1 /* 2 * Driver interaction with Linux nl80211/cfg80211 3 * Copyright (c) 2002-2015, Jouni Malinen <j@w1.fi> 4 * Copyright (c) 2003-2004, Instant802 Networks, Inc. 5 * Copyright (c) 2005-2006, Devicescape Software, Inc. 6 * Copyright (c) 2007, Johannes Berg <johannes@sipsolutions.net> 7 * Copyright (c) 2009-2010, Atheros Communications 8 * 9 * This software may be distributed under the terms of the BSD license. 10 * See README for more details. 11 */ 12 13 #include "includes.h" 14 #include <sys/types.h> 15 #include <fcntl.h> 16 #include <net/if.h> 17 #include <netlink/genl/genl.h> 18 #include <netlink/genl/ctrl.h> 19 #ifdef CONFIG_LIBNL3_ROUTE 20 #include <netlink/route/neighbour.h> 21 #endif /* CONFIG_LIBNL3_ROUTE */ 22 #include <linux/rtnetlink.h> 23 #include <netpacket/packet.h> 24 #include <linux/errqueue.h> 25 26 #include "common.h" 27 #include "eloop.h" 28 #include "common/qca-vendor.h" 29 #include "common/qca-vendor-attr.h" 30 #include "common/brcm_vendor.h" 31 #include "common/ieee802_11_defs.h" 32 #include "common/ieee802_11_common.h" 33 #include "common/wpa_common.h" 34 #include "netlink.h" 35 #include "linux_defines.h" 36 #include "linux_ioctl.h" 37 #include "radiotap.h" 38 #include "radiotap_iter.h" 39 #include "rfkill.h" 40 #include "driver_nl80211.h" 41 42 43 #ifndef NETLINK_CAP_ACK 44 #define NETLINK_CAP_ACK 10 45 #endif /* NETLINK_CAP_ACK */ 46 /* support for extack if compilation headers are too old */ 47 #ifndef NETLINK_EXT_ACK 48 #define NETLINK_EXT_ACK 11 49 enum nlmsgerr_attrs { 50 NLMSGERR_ATTR_UNUSED, 51 NLMSGERR_ATTR_MSG, 52 NLMSGERR_ATTR_OFFS, 53 NLMSGERR_ATTR_COOKIE, 54 55 __NLMSGERR_ATTR_MAX, 56 NLMSGERR_ATTR_MAX = __NLMSGERR_ATTR_MAX - 1 57 }; 58 #endif 59 #ifndef NLM_F_CAPPED 60 #define NLM_F_CAPPED 0x100 61 #endif 62 #ifndef NLM_F_ACK_TLVS 63 #define NLM_F_ACK_TLVS 0x200 64 #endif 65 #ifndef SOL_NETLINK 66 #define SOL_NETLINK 270 67 #endif 68 69 70 #ifdef ANDROID 71 /* system/core/libnl_2 does not include nl_socket_set_nonblocking() */ 72 #undef nl_socket_set_nonblocking 73 #define nl_socket_set_nonblocking(h) android_nl_socket_set_nonblocking(h) 74 75 #endif /* ANDROID */ 76 77 78 static struct nl_sock * nl_create_handle(struct nl_cb *cb, const char *dbg) 79 { 80 struct nl_sock *handle; 81 82 handle = nl_socket_alloc_cb(cb); 83 if (handle == NULL) { 84 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate netlink " 85 "callbacks (%s)", dbg); 86 return NULL; 87 } 88 89 if (genl_connect(handle)) { 90 wpa_printf(MSG_ERROR, "nl80211: Failed to connect to generic " 91 "netlink (%s)", dbg); 92 nl_socket_free(handle); 93 return NULL; 94 } 95 96 return handle; 97 } 98 99 100 static void nl_destroy_handles(struct nl_sock **handle) 101 { 102 if (*handle == NULL) 103 return; 104 nl_socket_free(*handle); 105 *handle = NULL; 106 } 107 108 109 #if __WORDSIZE == 64 110 #define ELOOP_SOCKET_INVALID (intptr_t) 0x8888888888888889ULL 111 #else 112 #define ELOOP_SOCKET_INVALID (intptr_t) 0x88888889ULL 113 #endif 114 115 static void nl80211_register_eloop_read(struct nl_sock **handle, 116 eloop_sock_handler handler, 117 void *eloop_data, int persist) 118 { 119 /* 120 * libnl uses a pretty small buffer (32 kB that gets converted to 64 kB) 121 * by default. It is possible to hit that limit in some cases where 122 * operations are blocked, e.g., with a burst of Deauthentication frames 123 * to hostapd and STA entry deletion. Try to increase the buffer to make 124 * this less likely to occur. 125 */ 126 int err; 127 128 err = nl_socket_set_buffer_size(*handle, 262144, 0); 129 if (err < 0) { 130 wpa_printf(MSG_DEBUG, 131 "nl80211: Could not set nl_socket RX buffer size: %s", 132 nl_geterror(err)); 133 /* continue anyway with the default (smaller) buffer */ 134 } 135 136 nl_socket_set_nonblocking(*handle); 137 eloop_register_read_sock(nl_socket_get_fd(*handle), handler, 138 eloop_data, *handle); 139 if (!persist) 140 *handle = (void *) (((intptr_t) *handle) ^ 141 ELOOP_SOCKET_INVALID); 142 } 143 144 145 static void nl80211_destroy_eloop_handle(struct nl_sock **handle, int persist) 146 { 147 if (!persist) 148 *handle = (void *) (((intptr_t) *handle) ^ 149 ELOOP_SOCKET_INVALID); 150 eloop_unregister_read_sock(nl_socket_get_fd(*handle)); 151 nl_destroy_handles(handle); 152 } 153 154 155 static void nl80211_global_deinit(void *priv); 156 static void nl80211_check_global(struct nl80211_global *global); 157 158 static void wpa_driver_nl80211_deinit(struct i802_bss *bss); 159 static int wpa_driver_nl80211_set_mode_ibss(struct i802_bss *bss, 160 struct hostapd_freq_params *freq); 161 162 static int 163 wpa_driver_nl80211_finish_drv_init(struct wpa_driver_nl80211_data *drv, 164 const u8 *set_addr, int first, 165 const char *driver_params); 166 static int nl80211_send_frame_cmd(struct i802_bss *bss, 167 unsigned int freq, unsigned int wait, 168 const u8 *buf, size_t buf_len, 169 int save_cookie, 170 int no_cck, int no_ack, int offchanok, 171 const u16 *csa_offs, size_t csa_offs_len); 172 static int wpa_driver_nl80211_probe_req_report(struct i802_bss *bss, 173 int report); 174 175 #define IFIDX_ANY -1 176 177 static void add_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx, 178 int ifidx_reason); 179 static void del_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx, 180 int ifidx_reason); 181 static int have_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx, 182 int ifidx_reason); 183 184 static int nl80211_set_channel(struct i802_bss *bss, 185 struct hostapd_freq_params *freq, int set_chan); 186 static int nl80211_disable_11b_rates(struct wpa_driver_nl80211_data *drv, 187 int ifindex, int disabled); 188 189 static int nl80211_leave_ibss(struct wpa_driver_nl80211_data *drv, 190 int reset_mode); 191 192 static int i802_set_iface_flags(struct i802_bss *bss, int up); 193 static int nl80211_set_param(void *priv, const char *param); 194 #ifdef CONFIG_MESH 195 static int nl80211_put_mesh_config(struct nl_msg *msg, 196 struct wpa_driver_mesh_bss_params *params); 197 #endif /* CONFIG_MESH */ 198 static int i802_sta_disassoc(void *priv, const u8 *own_addr, const u8 *addr, 199 u16 reason); 200 201 202 /* Converts nl80211_chan_width to a common format */ 203 enum chan_width convert2width(int width) 204 { 205 switch (width) { 206 case NL80211_CHAN_WIDTH_20_NOHT: 207 return CHAN_WIDTH_20_NOHT; 208 case NL80211_CHAN_WIDTH_20: 209 return CHAN_WIDTH_20; 210 case NL80211_CHAN_WIDTH_40: 211 return CHAN_WIDTH_40; 212 case NL80211_CHAN_WIDTH_80: 213 return CHAN_WIDTH_80; 214 case NL80211_CHAN_WIDTH_80P80: 215 return CHAN_WIDTH_80P80; 216 case NL80211_CHAN_WIDTH_160: 217 return CHAN_WIDTH_160; 218 } 219 return CHAN_WIDTH_UNKNOWN; 220 } 221 222 223 int is_ap_interface(enum nl80211_iftype nlmode) 224 { 225 return nlmode == NL80211_IFTYPE_AP || 226 nlmode == NL80211_IFTYPE_P2P_GO; 227 } 228 229 230 int is_sta_interface(enum nl80211_iftype nlmode) 231 { 232 return nlmode == NL80211_IFTYPE_STATION || 233 nlmode == NL80211_IFTYPE_P2P_CLIENT; 234 } 235 236 237 static int is_p2p_net_interface(enum nl80211_iftype nlmode) 238 { 239 return nlmode == NL80211_IFTYPE_P2P_CLIENT || 240 nlmode == NL80211_IFTYPE_P2P_GO; 241 } 242 243 244 struct i802_bss * get_bss_ifindex(struct wpa_driver_nl80211_data *drv, 245 int ifindex) 246 { 247 struct i802_bss *bss; 248 249 for (bss = drv->first_bss; bss; bss = bss->next) { 250 if (bss->ifindex == ifindex) 251 return bss; 252 } 253 254 return NULL; 255 } 256 257 258 static int is_mesh_interface(enum nl80211_iftype nlmode) 259 { 260 return nlmode == NL80211_IFTYPE_MESH_POINT; 261 } 262 263 264 void nl80211_mark_disconnected(struct wpa_driver_nl80211_data *drv) 265 { 266 if (drv->associated) 267 os_memcpy(drv->prev_bssid, drv->bssid, ETH_ALEN); 268 drv->associated = 0; 269 os_memset(drv->bssid, 0, ETH_ALEN); 270 drv->first_bss->freq = 0; 271 } 272 273 274 /* nl80211 code */ 275 static int ack_handler(struct nl_msg *msg, void *arg) 276 { 277 int *err = arg; 278 *err = 0; 279 return NL_STOP; 280 } 281 282 283 struct nl80211_ack_ext_arg { 284 int *err; 285 void *ext_data; 286 }; 287 288 289 static int ack_handler_cookie(struct nl_msg *msg, void *arg) 290 { 291 struct nl80211_ack_ext_arg *ext_arg = arg; 292 struct nlattr *tb[NLMSGERR_ATTR_MAX + 1]; 293 u64 *cookie = ext_arg->ext_data; 294 struct nlattr *attrs; 295 size_t ack_len, attr_len; 296 297 *ext_arg->err = 0; 298 ack_len = sizeof(struct nlmsghdr) + sizeof(int) + 299 sizeof(struct nlmsghdr); 300 attrs = (struct nlattr *) 301 ((u8 *) nlmsg_data(nlmsg_hdr(msg)) + sizeof(struct nlmsghdr) + 302 sizeof(int)); 303 if (nlmsg_hdr(msg)->nlmsg_len <= ack_len) 304 return NL_STOP; 305 306 attr_len = nlmsg_hdr(msg)->nlmsg_len - ack_len; 307 308 if(!(nlmsg_hdr(msg)->nlmsg_flags & NLM_F_ACK_TLVS)) 309 return NL_STOP; 310 311 nla_parse(tb, NLMSGERR_ATTR_MAX, attrs, attr_len, NULL); 312 if (tb[NLMSGERR_ATTR_COOKIE]) 313 *cookie = nla_get_u64(tb[NLMSGERR_ATTR_COOKIE]); 314 315 return NL_STOP; 316 } 317 318 319 static int finish_handler(struct nl_msg *msg, void *arg) 320 { 321 int *ret = arg; 322 *ret = 0; 323 return NL_SKIP; 324 } 325 326 static int error_handler(struct sockaddr_nl *nla, struct nlmsgerr *err, 327 void *arg) 328 { 329 struct nlmsghdr *nlh = (struct nlmsghdr *) err - 1; 330 int len = nlh->nlmsg_len; 331 struct nlattr *attrs; 332 struct nlattr *tb[NLMSGERR_ATTR_MAX + 1]; 333 int *ret = arg; 334 int ack_len = sizeof(*nlh) + sizeof(int) + sizeof(*nlh); 335 336 *ret = err->error; 337 338 if (!(nlh->nlmsg_flags & NLM_F_ACK_TLVS)) 339 return NL_SKIP; 340 341 if (!(nlh->nlmsg_flags & NLM_F_CAPPED)) 342 ack_len += err->msg.nlmsg_len - sizeof(*nlh); 343 344 if (len <= ack_len) 345 return NL_STOP; 346 347 attrs = (void *) ((unsigned char *) nlh + ack_len); 348 len -= ack_len; 349 350 nla_parse(tb, NLMSGERR_ATTR_MAX, attrs, len, NULL); 351 if (tb[NLMSGERR_ATTR_MSG]) { 352 len = strnlen((char *) nla_data(tb[NLMSGERR_ATTR_MSG]), 353 nla_len(tb[NLMSGERR_ATTR_MSG])); 354 wpa_printf(MSG_ERROR, "nl80211: kernel reports: %*s", 355 len, (char *) nla_data(tb[NLMSGERR_ATTR_MSG])); 356 } 357 358 return NL_SKIP; 359 } 360 361 362 static int no_seq_check(struct nl_msg *msg, void *arg) 363 { 364 return NL_OK; 365 } 366 367 368 static void nl80211_nlmsg_clear(struct nl_msg *msg) 369 { 370 /* 371 * Clear nlmsg data, e.g., to make sure key material is not left in 372 * heap memory for unnecessarily long time. 373 */ 374 if (msg) { 375 struct nlmsghdr *hdr = nlmsg_hdr(msg); 376 void *data = nlmsg_data(hdr); 377 /* 378 * This would use nlmsg_datalen() or the older nlmsg_len() if 379 * only libnl were to maintain a stable API.. Neither will work 380 * with all released versions, so just calculate the length 381 * here. 382 */ 383 int len = hdr->nlmsg_len - NLMSG_HDRLEN; 384 385 os_memset(data, 0, len); 386 } 387 } 388 389 390 static int send_and_recv(struct nl80211_global *global, 391 struct nl_sock *nl_handle, struct nl_msg *msg, 392 int (*valid_handler)(struct nl_msg *, void *), 393 void *valid_data, 394 int (*ack_handler_custom)(struct nl_msg *, void *), 395 void *ack_data) 396 { 397 struct nl_cb *cb; 398 int err = -ENOMEM, opt; 399 400 if (!msg) 401 return -ENOMEM; 402 403 cb = nl_cb_clone(global->nl_cb); 404 if (!cb) 405 goto out; 406 407 /* try to set NETLINK_EXT_ACK to 1, ignoring errors */ 408 opt = 1; 409 setsockopt(nl_socket_get_fd(nl_handle), SOL_NETLINK, 410 NETLINK_EXT_ACK, &opt, sizeof(opt)); 411 412 /* try to set NETLINK_CAP_ACK to 1, ignoring errors */ 413 opt = 1; 414 setsockopt(nl_socket_get_fd(nl_handle), SOL_NETLINK, 415 NETLINK_CAP_ACK, &opt, sizeof(opt)); 416 417 err = nl_send_auto_complete(nl_handle, msg); 418 if (err < 0) { 419 wpa_printf(MSG_INFO, 420 "nl80211: nl_send_auto_complete() failed: %s", 421 nl_geterror(err)); 422 /* Need to convert libnl error code to an errno value. For now, 423 * just hardcode this to EBADF; the real error reason is shown 424 * in that error print above. */ 425 err = -EBADF; 426 goto out; 427 } 428 429 err = 1; 430 431 nl_cb_err(cb, NL_CB_CUSTOM, error_handler, &err); 432 nl_cb_set(cb, NL_CB_FINISH, NL_CB_CUSTOM, finish_handler, &err); 433 if (ack_handler_custom) { 434 struct nl80211_ack_ext_arg *ext_arg = ack_data; 435 436 ext_arg->err = &err; 437 nl_cb_set(cb, NL_CB_ACK, NL_CB_CUSTOM, 438 ack_handler_custom, ack_data); 439 } else { 440 nl_cb_set(cb, NL_CB_ACK, NL_CB_CUSTOM, ack_handler, &err); 441 } 442 443 if (valid_handler) 444 nl_cb_set(cb, NL_CB_VALID, NL_CB_CUSTOM, 445 valid_handler, valid_data); 446 447 while (err > 0) { 448 int res = nl_recvmsgs(nl_handle, cb); 449 450 if (res == -NLE_DUMP_INTR) { 451 /* Most likely one of the nl80211 dump routines hit a 452 * case where internal results changed while the dump 453 * was being sent. The most common known case for this 454 * is scan results fetching while associated were every 455 * received Beacon frame from the AP may end up 456 * incrementing bss_generation. This 457 * NL80211_CMD_GET_SCAN case tries again in the caller; 458 * other cases (of which there are no known common ones) 459 * will stop and return an error. */ 460 wpa_printf(MSG_DEBUG, "nl80211: %s; convert to -EAGAIN", 461 nl_geterror(res)); 462 err = -EAGAIN; 463 } else if (res < 0) { 464 wpa_printf(MSG_INFO, 465 "nl80211: %s->nl_recvmsgs failed: %d (%s)", 466 __func__, res, nl_geterror(res)); 467 } 468 } 469 out: 470 nl_cb_put(cb); 471 /* Always clear the message as it can potentially contain keys */ 472 nl80211_nlmsg_clear(msg); 473 nlmsg_free(msg); 474 return err; 475 } 476 477 478 int send_and_recv_msgs(struct wpa_driver_nl80211_data *drv, 479 struct nl_msg *msg, 480 int (*valid_handler)(struct nl_msg *, void *), 481 void *valid_data, 482 int (*ack_handler_custom)(struct nl_msg *, void *), 483 void *ack_data) 484 { 485 return send_and_recv(drv->global, drv->global->nl, msg, 486 valid_handler, valid_data, 487 ack_handler_custom, ack_data); 488 } 489 490 491 /* Use this method to mark that it is necessary to own the connection/interface 492 * for this operation. 493 * handle may be set to NULL, to get the same behavior as send_and_recv_msgs(). 494 * set_owner can be used to mark this socket for receiving control port frames. 495 */ 496 static int send_and_recv_msgs_owner(struct wpa_driver_nl80211_data *drv, 497 struct nl_msg *msg, 498 struct nl_sock *handle, int set_owner, 499 int (*valid_handler)(struct nl_msg *, 500 void *), 501 void *valid_data, 502 int (*ack_handler_custom)(struct nl_msg *, 503 void *), 504 void *ack_data) 505 { 506 if (!msg) 507 return -ENOMEM; 508 509 /* Control port over nl80211 needs the flags and attributes below. 510 * 511 * The Linux kernel has initial checks for them (in nl80211.c) like: 512 * validate_pae_over_nl80211(...) 513 * or final checks like: 514 * dev->ieee80211_ptr->conn_owner_nlportid != info->snd_portid 515 * 516 * Final operations (e.g., disassociate) don't need to set these 517 * attributes, but they have to be performed on the socket, which has 518 * the connection owner property set in the kernel. 519 */ 520 if ((drv->capa.flags2 & WPA_DRIVER_FLAGS2_CONTROL_PORT_RX) && 521 handle && set_owner && 522 (nla_put_flag(msg, NL80211_ATTR_CONTROL_PORT_OVER_NL80211) || 523 nla_put_flag(msg, NL80211_ATTR_SOCKET_OWNER) || 524 nla_put_u16(msg, NL80211_ATTR_CONTROL_PORT_ETHERTYPE, ETH_P_PAE) || 525 nla_put_flag(msg, NL80211_ATTR_CONTROL_PORT_NO_PREAUTH))) 526 return -1; 527 528 return send_and_recv(drv->global, handle ? handle : drv->global->nl, 529 msg, valid_handler, valid_data, 530 ack_handler_custom, ack_data); 531 } 532 533 534 static int 535 send_and_recv_msgs_connect_handle(struct wpa_driver_nl80211_data *drv, 536 struct nl_msg *msg, struct i802_bss *bss, 537 int set_owner) 538 { 539 struct nl_sock *nl_connect = get_connect_handle(bss); 540 541 if (nl_connect) 542 return send_and_recv_msgs_owner(drv, msg, nl_connect, set_owner, 543 process_bss_event, bss, NULL, 544 NULL); 545 else 546 return send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); 547 } 548 549 550 struct nl_sock * get_connect_handle(struct i802_bss *bss) 551 { 552 if ((bss->drv->capa.flags2 & WPA_DRIVER_FLAGS2_CONTROL_PORT_RX) || 553 bss->use_nl_connect) 554 return bss->nl_connect; 555 556 return NULL; 557 } 558 559 560 struct family_data { 561 const char *group; 562 int id; 563 }; 564 565 566 static int family_handler(struct nl_msg *msg, void *arg) 567 { 568 struct family_data *res = arg; 569 struct nlattr *tb[CTRL_ATTR_MAX + 1]; 570 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); 571 struct nlattr *mcgrp; 572 int i; 573 574 nla_parse(tb, CTRL_ATTR_MAX, genlmsg_attrdata(gnlh, 0), 575 genlmsg_attrlen(gnlh, 0), NULL); 576 if (!tb[CTRL_ATTR_MCAST_GROUPS]) 577 return NL_SKIP; 578 579 nla_for_each_nested(mcgrp, tb[CTRL_ATTR_MCAST_GROUPS], i) { 580 struct nlattr *tb2[CTRL_ATTR_MCAST_GRP_MAX + 1]; 581 nla_parse(tb2, CTRL_ATTR_MCAST_GRP_MAX, nla_data(mcgrp), 582 nla_len(mcgrp), NULL); 583 if (!tb2[CTRL_ATTR_MCAST_GRP_NAME] || 584 !tb2[CTRL_ATTR_MCAST_GRP_ID] || 585 os_strncmp(nla_data(tb2[CTRL_ATTR_MCAST_GRP_NAME]), 586 res->group, 587 nla_len(tb2[CTRL_ATTR_MCAST_GRP_NAME])) != 0) 588 continue; 589 res->id = nla_get_u32(tb2[CTRL_ATTR_MCAST_GRP_ID]); 590 break; 591 }; 592 593 return NL_SKIP; 594 } 595 596 597 static int nl_get_multicast_id(struct nl80211_global *global, 598 const char *family, const char *group) 599 { 600 struct nl_msg *msg; 601 int ret; 602 struct family_data res = { group, -ENOENT }; 603 604 msg = nlmsg_alloc(); 605 if (!msg) 606 return -ENOMEM; 607 if (!genlmsg_put(msg, 0, 0, genl_ctrl_resolve(global->nl, "nlctrl"), 608 0, 0, CTRL_CMD_GETFAMILY, 0) || 609 nla_put_string(msg, CTRL_ATTR_FAMILY_NAME, family)) { 610 nlmsg_free(msg); 611 return -1; 612 } 613 614 ret = send_and_recv(global, global->nl, msg, family_handler, &res, 615 NULL, NULL); 616 if (ret == 0) 617 ret = res.id; 618 return ret; 619 } 620 621 622 void * nl80211_cmd(struct wpa_driver_nl80211_data *drv, 623 struct nl_msg *msg, int flags, uint8_t cmd) 624 { 625 if (TEST_FAIL()) 626 return NULL; 627 return genlmsg_put(msg, 0, 0, drv->global->nl80211_id, 628 0, flags, cmd, 0); 629 } 630 631 632 static int nl80211_set_iface_id(struct nl_msg *msg, struct i802_bss *bss) 633 { 634 if (bss->wdev_id_set) 635 return nla_put_u64(msg, NL80211_ATTR_WDEV, bss->wdev_id); 636 return nla_put_u32(msg, NL80211_ATTR_IFINDEX, bss->ifindex); 637 } 638 639 640 struct nl_msg * nl80211_cmd_msg(struct i802_bss *bss, int flags, uint8_t cmd) 641 { 642 struct nl_msg *msg; 643 644 msg = nlmsg_alloc(); 645 if (!msg) 646 return NULL; 647 648 if (!nl80211_cmd(bss->drv, msg, flags, cmd) || 649 nl80211_set_iface_id(msg, bss) < 0) { 650 nlmsg_free(msg); 651 return NULL; 652 } 653 654 return msg; 655 } 656 657 658 static struct nl_msg * 659 nl80211_ifindex_msg_build(struct wpa_driver_nl80211_data *drv, 660 struct nl_msg *msg, int ifindex, int flags, 661 uint8_t cmd) 662 { 663 if (!msg) 664 return NULL; 665 666 if (!nl80211_cmd(drv, msg, flags, cmd) || 667 nla_put_u32(msg, NL80211_ATTR_IFINDEX, ifindex)) { 668 nlmsg_free(msg); 669 return NULL; 670 } 671 672 return msg; 673 } 674 675 676 static struct nl_msg * 677 nl80211_ifindex_msg(struct wpa_driver_nl80211_data *drv, int ifindex, 678 int flags, uint8_t cmd) 679 { 680 return nl80211_ifindex_msg_build(drv, nlmsg_alloc(), ifindex, flags, 681 cmd); 682 } 683 684 685 struct nl_msg * nl80211_drv_msg(struct wpa_driver_nl80211_data *drv, int flags, 686 uint8_t cmd) 687 { 688 return nl80211_ifindex_msg(drv, drv->ifindex, flags, cmd); 689 } 690 691 692 struct nl_msg * nl80211_bss_msg(struct i802_bss *bss, int flags, uint8_t cmd) 693 { 694 return nl80211_ifindex_msg(bss->drv, bss->ifindex, flags, cmd); 695 } 696 697 698 struct wiphy_idx_data { 699 int wiphy_idx; 700 enum nl80211_iftype nlmode; 701 u8 *macaddr; 702 u8 use_4addr; 703 }; 704 705 706 static int netdev_info_handler(struct nl_msg *msg, void *arg) 707 { 708 struct nlattr *tb[NL80211_ATTR_MAX + 1]; 709 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); 710 struct wiphy_idx_data *info = arg; 711 712 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), 713 genlmsg_attrlen(gnlh, 0), NULL); 714 715 if (tb[NL80211_ATTR_WIPHY]) 716 info->wiphy_idx = nla_get_u32(tb[NL80211_ATTR_WIPHY]); 717 718 if (tb[NL80211_ATTR_IFTYPE]) 719 info->nlmode = nla_get_u32(tb[NL80211_ATTR_IFTYPE]); 720 721 if (tb[NL80211_ATTR_MAC] && info->macaddr) 722 os_memcpy(info->macaddr, nla_data(tb[NL80211_ATTR_MAC]), 723 ETH_ALEN); 724 725 if (tb[NL80211_ATTR_4ADDR]) 726 info->use_4addr = nla_get_u8(tb[NL80211_ATTR_4ADDR]); 727 728 return NL_SKIP; 729 } 730 731 732 int