 goto failed; 1759 1760 if (wpa_driver_nl80211_finish_drv_init(drv, set_addr, 1, driver_params)) 1761 goto failed; 1762 1763 drv->eapol_tx_sock = socket(PF_PACKET, SOCK_DGRAM, 0); 1764 if (drv->eapol_tx_sock < 0) 1765 goto failed; 1766 1767 if (drv->data_tx_status) { 1768 int enabled = 1; 1769 1770 if (setsockopt(drv->eapol_tx_sock, SOL_SOCKET, SO_WIFI_STATUS, 1771 &enabled, sizeof(enabled)) < 0) { 1772 wpa_printf(MSG_DEBUG, 1773 "nl80211: wifi status sockopt failed\n"); 1774 drv->data_tx_status = 0; 1775 if (!drv->use_monitor) 1776 drv->capa.flags &= 1777 ~WPA_DRIVER_FLAGS_EAPOL_TX_STATUS; 1778 } else { 1779 eloop_register_read_sock(drv->eapol_tx_sock, 1780 wpa_driver_nl80211_handle_eapol_tx_status, 1781 drv, NULL); 1782 } 1783 } 1784 1785 if (drv->global) { 1786 nl80211_check_global(drv->global); 1787 dl_list_add(&drv->global->interfaces, &drv->list); 1788 drv->in_interface_list = 1; 1789 } 1790 1791 return bss; 1792 1793failed: 1794 wpa_driver_nl80211_deinit(bss); 1795 return NULL; 1796} 1797 1798 1799/** 1800 * wpa_driver_nl80211_init - Initialize nl80211 driver interface 1801 * @ctx: context to be used when calling wpa_supplicant functions, 1802 * e.g., wpa_supplicant_event() 1803 * @ifname: interface name, e.g., wlan0 1804 * @global_priv: private driver global data from global_init() 1805 * Returns: Pointer to private data, %NULL on failure 1806 */ 1807static void * wpa_driver_nl80211_init(void *ctx, const char *ifname, 1808 void *global_priv) 1809{ 1810 return wpa_driver_nl80211_drv_init(ctx, ifname, global_priv, 0, NULL, 1811 NULL); 1812} 1813 1814 1815static int nl80211_register_frame(struct i802_bss *bss, 1816 struct nl_handle *nl_handle, 1817 u16 type, const u8 *match, size_t match_len) 1818{ 1819 struct wpa_driver_nl80211_data *drv = bss->drv; 1820 struct nl_msg *msg; 1821 int ret; 1822 char buf[30]; 1823 1824 buf[0] = '\0'; 1825 wpa_snprintf_hex(buf, sizeof(buf), match, match_len); 1826 wpa_printf(MSG_DEBUG, "nl80211: Register frame type=0x%x (%s) nl_handle=%p match=%s", 1827 type, fc2str(type), nl_handle, buf); 1828 1829 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_REGISTER_ACTION)) || 1830 nla_put_u16(msg, NL80211_ATTR_FRAME_TYPE, type) || 1831 nla_put(msg, NL80211_ATTR_FRAME_MATCH, match_len, match)) { 1832 nlmsg_free(msg); 1833 return -1; 1834 } 1835 1836 ret = send_and_recv(drv->global, nl_handle, msg, NULL, NULL); 1837 if (ret) { 1838 wpa_printf(MSG_DEBUG, "nl80211: Register frame command " 1839 "failed (type=%u): ret=%d (%s)", 1840 type, ret, strerror(-ret)); 1841 wpa_hexdump(MSG_DEBUG, "nl80211: Register frame match", 1842 match, match_len); 1843 } 1844 return ret; 1845} 1846 1847 1848static int nl80211_alloc_mgmt_handle(struct i802_bss *bss) 1849{ 1850 if (bss->nl_mgmt) { 1851 wpa_printf(MSG_DEBUG, "nl80211: Mgmt reporting " 1852 "already on! (nl_mgmt=%p)", bss->nl_mgmt); 1853 return -1; 1854 } 1855 1856 bss->nl_mgmt = nl_create_handle(bss->nl_cb, "mgmt"); 1857 if (bss->nl_mgmt == NULL) 1858 return -1; 1859 1860 return 0; 1861} 1862 1863 1864static void nl80211_mgmt_handle_register_eloop(struct i802_bss *bss) 1865{ 1866 nl80211_register_eloop_read(&bss->nl_mgmt, 1867 wpa_driver_nl80211_event_receive, 1868 bss->nl_cb); 1869} 1870 1871 1872static int nl80211_register_action_frame(struct i802_bss *bss, 1873 const u8 *match, size_t match_len) 1874{ 1875 u16 type = (WLAN_FC_TYPE_MGMT << 2) | (WLAN_FC_STYPE_ACTION << 4); 1876 return nl80211_register_frame(bss, bss->nl_mgmt, 1877 type, match, match_len); 1878} 1879 1880 1881static int nl80211_mgmt_subscribe_non_ap(struct i802_bss *bss) 1882{ 1883 struct wpa_driver_nl80211_data *drv = bss->drv; 1884 int ret = 0; 1885 1886 if (nl80211_alloc_mgmt_handle(bss)) 1887 return -1; 1888 wpa_printf(MSG_DEBUG, "nl80211: Subscribe to mgmt frames with non-AP " 1889 "handle %p", bss->nl_mgmt); 1890 1891 if (drv->nlmode == NL80211_IFTYPE_ADHOC) { 1892 u16 type = (WLAN_FC_TYPE_MGMT << 2) | (WLAN_FC_STYPE_AUTH << 4); 1893 1894 /* register for any AUTH message */ 1895 nl80211_register_frame(bss, bss->nl_mgmt, type, NULL, 0); 1896 } 1897 1898#ifdef CONFIG_INTERWORKING 1899 /* QoS Map Configure */ 1900 if (nl80211_register_action_frame(bss, (u8 *) "\x01\x04", 2) < 0) 1901 ret = -1; 1902#endif /* CONFIG_INTERWORKING */ 1903#if defined(CONFIG_P2P) || defined(CONFIG_INTERWORKING) 1904 /* GAS Initial Request */ 1905 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0a", 2) < 0) 1906 ret = -1; 1907 /* GAS Initial Response */ 1908 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0b", 2) < 0) 1909 ret = -1; 1910 /* GAS Comeback Request */ 1911 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0c", 2) < 0) 1912 ret = -1; 1913 /* GAS Comeback Response */ 1914 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0d", 2) < 0) 1915 ret = -1; 1916 /* Protected GAS Initial Request */ 1917 if (nl80211_register_action_frame(bss, (u8 *) "\x09\x0a", 2) < 0) 1918 ret = -1; 1919 /* Protected GAS Initial Response */ 1920 if (nl80211_register_action_frame(bss, (u8 *) "\x09\x0b", 2) < 0) 1921 ret = -1; 1922 /* Protected GAS Comeback Request */ 1923 if (nl80211_register_action_frame(bss, (u8 *) "\x09\x0c", 2) < 0) 1924 ret = -1; 1925 /* Protected GAS Comeback Response */ 1926 if (nl80211_register_action_frame(bss, (u8 *) "\x09\x0d", 2) < 0) 1927 ret = -1; 1928#endif /* CONFIG_P2P || CONFIG_INTERWORKING */ 1929#ifdef CONFIG_P2P 1930 /* P2P Public Action */ 1931 if (nl80211_register_action_frame(bss, 1932 (u8 *) "\x04\x09\x50\x6f\x9a\x09", 1933 6) < 0) 1934 ret = -1; 1935 /* P2P Action */ 1936 if (nl80211_register_action_frame(bss, 1937 (u8 *) "\x7f\x50\x6f\x9a\x09", 1938 5) < 0) 1939 ret = -1; 1940#endif /* CONFIG_P2P */ 1941#ifdef CONFIG_IEEE80211W 1942 /* SA Query Response */ 1943 if (nl80211_register_action_frame(bss, (u8 *) "\x08\x01", 2) < 0) 1944 ret = -1; 1945#endif /* CONFIG_IEEE80211W */ 1946#ifdef CONFIG_TDLS 1947 if ((drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT)) { 1948 /* TDLS Discovery Response */ 1949 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0e", 2) < 1950 0) 1951 ret = -1; 1952 } 1953#endif /* CONFIG_TDLS */ 1954#ifdef CONFIG_FST 1955 /* FST Action frames */ 1956 if (nl80211_register_action_frame(bss, (u8 *) "\x12", 1) < 0) 1957 ret = -1; 1958#endif /* CONFIG_FST */ 1959 1960 /* FT Action frames */ 1961 if (nl80211_register_action_frame(bss, (u8 *) "\x06", 1) < 0) 1962 ret = -1; 1963 else 1964 drv->capa.key_mgmt |= WPA_DRIVER_CAPA_KEY_MGMT_FT | 1965 WPA_DRIVER_CAPA_KEY_MGMT_FT_PSK; 1966 1967 /* WNM - BSS Transition Management Request */ 1968 if (nl80211_register_action_frame(bss, (u8 *) "\x0a\x07", 2) < 0) 1969 ret = -1; 1970 /* WNM-Sleep Mode Response */ 1971 if (nl80211_register_action_frame(bss, (u8 *) "\x0a\x11", 2) < 0) 1972 ret = -1; 1973 1974#ifdef CONFIG_HS20 1975 /* WNM-Notification */ 1976 if (nl80211_register_action_frame(bss, (u8 *) "\x0a\x1a", 2) < 0) 1977 ret = -1; 1978#endif /* CONFIG_HS20 */ 1979 1980 /* WMM-AC ADDTS Response */ 1981 if (nl80211_register_action_frame(bss, (u8 *) "\x11\x01", 2) < 0) 1982 ret = -1; 1983 1984 /* WMM-AC DELTS */ 1985 if (nl80211_register_action_frame(bss, (u8 *) "\x11\x02", 2) < 0) 1986 ret = -1; 1987 1988 /* Radio Measurement - Neighbor Report Response */ 1989 if (nl80211_register_action_frame(bss, (u8 *) "\x05\x05", 2) < 0) 1990 ret = -1; 1991 1992 /* Radio Measurement - Link Measurement Request */ 1993 if ((drv->capa.rrm_flags & WPA_DRIVER_FLAGS_TX_POWER_INSERTION) && 1994 (nl80211_register_action_frame(bss, (u8 *) "\x05\x02", 2) < 0)) 1995 ret = -1; 1996 1997 nl80211_mgmt_handle_register_eloop(bss); 1998 1999 return ret; 2000} 2001 2002 2003static int nl80211_mgmt_subscribe_mesh(struct i802_bss *bss) 2004{ 2005 int ret = 0; 2006 2007 if (nl80211_alloc_mgmt_handle(bss)) 2008 return -1; 2009 2010 wpa_printf(MSG_DEBUG, 2011 "nl80211: Subscribe to mgmt frames with mesh handle %p", 2012 bss->nl_mgmt); 2013 2014 /* Auth frames for mesh SAE */ 2015 if (nl80211_register_frame(bss, bss->nl_mgmt, 2016 (WLAN_FC_TYPE_MGMT << 2) | 2017 (WLAN_FC_STYPE_AUTH << 4), 2018 NULL, 0) < 0) 2019 ret = -1; 2020 2021 /* Mesh peering open */ 2022 if (nl80211_register_action_frame(bss, (u8 *) "\x0f\x01", 2) < 0) 2023 ret = -1; 2024 /* Mesh peering confirm */ 2025 if (nl80211_register_action_frame(bss, (u8 *) "\x0f\x02", 2) < 0) 2026 ret = -1; 2027 /* Mesh peering close */ 2028 if (nl80211_register_action_frame(bss, (u8 *) "\x0f\x03", 2) < 0) 2029 ret = -1; 2030 2031 nl80211_mgmt_handle_register_eloop(bss); 2032 2033 return ret; 2034} 2035 2036 2037static int nl80211_register_spurious_class3(struct i802_bss *bss) 2038{ 2039 struct nl_msg *msg; 2040 int ret; 2041 2042 msg = nl80211_bss_msg(bss, 0, NL80211_CMD_UNEXPECTED_FRAME); 2043 ret = send_and_recv(bss->drv->global, bss->nl_mgmt, msg, NULL, NULL); 2044 if (ret) { 2045 wpa_printf(MSG_DEBUG, "nl80211: Register spurious class3 " 2046 "failed: ret=%d (%s)", 2047 ret, strerror(-ret)); 2048 } 2049 return ret; 2050} 2051 2052 2053static int nl80211_action_subscribe_ap(struct i802_bss *bss) 2054{ 2055 int ret = 0; 2056 2057 /* Public Action frames */ 2058 if (nl80211_register_action_frame(bss, (u8 *) "\x04", 1) < 0) 2059 ret = -1; 2060 /* RRM Measurement Report */ 2061 if (nl80211_register_action_frame(bss, (u8 *) "\x05\x01", 2) < 0) 2062 ret = -1; 2063 /* RRM Neighbor Report Request */ 2064 if (nl80211_register_action_frame(bss, (u8 *) "\x05\x04", 2) < 0) 2065 ret = -1; 2066 /* FT Action frames */ 2067 if (nl80211_register_action_frame(bss, (u8 *) "\x06", 1) < 0) 2068 ret = -1; 2069#ifdef CONFIG_IEEE80211W 2070 /* SA Query */ 2071 if (nl80211_register_action_frame(bss, (u8 *) "\x08", 1) < 0) 2072 ret = -1; 2073#endif /* CONFIG_IEEE80211W */ 2074 /* Protected Dual of Public Action */ 2075 if (nl80211_register_action_frame(bss, (u8 *) "\x09", 1) < 0) 2076 ret = -1; 2077 /* WNM */ 2078 if (nl80211_register_action_frame(bss, (u8 *) "\x0a", 1) < 0) 2079 ret = -1; 2080 /* WMM */ 2081 if (nl80211_register_action_frame(bss, (u8 *) "\x11", 1) < 0) 2082 ret = -1; 2083#ifdef CONFIG_FST 2084 /* FST Action frames */ 2085 if (nl80211_register_action_frame(bss, (u8 *) "\x12", 1) < 0) 2086 ret = -1; 2087#endif /* CONFIG_FST */ 2088 /* Vendor-specific */ 2089 if (nl80211_register_action_frame(bss, (u8 *) "\x7f", 1) < 0) 2090 ret = -1; 2091 2092 return ret; 2093} 2094 2095 2096static int nl80211_mgmt_subscribe_ap(struct i802_bss *bss) 2097{ 2098 static const int stypes[] = { 2099 WLAN_FC_STYPE_AUTH, 2100 WLAN_FC_STYPE_ASSOC_REQ, 2101 WLAN_FC_STYPE_REASSOC_REQ, 2102 WLAN_FC_STYPE_DISASSOC, 2103 WLAN_FC_STYPE_DEAUTH, 2104 WLAN_FC_STYPE_PROBE_REQ, 2105/* Beacon doesn't work as mac80211 doesn't currently allow 2106 * it, but it wouldn't really be the right thing anyway as 2107 * it isn't per interface ... maybe just dump the scan 2108 * results periodically for OLBC? 2109 */ 2110 /* WLAN_FC_STYPE_BEACON, */ 2111 }; 2112 unsigned int i; 2113 2114 if (nl80211_alloc_mgmt_handle(bss)) 2115 return -1; 2116 wpa_printf(MSG_DEBUG, "nl80211: Subscribe to mgmt frames with AP " 2117 "handle %p", bss->nl_mgmt); 2118 2119 for (i = 0; i < ARRAY_SIZE(stypes); i++) { 2120 if (nl80211_register_frame(bss, bss->nl_mgmt, 2121 (WLAN_FC_TYPE_MGMT << 2) | 2122 (stypes[i] << 4), 2123 NULL, 0) < 0) { 2124 goto out_err; 2125 } 2126 } 2127 2128 if (nl80211_action_subscribe_ap(bss)) 2129 goto out_err; 2130 2131 if (nl80211_register_spurious_class3(bss)) 2132 goto out_err; 2133 2134 if (nl80211_get_wiphy_data_ap(bss) == NULL) 2135 goto out_err; 2136 2137 nl80211_mgmt_handle_register_eloop(bss); 2138 return 0; 2139 2140out_err: 2141 nl_destroy_handles(&bss->nl_mgmt); 2142 return -1; 2143} 2144 2145 2146static int nl80211_mgmt_subscribe_ap_dev_sme(struct i802_bss *bss) 2147{ 2148 if (nl80211_alloc_mgmt_handle(bss)) 2149 return -1; 2150 wpa_printf(MSG_DEBUG, "nl80211: Subscribe to mgmt frames with AP " 2151 "handle %p (device SME)", bss->nl_mgmt); 2152 2153 if (nl80211_action_subscribe_ap(bss)) 2154 goto out_err; 2155 2156 nl80211_mgmt_handle_register_eloop(bss); 2157 return 0; 2158 2159out_err: 2160 nl_destroy_handles(&bss->nl_mgmt); 2161 return -1; 2162} 2163 2164 2165static void nl80211_mgmt_unsubscribe(struct i802_bss *bss, const char *reason) 2166{ 2167 if (bss->nl_mgmt == NULL) 2168 return; 2169 wpa_printf(MSG_DEBUG, "nl80211: Unsubscribe mgmt frames handle %p " 2170 "(%s)", bss->nl_mgmt, reason); 2171 nl80211_destroy_eloop_handle(&bss->nl_mgmt); 2172 2173 nl80211_put_wiphy_data_ap(bss); 2174} 2175 2176 2177static void wpa_driver_nl80211_send_rfkill(void *eloop_ctx, void *timeout_ctx) 2178{ 2179 wpa_supplicant_event(timeout_ctx, EVENT_INTERFACE_DISABLED, NULL); 2180} 2181 2182 2183static void nl80211_del_p2pdev(struct i802_bss *bss) 2184{ 2185 struct nl_msg *msg; 2186 int ret; 2187 2188 msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_DEL_INTERFACE); 2189 ret = send_and_recv_msgs(bss->drv, msg, NULL, NULL); 2190 2191 wpa_printf(MSG_DEBUG, "nl80211: Delete P2P Device %s (0x%llx): %s", 2192 bss->ifname, (long long unsigned int) bss->wdev_id, 2193 strerror(-ret)); 2194} 2195 2196 2197static int nl80211_set_p2pdev(struct i802_bss *bss, int start) 2198{ 2199 struct nl_msg *msg; 2200 int ret; 2201 2202 msg = nl80211_cmd_msg(bss, 0, start ? NL80211_CMD_START_P2P_DEVICE : 2203 NL80211_CMD_STOP_P2P_DEVICE); 2204 ret = send_and_recv_msgs(bss->drv, msg, NULL, NULL); 2205 2206 wpa_printf(MSG_DEBUG, "nl80211: %s P2P Device %s (0x%llx): %s", 2207 start ? "Start" : "Stop", 2208 bss->ifname, (long long unsigned int) bss->wdev_id, 2209 strerror(-ret)); 2210 return ret; 2211} 2212 2213 2214static int i802_set_iface_flags(struct i802_bss *bss, int up) 2215{ 2216 enum nl80211_iftype nlmode; 2217 2218 nlmode = nl80211_get_ifmode(bss); 2219 if (nlmode != NL80211_IFTYPE_P2P_DEVICE) { 2220 return linux_set_iface_flags(bss->drv->global->ioctl_sock, 2221 bss->ifname, up); 2222 } 2223 2224 /* P2P Device has start/stop which is equivalent */ 2225 return nl80211_set_p2pdev(bss, up); 2226} 2227 2228 2229#ifdef CONFIG_TESTING_OPTIONS 2230static int qca_vendor_test_cmd_handler(struct nl_msg *msg, void *arg) 2231{ 2232 /* struct wpa_driver_nl80211_data *drv = arg; */ 2233 struct nlattr *tb[NL80211_ATTR_MAX + 1]; 2234 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); 2235 2236 2237 wpa_printf(MSG_DEBUG, 2238 "nl80211: QCA vendor test command response received"); 2239 2240 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), 2241 genlmsg_attrlen(gnlh, 0), NULL); 2242 if (!tb[NL80211_ATTR_VENDOR_DATA]) { 2243 wpa_printf(MSG_DEBUG, "nl80211: No vendor data attribute"); 2244 return NL_SKIP; 2245 } 2246 2247 wpa_hexdump(MSG_DEBUG, 2248 "nl80211: Received QCA vendor test command response", 2249 nla_data(tb[NL80211_ATTR_VENDOR_DATA]), 2250 nla_len(tb[NL80211_ATTR_VENDOR_DATA])); 2251 2252 return NL_SKIP; 2253} 2254#endif /* CONFIG_TESTING_OPTIONS */ 2255 2256 2257static void qca_vendor_test(struct wpa_driver_nl80211_data *drv) 2258{ 2259#ifdef CONFIG_TESTING_OPTIONS 2260 struct nl_msg *msg; 2261 struct nlattr *params; 2262 int ret; 2263 2264 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) || 2265 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) || 2266 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD, 2267 QCA_NL80211_VENDOR_SUBCMD_TEST) || 2268 !(params = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) || 2269 nla_put_u32(msg, QCA_WLAN_VENDOR_ATTR_TEST, 123)) { 2270 nlmsg_free(msg); 2271 return; 2272 } 2273 nla_nest_end(msg, params); 2274 2275 ret = send_and_recv_msgs(drv, msg, qca_vendor_test_cmd_handler, drv); 2276 wpa_printf(MSG_DEBUG, 2277 "nl80211: QCA vendor test command returned %d (%s)", 2278 ret, strerror(-ret)); 2279#endif /* CONFIG_TESTING_OPTIONS */ 2280} 2281 2282 2283static int 2284wpa_driver_nl80211_finish_drv_init(struct wpa_driver_nl80211_data *drv, 2285 const u8 *set_addr, int first, 2286 const char *driver_params) 2287{ 2288 struct i802_bss *bss = drv->first_bss; 2289 int send_rfkill_event = 0; 2290 enum nl80211_iftype nlmode; 2291 2292 drv->ifindex = if_nametoindex(bss->ifname); 2293 bss->ifindex = drv->ifindex; 2294 bss->wdev_id = drv->global->if_add_wdevid; 2295 bss->wdev_id_set = drv->global->if_add_wdevid_set; 2296 2297 bss->if_dynamic = drv->ifindex == drv->global->if_add_ifindex; 2298 bss->if_dynamic = bss->if_dynamic || drv->global->if_add_wdevid_set; 2299 drv->global->if_add_wdevid_set = 0; 2300 2301 if (!bss->if_dynamic && nl80211_get_ifmode(bss) == NL80211_IFTYPE_AP) 2302 bss->static_ap = 1; 2303 2304 if (first && 2305 nl80211_get_ifmode(bss) != NL80211_IFTYPE_P2P_DEVICE && 2306 linux_iface_up(drv->global->ioctl_sock, bss->ifname) > 0) 2307 drv->start_iface_up = 1; 2308 2309 if (wpa_driver_nl80211_capa(drv)) 2310 return -1; 2311 2312 if (driver_params && nl80211_set_param(bss, driver_params) < 0) 2313 return -1; 2314 2315 wpa_printf(MSG_DEBUG, "nl80211: interface %s in phy %s", 2316 bss->ifname, drv->phyname); 2317 2318 if (set_addr && 2319 (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 0) || 2320 linux_set_ifhwaddr(drv->global->ioctl_sock, bss->ifname, 2321 set_addr))) 2322 return -1; 2323 2324 if (first && nl80211_get_ifmode(bss) == NL80211_IFTYPE_AP) 2325 drv->start_mode_ap = 1; 2326 2327 if (drv->hostapd || bss->static_ap) 2328 nlmode = NL80211_IFTYPE_AP; 2329 else if (bss->if_dynamic) 2330 nlmode = nl80211_get_ifmode(bss); 2331 else 2332 nlmode = NL80211_IFTYPE_STATION; 2333 2334 if (wpa_driver_nl80211_set_mode(bss, nlmode) < 0) { 2335 wpa_printf(MSG_ERROR, "nl80211: Could not configure driver mode"); 2336 return -1; 2337 } 2338 2339 if (nlmode == NL80211_IFTYPE_P2P_DEVICE) 2340 nl80211_get_macaddr(bss); 2341 2342 wpa_driver_nl80211_drv_init_rfkill(drv); 2343 2344 if (!rfkill_is_blocked(drv->rfkill)) { 2345 int ret = i802_set_iface_flags(bss, 1); 2346 if (ret) { 2347 wpa_printf(MSG_ERROR, "nl80211: Could not set " 2348 "interface '%s' UP", bss->ifname); 2349 return ret; 2350 } 2351 2352 if (is_p2p_net_interface(nlmode)) 2353 nl80211_disable_11b_rates(bss->drv, 2354 bss->drv->ifindex, 1); 2355 2356 if (nlmode == NL80211_IFTYPE_P2P_DEVICE) 2357 return ret; 2358 } else { 2359 wpa_printf(MSG_DEBUG, "nl80211: Could not yet enable " 2360 "interface '%s' due to rfkill", bss->ifname); 2361 if (nlmode != NL80211_IFTYPE_P2P_DEVICE) 2362 drv->if_disabled = 1; 2363 2364 send_rfkill_event = 1; 2365 } 2366 2367 if (!drv->hostapd && nlmode != NL80211_IFTYPE_P2P_DEVICE) 2368 netlink_send_oper_ifla(drv->global->netlink, drv->ifindex, 2369 1, IF_OPER_DORMANT); 2370 2371 if (nlmode != NL80211_IFTYPE_P2P_DEVICE) { 2372 if (linux_get_ifhwaddr(drv->global->ioctl_sock, bss->ifname, 2373 bss->addr)) 2374 return -1; 2375 os_memcpy(drv->perm_addr, bss->addr, ETH_ALEN); 2376 } 2377 2378 if (send_rfkill_event) { 2379 eloop_register_timeout(0, 0, wpa_driver_nl80211_send_rfkill, 2380 drv, drv->ctx); 2381 } 2382 2383 if (drv->vendor_cmd_test_avail) 2384 qca_vendor_test(drv); 2385 2386 return 0; 2387} 2388 2389 2390static int wpa_driver_nl80211_del_beacon(struct wpa_driver_nl80211_data *drv) 2391{ 2392 struct nl_msg *msg; 2393 2394 wpa_printf(MSG_DEBUG, "nl80211: Remove beacon (ifindex=%d)", 2395 drv->ifindex); 2396 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_DEL_BEACON); 2397 return send_and_recv_msgs(drv, msg, NULL, NULL); 2398} 2399 2400 2401/** 2402 * wpa_driver_nl80211_deinit - Deinitialize nl80211 driver interface 2403 * @bss: Pointer to private nl80211 data from wpa_driver_nl80211_init() 2404 * 2405 * Shut down driver interface and processing of driver events. Free 2406 * private data buffer if one was allocated in wpa_driver_nl80211_init(). 2407 */ 2408static void wpa_driver_nl80211_deinit(struct i802_bss *bss) 2409{ 2410 struct wpa_driver_nl80211_data *drv = bss->drv; 2411 2412 wpa_printf(MSG_INFO, "nl80211: deinit ifname=%s disabled_11b_rates=%d", 2413 bss->ifname, drv->disabled_11b_rates); 2414 2415 bss->in_deinit = 1; 2416 if (drv->data_tx_status) 2417 eloop_unregister_read_sock(drv->eapol_tx_sock); 2418 if (drv->eapol_tx_sock >= 0) 2419 close(drv->eapol_tx_sock); 2420 2421 if (bss->nl_preq) 2422 wpa_driver_nl80211_probe_req_report(bss, 0); 2423 if (bss->added_if_into_bridge) { 2424 if (linux_br_del_if(drv->global->ioctl_sock, bss->brname, 2425 bss->ifname) < 0) 2426 wpa_printf(MSG_INFO, "nl80211: Failed to remove " 2427 "interface %s from bridge %s: %s", 2428 bss->ifname, bss->brname, strerror(errno)); 2429 if (drv->rtnl_sk) 2430 nl80211_handle_destroy(drv->rtnl_sk); 2431 } 2432 if (bss->added_bridge) { 2433 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->brname, 2434 0) < 0) 2435 wpa_printf(MSG_INFO, 2436 "nl80211: Could not set bridge %s down", 2437 bss->brname); 2438 if (linux_br_del(drv->global->ioctl_sock, bss->brname) < 0) 2439 wpa_printf(MSG_INFO, "nl80211: Failed to remove " 2440 "bridge %s: %s", 2441 bss->brname, strerror(errno)); 2442 } 2443 2444 nl80211_remove_monitor_interface(drv); 2445 2446 if (is_ap_interface(drv->nlmode)) 2447 wpa_driver_nl80211_del_beacon(drv); 2448 2449 if (drv->eapol_sock >= 0) { 2450 eloop_unregister_read_sock(drv->eapol_sock); 2451 close(drv->eapol_sock); 2452 } 2453 2454 if (drv->if_indices != drv->default_if_indices) 2455 os_free(drv->if_indices); 2456 2457 if (drv->if_indices_reason != drv->default_if_indices_reason) 2458 os_free(drv->if_indices_reason); 2459 2460 if (drv->disabled_11b_rates) 2461 nl80211_disable_11b_rates(drv, drv->ifindex, 0); 2462 2463 netlink_send_oper_ifla(drv->global->netlink, drv->ifindex, 0, 2464 IF_OPER_UP); 2465 eloop_cancel_timeout(wpa_driver_nl80211_send_rfkill, drv, drv->ctx); 2466 rfkill_deinit(drv->rfkill); 2467 2468 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv, drv->ctx); 2469 2470 if (!drv->start_iface_up) 2471 (void) i802_set_iface_flags(bss, 0); 2472 2473 if (drv->addr_changed) { 2474 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 2475 0) < 0) { 2476 wpa_printf(MSG_DEBUG, 2477 "nl80211: Could not set interface down to restore permanent MAC address"); 2478 } 2479 if (linux_set_ifhwaddr(drv->global->ioctl_sock, bss->ifname, 2480 drv->perm_addr) < 0) { 2481 wpa_printf(MSG_DEBUG, 2482 "nl80211: Could not restore permanent MAC address"); 2483 } 2484 } 2485 2486 if (drv->nlmode != NL80211_IFTYPE_P2P_DEVICE) { 2487 if (!drv->hostapd || !drv->start_mode_ap) 2488 wpa_driver_nl80211_set_mode(bss, 2489 NL80211_IFTYPE_STATION); 2490 nl80211_mgmt_unsubscribe(bss, "deinit"); 2491 } else { 2492 nl80211_mgmt_unsubscribe(bss, "deinit"); 2493 nl80211_del_p2pdev(bss); 2494 } 2495 2496 nl80211_destroy_bss(drv->first_bss); 2497 2498 os_free(drv->filter_ssids); 2499 2500 os_free(drv->auth_ie); 2501 2502 if (drv->in_interface_list) 2503 dl_list_del(&drv->list); 2504 2505 os_free(drv->extended_capa); 2506 os_free(drv->extended_capa_mask); 2507 os_free(drv->first_bss); 2508 os_free(drv); 2509} 2510 2511 2512static u32 wpa_alg_to_cipher_suite(enum wpa_alg alg, size_t key_len) 2513{ 2514 switch (alg) { 2515 case WPA_ALG_WEP: 2516 if (key_len == 5) 2517 return WLAN_CIPHER_SUITE_WEP40; 2518 return WLAN_CIPHER_SUITE_WEP104; 2519 case WPA_ALG_TKIP: 2520 return WLAN_CIPHER_SUITE_TKIP; 2521 case WPA_ALG_CCMP: 2522 return WLAN_CIPHER_SUITE_CCMP; 2523 case WPA_ALG_GCMP: 2524 return WLAN_CIPHER_SUITE_GCMP; 2525 case WPA_ALG_CCMP_256: 2526 return WLAN_CIPHER_SUITE_CCMP_256; 2527 case WPA_ALG_GCMP_256: 2528 return WLAN_CIPHER_SUITE_GCMP_256; 2529 case WPA_ALG_IGTK: 2530 return WLAN_CIPHER_SUITE_AES_CMAC; 2531 case WPA_ALG_BIP_GMAC_128: 2532 return WLAN_CIPHER_SUITE_BIP_GMAC_128; 2533 case WPA_ALG_BIP_GMAC_256: 2534 return WLAN_CIPHER_SUITE_BIP_GMAC_256; 2535 case WPA_ALG_BIP_CMAC_256: 2536 return WLAN_CIPHER_SUITE_BIP_CMAC_256; 2537 case WPA_ALG_SMS4: 2538 return WLAN_CIPHER_SUITE_SMS4; 2539 case WPA_ALG_KRK: 2540 return WLAN_CIPHER_SUITE_KRK; 2541 case WPA_ALG_NONE: 2542 case WPA_ALG_PMK: 2543 wpa_printf(MSG_ERROR, "nl80211: Unexpected encryption algorithm %d", 2544 alg); 2545 return 0; 2546 } 2547 2548 wpa_printf(MSG_ERROR, "nl80211: Unsupported encryption algorithm %d", 2549 alg); 2550 return 0; 2551} 2552 2553 2554static u32 wpa_cipher_to_cipher_suite(unsigned int cipher) 2555{ 2556 switch (cipher) { 2557 case WPA_CIPHER_CCMP_256: 2558 return WLAN_CIPHER_SUITE_CCMP_256; 2559 case WPA_CIPHER_GCMP_256: 2560 return WLAN_CIPHER_SUITE_GCMP_256; 2561 case WPA_CIPHER_CCMP: 2562 return WLAN_CIPHER_SUITE_CCMP; 2563 case WPA_CIPHER_GCMP: 2564 return WLAN_CIPHER_SUITE_GCMP; 2565 case WPA_CIPHER_TKIP: 2566 return WLAN_CIPHER_SUITE_TKIP; 2567 case WPA_CIPHER_WEP104: 2568 return WLAN_CIPHER_SUITE_WEP104; 2569 case WPA_CIPHER_WEP40: 2570 return WLAN_CIPHER_SUITE_WEP40; 2571 case WPA_CIPHER_GTK_NOT_USED: 2572 return WLAN_CIPHER_SUITE_NO_GROUP_ADDR; 2573 } 2574 2575 return 0; 2576} 2577 2578 2579static int wpa_cipher_to_cipher_suites(unsigned int ciphers, u32 suites[], 2580 int max_suites) 2581{ 2582 int num_suites = 0; 2583 2584 if (num_suites < max_suites && ciphers & WPA_CIPHER_CCMP_256) 2585 suites[num_suites++] = WLAN_CIPHER_SUITE_CCMP_256; 2586 if (num_suites < max_suites && ciphers & WPA_CIPHER_GCMP_256) 2587 suites[num_suites++] = WLAN_CIPHER_SUITE_GCMP_256; 2588 if (num_suites < max_suites && ciphers & WPA_CIPHER_CCMP) 2589 suites[num_suites++] = WLAN_CIPHER_SUITE_CCMP; 2590 if (num_suites < max_suites && ciphers & WPA_CIPHER_GCMP) 2591 suites[num_suites++] = WLAN_CIPHER_SUITE_GCMP; 2592 if (num_suites < max_suites && ciphers & WPA_CIPHER_TKIP) 2593 suites[num_suites++] = WLAN_CIPHER_SUITE_TKIP; 2594 if (num_suites < max_suites && ciphers & WPA_CIPHER_WEP104) 2595 suites[num_suites++] = WLAN_CIPHER_SUITE_WEP104; 2596 if (num_suites < max_suites && ciphers & WPA_CIPHER_WEP40) 2597 suites[num_suites++] = WLAN_CIPHER_SUITE_WEP40; 2598 2599 return num_suites; 2600} 2601 2602 2603#ifdef CONFIG_DRIVER_NL80211_QCA 2604static int issue_key_mgmt_set_key(struct wpa_driver_nl80211_data *drv, 2605 const u8 *key, size_t key_len) 2606{ 2607 struct nl_msg *msg; 2608 int ret; 2609 2610 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_KEY_MGMT_OFFLOAD)) 2611 return 0; 2612 2613 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) || 2614 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) || 2615 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD, 2616 QCA_NL80211_VENDOR_SUBCMD_KEY_MGMT_SET_KEY) || 2617 nla_put(msg, NL80211_ATTR_VENDOR_DATA, key_len, key)) { 2618 nl80211_nlmsg_clear(msg); 2619 nlmsg_free(msg); 2620 return -1; 2621 } 2622 ret = send_and_recv_msgs(drv, msg, NULL, (void *) -1); 2623 if (ret) { 2624 wpa_printf(MSG_DEBUG, 2625 "nl80211: Key management set key failed: ret=%d (%s)", 2626 ret, strerror(-ret)); 2627 } 2628 2629 return ret; 2630} 2631#endif /* CONFIG_DRIVER_NL80211_QCA */ 2632 2633 2634static int wpa_driver_nl80211_set_key(const char *ifname, struct i802_bss *bss, 2635 enum wpa_alg alg, const u8 *addr, 2636 int key_idx, int set_tx, 2637 const u8 *seq, size_t seq_len, 2638 const u8 *key, size_t key_len) 2639{ 2640 struct wpa_driver_nl80211_data *drv = bss->drv; 2641 int ifindex; 2642 struct nl_msg *msg = NULL; 2643 int ret; 2644 int tdls = 0; 2645 2646 /* Ignore for P2P Device */ 2647 if (drv->nlmode == NL80211_IFTYPE_P2P_DEVICE) 2648 return 0; 2649 2650 ifindex = if_nametoindex(ifname); 2651 wpa_printf(MSG_DEBUG, "%s: ifindex=%d (%s) alg=%d addr=%p key_idx=%d " 2652 "set_tx=%d seq_len=%lu key_len=%lu", 2653 __func__, ifindex, ifname, alg, addr, key_idx, set_tx, 2654 (unsigned long) seq_len, (unsigned long) key_len); 2655#ifdef CONFIG_TDLS 2656 if (key_idx == -1) { 2657 key_idx = 0; 2658 tdls = 1; 2659 } 2660#endif /* CONFIG_TDLS */ 2661 2662#ifdef CONFIG_DRIVER_NL80211_QCA 2663 if (alg == WPA_ALG_PMK && 2664 (drv->capa.flags & WPA_DRIVER_FLAGS_KEY_MGMT_OFFLOAD)) { 2665 wpa_printf(MSG_DEBUG, "%s: calling issue_key_mgmt_set_key", 2666 __func__); 2667 ret = issue_key_mgmt_set_key(drv, key, key_len); 2668 return ret; 2669 } 2670#endif /* CONFIG_DRIVER_NL80211_QCA */ 2671 2672 if (alg == WPA_ALG_NONE) { 2673 msg = nl80211_ifindex_msg(drv, ifindex, 0, NL80211_CMD_DEL_KEY); 2674 if (!msg) 2675 return -ENOBUFS; 2676 } else { 2677 u32 suite; 2678 2679 suite = wpa_alg_to_cipher_suite(alg, key_len); 2680 if (!suite) 2681 goto fail; 2682 msg = nl80211_ifindex_msg(drv, ifindex, 0, NL80211_CMD_NEW_KEY); 2683 if (!msg || 2684 nla_put(msg, NL80211_ATTR_KEY_DATA, key_len, key) || 2685 nla_put_u32(msg, NL80211_ATTR_KEY_CIPHER, suite)) 2686 goto fail; 2687 wpa_hexdump_key(MSG_DEBUG, "nl80211: KEY_DATA", key, key_len); 2688 } 2689 2690 if (seq && seq_len) { 2691 if (nla_put(msg, NL80211_ATTR_KEY_SEQ, seq_len, seq)) 2692 goto fail; 2693 wpa_hexdump(MSG_DEBUG, "nl80211: KEY_SEQ", seq, seq_len); 2694 } 2695 2696 if (addr && !is_broadcast_ether_addr(addr)) { 2697 wpa_printf(MSG_DEBUG, " addr=" MACSTR, MAC2STR(addr)); 2698 if (nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) 2699 goto fail; 2700 2701 if (alg != WPA_ALG_WEP && key_idx && !set_tx) { 2702 wpa_printf(MSG_DEBUG, " RSN IBSS RX GTK"); 2703 if (nla_put_u32(msg, NL80211_ATTR_KEY_TYPE, 2704 NL80211_KEYTYPE_GROUP)) 2705 goto fail; 2706 } 2707 } else if (addr && is_broadcast_ether_addr(addr)) { 2708 struct nlattr *types; 2709 2710 wpa_printf(MSG_DEBUG, " broadcast key"); 2711 2712 types = nla_nest_start(msg, NL80211_ATTR_KEY_DEFAULT_TYPES); 2713 if (!types || 2714 nla_put_flag(msg, NL80211_KEY_DEFAULT_TYPE_MULTICAST)) 2715 goto fail; 2716 nla_nest_end(msg, types); 2717 } 2718 if (nla_put_u8(msg, NL80211_ATTR_KEY_IDX, key_idx)) 2719 goto fail; 2720 2721 ret = send_and_recv_msgs(drv, msg, NULL, key ? (void *) -1 : NULL); 2722 if ((ret == -ENOENT || ret == -ENOLINK) && alg == WPA_ALG_NONE) 2723 ret = 0; 2724 if (ret) 2725 wpa_printf(MSG_DEBUG, "nl80211: set_key failed; err=%d %s)", 2726 ret, strerror(-ret)); 2727 2728 /* 2729 * If we failed or don't need to set the default TX key (below), 2730 * we're done here. 2731 */ 2732 if (ret || !set_tx || alg == WPA_ALG_NONE || tdls) 2733 return ret; 2734 if (is_ap_interface(drv->nlmode) && addr && 2735 !is_broadcast_ether_addr(addr)) 2736 return ret; 2737 2738 msg = nl80211_ifindex_msg(drv, ifindex, 0, NL80211_CMD_SET_KEY); 2739 if (!msg || 2740 nla_put_u8(msg, NL80211_ATTR_KEY_IDX, key_idx) || 2741 nla_put_flag(msg, (alg == WPA_ALG_IGTK || 2742 alg == WPA_ALG_BIP_GMAC_128 || 2743 alg == WPA_ALG_BIP_GMAC_256 || 2744 alg == WPA_ALG_BIP_CMAC_256) ? 