1 /*
2  * hostapd / Hardware feature query and different modes
3  * Copyright 2002-2003, Instant802 Networks, Inc.
4  * Copyright 2005-2006, Devicescape Software, Inc.
5  * Copyright (c) 2008-2012, Jouni Malinen <j@w1.fi>
6  *
7  * This software may be distributed under the terms of the BSD license.
8  * See README for more details.
9  */
10 
11 #include "utils/includes.h"
12 
13 #include "utils/common.h"
14 #include "utils/eloop.h"
15 #include "common/ieee802_11_defs.h"
16 #include "common/ieee802_11_common.h"
17 #include "common/wpa_ctrl.h"
18 #include "common/hw_features_common.h"
19 #include "hostapd.h"
20 #include "ap_config.h"
21 #include "ap_drv_ops.h"
22 #include "acs.h"
23 #include "ieee802_11.h"
24 #include "beacon.h"
25 #include "hw_features.h"
26 
27 
hostapd_free_hw_features(struct hostapd_hw_modes * hw_features,size_t num_hw_features)28 void hostapd_free_hw_features(struct hostapd_hw_modes *hw_features,
29 			      size_t num_hw_features)
30 {
31 	size_t i;
32 
33 	if (hw_features == NULL)
34 		return;
35 
36 	for (i = 0; i < num_hw_features; i++) {
37 		os_free(hw_features[i].channels);
38 		os_free(hw_features[i].rates);
39 	}
40 
41 	os_free(hw_features);
42 }
43 
44 
45 #ifndef CONFIG_NO_STDOUT_DEBUG
dfs_info(struct hostapd_channel_data * chan)46 static char * dfs_info(struct hostapd_channel_data *chan)
47 {
48 	static char info[256];
49 	char *state;
50 
51 	switch (chan->flag & HOSTAPD_CHAN_DFS_MASK) {
52 	case HOSTAPD_CHAN_DFS_UNKNOWN:
53 		state = "unknown";
54 		break;
55 	case HOSTAPD_CHAN_DFS_USABLE:
56 		state = "usable";
57 		break;
58 	case HOSTAPD_CHAN_DFS_UNAVAILABLE:
59 		state = "unavailable";
60 		break;
61 	case HOSTAPD_CHAN_DFS_AVAILABLE:
62 		state = "available";
63 		break;
64 	default:
65 		return "";
66 	}
67 	os_snprintf(info, sizeof(info), " (DFS state = %s)", state);
68 	info[sizeof(info) - 1] = '\0';
69 
70 	return info;
71 }
72 #endif /* CONFIG_NO_STDOUT_DEBUG */
73 
74 
hostapd_get_hw_features(struct hostapd_iface * iface)75 int hostapd_get_hw_features(struct hostapd_iface *iface)
76 {
77 	struct hostapd_data *hapd = iface->bss[0];
78 	int i, j;
79 	u16 num_modes, flags;
80 	struct hostapd_hw_modes *modes;
81 
82 	if (hostapd_drv_none(hapd))
83 		return -1;
84 	modes = hostapd_get_hw_feature_data(hapd, &num_modes, &flags);
85 	if (modes == NULL) {
86 		hostapd_logger(hapd, NULL, HOSTAPD_MODULE_IEEE80211,
87 			       HOSTAPD_LEVEL_DEBUG,
88 			       "Fetching hardware channel/rate support not "
89 			       "supported.");
90 		return -1;
91 	}
92 
93 	iface->hw_flags = flags;
94 
95 	hostapd_free_hw_features(iface->hw_features, iface->num_hw_features);
96 	iface->hw_features = modes;
97 	iface->num_hw_features = num_modes;
98 
99 	for (i = 0; i < num_modes; i++) {
100 		struct hostapd_hw_modes *feature = &modes[i];
101 		int dfs_enabled = hapd->iconf->ieee80211h &&
102 			(iface->drv_flags & WPA_DRIVER_FLAGS_RADAR);
103 
104 		/* set flag for channels we can use in current regulatory
105 		 * domain */
106 		for (j = 0; j < feature->num_channels; j++) {
107 			int dfs = 0;
108 
109 			/*
110 			 * Disable all channels that are marked not to allow
111 			 * to initiate radiation (a.k.a. passive scan and no
112 			 * IBSS).
113 			 * Use radar channels only if the driver supports DFS.
