1 /*
2 * Driver interaction with Linux nl80211/cfg80211
3 * Copyright (c) 2002-2015, Jouni Malinen <j@w1.fi>
4 * Copyright (c) 2003-2004, Instant802 Networks, Inc.
5 * Copyright (c) 2005-2006, Devicescape Software, Inc.
6 * Copyright (c) 2007, Johannes Berg <johannes@sipsolutions.net>
7 * Copyright (c) 2009-2010, Atheros Communications
8 *
9 * This software may be distributed under the terms of the BSD license.
10 * See README for more details.
11 */
12
13 #include "includes.h"
14 #include <sys/types.h>
15 #include <fcntl.h>
16 #include <net/if.h>
17 #include <netlink/genl/genl.h>
18 #include <netlink/genl/ctrl.h>
19 #ifdef CONFIG_LIBNL3_ROUTE
20 #include <netlink/route/neighbour.h>
21 #endif /* CONFIG_LIBNL3_ROUTE */
22 #include <linux/rtnetlink.h>
23 #include <netpacket/packet.h>
24 #include <linux/errqueue.h>
25
26 #include "common.h"
27 #include "eloop.h"
28 #include "common/qca-vendor.h"
29 #include "common/qca-vendor-attr.h"
30 #include "common/ieee802_11_defs.h"
31 #include "common/ieee802_11_common.h"
32 #include "l2_packet/l2_packet.h"
33 #include "netlink.h"
34 #include "linux_defines.h"
35 #include "linux_ioctl.h"
36 #include "radiotap.h"
37 #include "radiotap_iter.h"
38 #include "rfkill.h"
39 #include "driver_nl80211.h"
40
41
42 #ifndef CONFIG_LIBNL20
43 /*
44 * libnl 1.1 has a bug, it tries to allocate socket numbers densely
45 * but when you free a socket again it will mess up its bitmap and
46 * and use the wrong number the next time it needs a socket ID.
47 * Therefore, we wrap the handle alloc/destroy and add our own pid
48 * accounting.
49 */
50 static uint32_t port_bitmap[32] = { 0 };
51
nl80211_handle_alloc(void * cb)52 static struct nl_handle *nl80211_handle_alloc(void *cb)
53 {
54 struct nl_handle *handle;
55 uint32_t pid = getpid() & 0x3FFFFF;
56 int i;
57
58 handle = nl_handle_alloc_cb(cb);
59
60 for (i = 0; i < 1024; i++) {
61 if (port_bitmap[i / 32] & (1 << (i % 32)))
62 continue;
63 port_bitmap[i / 32] |= 1 << (i % 32);
64 pid += i << 22;
65 break;
66 }
67
68 nl_socket_set_local_port(handle, pid);
69
70 return handle;
71 }
72
nl80211_handle_destroy(struct nl_handle * handle)73 static void nl80211_handle_destroy(struct nl_handle *handle)
74 {
75 uint32_t port = nl_socket_get_local_port(handle);
76
77 port >>= 22;
78 port_bitmap[port / 32] &= ~(1 << (port % 32));
79
80 nl_handle_destroy(handle);
81 }
82 #endif /* CONFIG_LIBNL20 */
83
84
85 #ifdef ANDROID
86 /* system/core/libnl_2 does not include nl_socket_set_nonblocking() */
87 #undef nl_socket_set_nonblocking
88 #define nl_socket_set_nonblocking(h) android_nl_socket_set_nonblocking(h)
89
90 #endif /* ANDROID */
91
92
nl_create_handle(struct nl_cb * cb,const char * dbg)93 static struct nl_handle * nl_create_handle(struct nl_cb *cb, const char *dbg)
94 {
95 struct nl_handle *handle;
96
97 handle = nl80211_handle_alloc(cb);
98 if (handle == NULL) {
99 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate netlink "
100 "callbacks (%s)", dbg);
101 return NULL;
102 }
103
104 if (genl_connect(handle)) {
105 wpa_printf(MSG_ERROR, "nl80211: Failed to connect to generic "
106 "netlink (%s)", dbg);
107 nl80211_handle_destroy(handle);
108 return NULL;
109 }
110
111 return handle;
112 }
113
114
nl_destroy_handles(struct nl_handle ** handle)115 static void nl_destroy_handles(struct nl_handle **handle)
116 {
117 if (*handle == NULL)
118 return;
119 nl80211_handle_destroy(*handle);
120 *handle = NULL;
121 }
122
123
124 #if __WORDSIZE == 64
125 #define ELOOP_SOCKET_INVALID (intptr_t) 0x8888888888888889ULL
126 #else
127 #define ELOOP_SOCKET_INVALID (intptr_t) 0x88888889ULL
128 #endif
129
nl80211_register_eloop_read(struct nl_handle ** handle,eloop_sock_handler handler,void * eloop_data)130 static void nl80211_register_eloop_read(struct nl_handle **handle,
131 eloop_sock_handler handler,
132 void *eloop_data)
133 {
134 #ifdef CONFIG_LIBNL20
135 /*
136 * libnl uses a pretty small buffer (32 kB that gets converted to 64 kB)
137 * by default. It is possible to hit that limit in some cases where
138 * operations are blocked, e.g., with a burst of Deauthentication frames
139 * to hostapd and STA entry deletion. Try to increase the buffer to make
140 * this less likely to occur.
141 */
142 if (nl_socket_set_buffer_size(*handle, 262144, 0) < 0) {
143 wpa_printf(MSG_DEBUG,
144 "nl80211: Could not set nl_socket RX buffer size: %s",
145 strerror(errno));
146 /* continue anyway with the default (smaller) buffer */
147 }
148 #endif /* CONFIG_LIBNL20 */
149
150 nl_socket_set_nonblocking(*handle);
151 eloop_register_read_sock(nl_socket_get_fd(*handle), handler,
152 eloop_data, *handle);
153 *handle = (void *) (((intptr_t) *handle) ^ ELOOP_SOCKET_INVALID);
154 }
155
156
nl80211_destroy_eloop_handle(struct nl_handle ** handle)157 static void nl80211_destroy_eloop_handle(struct nl_handle **handle)
158 {
159 *handle = (void *) (((intptr_t) *handle) ^ ELOOP_SOCKET_INVALID);
160 eloop_unregister_read_sock(nl_socket_get_fd(*handle));
161 nl_destroy_handles(handle);
162 }
163
164
165 static void nl80211_global_deinit(void *priv);
166 static void nl80211_check_global(struct nl80211_global *global);
167
168 static void wpa_driver_nl80211_deinit(struct i802_bss *bss);
169 static int wpa_driver_nl80211_set_mode_ibss(struct i802_bss *bss,
170 struct hostapd_freq_params *freq);
171
172 static int
173 wpa_driver_nl80211_finish_drv_init(struct wpa_driver_nl80211_data *drv,
174 const u8 *set_addr, int first,
175 const char *driver_params);
176 static int nl80211_send_frame_cmd(struct i802_bss *bss,
177 unsigned int freq, unsigned int wait,
178 const u8 *buf, size_t buf_len, u64 *cookie,
179 int no_cck, int no_ack, int offchanok);
180 static int wpa_driver_nl80211_probe_req_report(struct i802_bss *bss,
181 int report);
182
183 static void add_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx);
184 static void del_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx);
185 static int have_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx);
186
187 static int nl80211_set_channel(struct i802_bss *bss,
188 struct hostapd_freq_params *freq, int set_chan);
189 static int nl80211_disable_11b_rates(struct wpa_driver_nl80211_data *drv,
190 int ifindex, int disabled);
191
192 static int nl80211_leave_ibss(struct wpa_driver_nl80211_data *drv,
193 int reset_mode);
194
195 static int i802_set_iface_flags(struct i802_bss *bss, int up);
196 static int nl80211_set_param(void *priv, const char *param);
197
198
199 /* Converts nl80211_chan_width to a common format */
convert2width(int width)200 enum chan_width convert2width(int width)
201 {
202 switch (width) {
203 case NL80211_CHAN_WIDTH_20_NOHT:
204 return CHAN_WIDTH_20_NOHT;
205 case NL80211_CHAN_WIDTH_20:
206 return CHAN_WIDTH_20;
207 case NL80211_CHAN_WIDTH_40:
208 return CHAN_WIDTH_40;
209 case NL80211_CHAN_WIDTH_80:
210 return CHAN_WIDTH_80;
211 case NL80211_CHAN_WIDTH_80P80:
212 return CHAN_WIDTH_80P80;
213 case NL80211_CHAN_WIDTH_160:
214 return CHAN_WIDTH_160;
215 }
216 return CHAN_WIDTH_UNKNOWN;
217 }
218
219
is_ap_interface(enum nl80211_iftype nlmode)220 int is_ap_interface(enum nl80211_iftype nlmode)
221 {
222 return nlmode == NL80211_IFTYPE_AP ||
223 nlmode == NL80211_IFTYPE_P2P_GO;
224 }
225
226
is_sta_interface(enum nl80211_iftype nlmode)227 int is_sta_interface(enum nl80211_iftype nlmode)
228 {
229 return nlmode == NL80211_IFTYPE_STATION ||
230 nlmode == NL80211_IFTYPE_P2P_CLIENT;
231 }
232
233
is_p2p_net_interface(enum nl80211_iftype nlmode)234 static int is_p2p_net_interface(enum nl80211_iftype nlmode)
235 {
236 return nlmode == NL80211_IFTYPE_P2P_CLIENT ||
237 nlmode == NL80211_IFTYPE_P2P_GO;
238 }
239
240
get_bss_ifindex(struct wpa_driver_nl80211_data * drv,int ifindex)241 struct i802_bss * get_bss_ifindex(struct wpa_driver_nl80211_data *drv,
242 int ifindex)
243 {
244 struct i802_bss *bss;
245
246 for (bss = drv->first_bss; bss; bss = bss->next) {
247 if (bss->ifindex == ifindex)
248 return bss;
249 }
250
251 return NULL;
252 }
253
254
is_mesh_interface(enum nl80211_iftype nlmode)255 static int is_mesh_interface(enum nl80211_iftype nlmode)
256 {
257 return nlmode == NL80211_IFTYPE_MESH_POINT;
258 }
259
260
nl80211_mark_disconnected(struct wpa_driver_nl80211_data * drv)261 void nl80211_mark_disconnected(struct wpa_driver_nl80211_data *drv)
262 {
263 if (drv->associated)
264 os_memcpy(drv->prev_bssid, drv->bssid, ETH_ALEN);
265 drv->associated = 0;
266 os_memset(drv->bssid, 0, ETH_ALEN);
267 }
268
269
270 /* nl80211 code */
ack_handler(struct nl_msg * msg,void * arg)271 static int ack_handler(struct nl_msg *msg, void *arg)
272 {
273 int *err = arg;
274 *err = 0;
275 return NL_STOP;
276 }
277
finish_handler(struct nl_msg * msg,void * arg)278 static int finish_handler(struct nl_msg *msg, void *arg)
279 {
280 int *ret = arg;
281 *ret = 0;
282 return NL_SKIP;
283 }
284
error_handler(struct sockaddr_nl * nla,struct nlmsgerr * err,void * arg)285 static int error_handler(struct sockaddr_nl *nla, struct nlmsgerr *err,
286 void *arg)
287 {
288 int *ret = arg;
289 *ret = err->error;
290 return NL_SKIP;
291 }
292
293
no_seq_check(struct nl_msg * msg,void * arg)294 static int no_seq_check(struct nl_msg *msg, void *arg)
295 {
296 return NL_OK;
297 }
298
299
nl80211_nlmsg_clear(struct nl_msg * msg)300 static void nl80211_nlmsg_clear(struct nl_msg *msg)
301 {
302 /*
303 * Clear nlmsg data, e.g., to make sure key material is not left in
304 * heap memory for unnecessarily long time.
305 */
306 if (msg) {
307 struct nlmsghdr *hdr = nlmsg_hdr(msg);
308 void *data = nlmsg_data(hdr);
309 /*
310 * This would use nlmsg_datalen() or the older nlmsg_len() if
311 * only libnl were to maintain a stable API.. Neither will work
312 * with all released versions, so just calculate the length
313 * here.
314 */
315 int len = hdr->nlmsg_len - NLMSG_HDRLEN;
316
317 os_memset(data, 0, len);
318 }
319 }
320
321
send_and_recv(struct nl80211_global * global,struct nl_handle * nl_handle,struct nl_msg * msg,int (* valid_handler)(struct nl_msg *,void *),void * valid_data)322 static int send_and_recv(struct nl80211_global *global,
323 struct nl_handle *nl_handle, struct nl_msg *msg,
324 int (*valid_handler)(struct nl_msg *, void *),
325 void *valid_data)
326 {
327 struct nl_cb *cb;
328 int err = -ENOMEM;
329
330 if (!msg)
331 return -ENOMEM;
332
333 cb = nl_cb_clone(global->nl_cb);
334 if (!cb)
335 goto out;
336
337 err = nl_send_auto_complete(nl_handle, msg);
338 if (err < 0)
339 goto out;
340
341 err = 1;
342
343 nl_cb_err(cb, NL_CB_CUSTOM, error_handler, &err);
344 nl_cb_set(cb, NL_CB_FINISH, NL_CB_CUSTOM, finish_handler, &err);
345 nl_cb_set(cb, NL_CB_ACK, NL_CB_CUSTOM, ack_handler, &err);
346
347 if (valid_handler)
348 nl_cb_set(cb, NL_CB_VALID, NL_CB_CUSTOM,
349 valid_handler, valid_data);
350
351 while (err > 0) {
352 int res = nl_recvmsgs(nl_handle, cb);
353 if (res < 0) {
354 wpa_printf(MSG_INFO,
355 "nl80211: %s->nl_recvmsgs failed: %d",
356 __func__, res);
357 }
358 }
359 out:
360 nl_cb_put(cb);
361 if (!valid_handler && valid_data == (void *) -1)
362 nl80211_nlmsg_clear(msg);
363 nlmsg_free(msg);
364 return err;
365 }
366
367
send_and_recv_msgs(struct wpa_driver_nl80211_data * drv,struct nl_msg * msg,int (* valid_handler)(struct nl_msg *,void *),void * valid_data)368 int send_and_recv_msgs(struct wpa_driver_nl80211_data *drv,
369 struct nl_msg *msg,
370 int (*valid_handler)(struct nl_msg *, void *),
371 void *valid_data)
372 {
373 return send_and_recv(drv->global, drv->global->nl, msg,
374 valid_handler, valid_data);
375 }
376
377
378 struct family_data {
379 const char *group;
380 int id;
381 };
382
383
family_handler(struct nl_msg * msg,void * arg)384 static int family_handler(struct nl_msg *msg, void *arg)
385 {
386 struct family_data *res = arg;
387 struct nlattr *tb[CTRL_ATTR_MAX + 1];
388 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
389 struct nlattr *mcgrp;
390 int i;
391
392 nla_parse(tb, CTRL_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
393 genlmsg_attrlen(gnlh, 0), NULL);
394 if (!tb[CTRL_ATTR_MCAST_GROUPS])
395 return NL_SKIP;
396
397 nla_for_each_nested(mcgrp, tb[CTRL_ATTR_MCAST_GROUPS], i) {
398 struct nlattr *tb2[CTRL_ATTR_MCAST_GRP_MAX + 1];
399 nla_parse(tb2, CTRL_ATTR_MCAST_GRP_MAX, nla_data(mcgrp),
400 nla_len(mcgrp), NULL);
401 if (!tb2[CTRL_ATTR_MCAST_GRP_NAME] ||
402 !tb2[CTRL_ATTR_MCAST_GRP_ID] ||
403 os_strncmp(nla_data(tb2[CTRL_ATTR_MCAST_GRP_NAME]),
404 res->group,
405 nla_len(tb2[CTRL_ATTR_MCAST_GRP_NAME])) != 0)
406 continue;
407 res->id = nla_get_u32(tb2[CTRL_ATTR_MCAST_GRP_ID]);
408 break;
409 };
410
411 return NL_SKIP;
412 }
413
414
nl_get_multicast_id(struct nl80211_global * global,const char * family,const char * group)415 static int nl_get_multicast_id(struct nl80211_global *global,
416 const char *family, const char *group)
417 {
418 struct nl_msg *msg;
419 int ret;
420 struct family_data res = { group, -ENOENT };
421
422 msg = nlmsg_alloc();
423 if (!msg)
424 return -ENOMEM;
425 if (!genlmsg_put(msg, 0, 0, genl_ctrl_resolve(global->nl, "nlctrl"),
426 0, 0, CTRL_CMD_GETFAMILY, 0) ||
427 nla_put_string(msg, CTRL_ATTR_FAMILY_NAME, family)) {
428 nlmsg_free(msg);
429 return -1;
430 }
431
432 ret = send_and_recv(global, global->nl, msg, family_handler, &res);
433 if (ret == 0)
434 ret = res.id;
435 return ret;
436 }
437
438
nl80211_cmd(struct wpa_driver_nl80211_data * drv,struct nl_msg * msg,int flags,uint8_t cmd)439 void * nl80211_cmd(struct wpa_driver_nl80211_data *drv,
440 struct nl_msg *msg, int flags, uint8_t cmd)
441 {
442 return genlmsg_put(msg, 0, 0, drv->global->nl80211_id,
443 0, flags, cmd, 0);
444 }
445
446
nl80211_set_iface_id(struct nl_msg * msg,struct i802_bss * bss)447 static int nl80211_set_iface_id(struct nl_msg *msg, struct i802_bss *bss)
448 {
449 if (bss->wdev_id_set)
450 return nla_put_u64(msg, NL80211_ATTR_WDEV, bss->wdev_id);
451 return nla_put_u32(msg, NL80211_ATTR_IFINDEX, bss->ifindex);
452 }
453
454
nl80211_cmd_msg(struct i802_bss * bss,int flags,uint8_t cmd)455 struct nl_msg * nl80211_cmd_msg(struct i802_bss *bss, int flags, uint8_t cmd)
456 {
457 struct nl_msg *msg;
458
459 msg = nlmsg_alloc();
460 if (!msg)
461 return NULL;
462
463 if (!nl80211_cmd(bss->drv, msg, flags, cmd) ||
464 nl80211_set_iface_id(msg, bss) < 0) {
465 nlmsg_free(msg);
466 return NULL;
467 }
468
469 return msg;
470 }
471
472
473 static struct nl_msg *
nl80211_ifindex_msg(struct wpa_driver_nl80211_data * drv,int ifindex,int flags,uint8_t cmd)474 nl80211_ifindex_msg(struct wpa_driver_nl80211_data *drv, int ifindex,
475 int flags, uint8_t cmd)
476 {
477 struct nl_msg *msg;
478
479 msg = nlmsg_alloc();
480 if (!msg)
481 return NULL;
482
483 if (!nl80211_cmd(drv, msg, flags, cmd) ||
484 nla_put_u32(msg, NL80211_ATTR_IFINDEX, ifindex)) {
485 nlmsg_free(msg);
486 return NULL;
487 }
488
489 return msg;
490 }
491
492
nl80211_drv_msg(struct wpa_driver_nl80211_data * drv,int flags,uint8_t cmd)493 struct nl_msg * nl80211_drv_msg(struct wpa_driver_nl80211_data *drv, int flags,
494 uint8_t cmd)
495 {
496 return nl80211_ifindex_msg(drv, drv->ifindex, flags, cmd);
497 }
498
499
nl80211_bss_msg(struct i802_bss * bss,int flags,uint8_t cmd)500 struct nl_msg * nl80211_bss_msg(struct i802_bss *bss, int flags, uint8_t cmd)
501 {
502 return nl80211_ifindex_msg(bss->drv, bss->ifindex, flags, cmd);
503 }
504
505
506 struct wiphy_idx_data {
507 int wiphy_idx;
508 enum nl80211_iftype nlmode;
509 u8 *macaddr;
510 };
511
512
netdev_info_handler(struct nl_msg * msg,void * arg)513 static int netdev_info_handler(struct nl_msg *msg, void *arg)
514 {
515 struct nlattr *tb[NL80211_ATTR_MAX + 1];
516 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
517 struct wiphy_idx_data *info = arg;
518
519 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
520 genlmsg_attrlen(gnlh, 0), NULL);
521
522 if (tb[NL80211_ATTR_WIPHY])
523 info->wiphy_idx = nla_get_u32(tb[NL80211_ATTR_WIPHY]);
524
525 if (tb[NL80211_ATTR_IFTYPE])
526 info->nlmode = nla_get_u32(tb[NL80211_ATTR_IFTYPE]);
527
528 if (tb[NL80211_ATTR_MAC] && info->macaddr)
529 os_memcpy(info->macaddr, nla_data(tb[NL80211_ATTR_MAC]),
530 ETH_ALEN);
531
532 return NL_SKIP;
533 }
534
535
nl80211_get_wiphy_index(struct i802_bss * bss)536 int nl80211_get_wiphy_index(struct i802_bss *bss)
537 {
538 struct nl_msg *msg;
539 struct wiphy_idx_data data = {
540 .wiphy_idx = -1,
541 .macaddr = NULL,
542 };
543
544 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_GET_INTERFACE)))
545 return -1;
546
547 if (send_and_recv_msgs(bss->drv, msg, netdev_info_handler, &data) == 0)
548 return data.wiphy_idx;
549 return -1;
550 }
551
552
nl80211_get_ifmode(struct i802_bss * bss)553 static enum nl80211_iftype nl80211_get_ifmode(struct i802_bss *bss)
554 {
555 struct nl_msg *msg;
556 struct wiphy_idx_data data = {
557 .nlmode = NL80211_IFTYPE_UNSPECIFIED,
558 .macaddr = NULL,
559 };
560
561 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_GET_INTERFACE)))
562 return NL80211_IFTYPE_UNSPECIFIED;
563
564 if (send_and_recv_msgs(bss->drv, msg, netdev_info_handler, &data) == 0)
565 return data.nlmode;
566 return NL80211_IFTYPE_UNSPECIFIED;
567 }
568
569
nl80211_get_macaddr(struct i802_bss * bss)570 static int nl80211_get_macaddr(struct i802_bss *bss)
571 {
572 struct nl_msg *msg;
573 struct wiphy_idx_data data = {
574 .macaddr = bss->addr,
575 };
576
577 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_GET_INTERFACE)))
578 return -1;
579
580 return send_and_recv_msgs(bss->drv, msg, netdev_info_handler, &data);
581 }
582
583
nl80211_register_beacons(struct wpa_driver_nl80211_data * drv,struct nl80211_wiphy_data * w)584 static int nl80211_register_beacons(struct wpa_driver_nl80211_data *drv,
585 struct nl80211_wiphy_data *w)
586 {
587 struct nl_msg *msg;
588 int ret;
589
590 msg = nlmsg_alloc();
591 if (!msg)
592 return -1;
593
594 if (!nl80211_cmd(drv, msg, 0, NL80211_CMD_REGISTER_BEACONS) ||
595 nla_put_u32(msg, NL80211_ATTR_WIPHY, w->wiphy_idx)) {
596 nlmsg_free(msg);
597 return -1;
598 }
599
600 ret = send_and_recv(drv->global, w->nl_beacons, msg, NULL, NULL);
601 if (ret) {
602 wpa_printf(MSG_DEBUG, "nl80211: Register beacons command "
603 "failed: ret=%d (%s)",
604 ret, strerror(-ret));
605 }
606 return ret;
607 }
608
609
nl80211_recv_beacons(int sock,void * eloop_ctx,void * handle)610 static void nl80211_recv_beacons(int sock, void *eloop_ctx, void *handle)
611 {
612 struct nl80211_wiphy_data *w = eloop_ctx;
613 int res;
614
615 wpa_printf(MSG_EXCESSIVE, "nl80211: Beacon event message available");
616
617 res = nl_recvmsgs(handle, w->nl_cb);
618 if (res < 0) {
619 wpa_printf(MSG_INFO, "nl80211: %s->nl_recvmsgs failed: %d",
620 __func__, res);
621 }
622 }
623
624
process_beacon_event(struct nl_msg * msg,void * arg)625 static int process_beacon_event(struct nl_msg *msg, void *arg)
626 {
627 struct nl80211_wiphy_data *w = arg;
628 struct wpa_driver_nl80211_data *drv;
629 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
630 struct nlattr *tb[NL80211_ATTR_MAX + 1];
631 union wpa_event_data event;
632
633 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
634 genlmsg_attrlen(gnlh, 0), NULL);
635
636 if (gnlh->cmd != NL80211_CMD_FRAME) {
637 wpa_printf(MSG_DEBUG, "nl80211: Unexpected beacon event? (%d)",
638 gnlh->cmd);
639 return NL_SKIP;
640 }
641
642 if (!tb[NL80211_ATTR_FRAME])
643 return NL_SKIP;
644
645 dl_list_for_each(drv, &w->drvs, struct wpa_driver_nl80211_data,
646 wiphy_list) {
647 os_memset(&event, 0, sizeof(event));
648 event.rx_mgmt.frame = nla_data(tb[NL80211_ATTR_FRAME]);
649 event.rx_mgmt.frame_len = nla_len(tb[NL80211_ATTR_FRAME]);
650 wpa_supplicant_event(drv->ctx, EVENT_RX_MGMT, &event);
651 }
652
653 return NL_SKIP;
654 }
655
656
657 static struct nl80211_wiphy_data *
nl80211_get_wiphy_data_ap(struct i802_bss * bss)658 nl80211_get_wiphy_data_ap(struct i802_bss *bss)
659 {
660 static DEFINE_DL_LIST(nl80211_wiphys);
661 struct nl80211_wiphy_data *w;
662 int wiphy_idx, found = 0;
663 struct i802_bss *tmp_bss;
664
665 if (bss->wiphy_data != NULL)
666 return bss->wiphy_data;
667
668 wiphy_idx = nl80211_get_wiphy_index(bss);
669
670 dl_list_for_each(w, &nl80211_wiphys, struct nl80211_wiphy_data, list) {
671 if (w->wiphy_idx == wiphy_idx)
672 goto add;
673 }
674
675 /* alloc new one */
676 w = os_zalloc(sizeof(*w));
677 if (w == NULL)
678 return NULL;
679 w->wiphy_idx = wiphy_idx;
680 dl_list_init(&w->bsss);
681 dl_list_init(&w->drvs);
682
683 w->nl_cb = nl_cb_alloc(NL_CB_DEFAULT);
684 if (!w->nl_cb) {
685 os_free(w);
686 return NULL;
687 }
688 nl_cb_set(w->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM, no_seq_check, NULL);
689 nl_cb_set(w->nl_cb, NL_CB_VALID, NL_CB_CUSTOM, process_beacon_event,
690 w);
691
692 w->nl_beacons = nl_create_handle(bss->drv->global->nl_cb,
693 "wiphy beacons");
694 if (w->nl_beacons == NULL) {
695 os_free(w);
696 return NULL;
697 }
698
699 if (nl80211_register_beacons(bss->drv, w)) {
700 nl_destroy_handles(&w->nl_beacons);
701 os_free(w);
702 return NULL;
703 }
704
705 nl80211_register_eloop_read(&w->nl_beacons, nl80211_recv_beacons, w);
706
707 dl_list_add(&nl80211_wiphys, &w->list);
708
709 add:
710 /* drv entry for this bss already there? */
711 dl_list_for_each(tmp_bss, &w->bsss, struct i802_bss, wiphy_list) {
712 if (tmp_bss->drv == bss->drv) {
713 found = 1;
714 break;
715 }
716 }
717 /* if not add it */
718 if (!found)
719 dl_list_add(&w->drvs, &bss->drv->wiphy_list);
720
721 dl_list_add(&w->bsss, &bss->wiphy_list);
722 bss->wiphy_data = w;
723 return w;
724 }
725
726
nl80211_put_wiphy_data_ap(struct i802_bss * bss)727 static void nl80211_put_wiphy_data_ap(struct i802_bss *bss)
728 {
729 struct nl80211_wiphy_data *w = bss->wiphy_data;
730 struct i802_bss *tmp_bss;
731 int found = 0;
732
733 if (w == NULL)
734 return;
735 bss->wiphy_data = NULL;
736 dl_list_del(&bss->wiphy_list);
737
738 /* still any for this drv present? */
739 dl_list_for_each(tmp_bss, &w->bsss, struct i802_bss, wiphy_list) {
740 if (tmp_bss->drv == bss->drv) {
741 found = 1;
742 break;
743 }
744 }
745 /* if not remove it */
746 if (!found)
747 dl_list_del(&bss->drv->wiphy_list);
748
749 if (!dl_list_empty(&w->bsss))
750 return;
751
752 nl80211_destroy_eloop_handle(&w->nl_beacons);
753
754 nl_cb_put(w->nl_cb);
755 dl_list_del(&w->list);
756 os_free(w);
757 }
758
759
wpa_driver_nl80211_get_bssid(void * priv,u8 * bssid)760 static int wpa_driver_nl80211_get_bssid(void *priv, u8 *bssid)
761 {
762 struct i802_bss *bss = priv;
763 struct wpa_driver_nl80211_data *drv = bss->drv;
764 if (!drv->associated)
765 return -1;
766 os_memcpy(bssid, drv->bssid, ETH_ALEN);
767 return 0;
768 }
769
770
wpa_driver_nl80211_get_ssid(void * priv,u8 * ssid)771 static int wpa_driver_nl80211_get_ssid(void *priv, u8 *ssid)
772 {
773 struct i802_bss *bss = priv;
774 struct wpa_driver_nl80211_data *drv = bss->drv;
775 if (!drv->associated)
776 return -1;
777 os_memcpy(ssid, drv->ssid, drv->ssid_len);
778 return drv->ssid_len;
779 }
780
781
wpa_driver_nl80211_event_newlink(struct wpa_driver_nl80211_data * drv,const char * ifname)782 static void wpa_driver_nl80211_event_newlink(
783 struct wpa_driver_nl80211_data *drv, const char *ifname)
784 {
785 union wpa_event_data event;
786
787 if (os_strcmp(drv->first_bss->ifname, ifname) == 0) {
788 if (if_nametoindex(drv->first_bss->ifname) == 0) {
789 wpa_printf(MSG_DEBUG, "nl80211: Interface %s does not exist - ignore RTM_NEWLINK",
790 drv->first_bss->ifname);
791 return;
792 }
793 if (!drv->if_removed)
794 return;
795 wpa_printf(MSG_DEBUG, "nl80211: Mark if_removed=0 for %s based on RTM_NEWLINK event",
796 drv->first_bss->ifname);
797 drv->if_removed = 0;
798 }
799
800 os_memset(&event, 0, sizeof(event));
801 os_strlcpy(event.interface_status.ifname, ifname,
802 sizeof(event.interface_status.ifname));
803 event.interface_status.ievent = EVENT_INTERFACE_ADDED;
804 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_STATUS, &event);
805 }
806
807
wpa_driver_nl80211_event_dellink(struct wpa_driver_nl80211_data * drv,const char * ifname)808 static void wpa_driver_nl80211_event_dellink(
809 struct wpa_driver_nl80211_data *drv, const char *ifname)
810 {
811 union wpa_event_data event;
812
813 if (os_strcmp(drv->first_bss->ifname, ifname) == 0) {
814 if (drv->if_removed) {
815 wpa_printf(MSG_DEBUG, "nl80211: if_removed already set - ignore RTM_DELLINK event for %s",
816 ifname);
817 return;
818 }
819 wpa_printf(MSG_DEBUG, "RTM_DELLINK: Interface '%s' removed - mark if_removed=1",
820 ifname);
821 drv->if_removed = 1;
822 } else {
823 wpa_printf(MSG_DEBUG, "RTM_DELLINK: Interface '%s' removed",
824 ifname);
825 }
826
827 os_memset(&event, 0, sizeof(event));
828 os_strlcpy(event.interface_status.ifname, ifname,
829 sizeof(event.interface_status.ifname));
830 event.interface_status.ievent = EVENT_INTERFACE_REMOVED;
831 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_STATUS, &event);
832 }
833
834
wpa_driver_nl80211_own_ifname(struct wpa_driver_nl80211_data * drv,u8 * buf,size_t len)835 static int wpa_driver_nl80211_own_ifname(struct wpa_driver_nl80211_data *drv,
836 u8 *buf, size_t len)
837 {
838 int attrlen, rta_len;
839 struct rtattr *attr;
840
841 attrlen = len;
842 attr = (struct rtattr *) buf;
843
844 rta_len = RTA_ALIGN(sizeof(struct rtattr));
845 while (RTA_OK(attr, attrlen)) {
846 if (attr->rta_type == IFLA_IFNAME) {
847 if (os_strcmp(((char *) attr) + rta_len,
848 drv->first_bss->ifname) == 0)
849 return 1;
850 else
851 break;
852 }
853 attr = RTA_NEXT(attr, attrlen);
854 }
855
856 return 0;
857 }
858
859
wpa_driver_nl80211_own_ifindex(struct wpa_driver_nl80211_data * drv,int ifindex,u8 * buf,size_t len)860 static int wpa_driver_nl80211_own_ifindex(struct wpa_driver_nl80211_data *drv,
861 int ifindex, u8 *buf, size_t len)
862 {
863 if (drv->ifindex == ifindex)
864 return 1;
865
866 if (drv->if_removed && wpa_driver_nl80211_own_ifname(drv, buf, len)) {
867 nl80211_check_global(drv->global);
868 wpa_printf(MSG_DEBUG, "nl80211: Update ifindex for a removed "
869 "interface");
870 wpa_driver_nl80211_finish_drv_init(drv, NULL, 0, NULL);
871 return 1;
872 }
873
874 return 0;
875 }
876
877
878 static struct wpa_driver_nl80211_data *
nl80211_find_drv(struct nl80211_global * global,int idx,u8 * buf,size_t len)879 nl80211_find_drv(struct nl80211_global *global, int idx, u8 *buf, size_t len)
880 {
881 struct wpa_driver_nl80211_data *drv;
882 dl_list_for_each(drv, &global->interfaces,
883 struct wpa_driver_nl80211_data, list) {
884 if (wpa_driver_nl80211_own_ifindex(drv, idx, buf, len) ||
885 have_ifidx(drv, idx))
886 return drv;
887 }
888 return NULL;
889 }
890
891
wpa_driver_nl80211_event_rtm_newlink(void * ctx,struct ifinfomsg * ifi,u8 * buf,size_t len)892 static void wpa_driver_nl80211_event_rtm_newlink(void *ctx,
893 struct ifinfomsg *ifi,
894 u8 *buf, size_t len)
895 {
896 struct nl80211_global *global = ctx;
897 struct wpa_driver_nl80211_data *drv;
898 int attrlen;
899 struct rtattr *attr;
900 u32 brid = 0;
901 char namebuf[IFNAMSIZ];
902 char ifname[IFNAMSIZ + 1];
903 char extra[100], *pos, *end;
904
905 drv = nl80211_find_drv(global, ifi->ifi_index, buf, len);
906 if (!drv) {
907 wpa_printf(MSG_DEBUG, "nl80211: Ignore RTM_NEWLINK event for foreign ifindex %d",
908 ifi->ifi_index);
909 return;
910 }
911
912 extra[0] = '\0';
913 pos = extra;
914 end = pos + sizeof(extra);
915 ifname[0] = '\0';
916
917 attrlen = len;
918 attr = (struct rtattr *) buf;
919 while (RTA_OK(attr, attrlen)) {
920 switch (attr->rta_type) {
921 case IFLA_IFNAME:
922 if (RTA_PAYLOAD(attr) >= IFNAMSIZ)
923 break;
924 os_memcpy(ifname, RTA_DATA(attr), RTA_PAYLOAD(attr));
925 ifname[RTA_PAYLOAD(attr)] = '\0';
926 break;
927 case IFLA_MASTER:
928 brid = nla_get_u32((struct nlattr *) attr);
929 pos += os_snprintf(pos, end - pos, " master=%u", brid);
930 break;
931 case IFLA_WIRELESS:
932 pos += os_snprintf(pos, end - pos, " wext");
933 break;
934 case IFLA_OPERSTATE:
935 pos += os_snprintf(pos, end - pos, " operstate=%u",
936 nla_get_u32((struct nlattr *) attr));
937 break;
938 case IFLA_LINKMODE:
939 pos += os_snprintf(pos, end - pos, " linkmode=%u",
940 nla_get_u32((struct nlattr *) attr));
941 break;
942 }
943 attr = RTA_NEXT(attr, attrlen);
944 }
945 extra[sizeof(extra) - 1] = '\0';
946
947 wpa_printf(MSG_DEBUG, "RTM_NEWLINK: ifi_index=%d ifname=%s%s ifi_family=%d ifi_flags=0x%x (%s%s%s%s)",
948 ifi->ifi_index, ifname, extra, ifi->ifi_family,
949 ifi->ifi_flags,
950 (ifi->ifi_flags & IFF_UP) ? "[UP]" : "",
951 (ifi->ifi_flags & IFF_RUNNING) ? "[RUNNING]" : "",
952 (ifi->ifi_flags & IFF_LOWER_UP) ? "[LOWER_UP]" : "",
953 (ifi->ifi_flags & IFF_DORMANT) ? "[DORMANT]" : "");
954
955 if (!drv->if_disabled && !(ifi->ifi_flags & IFF_UP)) {
956 namebuf[0] = '\0';
957 if (if_indextoname(ifi->ifi_index, namebuf) &&
958 linux_iface_up(drv->global->ioctl_sock, namebuf) > 0) {
959 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface down "
960 "event since interface %s is up", namebuf);
961 drv->ignore_if_down_event = 0;
962 return;
963 }
964 wpa_printf(MSG_DEBUG, "nl80211: Interface down (%s/%s)",
965 namebuf, ifname);
966 if (os_strcmp(drv->first_bss->ifname, ifname) != 0) {
967 wpa_printf(MSG_DEBUG,
968 "nl80211: Not the main interface (%s) - do not indicate interface down",
969 drv->first_bss->ifname);
970 } else if (drv->ignore_if_down_event) {
971 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface down "
972 "event generated by mode change");
973 drv->ignore_if_down_event = 0;
974 } else {
975 drv->if_disabled = 1;
976 wpa_supplicant_event(drv->ctx,
977 EVENT_INTERFACE_DISABLED, NULL);
978
979 /*
980 * Try to get drv again, since it may be removed as
981 * part of the EVENT_INTERFACE_DISABLED handling for
982 * dynamic interfaces
983 */
984 drv = nl80211_find_drv(global, ifi->ifi_index,
985 buf, len);
986 if (!drv)
987 return;
988 }
989 }
990
991 if (drv->if_disabled && (ifi->ifi_flags & IFF_UP)) {
992 if (if_indextoname(ifi->ifi_index, namebuf) &&
993 linux_iface_up(drv->global->ioctl_sock, namebuf) == 0) {
994 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface up "
995 "event since interface %s is down",
996 namebuf);
997 } else if (if_nametoindex(drv->first_bss->ifname) == 0) {
998 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface up "
999 "event since interface %s does not exist",
1000 drv->first_bss->ifname);
1001 } else if (drv->if_removed) {
1002 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface up "
1003 "event since interface %s is marked "
1004 "removed", drv->first_bss->ifname);
1005 } else {
1006 struct i802_bss *bss;
1007 u8 addr[ETH_ALEN];
1008
1009 /* Re-read MAC address as it may have changed */
1010 bss = get_bss_ifindex(drv, ifi->ifi_index);
1011 if (bss &&
1012 linux_get_ifhwaddr(drv->global->ioctl_sock,
1013 bss->ifname, addr) < 0) {
1014 wpa_printf(MSG_DEBUG,
1015 "nl80211: %s: failed to re-read MAC address",
1016 bss->ifname);
1017 } else if (bss &&
1018 os_memcmp(addr, bss->addr, ETH_ALEN) != 0) {
1019 wpa_printf(MSG_DEBUG,
1020 "nl80211: Own MAC address on ifindex %d (%s) changed from "
1021 MACSTR " to " MACSTR,
1022 ifi->ifi_index, bss->ifname,
1023 MAC2STR(bss->addr),
1024 MAC2STR(addr));
1025 os_memcpy(bss->addr, addr, ETH_ALEN);
1026 }
1027
1028 wpa_printf(MSG_DEBUG, "nl80211: Interface up");
1029 drv->if_disabled = 0;
1030 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_ENABLED,
1031 NULL);
1032 }
1033 }
1034
1035 /*
1036 * Some drivers send the association event before the operup event--in
1037 * this case, lifting operstate in wpa_driver_nl80211_set_operstate()
1038 * fails. This will hit us when wpa_supplicant does not need to do
1039 * IEEE 802.1X authentication
1040 */
1041 if (drv->operstate == 1 &&
1042 (ifi->ifi_flags & (IFF_LOWER_UP | IFF_DORMANT)) == IFF_LOWER_UP &&
1043 !(ifi->ifi_flags & IFF_RUNNING)) {
1044 wpa_printf(MSG_DEBUG, "nl80211: Set IF_OPER_UP again based on ifi_flags and expected operstate");
1045 netlink_send_oper_ifla(drv->global->netlink, drv->ifindex,
1046 -1, IF_OPER_UP);
1047 }
1048
1049 if (ifname[0])
1050 wpa_driver_nl80211_event_newlink(drv, ifname);
1051
1052 if (ifi->ifi_family == AF_BRIDGE && brid) {
1053 struct i802_bss *bss;
1054
1055 /* device has been added to bridge */
1056 if (!if_indextoname(brid, namebuf)) {
1057 wpa_printf(MSG_DEBUG,
1058 "nl80211: Could not find bridge ifname for ifindex %u",
1059 brid);
1060 return;
1061 }
1062 wpa_printf(MSG_DEBUG, "nl80211: Add ifindex %u for bridge %s",
1063 brid, namebuf);
1064 add_ifidx(drv, brid);
1065
1066 for (bss = drv->first_bss; bss; bss = bss->next) {
1067 if (os_strcmp(ifname, bss->ifname) == 0) {
1068 os_strlcpy(bss->brname, namebuf, IFNAMSIZ);
1069 break;
1070 }
1071 }
1072 }
1073 }
1074
1075
wpa_driver_nl80211_event_rtm_dellink(void * ctx,struct ifinfomsg * ifi,u8 * buf,size_t len)1076 static void wpa_driver_nl80211_event_rtm_dellink(void *ctx,
1077 struct ifinfomsg *ifi,
1078 u8 *buf, size_t len)
1079 {
1080 struct nl80211_global *global = ctx;
1081 struct wpa_driver_nl80211_data *drv;
1082 int attrlen;
1083 struct rtattr *attr;
1084 u32 brid = 0;
1085 char ifname[IFNAMSIZ + 1];
1086 char extra[100], *pos, *end;
1087
1088 drv = nl80211_find_drv(global, ifi->ifi_index, buf, len);
1089 if (!drv) {
1090 wpa_printf(MSG_DEBUG, "nl80211: Ignore RTM_DELLINK event for foreign ifindex %d",
1091 ifi->ifi_index);
1092 return;
1093 }
1094
1095 extra[0] = '\0';
1096 pos = extra;
1097 end = pos + sizeof(extra);
1098 ifname[0] = '\0';
1099
1100 attrlen = len;
1101 attr = (struct rtattr *) buf;
1102 while (RTA_OK(attr, attrlen)) {
1103 switch (attr->rta_type) {
1104 case IFLA_IFNAME:
1105 if (RTA_PAYLOAD(attr) >= IFNAMSIZ)
1106 break;
1107 os_memcpy(ifname, RTA_DATA(attr), RTA_PAYLOAD(attr));
1108 ifname[RTA_PAYLOAD(attr)] = '\0';
1109 break;
1110 case IFLA_MASTER:
1111 brid = nla_get_u32((struct nlattr *) attr);
1112 pos += os_snprintf(pos, end - pos, " master=%u", brid);
1113 break;
1114 case IFLA_OPERSTATE:
1115 pos += os_snprintf(pos, end - pos, " operstate=%u",
1116 nla_get_u32((struct nlattr *) attr));
1117 break;
1118 case IFLA_LINKMODE:
1119 pos += os_snprintf(pos, end - pos, " linkmode=%u",
1120 nla_get_u32((struct nlattr *) attr));
1121 break;
1122 }
1123 attr = RTA_NEXT(attr, attrlen);
1124 }
1125 extra[sizeof(extra) - 1] = '\0';
1126
1127 wpa_printf(MSG_DEBUG, "RTM_DELLINK: ifi_index=%d ifname=%s%s ifi_family=%d ifi_flags=0x%x (%s%s%s%s)",
1128 ifi->ifi_index, ifname, extra, ifi->ifi_family,
1129 ifi->ifi_flags,
1130 (ifi->ifi_flags & IFF_UP) ? "[UP]" : "",
1131 (ifi->ifi_flags & IFF_RUNNING) ? "[RUNNING]" : "",
1132 (ifi->ifi_flags & IFF_LOWER_UP) ? "[LOWER_UP]" : "",
1133 (ifi->ifi_flags & IFF_DORMANT) ? "[DORMANT]" : "");
1134
1135 if (ifname[0] && (ifi->ifi_family != AF_BRIDGE || !brid))
1136 wpa_driver_nl80211_event_dellink(drv, ifname);
1137
1138 if (ifi->ifi_family == AF_BRIDGE && brid) {
1139 /* device has been removed from bridge */
1140 char namebuf[IFNAMSIZ];
1141
1142 if (!if_indextoname(brid, namebuf)) {
1143 wpa_printf(MSG_DEBUG,
1144 "nl80211: Could not find bridge ifname for ifindex %u",
1145 brid);
1146 } else {
1147 wpa_printf(MSG_DEBUG,
1148 "nl80211: Remove ifindex %u for bridge %s",
1149 brid, namebuf);
1150 }
1151 del_ifidx(drv, brid);
1152 }
1153 }
1154
1155
nl80211_get_assoc_freq(struct wpa_driver_nl80211_data * drv)1156 unsigned int nl80211_get_assoc_freq(struct wpa_driver_nl80211_data *drv)
1157 {
1158 struct nl_msg *msg;
1159 int ret;
1160 struct nl80211_bss_info_arg arg;
1161
1162 msg = nl80211_drv_msg(drv, NLM_F_DUMP, NL80211_CMD_GET_SCAN);
1163 os_memset(&arg, 0, sizeof(arg));
1164 arg.drv = drv;
1165 ret = send_and_recv_msgs(drv, msg, bss_info_handler, &arg);
1166 if (ret == 0) {
1167 unsigned int freq = drv->nlmode == NL80211_IFTYPE_ADHOC ?