2745 NL80211_ATTR_KEY_DEFAULT_MGMT : 2746 NL80211_ATTR_KEY_DEFAULT)) 2747 goto fail; 2748 if (addr && is_broadcast_ether_addr(addr)) { 2749 struct nlattr *types; 2750 2751 types = nla_nest_start(msg, NL80211_ATTR_KEY_DEFAULT_TYPES); 2752 if (!types || 2753 nla_put_flag(msg, NL80211_KEY_DEFAULT_TYPE_MULTICAST)) 2754 goto fail; 2755 nla_nest_end(msg, types); 2756 } else if (addr) { 2757 struct nlattr *types; 2758 2759 types = nla_nest_start(msg, NL80211_ATTR_KEY_DEFAULT_TYPES); 2760 if (!types || 2761 nla_put_flag(msg, NL80211_KEY_DEFAULT_TYPE_UNICAST)) 2762 goto fail; 2763 nla_nest_end(msg, types); 2764 } 2765 2766 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 2767 if (ret == -ENOENT) 2768 ret = 0; 2769 if (ret) 2770 wpa_printf(MSG_DEBUG, "nl80211: set_key default failed; " 2771 "err=%d %s)", ret, strerror(-ret)); 2772 return ret; 2773 2774fail: 2775 nl80211_nlmsg_clear(msg); 2776 nlmsg_free(msg); 2777 return -ENOBUFS; 2778} 2779 2780 2781static int nl_add_key(struct nl_msg *msg, enum wpa_alg alg, 2782 int key_idx, int defkey, 2783 const u8 *seq, size_t seq_len, 2784 const u8 *key, size_t key_len) 2785{ 2786 struct nlattr *key_attr = nla_nest_start(msg, NL80211_ATTR_KEY); 2787 u32 suite; 2788 2789 if (!key_attr) 2790 return -1; 2791 2792 suite = wpa_alg_to_cipher_suite(alg, key_len); 2793 if (!suite) 2794 return -1; 2795 2796 if (defkey && alg == WPA_ALG_IGTK) { 2797 if (nla_put_flag(msg, NL80211_KEY_DEFAULT_MGMT)) 2798 return -1; 2799 } else if (defkey) { 2800 if (nla_put_flag(msg, NL80211_KEY_DEFAULT)) 2801 return -1; 2802 } 2803 2804 if (nla_put_u8(msg, NL80211_KEY_IDX, key_idx) || 2805 nla_put_u32(msg, NL80211_KEY_CIPHER, suite) || 2806 (seq && seq_len && 2807 nla_put(msg, NL80211_KEY_SEQ, seq_len, seq)) || 2808 nla_put(msg, NL80211_KEY_DATA, key_len, key)) 2809 return -1; 2810 2811 nla_nest_end(msg, key_attr); 2812 2813 return 0; 2814} 2815 2816 2817static int nl80211_set_conn_keys(struct wpa_driver_associate_params *params, 2818 struct nl_msg *msg) 2819{ 2820 int i, privacy = 0; 2821 struct nlattr *nl_keys, *nl_key; 2822 2823 for (i = 0; i < 4; i++) { 2824 if (!params->wep_key[i]) 2825 continue; 2826 privacy = 1; 2827 break; 2828 } 2829 if (params->wps == WPS_MODE_PRIVACY) 2830 privacy = 1; 2831 if (params->pairwise_suite && 2832 params->pairwise_suite != WPA_CIPHER_NONE) 2833 privacy = 1; 2834 2835 if (!privacy) 2836 return 0; 2837 2838 if (nla_put_flag(msg, NL80211_ATTR_PRIVACY)) 2839 return -ENOBUFS; 2840 2841 nl_keys = nla_nest_start(msg, NL80211_ATTR_KEYS); 2842 if (!nl_keys) 2843 return -ENOBUFS; 2844 2845 for (i = 0; i < 4; i++) { 2846 if (!params->wep_key[i]) 2847 continue; 2848 2849 nl_key = nla_nest_start(msg, i); 2850 if (!nl_key || 2851 nla_put(msg, NL80211_KEY_DATA, params->wep_key_len[i], 2852 params->wep_key[i]) || 2853 nla_put_u32(msg, NL80211_KEY_CIPHER, 2854 params->wep_key_len[i] == 5 ? 2855 WLAN_CIPHER_SUITE_WEP40 : 2856 WLAN_CIPHER_SUITE_WEP104) || 2857 nla_put_u8(msg, NL80211_KEY_IDX, i) || 2858 (i == params->wep_tx_keyidx && 2859 nla_put_flag(msg, NL80211_KEY_DEFAULT))) 2860 return -ENOBUFS; 2861 2862 nla_nest_end(msg, nl_key); 2863 } 2864 nla_nest_end(msg, nl_keys); 2865 2866 return 0; 2867} 2868 2869 2870int wpa_driver_nl80211_mlme(struct wpa_driver_nl80211_data *drv, 2871 const u8 *addr, int cmd, u16 reason_code, 2872 int local_state_change) 2873{ 2874 int ret; 2875 struct nl_msg *msg; 2876 2877 if (!(msg = nl80211_drv_msg(drv, 0, cmd)) || 2878 nla_put_u16(msg, NL80211_ATTR_REASON_CODE, reason_code) || 2879 (addr && nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) || 2880 (local_state_change && 2881 nla_put_flag(msg, NL80211_ATTR_LOCAL_STATE_CHANGE))) { 2882 nlmsg_free(msg); 2883 return -1; 2884 } 2885 2886 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 2887 if (ret) { 2888 wpa_dbg(drv->ctx, MSG_DEBUG, 2889 "nl80211: MLME command failed: reason=%u ret=%d (%s)", 2890 reason_code, ret, strerror(-ret)); 2891 } 2892 return ret; 2893} 2894 2895 2896static int wpa_driver_nl80211_disconnect(struct wpa_driver_nl80211_data *drv, 2897 int reason_code) 2898{ 2899 int ret; 2900 2901 wpa_printf(MSG_DEBUG, "%s(reason_code=%d)", __func__, reason_code); 2902 nl80211_mark_disconnected(drv); 2903 /* Disconnect command doesn't need BSSID - it uses cached value */ 2904 ret = wpa_driver_nl80211_mlme(drv, NULL, NL80211_CMD_DISCONNECT, 2905 reason_code, 0); 2906 /* 2907 * For locally generated disconnect, supplicant already generates a 2908 * DEAUTH event, so ignore the event from NL80211. 2909 */ 2910 drv->ignore_next_local_disconnect = ret == 0; 2911 2912 return ret; 2913} 2914 2915 2916static int wpa_driver_nl80211_deauthenticate(struct i802_bss *bss, 2917 const u8 *addr, int reason_code) 2918{ 2919 struct wpa_driver_nl80211_data *drv = bss->drv; 2920 int ret; 2921 2922 if (drv->nlmode == NL80211_IFTYPE_ADHOC) { 2923 nl80211_mark_disconnected(drv); 2924 return nl80211_leave_ibss(drv, 1); 2925 } 2926 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME)) 2927 return wpa_driver_nl80211_disconnect(drv, reason_code); 2928 wpa_printf(MSG_DEBUG, "%s(addr=" MACSTR " reason_code=%d)", 2929 __func__, MAC2STR(addr), reason_code); 2930 nl80211_mark_disconnected(drv); 2931 ret = wpa_driver_nl80211_mlme(drv, addr, NL80211_CMD_DEAUTHENTICATE, 2932 reason_code, 0); 2933 /* 2934 * For locally generated deauthenticate, supplicant already generates a 2935 * DEAUTH event, so ignore the event from NL80211. 2936 */ 2937 drv->ignore_next_local_deauth = ret == 0; 2938 return ret; 2939} 2940 2941 2942static void nl80211_copy_auth_params(struct wpa_driver_nl80211_data *drv, 2943 struct wpa_driver_auth_params *params) 2944{ 2945 int i; 2946 2947 drv->auth_freq = params->freq; 2948 drv->auth_alg = params->auth_alg; 2949 drv->auth_wep_tx_keyidx = params->wep_tx_keyidx; 2950 drv->auth_local_state_change = params->local_state_change; 2951 drv->auth_p2p = params->p2p; 2952 2953 if (params->bssid) 2954 os_memcpy(drv->auth_bssid_, params->bssid, ETH_ALEN); 2955 else 2956 os_memset(drv->auth_bssid_, 0, ETH_ALEN); 2957 2958 if (params->ssid) { 2959 os_memcpy(drv->auth_ssid, params->ssid, params->ssid_len); 2960 drv->auth_ssid_len = params->ssid_len; 2961 } else 2962 drv->auth_ssid_len = 0; 2963 2964 2965 os_free(drv->auth_ie); 2966 drv->auth_ie = NULL; 2967 drv->auth_ie_len = 0; 2968 if (params->ie) { 2969 drv->auth_ie = os_malloc(params->ie_len); 2970 if (drv->auth_ie) { 2971 os_memcpy(drv->auth_ie, params->ie, params->ie_len); 2972 drv->auth_ie_len = params->ie_len; 2973 } 2974 } 2975 2976 for (i = 0; i < 4; i++) { 2977 if (params->wep_key[i] && params->wep_key_len[i] && 2978 params->wep_key_len[i] <= 16) { 2979 os_memcpy(drv->auth_wep_key[i], params->wep_key[i], 2980 params->wep_key_len[i]); 2981 drv->auth_wep_key_len[i] = params->wep_key_len[i]; 2982 } else 2983 drv->auth_wep_key_len[i] = 0; 2984 } 2985} 2986 2987 2988static void nl80211_unmask_11b_rates(struct i802_bss *bss) 2989{ 2990 struct wpa_driver_nl80211_data *drv = bss->drv; 2991 2992 if (is_p2p_net_interface(drv->nlmode) || !drv->disabled_11b_rates) 2993 return; 2994 2995 /* 2996 * Looks like we failed to unmask 11b rates previously. This could 2997 * happen, e.g., if the interface was down at the point in time when a 2998 * P2P group was terminated. 2999 */ 3000 wpa_printf(MSG_DEBUG, 3001 "nl80211: Interface %s mode is for non-P2P, but 11b rates were disabled - re-enable them", 3002 bss->ifname); 3003 nl80211_disable_11b_rates(drv, drv->ifindex, 0); 3004} 3005 3006 3007static int wpa_driver_nl80211_authenticate( 3008 struct i802_bss *bss, struct wpa_driver_auth_params *params) 3009{ 3010 struct wpa_driver_nl80211_data *drv = bss->drv; 3011 int ret = -1, i; 3012 struct nl_msg *msg; 3013 enum nl80211_auth_type type; 3014 enum nl80211_iftype nlmode; 3015 int count = 0; 3016 int is_retry; 3017 3018 nl80211_unmask_11b_rates(bss); 3019 3020 is_retry = drv->retry_auth; 3021 drv->retry_auth = 0; 3022 drv->ignore_deauth_event = 0; 3023 3024 nl80211_mark_disconnected(drv); 3025 os_memset(drv->auth_bssid, 0, ETH_ALEN); 3026 if (params->bssid) 3027 os_memcpy(drv->auth_attempt_bssid, params->bssid, ETH_ALEN); 3028 else 3029 os_memset(drv->auth_attempt_bssid, 0, ETH_ALEN); 3030 /* FIX: IBSS mode */ 3031 nlmode = params->p2p ? 3032 NL80211_IFTYPE_P2P_CLIENT : NL80211_IFTYPE_STATION; 3033 if (drv->nlmode != nlmode && 3034 wpa_driver_nl80211_set_mode(bss, nlmode) < 0) 3035 return -1; 3036 3037retry: 3038 wpa_printf(MSG_DEBUG, "nl80211: Authenticate (ifindex=%d)", 3039 drv->ifindex); 3040 3041 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_AUTHENTICATE); 3042 if (!msg) 3043 goto fail; 3044 3045 for (i = 0; i < 4; i++) { 3046 if (!params->wep_key[i]) 3047 continue; 3048 wpa_driver_nl80211_set_key(bss->ifname, bss, WPA_ALG_WEP, 3049 NULL, i, 3050 i == params->wep_tx_keyidx, NULL, 0, 3051 params->wep_key[i], 3052 params->wep_key_len[i]); 3053 if (params->wep_tx_keyidx != i) 3054 continue; 3055 if (nl_add_key(msg, WPA_ALG_WEP, i, 1, NULL, 0, 3056 params->wep_key[i], params->wep_key_len[i])) 3057 goto fail; 3058 } 3059 3060 if (params->bssid) { 3061 wpa_printf(MSG_DEBUG, " * bssid=" MACSTR, 3062 MAC2STR(params->bssid)); 3063 if (nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid)) 3064 goto fail; 3065 } 3066 if (params->freq) { 3067 wpa_printf(MSG_DEBUG, " * freq=%d", params->freq); 3068 if (nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, params->freq)) 3069 goto fail; 3070 } 3071 if (params->ssid) { 3072 wpa_hexdump_ascii(MSG_DEBUG, " * SSID", 3073 params->ssid, params->ssid_len); 3074 if (nla_put(msg, NL80211_ATTR_SSID, params->ssid_len, 3075 params->ssid)) 3076 goto fail; 3077 } 3078 wpa_hexdump(MSG_DEBUG, " * IEs", params->ie, params->ie_len); 3079 if (params->ie && 3080 nla_put(msg, NL80211_ATTR_IE, params->ie_len, params->ie)) 3081 goto fail; 3082 if (params->sae_data) { 3083 wpa_hexdump(MSG_DEBUG, " * SAE data", params->sae_data, 3084 params->sae_data_len); 3085 if (nla_put(msg, NL80211_ATTR_SAE_DATA, params->sae_data_len, 3086 params->sae_data)) 3087 goto fail; 3088 } 3089 if (params->auth_alg & WPA_AUTH_ALG_OPEN) 3090 type = NL80211_AUTHTYPE_OPEN_SYSTEM; 3091 else if (params->auth_alg & WPA_AUTH_ALG_SHARED) 3092 type = NL80211_AUTHTYPE_SHARED_KEY; 3093 else if (params->auth_alg & WPA_AUTH_ALG_LEAP) 3094 type = NL80211_AUTHTYPE_NETWORK_EAP; 3095 else if (params->auth_alg & WPA_AUTH_ALG_FT) 3096 type = NL80211_AUTHTYPE_FT; 3097 else if (params->auth_alg & WPA_AUTH_ALG_SAE) 3098 type = NL80211_AUTHTYPE_SAE; 3099 else 3100 goto fail; 3101 wpa_printf(MSG_DEBUG, " * Auth Type %d", type); 3102 if (nla_put_u32(msg, NL80211_ATTR_AUTH_TYPE, type)) 3103 goto fail; 3104 if (params->local_state_change) { 3105 wpa_printf(MSG_DEBUG, " * Local state change only"); 3106 if (nla_put_flag(msg, NL80211_ATTR_LOCAL_STATE_CHANGE)) 3107 goto fail; 3108 } 3109 3110 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 3111 msg = NULL; 3112 if (ret) { 3113 wpa_dbg(drv->ctx, MSG_DEBUG, 3114 "nl80211: MLME command failed (auth): ret=%d (%s)", 3115 ret, strerror(-ret)); 3116 count++; 3117 if (ret == -EALREADY && count == 1 && params->bssid && 3118 !params->local_state_change) { 3119 /* 3120 * mac80211 does not currently accept new 3121 * authentication if we are already authenticated. As a 3122 * workaround, force deauthentication and try again. 3123 */ 3124 wpa_printf(MSG_DEBUG, "nl80211: Retry authentication " 3125 "after forced deauthentication"); 3126 drv->ignore_deauth_event = 1; 3127 wpa_driver_nl80211_deauthenticate( 3128 bss, params->bssid, 3129 WLAN_REASON_PREV_AUTH_NOT_VALID); 3130 nlmsg_free(msg); 3131 goto retry; 3132 } 3133 3134 if (ret == -ENOENT && params->freq && !is_retry) { 3135 /* 3136 * cfg80211 has likely expired the BSS entry even 3137 * though it was previously available in our internal 3138 * BSS table. To recover quickly, start a single 3139 * channel scan on the specified channel. 3140 */ 3141 struct wpa_driver_scan_params scan; 3142 int freqs[2]; 3143 3144 os_memset(&scan, 0, sizeof(scan)); 3145 scan.num_ssids = 1; 3146 if (params->ssid) { 3147 scan.ssids[0].ssid = params->ssid; 3148 scan.ssids[0].ssid_len = params->ssid_len; 3149 } 3150 freqs[0] = params->freq; 3151 freqs[1] = 0; 3152 scan.freqs = freqs; 3153 wpa_printf(MSG_DEBUG, "nl80211: Trigger single " 3154 "channel scan to refresh cfg80211 BSS " 3155 "entry"); 3156 ret = wpa_driver_nl80211_scan(bss, &scan); 3157 if (ret == 0) { 3158 nl80211_copy_auth_params(drv, params); 3159 drv->scan_for_auth = 1; 3160 } 3161 } else if (is_retry) { 3162 /* 3163 * Need to indicate this with an event since the return 3164 * value from the retry is not delivered to core code. 3165 */ 3166 union wpa_event_data event; 3167 wpa_printf(MSG_DEBUG, "nl80211: Authentication retry " 3168 "failed"); 3169 os_memset(&event, 0, sizeof(event)); 3170 os_memcpy(event.timeout_event.addr, drv->auth_bssid_, 3171 ETH_ALEN); 3172 wpa_supplicant_event(drv->ctx, EVENT_AUTH_TIMED_OUT, 3173 &event); 3174 } 3175 } else { 3176 wpa_printf(MSG_DEBUG, 3177 "nl80211: Authentication request send successfully"); 3178 } 3179 3180fail: 3181 nlmsg_free(msg); 3182 return ret; 3183} 3184 3185 3186int wpa_driver_nl80211_authenticate_retry(struct wpa_driver_nl80211_data *drv) 3187{ 3188 struct wpa_driver_auth_params params; 3189 struct i802_bss *bss = drv->first_bss; 3190 int i; 3191 3192 wpa_printf(MSG_DEBUG, "nl80211: Try to authenticate again"); 3193 3194 os_memset(¶ms, 0, sizeof(params)); 3195 params.freq = drv->auth_freq; 3196 params.auth_alg = drv->auth_alg; 3197 params.wep_tx_keyidx = drv->auth_wep_tx_keyidx; 3198 params.local_state_change = drv->auth_local_state_change; 3199 params.p2p = drv->auth_p2p; 3200 3201 if (!is_zero_ether_addr(drv->auth_bssid_)) 3202 params.bssid = drv->auth_bssid_; 3203 3204 if (drv->auth_ssid_len) { 3205 params.ssid = drv->auth_ssid; 3206 params.ssid_len = drv->auth_ssid_len; 3207 } 3208 3209 params.ie = drv->auth_ie; 3210 params.ie_len = drv->auth_ie_len; 3211 3212 for (i = 0; i < 4; i++) { 3213 if (drv->auth_wep_key_len[i]) { 3214 params.wep_key[i] = drv->auth_wep_key[i]; 3215 params.wep_key_len[i] = drv->auth_wep_key_len[i]; 3216 } 3217 } 3218 3219 drv->retry_auth = 1; 3220 return wpa_driver_nl80211_authenticate(bss, ¶ms); 3221} 3222 3223 3224static int wpa_driver_nl80211_send_frame(struct i802_bss *bss, 3225 const void *data, size_t len, 3226 int encrypt, int noack, 3227 unsigned int freq, int no_cck, 3228 int offchanok, unsigned int wait_time, 3229 const u16 *csa_offs, 3230 size_t csa_offs_len) 3231{ 3232 struct wpa_driver_nl80211_data *drv = bss->drv; 3233 u64 cookie; 3234 int res; 3235 3236 if (freq == 0 && drv->nlmode == NL80211_IFTYPE_ADHOC) { 3237 freq = nl80211_get_assoc_freq(drv); 3238 wpa_printf(MSG_DEBUG, 3239 "nl80211: send_frame - Use assoc_freq=%u for IBSS", 3240 freq); 3241 } 3242 if (freq == 0) { 3243 wpa_printf(MSG_DEBUG, "nl80211: send_frame - Use bss->freq=%u", 3244 bss->freq); 3245 freq = bss->freq; 3246 } 3247 3248 if (drv->use_monitor) { 3249 wpa_printf(MSG_DEBUG, "nl80211: send_frame(freq=%u bss->freq=%u) -> send_monitor", 3250 freq, bss->freq); 3251 return nl80211_send_monitor(drv, data, len, encrypt, noack); 3252 } 3253 3254 wpa_printf(MSG_DEBUG, "nl80211: send_frame -> send_frame_cmd"); 3255 res = nl80211_send_frame_cmd(bss, freq, wait_time, data, len, 3256 &cookie, no_cck, noack, offchanok, 3257 csa_offs, csa_offs_len); 3258 if (res == 0 && !noack) { 3259 const struct ieee80211_mgmt *mgmt; 3260 u16 fc; 3261 3262 mgmt = (const struct ieee80211_mgmt *) data; 3263 fc = le_to_host16(mgmt->frame_control); 3264 if (WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT && 3265 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_ACTION) { 3266 wpa_printf(MSG_MSGDUMP, 3267 "nl80211: Update send_action_cookie from 0x%llx to 0x%llx", 3268 (long long unsigned int) 3269 drv->send_action_cookie, 3270 (long long unsigned int) cookie); 3271 drv->send_action_cookie = cookie; 3272 } 3273 } 3274 3275 return res; 3276} 3277 3278 3279static int wpa_driver_nl80211_send_mlme(struct i802_bss *bss, const u8 *data, 3280 size_t data_len, int noack, 3281 unsigned int freq, int no_cck, 3282 int offchanok, 3283 unsigned int wait_time, 3284 const u16 *csa_offs, 3285 size_t csa_offs_len) 3286{ 3287 struct wpa_driver_nl80211_data *drv = bss->drv; 3288 struct ieee80211_mgmt *mgmt; 3289 int encrypt = 1; 3290 u16 fc; 3291 3292 mgmt = (struct ieee80211_mgmt *) data; 3293 fc = le_to_host16(mgmt->frame_control); 3294 wpa_printf(MSG_DEBUG, "nl80211: send_mlme - da= " MACSTR 3295 " noack=%d freq=%u no_cck=%d offchanok=%d wait_time=%u fc=0x%x (%s) nlmode=%d", 3296 MAC2STR(mgmt->da), noack, freq, no_cck, offchanok, wait_time, 3297 fc, fc2str(fc), drv->nlmode); 3298 3299 if ((is_sta_interface(drv->nlmode) || 3300 drv->nlmode == NL80211_IFTYPE_P2P_DEVICE) && 3301 WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT && 3302 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_PROBE_RESP) { 3303 /* 3304 * The use of last_mgmt_freq is a bit of a hack, 3305 * but it works due to the single-threaded nature 3306 * of wpa_supplicant. 3307 */ 3308 if (freq == 0) { 3309 wpa_printf(MSG_DEBUG, "nl80211: Use last_mgmt_freq=%d", 3310 drv->last_mgmt_freq); 3311 freq = drv->last_mgmt_freq; 3312 } 3313 return nl80211_send_frame_cmd(bss, freq, 0, 3314 data, data_len, NULL, 1, noack, 3315 1, csa_offs, csa_offs_len); 3316 } 3317 3318 if (drv->device_ap_sme && is_ap_interface(drv->nlmode)) { 3319 if (freq == 0) { 3320 wpa_printf(MSG_DEBUG, "nl80211: Use bss->freq=%d", 3321 bss->freq); 3322 freq = bss->freq; 3323 } 3324 return nl80211_send_frame_cmd(bss, freq, 3325 (int) freq == bss->freq ? 0 : 3326 wait_time, 3327 data, data_len, 3328 &drv->send_action_cookie, 3329 no_cck, noack, offchanok, 3330 csa_offs, csa_offs_len); 3331 } 3332 3333 if (WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT && 3334 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_AUTH) { 3335 /* 3336 * Only one of the authentication frame types is encrypted. 3337 * In order for static WEP encryption to work properly (i.e., 3338 * to not encrypt the frame), we need to tell mac80211 about 3339 * the frames that must not be encrypted. 3340 */ 3341 u16 auth_alg = le_to_host16(mgmt->u.auth.auth_alg); 3342 u16 auth_trans = le_to_host16(mgmt->u.auth.auth_transaction); 3343 if (auth_alg != WLAN_AUTH_SHARED_KEY || auth_trans != 3) 3344 encrypt = 0; 3345 } 3346 3347 wpa_printf(MSG_DEBUG, "nl80211: send_mlme -> send_frame"); 3348 return wpa_driver_nl80211_send_frame(bss, data, data_len, encrypt, 3349 noack, freq, no_cck, offchanok, 3350 wait_time, csa_offs, 3351 csa_offs_len); 3352} 3353 3354 3355static int nl80211_put_basic_rates(struct nl_msg *msg, const int *basic_rates) 3356{ 3357 u8 rates[NL80211_MAX_SUPP_RATES]; 3358 u8 rates_len = 0; 3359 int i; 3360 3361 if (!basic_rates) 3362 return 0; 3363 3364 for (i = 0; i < NL80211_MAX_SUPP_RATES && basic_rates[i] >= 0; i++) 3365 rates[rates_len++] = basic_rates[i] / 5; 3366 3367 return nla_put(msg, NL80211_ATTR_BSS_BASIC_RATES, rates_len, rates); 3368} 3369 3370 3371static int nl80211_set_bss(struct i802_bss *bss, int cts, int preamble, 3372 int slot, int ht_opmode, int ap_isolate, 3373 const int *basic_rates) 3374{ 3375 struct wpa_driver_nl80211_data *drv = bss->drv; 3376 struct nl_msg *msg; 3377 3378 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_BSS)) || 3379 (cts >= 0 && 3380 nla_put_u8(msg, NL80211_ATTR_BSS_CTS_PROT, cts)) || 3381 (preamble >= 0 && 3382 nla_put_u8(msg, NL80211_ATTR_BSS_SHORT_PREAMBLE, preamble)) || 3383 (slot >= 0 && 3384 nla_put_u8(msg, NL80211_ATTR_BSS_SHORT_SLOT_TIME, slot)) || 3385 (ht_opmode >= 0 && 3386 nla_put_u16(msg, NL80211_ATTR_BSS_HT_OPMODE, ht_opmode)) || 3387 (ap_isolate >= 0 && 3388 nla_put_u8(msg, NL80211_ATTR_AP_ISOLATE, ap_isolate)) || 3389 nl80211_put_basic_rates(msg, basic_rates)) { 3390 nlmsg_free(msg); 3391 return -ENOBUFS; 3392 } 3393 3394 return send_and_recv_msgs(drv, msg, NULL, NULL); 3395} 3396 3397 3398static int wpa_driver_nl80211_set_acl(void *priv, 3399 struct hostapd_acl_params *params) 3400{ 3401 struct i802_bss *bss = priv; 3402 struct wpa_driver_nl80211_data *drv = bss->drv; 3403 struct nl_msg *msg; 3404 struct nl_msg *acl; 3405 unsigned int i; 3406 int ret; 3407 3408 if (!(drv->capa.max_acl_mac_addrs)) 3409 return -ENOTSUP; 3410 3411 if (params->num_mac_acl > drv->capa.max_acl_mac_addrs) 3412 return -ENOTSUP; 3413 3414 wpa_printf(MSG_DEBUG, "nl80211: Set %s ACL (num_mac_acl=%u)", 3415 params->acl_policy ? "Accept" : "Deny", params->num_mac_acl); 3416 3417 acl = nlmsg_alloc(); 3418 if (!acl) 3419 return -ENOMEM; 3420 for (i = 0; i < params->num_mac_acl; i++) { 3421 if (nla_put(acl, i + 1, ETH_ALEN, params->mac_acl[i].addr)) { 3422 nlmsg_free(acl); 3423 return -ENOMEM; 3424 } 3425 } 3426 3427 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_SET_MAC_ACL)) || 3428 nla_put_u32(msg, NL80211_ATTR_ACL_POLICY, params->acl_policy ? 3429 NL80211_ACL_POLICY_DENY_UNLESS_LISTED : 3430 NL80211_ACL_POLICY_ACCEPT_UNLESS_LISTED) || 3431 nla_put_nested(msg, NL80211_ATTR_MAC_ADDRS, acl)) { 3432 nlmsg_free(msg); 3433 nlmsg_free(acl); 3434 return -ENOMEM; 3435 } 3436 nlmsg_free(acl); 3437 3438 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 3439 if (ret) { 3440 wpa_printf(MSG_DEBUG, "nl80211: Failed to set MAC ACL: %d (%s)", 3441 ret, strerror(-ret)); 3442 } 3443 3444 return ret; 3445} 3446 3447 3448static int nl80211_put_beacon_int(struct nl_msg *msg, int beacon_int) 3449{ 3450 if (beacon_int > 0) { 3451 wpa_printf(MSG_DEBUG, " * beacon_int=%d", beacon_int); 3452 return nla_put_u32(msg, NL80211_ATTR_BEACON_INTERVAL, 3453 beacon_int); 3454 } 3455 3456 return 0; 3457} 3458 3459 3460static int wpa_driver_nl80211_set_ap(void *priv, 3461 struct wpa_driver_ap_params *params) 3462{ 3463 struct i802_bss *bss = priv; 3464 struct wpa_driver_nl80211_data *drv = bss->drv; 3465 struct nl_msg *msg; 3466 u8 cmd = NL80211_CMD_NEW_BEACON; 3467 int ret; 3468 int beacon_set; 3469 int num_suites; 3470 int smps_mode; 3471 u32 suites[10], suite; 3472 u32 ver; 3473 3474 beacon_set = params->reenable ? 0 : bss->beacon_set; 3475 3476 wpa_printf(MSG_DEBUG, "nl80211: Set beacon (beacon_set=%d)", 3477 beacon_set); 3478 if (beacon_set) 3479 cmd = NL80211_CMD_SET_BEACON; 3480 3481 wpa_hexdump(MSG_DEBUG, "nl80211: Beacon head", 3482 params->head, params->head_len); 3483 wpa_hexdump(MSG_DEBUG, "nl80211: Beacon tail", 3484 params->tail, params->tail_len); 3485 wpa_printf(MSG_DEBUG, "nl80211: ifindex=%d", bss->ifindex); 3486 wpa_printf(MSG_DEBUG, "nl80211: beacon_int=%d", params->beacon_int); 3487 wpa_printf(MSG_DEBUG, "nl80211: dtim_period=%d", params->dtim_period); 3488 wpa_hexdump_ascii(MSG_DEBUG, "nl80211: ssid", 3489 params->ssid, params->ssid_len); 3490 if (!