nl80211_get_wiphy_index(struct i802_bss *bss) 733 { 734 struct nl_msg *msg; 735 struct wiphy_idx_data data = { 736 .wiphy_idx = -1, 737 .macaddr = NULL, 738 }; 739 740 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_GET_INTERFACE))) 741 return -1; 742 743 if (send_and_recv_msgs(bss->drv, msg, netdev_info_handler, &data, 744 NULL, NULL) == 0) 745 return data.wiphy_idx; 746 return -1; 747 } 748 749 750 static enum nl80211_iftype nl80211_get_ifmode(struct i802_bss *bss) 751 { 752 struct nl_msg *msg; 753 struct wiphy_idx_data data = { 754 .nlmode = NL80211_IFTYPE_UNSPECIFIED, 755 .macaddr = NULL, 756 }; 757 758 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_GET_INTERFACE))) 759 return NL80211_IFTYPE_UNSPECIFIED; 760 761 if (send_and_recv_msgs(bss->drv, msg, netdev_info_handler, &data, 762 NULL, NULL) == 0) 763 return data.nlmode; 764 return NL80211_IFTYPE_UNSPECIFIED; 765 } 766 767 768 static int nl80211_get_macaddr(struct i802_bss *bss) 769 { 770 struct nl_msg *msg; 771 struct wiphy_idx_data data = { 772 .macaddr = bss->addr, 773 }; 774 775 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_GET_INTERFACE))) 776 return -1; 777 778 return send_and_recv_msgs(bss->drv, msg, netdev_info_handler, &data, 779 NULL, NULL); 780 } 781 782 783 static int nl80211_get_4addr(struct i802_bss *bss) 784 { 785 struct nl_msg *msg; 786 struct wiphy_idx_data data = { 787 .use_4addr = 0, 788 }; 789 790 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_GET_INTERFACE)) || 791 send_and_recv_msgs(bss->drv, msg, netdev_info_handler, &data, 792 NULL, NULL)) 793 return -1; 794 return data.use_4addr; 795 } 796 797 798 static int nl80211_register_beacons(struct wpa_driver_nl80211_data *drv, 799 struct nl80211_wiphy_data *w) 800 { 801 struct nl_msg *msg; 802 int ret; 803 804 msg = nlmsg_alloc(); 805 if (!msg) 806 return -1; 807 808 if (!nl80211_cmd(drv, msg, 0, NL80211_CMD_REGISTER_BEACONS) || 809 nla_put_u32(msg, NL80211_ATTR_WIPHY, w->wiphy_idx)) { 810 nlmsg_free(msg); 811 return -1; 812 } 813 814 ret = send_and_recv(drv->global, w->nl_beacons, msg, NULL, NULL, 815 NULL, NULL); 816 if (ret) { 817 wpa_printf(MSG_DEBUG, "nl80211: Register beacons command " 818 "failed: ret=%d (%s)", 819 ret, strerror(-ret)); 820 } 821 return ret; 822 } 823 824 825 static void nl80211_recv_beacons(int sock, void *eloop_ctx, void *handle) 826 { 827 struct nl80211_wiphy_data *w = eloop_ctx; 828 int res; 829 830 wpa_printf(MSG_EXCESSIVE, "nl80211: Beacon event message available"); 831 832 res = nl_recvmsgs(handle, w->nl_cb); 833 if (res < 0) { 834 wpa_printf(MSG_INFO, "nl80211: %s->nl_recvmsgs failed: %d", 835 __func__, res); 836 } 837 } 838 839 840 static int process_beacon_event(struct nl_msg *msg, void *arg) 841 { 842 struct nl80211_wiphy_data *w = arg; 843 struct wpa_driver_nl80211_data *drv; 844 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); 845 struct nlattr *tb[NL80211_ATTR_MAX + 1]; 846 union wpa_event_data event; 847 848 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), 849 genlmsg_attrlen(gnlh, 0), NULL); 850 851 if (gnlh->cmd != NL80211_CMD_FRAME) { 852 wpa_printf(MSG_DEBUG, "nl80211: Unexpected beacon event? (%d)", 853 gnlh->cmd); 854 return NL_SKIP; 855 } 856 857 if (!tb[NL80211_ATTR_FRAME]) 858 return NL_SKIP; 859 860 dl_list_for_each(drv, &w->drvs, struct wpa_driver_nl80211_data, 861 wiphy_list) { 862 os_memset(&event, 0, sizeof(event)); 863 event.rx_mgmt.frame = nla_data(tb[NL80211_ATTR_FRAME]); 864 event.rx_mgmt.frame_len = nla_len(tb[NL80211_ATTR_FRAME]); 865 wpa_supplicant_event(drv->ctx, EVENT_RX_MGMT, &event); 866 } 867 868 return NL_SKIP; 869 } 870 871 872 static struct nl80211_wiphy_data * 873 nl80211_get_wiphy_data_ap(struct i802_bss *bss) 874 { 875 static DEFINE_DL_LIST(nl80211_wiphys); 876 struct nl80211_wiphy_data *w; 877 int wiphy_idx, found = 0; 878 struct i802_bss *tmp_bss; 879 u8 channel; 880 881 if (bss->wiphy_data != NULL) 882 return bss->wiphy_data; 883 884 wiphy_idx = nl80211_get_wiphy_index(bss); 885 886 dl_list_for_each(w, &nl80211_wiphys, struct nl80211_wiphy_data, list) { 887 if (w->wiphy_idx == wiphy_idx) 888 goto add; 889 } 890 891 /* alloc new one */ 892 w = os_zalloc(sizeof(*w)); 893 if (w == NULL) 894 return NULL; 895 w->wiphy_idx = wiphy_idx; 896 dl_list_init(&w->bsss); 897 dl_list_init(&w->drvs); 898 899 /* Beacon frames not supported in IEEE 802.11ad */ 900 if (ieee80211_freq_to_chan(bss->freq, &channel) != 901 HOSTAPD_MODE_IEEE80211AD) { 902 w->nl_cb = nl_cb_alloc(NL_CB_DEFAULT); 903 if (!w->nl_cb) { 904 os_free(w); 905 return NULL; 906 } 907 nl_cb_set(w->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM, 908 no_seq_check, NULL); 909 nl_cb_set(w->nl_cb, NL_CB_VALID, NL_CB_CUSTOM, 910 process_beacon_event, w); 911 912 w->nl_beacons = nl_create_handle(bss->drv->global->nl_cb, 913 "wiphy beacons"); 914 if (w->nl_beacons == NULL) { 915 os_free(w); 916 return NULL; 917 } 918 919 if (nl80211_register_beacons(bss->drv, w)) { 920 nl_destroy_handles(&w->nl_beacons); 921 os_free(w); 922 return NULL; 923 } 924 925 nl80211_register_eloop_read(&w->nl_beacons, 926 nl80211_recv_beacons, w, 0); 927 } 928 929 dl_list_add(&nl80211_wiphys, &w->list); 930 931 add: 932 /* drv entry for this bss already there? */ 933 dl_list_for_each(tmp_bss, &w->bsss, struct i802_bss, wiphy_list) { 934 if (tmp_bss->drv == bss->drv) { 935 found = 1; 936 break; 937 } 938 } 939 /* if not add it */ 940 if (!found) 941 dl_list_add(&w->drvs, &bss->drv->wiphy_list); 942 943 dl_list_add(&w->bsss, &bss->wiphy_list); 944 bss->wiphy_data = w; 945 return w; 946 } 947 948 949 static void nl80211_put_wiphy_data_ap(struct i802_bss *bss) 950 { 951 struct nl80211_wiphy_data *w = bss->wiphy_data; 952 struct i802_bss *tmp_bss; 953 int found = 0; 954 955 if (w == NULL) 956 return; 957 bss->wiphy_data = NULL; 958 dl_list_del(&bss->wiphy_list); 959 960 /* still any for this drv present? */ 961 dl_list_for_each(tmp_bss, &w->bsss, struct i802_bss, wiphy_list) { 962 if (tmp_bss->drv == bss->drv) { 963 found = 1; 964 break; 965 } 966 } 967 /* if not remove it */ 968 if (!found) 969 dl_list_del(&bss->drv->wiphy_list); 970 971 if (!dl_list_empty(&w->bsss)) 972 return; 973 974 if (w->nl_beacons) 975 nl80211_destroy_eloop_handle(&w->nl_beacons, 0); 976 977 nl_cb_put(w->nl_cb); 978 dl_list_del(&w->list); 979 os_free(w); 980 } 981 982 983 static unsigned int nl80211_get_ifindex(void *priv) 984 { 985 struct i802_bss *bss = priv; 986 struct wpa_driver_nl80211_data *drv = bss->drv; 987 988 return drv->ifindex; 989 } 990 991 992 static int wpa_driver_nl80211_get_bssid(void *priv, u8 *bssid) 993 { 994 struct i802_bss *bss = priv; 995 struct wpa_driver_nl80211_data *drv = bss->drv; 996 if (!drv->associated) 997 return -1; 998 os_memcpy(bssid, drv->bssid, ETH_ALEN); 999 return 0; 1000 } 1001 1002 1003 static int wpa_driver_nl80211_get_ssid(void *priv, u8 *ssid) 1004 { 1005 struct i802_bss *bss = priv; 1006 struct wpa_driver_nl80211_data *drv = bss->drv; 1007 if (!drv->associated) 1008 return -1; 1009 os_memcpy(ssid, drv->ssid, drv->ssid_len); 1010 return drv->ssid_len; 1011 } 1012 1013 1014 static void wpa_driver_nl80211_event_newlink( 1015 struct nl80211_global *global, struct wpa_driver_nl80211_data *drv, 1016 int ifindex, const char *ifname) 1017 { 1018 union wpa_event_data event; 1019 1020 if (drv && os_strcmp(drv->first_bss->ifname, ifname) == 0) { 1021 if (if_nametoindex(drv->first_bss->ifname) == 0) { 1022 wpa_printf(MSG_DEBUG, "nl80211: Interface %s does not exist - ignore RTM_NEWLINK", 1023 drv->first_bss->ifname); 1024 return; 1025 } 1026 if (!drv->if_removed) 1027 return; 1028 wpa_printf(MSG_DEBUG, "nl80211: Mark if_removed=0 for %s based on RTM_NEWLINK event", 1029 drv->first_bss->ifname); 1030 drv->if_removed = 0; 1031 } 1032 1033 os_memset(&event, 0, sizeof(event)); 1034 event.interface_status.ifindex = ifindex; 1035 os_strlcpy(event.interface_status.ifname, ifname, 1036 sizeof(event.interface_status.ifname)); 1037 event.interface_status.ievent = EVENT_INTERFACE_ADDED; 1038 if (drv) 1039 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_STATUS, &event); 1040 else 1041 wpa_supplicant_event_global(global->ctx, EVENT_INTERFACE_STATUS, 1042 &event); 1043 } 1044 1045 1046 static void wpa_driver_nl80211_event_dellink( 1047 struct nl80211_global *global, struct wpa_driver_nl80211_data *drv, 1048 int ifindex, const char *ifname) 1049 { 1050 union wpa_event_data event; 1051 1052 if (drv && os_strcmp(drv->first_bss->ifname, ifname) == 0) { 1053 if (drv->if_removed) { 1054 wpa_printf(MSG_DEBUG, "nl80211: if_removed already set - ignore RTM_DELLINK event for %s", 1055 ifname); 1056 return; 1057 } 1058 wpa_printf(MSG_DEBUG, "RTM_DELLINK: Interface '%s' removed - mark if_removed=1", 1059 ifname); 1060 drv->if_removed = 1; 1061 } else { 1062 wpa_printf(MSG_DEBUG, "RTM_DELLINK: Interface '%s' removed", 1063 ifname); 1064 } 1065 1066 os_memset(&event, 0, sizeof(event)); 1067 event.interface_status.ifindex = ifindex; 1068 os_strlcpy(event.interface_status.ifname, ifname, 1069 sizeof(event.interface_status.ifname)); 1070 event.interface_status.ievent = EVENT_INTERFACE_REMOVED; 1071 if (drv) 1072 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_STATUS, &event); 1073 else 1074 wpa_supplicant_event_global(global->ctx, EVENT_INTERFACE_STATUS, 1075 &event); 1076 } 1077 1078 1079 static int wpa_driver_nl80211_own_ifname(struct wpa_driver_nl80211_data *drv, 1080 u8 *buf, size_t len) 1081 { 1082 int attrlen, rta_len; 1083 struct rtattr *attr; 1084 1085 attrlen = len; 1086 attr = (struct rtattr *) buf; 1087 1088 rta_len = RTA_ALIGN(sizeof(struct rtattr)); 1089 while (RTA_OK(attr, attrlen)) { 1090 if (attr->rta_type == IFLA_IFNAME) { 1091 if (os_strcmp(((char *) attr) + rta_len, 1092 drv->first_bss->ifname) == 0) 1093 return 1; 1094 else 1095 break; 1096 } 1097 attr = RTA_NEXT(attr, attrlen); 1098 } 1099 1100 return 0; 1101 } 1102 1103 1104 static int wpa_driver_nl80211_own_ifindex(struct wpa_driver_nl80211_data *drv, 1105 int ifindex, u8 *buf, size_t len) 1106 { 1107 if (drv->ifindex == ifindex) 1108 return 1; 1109 1110 if (drv->if_removed && wpa_driver_nl80211_own_ifname(drv, buf, len)) { 1111 nl80211_check_global(drv->global); 1112 wpa_printf(MSG_DEBUG, "nl80211: Update ifindex for a removed " 1113 "interface"); 1114 if (wpa_driver_nl80211_finish_drv_init(drv, NULL, 0, NULL) < 0) 1115 return -1; 1116 return 1; 1117 } 1118 1119 return 0; 1120 } 1121 1122 1123 static struct wpa_driver_nl80211_data * 1124 nl80211_find_drv(struct nl80211_global *global, int idx, u8 *buf, size_t len, 1125 int *init_failed) 1126 { 1127 struct wpa_driver_nl80211_data *drv; 1128 int res; 1129 1130 if (init_failed) 1131 *init_failed = 0; 1132 dl_list_for_each(drv, &global->interfaces, 1133 struct wpa_driver_nl80211_data, list) { 1134 res = wpa_driver_nl80211_own_ifindex(drv, idx, buf, len); 1135 if (res < 0) { 1136 wpa_printf(MSG_DEBUG, 1137 "nl80211: Found matching own interface, but failed to complete reinitialization"); 1138 if (init_failed) 1139 *init_failed = 1; 1140 return drv; 1141 } 1142 if (res > 0 || have_ifidx(drv, idx, IFIDX_ANY)) 1143 return drv; 1144 } 1145 return NULL; 1146 } 1147 1148 1149 static void nl80211_refresh_mac(struct wpa_driver_nl80211_data *drv, 1150 int ifindex, int notify) 1151 { 1152 struct i802_bss *bss; 1153 u8 addr[ETH_ALEN]; 1154 1155 bss = get_bss_ifindex(drv, ifindex); 1156 if (bss && 1157 linux_get_ifhwaddr(drv->global->ioctl_sock, 1158 bss->ifname, addr) < 0) { 1159 wpa_printf(MSG_DEBUG, 1160 "nl80211: %s: failed to re-read MAC address", 1161 bss->ifname); 1162 } else if (bss && os_memcmp(addr, bss->addr, ETH_ALEN) != 0) { 1163 wpa_printf(MSG_DEBUG, 1164 "nl80211: Own MAC address on ifindex %d (%s) changed from " 1165 MACSTR " to " MACSTR, 1166 ifindex, bss->ifname, 1167 MAC2STR(bss->addr), MAC2STR(addr)); 1168 os_memcpy(bss->addr, addr, ETH_ALEN); 1169 if (notify) 1170 wpa_supplicant_event(drv->ctx, 1171 EVENT_INTERFACE_MAC_CHANGED, NULL); 1172 } 1173 } 1174 1175 1176 static void wpa_driver_nl80211_event_rtm_newlink(void *ctx, 1177 struct ifinfomsg *ifi, 1178 u8 *buf, size_t len) 1179 { 1180 struct nl80211_global *global = ctx; 1181 struct wpa_driver_nl80211_data *drv; 1182 int attrlen; 1183 struct rtattr *attr; 1184 u32 brid = 0; 1185 char namebuf[IFNAMSIZ]; 1186 char ifname[IFNAMSIZ + 1]; 1187 char extra[100], *pos, *end; 1188 int init_failed; 1189 1190 extra[0] = '\0'; 1191 pos = extra; 1192 end = pos + sizeof(extra); 1193 ifname[0] = '\0'; 1194 1195 attrlen = len; 1196 attr = (struct rtattr *) buf; 1197 while (RTA_OK(attr, attrlen)) { 1198 switch (attr->rta_type) { 1199 case IFLA_IFNAME: 1200 if (RTA_PAYLOAD(attr) > IFNAMSIZ) 1201 break; 1202 os_memcpy(ifname, RTA_DATA(attr), RTA_PAYLOAD(attr)); 1203 ifname[RTA_PAYLOAD(attr)] = '\0'; 1204 break; 1205 case IFLA_MASTER: 1206 brid = nla_get_u32((struct nlattr *) attr); 1207 pos += os_snprintf(pos, end - pos, " master=%u", brid); 1208 break; 1209 case IFLA_WIRELESS: 1210 pos += os_snprintf(pos, end - pos, " wext"); 1211 break; 1212 case IFLA_OPERSTATE: 1213 pos += os_snprintf(pos, end - pos, " operstate=%u", 1214 nla_get_u32((struct nlattr *) attr)); 1215 break; 1216 case IFLA_LINKMODE: 1217 pos += os_snprintf(pos, end - pos, " linkmode=%u", 1218 nla_get_u32((struct nlattr *) attr)); 1219 break; 1220 } 1221 attr = RTA_NEXT(attr, attrlen); 1222 } 1223 extra[sizeof(extra) - 1] = '\0'; 1224 1225 wpa_printf(MSG_DEBUG, "RTM_NEWLINK: ifi_index=%d ifname=%s%s ifi_family=%d ifi_flags=0x%x (%s%s%s%s)", 1226 ifi->ifi_index, ifname, extra, ifi->ifi_family, 1227 ifi->ifi_flags, 1228 (ifi->ifi_flags & IFF_UP) ? "[UP]" : "", 1229 (ifi->ifi_flags & IFF_RUNNING) ? "[RUNNING]" : "", 1230 (ifi->ifi_flags & IFF_LOWER_UP) ? "[LOWER_UP]" : "", 1231 (ifi->ifi_flags & IFF_DORMANT) ? "[DORMANT]" : ""); 1232 1233 drv = nl80211_find_drv(global, ifi->ifi_index, buf, len, &init_failed); 1234 if (!drv) 1235 goto event_newlink; 1236 if (init_failed) 1237 return; /* do not update interface state */ 1238 1239 if (!drv->if_disabled && !(ifi->ifi_flags & IFF_UP)) { 1240 namebuf[0] = '\0'; 1241 if (if_indextoname(ifi->ifi_index, namebuf) && 1242 linux_iface_up(drv->global->ioctl_sock, namebuf) > 0) { 1243 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface down " 1244 "event since interface %s is up", namebuf); 1245 drv->ignore_if_down_event = 0; 1246 /* Re-read MAC address as it may have changed */ 1247 nl80211_refresh_mac(drv, ifi->ifi_index, 1); 1248 return; 1249 } 1250 wpa_printf(MSG_DEBUG, "nl80211: Interface down (%s/%s)", 1251 namebuf, ifname); 1252 if (os_strcmp(drv->first_bss->ifname, ifname) != 0) { 1253 wpa_printf(MSG_DEBUG, 1254 "nl80211: Not the main interface (%s) - do not indicate interface down", 1255 drv->first_bss->ifname); 1256 } else if (drv->ignore_if_down_event) { 1257 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface down " 1258 "event generated by mode change"); 1259 drv->ignore_if_down_event = 0; 1260 } else { 1261 drv->if_disabled = 1; 1262 wpa_supplicant_event(drv->ctx, 1263 EVENT_INTERFACE_DISABLED, NULL); 1264 1265 /* 1266 * Try to get drv again, since it may be removed as 1267 * part of the EVENT_INTERFACE_DISABLED handling for 1268 * dynamic interfaces 1269 */ 1270 drv = nl80211_find_drv(global, ifi->ifi_index, 1271 buf, len, NULL); 1272 if (!drv) 1273 return; 1274 } 1275 } 1276 1277 if (drv->if_disabled && (ifi->ifi_flags & IFF_UP)) { 1278 namebuf[0] = '\0'; 1279 if (if_indextoname(ifi->ifi_index, namebuf) && 1280 linux_iface_up(drv->global->ioctl_sock, namebuf) == 0) { 1281 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface up " 1282 "event since interface %s is down", 1283 namebuf); 1284 return; 1285 } 1286 wpa_printf(MSG_DEBUG, "nl80211: Interface up (%s/%s)", 1287 namebuf, ifname); 1288 if (os_strcmp(drv->first_bss->ifname, ifname) != 0) { 1289 wpa_printf(MSG_DEBUG, 1290 "nl80211: Not the main interface (%s) - do not indicate interface up", 1291 drv->first_bss->ifname); 1292 } else if (if_nametoindex(drv->first_bss->ifname) == 0) { 1293 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface up " 1294 "event since interface %s does not exist", 1295 drv->first_bss->ifname); 1296 } else if (drv->if_removed) { 1297 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface up " 1298 "event since interface %s is marked " 1299 "removed", drv->first_bss->ifname); 1300 } else { 1301 /* Re-read MAC address as it may have changed */ 1302 nl80211_refresh_mac(drv, ifi->ifi_index, 0); 1303 1304 drv->if_disabled = 0; 1305 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_ENABLED, 1306 NULL); 1307 } 1308 } 1309 1310 /* 1311 * Some drivers send the association event before the operup event--in 1312 * this case, lifting operstate in wpa_driver_nl80211_set_operstate() 1313 * fails. This will hit us when wpa_supplicant does not need to do 1314 * IEEE 802.1X authentication 1315 */ 1316 if (drv->operstate == 1 && 1317 (ifi->ifi_flags & (IFF_LOWER_UP | IFF_DORMANT)) == IFF_LOWER_UP && 1318 !(ifi->ifi_flags & IFF_RUNNING)) { 1319 wpa_printf(MSG_DEBUG, "nl80211: Set IF_OPER_UP again based on ifi_flags and expected operstate"); 1320 netlink_send_oper_ifla(drv->global->netlink, drv->ifindex, 1321 -1, IF_OPER_UP); 1322 } 1323 1324 event_newlink: 1325 if (ifname[0]) 1326 wpa_driver_nl80211_event_newlink(global, drv, ifi->ifi_index, 1327 ifname); 1328 1329 if (ifi->ifi_family == AF_BRIDGE && brid && drv) { 1330 struct i802_bss *bss; 1331 1332 /* device has been added to bridge */ 1333 if (!if_indextoname(brid, namebuf)) { 1334 wpa_printf(MSG_DEBUG, 1335 "nl80211: Could not find bridge ifname for ifindex %u", 1336 brid); 1337 return; 1338 } 1339 wpa_printf(MSG_DEBUG, "nl80211: Add ifindex %u for bridge %s", 1340 brid, namebuf); 1341 add_ifidx(drv, brid, ifi->ifi_index); 1342 1343 for (bss = drv->first_bss; bss; bss = bss->next) { 1344 if (os_strcmp(ifname, bss->ifname) == 0) { 1345 os_strlcpy(bss->brname, namebuf, IFNAMSIZ); 1346 break; 1347 } 1348 } 1349 } 1350 } 1351 1352 1353 static void wpa_driver_nl80211_event_rtm_dellink(void *ctx, 1354 struct ifinfomsg *ifi, 1355 u8 *buf, size_t len) 1356 { 1357 struct nl80211_global *global = ctx; 1358 struct wpa_driver_nl80211_data *drv; 1359 int attrlen; 1360 struct rtattr *attr; 1361 u32 brid = 0; 1362 char ifname[IFNAMSIZ + 1]; 1363 char extra[100], *pos, *end; 1364 1365 extra[0] = '\0'; 1366 pos = extra; 1367 end = pos + sizeof(extra); 1368 ifname[0] = '\0'; 1369 1370 attrlen = len; 1371 attr = (struct rtattr *) buf; 1372 while (RTA_OK(attr, attrlen)) { 1373 switch (attr->rta_type) { 1374 case IFLA_IFNAME: 1375 if (RTA_PAYLOAD(attr) > IFNAMSIZ) 1376 break; 1377 os_memcpy(ifname, RTA_DATA(attr), RTA_PAYLOAD(attr)); 1378 ifname[RTA_PAYLOAD(attr)] = '\0'; 1379 break; 1380 case IFLA_MASTER: 1381 brid = nla_get_u32((struct nlattr *) attr); 1382 pos += os_snprintf(pos, end - pos, " master=%u", brid); 1383 break; 1384 case IFLA_OPERSTATE: 1385 pos += os_snprintf(pos, end - pos, " operstate=%u", 1386 nla_get_u32((struct nlattr *) attr)); 1387 break; 1388 case IFLA_LINKMODE: 1389 pos += os_snprintf(pos, end - pos, " linkmode=%u", 1390 nla_get_u32((struct nlattr *) attr)); 1391 break; 1392 } 1393 attr = RTA_NEXT(attr, attrlen); 1394 } 1395 extra[sizeof(extra) - 1] = '\0'; 1396 1397 wpa_printf(MSG_DEBUG, "RTM_DELLINK: ifi_index=%d ifname=%s%s ifi_family=%d ifi_flags=0x%x (%s%s%s%s)", 1398 ifi->ifi_index, ifname, extra, ifi->ifi_family, 1399 ifi->ifi_flags, 1400 (ifi->ifi_flags & IFF_UP) ? "[UP]" : "", 1401 (ifi->ifi_flags & IFF_RUNNING) ? "[RUNNING]" : "", 1402 (ifi->ifi_flags & IFF_LOWER_UP) ? "[LOWER_UP]" : "", 1403 (ifi->ifi_flags & IFF_DORMANT) ? "[DORMANT]" : ""); 1404 1405 drv = nl80211_find_drv(global, ifi->ifi_index, buf, len, NULL); 1406 1407 if (ifi->ifi_family == AF_BRIDGE && brid && drv) { 1408 /* device has been removed from bridge */ 1409 char namebuf[IFNAMSIZ]; 1410 1411 if (!if_indextoname(brid, namebuf)) { 1412 wpa_printf(MSG_DEBUG, 1413 "nl80211: Could not find bridge ifname for ifindex %u", 1414 brid); 1415 } else { 1416 wpa_printf(MSG_DEBUG, 1417 "nl80211: Remove ifindex %u for bridge %s", 1418 brid, namebuf); 1419 } 1420 del_ifidx(drv, brid, ifi->ifi_index); 1421 } 1422 1423 if (ifi->ifi_family != AF_BRIDGE || !brid) 1424 wpa_driver_nl80211_event_dellink(global, drv, ifi->ifi_index, 1425 ifname); 1426 } 1427 1428 1429 struct nl80211_get_assoc_freq_arg { 1430 struct wpa_driver_nl80211_data *drv; 1431 unsigned int assoc_freq; 1432 unsigned int ibss_freq; 1433 u8 assoc_bssid[ETH_ALEN]; 1434 u8 assoc_ssid[SSID_MAX_LEN]; 1435 u8 assoc_ssid_len; 