1 /* 2 * Driver interaction with Linux nl80211/cfg80211 3 * Copyright (c) 2002-2015, Jouni Malinen <j@w1.fi> 4 * Copyright (c) 2003-2004, Instant802 Networks, Inc. 5 * Copyright (c) 2005-2006, Devicescape Software, Inc. 6 * Copyright (c) 2007, Johannes Berg <johannes@sipsolutions.net> 7 * Copyright (c) 2009-2010, Atheros Communications 8 * 9 * This software may be distributed under the terms of the BSD license. 10 * See README for more details. 11 */ 12 13 #include "includes.h" 14 #include <sys/types.h> 15 #include <fcntl.h> 16 #include <net/if.h> 17 #include <netlink/genl/genl.h> 18 #include <netlink/genl/ctrl.h> 19 #ifdef CONFIG_LIBNL3_ROUTE 20 #include <netlink/route/neighbour.h> 21 #endif /* CONFIG_LIBNL3_ROUTE */ 22 #include <linux/rtnetlink.h> 23 #include <netpacket/packet.h> 24 #include <linux/errqueue.h> 25 26 #include "common.h" 27 #include "eloop.h" 28 #include "common/qca-vendor.h" 29 #include "common/qca-vendor-attr.h" 30 #include "common/ieee802_11_defs.h" 31 #include "common/ieee802_11_common.h" 32 #include "common/wpa_common.h" 33 #include "l2_packet/l2_packet.h" 34 #include "netlink.h" 35 #include "linux_defines.h" 36 #include "linux_ioctl.h" 37 #include "radiotap.h" 38 #include "radiotap_iter.h" 39 #include "rfkill.h" 40 #include "driver_nl80211.h" 41 42 43 #ifndef NETLINK_CAP_ACK 44 #define NETLINK_CAP_ACK 10 45 #endif /* NETLINK_CAP_ACK */ 46 /* support for extack if compilation headers are too old */ 47 #ifndef NETLINK_EXT_ACK 48 #define NETLINK_EXT_ACK 11 49 enum nlmsgerr_attrs { 50 NLMSGERR_ATTR_UNUSED, 51 NLMSGERR_ATTR_MSG, 52 NLMSGERR_ATTR_OFFS, 53 NLMSGERR_ATTR_COOKIE, 54 55 __NLMSGERR_ATTR_MAX, 56 NLMSGERR_ATTR_MAX = __NLMSGERR_ATTR_MAX - 1 57 }; 58 #endif 59 #ifndef NLM_F_CAPPED 60 #define NLM_F_CAPPED 0x100 61 #endif 62 #ifndef NLM_F_ACK_TLVS 63 #define NLM_F_ACK_TLVS 0x200 64 #endif 65 #ifndef SOL_NETLINK 66 #define SOL_NETLINK 270 67 #endif 68 69 #ifndef CONFIG_LIBNL20 70 /* 71 * libnl 1.1 has a bug, it tries to allocate socket numbers densely 72 * but when you free a socket again it will mess up its bitmap and 73 * and use the wrong number the next time it needs a socket ID. 74 * Therefore, we wrap the handle alloc/destroy and add our own pid 75 * accounting. 76 */ 77 static uint32_t port_bitmap[32] = { 0 }; 78 79 static struct nl_handle *nl80211_handle_alloc(void *cb) 80 { 81 struct nl_handle *handle; 82 uint32_t pid = getpid() & 0x3FFFFF; 83 int i; 84 85 handle = nl_handle_alloc_cb(cb); 86 87 for (i = 0; i < 1024; i++) { 88 if (port_bitmap[i / 32] & (1 << (i % 32))) 89 continue; 90 port_bitmap[i / 32] |= 1 << (i % 32); 91 pid += i << 22; 92 break; 93 } 94 95 nl_socket_set_local_port(handle, pid); 96 97 return handle; 98 } 99 100 static void nl80211_handle_destroy(struct nl_handle *handle) 101 { 102 uint32_t port = nl_socket_get_local_port(handle); 103 104 port >>= 22; 105 port_bitmap[port / 32] &= ~(1 << (port % 32)); 106 107 nl_handle_destroy(handle); 108 } 109 #endif /* CONFIG_LIBNL20 */ 110 111 112 #ifdef ANDROID 113 /* system/core/libnl_2 does not include nl_socket_set_nonblocking() */ 114 #undef nl_socket_set_nonblocking 115 #define nl_socket_set_nonblocking(h) android_nl_socket_set_nonblocking(h) 116 117 #endif /* ANDROID */ 118 119 120 static struct nl_handle * nl_create_handle(struct nl_cb *cb, const char *dbg) 121 { 122 struct nl_handle *handle; 123 124 handle = nl80211_handle_alloc(cb); 125 if (handle == NULL) { 126 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate netlink " 127 "callbacks (%s)", dbg); 128 return NULL; 129 } 130 131 if (genl_connect(handle)) { 132 wpa_printf(MSG_ERROR, "nl80211: Failed to connect to generic " 133 "netlink (%s)", dbg); 134 nl80211_handle_destroy(handle); 135 return NULL; 136 } 137 138 return handle; 139 } 140 141 142 static void nl_destroy_handles(struct nl_handle **handle) 143 { 144 if (*handle == NULL) 145 return; 146 nl80211_handle_destroy(*handle); 147 *handle = NULL; 148 } 149 150 151 #if __WORDSIZE == 64 152 #define ELOOP_SOCKET_INVALID (intptr_t) 0x8888888888888889ULL 153 #else 154 #define ELOOP_SOCKET_INVALID (intptr_t) 0x88888889ULL 155 #endif 156 157 static void nl80211_register_eloop_read(struct nl_handle **handle, 158 eloop_sock_handler handler, 159 void *eloop_data, int persist) 160 { 161 #ifdef CONFIG_LIBNL20 162 /* 163 * libnl uses a pretty small buffer (32 kB that gets converted to 64 kB) 164 * by default. It is possible to hit that limit in some cases where 165 * operations are blocked, e.g., with a burst of Deauthentication frames 166 * to hostapd and STA entry deletion. Try to increase the buffer to make 167 * this less likely to occur. 168 */ 169 if (nl_socket_set_buffer_size(*handle, 262144, 0) < 0) { 170 wpa_printf(MSG_DEBUG, 171 "nl80211: Could not set nl_socket RX buffer size: %s", 172 strerror(errno)); 173 /* continue anyway with the default (smaller) buffer */ 174 } 175 #endif /* CONFIG_LIBNL20 */ 176 177 nl_socket_set_nonblocking(*handle); 178 eloop_register_read_sock(nl_socket_get_fd(*handle), handler, 179 eloop_data, *handle); 180 if (!persist) 181 *handle = (void *) (((intptr_t) *handle) ^ 182 ELOOP_SOCKET_INVALID); 183 } 184 185 186 static void nl80211_destroy_eloop_handle(struct nl_handle **handle, int persist) 187 { 188 if (!persist) 189 *handle = (void *) (((intptr_t) *handle) ^ 190 ELOOP_SOCKET_INVALID); 191 eloop_unregister_read_sock(nl_socket_get_fd(*handle)); 192 nl_destroy_handles(handle); 193 } 194 195 196 static void nl80211_global_deinit(void *priv); 197 static void nl80211_check_global(struct nl80211_global *global); 198 199 static void wpa_driver_nl80211_deinit(struct i802_bss *bss); 200 static int wpa_driver_nl80211_set_mode_ibss(struct i802_bss *bss, 201 struct hostapd_freq_params *freq); 202 203 static int 204 wpa_driver_nl80211_finish_drv_init(struct wpa_driver_nl80211_data *drv, 205 const u8 *set_addr, int first, 206 const char *driver_params); 207 static int nl80211_send_frame_cmd(struct i802_bss *bss, 208 unsigned int freq, unsigned int wait, 209 const u8 *buf, size_t buf_len, u64 *cookie, 210 int no_cck, int no_ack, int offchanok, 211 const u16 *csa_offs, size_t csa_offs_len); 212 static int wpa_driver_nl80211_probe_req_report(struct i802_bss *bss, 213 int report); 214 215 #define IFIDX_ANY -1 216 217 static void add_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx, 218 int ifidx_reason); 219 static void del_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx, 220 int ifidx_reason); 221 static int have_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx, 222 int ifidx_reason); 223 224 static int nl80211_set_channel(struct i802_bss *bss, 225 struct hostapd_freq_params *freq, int set_chan); 226 static int nl80211_disable_11b_rates(struct wpa_driver_nl80211_data *drv, 227 int ifindex, int disabled); 228 229 static int nl80211_leave_ibss(struct wpa_driver_nl80211_data *drv, 230 int reset_mode); 231 232 static int i802_set_iface_flags(struct i802_bss *bss, int up); 233 static int nl80211_set_param(void *priv, const char *param); 234 #ifdef CONFIG_MESH 235 static int nl80211_put_mesh_config(struct nl_msg *msg, 236 struct wpa_driver_mesh_bss_params *params); 237 #endif /* CONFIG_MESH */ 238 static int i802_sta_disassoc(void *priv, const u8 *own_addr, const u8 *addr, 239 u16 reason); 240 241 242 /* Converts nl80211_chan_width to a common format */ 243 enum chan_width convert2width(int width) 244 { 245 switch (width) { 246 case NL80211_CHAN_WIDTH_20_NOHT: 247 return CHAN_WIDTH_20_NOHT; 248 case NL80211_CHAN_WIDTH_20: 249 return CHAN_WIDTH_20; 250 case NL80211_CHAN_WIDTH_40: 251 return CHAN_WIDTH_40; 252 case NL80211_CHAN_WIDTH_80: 253 return CHAN_WIDTH_80; 254 case NL80211_CHAN_WIDTH_80P80: 255 return CHAN_WIDTH_80P80; 256 case NL80211_CHAN_WIDTH_160: 257 return CHAN_WIDTH_160; 258 } 259 return CHAN_WIDTH_UNKNOWN; 260 } 261 262 263 int is_ap_interface(enum nl80211_iftype nlmode) 264 { 265 return nlmode == NL80211_IFTYPE_AP || 266 nlmode == NL80211_IFTYPE_P2P_GO; 267 } 268 269 270 int is_sta_interface(enum nl80211_iftype nlmode) 271 { 272 return nlmode == NL80211_IFTYPE_STATION || 273 nlmode == NL80211_IFTYPE_P2P_CLIENT; 274 } 275 276 277 static int is_p2p_net_interface(enum nl80211_iftype nlmode) 278 { 279 return nlmode == NL80211_IFTYPE_P2P_CLIENT || 280 nlmode == NL80211_IFTYPE_P2P_GO; 281 } 282 283 284 struct i802_bss * get_bss_ifindex(struct wpa_driver_nl80211_data *drv, 285 int ifindex) 286 { 287 struct i802_bss *bss; 288 289 for (bss = drv->first_bss; bss; bss = bss->next) { 290 if (bss->ifindex == ifindex) 291 return bss; 292 } 293 294 return NULL; 295 } 296 297 298 static int is_mesh_interface(enum nl80211_iftype nlmode) 299 { 300 return nlmode == NL80211_IFTYPE_MESH_POINT; 301 } 302 303 304 void nl80211_mark_disconnected(struct wpa_driver_nl80211_data *drv) 305 { 306 if (drv->associated) 307 os_memcpy(drv->prev_bssid, drv->bssid, ETH_ALEN); 308 drv->associated = 0; 309 os_memset(drv->bssid, 0, ETH_ALEN); 310 drv->first_bss->freq = 0; 311 } 312 313 314 /* nl80211 code */ 315 static int ack_handler(struct nl_msg *msg, void *arg) 316 { 317 int *err = arg; 318 *err = 0; 319 return NL_STOP; 320 } 321 322 static int finish_handler(struct nl_msg *msg, void *arg) 323 { 324 int *ret = arg; 325 *ret = 0; 326 return NL_SKIP; 327 } 328 329 static int error_handler(struct sockaddr_nl *nla, struct nlmsgerr *err, 330 void *arg) 331 { 332 struct nlmsghdr *nlh = (struct nlmsghdr *) err - 1; 333 int len = nlh->nlmsg_len; 334 struct nlattr *attrs; 335 struct nlattr *tb[NLMSGERR_ATTR_MAX + 1]; 336 int *ret = arg; 337 int ack_len = sizeof(*nlh) + sizeof(int) + sizeof(*nlh); 338 339 *ret = err->error; 340 341 if (!(nlh->nlmsg_flags & NLM_F_ACK_TLVS)) 342 return NL_SKIP; 343 344 if (!(nlh->nlmsg_flags & NLM_F_CAPPED)) 345 ack_len += err->msg.nlmsg_len - sizeof(*nlh); 346 347 if (len <= ack_len) 348 return NL_STOP; 349 350 attrs = (void *) ((unsigned char *) nlh + ack_len); 351 len -= ack_len; 352 353 nla_parse(tb, NLMSGERR_ATTR_MAX, attrs, len, NULL); 354 if (tb[NLMSGERR_ATTR_MSG]) { 355 len = strnlen((char *) nla_data(tb[NLMSGERR_ATTR_MSG]), 356 nla_len(tb[NLMSGERR_ATTR_MSG])); 357 wpa_printf(MSG_ERROR, "nl80211: kernel reports: %*s", 358 len, (char *) nla_data(tb[NLMSGERR_ATTR_MSG])); 359 } 360 361 return NL_SKIP; 362 } 363 364 365 static int no_seq_check(struct nl_msg *msg, void *arg) 366 { 367 return NL_OK; 368 } 369 370 371 static void nl80211_nlmsg_clear(struct nl_msg *msg) 372 { 373 /* 374 * Clear nlmsg data, e.g., to make sure key material is not left in 375 * heap memory for unnecessarily long time. 376 */ 377 if (msg) { 378 struct nlmsghdr *hdr = nlmsg_hdr(msg); 379 void *data = nlmsg_data(hdr); 380 /* 381 * This would use nlmsg_datalen() or the older nlmsg_len() if 382 * only libnl were to maintain a stable API.. Neither will work 383 * with all released versions, so just calculate the length 384 * here. 385 */ 386 int len = hdr->nlmsg_len - NLMSG_HDRLEN; 387 388 os_memset(data, 0, len); 389 } 390 } 391 392 393 static int send_and_recv(struct nl80211_global *global, 394 struct nl_handle *nl_handle, struct nl_msg *msg, 395 int (*valid_handler)(struct nl_msg *, void *), 396 void *valid_data) 397 { 398 struct nl_cb *cb; 399 int err = -ENOMEM, opt; 400 401 if (!msg) 402 return -ENOMEM; 403 404 cb = nl_cb_clone(global->nl_cb); 405 if (!cb) 406 goto out; 407 408 /* try to set NETLINK_EXT_ACK to 1, ignoring errors */ 409 opt = 1; 410 setsockopt(nl_socket_get_fd(nl_handle), SOL_NETLINK, 411 NETLINK_EXT_ACK, &opt, sizeof(opt)); 412 413 /* try to set NETLINK_CAP_ACK to 1, ignoring errors */ 414 opt = 1; 415 setsockopt(nl_socket_get_fd(nl_handle), SOL_NETLINK, 416 NETLINK_CAP_ACK, &opt, sizeof(opt)); 417 418 err = nl_send_auto_complete(nl_handle, msg); 419 if (err < 0) 420 goto out; 421 422 err = 1; 423 424 nl_cb_err(cb, NL_CB_CUSTOM, error_handler, &err); 425 nl_cb_set(cb, NL_CB_FINISH, NL_CB_CUSTOM, finish_handler, &err); 426 nl_cb_set(cb, NL_CB_ACK, NL_CB_CUSTOM, ack_handler, &err); 427 428 if (valid_handler) 429 nl_cb_set(cb, NL_CB_VALID, NL_CB_CUSTOM, 430 valid_handler, valid_data); 431 432 while (err > 0) { 433 int res = nl_recvmsgs(nl_handle, cb); 434 if (res < 0) { 435 wpa_printf(MSG_INFO, 436 "nl80211: %s->nl_recvmsgs failed: %d", 437 __func__, res); 438 } 439 } 440 out: 441 nl_cb_put(cb); 442 if (!valid_handler && valid_data == (void *) -1) 443 nl80211_nlmsg_clear(msg); 444 nlmsg_free(msg); 445 return err; 446 } 447 448 449 int send_and_recv_msgs(struct wpa_driver_nl80211_data *drv, 450 struct nl_msg *msg, 451 int (*valid_handler)(struct nl_msg *, void *), 452 void *valid_data) 453 { 454 return send_and_recv(drv->global, drv->global->nl, msg, 455 valid_handler, valid_data); 456 } 457 458 459 struct family_data { 460 const char *group; 461 int id; 462 }; 463 464 465 static int family_handler(struct nl_msg *msg, void *arg) 466 { 467 struct family_data *res = arg; 468 struct nlattr *tb[CTRL_ATTR_MAX + 1]; 469 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); 470 struct nlattr *mcgrp; 471 int i; 472 473 nla_parse(tb, CTRL_ATTR_MAX, genlmsg_attrdata(gnlh, 0), 474 genlmsg_attrlen(gnlh, 0), NULL); 475 if (!tb[CTRL_ATTR_MCAST_GROUPS]) 476 return NL_SKIP; 477 478 nla_for_each_nested(mcgrp, tb[CTRL_ATTR_MCAST_GROUPS], i) { 479 struct nlattr *tb2[CTRL_ATTR_MCAST_GRP_MAX + 1]; 480 nla_parse(tb2, CTRL_ATTR_MCAST_GRP_MAX, nla_data(mcgrp), 481 nla_len(mcgrp), NULL); 482 if (!tb2[CTRL_ATTR_MCAST_GRP_NAME] || 483 !tb2[CTRL_ATTR_MCAST_GRP_ID] || 484 os_strncmp(nla_data(tb2[CTRL_ATTR_MCAST_GRP_NAME]), 485 res->group, 486 nla_len(tb2[CTRL_ATTR_MCAST_GRP_NAME])) != 0) 487 continue; 488 res->id = nla_get_u32(tb2[CTRL_ATTR_MCAST_GRP_ID]); 489 break; 490 }; 491 492 return NL_SKIP; 493 } 494 495 496 static int nl_get_multicast_id(struct nl80211_global *global, 497 const char *family, const char *group) 498 { 499 struct nl_msg *msg; 500 int ret; 501 struct family_data res = { group, -ENOENT }; 502 503 msg = nlmsg_alloc(); 504 if (!msg) 505 return -ENOMEM; 506 if (!genlmsg_put(msg, 0, 0, genl_ctrl_resolve(global->nl, "nlctrl"), 507 0, 0, CTRL_CMD_GETFAMILY, 0) || 508 nla_put_string(msg, CTRL_ATTR_FAMILY_NAME, family)) { 509 nlmsg_free(msg); 510 return -1; 511 } 512 513 ret = send_and_recv(global, global->nl, msg, family_handler, &res); 514 if (ret == 0) 515 ret = res.id; 516 return ret; 517 } 518 519 520 void * nl80211_cmd(struct wpa_driver_nl80211_data *drv, 521 struct nl_msg *msg, int flags, uint8_t cmd) 522 { 523 if (TEST_FAIL()) 524 return NULL; 525 return genlmsg_put(msg, 0, 0, drv->global->nl80211_id, 526 0, flags, cmd, 0); 527 } 528 529 530 static int nl80211_set_iface_id(struct nl_msg *msg, struct i802_bss *bss) 531 { 532 if (bss->wdev_id_set) 533 return nla_put_u64(msg, NL80211_ATTR_WDEV, bss->wdev_id); 534 return nla_put_u32(msg, NL80211_ATTR_IFINDEX, bss->ifindex); 535 } 536 537 538 struct nl_msg * nl80211_cmd_msg(struct i802_bss *bss, int flags, uint8_t cmd) 539 { 540 struct nl_msg *msg; 541 542 msg = nlmsg_alloc(); 543 if (!msg) 544 return NULL; 545 546 if (!nl80211_cmd(bss->drv, msg, flags, cmd) || 547 nl80211_set_iface_id(msg, bss) < 0) { 548 nlmsg_free(msg); 549 return NULL; 550 } 551 552 return msg; 553 } 554 555 556 static struct nl_msg * 557 nl80211_ifindex_msg(struct wpa_driver_nl80211_data *drv, int ifindex, 558 int flags, uint8_t cmd) 559 { 560 struct nl_msg *msg; 561 562 msg = nlmsg_alloc(); 563 if (!msg) 564 return NULL; 565 566 if (!nl80211_cmd(drv, msg, flags, cmd) || 567 nla_put_u32(msg, NL80211_ATTR_IFINDEX, ifindex)) { 568 nlmsg_free(msg); 569 return NULL; 570 } 571 572 return msg; 573 } 574 575 576 struct nl_msg * nl80211_drv_msg(struct wpa_driver_nl80211_data *drv, int flags, 577 uint8_t cmd) 578 { 579 return nl80211_ifindex_msg(drv, drv->ifindex, flags, cmd); 580 } 581 582 583 struct nl_msg * nl80211_bss_msg(struct i802_bss *bss, int flags, uint8_t cmd) 584 { 585 return nl80211_ifindex_msg(bss->drv, bss->ifindex, flags, cmd); 586 } 587 588 589 struct wiphy_idx_data { 590 int wiphy_idx; 591 enum nl80211_iftype nlmode; 592 u8 *macaddr; 593 }; 594 595 596 static int netdev_info_handler(struct nl_msg *msg, void *arg) 597 { 598 struct nlattr *tb[NL80211_ATTR_MAX + 1]; 599 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); 600 struct wiphy_idx_data *info = arg; 601 602 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), 603 genlmsg_attrlen(gnlh, 0), NULL); 604 605 if (tb[NL80211_ATTR_WIPHY]) 606 info->wiphy_idx = nla_get_u32(tb[NL80211_ATTR_WIPHY]); 607 608 if (tb[NL80211_ATTR_IFTYPE]) 609 info->nlmode = nla_get_u32(tb[NL80211_ATTR_IFTYPE]); 610 611 if (tb[NL80211_ATTR_MAC] && info->macaddr) 612 os_memcpy(info->macaddr, nla_data(tb[NL80211_ATTR_MAC]), 613 ETH_ALEN); 614 615 return NL_SKIP; 616 } 617 618 619 int nl80211_get_wiphy_index(struct i802_bss *bss) 620 { 621 struct nl_msg *msg; 622 struct wiphy_idx_data data = { 623 .wiphy_idx = -1, 624 .macaddr = NULL, 625 }; 626 627 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_GET_INTERFACE))) 628 return -1; 629 630 if (send_and_recv_msgs(bss->drv, msg, netdev_info_handler, &data) == 0) 631 return data.wiphy_idx; 632 return -1; 633 } 634 635 636 static enum nl80211_iftype nl80211_get_ifmode(struct i802_bss *bss) 637 { 638 struct nl_msg *msg; 639 struct wiphy_idx_data data = { 640 .nlmode = NL80211_IFTYPE_UNSPECIFIED, 641 .macaddr = NULL, 642 }; 643 644 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_GET_INTERFACE))) 645 return NL80211_IFTYPE_UNSPECIFIED; 646 647 if (send_and_recv_msgs(bss->drv, msg, netdev_info_handler, &data) == 0) 648 return data.nlmode; 649 return NL80211_IFTYPE_UNSPECIFIED; 650 } 651 652 653 static int nl80211_get_macaddr(struct i802_bss *bss) 654 { 655 struct nl_msg *msg; 656 struct wiphy_idx_data data = { 657 .macaddr = bss->addr, 658 }; 659 660 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_GET_INTERFACE))) 661 return -1; 662 663 return send_and_recv_msgs(bss->drv, msg, netdev_info_handler, &data); 664 } 665 666 667 static int nl80211_register_beacons(struct wpa_driver_nl80211_data *drv, 668 struct nl80211_wiphy_data *w) 669 { 670 struct nl_msg *msg; 671 int ret; 672 673 msg = nlmsg_alloc(); 674 if (!msg) 675 return -1; 676 677 if (!nl80211_cmd(drv, msg, 0, NL80211_CMD_REGISTER_BEACONS) || 678 nla_put_u32(msg, NL80211_ATTR_WIPHY, w->wiphy_idx)) { 679 nlmsg_free(msg); 680 return -1; 681 } 682 683 ret = send_and_recv(drv->global, w->nl_beacons, msg, NULL, NULL); 684 if (ret) { 685 wpa_printf(MSG_DEBUG, "nl80211: Register beacons command " 686 "failed: ret=%d (%s)", 687 ret, strerror(-ret)); 688 } 689 return ret; 690 } 691 692 693 static void nl80211_recv_beacons(int sock, void *eloop_ctx, void *handle) 694 { 695 struct nl80211_wiphy_data *w = eloop_ctx; 696 int res; 697 698 wpa_printf(MSG_EXCESSIVE, "nl80211: Beacon event message available"); 699 700 res = nl_recvmsgs(handle, w->nl_cb); 701 if (res < 0) { 702 wpa_printf(MSG_INFO, "nl80211: %s->nl_recvmsgs failed: %d", 703 __func__, res); 704 } 705 } 706 707 708 static int process_beacon_event(struct nl_msg *msg, void *arg) 709 { 710 struct nl80211_wiphy_data *w = arg; 711 struct wpa_driver_nl80211_data *drv; 712 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); 713 struct nlattr *tb[NL80211_ATTR_MAX + 1]; 714 union wpa_event_data event; 715 716 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), 717 genlmsg_attrlen(gnlh, 0), NULL); 718 719 if (gnlh->cmd != NL80211_CMD_FRAME) { 720 wpa_printf(MSG_DEBUG, "nl80211: Unexpected beacon event? (%d)", 721 gnlh->cmd); 722 return NL_SKIP; 723 } 724 725 if (!tb[NL80211_ATTR_FRAME]) 726 return NL_SKIP; 727 728 dl_list_for_each(drv, &w->drvs, struct wpa_driver_nl80211_data, 729 wiphy_list) { 730 os_memset(&event, 0, sizeof(event)); 731 event.rx_mgmt.frame = nla_data(tb[NL80211_ATTR_FRAME]); 732 event.rx_mgmt.frame_len = nla_len(tb[NL80211_ATTR_FRAME]); 733 wpa_supplicant_event(drv->ctx, EVENT_RX_MGMT, &event); 734 } 735 736 return NL_SKIP; 737 } 738 739 740 static struct nl80211_wiphy_data * 741 nl80211_get_wiphy_data_ap(struct i802_bss *bss) 742 { 743 static DEFINE_DL_LIST(nl80211_wiphys); 744 struct nl80211_wiphy_data *w; 745 int wiphy_idx, found = 0; 746 struct i802_bss *tmp_bss; 747 u8 channel; 748 749 if (bss->wiphy_data != NULL) 750 return bss->wiphy_data; 751 752 wiphy_idx = nl80211_get_wiphy_index(bss); 753 754 dl_list_for_each(w, &nl80211_wiphys, struct nl80211_wiphy_data, list) { 755 if (w->wiphy_idx == wiphy_idx) 756 goto add; 757 } 758 759 /* alloc new one */ 760 w = os_zalloc(sizeof(*w)); 761 if (w == NULL) 762 return NULL; 763 w->wiphy_idx = wiphy_idx; 764 dl_list_init(&w->bsss); 765 dl_list_init(&w->drvs); 766 767 /* Beacon frames not supported in IEEE 802.11ad */ 768 if (ieee80211_freq_to_chan(bss->freq, &channel) != 769 HOSTAPD_MODE_IEEE80211AD) { 770 w->nl_cb = nl_cb_alloc(NL_CB_DEFAULT); 771 if (!w->nl_cb) { 772 os_free(w); 773 return NULL; 774 } 775 nl_cb_set(w->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM, 776 no_seq_check, NULL); 777 nl_cb_set(w->nl_cb, NL_CB_VALID, NL_CB_CUSTOM, 778 process_beacon_event, w); 779 780 w->nl_beacons = nl_create_handle(bss->drv->global->nl_cb, 781 "wiphy beacons"); 782 if (w->nl_beacons == NULL) { 783 os_free(w); 784 return NULL; 785 } 786 787 if (nl80211_register_beacons(bss->drv, w)) { 788 nl_destroy_handles(&w->nl_beacons); 789 os_free(w); 790 return NULL; 791 } 792 793 nl80211_register_eloop_read(&w->nl_beacons, 794 nl80211_recv_beacons, w, 0); 795 } 796 797 dl_list_add(&nl80211_wiphys, &w->list); 798 799 add: 800 /* drv entry for this bss already there? */ 801 dl_list_for_each(tmp_bss, &w->bsss, struct i802_bss, wiphy_list) { 802 if (tmp_bss->drv == bss->drv) { 803 found = 1; 804 break; 805 } 806 } 807 /* if not add it */ 808 if (!found) 809 dl_list_add(&w->drvs, &bss->drv->wiphy_list); 810 811 dl_list_add(&w->bsss, &bss->wiphy_list); 812 bss->wiphy_data = w; 813 return w; 814 } 815 816 817 static void nl80211_put_wiphy_data_ap(struct i802_bss *bss) 818 { 819 struct nl80211_wiphy_data *w = bss->wiphy_data; 820 struct i802_bss *tmp_bss; 821 int found = 0; 822 823 if (w == NULL) 824 return; 825 bss->wiphy_data = NULL; 826 dl_list_del(&bss->wiphy_list); 827 828 /* still any for this drv present? */ 829 dl_list_for_each(tmp_bss, &w->bsss, struct i802_bss, wiphy_list) { 830 if (tmp_bss->drv == bss->drv) { 831 found = 1; 832 break; 833 } 834 } 835 /* if not remove it */ 836 if (!found) 837 dl_list_del(&bss->drv->wiphy_list); 838 839 if (!dl_list_empty(&w->bsss)) 840 return; 841 842 if (w->nl_beacons) 843 nl80211_destroy_eloop_handle(&w->nl_beacons, 0); 844 845 nl_cb_put(w->nl_cb); 846 dl_list_del(&w->list); 847 os_free(w); 848 } 849 850 851 static unsigned int nl80211_get_ifindex(void *priv) 852 { 853 struct i802_bss *bss = priv; 854 struct wpa_driver_nl80211_data *drv = bss->drv; 855 856 return drv->ifindex; 857 } 858 859 860 static int wpa_driver_nl80211_get_bssid(void *priv, u8 *bssid) 861 { 862 struct i802_bss *bss = priv; 863 struct wpa_driver_nl80211_data *drv = bss->drv; 864 if (!drv->associated) 865 return -1; 866 os_memcpy(bssid, drv->bssid, ETH_ALEN); 867 return 0; 868 } 869 870 871 static int wpa_driver_nl80211_get_ssid(void *priv, u8 *ssid) 872 { 873 struct i802_bss *bss = priv; 874 struct wpa_driver_nl80211_data *drv = bss->drv; 875 if (!drv->associated) 876 return -1; 877 os_memcpy(ssid, drv->ssid, drv->ssid_len); 878 return drv->ssid_len; 879 } 880 881 882 static void wpa_driver_nl80211_event_newlink( 883 struct nl80211_global *global, struct wpa_driver_nl80211_data *drv, 884 int ifindex, const char *ifname) 885 { 886 union wpa_event_data event; 887 888 if (drv && os_strcmp(drv->first_bss->ifname, ifname) == 0) { 889 if (if_nametoindex(drv->first_bss->ifname) == 0) { 890 wpa_printf(MSG_DEBUG, "nl80211: Interface %s does not exist - ignore RTM_NEWLINK", 891 drv->first_bss->ifname); 892 return; 893 } 894 if (!drv->if_removed) 895 return; 896 wpa_printf(MSG_DEBUG, "nl80211: Mark if_removed=0 for %s based on RTM_NEWLINK event", 897 drv->first_bss->ifname); 898 drv->if_removed = 0; 899 } 900 901 os_memset(&event, 0, sizeof(event)); 902 event.interface_status.ifindex = ifindex; 903 os_strlcpy(event.interface_status.ifname, ifname, 904 sizeof(event.interface_status.ifname)); 905 event.interface_status.ievent = EVENT_INTERFACE_ADDED; 906 if (drv) 907 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_STATUS, &event); 908 else 909 wpa_supplicant_event_global(global->ctx, EVENT_INTERFACE_STATUS, 910 &event); 911 } 912 913 914 static void wpa_driver_nl80211_event_dellink( 915 struct nl80211_global *global, struct wpa_driver_nl80211_data *drv, 916 int ifindex, const char *ifname) 917 { 918 union wpa_event_data event; 919 920 if (drv && os_strcmp(drv->first_bss->ifname, ifname) == 0) { 921 if (drv->if_removed) { 922 wpa_printf(MSG_DEBUG, "nl80211: if_removed already set - ignore RTM_DELLINK event for %s", 923 ifname); 924 return; 925 } 926 wpa_printf(MSG_DEBUG, "RTM_DELLINK: Interface '%s' removed - mark if_removed=1", 927 ifname); 928 drv->if_removed = 1; 929 } else { 930 wpa_printf(MSG_DEBUG, "RTM_DELLINK: Interface '%s' removed", 931 ifname); 932 } 933 934 os_memset(&event, 0, sizeof(event)); 935 event.interface_status.ifindex = ifindex; 936 os_strlcpy(event.interface_status.ifname, ifname, 937 sizeof(event.interface_status.ifname)); 938 event.interface_status.ievent = EVENT_INTERFACE_REMOVED; 939 if (drv) 940 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_STATUS, &event); 941 else 942 wpa_supplicant_event_global(global->ctx, EVENT_INTERFACE_STATUS, 943 &event); 944 } 945 946 947 static int wpa_driver_nl80211_own_ifname(struct wpa_driver_nl80211_data *drv, 948 u8 *buf, size_t len) 949 { 950 int attrlen, rta_len; 951 struct rtattr *attr; 952 953 attrlen = len; 954 attr = (struct rtattr *) buf; 955 956 rta_len = RTA_ALIGN(sizeof(struct rtattr)); 957 while (RTA_OK(attr, attrlen)) { 958 if (attr->rta_type == IFLA_IFNAME) { 959 if (os_strcmp(((char *) attr) + rta_len, 960 drv->first_bss->ifname) == 0) 961 return 1; 962 else 963 break; 964 } 965 attr = RTA_NEXT(attr, attrlen); 966 } 967 968 return 0; 969 } 970 971 972 static int wpa_driver_nl80211_own_ifindex(struct wpa_driver_nl80211_data *drv, 973 int ifindex, u8 *buf, size_t len) 974 { 975 if (drv->ifindex == ifindex) 976 return 1; 977 978 if (drv->if_removed && wpa_driver_nl80211_own_ifname(drv, buf, len)) { 979 nl80211_check_global(drv->global); 980 wpa_printf(MSG_DEBUG, "nl80211: Update ifindex for a removed " 981 "interface"); 982 if (wpa_driver_nl80211_finish_drv_init(drv, NULL, 0, NULL) < 0) 983 return -1; 984 return 1; 985 } 986 987 return 0; 988 } 989 990 991 static struct wpa_driver_nl80211_data * 992 nl80211_find_drv(struct nl80211_global *global, int idx, u8 *buf, size_t len, 993 int *init_failed) 994 { 995 struct wpa_driver_nl80211_data *drv; 996 int res; 997 998 if (init_failed) 999 *init_failed = 0; 1000 dl_list_for_each(drv, &global->interfaces, 1001 struct wpa_driver_nl80211_data, list) { 1002 res = wpa_driver_nl80211_own_ifindex(drv, idx, buf, len); 1003 if (res < 0) { 1004 wpa_printf(MSG_DEBUG, 1005 "nl80211: Found matching own interface, but failed to complete reinitialization"); 1006 if (init_failed) 1007 *init_failed = 1; 1008 return drv; 1009 } 1010 if (res > 0 || have_ifidx(drv, idx, IFIDX_ANY)) 1011 return drv; 1012 } 1013 return NULL; 1014 } 1015 1016 1017 static void nl80211_refresh_mac(struct wpa_driver_nl80211_data *drv, 1018 int ifindex, int notify) 1019 { 1020 struct i802_bss *bss; 1021 u8 addr[ETH_ALEN]; 1022 1023 bss = get_bss_ifindex(drv, ifindex); 1024 if (bss && 1025 linux_get_ifhwaddr(drv->global->ioctl_sock, 1026 bss->ifname, addr) < 0) { 1027 wpa_printf(MSG_DEBUG, 1028 "nl80211: %s: failed to re-read MAC address", 1029 bss->ifname); 1030 } else if (bss && os_memcmp(addr, bss->addr, ETH_ALEN) != 0) { 1031 wpa_printf(MSG_DEBUG, 1032 "nl80211: Own MAC address on ifindex %d (%s) changed from " 1033 MACSTR " to " MACSTR, 1034 ifindex, bss->ifname, 1035 MAC2STR(bss->addr), MAC2STR(addr)); 1036 os_memcpy(bss->addr, addr, ETH_ALEN); 1037 if (notify) 1038 wpa_supplicant_event(drv->ctx, 1039 EVENT_INTERFACE_MAC_CHANGED, NULL); 1040 } 1041 } 1042 1043 1044 static void wpa_driver_nl80211_event_rtm_newlink(void *ctx, 1045 struct ifinfomsg *ifi, 1046 u8 *buf, size_t len) 1047 { 1048 struct nl80211_global *global = ctx; 1049 struct wpa_driver_nl80211_data *drv; 1050 int attrlen; 1051 struct rtattr *attr; 1052 u32 brid = 0; 1053 char namebuf[IFNAMSIZ]; 1054 char ifname[IFNAMSIZ + 1]; 1055 char extra[100], *pos, *end; 1056 int init_failed; 1057 1058 extra[0] = '\0'; 1059 pos = extra; 1060 end = pos + sizeof(extra); 1061 ifname[0] = '\0'; 1062 1063 attrlen = len; 1064 attr = (struct rtattr *) buf; 1065 while (RTA_OK(attr, attrlen)) { 1066 switch (attr->rta_type) { 1067 case IFLA_IFNAME: 1068 if (RTA_PAYLOAD(attr) >= IFNAMSIZ) 1069 break; 1070 os_memcpy(ifname, RTA_DATA(attr), RTA_PAYLOAD(attr)); 1071 ifname[RTA_PAYLOAD(attr)] = '\0'; 1072 break; 1073 case IFLA_MASTER: 1074 brid = nla_get_u32((struct nlattr *) attr); 1075 pos += os_snprintf(pos, end - pos, " master=%u", brid); 1076 break; 1077 case IFLA_WIRELESS: 1078 pos += os_snprintf(pos, end - pos, " wext"); 1079 break; 1080 case IFLA_OPERSTATE: 1081 pos += os_snprintf(pos, end - pos, " operstate=%u", 1082 nla_get_u32((struct nlattr *) attr)); 1083 break; 1084 case IFLA_LINKMODE: 1085 pos += os_snprintf(pos, end - pos, " linkmode=%u", 1086 nla_get_u32((struct nlattr *) attr)); 1087 break; 1088 } 1089 attr = RTA_NEXT(attr, attrlen); 1090 } 1091 extra[sizeof(extra) - 1] = '\0'; 1092 1093 wpa_printf(MSG_DEBUG, "RTM_NEWLINK: ifi_index=%d ifname=%s%s ifi_family=%d ifi_flags=0x%x (%s%s%s%s)", 1094 ifi->ifi_index, ifname, extra, ifi->ifi_family, 1095 ifi->ifi_flags, 1096 (ifi->ifi_flags & IFF_UP) ? "[UP]" : "", 1097 (ifi->ifi_flags & IFF_RUNNING) ? "[RUNNING]" : "", 1098 (ifi->ifi_flags & IFF_LOWER_UP) ? "[LOWER_UP]" : "", 1099 (ifi->ifi_flags & IFF_DORMANT) ? "[DORMANT]" : ""); 1100 1101 drv = nl80211_find_drv(global, ifi->ifi_index, buf, len, &init_failed); 1102 if (!drv) 1103 goto event_newlink; 1104 if (init_failed) 1105 return; /* do not update interface state */ 1106 1107 if (!drv->if_disabled && !(ifi->ifi_flags & IFF_UP)) { 1108 namebuf[0] = '\0'; 1109 if (if_indextoname(ifi->ifi_index, namebuf) && 1110 linux_iface_up(drv->global->ioctl_sock, namebuf) > 0) { 1111 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface down " 1112 "event since interface %s is up", namebuf); 1113 drv->ignore_if_down_event = 0; 1114 /* Re-read MAC address as it may have changed */ 1115 nl80211_refresh_mac(drv, ifi->ifi_index, 1); 1116 return; 1117 } 1118 wpa_printf(MSG_DEBUG, "nl80211: Interface down (%s/%s)", 1119 namebuf, ifname); 1120 if (os_strcmp(drv->first_bss->ifname, ifname) != 0) { 1121 wpa_printf(MSG_DEBUG, 1122 "nl80211: Not the main interface (%s) - do not indicate interface down", 1123 drv->first_bss->ifname); 1124 } else if (drv->ignore_if_down_event) { 1125 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface down " 1126 "event generated by mode change"); 1127 drv->ignore_if_down_event = 0; 1128 } else { 1129 drv->if_disabled = 1; 1130 wpa_supplicant_event(drv->ctx, 1131 EVENT_INTERFACE_DISABLED, NULL); 1132 1133 /* 1134 * Try to get drv again, since it may be removed as 1135 * part of the EVENT_INTERFACE_DISABLED handling for 1136 * dynamic interfaces 1137 */ 1138 drv = nl80211_find_drv(global, ifi->ifi_index, 1139 buf, len, NULL); 1140 if (!drv) 1141 return; 1142 } 1143 } 1144 1145 if (drv->if_disabled && (ifi->ifi_flags & IFF_UP)) { 1146 namebuf[0] = '\0'; 1147 if (if_indextoname(ifi->ifi_index, namebuf) && 1148 linux_iface_up(drv->global->ioctl_sock, namebuf) == 0) { 1149 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface up " 1150 "event since interface %s is down", 1151 namebuf); 1152 return; 1153 } 1154 wpa_printf(MSG_DEBUG, "nl80211: Interface up (%s/%s)", 1155 namebuf, ifname); 1156 if (os_strcmp(drv->first_bss->ifname, ifname) != 0) { 1157 wpa_printf(MSG_DEBUG, 1158 "nl80211: Not the main interface (%s) - do not indicate interface up", 1159 drv->first_bss->ifname); 1160 } else if (if_nametoindex(drv->first_bss->ifname) == 0) { 1161 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface up " 1162 "event since interface %s does not exist", 1163 drv->first_bss->ifname); 1164 } else if (drv->if_removed) { 1165 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface up " 1166 "event since interface %s is marked " 1167 "removed", drv->first_bss->ifname); 1168 } else { 1169 /* Re-read MAC address as it may have changed */ 1170 nl80211_refresh_mac(drv, ifi->ifi_index, 0); 1171 1172 drv->if_disabled = 0; 1173 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_ENABLED, 1174 NULL); 1175 } 1176 } 1177 1178 /* 1179 * Some drivers send the association event before the operup event--in 1180 * this case, lifting operstate in wpa_driver_nl80211_set_operstate() 1181 * fails. This will hit us when wpa_supplicant does not need to do 1182 * IEEE 802.1X authentication 1183 */ 1184 if (drv->operstate == 1 && 1185 (ifi->ifi_flags & (IFF_LOWER_UP | IFF_DORMANT)) == IFF_LOWER_UP && 1186 !(ifi->ifi_flags & IFF_RUNNING)) { 1187 wpa_printf(MSG_DEBUG, "nl80211: Set IF_OPER_UP again based on ifi_flags and expected operstate"); 1188 netlink_send_oper_ifla(drv->global->netlink, drv->ifindex, 1189 -1, IF_OPER_UP); 1190 } 1191 1192 event_newlink: 1193 if (ifname[0]) 1194 wpa_driver_nl80211_event_newlink(global, drv, ifi->ifi_index, 1195 ifname); 1196 1197 if (ifi->ifi_family == AF_BRIDGE && brid && drv) { 1198 struct i802_bss *bss; 1199 1200 /* device has been added to bridge */ 1201 if (!if_indextoname(brid, namebuf)) { 1202 wpa_printf(MSG_DEBUG, 1203 "nl80211: Could not find bridge ifname for ifindex %u", 1204 brid); 1205 return; 1206 } 1207 wpa_printf(MSG_DEBUG, "nl80211: Add ifindex %u for bridge %s", 1208 brid, namebuf); 1209 add_ifidx(drv, brid, ifi->ifi_index); 1210 1211 for (bss = drv->first_bss; bss; bss = bss->next) { 1212 if (os_strcmp(ifname, bss->ifname) == 0) { 1213 os_strlcpy(bss->brname, namebuf, IFNAMSIZ); 1214 break; 1215 } 1216 } 1217 } 1218 } 1219 1220 1221 static void wpa_driver_nl80211_event_rtm_dellink(void *ctx, 1222 struct ifinfomsg *ifi, 1223 u8 *buf, size_t len) 1224 { 1225 struct nl80211_global *global = ctx; 1226 struct wpa_driver_nl80211_data *drv; 1227 int attrlen; 1228 struct rtattr *attr; 1229 u32 brid = 0; 1230 char ifname[IFNAMSIZ + 1]; 1231 char extra[100], *pos, *end; 1232 1233 extra[0] = '\0'; 1234 pos = extra; 1235 end = pos + sizeof(extra); 1236 ifname[0] = '\0'; 1237 1238 attrlen = len; 1239 attr = (struct rtattr *) buf; 1240 while (RTA_OK(attr, attrlen)) { 1241 switch (attr->rta_type) { 1242 case IFLA_IFNAME: 1243 if (RTA_PAYLOAD(attr) >= IFNAMSIZ) 1244 break; 1245 os_memcpy(ifname, RTA_DATA(attr), RTA_PAYLOAD(attr)); 1246 ifname[RTA_PAYLOAD(attr)] = '\0'; 1247 break; 1248 case IFLA_MASTER: 1249 brid = nla_get_u32((struct nlattr *) attr); 1250 pos += os_snprintf(pos, end - pos, " master=%u", brid); 1251 break; 1252 case IFLA_OPERSTATE: 1253 pos += os_snprintf(pos, end - pos, " operstate=%u", 1254 nla_get_u32((struct nlattr *) attr)); 1255 break; 1256 case IFLA_LINKMODE: 1257 pos += os_snprintf(pos, end - pos, " linkmode=%u", 1258 nla_get_u32((struct nlattr *) attr)); 1259 break; 1260 } 1261 attr = RTA_NEXT(attr, attrlen); 1262 } 1263 extra[sizeof(extra) - 1] = '\0'; 1264 1265 wpa_printf(MSG_DEBUG, "RTM_DELLINK: ifi_index=%d ifname=%s%s ifi_family=%d ifi_flags=0x%x (%s%s%s%s)", 1266 ifi->ifi_index, ifname, extra, ifi->ifi_family, 1267 ifi->ifi_flags, 1268 (ifi->ifi_flags & IFF_UP) ? "[UP]" : "", 1269 (ifi->ifi_flags & IFF_RUNNING) ? "[RUNNING]" : "", 1270 (ifi->ifi_flags & IFF_LOWER_UP) ? "[LOWER_UP]" : "", 1271 (ifi->ifi_flags & IFF_DORMANT) ? "[DORMANT]" : ""); 1272 1273 drv = nl80211_find_drv(global, ifi->ifi_index, buf, len, NULL); 1274 1275 if (ifi->ifi_family == AF_BRIDGE && brid && drv) { 1276 /* device has been removed from bridge */ 1277 char namebuf[IFNAMSIZ]; 1278 1279 if (!if_indextoname(brid, namebuf)) { 1280 wpa_printf(MSG_DEBUG, 1281 "nl80211: Could not find bridge ifname for ifindex %u", 1282 brid); 1283 } else { 1284 wpa_printf(MSG_DEBUG, 1285 "nl80211: Remove ifindex %u for bridge %s", 1286 brid, namebuf); 1287 } 1288 del_ifidx(drv, brid, ifi->ifi_index); 1289 } 1290 1291 if (ifi->ifi_family != AF_BRIDGE || !brid) 1292 wpa_driver_nl80211_event_dellink(global, drv, ifi->ifi_index, 1293 ifname); 1294 } 1295 1296 1297 struct nl80211_get_assoc_freq_arg { 1298 struct wpa_driver_nl80211_data *drv; 1299 unsigned int assoc_freq; 1300 unsigned int ibss_freq; 1301 u8 assoc_bssid[ETH_ALEN]; 1302 u8 assoc_ssid[SSID_MAX_LEN]; 1303 u8 assoc_ssid_len; 1304 }; 1305 1306 static int nl80211_get_assoc_freq_handler(struct nl_msg *msg, void *arg) 1307 { 1308 struct nlattr *tb[NL80211_ATTR_MAX + 1]; 1309 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); 1310 struct nlattr *bss[NL80211_BSS_MAX + 1]; 1311 static struct nla_policy bss_policy[NL80211_BSS_MAX + 1] = { 1312 [NL80211_BSS_BSSID] = { .type = NLA_UNSPEC }, 1313 [NL80211_BSS_FREQUENCY] = { .type = NLA_U32 }, 1314 [NL80211_BSS_INFORMATION_ELEMENTS] = { .type = NLA_UNSPEC }, 1315 [NL80211_BSS_STATUS] = { .type = NLA_U32 }, 1316 }; 1317 struct nl80211_get_assoc_freq_arg *ctx = arg; 1318 enum nl80211_bss_status status; 1319 1320 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), 1321 genlmsg_attrlen(gnlh, 0), NULL); 1322 if (!tb[NL80211_ATTR_BSS] || 1323 nla_parse_nested(bss, NL80211_BSS_MAX, tb[NL80211_ATTR_BSS], 1324 bss_policy) || 1325 !bss[NL80211_BSS_STATUS]) 1326 return NL_SKIP; 1327 1328 status = nla_get_u32(bss[NL80211_BSS_STATUS]); 1329 if (status == NL80211_BSS_STATUS_ASSOCIATED && 1330 bss[NL80211_BSS_FREQUENCY]) { 1331 ctx->assoc_freq = nla_get_u32(bss[NL80211_BSS_FREQUENCY]); 1332 wpa_printf(MSG_DEBUG, "nl80211: Associated on %u MHz", 1333 ctx->assoc_freq); 1334 } 1335 if (status == NL80211_BSS_STATUS_IBSS_JOINED && 1336 bss[NL80211_BSS_FREQUENCY]) { 1337 ctx->ibss_freq = nla_get_u32(bss[NL80211_BSS_FREQUENCY]); 1338 wpa_printf(MSG_DEBUG, "nl80211: IBSS-joined on %u MHz", 1339 ctx->ibss_freq); 1340 } 1341 if (status == NL80211_BSS_STATUS_ASSOCIATED && 1342 bss[NL80211_BSS_BSSID]) { 1343 os_memcpy(ctx->assoc_bssid, 1344 nla_data(bss[NL80211_BSS_BSSID]), ETH_ALEN); 1345 wpa_printf(MSG_DEBUG, "nl80211: Associated with " 1346 MACSTR, MAC2STR(ctx->assoc_bssid)); 1347 } 1348 1349 if (status == NL80211_BSS_STATUS_ASSOCIATED && 1350 bss[NL80211_BSS_INFORMATION_ELEMENTS]) { 1351 const u8 *ie, *ssid; 1352 size_t ie_len; 1353 1354 ie = nla_data(bss[NL80211_BSS_INFORMATION_ELEMENTS]); 1355 ie_len = nla_len(bss[NL80211_BSS_INFORMATION_ELEMENTS]); 1356 ssid = get_ie(ie, ie_len, WLAN_EID_SSID); 1357 if (ssid && ssid[1] > 0 && ssid[1] <= SSID_MAX_LEN) { 1358 ctx->assoc_ssid_len = ssid[1]; 1359 os_memcpy(ctx->assoc_ssid, ssid + 2, ssid[1]); 1360 } 1361 } 1362 1363 return NL_SKIP; 1364 } 1365 1366 1367 int nl80211_get_assoc_ssid(struct wpa_driver_nl80211_data *drv, u8 *ssid) 1368 { 1369 struct nl_msg *msg; 1370 int ret; 1371 struct nl80211_get_assoc_freq_arg arg; 1372 1373 msg = nl80211_drv_msg(drv, NLM_F_DUMP, NL80211_CMD_GET_SCAN); 1374 os_memset(&arg, 0, sizeof(arg)); 1375 arg.drv = drv; 1376 ret = send_and_recv_msgs(drv, msg, nl80211_get_assoc_freq_handler, 1377 &arg); 1378 if (ret == 0) { 1379 os_memcpy(ssid, arg.assoc_ssid, arg.assoc_ssid_len); 1380 return arg.assoc_ssid_len; 1381 } 1382 wpa_printf(MSG_DEBUG, "nl80211: Scan result fetch failed: ret=%d (%s)", 1383 ret, strerror(-ret)); 1384 return ret; 1385 } 1386 1387 1388 unsigned int nl80211_get_assoc_freq(struct wpa_driver_nl80211_data *drv) 1389 { 1390 struct nl_msg *msg; 1391 int ret; 1392 struct nl80211_get_assoc_freq_arg arg; 1393 1394 msg = nl80211_drv_msg(drv, NLM_F_DUMP, NL80211_CMD_GET_SCAN); 1395 os_memset(&arg, 0, sizeof(arg)); 1396 arg.drv = drv; 1397 ret = send_and_recv_msgs(drv, msg, nl80211_get_assoc_freq_handler, 1398 &arg); 1399 if (ret == 0) { 1400 unsigned int freq = drv->nlmode == NL80211_IFTYPE_ADHOC ? 