(msg = nl80211_bss_msg(bss, 0, cmd)) || 3491 nla_put(msg, NL80211_ATTR_BEACON_HEAD, params->head_len, 3492 params->head) || 3493 nla_put(msg, NL80211_ATTR_BEACON_TAIL, params->tail_len, 3494 params->tail) || 3495 nl80211_put_beacon_int(msg, params->beacon_int) || 3496 nla_put_u32(msg, NL80211_ATTR_DTIM_PERIOD, params->dtim_period) || 3497 nla_put(msg, NL80211_ATTR_SSID, params->ssid_len, params->ssid)) 3498 goto fail; 3499 if (params->proberesp && params->proberesp_len) { 3500 wpa_hexdump(MSG_DEBUG, "nl80211: proberesp (offload)", 3501 params->proberesp, params->proberesp_len); 3502 if (nla_put(msg, NL80211_ATTR_PROBE_RESP, params->proberesp_len, 3503 params->proberesp)) 3504 goto fail; 3505 } 3506 switch (params->hide_ssid) { 3507 case NO_SSID_HIDING: 3508 wpa_printf(MSG_DEBUG, "nl80211: hidden SSID not in use"); 3509 if (nla_put_u32(msg, NL80211_ATTR_HIDDEN_SSID, 3510 NL80211_HIDDEN_SSID_NOT_IN_USE)) 3511 goto fail; 3512 break; 3513 case HIDDEN_SSID_ZERO_LEN: 3514 wpa_printf(MSG_DEBUG, "nl80211: hidden SSID zero len"); 3515 if (nla_put_u32(msg, NL80211_ATTR_HIDDEN_SSID, 3516 NL80211_HIDDEN_SSID_ZERO_LEN)) 3517 goto fail; 3518 break; 3519 case HIDDEN_SSID_ZERO_CONTENTS: 3520 wpa_printf(MSG_DEBUG, "nl80211: hidden SSID zero contents"); 3521 if (nla_put_u32(msg, NL80211_ATTR_HIDDEN_SSID, 3522 NL80211_HIDDEN_SSID_ZERO_CONTENTS)) 3523 goto fail; 3524 break; 3525 } 3526 wpa_printf(MSG_DEBUG, "nl80211: privacy=%d", params->privacy); 3527 if (params->privacy && 3528 nla_put_flag(msg, NL80211_ATTR_PRIVACY)) 3529 goto fail; 3530 wpa_printf(MSG_DEBUG, "nl80211: auth_algs=0x%x", params->auth_algs); 3531 if ((params->auth_algs & (WPA_AUTH_ALG_OPEN | WPA_AUTH_ALG_SHARED)) == 3532 (WPA_AUTH_ALG_OPEN | WPA_AUTH_ALG_SHARED)) { 3533 /* Leave out the attribute */ 3534 } else if (params->auth_algs & WPA_AUTH_ALG_SHARED) { 3535 if (nla_put_u32(msg, NL80211_ATTR_AUTH_TYPE, 3536 NL80211_AUTHTYPE_SHARED_KEY)) 3537 goto fail; 3538 } else { 3539 if (nla_put_u32(msg, NL80211_ATTR_AUTH_TYPE, 3540 NL80211_AUTHTYPE_OPEN_SYSTEM)) 3541 goto fail; 3542 } 3543 3544 wpa_printf(MSG_DEBUG, "nl80211: wpa_version=0x%x", params->wpa_version); 3545 ver = 0; 3546 if (params->wpa_version & WPA_PROTO_WPA) 3547 ver |= NL80211_WPA_VERSION_1; 3548 if (params->wpa_version & WPA_PROTO_RSN) 3549 ver |= NL80211_WPA_VERSION_2; 3550 if (ver && 3551 nla_put_u32(msg, NL80211_ATTR_WPA_VERSIONS, ver)) 3552 goto fail; 3553 3554 wpa_printf(MSG_DEBUG, "nl80211: key_mgmt_suites=0x%x", 3555 params->key_mgmt_suites); 3556 num_suites = 0; 3557 if (params->key_mgmt_suites & WPA_KEY_MGMT_IEEE8021X) 3558 suites[num_suites++] = WLAN_AKM_SUITE_8021X; 3559 if (params->key_mgmt_suites & WPA_KEY_MGMT_PSK) 3560 suites[num_suites++] = WLAN_AKM_SUITE_PSK; 3561 if (num_suites && 3562 nla_put(msg, NL80211_ATTR_AKM_SUITES, num_suites * sizeof(u32), 3563 suites)) 3564 goto fail; 3565 3566 if (params->key_mgmt_suites & WPA_KEY_MGMT_IEEE8021X_NO_WPA && 3567 params->pairwise_ciphers & (WPA_CIPHER_WEP104 | WPA_CIPHER_WEP40) && 3568 nla_put_flag(msg, NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT)) 3569 goto fail; 3570 3571 wpa_printf(MSG_DEBUG, "nl80211: pairwise_ciphers=0x%x", 3572 params->pairwise_ciphers); 3573 num_suites = wpa_cipher_to_cipher_suites(params->pairwise_ciphers, 3574 suites, ARRAY_SIZE(suites)); 3575 if (num_suites && 3576 nla_put(msg, NL80211_ATTR_CIPHER_SUITES_PAIRWISE, 3577 num_suites * sizeof(u32), suites)) 3578 goto fail; 3579 3580 wpa_printf(MSG_DEBUG, "nl80211: group_cipher=0x%x", 3581 params->group_cipher); 3582 suite = wpa_cipher_to_cipher_suite(params->group_cipher); 3583 if (suite && 3584 nla_put_u32(msg, NL80211_ATTR_CIPHER_SUITE_GROUP, suite)) 3585 goto fail; 3586 3587 if (params->ht_opmode != -1) { 3588 switch (params->smps_mode) { 3589 case HT_CAP_INFO_SMPS_DYNAMIC: 3590 wpa_printf(MSG_DEBUG, "nl80211: SMPS mode - dynamic"); 3591 smps_mode = NL80211_SMPS_DYNAMIC; 3592 break; 3593 case HT_CAP_INFO_SMPS_STATIC: 3594 wpa_printf(MSG_DEBUG, "nl80211: SMPS mode - static"); 3595 smps_mode = NL80211_SMPS_STATIC; 3596 break; 3597 default: 3598 /* invalid - fallback to smps off */ 3599 case HT_CAP_INFO_SMPS_DISABLED: 3600 wpa_printf(MSG_DEBUG, "nl80211: SMPS mode - off"); 3601 smps_mode = NL80211_SMPS_OFF; 3602 break; 3603 } 3604 if (nla_put_u32(msg, NL80211_ATTR_SMPS_MODE, smps_mode)) 3605 goto fail; 3606 } 3607 3608 if (params->beacon_ies) { 3609 wpa_hexdump_buf(MSG_DEBUG, "nl80211: beacon_ies", 3610 params->beacon_ies); 3611 if (nla_put(msg, NL80211_ATTR_IE, 3612 wpabuf_len(params->beacon_ies), 3613 wpabuf_head(params->beacon_ies))) 3614 goto fail; 3615 } 3616 if (params->proberesp_ies) { 3617 wpa_hexdump_buf(MSG_DEBUG, "nl80211: proberesp_ies", 3618 params->proberesp_ies); 3619 if (nla_put(msg, NL80211_ATTR_IE_PROBE_RESP, 3620 wpabuf_len(params->proberesp_ies), 3621 wpabuf_head(params->proberesp_ies))) 3622 goto fail; 3623 } 3624 if (params->assocresp_ies) { 3625 wpa_hexdump_buf(MSG_DEBUG, "nl80211: assocresp_ies", 3626 params->assocresp_ies); 3627 if (nla_put(msg, NL80211_ATTR_IE_ASSOC_RESP, 3628 wpabuf_len(params->assocresp_ies), 3629 wpabuf_head(params->assocresp_ies))) 3630 goto fail; 3631 } 3632 3633 if (drv->capa.flags & WPA_DRIVER_FLAGS_INACTIVITY_TIMER) { 3634 wpa_printf(MSG_DEBUG, "nl80211: ap_max_inactivity=%d", 3635 params->ap_max_inactivity); 3636 if (nla_put_u16(msg, NL80211_ATTR_INACTIVITY_TIMEOUT, 3637 params->ap_max_inactivity)) 3638 goto fail; 3639 } 3640 3641#ifdef CONFIG_P2P 3642 if (params->p2p_go_ctwindow > 0) { 3643 if (drv->p2p_go_ctwindow_supported) { 3644 wpa_printf(MSG_DEBUG, "nl80211: P2P GO ctwindow=%d", 3645 params->p2p_go_ctwindow); 3646 if (nla_put_u8(msg, NL80211_ATTR_P2P_CTWINDOW, 3647 params->p2p_go_ctwindow)) 3648 goto fail; 3649 } else { 3650 wpa_printf(MSG_INFO, 3651 "nl80211: Driver does not support CTWindow configuration - ignore this parameter"); 3652 } 3653 } 3654#endif /* CONFIG_P2P */ 3655 3656 if (params->pbss) { 3657 wpa_printf(MSG_DEBUG, "nl80211: PBSS"); 3658 if (nla_put_flag(msg, NL80211_ATTR_PBSS)) 3659 goto fail; 3660 } 3661 3662 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 3663 if (ret) { 3664 wpa_printf(MSG_DEBUG, "nl80211: Beacon set failed: %d (%s)", 3665 ret, strerror(-ret)); 3666 } else { 3667 bss->beacon_set = 1; 3668 nl80211_set_bss(bss, params->cts_protect, params->preamble, 3669 params->short_slot_time, params->ht_opmode, 3670 params->isolate, params->basic_rates); 3671 if (beacon_set && params->freq && 3672 params->freq->bandwidth != bss->bandwidth) { 3673 wpa_printf(MSG_DEBUG, 3674 "nl80211: Update BSS %s bandwidth: %d -> %d", 3675 bss->ifname, bss->bandwidth, 3676 params->freq->bandwidth); 3677 ret = nl80211_set_channel(bss, params->freq, 1); 3678 if (ret) { 3679 wpa_printf(MSG_DEBUG, 3680 "nl80211: Frequency set failed: %d (%s)", 3681 ret, strerror(-ret)); 3682 } else { 3683 wpa_printf(MSG_DEBUG, 3684 "nl80211: Frequency set succeeded for ht2040 coex"); 3685 bss->bandwidth = params->freq->bandwidth; 3686 } 3687 } else if (!beacon_set) { 3688 /* 3689 * cfg80211 updates the driver on frequence change in AP 3690 * mode only at the point when beaconing is started, so 3691 * set the initial value here. 3692 */ 3693 bss->bandwidth = params->freq->bandwidth; 3694 } 3695 } 3696 return ret; 3697fail: 3698 nlmsg_free(msg); 3699 return -ENOBUFS; 3700} 3701 3702 3703static int nl80211_put_freq_params(struct nl_msg *msg, 3704 const struct hostapd_freq_params *freq) 3705{ 3706 wpa_printf(MSG_DEBUG, " * freq=%d", freq->freq); 3707 if (nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, freq->freq)) 3708 return -ENOBUFS; 3709 3710 wpa_printf(MSG_DEBUG, " * vht_enabled=%d", freq->vht_enabled); 3711 wpa_printf(MSG_DEBUG, " * ht_enabled=%d", freq->ht_enabled); 3712 3713 if (freq->vht_enabled) { 3714 enum nl80211_chan_width cw; 3715 3716 wpa_printf(MSG_DEBUG, " * bandwidth=%d", freq->bandwidth); 3717 switch (freq->bandwidth) { 3718 case 20: 3719 cw = NL80211_CHAN_WIDTH_20; 3720 break; 3721 case 40: 3722 cw = NL80211_CHAN_WIDTH_40; 3723 break; 3724 case 80: 3725 if (freq->center_freq2) 3726 cw = NL80211_CHAN_WIDTH_80P80; 3727 else 3728 cw = NL80211_CHAN_WIDTH_80; 3729 break; 3730 case 160: 3731 cw = NL80211_CHAN_WIDTH_160; 3732 break; 3733 default: 3734 return -EINVAL; 3735 } 3736 3737 wpa_printf(MSG_DEBUG, " * channel_width=%d", cw); 3738 wpa_printf(MSG_DEBUG, " * center_freq1=%d", 3739 freq->center_freq1); 3740 wpa_printf(MSG_DEBUG, " * center_freq2=%d", 3741 freq->center_freq2); 3742 if (nla_put_u32(msg, NL80211_ATTR_CHANNEL_WIDTH, cw) || 3743 nla_put_u32(msg, NL80211_ATTR_CENTER_FREQ1, 3744 freq->center_freq1) || 3745 (freq->center_freq2 && 3746 nla_put_u32(msg, NL80211_ATTR_CENTER_FREQ2, 3747 freq->center_freq2))) 3748 return -ENOBUFS; 3749 } else if (freq->ht_enabled) { 3750 enum nl80211_channel_type ct; 3751 3752 wpa_printf(MSG_DEBUG, " * sec_channel_offset=%d", 3753 freq->sec_channel_offset); 3754 switch (freq->sec_channel_offset) { 3755 case -1: 3756 ct = NL80211_CHAN_HT40MINUS; 3757 break; 3758 case 1: 3759 ct = NL80211_CHAN_HT40PLUS; 3760 break; 3761 default: 3762 ct = NL80211_CHAN_HT20; 3763 break; 3764 } 3765 3766 wpa_printf(MSG_DEBUG, " * channel_type=%d", ct); 3767 if (nla_put_u32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE, ct)) 3768 return -ENOBUFS; 3769 } 3770 return 0; 3771} 3772 3773 3774static int nl80211_set_channel(struct i802_bss *bss, 3775 struct hostapd_freq_params *freq, int set_chan) 3776{ 3777 struct wpa_driver_nl80211_data *drv = bss->drv; 3778 struct nl_msg *msg; 3779 int ret; 3780 3781 wpa_printf(MSG_DEBUG, 3782 "nl80211: Set freq %d (ht_enabled=%d, vht_enabled=%d, bandwidth=%d MHz, cf1=%d MHz, cf2=%d MHz)", 3783 freq->freq, freq->ht_enabled, freq->vht_enabled, 3784 freq->bandwidth, freq->center_freq1, freq->center_freq2); 3785 3786 msg = nl80211_drv_msg(drv, 0, set_chan ? NL80211_CMD_SET_CHANNEL : 3787 NL80211_CMD_SET_WIPHY); 3788 if (!msg || nl80211_put_freq_params(msg, freq) < 0) { 3789 nlmsg_free(msg); 3790 return -1; 3791 } 3792 3793 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 3794 if (ret == 0) { 3795 bss->freq = freq->freq; 3796 return 0; 3797 } 3798 wpa_printf(MSG_DEBUG, "nl80211: Failed to set channel (freq=%d): " 3799 "%d (%s)", freq->freq, ret, strerror(-ret)); 3800 return -1; 3801} 3802 3803 3804static u32 sta_flags_nl80211(int flags) 3805{ 3806 u32 f = 0; 3807 3808 if (flags & WPA_STA_AUTHORIZED) 3809 f |= BIT(NL80211_STA_FLAG_AUTHORIZED); 3810 if (flags & WPA_STA_WMM) 3811 f |= BIT(NL80211_STA_FLAG_WME); 3812 if (flags & WPA_STA_SHORT_PREAMBLE) 3813 f |= BIT(NL80211_STA_FLAG_SHORT_PREAMBLE); 3814 if (flags & WPA_STA_MFP) 3815 f |= BIT(NL80211_STA_FLAG_MFP); 3816 if (flags & WPA_STA_TDLS_PEER) 3817 f |= BIT(NL80211_STA_FLAG_TDLS_PEER); 3818 if (flags & WPA_STA_AUTHENTICATED) 3819 f |= BIT(NL80211_STA_FLAG_AUTHENTICATED); 3820 if (flags & WPA_STA_ASSOCIATED) 3821 f |= BIT(NL80211_STA_FLAG_ASSOCIATED); 3822 3823 return f; 3824} 3825 3826 3827#ifdef CONFIG_MESH 3828static u32 sta_plink_state_nl80211(enum mesh_plink_state state) 3829{ 3830 switch (state) { 3831 case PLINK_LISTEN: 3832 return NL80211_PLINK_LISTEN; 3833 case PLINK_OPEN_SENT: 3834 return NL80211_PLINK_OPN_SNT; 3835 case PLINK_OPEN_RCVD: 3836 return NL80211_PLINK_OPN_RCVD; 3837 case PLINK_CNF_RCVD: 3838 return NL80211_PLINK_CNF_RCVD; 3839 case PLINK_ESTAB: 3840 return NL80211_PLINK_ESTAB; 3841 case PLINK_HOLDING: 3842 return NL80211_PLINK_HOLDING; 3843 case PLINK_BLOCKED: 3844 return NL80211_PLINK_BLOCKED; 3845 default: 3846 wpa_printf(MSG_ERROR, "nl80211: Invalid mesh plink state %d", 3847 state); 3848 } 3849 return -1; 3850} 3851#endif /* CONFIG_MESH */ 3852 3853 3854static int wpa_driver_nl80211_sta_add(void *priv, 3855 struct hostapd_sta_add_params *params) 3856{ 3857 struct i802_bss *bss = priv; 3858 struct wpa_driver_nl80211_data *drv = bss->drv; 3859 struct nl_msg *msg; 3860 struct nl80211_sta_flag_update upd; 3861 int ret = -ENOBUFS; 3862 3863 if ((params->flags & WPA_STA_TDLS_PEER) && 3864 !(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT)) 3865 return -EOPNOTSUPP; 3866 3867 wpa_printf(MSG_DEBUG, "nl80211: %s STA " MACSTR, 3868 params->set ? "Set" : "Add", MAC2STR(params->addr)); 3869 msg = nl80211_bss_msg(bss, 0, params->set ? NL80211_CMD_SET_STATION : 3870 NL80211_CMD_NEW_STATION); 3871 if (!msg || nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, params->addr)) 3872 goto fail; 3873 3874 /* 3875 * Set the below properties only in one of the following cases: 3876 * 1. New station is added, already associated. 3877 * 2. Set WPA_STA_TDLS_PEER station. 3878 * 3. Set an already added unassociated station, if driver supports 3879 * full AP client state. (Set these properties after station became 3880 * associated will be rejected by the driver). 3881 */ 3882 if (!params->set || (params->flags & WPA_STA_TDLS_PEER) || 3883 (params->set && FULL_AP_CLIENT_STATE_SUPP(drv->capa.flags) && 3884 (params->flags & WPA_STA_ASSOCIATED))) { 3885 wpa_hexdump(MSG_DEBUG, " * supported rates", 3886 params->supp_rates, params->supp_rates_len); 3887 wpa_printf(MSG_DEBUG, " * capability=0x%x", 3888 params->capability); 3889 if (nla_put(msg, NL80211_ATTR_STA_SUPPORTED_RATES, 3890 params->supp_rates_len, params->supp_rates) || 3891 nla_put_u16(msg, NL80211_ATTR_STA_CAPABILITY, 3892 params->capability)) 3893 goto fail; 3894 3895 if (params->ht_capabilities) { 3896 wpa_hexdump(MSG_DEBUG, " * ht_capabilities", 3897 (u8 *) params->ht_capabilities, 3898 sizeof(*params->ht_capabilities)); 3899 if (nla_put(msg, NL80211_ATTR_HT_CAPABILITY, 3900 sizeof(*params->ht_capabilities), 3901 params->ht_capabilities)) 3902 goto fail; 3903 } 3904 3905 if (params->vht_capabilities) { 3906 wpa_hexdump(MSG_DEBUG, " * vht_capabilities", 3907 (u8 *) params->vht_capabilities, 3908 sizeof(*params->vht_capabilities)); 3909 if (nla_put(msg, NL80211_ATTR_VHT_CAPABILITY, 3910 sizeof(*params->vht_capabilities), 3911 params->vht_capabilities)) 3912 goto fail; 3913 } 3914 3915 if (params->ext_capab) { 3916 wpa_hexdump(MSG_DEBUG, " * ext_capab", 3917 params->ext_capab, params->ext_capab_len); 3918 if (nla_put(msg, NL80211_ATTR_STA_EXT_CAPABILITY, 3919 params->ext_capab_len, params->ext_capab)) 3920 goto fail; 3921 } 3922 } 3923 if (!params->set) { 3924 if (params->aid) { 3925 wpa_printf(MSG_DEBUG, " * aid=%u", params->aid); 3926 if (nla_put_u16(msg, NL80211_ATTR_STA_AID, params->aid)) 3927 goto fail; 3928 } else { 3929 /* 3930 * cfg80211 validates that AID is non-zero, so we have 3931 * to make this a non-zero value for the TDLS case where 3932 * a dummy STA entry is used for now and for a station 3933 * that is still not associated. 3934 */ 3935 wpa_printf(MSG_DEBUG, " * aid=1 (%s workaround)", 3936 (params->flags & WPA_STA_TDLS_PEER) ? 3937 "TDLS" : "UNASSOC_STA"); 3938 if (nla_put_u16(msg, NL80211_ATTR_STA_AID, 1)) 3939 goto fail; 3940 } 3941 wpa_printf(MSG_DEBUG, " * listen_interval=%u", 3942 params->listen_interval); 3943 if (nla_put_u16(msg, NL80211_ATTR_STA_LISTEN_INTERVAL, 3944 params->listen_interval)) 3945 goto fail; 3946 } else if (params->aid && (params->flags & WPA_STA_TDLS_PEER)) { 3947 wpa_printf(MSG_DEBUG, " * peer_aid=%u", params->aid); 3948 if (nla_put_u16(msg, NL80211_ATTR_PEER_AID, params->aid)) 3949 goto fail; 3950 } else if (FULL_AP_CLIENT_STATE_SUPP(drv->capa.flags) && 3951 (params->flags & WPA_STA_ASSOCIATED)) { 3952 wpa_printf(MSG_DEBUG, " * aid=%u", params->aid); 3953 wpa_printf(MSG_DEBUG, " * listen_interval=%u", 3954 params->listen_interval); 3955 if (nla_put_u16(msg, NL80211_ATTR_STA_AID, params->aid) || 3956 nla_put_u16(msg, NL80211_ATTR_STA_LISTEN_INTERVAL, 3957 params->listen_interval)) 3958 goto fail; 3959 } 3960 3961 if (params->vht_opmode_enabled) { 3962 wpa_printf(MSG_DEBUG, " * opmode=%u", params->vht_opmode); 3963 if (nla_put_u8(msg, NL80211_ATTR_OPMODE_NOTIF, 3964 params->vht_opmode)) 3965 goto fail; 3966 } 3967 3968 if (params->supp_channels) { 3969 wpa_hexdump(MSG_DEBUG, " * supported channels", 3970 params->supp_channels, params->supp_channels_len); 3971 if (nla_put(msg, NL80211_ATTR_STA_SUPPORTED_CHANNELS, 3972 params->supp_channels_len, params->supp_channels)) 3973 goto fail; 3974 } 3975 3976 if (params->supp_oper_classes) { 3977 wpa_hexdump(MSG_DEBUG, " * supported operating classes", 3978 params->supp_oper_classes, 3979 params->supp_oper_classes_len); 3980 if (nla_put(msg, NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES, 3981 params->supp_oper_classes_len, 3982 params->supp_oper_classes)) 3983 goto fail; 3984 } 3985 3986 os_memset(&upd, 0, sizeof(upd)); 3987 upd.set = sta_flags_nl80211(params->flags); 3988 upd.mask = upd.set | sta_flags_nl80211(params->flags_mask); 3989 3990 /* 3991 * If the driver doesn't support full AP client state, ignore ASSOC/AUTH 3992 * flags, as nl80211 driver moves a new station, by default, into 3993 * associated state. 3994 * 3995 * On the other hand, if the driver supports that feature and the 3996 * station is added in unauthenticated state, set the 3997 * authenticated/associated bits in the mask to prevent moving this 3998 * station to associated state before it is actually associated. 3999 * 4000 * This is irrelevant for mesh mode where the station is added to the 4001 * driver as authenticated already, and ASSOCIATED isn't part of the 4002 * nl80211 API. 4003 */ 4004 if (!is_mesh_interface(drv->nlmode)) { 4005 if (!FULL_AP_CLIENT_STATE_SUPP(drv->capa.flags)) { 4006 wpa_printf(MSG_DEBUG, 4007 "nl80211: Ignore ASSOC/AUTH flags since driver doesn't support full AP client state"); 4008 upd.mask &= ~(BIT(NL80211_STA_FLAG_ASSOCIATED) | 4009 BIT(NL80211_STA_FLAG_AUTHENTICATED)); 4010 } else if (!params->set && 4011 !(params->flags & WPA_STA_TDLS_PEER)) { 4012 if (!(params->flags & WPA_STA_AUTHENTICATED)) 4013 upd.mask |= BIT(NL80211_STA_FLAG_AUTHENTICATED); 4014 if (!(params->flags & WPA_STA_ASSOCIATED)) 4015 upd.mask |= BIT(NL80211_STA_FLAG_ASSOCIATED); 4016 } 4017 } 4018 4019 wpa_printf(MSG_DEBUG, " * flags set=0x%x mask=0x%x", 4020 upd.set, upd.mask); 4021 if (nla_put(msg, NL80211_ATTR_STA_FLAGS2, sizeof(upd), &upd)) 4022 goto fail; 4023 4024#ifdef CONFIG_MESH 4025 if (params->plink_state && 4026 nla_put_u8(msg, NL80211_ATTR_STA_PLINK_STATE, 4027 sta_plink_state_nl80211(params->plink_state))) 4028 goto fail; 4029#endif /* CONFIG_MESH */ 4030 4031 if (params->flags & WPA_STA_WMM) { 4032 struct nlattr *wme = nla_nest_start(msg, NL80211_ATTR_STA_WME); 4033 4034 wpa_printf(MSG_DEBUG, " * qosinfo=0x%x", params->qosinfo); 4035 if (!wme || 4036 nla_put_u8(msg, NL80211_STA_WME_UAPSD_QUEUES, 4037 params->qosinfo & WMM_QOSINFO_STA_AC_MASK) || 4038 nla_put_u8(msg, NL80211_STA_WME_MAX_SP, 4039 (params->qosinfo >> WMM_QOSINFO_STA_SP_SHIFT) & 4040 WMM_QOSINFO_STA_SP_MASK)) 4041 goto fail; 4042 nla_nest_end(msg, wme); 4043 } 4044 4045 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 4046 msg = NULL; 4047 if (ret) 4048 wpa_printf(MSG_DEBUG, "nl80211: NL80211_CMD_%s_STATION " 4049 "result: %d (%s)", params->set ? "SET" : "NEW", ret, 4050 strerror(-ret)); 4051 if (ret == -EEXIST) 4052 ret = 0; 4053fail: 4054 nlmsg_free(msg); 4055 return ret; 4056} 4057 4058 4059static void rtnl_neigh_delete_fdb_entry(struct i802_bss *bss, const u8 *addr) 4060{ 4061#ifdef CONFIG_LIBNL3_ROUTE 4062 struct wpa_driver_nl80211_data *drv = bss->drv; 4063 struct rtnl_neigh *rn; 4064 struct nl_addr *nl_addr; 4065 int err; 4066 4067 rn = rtnl_neigh_alloc(); 4068 if (!rn) 4069 return; 4070 4071 rtnl_neigh_set_family(rn, AF_BRIDGE); 4072 rtnl_neigh_set_ifindex(rn, bss->ifindex); 4073 nl_addr = nl_addr_build(AF_BRIDGE, (void *) addr, ETH_ALEN); 4074 if (!nl_addr) { 4075 rtnl_neigh_put(rn); 4076 return; 4077 } 4078 rtnl_neigh_set_lladdr(rn, nl_addr); 4079 4080 err = rtnl_neigh_delete(drv->rtnl_sk, rn, 0); 4081 if (err < 0) { 4082 wpa_printf(MSG_DEBUG, "nl80211: bridge FDB entry delete for " 4083 MACSTR " ifindex=%d failed: %s", MAC2STR(addr), 4084 bss->ifindex, nl_geterror(err)); 4085 } else { 4086 wpa_printf(MSG_DEBUG, "nl80211: deleted bridge FDB entry for " 4087 MACSTR, MAC2STR(addr)); 4088 } 4089 4090 nl_addr_put(nl_addr); 4091 rtnl_neigh_put(rn); 4092#endif /* CONFIG_LIBNL3_ROUTE */ 4093} 4094 4095 4096static int wpa_driver_nl80211_sta_remove(struct i802_bss *bss, const u8 *addr, 4097 int deauth, u16 reason_code) 4098{ 4099 struct wpa_driver_nl80211_data *drv = bss->drv; 4100 struct nl_msg *msg; 4101 int ret; 4102 4103 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_DEL_STATION)) || 4104 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr) || 4105 (deauth == 0 && 4106 nla_put_u8(msg, NL80211_ATTR_MGMT_SUBTYPE, 4107 WLAN_FC_STYPE_DISASSOC)) || 4108 (deauth == 1 && 4109 nla_put_u8(msg, NL80211_ATTR_MGMT_SUBTYPE, 4110 WLAN_FC_STYPE_DEAUTH)) || 4111 (reason_code && 4112 nla_put_u16(msg, NL80211_ATTR_REASON_CODE, reason_code))) { 4113 nlmsg_free(msg); 4114 return -ENOBUFS; 4115 } 4116 4117 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 4118 wpa_printf(MSG_DEBUG, "nl80211: sta_remove -> DEL_STATION %s " MACSTR 4119 " --> %d (%s)", 4120 bss->ifname, MAC2STR(addr), ret, strerror(-ret)); 4121 4122 if (drv->rtnl_sk) 4123 rtnl_neigh_delete_fdb_entry(bss, addr); 4124 4125 if (ret == -ENOENT) 4126 return 0; 4127 return ret; 4128} 4129 4130 4131void nl80211_remove_iface(struct wpa_driver_nl80211_data *drv, int ifidx) 4132{ 4133 struct nl_msg *msg; 4134 struct wpa_driver_nl80211_data *drv2; 4135 4136 wpa_printf(MSG_DEBUG, "nl80211: Remove interface ifindex=%d", ifidx); 4137 4138 /* stop listening for EAPOL on this interface */ 4139 dl_list_for_each(drv2, &drv->global->interfaces, 4140 struct wpa_driver_nl80211_data, list) 4141 { 4142 del_ifidx(drv2, ifidx, IFIDX_ANY); 4143 /* Remove all bridges learned for this iface */ 4144 del_ifidx(drv2, IFIDX_ANY, ifidx); 4145 } 4146 4147 msg = nl80211_ifindex_msg(drv, ifidx, 0, NL80211_CMD_DEL_INTERFACE); 4148 if (send_and_recv_msgs(drv, msg, NULL, NULL) == 0) 4149 return; 4150 wpa_printf(MSG_ERROR, "Failed to remove interface (ifidx=%d)", ifidx); 4151} 4152 4153 4154static const char * nl80211_iftype_str(enum nl80211_iftype mode) 4155{ 4156 switch (mode) { 4157 case NL80211_IFTYPE_ADHOC: 4158 return "ADHOC"; 4159 case NL80211_IFTYPE_STATION: 4160 return "STATION"; 4161 case NL80211_IFTYPE_AP: 4162 return "AP"; 4163 case NL80211_IFTYPE_AP_VLAN: 4164 return "AP_VLAN"; 4165 case NL80211_IFTYPE_WDS: 4166 return "WDS"; 4167 case NL80211_IFTYPE_MONITOR: 4168 return "MONITOR"; 4169 case NL80211_IFTYPE_MESH_POINT: 4170 return "MESH_POINT"; 4171 case NL80211_IFTYPE_P2P_CLIENT: 4172 return "P2P_CLIENT"; 4173 case NL80211_IFTYPE_P2P_GO: 4174 return "P2P_GO"; 4175 case NL80211_IFTYPE_P2P_DEVICE: 4176 return "P2P_DEVICE"; 4177 default: 4178 return "unknown"; 4179 } 4180} 4181 4182 4183static int nl80211_create_iface_once(struct wpa_driver_nl80211_data *drv, 4184 const char *ifname, 4185 enum nl80211_iftype iftype, 4186 const u8 *addr, int wds, 4187 int (*handler)(struct nl_msg *, void *), 4188 void *arg) 4189{ 4190 struct nl_msg *msg; 4191 int ifidx; 4192 int ret = -ENOBUFS; 4193 4194 wpa_printf(MSG_DEBUG, "nl80211: Create interface iftype %d (%s)", 4195 iftype, nl80211_iftype_str(iftype)); 4196 4197 msg = nl80211_cmd_msg(drv->first_bss, 0, NL80211_CMD_NEW_INTERFACE); 4198 if (!msg || 4199 nla_put_string(msg, NL80211_ATTR_IFNAME, ifname) || 4200 nla_put_u32(msg, NL80211_ATTR_IFTYPE, iftype)) 4201 goto fail; 4202 4203 if (iftype == NL80211_IFTYPE_MONITOR) { 4204 struct nlattr *flags; 4205 4206 flags = nla_nest_start(msg, NL80211_ATTR_MNTR_FLAGS); 4207 if (!flags || 4208 nla_put_flag(msg, NL80211_MNTR_FLAG_COOK_FRAMES)) 4209 goto fail; 4210 4211 nla_nest_end(msg, flags); 4212 } else if (wds) { 4213 if (nla_put_u8(msg, NL80211_ATTR_4ADDR, wds)) 4214 goto fail; 4215 } 4216 4217 /* 4218 * Tell cfg80211 that the interface belongs to the socket that created 4219 * it, and the interface should be deleted when the socket is closed. 4220 */ 4221 if (nla_put_flag(msg, NL80211_ATTR_IFACE_SOCKET_OWNER)) 4222 goto fail; 4223 4224 ret = send_and_recv_msgs(drv, msg, handler, arg); 4225 msg = NULL; 4226 if (ret) { 4227 fail: 4228 nlmsg_free(msg); 4229 wpa_printf(MSG_ERROR, "Failed to create interface %s: %d (%s)", 4230 ifname, ret, strerror(-ret)); 4231 return ret; 4232 } 4233 4234 if (iftype == NL80211_IFTYPE_P2P_DEVICE) 4235 return 0; 4236 4237 ifidx = if_nametoindex(ifname); 4238 wpa_printf(MSG_DEBUG, "nl80211: New interface %s created: ifindex=%d", 4239 ifname, ifidx); 4240 4241 if (ifidx <= 0) 4242 return -1; 4243 4244 /* 4245 * Some virtual interfaces need to process EAPOL packets and events on 4246 * the parent interface. This is used mainly with hostapd. 4247 */ 4248 if (drv->hostapd || 4249 iftype == NL80211_IFTYPE_AP_VLAN || 4250 iftype == NL80211_IFTYPE_WDS || 4251 iftype == NL80211_IFTYPE_MONITOR) { 4252 /* start listening for EAPOL on this interface */ 4253 add_ifidx(drv, ifidx, IFIDX_ANY); 4254 } 4255 4256 if (addr && iftype != NL80211_IFTYPE_MONITOR && 4257 linux_set_ifhwaddr(drv->global->ioctl_sock, ifname, addr)) { 4258 nl80211_remove_iface(drv, ifidx); 4259 return -1; 4260 } 4261 4262 return ifidx; 4263} 4264 4265 4266int nl80211_create_iface(struct wpa_driver_nl80211_data *drv, 4267 const char *ifname, enum nl80211_iftype iftype, 4268 const u8 *addr, int wds, 4269 int (*handler)(struct nl_msg *, void *), 4270 void *arg, int use_existing) 4271{ 4272 int ret; 4273 4274 ret = nl80211_create_iface_once(drv, ifname, iftype, addr, wds, handler, 4275 arg); 4276 4277 /* if error occurred and interface exists already */ 4278 if (ret == -ENFILE && if_nametoindex(ifname)) { 4279 if (use_existing) { 4280 wpa_printf(MSG_DEBUG, "nl80211: Continue using existing interface %s", 4281 ifname); 4282 if (addr && iftype != NL80211_IFTYPE_MONITOR && 4283 linux_set_ifhwaddr(drv->global->ioctl_sock, ifname, 4284 addr) < 0 && 4285 (linux_set_iface_flags(drv->global->ioctl_sock, 4286 ifname, 0) < 0 || 4287 linux_set_ifhwaddr(drv->global->ioctl_sock, ifname, 4288 addr) < 0 || 4289 linux_set_iface_flags(drv->global->ioctl_sock, 4290 ifname, 1) < 0)) 4291 return -1; 4292 return -ENFILE; 4293 } 4294 wpa_printf(MSG_INFO, "Try to remove and re-create %s", ifname); 4295 4296 /* Try to remove the interface that was already there. */ 4297 nl80211_remove_iface(drv, if_nametoindex(ifname)); 4298 4299 /* Try to create the interface again */ 4300 ret = nl80211_create_iface_once(drv, ifname, iftype, addr, 4301 wds, handler, arg); 4302 } 4303 4304 if (ret >= 0 && is_p2p_net_interface(iftype)) { 4305 wpa_printf(MSG_DEBUG, 4306 "nl80211: Interface %s created for P2P - disable 11b rates", 4307 ifname); 4308 nl80211_disable_11b_rates(drv, ret, 1); 4309 } 4310 4311 return ret; 4312} 4313 4314 4315static int nl80211_setup_ap(struct i802_bss *bss) 4316{ 4317 struct wpa_driver_nl80211_data *drv = bss->drv; 4318 4319 wpa_printf(MSG_DEBUG, "nl80211: Setup AP(%s) - device_ap_sme=%d use_monitor=%d", 4320 bss->ifname, drv->device_ap_sme, drv->use_monitor); 4321 4322 /* 4323 * Disable Probe Request reporting unless we need it in this way for 4324 * devices that include the AP SME, in the other case (unless using 4325 * monitor iface) we'll get it through the nl_mgmt socket instead. 4326 */ 4327 if (!drv->device_ap_sme) 4328 wpa_driver_nl80211_probe_req_report(bss, 0); 4329 4330 if (!drv->device_ap_sme && !drv->use_monitor) 4331 if (nl80211_mgmt_subscribe_ap(bss)) 4332 return -1; 4333 4334 if (drv->device_ap_sme && !drv->use_monitor) 4335 if (nl80211_mgmt_subscribe_ap_dev_sme(bss)) 4336 return -1; 4337 4338 if (!drv->device_ap_sme && drv->use_monitor && 4339 nl80211_create_monitor_interface(drv) && 4340 !drv->device_ap_sme) 4341 return -1; 4342 4343 if (drv->device_ap_sme && 4344 wpa_driver_nl80211_probe_req_report(bss, 1) < 0) { 4345 wpa_printf(MSG_DEBUG, "nl80211: Failed to enable " 4346 "Probe Request frame reporting in AP mode"); 4347 /* Try to survive without this */ 4348 } 4349 4350 return 0; 4351} 4352 4353 4354static void nl80211_teardown_ap(struct i802_bss *bss) 4355{ 4356 struct wpa_driver_nl80211_data *drv = bss->drv; 4357 4358 wpa_printf(MSG_DEBUG, "nl80211: Teardown AP(%s) - device_ap_sme=%d use_monitor=%d", 4359 bss->ifname, drv->device_ap_sme, drv->use_monitor); 4360 if (drv->device_ap_sme) { 4361 wpa_driver_nl80211_probe_req_report(bss, 0); 4362 if (!drv->use_monitor) 4363 nl80211_mgmt_unsubscribe(bss, "AP teardown (dev SME)"); 4364 } else if (drv->use_monitor) 4365 nl80211_remove_monitor_interface(drv); 4366 else 4367 nl80211_mgmt_unsubscribe(bss, "AP teardown"); 4368 4369 bss->beacon_set = 0; 4370} 4371 4372 4373static int nl80211_send_eapol_data(struct i802_bss *bss, 4374 const u8 *addr, const u8 *data, 4375 size_t data_len) 4376{ 4377 struct sockaddr_ll ll; 4378 int ret; 4379 4380 if (bss->drv->eapol_tx_sock < 0) { 4381 wpa_printf(MSG_DEBUG, "nl80211: No socket to send EAPOL"); 4382 return -1; 4383 } 4384 4385 os_memset(&ll, 0, sizeof(ll)); 4386 ll.sll_family = AF_PACKET; 4387 ll.sll_ifindex = bss->ifindex; 4388 ll.sll_protocol = htons(ETH_P_PAE); 4389 ll.sll_halen = ETH_ALEN; 4390 os_memcpy(ll.sll_addr, addr, ETH_ALEN); 4391 ret = sendto(bss->drv->eapol_tx_sock, data, data_len, 0, 4392 (struct sockaddr *) &ll, sizeof(ll)); 4393 if (ret < 0) 4394 wpa_printf(MSG_ERROR, "nl80211: EAPOL TX: %s", 4395 strerror(errno)); 4396 4397 return ret; 4398} 4399 4400 4401static const u8 rfc1042_header[6] = { 0xaa, 0xaa, 0x03, 0x00, 0x00, 0x00 }; 4402 4403static int wpa_driver_nl80211_hapd_send_eapol( 4404 void *priv, const u8 *addr, const u8 *data, 4405 size_t data_len, int encrypt, const u8 *own_addr, u32 flags) 4406{ 4407 struct i802_bss *bss = priv; 4408 struct wpa_driver_nl80211_data *drv = bss->drv; 4409 struct ieee80211_hdr *hdr; 4410 size_t len; 4411 u8 *pos; 4412 int res; 4413 int qos = flags & WPA_STA_WMM; 4414 4415 if (drv->device_ap_sme || !drv->use_monitor) 4416 return nl80211_send_eapol_data(bss, addr, data, data_len); 4417 4418 len = sizeof(*hdr) + (qos ? 2 : 0) + sizeof(rfc1042_header) + 2 + 4419 data_len; 4420 hdr = os_zalloc(len); 4421 if (hdr == NULL) { 4422 wpa_printf(MSG_INFO, "nl80211: Failed to allocate EAPOL buffer(len=%lu)", 4423 (unsigned long) len); 4424 return -1; 4425 } 4426 4427 hdr->frame_control = 4428 IEEE80211_FC(WLAN_FC_TYPE_DATA, WLAN_FC_STYPE_DATA); 4429 hdr->frame_control |= host_to_le16(WLAN_FC_FROMDS); 4430 if (encrypt) 4431 hdr->frame_control |= host_to_le16(WLAN_FC_ISWEP); 4432 if (qos) { 4433 hdr->frame_control |= 4434 host_to_le16(WLAN_FC_STYPE_QOS_DATA << 4); 4435 } 4436 4437 memcpy(hdr->IEEE80211_DA_FROMDS, addr, ETH_ALEN); 4438 memcpy(hdr->IEEE80211_BSSID_FROMDS, own_addr, ETH_ALEN); 4439 memcpy(hdr->IEEE80211_SA_FROMDS, own_addr, ETH_ALEN); 4440 pos = (u8 *) (hdr + 1); 4441 4442 if (qos) { 4443 /* Set highest priority in QoS header */ 4444 pos[0] = 7; 4445 pos[1] = 0; 4446 pos += 2; 4447 } 4448 4449 memcpy(pos, rfc1042_header, sizeof(rfc1042_header)); 4450 pos += sizeof(rfc1042_header); 4451 WPA_PUT_BE16(pos, ETH_P_PAE); 4452 pos += 2; 4453 memcpy(pos, data, data_len); 4454 4455 res = wpa_driver_nl80211_send_frame(bss, (u8 *) hdr, len, encrypt, 0, 4456 0, 0, 0, 0, NULL, 0); 4457 if (res < 0) { 4458 wpa_printf(MSG_ERROR, "i802_send_eapol - packet len: %lu - " 4459 "failed: %d (%s)", 4460 (unsigned long) len, errno, strerror(errno)); 4461 } 4462 os_free(hdr); 4463 4464 return res; 4465} 4466 4467 4468static int wpa_driver_nl80211_sta_set_flags(void *priv, const u8 *addr, 4469 unsigned int total_flags, 4470 unsigned int flags_or, 4471 unsigned int flags_and) 4472{ 4473 struct i802_bss *bss = priv; 4474 struct nl_msg *msg; 4475 struct nlattr *flags; 4476 struct nl80211_sta_flag_update upd; 4477 4478 wpa_printf(MSG_DEBUG, "nl80211: Set STA flags - ifname=%s addr=" MACSTR 4479 " total_flags=0x%x flags_or=0x%x flags_and=0x%x authorized=%d", 4480 bss->ifname, MAC2STR(addr), total_flags, flags_or, flags_and, 4481 !!(total_flags & WPA_STA_AUTHORIZED)); 4482 4483 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_STATION)) || 4484 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) 4485 goto fail; 4486 4487 /* 4488 * Backwards compatibility version using NL80211_ATTR_STA_FLAGS. This 4489 * can be removed eventually. 