1 /*
2 * Driver interaction with Linux nl80211/cfg80211
3 * Copyright (c) 2002-2015, Jouni Malinen <j@w1.fi>
4 * Copyright (c) 2003-2004, Instant802 Networks, Inc.
5 * Copyright (c) 2005-2006, Devicescape Software, Inc.
6 * Copyright (c) 2007, Johannes Berg <johannes@sipsolutions.net>
7 * Copyright (c) 2009-2010, Atheros Communications
8 *
9 * This software may be distributed under the terms of the BSD license.
10 * See README for more details.
11 */
12
13 #include "includes.h"
14 #include <sys/types.h>
15 #include <fcntl.h>
16 #include <net/if.h>
17 #include <netlink/genl/genl.h>
18 #include <netlink/genl/ctrl.h>
19 #ifdef CONFIG_LIBNL3_ROUTE
20 #include <netlink/route/neighbour.h>
21 #endif /* CONFIG_LIBNL3_ROUTE */
22 #include <linux/rtnetlink.h>
23 #include <netpacket/packet.h>
24 #include <linux/errqueue.h>
25
26 #include "common.h"
27 #include "eloop.h"
28 #include "common/qca-vendor.h"
29 #include "common/qca-vendor-attr.h"
30 #include "common/ieee802_11_defs.h"
31 #include "common/ieee802_11_common.h"
32 #include "l2_packet/l2_packet.h"
33 #include "netlink.h"
34 #include "linux_defines.h"
35 #include "linux_ioctl.h"
36 #include "radiotap.h"
37 #include "radiotap_iter.h"
38 #include "rfkill.h"
39 #include "driver_nl80211.h"
40
41
42 #ifndef CONFIG_LIBNL20
43 /*
44 * libnl 1.1 has a bug, it tries to allocate socket numbers densely
45 * but when you free a socket again it will mess up its bitmap and
46 * and use the wrong number the next time it needs a socket ID.
47 * Therefore, we wrap the handle alloc/destroy and add our own pid
48 * accounting.
49 */
50 static uint32_t port_bitmap[32] = { 0 };
51
nl80211_handle_alloc(void * cb)52 static struct nl_handle *nl80211_handle_alloc(void *cb)
53 {
54 struct nl_handle *handle;
55 uint32_t pid = getpid() & 0x3FFFFF;
56 int i;
57
58 handle = nl_handle_alloc_cb(cb);
59
60 for (i = 0; i < 1024; i++) {
61 if (port_bitmap[i / 32] & (1 << (i % 32)))
62 continue;
63 port_bitmap[i / 32] |= 1 << (i % 32);
64 pid += i << 22;
65 break;
66 }
67
68 nl_socket_set_local_port(handle, pid);
69
70 return handle;
71 }
72
nl80211_handle_destroy(struct nl_handle * handle)73 static void nl80211_handle_destroy(struct nl_handle *handle)
74 {
75 uint32_t port = nl_socket_get_local_port(handle);
76
77 port >>= 22;
78 port_bitmap[port / 32] &= ~(1 << (port % 32));
79
80 nl_handle_destroy(handle);
81 }
82 #endif /* CONFIG_LIBNL20 */
83
84
85 #ifdef ANDROID
86 /* system/core/libnl_2 does not include nl_socket_set_nonblocking() */
87 #undef nl_socket_set_nonblocking
88 #define nl_socket_set_nonblocking(h) android_nl_socket_set_nonblocking(h)
89
90 #endif /* ANDROID */
91
92
nl_create_handle(struct nl_cb * cb,const char * dbg)93 static struct nl_handle * nl_create_handle(struct nl_cb *cb, const char *dbg)
94 {
95 struct nl_handle *handle;
96
97 handle = nl80211_handle_alloc(cb);
98 if (handle == NULL) {
99 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate netlink "
100 "callbacks (%s)", dbg);
101 return NULL;
102 }
103
104 if (genl_connect(handle)) {
105 wpa_printf(MSG_ERROR, "nl80211: Failed to connect to generic "
106 "netlink (%s)", dbg);
107 nl80211_handle_destroy(handle);
108 return NULL;
109 }
110
111 return handle;
112 }
113
114
nl_destroy_handles(struct nl_handle ** handle)115 static void nl_destroy_handles(struct nl_handle **handle)
116 {
117 if (*handle == NULL)
118 return;
119 nl80211_handle_destroy(*handle);
120 *handle = NULL;
121 }
122
123
124 #if __WORDSIZE == 64
125 #define ELOOP_SOCKET_INVALID (intptr_t) 0x8888888888888889ULL
126 #else
127 #define ELOOP_SOCKET_INVALID (intptr_t) 0x88888889ULL
128 #endif
129
nl80211_register_eloop_read(struct nl_handle ** handle,eloop_sock_handler handler,void * eloop_data)130 static void nl80211_register_eloop_read(struct nl_handle **handle,
131 eloop_sock_handler handler,
132 void *eloop_data)
133 {
134 #ifdef CONFIG_LIBNL20
135 /*
136 * libnl uses a pretty small buffer (32 kB that gets converted to 64 kB)
137 * by default. It is possible to hit that limit in some cases where
138 * operations are blocked, e.g., with a burst of Deauthentication frames
139 * to hostapd and STA entry deletion. Try to increase the buffer to make
140 * this less likely to occur.
141 */
142 if (nl_socket_set_buffer_size(*handle, 262144, 0) < 0) {
143 wpa_printf(MSG_DEBUG,
144 "nl80211: Could not set nl_socket RX buffer size: %s",
145 strerror(errno));
146 /* continue anyway with the default (smaller) buffer */
147 }
148 #endif /* CONFIG_LIBNL20 */
149
150 nl_socket_set_nonblocking(*handle);
151 eloop_register_read_sock(nl_socket_get_fd(*handle), handler,
152 eloop_data, *handle);
153 *handle = (void *) (((intptr_t) *handle) ^ ELOOP_SOCKET_INVALID);
154 }
155
156
nl80211_destroy_eloop_handle(struct nl_handle ** handle)157 static void nl80211_destroy_eloop_handle(struct nl_handle **handle)
158 {
159 *handle = (void *) (((intptr_t) *handle) ^ ELOOP_SOCKET_INVALID);
160 eloop_unregister_read_sock(nl_socket_get_fd(*handle));
161 nl_destroy_handles(handle);
162 }
163
164
165 static void nl80211_global_deinit(void *priv);
166 static void nl80211_check_global(struct nl80211_global *global);
167
168 static void wpa_driver_nl80211_deinit(struct i802_bss *bss);
169 static int wpa_driver_nl80211_set_mode_ibss(struct i802_bss *bss,
170 struct hostapd_freq_params *freq);
171
172 static int
173 wpa_driver_nl80211_finish_drv_init(struct wpa_driver_nl80211_data *drv,
174 const u8 *set_addr, int first,
175 const char *driver_params);
176 static int nl80211_send_frame_cmd(struct i802_bss *bss,
177 unsigned int freq, unsigned int wait,
178 const u8 *buf, size_t buf_len, u64 *cookie,
179 int no_cck, int no_ack, int offchanok,
180 const u16 *csa_offs, size_t csa_offs_len);
181 static int wpa_driver_nl80211_probe_req_report(struct i802_bss *bss,
182 int report);
183
184 #define IFIDX_ANY -1
185
186 static void add_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx,
187 int ifidx_reason);
188 static void del_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx,
189 int ifidx_reason);
190 static int have_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx,
191 int ifidx_reason);
192
193 static int nl80211_set_channel(struct i802_bss *bss,
194 struct hostapd_freq_params *freq, int set_chan);
195 static int nl80211_disable_11b_rates(struct wpa_driver_nl80211_data *drv,
196 int ifindex, int disabled);
197
198 static int nl80211_leave_ibss(struct wpa_driver_nl80211_data *drv,
199 int reset_mode);
200
201 static int i802_set_iface_flags(struct i802_bss *bss, int up);
202 static int nl80211_set_param(void *priv, const char *param);
203
204
205 /* Converts nl80211_chan_width to a common format */
convert2width(int width)206 enum chan_width convert2width(int width)
207 {
208 switch (width) {
209 case NL80211_CHAN_WIDTH_20_NOHT:
210 return CHAN_WIDTH_20_NOHT;
211 case NL80211_CHAN_WIDTH_20:
212 return CHAN_WIDTH_20;
213 case NL80211_CHAN_WIDTH_40:
214 return CHAN_WIDTH_40;
215 case NL80211_CHAN_WIDTH_80:
216 return CHAN_WIDTH_80;
217 case NL80211_CHAN_WIDTH_80P80:
218 return CHAN_WIDTH_80P80;
219 case NL80211_CHAN_WIDTH_160:
220 return CHAN_WIDTH_160;
221 }
222 return CHAN_WIDTH_UNKNOWN;
223 }
224
225
is_ap_interface(enum nl80211_iftype nlmode)226 int is_ap_interface(enum nl80211_iftype nlmode)
227 {
228 return nlmode == NL80211_IFTYPE_AP ||
229 nlmode == NL80211_IFTYPE_P2P_GO;
230 }
231
232
is_sta_interface(enum nl80211_iftype nlmode)233 int is_sta_interface(enum nl80211_iftype nlmode)
234 {
235 return nlmode == NL80211_IFTYPE_STATION ||
236 nlmode == NL80211_IFTYPE_P2P_CLIENT;
237 }
238
239
is_p2p_net_interface(enum nl80211_iftype nlmode)240 static int is_p2p_net_interface(enum nl80211_iftype nlmode)
241 {
242 return nlmode == NL80211_IFTYPE_P2P_CLIENT ||
243 nlmode == NL80211_IFTYPE_P2P_GO;
244 }
245
246
get_bss_ifindex(struct wpa_driver_nl80211_data * drv,int ifindex)247 struct i802_bss * get_bss_ifindex(struct wpa_driver_nl80211_data *drv,
248 int ifindex)
249 {
250 struct i802_bss *bss;
251
252 for (bss = drv->first_bss; bss; bss = bss->next) {
253 if (bss->ifindex == ifindex)
254 return bss;
255 }
256
257 return NULL;
258 }
259
260
is_mesh_interface(enum nl80211_iftype nlmode)261 static int is_mesh_interface(enum nl80211_iftype nlmode)
262 {
263 return nlmode == NL80211_IFTYPE_MESH_POINT;
264 }
265
266
nl80211_mark_disconnected(struct wpa_driver_nl80211_data * drv)267 void nl80211_mark_disconnected(struct wpa_driver_nl80211_data *drv)
268 {
269 if (drv->associated)
270 os_memcpy(drv->prev_bssid, drv->bssid, ETH_ALEN);
271 drv->associated = 0;
272 os_memset(drv->bssid, 0, ETH_ALEN);
273 }
274
275
276 /* nl80211 code */
ack_handler(struct nl_msg * msg,void * arg)277 static int ack_handler(struct nl_msg *msg, void *arg)
278 {
279 int *err = arg;
280 *err = 0;
281 return NL_STOP;
282 }
283
finish_handler(struct nl_msg * msg,void * arg)284 static int finish_handler(struct nl_msg *msg, void *arg)
285 {
286 int *ret = arg;
287 *ret = 0;
288 return NL_SKIP;
289 }
290
error_handler(struct sockaddr_nl * nla,struct nlmsgerr * err,void * arg)291 static int error_handler(struct sockaddr_nl *nla, struct nlmsgerr *err,
292 void *arg)
293 {
294 int *ret = arg;
295 *ret = err->error;
296 return NL_SKIP;
297 }
298
299
no_seq_check(struct nl_msg * msg,void * arg)300 static int no_seq_check(struct nl_msg *msg, void *arg)
301 {
302 return NL_OK;
303 }
304
305
nl80211_nlmsg_clear(struct nl_msg * msg)306 static void nl80211_nlmsg_clear(struct nl_msg *msg)
307 {
308 /*
309 * Clear nlmsg data, e.g., to make sure key material is not left in
310 * heap memory for unnecessarily long time.
311 */
312 if (msg) {
313 struct nlmsghdr *hdr = nlmsg_hdr(msg);
314 void *data = nlmsg_data(hdr);
315 /*
316 * This would use nlmsg_datalen() or the older nlmsg_len() if
317 * only libnl were to maintain a stable API.. Neither will work
318 * with all released versions, so just calculate the length
319 * here.
320 */
321 int len = hdr->nlmsg_len - NLMSG_HDRLEN;
322
323 os_memset(data, 0, len);
324 }
325 }
326
327
send_and_recv(struct nl80211_global * global,struct nl_handle * nl_handle,struct nl_msg * msg,int (* valid_handler)(struct nl_msg *,void *),void * valid_data)328 static int send_and_recv(struct nl80211_global *global,
329 struct nl_handle *nl_handle, struct nl_msg *msg,
330 int (*valid_handler)(struct nl_msg *, void *),
331 void *valid_data)
332 {
333 struct nl_cb *cb;
334 int err = -ENOMEM;
335
336 if (!msg)
337 return -ENOMEM;
338
339 cb = nl_cb_clone(global->nl_cb);
340 if (!cb)
341 goto out;
342
343 err = nl_send_auto_complete(nl_handle, msg);
344 if (err < 0)
345 goto out;
346
347 err = 1;
348
349 nl_cb_err(cb, NL_CB_CUSTOM, error_handler, &err);
350 nl_cb_set(cb, NL_CB_FINISH, NL_CB_CUSTOM, finish_handler, &err);
351 nl_cb_set(cb, NL_CB_ACK, NL_CB_CUSTOM, ack_handler, &err);
352
353 if (valid_handler)
354 nl_cb_set(cb, NL_CB_VALID, NL_CB_CUSTOM,
355 valid_handler, valid_data);
356
357 while (err > 0) {
358 int res = nl_recvmsgs(nl_handle, cb);
359 if (res < 0) {
360 wpa_printf(MSG_INFO,
361 "nl80211: %s->nl_recvmsgs failed: %d",
362 __func__, res);
363 }
364 }
365 out:
366 nl_cb_put(cb);
367 if (!valid_handler && valid_data == (void *) -1)
368 nl80211_nlmsg_clear(msg);
369 nlmsg_free(msg);
370 return err;
371 }
372
373
send_and_recv_msgs(struct wpa_driver_nl80211_data * drv,struct nl_msg * msg,int (* valid_handler)(struct nl_msg *,void *),void * valid_data)374 int send_and_recv_msgs(struct wpa_driver_nl80211_data *drv,
375 struct nl_msg *msg,
376 int (*valid_handler)(struct nl_msg *, void *),
377 void *valid_data)
378 {
379 return send_and_recv(drv->global, drv->global->nl, msg,
380 valid_handler, valid_data);
381 }
382
383
384 struct family_data {
385 const char *group;
386 int id;
387 };
388
389
family_handler(struct nl_msg * msg,void * arg)390 static int family_handler(struct nl_msg *msg, void *arg)
391 {
392 struct family_data *res = arg;
393 struct nlattr *tb[CTRL_ATTR_MAX + 1];
394 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
395 struct nlattr *mcgrp;
396 int i;
397
398 nla_parse(tb, CTRL_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
399 genlmsg_attrlen(gnlh, 0), NULL);
400 if (!tb[CTRL_ATTR_MCAST_GROUPS])
401 return NL_SKIP;
402
403 nla_for_each_nested(mcgrp, tb[CTRL_ATTR_MCAST_GROUPS], i) {
404 struct nlattr *tb2[CTRL_ATTR_MCAST_GRP_MAX + 1];
405 nla_parse(tb2, CTRL_ATTR_MCAST_GRP_MAX, nla_data(mcgrp),
406 nla_len(mcgrp), NULL);
407 if (!tb2[CTRL_ATTR_MCAST_GRP_NAME] ||
408 !tb2[CTRL_ATTR_MCAST_GRP_ID] ||
409 os_strncmp(nla_data(tb2[CTRL_ATTR_MCAST_GRP_NAME]),
410 res->group,
411 nla_len(tb2[CTRL_ATTR_MCAST_GRP_NAME])) != 0)
412 continue;
413 res->id = nla_get_u32(tb2[CTRL_ATTR_MCAST_GRP_ID]);
414 break;
415 };
416
417 return NL_SKIP;
418 }
419
420
nl_get_multicast_id(struct nl80211_global * global,const char * family,const char * group)421 static int nl_get_multicast_id(struct nl80211_global *global,
422 const char *family, const char *group)
423 {
424 struct nl_msg *msg;
425 int ret;
426 struct family_data res = { group, -ENOENT };
427
428 msg = nlmsg_alloc();
429 if (!msg)
430 return -ENOMEM;
431 if (!genlmsg_put(msg, 0, 0, genl_ctrl_resolve(global->nl, "nlctrl"),
432 0, 0, CTRL_CMD_GETFAMILY, 0) ||
433 nla_put_string(msg, CTRL_ATTR_FAMILY_NAME, family)) {
434 nlmsg_free(msg);
435 return -1;
436 }
437
438 ret = send_and_recv(global, global->nl, msg, family_handler, &res);
439 if (ret == 0)
440 ret = res.id;
441 return ret;
442 }
443
444
nl80211_cmd(struct wpa_driver_nl80211_data * drv,struct nl_msg * msg,int flags,uint8_t cmd)445 void * nl80211_cmd(struct wpa_driver_nl80211_data *drv,
446 struct nl_msg *msg, int flags, uint8_t cmd)
447 {
448 return genlmsg_put(msg, 0, 0, drv->global->nl80211_id,
449 0, flags, cmd, 0);
450 }
451
452
nl80211_set_iface_id(struct nl_msg * msg,struct i802_bss * bss)453 static int nl80211_set_iface_id(struct nl_msg *msg, struct i802_bss *bss)
454 {
455 if (bss->wdev_id_set)
456 return nla_put_u64(msg, NL80211_ATTR_WDEV, bss->wdev_id);
457 return nla_put_u32(msg, NL80211_ATTR_IFINDEX, bss->ifindex);
458 }
459
460
nl80211_cmd_msg(struct i802_bss * bss,int flags,uint8_t cmd)461 struct nl_msg * nl80211_cmd_msg(struct i802_bss *bss, int flags, uint8_t cmd)
462 {
463 struct nl_msg *msg;
464
465 msg = nlmsg_alloc();
466 if (!msg)
467 return NULL;
468
469 if (!nl80211_cmd(bss->drv, msg, flags, cmd) ||
470 nl80211_set_iface_id(msg, bss) < 0) {
471 nlmsg_free(msg);
472 return NULL;
473 }
474
475 return msg;
476 }
477
478
479 static struct nl_msg *
nl80211_ifindex_msg(struct wpa_driver_nl80211_data * drv,int ifindex,int flags,uint8_t cmd)480 nl80211_ifindex_msg(struct wpa_driver_nl80211_data *drv, int ifindex,
481 int flags, uint8_t cmd)
482 {
483 struct nl_msg *msg;
484
485 msg = nlmsg_alloc();
486 if (!msg)
487 return NULL;
488
489 if (!nl80211_cmd(drv, msg, flags, cmd) ||
490 nla_put_u32(msg, NL80211_ATTR_IFINDEX, ifindex)) {
491 nlmsg_free(msg);
492 return NULL;
493 }
494
495 return msg;
496 }
497
498
nl80211_drv_msg(struct wpa_driver_nl80211_data * drv,int flags,uint8_t cmd)499 struct nl_msg * nl80211_drv_msg(struct wpa_driver_nl80211_data *drv, int flags,
500 uint8_t cmd)
501 {
502 return nl80211_ifindex_msg(drv, drv->ifindex, flags, cmd);
503 }
504
505
nl80211_bss_msg(struct i802_bss * bss,int flags,uint8_t cmd)506 struct nl_msg * nl80211_bss_msg(struct i802_bss *bss, int flags, uint8_t cmd)
507 {
508 return nl80211_ifindex_msg(bss->drv, bss->ifindex, flags, cmd);
509 }
510
511
512 struct wiphy_idx_data {
513 int wiphy_idx;
514 enum nl80211_iftype nlmode;
515 u8 *macaddr;
516 };
517
518
netdev_info_handler(struct nl_msg * msg,void * arg)519 static int netdev_info_handler(struct nl_msg *msg, void *arg)
520 {
521 struct nlattr *tb[NL80211_ATTR_MAX + 1];
522 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
523 struct wiphy_idx_data *info = arg;
524
525 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
526 genlmsg_attrlen(gnlh, 0), NULL);
527
528 if (tb[NL80211_ATTR_WIPHY])
529 info->wiphy_idx = nla_get_u32(tb[NL80211_ATTR_WIPHY]);
530
531 if (tb[NL80211_ATTR_IFTYPE])
532 info->nlmode = nla_get_u32(tb[NL80211_ATTR_IFTYPE]);
533
534 if (tb[NL80211_ATTR_MAC] && info->macaddr)
535 os_memcpy(info->macaddr, nla_data(tb[NL80211_ATTR_MAC]),
536 ETH_ALEN);
537
538 return NL_SKIP;
539 }
540
541
nl80211_get_wiphy_index(struct i802_bss * bss)542 int nl80211_get_wiphy_index(struct i802_bss *bss)
543 {
544 struct nl_msg *msg;
545 struct wiphy_idx_data data = {
546 .wiphy_idx = -1,
547 .macaddr = NULL,
548 };
549
550 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_GET_INTERFACE)))
551 return -1;
552
553 if (send_and_recv_msgs(bss->drv, msg, netdev_info_handler, &data) == 0)
554 return data.wiphy_idx;
555 return -1;
556 }
557
558
nl80211_get_ifmode(struct i802_bss * bss)559 static enum nl80211_iftype nl80211_get_ifmode(struct i802_bss *bss)
560 {
561 struct nl_msg *msg;
562 struct wiphy_idx_data data = {
563 .nlmode = NL80211_IFTYPE_UNSPECIFIED,
564 .macaddr = NULL,
565 };
566
567 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_GET_INTERFACE)))
568 return NL80211_IFTYPE_UNSPECIFIED;
569
570 if (send_and_recv_msgs(bss->drv, msg, netdev_info_handler, &data) == 0)
571 return data.nlmode;
572 return NL80211_IFTYPE_UNSPECIFIED;
573 }
574
575
nl80211_get_macaddr(struct i802_bss * bss)576 static int nl80211_get_macaddr(struct i802_bss *bss)
577 {
578 struct nl_msg *msg;
579 struct wiphy_idx_data data = {
580 .macaddr = bss->addr,
581 };
582
583 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_GET_INTERFACE)))
584 return -1;
585
586 return send_and_recv_msgs(bss->drv, msg, netdev_info_handler, &data);
587 }
588
589
nl80211_register_beacons(struct wpa_driver_nl80211_data * drv,struct nl80211_wiphy_data * w)590 static int nl80211_register_beacons(struct wpa_driver_nl80211_data *drv,
591 struct nl80211_wiphy_data *w)
592 {
593 struct nl_msg *msg;
594 int ret;
595
596 msg = nlmsg_alloc();
597 if (!msg)
598 return -1;
599
600 if (!nl80211_cmd(drv, msg, 0, NL80211_CMD_REGISTER_BEACONS) ||
601 nla_put_u32(msg, NL80211_ATTR_WIPHY, w->wiphy_idx)) {
602 nlmsg_free(msg);
603 return -1;
604 }
605
606 ret = send_and_recv(drv->global, w->nl_beacons, msg, NULL, NULL);
607 if (ret) {
608 wpa_printf(MSG_DEBUG, "nl80211: Register beacons command "
609 "failed: ret=%d (%s)",
610 ret, strerror(-ret));
611 }
612 return ret;
613 }
614
615
nl80211_recv_beacons(int sock,void * eloop_ctx,void * handle)616 static void nl80211_recv_beacons(int sock, void *eloop_ctx, void *handle)
617 {
618 struct nl80211_wiphy_data *w = eloop_ctx;
619 int res;
620
621 wpa_printf(MSG_EXCESSIVE, "nl80211: Beacon event message available");
622
623 res = nl_recvmsgs(handle, w->nl_cb);
624 if (res < 0) {
625 wpa_printf(MSG_INFO, "nl80211: %s->nl_recvmsgs failed: %d",
626 __func__, res);
627 }
628 }
629
630
process_beacon_event(struct nl_msg * msg,void * arg)631 static int process_beacon_event(struct nl_msg *msg, void *arg)
632 {
633 struct nl80211_wiphy_data *w = arg;
634 struct wpa_driver_nl80211_data *drv;
635 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
636 struct nlattr *tb[NL80211_ATTR_MAX + 1];
637 union wpa_event_data event;
638
639 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
640 genlmsg_attrlen(gnlh, 0), NULL);
641
642 if (gnlh->cmd != NL80211_CMD_FRAME) {
643 wpa_printf(MSG_DEBUG, "nl80211: Unexpected beacon event? (%d)",
644 gnlh->cmd);
645 return NL_SKIP;
646 }
647
648 if (!tb[NL80211_ATTR_FRAME])
649 return NL_SKIP;
650
651 dl_list_for_each(drv, &w->drvs, struct wpa_driver_nl80211_data,
652 wiphy_list) {
653 os_memset(&event, 0, sizeof(event));
654 event.rx_mgmt.frame = nla_data(tb[NL80211_ATTR_FRAME]);
655 event.rx_mgmt.frame_len = nla_len(tb[NL80211_ATTR_FRAME]);
656 wpa_supplicant_event(drv->ctx, EVENT_RX_MGMT, &event);
657 }
658
659 return NL_SKIP;
660 }
661
662
663 static struct nl80211_wiphy_data *
nl80211_get_wiphy_data_ap(struct i802_bss * bss)664 nl80211_get_wiphy_data_ap(struct i802_bss *bss)
665 {
666 static DEFINE_DL_LIST(nl80211_wiphys);
667 struct nl80211_wiphy_data *w;
668 int wiphy_idx, found = 0;
669 struct i802_bss *tmp_bss;
670
671 if (bss->wiphy_data != NULL)
672 return bss->wiphy_data;
673
674 wiphy_idx = nl80211_get_wiphy_index(bss);
675
676 dl_list_for_each(w, &nl80211_wiphys, struct nl80211_wiphy_data, list) {
677 if (w->wiphy_idx == wiphy_idx)
678 goto add;
679 }
680
681 /* alloc new one */
682 w = os_zalloc(sizeof(*w));
683 if (w == NULL)
684 return NULL;
685 w->wiphy_idx = wiphy_idx;
686 dl_list_init(&w->bsss);
687 dl_list_init(&w->drvs);
688
689 w->nl_cb = nl_cb_alloc(NL_CB_DEFAULT);
690 if (!w->nl_cb) {
691 os_free(w);
692 return NULL;
693 }
694 nl_cb_set(w->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM, no_seq_check, NULL);
695 nl_cb_set(w->nl_cb, NL_CB_VALID, NL_CB_CUSTOM, process_beacon_event,
696 w);
697
698 w->nl_beacons = nl_create_handle(bss->drv->global->nl_cb,
699 "wiphy beacons");
700 if (w->nl_beacons == NULL) {
701 os_free(w);
702 return NULL;
703 }
704
705 if (nl80211_register_beacons(bss->drv, w)) {
706 nl_destroy_handles(&w->nl_beacons);
707 os_free(w);
708 return NULL;
709 }
710
711 nl80211_register_eloop_read(&w->nl_beacons, nl80211_recv_beacons, w);
712
713 dl_list_add(&nl80211_wiphys, &w->list);
714
715 add:
716 /* drv entry for this bss already there? */
717 dl_list_for_each(tmp_bss, &w->bsss, struct i802_bss, wiphy_list) {
718 if (tmp_bss->drv == bss->drv) {
719 found = 1;
720 break;
721 }
722 }
723 /* if not add it */
724 if (!found)
725 dl_list_add(&w->drvs, &bss->drv->wiphy_list);
726
727 dl_list_add(&w->bsss, &bss->wiphy_list);
728 bss->wiphy_data = w;
729 return w;
730 }
731
732
nl80211_put_wiphy_data_ap(struct i802_bss * bss)733 static void nl80211_put_wiphy_data_ap(struct i802_bss *bss)
734 {
735 struct nl80211_wiphy_data *w = bss->wiphy_data;
736 struct i802_bss *tmp_bss;
737 int found = 0;
738
739 if (w == NULL)
740 return;
741 bss->wiphy_data = NULL;
742 dl_list_del(&bss->wiphy_list);
743
744 /* still any for this drv present? */
745 dl_list_for_each(tmp_bss, &w->bsss, struct i802_bss, wiphy_list) {
746 if (tmp_bss->drv == bss->drv) {
747 found = 1;
748 break;
749 }
750 }
751 /* if not remove it */
752 if (!found)
753 dl_list_del(&bss->drv->wiphy_list);
754
755 if (!dl_list_empty(&w->bsss))
756 return;
757
758 nl80211_destroy_eloop_handle(&w->nl_beacons);
759
760 nl_cb_put(w->nl_cb);
761 dl_list_del(&w->list);
762 os_free(w);
763 }
764
765
nl80211_get_ifindex(void * priv)766 static unsigned int nl80211_get_ifindex(void *priv)
767 {
768 struct i802_bss *bss = priv;
769 struct wpa_driver_nl80211_data *drv = bss->drv;
770
771 return drv->ifindex;
772 }
773
774
wpa_driver_nl80211_get_bssid(void * priv,u8 * bssid)775 static int wpa_driver_nl80211_get_bssid(void *priv, u8 *bssid)
776 {
777 struct i802_bss *bss = priv;
778 struct wpa_driver_nl80211_data *drv = bss->drv;
779 if (!drv->associated)
780 return -1;
781 os_memcpy(bssid, drv->bssid, ETH_ALEN);
782 return 0;
783 }
784
785
wpa_driver_nl80211_get_ssid(void * priv,u8 * ssid)786 static int wpa_driver_nl80211_get_ssid(void *priv, u8 *ssid)
787 {
788 struct i802_bss *bss = priv;
789 struct wpa_driver_nl80211_data *drv = bss->drv;
790 if (!drv->associated)
791 return -1;
792 os_memcpy(ssid, drv->ssid, drv->ssid_len);
793 return drv->ssid_len;
794 }
795
796
wpa_driver_nl80211_event_newlink(struct nl80211_global * global,struct wpa_driver_nl80211_data * drv,int ifindex,const char * ifname)797 static void wpa_driver_nl80211_event_newlink(
798 struct nl80211_global *global, struct wpa_driver_nl80211_data *drv,
799 int ifindex, const char *ifname)
800 {
801 union wpa_event_data event;
802
803 if (drv && os_strcmp(drv->first_bss->ifname, ifname) == 0) {
804 if (if_nametoindex(drv->first_bss->ifname) == 0) {
805 wpa_printf(MSG_DEBUG, "nl80211: Interface %s does not exist - ignore RTM_NEWLINK",
806 drv->first_bss->ifname);
807 return;
808 }
809 if (!drv->if_removed)
810 return;
811 wpa_printf(MSG_DEBUG, "nl80211: Mark if_removed=0 for %s based on RTM_NEWLINK event",
812 drv->first_bss->ifname);
813 drv->if_removed = 0;
814 }
815
816 os_memset(&event, 0, sizeof(event));
817 event.interface_status.ifindex = ifindex;
818 os_strlcpy(event.interface_status.ifname, ifname,
819 sizeof(event.interface_status.ifname));
820 event.interface_status.ievent = EVENT_INTERFACE_ADDED;
821 if (drv)
822 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_STATUS, &event);
823 else
824 wpa_supplicant_event_global(global->ctx, EVENT_INTERFACE_STATUS,
825 &event);
826 }
827
828
wpa_driver_nl80211_event_dellink(struct nl80211_global * global,struct wpa_driver_nl80211_data * drv,int ifindex,const char * ifname)829 static void wpa_driver_nl80211_event_dellink(
830 struct nl80211_global *global, struct wpa_driver_nl80211_data *drv,
831 int ifindex, const char *ifname)
832 {
833 union wpa_event_data event;
834
835 if (drv && os_strcmp(drv->first_bss->ifname, ifname) == 0) {
836 if (drv->if_removed) {
837 wpa_printf(MSG_DEBUG, "nl80211: if_removed already set - ignore RTM_DELLINK event for %s",
838 ifname);
839 return;
840 }
841 wpa_printf(MSG_DEBUG, "RTM_DELLINK: Interface '%s' removed - mark if_removed=1",
842 ifname);
843 drv->if_removed = 1;
844 } else {
845 wpa_printf(MSG_DEBUG, "RTM_DELLINK: Interface '%s' removed",
846 ifname);
847 }
848
849 os_memset(&event, 0, sizeof(event));
850 event.interface_status.ifindex = ifindex;
851 os_strlcpy(event.interface_status.ifname, ifname,
852 sizeof(event.interface_status.ifname));
853 event.interface_status.ievent = EVENT_INTERFACE_REMOVED;
854 if (drv)
855 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_STATUS, &event);
856 else
857 wpa_supplicant_event_global(global->ctx, EVENT_INTERFACE_STATUS,
858 &event);
859 }
860
861
wpa_driver_nl80211_own_ifname(struct wpa_driver_nl80211_data * drv,u8 * buf,size_t len)862 static int wpa_driver_nl80211_own_ifname(struct wpa_driver_nl80211_data *drv,
863 u8 *buf, size_t len)
864 {
865 int attrlen, rta_len;
866 struct rtattr *attr;
867
868 attrlen = len;
869 attr = (struct rtattr *) buf;
870
871 rta_len = RTA_ALIGN(sizeof(struct rtattr));
872 while (RTA_OK(attr, attrlen)) {
873 if (attr->rta_type == IFLA_IFNAME) {
874 if (os_strcmp(((char *) attr) + rta_len,
875 drv->first_bss->ifname) == 0)
876 return 1;
877 else
878 break;
879 }
880 attr = RTA_NEXT(attr, attrlen);
881 }
882
883 return 0;
884 }
885
886
wpa_driver_nl80211_own_ifindex(struct wpa_driver_nl80211_data * drv,int ifindex,u8 * buf,size_t len)887 static int wpa_driver_nl80211_own_ifindex(struct wpa_driver_nl80211_data *drv,
888 int ifindex, u8 *buf, size_t len)
889 {
890 if (drv->ifindex == ifindex)
891 return 1;
892
893 if (drv->if_removed && wpa_driver_nl80211_own_ifname(drv, buf, len)) {
894 nl80211_check_global(drv->global);
895 wpa_printf(MSG_DEBUG, "nl80211: Update ifindex for a removed "
896 "interface");
897 wpa_driver_nl80211_finish_drv_init(drv, NULL, 0, NULL);
898 return 1;
899 }
900
901 return 0;
902 }
903
904
905 static struct wpa_driver_nl80211_data *
nl80211_find_drv(struct nl80211_global * global,int idx,u8 * buf,size_t len)906 nl80211_find_drv(struct nl80211_global *global, int idx, u8 *buf, size_t len)
907 {
908 struct wpa_driver_nl80211_data *drv;
909 dl_list_for_each(drv, &global->interfaces,
910 struct wpa_driver_nl80211_data, list) {
911 if (wpa_driver_nl80211_own_ifindex(drv, idx, buf, len) ||
912 have_ifidx(drv, idx, IFIDX_ANY))
913 return drv;
914 }
915 return NULL;
916 }
917
918
wpa_driver_nl80211_event_rtm_newlink(void * ctx,struct ifinfomsg * ifi,u8 * buf,size_t len)919 static void wpa_driver_nl80211_event_rtm_newlink(void *ctx,
920 struct ifinfomsg *ifi,
921 u8 *buf, size_t len)
922 {
923 struct nl80211_global *global = ctx;
924 struct wpa_driver_nl80211_data *drv;
925 int attrlen;
926 struct rtattr *attr;
927 u32 brid = 0;
928 char namebuf[IFNAMSIZ];
929 char ifname[IFNAMSIZ + 1];
930 char extra[100], *pos, *end;
931
932 extra[0] = '\0';
933 pos = extra;
934 end = pos + sizeof(extra);
935 ifname[0] = '\0';
936
937 attrlen = len;
938 attr = (struct rtattr *) buf;
939 while (RTA_OK(attr, attrlen)) {
940 switch (attr->rta_type) {
941 case IFLA_IFNAME:
942 if (RTA_PAYLOAD(attr) >= IFNAMSIZ)
943 break;
944 os_memcpy(ifname, RTA_DATA(attr), RTA_PAYLOAD(attr));
945 ifname[RTA_PAYLOAD(attr)] = '\0';
946 break;
947 case IFLA_MASTER:
948 brid = nla_get_u32((struct nlattr *) attr);
949 pos += os_snprintf(pos, end - pos, " master=%u", brid);
950 break;
951 case IFLA_WIRELESS:
952 pos += os_snprintf(pos, end - pos, " wext");
953 break;
954 case IFLA_OPERSTATE:
955 pos += os_snprintf(pos, end - pos, " operstate=%u",
956 nla_get_u32((struct nlattr *) attr));
957 break;
958 case IFLA_LINKMODE:
959 pos += os_snprintf(pos, end - pos, " linkmode=%u",
960 nla_get_u32((struct nlattr *) attr));
961 break;
962 }
963 attr = RTA_NEXT(attr, attrlen);
964 }
965 extra[sizeof(extra) - 1] = '\0';
966
967 wpa_printf(MSG_DEBUG, "RTM_NEWLINK: ifi_index=%d ifname=%s%s ifi_family=%d ifi_flags=0x%x (%s%s%s%s)",
968 ifi->ifi_index, ifname, extra, ifi->ifi_family,
969 ifi->ifi_flags,
970 (ifi->ifi_flags & IFF_UP) ? "[UP]" : "",
971 (ifi->ifi_flags & IFF_RUNNING) ? "[RUNNING]" : "",
972 (ifi->ifi_flags & IFF_LOWER_UP) ? "[LOWER_UP]" : "",
973 (ifi->ifi_flags & IFF_DORMANT) ? "[DORMANT]" : "");
974
975 drv = nl80211_find_drv(global, ifi->ifi_index, buf, len);
976 if (!drv)
977 goto event_newlink;
978
979 if (!drv->if_disabled && !(ifi->ifi_flags & IFF_UP)) {
980 namebuf[0] = '\0';
981 if (if_indextoname(ifi->ifi_index, namebuf) &&
982 linux_iface_up(drv->global->ioctl_sock, namebuf) > 0) {
983 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface down "
984 "event since interface %s is up", namebuf);
985 drv->ignore_if_down_event = 0;
986 return;
987 }
988 wpa_printf(MSG_DEBUG, "nl80211: Interface down (%s/%s)",
989 namebuf, ifname);
990 if (os_strcmp(drv->first_bss->ifname, ifname) != 0) {
991 wpa_printf(MSG_DEBUG,
992 "nl80211: Not the main interface (%s) - do not indicate interface down",
993 drv->first_bss->ifname);
994 } else if (drv->ignore_if_down_event) {
995 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface down "
996 "event generated by mode change");
997 drv->ignore_if_down_event = 0;
998 } else {
999 drv->if_disabled = 1;
1000 wpa_supplicant_event(drv->ctx,
1001 EVENT_INTERFACE_DISABLED, NULL);
1002
1003 /*
1004 * Try to get drv again, since it may be removed as
1005 * part of the EVENT_INTERFACE_DISABLED handling for
1006 * dynamic interfaces
1007 */
1008 drv = nl80211_find_drv(global, ifi->ifi_index,
1009 buf, len);
1010 if (!drv)
1011 return;
1012 }
1013 }
1014
1015 if (drv->if_disabled && (ifi->ifi_flags & IFF_UP)) {
1016 if (if_indextoname(ifi->ifi_index, namebuf) &&
1017 linux_iface_up(drv->global->ioctl_sock, namebuf) == 0) {
1018 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface up "
1019 "event since interface %s is down",
1020 namebuf);
1021 } else if (if_nametoindex(drv->first_bss->ifname) == 0) {
1022 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface up "
1023 "event since interface %s does not exist",
1024 drv->first_bss->ifname);
1025 } else if (drv->if_removed) {
1026 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface up "
1027 "event since interface %s is marked "
1028 "removed", drv->first_bss->ifname);
1029 } else {
1030 struct i802_bss *bss;
1031 u8 addr[ETH_ALEN];
1032
1033 /* Re-read MAC address as it may have changed */
1034 bss = get_bss_ifindex(drv, ifi->ifi_index);
1035 if (bss &&
1036 linux_get_ifhwaddr(drv->global->ioctl_sock,
1037 bss->ifname, addr) < 0) {
1038 wpa_printf(MSG_DEBUG,
1039 "nl80211: %s: failed to re-read MAC address",
1040 bss->ifname);
1041 } else if (bss &&
1042 os_memcmp(addr, bss->addr, ETH_ALEN) != 0) {
1043 wpa_printf(MSG_DEBUG,
1044 "nl80211: Own MAC address on ifindex %d (%s) changed from "
1045 MACSTR " to " MACSTR,
1046 ifi->ifi_index, bss->ifname,
1047 MAC2STR(bss->addr),
1048 MAC2STR(addr));
1049 os_memcpy(bss->addr, addr, ETH_ALEN);
1050 }
1051
1052 wpa_printf(MSG_DEBUG, "nl80211: Interface up");
1053 drv->if_disabled = 0;
1054 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_ENABLED,
1055 NULL);
1056 }
1057 }
1058
1059 /*
1060 * Some drivers send the association event before the operup event--in
1061 * this case, lifting operstate in wpa_driver_nl80211_set_operstate()
1062 * fails. This will hit us when wpa_supplicant does not need to do
1063 * IEEE 802.1X authentication
1064 */
1065 if (drv->operstate == 1 &&
1066 (ifi->ifi_flags & (IFF_LOWER_UP | IFF_DORMANT)) == IFF_LOWER_UP &&
1067 !(ifi->ifi_flags & IFF_RUNNING)) {
1068 wpa_printf(MSG_DEBUG, "nl80211: Set IF_OPER_UP again based on ifi_flags and expected operstate");
1069 netlink_send_oper_ifla(drv->global->netlink, drv->ifindex,
1070 -1, IF_OPER_UP);
1071 }
1072
1073 event_newlink:
1074 if (ifname[0])
1075 wpa_driver_nl80211_event_newlink(global, drv, ifi->ifi_index,
1076 ifname);
1077
1078 if (ifi->ifi_family == AF_BRIDGE && brid && drv) {
1079 struct i802_bss *bss;
1080
1081 /* device has been added to bridge */
1082 if (!if_indextoname(brid, namebuf)) {
1083 wpa_printf(MSG_DEBUG,
1084 "nl80211: Could not find bridge ifname for ifindex %u",
1085 brid);
1086 return;
1087 }
1088 wpa_printf(MSG_DEBUG, "nl80211: Add ifindex %u for bridge %s",
1089 brid, namebuf);
1090 add_ifidx(drv, brid, ifi->ifi_index);
1091
1092 for (bss = drv->first_bss; bss; bss = bss->next) {
1093 if (os_strcmp(ifname, bss->ifname) == 0) {
1094 os_strlcpy(bss->brname, namebuf, IFNAMSIZ);
1095 break;
1096 }
1097 }
1098 }
1099 }
1100
1101
wpa_driver_nl80211_event_rtm_dellink(void * ctx,struct ifinfomsg * ifi,u8 * buf,size_t len)1102 static void wpa_driver_nl80211_event_rtm_dellink(void *ctx,
1103 struct ifinfomsg *ifi,
1104 u8 *buf, size_t len)
1105 {
1106 struct nl80211_global *global = ctx;
1107 struct wpa_driver_nl80211_data *drv;
1108 int attrlen;
1109 struct rtattr *attr;
1110 u32 brid = 0;
1111 char ifname[IFNAMSIZ + 1];
1112 char extra[100], *pos, *end;
1113
1114 extra[0] = '\0';
1115 pos = extra;
1116 end = pos + sizeof(extra);
1117 ifname[0] = '\0';
1118
1119 attrlen = len;
1120 attr = (struct rtattr *) buf;
1121 while (RTA_OK(attr, attrlen)) {
1122 switch (attr->rta_type) {
1123 case IFLA_IFNAME:
1124 if (RTA_PAYLOAD(attr) >= IFNAMSIZ)
1125 break;
1126 os_memcpy(ifname, RTA_DATA(attr), RTA_PAYLOAD(attr));
1127 ifname[RTA_PAYLOAD(attr)] = '\0';
1128 break;
1129 case IFLA_MASTER:
1130 brid = nla_get_u32((struct nlattr *) attr);
1131 pos += os_snprintf(pos, end - pos, " master=%u", brid);
1132 break;
1133 case IFLA_OPERSTATE:
1134 pos += os_snprintf(pos, end - pos, " operstate=%u",
1135 nla_get_u32((struct nlattr *) attr));
1136 break;
1137 case IFLA_LINKMODE:
1138 pos += os_snprintf(pos, end - pos, " linkmode=%u",
1139 nla_get_u32((struct nlattr *) attr));
1140 break;
1141 }
1142 attr = RTA_NEXT(attr, attrlen);
1143 }
1144 extra[sizeof(extra) - 1] = '\0';
1145
1146 wpa_printf(MSG_DEBUG, "RTM_DELLINK: ifi_index=%d ifname=%s%s ifi_family=%d ifi_flags=0x%x (%s%s%s%s)",
1147 ifi->ifi_index, ifname, extra, ifi->ifi_family,
1148 ifi->ifi_flags,
1149 (ifi->ifi_flags & IFF_UP) ? "[UP]" : "",
1150 (ifi->ifi_flags & IFF_RUNNING) ? "[RUNNING]" : "",
1151 (ifi->ifi_flags & IFF_LOWER_UP) ? "[LOWER_UP]" : "",
1152 (ifi->ifi_flags & IFF_DORMANT) ? "[DORMANT]" : "");
1153
1154 drv = nl80211_find_drv(global, ifi->ifi_index, buf, len);
1155
1156 if (ifi->ifi_family == AF_BRIDGE && brid && drv) {
1157 /* device has been removed from bridge */
1158 char namebuf[IFNAMSIZ];
1159
1160 if (!if_indextoname(brid, namebuf)) {
1161 wpa_printf(MSG_DEBUG,
1162 "nl80211: Could not find bridge ifname for ifindex %u",
1163 brid);
1164 } else {
1165 wpa_printf(MSG_DEBUG,
1166 "nl80211: Remove ifindex %u for bridge %s",
1167 brid, namebuf);
1168 }
1169 del_ifidx(drv, brid, ifi->ifi_index);
1170 }
1171
1172 if (ifi->ifi_family != AF_BRIDGE || !brid)
1173 wpa_driver_nl80211_event_dellink(global, drv, ifi->ifi_index,
1174 ifname);
1175 }
1176
1177
nl80211_get_assoc_freq(struct wpa_driver_nl80211_data * drv)1178 unsigned int nl80211_get_assoc_freq(struct wpa_driver_nl80211_data *drv)
1179 {
1180 struct nl_msg *msg;
1181 int ret;
1182 struct nl80211_bss_info_arg arg;
1183
1184 msg = nl80211_drv_msg(drv, NLM_F_DUMP, NL80211_CMD_GET_SCAN);
1185 os_memset(&arg, 0, sizeof(arg));
1186 arg.drv = drv;
1187 ret = send_and_recv_msgs(drv, msg, bss_info_handler, &arg);
1188 if (ret == 0) {
1189 unsigned int freq = drv->nlmode == NL80211_IFTYPE_ADHOC ?