1401 arg.ibss_freq : arg.assoc_freq; 1402 wpa_printf(MSG_DEBUG, "nl80211: Operating frequency for the " 1403 "associated BSS from scan results: %u MHz", freq); 1404 if (freq) 1405 drv->assoc_freq = freq; 1406 return drv->assoc_freq; 1407 } 1408 wpa_printf(MSG_DEBUG, "nl80211: Scan result fetch failed: ret=%d " 1409 "(%s)", ret, strerror(-ret)); 1410 return drv->assoc_freq; 1411 } 1412 1413 1414 static int get_link_signal(struct nl_msg *msg, void *arg) 1415 { 1416 struct nlattr *tb[NL80211_ATTR_MAX + 1]; 1417 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); 1418 struct nlattr *sinfo[NL80211_STA_INFO_MAX + 1]; 1419 static struct nla_policy policy[NL80211_STA_INFO_MAX + 1] = { 1420 [NL80211_STA_INFO_SIGNAL] = { .type = NLA_U8 }, 1421 [NL80211_STA_INFO_SIGNAL_AVG] = { .type = NLA_U8 }, 1422 [NL80211_STA_INFO_BEACON_SIGNAL_AVG] = { .type = NLA_U8 }, 1423 }; 1424 struct nlattr *rinfo[NL80211_RATE_INFO_MAX + 1]; 1425 static struct nla_policy rate_policy[NL80211_RATE_INFO_MAX + 1] = { 1426 [NL80211_RATE_INFO_BITRATE] = { .type = NLA_U16 }, 1427 [NL80211_RATE_INFO_MCS] = { .type = NLA_U8 }, 1428 [NL80211_RATE_INFO_40_MHZ_WIDTH] = { .type = NLA_FLAG }, 1429 [NL80211_RATE_INFO_SHORT_GI] = { .type = NLA_FLAG }, 1430 }; 1431 struct wpa_signal_info *sig_change = arg; 1432 1433 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), 1434 genlmsg_attrlen(gnlh, 0), NULL); 1435 if (!tb[NL80211_ATTR_STA_INFO] || 1436 nla_parse_nested(sinfo, NL80211_STA_INFO_MAX, 1437 tb[NL80211_ATTR_STA_INFO], policy)) 1438 return NL_SKIP; 1439 if (!sinfo[NL80211_STA_INFO_SIGNAL]) 1440 return NL_SKIP; 1441 1442 sig_change->current_signal = 1443 (s8) nla_get_u8(sinfo[NL80211_STA_INFO_SIGNAL]); 1444 1445 if (sinfo[NL80211_STA_INFO_SIGNAL_AVG]) 1446 sig_change->avg_signal = 1447 (s8) nla_get_u8(sinfo[NL80211_STA_INFO_SIGNAL_AVG]); 1448 else 1449 sig_change->avg_signal = 0; 1450 1451 if (sinfo[NL80211_STA_INFO_BEACON_SIGNAL_AVG]) 1452 sig_change->avg_beacon_signal = 1453 (s8) 1454 nla_get_u8(sinfo[NL80211_STA_INFO_BEACON_SIGNAL_AVG]); 1455 else 1456 sig_change->avg_beacon_signal = 0; 1457 1458 if (sinfo[NL80211_STA_INFO_TX_BITRATE]) { 1459 if (nla_parse_nested(rinfo, NL80211_RATE_INFO_MAX, 1460 sinfo[NL80211_STA_INFO_TX_BITRATE], 1461 rate_policy)) { 1462 sig_change->current_txrate = 0; 1463 } else { 1464 if (rinfo[NL80211_RATE_INFO_BITRATE]) { 1465 sig_change->current_txrate = 1466 nla_get_u16(rinfo[ 1467 NL80211_RATE_INFO_BITRATE]) * 100; 1468 } 1469 } 1470 } 1471 1472 return NL_SKIP; 1473 } 1474 1475 1476 int nl80211_get_link_signal(struct wpa_driver_nl80211_data *drv, 1477 struct wpa_signal_info *sig) 1478 { 1479 struct nl_msg *msg; 1480 1481 sig->current_signal = -WPA_INVALID_NOISE; 1482 sig->current_txrate = 0; 1483 1484 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_GET_STATION)) || 1485 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, drv->bssid)) { 1486 nlmsg_free(msg); 1487 return -ENOBUFS; 1488 } 1489 1490 return send_and_recv_msgs(drv, msg, get_link_signal, sig); 1491 } 1492 1493 1494 static int get_link_noise(struct nl_msg *msg, void *arg) 1495 { 1496 struct nlattr *tb[NL80211_ATTR_MAX + 1]; 1497 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); 1498 struct nlattr *sinfo[NL80211_SURVEY_INFO_MAX + 1]; 1499 static struct nla_policy survey_policy[NL80211_SURVEY_INFO_MAX + 1] = { 1500 [NL80211_SURVEY_INFO_FREQUENCY] = { .type = NLA_U32 }, 1501 [NL80211_SURVEY_INFO_NOISE] = { .type = NLA_U8 }, 1502 }; 1503 struct wpa_signal_info *sig_change = arg; 1504 1505 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), 1506 genlmsg_attrlen(gnlh, 0), NULL); 1507 1508 if (!tb[NL80211_ATTR_SURVEY_INFO]) { 1509 wpa_printf(MSG_DEBUG, "nl80211: survey data missing!"); 1510 return NL_SKIP; 1511 } 1512 1513 if (nla_parse_nested(sinfo, NL80211_SURVEY_INFO_MAX, 1514 tb[NL80211_ATTR_SURVEY_INFO], 1515 survey_policy)) { 1516 wpa_printf(MSG_DEBUG, "nl80211: failed to parse nested " 1517 "attributes!"); 1518 return NL_SKIP; 1519 } 1520 1521 if (!sinfo[NL80211_SURVEY_INFO_FREQUENCY]) 1522 return NL_SKIP; 1523 1524 if (nla_get_u32(sinfo[NL80211_SURVEY_INFO_FREQUENCY]) != 1525 sig_change->frequency) 1526 return NL_SKIP; 1527 1528 if (!sinfo[NL80211_SURVEY_INFO_NOISE]) 1529 return NL_SKIP; 1530 1531 sig_change->current_noise = 1532 (s8) nla_get_u8(sinfo[NL80211_SURVEY_INFO_NOISE]); 1533 1534 return NL_SKIP; 1535 } 1536 1537 1538 int nl80211_get_link_noise(struct wpa_driver_nl80211_data *drv, 1539 struct wpa_signal_info *sig_change) 1540 { 1541 struct nl_msg *msg; 1542 1543 sig_change->current_noise = WPA_INVALID_NOISE; 1544 sig_change->frequency = drv->assoc_freq; 1545 1546 msg = nl80211_drv_msg(drv, NLM_F_DUMP, NL80211_CMD_GET_SURVEY); 1547 return send_and_recv_msgs(drv, msg, get_link_noise, sig_change); 1548 } 1549 1550 1551 static int get_channel_info(struct nl_msg *msg, void *arg) 1552 { 1553 struct nlattr *tb[NL80211_ATTR_MAX + 1] = { 0 }; 1554 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); 1555 struct wpa_channel_info *chan_info = arg; 1556 1557 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), 1558 genlmsg_attrlen(gnlh, 0), NULL); 1559 1560 os_memset(chan_info, 0, sizeof(struct wpa_channel_info)); 1561 chan_info->chanwidth = CHAN_WIDTH_UNKNOWN; 1562 1563 if (tb[NL80211_ATTR_WIPHY_FREQ]) 1564 chan_info->frequency = 1565 nla_get_u32(tb[NL80211_ATTR_WIPHY_FREQ]); 1566 if (tb[NL80211_ATTR_CHANNEL_WIDTH]) 1567 chan_info->chanwidth = convert2width( 1568 nla_get_u32(tb[NL80211_ATTR_CHANNEL_WIDTH])); 1569 if (tb[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) { 1570 enum nl80211_channel_type ct = 1571 nla_get_u32(tb[NL80211_ATTR_WIPHY_CHANNEL_TYPE]); 1572 1573 switch (ct) { 1574 case NL80211_CHAN_HT40MINUS: 1575 chan_info->sec_channel = -1; 1576 break; 1577 case NL80211_CHAN_HT40PLUS: 1578 chan_info->sec_channel = 1; 1579 break; 1580 default: 1581 chan_info->sec_channel = 0; 1582 break; 1583 } 1584 } 1585 if (tb[NL80211_ATTR_CENTER_FREQ1]) 1586 chan_info->center_frq1 = 1587 nla_get_u32(tb[NL80211_ATTR_CENTER_FREQ1]); 1588 if (tb[NL80211_ATTR_CENTER_FREQ2]) 1589 chan_info->center_frq2 = 1590 nla_get_u32(tb[NL80211_ATTR_CENTER_FREQ2]); 1591 1592 if (chan_info->center_frq2) { 1593 u8 seg1_idx = 0; 1594 1595 if (ieee80211_freq_to_chan(chan_info->center_frq2, &seg1_idx) != 1596 NUM_HOSTAPD_MODES) 1597 chan_info->seg1_idx = seg1_idx; 1598 } 1599 1600 return NL_SKIP; 1601 } 1602 1603 1604 static int nl80211_channel_info(void *priv, struct wpa_channel_info *ci) 1605 { 1606 struct i802_bss *bss = priv; 1607 struct wpa_driver_nl80211_data *drv = bss->drv; 1608 struct nl_msg *msg; 1609 1610 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_GET_INTERFACE); 1611 return send_and_recv_msgs(drv, msg, get_channel_info, ci); 1612 } 1613 1614 1615 static void wpa_driver_nl80211_event_receive(int sock, void *eloop_ctx, 1616 void *handle) 1617 { 1618 struct nl_cb *cb = eloop_ctx; 1619 int res; 1620 1621 wpa_printf(MSG_MSGDUMP, "nl80211: Event message available"); 1622 1623 res = nl_recvmsgs(handle, cb); 1624 if (res < 0) { 1625 wpa_printf(MSG_INFO, "nl80211: %s->nl_recvmsgs failed: %d", 1626 __func__, res); 1627 } 1628 } 1629 1630 1631 /** 1632 * wpa_driver_nl80211_set_country - ask nl80211 to set the regulatory domain 1633 * @priv: driver_nl80211 private data 1634 * @alpha2_arg: country to which to switch to 1635 * Returns: 0 on success, -1 on failure 1636 * 1637 * This asks nl80211 to set the regulatory domain for given 1638 * country ISO / IEC alpha2. 1639 */ 1640 static int wpa_driver_nl80211_set_country(void *priv, const char *alpha2_arg) 1641 { 1642 struct i802_bss *bss = priv; 1643 struct wpa_driver_nl80211_data *drv = bss->drv; 1644 char alpha2[3]; 1645 struct nl_msg *msg; 1646 1647 msg = nlmsg_alloc(); 1648 if (!msg) 1649 return -ENOMEM; 1650 1651 alpha2[0] = alpha2_arg[0]; 1652 alpha2[1] = alpha2_arg[1]; 1653 alpha2[2] = '\0'; 1654 1655 if (!nl80211_cmd(drv, msg, 0, NL80211_CMD_REQ_SET_REG) || 1656 nla_put_string(msg, NL80211_ATTR_REG_ALPHA2, alpha2)) { 1657 nlmsg_free(msg); 1658 return -EINVAL; 1659 } 1660 if (send_and_recv_msgs(drv, msg, NULL, NULL)) 1661 return -EINVAL; 1662 return 0; 1663 } 1664 1665 1666 static int nl80211_get_country(struct nl_msg *msg, void *arg) 1667 { 1668 char *alpha2 = arg; 1669 struct nlattr *tb_msg[NL80211_ATTR_MAX + 1]; 1670 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); 1671 1672 nla_parse(tb_msg, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), 1673 genlmsg_attrlen(gnlh, 0), NULL); 1674 if (!tb_msg[NL80211_ATTR_REG_ALPHA2]) { 1675 wpa_printf(MSG_DEBUG, "nl80211: No country information available"); 1676 return NL_SKIP; 1677 } 1678 os_strlcpy(alpha2, nla_data(tb_msg[NL80211_ATTR_REG_ALPHA2]), 3); 1679 return NL_SKIP; 1680 } 1681 1682 1683 static int wpa_driver_nl80211_get_country(void *priv, char *alpha2) 1684 { 1685 struct i802_bss *bss = priv; 1686 struct wpa_driver_nl80211_data *drv = bss->drv; 1687 struct nl_msg *msg; 1688 int ret; 1689 1690 msg = nlmsg_alloc(); 1691 if (!msg) 1692 return -ENOMEM; 1693 1694 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_REG); 1695 alpha2[0] = '\0'; 1696 ret = send_and_recv_msgs(drv, msg, nl80211_get_country, alpha2); 1697 if (!alpha2[0]) 1698 ret = -1; 1699 1700 return ret; 1701 } 1702 1703 1704 static int wpa_driver_nl80211_init_nl_global(struct nl80211_global *global) 1705 { 1706 int ret; 1707 1708 global->nl_cb = nl_cb_alloc(NL_CB_DEFAULT); 1709 if (global->nl_cb == NULL) { 1710 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate netlink " 1711 "callbacks"); 1712 return -1; 1713 } 1714 1715 global->nl = nl_create_handle(global->nl_cb, "nl"); 1716 if (global->nl == NULL) 1717 goto err; 1718 1719 global->nl80211_id = genl_ctrl_resolve(global->nl, "nl80211"); 1720 if (global->nl80211_id < 0) { 1721 wpa_printf(MSG_ERROR, "nl80211: 'nl80211' generic netlink not " 1722 "found"); 1723 goto err; 1724 } 1725 1726 global->nl_event = nl_create_handle(global->nl_cb, "event"); 1727 if (global->nl_event == NULL) 1728 goto err; 1729 1730 ret = nl_get_multicast_id(global, "nl80211", "scan"); 1731 if (ret >= 0) 1732 ret = nl_socket_add_membership(global->nl_event, ret); 1733 if (ret < 0) { 1734 wpa_printf(MSG_ERROR, "nl80211: Could not add multicast " 1735 "membership for scan events: %d (%s)", 1736 ret, strerror(-ret)); 1737 goto err; 1738 } 1739 1740 ret = nl_get_multicast_id(global, "nl80211", "mlme"); 1741 if (ret >= 0) 1742 ret = nl_socket_add_membership(global->nl_event, ret); 1743 if (ret < 0) { 1744 wpa_printf(MSG_ERROR, "nl80211: Could not add multicast " 1745 "membership for mlme events: %d (%s)", 1746 ret, strerror(-ret)); 1747 goto err; 1748 } 1749 1750 ret = nl_get_multicast_id(global, "nl80211", "regulatory"); 1751 if (ret >= 0) 1752 ret = nl_socket_add_membership(global->nl_event, ret); 1753 if (ret < 0) { 1754 wpa_printf(MSG_DEBUG, "nl80211: Could not add multicast " 1755 "membership for regulatory events: %d (%s)", 1756 ret, strerror(-ret)); 1757 /* Continue without regulatory events */ 1758 } 1759 1760 ret = nl_get_multicast_id(global, "nl80211", "vendor"); 1761 if (ret >= 0) 1762 ret = nl_socket_add_membership(global->nl_event, ret); 1763 if (ret < 0) { 1764 wpa_printf(MSG_DEBUG, "nl80211: Could not add multicast " 1765 "membership for vendor events: %d (%s)", 1766 ret, strerror(-ret)); 1767 /* Continue without vendor events */ 1768 } 1769 1770 nl_cb_set(global->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM, 1771 no_seq_check, NULL); 1772 nl_cb_set(global->nl_cb, NL_CB_VALID, NL_CB_CUSTOM, 1773 process_global_event, global); 1774 1775 nl80211_register_eloop_read(&global->nl_event, 1776 wpa_driver_nl80211_event_receive, 1777 global->nl_cb, 0); 1778 1779 return 0; 1780 1781 err: 1782 nl_destroy_handles(&global->nl_event); 1783 nl_destroy_handles(&global->nl); 1784 nl_cb_put(global->nl_cb); 1785 global->nl_cb = NULL; 1786 return -1; 1787 } 1788 1789 1790 static void nl80211_check_global(struct nl80211_global *global) 1791 { 1792 struct nl_handle *handle; 1793 const char *groups[] = { "scan", "mlme", "regulatory", "vendor", NULL }; 1794 int ret; 1795 unsigned int i; 1796 1797 /* 1798 * Try to re-add memberships to handle case of cfg80211 getting reloaded 1799 * and all registration having been cleared. 1800 */ 1801 handle = (void *) (((intptr_t) global->nl_event) ^ 1802 ELOOP_SOCKET_INVALID); 1803 1804 for (i = 0; groups[i]; i++) { 1805 ret = nl_get_multicast_id(global, "nl80211", groups[i]); 1806 if (ret >= 0) 1807 ret = nl_socket_add_membership(handle, ret); 1808 if (ret < 0) { 1809 wpa_printf(MSG_INFO, 1810 "nl80211: Could not re-add multicast membership for %s events: %d (%s)", 1811 groups[i], ret, strerror(-ret)); 1812 } 1813 } 1814 } 1815 1816 1817 static void wpa_driver_nl80211_rfkill_blocked(void *ctx) 1818 { 1819 struct wpa_driver_nl80211_data *drv = ctx; 1820 1821 wpa_printf(MSG_DEBUG, "nl80211: RFKILL blocked"); 1822 1823 /* 1824 * rtnetlink ifdown handler will report interfaces other than the P2P 1825 * Device interface as disabled. 1826 */ 1827 if (drv->nlmode == NL80211_IFTYPE_P2P_DEVICE) 1828 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_DISABLED, NULL); 1829 } 1830 1831 1832 static void wpa_driver_nl80211_rfkill_unblocked(void *ctx) 1833 { 1834 struct wpa_driver_nl80211_data *drv = ctx; 1835 wpa_printf(MSG_DEBUG, "nl80211: RFKILL unblocked"); 1836 if (i802_set_iface_flags(drv->first_bss, 1)) { 1837 wpa_printf(MSG_DEBUG, "nl80211: Could not set interface UP " 1838 "after rfkill unblock"); 1839 return; 1840 } 1841 1842 if (is_p2p_net_interface(drv->nlmode)) 1843 nl80211_disable_11b_rates(drv, drv->ifindex, 1); 1844 1845 /* 1846 * rtnetlink ifup handler will report interfaces other than the P2P 1847 * Device interface as enabled. 1848 */ 1849 if (drv->nlmode == NL80211_IFTYPE_P2P_DEVICE) 1850 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_ENABLED, NULL); 1851 } 1852 1853 1854 static void wpa_driver_nl80211_handle_eapol_tx_status(int sock, 1855 void *eloop_ctx, 1856 void *handle) 1857 { 1858 struct wpa_driver_nl80211_data *drv = eloop_ctx; 1859 u8 data[2048]; 1860 struct msghdr msg; 1861 struct iovec entry; 1862 u8 control[512]; 1863 struct cmsghdr *cmsg; 1864 int res, found_ee = 0, found_wifi = 0, acked = 0; 1865 union wpa_event_data event; 1866 1867 memset(&msg, 0, sizeof(msg)); 1868 msg.msg_iov = &entry; 1869 msg.msg_iovlen = 1; 1870 entry.iov_base = data; 1871 entry.iov_len = sizeof(data); 1872 msg.msg_control = &control; 1873 msg.msg_controllen = sizeof(control); 1874 1875 res = recvmsg(sock, &msg, MSG_ERRQUEUE); 1876 /* if error or not fitting 802.3 header, return */ 1877 if (res < 14) 1878 return; 1879 1880 for (cmsg = CMSG_FIRSTHDR(&msg); cmsg; cmsg = CMSG_NXTHDR(&msg, cmsg)) 1881 { 1882 if (cmsg->cmsg_level == SOL_SOCKET && 1883 cmsg->cmsg_type == SCM_WIFI_STATUS) { 1884 int *ack; 1885 1886 found_wifi = 1; 1887 ack = (void *)CMSG_DATA(cmsg); 1888 acked = *ack; 1889 } 1890 1891 if (cmsg->cmsg_level == SOL_PACKET && 1892 cmsg->cmsg_type == PACKET_TX_TIMESTAMP) { 1893 struct sock_extended_err *err = 1894 (struct sock_extended_err *)CMSG_DATA(cmsg); 1895 1896 if (err->ee_origin == SO_EE_ORIGIN_TXSTATUS) 1897 found_ee = 1; 1898 } 1899 } 1900 1901 if (!found_ee || !found_wifi) 1902 return; 1903 1904 memset(&event, 0, sizeof(event)); 1905 event.eapol_tx_status.dst = data; 1906 event.eapol_tx_status.data = data + 14; 1907 event.eapol_tx_status.data_len = res - 14; 1908 event.eapol_tx_status.ack = acked; 1909 wpa_supplicant_event(drv->ctx, EVENT_EAPOL_TX_STATUS, &event); 1910 } 1911 1912 1913 static int nl80211_init_bss(struct i802_bss *bss) 1914 { 1915 bss->nl_cb = nl_cb_alloc(NL_CB_DEFAULT); 1916 if (!bss->nl_cb) 1917 return -1; 1918 1919 nl_cb_set(bss->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM, 1920 no_seq_check, NULL); 1921 nl_cb_set(bss->nl_cb, NL_CB_VALID, NL_CB_CUSTOM, 1922 process_bss_event, bss); 1923 1924 return 0; 1925 } 1926 1927 1928 static void nl80211_destroy_bss(struct i802_bss *bss) 1929 { 1930 nl_cb_put(bss->nl_cb); 1931 bss->nl_cb = NULL; 1932 } 1933 1934 1935 static void 1936 wpa_driver_nl80211_drv_init_rfkill(struct wpa_driver_nl80211_data *drv) 1937 { 1938 struct rfkill_config *rcfg; 1939 1940 if (drv->rfkill) 1941 return; 1942 1943 rcfg = os_zalloc(sizeof(*rcfg)); 1944 if (!rcfg) 1945 return; 1946 1947 rcfg->ctx = drv; 1948 1949 /* rfkill uses netdev sysfs for initialization. However, P2P Device is 1950 * not associated with a netdev, so use the name of some other interface 1951 * sharing the same wiphy as the P2P Device interface. 1952 * 1953 * Note: This is valid, as a P2P Device interface is always dynamically 1954 * created and is created only once another wpa_s interface was added. 1955 */ 1956 if (drv->nlmode == NL80211_IFTYPE_P2P_DEVICE) { 1957 struct nl80211_global *global = drv->global; 1958 struct wpa_driver_nl80211_data *tmp1; 1959 1960 dl_list_for_each(tmp1, &global->interfaces, 1961 struct wpa_driver_nl80211_data, list) { 1962 if (drv == tmp1 || drv->wiphy_idx != tmp1->wiphy_idx || 1963 !tmp1->rfkill) 1964 continue; 1965 1966 wpa_printf(MSG_DEBUG, 1967 "nl80211: Use (%s) to initialize P2P Device rfkill", 1968 tmp1->first_bss->ifname); 1969 os_strlcpy(rcfg->ifname, tmp1->first_bss->ifname, 1970 sizeof(rcfg->ifname)); 1971 break; 1972 } 1973 } else { 1974 os_strlcpy(rcfg->ifname, drv->first_bss->ifname, 1975 sizeof(rcfg->ifname)); 1976 } 1977 1978 rcfg->blocked_cb = wpa_driver_nl80211_rfkill_blocked; 1979 rcfg->unblocked_cb = wpa_driver_nl80211_rfkill_unblocked; 1980 drv->rfkill = rfkill_init(rcfg); 1981 if (!drv->rfkill) { 1982 wpa_printf(MSG_DEBUG, "nl80211: RFKILL status not available"); 1983 os_free(rcfg); 1984 } 1985 } 1986 1987 1988 static void * wpa_driver_nl80211_drv_init(void *ctx, const char *ifname, 1989 void *global_priv, int hostapd, 1990 const u8 *set_addr, 1991 const char *driver_params) 1992 { 1993 struct wpa_driver_nl80211_data *drv; 1994 struct i802_bss *bss; 1995 1996 if (global_priv == NULL) 1997 return NULL; 1998 drv = os_zalloc(sizeof(*drv)); 1999 if (drv == NULL) 2000 return NULL; 2001 drv->global = global_priv; 2002 drv->ctx = ctx; 2003 drv->hostapd = !!hostapd; 2004 drv->eapol_sock = -1; 2005 2006 /* 2007 * There is no driver capability flag for this, so assume it is 2008 * supported and disable this on first attempt to use if the driver 2009 * rejects the command due to missing support. 2010 */ 2011 drv->set_rekey_offload = 1; 2012 2013 drv->num_if_indices = ARRAY_SIZE(drv->default_if_indices); 2014 drv->if_indices = drv->default_if_indices; 2015 2016 drv->first_bss = os_zalloc(sizeof(*drv->first_bss)); 2017 if (!drv->first_bss) { 2018 os_free(drv); 2019 return NULL; 2020 } 2021 bss = drv->first_bss; 2022 bss->drv = drv; 2023 bss->ctx = ctx; 2024 2025 os_strlcpy(bss->ifname, ifname, sizeof(bss->ifname)); 2026 drv->monitor_ifidx = -1; 2027 drv->monitor_sock = -1; 2028 drv->eapol_tx_sock = -1; 2029 drv->ap_scan_as_station = NL80211_IFTYPE_UNSPECIFIED; 2030 2031 if (nl80211_init_bss(bss)) 2032 goto failed; 2033 2034 if (wpa_driver_nl80211_finish_drv_init(drv, set_addr, 1, driver_params)) 2035 goto failed; 2036 2037 drv->eapol_tx_sock = socket(PF_PACKET, SOCK_DGRAM, 0); 2038 if (drv->eapol_tx_sock < 0) 2039 goto failed; 2040 2041 if (drv->data_tx_status) { 2042 int enabled = 1; 2043 2044 if (setsockopt(drv->eapol_tx_sock, SOL_SOCKET, SO_WIFI_STATUS, 2045 &enabled, sizeof(enabled)) < 0) { 2046 wpa_printf(MSG_DEBUG, 2047 "nl80211: wifi status sockopt failed\n"); 2048 drv->data_tx_status = 0; 2049 if (!drv->use_monitor) 2050 drv->capa.flags &= 2051 ~WPA_DRIVER_FLAGS_EAPOL_TX_STATUS; 2052 } else { 2053 eloop_register_read_sock(drv->eapol_tx_sock, 2054 wpa_driver_nl80211_handle_eapol_tx_status, 2055 drv, NULL); 2056 } 2057 } 2058 2059 if (drv->global) { 2060 nl80211_check_global(drv->global); 2061 dl_list_add(&drv->global->interfaces, &drv->list); 2062 drv->in_interface_list = 1; 2063 } 2064 2065 return bss; 2066 2067 failed: 2068 wpa_driver_nl80211_deinit(bss); 2069 return NULL; 2070 } 2071 2072 2073 /** 2074 * wpa_driver_nl80211_init - Initialize nl80211 driver interface 2075 * @ctx: context to be used when calling wpa_supplicant functions, 2076 * e.g., wpa_supplicant_event() 2077 * @ifname: interface name, e.g., wlan0 2078 * @global_priv: private driver global data from global_init() 2079 * Returns: Pointer to private data, %NULL on failure 2080 */ 2081 static void * wpa_driver_nl80211_init(void *ctx, const char *ifname, 2082 void *global_priv) 2083 { 2084 return wpa_driver_nl80211_drv_init(ctx, ifname, global_priv, 0, NULL, 2085 NULL); 2086 } 2087 2088 2089 static int nl80211_register_frame(struct i802_bss *bss, 2090 struct nl_handle *nl_handle, 2091 u16 type, const u8 *match, size_t match_len) 2092 { 2093 struct wpa_driver_nl80211_data *drv = bss->drv; 2094 struct nl_msg *msg; 2095 int ret; 2096 char buf[30]; 2097 2098 buf[0] = '\0'; 2099 wpa_snprintf_hex(buf, sizeof(buf), match, match_len); 2100 wpa_printf(MSG_DEBUG, "nl80211: Register frame type=0x%x (%s) nl_handle=%p match=%s", 2101 type, fc2str(type), nl_handle, buf); 2102 2103 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_REGISTER_ACTION)) || 2104 nla_put_u16(msg, NL80211_ATTR_FRAME_TYPE, type) || 2105 nla_put(msg, NL80211_ATTR_FRAME_MATCH, match_len, match)) { 2106 nlmsg_free(msg); 2107 return -1; 2108 } 2109 2110 ret = send_and_recv(drv->global, nl_handle, msg, NULL, NULL); 2111 if (ret) { 2112 wpa_printf(MSG_DEBUG, "nl80211: Register frame command " 2113 "failed (type=%u): ret=%d (%s)", 2114 type, ret, strerror(-ret)); 2115 wpa_hexdump(MSG_DEBUG, "nl80211: Register frame match", 2116 match, match_len); 2117 } 2118 return ret; 2119 } 2120 2121 2122 static int nl80211_alloc_mgmt_handle(struct i802_bss *bss) 2123 { 2124 if (bss->nl_mgmt) { 2125 wpa_printf(MSG_DEBUG, "nl80211: Mgmt reporting " 2126 "already on! (nl_mgmt=%p)", bss->nl_mgmt); 2127 return -1; 2128 } 2129 2130 bss->nl_mgmt = nl_create_handle(bss->nl_cb, "mgmt"); 2131 if (bss->nl_mgmt == NULL) 2132 return -1; 2133 2134 return 0; 2135 } 2136 2137 2138 static void nl80211_mgmt_handle_register_eloop(struct i802_bss *bss) 2139 { 2140 nl80211_register_eloop_read(&bss->nl_mgmt, 2141 wpa_driver_nl80211_event_receive, 2142 bss->nl_cb, 0); 2143 } 2144 2145 2146 static int nl80211_register_action_frame(struct i802_bss *bss, 2147 const u8 *match, size_t match_len) 2148 { 2149 u16 type = (WLAN_FC_TYPE_MGMT << 2) | (WLAN_FC_STYPE_ACTION << 4); 2150 return nl80211_register_frame(bss, bss->nl_mgmt, 2151 type, match, match_len); 2152 } 2153 2154 2155 static int nl80211_init_connect_handle(struct i802_bss *bss) 2156 { 2157 if (bss->nl_connect) { 2158 wpa_printf(MSG_DEBUG, 2159 "nl80211: Connect handle already created (nl_connect=%p)", 2160 bss->nl_connect); 2161 return -1; 2162 } 2163 2164 bss->nl_connect = nl_create_handle(bss->nl_cb, "connect"); 2165 if (!bss->nl_connect) 2166 return -1; 2167 nl80211_register_eloop_read(&bss->nl_connect, 2168 wpa_driver_nl80211_event_receive, 2169 bss->nl_cb, 1); 2170 return 0; 2171 } 2172 2173 2174 static int nl80211_mgmt_subscribe_non_ap(struct i802_bss *bss) 2175 { 2176 struct wpa_driver_nl80211_data *drv = bss->drv; 2177 int ret = 0; 2178 2179 if (nl80211_alloc_mgmt_handle(bss)) 2180 return -1; 2181 wpa_printf(MSG_DEBUG, "nl80211: Subscribe to mgmt frames with non-AP " 2182 "handle %p", bss->nl_mgmt); 2183 2184 if (drv->nlmode == NL80211_IFTYPE_ADHOC || 2185 ((drv->capa.flags & WPA_DRIVER_FLAGS_SAE) && 2186 !(drv->capa.flags & WPA_DRIVER_FLAGS_SME))) { 2187 u16 type = (WLAN_FC_TYPE_MGMT << 2) | (WLAN_FC_STYPE_AUTH << 4); 2188 2189 /* register for any AUTH message */ 2190 nl80211_register_frame(bss, bss->nl_mgmt, type, NULL, 0); 2191 } 2192 2193 #ifdef CONFIG_INTERWORKING 2194 /* QoS Map Configure */ 2195 if (nl80211_register_action_frame(bss, (u8 *) "\x01\x04", 2) < 0) 2196 ret = -1; 2197 #endif /* CONFIG_INTERWORKING */ 2198 #if defined(CONFIG_P2P) || defined(CONFIG_INTERWORKING) || defined(CONFIG_DPP) 2199 /* GAS Initial Request */ 2200 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0a", 2) < 0) 2201 ret = -1; 2202 /* GAS Initial Response */ 2203 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0b", 2) < 0) 2204 ret = -1; 2205 /* GAS Comeback Request */ 2206 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0c", 2) < 0) 2207 ret = -1; 2208 /* GAS Comeback Response */ 2209 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0d", 2) < 0) 2210 ret = -1; 2211 /* Protected GAS Initial Request */ 2212 if (nl80211_register_action_frame(bss, (u8 *) "\x09\x0a", 2) < 0) 2213 ret = -1; 2214 /* Protected GAS Initial Response */ 2215 if (nl80211_register_action_frame(bss, (u8 *) "\x09\x0b", 2) < 0) 2216 ret = -1; 2217 /* Protected GAS Comeback Request */ 2218 if (nl80211_register_action_frame(bss, (u8 *) "\x09\x0c", 2) < 0) 2219 ret = -1; 2220 /* Protected GAS Comeback Response */ 2221 if (nl80211_register_action_frame(bss, (u8 *) "\x09\x0d", 2) < 0) 2222 ret = -1; 2223 #endif /* CONFIG_P2P || CONFIG_INTERWORKING || CONFIG_DPP */ 2224 #ifdef CONFIG_P2P 2225 /* P2P Public Action */ 2226 if (nl80211_register_action_frame(bss, 2227 (u8 *) "\x04\x09\x50\x6f\x9a\x09", 2228 6) < 0) 2229 ret = -1; 2230 /* P2P Action */ 2231 if (nl80211_register_action_frame(bss, 2232 (u8 *) "\x7f\x50\x6f\x9a\x09", 2233 5) < 0) 2234 ret = -1; 2235 #endif /* CONFIG_P2P */ 2236 #ifdef CONFIG_DPP 2237 /* DPP Public Action */ 2238 if (nl80211_register_action_frame(bss, 2239 (u8 *) "\x04\x09\x50\x6f\x9a\x1a", 2240 6) < 0) 2241 ret = -1; 2242 #endif /* CONFIG_DPP */ 2243 #ifdef CONFIG_IEEE80211W 2244 #ifdef CONFIG_OCV 2245 /* SA Query Request */ 2246 if (nl80211_register_action_frame(bss, (u8 *) "\x08\x00", 2) < 0) 2247 ret = -1; 2248 #endif /* CONFIG_OCV */ 2249 /* SA Query Response */ 2250 if (nl80211_register_action_frame(bss, (u8 *) "\x08\x01", 2) < 0) 2251 ret = -1; 2252 #endif /* CONFIG_IEEE80211W */ 2253 #ifdef CONFIG_TDLS 2254 if ((drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT)) { 2255 /* TDLS Discovery Response */ 2256 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0e", 2) < 2257 0) 2258 ret = -1; 2259 } 2260 #endif /* CONFIG_TDLS */ 2261 #ifdef CONFIG_FST 2262 /* FST Action frames */ 2263 if (nl80211_register_action_frame(bss, (u8 *) "\x12", 1) < 0) 2264 ret = -1; 2265 #endif /* CONFIG_FST */ 2266 2267 /* FT Action frames */ 2268 if (nl80211_register_action_frame(bss, (u8 *) "\x06", 1) < 0) 2269 ret = -1; 2270 else 2271 drv->capa.key_mgmt |= WPA_DRIVER_CAPA_KEY_MGMT_FT | 2272 WPA_DRIVER_CAPA_KEY_MGMT_FT_PSK; 2273 2274 /* WNM - BSS Transition Management Request */ 2275 if (nl80211_register_action_frame(bss, (u8 *) "\x0a\x07", 2) < 0) 2276 ret = -1; 2277 /* WNM-Sleep Mode Response */ 2278 if (nl80211_register_action_frame(bss, (u8 *) "\x0a\x11", 2) < 0) 2279 ret = -1; 2280 #ifdef CONFIG_WNM 2281 /* WNM - Collocated Interference Request */ 2282 if (nl80211_register_action_frame(bss, (u8 *) "\x0a\x0b", 2) < 0) 2283 ret = -1; 2284 #endif /* CONFIG_WNM */ 2285 2286 #ifdef CONFIG_HS20 2287 /* WNM-Notification */ 2288 if (nl80211_register_action_frame(bss, (u8 *) "\x0a\x1a", 2) < 0) 2289 ret = -1; 2290 #endif /* CONFIG_HS20 */ 2291 2292 /* WMM-AC ADDTS Response */ 2293 if (nl80211_register_action_frame(bss, (u8 *) "\x11\x01", 2) < 0) 2294 ret = -1; 2295 2296 /* WMM-AC DELTS */ 2297 if (nl80211_register_action_frame(bss, (u8 *) "\x11\x02", 2) < 0) 2298 ret = -1; 2299 2300 /* Radio Measurement - Neighbor Report Response */ 2301 if (nl80211_register_action_frame(bss, (u8 *) "\x05\x05", 2) < 0) 2302 ret = -1; 2303 2304 /* Radio Measurement - Radio Measurement Request */ 2305 if (nl80211_register_action_frame(bss, (u8 *) "\x05\x00", 2) < 0) 2306 ret = -1; 2307 2308 /* Radio Measurement - Link Measurement Request */ 2309 if ((drv->capa.rrm_flags & WPA_DRIVER_FLAGS_TX_POWER_INSERTION) && 2310 (nl80211_register_action_frame(bss, (u8 *) "\x05\x02", 2) < 0)) 2311 ret = -1; 2312 2313 nl80211_mgmt_handle_register_eloop(bss); 2314 2315 return ret; 2316 } 2317 2318 2319 static int nl80211_mgmt_subscribe_mesh(struct i802_bss *bss) 2320 { 2321 int ret = 0; 2322 2323 if (nl80211_alloc_mgmt_handle(bss)) 2324 return -1; 2325 2326 wpa_printf(MSG_DEBUG, 2327 "nl80211: Subscribe to mgmt frames with mesh handle %p", 2328 bss->nl_mgmt); 2329 2330 /* Auth frames for mesh SAE */ 2331 if (nl80211_register_frame(bss, bss->nl_mgmt, 2332 (WLAN_FC_TYPE_MGMT << 2) | 2333 (WLAN_FC_STYPE_AUTH << 4), 2334 NULL, 0) < 0) 2335 ret = -1; 2336 2337 /* Mesh peering open */ 2338 if (nl80211_register_action_frame(bss, (u8 *) "\x0f\x01", 2) < 0) 2339 ret = -1; 2340 /* Mesh peering confirm */ 2341 if (nl80211_register_action_frame(bss, (u8 *) "\x0f\x02", 2) < 0) 2342 ret = -1; 2343 /* Mesh peering close */ 2344 if (nl80211_register_action_frame(bss, (u8 *) "\x0f\x03", 2) < 0) 2345 ret = -1; 2346 2347 nl80211_mgmt_handle_register_eloop(bss); 2348 2349 return ret; 2350 } 2351 2352 2353 static int nl80211_register_spurious_class3(struct i802_bss *bss) 2354 { 2355 struct nl_msg *msg; 2356 int ret; 2357 2358 msg = nl80211_bss_msg(bss, 0, NL80211_CMD_UNEXPECTED_FRAME); 2359 ret = send_and_recv(bss->drv->global, bss->nl_mgmt, msg, NULL, NULL); 2360 if (ret) { 2361 wpa_printf(MSG_DEBUG, "nl80211: Register spurious class3 " 2362 "failed: ret=%d (%s)", 2363 ret, strerror(-ret)); 2364 } 2365 return ret; 2366 } 2367 2368 2369 static int nl80211_action_subscribe_ap(struct i802_bss *bss) 2370 { 2371 int ret = 0; 2372 2373 /* Public Action frames */ 2374 if (nl80211_register_action_frame(bss, (u8 *) "\x04", 1) < 0) 2375 ret = -1; 2376 /* RRM Measurement Report */ 2377 if (nl80211_register_action_frame(bss, (u8 *) "\x05\x01", 2) < 0) 2378 ret = -1; 2379 /* RRM Link Measurement Report */ 2380 if (nl80211_register_action_frame(bss, (u8 *) "\x05\x03", 2) < 0) 2381 ret = -1; 2382 /* RRM Neighbor Report Request */ 2383 if (nl80211_register_action_frame(bss, (u8 *) "\x05\x04", 2) < 0) 2384 ret = -1; 2385 /* FT Action frames */ 2386 if (nl80211_register_action_frame(bss, (u8 *) "\x06", 1) < 0) 2387 ret = -1; 2388 #ifdef CONFIG_IEEE80211W 2389 /* SA Query */ 2390 if (nl80211_register_action_frame(bss, (u8 *) "\x08", 1) < 0) 2391 ret = -1; 2392 #endif /* CONFIG_IEEE80211W */ 2393 /* Protected Dual of Public Action */ 2394 if (nl80211_register_action_frame(bss, (u8 *) "\x09", 1) < 0) 2395 ret = -1; 2396 /* WNM */ 2397 if (nl80211_register_action_frame(bss, (u8 *) "\x0a", 1) < 0) 2398 ret = -1; 2399 /* WMM */ 2400 if (nl80211_register_action_frame(bss, (u8 *) "\x11", 1) < 0) 2401 ret = -1; 2402 #ifdef CONFIG_FST 2403 /* FST Action frames */ 2404 if (nl80211_register_action_frame(bss, (u8 *) "\x12", 1) < 0) 2405 ret = -1; 2406 #endif /* CONFIG_FST */ 2407 /* Vendor-specific */ 2408 if (nl80211_register_action_frame(bss, (u8 *) "\x7f", 1) < 0) 2409 ret = -1; 2410 2411 return ret; 2412 } 2413 2414 2415 static int nl80211_mgmt_subscribe_ap(struct i802_bss *bss) 2416 { 2417 static const int stypes[] = { 2418 WLAN_FC_STYPE_AUTH, 2419 WLAN_FC_STYPE_ASSOC_REQ, 2420 WLAN_FC_STYPE_REASSOC_REQ, 2421 WLAN_FC_STYPE_DISASSOC, 2422 WLAN_FC_STYPE_DEAUTH, 2423 WLAN_FC_STYPE_PROBE_REQ, 2424 /* Beacon doesn't work as mac80211 doesn't currently allow 2425 * it, but it wouldn't really be the right thing anyway as 2426 * it isn't per interface ... maybe just dump the scan 2427 * results periodically for OLBC? 2428 */ 2429 /* WLAN_FC_STYPE_BEACON, */ 2430 }; 2431 unsigned int i; 2432 2433 if (nl80211_alloc_mgmt_handle(bss)) 2434 return -1; 2435 wpa_printf(MSG_DEBUG, "nl80211: Subscribe to mgmt frames with AP " 2436 "handle %p", bss->nl_mgmt); 2437 2438 for (i = 0; i < ARRAY_SIZE(stypes); i++) { 2439 if (nl80211_register_frame(bss, bss->nl_mgmt, 2440 (WLAN_FC_TYPE_MGMT << 2) | 2441 (stypes[i] << 4), 2442 NULL, 0) < 0) { 2443 goto out_err; 2444 } 2445 } 2446 2447 if (nl80211_action_subscribe_ap(bss)) 2448 goto out_err; 2449 2450 if (nl80211_register_spurious_class3(bss)) 2451 goto out_err; 2452 2453 nl80211_mgmt_handle_register_eloop(bss); 2454 return 0; 2455 2456 out_err: 2457 nl_destroy_handles(&bss->nl_mgmt); 2458 return -1; 2459 } 2460 2461 2462 static int nl80211_mgmt_subscribe_ap_dev_sme(struct i802_bss *bss) 2463 { 2464 if (nl80211_alloc_mgmt_handle(bss)) 2465 return -1; 2466 wpa_printf(MSG_DEBUG, "nl80211: Subscribe to mgmt frames with AP " 2467 "handle %p (device SME)", bss->nl_mgmt); 2468 2469 if (nl80211_action_subscribe_ap(bss)) 2470 goto out_err; 2471 2472 if (bss->drv->device_ap_sme) { 2473 u16 type = (WLAN_FC_TYPE_MGMT << 2) | (WLAN_FC_STYPE_AUTH << 4); 2474 2475 /* Register for all Authentication frames */ 2476 if (nl80211_register_frame(bss, bss->nl_mgmt, type, NULL, 0) 2477 < 0) 2478 wpa_printf(MSG_DEBUG, 2479 "nl80211: Failed to subscribe to handle Authentication frames - SAE offload may not work"); 2480 } 2481 2482 nl80211_mgmt_handle_register_eloop(bss); 2483 return 0; 2484 2485 out_err: 2486 nl_destroy_handles(&bss->nl_mgmt); 2487 return -1; 2488 } 2489 2490 2491 static void nl80211_mgmt_unsubscribe(struct i802_bss *bss, const char *reason) 2492 { 2493 if (bss->nl_mgmt == NULL) 2494 return; 2495 wpa_printf(MSG_DEBUG, "nl80211: Unsubscribe mgmt frames handle %p " 2496 "(%s)", bss->nl_mgmt, reason); 2497 nl80211_destroy_eloop_handle(&bss->nl_mgmt, 0); 2498 2499 nl80211_put_wiphy_data_ap(bss); 2500 } 2501 2502 2503 static void wpa_driver_nl80211_send_rfkill(void *eloop_ctx, void *timeout_ctx) 2504 { 2505 wpa_supplicant_event(timeout_ctx, EVENT_INTERFACE_DISABLED, NULL); 2506 } 2507 2508 2509 static void nl80211_del_p2pdev(struct i802_bss *bss) 2510 { 2511 struct nl_msg *msg; 2512 int ret; 2513 2514 msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_DEL_INTERFACE); 2515 ret = send_and_recv_msgs(bss->drv, msg, NULL, NULL); 2516 2517 wpa_printf(MSG_DEBUG, "nl80211: Delete P2P Device %s (0x%llx): %s", 2518 bss->ifname, (long long unsigned int) bss->wdev_id, 2519 strerror(-ret)); 2520 } 2521 2522 2523 static int nl80211_set_p2pdev(struct i802_bss *bss, int start) 2524 { 2525 struct nl_msg *msg; 2526 int ret; 2527 2528 msg = nl80211_cmd_msg(bss, 0, start ? NL80211_CMD_START_P2P_DEVICE : 2529 NL80211_CMD_STOP_P2P_DEVICE); 2530 ret = send_and_recv_msgs(bss->drv, msg, NULL, NULL); 2531 2532 wpa_printf(MSG_DEBUG, "nl80211: %s P2P Device %s (0x%llx): %s", 2533 start ? "Start" : "Stop", 2534 bss->ifname, (long long unsigned int) bss->wdev_id, 2535 strerror(-ret)); 2536 return ret; 2537 } 2538 2539 2540 static int i802_set_iface_flags(struct i802_bss *bss, int up) 2541 { 2542 enum nl80211_iftype nlmode; 2543 2544 nlmode = nl80211_get_ifmode(bss); 2545 if (nlmode != NL80211_IFTYPE_P2P_DEVICE) { 2546 return linux_set_iface_flags(bss->drv->global->ioctl_sock, 2547 bss->ifname, up); 2548 } 2549 2550 /* P2P Device has start/stop which is equivalent */ 2551 return nl80211_set_p2pdev(bss, up); 2552 } 2553 2554 2555 #ifdef CONFIG_TESTING_OPTIONS 2556 static int qca_vendor_test_cmd_handler(struct nl_msg *msg, void *arg) 2557 { 2558 /* struct wpa_driver_nl80211_data *drv = arg; */ 2559 struct nlattr *tb[NL80211_ATTR_MAX + 1]; 2560 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); 2561 2562 2563 wpa_printf(MSG_DEBUG, 2564 "nl80211: QCA vendor test command response received"); 2565 2566 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), 2567 genlmsg_attrlen(gnlh, 0), NULL); 2568 if (!tb[NL80211_ATTR_VENDOR_DATA]) { 2569 wpa_printf(MSG_DEBUG, "nl80211: No vendor data attribute"); 2570 return NL_SKIP; 2571 } 2572 2573 wpa_hexdump(MSG_DEBUG, 2574 "nl80211: Received QCA vendor test command response", 2575 nla_data(tb[NL80211_ATTR_VENDOR_DATA]), 2576 nla_len(tb[NL80211_ATTR_VENDOR_DATA])); 2577 2578 return NL_SKIP; 2579 } 2580 #endif /* CONFIG_TESTING_OPTIONS */ 2581 2582 2583 static void qca_vendor_test(struct wpa_driver_nl80211_data *drv) 2584 { 2585 #ifdef CONFIG_TESTING_OPTIONS 2586 struct nl_msg *msg; 2587 struct nlattr *params; 2588 int ret; 2589 2590 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) || 2591 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) || 2592 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD, 2593 QCA_NL80211_VENDOR_SUBCMD_TEST) || 2594 !(params = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) || 2595 nla_put_u32(msg, QCA_WLAN_VENDOR_ATTR_TEST, 123)) { 2596 nlmsg_free(msg); 2597 return; 2598 } 2599 nla_nest_end(msg, params); 2600 2601 ret = send_and_recv_msgs(drv, msg, qca_vendor_test_cmd_handler, drv); 2602 wpa_printf(MSG_DEBUG, 2603 "nl80211: QCA vendor test command returned %d (%s)", 2604 ret, strerror(-ret)); 2605 #endif /* CONFIG_TESTING_OPTIONS */ 2606 } 2607 2608 2609 static int 2610 wpa_driver_nl80211_finish_drv_init(struct wpa_driver_nl80211_data *drv, 2611 const u8 *set_addr, int first, 2612 const char *driver_params) 2613 { 2614 struct i802_bss *bss = drv->first_bss; 2615 int send_rfkill_event = 0; 2616 enum nl80211_iftype nlmode; 2617 2618 drv->ifindex = if_nametoindex(bss->ifname); 2619 bss->ifindex = drv->ifindex; 2620 bss->wdev_id = drv->global->if_add_wdevid; 2621 bss->wdev_id_set = drv->global->if_add_wdevid_set; 2622 2623 bss->if_dynamic = drv->ifindex == drv->global->if_add_ifindex; 2624 bss->if_dynamic = bss->if_dynamic || drv->global->if_add_wdevid_set; 2625 drv->global->if_add_wdevid_set = 0; 2626 2627 if (!bss->if_dynamic && nl80211_get_ifmode(bss) == NL80211_IFTYPE_AP) 2628 bss->static_ap = 1; 2629 2630 if (first && 2631 nl80211_get_ifmode(bss) != NL80211_IFTYPE_P2P_DEVICE && 2632 linux_iface_up(drv->global->ioctl_sock, bss->ifname) > 0) 2633 drv->start_iface_up = 1; 2634 2635 if (wpa_driver_nl80211_capa(drv)) 2636 return -1; 2637 2638 if (driver_params && nl80211_set_param(bss, driver_params) < 0) 2639 return -1; 2640 2641 wpa_printf(MSG_DEBUG, "nl80211: interface %s in phy %s", 2642 bss->ifname, drv->phyname); 2643 2644 if (set_addr && 2645 (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 0) || 2646 linux_set_ifhwaddr(drv->global->ioctl_sock, bss->ifname, 2647 set_addr))) 2648 return -1; 2649 2650 if (first && nl80211_get_ifmode(bss) == NL80211_IFTYPE_AP) 2651 drv->start_mode_ap = 1; 2652 2653 if (drv->hostapd || bss->static_ap) 2654 nlmode = NL80211_IFTYPE_AP; 2655 else if (bss->if_dynamic || 2656 nl80211_get_ifmode(bss) == NL80211_IFTYPE_MESH_POINT) 2657 nlmode = nl80211_get_ifmode(bss); 2658 else 2659 nlmode = NL80211_IFTYPE_STATION; 2660 2661 if (wpa_driver_nl80211_set_mode(bss, nlmode) < 0) { 2662 wpa_printf(MSG_ERROR, "nl80211: Could not configure driver mode"); 2663 return -1; 2664 } 2665 2666 if (nlmode == NL80211_IFTYPE_P2P_DEVICE) 2667 nl80211_get_macaddr(bss); 2668 2669 wpa_driver_nl80211_drv_init_rfkill(drv); 2670 2671 if (!rfkill_is_blocked(drv->rfkill)) { 2672 int ret = i802_set_iface_flags(bss, 1); 2673 if (ret) { 2674 wpa_printf(MSG_ERROR, "nl80211: Could not set " 2675 "interface '%s' UP", bss->ifname); 2676 return ret; 2677 } 2678 2679 if (is_p2p_net_interface(nlmode)) 2680 nl80211_disable_11b_rates(bss->drv, 2681 bss->drv->ifindex, 1); 2682 2683 if (nlmode == NL80211_IFTYPE_P2P_DEVICE) 2684 return ret; 2685 } else { 2686 wpa_printf(MSG_DEBUG, "nl80211: Could not yet enable " 2687 "interface '%s' due to rfkill", bss->ifname); 2688 if (nlmode != NL80211_IFTYPE_P2P_DEVICE) 2689 drv->if_disabled = 1; 2690 2691 send_rfkill_event = 1; 2692 } 2693 2694 if (!drv->hostapd && nlmode != NL80211_IFTYPE_P2P_DEVICE) 2695 netlink_send_oper_ifla(drv->global->netlink, drv->ifindex, 2696 1, IF_OPER_DORMANT); 2697 2698 if (nlmode != NL80211_IFTYPE_P2P_DEVICE) { 2699 if (linux_get_ifhwaddr(drv->global->ioctl_sock, bss->ifname, 2700 bss->addr)) 2701 return -1; 2702 os_memcpy(drv->perm_addr, bss->addr, ETH_ALEN); 2703 } 2704 2705 if (send_rfkill_event) { 2706 eloop_register_timeout(0, 0, wpa_driver_nl80211_send_rfkill, 2707 drv, drv->ctx); 2708 } 2709 2710 if (drv->vendor_cmd_test_avail) 2711 qca_vendor_test(drv); 2712 2713 nl80211_init_connect_handle(bss); 2714 2715 return 0; 2716 } 2717 2718 2719 static int wpa_driver_nl80211_del_beacon(struct i802_bss *bss) 2720 { 2721 struct nl_msg *msg; 2722 struct wpa_driver_nl80211_data *drv = bss->drv; 2723 2724 wpa_printf(MSG_DEBUG, "nl80211: Remove beacon (ifindex=%d)", 2725 drv->ifindex); 2726 nl80211_put_wiphy_data_ap(bss); 2727 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_DEL_BEACON); 2728 return send_and_recv_msgs(drv, msg, NULL, NULL); 2729 } 2730 2731 2732 /** 2733 * wpa_driver_nl80211_deinit - Deinitialize nl80211 driver interface 2734 * @bss: Pointer to private nl80211 data from wpa_driver_nl80211_init() 2735 * 2736 * Shut down driver interface and processing of driver events. Free 2737 * private data buffer if one was allocated in wpa_driver_nl80211_init(). 2738 */ 2739 static void wpa_driver_nl80211_deinit(struct i802_bss *bss) 2740 { 2741 struct wpa_driver_nl80211_data *drv = bss->drv; 2742 unsigned int i; 2743 2744 wpa_printf(MSG_INFO, "nl80211: deinit ifname=%s disabled_11b_rates=%d", 2745 bss->ifname, drv->disabled_11b_rates); 2746 2747 bss->in_deinit = 1; 2748 if (drv->data_tx_status) 2749 eloop_unregister_read_sock(drv->eapol_tx_sock); 2750 if (drv->eapol_tx_sock >= 0) 2751 close(drv->eapol_tx_sock); 2752 2753 if (bss->nl_preq) 2754 wpa_driver_nl80211_probe_req_report(bss, 0); 2755 if (bss->added_if_into_bridge) { 2756 if (linux_br_del_if(drv->global->ioctl_sock, bss->brname, 2757 bss->ifname) < 0) 2758 wpa_printf(MSG_INFO, "nl80211: Failed to remove " 2759 "interface %s from bridge %s: %s", 2760 bss->ifname, bss->brname, strerror(errno)); 2761 } 2762 2763 if (drv->rtnl_sk) 2764 nl80211_handle_destroy(drv->rtnl_sk); 2765 2766 if (bss->added_bridge) { 2767 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->brname, 2768 0) < 0) 2769 wpa_printf(MSG_INFO, 2770 "nl80211: Could not set bridge %s down", 2771 bss->brname); 2772 if (linux_br_del(drv->global->ioctl_sock, bss->brname) < 0) 2773 wpa_printf(MSG_INFO, "nl80211: Failed to remove " 2774 "bridge %s: %s", 2775 bss->brname, strerror(errno)); 2776 } 2777 2778 nl80211_remove_monitor_interface(drv); 2779 2780 if (is_ap_interface(drv->nlmode)) 2781 wpa_driver_nl80211_del_beacon(bss); 2782 2783 if (drv->eapol_sock >= 0) { 2784 eloop_unregister_read_sock(drv->eapol_sock); 2785 close(drv->eapol_sock); 2786 } 2787 2788 if (drv->if_indices != drv->default_if_indices) 2789 os_free(drv->if_indices); 2790 2791 if (drv->disabled_11b_rates) 2792 nl80211_disable_11b_rates(drv, drv->ifindex, 0); 2793 2794 netlink_send_oper_ifla(drv->global->netlink, drv->ifindex, 0, 2795 IF_OPER_UP); 2796 eloop_cancel_timeout(wpa_driver_nl80211_send_rfkill, drv, drv->ctx); 2797 rfkill_deinit(drv->rfkill); 2798 2799 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv, drv->ctx); 2800 2801 if (!drv->start_iface_up) 2802 (void) i802_set_iface_flags(bss, 0); 2803 2804 if (drv->addr_changed) { 2805 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 2806 0) < 0) { 2807 wpa_printf(MSG_DEBUG, 2808 "nl80211: Could not set interface down to restore permanent MAC address"); 2809 } 2810 if (linux_set_ifhwaddr(drv->global->ioctl_sock, bss->ifname, 2811 drv->perm_addr) < 0) { 2812 wpa_printf(MSG_DEBUG, 2813 "nl80211: Could not restore permanent MAC address"); 2814 } 2815 } 2816 2817 if (drv->nlmode != NL80211_IFTYPE_P2P_DEVICE) { 2818 if (!drv->hostapd || !drv->start_mode_ap) 2819 wpa_driver_nl80211_set_mode(bss, 2820 NL80211_IFTYPE_STATION); 2821 nl80211_mgmt_unsubscribe(bss, "deinit"); 2822 } else { 2823 nl80211_mgmt_unsubscribe(bss, "deinit"); 2824 nl80211_del_p2pdev(bss); 2825 } 2826 2827 if (bss->nl_connect) 2828 nl80211_destroy_eloop_handle(&bss->nl_connect, 1); 2829 2830 nl80211_destroy_bss(drv->first_bss); 2831 2832 os_free(drv->filter_ssids); 2833 2834 os_free(drv->auth_ie); 2835 2836 if (drv->in_interface_list) 2837 dl_list_del(&drv->list); 2838 2839 os_free(drv->extended_capa); 2840 os_free(drv->extended_capa_mask); 2841 for (i = 0; i < drv->num_iface_ext_capa; i++) { 2842 os_free(drv->iface_ext_capa[i].ext_capa); 2843 os_free(drv->iface_ext_capa[i].ext_capa_mask); 2844 } 2845 os_free(drv->first_bss); 2846 os_free(drv); 2847 } 2848 2849 2850 static u32 wpa_alg_to_cipher_suite(enum wpa_alg alg, size_t key_len) 2851 { 2852 switch (alg) { 2853 case WPA_ALG_WEP: 2854 if (key_len == 5) 2855 return RSN_CIPHER_SUITE_WEP40; 2856 return RSN_CIPHER_SUITE_WEP104; 2857 case WPA_ALG_TKIP: 2858 return RSN_CIPHER_SUITE_TKIP; 2859 case WPA_ALG_CCMP: 2860 return RSN_CIPHER_SUITE_CCMP; 2861 case WPA_ALG_GCMP: 2862 return RSN_CIPHER_SUITE_GCMP; 2863 case WPA_ALG_CCMP_256: 2864 return RSN_CIPHER_SUITE_CCMP_256; 2865 case WPA_ALG_GCMP_256: 2866 return RSN_CIPHER_SUITE_GCMP_256; 2867 case WPA_ALG_IGTK: 2868 return RSN_CIPHER_SUITE_AES_128_CMAC; 2869 case WPA_ALG_BIP_GMAC_128: 2870 return RSN_CIPHER_SUITE_BIP_GMAC_128; 2871 case WPA_ALG_BIP_GMAC_256: 2872 return RSN_CIPHER_SUITE_BIP_GMAC_256; 2873 case WPA_ALG_BIP_CMAC_256: 2874 return RSN_CIPHER_SUITE_BIP_CMAC_256; 2875 case WPA_ALG_SMS4: 2876 return RSN_CIPHER_SUITE_SMS4; 2877 case WPA_ALG_KRK: 2878 return RSN_CIPHER_SUITE_KRK; 2879 case WPA_ALG_NONE: 2880 case WPA_ALG_PMK: 2881 wpa_printf(MSG_ERROR, "nl80211: Unexpected encryption algorithm %d", 2882 alg); 2883 return 0; 2884 } 2885 2886 wpa_printf(MSG_ERROR, "nl80211: Unsupported encryption algorithm %d", 2887 alg); 2888 return 0; 2889 } 2890 2891 2892 static u32 wpa_cipher_to_cipher_suite(unsigned int cipher) 2893 { 2894 switch (cipher) { 2895 case WPA_CIPHER_CCMP_256: 2896 return RSN_CIPHER_SUITE_CCMP_256; 2897 case WPA_CIPHER_GCMP_256: 2898 return RSN_CIPHER_SUITE_GCMP_256; 2899 case WPA_CIPHER_CCMP: 2900 return RSN_CIPHER_SUITE_CCMP; 2901 case WPA_CIPHER_GCMP: 2902 return RSN_CIPHER_SUITE_GCMP; 2903 case WPA_CIPHER_TKIP: 2904 return RSN_CIPHER_SUITE_TKIP; 2905 case WPA_CIPHER_WEP104: 2906 return RSN_CIPHER_SUITE_WEP104; 2907 case WPA_CIPHER_WEP40: 2908 return RSN_CIPHER_SUITE_WEP40; 2909 case WPA_CIPHER_GTK_NOT_USED: 2910 return RSN_CIPHER_SUITE_NO_GROUP_ADDRESSED; 2911 } 2912 2913 return 0; 2914 } 2915 2916 2917 static int wpa_cipher_to_cipher_suites(unsigned int ciphers, u32 suites[], 2918 int max_suites) 2919 { 2920 int num_suites = 0; 2921 2922 if (num_suites < max_suites && ciphers & WPA_CIPHER_CCMP_256) 2923 suites[num_suites++] = RSN_CIPHER_SUITE_CCMP_256; 2924 if (num_suites < max_suites && ciphers & WPA_CIPHER_GCMP_256) 2925 suites[num_suites++] = RSN_CIPHER_SUITE_GCMP_256; 2926 if (num_suites < max_suites && ciphers & WPA_CIPHER_CCMP) 2927 suites[num_suites++] = RSN_CIPHER_SUITE_CCMP; 2928 if (num_suites < max_suites && ciphers & WPA_CIPHER_GCMP) 2929 suites[num_suites++] = RSN_CIPHER_SUITE_GCMP; 2930 if (num_suites < max_suites && ciphers & WPA_CIPHER_TKIP) 2931 suites[num_suites++] = RSN_CIPHER_SUITE_TKIP; 2932 if (num_suites < max_suites && ciphers & WPA_CIPHER_WEP104) 2933 suites[num_suites++] = RSN_CIPHER_SUITE_WEP104; 2934 if (num_suites < max_suites && ciphers & WPA_CIPHER_WEP40) 2935 suites[num_suites++] = RSN_CIPHER_SUITE_WEP40; 2936 2937 return num_suites; 2938 } 2939 2940 2941 #ifdef CONFIG_DRIVER_NL80211_QCA 2942 static int issue_key_mgmt_set_key(struct wpa_driver_nl80211_data *drv, 2943 const u8 *key, size_t key_len) 2944 { 2945 struct nl_msg *msg; 2946 int ret; 2947 2948 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_KEY_MGMT_OFFLOAD)) 2949 return 0; 2950 2951 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) || 2952 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) || 2953 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD, 2954 QCA_NL80211_VENDOR_SUBCMD_KEY_MGMT_SET_KEY) || 2955 nla_put(msg, NL80211_ATTR_VENDOR_DATA, key_len, key)) { 2956 nl80211_nlmsg_clear(msg); 2957 nlmsg_free(msg); 2958 return -1; 2959 } 2960 ret = send_and_recv_msgs(drv, msg, NULL, (void *) -1); 2961 if (ret) { 2962 wpa_printf(MSG_DEBUG, 2963 "nl80211: Key management set key failed: ret=%d (%s)", 2964 ret, strerror(-ret)); 2965 } 2966 2967 return ret; 2968 } 2969 #endif /* CONFIG_DRIVER_NL80211_QCA */ 2970 2971 2972 static int nl80211_set_pmk(struct wpa_driver_nl80211_data *drv, 2973 const u8 *key, size_t key_len, 2974 const u8 *addr) 2975 { 2976 struct nl_msg *msg = NULL; 2977 int ret; 2978 2979 /* 2980 * If the authenticator address is not set, assume it is 2981 * the current BSSID. 