4490 */ 4491 flags = nla_nest_start(msg, NL80211_ATTR_STA_FLAGS); 4492 if (!flags || 4493 ((total_flags & WPA_STA_AUTHORIZED) && 4494 nla_put_flag(msg, NL80211_STA_FLAG_AUTHORIZED)) || 4495 ((total_flags & WPA_STA_WMM) && 4496 nla_put_flag(msg, NL80211_STA_FLAG_WME)) || 4497 ((total_flags & WPA_STA_SHORT_PREAMBLE) && 4498 nla_put_flag(msg, NL80211_STA_FLAG_SHORT_PREAMBLE)) || 4499 ((total_flags & WPA_STA_MFP) && 4500 nla_put_flag(msg, NL80211_STA_FLAG_MFP)) || 4501 ((total_flags & WPA_STA_TDLS_PEER) && 4502 nla_put_flag(msg, NL80211_STA_FLAG_TDLS_PEER))) 4503 goto fail; 4504 4505 nla_nest_end(msg, flags); 4506 4507 os_memset(&upd, 0, sizeof(upd)); 4508 upd.mask = sta_flags_nl80211(flags_or | ~flags_and); 4509 upd.set = sta_flags_nl80211(flags_or); 4510 if (nla_put(msg, NL80211_ATTR_STA_FLAGS2, sizeof(upd), &upd)) 4511 goto fail; 4512 4513 return send_and_recv_msgs(bss->drv, msg, NULL, NULL); 4514fail: 4515 nlmsg_free(msg); 4516 return -ENOBUFS; 4517} 4518 4519 4520static int wpa_driver_nl80211_ap(struct wpa_driver_nl80211_data *drv, 4521 struct wpa_driver_associate_params *params) 4522{ 4523 enum nl80211_iftype nlmode, old_mode; 4524 4525 if (params->p2p) { 4526 wpa_printf(MSG_DEBUG, "nl80211: Setup AP operations for P2P " 4527 "group (GO)"); 4528 nlmode = NL80211_IFTYPE_P2P_GO; 4529 } else 4530 nlmode = NL80211_IFTYPE_AP; 4531 4532 old_mode = drv->nlmode; 4533 if (wpa_driver_nl80211_set_mode(drv->first_bss, nlmode)) { 4534 nl80211_remove_monitor_interface(drv); 4535 return -1; 4536 } 4537 4538 if (params->freq.freq && 4539 nl80211_set_channel(drv->first_bss, ¶ms->freq, 0)) { 4540 if (old_mode != nlmode) 4541 wpa_driver_nl80211_set_mode(drv->first_bss, old_mode); 4542 nl80211_remove_monitor_interface(drv); 4543 return -1; 4544 } 4545 4546 return 0; 4547} 4548 4549 4550static int nl80211_leave_ibss(struct wpa_driver_nl80211_data *drv, 4551 int reset_mode) 4552{ 4553 struct nl_msg *msg; 4554 int ret; 4555 4556 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_LEAVE_IBSS); 4557 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 4558 if (ret) { 4559 wpa_printf(MSG_DEBUG, "nl80211: Leave IBSS failed: ret=%d " 4560 "(%s)", ret, strerror(-ret)); 4561 } else { 4562 wpa_printf(MSG_DEBUG, 4563 "nl80211: Leave IBSS request sent successfully"); 4564 } 4565 4566 if (reset_mode && 4567 wpa_driver_nl80211_set_mode(drv->first_bss, 4568 NL80211_IFTYPE_STATION)) { 4569 wpa_printf(MSG_INFO, "nl80211: Failed to set interface into " 4570 "station mode"); 4571 } 4572 4573 return ret; 4574} 4575 4576 4577static int nl80211_ht_vht_overrides(struct nl_msg *msg, 4578 struct wpa_driver_associate_params *params) 4579{ 4580 if (params->disable_ht && nla_put_flag(msg, NL80211_ATTR_DISABLE_HT)) 4581 return -1; 4582 4583 if (params->htcaps && params->htcaps_mask) { 4584 int sz = sizeof(struct ieee80211_ht_capabilities); 4585 wpa_hexdump(MSG_DEBUG, " * htcaps", params->htcaps, sz); 4586 wpa_hexdump(MSG_DEBUG, " * htcaps_mask", 4587 params->htcaps_mask, sz); 4588 if (nla_put(msg, NL80211_ATTR_HT_CAPABILITY, sz, 4589 params->htcaps) || 4590 nla_put(msg, NL80211_ATTR_HT_CAPABILITY_MASK, sz, 4591 params->htcaps_mask)) 4592 return -1; 4593 } 4594 4595#ifdef CONFIG_VHT_OVERRIDES 4596 if (params->disable_vht) { 4597 wpa_printf(MSG_DEBUG, " * VHT disabled"); 4598 if (nla_put_flag(msg, NL80211_ATTR_DISABLE_VHT)) 4599 return -1; 4600 } 4601 4602 if (params->vhtcaps && params->vhtcaps_mask) { 4603 int sz = sizeof(struct ieee80211_vht_capabilities); 4604 wpa_hexdump(MSG_DEBUG, " * vhtcaps", params->vhtcaps, sz); 4605 wpa_hexdump(MSG_DEBUG, " * vhtcaps_mask", 4606 params->vhtcaps_mask, sz); 4607 if (nla_put(msg, NL80211_ATTR_VHT_CAPABILITY, sz, 4608 params->vhtcaps) || 4609 nla_put(msg, NL80211_ATTR_VHT_CAPABILITY_MASK, sz, 4610 params->vhtcaps_mask)) 4611 return -1; 4612 } 4613#endif /* CONFIG_VHT_OVERRIDES */ 4614 4615 return 0; 4616} 4617 4618 4619static int wpa_driver_nl80211_ibss(struct wpa_driver_nl80211_data *drv, 4620 struct wpa_driver_associate_params *params) 4621{ 4622 struct nl_msg *msg; 4623 int ret = -1; 4624 int count = 0; 4625 4626 wpa_printf(MSG_DEBUG, "nl80211: Join IBSS (ifindex=%d)", drv->ifindex); 4627 4628 if (wpa_driver_nl80211_set_mode_ibss(drv->first_bss, ¶ms->freq)) { 4629 wpa_printf(MSG_INFO, "nl80211: Failed to set interface into " 4630 "IBSS mode"); 4631 return -1; 4632 } 4633 4634retry: 4635 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_JOIN_IBSS)) || 4636 params->ssid == NULL || params->ssid_len > sizeof(drv->ssid)) 4637 goto fail; 4638 4639 wpa_hexdump_ascii(MSG_DEBUG, " * SSID", 4640 params->ssid, params->ssid_len); 4641 if (nla_put(msg, NL80211_ATTR_SSID, params->ssid_len, params->ssid)) 4642 goto fail; 4643 os_memcpy(drv->ssid, params->ssid, params->ssid_len); 4644 drv->ssid_len = params->ssid_len; 4645 4646 if (nl80211_put_freq_params(msg, ¶ms->freq) < 0 || 4647 nl80211_put_beacon_int(msg, params->beacon_int)) 4648 goto fail; 4649 4650 ret = nl80211_set_conn_keys(params, msg); 4651 if (ret) 4652 goto fail; 4653 4654 if (params->bssid && params->fixed_bssid) { 4655 wpa_printf(MSG_DEBUG, " * BSSID=" MACSTR, 4656 MAC2STR(params->bssid)); 4657 if (nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid)) 4658 goto fail; 4659 } 4660 4661 if (params->fixed_freq) { 4662 wpa_printf(MSG_DEBUG, " * fixed_freq"); 4663 if (nla_put_flag(msg, NL80211_ATTR_FREQ_FIXED)) 4664 goto fail; 4665 } 4666 4667 if (params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X || 4668 params->key_mgmt_suite == WPA_KEY_MGMT_PSK || 4669 params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 || 4670 params->key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256) { 4671 wpa_printf(MSG_DEBUG, " * control port"); 4672 if (nla_put_flag(msg, NL80211_ATTR_CONTROL_PORT)) 4673 goto fail; 4674 } 4675 4676 if (params->wpa_ie) { 4677 wpa_hexdump(MSG_DEBUG, 4678 " * Extra IEs for Beacon/Probe Response frames", 4679 params->wpa_ie, params->wpa_ie_len); 4680 if (nla_put(msg, NL80211_ATTR_IE, params->wpa_ie_len, 4681 params->wpa_ie)) 4682 goto fail; 4683 } 4684 4685 ret = nl80211_ht_vht_overrides(msg, params); 4686 if (ret < 0) 4687 goto fail; 4688 4689 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 4690 msg = NULL; 4691 if (ret) { 4692 wpa_printf(MSG_DEBUG, "nl80211: Join IBSS failed: ret=%d (%s)", 4693 ret, strerror(-ret)); 4694 count++; 4695 if (ret == -EALREADY && count == 1) { 4696 wpa_printf(MSG_DEBUG, "nl80211: Retry IBSS join after " 4697 "forced leave"); 4698 nl80211_leave_ibss(drv, 0); 4699 nlmsg_free(msg); 4700 goto retry; 4701 } 4702 } else { 4703 wpa_printf(MSG_DEBUG, 4704 "nl80211: Join IBSS request sent successfully"); 4705 } 4706 4707fail: 4708 nlmsg_free(msg); 4709 return ret; 4710} 4711 4712 4713static int nl80211_connect_common(struct wpa_driver_nl80211_data *drv, 4714 struct wpa_driver_associate_params *params, 4715 struct nl_msg *msg) 4716{ 4717 if (params->bssid) { 4718 wpa_printf(MSG_DEBUG, " * bssid=" MACSTR, 4719 MAC2STR(params->bssid)); 4720 if (nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid)) 4721 return -1; 4722 } 4723 4724 if (params->bssid_hint) { 4725 wpa_printf(MSG_DEBUG, " * bssid_hint=" MACSTR, 4726 MAC2STR(params->bssid_hint)); 4727 if (nla_put(msg, NL80211_ATTR_MAC_HINT, ETH_ALEN, 4728 params->bssid_hint)) 4729 return -1; 4730 } 4731 4732 if (params->freq.freq) { 4733 wpa_printf(MSG_DEBUG, " * freq=%d", params->freq.freq); 4734 if (nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, 4735 params->freq.freq)) 4736 return -1; 4737 drv->assoc_freq = params->freq.freq; 4738 } else 4739 drv->assoc_freq = 0; 4740 4741 if (params->freq_hint) { 4742 wpa_printf(MSG_DEBUG, " * freq_hint=%d", params->freq_hint); 4743 if (nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ_HINT, 4744 params->freq_hint)) 4745 return -1; 4746 } 4747 4748 if (params->bg_scan_period >= 0) { 4749 wpa_printf(MSG_DEBUG, " * bg scan period=%d", 4750 params->bg_scan_period); 4751 if (nla_put_u16(msg, NL80211_ATTR_BG_SCAN_PERIOD, 4752 params->bg_scan_period)) 4753 return -1; 4754 } 4755 4756 if (params->ssid) { 4757 wpa_hexdump_ascii(MSG_DEBUG, " * SSID", 4758 params->ssid, params->ssid_len); 4759 if (nla_put(msg, NL80211_ATTR_SSID, params->ssid_len, 4760 params->ssid)) 4761 return -1; 4762 if (params->ssid_len > sizeof(drv->ssid)) 4763 return -1; 4764 os_memcpy(drv->ssid, params->ssid, params->ssid_len); 4765 drv->ssid_len = params->ssid_len; 4766 } 4767 4768 wpa_hexdump(MSG_DEBUG, " * IEs", params->wpa_ie, params->wpa_ie_len); 4769 if (params->wpa_ie && 4770 nla_put(msg, NL80211_ATTR_IE, params->wpa_ie_len, params->wpa_ie)) 4771 return -1; 4772 4773 if (params->wpa_proto) { 4774 enum nl80211_wpa_versions ver = 0; 4775 4776 if (params->wpa_proto & WPA_PROTO_WPA) 4777 ver |= NL80211_WPA_VERSION_1; 4778 if (params->wpa_proto & WPA_PROTO_RSN) 4779 ver |= NL80211_WPA_VERSION_2; 4780 4781 wpa_printf(MSG_DEBUG, " * WPA Versions 0x%x", ver); 4782 if (nla_put_u32(msg, NL80211_ATTR_WPA_VERSIONS, ver)) 4783 return -1; 4784 } 4785 4786 if (params->pairwise_suite != WPA_CIPHER_NONE) { 4787 u32 cipher = wpa_cipher_to_cipher_suite(params->pairwise_suite); 4788 wpa_printf(MSG_DEBUG, " * pairwise=0x%x", cipher); 4789 if (nla_put_u32(msg, NL80211_ATTR_CIPHER_SUITES_PAIRWISE, 4790 cipher)) 4791 return -1; 4792 } 4793 4794 if (params->group_suite == WPA_CIPHER_GTK_NOT_USED && 4795 !(drv->capa.enc & WPA_DRIVER_CAPA_ENC_GTK_NOT_USED)) { 4796 /* 4797 * This is likely to work even though many drivers do not 4798 * advertise support for operations without GTK. 4799 */ 4800 wpa_printf(MSG_DEBUG, " * skip group cipher configuration for GTK_NOT_USED due to missing driver support advertisement"); 4801 } else if (params->group_suite != WPA_CIPHER_NONE) { 4802 u32 cipher = wpa_cipher_to_cipher_suite(params->group_suite); 4803 wpa_printf(MSG_DEBUG, " * group=0x%x", cipher); 4804 if (nla_put_u32(msg, NL80211_ATTR_CIPHER_SUITE_GROUP, cipher)) 4805 return -1; 4806 } 4807 4808 if (params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X || 4809 params->key_mgmt_suite == WPA_KEY_MGMT_PSK || 4810 params->key_mgmt_suite == WPA_KEY_MGMT_FT_IEEE8021X || 4811 params->key_mgmt_suite == WPA_KEY_MGMT_FT_PSK || 4812 params->key_mgmt_suite == WPA_KEY_MGMT_CCKM || 4813 params->key_mgmt_suite == WPA_KEY_MGMT_OSEN || 4814 params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 || 4815 params->key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256 || 4816 params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B || 4817 params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) { 4818 int mgmt = WLAN_AKM_SUITE_PSK; 4819 4820 switch (params->key_mgmt_suite) { 4821 case WPA_KEY_MGMT_CCKM: 4822 mgmt = WLAN_AKM_SUITE_CCKM; 4823 break; 4824 case WPA_KEY_MGMT_IEEE8021X: 4825 mgmt = WLAN_AKM_SUITE_8021X; 4826 break; 4827 case WPA_KEY_MGMT_FT_IEEE8021X: 4828 mgmt = WLAN_AKM_SUITE_FT_8021X; 4829 break; 4830 case WPA_KEY_MGMT_FT_PSK: 4831 mgmt = WLAN_AKM_SUITE_FT_PSK; 4832 break; 4833 case WPA_KEY_MGMT_IEEE8021X_SHA256: 4834 mgmt = WLAN_AKM_SUITE_8021X_SHA256; 4835 break; 4836 case WPA_KEY_MGMT_PSK_SHA256: 4837 mgmt = WLAN_AKM_SUITE_PSK_SHA256; 4838 break; 4839 case WPA_KEY_MGMT_OSEN: 4840 mgmt = WLAN_AKM_SUITE_OSEN; 4841 break; 4842 case WPA_KEY_MGMT_IEEE8021X_SUITE_B: 4843 mgmt = WLAN_AKM_SUITE_8021X_SUITE_B; 4844 break; 4845 case WPA_KEY_MGMT_IEEE8021X_SUITE_B_192: 4846 mgmt = WLAN_AKM_SUITE_8021X_SUITE_B_192; 4847 break; 4848 case WPA_KEY_MGMT_PSK: 4849 default: 4850 mgmt = WLAN_AKM_SUITE_PSK; 4851 break; 4852 } 4853 wpa_printf(MSG_DEBUG, " * akm=0x%x", mgmt); 4854 if (nla_put_u32(msg, NL80211_ATTR_AKM_SUITES, mgmt)) 4855 return -1; 4856 } 4857 4858 if (nla_put_flag(msg, NL80211_ATTR_CONTROL_PORT)) 4859 return -1; 4860 4861 if (params->mgmt_frame_protection == MGMT_FRAME_PROTECTION_REQUIRED && 4862 nla_put_u32(msg, NL80211_ATTR_USE_MFP, NL80211_MFP_REQUIRED)) 4863 return -1; 4864 4865 if (params->rrm_used) { 4866 u32 drv_rrm_flags = drv->capa.rrm_flags; 4867 if (!(drv_rrm_flags & 4868 WPA_DRIVER_FLAGS_DS_PARAM_SET_IE_IN_PROBES) || 4869 !(drv_rrm_flags & WPA_DRIVER_FLAGS_QUIET) || 4870 nla_put_flag(msg, NL80211_ATTR_USE_RRM)) 4871 return -1; 4872 } 4873 4874 if (nl80211_ht_vht_overrides(msg, params) < 0) 4875 return -1; 4876 4877 if (params->p2p) 4878 wpa_printf(MSG_DEBUG, " * P2P group"); 4879 4880 if (params->pbss) { 4881 wpa_printf(MSG_DEBUG, " * PBSS"); 4882 if (nla_put_flag(msg, NL80211_ATTR_PBSS)) 4883 return -1; 4884 } 4885 4886 drv->connect_reassoc = 0; 4887 if (params->prev_bssid) { 4888 wpa_printf(MSG_DEBUG, " * prev_bssid=" MACSTR, 4889 MAC2STR(params->prev_bssid)); 4890 if (nla_put(msg, NL80211_ATTR_PREV_BSSID, ETH_ALEN, 4891 params->prev_bssid)) 4892 return -1; 4893 drv->connect_reassoc = 1; 4894 } 4895 4896 return 0; 4897} 4898 4899 4900static int wpa_driver_nl80211_try_connect( 4901 struct wpa_driver_nl80211_data *drv, 4902 struct wpa_driver_associate_params *params) 4903{ 4904 struct nl_msg *msg; 4905 enum nl80211_auth_type type; 4906 int ret; 4907 int algs; 4908 4909#ifdef CONFIG_DRIVER_NL80211_QCA 4910 if (params->req_key_mgmt_offload && params->psk && 4911 (params->key_mgmt_suite == WPA_KEY_MGMT_PSK || 4912 params->key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256 || 4913 params->key_mgmt_suite == WPA_KEY_MGMT_FT_PSK)) { 4914 wpa_printf(MSG_DEBUG, "nl80211: Key management set PSK"); 4915 ret = issue_key_mgmt_set_key(drv, params->psk, 32); 4916 if (ret) 4917 return ret; 4918 } 4919#endif /* CONFIG_DRIVER_NL80211_QCA */ 4920 4921 wpa_printf(MSG_DEBUG, "nl80211: Connect (ifindex=%d)", drv->ifindex); 4922 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_CONNECT); 4923 if (!msg) 4924 return -1; 4925 4926 ret = nl80211_connect_common(drv, params, msg); 4927 if (ret) 4928 goto fail; 4929 4930 algs = 0; 4931 if (params->auth_alg & WPA_AUTH_ALG_OPEN) 4932 algs++; 4933 if (params->auth_alg & WPA_AUTH_ALG_SHARED) 4934 algs++; 4935 if (params->auth_alg & WPA_AUTH_ALG_LEAP) 4936 algs++; 4937 if (algs > 1) { 4938 wpa_printf(MSG_DEBUG, " * Leave out Auth Type for automatic " 4939 "selection"); 4940 goto skip_auth_type; 4941 } 4942 4943 if (params->auth_alg & WPA_AUTH_ALG_OPEN) 4944 type = NL80211_AUTHTYPE_OPEN_SYSTEM; 4945 else if (params->auth_alg & WPA_AUTH_ALG_SHARED) 4946 type = NL80211_AUTHTYPE_SHARED_KEY; 4947 else if (params->auth_alg & WPA_AUTH_ALG_LEAP) 4948 type = NL80211_AUTHTYPE_NETWORK_EAP; 4949 else if (params->auth_alg & WPA_AUTH_ALG_FT) 4950 type = NL80211_AUTHTYPE_FT; 4951 else 4952 goto fail; 4953 4954 wpa_printf(MSG_DEBUG, " * Auth Type %d", type); 4955 if (nla_put_u32(msg, NL80211_ATTR_AUTH_TYPE, type)) 4956 goto fail; 4957 4958skip_auth_type: 4959 ret = nl80211_set_conn_keys(params, msg); 4960 if (ret) 4961 goto fail; 4962 4963 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 4964 msg = NULL; 4965 if (ret) { 4966 wpa_printf(MSG_DEBUG, "nl80211: MLME connect failed: ret=%d " 4967 "(%s)", ret, strerror(-ret)); 4968 } else { 4969 wpa_printf(MSG_DEBUG, 4970 "nl80211: Connect request send successfully"); 4971 } 4972 4973fail: 4974 nlmsg_free(msg); 4975 return ret; 4976 4977} 4978 4979 4980static int wpa_driver_nl80211_connect( 4981 struct wpa_driver_nl80211_data *drv, 4982 struct wpa_driver_associate_params *params) 4983{ 4984 int ret; 4985 4986 /* Store the connection attempted bssid for future use */ 4987 if (params->bssid) 4988 os_memcpy(drv->auth_attempt_bssid, params->bssid, ETH_ALEN); 4989 else 4990 os_memset(drv->auth_attempt_bssid, 0, ETH_ALEN); 4991 4992 ret = wpa_driver_nl80211_try_connect(drv, params); 4993 if (ret == -EALREADY) { 4994 /* 4995 * cfg80211 does not currently accept new connections if 4996 * we are already connected. As a workaround, force 4997 * disconnection and try again. 4998 */ 4999 wpa_printf(MSG_DEBUG, "nl80211: Explicitly " 5000 "disconnecting before reassociation " 5001 "attempt"); 5002 if (wpa_driver_nl80211_disconnect( 5003 drv, WLAN_REASON_PREV_AUTH_NOT_VALID)) 5004 return -1; 5005 ret = wpa_driver_nl80211_try_connect(drv, params); 5006 } 5007 return ret; 5008} 5009 5010 5011static int wpa_driver_nl80211_associate( 5012 void *priv, struct wpa_driver_associate_params *params) 5013{ 5014 struct i802_bss *bss = priv; 5015 struct wpa_driver_nl80211_data *drv = bss->drv; 5016 int ret = -1; 5017 struct nl_msg *msg; 5018 5019 nl80211_unmask_11b_rates(bss); 5020 5021 if (params->mode == IEEE80211_MODE_AP) 5022 return wpa_driver_nl80211_ap(drv, params); 5023 5024 if (params->mode == IEEE80211_MODE_IBSS) 5025 return wpa_driver_nl80211_ibss(drv, params); 5026 5027 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME)) { 5028 enum nl80211_iftype nlmode = params->p2p ? 5029 NL80211_IFTYPE_P2P_CLIENT : NL80211_IFTYPE_STATION; 5030 5031 if (wpa_driver_nl80211_set_mode(priv, nlmode) < 0) 5032 return -1; 5033 return wpa_driver_nl80211_connect(drv, params); 5034 } 5035 5036 nl80211_mark_disconnected(drv); 5037 5038 wpa_printf(MSG_DEBUG, "nl80211: Associate (ifindex=%d)", 5039 drv->ifindex); 5040 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_ASSOCIATE); 5041 if (!msg) 5042 return -1; 5043 5044 ret = nl80211_connect_common(drv, params, msg); 5045 if (ret) 5046 goto fail; 5047 5048 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 5049 msg = NULL; 5050 if (ret) { 5051 wpa_dbg(drv->ctx, MSG_DEBUG, 5052 "nl80211: MLME command failed (assoc): ret=%d (%s)", 5053 ret, strerror(-ret)); 5054 nl80211_dump_scan(drv); 5055 } else { 5056 wpa_printf(MSG_DEBUG, 5057 "nl80211: Association request send successfully"); 5058 } 5059 5060fail: 5061 nlmsg_free(msg); 5062 return ret; 5063} 5064 5065 5066static int nl80211_set_mode(struct wpa_driver_nl80211_data *drv, 5067 int ifindex, enum nl80211_iftype mode) 5068{ 5069 struct nl_msg *msg; 5070 int ret = -ENOBUFS; 5071 5072 wpa_printf(MSG_DEBUG, "nl80211: Set mode ifindex %d iftype %d (%s)", 5073 ifindex, mode, nl80211_iftype_str(mode)); 5074 5075 msg = nl80211_cmd_msg(drv->first_bss, 0, NL80211_CMD_SET_INTERFACE); 5076 if (!msg || nla_put_u32(msg, NL80211_ATTR_IFTYPE, mode)) 5077 goto fail; 5078 5079 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 5080 msg = NULL; 5081 if (!ret) 5082 return 0; 5083fail: 5084 nlmsg_free(msg); 5085 wpa_printf(MSG_DEBUG, "nl80211: Failed to set interface %d to mode %d:" 5086 " %d (%s)", ifindex, mode, ret, strerror(-ret)); 5087 return ret; 5088} 5089 5090 5091static int wpa_driver_nl80211_set_mode_impl( 5092 struct i802_bss *bss, 5093 enum nl80211_iftype nlmode, 5094 struct hostapd_freq_params *desired_freq_params) 5095{ 5096 struct wpa_driver_nl80211_data *drv = bss->drv; 5097 int ret = -1; 5098 int i; 5099 int was_ap = is_ap_interface(drv->nlmode); 5100 int res; 5101 int mode_switch_res; 5102 5103 mode_switch_res = nl80211_set_mode(drv, drv->ifindex, nlmode); 5104 if (mode_switch_res && nlmode == nl80211_get_ifmode(bss)) 5105 mode_switch_res = 0; 5106 5107 if (mode_switch_res == 0) { 5108 drv->nlmode = nlmode; 5109 ret = 0; 5110 goto done; 5111 } 5112 5113 if (mode_switch_res == -ENODEV) 5114 return -1; 5115 5116 if (nlmode == drv->nlmode) { 5117 wpa_printf(MSG_DEBUG, "nl80211: Interface already in " 5118 "requested mode - ignore error"); 5119 ret = 0; 5120 goto done; /* Already in the requested mode */ 5121 } 5122 5123 /* mac80211 doesn't allow mode changes while the device is up, so 5124 * take the device down, try to set the mode again, and bring the 5125 * device back up. 5126 */ 5127 wpa_printf(MSG_DEBUG, "nl80211: Try mode change after setting " 5128 "interface down"); 5129 for (i = 0; i < 10; i++) { 5130 res = i802_set_iface_flags(bss, 0); 5131 if (res == -EACCES || res == -ENODEV) 5132 break; 5133 if (res != 0) { 5134 wpa_printf(MSG_DEBUG, "nl80211: Failed to set " 5135 "interface down"); 5136 os_sleep(0, 100000); 5137 continue; 5138 } 5139 5140 /* 5141 * Setting the mode will fail for some drivers if the phy is 5142 * on a frequency that the mode is disallowed in. 5143 */ 5144 if (desired_freq_params) { 5145 res = nl80211_set_channel(bss, desired_freq_params, 0); 5146 if (res) { 5147 wpa_printf(MSG_DEBUG, 5148 "nl80211: Failed to set frequency on interface"); 5149 } 5150 } 5151 5152 /* Try to set the mode again while the interface is down */ 5153 mode_switch_res = nl80211_set_mode(drv, drv->ifindex, nlmode); 5154 if (mode_switch_res == -EBUSY) { 5155 wpa_printf(MSG_DEBUG, 5156 "nl80211: Delaying mode set while interface going down"); 5157 os_sleep(0, 100000); 5158 continue; 5159 } 5160 ret = mode_switch_res; 5161 break; 5162 } 5163 5164 if (!ret) { 5165 wpa_printf(MSG_DEBUG, "nl80211: Mode change succeeded while " 5166 "interface is down"); 5167 drv->nlmode = nlmode; 5168 drv->ignore_if_down_event = 1; 5169 } 5170 5171 /* Bring the interface back up */ 5172 res = linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 1); 5173 if (res != 0) { 5174 wpa_printf(MSG_DEBUG, 5175 "nl80211: Failed to set interface up after switching mode"); 5176 ret = -1; 5177 } 5178 5179done: 5180 if (ret) { 5181 wpa_printf(MSG_DEBUG, "nl80211: Interface mode change to %d " 5182 "from %d failed", nlmode, drv->nlmode); 5183 return ret; 5184 } 5185 5186 if (is_p2p_net_interface(nlmode)) { 5187 wpa_printf(MSG_DEBUG, 5188 "nl80211: Interface %s mode change to P2P - disable 11b rates", 5189 bss->ifname); 5190 nl80211_disable_11b_rates(drv, drv->ifindex, 1); 5191 } else if (drv->disabled_11b_rates) { 5192 wpa_printf(MSG_DEBUG, 5193 "nl80211: Interface %s mode changed to non-P2P - re-enable 11b rates", 5194 bss->ifname); 5195 nl80211_disable_11b_rates(drv, drv->ifindex, 0); 5196 } 5197 5198 if (is_ap_interface(nlmode)) { 5199 nl80211_mgmt_unsubscribe(bss, "start AP"); 5200 /* Setup additional AP mode functionality if needed */ 5201 if (nl80211_setup_ap(bss)) 5202 return -1; 5203 } else if (was_ap) { 5204 /* Remove additional AP mode functionality */ 5205 nl80211_teardown_ap(bss); 5206 } else { 5207 nl80211_mgmt_unsubscribe(bss, "mode change"); 5208 } 5209 5210 if (is_mesh_interface(nlmode) && 5211 nl80211_mgmt_subscribe_mesh(bss)) 5212 return -1; 5213 5214 if (!bss->in_deinit && !is_ap_interface(nlmode) && 5215 !is_mesh_interface(nlmode) && 5216 nl80211_mgmt_subscribe_non_ap(bss) < 0) 5217 wpa_printf(MSG_DEBUG, "nl80211: Failed to register Action " 5218 "frame processing - ignore for now"); 5219 5220 return 0; 5221} 5222 5223 5224int wpa_driver_nl80211_set_mode(struct i802_bss *bss, 5225 enum nl80211_iftype nlmode) 5226{ 5227 return wpa_driver_nl80211_set_mode_impl(bss, nlmode, NULL); 5228} 5229 5230 5231static int wpa_driver_nl80211_set_mode_ibss(struct i802_bss *bss, 5232 struct hostapd_freq_params *freq) 5233{ 5234 return wpa_driver_nl80211_set_mode_impl(bss, NL80211_IFTYPE_ADHOC, 5235 freq); 5236} 5237 5238 5239static int wpa_driver_nl80211_get_capa(void *priv, 5240 struct wpa_driver_capa *capa) 5241{ 5242 struct i802_bss *bss = priv; 5243 struct wpa_driver_nl80211_data *drv = bss->drv; 5244 5245 if (!drv->has_capability) 5246 return -1; 5247 os_memcpy(capa, &drv->capa, sizeof(*capa)); 5248 if (drv->extended_capa && drv->extended_capa_mask) { 5249 capa->extended_capa = drv->extended_capa; 5250 capa->extended_capa_mask = drv->extended_capa_mask; 5251 capa->extended_capa_len = drv->extended_capa_len; 5252 } 5253 5254 return 0; 5255} 5256 5257 5258static int wpa_driver_nl80211_set_operstate(void *priv, int state) 5259{ 5260 struct i802_bss *bss = priv; 5261 struct wpa_driver_nl80211_data *drv = bss->drv; 5262 5263 wpa_printf(MSG_DEBUG, "nl80211: Set %s operstate %d->%d (%s)", 5264 bss->ifname, drv->operstate, state, 5265 state ? "UP" : "DORMANT"); 5266 drv->operstate = state; 5267 return netlink_send_oper_ifla(drv->global->netlink, drv->ifindex, -1, 5268 state ? IF_OPER_UP : IF_OPER_DORMANT); 5269} 5270 5271 5272static int wpa_driver_nl80211_set_supp_port(void *priv, int authorized) 5273{ 5274 struct i802_bss *bss = priv; 5275 struct wpa_driver_nl80211_data *drv = bss->drv; 5276 struct nl_msg *msg; 5277 struct nl80211_sta_flag_update upd; 5278 int ret; 5279 5280 if (!drv->associated && is_zero_ether_addr(drv->bssid) && !authorized) { 5281 wpa_printf(MSG_DEBUG, "nl80211: Skip set_supp_port(unauthorized) while not associated"); 5282 return 0; 5283 } 5284 5285 wpa_printf(MSG_DEBUG, "nl80211: Set supplicant port %sauthorized for " 5286 MACSTR, authorized ? "" : "un", MAC2STR(drv->bssid)); 5287 5288 os_memset(&upd, 0, sizeof(upd)); 5289 upd.mask = BIT(NL80211_STA_FLAG_AUTHORIZED); 5290 if (authorized) 5291 upd.set = BIT(NL80211_STA_FLAG_AUTHORIZED); 5292 5293 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_STATION)) || 5294 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, drv->bssid) || 5295 nla_put(msg, NL80211_ATTR_STA_FLAGS2, sizeof(upd), &upd)) { 5296 nlmsg_free(msg); 5297 return -ENOBUFS; 5298 } 5299 5300 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 5301 if (!ret) 5302 return 0; 5303 wpa_printf(MSG_DEBUG, "nl80211: Failed to set STA flag: %d (%s)", 5304 ret, strerror(-ret)); 5305 return ret; 5306} 5307 5308 5309/* Set kernel driver on given frequency (MHz) */ 5310static int i802_set_freq(void *priv, struct hostapd_freq_params *freq) 5311{ 5312 struct i802_bss *bss = priv; 5313 return nl80211_set_channel(bss, freq, 0); 5314} 5315 5316 5317static inline int min_int(int a, int b) 5318{ 5319 if (a < b) 5320 return a; 5321 return b; 5322} 5323 5324 5325static int get_key_handler(struct nl_msg *msg, void *arg) 5326{ 5327 struct nlattr *tb[NL80211_ATTR_MAX + 1]; 5328 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); 5329 5330 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), 5331 genlmsg_attrlen(gnlh, 0), NULL); 5332 5333 /* 5334 * TODO: validate the key index and mac address! 5335 * Otherwise, there's a race condition as soon as 5336 * the kernel starts sending key notifications. 5337 */ 5338 5339 if (tb[NL80211_ATTR_KEY_SEQ]) 5340 memcpy(arg, nla_data(tb[NL80211_ATTR_KEY_SEQ]), 5341 min_int(nla_len(tb[NL80211_ATTR_KEY_SEQ]), 6)); 5342 return NL_SKIP; 5343} 5344 5345 5346static int i802_get_seqnum(const char *iface, void *priv, const u8 *addr, 5347 int idx, u8 *seq) 5348{ 5349 struct i802_bss *bss = priv; 5350 struct wpa_driver_nl80211_data *drv = bss->drv; 5351 struct nl_msg *msg; 5352 5353 msg = nl80211_ifindex_msg(drv, if_nametoindex(iface), 0, 5354 NL80211_CMD_GET_KEY); 5355 if (!msg || 5356 (addr && nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) || 5357 nla_put_u8(msg, NL80211_ATTR_KEY_IDX, idx)) { 5358 nlmsg_free(msg); 5359 return -ENOBUFS; 5360 } 5361 5362 memset(seq, 0, 6); 5363 5364 return send_and_recv_msgs(drv, msg, get_key_handler, seq); 5365} 5366 5367 5368static int i802_set_rts(void *priv, int rts) 5369{ 5370 struct i802_bss *bss = priv; 5371 struct wpa_driver_nl80211_data *drv = bss->drv; 5372 struct nl_msg *msg; 5373 int ret; 5374 u32 val; 5375 5376 if (rts >= 2347) 5377 val = (u32) -1; 5378 else 5379 val = rts; 5380 5381 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_SET_WIPHY)) || 5382 nla_put_u32(msg, NL80211_ATTR_WIPHY_RTS_THRESHOLD, val)) { 5383 nlmsg_free(msg); 5384 return -ENOBUFS; 5385 } 5386 5387 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 5388 if (!ret) 5389 return 0; 5390 wpa_printf(MSG_DEBUG, "nl80211: Failed to set RTS threshold %d: " 5391 "%d (%s)", rts, ret, strerror(-ret)); 5392 return ret; 5393} 5394 5395 5396static int i802_set_frag(void *priv, int frag) 5397{ 5398 struct i802_bss *bss = priv; 5399 struct wpa_driver_nl80211_data *drv = bss->drv; 5400 struct nl_msg *msg; 5401 int ret; 5402 u32 val; 5403 5404 if (frag >= 2346) 5405 val = (u32) -1; 5406 else 5407 val = frag; 5408 5409 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_SET_WIPHY)) || 5410 nla_put_u32(msg, NL80211_ATTR_WIPHY_FRAG_THRESHOLD, val)) { 5411 nlmsg_free(msg); 5412 return -ENOBUFS; 5413 } 5414 5415 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 5416 if (!ret) 5417 return 0; 5418 wpa_printf(MSG_DEBUG, "nl80211: Failed to set fragmentation threshold " 5419 "%d: %d (%s)", frag, ret, strerror(-ret)); 5420 return ret; 5421} 5422 5423 5424static int i802_flush(void *priv) 5425{ 5426 struct i802_bss *bss = priv; 5427 struct nl_msg *msg; 5428 int res; 5429 5430 wpa_printf(MSG_DEBUG, "nl80211: flush -> DEL_STATION %s (all)", 5431 bss->ifname); 5432 5433 /* 5434 * XXX: FIX! this needs to flush all VLANs too 5435 */ 5436 msg = nl80211_bss_msg(bss, 0, NL80211_CMD_DEL_STATION); 5437 res = send_and_recv_msgs(bss->drv, msg, NULL, NULL); 5438 if (res) { 5439 wpa_printf(MSG_DEBUG, "nl80211: Station flush failed: ret=%d " 5440 "(%s)", res, strerror(-res)); 5441 } 5442 return res; 5443} 5444 5445 5446static int get_sta_handler(struct nl_msg *msg, void *arg) 5447{ 5448 struct nlattr *tb[NL80211_ATTR_MAX + 1]; 5449 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); 5450 struct hostap_sta_driver_data *data = arg; 5451 struct nlattr *stats[NL80211_STA_INFO_MAX + 1]; 5452 static struct nla_policy stats_policy[NL80211_STA_INFO_MAX + 1] = { 5453 [NL80211_STA_INFO_INACTIVE_TIME] = { .type = NLA_U32 }, 5454 [NL80211_STA_INFO_RX_BYTES] = { .type = NLA_U32 }, 5455 [NL80211_STA_INFO_TX_BYTES] = { .type = NLA_U32 }, 5456 [NL80211_STA_INFO_RX_PACKETS] = { .type = NLA_U32 }, 5457 [NL80211_STA_INFO_TX_PACKETS] = { .type = NLA_U32 }, 5458 [NL80211_STA_INFO_TX_FAILED] = { .type = NLA_U32 }, 5459 [NL80211_STA_INFO_RX_BYTES64] = { .type = NLA_U64 }, 5460 [NL80211_STA_INFO_TX_BYTES64] = { .type = NLA_U64 }, 5461 }; 5462 5463 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), 5464 genlmsg_attrlen(gnlh, 0), NULL); 5465 5466 /* 5467 * TODO: validate the interface and mac address! 