1168 arg.ibss_freq : arg.assoc_freq;
1169 wpa_printf(MSG_DEBUG, "nl80211: Operating frequency for the "
1170 "associated BSS from scan results: %u MHz", freq);
1171 if (freq)
1172 drv->assoc_freq = freq;
1173 return drv->assoc_freq;
1174 }
1175 wpa_printf(MSG_DEBUG, "nl80211: Scan result fetch failed: ret=%d "
1176 "(%s)", ret, strerror(-ret));
1177 return drv->assoc_freq;
1178 }
1179
1180
get_link_signal(struct nl_msg * msg,void * arg)1181 static int get_link_signal(struct nl_msg *msg, void *arg)
1182 {
1183 struct nlattr *tb[NL80211_ATTR_MAX + 1];
1184 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
1185 struct nlattr *sinfo[NL80211_STA_INFO_MAX + 1];
1186 static struct nla_policy policy[NL80211_STA_INFO_MAX + 1] = {
1187 [NL80211_STA_INFO_SIGNAL] = { .type = NLA_U8 },
1188 [NL80211_STA_INFO_SIGNAL_AVG] = { .type = NLA_U8 },
1189 [NL80211_STA_INFO_BEACON_SIGNAL_AVG] = { .type = NLA_U8 },
1190 };
1191 struct nlattr *rinfo[NL80211_RATE_INFO_MAX + 1];
1192 static struct nla_policy rate_policy[NL80211_RATE_INFO_MAX + 1] = {
1193 [NL80211_RATE_INFO_BITRATE] = { .type = NLA_U16 },
1194 [NL80211_RATE_INFO_MCS] = { .type = NLA_U8 },
1195 [NL80211_RATE_INFO_40_MHZ_WIDTH] = { .type = NLA_FLAG },
1196 [NL80211_RATE_INFO_SHORT_GI] = { .type = NLA_FLAG },
1197 };
1198 struct wpa_signal_info *sig_change = arg;
1199
1200 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
1201 genlmsg_attrlen(gnlh, 0), NULL);
1202 if (!tb[NL80211_ATTR_STA_INFO] ||
1203 nla_parse_nested(sinfo, NL80211_STA_INFO_MAX,
1204 tb[NL80211_ATTR_STA_INFO], policy))
1205 return NL_SKIP;
1206 if (!sinfo[NL80211_STA_INFO_SIGNAL])
1207 return NL_SKIP;
1208
1209 sig_change->current_signal =
1210 (s8) nla_get_u8(sinfo[NL80211_STA_INFO_SIGNAL]);
1211
1212 if (sinfo[NL80211_STA_INFO_SIGNAL_AVG])
1213 sig_change->avg_signal =
1214 (s8) nla_get_u8(sinfo[NL80211_STA_INFO_SIGNAL_AVG]);
1215 else
1216 sig_change->avg_signal = 0;
1217
1218 if (sinfo[NL80211_STA_INFO_BEACON_SIGNAL_AVG])
1219 sig_change->avg_beacon_signal =
1220 (s8)
1221 nla_get_u8(sinfo[NL80211_STA_INFO_BEACON_SIGNAL_AVG]);
1222 else
1223 sig_change->avg_beacon_signal = 0;
1224
1225 if (sinfo[NL80211_STA_INFO_TX_BITRATE]) {
1226 if (nla_parse_nested(rinfo, NL80211_RATE_INFO_MAX,
1227 sinfo[NL80211_STA_INFO_TX_BITRATE],
1228 rate_policy)) {
1229 sig_change->current_txrate = 0;
1230 } else {
1231 if (rinfo[NL80211_RATE_INFO_BITRATE]) {
1232 sig_change->current_txrate =
1233 nla_get_u16(rinfo[
1234 NL80211_RATE_INFO_BITRATE]) * 100;
1235 }
1236 }
1237 }
1238
1239 return NL_SKIP;
1240 }
1241
1242
nl80211_get_link_signal(struct wpa_driver_nl80211_data * drv,struct wpa_signal_info * sig)1243 int nl80211_get_link_signal(struct wpa_driver_nl80211_data *drv,
1244 struct wpa_signal_info *sig)
1245 {
1246 struct nl_msg *msg;
1247
1248 sig->current_signal = -9999;
1249 sig->current_txrate = 0;
1250
1251 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_GET_STATION)) ||
1252 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, drv->bssid)) {
1253 nlmsg_free(msg);
1254 return -ENOBUFS;
1255 }
1256
1257 return send_and_recv_msgs(drv, msg, get_link_signal, sig);
1258 }
1259
1260
get_link_noise(struct nl_msg * msg,void * arg)1261 static int get_link_noise(struct nl_msg *msg, void *arg)
1262 {
1263 struct nlattr *tb[NL80211_ATTR_MAX + 1];
1264 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
1265 struct nlattr *sinfo[NL80211_SURVEY_INFO_MAX + 1];
1266 static struct nla_policy survey_policy[NL80211_SURVEY_INFO_MAX + 1] = {
1267 [NL80211_SURVEY_INFO_FREQUENCY] = { .type = NLA_U32 },
1268 [NL80211_SURVEY_INFO_NOISE] = { .type = NLA_U8 },
1269 };
1270 struct wpa_signal_info *sig_change = arg;
1271
1272 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
1273 genlmsg_attrlen(gnlh, 0), NULL);
1274
1275 if (!tb[NL80211_ATTR_SURVEY_INFO]) {
1276 wpa_printf(MSG_DEBUG, "nl80211: survey data missing!");
1277 return NL_SKIP;
1278 }
1279
1280 if (nla_parse_nested(sinfo, NL80211_SURVEY_INFO_MAX,
1281 tb[NL80211_ATTR_SURVEY_INFO],
1282 survey_policy)) {
1283 wpa_printf(MSG_DEBUG, "nl80211: failed to parse nested "
1284 "attributes!");
1285 return NL_SKIP;
1286 }
1287
1288 if (!sinfo[NL80211_SURVEY_INFO_FREQUENCY])
1289 return NL_SKIP;
1290
1291 if (nla_get_u32(sinfo[NL80211_SURVEY_INFO_FREQUENCY]) !=
1292 sig_change->frequency)
1293 return NL_SKIP;
1294
1295 if (!sinfo[NL80211_SURVEY_INFO_NOISE])
1296 return NL_SKIP;
1297
1298 sig_change->current_noise =
1299 (s8) nla_get_u8(sinfo[NL80211_SURVEY_INFO_NOISE]);
1300
1301 return NL_SKIP;
1302 }
1303
1304
nl80211_get_link_noise(struct wpa_driver_nl80211_data * drv,struct wpa_signal_info * sig_change)1305 int nl80211_get_link_noise(struct wpa_driver_nl80211_data *drv,
1306 struct wpa_signal_info *sig_change)
1307 {
1308 struct nl_msg *msg;
1309
1310 sig_change->current_noise = 9999;
1311 sig_change->frequency = drv->assoc_freq;
1312
1313 msg = nl80211_drv_msg(drv, NLM_F_DUMP, NL80211_CMD_GET_SURVEY);
1314 return send_and_recv_msgs(drv, msg, get_link_noise, sig_change);
1315 }
1316
1317
wpa_driver_nl80211_event_receive(int sock,void * eloop_ctx,void * handle)1318 static void wpa_driver_nl80211_event_receive(int sock, void *eloop_ctx,
1319 void *handle)
1320 {
1321 struct nl_cb *cb = eloop_ctx;
1322 int res;
1323
1324 wpa_printf(MSG_MSGDUMP, "nl80211: Event message available");
1325
1326 res = nl_recvmsgs(handle, cb);
1327 if (res < 0) {
1328 wpa_printf(MSG_INFO, "nl80211: %s->nl_recvmsgs failed: %d",
1329 __func__, res);
1330 }
1331 }
1332
1333
1334 /**
1335 * wpa_driver_nl80211_set_country - ask nl80211 to set the regulatory domain
1336 * @priv: driver_nl80211 private data
1337 * @alpha2_arg: country to which to switch to
1338 * Returns: 0 on success, -1 on failure
1339 *
1340 * This asks nl80211 to set the regulatory domain for given
1341 * country ISO / IEC alpha2.
1342 */
wpa_driver_nl80211_set_country(void * priv,const char * alpha2_arg)1343 static int wpa_driver_nl80211_set_country(void *priv, const char *alpha2_arg)
1344 {
1345 struct i802_bss *bss = priv;
1346 struct wpa_driver_nl80211_data *drv = bss->drv;
1347 char alpha2[3];
1348 struct nl_msg *msg;
1349
1350 msg = nlmsg_alloc();
1351 if (!msg)
1352 return -ENOMEM;
1353
1354 alpha2[0] = alpha2_arg[0];
1355 alpha2[1] = alpha2_arg[1];
1356 alpha2[2] = '\0';
1357
1358 if (!nl80211_cmd(drv, msg, 0, NL80211_CMD_REQ_SET_REG) ||
1359 nla_put_string(msg, NL80211_ATTR_REG_ALPHA2, alpha2)) {
1360 nlmsg_free(msg);
1361 return -EINVAL;
1362 }
1363 if (send_and_recv_msgs(drv, msg, NULL, NULL))
1364 return -EINVAL;
1365 return 0;
1366 }
1367
1368
nl80211_get_country(struct nl_msg * msg,void * arg)1369 static int nl80211_get_country(struct nl_msg *msg, void *arg)
1370 {
1371 char *alpha2 = arg;
1372 struct nlattr *tb_msg[NL80211_ATTR_MAX + 1];
1373 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
1374
1375 nla_parse(tb_msg, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
1376 genlmsg_attrlen(gnlh, 0), NULL);
1377 if (!tb_msg[NL80211_ATTR_REG_ALPHA2]) {
1378 wpa_printf(MSG_DEBUG, "nl80211: No country information available");
1379 return NL_SKIP;
1380 }
1381 os_strlcpy(alpha2, nla_data(tb_msg[NL80211_ATTR_REG_ALPHA2]), 3);
1382 return NL_SKIP;
1383 }
1384
1385
wpa_driver_nl80211_get_country(void * priv,char * alpha2)1386 static int wpa_driver_nl80211_get_country(void *priv, char *alpha2)
1387 {
1388 struct i802_bss *bss = priv;
1389 struct wpa_driver_nl80211_data *drv = bss->drv;
1390 struct nl_msg *msg;
1391 int ret;
1392
1393 msg = nlmsg_alloc();
1394 if (!msg)
1395 return -ENOMEM;
1396
1397 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_REG);
1398 alpha2[0] = '\0';
1399 ret = send_and_recv_msgs(drv, msg, nl80211_get_country, alpha2);
1400 if (!alpha2[0])
1401 ret = -1;
1402
1403 return ret;
1404 }
1405
1406
wpa_driver_nl80211_init_nl_global(struct nl80211_global * global)1407 static int wpa_driver_nl80211_init_nl_global(struct nl80211_global *global)
1408 {
1409 int ret;
1410
1411 global->nl_cb = nl_cb_alloc(NL_CB_DEFAULT);
1412 if (global->nl_cb == NULL) {
1413 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate netlink "
1414 "callbacks");
1415 return -1;
1416 }
1417
1418 global->nl = nl_create_handle(global->nl_cb, "nl");
1419 if (global->nl == NULL)
1420 goto err;
1421
1422 global->nl80211_id = genl_ctrl_resolve(global->nl, "nl80211");
1423 if (global->nl80211_id < 0) {
1424 wpa_printf(MSG_ERROR, "nl80211: 'nl80211' generic netlink not "
1425 "found");
1426 goto err;
1427 }
1428
1429 global->nl_event = nl_create_handle(global->nl_cb, "event");
1430 if (global->nl_event == NULL)
1431 goto err;
1432
1433 ret = nl_get_multicast_id(global, "nl80211", "scan");
1434 if (ret >= 0)
1435 ret = nl_socket_add_membership(global->nl_event, ret);
1436 if (ret < 0) {
1437 wpa_printf(MSG_ERROR, "nl80211: Could not add multicast "
1438 "membership for scan events: %d (%s)",
1439 ret, strerror(-ret));
1440 goto err;
1441 }
1442
1443 ret = nl_get_multicast_id(global, "nl80211", "mlme");
1444 if (ret >= 0)
1445 ret = nl_socket_add_membership(global->nl_event, ret);
1446 if (ret < 0) {
1447 wpa_printf(MSG_ERROR, "nl80211: Could not add multicast "
1448 "membership for mlme events: %d (%s)",
1449 ret, strerror(-ret));
1450 goto err;
1451 }
1452
1453 ret = nl_get_multicast_id(global, "nl80211", "regulatory");
1454 if (ret >= 0)
1455 ret = nl_socket_add_membership(global->nl_event, ret);
1456 if (ret < 0) {
1457 wpa_printf(MSG_DEBUG, "nl80211: Could not add multicast "
1458 "membership for regulatory events: %d (%s)",
1459 ret, strerror(-ret));
1460 /* Continue without regulatory events */
1461 }
1462
1463 ret = nl_get_multicast_id(global, "nl80211", "vendor");
1464 if (ret >= 0)
1465 ret = nl_socket_add_membership(global->nl_event, ret);
1466 if (ret < 0) {
1467 wpa_printf(MSG_DEBUG, "nl80211: Could not add multicast "
1468 "membership for vendor events: %d (%s)",
1469 ret, strerror(-ret));
1470 /* Continue without vendor events */
1471 }
1472
1473 nl_cb_set(global->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM,
1474 no_seq_check, NULL);
1475 nl_cb_set(global->nl_cb, NL_CB_VALID, NL_CB_CUSTOM,
1476 process_global_event, global);
1477
1478 nl80211_register_eloop_read(&global->nl_event,
1479 wpa_driver_nl80211_event_receive,
1480 global->nl_cb);
1481
1482 return 0;
1483
1484 err:
1485 nl_destroy_handles(&global->nl_event);
1486 nl_destroy_handles(&global->nl);
1487 nl_cb_put(global->nl_cb);
1488 global->nl_cb = NULL;
1489 return -1;
1490 }
1491
1492
nl80211_check_global(struct nl80211_global * global)1493 static void nl80211_check_global(struct nl80211_global *global)
1494 {
1495 struct nl_handle *handle;
1496 const char *groups[] = { "scan", "mlme", "regulatory", "vendor", NULL };
1497 int ret;
1498 unsigned int i;
1499
1500 /*
1501 * Try to re-add memberships to handle case of cfg80211 getting reloaded
1502 * and all registration having been cleared.
1503 */
1504 handle = (void *) (((intptr_t) global->nl_event) ^
1505 ELOOP_SOCKET_INVALID);
1506
1507 for (i = 0; groups[i]; i++) {
1508 ret = nl_get_multicast_id(global, "nl80211", groups[i]);
1509 if (ret >= 0)
1510 ret = nl_socket_add_membership(handle, ret);
1511 if (ret < 0) {
1512 wpa_printf(MSG_INFO,
1513 "nl80211: Could not re-add multicast membership for %s events: %d (%s)",
1514 groups[i], ret, strerror(-ret));
1515 }
1516 }
1517 }
1518
1519
wpa_driver_nl80211_rfkill_blocked(void * ctx)1520 static void wpa_driver_nl80211_rfkill_blocked(void *ctx)
1521 {
1522 wpa_printf(MSG_DEBUG, "nl80211: RFKILL blocked");
1523 /*
1524 * This may be for any interface; use ifdown event to disable
1525 * interface.
1526 */
1527 }
1528
1529
wpa_driver_nl80211_rfkill_unblocked(void * ctx)1530 static void wpa_driver_nl80211_rfkill_unblocked(void *ctx)
1531 {
1532 struct wpa_driver_nl80211_data *drv = ctx;
1533 wpa_printf(MSG_DEBUG, "nl80211: RFKILL unblocked");
1534 if (i802_set_iface_flags(drv->first_bss, 1)) {
1535 wpa_printf(MSG_DEBUG, "nl80211: Could not set interface UP "
1536 "after rfkill unblock");
1537 return;
1538 }
1539 /* rtnetlink ifup handler will report interface as enabled */
1540 }
1541
1542
wpa_driver_nl80211_handle_eapol_tx_status(int sock,void * eloop_ctx,void * handle)1543 static void wpa_driver_nl80211_handle_eapol_tx_status(int sock,
1544 void *eloop_ctx,
1545 void *handle)
1546 {
1547 struct wpa_driver_nl80211_data *drv = eloop_ctx;
1548 u8 data[2048];
1549 struct msghdr msg;
1550 struct iovec entry;
1551 u8 control[512];
1552 struct cmsghdr *cmsg;
1553 int res, found_ee = 0, found_wifi = 0, acked = 0;
1554 union wpa_event_data event;
1555
1556 memset(&msg, 0, sizeof(msg));
1557 msg.msg_iov = &entry;
1558 msg.msg_iovlen = 1;
1559 entry.iov_base = data;
1560 entry.iov_len = sizeof(data);
1561 msg.msg_control = &control;
1562 msg.msg_controllen = sizeof(control);
1563
1564 res = recvmsg(sock, &msg, MSG_ERRQUEUE);
1565 /* if error or not fitting 802.3 header, return */
1566 if (res < 14)
1567 return;
1568
1569 for (cmsg = CMSG_FIRSTHDR(&msg); cmsg; cmsg = CMSG_NXTHDR(&msg, cmsg))
1570 {
1571 if (cmsg->cmsg_level == SOL_SOCKET &&
1572 cmsg->cmsg_type == SCM_WIFI_STATUS) {
1573 int *ack;
1574
1575 found_wifi = 1;
1576 ack = (void *)CMSG_DATA(cmsg);
1577 acked = *ack;
1578 }
1579
1580 if (cmsg->cmsg_level == SOL_PACKET &&
1581 cmsg->cmsg_type == PACKET_TX_TIMESTAMP) {
1582 struct sock_extended_err *err =
1583 (struct sock_extended_err *)CMSG_DATA(cmsg);
1584
1585 if (err->ee_origin == SO_EE_ORIGIN_TXSTATUS)
1586 found_ee = 1;
1587 }
1588 }
1589
1590 if (!found_ee || !found_wifi)
1591 return;
1592
1593 memset(&event, 0, sizeof(event));
1594 event.eapol_tx_status.dst = data;
1595 event.eapol_tx_status.data = data + 14;
1596 event.eapol_tx_status.data_len = res - 14;
1597 event.eapol_tx_status.ack = acked;
1598 wpa_supplicant_event(drv->ctx, EVENT_EAPOL_TX_STATUS, &event);
1599 }
1600
1601
nl80211_init_bss(struct i802_bss * bss)1602 static int nl80211_init_bss(struct i802_bss *bss)
1603 {
1604 bss->nl_cb = nl_cb_alloc(NL_CB_DEFAULT);
1605 if (!bss->nl_cb)
1606 return -1;
1607
1608 nl_cb_set(bss->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM,
1609 no_seq_check, NULL);
1610 nl_cb_set(bss->nl_cb, NL_CB_VALID, NL_CB_CUSTOM,
1611 process_bss_event, bss);
1612
1613 return 0;
1614 }
1615
1616
nl80211_destroy_bss(struct i802_bss * bss)1617 static void nl80211_destroy_bss(struct i802_bss *bss)
1618 {
1619 nl_cb_put(bss->nl_cb);
1620 bss->nl_cb = NULL;
1621 }
1622
1623
wpa_driver_nl80211_drv_init(void * ctx,const char * ifname,void * global_priv,int hostapd,const u8 * set_addr,const char * driver_params)1624 static void * wpa_driver_nl80211_drv_init(void *ctx, const char *ifname,
1625 void *global_priv, int hostapd,
1626 const u8 *set_addr,
1627 const char *driver_params)
1628 {
1629 struct wpa_driver_nl80211_data *drv;
1630 struct rfkill_config *rcfg;
1631 struct i802_bss *bss;
1632
1633 if (global_priv == NULL)
1634 return NULL;
1635 drv = os_zalloc(sizeof(*drv));
1636 if (drv == NULL)
1637 return NULL;
1638 drv->global = global_priv;
1639 drv->ctx = ctx;
1640 drv->hostapd = !!hostapd;
1641 drv->eapol_sock = -1;
1642
1643 /*
1644 * There is no driver capability flag for this, so assume it is
1645 * supported and disable this on first attempt to use if the driver
1646 * rejects the command due to missing support.
1647 */
1648 drv->set_rekey_offload = 1;
1649
1650 drv->num_if_indices = sizeof(drv->default_if_indices) / sizeof(int);
1651 drv->if_indices = drv->default_if_indices;
1652
1653 drv->first_bss = os_zalloc(sizeof(*drv->first_bss));
1654 if (!drv->first_bss) {
1655 os_free(drv);
1656 return NULL;
1657 }
1658 bss = drv->first_bss;
1659 bss->drv = drv;
1660 bss->ctx = ctx;
1661
1662 os_strlcpy(bss->ifname, ifname, sizeof(bss->ifname));
1663 drv->monitor_ifidx = -1;
1664 drv->monitor_sock = -1;
1665 drv->eapol_tx_sock = -1;
1666 drv->ap_scan_as_station = NL80211_IFTYPE_UNSPECIFIED;
1667
1668 if (nl80211_init_bss(bss))
1669 goto failed;
1670
1671 rcfg = os_zalloc(sizeof(*rcfg));
1672 if (rcfg == NULL)
1673 goto failed;
1674 rcfg->ctx = drv;
1675 os_strlcpy(rcfg->ifname, ifname, sizeof(rcfg->ifname));
1676 rcfg->blocked_cb = wpa_driver_nl80211_rfkill_blocked;
1677 rcfg->unblocked_cb = wpa_driver_nl80211_rfkill_unblocked;
1678 drv->rfkill = rfkill_init(rcfg);
1679 if (drv->rfkill == NULL) {
1680 wpa_printf(MSG_DEBUG, "nl80211: RFKILL status not available");
1681 os_free(rcfg);
1682 }
1683
1684 if (linux_iface_up(drv->global->ioctl_sock, ifname) > 0)
1685 drv->start_iface_up = 1;
1686
1687 if (wpa_driver_nl80211_finish_drv_init(drv, set_addr, 1, driver_params))
1688 goto failed;
1689
1690 drv->eapol_tx_sock = socket(PF_PACKET, SOCK_DGRAM, 0);
1691 if (drv->eapol_tx_sock < 0)
1692 goto failed;
1693
1694 if (drv->data_tx_status) {
1695 int enabled = 1;
1696
1697 if (setsockopt(drv->eapol_tx_sock, SOL_SOCKET, SO_WIFI_STATUS,
1698 &enabled, sizeof(enabled)) < 0) {
1699 wpa_printf(MSG_DEBUG,
1700 "nl80211: wifi status sockopt failed\n");
1701 drv->data_tx_status = 0;
1702 if (!drv->use_monitor)
1703 drv->capa.flags &=
1704 ~WPA_DRIVER_FLAGS_EAPOL_TX_STATUS;
1705 } else {
1706 eloop_register_read_sock(drv->eapol_tx_sock,
1707 wpa_driver_nl80211_handle_eapol_tx_status,
1708 drv, NULL);
1709 }
1710 }
1711
1712 if (drv->global) {
1713 nl80211_check_global(drv->global);
1714 dl_list_add(&drv->global->interfaces, &drv->list);
1715 drv->in_interface_list = 1;
1716 }
1717
1718 return bss;
1719
1720 failed:
1721 wpa_driver_nl80211_deinit(bss);
1722 return NULL;
1723 }
1724
1725
1726 /**
1727 * wpa_driver_nl80211_init - Initialize nl80211 driver interface
1728 * @ctx: context to be used when calling wpa_supplicant functions,
1729 * e.g., wpa_supplicant_event()
1730 * @ifname: interface name, e.g., wlan0
1731 * @global_priv: private driver global data from global_init()
1732 * Returns: Pointer to private data, %NULL on failure
1733 */
wpa_driver_nl80211_init(void * ctx,const char * ifname,void * global_priv)1734 static void * wpa_driver_nl80211_init(void *ctx, const char *ifname,
1735 void *global_priv)
1736 {
1737 return wpa_driver_nl80211_drv_init(ctx, ifname, global_priv, 0, NULL,
1738 NULL);
1739 }
1740
1741
nl80211_register_frame(struct i802_bss * bss,struct nl_handle * nl_handle,u16 type,const u8 * match,size_t match_len)1742 static int nl80211_register_frame(struct i802_bss *bss,
1743 struct nl_handle *nl_handle,
1744 u16 type, const u8 *match, size_t match_len)
1745 {
1746 struct wpa_driver_nl80211_data *drv = bss->drv;
1747 struct nl_msg *msg;
1748 int ret;
1749 char buf[30];
1750
1751 buf[0] = '\0';
1752 wpa_snprintf_hex(buf, sizeof(buf), match, match_len);
1753 wpa_printf(MSG_DEBUG, "nl80211: Register frame type=0x%x (%s) nl_handle=%p match=%s",
1754 type, fc2str(type), nl_handle, buf);
1755
1756 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_REGISTER_ACTION)) ||
1757 nla_put_u16(msg, NL80211_ATTR_FRAME_TYPE, type) ||
1758 nla_put(msg, NL80211_ATTR_FRAME_MATCH, match_len, match)) {
1759 nlmsg_free(msg);
1760 return -1;
1761 }
1762
1763 ret = send_and_recv(drv->global, nl_handle, msg, NULL, NULL);
1764 if (ret) {
1765 wpa_printf(MSG_DEBUG, "nl80211: Register frame command "
1766 "failed (type=%u): ret=%d (%s)",
1767 type, ret, strerror(-ret));
1768 wpa_hexdump(MSG_DEBUG, "nl80211: Register frame match",
1769 match, match_len);
1770 }
1771 return ret;
1772 }
1773
1774
nl80211_alloc_mgmt_handle(struct i802_bss * bss)1775 static int nl80211_alloc_mgmt_handle(struct i802_bss *bss)
1776 {
1777 if (bss->nl_mgmt) {
1778 wpa_printf(MSG_DEBUG, "nl80211: Mgmt reporting "
1779 "already on! (nl_mgmt=%p)", bss->nl_mgmt);
1780 return -1;
1781 }
1782
1783 bss->nl_mgmt = nl_create_handle(bss->nl_cb, "mgmt");
1784 if (bss->nl_mgmt == NULL)
1785 return -1;
1786
1787 return 0;
1788 }
1789
1790
nl80211_mgmt_handle_register_eloop(struct i802_bss * bss)1791 static void nl80211_mgmt_handle_register_eloop(struct i802_bss *bss)
1792 {
1793 nl80211_register_eloop_read(&bss->nl_mgmt,
1794 wpa_driver_nl80211_event_receive,
1795 bss->nl_cb);
1796 }
1797
1798
nl80211_register_action_frame(struct i802_bss * bss,const u8 * match,size_t match_len)1799 static int nl80211_register_action_frame(struct i802_bss *bss,
1800 const u8 *match, size_t match_len)
1801 {
1802 u16 type = (WLAN_FC_TYPE_MGMT << 2) | (WLAN_FC_STYPE_ACTION << 4);
1803 return nl80211_register_frame(bss, bss->nl_mgmt,
1804 type, match, match_len);
1805 }
1806
1807
nl80211_mgmt_subscribe_non_ap(struct i802_bss * bss)1808 static int nl80211_mgmt_subscribe_non_ap(struct i802_bss *bss)
1809 {
1810 struct wpa_driver_nl80211_data *drv = bss->drv;
1811 int ret = 0;
1812
1813 if (nl80211_alloc_mgmt_handle(bss))
1814 return -1;
1815 wpa_printf(MSG_DEBUG, "nl80211: Subscribe to mgmt frames with non-AP "
1816 "handle %p", bss->nl_mgmt);
1817
1818 if (drv->nlmode == NL80211_IFTYPE_ADHOC) {
1819 u16 type = (WLAN_FC_TYPE_MGMT << 2) | (WLAN_FC_STYPE_AUTH << 4);
1820
1821 /* register for any AUTH message */
1822 nl80211_register_frame(bss, bss->nl_mgmt, type, NULL, 0);
1823 }
1824
1825 #ifdef CONFIG_INTERWORKING
1826 /* QoS Map Configure */
1827 if (nl80211_register_action_frame(bss, (u8 *) "\x01\x04", 2) < 0)
1828 ret = -1;
1829 #endif /* CONFIG_INTERWORKING */
1830 #if defined(CONFIG_P2P) || defined(CONFIG_INTERWORKING)
1831 /* GAS Initial Request */
1832 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0a", 2) < 0)
1833 ret = -1;
1834 /* GAS Initial Response */
1835 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0b", 2) < 0)
1836 ret = -1;
1837 /* GAS Comeback Request */
1838 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0c", 2) < 0)
1839 ret = -1;
1840 /* GAS Comeback Response */
1841 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0d", 2) < 0)
1842 ret = -1;
1843 /* Protected GAS Initial Request */
1844 if (nl80211_register_action_frame(bss, (u8 *) "\x09\x0a", 2) < 0)
1845 ret = -1;
1846 /* Protected GAS Initial Response */
1847 if (nl80211_register_action_frame(bss, (u8 *) "\x09\x0b", 2) < 0)
1848 ret = -1;
1849 /* Protected GAS Comeback Request */
1850 if (nl80211_register_action_frame(bss, (u8 *) "\x09\x0c", 2) < 0)
1851 ret = -1;
1852 /* Protected GAS Comeback Response */
1853 if (nl80211_register_action_frame(bss, (u8 *) "\x09\x0d", 2) < 0)
1854 ret = -1;
1855 #endif /* CONFIG_P2P || CONFIG_INTERWORKING */
1856 #ifdef CONFIG_P2P
1857 /* P2P Public Action */
1858 if (nl80211_register_action_frame(bss,
1859 (u8 *) "\x04\x09\x50\x6f\x9a\x09",
1860 6) < 0)
1861 ret = -1;
1862 /* P2P Action */
1863 if (nl80211_register_action_frame(bss,
1864 (u8 *) "\x7f\x50\x6f\x9a\x09",
1865 5) < 0)
1866 ret = -1;
1867 #endif /* CONFIG_P2P */
1868 #ifdef CONFIG_IEEE80211W
1869 /* SA Query Response */
1870 if (nl80211_register_action_frame(bss, (u8 *) "\x08\x01", 2) < 0)
1871 ret = -1;
1872 #endif /* CONFIG_IEEE80211W */
1873 #ifdef CONFIG_TDLS
1874 if ((drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT)) {
1875 /* TDLS Discovery Response */
1876 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0e", 2) <
1877 0)
1878 ret = -1;
1879 }
1880 #endif /* CONFIG_TDLS */
1881
1882 /* FT Action frames */
1883 if (nl80211_register_action_frame(bss, (u8 *) "\x06", 1) < 0)
1884 ret = -1;
1885 else
1886 drv->capa.key_mgmt |= WPA_DRIVER_CAPA_KEY_MGMT_FT |
1887 WPA_DRIVER_CAPA_KEY_MGMT_FT_PSK;
1888
1889 /* WNM - BSS Transition Management Request */
1890 if (nl80211_register_action_frame(bss, (u8 *) "\x0a\x07", 2) < 0)
1891 ret = -1;
1892 /* WNM-Sleep Mode Response */
1893 if (nl80211_register_action_frame(bss, (u8 *) "\x0a\x11", 2) < 0)
1894 ret = -1;
1895
1896 #ifdef CONFIG_HS20
1897 /* WNM-Notification */
1898 if (nl80211_register_action_frame(bss, (u8 *) "\x0a\x1a", 2) < 0)
1899 ret = -1;
1900 #endif /* CONFIG_HS20 */
1901
1902 /* WMM-AC ADDTS Response */
1903 if (nl80211_register_action_frame(bss, (u8 *) "\x11\x01", 2) < 0)
1904 ret = -1;
1905
1906 /* WMM-AC DELTS */
1907 if (nl80211_register_action_frame(bss, (u8 *) "\x11\x02", 2) < 0)
1908 ret = -1;
1909
1910 /* Radio Measurement - Neighbor Report Response */
1911 if (nl80211_register_action_frame(bss, (u8 *) "\x05\x05", 2) < 0)
1912 ret = -1;
1913
1914 /* Radio Measurement - Link Measurement Request */
1915 if ((drv->capa.rrm_flags & WPA_DRIVER_FLAGS_TX_POWER_INSERTION) &&
1916 (nl80211_register_action_frame(bss, (u8 *) "\x05\x02", 2) < 0))
1917 ret = -1;
1918
1919 nl80211_mgmt_handle_register_eloop(bss);
1920
1921 return ret;
1922 }
1923
1924
nl80211_mgmt_subscribe_mesh(struct i802_bss * bss)1925 static int nl80211_mgmt_subscribe_mesh(struct i802_bss *bss)
1926 {
1927 int ret = 0;
1928
1929 if (nl80211_alloc_mgmt_handle(bss))
1930 return -1;
1931
1932 wpa_printf(MSG_DEBUG,
1933 "nl80211: Subscribe to mgmt frames with mesh handle %p",
1934 bss->nl_mgmt);
1935
1936 /* Auth frames for mesh SAE */
1937 if (nl80211_register_frame(bss, bss->nl_mgmt,
1938 (WLAN_FC_TYPE_MGMT << 2) |
1939 (WLAN_FC_STYPE_AUTH << 4),
1940 NULL, 0) < 0)
1941 ret = -1;
1942
1943 /* Mesh peering open */
1944 if (nl80211_register_action_frame(bss, (u8 *) "\x0f\x01", 2) < 0)
1945 ret = -1;
1946 /* Mesh peering confirm */
1947 if (nl80211_register_action_frame(bss, (u8 *) "\x0f\x02", 2) < 0)
1948 ret = -1;
1949 /* Mesh peering close */
1950 if (nl80211_register_action_frame(bss, (u8 *) "\x0f\x03", 2) < 0)
1951 ret = -1;
1952
1953 nl80211_mgmt_handle_register_eloop(bss);
1954
1955 return ret;
1956 }
1957
1958
nl80211_register_spurious_class3(struct i802_bss * bss)1959 static int nl80211_register_spurious_class3(struct i802_bss *bss)
1960 {
1961 struct nl_msg *msg;
1962 int ret;
1963
1964 msg = nl80211_bss_msg(bss, 0, NL80211_CMD_UNEXPECTED_FRAME);
1965 ret = send_and_recv(bss->drv->global, bss->nl_mgmt, msg, NULL, NULL);
1966 if (ret) {
1967 wpa_printf(MSG_DEBUG, "nl80211: Register spurious class3 "
1968 "failed: ret=%d (%s)",
1969 ret, strerror(-ret));
1970 }
1971 return ret;
1972 }
1973
1974
nl80211_mgmt_subscribe_ap(struct i802_bss * bss)1975 static int nl80211_mgmt_subscribe_ap(struct i802_bss *bss)
1976 {
1977 static const int stypes[] = {
1978 WLAN_FC_STYPE_AUTH,
1979 WLAN_FC_STYPE_ASSOC_REQ,
1980 WLAN_FC_STYPE_REASSOC_REQ,
1981 WLAN_FC_STYPE_DISASSOC,
1982 WLAN_FC_STYPE_DEAUTH,
1983 WLAN_FC_STYPE_ACTION,
1984 WLAN_FC_STYPE_PROBE_REQ,
1985 /* Beacon doesn't work as mac80211 doesn't currently allow
1986 * it, but it wouldn't really be the right thing anyway as
1987 * it isn't per interface ... maybe just dump the scan
1988 * results periodically for OLBC?
1989 */
1990 /* WLAN_FC_STYPE_BEACON, */
1991 };
1992 unsigned int i;
1993
1994 if (nl80211_alloc_mgmt_handle(bss))
1995 return -1;
1996 wpa_printf(MSG_DEBUG, "nl80211: Subscribe to mgmt frames with AP "
1997 "handle %p", bss->nl_mgmt);
1998
1999 for (i = 0; i < ARRAY_SIZE(stypes); i++) {
2000 if (nl80211_register_frame(bss, bss->nl_mgmt,
2001 (WLAN_FC_TYPE_MGMT << 2) |
2002 (stypes[i] << 4),
2003 NULL, 0) < 0) {
2004 goto out_err;
2005 }
2006 }
2007
2008 if (nl80211_register_spurious_class3(bss))
2009 goto out_err;
2010
2011 if (nl80211_get_wiphy_data_ap(bss) == NULL)
2012 goto out_err;
2013
2014 nl80211_mgmt_handle_register_eloop(bss);
2015 return 0;
2016
2017 out_err:
2018 nl_destroy_handles(&bss->nl_mgmt);
2019 return -1;
2020 }
2021
2022
nl80211_mgmt_subscribe_ap_dev_sme(struct i802_bss * bss)2023 static int nl80211_mgmt_subscribe_ap_dev_sme(struct i802_bss *bss)
2024 {
2025 if (nl80211_alloc_mgmt_handle(bss))
2026 return -1;
2027 wpa_printf(MSG_DEBUG, "nl80211: Subscribe to mgmt frames with AP "
2028 "handle %p (device SME)", bss->nl_mgmt);
2029
2030 if (nl80211_register_frame(bss, bss->nl_mgmt,
2031 (WLAN_FC_TYPE_MGMT << 2) |
2032 (WLAN_FC_STYPE_ACTION << 4),
2033 NULL, 0) < 0)
2034 goto out_err;
2035
2036 nl80211_mgmt_handle_register_eloop(bss);
2037 return 0;
2038
2039 out_err:
2040 nl_destroy_handles(&bss->nl_mgmt);
2041 return -1;
2042 }
2043
2044
nl80211_mgmt_unsubscribe(struct i802_bss * bss,const char * reason)2045 static void nl80211_mgmt_unsubscribe(struct i802_bss *bss, const char *reason)
2046 {
2047 if (bss->nl_mgmt == NULL)
2048 return;
2049 wpa_printf(MSG_DEBUG, "nl80211: Unsubscribe mgmt frames handle %p "
2050 "(%s)", bss->nl_mgmt, reason);
2051 nl80211_destroy_eloop_handle(&bss->nl_mgmt);
2052
2053 nl80211_put_wiphy_data_ap(bss);
2054 }
2055
2056
wpa_driver_nl80211_send_rfkill(void * eloop_ctx,void * timeout_ctx)2057 static void wpa_driver_nl80211_send_rfkill(void *eloop_ctx, void *timeout_ctx)
2058 {
2059 wpa_supplicant_event(timeout_ctx, EVENT_INTERFACE_DISABLED, NULL);
2060 }
2061
2062
nl80211_del_p2pdev(struct i802_bss * bss)2063 static void nl80211_del_p2pdev(struct i802_bss *bss)
2064 {
2065 struct nl_msg *msg;
2066 int ret;
2067
2068 msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_DEL_INTERFACE);
2069 ret = send_and_recv_msgs(bss->drv, msg, NULL, NULL);
2070
2071 wpa_printf(MSG_DEBUG, "nl80211: Delete P2P Device %s (0x%llx): %s",
2072 bss->ifname, (long long unsigned int) bss->wdev_id,
2073 strerror(-ret));
2074 }
2075
2076
nl80211_set_p2pdev(struct i802_bss * bss,int start)2077 static int nl80211_set_p2pdev(struct i802_bss *bss, int start)
2078 {
2079 struct nl_msg *msg;
2080 int ret;
2081
2082 msg = nl80211_cmd_msg(bss, 0, start ? NL80211_CMD_START_P2P_DEVICE :
2083 NL80211_CMD_STOP_P2P_DEVICE);
2084 ret = send_and_recv_msgs(bss->drv, msg, NULL, NULL);
2085
2086 wpa_printf(MSG_DEBUG, "nl80211: %s P2P Device %s (0x%llx): %s",
2087 start ? "Start" : "Stop",
2088 bss->ifname, (long long unsigned int) bss->wdev_id,
2089 strerror(-ret));
2090 return ret;
2091 }
2092
2093
i802_set_iface_flags(struct i802_bss * bss,int up)2094 static int i802_set_iface_flags(struct i802_bss *bss, int up)
2095 {
2096 enum nl80211_iftype nlmode;
2097
2098 nlmode = nl80211_get_ifmode(bss);
2099 if (nlmode != NL80211_IFTYPE_P2P_DEVICE) {
2100 return linux_set_iface_flags(bss->drv->global->ioctl_sock,
2101 bss->ifname, up);
2102 }
2103
2104 /* P2P Device has start/stop which is equivalent */
2105 return nl80211_set_p2pdev(bss, up);
2106 }
2107
2108
2109 #ifdef CONFIG_TESTING_OPTIONS
qca_vendor_test_cmd_handler(struct nl_msg * msg,void * arg)2110 static int qca_vendor_test_cmd_handler(struct nl_msg *msg, void *arg)
2111 {
2112 /* struct wpa_driver_nl80211_data *drv = arg; */
2113 struct nlattr *tb[NL80211_ATTR_MAX + 1];
2114 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
2115
2116
2117 wpa_printf(MSG_DEBUG,
2118 "nl80211: QCA vendor test command response received");
2119
2120 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
2121 genlmsg_attrlen(gnlh, 0), NULL);
2122 if (!tb[NL80211_ATTR_VENDOR_DATA]) {
2123 wpa_printf(MSG_DEBUG, "nl80211: No vendor data attribute");
2124 return NL_SKIP;
2125 }
2126
2127 wpa_hexdump(MSG_DEBUG,
2128 "nl80211: Received QCA vendor test command response",
2129 nla_data(tb[NL80211_ATTR_VENDOR_DATA]),
2130 nla_len(tb[NL80211_ATTR_VENDOR_DATA]));
2131
2132 return NL_SKIP;
2133 }
2134 #endif /* CONFIG_TESTING_OPTIONS */
2135
2136
qca_vendor_test(struct wpa_driver_nl80211_data * drv)2137 static void qca_vendor_test(struct wpa_driver_nl80211_data *drv)
2138 {
2139 #ifdef CONFIG_TESTING_OPTIONS
2140 struct nl_msg *msg;
2141 struct nlattr *params;
2142 int ret;
2143
2144 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) ||
2145 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) ||
2146 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD,
2147 QCA_NL80211_VENDOR_SUBCMD_TEST) ||
2148 !(params = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) ||
2149 nla_put_u32(msg, QCA_WLAN_VENDOR_ATTR_TEST, 123)) {
2150 nlmsg_free(msg);
2151 return;
2152 }
2153 nla_nest_end(msg, params);
2154
2155 ret = send_and_recv_msgs(drv, msg, qca_vendor_test_cmd_handler, drv);
2156 wpa_printf(MSG_DEBUG,
2157 "nl80211: QCA vendor test command returned %d (%s)",
2158 ret, strerror(-ret));
2159 #endif /* CONFIG_TESTING_OPTIONS */
2160 }
2161
2162
2163 static int
wpa_driver_nl80211_finish_drv_init(struct wpa_driver_nl80211_data * drv,const u8 * set_addr,int first,const char * driver_params)2164 wpa_driver_nl80211_finish_drv_init(struct wpa_driver_nl80211_data *drv,
2165 const u8 *set_addr, int first,
2166 const char *driver_params)
2167 {
2168 struct i802_bss *bss = drv->first_bss;
2169 int send_rfkill_event = 0;
2170 enum nl80211_iftype nlmode;
2171
2172 drv->ifindex = if_nametoindex(bss->ifname);
2173 bss->ifindex = drv->ifindex;
2174 bss->wdev_id = drv->global->if_add_wdevid;
2175 bss->wdev_id_set = drv->global->if_add_wdevid_set;
2176
2177 bss->if_dynamic = drv->ifindex == drv->global->if_add_ifindex;
2178 bss->if_dynamic = bss->if_dynamic || drv->global->if_add_wdevid_set;
2179 drv->global->if_add_wdevid_set = 0;
2180
2181 if (!bss->if_dynamic && nl80211_get_ifmode(bss) == NL80211_IFTYPE_AP)
2182 bss->static_ap = 1;
2183
2184 if (wpa_driver_nl80211_capa(drv))
2185 return -1;
2186
2187 if (driver_params && nl80211_set_param(bss, driver_params) < 0)
2188 return -1;
2189
2190 wpa_printf(MSG_DEBUG, "nl80211: interface %s in phy %s",
2191 bss->ifname, drv->phyname);
2192
2193 if (set_addr &&
2194 (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 0) ||
2195 linux_set_ifhwaddr(drv->global->ioctl_sock, bss->ifname,
2196 set_addr)))
2197 return -1;
2198
2199 if (first && nl80211_get_ifmode(bss) == NL80211_IFTYPE_AP)
2200 drv->start_mode_ap = 1;
2201
2202 if (drv->hostapd || bss->static_ap)
2203 nlmode = NL80211_IFTYPE_AP;
2204 else if (bss->if_dynamic)
2205 nlmode = nl80211_get_ifmode(bss);
2206 else
2207 nlmode = NL80211_IFTYPE_STATION;
2208
2209 if (wpa_driver_nl80211_set_mode(bss, nlmode) < 0) {
2210 wpa_printf(MSG_ERROR, "nl80211: Could not configure driver mode");
2211 return -1;
2212 }
2213
2214 if (nlmode == NL80211_IFTYPE_P2P_DEVICE)
2215 nl80211_get_macaddr(bss);
2216
2217 if (!rfkill_is_blocked(drv->rfkill)) {
2218 int ret = i802_set_iface_flags(bss, 1);
2219 if (ret) {
2220 wpa_printf(MSG_ERROR, "nl80211: Could not set "
2221 "interface '%s' UP", bss->ifname);
2222 return ret;
2223 }
2224 if (nlmode == NL80211_IFTYPE_P2P_DEVICE)
2225 return ret;
2226 } else {
2227 wpa_printf(MSG_DEBUG, "nl80211: Could not yet enable "
2228 "interface '%s' due to rfkill", bss->ifname);
2229 if (nlmode == NL80211_IFTYPE_P2P_DEVICE)
2230 return 0;
2231 drv->if_disabled = 1;
2232 send_rfkill_event = 1;
2233 }
2234
2235 if (!drv->hostapd)
2236 netlink_send_oper_ifla(drv->global->netlink, drv->ifindex,
2237 1, IF_OPER_DORMANT);
2238
2239 if (linux_get_ifhwaddr(drv->global->ioctl_sock, bss->ifname,
2240 bss->addr))
2241 return -1;
2242 os_memcpy(drv->perm_addr, bss->addr, ETH_ALEN);
2243
2244 if (send_rfkill_event) {
2245 eloop_register_timeout(0, 0, wpa_driver_nl80211_send_rfkill,
2246 drv, drv->ctx);
2247 }
2248
2249 if (drv->vendor_cmd_test_avail)
2250 qca_vendor_test(drv);
2251
2252 return 0;
2253 }
2254
2255
wpa_driver_nl80211_del_beacon(struct wpa_driver_nl80211_data * drv)2256 static int wpa_driver_nl80211_del_beacon(struct wpa_driver_nl80211_data *drv)
2257 {
2258 struct nl_msg *msg;
2259
2260 wpa_printf(MSG_DEBUG, "nl80211: Remove beacon (ifindex=%d)",
2261 drv->ifindex);
2262 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_DEL_BEACON);
2263 return send_and_recv_msgs(drv, msg, NULL, NULL);
2264 }
2265
2266
2267 /**
2268 * wpa_driver_nl80211_deinit - Deinitialize nl80211 driver interface
2269 * @bss: Pointer to private nl80211 data from wpa_driver_nl80211_init()
2270 *
2271 * Shut down driver interface and processing of driver events. Free
2272 * private data buffer if one was allocated in wpa_driver_nl80211_init().