1436 }; 1437 1438 static int nl80211_get_assoc_freq_handler(struct nl_msg *msg, void *arg) 1439 { 1440 struct nlattr *tb[NL80211_ATTR_MAX + 1]; 1441 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); 1442 struct nlattr *bss[NL80211_BSS_MAX + 1]; 1443 static struct nla_policy bss_policy[NL80211_BSS_MAX + 1] = { 1444 [NL80211_BSS_BSSID] = { .type = NLA_UNSPEC }, 1445 [NL80211_BSS_FREQUENCY] = { .type = NLA_U32 }, 1446 [NL80211_BSS_INFORMATION_ELEMENTS] = { .type = NLA_UNSPEC }, 1447 [NL80211_BSS_STATUS] = { .type = NLA_U32 }, 1448 }; 1449 struct nl80211_get_assoc_freq_arg *ctx = arg; 1450 enum nl80211_bss_status status; 1451 1452 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), 1453 genlmsg_attrlen(gnlh, 0), NULL); 1454 if (!tb[NL80211_ATTR_BSS] || 1455 nla_parse_nested(bss, NL80211_BSS_MAX, tb[NL80211_ATTR_BSS], 1456 bss_policy) || 1457 !bss[NL80211_BSS_STATUS]) 1458 return NL_SKIP; 1459 1460 status = nla_get_u32(bss[NL80211_BSS_STATUS]); 1461 if (status == NL80211_BSS_STATUS_ASSOCIATED && 1462 bss[NL80211_BSS_FREQUENCY]) { 1463 ctx->assoc_freq = nla_get_u32(bss[NL80211_BSS_FREQUENCY]); 1464 wpa_printf(MSG_DEBUG, "nl80211: Associated on %u MHz", 1465 ctx->assoc_freq); 1466 } 1467 if (status == NL80211_BSS_STATUS_IBSS_JOINED && 1468 bss[NL80211_BSS_FREQUENCY]) { 1469 ctx->ibss_freq = nla_get_u32(bss[NL80211_BSS_FREQUENCY]); 1470 wpa_printf(MSG_DEBUG, "nl80211: IBSS-joined on %u MHz", 1471 ctx->ibss_freq); 1472 } 1473 if (status == NL80211_BSS_STATUS_ASSOCIATED && 1474 bss[NL80211_BSS_BSSID]) { 1475 os_memcpy(ctx->assoc_bssid, 1476 nla_data(bss[NL80211_BSS_BSSID]), ETH_ALEN); 1477 wpa_printf(MSG_DEBUG, "nl80211: Associated with " 1478 MACSTR, MAC2STR(ctx->assoc_bssid)); 1479 } 1480 1481 if (status == NL80211_BSS_STATUS_ASSOCIATED && 1482 bss[NL80211_BSS_INFORMATION_ELEMENTS]) { 1483 const u8 *ie, *ssid; 1484 size_t ie_len; 1485 1486 ie = nla_data(bss[NL80211_BSS_INFORMATION_ELEMENTS]); 1487 ie_len = nla_len(bss[NL80211_BSS_INFORMATION_ELEMENTS]); 1488 ssid = get_ie(ie, ie_len, WLAN_EID_SSID); 1489 if (ssid && ssid[1] > 0 && ssid[1] <= SSID_MAX_LEN) { 1490 ctx->assoc_ssid_len = ssid[1]; 1491 os_memcpy(ctx->assoc_ssid, ssid + 2, ssid[1]); 1492 } 1493 } 1494 1495 return NL_SKIP; 1496 } 1497 1498 1499 int nl80211_get_assoc_ssid(struct wpa_driver_nl80211_data *drv, u8 *ssid) 1500 { 1501 struct nl_msg *msg; 1502 int ret; 1503 struct nl80211_get_assoc_freq_arg arg; 1504 int count = 0; 1505 1506 try_again: 1507 msg = nl80211_drv_msg(drv, NLM_F_DUMP, NL80211_CMD_GET_SCAN); 1508 os_memset(&arg, 0, sizeof(arg)); 1509 arg.drv = drv; 1510 ret = send_and_recv_msgs(drv, msg, nl80211_get_assoc_freq_handler, 1511 &arg, NULL, NULL); 1512 if (ret == -EAGAIN) { 1513 count++; 1514 if (count >= 10) { 1515 wpa_printf(MSG_INFO, 1516 "nl80211: Failed to receive consistent scan result dump for get_assoc_ssid"); 1517 } else { 1518 wpa_printf(MSG_DEBUG, 1519 "nl80211: Failed to receive consistent scan result dump for get_assoc_ssid - try again"); 1520 goto try_again; 1521 } 1522 } 1523 if (ret == 0) { 1524 os_memcpy(ssid, arg.assoc_ssid, arg.assoc_ssid_len); 1525 return arg.assoc_ssid_len; 1526 } 1527 wpa_printf(MSG_DEBUG, "nl80211: Scan result fetch failed: ret=%d (%s)", 1528 ret, strerror(-ret)); 1529 return ret; 1530 } 1531 1532 1533 unsigned int nl80211_get_assoc_freq(struct wpa_driver_nl80211_data *drv) 1534 { 1535 struct nl_msg *msg; 1536 int ret; 1537 struct nl80211_get_assoc_freq_arg arg; 1538 int count = 0; 1539 1540 try_again: 1541 msg = nl80211_drv_msg(drv, NLM_F_DUMP, NL80211_CMD_GET_SCAN); 1542 os_memset(&arg, 0, sizeof(arg)); 1543 arg.drv = drv; 1544 ret = send_and_recv_msgs(drv, msg, nl80211_get_assoc_freq_handler, 1545 &arg, NULL, NULL); 1546 if (ret == -EAGAIN) { 1547 count++; 1548 if (count >= 10) { 1549 wpa_printf(MSG_INFO, 1550 "nl80211: Failed to receive consistent scan result dump for get_assoc_freq"); 1551 } else { 1552 wpa_printf(MSG_DEBUG, 1553 "nl80211: Failed to receive consistent scan result dump for get_assoc_freq - try again"); 1554 goto try_again; 1555 } 1556 } 1557 if (ret == 0) { 1558 unsigned int freq = drv->nlmode == NL80211_IFTYPE_ADHOC ? 1559 arg.ibss_freq : arg.assoc_freq; 1560 wpa_printf(MSG_DEBUG, "nl80211: Operating frequency for the " 1561 "associated BSS from scan results: %u MHz", freq); 1562 if (freq) 1563 drv->assoc_freq = freq; 1564 return drv->assoc_freq; 1565 } 1566 wpa_printf(MSG_DEBUG, "nl80211: Scan result fetch failed: ret=%d " 1567 "(%s)", ret, strerror(-ret)); 1568 return drv->assoc_freq; 1569 } 1570 1571 1572 static int get_link_signal(struct nl_msg *msg, void *arg) 1573 { 1574 struct nlattr *tb[NL80211_ATTR_MAX + 1]; 1575 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); 1576 struct nlattr *sinfo[NL80211_STA_INFO_MAX + 1]; 1577 static struct nla_policy policy[NL80211_STA_INFO_MAX + 1] = { 1578 [NL80211_STA_INFO_SIGNAL] = { .type = NLA_U8 }, 1579 [NL80211_STA_INFO_SIGNAL_AVG] = { .type = NLA_U8 }, 1580 [NL80211_STA_INFO_BEACON_SIGNAL_AVG] = { .type = NLA_U8 }, 1581 }; 1582 struct nlattr *rinfo[NL80211_RATE_INFO_MAX + 1]; 1583 static struct nla_policy rate_policy[NL80211_RATE_INFO_MAX + 1] = { 1584 [NL80211_RATE_INFO_BITRATE] = { .type = NLA_U16 }, 1585 [NL80211_RATE_INFO_MCS] = { .type = NLA_U8 }, 1586 [NL80211_RATE_INFO_40_MHZ_WIDTH] = { .type = NLA_FLAG }, 1587 [NL80211_RATE_INFO_SHORT_GI] = { .type = NLA_FLAG }, 1588 }; 1589 struct wpa_signal_info *sig_change = arg; 1590 1591 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), 1592 genlmsg_attrlen(gnlh, 0), NULL); 1593 if (!tb[NL80211_ATTR_STA_INFO] || 1594 nla_parse_nested(sinfo, NL80211_STA_INFO_MAX, 1595 tb[NL80211_ATTR_STA_INFO], policy)) 1596 return NL_SKIP; 1597 if (!sinfo[NL80211_STA_INFO_SIGNAL]) 1598 return NL_SKIP; 1599 1600 sig_change->current_signal = 1601 (s8) nla_get_u8(sinfo[NL80211_STA_INFO_SIGNAL]); 1602 1603 if (sinfo[NL80211_STA_INFO_SIGNAL_AVG]) 1604 sig_change->avg_signal = 1605 (s8) nla_get_u8(sinfo[NL80211_STA_INFO_SIGNAL_AVG]); 1606 else 1607 sig_change->avg_signal = 0; 1608 1609 if (sinfo[NL80211_STA_INFO_BEACON_SIGNAL_AVG]) 1610 sig_change->avg_beacon_signal = 1611 (s8) 1612 nla_get_u8(sinfo[NL80211_STA_INFO_BEACON_SIGNAL_AVG]); 1613 else 1614 sig_change->avg_beacon_signal = 0; 1615 1616 if (sinfo[NL80211_STA_INFO_TX_BITRATE]) { 1617 if (nla_parse_nested(rinfo, NL80211_RATE_INFO_MAX, 1618 sinfo[NL80211_STA_INFO_TX_BITRATE], 1619 rate_policy)) { 1620 sig_change->current_txrate = 0; 1621 } else { 1622 if (rinfo[NL80211_RATE_INFO_BITRATE]) { 1623 sig_change->current_txrate = 1624 nla_get_u16(rinfo[ 1625 NL80211_RATE_INFO_BITRATE]) * 100; 1626 } 1627 } 1628 } 1629 1630 return NL_SKIP; 1631 } 1632 1633 1634 int nl80211_get_link_signal(struct wpa_driver_nl80211_data *drv, 1635 struct wpa_signal_info *sig) 1636 { 1637 struct nl_msg *msg; 1638 1639 sig->current_signal = -WPA_INVALID_NOISE; 1640 sig->current_txrate = 0; 1641 1642 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_GET_STATION)) || 1643 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, drv->bssid)) { 1644 nlmsg_free(msg); 1645 return -ENOBUFS; 1646 } 1647 1648 return send_and_recv_msgs(drv, msg, get_link_signal, sig, NULL, NULL); 1649 } 1650 1651 1652 static int get_link_noise(struct nl_msg *msg, void *arg) 1653 { 1654 struct nlattr *tb[NL80211_ATTR_MAX + 1]; 1655 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); 1656 struct nlattr *sinfo[NL80211_SURVEY_INFO_MAX + 1]; 1657 static struct nla_policy survey_policy[NL80211_SURVEY_INFO_MAX + 1] = { 1658 [NL80211_SURVEY_INFO_FREQUENCY] = { .type = NLA_U32 }, 1659 [NL80211_SURVEY_INFO_NOISE] = { .type = NLA_U8 }, 1660 }; 1661 struct wpa_signal_info *sig_change = arg; 1662 1663 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), 1664 genlmsg_attrlen(gnlh, 0), NULL); 1665 1666 if (!tb[NL80211_ATTR_SURVEY_INFO]) { 1667 wpa_printf(MSG_DEBUG, "nl80211: survey data missing!"); 1668 return NL_SKIP; 1669 } 1670 1671 if (nla_parse_nested(sinfo, NL80211_SURVEY_INFO_MAX, 1672 tb[NL80211_ATTR_SURVEY_INFO], 1673 survey_policy)) { 1674 wpa_printf(MSG_DEBUG, "nl80211: failed to parse nested " 1675 "attributes!"); 1676 return NL_SKIP; 1677 } 1678 1679 if (!sinfo[NL80211_SURVEY_INFO_FREQUENCY]) 1680 return NL_SKIP; 1681 1682 if (nla_get_u32(sinfo[NL80211_SURVEY_INFO_FREQUENCY]) != 1683 sig_change->frequency) 1684 return NL_SKIP; 1685 1686 if (!sinfo[NL80211_SURVEY_INFO_NOISE]) 1687 return NL_SKIP; 1688 1689 sig_change->current_noise = 1690 (s8) nla_get_u8(sinfo[NL80211_SURVEY_INFO_NOISE]); 1691 1692 return NL_SKIP; 1693 } 1694 1695 1696 int nl80211_get_link_noise(struct wpa_driver_nl80211_data *drv, 1697 struct wpa_signal_info *sig_change) 1698 { 1699 struct nl_msg *msg; 1700 1701 sig_change->current_noise = WPA_INVALID_NOISE; 1702 sig_change->frequency = drv->assoc_freq; 1703 1704 msg = nl80211_drv_msg(drv, NLM_F_DUMP, NL80211_CMD_GET_SURVEY); 1705 return send_and_recv_msgs(drv, msg, get_link_noise, sig_change, 1706 NULL, NULL); 1707 } 1708 1709 1710 static int get_channel_info(struct nl_msg *msg, void *arg) 1711 { 1712 struct nlattr *tb[NL80211_ATTR_MAX + 1] = { 0 }; 1713 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); 1714 struct wpa_channel_info *chan_info = arg; 1715 1716 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), 1717 genlmsg_attrlen(gnlh, 0), NULL); 1718 1719 os_memset(chan_info, 0, sizeof(struct wpa_channel_info)); 1720 chan_info->chanwidth = CHAN_WIDTH_UNKNOWN; 1721 1722 if (tb[NL80211_ATTR_WIPHY_FREQ]) 1723 chan_info->frequency = 1724 nla_get_u32(tb[NL80211_ATTR_WIPHY_FREQ]); 1725 if (tb[NL80211_ATTR_CHANNEL_WIDTH]) 1726 chan_info->chanwidth = convert2width( 1727 nla_get_u32(tb[NL80211_ATTR_CHANNEL_WIDTH])); 1728 if (tb[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) { 1729 enum nl80211_channel_type ct = 1730 nla_get_u32(tb[NL80211_ATTR_WIPHY_CHANNEL_TYPE]); 1731 1732 switch (ct) { 1733 case NL80211_CHAN_HT40MINUS: 1734 chan_info->sec_channel = -1; 1735 break; 1736 case NL80211_CHAN_HT40PLUS: 1737 chan_info->sec_channel = 1; 1738 break; 1739 default: 1740 chan_info->sec_channel = 0; 1741 break; 1742 } 1743 } 1744 if (tb[NL80211_ATTR_CENTER_FREQ1]) 1745 chan_info->center_frq1 = 1746 nla_get_u32(tb[NL80211_ATTR_CENTER_FREQ1]); 1747 if (tb[NL80211_ATTR_CENTER_FREQ2]) 1748 chan_info->center_frq2 = 1749 nla_get_u32(tb[NL80211_ATTR_CENTER_FREQ2]); 1750 1751 if (chan_info->center_frq2) { 1752 u8 seg1_idx = 0; 1753 1754 if (ieee80211_freq_to_chan(chan_info->center_frq2, &seg1_idx) != 1755 NUM_HOSTAPD_MODES) 1756 chan_info->seg1_idx = seg1_idx; 1757 } 1758 1759 return NL_SKIP; 1760 } 1761 1762 1763 static int nl80211_channel_info(void *priv, struct wpa_channel_info *ci) 1764 { 1765 struct i802_bss *bss = priv; 1766 struct wpa_driver_nl80211_data *drv = bss->drv; 1767 struct nl_msg *msg; 1768 1769 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_GET_INTERFACE); 1770 return send_and_recv_msgs(drv, msg, get_channel_info, ci, NULL, NULL); 1771 } 1772 1773 1774 static void wpa_driver_nl80211_event_receive(int sock, void *eloop_ctx, 1775 void *handle) 1776 { 1777 struct nl_cb *cb = eloop_ctx; 1778 int res; 1779 1780 wpa_printf(MSG_MSGDUMP, "nl80211: Event message available"); 1781 1782 res = nl_recvmsgs(handle, cb); 1783 if (res < 0) { 1784 wpa_printf(MSG_INFO, "nl80211: %s->nl_recvmsgs failed: %d", 1785 __func__, res); 1786 } 1787 } 1788 1789 1790 /** 1791 * wpa_driver_nl80211_set_country - ask nl80211 to set the regulatory domain 1792 * @priv: driver_nl80211 private data 1793 * @alpha2_arg: country to which to switch to 1794 * Returns: 0 on success, -1 on failure 1795 * 1796 * This asks nl80211 to set the regulatory domain for given 1797 * country ISO / IEC alpha2. 1798 */ 1799 static int wpa_driver_nl80211_set_country(void *priv, const char *alpha2_arg) 1800 { 1801 struct i802_bss *bss = priv; 1802 struct wpa_driver_nl80211_data *drv = bss->drv; 1803 char alpha2[3]; 1804 struct nl_msg *msg; 1805 1806 msg = nlmsg_alloc(); 1807 if (!msg) 1808 return -ENOMEM; 1809 1810 alpha2[0] = alpha2_arg[0]; 1811 alpha2[1] = alpha2_arg[1]; 1812 alpha2[2] = '\0'; 1813 1814 if (!nl80211_cmd(drv, msg, 0, NL80211_CMD_REQ_SET_REG) || 1815 nla_put_string(msg, NL80211_ATTR_REG_ALPHA2, alpha2)) { 1816 nlmsg_free(msg); 1817 return -EINVAL; 1818 } 1819 if (send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL)) 1820 return -EINVAL; 1821 return 0; 1822 } 1823 1824 1825 static int nl80211_get_country(struct nl_msg *msg, void *arg) 1826 { 1827 char *alpha2 = arg; 1828 struct nlattr *tb_msg[NL80211_ATTR_MAX + 1]; 1829 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); 1830 1831 nla_parse(tb_msg, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), 1832 genlmsg_attrlen(gnlh, 0), NULL); 1833 if (!tb_msg[NL80211_ATTR_REG_ALPHA2]) { 1834 wpa_printf(MSG_DEBUG, "nl80211: No country information available"); 1835 return NL_SKIP; 1836 } 1837 os_strlcpy(alpha2, nla_data(tb_msg[NL80211_ATTR_REG_ALPHA2]), 3); 1838 return NL_SKIP; 1839 } 1840 1841 1842 static int wpa_driver_nl80211_get_country(void *priv, char *alpha2) 1843 { 1844 struct i802_bss *bss = priv; 1845 struct wpa_driver_nl80211_data *drv = bss->drv; 1846 struct nl_msg *msg; 1847 int ret; 1848 1849 msg = nlmsg_alloc(); 1850 if (!msg) 1851 return -ENOMEM; 1852 1853 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_REG); 1854 alpha2[0] = '\0'; 1855 ret = send_and_recv_msgs(drv, msg, nl80211_get_country, alpha2, 1856 NULL, NULL); 1857 if (!alpha2[0]) 1858 ret = -1; 1859 1860 return ret; 1861 } 1862 1863 1864 static int wpa_driver_nl80211_init_nl_global(struct nl80211_global *global) 1865 { 1866 int ret; 1867 1868 global->nl_cb = nl_cb_alloc(NL_CB_DEFAULT); 1869 if (global->nl_cb == NULL) { 1870 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate netlink " 1871 "callbacks"); 1872 return -1; 1873 } 1874 1875 global->nl = nl_create_handle(global->nl_cb, "nl"); 1876 if (global->nl == NULL) 1877 goto err; 1878 1879 global->nl80211_id = genl_ctrl_resolve(global->nl, "nl80211"); 1880 if (global->nl80211_id < 0) { 1881 wpa_printf(MSG_ERROR, "nl80211: 'nl80211' generic netlink not " 1882 "found"); 1883 goto err; 1884 } 1885 1886 global->nl_event = nl_create_handle(global->nl_cb, "event"); 1887 if (global->nl_event == NULL) 1888 goto err; 1889 1890 ret = nl_get_multicast_id(global, "nl80211", "scan"); 1891 if (ret >= 0) 1892 ret = nl_socket_add_membership(global->nl_event, ret); 1893 if (ret < 0) { 1894 wpa_printf(MSG_ERROR, "nl80211: Could not add multicast " 1895 "membership for scan events: %d (%s)", 1896 ret, nl_geterror(ret)); 1897 goto err; 1898 } 1899 1900 ret = nl_get_multicast_id(global, "nl80211", "mlme"); 1901 if (ret >= 0) 1902 ret = nl_socket_add_membership(global->nl_event, ret); 1903 if (ret < 0) { 1904 wpa_printf(MSG_ERROR, "nl80211: Could not add multicast " 1905 "membership for mlme events: %d (%s)", 1906 ret, nl_geterror(ret)); 1907 goto err; 1908 } 1909 1910 ret = nl_get_multicast_id(global, "nl80211", "regulatory"); 1911 if (ret >= 0) 1912 ret = nl_socket_add_membership(global->nl_event, ret); 1913 if (ret < 0) { 1914 wpa_printf(MSG_DEBUG, "nl80211: Could not add multicast " 1915 "membership for regulatory events: %d (%s)", 1916 ret, nl_geterror(ret)); 1917 /* Continue without regulatory events */ 1918 } 1919 1920 ret = nl_get_multicast_id(global, "nl80211", "vendor"); 1921 if (ret >= 0) 1922 ret = nl_socket_add_membership(global->nl_event, ret); 1923 if (ret < 0) { 1924 wpa_printf(MSG_DEBUG, "nl80211: Could not add multicast " 1925 "membership for vendor events: %d (%s)", 1926 ret, nl_geterror(ret)); 1927 /* Continue without vendor events */ 1928 } 1929 1930 nl_cb_set(global->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM, 1931 no_seq_check, NULL); 1932 nl_cb_set(global->nl_cb, NL_CB_VALID, NL_CB_CUSTOM, 1933 process_global_event, global); 1934 1935 nl80211_register_eloop_read(&global->nl_event, 1936 wpa_driver_nl80211_event_receive, 1937 global->nl_cb, 0); 1938 1939 return 0; 1940 1941 err: 1942 nl_destroy_handles(&global->nl_event); 1943 nl_destroy_handles(&global->nl); 1944 nl_cb_put(global->nl_cb); 1945 global->nl_cb = NULL; 1946 return -1; 1947 } 1948 1949 1950 static void nl80211_check_global(struct nl80211_global *global) 1951 { 1952 struct nl_sock *handle; 1953 const char *groups[] = { "scan", "mlme", "regulatory", "vendor", NULL }; 1954 int ret; 1955 unsigned int i; 1956 1957 /* 1958 * Try to re-add memberships to handle case of cfg80211 getting reloaded 1959 * and all registration having been cleared. 1960 */ 1961 handle = (void *) (((intptr_t) global->nl_event) ^ 1962 ELOOP_SOCKET_INVALID); 1963 1964 for (i = 0; groups[i]; i++) { 1965 ret = nl_get_multicast_id(global, "nl80211", groups[i]); 1966 if (ret >= 0) 1967 ret = nl_socket_add_membership(handle, ret); 1968 if (ret < 0) { 1969 wpa_printf(MSG_INFO, 1970 "nl80211: Could not re-add multicast membership for %s events: %d (%s)", 1971 groups[i], ret, nl_geterror(ret)); 1972 } 1973 } 1974 } 1975 1976 1977 static void wpa_driver_nl80211_rfkill_blocked(void *ctx) 1978 { 1979 struct wpa_driver_nl80211_data *drv = ctx; 1980 1981 wpa_printf(MSG_DEBUG, "nl80211: RFKILL blocked"); 1982 1983 /* 1984 * rtnetlink ifdown handler will report interfaces other than the P2P 1985 * Device interface as disabled. 1986 */ 1987 if (drv->nlmode == NL80211_IFTYPE_P2P_DEVICE) 1988 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_DISABLED, NULL); 1989 } 1990 1991 1992 static void wpa_driver_nl80211_rfkill_unblocked(void *ctx) 1993 { 1994 struct wpa_driver_nl80211_data *drv = ctx; 1995 wpa_printf(MSG_DEBUG, "nl80211: RFKILL unblocked"); 1996 if (i802_set_iface_flags(drv->first_bss, 1)) { 1997 wpa_printf(MSG_DEBUG, "nl80211: Could not set interface UP " 1998 "after rfkill unblock"); 1999 return; 2000 } 2001 2002 if (is_p2p_net_interface(drv->nlmode)) 2003 nl80211_disable_11b_rates(drv, drv->ifindex, 1); 2004 2005 /* 2006 * rtnetlink ifup handler will report interfaces other than the P2P 2007 * Device interface as enabled. 2008 */ 2009 if (drv->nlmode == NL80211_IFTYPE_P2P_DEVICE) 2010 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_ENABLED, NULL); 2011 } 2012 2013 2014 static void wpa_driver_nl80211_handle_eapol_tx_status(int sock, 2015 void *eloop_ctx, 2016 void *handle) 2017 { 2018 struct wpa_driver_nl80211_data *drv = eloop_ctx; 2019 u8 data[2048]; 2020 struct msghdr msg; 2021 struct iovec entry; 2022 u8 control[512]; 2023 struct cmsghdr *cmsg; 2024 int res, found_ee = 0, found_wifi = 0, acked = 0; 2025 union wpa_event_data event; 2026 2027 memset(&msg, 0, sizeof(msg)); 2028 msg.msg_iov = &entry; 2029 msg.msg_iovlen = 1; 2030 entry.iov_base = data; 2031 entry.iov_len = sizeof(data); 2032 msg.msg_control = &control; 2033 msg.msg_controllen = sizeof(control); 2034 2035 res = recvmsg(sock, &msg, MSG_ERRQUEUE); 2036 /* if error or not fitting 802.3 header, return */ 2037 if (res < 14) 2038 return; 2039 2040 for (cmsg = CMSG_FIRSTHDR(&msg); cmsg; cmsg = CMSG_NXTHDR(&msg, cmsg)) 2041 { 2042 if (cmsg->cmsg_level == SOL_SOCKET && 2043 cmsg->cmsg_type == SCM_WIFI_STATUS) { 2044 int *ack; 2045 2046 found_wifi = 1; 2047 ack = (void *)CMSG_DATA(cmsg); 2048 acked = *ack; 2049 } 2050 2051 if (cmsg->cmsg_level == SOL_PACKET && 2052 cmsg->cmsg_type == PACKET_TX_TIMESTAMP) { 2053 struct sock_extended_err *err = 2054 (struct sock_extended_err *)CMSG_DATA(cmsg); 2055 2056 if (err->ee_origin == SO_EE_ORIGIN_TXSTATUS) 2057 found_ee = 1; 2058 } 2059 } 2060 2061 if (!found_ee || !found_wifi) 2062 return; 2063 2064 memset(&event, 0, sizeof(event)); 2065 event.eapol_tx_status.dst = data; 2066 event.eapol_tx_status.data = data + 14; 2067 event.eapol_tx_status.data_len = res - 14; 2068 event.eapol_tx_status.ack = acked; 2069 wpa_supplicant_event(drv->ctx, EVENT_EAPOL_TX_STATUS, &event); 2070 } 2071 2072 2073 static int nl80211_init_connect_handle(struct i802_bss *bss) 2074 { 2075 if (bss->nl_connect) { 2076 wpa_printf(MSG_DEBUG, 2077 "nl80211: Connect handle already created (nl_connect=%p)", 2078 bss->nl_connect); 2079 return -1; 2080 } 2081 2082 bss->nl_connect = nl_create_handle(bss->nl_cb, "connect"); 2083 if (!bss->nl_connect) 2084 return -1; 2085 nl80211_register_eloop_read(&bss->nl_connect, 2086 wpa_driver_nl80211_event_receive, 2087 bss->nl_cb, 1); 2088 return 0; 2089 } 2090 2091 2092 static int nl80211_init_bss(struct i802_bss *bss) 2093 { 2094 bss->nl_cb = nl_cb_alloc(NL_CB_DEFAULT); 2095 if (!bss->nl_cb) 2096 return -1; 2097 2098 nl_cb_set(bss->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM, 2099 no_seq_check, NULL); 2100 nl_cb_set(bss->nl_cb, NL_CB_VALID, NL_CB_CUSTOM, 2101 process_bss_event, bss); 2102 2103 nl80211_init_connect_handle(bss); 2104 2105 return 0; 2106 } 2107 2108 2109 static void nl80211_destroy_bss(struct i802_bss *bss) 2110 { 2111 nl_cb_put(bss->nl_cb); 2112 bss->nl_cb = NULL; 2113 2114 if (bss->nl_connect) 2115 nl80211_destroy_eloop_handle(&bss->nl_connect, 1); 2116 } 2117 2118 2119 static void 2120 wpa_driver_nl80211_drv_init_rfkill(struct wpa_driver_nl80211_data *drv) 2121 { 2122 struct rfkill_config *rcfg; 2123 2124 if (drv->rfkill) 2125 return; 2126 2127 rcfg = os_zalloc(sizeof(*rcfg)); 2128 if (!rcfg) 2129 return; 2130 2131 rcfg->ctx = drv; 2132 2133 /* rfkill uses netdev sysfs for initialization. However, P2P Device is 2134 * not associated with a netdev, so use the name of some other interface 2135 * sharing the same wiphy as the P2P Device interface. 