114 			 */
115 			if ((feature->channels[j].flag &
116 			     HOSTAPD_CHAN_RADAR) && dfs_enabled) {
117 				dfs = 1;
118 			} else if (((feature->channels[j].flag &
119 				     HOSTAPD_CHAN_RADAR) &&
120 				    !(iface->drv_flags &
121 				      WPA_DRIVER_FLAGS_DFS_OFFLOAD)) ||
122 				   (feature->channels[j].flag &
123 				    HOSTAPD_CHAN_NO_IR)) {
124 				feature->channels[j].flag |=
125 					HOSTAPD_CHAN_DISABLED;
126 			}
127 
128 			if (feature->channels[j].flag & HOSTAPD_CHAN_DISABLED)
129 				continue;
130 
131 			wpa_printf(MSG_MSGDUMP, "Allowed channel: mode=%d "
132 				   "chan=%d freq=%d MHz max_tx_power=%d dBm%s",
133 				   feature->mode,
134 				   feature->channels[j].chan,
135 				   feature->channels[j].freq,
136 				   feature->channels[j].max_tx_power,
137 				   dfs ? dfs_info(&feature->channels[j]) : "");
138 		}
139 	}
140 
141 	return 0;
142 }
143 
144 
hostapd_prepare_rates(struct hostapd_iface * iface,struct hostapd_hw_modes * mode)145 int hostapd_prepare_rates(struct hostapd_iface *iface,
146 			  struct hostapd_hw_modes *mode)
147 {
148 	int i, num_basic_rates = 0;
149 	int basic_rates_a[] = { 60, 120, 240, -1 };
150 	int basic_rates_b[] = { 10, 20, -1 };
151 	int basic_rates_g[] = { 10, 20, 55, 110, -1 };
152 	int *basic_rates;
153 
154 	if (iface->conf->basic_rates)
155 		basic_rates = iface->conf->basic_rates;
156 	else switch (mode->mode) {
157 	case HOSTAPD_MODE_IEEE80211A:
158 		basic_rates = basic_rates_a;
159 		break;
160 	case HOSTAPD_MODE_IEEE80211B:
161 		basic_rates = basic_rates_b;
162 		break;
163 	case HOSTAPD_MODE_IEEE80211G:
164 		basic_rates = basic_rates_g;
165 		break;
166 	case HOSTAPD_MODE_IEEE80211AD:
167 		return 0; /* No basic rates for 11ad */
168 	default:
169 		return -1;
170 	}
171 
172 	i = 0;
173 	while (basic_rates[i] >= 0)
174 		i++;
175 	if (i)
176 		i++; /* -1 termination */
177 	os_free(iface->basic_rates);
178 	iface->basic_rates = os_malloc(i * sizeof(int));
179 	if (iface->basic_rates)
180 		os_memcpy(iface->basic_rates, basic_rates, i * sizeof(int));
181 
182 	os_free(iface->current_rates);
183 	iface->num_rates = 0;
184 
185 	iface->current_rates =
186 		os_calloc(mode->num_rates, sizeof(struct hostapd_rate_data));
187 	if (!iface->current_rates) {
188 		wpa_printf(MSG_ERROR, "Failed to allocate memory for rate "
189 			   "table.");
190 		return -1;
191 	}
192 
193 	for (i = 0; i < mode->num_rates; i++) {
194 		struct hostapd_rate_data *rate;
195 
196 		if (iface->conf->supported_rates &&
197 		    !hostapd_rate_found(iface->conf->supported_rates,
198 					mode->rates[i]))
199 			continue;
200 
201 		rate = &iface->current_rates[iface->num_rates];
202 		rate->rate = mode->rates[i];
203 		if (hostapd_rate_found(basic_rates, rate->rate)) {
204 			rate->flags |= HOSTAPD_RATE_BASIC;
205 			num_basic_rates++;
206 		}
207 		wpa_printf(MSG_DEBUG, "RATE[%d] rate=%d flags=0x%x",
208 			   iface->num_rates, rate->rate, rate->flags);
209 		iface->num_rates++;
210 	}
211 
212 	if ((iface->num_rates == 0 || num_basic_rates == 0) &&
213 	    (!iface->conf->ieee80211n || !iface->conf->require_ht)) {
214 		wpa_printf(MSG_ERROR, "No rates remaining in supported/basic "
215 			   "rate sets (%d,%d).",
216 			   iface->num_rates, num_basic_rates);
217 		return -1;
218 	}
219 
220 	return 0;
221 }
222 
223 
224 #ifdef CONFIG_IEEE80211N
ieee80211n_allowed_ht40_channel_pair(struct hostapd_iface * iface)225 static int ieee80211n_allowed_ht40_channel_pair(struct hostapd_iface *iface)
226 {
227 	int pri_chan, sec_chan;
228 
229 	if (!iface->conf->secondary_channel)
230 		return 1; /* HT40 not used */
231 
232 	pri_chan = iface->conf->channel;
233 	sec_chan = pri_chan + iface->conf->secondary_channel * 4;
234 
235 	return allowed_ht40_channel_pair(iface->current_mode, pri_chan,
236 					 sec_chan);
237 }
238 
239 
ieee80211n_switch_pri_sec(struct hostapd_iface * iface)240 static void ieee80211n_switch_pri_sec(struct hostapd_iface *iface)
241 {