1190 arg.ibss_freq : arg.assoc_freq;
1191 wpa_printf(MSG_DEBUG, "nl80211: Operating frequency for the "
1192 "associated BSS from scan results: %u MHz", freq);
1193 if (freq)
1194 drv->assoc_freq = freq;
1195 return drv->assoc_freq;
1196 }
1197 wpa_printf(MSG_DEBUG, "nl80211: Scan result fetch failed: ret=%d "
1198 "(%s)", ret, strerror(-ret));
1199 return drv->assoc_freq;
1200 }
1201
1202
get_link_signal(struct nl_msg * msg,void * arg)1203 static int get_link_signal(struct nl_msg *msg, void *arg)
1204 {
1205 struct nlattr *tb[NL80211_ATTR_MAX + 1];
1206 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
1207 struct nlattr *sinfo[NL80211_STA_INFO_MAX + 1];
1208 static struct nla_policy policy[NL80211_STA_INFO_MAX + 1] = {
1209 [NL80211_STA_INFO_SIGNAL] = { .type = NLA_U8 },
1210 [NL80211_STA_INFO_SIGNAL_AVG] = { .type = NLA_U8 },
1211 [NL80211_STA_INFO_BEACON_SIGNAL_AVG] = { .type = NLA_U8 },
1212 };
1213 struct nlattr *rinfo[NL80211_RATE_INFO_MAX + 1];
1214 static struct nla_policy rate_policy[NL80211_RATE_INFO_MAX + 1] = {
1215 [NL80211_RATE_INFO_BITRATE] = { .type = NLA_U16 },
1216 [NL80211_RATE_INFO_MCS] = { .type = NLA_U8 },
1217 [NL80211_RATE_INFO_40_MHZ_WIDTH] = { .type = NLA_FLAG },
1218 [NL80211_RATE_INFO_SHORT_GI] = { .type = NLA_FLAG },
1219 };
1220 struct wpa_signal_info *sig_change = arg;
1221
1222 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
1223 genlmsg_attrlen(gnlh, 0), NULL);
1224 if (!tb[NL80211_ATTR_STA_INFO] ||
1225 nla_parse_nested(sinfo, NL80211_STA_INFO_MAX,
1226 tb[NL80211_ATTR_STA_INFO], policy))
1227 return NL_SKIP;
1228 if (!sinfo[NL80211_STA_INFO_SIGNAL])
1229 return NL_SKIP;
1230
1231 sig_change->current_signal =
1232 (s8) nla_get_u8(sinfo[NL80211_STA_INFO_SIGNAL]);
1233
1234 if (sinfo[NL80211_STA_INFO_SIGNAL_AVG])
1235 sig_change->avg_signal =
1236 (s8) nla_get_u8(sinfo[NL80211_STA_INFO_SIGNAL_AVG]);
1237 else
1238 sig_change->avg_signal = 0;
1239
1240 if (sinfo[NL80211_STA_INFO_BEACON_SIGNAL_AVG])
1241 sig_change->avg_beacon_signal =
1242 (s8)
1243 nla_get_u8(sinfo[NL80211_STA_INFO_BEACON_SIGNAL_AVG]);
1244 else
1245 sig_change->avg_beacon_signal = 0;
1246
1247 if (sinfo[NL80211_STA_INFO_TX_BITRATE]) {
1248 if (nla_parse_nested(rinfo, NL80211_RATE_INFO_MAX,
1249 sinfo[NL80211_STA_INFO_TX_BITRATE],
1250 rate_policy)) {
1251 sig_change->current_txrate = 0;
1252 } else {
1253 if (rinfo[NL80211_RATE_INFO_BITRATE]) {
1254 sig_change->current_txrate =
1255 nla_get_u16(rinfo[
1256 NL80211_RATE_INFO_BITRATE]) * 100;
1257 }
1258 }
1259 }
1260
1261 return NL_SKIP;
1262 }
1263
1264
nl80211_get_link_signal(struct wpa_driver_nl80211_data * drv,struct wpa_signal_info * sig)1265 int nl80211_get_link_signal(struct wpa_driver_nl80211_data *drv,
1266 struct wpa_signal_info *sig)
1267 {
1268 struct nl_msg *msg;
1269
1270 sig->current_signal = -9999;
1271 sig->current_txrate = 0;
1272
1273 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_GET_STATION)) ||
1274 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, drv->bssid)) {
1275 nlmsg_free(msg);
1276 return -ENOBUFS;
1277 }
1278
1279 return send_and_recv_msgs(drv, msg, get_link_signal, sig);
1280 }
1281
1282
get_link_noise(struct nl_msg * msg,void * arg)1283 static int get_link_noise(struct nl_msg *msg, void *arg)
1284 {
1285 struct nlattr *tb[NL80211_ATTR_MAX + 1];
1286 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
1287 struct nlattr *sinfo[NL80211_SURVEY_INFO_MAX + 1];
1288 static struct nla_policy survey_policy[NL80211_SURVEY_INFO_MAX + 1] = {
1289 [NL80211_SURVEY_INFO_FREQUENCY] = { .type = NLA_U32 },
1290 [NL80211_SURVEY_INFO_NOISE] = { .type = NLA_U8 },
1291 };
1292 struct wpa_signal_info *sig_change = arg;
1293
1294 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
1295 genlmsg_attrlen(gnlh, 0), NULL);
1296
1297 if (!tb[NL80211_ATTR_SURVEY_INFO]) {
1298 wpa_printf(MSG_DEBUG, "nl80211: survey data missing!");
1299 return NL_SKIP;
1300 }
1301
1302 if (nla_parse_nested(sinfo, NL80211_SURVEY_INFO_MAX,
1303 tb[NL80211_ATTR_SURVEY_INFO],
1304 survey_policy)) {
1305 wpa_printf(MSG_DEBUG, "nl80211: failed to parse nested "
1306 "attributes!");
1307 return NL_SKIP;
1308 }
1309
1310 if (!sinfo[NL80211_SURVEY_INFO_FREQUENCY])
1311 return NL_SKIP;
1312
1313 if (nla_get_u32(sinfo[NL80211_SURVEY_INFO_FREQUENCY]) !=
1314 sig_change->frequency)
1315 return NL_SKIP;
1316
1317 if (!sinfo[NL80211_SURVEY_INFO_NOISE])
1318 return NL_SKIP;
1319
1320 sig_change->current_noise =
1321 (s8) nla_get_u8(sinfo[NL80211_SURVEY_INFO_NOISE]);
1322
1323 return NL_SKIP;
1324 }
1325
1326
nl80211_get_link_noise(struct wpa_driver_nl80211_data * drv,struct wpa_signal_info * sig_change)1327 int nl80211_get_link_noise(struct wpa_driver_nl80211_data *drv,
1328 struct wpa_signal_info *sig_change)
1329 {
1330 struct nl_msg *msg;
1331
1332 sig_change->current_noise = 9999;
1333 sig_change->frequency = drv->assoc_freq;
1334
1335 msg = nl80211_drv_msg(drv, NLM_F_DUMP, NL80211_CMD_GET_SURVEY);
1336 return send_and_recv_msgs(drv, msg, get_link_noise, sig_change);
1337 }
1338
1339
wpa_driver_nl80211_event_receive(int sock,void * eloop_ctx,void * handle)1340 static void wpa_driver_nl80211_event_receive(int sock, void *eloop_ctx,
1341 void *handle)
1342 {
1343 struct nl_cb *cb = eloop_ctx;
1344 int res;
1345
1346 wpa_printf(MSG_MSGDUMP, "nl80211: Event message available");
1347
1348 res = nl_recvmsgs(handle, cb);
1349 if (res < 0) {
1350 wpa_printf(MSG_INFO, "nl80211: %s->nl_recvmsgs failed: %d",
1351 __func__, res);
1352 }
1353 }
1354
1355
1356 /**
1357 * wpa_driver_nl80211_set_country - ask nl80211 to set the regulatory domain
1358 * @priv: driver_nl80211 private data
1359 * @alpha2_arg: country to which to switch to
1360 * Returns: 0 on success, -1 on failure
1361 *
1362 * This asks nl80211 to set the regulatory domain for given
1363 * country ISO / IEC alpha2.
1364 */
wpa_driver_nl80211_set_country(void * priv,const char * alpha2_arg)1365 static int wpa_driver_nl80211_set_country(void *priv, const char *alpha2_arg)
1366 {
1367 struct i802_bss *bss = priv;
1368 struct wpa_driver_nl80211_data *drv = bss->drv;
1369 char alpha2[3];
1370 struct nl_msg *msg;
1371
1372 msg = nlmsg_alloc();
1373 if (!msg)
1374 return -ENOMEM;
1375
1376 alpha2[0] = alpha2_arg[0];
1377 alpha2[1] = alpha2_arg[1];
1378 alpha2[2] = '\0';
1379
1380 if (!nl80211_cmd(drv, msg, 0, NL80211_CMD_REQ_SET_REG) ||
1381 nla_put_string(msg, NL80211_ATTR_REG_ALPHA2, alpha2)) {
1382 nlmsg_free(msg);
1383 return -EINVAL;
1384 }
1385 if (send_and_recv_msgs(drv, msg, NULL, NULL))
1386 return -EINVAL;
1387 return 0;
1388 }
1389
1390
nl80211_get_country(struct nl_msg * msg,void * arg)1391 static int nl80211_get_country(struct nl_msg *msg, void *arg)
1392 {
1393 char *alpha2 = arg;
1394 struct nlattr *tb_msg[NL80211_ATTR_MAX + 1];
1395 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
1396
1397 nla_parse(tb_msg, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
1398 genlmsg_attrlen(gnlh, 0), NULL);
1399 if (!tb_msg[NL80211_ATTR_REG_ALPHA2]) {
1400 wpa_printf(MSG_DEBUG, "nl80211: No country information available");
1401 return NL_SKIP;
1402 }
1403 os_strlcpy(alpha2, nla_data(tb_msg[NL80211_ATTR_REG_ALPHA2]), 3);
1404 return NL_SKIP;
1405 }
1406
1407
wpa_driver_nl80211_get_country(void * priv,char * alpha2)1408 static int wpa_driver_nl80211_get_country(void *priv, char *alpha2)
1409 {
1410 struct i802_bss *bss = priv;
1411 struct wpa_driver_nl80211_data *drv = bss->drv;
1412 struct nl_msg *msg;
1413 int ret;
1414
1415 msg = nlmsg_alloc();
1416 if (!msg)
1417 return -ENOMEM;
1418
1419 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_REG);
1420 alpha2[0] = '\0';
1421 ret = send_and_recv_msgs(drv, msg, nl80211_get_country, alpha2);
1422 if (!alpha2[0])
1423 ret = -1;
1424
1425 return ret;
1426 }
1427
1428
wpa_driver_nl80211_init_nl_global(struct nl80211_global * global)1429 static int wpa_driver_nl80211_init_nl_global(struct nl80211_global *global)
1430 {
1431 int ret;
1432
1433 global->nl_cb = nl_cb_alloc(NL_CB_DEFAULT);
1434 if (global->nl_cb == NULL) {
1435 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate netlink "
1436 "callbacks");
1437 return -1;
1438 }
1439
1440 global->nl = nl_create_handle(global->nl_cb, "nl");
1441 if (global->nl == NULL)
1442 goto err;
1443
1444 global->nl80211_id = genl_ctrl_resolve(global->nl, "nl80211");
1445 if (global->nl80211_id < 0) {
1446 wpa_printf(MSG_ERROR, "nl80211: 'nl80211' generic netlink not "
1447 "found");
1448 goto err;
1449 }
1450
1451 global->nl_event = nl_create_handle(global->nl_cb, "event");
1452 if (global->nl_event == NULL)
1453 goto err;
1454
1455 ret = nl_get_multicast_id(global, "nl80211", "scan");
1456 if (ret >= 0)
1457 ret = nl_socket_add_membership(global->nl_event, ret);
1458 if (ret < 0) {
1459 wpa_printf(MSG_ERROR, "nl80211: Could not add multicast "
1460 "membership for scan events: %d (%s)",
1461 ret, strerror(-ret));
1462 goto err;
1463 }
1464
1465 ret = nl_get_multicast_id(global, "nl80211", "mlme");
1466 if (ret >= 0)
1467 ret = nl_socket_add_membership(global->nl_event, ret);
1468 if (ret < 0) {
1469 wpa_printf(MSG_ERROR, "nl80211: Could not add multicast "
1470 "membership for mlme events: %d (%s)",
1471 ret, strerror(-ret));
1472 goto err;
1473 }
1474
1475 ret = nl_get_multicast_id(global, "nl80211", "regulatory");
1476 if (ret >= 0)
1477 ret = nl_socket_add_membership(global->nl_event, ret);
1478 if (ret < 0) {
1479 wpa_printf(MSG_DEBUG, "nl80211: Could not add multicast "
1480 "membership for regulatory events: %d (%s)",
1481 ret, strerror(-ret));
1482 /* Continue without regulatory events */
1483 }
1484
1485 ret = nl_get_multicast_id(global, "nl80211", "vendor");
1486 if (ret >= 0)
1487 ret = nl_socket_add_membership(global->nl_event, ret);
1488 if (ret < 0) {
1489 wpa_printf(MSG_DEBUG, "nl80211: Could not add multicast "
1490 "membership for vendor events: %d (%s)",
1491 ret, strerror(-ret));
1492 /* Continue without vendor events */
1493 }
1494
1495 nl_cb_set(global->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM,
1496 no_seq_check, NULL);
1497 nl_cb_set(global->nl_cb, NL_CB_VALID, NL_CB_CUSTOM,
1498 process_global_event, global);
1499
1500 nl80211_register_eloop_read(&global->nl_event,
1501 wpa_driver_nl80211_event_receive,
1502 global->nl_cb);
1503
1504 return 0;
1505
1506 err:
1507 nl_destroy_handles(&global->nl_event);
1508 nl_destroy_handles(&global->nl);
1509 nl_cb_put(global->nl_cb);
1510 global->nl_cb = NULL;
1511 return -1;
1512 }
1513
1514
nl80211_check_global(struct nl80211_global * global)1515 static void nl80211_check_global(struct nl80211_global *global)
1516 {
1517 struct nl_handle *handle;
1518 const char *groups[] = { "scan", "mlme", "regulatory", "vendor", NULL };
1519 int ret;
1520 unsigned int i;
1521
1522 /*
1523 * Try to re-add memberships to handle case of cfg80211 getting reloaded
1524 * and all registration having been cleared.
1525 */
1526 handle = (void *) (((intptr_t) global->nl_event) ^
1527 ELOOP_SOCKET_INVALID);
1528
1529 for (i = 0; groups[i]; i++) {
1530 ret = nl_get_multicast_id(global, "nl80211", groups[i]);
1531 if (ret >= 0)
1532 ret = nl_socket_add_membership(handle, ret);
1533 if (ret < 0) {
1534 wpa_printf(MSG_INFO,
1535 "nl80211: Could not re-add multicast membership for %s events: %d (%s)",
1536 groups[i], ret, strerror(-ret));
1537 }
1538 }
1539 }
1540
1541
wpa_driver_nl80211_rfkill_blocked(void * ctx)1542 static void wpa_driver_nl80211_rfkill_blocked(void *ctx)
1543 {
1544 struct wpa_driver_nl80211_data *drv = ctx;
1545
1546 wpa_printf(MSG_DEBUG, "nl80211: RFKILL blocked");
1547
1548 /*
1549 * rtnetlink ifdown handler will report interfaces other than the P2P
1550 * Device interface as disabled.
1551 */
1552 if (drv->nlmode == NL80211_IFTYPE_P2P_DEVICE)
1553 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_DISABLED, NULL);
1554 }
1555
1556
wpa_driver_nl80211_rfkill_unblocked(void * ctx)1557 static void wpa_driver_nl80211_rfkill_unblocked(void *ctx)
1558 {
1559 struct wpa_driver_nl80211_data *drv = ctx;
1560 wpa_printf(MSG_DEBUG, "nl80211: RFKILL unblocked");
1561 if (i802_set_iface_flags(drv->first_bss, 1)) {
1562 wpa_printf(MSG_DEBUG, "nl80211: Could not set interface UP "
1563 "after rfkill unblock");
1564 return;
1565 }
1566
1567 if (is_p2p_net_interface(drv->nlmode))
1568 nl80211_disable_11b_rates(drv, drv->ifindex, 1);
1569
1570 /*
1571 * rtnetlink ifup handler will report interfaces other than the P2P
1572 * Device interface as enabled.
1573 */
1574 if (drv->nlmode == NL80211_IFTYPE_P2P_DEVICE)
1575 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_ENABLED, NULL);
1576 }
1577
1578
wpa_driver_nl80211_handle_eapol_tx_status(int sock,void * eloop_ctx,void * handle)1579 static void wpa_driver_nl80211_handle_eapol_tx_status(int sock,
1580 void *eloop_ctx,
1581 void *handle)
1582 {
1583 struct wpa_driver_nl80211_data *drv = eloop_ctx;
1584 u8 data[2048];
1585 struct msghdr msg;
1586 struct iovec entry;
1587 u8 control[512];
1588 struct cmsghdr *cmsg;
1589 int res, found_ee = 0, found_wifi = 0, acked = 0;
1590 union wpa_event_data event;
1591
1592 memset(&msg, 0, sizeof(msg));
1593 msg.msg_iov = &entry;
1594 msg.msg_iovlen = 1;
1595 entry.iov_base = data;
1596 entry.iov_len = sizeof(data);
1597 msg.msg_control = &control;
1598 msg.msg_controllen = sizeof(control);
1599
1600 res = recvmsg(sock, &msg, MSG_ERRQUEUE);
1601 /* if error or not fitting 802.3 header, return */
1602 if (res < 14)
1603 return;
1604
1605 for (cmsg = CMSG_FIRSTHDR(&msg); cmsg; cmsg = CMSG_NXTHDR(&msg, cmsg))
1606 {
1607 if (cmsg->cmsg_level == SOL_SOCKET &&
1608 cmsg->cmsg_type == SCM_WIFI_STATUS) {
1609 int *ack;
1610
1611 found_wifi = 1;
1612 ack = (void *)CMSG_DATA(cmsg);
1613 acked = *ack;
1614 }
1615
1616 if (cmsg->cmsg_level == SOL_PACKET &&
1617 cmsg->cmsg_type == PACKET_TX_TIMESTAMP) {
1618 struct sock_extended_err *err =
1619 (struct sock_extended_err *)CMSG_DATA(cmsg);
1620
1621 if (err->ee_origin == SO_EE_ORIGIN_TXSTATUS)
1622 found_ee = 1;
1623 }
1624 }
1625
1626 if (!found_ee || !found_wifi)
1627 return;
1628
1629 memset(&event, 0, sizeof(event));
1630 event.eapol_tx_status.dst = data;
1631 event.eapol_tx_status.data = data + 14;
1632 event.eapol_tx_status.data_len = res - 14;
1633 event.eapol_tx_status.ack = acked;
1634 wpa_supplicant_event(drv->ctx, EVENT_EAPOL_TX_STATUS, &event);
1635 }
1636
1637
nl80211_init_bss(struct i802_bss * bss)1638 static int nl80211_init_bss(struct i802_bss *bss)
1639 {
1640 bss->nl_cb = nl_cb_alloc(NL_CB_DEFAULT);
1641 if (!bss->nl_cb)
1642 return -1;
1643
1644 nl_cb_set(bss->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM,
1645 no_seq_check, NULL);
1646 nl_cb_set(bss->nl_cb, NL_CB_VALID, NL_CB_CUSTOM,
1647 process_bss_event, bss);
1648
1649 return 0;
1650 }
1651
1652
nl80211_destroy_bss(struct i802_bss * bss)1653 static void nl80211_destroy_bss(struct i802_bss *bss)
1654 {
1655 nl_cb_put(bss->nl_cb);
1656 bss->nl_cb = NULL;
1657 }
1658
1659
1660 static void
wpa_driver_nl80211_drv_init_rfkill(struct wpa_driver_nl80211_data * drv)1661 wpa_driver_nl80211_drv_init_rfkill(struct wpa_driver_nl80211_data *drv)
1662 {
1663 struct rfkill_config *rcfg;
1664
1665 if (drv->rfkill)
1666 return;
1667
1668 rcfg = os_zalloc(sizeof(*rcfg));
1669 if (!rcfg)
1670 return;
1671
1672 rcfg->ctx = drv;
1673
1674 /* rfkill uses netdev sysfs for initialization. However, P2P Device is
1675 * not associated with a netdev, so use the name of some other interface
1676 * sharing the same wiphy as the P2P Device interface.
1677 *
1678 * Note: This is valid, as a P2P Device interface is always dynamically
1679 * created and is created only once another wpa_s interface was added.
1680 */
1681 if (drv->nlmode == NL80211_IFTYPE_P2P_DEVICE) {
1682 struct nl80211_global *global = drv->global;
1683 struct wpa_driver_nl80211_data *tmp1;
1684
1685 dl_list_for_each(tmp1, &global->interfaces,
1686 struct wpa_driver_nl80211_data, list) {
1687 if (drv == tmp1 || drv->wiphy_idx != tmp1->wiphy_idx ||
1688 !tmp1->rfkill)
1689 continue;
1690
1691 wpa_printf(MSG_DEBUG,
1692 "nl80211: Use (%s) to initialize P2P Device rfkill",
1693 tmp1->first_bss->ifname);
1694 os_strlcpy(rcfg->ifname, tmp1->first_bss->ifname,
1695 sizeof(rcfg->ifname));
1696 break;
1697 }
1698 } else {
1699 os_strlcpy(rcfg->ifname, drv->first_bss->ifname,
1700 sizeof(rcfg->ifname));
1701 }
1702
1703 rcfg->blocked_cb = wpa_driver_nl80211_rfkill_blocked;
1704 rcfg->unblocked_cb = wpa_driver_nl80211_rfkill_unblocked;
1705 drv->rfkill = rfkill_init(rcfg);
1706 if (!drv->rfkill) {
1707 wpa_printf(MSG_DEBUG, "nl80211: RFKILL status not available");
1708 os_free(rcfg);
1709 }
1710 }
1711
1712
wpa_driver_nl80211_drv_init(void * ctx,const char * ifname,void * global_priv,int hostapd,const u8 * set_addr,const char * driver_params)1713 static void * wpa_driver_nl80211_drv_init(void *ctx, const char *ifname,
1714 void *global_priv, int hostapd,
1715 const u8 *set_addr,
1716 const char *driver_params)
1717 {
1718 struct wpa_driver_nl80211_data *drv;
1719 struct i802_bss *bss;
1720
1721 if (global_priv == NULL)
1722 return NULL;
1723 drv = os_zalloc(sizeof(*drv));
1724 if (drv == NULL)
1725 return NULL;
1726 drv->global = global_priv;
1727 drv->ctx = ctx;
1728 drv->hostapd = !!hostapd;
1729 drv->eapol_sock = -1;
1730
1731 /*
1732 * There is no driver capability flag for this, so assume it is
1733 * supported and disable this on first attempt to use if the driver
1734 * rejects the command due to missing support.
1735 */
1736 drv->set_rekey_offload = 1;
1737
1738 drv->num_if_indices = sizeof(drv->default_if_indices) / sizeof(int);
1739 drv->if_indices = drv->default_if_indices;
1740 drv->if_indices_reason = drv->default_if_indices_reason;
1741
1742 drv->first_bss = os_zalloc(sizeof(*drv->first_bss));
1743 if (!drv->first_bss) {
1744 os_free(drv);
1745 return NULL;
1746 }
1747 bss = drv->first_bss;
1748 bss->drv = drv;
1749 bss->ctx = ctx;
1750
1751 os_strlcpy(bss->ifname, ifname, sizeof(bss->ifname));
1752 drv->monitor_ifidx = -1;
1753 drv->monitor_sock = -1;
1754 drv->eapol_tx_sock = -1;
1755 drv->ap_scan_as_station = NL80211_IFTYPE_UNSPECIFIED;
1756
1757 if (nl80211_init_bss(bss))
1758 goto failed;
1759
1760 if (wpa_driver_nl80211_finish_drv_init(drv, set_addr, 1, driver_params))
1761 goto failed;
1762
1763 drv->eapol_tx_sock = socket(PF_PACKET, SOCK_DGRAM, 0);
1764 if (drv->eapol_tx_sock < 0)
1765 goto failed;
1766
1767 if (drv->data_tx_status) {
1768 int enabled = 1;
1769
1770 if (setsockopt(drv->eapol_tx_sock, SOL_SOCKET, SO_WIFI_STATUS,
1771 &enabled, sizeof(enabled)) < 0) {
1772 wpa_printf(MSG_DEBUG,
1773 "nl80211: wifi status sockopt failed\n");
1774 drv->data_tx_status = 0;
1775 if (!drv->use_monitor)
1776 drv->capa.flags &=
1777 ~WPA_DRIVER_FLAGS_EAPOL_TX_STATUS;
1778 } else {
1779 eloop_register_read_sock(drv->eapol_tx_sock,
1780 wpa_driver_nl80211_handle_eapol_tx_status,
1781 drv, NULL);
1782 }
1783 }
1784
1785 if (drv->global) {
1786 nl80211_check_global(drv->global);
1787 dl_list_add(&drv->global->interfaces, &drv->list);
1788 drv->in_interface_list = 1;
1789 }
1790
1791 return bss;
1792
1793 failed:
1794 wpa_driver_nl80211_deinit(bss);
1795 return NULL;
1796 }
1797
1798
1799 /**
1800 * wpa_driver_nl80211_init - Initialize nl80211 driver interface
1801 * @ctx: context to be used when calling wpa_supplicant functions,
1802 * e.g., wpa_supplicant_event()
1803 * @ifname: interface name, e.g., wlan0
1804 * @global_priv: private driver global data from global_init()
1805 * Returns: Pointer to private data, %NULL on failure
1806 */
wpa_driver_nl80211_init(void * ctx,const char * ifname,void * global_priv)1807 static void * wpa_driver_nl80211_init(void *ctx, const char *ifname,
1808 void *global_priv)
1809 {
1810 return wpa_driver_nl80211_drv_init(ctx, ifname, global_priv, 0, NULL,
1811 NULL);
1812 }
1813
1814
nl80211_register_frame(struct i802_bss * bss,struct nl_handle * nl_handle,u16 type,const u8 * match,size_t match_len)1815 static int nl80211_register_frame(struct i802_bss *bss,
1816 struct nl_handle *nl_handle,
1817 u16 type, const u8 *match, size_t match_len)
1818 {
1819 struct wpa_driver_nl80211_data *drv = bss->drv;
1820 struct nl_msg *msg;
1821 int ret;
1822 char buf[30];
1823
1824 buf[0] = '\0';
1825 wpa_snprintf_hex(buf, sizeof(buf), match, match_len);
1826 wpa_printf(MSG_DEBUG, "nl80211: Register frame type=0x%x (%s) nl_handle=%p match=%s",
1827 type, fc2str(type), nl_handle, buf);
1828
1829 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_REGISTER_ACTION)) ||
1830 nla_put_u16(msg, NL80211_ATTR_FRAME_TYPE, type) ||
1831 nla_put(msg, NL80211_ATTR_FRAME_MATCH, match_len, match)) {
1832 nlmsg_free(msg);
1833 return -1;
1834 }
1835
1836 ret = send_and_recv(drv->global, nl_handle, msg, NULL, NULL);
1837 if (ret) {
1838 wpa_printf(MSG_DEBUG, "nl80211: Register frame command "
1839 "failed (type=%u): ret=%d (%s)",
1840 type, ret, strerror(-ret));
1841 wpa_hexdump(MSG_DEBUG, "nl80211: Register frame match",
1842 match, match_len);
1843 }
1844 return ret;
1845 }
1846
1847
nl80211_alloc_mgmt_handle(struct i802_bss * bss)1848 static int nl80211_alloc_mgmt_handle(struct i802_bss *bss)
1849 {
1850 if (bss->nl_mgmt) {
1851 wpa_printf(MSG_DEBUG, "nl80211: Mgmt reporting "
1852 "already on! (nl_mgmt=%p)", bss->nl_mgmt);
1853 return -1;
1854 }
1855
1856 bss->nl_mgmt = nl_create_handle(bss->nl_cb, "mgmt");
1857 if (bss->nl_mgmt == NULL)
1858 return -1;
1859
1860 return 0;
1861 }
1862
1863
nl80211_mgmt_handle_register_eloop(struct i802_bss * bss)1864 static void nl80211_mgmt_handle_register_eloop(struct i802_bss *bss)
1865 {
1866 nl80211_register_eloop_read(&bss->nl_mgmt,
1867 wpa_driver_nl80211_event_receive,
1868 bss->nl_cb);
1869 }
1870
1871
nl80211_register_action_frame(struct i802_bss * bss,const u8 * match,size_t match_len)1872 static int nl80211_register_action_frame(struct i802_bss *bss,
1873 const u8 *match, size_t match_len)
1874 {
1875 u16 type = (WLAN_FC_TYPE_MGMT << 2) | (WLAN_FC_STYPE_ACTION << 4);
1876 return nl80211_register_frame(bss, bss->nl_mgmt,
1877 type, match, match_len);
1878 }
1879
1880
nl80211_mgmt_subscribe_non_ap(struct i802_bss * bss)1881 static int nl80211_mgmt_subscribe_non_ap(struct i802_bss *bss)
1882 {
1883 struct wpa_driver_nl80211_data *drv = bss->drv;
1884 int ret = 0;
1885
1886 if (nl80211_alloc_mgmt_handle(bss))
1887 return -1;
1888 wpa_printf(MSG_DEBUG, "nl80211: Subscribe to mgmt frames with non-AP "
1889 "handle %p", bss->nl_mgmt);
1890
1891 if (drv->nlmode == NL80211_IFTYPE_ADHOC) {
1892 u16 type = (WLAN_FC_TYPE_MGMT << 2) | (WLAN_FC_STYPE_AUTH << 4);
1893
1894 /* register for any AUTH message */
1895 nl80211_register_frame(bss, bss->nl_mgmt, type, NULL, 0);
1896 }
1897
1898 #ifdef CONFIG_INTERWORKING
1899 /* QoS Map Configure */
1900 if (nl80211_register_action_frame(bss, (u8 *) "\x01\x04", 2) < 0)
1901 ret = -1;
1902 #endif /* CONFIG_INTERWORKING */
1903 #if defined(CONFIG_P2P) || defined(CONFIG_INTERWORKING)
1904 /* GAS Initial Request */
1905 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0a", 2) < 0)
1906 ret = -1;
1907 /* GAS Initial Response */
1908 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0b", 2) < 0)
1909 ret = -1;
1910 /* GAS Comeback Request */
1911 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0c", 2) < 0)
1912 ret = -1;
1913 /* GAS Comeback Response */
1914 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0d", 2) < 0)
1915 ret = -1;
1916 /* Protected GAS Initial Request */
1917 if (nl80211_register_action_frame(bss, (u8 *) "\x09\x0a", 2) < 0)
1918 ret = -1;
1919 /* Protected GAS Initial Response */
1920 if (nl80211_register_action_frame(bss, (u8 *) "\x09\x0b", 2) < 0)
1921 ret = -1;
1922 /* Protected GAS Comeback Request */
1923 if (nl80211_register_action_frame(bss, (u8 *) "\x09\x0c", 2) < 0)
1924 ret = -1;
1925 /* Protected GAS Comeback Response */
1926 if (nl80211_register_action_frame(bss, (u8 *) "\x09\x0d", 2) < 0)
1927 ret = -1;
1928 #endif /* CONFIG_P2P || CONFIG_INTERWORKING */
1929 #ifdef CONFIG_P2P
1930 /* P2P Public Action */
1931 if (nl80211_register_action_frame(bss,
1932 (u8 *) "\x04\x09\x50\x6f\x9a\x09",
1933 6) < 0)
1934 ret = -1;
1935 /* P2P Action */
1936 if (nl80211_register_action_frame(bss,
1937 (u8 *) "\x7f\x50\x6f\x9a\x09",
1938 5) < 0)
1939 ret = -1;
1940 #endif /* CONFIG_P2P */
1941 #ifdef CONFIG_IEEE80211W
1942 /* SA Query Response */
1943 if (nl80211_register_action_frame(bss, (u8 *) "\x08\x01", 2) < 0)
1944 ret = -1;
1945 #endif /* CONFIG_IEEE80211W */
1946 #ifdef CONFIG_TDLS
1947 if ((drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT)) {
1948 /* TDLS Discovery Response */
1949 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0e", 2) <
1950 0)
1951 ret = -1;
1952 }
1953 #endif /* CONFIG_TDLS */
1954 #ifdef CONFIG_FST
1955 /* FST Action frames */
1956 if (nl80211_register_action_frame(bss, (u8 *) "\x12", 1) < 0)
1957 ret = -1;
1958 #endif /* CONFIG_FST */
1959
1960 /* FT Action frames */
1961 if (nl80211_register_action_frame(bss, (u8 *) "\x06", 1) < 0)
1962 ret = -1;
1963 else
1964 drv->capa.key_mgmt |= WPA_DRIVER_CAPA_KEY_MGMT_FT |
1965 WPA_DRIVER_CAPA_KEY_MGMT_FT_PSK;
1966
1967 /* WNM - BSS Transition Management Request */
1968 if (nl80211_register_action_frame(bss, (u8 *) "\x0a\x07", 2) < 0)
1969 ret = -1;
1970 /* WNM-Sleep Mode Response */
1971 if (nl80211_register_action_frame(bss, (u8 *) "\x0a\x11", 2) < 0)
1972 ret = -1;
1973
1974 #ifdef CONFIG_HS20
1975 /* WNM-Notification */
1976 if (nl80211_register_action_frame(bss, (u8 *) "\x0a\x1a", 2) < 0)
1977 ret = -1;
1978 #endif /* CONFIG_HS20 */
1979
1980 /* WMM-AC ADDTS Response */
1981 if (nl80211_register_action_frame(bss, (u8 *) "\x11\x01", 2) < 0)
1982 ret = -1;
1983
1984 /* WMM-AC DELTS */
1985 if (nl80211_register_action_frame(bss, (u8 *) "\x11\x02", 2) < 0)
1986 ret = -1;
1987
1988 /* Radio Measurement - Neighbor Report Response */
1989 if (nl80211_register_action_frame(bss, (u8 *) "\x05\x05", 2) < 0)
1990 ret = -1;
1991
1992 /* Radio Measurement - Link Measurement Request */
1993 if ((drv->capa.rrm_flags & WPA_DRIVER_FLAGS_TX_POWER_INSERTION) &&
1994 (nl80211_register_action_frame(bss, (u8 *) "\x05\x02", 2) < 0))
1995 ret = -1;
1996
1997 nl80211_mgmt_handle_register_eloop(bss);
1998
1999 return ret;
2000 }
2001
2002
nl80211_mgmt_subscribe_mesh(struct i802_bss * bss)2003 static int nl80211_mgmt_subscribe_mesh(struct i802_bss *bss)
2004 {
2005 int ret = 0;
2006
2007 if (nl80211_alloc_mgmt_handle(bss))
2008 return -1;
2009
2010 wpa_printf(MSG_DEBUG,
2011 "nl80211: Subscribe to mgmt frames with mesh handle %p",
2012 bss->nl_mgmt);
2013
2014 /* Auth frames for mesh SAE */
2015 if (nl80211_register_frame(bss, bss->nl_mgmt,
2016 (WLAN_FC_TYPE_MGMT << 2) |
2017 (WLAN_FC_STYPE_AUTH << 4),
2018 NULL, 0) < 0)
2019 ret = -1;
2020
2021 /* Mesh peering open */
2022 if (nl80211_register_action_frame(bss, (u8 *) "\x0f\x01", 2) < 0)
2023 ret = -1;
2024 /* Mesh peering confirm */
2025 if (nl80211_register_action_frame(bss, (u8 *) "\x0f\x02", 2) < 0)
2026 ret = -1;
2027 /* Mesh peering close */
2028 if (nl80211_register_action_frame(bss, (u8 *) "\x0f\x03", 2) < 0)
2029 ret = -1;
2030
2031 nl80211_mgmt_handle_register_eloop(bss);
2032
2033 return ret;
2034 }
2035
2036
nl80211_register_spurious_class3(struct i802_bss * bss)2037 static int nl80211_register_spurious_class3(struct i802_bss *bss)
2038 {
2039 struct nl_msg *msg;
2040 int ret;
2041
2042 msg = nl80211_bss_msg(bss, 0, NL80211_CMD_UNEXPECTED_FRAME);
2043 ret = send_and_recv(bss->drv->global, bss->nl_mgmt, msg, NULL, NULL);
2044 if (ret) {
2045 wpa_printf(MSG_DEBUG, "nl80211: Register spurious class3 "
2046 "failed: ret=%d (%s)",
2047 ret, strerror(-ret));
2048 }
2049 return ret;
2050 }
2051
2052
nl80211_mgmt_subscribe_ap(struct i802_bss * bss)2053 static int nl80211_mgmt_subscribe_ap(struct i802_bss *bss)
2054 {
2055 static const int stypes[] = {
2056 WLAN_FC_STYPE_AUTH,
2057 WLAN_FC_STYPE_ASSOC_REQ,
2058 WLAN_FC_STYPE_REASSOC_REQ,
2059 WLAN_FC_STYPE_DISASSOC,
2060 WLAN_FC_STYPE_DEAUTH,
2061 WLAN_FC_STYPE_ACTION,
2062 WLAN_FC_STYPE_PROBE_REQ,
2063 /* Beacon doesn't work as mac80211 doesn't currently allow
2064 * it, but it wouldn't really be the right thing anyway as
2065 * it isn't per interface ... maybe just dump the scan
2066 * results periodically for OLBC?
2067 */
2068 /* WLAN_FC_STYPE_BEACON, */
2069 };
2070 unsigned int i;
2071
2072 if (nl80211_alloc_mgmt_handle(bss))
2073 return -1;
2074 wpa_printf(MSG_DEBUG, "nl80211: Subscribe to mgmt frames with AP "
2075 "handle %p", bss->nl_mgmt);
2076
2077 for (i = 0; i < ARRAY_SIZE(stypes); i++) {
2078 if (nl80211_register_frame(bss, bss->nl_mgmt,
2079 (WLAN_FC_TYPE_MGMT << 2) |
2080 (stypes[i] << 4),
2081 NULL, 0) < 0) {
2082 goto out_err;
2083 }
2084 }
2085
2086 if (nl80211_register_spurious_class3(bss))
2087 goto out_err;
2088
2089 if (nl80211_get_wiphy_data_ap(bss) == NULL)
2090 goto out_err;
2091
2092 nl80211_mgmt_handle_register_eloop(bss);
2093 return 0;
2094
2095 out_err:
2096 nl_destroy_handles(&bss->nl_mgmt);
2097 return -1;
2098 }
2099
2100
nl80211_mgmt_subscribe_ap_dev_sme(struct i802_bss * bss)2101 static int nl80211_mgmt_subscribe_ap_dev_sme(struct i802_bss *bss)
2102 {
2103 if (nl80211_alloc_mgmt_handle(bss))
2104 return -1;
2105 wpa_printf(MSG_DEBUG, "nl80211: Subscribe to mgmt frames with AP "
2106 "handle %p (device SME)", bss->nl_mgmt);
2107
2108 if (nl80211_register_frame(bss, bss->nl_mgmt,
2109 (WLAN_FC_TYPE_MGMT << 2) |
2110 (WLAN_FC_STYPE_ACTION << 4),
2111 NULL, 0) < 0)
2112 goto out_err;
2113
2114 nl80211_mgmt_handle_register_eloop(bss);
2115 return 0;
2116
2117 out_err:
2118 nl_destroy_handles(&bss->nl_mgmt);
2119 return -1;
2120 }
2121
2122
nl80211_mgmt_unsubscribe(struct i802_bss * bss,const char * reason)2123 static void nl80211_mgmt_unsubscribe(struct i802_bss *bss, const char *reason)
2124 {
2125 if (bss->nl_mgmt == NULL)
2126 return;
2127 wpa_printf(MSG_DEBUG, "nl80211: Unsubscribe mgmt frames handle %p "
2128 "(%s)", bss->nl_mgmt, reason);
2129 nl80211_destroy_eloop_handle(&bss->nl_mgmt);
2130
2131 nl80211_put_wiphy_data_ap(bss);
2132 }
2133
2134
wpa_driver_nl80211_send_rfkill(void * eloop_ctx,void * timeout_ctx)2135 static void wpa_driver_nl80211_send_rfkill(void *eloop_ctx, void *timeout_ctx)
2136 {
2137 wpa_supplicant_event(timeout_ctx, EVENT_INTERFACE_DISABLED, NULL);
2138 }
2139
2140
nl80211_del_p2pdev(struct i802_bss * bss)2141 static void nl80211_del_p2pdev(struct i802_bss *bss)
2142 {
2143 struct nl_msg *msg;
2144 int ret;
2145
2146 msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_DEL_INTERFACE);
2147 ret = send_and_recv_msgs(bss->drv, msg, NULL, NULL);
2148
2149 wpa_printf(MSG_DEBUG, "nl80211: Delete P2P Device %s (0x%llx): %s",
2150 bss->ifname, (long long unsigned int) bss->wdev_id,
2151 strerror(-ret));
2152 }
2153
2154
nl80211_set_p2pdev(struct i802_bss * bss,int start)2155 static int nl80211_set_p2pdev(struct i802_bss *bss, int start)
2156 {
2157 struct nl_msg *msg;
2158 int ret;
2159
2160 msg = nl80211_cmd_msg(bss, 0, start ? NL80211_CMD_START_P2P_DEVICE :
2161 NL80211_CMD_STOP_P2P_DEVICE);
2162 ret = send_and_recv_msgs(bss->drv, msg, NULL, NULL);
2163
2164 wpa_printf(MSG_DEBUG, "nl80211: %s P2P Device %s (0x%llx): %s",
2165 start ? "Start" : "Stop",
2166 bss->ifname, (long long unsigned int) bss->wdev_id,
2167 strerror(-ret));
2168 return ret;
2169 }
2170
2171
i802_set_iface_flags(struct i802_bss * bss,int up)2172 static int i802_set_iface_flags(struct i802_bss *bss, int up)
2173 {
2174 enum nl80211_iftype nlmode;
2175
2176 nlmode = nl80211_get_ifmode(bss);
2177 if (nlmode != NL80211_IFTYPE_P2P_DEVICE) {
2178 return linux_set_iface_flags(bss->drv->global->ioctl_sock,
2179 bss->ifname, up);
2180 }
2181
2182 /* P2P Device has start/stop which is equivalent */
2183 return nl80211_set_p2pdev(bss, up);
2184 }
2185
2186
2187 #ifdef CONFIG_TESTING_OPTIONS
qca_vendor_test_cmd_handler(struct nl_msg * msg,void * arg)2188 static int qca_vendor_test_cmd_handler(struct nl_msg *msg, void *arg)
2189 {
2190 /* struct wpa_driver_nl80211_data *drv = arg; */
2191 struct nlattr *tb[NL80211_ATTR_MAX + 1];
2192 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
2193
2194
2195 wpa_printf(MSG_DEBUG,
2196 "nl80211: QCA vendor test command response received");
2197
2198 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
2199 genlmsg_attrlen(gnlh, 0), NULL);
2200 if (!tb[NL80211_ATTR_VENDOR_DATA]) {
2201 wpa_printf(MSG_DEBUG, "nl80211: No vendor data attribute");
2202 return NL_SKIP;
2203 }
2204
2205 wpa_hexdump(MSG_DEBUG,
2206 "nl80211: Received QCA vendor test command response",
2207 nla_data(tb[NL80211_ATTR_VENDOR_DATA]),
2208 nla_len(tb[NL80211_ATTR_VENDOR_DATA]));
2209
2210 return NL_SKIP;
2211 }
2212 #endif /* CONFIG_TESTING_OPTIONS */
2213
2214
qca_vendor_test(struct wpa_driver_nl80211_data * drv)2215 static void qca_vendor_test(struct wpa_driver_nl80211_data *drv)
2216 {
2217 #ifdef CONFIG_TESTING_OPTIONS
2218 struct nl_msg *msg;
2219 struct nlattr *params;
2220 int ret;
2221
2222 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) ||
2223 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) ||
2224 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD,
2225 QCA_NL80211_VENDOR_SUBCMD_TEST) ||
2226 !(params = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) ||
2227 nla_put_u32(msg, QCA_WLAN_VENDOR_ATTR_TEST, 123)) {
2228 nlmsg_free(msg);
2229 return;
2230 }
2231 nla_nest_end(msg, params);
2232
2233 ret = send_and_recv_msgs(drv, msg, qca_vendor_test_cmd_handler, drv);
2234 wpa_printf(MSG_DEBUG,
2235 "nl80211: QCA vendor test command returned %d (%s)",
2236 ret, strerror(-ret));
2237 #endif /* CONFIG_TESTING_OPTIONS */
2238 }
2239
2240
2241 static int
wpa_driver_nl80211_finish_drv_init(struct wpa_driver_nl80211_data * drv,const u8 * set_addr,int first,const char * driver_params)2242 wpa_driver_nl80211_finish_drv_init(struct wpa_driver_nl80211_data *drv,
2243 const u8 *set_addr, int first,
2244 const char *driver_params)
2245 {
2246 struct i802_bss *bss = drv->first_bss;
2247 int send_rfkill_event = 0;
2248 enum nl80211_iftype nlmode;
2249
2250 drv->ifindex = if_nametoindex(bss->ifname);
2251 bss->ifindex = drv->ifindex;
2252 bss->wdev_id = drv->global->if_add_wdevid;
2253 bss->wdev_id_set = drv->global->if_add_wdevid_set;
2254
2255 bss->if_dynamic = drv->ifindex == drv->global->if_add_ifindex;
2256 bss->if_dynamic = bss->if_dynamic || drv->global->if_add_wdevid_set;
2257 drv->global->if_add_wdevid_set = 0;
2258
2259 if (!bss->if_dynamic && nl80211_get_ifmode(bss) == NL80211_IFTYPE_AP)
2260 bss->static_ap = 1;
2261
2262 if (first &&
2263 nl80211_get_ifmode(bss) != NL80211_IFTYPE_P2P_DEVICE &&
2264 linux_iface_up(drv->global->ioctl_sock, bss->ifname) > 0)
2265 drv->start_iface_up = 1;
2266
2267 if (wpa_driver_nl80211_capa(drv))
2268 return -1;
2269
2270 if (driver_params && nl80211_set_param(bss, driver_params) < 0)
2271 return -1;
2272
2273 wpa_printf(MSG_DEBUG, "nl80211: interface %s in phy %s",
2274 bss->ifname, drv->phyname);
2275
2276 if (set_addr &&
2277 (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 0) ||
2278 linux_set_ifhwaddr(drv->global->ioctl_sock, bss->ifname,
2279 set_addr)))
2280 return -1;
2281
2282 if (first && nl80211_get_ifmode(bss) == NL80211_IFTYPE_AP)
2283 drv->start_mode_ap = 1;
2284
2285 if (drv->hostapd || bss->static_ap)
2286 nlmode = NL80211_IFTYPE_AP;
2287 else if (bss->if_dynamic)
2288 nlmode = nl80211_get_ifmode(bss);
2289 else
2290 nlmode = NL80211_IFTYPE_STATION;
2291
2292 if (wpa_driver_nl80211_set_mode(bss, nlmode) < 0) {
2293 wpa_printf(MSG_ERROR, "nl80211: Could not configure driver mode");
2294 return -1;
2295 }
2296
2297 if (nlmode == NL80211_IFTYPE_P2P_DEVICE)
2298 nl80211_get_macaddr(bss);
2299
2300 wpa_driver_nl80211_drv_init_rfkill(drv);
2301
2302 if (!rfkill_is_blocked(drv->rfkill)) {
2303 int ret = i802_set_iface_flags(bss, 1);
2304 if (ret) {
2305 wpa_printf(MSG_ERROR, "nl80211: Could not set "
2306 "interface '%s' UP", bss->ifname);
2307 return ret;
2308 }
2309
2310 if (is_p2p_net_interface(nlmode))
2311 nl80211_disable_11b_rates(bss->drv,
2312 bss->drv->ifindex, 1);
2313
2314 if (nlmode == NL80211_IFTYPE_P2P_DEVICE)
2315 return ret;
2316 } else {
2317 wpa_printf(MSG_DEBUG, "nl80211: Could not yet enable "
2318 "interface '%s' due to rfkill", bss->ifname);
2319 if (nlmode != NL80211_IFTYPE_P2P_DEVICE)
2320 drv->if_disabled = 1;
2321
2322 send_rfkill_event = 1;
2323 }
2324
2325 if (!drv->hostapd && nlmode != NL80211_IFTYPE_P2P_DEVICE)
2326 netlink_send_oper_ifla(drv->global->netlink, drv->ifindex,
2327 1, IF_OPER_DORMANT);
2328
2329 if (nlmode != NL80211_IFTYPE_P2P_DEVICE) {
2330 if (linux_get_ifhwaddr(drv->global->ioctl_sock, bss->ifname,
2331 bss->addr))
2332 return -1;
2333 os_memcpy(drv->perm_addr, bss->addr, ETH_ALEN);
2334 }
2335
2336 if (send_rfkill_event) {
2337 eloop_register_timeout(0, 0, wpa_driver_nl80211_send_rfkill,
2338 drv, drv->ctx);
2339 }
2340
2341 if (drv->vendor_cmd_test_avail)
2342 qca_vendor_test(drv);
2343
2344 return 0;
2345 }
2346
2347
wpa_driver_nl80211_del_beacon(struct wpa_driver_nl80211_data * drv)2348 static int wpa_driver_nl80211_del_beacon(struct wpa_driver_nl80211_data *drv)
2349 {
2350 struct nl_msg *msg;
2351
2352 wpa_printf(MSG_DEBUG, "nl80211: Remove beacon (ifindex=%d)",
2353 drv->ifindex);
2354 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_DEL_BEACON);
2355 return send_and_recv_msgs(drv, msg, NULL, NULL);
2356 }
2357
2358
2359 /**
2360 * wpa_driver_nl80211_deinit - Deinitialize nl80211 driver interface
2361 * @bss: Pointer to private nl80211 data from wpa_driver_nl80211_init()
2362 *
2363 * Shut down driver interface and processing of driver events. Free
2364 * private data buffer if one was allocated in wpa_driver_nl80211_init().