5468 * Otherwise, there's a race condition as soon as 5469 * the kernel starts sending station notifications. 5470 */ 5471 5472 if (!tb[NL80211_ATTR_STA_INFO]) { 5473 wpa_printf(MSG_DEBUG, "sta stats missing!"); 5474 return NL_SKIP; 5475 } 5476 if (nla_parse_nested(stats, NL80211_STA_INFO_MAX, 5477 tb[NL80211_ATTR_STA_INFO], 5478 stats_policy)) { 5479 wpa_printf(MSG_DEBUG, "failed to parse nested attributes!"); 5480 return NL_SKIP; 5481 } 5482 5483 if (stats[NL80211_STA_INFO_INACTIVE_TIME]) 5484 data->inactive_msec = 5485 nla_get_u32(stats[NL80211_STA_INFO_INACTIVE_TIME]); 5486 /* For backwards compatibility, fetch the 32-bit counters first. */ 5487 if (stats[NL80211_STA_INFO_RX_BYTES]) 5488 data->rx_bytes = nla_get_u32(stats[NL80211_STA_INFO_RX_BYTES]); 5489 if (stats[NL80211_STA_INFO_TX_BYTES]) 5490 data->tx_bytes = nla_get_u32(stats[NL80211_STA_INFO_TX_BYTES]); 5491 if (stats[NL80211_STA_INFO_RX_BYTES64] && 5492 stats[NL80211_STA_INFO_TX_BYTES64]) { 5493 /* 5494 * The driver supports 64-bit counters, so use them to override 5495 * the 32-bit values. 5496 */ 5497 data->rx_bytes = 5498 nla_get_u64(stats[NL80211_STA_INFO_RX_BYTES64]); 5499 data->tx_bytes = 5500 nla_get_u64(stats[NL80211_STA_INFO_TX_BYTES64]); 5501 data->bytes_64bit = 1; 5502 } 5503 if (stats[NL80211_STA_INFO_RX_PACKETS]) 5504 data->rx_packets = 5505 nla_get_u32(stats[NL80211_STA_INFO_RX_PACKETS]); 5506 if (stats[NL80211_STA_INFO_TX_PACKETS]) 5507 data->tx_packets = 5508 nla_get_u32(stats[NL80211_STA_INFO_TX_PACKETS]); 5509 if (stats[NL80211_STA_INFO_TX_FAILED]) 5510 data->tx_retry_failed = 5511 nla_get_u32(stats[NL80211_STA_INFO_TX_FAILED]); 5512 5513 return NL_SKIP; 5514} 5515 5516static int i802_read_sta_data(struct i802_bss *bss, 5517 struct hostap_sta_driver_data *data, 5518 const u8 *addr) 5519{ 5520 struct nl_msg *msg; 5521 5522 os_memset(data, 0, sizeof(*data)); 5523 5524 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_GET_STATION)) || 5525 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) { 5526 nlmsg_free(msg); 5527 return -ENOBUFS; 5528 } 5529 5530 return send_and_recv_msgs(bss->drv, msg, get_sta_handler, data); 5531} 5532 5533 5534static int i802_set_tx_queue_params(void *priv, int queue, int aifs, 5535 int cw_min, int cw_max, int burst_time) 5536{ 5537 struct i802_bss *bss = priv; 5538 struct wpa_driver_nl80211_data *drv = bss->drv; 5539 struct nl_msg *msg; 5540 struct nlattr *txq, *params; 5541 5542 msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_WIPHY); 5543 if (!msg) 5544 return -1; 5545 5546 txq = nla_nest_start(msg, NL80211_ATTR_WIPHY_TXQ_PARAMS); 5547 if (!txq) 5548 goto fail; 5549 5550 /* We are only sending parameters for a single TXQ at a time */ 5551 params = nla_nest_start(msg, 1); 5552 if (!params) 5553 goto fail; 5554 5555 switch (queue) { 5556 case 0: 5557 if (nla_put_u8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_VO)) 5558 goto fail; 5559 break; 5560 case 1: 5561 if (nla_put_u8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_VI)) 5562 goto fail; 5563 break; 5564 case 2: 5565 if (nla_put_u8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_BE)) 5566 goto fail; 5567 break; 5568 case 3: 5569 if (nla_put_u8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_BK)) 5570 goto fail; 5571 break; 5572 } 5573 /* Burst time is configured in units of 0.1 msec and TXOP parameter in 5574 * 32 usec, so need to convert the value here. */ 5575 if (nla_put_u16(msg, NL80211_TXQ_ATTR_TXOP, 5576 (burst_time * 100 + 16) / 32) || 5577 nla_put_u16(msg, NL80211_TXQ_ATTR_CWMIN, cw_min) || 5578 nla_put_u16(msg, NL80211_TXQ_ATTR_CWMAX, cw_max) || 5579 nla_put_u8(msg, NL80211_TXQ_ATTR_AIFS, aifs)) 5580 goto fail; 5581 5582 nla_nest_end(msg, params); 5583 5584 nla_nest_end(msg, txq); 5585 5586 if (send_and_recv_msgs(drv, msg, NULL, NULL) == 0) 5587 return 0; 5588 msg = NULL; 5589fail: 5590 nlmsg_free(msg); 5591 return -1; 5592} 5593 5594 5595static int i802_set_sta_vlan(struct i802_bss *bss, const u8 *addr, 5596 const char *ifname, int vlan_id) 5597{ 5598 struct wpa_driver_nl80211_data *drv = bss->drv; 5599 struct nl_msg *msg; 5600 int ret; 5601 5602 wpa_printf(MSG_DEBUG, "nl80211: %s[%d]: set_sta_vlan(" MACSTR 5603 ", ifname=%s[%d], vlan_id=%d)", 5604 bss->ifname, if_nametoindex(bss->ifname), 5605 MAC2STR(addr), ifname, if_nametoindex(ifname), vlan_id); 5606 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_STATION)) || 5607 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr) || 5608 nla_put_u32(msg, NL80211_ATTR_STA_VLAN, if_nametoindex(ifname))) { 5609 nlmsg_free(msg); 5610 return -ENOBUFS; 5611 } 5612 5613 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 5614 if (ret < 0) { 5615 wpa_printf(MSG_ERROR, "nl80211: NL80211_ATTR_STA_VLAN (addr=" 5616 MACSTR " ifname=%s vlan_id=%d) failed: %d (%s)", 5617 MAC2STR(addr), ifname, vlan_id, ret, 5618 strerror(-ret)); 5619 } 5620 return ret; 5621} 5622 5623 5624static int i802_get_inact_sec(void *priv, const u8 *addr) 5625{ 5626 struct hostap_sta_driver_data data; 5627 int ret; 5628 5629 data.inactive_msec = (unsigned long) -1; 5630 ret = i802_read_sta_data(priv, &data, addr); 5631 if (ret == -ENOENT) 5632 return -ENOENT; 5633 if (ret || data.inactive_msec == (unsigned long) -1) 5634 return -1; 5635 return data.inactive_msec / 1000; 5636} 5637 5638 5639static int i802_sta_clear_stats(void *priv, const u8 *addr) 5640{ 5641#if 0 5642 /* TODO */ 5643#endif 5644 return 0; 5645} 5646 5647 5648static int i802_sta_deauth(void *priv, const u8 *own_addr, const u8 *addr, 5649 int reason) 5650{ 5651 struct i802_bss *bss = priv; 5652 struct wpa_driver_nl80211_data *drv = bss->drv; 5653 struct ieee80211_mgmt mgmt; 5654 5655 if (is_mesh_interface(drv->nlmode)) 5656 return -1; 5657 5658 if (drv->device_ap_sme) 5659 return wpa_driver_nl80211_sta_remove(bss, addr, 1, reason); 5660 5661 memset(&mgmt, 0, sizeof(mgmt)); 5662 mgmt.frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT, 5663 WLAN_FC_STYPE_DEAUTH); 5664 memcpy(mgmt.da, addr, ETH_ALEN); 5665 memcpy(mgmt.sa, own_addr, ETH_ALEN); 5666 memcpy(mgmt.bssid, own_addr, ETH_ALEN); 5667 mgmt.u.deauth.reason_code = host_to_le16(reason); 5668 return wpa_driver_nl80211_send_mlme(bss, (u8 *) &mgmt, 5669 IEEE80211_HDRLEN + 5670 sizeof(mgmt.u.deauth), 0, 0, 0, 0, 5671 0, NULL, 0); 5672} 5673 5674 5675static int i802_sta_disassoc(void *priv, const u8 *own_addr, const u8 *addr, 5676 int reason) 5677{ 5678 struct i802_bss *bss = priv; 5679 struct wpa_driver_nl80211_data *drv = bss->drv; 5680 struct ieee80211_mgmt mgmt; 5681 5682 if (is_mesh_interface(drv->nlmode)) 5683 return -1; 5684 5685 if (drv->device_ap_sme) 5686 return wpa_driver_nl80211_sta_remove(bss, addr, 0, reason); 5687 5688 memset(&mgmt, 0, sizeof(mgmt)); 5689 mgmt.frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT, 5690 WLAN_FC_STYPE_DISASSOC); 5691 memcpy(mgmt.da, addr, ETH_ALEN); 5692 memcpy(mgmt.sa, own_addr, ETH_ALEN); 5693 memcpy(mgmt.bssid, own_addr, ETH_ALEN); 5694 mgmt.u.disassoc.reason_code = host_to_le16(reason); 5695 return wpa_driver_nl80211_send_mlme(bss, (u8 *) &mgmt, 5696 IEEE80211_HDRLEN + 5697 sizeof(mgmt.u.disassoc), 0, 0, 0, 0, 5698 0, NULL, 0); 5699} 5700 5701 5702static void dump_ifidx(struct wpa_driver_nl80211_data *drv) 5703{ 5704 char buf[200], *pos, *end; 5705 int i, res; 5706 5707 pos = buf; 5708 end = pos + sizeof(buf); 5709 5710 for (i = 0; i < drv->num_if_indices; i++) { 5711 if (!drv->if_indices[i]) 5712 continue; 5713 res = os_snprintf(pos, end - pos, " %d(%d)", 5714 drv->if_indices[i], 5715 drv->if_indices_reason[i]); 5716 if (os_snprintf_error(end - pos, res)) 5717 break; 5718 pos += res; 5719 } 5720 *pos = '\0'; 5721 5722 wpa_printf(MSG_DEBUG, "nl80211: if_indices[%d]:%s", 5723 drv->num_if_indices, buf); 5724} 5725 5726 5727static void add_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx, 5728 int ifidx_reason) 5729{ 5730 int i; 5731 int *old, *old_reason; 5732 5733 wpa_printf(MSG_DEBUG, 5734 "nl80211: Add own interface ifindex %d (ifidx_reason %d)", 5735 ifidx, ifidx_reason); 5736 if (have_ifidx(drv, ifidx, ifidx_reason)) { 5737 wpa_printf(MSG_DEBUG, "nl80211: ifindex %d already in the list", 5738 ifidx); 5739 return; 5740 } 5741 for (i = 0; i < drv->num_if_indices; i++) { 5742 if (drv->if_indices[i] == 0) { 5743 drv->if_indices[i] = ifidx; 5744 drv->if_indices_reason[i] = ifidx_reason; 5745 dump_ifidx(drv); 5746 return; 5747 } 5748 } 5749 5750 if (drv->if_indices != drv->default_if_indices) 5751 old = drv->if_indices; 5752 else 5753 old = NULL; 5754 5755 if (drv->if_indices_reason != drv->default_if_indices_reason) 5756 old_reason = drv->if_indices_reason; 5757 else 5758 old_reason = NULL; 5759 5760 drv->if_indices = os_realloc_array(old, drv->num_if_indices + 1, 5761 sizeof(int)); 5762 drv->if_indices_reason = os_realloc_array(old_reason, 5763 drv->num_if_indices + 1, 5764 sizeof(int)); 5765 if (!drv->if_indices) { 5766 if (!old) 5767 drv->if_indices = drv->default_if_indices; 5768 else 5769 drv->if_indices = old; 5770 } 5771 if (!drv->if_indices_reason) { 5772 if (!old_reason) 5773 drv->if_indices_reason = drv->default_if_indices_reason; 5774 else 5775 drv->if_indices_reason = old_reason; 5776 } 5777 if (!drv->if_indices || !drv->if_indices_reason) { 5778 wpa_printf(MSG_ERROR, "Failed to reallocate memory for " 5779 "interfaces"); 5780 wpa_printf(MSG_ERROR, "Ignoring EAPOL on interface %d", ifidx); 5781 return; 5782 } 5783 if (!old) 5784 os_memcpy(drv->if_indices, drv->default_if_indices, 5785 sizeof(drv->default_if_indices)); 5786 if (!old_reason) 5787 os_memcpy(drv->if_indices_reason, 5788 drv->default_if_indices_reason, 5789 sizeof(drv->default_if_indices_reason)); 5790 drv->if_indices[drv->num_if_indices] = ifidx; 5791 drv->if_indices_reason[drv->num_if_indices] = ifidx_reason; 5792 drv->num_if_indices++; 5793 dump_ifidx(drv); 5794} 5795 5796 5797static void del_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx, 5798 int ifidx_reason) 5799{ 5800 int i; 5801 5802 for (i = 0; i < drv->num_if_indices; i++) { 5803 if ((drv->if_indices[i] == ifidx || ifidx == IFIDX_ANY) && 5804 (drv->if_indices_reason[i] == ifidx_reason || 5805 ifidx_reason == IFIDX_ANY)) { 5806 drv->if_indices[i] = 0; 5807 break; 5808 } 5809 } 5810 dump_ifidx(drv); 5811} 5812 5813 5814static int have_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx, 5815 int ifidx_reason) 5816{ 5817 int i; 5818 5819 for (i = 0; i < drv->num_if_indices; i++) 5820 if (drv->if_indices[i] == ifidx && 5821 (drv->if_indices_reason[i] == ifidx_reason || 5822 ifidx_reason == IFIDX_ANY)) 5823 return 1; 5824 5825 return 0; 5826} 5827 5828 5829static int i802_set_wds_sta(void *priv, const u8 *addr, int aid, int val, 5830 const char *bridge_ifname, char *ifname_wds) 5831{ 5832 struct i802_bss *bss = priv; 5833 struct wpa_driver_nl80211_data *drv = bss->drv; 5834 char name[IFNAMSIZ + 1]; 5835 5836 os_snprintf(name, sizeof(name), "%s.sta%d", bss->ifname, aid); 5837 if (ifname_wds) 5838 os_strlcpy(ifname_wds, name, IFNAMSIZ + 1); 5839 5840 wpa_printf(MSG_DEBUG, "nl80211: Set WDS STA addr=" MACSTR 5841 " aid=%d val=%d name=%s", MAC2STR(addr), aid, val, name); 5842 if (val) { 5843 if (!if_nametoindex(name)) { 5844 if (nl80211_create_iface(drv, name, 5845 NL80211_IFTYPE_AP_VLAN, 5846 bss->addr, 1, NULL, NULL, 0) < 5847 0) 5848 return -1; 5849 if (bridge_ifname && 5850 linux_br_add_if(drv->global->ioctl_sock, 5851 bridge_ifname, name) < 0) 5852 return -1; 5853 } 5854 if (linux_set_iface_flags(drv->global->ioctl_sock, name, 1)) { 5855 wpa_printf(MSG_ERROR, "nl80211: Failed to set WDS STA " 5856 "interface %s up", name); 5857 } 5858 return i802_set_sta_vlan(priv, addr, name, 0); 5859 } else { 5860 if (bridge_ifname) 5861 linux_br_del_if(drv->global->ioctl_sock, bridge_ifname, 5862 name); 5863 5864 i802_set_sta_vlan(priv, addr, bss->ifname, 0); 5865 nl80211_remove_iface(drv, if_nametoindex(name)); 5866 return 0; 5867 } 5868} 5869 5870 5871static void handle_eapol(int sock, void *eloop_ctx, void *sock_ctx) 5872{ 5873 struct wpa_driver_nl80211_data *drv = eloop_ctx; 5874 struct sockaddr_ll lladdr; 5875 unsigned char buf[3000]; 5876 int len; 5877 socklen_t fromlen = sizeof(lladdr); 5878 5879 len = recvfrom(sock, buf, sizeof(buf), 0, 5880 (struct sockaddr *)&lladdr, &fromlen); 5881 if (len < 0) { 5882 wpa_printf(MSG_ERROR, "nl80211: EAPOL recv failed: %s", 5883 strerror(errno)); 5884 return; 5885 } 5886 5887 if (have_ifidx(drv, lladdr.sll_ifindex, IFIDX_ANY)) 5888 drv_event_eapol_rx(drv->ctx, lladdr.sll_addr, buf, len); 5889} 5890 5891 5892static int i802_check_bridge(struct wpa_driver_nl80211_data *drv, 5893 struct i802_bss *bss, 5894 const char *brname, const char *ifname) 5895{ 5896 int br_ifindex; 5897 char in_br[IFNAMSIZ]; 5898 5899 os_strlcpy(bss->brname, brname, IFNAMSIZ); 5900 br_ifindex = if_nametoindex(brname); 5901 if (br_ifindex == 0) { 5902 /* 5903 * Bridge was configured, but the bridge device does 5904 * not exist. Try to add it now. 5905 */ 5906 if (linux_br_add(drv->global->ioctl_sock, brname) < 0) { 5907 wpa_printf(MSG_ERROR, "nl80211: Failed to add the " 5908 "bridge interface %s: %s", 5909 brname, strerror(errno)); 5910 return -1; 5911 } 5912 bss->added_bridge = 1; 5913 br_ifindex = if_nametoindex(brname); 5914 add_ifidx(drv, br_ifindex, drv->ifindex); 5915 } 5916 bss->br_ifindex = br_ifindex; 5917 5918 if (linux_br_get(in_br, ifname) == 0) { 5919 if (os_strcmp(in_br, brname) == 0) 5920 return 0; /* already in the bridge */ 5921 5922 wpa_printf(MSG_DEBUG, "nl80211: Removing interface %s from " 5923 "bridge %s", ifname, in_br); 5924 if (linux_br_del_if(drv->global->ioctl_sock, in_br, ifname) < 5925 0) { 5926 wpa_printf(MSG_ERROR, "nl80211: Failed to " 5927 "remove interface %s from bridge " 5928 "%s: %s", 5929 ifname, brname, strerror(errno)); 5930 return -1; 5931 } 5932 } 5933 5934 wpa_printf(MSG_DEBUG, "nl80211: Adding interface %s into bridge %s", 5935 ifname, brname); 5936 if (linux_br_add_if(drv->global->ioctl_sock, brname, ifname) < 0) { 5937 wpa_printf(MSG_ERROR, "nl80211: Failed to add interface %s " 5938 "into bridge %s: %s", 5939 ifname, brname, strerror(errno)); 5940 return -1; 5941 } 5942 bss->added_if_into_bridge = 1; 5943 5944 return 0; 5945} 5946 5947 5948static void *i802_init(struct hostapd_data *hapd, 5949 struct wpa_init_params *params) 5950{ 5951 struct wpa_driver_nl80211_data *drv; 5952 struct i802_bss *bss; 5953 size_t i; 5954 char master_ifname[IFNAMSIZ]; 5955 int ifindex, br_ifindex = 0; 5956 int br_added = 0; 5957 5958 bss = wpa_driver_nl80211_drv_init(hapd, params->ifname, 5959 params->global_priv, 1, 5960 params->bssid, params->driver_params); 5961 if (bss == NULL) 5962 return NULL; 5963 5964 drv = bss->drv; 5965 5966 if (linux_br_get(master_ifname, params->ifname) == 0) { 5967 wpa_printf(MSG_DEBUG, "nl80211: Interface %s is in bridge %s", 5968 params->ifname, master_ifname); 5969 br_ifindex = if_nametoindex(master_ifname); 5970 os_strlcpy(bss->brname, master_ifname, IFNAMSIZ); 5971 } else if ((params->num_bridge == 0 || !params->bridge[0]) && 5972 linux_master_get(master_ifname, params->ifname) == 0) { 5973 wpa_printf(MSG_DEBUG, "nl80211: Interface %s is in master %s", 5974 params->ifname, master_ifname); 5975 /* start listening for EAPOL on the master interface */ 5976 add_ifidx(drv, if_nametoindex(master_ifname), drv->ifindex); 5977 5978 /* check if master itself is under bridge */ 5979 if (linux_br_get(master_ifname, master_ifname) == 0) { 5980 wpa_printf(MSG_DEBUG, "nl80211: which is in bridge %s", 5981 master_ifname); 5982 br_ifindex = if_nametoindex(master_ifname); 5983 os_strlcpy(bss->brname, master_ifname, IFNAMSIZ); 5984 } 5985 } else { 5986 master_ifname[0] = '\0'; 5987 } 5988 5989 bss->br_ifindex = br_ifindex; 5990 5991 for (i = 0; i < params->num_bridge; i++) { 5992 if (params->bridge[i]) { 5993 ifindex = if_nametoindex(params->bridge[i]); 5994 if (ifindex) 5995 add_ifidx(drv, ifindex, drv->ifindex); 5996 if (ifindex == br_ifindex) 5997 br_added = 1; 5998 } 5999 } 6000 6001 /* start listening for EAPOL on the default AP interface */ 6002 add_ifidx(drv, drv->ifindex, IFIDX_ANY); 6003 6004 if (params->num_bridge && params->bridge[0]) { 6005 if (i802_check_bridge(drv, bss, params->bridge[0], 6006 params->ifname) < 0) 6007 goto failed; 6008 if (os_strcmp(params->bridge[0], master_ifname) != 0) 6009 br_added = 1; 6010 } 6011 6012 if (!br_added && br_ifindex && 6013 (params->num_bridge == 0 || !params->bridge[0])) 6014 add_ifidx(drv, br_ifindex, drv->ifindex); 6015 6016#ifdef CONFIG_LIBNL3_ROUTE 6017 if (bss->added_if_into_bridge) { 6018 drv->rtnl_sk = nl_socket_alloc(); 6019 if (drv->rtnl_sk == NULL) { 6020 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate nl_sock"); 6021 goto failed; 6022 } 6023 6024 if (nl_connect(drv->rtnl_sk, NETLINK_ROUTE)) { 6025 wpa_printf(MSG_ERROR, "nl80211: Failed to connect nl_sock to NETLINK_ROUTE: %s", 6026 strerror(errno)); 6027 goto failed; 6028 } 6029 } 6030#endif /* CONFIG_LIBNL3_ROUTE */ 6031 6032 drv->eapol_sock = socket(PF_PACKET, SOCK_DGRAM, htons(ETH_P_PAE)); 6033 if (drv->eapol_sock < 0) { 6034 wpa_printf(MSG_ERROR, "nl80211: socket(PF_PACKET, SOCK_DGRAM, ETH_P_PAE) failed: %s", 6035 strerror(errno)); 6036 goto failed; 6037 } 6038 6039 if (eloop_register_read_sock(drv->eapol_sock, handle_eapol, drv, NULL)) 6040 { 6041 wpa_printf(MSG_INFO, "nl80211: Could not register read socket for eapol"); 6042 goto failed; 6043 } 6044 6045 if (linux_get_ifhwaddr(drv->global->ioctl_sock, bss->ifname, 6046 params->own_addr)) 6047 goto failed; 6048 os_memcpy(drv->perm_addr, params->own_addr, ETH_ALEN); 6049 6050 memcpy(bss->addr, params->own_addr, ETH_ALEN); 6051 6052 return bss; 6053 6054failed: 6055 wpa_driver_nl80211_deinit(bss); 6056 return NULL; 6057} 6058 6059 6060static void i802_deinit(void *priv) 6061{ 6062 struct i802_bss *bss = priv; 6063 wpa_driver_nl80211_deinit(bss); 6064} 6065 6066 6067static enum nl80211_iftype wpa_driver_nl80211_if_type( 6068 enum wpa_driver_if_type type) 6069{ 6070 switch (type) { 6071 case WPA_IF_STATION: 6072 return NL80211_IFTYPE_STATION; 6073 case WPA_IF_P2P_CLIENT: 6074 case WPA_IF_P2P_GROUP: 6075 return NL80211_IFTYPE_P2P_CLIENT; 6076 case WPA_IF_AP_VLAN: 6077 return NL80211_IFTYPE_AP_VLAN; 6078 case WPA_IF_AP_BSS: 6079 return NL80211_IFTYPE_AP; 6080 case WPA_IF_P2P_GO: 6081 return NL80211_IFTYPE_P2P_GO; 6082 case WPA_IF_P2P_DEVICE: 6083 return NL80211_IFTYPE_P2P_DEVICE; 6084 case WPA_IF_MESH: 6085 return NL80211_IFTYPE_MESH_POINT; 6086 default: 6087 return -1; 6088 } 6089} 6090 6091 6092static int nl80211_addr_in_use(struct nl80211_global *global, const u8 *addr) 6093{ 6094 struct wpa_driver_nl80211_data *drv; 6095 dl_list_for_each(drv, &global->interfaces, 6096 struct wpa_driver_nl80211_data, list) { 6097 if (os_memcmp(addr, drv->first_bss->addr, ETH_ALEN) == 0) 6098 return 1; 6099 } 6100 return 0; 6101} 6102 6103 6104static int nl80211_vif_addr(struct wpa_driver_nl80211_data *drv, u8 *new_addr) 6105{ 6106 unsigned int idx; 6107 6108 if (!drv->global) 6109 return -1; 6110 6111 os_memcpy(new_addr, drv->first_bss->addr, ETH_ALEN); 6112 for (idx = 0; idx < 64; idx++) { 6113 new_addr[0] = drv->first_bss->addr[0] | 0x02; 6114 new_addr[0] ^= idx << 2; 6115 if (!nl80211_addr_in_use(drv->global, new_addr)) 6116 break; 6117 } 6118 if (idx == 64) 6119 return -1; 6120 6121 wpa_printf(MSG_DEBUG, "nl80211: Assigned new virtual interface address " 6122 MACSTR, MAC2STR(new_addr)); 6123 6124 return 0; 6125} 6126 6127 6128struct wdev_info { 6129 u64 wdev_id; 6130 int wdev_id_set; 6131 u8 macaddr[ETH_ALEN]; 6132}; 6133 6134static int nl80211_wdev_handler(struct nl_msg *msg, void *arg) 6135{ 6136 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); 6137 struct nlattr *tb[NL80211_ATTR_MAX + 1]; 6138 struct wdev_info *wi = arg; 6139 6140 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), 6141 genlmsg_attrlen(gnlh, 0), NULL); 6142 if (tb[NL80211_ATTR_WDEV]) { 6143 wi->wdev_id = nla_get_u64(tb[NL80211_ATTR_WDEV]); 6144 wi->wdev_id_set = 1; 6145 } 6146 6147 if (tb[NL80211_ATTR_MAC]) 6148 os_memcpy(wi->macaddr, nla_data(tb[NL80211_ATTR_MAC]), 6149 ETH_ALEN); 6150 6151 return NL_SKIP; 6152} 6153 6154 6155static int wpa_driver_nl80211_if_add(void *priv, enum wpa_driver_if_type type, 6156 const char *ifname, const u8 *addr, 6157 void *bss_ctx, void **drv_priv, 6158 char *force_ifname, u8 *if_addr, 6159 const char *bridge, int use_existing, 6160 int setup_ap) 6161{ 6162 enum nl80211_iftype nlmode; 6163 struct i802_bss *bss = priv; 6164 struct wpa_driver_nl80211_data *drv = bss->drv; 6165 int ifidx; 6166 int added = 1; 6167 6168 if (addr) 6169 os_memcpy(if_addr, addr, ETH_ALEN); 6170 nlmode = wpa_driver_nl80211_if_type(type); 6171 if (nlmode == NL80211_IFTYPE_P2P_DEVICE) { 6172 struct wdev_info p2pdev_info; 6173 6174 os_memset(&p2pdev_info, 0, sizeof(p2pdev_info)); 6175 ifidx = nl80211_create_iface(drv, ifname, nlmode, addr, 6176 0, nl80211_wdev_handler, 6177 &p2pdev_info, use_existing); 6178 if (!p2pdev_info.wdev_id_set || ifidx != 0) { 6179 wpa_printf(MSG_ERROR, "nl80211: Failed to create a P2P Device interface %s", 6180 ifname); 6181 return -1; 6182 } 6183 6184 drv->global->if_add_wdevid = p2pdev_info.wdev_id; 6185 drv->global->if_add_wdevid_set = p2pdev_info.wdev_id_set; 6186 if (!is_zero_ether_addr(p2pdev_info.macaddr)) 6187 os_memcpy(if_addr, p2pdev_info.macaddr, ETH_ALEN); 6188 wpa_printf(MSG_DEBUG, "nl80211: New P2P Device interface %s (0x%llx) created", 6189 ifname, 6190 (long long unsigned int) p2pdev_info.wdev_id); 6191 } else { 6192 ifidx = nl80211_create_iface(drv, ifname, nlmode, addr, 6193 0, NULL, NULL, use_existing); 6194 if (use_existing && ifidx == -ENFILE) { 6195 added = 0; 6196 ifidx = if_nametoindex(ifname); 6197 } else if (ifidx < 0) { 6198 return -1; 6199 } 6200 } 6201 6202 if (!addr) { 6203 if (nlmode == NL80211_IFTYPE_P2P_DEVICE) 6204 os_memcpy(if_addr, bss->addr, ETH_ALEN); 6205 else if (linux_get_ifhwaddr(drv->global->ioctl_sock, 6206 ifname, if_addr) < 0) { 6207 if (added) 6208 nl80211_remove_iface(drv, ifidx); 6209 return -1; 6210 } 6211 } 6212 6213 if (!addr && 6214 (type == WPA_IF_P2P_CLIENT || type == WPA_IF_P2P_GROUP || 6215 type == WPA_IF_P2P_GO || type == WPA_IF_MESH || 6216 type == WPA_IF_STATION)) { 6217 /* Enforce unique address */ 6218 u8 new_addr[ETH_ALEN]; 6219 6220 if (linux_get_ifhwaddr(drv->global->ioctl_sock, ifname, 6221 new_addr) < 0) { 6222 if (added) 6223 nl80211_remove_iface(drv, ifidx); 6224 return -1; 6225 } 6226 if (nl80211_addr_in_use(drv->global, new_addr)) { 6227 wpa_printf(MSG_DEBUG, "nl80211: Allocate new address " 6228 "for interface %s type %d", ifname, type); 6229 if (nl80211_vif_addr(drv, new_addr) < 0) { 6230 if (added) 6231 nl80211_remove_iface(drv, ifidx); 6232 return -1; 6233 } 6234 if (linux_set_ifhwaddr(drv->global->ioctl_sock, ifname, 6235 new_addr) < 0) { 6236 if (added) 6237 nl80211_remove_iface(drv, ifidx); 6238 return -1; 6239 } 6240 } 6241 os_memcpy(if_addr, new_addr, ETH_ALEN); 6242 } 6243 6244 if (type == WPA_IF_AP_BSS && setup_ap) { 6245 struct i802_bss *new_bss = os_zalloc(sizeof(*new_bss)); 6246 if (new_bss == NULL) { 6247 if (added) 6248 nl80211_remove_iface(drv, ifidx); 6249 return -1; 6250 } 6251 6252 if (bridge && 6253 i802_check_bridge(drv, new_bss, bridge, ifname) < 0) { 6254 wpa_printf(MSG_ERROR, "nl80211: Failed to add the new " 6255 "interface %s to a bridge %s", 6256 ifname, bridge); 6257 if (added) 6258 nl80211_remove_iface(drv, ifidx); 6259 os_free(new_bss); 6260 return -1; 6261 } 6262 6263 if (linux_set_iface_flags(drv->global->ioctl_sock, ifname, 1)) 6264 { 6265 if (added) 6266 nl80211_remove_iface(drv, ifidx); 6267 os_free(new_bss); 6268 return -1; 6269 } 6270 os_strlcpy(new_bss->ifname, ifname, IFNAMSIZ); 6271 os_memcpy(new_bss->addr, if_addr, ETH_ALEN); 6272 new_bss->ifindex = ifidx; 6273 new_bss->drv = drv; 6274 new_bss->next = drv->first_bss->next; 6275 new_bss->freq = drv->first_bss->freq; 6276 new_bss->ctx = bss_ctx; 6277 new_bss->added_if = added; 6278 drv->first_bss->next = new_bss; 6279 if (drv_priv) 6280 *drv_priv = new_bss; 6281 nl80211_init_bss(new_bss); 6282 6283 /* Subscribe management frames for this WPA_IF_AP_BSS */ 6284 if (nl80211_setup_ap(new_bss)) 6285 return -1; 6286 } 6287 6288 if (drv->global) 6289 drv->global->if_add_ifindex = ifidx; 6290 6291 /* 6292 * Some virtual interfaces need to process EAPOL packets and events on 6293 * the parent interface. This is used mainly with hostapd. 