242 	if (iface->conf->secondary_channel > 0) {
243 		iface->conf->channel += 4;
244 		iface->conf->secondary_channel = -1;
245 	} else {
246 		iface->conf->channel -= 4;
247 		iface->conf->secondary_channel = 1;
248 	}
249 }
250 
251 
ieee80211n_check_40mhz_5g(struct hostapd_iface * iface,struct wpa_scan_results * scan_res)252 static int ieee80211n_check_40mhz_5g(struct hostapd_iface *iface,
253 				     struct wpa_scan_results *scan_res)
254 {
255 	int pri_chan, sec_chan;
256 	int res;
257 
258 	pri_chan = iface->conf->channel;
259 	sec_chan = pri_chan + iface->conf->secondary_channel * 4;
260 
261 	res = check_40mhz_5g(iface->current_mode, scan_res, pri_chan, sec_chan);
262 
263 	if (res == 2) {
264 		if (iface->conf->no_pri_sec_switch) {
265 			wpa_printf(MSG_DEBUG,
266 				   "Cannot switch PRI/SEC channels due to local constraint");
267 		} else {
268 			ieee80211n_switch_pri_sec(iface);
269 		}
270 	}
271 
272 	return !!res;
273 }
274 
275 
ieee80211n_check_40mhz_2g4(struct hostapd_iface * iface,struct wpa_scan_results * scan_res)276 static int ieee80211n_check_40mhz_2g4(struct hostapd_iface *iface,
277 				      struct wpa_scan_results *scan_res)
278 {
279 	int pri_chan, sec_chan;
280 
281 	pri_chan = iface->conf->channel;
282 	sec_chan = pri_chan + iface->conf->secondary_channel * 4;
283 
284 	return check_40mhz_2g4(iface->current_mode, scan_res, pri_chan,
285 			       sec_chan);
286 }
287 
288 
ieee80211n_check_scan(struct hostapd_iface * iface)289 static void ieee80211n_check_scan(struct hostapd_iface *iface)
290 {
291 	struct wpa_scan_results *scan_res;
292 	int oper40;
293 	int res;
294 
295 	/* Check list of neighboring BSSes (from scan) to see whether 40 MHz is
296 	 * allowed per IEEE Std 802.11-2012, 10.15.3.2 */
297 
298 	iface->scan_cb = NULL;
299 
300 	scan_res = hostapd_driver_get_scan_results(iface->bss[0]);
301 	if (scan_res == NULL) {
302 		hostapd_setup_interface_complete(iface, 1);
303 		return;
304 	}
305 
306 	if (iface->current_mode->mode == HOSTAPD_MODE_IEEE80211A)
307 		oper40 = ieee80211n_check_40mhz_5g(iface, scan_res);
308 	else
309 		oper40 = ieee80211n_check_40mhz_2g4(iface, scan_res);
310 	wpa_scan_results_free(scan_res);
311 
312 	iface->secondary_ch = iface->conf->secondary_channel;
313 	if (!oper40) {
314 		wpa_printf(MSG_INFO, "20/40 MHz operation not permitted on "
315 			   "channel pri=%d sec=%d based on overlapping BSSes",
316 			   iface->conf->channel,
317 			   iface->conf->channel +
318 			   iface->conf->secondary_channel * 4);
319 		iface->conf->secondary_channel = 0;
320 		if (iface->drv_flags & WPA_DRIVER_FLAGS_HT_2040_COEX) {
321 			/*
322 			 * TODO: Could consider scheduling another scan to check
323 			 * if channel width can be changed if no coex reports
324 			 * are received from associating stations.
325 			 */
326 		}
327 	}
328 
329 	res = ieee80211n_allowed_ht40_channel_pair(iface);
330 	if (!res) {
331 		iface->conf->secondary_channel = 0;
332 		res = 1;
333 		wpa_printf(MSG_INFO, "Fallback to 20 MHz");
334 	}
335 
336 	hostapd_setup_interface_complete(iface, !res);
337 }
338 
339 
ieee80211n_scan_channels_2g4(struct hostapd_iface * iface,struct wpa_driver_scan_params * params)340 static void ieee80211n_scan_channels_2g4(struct hostapd_iface *iface,
341 					 struct wpa_driver_scan_params *params)
342 {
343 	/* Scan only the affected frequency range */
344 	int pri_freq, sec_freq;
345 	int affected_start, affected_end;
346 	int i, pos;
347 	struct hostapd_hw_modes *mode;
348 
349 	if (iface->current_mode == NULL)
350 		return;
351 
352 	pri_freq = hostapd_hw_get_freq(iface->bss[0], iface->conf->channel);
353 	if (iface->conf->secondary_channel > 0)
354 		sec_freq = pri_freq + 20;
355 	else
356 		sec_freq = pri_freq - 20;
357 	/*
358 	 * Note: Need to find the PRI channel also in cases where the affected
359 	 * channel is the SEC channel of a 40 MHz BSS, so need to include the
360 	 * scanning coverage here to be 40 MHz from the center frequency.