2136 * 2137 * Note: This is valid, as a P2P Device interface is always dynamically 2138 * created and is created only once another wpa_s interface was added. 2139 */ 2140 if (drv->nlmode == NL80211_IFTYPE_P2P_DEVICE) { 2141 struct nl80211_global *global = drv->global; 2142 struct wpa_driver_nl80211_data *tmp1; 2143 2144 dl_list_for_each(tmp1, &global->interfaces, 2145 struct wpa_driver_nl80211_data, list) { 2146 if (drv == tmp1 || drv->wiphy_idx != tmp1->wiphy_idx || 2147 !tmp1->rfkill) 2148 continue; 2149 2150 wpa_printf(MSG_DEBUG, 2151 "nl80211: Use (%s) to initialize P2P Device rfkill", 2152 tmp1->first_bss->ifname); 2153 os_strlcpy(rcfg->ifname, tmp1->first_bss->ifname, 2154 sizeof(rcfg->ifname)); 2155 break; 2156 } 2157 } else { 2158 os_strlcpy(rcfg->ifname, drv->first_bss->ifname, 2159 sizeof(rcfg->ifname)); 2160 } 2161 2162 rcfg->blocked_cb = wpa_driver_nl80211_rfkill_blocked; 2163 rcfg->unblocked_cb = wpa_driver_nl80211_rfkill_unblocked; 2164 drv->rfkill = rfkill_init(rcfg); 2165 if (!drv->rfkill) { 2166 wpa_printf(MSG_DEBUG, "nl80211: RFKILL status not available"); 2167 os_free(rcfg); 2168 } 2169 } 2170 2171 2172 static void * wpa_driver_nl80211_drv_init(void *ctx, const char *ifname, 2173 void *global_priv, int hostapd, 2174 const u8 *set_addr, 2175 const char *driver_params) 2176 { 2177 struct wpa_driver_nl80211_data *drv; 2178 struct i802_bss *bss; 2179 2180 if (global_priv == NULL) 2181 return NULL; 2182 drv = os_zalloc(sizeof(*drv)); 2183 if (drv == NULL) 2184 return NULL; 2185 drv->global = global_priv; 2186 drv->ctx = ctx; 2187 drv->hostapd = !!hostapd; 2188 drv->eapol_sock = -1; 2189 2190 /* 2191 * There is no driver capability flag for this, so assume it is 2192 * supported and disable this on first attempt to use if the driver 2193 * rejects the command due to missing support. 2194 */ 2195 drv->set_rekey_offload = 1; 2196 2197 drv->num_if_indices = ARRAY_SIZE(drv->default_if_indices); 2198 drv->if_indices = drv->default_if_indices; 2199 2200 drv->first_bss = os_zalloc(sizeof(*drv->first_bss)); 2201 if (!drv->first_bss) { 2202 os_free(drv); 2203 return NULL; 2204 } 2205 bss = drv->first_bss; 2206 bss->drv = drv; 2207 bss->ctx = ctx; 2208 2209 os_strlcpy(bss->ifname, ifname, sizeof(bss->ifname)); 2210 drv->monitor_ifidx = -1; 2211 drv->monitor_sock = -1; 2212 drv->eapol_tx_sock = -1; 2213 drv->ap_scan_as_station = NL80211_IFTYPE_UNSPECIFIED; 2214 2215 if (nl80211_init_bss(bss)) 2216 goto failed; 2217 2218 if (wpa_driver_nl80211_finish_drv_init(drv, set_addr, 1, driver_params)) 2219 goto failed; 2220 2221 if (drv->capa.flags2 & WPA_DRIVER_FLAGS2_CONTROL_PORT_TX_STATUS) { 2222 drv->control_port_ap = 1; 2223 goto skip_wifi_status; 2224 } 2225 2226 drv->eapol_tx_sock = socket(PF_PACKET, SOCK_DGRAM, 0); 2227 if (drv->eapol_tx_sock < 0) 2228 goto failed; 2229 2230 if (drv->data_tx_status) { 2231 int enabled = 1; 2232 2233 if (setsockopt(drv->eapol_tx_sock, SOL_SOCKET, SO_WIFI_STATUS, 2234 &enabled, sizeof(enabled)) < 0) { 2235 wpa_printf(MSG_DEBUG, 2236 "nl80211: wifi status sockopt failed: %s", 2237 strerror(errno)); 2238 drv->data_tx_status = 0; 2239 if (!drv->use_monitor) 2240 drv->capa.flags &= 2241 ~WPA_DRIVER_FLAGS_EAPOL_TX_STATUS; 2242 } else { 2243 eloop_register_read_sock( 2244 drv->eapol_tx_sock, 2245 wpa_driver_nl80211_handle_eapol_tx_status, 2246 drv, NULL); 2247 } 2248 } 2249 skip_wifi_status: 2250 2251 if (drv->global) { 2252 nl80211_check_global(drv->global); 2253 dl_list_add(&drv->global->interfaces, &drv->list); 2254 drv->in_interface_list = 1; 2255 } 2256 2257 return bss; 2258 2259 failed: 2260 wpa_driver_nl80211_deinit(bss); 2261 return NULL; 2262 } 2263 2264 2265 /** 2266 * wpa_driver_nl80211_init - Initialize nl80211 driver interface 2267 * @ctx: context to be used when calling wpa_supplicant functions, 2268 * e.g., wpa_supplicant_event() 2269 * @ifname: interface name, e.g., wlan0 2270 * @global_priv: private driver global data from global_init() 2271 * Returns: Pointer to private data, %NULL on failure 2272 */ 2273 static void * wpa_driver_nl80211_init(void *ctx, const char *ifname, 2274 void *global_priv) 2275 { 2276 return wpa_driver_nl80211_drv_init(ctx, ifname, global_priv, 0, NULL, 2277 NULL); 2278 } 2279 2280 2281 static int nl80211_register_frame(struct i802_bss *bss, 2282 struct nl_sock *nl_handle, 2283 u16 type, const u8 *match, size_t match_len, 2284 bool multicast) 2285 { 2286 struct wpa_driver_nl80211_data *drv = bss->drv; 2287 struct nl_msg *msg; 2288 int ret; 2289 char buf[30]; 2290 2291 buf[0] = '\0'; 2292 wpa_snprintf_hex(buf, sizeof(buf), match, match_len); 2293 wpa_printf(MSG_DEBUG, 2294 "nl80211: Register frame type=0x%x (%s) nl_handle=%p match=%s multicast=%d", 2295 type, fc2str(type), nl_handle, buf, multicast); 2296 2297 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_REGISTER_FRAME)) || 2298 (multicast && nla_put_flag(msg, NL80211_ATTR_RECEIVE_MULTICAST)) || 2299 nla_put_u16(msg, NL80211_ATTR_FRAME_TYPE, type) || 2300 nla_put(msg, NL80211_ATTR_FRAME_MATCH, match_len, match)) { 2301 nlmsg_free(msg); 2302 return -1; 2303 } 2304 2305 ret = send_and_recv(drv->global, nl_handle, msg, NULL, NULL, 2306 NULL, NULL); 2307 if (ret) { 2308 wpa_printf(MSG_DEBUG, "nl80211: Register frame command " 2309 "failed (type=%u): ret=%d (%s)", 2310 type, ret, strerror(-ret)); 2311 wpa_hexdump(MSG_DEBUG, "nl80211: Register frame match", 2312 match, match_len); 2313 } 2314 return ret; 2315 } 2316 2317 2318 static int nl80211_alloc_mgmt_handle(struct i802_bss *bss) 2319 { 2320 if (bss->nl_mgmt) { 2321 wpa_printf(MSG_DEBUG, "nl80211: Mgmt reporting " 2322 "already on! (nl_mgmt=%p)", bss->nl_mgmt); 2323 return -1; 2324 } 2325 2326 bss->nl_mgmt = nl_create_handle(bss->nl_cb, "mgmt"); 2327 if (bss->nl_mgmt == NULL) 2328 return -1; 2329 2330 return 0; 2331 } 2332 2333 2334 static void nl80211_mgmt_handle_register_eloop(struct i802_bss *bss) 2335 { 2336 nl80211_register_eloop_read(&bss->nl_mgmt, 2337 wpa_driver_nl80211_event_receive, 2338 bss->nl_cb, 0); 2339 } 2340 2341 2342 static int nl80211_register_action_frame(struct i802_bss *bss, 2343 const u8 *match, size_t match_len) 2344 { 2345 u16 type = (WLAN_FC_TYPE_MGMT << 2) | (WLAN_FC_STYPE_ACTION << 4); 2346 return nl80211_register_frame(bss, bss->nl_mgmt, 2347 type, match, match_len, false); 2348 } 2349 2350 2351 static int nl80211_mgmt_subscribe_non_ap(struct i802_bss *bss) 2352 { 2353 struct wpa_driver_nl80211_data *drv = bss->drv; 2354 u16 type = (WLAN_FC_TYPE_MGMT << 2) | (WLAN_FC_STYPE_AUTH << 4); 2355 int ret = 0; 2356 2357 if (nl80211_alloc_mgmt_handle(bss)) 2358 return -1; 2359 wpa_printf(MSG_DEBUG, "nl80211: Subscribe to mgmt frames with non-AP " 2360 "handle %p", bss->nl_mgmt); 2361 2362 if (drv->nlmode == NL80211_IFTYPE_ADHOC) { 2363 /* register for any AUTH message */ 2364 nl80211_register_frame(bss, bss->nl_mgmt, type, NULL, 0, false); 2365 } else if ((drv->capa.flags & WPA_DRIVER_FLAGS_SAE) && 2366 !(drv->capa.flags & WPA_DRIVER_FLAGS_SME)) { 2367 /* register for SAE Authentication frames */ 2368 nl80211_register_frame(bss, bss->nl_mgmt, type, 2369 (u8 *) "\x03\x00", 2, false); 2370 } 2371 2372 #ifdef CONFIG_PASN 2373 /* register for PASN Authentication frames */ 2374 if ((drv->capa.flags & WPA_DRIVER_FLAGS_SME) && 2375 nl80211_register_frame(bss, bss->nl_mgmt, type, 2376 (u8 *) "\x07\x00", 2, false)) 2377 ret = -1; 2378 #endif /* CONFIG_PASN */ 2379 2380 #ifdef CONFIG_INTERWORKING 2381 /* QoS Map Configure */ 2382 if (nl80211_register_action_frame(bss, (u8 *) "\x01\x04", 2) < 0) 2383 ret = -1; 2384 #endif /* CONFIG_INTERWORKING */ 2385 #if defined(CONFIG_P2P) || defined(CONFIG_INTERWORKING) || defined(CONFIG_DPP) 2386 /* GAS Initial Request */ 2387 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0a", 2) < 0) 2388 ret = -1; 2389 /* GAS Initial Response */ 2390 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0b", 2) < 0) 2391 ret = -1; 2392 /* GAS Comeback Request */ 2393 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0c", 2) < 0) 2394 ret = -1; 2395 /* GAS Comeback Response */ 2396 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0d", 2) < 0) 2397 ret = -1; 2398 /* Protected GAS Initial Request */ 2399 if (nl80211_register_action_frame(bss, (u8 *) "\x09\x0a", 2) < 0) 2400 ret = -1; 2401 /* Protected GAS Initial Response */ 2402 if (nl80211_register_action_frame(bss, (u8 *) "\x09\x0b", 2) < 0) 2403 ret = -1; 2404 /* Protected GAS Comeback Request */ 2405 if (nl80211_register_action_frame(bss, (u8 *) "\x09\x0c", 2) < 0) 2406 ret = -1; 2407 /* Protected GAS Comeback Response */ 2408 if (nl80211_register_action_frame(bss, (u8 *) "\x09\x0d", 2) < 0) 2409 ret = -1; 2410 #endif /* CONFIG_P2P || CONFIG_INTERWORKING || CONFIG_DPP */ 2411 #ifdef CONFIG_P2P 2412 /* P2P Public Action */ 2413 if (nl80211_register_action_frame(bss, 2414 (u8 *) "\x04\x09\x50\x6f\x9a\x09", 2415 6) < 0) 2416 ret = -1; 2417 /* P2P Action */ 2418 if (nl80211_register_action_frame(bss, 2419 (u8 *) "\x7f\x50\x6f\x9a\x09", 2420 5) < 0) 2421 ret = -1; 2422 #endif /* CONFIG_P2P */ 2423 #ifdef CONFIG_DPP 2424 /* DPP Public Action */ 2425 if (nl80211_register_action_frame(bss, 2426 (u8 *) "\x04\x09\x50\x6f\x9a\x1a", 2427 6) < 0) 2428 ret = -1; 2429 #endif /* CONFIG_DPP */ 2430 #ifdef CONFIG_OCV 2431 /* SA Query Request */ 2432 if (nl80211_register_action_frame(bss, (u8 *) "\x08\x00", 2) < 0) 2433 ret = -1; 2434 #endif /* CONFIG_OCV */ 2435 /* SA Query Response */ 2436 if (nl80211_register_action_frame(bss, (u8 *) "\x08\x01", 2) < 0) 2437 ret = -1; 2438 #ifdef CONFIG_TDLS 2439 if ((drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT)) { 2440 /* TDLS Discovery Response */ 2441 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0e", 2) < 2442 0) 2443 ret = -1; 2444 } 2445 #endif /* CONFIG_TDLS */ 2446 #ifdef CONFIG_FST 2447 /* FST Action frames */ 2448 if (nl80211_register_action_frame(bss, (u8 *) "\x12", 1) < 0) 2449 ret = -1; 2450 #endif /* CONFIG_FST */ 2451 2452 /* FT Action frames */ 2453 if (nl80211_register_action_frame(bss, (u8 *) "\x06", 1) < 0) 2454 ret = -1; 2455 else if (!drv->has_driver_key_mgmt) { 2456 int i; 2457 2458 /* Update supported AKMs only if the driver doesn't advertize 2459 * any AKM capabilities. */ 2460 drv->capa.key_mgmt |= WPA_DRIVER_CAPA_KEY_MGMT_FT | 2461 WPA_DRIVER_CAPA_KEY_MGMT_FT_PSK; 2462 2463 /* Update per interface supported AKMs */ 2464 for (i = 0; i < WPA_IF_MAX; i++) 2465 drv->capa.key_mgmt_iftype[i] = drv->capa.key_mgmt; 2466 } 2467 2468 /* WNM - BSS Transition Management Request */ 2469 if (nl80211_register_action_frame(bss, (u8 *) "\x0a\x07", 2) < 0) 2470 ret = -1; 2471 /* WNM-Sleep Mode Response */ 2472 if (nl80211_register_action_frame(bss, (u8 *) "\x0a\x11", 2) < 0) 2473 ret = -1; 2474 #ifdef CONFIG_WNM 2475 /* WNM - Collocated Interference Request */ 2476 if (nl80211_register_action_frame(bss, (u8 *) "\x0a\x0b", 2) < 0) 2477 ret = -1; 2478 #endif /* CONFIG_WNM */ 2479 2480 #ifdef CONFIG_HS20 2481 /* WNM-Notification */ 2482 if (nl80211_register_action_frame(bss, (u8 *) "\x0a\x1a", 2) < 0) 2483 ret = -1; 2484 #endif /* CONFIG_HS20 */ 2485 2486 /* WMM-AC ADDTS Response */ 2487 if (nl80211_register_action_frame(bss, (u8 *) "\x11\x01", 2) < 0) 2488 ret = -1; 2489 2490 /* WMM-AC DELTS */ 2491 if (nl80211_register_action_frame(bss, (u8 *) "\x11\x02", 2) < 0) 2492 ret = -1; 2493 2494 /* Radio Measurement - Neighbor Report Response */ 2495 if (nl80211_register_action_frame(bss, (u8 *) "\x05\x05", 2) < 0) 2496 ret = -1; 2497 2498 /* Radio Measurement - Radio Measurement Request */ 2499 if (!drv->no_rrm && 2500 nl80211_register_action_frame(bss, (u8 *) "\x05\x00", 2) < 0) 2501 ret = -1; 2502 2503 /* Radio Measurement - Link Measurement Request */ 2504 if ((drv->capa.rrm_flags & WPA_DRIVER_FLAGS_TX_POWER_INSERTION) && 2505 (nl80211_register_action_frame(bss, (u8 *) "\x05\x02", 2) < 0)) 2506 ret = -1; 2507 2508 /* Robust AV MSCS Response */ 2509 if (nl80211_register_action_frame(bss, (u8 *) "\x13\x05", 2) < 0) 2510 ret = -1; 2511 2512 nl80211_mgmt_handle_register_eloop(bss); 2513 2514 return ret; 2515 } 2516 2517 2518 static int nl80211_mgmt_subscribe_mesh(struct i802_bss *bss) 2519 { 2520 int ret = 0; 2521 2522 if (nl80211_alloc_mgmt_handle(bss)) 2523 return -1; 2524 2525 wpa_printf(MSG_DEBUG, 2526 "nl80211: Subscribe to mgmt frames with mesh handle %p", 2527 bss->nl_mgmt); 2528 2529 /* Auth frames for mesh SAE */ 2530 if (nl80211_register_frame(bss, bss->nl_mgmt, 2531 (WLAN_FC_TYPE_MGMT << 2) | 2532 (WLAN_FC_STYPE_AUTH << 4), 2533 NULL, 0, false) < 0) 2534 ret = -1; 2535 2536 /* Mesh peering open */ 2537 if (nl80211_register_action_frame(bss, (u8 *) "\x0f\x01", 2) < 0) 2538 ret = -1; 2539 /* Mesh peering confirm */ 2540 if (nl80211_register_action_frame(bss, (u8 *) "\x0f\x02", 2) < 0) 2541 ret = -1; 2542 /* Mesh peering close */ 2543 if (nl80211_register_action_frame(bss, (u8 *) "\x0f\x03", 2) < 0) 2544 ret = -1; 2545 2546 nl80211_mgmt_handle_register_eloop(bss); 2547 2548 return ret; 2549 } 2550 2551 2552 static int nl80211_register_spurious_class3(struct i802_bss *bss) 2553 { 2554 struct nl_msg *msg; 2555 int ret; 2556 2557 msg = nl80211_bss_msg(bss, 0, NL80211_CMD_UNEXPECTED_FRAME); 2558 ret = send_and_recv(bss->drv->global, bss->nl_mgmt, msg, NULL, NULL, 2559 NULL, NULL); 2560 if (ret) { 2561 wpa_printf(MSG_DEBUG, "nl80211: Register spurious class3 " 2562 "failed: ret=%d (%s)", 2563 ret, strerror(-ret)); 2564 } 2565 return ret; 2566 } 2567 2568 2569 static int nl80211_action_subscribe_ap(struct i802_bss *bss) 2570 { 2571 int ret = 0; 2572 2573 /* Public Action frames */ 2574 if (nl80211_register_action_frame(bss, (u8 *) "\x04", 1) < 0) 2575 ret = -1; 2576 /* RRM Measurement Report */ 2577 if (nl80211_register_action_frame(bss, (u8 *) "\x05\x01", 2) < 0) 2578 ret = -1; 2579 /* RRM Link Measurement Report */ 2580 if (nl80211_register_action_frame(bss, (u8 *) "\x05\x03", 2) < 0) 2581 ret = -1; 2582 /* RRM Neighbor Report Request */ 2583 if (nl80211_register_action_frame(bss, (u8 *) "\x05\x04", 2) < 0) 2584 ret = -1; 2585 /* FT Action frames */ 2586 if (nl80211_register_action_frame(bss, (u8 *) "\x06", 1) < 0) 2587 ret = -1; 2588 /* SA Query */ 2589 if (nl80211_register_action_frame(bss, (u8 *) "\x08", 1) < 0) 2590 ret = -1; 2591 /* Protected Dual of Public Action */ 2592 if (nl80211_register_action_frame(bss, (u8 *) "\x09", 1) < 0) 2593 ret = -1; 2594 /* WNM */ 2595 if (nl80211_register_action_frame(bss, (u8 *) "\x0a", 1) < 0) 2596 ret = -1; 2597 /* WMM */ 2598 if (nl80211_register_action_frame(bss, (u8 *) "\x11", 1) < 0) 2599 ret = -1; 2600 #ifdef CONFIG_FST 2601 /* FST Action frames */ 2602 if (nl80211_register_action_frame(bss, (u8 *) "\x12", 1) < 0) 2603 ret = -1; 2604 #endif /* CONFIG_FST */ 2605 /* Vendor-specific */ 2606 if (nl80211_register_action_frame(bss, (u8 *) "\x7f", 1) < 0) 2607 ret = -1; 2608 2609 return ret; 2610 } 2611 2612 2613 static int nl80211_mgmt_subscribe_ap(struct i802_bss *bss) 2614 { 2615 static const int stypes[] = { 2616 WLAN_FC_STYPE_AUTH, 2617 WLAN_FC_STYPE_ASSOC_REQ, 2618 WLAN_FC_STYPE_REASSOC_REQ, 2619 WLAN_FC_STYPE_DISASSOC, 2620 WLAN_FC_STYPE_DEAUTH, 2621 WLAN_FC_STYPE_PROBE_REQ, 2622 /* Beacon doesn't work as mac80211 doesn't currently allow 2623 * it, but it wouldn't really be the right thing anyway as 2624 * it isn't per interface ... maybe just dump the scan 2625 * results periodically for OLBC? 2626 */ 2627 /* WLAN_FC_STYPE_BEACON, */ 2628 }; 2629 unsigned int i; 2630 2631 if (nl80211_alloc_mgmt_handle(bss)) 2632 return -1; 2633 wpa_printf(MSG_DEBUG, "nl80211: Subscribe to mgmt frames with AP " 2634 "handle %p", bss->nl_mgmt); 2635 2636 for (i = 0; i < ARRAY_SIZE(stypes); i++) { 2637 if (nl80211_register_frame(bss, bss->nl_mgmt, 2638 (WLAN_FC_TYPE_MGMT << 2) | 2639 (stypes[i] << 4), 2640 NULL, 0, false) < 0) { 2641 goto out_err; 2642 } 2643 } 2644 2645 if (nl80211_action_subscribe_ap(bss)) 2646 goto out_err; 2647 2648 if (nl80211_register_spurious_class3(bss)) 2649 goto out_err; 2650 2651 nl80211_mgmt_handle_register_eloop(bss); 2652 return 0; 2653 2654 out_err: 2655 nl_destroy_handles(&bss->nl_mgmt); 2656 return -1; 2657 } 2658 2659 2660 static int nl80211_mgmt_subscribe_ap_dev_sme(struct i802_bss *bss) 2661 { 2662 if (nl80211_alloc_mgmt_handle(bss)) 2663 return -1; 2664 wpa_printf(MSG_DEBUG, "nl80211: Subscribe to mgmt frames with AP " 2665 "handle %p (device SME)", bss->nl_mgmt); 2666 2667 if (nl80211_action_subscribe_ap(bss)) 2668 goto out_err; 2669 2670 if (bss->drv->device_ap_sme) { 2671 u16 type = (WLAN_FC_TYPE_MGMT << 2) | (WLAN_FC_STYPE_AUTH << 4); 2672 2673 /* Register for all Authentication frames */ 2674 if (nl80211_register_frame(bss, bss->nl_mgmt, type, NULL, 0, 2675 false) < 0) 2676 wpa_printf(MSG_DEBUG, 2677 "nl80211: Failed to subscribe to handle Authentication frames - SAE offload may not work"); 2678 } 2679 2680 nl80211_mgmt_handle_register_eloop(bss); 2681 return 0; 2682 2683 out_err: 2684 nl_destroy_handles(&bss->nl_mgmt); 2685 return -1; 2686 } 2687 2688 2689 static void nl80211_mgmt_unsubscribe(struct i802_bss *bss, const char *reason) 2690 { 2691 if (bss->nl_mgmt == NULL) 2692 return; 2693 wpa_printf(MSG_DEBUG, "nl80211: Unsubscribe mgmt frames handle %p " 2694 "(%s)", bss->nl_mgmt, reason); 2695 nl80211_destroy_eloop_handle(&bss->nl_mgmt, 0); 2696 2697 nl80211_put_wiphy_data_ap(bss); 2698 } 2699 2700 2701 static void wpa_driver_nl80211_send_rfkill(void *eloop_ctx, void *timeout_ctx) 2702 { 2703 wpa_supplicant_event(timeout_ctx, EVENT_INTERFACE_DISABLED, NULL); 2704 } 2705 2706 2707 static void nl80211_del_p2pdev(struct i802_bss *bss) 2708 { 2709 struct nl_msg *msg; 2710 int ret; 2711 2712 msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_DEL_INTERFACE); 2713 ret = send_and_recv_msgs(bss->drv, msg, NULL, NULL, NULL, NULL); 2714 2715 wpa_printf(MSG_DEBUG, "nl80211: Delete P2P Device %s (0x%llx): %s", 2716 bss->ifname, (long long unsigned int) bss->wdev_id, 2717 strerror(-ret)); 2718 } 2719 2720 2721 static int nl80211_set_p2pdev(struct i802_bss *bss, int start) 2722 { 2723 struct nl_msg *msg; 2724 int ret; 2725 2726 msg = nl80211_cmd_msg(bss, 0, start ? NL80211_CMD_START_P2P_DEVICE : 2727 NL80211_CMD_STOP_P2P_DEVICE); 2728 ret = send_and_recv_msgs(bss->drv, msg, NULL, NULL, NULL, NULL); 2729 2730 wpa_printf(MSG_DEBUG, "nl80211: %s P2P Device %s (0x%llx): %s", 2731 start ? "Start" : "Stop", 2732 bss->ifname, (long long unsigned int) bss->wdev_id, 2733 strerror(-ret)); 2734 return ret; 2735 } 2736 2737 2738 static int i802_set_iface_flags(struct i802_bss *bss, int up) 2739 { 2740 enum nl80211_iftype nlmode; 2741 2742 nlmode = nl80211_get_ifmode(bss); 2743 if (nlmode != NL80211_IFTYPE_P2P_DEVICE) { 2744 return linux_set_iface_flags(bss->drv->global->ioctl_sock, 2745 bss->ifname, up); 2746 } 2747 2748 /* P2P Device has start/stop which is equivalent */ 2749 return nl80211_set_p2pdev(bss, up); 2750 } 2751 2752 2753 #ifdef CONFIG_TESTING_OPTIONS 2754 static int qca_vendor_test_cmd_handler(struct nl_msg *msg, void *arg) 2755 { 2756 /* struct wpa_driver_nl80211_data *drv = arg; */ 2757 struct nlattr *tb[NL80211_ATTR_MAX + 1]; 2758 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); 2759 2760 2761 wpa_printf(MSG_DEBUG, 2762 "nl80211: QCA vendor test command response received"); 2763 2764 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), 2765 genlmsg_attrlen(gnlh, 0), NULL); 2766 if (!tb[NL80211_ATTR_VENDOR_DATA]) { 2767 wpa_printf(MSG_DEBUG, "nl80211: No vendor data attribute"); 2768 return NL_SKIP; 2769 } 2770 2771 wpa_hexdump(MSG_DEBUG, 2772 "nl80211: Received QCA vendor test command response", 2773 nla_data(tb[NL80211_ATTR_VENDOR_DATA]), 2774 nla_len(tb[NL80211_ATTR_VENDOR_DATA])); 2775 2776 return NL_SKIP; 2777 } 2778 #endif /* CONFIG_TESTING_OPTIONS */ 2779 2780 2781 static void qca_vendor_test(struct wpa_driver_nl80211_data *drv) 2782 { 2783 #ifdef CONFIG_TESTING_OPTIONS 2784 struct nl_msg *msg; 2785 struct nlattr *params; 2786 int ret; 2787 2788 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) || 2789 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) || 2790 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD, 2791 QCA_NL80211_VENDOR_SUBCMD_TEST) || 2792 !