2982 */ 2983 if (!addr && drv->associated) 2984 addr = drv->bssid; 2985 else if (!addr) 2986 return -1; 2987 2988 wpa_printf(MSG_DEBUG, "nl80211: Set PMK to the driver for " MACSTR, 2989 MAC2STR(addr)); 2990 wpa_hexdump_key(MSG_DEBUG, "nl80211: PMK", key, key_len); 2991 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_SET_PMK); 2992 if (!msg || 2993 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr) || 2994 nla_put(msg, NL80211_ATTR_PMK, key_len, key)) { 2995 nl80211_nlmsg_clear(msg); 2996 nlmsg_free(msg); 2997 return -ENOBUFS; 2998 } 2999 3000 ret = send_and_recv_msgs(drv, msg, NULL, (void *) -1); 3001 if (ret) { 3002 wpa_printf(MSG_DEBUG, "nl80211: Set PMK failed: ret=%d (%s)", 3003 ret, strerror(-ret)); 3004 } 3005 3006 return ret; 3007 } 3008 3009 3010 static int wpa_driver_nl80211_set_key(const char *ifname, struct i802_bss *bss, 3011 enum wpa_alg alg, const u8 *addr, 3012 int key_idx, int set_tx, 3013 const u8 *seq, size_t seq_len, 3014 const u8 *key, size_t key_len) 3015 { 3016 struct wpa_driver_nl80211_data *drv = bss->drv; 3017 int ifindex; 3018 struct nl_msg *msg = NULL; 3019 int ret; 3020 int tdls = 0; 3021 3022 /* Ignore for P2P Device */ 3023 if (drv->nlmode == NL80211_IFTYPE_P2P_DEVICE) 3024 return 0; 3025 3026 ifindex = if_nametoindex(ifname); 3027 wpa_printf(MSG_DEBUG, "%s: ifindex=%d (%s) alg=%d addr=%p key_idx=%d " 3028 "set_tx=%d seq_len=%lu key_len=%lu", 3029 __func__, ifindex, ifname, alg, addr, key_idx, set_tx, 3030 (unsigned long) seq_len, (unsigned long) key_len); 3031 #ifdef CONFIG_TDLS 3032 if (key_idx == -1) { 3033 key_idx = 0; 3034 tdls = 1; 3035 } 3036 #endif /* CONFIG_TDLS */ 3037 3038 #ifdef CONFIG_DRIVER_NL80211_QCA 3039 if (alg == WPA_ALG_PMK && 3040 (drv->capa.flags & WPA_DRIVER_FLAGS_KEY_MGMT_OFFLOAD)) { 3041 wpa_printf(MSG_DEBUG, "%s: calling issue_key_mgmt_set_key", 3042 __func__); 3043 ret = issue_key_mgmt_set_key(drv, key, key_len); 3044 return ret; 3045 } 3046 #endif /* CONFIG_DRIVER_NL80211_QCA */ 3047 3048 if (alg == WPA_ALG_PMK && 3049 (drv->capa.flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X)) 3050 return nl80211_set_pmk(drv, key, key_len, addr); 3051 3052 if (alg == WPA_ALG_NONE) { 3053 msg = nl80211_ifindex_msg(drv, ifindex, 0, NL80211_CMD_DEL_KEY); 3054 if (!msg) 3055 return -ENOBUFS; 3056 } else { 3057 u32 suite; 3058 3059 suite = wpa_alg_to_cipher_suite(alg, key_len); 3060 if (!suite) 3061 goto fail; 3062 msg = nl80211_ifindex_msg(drv, ifindex, 0, NL80211_CMD_NEW_KEY); 3063 if (!msg || 3064 nla_put(msg, NL80211_ATTR_KEY_DATA, key_len, key) || 3065 nla_put_u32(msg, NL80211_ATTR_KEY_CIPHER, suite)) 3066 goto fail; 3067 wpa_hexdump_key(MSG_DEBUG, "nl80211: KEY_DATA", key, key_len); 3068 } 3069 3070 if (seq && seq_len) { 3071 if (nla_put(msg, NL80211_ATTR_KEY_SEQ, seq_len, seq)) 3072 goto fail; 3073 wpa_hexdump(MSG_DEBUG, "nl80211: KEY_SEQ", seq, seq_len); 3074 } 3075 3076 if (addr && !is_broadcast_ether_addr(addr)) { 3077 wpa_printf(MSG_DEBUG, " addr=" MACSTR, MAC2STR(addr)); 3078 if (nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) 3079 goto fail; 3080 3081 if (alg != WPA_ALG_WEP && key_idx && !set_tx) { 3082 wpa_printf(MSG_DEBUG, " RSN IBSS RX GTK"); 3083 if (nla_put_u32(msg, NL80211_ATTR_KEY_TYPE, 3084 NL80211_KEYTYPE_GROUP)) 3085 goto fail; 3086 } 3087 } else if (addr && is_broadcast_ether_addr(addr)) { 3088 struct nlattr *types; 3089 3090 wpa_printf(MSG_DEBUG, " broadcast key"); 3091 3092 types = nla_nest_start(msg, NL80211_ATTR_KEY_DEFAULT_TYPES); 3093 if (!types || 3094 nla_put_flag(msg, NL80211_KEY_DEFAULT_TYPE_MULTICAST)) 3095 goto fail; 3096 nla_nest_end(msg, types); 3097 } 3098 if (nla_put_u8(msg, NL80211_ATTR_KEY_IDX, key_idx)) 3099 goto fail; 3100 3101 ret = send_and_recv_msgs(drv, msg, NULL, key ? (void *) -1 : NULL); 3102 if ((ret == -ENOENT || ret == -ENOLINK) && alg == WPA_ALG_NONE) 3103 ret = 0; 3104 if (ret) 3105 wpa_printf(MSG_DEBUG, "nl80211: set_key failed; err=%d %s)", 3106 ret, strerror(-ret)); 3107 3108 /* 3109 * If we failed or don't need to set the default TX key (below), 3110 * we're done here. 3111 */ 3112 if (ret || !set_tx || alg == WPA_ALG_NONE || tdls) 3113 return ret; 3114 if (is_ap_interface(drv->nlmode) && addr && 3115 !is_broadcast_ether_addr(addr)) 3116 return ret; 3117 3118 msg = nl80211_ifindex_msg(drv, ifindex, 0, NL80211_CMD_SET_KEY); 3119 if (!msg || 3120 nla_put_u8(msg, NL80211_ATTR_KEY_IDX, key_idx) || 3121 nla_put_flag(msg, (alg == WPA_ALG_IGTK || 3122 alg == WPA_ALG_BIP_GMAC_128 || 3123 alg == WPA_ALG_BIP_GMAC_256 || 3124 alg == WPA_ALG_BIP_CMAC_256) ? 3125 NL80211_ATTR_KEY_DEFAULT_MGMT : 3126 NL80211_ATTR_KEY_DEFAULT)) 3127 goto fail; 3128 if (addr && is_broadcast_ether_addr(addr)) { 3129 struct nlattr *types; 3130 3131 types = nla_nest_start(msg, NL80211_ATTR_KEY_DEFAULT_TYPES); 3132 if (!types || 3133 nla_put_flag(msg, NL80211_KEY_DEFAULT_TYPE_MULTICAST)) 3134 goto fail; 3135 nla_nest_end(msg, types); 3136 } else if (addr) { 3137 struct nlattr *types; 3138 3139 types = nla_nest_start(msg, NL80211_ATTR_KEY_DEFAULT_TYPES); 3140 if (!types || 3141 nla_put_flag(msg, NL80211_KEY_DEFAULT_TYPE_UNICAST)) 3142 goto fail; 3143 nla_nest_end(msg, types); 3144 } 3145 3146 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 3147 if (ret == -ENOENT) 3148 ret = 0; 3149 if (ret) 3150 wpa_printf(MSG_DEBUG, "nl80211: set_key default failed; " 3151 "err=%d %s)", ret, strerror(-ret)); 3152 return ret; 3153 3154 fail: 3155 nl80211_nlmsg_clear(msg); 3156 nlmsg_free(msg); 3157 return -ENOBUFS; 3158 } 3159 3160 3161 static int nl_add_key(struct nl_msg *msg, enum wpa_alg alg, 3162 int key_idx, int defkey, 3163 const u8 *seq, size_t seq_len, 3164 const u8 *key, size_t key_len) 3165 { 3166 struct nlattr *key_attr = nla_nest_start(msg, NL80211_ATTR_KEY); 3167 u32 suite; 3168 3169 if (!key_attr) 3170 return -1; 3171 3172 suite = wpa_alg_to_cipher_suite(alg, key_len); 3173 if (!suite) 3174 return -1; 3175 3176 if (defkey && alg == WPA_ALG_IGTK) { 3177 if (nla_put_flag(msg, NL80211_KEY_DEFAULT_MGMT)) 3178 return -1; 3179 } else if (defkey) { 3180 if (nla_put_flag(msg, NL80211_KEY_DEFAULT)) 3181 return -1; 3182 } 3183 3184 if (nla_put_u8(msg, NL80211_KEY_IDX, key_idx) || 3185 nla_put_u32(msg, NL80211_KEY_CIPHER, suite) || 3186 (seq && seq_len && 3187 nla_put(msg, NL80211_KEY_SEQ, seq_len, seq)) || 3188 nla_put(msg, NL80211_KEY_DATA, key_len, key)) 3189 return -1; 3190 3191 nla_nest_end(msg, key_attr); 3192 3193 return 0; 3194 } 3195 3196 3197 static int nl80211_set_conn_keys(struct wpa_driver_associate_params *params, 3198 struct nl_msg *msg) 3199 { 3200 int i, privacy = 0; 3201 struct nlattr *nl_keys, *nl_key; 3202 3203 for (i = 0; i < 4; i++) { 3204 if (!params->wep_key[i]) 3205 continue; 3206 privacy = 1; 3207 break; 3208 } 3209 if (params->wps == WPS_MODE_PRIVACY) 3210 privacy = 1; 3211 if (params->pairwise_suite && 3212 params->pairwise_suite != WPA_CIPHER_NONE) 3213 privacy = 1; 3214 3215 if (!privacy) 3216 return 0; 3217 3218 if (nla_put_flag(msg, NL80211_ATTR_PRIVACY)) 3219 return -ENOBUFS; 3220 3221 nl_keys = nla_nest_start(msg, NL80211_ATTR_KEYS); 3222 if (!nl_keys) 3223 return -ENOBUFS; 3224 3225 for (i = 0; i < 4; i++) { 3226 if (!params->wep_key[i]) 3227 continue; 3228 3229 nl_key = nla_nest_start(msg, i); 3230 if (!nl_key || 3231 nla_put(msg, NL80211_KEY_DATA, params->wep_key_len[i], 3232 params->wep_key[i]) || 3233 nla_put_u32(msg, NL80211_KEY_CIPHER, 3234 params->wep_key_len[i] == 5 ? 3235 RSN_CIPHER_SUITE_WEP40 : 3236 RSN_CIPHER_SUITE_WEP104) || 3237 nla_put_u8(msg, NL80211_KEY_IDX, i) || 3238 (i == params->wep_tx_keyidx && 3239 nla_put_flag(msg, NL80211_KEY_DEFAULT))) 3240 return -ENOBUFS; 3241 3242 nla_nest_end(msg, nl_key); 3243 } 3244 nla_nest_end(msg, nl_keys); 3245 3246 return 0; 3247 } 3248 3249 3250 int wpa_driver_nl80211_mlme(struct wpa_driver_nl80211_data *drv, 3251 const u8 *addr, int cmd, u16 reason_code, 3252 int local_state_change, 3253 struct nl_handle *nl_connect) 3254 { 3255 int ret; 3256 struct nl_msg *msg; 3257 3258 if (!(msg = nl80211_drv_msg(drv, 0, cmd)) || 3259 nla_put_u16(msg, NL80211_ATTR_REASON_CODE, reason_code) || 3260 (addr && nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) || 3261 (local_state_change && 3262 nla_put_flag(msg, NL80211_ATTR_LOCAL_STATE_CHANGE))) { 3263 nlmsg_free(msg); 3264 return -1; 3265 } 3266 3267 if (nl_connect) 3268 ret = send_and_recv(drv->global, nl_connect, msg, NULL, NULL); 3269 else 3270 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 3271 if (ret) { 3272 wpa_dbg(drv->ctx, MSG_DEBUG, 3273 "nl80211: MLME command failed: reason=%u ret=%d (%s)", 3274 reason_code, ret, strerror(-ret)); 3275 } 3276 return ret; 3277 } 3278 3279 3280 static int wpa_driver_nl80211_disconnect(struct wpa_driver_nl80211_data *drv, 3281 u16 reason_code, 3282 struct nl_handle *nl_connect) 3283 { 3284 int ret; 3285 int drv_associated = drv->associated; 3286 3287 wpa_printf(MSG_DEBUG, "%s(reason_code=%d)", __func__, reason_code); 3288 nl80211_mark_disconnected(drv); 3289 /* Disconnect command doesn't need BSSID - it uses cached value */ 3290 ret = wpa_driver_nl80211_mlme(drv, NULL, NL80211_CMD_DISCONNECT, 3291 reason_code, 0, nl_connect); 3292 /* 3293 * For locally generated disconnect, supplicant already generates a 3294 * DEAUTH event, so ignore the event from NL80211. 3295 */ 3296 drv->ignore_next_local_disconnect = drv_associated && (ret == 0); 3297 3298 return ret; 3299 } 3300 3301 3302 static int wpa_driver_nl80211_deauthenticate(struct i802_bss *bss, 3303 const u8 *addr, u16 reason_code) 3304 { 3305 struct wpa_driver_nl80211_data *drv = bss->drv; 3306 int ret; 3307 int drv_associated = drv->associated; 3308 3309 if (drv->nlmode == NL80211_IFTYPE_ADHOC) { 3310 nl80211_mark_disconnected(drv); 3311 return nl80211_leave_ibss(drv, 1); 3312 } 3313 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME)) { 3314 struct nl_handle *nl_connect = NULL; 3315 3316 if (bss->use_nl_connect) 3317 nl_connect = bss->nl_connect; 3318 return wpa_driver_nl80211_disconnect(drv, reason_code, 3319 nl_connect); 3320 } 3321 wpa_printf(MSG_DEBUG, "%s(addr=" MACSTR " reason_code=%d)", 3322 __func__, MAC2STR(addr), reason_code); 3323 nl80211_mark_disconnected(drv); 3324 ret = wpa_driver_nl80211_mlme(drv, addr, NL80211_CMD_DEAUTHENTICATE, 3325 reason_code, 0, NULL); 3326 /* 3327 * For locally generated deauthenticate, supplicant already generates a 3328 * DEAUTH event, so ignore the event from NL80211. 3329 */ 3330 drv->ignore_next_local_deauth = drv_associated && (ret == 0); 3331 3332 return ret; 3333 } 3334 3335 3336 static void nl80211_copy_auth_params(struct wpa_driver_nl80211_data *drv, 3337 struct wpa_driver_auth_params *params) 3338 { 3339 int i; 3340 3341 drv->auth_freq = params->freq; 3342 drv->auth_alg = params->auth_alg; 3343 drv->auth_wep_tx_keyidx = params->wep_tx_keyidx; 3344 drv->auth_local_state_change = params->local_state_change; 3345 drv->auth_p2p = params->p2p; 3346 3347 if (params->bssid) 3348 os_memcpy(drv->auth_bssid_, params->bssid, ETH_ALEN); 3349 else 3350 os_memset(drv->auth_bssid_, 0, ETH_ALEN); 3351 3352 if (params->ssid) { 3353 os_memcpy(drv->auth_ssid, params->ssid, params->ssid_len); 3354 drv->auth_ssid_len = params->ssid_len; 3355 } else 3356 drv->auth_ssid_len = 0; 3357 3358 3359 os_free(drv->auth_ie); 3360 drv->auth_ie = NULL; 3361 drv->auth_ie_len = 0; 3362 if (params->ie) { 3363 drv->auth_ie = os_malloc(params->ie_len); 3364 if (drv->auth_ie) { 3365 os_memcpy(drv->auth_ie, params->ie, params->ie_len); 3366 drv->auth_ie_len = params->ie_len; 3367 } 3368 } 3369 3370 for (i = 0; i < 4; i++) { 3371 if (params->wep_key[i] && params->wep_key_len[i] && 3372 params->wep_key_len[i] <= 16) { 3373 os_memcpy(drv->auth_wep_key[i], params->wep_key[i], 3374 params->wep_key_len[i]); 3375 drv->auth_wep_key_len[i] = params->wep_key_len[i]; 3376 } else 3377 drv->auth_wep_key_len[i] = 0; 3378 } 3379 } 3380 3381 3382 static void nl80211_unmask_11b_rates(struct i802_bss *bss) 3383 { 3384 struct wpa_driver_nl80211_data *drv = bss->drv; 3385 3386 if (is_p2p_net_interface(drv->nlmode) || !drv->disabled_11b_rates) 3387 return; 3388 3389 /* 3390 * Looks like we failed to unmask 11b rates previously. This could 3391 * happen, e.g., if the interface was down at the point in time when a 3392 * P2P group was terminated. 3393 */ 3394 wpa_printf(MSG_DEBUG, 3395 "nl80211: Interface %s mode is for non-P2P, but 11b rates were disabled - re-enable them", 3396 bss->ifname); 3397 nl80211_disable_11b_rates(drv, drv->ifindex, 0); 3398 } 3399 3400 3401 static enum nl80211_auth_type get_nl_auth_type(int wpa_auth_alg) 3402 { 3403 if (wpa_auth_alg & WPA_AUTH_ALG_OPEN) 3404 return NL80211_AUTHTYPE_OPEN_SYSTEM; 3405 if (wpa_auth_alg & WPA_AUTH_ALG_SHARED) 3406 return NL80211_AUTHTYPE_SHARED_KEY; 3407 if (wpa_auth_alg & WPA_AUTH_ALG_LEAP) 3408 return NL80211_AUTHTYPE_NETWORK_EAP; 3409 if (wpa_auth_alg & WPA_AUTH_ALG_FT) 3410 return NL80211_AUTHTYPE_FT; 3411 if (wpa_auth_alg & WPA_AUTH_ALG_SAE) 3412 return NL80211_AUTHTYPE_SAE; 3413 if (wpa_auth_alg & WPA_AUTH_ALG_FILS) 3414 return NL80211_AUTHTYPE_FILS_SK; 3415 if (wpa_auth_alg & WPA_AUTH_ALG_FILS_SK_PFS) 3416 return NL80211_AUTHTYPE_FILS_SK_PFS; 3417 3418 return NL80211_AUTHTYPE_MAX; 3419 } 3420 3421 3422 static int wpa_driver_nl80211_authenticate( 3423 struct i802_bss *bss, struct wpa_driver_auth_params *params) 3424 { 3425 struct wpa_driver_nl80211_data *drv = bss->drv; 3426 int ret = -1, i; 3427 struct nl_msg *msg; 3428 enum nl80211_auth_type type; 3429 enum nl80211_iftype nlmode; 3430 int count = 0; 3431 int is_retry; 3432 3433 nl80211_unmask_11b_rates(bss); 3434 3435 is_retry = drv->retry_auth; 3436 drv->retry_auth = 0; 3437 drv->ignore_deauth_event = 0; 3438 3439 nl80211_mark_disconnected(drv); 3440 os_memset(drv->auth_bssid, 0, ETH_ALEN); 3441 if (params->bssid) 3442 os_memcpy(drv->auth_attempt_bssid, params->bssid, ETH_ALEN); 3443 else 3444 os_memset(drv->auth_attempt_bssid, 0, ETH_ALEN); 3445 /* FIX: IBSS mode */ 3446 nlmode = params->p2p ? 3447 NL80211_IFTYPE_P2P_CLIENT : NL80211_IFTYPE_STATION; 3448 if (drv->nlmode != nlmode && 3449 wpa_driver_nl80211_set_mode(bss, nlmode) < 0) 3450 return -1; 3451 3452 retry: 3453 wpa_printf(MSG_DEBUG, "nl80211: Authenticate (ifindex=%d)", 3454 drv->ifindex); 3455 3456 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_AUTHENTICATE); 3457 if (!msg) 3458 goto fail; 3459 3460 for (i = 0; i < 4; i++) { 3461 if (!params->wep_key[i]) 3462 continue; 3463 wpa_driver_nl80211_set_key(bss->ifname, bss, WPA_ALG_WEP, 3464 NULL, i, 3465 i == params->wep_tx_keyidx, NULL, 0, 3466 params->wep_key[i], 3467 params->wep_key_len[i]); 3468 if (params->wep_tx_keyidx != i) 3469 continue; 3470 if (nl_add_key(msg, WPA_ALG_WEP, i, 1, NULL, 0, 3471 params->wep_key[i], params->wep_key_len[i])) 3472 goto fail; 3473 } 3474 3475 if (params->bssid) { 3476 wpa_printf(MSG_DEBUG, " * bssid=" MACSTR, 3477 MAC2STR(params->bssid)); 3478 if (nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid)) 3479 goto fail; 3480 } 3481 if (params->freq) { 3482 wpa_printf(MSG_DEBUG, " * freq=%d", params->freq); 3483 if (nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, params->freq)) 3484 goto fail; 3485 } 3486 if (params->ssid) { 3487 wpa_printf(MSG_DEBUG, " * SSID=%s", 3488 wpa_ssid_txt(params->ssid, params->ssid_len)); 3489 if (nla_put(msg, NL80211_ATTR_SSID, params->ssid_len, 3490 params->ssid)) 3491 goto fail; 3492 } 3493 wpa_hexdump(MSG_DEBUG, " * IEs", params->ie, params->ie_len); 3494 if (params->ie && 3495 nla_put(msg, NL80211_ATTR_IE, params->ie_len, params->ie)) 3496 goto fail; 3497 if (params->auth_data) { 3498 wpa_hexdump(MSG_DEBUG, " * auth_data", params->auth_data, 3499 params->auth_data_len); 3500 if (nla_put(msg, NL80211_ATTR_SAE_DATA, params->auth_data_len, 3501 params->auth_data)) 3502 goto fail; 3503 } 3504 type = get_nl_auth_type(params->auth_alg); 3505 wpa_printf(MSG_DEBUG, " * Auth Type %d", type); 3506 if (type == NL80211_AUTHTYPE_MAX || 3507 nla_put_u32(msg, NL80211_ATTR_AUTH_TYPE, type)) 3508 goto fail; 3509 if (params->local_state_change) { 3510 wpa_printf(MSG_DEBUG, " * Local state change only"); 3511 if (nla_put_flag(msg, NL80211_ATTR_LOCAL_STATE_CHANGE)) 3512 goto fail; 3513 } 3514 3515 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 3516 msg = NULL; 3517 if (ret) { 3518 wpa_dbg(drv->ctx, MSG_DEBUG, 3519 "nl80211: MLME command failed (auth): count=%d ret=%d (%s)", 3520 count, ret, strerror(-ret)); 3521 count++; 3522 if ((ret == -EALREADY || ret == -EEXIST) && count == 1 && 3523 params->bssid && !params->local_state_change) { 3524 /* 3525 * mac80211 does not currently accept new 3526 * authentication if we are already authenticated. As a 3527 * workaround, force deauthentication and try again. 3528 */ 3529 wpa_printf(MSG_DEBUG, "nl80211: Retry authentication " 3530 "after forced deauthentication"); 3531 drv->ignore_deauth_event = 1; 3532 wpa_driver_nl80211_deauthenticate( 3533 bss, params->bssid, 3534 WLAN_REASON_PREV_AUTH_NOT_VALID); 3535 nlmsg_free(msg); 3536 goto retry; 3537 } 3538 3539 if (ret == -ENOENT && params->freq && !is_retry) { 3540 /* 3541 * cfg80211 has likely expired the BSS entry even 3542 * though it was previously available in our internal 3543 * BSS table. To recover quickly, start a single 3544 * channel scan on the specified channel. 3545 */ 3546 struct wpa_driver_scan_params scan; 3547 int freqs[2]; 3548 3549 os_memset(&scan, 0, sizeof(scan)); 3550 scan.num_ssids = 1; 3551 if (params->ssid) { 3552 scan.ssids[0].ssid = params->ssid; 3553 scan.ssids[0].ssid_len = params->ssid_len; 3554 } 3555 freqs[0] = params->freq; 3556 freqs[1] = 0; 3557 scan.freqs = freqs; 3558 wpa_printf(MSG_DEBUG, "nl80211: Trigger single " 3559 "channel scan to refresh cfg80211 BSS " 3560 "entry"); 3561 ret = wpa_driver_nl80211_scan(bss, &scan); 3562 if (ret == 0) { 3563 nl80211_copy_auth_params(drv, params); 3564 drv->scan_for_auth = 1; 3565 } 3566 } else if (is_retry) { 3567 /* 3568 * Need to indicate this with an event since the return 3569 * value from the retry is not delivered to core code. 3570 */ 3571 union wpa_event_data event; 3572 wpa_printf(MSG_DEBUG, "nl80211: Authentication retry " 3573 "failed"); 3574 os_memset(&event, 0, sizeof(event)); 3575 os_memcpy(event.timeout_event.addr, drv->auth_bssid_, 3576 ETH_ALEN); 3577 wpa_supplicant_event(drv->ctx, EVENT_AUTH_TIMED_OUT, 3578 &event); 3579 } 3580 } else { 3581 wpa_printf(MSG_DEBUG, 3582 "nl80211: Authentication request send successfully"); 3583 } 3584 3585 fail: 3586 nlmsg_free(msg); 3587 return ret; 3588 } 3589 3590 3591 int wpa_driver_nl80211_authenticate_retry(struct wpa_driver_nl80211_data *drv) 3592 { 3593 struct wpa_driver_auth_params params; 3594 struct i802_bss *bss = drv->first_bss; 3595 int i; 3596 3597 wpa_printf(MSG_DEBUG, "nl80211: Try to authenticate again"); 3598 3599 os_memset(¶ms, 0, sizeof(params)); 3600 params.freq = drv->auth_freq; 3601 params.auth_alg = drv->auth_alg; 3602 params.wep_tx_keyidx = drv->auth_wep_tx_keyidx; 3603 params.local_state_change = drv->auth_local_state_change; 3604 params.p2p = drv->auth_p2p; 3605 3606 if (!is_zero_ether_addr(drv->auth_bssid_)) 3607 params.bssid = drv->auth_bssid_; 3608 3609 if (drv->auth_ssid_len) { 3610 params.ssid = drv->auth_ssid; 3611 params.ssid_len = drv->auth_ssid_len; 3612 } 3613 3614 params.ie = drv->auth_ie; 3615 params.ie_len = drv->auth_ie_len; 3616 3617 for (i = 0; i < 4; i++) { 3618 if (drv->auth_wep_key_len[i]) { 3619 params.wep_key[i] = drv->auth_wep_key[i]; 3620 params.wep_key_len[i] = drv->auth_wep_key_len[i]; 3621 } 3622 } 3623 3624 drv->retry_auth = 1; 3625 return wpa_driver_nl80211_authenticate(bss, ¶ms); 3626 } 3627 3628 3629 static int wpa_driver_nl80211_send_frame(struct i802_bss *bss, 3630 const void *data, size_t len, 3631 int encrypt, int noack, 3632 unsigned int freq, int no_cck, 3633 int offchanok, unsigned int wait_time, 3634 const u16 *csa_offs, 3635 size_t csa_offs_len) 3636 { 3637 struct wpa_driver_nl80211_data *drv = bss->drv; 3638 u64 cookie; 3639 int res; 3640 3641 if (freq == 0 && drv->nlmode == NL80211_IFTYPE_ADHOC) { 3642 freq = nl80211_get_assoc_freq(drv); 3643 wpa_printf(MSG_DEBUG, 3644 "nl80211: send_frame - Use assoc_freq=%u for IBSS", 3645 freq); 3646 } 3647 if (freq == 0) { 3648 wpa_printf(MSG_DEBUG, "nl80211: send_frame - Use bss->freq=%u", 3649 bss->freq); 3650 freq = bss->freq; 3651 } 3652 3653 if (drv->use_monitor) { 3654 wpa_printf(MSG_DEBUG, "nl80211: send_frame(freq=%u bss->freq=%u) -> send_monitor", 3655 freq, bss->freq); 3656 return nl80211_send_monitor(drv, data, len, encrypt, noack); 3657 } 3658 3659 wpa_printf(MSG_DEBUG, "nl80211: send_frame -> send_frame_cmd"); 3660 res = nl80211_send_frame_cmd(bss, freq, wait_time, data, len, 3661 &cookie, no_cck, noack, offchanok, 3662 csa_offs, csa_offs_len); 3663 if (res == 0 && !noack) { 3664 const struct ieee80211_mgmt *mgmt; 3665 u16 fc; 3666 3667 mgmt = (const struct ieee80211_mgmt *) data; 3668 fc = le_to_host16(mgmt->frame_control); 3669 if (WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT && 3670 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_ACTION) { 3671 wpa_printf(MSG_MSGDUMP, 3672 "nl80211: Update send_action_cookie from 0x%llx to 0x%llx", 3673 (long long unsigned int) 3674 drv->send_action_cookie, 3675 (long long unsigned int) cookie); 3676 drv->send_action_cookie = cookie; 3677 } 3678 } 3679 3680 return res; 3681 } 3682 3683 3684 static int wpa_driver_nl80211_send_mlme(struct i802_bss *bss, const u8 *data, 3685 size_t data_len, int noack, 3686 unsigned int freq, int no_cck, 3687 int offchanok, 3688 unsigned int wait_time, 3689 const u16 *csa_offs, 3690 size_t csa_offs_len) 3691 { 3692 struct wpa_driver_nl80211_data *drv = bss->drv; 3693 struct ieee80211_mgmt *mgmt; 3694 int encrypt = 1; 3695 u16 fc; 3696 3697 mgmt = (struct ieee80211_mgmt *) data; 3698 fc = le_to_host16(mgmt->frame_control); 3699 wpa_printf(MSG_DEBUG, "nl80211: send_mlme - da= " MACSTR 3700 " noack=%d freq=%u no_cck=%d offchanok=%d wait_time=%u fc=0x%x (%s) nlmode=%d", 3701 MAC2STR(mgmt->da), noack, freq, no_cck, offchanok, wait_time, 3702 fc, fc2str(fc), drv->nlmode); 3703 3704 if ((is_sta_interface(drv->nlmode) || 3705 drv->nlmode == NL80211_IFTYPE_P2P_DEVICE) && 3706 WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT && 3707 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_PROBE_RESP) { 3708 /* 3709 * The use of last_mgmt_freq is a bit of a hack, 3710 * but it works due to the single-threaded nature 3711 * of wpa_supplicant. 3712 */ 3713 if (freq == 0) { 3714 wpa_printf(MSG_DEBUG, "nl80211: Use last_mgmt_freq=%d", 3715 drv->last_mgmt_freq); 3716 freq = drv->last_mgmt_freq; 3717 } 3718 return nl80211_send_frame_cmd(bss, freq, 0, 3719 data, data_len, NULL, 1, noack, 3720 1, csa_offs, csa_offs_len); 3721 } 3722 3723 if (drv->device_ap_sme && is_ap_interface(drv->nlmode)) { 3724 if (freq == 0) { 3725 wpa_printf(MSG_DEBUG, "nl80211: Use bss->freq=%d", 3726 bss->freq); 3727 freq = bss->freq; 3728 } 3729 return nl80211_send_frame_cmd(bss, freq, 3730 (int) freq == bss->freq ? 0 : 3731 wait_time, 3732 data, data_len, 3733 &drv->send_action_cookie, 3734 no_cck, noack, offchanok, 3735 csa_offs, csa_offs_len); 3736 } 3737 3738 if (WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT && 3739 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_AUTH) { 3740 /* 3741 * Only one of the authentication frame types is encrypted. 3742 * In order for static WEP encryption to work properly (i.e., 3743 * to not encrypt the frame), we need to tell mac80211 about 3744 * the frames that must not be encrypted. 3745 */ 3746 u16 auth_alg = le_to_host16(mgmt->u.auth.auth_alg); 3747 u16 auth_trans = le_to_host16(mgmt->u.auth.auth_transaction); 3748 if (auth_alg != WLAN_AUTH_SHARED_KEY || auth_trans != 3) 3749 encrypt = 0; 3750 } 3751 3752 wpa_printf(MSG_DEBUG, "nl80211: send_mlme -> send_frame"); 3753 return wpa_driver_nl80211_send_frame(bss, data, data_len, encrypt, 3754 noack, freq, no_cck, offchanok, 3755 wait_time, csa_offs, 3756 csa_offs_len); 3757 } 3758 3759 3760 static int nl80211_put_basic_rates(struct nl_msg *msg, const int *basic_rates) 3761 { 3762 u8 rates[NL80211_MAX_SUPP_RATES]; 3763 u8 rates_len = 0; 3764 int i; 3765 3766 if (!basic_rates) 3767 return 0; 3768 3769 for (i = 0; i < NL80211_MAX_SUPP_RATES && basic_rates[i] >= 0; i++) 3770 rates[rates_len++] = basic_rates[i] / 5; 3771 3772 return nla_put(msg, NL80211_ATTR_BSS_BASIC_RATES, rates_len, rates); 3773 } 3774 3775 3776 static int nl80211_set_bss(struct i802_bss *bss, int cts, int preamble, 3777 int slot, int ht_opmode, int ap_isolate, 3778 const int *basic_rates) 3779 { 3780 struct wpa_driver_nl80211_data *drv = bss->drv; 3781 struct nl_msg *msg; 3782 3783 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_BSS)) || 3784 (cts >= 0 && 3785 nla_put_u8(msg, NL80211_ATTR_BSS_CTS_PROT, cts)) || 3786 (preamble >= 0 && 3787 nla_put_u8(msg, NL80211_ATTR_BSS_SHORT_PREAMBLE, preamble)) || 3788 (slot >= 0 && 3789 nla_put_u8(msg, NL80211_ATTR_BSS_SHORT_SLOT_TIME, slot)) || 3790 (ht_opmode >= 0 && 3791 nla_put_u16(msg, NL80211_ATTR_BSS_HT_OPMODE, ht_opmode)) || 3792 (ap_isolate >= 0 && 3793 nla_put_u8(msg, NL80211_ATTR_AP_ISOLATE, ap_isolate)) || 3794 nl80211_put_basic_rates(msg, basic_rates)) { 3795 nlmsg_free(msg); 3796 return -ENOBUFS; 3797 } 3798 3799 return send_and_recv_msgs(drv, msg, NULL, NULL); 3800 } 3801 3802 3803 static int wpa_driver_nl80211_set_acl(void *priv, 3804 struct hostapd_acl_params *params) 3805 { 3806 struct i802_bss *bss = priv; 3807 struct wpa_driver_nl80211_data *drv = bss->drv; 3808 struct nl_msg *msg; 3809 struct nl_msg *acl; 3810 unsigned int i; 3811 int ret; 3812 3813 if (!(drv->capa.max_acl_mac_addrs)) 3814 return -ENOTSUP; 3815 3816 if (params->num_mac_acl > drv->capa.max_acl_mac_addrs) 3817 return -ENOTSUP; 3818 3819 wpa_printf(MSG_DEBUG, "nl80211: Set %s ACL (num_mac_acl=%u)", 3820 params->acl_policy ? "Accept" : "Deny", params->num_mac_acl); 3821 3822 acl = nlmsg_alloc(); 3823 if (!acl) 3824 return -ENOMEM; 3825 for (i = 0; i < params->num_mac_acl; i++) { 3826 if (nla_put(acl, i + 1, ETH_ALEN, params->mac_acl[i].addr)) { 3827 nlmsg_free(acl); 3828 return -ENOMEM; 3829 } 3830 } 3831 3832 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_SET_MAC_ACL)) || 3833 nla_put_u32(msg, NL80211_ATTR_ACL_POLICY, params->acl_policy ? 3834 NL80211_ACL_POLICY_DENY_UNLESS_LISTED : 3835 NL80211_ACL_POLICY_ACCEPT_UNLESS_LISTED) || 3836 nla_put_nested(msg, NL80211_ATTR_MAC_ADDRS, acl)) { 3837 nlmsg_free(msg); 3838 nlmsg_free(acl); 3839 return -ENOMEM; 3840 } 3841 nlmsg_free(acl); 3842 3843 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 3844 if (ret) { 3845 wpa_printf(MSG_DEBUG, "nl80211: Failed to set MAC ACL: %d (%s)", 3846 ret, strerror(-ret)); 3847 } 3848 3849 return ret; 3850 } 3851 3852 3853 static int nl80211_put_beacon_int(struct nl_msg *msg, int beacon_int) 3854 { 3855 if (beacon_int > 0) { 3856 wpa_printf(MSG_DEBUG, " * beacon_int=%d", beacon_int); 3857 return nla_put_u32(msg, NL80211_ATTR_BEACON_INTERVAL, 3858 beacon_int); 3859 } 3860 3861 return 0; 3862 } 3863 3864 3865 static int nl80211_put_dtim_period(struct nl_msg *msg, int dtim_period) 3866 { 3867 if (dtim_period > 0) { 3868 wpa_printf(MSG_DEBUG, " * dtim_period=%d", dtim_period); 3869 return nla_put_u32(msg, NL80211_ATTR_DTIM_PERIOD, dtim_period); 3870 } 3871 3872 return 0; 3873 } 3874 3875 3876 #ifdef CONFIG_MESH 3877 static int nl80211_set_mesh_config(void *priv, 3878 struct wpa_driver_mesh_bss_params *params) 3879 { 3880 struct i802_bss *bss = priv; 3881 struct wpa_driver_nl80211_data *drv = bss->drv; 3882 struct nl_msg *msg; 3883 int ret; 3884 3885 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_SET_MESH_CONFIG); 3886 if (!msg) 3887 return -1; 3888 3889 ret = nl80211_put_mesh_config(msg, params); 3890 if (ret < 0) { 3891 nlmsg_free(msg); 3892 return ret; 3893 } 3894 3895 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 3896 if (ret) { 3897 wpa_printf(MSG_ERROR, 3898 "nl80211: Mesh config set failed: %d (%s)", 3899 ret, strerror(-ret)); 3900 return ret; 3901 } 3902 return 0; 3903 } 3904 #endif /* CONFIG_MESH */ 3905 3906 3907 static int nl80211_put_beacon_rate(struct nl_msg *msg, const u64 flags, 3908 struct wpa_driver_ap_params *params) 3909 { 3910 struct nlattr *bands, *band; 3911 struct nl80211_txrate_vht vht_rate; 3912 3913 if (!params->freq || 3914 (params->beacon_rate == 0 && 3915 params->rate_type == BEACON_RATE_LEGACY)) 3916 return 0; 3917 3918 bands = nla_nest_start(msg, NL80211_ATTR_TX_RATES); 3919 if (!bands) 3920 return -1; 3921 3922 switch (params->freq->mode) { 3923 case HOSTAPD_MODE_IEEE80211B: 3924 case HOSTAPD_MODE_IEEE80211G: 3925 band = nla_nest_start(msg, NL80211_BAND_2GHZ); 3926 break; 3927 case HOSTAPD_MODE_IEEE80211A: 3928 band = nla_nest_start(msg, NL80211_BAND_5GHZ); 3929 break; 3930 case HOSTAPD_MODE_IEEE80211AD: 3931 band = nla_nest_start(msg, NL80211_BAND_60GHZ); 3932 break; 3933 default: 3934 return 0; 3935 } 3936 3937 if (!band) 3938 return -1; 3939 3940 os_memset(&vht_rate, 0, sizeof(vht_rate)); 3941 3942 switch (params->rate_type) { 3943 case BEACON_RATE_LEGACY: 3944 if (!(flags & WPA_DRIVER_FLAGS_BEACON_RATE_LEGACY)) { 3945 wpa_printf(MSG_INFO, 3946 "nl80211: Driver does not support setting Beacon frame rate (legacy)"); 3947 return -1; 3948 } 3949 3950 if (nla_put_u8(msg, NL80211_TXRATE_LEGACY, 3951 (u8) params->beacon_rate / 5) || 3952 nla_put(msg, NL80211_TXRATE_HT, 0, NULL) || 3953 (params->freq->vht_enabled && 3954 nla_put(msg, NL80211_TXRATE_VHT, sizeof(vht_rate), 3955 &vht_rate))) 3956 return -1; 3957 3958 wpa_printf(MSG_DEBUG, " * beacon_rate = legacy:%u (* 100 kbps)", 3959 params->beacon_rate); 3960 break; 3961 case BEACON_RATE_HT: 3962 if (!(flags & WPA_DRIVER_FLAGS_BEACON_RATE_HT)) { 3963 wpa_printf(MSG_INFO, 3964 "nl80211: Driver does not support setting Beacon frame rate (HT)"); 3965 return -1; 3966 } 3967 if (nla_put(msg, NL80211_TXRATE_LEGACY, 0, NULL) || 3968 nla_put_u8(msg, NL80211_TXRATE_HT, params->beacon_rate) || 3969 (params->freq->vht_enabled && 3970 nla_put(msg, NL80211_TXRATE_VHT, sizeof(vht_rate), 3971 &vht_rate))) 3972 return -1; 3973 wpa_printf(MSG_DEBUG, " * beacon_rate = HT-MCS %u", 3974 params->beacon_rate); 3975 break; 3976 case BEACON_RATE_VHT: 3977 if (!(flags & WPA_DRIVER_FLAGS_BEACON_RATE_VHT)) { 3978 wpa_printf(MSG_INFO, 3979 "nl80211: Driver does not support setting Beacon frame rate (VHT)"); 3980 return -1; 3981 } 3982 vht_rate.mcs[0] = BIT(params->beacon_rate); 3983 if (nla_put(msg, NL80211_TXRATE_LEGACY, 0, NULL)) 3984 return -1; 3985 if (nla_put(msg, NL80211_TXRATE_HT, 0, NULL)) 3986 return -1; 3987 if (nla_put(msg, NL80211_TXRATE_VHT, sizeof(vht_rate), 3988 &vht_rate)) 3989 return -1; 3990 wpa_printf(MSG_DEBUG, " * beacon_rate = VHT-MCS %u", 3991 params->beacon_rate); 3992 break; 3993 } 3994 3995 nla_nest_end(msg, band); 3996 nla_nest_end(msg, bands); 3997 3998 return 0; 3999 } 4000 4001 4002 static int nl80211_set_multicast_to_unicast(struct i802_bss *bss, 4003 int multicast_to_unicast) 4004 { 4005 struct wpa_driver_nl80211_data *drv = bss->drv; 4006 struct nl_msg *msg; 4007 int ret; 4008 4009 msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_MULTICAST_TO_UNICAST); 4010 if (!msg || 4011 (multicast_to_unicast && 4012 nla_put_flag(msg, NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED))) { 4013 wpa_printf(MSG_ERROR, 4014 "nl80211: Failed to build NL80211_CMD_SET_MULTICAST_TO_UNICAST msg for %s", 4015 bss->ifname); 4016 nlmsg_free(msg); 4017 return -ENOBUFS; 4018 } 4019 4020 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 4021 4022 switch (ret) { 4023 case 0: 4024 wpa_printf(MSG_DEBUG, 4025 "nl80211: multicast to unicast %s on interface %s", 4026 multicast_to_unicast ? "enabled" : "disabled", 4027 bss->ifname); 4028 break; 4029 case -EOPNOTSUPP: 4030 if (!multicast_to_unicast) 4031 break; 4032 wpa_printf(MSG_INFO, 4033 "nl80211: multicast to unicast not supported on interface %s", 4034 bss->ifname); 4035 break; 4036 default: 4037 wpa_printf(MSG_ERROR, 4038 "nl80211: %s multicast to unicast failed with %d (%s) on interface %s", 4039 multicast_to_unicast ? "enabling" : "disabling", 4040 ret, strerror(-ret), bss->ifname); 4041 break; 4042 } 4043 4044 return ret; 4045 } 4046 4047 4048 static int wpa_driver_nl80211_set_ap(void *priv, 4049 struct wpa_driver_ap_params *params) 4050 { 4051 struct i802_bss *bss = priv; 4052 struct wpa_driver_nl80211_data *drv = bss->drv; 4053 struct nl_msg *msg; 4054 u8 cmd = NL80211_CMD_NEW_BEACON; 4055 int ret = -ENOBUFS; 4056 int beacon_set; 4057 int num_suites; 4058 int smps_mode; 4059 u32 suites[10], suite; 4060 u32 ver; 4061 #ifdef CONFIG_MESH 4062 struct wpa_driver_mesh_bss_params mesh_params; 4063 #endif /* CONFIG_MESH */ 4064 4065 beacon_set = params->reenable ? 0 : bss->beacon_set; 4066 4067 wpa_printf(MSG_DEBUG, "nl80211: Set beacon (beacon_set=%d)", 4068 beacon_set); 4069 if (beacon_set) 4070 cmd = NL80211_CMD_SET_BEACON; 4071 else if (!drv->device_ap_sme && !drv->use_monitor && 4072 !nl80211_get_wiphy_data_ap(bss)) 4073 return -ENOBUFS; 4074 4075 wpa_hexdump(MSG_DEBUG, "nl80211: Beacon head", 4076 params->head, params->head_len); 4077 wpa_hexdump(MSG_DEBUG, "nl80211: Beacon tail", 4078 params->tail, params->tail_len); 4079 wpa_printf(MSG_DEBUG, "nl80211: ifindex=%d", bss->ifindex); 4080 wpa_printf(MSG_DEBUG, "nl80211: beacon_int=%d", params->beacon_int); 4081 wpa_printf(MSG_DEBUG, "nl80211: beacon_rate=%u", params->beacon_rate); 4082 wpa_printf(MSG_DEBUG, "nl80211: rate_type=%d", params->rate_type); 4083 wpa_printf(MSG_DEBUG, "nl80211: dtim_period=%d", params->dtim_period); 4084 wpa_printf(MSG_DEBUG, "nl80211: ssid=%s", 4085 wpa_ssid_txt(params->ssid, params->ssid_len)); 4086 if (!(msg = nl80211_bss_msg(bss, 0, cmd)) || 4087 nla_put(msg, NL80211_ATTR_BEACON_HEAD, params->head_len, 4088 params->head) || 4089 nla_put(msg, NL80211_ATTR_BEACON_TAIL, params->tail_len, 4090 params->tail) || 4091 nl80211_put_beacon_int(msg, params->beacon_int) || 4092 nl80211_put_beacon_rate(msg, drv->capa.flags, params) || 4093 nl80211_put_dtim_period(msg, params->dtim_period) || 4094 nla_put(msg, NL80211_ATTR_SSID, params->ssid_len, params->ssid)) 4095 goto fail; 4096 if (params->proberesp && params->proberesp_len) { 4097 wpa_hexdump(MSG_DEBUG, "nl80211: proberesp (offload)", 4098 params->proberesp, params->proberesp_len); 4099 if (nla_put(msg, NL80211_ATTR_PROBE_RESP, params->proberesp_len, 4100 params->proberesp)) 4101 goto fail; 4102 } 4103 switch (params->hide_ssid) { 4104 case NO_SSID_HIDING: 4105 wpa_printf(MSG_DEBUG, "nl80211: hidden SSID not in use"); 4106 if (nla_put_u32(msg, NL80211_ATTR_HIDDEN_SSID, 4107 NL80211_HIDDEN_SSID_NOT_IN_USE)) 4108 goto fail; 4109 break; 4110 case HIDDEN_SSID_ZERO_LEN: 4111 wpa_printf(MSG_DEBUG, "nl80211: hidden SSID zero len"); 4112 if (nla_put_u32(msg, NL80211_ATTR_HIDDEN_SSID, 4113 NL80211_HIDDEN_SSID_ZERO_LEN)) 4114 goto fail; 4115 break; 4116 case HIDDEN_SSID_ZERO_CONTENTS: 4117 wpa_printf(MSG_DEBUG, "nl80211: hidden SSID zero contents"); 4118 if (nla_put_u32(msg, NL80211_ATTR_HIDDEN_SSID, 4119 NL80211_HIDDEN_SSID_ZERO_CONTENTS)) 4120 goto fail; 4121 break; 4122 } 4123 wpa_printf(MSG_DEBUG, "nl80211: privacy=%d", params->privacy); 4124 if (params->privacy && 4125 nla_put_flag(msg, NL80211_ATTR_PRIVACY)) 4126 goto fail; 4127 wpa_printf(MSG_DEBUG, "nl80211: auth_algs=0x%x", params->auth_algs); 4128 if ((params->auth_algs & (WPA_AUTH_ALG_OPEN | WPA_AUTH_ALG_SHARED)) == 4129 (WPA_AUTH_ALG_OPEN | WPA_AUTH_ALG_SHARED)) { 4130 /* Leave out the attribute */ 4131 } else if (params->auth_algs & WPA_AUTH_ALG_SHARED) { 4132 if (nla_put_u32(msg, NL80211_ATTR_AUTH_TYPE, 4133 NL80211_AUTHTYPE_SHARED_KEY)) 4134 goto fail; 4135 } else { 4136 if (nla_put_u32(msg, NL80211_ATTR_AUTH_TYPE, 4137 NL80211_AUTHTYPE_OPEN_SYSTEM)) 4138 goto fail; 4139 } 4140 4141 wpa_printf(MSG_DEBUG, "nl80211: wpa_version=0x%x", params->wpa_version); 4142 ver = 0; 4143 if (params->wpa_version & WPA_PROTO_WPA) 4144 ver |= NL80211_WPA_VERSION_1; 4145 if (params->wpa_version & WPA_PROTO_RSN) 4146 ver |= NL80211_WPA_VERSION_2; 4147 if (ver && 4148 nla_put_u32(msg, NL80211_ATTR_WPA_VERSIONS, ver)) 4149 goto fail; 4150 4151 wpa_printf(MSG_DEBUG, "nl80211: key_mgmt_suites=0x%x", 4152 params->key_mgmt_suites); 4153 num_suites = 0; 4154 if (params->key_mgmt_suites & WPA_KEY_MGMT_IEEE8021X) 4155 suites[num_suites++] = RSN_AUTH_KEY_MGMT_UNSPEC_802_1X; 4156 if (params->key_mgmt_suites & WPA_KEY_MGMT_PSK) 4157 suites[num_suites++] = RSN_AUTH_KEY_MGMT_PSK_OVER_802_1X; 4158 if (num_suites && 4159 nla_put(msg, NL80211_ATTR_AKM_SUITES, num_suites * sizeof(u32), 4160 suites)) 4161 goto fail; 4162 4163 if (params->key_mgmt_suites & WPA_KEY_MGMT_IEEE8021X_NO_WPA && 4164 (!params->pairwise_ciphers || 4165 params->pairwise_ciphers & (WPA_CIPHER_WEP104 | WPA_CIPHER_WEP40)) && 4166 (nla_put_u16(msg, NL80211_ATTR_CONTROL_PORT_ETHERTYPE, ETH_P_PAE) || 4167 nla_put_flag(msg, NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT))) 4168 goto fail; 4169 4170 if (drv->device_ap_sme && 4171 (params->key_mgmt_suites & WPA_KEY_MGMT_SAE) && 4172 nla_put_flag(msg, NL80211_ATTR_EXTERNAL_AUTH_SUPPORT)) 4173 goto fail; 4174 4175 wpa_printf(MSG_DEBUG, "nl80211: pairwise_ciphers=0x%x", 4176 params->pairwise_ciphers); 4177 num_suites = wpa_cipher_to_cipher_suites(params->pairwise_ciphers, 4178 suites, ARRAY_SIZE(suites)); 4179 if (num_suites && 4180 nla_put(msg, NL80211_ATTR_CIPHER_SUITES_PAIRWISE, 4181 num_suites * sizeof(u32), suites)) 4182 goto fail; 4183 4184 wpa_printf(MSG_DEBUG, "nl80211: group_cipher=0x%x", 4185 params->group_cipher); 4186 suite = wpa_cipher_to_cipher_suite(params->group_cipher); 4187 if (suite && 4188 nla_put_u32(msg, NL80211_ATTR_CIPHER_SUITE_GROUP, suite)) 4189 goto fail; 4190 4191 if (params->ht_opmode != -1) { 4192 switch (params->smps_mode) { 4193 case HT_CAP_INFO_SMPS_DYNAMIC: 4194 wpa_printf(MSG_DEBUG, "nl80211: SMPS mode - dynamic"); 4195 smps_mode = NL80211_SMPS_DYNAMIC; 4196 break; 4197 case HT_CAP_INFO_SMPS_STATIC: 4198 wpa_printf(MSG_DEBUG, "nl80211: SMPS mode - static"); 4199 smps_mode = NL80211_SMPS_STATIC; 4200 break; 4201 default: 4202 /* invalid - fallback to smps off */ 4203 case HT_CAP_INFO_SMPS_DISABLED: 4204 wpa_printf(MSG_DEBUG, "nl80211: SMPS mode - off"); 4205 smps_mode = NL80211_SMPS_OFF; 4206 break; 4207 } 4208 if (nla_put_u8(msg, NL80211_ATTR_SMPS_MODE, smps_mode)) 4209 goto fail; 4210 } 4211 4212 if (params->beacon_ies) { 4213 wpa_hexdump_buf(MSG_DEBUG, "nl80211: beacon_ies", 4214 params->beacon_ies); 4215 if (nla_put(msg, NL80211_ATTR_IE, 4216 wpabuf_len(params->beacon_ies), 4217 wpabuf_head(params->beacon_ies))) 4218 goto fail; 4219 } 4220 if (params->proberesp_ies) { 4221 wpa_hexdump_buf(MSG_DEBUG, "nl80211: proberesp_ies", 4222 params->proberesp_ies); 4223 if (nla_put(msg, NL80211_ATTR_IE_PROBE_RESP, 4224 wpabuf_len(params->proberesp_ies), 4225 wpabuf_head(params->proberesp_ies))) 4226 goto fail; 4227 } 4228 if (params->assocresp_ies) { 4229 wpa_hexdump_buf(MSG_DEBUG, "nl80211: assocresp_ies", 4230 params->assocresp_ies); 4231 if (nla_put(msg, NL80211_ATTR_IE_ASSOC_RESP, 4232 wpabuf_len(params->assocresp_ies), 4233 wpabuf_head(params->assocresp_ies))) 4234 goto fail; 4235 } 4236 4237 if (drv->capa.flags & WPA_DRIVER_FLAGS_INACTIVITY_TIMER) { 4238 wpa_printf(MSG_DEBUG, "nl80211: ap_max_inactivity=%d", 4239 params->ap_max_inactivity); 4240 if (nla_put_u16(msg, NL80211_ATTR_INACTIVITY_TIMEOUT, 4241 params->ap_max_inactivity)) 4242 goto fail; 4243 } 4244 4245 #ifdef CONFIG_P2P 4246 if (params->p2p_go_ctwindow > 0) { 4247 if (drv->p2p_go_ctwindow_supported) { 4248 wpa_printf(MSG_DEBUG, "nl80211: P2P GO ctwindow=%d", 4249 params->p2p_go_ctwindow); 4250 if (nla_put_u8(msg, NL80211_ATTR_P2P_CTWINDOW, 4251 params->p2p_go_ctwindow)) 4252 goto fail; 4253 } else { 4254 wpa_printf(MSG_INFO, 4255 "nl80211: Driver does not support CTWindow configuration - ignore this parameter"); 4256 } 4257 } 4258 #endif /* CONFIG_P2P */ 4259 4260 if (params->pbss) { 4261 wpa_printf(MSG_DEBUG, "nl80211: PBSS"); 4262 if (nla_put_flag(msg, NL80211_ATTR_PBSS)) 4263 goto fail; 4264 } 4265 4266 if (params->ftm_responder) { 4267 struct nlattr *ftm; 4268 4269 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_FTM_RESPONDER)) { 