361 	 */
362 	affected_start = (pri_freq + sec_freq) / 2 - 40;
363 	affected_end = (pri_freq + sec_freq) / 2 + 40;
364 	wpa_printf(MSG_DEBUG, "40 MHz affected channel range: [%d,%d] MHz",
365 		   affected_start, affected_end);
366 
367 	mode = iface->current_mode;
368 	params->freqs = os_calloc(mode->num_channels + 1, sizeof(int));
369 	if (params->freqs == NULL)
370 		return;
371 	pos = 0;
372 
373 	for (i = 0; i < mode->num_channels; i++) {
374 		struct hostapd_channel_data *chan = &mode->channels[i];
375 		if (chan->flag & HOSTAPD_CHAN_DISABLED)
376 			continue;
377 		if (chan->freq < affected_start ||
378 		    chan->freq > affected_end)
379 			continue;
380 		params->freqs[pos++] = chan->freq;
381 	}
382 }
383 
384 
ieee80211n_scan_channels_5g(struct hostapd_iface * iface,struct wpa_driver_scan_params * params)385 static void ieee80211n_scan_channels_5g(struct hostapd_iface *iface,
386 					struct wpa_driver_scan_params *params)
387 {
388 	/* Scan only the affected frequency range */
389 	int pri_freq;
390 	int affected_start, affected_end;
391 	int i, pos;
392 	struct hostapd_hw_modes *mode;
393 
394 	if (iface->current_mode == NULL)
395 		return;
396 
397 	pri_freq = hostapd_hw_get_freq(iface->bss[0], iface->conf->channel);
398 	if (iface->conf->secondary_channel > 0) {
399 		affected_start = pri_freq - 10;
400 		affected_end = pri_freq + 30;
401 	} else {
402 		affected_start = pri_freq - 30;
403 		affected_end = pri_freq + 10;
404 	}
405 	wpa_printf(MSG_DEBUG, "40 MHz affected channel range: [%d,%d] MHz",
406 		   affected_start, affected_end);
407 
408 	mode = iface->current_mode;
409 	params->freqs = os_calloc(mode->num_channels + 1, sizeof(int));
410 	if (params->freqs == NULL)
411 		return;
412 	pos = 0;
413 
414 	for (i = 0; i < mode->num_channels; i++) {
415 		struct hostapd_channel_data *chan = &mode->channels[i];
416 		if (chan->flag & HOSTAPD_CHAN_DISABLED)
417 			continue;
418 		if (chan->freq < affected_start ||
419 		    chan->freq > affected_end)
420 			continue;
421 		params->freqs[pos++] = chan->freq;
422 	}
423 }
424 
425 
ap_ht40_scan_retry(void * eloop_data,void * user_data)426 static void ap_ht40_scan_retry(void *eloop_data, void *user_data)
427 {
428 #define HT2040_COEX_SCAN_RETRY 15
429 	struct hostapd_iface *iface = eloop_data;
430 	struct wpa_driver_scan_params params;
431 	int ret;
432 
433 	os_memset(&params, 0, sizeof(params));
434 	if (iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G)
435 		ieee80211n_scan_channels_2g4(iface, &params);
436 	else
437 		ieee80211n_scan_channels_5g(iface, &params);
438 
439 	ret = hostapd_driver_scan(iface->bss[0], &params);
440 	iface->num_ht40_scan_tries++;
441 	os_free(params.freqs);
442 
443 	if (ret == -EBUSY &&
444 	    iface->num_ht40_scan_tries < HT2040_COEX_SCAN_RETRY) {
445 		wpa_printf(MSG_ERROR,
446 			   "Failed to request a scan of neighboring BSSes ret=%d (%s) - try to scan again (attempt %d)",
447 			   ret, strerror(-ret), iface->num_ht40_scan_tries);
448 		eloop_register_timeout(1, 0, ap_ht40_scan_retry, iface, NULL);
449 		return;
450 	}
451 
452 	if (ret == 0) {
453 		iface->scan_cb = ieee80211n_check_scan;
454 		return;
455 	}
456 
457 	wpa_printf(MSG_DEBUG,
458 		   "Failed to request a scan in device, bringing up in HT20 mode");
459 	iface->conf->secondary_channel = 0;
460 	iface->conf->ht_capab &= ~HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET;
461 	hostapd_setup_interface_complete(iface, 0);
462 }
463 
464 
hostapd_stop_setup_timers(struct hostapd_iface * iface)465 void hostapd_stop_setup_timers(struct hostapd_iface *iface)
466 {
467 	eloop_cancel_timeout(ap_ht40_scan_retry, iface, NULL);
468 }
469 
470 
ieee80211n_check_40mhz(struct hostapd_iface * iface)471 static int ieee80211n_check_40mhz(struct hostapd_iface *iface)
472 {
473 	struct wpa_driver_scan_params params;
474 	int ret;
475 
476 	/* Check that HT40 is used and PRI / SEC switch is allowed */
477 	if (!iface->conf->secondary_channel || iface->conf->no_pri_sec_switch)
478 		return 0;
479 
480 	hostapd_set_state(iface, HAPD_IFACE_HT_SCAN);
481 	wpa_printf(MSG_DEBUG, "Scan for neighboring BSSes prior to enabling "
482 		   "40 MHz channel");
483 	os_memset(&params, 0, sizeof(params));
484 	if (iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G)
485 		ieee80211n_scan_channels_2g4(iface, &params);
486 	else
487 		ieee80211n_scan_channels_5g(iface, &params);
488 
489 	ret = hostapd_driver_scan(iface->bss[0], &params);
490 	os_free(params.freqs);
491 
492 	if (ret == -EBUSY) {
493 		wpa_printf(MSG_ERROR,
494 			   "Failed to request a scan of neighboring BSSes ret=%d (%s) - try to scan again",
495 			   ret, strerror(-ret));
496 		iface->num_ht40_scan_tries = 1;
497 		eloop_cancel_timeout(ap_ht40_scan_retry, iface, NULL);
498 		eloop_register_timeout(1, 0, ap_ht40_scan_retry, iface, NULL);
499 		return 1;
500 	}
501 
502 	if (ret < 0) {
503 		wpa_printf(MSG_ERROR,
504 			   "Failed to request a scan of neighboring BSSes ret=%d (%s)",
505 			   ret, strerror(-ret));
506 		return -1;
507 	}
508 
509 	iface->scan_cb = ieee80211n_check_scan;
510 	return 1;
511 }
512 
513 
ieee80211n_supported_ht_capab(struct hostapd_iface * iface)514 static int ieee80211n_supported_ht_capab(struct hostapd_iface *iface)
515 {
516 	u16 hw = iface->current_mode->ht_capab;
517 	u16 conf = iface->conf->ht_capab;
518 
519 	if ((conf & HT_CAP_INFO_LDPC_CODING_CAP) &&
520 	    !(hw & HT_CAP_INFO_LDPC_CODING_CAP)) {
521 		wpa_printf(MSG_ERROR, "Driver does not support configured "
522 			   "HT capability [LDPC]");
523 		return 0;
524 	}
525 
526 	/*
527 	 * Driver ACS chosen channel may not be HT40 due to internal driver
528 	 * restrictions.