2273 */
wpa_driver_nl80211_deinit(struct i802_bss * bss)2274 static void wpa_driver_nl80211_deinit(struct i802_bss *bss)
2275 {
2276 struct wpa_driver_nl80211_data *drv = bss->drv;
2277
2278 wpa_printf(MSG_INFO, "nl80211: deinit ifname=%s disabled_11b_rates=%d",
2279 bss->ifname, drv->disabled_11b_rates);
2280
2281 bss->in_deinit = 1;
2282 if (drv->data_tx_status)
2283 eloop_unregister_read_sock(drv->eapol_tx_sock);
2284 if (drv->eapol_tx_sock >= 0)
2285 close(drv->eapol_tx_sock);
2286
2287 if (bss->nl_preq)
2288 wpa_driver_nl80211_probe_req_report(bss, 0);
2289 if (bss->added_if_into_bridge) {
2290 if (linux_br_del_if(drv->global->ioctl_sock, bss->brname,
2291 bss->ifname) < 0)
2292 wpa_printf(MSG_INFO, "nl80211: Failed to remove "
2293 "interface %s from bridge %s: %s",
2294 bss->ifname, bss->brname, strerror(errno));
2295 if (drv->rtnl_sk)
2296 nl80211_handle_destroy(drv->rtnl_sk);
2297 }
2298 if (bss->added_bridge) {
2299 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->brname,
2300 0) < 0)
2301 wpa_printf(MSG_INFO,
2302 "nl80211: Could not set bridge %s down",
2303 bss->brname);
2304 if (linux_br_del(drv->global->ioctl_sock, bss->brname) < 0)
2305 wpa_printf(MSG_INFO, "nl80211: Failed to remove "
2306 "bridge %s: %s",
2307 bss->brname, strerror(errno));
2308 }
2309
2310 nl80211_remove_monitor_interface(drv);
2311
2312 if (is_ap_interface(drv->nlmode))
2313 wpa_driver_nl80211_del_beacon(drv);
2314
2315 if (drv->eapol_sock >= 0) {
2316 eloop_unregister_read_sock(drv->eapol_sock);
2317 close(drv->eapol_sock);
2318 }
2319
2320 if (drv->if_indices != drv->default_if_indices)
2321 os_free(drv->if_indices);
2322
2323 if (drv->disabled_11b_rates)
2324 nl80211_disable_11b_rates(drv, drv->ifindex, 0);
2325
2326 netlink_send_oper_ifla(drv->global->netlink, drv->ifindex, 0,
2327 IF_OPER_UP);
2328 eloop_cancel_timeout(wpa_driver_nl80211_send_rfkill, drv, drv->ctx);
2329 rfkill_deinit(drv->rfkill);
2330
2331 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv, drv->ctx);
2332
2333 if (!drv->start_iface_up)
2334 (void) i802_set_iface_flags(bss, 0);
2335
2336 if (drv->addr_changed) {
2337 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname,
2338 0) < 0) {
2339 wpa_printf(MSG_DEBUG,
2340 "nl80211: Could not set interface down to restore permanent MAC address");
2341 }
2342 if (linux_set_ifhwaddr(drv->global->ioctl_sock, bss->ifname,
2343 drv->perm_addr) < 0) {
2344 wpa_printf(MSG_DEBUG,
2345 "nl80211: Could not restore permanent MAC address");
2346 }
2347 }
2348
2349 if (drv->nlmode != NL80211_IFTYPE_P2P_DEVICE) {
2350 if (!drv->hostapd || !drv->start_mode_ap)
2351 wpa_driver_nl80211_set_mode(bss,
2352 NL80211_IFTYPE_STATION);
2353 nl80211_mgmt_unsubscribe(bss, "deinit");
2354 } else {
2355 nl80211_mgmt_unsubscribe(bss, "deinit");
2356 nl80211_del_p2pdev(bss);
2357 }
2358
2359 nl80211_destroy_bss(drv->first_bss);
2360
2361 os_free(drv->filter_ssids);
2362
2363 os_free(drv->auth_ie);
2364
2365 if (drv->in_interface_list)
2366 dl_list_del(&drv->list);
2367
2368 os_free(drv->extended_capa);
2369 os_free(drv->extended_capa_mask);
2370 os_free(drv->first_bss);
2371 os_free(drv);
2372 }
2373
2374
wpa_alg_to_cipher_suite(enum wpa_alg alg,size_t key_len)2375 static u32 wpa_alg_to_cipher_suite(enum wpa_alg alg, size_t key_len)
2376 {
2377 switch (alg) {
2378 case WPA_ALG_WEP:
2379 if (key_len == 5)
2380 return WLAN_CIPHER_SUITE_WEP40;
2381 return WLAN_CIPHER_SUITE_WEP104;
2382 case WPA_ALG_TKIP:
2383 return WLAN_CIPHER_SUITE_TKIP;
2384 case WPA_ALG_CCMP:
2385 return WLAN_CIPHER_SUITE_CCMP;
2386 case WPA_ALG_GCMP:
2387 return WLAN_CIPHER_SUITE_GCMP;
2388 case WPA_ALG_CCMP_256:
2389 return WLAN_CIPHER_SUITE_CCMP_256;
2390 case WPA_ALG_GCMP_256:
2391 return WLAN_CIPHER_SUITE_GCMP_256;
2392 case WPA_ALG_IGTK:
2393 return WLAN_CIPHER_SUITE_AES_CMAC;
2394 case WPA_ALG_BIP_GMAC_128:
2395 return WLAN_CIPHER_SUITE_BIP_GMAC_128;
2396 case WPA_ALG_BIP_GMAC_256:
2397 return WLAN_CIPHER_SUITE_BIP_GMAC_256;
2398 case WPA_ALG_BIP_CMAC_256:
2399 return WLAN_CIPHER_SUITE_BIP_CMAC_256;
2400 case WPA_ALG_SMS4:
2401 return WLAN_CIPHER_SUITE_SMS4;
2402 case WPA_ALG_KRK:
2403 return WLAN_CIPHER_SUITE_KRK;
2404 case WPA_ALG_NONE:
2405 case WPA_ALG_PMK:
2406 wpa_printf(MSG_ERROR, "nl80211: Unexpected encryption algorithm %d",
2407 alg);
2408 return 0;
2409 }
2410
2411 wpa_printf(MSG_ERROR, "nl80211: Unsupported encryption algorithm %d",
2412 alg);
2413 return 0;
2414 }
2415
2416
wpa_cipher_to_cipher_suite(unsigned int cipher)2417 static u32 wpa_cipher_to_cipher_suite(unsigned int cipher)
2418 {
2419 switch (cipher) {
2420 case WPA_CIPHER_CCMP_256:
2421 return WLAN_CIPHER_SUITE_CCMP_256;
2422 case WPA_CIPHER_GCMP_256:
2423 return WLAN_CIPHER_SUITE_GCMP_256;
2424 case WPA_CIPHER_CCMP:
2425 return WLAN_CIPHER_SUITE_CCMP;
2426 case WPA_CIPHER_GCMP:
2427 return WLAN_CIPHER_SUITE_GCMP;
2428 case WPA_CIPHER_TKIP:
2429 return WLAN_CIPHER_SUITE_TKIP;
2430 case WPA_CIPHER_WEP104:
2431 return WLAN_CIPHER_SUITE_WEP104;
2432 case WPA_CIPHER_WEP40:
2433 return WLAN_CIPHER_SUITE_WEP40;
2434 case WPA_CIPHER_GTK_NOT_USED:
2435 return WLAN_CIPHER_SUITE_NO_GROUP_ADDR;
2436 }
2437
2438 return 0;
2439 }
2440
2441
wpa_cipher_to_cipher_suites(unsigned int ciphers,u32 suites[],int max_suites)2442 static int wpa_cipher_to_cipher_suites(unsigned int ciphers, u32 suites[],
2443 int max_suites)
2444 {
2445 int num_suites = 0;
2446
2447 if (num_suites < max_suites && ciphers & WPA_CIPHER_CCMP_256)
2448 suites[num_suites++] = WLAN_CIPHER_SUITE_CCMP_256;
2449 if (num_suites < max_suites && ciphers & WPA_CIPHER_GCMP_256)
2450 suites[num_suites++] = WLAN_CIPHER_SUITE_GCMP_256;
2451 if (num_suites < max_suites && ciphers & WPA_CIPHER_CCMP)
2452 suites[num_suites++] = WLAN_CIPHER_SUITE_CCMP;
2453 if (num_suites < max_suites && ciphers & WPA_CIPHER_GCMP)
2454 suites[num_suites++] = WLAN_CIPHER_SUITE_GCMP;
2455 if (num_suites < max_suites && ciphers & WPA_CIPHER_TKIP)
2456 suites[num_suites++] = WLAN_CIPHER_SUITE_TKIP;
2457 if (num_suites < max_suites && ciphers & WPA_CIPHER_WEP104)
2458 suites[num_suites++] = WLAN_CIPHER_SUITE_WEP104;
2459 if (num_suites < max_suites && ciphers & WPA_CIPHER_WEP40)
2460 suites[num_suites++] = WLAN_CIPHER_SUITE_WEP40;
2461
2462 return num_suites;
2463 }
2464
2465
issue_key_mgmt_set_key(struct wpa_driver_nl80211_data * drv,const u8 * key,size_t key_len)2466 static int issue_key_mgmt_set_key(struct wpa_driver_nl80211_data *drv,
2467 const u8 *key, size_t key_len)
2468 {
2469 struct nl_msg *msg;
2470 int ret;
2471
2472 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_KEY_MGMT_OFFLOAD))
2473 return 0;
2474
2475 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) ||
2476 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) ||
2477 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD,
2478 QCA_NL80211_VENDOR_SUBCMD_KEY_MGMT_SET_KEY) ||
2479 nla_put(msg, NL80211_ATTR_VENDOR_DATA, key_len, key)) {
2480 nl80211_nlmsg_clear(msg);
2481 nlmsg_free(msg);
2482 return -1;
2483 }
2484 ret = send_and_recv_msgs(drv, msg, NULL, (void *) -1);
2485 if (ret) {
2486 wpa_printf(MSG_DEBUG,
2487 "nl80211: Key management set key failed: ret=%d (%s)",
2488 ret, strerror(-ret));
2489 }
2490
2491 return ret;
2492 }
2493
2494
wpa_driver_nl80211_set_key(const char * ifname,struct i802_bss * bss,enum wpa_alg alg,const u8 * addr,int key_idx,int set_tx,const u8 * seq,size_t seq_len,const u8 * key,size_t key_len)2495 static int wpa_driver_nl80211_set_key(const char *ifname, struct i802_bss *bss,
2496 enum wpa_alg alg, const u8 *addr,
2497 int key_idx, int set_tx,
2498 const u8 *seq, size_t seq_len,
2499 const u8 *key, size_t key_len)
2500 {
2501 struct wpa_driver_nl80211_data *drv = bss->drv;
2502 int ifindex;
2503 struct nl_msg *msg = NULL;
2504 int ret;
2505 int tdls = 0;
2506
2507 /* Ignore for P2P Device */
2508 if (drv->nlmode == NL80211_IFTYPE_P2P_DEVICE)
2509 return 0;
2510
2511 ifindex = if_nametoindex(ifname);
2512 wpa_printf(MSG_DEBUG, "%s: ifindex=%d (%s) alg=%d addr=%p key_idx=%d "
2513 "set_tx=%d seq_len=%lu key_len=%lu",
2514 __func__, ifindex, ifname, alg, addr, key_idx, set_tx,
2515 (unsigned long) seq_len, (unsigned long) key_len);
2516 #ifdef CONFIG_TDLS
2517 if (key_idx == -1) {
2518 key_idx = 0;
2519 tdls = 1;
2520 }
2521 #endif /* CONFIG_TDLS */
2522
2523 if (alg == WPA_ALG_PMK &&
2524 (drv->capa.flags & WPA_DRIVER_FLAGS_KEY_MGMT_OFFLOAD)) {
2525 wpa_printf(MSG_DEBUG, "%s: calling issue_key_mgmt_set_key",
2526 __func__);
2527 ret = issue_key_mgmt_set_key(drv, key, key_len);
2528 return ret;
2529 }
2530
2531 if (alg == WPA_ALG_NONE) {
2532 msg = nl80211_ifindex_msg(drv, ifindex, 0, NL80211_CMD_DEL_KEY);
2533 if (!msg)
2534 return -ENOBUFS;
2535 } else {
2536 u32 suite;
2537
2538 suite = wpa_alg_to_cipher_suite(alg, key_len);
2539 if (!suite)
2540 goto fail;
2541 msg = nl80211_ifindex_msg(drv, ifindex, 0, NL80211_CMD_NEW_KEY);
2542 if (!msg ||
2543 nla_put(msg, NL80211_ATTR_KEY_DATA, key_len, key) ||
2544 nla_put_u32(msg, NL80211_ATTR_KEY_CIPHER, suite))
2545 goto fail;
2546 wpa_hexdump_key(MSG_DEBUG, "nl80211: KEY_DATA", key, key_len);
2547 }
2548
2549 if (seq && seq_len) {
2550 if (nla_put(msg, NL80211_ATTR_KEY_SEQ, seq_len, seq))
2551 goto fail;
2552 wpa_hexdump(MSG_DEBUG, "nl80211: KEY_SEQ", seq, seq_len);
2553 }
2554
2555 if (addr && !is_broadcast_ether_addr(addr)) {
2556 wpa_printf(MSG_DEBUG, " addr=" MACSTR, MAC2STR(addr));
2557 if (nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr))
2558 goto fail;
2559
2560 if (alg != WPA_ALG_WEP && key_idx && !set_tx) {
2561 wpa_printf(MSG_DEBUG, " RSN IBSS RX GTK");
2562 if (nla_put_u32(msg, NL80211_ATTR_KEY_TYPE,
2563 NL80211_KEYTYPE_GROUP))
2564 goto fail;
2565 }
2566 } else if (addr && is_broadcast_ether_addr(addr)) {
2567 struct nlattr *types;
2568
2569 wpa_printf(MSG_DEBUG, " broadcast key");
2570
2571 types = nla_nest_start(msg, NL80211_ATTR_KEY_DEFAULT_TYPES);
2572 if (!types ||
2573 nla_put_flag(msg, NL80211_KEY_DEFAULT_TYPE_MULTICAST))
2574 goto fail;
2575 nla_nest_end(msg, types);
2576 }
2577 if (nla_put_u8(msg, NL80211_ATTR_KEY_IDX, key_idx))
2578 goto fail;
2579
2580 ret = send_and_recv_msgs(drv, msg, NULL, key ? (void *) -1 : NULL);
2581 if ((ret == -ENOENT || ret == -ENOLINK) && alg == WPA_ALG_NONE)
2582 ret = 0;
2583 if (ret)
2584 wpa_printf(MSG_DEBUG, "nl80211: set_key failed; err=%d %s)",
2585 ret, strerror(-ret));
2586
2587 /*
2588 * If we failed or don't need to set the default TX key (below),
2589 * we're done here.
2590 */
2591 if (ret || !set_tx || alg == WPA_ALG_NONE || tdls)
2592 return ret;
2593 if (is_ap_interface(drv->nlmode) && addr &&
2594 !is_broadcast_ether_addr(addr))
2595 return ret;
2596
2597 msg = nl80211_ifindex_msg(drv, ifindex, 0, NL80211_CMD_SET_KEY);
2598 if (!msg ||
2599 nla_put_u8(msg, NL80211_ATTR_KEY_IDX, key_idx) ||
2600 nla_put_flag(msg, (alg == WPA_ALG_IGTK ||
2601 alg == WPA_ALG_BIP_GMAC_128 ||
2602 alg == WPA_ALG_BIP_GMAC_256 ||
2603 alg == WPA_ALG_BIP_CMAC_256) ?
2604 NL80211_ATTR_KEY_DEFAULT_MGMT :
2605 NL80211_ATTR_KEY_DEFAULT))
2606 goto fail;
2607 if (addr && is_broadcast_ether_addr(addr)) {
2608 struct nlattr *types;
2609
2610 types = nla_nest_start(msg, NL80211_ATTR_KEY_DEFAULT_TYPES);
2611 if (!types ||
2612 nla_put_flag(msg, NL80211_KEY_DEFAULT_TYPE_MULTICAST))
2613 goto fail;
2614 nla_nest_end(msg, types);
2615 } else if (addr) {
2616 struct nlattr *types;
2617
2618 types = nla_nest_start(msg, NL80211_ATTR_KEY_DEFAULT_TYPES);
2619 if (!types ||
2620 nla_put_flag(msg, NL80211_KEY_DEFAULT_TYPE_UNICAST))
2621 goto fail;
2622 nla_nest_end(msg, types);
2623 }
2624
2625 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
2626 if (ret == -ENOENT)
2627 ret = 0;
2628 if (ret)
2629 wpa_printf(MSG_DEBUG, "nl80211: set_key default failed; "
2630 "err=%d %s)", ret, strerror(-ret));
2631 return ret;
2632
2633 fail:
2634 nl80211_nlmsg_clear(msg);
2635 nlmsg_free(msg);
2636 return -ENOBUFS;
2637 }
2638
2639
nl_add_key(struct nl_msg * msg,enum wpa_alg alg,int key_idx,int defkey,const u8 * seq,size_t seq_len,const u8 * key,size_t key_len)2640 static int nl_add_key(struct nl_msg *msg, enum wpa_alg alg,
2641 int key_idx, int defkey,
2642 const u8 *seq, size_t seq_len,
2643 const u8 *key, size_t key_len)
2644 {
2645 struct nlattr *key_attr = nla_nest_start(msg, NL80211_ATTR_KEY);
2646 u32 suite;
2647
2648 if (!key_attr)
2649 return -1;
2650
2651 suite = wpa_alg_to_cipher_suite(alg, key_len);
2652 if (!suite)
2653 return -1;
2654
2655 if (defkey && alg == WPA_ALG_IGTK) {
2656 if (nla_put_flag(msg, NL80211_KEY_DEFAULT_MGMT))
2657 return -1;
2658 } else if (defkey) {
2659 if (nla_put_flag(msg, NL80211_KEY_DEFAULT))
2660 return -1;
2661 }
2662
2663 if (nla_put_u8(msg, NL80211_KEY_IDX, key_idx) ||
2664 nla_put_u32(msg, NL80211_KEY_CIPHER, suite) ||
2665 (seq && seq_len &&
2666 nla_put(msg, NL80211_KEY_SEQ, seq_len, seq)) ||
2667 nla_put(msg, NL80211_KEY_DATA, key_len, key))
2668 return -1;
2669
2670 nla_nest_end(msg, key_attr);
2671
2672 return 0;
2673 }
2674
2675
nl80211_set_conn_keys(struct wpa_driver_associate_params * params,struct nl_msg * msg)2676 static int nl80211_set_conn_keys(struct wpa_driver_associate_params *params,
2677 struct nl_msg *msg)
2678 {
2679 int i, privacy = 0;
2680 struct nlattr *nl_keys, *nl_key;
2681
2682 for (i = 0; i < 4; i++) {
2683 if (!params->wep_key[i])
2684 continue;
2685 privacy = 1;
2686 break;
2687 }
2688 if (params->wps == WPS_MODE_PRIVACY)
2689 privacy = 1;
2690 if (params->pairwise_suite &&
2691 params->pairwise_suite != WPA_CIPHER_NONE)
2692 privacy = 1;
2693
2694 if (!privacy)
2695 return 0;
2696
2697 if (nla_put_flag(msg, NL80211_ATTR_PRIVACY))
2698 return -ENOBUFS;
2699
2700 nl_keys = nla_nest_start(msg, NL80211_ATTR_KEYS);
2701 if (!nl_keys)
2702 return -ENOBUFS;
2703
2704 for (i = 0; i < 4; i++) {
2705 if (!params->wep_key[i])
2706 continue;
2707
2708 nl_key = nla_nest_start(msg, i);
2709 if (!nl_key ||
2710 nla_put(msg, NL80211_KEY_DATA, params->wep_key_len[i],
2711 params->wep_key[i]) ||
2712 nla_put_u32(msg, NL80211_KEY_CIPHER,
2713 params->wep_key_len[i] == 5 ?
2714 WLAN_CIPHER_SUITE_WEP40 :
2715 WLAN_CIPHER_SUITE_WEP104) ||
2716 nla_put_u8(msg, NL80211_KEY_IDX, i) ||
2717 (i == params->wep_tx_keyidx &&
2718 nla_put_flag(msg, NL80211_KEY_DEFAULT)))
2719 return -ENOBUFS;
2720
2721 nla_nest_end(msg, nl_key);
2722 }
2723 nla_nest_end(msg, nl_keys);
2724
2725 return 0;
2726 }
2727
2728
wpa_driver_nl80211_mlme(struct wpa_driver_nl80211_data * drv,const u8 * addr,int cmd,u16 reason_code,int local_state_change)2729 int wpa_driver_nl80211_mlme(struct wpa_driver_nl80211_data *drv,
2730 const u8 *addr, int cmd, u16 reason_code,
2731 int local_state_change)
2732 {
2733 int ret;
2734 struct nl_msg *msg;
2735
2736 if (!(msg = nl80211_drv_msg(drv, 0, cmd)) ||
2737 nla_put_u16(msg, NL80211_ATTR_REASON_CODE, reason_code) ||
2738 (addr && nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) ||
2739 (local_state_change &&
2740 nla_put_flag(msg, NL80211_ATTR_LOCAL_STATE_CHANGE))) {
2741 nlmsg_free(msg);
2742 return -1;
2743 }
2744
2745 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
2746 if (ret) {
2747 wpa_dbg(drv->ctx, MSG_DEBUG,
2748 "nl80211: MLME command failed: reason=%u ret=%d (%s)",
2749 reason_code, ret, strerror(-ret));
2750 }
2751 return ret;
2752 }
2753
2754
wpa_driver_nl80211_disconnect(struct wpa_driver_nl80211_data * drv,int reason_code)2755 static int wpa_driver_nl80211_disconnect(struct wpa_driver_nl80211_data *drv,
2756 int reason_code)
2757 {
2758 int ret;
2759
2760 wpa_printf(MSG_DEBUG, "%s(reason_code=%d)", __func__, reason_code);
2761 nl80211_mark_disconnected(drv);
2762 /* Disconnect command doesn't need BSSID - it uses cached value */
2763 ret = wpa_driver_nl80211_mlme(drv, NULL, NL80211_CMD_DISCONNECT,
2764 reason_code, 0);
2765 /*
2766 * For locally generated disconnect, supplicant already generates a
2767 * DEAUTH event, so ignore the event from NL80211.
2768 */
2769 drv->ignore_next_local_disconnect = ret == 0;
2770
2771 return ret;
2772 }
2773
2774
wpa_driver_nl80211_deauthenticate(struct i802_bss * bss,const u8 * addr,int reason_code)2775 static int wpa_driver_nl80211_deauthenticate(struct i802_bss *bss,
2776 const u8 *addr, int reason_code)
2777 {
2778 struct wpa_driver_nl80211_data *drv = bss->drv;
2779 int ret;
2780
2781 if (drv->nlmode == NL80211_IFTYPE_ADHOC) {
2782 nl80211_mark_disconnected(drv);
2783 return nl80211_leave_ibss(drv, 1);
2784 }
2785 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME))
2786 return wpa_driver_nl80211_disconnect(drv, reason_code);
2787 wpa_printf(MSG_DEBUG, "%s(addr=" MACSTR " reason_code=%d)",
2788 __func__, MAC2STR(addr), reason_code);
2789 nl80211_mark_disconnected(drv);
2790 ret = wpa_driver_nl80211_mlme(drv, addr, NL80211_CMD_DEAUTHENTICATE,
2791 reason_code, 0);
2792 /*
2793 * For locally generated deauthenticate, supplicant already generates a
2794 * DEAUTH event, so ignore the event from NL80211.
2795 */
2796 drv->ignore_next_local_deauth = ret == 0;
2797 return ret;
2798 }
2799
2800
nl80211_copy_auth_params(struct wpa_driver_nl80211_data * drv,struct wpa_driver_auth_params * params)2801 static void nl80211_copy_auth_params(struct wpa_driver_nl80211_data *drv,
2802 struct wpa_driver_auth_params *params)
2803 {
2804 int i;
2805
2806 drv->auth_freq = params->freq;
2807 drv->auth_alg = params->auth_alg;
2808 drv->auth_wep_tx_keyidx = params->wep_tx_keyidx;
2809 drv->auth_local_state_change = params->local_state_change;
2810 drv->auth_p2p = params->p2p;
2811
2812 if (params->bssid)
2813 os_memcpy(drv->auth_bssid_, params->bssid, ETH_ALEN);
2814 else
2815 os_memset(drv->auth_bssid_, 0, ETH_ALEN);
2816
2817 if (params->ssid) {
2818 os_memcpy(drv->auth_ssid, params->ssid, params->ssid_len);
2819 drv->auth_ssid_len = params->ssid_len;
2820 } else
2821 drv->auth_ssid_len = 0;
2822
2823
2824 os_free(drv->auth_ie);
2825 drv->auth_ie = NULL;
2826 drv->auth_ie_len = 0;
2827 if (params->ie) {
2828 drv->auth_ie = os_malloc(params->ie_len);
2829 if (drv->auth_ie) {
2830 os_memcpy(drv->auth_ie, params->ie, params->ie_len);
2831 drv->auth_ie_len = params->ie_len;
2832 }
2833 }
2834
2835 for (i = 0; i < 4; i++) {
2836 if (params->wep_key[i] && params->wep_key_len[i] &&
2837 params->wep_key_len[i] <= 16) {
2838 os_memcpy(drv->auth_wep_key[i], params->wep_key[i],
2839 params->wep_key_len[i]);
2840 drv->auth_wep_key_len[i] = params->wep_key_len[i];
2841 } else
2842 drv->auth_wep_key_len[i] = 0;
2843 }
2844 }
2845
2846
nl80211_unmask_11b_rates(struct i802_bss * bss)2847 static void nl80211_unmask_11b_rates(struct i802_bss *bss)
2848 {
2849 struct wpa_driver_nl80211_data *drv = bss->drv;
2850
2851 if (is_p2p_net_interface(drv->nlmode) || !drv->disabled_11b_rates)
2852 return;
2853
2854 /*
2855 * Looks like we failed to unmask 11b rates previously. This could
2856 * happen, e.g., if the interface was down at the point in time when a
2857 * P2P group was terminated.
2858 */
2859 wpa_printf(MSG_DEBUG,
2860 "nl80211: Interface %s mode is for non-P2P, but 11b rates were disabled - re-enable them",
2861 bss->ifname);
2862 nl80211_disable_11b_rates(drv, drv->ifindex, 0);
2863 }
2864
2865
wpa_driver_nl80211_authenticate(struct i802_bss * bss,struct wpa_driver_auth_params * params)2866 static int wpa_driver_nl80211_authenticate(
2867 struct i802_bss *bss, struct wpa_driver_auth_params *params)
2868 {
2869 struct wpa_driver_nl80211_data *drv = bss->drv;
2870 int ret = -1, i;
2871 struct nl_msg *msg;
2872 enum nl80211_auth_type type;
2873 enum nl80211_iftype nlmode;
2874 int count = 0;
2875 int is_retry;
2876
2877 nl80211_unmask_11b_rates(bss);
2878
2879 is_retry = drv->retry_auth;
2880 drv->retry_auth = 0;
2881 drv->ignore_deauth_event = 0;
2882
2883 nl80211_mark_disconnected(drv);
2884 os_memset(drv->auth_bssid, 0, ETH_ALEN);
2885 if (params->bssid)
2886 os_memcpy(drv->auth_attempt_bssid, params->bssid, ETH_ALEN);
2887 else
2888 os_memset(drv->auth_attempt_bssid, 0, ETH_ALEN);
2889 /* FIX: IBSS mode */
2890 nlmode = params->p2p ?
2891 NL80211_IFTYPE_P2P_CLIENT : NL80211_IFTYPE_STATION;
2892 if (drv->nlmode != nlmode &&
2893 wpa_driver_nl80211_set_mode(bss, nlmode) < 0)
2894 return -1;
2895
2896 retry:
2897 wpa_printf(MSG_DEBUG, "nl80211: Authenticate (ifindex=%d)",
2898 drv->ifindex);
2899
2900 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_AUTHENTICATE);
2901 if (!msg)
2902 goto fail;
2903
2904 for (i = 0; i < 4; i++) {
2905 if (!params->wep_key[i])
2906 continue;
2907 wpa_driver_nl80211_set_key(bss->ifname, bss, WPA_ALG_WEP,
2908 NULL, i,
2909 i == params->wep_tx_keyidx, NULL, 0,
2910 params->wep_key[i],
2911 params->wep_key_len[i]);
2912 if (params->wep_tx_keyidx != i)
2913 continue;
2914 if (nl_add_key(msg, WPA_ALG_WEP, i, 1, NULL, 0,
2915 params->wep_key[i], params->wep_key_len[i]))
2916 goto fail;
2917 }
2918
2919 if (params->bssid) {
2920 wpa_printf(MSG_DEBUG, " * bssid=" MACSTR,
2921 MAC2STR(params->bssid));
2922 if (nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid))
2923 goto fail;
2924 }
2925 if (params->freq) {
2926 wpa_printf(MSG_DEBUG, " * freq=%d", params->freq);
2927 if (nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, params->freq))
2928 goto fail;
2929 }
2930 if (params->ssid) {
2931 wpa_hexdump_ascii(MSG_DEBUG, " * SSID",
2932 params->ssid, params->ssid_len);
2933 if (nla_put(msg, NL80211_ATTR_SSID, params->ssid_len,
2934 params->ssid))
2935 goto fail;
2936 }
2937 wpa_hexdump(MSG_DEBUG, " * IEs", params->ie, params->ie_len);
2938 if (params->ie &&
2939 nla_put(msg, NL80211_ATTR_IE, params->ie_len, params->ie))
2940 goto fail;
2941 if (params->sae_data) {
2942 wpa_hexdump(MSG_DEBUG, " * SAE data", params->sae_data,
2943 params->sae_data_len);
2944 if (nla_put(msg, NL80211_ATTR_SAE_DATA, params->sae_data_len,
2945 params->sae_data))
2946 goto fail;
2947 }
2948 if (params->auth_alg & WPA_AUTH_ALG_OPEN)
2949 type = NL80211_AUTHTYPE_OPEN_SYSTEM;
2950 else if (params->auth_alg & WPA_AUTH_ALG_SHARED)
2951 type = NL80211_AUTHTYPE_SHARED_KEY;
2952 else if (params->auth_alg & WPA_AUTH_ALG_LEAP)
2953 type = NL80211_AUTHTYPE_NETWORK_EAP;
2954 else if (params->auth_alg & WPA_AUTH_ALG_FT)
2955 type = NL80211_AUTHTYPE_FT;
2956 else if (params->auth_alg & WPA_AUTH_ALG_SAE)
2957 type = NL80211_AUTHTYPE_SAE;
2958 else
2959 goto fail;
2960 wpa_printf(MSG_DEBUG, " * Auth Type %d", type);
2961 if (nla_put_u32(msg, NL80211_ATTR_AUTH_TYPE, type))
2962 goto fail;
2963 if (params->local_state_change) {
2964 wpa_printf(MSG_DEBUG, " * Local state change only");
2965 if (nla_put_flag(msg, NL80211_ATTR_LOCAL_STATE_CHANGE))
2966 goto fail;
2967 }
2968
2969 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
2970 msg = NULL;
2971 if (ret) {
2972 wpa_dbg(drv->ctx, MSG_DEBUG,
2973 "nl80211: MLME command failed (auth): ret=%d (%s)",
2974 ret, strerror(-ret));
2975 count++;
2976 if (ret == -EALREADY && count == 1 && params->bssid &&
2977 !params->local_state_change) {
2978 /*
2979 * mac80211 does not currently accept new
2980 * authentication if we are already authenticated. As a
2981 * workaround, force deauthentication and try again.
2982 */
2983 wpa_printf(MSG_DEBUG, "nl80211: Retry authentication "
2984 "after forced deauthentication");
2985 drv->ignore_deauth_event = 1;
2986 wpa_driver_nl80211_deauthenticate(
2987 bss, params->bssid,
2988 WLAN_REASON_PREV_AUTH_NOT_VALID);
2989 nlmsg_free(msg);
2990 goto retry;
2991 }
2992
2993 if (ret == -ENOENT && params->freq && !is_retry) {
2994 /*
2995 * cfg80211 has likely expired the BSS entry even
2996 * though it was previously available in our internal
2997 * BSS table. To recover quickly, start a single
2998 * channel scan on the specified channel.
2999 */
3000 struct wpa_driver_scan_params scan;
3001 int freqs[2];
3002
3003 os_memset(&scan, 0, sizeof(scan));
3004 scan.num_ssids = 1;
3005 if (params->ssid) {
3006 scan.ssids[0].ssid = params->ssid;
3007 scan.ssids[0].ssid_len = params->ssid_len;
3008 }
3009 freqs[0] = params->freq;
3010 freqs[1] = 0;
3011 scan.freqs = freqs;
3012 wpa_printf(MSG_DEBUG, "nl80211: Trigger single "
3013 "channel scan to refresh cfg80211 BSS "
3014 "entry");
3015 ret = wpa_driver_nl80211_scan(bss, &scan);
3016 if (ret == 0) {
3017 nl80211_copy_auth_params(drv, params);
3018 drv->scan_for_auth = 1;
3019 }
3020 } else if (is_retry) {
3021 /*
3022 * Need to indicate this with an event since the return
3023 * value from the retry is not delivered to core code.
3024 */
3025 union wpa_event_data event;
3026 wpa_printf(MSG_DEBUG, "nl80211: Authentication retry "
3027 "failed");
3028 os_memset(&event, 0, sizeof(event));
3029 os_memcpy(event.timeout_event.addr, drv->auth_bssid_,
3030 ETH_ALEN);
3031 wpa_supplicant_event(drv->ctx, EVENT_AUTH_TIMED_OUT,
3032 &event);
3033 }
3034 } else {
3035 wpa_printf(MSG_DEBUG,
3036 "nl80211: Authentication request send successfully");
3037 }
3038
3039 fail:
3040 nlmsg_free(msg);
3041 return ret;
3042 }
3043
3044
wpa_driver_nl80211_authenticate_retry(struct wpa_driver_nl80211_data * drv)3045 int wpa_driver_nl80211_authenticate_retry(struct wpa_driver_nl80211_data *drv)
3046 {
3047 struct wpa_driver_auth_params params;
3048 struct i802_bss *bss = drv->first_bss;
3049 int i;
3050
3051 wpa_printf(MSG_DEBUG, "nl80211: Try to authenticate again");
3052
3053 os_memset(¶ms, 0, sizeof(params));
3054 params.freq = drv->auth_freq;
3055 params.auth_alg = drv->auth_alg;
3056 params.wep_tx_keyidx = drv->auth_wep_tx_keyidx;
3057 params.local_state_change = drv->auth_local_state_change;
3058 params.p2p = drv->auth_p2p;
3059
3060 if (!is_zero_ether_addr(drv->auth_bssid_))
3061 params.bssid = drv->auth_bssid_;
3062
3063 if (drv->auth_ssid_len) {
3064 params.ssid = drv->auth_ssid;
3065 params.ssid_len = drv->auth_ssid_len;
3066 }
3067
3068 params.ie = drv->auth_ie;
3069 params.ie_len = drv->auth_ie_len;
3070
3071 for (i = 0; i < 4; i++) {
3072 if (drv->auth_wep_key_len[i]) {
3073 params.wep_key[i] = drv->auth_wep_key[i];
3074 params.wep_key_len[i] = drv->auth_wep_key_len[i];
3075 }
3076 }
3077
3078 drv->retry_auth = 1;
3079 return wpa_driver_nl80211_authenticate(bss, ¶ms);
3080 }
3081
3082
wpa_driver_nl80211_send_frame(struct i802_bss * bss,const void * data,size_t len,int encrypt,int noack,unsigned int freq,int no_cck,int offchanok,unsigned int wait_time)3083 static int wpa_driver_nl80211_send_frame(struct i802_bss *bss,
3084 const void *data, size_t len,
3085 int encrypt, int noack,
3086 unsigned int freq, int no_cck,
3087 int offchanok, unsigned int wait_time)
3088 {
3089 struct wpa_driver_nl80211_data *drv = bss->drv;
3090 u64 cookie;
3091 int res;
3092
3093 if (freq == 0 && drv->nlmode == NL80211_IFTYPE_ADHOC) {
3094 freq = nl80211_get_assoc_freq(drv);
3095 wpa_printf(MSG_DEBUG,
3096 "nl80211: send_frame - Use assoc_freq=%u for IBSS",
3097 freq);
3098 }
3099 if (freq == 0) {
3100 wpa_printf(MSG_DEBUG, "nl80211: send_frame - Use bss->freq=%u",
3101 bss->freq);
3102 freq = bss->freq;
3103 }
3104
3105 if (drv->use_monitor) {
3106 wpa_printf(MSG_DEBUG, "nl80211: send_frame(freq=%u bss->freq=%u) -> send_monitor",
3107 freq, bss->freq);
3108 return nl80211_send_monitor(drv, data, len, encrypt, noack);
3109 }
3110
3111 wpa_printf(MSG_DEBUG, "nl80211: send_frame -> send_frame_cmd");
3112 res = nl80211_send_frame_cmd(bss, freq, wait_time, data, len,
3113 &cookie, no_cck, noack, offchanok);
3114 if (res == 0 && !noack) {
3115 const struct ieee80211_mgmt *mgmt;
3116 u16 fc;
3117
3118 mgmt = (const struct ieee80211_mgmt *) data;
3119 fc = le_to_host16(mgmt->frame_control);
3120 if (WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT &&
3121 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_ACTION) {
3122 wpa_printf(MSG_MSGDUMP,
3123 "nl80211: Update send_action_cookie from 0x%llx to 0x%llx",
3124 (long long unsigned int)
3125 drv->send_action_cookie,
3126 (long long unsigned int) cookie);
3127 drv->send_action_cookie = cookie;
3128 }
3129 }
3130
3131 return res;
3132 }
3133
3134
wpa_driver_nl80211_send_mlme(struct i802_bss * bss,const u8 * data,size_t data_len,int noack,unsigned int freq,int no_cck,int offchanok,unsigned int wait_time)3135 static int wpa_driver_nl80211_send_mlme(struct i802_bss *bss, const u8 *data,
3136 size_t data_len, int noack,
3137 unsigned int freq, int no_cck,
3138 int offchanok,
3139 unsigned int wait_time)
3140 {
3141 struct wpa_driver_nl80211_data *drv = bss->drv;
3142 struct ieee80211_mgmt *mgmt;
3143 int encrypt = 1;
3144 u16 fc;
3145
3146 mgmt = (struct ieee80211_mgmt *) data;
3147 fc = le_to_host16(mgmt->frame_control);
3148 wpa_printf(MSG_DEBUG, "nl80211: send_mlme - da= " MACSTR
3149 " noack=%d freq=%u no_cck=%d offchanok=%d wait_time=%u fc=0x%x (%s) nlmode=%d",
3150 MAC2STR(mgmt->da), noack, freq, no_cck, offchanok, wait_time,
3151 fc, fc2str(fc), drv->nlmode);
3152
3153 if ((is_sta_interface(drv->nlmode) ||
3154 drv->nlmode == NL80211_IFTYPE_P2P_DEVICE) &&
3155 WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT &&
3156 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_PROBE_RESP) {
3157 /*
3158 * The use of last_mgmt_freq is a bit of a hack,
3159 * but it works due to the single-threaded nature
3160 * of wpa_supplicant.
3161 */
3162 if (freq == 0) {
3163 wpa_printf(MSG_DEBUG, "nl80211: Use last_mgmt_freq=%d",
3164 drv->last_mgmt_freq);
3165 freq = drv->last_mgmt_freq;
3166 }
3167 return nl80211_send_frame_cmd(bss, freq, 0,
3168 data, data_len, NULL, 1, noack,
3169 1);
3170 }
3171
3172 if (drv->device_ap_sme && is_ap_interface(drv->nlmode)) {
3173 if (freq == 0) {
3174 wpa_printf(MSG_DEBUG, "nl80211: Use bss->freq=%d",
3175 bss->freq);
3176 freq = bss->freq;
3177 }
3178 return nl80211_send_frame_cmd(bss, freq,
3179 (int) freq == bss->freq ? 0 :
3180 wait_time,
3181 data, data_len,
3182 &drv->send_action_cookie,
3183 no_cck, noack, offchanok);
3184 }
3185
3186 if (WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT &&
3187 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_AUTH) {
3188 /*
3189 * Only one of the authentication frame types is encrypted.
3190 * In order for static WEP encryption to work properly (i.e.,
3191 * to not encrypt the frame), we need to tell mac80211 about
3192 * the frames that must not be encrypted.
3193 */
3194 u16 auth_alg = le_to_host16(mgmt->u.auth.auth_alg);
3195 u16 auth_trans = le_to_host16(mgmt->u.auth.auth_transaction);
3196 if (auth_alg != WLAN_AUTH_SHARED_KEY || auth_trans != 3)
3197 encrypt = 0;
3198 }
3199
3200 wpa_printf(MSG_DEBUG, "nl80211: send_mlme -> send_frame");
3201 return wpa_driver_nl80211_send_frame(bss, data, data_len, encrypt,
3202 noack, freq, no_cck, offchanok,
3203 wait_time);
3204 }
3205
3206
nl80211_put_basic_rates(struct nl_msg * msg,const int * basic_rates)3207 static int nl80211_put_basic_rates(struct nl_msg *msg, const int *basic_rates)
3208 {
3209 u8 rates[NL80211_MAX_SUPP_RATES];
3210 u8 rates_len = 0;
3211 int i;
3212
3213 if (!basic_rates)
3214 return 0;
3215
3216 for (i = 0; i < NL80211_MAX_SUPP_RATES && basic_rates[i] >= 0; i++)
3217 rates[rates_len++] = basic_rates[i] / 5;
3218
3219 return nla_put(msg, NL80211_ATTR_BSS_BASIC_RATES, rates_len, rates);
3220 }
3221
3222
nl80211_set_bss(struct i802_bss * bss,int cts,int preamble,int slot,int ht_opmode,int ap_isolate,const int * basic_rates)3223 static int nl80211_set_bss(struct i802_bss *bss, int cts, int preamble,
3224 int slot, int ht_opmode, int ap_isolate,
3225 const int *basic_rates)
3226 {
3227 struct wpa_driver_nl80211_data *drv = bss->drv;
3228 struct nl_msg *msg;
3229
3230 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_BSS)) ||
3231 (cts >= 0 &&
3232 nla_put_u8(msg, NL80211_ATTR_BSS_CTS_PROT, cts)) ||
3233 (preamble >= 0 &&
3234 nla_put_u8(msg, NL80211_ATTR_BSS_SHORT_PREAMBLE, preamble)) ||
3235 (slot >= 0 &&
3236 nla_put_u8(msg, NL80211_ATTR_BSS_SHORT_SLOT_TIME, slot)) ||
3237 (ht_opmode >= 0 &&
3238 nla_put_u16(msg, NL80211_ATTR_BSS_HT_OPMODE, ht_opmode)) ||
3239 (ap_isolate >= 0 &&
3240 nla_put_u8(msg, NL80211_ATTR_AP_ISOLATE, ap_isolate)) ||
3241 nl80211_put_basic_rates(msg, basic_rates)) {
3242 nlmsg_free(msg);
3243 return -ENOBUFS;
3244 }
3245
3246 return send_and_recv_msgs(drv, msg, NULL, NULL);
3247 }
3248
3249
wpa_driver_nl80211_set_acl(void * priv,struct hostapd_acl_params * params)3250 static int wpa_driver_nl80211_set_acl(void *priv,
3251 struct hostapd_acl_params *params)
3252 {
3253 struct i802_bss *bss = priv;
3254 struct wpa_driver_nl80211_data *drv = bss->drv;
3255 struct nl_msg *msg;
3256 struct nlattr *acl;
3257 unsigned int i;
3258 int ret;
3259
3260 if (!(drv->capa.max_acl_mac_addrs))
3261 return -ENOTSUP;
3262
3263 if (params->num_mac_acl > drv->capa.max_acl_mac_addrs)
3264 return -ENOTSUP;
3265
3266 wpa_printf(MSG_DEBUG, "nl80211: Set %s ACL (num_mac_acl=%u)",
3267 params->acl_policy ? "Accept" : "Deny", params->num_mac_acl);
3268
3269 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_SET_MAC_ACL)) ||
3270 nla_put_u32(msg, NL80211_ATTR_ACL_POLICY, params->acl_policy ?