4270 ret = -ENOTSUP; 4271 goto fail; 4272 } 4273 4274 ftm = nla_nest_start(msg, NL80211_ATTR_FTM_RESPONDER); 4275 if (!ftm || 4276 nla_put_flag(msg, NL80211_FTM_RESP_ATTR_ENABLED) || 4277 (params->lci && 4278 nla_put(msg, NL80211_FTM_RESP_ATTR_LCI, 4279 wpabuf_len(params->lci), 4280 wpabuf_head(params->lci))) || 4281 (params->civic && 4282 nla_put(msg, NL80211_FTM_RESP_ATTR_CIVICLOC, 4283 wpabuf_len(params->civic), 4284 wpabuf_head(params->civic)))) 4285 goto fail; 4286 nla_nest_end(msg, ftm); 4287 } 4288 4289 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 4290 if (ret) { 4291 wpa_printf(MSG_DEBUG, "nl80211: Beacon set failed: %d (%s)", 4292 ret, strerror(-ret)); 4293 } else { 4294 bss->beacon_set = 1; 4295 nl80211_set_bss(bss, params->cts_protect, params->preamble, 4296 params->short_slot_time, params->ht_opmode, 4297 params->isolate, params->basic_rates); 4298 nl80211_set_multicast_to_unicast(bss, 4299 params->multicast_to_unicast); 4300 if (beacon_set && params->freq && 4301 params->freq->bandwidth != bss->bandwidth) { 4302 wpa_printf(MSG_DEBUG, 4303 "nl80211: Update BSS %s bandwidth: %d -> %d", 4304 bss->ifname, bss->bandwidth, 4305 params->freq->bandwidth); 4306 ret = nl80211_set_channel(bss, params->freq, 1); 4307 if (ret) { 4308 wpa_printf(MSG_DEBUG, 4309 "nl80211: Frequency set failed: %d (%s)", 4310 ret, strerror(-ret)); 4311 } else { 4312 wpa_printf(MSG_DEBUG, 4313 "nl80211: Frequency set succeeded for ht2040 coex"); 4314 bss->bandwidth = params->freq->bandwidth; 4315 } 4316 } else if (!beacon_set && params->freq) { 4317 /* 4318 * cfg80211 updates the driver on frequence change in AP 4319 * mode only at the point when beaconing is started, so 4320 * set the initial value here. 4321 */ 4322 bss->bandwidth = params->freq->bandwidth; 4323 } 4324 } 4325 4326 #ifdef CONFIG_MESH 4327 if (is_mesh_interface(drv->nlmode) && params->ht_opmode != -1) { 4328 os_memset(&mesh_params, 0, sizeof(mesh_params)); 4329 mesh_params.flags |= WPA_DRIVER_MESH_CONF_FLAG_HT_OP_MODE; 4330 mesh_params.ht_opmode = params->ht_opmode; 4331 ret = nl80211_set_mesh_config(priv, &mesh_params); 4332 if (ret < 0) 4333 return ret; 4334 } 4335 #endif /* CONFIG_MESH */ 4336 4337 return ret; 4338 fail: 4339 nlmsg_free(msg); 4340 return ret; 4341 } 4342 4343 4344 static int nl80211_put_freq_params(struct nl_msg *msg, 4345 const struct hostapd_freq_params *freq) 4346 { 4347 wpa_printf(MSG_DEBUG, " * freq=%d", freq->freq); 4348 if (nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, freq->freq)) 4349 return -ENOBUFS; 4350 4351 wpa_printf(MSG_DEBUG, " * he_enabled=%d", freq->he_enabled); 4352 wpa_printf(MSG_DEBUG, " * vht_enabled=%d", freq->vht_enabled); 4353 wpa_printf(MSG_DEBUG, " * ht_enabled=%d", freq->ht_enabled); 4354 4355 if (freq->vht_enabled || freq->he_enabled) { 4356 enum nl80211_chan_width cw; 4357 4358 wpa_printf(MSG_DEBUG, " * bandwidth=%d", freq->bandwidth); 4359 switch (freq->bandwidth) { 4360 case 20: 4361 cw = NL80211_CHAN_WIDTH_20; 4362 break; 4363 case 40: 4364 cw = NL80211_CHAN_WIDTH_40; 4365 break; 4366 case 80: 4367 if (freq->center_freq2) 4368 cw = NL80211_CHAN_WIDTH_80P80; 4369 else 4370 cw = NL80211_CHAN_WIDTH_80; 4371 break; 4372 case 160: 4373 cw = NL80211_CHAN_WIDTH_160; 4374 break; 4375 default: 4376 return -EINVAL; 4377 } 4378 4379 wpa_printf(MSG_DEBUG, " * channel_width=%d", cw); 4380 wpa_printf(MSG_DEBUG, " * center_freq1=%d", 4381 freq->center_freq1); 4382 wpa_printf(MSG_DEBUG, " * center_freq2=%d", 4383 freq->center_freq2); 4384 if (nla_put_u32(msg, NL80211_ATTR_CHANNEL_WIDTH, cw) || 4385 nla_put_u32(msg, NL80211_ATTR_CENTER_FREQ1, 4386 freq->center_freq1) || 4387 (freq->center_freq2 && 4388 nla_put_u32(msg, NL80211_ATTR_CENTER_FREQ2, 4389 freq->center_freq2))) 4390 return -ENOBUFS; 4391 } else if (freq->ht_enabled) { 4392 enum nl80211_channel_type ct; 4393 4394 wpa_printf(MSG_DEBUG, " * sec_channel_offset=%d", 4395 freq->sec_channel_offset); 4396 switch (freq->sec_channel_offset) { 4397 case -1: 4398 ct = NL80211_CHAN_HT40MINUS; 4399 break; 4400 case 1: 4401 ct = NL80211_CHAN_HT40PLUS; 4402 break; 4403 default: 4404 ct = NL80211_CHAN_HT20; 4405 break; 4406 } 4407 4408 wpa_printf(MSG_DEBUG, " * channel_type=%d", ct); 4409 if (nla_put_u32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE, ct)) 4410 return -ENOBUFS; 4411 } else { 4412 wpa_printf(MSG_DEBUG, " * channel_type=%d", 4413 NL80211_CHAN_NO_HT); 4414 if (nla_put_u32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE, 4415 NL80211_CHAN_NO_HT)) 4416 return -ENOBUFS; 4417 } 4418 return 0; 4419 } 4420 4421 4422 static int nl80211_set_channel(struct i802_bss *bss, 4423 struct hostapd_freq_params *freq, int set_chan) 4424 { 4425 struct wpa_driver_nl80211_data *drv = bss->drv; 4426 struct nl_msg *msg; 4427 int ret; 4428 4429 wpa_printf(MSG_DEBUG, 4430 "nl80211: Set freq %d (ht_enabled=%d, vht_enabled=%d, he_enabled=%d, bandwidth=%d MHz, cf1=%d MHz, cf2=%d MHz)", 4431 freq->freq, freq->ht_enabled, freq->vht_enabled, freq->he_enabled, 4432 freq->bandwidth, freq->center_freq1, freq->center_freq2); 4433 4434 msg = nl80211_drv_msg(drv, 0, set_chan ? NL80211_CMD_SET_CHANNEL : 4435 NL80211_CMD_SET_WIPHY); 4436 if (!msg || nl80211_put_freq_params(msg, freq) < 0) { 4437 nlmsg_free(msg); 4438 return -1; 4439 } 4440 4441 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 4442 if (ret == 0) { 4443 bss->freq = freq->freq; 4444 return 0; 4445 } 4446 wpa_printf(MSG_DEBUG, "nl80211: Failed to set channel (freq=%d): " 4447 "%d (%s)", freq->freq, ret, strerror(-ret)); 4448 return -1; 4449 } 4450 4451 4452 static u32 sta_flags_nl80211(int flags) 4453 { 4454 u32 f = 0; 4455 4456 if (flags & WPA_STA_AUTHORIZED) 4457 f |= BIT(NL80211_STA_FLAG_AUTHORIZED); 4458 if (flags & WPA_STA_WMM) 4459 f |= BIT(NL80211_STA_FLAG_WME); 4460 if (flags & WPA_STA_SHORT_PREAMBLE) 4461 f |= BIT(NL80211_STA_FLAG_SHORT_PREAMBLE); 4462 if (flags & WPA_STA_MFP) 4463 f |= BIT(NL80211_STA_FLAG_MFP); 4464 if (flags & WPA_STA_TDLS_PEER) 4465 f |= BIT(NL80211_STA_FLAG_TDLS_PEER); 4466 if (flags & WPA_STA_AUTHENTICATED) 4467 f |= BIT(NL80211_STA_FLAG_AUTHENTICATED); 4468 if (flags & WPA_STA_ASSOCIATED) 4469 f |= BIT(NL80211_STA_FLAG_ASSOCIATED); 4470 4471 return f; 4472 } 4473 4474 4475 #ifdef CONFIG_MESH 4476 static u32 sta_plink_state_nl80211(enum mesh_plink_state state) 4477 { 4478 switch (state) { 4479 case PLINK_IDLE: 4480 return NL80211_PLINK_LISTEN; 4481 case PLINK_OPN_SNT: 4482 return NL80211_PLINK_OPN_SNT; 4483 case PLINK_OPN_RCVD: 4484 return NL80211_PLINK_OPN_RCVD; 4485 case PLINK_CNF_RCVD: 4486 return NL80211_PLINK_CNF_RCVD; 4487 case PLINK_ESTAB: 4488 return NL80211_PLINK_ESTAB; 4489 case PLINK_HOLDING: 4490 return NL80211_PLINK_HOLDING; 4491 case PLINK_BLOCKED: 4492 return NL80211_PLINK_BLOCKED; 4493 default: 4494 wpa_printf(MSG_ERROR, "nl80211: Invalid mesh plink state %d", 4495 state); 4496 } 4497 return -1; 4498 } 4499 #endif /* CONFIG_MESH */ 4500 4501 4502 static int wpa_driver_nl80211_sta_add(void *priv, 4503 struct hostapd_sta_add_params *params) 4504 { 4505 struct i802_bss *bss = priv; 4506 struct wpa_driver_nl80211_data *drv = bss->drv; 4507 struct nl_msg *msg; 4508 struct nl80211_sta_flag_update upd; 4509 int ret = -ENOBUFS; 4510 4511 if ((params->flags & WPA_STA_TDLS_PEER) && 4512 !(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT)) 4513 return -EOPNOTSUPP; 4514 4515 wpa_printf(MSG_DEBUG, "nl80211: %s STA " MACSTR, 4516 params->set ? "Set" : "Add", MAC2STR(params->addr)); 4517 msg = nl80211_bss_msg(bss, 0, params->set ? NL80211_CMD_SET_STATION : 4518 NL80211_CMD_NEW_STATION); 4519 if (!msg || nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, params->addr)) 4520 goto fail; 4521 4522 /* 4523 * Set the below properties only in one of the following cases: 4524 * 1. New station is added, already associated. 4525 * 2. Set WPA_STA_TDLS_PEER station. 4526 * 3. Set an already added unassociated station, if driver supports 4527 * full AP client state. (Set these properties after station became 4528 * associated will be rejected by the driver). 4529 */ 4530 if (!params->set || (params->flags & WPA_STA_TDLS_PEER) || 4531 (params->set && FULL_AP_CLIENT_STATE_SUPP(drv->capa.flags) && 4532 (params->flags & WPA_STA_ASSOCIATED))) { 4533 wpa_hexdump(MSG_DEBUG, " * supported rates", 4534 params->supp_rates, params->supp_rates_len); 4535 wpa_printf(MSG_DEBUG, " * capability=0x%x", 4536 params->capability); 4537 if (nla_put(msg, NL80211_ATTR_STA_SUPPORTED_RATES, 4538 params->supp_rates_len, params->supp_rates) || 4539 nla_put_u16(msg, NL80211_ATTR_STA_CAPABILITY, 4540 params->capability)) 4541 goto fail; 4542 4543 if (params->ht_capabilities) { 4544 wpa_hexdump(MSG_DEBUG, " * ht_capabilities", 4545 (u8 *) params->ht_capabilities, 4546 sizeof(*params->ht_capabilities)); 4547 if (nla_put(msg, NL80211_ATTR_HT_CAPABILITY, 4548 sizeof(*params->ht_capabilities), 4549 params->ht_capabilities)) 4550 goto fail; 4551 } 4552 4553 if (params->vht_capabilities) { 4554 wpa_hexdump(MSG_DEBUG, " * vht_capabilities", 4555 (u8 *) params->vht_capabilities, 4556 sizeof(*params->vht_capabilities)); 4557 if (nla_put(msg, NL80211_ATTR_VHT_CAPABILITY, 4558 sizeof(*params->vht_capabilities), 4559 params->vht_capabilities)) 4560 goto fail; 4561 } 4562 4563 if (params->he_capab) { 4564 wpa_hexdump(MSG_DEBUG, " * he_capab", 4565 params->he_capab, params->he_capab_len); 4566 if (nla_put(msg, NL80211_ATTR_HE_CAPABILITY, 4567 params->he_capab_len, params->he_capab)) 4568 goto fail; 4569 } 4570 4571 if (params->ext_capab) { 4572 wpa_hexdump(MSG_DEBUG, " * ext_capab", 4573 params->ext_capab, params->ext_capab_len); 4574 if (nla_put(msg, NL80211_ATTR_STA_EXT_CAPABILITY, 4575 params->ext_capab_len, params->ext_capab)) 4576 goto fail; 4577 } 4578 4579 if (is_ap_interface(drv->nlmode) && 4580 nla_put_u8(msg, NL80211_ATTR_STA_SUPPORT_P2P_PS, 4581 params->support_p2p_ps ? 4582 NL80211_P2P_PS_SUPPORTED : 4583 NL80211_P2P_PS_UNSUPPORTED)) 4584 goto fail; 4585 } 4586 if (!params->set) { 4587 if (params->aid) { 4588 wpa_printf(MSG_DEBUG, " * aid=%u", params->aid); 4589 if (nla_put_u16(msg, NL80211_ATTR_STA_AID, params->aid)) 4590 goto fail; 4591 } else { 4592 /* 4593 * cfg80211 validates that AID is non-zero, so we have 4594 * to make this a non-zero value for the TDLS case where 4595 * a dummy STA entry is used for now and for a station 4596 * that is still not associated. 4597 */ 4598 wpa_printf(MSG_DEBUG, " * aid=1 (%s workaround)", 4599 (params->flags & WPA_STA_TDLS_PEER) ? 4600 "TDLS" : "UNASSOC_STA"); 4601 if (nla_put_u16(msg, NL80211_ATTR_STA_AID, 1)) 4602 goto fail; 4603 } 4604 wpa_printf(MSG_DEBUG, " * listen_interval=%u", 4605 params->listen_interval); 4606 if (nla_put_u16(msg, NL80211_ATTR_STA_LISTEN_INTERVAL, 4607 params->listen_interval)) 4608 goto fail; 4609 } else if (params->aid && (params->flags & WPA_STA_TDLS_PEER)) { 4610 wpa_printf(MSG_DEBUG, " * peer_aid=%u", params->aid); 4611 if (nla_put_u16(msg, NL80211_ATTR_PEER_AID, params->aid)) 4612 goto fail; 4613 } else if (FULL_AP_CLIENT_STATE_SUPP(drv->capa.flags) && 4614 (params->flags & WPA_STA_ASSOCIATED)) { 4615 wpa_printf(MSG_DEBUG, " * aid=%u", params->aid); 4616 wpa_printf(MSG_DEBUG, " * listen_interval=%u", 4617 params->listen_interval); 4618 if (nla_put_u16(msg, NL80211_ATTR_STA_AID, params->aid) || 4619 nla_put_u16(msg, NL80211_ATTR_STA_LISTEN_INTERVAL, 4620 params->listen_interval)) 4621 goto fail; 4622 } 4623 4624 if (params->vht_opmode_enabled) { 4625 wpa_printf(MSG_DEBUG, " * opmode=%u", params->vht_opmode); 4626 if (nla_put_u8(msg, NL80211_ATTR_OPMODE_NOTIF, 4627 params->vht_opmode)) 4628 goto fail; 4629 } 4630 4631 if (params->supp_channels) { 4632 wpa_hexdump(MSG_DEBUG, " * supported channels", 4633 params->supp_channels, params->supp_channels_len); 4634 if (nla_put(msg, NL80211_ATTR_STA_SUPPORTED_CHANNELS, 4635 params->supp_channels_len, params->supp_channels)) 4636 goto fail; 4637 } 4638 4639 if (params->supp_oper_classes) { 4640 wpa_hexdump(MSG_DEBUG, " * supported operating classes", 4641 params->supp_oper_classes, 4642 params->supp_oper_classes_len); 4643 if (nla_put(msg, NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES, 4644 params->supp_oper_classes_len, 4645 params->supp_oper_classes)) 4646 goto fail; 4647 } 4648 4649 os_memset(&upd, 0, sizeof(upd)); 4650 upd.set = sta_flags_nl80211(params->flags); 4651 upd.mask = upd.set | sta_flags_nl80211(params->flags_mask); 4652 4653 /* 4654 * If the driver doesn't support full AP client state, ignore ASSOC/AUTH 4655 * flags, as nl80211 driver moves a new station, by default, into 4656 * associated state. 4657 * 4658 * On the other hand, if the driver supports that feature and the 4659 * station is added in unauthenticated state, set the 4660 * authenticated/associated bits in the mask to prevent moving this 4661 * station to associated state before it is actually associated. 4662 * 4663 * This is irrelevant for mesh mode where the station is added to the 4664 * driver as authenticated already, and ASSOCIATED isn't part of the 4665 * nl80211 API. 4666 */ 4667 if (!is_mesh_interface(drv->nlmode)) { 4668 if (!FULL_AP_CLIENT_STATE_SUPP(drv->capa.flags)) { 4669 wpa_printf(MSG_DEBUG, 4670 "nl80211: Ignore ASSOC/AUTH flags since driver doesn't support full AP client state"); 4671 upd.mask &= ~(BIT(NL80211_STA_FLAG_ASSOCIATED) | 4672 BIT(NL80211_STA_FLAG_AUTHENTICATED)); 4673 } else if (!params->set && 4674 !(params->flags & WPA_STA_TDLS_PEER)) { 4675 if (!(params->flags & WPA_STA_AUTHENTICATED)) 4676 upd.mask |= BIT(NL80211_STA_FLAG_AUTHENTICATED); 4677 if (!(params->flags & WPA_STA_ASSOCIATED)) 4678 upd.mask |= BIT(NL80211_STA_FLAG_ASSOCIATED); 4679 } 4680 #ifdef CONFIG_MESH 4681 } else { 4682 if (params->plink_state == PLINK_ESTAB && params->peer_aid) { 4683 ret = nla_put_u16(msg, NL80211_ATTR_MESH_PEER_AID, 4684 params->peer_aid); 4685 if (ret) 4686 goto fail; 4687 } 4688 #endif /* CONFIG_MESH */ 4689 } 4690 4691 wpa_printf(MSG_DEBUG, " * flags set=0x%x mask=0x%x", 4692 upd.set, upd.mask); 4693 if (nla_put(msg, NL80211_ATTR_STA_FLAGS2, sizeof(upd), &upd)) 4694 goto fail; 4695 4696 #ifdef CONFIG_MESH 4697 if (params->plink_state && 4698 nla_put_u8(msg, NL80211_ATTR_STA_PLINK_STATE, 4699 sta_plink_state_nl80211(params->plink_state))) 4700 goto fail; 4701 #endif /* CONFIG_MESH */ 4702 4703 if ((!params->set || (params->flags & WPA_STA_TDLS_PEER) || 4704 FULL_AP_CLIENT_STATE_SUPP(drv->capa.flags)) && 4705 (params->flags & WPA_STA_WMM)) { 4706 struct nlattr *wme = nla_nest_start(msg, NL80211_ATTR_STA_WME); 4707 4708 wpa_printf(MSG_DEBUG, " * qosinfo=0x%x", params->qosinfo); 4709 if (!wme || 4710 nla_put_u8(msg, NL80211_STA_WME_UAPSD_QUEUES, 4711 params->qosinfo & WMM_QOSINFO_STA_AC_MASK) || 4712 nla_put_u8(msg, NL80211_STA_WME_MAX_SP, 4713 (params->qosinfo >> WMM_QOSINFO_STA_SP_SHIFT) & 4714 WMM_QOSINFO_STA_SP_MASK)) 4715 goto fail; 4716 nla_nest_end(msg, wme); 4717 } 4718 4719 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 4720 msg = NULL; 4721 if (ret) 4722 wpa_printf(MSG_DEBUG, "nl80211: NL80211_CMD_%s_STATION " 4723 "result: %d (%s)", params->set ? "SET" : "NEW", ret, 4724 strerror(-ret)); 4725 if (ret == -EEXIST) 4726 ret = 0; 4727 fail: 4728 nlmsg_free(msg); 4729 return ret; 4730 } 4731 4732 4733 static void rtnl_neigh_delete_fdb_entry(struct i802_bss *bss, const u8 *addr) 4734 { 4735 #ifdef CONFIG_LIBNL3_ROUTE 4736 struct wpa_driver_nl80211_data *drv = bss->drv; 4737 struct rtnl_neigh *rn; 4738 struct nl_addr *nl_addr; 4739 int err; 4740 4741 rn = rtnl_neigh_alloc(); 4742 if (!rn) 4743 return; 4744 4745 rtnl_neigh_set_family(rn, AF_BRIDGE); 4746 rtnl_neigh_set_ifindex(rn, bss->ifindex); 4747 nl_addr = nl_addr_build(AF_BRIDGE, (void *) addr, ETH_ALEN); 4748 if (!nl_addr) { 4749 rtnl_neigh_put(rn); 4750 return; 4751 } 4752 rtnl_neigh_set_lladdr(rn, nl_addr); 4753 4754 err = rtnl_neigh_delete(drv->rtnl_sk, rn, 0); 4755 if (err < 0) { 4756 wpa_printf(MSG_DEBUG, "nl80211: bridge FDB entry delete for " 4757 MACSTR " ifindex=%d failed: %s", MAC2STR(addr), 4758 bss->ifindex, nl_geterror(err)); 4759 } else { 4760 wpa_printf(MSG_DEBUG, "nl80211: deleted bridge FDB entry for " 4761 MACSTR, MAC2STR(addr)); 4762 } 4763 4764 nl_addr_put(nl_addr); 4765 rtnl_neigh_put(rn); 4766 #endif /* CONFIG_LIBNL3_ROUTE */ 4767 } 4768 4769 4770 static int wpa_driver_nl80211_sta_remove(struct i802_bss *bss, const u8 *addr, 4771 int deauth, u16 reason_code) 4772 { 4773 struct wpa_driver_nl80211_data *drv = bss->drv; 4774 struct nl_msg *msg; 4775 int ret; 4776 4777 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_DEL_STATION)) || 4778 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr) || 4779 (deauth == 0 && 4780 nla_put_u8(msg, NL80211_ATTR_MGMT_SUBTYPE, 4781 WLAN_FC_STYPE_DISASSOC)) || 4782 (deauth == 1 && 4783 nla_put_u8(msg, NL80211_ATTR_MGMT_SUBTYPE, 4784 WLAN_FC_STYPE_DEAUTH)) || 4785 (reason_code && 4786 nla_put_u16(msg, NL80211_ATTR_REASON_CODE, reason_code))) { 4787 nlmsg_free(msg); 4788 return -ENOBUFS; 4789 } 4790 4791 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 4792 wpa_printf(MSG_DEBUG, "nl80211: sta_remove -> DEL_STATION %s " MACSTR 4793 " --> %d (%s)", 4794 bss->ifname, MAC2STR(addr), ret, strerror(-ret)); 4795 4796 if (drv->rtnl_sk) 4797 rtnl_neigh_delete_fdb_entry(bss, addr); 4798 4799 if (ret == -ENOENT) 4800 return 0; 4801 return ret; 4802 } 4803 4804 4805 void nl80211_remove_iface(struct wpa_driver_nl80211_data *drv, int ifidx) 4806 { 4807 struct nl_msg *msg; 4808 struct wpa_driver_nl80211_data *drv2; 4809 4810 wpa_printf(MSG_DEBUG, "nl80211: Remove interface ifindex=%d", ifidx); 4811 4812 /* stop listening for EAPOL on this interface */ 4813 dl_list_for_each(drv2, &drv->global->interfaces, 4814 struct wpa_driver_nl80211_data, list) 4815 { 4816 del_ifidx(drv2, ifidx, IFIDX_ANY); 4817 /* Remove all bridges learned for this iface */ 4818 del_ifidx(drv2, IFIDX_ANY, ifidx); 4819 } 4820 4821 msg = nl80211_ifindex_msg(drv, ifidx, 0, NL80211_CMD_DEL_INTERFACE); 4822 if (send_and_recv_msgs(drv, msg, NULL, NULL) == 0) 4823 return; 4824 wpa_printf(MSG_ERROR, "Failed to remove interface (ifidx=%d)", ifidx); 4825 } 4826 4827 4828 const char * nl80211_iftype_str(enum nl80211_iftype mode) 4829 { 4830 switch (mode) { 4831 case NL80211_IFTYPE_ADHOC: 4832 return "ADHOC"; 4833 case NL80211_IFTYPE_STATION: 4834 return "STATION"; 4835 case NL80211_IFTYPE_AP: 4836 return "AP"; 4837 case NL80211_IFTYPE_AP_VLAN: 4838 return "AP_VLAN"; 4839 case NL80211_IFTYPE_WDS: 4840 return "WDS"; 4841 case NL80211_IFTYPE_MONITOR: 4842 return "MONITOR"; 4843 case NL80211_IFTYPE_MESH_POINT: 4844 return "MESH_POINT"; 4845 case NL80211_IFTYPE_P2P_CLIENT: 4846 return "P2P_CLIENT"; 4847 case NL80211_IFTYPE_P2P_GO: 4848 return "P2P_GO"; 4849 case NL80211_IFTYPE_P2P_DEVICE: 4850 return "P2P_DEVICE"; 4851 default: 4852 return "unknown"; 4853 } 4854 } 4855 4856 4857 static int nl80211_create_iface_once(struct wpa_driver_nl80211_data *drv, 4858 const char *ifname, 4859 enum nl80211_iftype iftype, 4860 const u8 *addr, int wds, 4861 int (*handler)(struct nl_msg *, void *), 4862 void *arg) 4863 { 4864 struct nl_msg *msg; 4865 int ifidx; 4866 int ret = -ENOBUFS; 4867 4868 wpa_printf(MSG_DEBUG, "nl80211: Create interface iftype %d (%s)", 4869 iftype, nl80211_iftype_str(iftype)); 4870 4871 msg = nl80211_cmd_msg(drv->first_bss, 0, NL80211_CMD_NEW_INTERFACE); 4872 if (!msg || 4873 nla_put_string(msg, NL80211_ATTR_IFNAME, ifname) || 4874 nla_put_u32(msg, NL80211_ATTR_IFTYPE, iftype)) 4875 goto fail; 4876 4877 if (iftype == NL80211_IFTYPE_MONITOR) { 4878 struct nlattr *flags; 4879 4880 flags = nla_nest_start(msg, NL80211_ATTR_MNTR_FLAGS); 4881 if (!flags || 4882 nla_put_flag(msg, NL80211_MNTR_FLAG_COOK_FRAMES)) 4883 goto fail; 4884 4885 nla_nest_end(msg, flags); 4886 } else if (wds) { 4887 if (nla_put_u8(msg, NL80211_ATTR_4ADDR, wds)) 4888 goto fail; 4889 } 4890 4891 /* 4892 * Tell cfg80211 that the interface belongs to the socket that created 4893 * it, and the interface should be deleted when the socket is closed. 4894 */ 4895 if (nla_put_flag(msg, NL80211_ATTR_IFACE_SOCKET_OWNER)) 4896 goto fail; 4897 4898 ret = send_and_recv_msgs(drv, msg, handler, arg); 4899 msg = NULL; 4900 if (ret) { 4901 fail: 4902 nlmsg_free(msg); 4903 wpa_printf(MSG_ERROR, "Failed to create interface %s: %d (%s)", 4904 ifname, ret, strerror(-ret)); 4905 return ret; 4906 } 4907 4908 if (iftype == NL80211_IFTYPE_P2P_DEVICE) 4909 return 0; 4910 4911 ifidx = if_nametoindex(ifname); 4912 wpa_printf(MSG_DEBUG, "nl80211: New interface %s created: ifindex=%d", 4913 ifname, ifidx); 4914 4915 if (ifidx <= 0) 4916 return -1; 4917 4918 /* 4919 * Some virtual interfaces need to process EAPOL packets and events on 4920 * the parent interface. This is used mainly with hostapd. 4921 */ 4922 if (drv->hostapd || 4923 iftype == NL80211_IFTYPE_AP_VLAN || 4924 iftype == NL80211_IFTYPE_WDS || 4925 iftype == NL80211_IFTYPE_MONITOR) { 4926 /* start listening for EAPOL on this interface */ 4927 add_ifidx(drv, ifidx, IFIDX_ANY); 4928 } 4929 4930 if (addr && iftype != NL80211_IFTYPE_MONITOR && 4931 linux_set_ifhwaddr(drv->global->ioctl_sock, ifname, addr)) { 4932 nl80211_remove_iface(drv, ifidx); 4933 return -1; 4934 } 4935 4936 return ifidx; 4937 } 4938 4939 4940 int nl80211_create_iface(struct wpa_driver_nl80211_data *drv, 4941 const char *ifname, enum nl80211_iftype iftype, 4942 const u8 *addr, int wds, 4943 int (*handler)(struct nl_msg *, void *), 4944 void *arg, int use_existing) 4945 { 4946 int ret; 4947 4948 ret = nl80211_create_iface_once(drv, ifname, iftype, addr, wds, handler, 4949 arg); 4950 4951 /* if error occurred and interface exists already */ 4952 if (ret == -ENFILE && if_nametoindex(ifname)) { 4953 if (use_existing) { 4954 wpa_printf(MSG_DEBUG, "nl80211: Continue using existing interface %s", 4955 ifname); 4956 if (addr && iftype != NL80211_IFTYPE_MONITOR && 4957 linux_set_ifhwaddr(drv->global->ioctl_sock, ifname, 4958 addr) < 0 && 4959 (linux_set_iface_flags(drv->global->ioctl_sock, 4960 ifname, 0) < 0 || 4961 linux_set_ifhwaddr(drv->global->ioctl_sock, ifname, 4962 addr) < 0 || 4963 linux_set_iface_flags(drv->global->ioctl_sock, 4964 ifname, 1) < 0)) 4965 return -1; 4966 return -ENFILE; 4967 } 4968 wpa_printf(MSG_INFO, "Try to remove and re-create %s", ifname); 4969 4970 /* Try to remove the interface that was already there. */ 4971 nl80211_remove_iface(drv, if_nametoindex(ifname)); 4972 4973 /* Try to create the interface again */ 4974 ret = nl80211_create_iface_once(drv, ifname, iftype, addr, 4975 wds, handler, arg); 4976 } 4977 4978 if (ret >= 0 && is_p2p_net_interface(iftype)) { 4979 wpa_printf(MSG_DEBUG, 4980 "nl80211: Interface %s created for P2P - disable 11b rates", 4981 ifname); 4982 nl80211_disable_11b_rates(drv, ret, 1); 4983 } 4984 4985 return ret; 4986 } 4987 4988 4989 static int nl80211_setup_ap(struct i802_bss *bss) 4990 { 4991 struct wpa_driver_nl80211_data *drv = bss->drv; 4992 4993 wpa_printf(MSG_DEBUG, "nl80211: Setup AP(%s) - device_ap_sme=%d use_monitor=%d", 4994 bss->ifname, drv->device_ap_sme, drv->use_monitor); 4995 4996 /* 4997 * Disable Probe Request reporting unless we need it in this way for 4998 * devices that include the AP SME, in the other case (unless using 4999 * monitor iface) we'll get it through the nl_mgmt socket instead. 5000 */ 5001 if (!drv->device_ap_sme) 5002 wpa_driver_nl80211_probe_req_report(bss, 0); 5003 5004 if (!drv->device_ap_sme && !drv->use_monitor) 5005 if (nl80211_mgmt_subscribe_ap(bss)) 5006 return -1; 5007 5008 if (drv->device_ap_sme && !drv->use_monitor) 5009 if (nl80211_mgmt_subscribe_ap_dev_sme(bss)) 5010 wpa_printf(MSG_DEBUG, 5011 "nl80211: Failed to subscribe for mgmt frames from SME driver - trying to run without it"); 5012 5013 if (!drv->device_ap_sme && drv->use_monitor && 5014 nl80211_create_monitor_interface(drv) && 5015 !drv->device_ap_sme) 5016 return -1; 5017 5018 if (drv->device_ap_sme && 5019 wpa_driver_nl80211_probe_req_report(bss, 1) < 0) { 5020 wpa_printf(MSG_DEBUG, "nl80211: Failed to enable " 5021 "Probe Request frame reporting in AP mode"); 5022 /* Try to survive without this */ 5023 } 5024 5025 return 0; 5026 } 5027 5028 5029 static void nl80211_teardown_ap(struct i802_bss *bss) 5030 { 5031 struct wpa_driver_nl80211_data *drv = bss->drv; 5032 5033 wpa_printf(MSG_DEBUG, "nl80211: Teardown AP(%s) - device_ap_sme=%d use_monitor=%d", 5034 bss->ifname, drv->device_ap_sme, drv->use_monitor); 5035 if (drv->device_ap_sme) { 5036 wpa_driver_nl80211_probe_req_report(bss, 0); 5037 if (!drv->use_monitor) 5038 nl80211_mgmt_unsubscribe(bss, "AP teardown (dev SME)"); 5039 } else if (drv->use_monitor) 5040 nl80211_remove_monitor_interface(drv); 5041 else 5042 nl80211_mgmt_unsubscribe(bss, "AP teardown"); 5043 5044 nl80211_put_wiphy_data_ap(bss); 5045 bss->beacon_set = 0; 5046 } 5047 5048 5049 static int nl80211_send_eapol_data(struct i802_bss *bss, 5050 const u8 *addr, const u8 *data, 5051 size_t data_len) 5052 { 5053 struct sockaddr_ll ll; 5054 int ret; 5055 5056 if (bss->drv->eapol_tx_sock < 0) { 5057 wpa_printf(MSG_DEBUG, "nl80211: No socket to send EAPOL"); 5058 return -1; 5059 } 5060 5061 os_memset(&ll, 0, sizeof(ll)); 5062 ll.sll_family = AF_PACKET; 5063 ll.sll_ifindex = bss->ifindex; 5064 ll.sll_protocol = htons(ETH_P_PAE); 5065 ll.sll_halen = ETH_ALEN; 5066 os_memcpy(ll.sll_addr, addr, ETH_ALEN); 5067 ret = sendto(bss->drv->eapol_tx_sock, data, data_len, 0, 5068 (struct sockaddr *) &ll, sizeof(ll)); 5069 if (ret < 0) 5070 wpa_printf(MSG_ERROR, "nl80211: EAPOL TX: %s", 5071 strerror(errno)); 5072 5073 return ret; 5074 } 5075 5076 5077 static const u8 rfc1042_header[6] = { 0xaa, 0xaa, 0x03, 0x00, 0x00, 0x00 }; 5078 5079 static int wpa_driver_nl80211_hapd_send_eapol( 5080 void *priv, const u8 *addr, const u8 *data, 5081 size_t data_len, int encrypt, const u8 *own_addr, u32 flags) 5082 { 5083 struct i802_bss *bss = priv; 5084 struct wpa_driver_nl80211_data *drv = bss->drv; 5085 struct ieee80211_hdr *hdr; 5086 size_t len; 5087 u8 *pos; 5088 int res; 5089 int qos = flags & WPA_STA_WMM; 5090 5091 if (drv->device_ap_sme || !drv->use_monitor) 5092 return nl80211_send_eapol_data(bss, addr, data, data_len); 5093 5094 len = sizeof(*hdr) + (qos ? 2 : 0) + sizeof(rfc1042_header) + 2 + 5095 data_len; 5096 hdr = os_zalloc(len); 5097 if (hdr == NULL) { 5098 wpa_printf(MSG_INFO, "nl80211: Failed to allocate EAPOL buffer(len=%lu)", 5099 (unsigned long) len); 5100 return -1; 5101 } 5102 5103 hdr->frame_control = 5104 IEEE80211_FC(WLAN_FC_TYPE_DATA, WLAN_FC_STYPE_DATA); 5105 hdr->frame_control |= host_to_le16(WLAN_FC_FROMDS); 5106 if (encrypt) 5107 hdr->frame_control |= host_to_le16(WLAN_FC_ISWEP); 5108 if (qos) { 5109 hdr->frame_control |= 5110 host_to_le16(WLAN_FC_STYPE_QOS_DATA << 4); 5111 } 5112 5113 memcpy(hdr->IEEE80211_DA_FROMDS, addr, ETH_ALEN); 5114 memcpy(hdr->IEEE80211_BSSID_FROMDS, own_addr, ETH_ALEN); 5115 memcpy(hdr->IEEE80211_SA_FROMDS, own_addr, ETH_ALEN); 5116 pos = (u8 *) (hdr + 1); 5117 5118 if (qos) { 5119 /* Set highest priority in QoS header */ 5120 pos[0] = 7; 5121 pos[1] = 0; 5122 pos += 2; 5123 } 5124 5125 memcpy(pos, rfc1042_header, sizeof(rfc1042_header)); 5126 pos += sizeof(rfc1042_header); 5127 WPA_PUT_BE16(pos, ETH_P_PAE); 5128 pos += 2; 5129 memcpy(pos, data, data_len); 5130 5131 res = wpa_driver_nl80211_send_frame(bss, (u8 *) hdr, len, encrypt, 0, 5132 0, 0, 0, 0, NULL, 0); 5133 if (res < 0) { 5134 wpa_printf(MSG_ERROR, "i802_send_eapol - packet len: %lu - " 5135 "failed: %d (%s)", 5136 (unsigned long) len, errno, strerror(errno)); 5137 } 5138 os_free(hdr); 5139 5140 return res; 5141 } 5142 5143 5144 static int wpa_driver_nl80211_sta_set_flags(void *priv, const u8 *addr, 5145 unsigned int total_flags, 5146 unsigned int flags_or, 5147 unsigned int flags_and) 5148 { 5149 struct i802_bss *bss = priv; 5150 struct nl_msg *msg; 5151 struct nlattr *flags; 5152 struct nl80211_sta_flag_update upd; 5153 5154 wpa_printf(MSG_DEBUG, "nl80211: Set STA flags - ifname=%s addr=" MACSTR 5155 " total_flags=0x%x flags_or=0x%x flags_and=0x%x authorized=%d", 5156 bss->ifname, MAC2STR(addr), total_flags, flags_or, flags_and, 5157 !!(total_flags & WPA_STA_AUTHORIZED)); 5158 5159 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_STATION)) || 5160 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) 5161 goto fail; 5162 5163 /* 5164 * Backwards compatibility version using NL80211_ATTR_STA_FLAGS. This 5165 * can be removed eventually. 5166 */ 5167 flags = nla_nest_start(msg, NL80211_ATTR_STA_FLAGS); 5168 if (!flags || 5169 ((total_flags & WPA_STA_AUTHORIZED) && 5170 nla_put_flag(msg, NL80211_STA_FLAG_AUTHORIZED)) || 5171 ((total_flags & WPA_STA_WMM) && 5172 nla_put_flag(msg, NL80211_STA_FLAG_WME)) || 5173 ((total_flags & WPA_STA_SHORT_PREAMBLE) && 5174 nla_put_flag(msg, NL80211_STA_FLAG_SHORT_PREAMBLE)) || 5175 ((total_flags & WPA_STA_MFP) && 5176 nla_put_flag(msg, NL80211_STA_FLAG_MFP)) || 5177 ((total_flags & WPA_STA_TDLS_PEER) && 5178 nla_put_flag(msg, NL80211_STA_FLAG_TDLS_PEER))) 5179 goto fail; 5180 5181 nla_nest_end(msg, flags); 5182 5183 os_memset(&upd, 0, sizeof(upd)); 5184 upd.mask = sta_flags_nl80211(flags_or | ~flags_and); 5185 upd.set = sta_flags_nl80211(flags_or); 5186 if (nla_put(msg, NL80211_ATTR_STA_FLAGS2, sizeof(upd), &upd)) 5187 goto fail; 5188 5189 return send_and_recv_msgs(bss->drv, msg, NULL, NULL); 5190 fail: 5191 nlmsg_free(msg); 5192 return -ENOBUFS; 5193 } 5194 5195 5196 static int driver_nl80211_sta_set_airtime_weight(void *priv, const u8 *addr, 5197 unsigned int weight) 5198 { 5199 struct i802_bss *bss = priv; 5200 struct nl_msg *msg; 5201 5202 wpa_printf(MSG_DEBUG, 5203 "nl80211: Set STA airtime weight - ifname=%s addr=" MACSTR 5204 " weight=%u", bss->ifname, MAC2STR(addr), weight); 5205 5206 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_STATION)) || 5207 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr) || 5208 nla_put_u16(msg, NL80211_ATTR_AIRTIME_WEIGHT, weight)) 5209 goto fail; 5210 5211 return send_and_recv_msgs(bss->drv, msg, NULL, NULL); 5212 fail: 5213 nlmsg_free(msg); 5214 return -ENOBUFS; 5215 } 5216 5217 5218 static int wpa_driver_nl80211_ap(struct wpa_driver_nl80211_data *drv, 5219 struct wpa_driver_associate_params *params) 5220 { 5221 enum nl80211_iftype nlmode, old_mode; 5222 5223 if (params->p2p) { 5224 wpa_printf(MSG_DEBUG, "nl80211: Setup AP operations for P2P " 5225 "group (GO)"); 5226 nlmode = NL80211_IFTYPE_P2P_GO; 5227 } else 5228 nlmode = NL80211_IFTYPE_AP; 5229 5230 old_mode = drv->nlmode; 5231 if (wpa_driver_nl80211_set_mode(drv->first_bss, nlmode)) { 5232 nl80211_remove_monitor_interface(drv); 5233 return -1; 5234 } 5235 5236 if (params->freq.freq && 5237 nl80211_set_channel(drv->first_bss, ¶ms->freq, 0)) { 5238 if (old_mode != nlmode) 5239 wpa_driver_nl80211_set_mode(drv->first_bss, old_mode); 5240 nl80211_remove_monitor_interface(drv); 5241 return -1; 5242 } 5243 5244 return 0; 5245 } 5246 5247 5248 static int nl80211_leave_ibss(struct wpa_driver_nl80211_data *drv, 5249 int reset_mode) 5250 { 5251 struct nl_msg *msg; 5252 int ret; 5253 5254 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_LEAVE_IBSS); 5255 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 5256 if (ret) { 5257 wpa_printf(MSG_DEBUG, "nl80211: Leave IBSS failed: ret=%d " 5258 "(%s)", ret, strerror(-ret)); 5259 } else { 5260 wpa_printf(MSG_DEBUG, 5261 "nl80211: Leave IBSS request sent successfully"); 5262 } 5263 5264 if (reset_mode && 5265 wpa_driver_nl80211_set_mode(drv->first_bss, 5266 NL80211_IFTYPE_STATION)) { 5267 wpa_printf(MSG_INFO, "nl80211: Failed to set interface into " 5268 "station mode"); 5269 } 5270 5271 return ret; 5272 } 5273 5274 5275 static int nl80211_ht_vht_overrides(struct nl_msg *msg, 5276 struct wpa_driver_associate_params *params) 5277 { 5278 if (params->disable_ht && nla_put_flag(msg, NL80211_ATTR_DISABLE_HT)) 5279 return -1; 5280 5281 if (params->htcaps && params->htcaps_mask) { 5282 int sz = sizeof(struct ieee80211_ht_capabilities); 5283 wpa_hexdump(MSG_DEBUG, " * htcaps", params->htcaps, sz); 5284 wpa_hexdump(MSG_DEBUG, " * htcaps_mask", 5285 params->htcaps_mask, sz); 5286 if (nla_put(msg, NL80211_ATTR_HT_CAPABILITY, sz, 5287 params->htcaps) || 5288 nla_put(msg, NL80211_ATTR_HT_CAPABILITY_MASK, sz, 5289 params->htcaps_mask)) 5290 return -1; 5291 } 5292 5293 #ifdef CONFIG_VHT_OVERRIDES 5294 if (params->disable_vht) { 5295 wpa_printf(MSG_DEBUG, " * VHT disabled"); 5296 if (nla_put_flag(msg, NL80211_ATTR_DISABLE_VHT)) 5297 return -1; 5298 } 5299 5300 if (params->vhtcaps && params->vhtcaps_mask) { 5301 int sz = sizeof(struct ieee80211_vht_capabilities); 5302 wpa_hexdump(MSG_DEBUG, " * vhtcaps", params->vhtcaps, sz); 5303 wpa_hexdump(MSG_DEBUG, " * vhtcaps_mask", 5304 params->vhtcaps_mask, sz); 5305 if (nla_put(msg, NL80211_ATTR_VHT_CAPABILITY, sz, 5306 params->vhtcaps) || 5307 nla_put(msg, NL80211_ATTR_VHT_CAPABILITY_MASK, sz, 5308 params->vhtcaps_mask)) 5309 return -1; 5310 } 5311 #endif /* CONFIG_VHT_OVERRIDES */ 5312 5313 return 0; 5314 } 5315 5316 5317 static int wpa_driver_nl80211_ibss(struct wpa_driver_nl80211_data *drv, 5318 struct wpa_driver_associate_params *params) 5319 { 5320 struct nl_msg *msg; 5321 int ret = -1; 5322 int count = 0; 5323 5324 wpa_printf(MSG_DEBUG, "nl80211: Join IBSS (ifindex=%d)", drv->ifindex); 5325 5326 if (wpa_driver_nl80211_set_mode_ibss(drv->first_bss, ¶ms->freq)) { 5327 wpa_printf(MSG_INFO, "nl80211: Failed to set interface into " 5328 "IBSS mode"); 5329 return -1; 5330 } 5331 5332 retry: 5333 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_JOIN_IBSS)) || 5334 params->ssid == NULL || params->ssid_len > sizeof(drv->ssid)) 5335 goto fail; 5336 5337 wpa_printf(MSG_DEBUG, " * SSID=%s", 5338 wpa_ssid_txt(params->ssid, params->ssid_len)); 5339 if (nla_put(msg, NL80211_ATTR_SSID, params->ssid_len, params->ssid)) 5340 goto fail; 5341 os_memcpy(drv->ssid, params->ssid, params->ssid_len); 5342 drv->ssid_len = params->ssid_len; 5343 5344 if (nl80211_put_freq_params(msg, ¶ms->freq) < 0 || 5345 nl80211_put_beacon_int(msg, params->beacon_int)) 5346 goto fail; 5347 5348 ret = nl80211_set_conn_keys(params, msg); 5349 if (ret) 5350 goto fail; 5351 5352 if (params->bssid && params->fixed_bssid) { 5353 wpa_printf(MSG_DEBUG, " * BSSID=" MACSTR, 5354 MAC2STR(params->bssid)); 5355 if (nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid)) 5356 goto fail; 5357 } 5358 5359 if (params->fixed_freq) { 5360 wpa_printf(MSG_DEBUG, " * fixed_freq"); 5361 if (nla_put_flag(msg, NL80211_ATTR_FREQ_FIXED)) 5362 goto fail; 5363 } 5364 5365 if (params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X || 5366 params->key_mgmt_suite == WPA_KEY_MGMT_PSK || 5367 params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 || 5368 params->key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256) { 5369 wpa_printf(MSG_DEBUG, " * control port"); 5370 if (nla_put_flag(msg, NL80211_ATTR_CONTROL_PORT)) 5371 goto fail; 5372 } 5373 5374 if (params->wpa_ie) { 5375 wpa_hexdump(MSG_DEBUG, 5376 " * Extra IEs for Beacon/Probe Response frames", 5377 params->wpa_ie, params->wpa_ie_len); 5378 if (nla_put(msg, NL80211_ATTR_IE, params->wpa_ie_len, 5379 params->wpa_ie)) 5380 goto fail; 5381 } 5382 5383 ret = nl80211_ht_vht_overrides(msg, params); 5384 if (ret < 0) 5385 goto fail; 5386 5387 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 5388 msg = NULL; 5389 if (ret) { 5390 wpa_printf(MSG_DEBUG, "nl80211: Join IBSS failed: ret=%d (%s)", 5391 ret, strerror(-ret)); 5392 count++; 5393 if (ret == -EALREADY && count == 1) { 5394 wpa_printf(MSG_DEBUG, "nl80211: Retry IBSS join after " 5395 "forced leave"); 5396 nl80211_leave_ibss(drv, 0); 5397 nlmsg_free(msg); 5398 goto retry; 5399 } 5400 } else { 5401 wpa_printf(MSG_DEBUG, 5402 "nl80211: Join IBSS request sent successfully"); 5403 } 5404 5405 fail: 5406 nlmsg_free(msg); 5407 return ret; 5408 } 5409 5410 5411 static int nl80211_put_fils_connect_params(struct wpa_driver_nl80211_data *drv, 5412 struct wpa_driver_associate_params *params, 5413 struct nl_msg *msg) 5414 { 5415 if (params->fils_erp_username_len) { 5416 wpa_hexdump_ascii(MSG_DEBUG, " * FILS ERP EMSKname/username", 5417 params->fils_erp_username, 5418 params->fils_erp_username_len); 5419 if (nla_put(msg, NL80211_ATTR_FILS_ERP_USERNAME, 5420 params->fils_erp_username_len, 5421 params->fils_erp_username)) 5422 return -1; 5423 } 5424 5425 if (params->fils_erp_realm_len) { 5426 wpa_hexdump_ascii(MSG_DEBUG, " * FILS ERP Realm", 5427 params->fils_erp_realm, 5428 params->fils_erp_realm_len); 5429 if (nla_put(msg, NL80211_ATTR_FILS_ERP_REALM, 5430 params->fils_erp_realm_len, params->fils_erp_realm)) 5431 return -1; 5432 } 5433 5434 wpa_printf(MSG_DEBUG, " * FILS ERP next seq %u", 5435 params->fils_erp_next_seq_num); 5436 if (nla_put_u16(msg, NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM, 5437 params->fils_erp_next_seq_num)) 5438 return -1; 5439 5440 if (params->fils_erp_rrk_len) { 5441 wpa_printf(MSG_DEBUG, " * FILS ERP rRK (len=%lu)", 5442 (unsigned long) params->fils_erp_rrk_len); 5443 if (nla_put(msg, NL80211_ATTR_FILS_ERP_RRK, 5444 params->fils_erp_rrk_len, params->fils_erp_rrk)) 5445 return -1; 5446 } 5447 5448 return 0; 5449 } 5450 5451 5452 static int nl80211_connect_common(struct wpa_driver_nl80211_data *drv, 5453 struct wpa_driver_associate_params *params, 5454 struct nl_msg *msg) 5455 { 5456 if (nla_put_flag(msg, NL80211_ATTR_IFACE_SOCKET_OWNER)) 5457 return -1; 5458 5459 if (params->bssid) { 5460 wpa_printf(MSG_DEBUG, " * bssid=" MACSTR, 5461 MAC2STR(params->bssid)); 5462 if (nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid)) 5463 return -1; 5464 } 5465 5466 if (params->bssid_hint) { 5467 wpa_printf(MSG_DEBUG, " * bssid_hint=" MACSTR, 5468 MAC2STR(params->bssid_hint)); 5469 if (nla_put(msg, NL80211_ATTR_MAC_HINT, ETH_ALEN, 5470 params->bssid_hint)) 5471 return -1; 5472 } 5473 5474 if (params->freq.freq) { 5475 wpa_printf(MSG_DEBUG, " * freq=%d", params->freq.freq); 5476 if (nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, 5477 params->freq.freq)) 5478 return -1; 5479 drv->assoc_freq = params->freq.freq; 5480 } else 5481 drv->assoc_freq = 0; 5482 5483 if (params->freq_hint) { 5484 wpa_printf(MSG_DEBUG, " * freq_hint=%d", params->freq_hint); 5485 if (nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ_HINT, 5486 params->freq_hint)) 5487 return -1; 5488 } 5489 5490 if (params->bg_scan_period >= 0) { 5491 wpa_printf(MSG_DEBUG, " * bg scan period=%d", 5492 params->bg_scan_period); 5493 if (nla_put_u16(msg, NL80211_ATTR_BG_SCAN_PERIOD, 5494 params->bg_scan_period)) 5495 return -1; 5496 } 5497 5498 if (params->ssid) { 5499 wpa_printf(MSG_DEBUG, " * SSID=%s", 5500 wpa_ssid_txt(params->ssid, params->ssid_len)); 5501 if (nla_put(msg, NL80211_ATTR_SSID, params->ssid_len, 5502 params->ssid)) 5503 return -1; 5504 if (params->ssid_len > sizeof(drv->ssid)) 5505 return -1; 5506 os_memcpy(drv->ssid, params->ssid, params->ssid_len); 5507 drv->ssid_len = params->ssid_len; 5508 } 5509 5510 wpa_hexdump(MSG_DEBUG, " * IEs", params->wpa_ie, params->wpa_ie_len); 5511 if (params->wpa_ie && 5512 nla_put(msg, NL80211_ATTR_IE, params->wpa_ie_len, params->wpa_ie)) 5513 return -1; 5514 5515 if (params->wpa_proto) { 5516 enum nl80211_wpa_versions ver = 0; 5517 5518 if (params->wpa_proto & WPA_PROTO_WPA) 5519 ver |= NL80211_WPA_VERSION_1; 5520 if (params->wpa_proto & WPA_PROTO_RSN) 5521 ver |= NL80211_WPA_VERSION_2; 5522 5523 wpa_printf(MSG_DEBUG, " * WPA Versions 0x%x", ver); 5524 if (nla_put_u32(msg, NL80211_ATTR_WPA_VERSIONS, ver)) 5525 return -1; 5526 } 5527 5528 if (params->pairwise_suite != WPA_CIPHER_NONE) { 5529 u32 cipher = wpa_cipher_to_cipher_suite(params->pairwise_suite); 5530 wpa_printf(MSG_DEBUG, " * pairwise=0x%x", cipher); 5531 if (nla_put_u32(msg, NL80211_ATTR_CIPHER_SUITES_PAIRWISE, 5532 cipher)) 5533 return -1; 5534 } 5535 5536 if (params->group_suite == WPA_CIPHER_GTK_NOT_USED && 5537 !(drv->capa.enc & WPA_DRIVER_CAPA_ENC_GTK_NOT_USED)) { 5538 /* 5539 * This is likely to work even though many drivers do not 5540 * advertise support for operations without GTK. 5541 */ 5542 wpa_printf(MSG_DEBUG, " * skip group cipher configuration for GTK_NOT_USED due to missing driver support advertisement"); 5543 } else if (params->group_suite != WPA_CIPHER_NONE) { 5544 u32 cipher = wpa_cipher_to_cipher_suite(params->group_suite); 5545 wpa_printf(MSG_DEBUG, " * group=0x%x", cipher); 5546 if (nla_put_u32(msg, NL80211_ATTR_CIPHER_SUITE_GROUP, cipher)) 5547 return -1; 5548 } 5549 5550 if (params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X || 5551 params->key_mgmt_suite == WPA_KEY_MGMT_PSK || 5552 params->key_mgmt_suite == WPA_KEY_MGMT_FT_IEEE8021X || 5553 params->key_mgmt_suite == WPA_KEY_MGMT_FT_PSK || 5554 params->key_mgmt_suite == WPA_KEY_MGMT_CCKM || 5555 params->key_mgmt_suite == WPA_KEY_MGMT_OSEN || 5556 params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 || 5557 params->key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256 || 5558 params->key_mgmt_suite == WPA_KEY_MGMT_SAE || 5559 params->key_mgmt_suite == WPA_KEY_MGMT_FT_SAE || 5560 params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B || 5561 params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192 || 5562 params->key_mgmt_suite == WPA_KEY_MGMT_FT_IEEE8021X_SHA384 || 5563 params->key_mgmt_suite == WPA_KEY_MGMT_FILS_SHA256 || 5564 params->key_mgmt_suite == WPA_KEY_MGMT_FILS_SHA384 || 5565 params->key_mgmt_suite == WPA_KEY_MGMT_FT_FILS_SHA256 || 5566 params->key_mgmt_suite == WPA_KEY_MGMT_FT_FILS_SHA384 || 5567 params->key_mgmt_suite == WPA_KEY_MGMT_OWE || 5568 params->key_mgmt_suite == WPA_KEY_MGMT_DPP) { 5569 int mgmt = RSN_AUTH_KEY_MGMT_PSK_OVER_802_1X; 5570 5571 switch (params->key_mgmt_suite) { 5572 case WPA_KEY_MGMT_CCKM: 5573 mgmt = RSN_AUTH_KEY_MGMT_CCKM; 5574 break; 5575 case WPA_KEY_MGMT_IEEE8021X: 5576 mgmt = RSN_AUTH_KEY_MGMT_UNSPEC_802_1X; 5577 break; 5578 case WPA_KEY_MGMT_FT_IEEE8021X: 5579 mgmt = RSN_AUTH_KEY_MGMT_FT_802_1X; 5580 break; 5581 case WPA_KEY_MGMT_FT_PSK: 5582 mgmt = RSN_AUTH_KEY_MGMT_FT_PSK; 5583 break; 5584 case WPA_KEY_MGMT_IEEE8021X_SHA256: 5585 mgmt = RSN_AUTH_KEY_MGMT_802_1X_SHA256; 5586 break; 5587 case WPA_KEY_MGMT_PSK_SHA256: 5588 mgmt = RSN_AUTH_KEY_MGMT_PSK_SHA256; 5589 break; 5590 case WPA_KEY_MGMT_OSEN: 5591 mgmt = RSN_AUTH_KEY_MGMT_OSEN; 5592 break; 5593 case WPA_KEY_MGMT_SAE: 5594 mgmt = RSN_AUTH_KEY_MGMT_SAE; 5595 break; 5596 case WPA_KEY_MGMT_FT_SAE: 5597 mgmt = RSN_AUTH_KEY_MGMT_FT_SAE; 5598 break; 5599 case WPA_KEY_MGMT_IEEE8021X_SUITE_B: 5600 mgmt = RSN_AUTH_KEY_MGMT_802_1X_SUITE_B; 5601 break; 5602 case WPA_KEY_MGMT_IEEE8021X_SUITE_B_192: 5603 mgmt = RSN_AUTH_KEY_MGMT_802_1X_SUITE_B_192; 5604 break; 5605 case WPA_KEY_MGMT_FT_IEEE8021X_SHA384: 5606 mgmt = RSN_AUTH_KEY_MGMT_FT_802_1X_SHA384; 5607 break; 5608 case WPA_KEY_MGMT_FILS_SHA256: 5609 mgmt = RSN_AUTH_KEY_MGMT_FILS_SHA256; 5610 break; 5611 case WPA_KEY_MGMT_FILS_SHA384: 5612 mgmt = RSN_AUTH_KEY_MGMT_FILS_SHA384; 5613 break; 5614 case WPA_KEY_MGMT_FT_FILS_SHA256: 5615 mgmt = RSN_AUTH_KEY_MGMT_FT_FILS_SHA256; 5616 break; 5617 case WPA_KEY_MGMT_FT_FILS_SHA384: 5618 mgmt = RSN_AUTH_KEY_MGMT_FT_FILS_SHA384; 5619 break; 5620 case WPA_KEY_MGMT_OWE: 5621 mgmt = RSN_AUTH_KEY_MGMT_OWE; 5622 break; 5623 case WPA_KEY_MGMT_DPP: 5624 mgmt = RSN_AUTH_KEY_MGMT_DPP; 5625 break; 5626 case WPA_KEY_MGMT_PSK: 5627 default: 5628 mgmt = RSN_AUTH_KEY_MGMT_PSK_OVER_802_1X; 5629 break; 5630 } 5631 wpa_printf(MSG_DEBUG, " * akm=0x%x", mgmt); 5632 if (nla_put_u32(msg, NL80211_ATTR_AKM_SUITES, mgmt)) 5633 return -1; 5634 } 5635 5636 if (params->req_handshake_offload && 5637 (drv->capa.flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X)) { 5638 wpa_printf(MSG_DEBUG, " * WANT_1X_4WAY_HS"); 5639 if (nla_put_flag(msg, NL80211_ATTR_WANT_1X_4WAY_HS)) 5640 return -1; 5641 } 5642 5643 /* Add PSK in case of 4-way handshake offload */ 5644 if (params->psk && 5645 (drv->capa.flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK)) { 5646 wpa_hexdump_key(MSG_DEBUG, " * PSK", params->psk, 32); 5647 if (nla_put(msg, NL80211_ATTR_PMK, 32, params->psk)) 5648 return -1; 5649 } 5650 5651 if (nla_put_flag(msg, NL80211_ATTR_CONTROL_PORT)) 5652 return -1; 5653 5654 if (params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_NO_WPA && 5655 (params->pairwise_suite == WPA_CIPHER_NONE || 5656 params->pairwise_suite == WPA_CIPHER_WEP104 || 5657 params->pairwise_suite == WPA_CIPHER_WEP40) && 5658 (nla_put_u16(msg, NL80211_ATTR_CONTROL_PORT_ETHERTYPE, ETH_P_PAE) || 5659 nla_put_flag(msg, NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT))) 5660 return -1; 5661 5662 if (params->rrm_used) { 5663 u32 drv_rrm_flags = drv->capa.rrm_flags; 5664 if ((!