6294 */ 6295 if (ifidx > 0 && 6296 (drv->hostapd || 6297 nlmode == NL80211_IFTYPE_AP_VLAN || 6298 nlmode == NL80211_IFTYPE_WDS || 6299 nlmode == NL80211_IFTYPE_MONITOR)) 6300 add_ifidx(drv, ifidx, IFIDX_ANY); 6301 6302 return 0; 6303} 6304 6305 6306static int wpa_driver_nl80211_if_remove(struct i802_bss *bss, 6307 enum wpa_driver_if_type type, 6308 const char *ifname) 6309{ 6310 struct wpa_driver_nl80211_data *drv = bss->drv; 6311 int ifindex = if_nametoindex(ifname); 6312 6313 wpa_printf(MSG_DEBUG, "nl80211: %s(type=%d ifname=%s) ifindex=%d added_if=%d", 6314 __func__, type, ifname, ifindex, bss->added_if); 6315 if (ifindex > 0 && (bss->added_if || bss->ifindex != ifindex)) 6316 nl80211_remove_iface(drv, ifindex); 6317 else if (ifindex > 0 && !bss->added_if) { 6318 struct wpa_driver_nl80211_data *drv2; 6319 dl_list_for_each(drv2, &drv->global->interfaces, 6320 struct wpa_driver_nl80211_data, list) { 6321 del_ifidx(drv2, ifindex, IFIDX_ANY); 6322 del_ifidx(drv2, IFIDX_ANY, ifindex); 6323 } 6324 } 6325 6326 if (type != WPA_IF_AP_BSS) 6327 return 0; 6328 6329 if (bss->added_if_into_bridge) { 6330 if (linux_br_del_if(drv->global->ioctl_sock, bss->brname, 6331 bss->ifname) < 0) 6332 wpa_printf(MSG_INFO, "nl80211: Failed to remove " 6333 "interface %s from bridge %s: %s", 6334 bss->ifname, bss->brname, strerror(errno)); 6335 } 6336 if (bss->added_bridge) { 6337 if (linux_br_del(drv->global->ioctl_sock, bss->brname) < 0) 6338 wpa_printf(MSG_INFO, "nl80211: Failed to remove " 6339 "bridge %s: %s", 6340 bss->brname, strerror(errno)); 6341 } 6342 6343 if (bss != drv->first_bss) { 6344 struct i802_bss *tbss; 6345 6346 wpa_printf(MSG_DEBUG, "nl80211: Not the first BSS - remove it"); 6347 for (tbss = drv->first_bss; tbss; tbss = tbss->next) { 6348 if (tbss->next == bss) { 6349 tbss->next = bss->next; 6350 /* Unsubscribe management frames */ 6351 nl80211_teardown_ap(bss); 6352 nl80211_destroy_bss(bss); 6353 if (!bss->added_if) 6354 i802_set_iface_flags(bss, 0); 6355 os_free(bss); 6356 bss = NULL; 6357 break; 6358 } 6359 } 6360 if (bss) 6361 wpa_printf(MSG_INFO, "nl80211: %s - could not find " 6362 "BSS %p in the list", __func__, bss); 6363 } else { 6364 wpa_printf(MSG_DEBUG, "nl80211: First BSS - reassign context"); 6365 nl80211_teardown_ap(bss); 6366 if (!bss->added_if && !drv->first_bss->next) 6367 wpa_driver_nl80211_del_beacon(drv); 6368 nl80211_destroy_bss(bss); 6369 if (!bss->added_if) 6370 i802_set_iface_flags(bss, 0); 6371 if (drv->first_bss->next) { 6372 drv->first_bss = drv->first_bss->next; 6373 drv->ctx = drv->first_bss->ctx; 6374 os_free(bss); 6375 } else { 6376 wpa_printf(MSG_DEBUG, "nl80211: No second BSS to reassign context to"); 6377 } 6378 } 6379 6380 return 0; 6381} 6382 6383 6384static int cookie_handler(struct nl_msg *msg, void *arg) 6385{ 6386 struct nlattr *tb[NL80211_ATTR_MAX + 1]; 6387 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); 6388 u64 *cookie = arg; 6389 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), 6390 genlmsg_attrlen(gnlh, 0), NULL); 6391 if (tb[NL80211_ATTR_COOKIE]) 6392 *cookie = nla_get_u64(tb[NL80211_ATTR_COOKIE]); 6393 return NL_SKIP; 6394} 6395 6396 6397static int nl80211_send_frame_cmd(struct i802_bss *bss, 6398 unsigned int freq, unsigned int wait, 6399 const u8 *buf, size_t buf_len, 6400 u64 *cookie_out, int no_cck, int no_ack, 6401 int offchanok, const u16 *csa_offs, 6402 size_t csa_offs_len) 6403{ 6404 struct wpa_driver_nl80211_data *drv = bss->drv; 6405 struct nl_msg *msg; 6406 u64 cookie; 6407 int ret = -1; 6408 6409 wpa_printf(MSG_MSGDUMP, "nl80211: CMD_FRAME freq=%u wait=%u no_cck=%d " 6410 "no_ack=%d offchanok=%d", 6411 freq, wait, no_cck, no_ack, offchanok); 6412 wpa_hexdump(MSG_MSGDUMP, "CMD_FRAME", buf, buf_len); 6413 6414 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_FRAME)) || 6415 (freq && nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, freq)) || 6416 (wait && nla_put_u32(msg, NL80211_ATTR_DURATION, wait)) || 6417 (offchanok && ((drv->capa.flags & WPA_DRIVER_FLAGS_OFFCHANNEL_TX) || 6418 drv->test_use_roc_tx) && 6419 nla_put_flag(msg, NL80211_ATTR_OFFCHANNEL_TX_OK)) || 6420 (no_cck && nla_put_flag(msg, NL80211_ATTR_TX_NO_CCK_RATE)) || 6421 (no_ack && nla_put_flag(msg, NL80211_ATTR_DONT_WAIT_FOR_ACK)) || 6422 (csa_offs && nla_put(msg, NL80211_ATTR_CSA_C_OFFSETS_TX, 6423 csa_offs_len * sizeof(u16), csa_offs)) || 6424 nla_put(msg, NL80211_ATTR_FRAME, buf_len, buf)) 6425 goto fail; 6426 6427 cookie = 0; 6428 ret = send_and_recv_msgs(drv, msg, cookie_handler, &cookie); 6429 msg = NULL; 6430 if (ret) { 6431 wpa_printf(MSG_DEBUG, "nl80211: Frame command failed: ret=%d " 6432 "(%s) (freq=%u wait=%u)", ret, strerror(-ret), 6433 freq, wait); 6434 } else { 6435 wpa_printf(MSG_MSGDUMP, "nl80211: Frame TX command accepted%s; " 6436 "cookie 0x%llx", no_ack ? " (no ACK)" : "", 6437 (long long unsigned int) cookie); 6438 6439 if (cookie_out) 6440 *cookie_out = no_ack ? (u64) -1 : cookie; 6441 6442 if (drv->num_send_action_cookies == MAX_SEND_ACTION_COOKIES) { 6443 wpa_printf(MSG_DEBUG, 6444 "nl80211: Drop oldest pending send action cookie 0x%llx", 6445 (long long unsigned int) 6446 drv->send_action_cookies[0]); 6447 os_memmove(&drv->send_action_cookies[0], 6448 &drv->send_action_cookies[1], 6449 (MAX_SEND_ACTION_COOKIES - 1) * 6450 sizeof(u64)); 6451 drv->num_send_action_cookies--; 6452 } 6453 drv->send_action_cookies[drv->num_send_action_cookies] = cookie; 6454 drv->num_send_action_cookies++; 6455 } 6456 6457fail: 6458 nlmsg_free(msg); 6459 return ret; 6460} 6461 6462 6463static int wpa_driver_nl80211_send_action(struct i802_bss *bss, 6464 unsigned int freq, 6465 unsigned int wait_time, 6466 const u8 *dst, const u8 *src, 6467 const u8 *bssid, 6468 const u8 *data, size_t data_len, 6469 int no_cck) 6470{ 6471 struct wpa_driver_nl80211_data *drv = bss->drv; 6472 int ret = -1; 6473 u8 *buf; 6474 struct ieee80211_hdr *hdr; 6475 6476 wpa_printf(MSG_DEBUG, "nl80211: Send Action frame (ifindex=%d, " 6477 "freq=%u MHz wait=%d ms no_cck=%d)", 6478 drv->ifindex, freq, wait_time, no_cck); 6479 6480 buf = os_zalloc(24 + data_len); 6481 if (buf == NULL) 6482 return ret; 6483 os_memcpy(buf + 24, data, data_len); 6484 hdr = (struct ieee80211_hdr *) buf; 6485 hdr->frame_control = 6486 IEEE80211_FC(WLAN_FC_TYPE_MGMT, WLAN_FC_STYPE_ACTION); 6487 os_memcpy(hdr->addr1, dst, ETH_ALEN); 6488 os_memcpy(hdr->addr2, src, ETH_ALEN); 6489 os_memcpy(hdr->addr3, bssid, ETH_ALEN); 6490 6491 if (is_ap_interface(drv->nlmode) && 6492 (!(drv->capa.flags & WPA_DRIVER_FLAGS_OFFCHANNEL_TX) || 6493 (int) freq == bss->freq || drv->device_ap_sme || 6494 !drv->use_monitor)) 6495 ret = wpa_driver_nl80211_send_mlme(bss, buf, 24 + data_len, 6496 0, freq, no_cck, 1, 6497 wait_time, NULL, 0); 6498 else 6499 ret = nl80211_send_frame_cmd(bss, freq, wait_time, buf, 6500 24 + data_len, 6501 &drv->send_action_cookie, 6502 no_cck, 0, 1, NULL, 0); 6503 6504 os_free(buf); 6505 return ret; 6506} 6507 6508 6509static void nl80211_frame_wait_cancel(struct i802_bss *bss, u64 cookie) 6510{ 6511 struct wpa_driver_nl80211_data *drv = bss->drv; 6512 struct nl_msg *msg; 6513 int ret; 6514 6515 wpa_printf(MSG_DEBUG, "nl80211: Cancel TX frame wait: cookie=0x%llx", 6516 (long long unsigned int) cookie); 6517 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_FRAME_WAIT_CANCEL)) || 6518 nla_put_u64(msg, NL80211_ATTR_COOKIE, cookie)) { 6519 nlmsg_free(msg); 6520 return; 6521 } 6522 6523 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 6524 if (ret) 6525 wpa_printf(MSG_DEBUG, "nl80211: wait cancel failed: ret=%d " 6526 "(%s)", ret, strerror(-ret)); 6527} 6528 6529 6530static void wpa_driver_nl80211_send_action_cancel_wait(void *priv) 6531{ 6532 struct i802_bss *bss = priv; 6533 struct wpa_driver_nl80211_data *drv = bss->drv; 6534 unsigned int i; 6535 u64 cookie; 6536 6537 /* Cancel the last pending TX cookie */ 6538 nl80211_frame_wait_cancel(bss, drv->send_action_cookie); 6539 6540 /* 6541 * Cancel the other pending TX cookies, if any. This is needed since 6542 * the driver may keep a list of all pending offchannel TX operations 6543 * and free up the radio only once they have expired or cancelled. 6544 */ 6545 for (i = drv->num_send_action_cookies; i > 0; i--) { 6546 cookie = drv->send_action_cookies[i - 1]; 6547 if (cookie != drv->send_action_cookie) 6548 nl80211_frame_wait_cancel(bss, cookie); 6549 } 6550 drv->num_send_action_cookies = 0; 6551} 6552 6553 6554static int wpa_driver_nl80211_remain_on_channel(void *priv, unsigned int freq, 6555 unsigned int duration) 6556{ 6557 struct i802_bss *bss = priv; 6558 struct wpa_driver_nl80211_data *drv = bss->drv; 6559 struct nl_msg *msg; 6560 int ret; 6561 u64 cookie; 6562 6563 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_REMAIN_ON_CHANNEL)) || 6564 nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, freq) || 6565 nla_put_u32(msg, NL80211_ATTR_DURATION, duration)) { 6566 nlmsg_free(msg); 6567 return -1; 6568 } 6569 6570 cookie = 0; 6571 ret = send_and_recv_msgs(drv, msg, cookie_handler, &cookie); 6572 if (ret == 0) { 6573 wpa_printf(MSG_DEBUG, "nl80211: Remain-on-channel cookie " 6574 "0x%llx for freq=%u MHz duration=%u", 6575 (long long unsigned int) cookie, freq, duration); 6576 drv->remain_on_chan_cookie = cookie; 6577 drv->pending_remain_on_chan = 1; 6578 return 0; 6579 } 6580 wpa_printf(MSG_DEBUG, "nl80211: Failed to request remain-on-channel " 6581 "(freq=%d duration=%u): %d (%s)", 6582 freq, duration, ret, strerror(-ret)); 6583 return -1; 6584} 6585 6586 6587static int wpa_driver_nl80211_cancel_remain_on_channel(void *priv) 6588{ 6589 struct i802_bss *bss = priv; 6590 struct wpa_driver_nl80211_data *drv = bss->drv; 6591 struct nl_msg *msg; 6592 int ret; 6593 6594 if (!drv->pending_remain_on_chan) { 6595 wpa_printf(MSG_DEBUG, "nl80211: No pending remain-on-channel " 6596 "to cancel"); 6597 return -1; 6598 } 6599 6600 wpa_printf(MSG_DEBUG, "nl80211: Cancel remain-on-channel with cookie " 6601 "0x%llx", 6602 (long long unsigned int) drv->remain_on_chan_cookie); 6603 6604 msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL); 6605 if (!msg || 6606 nla_put_u64(msg, NL80211_ATTR_COOKIE, drv->remain_on_chan_cookie)) { 6607 nlmsg_free(msg); 6608 return -1; 6609 } 6610 6611 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 6612 if (ret == 0) 6613 return 0; 6614 wpa_printf(MSG_DEBUG, "nl80211: Failed to cancel remain-on-channel: " 6615 "%d (%s)", ret, strerror(-ret)); 6616 return -1; 6617} 6618 6619 6620static int wpa_driver_nl80211_probe_req_report(struct i802_bss *bss, int report) 6621{ 6622 struct wpa_driver_nl80211_data *drv = bss->drv; 6623 6624 if (!report) { 6625 if (bss->nl_preq && drv->device_ap_sme && 6626 is_ap_interface(drv->nlmode) && !bss->in_deinit && 6627 !bss->static_ap) { 6628 /* 6629 * Do not disable Probe Request reporting that was 6630 * enabled in nl80211_setup_ap(). 6631 */ 6632 wpa_printf(MSG_DEBUG, "nl80211: Skip disabling of " 6633 "Probe Request reporting nl_preq=%p while " 6634 "in AP mode", bss->nl_preq); 6635 } else if (bss->nl_preq) { 6636 wpa_printf(MSG_DEBUG, "nl80211: Disable Probe Request " 6637 "reporting nl_preq=%p", bss->nl_preq); 6638 nl80211_destroy_eloop_handle(&bss->nl_preq); 6639 } 6640 return 0; 6641 } 6642 6643 if (bss->nl_preq) { 6644 wpa_printf(MSG_DEBUG, "nl80211: Probe Request reporting " 6645 "already on! nl_preq=%p", bss->nl_preq); 6646 return 0; 6647 } 6648 6649 bss->nl_preq = nl_create_handle(drv->global->nl_cb, "preq"); 6650 if (bss->nl_preq == NULL) 6651 return -1; 6652 wpa_printf(MSG_DEBUG, "nl80211: Enable Probe Request " 6653 "reporting nl_preq=%p", bss->nl_preq); 6654 6655 if (nl80211_register_frame(bss, bss->nl_preq, 6656 (WLAN_FC_TYPE_MGMT << 2) | 6657 (WLAN_FC_STYPE_PROBE_REQ << 4), 6658 NULL, 0) < 0) 6659 goto out_err; 6660 6661 nl80211_register_eloop_read(&bss->nl_preq, 6662 wpa_driver_nl80211_event_receive, 6663 bss->nl_cb); 6664 6665 return 0; 6666 6667 out_err: 6668 nl_destroy_handles(&bss->nl_preq); 6669 return -1; 6670} 6671 6672 6673static int nl80211_disable_11b_rates(struct wpa_driver_nl80211_data *drv, 6674 int ifindex, int disabled) 6675{ 6676 struct nl_msg *msg; 6677 struct nlattr *bands, *band; 6678 int ret; 6679 6680 wpa_printf(MSG_DEBUG, 6681 "nl80211: NL80211_CMD_SET_TX_BITRATE_MASK (ifindex=%d %s)", 6682 ifindex, disabled ? "NL80211_TXRATE_LEGACY=OFDM-only" : 6683 "no NL80211_TXRATE_LEGACY constraint"); 6684 6685 msg = nl80211_ifindex_msg(drv, ifindex, 0, 6686 NL80211_CMD_SET_TX_BITRATE_MASK); 6687 if (!msg) 6688 return -1; 6689 6690 bands = nla_nest_start(msg, NL80211_ATTR_TX_RATES); 6691 if (!bands) 6692 goto fail; 6693 6694 /* 6695 * Disable 2 GHz rates 1, 2, 5.5, 11 Mbps by masking out everything 6696 * else apart from 6, 9, 12, 18, 24, 36, 48, 54 Mbps from non-MCS 6697 * rates. All 5 GHz rates are left enabled. 6698 */ 6699 band = nla_nest_start(msg, NL80211_BAND_2GHZ); 6700 if (!band || 6701 (disabled && nla_put(msg, NL80211_TXRATE_LEGACY, 8, 6702 "\x0c\x12\x18\x24\x30\x48\x60\x6c"))) 6703 goto fail; 6704 nla_nest_end(msg, band); 6705 6706 nla_nest_end(msg, bands); 6707 6708 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 6709 if (ret) { 6710 wpa_printf(MSG_DEBUG, "nl80211: Set TX rates failed: ret=%d " 6711 "(%s)", ret, strerror(-ret)); 6712 } else 6713 drv->disabled_11b_rates = disabled; 6714 6715 return ret; 6716 6717fail: 6718 nlmsg_free(msg); 6719 return -1; 6720} 6721 6722 6723static int wpa_driver_nl80211_deinit_ap(void *priv) 6724{ 6725 struct i802_bss *bss = priv; 6726 struct wpa_driver_nl80211_data *drv = bss->drv; 6727 if (!is_ap_interface(drv->nlmode)) 6728 return -1; 6729 wpa_driver_nl80211_del_beacon(drv); 6730 bss->beacon_set = 0; 6731 6732 /* 6733 * If the P2P GO interface was dynamically added, then it is 6734 * possible that the interface change to station is not possible. 6735 */ 6736 if (drv->nlmode == NL80211_IFTYPE_P2P_GO && bss->if_dynamic) 6737 return 0; 6738 6739 return wpa_driver_nl80211_set_mode(priv, NL80211_IFTYPE_STATION); 6740} 6741 6742 6743static int wpa_driver_nl80211_stop_ap(void *priv) 6744{ 6745 struct i802_bss *bss = priv; 6746 struct wpa_driver_nl80211_data *drv = bss->drv; 6747 if (!is_ap_interface(drv->nlmode)) 6748 return -1; 6749 wpa_driver_nl80211_del_beacon(drv); 6750 bss->beacon_set = 0; 6751 return 0; 6752} 6753 6754 6755static int wpa_driver_nl80211_deinit_p2p_cli(void *priv) 6756{ 6757 struct i802_bss *bss = priv; 6758 struct wpa_driver_nl80211_data *drv = bss->drv; 6759 if (drv->nlmode != NL80211_IFTYPE_P2P_CLIENT) 6760 return -1; 6761 6762 /* 6763 * If the P2P Client interface was dynamically added, then it is 6764 * possible that the interface change to station is not possible. 6765 */ 6766 if (bss->if_dynamic) 6767 return 0; 6768 6769 return wpa_driver_nl80211_set_mode(priv, NL80211_IFTYPE_STATION); 6770} 6771 6772 6773static void wpa_driver_nl80211_resume(void *priv) 6774{ 6775 struct i802_bss *bss = priv; 6776 enum nl80211_iftype nlmode = nl80211_get_ifmode(bss); 6777 6778 if (i802_set_iface_flags(bss, 1)) 6779 wpa_printf(MSG_DEBUG, "nl80211: Failed to set interface up on resume event"); 6780 6781 if (is_p2p_net_interface(nlmode)) 6782 nl80211_disable_11b_rates(bss->drv, bss->drv->ifindex, 1); 6783} 6784 6785 6786static int nl80211_signal_monitor(void *priv, int threshold, int hysteresis) 6787{ 6788 struct i802_bss *bss = priv; 6789 struct wpa_driver_nl80211_data *drv = bss->drv; 6790 struct nl_msg *msg; 6791 struct nlattr *cqm; 6792 6793 wpa_printf(MSG_DEBUG, "nl80211: Signal monitor threshold=%d " 6794 "hysteresis=%d", threshold, hysteresis); 6795 6796 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_CQM)) || 6797 !(cqm = nla_nest_start(msg, NL80211_ATTR_CQM)) || 6798 nla_put_u32(msg, NL80211_ATTR_CQM_RSSI_THOLD, threshold) || 6799 nla_put_u32(msg, NL80211_ATTR_CQM_RSSI_HYST, hysteresis)) { 6800 nlmsg_free(msg); 6801 return -1; 6802 } 6803 nla_nest_end(msg, cqm); 6804 6805 return send_and_recv_msgs(drv, msg, NULL, NULL); 6806} 6807 6808 6809static int get_channel_width(struct nl_msg *msg, void *arg) 6810{ 6811 struct nlattr *tb[NL80211_ATTR_MAX + 1]; 6812 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); 6813 struct wpa_signal_info *sig_change = arg; 6814 6815 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), 6816 genlmsg_attrlen(gnlh, 0), NULL); 6817 6818 sig_change->center_frq1 = -1; 6819 sig_change->center_frq2 = -1; 6820 sig_change->chanwidth = CHAN_WIDTH_UNKNOWN; 6821 6822 if (tb[NL80211_ATTR_CHANNEL_WIDTH]) { 6823 sig_change->chanwidth = convert2width( 6824 nla_get_u32(tb[NL80211_ATTR_CHANNEL_WIDTH])); 6825 if (tb[NL80211_ATTR_CENTER_FREQ1]) 6826 sig_change->center_frq1 = 6827 nla_get_u32(tb[NL80211_ATTR_CENTER_FREQ1]); 6828 if (tb[NL80211_ATTR_CENTER_FREQ2]) 6829 sig_change->center_frq2 = 6830 nla_get_u32(tb[NL80211_ATTR_CENTER_FREQ2]); 6831 } 6832 6833 return NL_SKIP; 6834} 6835 6836 6837static int nl80211_get_channel_width(struct wpa_driver_nl80211_data *drv, 6838 struct wpa_signal_info *sig) 6839{ 6840 struct nl_msg *msg; 6841 6842 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_GET_INTERFACE); 6843 return send_and_recv_msgs(drv, msg, get_channel_width, sig); 6844} 6845 6846 6847static int nl80211_signal_poll(void *priv, struct wpa_signal_info *si) 6848{ 6849 struct i802_bss *bss = priv; 6850 struct wpa_driver_nl80211_data *drv = bss->drv; 6851 int res; 6852 6853 os_memset(si, 0, sizeof(*si)); 6854 res = nl80211_get_link_signal(drv, si); 6855 if (res) { 6856 if (drv->nlmode != NL80211_IFTYPE_ADHOC && 6857 drv->nlmode != NL80211_IFTYPE_MESH_POINT) 6858 return res; 6859 si->current_signal = 0; 6860 } 6861 6862 res = nl80211_get_channel_width(drv, si); 6863 if (res != 0) 6864 return res; 6865 6866 return nl80211_get_link_noise(drv, si); 6867} 6868 6869 6870static int nl80211_send_frame(void *priv, const u8 *data, size_t data_len, 6871 int encrypt) 6872{ 6873 struct i802_bss *bss = priv; 6874 return wpa_driver_nl80211_send_frame(bss, data, data_len, encrypt, 0, 6875 0, 0, 0, 0, NULL, 0); 6876} 6877 6878 6879static int nl80211_set_param(void *priv, const char *param) 6880{ 6881 if (param == NULL) 6882 return 0; 6883 wpa_printf(MSG_DEBUG, "nl80211: driver param='%s'", param); 6884 6885#ifdef CONFIG_P2P 6886 if (os_strstr(param, "use_p2p_group_interface=1")) { 6887 struct i802_bss *bss = priv; 6888 struct wpa_driver_nl80211_data *drv = bss->drv; 6889 6890 wpa_printf(MSG_DEBUG, "nl80211: Use separate P2P group " 6891 "interface"); 6892 drv->capa.flags |= WPA_DRIVER_FLAGS_P2P_CONCURRENT; 6893 drv->capa.flags |= WPA_DRIVER_FLAGS_P2P_MGMT_AND_NON_P2P; 6894 } 6895#endif /* CONFIG_P2P */ 6896 6897 if (os_strstr(param, "use_monitor=1")) { 6898 struct i802_bss *bss = priv; 6899 struct wpa_driver_nl80211_data *drv = bss->drv; 6900 drv->use_monitor = 1; 6901 } 6902 6903 if (os_strstr(param, "force_connect_cmd=1")) { 6904 struct i802_bss *bss = priv; 6905 struct wpa_driver_nl80211_data *drv = bss->drv; 6906 drv->capa.flags &= ~WPA_DRIVER_FLAGS_SME; 6907 drv->force_connect_cmd = 1; 6908 } 6909 6910 if (os_strstr(param, "no_offchannel_tx=1")) { 6911 struct i802_bss *bss = priv; 6912 struct wpa_driver_nl80211_data *drv = bss->drv; 6913 drv->capa.flags &= ~WPA_DRIVER_FLAGS_OFFCHANNEL_TX; 6914 drv->test_use_roc_tx = 1; 6915 } 6916 6917 return 0; 6918} 6919 6920 6921static void * nl80211_global_init(void *ctx) 6922{ 6923 struct nl80211_global *global; 6924 struct netlink_config *cfg; 6925 6926 global = os_zalloc(sizeof(*global)); 6927 if (global == NULL) 6928 return NULL; 6929 global->ctx = ctx; 6930 global->ioctl_sock = -1; 6931 dl_list_init(&global->interfaces); 6932 global->if_add_ifindex = -1; 6933 6934 cfg = os_zalloc(sizeof(*cfg)); 6935 if (cfg == NULL) 6936 goto err; 6937 6938 cfg->ctx = global; 6939 cfg->newlink_cb = wpa_driver_nl80211_event_rtm_newlink; 6940 cfg->dellink_cb = wpa_driver_nl80211_event_rtm_dellink; 6941 global->netlink = netlink_init(cfg); 6942 if (global->netlink == NULL) { 6943 os_free(cfg); 6944 goto err; 6945 } 6946 6947 if (wpa_driver_nl80211_init_nl_global(global) < 0) 6948 goto err; 6949 6950 global->ioctl_sock = socket(PF_INET, SOCK_DGRAM, 0); 6951 if (global->ioctl_sock < 0) { 6952 wpa_printf(MSG_ERROR, "nl80211: socket(PF_INET,SOCK_DGRAM) failed: %s", 6953 strerror(errno)); 6954 goto err; 6955 } 6956 6957 return global; 6958 6959err: 6960 nl80211_global_deinit(global); 6961 return NULL; 6962} 6963 6964 6965static void nl80211_global_deinit(void *priv) 6966{ 6967 struct nl80211_global *global = priv; 6968 if (global == NULL) 6969 return; 6970 if (!dl_list_empty(&global->interfaces)) { 6971 wpa_printf(MSG_ERROR, "nl80211: %u interface(s) remain at " 6972 "nl80211_global_deinit", 6973 dl_list_len(&global->interfaces)); 6974 } 6975 6976 if (global->netlink) 6977 netlink_deinit(global->netlink); 6978 6979 nl_destroy_handles(&global->nl); 6980 6981 if (global->nl_event) 6982 nl80211_destroy_eloop_handle(&global->nl_event); 6983 6984 nl_cb_put(global->nl_cb); 6985 6986 if (global->ioctl_sock >= 0) 6987 close(global->ioctl_sock); 6988 6989 os_free(global); 6990} 6991 6992 6993static const char * nl80211_get_radio_name(void *priv) 6994{ 6995 struct i802_bss *bss = priv; 6996 struct wpa_driver_nl80211_data *drv = bss->drv; 6997 return drv->phyname; 6998} 6999 7000 7001static int nl80211_pmkid(struct i802_bss *bss, int cmd, const u8 *bssid, 7002 const u8 *pmkid) 7003{ 7004 struct nl_msg *msg; 7005 7006 if (!(msg = nl80211_bss_msg(bss, 0, cmd)) || 7007 (pmkid && nla_put(msg, NL80211_ATTR_PMKID, 16, pmkid)) || 7008 (bssid && nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid))) { 7009 nlmsg_free(msg); 7010 return -ENOBUFS; 7011 } 7012 7013 return send_and_recv_msgs(bss->drv, msg, NULL, NULL); 7014} 7015 7016 7017static int nl80211_add_pmkid(void *priv, const u8 *bssid, const u8 *pmkid) 7018{ 7019 struct i802_bss *bss = priv; 7020 wpa_printf(MSG_DEBUG, "nl80211: Add PMKID for " MACSTR, MAC2STR(bssid)); 7021 return nl80211_pmkid(bss, NL80211_CMD_SET_PMKSA, bssid, pmkid); 7022} 7023 7024 7025static int nl80211_remove_pmkid(void *priv, const u8 *bssid, const u8 *pmkid) 7026{ 7027 struct i802_bss *bss = priv; 7028 wpa_printf(MSG_DEBUG, "nl80211: Delete PMKID for " MACSTR, 7029 MAC2STR(bssid)); 7030 return nl80211_pmkid(bss, NL80211_CMD_DEL_PMKSA, bssid, pmkid); 7031} 7032 7033 7034static int nl80211_flush_pmkid(void *priv) 7035{ 7036 struct i802_bss *bss = priv; 7037 wpa_printf(MSG_DEBUG, "nl80211: Flush PMKIDs"); 7038 return nl80211_pmkid(bss, NL80211_CMD_FLUSH_PMKSA, NULL, NULL); 7039} 7040 7041 7042static void clean_survey_results(struct survey_results *survey_results) 7043{ 7044 struct freq_survey *survey, *tmp; 7045 7046 if (dl_list_empty(&survey_results->survey_list)) 7047 return; 7048 7049 dl_list_for_each_safe(survey, tmp, &survey_results->survey_list, 7050 struct freq_survey, list) { 7051 dl_list_del(&survey->list); 7052 os_free(survey); 7053 } 7054} 7055 7056 7057static void add_survey(struct nlattr **sinfo, u32 ifidx, 7058 struct dl_list *survey_list) 7059{ 7060 struct freq_survey *survey; 7061 7062 survey = os_zalloc(sizeof(struct freq_survey)); 7063 if (!survey) 7064 return; 7065 7066 survey->ifidx = ifidx; 7067 survey->freq = nla_get_u32(sinfo[NL80211_SURVEY_INFO_FREQUENCY]); 7068 survey->filled = 0; 7069 7070 if (sinfo[NL80211_SURVEY_INFO_NOISE]) { 7071 survey->nf = (int8_t) 7072 nla_get_u8(sinfo[NL80211_SURVEY_INFO_NOISE]); 7073 survey->filled |= SURVEY_HAS_NF; 7074 } 7075 7076 if (sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME]) { 7077 survey->channel_time = 7078 nla_get_u64(sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME]); 7079 survey->filled |= SURVEY_HAS_CHAN_TIME; 7080 } 7081 7082 if (sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_BUSY]) { 7083 survey->channel_time_busy = 7084 nla_get_u64(sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_BUSY]); 7085 survey->filled |= SURVEY_HAS_CHAN_TIME_BUSY; 7086 } 7087 7088 if (sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_RX]) { 7089 survey->channel_time_rx = 7090 nla_get_u64(sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_RX]); 7091 survey->filled |= SURVEY_HAS_CHAN_TIME_RX; 7092 } 7093 7094 if (sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_TX]) { 7095 survey->channel_time_tx = 7096 nla_get_u64(sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_TX]); 7097 survey->filled |= SURVEY_HAS_CHAN_TIME_TX; 7098 } 7099 7100 wpa_printf(MSG_DEBUG, "nl80211: Freq survey dump event (freq=%d MHz noise=%d channel_time=%ld busy_time=%ld tx_time=%ld rx_time=%ld filled=%04x)", 7101 survey->freq, 7102 survey->nf, 7103 (unsigned long int) survey->channel_time, 7104 (unsigned long int) survey->channel_time_busy, 7105 (unsigned long int) survey->channel_time_tx, 7106 (unsigned long int) survey->channel_time_rx, 7107 survey->filled); 7108 7109 dl_list_add_tail(survey_list, &survey->list); 7110} 7111 7112 7113static int check_survey_ok(struct nlattr **sinfo, u32 surveyed_freq, 7114 unsigned int freq_filter) 7115{ 7116 if (!freq_filter) 7117 return 1; 7118 7119 return freq_filter == surveyed_freq; 7120} 7121 7122 7123static int survey_handler(struct nl_msg *msg, void *arg) 7124{ 7125 struct nlattr *tb[NL80211_ATTR_MAX + 1]; 7126 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); 7127 struct nlattr *sinfo[NL80211_SURVEY_INFO_MAX + 1]; 7128 struct survey_results *survey_results; 7129 u32 surveyed_freq = 0; 7130 u32 ifidx; 7131 7132 static struct nla_policy survey_policy[NL80211_SURVEY_INFO_MAX + 1] = { 7133 [NL80211_SURVEY_INFO_FREQUENCY] = { .type = NLA_U32 }, 7134 [NL80211_SURVEY_INFO_NOISE] = { .type = NLA_U8 }, 7135 }; 7136 7137 survey_results = (struct survey_results *) arg; 7138 7139 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), 7140 genlmsg_attrlen(gnlh, 0), NULL); 7141 7142 if (!tb[NL80211_ATTR_IFINDEX]) 7143 return NL_SKIP; 7144 7145 ifidx = nla_get_u32(tb[NL80211_ATTR_IFINDEX]); 7146 7147 if (!tb[NL80211_ATTR_SURVEY_INFO]) 7148 return NL_SKIP; 7149 7150 if (nla_parse_nested(sinfo, NL80211_SURVEY_INFO_MAX, 7151 tb[NL80211_ATTR_SURVEY_INFO], 7152 survey_policy)) 7153 return NL_SKIP; 7154 7155 if (!sinfo[NL80211_SURVEY_INFO_FREQUENCY]) { 7156 wpa_printf(MSG_ERROR, "nl80211: Invalid survey data"); 7157 return NL_SKIP; 7158 } 7159 7160 surveyed_freq = nla_get_u32(sinfo[NL80211_SURVEY_INFO_FREQUENCY]); 7161 7162 if (!check_survey_ok(sinfo, surveyed_freq, 7163 survey_results->freq_filter)) 7164 return NL_SKIP; 7165 7166 if (survey_results->freq_filter && 7167 survey_results->freq_filter != surveyed_freq) { 7168 wpa_printf(MSG_EXCESSIVE, "nl80211: Ignoring survey data for freq %d MHz", 7169 surveyed_freq); 7170 return NL_SKIP; 7171 } 7172 7173 add_survey(sinfo, ifidx, &survey_results->survey_list); 7174 7175 return NL_SKIP; 7176} 7177 7178 7179static int wpa_driver_nl80211_get_survey(void *priv, unsigned int freq) 7180{ 7181 struct i802_bss *bss = priv; 7182 struct wpa_driver_nl80211_data *drv = bss->drv; 7183 struct nl_msg *msg; 7184 int err; 7185 union wpa_event_data data; 7186 struct survey_results *survey_results; 7187 7188 os_memset(&data, 0, sizeof(data)); 7189 survey_results = &data.survey_results; 7190 7191 dl_list_init(&survey_results->survey_list); 7192 7193 msg = nl80211_drv_msg(drv, NLM_F_DUMP, NL80211_CMD_GET_SURVEY); 7194 if (!msg) 7195 return -ENOBUFS; 7196 7197 if (freq) 7198 data.survey_results.freq_filter = freq; 7199 7200 do { 7201 wpa_printf(MSG_DEBUG, "nl80211: Fetch survey data"); 7202 err = send_and_recv_msgs(drv, msg, survey_handler, 7203 survey_results); 7204 } while (err > 0); 7205 7206 if (err) 7207 wpa_printf(MSG_ERROR, "nl80211: Failed to process survey data"); 7208 else 7209 wpa_supplicant_event(drv->ctx, EVENT_SURVEY, &data); 7210 7211 clean_survey_results(survey_results); 7212 return err; 7213} 7214 7215 7216static void nl80211_set_rekey_info(void *priv, const u8 *kek, size_t kek_len, 7217 const u8 *kck, size_t kck_len, 7218 const u8 *replay_ctr) 7219{ 7220 struct i802_bss *bss = priv; 7221 struct wpa_driver_nl80211_data *drv = bss->drv; 7222 struct nlattr *replay_nested; 7223 struct nl_msg *msg; 7224 int ret; 7225 7226 if (!drv->set_rekey_offload) 7227 return; 7228 7229 wpa_printf(MSG_DEBUG, "nl80211: Set rekey offload"); 7230 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_REKEY_OFFLOAD)) || 7231 !