(params = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) || 2793 nla_put_u32(msg, QCA_WLAN_VENDOR_ATTR_TEST, 123)) { 2794 nlmsg_free(msg); 2795 return; 2796 } 2797 nla_nest_end(msg, params); 2798 2799 ret = send_and_recv_msgs(drv, msg, qca_vendor_test_cmd_handler, drv, 2800 NULL, NULL); 2801 wpa_printf(MSG_DEBUG, 2802 "nl80211: QCA vendor test command returned %d (%s)", 2803 ret, strerror(-ret)); 2804 #endif /* CONFIG_TESTING_OPTIONS */ 2805 } 2806 2807 2808 static int 2809 wpa_driver_nl80211_finish_drv_init(struct wpa_driver_nl80211_data *drv, 2810 const u8 *set_addr, int first, 2811 const char *driver_params) 2812 { 2813 struct i802_bss *bss = drv->first_bss; 2814 int send_rfkill_event = 0; 2815 enum nl80211_iftype nlmode; 2816 2817 drv->ifindex = if_nametoindex(bss->ifname); 2818 bss->ifindex = drv->ifindex; 2819 bss->wdev_id = drv->global->if_add_wdevid; 2820 bss->wdev_id_set = drv->global->if_add_wdevid_set; 2821 2822 bss->if_dynamic = drv->ifindex == drv->global->if_add_ifindex; 2823 bss->if_dynamic = bss->if_dynamic || drv->global->if_add_wdevid_set; 2824 drv->global->if_add_wdevid_set = 0; 2825 2826 if (!bss->if_dynamic && nl80211_get_ifmode(bss) == NL80211_IFTYPE_AP) 2827 bss->static_ap = 1; 2828 2829 if (first && 2830 nl80211_get_ifmode(bss) != NL80211_IFTYPE_P2P_DEVICE && 2831 linux_iface_up(drv->global->ioctl_sock, bss->ifname) > 0) 2832 drv->start_iface_up = 1; 2833 2834 if (wpa_driver_nl80211_capa(drv)) 2835 return -1; 2836 2837 if (driver_params && nl80211_set_param(bss, driver_params) < 0) 2838 return -1; 2839 2840 wpa_printf(MSG_DEBUG, "nl80211: interface %s in phy %s", 2841 bss->ifname, drv->phyname); 2842 2843 if (set_addr && 2844 (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 0) || 2845 linux_set_ifhwaddr(drv->global->ioctl_sock, bss->ifname, 2846 set_addr))) 2847 return -1; 2848 2849 if (first && nl80211_get_ifmode(bss) == NL80211_IFTYPE_STATION) 2850 drv->start_mode_sta = 1; 2851 2852 if (drv->hostapd || bss->static_ap) 2853 nlmode = NL80211_IFTYPE_AP; 2854 else if (bss->if_dynamic || 2855 nl80211_get_ifmode(bss) == NL80211_IFTYPE_MESH_POINT) 2856 nlmode = nl80211_get_ifmode(bss); 2857 else 2858 nlmode = NL80211_IFTYPE_STATION; 2859 2860 if (wpa_driver_nl80211_set_mode(bss, nlmode) < 0) { 2861 wpa_printf(MSG_ERROR, "nl80211: Could not configure driver mode"); 2862 return -1; 2863 } 2864 2865 if (nlmode == NL80211_IFTYPE_P2P_DEVICE) 2866 nl80211_get_macaddr(bss); 2867 2868 wpa_driver_nl80211_drv_init_rfkill(drv); 2869 2870 if (!rfkill_is_blocked(drv->rfkill)) { 2871 int ret = i802_set_iface_flags(bss, 1); 2872 if (ret) { 2873 wpa_printf(MSG_ERROR, "nl80211: Could not set " 2874 "interface '%s' UP", bss->ifname); 2875 return ret; 2876 } 2877 2878 if (is_p2p_net_interface(nlmode)) 2879 nl80211_disable_11b_rates(bss->drv, 2880 bss->drv->ifindex, 1); 2881 2882 if (nlmode == NL80211_IFTYPE_P2P_DEVICE) 2883 return ret; 2884 } else { 2885 wpa_printf(MSG_DEBUG, "nl80211: Could not yet enable " 2886 "interface '%s' due to rfkill", bss->ifname); 2887 if (nlmode != NL80211_IFTYPE_P2P_DEVICE) 2888 drv->if_disabled = 1; 2889 2890 send_rfkill_event = 1; 2891 } 2892 2893 if (!drv->hostapd && nlmode != NL80211_IFTYPE_P2P_DEVICE) 2894 netlink_send_oper_ifla(drv->global->netlink, drv->ifindex, 2895 1, IF_OPER_DORMANT); 2896 2897 if (nlmode != NL80211_IFTYPE_P2P_DEVICE) { 2898 if (linux_get_ifhwaddr(drv->global->ioctl_sock, bss->ifname, 2899 bss->addr)) 2900 return -1; 2901 os_memcpy(drv->perm_addr, bss->addr, ETH_ALEN); 2902 } 2903 2904 if (send_rfkill_event) { 2905 eloop_register_timeout(0, 0, wpa_driver_nl80211_send_rfkill, 2906 drv, drv->ctx); 2907 } 2908 2909 if (drv->vendor_cmd_test_avail) 2910 qca_vendor_test(drv); 2911 2912 return 0; 2913 } 2914 2915 2916 static int wpa_driver_nl80211_del_beacon(struct i802_bss *bss) 2917 { 2918 struct nl_msg *msg; 2919 struct wpa_driver_nl80211_data *drv = bss->drv; 2920 2921 wpa_printf(MSG_DEBUG, "nl80211: Remove beacon (ifindex=%d)", 2922 drv->ifindex); 2923 nl80211_put_wiphy_data_ap(bss); 2924 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_DEL_BEACON); 2925 return send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); 2926 } 2927 2928 2929 /** 2930 * wpa_driver_nl80211_deinit - Deinitialize nl80211 driver interface 2931 * @bss: Pointer to private nl80211 data from wpa_driver_nl80211_init() 2932 * 2933 * Shut down driver interface and processing of driver events. Free 2934 * private data buffer if one was allocated in wpa_driver_nl80211_init(). 2935 */ 2936 static void wpa_driver_nl80211_deinit(struct i802_bss *bss) 2937 { 2938 struct wpa_driver_nl80211_data *drv = bss->drv; 2939 unsigned int i; 2940 2941 wpa_printf(MSG_INFO, "nl80211: deinit ifname=%s disabled_11b_rates=%d", 2942 bss->ifname, drv->disabled_11b_rates); 2943 2944 bss->in_deinit = 1; 2945 if (drv->data_tx_status) 2946 eloop_unregister_read_sock(drv->eapol_tx_sock); 2947 if (drv->eapol_tx_sock >= 0) 2948 close(drv->eapol_tx_sock); 2949 2950 if (bss->nl_preq) 2951 wpa_driver_nl80211_probe_req_report(bss, 0); 2952 if (bss->added_if_into_bridge) { 2953 if (linux_br_del_if(drv->global->ioctl_sock, bss->brname, 2954 bss->ifname) < 0) 2955 wpa_printf(MSG_INFO, "nl80211: Failed to remove " 2956 "interface %s from bridge %s: %s", 2957 bss->ifname, bss->brname, strerror(errno)); 2958 } 2959 2960 if (drv->rtnl_sk) 2961 nl_socket_free(drv->rtnl_sk); 2962 2963 if (bss->added_bridge) { 2964 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->brname, 2965 0) < 0) 2966 wpa_printf(MSG_INFO, 2967 "nl80211: Could not set bridge %s down", 2968 bss->brname); 2969 if (linux_br_del(drv->global->ioctl_sock, bss->brname) < 0) 2970 wpa_printf(MSG_INFO, "nl80211: Failed to remove " 2971 "bridge %s: %s", 2972 bss->brname, strerror(errno)); 2973 } 2974 2975 nl80211_remove_monitor_interface(drv); 2976 2977 if (is_ap_interface(drv->nlmode)) 2978 wpa_driver_nl80211_del_beacon(bss); 2979 2980 if (drv->eapol_sock >= 0) { 2981 eloop_unregister_read_sock(drv->eapol_sock); 2982 close(drv->eapol_sock); 2983 } 2984 2985 if (drv->if_indices != drv->default_if_indices) 2986 os_free(drv->if_indices); 2987 2988 if (drv->disabled_11b_rates) 2989 nl80211_disable_11b_rates(drv, drv->ifindex, 0); 2990 2991 netlink_send_oper_ifla(drv->global->netlink, drv->ifindex, 0, 2992 IF_OPER_UP); 2993 eloop_cancel_timeout(wpa_driver_nl80211_send_rfkill, drv, drv->ctx); 2994 rfkill_deinit(drv->rfkill); 2995 2996 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv, drv->ctx); 2997 2998 if (!drv->start_iface_up) 2999 (void) i802_set_iface_flags(bss, 0); 3000 3001 if (drv->addr_changed) { 3002 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 3003 0) < 0) { 3004 wpa_printf(MSG_DEBUG, 3005 "nl80211: Could not set interface down to restore permanent MAC address"); 3006 } 3007 if (linux_set_ifhwaddr(drv->global->ioctl_sock, bss->ifname, 3008 drv->perm_addr) < 0) { 3009 wpa_printf(MSG_DEBUG, 3010 "nl80211: Could not restore permanent MAC address"); 3011 } 3012 } 3013 3014 if (drv->nlmode != NL80211_IFTYPE_P2P_DEVICE) { 3015 if (drv->start_mode_sta) 3016 wpa_driver_nl80211_set_mode(bss, 3017 NL80211_IFTYPE_STATION); 3018 nl80211_mgmt_unsubscribe(bss, "deinit"); 3019 } else { 3020 nl80211_mgmt_unsubscribe(bss, "deinit"); 3021 nl80211_del_p2pdev(bss); 3022 } 3023 3024 nl80211_destroy_bss(drv->first_bss); 3025 3026 os_free(drv->filter_ssids); 3027 3028 os_free(drv->auth_ie); 3029 os_free(drv->auth_data); 3030 3031 if (drv->in_interface_list) 3032 dl_list_del(&drv->list); 3033 3034 os_free(drv->extended_capa); 3035 os_free(drv->extended_capa_mask); 3036 for (i = 0; i < drv->num_iface_ext_capa; i++) { 3037 os_free(drv->iface_ext_capa[i].ext_capa); 3038 os_free(drv->iface_ext_capa[i].ext_capa_mask); 3039 } 3040 os_free(drv->first_bss); 3041 #ifdef CONFIG_DRIVER_NL80211_QCA 3042 os_free(drv->pending_roam_data); 3043 #endif /* CONFIG_DRIVER_NL80211_QCA */ 3044 os_free(drv); 3045 } 3046 3047 3048 static u32 wpa_alg_to_cipher_suite(enum wpa_alg alg, size_t key_len) 3049 { 3050 switch (alg) { 3051 case WPA_ALG_WEP: 3052 if (key_len == 5) 3053 return RSN_CIPHER_SUITE_WEP40; 3054 return RSN_CIPHER_SUITE_WEP104; 3055 case WPA_ALG_TKIP: 3056 return RSN_CIPHER_SUITE_TKIP; 3057 case WPA_ALG_CCMP: 3058 return RSN_CIPHER_SUITE_CCMP; 3059 case WPA_ALG_GCMP: 3060 return RSN_CIPHER_SUITE_GCMP; 3061 case WPA_ALG_CCMP_256: 3062 return RSN_CIPHER_SUITE_CCMP_256; 3063 case WPA_ALG_GCMP_256: 3064 return RSN_CIPHER_SUITE_GCMP_256; 3065 case WPA_ALG_BIP_CMAC_128: 3066 return RSN_CIPHER_SUITE_AES_128_CMAC; 3067 case WPA_ALG_BIP_GMAC_128: 3068 return RSN_CIPHER_SUITE_BIP_GMAC_128; 3069 case WPA_ALG_BIP_GMAC_256: 3070 return RSN_CIPHER_SUITE_BIP_GMAC_256; 3071 case WPA_ALG_BIP_CMAC_256: 3072 return RSN_CIPHER_SUITE_BIP_CMAC_256; 3073 case WPA_ALG_SMS4: 3074 return RSN_CIPHER_SUITE_SMS4; 3075 case WPA_ALG_KRK: 3076 return RSN_CIPHER_SUITE_KRK; 3077 case WPA_ALG_NONE: 3078 wpa_printf(MSG_ERROR, "nl80211: Unexpected encryption algorithm %d", 3079 alg); 3080 return 0; 3081 } 3082 3083 wpa_printf(MSG_ERROR, "nl80211: Unsupported encryption algorithm %d", 3084 alg); 3085 return 0; 3086 } 3087 3088 3089 static u32 wpa_cipher_to_cipher_suite(unsigned int cipher) 3090 { 3091 switch (cipher) { 3092 case WPA_CIPHER_CCMP_256: 3093 return RSN_CIPHER_SUITE_CCMP_256; 3094 case WPA_CIPHER_GCMP_256: 3095 return RSN_CIPHER_SUITE_GCMP_256; 3096 case WPA_CIPHER_CCMP: 3097 return RSN_CIPHER_SUITE_CCMP; 3098 case WPA_CIPHER_GCMP: 3099 return RSN_CIPHER_SUITE_GCMP; 3100 case WPA_CIPHER_TKIP: 3101 return RSN_CIPHER_SUITE_TKIP; 3102 case WPA_CIPHER_WEP104: 3103 return RSN_CIPHER_SUITE_WEP104; 3104 case WPA_CIPHER_WEP40: 3105 return RSN_CIPHER_SUITE_WEP40; 3106 case WPA_CIPHER_GTK_NOT_USED: 3107 return RSN_CIPHER_SUITE_NO_GROUP_ADDRESSED; 3108 } 3109 3110 return 0; 3111 } 3112 3113 3114 static int wpa_cipher_to_cipher_suites(unsigned int ciphers, u32 suites[], 3115 int max_suites) 3116 { 3117 int num_suites = 0; 3118 3119 if (num_suites < max_suites && ciphers & WPA_CIPHER_CCMP_256) 3120 suites[num_suites++] = RSN_CIPHER_SUITE_CCMP_256; 3121 if (num_suites < max_suites && ciphers & WPA_CIPHER_GCMP_256) 3122 suites[num_suites++] = RSN_CIPHER_SUITE_GCMP_256; 3123 if (num_suites < max_suites && ciphers & WPA_CIPHER_CCMP) 3124 suites[num_suites++] = RSN_CIPHER_SUITE_CCMP; 3125 if (num_suites < max_suites && ciphers & WPA_CIPHER_GCMP) 3126 suites[num_suites++] = RSN_CIPHER_SUITE_GCMP; 3127 if (num_suites < max_suites && ciphers & WPA_CIPHER_TKIP) 3128 suites[num_suites++] = RSN_CIPHER_SUITE_TKIP; 3129 if (num_suites < max_suites && ciphers & WPA_CIPHER_WEP104) 3130 suites[num_suites++] = RSN_CIPHER_SUITE_WEP104; 3131 if (num_suites < max_suites && ciphers & WPA_CIPHER_WEP40) 3132 suites[num_suites++] = RSN_CIPHER_SUITE_WEP40; 3133 3134 return num_suites; 3135 } 3136 3137 3138 static int wpa_key_mgmt_to_suites(unsigned int key_mgmt_suites, u32 suites[], 3139 int max_suites) 3140 { 3141 int num_suites = 0; 3142 3143 #define __AKM(a, b) \ 3144 if (num_suites < max_suites && \ 3145 (key_mgmt_suites & (WPA_KEY_MGMT_ ## a))) \ 3146 suites[num_suites++] = (RSN_AUTH_KEY_MGMT_ ## b) 3147 __AKM(IEEE8021X, UNSPEC_802_1X); 3148 __AKM(PSK, PSK_OVER_802_1X); 3149 __AKM(FT_IEEE8021X, FT_802_1X); 3150 __AKM(FT_PSK, FT_PSK); 3151 __AKM(IEEE8021X_SHA256, 802_1X_SHA256); 3152 __AKM(PSK_SHA256, PSK_SHA256); 3153 __AKM(SAE, SAE); 3154 __AKM(FT_SAE, FT_SAE); 3155 __AKM(CCKM, CCKM); 3156 __AKM(OSEN, OSEN); 3157 __AKM(IEEE8021X_SUITE_B, 802_1X_SUITE_B); 3158 __AKM(IEEE8021X_SUITE_B_192, 802_1X_SUITE_B_192); 3159 __AKM(FILS_SHA256, FILS_SHA256); 3160 __AKM(FILS_SHA384, FILS_SHA384); 3161 __AKM(FT_FILS_SHA256, FT_FILS_SHA256); 3162 __AKM(FT_FILS_SHA384, FT_FILS_SHA384); 3163 __AKM(OWE, OWE); 3164 __AKM(DPP, DPP); 3165 __AKM(FT_IEEE8021X_SHA384, FT_802_1X_SHA384); 3166 #undef __AKM 3167 3168 return num_suites; 3169 } 3170 3171 3172 #ifdef CONFIG_DRIVER_NL80211_QCA 3173 static int issue_key_mgmt_set_key(struct wpa_driver_nl80211_data *drv, 3174 const u8 *key, size_t key_len) 3175 { 3176 struct nl_msg *msg; 3177 int ret; 3178 3179 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_KEY_MGMT_OFFLOAD)) 3180 return 0; 3181 3182 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) || 3183 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) || 3184 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD, 3185 QCA_NL80211_VENDOR_SUBCMD_KEY_MGMT_SET_KEY) || 3186 nla_put(msg, NL80211_ATTR_VENDOR_DATA, key_len, key)) { 3187 nl80211_nlmsg_clear(msg); 3188 nlmsg_free(msg); 3189 return -1; 3190 } 3191 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); 3192 if (ret) { 3193 wpa_printf(MSG_DEBUG, 3194 "nl80211: Key management set key failed: ret=%d (%s)", 3195 ret, strerror(-ret)); 3196 } 3197 3198 return ret; 3199 } 3200 #endif /* CONFIG_DRIVER_NL80211_QCA */ 3201 3202 3203 static int nl80211_set_pmk(struct wpa_driver_nl80211_data *drv, 3204 const u8 *key, size_t key_len, 3205 const u8 *addr) 3206 { 3207 struct nl_msg *msg = NULL; 3208 int ret; 3209 3210 /* 3211 * If the authenticator address is not set, assume it is 3212 * the current BSSID. 3213 */ 3214 if (!addr && drv->associated) 3215 addr = drv->bssid; 3216 else if (!addr) 3217 return -1; 3218 3219 wpa_printf(MSG_DEBUG, "nl80211: Set PMK to the driver for " MACSTR, 3220 MAC2STR(addr)); 3221 wpa_hexdump_key(MSG_DEBUG, "nl80211: PMK", key, key_len); 3222 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_SET_PMK); 3223 if (!msg || 3224 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr) || 3225 nla_put(msg, NL80211_ATTR_PMK, key_len, key)) { 3226 nl80211_nlmsg_clear(msg); 3227 nlmsg_free(msg); 3228 return -ENOBUFS; 3229 } 3230 3231 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); 3232 if (ret) { 3233 wpa_printf(MSG_DEBUG, "nl80211: Set PMK failed: ret=%d (%s)", 3234 ret, strerror(-ret)); 3235 } 3236 3237 return ret; 3238 } 3239 3240 3241 static int wpa_driver_nl80211_set_key(struct i802_bss *bss, 3242 struct wpa_driver_set_key_params *params) 3243 { 3244 struct wpa_driver_nl80211_data *drv = bss->drv; 3245 int ifindex; 3246 struct nl_msg *msg; 3247 struct nl_msg *key_msg; 3248 int ret; 3249 int skip_set_key = 1; 3250 const char *ifname = params->ifname; 3251 enum wpa_alg alg = params->alg; 3252 const u8 *addr = params->addr; 3253 int key_idx = params->key_idx; 3254 int set_tx = params->set_tx; 3255 const u8 *seq = params->seq; 3256 size_t seq_len = params->seq_len; 3257 const u8 *key = params->key; 3258 size_t key_len = params->key_len; 3259 int vlan_id = params->vlan_id; 3260 enum key_flag key_flag = params->key_flag; 3261 3262 /* Ignore for P2P Device */ 3263 if (drv->nlmode == NL80211_IFTYPE_P2P_DEVICE) 3264 return 0; 3265 3266 ifindex = if_nametoindex(ifname); 3267 wpa_printf(MSG_DEBUG, "%s: ifindex=%d (%s) alg=%d addr=%p key_idx=%d " 3268 "set_tx=%d seq_len=%lu key_len=%lu key_flag=0x%x", 3269 __func__, ifindex, ifname, alg, addr, key_idx, set_tx, 3270 (unsigned long) seq_len, (unsigned long) key_len, key_flag); 3271 3272 if (check_key_flag(key_flag)) { 3273 wpa_printf(MSG_DEBUG, "%s: invalid key_flag", __func__); 3274 return -EINVAL; 3275 } 3276 3277 #ifdef CONFIG_DRIVER_NL80211_QCA 3278 if ((key_flag & KEY_FLAG_PMK) && 3279 (drv->capa.flags & WPA_DRIVER_FLAGS_KEY_MGMT_OFFLOAD)) { 3280 wpa_printf(MSG_DEBUG, "%s: calling issue_key_mgmt_set_key", 3281 __func__); 3282 ret = issue_key_mgmt_set_key(drv, key, key_len); 3283 return ret; 3284 } 3285 #endif /* CONFIG_DRIVER_NL80211_QCA */ 3286 3287 if (key_flag & KEY_FLAG_PMK) { 3288 if (drv->capa.flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X) 3289 return nl80211_set_pmk(drv, key, key_len, addr); 3290 /* The driver does not have any offload mechanism for PMK, so 3291 * there is no need to configure this key. */ 3292 return 0; 3293 } 3294 3295 ret = -ENOBUFS; 3296 key_msg = nlmsg_alloc(); 3297 if (!key_msg) 3298 return ret; 3299 3300 if ((key_flag & KEY_FLAG_PAIRWISE_MASK) == 3301 KEY_FLAG_PAIRWISE_RX_TX_MODIFY) { 3302 wpa_printf(MSG_DEBUG, 3303 "nl80211: SET_KEY (pairwise RX/TX modify)"); 3304 msg = nl80211_ifindex_msg(drv, ifindex, 0, NL80211_CMD_SET_KEY); 3305 if (!msg) 3306 goto fail2; 3307 } else if (alg == WPA_ALG_NONE && (key_flag & KEY_FLAG_RX_TX)) { 3308 wpa_printf(MSG_DEBUG, "%s: invalid key_flag to delete key", 3309 __func__); 3310 ret = -EINVAL; 3311 goto fail2; 3312 } else if (alg == WPA_ALG_NONE) { 3313 wpa_printf(MSG_DEBUG, "nl80211: DEL_KEY"); 3314 msg = nl80211_ifindex_msg(drv, ifindex, 0, NL80211_CMD_DEL_KEY); 3315 if (!msg) 3316 goto fail2; 3317 } else { 3318 u32 suite; 3319 3320 suite = wpa_alg_to_cipher_suite(alg, key_len); 3321 if (!suite) { 3322 ret = -EINVAL; 3323 goto fail2; 3324 } 3325 wpa_printf(MSG_DEBUG, "nl80211: NEW_KEY"); 3326 msg = nl80211_ifindex_msg(drv, ifindex, 0, NL80211_CMD_NEW_KEY); 3327 if (!msg) 3328 goto fail2; 3329 if (nla_put(key_msg, NL80211_KEY_DATA, key_len, key) || 3330 nla_put_u32(key_msg, NL80211_KEY_CIPHER, suite)) 3331 goto fail; 3332 wpa_hexdump_key(MSG_DEBUG, "nl80211: KEY_DATA", key, key_len); 3333 3334 if (seq && seq_len) { 3335 if (nla_put(key_msg, NL80211_KEY_SEQ, seq_len, seq)) 3336 goto fail; 3337 wpa_hexdump(MSG_DEBUG, "nl80211: KEY_SEQ", 3338 seq, seq_len); 3339 } 3340 } 3341 3342 if (addr && !is_broadcast_ether_addr(addr)) { 3343 wpa_printf(MSG_DEBUG, " addr=" MACSTR, MAC2STR(addr)); 3344 if (nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) 3345 goto fail; 3346 3347 if ((key_flag & KEY_FLAG_PAIRWISE_MASK) == 3348 KEY_FLAG_PAIRWISE_RX || 3349 (key_flag & KEY_FLAG_PAIRWISE_MASK) == 3350 KEY_FLAG_PAIRWISE_RX_TX_MODIFY) { 3351 if (nla_put_u8(key_msg, NL80211_KEY_MODE, 3352 key_flag == KEY_FLAG_PAIRWISE_RX ? 3353 NL80211_KEY_NO_TX : NL80211_KEY_SET_TX)) 3354 goto fail; 3355 } else if ((key_flag & KEY_FLAG_GROUP_MASK) == 3356 KEY_FLAG_GROUP_RX) { 3357 wpa_printf(MSG_DEBUG, " RSN IBSS RX GTK"); 3358 if (nla_put_u32(key_msg, NL80211_KEY_TYPE, 3359 NL80211_KEYTYPE_GROUP)) 3360 goto fail; 3361 } else if (!(key_flag & KEY_FLAG_PAIRWISE)) { 3362 wpa_printf(MSG_DEBUG, 3363 " key_flag missing PAIRWISE when setting a pairwise key"); 3364 ret = -EINVAL; 3365 goto fail; 3366 } else if (alg == WPA_ALG_WEP && 3367 (key_flag & KEY_FLAG_RX_TX) == KEY_FLAG_RX_TX) { 3368 wpa_printf(MSG_DEBUG, " unicast WEP key"); 3369 skip_set_key = 0; 3370 } else { 3371 wpa_printf(MSG_DEBUG, " pairwise key"); 3372 } 3373 } else if ((key_flag & KEY_FLAG_PAIRWISE) || 3374 !(key_flag & KEY_FLAG_GROUP)) { 3375 wpa_printf(MSG_DEBUG, 3376 " invalid key_flag for a broadcast key"); 3377 ret = -EINVAL; 3378 goto fail; 3379 } else { 3380 wpa_printf(MSG_DEBUG, " broadcast key"); 3381 if (key_flag & KEY_FLAG_DEFAULT) 3382 skip_set_key = 0; 3383 } 3384 if (nla_put_u8(key_msg, NL80211_KEY_IDX, key_idx) || 3385 nla_put_nested(msg, NL80211_ATTR_KEY, key_msg)) 3386 goto fail; 3387 nl80211_nlmsg_clear(key_msg); 3388 nlmsg_free(key_msg); 3389 key_msg = NULL; 3390 3391 if (vlan_id && (drv->capa.flags & WPA_DRIVER_FLAGS_VLAN_OFFLOAD)) { 3392 wpa_printf(MSG_DEBUG, "nl80211: VLAN ID %d", vlan_id); 3393 if (nla_put_u16(msg, NL80211_ATTR_VLAN_ID, vlan_id)) 3394 goto fail; 3395 } 3396 3397 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); 3398 if ((ret == -ENOENT || ret == -ENOLINK) && alg == WPA_ALG_NONE) 3399 ret = 0; 3400 if (ret) 3401 wpa_printf(MSG_DEBUG, "nl80211: set_key failed; err=%d %s", 3402 ret, strerror(-ret)); 3403 3404 /* 3405 * If we failed or don't need to set the key as default (below), 3406 * we're done here. 3407 */ 3408 if (ret || skip_set_key) 3409 return ret; 3410 wpa_printf(MSG_DEBUG, "nl80211: NL80211_CMD_SET_KEY - default key"); 3411 3412 ret = -ENOBUFS; 3413 key_msg = nlmsg_alloc(); 3414 if (!key_msg) 3415 return ret; 3416 3417 msg = nl80211_ifindex_msg(drv, ifindex, 0, NL80211_CMD_SET_KEY); 3418 if (!msg) 3419 goto fail2; 3420 if (!key_msg || 3421 nla_put_u8(key_msg, NL80211_KEY_IDX, key_idx) || 3422 nla_put_flag(key_msg, wpa_alg_bip(alg) ? 3423 (key_idx == 6 || key_idx == 7 ? 