((drv_rrm_flags & 5665 WPA_DRIVER_FLAGS_DS_PARAM_SET_IE_IN_PROBES) && 5666 (drv_rrm_flags & WPA_DRIVER_FLAGS_QUIET)) && 5667 !(drv_rrm_flags & WPA_DRIVER_FLAGS_SUPPORT_RRM)) || 5668 nla_put_flag(msg, NL80211_ATTR_USE_RRM)) 5669 return -1; 5670 } 5671 5672 if (nl80211_ht_vht_overrides(msg, params) < 0) 5673 return -1; 5674 5675 if (params->p2p) 5676 wpa_printf(MSG_DEBUG, " * P2P group"); 5677 5678 if (params->pbss) { 5679 wpa_printf(MSG_DEBUG, " * PBSS"); 5680 if (nla_put_flag(msg, NL80211_ATTR_PBSS)) 5681 return -1; 5682 } 5683 5684 drv->connect_reassoc = 0; 5685 if (params->prev_bssid) { 5686 wpa_printf(MSG_DEBUG, " * prev_bssid=" MACSTR, 5687 MAC2STR(params->prev_bssid)); 5688 if (nla_put(msg, NL80211_ATTR_PREV_BSSID, ETH_ALEN, 5689 params->prev_bssid)) 5690 return -1; 5691 drv->connect_reassoc = 1; 5692 } 5693 5694 if ((params->auth_alg & WPA_AUTH_ALG_FILS) && 5695 nl80211_put_fils_connect_params(drv, params, msg) != 0) 5696 return -1; 5697 5698 if ((params->auth_alg & WPA_AUTH_ALG_SAE) && 5699 (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME)) && 5700 nla_put_flag(msg, NL80211_ATTR_EXTERNAL_AUTH_SUPPORT)) 5701 return -1; 5702 5703 return 0; 5704 } 5705 5706 5707 static int wpa_driver_nl80211_try_connect( 5708 struct wpa_driver_nl80211_data *drv, 5709 struct wpa_driver_associate_params *params, 5710 struct nl_handle *nl_connect) 5711 { 5712 struct nl_msg *msg; 5713 enum nl80211_auth_type type; 5714 int ret; 5715 int algs; 5716 5717 #ifdef CONFIG_DRIVER_NL80211_QCA 5718 if (params->req_key_mgmt_offload && params->psk && 5719 (params->key_mgmt_suite == WPA_KEY_MGMT_PSK || 5720 params->key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256 || 5721 params->key_mgmt_suite == WPA_KEY_MGMT_FT_PSK)) { 5722 wpa_printf(MSG_DEBUG, "nl80211: Key management set PSK"); 5723 ret = issue_key_mgmt_set_key(drv, params->psk, 32); 5724 if (ret) 5725 return ret; 5726 } 5727 #endif /* CONFIG_DRIVER_NL80211_QCA */ 5728 5729 wpa_printf(MSG_DEBUG, "nl80211: Connect (ifindex=%d)", drv->ifindex); 5730 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_CONNECT); 5731 if (!msg) 5732 return -1; 5733 5734 ret = nl80211_connect_common(drv, params, msg); 5735 if (ret) 5736 goto fail; 5737 5738 if (params->mgmt_frame_protection == MGMT_FRAME_PROTECTION_REQUIRED && 5739 nla_put_u32(msg, NL80211_ATTR_USE_MFP, NL80211_MFP_REQUIRED)) 5740 goto fail; 5741 5742 if (params->mgmt_frame_protection == MGMT_FRAME_PROTECTION_OPTIONAL && 5743 (drv->capa.flags & WPA_DRIVER_FLAGS_MFP_OPTIONAL) && 5744 nla_put_u32(msg, NL80211_ATTR_USE_MFP, NL80211_MFP_OPTIONAL)) 5745 goto fail; 5746 5747 algs = 0; 5748 if (params->auth_alg & WPA_AUTH_ALG_OPEN) 5749 algs++; 5750 if (params->auth_alg & WPA_AUTH_ALG_SHARED) 5751 algs++; 5752 if (params->auth_alg & WPA_AUTH_ALG_LEAP) 5753 algs++; 5754 if (params->auth_alg & WPA_AUTH_ALG_FILS) 5755 algs++; 5756 if (params->auth_alg & WPA_AUTH_ALG_FT) 5757 algs++; 5758 if (algs > 1) { 5759 wpa_printf(MSG_DEBUG, " * Leave out Auth Type for automatic " 5760 "selection"); 5761 goto skip_auth_type; 5762 } 5763 5764 type = get_nl_auth_type(params->auth_alg); 5765 wpa_printf(MSG_DEBUG, " * Auth Type %d", type); 5766 if (type == NL80211_AUTHTYPE_MAX || 5767 nla_put_u32(msg, NL80211_ATTR_AUTH_TYPE, type)) 5768 goto fail; 5769 5770 skip_auth_type: 5771 ret = nl80211_set_conn_keys(params, msg); 5772 if (ret) 5773 goto fail; 5774 5775 if (nl_connect) 5776 ret = send_and_recv(drv->global, nl_connect, msg, 5777 NULL, (void *) -1); 5778 else 5779 ret = send_and_recv_msgs(drv, msg, NULL, (void *) -1); 5780 5781 msg = NULL; 5782 if (ret) { 5783 wpa_printf(MSG_DEBUG, "nl80211: MLME connect failed: ret=%d " 5784 "(%s)", ret, strerror(-ret)); 5785 } else { 5786 wpa_printf(MSG_DEBUG, 5787 "nl80211: Connect request send successfully"); 5788 } 5789 5790 fail: 5791 nl80211_nlmsg_clear(msg); 5792 nlmsg_free(msg); 5793 return ret; 5794 5795 } 5796 5797 5798 static int wpa_driver_nl80211_connect( 5799 struct wpa_driver_nl80211_data *drv, 5800 struct wpa_driver_associate_params *params, 5801 struct nl_handle *nl_connect) 5802 { 5803 int ret; 5804 5805 /* Store the connection attempted bssid for future use */ 5806 if (params->bssid) 5807 os_memcpy(drv->auth_attempt_bssid, params->bssid, ETH_ALEN); 5808 else 5809 os_memset(drv->auth_attempt_bssid, 0, ETH_ALEN); 5810 5811 ret = wpa_driver_nl80211_try_connect(drv, params, nl_connect); 5812 if (ret == -EALREADY) { 5813 /* 5814 * cfg80211 does not currently accept new connections if 5815 * we are already connected. As a workaround, force 5816 * disconnection and try again. 5817 */ 5818 wpa_printf(MSG_DEBUG, "nl80211: Explicitly " 5819 "disconnecting before reassociation " 5820 "attempt"); 5821 if (wpa_driver_nl80211_disconnect( 5822 drv, WLAN_REASON_PREV_AUTH_NOT_VALID, nl_connect)) 5823 return -1; 5824 ret = wpa_driver_nl80211_try_connect(drv, params, nl_connect); 5825 } 5826 return ret; 5827 } 5828 5829 5830 static int wpa_driver_nl80211_associate( 5831 void *priv, struct wpa_driver_associate_params *params) 5832 { 5833 struct i802_bss *bss = priv; 5834 struct wpa_driver_nl80211_data *drv = bss->drv; 5835 int ret = -1; 5836 struct nl_msg *msg; 5837 5838 nl80211_unmask_11b_rates(bss); 5839 5840 if (params->mode == IEEE80211_MODE_AP) 5841 return wpa_driver_nl80211_ap(drv, params); 5842 5843 if (params->mode == IEEE80211_MODE_IBSS) 5844 return wpa_driver_nl80211_ibss(drv, params); 5845 5846 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME)) { 5847 enum nl80211_iftype nlmode = params->p2p ? 5848 NL80211_IFTYPE_P2P_CLIENT : NL80211_IFTYPE_STATION; 5849 struct nl_handle *nl_connect = NULL; 5850 5851 if (wpa_driver_nl80211_set_mode(priv, nlmode) < 0) 5852 return -1; 5853 if (params->auth_alg & WPA_AUTH_ALG_SAE) { 5854 nl_connect = bss->nl_connect; 5855 bss->use_nl_connect = 1; 5856 } else { 5857 bss->use_nl_connect = 0; 5858 } 5859 5860 return wpa_driver_nl80211_connect(drv, params, nl_connect); 5861 } 5862 5863 nl80211_mark_disconnected(drv); 5864 5865 wpa_printf(MSG_DEBUG, "nl80211: Associate (ifindex=%d)", 5866 drv->ifindex); 5867 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_ASSOCIATE); 5868 if (!msg) 5869 return -1; 5870 5871 ret = nl80211_connect_common(drv, params, msg); 5872 if (ret) 5873 goto fail; 5874 5875 if (params->mgmt_frame_protection == MGMT_FRAME_PROTECTION_REQUIRED && 5876 nla_put_u32(msg, NL80211_ATTR_USE_MFP, NL80211_MFP_REQUIRED)) 5877 goto fail; 5878 5879 if (params->fils_kek) { 5880 wpa_printf(MSG_DEBUG, " * FILS KEK (len=%u)", 5881 (unsigned int) params->fils_kek_len); 5882 if (nla_put(msg, NL80211_ATTR_FILS_KEK, params->fils_kek_len, 5883 params->fils_kek)) 5884 goto fail; 5885 } 5886 if (params->fils_nonces) { 5887 wpa_hexdump(MSG_DEBUG, " * FILS nonces (for AAD)", 5888 params->fils_nonces, 5889 params->fils_nonces_len); 5890 if (nla_put(msg, NL80211_ATTR_FILS_NONCES, 5891 params->fils_nonces_len, params->fils_nonces)) 5892 goto fail; 5893 } 5894 5895 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 5896 msg = NULL; 5897 if (ret) { 5898 wpa_dbg(drv->ctx, MSG_DEBUG, 5899 "nl80211: MLME command failed (assoc): ret=%d (%s)", 5900 ret, strerror(-ret)); 5901 nl80211_dump_scan(drv); 5902 } else { 5903 wpa_printf(MSG_DEBUG, 5904 "nl80211: Association request send successfully"); 5905 } 5906 5907 fail: 5908 nlmsg_free(msg); 5909 return ret; 5910 } 5911 5912 5913 static int nl80211_set_mode(struct wpa_driver_nl80211_data *drv, 5914 int ifindex, enum nl80211_iftype mode) 5915 { 5916 struct nl_msg *msg; 5917 int ret = -ENOBUFS; 5918 5919 wpa_printf(MSG_DEBUG, "nl80211: Set mode ifindex %d iftype %d (%s)", 5920 ifindex, mode, nl80211_iftype_str(mode)); 5921 5922 msg = nl80211_cmd_msg(drv->first_bss, 0, NL80211_CMD_SET_INTERFACE); 5923 if (!msg || nla_put_u32(msg, NL80211_ATTR_IFTYPE, mode)) 5924 goto fail; 5925 5926 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 5927 msg = NULL; 5928 if (!ret) 5929 return 0; 5930 fail: 5931 nlmsg_free(msg); 5932 wpa_printf(MSG_DEBUG, "nl80211: Failed to set interface %d to mode %d:" 5933 " %d (%s)", ifindex, mode, ret, strerror(-ret)); 5934 return ret; 5935 } 5936 5937 5938 static int wpa_driver_nl80211_set_mode_impl( 5939 struct i802_bss *bss, 5940 enum nl80211_iftype nlmode, 5941 struct hostapd_freq_params *desired_freq_params) 5942 { 5943 struct wpa_driver_nl80211_data *drv = bss->drv; 5944 int ret = -1; 5945 int i; 5946 int was_ap = is_ap_interface(drv->nlmode); 5947 int res; 5948 int mode_switch_res; 5949 5950 if (TEST_FAIL()) 5951 return -1; 5952 5953 mode_switch_res = nl80211_set_mode(drv, drv->ifindex, nlmode); 5954 if (mode_switch_res && nlmode == nl80211_get_ifmode(bss)) 5955 mode_switch_res = 0; 5956 5957 if (mode_switch_res == 0) { 5958 drv->nlmode = nlmode; 5959 ret = 0; 5960 goto done; 5961 } 5962 5963 if (mode_switch_res == -ENODEV) 5964 return -1; 5965 5966 if (nlmode == drv->nlmode) { 5967 wpa_printf(MSG_DEBUG, "nl80211: Interface already in " 5968 "requested mode - ignore error"); 5969 ret = 0; 5970 goto done; /* Already in the requested mode */ 5971 } 5972 5973 /* mac80211 doesn't allow mode changes while the device is up, so 5974 * take the device down, try to set the mode again, and bring the 5975 * device back up. 5976 */ 5977 wpa_printf(MSG_DEBUG, "nl80211: Try mode change after setting " 5978 "interface down"); 5979 for (i = 0; i < 10; i++) { 5980 res = i802_set_iface_flags(bss, 0); 5981 if (res == -EACCES || res == -ENODEV) 5982 break; 5983 if (res != 0) { 5984 wpa_printf(MSG_DEBUG, "nl80211: Failed to set " 5985 "interface down"); 5986 os_sleep(0, 100000); 5987 continue; 5988 } 5989 5990 /* 5991 * Setting the mode will fail for some drivers if the phy is 5992 * on a frequency that the mode is disallowed in. 5993 */ 5994 if (desired_freq_params) { 5995 res = nl80211_set_channel(bss, desired_freq_params, 0); 5996 if (res) { 5997 wpa_printf(MSG_DEBUG, 5998 "nl80211: Failed to set frequency on interface"); 5999 } 6000 } 6001 6002 /* Try to set the mode again while the interface is down */ 6003 mode_switch_res = nl80211_set_mode(drv, drv->ifindex, nlmode); 6004 if (mode_switch_res == -EBUSY) { 6005 wpa_printf(MSG_DEBUG, 6006 "nl80211: Delaying mode set while interface going down"); 6007 os_sleep(0, 100000); 6008 continue; 6009 } 6010 ret = mode_switch_res; 6011 break; 6012 } 6013 6014 if (!ret) { 6015 wpa_printf(MSG_DEBUG, "nl80211: Mode change succeeded while " 6016 "interface is down"); 6017 drv->nlmode = nlmode; 6018 drv->ignore_if_down_event = 1; 6019 } 6020 6021 /* Bring the interface back up */ 6022 res = linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 1); 6023 if (res != 0) { 6024 wpa_printf(MSG_DEBUG, 6025 "nl80211: Failed to set interface up after switching mode"); 6026 ret = -1; 6027 } 6028 6029 done: 6030 if (ret) { 6031 wpa_printf(MSG_DEBUG, "nl80211: Interface mode change to %d " 6032 "from %d failed", nlmode, drv->nlmode); 6033 return ret; 6034 } 6035 6036 if (is_p2p_net_interface(nlmode)) { 6037 wpa_printf(MSG_DEBUG, 6038 "nl80211: Interface %s mode change to P2P - disable 11b rates", 6039 bss->ifname); 6040 nl80211_disable_11b_rates(drv, drv->ifindex, 1); 6041 } else if (drv->disabled_11b_rates) { 6042 wpa_printf(MSG_DEBUG, 6043 "nl80211: Interface %s mode changed to non-P2P - re-enable 11b rates", 6044 bss->ifname); 6045 nl80211_disable_11b_rates(drv, drv->ifindex, 0); 6046 } 6047 6048 if (is_ap_interface(nlmode)) { 6049 nl80211_mgmt_unsubscribe(bss, "start AP"); 6050 /* Setup additional AP mode functionality if needed */ 6051 if (nl80211_setup_ap(bss)) 6052 return -1; 6053 } else if (was_ap) { 6054 /* Remove additional AP mode functionality */ 6055 nl80211_teardown_ap(bss); 6056 } else { 6057 nl80211_mgmt_unsubscribe(bss, "mode change"); 6058 } 6059 6060 if (is_mesh_interface(nlmode) && 6061 nl80211_mgmt_subscribe_mesh(bss)) 6062 return -1; 6063 6064 if (!bss->in_deinit && !is_ap_interface(nlmode) && 6065 !is_mesh_interface(nlmode) && 6066 nl80211_mgmt_subscribe_non_ap(bss) < 0) 6067 wpa_printf(MSG_DEBUG, "nl80211: Failed to register Action " 6068 "frame processing - ignore for now"); 6069 6070 return 0; 6071 } 6072 6073 6074 int wpa_driver_nl80211_set_mode(struct i802_bss *bss, 6075 enum nl80211_iftype nlmode) 6076 { 6077 return wpa_driver_nl80211_set_mode_impl(bss, nlmode, NULL); 6078 } 6079 6080 6081 static int wpa_driver_nl80211_set_mode_ibss(struct i802_bss *bss, 6082 struct hostapd_freq_params *freq) 6083 { 6084 return wpa_driver_nl80211_set_mode_impl(bss, NL80211_IFTYPE_ADHOC, 6085 freq); 6086 } 6087 6088 6089 static int wpa_driver_nl80211_get_capa(void *priv, 6090 struct wpa_driver_capa *capa) 6091 { 6092 struct i802_bss *bss = priv; 6093 struct wpa_driver_nl80211_data *drv = bss->drv; 6094 6095 if (!drv->has_capability) 6096 return -1; 6097 os_memcpy(capa, &drv->capa, sizeof(*capa)); 6098 if (drv->extended_capa && drv->extended_capa_mask) { 6099 capa->extended_capa = drv->extended_capa; 6100 capa->extended_capa_mask = drv->extended_capa_mask; 6101 capa->extended_capa_len = drv->extended_capa_len; 6102 } 6103 6104 return 0; 6105 } 6106 6107 6108 static int wpa_driver_nl80211_set_operstate(void *priv, int state) 6109 { 6110 struct i802_bss *bss = priv; 6111 struct wpa_driver_nl80211_data *drv = bss->drv; 6112 6113 wpa_printf(MSG_DEBUG, "nl80211: Set %s operstate %d->%d (%s)", 6114 bss->ifname, drv->operstate, state, 6115 state ? "UP" : "DORMANT"); 6116 drv->operstate = state; 6117 return netlink_send_oper_ifla(drv->global->netlink, drv->ifindex, -1, 6118 state ? IF_OPER_UP : IF_OPER_DORMANT); 6119 } 6120 6121 6122 static int wpa_driver_nl80211_set_supp_port(void *priv, int authorized) 6123 { 6124 struct i802_bss *bss = priv; 6125 struct wpa_driver_nl80211_data *drv = bss->drv; 6126 struct nl_msg *msg; 6127 struct nl80211_sta_flag_update upd; 6128 int ret; 6129 6130 if (!drv->associated && is_zero_ether_addr(drv->bssid) && !authorized) { 6131 wpa_printf(MSG_DEBUG, "nl80211: Skip set_supp_port(unauthorized) while not associated"); 6132 return 0; 6133 } 6134 6135 wpa_printf(MSG_DEBUG, "nl80211: Set supplicant port %sauthorized for " 6136 MACSTR, authorized ? "" : "un", MAC2STR(drv->bssid)); 6137 6138 os_memset(&upd, 0, sizeof(upd)); 6139 upd.mask = BIT(NL80211_STA_FLAG_AUTHORIZED); 6140 if (authorized) 6141 upd.set = BIT(NL80211_STA_FLAG_AUTHORIZED); 6142 6143 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_STATION)) || 6144 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, drv->bssid) || 6145 nla_put(msg, NL80211_ATTR_STA_FLAGS2, sizeof(upd), &upd)) { 6146 nlmsg_free(msg); 6147 return -ENOBUFS; 6148 } 6149 6150 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 6151 if (!ret) 6152 return 0; 6153 wpa_printf(MSG_DEBUG, "nl80211: Failed to set STA flag: %d (%s)", 6154 ret, strerror(-ret)); 6155 return ret; 6156 } 6157 6158 6159 /* Set kernel driver on given frequency (MHz) */ 6160 static int i802_set_freq(void *priv, struct hostapd_freq_params *freq) 6161 { 6162 struct i802_bss *bss = priv; 6163 return nl80211_set_channel(bss, freq, 0); 6164 } 6165 6166 6167 static inline int min_int(int a, int b) 6168 { 6169 if (a < b) 6170 return a; 6171 return b; 6172 } 6173 6174 6175 static int get_key_handler(struct nl_msg *msg, void *arg) 6176 { 6177 struct nlattr *tb[NL80211_ATTR_MAX + 1]; 6178 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); 6179 6180 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), 6181 genlmsg_attrlen(gnlh, 0), NULL); 6182 6183 /* 6184 * TODO: validate the key index and mac address! 6185 * Otherwise, there's a race condition as soon as 6186 * the kernel starts sending key notifications. 6187 */ 6188 6189 if (tb[NL80211_ATTR_KEY_SEQ]) 6190 memcpy(arg, nla_data(tb[NL80211_ATTR_KEY_SEQ]), 6191 min_int(nla_len(tb[NL80211_ATTR_KEY_SEQ]), 6)); 6192 nl80211_nlmsg_clear(msg); 6193 return NL_SKIP; 6194 } 6195 6196 6197 static int i802_get_seqnum(const char *iface, void *priv, const u8 *addr, 6198 int idx, u8 *seq) 6199 { 6200 struct i802_bss *bss = priv; 6201 struct wpa_driver_nl80211_data *drv = bss->drv; 6202 struct nl_msg *msg; 6203 6204 msg = nl80211_ifindex_msg(drv, if_nametoindex(iface), 0, 6205 NL80211_CMD_GET_KEY); 6206 if (!msg || 6207 (addr && nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) || 6208 nla_put_u8(msg, NL80211_ATTR_KEY_IDX, idx)) { 6209 nlmsg_free(msg); 6210 return -ENOBUFS; 6211 } 6212 6213 memset(seq, 0, 6); 6214 6215 return send_and_recv_msgs(drv, msg, get_key_handler, seq); 6216 } 6217 6218 6219 static int i802_set_rts(void *priv, int rts) 6220 { 6221 struct i802_bss *bss = priv; 6222 struct wpa_driver_nl80211_data *drv = bss->drv; 6223 struct nl_msg *msg; 6224 int ret; 6225 u32 val; 6226 6227 if (rts >= 2347 || rts == -1) 6228 val = (u32) -1; 6229 else 6230 val = rts; 6231 6232 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_SET_WIPHY)) || 6233 nla_put_u32(msg, NL80211_ATTR_WIPHY_RTS_THRESHOLD, val)) { 6234 nlmsg_free(msg); 6235 return -ENOBUFS; 6236 } 6237 6238 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 6239 if (!ret) 6240 return 0; 6241 wpa_printf(MSG_DEBUG, "nl80211: Failed to set RTS threshold %d: " 6242 "%d (%s)", rts, ret, strerror(-ret)); 6243 return ret; 6244 } 6245 6246 6247 static int i802_set_frag(void *priv, int frag) 6248 { 6249 struct i802_bss *bss = priv; 6250 struct wpa_driver_nl80211_data *drv = bss->drv; 6251 struct nl_msg *msg; 6252 int ret; 6253 u32 val; 6254 6255 if (frag >= 2346 || frag == -1) 6256 val = (u32) -1; 6257 else 6258 val = frag; 6259 6260 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_SET_WIPHY)) || 6261 nla_put_u32(msg, NL80211_ATTR_WIPHY_FRAG_THRESHOLD, val)) { 6262 nlmsg_free(msg); 6263 return -ENOBUFS; 6264 } 6265 6266 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 6267 if (!ret) 6268 return 0; 6269 wpa_printf(MSG_DEBUG, "nl80211: Failed to set fragmentation threshold " 6270 "%d: %d (%s)", frag, ret, strerror(-ret)); 6271 return ret; 6272 } 6273 6274 6275 static int i802_flush(void *priv) 6276 { 6277 struct i802_bss *bss = priv; 6278 struct nl_msg *msg; 6279 int res; 6280 6281 wpa_printf(MSG_DEBUG, "nl80211: flush -> DEL_STATION %s (all)", 6282 bss->ifname); 6283 6284 /* 6285 * XXX: FIX! this needs to flush all VLANs too 6286 */ 6287 msg = nl80211_bss_msg(bss, 0, NL80211_CMD_DEL_STATION); 6288 res = send_and_recv_msgs(bss->drv, msg, NULL, NULL); 6289 if (res) { 6290 wpa_printf(MSG_DEBUG, "nl80211: Station flush failed: ret=%d " 6291 "(%s)", res, strerror(-res)); 6292 } 6293 return res; 6294 } 6295 6296 6297 static void get_sta_tid_stats(struct hostap_sta_driver_data *data, 6298 struct nlattr *attr) 6299 { 6300 struct nlattr *tid_stats[NL80211_TID_STATS_MAX + 1], *tidattr; 6301 struct nlattr *txq_stats[NL80211_TXQ_STATS_MAX + 1]; 6302 static struct nla_policy txq_stats_policy[NL80211_TXQ_STATS_MAX + 1] = { 6303 [NL80211_TXQ_STATS_BACKLOG_BYTES] = { .type = NLA_U32 }, 6304 [NL80211_TXQ_STATS_BACKLOG_PACKETS] = { .type = NLA_U32 }, 6305 }; 6306 int rem; 6307 6308 nla_for_each_nested(tidattr, attr, rem) { 6309 if (nla_parse_nested(tid_stats, NL80211_TID_STATS_MAX, 6310 tidattr, NULL) != 0 || 6311 !tid_stats[NL80211_TID_STATS_TXQ_STATS] || 6312 nla_parse_nested(txq_stats, NL80211_TXQ_STATS_MAX, 6313 tid_stats[NL80211_TID_STATS_TXQ_STATS], 6314 txq_stats_policy) != 0) 6315 continue; 6316 /* sum the backlogs over all TIDs for station */ 6317 if (txq_stats[NL80211_TXQ_STATS_BACKLOG_BYTES]) 6318 data->backlog_bytes += nla_get_u32( 6319 txq_stats[NL80211_TXQ_STATS_BACKLOG_BYTES]); 6320 if (txq_stats[NL80211_TXQ_STATS_BACKLOG_PACKETS]) 6321 data->backlog_bytes += nla_get_u32( 6322 txq_stats[NL80211_TXQ_STATS_BACKLOG_PACKETS]); 6323 } 6324 } 6325 6326 6327 static int get_sta_handler(struct nl_msg *msg, void *arg) 6328 { 6329 struct nlattr *tb[NL80211_ATTR_MAX + 1]; 6330 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); 6331 struct hostap_sta_driver_data *data = arg; 6332 struct nlattr *stats[NL80211_STA_INFO_MAX + 1]; 6333 static struct nla_policy stats_policy[NL80211_STA_INFO_MAX + 1] = { 6334 [NL80211_STA_INFO_INACTIVE_TIME] = { .type = NLA_U32 }, 6335 [NL80211_STA_INFO_RX_BYTES] = { .type = NLA_U32 }, 6336 [NL80211_STA_INFO_TX_BYTES] = { .type = NLA_U32 }, 6337 [NL80211_STA_INFO_RX_PACKETS] = { .type = NLA_U32 }, 6338 [NL80211_STA_INFO_TX_PACKETS] = { .type = NLA_U32 }, 6339 [NL80211_STA_INFO_TX_FAILED] = { .type = NLA_U32 }, 6340 [NL80211_STA_INFO_RX_BYTES64] = { .type = NLA_U64 }, 6341 [NL80211_STA_INFO_TX_BYTES64] = { .type = NLA_U64 }, 6342 [NL80211_STA_INFO_SIGNAL] = { .type = NLA_U8 }, 6343 [NL80211_STA_INFO_ACK_SIGNAL] = { .type = NLA_U8 }, 6344 [NL80211_STA_INFO_RX_DURATION] = { .type = NLA_U64 }, 6345 [NL80211_STA_INFO_TX_DURATION] = { .type = NLA_U64 }, 6346 }; 6347 struct nlattr *rate[NL80211_RATE_INFO_MAX + 1]; 6348 static struct nla_policy rate_policy[NL80211_RATE_INFO_MAX + 1] = { 6349 [NL80211_RATE_INFO_BITRATE] = { .type = NLA_U16 }, 6350 [NL80211_RATE_INFO_BITRATE32] = { .type = NLA_U32 }, 6351 [NL80211_RATE_INFO_MCS] = { .type = NLA_U8 }, 6352 [NL80211_RATE_INFO_VHT_MCS] = { .type = NLA_U8 }, 6353 [NL80211_RATE_INFO_SHORT_GI] = { .type = NLA_FLAG }, 6354 [NL80211_RATE_INFO_VHT_NSS] = { .type = NLA_U8 }, 6355 }; 6356 6357 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), 6358 genlmsg_attrlen(gnlh, 0), NULL); 6359 6360 /* 6361 * TODO: validate the interface and mac address! 6362 * Otherwise, there's a race condition as soon as 6363 * the kernel starts sending station notifications. 6364 */ 6365 6366 if (!tb[NL80211_ATTR_STA_INFO]) { 6367 wpa_printf(MSG_DEBUG, "sta stats missing!"); 6368 return NL_SKIP; 6369 } 6370 if (nla_parse_nested(stats, NL80211_STA_INFO_MAX, 6371 tb[NL80211_ATTR_STA_INFO], 6372 stats_policy)) { 6373 wpa_printf(MSG_DEBUG, "failed to parse nested attributes!"); 6374 return NL_SKIP; 6375 } 6376 6377 if (stats[NL80211_STA_INFO_INACTIVE_TIME]) 6378 data->inactive_msec = 6379 nla_get_u32(stats[NL80211_STA_INFO_INACTIVE_TIME]); 6380 /* For backwards compatibility, fetch the 32-bit counters first. */ 6381 if (stats[NL80211_STA_INFO_RX_BYTES]) 6382 data->rx_bytes = nla_get_u32(stats[NL80211_STA_INFO_RX_BYTES]); 6383 if (stats[NL80211_STA_INFO_TX_BYTES]) 6384 data->tx_bytes = nla_get_u32(stats[NL80211_STA_INFO_TX_BYTES]); 6385 if (stats[NL80211_STA_INFO_RX_BYTES64] && 6386 stats[NL80211_STA_INFO_TX_BYTES64]) { 6387 /* 6388 * The driver supports 64-bit counters, so use them to override 6389 * the 32-bit values. 6390 */ 6391 data->rx_bytes = 6392 nla_get_u64(stats[NL80211_STA_INFO_RX_BYTES64]); 6393 data->tx_bytes = 6394 nla_get_u64(stats[NL80211_STA_INFO_TX_BYTES64]); 6395 data->bytes_64bit = 1; 6396 } 6397 if (stats[NL80211_STA_INFO_RX_PACKETS]) 6398 data->rx_packets = 6399 nla_get_u32(stats[NL80211_STA_INFO_RX_PACKETS]); 6400 if (stats[NL80211_STA_INFO_TX_PACKETS]) 6401 data->tx_packets = 6402 nla_get_u32(stats[NL80211_STA_INFO_TX_PACKETS]); 6403 if (stats[NL80211_STA_INFO_RX_DURATION]) 6404 data->rx_airtime = 6405 nla_get_u64(stats[NL80211_STA_INFO_RX_DURATION]); 6406 if (stats[NL80211_STA_INFO_TX_DURATION]) 6407 data->tx_airtime = 6408 nla_get_u64(stats[NL80211_STA_INFO_TX_DURATION]); 6409 if (stats[NL80211_STA_INFO_TX_FAILED]) 6410 data->tx_retry_failed = 6411 nla_get_u32(stats[NL80211_STA_INFO_TX_FAILED]); 6412 if (stats[NL80211_STA_INFO_SIGNAL]) 6413 data->signal = nla_get_u8(stats[NL80211_STA_INFO_SIGNAL]); 6414 if (stats[NL80211_STA_INFO_ACK_SIGNAL]) { 6415 data->last_ack_rssi = 6416 nla_get_u8(stats[NL80211_STA_INFO_ACK_SIGNAL]); 6417 data->flags |= STA_DRV_DATA_LAST_ACK_RSSI; 6418 } 6419 6420 if (stats[NL80211_STA_INFO_TX_BITRATE] && 6421 nla_parse_nested(rate, NL80211_RATE_INFO_MAX, 6422 stats[NL80211_STA_INFO_TX_BITRATE], 6423 rate_policy) == 0) { 6424 if (rate[NL80211_RATE_INFO_BITRATE32]) 6425 data->current_tx_rate = 6426 nla_get_u32(rate[NL80211_RATE_INFO_BITRATE32]); 6427 else if (rate[NL80211_RATE_INFO_BITRATE]) 6428 data->current_tx_rate = 6429 nla_get_u16(rate[NL80211_RATE_INFO_BITRATE]); 6430 6431 if (rate[NL80211_RATE_INFO_MCS]) { 6432 data->tx_mcs = nla_get_u8(rate[NL80211_RATE_INFO_MCS]); 6433 data->flags |= STA_DRV_DATA_TX_MCS; 6434 } 6435 if (rate[NL80211_RATE_INFO_VHT_MCS]) { 6436 data->tx_vhtmcs = 6437 nla_get_u8(rate[NL80211_RATE_INFO_VHT_MCS]); 6438 data->flags |= STA_DRV_DATA_TX_VHT_MCS; 6439 } 6440 if (rate[NL80211_RATE_INFO_SHORT_GI]) 6441 data->flags |= STA_DRV_DATA_TX_SHORT_GI; 6442 if (rate[NL80211_RATE_INFO_VHT_NSS]) { 6443 data->tx_vht_nss = 6444 nla_get_u8(rate[NL80211_RATE_INFO_VHT_NSS]); 6445 data->flags |= STA_DRV_DATA_TX_VHT_NSS; 6446 } 6447 } 6448 6449 if (stats[NL80211_STA_INFO_RX_BITRATE] && 6450 nla_parse_nested(rate, NL80211_RATE_INFO_MAX, 6451 stats[NL80211_STA_INFO_RX_BITRATE], 6452 rate_policy) == 0) { 6453 if (rate[NL80211_RATE_INFO_BITRATE32]) 6454 data->current_rx_rate = 6455 nla_get_u32(rate[NL80211_RATE_INFO_BITRATE32]); 6456 else if (rate[NL80211_RATE_INFO_BITRATE]) 6457 data->current_rx_rate = 6458 nla_get_u16(rate[NL80211_RATE_INFO_BITRATE]); 6459 6460 if (rate[NL80211_RATE_INFO_MCS]) { 6461 data->rx_mcs = 6462 nla_get_u8(rate[NL80211_RATE_INFO_MCS]); 6463 data->flags |= STA_DRV_DATA_RX_MCS; 6464 } 6465 if (rate[NL80211_RATE_INFO_VHT_MCS]) { 6466 data->rx_vhtmcs = 6467 nla_get_u8(rate[NL80211_RATE_INFO_VHT_MCS]); 6468 data->flags |= STA_DRV_DATA_RX_VHT_MCS; 6469 } 6470 if (rate[NL80211_RATE_INFO_SHORT_GI]) 6471 data->flags |= STA_DRV_DATA_RX_SHORT_GI; 6472 if (rate[NL80211_RATE_INFO_VHT_NSS]) { 6473 data->rx_vht_nss = 6474 nla_get_u8(rate[NL80211_RATE_INFO_VHT_NSS]); 6475 data->flags |= STA_DRV_DATA_RX_VHT_NSS; 6476 } 6477 } 6478 6479 if (stats[NL80211_STA_INFO_TID_STATS]) 6480 get_sta_tid_stats(data, stats[NL80211_STA_INFO_TID_STATS]); 6481 6482 return NL_SKIP; 6483 } 6484 6485 static int i802_read_sta_data(struct i802_bss *bss, 6486 struct hostap_sta_driver_data *data, 6487 const u8 *addr) 6488 { 6489 struct nl_msg *msg; 6490 6491 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_GET_STATION)) || 6492 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) { 6493 nlmsg_free(msg); 6494 return -ENOBUFS; 6495 } 6496 6497 return send_and_recv_msgs(bss->drv, msg, get_sta_handler, data); 6498 } 6499 6500 6501 static int i802_set_tx_queue_params(void *priv, int queue, int aifs, 6502 int cw_min, int cw_max, int burst_time) 6503 { 6504 struct i802_bss *bss = priv; 6505 struct wpa_driver_nl80211_data *drv = bss->drv; 6506 struct nl_msg *msg; 6507 struct nlattr *txq, *params; 6508 int res; 6509 6510 msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_WIPHY); 6511 if (!msg) 6512 return -1; 6513 6514 txq = nla_nest_start(msg, NL80211_ATTR_WIPHY_TXQ_PARAMS); 6515 if (!txq) 6516 goto fail; 6517 6518 /* We are only sending parameters for a single TXQ at a time */ 6519 params = nla_nest_start(msg, 1); 6520 if (!params) 6521 goto fail; 6522 6523 switch (queue) { 6524 case 0: 6525 if (nla_put_u8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_VO)) 6526 goto fail; 6527 break; 6528 case 1: 6529 if (nla_put_u8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_VI)) 6530 goto fail; 6531 break; 6532 case 2: 6533 if (nla_put_u8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_BE)) 6534 goto fail; 6535 break; 6536 case 3: 6537 if (nla_put_u8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_BK)) 6538 goto fail; 6539 break; 6540 } 6541 /* Burst time is configured in units of 0.1 msec and TXOP parameter in 6542 * 32 usec, so need to convert the value here. */ 6543 if (nla_put_u16(msg, NL80211_TXQ_ATTR_TXOP, 6544 (burst_time * 100 + 16) / 32) || 6545 nla_put_u16(msg, NL80211_TXQ_ATTR_CWMIN, cw_min) || 6546 nla_put_u16(msg, NL80211_TXQ_ATTR_CWMAX, cw_max) || 6547 nla_put_u8(msg, NL80211_TXQ_ATTR_AIFS, aifs)) 6548 goto fail; 6549 6550 nla_nest_end(msg, params); 6551 6552 nla_nest_end(msg, txq); 6553 6554 res = send_and_recv_msgs(drv, msg, NULL, NULL); 6555 wpa_printf(MSG_DEBUG, 6556 "nl80211: TX queue param set: queue=%d aifs=%d cw_min=%d cw_max=%d burst_time=%d --> res=%d", 6557 queue, aifs, cw_min, cw_max, burst_time, res); 6558 if (res == 0) 6559 return 0; 6560 msg = NULL; 6561 fail: 6562 nlmsg_free(msg); 6563 return -1; 6564 } 6565 6566 6567 static int i802_set_sta_vlan(struct i802_bss *bss, const u8 *addr, 6568 const char *ifname, int vlan_id) 6569 { 6570 struct wpa_driver_nl80211_data *drv = bss->drv; 6571 struct nl_msg *msg; 6572 int ret; 6573 6574 wpa_printf(MSG_DEBUG, "nl80211: %s[%d]: set_sta_vlan(" MACSTR 6575 ", ifname=%s[%d], vlan_id=%d)", 6576 bss->ifname, if_nametoindex(bss->ifname), 6577 MAC2STR(addr), ifname, if_nametoindex(ifname), vlan_id); 6578 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_STATION)) || 6579 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr) || 6580 nla_put_u32(msg, NL80211_ATTR_STA_VLAN, if_nametoindex(ifname))) { 6581 nlmsg_free(msg); 6582 return -ENOBUFS; 6583 } 6584 6585 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 6586 if (ret < 0) { 6587 wpa_printf(MSG_ERROR, "nl80211: NL80211_ATTR_STA_VLAN (addr=" 6588 MACSTR " ifname=%s vlan_id=%d) failed: %d (%s)", 6589 MAC2STR(addr), ifname, vlan_id, ret, 6590 strerror(-ret)); 6591 } 6592 return ret; 6593 } 6594 6595 6596 static int i802_get_inact_sec(void *priv, const u8 *addr) 6597 { 6598 struct hostap_sta_driver_data data; 6599 int ret; 6600 6601 os_memset(&data, 0, sizeof(data)); 6602 data.inactive_msec = (unsigned long) -1; 6603 ret = i802_read_sta_data(priv, &data, addr); 6604 if (ret == -ENOENT) 6605 return -ENOENT; 6606 if (ret || data.inactive_msec == (unsigned long) -1) 6607 return -1; 6608 return data.inactive_msec / 1000; 6609 } 6610 6611 6612 static int i802_sta_clear_stats(void *priv, const u8 *addr) 6613 { 6614 #if 0 6615 /* TODO */ 6616 #endif 6617 return 0; 6618 } 6619 6620 6621 static int i802_sta_deauth(void *priv, const u8 *own_addr, const u8 *addr, 6622 u16 reason) 6623 { 6624 struct i802_bss *bss = priv; 6625 struct wpa_driver_nl80211_data *drv = bss->drv; 6626 struct ieee80211_mgmt mgmt; 6627 u8 channel; 6628 6629 if (ieee80211_freq_to_chan(bss->freq, &channel) == 6630 HOSTAPD_MODE_IEEE80211AD) { 6631 /* Deauthentication is not used in DMG/IEEE 802.11ad; 6632 * disassociate the STA instead. */ 6633 return i802_sta_disassoc(priv, own_addr, addr, reason); 6634 } 6635 6636 if (is_mesh_interface(drv->nlmode)) 6637 return -1; 6638 6639 if (drv->device_ap_sme) 6640 return wpa_driver_nl80211_sta_remove(bss, addr, 1, reason); 6641 6642 memset(&mgmt, 0, sizeof(mgmt)); 6643 mgmt.frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT, 6644 WLAN_FC_STYPE_DEAUTH); 6645 memcpy(mgmt.da, addr, ETH_ALEN); 6646 memcpy(mgmt.sa, own_addr, ETH_ALEN); 6647 memcpy(mgmt.bssid, own_addr, ETH_ALEN); 6648 mgmt.u.deauth.reason_code = host_to_le16(reason); 6649 return wpa_driver_nl80211_send_mlme(bss, (u8 *) &mgmt, 6650 IEEE80211_HDRLEN + 6651 sizeof(mgmt.u.deauth), 0, 0, 0, 0, 6652 0, NULL, 0); 6653 } 6654 6655 6656 static int i802_sta_disassoc(void *priv, const u8 *own_addr, const u8 *addr, 6657 u16 reason) 6658 { 6659 struct i802_bss *bss = priv; 6660 struct wpa_driver_nl80211_data *drv = bss->drv; 6661 struct ieee80211_mgmt mgmt; 6662 6663 if (is_mesh_interface(drv->nlmode)) 6664 return -1; 6665 6666 if (drv->device_ap_sme) 6667 return wpa_driver_nl80211_sta_remove(bss, addr, 0, reason); 6668 6669 memset(&mgmt, 0, sizeof(mgmt)); 6670 mgmt.frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT, 6671 WLAN_FC_STYPE_DISASSOC); 6672 memcpy(mgmt.da, addr, ETH_ALEN); 6673 memcpy(mgmt.sa, own_addr, ETH_ALEN); 6674 memcpy(mgmt.bssid, own_addr, ETH_ALEN); 6675 mgmt.u.disassoc.reason_code = host_to_le16(reason); 6676 return wpa_driver_nl80211_send_mlme(bss, (u8 *) &mgmt, 6677 IEEE80211_HDRLEN + 6678 sizeof(mgmt.u.disassoc), 0, 0, 0, 0, 6679 0, NULL, 0); 6680 } 6681 6682 6683 static void dump_ifidx(struct wpa_driver_nl80211_data *drv) 6684 { 6685 char buf[200], *pos, *end; 6686 int i, res; 6687 6688 pos = buf; 6689 end = pos + sizeof(buf); 6690 6691 for (i = 0; i < drv->num_if_indices; i++) { 6692 if (!drv->if_indices[i].ifindex) 6693 continue; 6694 res = os_snprintf(pos, end - pos, " %d(%d)", 6695 drv->if_indices[i].ifindex, 6696 drv->if_indices[i].reason); 6697 if (os_snprintf_error(end - pos, res)) 6698 break; 6699 pos += res; 6700 } 6701 *pos = '\0'; 6702 6703 wpa_printf(MSG_DEBUG, "nl80211: if_indices[%d]:%s", 6704 drv->num_if_indices, buf); 6705 } 6706 6707 6708 static void add_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx, 6709 int ifidx_reason) 6710 { 6711 int i; 6712 struct drv_nl80211_if_info *old; 6713 6714 wpa_printf(MSG_DEBUG, 6715 "nl80211: Add own interface ifindex %d (ifidx_reason %d)", 6716 ifidx, ifidx_reason); 6717 if (have_ifidx(drv, ifidx, ifidx_reason)) { 6718 wpa_printf(MSG_DEBUG, "nl80211: ifindex %d already in the list", 6719 ifidx); 6720 return; 6721 } 6722 for (i = 0; i < drv->num_if_indices; i++) { 6723 if (drv->if_indices[i].ifindex == 0) { 6724 drv->if_indices[i].ifindex = ifidx; 6725 drv->if_indices[i].reason = ifidx_reason; 6726 dump_ifidx(drv); 6727 return; 6728 } 6729 } 6730 6731 if (drv->if_indices != drv->default_if_indices) 6732 old = drv->if_indices; 6733 else 6734 old = NULL; 6735 6736 drv->if_indices = os_realloc_array(old, drv->num_if_indices + 1, 6737 sizeof(*old)); 6738 if (!drv->if_indices) { 6739 if (!old) 6740 drv->if_indices = drv->default_if_indices; 6741 else 6742 drv->if_indices = old; 6743 wpa_printf(MSG_ERROR, "Failed to reallocate memory for " 6744 "interfaces"); 6745 wpa_printf(MSG_ERROR, "Ignoring EAPOL on interface %d", ifidx); 6746 return; 6747 } 6748 if (!old) 6749 os_memcpy(drv->if_indices, drv->default_if_indices, 6750 sizeof(drv->default_if_indices)); 6751 drv->if_indices[drv->num_if_indices].ifindex = ifidx; 6752 drv->if_indices[drv->num_if_indices].reason = ifidx_reason; 6753 drv->num_if_indices++; 6754 dump_ifidx(drv); 6755 } 6756 6757 6758 static void del_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx, 6759 int ifidx_reason) 6760 { 6761 int i; 6762 6763 for (i = 0; i < drv->num_if_indices; i++) { 6764 if ((drv->if_indices[i].ifindex == ifidx || 6765 ifidx == IFIDX_ANY) && 6766 (drv->if_indices[i].reason == ifidx_reason || 6767 ifidx_reason == IFIDX_ANY)) { 6768 drv->if_indices[i].ifindex = 0; 6769 drv->if_indices[i].reason = 0; 6770 break; 6771 } 6772 } 6773 dump_ifidx(drv); 6774 } 6775 6776 6777 static int have_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx, 6778 int ifidx_reason) 6779 { 6780 int i; 6781 6782 for (i = 0; i < drv->num_if_indices; i++) 6783 if (drv->if_indices[i].ifindex == ifidx && 6784 (drv->if_indices[i].reason == ifidx_reason || 6785 ifidx_reason == IFIDX_ANY)) 6786 return 1; 6787 6788 return 0; 6789 } 6790 6791 6792 static int i802_set_wds_sta(void *priv, const u8 *addr, int aid, int val, 6793 const char *bridge_ifname, char *ifname_wds) 6794 { 6795 struct i802_bss *bss = priv; 6796 struct wpa_driver_nl80211_data *drv = bss->drv; 6797 char name[IFNAMSIZ + 1]; 6798 union wpa_event_data event; 6799 int ret; 6800 6801 ret = os_snprintf(name, sizeof(name), "%s.sta%d", bss->ifname, aid); 6802 if (ret >= (int) sizeof(name)) 6803 wpa_printf(MSG_WARNING, 6804 "nl80211: WDS interface name was truncated"); 6805 else if (ret < 0) 6806 return ret; 6807 6808 if (ifname_wds) 6809 os_strlcpy(ifname_wds, name, IFNAMSIZ + 1); 6810 6811 wpa_printf(MSG_DEBUG, "nl80211: Set WDS STA addr=" MACSTR 6812 " aid=%d val=%d name=%s", MAC2STR(addr), aid, val, name); 6813 if (val) { 6814 if (!if_nametoindex(name)) { 6815 if (nl80211_create_iface(drv, name, 6816 NL80211_IFTYPE_AP_VLAN, 6817 bss->addr, 1, NULL, NULL, 0) < 6818 0) 6819 return -1; 6820 if (bridge_ifname && 6821 linux_br_add_if(drv->global->ioctl_sock, 6822 bridge_ifname, name) < 0) 6823 return -1; 6824 6825 os_memset(&event, 0, sizeof(event)); 6826 event.wds_sta_interface.sta_addr = addr; 6827 event.wds_sta_interface.ifname = name; 6828 event.wds_sta_interface.istatus = INTERFACE_ADDED; 6829 wpa_supplicant_event(bss->ctx, 6830 EVENT_WDS_STA_INTERFACE_STATUS, 6831 &event); 6832 } 6833 if (linux_set_iface_flags(drv->global->ioctl_sock, name, 1)) { 6834 wpa_printf(MSG_ERROR, "nl80211: Failed to set WDS STA " 6835 "interface %s up", name); 6836 } 6837 return i802_set_sta_vlan(priv, addr, name, 0); 6838 } else { 6839 if (bridge_ifname && 6840 linux_br_del_if(drv->global->ioctl_sock, bridge_ifname, 6841 name) < 0) 6842 wpa_printf(MSG_INFO, 6843 "nl80211: Failed to remove interface %s from bridge %s: %s", 6844 name, bridge_ifname, strerror(errno)); 6845 6846 i802_set_sta_vlan(priv, addr, bss->ifname, 0); 6847 nl80211_remove_iface(drv, if_nametoindex(name)); 6848 os_memset(&event, 0, sizeof(event)); 6849 event.wds_sta_interface.sta_addr = addr; 6850 event.wds_sta_interface.ifname = name; 6851 event.wds_sta_interface.istatus = INTERFACE_REMOVED; 6852 wpa_supplicant_event(bss->ctx, EVENT_WDS_STA_INTERFACE_STATUS, 6853 &event); 6854 return 0; 6855 } 6856 } 6857 6858 6859 static void handle_eapol(int sock, void *eloop_ctx, void *sock_ctx) 6860 { 6861 struct wpa_driver_nl80211_data *drv = eloop_ctx; 6862 struct sockaddr_ll lladdr; 6863 unsigned char buf[3000]; 6864 int len; 6865 socklen_t fromlen = sizeof(lladdr); 6866 6867 len = recvfrom(sock, buf, sizeof(buf), 0, 6868 (struct sockaddr *)&lladdr, &fromlen); 6869 if (len < 0) { 6870 wpa_printf(MSG_ERROR, "nl80211: EAPOL recv failed: %s", 6871 strerror(errno)); 6872 return; 6873 } 6874 6875 if (have_ifidx(drv, lladdr.sll_ifindex, IFIDX_ANY)) 6876 drv_event_eapol_rx(drv->ctx, lladdr.sll_addr, buf, len); 6877 } 6878 6879 6880 static int i802_check_bridge(struct wpa_driver_nl80211_data *drv, 6881 struct i802_bss *bss, 6882 const char *brname, const char *ifname) 6883 { 6884 int br_ifindex; 6885 char in_br[IFNAMSIZ]; 6886 6887 os_strlcpy(bss->brname, brname, IFNAMSIZ); 6888 br_ifindex = if_nametoindex(brname); 6889 if (br_ifindex == 0) { 6890 /* 6891 * Bridge was configured, but the bridge device does 6892 * not exist. Try to add it now. 6893 */ 6894 if (linux_br_add(drv->global->ioctl_sock, brname) < 0) { 6895 wpa_printf(MSG_ERROR, "nl80211: Failed to add the " 6896 "bridge interface %s: %s", 6897 brname, strerror(errno)); 6898 return -1; 6899 } 6900 bss->added_bridge = 1; 6901 br_ifindex = if_nametoindex(brname); 6902 add_ifidx(drv, br_ifindex, drv->ifindex); 6903 } 6904 bss->br_ifindex = br_ifindex; 6905 6906 if (linux_br_get(in_br, ifname) == 0) { 6907 if (os_strcmp(in_br, brname) == 0) { 6908 bss->already_in_bridge = 1; 6909 return 0; /* already in the bridge */ 6910 } 6911 6912 wpa_printf(MSG_DEBUG, "nl80211: Removing interface %s from " 6913 "bridge %s", ifname, in_br); 6914 if (linux_br_del_if(drv->global->ioctl_sock, in_br, ifname) < 6915 0) { 6916 wpa_printf(MSG_ERROR, "nl80211: Failed to " 6917 "remove interface %s from bridge " 6918 "%s: %s", 6919 ifname, in_br, strerror(errno)); 6920 return -1; 6921 } 6922 } 6923 6924 wpa_printf(MSG_DEBUG, "nl80211: Adding interface %s into bridge %s", 6925 ifname, brname); 6926 if (linux_br_add_if(drv->global->ioctl_sock, brname, ifname) < 0) { 6927 wpa_printf(MSG_ERROR, "nl80211: Failed to add interface %s " 6928 "into bridge %s: %s", 6929 ifname, brname, strerror(errno)); 6930 return -1; 6931 } 6932 bss->added_if_into_bridge = 1; 6933 6934 return 0; 6935 } 6936 6937 6938 static void *i802_init(struct hostapd_data *hapd, 6939 struct wpa_init_params *params) 6940 { 6941 struct wpa_driver_nl80211_data *drv; 6942 struct i802_bss *bss; 6943 size_t i; 6944 char master_ifname[IFNAMSIZ]; 6945 int ifindex, br_ifindex = 0; 6946 int br_added = 0; 6947 6948 bss = wpa_driver_nl80211_drv_init(hapd, params->ifname, 6949 params->global_priv, 1, 6950 params->bssid, params->driver_params); 6951 if (bss == NULL) 6952 return NULL; 6953 6954 drv = bss->drv; 6955 6956 if (linux_br_get(master_ifname, params->ifname) == 0) { 6957 wpa_printf(MSG_DEBUG, "nl80211: Interface %s is in bridge %s", 6958 params->ifname, master_ifname); 6959 br_ifindex = if_nametoindex(master_ifname); 6960 os_strlcpy(bss->brname, master_ifname, IFNAMSIZ); 6961 } else if ((params->num_bridge == 0 || !params->bridge[0]) && 6962 linux_master_get(master_ifname, params->ifname) == 0) { 6963 wpa_printf(MSG_DEBUG, "nl80211: Interface %s is in master %s", 6964 params->ifname, master_ifname); 6965 /* start listening for EAPOL on the master interface */ 6966 add_ifidx(drv, if_nametoindex(master_ifname), drv->ifindex); 6967 6968 /* check if master itself is under bridge */ 6969 if (linux_br_get(master_ifname, master_ifname) == 0) { 6970 wpa_printf(MSG_DEBUG, "nl80211: which is in bridge %s", 6971 master_ifname); 6972 br_ifindex = if_nametoindex(master_ifname); 6973 os_strlcpy(bss->brname, master_ifname, IFNAMSIZ); 6974 } 6975 } else { 6976 master_ifname[0] = '\0'; 6977 } 6978 6979 bss->br_ifindex = br_ifindex; 6980 6981 for (i = 0; i < params->num_bridge; i++) { 6982 if (params->bridge[i]) { 6983 ifindex = if_nametoindex(params->bridge[i]); 6984 if (ifindex) 6985 add_ifidx(drv, ifindex, drv->ifindex); 6986 