3271 NL80211_ACL_POLICY_DENY_UNLESS_LISTED :
3272 NL80211_ACL_POLICY_ACCEPT_UNLESS_LISTED) ||
3273 (acl = nla_nest_start(msg, NL80211_ATTR_MAC_ADDRS)) == NULL) {
3274 nlmsg_free(msg);
3275 return -ENOMEM;
3276 }
3277
3278 for (i = 0; i < params->num_mac_acl; i++) {
3279 if (nla_put(msg, i + 1, ETH_ALEN, params->mac_acl[i].addr)) {
3280 nlmsg_free(msg);
3281 return -ENOMEM;
3282 }
3283 }
3284
3285 nla_nest_end(msg, acl);
3286
3287 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
3288 if (ret) {
3289 wpa_printf(MSG_DEBUG, "nl80211: Failed to set MAC ACL: %d (%s)",
3290 ret, strerror(-ret));
3291 }
3292
3293 return ret;
3294 }
3295
3296
nl80211_put_beacon_int(struct nl_msg * msg,int beacon_int)3297 static int nl80211_put_beacon_int(struct nl_msg *msg, int beacon_int)
3298 {
3299 if (beacon_int > 0) {
3300 wpa_printf(MSG_DEBUG, " * beacon_int=%d", beacon_int);
3301 return nla_put_u32(msg, NL80211_ATTR_BEACON_INTERVAL,
3302 beacon_int);
3303 }
3304
3305 return 0;
3306 }
3307
3308
wpa_driver_nl80211_set_ap(void * priv,struct wpa_driver_ap_params * params)3309 static int wpa_driver_nl80211_set_ap(void *priv,
3310 struct wpa_driver_ap_params *params)
3311 {
3312 struct i802_bss *bss = priv;
3313 struct wpa_driver_nl80211_data *drv = bss->drv;
3314 struct nl_msg *msg;
3315 u8 cmd = NL80211_CMD_NEW_BEACON;
3316 int ret;
3317 int beacon_set;
3318 int num_suites;
3319 int smps_mode;
3320 u32 suites[10], suite;
3321 u32 ver;
3322
3323 beacon_set = params->reenable ? 0 : bss->beacon_set;
3324
3325 wpa_printf(MSG_DEBUG, "nl80211: Set beacon (beacon_set=%d)",
3326 beacon_set);
3327 if (beacon_set)
3328 cmd = NL80211_CMD_SET_BEACON;
3329
3330 wpa_hexdump(MSG_DEBUG, "nl80211: Beacon head",
3331 params->head, params->head_len);
3332 wpa_hexdump(MSG_DEBUG, "nl80211: Beacon tail",
3333 params->tail, params->tail_len);
3334 wpa_printf(MSG_DEBUG, "nl80211: ifindex=%d", bss->ifindex);
3335 wpa_printf(MSG_DEBUG, "nl80211: beacon_int=%d", params->beacon_int);
3336 wpa_printf(MSG_DEBUG, "nl80211: dtim_period=%d", params->dtim_period);
3337 wpa_hexdump_ascii(MSG_DEBUG, "nl80211: ssid",
3338 params->ssid, params->ssid_len);
3339 if (!(msg = nl80211_bss_msg(bss, 0, cmd)) ||
3340 nla_put(msg, NL80211_ATTR_BEACON_HEAD, params->head_len,
3341 params->head) ||
3342 nla_put(msg, NL80211_ATTR_BEACON_TAIL, params->tail_len,
3343 params->tail) ||
3344 nl80211_put_beacon_int(msg, params->beacon_int) ||
3345 nla_put_u32(msg, NL80211_ATTR_DTIM_PERIOD, params->dtim_period) ||
3346 nla_put(msg, NL80211_ATTR_SSID, params->ssid_len, params->ssid))
3347 goto fail;
3348 if (params->proberesp && params->proberesp_len) {
3349 wpa_hexdump(MSG_DEBUG, "nl80211: proberesp (offload)",
3350 params->proberesp, params->proberesp_len);
3351 if (nla_put(msg, NL80211_ATTR_PROBE_RESP, params->proberesp_len,
3352 params->proberesp))
3353 goto fail;
3354 }
3355 switch (params->hide_ssid) {
3356 case NO_SSID_HIDING:
3357 wpa_printf(MSG_DEBUG, "nl80211: hidden SSID not in use");
3358 if (nla_put_u32(msg, NL80211_ATTR_HIDDEN_SSID,
3359 NL80211_HIDDEN_SSID_NOT_IN_USE))
3360 goto fail;
3361 break;
3362 case HIDDEN_SSID_ZERO_LEN:
3363 wpa_printf(MSG_DEBUG, "nl80211: hidden SSID zero len");
3364 if (nla_put_u32(msg, NL80211_ATTR_HIDDEN_SSID,
3365 NL80211_HIDDEN_SSID_ZERO_LEN))
3366 goto fail;
3367 break;
3368 case HIDDEN_SSID_ZERO_CONTENTS:
3369 wpa_printf(MSG_DEBUG, "nl80211: hidden SSID zero contents");
3370 if (nla_put_u32(msg, NL80211_ATTR_HIDDEN_SSID,
3371 NL80211_HIDDEN_SSID_ZERO_CONTENTS))
3372 goto fail;
3373 break;
3374 }
3375 wpa_printf(MSG_DEBUG, "nl80211: privacy=%d", params->privacy);
3376 if (params->privacy &&
3377 nla_put_flag(msg, NL80211_ATTR_PRIVACY))
3378 goto fail;
3379 wpa_printf(MSG_DEBUG, "nl80211: auth_algs=0x%x", params->auth_algs);
3380 if ((params->auth_algs & (WPA_AUTH_ALG_OPEN | WPA_AUTH_ALG_SHARED)) ==
3381 (WPA_AUTH_ALG_OPEN | WPA_AUTH_ALG_SHARED)) {
3382 /* Leave out the attribute */
3383 } else if (params->auth_algs & WPA_AUTH_ALG_SHARED) {
3384 if (nla_put_u32(msg, NL80211_ATTR_AUTH_TYPE,
3385 NL80211_AUTHTYPE_SHARED_KEY))
3386 goto fail;
3387 } else {
3388 if (nla_put_u32(msg, NL80211_ATTR_AUTH_TYPE,
3389 NL80211_AUTHTYPE_OPEN_SYSTEM))
3390 goto fail;
3391 }
3392
3393 wpa_printf(MSG_DEBUG, "nl80211: wpa_version=0x%x", params->wpa_version);
3394 ver = 0;
3395 if (params->wpa_version & WPA_PROTO_WPA)
3396 ver |= NL80211_WPA_VERSION_1;
3397 if (params->wpa_version & WPA_PROTO_RSN)
3398 ver |= NL80211_WPA_VERSION_2;
3399 if (ver &&
3400 nla_put_u32(msg, NL80211_ATTR_WPA_VERSIONS, ver))
3401 goto fail;
3402
3403 wpa_printf(MSG_DEBUG, "nl80211: key_mgmt_suites=0x%x",
3404 params->key_mgmt_suites);
3405 num_suites = 0;
3406 if (params->key_mgmt_suites & WPA_KEY_MGMT_IEEE8021X)
3407 suites[num_suites++] = WLAN_AKM_SUITE_8021X;
3408 if (params->key_mgmt_suites & WPA_KEY_MGMT_PSK)
3409 suites[num_suites++] = WLAN_AKM_SUITE_PSK;
3410 if (num_suites &&
3411 nla_put(msg, NL80211_ATTR_AKM_SUITES, num_suites * sizeof(u32),
3412 suites))
3413 goto fail;
3414
3415 if (params->key_mgmt_suites & WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
3416 params->pairwise_ciphers & (WPA_CIPHER_WEP104 | WPA_CIPHER_WEP40) &&
3417 nla_put_flag(msg, NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT))
3418 goto fail;
3419
3420 wpa_printf(MSG_DEBUG, "nl80211: pairwise_ciphers=0x%x",
3421 params->pairwise_ciphers);
3422 num_suites = wpa_cipher_to_cipher_suites(params->pairwise_ciphers,
3423 suites, ARRAY_SIZE(suites));
3424 if (num_suites &&
3425 nla_put(msg, NL80211_ATTR_CIPHER_SUITES_PAIRWISE,
3426 num_suites * sizeof(u32), suites))
3427 goto fail;
3428
3429 wpa_printf(MSG_DEBUG, "nl80211: group_cipher=0x%x",
3430 params->group_cipher);
3431 suite = wpa_cipher_to_cipher_suite(params->group_cipher);
3432 if (suite &&
3433 nla_put_u32(msg, NL80211_ATTR_CIPHER_SUITE_GROUP, suite))
3434 goto fail;
3435
3436 switch (params->smps_mode) {
3437 case HT_CAP_INFO_SMPS_DYNAMIC:
3438 wpa_printf(MSG_DEBUG, "nl80211: SMPS mode - dynamic");
3439 smps_mode = NL80211_SMPS_DYNAMIC;
3440 break;
3441 case HT_CAP_INFO_SMPS_STATIC:
3442 wpa_printf(MSG_DEBUG, "nl80211: SMPS mode - static");
3443 smps_mode = NL80211_SMPS_STATIC;
3444 break;
3445 default:
3446 /* invalid - fallback to smps off */
3447 case HT_CAP_INFO_SMPS_DISABLED:
3448 wpa_printf(MSG_DEBUG, "nl80211: SMPS mode - off");
3449 smps_mode = NL80211_SMPS_OFF;
3450 break;
3451 }
3452 if (nla_put_u32(msg, NL80211_ATTR_SMPS_MODE, smps_mode))
3453 goto fail;
3454
3455 if (params->beacon_ies) {
3456 wpa_hexdump_buf(MSG_DEBUG, "nl80211: beacon_ies",
3457 params->beacon_ies);
3458 if (nla_put(msg, NL80211_ATTR_IE,
3459 wpabuf_len(params->beacon_ies),
3460 wpabuf_head(params->beacon_ies)))
3461 goto fail;
3462 }
3463 if (params->proberesp_ies) {
3464 wpa_hexdump_buf(MSG_DEBUG, "nl80211: proberesp_ies",
3465 params->proberesp_ies);
3466 if (nla_put(msg, NL80211_ATTR_IE_PROBE_RESP,
3467 wpabuf_len(params->proberesp_ies),
3468 wpabuf_head(params->proberesp_ies)))
3469 goto fail;
3470 }
3471 if (params->assocresp_ies) {
3472 wpa_hexdump_buf(MSG_DEBUG, "nl80211: assocresp_ies",
3473 params->assocresp_ies);
3474 if (nla_put(msg, NL80211_ATTR_IE_ASSOC_RESP,
3475 wpabuf_len(params->assocresp_ies),
3476 wpabuf_head(params->assocresp_ies)))
3477 goto fail;
3478 }
3479
3480 if (drv->capa.flags & WPA_DRIVER_FLAGS_INACTIVITY_TIMER) {
3481 wpa_printf(MSG_DEBUG, "nl80211: ap_max_inactivity=%d",
3482 params->ap_max_inactivity);
3483 if (nla_put_u16(msg, NL80211_ATTR_INACTIVITY_TIMEOUT,
3484 params->ap_max_inactivity))
3485 goto fail;
3486 }
3487
3488 #ifdef CONFIG_P2P
3489 if (params->p2p_go_ctwindow > 0) {
3490 if (drv->p2p_go_ctwindow_supported) {
3491 wpa_printf(MSG_DEBUG, "nl80211: P2P GO ctwindow=%d",
3492 params->p2p_go_ctwindow);
3493 if (nla_put_u8(msg, NL80211_ATTR_P2P_CTWINDOW,
3494 params->p2p_go_ctwindow))
3495 goto fail;
3496 } else {
3497 wpa_printf(MSG_INFO,
3498 "nl80211: Driver does not support CTWindow configuration - ignore this parameter");
3499 }
3500 }
3501 #endif /* CONFIG_P2P */
3502
3503 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
3504 if (ret) {
3505 wpa_printf(MSG_DEBUG, "nl80211: Beacon set failed: %d (%s)",
3506 ret, strerror(-ret));
3507 } else {
3508 bss->beacon_set = 1;
3509 nl80211_set_bss(bss, params->cts_protect, params->preamble,
3510 params->short_slot_time, params->ht_opmode,
3511 params->isolate, params->basic_rates);
3512 if (beacon_set && params->freq &&
3513 params->freq->bandwidth != bss->bandwidth) {
3514 wpa_printf(MSG_DEBUG,
3515 "nl80211: Update BSS %s bandwidth: %d -> %d",
3516 bss->ifname, bss->bandwidth,
3517 params->freq->bandwidth);
3518 ret = nl80211_set_channel(bss, params->freq, 1);
3519 if (ret) {
3520 wpa_printf(MSG_DEBUG,
3521 "nl80211: Frequency set failed: %d (%s)",
3522 ret, strerror(-ret));
3523 } else {
3524 wpa_printf(MSG_DEBUG,
3525 "nl80211: Frequency set succeeded for ht2040 coex");
3526 bss->bandwidth = params->freq->bandwidth;
3527 }
3528 } else if (!beacon_set) {
3529 /*
3530 * cfg80211 updates the driver on frequence change in AP
3531 * mode only at the point when beaconing is started, so
3532 * set the initial value here.
3533 */
3534 bss->bandwidth = params->freq->bandwidth;
3535 }
3536 }
3537 return ret;
3538 fail:
3539 nlmsg_free(msg);
3540 return -ENOBUFS;
3541 }
3542
3543
nl80211_put_freq_params(struct nl_msg * msg,const struct hostapd_freq_params * freq)3544 static int nl80211_put_freq_params(struct nl_msg *msg,
3545 const struct hostapd_freq_params *freq)
3546 {
3547 wpa_printf(MSG_DEBUG, " * freq=%d", freq->freq);
3548 if (nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, freq->freq))
3549 return -ENOBUFS;
3550
3551 wpa_printf(MSG_DEBUG, " * vht_enabled=%d", freq->vht_enabled);
3552 wpa_printf(MSG_DEBUG, " * ht_enabled=%d", freq->ht_enabled);
3553
3554 if (freq->vht_enabled) {
3555 enum nl80211_chan_width cw;
3556
3557 wpa_printf(MSG_DEBUG, " * bandwidth=%d", freq->bandwidth);
3558 switch (freq->bandwidth) {
3559 case 20:
3560 cw = NL80211_CHAN_WIDTH_20;
3561 break;
3562 case 40:
3563 cw = NL80211_CHAN_WIDTH_40;
3564 break;
3565 case 80:
3566 if (freq->center_freq2)
3567 cw = NL80211_CHAN_WIDTH_80P80;
3568 else
3569 cw = NL80211_CHAN_WIDTH_80;
3570 break;
3571 case 160:
3572 cw = NL80211_CHAN_WIDTH_160;
3573 break;
3574 default:
3575 return -EINVAL;
3576 }
3577
3578 wpa_printf(MSG_DEBUG, " * channel_width=%d", cw);
3579 wpa_printf(MSG_DEBUG, " * center_freq1=%d",
3580 freq->center_freq1);
3581 wpa_printf(MSG_DEBUG, " * center_freq2=%d",
3582 freq->center_freq2);
3583 if (nla_put_u32(msg, NL80211_ATTR_CHANNEL_WIDTH, cw) ||
3584 nla_put_u32(msg, NL80211_ATTR_CENTER_FREQ1,
3585 freq->center_freq1) ||
3586 (freq->center_freq2 &&
3587 nla_put_u32(msg, NL80211_ATTR_CENTER_FREQ2,
3588 freq->center_freq2)))
3589 return -ENOBUFS;
3590 } else if (freq->ht_enabled) {
3591 enum nl80211_channel_type ct;
3592
3593 wpa_printf(MSG_DEBUG, " * sec_channel_offset=%d",
3594 freq->sec_channel_offset);
3595 switch (freq->sec_channel_offset) {
3596 case -1:
3597 ct = NL80211_CHAN_HT40MINUS;
3598 break;
3599 case 1:
3600 ct = NL80211_CHAN_HT40PLUS;
3601 break;
3602 default:
3603 ct = NL80211_CHAN_HT20;
3604 break;
3605 }
3606
3607 wpa_printf(MSG_DEBUG, " * channel_type=%d", ct);
3608 if (nla_put_u32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE, ct))
3609 return -ENOBUFS;
3610 }
3611 return 0;
3612 }
3613
3614
nl80211_set_channel(struct i802_bss * bss,struct hostapd_freq_params * freq,int set_chan)3615 static int nl80211_set_channel(struct i802_bss *bss,
3616 struct hostapd_freq_params *freq, int set_chan)
3617 {
3618 struct wpa_driver_nl80211_data *drv = bss->drv;
3619 struct nl_msg *msg;
3620 int ret;
3621
3622 wpa_printf(MSG_DEBUG,
3623 "nl80211: Set freq %d (ht_enabled=%d, vht_enabled=%d, bandwidth=%d MHz, cf1=%d MHz, cf2=%d MHz)",
3624 freq->freq, freq->ht_enabled, freq->vht_enabled,
3625 freq->bandwidth, freq->center_freq1, freq->center_freq2);
3626
3627 msg = nl80211_drv_msg(drv, 0, set_chan ? NL80211_CMD_SET_CHANNEL :
3628 NL80211_CMD_SET_WIPHY);
3629 if (!msg || nl80211_put_freq_params(msg, freq) < 0) {
3630 nlmsg_free(msg);
3631 return -1;
3632 }
3633
3634 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
3635 if (ret == 0) {
3636 bss->freq = freq->freq;
3637 return 0;
3638 }
3639 wpa_printf(MSG_DEBUG, "nl80211: Failed to set channel (freq=%d): "
3640 "%d (%s)", freq->freq, ret, strerror(-ret));
3641 return -1;
3642 }
3643
3644
sta_flags_nl80211(int flags)3645 static u32 sta_flags_nl80211(int flags)
3646 {
3647 u32 f = 0;
3648
3649 if (flags & WPA_STA_AUTHORIZED)
3650 f |= BIT(NL80211_STA_FLAG_AUTHORIZED);
3651 if (flags & WPA_STA_WMM)
3652 f |= BIT(NL80211_STA_FLAG_WME);
3653 if (flags & WPA_STA_SHORT_PREAMBLE)
3654 f |= BIT(NL80211_STA_FLAG_SHORT_PREAMBLE);
3655 if (flags & WPA_STA_MFP)
3656 f |= BIT(NL80211_STA_FLAG_MFP);
3657 if (flags & WPA_STA_TDLS_PEER)
3658 f |= BIT(NL80211_STA_FLAG_TDLS_PEER);
3659 if (flags & WPA_STA_AUTHENTICATED)
3660 f |= BIT(NL80211_STA_FLAG_AUTHENTICATED);
3661
3662 return f;
3663 }
3664
3665
3666 #ifdef CONFIG_MESH
sta_plink_state_nl80211(enum mesh_plink_state state)3667 static u32 sta_plink_state_nl80211(enum mesh_plink_state state)
3668 {
3669 switch (state) {
3670 case PLINK_LISTEN:
3671 return NL80211_PLINK_LISTEN;
3672 case PLINK_OPEN_SENT:
3673 return NL80211_PLINK_OPN_SNT;
3674 case PLINK_OPEN_RCVD:
3675 return NL80211_PLINK_OPN_RCVD;
3676 case PLINK_CNF_RCVD:
3677 return NL80211_PLINK_CNF_RCVD;
3678 case PLINK_ESTAB:
3679 return NL80211_PLINK_ESTAB;
3680 case PLINK_HOLDING:
3681 return NL80211_PLINK_HOLDING;
3682 case PLINK_BLOCKED:
3683 return NL80211_PLINK_BLOCKED;
3684 default:
3685 wpa_printf(MSG_ERROR, "nl80211: Invalid mesh plink state %d",
3686 state);
3687 }
3688 return -1;
3689 }
3690 #endif /* CONFIG_MESH */
3691
3692
wpa_driver_nl80211_sta_add(void * priv,struct hostapd_sta_add_params * params)3693 static int wpa_driver_nl80211_sta_add(void *priv,
3694 struct hostapd_sta_add_params *params)
3695 {
3696 struct i802_bss *bss = priv;
3697 struct wpa_driver_nl80211_data *drv = bss->drv;
3698 struct nl_msg *msg;
3699 struct nl80211_sta_flag_update upd;
3700 int ret = -ENOBUFS;
3701
3702 if ((params->flags & WPA_STA_TDLS_PEER) &&
3703 !(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT))
3704 return -EOPNOTSUPP;
3705
3706 wpa_printf(MSG_DEBUG, "nl80211: %s STA " MACSTR,
3707 params->set ? "Set" : "Add", MAC2STR(params->addr));
3708 msg = nl80211_bss_msg(bss, 0, params->set ? NL80211_CMD_SET_STATION :
3709 NL80211_CMD_NEW_STATION);
3710 if (!msg || nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, params->addr))
3711 goto fail;
3712
3713 if (!params->set || (params->flags & WPA_STA_TDLS_PEER)) {
3714 wpa_hexdump(MSG_DEBUG, " * supported rates",
3715 params->supp_rates, params->supp_rates_len);
3716 wpa_printf(MSG_DEBUG, " * capability=0x%x",
3717 params->capability);
3718 if (nla_put(msg, NL80211_ATTR_STA_SUPPORTED_RATES,
3719 params->supp_rates_len, params->supp_rates) ||
3720 nla_put_u16(msg, NL80211_ATTR_STA_CAPABILITY,
3721 params->capability))
3722 goto fail;
3723
3724 if (params->ht_capabilities) {
3725 wpa_hexdump(MSG_DEBUG, " * ht_capabilities",
3726 (u8 *) params->ht_capabilities,
3727 sizeof(*params->ht_capabilities));
3728 if (nla_put(msg, NL80211_ATTR_HT_CAPABILITY,
3729 sizeof(*params->ht_capabilities),
3730 params->ht_capabilities))
3731 goto fail;
3732 }
3733
3734 if (params->vht_capabilities) {
3735 wpa_hexdump(MSG_DEBUG, " * vht_capabilities",
3736 (u8 *) params->vht_capabilities,
3737 sizeof(*params->vht_capabilities));
3738 if (nla_put(msg, NL80211_ATTR_VHT_CAPABILITY,
3739 sizeof(*params->vht_capabilities),
3740 params->vht_capabilities))
3741 goto fail;
3742 }
3743
3744 if (params->ext_capab) {
3745 wpa_hexdump(MSG_DEBUG, " * ext_capab",
3746 params->ext_capab, params->ext_capab_len);
3747 if (nla_put(msg, NL80211_ATTR_STA_EXT_CAPABILITY,
3748 params->ext_capab_len, params->ext_capab))
3749 goto fail;
3750 }
3751 }
3752 if (!params->set) {
3753 if (params->aid) {
3754 wpa_printf(MSG_DEBUG, " * aid=%u", params->aid);
3755 if (nla_put_u16(msg, NL80211_ATTR_STA_AID, params->aid))
3756 goto fail;
3757 } else {
3758 /*
3759 * cfg80211 validates that AID is non-zero, so we have
3760 * to make this a non-zero value for the TDLS case where
3761 * a dummy STA entry is used for now.
3762 */
3763 wpa_printf(MSG_DEBUG, " * aid=1 (TDLS workaround)");
3764 if (nla_put_u16(msg, NL80211_ATTR_STA_AID, 1))
3765 goto fail;
3766 }
3767 wpa_printf(MSG_DEBUG, " * listen_interval=%u",
3768 params->listen_interval);
3769 if (nla_put_u16(msg, NL80211_ATTR_STA_LISTEN_INTERVAL,
3770 params->listen_interval))
3771 goto fail;
3772 } else if (params->aid && (params->flags & WPA_STA_TDLS_PEER)) {
3773 wpa_printf(MSG_DEBUG, " * peer_aid=%u", params->aid);
3774 if (nla_put_u16(msg, NL80211_ATTR_PEER_AID, params->aid))
3775 goto fail;
3776 }
3777
3778 if (params->vht_opmode_enabled) {
3779 wpa_printf(MSG_DEBUG, " * opmode=%u", params->vht_opmode);
3780 if (nla_put_u8(msg, NL80211_ATTR_OPMODE_NOTIF,
3781 params->vht_opmode))
3782 goto fail;
3783 }
3784
3785 if (params->supp_channels) {
3786 wpa_hexdump(MSG_DEBUG, " * supported channels",
3787 params->supp_channels, params->supp_channels_len);
3788 if (nla_put(msg, NL80211_ATTR_STA_SUPPORTED_CHANNELS,
3789 params->supp_channels_len, params->supp_channels))
3790 goto fail;
3791 }
3792
3793 if (params->supp_oper_classes) {
3794 wpa_hexdump(MSG_DEBUG, " * supported operating classes",
3795 params->supp_oper_classes,
3796 params->supp_oper_classes_len);
3797 if (nla_put(msg, NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES,
3798 params->supp_oper_classes_len,
3799 params->supp_oper_classes))
3800 goto fail;
3801 }
3802
3803 os_memset(&upd, 0, sizeof(upd));
3804 upd.set = sta_flags_nl80211(params->flags);
3805 upd.mask = upd.set | sta_flags_nl80211(params->flags_mask);
3806 wpa_printf(MSG_DEBUG, " * flags set=0x%x mask=0x%x",
3807 upd.set, upd.mask);
3808 if (nla_put(msg, NL80211_ATTR_STA_FLAGS2, sizeof(upd), &upd))
3809 goto fail;
3810
3811 #ifdef CONFIG_MESH
3812 if (params->plink_state &&
3813 nla_put_u8(msg, NL80211_ATTR_STA_PLINK_STATE,
3814 sta_plink_state_nl80211(params->plink_state)))
3815 goto fail;
3816 #endif /* CONFIG_MESH */
3817
3818 if (params->flags & WPA_STA_WMM) {
3819 struct nlattr *wme = nla_nest_start(msg, NL80211_ATTR_STA_WME);
3820
3821 wpa_printf(MSG_DEBUG, " * qosinfo=0x%x", params->qosinfo);
3822 if (!wme ||
3823 nla_put_u8(msg, NL80211_STA_WME_UAPSD_QUEUES,
3824 params->qosinfo & WMM_QOSINFO_STA_AC_MASK) ||
3825 nla_put_u8(msg, NL80211_STA_WME_MAX_SP,
3826 (params->qosinfo >> WMM_QOSINFO_STA_SP_SHIFT) &
3827 WMM_QOSINFO_STA_SP_MASK))
3828 goto fail;
3829 nla_nest_end(msg, wme);
3830 }
3831
3832 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
3833 msg = NULL;
3834 if (ret)
3835 wpa_printf(MSG_DEBUG, "nl80211: NL80211_CMD_%s_STATION "
3836 "result: %d (%s)", params->set ? "SET" : "NEW", ret,
3837 strerror(-ret));
3838 if (ret == -EEXIST)
3839 ret = 0;
3840 fail:
3841 nlmsg_free(msg);
3842 return ret;
3843 }
3844
3845
rtnl_neigh_delete_fdb_entry(struct i802_bss * bss,const u8 * addr)3846 static void rtnl_neigh_delete_fdb_entry(struct i802_bss *bss, const u8 *addr)
3847 {
3848 #ifdef CONFIG_LIBNL3_ROUTE
3849 struct wpa_driver_nl80211_data *drv = bss->drv;
3850 struct rtnl_neigh *rn;
3851 struct nl_addr *nl_addr;
3852 int err;
3853
3854 rn = rtnl_neigh_alloc();
3855 if (!rn)
3856 return;
3857
3858 rtnl_neigh_set_family(rn, AF_BRIDGE);
3859 rtnl_neigh_set_ifindex(rn, bss->ifindex);
3860 nl_addr = nl_addr_build(AF_BRIDGE, (void *) addr, ETH_ALEN);
3861 if (!nl_addr) {
3862 rtnl_neigh_put(rn);
3863 return;
3864 }
3865 rtnl_neigh_set_lladdr(rn, nl_addr);
3866
3867 err = rtnl_neigh_delete(drv->rtnl_sk, rn, 0);
3868 if (err < 0) {
3869 wpa_printf(MSG_DEBUG, "nl80211: bridge FDB entry delete for "
3870 MACSTR " ifindex=%d failed: %s", MAC2STR(addr),
3871 bss->ifindex, nl_geterror(err));
3872 } else {
3873 wpa_printf(MSG_DEBUG, "nl80211: deleted bridge FDB entry for "
3874 MACSTR, MAC2STR(addr));
3875 }
3876
3877 nl_addr_put(nl_addr);
3878 rtnl_neigh_put(rn);
3879 #endif /* CONFIG_LIBNL3_ROUTE */
3880 }
3881
3882
wpa_driver_nl80211_sta_remove(struct i802_bss * bss,const u8 * addr,int deauth,u16 reason_code)3883 static int wpa_driver_nl80211_sta_remove(struct i802_bss *bss, const u8 *addr,
3884 int deauth, u16 reason_code)
3885 {
3886 struct wpa_driver_nl80211_data *drv = bss->drv;
3887 struct nl_msg *msg;
3888 int ret;
3889
3890 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_DEL_STATION)) ||
3891 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr) ||
3892 (deauth == 0 &&
3893 nla_put_u8(msg, NL80211_ATTR_MGMT_SUBTYPE,
3894 WLAN_FC_STYPE_DISASSOC)) ||
3895 (deauth == 1 &&
3896 nla_put_u8(msg, NL80211_ATTR_MGMT_SUBTYPE,
3897 WLAN_FC_STYPE_DEAUTH)) ||
3898 (reason_code &&
3899 nla_put_u16(msg, NL80211_ATTR_REASON_CODE, reason_code))) {
3900 nlmsg_free(msg);
3901 return -ENOBUFS;
3902 }
3903
3904 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
3905 wpa_printf(MSG_DEBUG, "nl80211: sta_remove -> DEL_STATION %s " MACSTR
3906 " --> %d (%s)",
3907 bss->ifname, MAC2STR(addr), ret, strerror(-ret));
3908
3909 if (drv->rtnl_sk)
3910 rtnl_neigh_delete_fdb_entry(bss, addr);
3911
3912 if (ret == -ENOENT)
3913 return 0;
3914 return ret;
3915 }
3916
3917
nl80211_remove_iface(struct wpa_driver_nl80211_data * drv,int ifidx)3918 void nl80211_remove_iface(struct wpa_driver_nl80211_data *drv, int ifidx)
3919 {
3920 struct nl_msg *msg;
3921 struct wpa_driver_nl80211_data *drv2;
3922
3923 wpa_printf(MSG_DEBUG, "nl80211: Remove interface ifindex=%d", ifidx);
3924
3925 /* stop listening for EAPOL on this interface */
3926 dl_list_for_each(drv2, &drv->global->interfaces,
3927 struct wpa_driver_nl80211_data, list)
3928 del_ifidx(drv2, ifidx);
3929
3930 msg = nl80211_ifindex_msg(drv, ifidx, 0, NL80211_CMD_DEL_INTERFACE);
3931 if (send_and_recv_msgs(drv, msg, NULL, NULL) == 0)
3932 return;
3933 wpa_printf(MSG_ERROR, "Failed to remove interface (ifidx=%d)", ifidx);
3934 }
3935
3936
nl80211_iftype_str(enum nl80211_iftype mode)3937 static const char * nl80211_iftype_str(enum nl80211_iftype mode)
3938 {
3939 switch (mode) {
3940 case NL80211_IFTYPE_ADHOC:
3941 return "ADHOC";
3942 case NL80211_IFTYPE_STATION:
3943 return "STATION";
3944 case NL80211_IFTYPE_AP:
3945 return "AP";
3946 case NL80211_IFTYPE_AP_VLAN:
3947 return "AP_VLAN";
3948 case NL80211_IFTYPE_WDS:
3949 return "WDS";
3950 case NL80211_IFTYPE_MONITOR:
3951 return "MONITOR";
3952 case NL80211_IFTYPE_MESH_POINT:
3953 return "MESH_POINT";
3954 case NL80211_IFTYPE_P2P_CLIENT:
3955 return "P2P_CLIENT";
3956 case NL80211_IFTYPE_P2P_GO:
3957 return "P2P_GO";
3958 case NL80211_IFTYPE_P2P_DEVICE:
3959 return "P2P_DEVICE";
3960 default:
3961 return "unknown";
3962 }
3963 }
3964
3965
nl80211_create_iface_once(struct wpa_driver_nl80211_data * drv,const char * ifname,enum nl80211_iftype iftype,const u8 * addr,int wds,int (* handler)(struct nl_msg *,void *),void * arg)3966 static int nl80211_create_iface_once(struct wpa_driver_nl80211_data *drv,
3967 const char *ifname,
3968 enum nl80211_iftype iftype,
3969 const u8 *addr, int wds,
3970 int (*handler)(struct nl_msg *, void *),
3971 void *arg)
3972 {
3973 struct nl_msg *msg;
3974 int ifidx;
3975 int ret = -ENOBUFS;
3976
3977 wpa_printf(MSG_DEBUG, "nl80211: Create interface iftype %d (%s)",
3978 iftype, nl80211_iftype_str(iftype));
3979
3980 msg = nl80211_cmd_msg(drv->first_bss, 0, NL80211_CMD_NEW_INTERFACE);
3981 if (!msg ||
3982 nla_put_string(msg, NL80211_ATTR_IFNAME, ifname) ||
3983 nla_put_u32(msg, NL80211_ATTR_IFTYPE, iftype))
3984 goto fail;
3985
3986 if (iftype == NL80211_IFTYPE_MONITOR) {
3987 struct nlattr *flags;
3988
3989 flags = nla_nest_start(msg, NL80211_ATTR_MNTR_FLAGS);
3990 if (!flags ||
3991 nla_put_flag(msg, NL80211_MNTR_FLAG_COOK_FRAMES))
3992 goto fail;
3993
3994 nla_nest_end(msg, flags);
3995 } else if (wds) {
3996 if (nla_put_u8(msg, NL80211_ATTR_4ADDR, wds))
3997 goto fail;
3998 }
3999
4000 /*
4001 * Tell cfg80211 that the interface belongs to the socket that created
4002 * it, and the interface should be deleted when the socket is closed.
4003 */
4004 if (nla_put_flag(msg, NL80211_ATTR_IFACE_SOCKET_OWNER))
4005 goto fail;
4006
4007 ret = send_and_recv_msgs(drv, msg, handler, arg);
4008 msg = NULL;
4009 if (ret) {
4010 fail:
4011 nlmsg_free(msg);
4012 wpa_printf(MSG_ERROR, "Failed to create interface %s: %d (%s)",
4013 ifname, ret, strerror(-ret));
4014 return ret;
4015 }
4016
4017 if (iftype == NL80211_IFTYPE_P2P_DEVICE)
4018 return 0;
4019
4020 ifidx = if_nametoindex(ifname);
4021 wpa_printf(MSG_DEBUG, "nl80211: New interface %s created: ifindex=%d",
4022 ifname, ifidx);
4023
4024 if (ifidx <= 0)
4025 return -1;
4026
4027 /*
4028 * Some virtual interfaces need to process EAPOL packets and events on
4029 * the parent interface. This is used mainly with hostapd.
4030 */
4031 if (drv->hostapd ||
4032 iftype == NL80211_IFTYPE_AP_VLAN ||
4033 iftype == NL80211_IFTYPE_WDS ||
4034 iftype == NL80211_IFTYPE_MONITOR) {
4035 /* start listening for EAPOL on this interface */
4036 add_ifidx(drv, ifidx);
4037 }
4038
4039 if (addr && iftype != NL80211_IFTYPE_MONITOR &&
4040 linux_set_ifhwaddr(drv->global->ioctl_sock, ifname, addr)) {
4041 nl80211_remove_iface(drv, ifidx);
4042 return -1;
4043 }
4044
4045 return ifidx;
4046 }
4047
4048
nl80211_create_iface(struct wpa_driver_nl80211_data * drv,const char * ifname,enum nl80211_iftype iftype,const u8 * addr,int wds,int (* handler)(struct nl_msg *,void *),void * arg,int use_existing)4049 int nl80211_create_iface(struct wpa_driver_nl80211_data *drv,
4050 const char *ifname, enum nl80211_iftype iftype,
4051 const u8 *addr, int wds,
4052 int (*handler)(struct nl_msg *, void *),
4053 void *arg, int use_existing)
4054 {
4055 int ret;
4056
4057 ret = nl80211_create_iface_once(drv, ifname, iftype, addr, wds, handler,
4058 arg);
4059
4060 /* if error occurred and interface exists already */
4061 if (ret == -ENFILE && if_nametoindex(ifname)) {
4062 if (use_existing) {
4063 wpa_printf(MSG_DEBUG, "nl80211: Continue using existing interface %s",
4064 ifname);
4065 if (addr && iftype != NL80211_IFTYPE_MONITOR &&
4066 linux_set_ifhwaddr(drv->global->ioctl_sock, ifname,
4067 addr) < 0 &&
4068 (linux_set_iface_flags(drv->global->ioctl_sock,
4069 ifname, 0) < 0 ||
4070 linux_set_ifhwaddr(drv->global->ioctl_sock, ifname,
4071 addr) < 0 ||
4072 linux_set_iface_flags(drv->global->ioctl_sock,
4073 ifname, 1) < 0))
4074 return -1;
4075 return -ENFILE;
4076 }
4077 wpa_printf(MSG_INFO, "Try to remove and re-create %s", ifname);
4078
4079 /* Try to remove the interface that was already there. */
4080 nl80211_remove_iface(drv, if_nametoindex(ifname));
4081
4082 /* Try to create the interface again */
4083 ret = nl80211_create_iface_once(drv, ifname, iftype, addr,
4084 wds, handler, arg);
4085 }
4086
4087 if (ret >= 0 && is_p2p_net_interface(iftype)) {
4088 wpa_printf(MSG_DEBUG,
4089 "nl80211: Interface %s created for P2P - disable 11b rates",
4090 ifname);
4091 nl80211_disable_11b_rates(drv, ret, 1);
4092 }
4093
4094 return ret;
4095 }
4096
4097
nl80211_setup_ap(struct i802_bss * bss)4098 static int nl80211_setup_ap(struct i802_bss *bss)
4099 {
4100 struct wpa_driver_nl80211_data *drv = bss->drv;
4101
4102 wpa_printf(MSG_DEBUG, "nl80211: Setup AP(%s) - device_ap_sme=%d use_monitor=%d",
4103 bss->ifname, drv->device_ap_sme, drv->use_monitor);
4104
4105 /*
4106 * Disable Probe Request reporting unless we need it in this way for
4107 * devices that include the AP SME, in the other case (unless using
4108 * monitor iface) we'll get it through the nl_mgmt socket instead.
4109 */
4110 if (!drv->device_ap_sme)
4111 wpa_driver_nl80211_probe_req_report(bss, 0);
4112
4113 if (!drv->device_ap_sme && !drv->use_monitor)
4114 if (nl80211_mgmt_subscribe_ap(bss))
4115 return -1;
4116
4117 if (drv->device_ap_sme && !drv->use_monitor)
4118 if (nl80211_mgmt_subscribe_ap_dev_sme(bss))
4119 return -1;
4120
4121 if (!drv->device_ap_sme && drv->use_monitor &&
4122 nl80211_create_monitor_interface(drv) &&
4123 !drv->device_ap_sme)
4124 return -1;
4125
4126 if (drv->device_ap_sme &&
4127 wpa_driver_nl80211_probe_req_report(bss, 1) < 0) {
4128 wpa_printf(MSG_DEBUG, "nl80211: Failed to enable "
4129 "Probe Request frame reporting in AP mode");
4130 /* Try to survive without this */
4131 }
4132
4133 return 0;
4134 }
4135
4136
nl80211_teardown_ap(struct i802_bss * bss)4137 static void nl80211_teardown_ap(struct i802_bss *bss)
4138 {
4139 struct wpa_driver_nl80211_data *drv = bss->drv;
4140
4141 wpa_printf(MSG_DEBUG, "nl80211: Teardown AP(%s) - device_ap_sme=%d use_monitor=%d",
4142 bss->ifname, drv->device_ap_sme, drv->use_monitor);
4143 if (drv->device_ap_sme) {
4144 wpa_driver_nl80211_probe_req_report(bss, 0);
4145 if (!drv->use_monitor)
4146 nl80211_mgmt_unsubscribe(bss, "AP teardown (dev SME)");
4147 } else if (drv->use_monitor)
4148 nl80211_remove_monitor_interface(drv);
4149 else
4150 nl80211_mgmt_unsubscribe(bss, "AP teardown");
4151
4152 bss->beacon_set = 0;
4153 }
4154
4155
nl80211_send_eapol_data(struct i802_bss * bss,const u8 * addr,const u8 * data,size_t data_len)4156 static int nl80211_send_eapol_data(struct i802_bss *bss,
4157 const u8 *addr, const u8 *data,
4158 size_t data_len)
4159 {
4160 struct sockaddr_ll ll;
4161 int ret;
4162
4163 if (bss->drv->eapol_tx_sock < 0) {
4164 wpa_printf(MSG_DEBUG, "nl80211: No socket to send EAPOL");
4165 return -1;
4166 }
4167
4168 os_memset(&ll, 0, sizeof(ll));
4169 ll.sll_family = AF_PACKET;
4170 ll.sll_ifindex = bss->ifindex;
4171 ll.sll_protocol = htons(ETH_P_PAE);
4172 ll.sll_halen = ETH_ALEN;
4173 os_memcpy(ll.sll_addr, addr, ETH_ALEN);
4174 ret = sendto(bss->drv->eapol_tx_sock, data, data_len, 0,
4175 (struct sockaddr *) &ll, sizeof(ll));
4176 if (ret < 0)
4177 wpa_printf(MSG_ERROR, "nl80211: EAPOL TX: %s",
4178 strerror(errno));
4179
4180 return ret;
4181 }
4182
4183
4184 static const u8 rfc1042_header[6] = { 0xaa, 0xaa, 0x03, 0x00, 0x00, 0x00 };
4185
wpa_driver_nl80211_hapd_send_eapol(void * priv,const u8 * addr,const u8 * data,size_t data_len,int encrypt,const u8 * own_addr,u32 flags)4186 static int wpa_driver_nl80211_hapd_send_eapol(
4187 void *priv, const u8 *addr, const u8 *data,
4188 size_t data_len, int encrypt, const u8 *own_addr, u32 flags)
4189 {
4190 struct i802_bss *bss = priv;
4191 struct wpa_driver_nl80211_data *drv = bss->drv;
4192 struct ieee80211_hdr *hdr;
4193 size_t len;
4194 u8 *pos;
4195 int res;
4196 int qos = flags & WPA_STA_WMM;
4197
4198 if (drv->device_ap_sme || !drv->use_monitor)
4199 return nl80211_send_eapol_data(bss, addr, data, data_len);
4200
4201 len = sizeof(*hdr) + (qos ? 2 : 0) + sizeof(rfc1042_header) + 2 +
4202 data_len;
4203 hdr = os_zalloc(len);
4204 if (hdr == NULL) {
4205 wpa_printf(MSG_INFO, "nl80211: Failed to allocate EAPOL buffer(len=%lu)",
4206 (unsigned long) len);
4207 return -1;
4208 }
4209
4210 hdr->frame_control =
4211 IEEE80211_FC(WLAN_FC_TYPE_DATA, WLAN_FC_STYPE_DATA);
4212 hdr->frame_control |= host_to_le16(WLAN_FC_FROMDS);
4213 if (encrypt)
4214 hdr->frame_control |= host_to_le16(WLAN_FC_ISWEP);
4215 if (qos) {
4216 hdr->frame_control |=
4217 host_to_le16(WLAN_FC_STYPE_QOS_DATA << 4);
4218 }
4219
4220 memcpy(hdr->IEEE80211_DA_FROMDS, addr, ETH_ALEN);
4221 memcpy(hdr->IEEE80211_BSSID_FROMDS, own_addr, ETH_ALEN);
4222 memcpy(hdr->IEEE80211_SA_FROMDS, own_addr, ETH_ALEN);
4223 pos = (u8 *) (hdr + 1);
4224
4225 if (qos) {
4226 /* Set highest priority in QoS header */
4227 pos[0] = 7;
4228 pos[1] = 0;
4229 pos += 2;
4230 }
4231
4232 memcpy(pos, rfc1042_header, sizeof(rfc1042_header));
4233 pos += sizeof(rfc1042_header);
4234 WPA_PUT_BE16(pos, ETH_P_PAE);
4235 pos += 2;
4236 memcpy(pos, data, data_len);
4237
4238 res = wpa_driver_nl80211_send_frame(bss, (u8 *) hdr, len, encrypt, 0,
4239 0, 0, 0, 0);
4240 if (res < 0) {
4241 wpa_printf(MSG_ERROR, "i802_send_eapol - packet len: %lu - "
4242 "failed: %d (%s)",
4243 (unsigned long) len, errno, strerror(errno));
4244 }
4245 os_free(hdr);
4246
4247 return res;
4248 }
4249
4250
wpa_driver_nl80211_sta_set_flags(void * priv,const u8 * addr,int total_flags,int flags_or,int flags_and)4251 static int wpa_driver_nl80211_sta_set_flags(void *priv, const u8 *addr,
4252 int total_flags,
4253 int flags_or, int flags_and)
4254 {
4255 struct i802_bss *bss = priv;
4256 struct nl_msg *msg;
4257 struct nlattr *flags;
4258 struct nl80211_sta_flag_update upd;
4259
4260 wpa_printf(MSG_DEBUG, "nl80211: Set STA flags - ifname=%s addr=" MACSTR
4261 " total_flags=0x%x flags_or=0x%x flags_and=0x%x authorized=%d",
4262 bss->ifname, MAC2STR(addr), total_flags, flags_or, flags_and,
4263 !!(total_flags & WPA_STA_AUTHORIZED));
4264
4265 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_STATION)) ||
4266 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr))
4267 goto fail;
4268
4269 /*
4270 * Backwards compatibility version using NL80211_ATTR_STA_FLAGS. This
4271 * can be removed eventually.