(replay_nested = nla_nest_start(msg, NL80211_ATTR_REKEY_DATA)) || 7232 nla_put(msg, NL80211_REKEY_DATA_KEK, kek_len, kek) || 7233 nla_put(msg, NL80211_REKEY_DATA_KCK, kck_len, kck) || 7234 nla_put(msg, NL80211_REKEY_DATA_REPLAY_CTR, NL80211_REPLAY_CTR_LEN, 7235 replay_ctr)) { 7236 nl80211_nlmsg_clear(msg); 7237 nlmsg_free(msg); 7238 return; 7239 } 7240 7241 nla_nest_end(msg, replay_nested); 7242 7243 ret = send_and_recv_msgs(drv, msg, NULL, (void *) -1); 7244 if (ret == -EOPNOTSUPP) { 7245 wpa_printf(MSG_DEBUG, 7246 "nl80211: Driver does not support rekey offload"); 7247 drv->set_rekey_offload = 0; 7248 } 7249} 7250 7251 7252static void nl80211_send_null_frame(struct i802_bss *bss, const u8 *own_addr, 7253 const u8 *addr, int qos) 7254{ 7255 /* send data frame to poll STA and check whether 7256 * this frame is ACKed */ 7257 struct { 7258 struct ieee80211_hdr hdr; 7259 u16 qos_ctl; 7260 } STRUCT_PACKED nulldata; 7261 size_t size; 7262 7263 /* Send data frame to poll STA and check whether this frame is ACKed */ 7264 7265 os_memset(&nulldata, 0, sizeof(nulldata)); 7266 7267 if (qos) { 7268 nulldata.hdr.frame_control = 7269 IEEE80211_FC(WLAN_FC_TYPE_DATA, 7270 WLAN_FC_STYPE_QOS_NULL); 7271 size = sizeof(nulldata); 7272 } else { 7273 nulldata.hdr.frame_control = 7274 IEEE80211_FC(WLAN_FC_TYPE_DATA, 7275 WLAN_FC_STYPE_NULLFUNC); 7276 size = sizeof(struct ieee80211_hdr); 7277 } 7278 7279 nulldata.hdr.frame_control |= host_to_le16(WLAN_FC_FROMDS); 7280 os_memcpy(nulldata.hdr.IEEE80211_DA_FROMDS, addr, ETH_ALEN); 7281 os_memcpy(nulldata.hdr.IEEE80211_BSSID_FROMDS, own_addr, ETH_ALEN); 7282 os_memcpy(nulldata.hdr.IEEE80211_SA_FROMDS, own_addr, ETH_ALEN); 7283 7284 if (wpa_driver_nl80211_send_mlme(bss, (u8 *) &nulldata, size, 0, 0, 0, 7285 0, 0, NULL, 0) < 0) 7286 wpa_printf(MSG_DEBUG, "nl80211_send_null_frame: Failed to " 7287 "send poll frame"); 7288} 7289 7290static void nl80211_poll_client(void *priv, const u8 *own_addr, const u8 *addr, 7291 int qos) 7292{ 7293 struct i802_bss *bss = priv; 7294 struct wpa_driver_nl80211_data *drv = bss->drv; 7295 struct nl_msg *msg; 7296 int ret; 7297 7298 if (!drv->poll_command_supported) { 7299 nl80211_send_null_frame(bss, own_addr, addr, qos); 7300 return; 7301 } 7302 7303 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_PROBE_CLIENT)) || 7304 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) { 7305 nlmsg_free(msg); 7306 return; 7307 } 7308 7309 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 7310 if (ret < 0) { 7311 wpa_printf(MSG_DEBUG, "nl80211: Client probe request for " 7312 MACSTR " failed: ret=%d (%s)", 7313 MAC2STR(addr), ret, strerror(-ret)); 7314 } 7315} 7316 7317 7318static int nl80211_set_power_save(struct i802_bss *bss, int enabled) 7319{ 7320 struct nl_msg *msg; 7321 7322 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_POWER_SAVE)) || 7323 nla_put_u32(msg, NL80211_ATTR_PS_STATE, 7324 enabled ? NL80211_PS_ENABLED : NL80211_PS_DISABLED)) { 7325 nlmsg_free(msg); 7326 return -ENOBUFS; 7327 } 7328 return send_and_recv_msgs(bss->drv, msg, NULL, NULL); 7329} 7330 7331 7332static int nl80211_set_p2p_powersave(void *priv, int legacy_ps, int opp_ps, 7333 int ctwindow) 7334{ 7335 struct i802_bss *bss = priv; 7336 7337 wpa_printf(MSG_DEBUG, "nl80211: set_p2p_powersave (legacy_ps=%d " 7338 "opp_ps=%d ctwindow=%d)", legacy_ps, opp_ps, ctwindow); 7339 7340 if (opp_ps != -1 || ctwindow != -1) { 7341#ifdef ANDROID_P2P 7342 wpa_driver_set_p2p_ps(priv, legacy_ps, opp_ps, ctwindow); 7343#else /* ANDROID_P2P */ 7344 return -1; /* Not yet supported */ 7345#endif /* ANDROID_P2P */ 7346 } 7347 7348 if (legacy_ps == -1) 7349 return 0; 7350 if (legacy_ps != 0 && legacy_ps != 1) 7351 return -1; /* Not yet supported */ 7352 7353 return nl80211_set_power_save(bss, legacy_ps); 7354} 7355 7356 7357static int nl80211_start_radar_detection(void *priv, 7358 struct hostapd_freq_params *freq) 7359{ 7360 struct i802_bss *bss = priv; 7361 struct wpa_driver_nl80211_data *drv = bss->drv; 7362 struct nl_msg *msg; 7363 int ret; 7364 7365 wpa_printf(MSG_DEBUG, "nl80211: Start radar detection (CAC) %d MHz (ht_enabled=%d, vht_enabled=%d, bandwidth=%d MHz, cf1=%d MHz, cf2=%d MHz)", 7366 freq->freq, freq->ht_enabled, freq->vht_enabled, 7367 freq->bandwidth, freq->center_freq1, freq->center_freq2); 7368 7369 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_RADAR)) { 7370 wpa_printf(MSG_DEBUG, "nl80211: Driver does not support radar " 7371 "detection"); 7372 return -1; 7373 } 7374 7375 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_RADAR_DETECT)) || 7376 nl80211_put_freq_params(msg, freq) < 0) { 7377 nlmsg_free(msg); 7378 return -1; 7379 } 7380 7381 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 7382 if (ret == 0) 7383 return 0; 7384 wpa_printf(MSG_DEBUG, "nl80211: Failed to start radar detection: " 7385 "%d (%s)", ret, strerror(-ret)); 7386 return -1; 7387} 7388 7389#ifdef CONFIG_TDLS 7390 7391static int nl80211_send_tdls_mgmt(void *priv, const u8 *dst, u8 action_code, 7392 u8 dialog_token, u16 status_code, 7393 u32 peer_capab, int initiator, const u8 *buf, 7394 size_t len) 7395{ 7396 struct i802_bss *bss = priv; 7397 struct wpa_driver_nl80211_data *drv = bss->drv; 7398 struct nl_msg *msg; 7399 7400 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT)) 7401 return -EOPNOTSUPP; 7402 7403 if (!dst) 7404 return -EINVAL; 7405 7406 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_TDLS_MGMT)) || 7407 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, dst) || 7408 nla_put_u8(msg, NL80211_ATTR_TDLS_ACTION, action_code) || 7409 nla_put_u8(msg, NL80211_ATTR_TDLS_DIALOG_TOKEN, dialog_token) || 7410 nla_put_u16(msg, NL80211_ATTR_STATUS_CODE, status_code)) 7411 goto fail; 7412 if (peer_capab) { 7413 /* 7414 * The internal enum tdls_peer_capability definition is 7415 * currently identical with the nl80211 enum 7416 * nl80211_tdls_peer_capability, so no conversion is needed 7417 * here. 7418 */ 7419 if (nla_put_u32(msg, NL80211_ATTR_TDLS_PEER_CAPABILITY, 7420 peer_capab)) 7421 goto fail; 7422 } 7423 if ((initiator && 7424 nla_put_flag(msg, NL80211_ATTR_TDLS_INITIATOR)) || 7425 nla_put(msg, NL80211_ATTR_IE, len, buf)) 7426 goto fail; 7427 7428 return send_and_recv_msgs(drv, msg, NULL, NULL); 7429 7430fail: 7431 nlmsg_free(msg); 7432 return -ENOBUFS; 7433} 7434 7435 7436static int nl80211_tdls_oper(void *priv, enum tdls_oper oper, const u8 *peer) 7437{ 7438 struct i802_bss *bss = priv; 7439 struct wpa_driver_nl80211_data *drv = bss->drv; 7440 struct nl_msg *msg; 7441 enum nl80211_tdls_operation nl80211_oper; 7442 7443 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT)) 7444 return -EOPNOTSUPP; 7445 7446 switch (oper) { 7447 case TDLS_DISCOVERY_REQ: 7448 nl80211_oper = NL80211_TDLS_DISCOVERY_REQ; 7449 break; 7450 case TDLS_SETUP: 7451 nl80211_oper = NL80211_TDLS_SETUP; 7452 break; 7453 case TDLS_TEARDOWN: 7454 nl80211_oper = NL80211_TDLS_TEARDOWN; 7455 break; 7456 case TDLS_ENABLE_LINK: 7457 nl80211_oper = NL80211_TDLS_ENABLE_LINK; 7458 break; 7459 case TDLS_DISABLE_LINK: 7460 nl80211_oper = NL80211_TDLS_DISABLE_LINK; 7461 break; 7462 case TDLS_ENABLE: 7463 return 0; 7464 case TDLS_DISABLE: 7465 return 0; 7466 default: 7467 return -EINVAL; 7468 } 7469 7470 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_TDLS_OPER)) || 7471 nla_put_u8(msg, NL80211_ATTR_TDLS_OPERATION, nl80211_oper) || 7472 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, peer)) { 7473 nlmsg_free(msg); 7474 return -ENOBUFS; 7475 } 7476 7477 return send_and_recv_msgs(drv, msg, NULL, NULL); 7478} 7479 7480 7481static int 7482nl80211_tdls_enable_channel_switch(void *priv, const u8 *addr, u8 oper_class, 7483 const struct hostapd_freq_params *params) 7484{ 7485 struct i802_bss *bss = priv; 7486 struct wpa_driver_nl80211_data *drv = bss->drv; 7487 struct nl_msg *msg; 7488 int ret = -ENOBUFS; 7489 7490 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT) || 7491 !(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_CHANNEL_SWITCH)) 7492 return -EOPNOTSUPP; 7493 7494 wpa_printf(MSG_DEBUG, "nl80211: Enable TDLS channel switch " MACSTR 7495 " oper_class=%u freq=%u", 7496 MAC2STR(addr), oper_class, params->freq); 7497 msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_TDLS_CHANNEL_SWITCH); 7498 if (!msg || 7499 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr) || 7500 nla_put_u8(msg, NL80211_ATTR_OPER_CLASS, oper_class) || 7501 (ret = nl80211_put_freq_params(msg, params))) { 7502 nlmsg_free(msg); 7503 wpa_printf(MSG_DEBUG, "nl80211: Could not build TDLS chan switch"); 7504 return ret; 7505 } 7506 7507 return send_and_recv_msgs(drv, msg, NULL, NULL); 7508} 7509 7510 7511static int 7512nl80211_tdls_disable_channel_switch(void *priv, const u8 *addr) 7513{ 7514 struct i802_bss *bss = priv; 7515 struct wpa_driver_nl80211_data *drv = bss->drv; 7516 struct nl_msg *msg; 7517 7518 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT) || 7519 !(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_CHANNEL_SWITCH)) 7520 return -EOPNOTSUPP; 7521 7522 wpa_printf(MSG_DEBUG, "nl80211: Disable TDLS channel switch " MACSTR, 7523 MAC2STR(addr)); 7524 msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_TDLS_CANCEL_CHANNEL_SWITCH); 7525 if (!msg || 7526 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) { 7527 nlmsg_free(msg); 7528 wpa_printf(MSG_DEBUG, 7529 "nl80211: Could not build TDLS cancel chan switch"); 7530 return -ENOBUFS; 7531 } 7532 7533 return send_and_recv_msgs(drv, msg, NULL, NULL); 7534} 7535 7536#endif /* CONFIG TDLS */ 7537 7538 7539static int driver_nl80211_set_key(const char *ifname, void *priv, 7540 enum wpa_alg alg, const u8 *addr, 7541 int key_idx, int set_tx, 7542 const u8 *seq, size_t seq_len, 7543 const u8 *key, size_t key_len) 7544{ 7545 struct i802_bss *bss = priv; 7546 return wpa_driver_nl80211_set_key(ifname, bss, alg, addr, key_idx, 7547 set_tx, seq, seq_len, key, key_len); 7548} 7549 7550 7551static int driver_nl80211_scan2(void *priv, 7552 struct wpa_driver_scan_params *params) 7553{ 7554 struct i802_bss *bss = priv; 7555#ifdef CONFIG_DRIVER_NL80211_QCA 7556 struct wpa_driver_nl80211_data *drv = bss->drv; 7557 7558 /* 7559 * Do a vendor specific scan if possible. If only_new_results is 7560 * set, do a normal scan since a kernel (cfg80211) BSS cache flush 7561 * cannot be achieved through a vendor scan. The below condition may 7562 * need to be modified if new scan flags are added in the future whose 7563 * functionality can only be achieved through a normal scan. 7564 */ 7565 if (drv->scan_vendor_cmd_avail && !params->only_new_results) 7566 return wpa_driver_nl80211_vendor_scan(bss, params); 7567#endif /* CONFIG_DRIVER_NL80211_QCA */ 7568 return wpa_driver_nl80211_scan(bss, params); 7569} 7570 7571 7572static int driver_nl80211_deauthenticate(void *priv, const u8 *addr, 7573 int reason_code) 7574{ 7575 struct i802_bss *bss = priv; 7576 return wpa_driver_nl80211_deauthenticate(bss, addr, reason_code); 7577} 7578 7579 7580static int driver_nl80211_authenticate(void *priv, 7581 struct wpa_driver_auth_params *params) 7582{ 7583 struct i802_bss *bss = priv; 7584 return wpa_driver_nl80211_authenticate(bss, params); 7585} 7586 7587 7588static void driver_nl80211_deinit(void *priv) 7589{ 7590 struct i802_bss *bss = priv; 7591 wpa_driver_nl80211_deinit(bss); 7592} 7593 7594 7595static int driver_nl80211_if_remove(void *priv, enum wpa_driver_if_type type, 7596 const char *ifname) 7597{ 7598 struct i802_bss *bss = priv; 7599 return wpa_driver_nl80211_if_remove(bss, type, ifname); 7600} 7601 7602 7603static int driver_nl80211_send_mlme(void *priv, const u8 *data, 7604 size_t data_len, int noack, 7605 unsigned int freq, 7606 const u16 *csa_offs, size_t csa_offs_len) 7607{ 7608 struct i802_bss *bss = priv; 7609 return wpa_driver_nl80211_send_mlme(bss, data, data_len, noack, 7610 freq, 0, 0, 0, csa_offs, 7611 csa_offs_len); 7612} 7613 7614 7615static int driver_nl80211_sta_remove(void *priv, const u8 *addr) 7616{ 7617 struct i802_bss *bss = priv; 7618 return wpa_driver_nl80211_sta_remove(bss, addr, -1, 0); 7619} 7620 7621 7622static int driver_nl80211_set_sta_vlan(void *priv, const u8 *addr, 7623 const char *ifname, int vlan_id) 7624{ 7625 struct i802_bss *bss = priv; 7626 return i802_set_sta_vlan(bss, addr, ifname, vlan_id); 7627} 7628 7629 7630static int driver_nl80211_read_sta_data(void *priv, 7631 struct hostap_sta_driver_data *data, 7632 const u8 *addr) 7633{ 7634 struct i802_bss *bss = priv; 7635 return i802_read_sta_data(bss, data, addr); 7636} 7637 7638 7639static int driver_nl80211_send_action(void *priv, unsigned int freq, 7640 unsigned int wait_time, 7641 const u8 *dst, const u8 *src, 7642 const u8 *bssid, 7643 const u8 *data, size_t data_len, 7644 int no_cck) 7645{ 7646 struct i802_bss *bss = priv; 7647 return wpa_driver_nl80211_send_action(bss, freq, wait_time, dst, src, 7648 bssid, data, data_len, no_cck); 7649} 7650 7651 7652static int driver_nl80211_probe_req_report(void *priv, int report) 7653{ 7654 struct i802_bss *bss = priv; 7655 return wpa_driver_nl80211_probe_req_report(bss, report); 7656} 7657 7658 7659static int wpa_driver_nl80211_update_ft_ies(void *priv, const u8 *md, 7660 const u8 *ies, size_t ies_len) 7661{ 7662 int ret; 7663 struct nl_msg *msg; 7664 struct i802_bss *bss = priv; 7665 struct wpa_driver_nl80211_data *drv = bss->drv; 7666 u16 mdid = WPA_GET_LE16(md); 7667 7668 wpa_printf(MSG_DEBUG, "nl80211: Updating FT IEs"); 7669 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_UPDATE_FT_IES)) || 7670 nla_put(msg, NL80211_ATTR_IE, ies_len, ies) || 7671 nla_put_u16(msg, NL80211_ATTR_MDID, mdid)) { 7672 nlmsg_free(msg); 7673 return -ENOBUFS; 7674 } 7675 7676 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 7677 if (ret) { 7678 wpa_printf(MSG_DEBUG, "nl80211: update_ft_ies failed " 7679 "err=%d (%s)", ret, strerror(-ret)); 7680 } 7681 7682 return ret; 7683} 7684 7685 7686const u8 * wpa_driver_nl80211_get_macaddr(void *priv) 7687{ 7688 struct i802_bss *bss = priv; 7689 struct wpa_driver_nl80211_data *drv = bss->drv; 7690 7691 if (drv->nlmode != NL80211_IFTYPE_P2P_DEVICE) 7692 return NULL; 7693 7694 return bss->addr; 7695} 7696 7697 7698static const char * scan_state_str(enum scan_states scan_state) 7699{ 7700 switch (scan_state) { 7701 case NO_SCAN: 7702 return "NO_SCAN"; 7703 case SCAN_REQUESTED: 7704 return "SCAN_REQUESTED"; 7705 case SCAN_STARTED: 7706 return "SCAN_STARTED"; 7707 case SCAN_COMPLETED: 7708 return "SCAN_COMPLETED"; 7709 case SCAN_ABORTED: 7710 return "SCAN_ABORTED"; 7711 case SCHED_SCAN_STARTED: 7712 return "SCHED_SCAN_STARTED"; 7713 case SCHED_SCAN_STOPPED: 7714 return "SCHED_SCAN_STOPPED"; 7715 case SCHED_SCAN_RESULTS: 7716 return "SCHED_SCAN_RESULTS"; 7717 } 7718 7719 return "??"; 7720} 7721 7722 7723static int wpa_driver_nl80211_status(void *priv, char *buf, size_t buflen) 7724{ 7725 struct i802_bss *bss = priv; 7726 struct wpa_driver_nl80211_data *drv = bss->drv; 7727 int res; 7728 char *pos, *end; 7729 7730 pos = buf; 7731 end = buf + buflen; 7732 7733 res = os_snprintf(pos, end - pos, 7734 "ifindex=%d\n" 7735 "ifname=%s\n" 7736 "brname=%s\n" 7737 "addr=" MACSTR "\n" 7738 "freq=%d\n" 7739 "%s%s%s%s%s", 7740 bss->ifindex, 7741 bss->ifname, 7742 bss->brname, 7743 MAC2STR(bss->addr), 7744 bss->freq, 7745 bss->beacon_set ? "beacon_set=1\n" : "", 7746 bss->added_if_into_bridge ? 7747 "added_if_into_bridge=1\n" : "", 7748 bss->added_bridge ? "added_bridge=1\n" : "", 7749 bss->in_deinit ? "in_deinit=1\n" : "", 7750 bss->if_dynamic ? "if_dynamic=1\n" : ""); 7751 if (os_snprintf_error(end - pos, res)) 7752 return pos - buf; 7753 pos += res; 7754 7755 if (bss->wdev_id_set) { 7756 res = os_snprintf(pos, end - pos, "wdev_id=%llu\n", 7757 (unsigned long long) bss->wdev_id); 7758 if (os_snprintf_error(end - pos, res)) 7759 return pos - buf; 7760 pos += res; 7761 } 7762 7763 res = os_snprintf(pos, end - pos, 7764 "phyname=%s\n" 7765 "perm_addr=" MACSTR "\n" 7766 "drv_ifindex=%d\n" 7767 "operstate=%d\n" 7768 "scan_state=%s\n" 7769 "auth_bssid=" MACSTR "\n" 7770 "auth_attempt_bssid=" MACSTR "\n" 7771 "bssid=" MACSTR "\n" 7772 "prev_bssid=" MACSTR "\n" 7773 "associated=%d\n" 7774 "assoc_freq=%u\n" 7775 "monitor_sock=%d\n" 7776 "monitor_ifidx=%d\n" 7777 "monitor_refcount=%d\n" 7778 "last_mgmt_freq=%u\n" 7779 "eapol_tx_sock=%d\n" 7780 "%s%s%s%s%s%s%s%s%s%s%s%s%s", 7781 drv->phyname, 7782 MAC2STR(drv->perm_addr), 7783 drv->ifindex, 7784 drv->operstate, 7785 scan_state_str(drv->scan_state), 7786 MAC2STR(drv->auth_bssid), 7787 MAC2STR(drv->auth_attempt_bssid), 7788 MAC2STR(drv->bssid), 7789 MAC2STR(drv->prev_bssid), 7790 drv->associated, 7791 drv->assoc_freq, 7792 drv->monitor_sock, 7793 drv->monitor_ifidx, 7794 drv->monitor_refcount, 7795 drv->last_mgmt_freq, 7796 drv->eapol_tx_sock, 7797 drv->ignore_if_down_event ? 7798 "ignore_if_down_event=1\n" : "", 7799 drv->scan_complete_events ? 7800 "scan_complete_events=1\n" : "", 7801 drv->disabled_11b_rates ? 7802 "disabled_11b_rates=1\n" : "", 7803 drv->pending_remain_on_chan ? 7804 "pending_remain_on_chan=1\n" : "", 7805 drv->in_interface_list ? "in_interface_list=1\n" : "", 7806 drv->device_ap_sme ? "device_ap_sme=1\n" : "", 7807 drv->poll_command_supported ? 7808 "poll_command_supported=1\n" : "", 7809 drv->data_tx_status ? "data_tx_status=1\n" : "", 7810 drv->scan_for_auth ? "scan_for_auth=1\n" : "", 7811 drv->retry_auth ? "retry_auth=1\n" : "", 7812 drv->use_monitor ? "use_monitor=1\n" : "", 7813 drv->ignore_next_local_disconnect ? 7814 "ignore_next_local_disconnect=1\n" : "", 7815 drv->ignore_next_local_deauth ? 7816 "ignore_next_local_deauth=1\n" : ""); 7817 if (os_snprintf_error(end - pos, res)) 7818 return pos - buf; 7819 pos += res; 7820 7821 if (drv->has_capability) { 7822 res = os_snprintf(pos, end - pos, 7823 "capa.key_mgmt=0x%x\n" 7824 "capa.enc=0x%x\n" 7825 "capa.auth=0x%x\n" 7826 "capa.flags=0x%llx\n" 7827 "capa.rrm_flags=0x%x\n" 7828 "capa.max_scan_ssids=%d\n" 7829 "capa.max_sched_scan_ssids=%d\n" 7830 "capa.sched_scan_supported=%d\n" 7831 "capa.max_match_sets=%d\n" 7832 "capa.max_remain_on_chan=%u\n" 7833 "capa.max_stations=%u\n" 7834 "capa.probe_resp_offloads=0x%x\n" 7835 "capa.max_acl_mac_addrs=%u\n" 7836 "capa.num_multichan_concurrent=%u\n" 7837 "capa.mac_addr_rand_sched_scan_supported=%d\n" 7838 "capa.mac_addr_rand_scan_supported=%d\n" 7839 "capa.conc_capab=%u\n" 7840 "capa.max_conc_chan_2_4=%u\n" 7841 "capa.max_conc_chan_5_0=%u\n" 7842 "capa.max_sched_scan_plans=%u\n" 7843 "capa.max_sched_scan_plan_interval=%u\n" 7844 "capa.max_sched_scan_plan_iterations=%u\n", 7845 drv->capa.key_mgmt, 7846 drv->capa.enc, 7847 drv->capa.auth, 7848 (unsigned long long) drv->capa.flags, 7849 drv->capa.rrm_flags, 7850 drv->capa.max_scan_ssids, 7851 drv->capa.max_sched_scan_ssids, 7852 drv->capa.sched_scan_supported, 7853 drv->capa.max_match_sets, 7854 drv->capa.max_remain_on_chan, 7855 drv->capa.max_stations, 7856 drv->capa.probe_resp_offloads, 7857 drv->capa.max_acl_mac_addrs, 7858 drv->capa.num_multichan_concurrent, 7859 drv->capa.mac_addr_rand_sched_scan_supported, 7860 drv->capa.mac_addr_rand_scan_supported, 7861 drv->capa.conc_capab, 7862 drv->capa.max_conc_chan_2_4, 7863 drv->capa.max_conc_chan_5_0, 7864 drv->capa.max_sched_scan_plans, 7865 drv->capa.max_sched_scan_plan_interval, 7866 drv->capa.max_sched_scan_plan_iterations); 7867 if (os_snprintf_error(end - pos, res)) 7868 return pos - buf; 7869 pos += res; 7870 } 7871 7872 return pos - buf; 7873} 7874 7875 7876static int set_beacon_data(struct nl_msg *msg, struct beacon_data *settings) 7877{ 7878 if ((settings->head && 7879 nla_put(msg, NL80211_ATTR_BEACON_HEAD, 7880 settings->head_len, settings->head)) || 7881 (settings->tail && 7882 nla_put(msg, NL80211_ATTR_BEACON_TAIL, 7883 settings->tail_len, settings->tail)) || 7884 (settings->beacon_ies && 7885 nla_put(msg, NL80211_ATTR_IE, 7886 settings->beacon_ies_len, settings->beacon_ies)) || 7887 (settings->proberesp_ies && 7888 nla_put(msg, NL80211_ATTR_IE_PROBE_RESP, 7889 settings->proberesp_ies_len, settings->proberesp_ies)) || 7890 (settings->assocresp_ies && 7891 nla_put(msg, NL80211_ATTR_IE_ASSOC_RESP, 7892 settings->assocresp_ies_len, settings->assocresp_ies)) || 7893 (settings->probe_resp && 7894 nla_put(msg, NL80211_ATTR_PROBE_RESP, 7895 settings->probe_resp_len, settings->probe_resp))) 7896 return -ENOBUFS; 7897 7898 return 0; 7899} 7900 7901 7902static int nl80211_switch_channel(void *priv, struct csa_settings *settings) 7903{ 7904 struct nl_msg *msg; 7905 struct i802_bss *bss = priv; 7906 struct wpa_driver_nl80211_data *drv = bss->drv; 7907 struct nlattr *beacon_csa; 7908 int ret = -ENOBUFS; 7909 int csa_off_len = 0; 7910 int i; 7911 7912 wpa_printf(MSG_DEBUG, "nl80211: Channel switch request (cs_count=%u block_tx=%u freq=%d width=%d cf1=%d cf2=%d)", 7913 settings->cs_count, settings->block_tx, 7914 settings->freq_params.freq, settings->freq_params.bandwidth, 7915 settings->freq_params.center_freq1, 7916 settings->freq_params.center_freq2); 7917 7918 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_AP_CSA)) { 7919 wpa_printf(MSG_DEBUG, "nl80211: Driver does not support channel switch command"); 7920 return -EOPNOTSUPP; 7921 } 7922 7923 if ((drv->nlmode != NL80211_IFTYPE_AP) && 7924 (drv->nlmode != NL80211_IFTYPE_P2P_GO)) 7925 return -EOPNOTSUPP; 7926 7927 /* 7928 * Remove empty counters, assuming Probe Response and Beacon frame 7929 * counters match. This implementation assumes that there are only two 7930 * counters. 7931 */ 7932 if (settings->counter_offset_beacon[0] && 7933 !settings->counter_offset_beacon[1]) { 7934 csa_off_len = 1; 7935 } else if (settings->counter_offset_beacon[1] && 7936 !settings->counter_offset_beacon[0]) { 7937 csa_off_len = 1; 7938 settings->counter_offset_beacon[0] = 7939 settings->counter_offset_beacon[1]; 7940 settings->counter_offset_presp[0] = 7941 settings->counter_offset_presp[1]; 7942 } else if (settings->counter_offset_beacon[1] && 7943 settings->counter_offset_beacon[0]) { 7944 csa_off_len = 2; 7945 } else { 7946 wpa_printf(MSG_ERROR, "nl80211: No CSA counters provided"); 7947 return -EINVAL; 7948 } 7949 7950 /* Check CSA counters validity */ 7951 if (drv->capa.max_csa_counters && 7952 csa_off_len > drv->capa.max_csa_counters) { 7953 wpa_printf(MSG_ERROR, 7954 "nl80211: Too many CSA counters provided"); 7955 return -EINVAL; 7956 } 7957 7958 if (!settings->beacon_csa.tail) 7959 return -EINVAL; 7960 7961 for (i = 0; i < csa_off_len; i++) { 7962 u16 csa_c_off_bcn = settings->counter_offset_beacon[i]; 7963 u16 csa_c_off_presp = settings->counter_offset_presp[i]; 7964 7965 if ((settings->beacon_csa.tail_len <= csa_c_off_bcn) || 7966 (settings->beacon_csa.tail[csa_c_off_bcn] != 7967 settings->cs_count)) 7968 return -EINVAL; 7969 7970 if (settings->beacon_csa.probe_resp && 7971 ((settings->beacon_csa.probe_resp_len <= 7972 csa_c_off_presp) || 7973 (settings->beacon_csa.probe_resp[csa_c_off_presp] != 7974 settings->cs_count))) 7975 return -EINVAL; 7976 } 7977 7978 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_CHANNEL_SWITCH)) || 7979 nla_put_u32(msg, NL80211_ATTR_CH_SWITCH_COUNT, 7980 settings->cs_count) || 7981 (ret = nl80211_put_freq_params(msg, &settings->freq_params)) || 7982 (settings->block_tx && 7983 nla_put_flag(msg, NL80211_ATTR_CH_SWITCH_BLOCK_TX))) 7984 goto error; 7985 7986 /* beacon_after params */ 7987 ret = set_beacon_data(msg, &settings->beacon_after); 7988 if (ret) 7989 goto error; 7990 7991 /* beacon_csa params */ 7992 beacon_csa = nla_nest_start(msg, NL80211_ATTR_CSA_IES); 7993 if (!beacon_csa) 7994 goto fail; 7995 7996 ret = set_beacon_data(msg, &settings->beacon_csa); 7997 if (ret) 7998 goto error; 7999 8000 if (nla_put(msg, NL80211_ATTR_CSA_C_OFF_BEACON, 8001 csa_off_len * sizeof(u16), 8002 settings->counter_offset_beacon) || 8003 (settings->beacon_csa.probe_resp && 8004 nla_put(msg, NL80211_ATTR_CSA_C_OFF_PRESP, 8005 csa_off_len * sizeof(u16), 8006 settings->counter_offset_presp))) 8007 goto fail; 8008 8009 nla_nest_end(msg, beacon_csa); 8010 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 8011 if (ret) { 8012 wpa_printf(MSG_DEBUG, "nl80211: switch_channel failed err=%d (%s)", 8013 ret, strerror(-ret)); 8014 } 8015 return ret; 8016 8017fail: 8018 ret = -ENOBUFS; 8019error: 8020 nlmsg_free(msg); 8021 wpa_printf(MSG_DEBUG, "nl80211: Could not build channel switch request"); 8022 return ret; 8023} 8024 8025 8026static int nl80211_add_ts(void *priv, u8 tsid, const u8 *addr, 8027 u8 user_priority, u16 admitted_time) 8028{ 8029 struct i802_bss *bss = priv; 8030 struct wpa_driver_nl80211_data *drv = bss->drv; 8031 struct nl_msg *msg; 8032 int ret; 8033 8034 wpa_printf(MSG_DEBUG, 8035 "nl80211: add_ts request: tsid=%u admitted_time=%u up=%d", 8036 tsid, admitted_time, user_priority); 8037 8038 if (!is_sta_interface(drv->nlmode)) 8039 return -ENOTSUP; 8040 8041 msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_ADD_TX_TS); 8042 if (!msg || 8043 nla_put_u8(msg, NL80211_ATTR_TSID, tsid) || 8044 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr) || 8045 nla_put_u8(msg, NL80211_ATTR_USER_PRIO, user_priority) || 8046 nla_put_u16(msg, NL80211_ATTR_ADMITTED_TIME, admitted_time)) { 8047 nlmsg_free(msg); 8048 return -ENOBUFS; 8049 } 8050 8051 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 8052 if (ret) 8053 wpa_printf(MSG_DEBUG, "nl80211: add_ts failed err=%d (%s)", 8054 ret, strerror(-ret)); 8055 return ret; 8056} 8057 8058 8059static int nl80211_del_ts(void *priv, u8 tsid, const u8 *addr) 8060{ 8061 struct i802_bss *bss = priv; 8062 struct wpa_driver_nl80211_data *drv = bss->drv; 8063 struct nl_msg *msg; 8064 int ret; 8065 8066 wpa_printf(MSG_DEBUG, "nl80211: del_ts request: tsid=%u", tsid); 8067 8068 if (!is_sta_interface(drv->nlmode)) 8069 return -ENOTSUP; 8070 8071 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_DEL_TX_TS)) || 8072 nla_put_u8(msg, NL80211_ATTR_TSID, tsid) || 8073 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) { 8074 nlmsg_free(msg); 8075 return -ENOBUFS; 8076 } 8077 8078 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 8079 if (ret) 8080 wpa_printf(MSG_DEBUG, "nl80211: del_ts failed err=%d (%s)", 8081 ret, strerror(-ret)); 8082 return ret; 8083} 8084 8085 8086#ifdef CONFIG_TESTING_OPTIONS 8087static int cmd_reply_handler(struct nl_msg *msg, void *arg) 8088{ 8089 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); 8090 struct wpabuf *buf = arg; 8091 8092 if (!buf) 8093 return NL_SKIP; 8094 8095 if ((size_t) genlmsg_attrlen(gnlh, 0) > wpabuf_tailroom(buf)) { 8096 wpa_printf(MSG_INFO, "nl80211: insufficient buffer space for reply"); 8097 return NL_SKIP; 8098 } 8099 8100 wpabuf_put_data(buf, genlmsg_attrdata(gnlh, 0), 8101 genlmsg_attrlen(gnlh, 0)); 8102 8103 return NL_SKIP; 8104} 8105#endif /* CONFIG_TESTING_OPTIONS */ 8106 8107 8108static int vendor_reply_handler(struct nl_msg *msg, void *arg) 8109{ 8110 struct nlattr *tb[NL80211_ATTR_MAX + 1]; 8111 struct nlattr *nl_vendor_reply, *nl; 8112 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); 8113 struct wpabuf *buf = arg; 8114 int rem; 8115 8116 if (!buf) 8117 return NL_SKIP; 8118 8119 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), 8120 genlmsg_attrlen(gnlh, 0), NULL); 8121 nl_vendor_reply = tb[NL80211_ATTR_VENDOR_DATA]; 8122 8123 if (!nl_vendor_reply) 8124 return NL_SKIP; 8125 8126 if ((size_t) nla_len(nl_vendor_reply) > wpabuf_tailroom(buf)) { 8127 wpa_printf(MSG_INFO, "nl80211: Vendor command: insufficient buffer space for reply"); 8128 return NL_SKIP; 8129 } 8130 8131 nla_for_each_nested(nl, nl_vendor_reply, rem) { 8132 wpabuf_put_data(buf, nla_data(nl), nla_len(nl)); 8133 } 8134 8135 return NL_SKIP; 8136} 8137 8138 8139static int nl80211_vendor_cmd(void *priv, unsigned int vendor_id, 8140 unsigned int subcmd, const u8 *data, 8141 size_t data_len, struct wpabuf *buf) 8142{ 8143 struct i802_bss *bss = priv; 8144 struct wpa_driver_nl80211_data *drv = bss->drv; 8145 struct nl_msg *msg; 8146 int ret; 8147 8148#ifdef CONFIG_TESTING_OPTIONS 8149 if (vendor_id == 0xffffffff) { 8150 msg = nlmsg_alloc(); 8151 if (!msg) 8152 return -ENOMEM; 8153 8154 nl80211_cmd(drv, msg, 0, subcmd); 8155 if (nlmsg_append(msg, (void *) data, data_len, NLMSG_ALIGNTO) < 8156 0) 8157 goto fail; 8158 ret = send_and_recv_msgs(drv, msg, cmd_reply_handler, buf); 8159 if (ret) 8160 wpa_printf(MSG_DEBUG, "nl80211: command failed err=%d", 8161 ret); 8162 return ret; 8163 } 8164#endif /* CONFIG_TESTING_OPTIONS */ 8165 8166 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_VENDOR)) || 8167 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, vendor_id) || 8168 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD, subcmd) || 8169 (data && 8170 nla_put(msg, NL80211_ATTR_VENDOR_DATA, data_len, data))) 8171 goto fail; 8172 8173 ret = send_and_recv_msgs(drv, msg, vendor_reply_handler, buf); 8174 if (ret) 8175 wpa_printf(MSG_DEBUG, "nl80211: vendor command failed err=%d", 8176 ret); 8177 return ret; 8178 8179fail: 8180 nlmsg_free(msg); 8181 return -ENOBUFS; 8182} 8183 8184 8185static int nl80211_set_qos_map(void *priv, const u8 *qos_map_set, 8186 u8 qos_map_set_len) 8187{ 8188 struct i802_bss *bss = priv; 8189 struct wpa_driver_nl80211_data *drv = bss->drv; 8190 struct nl_msg *msg; 8191 int ret; 8192 8193 wpa_hexdump(MSG_DEBUG, "nl80211: Setting QoS Map", 8194 qos_map_set, qos_map_set_len); 8195 8196 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_SET_QOS_MAP)) || 8197 nla_put(msg, NL80211_ATTR_QOS_MAP, qos_map_set_len, qos_map_set)) { 8198 nlmsg_free(msg); 8199 return -ENOBUFS; 8200 } 8201 8202 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 8203 if (ret) 8204 wpa_printf(MSG_DEBUG, "nl80211: Setting QoS Map failed"); 8205 8206 return ret; 8207} 8208 8209 8210static int nl80211_set_wowlan(void *priv, 8211 const struct wowlan_triggers *triggers) 8212{ 8213 struct i802_bss *bss = priv; 8214 struct wpa_driver_nl80211_data *drv = bss->drv; 8215 struct nl_msg *msg; 8216 struct nlattr *wowlan_triggers; 8217 int ret; 8218 8219 wpa_printf(MSG_DEBUG, "nl80211: Setting wowlan"); 8220 8221 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_SET_WOWLAN)) || 8222 !(wowlan_triggers = nla_nest_start(msg, 8223 NL80211_ATTR_WOWLAN_TRIGGERS)) || 8224 (triggers->any && 8225 nla_put_flag(msg, NL80211_WOWLAN_TRIG_ANY)) || 8226 (triggers->disconnect && 8227 nla_put_flag(msg, NL80211_WOWLAN_TRIG_DISCONNECT)) || 8228 (triggers->magic_pkt && 8229 nla_put_flag(msg, NL80211_WOWLAN_TRIG_MAGIC_PKT)) || 8230 (triggers->gtk_rekey_failure && 8231 nla_put_flag(msg, NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE)) || 8232 (triggers->eap_identity_req && 8233 nla_put_flag(msg, NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST)) || 8234 (triggers->four_way_handshake && 8235 nla_put_flag(msg, NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE)) || 8236 (triggers->rfkill_release && 8237 nla_put_flag(msg, NL80211_WOWLAN_TRIG_RFKILL_RELEASE))) { 8238 nlmsg_free(msg); 8239 return -ENOBUFS; 8240 } 8241 8242 nla_nest_end(msg, wowlan_triggers); 8243 8244 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 8245 if (ret) 8246 wpa_printf(MSG_DEBUG, "nl80211: Setting wowlan failed"); 8247 8248 return ret; 8249} 8250 8251 8252#ifdef CONFIG_DRIVER_NL80211_QCA 8253static int nl80211_roaming(void *priv, int allowed, const u8 *bssid) 8254{ 8255 struct i802_bss *bss = priv; 8256 struct wpa_driver_nl80211_data *drv = bss->drv; 8257 struct nl_msg *msg; 8258 struct nlattr *params; 8259 8260 wpa_printf(MSG_DEBUG, "nl80211: Roaming policy: allowed=%d", allowed); 8261 8262 if (!drv->roaming_vendor_cmd_avail) { 8263 wpa_printf(MSG_DEBUG, 8264 "nl80211: Ignore roaming policy change since driver does not provide command for setting it"); 8265 return -1; 8266 } 8267 8268 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) || 8269 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) || 8270 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD, 8271 QCA_NL80211_VENDOR_SUBCMD_ROAMING) || 8272 !