2365 */
wpa_driver_nl80211_deinit(struct i802_bss * bss)2366 static void wpa_driver_nl80211_deinit(struct i802_bss *bss)
2367 {
2368 struct wpa_driver_nl80211_data *drv = bss->drv;
2369
2370 wpa_printf(MSG_INFO, "nl80211: deinit ifname=%s disabled_11b_rates=%d",
2371 bss->ifname, drv->disabled_11b_rates);
2372
2373 bss->in_deinit = 1;
2374 if (drv->data_tx_status)
2375 eloop_unregister_read_sock(drv->eapol_tx_sock);
2376 if (drv->eapol_tx_sock >= 0)
2377 close(drv->eapol_tx_sock);
2378
2379 if (bss->nl_preq)
2380 wpa_driver_nl80211_probe_req_report(bss, 0);
2381 if (bss->added_if_into_bridge) {
2382 if (linux_br_del_if(drv->global->ioctl_sock, bss->brname,
2383 bss->ifname) < 0)
2384 wpa_printf(MSG_INFO, "nl80211: Failed to remove "
2385 "interface %s from bridge %s: %s",
2386 bss->ifname, bss->brname, strerror(errno));
2387 if (drv->rtnl_sk)
2388 nl80211_handle_destroy(drv->rtnl_sk);
2389 }
2390 if (bss->added_bridge) {
2391 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->brname,
2392 0) < 0)
2393 wpa_printf(MSG_INFO,
2394 "nl80211: Could not set bridge %s down",
2395 bss->brname);
2396 if (linux_br_del(drv->global->ioctl_sock, bss->brname) < 0)
2397 wpa_printf(MSG_INFO, "nl80211: Failed to remove "
2398 "bridge %s: %s",
2399 bss->brname, strerror(errno));
2400 }
2401
2402 nl80211_remove_monitor_interface(drv);
2403
2404 if (is_ap_interface(drv->nlmode))
2405 wpa_driver_nl80211_del_beacon(drv);
2406
2407 if (drv->eapol_sock >= 0) {
2408 eloop_unregister_read_sock(drv->eapol_sock);
2409 close(drv->eapol_sock);
2410 }
2411
2412 if (drv->if_indices != drv->default_if_indices)
2413 os_free(drv->if_indices);
2414
2415 if (drv->if_indices_reason != drv->default_if_indices_reason)
2416 os_free(drv->if_indices_reason);
2417
2418 if (drv->disabled_11b_rates)
2419 nl80211_disable_11b_rates(drv, drv->ifindex, 0);
2420
2421 netlink_send_oper_ifla(drv->global->netlink, drv->ifindex, 0,
2422 IF_OPER_UP);
2423 eloop_cancel_timeout(wpa_driver_nl80211_send_rfkill, drv, drv->ctx);
2424 rfkill_deinit(drv->rfkill);
2425
2426 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv, drv->ctx);
2427
2428 if (!drv->start_iface_up)
2429 (void) i802_set_iface_flags(bss, 0);
2430
2431 if (drv->addr_changed) {
2432 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname,
2433 0) < 0) {
2434 wpa_printf(MSG_DEBUG,
2435 "nl80211: Could not set interface down to restore permanent MAC address");
2436 }
2437 if (linux_set_ifhwaddr(drv->global->ioctl_sock, bss->ifname,
2438 drv->perm_addr) < 0) {
2439 wpa_printf(MSG_DEBUG,
2440 "nl80211: Could not restore permanent MAC address");
2441 }
2442 }
2443
2444 if (drv->nlmode != NL80211_IFTYPE_P2P_DEVICE) {
2445 if (!drv->hostapd || !drv->start_mode_ap)
2446 wpa_driver_nl80211_set_mode(bss,
2447 NL80211_IFTYPE_STATION);
2448 nl80211_mgmt_unsubscribe(bss, "deinit");
2449 } else {
2450 nl80211_mgmt_unsubscribe(bss, "deinit");
2451 nl80211_del_p2pdev(bss);
2452 }
2453
2454 nl80211_destroy_bss(drv->first_bss);
2455
2456 os_free(drv->filter_ssids);
2457
2458 os_free(drv->auth_ie);
2459
2460 if (drv->in_interface_list)
2461 dl_list_del(&drv->list);
2462
2463 os_free(drv->extended_capa);
2464 os_free(drv->extended_capa_mask);
2465 os_free(drv->first_bss);
2466 os_free(drv);
2467 }
2468
2469
wpa_alg_to_cipher_suite(enum wpa_alg alg,size_t key_len)2470 static u32 wpa_alg_to_cipher_suite(enum wpa_alg alg, size_t key_len)
2471 {
2472 switch (alg) {
2473 case WPA_ALG_WEP:
2474 if (key_len == 5)
2475 return WLAN_CIPHER_SUITE_WEP40;
2476 return WLAN_CIPHER_SUITE_WEP104;
2477 case WPA_ALG_TKIP:
2478 return WLAN_CIPHER_SUITE_TKIP;
2479 case WPA_ALG_CCMP:
2480 return WLAN_CIPHER_SUITE_CCMP;
2481 case WPA_ALG_GCMP:
2482 return WLAN_CIPHER_SUITE_GCMP;
2483 case WPA_ALG_CCMP_256:
2484 return WLAN_CIPHER_SUITE_CCMP_256;
2485 case WPA_ALG_GCMP_256:
2486 return WLAN_CIPHER_SUITE_GCMP_256;
2487 case WPA_ALG_IGTK:
2488 return WLAN_CIPHER_SUITE_AES_CMAC;
2489 case WPA_ALG_BIP_GMAC_128:
2490 return WLAN_CIPHER_SUITE_BIP_GMAC_128;
2491 case WPA_ALG_BIP_GMAC_256:
2492 return WLAN_CIPHER_SUITE_BIP_GMAC_256;
2493 case WPA_ALG_BIP_CMAC_256:
2494 return WLAN_CIPHER_SUITE_BIP_CMAC_256;
2495 case WPA_ALG_SMS4:
2496 return WLAN_CIPHER_SUITE_SMS4;
2497 case WPA_ALG_KRK:
2498 return WLAN_CIPHER_SUITE_KRK;
2499 case WPA_ALG_NONE:
2500 case WPA_ALG_PMK:
2501 wpa_printf(MSG_ERROR, "nl80211: Unexpected encryption algorithm %d",
2502 alg);
2503 return 0;
2504 }
2505
2506 wpa_printf(MSG_ERROR, "nl80211: Unsupported encryption algorithm %d",
2507 alg);
2508 return 0;
2509 }
2510
2511
wpa_cipher_to_cipher_suite(unsigned int cipher)2512 static u32 wpa_cipher_to_cipher_suite(unsigned int cipher)
2513 {
2514 switch (cipher) {
2515 case WPA_CIPHER_CCMP_256:
2516 return WLAN_CIPHER_SUITE_CCMP_256;
2517 case WPA_CIPHER_GCMP_256:
2518 return WLAN_CIPHER_SUITE_GCMP_256;
2519 case WPA_CIPHER_CCMP:
2520 return WLAN_CIPHER_SUITE_CCMP;
2521 case WPA_CIPHER_GCMP:
2522 return WLAN_CIPHER_SUITE_GCMP;
2523 case WPA_CIPHER_TKIP:
2524 return WLAN_CIPHER_SUITE_TKIP;
2525 case WPA_CIPHER_WEP104:
2526 return WLAN_CIPHER_SUITE_WEP104;
2527 case WPA_CIPHER_WEP40:
2528 return WLAN_CIPHER_SUITE_WEP40;
2529 case WPA_CIPHER_GTK_NOT_USED:
2530 return WLAN_CIPHER_SUITE_NO_GROUP_ADDR;
2531 }
2532
2533 return 0;
2534 }
2535
2536
wpa_cipher_to_cipher_suites(unsigned int ciphers,u32 suites[],int max_suites)2537 static int wpa_cipher_to_cipher_suites(unsigned int ciphers, u32 suites[],
2538 int max_suites)
2539 {
2540 int num_suites = 0;
2541
2542 if (num_suites < max_suites && ciphers & WPA_CIPHER_CCMP_256)
2543 suites[num_suites++] = WLAN_CIPHER_SUITE_CCMP_256;
2544 if (num_suites < max_suites && ciphers & WPA_CIPHER_GCMP_256)
2545 suites[num_suites++] = WLAN_CIPHER_SUITE_GCMP_256;
2546 if (num_suites < max_suites && ciphers & WPA_CIPHER_CCMP)
2547 suites[num_suites++] = WLAN_CIPHER_SUITE_CCMP;
2548 if (num_suites < max_suites && ciphers & WPA_CIPHER_GCMP)
2549 suites[num_suites++] = WLAN_CIPHER_SUITE_GCMP;
2550 if (num_suites < max_suites && ciphers & WPA_CIPHER_TKIP)
2551 suites[num_suites++] = WLAN_CIPHER_SUITE_TKIP;
2552 if (num_suites < max_suites && ciphers & WPA_CIPHER_WEP104)
2553 suites[num_suites++] = WLAN_CIPHER_SUITE_WEP104;
2554 if (num_suites < max_suites && ciphers & WPA_CIPHER_WEP40)
2555 suites[num_suites++] = WLAN_CIPHER_SUITE_WEP40;
2556
2557 return num_suites;
2558 }
2559
2560
2561 #ifdef CONFIG_DRIVER_NL80211_QCA
issue_key_mgmt_set_key(struct wpa_driver_nl80211_data * drv,const u8 * key,size_t key_len)2562 static int issue_key_mgmt_set_key(struct wpa_driver_nl80211_data *drv,
2563 const u8 *key, size_t key_len)
2564 {
2565 struct nl_msg *msg;
2566 int ret;
2567
2568 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_KEY_MGMT_OFFLOAD))
2569 return 0;
2570
2571 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) ||
2572 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) ||
2573 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD,
2574 QCA_NL80211_VENDOR_SUBCMD_KEY_MGMT_SET_KEY) ||
2575 nla_put(msg, NL80211_ATTR_VENDOR_DATA, key_len, key)) {
2576 nl80211_nlmsg_clear(msg);
2577 nlmsg_free(msg);
2578 return -1;
2579 }
2580 ret = send_and_recv_msgs(drv, msg, NULL, (void *) -1);
2581 if (ret) {
2582 wpa_printf(MSG_DEBUG,
2583 "nl80211: Key management set key failed: ret=%d (%s)",
2584 ret, strerror(-ret));
2585 }
2586
2587 return ret;
2588 }
2589 #endif /* CONFIG_DRIVER_NL80211_QCA */
2590
2591
wpa_driver_nl80211_set_key(const char * ifname,struct i802_bss * bss,enum wpa_alg alg,const u8 * addr,int key_idx,int set_tx,const u8 * seq,size_t seq_len,const u8 * key,size_t key_len)2592 static int wpa_driver_nl80211_set_key(const char *ifname, struct i802_bss *bss,
2593 enum wpa_alg alg, const u8 *addr,
2594 int key_idx, int set_tx,
2595 const u8 *seq, size_t seq_len,
2596 const u8 *key, size_t key_len)
2597 {
2598 struct wpa_driver_nl80211_data *drv = bss->drv;
2599 int ifindex;
2600 struct nl_msg *msg = NULL;
2601 int ret;
2602 int tdls = 0;
2603
2604 /* Ignore for P2P Device */
2605 if (drv->nlmode == NL80211_IFTYPE_P2P_DEVICE)
2606 return 0;
2607
2608 ifindex = if_nametoindex(ifname);
2609 wpa_printf(MSG_DEBUG, "%s: ifindex=%d (%s) alg=%d addr=%p key_idx=%d "
2610 "set_tx=%d seq_len=%lu key_len=%lu",
2611 __func__, ifindex, ifname, alg, addr, key_idx, set_tx,
2612 (unsigned long) seq_len, (unsigned long) key_len);
2613 #ifdef CONFIG_TDLS
2614 if (key_idx == -1) {
2615 key_idx = 0;
2616 tdls = 1;
2617 }
2618 #endif /* CONFIG_TDLS */
2619
2620 #ifdef CONFIG_DRIVER_NL80211_QCA
2621 if (alg == WPA_ALG_PMK &&
2622 (drv->capa.flags & WPA_DRIVER_FLAGS_KEY_MGMT_OFFLOAD)) {
2623 wpa_printf(MSG_DEBUG, "%s: calling issue_key_mgmt_set_key",
2624 __func__);
2625 ret = issue_key_mgmt_set_key(drv, key, key_len);
2626 return ret;
2627 }
2628 #endif /* CONFIG_DRIVER_NL80211_QCA */
2629
2630 if (alg == WPA_ALG_NONE) {
2631 msg = nl80211_ifindex_msg(drv, ifindex, 0, NL80211_CMD_DEL_KEY);
2632 if (!msg)
2633 return -ENOBUFS;
2634 } else {
2635 u32 suite;
2636
2637 suite = wpa_alg_to_cipher_suite(alg, key_len);
2638 if (!suite)
2639 goto fail;
2640 msg = nl80211_ifindex_msg(drv, ifindex, 0, NL80211_CMD_NEW_KEY);
2641 if (!msg ||
2642 nla_put(msg, NL80211_ATTR_KEY_DATA, key_len, key) ||
2643 nla_put_u32(msg, NL80211_ATTR_KEY_CIPHER, suite))
2644 goto fail;
2645 wpa_hexdump_key(MSG_DEBUG, "nl80211: KEY_DATA", key, key_len);
2646 }
2647
2648 if (seq && seq_len) {
2649 if (nla_put(msg, NL80211_ATTR_KEY_SEQ, seq_len, seq))
2650 goto fail;
2651 wpa_hexdump(MSG_DEBUG, "nl80211: KEY_SEQ", seq, seq_len);
2652 }
2653
2654 if (addr && !is_broadcast_ether_addr(addr)) {
2655 wpa_printf(MSG_DEBUG, " addr=" MACSTR, MAC2STR(addr));
2656 if (nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr))
2657 goto fail;
2658
2659 if (alg != WPA_ALG_WEP && key_idx && !set_tx) {
2660 wpa_printf(MSG_DEBUG, " RSN IBSS RX GTK");
2661 if (nla_put_u32(msg, NL80211_ATTR_KEY_TYPE,
2662 NL80211_KEYTYPE_GROUP))
2663 goto fail;
2664 }
2665 } else if (addr && is_broadcast_ether_addr(addr)) {
2666 struct nlattr *types;
2667
2668 wpa_printf(MSG_DEBUG, " broadcast key");
2669
2670 types = nla_nest_start(msg, NL80211_ATTR_KEY_DEFAULT_TYPES);
2671 if (!types ||
2672 nla_put_flag(msg, NL80211_KEY_DEFAULT_TYPE_MULTICAST))
2673 goto fail;
2674 nla_nest_end(msg, types);
2675 }
2676 if (nla_put_u8(msg, NL80211_ATTR_KEY_IDX, key_idx))
2677 goto fail;
2678
2679 ret = send_and_recv_msgs(drv, msg, NULL, key ? (void *) -1 : NULL);
2680 if ((ret == -ENOENT || ret == -ENOLINK) && alg == WPA_ALG_NONE)
2681 ret = 0;
2682 if (ret)
2683 wpa_printf(MSG_DEBUG, "nl80211: set_key failed; err=%d %s)",
2684 ret, strerror(-ret));
2685
2686 /*
2687 * If we failed or don't need to set the default TX key (below),
2688 * we're done here.
2689 */
2690 if (ret || !set_tx || alg == WPA_ALG_NONE || tdls)
2691 return ret;
2692 if (is_ap_interface(drv->nlmode) && addr &&
2693 !is_broadcast_ether_addr(addr))
2694 return ret;
2695
2696 msg = nl80211_ifindex_msg(drv, ifindex, 0, NL80211_CMD_SET_KEY);
2697 if (!msg ||
2698 nla_put_u8(msg, NL80211_ATTR_KEY_IDX, key_idx) ||
2699 nla_put_flag(msg, (alg == WPA_ALG_IGTK ||
2700 alg == WPA_ALG_BIP_GMAC_128 ||
2701 alg == WPA_ALG_BIP_GMAC_256 ||
2702 alg == WPA_ALG_BIP_CMAC_256) ?
2703 NL80211_ATTR_KEY_DEFAULT_MGMT :
2704 NL80211_ATTR_KEY_DEFAULT))
2705 goto fail;
2706 if (addr && is_broadcast_ether_addr(addr)) {
2707 struct nlattr *types;
2708
2709 types = nla_nest_start(msg, NL80211_ATTR_KEY_DEFAULT_TYPES);
2710 if (!types ||
2711 nla_put_flag(msg, NL80211_KEY_DEFAULT_TYPE_MULTICAST))
2712 goto fail;
2713 nla_nest_end(msg, types);
2714 } else if (addr) {
2715 struct nlattr *types;
2716
2717 types = nla_nest_start(msg, NL80211_ATTR_KEY_DEFAULT_TYPES);
2718 if (!types ||
2719 nla_put_flag(msg, NL80211_KEY_DEFAULT_TYPE_UNICAST))
2720 goto fail;
2721 nla_nest_end(msg, types);
2722 }
2723
2724 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
2725 if (ret == -ENOENT)
2726 ret = 0;
2727 if (ret)
2728 wpa_printf(MSG_DEBUG, "nl80211: set_key default failed; "
2729 "err=%d %s)", ret, strerror(-ret));
2730 return ret;
2731
2732 fail:
2733 nl80211_nlmsg_clear(msg);
2734 nlmsg_free(msg);
2735 return -ENOBUFS;
2736 }
2737
2738
nl_add_key(struct nl_msg * msg,enum wpa_alg alg,int key_idx,int defkey,const u8 * seq,size_t seq_len,const u8 * key,size_t key_len)2739 static int nl_add_key(struct nl_msg *msg, enum wpa_alg alg,
2740 int key_idx, int defkey,
2741 const u8 *seq, size_t seq_len,
2742 const u8 *key, size_t key_len)
2743 {
2744 struct nlattr *key_attr = nla_nest_start(msg, NL80211_ATTR_KEY);
2745 u32 suite;
2746
2747 if (!key_attr)
2748 return -1;
2749
2750 suite = wpa_alg_to_cipher_suite(alg, key_len);
2751 if (!suite)
2752 return -1;
2753
2754 if (defkey && alg == WPA_ALG_IGTK) {
2755 if (nla_put_flag(msg, NL80211_KEY_DEFAULT_MGMT))
2756 return -1;
2757 } else if (defkey) {
2758 if (nla_put_flag(msg, NL80211_KEY_DEFAULT))
2759 return -1;
2760 }
2761
2762 if (nla_put_u8(msg, NL80211_KEY_IDX, key_idx) ||
2763 nla_put_u32(msg, NL80211_KEY_CIPHER, suite) ||
2764 (seq && seq_len &&
2765 nla_put(msg, NL80211_KEY_SEQ, seq_len, seq)) ||
2766 nla_put(msg, NL80211_KEY_DATA, key_len, key))
2767 return -1;
2768
2769 nla_nest_end(msg, key_attr);
2770
2771 return 0;
2772 }
2773
2774
nl80211_set_conn_keys(struct wpa_driver_associate_params * params,struct nl_msg * msg)2775 static int nl80211_set_conn_keys(struct wpa_driver_associate_params *params,
2776 struct nl_msg *msg)
2777 {
2778 int i, privacy = 0;
2779 struct nlattr *nl_keys, *nl_key;
2780
2781 for (i = 0; i < 4; i++) {
2782 if (!params->wep_key[i])
2783 continue;
2784 privacy = 1;
2785 break;
2786 }
2787 if (params->wps == WPS_MODE_PRIVACY)
2788 privacy = 1;
2789 if (params->pairwise_suite &&
2790 params->pairwise_suite != WPA_CIPHER_NONE)
2791 privacy = 1;
2792
2793 if (!privacy)
2794 return 0;
2795
2796 if (nla_put_flag(msg, NL80211_ATTR_PRIVACY))
2797 return -ENOBUFS;
2798
2799 nl_keys = nla_nest_start(msg, NL80211_ATTR_KEYS);
2800 if (!nl_keys)
2801 return -ENOBUFS;
2802
2803 for (i = 0; i < 4; i++) {
2804 if (!params->wep_key[i])
2805 continue;
2806
2807 nl_key = nla_nest_start(msg, i);
2808 if (!nl_key ||
2809 nla_put(msg, NL80211_KEY_DATA, params->wep_key_len[i],
2810 params->wep_key[i]) ||
2811 nla_put_u32(msg, NL80211_KEY_CIPHER,
2812 params->wep_key_len[i] == 5 ?
2813 WLAN_CIPHER_SUITE_WEP40 :
2814 WLAN_CIPHER_SUITE_WEP104) ||
2815 nla_put_u8(msg, NL80211_KEY_IDX, i) ||
2816 (i == params->wep_tx_keyidx &&
2817 nla_put_flag(msg, NL80211_KEY_DEFAULT)))
2818 return -ENOBUFS;
2819
2820 nla_nest_end(msg, nl_key);
2821 }
2822 nla_nest_end(msg, nl_keys);
2823
2824 return 0;
2825 }
2826
2827
wpa_driver_nl80211_mlme(struct wpa_driver_nl80211_data * drv,const u8 * addr,int cmd,u16 reason_code,int local_state_change)2828 int wpa_driver_nl80211_mlme(struct wpa_driver_nl80211_data *drv,
2829 const u8 *addr, int cmd, u16 reason_code,
2830 int local_state_change)
2831 {
2832 int ret;
2833 struct nl_msg *msg;
2834
2835 if (!(msg = nl80211_drv_msg(drv, 0, cmd)) ||
2836 nla_put_u16(msg, NL80211_ATTR_REASON_CODE, reason_code) ||
2837 (addr && nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) ||
2838 (local_state_change &&
2839 nla_put_flag(msg, NL80211_ATTR_LOCAL_STATE_CHANGE))) {
2840 nlmsg_free(msg);
2841 return -1;
2842 }
2843
2844 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
2845 if (ret) {
2846 wpa_dbg(drv->ctx, MSG_DEBUG,
2847 "nl80211: MLME command failed: reason=%u ret=%d (%s)",
2848 reason_code, ret, strerror(-ret));
2849 }
2850 return ret;
2851 }
2852
2853
wpa_driver_nl80211_disconnect(struct wpa_driver_nl80211_data * drv,int reason_code)2854 static int wpa_driver_nl80211_disconnect(struct wpa_driver_nl80211_data *drv,
2855 int reason_code)
2856 {
2857 int ret;
2858
2859 wpa_printf(MSG_DEBUG, "%s(reason_code=%d)", __func__, reason_code);
2860 nl80211_mark_disconnected(drv);
2861 /* Disconnect command doesn't need BSSID - it uses cached value */
2862 ret = wpa_driver_nl80211_mlme(drv, NULL, NL80211_CMD_DISCONNECT,
2863 reason_code, 0);
2864 /*
2865 * For locally generated disconnect, supplicant already generates a
2866 * DEAUTH event, so ignore the event from NL80211.
2867 */
2868 drv->ignore_next_local_disconnect = ret == 0;
2869
2870 return ret;
2871 }
2872
2873
wpa_driver_nl80211_deauthenticate(struct i802_bss * bss,const u8 * addr,int reason_code)2874 static int wpa_driver_nl80211_deauthenticate(struct i802_bss *bss,
2875 const u8 *addr, int reason_code)
2876 {
2877 struct wpa_driver_nl80211_data *drv = bss->drv;
2878 int ret;
2879
2880 if (drv->nlmode == NL80211_IFTYPE_ADHOC) {
2881 nl80211_mark_disconnected(drv);
2882 return nl80211_leave_ibss(drv, 1);
2883 }
2884 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME))
2885 return wpa_driver_nl80211_disconnect(drv, reason_code);
2886 wpa_printf(MSG_DEBUG, "%s(addr=" MACSTR " reason_code=%d)",
2887 __func__, MAC2STR(addr), reason_code);
2888 nl80211_mark_disconnected(drv);
2889 ret = wpa_driver_nl80211_mlme(drv, addr, NL80211_CMD_DEAUTHENTICATE,
2890 reason_code, 0);
2891 /*
2892 * For locally generated deauthenticate, supplicant already generates a
2893 * DEAUTH event, so ignore the event from NL80211.
2894 */
2895 drv->ignore_next_local_deauth = ret == 0;
2896 return ret;
2897 }
2898
2899
nl80211_copy_auth_params(struct wpa_driver_nl80211_data * drv,struct wpa_driver_auth_params * params)2900 static void nl80211_copy_auth_params(struct wpa_driver_nl80211_data *drv,
2901 struct wpa_driver_auth_params *params)
2902 {
2903 int i;
2904
2905 drv->auth_freq = params->freq;
2906 drv->auth_alg = params->auth_alg;
2907 drv->auth_wep_tx_keyidx = params->wep_tx_keyidx;
2908 drv->auth_local_state_change = params->local_state_change;
2909 drv->auth_p2p = params->p2p;
2910
2911 if (params->bssid)
2912 os_memcpy(drv->auth_bssid_, params->bssid, ETH_ALEN);
2913 else
2914 os_memset(drv->auth_bssid_, 0, ETH_ALEN);
2915
2916 if (params->ssid) {
2917 os_memcpy(drv->auth_ssid, params->ssid, params->ssid_len);
2918 drv->auth_ssid_len = params->ssid_len;
2919 } else
2920 drv->auth_ssid_len = 0;
2921
2922
2923 os_free(drv->auth_ie);
2924 drv->auth_ie = NULL;
2925 drv->auth_ie_len = 0;
2926 if (params->ie) {
2927 drv->auth_ie = os_malloc(params->ie_len);
2928 if (drv->auth_ie) {
2929 os_memcpy(drv->auth_ie, params->ie, params->ie_len);
2930 drv->auth_ie_len = params->ie_len;
2931 }
2932 }
2933
2934 for (i = 0; i < 4; i++) {
2935 if (params->wep_key[i] && params->wep_key_len[i] &&
2936 params->wep_key_len[i] <= 16) {
2937 os_memcpy(drv->auth_wep_key[i], params->wep_key[i],
2938 params->wep_key_len[i]);
2939 drv->auth_wep_key_len[i] = params->wep_key_len[i];
2940 } else
2941 drv->auth_wep_key_len[i] = 0;
2942 }
2943 }
2944
2945
nl80211_unmask_11b_rates(struct i802_bss * bss)2946 static void nl80211_unmask_11b_rates(struct i802_bss *bss)
2947 {
2948 struct wpa_driver_nl80211_data *drv = bss->drv;
2949
2950 if (is_p2p_net_interface(drv->nlmode) || !drv->disabled_11b_rates)
2951 return;
2952
2953 /*
2954 * Looks like we failed to unmask 11b rates previously. This could
2955 * happen, e.g., if the interface was down at the point in time when a
2956 * P2P group was terminated.
2957 */
2958 wpa_printf(MSG_DEBUG,
2959 "nl80211: Interface %s mode is for non-P2P, but 11b rates were disabled - re-enable them",
2960 bss->ifname);
2961 nl80211_disable_11b_rates(drv, drv->ifindex, 0);
2962 }
2963
2964
wpa_driver_nl80211_authenticate(struct i802_bss * bss,struct wpa_driver_auth_params * params)2965 static int wpa_driver_nl80211_authenticate(
2966 struct i802_bss *bss, struct wpa_driver_auth_params *params)
2967 {
2968 struct wpa_driver_nl80211_data *drv = bss->drv;
2969 int ret = -1, i;
2970 struct nl_msg *msg;
2971 enum nl80211_auth_type type;
2972 enum nl80211_iftype nlmode;
2973 int count = 0;
2974 int is_retry;
2975
2976 nl80211_unmask_11b_rates(bss);
2977
2978 is_retry = drv->retry_auth;
2979 drv->retry_auth = 0;
2980 drv->ignore_deauth_event = 0;
2981
2982 nl80211_mark_disconnected(drv);
2983 os_memset(drv->auth_bssid, 0, ETH_ALEN);
2984 if (params->bssid)
2985 os_memcpy(drv->auth_attempt_bssid, params->bssid, ETH_ALEN);
2986 else
2987 os_memset(drv->auth_attempt_bssid, 0, ETH_ALEN);
2988 /* FIX: IBSS mode */
2989 nlmode = params->p2p ?
2990 NL80211_IFTYPE_P2P_CLIENT : NL80211_IFTYPE_STATION;
2991 if (drv->nlmode != nlmode &&
2992 wpa_driver_nl80211_set_mode(bss, nlmode) < 0)
2993 return -1;
2994
2995 retry:
2996 wpa_printf(MSG_DEBUG, "nl80211: Authenticate (ifindex=%d)",
2997 drv->ifindex);
2998
2999 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_AUTHENTICATE);
3000 if (!msg)
3001 goto fail;
3002
3003 for (i = 0; i < 4; i++) {
3004 if (!params->wep_key[i])
3005 continue;
3006 wpa_driver_nl80211_set_key(bss->ifname, bss, WPA_ALG_WEP,
3007 NULL, i,
3008 i == params->wep_tx_keyidx, NULL, 0,
3009 params->wep_key[i],
3010 params->wep_key_len[i]);
3011 if (params->wep_tx_keyidx != i)
3012 continue;
3013 if (nl_add_key(msg, WPA_ALG_WEP, i, 1, NULL, 0,
3014 params->wep_key[i], params->wep_key_len[i]))
3015 goto fail;
3016 }
3017
3018 if (params->bssid) {
3019 wpa_printf(MSG_DEBUG, " * bssid=" MACSTR,
3020 MAC2STR(params->bssid));
3021 if (nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid))
3022 goto fail;
3023 }
3024 if (params->freq) {
3025 wpa_printf(MSG_DEBUG, " * freq=%d", params->freq);
3026 if (nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, params->freq))
3027 goto fail;
3028 }
3029 if (params->ssid) {
3030 wpa_hexdump_ascii(MSG_DEBUG, " * SSID",
3031 params->ssid, params->ssid_len);
3032 if (nla_put(msg, NL80211_ATTR_SSID, params->ssid_len,
3033 params->ssid))
3034 goto fail;
3035 }
3036 wpa_hexdump(MSG_DEBUG, " * IEs", params->ie, params->ie_len);
3037 if (params->ie &&
3038 nla_put(msg, NL80211_ATTR_IE, params->ie_len, params->ie))
3039 goto fail;
3040 if (params->sae_data) {
3041 wpa_hexdump(MSG_DEBUG, " * SAE data", params->sae_data,
3042 params->sae_data_len);
3043 if (nla_put(msg, NL80211_ATTR_SAE_DATA, params->sae_data_len,
3044 params->sae_data))
3045 goto fail;
3046 }
3047 if (params->auth_alg & WPA_AUTH_ALG_OPEN)
3048 type = NL80211_AUTHTYPE_OPEN_SYSTEM;
3049 else if (params->auth_alg & WPA_AUTH_ALG_SHARED)
3050 type = NL80211_AUTHTYPE_SHARED_KEY;
3051 else if (params->auth_alg & WPA_AUTH_ALG_LEAP)
3052 type = NL80211_AUTHTYPE_NETWORK_EAP;
3053 else if (params->auth_alg & WPA_AUTH_ALG_FT)
3054 type = NL80211_AUTHTYPE_FT;
3055 else if (params->auth_alg & WPA_AUTH_ALG_SAE)
3056 type = NL80211_AUTHTYPE_SAE;
3057 else
3058 goto fail;
3059 wpa_printf(MSG_DEBUG, " * Auth Type %d", type);
3060 if (nla_put_u32(msg, NL80211_ATTR_AUTH_TYPE, type))
3061 goto fail;
3062 if (params->local_state_change) {
3063 wpa_printf(MSG_DEBUG, " * Local state change only");
3064 if (nla_put_flag(msg, NL80211_ATTR_LOCAL_STATE_CHANGE))
3065 goto fail;
3066 }
3067
3068 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
3069 msg = NULL;
3070 if (ret) {
3071 wpa_dbg(drv->ctx, MSG_DEBUG,
3072 "nl80211: MLME command failed (auth): ret=%d (%s)",
3073 ret, strerror(-ret));
3074 count++;
3075 if (ret == -EALREADY && count == 1 && params->bssid &&
3076 !params->local_state_change) {
3077 /*
3078 * mac80211 does not currently accept new
3079 * authentication if we are already authenticated. As a
3080 * workaround, force deauthentication and try again.
3081 */
3082 wpa_printf(MSG_DEBUG, "nl80211: Retry authentication "
3083 "after forced deauthentication");
3084 drv->ignore_deauth_event = 1;
3085 wpa_driver_nl80211_deauthenticate(
3086 bss, params->bssid,
3087 WLAN_REASON_PREV_AUTH_NOT_VALID);
3088 nlmsg_free(msg);
3089 goto retry;
3090 }
3091
3092 if (ret == -ENOENT && params->freq && !is_retry) {
3093 /*
3094 * cfg80211 has likely expired the BSS entry even
3095 * though it was previously available in our internal
3096 * BSS table. To recover quickly, start a single
3097 * channel scan on the specified channel.
3098 */
3099 struct wpa_driver_scan_params scan;
3100 int freqs[2];
3101
3102 os_memset(&scan, 0, sizeof(scan));
3103 scan.num_ssids = 1;
3104 if (params->ssid) {
3105 scan.ssids[0].ssid = params->ssid;
3106 scan.ssids[0].ssid_len = params->ssid_len;
3107 }
3108 freqs[0] = params->freq;
3109 freqs[1] = 0;
3110 scan.freqs = freqs;
3111 wpa_printf(MSG_DEBUG, "nl80211: Trigger single "
3112 "channel scan to refresh cfg80211 BSS "
3113 "entry");
3114 ret = wpa_driver_nl80211_scan(bss, &scan);
3115 if (ret == 0) {
3116 nl80211_copy_auth_params(drv, params);
3117 drv->scan_for_auth = 1;
3118 }
3119 } else if (is_retry) {
3120 /*
3121 * Need to indicate this with an event since the return
3122 * value from the retry is not delivered to core code.
3123 */
3124 union wpa_event_data event;
3125 wpa_printf(MSG_DEBUG, "nl80211: Authentication retry "
3126 "failed");
3127 os_memset(&event, 0, sizeof(event));
3128 os_memcpy(event.timeout_event.addr, drv->auth_bssid_,
3129 ETH_ALEN);
3130 wpa_supplicant_event(drv->ctx, EVENT_AUTH_TIMED_OUT,
3131 &event);
3132 }
3133 } else {
3134 wpa_printf(MSG_DEBUG,
3135 "nl80211: Authentication request send successfully");
3136 }
3137
3138 fail:
3139 nlmsg_free(msg);
3140 return ret;
3141 }
3142
3143
wpa_driver_nl80211_authenticate_retry(struct wpa_driver_nl80211_data * drv)3144 int wpa_driver_nl80211_authenticate_retry(struct wpa_driver_nl80211_data *drv)
3145 {
3146 struct wpa_driver_auth_params params;
3147 struct i802_bss *bss = drv->first_bss;
3148 int i;
3149
3150 wpa_printf(MSG_DEBUG, "nl80211: Try to authenticate again");
3151
3152 os_memset(¶ms, 0, sizeof(params));
3153 params.freq = drv->auth_freq;
3154 params.auth_alg = drv->auth_alg;
3155 params.wep_tx_keyidx = drv->auth_wep_tx_keyidx;
3156 params.local_state_change = drv->auth_local_state_change;
3157 params.p2p = drv->auth_p2p;
3158
3159 if (!is_zero_ether_addr(drv->auth_bssid_))
3160 params.bssid = drv->auth_bssid_;
3161
3162 if (drv->auth_ssid_len) {
3163 params.ssid = drv->auth_ssid;
3164 params.ssid_len = drv->auth_ssid_len;
3165 }
3166
3167 params.ie = drv->auth_ie;
3168 params.ie_len = drv->auth_ie_len;
3169
3170 for (i = 0; i < 4; i++) {
3171 if (drv->auth_wep_key_len[i]) {
3172 params.wep_key[i] = drv->auth_wep_key[i];
3173 params.wep_key_len[i] = drv->auth_wep_key_len[i];
3174 }
3175 }
3176
3177 drv->retry_auth = 1;
3178 return wpa_driver_nl80211_authenticate(bss, ¶ms);
3179 }
3180
3181
wpa_driver_nl80211_send_frame(struct i802_bss * bss,const void * data,size_t len,int encrypt,int noack,unsigned int freq,int no_cck,int offchanok,unsigned int wait_time,const u16 * csa_offs,size_t csa_offs_len)3182 static int wpa_driver_nl80211_send_frame(struct i802_bss *bss,
3183 const void *data, size_t len,
3184 int encrypt, int noack,
3185 unsigned int freq, int no_cck,
3186 int offchanok, unsigned int wait_time,
3187 const u16 *csa_offs,
3188 size_t csa_offs_len)
3189 {
3190 struct wpa_driver_nl80211_data *drv = bss->drv;
3191 u64 cookie;
3192 int res;
3193
3194 if (freq == 0 && drv->nlmode == NL80211_IFTYPE_ADHOC) {
3195 freq = nl80211_get_assoc_freq(drv);
3196 wpa_printf(MSG_DEBUG,
3197 "nl80211: send_frame - Use assoc_freq=%u for IBSS",
3198 freq);
3199 }
3200 if (freq == 0) {
3201 wpa_printf(MSG_DEBUG, "nl80211: send_frame - Use bss->freq=%u",
3202 bss->freq);
3203 freq = bss->freq;
3204 }
3205
3206 if (drv->use_monitor) {
3207 wpa_printf(MSG_DEBUG, "nl80211: send_frame(freq=%u bss->freq=%u) -> send_monitor",
3208 freq, bss->freq);
3209 return nl80211_send_monitor(drv, data, len, encrypt, noack);
3210 }
3211
3212 wpa_printf(MSG_DEBUG, "nl80211: send_frame -> send_frame_cmd");
3213 res = nl80211_send_frame_cmd(bss, freq, wait_time, data, len,
3214 &cookie, no_cck, noack, offchanok,
3215 csa_offs, csa_offs_len);
3216 if (res == 0 && !noack) {
3217 const struct ieee80211_mgmt *mgmt;
3218 u16 fc;
3219
3220 mgmt = (const struct ieee80211_mgmt *) data;
3221 fc = le_to_host16(mgmt->frame_control);
3222 if (WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT &&
3223 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_ACTION) {
3224 wpa_printf(MSG_MSGDUMP,
3225 "nl80211: Update send_action_cookie from 0x%llx to 0x%llx",
3226 (long long unsigned int)
3227 drv->send_action_cookie,
3228 (long long unsigned int) cookie);
3229 drv->send_action_cookie = cookie;
3230 }
3231 }
3232
3233 return res;
3234 }
3235
3236
wpa_driver_nl80211_send_mlme(struct i802_bss * bss,const u8 * data,size_t data_len,int noack,unsigned int freq,int no_cck,int offchanok,unsigned int wait_time,const u16 * csa_offs,size_t csa_offs_len)3237 static int wpa_driver_nl80211_send_mlme(struct i802_bss *bss, const u8 *data,
3238 size_t data_len, int noack,
3239 unsigned int freq, int no_cck,
3240 int offchanok,
3241 unsigned int wait_time,
3242 const u16 *csa_offs,
3243 size_t csa_offs_len)
3244 {
3245 struct wpa_driver_nl80211_data *drv = bss->drv;
3246 struct ieee80211_mgmt *mgmt;
3247 int encrypt = 1;
3248 u16 fc;
3249
3250 mgmt = (struct ieee80211_mgmt *) data;
3251 fc = le_to_host16(mgmt->frame_control);
3252 wpa_printf(MSG_DEBUG, "nl80211: send_mlme - da= " MACSTR
3253 " noack=%d freq=%u no_cck=%d offchanok=%d wait_time=%u fc=0x%x (%s) nlmode=%d",
3254 MAC2STR(mgmt->da), noack, freq, no_cck, offchanok, wait_time,
3255 fc, fc2str(fc), drv->nlmode);
3256
3257 if ((is_sta_interface(drv->nlmode) ||
3258 drv->nlmode == NL80211_IFTYPE_P2P_DEVICE) &&
3259 WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT &&
3260 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_PROBE_RESP) {
3261 /*
3262 * The use of last_mgmt_freq is a bit of a hack,
3263 * but it works due to the single-threaded nature
3264 * of wpa_supplicant.
3265 */
3266 if (freq == 0) {
3267 wpa_printf(MSG_DEBUG, "nl80211: Use last_mgmt_freq=%d",
3268 drv->last_mgmt_freq);
3269 freq = drv->last_mgmt_freq;
3270 }
3271 return nl80211_send_frame_cmd(bss, freq, 0,
3272 data, data_len, NULL, 1, noack,
3273 1, csa_offs, csa_offs_len);
3274 }
3275
3276 if (drv->device_ap_sme && is_ap_interface(drv->nlmode)) {
3277 if (freq == 0) {
3278 wpa_printf(MSG_DEBUG, "nl80211: Use bss->freq=%d",
3279 bss->freq);
3280 freq = bss->freq;
3281 }
3282 return nl80211_send_frame_cmd(bss, freq,
3283 (int) freq == bss->freq ? 0 :
3284 wait_time,
3285 data, data_len,
3286 &drv->send_action_cookie,
3287 no_cck, noack, offchanok,
3288 csa_offs, csa_offs_len);
3289 }
3290
3291 if (WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT &&
3292 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_AUTH) {
3293 /*
3294 * Only one of the authentication frame types is encrypted.
3295 * In order for static WEP encryption to work properly (i.e.,
3296 * to not encrypt the frame), we need to tell mac80211 about
3297 * the frames that must not be encrypted.
3298 */
3299 u16 auth_alg = le_to_host16(mgmt->u.auth.auth_alg);
3300 u16 auth_trans = le_to_host16(mgmt->u.auth.auth_transaction);
3301 if (auth_alg != WLAN_AUTH_SHARED_KEY || auth_trans != 3)
3302 encrypt = 0;
3303 }
3304
3305 wpa_printf(MSG_DEBUG, "nl80211: send_mlme -> send_frame");
3306 return wpa_driver_nl80211_send_frame(bss, data, data_len, encrypt,
3307 noack, freq, no_cck, offchanok,
3308 wait_time, csa_offs,
3309 csa_offs_len);
3310 }
3311
3312
nl80211_put_basic_rates(struct nl_msg * msg,const int * basic_rates)3313 static int nl80211_put_basic_rates(struct nl_msg *msg, const int *basic_rates)
3314 {
3315 u8 rates[NL80211_MAX_SUPP_RATES];
3316 u8 rates_len = 0;
3317 int i;
3318
3319 if (!basic_rates)
3320 return 0;
3321
3322 for (i = 0; i < NL80211_MAX_SUPP_RATES && basic_rates[i] >= 0; i++)
3323 rates[rates_len++] = basic_rates[i] / 5;
3324
3325 return nla_put(msg, NL80211_ATTR_BSS_BASIC_RATES, rates_len, rates);
3326 }
3327
3328
nl80211_set_bss(struct i802_bss * bss,int cts,int preamble,int slot,int ht_opmode,int ap_isolate,const int * basic_rates)3329 static int nl80211_set_bss(struct i802_bss *bss, int cts, int preamble,
3330 int slot, int ht_opmode, int ap_isolate,
3331 const int *basic_rates)
3332 {
3333 struct wpa_driver_nl80211_data *drv = bss->drv;
3334 struct nl_msg *msg;
3335
3336 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_BSS)) ||
3337 (cts >= 0 &&
3338 nla_put_u8(msg, NL80211_ATTR_BSS_CTS_PROT, cts)) ||
3339 (preamble >= 0 &&
3340 nla_put_u8(msg, NL80211_ATTR_BSS_SHORT_PREAMBLE, preamble)) ||
3341 (slot >= 0 &&
3342 nla_put_u8(msg, NL80211_ATTR_BSS_SHORT_SLOT_TIME, slot)) ||
3343 (ht_opmode >= 0 &&
3344 nla_put_u16(msg, NL80211_ATTR_BSS_HT_OPMODE, ht_opmode)) ||
3345 (ap_isolate >= 0 &&
3346 nla_put_u8(msg, NL80211_ATTR_AP_ISOLATE, ap_isolate)) ||
3347 nl80211_put_basic_rates(msg, basic_rates)) {
3348 nlmsg_free(msg);
3349 return -ENOBUFS;
3350 }
3351
3352 return send_and_recv_msgs(drv, msg, NULL, NULL);
3353 }
3354
3355
wpa_driver_nl80211_set_acl(void * priv,struct hostapd_acl_params * params)3356 static int wpa_driver_nl80211_set_acl(void *priv,
3357 struct hostapd_acl_params *params)
3358 {
3359 struct i802_bss *bss = priv;
3360 struct wpa_driver_nl80211_data *drv = bss->drv;
3361 struct nl_msg *msg;
3362 struct nl_msg *acl;
3363 unsigned int i;
3364 int ret;
3365
3366 if (!(drv->capa.max_acl_mac_addrs))
3367 return -ENOTSUP;
3368
3369 if (params->num_mac_acl > drv->capa.max_acl_mac_addrs)
3370 return -ENOTSUP;
3371
3372 wpa_printf(MSG_DEBUG, "nl80211: Set %s ACL (num_mac_acl=%u)",
3373 params->acl_policy ? "Accept" : "Deny", params->num_mac_acl);
3374
3375 acl = nlmsg_alloc();
3376 if (!acl)
3377 return -ENOMEM;
3378 for (i = 0; i < params->num_mac_acl; i++) {
3379 if (nla_put(acl, i + 1, ETH_ALEN, params->mac_acl[i].addr)) {
3380 nlmsg_free(acl);
3381 return -ENOMEM;
3382 }
3383 }
3384
3385 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_SET_MAC_ACL)) ||
3386 nla_put_u32(msg, NL80211_ATTR_ACL_POLICY, params->acl_policy ?