3424 NL80211_KEY_DEFAULT_BEACON : 3425 NL80211_KEY_DEFAULT_MGMT) : 3426 NL80211_KEY_DEFAULT)) 3427 goto fail; 3428 if (addr && is_broadcast_ether_addr(addr)) { 3429 struct nlattr *types; 3430 3431 types = nla_nest_start(key_msg, NL80211_KEY_DEFAULT_TYPES); 3432 if (!types || 3433 nla_put_flag(key_msg, NL80211_KEY_DEFAULT_TYPE_MULTICAST)) 3434 goto fail; 3435 nla_nest_end(key_msg, types); 3436 } else if (addr) { 3437 struct nlattr *types; 3438 3439 types = nla_nest_start(key_msg, NL80211_KEY_DEFAULT_TYPES); 3440 if (!types || 3441 nla_put_flag(key_msg, NL80211_KEY_DEFAULT_TYPE_UNICAST)) 3442 goto fail; 3443 nla_nest_end(key_msg, types); 3444 } 3445 3446 if (nla_put_nested(msg, NL80211_ATTR_KEY, key_msg)) 3447 goto fail; 3448 nl80211_nlmsg_clear(key_msg); 3449 nlmsg_free(key_msg); 3450 key_msg = NULL; 3451 3452 if (vlan_id && (drv->capa.flags & WPA_DRIVER_FLAGS_VLAN_OFFLOAD)) { 3453 wpa_printf(MSG_DEBUG, "nl80211: set_key default - VLAN ID %d", 3454 vlan_id); 3455 if (nla_put_u16(msg, NL80211_ATTR_VLAN_ID, vlan_id)) 3456 goto fail; 3457 } 3458 3459 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); 3460 if (ret) 3461 wpa_printf(MSG_DEBUG, 3462 "nl80211: set_key default failed; err=%d %s", 3463 ret, strerror(-ret)); 3464 return ret; 3465 3466 fail: 3467 nl80211_nlmsg_clear(msg); 3468 nlmsg_free(msg); 3469 fail2: 3470 nl80211_nlmsg_clear(key_msg); 3471 nlmsg_free(key_msg); 3472 return ret; 3473 } 3474 3475 3476 static int nl_add_key(struct nl_msg *msg, enum wpa_alg alg, 3477 int key_idx, int defkey, 3478 const u8 *seq, size_t seq_len, 3479 const u8 *key, size_t key_len) 3480 { 3481 struct nlattr *key_attr = nla_nest_start(msg, NL80211_ATTR_KEY); 3482 u32 suite; 3483 3484 if (!key_attr) 3485 return -1; 3486 3487 suite = wpa_alg_to_cipher_suite(alg, key_len); 3488 if (!suite) 3489 return -1; 3490 3491 if (defkey && wpa_alg_bip(alg)) { 3492 if (nla_put_flag(msg, NL80211_KEY_DEFAULT_MGMT)) 3493 return -1; 3494 } else if (defkey) { 3495 if (nla_put_flag(msg, NL80211_KEY_DEFAULT)) 3496 return -1; 3497 } 3498 3499 if (nla_put_u8(msg, NL80211_KEY_IDX, key_idx) || 3500 nla_put_u32(msg, NL80211_KEY_CIPHER, suite) || 3501 (seq && seq_len && 3502 nla_put(msg, NL80211_KEY_SEQ, seq_len, seq)) || 3503 nla_put(msg, NL80211_KEY_DATA, key_len, key)) 3504 return -1; 3505 3506 nla_nest_end(msg, key_attr); 3507 3508 return 0; 3509 } 3510 3511 3512 static int nl80211_set_conn_keys(struct wpa_driver_associate_params *params, 3513 struct nl_msg *msg) 3514 { 3515 int i, privacy = 0; 3516 struct nlattr *nl_keys, *nl_key; 3517 3518 for (i = 0; i < 4; i++) { 3519 if (!params->wep_key[i]) 3520 continue; 3521 privacy = 1; 3522 break; 3523 } 3524 if (params->wps == WPS_MODE_PRIVACY) 3525 privacy = 1; 3526 if (params->pairwise_suite && 3527 params->pairwise_suite != WPA_CIPHER_NONE) 3528 privacy = 1; 3529 3530 if (!privacy) 3531 return 0; 3532 3533 if (nla_put_flag(msg, NL80211_ATTR_PRIVACY)) 3534 return -ENOBUFS; 3535 3536 nl_keys = nla_nest_start(msg, NL80211_ATTR_KEYS); 3537 if (!nl_keys) 3538 return -ENOBUFS; 3539 3540 for (i = 0; i < 4; i++) { 3541 if (!params->wep_key[i]) 3542 continue; 3543 3544 nl_key = nla_nest_start(msg, i); 3545 if (!nl_key || 3546 nla_put(msg, NL80211_KEY_DATA, params->wep_key_len[i], 3547 params->wep_key[i]) || 3548 nla_put_u32(msg, NL80211_KEY_CIPHER, 3549 params->wep_key_len[i] == 5 ? 3550 RSN_CIPHER_SUITE_WEP40 : 3551 RSN_CIPHER_SUITE_WEP104) || 3552 nla_put_u8(msg, NL80211_KEY_IDX, i) || 3553 (i == params->wep_tx_keyidx && 3554 nla_put_flag(msg, NL80211_KEY_DEFAULT))) 3555 return -ENOBUFS; 3556 3557 nla_nest_end(msg, nl_key); 3558 } 3559 nla_nest_end(msg, nl_keys); 3560 3561 return 0; 3562 } 3563 3564 3565 int wpa_driver_nl80211_mlme(struct wpa_driver_nl80211_data *drv, 3566 const u8 *addr, int cmd, u16 reason_code, 3567 int local_state_change, 3568 struct i802_bss *bss) 3569 { 3570 int ret; 3571 struct nl_msg *msg; 3572 struct nl_sock *nl_connect = get_connect_handle(bss); 3573 3574 if (!(msg = nl80211_drv_msg(drv, 0, cmd)) || 3575 nla_put_u16(msg, NL80211_ATTR_REASON_CODE, reason_code) || 3576 (addr && nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) || 3577 (local_state_change && 3578 nla_put_flag(msg, NL80211_ATTR_LOCAL_STATE_CHANGE))) { 3579 nlmsg_free(msg); 3580 return -1; 3581 } 3582 3583 if (nl_connect) 3584 ret = send_and_recv(drv->global, nl_connect, msg, 3585 process_bss_event, bss, NULL, NULL); 3586 else 3587 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); 3588 if (ret) { 3589 wpa_dbg(drv->ctx, MSG_DEBUG, 3590 "nl80211: MLME command failed: reason=%u ret=%d (%s)", 3591 reason_code, ret, strerror(-ret)); 3592 } 3593 return ret; 3594 } 3595 3596 3597 static int wpa_driver_nl80211_disconnect(struct wpa_driver_nl80211_data *drv, 3598 u16 reason_code, 3599 struct i802_bss *bss) 3600 { 3601 int ret; 3602 int drv_associated = drv->associated; 3603 3604 wpa_printf(MSG_DEBUG, "%s(reason_code=%d)", __func__, reason_code); 3605 nl80211_mark_disconnected(drv); 3606 /* Disconnect command doesn't need BSSID - it uses cached value */ 3607 ret = wpa_driver_nl80211_mlme(drv, NULL, NL80211_CMD_DISCONNECT, 3608 reason_code, 0, bss); 3609 /* 3610 * For locally generated disconnect, supplicant already generates a 3611 * DEAUTH event, so ignore the event from NL80211. 3612 */ 3613 drv->ignore_next_local_disconnect = drv_associated && (ret == 0); 3614 3615 return ret; 3616 } 3617 3618 3619 static int wpa_driver_nl80211_deauthenticate(struct i802_bss *bss, 3620 const u8 *addr, u16 reason_code) 3621 { 3622 struct wpa_driver_nl80211_data *drv = bss->drv; 3623 int ret; 3624 int drv_associated = drv->associated; 3625 3626 if (drv->nlmode == NL80211_IFTYPE_ADHOC) { 3627 nl80211_mark_disconnected(drv); 3628 return nl80211_leave_ibss(drv, 1); 3629 } 3630 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME)) { 3631 return wpa_driver_nl80211_disconnect(drv, reason_code, bss); 3632 } 3633 wpa_printf(MSG_DEBUG, "%s(addr=" MACSTR " reason_code=%d)", 3634 __func__, MAC2STR(addr), reason_code); 3635 nl80211_mark_disconnected(drv); 3636 ret = wpa_driver_nl80211_mlme(drv, addr, NL80211_CMD_DEAUTHENTICATE, 3637 reason_code, 0, bss); 3638 /* 3639 * For locally generated deauthenticate, supplicant already generates a 3640 * DEAUTH event, so ignore the event from NL80211. 3641 */ 3642 drv->ignore_next_local_deauth = drv_associated && (ret == 0); 3643 3644 return ret; 3645 } 3646 3647 3648 static void nl80211_copy_auth_params(struct wpa_driver_nl80211_data *drv, 3649 struct wpa_driver_auth_params *params) 3650 { 3651 int i; 3652 3653 drv->auth_freq = params->freq; 3654 drv->auth_alg = params->auth_alg; 3655 drv->auth_wep_tx_keyidx = params->wep_tx_keyidx; 3656 drv->auth_local_state_change = params->local_state_change; 3657 drv->auth_p2p = params->p2p; 3658 3659 if (params->bssid) 3660 os_memcpy(drv->auth_bssid_, params->bssid, ETH_ALEN); 3661 else 3662 os_memset(drv->auth_bssid_, 0, ETH_ALEN); 3663 3664 if (params->ssid) { 3665 os_memcpy(drv->auth_ssid, params->ssid, params->ssid_len); 3666 drv->auth_ssid_len = params->ssid_len; 3667 } else 3668 drv->auth_ssid_len = 0; 3669 3670 3671 os_free(drv->auth_ie); 3672 drv->auth_ie = NULL; 3673 drv->auth_ie_len = 0; 3674 if (params->ie) { 3675 drv->auth_ie = os_malloc(params->ie_len); 3676 if (drv->auth_ie) { 3677 os_memcpy(drv->auth_ie, params->ie, params->ie_len); 3678 drv->auth_ie_len = params->ie_len; 3679 } 3680 } 3681 3682 os_free(drv->auth_data); 3683 drv->auth_data = NULL; 3684 drv->auth_data_len = 0; 3685 if (params->auth_data) { 3686 drv->auth_data = os_memdup(params->auth_data, 3687 params->auth_data_len); 3688 if (drv->auth_data) 3689 drv->auth_data_len = params->auth_data_len; 3690 } 3691 3692 for (i = 0; i < 4; i++) { 3693 if (params->wep_key[i] && params->wep_key_len[i] && 3694 params->wep_key_len[i] <= 16) { 3695 os_memcpy(drv->auth_wep_key[i], params->wep_key[i], 3696 params->wep_key_len[i]); 3697 drv->auth_wep_key_len[i] = params->wep_key_len[i]; 3698 } else 3699 drv->auth_wep_key_len[i] = 0; 3700 } 3701 } 3702 3703 3704 static void nl80211_unmask_11b_rates(struct i802_bss *bss) 3705 { 3706 struct wpa_driver_nl80211_data *drv = bss->drv; 3707 3708 if (is_p2p_net_interface(drv->nlmode) || !drv->disabled_11b_rates) 3709 return; 3710 3711 /* 3712 * Looks like we failed to unmask 11b rates previously. This could 3713 * happen, e.g., if the interface was down at the point in time when a 3714 * P2P group was terminated. 3715 */ 3716 wpa_printf(MSG_DEBUG, 3717 "nl80211: Interface %s mode is for non-P2P, but 11b rates were disabled - re-enable them", 3718 bss->ifname); 3719 nl80211_disable_11b_rates(drv, drv->ifindex, 0); 3720 } 3721 3722 3723 static enum nl80211_auth_type get_nl_auth_type(int wpa_auth_alg) 3724 { 3725 if (wpa_auth_alg & WPA_AUTH_ALG_OPEN) 3726 return NL80211_AUTHTYPE_OPEN_SYSTEM; 3727 if (wpa_auth_alg & WPA_AUTH_ALG_SHARED) 3728 return NL80211_AUTHTYPE_SHARED_KEY; 3729 if (wpa_auth_alg & WPA_AUTH_ALG_LEAP) 3730 return NL80211_AUTHTYPE_NETWORK_EAP; 3731 if (wpa_auth_alg & WPA_AUTH_ALG_FT) 3732 return NL80211_AUTHTYPE_FT; 3733 if (wpa_auth_alg & WPA_AUTH_ALG_SAE) 3734 return NL80211_AUTHTYPE_SAE; 3735 if (wpa_auth_alg & WPA_AUTH_ALG_FILS) 3736 return NL80211_AUTHTYPE_FILS_SK; 3737 if (wpa_auth_alg & WPA_AUTH_ALG_FILS_SK_PFS) 3738 return NL80211_AUTHTYPE_FILS_SK_PFS; 3739 3740 return NL80211_AUTHTYPE_MAX; 3741 } 3742 3743 3744 static int wpa_driver_nl80211_authenticate( 3745 struct i802_bss *bss, struct wpa_driver_auth_params *params) 3746 { 3747 struct wpa_driver_nl80211_data *drv = bss->drv; 3748 int ret = -1, i; 3749 struct nl_msg *msg; 3750 enum nl80211_auth_type type; 3751 enum nl80211_iftype nlmode; 3752 int count = 0; 3753 int is_retry; 3754 struct wpa_driver_set_key_params p; 3755 3756 nl80211_unmask_11b_rates(bss); 3757 3758 is_retry = drv->retry_auth; 3759 drv->retry_auth = 0; 3760 drv->ignore_deauth_event = 0; 3761 3762 nl80211_mark_disconnected(drv); 3763 os_memset(drv->auth_bssid, 0, ETH_ALEN); 3764 if (params->bssid) 3765 os_memcpy(drv->auth_attempt_bssid, params->bssid, ETH_ALEN); 3766 else 3767 os_memset(drv->auth_attempt_bssid, 0, ETH_ALEN); 3768 /* FIX: IBSS mode */ 3769 nlmode = params->p2p ? 3770 NL80211_IFTYPE_P2P_CLIENT : NL80211_IFTYPE_STATION; 3771 if (drv->nlmode != nlmode && 3772 wpa_driver_nl80211_set_mode(bss, nlmode) < 0) 3773 return -1; 3774 3775 retry: 3776 wpa_printf(MSG_DEBUG, "nl80211: Authenticate (ifindex=%d)", 3777 drv->ifindex); 3778 3779 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_AUTHENTICATE); 3780 if (!msg) 3781 goto fail; 3782 3783 os_memset(&p, 0, sizeof(p)); 3784 p.ifname = bss->ifname; 3785 p.alg = WPA_ALG_WEP; 3786 for (i = 0; i < 4; i++) { 3787 if (!params->wep_key[i]) 3788 continue; 3789 p.key_idx = i; 3790 p.set_tx = i == params->wep_tx_keyidx; 3791 p.key = params->wep_key[i]; 3792 p.key_len = params->wep_key_len[i]; 3793 p.key_flag = i == params->wep_tx_keyidx ? 3794 KEY_FLAG_GROUP_RX_TX_DEFAULT : 3795 KEY_FLAG_GROUP_RX_TX; 3796 wpa_driver_nl80211_set_key(bss, &p); 3797 if (params->wep_tx_keyidx != i) 3798 continue; 3799 if (nl_add_key(msg, WPA_ALG_WEP, i, 1, NULL, 0, 3800 params->wep_key[i], params->wep_key_len[i])) 3801 goto fail; 3802 } 3803 3804 if (params->bssid) { 3805 wpa_printf(MSG_DEBUG, " * bssid=" MACSTR, 3806 MAC2STR(params->bssid)); 3807 if (nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid)) 3808 goto fail; 3809 } 3810 if (params->freq) { 3811 wpa_printf(MSG_DEBUG, " * freq=%d", params->freq); 3812 if (nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, params->freq)) 3813 goto fail; 3814 } 3815 if (params->ssid) { 3816 wpa_printf(MSG_DEBUG, " * SSID=%s", 3817 wpa_ssid_txt(params->ssid, params->ssid_len)); 3818 if (nla_put(msg, NL80211_ATTR_SSID, params->ssid_len, 3819 params->ssid)) 3820 goto fail; 3821 } 3822 wpa_hexdump(MSG_DEBUG, " * IEs", params->ie, params->ie_len); 3823 if (params->ie && 3824 nla_put(msg, NL80211_ATTR_IE, params->ie_len, params->ie)) 3825 goto fail; 3826 if (params->auth_data) { 3827 wpa_hexdump(MSG_DEBUG, " * auth_data", params->auth_data, 3828 params->auth_data_len); 3829 if (nla_put(msg, NL80211_ATTR_SAE_DATA, params->auth_data_len, 3830 params->auth_data)) 3831 goto fail; 3832 } 3833 type = get_nl_auth_type(params->auth_alg); 3834 wpa_printf(MSG_DEBUG, " * Auth Type %d", type); 3835 if (type == NL80211_AUTHTYPE_MAX || 3836 nla_put_u32(msg, NL80211_ATTR_AUTH_TYPE, type)) 3837 goto fail; 3838 if (params->local_state_change) { 3839 wpa_printf(MSG_DEBUG, " * Local state change only"); 3840 if (nla_put_flag(msg, NL80211_ATTR_LOCAL_STATE_CHANGE)) 3841 goto fail; 3842 } 3843 3844 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); 3845 msg = NULL; 3846 if (ret) { 3847 wpa_dbg(drv->ctx, MSG_DEBUG, 3848 "nl80211: MLME command failed (auth): count=%d ret=%d (%s)", 3849 count, ret, strerror(-ret)); 3850 count++; 3851 if ((ret == -EALREADY || ret == -EEXIST) && count == 1 && 3852 params->bssid && !params->local_state_change) { 3853 /* 3854 * mac80211 does not currently accept new 3855 * authentication if we are already authenticated. As a 3856 * workaround, force deauthentication and try again. 3857 */ 3858 wpa_printf(MSG_DEBUG, "nl80211: Retry authentication " 3859 "after forced deauthentication"); 3860 drv->ignore_deauth_event = 1; 3861 wpa_driver_nl80211_deauthenticate( 3862 bss, params->bssid, 3863 WLAN_REASON_PREV_AUTH_NOT_VALID); 3864 nlmsg_free(msg); 3865 goto retry; 3866 } 3867 3868 if (ret == -ENOENT && params->freq && !is_retry) { 3869 /* 3870 * cfg80211 has likely expired the BSS entry even 3871 * though it was previously available in our internal 3872 * BSS table. To recover quickly, start a single 3873 * channel scan on the specified channel. 3874 */ 3875 struct wpa_driver_scan_params scan; 3876 int freqs[2]; 3877 3878 os_memset(&scan, 0, sizeof(scan)); 3879 scan.num_ssids = 1; 3880 if (params->ssid) { 3881 scan.ssids[0].ssid = params->ssid; 3882 scan.ssids[0].ssid_len = params->ssid_len; 3883 } 3884 freqs[0] = params->freq; 3885 freqs[1] = 0; 3886 scan.freqs = freqs; 3887 wpa_printf(MSG_DEBUG, "nl80211: Trigger single " 3888 "channel scan to refresh cfg80211 BSS " 3889 "entry"); 3890 ret = wpa_driver_nl80211_scan(bss, &scan); 3891 if (ret == 0) { 3892 nl80211_copy_auth_params(drv, params); 3893 drv->scan_for_auth = 1; 3894 } 3895 } else if (is_retry) { 3896 /* 3897 * Need to indicate this with an event since the return 3898 * value from the retry is not delivered to core code. 3899 */ 3900 union wpa_event_data event; 3901 wpa_printf(MSG_DEBUG, "nl80211: Authentication retry " 3902 "failed"); 3903 os_memset(&event, 0, sizeof(event)); 3904 os_memcpy(event.timeout_event.addr, drv->auth_bssid_, 3905 ETH_ALEN); 3906 wpa_supplicant_event(drv->ctx, EVENT_AUTH_TIMED_OUT, 3907 &event); 3908 } 3909 } else { 3910 wpa_printf(MSG_DEBUG, 3911 "nl80211: Authentication request send successfully"); 3912 } 3913 3914 fail: 3915 nlmsg_free(msg); 3916 return ret; 3917 } 3918 3919 3920 int wpa_driver_nl80211_authenticate_retry(struct wpa_driver_nl80211_data *drv) 3921 { 3922 struct wpa_driver_auth_params params; 3923 struct i802_bss *bss = drv->first_bss; 3924 int i; 3925 3926 wpa_printf(MSG_DEBUG, "nl80211: Try to authenticate again"); 3927 3928 os_memset(¶ms, 0, sizeof(params)); 3929 params.freq = drv->auth_freq; 3930 params.auth_alg = drv->auth_alg; 3931 params.wep_tx_keyidx = drv->auth_wep_tx_keyidx; 3932 params.local_state_change = drv->auth_local_state_change; 3933 params.p2p = drv->auth_p2p; 3934 3935 if (!is_zero_ether_addr(drv->auth_bssid_)) 3936 params.bssid = drv->auth_bssid_; 3937 3938 if (drv->auth_ssid_len) { 3939 params.ssid = drv->auth_ssid; 3940 params.ssid_len = drv->auth_ssid_len; 3941 } 3942 3943 params.ie = drv->auth_ie; 3944 params.ie_len = drv->auth_ie_len; 3945 params.auth_data = drv->auth_data; 3946 params.auth_data_len = drv->auth_data_len; 3947 3948 for (i = 0; i < 4; i++) { 3949 if (drv->auth_wep_key_len[i]) { 3950 params.wep_key[i] = drv->auth_wep_key[i]; 3951 params.wep_key_len[i] = drv->auth_wep_key_len[i]; 3952 } 3953 } 3954 3955 drv->retry_auth = 1; 3956 return wpa_driver_nl80211_authenticate(bss, ¶ms); 3957 } 3958 3959 3960 static int wpa_driver_nl80211_send_mlme(struct i802_bss *bss, const u8 *data, 3961 size_t data_len, int noack, 3962 unsigned int freq, int no_cck, 3963 int offchanok, 3964 unsigned int wait_time, 3965 const u16 *csa_offs, 3966 size_t csa_offs_len, int no_encrypt) 3967 { 3968 struct wpa_driver_nl80211_data *drv = bss->drv; 3969 struct ieee80211_mgmt *mgmt; 3970 int encrypt = !no_encrypt; 3971 u16 fc; 3972 int use_cookie = 1; 3973 int res; 3974 3975 mgmt = (struct ieee80211_mgmt *) data; 3976 fc = le_to_host16(mgmt->frame_control); 3977 wpa_printf(MSG_DEBUG, "nl80211: send_mlme - da=" MACSTR 3978 " noack=%d freq=%u no_cck=%d offchanok=%d wait_time=%u no_encrypt=%d fc=0x%x (%s) nlmode=%d", 3979 MAC2STR(mgmt->da), noack, freq, no_cck, offchanok, wait_time, 3980 no_encrypt, fc, fc2str(fc), drv->nlmode); 3981 3982 if ((is_sta_interface(drv->nlmode) || 3983 drv->nlmode == NL80211_IFTYPE_P2P_DEVICE) && 3984 WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT && 3985 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_PROBE_RESP) { 3986 /* 3987 * The use of last_mgmt_freq is a bit of a hack, 3988 * but it works due to the single-threaded nature 3989 * of wpa_supplicant. 3990 */ 3991 if (freq == 0) { 3992 wpa_printf(MSG_DEBUG, "nl80211: Use last_mgmt_freq=%d", 3993 drv->last_mgmt_freq); 3994 freq = drv->last_mgmt_freq; 3995 } 3996 wait_time = 0; 3997 use_cookie = 0; 3998 no_cck = 1; 3999 offchanok = 1; 4000 goto send_frame_cmd; 4001 } 4002 4003 if (drv->device_ap_sme && is_ap_interface(drv->nlmode)) { 4004 if (freq == 0) { 4005 wpa_printf(MSG_DEBUG, "nl80211: Use bss->freq=%d", 4006 bss->freq); 4007 freq = bss->freq; 4008 } 4009 if ((int) freq == bss->freq) 4010 wait_time = 0; 4011 goto send_frame_cmd; 4012 } 4013 4014 if (WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT && 4015 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_AUTH) { 4016 /* 4017 * Only one of the authentication frame types is encrypted. 4018 * In order for static WEP encryption to work properly (i.e., 4019 * to not encrypt the frame), we need to tell mac80211 about 4020 * the frames that must not be encrypted. 4021 */ 4022 u16 auth_alg = le_to_host16(mgmt->u.auth.auth_alg); 4023 u16 auth_trans = le_to_host16(mgmt->u.auth.auth_transaction); 4024 if (auth_alg != WLAN_AUTH_SHARED_KEY || auth_trans != 3) 4025 encrypt = 0; 4026 } 4027 4028 if (is_sta_interface(drv->nlmode) && 4029 WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT && 4030 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_AUTH) { 4031 if (freq == 0 && 4032 (drv->capa.flags & WPA_DRIVER_FLAGS_SAE) && 4033 !