if (ifindex == br_ifindex) 6987 br_added = 1; 6988 } 6989 } 6990 6991 /* start listening for EAPOL on the default AP interface */ 6992 add_ifidx(drv, drv->ifindex, IFIDX_ANY); 6993 6994 if (params->num_bridge && params->bridge[0]) { 6995 if (i802_check_bridge(drv, bss, params->bridge[0], 6996 params->ifname) < 0) 6997 goto failed; 6998 if (os_strcmp(params->bridge[0], master_ifname) != 0) 6999 br_added = 1; 7000 } 7001 7002 if (!br_added && br_ifindex && 7003 (params->num_bridge == 0 || !params->bridge[0])) 7004 add_ifidx(drv, br_ifindex, drv->ifindex); 7005 7006 #ifdef CONFIG_LIBNL3_ROUTE 7007 if (bss->added_if_into_bridge || bss->already_in_bridge) { 7008 drv->rtnl_sk = nl_socket_alloc(); 7009 if (drv->rtnl_sk == NULL) { 7010 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate nl_sock"); 7011 goto failed; 7012 } 7013 7014 if (nl_connect(drv->rtnl_sk, NETLINK_ROUTE)) { 7015 wpa_printf(MSG_ERROR, "nl80211: Failed to connect nl_sock to NETLINK_ROUTE: %s", 7016 strerror(errno)); 7017 goto failed; 7018 } 7019 } 7020 #endif /* CONFIG_LIBNL3_ROUTE */ 7021 7022 drv->eapol_sock = socket(PF_PACKET, SOCK_DGRAM, htons(ETH_P_PAE)); 7023 if (drv->eapol_sock < 0) { 7024 wpa_printf(MSG_ERROR, "nl80211: socket(PF_PACKET, SOCK_DGRAM, ETH_P_PAE) failed: %s", 7025 strerror(errno)); 7026 goto failed; 7027 } 7028 7029 if (eloop_register_read_sock(drv->eapol_sock, handle_eapol, drv, NULL)) 7030 { 7031 wpa_printf(MSG_INFO, "nl80211: Could not register read socket for eapol"); 7032 goto failed; 7033 } 7034 7035 if (linux_get_ifhwaddr(drv->global->ioctl_sock, bss->ifname, 7036 params->own_addr)) 7037 goto failed; 7038 os_memcpy(drv->perm_addr, params->own_addr, ETH_ALEN); 7039 7040 memcpy(bss->addr, params->own_addr, ETH_ALEN); 7041 7042 return bss; 7043 7044 failed: 7045 wpa_driver_nl80211_deinit(bss); 7046 return NULL; 7047 } 7048 7049 7050 static void i802_deinit(void *priv) 7051 { 7052 struct i802_bss *bss = priv; 7053 wpa_driver_nl80211_deinit(bss); 7054 } 7055 7056 7057 static enum nl80211_iftype wpa_driver_nl80211_if_type( 7058 enum wpa_driver_if_type type) 7059 { 7060 switch (type) { 7061 case WPA_IF_STATION: 7062 return NL80211_IFTYPE_STATION; 7063 case WPA_IF_P2P_CLIENT: 7064 case WPA_IF_P2P_GROUP: 7065 return NL80211_IFTYPE_P2P_CLIENT; 7066 case WPA_IF_AP_VLAN: 7067 return NL80211_IFTYPE_AP_VLAN; 7068 case WPA_IF_AP_BSS: 7069 return NL80211_IFTYPE_AP; 7070 case WPA_IF_P2P_GO: 7071 return NL80211_IFTYPE_P2P_GO; 7072 case WPA_IF_P2P_DEVICE: 7073 return NL80211_IFTYPE_P2P_DEVICE; 7074 case WPA_IF_MESH: 7075 return NL80211_IFTYPE_MESH_POINT; 7076 default: 7077 return -1; 7078 } 7079 } 7080 7081 7082 static int nl80211_addr_in_use(struct nl80211_global *global, const u8 *addr) 7083 { 7084 struct wpa_driver_nl80211_data *drv; 7085 dl_list_for_each(drv, &global->interfaces, 7086 struct wpa_driver_nl80211_data, list) { 7087 if (os_memcmp(addr, drv->first_bss->addr, ETH_ALEN) == 0) 7088 return 1; 7089 } 7090 return 0; 7091 } 7092 7093 7094 static int nl80211_vif_addr(struct wpa_driver_nl80211_data *drv, u8 *new_addr) 7095 { 7096 unsigned int idx; 7097 7098 if (!drv->global) 7099 return -1; 7100 7101 os_memcpy(new_addr, drv->first_bss->addr, ETH_ALEN); 7102 for (idx = 0; idx < 64; idx++) { 7103 new_addr[0] = drv->first_bss->addr[0] | 0x02; 7104 new_addr[0] ^= idx << 2; 7105 if (!nl80211_addr_in_use(drv->global, new_addr)) 7106 break; 7107 } 7108 if (idx == 64) 7109 return -1; 7110 7111 wpa_printf(MSG_DEBUG, "nl80211: Assigned new virtual interface address " 7112 MACSTR, MAC2STR(new_addr)); 7113 7114 return 0; 7115 } 7116 7117 7118 struct wdev_info { 7119 u64 wdev_id; 7120 int wdev_id_set; 7121 u8 macaddr[ETH_ALEN]; 7122 }; 7123 7124 static int nl80211_wdev_handler(struct nl_msg *msg, void *arg) 7125 { 7126 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); 7127 struct nlattr *tb[NL80211_ATTR_MAX + 1]; 7128 struct wdev_info *wi = arg; 7129 7130 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), 7131 genlmsg_attrlen(gnlh, 0), NULL); 7132 if (tb[NL80211_ATTR_WDEV]) { 7133 wi->wdev_id = nla_get_u64(tb[NL80211_ATTR_WDEV]); 7134 wi->wdev_id_set = 1; 7135 } 7136 7137 if (tb[NL80211_ATTR_MAC]) 7138 os_memcpy(wi->macaddr, nla_data(tb[NL80211_ATTR_MAC]), 7139 ETH_ALEN); 7140 7141 return NL_SKIP; 7142 } 7143 7144 7145 static int wpa_driver_nl80211_if_add(void *priv, enum wpa_driver_if_type type, 7146 const char *ifname, const u8 *addr, 7147 void *bss_ctx, void **drv_priv, 7148 char *force_ifname, u8 *if_addr, 7149 const char *bridge, int use_existing, 7150 int setup_ap) 7151 { 7152 enum nl80211_iftype nlmode; 7153 struct i802_bss *bss = priv; 7154 struct wpa_driver_nl80211_data *drv = bss->drv; 7155 int ifidx; 7156 int added = 1; 7157 7158 if (addr) 7159 os_memcpy(if_addr, addr, ETH_ALEN); 7160 nlmode = wpa_driver_nl80211_if_type(type); 7161 if (nlmode == NL80211_IFTYPE_P2P_DEVICE) { 7162 struct wdev_info p2pdev_info; 7163 7164 os_memset(&p2pdev_info, 0, sizeof(p2pdev_info)); 7165 ifidx = nl80211_create_iface(drv, ifname, nlmode, addr, 7166 0, nl80211_wdev_handler, 7167 &p2pdev_info, use_existing); 7168 if (!p2pdev_info.wdev_id_set || ifidx != 0) { 7169 wpa_printf(MSG_ERROR, "nl80211: Failed to create a P2P Device interface %s", 7170 ifname); 7171 return -1; 7172 } 7173 7174 drv->global->if_add_wdevid = p2pdev_info.wdev_id; 7175 drv->global->if_add_wdevid_set = p2pdev_info.wdev_id_set; 7176 if (!is_zero_ether_addr(p2pdev_info.macaddr)) 7177 os_memcpy(if_addr, p2pdev_info.macaddr, ETH_ALEN); 7178 wpa_printf(MSG_DEBUG, "nl80211: New P2P Device interface %s (0x%llx) created", 7179 ifname, 7180 (long long unsigned int) p2pdev_info.wdev_id); 7181 } else { 7182 ifidx = nl80211_create_iface(drv, ifname, nlmode, addr, 7183 0, NULL, NULL, use_existing); 7184 if (use_existing && ifidx == -ENFILE) { 7185 added = 0; 7186 ifidx = if_nametoindex(ifname); 7187 } else if (ifidx < 0) { 7188 return -1; 7189 } 7190 } 7191 7192 if (!addr) { 7193 if (nlmode == NL80211_IFTYPE_P2P_DEVICE) 7194 os_memcpy(if_addr, bss->addr, ETH_ALEN); 7195 else if (linux_get_ifhwaddr(drv->global->ioctl_sock, 7196 ifname, if_addr) < 0) { 7197 if (added) 7198 nl80211_remove_iface(drv, ifidx); 7199 return -1; 7200 } 7201 } 7202 7203 if (!addr && 7204 (type == WPA_IF_P2P_CLIENT || type == WPA_IF_P2P_GROUP || 7205 type == WPA_IF_P2P_GO || type == WPA_IF_MESH || 7206 type == WPA_IF_STATION)) { 7207 /* Enforce unique address */ 7208 u8 new_addr[ETH_ALEN]; 7209 7210 if (linux_get_ifhwaddr(drv->global->ioctl_sock, ifname, 7211 new_addr) < 0) { 7212 if (added) 7213 nl80211_remove_iface(drv, ifidx); 7214 return -1; 7215 } 7216 if (nl80211_addr_in_use(drv->global, new_addr)) { 7217 wpa_printf(MSG_DEBUG, "nl80211: Allocate new address " 7218 "for interface %s type %d", ifname, type); 7219 if (nl80211_vif_addr(drv, new_addr) < 0) { 7220 if (added) 7221 nl80211_remove_iface(drv, ifidx); 7222 return -1; 7223 } 7224 if (linux_set_ifhwaddr(drv->global->ioctl_sock, ifname, 7225 new_addr) < 0) { 7226 if (added) 7227 nl80211_remove_iface(drv, ifidx); 7228 return -1; 7229 } 7230 } 7231 os_memcpy(if_addr, new_addr, ETH_ALEN); 7232 } 7233 7234 if (type == WPA_IF_AP_BSS && setup_ap) { 7235 struct i802_bss *new_bss = os_zalloc(sizeof(*new_bss)); 7236 if (new_bss == NULL) { 7237 if (added) 7238 nl80211_remove_iface(drv, ifidx); 7239 return -1; 7240 } 7241 7242 if (bridge && 7243 i802_check_bridge(drv, new_bss, bridge, ifname) < 0) { 7244 wpa_printf(MSG_ERROR, "nl80211: Failed to add the new " 7245 "interface %s to a bridge %s", 7246 ifname, bridge); 7247 if (added) 7248 nl80211_remove_iface(drv, ifidx); 7249 os_free(new_bss); 7250 return -1; 7251 } 7252 7253 if (linux_set_iface_flags(drv->global->ioctl_sock, ifname, 1)) 7254 { 7255 if (added) 7256 nl80211_remove_iface(drv, ifidx); 7257 os_free(new_bss); 7258 return -1; 7259 } 7260 os_strlcpy(new_bss->ifname, ifname, IFNAMSIZ); 7261 os_memcpy(new_bss->addr, if_addr, ETH_ALEN); 7262 new_bss->ifindex = ifidx; 7263 new_bss->drv = drv; 7264 new_bss->next = drv->first_bss->next; 7265 new_bss->freq = drv->first_bss->freq; 7266 new_bss->ctx = bss_ctx; 7267 new_bss->added_if = added; 7268 drv->first_bss->next = new_bss; 7269 if (drv_priv) 7270 *drv_priv = new_bss; 7271 nl80211_init_bss(new_bss); 7272 7273 /* Subscribe management frames for this WPA_IF_AP_BSS */ 7274 if (nl80211_setup_ap(new_bss)) 7275 return -1; 7276 } 7277 7278 if (drv->global) 7279 drv->global->if_add_ifindex = ifidx; 7280 7281 /* 7282 * Some virtual interfaces need to process EAPOL packets and events on 7283 * the parent interface. This is used mainly with hostapd. 7284 */ 7285 if (ifidx > 0 && 7286 (drv->hostapd || 7287 nlmode == NL80211_IFTYPE_AP_VLAN || 7288 nlmode == NL80211_IFTYPE_WDS || 7289 nlmode == NL80211_IFTYPE_MONITOR)) 7290 add_ifidx(drv, ifidx, IFIDX_ANY); 7291 7292 return 0; 7293 } 7294 7295 7296 static int wpa_driver_nl80211_if_remove(struct i802_bss *bss, 7297 enum wpa_driver_if_type type, 7298 const char *ifname) 7299 { 7300 struct wpa_driver_nl80211_data *drv = bss->drv; 7301 int ifindex = if_nametoindex(ifname); 7302 7303 wpa_printf(MSG_DEBUG, "nl80211: %s(type=%d ifname=%s) ifindex=%d added_if=%d", 7304 __func__, type, ifname, ifindex, bss->added_if); 7305 if (ifindex > 0 && (bss->added_if || bss->ifindex != ifindex)) 7306 nl80211_remove_iface(drv, ifindex); 7307 else if (ifindex > 0 && !bss->added_if) { 7308 struct wpa_driver_nl80211_data *drv2; 7309 dl_list_for_each(drv2, &drv->global->interfaces, 7310 struct wpa_driver_nl80211_data, list) { 7311 del_ifidx(drv2, ifindex, IFIDX_ANY); 7312 del_ifidx(drv2, IFIDX_ANY, ifindex); 7313 } 7314 } 7315 7316 if (type != WPA_IF_AP_BSS) 7317 return 0; 7318 7319 if (bss->added_if_into_bridge) { 7320 if (linux_br_del_if(drv->global->ioctl_sock, bss->brname, 7321 bss->ifname) < 0) 7322 wpa_printf(MSG_INFO, "nl80211: Failed to remove " 7323 "interface %s from bridge %s: %s", 7324 bss->ifname, bss->brname, strerror(errno)); 7325 } 7326 if (bss->added_bridge) { 7327 if (linux_br_del(drv->global->ioctl_sock, bss->brname) < 0) 7328 wpa_printf(MSG_INFO, "nl80211: Failed to remove " 7329 "bridge %s: %s", 7330 bss->brname, strerror(errno)); 7331 } 7332 7333 if (bss != drv->first_bss) { 7334 struct i802_bss *tbss; 7335 7336 wpa_printf(MSG_DEBUG, "nl80211: Not the first BSS - remove it"); 7337 for (tbss = drv->first_bss; tbss; tbss = tbss->next) { 7338 if (tbss->next == bss) { 7339 tbss->next = bss->next; 7340 /* Unsubscribe management frames */ 7341 nl80211_teardown_ap(bss); 7342 nl80211_destroy_bss(bss); 7343 if (!bss->added_if) 7344 i802_set_iface_flags(bss, 0); 7345 os_free(bss); 7346 bss = NULL; 7347 break; 7348 } 7349 } 7350 if (bss) 7351 wpa_printf(MSG_INFO, "nl80211: %s - could not find " 7352 "BSS %p in the list", __func__, bss); 7353 } else { 7354 wpa_printf(MSG_DEBUG, "nl80211: First BSS - reassign context"); 7355 nl80211_teardown_ap(bss); 7356 if (!bss->added_if && !drv->first_bss->next) 7357 wpa_driver_nl80211_del_beacon(bss); 7358 nl80211_destroy_bss(bss); 7359 if (!bss->added_if) 7360 i802_set_iface_flags(bss, 0); 7361 if (drv->first_bss->next) { 7362 drv->first_bss = drv->first_bss->next; 7363 drv->ctx = drv->first_bss->ctx; 7364 os_free(bss); 7365 } else { 7366 wpa_printf(MSG_DEBUG, "nl80211: No second BSS to reassign context to"); 7367 } 7368 } 7369 7370 return 0; 7371 } 7372 7373 7374 static int cookie_handler(struct nl_msg *msg, void *arg) 7375 { 7376 struct nlattr *tb[NL80211_ATTR_MAX + 1]; 7377 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); 7378 u64 *cookie = arg; 7379 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), 7380 genlmsg_attrlen(gnlh, 0), NULL); 7381 if (tb[NL80211_ATTR_COOKIE]) 7382 *cookie = nla_get_u64(tb[NL80211_ATTR_COOKIE]); 7383 return NL_SKIP; 7384 } 7385 7386 7387 static int nl80211_send_frame_cmd(struct i802_bss *bss, 7388 unsigned int freq, unsigned int wait, 7389 const u8 *buf, size_t buf_len, 7390 u64 *cookie_out, int no_cck, int no_ack, 7391 int offchanok, const u16 *csa_offs, 7392 size_t csa_offs_len) 7393 { 7394 struct wpa_driver_nl80211_data *drv = bss->drv; 7395 struct nl_msg *msg; 7396 u64 cookie; 7397 int ret = -1; 7398 7399 wpa_printf(MSG_MSGDUMP, "nl80211: CMD_FRAME freq=%u wait=%u no_cck=%d " 7400 "no_ack=%d offchanok=%d", 7401 freq, wait, no_cck, no_ack, offchanok); 7402 wpa_hexdump(MSG_MSGDUMP, "CMD_FRAME", buf, buf_len); 7403 7404 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_FRAME)) || 7405 (freq && nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, freq)) || 7406 (wait && nla_put_u32(msg, NL80211_ATTR_DURATION, wait)) || 7407 (offchanok && ((drv->capa.flags & WPA_DRIVER_FLAGS_OFFCHANNEL_TX) || 7408 drv->test_use_roc_tx) && 7409 nla_put_flag(msg, NL80211_ATTR_OFFCHANNEL_TX_OK)) || 7410 (no_cck && nla_put_flag(msg, NL80211_ATTR_TX_NO_CCK_RATE)) || 7411 (no_ack && nla_put_flag(msg, NL80211_ATTR_DONT_WAIT_FOR_ACK)) || 7412 (csa_offs && nla_put(msg, NL80211_ATTR_CSA_C_OFFSETS_TX, 7413 csa_offs_len * sizeof(u16), csa_offs)) || 7414 nla_put(msg, NL80211_ATTR_FRAME, buf_len, buf)) 7415 goto fail; 7416 7417 cookie = 0; 7418 ret = send_and_recv_msgs(drv, msg, cookie_handler, &cookie); 7419 msg = NULL; 7420 if (ret) { 7421 wpa_printf(MSG_DEBUG, "nl80211: Frame command failed: ret=%d " 7422 "(%s) (freq=%u wait=%u)", ret, strerror(-ret), 7423 freq, wait); 7424 } else { 7425 wpa_printf(MSG_MSGDUMP, "nl80211: Frame TX command accepted%s; " 7426 "cookie 0x%llx", no_ack ? " (no ACK)" : "", 7427 (long long unsigned int) cookie); 7428 7429 if (cookie_out) 7430 *cookie_out = no_ack ? (u64) -1 : cookie; 7431 7432 if (drv->num_send_action_cookies == MAX_SEND_ACTION_COOKIES) { 7433 wpa_printf(MSG_DEBUG, 7434 "nl80211: Drop oldest pending send action cookie 0x%llx", 7435 (long long unsigned int) 7436 drv->send_action_cookies[0]); 7437 os_memmove(&drv->send_action_cookies[0], 7438 &drv->send_action_cookies[1], 7439 (MAX_SEND_ACTION_COOKIES - 1) * 7440 sizeof(u64)); 7441 drv->num_send_action_cookies--; 7442 } 7443 drv->send_action_cookies[drv->num_send_action_cookies] = cookie; 7444 drv->num_send_action_cookies++; 7445 } 7446 7447 fail: 7448 nlmsg_free(msg); 7449 return ret; 7450 } 7451 7452 7453 static int wpa_driver_nl80211_send_action(struct i802_bss *bss, 7454 unsigned int freq, 7455 unsigned int wait_time, 7456 const u8 *dst, const u8 *src, 7457 const u8 *bssid, 7458 const u8 *data, size_t data_len, 7459 int no_cck) 7460 { 7461 struct wpa_driver_nl80211_data *drv = bss->drv; 7462 int ret = -1; 7463 u8 *buf; 7464 struct ieee80211_hdr *hdr; 7465 7466 wpa_printf(MSG_DEBUG, "nl80211: Send Action frame (ifindex=%d, " 7467 "freq=%u MHz wait=%d ms no_cck=%d)", 7468 drv->ifindex, freq, wait_time, no_cck); 7469 7470 buf = os_zalloc(24 + data_len); 7471 if (buf == NULL) 7472 return ret; 7473 os_memcpy(buf + 24, data, data_len); 7474 hdr = (struct ieee80211_hdr *) buf; 7475 hdr->frame_control = 7476 IEEE80211_FC(WLAN_FC_TYPE_MGMT, WLAN_FC_STYPE_ACTION); 7477 os_memcpy(hdr->addr1, dst, ETH_ALEN); 7478 os_memcpy(hdr->addr2, src, ETH_ALEN); 7479 os_memcpy(hdr->addr3, bssid, ETH_ALEN); 7480 7481 if (os_memcmp(bss->addr, src, ETH_ALEN) != 0) { 7482 wpa_printf(MSG_DEBUG, "nl80211: Use random TA " MACSTR, 7483 MAC2STR(src)); 7484 os_memcpy(bss->rand_addr, src, ETH_ALEN); 7485 } else { 7486 os_memset(bss->rand_addr, 0, ETH_ALEN); 7487 } 7488 7489 if (is_ap_interface(drv->nlmode) && 7490 (!(drv->capa.flags & WPA_DRIVER_FLAGS_OFFCHANNEL_TX) || 7491 (int) freq == bss->freq || drv->device_ap_sme || 7492 !drv->use_monitor)) 7493 ret = wpa_driver_nl80211_send_mlme(bss, buf, 24 + data_len, 7494 0, freq, no_cck, 1, 7495 wait_time, NULL, 0); 7496 else 7497 ret = nl80211_send_frame_cmd(bss, freq, wait_time, buf, 7498 24 + data_len, 7499 &drv->send_action_cookie, 7500 no_cck, 0, 1, NULL, 0); 7501 7502 os_free(buf); 7503 return ret; 7504 } 7505 7506 7507 static void nl80211_frame_wait_cancel(struct i802_bss *bss, u64 cookie) 7508 { 7509 struct wpa_driver_nl80211_data *drv = bss->drv; 7510 struct nl_msg *msg; 7511 int ret; 7512 7513 wpa_printf(MSG_DEBUG, "nl80211: Cancel TX frame wait: cookie=0x%llx", 7514 (long long unsigned int) cookie); 7515 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_FRAME_WAIT_CANCEL)) || 7516 nla_put_u64(msg, NL80211_ATTR_COOKIE, cookie)) { 7517 nlmsg_free(msg); 7518 return; 7519 } 7520 7521 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 7522 if (ret) 7523 wpa_printf(MSG_DEBUG, "nl80211: wait cancel failed: ret=%d " 7524 "(%s)", ret, strerror(-ret)); 7525 } 7526 7527 7528 static void wpa_driver_nl80211_send_action_cancel_wait(void *priv) 7529 { 7530 struct i802_bss *bss = priv; 7531 struct wpa_driver_nl80211_data *drv = bss->drv; 7532 unsigned int i; 7533 u64 cookie; 7534 7535 /* Cancel the last pending TX cookie */ 7536 nl80211_frame_wait_cancel(bss, drv->send_action_cookie); 7537 7538 /* 7539 * Cancel the other pending TX cookies, if any. This is needed since 7540 * the driver may keep a list of all pending offchannel TX operations 7541 * and free up the radio only once they have expired or cancelled. 7542 */ 7543 for (i = drv->num_send_action_cookies; i > 0; i--) { 7544 cookie = drv->send_action_cookies[i - 1]; 7545 if (cookie != drv->send_action_cookie) 7546 nl80211_frame_wait_cancel(bss, cookie); 7547 } 7548 drv->num_send_action_cookies = 0; 7549 } 7550 7551 7552 static int wpa_driver_nl80211_remain_on_channel(void *priv, unsigned int freq, 7553 unsigned int duration) 7554 { 7555 struct i802_bss *bss = priv; 7556 struct wpa_driver_nl80211_data *drv = bss->drv; 7557 struct nl_msg *msg; 7558 int ret; 7559 u64 cookie; 7560 7561 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_REMAIN_ON_CHANNEL)) || 7562 nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, freq) || 7563 nla_put_u32(msg, NL80211_ATTR_DURATION, duration)) { 7564 nlmsg_free(msg); 7565 return -1; 7566 } 7567 7568 cookie = 0; 7569 ret = send_and_recv_msgs(drv, msg, cookie_handler, &cookie); 7570 if (ret == 0) { 7571 wpa_printf(MSG_DEBUG, "nl80211: Remain-on-channel cookie " 7572 "0x%llx for freq=%u MHz duration=%u", 7573 (long long unsigned int) cookie, freq, duration); 7574 drv->remain_on_chan_cookie = cookie; 7575 drv->pending_remain_on_chan = 1; 7576 return 0; 7577 } 7578 wpa_printf(MSG_DEBUG, "nl80211: Failed to request remain-on-channel " 7579 "(freq=%d duration=%u): %d (%s)", 7580 freq, duration, ret, strerror(-ret)); 7581 return -1; 7582 } 7583 7584 7585 static int wpa_driver_nl80211_cancel_remain_on_channel(void *priv) 7586 { 7587 struct i802_bss *bss = priv; 7588 struct wpa_driver_nl80211_data *drv = bss->drv; 7589 struct nl_msg *msg; 7590 int ret; 7591 7592 if (!drv->pending_remain_on_chan) { 7593 wpa_printf(MSG_DEBUG, "nl80211: No pending remain-on-channel " 7594 "to cancel"); 7595 return -1; 7596 } 7597 7598 wpa_printf(MSG_DEBUG, "nl80211: Cancel remain-on-channel with cookie " 7599 "0x%llx", 7600 (long long unsigned int) drv->remain_on_chan_cookie); 7601 7602 msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL); 7603 if (!msg || 7604 nla_put_u64(msg, NL80211_ATTR_COOKIE, drv->remain_on_chan_cookie)) { 7605 nlmsg_free(msg); 7606 return -1; 7607 } 7608 7609 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 7610 if (ret == 0) 7611 return 0; 7612 wpa_printf(MSG_DEBUG, "nl80211: Failed to cancel remain-on-channel: " 7613 "%d (%s)", ret, strerror(-ret)); 7614 return -1; 7615 } 7616 7617 7618 static int wpa_driver_nl80211_probe_req_report(struct i802_bss *bss, int report) 7619 { 7620 struct wpa_driver_nl80211_data *drv = bss->drv; 7621 7622 if (!report) { 7623 if (bss->nl_preq && drv->device_ap_sme && 7624 is_ap_interface(drv->nlmode) && !bss->in_deinit && 7625 !bss->static_ap) { 7626 /* 7627 * Do not disable Probe Request reporting that was 7628 * enabled in nl80211_setup_ap(). 7629 */ 7630 wpa_printf(MSG_DEBUG, "nl80211: Skip disabling of " 7631 "Probe Request reporting nl_preq=%p while " 7632 "in AP mode", bss->nl_preq); 7633 } else if (bss->nl_preq) { 7634 wpa_printf(MSG_DEBUG, "nl80211: Disable Probe Request " 7635 "reporting nl_preq=%p", bss->nl_preq); 7636 nl80211_destroy_eloop_handle(&bss->nl_preq, 0); 7637 } 7638 return 0; 7639 } 7640 7641 if (bss->nl_preq) { 7642 wpa_printf(MSG_DEBUG, "nl80211: Probe Request reporting " 7643 "already on! nl_preq=%p", bss->nl_preq); 7644 return 0; 7645 } 7646 7647 bss->nl_preq = nl_create_handle(drv->global->nl_cb, "preq"); 7648 if (bss->nl_preq == NULL) 7649 return -1; 7650 wpa_printf(MSG_DEBUG, "nl80211: Enable Probe Request " 7651 "reporting nl_preq=%p", bss->nl_preq); 7652 7653 if (nl80211_register_frame(bss, bss->nl_preq, 7654 (WLAN_FC_TYPE_MGMT << 2) | 7655 (WLAN_FC_STYPE_PROBE_REQ << 4), 7656 NULL, 0) < 0) 7657 goto out_err; 7658 7659 nl80211_register_eloop_read(&bss->nl_preq, 7660 wpa_driver_nl80211_event_receive, 7661 bss->nl_cb, 0); 7662 7663 return 0; 7664 7665 out_err: 7666 nl_destroy_handles(&bss->nl_preq); 7667 return -1; 7668 } 7669 7670 7671 static int nl80211_disable_11b_rates(struct wpa_driver_nl80211_data *drv, 7672 int ifindex, int disabled) 7673 { 7674 struct nl_msg *msg; 7675 struct nlattr *bands, *band; 7676 int ret; 7677 7678 wpa_printf(MSG_DEBUG, 7679 "nl80211: NL80211_CMD_SET_TX_BITRATE_MASK (ifindex=%d %s)", 7680 ifindex, disabled ? "NL80211_TXRATE_LEGACY=OFDM-only" : 7681 "no NL80211_TXRATE_LEGACY constraint"); 7682 7683 msg = nl80211_ifindex_msg(drv, ifindex, 0, 7684 NL80211_CMD_SET_TX_BITRATE_MASK); 7685 if (!msg) 7686 return -1; 7687 7688 bands = nla_nest_start(msg, NL80211_ATTR_TX_RATES); 7689 if (!bands) 7690 goto fail; 7691 7692 /* 7693 * Disable 2 GHz rates 1, 2, 5.5, 11 Mbps by masking out everything 7694 * else apart from 6, 9, 12, 18, 24, 36, 48, 54 Mbps from non-MCS 7695 * rates. All 5 GHz rates are left enabled. 7696 */ 7697 band = nla_nest_start(msg, NL80211_BAND_2GHZ); 7698 if (!band || 7699 (disabled && nla_put(msg, NL80211_TXRATE_LEGACY, 8, 7700 "\x0c\x12\x18\x24\x30\x48\x60\x6c"))) 7701 goto fail; 7702 nla_nest_end(msg, band); 7703 7704 nla_nest_end(msg, bands); 7705 7706 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 7707 if (ret) { 7708 wpa_printf(MSG_DEBUG, "nl80211: Set TX rates failed: ret=%d " 7709 "(%s)", ret, strerror(-ret)); 7710 } else 7711 drv->disabled_11b_rates = disabled; 7712 7713 return ret; 7714 7715 fail: 7716 nlmsg_free(msg); 7717 return -1; 7718 } 7719 7720 7721 static int wpa_driver_nl80211_deinit_ap(void *priv) 7722 { 7723 struct i802_bss *bss = priv; 7724 struct wpa_driver_nl80211_data *drv = bss->drv; 7725 if (!is_ap_interface(drv->nlmode)) 7726 return -1; 7727 wpa_driver_nl80211_del_beacon(bss); 7728 bss->beacon_set = 0; 7729 7730 /* 7731 * If the P2P GO interface was dynamically added, then it is 7732 * possible that the interface change to station is not possible. 7733 */ 7734 if (drv->nlmode == NL80211_IFTYPE_P2P_GO && bss->if_dynamic) 7735 return 0; 7736 7737 return wpa_driver_nl80211_set_mode(priv, NL80211_IFTYPE_STATION); 7738 } 7739 7740 7741 static int wpa_driver_nl80211_stop_ap(void *priv) 7742 { 7743 struct i802_bss *bss = priv; 7744 struct wpa_driver_nl80211_data *drv = bss->drv; 7745 if (!is_ap_interface(drv->nlmode)) 7746 return -1; 7747 wpa_driver_nl80211_del_beacon(bss); 7748 bss->beacon_set = 0; 7749 return 0; 7750 } 7751 7752 7753 static int wpa_driver_nl80211_deinit_p2p_cli(void *priv) 7754 { 7755 struct i802_bss *bss = priv; 7756 struct wpa_driver_nl80211_data *drv = bss->drv; 7757 if (drv->nlmode != NL80211_IFTYPE_P2P_CLIENT) 7758 return -1; 7759 7760 /* 7761 * If the P2P Client interface was dynamically added, then it is 7762 * possible that the interface change to station is not possible. 7763 */ 7764 if (bss->if_dynamic) 7765 return 0; 7766 7767 return wpa_driver_nl80211_set_mode(priv, NL80211_IFTYPE_STATION); 7768 } 7769 7770 7771 static void wpa_driver_nl80211_resume(void *priv) 7772 { 7773 struct i802_bss *bss = priv; 7774 enum nl80211_iftype nlmode = nl80211_get_ifmode(bss); 7775 7776 if (i802_set_iface_flags(bss, 1)) 7777 wpa_printf(MSG_DEBUG, "nl80211: Failed to set interface up on resume event"); 7778 7779 if (is_p2p_net_interface(nlmode)) 7780 nl80211_disable_11b_rates(bss->drv, bss->drv->ifindex, 1); 7781 } 7782 7783 7784 static int nl80211_signal_monitor(void *priv, int threshold, int hysteresis) 7785 { 7786 struct i802_bss *bss = priv; 7787 struct wpa_driver_nl80211_data *drv = bss->drv; 7788 struct nl_msg *msg; 7789 struct nlattr *cqm; 7790 7791 wpa_printf(MSG_DEBUG, "nl80211: Signal monitor threshold=%d " 7792 "hysteresis=%d", threshold, hysteresis); 7793 7794 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_CQM)) || 7795 !(cqm = nla_nest_start(msg, NL80211_ATTR_CQM)) || 7796 nla_put_u32(msg, NL80211_ATTR_CQM_RSSI_THOLD, threshold) || 7797 nla_put_u32(msg, NL80211_ATTR_CQM_RSSI_HYST, hysteresis)) { 7798 nlmsg_free(msg); 7799 return -1; 7800 } 7801 nla_nest_end(msg, cqm); 7802 7803 return send_and_recv_msgs(drv, msg, NULL, NULL); 7804 } 7805 7806 7807 static int get_channel_width(struct nl_msg *msg, void *arg) 7808 { 7809 struct nlattr *tb[NL80211_ATTR_MAX + 1]; 7810 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); 7811 struct wpa_signal_info *sig_change = arg; 7812 7813 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), 7814 genlmsg_attrlen(gnlh, 0), NULL); 7815 7816 sig_change->center_frq1 = -1; 7817 sig_change->center_frq2 = -1; 7818 sig_change->chanwidth = CHAN_WIDTH_UNKNOWN; 7819 7820 if (tb[NL80211_ATTR_CHANNEL_WIDTH]) { 7821 sig_change->chanwidth = convert2width( 7822 nla_get_u32(tb[NL80211_ATTR_CHANNEL_WIDTH])); 7823 if (tb[NL80211_ATTR_CENTER_FREQ1]) 7824 sig_change->center_frq1 = 7825 nla_get_u32(tb[NL80211_ATTR_CENTER_FREQ1]); 7826 if (tb[NL80211_ATTR_CENTER_FREQ2]) 7827 sig_change->center_frq2 = 7828 nla_get_u32(tb[NL80211_ATTR_CENTER_FREQ2]); 7829 } 7830 7831 return NL_SKIP; 7832 } 7833 7834 7835 static int nl80211_get_channel_width(struct wpa_driver_nl80211_data *drv, 7836 struct wpa_signal_info *sig) 7837 { 7838 struct nl_msg *msg; 7839 7840 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_GET_INTERFACE); 7841 return send_and_recv_msgs(drv, msg, get_channel_width, sig); 7842 } 7843 7844 7845 static int nl80211_signal_poll(void *priv, struct wpa_signal_info *si) 7846 { 7847 struct i802_bss *bss = priv; 7848 struct wpa_driver_nl80211_data *drv = bss->drv; 7849 int res; 7850 7851 os_memset(si, 0, sizeof(*si)); 7852 res = nl80211_get_link_signal(drv, si); 7853 if (res) { 7854 if (drv->nlmode != NL80211_IFTYPE_ADHOC && 7855 drv->nlmode != NL80211_IFTYPE_MESH_POINT) 7856 return res; 7857 si->current_signal = 0; 7858 } 7859 7860 res = nl80211_get_channel_width(drv, si); 7861 if (res != 0) 7862 return res; 7863 7864 return nl80211_get_link_noise(drv, si); 7865 } 7866 7867 7868 static int nl80211_send_frame(void *priv, const u8 *data, size_t data_len, 7869 int encrypt) 7870 { 7871 struct i802_bss *bss = priv; 7872 return wpa_driver_nl80211_send_frame(bss, data, data_len, encrypt, 0, 7873 0, 0, 0, 0, NULL, 0); 7874 } 7875 7876 7877 static int nl80211_set_param(void *priv, const char *param) 7878 { 7879 struct i802_bss *bss = priv; 7880 struct wpa_driver_nl80211_data *drv = bss->drv; 7881 7882 if (param == NULL) 7883 return 0; 7884 wpa_printf(MSG_DEBUG, "nl80211: driver param='%s'", param); 7885 7886 #ifdef CONFIG_P2P 7887 if (os_strstr(param, "use_p2p_group_interface=1")) { 7888 wpa_printf(MSG_DEBUG, "nl80211: Use separate P2P group " 7889 "interface"); 7890 drv->capa.flags |= WPA_DRIVER_FLAGS_P2P_CONCURRENT; 7891 drv->capa.flags |= WPA_DRIVER_FLAGS_P2P_MGMT_AND_NON_P2P; 7892 } 7893 #endif /* CONFIG_P2P */ 7894 7895 if (os_strstr(param, "use_monitor=1")) 7896 drv->use_monitor = 1; 7897 7898 if (os_strstr(param, "force_connect_cmd=1")) { 7899 drv->capa.flags &= ~WPA_DRIVER_FLAGS_SME; 7900 drv->force_connect_cmd = 1; 7901 } 7902 7903 if (os_strstr(param, "force_bss_selection=1")) 7904 drv->capa.flags |= WPA_DRIVER_FLAGS_BSS_SELECTION; 7905 7906 if (os_strstr(param, "no_offchannel_tx=1")) { 7907 drv->capa.flags &= ~WPA_DRIVER_FLAGS_OFFCHANNEL_TX; 7908 drv->test_use_roc_tx = 1; 7909 } 7910 7911 return 0; 7912 } 7913 7914 7915 static void * nl80211_global_init(void *ctx) 7916 { 7917 struct nl80211_global *global; 7918 struct netlink_config *cfg; 7919 7920 global = os_zalloc(sizeof(*global)); 7921 if (global == NULL) 7922 return NULL; 7923 global->ctx = ctx; 7924 global->ioctl_sock = -1; 7925 dl_list_init(&global->interfaces); 7926 global->if_add_ifindex = -1; 7927 7928 cfg = os_zalloc(sizeof(*cfg)); 7929 if (cfg == NULL) 7930 goto err; 7931 7932 cfg->ctx = global; 7933 cfg->newlink_cb = wpa_driver_nl80211_event_rtm_newlink; 7934 cfg->dellink_cb = wpa_driver_nl80211_event_rtm_dellink; 7935 global->netlink = netlink_init(cfg); 7936 if (global->netlink == NULL) { 7937 os_free(cfg); 7938 goto err; 7939 } 7940 7941 if (wpa_driver_nl80211_init_nl_global(global) < 0) 7942 goto err; 7943 7944 global->ioctl_sock = socket(PF_INET, SOCK_DGRAM, 0); 7945 if (global->ioctl_sock < 0) { 7946 wpa_printf(MSG_ERROR, "nl80211: socket(PF_INET,SOCK_DGRAM) failed: %s", 7947 strerror(errno)); 7948 goto err; 7949 } 7950 7951 return global; 7952 7953 err: 7954 nl80211_global_deinit(global); 7955 return NULL; 7956 } 7957 7958 7959 static void nl80211_global_deinit(void *priv) 7960 { 7961 struct nl80211_global *global = priv; 7962 if (global == NULL) 7963 return; 7964 if (!dl_list_empty(&global->interfaces)) { 7965 wpa_printf(MSG_ERROR, "nl80211: %u interface(s) remain at " 7966 "nl80211_global_deinit", 7967 dl_list_len(&global->interfaces)); 7968 } 7969 7970 if (global->netlink) 7971 netlink_deinit(global->netlink); 7972 7973 nl_destroy_handles(&global->nl); 7974 7975 if (global->nl_event) 7976 nl80211_destroy_eloop_handle(&global->nl_event, 0); 7977 7978 nl_cb_put(global->nl_cb); 7979 7980 if (global->ioctl_sock >= 0) 7981 close(global->ioctl_sock); 7982 7983 os_free(global); 7984 } 7985 7986 7987 static const char * nl80211_get_radio_name(void *priv) 7988 { 7989 struct i802_bss *bss = priv; 7990 struct wpa_driver_nl80211_data *drv = bss->drv; 7991 return drv->phyname; 7992 } 7993 7994 7995 static int nl80211_pmkid(struct i802_bss *bss, int cmd, 7996 struct wpa_pmkid_params *params) 7997 { 7998 struct nl_msg *msg; 7999 const size_t PMK_MAX_LEN = 48; /* current cfg80211 limit */ 8000 8001 if (!(msg = nl80211_bss_msg(bss, 0, cmd)) || 8002 (params->pmkid && 8003 nla_put(msg, NL80211_ATTR_PMKID, 16, params->pmkid)) || 8004 (params->bssid && 8005 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid)) || 8006 (params->ssid_len && 8007 nla_put(msg, NL80211_ATTR_SSID, params->ssid_len, params->ssid)) || 8008 (params->fils_cache_id && 8009 nla_put(msg, NL80211_ATTR_FILS_CACHE_ID, 2, 8010 params->fils_cache_id)) || 8011 (cmd != NL80211_CMD_DEL_PMKSA && 8012 params->pmk_len && params->pmk_len <= PMK_MAX_LEN && 8013 nla_put(msg, NL80211_ATTR_PMK, params->pmk_len, params->pmk))) { 8014 nl80211_nlmsg_clear(msg); 8015 nlmsg_free(msg); 8016 return -ENOBUFS; 8017 } 8018 8019 return send_and_recv_msgs(bss->drv, msg, NULL, (void *) -1); 8020 } 8021 8022 8023 static int nl80211_add_pmkid(void *priv, struct wpa_pmkid_params *params) 8024 { 8025 struct i802_bss *bss = priv; 8026 int ret; 8027 8028 if (params->bssid) 8029 wpa_printf(MSG_DEBUG, "nl80211: Add PMKID for " MACSTR, 8030 MAC2STR(params->bssid)); 8031 else if (params->fils_cache_id && params->ssid_len) { 8032 wpa_printf(MSG_DEBUG, 8033 "nl80211: Add PMKSA for cache id %02x%02x SSID %s", 8034 params->fils_cache_id[0], params->fils_cache_id[1], 8035 wpa_ssid_txt(params->ssid, params->ssid_len)); 8036 } 8037 8038 ret = nl80211_pmkid(bss, NL80211_CMD_SET_PMKSA, params); 8039 if (ret < 0) { 8040 wpa_printf(MSG_DEBUG, 8041 "nl80211: NL80211_CMD_SET_PMKSA failed: %d (%s)", 8042 ret, strerror(-ret)); 8043 } 8044 8045 return ret; 8046 } 8047 8048 8049 static int nl80211_remove_pmkid(void *priv, struct wpa_pmkid_params *params) 8050 { 8051 struct i802_bss *bss = priv; 8052 int ret; 8053 8054 if (params->bssid) 8055 wpa_printf(MSG_DEBUG, "nl80211: Delete PMKID for " MACSTR, 8056 MAC2STR(params->bssid)); 8057 else if (params->fils_cache_id && params->ssid_len) { 8058 wpa_printf(MSG_DEBUG, 8059 "nl80211: Delete PMKSA for cache id %02x%02x SSID %s", 8060 params->fils_cache_id[0], params->fils_cache_id[1], 8061 wpa_ssid_txt(params->ssid, params->ssid_len)); 8062 } 8063 8064 ret = nl80211_pmkid(bss, NL80211_CMD_DEL_PMKSA, params); 8065 if (ret < 0) { 8066 wpa_printf(MSG_DEBUG, 8067 "nl80211: NL80211_CMD_DEL_PMKSA failed: %d (%s)", 8068 ret, strerror(-ret)); 8069 } 8070 8071 return ret; 8072 } 8073 8074 8075 static int nl80211_flush_pmkid(void *priv) 8076 { 8077 struct i802_bss *bss = priv; 8078 struct nl_msg *msg; 8079 8080 wpa_printf(MSG_DEBUG, "nl80211: Flush PMKIDs"); 8081 msg = nl80211_bss_msg(bss, 0, NL80211_CMD_FLUSH_PMKSA); 8082 if (!msg) 8083 return -ENOBUFS; 8084 return send_and_recv_msgs(bss->drv, msg, NULL, NULL); 8085 } 8086 8087 8088 static void clean_survey_results(struct survey_results *survey_results) 8089 { 8090 struct freq_survey *survey, *tmp; 8091 8092 if (dl_list_empty(&survey_results->survey_list)) 8093 return; 8094 8095 dl_list_for_each_safe(survey, tmp, &survey_results->survey_list, 8096 struct freq_survey, list) { 8097 dl_list_del(&survey->list); 8098 os_free(survey); 8099 } 8100 } 8101 8102 8103 static void add_survey(struct nlattr **sinfo, u32 ifidx, 8104 struct dl_list *survey_list) 8105 { 8106 struct freq_survey *survey; 8107 8108 survey = os_zalloc(sizeof(struct freq_survey)); 8109 if (!survey) 8110 return; 8111 8112 survey->ifidx = ifidx; 8113 survey->freq = nla_get_u32(sinfo[NL80211_SURVEY_INFO_FREQUENCY]); 8114 survey->filled = 0; 8115 8116 if (sinfo[NL80211_SURVEY_INFO_NOISE]) { 8117 survey->nf = (int8_t) 8118 nla_get_u8(sinfo[NL80211_SURVEY_INFO_NOISE]); 8119 survey->filled |= SURVEY_HAS_NF; 8120 } 8121 8122 if (sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME]) { 8123 survey->channel_time = 8124 nla_get_u64(sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME]); 8125 survey->filled |= SURVEY_HAS_CHAN_TIME; 8126 } 8127 8128 if (sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_BUSY]) { 8129 survey->channel_time_busy = 8130 nla_get_u64(sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_BUSY]); 8131 survey->filled |= SURVEY_HAS_CHAN_TIME_BUSY; 8132 } 8133 8134 if (sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_RX]) { 8135 survey->channel_time_rx = 8136 nla_get_u64(sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_RX]); 8137 survey->filled |= SURVEY_HAS_CHAN_TIME_RX; 8138 } 8139 8140 if (sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_TX]) { 8141 survey->channel_time_tx = 8142 nla_get_u64(sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_TX]); 8143 survey->filled |= SURVEY_HAS_CHAN_TIME_TX; 8144 } 8145 8146 wpa_printf(MSG_DEBUG, "nl80211: Freq survey dump event (freq=%d MHz noise=%d channel_time=%ld busy_time=%ld tx_time=%ld rx_time=%ld filled=%04x)", 8147 survey->freq, 8148 survey->nf, 8149 (unsigned long int) survey->channel_time, 8150 (unsigned long int) survey->channel_time_busy, 8151 (unsigned long int) survey->channel_time_tx, 8152 (unsigned long int) survey->channel_time_rx, 8153 survey->filled); 8154 8155 dl_list_add_tail(survey_list, &survey->list); 8156 } 8157 8158 8159 static int check_survey_ok(struct nlattr **sinfo, u32 surveyed_freq, 8160 unsigned int freq_filter) 8161 { 8162 if (!freq_filter) 8163 return 1; 8164 8165 return freq_filter == surveyed_freq; 8166 } 8167 8168 8169 static int survey_handler(struct nl_msg *msg, void *arg) 8170 { 8171 struct nlattr *tb[NL80211_ATTR_MAX + 1]; 8172 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); 8173 struct nlattr *sinfo[NL80211_SURVEY_INFO_MAX + 1]; 8174 struct survey_results *survey_results; 8175 u32 surveyed_freq = 0; 8176 u32 ifidx; 8177 8178 static struct nla_policy survey_policy[NL80211_SURVEY_INFO_MAX + 1] = { 8179 [NL80211_SURVEY_INFO_FREQUENCY] = { .type = NLA_U32 }, 8180 [NL80211_SURVEY_INFO_NOISE] = { .type = NLA_U8 }, 8181 }; 8182 8183 survey_results = (struct survey_results *) arg; 8184 8185 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), 8186 genlmsg_attrlen(gnlh, 0), NULL); 8187 8188 if (!tb[NL80211_ATTR_IFINDEX]) 8189 return NL_SKIP; 8190 8191 ifidx = nla_get_u32(tb[NL80211_ATTR_IFINDEX]); 8192 8193 if (!tb[NL80211_ATTR_SURVEY_INFO]) 8194 return NL_SKIP; 8195 8196 if (nla_parse_nested(sinfo, NL80211_SURVEY_INFO_MAX, 8197 tb[NL80211_ATTR_SURVEY_INFO], 8198 survey_policy)) 8199 return NL_SKIP; 8200 8201 if (!sinfo[NL80211_SURVEY_INFO_FREQUENCY]) { 8202 wpa_printf(MSG_ERROR, "nl80211: Invalid survey data"); 8203 return NL_SKIP; 8204 } 8205 8206 surveyed_freq = nla_get_u32(sinfo[NL80211_SURVEY_INFO_FREQUENCY]); 8207 8208 if (!check_survey_ok(sinfo, surveyed_freq, 8209 survey_results->freq_filter)) 8210 return NL_SKIP; 8211 8212 if (survey_results->freq_filter && 8213 survey_results->freq_filter != surveyed_freq) { 8214 wpa_printf(MSG_EXCESSIVE, "nl80211: Ignoring survey data for freq %d MHz", 8215 surveyed_freq); 8216 return NL_SKIP; 8217 } 8218 8219 add_survey(sinfo, ifidx, &survey_results->survey_list); 8220 8221 return NL_SKIP; 8222 } 8223 8224 8225 static int wpa_driver_nl80211_get_survey(void *priv, unsigned int freq) 8226 { 8227 struct i802_bss *bss = priv; 8228 struct wpa_driver_nl80211_data *drv = bss->drv; 8229 struct nl_msg *msg; 8230 int err; 8231 union wpa_event_data data; 8232 struct survey_results *survey_results; 8233 8234 os_memset(&data, 0, sizeof(data)); 8235 survey_results = &data.survey_results; 8236 8237 dl_list_init(&survey_results->survey_list); 8238 8239 msg = nl80211_drv_msg(drv, NLM_F_DUMP, NL80211_CMD_GET_SURVEY); 8240 if (!msg) 8241 return -ENOBUFS; 8242 8243 if (freq) 8244 data.survey_results.freq_filter = freq; 8245 8246 do { 8247 wpa_printf(MSG_DEBUG, "nl80211: Fetch survey data"); 8248 err = send_and_recv_msgs(drv, msg, survey_handler, 8249 survey_results); 8250 } while (err > 0); 8251 8252 if (err) 8253 wpa_printf(MSG_ERROR, "nl80211: Failed to process survey data"); 8254 else 8255 wpa_supplicant_event(drv->ctx, EVENT_SURVEY, &data); 8256 8257 clean_survey_results(survey_results); 8258 return err; 8259 } 8260 8261 8262 static void nl80211_set_rekey_info(void *priv, const u8 *kek, size_t kek_len, 8263 const u8 *kck, size_t kck_len, 8264 const u8 *replay_ctr) 8265 { 8266 struct i802_bss *bss = priv; 8267 struct wpa_driver_nl80211_data *drv = bss->drv; 8268 struct nlattr *replay_nested; 8269 struct nl_msg *msg; 8270 int ret; 8271 8272 if (!drv->set_rekey_offload) 8273 return; 8274 8275 wpa_printf(MSG_DEBUG, "nl80211: Set rekey offload"); 8276 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_REKEY_OFFLOAD)) || 8277 !