3387 NL80211_ACL_POLICY_DENY_UNLESS_LISTED :
3388 NL80211_ACL_POLICY_ACCEPT_UNLESS_LISTED) ||
3389 nla_put_nested(msg, NL80211_ATTR_MAC_ADDRS, acl)) {
3390 nlmsg_free(msg);
3391 nlmsg_free(acl);
3392 return -ENOMEM;
3393 }
3394 nlmsg_free(acl);
3395
3396 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
3397 if (ret) {
3398 wpa_printf(MSG_DEBUG, "nl80211: Failed to set MAC ACL: %d (%s)",
3399 ret, strerror(-ret));
3400 }
3401
3402 return ret;
3403 }
3404
3405
nl80211_put_beacon_int(struct nl_msg * msg,int beacon_int)3406 static int nl80211_put_beacon_int(struct nl_msg *msg, int beacon_int)
3407 {
3408 if (beacon_int > 0) {
3409 wpa_printf(MSG_DEBUG, " * beacon_int=%d", beacon_int);
3410 return nla_put_u32(msg, NL80211_ATTR_BEACON_INTERVAL,
3411 beacon_int);
3412 }
3413
3414 return 0;
3415 }
3416
3417
wpa_driver_nl80211_set_ap(void * priv,struct wpa_driver_ap_params * params)3418 static int wpa_driver_nl80211_set_ap(void *priv,
3419 struct wpa_driver_ap_params *params)
3420 {
3421 struct i802_bss *bss = priv;
3422 struct wpa_driver_nl80211_data *drv = bss->drv;
3423 struct nl_msg *msg;
3424 u8 cmd = NL80211_CMD_NEW_BEACON;
3425 int ret;
3426 int beacon_set;
3427 int num_suites;
3428 int smps_mode;
3429 u32 suites[10], suite;
3430 u32 ver;
3431
3432 beacon_set = params->reenable ? 0 : bss->beacon_set;
3433
3434 wpa_printf(MSG_DEBUG, "nl80211: Set beacon (beacon_set=%d)",
3435 beacon_set);
3436 if (beacon_set)
3437 cmd = NL80211_CMD_SET_BEACON;
3438
3439 wpa_hexdump(MSG_DEBUG, "nl80211: Beacon head",
3440 params->head, params->head_len);
3441 wpa_hexdump(MSG_DEBUG, "nl80211: Beacon tail",
3442 params->tail, params->tail_len);
3443 wpa_printf(MSG_DEBUG, "nl80211: ifindex=%d", bss->ifindex);
3444 wpa_printf(MSG_DEBUG, "nl80211: beacon_int=%d", params->beacon_int);
3445 wpa_printf(MSG_DEBUG, "nl80211: dtim_period=%d", params->dtim_period);
3446 wpa_hexdump_ascii(MSG_DEBUG, "nl80211: ssid",
3447 params->ssid, params->ssid_len);
3448 if (!(msg = nl80211_bss_msg(bss, 0, cmd)) ||
3449 nla_put(msg, NL80211_ATTR_BEACON_HEAD, params->head_len,
3450 params->head) ||
3451 nla_put(msg, NL80211_ATTR_BEACON_TAIL, params->tail_len,
3452 params->tail) ||
3453 nl80211_put_beacon_int(msg, params->beacon_int) ||
3454 nla_put_u32(msg, NL80211_ATTR_DTIM_PERIOD, params->dtim_period) ||
3455 nla_put(msg, NL80211_ATTR_SSID, params->ssid_len, params->ssid))
3456 goto fail;
3457 if (params->proberesp && params->proberesp_len) {
3458 wpa_hexdump(MSG_DEBUG, "nl80211: proberesp (offload)",
3459 params->proberesp, params->proberesp_len);
3460 if (nla_put(msg, NL80211_ATTR_PROBE_RESP, params->proberesp_len,
3461 params->proberesp))
3462 goto fail;
3463 }
3464 switch (params->hide_ssid) {
3465 case NO_SSID_HIDING:
3466 wpa_printf(MSG_DEBUG, "nl80211: hidden SSID not in use");
3467 if (nla_put_u32(msg, NL80211_ATTR_HIDDEN_SSID,
3468 NL80211_HIDDEN_SSID_NOT_IN_USE))
3469 goto fail;
3470 break;
3471 case HIDDEN_SSID_ZERO_LEN:
3472 wpa_printf(MSG_DEBUG, "nl80211: hidden SSID zero len");
3473 if (nla_put_u32(msg, NL80211_ATTR_HIDDEN_SSID,
3474 NL80211_HIDDEN_SSID_ZERO_LEN))
3475 goto fail;
3476 break;
3477 case HIDDEN_SSID_ZERO_CONTENTS:
3478 wpa_printf(MSG_DEBUG, "nl80211: hidden SSID zero contents");
3479 if (nla_put_u32(msg, NL80211_ATTR_HIDDEN_SSID,
3480 NL80211_HIDDEN_SSID_ZERO_CONTENTS))
3481 goto fail;
3482 break;
3483 }
3484 wpa_printf(MSG_DEBUG, "nl80211: privacy=%d", params->privacy);
3485 if (params->privacy &&
3486 nla_put_flag(msg, NL80211_ATTR_PRIVACY))
3487 goto fail;
3488 wpa_printf(MSG_DEBUG, "nl80211: auth_algs=0x%x", params->auth_algs);
3489 if ((params->auth_algs & (WPA_AUTH_ALG_OPEN | WPA_AUTH_ALG_SHARED)) ==
3490 (WPA_AUTH_ALG_OPEN | WPA_AUTH_ALG_SHARED)) {
3491 /* Leave out the attribute */
3492 } else if (params->auth_algs & WPA_AUTH_ALG_SHARED) {
3493 if (nla_put_u32(msg, NL80211_ATTR_AUTH_TYPE,
3494 NL80211_AUTHTYPE_SHARED_KEY))
3495 goto fail;
3496 } else {
3497 if (nla_put_u32(msg, NL80211_ATTR_AUTH_TYPE,
3498 NL80211_AUTHTYPE_OPEN_SYSTEM))
3499 goto fail;
3500 }
3501
3502 wpa_printf(MSG_DEBUG, "nl80211: wpa_version=0x%x", params->wpa_version);
3503 ver = 0;
3504 if (params->wpa_version & WPA_PROTO_WPA)
3505 ver |= NL80211_WPA_VERSION_1;
3506 if (params->wpa_version & WPA_PROTO_RSN)
3507 ver |= NL80211_WPA_VERSION_2;
3508 if (ver &&
3509 nla_put_u32(msg, NL80211_ATTR_WPA_VERSIONS, ver))
3510 goto fail;
3511
3512 wpa_printf(MSG_DEBUG, "nl80211: key_mgmt_suites=0x%x",
3513 params->key_mgmt_suites);
3514 num_suites = 0;
3515 if (params->key_mgmt_suites & WPA_KEY_MGMT_IEEE8021X)
3516 suites[num_suites++] = WLAN_AKM_SUITE_8021X;
3517 if (params->key_mgmt_suites & WPA_KEY_MGMT_PSK)
3518 suites[num_suites++] = WLAN_AKM_SUITE_PSK;
3519 if (num_suites &&
3520 nla_put(msg, NL80211_ATTR_AKM_SUITES, num_suites * sizeof(u32),
3521 suites))
3522 goto fail;
3523
3524 if (params->key_mgmt_suites & WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
3525 params->pairwise_ciphers & (WPA_CIPHER_WEP104 | WPA_CIPHER_WEP40) &&
3526 nla_put_flag(msg, NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT))
3527 goto fail;
3528
3529 wpa_printf(MSG_DEBUG, "nl80211: pairwise_ciphers=0x%x",
3530 params->pairwise_ciphers);
3531 num_suites = wpa_cipher_to_cipher_suites(params->pairwise_ciphers,
3532 suites, ARRAY_SIZE(suites));
3533 if (num_suites &&
3534 nla_put(msg, NL80211_ATTR_CIPHER_SUITES_PAIRWISE,
3535 num_suites * sizeof(u32), suites))
3536 goto fail;
3537
3538 wpa_printf(MSG_DEBUG, "nl80211: group_cipher=0x%x",
3539 params->group_cipher);
3540 suite = wpa_cipher_to_cipher_suite(params->group_cipher);
3541 if (suite &&
3542 nla_put_u32(msg, NL80211_ATTR_CIPHER_SUITE_GROUP, suite))
3543 goto fail;
3544
3545 if (params->ht_opmode != -1) {
3546 switch (params->smps_mode) {
3547 case HT_CAP_INFO_SMPS_DYNAMIC:
3548 wpa_printf(MSG_DEBUG, "nl80211: SMPS mode - dynamic");
3549 smps_mode = NL80211_SMPS_DYNAMIC;
3550 break;
3551 case HT_CAP_INFO_SMPS_STATIC:
3552 wpa_printf(MSG_DEBUG, "nl80211: SMPS mode - static");
3553 smps_mode = NL80211_SMPS_STATIC;
3554 break;
3555 default:
3556 /* invalid - fallback to smps off */
3557 case HT_CAP_INFO_SMPS_DISABLED:
3558 wpa_printf(MSG_DEBUG, "nl80211: SMPS mode - off");
3559 smps_mode = NL80211_SMPS_OFF;
3560 break;
3561 }
3562 if (nla_put_u32(msg, NL80211_ATTR_SMPS_MODE, smps_mode))
3563 goto fail;
3564 }
3565
3566 if (params->beacon_ies) {
3567 wpa_hexdump_buf(MSG_DEBUG, "nl80211: beacon_ies",
3568 params->beacon_ies);
3569 if (nla_put(msg, NL80211_ATTR_IE,
3570 wpabuf_len(params->beacon_ies),
3571 wpabuf_head(params->beacon_ies)))
3572 goto fail;
3573 }
3574 if (params->proberesp_ies) {
3575 wpa_hexdump_buf(MSG_DEBUG, "nl80211: proberesp_ies",
3576 params->proberesp_ies);
3577 if (nla_put(msg, NL80211_ATTR_IE_PROBE_RESP,
3578 wpabuf_len(params->proberesp_ies),
3579 wpabuf_head(params->proberesp_ies)))
3580 goto fail;
3581 }
3582 if (params->assocresp_ies) {
3583 wpa_hexdump_buf(MSG_DEBUG, "nl80211: assocresp_ies",
3584 params->assocresp_ies);
3585 if (nla_put(msg, NL80211_ATTR_IE_ASSOC_RESP,
3586 wpabuf_len(params->assocresp_ies),
3587 wpabuf_head(params->assocresp_ies)))
3588 goto fail;
3589 }
3590
3591 if (drv->capa.flags & WPA_DRIVER_FLAGS_INACTIVITY_TIMER) {
3592 wpa_printf(MSG_DEBUG, "nl80211: ap_max_inactivity=%d",
3593 params->ap_max_inactivity);
3594 if (nla_put_u16(msg, NL80211_ATTR_INACTIVITY_TIMEOUT,
3595 params->ap_max_inactivity))
3596 goto fail;
3597 }
3598
3599 #ifdef CONFIG_P2P
3600 if (params->p2p_go_ctwindow > 0) {
3601 if (drv->p2p_go_ctwindow_supported) {
3602 wpa_printf(MSG_DEBUG, "nl80211: P2P GO ctwindow=%d",
3603 params->p2p_go_ctwindow);
3604 if (nla_put_u8(msg, NL80211_ATTR_P2P_CTWINDOW,
3605 params->p2p_go_ctwindow))
3606 goto fail;
3607 } else {
3608 wpa_printf(MSG_INFO,
3609 "nl80211: Driver does not support CTWindow configuration - ignore this parameter");
3610 }
3611 }
3612 #endif /* CONFIG_P2P */
3613
3614 if (params->pbss) {
3615 wpa_printf(MSG_DEBUG, "nl80211: PBSS");
3616 if (nla_put_flag(msg, NL80211_ATTR_PBSS))
3617 goto fail;
3618 }
3619
3620 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
3621 if (ret) {
3622 wpa_printf(MSG_DEBUG, "nl80211: Beacon set failed: %d (%s)",
3623 ret, strerror(-ret));
3624 } else {
3625 bss->beacon_set = 1;
3626 nl80211_set_bss(bss, params->cts_protect, params->preamble,
3627 params->short_slot_time, params->ht_opmode,
3628 params->isolate, params->basic_rates);
3629 if (beacon_set && params->freq &&
3630 params->freq->bandwidth != bss->bandwidth) {
3631 wpa_printf(MSG_DEBUG,
3632 "nl80211: Update BSS %s bandwidth: %d -> %d",
3633 bss->ifname, bss->bandwidth,
3634 params->freq->bandwidth);
3635 ret = nl80211_set_channel(bss, params->freq, 1);
3636 if (ret) {
3637 wpa_printf(MSG_DEBUG,
3638 "nl80211: Frequency set failed: %d (%s)",
3639 ret, strerror(-ret));
3640 } else {
3641 wpa_printf(MSG_DEBUG,
3642 "nl80211: Frequency set succeeded for ht2040 coex");
3643 bss->bandwidth = params->freq->bandwidth;
3644 }
3645 } else if (!beacon_set) {
3646 /*
3647 * cfg80211 updates the driver on frequence change in AP
3648 * mode only at the point when beaconing is started, so
3649 * set the initial value here.
3650 */
3651 bss->bandwidth = params->freq->bandwidth;
3652 }
3653 }
3654 return ret;
3655 fail:
3656 nlmsg_free(msg);
3657 return -ENOBUFS;
3658 }
3659
3660
nl80211_put_freq_params(struct nl_msg * msg,const struct hostapd_freq_params * freq)3661 static int nl80211_put_freq_params(struct nl_msg *msg,
3662 const struct hostapd_freq_params *freq)
3663 {
3664 wpa_printf(MSG_DEBUG, " * freq=%d", freq->freq);
3665 if (nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, freq->freq))
3666 return -ENOBUFS;
3667
3668 wpa_printf(MSG_DEBUG, " * vht_enabled=%d", freq->vht_enabled);
3669 wpa_printf(MSG_DEBUG, " * ht_enabled=%d", freq->ht_enabled);
3670
3671 if (freq->vht_enabled) {
3672 enum nl80211_chan_width cw;
3673
3674 wpa_printf(MSG_DEBUG, " * bandwidth=%d", freq->bandwidth);
3675 switch (freq->bandwidth) {
3676 case 20:
3677 cw = NL80211_CHAN_WIDTH_20;
3678 break;
3679 case 40:
3680 cw = NL80211_CHAN_WIDTH_40;
3681 break;
3682 case 80:
3683 if (freq->center_freq2)
3684 cw = NL80211_CHAN_WIDTH_80P80;
3685 else
3686 cw = NL80211_CHAN_WIDTH_80;
3687 break;
3688 case 160:
3689 cw = NL80211_CHAN_WIDTH_160;
3690 break;
3691 default:
3692 return -EINVAL;
3693 }
3694
3695 wpa_printf(MSG_DEBUG, " * channel_width=%d", cw);
3696 wpa_printf(MSG_DEBUG, " * center_freq1=%d",
3697 freq->center_freq1);
3698 wpa_printf(MSG_DEBUG, " * center_freq2=%d",
3699 freq->center_freq2);
3700 if (nla_put_u32(msg, NL80211_ATTR_CHANNEL_WIDTH, cw) ||
3701 nla_put_u32(msg, NL80211_ATTR_CENTER_FREQ1,
3702 freq->center_freq1) ||
3703 (freq->center_freq2 &&
3704 nla_put_u32(msg, NL80211_ATTR_CENTER_FREQ2,
3705 freq->center_freq2)))
3706 return -ENOBUFS;
3707 } else if (freq->ht_enabled) {
3708 enum nl80211_channel_type ct;
3709
3710 wpa_printf(MSG_DEBUG, " * sec_channel_offset=%d",
3711 freq->sec_channel_offset);
3712 switch (freq->sec_channel_offset) {
3713 case -1:
3714 ct = NL80211_CHAN_HT40MINUS;
3715 break;
3716 case 1:
3717 ct = NL80211_CHAN_HT40PLUS;
3718 break;
3719 default:
3720 ct = NL80211_CHAN_HT20;
3721 break;
3722 }
3723
3724 wpa_printf(MSG_DEBUG, " * channel_type=%d", ct);
3725 if (nla_put_u32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE, ct))
3726 return -ENOBUFS;
3727 }
3728 return 0;
3729 }
3730
3731
nl80211_set_channel(struct i802_bss * bss,struct hostapd_freq_params * freq,int set_chan)3732 static int nl80211_set_channel(struct i802_bss *bss,
3733 struct hostapd_freq_params *freq, int set_chan)
3734 {
3735 struct wpa_driver_nl80211_data *drv = bss->drv;
3736 struct nl_msg *msg;
3737 int ret;
3738
3739 wpa_printf(MSG_DEBUG,
3740 "nl80211: Set freq %d (ht_enabled=%d, vht_enabled=%d, bandwidth=%d MHz, cf1=%d MHz, cf2=%d MHz)",
3741 freq->freq, freq->ht_enabled, freq->vht_enabled,
3742 freq->bandwidth, freq->center_freq1, freq->center_freq2);
3743
3744 msg = nl80211_drv_msg(drv, 0, set_chan ? NL80211_CMD_SET_CHANNEL :
3745 NL80211_CMD_SET_WIPHY);
3746 if (!msg || nl80211_put_freq_params(msg, freq) < 0) {
3747 nlmsg_free(msg);
3748 return -1;
3749 }
3750
3751 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
3752 if (ret == 0) {
3753 bss->freq = freq->freq;
3754 return 0;
3755 }
3756 wpa_printf(MSG_DEBUG, "nl80211: Failed to set channel (freq=%d): "
3757 "%d (%s)", freq->freq, ret, strerror(-ret));
3758 return -1;
3759 }
3760
3761
sta_flags_nl80211(int flags)3762 static u32 sta_flags_nl80211(int flags)
3763 {
3764 u32 f = 0;
3765
3766 if (flags & WPA_STA_AUTHORIZED)
3767 f |= BIT(NL80211_STA_FLAG_AUTHORIZED);
3768 if (flags & WPA_STA_WMM)
3769 f |= BIT(NL80211_STA_FLAG_WME);
3770 if (flags & WPA_STA_SHORT_PREAMBLE)
3771 f |= BIT(NL80211_STA_FLAG_SHORT_PREAMBLE);
3772 if (flags & WPA_STA_MFP)
3773 f |= BIT(NL80211_STA_FLAG_MFP);
3774 if (flags & WPA_STA_TDLS_PEER)
3775 f |= BIT(NL80211_STA_FLAG_TDLS_PEER);
3776 if (flags & WPA_STA_AUTHENTICATED)
3777 f |= BIT(NL80211_STA_FLAG_AUTHENTICATED);
3778 if (flags & WPA_STA_ASSOCIATED)
3779 f |= BIT(NL80211_STA_FLAG_ASSOCIATED);
3780
3781 return f;
3782 }
3783
3784
3785 #ifdef CONFIG_MESH
sta_plink_state_nl80211(enum mesh_plink_state state)3786 static u32 sta_plink_state_nl80211(enum mesh_plink_state state)
3787 {
3788 switch (state) {
3789 case PLINK_LISTEN:
3790 return NL80211_PLINK_LISTEN;
3791 case PLINK_OPEN_SENT:
3792 return NL80211_PLINK_OPN_SNT;
3793 case PLINK_OPEN_RCVD:
3794 return NL80211_PLINK_OPN_RCVD;
3795 case PLINK_CNF_RCVD:
3796 return NL80211_PLINK_CNF_RCVD;
3797 case PLINK_ESTAB:
3798 return NL80211_PLINK_ESTAB;
3799 case PLINK_HOLDING:
3800 return NL80211_PLINK_HOLDING;
3801 case PLINK_BLOCKED:
3802 return NL80211_PLINK_BLOCKED;
3803 default:
3804 wpa_printf(MSG_ERROR, "nl80211: Invalid mesh plink state %d",
3805 state);
3806 }
3807 return -1;
3808 }
3809 #endif /* CONFIG_MESH */
3810
3811
wpa_driver_nl80211_sta_add(void * priv,struct hostapd_sta_add_params * params)3812 static int wpa_driver_nl80211_sta_add(void *priv,
3813 struct hostapd_sta_add_params *params)
3814 {
3815 struct i802_bss *bss = priv;
3816 struct wpa_driver_nl80211_data *drv = bss->drv;
3817 struct nl_msg *msg;
3818 struct nl80211_sta_flag_update upd;
3819 int ret = -ENOBUFS;
3820
3821 if ((params->flags & WPA_STA_TDLS_PEER) &&
3822 !(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT))
3823 return -EOPNOTSUPP;
3824
3825 wpa_printf(MSG_DEBUG, "nl80211: %s STA " MACSTR,
3826 params->set ? "Set" : "Add", MAC2STR(params->addr));
3827 msg = nl80211_bss_msg(bss, 0, params->set ? NL80211_CMD_SET_STATION :
3828 NL80211_CMD_NEW_STATION);
3829 if (!msg || nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, params->addr))
3830 goto fail;
3831
3832 /*
3833 * Set the below properties only in one of the following cases:
3834 * 1. New station is added, already associated.
3835 * 2. Set WPA_STA_TDLS_PEER station.
3836 * 3. Set an already added unassociated station, if driver supports
3837 * full AP client state. (Set these properties after station became
3838 * associated will be rejected by the driver).
3839 */
3840 if (!params->set || (params->flags & WPA_STA_TDLS_PEER) ||
3841 (params->set && FULL_AP_CLIENT_STATE_SUPP(drv->capa.flags) &&
3842 (params->flags & WPA_STA_ASSOCIATED))) {
3843 wpa_hexdump(MSG_DEBUG, " * supported rates",
3844 params->supp_rates, params->supp_rates_len);
3845 wpa_printf(MSG_DEBUG, " * capability=0x%x",
3846 params->capability);
3847 if (nla_put(msg, NL80211_ATTR_STA_SUPPORTED_RATES,
3848 params->supp_rates_len, params->supp_rates) ||
3849 nla_put_u16(msg, NL80211_ATTR_STA_CAPABILITY,
3850 params->capability))
3851 goto fail;
3852
3853 if (params->ht_capabilities) {
3854 wpa_hexdump(MSG_DEBUG, " * ht_capabilities",
3855 (u8 *) params->ht_capabilities,
3856 sizeof(*params->ht_capabilities));
3857 if (nla_put(msg, NL80211_ATTR_HT_CAPABILITY,
3858 sizeof(*params->ht_capabilities),
3859 params->ht_capabilities))
3860 goto fail;
3861 }
3862
3863 if (params->vht_capabilities) {
3864 wpa_hexdump(MSG_DEBUG, " * vht_capabilities",
3865 (u8 *) params->vht_capabilities,
3866 sizeof(*params->vht_capabilities));
3867 if (nla_put(msg, NL80211_ATTR_VHT_CAPABILITY,
3868 sizeof(*params->vht_capabilities),
3869 params->vht_capabilities))
3870 goto fail;
3871 }
3872
3873 if (params->ext_capab) {
3874 wpa_hexdump(MSG_DEBUG, " * ext_capab",
3875 params->ext_capab, params->ext_capab_len);
3876 if (nla_put(msg, NL80211_ATTR_STA_EXT_CAPABILITY,
3877 params->ext_capab_len, params->ext_capab))
3878 goto fail;
3879 }
3880 }
3881 if (!params->set) {
3882 if (params->aid) {
3883 wpa_printf(MSG_DEBUG, " * aid=%u", params->aid);
3884 if (nla_put_u16(msg, NL80211_ATTR_STA_AID, params->aid))
3885 goto fail;
3886 } else {
3887 /*
3888 * cfg80211 validates that AID is non-zero, so we have
3889 * to make this a non-zero value for the TDLS case where
3890 * a dummy STA entry is used for now and for a station
3891 * that is still not associated.
3892 */
3893 wpa_printf(MSG_DEBUG, " * aid=1 (%s workaround)",
3894 (params->flags & WPA_STA_TDLS_PEER) ?
3895 "TDLS" : "UNASSOC_STA");
3896 if (nla_put_u16(msg, NL80211_ATTR_STA_AID, 1))
3897 goto fail;
3898 }
3899 wpa_printf(MSG_DEBUG, " * listen_interval=%u",
3900 params->listen_interval);
3901 if (nla_put_u16(msg, NL80211_ATTR_STA_LISTEN_INTERVAL,
3902 params->listen_interval))
3903 goto fail;
3904 } else if (params->aid && (params->flags & WPA_STA_TDLS_PEER)) {
3905 wpa_printf(MSG_DEBUG, " * peer_aid=%u", params->aid);
3906 if (nla_put_u16(msg, NL80211_ATTR_PEER_AID, params->aid))
3907 goto fail;
3908 } else if (FULL_AP_CLIENT_STATE_SUPP(drv->capa.flags) &&
3909 (params->flags & WPA_STA_ASSOCIATED)) {
3910 wpa_printf(MSG_DEBUG, " * aid=%u", params->aid);
3911 wpa_printf(MSG_DEBUG, " * listen_interval=%u",
3912 params->listen_interval);
3913 if (nla_put_u16(msg, NL80211_ATTR_STA_AID, params->aid) ||
3914 nla_put_u16(msg, NL80211_ATTR_STA_LISTEN_INTERVAL,
3915 params->listen_interval))
3916 goto fail;
3917 }
3918
3919 if (params->vht_opmode_enabled) {
3920 wpa_printf(MSG_DEBUG, " * opmode=%u", params->vht_opmode);
3921 if (nla_put_u8(msg, NL80211_ATTR_OPMODE_NOTIF,
3922 params->vht_opmode))
3923 goto fail;
3924 }
3925
3926 if (params->supp_channels) {
3927 wpa_hexdump(MSG_DEBUG, " * supported channels",
3928 params->supp_channels, params->supp_channels_len);
3929 if (nla_put(msg, NL80211_ATTR_STA_SUPPORTED_CHANNELS,
3930 params->supp_channels_len, params->supp_channels))
3931 goto fail;
3932 }
3933
3934 if (params->supp_oper_classes) {
3935 wpa_hexdump(MSG_DEBUG, " * supported operating classes",
3936 params->supp_oper_classes,
3937 params->supp_oper_classes_len);
3938 if (nla_put(msg, NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES,
3939 params->supp_oper_classes_len,
3940 params->supp_oper_classes))
3941 goto fail;
3942 }
3943
3944 os_memset(&upd, 0, sizeof(upd));
3945 upd.set = sta_flags_nl80211(params->flags);
3946 upd.mask = upd.set | sta_flags_nl80211(params->flags_mask);
3947
3948 /*
3949 * If the driver doesn't support full AP client state, ignore ASSOC/AUTH
3950 * flags, as nl80211 driver moves a new station, by default, into
3951 * associated state.
3952 *
3953 * On the other hand, if the driver supports that feature and the
3954 * station is added in unauthenticated state, set the
3955 * authenticated/associated bits in the mask to prevent moving this
3956 * station to associated state before it is actually associated.
3957 *
3958 * This is irrelevant for mesh mode where the station is added to the
3959 * driver as authenticated already, and ASSOCIATED isn't part of the
3960 * nl80211 API.
3961 */
3962 if (!is_mesh_interface(drv->nlmode)) {
3963 if (!FULL_AP_CLIENT_STATE_SUPP(drv->capa.flags)) {
3964 wpa_printf(MSG_DEBUG,
3965 "nl80211: Ignore ASSOC/AUTH flags since driver doesn't support full AP client state");
3966 upd.mask &= ~(BIT(NL80211_STA_FLAG_ASSOCIATED) |
3967 BIT(NL80211_STA_FLAG_AUTHENTICATED));
3968 } else if (!params->set &&
3969 !(params->flags & WPA_STA_TDLS_PEER)) {
3970 if (!(params->flags & WPA_STA_AUTHENTICATED))
3971 upd.mask |= BIT(NL80211_STA_FLAG_AUTHENTICATED);
3972 if (!(params->flags & WPA_STA_ASSOCIATED))
3973 upd.mask |= BIT(NL80211_STA_FLAG_ASSOCIATED);
3974 }
3975 }
3976
3977 wpa_printf(MSG_DEBUG, " * flags set=0x%x mask=0x%x",
3978 upd.set, upd.mask);
3979 if (nla_put(msg, NL80211_ATTR_STA_FLAGS2, sizeof(upd), &upd))
3980 goto fail;
3981
3982 #ifdef CONFIG_MESH
3983 if (params->plink_state &&
3984 nla_put_u8(msg, NL80211_ATTR_STA_PLINK_STATE,
3985 sta_plink_state_nl80211(params->plink_state)))
3986 goto fail;
3987 #endif /* CONFIG_MESH */
3988
3989 if (params->flags & WPA_STA_WMM) {
3990 struct nlattr *wme = nla_nest_start(msg, NL80211_ATTR_STA_WME);
3991
3992 wpa_printf(MSG_DEBUG, " * qosinfo=0x%x", params->qosinfo);
3993 if (!wme ||
3994 nla_put_u8(msg, NL80211_STA_WME_UAPSD_QUEUES,
3995 params->qosinfo & WMM_QOSINFO_STA_AC_MASK) ||
3996 nla_put_u8(msg, NL80211_STA_WME_MAX_SP,
3997 (params->qosinfo >> WMM_QOSINFO_STA_SP_SHIFT) &
3998 WMM_QOSINFO_STA_SP_MASK))
3999 goto fail;
4000 nla_nest_end(msg, wme);
4001 }
4002
4003 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
4004 msg = NULL;
4005 if (ret)
4006 wpa_printf(MSG_DEBUG, "nl80211: NL80211_CMD_%s_STATION "
4007 "result: %d (%s)", params->set ? "SET" : "NEW", ret,
4008 strerror(-ret));
4009 if (ret == -EEXIST)
4010 ret = 0;
4011 fail:
4012 nlmsg_free(msg);
4013 return ret;
4014 }
4015
4016
rtnl_neigh_delete_fdb_entry(struct i802_bss * bss,const u8 * addr)4017 static void rtnl_neigh_delete_fdb_entry(struct i802_bss *bss, const u8 *addr)
4018 {
4019 #ifdef CONFIG_LIBNL3_ROUTE
4020 struct wpa_driver_nl80211_data *drv = bss->drv;
4021 struct rtnl_neigh *rn;
4022 struct nl_addr *nl_addr;
4023 int err;
4024
4025 rn = rtnl_neigh_alloc();
4026 if (!rn)
4027 return;
4028
4029 rtnl_neigh_set_family(rn, AF_BRIDGE);
4030 rtnl_neigh_set_ifindex(rn, bss->ifindex);
4031 nl_addr = nl_addr_build(AF_BRIDGE, (void *) addr, ETH_ALEN);
4032 if (!nl_addr) {
4033 rtnl_neigh_put(rn);
4034 return;
4035 }
4036 rtnl_neigh_set_lladdr(rn, nl_addr);
4037
4038 err = rtnl_neigh_delete(drv->rtnl_sk, rn, 0);
4039 if (err < 0) {
4040 wpa_printf(MSG_DEBUG, "nl80211: bridge FDB entry delete for "
4041 MACSTR " ifindex=%d failed: %s", MAC2STR(addr),
4042 bss->ifindex, nl_geterror(err));
4043 } else {
4044 wpa_printf(MSG_DEBUG, "nl80211: deleted bridge FDB entry for "
4045 MACSTR, MAC2STR(addr));
4046 }
4047
4048 nl_addr_put(nl_addr);
4049 rtnl_neigh_put(rn);
4050 #endif /* CONFIG_LIBNL3_ROUTE */
4051 }
4052
4053
wpa_driver_nl80211_sta_remove(struct i802_bss * bss,const u8 * addr,int deauth,u16 reason_code)4054 static int wpa_driver_nl80211_sta_remove(struct i802_bss *bss, const u8 *addr,
4055 int deauth, u16 reason_code)
4056 {
4057 struct wpa_driver_nl80211_data *drv = bss->drv;
4058 struct nl_msg *msg;
4059 int ret;
4060
4061 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_DEL_STATION)) ||
4062 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr) ||
4063 (deauth == 0 &&
4064 nla_put_u8(msg, NL80211_ATTR_MGMT_SUBTYPE,
4065 WLAN_FC_STYPE_DISASSOC)) ||
4066 (deauth == 1 &&
4067 nla_put_u8(msg, NL80211_ATTR_MGMT_SUBTYPE,
4068 WLAN_FC_STYPE_DEAUTH)) ||
4069 (reason_code &&
4070 nla_put_u16(msg, NL80211_ATTR_REASON_CODE, reason_code))) {
4071 nlmsg_free(msg);
4072 return -ENOBUFS;
4073 }
4074
4075 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
4076 wpa_printf(MSG_DEBUG, "nl80211: sta_remove -> DEL_STATION %s " MACSTR
4077 " --> %d (%s)",
4078 bss->ifname, MAC2STR(addr), ret, strerror(-ret));
4079
4080 if (drv->rtnl_sk)
4081 rtnl_neigh_delete_fdb_entry(bss, addr);
4082
4083 if (ret == -ENOENT)
4084 return 0;
4085 return ret;
4086 }
4087
4088
nl80211_remove_iface(struct wpa_driver_nl80211_data * drv,int ifidx)4089 void nl80211_remove_iface(struct wpa_driver_nl80211_data *drv, int ifidx)
4090 {
4091 struct nl_msg *msg;
4092 struct wpa_driver_nl80211_data *drv2;
4093
4094 wpa_printf(MSG_DEBUG, "nl80211: Remove interface ifindex=%d", ifidx);
4095
4096 /* stop listening for EAPOL on this interface */
4097 dl_list_for_each(drv2, &drv->global->interfaces,
4098 struct wpa_driver_nl80211_data, list)
4099 {
4100 del_ifidx(drv2, ifidx, IFIDX_ANY);
4101 /* Remove all bridges learned for this iface */
4102 del_ifidx(drv2, IFIDX_ANY, ifidx);
4103 }
4104
4105 msg = nl80211_ifindex_msg(drv, ifidx, 0, NL80211_CMD_DEL_INTERFACE);
4106 if (send_and_recv_msgs(drv, msg, NULL, NULL) == 0)
4107 return;
4108 wpa_printf(MSG_ERROR, "Failed to remove interface (ifidx=%d)", ifidx);
4109 }
4110
4111
nl80211_iftype_str(enum nl80211_iftype mode)4112 static const char * nl80211_iftype_str(enum nl80211_iftype mode)
4113 {
4114 switch (mode) {
4115 case NL80211_IFTYPE_ADHOC:
4116 return "ADHOC";
4117 case NL80211_IFTYPE_STATION:
4118 return "STATION";
4119 case NL80211_IFTYPE_AP:
4120 return "AP";
4121 case NL80211_IFTYPE_AP_VLAN:
4122 return "AP_VLAN";
4123 case NL80211_IFTYPE_WDS:
4124 return "WDS";
4125 case NL80211_IFTYPE_MONITOR:
4126 return "MONITOR";
4127 case NL80211_IFTYPE_MESH_POINT:
4128 return "MESH_POINT";
4129 case NL80211_IFTYPE_P2P_CLIENT:
4130 return "P2P_CLIENT";
4131 case NL80211_IFTYPE_P2P_GO:
4132 return "P2P_GO";
4133 case NL80211_IFTYPE_P2P_DEVICE:
4134 return "P2P_DEVICE";
4135 default:
4136 return "unknown";
4137 }
4138 }
4139
4140
nl80211_create_iface_once(struct wpa_driver_nl80211_data * drv,const char * ifname,enum nl80211_iftype iftype,const u8 * addr,int wds,int (* handler)(struct nl_msg *,void *),void * arg)4141 static int nl80211_create_iface_once(struct wpa_driver_nl80211_data *drv,
4142 const char *ifname,
4143 enum nl80211_iftype iftype,
4144 const u8 *addr, int wds,
4145 int (*handler)(struct nl_msg *, void *),
4146 void *arg)
4147 {
4148 struct nl_msg *msg;
4149 int ifidx;
4150 int ret = -ENOBUFS;
4151
4152 wpa_printf(MSG_DEBUG, "nl80211: Create interface iftype %d (%s)",
4153 iftype, nl80211_iftype_str(iftype));
4154
4155 msg = nl80211_cmd_msg(drv->first_bss, 0, NL80211_CMD_NEW_INTERFACE);
4156 if (!msg ||
4157 nla_put_string(msg, NL80211_ATTR_IFNAME, ifname) ||
4158 nla_put_u32(msg, NL80211_ATTR_IFTYPE, iftype))
4159 goto fail;
4160
4161 if (iftype == NL80211_IFTYPE_MONITOR) {
4162 struct nlattr *flags;
4163
4164 flags = nla_nest_start(msg, NL80211_ATTR_MNTR_FLAGS);
4165 if (!flags ||
4166 nla_put_flag(msg, NL80211_MNTR_FLAG_COOK_FRAMES))
4167 goto fail;
4168
4169 nla_nest_end(msg, flags);
4170 } else if (wds) {
4171 if (nla_put_u8(msg, NL80211_ATTR_4ADDR, wds))
4172 goto fail;
4173 }
4174
4175 /*
4176 * Tell cfg80211 that the interface belongs to the socket that created
4177 * it, and the interface should be deleted when the socket is closed.
4178 */
4179 if (nla_put_flag(msg, NL80211_ATTR_IFACE_SOCKET_OWNER))
4180 goto fail;
4181
4182 ret = send_and_recv_msgs(drv, msg, handler, arg);
4183 msg = NULL;
4184 if (ret) {
4185 fail:
4186 nlmsg_free(msg);
4187 wpa_printf(MSG_ERROR, "Failed to create interface %s: %d (%s)",
4188 ifname, ret, strerror(-ret));
4189 return ret;
4190 }
4191
4192 if (iftype == NL80211_IFTYPE_P2P_DEVICE)
4193 return 0;
4194
4195 ifidx = if_nametoindex(ifname);
4196 wpa_printf(MSG_DEBUG, "nl80211: New interface %s created: ifindex=%d",
4197 ifname, ifidx);
4198
4199 if (ifidx <= 0)
4200 return -1;
4201
4202 /*
4203 * Some virtual interfaces need to process EAPOL packets and events on
4204 * the parent interface. This is used mainly with hostapd.
4205 */
4206 if (drv->hostapd ||
4207 iftype == NL80211_IFTYPE_AP_VLAN ||
4208 iftype == NL80211_IFTYPE_WDS ||
4209 iftype == NL80211_IFTYPE_MONITOR) {
4210 /* start listening for EAPOL on this interface */
4211 add_ifidx(drv, ifidx, IFIDX_ANY);
4212 }
4213
4214 if (addr && iftype != NL80211_IFTYPE_MONITOR &&
4215 linux_set_ifhwaddr(drv->global->ioctl_sock, ifname, addr)) {
4216 nl80211_remove_iface(drv, ifidx);
4217 return -1;
4218 }
4219
4220 return ifidx;
4221 }
4222
4223
nl80211_create_iface(struct wpa_driver_nl80211_data * drv,const char * ifname,enum nl80211_iftype iftype,const u8 * addr,int wds,int (* handler)(struct nl_msg *,void *),void * arg,int use_existing)4224 int nl80211_create_iface(struct wpa_driver_nl80211_data *drv,
4225 const char *ifname, enum nl80211_iftype iftype,
4226 const u8 *addr, int wds,
4227 int (*handler)(struct nl_msg *, void *),
4228 void *arg, int use_existing)
4229 {
4230 int ret;
4231
4232 ret = nl80211_create_iface_once(drv, ifname, iftype, addr, wds, handler,
4233 arg);
4234
4235 /* if error occurred and interface exists already */
4236 if (ret == -ENFILE && if_nametoindex(ifname)) {
4237 if (use_existing) {
4238 wpa_printf(MSG_DEBUG, "nl80211: Continue using existing interface %s",
4239 ifname);
4240 if (addr && iftype != NL80211_IFTYPE_MONITOR &&
4241 linux_set_ifhwaddr(drv->global->ioctl_sock, ifname,
4242 addr) < 0 &&
4243 (linux_set_iface_flags(drv->global->ioctl_sock,
4244 ifname, 0) < 0 ||
4245 linux_set_ifhwaddr(drv->global->ioctl_sock, ifname,
4246 addr) < 0 ||
4247 linux_set_iface_flags(drv->global->ioctl_sock,
4248 ifname, 1) < 0))
4249 return -1;
4250 return -ENFILE;
4251 }
4252 wpa_printf(MSG_INFO, "Try to remove and re-create %s", ifname);
4253
4254 /* Try to remove the interface that was already there. */
4255 nl80211_remove_iface(drv, if_nametoindex(ifname));
4256
4257 /* Try to create the interface again */
4258 ret = nl80211_create_iface_once(drv, ifname, iftype, addr,
4259 wds, handler, arg);
4260 }
4261
4262 if (ret >= 0 && is_p2p_net_interface(iftype)) {
4263 wpa_printf(MSG_DEBUG,
4264 "nl80211: Interface %s created for P2P - disable 11b rates",
4265 ifname);
4266 nl80211_disable_11b_rates(drv, ret, 1);
4267 }
4268
4269 return ret;
4270 }
4271
4272
nl80211_setup_ap(struct i802_bss * bss)4273 static int nl80211_setup_ap(struct i802_bss *bss)
4274 {
4275 struct wpa_driver_nl80211_data *drv = bss->drv;
4276
4277 wpa_printf(MSG_DEBUG, "nl80211: Setup AP(%s) - device_ap_sme=%d use_monitor=%d",
4278 bss->ifname, drv->device_ap_sme, drv->use_monitor);
4279
4280 /*
4281 * Disable Probe Request reporting unless we need it in this way for
4282 * devices that include the AP SME, in the other case (unless using
4283 * monitor iface) we'll get it through the nl_mgmt socket instead.
4284 */
4285 if (!drv->device_ap_sme)
4286 wpa_driver_nl80211_probe_req_report(bss, 0);
4287
4288 if (!drv->device_ap_sme && !drv->use_monitor)
4289 if (nl80211_mgmt_subscribe_ap(bss))
4290 return -1;
4291
4292 if (drv->device_ap_sme && !drv->use_monitor)
4293 if (nl80211_mgmt_subscribe_ap_dev_sme(bss))
4294 return -1;
4295
4296 if (!drv->device_ap_sme && drv->use_monitor &&
4297 nl80211_create_monitor_interface(drv) &&
4298 !drv->device_ap_sme)
4299 return -1;
4300
4301 if (drv->device_ap_sme &&
4302 wpa_driver_nl80211_probe_req_report(bss, 1) < 0) {
4303 wpa_printf(MSG_DEBUG, "nl80211: Failed to enable "
4304 "Probe Request frame reporting in AP mode");
4305 /* Try to survive without this */
4306 }
4307
4308 return 0;
4309 }
4310
4311
nl80211_teardown_ap(struct i802_bss * bss)4312 static void nl80211_teardown_ap(struct i802_bss *bss)
4313 {
4314 struct wpa_driver_nl80211_data *drv = bss->drv;
4315
4316 wpa_printf(MSG_DEBUG, "nl80211: Teardown AP(%s) - device_ap_sme=%d use_monitor=%d",
4317 bss->ifname, drv->device_ap_sme, drv->use_monitor);
4318 if (drv->device_ap_sme) {
4319 wpa_driver_nl80211_probe_req_report(bss, 0);
4320 if (!drv->use_monitor)
4321 nl80211_mgmt_unsubscribe(bss, "AP teardown (dev SME)");
4322 } else if (drv->use_monitor)
4323 nl80211_remove_monitor_interface(drv);
4324 else
4325 nl80211_mgmt_unsubscribe(bss, "AP teardown");
4326
4327 bss->beacon_set = 0;
4328 }
4329
4330
nl80211_send_eapol_data(struct i802_bss * bss,const u8 * addr,const u8 * data,size_t data_len)4331 static int nl80211_send_eapol_data(struct i802_bss *bss,
4332 const u8 *addr, const u8 *data,
4333 size_t data_len)
4334 {
4335 struct sockaddr_ll ll;
4336 int ret;
4337
4338 if (bss->drv->eapol_tx_sock < 0) {
4339 wpa_printf(MSG_DEBUG, "nl80211: No socket to send EAPOL");
4340 return -1;
4341 }
4342
4343 os_memset(&ll, 0, sizeof(ll));
4344 ll.sll_family = AF_PACKET;
4345 ll.sll_ifindex = bss->ifindex;
4346 ll.sll_protocol = htons(ETH_P_PAE);
4347 ll.sll_halen = ETH_ALEN;
4348 os_memcpy(ll.sll_addr, addr, ETH_ALEN);
4349 ret = sendto(bss->drv->eapol_tx_sock, data, data_len, 0,
4350 (struct sockaddr *) &ll, sizeof(ll));
4351 if (ret < 0)
4352 wpa_printf(MSG_ERROR, "nl80211: EAPOL TX: %s",
4353 strerror(errno));
4354
4355 return ret;
4356 }
4357
4358
4359 static const u8 rfc1042_header[6] = { 0xaa, 0xaa, 0x03, 0x00, 0x00, 0x00 };
4360
wpa_driver_nl80211_hapd_send_eapol(void * priv,const u8 * addr,const u8 * data,size_t data_len,int encrypt,const u8 * own_addr,u32 flags)4361 static int wpa_driver_nl80211_hapd_send_eapol(
4362 void *priv, const u8 *addr, const u8 *data,
4363 size_t data_len, int encrypt, const u8 *own_addr, u32 flags)
4364 {
4365 struct i802_bss *bss = priv;
4366 struct wpa_driver_nl80211_data *drv = bss->drv;
4367 struct ieee80211_hdr *hdr;
4368 size_t len;
4369 u8 *pos;
4370 int res;
4371 int qos = flags & WPA_STA_WMM;
4372
4373 if (drv->device_ap_sme || !drv->use_monitor)
4374 return nl80211_send_eapol_data(bss, addr, data, data_len);
4375
4376 len = sizeof(*hdr) + (qos ? 2 : 0) + sizeof(rfc1042_header) + 2 +
4377 data_len;
4378 hdr = os_zalloc(len);
4379 if (hdr == NULL) {
4380 wpa_printf(MSG_INFO, "nl80211: Failed to allocate EAPOL buffer(len=%lu)",
4381 (unsigned long) len);
4382 return -1;
4383 }
4384
4385 hdr->frame_control =
4386 IEEE80211_FC(WLAN_FC_TYPE_DATA, WLAN_FC_STYPE_DATA);
4387 hdr->frame_control |= host_to_le16(WLAN_FC_FROMDS);
4388 if (encrypt)
4389 hdr->frame_control |= host_to_le16(WLAN_FC_ISWEP);
4390 if (qos) {
4391 hdr->frame_control |=
4392 host_to_le16(WLAN_FC_STYPE_QOS_DATA << 4);
4393 }
4394
4395 memcpy(hdr->IEEE80211_DA_FROMDS, addr, ETH_ALEN);
4396 memcpy(hdr->IEEE80211_BSSID_FROMDS, own_addr, ETH_ALEN);
4397 memcpy(hdr->IEEE80211_SA_FROMDS, own_addr, ETH_ALEN);
4398 pos = (u8 *) (hdr + 1);
4399
4400 if (qos) {
4401 /* Set highest priority in QoS header */
4402 pos[0] = 7;
4403 pos[1] = 0;
4404 pos += 2;
4405 }
4406
4407 memcpy(pos, rfc1042_header, sizeof(rfc1042_header));
4408 pos += sizeof(rfc1042_header);
4409 WPA_PUT_BE16(pos, ETH_P_PAE);
4410 pos += 2;
4411 memcpy(pos, data, data_len);
4412
4413 res = wpa_driver_nl80211_send_frame(bss, (u8 *) hdr, len, encrypt, 0,
4414 0, 0, 0, 0, NULL, 0);
4415 if (res < 0) {
4416 wpa_printf(MSG_ERROR, "i802_send_eapol - packet len: %lu - "
4417 "failed: %d (%s)",
4418 (unsigned long) len, errno, strerror(errno));
4419 }
4420 os_free(hdr);
4421
4422 return res;
4423 }
4424
4425
wpa_driver_nl80211_sta_set_flags(void * priv,const u8 * addr,unsigned int total_flags,unsigned int flags_or,unsigned int flags_and)4426 static int wpa_driver_nl80211_sta_set_flags(void *priv, const u8 *addr,
4427 unsigned int total_flags,
4428 unsigned int flags_or,
4429 unsigned int flags_and)
4430 {
4431 struct i802_bss *bss = priv;
4432 struct nl_msg *msg;
4433 struct nlattr *flags;
4434 struct nl80211_sta_flag_update upd;
4435
4436 wpa_printf(MSG_DEBUG, "nl80211: Set STA flags - ifname=%s addr=" MACSTR
4437 " total_flags=0x%x flags_or=0x%x flags_and=0x%x authorized=%d",
4438 bss->ifname, MAC2STR(addr), total_flags, flags_or, flags_and,
4439 !!(total_flags & WPA_STA_AUTHORIZED));
4440
4441 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_STATION)) ||
4442 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr))
4443 goto fail;
4444
4445 /*
4446 * Backwards compatibility version using NL80211_ATTR_STA_FLAGS. This
4447 * can be removed eventually.