529 	 */
530 	if (!iface->conf->acs && (conf & HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET) &&
531 	    !(hw & HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET)) {
532 		wpa_printf(MSG_ERROR, "Driver does not support configured "
533 			   "HT capability [HT40*]");
534 		return 0;
535 	}
536 
537 	switch (conf & HT_CAP_INFO_SMPS_MASK) {
538 	case HT_CAP_INFO_SMPS_STATIC:
539 		if (!(iface->smps_modes & WPA_DRIVER_SMPS_MODE_STATIC)) {
540 			wpa_printf(MSG_ERROR,
541 				   "Driver does not support configured HT capability [SMPS-STATIC]");
542 			return 0;
543 		}
544 		break;
545 	case HT_CAP_INFO_SMPS_DYNAMIC:
546 		if (!(iface->smps_modes & WPA_DRIVER_SMPS_MODE_DYNAMIC)) {
547 			wpa_printf(MSG_ERROR,
548 				   "Driver does not support configured HT capability [SMPS-DYNAMIC]");
549 			return 0;
550 		}
551 		break;
552 	case HT_CAP_INFO_SMPS_DISABLED:
553 	default:
554 		break;
555 	}
556 
557 	if ((conf & HT_CAP_INFO_GREEN_FIELD) &&
558 	    !(hw & HT_CAP_INFO_GREEN_FIELD)) {
559 		wpa_printf(MSG_ERROR, "Driver does not support configured "
560 			   "HT capability [GF]");
561 		return 0;
562 	}
563 
564 	if ((conf & HT_CAP_INFO_SHORT_GI20MHZ) &&
565 	    !(hw & HT_CAP_INFO_SHORT_GI20MHZ)) {
566 		wpa_printf(MSG_ERROR, "Driver does not support configured "
567 			   "HT capability [SHORT-GI-20]");
568 		return 0;
569 	}
570 
571 	if ((conf & HT_CAP_INFO_SHORT_GI40MHZ) &&
572 	    !(hw & HT_CAP_INFO_SHORT_GI40MHZ)) {
573 		wpa_printf(MSG_ERROR, "Driver does not support configured "
574 			   "HT capability [SHORT-GI-40]");
575 		return 0;
576 	}
577 
578 	if ((conf & HT_CAP_INFO_TX_STBC) && !(hw & HT_CAP_INFO_TX_STBC)) {
579 		wpa_printf(MSG_ERROR, "Driver does not support configured "
580 			   "HT capability [TX-STBC]");
581 		return 0;
582 	}
583 
584 	if ((conf & HT_CAP_INFO_RX_STBC_MASK) >
585 	    (hw & HT_CAP_INFO_RX_STBC_MASK)) {
586 		wpa_printf(MSG_ERROR, "Driver does not support configured "
587 			   "HT capability [RX-STBC*]");
588 		return 0;
589 	}
590 
591 	if ((conf & HT_CAP_INFO_DELAYED_BA) &&
592 	    !(hw & HT_CAP_INFO_DELAYED_BA)) {
593 		wpa_printf(MSG_ERROR, "Driver does not support configured "
594 			   "HT capability [DELAYED-BA]");
595 		return 0;
596 	}
597 
598 	if ((conf & HT_CAP_INFO_MAX_AMSDU_SIZE) &&
599 	    !(hw & HT_CAP_INFO_MAX_AMSDU_SIZE)) {
600 		wpa_printf(MSG_ERROR, "Driver does not support configured "
601 			   "HT capability [MAX-AMSDU-7935]");
602 		return 0;
603 	}
604 
605 	if ((conf & HT_CAP_INFO_DSSS_CCK40MHZ) &&
606 	    !(hw & HT_CAP_INFO_DSSS_CCK40MHZ)) {
607 		wpa_printf(MSG_ERROR, "Driver does not support configured "
608 			   "HT capability [DSSS_CCK-40]");
609 		return 0;
610 	}
611 
612 	if ((conf & HT_CAP_INFO_LSIG_TXOP_PROTECT_SUPPORT) &&
613 	    !(hw & HT_CAP_INFO_LSIG_TXOP_PROTECT_SUPPORT)) {
614 		wpa_printf(MSG_ERROR, "Driver does not support configured "
615 			   "HT capability [LSIG-TXOP-PROT]");
616 		return 0;
617 	}
618 
619 	return 1;
620 }
621 
622 
623 #ifdef CONFIG_IEEE80211AC
624 
ieee80211ac_cap_check(u32 hw,u32 conf,u32 cap,const char * name)625 static int ieee80211ac_cap_check(u32 hw, u32 conf, u32 cap, const char *name)
626 {
627 	u32 req_cap = conf & cap;
628 
629 	/*
630 	 * Make sure we support all requested capabilities.