(replay_nested = nla_nest_start(msg, NL80211_ATTR_REKEY_DATA)) || 8278 nla_put(msg, NL80211_REKEY_DATA_KEK, kek_len, kek) || 8279 (kck_len && nla_put(msg, NL80211_REKEY_DATA_KCK, kck_len, kck)) || 8280 nla_put(msg, NL80211_REKEY_DATA_REPLAY_CTR, NL80211_REPLAY_CTR_LEN, 8281 replay_ctr)) { 8282 nl80211_nlmsg_clear(msg); 8283 nlmsg_free(msg); 8284 return; 8285 } 8286 8287 nla_nest_end(msg, replay_nested); 8288 8289 ret = send_and_recv_msgs(drv, msg, NULL, (void *) -1); 8290 if (ret == -EOPNOTSUPP) { 8291 wpa_printf(MSG_DEBUG, 8292 "nl80211: Driver does not support rekey offload"); 8293 drv->set_rekey_offload = 0; 8294 } 8295 } 8296 8297 8298 static void nl80211_send_null_frame(struct i802_bss *bss, const u8 *own_addr, 8299 const u8 *addr, int qos) 8300 { 8301 /* send data frame to poll STA and check whether 8302 * this frame is ACKed */ 8303 struct { 8304 struct ieee80211_hdr hdr; 8305 u16 qos_ctl; 8306 } STRUCT_PACKED nulldata; 8307 size_t size; 8308 8309 /* Send data frame to poll STA and check whether this frame is ACKed */ 8310 8311 os_memset(&nulldata, 0, sizeof(nulldata)); 8312 8313 if (qos) { 8314 nulldata.hdr.frame_control = 8315 IEEE80211_FC(WLAN_FC_TYPE_DATA, 8316 WLAN_FC_STYPE_QOS_NULL); 8317 size = sizeof(nulldata); 8318 } else { 8319 nulldata.hdr.frame_control = 8320 IEEE80211_FC(WLAN_FC_TYPE_DATA, 8321 WLAN_FC_STYPE_NULLFUNC); 8322 size = sizeof(struct ieee80211_hdr); 8323 } 8324 8325 nulldata.hdr.frame_control |= host_to_le16(WLAN_FC_FROMDS); 8326 os_memcpy(nulldata.hdr.IEEE80211_DA_FROMDS, addr, ETH_ALEN); 8327 os_memcpy(nulldata.hdr.IEEE80211_BSSID_FROMDS, own_addr, ETH_ALEN); 8328 os_memcpy(nulldata.hdr.IEEE80211_SA_FROMDS, own_addr, ETH_ALEN); 8329 8330 if (wpa_driver_nl80211_send_mlme(bss, (u8 *) &nulldata, size, 0, 0, 0, 8331 0, 0, NULL, 0) < 0) 8332 wpa_printf(MSG_DEBUG, "nl80211_send_null_frame: Failed to " 8333 "send poll frame"); 8334 } 8335 8336 static void nl80211_poll_client(void *priv, const u8 *own_addr, const u8 *addr, 8337 int qos) 8338 { 8339 struct i802_bss *bss = priv; 8340 struct wpa_driver_nl80211_data *drv = bss->drv; 8341 struct nl_msg *msg; 8342 u64 cookie; 8343 int ret; 8344 8345 if (!drv->poll_command_supported) { 8346 nl80211_send_null_frame(bss, own_addr, addr, qos); 8347 return; 8348 } 8349 8350 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_PROBE_CLIENT)) || 8351 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) { 8352 nlmsg_free(msg); 8353 return; 8354 } 8355 8356 ret = send_and_recv_msgs(drv, msg, cookie_handler, &cookie); 8357 if (ret < 0) { 8358 wpa_printf(MSG_DEBUG, "nl80211: Client probe request for " 8359 MACSTR " failed: ret=%d (%s)", 8360 MAC2STR(addr), ret, strerror(-ret)); 8361 } else { 8362 wpa_printf(MSG_DEBUG, 8363 "nl80211: Client probe request addr=" MACSTR 8364 " cookie=%llu", MAC2STR(addr), 8365 (long long unsigned int) cookie); 8366 } 8367 } 8368 8369 8370 static int nl80211_set_power_save(struct i802_bss *bss, int enabled) 8371 { 8372 struct nl_msg *msg; 8373 int ret; 8374 8375 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_POWER_SAVE)) || 8376 nla_put_u32(msg, NL80211_ATTR_PS_STATE, 8377 enabled ? NL80211_PS_ENABLED : NL80211_PS_DISABLED)) { 8378 nlmsg_free(msg); 8379 return -ENOBUFS; 8380 } 8381 8382 ret = send_and_recv_msgs(bss->drv, msg, NULL, NULL); 8383 if (ret < 0) { 8384 wpa_printf(MSG_DEBUG, 8385 "nl80211: Setting PS state %s failed: %d (%s)", 8386 enabled ? "enabled" : "disabled", 8387 ret, strerror(-ret)); 8388 } 8389 return ret; 8390 } 8391 8392 8393 static int nl80211_set_p2p_powersave(void *priv, int legacy_ps, int opp_ps, 8394 int ctwindow) 8395 { 8396 struct i802_bss *bss = priv; 8397 8398 wpa_printf(MSG_DEBUG, "nl80211: set_p2p_powersave (legacy_ps=%d " 8399 "opp_ps=%d ctwindow=%d)", legacy_ps, opp_ps, ctwindow); 8400 8401 if (opp_ps != -1 || ctwindow != -1) { 8402 #ifdef ANDROID_P2P 8403 wpa_driver_set_p2p_ps(priv, legacy_ps, opp_ps, ctwindow); 8404 #else /* ANDROID_P2P */ 8405 return -1; /* Not yet supported */ 8406 #endif /* ANDROID_P2P */ 8407 } 8408 8409 if (legacy_ps == -1) 8410 return 0; 8411 if (legacy_ps != 0 && legacy_ps != 1) 8412 return -1; /* Not yet supported */ 8413 8414 return nl80211_set_power_save(bss, legacy_ps); 8415 } 8416 8417 8418 static int nl80211_start_radar_detection(void *priv, 8419 struct hostapd_freq_params *freq) 8420 { 8421 struct i802_bss *bss = priv; 8422 struct wpa_driver_nl80211_data *drv = bss->drv; 8423 struct nl_msg *msg; 8424 int ret; 8425 8426 wpa_printf(MSG_DEBUG, "nl80211: Start radar detection (CAC) %d MHz (ht_enabled=%d, vht_enabled=%d, he_enabled=%d, bandwidth=%d MHz, cf1=%d MHz, cf2=%d MHz)", 8427 freq->freq, freq->ht_enabled, freq->vht_enabled, freq->he_enabled, 8428 freq->bandwidth, freq->center_freq1, freq->center_freq2); 8429 8430 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_RADAR)) { 8431 wpa_printf(MSG_DEBUG, "nl80211: Driver does not support radar " 8432 "detection"); 8433 return -1; 8434 } 8435 8436 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_RADAR_DETECT)) || 8437 nl80211_put_freq_params(msg, freq) < 0) { 8438 nlmsg_free(msg); 8439 return -1; 8440 } 8441 8442 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 8443 if (ret == 0) 8444 return 0; 8445 wpa_printf(MSG_DEBUG, "nl80211: Failed to start radar detection: " 8446 "%d (%s)", ret, strerror(-ret)); 8447 return -1; 8448 } 8449 8450 #ifdef CONFIG_TDLS 8451 8452 static int nl80211_send_tdls_mgmt(void *priv, const u8 *dst, u8 action_code, 8453 u8 dialog_token, u16 status_code, 8454 u32 peer_capab, int initiator, const u8 *buf, 8455 size_t len) 8456 { 8457 struct i802_bss *bss = priv; 8458 struct wpa_driver_nl80211_data *drv = bss->drv; 8459 struct nl_msg *msg; 8460 8461 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT)) 8462 return -EOPNOTSUPP; 8463 8464 if (!dst) 8465 return -EINVAL; 8466 8467 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_TDLS_MGMT)) || 8468 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, dst) || 8469 nla_put_u8(msg, NL80211_ATTR_TDLS_ACTION, action_code) || 8470 nla_put_u8(msg, NL80211_ATTR_TDLS_DIALOG_TOKEN, dialog_token) || 8471 nla_put_u16(msg, NL80211_ATTR_STATUS_CODE, status_code)) 8472 goto fail; 8473 if (peer_capab) { 8474 /* 8475 * The internal enum tdls_peer_capability definition is 8476 * currently identical with the nl80211 enum 8477 * nl80211_tdls_peer_capability, so no conversion is needed 8478 * here. 8479 */ 8480 if (nla_put_u32(msg, NL80211_ATTR_TDLS_PEER_CAPABILITY, 8481 peer_capab)) 8482 goto fail; 8483 } 8484 if ((initiator && 8485 nla_put_flag(msg, NL80211_ATTR_TDLS_INITIATOR)) || 8486 nla_put(msg, NL80211_ATTR_IE, len, buf)) 8487 goto fail; 8488 8489 return send_and_recv_msgs(drv, msg, NULL, NULL); 8490 8491 fail: 8492 nlmsg_free(msg); 8493 return -ENOBUFS; 8494 } 8495 8496 8497 static int nl80211_tdls_oper(void *priv, enum tdls_oper oper, const u8 *peer) 8498 { 8499 struct i802_bss *bss = priv; 8500 struct wpa_driver_nl80211_data *drv = bss->drv; 8501 struct nl_msg *msg; 8502 enum nl80211_tdls_operation nl80211_oper; 8503 int res; 8504 8505 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT)) 8506 return -EOPNOTSUPP; 8507 8508 switch (oper) { 8509 case TDLS_DISCOVERY_REQ: 8510 nl80211_oper = NL80211_TDLS_DISCOVERY_REQ; 8511 break; 8512 case TDLS_SETUP: 8513 nl80211_oper = NL80211_TDLS_SETUP; 8514 break; 8515 case TDLS_TEARDOWN: 8516 nl80211_oper = NL80211_TDLS_TEARDOWN; 8517 break; 8518 case TDLS_ENABLE_LINK: 8519 nl80211_oper = NL80211_TDLS_ENABLE_LINK; 8520 break; 8521 case TDLS_DISABLE_LINK: 8522 nl80211_oper = NL80211_TDLS_DISABLE_LINK; 8523 break; 8524 case TDLS_ENABLE: 8525 return 0; 8526 case TDLS_DISABLE: 8527 return 0; 8528 default: 8529 return -EINVAL; 8530 } 8531 8532 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_TDLS_OPER)) || 8533 nla_put_u8(msg, NL80211_ATTR_TDLS_OPERATION, nl80211_oper) || 8534 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, peer)) { 8535 nlmsg_free(msg); 8536 return -ENOBUFS; 8537 } 8538 8539 res = send_and_recv_msgs(drv, msg, NULL, NULL); 8540 wpa_printf(MSG_DEBUG, "nl80211: TDLS_OPER: oper=%d mac=" MACSTR 8541 " --> res=%d (%s)", nl80211_oper, MAC2STR(peer), res, 8542 strerror(-res)); 8543 return res; 8544 } 8545 8546 8547 static int 8548 nl80211_tdls_enable_channel_switch(void *priv, const u8 *addr, u8 oper_class, 8549 const struct hostapd_freq_params *params) 8550 { 8551 struct i802_bss *bss = priv; 8552 struct wpa_driver_nl80211_data *drv = bss->drv; 8553 struct nl_msg *msg; 8554 int ret = -ENOBUFS; 8555 8556 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT) || 8557 !(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_CHANNEL_SWITCH)) 8558 return -EOPNOTSUPP; 8559 8560 wpa_printf(MSG_DEBUG, "nl80211: Enable TDLS channel switch " MACSTR 8561 " oper_class=%u freq=%u", 8562 MAC2STR(addr), oper_class, params->freq); 8563 msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_TDLS_CHANNEL_SWITCH); 8564 if (!msg || 8565 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr) || 8566 nla_put_u8(msg, NL80211_ATTR_OPER_CLASS, oper_class) || 8567 (ret = nl80211_put_freq_params(msg, params))) { 8568 nlmsg_free(msg); 8569 wpa_printf(MSG_DEBUG, "nl80211: Could not build TDLS chan switch"); 8570 return ret; 8571 } 8572 8573 return send_and_recv_msgs(drv, msg, NULL, NULL); 8574 } 8575 8576 8577 static int 8578 nl80211_tdls_disable_channel_switch(void *priv, const u8 *addr) 8579 { 8580 struct i802_bss *bss = priv; 8581 struct wpa_driver_nl80211_data *drv = bss->drv; 8582 struct nl_msg *msg; 8583 8584 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT) || 8585 !(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_CHANNEL_SWITCH)) 8586 return -EOPNOTSUPP; 8587 8588 wpa_printf(MSG_DEBUG, "nl80211: Disable TDLS channel switch " MACSTR, 8589 MAC2STR(addr)); 8590 msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_TDLS_CANCEL_CHANNEL_SWITCH); 8591 if (!msg || 8592 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) { 8593 nlmsg_free(msg); 8594 wpa_printf(MSG_DEBUG, 8595 "nl80211: Could not build TDLS cancel chan switch"); 8596 return -ENOBUFS; 8597 } 8598 8599 return send_and_recv_msgs(drv, msg, NULL, NULL); 8600 } 8601 8602 #endif /* CONFIG TDLS */ 8603 8604 8605 static int driver_nl80211_set_key(const char *ifname, void *priv, 8606 enum wpa_alg alg, const u8 *addr, 8607 int key_idx, int set_tx, 8608 const u8 *seq, size_t seq_len, 8609 const u8 *key, size_t key_len) 8610 { 8611 struct i802_bss *bss = priv; 8612 return wpa_driver_nl80211_set_key(ifname, bss, alg, addr, key_idx, 8613 set_tx, seq, seq_len, key, key_len); 8614 } 8615 8616 8617 static int driver_nl80211_scan2(void *priv, 8618 struct wpa_driver_scan_params *params) 8619 { 8620 struct i802_bss *bss = priv; 8621 #ifdef CONFIG_DRIVER_NL80211_QCA 8622 struct wpa_driver_nl80211_data *drv = bss->drv; 8623 8624 /* 8625 * Do a vendor specific scan if possible. If only_new_results is 8626 * set, do a normal scan since a kernel (cfg80211) BSS cache flush 8627 * cannot be achieved through a vendor scan. The below condition may 8628 * need to be modified if new scan flags are added in the future whose 8629 * functionality can only be achieved through a normal scan. 8630 */ 8631 if (drv->scan_vendor_cmd_avail && !params->only_new_results) 8632 return wpa_driver_nl80211_vendor_scan(bss, params); 8633 #endif /* CONFIG_DRIVER_NL80211_QCA */ 8634 return wpa_driver_nl80211_scan(bss, params); 8635 } 8636 8637 8638 static int driver_nl80211_deauthenticate(void *priv, const u8 *addr, 8639 u16 reason_code) 8640 { 8641 struct i802_bss *bss = priv; 8642 return wpa_driver_nl80211_deauthenticate(bss, addr, reason_code); 8643 } 8644 8645 8646 static int driver_nl80211_authenticate(void *priv, 8647 struct wpa_driver_auth_params *params) 8648 { 8649 struct i802_bss *bss = priv; 8650 return wpa_driver_nl80211_authenticate(bss, params); 8651 } 8652 8653 8654 static void driver_nl80211_deinit(void *priv) 8655 { 8656 struct i802_bss *bss = priv; 8657 wpa_driver_nl80211_deinit(bss); 8658 } 8659 8660 8661 static int driver_nl80211_if_remove(void *priv, enum wpa_driver_if_type type, 8662 const char *ifname) 8663 { 8664 struct i802_bss *bss = priv; 8665 return wpa_driver_nl80211_if_remove(bss, type, ifname); 8666 } 8667 8668 8669 static int driver_nl80211_send_mlme(void *priv, const u8 *data, 8670 size_t data_len, int noack, 8671 unsigned int freq, 8672 const u16 *csa_offs, size_t csa_offs_len) 8673 { 8674 struct i802_bss *bss = priv; 8675 return wpa_driver_nl80211_send_mlme(bss, data, data_len, noack, 8676 freq, 0, 0, 0, csa_offs, 8677 csa_offs_len); 8678 } 8679 8680 8681 static int driver_nl80211_sta_remove(void *priv, const u8 *addr) 8682 { 8683 struct i802_bss *bss = priv; 8684 return wpa_driver_nl80211_sta_remove(bss, addr, -1, 0); 8685 } 8686 8687 8688 static int driver_nl80211_set_sta_vlan(void *priv, const u8 *addr, 8689 const char *ifname, int vlan_id) 8690 { 8691 struct i802_bss *bss = priv; 8692 return i802_set_sta_vlan(bss, addr, ifname, vlan_id); 8693 } 8694 8695 8696 static int driver_nl80211_read_sta_data(void *priv, 8697 struct hostap_sta_driver_data *data, 8698 const u8 *addr) 8699 { 8700 struct i802_bss *bss = priv; 8701 8702 os_memset(data, 0, sizeof(*data)); 8703 return i802_read_sta_data(bss, data, addr); 8704 } 8705 8706 8707 static int driver_nl80211_send_action(void *priv, unsigned int freq, 8708 unsigned int wait_time, 8709 const u8 *dst, const u8 *src, 8710 const u8 *bssid, 8711 const u8 *data, size_t data_len, 8712 int no_cck) 8713 { 8714 struct i802_bss *bss = priv; 8715 return wpa_driver_nl80211_send_action(bss, freq, wait_time, dst, src, 8716 bssid, data, data_len, no_cck); 8717 } 8718 8719 8720 static int driver_nl80211_probe_req_report(void *priv, int report) 8721 { 8722 struct i802_bss *bss = priv; 8723 return wpa_driver_nl80211_probe_req_report(bss, report); 8724 } 8725 8726 8727 static int wpa_driver_nl80211_update_ft_ies(void *priv, const u8 *md, 8728 const u8 *ies, size_t ies_len) 8729 { 8730 int ret; 8731 struct nl_msg *msg; 8732 struct i802_bss *bss = priv; 8733 struct wpa_driver_nl80211_data *drv = bss->drv; 8734 u16 mdid = WPA_GET_LE16(md); 8735 8736 wpa_printf(MSG_DEBUG, "nl80211: Updating FT IEs"); 8737 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_UPDATE_FT_IES)) || 8738 nla_put(msg, NL80211_ATTR_IE, ies_len, ies) || 8739 nla_put_u16(msg, NL80211_ATTR_MDID, mdid)) { 8740 nlmsg_free(msg); 8741 return -ENOBUFS; 8742 } 8743 8744 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 8745 if (ret) { 8746 wpa_printf(MSG_DEBUG, "nl80211: update_ft_ies failed " 8747 "err=%d (%s)", ret, strerror(-ret)); 8748 } 8749 8750 return ret; 8751 } 8752 8753 8754 static int nl80211_update_dh_ie(void *priv, const u8 *peer_mac, 8755 u16 reason_code, const u8 *ie, size_t ie_len) 8756 { 8757 int ret; 8758 struct nl_msg *msg; 8759 struct i802_bss *bss = priv; 8760 struct wpa_driver_nl80211_data *drv = bss->drv; 8761 8762 wpa_printf(MSG_DEBUG, "nl80211: Updating DH IE peer: " MACSTR 8763 " reason %u", MAC2STR(peer_mac), reason_code); 8764 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_UPDATE_OWE_INFO)) || 8765 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, peer_mac) || 8766 nla_put_u16(msg, NL80211_ATTR_STATUS_CODE, reason_code) || 8767 (ie && nla_put(msg, NL80211_ATTR_IE, ie_len, ie))) { 8768 nlmsg_free(msg); 8769 return -ENOBUFS; 8770 } 8771 8772 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 8773 if (ret) { 8774 wpa_printf(MSG_DEBUG, 8775 "nl80211: update_dh_ie failed err=%d (%s)", 8776 ret, strerror(-ret)); 8777 } 8778 8779 return ret; 8780 } 8781 8782 8783 static const u8 * wpa_driver_nl80211_get_macaddr(void *priv) 8784 { 8785 struct i802_bss *bss = priv; 8786 struct wpa_driver_nl80211_data *drv = bss->drv; 8787 8788 if (drv->nlmode != NL80211_IFTYPE_P2P_DEVICE) 8789 return NULL; 8790 8791 return bss->addr; 8792 } 8793 8794 8795 static const char * scan_state_str(enum scan_states scan_state) 8796 { 8797 switch (scan_state) { 8798 case NO_SCAN: 8799 return "NO_SCAN"; 8800 case SCAN_REQUESTED: 8801 return "SCAN_REQUESTED"; 8802 case SCAN_STARTED: 8803 return "SCAN_STARTED"; 8804 case SCAN_COMPLETED: 8805 return "SCAN_COMPLETED"; 8806 case SCAN_ABORTED: 8807 return "SCAN_ABORTED"; 8808 case SCHED_SCAN_STARTED: 8809 return "SCHED_SCAN_STARTED"; 8810 case SCHED_SCAN_STOPPED: 8811 return "SCHED_SCAN_STOPPED"; 8812 case SCHED_SCAN_RESULTS: 8813 return "SCHED_SCAN_RESULTS"; 8814 } 8815 8816 return "??"; 8817 } 8818 8819 8820 static int wpa_driver_nl80211_status(void *priv, char *buf, size_t buflen) 8821 { 8822 struct i802_bss *bss = priv; 8823 struct wpa_driver_nl80211_data *drv = bss->drv; 8824 int res; 8825 char *pos, *end; 8826 struct nl_msg *msg; 8827 char alpha2[3] = { 0, 0, 0 }; 8828 8829 pos = buf; 8830 end = buf + buflen; 8831 8832 res = os_snprintf(pos, end - pos, 8833 "ifindex=%d\n" 8834 "ifname=%s\n" 8835 "brname=%s\n" 8836 "addr=" MACSTR "\n" 8837 "freq=%d\n" 8838 "%s%s%s%s%s%s", 8839 bss->ifindex, 8840 bss->ifname, 8841 bss->brname, 8842 MAC2STR(bss->addr), 8843 bss->freq, 8844 bss->beacon_set ? "beacon_set=1\n" : "", 8845 bss->added_if_into_bridge ? 8846 "added_if_into_bridge=1\n" : "", 8847 bss->already_in_bridge ? "already_in_bridge=1\n" : "", 8848 bss->added_bridge ? "added_bridge=1\n" : "", 8849 bss->in_deinit ? "in_deinit=1\n" : "", 8850 bss->if_dynamic ? "if_dynamic=1\n" : ""); 8851 if (os_snprintf_error(end - pos, res)) 8852 return pos - buf; 8853 pos += res; 8854 8855 if (bss->wdev_id_set) { 8856 res = os_snprintf(pos, end - pos, "wdev_id=%llu\n", 8857 (unsigned long long) bss->wdev_id); 8858 if (os_snprintf_error(end - pos, res)) 8859 return pos - buf; 8860 pos += res; 8861 } 8862 8863 res = os_snprintf(pos, end - pos, 8864 "phyname=%s\n" 8865 "perm_addr=" MACSTR "\n" 8866 "drv_ifindex=%d\n" 8867 "operstate=%d\n" 8868 "scan_state=%s\n" 8869 "auth_bssid=" MACSTR "\n" 8870 "auth_attempt_bssid=" MACSTR "\n" 8871 "bssid=" MACSTR "\n" 8872 "prev_bssid=" MACSTR "\n" 8873 "associated=%d\n" 8874 "assoc_freq=%u\n" 8875 "monitor_sock=%d\n" 8876 "monitor_ifidx=%d\n" 8877 "monitor_refcount=%d\n" 8878 "last_mgmt_freq=%u\n" 8879 "eapol_tx_sock=%d\n" 8880 "%s%s%s%s%s%s%s%s%s%s%s%s%s", 8881 drv->phyname, 8882 MAC2STR(drv->perm_addr), 8883 drv->ifindex, 8884 drv->operstate, 8885 scan_state_str(drv->scan_state), 8886 MAC2STR(drv->auth_bssid), 8887 MAC2STR(drv->auth_attempt_bssid), 8888 MAC2STR(drv->bssid), 8889 MAC2STR(drv->prev_bssid), 8890 drv->associated, 8891 drv->assoc_freq, 8892 drv->monitor_sock, 8893 drv->monitor_ifidx, 8894 drv->monitor_refcount, 8895 drv->last_mgmt_freq, 8896 drv->eapol_tx_sock, 8897 drv->ignore_if_down_event ? 8898 "ignore_if_down_event=1\n" : "", 8899 drv->scan_complete_events ? 8900 "scan_complete_events=1\n" : "", 8901 drv->disabled_11b_rates ? 8902 "disabled_11b_rates=1\n" : "", 8903 drv->pending_remain_on_chan ? 8904 "pending_remain_on_chan=1\n" : "", 8905 drv->in_interface_list ? "in_interface_list=1\n" : "", 8906 drv->device_ap_sme ? "device_ap_sme=1\n" : "", 8907 drv->poll_command_supported ? 8908 "poll_command_supported=1\n" : "", 8909 drv->data_tx_status ? "data_tx_status=1\n" : "", 8910 drv->scan_for_auth ? "scan_for_auth=1\n" : "", 8911 drv->retry_auth ? "retry_auth=1\n" : "", 8912 drv->use_monitor ? "use_monitor=1\n" : "", 8913 drv->ignore_next_local_disconnect ? 8914 "ignore_next_local_disconnect=1\n" : "", 8915 drv->ignore_next_local_deauth ? 8916 "ignore_next_local_deauth=1\n" : ""); 8917 if (os_snprintf_error(end - pos, res)) 8918 return pos - buf; 8919 pos += res; 8920 8921 if (drv->has_capability) { 8922 res = os_snprintf(pos, end - pos, 8923 "capa.key_mgmt=0x%x\n" 8924 "capa.enc=0x%x\n" 8925 "capa.auth=0x%x\n" 8926 "capa.flags=0x%llx\n" 8927 "capa.rrm_flags=0x%x\n" 8928 "capa.max_scan_ssids=%d\n" 8929 "capa.max_sched_scan_ssids=%d\n" 8930 "capa.sched_scan_supported=%d\n" 8931 "capa.max_match_sets=%d\n" 8932 "capa.max_remain_on_chan=%u\n" 8933 "capa.max_stations=%u\n" 8934 "capa.probe_resp_offloads=0x%x\n" 8935 "capa.max_acl_mac_addrs=%u\n" 8936 "capa.num_multichan_concurrent=%u\n" 8937 "capa.mac_addr_rand_sched_scan_supported=%d\n" 8938 "capa.mac_addr_rand_scan_supported=%d\n" 8939 "capa.conc_capab=%u\n" 8940 "capa.max_conc_chan_2_4=%u\n" 8941 "capa.max_conc_chan_5_0=%u\n" 8942 "capa.max_sched_scan_plans=%u\n" 8943 "capa.max_sched_scan_plan_interval=%u\n" 8944 "capa.max_sched_scan_plan_iterations=%u\n", 8945 drv->capa.key_mgmt, 8946 drv->capa.enc, 8947 drv->capa.auth, 8948 (unsigned long long) drv->capa.flags, 8949 drv->capa.rrm_flags, 8950 drv->capa.max_scan_ssids, 8951 drv->capa.max_sched_scan_ssids, 8952 drv->capa.sched_scan_supported, 8953 drv->capa.max_match_sets, 8954 drv->capa.max_remain_on_chan, 8955 drv->capa.max_stations, 8956 drv->capa.probe_resp_offloads, 8957 drv->capa.max_acl_mac_addrs, 8958 drv->capa.num_multichan_concurrent, 8959 drv->capa.mac_addr_rand_sched_scan_supported, 8960 drv->capa.mac_addr_rand_scan_supported, 8961 drv->capa.conc_capab, 8962 drv->capa.max_conc_chan_2_4, 8963 drv->capa.max_conc_chan_5_0, 8964 drv->capa.max_sched_scan_plans, 8965 drv->capa.max_sched_scan_plan_interval, 8966 drv->capa.max_sched_scan_plan_iterations); 8967 if (os_snprintf_error(end - pos, res)) 8968 return pos - buf; 8969 pos += res; 8970 } 8971 8972 msg = nlmsg_alloc(); 8973 if (msg && 8974 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_REG) && 8975 nla_put_u32(msg, NL80211_ATTR_WIPHY, drv->wiphy_idx) == 0) { 8976 if (send_and_recv_msgs(drv, msg, nl80211_get_country, 8977 alpha2) == 0 && 8978 alpha2[0]) { 8979 res = os_snprintf(pos, end - pos, "country=%s\n", 8980 alpha2); 8981 if (os_snprintf_error(end - pos, res)) 8982 return pos - buf; 8983 pos += res; 8984 } 8985 } else { 8986 nlmsg_free(msg); 8987 } 8988 8989 return pos - buf; 8990 } 8991 8992 8993 static int set_beacon_data(struct nl_msg *msg, struct beacon_data *settings) 8994 { 8995 if ((settings->head && 8996 nla_put(msg, NL80211_ATTR_BEACON_HEAD, 8997 settings->head_len, settings->head)) || 8998 (settings->tail && 8999 nla_put(msg, NL80211_ATTR_BEACON_TAIL, 9000 settings->tail_len, settings->tail)) || 9001 (settings->beacon_ies && 9002 nla_put(msg, NL80211_ATTR_IE, 9003 settings->beacon_ies_len, settings->beacon_ies)) || 9004 (settings->proberesp_ies && 9005 nla_put(msg, NL80211_ATTR_IE_PROBE_RESP, 9006 settings->proberesp_ies_len, settings->proberesp_ies)) || 9007 (settings->assocresp_ies && 9008 nla_put(msg, NL80211_ATTR_IE_ASSOC_RESP, 9009 settings->assocresp_ies_len, settings->assocresp_ies)) || 9010 (settings->probe_resp && 9011 nla_put(msg, NL80211_ATTR_PROBE_RESP, 9012 settings->probe_resp_len, settings->probe_resp))) 9013 return -ENOBUFS; 9014 9015 return 0; 9016 } 9017 9018 9019 static int nl80211_switch_channel(void *priv, struct csa_settings *settings) 9020 { 9021 struct nl_msg *msg; 9022 struct i802_bss *bss = priv; 9023 struct wpa_driver_nl80211_data *drv = bss->drv; 9024 struct nlattr *beacon_csa; 9025 int ret = -ENOBUFS; 9026 int csa_off_len = 0; 9027 int i; 9028 9029 wpa_printf(MSG_DEBUG, "nl80211: Channel switch request (cs_count=%u block_tx=%u freq=%d width=%d cf1=%d cf2=%d)", 9030 settings->cs_count, settings->block_tx, 9031 settings->freq_params.freq, settings->freq_params.bandwidth, 9032 settings->freq_params.center_freq1, 9033 settings->freq_params.center_freq2); 9034 9035 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_AP_CSA)) { 9036 wpa_printf(MSG_DEBUG, "nl80211: Driver does not support channel switch command"); 9037 return -EOPNOTSUPP; 9038 } 9039 9040 if (drv->nlmode != NL80211_IFTYPE_AP && 9041 drv->nlmode != NL80211_IFTYPE_P2P_GO && 9042 drv->nlmode != NL80211_IFTYPE_MESH_POINT) 9043 return -EOPNOTSUPP; 9044 9045 /* 9046 * Remove empty counters, assuming Probe Response and Beacon frame 9047 * counters match. This implementation assumes that there are only two 9048 * counters. 9049 */ 9050 if (settings->counter_offset_beacon[0] && 9051 !settings->counter_offset_beacon[1]) { 9052 csa_off_len = 1; 9053 } else if (settings->counter_offset_beacon[1] && 9054 !settings->counter_offset_beacon[0]) { 9055 csa_off_len = 1; 9056 settings->counter_offset_beacon[0] = 9057 settings->counter_offset_beacon[1]; 9058 settings->counter_offset_presp[0] = 9059 settings->counter_offset_presp[1]; 9060 } else if (settings->counter_offset_beacon[1] && 9061 settings->counter_offset_beacon[0]) { 9062 csa_off_len = 2; 9063 } else { 9064 wpa_printf(MSG_ERROR, "nl80211: No CSA counters provided"); 9065 return -EINVAL; 9066 } 9067 9068 /* Check CSA counters validity */ 9069 if (drv->capa.max_csa_counters && 9070 csa_off_len > drv->capa.max_csa_counters) { 9071 wpa_printf(MSG_ERROR, 9072 "nl80211: Too many CSA counters provided"); 9073 return -EINVAL; 9074 } 9075 9076 if (!settings->beacon_csa.tail) 9077 return -EINVAL; 9078 9079 for (i = 0; i < csa_off_len; i++) { 9080 u16 csa_c_off_bcn = settings->counter_offset_beacon[i]; 9081 u16 csa_c_off_presp = settings->counter_offset_presp[i]; 9082 9083 if ((settings->beacon_csa.tail_len <= csa_c_off_bcn) || 9084 (settings->beacon_csa.tail[csa_c_off_bcn] != 9085 settings->cs_count)) 9086 return -EINVAL; 9087 9088 if (settings->beacon_csa.probe_resp && 9089 ((settings->beacon_csa.probe_resp_len <= 9090 csa_c_off_presp) || 9091 (settings->beacon_csa.probe_resp[csa_c_off_presp] != 9092 settings->cs_count))) 9093 return -EINVAL; 9094 } 9095 9096 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_CHANNEL_SWITCH)) || 9097 nla_put_u32(msg, NL80211_ATTR_CH_SWITCH_COUNT, 9098 settings->cs_count) || 9099 (ret = nl80211_put_freq_params(msg, &settings->freq_params)) || 9100 (settings->block_tx && 9101 nla_put_flag(msg, NL80211_ATTR_CH_SWITCH_BLOCK_TX))) 9102 goto error; 9103 9104 /* beacon_after params */ 9105 ret = set_beacon_data(msg, &settings->beacon_after); 9106 if (ret) 9107 goto error; 9108 9109 /* beacon_csa params */ 9110 beacon_csa = nla_nest_start(msg, NL80211_ATTR_CSA_IES); 9111 if (!beacon_csa) 9112 goto fail; 9113 9114 ret = set_beacon_data(msg, &settings->beacon_csa); 9115 if (ret) 9116 goto error; 9117 9118 if (nla_put(msg, NL80211_ATTR_CSA_C_OFF_BEACON, 9119 csa_off_len * sizeof(u16), 9120 settings->counter_offset_beacon) || 9121 (settings->beacon_csa.probe_resp && 9122 nla_put(msg, NL80211_ATTR_CSA_C_OFF_PRESP, 9123 csa_off_len * sizeof(u16), 9124 settings->counter_offset_presp))) 9125 goto fail; 9126 9127 nla_nest_end(msg, beacon_csa); 9128 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 9129 if (ret) { 9130 wpa_printf(MSG_DEBUG, "nl80211: switch_channel failed err=%d (%s)", 9131 ret, strerror(-ret)); 9132 } 9133 return ret; 9134 9135 fail: 9136 ret = -ENOBUFS; 9137 error: 9138 nlmsg_free(msg); 9139 wpa_printf(MSG_DEBUG, "nl80211: Could not build channel switch request"); 9140 return ret; 9141 } 9142 9143 9144 static int nl80211_add_ts(void *priv, u8 tsid, const u8 *addr, 9145 u8 user_priority, u16 admitted_time) 9146 { 9147 struct i802_bss *bss = priv; 9148 struct wpa_driver_nl80211_data *drv = bss->drv; 9149 struct nl_msg *msg; 9150 int ret; 9151 9152 wpa_printf(MSG_DEBUG, 9153 "nl80211: add_ts request: tsid=%u admitted_time=%u up=%d", 9154 tsid, admitted_time, user_priority); 9155 9156 if (!is_sta_interface(drv->nlmode)) 9157 return -ENOTSUP; 9158 9159 msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_ADD_TX_TS); 9160 if (!msg || 9161 nla_put_u8(msg, NL80211_ATTR_TSID, tsid) || 9162 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr) || 9163 nla_put_u8(msg, NL80211_ATTR_USER_PRIO, user_priority) || 9164 nla_put_u16(msg, NL80211_ATTR_ADMITTED_TIME, admitted_time)) { 9165 nlmsg_free(msg); 9166 return -ENOBUFS; 9167 } 9168 9169 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 9170 if (ret) 9171 wpa_printf(MSG_DEBUG, "nl80211: add_ts failed err=%d (%s)", 9172 ret, strerror(-ret)); 9173 return ret; 9174 } 9175 9176 9177 static int nl80211_del_ts(void *priv, u8 tsid, const u8 *addr) 9178 { 9179 struct i802_bss *bss = priv; 9180 struct wpa_driver_nl80211_data *drv = bss->drv; 9181 struct nl_msg *msg; 9182 int ret; 9183 9184 wpa_printf(MSG_DEBUG, "nl80211: del_ts request: tsid=%u", tsid); 9185 9186 if (!is_sta_interface(drv->nlmode)) 9187 return -ENOTSUP; 9188 9189 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_DEL_TX_TS)) || 9190 nla_put_u8(msg, NL80211_ATTR_TSID, tsid) || 9191 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) { 9192 nlmsg_free(msg); 9193 return -ENOBUFS; 9194 } 9195 9196 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 9197 if (ret) 9198 wpa_printf(MSG_DEBUG, "nl80211: del_ts failed err=%d (%s)", 9199 ret, strerror(-ret)); 9200 return ret; 9201 } 9202 9203 9204 #ifdef CONFIG_TESTING_OPTIONS 9205 static int cmd_reply_handler(struct nl_msg *msg, void *arg) 9206 { 9207 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); 9208 struct wpabuf *buf = arg; 9209 9210 if (!buf) 9211 return NL_SKIP; 9212 9213 if ((size_t) genlmsg_attrlen(gnlh, 0) > wpabuf_tailroom(buf)) { 9214 wpa_printf(MSG_INFO, "nl80211: insufficient buffer space for reply"); 9215 return NL_SKIP; 9216 } 9217 9218 wpabuf_put_data(buf, genlmsg_attrdata(gnlh, 0), 9219 genlmsg_attrlen(gnlh, 0)); 9220 9221 return NL_SKIP; 9222 } 9223 #endif /* CONFIG_TESTING_OPTIONS */ 9224 9225 9226 static int vendor_reply_handler(struct nl_msg *msg, void *arg) 9227 { 9228 struct nlattr *tb[NL80211_ATTR_MAX + 1]; 9229 struct nlattr *nl_vendor_reply, *nl; 9230 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); 9231 struct wpabuf *buf = arg; 9232 int rem; 9233 9234 if (!buf) 9235 return NL_SKIP; 9236 9237 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), 9238 genlmsg_attrlen(gnlh, 0), NULL); 9239 nl_vendor_reply = tb[NL80211_ATTR_VENDOR_DATA]; 9240 9241 if (!nl_vendor_reply) 9242 return NL_SKIP; 9243 9244 if ((size_t) nla_len(nl_vendor_reply) > wpabuf_tailroom(buf)) { 9245 wpa_printf(MSG_INFO, "nl80211: Vendor command: insufficient buffer space for reply"); 9246 return NL_SKIP; 9247 } 9248 9249 nla_for_each_nested(nl, nl_vendor_reply, rem) { 9250 wpabuf_put_data(buf, nla_data(nl), nla_len(nl)); 9251 } 9252 9253 return NL_SKIP; 9254 } 9255 9256 9257 static int nl80211_vendor_cmd(void *priv, unsigned int vendor_id, 9258 unsigned int subcmd, const u8 *data, 9259 size_t data_len, struct wpabuf *buf) 9260 { 9261 struct i802_bss *bss = priv; 9262 struct wpa_driver_nl80211_data *drv = bss->drv; 9263 struct nl_msg *msg; 9264 int ret; 9265 9266 #ifdef CONFIG_TESTING_OPTIONS 9267 if (vendor_id == 0xffffffff) { 9268 msg = nlmsg_alloc(); 9269 if (!msg) 9270 return -ENOMEM; 9271 9272 nl80211_cmd(drv, msg, 0, subcmd); 9273 if (nlmsg_append(msg, (void *) data, data_len, NLMSG_ALIGNTO) < 9274 0) 9275 goto fail; 9276 ret = send_and_recv_msgs(drv, msg, cmd_reply_handler, buf); 9277 if (ret) 9278 wpa_printf(MSG_DEBUG, "nl80211: command failed err=%d", 9279 ret); 9280 return ret; 9281 } 9282 #endif /* CONFIG_TESTING_OPTIONS */ 9283 9284 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_VENDOR)) || 9285 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, vendor_id) || 9286 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD, subcmd) || 9287 (data && 9288 nla_put(msg, NL80211_ATTR_VENDOR_DATA, data_len, data))) 9289 goto fail; 9290 9291 ret = send_and_recv_msgs(drv, msg, vendor_reply_handler, buf); 9292 if (ret) 9293 wpa_printf(MSG_DEBUG, "nl80211: vendor command failed err=%d", 9294 ret); 9295 return ret; 9296 9297 fail: 9298 nlmsg_free(msg); 9299 return -ENOBUFS; 9300 } 9301 9302 9303 static int nl80211_set_qos_map(void *priv, const u8 *qos_map_set, 9304 u8 qos_map_set_len) 9305 { 9306 struct i802_bss *bss = priv; 9307 struct wpa_driver_nl80211_data *drv = bss->drv; 9308 struct nl_msg *msg; 9309 int ret; 9310 9311 wpa_hexdump(MSG_DEBUG, "nl80211: Setting QoS Map", 9312 qos_map_set, qos_map_set_len); 9313 9314 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_SET_QOS_MAP)) || 9315 nla_put(msg, NL80211_ATTR_QOS_MAP, qos_map_set_len, qos_map_set)) { 9316 nlmsg_free(msg); 9317 return -ENOBUFS; 9318 } 9319 9320 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 9321 if (ret) 9322 wpa_printf(MSG_DEBUG, "nl80211: Setting QoS Map failed"); 9323 9324 return ret; 9325 } 9326 9327 9328 static int nl80211_set_wowlan(void *priv, 9329 const struct wowlan_triggers *triggers) 9330 { 9331 struct i802_bss *bss = priv; 9332 struct wpa_driver_nl80211_data *drv = bss->drv; 9333 struct nl_msg *msg; 9334 struct nlattr *wowlan_triggers; 9335 int ret; 9336 9337 wpa_printf(MSG_DEBUG, "nl80211: Setting wowlan"); 9338 9339 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_SET_WOWLAN)) || 9340 !(wowlan_triggers = nla_nest_start(msg, 9341 NL80211_ATTR_WOWLAN_TRIGGERS)) || 9342 (triggers->any && 9343 nla_put_flag(msg, NL80211_WOWLAN_TRIG_ANY)) || 9344 (triggers->disconnect && 9345 nla_put_flag(msg, NL80211_WOWLAN_TRIG_DISCONNECT)) || 9346 (triggers->magic_pkt && 9347 nla_put_flag(msg, NL80211_WOWLAN_TRIG_MAGIC_PKT)) || 9348 (triggers->gtk_rekey_failure && 9349 nla_put_flag(msg, NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE)) || 9350 (triggers->eap_identity_req && 9351 nla_put_flag(msg, NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST)) || 9352 (triggers->four_way_handshake && 9353 nla_put_flag(msg, NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE)) || 9354 (triggers->rfkill_release && 9355 nla_put_flag(msg, NL80211_WOWLAN_TRIG_RFKILL_RELEASE))) { 9356 nlmsg_free(msg); 9357 return -ENOBUFS; 9358 } 9359 9360 nla_nest_end(msg, wowlan_triggers); 9361 9362 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 9363 if (ret) 9364 wpa_printf(MSG_DEBUG, "nl80211: Setting wowlan failed"); 9365 9366 return ret; 9367 } 9368 9369 9370 #ifdef CONFIG_DRIVER_NL80211_QCA 9371 static int nl80211_roaming(void *priv, int allowed, const u8 *bssid) 9372 { 9373 struct i802_bss *bss = priv; 9374 struct wpa_driver_nl80211_data *drv = bss->drv; 9375 struct nl_msg *msg; 9376 struct nlattr *params; 9377 9378 wpa_printf(MSG_DEBUG, "nl80211: Roaming policy: allowed=%d", allowed); 9379 9380 if (!drv->roaming_vendor_cmd_avail) { 9381 wpa_printf(MSG_DEBUG, 9382 "nl80211: Ignore roaming policy change since driver does not provide command for setting it"); 9383 return -1; 9384 } 9385 9386 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) || 9387 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) || 9388 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD, 9389 QCA_NL80211_VENDOR_SUBCMD_ROAMING) || 9390 !(params = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) || 9391 nla_put_u32(msg, QCA_WLAN_VENDOR_ATTR_ROAMING_POLICY, 9392 allowed ? QCA_ROAMING_ALLOWED_WITHIN_ESS : 9393 QCA_ROAMING_NOT_ALLOWED) || 9394 (bssid && 9395 nla_put(msg, QCA_WLAN_VENDOR_ATTR_MAC_ADDR, ETH_ALEN, bssid))) { 9396 nlmsg_free(msg); 9397 return -1; 9398 } 9399 nla_nest_end(msg, params); 9400 9401 return send_and_recv_msgs(drv, msg, NULL, NULL); 9402 } 9403 9404 9405 static int nl80211_disable_fils(void *priv, int disable) 9406 { 9407 struct i802_bss *bss = priv; 9408 struct wpa_driver_nl80211_data *drv = bss->drv; 9409 struct nl_msg *msg; 9410 struct nlattr *params; 9411 9412 wpa_printf(MSG_DEBUG, "nl80211: Disable FILS=%d", disable); 9413 9414 if (!drv->set_wifi_conf_vendor_cmd_avail) 9415 return -1; 9416 9417 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) || 9418 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) || 9419 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD, 9420 QCA_NL80211_VENDOR_SUBCMD_SET_WIFI_CONFIGURATION) || 9421 !(params = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) || 9422 nla_put_u8(msg, QCA_WLAN_VENDOR_ATTR_CONFIG_DISABLE_FILS, 9423 disable)) { 9424 nlmsg_free(msg); 9425 return -1; 9426 } 9427 nla_nest_end(msg, params); 9428 9429 return send_and_recv_msgs(drv, msg, NULL, NULL); 9430 } 9431 9432 9433 /* Reserved QCA_WLAN_VENDOR_ATTR_ROAMING_REQ_ID value for wpa_supplicant */ 9434 #define WPA_SUPPLICANT_CLIENT_ID 1 9435 9436 static int nl80211_set_bssid_blacklist(void *priv, unsigned int num_bssid, 9437 const u8 *bssid) 9438 { 9439 struct i802_bss *bss = priv; 9440 struct wpa_driver_nl80211_data *drv = bss->drv; 9441 struct nl_msg *msg; 9442 struct nlattr *params, *nlbssids, *attr; 9443 unsigned int i; 9444 9445 wpa_printf(MSG_DEBUG, "nl80211: Set blacklist BSSID (num=%u)", 9446 num_bssid); 9447 9448 if (!drv->roam_vendor_cmd_avail) 9449 return -1; 9450 9451 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) || 9452 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) || 9453 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD, 9454 QCA_NL80211_VENDOR_SUBCMD_ROAM) || 9455 !(params = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) || 9456 nla_put_u32(msg, QCA_WLAN_VENDOR_ATTR_ROAMING_SUBCMD, 9457 QCA_WLAN_VENDOR_ATTR_ROAM_SUBCMD_SET_BLACKLIST_BSSID) || 9458 nla_put_u32(msg, QCA_WLAN_VENDOR_ATTR_ROAMING_REQ_ID, 9459 WPA_SUPPLICANT_CLIENT_ID) || 9460 nla_put_u32(msg, 9461 QCA_WLAN_VENDOR_ATTR_ROAMING_PARAM_SET_BSSID_PARAMS_NUM_BSSID, 9462 num_bssid)) 9463 goto fail; 9464 9465 nlbssids = nla_nest_start( 9466 msg, QCA_WLAN_VENDOR_ATTR_ROAMING_PARAM_SET_BSSID_PARAMS); 9467 if (!nlbssids) 9468 goto fail; 9469 9470 for (i = 0; i < num_bssid; i++) { 9471 attr = nla_nest_start(msg, i); 9472 if (!attr) 9473 goto fail; 9474 if (nla_put(msg, 9475 QCA_WLAN_VENDOR_ATTR_ROAMING_PARAM_SET_BSSID_PARAMS_BSSID, 9476 ETH_ALEN, &bssid[i * ETH_ALEN])) 9477 goto fail; 9478 wpa_printf(MSG_DEBUG, "nl80211: BSSID[%u]: " MACSTR, i, 9479 MAC2STR(&bssid[i * ETH_ALEN])); 9480 nla_nest_end(msg, attr); 9481 } 9482 nla_nest_end(msg, nlbssids); 9483 nla_nest_end(msg, params); 9484 9485 return send_and_recv_msgs(drv, msg, NULL, NULL); 9486 9487 fail: 9488 nlmsg_free(msg); 9489 return -1; 9490 } 9491 9492 #endif /* CONFIG_DRIVER_NL80211_QCA */ 9493 9494 9495 static int nl80211_set_mac_addr(void *priv, const u8 *addr) 9496 { 9497 struct i802_bss *bss = priv; 9498 struct wpa_driver_nl80211_data *drv = bss->drv; 9499 int new_addr = addr != NULL; 9500 9501 if (TEST_FAIL()) 9502 return -1; 9503 9504 if (!addr) 9505 addr = drv->perm_addr; 9506 9507 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 0) < 0) 9508 return -1; 9509 9510 if (linux_set_ifhwaddr(drv->global->ioctl_sock, bss->ifname, addr) < 0) 9511 { 9512 wpa_printf(MSG_DEBUG, 9513 "nl80211: failed to set_mac_addr for %s to " MACSTR, 9514 bss->ifname, MAC2STR(addr)); 9515 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 9516 1) < 0) { 9517 wpa_printf(MSG_DEBUG, 9518 "nl80211: Could not restore interface UP after failed set_mac_addr"); 9519 } 9520 return -1; 9521 } 9522 9523 wpa_printf(MSG_DEBUG, "nl80211: set_mac_addr for %s to " MACSTR, 9524 bss->ifname, MAC2STR(addr)); 9525 drv->addr_changed = new_addr; 9526 os_memcpy(bss->addr, addr, ETH_ALEN); 9527 9528 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 1) < 0) 9529 { 9530 wpa_printf(MSG_DEBUG, 9531 "nl80211: Could not restore interface UP after set_mac_addr"); 9532 } 9533 9534 return 0; 9535 } 9536 9537 9538 #ifdef CONFIG_MESH 9539 9540 static int wpa_driver_nl80211_init_mesh(void *priv) 9541 { 9542 if (wpa_driver_nl80211_set_mode(priv, NL80211_IFTYPE_MESH_POINT)) { 9543 wpa_printf(MSG_INFO, 9544 "nl80211: Failed to set interface into mesh mode"); 9545 return -1; 9546 } 9547 return 0; 9548 } 9549 9550 9551 static int nl80211_put_mesh_id(struct nl_msg *msg, const u8 *mesh_id, 9552 size_t mesh_id_len) 9553 { 9554 if (mesh_id) { 9555 wpa_printf(MSG_DEBUG, " * Mesh ID (SSID)=%s", 9556 wpa_ssid_txt(mesh_id, mesh_id_len)); 9557 return nla_put(msg, NL80211_ATTR_MESH_ID, mesh_id_len, mesh_id); 9558 } 9559 9560 return 0; 9561 } 9562 9563 9564 static int nl80211_put_mesh_config(struct nl_msg *msg, 9565 struct wpa_driver_mesh_bss_params *params) 9566 { 9567 struct nlattr *container; 9568 9569 container = nla_nest_start(msg, NL80211_ATTR_MESH_CONFIG); 9570 if (!container) 9571 return -1; 9572 9573 if (((params->flags & WPA_DRIVER_MESH_CONF_FLAG_AUTO_PLINKS) && 9574 nla_put_u8(msg, NL80211_MESHCONF_AUTO_OPEN_PLINKS, 9575 params->auto_plinks)) || 9576 ((params->flags & WPA_DRIVER_MESH_CONF_FLAG_MAX_PEER_LINKS) && 9577 nla_put_u16(msg, NL80211_MESHCONF_MAX_PEER_LINKS, 9578 params->max_peer_links)) || 9579 ((params->flags & WPA_DRIVER_MESH_CONF_FLAG_RSSI_THRESHOLD) && 9580 nla_put_u32(msg, NL80211_MESHCONF_RSSI_THRESHOLD, 9581 params->rssi_threshold))) 9582 return -1; 9583 9584 /* 9585 * Set NL80211_MESHCONF_PLINK_TIMEOUT even if user mpm is used because 9586 * the timer could disconnect stations even in that case. 9587 */ 9588 if ((params->flags & WPA_DRIVER_MESH_CONF_FLAG_PEER_LINK_TIMEOUT) && 9589 nla_put_u32(msg, NL80211_MESHCONF_PLINK_TIMEOUT, 9590 params->peer_link_timeout)) { 9591 wpa_printf(MSG_ERROR, "nl80211: Failed to set PLINK_TIMEOUT"); 9592 return -1; 9593 } 9594 9595 if ((params->flags & WPA_DRIVER_MESH_CONF_FLAG_HT_OP_MODE) && 9596 nla_put_u16(msg, NL80211_MESHCONF_HT_OPMODE, params->ht_opmode)) { 9597 wpa_printf(MSG_ERROR, "nl80211: Failed to set HT_OP_MODE"); 9598 return -1; 9599 } 9600 9601 nla_nest_end(msg, container); 9602 9603 return 0; 9604 } 9605 9606 9607 static int nl80211_join_mesh(struct i802_bss *bss, 9608 struct wpa_driver_mesh_join_params *params) 9609 { 9610 struct wpa_driver_nl80211_data *drv = bss->drv; 9611 struct nl_msg *msg; 9612 struct nlattr *container; 9613 int ret = -1; 9614 9615 wpa_printf(MSG_DEBUG, "nl80211: mesh join (ifindex=%d)", drv->ifindex); 9616 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_JOIN_MESH); 9617 if (!msg || 9618 nl80211_put_freq_params(msg, ¶ms->freq) || 9619 nl80211_put_basic_rates(msg, params->basic_rates) || 9620 nl80211_put_mesh_id(msg, params->meshid, params->meshid_len) || 9621 nl80211_put_beacon_int(msg, params->beacon_int) || 9622 nl80211_put_dtim_period(msg, params->dtim_period)) 9623 goto fail; 9624 9625 wpa_printf(MSG_DEBUG, " * flags=%08X", params->flags); 9626 9627 container = nla_nest_start(msg, NL80211_ATTR_MESH_SETUP); 9628 if (!container) 9629 goto fail; 9630 9631 if (params->ies) { 9632 wpa_hexdump(MSG_DEBUG, " * IEs", params->ies, params->ie_len); 9633 if (nla_put(msg, NL80211_MESH_SETUP_IE, params->ie_len, 9634 params->ies)) 9635 goto fail; 9636 } 9637 /* WPA_DRIVER_MESH_FLAG_OPEN_AUTH is treated as default by nl80211 */ 9638 if (params->flags & WPA_DRIVER_MESH_FLAG_SAE_AUTH) { 9639 if (nla_put_u8(msg, NL80211_MESH_SETUP_AUTH_PROTOCOL, 0x1) || 9640 nla_put_flag(msg, NL80211_MESH_SETUP_USERSPACE_AUTH)) 9641 goto fail; 9642 } 9643 if ((params->flags & WPA_DRIVER_MESH_FLAG_AMPE) && 9644 nla_put_flag(msg, NL80211_MESH_SETUP_USERSPACE_AMPE)) 9645 goto fail; 9646 if ((params->flags & WPA_DRIVER_MESH_FLAG_USER_MPM) && 9647 nla_put_flag(msg, NL80211_MESH_SETUP_USERSPACE_MPM)) 9648 goto fail; 9649 nla_nest_end(msg, container); 9650 9651 params->conf.flags |= WPA_DRIVER_MESH_CONF_FLAG_AUTO_PLINKS; 9652 params->conf.flags |= WPA_DRIVER_MESH_CONF_FLAG_PEER_LINK_TIMEOUT; 9653 params->conf.flags |= WPA_DRIVER_MESH_CONF_FLAG_MAX_PEER_LINKS; 9654 if (nl80211_put_mesh_config(msg, ¶ms->conf) < 0) 9655 goto fail; 9656 9657 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 9658 msg = NULL; 9659 if (ret) { 9660 wpa_printf(MSG_DEBUG, "nl80211: mesh join failed: ret=%d (%s)", 9661 ret, strerror(-ret)); 9662 goto fail; 9663 } 9664 ret = 0; 9665 drv->assoc_freq = bss->freq = params->freq.freq; 9666 wpa_printf(MSG_DEBUG, "nl80211: mesh join request send successfully"); 9667 9668 fail: 9669 nlmsg_free(msg); 9670 return ret; 9671 } 9672 9673 9674 static int 9675 wpa_driver_nl80211_join_mesh(void *priv, 9676 struct wpa_driver_mesh_join_params *params) 9677 { 9678 struct i802_bss *bss = priv; 9679 int ret, timeout; 9680 9681 timeout = params->conf.peer_link_timeout; 9682 9683 /* Disable kernel inactivity timer */ 9684 if (params->flags & WPA_DRIVER_MESH_FLAG_USER_MPM) 9685 params->conf.peer_link_timeout = 0; 9686 9687 ret = nl80211_join_mesh(bss, params); 9688 if (ret == -EINVAL && params->conf.peer_link_timeout == 0) { 9689 wpa_printf(MSG_DEBUG, 9690 "nl80211: Mesh join retry for peer_link_timeout"); 9691 /* 9692 * Old kernel does not support setting 9693 * NL80211_MESHCONF_PLINK_TIMEOUT to zero, so set 60 seconds 9694 * into future from peer_link_timeout. 