4448 */
4449 flags = nla_nest_start(msg, NL80211_ATTR_STA_FLAGS);
4450 if (!flags ||
4451 ((total_flags & WPA_STA_AUTHORIZED) &&
4452 nla_put_flag(msg, NL80211_STA_FLAG_AUTHORIZED)) ||
4453 ((total_flags & WPA_STA_WMM) &&
4454 nla_put_flag(msg, NL80211_STA_FLAG_WME)) ||
4455 ((total_flags & WPA_STA_SHORT_PREAMBLE) &&
4456 nla_put_flag(msg, NL80211_STA_FLAG_SHORT_PREAMBLE)) ||
4457 ((total_flags & WPA_STA_MFP) &&
4458 nla_put_flag(msg, NL80211_STA_FLAG_MFP)) ||
4459 ((total_flags & WPA_STA_TDLS_PEER) &&
4460 nla_put_flag(msg, NL80211_STA_FLAG_TDLS_PEER)))
4461 goto fail;
4462
4463 nla_nest_end(msg, flags);
4464
4465 os_memset(&upd, 0, sizeof(upd));
4466 upd.mask = sta_flags_nl80211(flags_or | ~flags_and);
4467 upd.set = sta_flags_nl80211(flags_or);
4468 if (nla_put(msg, NL80211_ATTR_STA_FLAGS2, sizeof(upd), &upd))
4469 goto fail;
4470
4471 return send_and_recv_msgs(bss->drv, msg, NULL, NULL);
4472 fail:
4473 nlmsg_free(msg);
4474 return -ENOBUFS;
4475 }
4476
4477
wpa_driver_nl80211_ap(struct wpa_driver_nl80211_data * drv,struct wpa_driver_associate_params * params)4478 static int wpa_driver_nl80211_ap(struct wpa_driver_nl80211_data *drv,
4479 struct wpa_driver_associate_params *params)
4480 {
4481 enum nl80211_iftype nlmode, old_mode;
4482
4483 if (params->p2p) {
4484 wpa_printf(MSG_DEBUG, "nl80211: Setup AP operations for P2P "
4485 "group (GO)");
4486 nlmode = NL80211_IFTYPE_P2P_GO;
4487 } else
4488 nlmode = NL80211_IFTYPE_AP;
4489
4490 old_mode = drv->nlmode;
4491 if (wpa_driver_nl80211_set_mode(drv->first_bss, nlmode)) {
4492 nl80211_remove_monitor_interface(drv);
4493 return -1;
4494 }
4495
4496 if (params->freq.freq &&
4497 nl80211_set_channel(drv->first_bss, ¶ms->freq, 0)) {
4498 if (old_mode != nlmode)
4499 wpa_driver_nl80211_set_mode(drv->first_bss, old_mode);
4500 nl80211_remove_monitor_interface(drv);
4501 return -1;
4502 }
4503
4504 return 0;
4505 }
4506
4507
nl80211_leave_ibss(struct wpa_driver_nl80211_data * drv,int reset_mode)4508 static int nl80211_leave_ibss(struct wpa_driver_nl80211_data *drv,
4509 int reset_mode)
4510 {
4511 struct nl_msg *msg;
4512 int ret;
4513
4514 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_LEAVE_IBSS);
4515 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
4516 if (ret) {
4517 wpa_printf(MSG_DEBUG, "nl80211: Leave IBSS failed: ret=%d "
4518 "(%s)", ret, strerror(-ret));
4519 } else {
4520 wpa_printf(MSG_DEBUG,
4521 "nl80211: Leave IBSS request sent successfully");
4522 }
4523
4524 if (reset_mode &&
4525 wpa_driver_nl80211_set_mode(drv->first_bss,
4526 NL80211_IFTYPE_STATION)) {
4527 wpa_printf(MSG_INFO, "nl80211: Failed to set interface into "
4528 "station mode");
4529 }
4530
4531 return ret;
4532 }
4533
4534
nl80211_ht_vht_overrides(struct nl_msg * msg,struct wpa_driver_associate_params * params)4535 static int nl80211_ht_vht_overrides(struct nl_msg *msg,
4536 struct wpa_driver_associate_params *params)
4537 {
4538 if (params->disable_ht && nla_put_flag(msg, NL80211_ATTR_DISABLE_HT))
4539 return -1;
4540
4541 if (params->htcaps && params->htcaps_mask) {
4542 int sz = sizeof(struct ieee80211_ht_capabilities);
4543 wpa_hexdump(MSG_DEBUG, " * htcaps", params->htcaps, sz);
4544 wpa_hexdump(MSG_DEBUG, " * htcaps_mask",
4545 params->htcaps_mask, sz);
4546 if (nla_put(msg, NL80211_ATTR_HT_CAPABILITY, sz,
4547 params->htcaps) ||
4548 nla_put(msg, NL80211_ATTR_HT_CAPABILITY_MASK, sz,
4549 params->htcaps_mask))
4550 return -1;
4551 }
4552
4553 #ifdef CONFIG_VHT_OVERRIDES
4554 if (params->disable_vht) {
4555 wpa_printf(MSG_DEBUG, " * VHT disabled");
4556 if (nla_put_flag(msg, NL80211_ATTR_DISABLE_VHT))
4557 return -1;
4558 }
4559
4560 if (params->vhtcaps && params->vhtcaps_mask) {
4561 int sz = sizeof(struct ieee80211_vht_capabilities);
4562 wpa_hexdump(MSG_DEBUG, " * vhtcaps", params->vhtcaps, sz);
4563 wpa_hexdump(MSG_DEBUG, " * vhtcaps_mask",
4564 params->vhtcaps_mask, sz);
4565 if (nla_put(msg, NL80211_ATTR_VHT_CAPABILITY, sz,
4566 params->vhtcaps) ||
4567 nla_put(msg, NL80211_ATTR_VHT_CAPABILITY_MASK, sz,
4568 params->vhtcaps_mask))
4569 return -1;
4570 }
4571 #endif /* CONFIG_VHT_OVERRIDES */
4572
4573 return 0;
4574 }
4575
4576
wpa_driver_nl80211_ibss(struct wpa_driver_nl80211_data * drv,struct wpa_driver_associate_params * params)4577 static int wpa_driver_nl80211_ibss(struct wpa_driver_nl80211_data *drv,
4578 struct wpa_driver_associate_params *params)
4579 {
4580 struct nl_msg *msg;
4581 int ret = -1;
4582 int count = 0;
4583
4584 wpa_printf(MSG_DEBUG, "nl80211: Join IBSS (ifindex=%d)", drv->ifindex);
4585
4586 if (wpa_driver_nl80211_set_mode_ibss(drv->first_bss, ¶ms->freq)) {
4587 wpa_printf(MSG_INFO, "nl80211: Failed to set interface into "
4588 "IBSS mode");
4589 return -1;
4590 }
4591
4592 retry:
4593 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_JOIN_IBSS)) ||
4594 params->ssid == NULL || params->ssid_len > sizeof(drv->ssid))
4595 goto fail;
4596
4597 wpa_hexdump_ascii(MSG_DEBUG, " * SSID",
4598 params->ssid, params->ssid_len);
4599 if (nla_put(msg, NL80211_ATTR_SSID, params->ssid_len, params->ssid))
4600 goto fail;
4601 os_memcpy(drv->ssid, params->ssid, params->ssid_len);
4602 drv->ssid_len = params->ssid_len;
4603
4604 if (nl80211_put_freq_params(msg, ¶ms->freq) < 0 ||
4605 nl80211_put_beacon_int(msg, params->beacon_int))
4606 goto fail;
4607
4608 ret = nl80211_set_conn_keys(params, msg);
4609 if (ret)
4610 goto fail;
4611
4612 if (params->bssid && params->fixed_bssid) {
4613 wpa_printf(MSG_DEBUG, " * BSSID=" MACSTR,
4614 MAC2STR(params->bssid));
4615 if (nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid))
4616 goto fail;
4617 }
4618
4619 if (params->fixed_freq) {
4620 wpa_printf(MSG_DEBUG, " * fixed_freq");
4621 if (nla_put_flag(msg, NL80211_ATTR_FREQ_FIXED))
4622 goto fail;
4623 }
4624
4625 if (params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
4626 params->key_mgmt_suite == WPA_KEY_MGMT_PSK ||
4627 params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
4628 params->key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256) {
4629 wpa_printf(MSG_DEBUG, " * control port");
4630 if (nla_put_flag(msg, NL80211_ATTR_CONTROL_PORT))
4631 goto fail;
4632 }
4633
4634 if (params->wpa_ie) {
4635 wpa_hexdump(MSG_DEBUG,
4636 " * Extra IEs for Beacon/Probe Response frames",
4637 params->wpa_ie, params->wpa_ie_len);
4638 if (nla_put(msg, NL80211_ATTR_IE, params->wpa_ie_len,
4639 params->wpa_ie))
4640 goto fail;
4641 }
4642
4643 ret = nl80211_ht_vht_overrides(msg, params);
4644 if (ret < 0)
4645 goto fail;
4646
4647 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
4648 msg = NULL;
4649 if (ret) {
4650 wpa_printf(MSG_DEBUG, "nl80211: Join IBSS failed: ret=%d (%s)",
4651 ret, strerror(-ret));
4652 count++;
4653 if (ret == -EALREADY && count == 1) {
4654 wpa_printf(MSG_DEBUG, "nl80211: Retry IBSS join after "
4655 "forced leave");
4656 nl80211_leave_ibss(drv, 0);
4657 nlmsg_free(msg);
4658 goto retry;
4659 }
4660 } else {
4661 wpa_printf(MSG_DEBUG,
4662 "nl80211: Join IBSS request sent successfully");
4663 }
4664
4665 fail:
4666 nlmsg_free(msg);
4667 return ret;
4668 }
4669
4670
nl80211_connect_common(struct wpa_driver_nl80211_data * drv,struct wpa_driver_associate_params * params,struct nl_msg * msg)4671 static int nl80211_connect_common(struct wpa_driver_nl80211_data *drv,
4672 struct wpa_driver_associate_params *params,
4673 struct nl_msg *msg)
4674 {
4675 if (params->bssid) {
4676 wpa_printf(MSG_DEBUG, " * bssid=" MACSTR,
4677 MAC2STR(params->bssid));
4678 if (nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid))
4679 return -1;
4680 }
4681
4682 if (params->bssid_hint) {
4683 wpa_printf(MSG_DEBUG, " * bssid_hint=" MACSTR,
4684 MAC2STR(params->bssid_hint));
4685 if (nla_put(msg, NL80211_ATTR_MAC_HINT, ETH_ALEN,
4686 params->bssid_hint))
4687 return -1;
4688 }
4689
4690 if (params->freq.freq) {
4691 wpa_printf(MSG_DEBUG, " * freq=%d", params->freq.freq);
4692 if (nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ,
4693 params->freq.freq))
4694 return -1;
4695 drv->assoc_freq = params->freq.freq;
4696 } else
4697 drv->assoc_freq = 0;
4698
4699 if (params->freq_hint) {
4700 wpa_printf(MSG_DEBUG, " * freq_hint=%d", params->freq_hint);
4701 if (nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ_HINT,
4702 params->freq_hint))
4703 return -1;
4704 }
4705
4706 if (params->bg_scan_period >= 0) {
4707 wpa_printf(MSG_DEBUG, " * bg scan period=%d",
4708 params->bg_scan_period);
4709 if (nla_put_u16(msg, NL80211_ATTR_BG_SCAN_PERIOD,
4710 params->bg_scan_period))
4711 return -1;
4712 }
4713
4714 if (params->ssid) {
4715 wpa_hexdump_ascii(MSG_DEBUG, " * SSID",
4716 params->ssid, params->ssid_len);
4717 if (nla_put(msg, NL80211_ATTR_SSID, params->ssid_len,
4718 params->ssid))
4719 return -1;
4720 if (params->ssid_len > sizeof(drv->ssid))
4721 return -1;
4722 os_memcpy(drv->ssid, params->ssid, params->ssid_len);
4723 drv->ssid_len = params->ssid_len;
4724 }
4725
4726 wpa_hexdump(MSG_DEBUG, " * IEs", params->wpa_ie, params->wpa_ie_len);
4727 if (params->wpa_ie &&
4728 nla_put(msg, NL80211_ATTR_IE, params->wpa_ie_len, params->wpa_ie))
4729 return -1;
4730
4731 if (params->wpa_proto) {
4732 enum nl80211_wpa_versions ver = 0;
4733
4734 if (params->wpa_proto & WPA_PROTO_WPA)
4735 ver |= NL80211_WPA_VERSION_1;
4736 if (params->wpa_proto & WPA_PROTO_RSN)
4737 ver |= NL80211_WPA_VERSION_2;
4738
4739 wpa_printf(MSG_DEBUG, " * WPA Versions 0x%x", ver);
4740 if (nla_put_u32(msg, NL80211_ATTR_WPA_VERSIONS, ver))
4741 return -1;
4742 }
4743
4744 if (params->pairwise_suite != WPA_CIPHER_NONE) {
4745 u32 cipher = wpa_cipher_to_cipher_suite(params->pairwise_suite);
4746 wpa_printf(MSG_DEBUG, " * pairwise=0x%x", cipher);
4747 if (nla_put_u32(msg, NL80211_ATTR_CIPHER_SUITES_PAIRWISE,
4748 cipher))
4749 return -1;
4750 }
4751
4752 if (params->group_suite == WPA_CIPHER_GTK_NOT_USED &&
4753 !(drv->capa.enc & WPA_DRIVER_CAPA_ENC_GTK_NOT_USED)) {
4754 /*
4755 * This is likely to work even though many drivers do not
4756 * advertise support for operations without GTK.
4757 */
4758 wpa_printf(MSG_DEBUG, " * skip group cipher configuration for GTK_NOT_USED due to missing driver support advertisement");
4759 } else if (params->group_suite != WPA_CIPHER_NONE) {
4760 u32 cipher = wpa_cipher_to_cipher_suite(params->group_suite);
4761 wpa_printf(MSG_DEBUG, " * group=0x%x", cipher);
4762 if (nla_put_u32(msg, NL80211_ATTR_CIPHER_SUITE_GROUP, cipher))
4763 return -1;
4764 }
4765
4766 if (params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
4767 params->key_mgmt_suite == WPA_KEY_MGMT_PSK ||
4768 params->key_mgmt_suite == WPA_KEY_MGMT_FT_IEEE8021X ||
4769 params->key_mgmt_suite == WPA_KEY_MGMT_FT_PSK ||
4770 params->key_mgmt_suite == WPA_KEY_MGMT_CCKM ||
4771 params->key_mgmt_suite == WPA_KEY_MGMT_OSEN ||
4772 params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
4773 params->key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256 ||
4774 params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B ||
4775 params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) {
4776 int mgmt = WLAN_AKM_SUITE_PSK;
4777
4778 switch (params->key_mgmt_suite) {
4779 case WPA_KEY_MGMT_CCKM:
4780 mgmt = WLAN_AKM_SUITE_CCKM;
4781 break;
4782 case WPA_KEY_MGMT_IEEE8021X:
4783 mgmt = WLAN_AKM_SUITE_8021X;
4784 break;
4785 case WPA_KEY_MGMT_FT_IEEE8021X:
4786 mgmt = WLAN_AKM_SUITE_FT_8021X;
4787 break;
4788 case WPA_KEY_MGMT_FT_PSK:
4789 mgmt = WLAN_AKM_SUITE_FT_PSK;
4790 break;
4791 case WPA_KEY_MGMT_IEEE8021X_SHA256:
4792 mgmt = WLAN_AKM_SUITE_8021X_SHA256;
4793 break;
4794 case WPA_KEY_MGMT_PSK_SHA256:
4795 mgmt = WLAN_AKM_SUITE_PSK_SHA256;
4796 break;
4797 case WPA_KEY_MGMT_OSEN:
4798 mgmt = WLAN_AKM_SUITE_OSEN;
4799 break;
4800 case WPA_KEY_MGMT_IEEE8021X_SUITE_B:
4801 mgmt = WLAN_AKM_SUITE_8021X_SUITE_B;
4802 break;
4803 case WPA_KEY_MGMT_IEEE8021X_SUITE_B_192:
4804 mgmt = WLAN_AKM_SUITE_8021X_SUITE_B_192;
4805 break;
4806 case WPA_KEY_MGMT_PSK:
4807 default:
4808 mgmt = WLAN_AKM_SUITE_PSK;
4809 break;
4810 }
4811 wpa_printf(MSG_DEBUG, " * akm=0x%x", mgmt);
4812 if (nla_put_u32(msg, NL80211_ATTR_AKM_SUITES, mgmt))
4813 return -1;
4814 }
4815
4816 if (nla_put_flag(msg, NL80211_ATTR_CONTROL_PORT))
4817 return -1;
4818
4819 if (params->mgmt_frame_protection == MGMT_FRAME_PROTECTION_REQUIRED &&
4820 nla_put_u32(msg, NL80211_ATTR_USE_MFP, NL80211_MFP_REQUIRED))
4821 return -1;
4822
4823 if (params->rrm_used) {
4824 u32 drv_rrm_flags = drv->capa.rrm_flags;
4825 if (!(drv_rrm_flags &
4826 WPA_DRIVER_FLAGS_DS_PARAM_SET_IE_IN_PROBES) ||
4827 !(drv_rrm_flags & WPA_DRIVER_FLAGS_QUIET) ||
4828 nla_put_flag(msg, NL80211_ATTR_USE_RRM))
4829 return -1;
4830 }
4831
4832 if (nl80211_ht_vht_overrides(msg, params) < 0)
4833 return -1;
4834
4835 if (params->p2p)
4836 wpa_printf(MSG_DEBUG, " * P2P group");
4837
4838 if (params->pbss) {
4839 wpa_printf(MSG_DEBUG, " * PBSS");
4840 if (nla_put_flag(msg, NL80211_ATTR_PBSS))
4841 return -1;
4842 }
4843
4844 drv->connect_reassoc = 0;
4845 if (params->prev_bssid) {
4846 wpa_printf(MSG_DEBUG, " * prev_bssid=" MACSTR,
4847 MAC2STR(params->prev_bssid));
4848 if (nla_put(msg, NL80211_ATTR_PREV_BSSID, ETH_ALEN,
4849 params->prev_bssid))
4850 return -1;
4851 drv->connect_reassoc = 1;
4852 }
4853
4854 return 0;
4855 }
4856
4857
wpa_driver_nl80211_try_connect(struct wpa_driver_nl80211_data * drv,struct wpa_driver_associate_params * params)4858 static int wpa_driver_nl80211_try_connect(
4859 struct wpa_driver_nl80211_data *drv,
4860 struct wpa_driver_associate_params *params)
4861 {
4862 struct nl_msg *msg;
4863 enum nl80211_auth_type type;
4864 int ret;
4865 int algs;
4866
4867 #ifdef CONFIG_DRIVER_NL80211_QCA
4868 if (params->req_key_mgmt_offload && params->psk &&
4869 (params->key_mgmt_suite == WPA_KEY_MGMT_PSK ||
4870 params->key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256 ||
4871 params->key_mgmt_suite == WPA_KEY_MGMT_FT_PSK)) {
4872 wpa_printf(MSG_DEBUG, "nl80211: Key management set PSK");
4873 ret = issue_key_mgmt_set_key(drv, params->psk, 32);
4874 if (ret)
4875 return ret;
4876 }
4877 #endif /* CONFIG_DRIVER_NL80211_QCA */
4878
4879 wpa_printf(MSG_DEBUG, "nl80211: Connect (ifindex=%d)", drv->ifindex);
4880 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_CONNECT);
4881 if (!msg)
4882 return -1;
4883
4884 ret = nl80211_connect_common(drv, params, msg);
4885 if (ret)
4886 goto fail;
4887
4888 algs = 0;
4889 if (params->auth_alg & WPA_AUTH_ALG_OPEN)
4890 algs++;
4891 if (params->auth_alg & WPA_AUTH_ALG_SHARED)
4892 algs++;
4893 if (params->auth_alg & WPA_AUTH_ALG_LEAP)
4894 algs++;
4895 if (algs > 1) {
4896 wpa_printf(MSG_DEBUG, " * Leave out Auth Type for automatic "
4897 "selection");
4898 goto skip_auth_type;
4899 }
4900
4901 if (params->auth_alg & WPA_AUTH_ALG_OPEN)
4902 type = NL80211_AUTHTYPE_OPEN_SYSTEM;
4903 else if (params->auth_alg & WPA_AUTH_ALG_SHARED)
4904 type = NL80211_AUTHTYPE_SHARED_KEY;
4905 else if (params->auth_alg & WPA_AUTH_ALG_LEAP)
4906 type = NL80211_AUTHTYPE_NETWORK_EAP;
4907 else if (params->auth_alg & WPA_AUTH_ALG_FT)
4908 type = NL80211_AUTHTYPE_FT;
4909 else
4910 goto fail;
4911
4912 wpa_printf(MSG_DEBUG, " * Auth Type %d", type);
4913 if (nla_put_u32(msg, NL80211_ATTR_AUTH_TYPE, type))
4914 goto fail;
4915
4916 skip_auth_type:
4917 ret = nl80211_set_conn_keys(params, msg);
4918 if (ret)
4919 goto fail;
4920
4921 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
4922 msg = NULL;
4923 if (ret) {
4924 wpa_printf(MSG_DEBUG, "nl80211: MLME connect failed: ret=%d "
4925 "(%s)", ret, strerror(-ret));
4926 } else {
4927 wpa_printf(MSG_DEBUG,
4928 "nl80211: Connect request send successfully");
4929 }
4930
4931 fail:
4932 nlmsg_free(msg);
4933 return ret;
4934
4935 }
4936
4937
wpa_driver_nl80211_connect(struct wpa_driver_nl80211_data * drv,struct wpa_driver_associate_params * params)4938 static int wpa_driver_nl80211_connect(
4939 struct wpa_driver_nl80211_data *drv,
4940 struct wpa_driver_associate_params *params)
4941 {
4942 int ret;
4943
4944 /* Store the connection attempted bssid for future use */
4945 if (params->bssid)
4946 os_memcpy(drv->auth_attempt_bssid, params->bssid, ETH_ALEN);
4947 else
4948 os_memset(drv->auth_attempt_bssid, 0, ETH_ALEN);
4949
4950 ret = wpa_driver_nl80211_try_connect(drv, params);
4951 if (ret == -EALREADY) {
4952 /*
4953 * cfg80211 does not currently accept new connections if
4954 * we are already connected. As a workaround, force
4955 * disconnection and try again.
4956 */
4957 wpa_printf(MSG_DEBUG, "nl80211: Explicitly "
4958 "disconnecting before reassociation "
4959 "attempt");
4960 if (wpa_driver_nl80211_disconnect(
4961 drv, WLAN_REASON_PREV_AUTH_NOT_VALID))
4962 return -1;
4963 ret = wpa_driver_nl80211_try_connect(drv, params);
4964 }
4965 return ret;
4966 }
4967
4968
wpa_driver_nl80211_associate(void * priv,struct wpa_driver_associate_params * params)4969 static int wpa_driver_nl80211_associate(
4970 void *priv, struct wpa_driver_associate_params *params)
4971 {
4972 struct i802_bss *bss = priv;
4973 struct wpa_driver_nl80211_data *drv = bss->drv;
4974 int ret = -1;
4975 struct nl_msg *msg;
4976
4977 nl80211_unmask_11b_rates(bss);
4978
4979 if (params->mode == IEEE80211_MODE_AP)
4980 return wpa_driver_nl80211_ap(drv, params);
4981
4982 if (params->mode == IEEE80211_MODE_IBSS)
4983 return wpa_driver_nl80211_ibss(drv, params);
4984
4985 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME)) {
4986 enum nl80211_iftype nlmode = params->p2p ?
4987 NL80211_IFTYPE_P2P_CLIENT : NL80211_IFTYPE_STATION;
4988
4989 if (wpa_driver_nl80211_set_mode(priv, nlmode) < 0)
4990 return -1;
4991 return wpa_driver_nl80211_connect(drv, params);
4992 }
4993
4994 nl80211_mark_disconnected(drv);
4995
4996 wpa_printf(MSG_DEBUG, "nl80211: Associate (ifindex=%d)",
4997 drv->ifindex);
4998 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_ASSOCIATE);
4999 if (!msg)
5000 return -1;
5001
5002 ret = nl80211_connect_common(drv, params, msg);
5003 if (ret)
5004 goto fail;
5005
5006 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
5007 msg = NULL;
5008 if (ret) {
5009 wpa_dbg(drv->ctx, MSG_DEBUG,
5010 "nl80211: MLME command failed (assoc): ret=%d (%s)",
5011 ret, strerror(-ret));
5012 nl80211_dump_scan(drv);
5013 } else {
5014 wpa_printf(MSG_DEBUG,
5015 "nl80211: Association request send successfully");
5016 }
5017
5018 fail:
5019 nlmsg_free(msg);
5020 return ret;
5021 }
5022
5023
nl80211_set_mode(struct wpa_driver_nl80211_data * drv,int ifindex,enum nl80211_iftype mode)5024 static int nl80211_set_mode(struct wpa_driver_nl80211_data *drv,
5025 int ifindex, enum nl80211_iftype mode)
5026 {
5027 struct nl_msg *msg;
5028 int ret = -ENOBUFS;
5029
5030 wpa_printf(MSG_DEBUG, "nl80211: Set mode ifindex %d iftype %d (%s)",
5031 ifindex, mode, nl80211_iftype_str(mode));
5032
5033 msg = nl80211_cmd_msg(drv->first_bss, 0, NL80211_CMD_SET_INTERFACE);
5034 if (!msg || nla_put_u32(msg, NL80211_ATTR_IFTYPE, mode))
5035 goto fail;
5036
5037 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
5038 msg = NULL;
5039 if (!ret)
5040 return 0;
5041 fail:
5042 nlmsg_free(msg);
5043 wpa_printf(MSG_DEBUG, "nl80211: Failed to set interface %d to mode %d:"
5044 " %d (%s)", ifindex, mode, ret, strerror(-ret));
5045 return ret;
5046 }
5047
5048
wpa_driver_nl80211_set_mode_impl(struct i802_bss * bss,enum nl80211_iftype nlmode,struct hostapd_freq_params * desired_freq_params)5049 static int wpa_driver_nl80211_set_mode_impl(
5050 struct i802_bss *bss,
5051 enum nl80211_iftype nlmode,
5052 struct hostapd_freq_params *desired_freq_params)
5053 {
5054 struct wpa_driver_nl80211_data *drv = bss->drv;
5055 int ret = -1;
5056 int i;
5057 int was_ap = is_ap_interface(drv->nlmode);
5058 int res;
5059 int mode_switch_res;
5060
5061 mode_switch_res = nl80211_set_mode(drv, drv->ifindex, nlmode);
5062 if (mode_switch_res && nlmode == nl80211_get_ifmode(bss))
5063 mode_switch_res = 0;
5064
5065 if (mode_switch_res == 0) {
5066 drv->nlmode = nlmode;
5067 ret = 0;
5068 goto done;
5069 }
5070
5071 if (mode_switch_res == -ENODEV)
5072 return -1;
5073
5074 if (nlmode == drv->nlmode) {
5075 wpa_printf(MSG_DEBUG, "nl80211: Interface already in "
5076 "requested mode - ignore error");
5077 ret = 0;
5078 goto done; /* Already in the requested mode */
5079 }
5080
5081 /* mac80211 doesn't allow mode changes while the device is up, so
5082 * take the device down, try to set the mode again, and bring the
5083 * device back up.
5084 */
5085 wpa_printf(MSG_DEBUG, "nl80211: Try mode change after setting "
5086 "interface down");
5087 for (i = 0; i < 10; i++) {
5088 res = i802_set_iface_flags(bss, 0);
5089 if (res == -EACCES || res == -ENODEV)
5090 break;
5091 if (res != 0) {
5092 wpa_printf(MSG_DEBUG, "nl80211: Failed to set "
5093 "interface down");
5094 os_sleep(0, 100000);
5095 continue;
5096 }
5097
5098 /*
5099 * Setting the mode will fail for some drivers if the phy is
5100 * on a frequency that the mode is disallowed in.
5101 */
5102 if (desired_freq_params) {
5103 res = nl80211_set_channel(bss, desired_freq_params, 0);
5104 if (res) {
5105 wpa_printf(MSG_DEBUG,
5106 "nl80211: Failed to set frequency on interface");
5107 }
5108 }
5109
5110 /* Try to set the mode again while the interface is down */
5111 mode_switch_res = nl80211_set_mode(drv, drv->ifindex, nlmode);
5112 if (mode_switch_res == -EBUSY) {
5113 wpa_printf(MSG_DEBUG,
5114 "nl80211: Delaying mode set while interface going down");
5115 os_sleep(0, 100000);
5116 continue;
5117 }
5118 ret = mode_switch_res;
5119 break;
5120 }
5121
5122 if (!ret) {
5123 wpa_printf(MSG_DEBUG, "nl80211: Mode change succeeded while "
5124 "interface is down");
5125 drv->nlmode = nlmode;
5126 drv->ignore_if_down_event = 1;
5127 }
5128
5129 /* Bring the interface back up */
5130 res = linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 1);
5131 if (res != 0) {
5132 wpa_printf(MSG_DEBUG,
5133 "nl80211: Failed to set interface up after switching mode");
5134 ret = -1;
5135 }
5136
5137 done:
5138 if (ret) {
5139 wpa_printf(MSG_DEBUG, "nl80211: Interface mode change to %d "
5140 "from %d failed", nlmode, drv->nlmode);
5141 return ret;
5142 }
5143
5144 if (is_p2p_net_interface(nlmode)) {
5145 wpa_printf(MSG_DEBUG,
5146 "nl80211: Interface %s mode change to P2P - disable 11b rates",
5147 bss->ifname);
5148 nl80211_disable_11b_rates(drv, drv->ifindex, 1);
5149 } else if (drv->disabled_11b_rates) {
5150 wpa_printf(MSG_DEBUG,
5151 "nl80211: Interface %s mode changed to non-P2P - re-enable 11b rates",
5152 bss->ifname);
5153 nl80211_disable_11b_rates(drv, drv->ifindex, 0);
5154 }
5155
5156 if (is_ap_interface(nlmode)) {
5157 nl80211_mgmt_unsubscribe(bss, "start AP");
5158 /* Setup additional AP mode functionality if needed */
5159 if (nl80211_setup_ap(bss))
5160 return -1;
5161 } else if (was_ap) {
5162 /* Remove additional AP mode functionality */
5163 nl80211_teardown_ap(bss);
5164 } else {
5165 nl80211_mgmt_unsubscribe(bss, "mode change");
5166 }
5167
5168 if (is_mesh_interface(nlmode) &&
5169 nl80211_mgmt_subscribe_mesh(bss))
5170 return -1;
5171
5172 if (!bss->in_deinit && !is_ap_interface(nlmode) &&
5173 !is_mesh_interface(nlmode) &&
5174 nl80211_mgmt_subscribe_non_ap(bss) < 0)
5175 wpa_printf(MSG_DEBUG, "nl80211: Failed to register Action "
5176 "frame processing - ignore for now");
5177
5178 return 0;
5179 }
5180
5181
wpa_driver_nl80211_set_mode(struct i802_bss * bss,enum nl80211_iftype nlmode)5182 int wpa_driver_nl80211_set_mode(struct i802_bss *bss,
5183 enum nl80211_iftype nlmode)
5184 {
5185 return wpa_driver_nl80211_set_mode_impl(bss, nlmode, NULL);
5186 }
5187
5188
wpa_driver_nl80211_set_mode_ibss(struct i802_bss * bss,struct hostapd_freq_params * freq)5189 static int wpa_driver_nl80211_set_mode_ibss(struct i802_bss *bss,
5190 struct hostapd_freq_params *freq)
5191 {
5192 return wpa_driver_nl80211_set_mode_impl(bss, NL80211_IFTYPE_ADHOC,
5193 freq);
5194 }
5195
5196
wpa_driver_nl80211_get_capa(void * priv,struct wpa_driver_capa * capa)5197 static int wpa_driver_nl80211_get_capa(void *priv,
5198 struct wpa_driver_capa *capa)
5199 {
5200 struct i802_bss *bss = priv;
5201 struct wpa_driver_nl80211_data *drv = bss->drv;
5202
5203 if (!drv->has_capability)
5204 return -1;
5205 os_memcpy(capa, &drv->capa, sizeof(*capa));
5206 if (drv->extended_capa && drv->extended_capa_mask) {
5207 capa->extended_capa = drv->extended_capa;
5208 capa->extended_capa_mask = drv->extended_capa_mask;
5209 capa->extended_capa_len = drv->extended_capa_len;
5210 }
5211
5212 return 0;
5213 }
5214
5215
wpa_driver_nl80211_set_operstate(void * priv,int state)5216 static int wpa_driver_nl80211_set_operstate(void *priv, int state)
5217 {
5218 struct i802_bss *bss = priv;
5219 struct wpa_driver_nl80211_data *drv = bss->drv;
5220
5221 wpa_printf(MSG_DEBUG, "nl80211: Set %s operstate %d->%d (%s)",
5222 bss->ifname, drv->operstate, state,
5223 state ? "UP" : "DORMANT");
5224 drv->operstate = state;
5225 return netlink_send_oper_ifla(drv->global->netlink, drv->ifindex, -1,
5226 state ? IF_OPER_UP : IF_OPER_DORMANT);
5227 }
5228
5229
wpa_driver_nl80211_set_supp_port(void * priv,int authorized)5230 static int wpa_driver_nl80211_set_supp_port(void *priv, int authorized)
5231 {
5232 struct i802_bss *bss = priv;
5233 struct wpa_driver_nl80211_data *drv = bss->drv;
5234 struct nl_msg *msg;
5235 struct nl80211_sta_flag_update upd;
5236 int ret;
5237
5238 if (!drv->associated && is_zero_ether_addr(drv->bssid) && !authorized) {
5239 wpa_printf(MSG_DEBUG, "nl80211: Skip set_supp_port(unauthorized) while not associated");
5240 return 0;
5241 }
5242
5243 wpa_printf(MSG_DEBUG, "nl80211: Set supplicant port %sauthorized for "
5244 MACSTR, authorized ? "" : "un", MAC2STR(drv->bssid));
5245
5246 os_memset(&upd, 0, sizeof(upd));
5247 upd.mask = BIT(NL80211_STA_FLAG_AUTHORIZED);
5248 if (authorized)
5249 upd.set = BIT(NL80211_STA_FLAG_AUTHORIZED);
5250
5251 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_STATION)) ||
5252 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, drv->bssid) ||
5253 nla_put(msg, NL80211_ATTR_STA_FLAGS2, sizeof(upd), &upd)) {
5254 nlmsg_free(msg);
5255 return -ENOBUFS;
5256 }
5257
5258 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
5259 if (!ret)
5260 return 0;
5261 wpa_printf(MSG_DEBUG, "nl80211: Failed to set STA flag: %d (%s)",
5262 ret, strerror(-ret));
5263 return ret;
5264 }
5265
5266
5267 /* Set kernel driver on given frequency (MHz) */
i802_set_freq(void * priv,struct hostapd_freq_params * freq)5268 static int i802_set_freq(void *priv, struct hostapd_freq_params *freq)
5269 {
5270 struct i802_bss *bss = priv;
5271 return nl80211_set_channel(bss, freq, 0);
5272 }
5273
5274
min_int(int a,int b)5275 static inline int min_int(int a, int b)
5276 {
5277 if (a < b)
5278 return a;
5279 return b;
5280 }
5281
5282
get_key_handler(struct nl_msg * msg,void * arg)5283 static int get_key_handler(struct nl_msg *msg, void *arg)
5284 {
5285 struct nlattr *tb[NL80211_ATTR_MAX + 1];
5286 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
5287
5288 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
5289 genlmsg_attrlen(gnlh, 0), NULL);
5290
5291 /*
5292 * TODO: validate the key index and mac address!
5293 * Otherwise, there's a race condition as soon as
5294 * the kernel starts sending key notifications.
5295 */
5296
5297 if (tb[NL80211_ATTR_KEY_SEQ])
5298 memcpy(arg, nla_data(tb[NL80211_ATTR_KEY_SEQ]),
5299 min_int(nla_len(tb[NL80211_ATTR_KEY_SEQ]), 6));
5300 return NL_SKIP;
5301 }
5302
5303
i802_get_seqnum(const char * iface,void * priv,const u8 * addr,int idx,u8 * seq)5304 static int i802_get_seqnum(const char *iface, void *priv, const u8 *addr,
5305 int idx, u8 *seq)
5306 {
5307 struct i802_bss *bss = priv;
5308 struct wpa_driver_nl80211_data *drv = bss->drv;
5309 struct nl_msg *msg;
5310
5311 msg = nl80211_ifindex_msg(drv, if_nametoindex(iface), 0,
5312 NL80211_CMD_GET_KEY);
5313 if (!msg ||
5314 (addr && nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) ||
5315 nla_put_u8(msg, NL80211_ATTR_KEY_IDX, idx)) {
5316 nlmsg_free(msg);
5317 return -ENOBUFS;
5318 }
5319
5320 memset(seq, 0, 6);
5321
5322 return send_and_recv_msgs(drv, msg, get_key_handler, seq);
5323 }
5324
5325
i802_set_rts(void * priv,int rts)5326 static int i802_set_rts(void *priv, int rts)
5327 {
5328 struct i802_bss *bss = priv;
5329 struct wpa_driver_nl80211_data *drv = bss->drv;
5330 struct nl_msg *msg;
5331 int ret;
5332 u32 val;
5333
5334 if (rts >= 2347)
5335 val = (u32) -1;
5336 else
5337 val = rts;
5338
5339 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_SET_WIPHY)) ||
5340 nla_put_u32(msg, NL80211_ATTR_WIPHY_RTS_THRESHOLD, val)) {
5341 nlmsg_free(msg);
5342 return -ENOBUFS;
5343 }
5344
5345 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
5346 if (!ret)
5347 return 0;
5348 wpa_printf(MSG_DEBUG, "nl80211: Failed to set RTS threshold %d: "
5349 "%d (%s)", rts, ret, strerror(-ret));
5350 return ret;
5351 }
5352
5353
i802_set_frag(void * priv,int frag)5354 static int i802_set_frag(void *priv, int frag)
5355 {
5356 struct i802_bss *bss = priv;
5357 struct wpa_driver_nl80211_data *drv = bss->drv;
5358 struct nl_msg *msg;
5359 int ret;
5360 u32 val;
5361
5362 if (frag >= 2346)
5363 val = (u32) -1;
5364 else
5365 val = frag;
5366
5367 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_SET_WIPHY)) ||
5368 nla_put_u32(msg, NL80211_ATTR_WIPHY_FRAG_THRESHOLD, val)) {
5369 nlmsg_free(msg);
5370 return -ENOBUFS;
5371 }
5372
5373 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
5374 if (!ret)
5375 return 0;
5376 wpa_printf(MSG_DEBUG, "nl80211: Failed to set fragmentation threshold "
5377 "%d: %d (%s)", frag, ret, strerror(-ret));
5378 return ret;
5379 }
5380
5381
i802_flush(void * priv)5382 static int i802_flush(void *priv)
5383 {
5384 struct i802_bss *bss = priv;
5385 struct nl_msg *msg;
5386 int res;
5387
5388 wpa_printf(MSG_DEBUG, "nl80211: flush -> DEL_STATION %s (all)",
5389 bss->ifname);
5390
5391 /*
5392 * XXX: FIX! this needs to flush all VLANs too
5393 */
5394 msg = nl80211_bss_msg(bss, 0, NL80211_CMD_DEL_STATION);
5395 res = send_and_recv_msgs(bss->drv, msg, NULL, NULL);
5396 if (res) {
5397 wpa_printf(MSG_DEBUG, "nl80211: Station flush failed: ret=%d "
5398 "(%s)", res, strerror(-res));
5399 }
5400 return res;
5401 }
5402
5403
get_sta_handler(struct nl_msg * msg,void * arg)5404 static int get_sta_handler(struct nl_msg *msg, void *arg)
5405 {
5406 struct nlattr *tb[NL80211_ATTR_MAX + 1];
5407 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
5408 struct hostap_sta_driver_data *data = arg;
5409 struct nlattr *stats[NL80211_STA_INFO_MAX + 1];
5410 static struct nla_policy stats_policy[NL80211_STA_INFO_MAX + 1] = {
5411 [NL80211_STA_INFO_INACTIVE_TIME] = { .type = NLA_U32 },
5412 [NL80211_STA_INFO_RX_BYTES] = { .type = NLA_U32 },
5413 [NL80211_STA_INFO_TX_BYTES] = { .type = NLA_U32 },
5414 [NL80211_STA_INFO_RX_PACKETS] = { .type = NLA_U32 },
5415 [NL80211_STA_INFO_TX_PACKETS] = { .type = NLA_U32 },
5416 [NL80211_STA_INFO_TX_FAILED] = { .type = NLA_U32 },
5417 [NL80211_STA_INFO_RX_BYTES64] = { .type = NLA_U64 },
5418 [NL80211_STA_INFO_TX_BYTES64] = { .type = NLA_U64 },
5419 };
5420
5421 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
5422 genlmsg_attrlen(gnlh, 0), NULL);
5423
5424 /*
5425 * TODO: validate the interface and mac address!
5426 * Otherwise, there's a race condition as soon as
5427 * the kernel starts sending station notifications.
5428 */
5429
5430 if (!tb[NL80211_ATTR_STA_INFO]) {
5431 wpa_printf(MSG_DEBUG, "sta stats missing!");
5432 return NL_SKIP;
5433 }
5434 if (nla_parse_nested(stats, NL80211_STA_INFO_MAX,
5435 tb[NL80211_ATTR_STA_INFO],
5436 stats_policy)) {
5437 wpa_printf(MSG_DEBUG, "failed to parse nested attributes!");
5438 return NL_SKIP;
5439 }
5440
5441 if (stats[NL80211_STA_INFO_INACTIVE_TIME])
5442 data->inactive_msec =
5443 nla_get_u32(stats[NL80211_STA_INFO_INACTIVE_TIME]);
5444 /* For backwards compatibility, fetch the 32-bit counters first. */
5445 if (stats[NL80211_STA_INFO_RX_BYTES])
5446 data->rx_bytes = nla_get_u32(stats[NL80211_STA_INFO_RX_BYTES]);
5447 if (stats[NL80211_STA_INFO_TX_BYTES])
5448 data->tx_bytes = nla_get_u32(stats[NL80211_STA_INFO_TX_BYTES]);
5449 if (stats[NL80211_STA_INFO_RX_BYTES64] &&
5450 stats[NL80211_STA_INFO_TX_BYTES64]) {
5451 /*
5452 * The driver supports 64-bit counters, so use them to override
5453 * the 32-bit values.
5454 */
5455 data->rx_bytes =
5456 nla_get_u64(stats[NL80211_STA_INFO_RX_BYTES64]);
5457 data->tx_bytes =
5458 nla_get_u64(stats[NL80211_STA_INFO_TX_BYTES64]);
5459 data->bytes_64bit = 1;
5460 }
5461 if (stats[NL80211_STA_INFO_RX_PACKETS])
5462 data->rx_packets =
5463 nla_get_u32(stats[NL80211_STA_INFO_RX_PACKETS]);
5464 if (stats[NL80211_STA_INFO_TX_PACKETS])
5465 data->tx_packets =
5466 nla_get_u32(stats[NL80211_STA_INFO_TX_PACKETS]);
5467 if (stats[NL80211_STA_INFO_TX_FAILED])
5468 data->tx_retry_failed =
5469 nla_get_u32(stats[NL80211_STA_INFO_TX_FAILED]);
5470
5471 return NL_SKIP;
5472 }
5473
i802_read_sta_data(struct i802_bss * bss,struct hostap_sta_driver_data * data,const u8 * addr)5474 static int i802_read_sta_data(struct i802_bss *bss,
5475 struct hostap_sta_driver_data *data,
5476 const u8 *addr)
5477 {
5478 struct nl_msg *msg;
5479
5480 os_memset(data, 0, sizeof(*data));
5481
5482 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_GET_STATION)) ||
5483 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) {
5484 nlmsg_free(msg);
5485 return -ENOBUFS;
5486 }
5487
5488 return send_and_recv_msgs(bss->drv, msg, get_sta_handler, data);
5489 }
5490
5491
i802_set_tx_queue_params(void * priv,int queue,int aifs,int cw_min,int cw_max,int burst_time)5492 static int i802_set_tx_queue_params(void *priv, int queue, int aifs,
5493 int cw_min, int cw_max, int burst_time)
5494 {
5495 struct i802_bss *bss = priv;
5496 struct wpa_driver_nl80211_data *drv = bss->drv;
5497 struct nl_msg *msg;
5498 struct nlattr *txq, *params;
5499
5500 msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_WIPHY);
5501 if (!msg)
5502 return -1;
5503
5504 txq = nla_nest_start(msg, NL80211_ATTR_WIPHY_TXQ_PARAMS);
5505 if (!txq)
5506 goto fail;
5507
5508 /* We are only sending parameters for a single TXQ at a time */
5509 params = nla_nest_start(msg, 1);
5510 if (!params)
5511 goto fail;
5512
5513 switch (queue) {
5514 case 0:
5515 if (nla_put_u8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_VO))
5516 goto fail;
5517 break;
5518 case 1:
5519 if (nla_put_u8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_VI))
5520 goto fail;
5521 break;
5522 case 2:
5523 if (nla_put_u8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_BE))
5524 goto fail;
5525 break;
5526 case 3:
5527 if (nla_put_u8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_BK))
5528 goto fail;
5529 break;
5530 }
5531 /* Burst time is configured in units of 0.1 msec and TXOP parameter in
5532 * 32 usec, so need to convert the value here. */
5533 if (nla_put_u16(msg, NL80211_TXQ_ATTR_TXOP,
5534 (burst_time * 100 + 16) / 32) ||
5535 nla_put_u16(msg, NL80211_TXQ_ATTR_CWMIN, cw_min) ||
5536 nla_put_u16(msg, NL80211_TXQ_ATTR_CWMAX, cw_max) ||
5537 nla_put_u8(msg, NL80211_TXQ_ATTR_AIFS, aifs))
5538 goto fail;
5539
5540 nla_nest_end(msg, params);
5541
5542 nla_nest_end(msg, txq);
5543
5544 if (send_and_recv_msgs(drv, msg, NULL, NULL) == 0)
5545 return 0;
5546 msg = NULL;
5547 fail:
5548 nlmsg_free(msg);
5549 return -1;
5550 }
5551
5552
i802_set_sta_vlan(struct i802_bss * bss,const u8 * addr,const char * ifname,int vlan_id)5553 static int i802_set_sta_vlan(struct i802_bss *bss, const u8 *addr,
5554 const char *ifname, int vlan_id)
5555 {
5556 struct wpa_driver_nl80211_data *drv = bss->drv;
5557 struct nl_msg *msg;
5558 int ret;
5559
5560 wpa_printf(MSG_DEBUG, "nl80211: %s[%d]: set_sta_vlan(" MACSTR
5561 ", ifname=%s[%d], vlan_id=%d)",
5562 bss->ifname, if_nametoindex(bss->ifname),
5563 MAC2STR(addr), ifname, if_nametoindex(ifname), vlan_id);
5564 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_STATION)) ||
5565 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr) ||
5566 nla_put_u32(msg, NL80211_ATTR_STA_VLAN, if_nametoindex(ifname))) {
5567 nlmsg_free(msg);
5568 return -ENOBUFS;
5569 }
5570
5571 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
5572 if (ret < 0) {
5573 wpa_printf(MSG_ERROR, "nl80211: NL80211_ATTR_STA_VLAN (addr="
5574 MACSTR " ifname=%s vlan_id=%d) failed: %d (%s)",
5575 MAC2STR(addr), ifname, vlan_id, ret,
5576 strerror(-ret));
5577 }
5578 return ret;
5579 }
5580
5581
i802_get_inact_sec(void * priv,const u8 * addr)5582 static int i802_get_inact_sec(void *priv, const u8 *addr)
5583 {
5584 struct hostap_sta_driver_data data;
5585 int ret;
5586
5587 data.inactive_msec = (unsigned long) -1;
5588 ret = i802_read_sta_data(priv, &data, addr);
5589 if (ret == -ENOENT)
5590 return -ENOENT;
5591 if (ret || data.inactive_msec == (unsigned long) -1)
5592 return -1;
5593 return data.inactive_msec / 1000;
5594 }
5595
5596
i802_sta_clear_stats(void * priv,const u8 * addr)5597 static int i802_sta_clear_stats(void *priv, const u8 *addr)
5598 {
5599 #if 0
5600 /* TODO */
5601 #endif
5602 return 0;
5603 }
5604
5605
i802_sta_deauth(void * priv,const u8 * own_addr,const u8 * addr,int reason)5606 static int i802_sta_deauth(void *priv, const u8 *own_addr, const u8 *addr,
5607 int reason)
5608 {
5609 struct i802_bss *bss = priv;
5610 struct wpa_driver_nl80211_data *drv = bss->drv;
5611 struct ieee80211_mgmt mgmt;
5612
5613 if (is_mesh_interface(drv->nlmode))
5614 return -1;
5615
5616 if (drv->device_ap_sme)
5617 return wpa_driver_nl80211_sta_remove(bss, addr, 1, reason);
5618
5619 memset(&mgmt, 0, sizeof(mgmt));
5620 mgmt.frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT,
5621 WLAN_FC_STYPE_DEAUTH);
5622 memcpy(mgmt.da, addr, ETH_ALEN);
5623 memcpy(mgmt.sa, own_addr, ETH_ALEN);
5624 memcpy(mgmt.bssid, own_addr, ETH_ALEN);
5625 mgmt.u.deauth.reason_code = host_to_le16(reason);
5626 return wpa_driver_nl80211_send_mlme(bss, (u8 *) &mgmt,
5627 IEEE80211_HDRLEN +
5628 sizeof(mgmt.u.deauth), 0, 0, 0, 0,
5629 0, NULL, 0);
5630 }
5631
5632
i802_sta_disassoc(void * priv,const u8 * own_addr,const u8 * addr,int reason)5633 static int i802_sta_disassoc(void *priv, const u8 *own_addr, const u8 *addr,
5634 int reason)
5635 {
5636 struct i802_bss *bss = priv;
5637 struct wpa_driver_nl80211_data *drv = bss->drv;
5638 struct ieee80211_mgmt mgmt;
5639
5640 if (is_mesh_interface(drv->nlmode))
5641 return -1;
5642
5643 if (drv->device_ap_sme)
5644 return wpa_driver_nl80211_sta_remove(bss, addr, 0, reason);
5645
5646 memset(&mgmt, 0, sizeof(mgmt));
5647 mgmt.frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT,
5648 WLAN_FC_STYPE_DISASSOC);
5649 memcpy(mgmt.da, addr, ETH_ALEN);
5650 memcpy(mgmt.sa, own_addr, ETH_ALEN);
5651 memcpy(mgmt.bssid, own_addr, ETH_ALEN);
5652 mgmt.u.disassoc.reason_code = host_to_le16(reason);
5653 return wpa_driver_nl80211_send_mlme(bss, (u8 *) &mgmt,
5654 IEEE80211_HDRLEN +
5655 sizeof(mgmt.u.disassoc), 0, 0, 0, 0,
5656 0, NULL, 0);
5657 }
5658
5659
dump_ifidx(struct wpa_driver_nl80211_data * drv)5660 static void dump_ifidx(struct wpa_driver_nl80211_data *drv)
5661 {
5662 char buf[200], *pos, *end;
5663 int i, res;
5664
5665 pos = buf;
5666 end = pos + sizeof(buf);
5667
5668 for (i = 0; i < drv->num_if_indices; i++) {
5669 if (!drv->if_indices[i])
5670 continue;
5671 res = os_snprintf(pos, end - pos, " %d(%d)",
5672 drv->if_indices[i],
5673 drv->if_indices_reason[i]);
5674 if (os_snprintf_error(end - pos, res))
5675 break;
5676 pos += res;
5677 }
5678 *pos = '\0';
5679
5680 wpa_printf(MSG_DEBUG, "nl80211: if_indices[%d]:%s",
5681 drv->num_if_indices, buf);
5682 }
5683
5684
add_ifidx(struct wpa_driver_nl80211_data * drv,int ifidx,int ifidx_reason)5685 static void add_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx,
5686 int ifidx_reason)
5687 {
5688 int i;
5689 int *old, *old_reason;
5690
5691 wpa_printf(MSG_DEBUG,
5692 "nl80211: Add own interface ifindex %d (ifidx_reason %d)",
5693 ifidx, ifidx_reason);
5694 if (have_ifidx(drv, ifidx, ifidx_reason)) {
5695 wpa_printf(MSG_DEBUG, "nl80211: ifindex %d already in the list",
5696 ifidx);
5697 return;
5698 }
5699 for (i = 0; i < drv->num_if_indices; i++) {
5700 if (drv->if_indices[i] == 0) {
5701 drv->if_indices[i] = ifidx;
5702 drv->if_indices_reason[i] = ifidx_reason;
5703 dump_ifidx(drv);
5704 return;
5705 }
5706 }
5707
5708 if (drv->if_indices != drv->default_if_indices)
5709 old = drv->if_indices;
5710 else
5711 old = NULL;
5712
5713 if (drv->if_indices_reason != drv->default_if_indices_reason)
5714 old_reason = drv->if_indices_reason;
5715 else
5716 old_reason = NULL;
5717
5718 drv->if_indices = os_realloc_array(old, drv->num_if_indices + 1,
5719 sizeof(int));
5720 drv->if_indices_reason = os_realloc_array(old_reason,
5721 drv->num_if_indices + 1,
5722 sizeof(int));
5723 if (!drv->if_indices) {
5724 if (!old)
5725 drv->if_indices = drv->default_if_indices;
5726 else
5727 drv->if_indices = old;
5728 }
5729 if (!drv->if_indices_reason) {
5730 if (!old_reason)
5731 drv->if_indices_reason = drv->default_if_indices_reason;
5732 else
5733 drv->if_indices_reason = old_reason;
5734 }
5735 if (!drv->if_indices || !drv->if_indices_reason) {
5736 wpa_printf(MSG_ERROR, "Failed to reallocate memory for "
5737 "interfaces");
5738 wpa_printf(MSG_ERROR, "Ignoring EAPOL on interface %d", ifidx);
5739 return;
5740 }
5741 if (!old)
5742 os_memcpy(drv->if_indices, drv->default_if_indices,
5743 sizeof(drv->default_if_indices));
5744 if (!old_reason)
5745 os_memcpy(drv->if_indices_reason,
5746 drv->default_if_indices_reason,
5747 sizeof(drv->default_if_indices_reason));
5748 drv->if_indices[drv->num_if_indices] = ifidx;
5749 drv->if_indices_reason[drv->num_if_indices] = ifidx_reason;
5750 drv->num_if_indices++;
5751 dump_ifidx(drv);
5752 }
5753
5754
del_ifidx(struct wpa_driver_nl80211_data * drv,int ifidx,int ifidx_reason)5755 static void del_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx,
5756 int ifidx_reason)
5757 {
5758 int i;
5759
5760 for (i = 0; i < drv->num_if_indices; i++) {
5761 if ((drv->if_indices[i] == ifidx || ifidx == IFIDX_ANY) &&
5762 (drv->if_indices_reason[i] == ifidx_reason ||
5763 ifidx_reason == IFIDX_ANY)) {
5764 drv->if_indices[i] = 0;
5765 break;
5766 }
5767 }
5768 dump_ifidx(drv);
5769 }
5770
5771
have_ifidx(struct wpa_driver_nl80211_data * drv,int ifidx,int ifidx_reason)5772 static int have_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx,
5773 int ifidx_reason)
5774 {
5775 int i;
5776
5777 for (i = 0; i < drv->num_if_indices; i++)
5778 if (drv->if_indices[i] == ifidx &&
5779 (drv->if_indices_reason[i] == ifidx_reason ||
5780 ifidx_reason == IFIDX_ANY))
5781 return 1;
5782
5783 return 0;
5784 }
5785
5786
i802_set_wds_sta(void * priv,const u8 * addr,int aid,int val,const char * bridge_ifname,char * ifname_wds)5787 static int i802_set_wds_sta(void *priv, const u8 *addr, int aid, int val,
5788 const char *bridge_ifname, char *ifname_wds)
5789 {
5790 struct i802_bss *bss = priv;
5791 struct wpa_driver_nl80211_data *drv = bss->drv;
5792 char name[IFNAMSIZ + 1];
5793
5794 os_snprintf(name, sizeof(name), "%s.sta%d", bss->ifname, aid);
5795 if (ifname_wds)
5796 os_strlcpy(ifname_wds, name, IFNAMSIZ + 1);
5797
5798 wpa_printf(MSG_DEBUG, "nl80211: Set WDS STA addr=" MACSTR
5799 " aid=%d val=%d name=%s", MAC2STR(addr), aid, val, name);
5800 if (val) {
5801 if (!if_nametoindex(name)) {
5802 if (nl80211_create_iface(drv, name,
5803 NL80211_IFTYPE_AP_VLAN,
5804 bss->addr, 1, NULL, NULL, 0) <
5805 0)
5806 return -1;
5807 if (bridge_ifname &&
5808 linux_br_add_if(drv->global->ioctl_sock,
5809 bridge_ifname, name) < 0)
5810 return -1;
5811 }
5812 if (linux_set_iface_flags(drv->global->ioctl_sock, name, 1)) {
5813 wpa_printf(MSG_ERROR, "nl80211: Failed to set WDS STA "
5814 "interface %s up", name);
5815 }
5816 return i802_set_sta_vlan(priv, addr, name, 0);
5817 } else {
5818 if (bridge_ifname)
5819 linux_br_del_if(drv->global->ioctl_sock, bridge_ifname,
5820 name);
5821
5822 i802_set_sta_vlan(priv, addr, bss->ifname, 0);
5823 nl80211_remove_iface(drv, if_nametoindex(name));
5824 return 0;
5825 }
5826 }
5827
5828
handle_eapol(int sock,void * eloop_ctx,void * sock_ctx)5829 static void handle_eapol(int sock, void *eloop_ctx, void *sock_ctx)
5830 {
5831 struct wpa_driver_nl80211_data *drv = eloop_ctx;
5832 struct sockaddr_ll lladdr;
5833 unsigned char buf[3000];
5834 int len;
5835 socklen_t fromlen = sizeof(lladdr);
5836
5837 len = recvfrom(sock, buf, sizeof(buf), 0,
5838 (struct sockaddr *)&lladdr, &fromlen);
5839 if (len < 0) {
5840 wpa_printf(MSG_ERROR, "nl80211: EAPOL recv failed: %s",
5841 strerror(errno));
5842 return;
5843 }
5844
5845 if (have_ifidx(drv, lladdr.sll_ifindex, IFIDX_ANY))
5846 drv_event_eapol_rx(drv->ctx, lladdr.sll_addr, buf, len);
5847 }
5848
5849
i802_check_bridge(struct wpa_driver_nl80211_data * drv,struct i802_bss * bss,const char * brname,const char * ifname)5850 static int i802_check_bridge(struct wpa_driver_nl80211_data *drv,
5851 struct i802_bss *bss,
5852 const char *brname, const char *ifname)
5853 {
5854 int br_ifindex;
5855 char in_br[IFNAMSIZ];
5856
5857 os_strlcpy(bss->brname, brname, IFNAMSIZ);
5858 br_ifindex = if_nametoindex(brname);
5859 if (br_ifindex == 0) {
5860 /*
5861 * Bridge was configured, but the bridge device does
5862 * not exist. Try to add it now.