4272 */
4273 flags = nla_nest_start(msg, NL80211_ATTR_STA_FLAGS);
4274 if (!flags ||
4275 ((total_flags & WPA_STA_AUTHORIZED) &&
4276 nla_put_flag(msg, NL80211_STA_FLAG_AUTHORIZED)) ||
4277 ((total_flags & WPA_STA_WMM) &&
4278 nla_put_flag(msg, NL80211_STA_FLAG_WME)) ||
4279 ((total_flags & WPA_STA_SHORT_PREAMBLE) &&
4280 nla_put_flag(msg, NL80211_STA_FLAG_SHORT_PREAMBLE)) ||
4281 ((total_flags & WPA_STA_MFP) &&
4282 nla_put_flag(msg, NL80211_STA_FLAG_MFP)) ||
4283 ((total_flags & WPA_STA_TDLS_PEER) &&
4284 nla_put_flag(msg, NL80211_STA_FLAG_TDLS_PEER)))
4285 goto fail;
4286
4287 nla_nest_end(msg, flags);
4288
4289 os_memset(&upd, 0, sizeof(upd));
4290 upd.mask = sta_flags_nl80211(flags_or | ~flags_and);
4291 upd.set = sta_flags_nl80211(flags_or);
4292 if (nla_put(msg, NL80211_ATTR_STA_FLAGS2, sizeof(upd), &upd))
4293 goto fail;
4294
4295 return send_and_recv_msgs(bss->drv, msg, NULL, NULL);
4296 fail:
4297 nlmsg_free(msg);
4298 return -ENOBUFS;
4299 }
4300
4301
wpa_driver_nl80211_ap(struct wpa_driver_nl80211_data * drv,struct wpa_driver_associate_params * params)4302 static int wpa_driver_nl80211_ap(struct wpa_driver_nl80211_data *drv,
4303 struct wpa_driver_associate_params *params)
4304 {
4305 enum nl80211_iftype nlmode, old_mode;
4306
4307 if (params->p2p) {
4308 wpa_printf(MSG_DEBUG, "nl80211: Setup AP operations for P2P "
4309 "group (GO)");
4310 nlmode = NL80211_IFTYPE_P2P_GO;
4311 } else
4312 nlmode = NL80211_IFTYPE_AP;
4313
4314 old_mode = drv->nlmode;
4315 if (wpa_driver_nl80211_set_mode(drv->first_bss, nlmode)) {
4316 nl80211_remove_monitor_interface(drv);
4317 return -1;
4318 }
4319
4320 if (params->freq.freq &&
4321 nl80211_set_channel(drv->first_bss, ¶ms->freq, 0)) {
4322 if (old_mode != nlmode)
4323 wpa_driver_nl80211_set_mode(drv->first_bss, old_mode);
4324 nl80211_remove_monitor_interface(drv);
4325 return -1;
4326 }
4327
4328 return 0;
4329 }
4330
4331
nl80211_leave_ibss(struct wpa_driver_nl80211_data * drv,int reset_mode)4332 static int nl80211_leave_ibss(struct wpa_driver_nl80211_data *drv,
4333 int reset_mode)
4334 {
4335 struct nl_msg *msg;
4336 int ret;
4337
4338 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_LEAVE_IBSS);
4339 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
4340 if (ret) {
4341 wpa_printf(MSG_DEBUG, "nl80211: Leave IBSS failed: ret=%d "
4342 "(%s)", ret, strerror(-ret));
4343 } else {
4344 wpa_printf(MSG_DEBUG,
4345 "nl80211: Leave IBSS request sent successfully");
4346 }
4347
4348 if (reset_mode &&
4349 wpa_driver_nl80211_set_mode(drv->first_bss,
4350 NL80211_IFTYPE_STATION)) {
4351 wpa_printf(MSG_INFO, "nl80211: Failed to set interface into "
4352 "station mode");
4353 }
4354
4355 return ret;
4356 }
4357
4358
nl80211_ht_vht_overrides(struct nl_msg * msg,struct wpa_driver_associate_params * params)4359 static int nl80211_ht_vht_overrides(struct nl_msg *msg,
4360 struct wpa_driver_associate_params *params)
4361 {
4362 if (params->disable_ht && nla_put_flag(msg, NL80211_ATTR_DISABLE_HT))
4363 return -1;
4364
4365 if (params->htcaps && params->htcaps_mask) {
4366 int sz = sizeof(struct ieee80211_ht_capabilities);
4367 wpa_hexdump(MSG_DEBUG, " * htcaps", params->htcaps, sz);
4368 wpa_hexdump(MSG_DEBUG, " * htcaps_mask",
4369 params->htcaps_mask, sz);
4370 if (nla_put(msg, NL80211_ATTR_HT_CAPABILITY, sz,
4371 params->htcaps) ||
4372 nla_put(msg, NL80211_ATTR_HT_CAPABILITY_MASK, sz,
4373 params->htcaps_mask))
4374 return -1;
4375 }
4376
4377 #ifdef CONFIG_VHT_OVERRIDES
4378 if (params->disable_vht) {
4379 wpa_printf(MSG_DEBUG, " * VHT disabled");
4380 if (nla_put_flag(msg, NL80211_ATTR_DISABLE_VHT))
4381 return -1;
4382 }
4383
4384 if (params->vhtcaps && params->vhtcaps_mask) {
4385 int sz = sizeof(struct ieee80211_vht_capabilities);
4386 wpa_hexdump(MSG_DEBUG, " * vhtcaps", params->vhtcaps, sz);
4387 wpa_hexdump(MSG_DEBUG, " * vhtcaps_mask",
4388 params->vhtcaps_mask, sz);
4389 if (nla_put(msg, NL80211_ATTR_VHT_CAPABILITY, sz,
4390 params->vhtcaps) ||
4391 nla_put(msg, NL80211_ATTR_VHT_CAPABILITY_MASK, sz,
4392 params->vhtcaps_mask))
4393 return -1;
4394 }
4395 #endif /* CONFIG_VHT_OVERRIDES */
4396
4397 return 0;
4398 }
4399
4400
wpa_driver_nl80211_ibss(struct wpa_driver_nl80211_data * drv,struct wpa_driver_associate_params * params)4401 static int wpa_driver_nl80211_ibss(struct wpa_driver_nl80211_data *drv,
4402 struct wpa_driver_associate_params *params)
4403 {
4404 struct nl_msg *msg;
4405 int ret = -1;
4406 int count = 0;
4407
4408 wpa_printf(MSG_DEBUG, "nl80211: Join IBSS (ifindex=%d)", drv->ifindex);
4409
4410 if (wpa_driver_nl80211_set_mode_ibss(drv->first_bss, ¶ms->freq)) {
4411 wpa_printf(MSG_INFO, "nl80211: Failed to set interface into "
4412 "IBSS mode");
4413 return -1;
4414 }
4415
4416 retry:
4417 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_JOIN_IBSS)) ||
4418 params->ssid == NULL || params->ssid_len > sizeof(drv->ssid))
4419 goto fail;
4420
4421 wpa_hexdump_ascii(MSG_DEBUG, " * SSID",
4422 params->ssid, params->ssid_len);
4423 if (nla_put(msg, NL80211_ATTR_SSID, params->ssid_len, params->ssid))
4424 goto fail;
4425 os_memcpy(drv->ssid, params->ssid, params->ssid_len);
4426 drv->ssid_len = params->ssid_len;
4427
4428 if (nl80211_put_freq_params(msg, ¶ms->freq) < 0 ||
4429 nl80211_put_beacon_int(msg, params->beacon_int))
4430 goto fail;
4431
4432 ret = nl80211_set_conn_keys(params, msg);
4433 if (ret)
4434 goto fail;
4435
4436 if (params->bssid && params->fixed_bssid) {
4437 wpa_printf(MSG_DEBUG, " * BSSID=" MACSTR,
4438 MAC2STR(params->bssid));
4439 if (nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid))
4440 goto fail;
4441 }
4442
4443 if (params->fixed_freq) {
4444 wpa_printf(MSG_DEBUG, " * fixed_freq");
4445 if (nla_put_flag(msg, NL80211_ATTR_FREQ_FIXED))
4446 goto fail;
4447 }
4448
4449 if (params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
4450 params->key_mgmt_suite == WPA_KEY_MGMT_PSK ||
4451 params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
4452 params->key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256) {
4453 wpa_printf(MSG_DEBUG, " * control port");
4454 if (nla_put_flag(msg, NL80211_ATTR_CONTROL_PORT))
4455 goto fail;
4456 }
4457
4458 if (params->wpa_ie) {
4459 wpa_hexdump(MSG_DEBUG,
4460 " * Extra IEs for Beacon/Probe Response frames",
4461 params->wpa_ie, params->wpa_ie_len);
4462 if (nla_put(msg, NL80211_ATTR_IE, params->wpa_ie_len,
4463 params->wpa_ie))
4464 goto fail;
4465 }
4466
4467 if (nl80211_ht_vht_overrides(msg, params) < 0)
4468 return -1;
4469
4470 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
4471 msg = NULL;
4472 if (ret) {
4473 wpa_printf(MSG_DEBUG, "nl80211: Join IBSS failed: ret=%d (%s)",
4474 ret, strerror(-ret));
4475 count++;
4476 if (ret == -EALREADY && count == 1) {
4477 wpa_printf(MSG_DEBUG, "nl80211: Retry IBSS join after "
4478 "forced leave");
4479 nl80211_leave_ibss(drv, 0);
4480 nlmsg_free(msg);
4481 goto retry;
4482 }
4483 } else {
4484 wpa_printf(MSG_DEBUG,
4485 "nl80211: Join IBSS request sent successfully");
4486 }
4487
4488 fail:
4489 nlmsg_free(msg);
4490 return ret;
4491 }
4492
4493
nl80211_connect_common(struct wpa_driver_nl80211_data * drv,struct wpa_driver_associate_params * params,struct nl_msg * msg)4494 static int nl80211_connect_common(struct wpa_driver_nl80211_data *drv,
4495 struct wpa_driver_associate_params *params,
4496 struct nl_msg *msg)
4497 {
4498 if (params->bssid) {
4499 wpa_printf(MSG_DEBUG, " * bssid=" MACSTR,
4500 MAC2STR(params->bssid));
4501 if (nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid))
4502 return -1;
4503 }
4504
4505 if (params->bssid_hint) {
4506 wpa_printf(MSG_DEBUG, " * bssid_hint=" MACSTR,
4507 MAC2STR(params->bssid_hint));
4508 if (nla_put(msg, NL80211_ATTR_MAC_HINT, ETH_ALEN,
4509 params->bssid_hint))
4510 return -1;
4511 }
4512
4513 if (params->freq.freq) {
4514 wpa_printf(MSG_DEBUG, " * freq=%d", params->freq.freq);
4515 if (nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ,
4516 params->freq.freq))
4517 return -1;
4518 drv->assoc_freq = params->freq.freq;
4519 } else
4520 drv->assoc_freq = 0;
4521
4522 if (params->freq_hint) {
4523 wpa_printf(MSG_DEBUG, " * freq_hint=%d", params->freq_hint);
4524 if (nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ_HINT,
4525 params->freq_hint))
4526 return -1;
4527 }
4528
4529 if (params->bg_scan_period >= 0) {
4530 wpa_printf(MSG_DEBUG, " * bg scan period=%d",
4531 params->bg_scan_period);
4532 if (nla_put_u16(msg, NL80211_ATTR_BG_SCAN_PERIOD,
4533 params->bg_scan_period))
4534 return -1;
4535 }
4536
4537 if (params->ssid) {
4538 wpa_hexdump_ascii(MSG_DEBUG, " * SSID",
4539 params->ssid, params->ssid_len);
4540 if (nla_put(msg, NL80211_ATTR_SSID, params->ssid_len,
4541 params->ssid))
4542 return -1;
4543 if (params->ssid_len > sizeof(drv->ssid))
4544 return -1;
4545 os_memcpy(drv->ssid, params->ssid, params->ssid_len);
4546 drv->ssid_len = params->ssid_len;
4547 }
4548
4549 wpa_hexdump(MSG_DEBUG, " * IEs", params->wpa_ie, params->wpa_ie_len);
4550 if (params->wpa_ie &&
4551 nla_put(msg, NL80211_ATTR_IE, params->wpa_ie_len, params->wpa_ie))
4552 return -1;
4553
4554 if (params->wpa_proto) {
4555 enum nl80211_wpa_versions ver = 0;
4556
4557 if (params->wpa_proto & WPA_PROTO_WPA)
4558 ver |= NL80211_WPA_VERSION_1;
4559 if (params->wpa_proto & WPA_PROTO_RSN)
4560 ver |= NL80211_WPA_VERSION_2;
4561
4562 wpa_printf(MSG_DEBUG, " * WPA Versions 0x%x", ver);
4563 if (nla_put_u32(msg, NL80211_ATTR_WPA_VERSIONS, ver))
4564 return -1;
4565 }
4566
4567 if (params->pairwise_suite != WPA_CIPHER_NONE) {
4568 u32 cipher = wpa_cipher_to_cipher_suite(params->pairwise_suite);
4569 wpa_printf(MSG_DEBUG, " * pairwise=0x%x", cipher);
4570 if (nla_put_u32(msg, NL80211_ATTR_CIPHER_SUITES_PAIRWISE,
4571 cipher))
4572 return -1;
4573 }
4574
4575 if (params->group_suite == WPA_CIPHER_GTK_NOT_USED &&
4576 !(drv->capa.enc & WPA_DRIVER_CAPA_ENC_GTK_NOT_USED)) {
4577 /*
4578 * This is likely to work even though many drivers do not
4579 * advertise support for operations without GTK.
4580 */
4581 wpa_printf(MSG_DEBUG, " * skip group cipher configuration for GTK_NOT_USED due to missing driver support advertisement");
4582 } else if (params->group_suite != WPA_CIPHER_NONE) {
4583 u32 cipher = wpa_cipher_to_cipher_suite(params->group_suite);
4584 wpa_printf(MSG_DEBUG, " * group=0x%x", cipher);
4585 if (nla_put_u32(msg, NL80211_ATTR_CIPHER_SUITE_GROUP, cipher))
4586 return -1;
4587 }
4588
4589 if (params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
4590 params->key_mgmt_suite == WPA_KEY_MGMT_PSK ||
4591 params->key_mgmt_suite == WPA_KEY_MGMT_FT_IEEE8021X ||
4592 params->key_mgmt_suite == WPA_KEY_MGMT_FT_PSK ||
4593 params->key_mgmt_suite == WPA_KEY_MGMT_CCKM ||
4594 params->key_mgmt_suite == WPA_KEY_MGMT_OSEN ||
4595 params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
4596 params->key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256 ||
4597 params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B ||
4598 params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) {
4599 int mgmt = WLAN_AKM_SUITE_PSK;
4600
4601 switch (params->key_mgmt_suite) {
4602 case WPA_KEY_MGMT_CCKM:
4603 mgmt = WLAN_AKM_SUITE_CCKM;
4604 break;
4605 case WPA_KEY_MGMT_IEEE8021X:
4606 mgmt = WLAN_AKM_SUITE_8021X;
4607 break;
4608 case WPA_KEY_MGMT_FT_IEEE8021X:
4609 mgmt = WLAN_AKM_SUITE_FT_8021X;
4610 break;
4611 case WPA_KEY_MGMT_FT_PSK:
4612 mgmt = WLAN_AKM_SUITE_FT_PSK;
4613 break;
4614 case WPA_KEY_MGMT_IEEE8021X_SHA256:
4615 mgmt = WLAN_AKM_SUITE_8021X_SHA256;
4616 break;
4617 case WPA_KEY_MGMT_PSK_SHA256:
4618 mgmt = WLAN_AKM_SUITE_PSK_SHA256;
4619 break;
4620 case WPA_KEY_MGMT_OSEN:
4621 mgmt = WLAN_AKM_SUITE_OSEN;
4622 break;
4623 case WPA_KEY_MGMT_IEEE8021X_SUITE_B:
4624 mgmt = WLAN_AKM_SUITE_8021X_SUITE_B;
4625 break;
4626 case WPA_KEY_MGMT_IEEE8021X_SUITE_B_192:
4627 mgmt = WLAN_AKM_SUITE_8021X_SUITE_B_192;
4628 break;
4629 case WPA_KEY_MGMT_PSK:
4630 default:
4631 mgmt = WLAN_AKM_SUITE_PSK;
4632 break;
4633 }
4634 wpa_printf(MSG_DEBUG, " * akm=0x%x", mgmt);
4635 if (nla_put_u32(msg, NL80211_ATTR_AKM_SUITES, mgmt))
4636 return -1;
4637 }
4638
4639 if (nla_put_flag(msg, NL80211_ATTR_CONTROL_PORT))
4640 return -1;
4641
4642 if (params->mgmt_frame_protection == MGMT_FRAME_PROTECTION_REQUIRED &&
4643 nla_put_u32(msg, NL80211_ATTR_USE_MFP, NL80211_MFP_REQUIRED))
4644 return -1;
4645
4646 if (params->rrm_used) {
4647 u32 drv_rrm_flags = drv->capa.rrm_flags;
4648 if (!(drv_rrm_flags &
4649 WPA_DRIVER_FLAGS_DS_PARAM_SET_IE_IN_PROBES) ||
4650 !(drv_rrm_flags & WPA_DRIVER_FLAGS_QUIET) ||
4651 nla_put_flag(msg, NL80211_ATTR_USE_RRM))
4652 return -1;
4653 }
4654
4655 if (nl80211_ht_vht_overrides(msg, params) < 0)
4656 return -1;
4657
4658 if (params->p2p)
4659 wpa_printf(MSG_DEBUG, " * P2P group");
4660
4661 return 0;
4662 }
4663
4664
wpa_driver_nl80211_try_connect(struct wpa_driver_nl80211_data * drv,struct wpa_driver_associate_params * params)4665 static int wpa_driver_nl80211_try_connect(
4666 struct wpa_driver_nl80211_data *drv,
4667 struct wpa_driver_associate_params *params)
4668 {
4669 struct nl_msg *msg;
4670 enum nl80211_auth_type type;
4671 int ret;
4672 int algs;
4673
4674 if (params->req_key_mgmt_offload && params->psk &&
4675 (params->key_mgmt_suite == WPA_KEY_MGMT_PSK ||
4676 params->key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256 ||
4677 params->key_mgmt_suite == WPA_KEY_MGMT_FT_PSK)) {
4678 wpa_printf(MSG_DEBUG, "nl80211: Key management set PSK");
4679 ret = issue_key_mgmt_set_key(drv, params->psk, 32);
4680 if (ret)
4681 return ret;
4682 }
4683
4684 wpa_printf(MSG_DEBUG, "nl80211: Connect (ifindex=%d)", drv->ifindex);
4685 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_CONNECT);
4686 if (!msg)
4687 return -1;
4688
4689 ret = nl80211_connect_common(drv, params, msg);
4690 if (ret)
4691 goto fail;
4692
4693 algs = 0;
4694 if (params->auth_alg & WPA_AUTH_ALG_OPEN)
4695 algs++;
4696 if (params->auth_alg & WPA_AUTH_ALG_SHARED)
4697 algs++;
4698 if (params->auth_alg & WPA_AUTH_ALG_LEAP)
4699 algs++;
4700 if (algs > 1) {
4701 wpa_printf(MSG_DEBUG, " * Leave out Auth Type for automatic "
4702 "selection");
4703 goto skip_auth_type;
4704 }
4705
4706 if (params->auth_alg & WPA_AUTH_ALG_OPEN)
4707 type = NL80211_AUTHTYPE_OPEN_SYSTEM;
4708 else if (params->auth_alg & WPA_AUTH_ALG_SHARED)
4709 type = NL80211_AUTHTYPE_SHARED_KEY;
4710 else if (params->auth_alg & WPA_AUTH_ALG_LEAP)
4711 type = NL80211_AUTHTYPE_NETWORK_EAP;
4712 else if (params->auth_alg & WPA_AUTH_ALG_FT)
4713 type = NL80211_AUTHTYPE_FT;
4714 else
4715 goto fail;
4716
4717 wpa_printf(MSG_DEBUG, " * Auth Type %d", type);
4718 if (nla_put_u32(msg, NL80211_ATTR_AUTH_TYPE, type))
4719 goto fail;
4720
4721 skip_auth_type:
4722 ret = nl80211_set_conn_keys(params, msg);
4723 if (ret)
4724 goto fail;
4725
4726 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
4727 msg = NULL;
4728 if (ret) {
4729 wpa_printf(MSG_DEBUG, "nl80211: MLME connect failed: ret=%d "
4730 "(%s)", ret, strerror(-ret));
4731 } else {
4732 wpa_printf(MSG_DEBUG,
4733 "nl80211: Connect request send successfully");
4734 }
4735
4736 fail:
4737 nlmsg_free(msg);
4738 return ret;
4739
4740 }
4741
4742
wpa_driver_nl80211_connect(struct wpa_driver_nl80211_data * drv,struct wpa_driver_associate_params * params)4743 static int wpa_driver_nl80211_connect(
4744 struct wpa_driver_nl80211_data *drv,
4745 struct wpa_driver_associate_params *params)
4746 {
4747 int ret;
4748
4749 /* Store the connection attempted bssid for future use */
4750 if (params->bssid)
4751 os_memcpy(drv->auth_attempt_bssid, params->bssid, ETH_ALEN);
4752 else
4753 os_memset(drv->auth_attempt_bssid, 0, ETH_ALEN);
4754
4755 ret = wpa_driver_nl80211_try_connect(drv, params);
4756 if (ret == -EALREADY) {
4757 /*
4758 * cfg80211 does not currently accept new connections if
4759 * we are already connected. As a workaround, force
4760 * disconnection and try again.
4761 */
4762 wpa_printf(MSG_DEBUG, "nl80211: Explicitly "
4763 "disconnecting before reassociation "
4764 "attempt");
4765 if (wpa_driver_nl80211_disconnect(
4766 drv, WLAN_REASON_PREV_AUTH_NOT_VALID))
4767 return -1;
4768 ret = wpa_driver_nl80211_try_connect(drv, params);
4769 }
4770 return ret;
4771 }
4772
4773
wpa_driver_nl80211_associate(void * priv,struct wpa_driver_associate_params * params)4774 static int wpa_driver_nl80211_associate(
4775 void *priv, struct wpa_driver_associate_params *params)
4776 {
4777 struct i802_bss *bss = priv;
4778 struct wpa_driver_nl80211_data *drv = bss->drv;
4779 int ret = -1;
4780 struct nl_msg *msg;
4781
4782 nl80211_unmask_11b_rates(bss);
4783
4784 if (params->mode == IEEE80211_MODE_AP)
4785 return wpa_driver_nl80211_ap(drv, params);
4786
4787 if (params->mode == IEEE80211_MODE_IBSS)
4788 return wpa_driver_nl80211_ibss(drv, params);
4789
4790 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME)) {
4791 enum nl80211_iftype nlmode = params->p2p ?
4792 NL80211_IFTYPE_P2P_CLIENT : NL80211_IFTYPE_STATION;
4793
4794 if (wpa_driver_nl80211_set_mode(priv, nlmode) < 0)
4795 return -1;
4796 return wpa_driver_nl80211_connect(drv, params);
4797 }
4798
4799 nl80211_mark_disconnected(drv);
4800
4801 wpa_printf(MSG_DEBUG, "nl80211: Associate (ifindex=%d)",
4802 drv->ifindex);
4803 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_ASSOCIATE);
4804 if (!msg)
4805 return -1;
4806
4807 ret = nl80211_connect_common(drv, params, msg);
4808 if (ret)
4809 goto fail;
4810
4811 if (params->prev_bssid) {
4812 wpa_printf(MSG_DEBUG, " * prev_bssid=" MACSTR,
4813 MAC2STR(params->prev_bssid));
4814 if (nla_put(msg, NL80211_ATTR_PREV_BSSID, ETH_ALEN,
4815 params->prev_bssid))
4816 goto fail;
4817 }
4818
4819 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
4820 msg = NULL;
4821 if (ret) {
4822 wpa_dbg(drv->ctx, MSG_DEBUG,
4823 "nl80211: MLME command failed (assoc): ret=%d (%s)",
4824 ret, strerror(-ret));
4825 nl80211_dump_scan(drv);
4826 } else {
4827 wpa_printf(MSG_DEBUG,
4828 "nl80211: Association request send successfully");
4829 }
4830
4831 fail:
4832 nlmsg_free(msg);
4833 return ret;
4834 }
4835
4836
nl80211_set_mode(struct wpa_driver_nl80211_data * drv,int ifindex,enum nl80211_iftype mode)4837 static int nl80211_set_mode(struct wpa_driver_nl80211_data *drv,
4838 int ifindex, enum nl80211_iftype mode)
4839 {
4840 struct nl_msg *msg;
4841 int ret = -ENOBUFS;
4842
4843 wpa_printf(MSG_DEBUG, "nl80211: Set mode ifindex %d iftype %d (%s)",
4844 ifindex, mode, nl80211_iftype_str(mode));
4845
4846 msg = nl80211_cmd_msg(drv->first_bss, 0, NL80211_CMD_SET_INTERFACE);
4847 if (!msg || nla_put_u32(msg, NL80211_ATTR_IFTYPE, mode))
4848 goto fail;
4849
4850 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
4851 msg = NULL;
4852 if (!ret)
4853 return 0;
4854 fail:
4855 nlmsg_free(msg);
4856 wpa_printf(MSG_DEBUG, "nl80211: Failed to set interface %d to mode %d:"
4857 " %d (%s)", ifindex, mode, ret, strerror(-ret));
4858 return ret;
4859 }
4860
4861
wpa_driver_nl80211_set_mode_impl(struct i802_bss * bss,enum nl80211_iftype nlmode,struct hostapd_freq_params * desired_freq_params)4862 static int wpa_driver_nl80211_set_mode_impl(
4863 struct i802_bss *bss,
4864 enum nl80211_iftype nlmode,
4865 struct hostapd_freq_params *desired_freq_params)
4866 {
4867 struct wpa_driver_nl80211_data *drv = bss->drv;
4868 int ret = -1;
4869 int i;
4870 int was_ap = is_ap_interface(drv->nlmode);
4871 int res;
4872 int mode_switch_res;
4873
4874 mode_switch_res = nl80211_set_mode(drv, drv->ifindex, nlmode);
4875 if (mode_switch_res && nlmode == nl80211_get_ifmode(bss))
4876 mode_switch_res = 0;
4877
4878 if (mode_switch_res == 0) {
4879 drv->nlmode = nlmode;
4880 ret = 0;
4881 goto done;
4882 }
4883
4884 if (mode_switch_res == -ENODEV)
4885 return -1;
4886
4887 if (nlmode == drv->nlmode) {
4888 wpa_printf(MSG_DEBUG, "nl80211: Interface already in "
4889 "requested mode - ignore error");
4890 ret = 0;
4891 goto done; /* Already in the requested mode */
4892 }
4893
4894 /* mac80211 doesn't allow mode changes while the device is up, so
4895 * take the device down, try to set the mode again, and bring the
4896 * device back up.
4897 */
4898 wpa_printf(MSG_DEBUG, "nl80211: Try mode change after setting "
4899 "interface down");
4900 for (i = 0; i < 10; i++) {
4901 res = i802_set_iface_flags(bss, 0);
4902 if (res == -EACCES || res == -ENODEV)
4903 break;
4904 if (res != 0) {
4905 wpa_printf(MSG_DEBUG, "nl80211: Failed to set "
4906 "interface down");
4907 os_sleep(0, 100000);
4908 continue;
4909 }
4910
4911 /*
4912 * Setting the mode will fail for some drivers if the phy is
4913 * on a frequency that the mode is disallowed in.
4914 */
4915 if (desired_freq_params) {
4916 res = nl80211_set_channel(bss, desired_freq_params, 0);
4917 if (res) {
4918 wpa_printf(MSG_DEBUG,
4919 "nl80211: Failed to set frequency on interface");
4920 }
4921 }
4922
4923 /* Try to set the mode again while the interface is down */
4924 mode_switch_res = nl80211_set_mode(drv, drv->ifindex, nlmode);
4925 if (mode_switch_res == -EBUSY) {
4926 wpa_printf(MSG_DEBUG,
4927 "nl80211: Delaying mode set while interface going down");
4928 os_sleep(0, 100000);
4929 continue;
4930 }
4931 ret = mode_switch_res;
4932 break;
4933 }
4934
4935 if (!ret) {
4936 wpa_printf(MSG_DEBUG, "nl80211: Mode change succeeded while "
4937 "interface is down");
4938 drv->nlmode = nlmode;
4939 drv->ignore_if_down_event = 1;
4940 }
4941
4942 /* Bring the interface back up */
4943 res = linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 1);
4944 if (res != 0) {
4945 wpa_printf(MSG_DEBUG,
4946 "nl80211: Failed to set interface up after switching mode");
4947 ret = -1;
4948 }
4949
4950 done:
4951 if (ret) {
4952 wpa_printf(MSG_DEBUG, "nl80211: Interface mode change to %d "
4953 "from %d failed", nlmode, drv->nlmode);
4954 return ret;
4955 }
4956
4957 if (is_p2p_net_interface(nlmode)) {
4958 wpa_printf(MSG_DEBUG,
4959 "nl80211: Interface %s mode change to P2P - disable 11b rates",
4960 bss->ifname);
4961 nl80211_disable_11b_rates(drv, drv->ifindex, 1);
4962 } else if (drv->disabled_11b_rates) {
4963 wpa_printf(MSG_DEBUG,
4964 "nl80211: Interface %s mode changed to non-P2P - re-enable 11b rates",
4965 bss->ifname);
4966 nl80211_disable_11b_rates(drv, drv->ifindex, 0);
4967 }
4968
4969 if (is_ap_interface(nlmode)) {
4970 nl80211_mgmt_unsubscribe(bss, "start AP");
4971 /* Setup additional AP mode functionality if needed */
4972 if (nl80211_setup_ap(bss))
4973 return -1;
4974 } else if (was_ap) {
4975 /* Remove additional AP mode functionality */
4976 nl80211_teardown_ap(bss);
4977 } else {
4978 nl80211_mgmt_unsubscribe(bss, "mode change");
4979 }
4980
4981 if (is_mesh_interface(nlmode) &&
4982 nl80211_mgmt_subscribe_mesh(bss))
4983 return -1;
4984
4985 if (!bss->in_deinit && !is_ap_interface(nlmode) &&
4986 !is_mesh_interface(nlmode) &&
4987 nl80211_mgmt_subscribe_non_ap(bss) < 0)
4988 wpa_printf(MSG_DEBUG, "nl80211: Failed to register Action "
4989 "frame processing - ignore for now");
4990
4991 return 0;
4992 }
4993
4994
wpa_driver_nl80211_set_mode(struct i802_bss * bss,enum nl80211_iftype nlmode)4995 int wpa_driver_nl80211_set_mode(struct i802_bss *bss,
4996 enum nl80211_iftype nlmode)
4997 {
4998 return wpa_driver_nl80211_set_mode_impl(bss, nlmode, NULL);
4999 }
5000
5001
wpa_driver_nl80211_set_mode_ibss(struct i802_bss * bss,struct hostapd_freq_params * freq)5002 static int wpa_driver_nl80211_set_mode_ibss(struct i802_bss *bss,
5003 struct hostapd_freq_params *freq)
5004 {
5005 return wpa_driver_nl80211_set_mode_impl(bss, NL80211_IFTYPE_ADHOC,
5006 freq);
5007 }
5008
5009
wpa_driver_nl80211_get_capa(void * priv,struct wpa_driver_capa * capa)5010 static int wpa_driver_nl80211_get_capa(void *priv,
5011 struct wpa_driver_capa *capa)
5012 {
5013 struct i802_bss *bss = priv;
5014 struct wpa_driver_nl80211_data *drv = bss->drv;
5015
5016 if (!drv->has_capability)
5017 return -1;
5018 os_memcpy(capa, &drv->capa, sizeof(*capa));
5019 if (drv->extended_capa && drv->extended_capa_mask) {
5020 capa->extended_capa = drv->extended_capa;
5021 capa->extended_capa_mask = drv->extended_capa_mask;
5022 capa->extended_capa_len = drv->extended_capa_len;
5023 }
5024
5025 return 0;
5026 }
5027
5028
wpa_driver_nl80211_set_operstate(void * priv,int state)5029 static int wpa_driver_nl80211_set_operstate(void *priv, int state)
5030 {
5031 struct i802_bss *bss = priv;
5032 struct wpa_driver_nl80211_data *drv = bss->drv;
5033
5034 wpa_printf(MSG_DEBUG, "nl80211: Set %s operstate %d->%d (%s)",
5035 bss->ifname, drv->operstate, state,
5036 state ? "UP" : "DORMANT");
5037 drv->operstate = state;
5038 return netlink_send_oper_ifla(drv->global->netlink, drv->ifindex, -1,
5039 state ? IF_OPER_UP : IF_OPER_DORMANT);
5040 }
5041
5042
wpa_driver_nl80211_set_supp_port(void * priv,int authorized)5043 static int wpa_driver_nl80211_set_supp_port(void *priv, int authorized)
5044 {
5045 struct i802_bss *bss = priv;
5046 struct wpa_driver_nl80211_data *drv = bss->drv;
5047 struct nl_msg *msg;
5048 struct nl80211_sta_flag_update upd;
5049 int ret;
5050
5051 if (!drv->associated && is_zero_ether_addr(drv->bssid) && !authorized) {
5052 wpa_printf(MSG_DEBUG, "nl80211: Skip set_supp_port(unauthorized) while not associated");
5053 return 0;
5054 }
5055
5056 wpa_printf(MSG_DEBUG, "nl80211: Set supplicant port %sauthorized for "
5057 MACSTR, authorized ? "" : "un", MAC2STR(drv->bssid));
5058
5059 os_memset(&upd, 0, sizeof(upd));
5060 upd.mask = BIT(NL80211_STA_FLAG_AUTHORIZED);
5061 if (authorized)
5062 upd.set = BIT(NL80211_STA_FLAG_AUTHORIZED);
5063
5064 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_STATION)) ||
5065 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, drv->bssid) ||
5066 nla_put(msg, NL80211_ATTR_STA_FLAGS2, sizeof(upd), &upd)) {
5067 nlmsg_free(msg);
5068 return -ENOBUFS;
5069 }
5070
5071 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
5072 if (!ret)
5073 return 0;
5074 wpa_printf(MSG_DEBUG, "nl80211: Failed to set STA flag: %d (%s)",
5075 ret, strerror(-ret));
5076 return ret;
5077 }
5078
5079
5080 /* Set kernel driver on given frequency (MHz) */
i802_set_freq(void * priv,struct hostapd_freq_params * freq)5081 static int i802_set_freq(void *priv, struct hostapd_freq_params *freq)
5082 {
5083 struct i802_bss *bss = priv;
5084 return nl80211_set_channel(bss, freq, 0);
5085 }
5086
5087
min_int(int a,int b)5088 static inline int min_int(int a, int b)
5089 {
5090 if (a < b)
5091 return a;
5092 return b;
5093 }
5094
5095
get_key_handler(struct nl_msg * msg,void * arg)5096 static int get_key_handler(struct nl_msg *msg, void *arg)
5097 {
5098 struct nlattr *tb[NL80211_ATTR_MAX + 1];
5099 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
5100
5101 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
5102 genlmsg_attrlen(gnlh, 0), NULL);
5103
5104 /*
5105 * TODO: validate the key index and mac address!
5106 * Otherwise, there's a race condition as soon as
5107 * the kernel starts sending key notifications.
5108 */
5109
5110 if (tb[NL80211_ATTR_KEY_SEQ])
5111 memcpy(arg, nla_data(tb[NL80211_ATTR_KEY_SEQ]),
5112 min_int(nla_len(tb[NL80211_ATTR_KEY_SEQ]), 6));
5113 return NL_SKIP;
5114 }
5115
5116
i802_get_seqnum(const char * iface,void * priv,const u8 * addr,int idx,u8 * seq)5117 static int i802_get_seqnum(const char *iface, void *priv, const u8 *addr,
5118 int idx, u8 *seq)
5119 {
5120 struct i802_bss *bss = priv;
5121 struct wpa_driver_nl80211_data *drv = bss->drv;
5122 struct nl_msg *msg;
5123
5124 msg = nl80211_ifindex_msg(drv, if_nametoindex(iface), 0,
5125 NL80211_CMD_GET_KEY);
5126 if (!msg ||
5127 (addr && nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) ||
5128 nla_put_u8(msg, NL80211_ATTR_KEY_IDX, idx)) {
5129 nlmsg_free(msg);
5130 return -ENOBUFS;
5131 }
5132
5133 memset(seq, 0, 6);
5134
5135 return send_and_recv_msgs(drv, msg, get_key_handler, seq);
5136 }
5137
5138
i802_set_rts(void * priv,int rts)5139 static int i802_set_rts(void *priv, int rts)
5140 {
5141 struct i802_bss *bss = priv;
5142 struct wpa_driver_nl80211_data *drv = bss->drv;
5143 struct nl_msg *msg;
5144 int ret;
5145 u32 val;
5146
5147 if (rts >= 2347)
5148 val = (u32) -1;
5149 else
5150 val = rts;
5151
5152 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_SET_WIPHY)) ||
5153 nla_put_u32(msg, NL80211_ATTR_WIPHY_RTS_THRESHOLD, val)) {
5154 nlmsg_free(msg);
5155 return -ENOBUFS;
5156 }
5157
5158 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
5159 if (!ret)
5160 return 0;
5161 wpa_printf(MSG_DEBUG, "nl80211: Failed to set RTS threshold %d: "
5162 "%d (%s)", rts, ret, strerror(-ret));
5163 return ret;
5164 }
5165
5166
i802_set_frag(void * priv,int frag)5167 static int i802_set_frag(void *priv, int frag)
5168 {
5169 struct i802_bss *bss = priv;
5170 struct wpa_driver_nl80211_data *drv = bss->drv;
5171 struct nl_msg *msg;
5172 int ret;
5173 u32 val;
5174
5175 if (frag >= 2346)
5176 val = (u32) -1;
5177 else
5178 val = frag;
5179
5180 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_SET_WIPHY)) ||
5181 nla_put_u32(msg, NL80211_ATTR_WIPHY_FRAG_THRESHOLD, val)) {
5182 nlmsg_free(msg);
5183 return -ENOBUFS;
5184 }
5185
5186 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
5187 if (!ret)
5188 return 0;
5189 wpa_printf(MSG_DEBUG, "nl80211: Failed to set fragmentation threshold "
5190 "%d: %d (%s)", frag, ret, strerror(-ret));
5191 return ret;
5192 }
5193
5194
i802_flush(void * priv)5195 static int i802_flush(void *priv)
5196 {
5197 struct i802_bss *bss = priv;
5198 struct nl_msg *msg;
5199 int res;
5200
5201 wpa_printf(MSG_DEBUG, "nl80211: flush -> DEL_STATION %s (all)",
5202 bss->ifname);
5203
5204 /*
5205 * XXX: FIX! this needs to flush all VLANs too
5206 */
5207 msg = nl80211_bss_msg(bss, 0, NL80211_CMD_DEL_STATION);
5208 res = send_and_recv_msgs(bss->drv, msg, NULL, NULL);
5209 if (res) {
5210 wpa_printf(MSG_DEBUG, "nl80211: Station flush failed: ret=%d "
5211 "(%s)", res, strerror(-res));
5212 }
5213 return res;
5214 }
5215
5216
get_sta_handler(struct nl_msg * msg,void * arg)5217 static int get_sta_handler(struct nl_msg *msg, void *arg)
5218 {
5219 struct nlattr *tb[NL80211_ATTR_MAX + 1];
5220 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
5221 struct hostap_sta_driver_data *data = arg;
5222 struct nlattr *stats[NL80211_STA_INFO_MAX + 1];
5223 static struct nla_policy stats_policy[NL80211_STA_INFO_MAX + 1] = {
5224 [NL80211_STA_INFO_INACTIVE_TIME] = { .type = NLA_U32 },
5225 [NL80211_STA_INFO_RX_BYTES] = { .type = NLA_U32 },
5226 [NL80211_STA_INFO_TX_BYTES] = { .type = NLA_U32 },
5227 [NL80211_STA_INFO_RX_PACKETS] = { .type = NLA_U32 },
5228 [NL80211_STA_INFO_TX_PACKETS] = { .type = NLA_U32 },
5229 [NL80211_STA_INFO_TX_FAILED] = { .type = NLA_U32 },
5230 };
5231
5232 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
5233 genlmsg_attrlen(gnlh, 0), NULL);
5234
5235 /*
5236 * TODO: validate the interface and mac address!
5237 * Otherwise, there's a race condition as soon as
5238 * the kernel starts sending station notifications.