(drv->capa.flags & WPA_DRIVER_FLAGS_SME)) { 4034 freq = nl80211_get_assoc_freq(drv); 4035 wpa_printf(MSG_DEBUG, 4036 "nl80211: send_mlme - Use assoc_freq=%u for external auth", 4037 freq); 4038 } 4039 4040 /* Allow off channel for PASN authentication */ 4041 if (data_len >= IEEE80211_HDRLEN + 2 && 4042 WPA_GET_LE16(data + IEEE80211_HDRLEN) == WLAN_AUTH_PASN && 4043 !offchanok) { 4044 wpa_printf(MSG_DEBUG, 4045 "nl80211: send_mlme: allow off channel for PASN"); 4046 offchanok = 1; 4047 } 4048 } 4049 4050 #ifdef CONFIG_PASN 4051 if (is_sta_interface(drv->nlmode) && 4052 WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT && 4053 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_DEAUTH) { 4054 wpa_printf(MSG_DEBUG, 4055 "nl80211: send_mlme: allow Deauthentication frame for PASN"); 4056 4057 use_cookie = 0; 4058 offchanok = 1; 4059 goto send_frame_cmd; 4060 } 4061 #endif /* CONFIG_PASN */ 4062 4063 if (freq == 0 && drv->nlmode == NL80211_IFTYPE_ADHOC) { 4064 freq = nl80211_get_assoc_freq(drv); 4065 wpa_printf(MSG_DEBUG, 4066 "nl80211: send_mlme - Use assoc_freq=%u for IBSS", 4067 freq); 4068 } 4069 if (freq == 0) { 4070 wpa_printf(MSG_DEBUG, "nl80211: send_mlme - Use bss->freq=%u", 4071 bss->freq); 4072 freq = bss->freq; 4073 } 4074 4075 if (drv->use_monitor) { 4076 wpa_printf(MSG_DEBUG, 4077 "nl80211: send_frame(freq=%u bss->freq=%u) -> send_monitor", 4078 freq, bss->freq); 4079 return nl80211_send_monitor(drv, data, data_len, encrypt, 4080 noack); 4081 } 4082 4083 if (noack || WLAN_FC_GET_TYPE(fc) != WLAN_FC_TYPE_MGMT || 4084 WLAN_FC_GET_STYPE(fc) != WLAN_FC_STYPE_ACTION) 4085 use_cookie = 0; 4086 send_frame_cmd: 4087 #ifdef CONFIG_TESTING_OPTIONS 4088 if (no_encrypt && !encrypt && !drv->use_monitor) { 4089 wpa_printf(MSG_DEBUG, 4090 "nl80211: Request to send an unencrypted frame - use a monitor interface for this"); 4091 if (nl80211_create_monitor_interface(drv) < 0) 4092 return -1; 4093 res = nl80211_send_monitor(drv, data, data_len, encrypt, 4094 noack); 4095 nl80211_remove_monitor_interface(drv); 4096 return res; 4097 } 4098 #endif /* CONFIG_TESTING_OPTIONS */ 4099 4100 wpa_printf(MSG_DEBUG, "nl80211: send_mlme -> send_frame_cmd"); 4101 res = nl80211_send_frame_cmd(bss, freq, wait_time, data, data_len, 4102 use_cookie, no_cck, noack, offchanok, 4103 csa_offs, csa_offs_len); 4104 4105 return res; 4106 } 4107 4108 4109 static int nl80211_put_basic_rates(struct nl_msg *msg, const int *basic_rates) 4110 { 4111 u8 rates[NL80211_MAX_SUPP_RATES]; 4112 u8 rates_len = 0; 4113 int i; 4114 4115 if (!basic_rates) 4116 return 0; 4117 4118 for (i = 0; i < NL80211_MAX_SUPP_RATES && basic_rates[i] >= 0; i++) 4119 rates[rates_len++] = basic_rates[i] / 5; 4120 4121 return nla_put(msg, NL80211_ATTR_BSS_BASIC_RATES, rates_len, rates); 4122 } 4123 4124 4125 static int nl80211_set_bss(struct i802_bss *bss, int cts, int preamble, 4126 int slot, int ht_opmode, int ap_isolate, 4127 const int *basic_rates) 4128 { 4129 struct wpa_driver_nl80211_data *drv = bss->drv; 4130 struct nl_msg *msg; 4131 4132 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_BSS)) || 4133 (cts >= 0 && 4134 nla_put_u8(msg, NL80211_ATTR_BSS_CTS_PROT, cts)) || 4135 (preamble >= 0 && 4136 nla_put_u8(msg, NL80211_ATTR_BSS_SHORT_PREAMBLE, preamble)) || 4137 (slot >= 0 && 4138 nla_put_u8(msg, NL80211_ATTR_BSS_SHORT_SLOT_TIME, slot)) || 4139 (ht_opmode >= 0 && 4140 nla_put_u16(msg, NL80211_ATTR_BSS_HT_OPMODE, ht_opmode)) || 4141 (ap_isolate >= 0 && 4142 nla_put_u8(msg, NL80211_ATTR_AP_ISOLATE, ap_isolate)) || 4143 nl80211_put_basic_rates(msg, basic_rates)) { 4144 nlmsg_free(msg); 4145 return -ENOBUFS; 4146 } 4147 4148 return send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); 4149 } 4150 4151 4152 static int wpa_driver_nl80211_set_acl(void *priv, 4153 struct hostapd_acl_params *params) 4154 { 4155 struct i802_bss *bss = priv; 4156 struct wpa_driver_nl80211_data *drv = bss->drv; 4157 struct nl_msg *msg; 4158 struct nl_msg *acl; 4159 unsigned int i; 4160 int ret; 4161 size_t acl_nla_sz, acl_nlmsg_sz, nla_sz, nlmsg_sz; 4162 4163 if (!(drv->capa.max_acl_mac_addrs)) 4164 return -ENOTSUP; 4165 4166 if (params->num_mac_acl > drv->capa.max_acl_mac_addrs) 4167 return -ENOTSUP; 4168 4169 wpa_printf(MSG_DEBUG, "nl80211: Set %s ACL (num_mac_acl=%u)", 4170 params->acl_policy ? "Accept" : "Deny", params->num_mac_acl); 4171 4172 acl_nla_sz = nla_total_size(ETH_ALEN) * params->num_mac_acl; 4173 acl_nlmsg_sz = nlmsg_total_size(acl_nla_sz); 4174 acl = nlmsg_alloc_size(acl_nlmsg_sz); 4175 if (!acl) 4176 return -ENOMEM; 4177 for (i = 0; i < params->num_mac_acl; i++) { 4178 if (nla_put(acl, i + 1, ETH_ALEN, params->mac_acl[i].addr)) { 4179 nlmsg_free(acl); 4180 return -ENOMEM; 4181 } 4182 } 4183 4184 /* 4185 * genetlink message header (Length of user header is 0) + 4186 * u32 attr: NL80211_ATTR_IFINDEX + 4187 * u32 attr: NL80211_ATTR_ACL_POLICY + 4188 * nested acl attr 4189 */ 4190 nla_sz = GENL_HDRLEN + 4191 nla_total_size(4) * 2 + 4192 nla_total_size(acl_nla_sz); 4193 nlmsg_sz = nlmsg_total_size(nla_sz); 4194 if (!(msg = nl80211_ifindex_msg_build(drv, nlmsg_alloc_size(nlmsg_sz), 4195 drv->ifindex, 0, 4196 NL80211_CMD_SET_MAC_ACL)) || 4197 nla_put_u32(msg, NL80211_ATTR_ACL_POLICY, params->acl_policy ? 4198 NL80211_ACL_POLICY_DENY_UNLESS_LISTED : 4199 NL80211_ACL_POLICY_ACCEPT_UNLESS_LISTED) || 4200 nla_put_nested(msg, NL80211_ATTR_MAC_ADDRS, acl)) { 4201 nlmsg_free(msg); 4202 nlmsg_free(acl); 4203 return -ENOMEM; 4204 } 4205 nlmsg_free(acl); 4206 4207 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); 4208 if (ret) { 4209 wpa_printf(MSG_DEBUG, "nl80211: Failed to set MAC ACL: %d (%s)", 4210 ret, strerror(-ret)); 4211 } 4212 4213 return ret; 4214 } 4215 4216 4217 static int nl80211_put_beacon_int(struct nl_msg *msg, int beacon_int) 4218 { 4219 if (beacon_int > 0) { 4220 wpa_printf(MSG_DEBUG, " * beacon_int=%d", beacon_int); 4221 return nla_put_u32(msg, NL80211_ATTR_BEACON_INTERVAL, 4222 beacon_int); 4223 } 4224 4225 return 0; 4226 } 4227 4228 4229 static int nl80211_put_dtim_period(struct nl_msg *msg, int dtim_period) 4230 { 4231 if (dtim_period > 0) { 4232 wpa_printf(MSG_DEBUG, " * dtim_period=%d", dtim_period); 4233 return nla_put_u32(msg, NL80211_ATTR_DTIM_PERIOD, dtim_period); 4234 } 4235 4236 return 0; 4237 } 4238 4239 4240 #ifdef CONFIG_MESH 4241 static int nl80211_set_mesh_config(void *priv, 4242 struct wpa_driver_mesh_bss_params *params) 4243 { 4244 struct i802_bss *bss = priv; 4245 struct wpa_driver_nl80211_data *drv = bss->drv; 4246 struct nl_msg *msg; 4247 int ret; 4248 4249 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_SET_MESH_CONFIG); 4250 if (!msg) 4251 return -1; 4252 4253 ret = nl80211_put_mesh_config(msg, params); 4254 if (ret < 0) { 4255 nlmsg_free(msg); 4256 return ret; 4257 } 4258 4259 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); 4260 if (ret) { 4261 wpa_printf(MSG_ERROR, 4262 "nl80211: Mesh config set failed: %d (%s)", 4263 ret, strerror(-ret)); 4264 return ret; 4265 } 4266 return 0; 4267 } 4268 #endif /* CONFIG_MESH */ 4269 4270 4271 static int nl80211_put_beacon_rate(struct nl_msg *msg, u64 flags, u64 flags2, 4272 struct wpa_driver_ap_params *params) 4273 { 4274 struct nlattr *bands, *band; 4275 struct nl80211_txrate_vht vht_rate; 4276 struct nl80211_txrate_he he_rate; 4277 4278 if (!params->freq || 4279 (params->beacon_rate == 0 && 4280 params->rate_type == BEACON_RATE_LEGACY)) 4281 return 0; 4282 4283 bands = nla_nest_start(msg, NL80211_ATTR_TX_RATES); 4284 if (!bands) 4285 return -1; 4286 4287 switch (params->freq->mode) { 4288 case HOSTAPD_MODE_IEEE80211B: 4289 case HOSTAPD_MODE_IEEE80211G: 4290 band = nla_nest_start(msg, NL80211_BAND_2GHZ); 4291 break; 4292 case HOSTAPD_MODE_IEEE80211A: 4293 if (is_6ghz_freq(params->freq->freq)) 4294 band = nla_nest_start(msg, NL80211_BAND_6GHZ); 4295 else 4296 band = nla_nest_start(msg, NL80211_BAND_5GHZ); 4297 break; 4298 case HOSTAPD_MODE_IEEE80211AD: 4299 band = nla_nest_start(msg, NL80211_BAND_60GHZ); 4300 break; 4301 default: 4302 return 0; 4303 } 4304 4305 if (!band) 4306 return -1; 4307 4308 os_memset(&vht_rate, 0, sizeof(vht_rate)); 4309 os_memset(&he_rate, 0, sizeof(he_rate)); 4310 4311 switch (params->rate_type) { 4312 case BEACON_RATE_LEGACY: 4313 if (!(flags & WPA_DRIVER_FLAGS_BEACON_RATE_LEGACY)) { 4314 wpa_printf(MSG_INFO, 4315 "nl80211: Driver does not support setting Beacon frame rate (legacy)"); 4316 return -1; 4317 } 4318 4319 if (nla_put_u8(msg, NL80211_TXRATE_LEGACY, 4320 (u8) params->beacon_rate / 5) || 4321 nla_put(msg, NL80211_TXRATE_HT, 0, NULL) || 4322 (params->freq->vht_enabled && 4323 nla_put(msg, NL80211_TXRATE_VHT, sizeof(vht_rate), 4324 &vht_rate))) 4325 return -1; 4326 4327 wpa_printf(MSG_DEBUG, " * beacon_rate = legacy:%u (* 100 kbps)", 4328 params->beacon_rate); 4329 break; 4330 case BEACON_RATE_HT: 4331 if (!(flags & WPA_DRIVER_FLAGS_BEACON_RATE_HT)) { 4332 wpa_printf(MSG_INFO, 4333 "nl80211: Driver does not support setting Beacon frame rate (HT)"); 4334 return -1; 4335 } 4336 if (nla_put(msg, NL80211_TXRATE_LEGACY, 0, NULL) || 4337 nla_put_u8(msg, NL80211_TXRATE_HT, params->beacon_rate) || 4338 (params->freq->vht_enabled && 4339 nla_put(msg, NL80211_TXRATE_VHT, sizeof(vht_rate), 4340 &vht_rate))) 4341 return -1; 4342 wpa_printf(MSG_DEBUG, " * beacon_rate = HT-MCS %u", 4343 params->beacon_rate); 4344 break; 4345 case BEACON_RATE_VHT: 4346 if (!(flags & WPA_DRIVER_FLAGS_BEACON_RATE_VHT)) { 4347 wpa_printf(MSG_INFO, 4348 "nl80211: Driver does not support setting Beacon frame rate (VHT)"); 4349 return -1; 4350 } 4351 vht_rate.mcs[0] = BIT(params->beacon_rate); 4352 if (nla_put(msg, NL80211_TXRATE_LEGACY, 0, NULL)) 4353 return -1; 4354 if (nla_put(msg, NL80211_TXRATE_HT, 0, NULL)) 4355 return -1; 4356 if (nla_put(msg, NL80211_TXRATE_VHT, sizeof(vht_rate), 4357 &vht_rate)) 4358 return -1; 4359 wpa_printf(MSG_DEBUG, " * beacon_rate = VHT-MCS %u", 4360 params->beacon_rate); 4361 break; 4362 case BEACON_RATE_HE: 4363 if (!(flags2 & WPA_DRIVER_FLAGS2_BEACON_RATE_HE)) { 4364 wpa_printf(MSG_INFO, 4365 "nl80211: Driver does not support setting Beacon frame rate (HE)"); 4366 return -1; 4367 } 4368 he_rate.mcs[0] = BIT(params->beacon_rate); 4369 if (nla_put(msg, NL80211_TXRATE_LEGACY, 0, NULL) || 4370 nla_put(msg, NL80211_TXRATE_HT, 0, NULL) || 4371 nla_put(msg, NL80211_TXRATE_VHT, sizeof(vht_rate), 4372 &vht_rate) || 4373 nla_put(msg, NL80211_TXRATE_HE, sizeof(he_rate), &he_rate)) 4374 return -1; 4375 wpa_printf(MSG_DEBUG, " * beacon_rate = HE-MCS %u", 4376 params->beacon_rate); 4377 break; 4378 } 4379 4380 nla_nest_end(msg, band); 4381 nla_nest_end(msg, bands); 4382 4383 return 0; 4384 } 4385 4386 4387 static int nl80211_set_multicast_to_unicast(struct i802_bss *bss, 4388 int multicast_to_unicast) 4389 { 4390 struct wpa_driver_nl80211_data *drv = bss->drv; 4391 struct nl_msg *msg; 4392 int ret; 4393 4394 msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_MULTICAST_TO_UNICAST); 4395 if (!msg || 4396 (multicast_to_unicast && 4397 nla_put_flag(msg, NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED))) { 4398 wpa_printf(MSG_ERROR, 4399 "nl80211: Failed to build NL80211_CMD_SET_MULTICAST_TO_UNICAST msg for %s", 4400 bss->ifname); 4401 nlmsg_free(msg); 4402 return -ENOBUFS; 4403 } 4404 4405 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); 4406 4407 switch (ret) { 4408 case 0: 4409 wpa_printf(MSG_DEBUG, 4410 "nl80211: multicast to unicast %s on interface %s", 4411 multicast_to_unicast ? "enabled" : "disabled", 4412 bss->ifname); 4413 break; 4414 case -EOPNOTSUPP: 4415 if (!multicast_to_unicast) 4416 break; 4417 wpa_printf(MSG_INFO, 4418 "nl80211: multicast to unicast not supported on interface %s", 4419 bss->ifname); 4420 break; 4421 default: 4422 wpa_printf(MSG_ERROR, 4423 "nl80211: %s multicast to unicast failed with %d (%s) on interface %s", 4424 multicast_to_unicast ? "enabling" : "disabling", 4425 ret, strerror(-ret), bss->ifname); 4426 break; 4427 } 4428 4429 return ret; 4430 } 4431 4432 4433 #ifdef CONFIG_SAE 4434 static int nl80211_put_sae_pwe(struct nl_msg *msg, int pwe) 4435 { 4436 u8 sae_pwe; 4437 4438 wpa_printf(MSG_DEBUG, "nl802111: sae_pwe=%d", pwe); 4439 if (pwe == 0) 4440 sae_pwe = NL80211_SAE_PWE_HUNT_AND_PECK; 4441 else if (pwe == 1) 4442 sae_pwe = NL80211_SAE_PWE_HASH_TO_ELEMENT; 4443 else if (pwe == 2) 4444 sae_pwe = NL80211_SAE_PWE_BOTH; 4445 else if (pwe == 3) 4446 return 0; /* special test mode */ 4447 else 4448 return -1; 4449 if (nla_put_u8(msg, NL80211_ATTR_SAE_PWE, sae_pwe)) 4450 return -1; 4451 4452 return 0; 4453 } 4454 #endif /* CONFIG_SAE */ 4455 4456 4457 #ifdef CONFIG_FILS 4458 static int nl80211_fils_discovery(struct i802_bss *bss, struct nl_msg *msg, 4459 struct wpa_driver_ap_params *params) 4460 { 4461 struct nlattr *attr; 4462 4463 if (!bss->drv->fils_discovery) { 4464 wpa_printf(MSG_ERROR, 4465 "nl80211: Driver does not support FILS Discovery frame transmission for %s", 4466 bss->ifname); 4467 return -1; 4468 } 4469 4470 attr = nla_nest_start(msg, NL80211_ATTR_FILS_DISCOVERY); 4471 if (!attr || 4472 nla_put_u32(msg, NL80211_FILS_DISCOVERY_ATTR_INT_MIN, 4473 params->fd_min_int) || 4474 nla_put_u32(msg, NL80211_FILS_DISCOVERY_ATTR_INT_MAX, 4475 params->fd_max_int) || 4476 (params->fd_frame_tmpl && 4477 nla_put(msg, NL80211_FILS_DISCOVERY_ATTR_TMPL, 4478 params->fd_frame_tmpl_len, params->fd_frame_tmpl))) 4479 return -1; 4480 4481 nla_nest_end(msg, attr); 4482 return 0; 4483 } 4484 #endif /* CONFIG_FILS */ 4485 4486 4487 #ifdef CONFIG_IEEE80211AX 4488 static int nl80211_unsol_bcast_probe_resp(struct i802_bss *bss, 4489 struct nl_msg *msg, 4490 struct wpa_driver_ap_params *params) 4491 { 4492 struct nlattr *attr; 4493 4494 if (!bss->drv->unsol_bcast_probe_resp) { 4495 wpa_printf(MSG_ERROR, 4496 "nl80211: Driver does not support unsolicited broadcast Probe Response frame transmission for %s", 4497 bss->ifname); 4498 return -1; 4499 } 4500 4501 wpa_printf(MSG_DEBUG, 4502 "nl80211: Unsolicited broadcast Probe Response frame interval: %u", 4503 params->unsol_bcast_probe_resp_interval); 4504 attr = nla_nest_start(msg, NL80211_ATTR_UNSOL_BCAST_PROBE_RESP); 4505 if (!attr || 4506 nla_put_u32(msg, NL80211_UNSOL_BCAST_PROBE_RESP_ATTR_INT, 4507 params->unsol_bcast_probe_resp_interval) || 4508 (params->unsol_bcast_probe_resp_tmpl && 4509 nla_put(msg, NL80211_UNSOL_BCAST_PROBE_RESP_ATTR_TMPL, 4510 params->unsol_bcast_probe_resp_tmpl_len, 4511 params->unsol_bcast_probe_resp_tmpl))) 4512 return -1; 4513 4514 nla_nest_end(msg, attr); 4515 return 0; 4516 } 4517 #endif /* CONFIG_IEEE80211AX */ 4518 4519 4520 static int wpa_driver_nl80211_set_ap(void *priv, 4521 struct wpa_driver_ap_params *params) 4522 { 4523 struct i802_bss *bss = priv; 4524 struct wpa_driver_nl80211_data *drv = bss->drv; 4525 struct nl_msg *msg; 4526 u8 cmd = NL80211_CMD_NEW_BEACON; 4527 int ret = -ENOBUFS; 4528 int beacon_set; 4529 int num_suites; 4530 u32 suites[20], suite; 4531 u32 ver; 4532 #ifdef CONFIG_MESH 4533 struct wpa_driver_mesh_bss_params mesh_params; 4534 #endif /* CONFIG_MESH */ 4535 4536 beacon_set = params->reenable ? 0 : bss->beacon_set; 4537 4538 wpa_printf(MSG_DEBUG, "nl80211: Set beacon (beacon_set=%d)", 4539 beacon_set); 4540 if (beacon_set) 4541 cmd = NL80211_CMD_SET_BEACON; 4542 else if (!drv->device_ap_sme && !drv->use_monitor && 4543 !nl80211_get_wiphy_data_ap(bss)) 4544 return -ENOBUFS; 4545 4546 wpa_hexdump(MSG_DEBUG, "nl80211: Beacon head", 4547 params->head, params->head_len); 4548 wpa_hexdump(MSG_DEBUG, "nl80211: Beacon tail", 4549 params->tail, params->tail_len); 4550 wpa_printf(MSG_DEBUG, "nl80211: ifindex=%d", bss->ifindex); 4551 wpa_printf(MSG_DEBUG, "nl80211: beacon_int=%d", params->beacon_int); 4552 wpa_printf(MSG_DEBUG, "nl80211: beacon_rate=%u", params->beacon_rate); 4553 wpa_printf(MSG_DEBUG, "nl80211: rate_type=%d", params->rate_type); 4554 wpa_printf(MSG_DEBUG, "nl80211: dtim_period=%d", params->dtim_period); 4555 wpa_printf(MSG_DEBUG, "nl80211: ssid=%s", 4556 wpa_ssid_txt(params->ssid, params->ssid_len)); 4557 if (!(msg = nl80211_bss_msg(bss, 0, cmd)) || 4558 nla_put(msg, NL80211_ATTR_BEACON_HEAD, params->head_len, 4559 params->head) || 4560 nla_put(msg, NL80211_ATTR_BEACON_TAIL, params->tail_len, 4561 params->tail) || 4562 nl80211_put_beacon_int(msg, params->beacon_int) || 4563 nl80211_put_beacon_rate(msg, drv->capa.flags, drv->capa.flags2, 4564 params) || 4565 nl80211_put_dtim_period(msg, params->dtim_period) || 4566 nla_put(msg, NL80211_ATTR_SSID, params->ssid_len, params->ssid)) 4567 goto fail; 4568 if (params->proberesp && params->proberesp_len) { 4569 wpa_hexdump(MSG_DEBUG, "nl80211: proberesp (offload)", 4570 params->proberesp, params->proberesp_len); 4571 if (nla_put(msg, NL80211_ATTR_PROBE_RESP, params->proberesp_len, 4572 params->proberesp)) 4573 goto fail; 4574 } 4575 switch (params->hide_ssid) { 4576 case NO_SSID_HIDING: 4577 wpa_printf(MSG_DEBUG, "nl80211: hidden SSID not in use"); 4578 if (nla_put_u32(msg, NL80211_ATTR_HIDDEN_SSID, 4579 NL80211_HIDDEN_SSID_NOT_IN_USE)) 4580 goto fail; 4581 break; 4582 case HIDDEN_SSID_ZERO_LEN: 4583 wpa_printf(MSG_DEBUG, "nl80211: hidden SSID zero len"); 4584 if (nla_put_u32(msg, NL80211_ATTR_HIDDEN_SSID, 4585 NL80211_HIDDEN_SSID_ZERO_LEN)) 4586 goto fail; 4587 break; 4588 case HIDDEN_SSID_ZERO_CONTENTS: 4589 wpa_printf(MSG_DEBUG, "nl80211: hidden SSID zero contents"); 4590 if (nla_put_u32(msg, NL80211_ATTR_HIDDEN_SSID, 4591 NL80211_HIDDEN_SSID_ZERO_CONTENTS)) 4592 goto fail; 4593 break; 4594 } 4595 wpa_printf(MSG_DEBUG, "nl80211: privacy=%d", params->privacy); 4596 if (params->privacy && 4597 nla_put_flag(msg, NL80211_ATTR_PRIVACY)) 4598 goto fail; 4599 wpa_printf(MSG_DEBUG, "nl80211: auth_algs=0x%x", params->auth_algs); 4600 if ((params->auth_algs & (WPA_AUTH_ALG_OPEN | WPA_AUTH_ALG_SHARED)) == 4601 (WPA_AUTH_ALG_OPEN | WPA_AUTH_ALG_SHARED)) { 4602 /* Leave out the attribute */ 4603 } else if (params->auth_algs & WPA_AUTH_ALG_SHARED) { 4604 if (nla_put_u32(msg, NL80211_ATTR_AUTH_TYPE, 4605 NL80211_AUTHTYPE_SHARED_KEY)) 4606 goto fail; 4607 } else { 4608 if (nla_put_u32(msg, NL80211_ATTR_AUTH_TYPE, 4609 NL80211_AUTHTYPE_OPEN_SYSTEM)) 4610 goto fail; 4611 } 4612 4613 wpa_printf(MSG_DEBUG, "nl80211: wpa_version=0x%x", params->wpa_version); 4614 ver = 0; 4615 if (params->wpa_version & WPA_PROTO_WPA) 4616 ver |= NL80211_WPA_VERSION_1; 4617 if (params->wpa_version & WPA_PROTO_RSN) 4618 ver |= NL80211_WPA_VERSION_2; 4619 if (ver && 4620 nla_put_u32(msg, NL80211_ATTR_WPA_VERSIONS, ver)) 4621 goto fail; 4622 4623 wpa_printf(MSG_DEBUG, "nl80211: key_mgmt_suites=0x%x", 4624 params->key_mgmt_suites); 4625 num_suites = wpa_key_mgmt_to_suites(params->key_mgmt_suites, 4626 suites, ARRAY_SIZE(suites)); 4627 if (num_suites > NL80211_MAX_NR_AKM_SUITES) 4628 wpa_printf(MSG_DEBUG, 4629 "nl80211: Not enough room for all AKM suites (num_suites=%d > NL80211_MAX_NR_AKM_SUITES)", 4630 num_suites); 4631 else if (num_suites && 4632 nla_put(msg, NL80211_ATTR_AKM_SUITES, num_suites * sizeof(u32), 4633 suites)) 4634 goto fail; 4635 4636 if (params->key_mgmt_suites & WPA_KEY_MGMT_IEEE8021X_NO_WPA && 4637 (!params->pairwise_ciphers || 4638 params->pairwise_ciphers & (WPA_CIPHER_WEP104 | WPA_CIPHER_WEP40)) && 4639 (nla_put_u16(msg, NL80211_ATTR_CONTROL_PORT_ETHERTYPE, ETH_P_PAE) || 4640 nla_put_flag(msg, NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT))) 4641 goto fail; 4642 4643 if (drv->device_ap_sme && 4644 (params->key_mgmt_suites & WPA_KEY_MGMT_SAE) && 4645 nla_put_flag(msg, NL80211_ATTR_EXTERNAL_AUTH_SUPPORT)) 4646 goto fail; 4647 4648 wpa_printf(MSG_DEBUG, "nl80211: pairwise_ciphers=0x%x", 4649 params->pairwise_ciphers); 4650 num_suites = wpa_cipher_to_cipher_suites(params->pairwise_ciphers, 4651 suites, ARRAY_SIZE(suites)); 4652 if (num_suites && 4653 nla_put(msg, NL80211_ATTR_CIPHER_SUITES_PAIRWISE, 4654 num_suites * sizeof(u32), suites)) 4655 goto fail; 4656 4657 wpa_printf(MSG_DEBUG, "nl80211: group_cipher=0x%x", 4658 params->group_cipher); 4659 suite = wpa_cipher_to_cipher_suite(params->group_cipher); 4660 if (suite && 4661 nla_put_u32(msg, NL80211_ATTR_CIPHER_SUITE_GROUP, suite)) 4662 goto fail; 4663 4664 if (params->beacon_ies) { 4665 wpa_hexdump_buf(MSG_DEBUG, "nl80211: beacon_ies", 4666 params->beacon_ies); 4667 if (nla_put(msg, NL80211_ATTR_IE, 4668 wpabuf_len(params->beacon_ies), 4669 wpabuf_head(params->beacon_ies))) 4670 goto fail; 4671 } 4672 if (params->proberesp_ies) { 4673 wpa_hexdump_buf(MSG_DEBUG, "nl80211: proberesp_ies", 4674 params->proberesp_ies); 4675 if (nla_put(msg, NL80211_ATTR_IE_PROBE_RESP, 4676 wpabuf_len(params->proberesp_ies), 4677 wpabuf_head(params->proberesp_ies))) 4678 goto fail; 4679 } 4680 if (params->assocresp_ies) { 4681 wpa_hexdump_buf(MSG_DEBUG, "nl80211: assocresp_ies", 4682 params->assocresp_ies); 4683 if (nla_put(msg, NL80211_ATTR_IE_ASSOC_RESP, 4684 wpabuf_len(params->assocresp_ies), 4685 wpabuf_head(params->assocresp_ies))) 4686 goto fail; 4687 } 4688 4689 if (drv->capa.flags & WPA_DRIVER_FLAGS_INACTIVITY_TIMER) { 4690 wpa_printf(MSG_DEBUG, "nl80211: ap_max_inactivity=%d", 4691 params->ap_max_inactivity); 4692 if (nla_put_u16(msg, NL80211_ATTR_INACTIVITY_TIMEOUT, 4693 params->ap_max_inactivity)) 4694 goto fail; 4695 } 4696 4697 #ifdef CONFIG_P2P 4698 if (params->p2p_go_ctwindow > 0) { 4699 if (drv->p2p_go_ctwindow_supported) { 4700 wpa_printf(MSG_DEBUG, "nl80211: P2P GO ctwindow=%d", 4701 params->p2p_go_ctwindow); 4702 if (nla_put_u8(msg, NL80211_ATTR_P2P_CTWINDOW, 4703 params->p2p_go_ctwindow)) 4704 goto fail; 4705 } else { 4706 wpa_printf(MSG_INFO, 4707 "nl80211: Driver does not support CTWindow configuration - ignore this parameter"); 4708 } 4709 } 4710 #endif /* CONFIG_P2P */ 4711 4712 if (params->pbss) { 4713 wpa_printf(MSG_DEBUG, "nl80211: PBSS"); 4714 if (nla_put_flag(msg, NL80211_ATTR_PBSS)) 4715 goto fail; 4716 } 4717 4718 if (params->ftm_responder) { 4719 struct nlattr *ftm; 4720 4721 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_FTM_RESPONDER)) { 4722 ret = -ENOTSUP; 4723 goto fail; 4724 } 4725 4726 ftm = nla_nest_start(msg, NL80211_ATTR_FTM_RESPONDER); 4727 if (!ftm || 4728 nla_put_flag(msg, NL80211_FTM_RESP_ATTR_ENABLED) || 4729 (params->lci && 4730 nla_put(msg, NL80211_FTM_RESP_ATTR_LCI, 4731 wpabuf_len(params->lci), 4732 wpabuf_head(params->lci))) || 4733 (params->civic && 4734 nla_put(msg, NL80211_FTM_RESP_ATTR_CIVICLOC, 4735 wpabuf_len(params->civic), 