5863 */
5864 if (linux_br_add(drv->global->ioctl_sock, brname) < 0) {
5865 wpa_printf(MSG_ERROR, "nl80211: Failed to add the "
5866 "bridge interface %s: %s",
5867 brname, strerror(errno));
5868 return -1;
5869 }
5870 bss->added_bridge = 1;
5871 br_ifindex = if_nametoindex(brname);
5872 add_ifidx(drv, br_ifindex, drv->ifindex);
5873 }
5874 bss->br_ifindex = br_ifindex;
5875
5876 if (linux_br_get(in_br, ifname) == 0) {
5877 if (os_strcmp(in_br, brname) == 0)
5878 return 0; /* already in the bridge */
5879
5880 wpa_printf(MSG_DEBUG, "nl80211: Removing interface %s from "
5881 "bridge %s", ifname, in_br);
5882 if (linux_br_del_if(drv->global->ioctl_sock, in_br, ifname) <
5883 0) {
5884 wpa_printf(MSG_ERROR, "nl80211: Failed to "
5885 "remove interface %s from bridge "
5886 "%s: %s",
5887 ifname, brname, strerror(errno));
5888 return -1;
5889 }
5890 }
5891
5892 wpa_printf(MSG_DEBUG, "nl80211: Adding interface %s into bridge %s",
5893 ifname, brname);
5894 if (linux_br_add_if(drv->global->ioctl_sock, brname, ifname) < 0) {
5895 wpa_printf(MSG_ERROR, "nl80211: Failed to add interface %s "
5896 "into bridge %s: %s",
5897 ifname, brname, strerror(errno));
5898 return -1;
5899 }
5900 bss->added_if_into_bridge = 1;
5901
5902 return 0;
5903 }
5904
5905
i802_init(struct hostapd_data * hapd,struct wpa_init_params * params)5906 static void *i802_init(struct hostapd_data *hapd,
5907 struct wpa_init_params *params)
5908 {
5909 struct wpa_driver_nl80211_data *drv;
5910 struct i802_bss *bss;
5911 size_t i;
5912 char master_ifname[IFNAMSIZ];
5913 int ifindex, br_ifindex = 0;
5914 int br_added = 0;
5915
5916 bss = wpa_driver_nl80211_drv_init(hapd, params->ifname,
5917 params->global_priv, 1,
5918 params->bssid, params->driver_params);
5919 if (bss == NULL)
5920 return NULL;
5921
5922 drv = bss->drv;
5923
5924 if (linux_br_get(master_ifname, params->ifname) == 0) {
5925 wpa_printf(MSG_DEBUG, "nl80211: Interface %s is in bridge %s",
5926 params->ifname, master_ifname);
5927 br_ifindex = if_nametoindex(master_ifname);
5928 os_strlcpy(bss->brname, master_ifname, IFNAMSIZ);
5929 } else if ((params->num_bridge == 0 || !params->bridge[0]) &&
5930 linux_master_get(master_ifname, params->ifname) == 0) {
5931 wpa_printf(MSG_DEBUG, "nl80211: Interface %s is in master %s",
5932 params->ifname, master_ifname);
5933 /* start listening for EAPOL on the master interface */
5934 add_ifidx(drv, if_nametoindex(master_ifname), drv->ifindex);
5935
5936 /* check if master itself is under bridge */
5937 if (linux_br_get(master_ifname, master_ifname) == 0) {
5938 wpa_printf(MSG_DEBUG, "nl80211: which is in bridge %s",
5939 master_ifname);
5940 br_ifindex = if_nametoindex(master_ifname);
5941 os_strlcpy(bss->brname, master_ifname, IFNAMSIZ);
5942 }
5943 } else {
5944 master_ifname[0] = '\0';
5945 }
5946
5947 bss->br_ifindex = br_ifindex;
5948
5949 for (i = 0; i < params->num_bridge; i++) {
5950 if (params->bridge[i]) {
5951 ifindex = if_nametoindex(params->bridge[i]);
5952 if (ifindex)
5953 add_ifidx(drv, ifindex, drv->ifindex);
5954 if (ifindex == br_ifindex)
5955 br_added = 1;
5956 }
5957 }
5958
5959 /* start listening for EAPOL on the default AP interface */
5960 add_ifidx(drv, drv->ifindex, IFIDX_ANY);
5961
5962 if (params->num_bridge && params->bridge[0]) {
5963 if (i802_check_bridge(drv, bss, params->bridge[0],
5964 params->ifname) < 0)
5965 goto failed;
5966 if (os_strcmp(params->bridge[0], master_ifname) != 0)
5967 br_added = 1;
5968 }
5969
5970 if (!br_added && br_ifindex &&
5971 (params->num_bridge == 0 || !params->bridge[0]))
5972 add_ifidx(drv, br_ifindex, drv->ifindex);
5973
5974 #ifdef CONFIG_LIBNL3_ROUTE
5975 if (bss->added_if_into_bridge) {
5976 drv->rtnl_sk = nl_socket_alloc();
5977 if (drv->rtnl_sk == NULL) {
5978 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate nl_sock");
5979 goto failed;
5980 }
5981
5982 if (nl_connect(drv->rtnl_sk, NETLINK_ROUTE)) {
5983 wpa_printf(MSG_ERROR, "nl80211: Failed to connect nl_sock to NETLINK_ROUTE: %s",
5984 strerror(errno));
5985 goto failed;
5986 }
5987 }
5988 #endif /* CONFIG_LIBNL3_ROUTE */
5989
5990 drv->eapol_sock = socket(PF_PACKET, SOCK_DGRAM, htons(ETH_P_PAE));
5991 if (drv->eapol_sock < 0) {
5992 wpa_printf(MSG_ERROR, "nl80211: socket(PF_PACKET, SOCK_DGRAM, ETH_P_PAE) failed: %s",
5993 strerror(errno));
5994 goto failed;
5995 }
5996
5997 if (eloop_register_read_sock(drv->eapol_sock, handle_eapol, drv, NULL))
5998 {
5999 wpa_printf(MSG_INFO, "nl80211: Could not register read socket for eapol");
6000 goto failed;
6001 }
6002
6003 if (linux_get_ifhwaddr(drv->global->ioctl_sock, bss->ifname,
6004 params->own_addr))
6005 goto failed;
6006 os_memcpy(drv->perm_addr, params->own_addr, ETH_ALEN);
6007
6008 memcpy(bss->addr, params->own_addr, ETH_ALEN);
6009
6010 return bss;
6011
6012 failed:
6013 wpa_driver_nl80211_deinit(bss);
6014 return NULL;
6015 }
6016
6017
i802_deinit(void * priv)6018 static void i802_deinit(void *priv)
6019 {
6020 struct i802_bss *bss = priv;
6021 wpa_driver_nl80211_deinit(bss);
6022 }
6023
6024
wpa_driver_nl80211_if_type(enum wpa_driver_if_type type)6025 static enum nl80211_iftype wpa_driver_nl80211_if_type(
6026 enum wpa_driver_if_type type)
6027 {
6028 switch (type) {
6029 case WPA_IF_STATION:
6030 return NL80211_IFTYPE_STATION;
6031 case WPA_IF_P2P_CLIENT:
6032 case WPA_IF_P2P_GROUP:
6033 return NL80211_IFTYPE_P2P_CLIENT;
6034 case WPA_IF_AP_VLAN:
6035 return NL80211_IFTYPE_AP_VLAN;
6036 case WPA_IF_AP_BSS:
6037 return NL80211_IFTYPE_AP;
6038 case WPA_IF_P2P_GO:
6039 return NL80211_IFTYPE_P2P_GO;
6040 case WPA_IF_P2P_DEVICE:
6041 return NL80211_IFTYPE_P2P_DEVICE;
6042 case WPA_IF_MESH:
6043 return NL80211_IFTYPE_MESH_POINT;
6044 default:
6045 return -1;
6046 }
6047 }
6048
6049
nl80211_addr_in_use(struct nl80211_global * global,const u8 * addr)6050 static int nl80211_addr_in_use(struct nl80211_global *global, const u8 *addr)
6051 {
6052 struct wpa_driver_nl80211_data *drv;
6053 dl_list_for_each(drv, &global->interfaces,
6054 struct wpa_driver_nl80211_data, list) {
6055 if (os_memcmp(addr, drv->first_bss->addr, ETH_ALEN) == 0)
6056 return 1;
6057 }
6058 return 0;
6059 }
6060
6061
nl80211_vif_addr(struct wpa_driver_nl80211_data * drv,u8 * new_addr)6062 static int nl80211_vif_addr(struct wpa_driver_nl80211_data *drv, u8 *new_addr)
6063 {
6064 unsigned int idx;
6065
6066 if (!drv->global)
6067 return -1;
6068
6069 os_memcpy(new_addr, drv->first_bss->addr, ETH_ALEN);
6070 for (idx = 0; idx < 64; idx++) {
6071 new_addr[0] = drv->first_bss->addr[0] | 0x02;
6072 new_addr[0] ^= idx << 2;
6073 if (!nl80211_addr_in_use(drv->global, new_addr))
6074 break;
6075 }
6076 if (idx == 64)
6077 return -1;
6078
6079 wpa_printf(MSG_DEBUG, "nl80211: Assigned new virtual interface address "
6080 MACSTR, MAC2STR(new_addr));
6081
6082 return 0;
6083 }
6084
6085
6086 struct wdev_info {
6087 u64 wdev_id;
6088 int wdev_id_set;
6089 u8 macaddr[ETH_ALEN];
6090 };
6091
nl80211_wdev_handler(struct nl_msg * msg,void * arg)6092 static int nl80211_wdev_handler(struct nl_msg *msg, void *arg)
6093 {
6094 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
6095 struct nlattr *tb[NL80211_ATTR_MAX + 1];
6096 struct wdev_info *wi = arg;
6097
6098 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
6099 genlmsg_attrlen(gnlh, 0), NULL);
6100 if (tb[NL80211_ATTR_WDEV]) {
6101 wi->wdev_id = nla_get_u64(tb[NL80211_ATTR_WDEV]);
6102 wi->wdev_id_set = 1;
6103 }
6104
6105 if (tb[NL80211_ATTR_MAC])
6106 os_memcpy(wi->macaddr, nla_data(tb[NL80211_ATTR_MAC]),
6107 ETH_ALEN);
6108
6109 return NL_SKIP;
6110 }
6111
6112
wpa_driver_nl80211_if_add(void * priv,enum wpa_driver_if_type type,const char * ifname,const u8 * addr,void * bss_ctx,void ** drv_priv,char * force_ifname,u8 * if_addr,const char * bridge,int use_existing,int setup_ap)6113 static int wpa_driver_nl80211_if_add(void *priv, enum wpa_driver_if_type type,
6114 const char *ifname, const u8 *addr,
6115 void *bss_ctx, void **drv_priv,
6116 char *force_ifname, u8 *if_addr,
6117 const char *bridge, int use_existing,
6118 int setup_ap)
6119 {
6120 enum nl80211_iftype nlmode;
6121 struct i802_bss *bss = priv;
6122 struct wpa_driver_nl80211_data *drv = bss->drv;
6123 int ifidx;
6124 int added = 1;
6125
6126 if (addr)
6127 os_memcpy(if_addr, addr, ETH_ALEN);
6128 nlmode = wpa_driver_nl80211_if_type(type);
6129 if (nlmode == NL80211_IFTYPE_P2P_DEVICE) {
6130 struct wdev_info p2pdev_info;
6131
6132 os_memset(&p2pdev_info, 0, sizeof(p2pdev_info));
6133 ifidx = nl80211_create_iface(drv, ifname, nlmode, addr,
6134 0, nl80211_wdev_handler,
6135 &p2pdev_info, use_existing);
6136 if (!p2pdev_info.wdev_id_set || ifidx != 0) {
6137 wpa_printf(MSG_ERROR, "nl80211: Failed to create a P2P Device interface %s",
6138 ifname);
6139 return -1;
6140 }
6141
6142 drv->global->if_add_wdevid = p2pdev_info.wdev_id;
6143 drv->global->if_add_wdevid_set = p2pdev_info.wdev_id_set;
6144 if (!is_zero_ether_addr(p2pdev_info.macaddr))
6145 os_memcpy(if_addr, p2pdev_info.macaddr, ETH_ALEN);
6146 wpa_printf(MSG_DEBUG, "nl80211: New P2P Device interface %s (0x%llx) created",
6147 ifname,
6148 (long long unsigned int) p2pdev_info.wdev_id);
6149 } else {
6150 ifidx = nl80211_create_iface(drv, ifname, nlmode, addr,
6151 0, NULL, NULL, use_existing);
6152 if (use_existing && ifidx == -ENFILE) {
6153 added = 0;
6154 ifidx = if_nametoindex(ifname);
6155 } else if (ifidx < 0) {
6156 return -1;
6157 }
6158 }
6159
6160 if (!addr) {
6161 if (nlmode == NL80211_IFTYPE_P2P_DEVICE)
6162 os_memcpy(if_addr, bss->addr, ETH_ALEN);
6163 else if (linux_get_ifhwaddr(drv->global->ioctl_sock,
6164 ifname, if_addr) < 0) {
6165 if (added)
6166 nl80211_remove_iface(drv, ifidx);
6167 return -1;
6168 }
6169 }
6170
6171 if (!addr &&
6172 (type == WPA_IF_P2P_CLIENT || type == WPA_IF_P2P_GROUP ||
6173 type == WPA_IF_P2P_GO || type == WPA_IF_MESH ||
6174 type == WPA_IF_STATION)) {
6175 /* Enforce unique address */
6176 u8 new_addr[ETH_ALEN];
6177
6178 if (linux_get_ifhwaddr(drv->global->ioctl_sock, ifname,
6179 new_addr) < 0) {
6180 if (added)
6181 nl80211_remove_iface(drv, ifidx);
6182 return -1;
6183 }
6184 if (nl80211_addr_in_use(drv->global, new_addr)) {
6185 wpa_printf(MSG_DEBUG, "nl80211: Allocate new address "
6186 "for interface %s type %d", ifname, type);
6187 if (nl80211_vif_addr(drv, new_addr) < 0) {
6188 if (added)
6189 nl80211_remove_iface(drv, ifidx);
6190 return -1;
6191 }
6192 if (linux_set_ifhwaddr(drv->global->ioctl_sock, ifname,
6193 new_addr) < 0) {
6194 if (added)
6195 nl80211_remove_iface(drv, ifidx);
6196 return -1;
6197 }
6198 }
6199 os_memcpy(if_addr, new_addr, ETH_ALEN);
6200 }
6201
6202 if (type == WPA_IF_AP_BSS && setup_ap) {
6203 struct i802_bss *new_bss = os_zalloc(sizeof(*new_bss));
6204 if (new_bss == NULL) {
6205 if (added)
6206 nl80211_remove_iface(drv, ifidx);
6207 return -1;
6208 }
6209
6210 if (bridge &&
6211 i802_check_bridge(drv, new_bss, bridge, ifname) < 0) {
6212 wpa_printf(MSG_ERROR, "nl80211: Failed to add the new "
6213 "interface %s to a bridge %s",
6214 ifname, bridge);
6215 if (added)
6216 nl80211_remove_iface(drv, ifidx);
6217 os_free(new_bss);
6218 return -1;
6219 }
6220
6221 if (linux_set_iface_flags(drv->global->ioctl_sock, ifname, 1))
6222 {
6223 if (added)
6224 nl80211_remove_iface(drv, ifidx);
6225 os_free(new_bss);
6226 return -1;
6227 }
6228 os_strlcpy(new_bss->ifname, ifname, IFNAMSIZ);
6229 os_memcpy(new_bss->addr, if_addr, ETH_ALEN);
6230 new_bss->ifindex = ifidx;
6231 new_bss->drv = drv;
6232 new_bss->next = drv->first_bss->next;
6233 new_bss->freq = drv->first_bss->freq;
6234 new_bss->ctx = bss_ctx;
6235 new_bss->added_if = added;
6236 drv->first_bss->next = new_bss;
6237 if (drv_priv)
6238 *drv_priv = new_bss;
6239 nl80211_init_bss(new_bss);
6240
6241 /* Subscribe management frames for this WPA_IF_AP_BSS */
6242 if (nl80211_setup_ap(new_bss))
6243 return -1;
6244 }
6245
6246 if (drv->global)
6247 drv->global->if_add_ifindex = ifidx;
6248
6249 /*
6250 * Some virtual interfaces need to process EAPOL packets and events on
6251 * the parent interface. This is used mainly with hostapd.
6252 */
6253 if (ifidx > 0 &&
6254 (drv->hostapd ||
6255 nlmode == NL80211_IFTYPE_AP_VLAN ||
6256 nlmode == NL80211_IFTYPE_WDS ||
6257 nlmode == NL80211_IFTYPE_MONITOR))
6258 add_ifidx(drv, ifidx, IFIDX_ANY);
6259
6260 return 0;
6261 }
6262
6263
wpa_driver_nl80211_if_remove(struct i802_bss * bss,enum wpa_driver_if_type type,const char * ifname)6264 static int wpa_driver_nl80211_if_remove(struct i802_bss *bss,
6265 enum wpa_driver_if_type type,
6266 const char *ifname)
6267 {
6268 struct wpa_driver_nl80211_data *drv = bss->drv;
6269 int ifindex = if_nametoindex(ifname);
6270
6271 wpa_printf(MSG_DEBUG, "nl80211: %s(type=%d ifname=%s) ifindex=%d added_if=%d",
6272 __func__, type, ifname, ifindex, bss->added_if);
6273 if (ifindex > 0 && (bss->added_if || bss->ifindex != ifindex))
6274 nl80211_remove_iface(drv, ifindex);
6275 else if (ifindex > 0 && !bss->added_if) {
6276 struct wpa_driver_nl80211_data *drv2;
6277 dl_list_for_each(drv2, &drv->global->interfaces,
6278 struct wpa_driver_nl80211_data, list) {
6279 del_ifidx(drv2, ifindex, IFIDX_ANY);
6280 del_ifidx(drv2, IFIDX_ANY, ifindex);
6281 }
6282 }
6283
6284 if (type != WPA_IF_AP_BSS)
6285 return 0;
6286
6287 if (bss->added_if_into_bridge) {
6288 if (linux_br_del_if(drv->global->ioctl_sock, bss->brname,
6289 bss->ifname) < 0)
6290 wpa_printf(MSG_INFO, "nl80211: Failed to remove "
6291 "interface %s from bridge %s: %s",
6292 bss->ifname, bss->brname, strerror(errno));
6293 }
6294 if (bss->added_bridge) {
6295 if (linux_br_del(drv->global->ioctl_sock, bss->brname) < 0)
6296 wpa_printf(MSG_INFO, "nl80211: Failed to remove "
6297 "bridge %s: %s",
6298 bss->brname, strerror(errno));
6299 }
6300
6301 if (bss != drv->first_bss) {
6302 struct i802_bss *tbss;
6303
6304 wpa_printf(MSG_DEBUG, "nl80211: Not the first BSS - remove it");
6305 for (tbss = drv->first_bss; tbss; tbss = tbss->next) {
6306 if (tbss->next == bss) {
6307 tbss->next = bss->next;
6308 /* Unsubscribe management frames */
6309 nl80211_teardown_ap(bss);
6310 nl80211_destroy_bss(bss);
6311 if (!bss->added_if)
6312 i802_set_iface_flags(bss, 0);
6313 os_free(bss);
6314 bss = NULL;
6315 break;
6316 }
6317 }
6318 if (bss)
6319 wpa_printf(MSG_INFO, "nl80211: %s - could not find "
6320 "BSS %p in the list", __func__, bss);
6321 } else {
6322 wpa_printf(MSG_DEBUG, "nl80211: First BSS - reassign context");
6323 nl80211_teardown_ap(bss);
6324 if (!bss->added_if && !drv->first_bss->next)
6325 wpa_driver_nl80211_del_beacon(drv);
6326 nl80211_destroy_bss(bss);
6327 if (!bss->added_if)
6328 i802_set_iface_flags(bss, 0);
6329 if (drv->first_bss->next) {
6330 drv->first_bss = drv->first_bss->next;
6331 drv->ctx = drv->first_bss->ctx;
6332 os_free(bss);
6333 } else {
6334 wpa_printf(MSG_DEBUG, "nl80211: No second BSS to reassign context to");
6335 }
6336 }
6337
6338 return 0;
6339 }
6340
6341
cookie_handler(struct nl_msg * msg,void * arg)6342 static int cookie_handler(struct nl_msg *msg, void *arg)
6343 {
6344 struct nlattr *tb[NL80211_ATTR_MAX + 1];
6345 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
6346 u64 *cookie = arg;
6347 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
6348 genlmsg_attrlen(gnlh, 0), NULL);
6349 if (tb[NL80211_ATTR_COOKIE])
6350 *cookie = nla_get_u64(tb[NL80211_ATTR_COOKIE]);
6351 return NL_SKIP;
6352 }
6353
6354
nl80211_send_frame_cmd(struct i802_bss * bss,unsigned int freq,unsigned int wait,const u8 * buf,size_t buf_len,u64 * cookie_out,int no_cck,int no_ack,int offchanok,const u16 * csa_offs,size_t csa_offs_len)6355 static int nl80211_send_frame_cmd(struct i802_bss *bss,
6356 unsigned int freq, unsigned int wait,
6357 const u8 *buf, size_t buf_len,
6358 u64 *cookie_out, int no_cck, int no_ack,
6359 int offchanok, const u16 *csa_offs,
6360 size_t csa_offs_len)
6361 {
6362 struct wpa_driver_nl80211_data *drv = bss->drv;
6363 struct nl_msg *msg;
6364 u64 cookie;
6365 int ret = -1;
6366
6367 wpa_printf(MSG_MSGDUMP, "nl80211: CMD_FRAME freq=%u wait=%u no_cck=%d "
6368 "no_ack=%d offchanok=%d",
6369 freq, wait, no_cck, no_ack, offchanok);
6370 wpa_hexdump(MSG_MSGDUMP, "CMD_FRAME", buf, buf_len);
6371
6372 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_FRAME)) ||
6373 (freq && nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, freq)) ||
6374 (wait && nla_put_u32(msg, NL80211_ATTR_DURATION, wait)) ||
6375 (offchanok && ((drv->capa.flags & WPA_DRIVER_FLAGS_OFFCHANNEL_TX) ||
6376 drv->test_use_roc_tx) &&
6377 nla_put_flag(msg, NL80211_ATTR_OFFCHANNEL_TX_OK)) ||
6378 (no_cck && nla_put_flag(msg, NL80211_ATTR_TX_NO_CCK_RATE)) ||
6379 (no_ack && nla_put_flag(msg, NL80211_ATTR_DONT_WAIT_FOR_ACK)) ||
6380 (csa_offs && nla_put(msg, NL80211_ATTR_CSA_C_OFFSETS_TX,
6381 csa_offs_len * sizeof(u16), csa_offs)) ||
6382 nla_put(msg, NL80211_ATTR_FRAME, buf_len, buf))
6383 goto fail;
6384
6385 cookie = 0;
6386 ret = send_and_recv_msgs(drv, msg, cookie_handler, &cookie);
6387 msg = NULL;
6388 if (ret) {
6389 wpa_printf(MSG_DEBUG, "nl80211: Frame command failed: ret=%d "
6390 "(%s) (freq=%u wait=%u)", ret, strerror(-ret),
6391 freq, wait);
6392 } else {
6393 wpa_printf(MSG_MSGDUMP, "nl80211: Frame TX command accepted%s; "
6394 "cookie 0x%llx", no_ack ? " (no ACK)" : "",
6395 (long long unsigned int) cookie);
6396
6397 if (cookie_out)
6398 *cookie_out = no_ack ? (u64) -1 : cookie;
6399
6400 if (drv->num_send_action_cookies == MAX_SEND_ACTION_COOKIES) {
6401 wpa_printf(MSG_DEBUG,
6402 "nl80211: Drop oldest pending send action cookie 0x%llx",
6403 (long long unsigned int)
6404 drv->send_action_cookies[0]);
6405 os_memmove(&drv->send_action_cookies[0],
6406 &drv->send_action_cookies[1],
6407 (MAX_SEND_ACTION_COOKIES - 1) *
6408 sizeof(u64));
6409 drv->num_send_action_cookies--;
6410 }
6411 drv->send_action_cookies[drv->num_send_action_cookies] = cookie;
6412 drv->num_send_action_cookies++;
6413 }
6414
6415 fail:
6416 nlmsg_free(msg);
6417 return ret;
6418 }
6419
6420
wpa_driver_nl80211_send_action(struct i802_bss * bss,unsigned int freq,unsigned int wait_time,const u8 * dst,const u8 * src,const u8 * bssid,const u8 * data,size_t data_len,int no_cck)6421 static int wpa_driver_nl80211_send_action(struct i802_bss *bss,
6422 unsigned int freq,
6423 unsigned int wait_time,
6424 const u8 *dst, const u8 *src,
6425 const u8 *bssid,
6426 const u8 *data, size_t data_len,
6427 int no_cck)
6428 {
6429 struct wpa_driver_nl80211_data *drv = bss->drv;
6430 int ret = -1;
6431 u8 *buf;
6432 struct ieee80211_hdr *hdr;
6433
6434 wpa_printf(MSG_DEBUG, "nl80211: Send Action frame (ifindex=%d, "
6435 "freq=%u MHz wait=%d ms no_cck=%d)",
6436 drv->ifindex, freq, wait_time, no_cck);
6437
6438 buf = os_zalloc(24 + data_len);
6439 if (buf == NULL)
6440 return ret;
6441 os_memcpy(buf + 24, data, data_len);
6442 hdr = (struct ieee80211_hdr *) buf;
6443 hdr->frame_control =
6444 IEEE80211_FC(WLAN_FC_TYPE_MGMT, WLAN_FC_STYPE_ACTION);
6445 os_memcpy(hdr->addr1, dst, ETH_ALEN);
6446 os_memcpy(hdr->addr2, src, ETH_ALEN);
6447 os_memcpy(hdr->addr3, bssid, ETH_ALEN);
6448
6449 if (is_ap_interface(drv->nlmode) &&
6450 (!(drv->capa.flags & WPA_DRIVER_FLAGS_OFFCHANNEL_TX) ||
6451 (int) freq == bss->freq || drv->device_ap_sme ||
6452 !drv->use_monitor))
6453 ret = wpa_driver_nl80211_send_mlme(bss, buf, 24 + data_len,
6454 0, freq, no_cck, 1,
6455 wait_time, NULL, 0);
6456 else
6457 ret = nl80211_send_frame_cmd(bss, freq, wait_time, buf,
6458 24 + data_len,
6459 &drv->send_action_cookie,
6460 no_cck, 0, 1, NULL, 0);
6461
6462 os_free(buf);
6463 return ret;
6464 }
6465
6466
nl80211_frame_wait_cancel(struct i802_bss * bss,u64 cookie)6467 static void nl80211_frame_wait_cancel(struct i802_bss *bss, u64 cookie)
6468 {
6469 struct wpa_driver_nl80211_data *drv = bss->drv;
6470 struct nl_msg *msg;
6471 int ret;
6472
6473 wpa_printf(MSG_DEBUG, "nl80211: Cancel TX frame wait: cookie=0x%llx",
6474 (long long unsigned int) cookie);
6475 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_FRAME_WAIT_CANCEL)) ||
6476 nla_put_u64(msg, NL80211_ATTR_COOKIE, cookie)) {
6477 nlmsg_free(msg);
6478 return;
6479 }
6480
6481 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
6482 if (ret)
6483 wpa_printf(MSG_DEBUG, "nl80211: wait cancel failed: ret=%d "
6484 "(%s)", ret, strerror(-ret));
6485 }
6486
6487
wpa_driver_nl80211_send_action_cancel_wait(void * priv)6488 static void wpa_driver_nl80211_send_action_cancel_wait(void *priv)
6489 {
6490 struct i802_bss *bss = priv;
6491 struct wpa_driver_nl80211_data *drv = bss->drv;
6492 unsigned int i;
6493 u64 cookie;
6494
6495 /* Cancel the last pending TX cookie */
6496 nl80211_frame_wait_cancel(bss, drv->send_action_cookie);
6497
6498 /*
6499 * Cancel the other pending TX cookies, if any. This is needed since
6500 * the driver may keep a list of all pending offchannel TX operations
6501 * and free up the radio only once they have expired or cancelled.
6502 */
6503 for (i = drv->num_send_action_cookies; i > 0; i--) {
6504 cookie = drv->send_action_cookies[i - 1];
6505 if (cookie != drv->send_action_cookie)
6506 nl80211_frame_wait_cancel(bss, cookie);
6507 }
6508 drv->num_send_action_cookies = 0;
6509 }
6510
6511
wpa_driver_nl80211_remain_on_channel(void * priv,unsigned int freq,unsigned int duration)6512 static int wpa_driver_nl80211_remain_on_channel(void *priv, unsigned int freq,
6513 unsigned int duration)
6514 {
6515 struct i802_bss *bss = priv;
6516 struct wpa_driver_nl80211_data *drv = bss->drv;
6517 struct nl_msg *msg;
6518 int ret;
6519 u64 cookie;
6520
6521 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_REMAIN_ON_CHANNEL)) ||
6522 nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, freq) ||
6523 nla_put_u32(msg, NL80211_ATTR_DURATION, duration)) {
6524 nlmsg_free(msg);
6525 return -1;
6526 }
6527
6528 cookie = 0;
6529 ret = send_and_recv_msgs(drv, msg, cookie_handler, &cookie);
6530 if (ret == 0) {
6531 wpa_printf(MSG_DEBUG, "nl80211: Remain-on-channel cookie "
6532 "0x%llx for freq=%u MHz duration=%u",
6533 (long long unsigned int) cookie, freq, duration);
6534 drv->remain_on_chan_cookie = cookie;
6535 drv->pending_remain_on_chan = 1;
6536 return 0;
6537 }
6538 wpa_printf(MSG_DEBUG, "nl80211: Failed to request remain-on-channel "
6539 "(freq=%d duration=%u): %d (%s)",
6540 freq, duration, ret, strerror(-ret));
6541 return -1;
6542 }
6543
6544
wpa_driver_nl80211_cancel_remain_on_channel(void * priv)6545 static int wpa_driver_nl80211_cancel_remain_on_channel(void *priv)
6546 {
6547 struct i802_bss *bss = priv;
6548 struct wpa_driver_nl80211_data *drv = bss->drv;
6549 struct nl_msg *msg;
6550 int ret;
6551
6552 if (!drv->pending_remain_on_chan) {
6553 wpa_printf(MSG_DEBUG, "nl80211: No pending remain-on-channel "
6554 "to cancel");
6555 return -1;
6556 }
6557
6558 wpa_printf(MSG_DEBUG, "nl80211: Cancel remain-on-channel with cookie "
6559 "0x%llx",
6560 (long long unsigned int) drv->remain_on_chan_cookie);
6561
6562 msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL);
6563 if (!msg ||
6564 nla_put_u64(msg, NL80211_ATTR_COOKIE, drv->remain_on_chan_cookie)) {
6565 nlmsg_free(msg);
6566 return -1;
6567 }
6568
6569 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
6570 if (ret == 0)
6571 return 0;
6572 wpa_printf(MSG_DEBUG, "nl80211: Failed to cancel remain-on-channel: "
6573 "%d (%s)", ret, strerror(-ret));
6574 return -1;
6575 }
6576
6577
wpa_driver_nl80211_probe_req_report(struct i802_bss * bss,int report)6578 static int wpa_driver_nl80211_probe_req_report(struct i802_bss *bss, int report)
6579 {
6580 struct wpa_driver_nl80211_data *drv = bss->drv;
6581
6582 if (!report) {
6583 if (bss->nl_preq && drv->device_ap_sme &&
6584 is_ap_interface(drv->nlmode) && !bss->in_deinit &&
6585 !bss->static_ap) {
6586 /*
6587 * Do not disable Probe Request reporting that was
6588 * enabled in nl80211_setup_ap().
6589 */
6590 wpa_printf(MSG_DEBUG, "nl80211: Skip disabling of "
6591 "Probe Request reporting nl_preq=%p while "
6592 "in AP mode", bss->nl_preq);
6593 } else if (bss->nl_preq) {
6594 wpa_printf(MSG_DEBUG, "nl80211: Disable Probe Request "
6595 "reporting nl_preq=%p", bss->nl_preq);
6596 nl80211_destroy_eloop_handle(&bss->nl_preq);
6597 }
6598 return 0;
6599 }
6600
6601 if (bss->nl_preq) {
6602 wpa_printf(MSG_DEBUG, "nl80211: Probe Request reporting "
6603 "already on! nl_preq=%p", bss->nl_preq);
6604 return 0;
6605 }
6606
6607 bss->nl_preq = nl_create_handle(drv->global->nl_cb, "preq");
6608 if (bss->nl_preq == NULL)
6609 return -1;
6610 wpa_printf(MSG_DEBUG, "nl80211: Enable Probe Request "
6611 "reporting nl_preq=%p", bss->nl_preq);
6612
6613 if (nl80211_register_frame(bss, bss->nl_preq,
6614 (WLAN_FC_TYPE_MGMT << 2) |
6615 (WLAN_FC_STYPE_PROBE_REQ << 4),
6616 NULL, 0) < 0)
6617 goto out_err;
6618
6619 nl80211_register_eloop_read(&bss->nl_preq,
6620 wpa_driver_nl80211_event_receive,
6621 bss->nl_cb);
6622
6623 return 0;
6624
6625 out_err:
6626 nl_destroy_handles(&bss->nl_preq);
6627 return -1;
6628 }
6629
6630
nl80211_disable_11b_rates(struct wpa_driver_nl80211_data * drv,int ifindex,int disabled)6631 static int nl80211_disable_11b_rates(struct wpa_driver_nl80211_data *drv,
6632 int ifindex, int disabled)
6633 {
6634 struct nl_msg *msg;
6635 struct nlattr *bands, *band;
6636 int ret;
6637
6638 wpa_printf(MSG_DEBUG,
6639 "nl80211: NL80211_CMD_SET_TX_BITRATE_MASK (ifindex=%d %s)",
6640 ifindex, disabled ? "NL80211_TXRATE_LEGACY=OFDM-only" :
6641 "no NL80211_TXRATE_LEGACY constraint");
6642
6643 msg = nl80211_ifindex_msg(drv, ifindex, 0,
6644 NL80211_CMD_SET_TX_BITRATE_MASK);
6645 if (!msg)
6646 return -1;
6647
6648 bands = nla_nest_start(msg, NL80211_ATTR_TX_RATES);
6649 if (!bands)
6650 goto fail;
6651
6652 /*
6653 * Disable 2 GHz rates 1, 2, 5.5, 11 Mbps by masking out everything
6654 * else apart from 6, 9, 12, 18, 24, 36, 48, 54 Mbps from non-MCS
6655 * rates. All 5 GHz rates are left enabled.
6656 */
6657 band = nla_nest_start(msg, NL80211_BAND_2GHZ);
6658 if (!band ||
6659 (disabled && nla_put(msg, NL80211_TXRATE_LEGACY, 8,
6660 "\x0c\x12\x18\x24\x30\x48\x60\x6c")))
6661 goto fail;
6662 nla_nest_end(msg, band);
6663
6664 nla_nest_end(msg, bands);
6665
6666 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
6667 if (ret) {
6668 wpa_printf(MSG_DEBUG, "nl80211: Set TX rates failed: ret=%d "
6669 "(%s)", ret, strerror(-ret));
6670 } else
6671 drv->disabled_11b_rates = disabled;
6672
6673 return ret;
6674
6675 fail:
6676 nlmsg_free(msg);
6677 return -1;
6678 }
6679
6680
wpa_driver_nl80211_deinit_ap(void * priv)6681 static int wpa_driver_nl80211_deinit_ap(void *priv)
6682 {
6683 struct i802_bss *bss = priv;
6684 struct wpa_driver_nl80211_data *drv = bss->drv;
6685 if (!is_ap_interface(drv->nlmode))
6686 return -1;
6687 wpa_driver_nl80211_del_beacon(drv);
6688 bss->beacon_set = 0;
6689
6690 /*
6691 * If the P2P GO interface was dynamically added, then it is
6692 * possible that the interface change to station is not possible.
6693 */
6694 if (drv->nlmode == NL80211_IFTYPE_P2P_GO && bss->if_dynamic)
6695 return 0;
6696
6697 return wpa_driver_nl80211_set_mode(priv, NL80211_IFTYPE_STATION);
6698 }
6699
6700
wpa_driver_nl80211_stop_ap(void * priv)6701 static int wpa_driver_nl80211_stop_ap(void *priv)
6702 {
6703 struct i802_bss *bss = priv;
6704 struct wpa_driver_nl80211_data *drv = bss->drv;
6705 if (!is_ap_interface(drv->nlmode))
6706 return -1;
6707 wpa_driver_nl80211_del_beacon(drv);
6708 bss->beacon_set = 0;
6709 return 0;
6710 }
6711
6712
wpa_driver_nl80211_deinit_p2p_cli(void * priv)6713 static int wpa_driver_nl80211_deinit_p2p_cli(void *priv)
6714 {
6715 struct i802_bss *bss = priv;
6716 struct wpa_driver_nl80211_data *drv = bss->drv;
6717 if (drv->nlmode != NL80211_IFTYPE_P2P_CLIENT)
6718 return -1;
6719
6720 /*
6721 * If the P2P Client interface was dynamically added, then it is
6722 * possible that the interface change to station is not possible.