5239 */
5240
5241 if (!tb[NL80211_ATTR_STA_INFO]) {
5242 wpa_printf(MSG_DEBUG, "sta stats missing!");
5243 return NL_SKIP;
5244 }
5245 if (nla_parse_nested(stats, NL80211_STA_INFO_MAX,
5246 tb[NL80211_ATTR_STA_INFO],
5247 stats_policy)) {
5248 wpa_printf(MSG_DEBUG, "failed to parse nested attributes!");
5249 return NL_SKIP;
5250 }
5251
5252 if (stats[NL80211_STA_INFO_INACTIVE_TIME])
5253 data->inactive_msec =
5254 nla_get_u32(stats[NL80211_STA_INFO_INACTIVE_TIME]);
5255 if (stats[NL80211_STA_INFO_RX_BYTES])
5256 data->rx_bytes = nla_get_u32(stats[NL80211_STA_INFO_RX_BYTES]);
5257 if (stats[NL80211_STA_INFO_TX_BYTES])
5258 data->tx_bytes = nla_get_u32(stats[NL80211_STA_INFO_TX_BYTES]);
5259 if (stats[NL80211_STA_INFO_RX_PACKETS])
5260 data->rx_packets =
5261 nla_get_u32(stats[NL80211_STA_INFO_RX_PACKETS]);
5262 if (stats[NL80211_STA_INFO_TX_PACKETS])
5263 data->tx_packets =
5264 nla_get_u32(stats[NL80211_STA_INFO_TX_PACKETS]);
5265 if (stats[NL80211_STA_INFO_TX_FAILED])
5266 data->tx_retry_failed =
5267 nla_get_u32(stats[NL80211_STA_INFO_TX_FAILED]);
5268
5269 return NL_SKIP;
5270 }
5271
i802_read_sta_data(struct i802_bss * bss,struct hostap_sta_driver_data * data,const u8 * addr)5272 static int i802_read_sta_data(struct i802_bss *bss,
5273 struct hostap_sta_driver_data *data,
5274 const u8 *addr)
5275 {
5276 struct nl_msg *msg;
5277
5278 os_memset(data, 0, sizeof(*data));
5279
5280 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_GET_STATION)) ||
5281 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) {
5282 nlmsg_free(msg);
5283 return -ENOBUFS;
5284 }
5285
5286 return send_and_recv_msgs(bss->drv, msg, get_sta_handler, data);
5287 }
5288
5289
i802_set_tx_queue_params(void * priv,int queue,int aifs,int cw_min,int cw_max,int burst_time)5290 static int i802_set_tx_queue_params(void *priv, int queue, int aifs,
5291 int cw_min, int cw_max, int burst_time)
5292 {
5293 struct i802_bss *bss = priv;
5294 struct wpa_driver_nl80211_data *drv = bss->drv;
5295 struct nl_msg *msg;
5296 struct nlattr *txq, *params;
5297
5298 msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_WIPHY);
5299 if (!msg)
5300 return -1;
5301
5302 txq = nla_nest_start(msg, NL80211_ATTR_WIPHY_TXQ_PARAMS);
5303 if (!txq)
5304 goto fail;
5305
5306 /* We are only sending parameters for a single TXQ at a time */
5307 params = nla_nest_start(msg, 1);
5308 if (!params)
5309 goto fail;
5310
5311 switch (queue) {
5312 case 0:
5313 if (nla_put_u8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_VO))
5314 goto fail;
5315 break;
5316 case 1:
5317 if (nla_put_u8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_VI))
5318 goto fail;
5319 break;
5320 case 2:
5321 if (nla_put_u8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_BE))
5322 goto fail;
5323 break;
5324 case 3:
5325 if (nla_put_u8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_BK))
5326 goto fail;
5327 break;
5328 }
5329 /* Burst time is configured in units of 0.1 msec and TXOP parameter in
5330 * 32 usec, so need to convert the value here. */
5331 if (nla_put_u16(msg, NL80211_TXQ_ATTR_TXOP,
5332 (burst_time * 100 + 16) / 32) ||
5333 nla_put_u16(msg, NL80211_TXQ_ATTR_CWMIN, cw_min) ||
5334 nla_put_u16(msg, NL80211_TXQ_ATTR_CWMAX, cw_max) ||
5335 nla_put_u8(msg, NL80211_TXQ_ATTR_AIFS, aifs))
5336 goto fail;
5337
5338 nla_nest_end(msg, params);
5339
5340 nla_nest_end(msg, txq);
5341
5342 if (send_and_recv_msgs(drv, msg, NULL, NULL) == 0)
5343 return 0;
5344 msg = NULL;
5345 fail:
5346 nlmsg_free(msg);
5347 return -1;
5348 }
5349
5350
i802_set_sta_vlan(struct i802_bss * bss,const u8 * addr,const char * ifname,int vlan_id)5351 static int i802_set_sta_vlan(struct i802_bss *bss, const u8 *addr,
5352 const char *ifname, int vlan_id)
5353 {
5354 struct wpa_driver_nl80211_data *drv = bss->drv;
5355 struct nl_msg *msg;
5356 int ret;
5357
5358 wpa_printf(MSG_DEBUG, "nl80211: %s[%d]: set_sta_vlan(" MACSTR
5359 ", ifname=%s[%d], vlan_id=%d)",
5360 bss->ifname, if_nametoindex(bss->ifname),
5361 MAC2STR(addr), ifname, if_nametoindex(ifname), vlan_id);
5362 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_STATION)) ||
5363 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr) ||
5364 nla_put_u32(msg, NL80211_ATTR_STA_VLAN, if_nametoindex(ifname))) {
5365 nlmsg_free(msg);
5366 return -ENOBUFS;
5367 }
5368
5369 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
5370 if (ret < 0) {
5371 wpa_printf(MSG_ERROR, "nl80211: NL80211_ATTR_STA_VLAN (addr="
5372 MACSTR " ifname=%s vlan_id=%d) failed: %d (%s)",
5373 MAC2STR(addr), ifname, vlan_id, ret,
5374 strerror(-ret));
5375 }
5376 return ret;
5377 }
5378
5379
i802_get_inact_sec(void * priv,const u8 * addr)5380 static int i802_get_inact_sec(void *priv, const u8 *addr)
5381 {
5382 struct hostap_sta_driver_data data;
5383 int ret;
5384
5385 data.inactive_msec = (unsigned long) -1;
5386 ret = i802_read_sta_data(priv, &data, addr);
5387 if (ret == -ENOENT)
5388 return -ENOENT;
5389 if (ret || data.inactive_msec == (unsigned long) -1)
5390 return -1;
5391 return data.inactive_msec / 1000;
5392 }
5393
5394
i802_sta_clear_stats(void * priv,const u8 * addr)5395 static int i802_sta_clear_stats(void *priv, const u8 *addr)
5396 {
5397 #if 0
5398 /* TODO */
5399 #endif
5400 return 0;
5401 }
5402
5403
i802_sta_deauth(void * priv,const u8 * own_addr,const u8 * addr,int reason)5404 static int i802_sta_deauth(void *priv, const u8 *own_addr, const u8 *addr,
5405 int reason)
5406 {
5407 struct i802_bss *bss = priv;
5408 struct wpa_driver_nl80211_data *drv = bss->drv;
5409 struct ieee80211_mgmt mgmt;
5410
5411 if (is_mesh_interface(drv->nlmode))
5412 return -1;
5413
5414 if (drv->device_ap_sme)
5415 return wpa_driver_nl80211_sta_remove(bss, addr, 1, reason);
5416
5417 memset(&mgmt, 0, sizeof(mgmt));
5418 mgmt.frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT,
5419 WLAN_FC_STYPE_DEAUTH);
5420 memcpy(mgmt.da, addr, ETH_ALEN);
5421 memcpy(mgmt.sa, own_addr, ETH_ALEN);
5422 memcpy(mgmt.bssid, own_addr, ETH_ALEN);
5423 mgmt.u.deauth.reason_code = host_to_le16(reason);
5424 return wpa_driver_nl80211_send_mlme(bss, (u8 *) &mgmt,
5425 IEEE80211_HDRLEN +
5426 sizeof(mgmt.u.deauth), 0, 0, 0, 0,
5427 0);
5428 }
5429
5430
i802_sta_disassoc(void * priv,const u8 * own_addr,const u8 * addr,int reason)5431 static int i802_sta_disassoc(void *priv, const u8 *own_addr, const u8 *addr,
5432 int reason)
5433 {
5434 struct i802_bss *bss = priv;
5435 struct wpa_driver_nl80211_data *drv = bss->drv;
5436 struct ieee80211_mgmt mgmt;
5437
5438 if (is_mesh_interface(drv->nlmode))
5439 return -1;
5440
5441 if (drv->device_ap_sme)
5442 return wpa_driver_nl80211_sta_remove(bss, addr, 0, reason);
5443
5444 memset(&mgmt, 0, sizeof(mgmt));
5445 mgmt.frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT,
5446 WLAN_FC_STYPE_DISASSOC);
5447 memcpy(mgmt.da, addr, ETH_ALEN);
5448 memcpy(mgmt.sa, own_addr, ETH_ALEN);
5449 memcpy(mgmt.bssid, own_addr, ETH_ALEN);
5450 mgmt.u.disassoc.reason_code = host_to_le16(reason);
5451 return wpa_driver_nl80211_send_mlme(bss, (u8 *) &mgmt,
5452 IEEE80211_HDRLEN +
5453 sizeof(mgmt.u.disassoc), 0, 0, 0, 0,
5454 0);
5455 }
5456
5457
dump_ifidx(struct wpa_driver_nl80211_data * drv)5458 static void dump_ifidx(struct wpa_driver_nl80211_data *drv)
5459 {
5460 char buf[200], *pos, *end;
5461 int i, res;
5462
5463 pos = buf;
5464 end = pos + sizeof(buf);
5465
5466 for (i = 0; i < drv->num_if_indices; i++) {
5467 if (!drv->if_indices[i])
5468 continue;
5469 res = os_snprintf(pos, end - pos, " %d", drv->if_indices[i]);
5470 if (os_snprintf_error(end - pos, res))
5471 break;
5472 pos += res;
5473 }
5474 *pos = '\0';
5475
5476 wpa_printf(MSG_DEBUG, "nl80211: if_indices[%d]:%s",
5477 drv->num_if_indices, buf);
5478 }
5479
5480
add_ifidx(struct wpa_driver_nl80211_data * drv,int ifidx)5481 static void add_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx)
5482 {
5483 int i;
5484 int *old;
5485
5486 wpa_printf(MSG_DEBUG, "nl80211: Add own interface ifindex %d",
5487 ifidx);
5488 if (have_ifidx(drv, ifidx)) {
5489 wpa_printf(MSG_DEBUG, "nl80211: ifindex %d already in the list",
5490 ifidx);
5491 return;
5492 }
5493 for (i = 0; i < drv->num_if_indices; i++) {
5494 if (drv->if_indices[i] == 0) {
5495 drv->if_indices[i] = ifidx;
5496 dump_ifidx(drv);
5497 return;
5498 }
5499 }
5500
5501 if (drv->if_indices != drv->default_if_indices)
5502 old = drv->if_indices;
5503 else
5504 old = NULL;
5505
5506 drv->if_indices = os_realloc_array(old, drv->num_if_indices + 1,
5507 sizeof(int));
5508 if (!drv->if_indices) {
5509 if (!old)
5510 drv->if_indices = drv->default_if_indices;
5511 else
5512 drv->if_indices = old;
5513 wpa_printf(MSG_ERROR, "Failed to reallocate memory for "
5514 "interfaces");
5515 wpa_printf(MSG_ERROR, "Ignoring EAPOL on interface %d", ifidx);
5516 return;
5517 } else if (!old)
5518 os_memcpy(drv->if_indices, drv->default_if_indices,
5519 sizeof(drv->default_if_indices));
5520 drv->if_indices[drv->num_if_indices] = ifidx;
5521 drv->num_if_indices++;
5522 dump_ifidx(drv);
5523 }
5524
5525
del_ifidx(struct wpa_driver_nl80211_data * drv,int ifidx)5526 static void del_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx)
5527 {
5528 int i;
5529
5530 for (i = 0; i < drv->num_if_indices; i++) {
5531 if (drv->if_indices[i] == ifidx) {
5532 drv->if_indices[i] = 0;
5533 break;
5534 }
5535 }
5536 dump_ifidx(drv);
5537 }
5538
5539
have_ifidx(struct wpa_driver_nl80211_data * drv,int ifidx)5540 static int have_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx)
5541 {
5542 int i;
5543
5544 for (i = 0; i < drv->num_if_indices; i++)
5545 if (drv->if_indices[i] == ifidx)
5546 return 1;
5547
5548 return 0;
5549 }
5550
5551
i802_set_wds_sta(void * priv,const u8 * addr,int aid,int val,const char * bridge_ifname,char * ifname_wds)5552 static int i802_set_wds_sta(void *priv, const u8 *addr, int aid, int val,
5553 const char *bridge_ifname, char *ifname_wds)
5554 {
5555 struct i802_bss *bss = priv;
5556 struct wpa_driver_nl80211_data *drv = bss->drv;
5557 char name[IFNAMSIZ + 1];
5558
5559 os_snprintf(name, sizeof(name), "%s.sta%d", bss->ifname, aid);
5560 if (ifname_wds)
5561 os_strlcpy(ifname_wds, name, IFNAMSIZ + 1);
5562
5563 wpa_printf(MSG_DEBUG, "nl80211: Set WDS STA addr=" MACSTR
5564 " aid=%d val=%d name=%s", MAC2STR(addr), aid, val, name);
5565 if (val) {
5566 if (!if_nametoindex(name)) {
5567 if (nl80211_create_iface(drv, name,
5568 NL80211_IFTYPE_AP_VLAN,
5569 bss->addr, 1, NULL, NULL, 0) <
5570 0)
5571 return -1;
5572 if (bridge_ifname &&
5573 linux_br_add_if(drv->global->ioctl_sock,
5574 bridge_ifname, name) < 0)
5575 return -1;
5576 }
5577 if (linux_set_iface_flags(drv->global->ioctl_sock, name, 1)) {
5578 wpa_printf(MSG_ERROR, "nl80211: Failed to set WDS STA "
5579 "interface %s up", name);
5580 }
5581 return i802_set_sta_vlan(priv, addr, name, 0);
5582 } else {
5583 if (bridge_ifname)
5584 linux_br_del_if(drv->global->ioctl_sock, bridge_ifname,
5585 name);
5586
5587 i802_set_sta_vlan(priv, addr, bss->ifname, 0);
5588 nl80211_remove_iface(drv, if_nametoindex(name));
5589 return 0;
5590 }
5591 }
5592
5593
handle_eapol(int sock,void * eloop_ctx,void * sock_ctx)5594 static void handle_eapol(int sock, void *eloop_ctx, void *sock_ctx)
5595 {
5596 struct wpa_driver_nl80211_data *drv = eloop_ctx;
5597 struct sockaddr_ll lladdr;
5598 unsigned char buf[3000];
5599 int len;
5600 socklen_t fromlen = sizeof(lladdr);
5601
5602 len = recvfrom(sock, buf, sizeof(buf), 0,
5603 (struct sockaddr *)&lladdr, &fromlen);
5604 if (len < 0) {
5605 wpa_printf(MSG_ERROR, "nl80211: EAPOL recv failed: %s",
5606 strerror(errno));
5607 return;
5608 }
5609
5610 if (have_ifidx(drv, lladdr.sll_ifindex))
5611 drv_event_eapol_rx(drv->ctx, lladdr.sll_addr, buf, len);
5612 }
5613
5614
i802_check_bridge(struct wpa_driver_nl80211_data * drv,struct i802_bss * bss,const char * brname,const char * ifname)5615 static int i802_check_bridge(struct wpa_driver_nl80211_data *drv,
5616 struct i802_bss *bss,
5617 const char *brname, const char *ifname)
5618 {
5619 int br_ifindex;
5620 char in_br[IFNAMSIZ];
5621
5622 os_strlcpy(bss->brname, brname, IFNAMSIZ);
5623 br_ifindex = if_nametoindex(brname);
5624 if (br_ifindex == 0) {
5625 /*
5626 * Bridge was configured, but the bridge device does
5627 * not exist. Try to add it now.
5628 */
5629 if (linux_br_add(drv->global->ioctl_sock, brname) < 0) {
5630 wpa_printf(MSG_ERROR, "nl80211: Failed to add the "
5631 "bridge interface %s: %s",
5632 brname, strerror(errno));
5633 return -1;
5634 }
5635 bss->added_bridge = 1;
5636 br_ifindex = if_nametoindex(brname);
5637 add_ifidx(drv, br_ifindex);
5638 }
5639 bss->br_ifindex = br_ifindex;
5640
5641 if (linux_br_get(in_br, ifname) == 0) {
5642 if (os_strcmp(in_br, brname) == 0)
5643 return 0; /* already in the bridge */
5644
5645 wpa_printf(MSG_DEBUG, "nl80211: Removing interface %s from "
5646 "bridge %s", ifname, in_br);
5647 if (linux_br_del_if(drv->global->ioctl_sock, in_br, ifname) <
5648 0) {
5649 wpa_printf(MSG_ERROR, "nl80211: Failed to "
5650 "remove interface %s from bridge "
5651 "%s: %s",
5652 ifname, brname, strerror(errno));
5653 return -1;
5654 }
5655 }
5656
5657 wpa_printf(MSG_DEBUG, "nl80211: Adding interface %s into bridge %s",
5658 ifname, brname);
5659 if (linux_br_add_if(drv->global->ioctl_sock, brname, ifname) < 0) {
5660 wpa_printf(MSG_ERROR, "nl80211: Failed to add interface %s "
5661 "into bridge %s: %s",
5662 ifname, brname, strerror(errno));
5663 return -1;
5664 }
5665 bss->added_if_into_bridge = 1;
5666
5667 return 0;
5668 }
5669
5670
i802_init(struct hostapd_data * hapd,struct wpa_init_params * params)5671 static void *i802_init(struct hostapd_data *hapd,
5672 struct wpa_init_params *params)
5673 {
5674 struct wpa_driver_nl80211_data *drv;
5675 struct i802_bss *bss;
5676 size_t i;
5677 char brname[IFNAMSIZ];
5678 int ifindex, br_ifindex;
5679 int br_added = 0;
5680
5681 bss = wpa_driver_nl80211_drv_init(hapd, params->ifname,
5682 params->global_priv, 1,
5683 params->bssid, params->driver_params);
5684 if (bss == NULL)
5685 return NULL;
5686
5687 drv = bss->drv;
5688
5689 if (linux_br_get(brname, params->ifname) == 0) {
5690 wpa_printf(MSG_DEBUG, "nl80211: Interface %s is in bridge %s",
5691 params->ifname, brname);
5692 br_ifindex = if_nametoindex(brname);
5693 os_strlcpy(bss->brname, brname, IFNAMSIZ);
5694 } else {
5695 brname[0] = '\0';
5696 br_ifindex = 0;
5697 }
5698 bss->br_ifindex = br_ifindex;
5699
5700 for (i = 0; i < params->num_bridge; i++) {
5701 if (params->bridge[i]) {
5702 ifindex = if_nametoindex(params->bridge[i]);
5703 if (ifindex)
5704 add_ifidx(drv, ifindex);
5705 if (ifindex == br_ifindex)
5706 br_added = 1;
5707 }
5708 }
5709
5710 /* start listening for EAPOL on the default AP interface */
5711 add_ifidx(drv, drv->ifindex);
5712
5713 if (params->num_bridge && params->bridge[0]) {
5714 if (i802_check_bridge(drv, bss, params->bridge[0],
5715 params->ifname) < 0)
5716 goto failed;
5717 if (os_strcmp(params->bridge[0], brname) != 0)
5718 br_added = 1;
5719 }
5720
5721 if (!br_added && br_ifindex &&
5722 (params->num_bridge == 0 || !params->bridge[0]))
5723 add_ifidx(drv, br_ifindex);
5724
5725 #ifdef CONFIG_LIBNL3_ROUTE
5726 if (bss->added_if_into_bridge) {
5727 drv->rtnl_sk = nl_socket_alloc();
5728 if (drv->rtnl_sk == NULL) {
5729 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate nl_sock");
5730 goto failed;
5731 }
5732
5733 if (nl_connect(drv->rtnl_sk, NETLINK_ROUTE)) {
5734 wpa_printf(MSG_ERROR, "nl80211: Failed to connect nl_sock to NETLINK_ROUTE: %s",
5735 strerror(errno));
5736 goto failed;
5737 }
5738 }
5739 #endif /* CONFIG_LIBNL3_ROUTE */
5740
5741 drv->eapol_sock = socket(PF_PACKET, SOCK_DGRAM, htons(ETH_P_PAE));
5742 if (drv->eapol_sock < 0) {
5743 wpa_printf(MSG_ERROR, "nl80211: socket(PF_PACKET, SOCK_DGRAM, ETH_P_PAE) failed: %s",
5744 strerror(errno));
5745 goto failed;
5746 }
5747
5748 if (eloop_register_read_sock(drv->eapol_sock, handle_eapol, drv, NULL))
5749 {
5750 wpa_printf(MSG_INFO, "nl80211: Could not register read socket for eapol");
5751 goto failed;
5752 }
5753
5754 if (linux_get_ifhwaddr(drv->global->ioctl_sock, bss->ifname,
5755 params->own_addr))
5756 goto failed;
5757 os_memcpy(drv->perm_addr, params->own_addr, ETH_ALEN);
5758
5759 memcpy(bss->addr, params->own_addr, ETH_ALEN);
5760
5761 return bss;
5762
5763 failed:
5764 wpa_driver_nl80211_deinit(bss);
5765 return NULL;
5766 }
5767
5768
i802_deinit(void * priv)5769 static void i802_deinit(void *priv)
5770 {
5771 struct i802_bss *bss = priv;
5772 wpa_driver_nl80211_deinit(bss);
5773 }
5774
5775
wpa_driver_nl80211_if_type(enum wpa_driver_if_type type)5776 static enum nl80211_iftype wpa_driver_nl80211_if_type(
5777 enum wpa_driver_if_type type)
5778 {
5779 switch (type) {
5780 case WPA_IF_STATION:
5781 return NL80211_IFTYPE_STATION;
5782 case WPA_IF_P2P_CLIENT:
5783 case WPA_IF_P2P_GROUP:
5784 return NL80211_IFTYPE_P2P_CLIENT;
5785 case WPA_IF_AP_VLAN:
5786 return NL80211_IFTYPE_AP_VLAN;
5787 case WPA_IF_AP_BSS:
5788 return NL80211_IFTYPE_AP;
5789 case WPA_IF_P2P_GO:
5790 return NL80211_IFTYPE_P2P_GO;
5791 case WPA_IF_P2P_DEVICE:
5792 return NL80211_IFTYPE_P2P_DEVICE;
5793 case WPA_IF_MESH:
5794 return NL80211_IFTYPE_MESH_POINT;
5795 }
5796 return -1;
5797 }
5798
5799
nl80211_addr_in_use(struct nl80211_global * global,const u8 * addr)5800 static int nl80211_addr_in_use(struct nl80211_global *global, const u8 *addr)
5801 {
5802 struct wpa_driver_nl80211_data *drv;
5803 dl_list_for_each(drv, &global->interfaces,
5804 struct wpa_driver_nl80211_data, list) {
5805 if (os_memcmp(addr, drv->first_bss->addr, ETH_ALEN) == 0)
5806 return 1;
5807 }
5808 return 0;
5809 }
5810
5811
nl80211_vif_addr(struct wpa_driver_nl80211_data * drv,u8 * new_addr)5812 static int nl80211_vif_addr(struct wpa_driver_nl80211_data *drv, u8 *new_addr)
5813 {
5814 unsigned int idx;
5815
5816 if (!drv->global)
5817 return -1;
5818
5819 os_memcpy(new_addr, drv->first_bss->addr, ETH_ALEN);
5820 for (idx = 0; idx < 64; idx++) {
5821 new_addr[0] = drv->first_bss->addr[0] | 0x02;
5822 new_addr[0] ^= idx << 2;
5823 if (!nl80211_addr_in_use(drv->global, new_addr))
5824 break;
5825 }
5826 if (idx == 64)
5827 return -1;
5828
5829 wpa_printf(MSG_DEBUG, "nl80211: Assigned new virtual interface address "
5830 MACSTR, MAC2STR(new_addr));
5831
5832 return 0;
5833 }
5834
5835
5836 struct wdev_info {
5837 u64 wdev_id;
5838 int wdev_id_set;
5839 u8 macaddr[ETH_ALEN];
5840 };
5841
nl80211_wdev_handler(struct nl_msg * msg,void * arg)5842 static int nl80211_wdev_handler(struct nl_msg *msg, void *arg)
5843 {
5844 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
5845 struct nlattr *tb[NL80211_ATTR_MAX + 1];
5846 struct wdev_info *wi = arg;
5847
5848 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
5849 genlmsg_attrlen(gnlh, 0), NULL);
5850 if (tb[NL80211_ATTR_WDEV]) {
5851 wi->wdev_id = nla_get_u64(tb[NL80211_ATTR_WDEV]);
5852 wi->wdev_id_set = 1;
5853 }
5854
5855 if (tb[NL80211_ATTR_MAC])
5856 os_memcpy(wi->macaddr, nla_data(tb[NL80211_ATTR_MAC]),
5857 ETH_ALEN);
5858
5859 return NL_SKIP;
5860 }
5861
5862
wpa_driver_nl80211_if_add(void * priv,enum wpa_driver_if_type type,const char * ifname,const u8 * addr,void * bss_ctx,void ** drv_priv,char * force_ifname,u8 * if_addr,const char * bridge,int use_existing)5863 static int wpa_driver_nl80211_if_add(void *priv, enum wpa_driver_if_type type,
5864 const char *ifname, const u8 *addr,
5865 void *bss_ctx, void **drv_priv,
5866 char *force_ifname, u8 *if_addr,
5867 const char *bridge, int use_existing)
5868 {
5869 enum nl80211_iftype nlmode;
5870 struct i802_bss *bss = priv;
5871 struct wpa_driver_nl80211_data *drv = bss->drv;
5872 int ifidx;
5873 int added = 1;
5874
5875 if (addr)
5876 os_memcpy(if_addr, addr, ETH_ALEN);
5877 nlmode = wpa_driver_nl80211_if_type(type);
5878 if (nlmode == NL80211_IFTYPE_P2P_DEVICE) {
5879 struct wdev_info p2pdev_info;
5880
5881 os_memset(&p2pdev_info, 0, sizeof(p2pdev_info));
5882 ifidx = nl80211_create_iface(drv, ifname, nlmode, addr,
5883 0, nl80211_wdev_handler,
5884 &p2pdev_info, use_existing);
5885 if (!p2pdev_info.wdev_id_set || ifidx != 0) {
5886 wpa_printf(MSG_ERROR, "nl80211: Failed to create a P2P Device interface %s",
5887 ifname);
5888 return -1;
5889 }
5890
5891 drv->global->if_add_wdevid = p2pdev_info.wdev_id;
5892 drv->global->if_add_wdevid_set = p2pdev_info.wdev_id_set;
5893 if (!is_zero_ether_addr(p2pdev_info.macaddr))
5894 os_memcpy(if_addr, p2pdev_info.macaddr, ETH_ALEN);
5895 wpa_printf(MSG_DEBUG, "nl80211: New P2P Device interface %s (0x%llx) created",
5896 ifname,
5897 (long long unsigned int) p2pdev_info.wdev_id);
5898 } else {
5899 ifidx = nl80211_create_iface(drv, ifname, nlmode, addr,
5900 0, NULL, NULL, use_existing);
5901 if (use_existing && ifidx == -ENFILE) {
5902 added = 0;
5903 ifidx = if_nametoindex(ifname);
5904 } else if (ifidx < 0) {
5905 return -1;
5906 }
5907 }
5908
5909 if (!addr) {
5910 if (nlmode == NL80211_IFTYPE_P2P_DEVICE)
5911 os_memcpy(if_addr, bss->addr, ETH_ALEN);
5912 else if (linux_get_ifhwaddr(drv->global->ioctl_sock,
5913 ifname, if_addr) < 0) {
5914 if (added)
5915 nl80211_remove_iface(drv, ifidx);
5916 return -1;
5917 }
5918 }
5919
5920 if (!addr &&
5921 (type == WPA_IF_P2P_CLIENT || type == WPA_IF_P2P_GROUP ||
5922 type == WPA_IF_P2P_GO || type == WPA_IF_MESH ||
5923 type == WPA_IF_STATION)) {
5924 /* Enforce unique address */
5925 u8 new_addr[ETH_ALEN];
5926
5927 if (linux_get_ifhwaddr(drv->global->ioctl_sock, ifname,
5928 new_addr) < 0) {
5929 if (added)
5930 nl80211_remove_iface(drv, ifidx);
5931 return -1;
5932 }
5933 if (nl80211_addr_in_use(drv->global, new_addr)) {
5934 wpa_printf(MSG_DEBUG, "nl80211: Allocate new address "
5935 "for interface %s type %d", ifname, type);
5936 if (nl80211_vif_addr(drv, new_addr) < 0) {
5937 if (added)
5938 nl80211_remove_iface(drv, ifidx);
5939 return -1;
5940 }
5941 if (linux_set_ifhwaddr(drv->global->ioctl_sock, ifname,
5942 new_addr) < 0) {
5943 if (added)
5944 nl80211_remove_iface(drv, ifidx);
5945 return -1;
5946 }
5947 }
5948 os_memcpy(if_addr, new_addr, ETH_ALEN);
5949 }
5950
5951 if (type == WPA_IF_AP_BSS) {
5952 struct i802_bss *new_bss = os_zalloc(sizeof(*new_bss));
5953 if (new_bss == NULL) {
5954 if (added)
5955 nl80211_remove_iface(drv, ifidx);
5956 return -1;
5957 }
5958
5959 if (bridge &&
5960 i802_check_bridge(drv, new_bss, bridge, ifname) < 0) {
5961 wpa_printf(MSG_ERROR, "nl80211: Failed to add the new "
5962 "interface %s to a bridge %s",
5963 ifname, bridge);
5964 if (added)
5965 nl80211_remove_iface(drv, ifidx);
5966 os_free(new_bss);
5967 return -1;
5968 }
5969
5970 if (linux_set_iface_flags(drv->global->ioctl_sock, ifname, 1))
5971 {
5972 if (added)
5973 nl80211_remove_iface(drv, ifidx);
5974 os_free(new_bss);
5975 return -1;
5976 }
5977 os_strlcpy(new_bss->ifname, ifname, IFNAMSIZ);
5978 os_memcpy(new_bss->addr, if_addr, ETH_ALEN);
5979 new_bss->ifindex = ifidx;
5980 new_bss->drv = drv;
5981 new_bss->next = drv->first_bss->next;
5982 new_bss->freq = drv->first_bss->freq;
5983 new_bss->ctx = bss_ctx;
5984 new_bss->added_if = added;
5985 drv->first_bss->next = new_bss;
5986 if (drv_priv)
5987 *drv_priv = new_bss;
5988 nl80211_init_bss(new_bss);
5989
5990 /* Subscribe management frames for this WPA_IF_AP_BSS */
5991 if (nl80211_setup_ap(new_bss))
5992 return -1;
5993 }
5994
5995 if (drv->global)
5996 drv->global->if_add_ifindex = ifidx;
5997
5998 /*
5999 * Some virtual interfaces need to process EAPOL packets and events on
6000 * the parent interface. This is used mainly with hostapd.
6001 */
6002 if (ifidx > 0 &&
6003 (drv->hostapd ||
6004 nlmode == NL80211_IFTYPE_AP_VLAN ||
6005 nlmode == NL80211_IFTYPE_WDS ||
6006 nlmode == NL80211_IFTYPE_MONITOR))
6007 add_ifidx(drv, ifidx);
6008
6009 return 0;
6010 }
6011
6012
wpa_driver_nl80211_if_remove(struct i802_bss * bss,enum wpa_driver_if_type type,const char * ifname)6013 static int wpa_driver_nl80211_if_remove(struct i802_bss *bss,
6014 enum wpa_driver_if_type type,
6015 const char *ifname)
6016 {
6017 struct wpa_driver_nl80211_data *drv = bss->drv;
6018 int ifindex = if_nametoindex(ifname);
6019
6020 wpa_printf(MSG_DEBUG, "nl80211: %s(type=%d ifname=%s) ifindex=%d added_if=%d",
6021 __func__, type, ifname, ifindex, bss->added_if);
6022 if (ifindex > 0 && (bss->added_if || bss->ifindex != ifindex))
6023 nl80211_remove_iface(drv, ifindex);
6024 else if (ifindex > 0 && !bss->added_if) {
6025 struct wpa_driver_nl80211_data *drv2;
6026 dl_list_for_each(drv2, &drv->global->interfaces,
6027 struct wpa_driver_nl80211_data, list)
6028 del_ifidx(drv2, ifindex);
6029 }
6030
6031 if (type != WPA_IF_AP_BSS)
6032 return 0;
6033
6034 if (bss->added_if_into_bridge) {
6035 if (linux_br_del_if(drv->global->ioctl_sock, bss->brname,
6036 bss->ifname) < 0)
6037 wpa_printf(MSG_INFO, "nl80211: Failed to remove "
6038 "interface %s from bridge %s: %s",
6039 bss->ifname, bss->brname, strerror(errno));
6040 }
6041 if (bss->added_bridge) {
6042 if (linux_br_del(drv->global->ioctl_sock, bss->brname) < 0)
6043 wpa_printf(MSG_INFO, "nl80211: Failed to remove "
6044 "bridge %s: %s",
6045 bss->brname, strerror(errno));
6046 }
6047
6048 if (bss != drv->first_bss) {
6049 struct i802_bss *tbss;
6050
6051 wpa_printf(MSG_DEBUG, "nl80211: Not the first BSS - remove it");
6052 for (tbss = drv->first_bss; tbss; tbss = tbss->next) {
6053 if (tbss->next == bss) {
6054 tbss->next = bss->next;
6055 /* Unsubscribe management frames */
6056 nl80211_teardown_ap(bss);
6057 nl80211_destroy_bss(bss);
6058 if (!bss->added_if)
6059 i802_set_iface_flags(bss, 0);
6060 os_free(bss);
6061 bss = NULL;
6062 break;
6063 }
6064 }
6065 if (bss)
6066 wpa_printf(MSG_INFO, "nl80211: %s - could not find "
6067 "BSS %p in the list", __func__, bss);
6068 } else {
6069 wpa_printf(MSG_DEBUG, "nl80211: First BSS - reassign context");
6070 nl80211_teardown_ap(bss);
6071 if (!bss->added_if && !drv->first_bss->next)
6072 wpa_driver_nl80211_del_beacon(drv);
6073 nl80211_destroy_bss(bss);
6074 if (!bss->added_if)
6075 i802_set_iface_flags(bss, 0);
6076 if (drv->first_bss->next) {
6077 drv->first_bss = drv->first_bss->next;
6078 drv->ctx = drv->first_bss->ctx;
6079 os_free(bss);
6080 } else {
6081 wpa_printf(MSG_DEBUG, "nl80211: No second BSS to reassign context to");
6082 }
6083 }
6084
6085 return 0;
6086 }
6087
6088
cookie_handler(struct nl_msg * msg,void * arg)6089 static int cookie_handler(struct nl_msg *msg, void *arg)
6090 {
6091 struct nlattr *tb[NL80211_ATTR_MAX + 1];
6092 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
6093 u64 *cookie = arg;
6094 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
6095 genlmsg_attrlen(gnlh, 0), NULL);
6096 if (tb[NL80211_ATTR_COOKIE])
6097 *cookie = nla_get_u64(tb[NL80211_ATTR_COOKIE]);
6098 return NL_SKIP;
6099 }
6100
6101
nl80211_send_frame_cmd(struct i802_bss * bss,unsigned int freq,unsigned int wait,const u8 * buf,size_t buf_len,u64 * cookie_out,int no_cck,int no_ack,int offchanok)6102 static int nl80211_send_frame_cmd(struct i802_bss *bss,
6103 unsigned int freq, unsigned int wait,
6104 const u8 *buf, size_t buf_len,
6105 u64 *cookie_out, int no_cck, int no_ack,
6106 int offchanok)
6107 {
6108 struct wpa_driver_nl80211_data *drv = bss->drv;
6109 struct nl_msg *msg;
6110 u64 cookie;
6111 int ret = -1;
6112
6113 wpa_printf(MSG_MSGDUMP, "nl80211: CMD_FRAME freq=%u wait=%u no_cck=%d "
6114 "no_ack=%d offchanok=%d",
6115 freq, wait, no_cck, no_ack, offchanok);
6116 wpa_hexdump(MSG_MSGDUMP, "CMD_FRAME", buf, buf_len);
6117
6118 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_FRAME)) ||
6119 (freq && nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, freq)) ||
6120 (wait && nla_put_u32(msg, NL80211_ATTR_DURATION, wait)) ||
6121 (offchanok && ((drv->capa.flags & WPA_DRIVER_FLAGS_OFFCHANNEL_TX) ||
6122 drv->test_use_roc_tx) &&
6123 nla_put_flag(msg, NL80211_ATTR_OFFCHANNEL_TX_OK)) ||
6124 (no_cck && nla_put_flag(msg, NL80211_ATTR_TX_NO_CCK_RATE)) ||
6125 (no_ack && nla_put_flag(msg, NL80211_ATTR_DONT_WAIT_FOR_ACK)) ||
6126 nla_put(msg, NL80211_ATTR_FRAME, buf_len, buf))
6127 goto fail;
6128
6129 cookie = 0;
6130 ret = send_and_recv_msgs(drv, msg, cookie_handler, &cookie);
6131 msg = NULL;
6132 if (ret) {
6133 wpa_printf(MSG_DEBUG, "nl80211: Frame command failed: ret=%d "
6134 "(%s) (freq=%u wait=%u)", ret, strerror(-ret),
6135 freq, wait);
6136 } else {
6137 wpa_printf(MSG_MSGDUMP, "nl80211: Frame TX command accepted%s; "
6138 "cookie 0x%llx", no_ack ? " (no ACK)" : "",
6139 (long long unsigned int) cookie);
6140
6141 if (cookie_out)
6142 *cookie_out = no_ack ? (u64) -1 : cookie;
6143 }
6144
6145 fail:
6146 nlmsg_free(msg);
6147 return ret;
6148 }
6149
6150
wpa_driver_nl80211_send_action(struct i802_bss * bss,unsigned int freq,unsigned int wait_time,const u8 * dst,const u8 * src,const u8 * bssid,const u8 * data,size_t data_len,int no_cck)6151 static int wpa_driver_nl80211_send_action(struct i802_bss *bss,
6152 unsigned int freq,
6153 unsigned int wait_time,
6154 const u8 *dst, const u8 *src,
6155 const u8 *bssid,
6156 const u8 *data, size_t data_len,
6157 int no_cck)
6158 {
6159 struct wpa_driver_nl80211_data *drv = bss->drv;
6160 int ret = -1;
6161 u8 *buf;
6162 struct ieee80211_hdr *hdr;
6163
6164 wpa_printf(MSG_DEBUG, "nl80211: Send Action frame (ifindex=%d, "
6165 "freq=%u MHz wait=%d ms no_cck=%d)",
6166 drv->ifindex, freq, wait_time, no_cck);
6167
6168 buf = os_zalloc(24 + data_len);
6169 if (buf == NULL)
6170 return ret;
6171 os_memcpy(buf + 24, data, data_len);
6172 hdr = (struct ieee80211_hdr *) buf;
6173 hdr->frame_control =
6174 IEEE80211_FC(WLAN_FC_TYPE_MGMT, WLAN_FC_STYPE_ACTION);
6175 os_memcpy(hdr->addr1, dst, ETH_ALEN);
6176 os_memcpy(hdr->addr2, src, ETH_ALEN);
6177 os_memcpy(hdr->addr3, bssid, ETH_ALEN);
6178
6179 if (is_ap_interface(drv->nlmode) &&
6180 (!(drv->capa.flags & WPA_DRIVER_FLAGS_OFFCHANNEL_TX) ||
6181 (int) freq == bss->freq || drv->device_ap_sme ||
6182 !drv->use_monitor))
6183 ret = wpa_driver_nl80211_send_mlme(bss, buf, 24 + data_len,
6184 0, freq, no_cck, 1,
6185 wait_time);
6186 else
6187 ret = nl80211_send_frame_cmd(bss, freq, wait_time, buf,
6188 24 + data_len,
6189 &drv->send_action_cookie,
6190 no_cck, 0, 1);
6191
6192 os_free(buf);
6193 return ret;
6194 }
6195
6196
wpa_driver_nl80211_send_action_cancel_wait(void * priv)6197 static void wpa_driver_nl80211_send_action_cancel_wait(void *priv)
6198 {
6199 struct i802_bss *bss = priv;
6200 struct wpa_driver_nl80211_data *drv = bss->drv;
6201 struct nl_msg *msg;
6202 int ret;
6203
6204 wpa_printf(MSG_DEBUG, "nl80211: Cancel TX frame wait: cookie=0x%llx",
6205 (long long unsigned int) drv->send_action_cookie);
6206 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_FRAME_WAIT_CANCEL)) ||
6207 nla_put_u64(msg, NL80211_ATTR_COOKIE, drv->send_action_cookie)) {
6208 nlmsg_free(msg);
6209 return;
6210 }
6211
6212 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
6213 if (ret)
6214 wpa_printf(MSG_DEBUG, "nl80211: wait cancel failed: ret=%d "
6215 "(%s)", ret, strerror(-ret));
6216 }
6217
6218
wpa_driver_nl80211_remain_on_channel(void * priv,unsigned int freq,unsigned int duration)6219 static int wpa_driver_nl80211_remain_on_channel(void *priv, unsigned int freq,
6220 unsigned int duration)
6221 {
6222 struct i802_bss *bss = priv;
6223 struct wpa_driver_nl80211_data *drv = bss->drv;
6224 struct nl_msg *msg;
6225 int ret;
6226 u64 cookie;
6227
6228 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_REMAIN_ON_CHANNEL)) ||
6229 nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, freq) ||
6230 nla_put_u32(msg, NL80211_ATTR_DURATION, duration)) {
6231 nlmsg_free(msg);
6232 return -1;
6233 }
6234
6235 cookie = 0;
6236 ret = send_and_recv_msgs(drv, msg, cookie_handler, &cookie);
6237 if (ret == 0) {
6238 wpa_printf(MSG_DEBUG, "nl80211: Remain-on-channel cookie "
6239 "0x%llx for freq=%u MHz duration=%u",
6240 (long long unsigned int) cookie, freq, duration);
6241 drv->remain_on_chan_cookie = cookie;
6242 drv->pending_remain_on_chan = 1;
6243 return 0;
6244 }
6245 wpa_printf(MSG_DEBUG, "nl80211: Failed to request remain-on-channel "
6246 "(freq=%d duration=%u): %d (%s)",
6247 freq, duration, ret, strerror(-ret));
6248 return -1;
6249 }
6250
6251
wpa_driver_nl80211_cancel_remain_on_channel(void * priv)6252 static int wpa_driver_nl80211_cancel_remain_on_channel(void *priv)
6253 {
6254 struct i802_bss *bss = priv;
6255 struct wpa_driver_nl80211_data *drv = bss->drv;
6256 struct nl_msg *msg;
6257 int ret;
6258
6259 if (!drv->pending_remain_on_chan) {
6260 wpa_printf(MSG_DEBUG, "nl80211: No pending remain-on-channel "
6261 "to cancel");
6262 return -1;
6263 }
6264
6265 wpa_printf(MSG_DEBUG, "nl80211: Cancel remain-on-channel with cookie "
6266 "0x%llx",
6267 (long long unsigned int) drv->remain_on_chan_cookie);
6268
6269 msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL);
6270 if (!msg ||
6271 nla_put_u64(msg, NL80211_ATTR_COOKIE, drv->remain_on_chan_cookie)) {
6272 nlmsg_free(msg);
6273 return -1;
6274 }
6275
6276 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
6277 if (ret == 0)
6278 return 0;
6279 wpa_printf(MSG_DEBUG, "nl80211: Failed to cancel remain-on-channel: "
6280 "%d (%s)", ret, strerror(-ret));
6281 return -1;
6282 }
6283
6284
wpa_driver_nl80211_probe_req_report(struct i802_bss * bss,int report)6285 static int wpa_driver_nl80211_probe_req_report(struct i802_bss *bss, int report)
6286 {
6287 struct wpa_driver_nl80211_data *drv = bss->drv;
6288
6289 if (!report) {
6290 if (bss->nl_preq && drv->device_ap_sme &&
6291 is_ap_interface(drv->nlmode) && !bss->in_deinit &&
6292 !bss->static_ap) {
6293 /*
6294 * Do not disable Probe Request reporting that was
6295 * enabled in nl80211_setup_ap().
6296 */
6297 wpa_printf(MSG_DEBUG, "nl80211: Skip disabling of "
6298 "Probe Request reporting nl_preq=%p while "
6299 "in AP mode", bss->nl_preq);
6300 } else if (bss->nl_preq) {
6301 wpa_printf(MSG_DEBUG, "nl80211: Disable Probe Request "
6302 "reporting nl_preq=%p", bss->nl_preq);
6303 nl80211_destroy_eloop_handle(&bss->nl_preq);
6304 }
6305 return 0;
6306 }
6307
6308 if (bss->nl_preq) {
6309 wpa_printf(MSG_DEBUG, "nl80211: Probe Request reporting "
6310 "already on! nl_preq=%p", bss->nl_preq);
6311 return 0;
6312 }
6313
6314 bss->nl_preq = nl_create_handle(drv->global->nl_cb, "preq");
6315 if (bss->nl_preq == NULL)
6316 return -1;
6317 wpa_printf(MSG_DEBUG, "nl80211: Enable Probe Request "
6318 "reporting nl_preq=%p", bss->nl_preq);
6319
6320 if (nl80211_register_frame(bss, bss->nl_preq,
6321 (WLAN_FC_TYPE_MGMT << 2) |
6322 (WLAN_FC_STYPE_PROBE_REQ << 4),
6323 NULL, 0) < 0)
6324 goto out_err;
6325
6326 nl80211_register_eloop_read(&bss->nl_preq,
6327 wpa_driver_nl80211_event_receive,
6328 bss->nl_cb);
6329
6330 return 0;
6331
6332 out_err:
6333 nl_destroy_handles(&bss->nl_preq);
6334 return -1;
6335 }
6336
6337
nl80211_disable_11b_rates(struct wpa_driver_nl80211_data * drv,int ifindex,int disabled)6338 static int nl80211_disable_11b_rates(struct wpa_driver_nl80211_data *drv,
6339 int ifindex, int disabled)
6340 {
6341 struct nl_msg *msg;
6342 struct nlattr *bands, *band;
6343 int ret;
6344
6345 wpa_printf(MSG_DEBUG,
6346 "nl80211: NL80211_CMD_SET_TX_BITRATE_MASK (ifindex=%d %s)",
6347 ifindex, disabled ? "NL80211_TXRATE_LEGACY=OFDM-only" :
6348 "no NL80211_TXRATE_LEGACY constraint");
6349
6350 msg = nl80211_ifindex_msg(drv, ifindex, 0,
6351 NL80211_CMD_SET_TX_BITRATE_MASK);
6352 if (!msg)
6353 return -1;
6354
6355 bands = nla_nest_start(msg, NL80211_ATTR_TX_RATES);
6356 if (!bands)
6357 goto fail;
6358
6359 /*
6360 * Disable 2 GHz rates 1, 2, 5.5, 11 Mbps by masking out everything
6361 * else apart from 6, 9, 12, 18, 24, 36, 48, 54 Mbps from non-MCS
6362 * rates. All 5 GHz rates are left enabled.
6363 */
6364 band = nla_nest_start(msg, NL80211_BAND_2GHZ);
6365 if (!band ||
6366 (disabled && nla_put(msg, NL80211_TXRATE_LEGACY, 8,
6367 "\x0c\x12\x18\x24\x30\x48\x60\x6c")))
6368 goto fail;
6369 nla_nest_end(msg, band);
6370
6371 nla_nest_end(msg, bands);
6372
6373 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
6374 if (ret) {
6375 wpa_printf(MSG_DEBUG, "nl80211: Set TX rates failed: ret=%d "
6376 "(%s)", ret, strerror(-ret));
6377 } else
6378 drv->disabled_11b_rates = disabled;
6379
6380 return ret;
6381
6382 fail:
6383 nlmsg_free(msg);
6384 return -1;
6385 }
6386
6387
wpa_driver_nl80211_deinit_ap(void * priv)6388 static int wpa_driver_nl80211_deinit_ap(void *priv)
6389 {
6390 struct i802_bss *bss = priv;
6391 struct wpa_driver_nl80211_data *drv = bss->drv;
6392 if (!is_ap_interface(drv->nlmode))
6393 return -1;
6394 wpa_driver_nl80211_del_beacon(drv);
6395 bss->beacon_set = 0;
6396
6397 /*
6398 * If the P2P GO interface was dynamically added, then it is
6399 * possible that the interface change to station is not possible.