631 	 * NOTE: We assume that 'cap' represents a capability mask,
632 	 * not a discrete value.
633 	 */
634 	if ((hw & req_cap) != req_cap) {
635 		wpa_printf(MSG_ERROR, "Driver does not support configured VHT capability [%s]",
636 			   name);
637 		return 0;
638 	}
639 	return 1;
640 }
641 
642 
ieee80211ac_cap_check_max(u32 hw,u32 conf,u32 mask,unsigned int shift,const char * name)643 static int ieee80211ac_cap_check_max(u32 hw, u32 conf, u32 mask,
644 				     unsigned int shift,
645 				     const char *name)
646 {
647 	u32 hw_max = hw & mask;
648 	u32 conf_val = conf & mask;
649 
650 	if (conf_val > hw_max) {
651 		wpa_printf(MSG_ERROR, "Configured VHT capability [%s] exceeds max value supported by the driver (%d > %d)",
652 			   name, conf_val >> shift, hw_max >> shift);
653 		return 0;
654 	}
655 	return 1;
656 }
657 
658 
ieee80211ac_supported_vht_capab(struct hostapd_iface * iface)659 static int ieee80211ac_supported_vht_capab(struct hostapd_iface *iface)
660 {
661 	struct hostapd_hw_modes *mode = iface->current_mode;
662 	u32 hw = mode->vht_capab;
663 	u32 conf = iface->conf->vht_capab;
664 
665 	wpa_printf(MSG_DEBUG, "hw vht capab: 0x%x, conf vht capab: 0x%x",
666 		   hw, conf);
667 
668 	if (mode->mode == HOSTAPD_MODE_IEEE80211G &&
669 	    iface->conf->bss[0]->vendor_vht &&
670 	    mode->vht_capab == 0 && iface->hw_features) {
671 		int i;
672 
673 		for (i = 0; i < iface->num_hw_features; i++) {
674 			if (iface->hw_features[i].mode ==
675 			    HOSTAPD_MODE_IEEE80211A) {
676 				mode = &iface->hw_features[i];
677 				hw = mode->vht_capab;
678 				wpa_printf(MSG_DEBUG,
679 					   "update hw vht capab based on 5 GHz band: 0x%x",
680 					   hw);
681 				break;
682 			}
683 		}
684 	}
685 
686 #define VHT_CAP_CHECK(cap) \
687 	do { \
688 		if (!ieee80211ac_cap_check(hw, conf, cap, #cap)) \
689 			return 0; \
690 	} while (0)
691 
692 #define VHT_CAP_CHECK_MAX(cap) \
693 	do { \
694 		if (!ieee80211ac_cap_check_max(hw, conf, cap, cap ## _SHIFT, \
695 					       #cap)) \
696 			return 0; \
697 	} while (0)
698 
699 	VHT_CAP_CHECK_MAX(VHT_CAP_MAX_MPDU_LENGTH_MASK);
700 	VHT_CAP_CHECK(VHT_CAP_SUPP_CHAN_WIDTH_160MHZ);
701 	VHT_CAP_CHECK(VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ);
702 	VHT_CAP_CHECK(VHT_CAP_RXLDPC);
703 	VHT_CAP_CHECK(VHT_CAP_SHORT_GI_80);
704 	VHT_CAP_CHECK(VHT_CAP_SHORT_GI_160);
705 	VHT_CAP_CHECK(VHT_CAP_TXSTBC);
706 	VHT_CAP_CHECK_MAX(VHT_CAP_RXSTBC_MASK);
707 	VHT_CAP_CHECK(VHT_CAP_SU_BEAMFORMER_CAPABLE);
708 	VHT_CAP_CHECK(VHT_CAP_SU_BEAMFORMEE_CAPABLE);
709 	VHT_CAP_CHECK_MAX(VHT_CAP_BEAMFORMEE_STS_MAX);
710 	VHT_CAP_CHECK_MAX(VHT_CAP_SOUNDING_DIMENSION_MAX);
711 	VHT_CAP_CHECK(VHT_CAP_MU_BEAMFORMER_CAPABLE);
712 	VHT_CAP_CHECK(VHT_CAP_MU_BEAMFORMEE_CAPABLE);
713 	VHT_CAP_CHECK(VHT_CAP_VHT_TXOP_PS);
714 	VHT_CAP_CHECK(VHT_CAP_HTC_VHT);
715 	VHT_CAP_CHECK_MAX(VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX);
716 	VHT_CAP_CHECK(VHT_CAP_VHT_LINK_ADAPTATION_VHT_UNSOL_MFB);
717 	VHT_CAP_CHECK(VHT_CAP_VHT_LINK_ADAPTATION_VHT_MRQ_MFB);
718 	VHT_CAP_CHECK(VHT_CAP_RX_ANTENNA_PATTERN);
719 	VHT_CAP_CHECK(VHT_CAP_TX_ANTENNA_PATTERN);
720 
721 #undef VHT_CAP_CHECK
722 #undef VHT_CAP_CHECK_MAX
723 
724 	return 1;
725 }
726 #endif /* CONFIG_IEEE80211AC */
727 
728 #endif /* CONFIG_IEEE80211N */
729 
730 
hostapd_check_ht_capab(struct hostapd_iface * iface)731 int hostapd_check_ht_capab(struct hostapd_iface *iface)
732 {
733 #ifdef CONFIG_IEEE80211N
734 	int ret;
735 	if (!iface->conf->ieee80211n)
736 		return 0;
737 
738 	if (iface->current_mode->mode != HOSTAPD_MODE_IEEE80211B &&
739 	    iface->current_mode->mode != HOSTAPD_MODE_IEEE80211G &&
740 	    (iface->conf->ht_capab & HT_CAP_INFO_DSSS_CCK40MHZ)) {
741 		wpa_printf(MSG_DEBUG,