6723 */
6724 if (bss->if_dynamic)
6725 return 0;
6726
6727 return wpa_driver_nl80211_set_mode(priv, NL80211_IFTYPE_STATION);
6728 }
6729
6730
wpa_driver_nl80211_resume(void * priv)6731 static void wpa_driver_nl80211_resume(void *priv)
6732 {
6733 struct i802_bss *bss = priv;
6734 enum nl80211_iftype nlmode = nl80211_get_ifmode(bss);
6735
6736 if (i802_set_iface_flags(bss, 1))
6737 wpa_printf(MSG_DEBUG, "nl80211: Failed to set interface up on resume event");
6738
6739 if (is_p2p_net_interface(nlmode))
6740 nl80211_disable_11b_rates(bss->drv, bss->drv->ifindex, 1);
6741 }
6742
6743
nl80211_signal_monitor(void * priv,int threshold,int hysteresis)6744 static int nl80211_signal_monitor(void *priv, int threshold, int hysteresis)
6745 {
6746 struct i802_bss *bss = priv;
6747 struct wpa_driver_nl80211_data *drv = bss->drv;
6748 struct nl_msg *msg;
6749 struct nlattr *cqm;
6750
6751 wpa_printf(MSG_DEBUG, "nl80211: Signal monitor threshold=%d "
6752 "hysteresis=%d", threshold, hysteresis);
6753
6754 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_CQM)) ||
6755 !(cqm = nla_nest_start(msg, NL80211_ATTR_CQM)) ||
6756 nla_put_u32(msg, NL80211_ATTR_CQM_RSSI_THOLD, threshold) ||
6757 nla_put_u32(msg, NL80211_ATTR_CQM_RSSI_HYST, hysteresis)) {
6758 nlmsg_free(msg);
6759 return -1;
6760 }
6761 nla_nest_end(msg, cqm);
6762
6763 return send_and_recv_msgs(drv, msg, NULL, NULL);
6764 }
6765
6766
get_channel_width(struct nl_msg * msg,void * arg)6767 static int get_channel_width(struct nl_msg *msg, void *arg)
6768 {
6769 struct nlattr *tb[NL80211_ATTR_MAX + 1];
6770 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
6771 struct wpa_signal_info *sig_change = arg;
6772
6773 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
6774 genlmsg_attrlen(gnlh, 0), NULL);
6775
6776 sig_change->center_frq1 = -1;
6777 sig_change->center_frq2 = -1;
6778 sig_change->chanwidth = CHAN_WIDTH_UNKNOWN;
6779
6780 if (tb[NL80211_ATTR_CHANNEL_WIDTH]) {
6781 sig_change->chanwidth = convert2width(
6782 nla_get_u32(tb[NL80211_ATTR_CHANNEL_WIDTH]));
6783 if (tb[NL80211_ATTR_CENTER_FREQ1])
6784 sig_change->center_frq1 =
6785 nla_get_u32(tb[NL80211_ATTR_CENTER_FREQ1]);
6786 if (tb[NL80211_ATTR_CENTER_FREQ2])
6787 sig_change->center_frq2 =
6788 nla_get_u32(tb[NL80211_ATTR_CENTER_FREQ2]);
6789 }
6790
6791 return NL_SKIP;
6792 }
6793
6794
nl80211_get_channel_width(struct wpa_driver_nl80211_data * drv,struct wpa_signal_info * sig)6795 static int nl80211_get_channel_width(struct wpa_driver_nl80211_data *drv,
6796 struct wpa_signal_info *sig)
6797 {
6798 struct nl_msg *msg;
6799
6800 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_GET_INTERFACE);
6801 return send_and_recv_msgs(drv, msg, get_channel_width, sig);
6802 }
6803
6804
nl80211_signal_poll(void * priv,struct wpa_signal_info * si)6805 static int nl80211_signal_poll(void *priv, struct wpa_signal_info *si)
6806 {
6807 struct i802_bss *bss = priv;
6808 struct wpa_driver_nl80211_data *drv = bss->drv;
6809 int res;
6810
6811 os_memset(si, 0, sizeof(*si));
6812 res = nl80211_get_link_signal(drv, si);
6813 if (res) {
6814 if (drv->nlmode != NL80211_IFTYPE_ADHOC &&
6815 drv->nlmode != NL80211_IFTYPE_MESH_POINT)
6816 return res;
6817 si->current_signal = 0;
6818 }
6819
6820 res = nl80211_get_channel_width(drv, si);
6821 if (res != 0)
6822 return res;
6823
6824 return nl80211_get_link_noise(drv, si);
6825 }
6826
6827
nl80211_send_frame(void * priv,const u8 * data,size_t data_len,int encrypt)6828 static int nl80211_send_frame(void *priv, const u8 *data, size_t data_len,
6829 int encrypt)
6830 {
6831 struct i802_bss *bss = priv;
6832 return wpa_driver_nl80211_send_frame(bss, data, data_len, encrypt, 0,
6833 0, 0, 0, 0, NULL, 0);
6834 }
6835
6836
nl80211_set_param(void * priv,const char * param)6837 static int nl80211_set_param(void *priv, const char *param)
6838 {
6839 if (param == NULL)
6840 return 0;
6841 wpa_printf(MSG_DEBUG, "nl80211: driver param='%s'", param);
6842
6843 #ifdef CONFIG_P2P
6844 if (os_strstr(param, "use_p2p_group_interface=1")) {
6845 struct i802_bss *bss = priv;
6846 struct wpa_driver_nl80211_data *drv = bss->drv;
6847
6848 wpa_printf(MSG_DEBUG, "nl80211: Use separate P2P group "
6849 "interface");
6850 drv->capa.flags |= WPA_DRIVER_FLAGS_P2P_CONCURRENT;
6851 drv->capa.flags |= WPA_DRIVER_FLAGS_P2P_MGMT_AND_NON_P2P;
6852 }
6853 #endif /* CONFIG_P2P */
6854
6855 if (os_strstr(param, "use_monitor=1")) {
6856 struct i802_bss *bss = priv;
6857 struct wpa_driver_nl80211_data *drv = bss->drv;
6858 drv->use_monitor = 1;
6859 }
6860
6861 if (os_strstr(param, "force_connect_cmd=1")) {
6862 struct i802_bss *bss = priv;
6863 struct wpa_driver_nl80211_data *drv = bss->drv;
6864 drv->capa.flags &= ~WPA_DRIVER_FLAGS_SME;
6865 drv->force_connect_cmd = 1;
6866 }
6867
6868 if (os_strstr(param, "no_offchannel_tx=1")) {
6869 struct i802_bss *bss = priv;
6870 struct wpa_driver_nl80211_data *drv = bss->drv;
6871 drv->capa.flags &= ~WPA_DRIVER_FLAGS_OFFCHANNEL_TX;
6872 drv->test_use_roc_tx = 1;
6873 }
6874
6875 return 0;
6876 }
6877
6878
nl80211_global_init(void * ctx)6879 static void * nl80211_global_init(void *ctx)
6880 {
6881 struct nl80211_global *global;
6882 struct netlink_config *cfg;
6883
6884 global = os_zalloc(sizeof(*global));
6885 if (global == NULL)
6886 return NULL;
6887 global->ctx = ctx;
6888 global->ioctl_sock = -1;
6889 dl_list_init(&global->interfaces);
6890 global->if_add_ifindex = -1;
6891
6892 cfg = os_zalloc(sizeof(*cfg));
6893 if (cfg == NULL)
6894 goto err;
6895
6896 cfg->ctx = global;
6897 cfg->newlink_cb = wpa_driver_nl80211_event_rtm_newlink;
6898 cfg->dellink_cb = wpa_driver_nl80211_event_rtm_dellink;
6899 global->netlink = netlink_init(cfg);
6900 if (global->netlink == NULL) {
6901 os_free(cfg);
6902 goto err;
6903 }
6904
6905 if (wpa_driver_nl80211_init_nl_global(global) < 0)
6906 goto err;
6907
6908 global->ioctl_sock = socket(PF_INET, SOCK_DGRAM, 0);
6909 if (global->ioctl_sock < 0) {
6910 wpa_printf(MSG_ERROR, "nl80211: socket(PF_INET,SOCK_DGRAM) failed: %s",
6911 strerror(errno));
6912 goto err;
6913 }
6914
6915 return global;
6916
6917 err:
6918 nl80211_global_deinit(global);
6919 return NULL;
6920 }
6921
6922
nl80211_global_deinit(void * priv)6923 static void nl80211_global_deinit(void *priv)
6924 {
6925 struct nl80211_global *global = priv;
6926 if (global == NULL)
6927 return;
6928 if (!dl_list_empty(&global->interfaces)) {
6929 wpa_printf(MSG_ERROR, "nl80211: %u interface(s) remain at "
6930 "nl80211_global_deinit",
6931 dl_list_len(&global->interfaces));
6932 }
6933
6934 if (global->netlink)
6935 netlink_deinit(global->netlink);
6936
6937 nl_destroy_handles(&global->nl);
6938
6939 if (global->nl_event)
6940 nl80211_destroy_eloop_handle(&global->nl_event);
6941
6942 nl_cb_put(global->nl_cb);
6943
6944 if (global->ioctl_sock >= 0)
6945 close(global->ioctl_sock);
6946
6947 os_free(global);
6948 }
6949
6950
nl80211_get_radio_name(void * priv)6951 static const char * nl80211_get_radio_name(void *priv)
6952 {
6953 struct i802_bss *bss = priv;
6954 struct wpa_driver_nl80211_data *drv = bss->drv;
6955 return drv->phyname;
6956 }
6957
6958
nl80211_pmkid(struct i802_bss * bss,int cmd,const u8 * bssid,const u8 * pmkid)6959 static int nl80211_pmkid(struct i802_bss *bss, int cmd, const u8 *bssid,
6960 const u8 *pmkid)
6961 {
6962 struct nl_msg *msg;
6963
6964 if (!(msg = nl80211_bss_msg(bss, 0, cmd)) ||
6965 (pmkid && nla_put(msg, NL80211_ATTR_PMKID, 16, pmkid)) ||
6966 (bssid && nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid))) {
6967 nlmsg_free(msg);
6968 return -ENOBUFS;
6969 }
6970
6971 return send_and_recv_msgs(bss->drv, msg, NULL, NULL);
6972 }
6973
6974
nl80211_add_pmkid(void * priv,const u8 * bssid,const u8 * pmkid)6975 static int nl80211_add_pmkid(void *priv, const u8 *bssid, const u8 *pmkid)
6976 {
6977 struct i802_bss *bss = priv;
6978 wpa_printf(MSG_DEBUG, "nl80211: Add PMKID for " MACSTR, MAC2STR(bssid));
6979 return nl80211_pmkid(bss, NL80211_CMD_SET_PMKSA, bssid, pmkid);
6980 }
6981
6982
nl80211_remove_pmkid(void * priv,const u8 * bssid,const u8 * pmkid)6983 static int nl80211_remove_pmkid(void *priv, const u8 *bssid, const u8 *pmkid)
6984 {
6985 struct i802_bss *bss = priv;
6986 wpa_printf(MSG_DEBUG, "nl80211: Delete PMKID for " MACSTR,
6987 MAC2STR(bssid));
6988 return nl80211_pmkid(bss, NL80211_CMD_DEL_PMKSA, bssid, pmkid);
6989 }
6990
6991
nl80211_flush_pmkid(void * priv)6992 static int nl80211_flush_pmkid(void *priv)
6993 {
6994 struct i802_bss *bss = priv;
6995 wpa_printf(MSG_DEBUG, "nl80211: Flush PMKIDs");
6996 return nl80211_pmkid(bss, NL80211_CMD_FLUSH_PMKSA, NULL, NULL);
6997 }
6998
6999
clean_survey_results(struct survey_results * survey_results)7000 static void clean_survey_results(struct survey_results *survey_results)
7001 {
7002 struct freq_survey *survey, *tmp;
7003
7004 if (dl_list_empty(&survey_results->survey_list))
7005 return;
7006
7007 dl_list_for_each_safe(survey, tmp, &survey_results->survey_list,
7008 struct freq_survey, list) {
7009 dl_list_del(&survey->list);
7010 os_free(survey);
7011 }
7012 }
7013
7014
add_survey(struct nlattr ** sinfo,u32 ifidx,struct dl_list * survey_list)7015 static void add_survey(struct nlattr **sinfo, u32 ifidx,
7016 struct dl_list *survey_list)
7017 {
7018 struct freq_survey *survey;
7019
7020 survey = os_zalloc(sizeof(struct freq_survey));
7021 if (!survey)
7022 return;
7023
7024 survey->ifidx = ifidx;
7025 survey->freq = nla_get_u32(sinfo[NL80211_SURVEY_INFO_FREQUENCY]);
7026 survey->filled = 0;
7027
7028 if (sinfo[NL80211_SURVEY_INFO_NOISE]) {
7029 survey->nf = (int8_t)
7030 nla_get_u8(sinfo[NL80211_SURVEY_INFO_NOISE]);
7031 survey->filled |= SURVEY_HAS_NF;
7032 }
7033
7034 if (sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME]) {
7035 survey->channel_time =
7036 nla_get_u64(sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME]);
7037 survey->filled |= SURVEY_HAS_CHAN_TIME;
7038 }
7039
7040 if (sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_BUSY]) {
7041 survey->channel_time_busy =
7042 nla_get_u64(sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_BUSY]);
7043 survey->filled |= SURVEY_HAS_CHAN_TIME_BUSY;
7044 }
7045
7046 if (sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_RX]) {
7047 survey->channel_time_rx =
7048 nla_get_u64(sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_RX]);
7049 survey->filled |= SURVEY_HAS_CHAN_TIME_RX;
7050 }
7051
7052 if (sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_TX]) {
7053 survey->channel_time_tx =
7054 nla_get_u64(sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_TX]);
7055 survey->filled |= SURVEY_HAS_CHAN_TIME_TX;
7056 }
7057
7058 wpa_printf(MSG_DEBUG, "nl80211: Freq survey dump event (freq=%d MHz noise=%d channel_time=%ld busy_time=%ld tx_time=%ld rx_time=%ld filled=%04x)",
7059 survey->freq,
7060 survey->nf,
7061 (unsigned long int) survey->channel_time,
7062 (unsigned long int) survey->channel_time_busy,
7063 (unsigned long int) survey->channel_time_tx,
7064 (unsigned long int) survey->channel_time_rx,
7065 survey->filled);
7066
7067 dl_list_add_tail(survey_list, &survey->list);
7068 }
7069
7070
check_survey_ok(struct nlattr ** sinfo,u32 surveyed_freq,unsigned int freq_filter)7071 static int check_survey_ok(struct nlattr **sinfo, u32 surveyed_freq,
7072 unsigned int freq_filter)
7073 {
7074 if (!freq_filter)
7075 return 1;
7076
7077 return freq_filter == surveyed_freq;
7078 }
7079
7080
survey_handler(struct nl_msg * msg,void * arg)7081 static int survey_handler(struct nl_msg *msg, void *arg)
7082 {
7083 struct nlattr *tb[NL80211_ATTR_MAX + 1];
7084 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
7085 struct nlattr *sinfo[NL80211_SURVEY_INFO_MAX + 1];
7086 struct survey_results *survey_results;
7087 u32 surveyed_freq = 0;
7088 u32 ifidx;
7089
7090 static struct nla_policy survey_policy[NL80211_SURVEY_INFO_MAX + 1] = {
7091 [NL80211_SURVEY_INFO_FREQUENCY] = { .type = NLA_U32 },
7092 [NL80211_SURVEY_INFO_NOISE] = { .type = NLA_U8 },
7093 };
7094
7095 survey_results = (struct survey_results *) arg;
7096
7097 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
7098 genlmsg_attrlen(gnlh, 0), NULL);
7099
7100 if (!tb[NL80211_ATTR_IFINDEX])
7101 return NL_SKIP;
7102
7103 ifidx = nla_get_u32(tb[NL80211_ATTR_IFINDEX]);
7104
7105 if (!tb[NL80211_ATTR_SURVEY_INFO])
7106 return NL_SKIP;
7107
7108 if (nla_parse_nested(sinfo, NL80211_SURVEY_INFO_MAX,
7109 tb[NL80211_ATTR_SURVEY_INFO],
7110 survey_policy))
7111 return NL_SKIP;
7112
7113 if (!sinfo[NL80211_SURVEY_INFO_FREQUENCY]) {
7114 wpa_printf(MSG_ERROR, "nl80211: Invalid survey data");
7115 return NL_SKIP;
7116 }
7117
7118 surveyed_freq = nla_get_u32(sinfo[NL80211_SURVEY_INFO_FREQUENCY]);
7119
7120 if (!check_survey_ok(sinfo, surveyed_freq,
7121 survey_results->freq_filter))
7122 return NL_SKIP;
7123
7124 if (survey_results->freq_filter &&
7125 survey_results->freq_filter != surveyed_freq) {
7126 wpa_printf(MSG_EXCESSIVE, "nl80211: Ignoring survey data for freq %d MHz",
7127 surveyed_freq);
7128 return NL_SKIP;
7129 }
7130
7131 add_survey(sinfo, ifidx, &survey_results->survey_list);
7132
7133 return NL_SKIP;
7134 }
7135
7136
wpa_driver_nl80211_get_survey(void * priv,unsigned int freq)7137 static int wpa_driver_nl80211_get_survey(void *priv, unsigned int freq)
7138 {
7139 struct i802_bss *bss = priv;
7140 struct wpa_driver_nl80211_data *drv = bss->drv;
7141 struct nl_msg *msg;
7142 int err;
7143 union wpa_event_data data;
7144 struct survey_results *survey_results;
7145
7146 os_memset(&data, 0, sizeof(data));
7147 survey_results = &data.survey_results;
7148
7149 dl_list_init(&survey_results->survey_list);
7150
7151 msg = nl80211_drv_msg(drv, NLM_F_DUMP, NL80211_CMD_GET_SURVEY);
7152 if (!msg)
7153 return -ENOBUFS;
7154
7155 if (freq)
7156 data.survey_results.freq_filter = freq;
7157
7158 do {
7159 wpa_printf(MSG_DEBUG, "nl80211: Fetch survey data");
7160 err = send_and_recv_msgs(drv, msg, survey_handler,
7161 survey_results);
7162 } while (err > 0);
7163
7164 if (err)
7165 wpa_printf(MSG_ERROR, "nl80211: Failed to process survey data");
7166 else
7167 wpa_supplicant_event(drv->ctx, EVENT_SURVEY, &data);
7168
7169 clean_survey_results(survey_results);
7170 return err;
7171 }
7172
7173
nl80211_set_rekey_info(void * priv,const u8 * kek,size_t kek_len,const u8 * kck,size_t kck_len,const u8 * replay_ctr)7174 static void nl80211_set_rekey_info(void *priv, const u8 *kek, size_t kek_len,
7175 const u8 *kck, size_t kck_len,
7176 const u8 *replay_ctr)
7177 {
7178 struct i802_bss *bss = priv;
7179 struct wpa_driver_nl80211_data *drv = bss->drv;
7180 struct nlattr *replay_nested;
7181 struct nl_msg *msg;
7182 int ret;
7183
7184 if (!drv->set_rekey_offload)
7185 return;
7186
7187 wpa_printf(MSG_DEBUG, "nl80211: Set rekey offload");
7188 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_REKEY_OFFLOAD)) ||
7189 !(replay_nested = nla_nest_start(msg, NL80211_ATTR_REKEY_DATA)) ||
7190 nla_put(msg, NL80211_REKEY_DATA_KEK, kek_len, kek) ||
7191 nla_put(msg, NL80211_REKEY_DATA_KCK, kck_len, kck) ||
7192 nla_put(msg, NL80211_REKEY_DATA_REPLAY_CTR, NL80211_REPLAY_CTR_LEN,
7193 replay_ctr)) {
7194 nl80211_nlmsg_clear(msg);
7195 nlmsg_free(msg);
7196 return;
7197 }
7198
7199 nla_nest_end(msg, replay_nested);
7200
7201 ret = send_and_recv_msgs(drv, msg, NULL, (void *) -1);
7202 if (ret == -EOPNOTSUPP) {
7203 wpa_printf(MSG_DEBUG,
7204 "nl80211: Driver does not support rekey offload");
7205 drv->set_rekey_offload = 0;
7206 }
7207 }
7208
7209
nl80211_send_null_frame(struct i802_bss * bss,const u8 * own_addr,const u8 * addr,int qos)7210 static void nl80211_send_null_frame(struct i802_bss *bss, const u8 *own_addr,
7211 const u8 *addr, int qos)
7212 {
7213 /* send data frame to poll STA and check whether
7214 * this frame is ACKed */
7215 struct {
7216 struct ieee80211_hdr hdr;
7217 u16 qos_ctl;
7218 } STRUCT_PACKED nulldata;
7219 size_t size;
7220
7221 /* Send data frame to poll STA and check whether this frame is ACKed */
7222
7223 os_memset(&nulldata, 0, sizeof(nulldata));
7224
7225 if (qos) {
7226 nulldata.hdr.frame_control =
7227 IEEE80211_FC(WLAN_FC_TYPE_DATA,
7228 WLAN_FC_STYPE_QOS_NULL);
7229 size = sizeof(nulldata);
7230 } else {
7231 nulldata.hdr.frame_control =
7232 IEEE80211_FC(WLAN_FC_TYPE_DATA,
7233 WLAN_FC_STYPE_NULLFUNC);
7234 size = sizeof(struct ieee80211_hdr);
7235 }
7236
7237 nulldata.hdr.frame_control |= host_to_le16(WLAN_FC_FROMDS);
7238 os_memcpy(nulldata.hdr.IEEE80211_DA_FROMDS, addr, ETH_ALEN);
7239 os_memcpy(nulldata.hdr.IEEE80211_BSSID_FROMDS, own_addr, ETH_ALEN);
7240 os_memcpy(nulldata.hdr.IEEE80211_SA_FROMDS, own_addr, ETH_ALEN);
7241
7242 if (wpa_driver_nl80211_send_mlme(bss, (u8 *) &nulldata, size, 0, 0, 0,
7243 0, 0, NULL, 0) < 0)
7244 wpa_printf(MSG_DEBUG, "nl80211_send_null_frame: Failed to "
7245 "send poll frame");
7246 }
7247
nl80211_poll_client(void * priv,const u8 * own_addr,const u8 * addr,int qos)7248 static void nl80211_poll_client(void *priv, const u8 *own_addr, const u8 *addr,
7249 int qos)
7250 {
7251 struct i802_bss *bss = priv;
7252 struct wpa_driver_nl80211_data *drv = bss->drv;
7253 struct nl_msg *msg;
7254 int ret;
7255
7256 if (!drv->poll_command_supported) {
7257 nl80211_send_null_frame(bss, own_addr, addr, qos);
7258 return;
7259 }
7260
7261 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_PROBE_CLIENT)) ||
7262 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) {
7263 nlmsg_free(msg);
7264 return;
7265 }
7266
7267 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
7268 if (ret < 0) {
7269 wpa_printf(MSG_DEBUG, "nl80211: Client probe request for "
7270 MACSTR " failed: ret=%d (%s)",
7271 MAC2STR(addr), ret, strerror(-ret));
7272 }
7273 }
7274
7275
nl80211_set_power_save(struct i802_bss * bss,int enabled)7276 static int nl80211_set_power_save(struct i802_bss *bss, int enabled)
7277 {
7278 struct nl_msg *msg;
7279
7280 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_POWER_SAVE)) ||
7281 nla_put_u32(msg, NL80211_ATTR_PS_STATE,
7282 enabled ? NL80211_PS_ENABLED : NL80211_PS_DISABLED)) {
7283 nlmsg_free(msg);
7284 return -ENOBUFS;
7285 }
7286 return send_and_recv_msgs(bss->drv, msg, NULL, NULL);
7287 }
7288
7289
nl80211_set_p2p_powersave(void * priv,int legacy_ps,int opp_ps,int ctwindow)7290 static int nl80211_set_p2p_powersave(void *priv, int legacy_ps, int opp_ps,
7291 int ctwindow)
7292 {
7293 struct i802_bss *bss = priv;
7294
7295 wpa_printf(MSG_DEBUG, "nl80211: set_p2p_powersave (legacy_ps=%d "
7296 "opp_ps=%d ctwindow=%d)", legacy_ps, opp_ps, ctwindow);
7297
7298 if (opp_ps != -1 || ctwindow != -1) {
7299 #ifdef ANDROID_P2P
7300 wpa_driver_set_p2p_ps(priv, legacy_ps, opp_ps, ctwindow);
7301 #else /* ANDROID_P2P */
7302 return -1; /* Not yet supported */
7303 #endif /* ANDROID_P2P */
7304 }
7305
7306 if (legacy_ps == -1)
7307 return 0;
7308 if (legacy_ps != 0 && legacy_ps != 1)
7309 return -1; /* Not yet supported */
7310
7311 return nl80211_set_power_save(bss, legacy_ps);
7312 }
7313
7314
nl80211_start_radar_detection(void * priv,struct hostapd_freq_params * freq)7315 static int nl80211_start_radar_detection(void *priv,
7316 struct hostapd_freq_params *freq)
7317 {
7318 struct i802_bss *bss = priv;
7319 struct wpa_driver_nl80211_data *drv = bss->drv;
7320 struct nl_msg *msg;
7321 int ret;
7322
7323 wpa_printf(MSG_DEBUG, "nl80211: Start radar detection (CAC) %d MHz (ht_enabled=%d, vht_enabled=%d, bandwidth=%d MHz, cf1=%d MHz, cf2=%d MHz)",
7324 freq->freq, freq->ht_enabled, freq->vht_enabled,
7325 freq->bandwidth, freq->center_freq1, freq->center_freq2);
7326
7327 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_RADAR)) {
7328 wpa_printf(MSG_DEBUG, "nl80211: Driver does not support radar "
7329 "detection");
7330 return -1;
7331 }
7332
7333 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_RADAR_DETECT)) ||
7334 nl80211_put_freq_params(msg, freq) < 0) {
7335 nlmsg_free(msg);
7336 return -1;
7337 }
7338
7339 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
7340 if (ret == 0)
7341 return 0;
7342 wpa_printf(MSG_DEBUG, "nl80211: Failed to start radar detection: "
7343 "%d (%s)", ret, strerror(-ret));
7344 return -1;
7345 }
7346
7347 #ifdef CONFIG_TDLS
7348
nl80211_send_tdls_mgmt(void * priv,const u8 * dst,u8 action_code,u8 dialog_token,u16 status_code,u32 peer_capab,int initiator,const u8 * buf,size_t len)7349 static int nl80211_send_tdls_mgmt(void *priv, const u8 *dst, u8 action_code,
7350 u8 dialog_token, u16 status_code,
7351 u32 peer_capab, int initiator, const u8 *buf,
7352 size_t len)
7353 {
7354 struct i802_bss *bss = priv;
7355 struct wpa_driver_nl80211_data *drv = bss->drv;
7356 struct nl_msg *msg;
7357
7358 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT))
7359 return -EOPNOTSUPP;
7360
7361 if (!dst)
7362 return -EINVAL;
7363
7364 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_TDLS_MGMT)) ||
7365 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, dst) ||
7366 nla_put_u8(msg, NL80211_ATTR_TDLS_ACTION, action_code) ||
7367 nla_put_u8(msg, NL80211_ATTR_TDLS_DIALOG_TOKEN, dialog_token) ||
7368 nla_put_u16(msg, NL80211_ATTR_STATUS_CODE, status_code))
7369 goto fail;
7370 if (peer_capab) {
7371 /*
7372 * The internal enum tdls_peer_capability definition is
7373 * currently identical with the nl80211 enum
7374 * nl80211_tdls_peer_capability, so no conversion is needed
7375 * here.
7376 */
7377 if (nla_put_u32(msg, NL80211_ATTR_TDLS_PEER_CAPABILITY,
7378 peer_capab))
7379 goto fail;
7380 }
7381 if ((initiator &&
7382 nla_put_flag(msg, NL80211_ATTR_TDLS_INITIATOR)) ||
7383 nla_put(msg, NL80211_ATTR_IE, len, buf))
7384 goto fail;
7385
7386 return send_and_recv_msgs(drv, msg, NULL, NULL);
7387
7388 fail:
7389 nlmsg_free(msg);
7390 return -ENOBUFS;
7391 }
7392
7393
nl80211_tdls_oper(void * priv,enum tdls_oper oper,const u8 * peer)7394 static int nl80211_tdls_oper(void *priv, enum tdls_oper oper, const u8 *peer)
7395 {
7396 struct i802_bss *bss = priv;
7397 struct wpa_driver_nl80211_data *drv = bss->drv;
7398 struct nl_msg *msg;
7399 enum nl80211_tdls_operation nl80211_oper;
7400
7401 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT))
7402 return -EOPNOTSUPP;
7403
7404 switch (oper) {
7405 case TDLS_DISCOVERY_REQ:
7406 nl80211_oper = NL80211_TDLS_DISCOVERY_REQ;
7407 break;
7408 case TDLS_SETUP:
7409 nl80211_oper = NL80211_TDLS_SETUP;
7410 break;
7411 case TDLS_TEARDOWN:
7412 nl80211_oper = NL80211_TDLS_TEARDOWN;
7413 break;
7414 case TDLS_ENABLE_LINK:
7415 nl80211_oper = NL80211_TDLS_ENABLE_LINK;
7416 break;
7417 case TDLS_DISABLE_LINK:
7418 nl80211_oper = NL80211_TDLS_DISABLE_LINK;
7419 break;
7420 case TDLS_ENABLE:
7421 return 0;
7422 case TDLS_DISABLE:
7423 return 0;
7424 default:
7425 return -EINVAL;
7426 }
7427
7428 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_TDLS_OPER)) ||
7429 nla_put_u8(msg, NL80211_ATTR_TDLS_OPERATION, nl80211_oper) ||
7430 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, peer)) {
7431 nlmsg_free(msg);
7432 return -ENOBUFS;
7433 }
7434
7435 return send_and_recv_msgs(drv, msg, NULL, NULL);
7436 }
7437
7438
7439 static int
nl80211_tdls_enable_channel_switch(void * priv,const u8 * addr,u8 oper_class,const struct hostapd_freq_params * params)7440 nl80211_tdls_enable_channel_switch(void *priv, const u8 *addr, u8 oper_class,
7441 const struct hostapd_freq_params *params)
7442 {
7443 struct i802_bss *bss = priv;
7444 struct wpa_driver_nl80211_data *drv = bss->drv;
7445 struct nl_msg *msg;
7446 int ret = -ENOBUFS;
7447
7448 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT) ||
7449 !(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_CHANNEL_SWITCH))
7450 return -EOPNOTSUPP;
7451
7452 wpa_printf(MSG_DEBUG, "nl80211: Enable TDLS channel switch " MACSTR
7453 " oper_class=%u freq=%u",
7454 MAC2STR(addr), oper_class, params->freq);
7455 msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_TDLS_CHANNEL_SWITCH);
7456 if (!msg ||
7457 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr) ||
7458 nla_put_u8(msg, NL80211_ATTR_OPER_CLASS, oper_class) ||
7459 (ret = nl80211_put_freq_params(msg, params))) {
7460 nlmsg_free(msg);
7461 wpa_printf(MSG_DEBUG, "nl80211: Could not build TDLS chan switch");
7462 return ret;
7463 }
7464
7465 return send_and_recv_msgs(drv, msg, NULL, NULL);
7466 }
7467
7468
7469 static int
nl80211_tdls_disable_channel_switch(void * priv,const u8 * addr)7470 nl80211_tdls_disable_channel_switch(void *priv, const u8 *addr)
7471 {
7472 struct i802_bss *bss = priv;
7473 struct wpa_driver_nl80211_data *drv = bss->drv;
7474 struct nl_msg *msg;
7475
7476 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT) ||
7477 !(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_CHANNEL_SWITCH))
7478 return -EOPNOTSUPP;
7479
7480 wpa_printf(MSG_DEBUG, "nl80211: Disable TDLS channel switch " MACSTR,
7481 MAC2STR(addr));
7482 msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_TDLS_CANCEL_CHANNEL_SWITCH);
7483 if (!msg ||
7484 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) {
7485 nlmsg_free(msg);
7486 wpa_printf(MSG_DEBUG,
7487 "nl80211: Could not build TDLS cancel chan switch");
7488 return -ENOBUFS;
7489 }
7490
7491 return send_and_recv_msgs(drv, msg, NULL, NULL);
7492 }
7493
7494 #endif /* CONFIG TDLS */
7495
7496
driver_nl80211_set_key(const char * ifname,void * priv,enum wpa_alg alg,const u8 * addr,int key_idx,int set_tx,const u8 * seq,size_t seq_len,const u8 * key,size_t key_len)7497 static int driver_nl80211_set_key(const char *ifname, void *priv,
7498 enum wpa_alg alg, const u8 *addr,
7499 int key_idx, int set_tx,
7500 const u8 *seq, size_t seq_len,
7501 const u8 *key, size_t key_len)
7502 {
7503 struct i802_bss *bss = priv;
7504 return wpa_driver_nl80211_set_key(ifname, bss, alg, addr, key_idx,
7505 set_tx, seq, seq_len, key, key_len);
7506 }
7507
7508
driver_nl80211_scan2(void * priv,struct wpa_driver_scan_params * params)7509 static int driver_nl80211_scan2(void *priv,
7510 struct wpa_driver_scan_params *params)
7511 {
7512 struct i802_bss *bss = priv;
7513 #ifdef CONFIG_DRIVER_NL80211_QCA
7514 struct wpa_driver_nl80211_data *drv = bss->drv;
7515
7516 /*
7517 * Do a vendor specific scan if possible. If only_new_results is
7518 * set, do a normal scan since a kernel (cfg80211) BSS cache flush
7519 * cannot be achieved through a vendor scan. The below condition may
7520 * need to be modified if new scan flags are added in the future whose
7521 * functionality can only be achieved through a normal scan.
7522 */
7523 if (drv->scan_vendor_cmd_avail && !params->only_new_results)
7524 return wpa_driver_nl80211_vendor_scan(bss, params);
7525 #endif /* CONFIG_DRIVER_NL80211_QCA */
7526 return wpa_driver_nl80211_scan(bss, params);
7527 }
7528
7529
driver_nl80211_deauthenticate(void * priv,const u8 * addr,int reason_code)7530 static int driver_nl80211_deauthenticate(void *priv, const u8 *addr,
7531 int reason_code)
7532 {
7533 struct i802_bss *bss = priv;
7534 return wpa_driver_nl80211_deauthenticate(bss, addr, reason_code);
7535 }
7536
7537
driver_nl80211_authenticate(void * priv,struct wpa_driver_auth_params * params)7538 static int driver_nl80211_authenticate(void *priv,
7539 struct wpa_driver_auth_params *params)
7540 {
7541 struct i802_bss *bss = priv;
7542 return wpa_driver_nl80211_authenticate(bss, params);
7543 }
7544
7545
driver_nl80211_deinit(void * priv)7546 static void driver_nl80211_deinit(void *priv)
7547 {
7548 struct i802_bss *bss = priv;
7549 wpa_driver_nl80211_deinit(bss);
7550 }
7551
7552
driver_nl80211_if_remove(void * priv,enum wpa_driver_if_type type,const char * ifname)7553 static int driver_nl80211_if_remove(void *priv, enum wpa_driver_if_type type,
7554 const char *ifname)
7555 {
7556 struct i802_bss *bss = priv;
7557 return wpa_driver_nl80211_if_remove(bss, type, ifname);
7558 }
7559
7560
driver_nl80211_send_mlme(void * priv,const u8 * data,size_t data_len,int noack,unsigned int freq,const u16 * csa_offs,size_t csa_offs_len)7561 static int driver_nl80211_send_mlme(void *priv, const u8 *data,
7562 size_t data_len, int noack,
7563 unsigned int freq,
7564 const u16 *csa_offs, size_t csa_offs_len)
7565 {
7566 struct i802_bss *bss = priv;
7567 return wpa_driver_nl80211_send_mlme(bss, data, data_len, noack,
7568 freq, 0, 0, 0, csa_offs,
7569 csa_offs_len);
7570 }
7571
7572
driver_nl80211_sta_remove(void * priv,const u8 * addr)7573 static int driver_nl80211_sta_remove(void *priv, const u8 *addr)
7574 {
7575 struct i802_bss *bss = priv;
7576 return wpa_driver_nl80211_sta_remove(bss, addr, -1, 0);
7577 }
7578
7579
driver_nl80211_set_sta_vlan(void * priv,const u8 * addr,const char * ifname,int vlan_id)7580 static int driver_nl80211_set_sta_vlan(void *priv, const u8 *addr,
7581 const char *ifname, int vlan_id)
7582 {
7583 struct i802_bss *bss = priv;
7584 return i802_set_sta_vlan(bss, addr, ifname, vlan_id);
7585 }
7586
7587
driver_nl80211_read_sta_data(void * priv,struct hostap_sta_driver_data * data,const u8 * addr)7588 static int driver_nl80211_read_sta_data(void *priv,
7589 struct hostap_sta_driver_data *data,
7590 const u8 *addr)
7591 {
7592 struct i802_bss *bss = priv;
7593 return i802_read_sta_data(bss, data, addr);
7594 }
7595
7596
driver_nl80211_send_action(void * priv,unsigned int freq,unsigned int wait_time,const u8 * dst,const u8 * src,const u8 * bssid,const u8 * data,size_t data_len,int no_cck)7597 static int driver_nl80211_send_action(void *priv, unsigned int freq,
7598 unsigned int wait_time,
7599 const u8 *dst, const u8 *src,
7600 const u8 *bssid,
7601 const u8 *data, size_t data_len,
7602 int no_cck)
7603 {
7604 struct i802_bss *bss = priv;
7605 return wpa_driver_nl80211_send_action(bss, freq, wait_time, dst, src,
7606 bssid, data, data_len, no_cck);
7607 }
7608
7609
driver_nl80211_probe_req_report(void * priv,int report)7610 static int driver_nl80211_probe_req_report(void *priv, int report)
7611 {
7612 struct i802_bss *bss = priv;
7613 return wpa_driver_nl80211_probe_req_report(bss, report);
7614 }
7615
7616
wpa_driver_nl80211_update_ft_ies(void * priv,const u8 * md,const u8 * ies,size_t ies_len)7617 static int wpa_driver_nl80211_update_ft_ies(void *priv, const u8 *md,
7618 const u8 *ies, size_t ies_len)
7619 {
7620 int ret;
7621 struct nl_msg *msg;
7622 struct i802_bss *bss = priv;
7623 struct wpa_driver_nl80211_data *drv = bss->drv;
7624 u16 mdid = WPA_GET_LE16(md);
7625
7626 wpa_printf(MSG_DEBUG, "nl80211: Updating FT IEs");
7627 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_UPDATE_FT_IES)) ||
7628 nla_put(msg, NL80211_ATTR_IE, ies_len, ies) ||
7629 nla_put_u16(msg, NL80211_ATTR_MDID, mdid)) {
7630 nlmsg_free(msg);
7631 return -ENOBUFS;
7632 }
7633
7634 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
7635 if (ret) {
7636 wpa_printf(MSG_DEBUG, "nl80211: update_ft_ies failed "
7637 "err=%d (%s)", ret, strerror(-ret));
7638 }
7639
7640 return ret;
7641 }
7642
7643
wpa_driver_nl80211_get_macaddr(void * priv)7644 const u8 * wpa_driver_nl80211_get_macaddr(void *priv)
7645 {
7646 struct i802_bss *bss = priv;
7647 struct wpa_driver_nl80211_data *drv = bss->drv;
7648
7649 if (drv->nlmode != NL80211_IFTYPE_P2P_DEVICE)
7650 return NULL;
7651
7652 return bss->addr;
7653 }
7654
7655
scan_state_str(enum scan_states scan_state)7656 static const char * scan_state_str(enum scan_states scan_state)
7657 {
7658 switch (scan_state) {
7659 case NO_SCAN:
7660 return "NO_SCAN";
7661 case SCAN_REQUESTED:
7662 return "SCAN_REQUESTED";
7663 case SCAN_STARTED:
7664 return "SCAN_STARTED";
7665 case SCAN_COMPLETED:
7666 return "SCAN_COMPLETED";
7667 case SCAN_ABORTED:
7668 return "SCAN_ABORTED";
7669 case SCHED_SCAN_STARTED:
7670 return "SCHED_SCAN_STARTED";
7671 case SCHED_SCAN_STOPPED:
7672 return "SCHED_SCAN_STOPPED";
7673 case SCHED_SCAN_RESULTS:
7674 return "SCHED_SCAN_RESULTS";
7675 }
7676
7677 return "??";
7678 }
7679
7680
wpa_driver_nl80211_status(void * priv,char * buf,size_t buflen)7681 static int wpa_driver_nl80211_status(void *priv, char *buf, size_t buflen)
7682 {
7683 struct i802_bss *bss = priv;
7684 struct wpa_driver_nl80211_data *drv = bss->drv;
7685 int res;
7686 char *pos, *end;
7687
7688 pos = buf;
7689 end = buf + buflen;
7690
7691 res = os_snprintf(pos, end - pos,
7692 "ifindex=%d\n"
7693 "ifname=%s\n"
7694 "brname=%s\n"
7695 "addr=" MACSTR "\n"
7696 "freq=%d\n"
7697 "%s%s%s%s%s",
7698 bss->ifindex,
7699 bss->ifname,
7700 bss->brname,
7701 MAC2STR(bss->addr),
7702 bss->freq,
7703 bss->beacon_set ? "beacon_set=1\n" : "",
7704 bss->added_if_into_bridge ?
7705 "added_if_into_bridge=1\n" : "",
7706 bss->added_bridge ? "added_bridge=1\n" : "",
7707 bss->in_deinit ? "in_deinit=1\n" : "",
7708 bss->if_dynamic ? "if_dynamic=1\n" : "");
7709 if (os_snprintf_error(end - pos, res))
7710 return pos - buf;
7711 pos += res;
7712
7713 if (bss->wdev_id_set) {
7714 res = os_snprintf(pos, end - pos, "wdev_id=%llu\n",
7715 (unsigned long long) bss->wdev_id);
7716 if (os_snprintf_error(end - pos, res))
7717 return pos - buf;
7718 pos += res;
7719 }
7720
7721 res = os_snprintf(pos, end - pos,
7722 "phyname=%s\n"
7723 "perm_addr=" MACSTR "\n"
7724 "drv_ifindex=%d\n"
7725 "operstate=%d\n"
7726 "scan_state=%s\n"
7727 "auth_bssid=" MACSTR "\n"
7728 "auth_attempt_bssid=" MACSTR "\n"
7729 "bssid=" MACSTR "\n"
7730 "prev_bssid=" MACSTR "\n"
7731 "associated=%d\n"
7732 "assoc_freq=%u\n"
7733 "monitor_sock=%d\n"
7734 "monitor_ifidx=%d\n"
7735 "monitor_refcount=%d\n"
7736 "last_mgmt_freq=%u\n"
7737 "eapol_tx_sock=%d\n"
7738 "%s%s%s%s%s%s%s%s%s%s%s%s%s",
7739 drv->phyname,
7740 MAC2STR(drv->perm_addr),
7741 drv->ifindex,
7742 drv->operstate,
7743 scan_state_str(drv->scan_state),
7744 MAC2STR(drv->auth_bssid),
7745 MAC2STR(drv->auth_attempt_bssid),
7746 MAC2STR(drv->bssid),
7747 MAC2STR(drv->prev_bssid),
7748 drv->associated,
7749 drv->assoc_freq,
7750 drv->monitor_sock,
7751 drv->monitor_ifidx,
7752 drv->monitor_refcount,
7753 drv->last_mgmt_freq,
7754 drv->eapol_tx_sock,
7755 drv->ignore_if_down_event ?
7756 "ignore_if_down_event=1\n" : "",
7757 drv->scan_complete_events ?
7758 "scan_complete_events=1\n" : "",
7759 drv->disabled_11b_rates ?
7760 "disabled_11b_rates=1\n" : "",
7761 drv->pending_remain_on_chan ?
7762 "pending_remain_on_chan=1\n" : "",
7763 drv->in_interface_list ? "in_interface_list=1\n" : "",
7764 drv->device_ap_sme ? "device_ap_sme=1\n" : "",
7765 drv->poll_command_supported ?
7766 "poll_command_supported=1\n" : "",
7767 drv->data_tx_status ? "data_tx_status=1\n" : "",
7768 drv->scan_for_auth ? "scan_for_auth=1\n" : "",
7769 drv->retry_auth ? "retry_auth=1\n" : "",
7770 drv->use_monitor ? "use_monitor=1\n" : "",
7771 drv->ignore_next_local_disconnect ?
7772 "ignore_next_local_disconnect=1\n" : "",
7773 drv->ignore_next_local_deauth ?
7774 "ignore_next_local_deauth=1\n" : "");
7775 if (os_snprintf_error(end - pos, res))
7776 return pos - buf;
7777 pos += res;
7778
7779 if (drv->has_capability) {
7780 res = os_snprintf(pos, end - pos,
7781 "capa.key_mgmt=0x%x\n"
7782 "capa.enc=0x%x\n"
7783 "capa.auth=0x%x\n"
7784 "capa.flags=0x%llx\n"
7785 "capa.rrm_flags=0x%x\n"
7786 "capa.max_scan_ssids=%d\n"
7787 "capa.max_sched_scan_ssids=%d\n"
7788 "capa.sched_scan_supported=%d\n"
7789 "capa.max_match_sets=%d\n"
7790 "capa.max_remain_on_chan=%u\n"
7791 "capa.max_stations=%u\n"
7792 "capa.probe_resp_offloads=0x%x\n"
7793 "capa.max_acl_mac_addrs=%u\n"
7794 "capa.num_multichan_concurrent=%u\n"
7795 "capa.mac_addr_rand_sched_scan_supported=%d\n"
7796 "capa.mac_addr_rand_scan_supported=%d\n"
7797 "capa.conc_capab=%u\n"
7798 "capa.max_conc_chan_2_4=%u\n"
7799 "capa.max_conc_chan_5_0=%u\n"
7800 "capa.max_sched_scan_plans=%u\n"
7801 "capa.max_sched_scan_plan_interval=%u\n"
7802 "capa.max_sched_scan_plan_iterations=%u\n",
7803 drv->capa.key_mgmt,
7804 drv->capa.enc,
7805 drv->capa.auth,
7806 (unsigned long long) drv->capa.flags,
7807 drv->capa.rrm_flags,
7808 drv->capa.max_scan_ssids,
7809 drv->capa.max_sched_scan_ssids,
7810 drv->capa.sched_scan_supported,
7811 drv->capa.max_match_sets,
7812 drv->capa.max_remain_on_chan,
7813 drv->capa.max_stations,
7814 drv->capa.probe_resp_offloads,
7815 drv->capa.max_acl_mac_addrs,
7816 drv->capa.num_multichan_concurrent,
7817 drv->capa.mac_addr_rand_sched_scan_supported,
7818 drv->capa.mac_addr_rand_scan_supported,
7819 drv->capa.conc_capab,
7820 drv->capa.max_conc_chan_2_4,
7821 drv->capa.max_conc_chan_5_0,
7822 drv->capa.max_sched_scan_plans,
7823 drv->capa.max_sched_scan_plan_interval,
7824 drv->capa.max_sched_scan_plan_iterations);
7825 if (os_snprintf_error(end - pos, res))
7826 return pos - buf;
7827 pos += res;
7828 }
7829
7830 return pos - buf;
7831 }
7832
7833
set_beacon_data(struct nl_msg * msg,struct beacon_data * settings)7834 static int set_beacon_data(struct nl_msg *msg, struct beacon_data *settings)
7835 {
7836 if ((settings->head &&
7837 nla_put(msg, NL80211_ATTR_BEACON_HEAD,
7838 settings->head_len, settings->head)) ||
7839 (settings->tail &&
7840 nla_put(msg, NL80211_ATTR_BEACON_TAIL,
7841 settings->tail_len, settings->tail)) ||
7842 (settings->beacon_ies &&
7843 nla_put(msg, NL80211_ATTR_IE,
7844 settings->beacon_ies_len, settings->beacon_ies)) ||
7845 (settings->proberesp_ies &&
7846 nla_put(msg, NL80211_ATTR_IE_PROBE_RESP,
7847 settings->proberesp_ies_len, settings->proberesp_ies)) ||
7848 (settings->assocresp_ies &&
7849 nla_put(msg, NL80211_ATTR_IE_ASSOC_RESP,
7850 settings->assocresp_ies_len, settings->assocresp_ies)) ||
7851 (settings->probe_resp &&
7852 nla_put(msg, NL80211_ATTR_PROBE_RESP,
7853 settings->probe_resp_len, settings->probe_resp)))
7854 return -ENOBUFS;
7855
7856 return 0;
7857 }
7858
7859
nl80211_switch_channel(void * priv,struct csa_settings * settings)7860 static int nl80211_switch_channel(void *priv, struct csa_settings *settings)
7861 {
7862 struct nl_msg *msg;
7863 struct i802_bss *bss = priv;
7864 struct wpa_driver_nl80211_data *drv = bss->drv;
7865 struct nlattr *beacon_csa;
7866 int ret = -ENOBUFS;
7867 int csa_off_len = 0;
7868 int i;
7869
7870 wpa_printf(MSG_DEBUG, "nl80211: Channel switch request (cs_count=%u block_tx=%u freq=%d width=%d cf1=%d cf2=%d)",
7871 settings->cs_count, settings->block_tx,
7872 settings->freq_params.freq, settings->freq_params.bandwidth,
7873 settings->freq_params.center_freq1,
7874 settings->freq_params.center_freq2);
7875
7876 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_AP_CSA)) {
7877 wpa_printf(MSG_DEBUG, "nl80211: Driver does not support channel switch command");
7878 return -EOPNOTSUPP;
7879 }
7880
7881 if ((drv->nlmode != NL80211_IFTYPE_AP) &&
7882 (drv->nlmode != NL80211_IFTYPE_P2P_GO))
7883 return -EOPNOTSUPP;
7884
7885 /*
7886 * Remove empty counters, assuming Probe Response and Beacon frame
7887 * counters match. This implementation assumes that there are only two
7888 * counters.