6400 */
6401 if (drv->nlmode == NL80211_IFTYPE_P2P_GO && bss->if_dynamic)
6402 return 0;
6403
6404 return wpa_driver_nl80211_set_mode(priv, NL80211_IFTYPE_STATION);
6405 }
6406
6407
wpa_driver_nl80211_stop_ap(void * priv)6408 static int wpa_driver_nl80211_stop_ap(void *priv)
6409 {
6410 struct i802_bss *bss = priv;
6411 struct wpa_driver_nl80211_data *drv = bss->drv;
6412 if (!is_ap_interface(drv->nlmode))
6413 return -1;
6414 wpa_driver_nl80211_del_beacon(drv);
6415 bss->beacon_set = 0;
6416 return 0;
6417 }
6418
6419
wpa_driver_nl80211_deinit_p2p_cli(void * priv)6420 static int wpa_driver_nl80211_deinit_p2p_cli(void *priv)
6421 {
6422 struct i802_bss *bss = priv;
6423 struct wpa_driver_nl80211_data *drv = bss->drv;
6424 if (drv->nlmode != NL80211_IFTYPE_P2P_CLIENT)
6425 return -1;
6426
6427 /*
6428 * If the P2P Client interface was dynamically added, then it is
6429 * possible that the interface change to station is not possible.
6430 */
6431 if (bss->if_dynamic)
6432 return 0;
6433
6434 return wpa_driver_nl80211_set_mode(priv, NL80211_IFTYPE_STATION);
6435 }
6436
6437
wpa_driver_nl80211_resume(void * priv)6438 static void wpa_driver_nl80211_resume(void *priv)
6439 {
6440 struct i802_bss *bss = priv;
6441
6442 if (i802_set_iface_flags(bss, 1))
6443 wpa_printf(MSG_DEBUG, "nl80211: Failed to set interface up on resume event");
6444 }
6445
6446
nl80211_signal_monitor(void * priv,int threshold,int hysteresis)6447 static int nl80211_signal_monitor(void *priv, int threshold, int hysteresis)
6448 {
6449 struct i802_bss *bss = priv;
6450 struct wpa_driver_nl80211_data *drv = bss->drv;
6451 struct nl_msg *msg;
6452 struct nlattr *cqm;
6453
6454 wpa_printf(MSG_DEBUG, "nl80211: Signal monitor threshold=%d "
6455 "hysteresis=%d", threshold, hysteresis);
6456
6457 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_CQM)) ||
6458 !(cqm = nla_nest_start(msg, NL80211_ATTR_CQM)) ||
6459 nla_put_u32(msg, NL80211_ATTR_CQM_RSSI_THOLD, threshold) ||
6460 nla_put_u32(msg, NL80211_ATTR_CQM_RSSI_HYST, hysteresis)) {
6461 nlmsg_free(msg);
6462 return -1;
6463 }
6464 nla_nest_end(msg, cqm);
6465
6466 return send_and_recv_msgs(drv, msg, NULL, NULL);
6467 }
6468
6469
get_channel_width(struct nl_msg * msg,void * arg)6470 static int get_channel_width(struct nl_msg *msg, void *arg)
6471 {
6472 struct nlattr *tb[NL80211_ATTR_MAX + 1];
6473 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
6474 struct wpa_signal_info *sig_change = arg;
6475
6476 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
6477 genlmsg_attrlen(gnlh, 0), NULL);
6478
6479 sig_change->center_frq1 = -1;
6480 sig_change->center_frq2 = -1;
6481 sig_change->chanwidth = CHAN_WIDTH_UNKNOWN;
6482
6483 if (tb[NL80211_ATTR_CHANNEL_WIDTH]) {
6484 sig_change->chanwidth = convert2width(
6485 nla_get_u32(tb[NL80211_ATTR_CHANNEL_WIDTH]));
6486 if (tb[NL80211_ATTR_CENTER_FREQ1])
6487 sig_change->center_frq1 =
6488 nla_get_u32(tb[NL80211_ATTR_CENTER_FREQ1]);
6489 if (tb[NL80211_ATTR_CENTER_FREQ2])
6490 sig_change->center_frq2 =
6491 nla_get_u32(tb[NL80211_ATTR_CENTER_FREQ2]);
6492 }
6493
6494 return NL_SKIP;
6495 }
6496
6497
nl80211_get_channel_width(struct wpa_driver_nl80211_data * drv,struct wpa_signal_info * sig)6498 static int nl80211_get_channel_width(struct wpa_driver_nl80211_data *drv,
6499 struct wpa_signal_info *sig)
6500 {
6501 struct nl_msg *msg;
6502
6503 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_GET_INTERFACE);
6504 return send_and_recv_msgs(drv, msg, get_channel_width, sig);
6505 }
6506
6507
nl80211_signal_poll(void * priv,struct wpa_signal_info * si)6508 static int nl80211_signal_poll(void *priv, struct wpa_signal_info *si)
6509 {
6510 struct i802_bss *bss = priv;
6511 struct wpa_driver_nl80211_data *drv = bss->drv;
6512 int res;
6513
6514 os_memset(si, 0, sizeof(*si));
6515 res = nl80211_get_link_signal(drv, si);
6516 if (res != 0)
6517 return res;
6518
6519 res = nl80211_get_channel_width(drv, si);
6520 if (res != 0)
6521 return res;
6522
6523 return nl80211_get_link_noise(drv, si);
6524 }
6525
6526
nl80211_send_frame(void * priv,const u8 * data,size_t data_len,int encrypt)6527 static int nl80211_send_frame(void *priv, const u8 *data, size_t data_len,
6528 int encrypt)
6529 {
6530 struct i802_bss *bss = priv;
6531 return wpa_driver_nl80211_send_frame(bss, data, data_len, encrypt, 0,
6532 0, 0, 0, 0);
6533 }
6534
6535
nl80211_set_param(void * priv,const char * param)6536 static int nl80211_set_param(void *priv, const char *param)
6537 {
6538 wpa_printf(MSG_DEBUG, "nl80211: driver param='%s'", param);
6539 if (param == NULL)
6540 return 0;
6541
6542 #ifdef CONFIG_P2P
6543 if (os_strstr(param, "use_p2p_group_interface=1")) {
6544 struct i802_bss *bss = priv;
6545 struct wpa_driver_nl80211_data *drv = bss->drv;
6546
6547 wpa_printf(MSG_DEBUG, "nl80211: Use separate P2P group "
6548 "interface");
6549 drv->capa.flags |= WPA_DRIVER_FLAGS_P2P_CONCURRENT;
6550 drv->capa.flags |= WPA_DRIVER_FLAGS_P2P_MGMT_AND_NON_P2P;
6551 }
6552 #endif /* CONFIG_P2P */
6553
6554 if (os_strstr(param, "use_monitor=1")) {
6555 struct i802_bss *bss = priv;
6556 struct wpa_driver_nl80211_data *drv = bss->drv;
6557 drv->use_monitor = 1;
6558 }
6559
6560 if (os_strstr(param, "force_connect_cmd=1")) {
6561 struct i802_bss *bss = priv;
6562 struct wpa_driver_nl80211_data *drv = bss->drv;
6563 drv->capa.flags &= ~WPA_DRIVER_FLAGS_SME;
6564 drv->force_connect_cmd = 1;
6565 }
6566
6567 if (os_strstr(param, "no_offchannel_tx=1")) {
6568 struct i802_bss *bss = priv;
6569 struct wpa_driver_nl80211_data *drv = bss->drv;
6570 drv->capa.flags &= ~WPA_DRIVER_FLAGS_OFFCHANNEL_TX;
6571 drv->test_use_roc_tx = 1;
6572 }
6573
6574 return 0;
6575 }
6576
6577
nl80211_global_init(void)6578 static void * nl80211_global_init(void)
6579 {
6580 struct nl80211_global *global;
6581 struct netlink_config *cfg;
6582
6583 global = os_zalloc(sizeof(*global));
6584 if (global == NULL)
6585 return NULL;
6586 global->ioctl_sock = -1;
6587 dl_list_init(&global->interfaces);
6588 global->if_add_ifindex = -1;
6589
6590 cfg = os_zalloc(sizeof(*cfg));
6591 if (cfg == NULL)
6592 goto err;
6593
6594 cfg->ctx = global;
6595 cfg->newlink_cb = wpa_driver_nl80211_event_rtm_newlink;
6596 cfg->dellink_cb = wpa_driver_nl80211_event_rtm_dellink;
6597 global->netlink = netlink_init(cfg);
6598 if (global->netlink == NULL) {
6599 os_free(cfg);
6600 goto err;
6601 }
6602
6603 if (wpa_driver_nl80211_init_nl_global(global) < 0)
6604 goto err;
6605
6606 global->ioctl_sock = socket(PF_INET, SOCK_DGRAM, 0);
6607 if (global->ioctl_sock < 0) {
6608 wpa_printf(MSG_ERROR, "nl80211: socket(PF_INET,SOCK_DGRAM) failed: %s",
6609 strerror(errno));
6610 goto err;
6611 }
6612
6613 return global;
6614
6615 err:
6616 nl80211_global_deinit(global);
6617 return NULL;
6618 }
6619
6620
nl80211_global_deinit(void * priv)6621 static void nl80211_global_deinit(void *priv)
6622 {
6623 struct nl80211_global *global = priv;
6624 if (global == NULL)
6625 return;
6626 if (!dl_list_empty(&global->interfaces)) {
6627 wpa_printf(MSG_ERROR, "nl80211: %u interface(s) remain at "
6628 "nl80211_global_deinit",
6629 dl_list_len(&global->interfaces));
6630 }
6631
6632 if (global->netlink)
6633 netlink_deinit(global->netlink);
6634
6635 nl_destroy_handles(&global->nl);
6636
6637 if (global->nl_event)
6638 nl80211_destroy_eloop_handle(&global->nl_event);
6639
6640 nl_cb_put(global->nl_cb);
6641
6642 if (global->ioctl_sock >= 0)
6643 close(global->ioctl_sock);
6644
6645 os_free(global);
6646 }
6647
6648
nl80211_get_radio_name(void * priv)6649 static const char * nl80211_get_radio_name(void *priv)
6650 {
6651 struct i802_bss *bss = priv;
6652 struct wpa_driver_nl80211_data *drv = bss->drv;
6653 return drv->phyname;
6654 }
6655
6656
nl80211_pmkid(struct i802_bss * bss,int cmd,const u8 * bssid,const u8 * pmkid)6657 static int nl80211_pmkid(struct i802_bss *bss, int cmd, const u8 *bssid,
6658 const u8 *pmkid)
6659 {
6660 struct nl_msg *msg;
6661
6662 if (!(msg = nl80211_bss_msg(bss, 0, cmd)) ||
6663 (pmkid && nla_put(msg, NL80211_ATTR_PMKID, 16, pmkid)) ||
6664 (bssid && nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid))) {
6665 nlmsg_free(msg);
6666 return -ENOBUFS;
6667 }
6668
6669 return send_and_recv_msgs(bss->drv, msg, NULL, NULL);
6670 }
6671
6672
nl80211_add_pmkid(void * priv,const u8 * bssid,const u8 * pmkid)6673 static int nl80211_add_pmkid(void *priv, const u8 *bssid, const u8 *pmkid)
6674 {
6675 struct i802_bss *bss = priv;
6676 wpa_printf(MSG_DEBUG, "nl80211: Add PMKID for " MACSTR, MAC2STR(bssid));
6677 return nl80211_pmkid(bss, NL80211_CMD_SET_PMKSA, bssid, pmkid);
6678 }
6679
6680
nl80211_remove_pmkid(void * priv,const u8 * bssid,const u8 * pmkid)6681 static int nl80211_remove_pmkid(void *priv, const u8 *bssid, const u8 *pmkid)
6682 {
6683 struct i802_bss *bss = priv;
6684 wpa_printf(MSG_DEBUG, "nl80211: Delete PMKID for " MACSTR,
6685 MAC2STR(bssid));
6686 return nl80211_pmkid(bss, NL80211_CMD_DEL_PMKSA, bssid, pmkid);
6687 }
6688
6689
nl80211_flush_pmkid(void * priv)6690 static int nl80211_flush_pmkid(void *priv)
6691 {
6692 struct i802_bss *bss = priv;
6693 wpa_printf(MSG_DEBUG, "nl80211: Flush PMKIDs");
6694 return nl80211_pmkid(bss, NL80211_CMD_FLUSH_PMKSA, NULL, NULL);
6695 }
6696
6697
clean_survey_results(struct survey_results * survey_results)6698 static void clean_survey_results(struct survey_results *survey_results)
6699 {
6700 struct freq_survey *survey, *tmp;
6701
6702 if (dl_list_empty(&survey_results->survey_list))
6703 return;
6704
6705 dl_list_for_each_safe(survey, tmp, &survey_results->survey_list,
6706 struct freq_survey, list) {
6707 dl_list_del(&survey->list);
6708 os_free(survey);
6709 }
6710 }
6711
6712
add_survey(struct nlattr ** sinfo,u32 ifidx,struct dl_list * survey_list)6713 static void add_survey(struct nlattr **sinfo, u32 ifidx,
6714 struct dl_list *survey_list)
6715 {
6716 struct freq_survey *survey;
6717
6718 survey = os_zalloc(sizeof(struct freq_survey));
6719 if (!survey)
6720 return;
6721
6722 survey->ifidx = ifidx;
6723 survey->freq = nla_get_u32(sinfo[NL80211_SURVEY_INFO_FREQUENCY]);
6724 survey->filled = 0;
6725
6726 if (sinfo[NL80211_SURVEY_INFO_NOISE]) {
6727 survey->nf = (int8_t)
6728 nla_get_u8(sinfo[NL80211_SURVEY_INFO_NOISE]);
6729 survey->filled |= SURVEY_HAS_NF;
6730 }
6731
6732 if (sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME]) {
6733 survey->channel_time =
6734 nla_get_u64(sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME]);
6735 survey->filled |= SURVEY_HAS_CHAN_TIME;
6736 }
6737
6738 if (sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_BUSY]) {
6739 survey->channel_time_busy =
6740 nla_get_u64(sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_BUSY]);
6741 survey->filled |= SURVEY_HAS_CHAN_TIME_BUSY;
6742 }
6743
6744 if (sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_RX]) {
6745 survey->channel_time_rx =
6746 nla_get_u64(sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_RX]);
6747 survey->filled |= SURVEY_HAS_CHAN_TIME_RX;
6748 }
6749
6750 if (sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_TX]) {
6751 survey->channel_time_tx =
6752 nla_get_u64(sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_TX]);
6753 survey->filled |= SURVEY_HAS_CHAN_TIME_TX;
6754 }
6755
6756 wpa_printf(MSG_DEBUG, "nl80211: Freq survey dump event (freq=%d MHz noise=%d channel_time=%ld busy_time=%ld tx_time=%ld rx_time=%ld filled=%04x)",
6757 survey->freq,
6758 survey->nf,
6759 (unsigned long int) survey->channel_time,
6760 (unsigned long int) survey->channel_time_busy,
6761 (unsigned long int) survey->channel_time_tx,
6762 (unsigned long int) survey->channel_time_rx,
6763 survey->filled);
6764
6765 dl_list_add_tail(survey_list, &survey->list);
6766 }
6767
6768
check_survey_ok(struct nlattr ** sinfo,u32 surveyed_freq,unsigned int freq_filter)6769 static int check_survey_ok(struct nlattr **sinfo, u32 surveyed_freq,
6770 unsigned int freq_filter)
6771 {
6772 if (!freq_filter)
6773 return 1;
6774
6775 return freq_filter == surveyed_freq;
6776 }
6777
6778
survey_handler(struct nl_msg * msg,void * arg)6779 static int survey_handler(struct nl_msg *msg, void *arg)
6780 {
6781 struct nlattr *tb[NL80211_ATTR_MAX + 1];
6782 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
6783 struct nlattr *sinfo[NL80211_SURVEY_INFO_MAX + 1];
6784 struct survey_results *survey_results;
6785 u32 surveyed_freq = 0;
6786 u32 ifidx;
6787
6788 static struct nla_policy survey_policy[NL80211_SURVEY_INFO_MAX + 1] = {
6789 [NL80211_SURVEY_INFO_FREQUENCY] = { .type = NLA_U32 },
6790 [NL80211_SURVEY_INFO_NOISE] = { .type = NLA_U8 },
6791 };
6792
6793 survey_results = (struct survey_results *) arg;
6794
6795 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
6796 genlmsg_attrlen(gnlh, 0), NULL);
6797
6798 if (!tb[NL80211_ATTR_IFINDEX])
6799 return NL_SKIP;
6800
6801 ifidx = nla_get_u32(tb[NL80211_ATTR_IFINDEX]);
6802
6803 if (!tb[NL80211_ATTR_SURVEY_INFO])
6804 return NL_SKIP;
6805
6806 if (nla_parse_nested(sinfo, NL80211_SURVEY_INFO_MAX,
6807 tb[NL80211_ATTR_SURVEY_INFO],
6808 survey_policy))
6809 return NL_SKIP;
6810
6811 if (!sinfo[NL80211_SURVEY_INFO_FREQUENCY]) {
6812 wpa_printf(MSG_ERROR, "nl80211: Invalid survey data");
6813 return NL_SKIP;
6814 }
6815
6816 surveyed_freq = nla_get_u32(sinfo[NL80211_SURVEY_INFO_FREQUENCY]);
6817
6818 if (!check_survey_ok(sinfo, surveyed_freq,
6819 survey_results->freq_filter))
6820 return NL_SKIP;
6821
6822 if (survey_results->freq_filter &&
6823 survey_results->freq_filter != surveyed_freq) {
6824 wpa_printf(MSG_EXCESSIVE, "nl80211: Ignoring survey data for freq %d MHz",
6825 surveyed_freq);
6826 return NL_SKIP;
6827 }
6828
6829 add_survey(sinfo, ifidx, &survey_results->survey_list);
6830
6831 return NL_SKIP;
6832 }
6833
6834
wpa_driver_nl80211_get_survey(void * priv,unsigned int freq)6835 static int wpa_driver_nl80211_get_survey(void *priv, unsigned int freq)
6836 {
6837 struct i802_bss *bss = priv;
6838 struct wpa_driver_nl80211_data *drv = bss->drv;
6839 struct nl_msg *msg;
6840 int err;
6841 union wpa_event_data data;
6842 struct survey_results *survey_results;
6843
6844 os_memset(&data, 0, sizeof(data));
6845 survey_results = &data.survey_results;
6846
6847 dl_list_init(&survey_results->survey_list);
6848
6849 msg = nl80211_drv_msg(drv, NLM_F_DUMP, NL80211_CMD_GET_SURVEY);
6850 if (!msg)
6851 return -ENOBUFS;
6852
6853 if (freq)
6854 data.survey_results.freq_filter = freq;
6855
6856 do {
6857 wpa_printf(MSG_DEBUG, "nl80211: Fetch survey data");
6858 err = send_and_recv_msgs(drv, msg, survey_handler,
6859 survey_results);
6860 } while (err > 0);
6861
6862 if (err)
6863 wpa_printf(MSG_ERROR, "nl80211: Failed to process survey data");
6864 else
6865 wpa_supplicant_event(drv->ctx, EVENT_SURVEY, &data);
6866
6867 clean_survey_results(survey_results);
6868 return err;
6869 }
6870
6871
nl80211_set_rekey_info(void * priv,const u8 * kek,size_t kek_len,const u8 * kck,size_t kck_len,const u8 * replay_ctr)6872 static void nl80211_set_rekey_info(void *priv, const u8 *kek, size_t kek_len,
6873 const u8 *kck, size_t kck_len,
6874 const u8 *replay_ctr)
6875 {
6876 struct i802_bss *bss = priv;
6877 struct wpa_driver_nl80211_data *drv = bss->drv;
6878 struct nlattr *replay_nested;
6879 struct nl_msg *msg;
6880 int ret;
6881
6882 if (!drv->set_rekey_offload)
6883 return;
6884
6885 wpa_printf(MSG_DEBUG, "nl80211: Set rekey offload");
6886 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_REKEY_OFFLOAD)) ||
6887 !(replay_nested = nla_nest_start(msg, NL80211_ATTR_REKEY_DATA)) ||
6888 nla_put(msg, NL80211_REKEY_DATA_KEK, kek_len, kek) ||
6889 nla_put(msg, NL80211_REKEY_DATA_KCK, kck_len, kck) ||
6890 nla_put(msg, NL80211_REKEY_DATA_REPLAY_CTR, NL80211_REPLAY_CTR_LEN,
6891 replay_ctr)) {
6892 nl80211_nlmsg_clear(msg);
6893 nlmsg_free(msg);
6894 return;
6895 }
6896
6897 nla_nest_end(msg, replay_nested);
6898
6899 ret = send_and_recv_msgs(drv, msg, NULL, (void *) -1);
6900 if (ret == -EOPNOTSUPP) {
6901 wpa_printf(MSG_DEBUG,
6902 "nl80211: Driver does not support rekey offload");
6903 drv->set_rekey_offload = 0;
6904 }
6905 }
6906
6907
nl80211_send_null_frame(struct i802_bss * bss,const u8 * own_addr,const u8 * addr,int qos)6908 static void nl80211_send_null_frame(struct i802_bss *bss, const u8 *own_addr,
6909 const u8 *addr, int qos)
6910 {
6911 /* send data frame to poll STA and check whether
6912 * this frame is ACKed */
6913 struct {
6914 struct ieee80211_hdr hdr;
6915 u16 qos_ctl;
6916 } STRUCT_PACKED nulldata;
6917 size_t size;
6918
6919 /* Send data frame to poll STA and check whether this frame is ACKed */
6920
6921 os_memset(&nulldata, 0, sizeof(nulldata));
6922
6923 if (qos) {
6924 nulldata.hdr.frame_control =
6925 IEEE80211_FC(WLAN_FC_TYPE_DATA,
6926 WLAN_FC_STYPE_QOS_NULL);
6927 size = sizeof(nulldata);
6928 } else {
6929 nulldata.hdr.frame_control =
6930 IEEE80211_FC(WLAN_FC_TYPE_DATA,
6931 WLAN_FC_STYPE_NULLFUNC);
6932 size = sizeof(struct ieee80211_hdr);
6933 }
6934
6935 nulldata.hdr.frame_control |= host_to_le16(WLAN_FC_FROMDS);
6936 os_memcpy(nulldata.hdr.IEEE80211_DA_FROMDS, addr, ETH_ALEN);
6937 os_memcpy(nulldata.hdr.IEEE80211_BSSID_FROMDS, own_addr, ETH_ALEN);
6938 os_memcpy(nulldata.hdr.IEEE80211_SA_FROMDS, own_addr, ETH_ALEN);
6939
6940 if (wpa_driver_nl80211_send_mlme(bss, (u8 *) &nulldata, size, 0, 0, 0,
6941 0, 0) < 0)
6942 wpa_printf(MSG_DEBUG, "nl80211_send_null_frame: Failed to "
6943 "send poll frame");
6944 }
6945
nl80211_poll_client(void * priv,const u8 * own_addr,const u8 * addr,int qos)6946 static void nl80211_poll_client(void *priv, const u8 *own_addr, const u8 *addr,
6947 int qos)
6948 {
6949 struct i802_bss *bss = priv;
6950 struct wpa_driver_nl80211_data *drv = bss->drv;
6951 struct nl_msg *msg;
6952 int ret;
6953
6954 if (!drv->poll_command_supported) {
6955 nl80211_send_null_frame(bss, own_addr, addr, qos);
6956 return;
6957 }
6958
6959 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_PROBE_CLIENT)) ||
6960 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) {
6961 nlmsg_free(msg);
6962 return;
6963 }
6964
6965 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
6966 if (ret < 0) {
6967 wpa_printf(MSG_DEBUG, "nl80211: Client probe request for "
6968 MACSTR " failed: ret=%d (%s)",
6969 MAC2STR(addr), ret, strerror(-ret));
6970 }
6971 }
6972
6973
nl80211_set_power_save(struct i802_bss * bss,int enabled)6974 static int nl80211_set_power_save(struct i802_bss *bss, int enabled)
6975 {
6976 struct nl_msg *msg;
6977
6978 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_POWER_SAVE)) ||
6979 nla_put_u32(msg, NL80211_ATTR_PS_STATE,
6980 enabled ? NL80211_PS_ENABLED : NL80211_PS_DISABLED)) {
6981 nlmsg_free(msg);
6982 return -ENOBUFS;
6983 }
6984 return send_and_recv_msgs(bss->drv, msg, NULL, NULL);
6985 }
6986
6987
nl80211_set_p2p_powersave(void * priv,int legacy_ps,int opp_ps,int ctwindow)6988 static int nl80211_set_p2p_powersave(void *priv, int legacy_ps, int opp_ps,
6989 int ctwindow)
6990 {
6991 struct i802_bss *bss = priv;
6992
6993 wpa_printf(MSG_DEBUG, "nl80211: set_p2p_powersave (legacy_ps=%d "
6994 "opp_ps=%d ctwindow=%d)", legacy_ps, opp_ps, ctwindow);
6995
6996 if (opp_ps != -1 || ctwindow != -1) {
6997 #ifdef ANDROID_P2P
6998 wpa_driver_set_p2p_ps(priv, legacy_ps, opp_ps, ctwindow);
6999 #else /* ANDROID_P2P */
7000 return -1; /* Not yet supported */
7001 #endif /* ANDROID_P2P */
7002 }
7003
7004 if (legacy_ps == -1)
7005 return 0;
7006 if (legacy_ps != 0 && legacy_ps != 1)
7007 return -1; /* Not yet supported */
7008
7009 return nl80211_set_power_save(bss, legacy_ps);
7010 }
7011
7012
nl80211_start_radar_detection(void * priv,struct hostapd_freq_params * freq)7013 static int nl80211_start_radar_detection(void *priv,
7014 struct hostapd_freq_params *freq)
7015 {
7016 struct i802_bss *bss = priv;
7017 struct wpa_driver_nl80211_data *drv = bss->drv;
7018 struct nl_msg *msg;
7019 int ret;
7020
7021 wpa_printf(MSG_DEBUG, "nl80211: Start radar detection (CAC) %d MHz (ht_enabled=%d, vht_enabled=%d, bandwidth=%d MHz, cf1=%d MHz, cf2=%d MHz)",
7022 freq->freq, freq->ht_enabled, freq->vht_enabled,
7023 freq->bandwidth, freq->center_freq1, freq->center_freq2);
7024
7025 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_RADAR)) {
7026 wpa_printf(MSG_DEBUG, "nl80211: Driver does not support radar "
7027 "detection");
7028 return -1;
7029 }
7030
7031 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_RADAR_DETECT)) ||
7032 nl80211_put_freq_params(msg, freq) < 0) {
7033 nlmsg_free(msg);
7034 return -1;
7035 }
7036
7037 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
7038 if (ret == 0)
7039 return 0;
7040 wpa_printf(MSG_DEBUG, "nl80211: Failed to start radar detection: "
7041 "%d (%s)", ret, strerror(-ret));
7042 return -1;
7043 }
7044
7045 #ifdef CONFIG_TDLS
7046
nl80211_send_tdls_mgmt(void * priv,const u8 * dst,u8 action_code,u8 dialog_token,u16 status_code,u32 peer_capab,int initiator,const u8 * buf,size_t len)7047 static int nl80211_send_tdls_mgmt(void *priv, const u8 *dst, u8 action_code,
7048 u8 dialog_token, u16 status_code,
7049 u32 peer_capab, int initiator, const u8 *buf,
7050 size_t len)
7051 {
7052 struct i802_bss *bss = priv;
7053 struct wpa_driver_nl80211_data *drv = bss->drv;
7054 struct nl_msg *msg;
7055
7056 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT))
7057 return -EOPNOTSUPP;
7058
7059 if (!dst)
7060 return -EINVAL;
7061
7062 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_TDLS_MGMT)) ||
7063 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, dst) ||
7064 nla_put_u8(msg, NL80211_ATTR_TDLS_ACTION, action_code) ||
7065 nla_put_u8(msg, NL80211_ATTR_TDLS_DIALOG_TOKEN, dialog_token) ||
7066 nla_put_u16(msg, NL80211_ATTR_STATUS_CODE, status_code))
7067 goto fail;
7068 if (peer_capab) {
7069 /*
7070 * The internal enum tdls_peer_capability definition is
7071 * currently identical with the nl80211 enum
7072 * nl80211_tdls_peer_capability, so no conversion is needed
7073 * here.
7074 */
7075 if (nla_put_u32(msg, NL80211_ATTR_TDLS_PEER_CAPABILITY,
7076 peer_capab))
7077 goto fail;
7078 }
7079 if ((initiator &&
7080 nla_put_flag(msg, NL80211_ATTR_TDLS_INITIATOR)) ||
7081 nla_put(msg, NL80211_ATTR_IE, len, buf))
7082 goto fail;
7083
7084 return send_and_recv_msgs(drv, msg, NULL, NULL);
7085
7086 fail:
7087 nlmsg_free(msg);
7088 return -ENOBUFS;
7089 }
7090
7091
nl80211_tdls_oper(void * priv,enum tdls_oper oper,const u8 * peer)7092 static int nl80211_tdls_oper(void *priv, enum tdls_oper oper, const u8 *peer)
7093 {
7094 struct i802_bss *bss = priv;
7095 struct wpa_driver_nl80211_data *drv = bss->drv;
7096 struct nl_msg *msg;
7097 enum nl80211_tdls_operation nl80211_oper;
7098
7099 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT))
7100 return -EOPNOTSUPP;
7101
7102 switch (oper) {
7103 case TDLS_DISCOVERY_REQ:
7104 nl80211_oper = NL80211_TDLS_DISCOVERY_REQ;
7105 break;
7106 case TDLS_SETUP:
7107 nl80211_oper = NL80211_TDLS_SETUP;
7108 break;
7109 case TDLS_TEARDOWN:
7110 nl80211_oper = NL80211_TDLS_TEARDOWN;
7111 break;
7112 case TDLS_ENABLE_LINK:
7113 nl80211_oper = NL80211_TDLS_ENABLE_LINK;
7114 break;
7115 case TDLS_DISABLE_LINK:
7116 nl80211_oper = NL80211_TDLS_DISABLE_LINK;
7117 break;
7118 case TDLS_ENABLE:
7119 return 0;
7120 case TDLS_DISABLE:
7121 return 0;
7122 default:
7123 return -EINVAL;
7124 }
7125
7126 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_TDLS_OPER)) ||
7127 nla_put_u8(msg, NL80211_ATTR_TDLS_OPERATION, nl80211_oper) ||
7128 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, peer)) {
7129 nlmsg_free(msg);
7130 return -ENOBUFS;
7131 }
7132
7133 return send_and_recv_msgs(drv, msg, NULL, NULL);
7134 }
7135
7136
7137 static int
nl80211_tdls_enable_channel_switch(void * priv,const u8 * addr,u8 oper_class,const struct hostapd_freq_params * params)7138 nl80211_tdls_enable_channel_switch(void *priv, const u8 *addr, u8 oper_class,
7139 const struct hostapd_freq_params *params)
7140 {
7141 struct i802_bss *bss = priv;
7142 struct wpa_driver_nl80211_data *drv = bss->drv;
7143 struct nl_msg *msg;
7144 int ret = -ENOBUFS;
7145
7146 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT) ||
7147 !(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_CHANNEL_SWITCH))
7148 return -EOPNOTSUPP;
7149
7150 wpa_printf(MSG_DEBUG, "nl80211: Enable TDLS channel switch " MACSTR
7151 " oper_class=%u freq=%u",
7152 MAC2STR(addr), oper_class, params->freq);
7153 msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_TDLS_CHANNEL_SWITCH);
7154 if (!msg ||
7155 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr) ||
7156 nla_put_u8(msg, NL80211_ATTR_OPER_CLASS, oper_class) ||
7157 (ret = nl80211_put_freq_params(msg, params))) {
7158 nlmsg_free(msg);
7159 wpa_printf(MSG_DEBUG, "nl80211: Could not build TDLS chan switch");
7160 return ret;
7161 }
7162
7163 return send_and_recv_msgs(drv, msg, NULL, NULL);
7164 }
7165
7166
7167 static int
nl80211_tdls_disable_channel_switch(void * priv,const u8 * addr)7168 nl80211_tdls_disable_channel_switch(void *priv, const u8 *addr)
7169 {
7170 struct i802_bss *bss = priv;
7171 struct wpa_driver_nl80211_data *drv = bss->drv;
7172 struct nl_msg *msg;
7173
7174 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT) ||
7175 !(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_CHANNEL_SWITCH))
7176 return -EOPNOTSUPP;
7177
7178 wpa_printf(MSG_DEBUG, "nl80211: Disable TDLS channel switch " MACSTR,
7179 MAC2STR(addr));
7180 msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_TDLS_CANCEL_CHANNEL_SWITCH);
7181 if (!msg ||
7182 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) {
7183 nlmsg_free(msg);
7184 wpa_printf(MSG_DEBUG,
7185 "nl80211: Could not build TDLS cancel chan switch");
7186 return -ENOBUFS;
7187 }
7188
7189 return send_and_recv_msgs(drv, msg, NULL, NULL);
7190 }
7191
7192 #endif /* CONFIG TDLS */
7193
7194
driver_nl80211_set_key(const char * ifname,void * priv,enum wpa_alg alg,const u8 * addr,int key_idx,int set_tx,const u8 * seq,size_t seq_len,const u8 * key,size_t key_len)7195 static int driver_nl80211_set_key(const char *ifname, void *priv,
7196 enum wpa_alg alg, const u8 *addr,
7197 int key_idx, int set_tx,
7198 const u8 *seq, size_t seq_len,
7199 const u8 *key, size_t key_len)
7200 {
7201 struct i802_bss *bss = priv;
7202 return wpa_driver_nl80211_set_key(ifname, bss, alg, addr, key_idx,
7203 set_tx, seq, seq_len, key, key_len);
7204 }
7205
7206
driver_nl80211_scan2(void * priv,struct wpa_driver_scan_params * params)7207 static int driver_nl80211_scan2(void *priv,
7208 struct wpa_driver_scan_params *params)
7209 {
7210 struct i802_bss *bss = priv;
7211 return wpa_driver_nl80211_scan(bss, params);
7212 }
7213
7214
driver_nl80211_deauthenticate(void * priv,const u8 * addr,int reason_code)7215 static int driver_nl80211_deauthenticate(void *priv, const u8 *addr,
7216 int reason_code)
7217 {
7218 struct i802_bss *bss = priv;
7219 return wpa_driver_nl80211_deauthenticate(bss, addr, reason_code);
7220 }
7221
7222
driver_nl80211_authenticate(void * priv,struct wpa_driver_auth_params * params)7223 static int driver_nl80211_authenticate(void *priv,
7224 struct wpa_driver_auth_params *params)
7225 {
7226 struct i802_bss *bss = priv;
7227 return wpa_driver_nl80211_authenticate(bss, params);
7228 }
7229
7230
driver_nl80211_deinit(void * priv)7231 static void driver_nl80211_deinit(void *priv)
7232 {
7233 struct i802_bss *bss = priv;
7234 wpa_driver_nl80211_deinit(bss);
7235 }
7236
7237
driver_nl80211_if_remove(void * priv,enum wpa_driver_if_type type,const char * ifname)7238 static int driver_nl80211_if_remove(void *priv, enum wpa_driver_if_type type,
7239 const char *ifname)
7240 {
7241 struct i802_bss *bss = priv;
7242 return wpa_driver_nl80211_if_remove(bss, type, ifname);
7243 }
7244
7245
driver_nl80211_send_mlme(void * priv,const u8 * data,size_t data_len,int noack,unsigned int freq)7246 static int driver_nl80211_send_mlme(void *priv, const u8 *data,
7247 size_t data_len, int noack,
7248 unsigned int freq)
7249 {
7250 struct i802_bss *bss = priv;
7251 return wpa_driver_nl80211_send_mlme(bss, data, data_len, noack,
7252 freq, 0, 0, 0);
7253 }
7254
7255
driver_nl80211_sta_remove(void * priv,const u8 * addr)7256 static int driver_nl80211_sta_remove(void *priv, const u8 *addr)
7257 {
7258 struct i802_bss *bss = priv;
7259 return wpa_driver_nl80211_sta_remove(bss, addr, -1, 0);
7260 }
7261
7262
driver_nl80211_set_sta_vlan(void * priv,const u8 * addr,const char * ifname,int vlan_id)7263 static int driver_nl80211_set_sta_vlan(void *priv, const u8 *addr,
7264 const char *ifname, int vlan_id)
7265 {
7266 struct i802_bss *bss = priv;
7267 return i802_set_sta_vlan(bss, addr, ifname, vlan_id);
7268 }
7269
7270
driver_nl80211_read_sta_data(void * priv,struct hostap_sta_driver_data * data,const u8 * addr)7271 static int driver_nl80211_read_sta_data(void *priv,
7272 struct hostap_sta_driver_data *data,
7273 const u8 *addr)
7274 {
7275 struct i802_bss *bss = priv;
7276 return i802_read_sta_data(bss, data, addr);
7277 }
7278
7279
driver_nl80211_send_action(void * priv,unsigned int freq,unsigned int wait_time,const u8 * dst,const u8 * src,const u8 * bssid,const u8 * data,size_t data_len,int no_cck)7280 static int driver_nl80211_send_action(void *priv, unsigned int freq,
7281 unsigned int wait_time,
7282 const u8 *dst, const u8 *src,
7283 const u8 *bssid,
7284 const u8 *data, size_t data_len,
7285 int no_cck)
7286 {
7287 struct i802_bss *bss = priv;
7288 return wpa_driver_nl80211_send_action(bss, freq, wait_time, dst, src,
7289 bssid, data, data_len, no_cck);
7290 }
7291
7292
driver_nl80211_probe_req_report(void * priv,int report)7293 static int driver_nl80211_probe_req_report(void *priv, int report)
7294 {
7295 struct i802_bss *bss = priv;
7296 return wpa_driver_nl80211_probe_req_report(bss, report);
7297 }
7298
7299
wpa_driver_nl80211_update_ft_ies(void * priv,const u8 * md,const u8 * ies,size_t ies_len)7300 static int wpa_driver_nl80211_update_ft_ies(void *priv, const u8 *md,
7301 const u8 *ies, size_t ies_len)
7302 {
7303 int ret;
7304 struct nl_msg *msg;
7305 struct i802_bss *bss = priv;
7306 struct wpa_driver_nl80211_data *drv = bss->drv;
7307 u16 mdid = WPA_GET_LE16(md);
7308
7309 wpa_printf(MSG_DEBUG, "nl80211: Updating FT IEs");
7310 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_UPDATE_FT_IES)) ||
7311 nla_put(msg, NL80211_ATTR_IE, ies_len, ies) ||
7312 nla_put_u16(msg, NL80211_ATTR_MDID, mdid)) {
7313 nlmsg_free(msg);
7314 return -ENOBUFS;
7315 }
7316
7317 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
7318 if (ret) {
7319 wpa_printf(MSG_DEBUG, "nl80211: update_ft_ies failed "
7320 "err=%d (%s)", ret, strerror(-ret));
7321 }
7322
7323 return ret;
7324 }
7325
7326
wpa_driver_nl80211_get_macaddr(void * priv)7327 const u8 * wpa_driver_nl80211_get_macaddr(void *priv)
7328 {
7329 struct i802_bss *bss = priv;
7330 struct wpa_driver_nl80211_data *drv = bss->drv;
7331
7332 if (drv->nlmode != NL80211_IFTYPE_P2P_DEVICE)
7333 return NULL;
7334
7335 return bss->addr;
7336 }
7337
7338
scan_state_str(enum scan_states scan_state)7339 static const char * scan_state_str(enum scan_states scan_state)
7340 {
7341 switch (scan_state) {
7342 case NO_SCAN:
7343 return "NO_SCAN";
7344 case SCAN_REQUESTED:
7345 return "SCAN_REQUESTED";
7346 case SCAN_STARTED:
7347 return "SCAN_STARTED";
7348 case SCAN_COMPLETED:
7349 return "SCAN_COMPLETED";
7350 case SCAN_ABORTED:
7351 return "SCAN_ABORTED";
7352 case SCHED_SCAN_STARTED:
7353 return "SCHED_SCAN_STARTED";
7354 case SCHED_SCAN_STOPPED:
7355 return "SCHED_SCAN_STOPPED";
7356 case SCHED_SCAN_RESULTS:
7357 return "SCHED_SCAN_RESULTS";
7358 }
7359
7360 return "??";
7361 }
7362
7363
wpa_driver_nl80211_status(void * priv,char * buf,size_t buflen)7364 static int wpa_driver_nl80211_status(void *priv, char *buf, size_t buflen)
7365 {
7366 struct i802_bss *bss = priv;
7367 struct wpa_driver_nl80211_data *drv = bss->drv;
7368 int res;
7369 char *pos, *end;
7370
7371 pos = buf;
7372 end = buf + buflen;
7373
7374 res = os_snprintf(pos, end - pos,
7375 "ifindex=%d\n"
7376 "ifname=%s\n"
7377 "brname=%s\n"
7378 "addr=" MACSTR "\n"
7379 "freq=%d\n"
7380 "%s%s%s%s%s",
7381 bss->ifindex,
7382 bss->ifname,
7383 bss->brname,
7384 MAC2STR(bss->addr),
7385 bss->freq,
7386 bss->beacon_set ? "beacon_set=1\n" : "",
7387 bss->added_if_into_bridge ?
7388 "added_if_into_bridge=1\n" : "",
7389 bss->added_bridge ? "added_bridge=1\n" : "",
7390 bss->in_deinit ? "in_deinit=1\n" : "",
7391 bss->if_dynamic ? "if_dynamic=1\n" : "");
7392 if (os_snprintf_error(end - pos, res))
7393 return pos - buf;
7394 pos += res;
7395
7396 if (bss->wdev_id_set) {
7397 res = os_snprintf(pos, end - pos, "wdev_id=%llu\n",
7398 (unsigned long long) bss->wdev_id);
7399 if (os_snprintf_error(end - pos, res))
7400 return pos - buf;
7401 pos += res;
7402 }
7403
7404 res = os_snprintf(pos, end - pos,
7405 "phyname=%s\n"
7406 "perm_addr=" MACSTR "\n"
7407 "drv_ifindex=%d\n"
7408 "operstate=%d\n"
7409 "scan_state=%s\n"
7410 "auth_bssid=" MACSTR "\n"
7411 "auth_attempt_bssid=" MACSTR "\n"
7412 "bssid=" MACSTR "\n"
7413 "prev_bssid=" MACSTR "\n"
7414 "associated=%d\n"
7415 "assoc_freq=%u\n"
7416 "monitor_sock=%d\n"
7417 "monitor_ifidx=%d\n"
7418 "monitor_refcount=%d\n"
7419 "last_mgmt_freq=%u\n"
7420 "eapol_tx_sock=%d\n"
7421 "%s%s%s%s%s%s%s%s%s%s%s%s%s",
7422 drv->phyname,
7423 MAC2STR(drv->perm_addr),
7424 drv->ifindex,
7425 drv->operstate,
7426 scan_state_str(drv->scan_state),
7427 MAC2STR(drv->auth_bssid),
7428 MAC2STR(drv->auth_attempt_bssid),
7429 MAC2STR(drv->bssid),
7430 MAC2STR(drv->prev_bssid),
7431 drv->associated,
7432 drv->assoc_freq,
7433 drv->monitor_sock,
7434 drv->monitor_ifidx,
7435 drv->monitor_refcount,
7436 drv->last_mgmt_freq,
7437 drv->eapol_tx_sock,
7438 drv->ignore_if_down_event ?
7439 "ignore_if_down_event=1\n" : "",
7440 drv->scan_complete_events ?
7441 "scan_complete_events=1\n" : "",
7442 drv->disabled_11b_rates ?
7443 "disabled_11b_rates=1\n" : "",
7444 drv->pending_remain_on_chan ?
7445 "pending_remain_on_chan=1\n" : "",
7446 drv->in_interface_list ? "in_interface_list=1\n" : "",
7447 drv->device_ap_sme ? "device_ap_sme=1\n" : "",
7448 drv->poll_command_supported ?
7449 "poll_command_supported=1\n" : "",
7450 drv->data_tx_status ? "data_tx_status=1\n" : "",
7451 drv->scan_for_auth ? "scan_for_auth=1\n" : "",
7452 drv->retry_auth ? "retry_auth=1\n" : "",
7453 drv->use_monitor ? "use_monitor=1\n" : "",
7454 drv->ignore_next_local_disconnect ?
7455 "ignore_next_local_disconnect=1\n" : "",
7456 drv->ignore_next_local_deauth ?