742 			   "Disable HT capability [DSSS_CCK-40] on 5 GHz band");
743 		iface->conf->ht_capab &= ~HT_CAP_INFO_DSSS_CCK40MHZ;
744 	}
745 
746 	if (!ieee80211n_supported_ht_capab(iface))
747 		return -1;
748 #ifdef CONFIG_IEEE80211AC
749 	if (!ieee80211ac_supported_vht_capab(iface))
750 		return -1;
751 #endif /* CONFIG_IEEE80211AC */
752 	ret = ieee80211n_check_40mhz(iface);
753 	if (ret)
754 		return ret;
755 	if (!ieee80211n_allowed_ht40_channel_pair(iface))
756 		return -1;
757 #endif /* CONFIG_IEEE80211N */
758 
759 	return 0;
760 }
761 
762 
hostapd_is_usable_chan(struct hostapd_iface * iface,int channel,int primary)763 static int hostapd_is_usable_chan(struct hostapd_iface *iface,
764 				  int channel, int primary)
765 {
766 	int i;
767 	struct hostapd_channel_data *chan;
768 
769 	if (!iface->current_mode)
770 		return 0;
771 
772 	for (i = 0; i < iface->current_mode->num_channels; i++) {
773 		chan = &iface->current_mode->channels[i];
774 		if (chan->chan != channel)
775 			continue;
776 
777 		if (!(chan->flag & HOSTAPD_CHAN_DISABLED))
778 			return 1;
779 
780 		wpa_printf(MSG_DEBUG,
781 			   "%schannel [%i] (%i) is disabled for use in AP mode, flags: 0x%x%s%s",
782 			   primary ? "" : "Configured HT40 secondary ",
783 			   i, chan->chan, chan->flag,
784 			   chan->flag & HOSTAPD_CHAN_NO_IR ? " NO-IR" : "",
785 			   chan->flag & HOSTAPD_CHAN_RADAR ? " RADAR" : "");
786 	}
787 
788 	return 0;
789 }
790 
791 
hostapd_is_usable_chans(struct hostapd_iface * iface)792 static int hostapd_is_usable_chans(struct hostapd_iface *iface)
793 {
794 	if (!hostapd_is_usable_chan(iface, iface->conf->channel, 1))
795 		return 0;
796 
797 	if (!iface->conf->secondary_channel)
798 		return 1;
799 
800 	return hostapd_is_usable_chan(iface, iface->conf->channel +
801 				      iface->conf->secondary_channel * 4, 0);
802 }
803 
804 
805 static enum hostapd_chan_status
hostapd_check_chans(struct hostapd_iface * iface)806 hostapd_check_chans(struct hostapd_iface *iface)
807 {
808 	if (iface->conf->channel) {
809 		if (hostapd_is_usable_chans(iface))
810 			return HOSTAPD_CHAN_VALID;
811 		else
812 			return HOSTAPD_CHAN_INVALID;
813 	}
814 
815 	/*
816 	 * The user set channel=0 or channel=acs_survey
817 	 * which is used to trigger ACS.
818 	 */
819 
820 	switch (acs_init(iface)) {
821 	case HOSTAPD_CHAN_ACS:
822 		return HOSTAPD_CHAN_ACS;
823 	case HOSTAPD_CHAN_VALID:
824 	case HOSTAPD_CHAN_INVALID:
825 	default:
826 		return HOSTAPD_CHAN_INVALID;
827 	}
828 }
829 
830 
hostapd_notify_bad_chans(struct hostapd_iface * iface)831 static void hostapd_notify_bad_chans(struct hostapd_iface *iface)
832 {
833 	if (!iface->current_mode) {
834 		hostapd_logger(iface->bss[0], NULL, HOSTAPD_MODULE_IEEE80211,
835 			       HOSTAPD_LEVEL_WARNING,
836 			       "Hardware does not support configured mode");
837 		return;
838 	}
839 	hostapd_logger(iface->bss[0], NULL,
840 		       HOSTAPD_MODULE_IEEE80211,
841 		       HOSTAPD_LEVEL_WARNING,
842 		       "Configured channel (%d) not found from the "
843 		       "channel list of current mode (%d) %s",
844 		       iface->conf->channel,
845 		       iface->current_mode->mode,
846 		       hostapd_hw_mode_txt(iface->current_mode->mode));
847 	hostapd_logger(iface->bss[0], NULL, HOSTAPD_MODULE_IEEE80211,
848 		       HOSTAPD_LEVEL_WARNING,
849 		       "Hardware does not support configured channel");
850 }
851 
852 
hostapd_acs_completed(struct hostapd_iface * iface,int err)853 int hostapd_acs_completed(struct hostapd_iface *iface, int err)
854 {
855 	int ret = -1;
856 
857 	if (err)
858 		goto out;
859 
860 	switch (hostapd_check_chans(iface)) {
861 	case HOSTAPD_CHAN_VALID:
862 		wpa_msg(iface->bss[0]->msg_ctx, MSG_INFO,