9695 */ 9696 params->conf.peer_link_timeout = timeout + 60; 9697 ret = nl80211_join_mesh(priv, params); 9698 } 9699 9700 params->conf.peer_link_timeout = timeout; 9701 return ret; 9702 } 9703 9704 9705 static int wpa_driver_nl80211_leave_mesh(void *priv) 9706 { 9707 struct i802_bss *bss = priv; 9708 struct wpa_driver_nl80211_data *drv = bss->drv; 9709 struct nl_msg *msg; 9710 int ret; 9711 9712 wpa_printf(MSG_DEBUG, "nl80211: mesh leave (ifindex=%d)", drv->ifindex); 9713 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_LEAVE_MESH); 9714 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 9715 if (ret) { 9716 wpa_printf(MSG_DEBUG, "nl80211: mesh leave failed: ret=%d (%s)", 9717 ret, strerror(-ret)); 9718 } else { 9719 wpa_printf(MSG_DEBUG, 9720 "nl80211: mesh leave request send successfully"); 9721 } 9722 9723 if (wpa_driver_nl80211_set_mode(drv->first_bss, 9724 NL80211_IFTYPE_STATION)) { 9725 wpa_printf(MSG_INFO, 9726 "nl80211: Failed to set interface into station mode"); 9727 } 9728 return ret; 9729 } 9730 9731 9732 static int nl80211_probe_mesh_link(void *priv, const u8 *addr, const u8 *eth, 9733 size_t len) 9734 { 9735 struct i802_bss *bss = priv; 9736 struct wpa_driver_nl80211_data *drv = bss->drv; 9737 struct nl_msg *msg; 9738 int ret; 9739 9740 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_PROBE_MESH_LINK); 9741 if (!msg || 9742 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr) || 9743 nla_put(msg, NL80211_ATTR_FRAME, len, eth)) { 9744 nlmsg_free(msg); 9745 return -ENOBUFS; 9746 } 9747 9748 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 9749 if (ret) { 9750 wpa_printf(MSG_DEBUG, "nl80211: mesh link probe to " MACSTR 9751 " failed: ret=%d (%s)", 9752 MAC2STR(addr), ret, strerror(-ret)); 9753 } else { 9754 wpa_printf(MSG_DEBUG, "nl80211: Mesh link to " MACSTR 9755 " probed successfully", MAC2STR(addr)); 9756 } 9757 9758 return ret; 9759 } 9760 9761 #endif /* CONFIG_MESH */ 9762 9763 9764 static int wpa_driver_br_add_ip_neigh(void *priv, u8 version, 9765 const u8 *ipaddr, int prefixlen, 9766 const u8 *addr) 9767 { 9768 #ifdef CONFIG_LIBNL3_ROUTE 9769 struct i802_bss *bss = priv; 9770 struct wpa_driver_nl80211_data *drv = bss->drv; 9771 struct rtnl_neigh *rn; 9772 struct nl_addr *nl_ipaddr = NULL; 9773 struct nl_addr *nl_lladdr = NULL; 9774 int family, addrsize; 9775 int res; 9776 9777 if (!ipaddr || prefixlen == 0 || !addr) 9778 return -EINVAL; 9779 9780 if (bss->br_ifindex == 0) { 9781 wpa_printf(MSG_DEBUG, 9782 "nl80211: bridge must be set before adding an ip neigh to it"); 9783 return -1; 9784 } 9785 9786 if (!drv->rtnl_sk) { 9787 wpa_printf(MSG_DEBUG, 9788 "nl80211: nl_sock for NETLINK_ROUTE is not initialized"); 9789 return -1; 9790 } 9791 9792 if (version == 4) { 9793 family = AF_INET; 9794 addrsize = 4; 9795 } else if (version == 6) { 9796 family = AF_INET6; 9797 addrsize = 16; 9798 } else { 9799 return -EINVAL; 9800 } 9801 9802 rn = rtnl_neigh_alloc(); 9803 if (rn == NULL) 9804 return -ENOMEM; 9805 9806 /* set the destination ip address for neigh */ 9807 nl_ipaddr = nl_addr_build(family, (void *) ipaddr, addrsize); 9808 if (nl_ipaddr == NULL) { 9809 wpa_printf(MSG_DEBUG, "nl80211: nl_ipaddr build failed"); 9810 res = -ENOMEM; 9811 goto errout; 9812 } 9813 nl_addr_set_prefixlen(nl_ipaddr, prefixlen); 9814 res = rtnl_neigh_set_dst(rn, nl_ipaddr); 9815 if (res) { 9816 wpa_printf(MSG_DEBUG, 9817 "nl80211: neigh set destination addr failed"); 9818 goto errout; 9819 } 9820 9821 /* set the corresponding lladdr for neigh */ 9822 nl_lladdr = nl_addr_build(AF_BRIDGE, (u8 *) addr, ETH_ALEN); 9823 if (nl_lladdr == NULL) { 9824 wpa_printf(MSG_DEBUG, "nl80211: neigh set lladdr failed"); 9825 res = -ENOMEM; 9826 goto errout; 9827 } 9828 rtnl_neigh_set_lladdr(rn, nl_lladdr); 9829 9830 rtnl_neigh_set_ifindex(rn, bss->br_ifindex); 9831 rtnl_neigh_set_state(rn, NUD_PERMANENT); 9832 9833 res = rtnl_neigh_add(drv->rtnl_sk, rn, NLM_F_CREATE); 9834 if (res) { 9835 wpa_printf(MSG_DEBUG, 9836 "nl80211: Adding bridge ip neigh failed: %s", 9837 strerror(errno)); 9838 } 9839 errout: 9840 if (nl_lladdr) 9841 nl_addr_put(nl_lladdr); 9842 if (nl_ipaddr) 9843 nl_addr_put(nl_ipaddr); 9844 if (rn) 9845 rtnl_neigh_put(rn); 9846 return res; 9847 #else /* CONFIG_LIBNL3_ROUTE */ 9848 return -1; 9849 #endif /* CONFIG_LIBNL3_ROUTE */ 9850 } 9851 9852 9853 static int wpa_driver_br_delete_ip_neigh(void *priv, u8 version, 9854 const u8 *ipaddr) 9855 { 9856 #ifdef CONFIG_LIBNL3_ROUTE 9857 struct i802_bss *bss = priv; 9858 struct wpa_driver_nl80211_data *drv = bss->drv; 9859 struct rtnl_neigh *rn; 9860 struct nl_addr *nl_ipaddr; 9861 int family, addrsize; 9862 int res; 9863 9864 if (!ipaddr) 9865 return -EINVAL; 9866 9867 if (version == 4) { 9868 family = AF_INET; 9869 addrsize = 4; 9870 } else if (version == 6) { 9871 family = AF_INET6; 9872 addrsize = 16; 9873 } else { 9874 return -EINVAL; 9875 } 9876 9877 if (bss->br_ifindex == 0) { 9878 wpa_printf(MSG_DEBUG, 9879 "nl80211: bridge must be set to delete an ip neigh"); 9880 return -1; 9881 } 9882 9883 if (!drv->rtnl_sk) { 9884 wpa_printf(MSG_DEBUG, 9885 "nl80211: nl_sock for NETLINK_ROUTE is not initialized"); 9886 return -1; 9887 } 9888 9889 rn = rtnl_neigh_alloc(); 9890 if (rn == NULL) 9891 return -ENOMEM; 9892 9893 /* set the destination ip address for neigh */ 9894 nl_ipaddr = nl_addr_build(family, (void *) ipaddr, addrsize); 9895 if (nl_ipaddr == NULL) { 9896 wpa_printf(MSG_DEBUG, "nl80211: nl_ipaddr build failed"); 9897 res = -ENOMEM; 9898 goto errout; 9899 } 9900 res = rtnl_neigh_set_dst(rn, nl_ipaddr); 9901 if (res) { 9902 wpa_printf(MSG_DEBUG, 9903 "nl80211: neigh set destination addr failed"); 9904 goto errout; 9905 } 9906 9907 rtnl_neigh_set_ifindex(rn, bss->br_ifindex); 9908 9909 res = rtnl_neigh_delete(drv->rtnl_sk, rn, 0); 9910 if (res) { 9911 wpa_printf(MSG_DEBUG, 9912 "nl80211: Deleting bridge ip neigh failed: %s", 9913 strerror(errno)); 9914 } 9915 errout: 9916 if (nl_ipaddr) 9917 nl_addr_put(nl_ipaddr); 9918 if (rn) 9919 rtnl_neigh_put(rn); 9920 return res; 9921 #else /* CONFIG_LIBNL3_ROUTE */ 9922 return -1; 9923 #endif /* CONFIG_LIBNL3_ROUTE */ 9924 } 9925 9926 9927 static int linux_write_system_file(const char *path, unsigned int val) 9928 { 9929 char buf[50]; 9930 int fd, len; 9931 9932 len = os_snprintf(buf, sizeof(buf), "%u\n", val); 9933 if (os_snprintf_error(sizeof(buf), len)) 9934 return -1; 9935 9936 fd = open(path, O_WRONLY); 9937 if (fd < 0) 9938 return -1; 9939 9940 if (write(fd, buf, len) < 0) { 9941 wpa_printf(MSG_DEBUG, 9942 "nl80211: Failed to write Linux system file: %s with the value of %d", 9943 path, val); 9944 close(fd); 9945 return -1; 9946 } 9947 close(fd); 9948 9949 return 0; 9950 } 9951 9952 9953 static const char * drv_br_port_attr_str(enum drv_br_port_attr attr) 9954 { 9955 switch (attr) { 9956 case DRV_BR_PORT_ATTR_PROXYARP: 9957 return "proxyarp_wifi"; 9958 case DRV_BR_PORT_ATTR_HAIRPIN_MODE: 9959 return "hairpin_mode"; 9960 } 9961 9962 return NULL; 9963 } 9964 9965 9966 static int wpa_driver_br_port_set_attr(void *priv, enum drv_br_port_attr attr, 9967 unsigned int val) 9968 { 9969 struct i802_bss *bss = priv; 9970 char path[128]; 9971 const char *attr_txt; 9972 9973 attr_txt = drv_br_port_attr_str(attr); 9974 if (attr_txt == NULL) 9975 return -EINVAL; 9976 9977 os_snprintf(path, sizeof(path), "/sys/class/net/%s/brport/%s", 9978 bss->ifname, attr_txt); 9979 9980 if (linux_write_system_file(path, val)) 9981 return -1; 9982 9983 return 0; 9984 } 9985 9986 9987 static const char * drv_br_net_param_str(enum drv_br_net_param param) 9988 { 9989 switch (param) { 9990 case DRV_BR_NET_PARAM_GARP_ACCEPT: 9991 return "arp_accept"; 9992 default: 9993 return NULL; 9994 } 9995 } 9996 9997 9998 static int wpa_driver_br_set_net_param(void *priv, enum drv_br_net_param param, 9999 unsigned int val) 10000 { 10001 struct i802_bss *bss = priv; 10002 char path[128]; 10003 const char *param_txt; 10004 int ip_version = 4; 10005 10006 if (param == DRV_BR_MULTICAST_SNOOPING) { 10007 os_snprintf(path, sizeof(path), 10008 "/sys/devices/virtual/net/%s/bridge/multicast_snooping", 10009 bss->brname); 10010 goto set_val; 10011 } 10012 10013 param_txt = drv_br_net_param_str(param); 10014 if (param_txt == NULL) 10015 return -EINVAL; 10016 10017 switch (param) { 10018 case DRV_BR_NET_PARAM_GARP_ACCEPT: 10019 ip_version = 4; 10020 break; 10021 default: 10022 return -EINVAL; 10023 } 10024 10025 os_snprintf(path, sizeof(path), "/proc/sys/net/ipv%d/conf/%s/%s", 10026 ip_version, bss->brname, param_txt); 10027 10028 set_val: 10029 if (linux_write_system_file(path, val)) 10030 return -1; 10031 10032 return 0; 10033 } 10034 10035 10036 #ifdef CONFIG_DRIVER_NL80211_QCA 10037 10038 static int hw_mode_to_qca_acs(enum hostapd_hw_mode hw_mode) 10039 { 10040 switch (hw_mode) { 10041 case HOSTAPD_MODE_IEEE80211B: 10042 return QCA_ACS_MODE_IEEE80211B; 10043 case HOSTAPD_MODE_IEEE80211G: 10044 return QCA_ACS_MODE_IEEE80211G; 10045 case HOSTAPD_MODE_IEEE80211A: 10046 return QCA_ACS_MODE_IEEE80211A; 10047 case HOSTAPD_MODE_IEEE80211AD: 10048 return QCA_ACS_MODE_IEEE80211AD; 10049 case HOSTAPD_MODE_IEEE80211ANY: 10050 return QCA_ACS_MODE_IEEE80211ANY; 10051 default: 10052 return -1; 10053 } 10054 } 10055 10056 10057 static int add_acs_freq_list(struct nl_msg *msg, const int *freq_list) 10058 { 10059 int i, len, ret; 10060 u32 *freqs; 10061 10062 if (!freq_list) 10063 return 0; 10064 len = int_array_len(freq_list); 10065 freqs = os_malloc(sizeof(u32) * len); 10066 if (!freqs) 10067 return -1; 10068 for (i = 0; i < len; i++) 10069 freqs[i] = freq_list[i]; 10070 ret = nla_put(msg, QCA_WLAN_VENDOR_ATTR_ACS_FREQ_LIST, 10071 sizeof(u32) * len, freqs); 10072 os_free(freqs); 10073 return ret; 10074 } 10075 10076 10077 static int wpa_driver_do_acs(void *priv, struct drv_acs_params *params) 10078 { 10079 struct i802_bss *bss = priv; 10080 struct wpa_driver_nl80211_data *drv = bss->drv; 10081 struct nl_msg *msg; 10082 struct nlattr *data; 10083 int ret; 10084 int mode; 10085 10086 mode = hw_mode_to_qca_acs(params->hw_mode); 10087 if (mode < 0) 10088 return -1; 10089 10090 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) || 10091 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) || 10092 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD, 10093 QCA_NL80211_VENDOR_SUBCMD_DO_ACS) || 10094 !(data = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) || 10095 nla_put_u8(msg, QCA_WLAN_VENDOR_ATTR_ACS_HW_MODE, mode) || 10096 (params->ht_enabled && 10097 nla_put_flag(msg, QCA_WLAN_VENDOR_ATTR_ACS_HT_ENABLED)) || 10098 (params->ht40_enabled && 10099 nla_put_flag(msg, QCA_WLAN_VENDOR_ATTR_ACS_HT40_ENABLED)) || 10100 (params->vht_enabled && 10101 nla_put_flag(msg, QCA_WLAN_VENDOR_ATTR_ACS_VHT_ENABLED)) || 10102 nla_put_u16(msg, QCA_WLAN_VENDOR_ATTR_ACS_CHWIDTH, 10103 params->ch_width) || 10104 (params->ch_list_len && 10105 nla_put(msg, QCA_WLAN_VENDOR_ATTR_ACS_CH_LIST, params->ch_list_len, 10106 params->ch_list)) || 10107 add_acs_freq_list(msg, params->freq_list)) { 10108 nlmsg_free(msg); 10109 return -ENOBUFS; 10110 } 10111 nla_nest_end(msg, data); 10112 10113 wpa_printf(MSG_DEBUG, 10114 "nl80211: ACS Params: HW_MODE: %d HT: %d HT40: %d VHT: %d BW: %d CH_LIST_LEN: %u", 10115 params->hw_mode, params->ht_enabled, params->ht40_enabled, 10116 params->vht_enabled, params->ch_width, params->ch_list_len); 10117 10118 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 10119 if (ret) { 10120 wpa_printf(MSG_DEBUG, 10121 "nl80211: Failed to invoke driver ACS function: %s", 10122 strerror(errno)); 10123 } 10124 return ret; 10125 } 10126 10127 10128 static int nl80211_set_band(void *priv, enum set_band band) 10129 { 10130 struct i802_bss *bss = priv; 10131 struct wpa_driver_nl80211_data *drv = bss->drv; 10132 struct nl_msg *msg; 10133 struct nlattr *data; 10134 int ret; 10135 enum qca_set_band qca_band; 10136 10137 if (!drv->setband_vendor_cmd_avail) 10138 return -1; 10139 10140 switch (band) { 10141 case WPA_SETBAND_AUTO: 10142 qca_band = QCA_SETBAND_AUTO; 10143 break; 10144 case WPA_SETBAND_5G: 10145 qca_band = QCA_SETBAND_5G; 10146 break; 10147 case WPA_SETBAND_2G: 10148 qca_band = QCA_SETBAND_2G; 10149 break; 10150 default: 10151 return -1; 10152 } 10153 10154 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) || 10155 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) || 10156 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD, 10157 QCA_NL80211_VENDOR_SUBCMD_SETBAND) || 10158 !(data = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) || 10159 nla_put_u32(msg, QCA_WLAN_VENDOR_ATTR_SETBAND_VALUE, qca_band)) { 10160 nlmsg_free(msg); 10161 return -ENOBUFS; 10162 } 10163 nla_nest_end(msg, data); 10164 10165 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 10166 if (ret) { 10167 wpa_printf(MSG_DEBUG, 10168 "nl80211: Driver setband function failed: %s", 10169 strerror(errno)); 10170 } 10171 return ret; 10172 } 10173 10174 10175 struct nl80211_pcl { 10176 unsigned int num; 10177 unsigned int *freq_list; 10178 }; 10179 10180 static int preferred_freq_info_handler(struct nl_msg *msg, void *arg) 10181 { 10182 struct nlattr *tb[NL80211_ATTR_MAX + 1]; 10183 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); 10184 struct nl80211_pcl *param = arg; 10185 struct nlattr *nl_vend, *attr; 10186 enum qca_iface_type iface_type; 10187 struct nlattr *tb_vendor[QCA_WLAN_VENDOR_ATTR_MAX + 1]; 10188 unsigned int num, max_num; 10189 u32 *freqs; 10190 10191 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), 10192 genlmsg_attrlen(gnlh, 0), NULL); 10193 10194 nl_vend = tb[NL80211_ATTR_VENDOR_DATA]; 10195 if (!nl_vend) 10196 return NL_SKIP; 10197 10198 nla_parse(tb_vendor, QCA_WLAN_VENDOR_ATTR_MAX, 10199 nla_data(nl_vend), nla_len(nl_vend), NULL); 10200 10201 attr = tb_vendor[ 10202 QCA_WLAN_VENDOR_ATTR_GET_PREFERRED_FREQ_LIST_IFACE_TYPE]; 10203 if (!attr) { 10204 wpa_printf(MSG_ERROR, "nl80211: iface_type couldn't be found"); 10205 param->num = 0; 10206 return NL_SKIP; 10207 } 10208 10209 iface_type = (enum qca_iface_type) nla_get_u32(attr); 10210 wpa_printf(MSG_DEBUG, "nl80211: Driver returned iface_type=%d", 10211 iface_type); 10212 10213 attr = tb_vendor[QCA_WLAN_VENDOR_ATTR_GET_PREFERRED_FREQ_LIST]; 10214 if (!attr) { 10215 wpa_printf(MSG_ERROR, 10216 "nl80211: preferred_freq_list couldn't be found"); 10217 param->num = 0; 10218 return NL_SKIP; 10219 } 10220 10221 /* 10222 * param->num has the maximum number of entries for which there 10223 * is room in the freq_list provided by the caller. 10224 */ 10225 freqs = nla_data(attr); 10226 max_num = nla_len(attr) / sizeof(u32); 10227 if (max_num > param->num) 10228 max_num = param->num; 10229 for (num = 0; num < max_num; num++) 10230 param->freq_list[num] = freqs[num]; 10231 param->num = num; 10232 10233 return NL_SKIP; 10234 } 10235 10236 10237 static int nl80211_get_pref_freq_list(void *priv, 10238 enum wpa_driver_if_type if_type, 10239 unsigned int *num, 10240 unsigned int *freq_list) 10241 { 10242 struct i802_bss *bss = priv; 10243 struct wpa_driver_nl80211_data *drv = bss->drv; 10244 struct nl_msg *msg; 10245 int ret; 10246 unsigned int i; 10247 struct nlattr *params; 10248 struct nl80211_pcl param; 10249 enum qca_iface_type iface_type; 10250 10251 if (!drv->get_pref_freq_list) 10252 return -1; 10253 10254 switch (if_type) { 10255 case WPA_IF_STATION: 10256 iface_type = QCA_IFACE_TYPE_STA; 10257 break; 10258 case WPA_IF_AP_BSS: 10259 iface_type = QCA_IFACE_TYPE_AP; 10260 break; 10261 case WPA_IF_P2P_GO: 10262 iface_type = QCA_IFACE_TYPE_P2P_GO; 10263 break; 10264 case WPA_IF_P2P_CLIENT: 10265 iface_type = QCA_IFACE_TYPE_P2P_CLIENT; 10266 break; 10267 case WPA_IF_IBSS: 10268 iface_type = QCA_IFACE_TYPE_IBSS; 10269 break; 10270 case WPA_IF_TDLS: 10271 iface_type = QCA_IFACE_TYPE_TDLS; 10272 break; 10273 default: 10274 return -1; 10275 } 10276 10277 param.num = *num; 10278 param.freq_list = freq_list; 10279 10280 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) || 10281 nla_put_u32(msg, NL80211_ATTR_IFINDEX, drv->ifindex) || 10282 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) || 10283 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD, 10284 QCA_NL80211_VENDOR_SUBCMD_GET_PREFERRED_FREQ_LIST) || 10285 !(params = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) || 10286 nla_put_u32(msg, 10287 QCA_WLAN_VENDOR_ATTR_GET_PREFERRED_FREQ_LIST_IFACE_TYPE, 10288 iface_type)) { 10289 wpa_printf(MSG_ERROR, 10290 "%s: err in adding vendor_cmd and vendor_data", 10291 __func__); 10292 nlmsg_free(msg); 10293 return -1; 10294 } 10295 nla_nest_end(msg, params); 10296 10297 os_memset(freq_list, 0, *num * sizeof(freq_list[0])); 10298 ret = send_and_recv_msgs(drv, msg, preferred_freq_info_handler, ¶m); 10299 if (ret) { 10300 wpa_printf(MSG_ERROR, 10301 "%s: err in send_and_recv_msgs", __func__); 10302 return ret; 10303 } 10304 10305 *num = param.num; 10306 10307 for (i = 0; i < *num; i++) { 10308 wpa_printf(MSG_DEBUG, "nl80211: preferred_channel_list[%d]=%d", 10309 i, freq_list[i]); 10310 } 10311 10312 return 0; 10313 } 10314 10315 10316 static int nl80211_set_prob_oper_freq(void *priv, unsigned int freq) 10317 { 10318 struct i802_bss *bss = priv; 10319 struct wpa_driver_nl80211_data *drv = bss->drv; 10320 struct nl_msg *msg; 10321 int ret; 10322 struct nlattr *params; 10323 10324 if (!drv->set_prob_oper_freq) 10325 return -1; 10326 10327 wpa_printf(MSG_DEBUG, 10328 "nl80211: Set P2P probable operating freq %u for ifindex %d", 10329 freq, bss->ifindex); 10330 10331 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) || 10332 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) || 10333 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD, 10334 QCA_NL80211_VENDOR_SUBCMD_SET_PROBABLE_OPER_CHANNEL) || 10335 !(params = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) || 10336 nla_put_u32(msg, 10337 QCA_WLAN_VENDOR_ATTR_PROBABLE_OPER_CHANNEL_IFACE_TYPE, 10338 QCA_IFACE_TYPE_P2P_CLIENT) || 10339 nla_put_u32(msg, 10340 QCA_WLAN_VENDOR_ATTR_PROBABLE_OPER_CHANNEL_FREQ, 10341 freq)) { 10342 wpa_printf(MSG_ERROR, 10343 "%s: err in adding vendor_cmd and vendor_data", 10344 __func__); 10345 nlmsg_free(msg); 10346 return -1; 10347 } 10348 nla_nest_end(msg, params); 10349 10350 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 10351 msg = NULL; 10352 if (ret) { 10353 wpa_printf(MSG_ERROR, "%s: err in send_and_recv_msgs", 10354 __func__); 10355 return ret; 10356 } 10357 nlmsg_free(msg); 10358 return 0; 10359 } 10360 10361 10362 static int nl80211_p2p_lo_start(void *priv, unsigned int freq, 10363 unsigned int period, unsigned int interval, 10364 unsigned int count, const u8 *device_types, 10365 size_t dev_types_len, 10366 const u8 *ies, size_t ies_len) 10367 { 10368 struct i802_bss *bss = priv; 10369 struct wpa_driver_nl80211_data *drv = bss->drv; 10370 struct nl_msg *msg; 10371 struct nlattr *container; 10372 int ret; 10373 10374 wpa_printf(MSG_DEBUG, 10375 "nl80211: Start P2P Listen offload: freq=%u, period=%u, interval=%u, count=%u", 10376 freq, period, interval, count); 10377 10378 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_P2P_LISTEN_OFFLOAD)) 10379 return -1; 10380 10381 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) || 10382 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) || 10383 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD, 10384 QCA_NL80211_VENDOR_SUBCMD_P2P_LISTEN_OFFLOAD_START)) 10385 goto fail; 10386 10387 container = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA); 10388 if (!container) 10389 goto fail; 10390 10391 if (nla_put_u32(msg, QCA_WLAN_VENDOR_ATTR_P2P_LISTEN_OFFLOAD_CHANNEL, 10392 freq) || 10393 nla_put_u32(msg, QCA_WLAN_VENDOR_ATTR_P2P_LISTEN_OFFLOAD_PERIOD, 10394 period) || 10395 nla_put_u32(msg, QCA_WLAN_VENDOR_ATTR_P2P_LISTEN_OFFLOAD_INTERVAL, 10396 interval) || 10397 nla_put_u32(msg, QCA_WLAN_VENDOR_ATTR_P2P_LISTEN_OFFLOAD_COUNT, 10398 count) || 10399 nla_put(msg, QCA_WLAN_VENDOR_ATTR_P2P_LISTEN_OFFLOAD_DEVICE_TYPES, 10400 dev_types_len, device_types) || 10401 nla_put(msg, QCA_WLAN_VENDOR_ATTR_P2P_LISTEN_OFFLOAD_VENDOR_IE, 10402 ies_len, ies)) 10403 goto fail; 10404 10405 nla_nest_end(msg, container); 10406 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 10407 msg = NULL; 10408 if (ret) { 10409 wpa_printf(MSG_DEBUG, 10410 "nl80211: Failed to send P2P Listen offload vendor command"); 10411 goto fail; 10412 } 10413 10414 return 0; 10415 10416 fail: 10417 nlmsg_free(msg); 10418 return -1; 10419 } 10420 10421 10422 static int nl80211_p2p_lo_stop(void *priv) 10423 { 10424 struct i802_bss *bss = priv; 10425 struct wpa_driver_nl80211_data *drv = bss->drv; 10426 struct nl_msg *msg; 10427 10428 wpa_printf(MSG_DEBUG, "nl80211: Stop P2P Listen offload"); 10429 10430 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_P2P_LISTEN_OFFLOAD)) 10431 return -1; 10432 10433 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) || 10434 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) || 10435 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD, 10436 QCA_NL80211_VENDOR_SUBCMD_P2P_LISTEN_OFFLOAD_STOP)) { 10437 nlmsg_free(msg); 10438 return -1; 10439 } 10440 10441 return send_and_recv_msgs(drv, msg, NULL, NULL); 10442 } 10443 10444 10445 static int nl80211_set_tdls_mode(void *priv, int tdls_external_control) 10446 { 10447 struct i802_bss *bss = priv; 10448 struct wpa_driver_nl80211_data *drv = bss->drv; 10449 struct nl_msg *msg; 10450 struct nlattr *params; 10451 int ret; 10452 u32 tdls_mode; 10453 10454 wpa_printf(MSG_DEBUG, 10455 "nl80211: Set TDKS mode: tdls_external_control=%d", 10456 tdls_external_control); 10457 10458 if (tdls_external_control == 1) 10459 tdls_mode = QCA_WLAN_VENDOR_TDLS_TRIGGER_MODE_IMPLICIT | 10460 QCA_WLAN_VENDOR_TDLS_TRIGGER_MODE_EXTERNAL; 10461 else 10462 tdls_mode = QCA_WLAN_VENDOR_TDLS_TRIGGER_MODE_EXPLICIT; 10463 10464 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) || 10465 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) || 10466 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD, 10467 QCA_NL80211_VENDOR_SUBCMD_CONFIGURE_TDLS)) 10468 goto fail; 10469 10470 params = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA); 10471 if (!params) 10472 goto fail; 10473 10474 if (nla_put_u32(msg, QCA_WLAN_VENDOR_ATTR_TDLS_CONFIG_TRIGGER_MODE, 10475 tdls_mode)) 10476 goto fail; 10477 10478 nla_nest_end(msg, params); 10479 10480 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 10481 msg = NULL; 10482 if (ret) { 10483 wpa_printf(MSG_ERROR, 10484 "nl80211: Set TDLS mode failed: ret=%d (%s)", 10485 ret, strerror(-ret)); 10486 goto fail; 10487 } 10488 return 0; 10489 fail: 10490 nlmsg_free(msg); 10491 return -1; 10492 } 10493 10494 10495 #ifdef CONFIG_MBO 10496 10497 static enum mbo_transition_reject_reason 10498 nl80211_mbo_reject_reason_mapping(enum qca_wlan_btm_candidate_status status) 10499 { 10500 switch (status) { 10501 case QCA_STATUS_REJECT_EXCESSIVE_FRAME_LOSS_EXPECTED: 10502 return MBO_TRANSITION_REJECT_REASON_FRAME_LOSS; 10503 case QCA_STATUS_REJECT_EXCESSIVE_DELAY_EXPECTED: 10504 return MBO_TRANSITION_REJECT_REASON_DELAY; 10505 case QCA_STATUS_REJECT_INSUFFICIENT_QOS_CAPACITY: 10506 return MBO_TRANSITION_REJECT_REASON_QOS_CAPACITY; 10507 case QCA_STATUS_REJECT_LOW_RSSI: 10508 return MBO_TRANSITION_REJECT_REASON_RSSI; 10509 case QCA_STATUS_REJECT_HIGH_INTERFERENCE: 10510 return MBO_TRANSITION_REJECT_REASON_INTERFERENCE; 10511 case QCA_STATUS_REJECT_UNKNOWN: 10512 default: 10513 return MBO_TRANSITION_REJECT_REASON_UNSPECIFIED; 10514 } 10515 } 10516 10517 10518 static void nl80211_parse_btm_candidate_info(struct candidate_list *candidate, 10519 struct nlattr *tb[], int num) 10520 { 10521 enum qca_wlan_btm_candidate_status status; 10522 char buf[50]; 10523 10524 os_memcpy(candidate->bssid, 10525 nla_data(tb[QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO_BSSID]), 10526 ETH_ALEN); 10527 10528 status = nla_get_u32( 10529 tb[QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO_STATUS]); 10530 candidate->is_accept = status == QCA_STATUS_ACCEPT; 10531 candidate->reject_reason = nl80211_mbo_reject_reason_mapping(status); 10532 10533 if (candidate->is_accept) 10534 os_snprintf(buf, sizeof(buf), "Accepted"); 10535 else 10536 os_snprintf(buf, sizeof(buf), 10537 "Rejected, Reject_reason: %d", 10538 candidate->reject_reason); 10539 wpa_printf(MSG_DEBUG, "nl80211: BSSID[%d]: " MACSTR " %s", 10540 num, MAC2STR(candidate->bssid), buf); 10541 } 10542 10543 10544 static int 10545 nl80211_get_bss_transition_status_handler(struct nl_msg *msg, void *arg) 10546 { 10547 struct wpa_bss_candidate_info *info = arg; 10548 struct candidate_list *candidate = info->candidates; 10549 struct nlattr *tb_msg[NL80211_ATTR_MAX + 1]; 10550 struct nlattr *tb_vendor[QCA_WLAN_VENDOR_ATTR_MAX + 1]; 10551 struct nlattr *tb[QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO_MAX + 1]; 10552 static struct nla_policy policy[ 10553 QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO_MAX + 1] = { 10554 [QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO_BSSID] = { 10555 .minlen = ETH_ALEN 10556 }, 10557 [QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO_STATUS] = { 10558 .type = NLA_U32, 10559 }, 10560 }; 10561 struct nlattr *attr; 10562 int rem; 10563 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); 10564 u8 num; 10565 10566 num = info->num; /* number of candidates sent to driver */ 10567 info->num = 0; 10568 nla_parse(tb_msg, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), 10569 genlmsg_attrlen(gnlh, 0), NULL); 10570 10571 if (!tb_msg[NL80211_ATTR_VENDOR_DATA] || 10572 nla_parse_nested(tb_vendor, QCA_WLAN_VENDOR_ATTR_MAX, 10573 tb_msg[NL80211_ATTR_VENDOR_DATA], NULL) || 10574 !tb_vendor[QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO]) 10575 return NL_SKIP; 10576 10577 wpa_printf(MSG_DEBUG, 10578 "nl80211: WNM Candidate list received from driver"); 10579 nla_for_each_nested(attr, 10580 tb_vendor[QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO], 10581 rem) { 10582 if (info->num >= num || 10583 nla_parse_nested( 10584 tb, QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO_MAX, 10585 attr, policy) || 10586 !tb[QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO_BSSID] || 10587 !tb[QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO_STATUS]) 10588 break; 10589 10590 nl80211_parse_btm_candidate_info(candidate, tb, info->num); 10591 10592 candidate++; 10593 info->num++; 10594 } 10595 10596 return NL_SKIP; 10597 } 10598 10599 10600 static struct wpa_bss_candidate_info * 10601 nl80211_get_bss_transition_status(void *priv, struct wpa_bss_trans_info *params) 10602 { 10603 struct i802_bss *bss = priv; 10604 struct wpa_driver_nl80211_data *drv = bss->drv; 10605 struct nl_msg *msg; 10606 struct nlattr *attr, *attr1, *attr2; 10607 struct wpa_bss_candidate_info *info; 10608 u8 i; 10609 int ret; 10610 u8 *pos; 10611 10612 if (!drv->fetch_bss_trans_status) 10613 return NULL; 10614 10615 info = os_zalloc(sizeof(*info)); 10616 if (!info) 10617 return NULL; 10618 /* Allocate memory for number of candidates sent to driver */ 10619 info->candidates = os_calloc(params->n_candidates, 10620 sizeof(*info->candidates)); 10621 if (!info->candidates) { 10622 os_free(info); 10623 return NULL; 10624 } 10625 10626 /* Copy the number of candidates being sent to driver. This is used in 10627 * nl80211_get_bss_transition_status_handler() to limit the number of 10628 * candidates that can be populated in info->candidates and will be 10629 * later overwritten with the actual number of candidates received from 10630 * the driver. 10631 */ 10632 info->num = params->n_candidates; 10633 10634 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) || 10635 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) || 10636 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD, 10637 QCA_NL80211_VENDOR_SUBCMD_FETCH_BSS_TRANSITION_STATUS)) 10638 goto fail; 10639 10640 attr = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA); 10641 if (!attr) 10642 goto fail; 10643 10644 if (nla_put_u8(msg, QCA_WLAN_VENDOR_ATTR_BTM_MBO_TRANSITION_REASON, 10645 params->mbo_transition_reason)) 10646 goto fail; 10647 10648 attr1 = nla_nest_start(msg, QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO); 10649 if (!attr1) 10650 goto fail; 10651 10652 wpa_printf(MSG_DEBUG, 10653 "nl80211: WNM Candidate list info sending to driver: mbo_transition_reason: %d n_candidates: %d", 10654 params->mbo_transition_reason, params->n_candidates); 10655 pos = params->bssid; 10656 for (i = 0; i < params->n_candidates; i++) { 10657 wpa_printf(MSG_DEBUG, "nl80211: BSSID[%d]: " MACSTR, i, 10658 MAC2STR(pos)); 10659 attr2 = nla_nest_start(msg, i); 10660 if (!attr2 || 10661 nla_put(msg, QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO_BSSID, 10662 ETH_ALEN, pos)) 10663 goto fail; 10664 pos += ETH_ALEN; 10665 nla_nest_end(msg, attr2); 10666 } 10667 10668 nla_nest_end(msg, attr1); 10669 nla_nest_end(msg, attr); 10670 10671 ret = send_and_recv_msgs(drv, msg, 10672 nl80211_get_bss_transition_status_handler, 10673 info); 10674 msg = NULL; 10675 if (ret) { 10676 wpa_printf(MSG_ERROR, 10677 "nl80211: WNM Get BSS transition status failed: ret=%d (%s)", 10678 ret, strerror(-ret)); 10679 goto fail; 10680 } 10681 return info; 10682 10683 fail: 10684 nlmsg_free(msg); 10685 os_free(info->candidates); 10686 os_free(info); 10687 return NULL; 10688 } 10689 10690 10691 /** 10692 * nl80211_ignore_assoc_disallow - Configure driver to ignore assoc_disallow 10693 * @priv: Pointer to private driver data from wpa_driver_nl80211_init() 10694 * @ignore_assoc_disallow: 0 to not ignore, 1 to ignore 10695 * Returns: 0 on success, -1 on failure 10696 */ 10697 static int nl80211_ignore_assoc_disallow(void *priv, int ignore_disallow) 10698 { 10699 struct i802_bss *bss = priv; 10700 struct wpa_driver_nl80211_data *drv = bss->drv; 10701 struct nl_msg *msg; 10702 struct nlattr *attr; 10703 int ret = -1; 10704 10705 if (!drv->set_wifi_conf_vendor_cmd_avail) 10706 return -1; 10707 10708 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) || 10709 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) || 10710 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD, 10711 QCA_NL80211_VENDOR_SUBCMD_SET_WIFI_CONFIGURATION)) 10712 goto fail; 10713 10714 attr = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA); 10715 if (!attr) 10716 goto fail; 10717 10718 wpa_printf(MSG_DEBUG, "nl80211: Set ignore_assoc_disallow %d", 10719 ignore_disallow); 10720 if (nla_put_u8(msg, QCA_WLAN_VENDOR_ATTR_CONFIG_IGNORE_ASSOC_DISALLOWED, 10721 ignore_disallow)) 10722 goto fail; 10723 10724 nla_nest_end(msg, attr); 10725 10726 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 10727 msg = NULL; 10728 if (ret) { 10729 wpa_printf(MSG_ERROR, 10730 "nl80211: Set ignore_assoc_disallow failed: ret=%d (%s)", 10731 ret, strerror(-ret)); 10732 goto fail; 10733 } 10734 10735 fail: 10736 nlmsg_free(msg); 10737 return ret; 10738 } 10739 10740 #endif /* CONFIG_MBO */ 10741 10742 #endif /* CONFIG_DRIVER_NL80211_QCA */ 10743 10744 10745 static int nl80211_write_to_file(const char *name, unsigned int val) 10746 { 10747 int fd, len; 10748 char tmp[128]; 10749 int ret = 0; 10750 10751 fd = open(name, O_RDWR); 10752 if (fd < 0) { 10753 int level; 10754 /* 10755 * Flags may not exist on older kernels, or while we're tearing 10756 * down a disappearing device. 10757 */ 10758 if (errno == ENOENT) { 10759 ret = 0; 10760 level = MSG_DEBUG; 10761 } else { 10762 ret = -1; 10763 level = MSG_ERROR; 10764 } 10765 wpa_printf(level, "nl80211: Failed to open %s: %s", 10766 name, strerror(errno)); 10767 return ret; 10768 } 10769 10770 len = os_snprintf(tmp, sizeof(tmp), "%u\n", val); 10771 len = write(fd, tmp, len); 10772 if (len < 0) { 10773 ret = -1; 10774 wpa_printf(MSG_ERROR, "nl80211: Failed to write to %s: %s", 10775 name, strerror(errno)); 10776 } 10777 close(fd); 10778 10779 return ret; 10780 } 10781 10782 10783 static int nl80211_configure_data_frame_filters(void *priv, u32 filter_flags) 10784 { 10785 struct i802_bss *bss = priv; 10786 char path[128]; 10787 int ret; 10788 10789 wpa_printf(MSG_DEBUG, "nl80211: Data frame filter flags=0x%x", 10790 filter_flags); 10791 10792 /* Configure filtering of unicast frame encrypted using GTK */ 10793 ret = os_snprintf(path, sizeof(path), 10794 "/proc/sys/net/ipv4/conf/%s/drop_unicast_in_l2_multicast", 10795 bss->ifname); 10796 if (os_snprintf_error(sizeof(path), ret)) 10797 return -1; 10798 10799 ret = nl80211_write_to_file(path, 10800 !!(filter_flags & 10801 WPA_DATA_FRAME_FILTER_FLAG_GTK)); 10802 if (ret) { 10803 wpa_printf(MSG_ERROR, 10804 "nl80211: Failed to set IPv4 unicast in multicast filter"); 10805 return ret; 10806 } 10807 10808 os_snprintf(path, sizeof(path), 10809 "/proc/sys/net/ipv6/conf/%s/drop_unicast_in_l2_multicast", 10810 bss->ifname); 10811 ret = nl80211_write_to_file(path, 10812 !!(filter_flags & 10813 WPA_DATA_FRAME_FILTER_FLAG_GTK)); 10814 10815 if (ret) { 10816 wpa_printf(MSG_ERROR, 10817 "nl80211: Failed to set IPv6 unicast in multicast filter"); 10818 return ret; 10819 } 10820 10821 /* Configure filtering of unicast frame encrypted using GTK */ 10822 os_snprintf(path, sizeof(path), 10823 "/proc/sys/net/ipv4/conf/%s/drop_gratuitous_arp", 10824 bss->ifname); 10825 ret = nl80211_write_to_file(path, 10826 !!(filter_flags & 10827 WPA_DATA_FRAME_FILTER_FLAG_ARP)); 10828 if (ret) { 10829 wpa_printf(MSG_ERROR, 10830 "nl80211: Failed set gratuitous ARP filter"); 10831 return ret; 10832 } 10833 10834 /* Configure filtering of IPv6 NA frames */ 10835 os_snprintf(path, sizeof(path), 10836 "/proc/sys/net/ipv6/conf/%s/drop_unsolicited_na", 10837 bss->ifname); 10838 ret = nl80211_write_to_file(path, 10839 !!(filter_flags & 10840 WPA_DATA_FRAME_FILTER_FLAG_NA)); 10841 if (ret) { 10842 wpa_printf(MSG_ERROR, 10843 "nl80211: Failed to set unsolicited NA filter"); 10844 return ret; 10845 } 10846 10847 return 0; 10848 } 10849 10850 10851 static int nl80211_get_ext_capab(void *priv, enum wpa_driver_if_type type, 10852 const u8 **ext_capa, const u8 **ext_capa_mask, 10853 unsigned int *ext_capa_len) 10854 { 10855 struct i802_bss *bss = priv; 10856 struct wpa_driver_nl80211_data *drv = bss->drv; 10857 enum nl80211_iftype nlmode; 10858 unsigned int i; 10859 10860 if (!ext_capa || !ext_capa_mask || !ext_capa_len) 10861 return -1; 10862 10863 nlmode = wpa_driver_nl80211_if_type(type); 10864 10865 /* By default, use the per-radio values */ 10866 *ext_capa = drv->extended_capa; 10867 *ext_capa_mask = drv->extended_capa_mask; 10868 *ext_capa_len = drv->extended_capa_len; 10869 10870 /* Replace the default value if a per-interface type value exists */ 10871 for (i = 0; i < drv->num_iface_ext_capa; i++) { 10872 if (nlmode == drv->iface_ext_capa[i].iftype) { 10873 *ext_capa = drv->iface_ext_capa[i].ext_capa; 10874 *ext_capa_mask = drv->iface_ext_capa[i].ext_capa_mask; 10875 *ext_capa_len = drv->iface_ext_capa[i].ext_capa_len; 10876 break; 10877 } 10878 } 10879 10880 return 0; 10881 } 10882 10883 10884 static int nl80211_update_connection_params( 10885 void *priv, struct wpa_driver_associate_params *params, 10886 enum wpa_drv_update_connect_params_mask mask) 10887 { 10888 struct i802_bss *bss = priv; 10889 struct wpa_driver_nl80211_data *drv = bss->drv; 10890 struct nl_msg *msg; 10891 int ret = -1; 10892 enum nl80211_auth_type type; 10893 10894 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_UPDATE_CONNECT_PARAMS); 10895 if (!msg) 10896 goto fail; 10897 10898 wpa_printf(MSG_DEBUG, "nl80211: Update connection params (ifindex=%d)", 10899 drv->ifindex); 10900 10901 if ((mask & WPA_DRV_UPDATE_ASSOC_IES) && params->wpa_ie) { 10902 if (nla_put(msg, NL80211_ATTR_IE, params->wpa_ie_len, 10903 params->wpa_ie)) 10904 goto fail; 10905 wpa_hexdump(MSG_DEBUG, " * IEs", params->wpa_ie, 10906 params->wpa_ie_len); 10907 } 10908 10909 if (mask & WPA_DRV_UPDATE_AUTH_TYPE) { 10910 type = get_nl_auth_type(params->auth_alg); 10911 if (type == NL80211_AUTHTYPE_MAX || 10912 nla_put_u32(msg, NL80211_ATTR_AUTH_TYPE, type)) 10913 goto fail; 10914 wpa_printf(MSG_DEBUG, " * Auth Type %d", type); 10915 } 10916 10917 if ((mask & WPA_DRV_UPDATE_FILS_ERP_INFO) && 10918 nl80211_put_fils_connect_params(drv, params, msg)) 10919 goto fail; 10920 10921 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 10922 msg = NULL; 10923 if (ret) 10924 wpa_dbg(drv->ctx, MSG_DEBUG, 10925 "nl80211: Update connect params command failed: ret=%d (%s)", 10926 ret, strerror(-ret)); 10927 10928 fail: 10929 nlmsg_free(msg); 10930 return ret; 10931 } 10932 10933 10934 static int nl80211_send_external_auth_status(void *priv, 10935 struct external_auth *params) 10936 { 10937 struct i802_bss *bss = priv; 10938 struct wpa_driver_nl80211_data *drv = bss->drv; 10939 struct nl_msg *msg = NULL; 10940 int ret = -1; 10941 10942 /* External auth command/status is intended for drivers that implement 10943 * intenral SME but want to offload authentication processing (e.g., 10944 * SAE) to hostapd/wpa_supplicant. Do nott send the status to drivers 10945 * which do not support AP SME or use wpa_supplicant/hostapd SME. 10946 */ 10947 if ((is_ap_interface(drv->nlmode) && !bss->drv->device_ap_sme) || 10948 (drv->capa.flags & WPA_DRIVER_FLAGS_SME)) 10949 return -1; 10950 10951 wpa_dbg(drv->ctx, MSG_DEBUG, 10952 "nl80211: External auth status: %u", params->status); 10953 10954 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_EXTERNAL_AUTH); 10955 if (!msg || 10956 nla_put_u16(msg, NL80211_ATTR_STATUS_CODE, params->status) || 10957 (params->ssid && params->ssid_len && 10958 nla_put(msg, NL80211_ATTR_SSID, params->ssid_len, params->ssid)) || 10959 (params->pmkid && 10960 nla_put(msg, NL80211_ATTR_PMKID, PMKID_LEN, params->pmkid)) || 10961 (params->bssid && 10962 nla_put(msg, NL80211_ATTR_BSSID, ETH_ALEN, params->bssid))) 10963 goto fail; 10964 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 10965 msg = NULL; 10966 if (ret) { 10967 wpa_printf(MSG_DEBUG, 10968 "nl80211: External Auth status update failed: ret=%d (%s)", 10969 ret, strerror(-ret)); 10970 goto fail; 10971 } 10972 fail: 10973 nlmsg_free(msg); 10974 return ret; 10975 } 10976 10977 10978 static int nl80211_set_4addr_mode(void *priv, const char *bridge_ifname, 10979 int val) 10980 { 10981 struct i802_bss *bss = priv; 10982 struct wpa_driver_nl80211_data *drv = bss->drv; 10983 struct nl_msg *msg; 10984 int ret = -ENOBUFS; 10985 10986 wpa_printf(MSG_DEBUG, "nl80211: %s 4addr mode (bridge_ifname: %s)", 10987 val ? "Enable" : "Disable", bridge_ifname); 10988 10989 msg = nl80211_cmd_msg(drv->first_bss, 0, NL80211_CMD_SET_INTERFACE); 10990 if (!msg || nla_put_u8(msg, NL80211_ATTR_4ADDR, val)) 10991 goto fail; 10992 10993 if (bridge_ifname[0] && bss->added_if_into_bridge && !val) { 10994 if (linux_br_del_if(drv->global->ioctl_sock, 10995 bridge_ifname, bss->ifname)) { 10996 wpa_printf(MSG_ERROR, 10997 "nl80211: Failed to remove interface %s from bridge %s", 10998 bss->ifname, bridge_ifname); 10999 return -1; 11000 } 11001 bss->added_if_into_bridge = 0; 11002 } 11003 11004 ret = send_and_recv_msgs(drv, msg, NULL, NULL); 11005 msg = NULL; 11006 if (!ret) { 11007 if (bridge_ifname[0] && val && 11008 i802_check_bridge(drv, bss, bridge_ifname, bss->ifname) < 0) 11009 return -1; 11010 return 0; 11011 } 11012 11013 fail: 11014 nlmsg_free(msg); 11015 wpa_printf(MSG_ERROR, "nl80211: Failed to enable/disable 4addr"); 11016 11017 return ret; 11018 } 11019 11020 11021 const struct wpa_driver_ops wpa_driver_nl80211_ops = { 11022 .name = "nl80211", 11023 .desc = "Linux nl80211/cfg80211", 11024 .get_bssid = wpa_driver_nl80211_get_bssid, 11025 .get_ssid = wpa_driver_nl80211_get_ssid, 11026 .set_key = driver_nl80211_set_key, 11027 .scan2 = driver_nl80211_scan2, 11028 .sched_scan = wpa_driver_nl80211_sched_scan, 11029 .stop_sched_scan = wpa_driver_nl80211_stop_sched_scan, 11030 .get_scan_results2 = wpa_driver_nl80211_get_scan_results, 11031 .abort_scan = wpa_driver_nl80211_abort_scan, 11032 .deauthenticate = driver_nl80211_deauthenticate, 11033 .authenticate = driver_nl80211_authenticate, 11034 .associate = wpa_driver_nl80211_associate, 11035 .global_init = nl80211_global_init, 11036 .global_deinit = nl80211_global_deinit, 11037 .init2 = wpa_driver_nl80211_init, 11038 .deinit = driver_nl80211_deinit, 11039 .get_capa = wpa_driver_nl80211_get_capa, 11040 .set_operstate = wpa_driver_nl80211_set_operstate, 11041 .set_supp_port = wpa_driver_nl80211_set_supp_port, 11042 .set_country = wpa_driver_nl80211_set_country, 11043 .get_country = wpa_driver_nl80211_get_country, 11044 .set_ap = wpa_driver_nl80211_set_ap, 11045 .set_acl = wpa_driver_nl80211_set_acl, 11046 .if_add = wpa_driver_nl80211_if_add, 11047 .if_remove = driver_nl80211_if_remove, 11048 .send_mlme = driver_nl80211_send_mlme, 11049 .get_hw_feature_data = nl80211_get_hw_feature_data, 11050 .sta_add = wpa_driver_nl80211_sta_add, 11051 .sta_remove = driver_nl80211_sta_remove, 11052 .hapd_send_eapol = wpa_driver_nl80211_hapd_send_eapol, 11053 .sta_set_flags = wpa_driver_nl80211_sta_set_flags, 11054 .sta_set_airtime_weight = driver_nl80211_sta_set_airtime_weight, 11055 .hapd_init = i802_init, 11056 .hapd_deinit = i802_deinit, 11057 .set_wds_sta = i802_set_wds_sta, 11058 .get_seqnum = i802_get_seqnum, 11059 .flush = i802_flush, 11060 .get_inact_sec = i802_get_inact_sec, 11061 .sta_clear_stats = i802_sta_clear_stats, 11062 .set_rts = i802_set_rts, 11063 .set_frag = i802_set_frag, 11064 .set_tx_queue_params = i802_set_tx_queue_params, 11065 .set_sta_vlan = driver_nl80211_set_sta_vlan, 11066 .sta_deauth = i802_sta_deauth, 11067 .sta_disassoc = i802_sta_disassoc, 11068 .read_sta_data = driver_nl80211_read_sta_data, 11069 .set_freq = i802_set_freq, 11070 .send_action = driver_nl80211_send_action, 11071 .send_action_cancel_wait = wpa_driver_nl80211_send_action_cancel_wait, 11072 .remain_on_channel = wpa_driver_nl80211_remain_on_channel, 11073 .cancel_remain_on_channel = 11074 wpa_driver_nl80211_cancel_remain_on_channel, 11075 .probe_req_report = driver_nl80211_probe_req_report, 11076 .deinit_ap = wpa_driver_nl80211_deinit_ap, 11077 .deinit_p2p_cli = wpa_driver_nl80211_deinit_p2p_cli, 11078 .resume = wpa_driver_nl80211_resume, 11079 .signal_monitor = nl80211_signal_monitor, 11080 .signal_poll = nl80211_signal_poll, 11081 .channel_info = nl80211_channel_info, 11082 .send_frame = nl80211_send_frame, 11083 .set_param = nl80211_set_param, 11084 .get_radio_name = nl80211_get_radio_name, 11085 .add_pmkid = nl80211_add_pmkid, 11086 .remove_pmkid = nl80211_remove_pmkid, 11087 .flush_pmkid = nl80211_flush_pmkid, 11088 .set_rekey_info = nl80211_set_rekey_info, 11089 .poll_client = nl80211_poll_client, 11090 .set_p2p_powersave = nl80211_set_p2p_powersave, 11091 .start_dfs_cac = nl80211_start_radar_detection, 11092 .stop_ap = wpa_driver_nl80211_stop_ap, 11093 #ifdef CONFIG_TDLS 11094 .send_tdls_mgmt = nl80211_send_tdls_mgmt, 11095 .tdls_oper = nl80211_tdls_oper, 11096 .tdls_enable_channel_switch = nl80211_tdls_enable_channel_switch, 11097 .tdls_disable_channel_switch = nl80211_tdls_disable_channel_switch, 11098 #endif /* CONFIG_TDLS */ 11099 .update_ft_ies = wpa_driver_nl80211_update_ft_ies, 11100 .update_dh_ie = nl80211_update_dh_ie, 11101 .get_mac_addr = wpa_driver_nl80211_get_macaddr, 11102 .get_survey = wpa_driver_nl80211_get_survey, 11103 .status = wpa_driver_nl80211_status, 11104 .switch_channel = nl80211_switch_channel, 11105 #ifdef ANDROID_P2P 11106 .set_noa = wpa_driver_set_p2p_noa, 11107 .get_noa = wpa_driver_get_p2p_noa, 11108 .set_ap_wps_ie = wpa_driver_set_ap_wps_p2p_ie, 11109 #endif /* ANDROID_P2P */ 11110 #ifdef ANDROID 11111 #ifndef ANDROID_LIB_STUB 11112 .driver_cmd = wpa_driver_nl80211_driver_cmd, 11113 #endif /* !ANDROID_LIB_STUB */ 11114 #endif /* ANDROID */ 11115 .vendor_cmd = nl80211_vendor_cmd, 11116 .set_qos_map = nl80211_set_qos_map, 11117 .set_wowlan = nl80211_set_wowlan, 11118 .set_mac_addr = nl80211_set_mac_addr, 11119 #ifdef CONFIG_MESH 11120 .init_mesh = wpa_driver_nl80211_init_mesh, 11121 .join_mesh = wpa_driver_nl80211_join_mesh, 11122 .leave_mesh = wpa_driver_nl80211_leave_mesh, 11123 .probe_mesh_link = nl80211_probe_mesh_link, 11124 #endif /* CONFIG_MESH */ 11125 .br_add_ip_neigh = wpa_driver_br_add_ip_neigh, 11126 .br_delete_ip_neigh = wpa_driver_br_delete_ip_neigh, 11127 .br_port_set_attr = wpa_driver_br_port_set_attr, 11128 .br_set_net_param = wpa_driver_br_set_net_param, 11129 .add_tx_ts = nl80211_add_ts, 11130 .del_tx_ts = nl80211_del_ts, 11131 .get_ifindex = nl80211_get_ifindex, 11132 #ifdef CONFIG_DRIVER_NL80211_QCA 11133 .roaming = nl80211_roaming, 11134 .disable_fils = nl80211_disable_fils, 11135 .do_acs = wpa_driver_do_acs, 11136 .set_band = nl80211_set_band, 11137 .get_pref_freq_list = nl80211_get_pref_freq_list, 11138 .set_prob_oper_freq = nl80211_set_prob_oper_freq, 11139 .p2p_lo_start = nl80211_p2p_lo_start, 11140 .p2p_lo_stop = nl80211_p2p_lo_stop, 11141 .set_default_scan_ies = nl80211_set_default_scan_ies, 11142 .set_tdls_mode = nl80211_set_tdls_mode, 11143 #ifdef CONFIG_MBO 11144 .get_bss_transition_status = nl80211_get_bss_transition_status, 11145 .ignore_assoc_disallow = nl80211_ignore_assoc_disallow, 11146 #endif /* CONFIG_MBO */ 11147 .set_bssid_blacklist = nl80211_set_bssid_blacklist, 11148 #endif /* CONFIG_DRIVER_NL80211_QCA */ 11149 .configure_data_frame_filters = nl80211_configure_data_frame_filters, 11150 .get_ext_capab = nl80211_get_ext_capab, 11151 .update_connect_params = nl80211_update_connection_params, 11152 .send_external_auth_status = nl80211_send_external_auth_status, 11153 .set_4addr_mode = nl80211_set_4addr_mode, 11154 }; 11155