7457 "ignore_next_local_deauth=1\n" : "");
7458 if (os_snprintf_error(end - pos, res))
7459 return pos - buf;
7460 pos += res;
7461
7462 if (drv->has_capability) {
7463 res = os_snprintf(pos, end - pos,
7464 "capa.key_mgmt=0x%x\n"
7465 "capa.enc=0x%x\n"
7466 "capa.auth=0x%x\n"
7467 "capa.flags=0x%llx\n"
7468 "capa.rrm_flags=0x%x\n"
7469 "capa.max_scan_ssids=%d\n"
7470 "capa.max_sched_scan_ssids=%d\n"
7471 "capa.sched_scan_supported=%d\n"
7472 "capa.max_match_sets=%d\n"
7473 "capa.max_remain_on_chan=%u\n"
7474 "capa.max_stations=%u\n"
7475 "capa.probe_resp_offloads=0x%x\n"
7476 "capa.max_acl_mac_addrs=%u\n"
7477 "capa.num_multichan_concurrent=%u\n"
7478 "capa.mac_addr_rand_sched_scan_supported=%d\n"
7479 "capa.mac_addr_rand_scan_supported=%d\n",
7480 drv->capa.key_mgmt,
7481 drv->capa.enc,
7482 drv->capa.auth,
7483 (unsigned long long) drv->capa.flags,
7484 drv->capa.rrm_flags,
7485 drv->capa.max_scan_ssids,
7486 drv->capa.max_sched_scan_ssids,
7487 drv->capa.sched_scan_supported,
7488 drv->capa.max_match_sets,
7489 drv->capa.max_remain_on_chan,
7490 drv->capa.max_stations,
7491 drv->capa.probe_resp_offloads,
7492 drv->capa.max_acl_mac_addrs,
7493 drv->capa.num_multichan_concurrent,
7494 drv->capa.mac_addr_rand_sched_scan_supported,
7495 drv->capa.mac_addr_rand_scan_supported);
7496 if (os_snprintf_error(end - pos, res))
7497 return pos - buf;
7498 pos += res;
7499 }
7500
7501 return pos - buf;
7502 }
7503
7504
set_beacon_data(struct nl_msg * msg,struct beacon_data * settings)7505 static int set_beacon_data(struct nl_msg *msg, struct beacon_data *settings)
7506 {
7507 if ((settings->head &&
7508 nla_put(msg, NL80211_ATTR_BEACON_HEAD,
7509 settings->head_len, settings->head)) ||
7510 (settings->tail &&
7511 nla_put(msg, NL80211_ATTR_BEACON_TAIL,
7512 settings->tail_len, settings->tail)) ||
7513 (settings->beacon_ies &&
7514 nla_put(msg, NL80211_ATTR_IE,
7515 settings->beacon_ies_len, settings->beacon_ies)) ||
7516 (settings->proberesp_ies &&
7517 nla_put(msg, NL80211_ATTR_IE_PROBE_RESP,
7518 settings->proberesp_ies_len, settings->proberesp_ies)) ||
7519 (settings->assocresp_ies &&
7520 nla_put(msg, NL80211_ATTR_IE_ASSOC_RESP,
7521 settings->assocresp_ies_len, settings->assocresp_ies)) ||
7522 (settings->probe_resp &&
7523 nla_put(msg, NL80211_ATTR_PROBE_RESP,
7524 settings->probe_resp_len, settings->probe_resp)))
7525 return -ENOBUFS;
7526
7527 return 0;
7528 }
7529
7530
nl80211_switch_channel(void * priv,struct csa_settings * settings)7531 static int nl80211_switch_channel(void *priv, struct csa_settings *settings)
7532 {
7533 struct nl_msg *msg;
7534 struct i802_bss *bss = priv;
7535 struct wpa_driver_nl80211_data *drv = bss->drv;
7536 struct nlattr *beacon_csa;
7537 int ret = -ENOBUFS;
7538
7539 wpa_printf(MSG_DEBUG, "nl80211: Channel switch request (cs_count=%u block_tx=%u freq=%d width=%d cf1=%d cf2=%d)",
7540 settings->cs_count, settings->block_tx,
7541 settings->freq_params.freq, settings->freq_params.bandwidth,
7542 settings->freq_params.center_freq1,
7543 settings->freq_params.center_freq2);
7544
7545 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_AP_CSA)) {
7546 wpa_printf(MSG_DEBUG, "nl80211: Driver does not support channel switch command");
7547 return -EOPNOTSUPP;
7548 }
7549
7550 if ((drv->nlmode != NL80211_IFTYPE_AP) &&
7551 (drv->nlmode != NL80211_IFTYPE_P2P_GO))
7552 return -EOPNOTSUPP;
7553
7554 /* check settings validity */
7555 if (!settings->beacon_csa.tail ||
7556 ((settings->beacon_csa.tail_len <=
7557 settings->counter_offset_beacon) ||
7558 (settings->beacon_csa.tail[settings->counter_offset_beacon] !=
7559 settings->cs_count)))
7560 return -EINVAL;
7561
7562 if (settings->beacon_csa.probe_resp &&
7563 ((settings->beacon_csa.probe_resp_len <=
7564 settings->counter_offset_presp) ||
7565 (settings->beacon_csa.probe_resp[settings->counter_offset_presp] !=
7566 settings->cs_count)))
7567 return -EINVAL;
7568
7569 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_CHANNEL_SWITCH)) ||
7570 nla_put_u32(msg, NL80211_ATTR_CH_SWITCH_COUNT,
7571 settings->cs_count) ||
7572 (ret = nl80211_put_freq_params(msg, &settings->freq_params)) ||
7573 (settings->block_tx &&
7574 nla_put_flag(msg, NL80211_ATTR_CH_SWITCH_BLOCK_TX)))
7575 goto error;
7576
7577 /* beacon_after params */
7578 ret = set_beacon_data(msg, &settings->beacon_after);
7579 if (ret)
7580 goto error;
7581
7582 /* beacon_csa params */
7583 beacon_csa = nla_nest_start(msg, NL80211_ATTR_CSA_IES);
7584 if (!beacon_csa)
7585 goto fail;
7586
7587 ret = set_beacon_data(msg, &settings->beacon_csa);
7588 if (ret)
7589 goto error;
7590
7591 if (nla_put_u16(msg, NL80211_ATTR_CSA_C_OFF_BEACON,
7592 settings->counter_offset_beacon) ||
7593 (settings->beacon_csa.probe_resp &&
7594 nla_put_u16(msg, NL80211_ATTR_CSA_C_OFF_PRESP,
7595 settings->counter_offset_presp)))
7596 goto fail;
7597
7598 nla_nest_end(msg, beacon_csa);
7599 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
7600 if (ret) {
7601 wpa_printf(MSG_DEBUG, "nl80211: switch_channel failed err=%d (%s)",
7602 ret, strerror(-ret));
7603 }
7604 return ret;
7605
7606 fail:
7607 ret = -ENOBUFS;
7608 error:
7609 nlmsg_free(msg);
7610 wpa_printf(MSG_DEBUG, "nl80211: Could not build channel switch request");
7611 return ret;
7612 }
7613
7614
nl80211_add_ts(void * priv,u8 tsid,const u8 * addr,u8 user_priority,u16 admitted_time)7615 static int nl80211_add_ts(void *priv, u8 tsid, const u8 *addr,
7616 u8 user_priority, u16 admitted_time)
7617 {
7618 struct i802_bss *bss = priv;
7619 struct wpa_driver_nl80211_data *drv = bss->drv;
7620 struct nl_msg *msg;
7621 int ret;
7622
7623 wpa_printf(MSG_DEBUG,
7624 "nl80211: add_ts request: tsid=%u admitted_time=%u up=%d",
7625 tsid, admitted_time, user_priority);
7626
7627 if (!is_sta_interface(drv->nlmode))
7628 return -ENOTSUP;
7629
7630 msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_ADD_TX_TS);
7631 if (!msg ||
7632 nla_put_u8(msg, NL80211_ATTR_TSID, tsid) ||
7633 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr) ||
7634 nla_put_u8(msg, NL80211_ATTR_USER_PRIO, user_priority) ||
7635 nla_put_u16(msg, NL80211_ATTR_ADMITTED_TIME, admitted_time)) {
7636 nlmsg_free(msg);
7637 return -ENOBUFS;
7638 }
7639
7640 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
7641 if (ret)
7642 wpa_printf(MSG_DEBUG, "nl80211: add_ts failed err=%d (%s)",
7643 ret, strerror(-ret));
7644 return ret;
7645 }
7646
7647
nl80211_del_ts(void * priv,u8 tsid,const u8 * addr)7648 static int nl80211_del_ts(void *priv, u8 tsid, const u8 *addr)
7649 {
7650 struct i802_bss *bss = priv;
7651 struct wpa_driver_nl80211_data *drv = bss->drv;
7652 struct nl_msg *msg;
7653 int ret;
7654
7655 wpa_printf(MSG_DEBUG, "nl80211: del_ts request: tsid=%u", tsid);
7656
7657 if (!is_sta_interface(drv->nlmode))
7658 return -ENOTSUP;
7659
7660 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_DEL_TX_TS)) ||
7661 nla_put_u8(msg, NL80211_ATTR_TSID, tsid) ||
7662 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) {
7663 nlmsg_free(msg);
7664 return -ENOBUFS;
7665 }
7666
7667 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
7668 if (ret)
7669 wpa_printf(MSG_DEBUG, "nl80211: del_ts failed err=%d (%s)",
7670 ret, strerror(-ret));
7671 return ret;
7672 }
7673
7674
7675 #ifdef CONFIG_TESTING_OPTIONS
cmd_reply_handler(struct nl_msg * msg,void * arg)7676 static int cmd_reply_handler(struct nl_msg *msg, void *arg)
7677 {
7678 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
7679 struct wpabuf *buf = arg;
7680
7681 if (!buf)
7682 return NL_SKIP;
7683
7684 if ((size_t) genlmsg_attrlen(gnlh, 0) > wpabuf_tailroom(buf)) {
7685 wpa_printf(MSG_INFO, "nl80211: insufficient buffer space for reply");
7686 return NL_SKIP;
7687 }
7688
7689 wpabuf_put_data(buf, genlmsg_attrdata(gnlh, 0),
7690 genlmsg_attrlen(gnlh, 0));
7691
7692 return NL_SKIP;
7693 }
7694 #endif /* CONFIG_TESTING_OPTIONS */
7695
7696
vendor_reply_handler(struct nl_msg * msg,void * arg)7697 static int vendor_reply_handler(struct nl_msg *msg, void *arg)
7698 {
7699 struct nlattr *tb[NL80211_ATTR_MAX + 1];
7700 struct nlattr *nl_vendor_reply, *nl;
7701 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
7702 struct wpabuf *buf = arg;
7703 int rem;
7704
7705 if (!buf)
7706 return NL_SKIP;
7707
7708 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
7709 genlmsg_attrlen(gnlh, 0), NULL);
7710 nl_vendor_reply = tb[NL80211_ATTR_VENDOR_DATA];
7711
7712 if (!nl_vendor_reply)
7713 return NL_SKIP;
7714
7715 if ((size_t) nla_len(nl_vendor_reply) > wpabuf_tailroom(buf)) {
7716 wpa_printf(MSG_INFO, "nl80211: Vendor command: insufficient buffer space for reply");
7717 return NL_SKIP;
7718 }
7719
7720 nla_for_each_nested(nl, nl_vendor_reply, rem) {
7721 wpabuf_put_data(buf, nla_data(nl), nla_len(nl));
7722 }
7723
7724 return NL_SKIP;
7725 }
7726
7727
nl80211_vendor_cmd(void * priv,unsigned int vendor_id,unsigned int subcmd,const u8 * data,size_t data_len,struct wpabuf * buf)7728 static int nl80211_vendor_cmd(void *priv, unsigned int vendor_id,
7729 unsigned int subcmd, const u8 *data,
7730 size_t data_len, struct wpabuf *buf)
7731 {
7732 struct i802_bss *bss = priv;
7733 struct wpa_driver_nl80211_data *drv = bss->drv;
7734 struct nl_msg *msg;
7735 int ret;
7736
7737 #ifdef CONFIG_TESTING_OPTIONS
7738 if (vendor_id == 0xffffffff) {
7739 msg = nlmsg_alloc();
7740 if (!msg)
7741 return -ENOMEM;
7742
7743 nl80211_cmd(drv, msg, 0, subcmd);
7744 if (nlmsg_append(msg, (void *) data, data_len, NLMSG_ALIGNTO) <
7745 0)
7746 goto fail;
7747 ret = send_and_recv_msgs(drv, msg, cmd_reply_handler, buf);
7748 if (ret)
7749 wpa_printf(MSG_DEBUG, "nl80211: command failed err=%d",
7750 ret);
7751 return ret;
7752 }
7753 #endif /* CONFIG_TESTING_OPTIONS */
7754
7755 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_VENDOR)) ||
7756 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, vendor_id) ||
7757 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD, subcmd) ||
7758 (data &&
7759 nla_put(msg, NL80211_ATTR_VENDOR_DATA, data_len, data)))
7760 goto fail;
7761
7762 ret = send_and_recv_msgs(drv, msg, vendor_reply_handler, buf);
7763 if (ret)
7764 wpa_printf(MSG_DEBUG, "nl80211: vendor command failed err=%d",
7765 ret);
7766 return ret;
7767
7768 fail:
7769 nlmsg_free(msg);
7770 return -ENOBUFS;
7771 }
7772
7773
nl80211_set_qos_map(void * priv,const u8 * qos_map_set,u8 qos_map_set_len)7774 static int nl80211_set_qos_map(void *priv, const u8 *qos_map_set,
7775 u8 qos_map_set_len)
7776 {
7777 struct i802_bss *bss = priv;
7778 struct wpa_driver_nl80211_data *drv = bss->drv;
7779 struct nl_msg *msg;
7780 int ret;
7781
7782 wpa_hexdump(MSG_DEBUG, "nl80211: Setting QoS Map",
7783 qos_map_set, qos_map_set_len);
7784
7785 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_SET_QOS_MAP)) ||
7786 nla_put(msg, NL80211_ATTR_QOS_MAP, qos_map_set_len, qos_map_set)) {
7787 nlmsg_free(msg);
7788 return -ENOBUFS;
7789 }
7790
7791 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
7792 if (ret)
7793 wpa_printf(MSG_DEBUG, "nl80211: Setting QoS Map failed");
7794
7795 return ret;
7796 }
7797
7798
nl80211_set_wowlan(void * priv,const struct wowlan_triggers * triggers)7799 static int nl80211_set_wowlan(void *priv,
7800 const struct wowlan_triggers *triggers)
7801 {
7802 struct i802_bss *bss = priv;
7803 struct wpa_driver_nl80211_data *drv = bss->drv;
7804 struct nl_msg *msg;
7805 struct nlattr *wowlan_triggers;
7806 int ret;
7807
7808 wpa_printf(MSG_DEBUG, "nl80211: Setting wowlan");
7809
7810 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_SET_WOWLAN)) ||
7811 !(wowlan_triggers = nla_nest_start(msg,
7812 NL80211_ATTR_WOWLAN_TRIGGERS)) ||
7813 (triggers->any &&
7814 nla_put_flag(msg, NL80211_WOWLAN_TRIG_ANY)) ||
7815 (triggers->disconnect &&
7816 nla_put_flag(msg, NL80211_WOWLAN_TRIG_DISCONNECT)) ||
7817 (triggers->magic_pkt &&
7818 nla_put_flag(msg, NL80211_WOWLAN_TRIG_MAGIC_PKT)) ||
7819 (triggers->gtk_rekey_failure &&
7820 nla_put_flag(msg, NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE)) ||
7821 (triggers->eap_identity_req &&
7822 nla_put_flag(msg, NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST)) ||
7823 (triggers->four_way_handshake &&
7824 nla_put_flag(msg, NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE)) ||
7825 (triggers->rfkill_release &&
7826 nla_put_flag(msg, NL80211_WOWLAN_TRIG_RFKILL_RELEASE))) {
7827 nlmsg_free(msg);
7828 return -ENOBUFS;
7829 }
7830
7831 nla_nest_end(msg, wowlan_triggers);
7832
7833 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
7834 if (ret)
7835 wpa_printf(MSG_DEBUG, "nl80211: Setting wowlan failed");
7836
7837 return ret;
7838 }
7839
7840
nl80211_roaming(void * priv,int allowed,const u8 * bssid)7841 static int nl80211_roaming(void *priv, int allowed, const u8 *bssid)
7842 {
7843 struct i802_bss *bss = priv;
7844 struct wpa_driver_nl80211_data *drv = bss->drv;
7845 struct nl_msg *msg;
7846 struct nlattr *params;
7847
7848 wpa_printf(MSG_DEBUG, "nl80211: Roaming policy: allowed=%d", allowed);
7849
7850 if (!drv->roaming_vendor_cmd_avail) {
7851 wpa_printf(MSG_DEBUG,
7852 "nl80211: Ignore roaming policy change since driver does not provide command for setting it");
7853 return -1;
7854 }
7855
7856 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) ||
7857 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) ||
7858 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD,
7859 QCA_NL80211_VENDOR_SUBCMD_ROAMING) ||
7860 !(params = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) ||
7861 nla_put_u32(msg, QCA_WLAN_VENDOR_ATTR_ROAMING_POLICY,
7862 allowed ? QCA_ROAMING_ALLOWED_WITHIN_ESS :
7863 QCA_ROAMING_NOT_ALLOWED) ||
7864 (bssid &&
7865 nla_put(msg, QCA_WLAN_VENDOR_ATTR_MAC_ADDR, ETH_ALEN, bssid))) {
7866 nlmsg_free(msg);
7867 return -1;
7868 }
7869 nla_nest_end(msg, params);
7870
7871 return send_and_recv_msgs(drv, msg, NULL, NULL);
7872 }
7873
7874
nl80211_set_mac_addr(void * priv,const u8 * addr)7875 static int nl80211_set_mac_addr(void *priv, const u8 *addr)
7876 {
7877 struct i802_bss *bss = priv;
7878 struct wpa_driver_nl80211_data *drv = bss->drv;
7879 int new_addr = addr != NULL;
7880
7881 if (!addr)
7882 addr = drv->perm_addr;
7883
7884 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 0) < 0)
7885 return -1;
7886
7887 if (linux_set_ifhwaddr(drv->global->ioctl_sock, bss->ifname, addr) < 0)
7888 {
7889 wpa_printf(MSG_DEBUG,
7890 "nl80211: failed to set_mac_addr for %s to " MACSTR,
7891 bss->ifname, MAC2STR(addr));
7892 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname,
7893 1) < 0) {
7894 wpa_printf(MSG_DEBUG,
7895 "nl80211: Could not restore interface UP after failed set_mac_addr");
7896 }
7897 return -1;
7898 }
7899
7900 wpa_printf(MSG_DEBUG, "nl80211: set_mac_addr for %s to " MACSTR,
7901 bss->ifname, MAC2STR(addr));
7902 drv->addr_changed = new_addr;
7903 os_memcpy(bss->addr, addr, ETH_ALEN);
7904
7905 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 1) < 0)
7906 {
7907 wpa_printf(MSG_DEBUG,
7908 "nl80211: Could not restore interface UP after set_mac_addr");
7909 }
7910
7911 return 0;
7912 }
7913
7914
7915 #ifdef CONFIG_MESH
7916
wpa_driver_nl80211_init_mesh(void * priv)7917 static int wpa_driver_nl80211_init_mesh(void *priv)
7918 {
7919 if (wpa_driver_nl80211_set_mode(priv, NL80211_IFTYPE_MESH_POINT)) {
7920 wpa_printf(MSG_INFO,
7921 "nl80211: Failed to set interface into mesh mode");
7922 return -1;
7923 }
7924 return 0;
7925 }
7926
7927
nl80211_put_mesh_id(struct nl_msg * msg,const u8 * mesh_id,size_t mesh_id_len)7928 static int nl80211_put_mesh_id(struct nl_msg *msg, const u8 *mesh_id,
7929 size_t mesh_id_len)
7930 {
7931 if (mesh_id) {
7932 wpa_hexdump_ascii(MSG_DEBUG, " * Mesh ID (SSID)",
7933 mesh_id, mesh_id_len);
7934 return nla_put(msg, NL80211_ATTR_MESH_ID, mesh_id_len, mesh_id);
7935 }
7936
7937 return 0;
7938 }
7939
7940
nl80211_join_mesh(struct i802_bss * bss,struct wpa_driver_mesh_join_params * params)7941 static int nl80211_join_mesh(struct i802_bss *bss,
7942 struct wpa_driver_mesh_join_params *params)
7943 {
7944 struct wpa_driver_nl80211_data *drv = bss->drv;
7945 struct nl_msg *msg;
7946 struct nlattr *container;
7947 int ret = -1;
7948
7949 wpa_printf(MSG_DEBUG, "nl80211: mesh join (ifindex=%d)", drv->ifindex);
7950 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_JOIN_MESH);
7951 if (!msg ||
7952 nl80211_put_freq_params(msg, ¶ms->freq) ||
7953 nl80211_put_basic_rates(msg, params->basic_rates) ||
7954 nl80211_put_mesh_id(msg, params->meshid, params->meshid_len) ||
7955 nl80211_put_beacon_int(msg, params->beacon_int))
7956 goto fail;
7957
7958 wpa_printf(MSG_DEBUG, " * flags=%08X", params->flags);
7959
7960 container = nla_nest_start(msg, NL80211_ATTR_MESH_SETUP);
7961 if (!container)
7962 goto fail;
7963
7964 if (params->ies) {
7965 wpa_hexdump(MSG_DEBUG, " * IEs", params->ies, params->ie_len);
7966 if (nla_put(msg, NL80211_MESH_SETUP_IE, params->ie_len,
7967 params->ies))
7968 goto fail;
7969 }
7970 /* WPA_DRIVER_MESH_FLAG_OPEN_AUTH is treated as default by nl80211 */
7971 if (params->flags & WPA_DRIVER_MESH_FLAG_SAE_AUTH) {
7972 if (nla_put_u8(msg, NL80211_MESH_SETUP_AUTH_PROTOCOL, 0x1) ||
7973 nla_put_flag(msg, NL80211_MESH_SETUP_USERSPACE_AUTH))
7974 goto fail;
7975 }
7976 if ((params->flags & WPA_DRIVER_MESH_FLAG_AMPE) &&
7977 nla_put_flag(msg, NL80211_MESH_SETUP_USERSPACE_AMPE))
7978 goto fail;
7979 if ((params->flags & WPA_DRIVER_MESH_FLAG_USER_MPM) &&
7980 nla_put_flag(msg, NL80211_MESH_SETUP_USERSPACE_MPM))
7981 goto fail;
7982 nla_nest_end(msg, container);
7983
7984 container = nla_nest_start(msg, NL80211_ATTR_MESH_CONFIG);
7985 if (!container)
7986 goto fail;
7987
7988 if (!(params->conf.flags & WPA_DRIVER_MESH_CONF_FLAG_AUTO_PLINKS) &&
7989 nla_put_u32(msg, NL80211_MESHCONF_AUTO_OPEN_PLINKS, 0))
7990 goto fail;
7991 if ((params->conf.flags & WPA_DRIVER_MESH_FLAG_DRIVER_MPM) &&
7992 nla_put_u16(msg, NL80211_MESHCONF_MAX_PEER_LINKS,
7993 params->max_peer_links))
7994 goto fail;
7995
7996 /*
7997 * Set NL80211_MESHCONF_PLINK_TIMEOUT even if user mpm is used because
7998 * the timer could disconnect stations even in that case.
7999 */
8000 if (nla_put_u32(msg, NL80211_MESHCONF_PLINK_TIMEOUT,
8001 params->conf.peer_link_timeout)) {
8002 wpa_printf(MSG_ERROR, "nl80211: Failed to set PLINK_TIMEOUT");
8003 goto fail;
8004 }
8005
8006 nla_nest_end(msg, container);
8007
8008 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
8009 msg = NULL;
8010 if (ret) {
8011 wpa_printf(MSG_DEBUG, "nl80211: mesh join failed: ret=%d (%s)",
8012 ret, strerror(-ret));
8013 goto fail;
8014 }
8015 ret = 0;
8016 bss->freq = params->freq.freq;
8017 wpa_printf(MSG_DEBUG, "nl80211: mesh join request send successfully");
8018
8019 fail:
8020 nlmsg_free(msg);
8021 return ret;
8022 }
8023
8024
8025 static int
wpa_driver_nl80211_join_mesh(void * priv,struct wpa_driver_mesh_join_params * params)8026 wpa_driver_nl80211_join_mesh(void *priv,
8027 struct wpa_driver_mesh_join_params *params)
8028 {
8029 struct i802_bss *bss = priv;
8030 int ret, timeout;
8031
8032 timeout = params->conf.peer_link_timeout;
8033
8034 /* Disable kernel inactivity timer */
8035 if (params->flags & WPA_DRIVER_MESH_FLAG_USER_MPM)
8036 params->conf.peer_link_timeout = 0;
8037
8038 ret = nl80211_join_mesh(bss, params);
8039 if (ret == -EINVAL && params->conf.peer_link_timeout == 0) {
8040 wpa_printf(MSG_DEBUG,
8041 "nl80211: Mesh join retry for peer_link_timeout");
8042 /*
8043 * Old kernel does not support setting
8044 * NL80211_MESHCONF_PLINK_TIMEOUT to zero, so set 60 seconds
8045 * into future from peer_link_timeout.
8046 */
8047 params->conf.peer_link_timeout = timeout + 60;
8048 ret = nl80211_join_mesh(priv, params);
8049 }
8050
8051 params->conf.peer_link_timeout = timeout;
8052 return ret;
8053 }
8054
8055
wpa_driver_nl80211_leave_mesh(void * priv)8056 static int wpa_driver_nl80211_leave_mesh(void *priv)
8057 {
8058 struct i802_bss *bss = priv;
8059 struct wpa_driver_nl80211_data *drv = bss->drv;
8060 struct nl_msg *msg;
8061 int ret;
8062
8063 wpa_printf(MSG_DEBUG, "nl80211: mesh leave (ifindex=%d)", drv->ifindex);
8064 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_LEAVE_MESH);
8065 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
8066 if (ret) {
8067 wpa_printf(MSG_DEBUG, "nl80211: mesh leave failed: ret=%d (%s)",
8068 ret, strerror(-ret));
8069 } else {
8070 wpa_printf(MSG_DEBUG,
8071 "nl80211: mesh leave request send successfully");
8072 }
8073
8074 if (wpa_driver_nl80211_set_mode(drv->first_bss,
8075 NL80211_IFTYPE_STATION)) {
8076 wpa_printf(MSG_INFO,
8077 "nl80211: Failed to set interface into station mode");
8078 }
8079 return ret;
8080 }
8081
8082 #endif /* CONFIG_MESH */
8083
8084
wpa_driver_br_add_ip_neigh(void * priv,u8 version,const u8 * ipaddr,int prefixlen,const u8 * addr)8085 static int wpa_driver_br_add_ip_neigh(void *priv, u8 version,
8086 const u8 *ipaddr, int prefixlen,
8087 const u8 *addr)
8088 {
8089 #ifdef CONFIG_LIBNL3_ROUTE
8090 struct i802_bss *bss = priv;
8091 struct wpa_driver_nl80211_data *drv = bss->drv;
8092 struct rtnl_neigh *rn;
8093 struct nl_addr *nl_ipaddr = NULL;
8094 struct nl_addr *nl_lladdr = NULL;
8095 int family, addrsize;
8096 int res;
8097
8098 if (!ipaddr || prefixlen == 0 || !addr)
8099 return -EINVAL;
8100
8101 if (bss->br_ifindex == 0) {
8102 wpa_printf(MSG_DEBUG,
8103 "nl80211: bridge must be set before adding an ip neigh to it");
8104 return -1;
8105 }
8106
8107 if (!drv->rtnl_sk) {
8108 wpa_printf(MSG_DEBUG,
8109 "nl80211: nl_sock for NETLINK_ROUTE is not initialized");
8110 return -1;
8111 }
8112
8113 if (version == 4) {
8114 family = AF_INET;
8115 addrsize = 4;
8116 } else if (version == 6) {
8117 family = AF_INET6;
8118 addrsize = 16;
8119 } else {
8120 return -EINVAL;
8121 }
8122
8123 rn = rtnl_neigh_alloc();
8124 if (rn == NULL)
8125 return -ENOMEM;
8126
8127 /* set the destination ip address for neigh */
8128 nl_ipaddr = nl_addr_build(family, (void *) ipaddr, addrsize);
8129 if (nl_ipaddr == NULL) {
8130 wpa_printf(MSG_DEBUG, "nl80211: nl_ipaddr build failed");
8131 res = -ENOMEM;
8132 goto errout;
8133 }
8134 nl_addr_set_prefixlen(nl_ipaddr, prefixlen);
8135 res = rtnl_neigh_set_dst(rn, nl_ipaddr);
8136 if (res) {
8137 wpa_printf(MSG_DEBUG,
8138 "nl80211: neigh set destination addr failed");
8139 goto errout;
8140 }
8141
8142 /* set the corresponding lladdr for neigh */
8143 nl_lladdr = nl_addr_build(AF_BRIDGE, (u8 *) addr, ETH_ALEN);
8144 if (nl_lladdr == NULL) {
8145 wpa_printf(MSG_DEBUG, "nl80211: neigh set lladdr failed");
8146 res = -ENOMEM;
8147 goto errout;
8148 }
8149 rtnl_neigh_set_lladdr(rn, nl_lladdr);
8150
8151 rtnl_neigh_set_ifindex(rn, bss->br_ifindex);
8152 rtnl_neigh_set_state(rn, NUD_PERMANENT);
8153
8154 res = rtnl_neigh_add(drv->rtnl_sk, rn, NLM_F_CREATE);
8155 if (res) {
8156 wpa_printf(MSG_DEBUG,
8157 "nl80211: Adding bridge ip neigh failed: %s",
8158 strerror(errno));
8159 }
8160 errout:
8161 if (nl_lladdr)
8162 nl_addr_put(nl_lladdr);
8163 if (nl_ipaddr)
8164 nl_addr_put(nl_ipaddr);
8165 if (rn)
8166 rtnl_neigh_put(rn);
8167 return res;
8168 #else /* CONFIG_LIBNL3_ROUTE */
8169 return -1;
8170 #endif /* CONFIG_LIBNL3_ROUTE */
8171 }
8172
8173
wpa_driver_br_delete_ip_neigh(void * priv,u8 version,const u8 * ipaddr)8174 static int wpa_driver_br_delete_ip_neigh(void *priv, u8 version,
8175 const u8 *ipaddr)
8176 {
8177 #ifdef CONFIG_LIBNL3_ROUTE
8178 struct i802_bss *bss = priv;
8179 struct wpa_driver_nl80211_data *drv = bss->drv;
8180 struct rtnl_neigh *rn;
8181 struct nl_addr *nl_ipaddr;
8182 int family, addrsize;
8183 int res;
8184
8185 if (!ipaddr)
8186 return -EINVAL;
8187
8188 if (version == 4) {
8189 family = AF_INET;
8190 addrsize = 4;
8191 } else if (version == 6) {
8192 family = AF_INET6;
8193 addrsize = 16;
8194 } else {
8195 return -EINVAL;
8196 }
8197
8198 if (bss->br_ifindex == 0) {
8199 wpa_printf(MSG_DEBUG,
8200 "nl80211: bridge must be set to delete an ip neigh");
8201 return -1;
8202 }
8203
8204 if (!drv->rtnl_sk) {
8205 wpa_printf(MSG_DEBUG,
8206 "nl80211: nl_sock for NETLINK_ROUTE is not initialized");
8207 return -1;
8208 }
8209
8210 rn = rtnl_neigh_alloc();
8211 if (rn == NULL)
8212 return -ENOMEM;
8213
8214 /* set the destination ip address for neigh */
8215 nl_ipaddr = nl_addr_build(family, (void *) ipaddr, addrsize);
8216 if (nl_ipaddr == NULL) {
8217 wpa_printf(MSG_DEBUG, "nl80211: nl_ipaddr build failed");
8218 res = -ENOMEM;
8219 goto errout;
8220 }
8221 res = rtnl_neigh_set_dst(rn, nl_ipaddr);
8222 if (res) {
8223 wpa_printf(MSG_DEBUG,
8224 "nl80211: neigh set destination addr failed");
8225 goto errout;
8226 }
8227
8228 rtnl_neigh_set_ifindex(rn, bss->br_ifindex);
8229
8230 res = rtnl_neigh_delete(drv->rtnl_sk, rn, 0);
8231 if (res) {
8232 wpa_printf(MSG_DEBUG,
8233 "nl80211: Deleting bridge ip neigh failed: %s",
8234 strerror(errno));
8235 }
8236 errout:
8237 if (nl_ipaddr)
8238 nl_addr_put(nl_ipaddr);
8239 if (rn)
8240 rtnl_neigh_put(rn);
8241 return res;
8242 #else /* CONFIG_LIBNL3_ROUTE */
8243 return -1;
8244 #endif /* CONFIG_LIBNL3_ROUTE */
8245 }
8246
8247
linux_write_system_file(const char * path,unsigned int val)8248 static int linux_write_system_file(const char *path, unsigned int val)
8249 {
8250 char buf[50];
8251 int fd, len;
8252
8253 len = os_snprintf(buf, sizeof(buf), "%u\n", val);
8254 if (os_snprintf_error(sizeof(buf), len))
8255 return -1;
8256
8257 fd = open(path, O_WRONLY);
8258 if (fd < 0)
8259 return -1;
8260
8261 if (write(fd, buf, len) < 0) {
8262 wpa_printf(MSG_DEBUG,
8263 "nl80211: Failed to write Linux system file: %s with the value of %d",
8264 path, val);
8265 close(fd);
8266 return -1;
8267 }
8268 close(fd);
8269
8270 return 0;
8271 }
8272
8273
drv_br_port_attr_str(enum drv_br_port_attr attr)8274 static const char * drv_br_port_attr_str(enum drv_br_port_attr attr)
8275 {
8276 switch (attr) {
8277 case DRV_BR_PORT_ATTR_PROXYARP:
8278 return "proxyarp_wifi";
8279 case DRV_BR_PORT_ATTR_HAIRPIN_MODE:
8280 return "hairpin_mode";
8281 }
8282
8283 return NULL;
8284 }
8285
8286
wpa_driver_br_port_set_attr(void * priv,enum drv_br_port_attr attr,unsigned int val)8287 static int wpa_driver_br_port_set_attr(void *priv, enum drv_br_port_attr attr,
8288 unsigned int val)
8289 {
8290 struct i802_bss *bss = priv;
8291 char path[128];
8292 const char *attr_txt;
8293
8294 attr_txt = drv_br_port_attr_str(attr);
8295 if (attr_txt == NULL)
8296 return -EINVAL;
8297
8298 os_snprintf(path, sizeof(path), "/sys/class/net/%s/brport/%s",
8299 bss->ifname, attr_txt);
8300
8301 if (linux_write_system_file(path, val))
8302 return -1;
8303
8304 return 0;
8305 }
8306
8307
drv_br_net_param_str(enum drv_br_net_param param)8308 static const char * drv_br_net_param_str(enum drv_br_net_param param)
8309 {
8310 switch (param) {
8311 case DRV_BR_NET_PARAM_GARP_ACCEPT:
8312 return "arp_accept";
8313 default:
8314 return NULL;
8315 }
8316 }
8317
8318
wpa_driver_br_set_net_param(void * priv,enum drv_br_net_param param,unsigned int val)8319 static int wpa_driver_br_set_net_param(void *priv, enum drv_br_net_param param,
8320 unsigned int val)
8321 {
8322 struct i802_bss *bss = priv;
8323 char path[128];
8324 const char *param_txt;
8325 int ip_version = 4;
8326
8327 if (param == DRV_BR_MULTICAST_SNOOPING) {
8328 os_snprintf(path, sizeof(path),
8329 "/sys/devices/virtual/net/%s/bridge/multicast_snooping",
8330 bss->brname);
8331 goto set_val;
8332 }
8333
8334 param_txt = drv_br_net_param_str(param);
8335 if (param_txt == NULL)
8336 return -EINVAL;
8337
8338 switch (param) {
8339 case DRV_BR_NET_PARAM_GARP_ACCEPT:
8340 ip_version = 4;
8341 break;
8342 default:
8343 return -EINVAL;
8344 }
8345
8346 os_snprintf(path, sizeof(path), "/proc/sys/net/ipv%d/conf/%s/%s",
8347 ip_version, bss->brname, param_txt);
8348
8349 set_val:
8350 if (linux_write_system_file(path, val))
8351 return -1;
8352
8353 return 0;
8354 }
8355
8356
hw_mode_to_qca_acs(enum hostapd_hw_mode hw_mode)8357 static int hw_mode_to_qca_acs(enum hostapd_hw_mode hw_mode)
8358 {
8359 switch (hw_mode) {
8360 case HOSTAPD_MODE_IEEE80211B:
8361 return QCA_ACS_MODE_IEEE80211B;
8362 case HOSTAPD_MODE_IEEE80211G:
8363 return QCA_ACS_MODE_IEEE80211G;
8364 case HOSTAPD_MODE_IEEE80211A:
8365 return QCA_ACS_MODE_IEEE80211A;
8366 case HOSTAPD_MODE_IEEE80211AD:
8367 return QCA_ACS_MODE_IEEE80211AD;
8368 case HOSTAPD_MODE_IEEE80211ANY:
8369 return QCA_ACS_MODE_IEEE80211ANY;
8370 default:
8371 return -1;
8372 }
8373 }
8374
8375
wpa_driver_do_acs(void * priv,struct drv_acs_params * params)8376 static int wpa_driver_do_acs(void *priv, struct drv_acs_params *params)
8377 {
8378 struct i802_bss *bss = priv;
8379 struct wpa_driver_nl80211_data *drv = bss->drv;
8380 struct nl_msg *msg;
8381 struct nlattr *data;
8382 int ret;
8383 int mode;
8384
8385 mode = hw_mode_to_qca_acs(params->hw_mode);
8386 if (mode < 0)
8387 return -1;
8388
8389 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) ||
8390 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) ||
8391 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD,
8392 QCA_NL80211_VENDOR_SUBCMD_DO_ACS) ||
8393 !(data = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) ||
8394 nla_put_u8(msg, QCA_WLAN_VENDOR_ATTR_ACS_HW_MODE, mode) ||
8395 (params->ht_enabled &&
8396 nla_put_flag(msg, QCA_WLAN_VENDOR_ATTR_ACS_HT_ENABLED)) ||
8397 (params->ht40_enabled &&
8398 nla_put_flag(msg, QCA_WLAN_VENDOR_ATTR_ACS_HT40_ENABLED)) ||
8399 (params->vht_enabled &&
8400 nla_put_flag(msg, QCA_WLAN_VENDOR_ATTR_ACS_VHT_ENABLED)) ||
8401 nla_put_u16(msg, QCA_WLAN_VENDOR_ATTR_ACS_CHWIDTH,
8402 params->ch_width) ||
8403 (params->ch_list_len &&
8404 nla_put(msg, QCA_WLAN_VENDOR_ATTR_ACS_CH_LIST, params->ch_list_len,
8405 params->ch_list))) {
8406 nlmsg_free(msg);
8407 return -ENOBUFS;
8408 }
8409 nla_nest_end(msg, data);
8410
8411 wpa_printf(MSG_DEBUG,
8412 "nl80211: ACS Params: HW_MODE: %d HT: %d HT40: %d VHT: %d BW: %d CH_LIST_LEN: %u",
8413 params->hw_mode, params->ht_enabled, params->ht40_enabled,
8414 params->vht_enabled, params->ch_width, params->ch_list_len);
8415
8416 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
8417 if (ret) {
8418 wpa_printf(MSG_DEBUG,
8419 "nl80211: Failed to invoke driver ACS function: %s",
8420 strerror(errno));
8421 }
8422 return ret;
8423 }
8424
8425
8426 const struct wpa_driver_ops wpa_driver_nl80211_ops = {
8427 .name = "nl80211",
8428 .desc = "Linux nl80211/cfg80211",
8429 .get_bssid = wpa_driver_nl80211_get_bssid,
8430 .get_ssid = wpa_driver_nl80211_get_ssid,
8431 .set_key = driver_nl80211_set_key,
8432 .scan2 = driver_nl80211_scan2,
8433 .sched_scan = wpa_driver_nl80211_sched_scan,
8434 .stop_sched_scan = wpa_driver_nl80211_stop_sched_scan,
8435 .get_scan_results2 = wpa_driver_nl80211_get_scan_results,
8436 .deauthenticate = driver_nl80211_deauthenticate,
8437 .authenticate = driver_nl80211_authenticate,
8438 .associate = wpa_driver_nl80211_associate,
8439 .global_init = nl80211_global_init,
8440 .global_deinit = nl80211_global_deinit,
8441 .init2 = wpa_driver_nl80211_init,
8442 .deinit = driver_nl80211_deinit,
8443 .get_capa = wpa_driver_nl80211_get_capa,
8444 .set_operstate = wpa_driver_nl80211_set_operstate,
8445 .set_supp_port = wpa_driver_nl80211_set_supp_port,
8446 .set_country = wpa_driver_nl80211_set_country,
8447 .get_country = wpa_driver_nl80211_get_country,
8448 .set_ap = wpa_driver_nl80211_set_ap,
8449 .set_acl = wpa_driver_nl80211_set_acl,
8450 .if_add = wpa_driver_nl80211_if_add,
8451 .if_remove = driver_nl80211_if_remove,
8452 .send_mlme = driver_nl80211_send_mlme,
8453 .get_hw_feature_data = nl80211_get_hw_feature_data,
8454 .sta_add = wpa_driver_nl80211_sta_add,
8455 .sta_remove = driver_nl80211_sta_remove,
8456 .hapd_send_eapol = wpa_driver_nl80211_hapd_send_eapol,
8457 .sta_set_flags = wpa_driver_nl80211_sta_set_flags,
8458 .hapd_init = i802_init,
8459 .hapd_deinit = i802_deinit,
8460 .set_wds_sta = i802_set_wds_sta,
8461 .get_seqnum = i802_get_seqnum,
8462 .flush = i802_flush,
8463 .get_inact_sec = i802_get_inact_sec,
8464 .sta_clear_stats = i802_sta_clear_stats,
8465 .set_rts = i802_set_rts,
8466 .set_frag = i802_set_frag,
8467 .set_tx_queue_params = i802_set_tx_queue_params,
8468 .set_sta_vlan = driver_nl80211_set_sta_vlan,
8469 .sta_deauth = i802_sta_deauth,
8470 .sta_disassoc = i802_sta_disassoc,
8471 .read_sta_data = driver_nl80211_read_sta_data,
8472 .set_freq = i802_set_freq,
8473 .send_action = driver_nl80211_send_action,
8474 .send_action_cancel_wait = wpa_driver_nl80211_send_action_cancel_wait,
8475 .remain_on_channel = wpa_driver_nl80211_remain_on_channel,
8476 .cancel_remain_on_channel =
8477 wpa_driver_nl80211_cancel_remain_on_channel,
8478 .probe_req_report = driver_nl80211_probe_req_report,
8479 .deinit_ap = wpa_driver_nl80211_deinit_ap,
8480 .deinit_p2p_cli = wpa_driver_nl80211_deinit_p2p_cli,
8481 .resume = wpa_driver_nl80211_resume,
8482 .signal_monitor = nl80211_signal_monitor,
8483 .signal_poll = nl80211_signal_poll,
8484 .send_frame = nl80211_send_frame,
8485 .set_param = nl80211_set_param,
8486 .get_radio_name = nl80211_get_radio_name,
8487 .add_pmkid = nl80211_add_pmkid,
8488 .remove_pmkid = nl80211_remove_pmkid,
8489 .flush_pmkid = nl80211_flush_pmkid,
8490 .set_rekey_info = nl80211_set_rekey_info,
8491 .poll_client = nl80211_poll_client,
8492 .set_p2p_powersave = nl80211_set_p2p_powersave,
8493 .start_dfs_cac = nl80211_start_radar_detection,
8494 .stop_ap = wpa_driver_nl80211_stop_ap,
8495 #ifdef CONFIG_TDLS
8496 .send_tdls_mgmt = nl80211_send_tdls_mgmt,
8497 .tdls_oper = nl80211_tdls_oper,
8498 .tdls_enable_channel_switch = nl80211_tdls_enable_channel_switch,
8499 .tdls_disable_channel_switch = nl80211_tdls_disable_channel_switch,
8500 #endif /* CONFIG_TDLS */
8501 .update_ft_ies = wpa_driver_nl80211_update_ft_ies,
8502 .get_mac_addr = wpa_driver_nl80211_get_macaddr,
8503 .get_survey = wpa_driver_nl80211_get_survey,
8504 .status = wpa_driver_nl80211_status,
8505 .switch_channel = nl80211_switch_channel,
8506 #ifdef ANDROID_P2P
8507 .set_noa = wpa_driver_set_p2p_noa,
8508 .get_noa = wpa_driver_get_p2p_noa,
8509 .set_ap_wps_ie = wpa_driver_set_ap_wps_p2p_ie,
8510 #endif /* ANDROID_P2P */
8511 #ifdef ANDROID
8512 #ifndef ANDROID_LIB_STUB
8513 .driver_cmd = wpa_driver_nl80211_driver_cmd,
8514 #endif /* !ANDROID_LIB_STUB */
8515 #endif /* ANDROID */
8516 .vendor_cmd = nl80211_vendor_cmd,
8517 .set_qos_map = nl80211_set_qos_map,
8518 .set_wowlan = nl80211_set_wowlan,
8519 .roaming = nl80211_roaming,
8520 .set_mac_addr = nl80211_set_mac_addr,
8521 #ifdef CONFIG_MESH
8522 .init_mesh = wpa_driver_nl80211_init_mesh,
8523 .join_mesh = wpa_driver_nl80211_join_mesh,
8524 .leave_mesh = wpa_driver_nl80211_leave_mesh,
8525 #endif /* CONFIG_MESH */
8526 .br_add_ip_neigh = wpa_driver_br_add_ip_neigh,
8527 .br_delete_ip_neigh = wpa_driver_br_delete_ip_neigh,
8528 .br_port_set_attr = wpa_driver_br_port_set_attr,
8529 .br_set_net_param = wpa_driver_br_set_net_param,
8530 .add_tx_ts = nl80211_add_ts,
8531 .del_tx_ts = nl80211_del_ts,
8532 .do_acs = wpa_driver_do_acs,
8533 };
8534