7889 */
7890 if (settings->counter_offset_beacon[0] &&
7891 !settings->counter_offset_beacon[1]) {
7892 csa_off_len = 1;
7893 } else if (settings->counter_offset_beacon[1] &&
7894 !settings->counter_offset_beacon[0]) {
7895 csa_off_len = 1;
7896 settings->counter_offset_beacon[0] =
7897 settings->counter_offset_beacon[1];
7898 settings->counter_offset_presp[0] =
7899 settings->counter_offset_presp[1];
7900 } else if (settings->counter_offset_beacon[1] &&
7901 settings->counter_offset_beacon[0]) {
7902 csa_off_len = 2;
7903 } else {
7904 wpa_printf(MSG_ERROR, "nl80211: No CSA counters provided");
7905 return -EINVAL;
7906 }
7907
7908 /* Check CSA counters validity */
7909 if (drv->capa.max_csa_counters &&
7910 csa_off_len > drv->capa.max_csa_counters) {
7911 wpa_printf(MSG_ERROR,
7912 "nl80211: Too many CSA counters provided");
7913 return -EINVAL;
7914 }
7915
7916 if (!settings->beacon_csa.tail)
7917 return -EINVAL;
7918
7919 for (i = 0; i < csa_off_len; i++) {
7920 u16 csa_c_off_bcn = settings->counter_offset_beacon[i];
7921 u16 csa_c_off_presp = settings->counter_offset_presp[i];
7922
7923 if ((settings->beacon_csa.tail_len <= csa_c_off_bcn) ||
7924 (settings->beacon_csa.tail[csa_c_off_bcn] !=
7925 settings->cs_count))
7926 return -EINVAL;
7927
7928 if (settings->beacon_csa.probe_resp &&
7929 ((settings->beacon_csa.probe_resp_len <=
7930 csa_c_off_presp) ||
7931 (settings->beacon_csa.probe_resp[csa_c_off_presp] !=
7932 settings->cs_count)))
7933 return -EINVAL;
7934 }
7935
7936 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_CHANNEL_SWITCH)) ||
7937 nla_put_u32(msg, NL80211_ATTR_CH_SWITCH_COUNT,
7938 settings->cs_count) ||
7939 (ret = nl80211_put_freq_params(msg, &settings->freq_params)) ||
7940 (settings->block_tx &&
7941 nla_put_flag(msg, NL80211_ATTR_CH_SWITCH_BLOCK_TX)))
7942 goto error;
7943
7944 /* beacon_after params */
7945 ret = set_beacon_data(msg, &settings->beacon_after);
7946 if (ret)
7947 goto error;
7948
7949 /* beacon_csa params */
7950 beacon_csa = nla_nest_start(msg, NL80211_ATTR_CSA_IES);
7951 if (!beacon_csa)
7952 goto fail;
7953
7954 ret = set_beacon_data(msg, &settings->beacon_csa);
7955 if (ret)
7956 goto error;
7957
7958 if (nla_put(msg, NL80211_ATTR_CSA_C_OFF_BEACON,
7959 csa_off_len * sizeof(u16),
7960 settings->counter_offset_beacon) ||
7961 (settings->beacon_csa.probe_resp &&
7962 nla_put(msg, NL80211_ATTR_CSA_C_OFF_PRESP,
7963 csa_off_len * sizeof(u16),
7964 settings->counter_offset_presp)))
7965 goto fail;
7966
7967 nla_nest_end(msg, beacon_csa);
7968 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
7969 if (ret) {
7970 wpa_printf(MSG_DEBUG, "nl80211: switch_channel failed err=%d (%s)",
7971 ret, strerror(-ret));
7972 }
7973 return ret;
7974
7975 fail:
7976 ret = -ENOBUFS;
7977 error:
7978 nlmsg_free(msg);
7979 wpa_printf(MSG_DEBUG, "nl80211: Could not build channel switch request");
7980 return ret;
7981 }
7982
7983
nl80211_add_ts(void * priv,u8 tsid,const u8 * addr,u8 user_priority,u16 admitted_time)7984 static int nl80211_add_ts(void *priv, u8 tsid, const u8 *addr,
7985 u8 user_priority, u16 admitted_time)
7986 {
7987 struct i802_bss *bss = priv;
7988 struct wpa_driver_nl80211_data *drv = bss->drv;
7989 struct nl_msg *msg;
7990 int ret;
7991
7992 wpa_printf(MSG_DEBUG,
7993 "nl80211: add_ts request: tsid=%u admitted_time=%u up=%d",
7994 tsid, admitted_time, user_priority);
7995
7996 if (!is_sta_interface(drv->nlmode))
7997 return -ENOTSUP;
7998
7999 msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_ADD_TX_TS);
8000 if (!msg ||
8001 nla_put_u8(msg, NL80211_ATTR_TSID, tsid) ||
8002 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr) ||
8003 nla_put_u8(msg, NL80211_ATTR_USER_PRIO, user_priority) ||
8004 nla_put_u16(msg, NL80211_ATTR_ADMITTED_TIME, admitted_time)) {
8005 nlmsg_free(msg);
8006 return -ENOBUFS;
8007 }
8008
8009 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
8010 if (ret)
8011 wpa_printf(MSG_DEBUG, "nl80211: add_ts failed err=%d (%s)",
8012 ret, strerror(-ret));
8013 return ret;
8014 }
8015
8016
nl80211_del_ts(void * priv,u8 tsid,const u8 * addr)8017 static int nl80211_del_ts(void *priv, u8 tsid, const u8 *addr)
8018 {
8019 struct i802_bss *bss = priv;
8020 struct wpa_driver_nl80211_data *drv = bss->drv;
8021 struct nl_msg *msg;
8022 int ret;
8023
8024 wpa_printf(MSG_DEBUG, "nl80211: del_ts request: tsid=%u", tsid);
8025
8026 if (!is_sta_interface(drv->nlmode))
8027 return -ENOTSUP;
8028
8029 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_DEL_TX_TS)) ||
8030 nla_put_u8(msg, NL80211_ATTR_TSID, tsid) ||
8031 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) {
8032 nlmsg_free(msg);
8033 return -ENOBUFS;
8034 }
8035
8036 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
8037 if (ret)
8038 wpa_printf(MSG_DEBUG, "nl80211: del_ts failed err=%d (%s)",
8039 ret, strerror(-ret));
8040 return ret;
8041 }
8042
8043
8044 #ifdef CONFIG_TESTING_OPTIONS
cmd_reply_handler(struct nl_msg * msg,void * arg)8045 static int cmd_reply_handler(struct nl_msg *msg, void *arg)
8046 {
8047 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
8048 struct wpabuf *buf = arg;
8049
8050 if (!buf)
8051 return NL_SKIP;
8052
8053 if ((size_t) genlmsg_attrlen(gnlh, 0) > wpabuf_tailroom(buf)) {
8054 wpa_printf(MSG_INFO, "nl80211: insufficient buffer space for reply");
8055 return NL_SKIP;
8056 }
8057
8058 wpabuf_put_data(buf, genlmsg_attrdata(gnlh, 0),
8059 genlmsg_attrlen(gnlh, 0));
8060
8061 return NL_SKIP;
8062 }
8063 #endif /* CONFIG_TESTING_OPTIONS */
8064
8065
vendor_reply_handler(struct nl_msg * msg,void * arg)8066 static int vendor_reply_handler(struct nl_msg *msg, void *arg)
8067 {
8068 struct nlattr *tb[NL80211_ATTR_MAX + 1];
8069 struct nlattr *nl_vendor_reply, *nl;
8070 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
8071 struct wpabuf *buf = arg;
8072 int rem;
8073
8074 if (!buf)
8075 return NL_SKIP;
8076
8077 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
8078 genlmsg_attrlen(gnlh, 0), NULL);
8079 nl_vendor_reply = tb[NL80211_ATTR_VENDOR_DATA];
8080
8081 if (!nl_vendor_reply)
8082 return NL_SKIP;
8083
8084 if ((size_t) nla_len(nl_vendor_reply) > wpabuf_tailroom(buf)) {
8085 wpa_printf(MSG_INFO, "nl80211: Vendor command: insufficient buffer space for reply");
8086 return NL_SKIP;
8087 }
8088
8089 nla_for_each_nested(nl, nl_vendor_reply, rem) {
8090 wpabuf_put_data(buf, nla_data(nl), nla_len(nl));
8091 }
8092
8093 return NL_SKIP;
8094 }
8095
8096
nl80211_vendor_cmd(void * priv,unsigned int vendor_id,unsigned int subcmd,const u8 * data,size_t data_len,struct wpabuf * buf)8097 static int nl80211_vendor_cmd(void *priv, unsigned int vendor_id,
8098 unsigned int subcmd, const u8 *data,
8099 size_t data_len, struct wpabuf *buf)
8100 {
8101 struct i802_bss *bss = priv;
8102 struct wpa_driver_nl80211_data *drv = bss->drv;
8103 struct nl_msg *msg;
8104 int ret;
8105
8106 #ifdef CONFIG_TESTING_OPTIONS
8107 if (vendor_id == 0xffffffff) {
8108 msg = nlmsg_alloc();
8109 if (!msg)
8110 return -ENOMEM;
8111
8112 nl80211_cmd(drv, msg, 0, subcmd);
8113 if (nlmsg_append(msg, (void *) data, data_len, NLMSG_ALIGNTO) <
8114 0)
8115 goto fail;
8116 ret = send_and_recv_msgs(drv, msg, cmd_reply_handler, buf);
8117 if (ret)
8118 wpa_printf(MSG_DEBUG, "nl80211: command failed err=%d",
8119 ret);
8120 return ret;
8121 }
8122 #endif /* CONFIG_TESTING_OPTIONS */
8123
8124 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_VENDOR)) ||
8125 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, vendor_id) ||
8126 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD, subcmd) ||
8127 (data &&
8128 nla_put(msg, NL80211_ATTR_VENDOR_DATA, data_len, data)))
8129 goto fail;
8130
8131 ret = send_and_recv_msgs(drv, msg, vendor_reply_handler, buf);
8132 if (ret)
8133 wpa_printf(MSG_DEBUG, "nl80211: vendor command failed err=%d",
8134 ret);
8135 return ret;
8136
8137 fail:
8138 nlmsg_free(msg);
8139 return -ENOBUFS;
8140 }
8141
8142
nl80211_set_qos_map(void * priv,const u8 * qos_map_set,u8 qos_map_set_len)8143 static int nl80211_set_qos_map(void *priv, const u8 *qos_map_set,
8144 u8 qos_map_set_len)
8145 {
8146 struct i802_bss *bss = priv;
8147 struct wpa_driver_nl80211_data *drv = bss->drv;
8148 struct nl_msg *msg;
8149 int ret;
8150
8151 wpa_hexdump(MSG_DEBUG, "nl80211: Setting QoS Map",
8152 qos_map_set, qos_map_set_len);
8153
8154 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_SET_QOS_MAP)) ||
8155 nla_put(msg, NL80211_ATTR_QOS_MAP, qos_map_set_len, qos_map_set)) {
8156 nlmsg_free(msg);
8157 return -ENOBUFS;
8158 }
8159
8160 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
8161 if (ret)
8162 wpa_printf(MSG_DEBUG, "nl80211: Setting QoS Map failed");
8163
8164 return ret;
8165 }
8166
8167
nl80211_set_wowlan(void * priv,const struct wowlan_triggers * triggers)8168 static int nl80211_set_wowlan(void *priv,
8169 const struct wowlan_triggers *triggers)
8170 {
8171 struct i802_bss *bss = priv;
8172 struct wpa_driver_nl80211_data *drv = bss->drv;
8173 struct nl_msg *msg;
8174 struct nlattr *wowlan_triggers;
8175 int ret;
8176
8177 wpa_printf(MSG_DEBUG, "nl80211: Setting wowlan");
8178
8179 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_SET_WOWLAN)) ||
8180 !(wowlan_triggers = nla_nest_start(msg,
8181 NL80211_ATTR_WOWLAN_TRIGGERS)) ||
8182 (triggers->any &&
8183 nla_put_flag(msg, NL80211_WOWLAN_TRIG_ANY)) ||
8184 (triggers->disconnect &&
8185 nla_put_flag(msg, NL80211_WOWLAN_TRIG_DISCONNECT)) ||
8186 (triggers->magic_pkt &&
8187 nla_put_flag(msg, NL80211_WOWLAN_TRIG_MAGIC_PKT)) ||
8188 (triggers->gtk_rekey_failure &&
8189 nla_put_flag(msg, NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE)) ||
8190 (triggers->eap_identity_req &&
8191 nla_put_flag(msg, NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST)) ||
8192 (triggers->four_way_handshake &&
8193 nla_put_flag(msg, NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE)) ||
8194 (triggers->rfkill_release &&
8195 nla_put_flag(msg, NL80211_WOWLAN_TRIG_RFKILL_RELEASE))) {
8196 nlmsg_free(msg);
8197 return -ENOBUFS;
8198 }
8199
8200 nla_nest_end(msg, wowlan_triggers);
8201
8202 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
8203 if (ret)
8204 wpa_printf(MSG_DEBUG, "nl80211: Setting wowlan failed");
8205
8206 return ret;
8207 }
8208
8209
8210 #ifdef CONFIG_DRIVER_NL80211_QCA
nl80211_roaming(void * priv,int allowed,const u8 * bssid)8211 static int nl80211_roaming(void *priv, int allowed, const u8 *bssid)
8212 {
8213 struct i802_bss *bss = priv;
8214 struct wpa_driver_nl80211_data *drv = bss->drv;
8215 struct nl_msg *msg;
8216 struct nlattr *params;
8217
8218 wpa_printf(MSG_DEBUG, "nl80211: Roaming policy: allowed=%d", allowed);
8219
8220 if (!drv->roaming_vendor_cmd_avail) {
8221 wpa_printf(MSG_DEBUG,
8222 "nl80211: Ignore roaming policy change since driver does not provide command for setting it");
8223 return -1;
8224 }
8225
8226 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) ||
8227 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) ||
8228 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD,
8229 QCA_NL80211_VENDOR_SUBCMD_ROAMING) ||
8230 !(params = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) ||
8231 nla_put_u32(msg, QCA_WLAN_VENDOR_ATTR_ROAMING_POLICY,
8232 allowed ? QCA_ROAMING_ALLOWED_WITHIN_ESS :
8233 QCA_ROAMING_NOT_ALLOWED) ||
8234 (bssid &&
8235 nla_put(msg, QCA_WLAN_VENDOR_ATTR_MAC_ADDR, ETH_ALEN, bssid))) {
8236 nlmsg_free(msg);
8237 return -1;
8238 }
8239 nla_nest_end(msg, params);
8240
8241 return send_and_recv_msgs(drv, msg, NULL, NULL);
8242 }
8243 #endif /* CONFIG_DRIVER_NL80211_QCA */
8244
8245
nl80211_set_mac_addr(void * priv,const u8 * addr)8246 static int nl80211_set_mac_addr(void *priv, const u8 *addr)
8247 {
8248 struct i802_bss *bss = priv;
8249 struct wpa_driver_nl80211_data *drv = bss->drv;
8250 int new_addr = addr != NULL;
8251
8252 if (!addr)
8253 addr = drv->perm_addr;
8254
8255 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 0) < 0)
8256 return -1;
8257
8258 if (linux_set_ifhwaddr(drv->global->ioctl_sock, bss->ifname, addr) < 0)
8259 {
8260 wpa_printf(MSG_DEBUG,
8261 "nl80211: failed to set_mac_addr for %s to " MACSTR,
8262 bss->ifname, MAC2STR(addr));
8263 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname,
8264 1) < 0) {
8265 wpa_printf(MSG_DEBUG,
8266 "nl80211: Could not restore interface UP after failed set_mac_addr");
8267 }
8268 return -1;
8269 }
8270
8271 wpa_printf(MSG_DEBUG, "nl80211: set_mac_addr for %s to " MACSTR,
8272 bss->ifname, MAC2STR(addr));
8273 drv->addr_changed = new_addr;
8274 os_memcpy(bss->addr, addr, ETH_ALEN);
8275
8276 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 1) < 0)
8277 {
8278 wpa_printf(MSG_DEBUG,
8279 "nl80211: Could not restore interface UP after set_mac_addr");
8280 }
8281
8282 return 0;
8283 }
8284
8285
8286 #ifdef CONFIG_MESH
8287
wpa_driver_nl80211_init_mesh(void * priv)8288 static int wpa_driver_nl80211_init_mesh(void *priv)
8289 {
8290 if (wpa_driver_nl80211_set_mode(priv, NL80211_IFTYPE_MESH_POINT)) {
8291 wpa_printf(MSG_INFO,
8292 "nl80211: Failed to set interface into mesh mode");
8293 return -1;
8294 }
8295 return 0;
8296 }
8297
8298
nl80211_put_mesh_id(struct nl_msg * msg,const u8 * mesh_id,size_t mesh_id_len)8299 static int nl80211_put_mesh_id(struct nl_msg *msg, const u8 *mesh_id,
8300 size_t mesh_id_len)
8301 {
8302 if (mesh_id) {
8303 wpa_hexdump_ascii(MSG_DEBUG, " * Mesh ID (SSID)",
8304 mesh_id, mesh_id_len);
8305 return nla_put(msg, NL80211_ATTR_MESH_ID, mesh_id_len, mesh_id);
8306 }
8307
8308 return 0;
8309 }
8310
8311
nl80211_join_mesh(struct i802_bss * bss,struct wpa_driver_mesh_join_params * params)8312 static int nl80211_join_mesh(struct i802_bss *bss,
8313 struct wpa_driver_mesh_join_params *params)
8314 {
8315 struct wpa_driver_nl80211_data *drv = bss->drv;
8316 struct nl_msg *msg;
8317 struct nlattr *container;
8318 int ret = -1;
8319
8320 wpa_printf(MSG_DEBUG, "nl80211: mesh join (ifindex=%d)", drv->ifindex);
8321 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_JOIN_MESH);
8322 if (!msg ||
8323 nl80211_put_freq_params(msg, ¶ms->freq) ||
8324 nl80211_put_basic_rates(msg, params->basic_rates) ||
8325 nl80211_put_mesh_id(msg, params->meshid, params->meshid_len) ||
8326 nl80211_put_beacon_int(msg, params->beacon_int))
8327 goto fail;
8328
8329 wpa_printf(MSG_DEBUG, " * flags=%08X", params->flags);
8330
8331 container = nla_nest_start(msg, NL80211_ATTR_MESH_SETUP);
8332 if (!container)
8333 goto fail;
8334
8335 if (params->ies) {
8336 wpa_hexdump(MSG_DEBUG, " * IEs", params->ies, params->ie_len);
8337 if (nla_put(msg, NL80211_MESH_SETUP_IE, params->ie_len,
8338 params->ies))
8339 goto fail;
8340 }
8341 /* WPA_DRIVER_MESH_FLAG_OPEN_AUTH is treated as default by nl80211 */
8342 if (params->flags & WPA_DRIVER_MESH_FLAG_SAE_AUTH) {
8343 if (nla_put_u8(msg, NL80211_MESH_SETUP_AUTH_PROTOCOL, 0x1) ||
8344 nla_put_flag(msg, NL80211_MESH_SETUP_USERSPACE_AUTH))
8345 goto fail;
8346 }
8347 if ((params->flags & WPA_DRIVER_MESH_FLAG_AMPE) &&
8348 nla_put_flag(msg, NL80211_MESH_SETUP_USERSPACE_AMPE))
8349 goto fail;
8350 if ((params->flags & WPA_DRIVER_MESH_FLAG_USER_MPM) &&
8351 nla_put_flag(msg, NL80211_MESH_SETUP_USERSPACE_MPM))
8352 goto fail;
8353 nla_nest_end(msg, container);
8354
8355 container = nla_nest_start(msg, NL80211_ATTR_MESH_CONFIG);
8356 if (!container)
8357 goto fail;
8358
8359 if (!(params->conf.flags & WPA_DRIVER_MESH_CONF_FLAG_AUTO_PLINKS) &&
8360 nla_put_u32(msg, NL80211_MESHCONF_AUTO_OPEN_PLINKS, 0))
8361 goto fail;
8362 if ((params->conf.flags & WPA_DRIVER_MESH_FLAG_DRIVER_MPM) &&
8363 nla_put_u16(msg, NL80211_MESHCONF_MAX_PEER_LINKS,
8364 params->max_peer_links))
8365 goto fail;
8366
8367 /*
8368 * Set NL80211_MESHCONF_PLINK_TIMEOUT even if user mpm is used because
8369 * the timer could disconnect stations even in that case.
8370 */
8371 if (nla_put_u32(msg, NL80211_MESHCONF_PLINK_TIMEOUT,
8372 params->conf.peer_link_timeout)) {
8373 wpa_printf(MSG_ERROR, "nl80211: Failed to set PLINK_TIMEOUT");
8374 goto fail;
8375 }
8376
8377 nla_nest_end(msg, container);
8378
8379 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
8380 msg = NULL;
8381 if (ret) {
8382 wpa_printf(MSG_DEBUG, "nl80211: mesh join failed: ret=%d (%s)",
8383 ret, strerror(-ret));
8384 goto fail;
8385 }
8386 ret = 0;
8387 bss->freq = params->freq.freq;
8388 wpa_printf(MSG_DEBUG, "nl80211: mesh join request send successfully");
8389
8390 fail:
8391 nlmsg_free(msg);
8392 return ret;
8393 }
8394
8395
8396 static int
wpa_driver_nl80211_join_mesh(void * priv,struct wpa_driver_mesh_join_params * params)8397 wpa_driver_nl80211_join_mesh(void *priv,
8398 struct wpa_driver_mesh_join_params *params)
8399 {
8400 struct i802_bss *bss = priv;
8401 int ret, timeout;
8402
8403 timeout = params->conf.peer_link_timeout;
8404
8405 /* Disable kernel inactivity timer */
8406 if (params->flags & WPA_DRIVER_MESH_FLAG_USER_MPM)
8407 params->conf.peer_link_timeout = 0;
8408
8409 ret = nl80211_join_mesh(bss, params);
8410 if (ret == -EINVAL && params->conf.peer_link_timeout == 0) {
8411 wpa_printf(MSG_DEBUG,
8412 "nl80211: Mesh join retry for peer_link_timeout");
8413 /*
8414 * Old kernel does not support setting
8415 * NL80211_MESHCONF_PLINK_TIMEOUT to zero, so set 60 seconds
8416 * into future from peer_link_timeout.
8417 */
8418 params->conf.peer_link_timeout = timeout + 60;
8419 ret = nl80211_join_mesh(priv, params);
8420 }
8421
8422 params->conf.peer_link_timeout = timeout;
8423 return ret;
8424 }
8425
8426
wpa_driver_nl80211_leave_mesh(void * priv)8427 static int wpa_driver_nl80211_leave_mesh(void *priv)
8428 {
8429 struct i802_bss *bss = priv;
8430 struct wpa_driver_nl80211_data *drv = bss->drv;
8431 struct nl_msg *msg;
8432 int ret;
8433
8434 wpa_printf(MSG_DEBUG, "nl80211: mesh leave (ifindex=%d)", drv->ifindex);
8435 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_LEAVE_MESH);
8436 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
8437 if (ret) {
8438 wpa_printf(MSG_DEBUG, "nl80211: mesh leave failed: ret=%d (%s)",
8439 ret, strerror(-ret));
8440 } else {
8441 wpa_printf(MSG_DEBUG,
8442 "nl80211: mesh leave request send successfully");
8443 }
8444
8445 if (wpa_driver_nl80211_set_mode(drv->first_bss,
8446 NL80211_IFTYPE_STATION)) {
8447 wpa_printf(MSG_INFO,
8448 "nl80211: Failed to set interface into station mode");
8449 }
8450 return ret;
8451 }
8452
8453 #endif /* CONFIG_MESH */
8454
8455
wpa_driver_br_add_ip_neigh(void * priv,u8 version,const u8 * ipaddr,int prefixlen,const u8 * addr)8456 static int wpa_driver_br_add_ip_neigh(void *priv, u8 version,
8457 const u8 *ipaddr, int prefixlen,
8458 const u8 *addr)
8459 {
8460 #ifdef CONFIG_LIBNL3_ROUTE
8461 struct i802_bss *bss = priv;
8462 struct wpa_driver_nl80211_data *drv = bss->drv;
8463 struct rtnl_neigh *rn;
8464 struct nl_addr *nl_ipaddr = NULL;
8465 struct nl_addr *nl_lladdr = NULL;
8466 int family, addrsize;
8467 int res;
8468
8469 if (!ipaddr || prefixlen == 0 || !addr)
8470 return -EINVAL;
8471
8472 if (bss->br_ifindex == 0) {
8473 wpa_printf(MSG_DEBUG,
8474 "nl80211: bridge must be set before adding an ip neigh to it");
8475 return -1;
8476 }
8477
8478 if (!drv->rtnl_sk) {
8479 wpa_printf(MSG_DEBUG,
8480 "nl80211: nl_sock for NETLINK_ROUTE is not initialized");
8481 return -1;
8482 }
8483
8484 if (version == 4) {
8485 family = AF_INET;
8486 addrsize = 4;
8487 } else if (version == 6) {
8488 family = AF_INET6;
8489 addrsize = 16;
8490 } else {
8491 return -EINVAL;
8492 }
8493
8494 rn = rtnl_neigh_alloc();
8495 if (rn == NULL)
8496 return -ENOMEM;
8497
8498 /* set the destination ip address for neigh */
8499 nl_ipaddr = nl_addr_build(family, (void *) ipaddr, addrsize);
8500 if (nl_ipaddr == NULL) {
8501 wpa_printf(MSG_DEBUG, "nl80211: nl_ipaddr build failed");
8502 res = -ENOMEM;
8503 goto errout;
8504 }
8505 nl_addr_set_prefixlen(nl_ipaddr, prefixlen);
8506 res = rtnl_neigh_set_dst(rn, nl_ipaddr);
8507 if (res) {
8508 wpa_printf(MSG_DEBUG,
8509 "nl80211: neigh set destination addr failed");
8510 goto errout;
8511 }
8512
8513 /* set the corresponding lladdr for neigh */
8514 nl_lladdr = nl_addr_build(AF_BRIDGE, (u8 *) addr, ETH_ALEN);
8515 if (nl_lladdr == NULL) {
8516 wpa_printf(MSG_DEBUG, "nl80211: neigh set lladdr failed");
8517 res = -ENOMEM;
8518 goto errout;
8519 }
8520 rtnl_neigh_set_lladdr(rn, nl_lladdr);
8521
8522 rtnl_neigh_set_ifindex(rn, bss->br_ifindex);
8523 rtnl_neigh_set_state(rn, NUD_PERMANENT);
8524
8525 res = rtnl_neigh_add(drv->rtnl_sk, rn, NLM_F_CREATE);
8526 if (res) {
8527 wpa_printf(MSG_DEBUG,
8528 "nl80211: Adding bridge ip neigh failed: %s",
8529 strerror(errno));
8530 }
8531 errout:
8532 if (nl_lladdr)
8533 nl_addr_put(nl_lladdr);
8534 if (nl_ipaddr)
8535 nl_addr_put(nl_ipaddr);
8536 if (rn)
8537 rtnl_neigh_put(rn);
8538 return res;
8539 #else /* CONFIG_LIBNL3_ROUTE */
8540 return -1;
8541 #endif /* CONFIG_LIBNL3_ROUTE */
8542 }
8543
8544
wpa_driver_br_delete_ip_neigh(void * priv,u8 version,const u8 * ipaddr)8545 static int wpa_driver_br_delete_ip_neigh(void *priv, u8 version,
8546 const u8 *ipaddr)
8547 {
8548 #ifdef CONFIG_LIBNL3_ROUTE
8549 struct i802_bss *bss = priv;
8550 struct wpa_driver_nl80211_data *drv = bss->drv;
8551 struct rtnl_neigh *rn;
8552 struct nl_addr *nl_ipaddr;
8553 int family, addrsize;
8554 int res;
8555
8556 if (!ipaddr)
8557 return -EINVAL;
8558
8559 if (version == 4) {
8560 family = AF_INET;
8561 addrsize = 4;
8562 } else if (version == 6) {
8563 family = AF_INET6;
8564 addrsize = 16;
8565 } else {
8566 return -EINVAL;
8567 }
8568
8569 if (bss->br_ifindex == 0) {
8570 wpa_printf(MSG_DEBUG,
8571 "nl80211: bridge must be set to delete an ip neigh");
8572 return -1;
8573 }
8574
8575 if (!drv->rtnl_sk) {
8576 wpa_printf(MSG_DEBUG,
8577 "nl80211: nl_sock for NETLINK_ROUTE is not initialized");
8578 return -1;
8579 }
8580
8581 rn = rtnl_neigh_alloc();
8582 if (rn == NULL)
8583 return -ENOMEM;
8584
8585 /* set the destination ip address for neigh */
8586 nl_ipaddr = nl_addr_build(family, (void *) ipaddr, addrsize);
8587 if (nl_ipaddr == NULL) {
8588 wpa_printf(MSG_DEBUG, "nl80211: nl_ipaddr build failed");
8589 res = -ENOMEM;
8590 goto errout;
8591 }
8592 res = rtnl_neigh_set_dst(rn, nl_ipaddr);
8593 if (res) {
8594 wpa_printf(MSG_DEBUG,
8595 "nl80211: neigh set destination addr failed");
8596 goto errout;
8597 }
8598
8599 rtnl_neigh_set_ifindex(rn, bss->br_ifindex);
8600
8601 res = rtnl_neigh_delete(drv->rtnl_sk, rn, 0);
8602 if (res) {
8603 wpa_printf(MSG_DEBUG,
8604 "nl80211: Deleting bridge ip neigh failed: %s",
8605 strerror(errno));
8606 }
8607 errout:
8608 if (nl_ipaddr)
8609 nl_addr_put(nl_ipaddr);
8610 if (rn)
8611 rtnl_neigh_put(rn);
8612 return res;
8613 #else /* CONFIG_LIBNL3_ROUTE */
8614 return -1;
8615 #endif /* CONFIG_LIBNL3_ROUTE */
8616 }
8617
8618
linux_write_system_file(const char * path,unsigned int val)8619 static int linux_write_system_file(const char *path, unsigned int val)
8620 {
8621 char buf[50];
8622 int fd, len;
8623
8624 len = os_snprintf(buf, sizeof(buf), "%u\n", val);
8625 if (os_snprintf_error(sizeof(buf), len))
8626 return -1;
8627
8628 fd = open(path, O_WRONLY);
8629 if (fd < 0)
8630 return -1;
8631
8632 if (write(fd, buf, len) < 0) {
8633 wpa_printf(MSG_DEBUG,
8634 "nl80211: Failed to write Linux system file: %s with the value of %d",
8635 path, val);
8636 close(fd);
8637 return -1;
8638 }
8639 close(fd);
8640
8641 return 0;
8642 }
8643
8644
drv_br_port_attr_str(enum drv_br_port_attr attr)8645 static const char * drv_br_port_attr_str(enum drv_br_port_attr attr)
8646 {
8647 switch (attr) {
8648 case DRV_BR_PORT_ATTR_PROXYARP:
8649 return "proxyarp_wifi";
8650 case DRV_BR_PORT_ATTR_HAIRPIN_MODE:
8651 return "hairpin_mode";
8652 }
8653
8654 return NULL;
8655 }
8656
8657
wpa_driver_br_port_set_attr(void * priv,enum drv_br_port_attr attr,unsigned int val)8658 static int wpa_driver_br_port_set_attr(void *priv, enum drv_br_port_attr attr,
8659 unsigned int val)
8660 {
8661 struct i802_bss *bss = priv;
8662 char path[128];
8663 const char *attr_txt;
8664
8665 attr_txt = drv_br_port_attr_str(attr);
8666 if (attr_txt == NULL)
8667 return -EINVAL;
8668
8669 os_snprintf(path, sizeof(path), "/sys/class/net/%s/brport/%s",
8670 bss->ifname, attr_txt);
8671
8672 if (linux_write_system_file(path, val))
8673 return -1;
8674
8675 return 0;
8676 }
8677
8678
drv_br_net_param_str(enum drv_br_net_param param)8679 static const char * drv_br_net_param_str(enum drv_br_net_param param)
8680 {
8681 switch (param) {
8682 case DRV_BR_NET_PARAM_GARP_ACCEPT:
8683 return "arp_accept";
8684 default:
8685 return NULL;
8686 }
8687 }
8688
8689
wpa_driver_br_set_net_param(void * priv,enum drv_br_net_param param,unsigned int val)8690 static int wpa_driver_br_set_net_param(void *priv, enum drv_br_net_param param,
8691 unsigned int val)
8692 {
8693 struct i802_bss *bss = priv;
8694 char path[128];
8695 const char *param_txt;
8696 int ip_version = 4;
8697
8698 if (param == DRV_BR_MULTICAST_SNOOPING) {
8699 os_snprintf(path, sizeof(path),
8700 "/sys/devices/virtual/net/%s/bridge/multicast_snooping",
8701 bss->brname);
8702 goto set_val;
8703 }
8704
8705 param_txt = drv_br_net_param_str(param);
8706 if (param_txt == NULL)
8707 return -EINVAL;
8708
8709 switch (param) {
8710 case DRV_BR_NET_PARAM_GARP_ACCEPT:
8711 ip_version = 4;
8712 break;
8713 default:
8714 return -EINVAL;
8715 }
8716
8717 os_snprintf(path, sizeof(path), "/proc/sys/net/ipv%d/conf/%s/%s",
8718 ip_version, bss->brname, param_txt);
8719
8720 set_val:
8721 if (linux_write_system_file(path, val))
8722 return -1;
8723
8724 return 0;
8725 }
8726
8727
8728 #ifdef CONFIG_DRIVER_NL80211_QCA
8729
hw_mode_to_qca_acs(enum hostapd_hw_mode hw_mode)8730 static int hw_mode_to_qca_acs(enum hostapd_hw_mode hw_mode)
8731 {
8732 switch (hw_mode) {
8733 case HOSTAPD_MODE_IEEE80211B:
8734 return QCA_ACS_MODE_IEEE80211B;
8735 case HOSTAPD_MODE_IEEE80211G:
8736 return QCA_ACS_MODE_IEEE80211G;
8737 case HOSTAPD_MODE_IEEE80211A:
8738 return QCA_ACS_MODE_IEEE80211A;
8739 case HOSTAPD_MODE_IEEE80211AD:
8740 return QCA_ACS_MODE_IEEE80211AD;
8741 case HOSTAPD_MODE_IEEE80211ANY:
8742 return QCA_ACS_MODE_IEEE80211ANY;
8743 default:
8744 return -1;
8745 }
8746 }
8747
8748
add_acs_freq_list(struct nl_msg * msg,const int * freq_list)8749 static int add_acs_freq_list(struct nl_msg *msg, const int *freq_list)
8750 {
8751 int i, len, ret;
8752 u32 *freqs;
8753
8754 if (!freq_list)
8755 return 0;
8756 len = int_array_len(freq_list);
8757 freqs = os_malloc(sizeof(u32) * len);
8758 if (!freqs)
8759 return -1;
8760 for (i = 0; i < len; i++)
8761 freqs[i] = freq_list[i];
8762 ret = nla_put(msg, QCA_WLAN_VENDOR_ATTR_ACS_FREQ_LIST,
8763 sizeof(u32) * len, freqs);
8764 os_free(freqs);
8765 return ret;
8766 }
8767
8768
wpa_driver_do_acs(void * priv,struct drv_acs_params * params)8769 static int wpa_driver_do_acs(void *priv, struct drv_acs_params *params)
8770 {
8771 struct i802_bss *bss = priv;
8772 struct wpa_driver_nl80211_data *drv = bss->drv;
8773 struct nl_msg *msg;
8774 struct nlattr *data;
8775 int ret;
8776 int mode;
8777
8778 mode = hw_mode_to_qca_acs(params->hw_mode);
8779 if (mode < 0)
8780 return -1;
8781
8782 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) ||
8783 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) ||
8784 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD,
8785 QCA_NL80211_VENDOR_SUBCMD_DO_ACS) ||
8786 !(data = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) ||
8787 nla_put_u8(msg, QCA_WLAN_VENDOR_ATTR_ACS_HW_MODE, mode) ||
8788 (params->ht_enabled &&
8789 nla_put_flag(msg, QCA_WLAN_VENDOR_ATTR_ACS_HT_ENABLED)) ||
8790 (params->ht40_enabled &&
8791 nla_put_flag(msg, QCA_WLAN_VENDOR_ATTR_ACS_HT40_ENABLED)) ||
8792 (params->vht_enabled &&
8793 nla_put_flag(msg, QCA_WLAN_VENDOR_ATTR_ACS_VHT_ENABLED)) ||
8794 nla_put_u16(msg, QCA_WLAN_VENDOR_ATTR_ACS_CHWIDTH,
8795 params->ch_width) ||
8796 (params->ch_list_len &&
8797 nla_put(msg, QCA_WLAN_VENDOR_ATTR_ACS_CH_LIST, params->ch_list_len,
8798 params->ch_list)) ||
8799 add_acs_freq_list(msg, params->freq_list)) {
8800 nlmsg_free(msg);
8801 return -ENOBUFS;
8802 }
8803 nla_nest_end(msg, data);
8804
8805 wpa_printf(MSG_DEBUG,
8806 "nl80211: ACS Params: HW_MODE: %d HT: %d HT40: %d VHT: %d BW: %d CH_LIST_LEN: %u",
8807 params->hw_mode, params->ht_enabled, params->ht40_enabled,
8808 params->vht_enabled, params->ch_width, params->ch_list_len);
8809
8810 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
8811 if (ret) {
8812 wpa_printf(MSG_DEBUG,
8813 "nl80211: Failed to invoke driver ACS function: %s",
8814 strerror(errno));
8815 }
8816 return ret;
8817 }
8818
8819
nl80211_set_band(void * priv,enum set_band band)8820 static int nl80211_set_band(void *priv, enum set_band band)
8821 {
8822 struct i802_bss *bss = priv;
8823 struct wpa_driver_nl80211_data *drv = bss->drv;
8824 struct nl_msg *msg;
8825 struct nlattr *data;
8826 int ret;
8827 enum qca_set_band qca_band;
8828
8829 if (!drv->setband_vendor_cmd_avail)
8830 return -1;
8831
8832 switch (band) {
8833 case WPA_SETBAND_AUTO:
8834 qca_band = QCA_SETBAND_AUTO;
8835 break;
8836 case WPA_SETBAND_5G:
8837 qca_band = QCA_SETBAND_5G;
8838 break;
8839 case WPA_SETBAND_2G:
8840 qca_band = QCA_SETBAND_2G;
8841 break;
8842 default:
8843 return -1;
8844 }
8845
8846 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) ||
8847 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) ||
8848 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD,
8849 QCA_NL80211_VENDOR_SUBCMD_SETBAND) ||
8850 !(data = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) ||
8851 nla_put_u32(msg, QCA_WLAN_VENDOR_ATTR_SETBAND_VALUE, qca_band)) {
8852 nlmsg_free(msg);
8853 return -ENOBUFS;
8854 }
8855 nla_nest_end(msg, data);
8856
8857 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
8858 if (ret) {
8859 wpa_printf(MSG_DEBUG,
8860 "nl80211: Driver setband function failed: %s",
8861 strerror(errno));
8862 }
8863 return ret;
8864 }
8865
8866
8867 struct nl80211_pcl {
8868 unsigned int num;
8869 unsigned int *freq_list;
8870 };
8871
preferred_freq_info_handler(struct nl_msg * msg,void * arg)8872 static int preferred_freq_info_handler(struct nl_msg *msg, void *arg)
8873 {
8874 struct nlattr *tb[NL80211_ATTR_MAX + 1];
8875 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
8876 struct nl80211_pcl *param = arg;
8877 struct nlattr *nl_vend, *attr;
8878 enum qca_iface_type iface_type;
8879 struct nlattr *tb_vendor[QCA_WLAN_VENDOR_ATTR_MAX + 1];
8880 unsigned int num, max_num;
8881 u32 *freqs;
8882
8883 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
8884 genlmsg_attrlen(gnlh, 0), NULL);
8885
8886 nl_vend = tb[NL80211_ATTR_VENDOR_DATA];
8887 if (!nl_vend)
8888 return NL_SKIP;
8889
8890 nla_parse(tb_vendor, QCA_WLAN_VENDOR_ATTR_MAX,
8891 nla_data(nl_vend), nla_len(nl_vend), NULL);
8892
8893 attr = tb_vendor[
8894 QCA_WLAN_VENDOR_ATTR_GET_PREFERRED_FREQ_LIST_IFACE_TYPE];
8895 if (!attr) {
8896 wpa_printf(MSG_ERROR, "nl80211: iface_type couldn't be found");
8897 param->num = 0;
8898 return NL_SKIP;
8899 }
8900
8901 iface_type = (enum qca_iface_type) nla_get_u32(attr);
8902 wpa_printf(MSG_DEBUG, "nl80211: Driver returned iface_type=%d",
8903 iface_type);
8904
8905 attr = tb_vendor[QCA_WLAN_VENDOR_ATTR_GET_PREFERRED_FREQ_LIST];
8906 if (!attr) {
8907 wpa_printf(MSG_ERROR,
8908 "nl80211: preferred_freq_list couldn't be found");
8909 param->num = 0;
8910 return NL_SKIP;
8911 }
8912
8913 /*
8914 * param->num has the maximum number of entries for which there
8915 * is room in the freq_list provided by the caller.
8916 */
8917 freqs = nla_data(attr);
8918 max_num = nla_len(attr) / sizeof(u32);
8919 if (max_num > param->num)
8920 max_num = param->num;
8921 for (num = 0; num < max_num; num++)
8922 param->freq_list[num] = freqs[num];
8923 param->num = num;
8924
8925 return NL_SKIP;
8926 }
8927
8928
nl80211_get_pref_freq_list(void * priv,enum wpa_driver_if_type if_type,unsigned int * num,unsigned int * freq_list)8929 static int nl80211_get_pref_freq_list(void *priv,
8930 enum wpa_driver_if_type if_type,
8931 unsigned int *num,
8932 unsigned int *freq_list)
8933 {
8934 struct i802_bss *bss = priv;
8935 struct wpa_driver_nl80211_data *drv = bss->drv;
8936 struct nl_msg *msg;
8937 int ret;
8938 unsigned int i;
8939 struct nlattr *params;
8940 struct nl80211_pcl param;
8941 enum qca_iface_type iface_type;
8942
8943 if (!drv->get_pref_freq_list)
8944 return -1;
8945
8946 switch (if_type) {
8947 case WPA_IF_STATION:
8948 iface_type = QCA_IFACE_TYPE_STA;
8949 break;
8950 case WPA_IF_AP_BSS:
8951 iface_type = QCA_IFACE_TYPE_AP;
8952 break;
8953 case WPA_IF_P2P_GO:
8954 iface_type = QCA_IFACE_TYPE_P2P_GO;
8955 break;
8956 case WPA_IF_P2P_CLIENT:
8957 iface_type = QCA_IFACE_TYPE_P2P_CLIENT;
8958 break;
8959 case WPA_IF_IBSS:
8960 iface_type = QCA_IFACE_TYPE_IBSS;
8961 break;
8962 case WPA_IF_TDLS:
8963 iface_type = QCA_IFACE_TYPE_TDLS;
8964 break;
8965 default:
8966 return -1;
8967 }
8968
8969 param.num = *num;
8970 param.freq_list = freq_list;
8971
8972 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) ||
8973 nla_put_u32(msg, NL80211_ATTR_IFINDEX, drv->ifindex) ||
8974 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) ||
8975 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD,
8976 QCA_NL80211_VENDOR_SUBCMD_GET_PREFERRED_FREQ_LIST) ||
8977 !(params = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) ||
8978 nla_put_u32(msg,
8979 QCA_WLAN_VENDOR_ATTR_GET_PREFERRED_FREQ_LIST_IFACE_TYPE,
8980 iface_type)) {
8981 wpa_printf(MSG_ERROR,
8982 "%s: err in adding vendor_cmd and vendor_data",
8983 __func__);
8984 nlmsg_free(msg);
8985 return -1;
8986 }
8987 nla_nest_end(msg, params);
8988
8989 os_memset(freq_list, 0, *num * sizeof(freq_list[0]));
8990 ret = send_and_recv_msgs(drv, msg, preferred_freq_info_handler, ¶m);
8991 if (ret) {
8992 wpa_printf(MSG_ERROR,
8993 "%s: err in send_and_recv_msgs", __func__);
8994 return ret;
8995 }
8996
8997 *num = param.num;
8998
8999 for (i = 0; i < *num; i++) {
9000 wpa_printf(MSG_DEBUG, "nl80211: preferred_channel_list[%d]=%d",
9001 i, freq_list[i]);
9002 }
9003
9004 return 0;
9005 }
9006
9007
nl80211_set_prob_oper_freq(void * priv,unsigned int freq)9008 static int nl80211_set_prob_oper_freq(void *priv, unsigned int freq)
9009 {
9010 struct i802_bss *bss = priv;
9011 struct wpa_driver_nl80211_data *drv = bss->drv;
9012 struct nl_msg *msg;
9013 int ret;
9014 struct nlattr *params;
9015
9016 if (!drv->set_prob_oper_freq)
9017 return -1;
9018
9019 wpa_printf(MSG_DEBUG,
9020 "nl80211: Set P2P probable operating freq %u for ifindex %d",
9021 freq, bss->ifindex);
9022
9023 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) ||
9024 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) ||
9025 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD,
9026 QCA_NL80211_VENDOR_SUBCMD_SET_PROBABLE_OPER_CHANNEL) ||
9027 !(params = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) ||
9028 nla_put_u32(msg,
9029 QCA_WLAN_VENDOR_ATTR_PROBABLE_OPER_CHANNEL_IFACE_TYPE,
9030 QCA_IFACE_TYPE_P2P_CLIENT) ||
9031 nla_put_u32(msg,
9032 QCA_WLAN_VENDOR_ATTR_PROBABLE_OPER_CHANNEL_FREQ,
9033 freq)) {
9034 wpa_printf(MSG_ERROR,
9035 "%s: err in adding vendor_cmd and vendor_data",
9036 __func__);
9037 nlmsg_free(msg);
9038 return -1;
9039 }
9040 nla_nest_end(msg, params);
9041
9042 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
9043 msg = NULL;
9044 if (ret) {
9045 wpa_printf(MSG_ERROR, "%s: err in send_and_recv_msgs",
9046 __func__);
9047 return ret;
9048 }
9049 nlmsg_free(msg);
9050 return 0;
9051 }
9052
9053 #endif /* CONFIG_DRIVER_NL80211_QCA */
9054
9055
9056 const struct wpa_driver_ops wpa_driver_nl80211_ops = {
9057 .name = "nl80211",
9058 .desc = "Linux nl80211/cfg80211",
9059 .get_bssid = wpa_driver_nl80211_get_bssid,
9060 .get_ssid = wpa_driver_nl80211_get_ssid,
9061 .set_key = driver_nl80211_set_key,
9062 .scan2 = driver_nl80211_scan2,
9063 .sched_scan = wpa_driver_nl80211_sched_scan,
9064 .stop_sched_scan = wpa_driver_nl80211_stop_sched_scan,
9065 .get_scan_results2 = wpa_driver_nl80211_get_scan_results,
9066 .abort_scan = wpa_driver_nl80211_abort_scan,
9067 .deauthenticate = driver_nl80211_deauthenticate,
9068 .authenticate = driver_nl80211_authenticate,
9069 .associate = wpa_driver_nl80211_associate,
9070 .global_init = nl80211_global_init,
9071 .global_deinit = nl80211_global_deinit,
9072 .init2 = wpa_driver_nl80211_init,
9073 .deinit = driver_nl80211_deinit,
9074 .get_capa = wpa_driver_nl80211_get_capa,
9075 .set_operstate = wpa_driver_nl80211_set_operstate,
9076 .set_supp_port = wpa_driver_nl80211_set_supp_port,
9077 .set_country = wpa_driver_nl80211_set_country,
9078 .get_country = wpa_driver_nl80211_get_country,
9079 .set_ap = wpa_driver_nl80211_set_ap,
9080 .set_acl = wpa_driver_nl80211_set_acl,
9081 .if_add = wpa_driver_nl80211_if_add,
9082 .if_remove = driver_nl80211_if_remove,
9083 .send_mlme = driver_nl80211_send_mlme,
9084 .get_hw_feature_data = nl80211_get_hw_feature_data,
9085 .sta_add = wpa_driver_nl80211_sta_add,
9086 .sta_remove = driver_nl80211_sta_remove,
9087 .hapd_send_eapol = wpa_driver_nl80211_hapd_send_eapol,
9088 .sta_set_flags = wpa_driver_nl80211_sta_set_flags,
9089 .hapd_init = i802_init,
9090 .hapd_deinit = i802_deinit,
9091 .set_wds_sta = i802_set_wds_sta,
9092 .get_seqnum = i802_get_seqnum,
9093 .flush = i802_flush,
9094 .get_inact_sec = i802_get_inact_sec,
9095 .sta_clear_stats = i802_sta_clear_stats,
9096 .set_rts = i802_set_rts,
9097 .set_frag = i802_set_frag,
9098 .set_tx_queue_params = i802_set_tx_queue_params,
9099 .set_sta_vlan = driver_nl80211_set_sta_vlan,
9100 .sta_deauth = i802_sta_deauth,
9101 .sta_disassoc = i802_sta_disassoc,
9102 .read_sta_data = driver_nl80211_read_sta_data,
9103 .set_freq = i802_set_freq,
9104 .send_action = driver_nl80211_send_action,
9105 .send_action_cancel_wait = wpa_driver_nl80211_send_action_cancel_wait,
9106 .remain_on_channel = wpa_driver_nl80211_remain_on_channel,
9107 .cancel_remain_on_channel =
9108 wpa_driver_nl80211_cancel_remain_on_channel,
9109 .probe_req_report = driver_nl80211_probe_req_report,
9110 .deinit_ap = wpa_driver_nl80211_deinit_ap,
9111 .deinit_p2p_cli = wpa_driver_nl80211_deinit_p2p_cli,
9112 .resume = wpa_driver_nl80211_resume,
9113 .signal_monitor = nl80211_signal_monitor,
9114 .signal_poll = nl80211_signal_poll,
9115 .send_frame = nl80211_send_frame,
9116 .set_param = nl80211_set_param,
9117 .get_radio_name = nl80211_get_radio_name,
9118 .add_pmkid = nl80211_add_pmkid,
9119 .remove_pmkid = nl80211_remove_pmkid,
9120 .flush_pmkid = nl80211_flush_pmkid,
9121 .set_rekey_info = nl80211_set_rekey_info,
9122 .poll_client = nl80211_poll_client,
9123 .set_p2p_powersave = nl80211_set_p2p_powersave,
9124 .start_dfs_cac = nl80211_start_radar_detection,
9125 .stop_ap = wpa_driver_nl80211_stop_ap,
9126 #ifdef CONFIG_TDLS
9127 .send_tdls_mgmt = nl80211_send_tdls_mgmt,
9128 .tdls_oper = nl80211_tdls_oper,
9129 .tdls_enable_channel_switch = nl80211_tdls_enable_channel_switch,
9130 .tdls_disable_channel_switch = nl80211_tdls_disable_channel_switch,
9131 #endif /* CONFIG_TDLS */
9132 .update_ft_ies = wpa_driver_nl80211_update_ft_ies,
9133 .get_mac_addr = wpa_driver_nl80211_get_macaddr,
9134 .get_survey = wpa_driver_nl80211_get_survey,
9135 .status = wpa_driver_nl80211_status,
9136 .switch_channel = nl80211_switch_channel,
9137 #ifdef ANDROID_P2P
9138 .set_noa = wpa_driver_set_p2p_noa,
9139 .get_noa = wpa_driver_get_p2p_noa,
9140 .set_ap_wps_ie = wpa_driver_set_ap_wps_p2p_ie,
9141 #endif /* ANDROID_P2P */
9142 #ifdef ANDROID
9143 #ifndef ANDROID_LIB_STUB
9144 .driver_cmd = wpa_driver_nl80211_driver_cmd,
9145 #endif /* !ANDROID_LIB_STUB */
9146 #endif /* ANDROID */
9147 .vendor_cmd = nl80211_vendor_cmd,
9148 .set_qos_map = nl80211_set_qos_map,
9149 .set_wowlan = nl80211_set_wowlan,
9150 #ifdef CONFIG_DRIVER_NL80211_QCA
9151 .roaming = nl80211_roaming,
9152 #endif /* CONFIG_DRIVER_NL80211_QCA */
9153 .set_mac_addr = nl80211_set_mac_addr,
9154 #ifdef CONFIG_MESH
9155 .init_mesh = wpa_driver_nl80211_init_mesh,
9156 .join_mesh = wpa_driver_nl80211_join_mesh,
9157 .leave_mesh = wpa_driver_nl80211_leave_mesh,
9158 #endif /* CONFIG_MESH */
9159 .br_add_ip_neigh = wpa_driver_br_add_ip_neigh,
9160 .br_delete_ip_neigh = wpa_driver_br_delete_ip_neigh,
9161 .br_port_set_attr = wpa_driver_br_port_set_attr,
9162 .br_set_net_param = wpa_driver_br_set_net_param,
9163 .add_tx_ts = nl80211_add_ts,
9164 .del_tx_ts = nl80211_del_ts,
9165 .get_ifindex = nl80211_get_ifindex,
9166 #ifdef CONFIG_DRIVER_NL80211_QCA
9167 .do_acs = wpa_driver_do_acs,
9168 .set_band = nl80211_set_band,
9169 .get_pref_freq_list = nl80211_get_pref_freq_list,
9170 .set_prob_oper_freq = nl80211_set_prob_oper_freq,
9171 #endif /* CONFIG_DRIVER_NL80211_QCA */
9172 };
9173