863 			ACS_EVENT_COMPLETED "freq=%d channel=%d",
864 			hostapd_hw_get_freq(iface->bss[0],
865 					    iface->conf->channel),
866 			iface->conf->channel);
867 		break;
868 	case HOSTAPD_CHAN_ACS:
869 		wpa_printf(MSG_ERROR, "ACS error - reported complete, but no result available");
870 		wpa_msg(iface->bss[0]->msg_ctx, MSG_INFO, ACS_EVENT_FAILED);
871 		hostapd_notify_bad_chans(iface);
872 		goto out;
873 	case HOSTAPD_CHAN_INVALID:
874 	default:
875 		wpa_printf(MSG_ERROR, "ACS picked unusable channels");
876 		wpa_msg(iface->bss[0]->msg_ctx, MSG_INFO, ACS_EVENT_FAILED);
877 		hostapd_notify_bad_chans(iface);
878 		goto out;
879 	}
880 
881 	ret = hostapd_check_ht_capab(iface);
882 	if (ret < 0)
883 		goto out;
884 	if (ret == 1) {
885 		wpa_printf(MSG_DEBUG, "Interface initialization will be completed in a callback");
886 		return 0;
887 	}
888 
889 	ret = 0;
890 out:
891 	return hostapd_setup_interface_complete(iface, ret);
892 }
893 
894 
895 /**
896  * hostapd_select_hw_mode - Select the hardware mode
897  * @iface: Pointer to interface data.
898  * Returns: 0 on success, < 0 on failure
899  *
900  * Sets up the hardware mode, channel, rates, and passive scanning
901  * based on the configuration.
902  */
hostapd_select_hw_mode(struct hostapd_iface * iface)903 int hostapd_select_hw_mode(struct hostapd_iface *iface)
904 {
905 	int i;
906 
907 	if (iface->num_hw_features < 1)
908 		return -1;
909 
910 	if ((iface->conf->hw_mode == HOSTAPD_MODE_IEEE80211G ||
911 	     iface->conf->ieee80211n || iface->conf->ieee80211ac) &&
912 	    iface->conf->channel == 14) {
913 		wpa_printf(MSG_INFO, "Disable OFDM/HT/VHT on channel 14");
914 		iface->conf->hw_mode = HOSTAPD_MODE_IEEE80211B;
915 		iface->conf->ieee80211n = 0;
916 		iface->conf->ieee80211ac = 0;
917 	}
918 
919 	iface->current_mode = NULL;
920 	for (i = 0; i < iface->num_hw_features; i++) {
921 		struct hostapd_hw_modes *mode = &iface->hw_features[i];
922 		if (mode->mode == iface->conf->hw_mode) {
923 			iface->current_mode = mode;
924 			break;
925 		}
926 	}
927 
928 	if (iface->current_mode == NULL) {
929 		if (!(iface->drv_flags & WPA_DRIVER_FLAGS_ACS_OFFLOAD) ||
930 		    !(iface->drv_flags & WPA_DRIVER_FLAGS_SUPPORT_HW_MODE_ANY))
931 		{
932 			wpa_printf(MSG_ERROR,
933 				   "Hardware does not support configured mode");
934 			hostapd_logger(iface->bss[0], NULL,
935 				       HOSTAPD_MODULE_IEEE80211,
936 				       HOSTAPD_LEVEL_WARNING,
937 				       "Hardware does not support configured mode (%d) (hw_mode in hostapd.conf)",
938 				       (int) iface->conf->hw_mode);
939 			return -2;
940 		}
941 	}
942 
943 	switch (hostapd_check_chans(iface)) {
944 	case HOSTAPD_CHAN_VALID:
945 		return 0;
946 	case HOSTAPD_CHAN_ACS: /* ACS will run and later complete */
947 		return 1;
948 	case HOSTAPD_CHAN_INVALID:
949 	default:
950 		hostapd_notify_bad_chans(iface);
951 		return -3;
952 	}
953 }
954 
955 
hostapd_hw_mode_txt(int mode)956 const char * hostapd_hw_mode_txt(int mode)
957 {
958 	switch (mode) {
959 	case HOSTAPD_MODE_IEEE80211A:
960 		return "IEEE 802.11a";
961 	case HOSTAPD_MODE_IEEE80211B:
962 		return "IEEE 802.11b";
963 	case HOSTAPD_MODE_IEEE80211G:
964 		return "IEEE 802.11g";
965 	case HOSTAPD_MODE_IEEE80211AD:
966 		return "IEEE 802.11ad";
967 	default:
968 		return "UNKNOWN";
969 	}
970 }
971 
972 
hostapd_hw_get_freq(struct hostapd_data * hapd,int chan)973 int hostapd_hw_get_freq(struct hostapd_data *hapd, int chan)
974 {
975 	return hw_get_freq(hapd->iface->current_mode, chan);
976 }
977 
978 
hostapd_hw_get_channel(struct hostapd_data * hapd,int freq)979 int hostapd_hw_get_channel(struct hostapd_data *hapd, int freq)
980 {
981 	return hw_get_chan(hapd->iface->current_mode, freq);
982 }
983