(params = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) || 8273 nla_put_u32(msg, QCA_WLAN_VENDOR_ATTR_ROAMING_POLICY, 8274 allowed ? QCA_ROAMING_ALLOWED_WITHIN_ESS : 8275 QCA_ROAMING_NOT_ALLOWED) || 8276 (bssid && 8277 nla_put(msg, QCA_WLAN_VENDOR_ATTR_MAC_ADDR, ETH_ALEN, bssid))) { 8278 nlmsg_free(msg); 8279 return -1; 8280 } 8281 nla_nest_end(msg, params); 8282 8283 return send_and_recv_msgs(drv, msg, NULL, NULL); 8284} 8285#endif /* CONFIG_DRIVER_NL80211_QCA */ 8286 8287 8288static int nl80211_set_mac_addr(void *priv, const u8 *addr) 8289{ 8290 struct i802_bss *bss = priv; 8291 struct wpa_driver_nl80211_data *drv = bss->drv; 8292 int new_addr = addr != NULL; 8293 8294 if (!addr) 8295 addr = drv->perm_addr; 8296 8297 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 0) < 0) 8298 return -1; 8299 8300 if (linux_set_ifhwaddr(drv->global->ioctl_sock, bss->ifname, addr) < 0) 8301 { 8302 wpa_printf(MSG_DEBUG, 8303 "nl80211: failed to set_mac_addr for %s to " MACSTR, 8304 bss->ifname, MAC2STR(addr)); 8305 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 8306 1) < 0) { 8307 wpa_printf(MSG_DEBUG, 8308 "nl80211: Could not restore interface UP after failed set_mac_addr"); 8309 } 8310 return -1; 8311 } 8312 8313 wpa_printf(MSG_DEBUG, "nl80211: set_mac_addr for %s to " MACSTR, 8314 bss->ifname, MAC2STR(addr)); 8315 drv->addr_changed = new_addr; 8316 os_memcpy(bss->addr, addr, ETH_ALEN); 8317 8318 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 1) < 0) 8319 { 8320 wpa_printf(MSG_DEBUG, 8321 "nl80211: Could not restore interface UP after set_mac_addr"); 8322 } 8323 8324 return 0; 8325} 8326 8327 8328#ifdef CONFIG_MESH 8329 8330static int wpa_driver_nl80211_init_mesh(void *priv) 8331{ 8332 if (wpa_driver_nl80211_set_mode(priv, NL80211_IFTYPE_MESH_POINT)) { 8333 wpa_printf(MSG_INFO, 8334 "nl80211: Failed to set interface into mesh mode"); 8335 return -1; 8336 } 8337 return 0; 8338} 8339 8340 8341static int nl80211_put_mesh_id(struct nl_msg *msg, const u8 *mesh_id, 8342 size_t mesh_id_len) 8343{ 8344 if (mesh_id) { 8345 wpa_hexdump_ascii(MSG_DEBUG, " * Mesh ID (SSID)", 8346 mesh_id, mesh_id_len); 8347 return nla_put(msg, NL80211_ATTR_MESH_ID, mesh_id_len, mesh_id); 8348 } 8349 8350 return 0; 8351} 8352 8353 8354static int nl80211_join_mesh(struct i802_bss *bss, 8355 struct wpa_driver_mesh_join_params *params) 8356{ 8357 struct wpa_driver_nl80211_data *drv = bss->drv; 8358 struct nl_msg *msg; 8359 struct nlattr *container; 8360 int ret = -1; 8361 8362 wpa_printf(MSG_DEBUG, "nl80211: mesh join (ifindex=%d)", drv->ifindex); 8363 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_JOIN_MESH); 8364 if (!msg || 8365 nl80211_put_freq_params(msg, ¶ms->freq) || 8366 nl80211_put_basic_rates(msg, params->basic_rates) || 8367 nl80211_put_mesh_id(msg, params->meshid, params->meshid_len) || 8368 nl80211_put_beacon_int(msg, params->beacon_int)) 8369 goto fail; 8370 8371 wpa_printf(MSG_DEBUG, " * flags=%08X", params->flags); 8372 8373 container = nla_nest_start(msg, NL80211_ATTR_MESH_SETUP); 8374 if (!container) 8375 goto fail; 8376 8377 if (params->ies) { 8378 wpa_hexdump(MSG_DEBUG, " * IEs", params->ies, params->ie_len); 8379 if (nla_put(msg, NL80211_MESH_SETUP_IE, params->ie_len, 8380 params->ies)) 8381 goto fail; 8382 } 8383 /* WPA_DRIVER_MESH_FLAG_OPEN_AUTH is treated as default by nl80211 */ 8384 if (params->flags & WPA_DRIVER_MESH_FLAG_SAE_AUTH) { 8385 if (nla_put_u8(msg, NL80211_MESH_SETUP_AUTH_PROTOCOL, 0x1) || 8386 nla_put_flag(msg, NL80211_MESH_SETUP_USERSPACE_AUTH)) 8387 goto fail; 8388 } 8389 if ((params->flags & WPA_DRIVER_MESH_FLAG_AMPE) && 8390 nla_put_flag(msg, NL80211_MESH_SETUP_USERSPACE_AMPE)) 8391 goto fail; 8392 if ((params->flags & WPA_DRIVER_MESH_FLAG_USER_MPM) && 8393 nla_put_flag(msg, NL80211_MESH_SETUP_USERSPACE_MPM)) 8394 goto fail; 8395 nla_nest_end(msg, container); 8396 8397 container = nla_nest_start(msg, NL80211_ATTR_MESH_CONFIG); 8398 if (!container) 8399 goto fail; 8400 8401 if (!(params->conf.flags & WPA_DRIVER_MESH_CONF_FLAG_AUTO_PLINKS) && 8402 nla_put_u32(msg, NL80211_MESHCONF_AUTO_OPEN_PLINKS, 0)) 8403 goto fail; 8404 if ((params->conf.flags & WPA_DRIVER_MESH_FLAG_DRIVER_MPM) && 8405 nla_put_u16(msg, NL80211_MESHCONF_MAX_PEER_LINKS, 8406 params->max_peer_links)) 8407 goto fail; 8408 8409 /* 8410 * Set NL80211_MESHCONF_PLINK_TIMEOUT even if user mpm is used because 8411 * the timer could disconnect stations even in that case. 8412 */ 8413 if (nla_put_u32(msg, NL80211_MESHCONF_PLINK_TIMEOUT, 8414 params->conf.peer_link_timeout)) { 8415 wpa_printf(MSG_ERROR, "nl80211: Failed to set PLINK_TIMEOUT"); 8416 goto fail; 8417 } 8418 8419 nla_nest_end(msg, container); 8420 8421 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 8422 msg = NULL; 8423 if (ret) { 8424 wpa_printf(MSG_DEBUG, "nl80211: mesh join failed: ret=%d (%s)", 8425 ret, strerror(-ret)); 8426 goto fail; 8427 } 8428 ret = 0; 8429 bss->freq = params->freq.freq; 8430 wpa_printf(MSG_DEBUG, "nl80211: mesh join request send successfully"); 8431 8432fail: 8433 nlmsg_free(msg); 8434 return ret; 8435} 8436 8437 8438static int 8439wpa_driver_nl80211_join_mesh(void *priv, 8440 struct wpa_driver_mesh_join_params *params) 8441{ 8442 struct i802_bss *bss = priv; 8443 int ret, timeout; 8444 8445 timeout = params->conf.peer_link_timeout; 8446 8447 /* Disable kernel inactivity timer */ 8448 if (params->flags & WPA_DRIVER_MESH_FLAG_USER_MPM) 8449 params->conf.peer_link_timeout = 0; 8450 8451 ret = nl80211_join_mesh(bss, params); 8452 if (ret == -EINVAL && params->conf.peer_link_timeout == 0) { 8453 wpa_printf(MSG_DEBUG, 8454 "nl80211: Mesh join retry for peer_link_timeout"); 8455 /* 8456 * Old kernel does not support setting 8457 * NL80211_MESHCONF_PLINK_TIMEOUT to zero, so set 60 seconds 8458 * into future from peer_link_timeout. 8459 */ 8460 params->conf.peer_link_timeout = timeout + 60; 8461 ret = nl80211_join_mesh(priv, params); 8462 } 8463 8464 params->conf.peer_link_timeout = timeout; 8465 return ret; 8466} 8467 8468 8469static int wpa_driver_nl80211_leave_mesh(void *priv) 8470{ 8471 struct i802_bss *bss = priv; 8472 struct wpa_driver_nl80211_data *drv = bss->drv; 8473 struct nl_msg *msg; 8474 int ret; 8475 8476 wpa_printf(MSG_DEBUG, "nl80211: mesh leave (ifindex=%d)", drv->ifindex); 8477 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_LEAVE_MESH); 8478 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 8479 if (ret) { 8480 wpa_printf(MSG_DEBUG, "nl80211: mesh leave failed: ret=%d (%s)", 8481 ret, strerror(-ret)); 8482 } else { 8483 wpa_printf(MSG_DEBUG, 8484 "nl80211: mesh leave request send successfully"); 8485 } 8486 8487 if (wpa_driver_nl80211_set_mode(drv->first_bss, 8488 NL80211_IFTYPE_STATION)) { 8489 wpa_printf(MSG_INFO, 8490 "nl80211: Failed to set interface into station mode"); 8491 } 8492 return ret; 8493} 8494 8495#endif /* CONFIG_MESH */ 8496 8497 8498static int wpa_driver_br_add_ip_neigh(void *priv, u8 version, 8499 const u8 *ipaddr, int prefixlen, 8500 const u8 *addr) 8501{ 8502#ifdef CONFIG_LIBNL3_ROUTE 8503 struct i802_bss *bss = priv; 8504 struct wpa_driver_nl80211_data *drv = bss->drv; 8505 struct rtnl_neigh *rn; 8506 struct nl_addr *nl_ipaddr = NULL; 8507 struct nl_addr *nl_lladdr = NULL; 8508 int family, addrsize; 8509 int res; 8510 8511 if (!ipaddr || prefixlen == 0 || !addr) 8512 return -EINVAL; 8513 8514 if (bss->br_ifindex == 0) { 8515 wpa_printf(MSG_DEBUG, 8516 "nl80211: bridge must be set before adding an ip neigh to it"); 8517 return -1; 8518 } 8519 8520 if (!drv->rtnl_sk) { 8521 wpa_printf(MSG_DEBUG, 8522 "nl80211: nl_sock for NETLINK_ROUTE is not initialized"); 8523 return -1; 8524 } 8525 8526 if (version == 4) { 8527 family = AF_INET; 8528 addrsize = 4; 8529 } else if (version == 6) { 8530 family = AF_INET6; 8531 addrsize = 16; 8532 } else { 8533 return -EINVAL; 8534 } 8535 8536 rn = rtnl_neigh_alloc(); 8537 if (rn == NULL) 8538 return -ENOMEM; 8539 8540 /* set the destination ip address for neigh */ 8541 nl_ipaddr = nl_addr_build(family, (void *) ipaddr, addrsize); 8542 if (nl_ipaddr == NULL) { 8543 wpa_printf(MSG_DEBUG, "nl80211: nl_ipaddr build failed"); 8544 res = -ENOMEM; 8545 goto errout; 8546 } 8547 nl_addr_set_prefixlen(nl_ipaddr, prefixlen); 8548 res = rtnl_neigh_set_dst(rn, nl_ipaddr); 8549 if (res) { 8550 wpa_printf(MSG_DEBUG, 8551 "nl80211: neigh set destination addr failed"); 8552 goto errout; 8553 } 8554 8555 /* set the corresponding lladdr for neigh */ 8556 nl_lladdr = nl_addr_build(AF_BRIDGE, (u8 *) addr, ETH_ALEN); 8557 if (nl_lladdr == NULL) { 8558 wpa_printf(MSG_DEBUG, "nl80211: neigh set lladdr failed"); 8559 res = -ENOMEM; 8560 goto errout; 8561 } 8562 rtnl_neigh_set_lladdr(rn, nl_lladdr); 8563 8564 rtnl_neigh_set_ifindex(rn, bss->br_ifindex); 8565 rtnl_neigh_set_state(rn, NUD_PERMANENT); 8566 8567 res = rtnl_neigh_add(drv->rtnl_sk, rn, NLM_F_CREATE); 8568 if (res) { 8569 wpa_printf(MSG_DEBUG, 8570 "nl80211: Adding bridge ip neigh failed: %s", 8571 strerror(errno)); 8572 } 8573errout: 8574 if (nl_lladdr) 8575 nl_addr_put(nl_lladdr); 8576 if (nl_ipaddr) 8577 nl_addr_put(nl_ipaddr); 8578 if (rn) 8579 rtnl_neigh_put(rn); 8580 return res; 8581#else /* CONFIG_LIBNL3_ROUTE */ 8582 return -1; 8583#endif /* CONFIG_LIBNL3_ROUTE */ 8584} 8585 8586 8587static int wpa_driver_br_delete_ip_neigh(void *priv, u8 version, 8588 const u8 *ipaddr) 8589{ 8590#ifdef CONFIG_LIBNL3_ROUTE 8591 struct i802_bss *bss = priv; 8592 struct wpa_driver_nl80211_data *drv = bss->drv; 8593 struct rtnl_neigh *rn; 8594 struct nl_addr *nl_ipaddr; 8595 int family, addrsize; 8596 int res; 8597 8598 if (!ipaddr) 8599 return -EINVAL; 8600 8601 if (version == 4) { 8602 family = AF_INET; 8603 addrsize = 4; 8604 } else if (version == 6) { 8605 family = AF_INET6; 8606 addrsize = 16; 8607 } else { 8608 return -EINVAL; 8609 } 8610 8611 if (bss->br_ifindex == 0) { 8612 wpa_printf(MSG_DEBUG, 8613 "nl80211: bridge must be set to delete an ip neigh"); 8614 return -1; 8615 } 8616 8617 if (!drv->rtnl_sk) { 8618 wpa_printf(MSG_DEBUG, 8619 "nl80211: nl_sock for NETLINK_ROUTE is not initialized"); 8620 return -1; 8621 } 8622 8623 rn = rtnl_neigh_alloc(); 8624 if (rn == NULL) 8625 return -ENOMEM; 8626 8627 /* set the destination ip address for neigh */ 8628 nl_ipaddr = nl_addr_build(family, (void *) ipaddr, addrsize); 8629 if (nl_ipaddr == NULL) { 8630 wpa_printf(MSG_DEBUG, "nl80211: nl_ipaddr build failed"); 8631 res = -ENOMEM; 8632 goto errout; 8633 } 8634 res = rtnl_neigh_set_dst(rn, nl_ipaddr); 8635 if (res) { 8636 wpa_printf(MSG_DEBUG, 8637 "nl80211: neigh set destination addr failed"); 8638 goto errout; 8639 } 8640 8641 rtnl_neigh_set_ifindex(rn, bss->br_ifindex); 8642 8643 res = rtnl_neigh_delete(drv->rtnl_sk, rn, 0); 8644 if (res) { 8645 wpa_printf(MSG_DEBUG, 8646 "nl80211: Deleting bridge ip neigh failed: %s", 8647 strerror(errno)); 8648 } 8649errout: 8650 if (nl_ipaddr) 8651 nl_addr_put(nl_ipaddr); 8652 if (rn) 8653 rtnl_neigh_put(rn); 8654 return res; 8655#else /* CONFIG_LIBNL3_ROUTE */ 8656 return -1; 8657#endif /* CONFIG_LIBNL3_ROUTE */ 8658} 8659 8660 8661static int linux_write_system_file(const char *path, unsigned int val) 8662{ 8663 char buf[50]; 8664 int fd, len; 8665 8666 len = os_snprintf(buf, sizeof(buf), "%u\n", val); 8667 if (os_snprintf_error(sizeof(buf), len)) 8668 return -1; 8669 8670 fd = open(path, O_WRONLY); 8671 if (fd < 0) 8672 return -1; 8673 8674 if (write(fd, buf, len) < 0) { 8675 wpa_printf(MSG_DEBUG, 8676 "nl80211: Failed to write Linux system file: %s with the value of %d", 8677 path, val); 8678 close(fd); 8679 return -1; 8680 } 8681 close(fd); 8682 8683 return 0; 8684} 8685 8686 8687static const char * drv_br_port_attr_str(enum drv_br_port_attr attr) 8688{ 8689 switch (attr) { 8690 case DRV_BR_PORT_ATTR_PROXYARP: 8691 return "proxyarp_wifi"; 8692 case DRV_BR_PORT_ATTR_HAIRPIN_MODE: 8693 return "hairpin_mode"; 8694 } 8695 8696 return NULL; 8697} 8698 8699 8700static int wpa_driver_br_port_set_attr(void *priv, enum drv_br_port_attr attr, 8701 unsigned int val) 8702{ 8703 struct i802_bss *bss = priv; 8704 char path[128]; 8705 const char *attr_txt; 8706 8707 attr_txt = drv_br_port_attr_str(attr); 8708 if (attr_txt == NULL) 8709 return -EINVAL; 8710 8711 os_snprintf(path, sizeof(path), "/sys/class/net/%s/brport/%s", 8712 bss->ifname, attr_txt); 8713 8714 if (linux_write_system_file(path, val)) 8715 return -1; 8716 8717 return 0; 8718} 8719 8720 8721static const char * drv_br_net_param_str(enum drv_br_net_param param) 8722{ 8723 switch (param) { 8724 case DRV_BR_NET_PARAM_GARP_ACCEPT: 8725 return "arp_accept"; 8726 default: 8727 return NULL; 8728 } 8729} 8730 8731 8732static int wpa_driver_br_set_net_param(void *priv, enum drv_br_net_param param, 8733 unsigned int val) 8734{ 8735 struct i802_bss *bss = priv; 8736 char path[128]; 8737 const char *param_txt; 8738 int ip_version = 4; 8739 8740 if (param == DRV_BR_MULTICAST_SNOOPING) { 8741 os_snprintf(path, sizeof(path), 8742 "/sys/devices/virtual/net/%s/bridge/multicast_snooping", 8743 bss->brname); 8744 goto set_val; 8745 } 8746 8747 param_txt = drv_br_net_param_str(param); 8748 if (param_txt == NULL) 8749 return -EINVAL; 8750 8751 switch (param) { 8752 case DRV_BR_NET_PARAM_GARP_ACCEPT: 8753 ip_version = 4; 8754 break; 8755 default: 8756 return -EINVAL; 8757 } 8758 8759 os_snprintf(path, sizeof(path), "/proc/sys/net/ipv%d/conf/%s/%s", 8760 ip_version, bss->brname, param_txt); 8761 8762set_val: 8763 if (linux_write_system_file(path, val)) 8764 return -1; 8765 8766 return 0; 8767} 8768 8769 8770#ifdef CONFIG_DRIVER_NL80211_QCA 8771 8772static int hw_mode_to_qca_acs(enum hostapd_hw_mode hw_mode) 8773{ 8774 switch (hw_mode) { 8775 case HOSTAPD_MODE_IEEE80211B: 8776 return QCA_ACS_MODE_IEEE80211B; 8777 case HOSTAPD_MODE_IEEE80211G: 8778 return QCA_ACS_MODE_IEEE80211G; 8779 case HOSTAPD_MODE_IEEE80211A: 8780 return QCA_ACS_MODE_IEEE80211A; 8781 case HOSTAPD_MODE_IEEE80211AD: 8782 return QCA_ACS_MODE_IEEE80211AD; 8783 case HOSTAPD_MODE_IEEE80211ANY: 8784 return QCA_ACS_MODE_IEEE80211ANY; 8785 default: 8786 return -1; 8787 } 8788} 8789 8790 8791static int add_acs_freq_list(struct nl_msg *msg, const int *freq_list) 8792{ 8793 int i, len, ret; 8794 u32 *freqs; 8795 8796 if (!freq_list) 8797 return 0; 8798 len = int_array_len(freq_list); 8799 freqs = os_malloc(sizeof(u32) * len); 8800 if (!freqs) 8801 return -1; 8802 for (i = 0; i < len; i++) 8803 freqs[i] = freq_list[i]; 8804 ret = nla_put(msg, QCA_WLAN_VENDOR_ATTR_ACS_FREQ_LIST, 8805 sizeof(u32) * len, freqs); 8806 os_free(freqs); 8807 return ret; 8808} 8809 8810 8811static int wpa_driver_do_acs(void *priv, struct drv_acs_params *params) 8812{ 8813 struct i802_bss *bss = priv; 8814 struct wpa_driver_nl80211_data *drv = bss->drv; 8815 struct nl_msg *msg; 8816 struct nlattr *data; 8817 int ret; 8818 int mode; 8819 8820 mode = hw_mode_to_qca_acs(params->hw_mode); 8821 if (mode < 0) 8822 return -1; 8823 8824 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) || 8825 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) || 8826 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD, 8827 QCA_NL80211_VENDOR_SUBCMD_DO_ACS) || 8828 !(data = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) || 8829 nla_put_u8(msg, QCA_WLAN_VENDOR_ATTR_ACS_HW_MODE, mode) || 8830 (params->ht_enabled && 8831 nla_put_flag(msg, QCA_WLAN_VENDOR_ATTR_ACS_HT_ENABLED)) || 8832 (params->ht40_enabled && 8833 nla_put_flag(msg, QCA_WLAN_VENDOR_ATTR_ACS_HT40_ENABLED)) || 8834 (params->vht_enabled && 8835 nla_put_flag(msg, QCA_WLAN_VENDOR_ATTR_ACS_VHT_ENABLED)) || 8836 nla_put_u16(msg, QCA_WLAN_VENDOR_ATTR_ACS_CHWIDTH, 8837 params->ch_width) || 8838 (params->ch_list_len && 8839 nla_put(msg, QCA_WLAN_VENDOR_ATTR_ACS_CH_LIST, params->ch_list_len, 8840 params->ch_list)) || 8841 add_acs_freq_list(msg, params->freq_list)) { 8842 nlmsg_free(msg); 8843 return -ENOBUFS; 8844 } 8845 nla_nest_end(msg, data); 8846 8847 wpa_printf(MSG_DEBUG, 8848 "nl80211: ACS Params: HW_MODE: %d HT: %d HT40: %d VHT: %d BW: %d CH_LIST_LEN: %u", 8849 params->hw_mode, params->ht_enabled, params->ht40_enabled, 8850 params->vht_enabled, params->ch_width, params->ch_list_len); 8851 8852 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 8853 if (ret) { 8854 wpa_printf(MSG_DEBUG, 8855 "nl80211: Failed to invoke driver ACS function: %s", 8856 strerror(errno)); 8857 } 8858 return ret; 8859} 8860 8861 8862static int nl80211_set_band(void *priv, enum set_band band) 8863{ 8864 struct i802_bss *bss = priv; 8865 struct wpa_driver_nl80211_data *drv = bss->drv; 8866 struct nl_msg *msg; 8867 struct nlattr *data; 8868 int ret; 8869 enum qca_set_band qca_band; 8870 8871 if (!drv->setband_vendor_cmd_avail) 8872 return -1; 8873 8874 switch (band) { 8875 case WPA_SETBAND_AUTO: 8876 qca_band = QCA_SETBAND_AUTO; 8877 break; 8878 case WPA_SETBAND_5G: 8879 qca_band = QCA_SETBAND_5G; 8880 break; 8881 case WPA_SETBAND_2G: 8882 qca_band = QCA_SETBAND_2G; 8883 break; 8884 default: 8885 return -1; 8886 } 8887 8888 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) || 8889 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) || 8890 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD, 8891 QCA_NL80211_VENDOR_SUBCMD_SETBAND) || 8892 !(data = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) || 8893 nla_put_u32(msg, QCA_WLAN_VENDOR_ATTR_SETBAND_VALUE, qca_band)) { 8894 nlmsg_free(msg); 8895 return -ENOBUFS; 8896 } 8897 nla_nest_end(msg, data); 8898 8899 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 8900 if (ret) { 8901 wpa_printf(MSG_DEBUG, 8902 "nl80211: Driver setband function failed: %s", 8903 strerror(errno)); 8904 } 8905 return ret; 8906} 8907 8908 8909struct nl80211_pcl { 8910 unsigned int num; 8911 unsigned int *freq_list; 8912}; 8913 8914static int preferred_freq_info_handler(struct nl_msg *msg, void *arg) 8915{ 8916 struct nlattr *tb[NL80211_ATTR_MAX + 1]; 8917 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); 8918 struct nl80211_pcl *param = arg; 8919 struct nlattr *nl_vend, *attr; 8920 enum qca_iface_type iface_type; 8921 struct nlattr *tb_vendor[QCA_WLAN_VENDOR_ATTR_MAX + 1]; 8922 unsigned int num, max_num; 8923 u32 *freqs; 8924 8925 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), 8926 genlmsg_attrlen(gnlh, 0), NULL); 8927 8928 nl_vend = tb[NL80211_ATTR_VENDOR_DATA]; 8929 if (!nl_vend) 8930 return NL_SKIP; 8931 8932 nla_parse(tb_vendor, QCA_WLAN_VENDOR_ATTR_MAX, 8933 nla_data(nl_vend), nla_len(nl_vend), NULL); 8934 8935 attr = tb_vendor[ 8936 QCA_WLAN_VENDOR_ATTR_GET_PREFERRED_FREQ_LIST_IFACE_TYPE]; 8937 if (!attr) { 8938 wpa_printf(MSG_ERROR, "nl80211: iface_type couldn't be found"); 8939 param->num = 0; 8940 return NL_SKIP; 8941 } 8942 8943 iface_type = (enum qca_iface_type) nla_get_u32(attr); 8944 wpa_printf(MSG_DEBUG, "nl80211: Driver returned iface_type=%d", 8945 iface_type); 8946 8947 attr = tb_vendor[QCA_WLAN_VENDOR_ATTR_GET_PREFERRED_FREQ_LIST]; 8948 if (!attr) { 8949 wpa_printf(MSG_ERROR, 8950 "nl80211: preferred_freq_list couldn't be found"); 8951 param->num = 0; 8952 return NL_SKIP; 8953 } 8954 8955 /* 8956 * param->num has the maximum number of entries for which there 8957 * is room in the freq_list provided by the caller. 8958 */ 8959 freqs = nla_data(attr); 8960 max_num = nla_len(attr) / sizeof(u32); 8961 if (max_num > param->num) 8962 max_num = param->num; 8963 for (num = 0; num < max_num; num++) 8964 param->freq_list[num] = freqs[num]; 8965 param->num = num; 8966 8967 return NL_SKIP; 8968} 8969 8970 8971static int nl80211_get_pref_freq_list(void *priv, 8972 enum wpa_driver_if_type if_type, 8973 unsigned int *num, 8974 unsigned int *freq_list) 8975{ 8976 struct i802_bss *bss = priv; 8977 struct wpa_driver_nl80211_data *drv = bss->drv; 8978 struct nl_msg *msg; 8979 int ret; 8980 unsigned int i; 8981 struct nlattr *params; 8982 struct nl80211_pcl param; 8983 enum qca_iface_type iface_type; 8984 8985 if (!drv->get_pref_freq_list) 8986 return -1; 8987 8988 switch (if_type) { 8989 case WPA_IF_STATION: 8990 iface_type = QCA_IFACE_TYPE_STA; 8991 break; 8992 case WPA_IF_AP_BSS: 8993 iface_type = QCA_IFACE_TYPE_AP; 8994 break; 8995 case WPA_IF_P2P_GO: 8996 iface_type = QCA_IFACE_TYPE_P2P_GO; 8997 break; 8998 case WPA_IF_P2P_CLIENT: 8999 iface_type = QCA_IFACE_TYPE_P2P_CLIENT; 9000 break; 9001 case WPA_IF_IBSS: 9002 iface_type = QCA_IFACE_TYPE_IBSS; 9003 break; 9004 case WPA_IF_TDLS: 9005 iface_type = QCA_IFACE_TYPE_TDLS; 9006 break; 9007 default: 9008 return -1; 9009 } 9010 9011 param.num = *num; 9012 param.freq_list = freq_list; 9013 9014 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) || 9015 nla_put_u32(msg, NL80211_ATTR_IFINDEX, drv->ifindex) || 9016 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) || 9017 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD, 9018 QCA_NL80211_VENDOR_SUBCMD_GET_PREFERRED_FREQ_LIST) || 9019 !(params = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) || 9020 nla_put_u32(msg, 9021 QCA_WLAN_VENDOR_ATTR_GET_PREFERRED_FREQ_LIST_IFACE_TYPE, 9022 iface_type)) { 9023 wpa_printf(MSG_ERROR, 9024 "%s: err in adding vendor_cmd and vendor_data", 9025 __func__); 9026 nlmsg_free(msg); 9027 return -1; 9028 } 9029 nla_nest_end(msg, params); 9030 9031 os_memset(freq_list, 0, *num * sizeof(freq_list[0])); 9032 ret = send_and_recv_msgs(drv, msg, preferred_freq_info_handler, ¶m); 9033 if (ret) { 9034 wpa_printf(MSG_ERROR, 9035 "%s: err in send_and_recv_msgs", __func__); 9036 return ret; 9037 } 9038 9039 *num = param.num; 9040 9041 for (i = 0; i < *num; i++) { 9042 wpa_printf(MSG_DEBUG, "nl80211: preferred_channel_list[%d]=%d", 9043 i, freq_list[i]); 9044 } 9045 9046 return 0; 9047} 9048 9049 9050static int nl80211_set_prob_oper_freq(void *priv, unsigned int freq) 9051{ 9052 struct i802_bss *bss = priv; 9053 struct wpa_driver_nl80211_data *drv = bss->drv; 9054 struct nl_msg *msg; 9055 int ret; 9056 struct nlattr *params; 9057 9058 if (!drv->set_prob_oper_freq) 9059 return -1; 9060 9061 wpa_printf(MSG_DEBUG, 9062 "nl80211: Set P2P probable operating freq %u for ifindex %d", 9063 freq, bss->ifindex); 9064 9065 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) || 9066 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) || 9067 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD, 9068 QCA_NL80211_VENDOR_SUBCMD_SET_PROBABLE_OPER_CHANNEL) || 9069 !(params = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) || 9070 nla_put_u32(msg, 9071 QCA_WLAN_VENDOR_ATTR_PROBABLE_OPER_CHANNEL_IFACE_TYPE, 9072 QCA_IFACE_TYPE_P2P_CLIENT) || 9073 nla_put_u32(msg, 9074 QCA_WLAN_VENDOR_ATTR_PROBABLE_OPER_CHANNEL_FREQ, 9075 freq)) { 9076 wpa_printf(MSG_ERROR, 9077 "%s: err in adding vendor_cmd and vendor_data", 9078 __func__); 9079 nlmsg_free(msg); 9080 return -1; 9081 } 9082 nla_nest_end(msg, params); 9083 9084 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 9085 msg = NULL; 9086 if (ret) { 9087 wpa_printf(MSG_ERROR, "%s: err in send_and_recv_msgs", 9088 __func__); 9089 return ret; 9090 } 9091 nlmsg_free(msg); 9092 return 0; 9093} 9094 9095#endif /* CONFIG_DRIVER_NL80211_QCA */ 9096 9097 9098const struct wpa_driver_ops wpa_driver_nl80211_ops = { 9099 .name = "nl80211", 9100 .desc = "Linux nl80211/cfg80211", 9101 .get_bssid = wpa_driver_nl80211_get_bssid, 9102 .get_ssid = wpa_driver_nl80211_get_ssid, 9103 .set_key = driver_nl80211_set_key, 9104 .scan2 = driver_nl80211_scan2, 9105 .sched_scan = wpa_driver_nl80211_sched_scan, 9106 .stop_sched_scan = wpa_driver_nl80211_stop_sched_scan, 9107 .get_scan_results2 = wpa_driver_nl80211_get_scan_results, 9108 .abort_scan = wpa_driver_nl80211_abort_scan, 9109 .deauthenticate = driver_nl80211_deauthenticate, 9110 .authenticate = driver_nl80211_authenticate, 9111 .associate = wpa_driver_nl80211_associate, 9112 .global_init = nl80211_global_init, 9113 .global_deinit = nl80211_global_deinit, 9114 .init2 = wpa_driver_nl80211_init, 9115 .deinit = driver_nl80211_deinit, 9116 .get_capa = wpa_driver_nl80211_get_capa, 9117 .set_operstate = wpa_driver_nl80211_set_operstate, 9118 .set_supp_port = wpa_driver_nl80211_set_supp_port, 9119 .set_country = wpa_driver_nl80211_set_country, 9120 .get_country = wpa_driver_nl80211_get_country, 9121 .set_ap = wpa_driver_nl80211_set_ap, 9122 .set_acl = wpa_driver_nl80211_set_acl, 9123 .if_add = wpa_driver_nl80211_if_add, 9124 .if_remove = driver_nl80211_if_remove, 9125 .send_mlme = driver_nl80211_send_mlme, 9126 .get_hw_feature_data = nl80211_get_hw_feature_data, 9127 .sta_add = wpa_driver_nl80211_sta_add, 9128 .sta_remove = driver_nl80211_sta_remove, 9129 .hapd_send_eapol = wpa_driver_nl80211_hapd_send_eapol, 9130 .sta_set_flags = wpa_driver_nl80211_sta_set_flags, 9131 .hapd_init = i802_init, 9132 .hapd_deinit = i802_deinit, 9133 .set_wds_sta = i802_set_wds_sta, 9134 .get_seqnum = i802_get_seqnum, 9135 .flush = i802_flush, 9136 .get_inact_sec = i802_get_inact_sec, 9137 .sta_clear_stats = i802_sta_clear_stats, 9138 .set_rts = i802_set_rts, 9139 .set_frag = i802_set_frag, 9140 .set_tx_queue_params = i802_set_tx_queue_params, 9141 .set_sta_vlan = driver_nl80211_set_sta_vlan, 9142 .sta_deauth = i802_sta_deauth, 9143 .sta_disassoc = i802_sta_disassoc, 9144 .read_sta_data = driver_nl80211_read_sta_data, 9145 .set_freq = i802_set_freq, 9146 .send_action = driver_nl80211_send_action, 9147 .send_action_cancel_wait = wpa_driver_nl80211_send_action_cancel_wait, 9148 .remain_on_channel = wpa_driver_nl80211_remain_on_channel, 9149 .cancel_remain_on_channel = 9150 wpa_driver_nl80211_cancel_remain_on_channel, 9151 .probe_req_report = driver_nl80211_probe_req_report, 9152 .deinit_ap = wpa_driver_nl80211_deinit_ap, 9153 .deinit_p2p_cli = wpa_driver_nl80211_deinit_p2p_cli, 9154 .resume = wpa_driver_nl80211_resume, 9155 .signal_monitor = nl80211_signal_monitor, 9156 .signal_poll = nl80211_signal_poll, 9157 .send_frame = nl80211_send_frame, 9158 .set_param = nl80211_set_param, 9159 .get_radio_name = nl80211_get_radio_name, 9160 .add_pmkid = nl80211_add_pmkid, 9161 .remove_pmkid = nl80211_remove_pmkid, 9162 .flush_pmkid = nl80211_flush_pmkid, 9163 .set_rekey_info = nl80211_set_rekey_info, 9164 .poll_client = nl80211_poll_client, 9165 .set_p2p_powersave = nl80211_set_p2p_powersave, 9166 .start_dfs_cac = nl80211_start_radar_detection, 9167 .stop_ap = wpa_driver_nl80211_stop_ap, 9168#ifdef CONFIG_TDLS 9169 .send_tdls_mgmt = nl80211_send_tdls_mgmt, 9170 .tdls_oper = nl80211_tdls_oper, 9171 .tdls_enable_channel_switch = nl80211_tdls_enable_channel_switch, 9172 .tdls_disable_channel_switch = nl80211_tdls_disable_channel_switch, 9173#endif /* CONFIG_TDLS */ 9174 .update_ft_ies = wpa_driver_nl80211_update_ft_ies, 9175 .get_mac_addr = wpa_driver_nl80211_get_macaddr, 9176 .get_survey = wpa_driver_nl80211_get_survey, 9177 .status = wpa_driver_nl80211_status, 9178 .switch_channel = nl80211_switch_channel, 9179#ifdef ANDROID_P2P 9180 .set_noa = wpa_driver_set_p2p_noa, 9181 .get_noa = wpa_driver_get_p2p_noa, 9182 .set_ap_wps_ie = wpa_driver_set_ap_wps_p2p_ie, 9183#endif /* ANDROID_P2P */ 9184#ifdef ANDROID 9185#ifndef ANDROID_LIB_STUB 9186 .driver_cmd = wpa_driver_nl80211_driver_cmd, 9187#endif /* !ANDROID_LIB_STUB */ 9188#endif /* ANDROID */ 9189 .vendor_cmd = nl80211_vendor_cmd, 9190 .set_qos_map = nl80211_set_qos_map, 9191 .set_wowlan = nl80211_set_wowlan, 9192#ifdef CONFIG_DRIVER_NL80211_QCA 9193 .roaming = nl80211_roaming, 9194#endif /* CONFIG_DRIVER_NL80211_QCA */ 9195 .set_mac_addr = nl80211_set_mac_addr, 9196#ifdef CONFIG_MESH 9197 .init_mesh = wpa_driver_nl80211_init_mesh, 9198 .join_mesh = wpa_driver_nl80211_join_mesh, 9199 .leave_mesh = wpa_driver_nl80211_leave_mesh, 9200#endif /* CONFIG_MESH */ 9201 .br_add_ip_neigh = wpa_driver_br_add_ip_neigh, 9202 .br_delete_ip_neigh = wpa_driver_br_delete_ip_neigh, 9203 .br_port_set_attr = wpa_driver_br_port_set_attr, 9204 .br_set_net_param = wpa_driver_br_set_net_param, 9205 .add_tx_ts = nl80211_add_ts, 9206 .del_tx_ts = nl80211_del_ts, 9207 .get_ifindex = nl80211_get_ifindex, 9208#ifdef CONFIG_DRIVER_NL80211_QCA 9209 .do_acs = wpa_driver_do_acs, 9210 .set_band = nl80211_set_band, 9211 .get_pref_freq_list = nl80211_get_pref_freq_list, 9212 .set_prob_oper_freq = nl80211_set_prob_oper_freq, 9213#endif /* CONFIG_DRIVER_NL80211_QCA */ 9214}; 9215