4736 wpabuf_head(params->civic)))) 4737 goto fail; 4738 nla_nest_end(msg, ftm); 4739 } 4740 4741 #ifdef CONFIG_IEEE80211AX 4742 if (params->he_spr_ctrl) { 4743 struct nlattr *spr; 4744 4745 spr = nla_nest_start(msg, NL80211_ATTR_HE_OBSS_PD); 4746 wpa_printf(MSG_DEBUG, "nl80211: he_spr_ctrl=0x%x", 4747 params->he_spr_ctrl); 4748 4749 if (!spr || 4750 nla_put_u8(msg, NL80211_HE_OBSS_PD_ATTR_SR_CTRL, 4751 params->he_spr_ctrl) || 4752 ((params->he_spr_ctrl & 4753 SPATIAL_REUSE_NON_SRG_OFFSET_PRESENT) && 4754 nla_put_u8(msg, NL80211_HE_OBSS_PD_ATTR_NON_SRG_MAX_OFFSET, 4755 params->he_spr_non_srg_obss_pd_max_offset))) 4756 goto fail; 4757 4758 if ((params->he_spr_ctrl & 4759 SPATIAL_REUSE_SRG_INFORMATION_PRESENT) && 4760 (nla_put_u8(msg, NL80211_HE_OBSS_PD_ATTR_MIN_OFFSET, 4761 params->he_spr_srg_obss_pd_min_offset) || 4762 nla_put_u8(msg, NL80211_HE_OBSS_PD_ATTR_MAX_OFFSET, 4763 params->he_spr_srg_obss_pd_max_offset) || 4764 nla_put(msg, NL80211_HE_OBSS_PD_ATTR_BSS_COLOR_BITMAP, 4765 sizeof(params->he_spr_bss_color_bitmap), 4766 params->he_spr_bss_color_bitmap) || 4767 nla_put(msg, NL80211_HE_OBSS_PD_ATTR_PARTIAL_BSSID_BITMAP, 4768 sizeof(params->he_spr_partial_bssid_bitmap), 4769 params->he_spr_partial_bssid_bitmap))) 4770 goto fail; 4771 4772 nla_nest_end(msg, spr); 4773 } 4774 4775 if (params->freq && params->freq->he_enabled) { 4776 struct nlattr *bss_color; 4777 4778 bss_color = nla_nest_start(msg, NL80211_ATTR_HE_BSS_COLOR); 4779 if (!bss_color || 4780 (params->he_bss_color_disabled && 4781 nla_put_flag(msg, NL80211_HE_BSS_COLOR_ATTR_DISABLED)) || 4782 (params->he_bss_color_partial && 4783 nla_put_flag(msg, NL80211_HE_BSS_COLOR_ATTR_PARTIAL)) || 4784 nla_put_u8(msg, NL80211_HE_BSS_COLOR_ATTR_COLOR, 4785 params->he_bss_color)) 4786 goto fail; 4787 nla_nest_end(msg, bss_color); 4788 } 4789 4790 if (params->twt_responder) { 4791 wpa_printf(MSG_DEBUG, "nl80211: twt_responder=%d", 4792 params->twt_responder); 4793 if (nla_put_flag(msg, NL80211_ATTR_TWT_RESPONDER)) 4794 goto fail; 4795 } 4796 4797 if (params->unsol_bcast_probe_resp_interval && 4798 nl80211_unsol_bcast_probe_resp(bss, msg, params) < 0) 4799 goto fail; 4800 #endif /* CONFIG_IEEE80211AX */ 4801 4802 #ifdef CONFIG_SAE 4803 if (((params->key_mgmt_suites & WPA_KEY_MGMT_SAE) || 4804 (params->key_mgmt_suites & WPA_KEY_MGMT_FT_SAE)) && 4805 nl80211_put_sae_pwe(msg, params->sae_pwe) < 0) 4806 goto fail; 4807 #endif /* CONFIG_SAE */ 4808 4809 #ifdef CONFIG_FILS 4810 if (params->fd_max_int && nl80211_fils_discovery(bss, msg, params) < 0) 4811 goto fail; 4812 #endif /* CONFIG_FILS */ 4813 4814 ret = send_and_recv_msgs_connect_handle(drv, msg, bss, 1); 4815 if (ret) { 4816 wpa_printf(MSG_DEBUG, "nl80211: Beacon set failed: %d (%s)", 4817 ret, strerror(-ret)); 4818 } else { 4819 bss->beacon_set = 1; 4820 nl80211_set_bss(bss, params->cts_protect, params->preamble, 4821 params->short_slot_time, params->ht_opmode, 4822 params->isolate, params->basic_rates); 4823 nl80211_set_multicast_to_unicast(bss, 4824 params->multicast_to_unicast); 4825 if (beacon_set && params->freq && 4826 params->freq->bandwidth != bss->bandwidth) { 4827 wpa_printf(MSG_DEBUG, 4828 "nl80211: Update BSS %s bandwidth: %d -> %d", 4829 bss->ifname, bss->bandwidth, 4830 params->freq->bandwidth); 4831 ret = nl80211_set_channel(bss, params->freq, 1); 4832 if (ret) { 4833 wpa_printf(MSG_DEBUG, 4834 "nl80211: Frequency set failed: %d (%s)", 4835 ret, strerror(-ret)); 4836 } else { 4837 wpa_printf(MSG_DEBUG, 4838 "nl80211: Frequency set succeeded for ht2040 coex"); 4839 bss->bandwidth = params->freq->bandwidth; 4840 } 4841 } else if (!beacon_set && params->freq) { 4842 /* 4843 * cfg80211 updates the driver on frequence change in AP 4844 * mode only at the point when beaconing is started, so 4845 * set the initial value here. 4846 */ 4847 bss->bandwidth = params->freq->bandwidth; 4848 } 4849 } 4850 4851 #ifdef CONFIG_MESH 4852 if (is_mesh_interface(drv->nlmode) && params->ht_opmode != -1) { 4853 os_memset(&mesh_params, 0, sizeof(mesh_params)); 4854 mesh_params.flags |= WPA_DRIVER_MESH_CONF_FLAG_HT_OP_MODE; 4855 mesh_params.ht_opmode = params->ht_opmode; 4856 ret = nl80211_set_mesh_config(priv, &mesh_params); 4857 if (ret < 0) 4858 return ret; 4859 } 4860 #endif /* CONFIG_MESH */ 4861 4862 return ret; 4863 fail: 4864 nlmsg_free(msg); 4865 return ret; 4866 } 4867 4868 4869 static int nl80211_put_freq_params(struct nl_msg *msg, 4870 const struct hostapd_freq_params *freq) 4871 { 4872 enum hostapd_hw_mode hw_mode; 4873 int is_24ghz; 4874 u8 channel; 4875 4876 wpa_printf(MSG_DEBUG, " * freq=%d", freq->freq); 4877 if (nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, freq->freq)) 4878 return -ENOBUFS; 4879 4880 wpa_printf(MSG_DEBUG, " * he_enabled=%d", freq->he_enabled); 4881 wpa_printf(MSG_DEBUG, " * vht_enabled=%d", freq->vht_enabled); 4882 wpa_printf(MSG_DEBUG, " * ht_enabled=%d", freq->ht_enabled); 4883 4884 hw_mode = ieee80211_freq_to_chan(freq->freq, &channel); 4885 is_24ghz = hw_mode == HOSTAPD_MODE_IEEE80211G || 4886 hw_mode == HOSTAPD_MODE_IEEE80211B; 4887 4888 if (freq->vht_enabled || (freq->he_enabled && !is_24ghz)) { 4889 enum nl80211_chan_width cw; 4890 4891 wpa_printf(MSG_DEBUG, " * bandwidth=%d", freq->bandwidth); 4892 switch (freq->bandwidth) { 4893 case 20: 4894 cw = NL80211_CHAN_WIDTH_20; 4895 break; 4896 case 40: 4897 cw = NL80211_CHAN_WIDTH_40; 4898 break; 4899 case 80: 4900 if (freq->center_freq2) 4901 cw = NL80211_CHAN_WIDTH_80P80; 4902 else 4903 cw = NL80211_CHAN_WIDTH_80; 4904 break; 4905 case 160: 4906 cw = NL80211_CHAN_WIDTH_160; 4907 break; 4908 default: 4909 return -EINVAL; 4910 } 4911 4912 wpa_printf(MSG_DEBUG, " * channel_width=%d", cw); 4913 wpa_printf(MSG_DEBUG, " * center_freq1=%d", 4914 freq->center_freq1); 4915 wpa_printf(MSG_DEBUG, " * center_freq2=%d", 4916 freq->center_freq2); 4917 if (nla_put_u32(msg, NL80211_ATTR_CHANNEL_WIDTH, cw) || 4918 nla_put_u32(msg, NL80211_ATTR_CENTER_FREQ1, 4919 freq->center_freq1) || 4920 (freq->center_freq2 && 4921 nla_put_u32(msg, NL80211_ATTR_CENTER_FREQ2, 4922 freq->center_freq2))) 4923 return -ENOBUFS; 4924 } else if (freq->ht_enabled) { 4925 enum nl80211_channel_type ct; 4926 4927 wpa_printf(MSG_DEBUG, " * sec_channel_offset=%d", 4928 freq->sec_channel_offset); 4929 switch (freq->sec_channel_offset) { 4930 case -1: 4931 ct = NL80211_CHAN_HT40MINUS; 4932 break; 4933 case 1: 4934 ct = NL80211_CHAN_HT40PLUS; 4935 break; 4936 default: 4937 ct = NL80211_CHAN_HT20; 4938 break; 4939 } 4940 4941 wpa_printf(MSG_DEBUG, " * channel_type=%d", ct); 4942 if (nla_put_u32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE, ct)) 4943 return -ENOBUFS; 4944 } else if (freq->edmg.channels && freq->edmg.bw_config) { 4945 wpa_printf(MSG_DEBUG, 4946 " * EDMG configuration: channels=0x%x bw_config=%d", 4947 freq->edmg.channels, freq->edmg.bw_config); 4948 if (nla_put_u8(msg, NL80211_ATTR_WIPHY_EDMG_CHANNELS, 4949 freq->edmg.channels) || 4950 nla_put_u8(msg, NL80211_ATTR_WIPHY_EDMG_BW_CONFIG, 4951 freq->edmg.bw_config)) 4952 return -1; 4953 } else { 4954 wpa_printf(MSG_DEBUG, " * channel_type=%d", 4955 NL80211_CHAN_NO_HT); 4956 if (nla_put_u32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE, 4957 NL80211_CHAN_NO_HT)) 4958 return -ENOBUFS; 4959 } 4960 return 0; 4961 } 4962 4963 4964 static int nl80211_set_channel(struct i802_bss *bss, 4965 struct hostapd_freq_params *freq, int set_chan) 4966 { 4967 struct wpa_driver_nl80211_data *drv = bss->drv; 4968 struct nl_msg *msg; 4969 int ret; 4970 4971 wpa_printf(MSG_DEBUG, 4972 "nl80211: Set freq %d (ht_enabled=%d, vht_enabled=%d, he_enabled=%d, bandwidth=%d MHz, cf1=%d MHz, cf2=%d MHz)", 4973 freq->freq, freq->ht_enabled, freq->vht_enabled, freq->he_enabled, 4974 freq->bandwidth, freq->center_freq1, freq->center_freq2); 4975 4976 msg = nl80211_drv_msg(drv, 0, set_chan ? NL80211_CMD_SET_CHANNEL : 4977 NL80211_CMD_SET_WIPHY); 4978 if (!msg || nl80211_put_freq_params(msg, freq) < 0) { 4979 nlmsg_free(msg); 4980 return -1; 4981 } 4982 4983 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); 4984 if (ret == 0) { 4985 bss->freq = freq->freq; 4986 return 0; 4987 } 4988 wpa_printf(MSG_DEBUG, "nl80211: Failed to set channel (freq=%d): " 4989 "%d (%s)", freq->freq, ret, strerror(-ret)); 4990 return -1; 4991 } 4992 4993 4994 static u32 sta_flags_nl80211(int flags) 4995 { 4996 u32 f = 0; 4997 4998 if (flags & WPA_STA_AUTHORIZED) 4999 f |= BIT(NL80211_STA_FLAG_AUTHORIZED); 5000 if (flags & WPA_STA_WMM) 5001 f |= BIT(NL80211_STA_FLAG_WME); 5002 if (flags & WPA_STA_SHORT_PREAMBLE) 5003 f |= BIT(NL80211_STA_FLAG_SHORT_PREAMBLE); 5004 if (flags & WPA_STA_MFP) 5005 f |= BIT(NL80211_STA_FLAG_MFP); 5006 if (flags & WPA_STA_TDLS_PEER) 5007 f |= BIT(NL80211_STA_FLAG_TDLS_PEER); 5008 if (flags & WPA_STA_AUTHENTICATED) 5009 f |= BIT(NL80211_STA_FLAG_AUTHENTICATED); 5010 if (flags & WPA_STA_ASSOCIATED) 5011 f |= BIT(NL80211_STA_FLAG_ASSOCIATED); 5012 5013 return f; 5014 } 5015 5016 5017 #ifdef CONFIG_MESH 5018 static u32 sta_plink_state_nl80211(enum mesh_plink_state state) 5019 { 5020 switch (state) { 5021 case PLINK_IDLE: 5022 return NL80211_PLINK_LISTEN; 5023 case PLINK_OPN_SNT: 5024 return NL80211_PLINK_OPN_SNT; 5025 case PLINK_OPN_RCVD: 5026 return NL80211_PLINK_OPN_RCVD; 5027 case PLINK_CNF_RCVD: 5028 return NL80211_PLINK_CNF_RCVD; 5029 case PLINK_ESTAB: 5030 return NL80211_PLINK_ESTAB; 5031 case PLINK_HOLDING: 5032 return NL80211_PLINK_HOLDING; 5033 case PLINK_BLOCKED: 5034 return NL80211_PLINK_BLOCKED; 5035 default: 5036 wpa_printf(MSG_ERROR, "nl80211: Invalid mesh plink state %d", 5037 state); 5038 } 5039 return -1; 5040 } 5041 #endif /* CONFIG_MESH */ 5042 5043 5044 static int wpa_driver_nl80211_sta_add(void *priv, 5045 struct hostapd_sta_add_params *params) 5046 { 5047 struct i802_bss *bss = priv; 5048 struct wpa_driver_nl80211_data *drv = bss->drv; 5049 struct nl_msg *msg; 5050 struct nl80211_sta_flag_update upd; 5051 int ret = -ENOBUFS; 5052 5053 if ((params->flags & WPA_STA_TDLS_PEER) && 5054 !(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT)) 5055 return -EOPNOTSUPP; 5056 5057 wpa_printf(MSG_DEBUG, "nl80211: %s STA " MACSTR, 5058 params->set ? "Set" : "Add", MAC2STR(params->addr)); 5059 msg = nl80211_bss_msg(bss, 0, params->set ? NL80211_CMD_SET_STATION : 5060 NL80211_CMD_NEW_STATION); 5061 if (!msg || nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, params->addr)) 5062 goto fail; 5063 5064 /* 5065 * Set the below properties only in one of the following cases: 5066 * 1. New station is added, already associated. 5067 * 2. Set WPA_STA_TDLS_PEER station. 5068 * 3. Set an already added unassociated station, if driver supports 5069 * full AP client state. (Set these properties after station became 5070 * associated will be rejected by the driver). 5071 */ 5072 if (!params->set || (params->flags & WPA_STA_TDLS_PEER) || 5073 (params->set && FULL_AP_CLIENT_STATE_SUPP(drv->capa.flags) && 5074 (params->flags & WPA_STA_ASSOCIATED))) { 5075 wpa_hexdump(MSG_DEBUG, " * supported rates", 5076 params->supp_rates, params->supp_rates_len); 5077 wpa_printf(MSG_DEBUG, " * capability=0x%x", 5078 params->capability); 5079 if (nla_put(msg, NL80211_ATTR_STA_SUPPORTED_RATES, 5080 params->supp_rates_len, params->supp_rates) || 5081 nla_put_u16(msg, NL80211_ATTR_STA_CAPABILITY, 5082 params->capability)) 5083 goto fail; 5084 5085 if (params->ht_capabilities) { 5086 wpa_hexdump(MSG_DEBUG, " * ht_capabilities", 5087 (u8 *) params->ht_capabilities, 5088 sizeof(*params->ht_capabilities)); 5089 if (nla_put(msg, NL80211_ATTR_HT_CAPABILITY, 5090 sizeof(*params->ht_capabilities), 5091 params->ht_capabilities)) 5092 goto fail; 5093 } 5094 5095 if (params->vht_capabilities) { 5096 wpa_hexdump(MSG_DEBUG, " * vht_capabilities", 5097 (u8 *) params->vht_capabilities, 5098 sizeof(*params->vht_capabilities)); 5099 if (nla_put(msg, NL80211_ATTR_VHT_CAPABILITY, 5100 sizeof(*params->vht_capabilities), 5101 params->vht_capabilities)) 5102 goto fail; 5103 } 5104 5105 if (params->he_capab) { 5106 wpa_hexdump(MSG_DEBUG, " * he_capab", 5107 params->he_capab, params->he_capab_len); 5108 if (nla_put(msg, NL80211_ATTR_HE_CAPABILITY, 5109 params->he_capab_len, params->he_capab)) 5110 goto fail; 5111 } 5112 5113 if (params->he_6ghz_capab) { 5114 wpa_hexdump(MSG_DEBUG, " * he_6ghz_capab", 5115 params->he_6ghz_capab, 5116 sizeof(*params->he_6ghz_capab)); 5117 if (nla_put(msg, NL80211_ATTR_HE_6GHZ_CAPABILITY, 5118 sizeof(*params->he_6ghz_capab), 5119 params->he_6ghz_capab)) 5120 goto fail; 5121 } 5122 5123 if (params->ext_capab) { 5124 wpa_hexdump(MSG_DEBUG, " * ext_capab", 5125 params->ext_capab, params->ext_capab_len); 5126 if (nla_put(msg, NL80211_ATTR_STA_EXT_CAPABILITY, 5127 params->ext_capab_len, params->ext_capab)) 5128 goto fail; 5129 } 5130 5131 if (is_ap_interface(drv->nlmode) && 5132 nla_put_u8(msg, NL80211_ATTR_STA_SUPPORT_P2P_PS, 5133 params->support_p2p_ps ? 5134 NL80211_P2P_PS_SUPPORTED : 5135 NL80211_P2P_PS_UNSUPPORTED)) 5136 goto fail; 5137 } 5138 if (!params->set) { 5139 if (params->aid) { 5140 wpa_printf(MSG_DEBUG, " * aid=%u", params->aid); 5141 if (nla_put_u16(msg, NL80211_ATTR_STA_AID, params->aid)) 5142 goto fail; 5143 } else { 5144 /* 5145 * cfg80211 validates that AID is non-zero, so we have 5146 * to make this a non-zero value for the TDLS case where 5147 * a dummy STA entry is used for now and for a station 5148 * that is still not associated. 5149 */ 5150 wpa_printf(MSG_DEBUG, " * aid=1 (%s workaround)", 5151 (params->flags & WPA_STA_TDLS_PEER) ? 5152 "TDLS" : "UNASSOC_STA"); 5153 if (nla_put_u16(msg, NL80211_ATTR_STA_AID, 1)) 5154 goto fail; 5155 } 5156 wpa_printf(MSG_DEBUG, " * listen_interval=%u", 5157 params->listen_interval); 5158 if (nla_put_u16(msg, NL80211_ATTR_STA_LISTEN_INTERVAL, 5159 params->listen_interval)) 5160 goto fail; 5161 } else if (params->aid && (params->flags & WPA_STA_TDLS_PEER)) { 5162 wpa_printf(MSG_DEBUG, " * peer_aid=%u", params->aid); 5163 if (nla_put_u16(msg, NL80211_ATTR_PEER_AID, params->aid)) 5164 goto fail; 5165 } else if (FULL_AP_CLIENT_STATE_SUPP(drv->capa.flags) && 5166 (params->flags & WPA_STA_ASSOCIATED)) { 5167 wpa_printf(MSG_DEBUG, " * aid=%u", params->aid); 5168 wpa_printf(MSG_DEBUG, " * listen_interval=%u", 5169 params->listen_interval); 5170 if (nla_put_u16(msg, NL80211_ATTR_STA_AID, params->aid) || 5171 nla_put_u16(msg, NL80211_ATTR_STA_LISTEN_INTERVAL, 5172 params->listen_interval)) 5173 goto fail; 5174 } 5175 5176 if (params->vht_opmode_enabled) { 5177 wpa_printf(MSG_DEBUG, " * opmode=%u", params->vht_opmode); 5178 if (nla_put_u8(msg, NL80211_ATTR_OPMODE_NOTIF, 5179 params->vht_opmode)) 5180 goto fail; 5181 } 5182 5183 if (params->supp_channels) { 5184 wpa_hexdump(MSG_DEBUG, " * supported channels", 5185 params->supp_channels, params->supp_channels_len); 5186 if (nla_put(msg, NL80211_ATTR_STA_SUPPORTED_CHANNELS, 5187 params->supp_channels_len, params->supp_channels)) 5188 goto fail; 5189 } 5190 5191 if (params->supp_oper_classes) { 5192 wpa_hexdump(MSG_DEBUG, " * supported operating classes", 5193 params->supp_oper_classes, 5194 params->supp_oper_classes_len); 5195 if (nla_put(msg, NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES, 5196 params->supp_oper_classes_len, 5197 params->supp_oper_classes)) 5198 goto fail; 5199 } 5200 5201 os_memset(&upd, 0, sizeof(upd)); 5202 upd.set = sta_flags_nl80211(params->flags); 5203 upd.mask = upd.set | sta_flags_nl80211(params->flags_mask); 5204 5205 /* 5206 * If the driver doesn't support full AP client state, ignore ASSOC/AUTH 5207 * flags, as nl80211 driver moves a new station, by default, into 5208 * associated state. 5209 * 5210 * On the other hand, if the driver supports that feature and the 5211 * station is added in unauthenticated state, set the 5212 * authenticated/associated bits in the mask to prevent moving this 5213 * station to associated state before it is actually associated. 5214 * 5215 * This is irrelevant for mesh mode where the station is added to the 5216 * driver as authenticated already, and ASSOCIATED isn't part of the 5217 * nl80211 API. 5218 */ 5219 if (!is_mesh_interface(drv->nlmode)) { 5220 if (!FULL_AP_CLIENT_STATE_SUPP(drv->capa.flags)) { 5221 wpa_printf(MSG_DEBUG, 5222 "nl80211: Ignore ASSOC/AUTH flags since driver doesn't support full AP client state"); 5223 upd.mask &= ~(BIT(NL80211_STA_FLAG_ASSOCIATED) | 5224 BIT(NL80211_STA_FLAG_AUTHENTICATED)); 5225 } else if (!params->set && 5226 !(params->flags & WPA_STA_TDLS_PEER)) { 5227 if (!(params->flags & WPA_STA_AUTHENTICATED)) 5228 upd.mask |= BIT(NL80211_STA_FLAG_AUTHENTICATED); 5229 if (!(params->flags & WPA_STA_ASSOCIATED)) 5230 upd.mask |= BIT(NL80211_STA_FLAG_ASSOCIATED); 5231 } 5232 #ifdef CONFIG_MESH 5233 } else { 5234 if (params->plink_state == PLINK_ESTAB && params->peer_aid) { 5235 ret = nla_put_u16(msg, NL80211_ATTR_MESH_PEER_AID, 5236 params->peer_aid); 5237 if (ret) 5238 goto fail; 5239 } 5240 #endif /* CONFIG_MESH */ 5241 } 5242 5243 wpa_printf(MSG_DEBUG, " * flags set=0x%x mask=0x%x", 5244 upd.set, upd.mask); 5245 if (nla_put(msg, NL80211_ATTR_STA_FLAGS2, sizeof(upd), &upd)) 5246 goto fail; 5247 5248 #ifdef CONFIG_MESH 5249 if (params->plink_state && 5250 nla_put_u8(msg, NL80211_ATTR_STA_PLINK_STATE, 5251 sta_plink_state_nl80211(params->plink_state))) 5252 goto fail; 5253 #endif /* CONFIG_MESH */ 5254 5255 if ((!params->set || (params->flags & WPA_STA_TDLS_PEER) || 5256 FULL_AP_CLIENT_STATE_SUPP(drv->capa.flags)) && 5257 (params->flags & WPA_STA_WMM)) { 5258 struct nlattr *wme = nla_nest_start(msg, NL80211_ATTR_STA_WME); 5259 5260 wpa_printf(MSG_DEBUG, " * qosinfo=0x%x", params->qosinfo); 5261 if (!wme || 5262 nla_put_u8(msg, NL80211_STA_WME_UAPSD_QUEUES, 5263 params->qosinfo & WMM_QOSINFO_STA_AC_MASK) || 5264 nla_put_u8(msg, NL80211_STA_WME_MAX_SP, 5265 (params->qosinfo >> WMM_QOSINFO_STA_SP_SHIFT) & 5266 WMM_QOSINFO_STA_SP_MASK)) 5267 goto fail; 5268 nla_nest_end(msg, wme); 5269 } 5270 5271 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); 5272 msg = NULL; 5273 if (ret) 5274 wpa_printf(MSG_DEBUG, "nl80211: NL80211_CMD_%s_STATION " 5275 "result: %d (%s)", params->set ? "SET" : "NEW", ret, 5276 strerror(-ret)); 5277 if (ret == -EEXIST) 5278 ret = 0; 5279 fail: 5280 nlmsg_free(msg); 5281 return ret; 5282 } 5283 5284 5285 static void rtnl_neigh_delete_fdb_entry(struct i802_bss *bss, const u8 *addr) 5286 { 5287 #ifdef CONFIG_LIBNL3_ROUTE 5288 struct wpa_driver_nl80211_data *drv = bss->drv; 5289 struct rtnl_neigh *rn; 5290 struct nl_addr *nl_addr; 5291 int err; 5292 5293 rn = rtnl_neigh_alloc(); 5294 if (!rn) 5295 return; 5296 5297 rtnl_neigh_set_family(rn, AF_BRIDGE); 5298 rtnl_neigh_set_ifindex(rn, bss->ifindex); 5299 nl_addr = nl_addr_build(AF_BRIDGE, (void *) addr, ETH_ALEN); 5300 if (!nl_addr) { 5301 rtnl_neigh_put(rn); 5302 return; 5303 } 5304 rtnl_neigh_set_lladdr(rn, nl_addr); 5305 5306 err = rtnl_neigh_delete(drv->rtnl_sk, rn, 0); 5307 if (err < 0) { 5308 wpa_printf(MSG_DEBUG, "nl80211: bridge FDB entry delete for " 5309 MACSTR " ifindex=%d failed: %s", MAC2STR(addr), 5310 bss->ifindex, nl_geterror(err)); 5311 } else { 5312 wpa_printf(MSG_DEBUG, "nl80211: deleted bridge FDB entry for " 5313 MACSTR, MAC2STR(addr)); 5314 } 5315 5316 nl_addr_put(nl_addr); 5317 rtnl_neigh_put(rn); 5318 #endif /* CONFIG_LIBNL3_ROUTE */ 5319 } 5320 5321 5322 static int wpa_driver_nl80211_sta_remove(struct i802_bss *bss, const u8 *addr, 5323 int deauth, u16 reason_code) 5324 { 5325 struct wpa_driver_nl80211_data *drv = bss->drv; 5326 struct nl_msg *msg; 5327 int ret; 5328 5329 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_DEL_STATION)) || 5330 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr) || 5331 (deauth == 0 && 5332 nla_put_u8(msg, NL80211_ATTR_MGMT_SUBTYPE, 5333 WLAN_FC_STYPE_DISASSOC)) || 5334 (deauth == 1 && 5335 nla_put_u8(msg, NL80211_ATTR_MGMT_SUBTYPE, 5336 WLAN_FC_STYPE_DEAUTH)) || 5337 (reason_code && 5338 nla_put_u16(msg, NL80211_ATTR_REASON_CODE, reason_code))) { 5339 nlmsg_free(msg); 5340 return -ENOBUFS; 5341 } 5342 5343 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); 5344 wpa_printf(MSG_DEBUG, "nl80211: sta_remove -> DEL_STATION %s " MACSTR 5345 " --> %d (%s)", 5346 bss->ifname, MAC2STR(addr), ret, strerror(-ret)); 5347 5348 if (drv->rtnl_sk) 5349 rtnl_neigh_delete_fdb_entry(bss, addr); 5350 5351 if (ret == -ENOENT) 5352 return 0; 5353 return ret; 5354 } 5355 5356 5357 void nl80211_remove_iface(struct wpa_driver_nl80211_data *drv, int ifidx) 5358 { 5359 struct nl_msg *msg; 5360 struct wpa_driver_nl80211_data *drv2; 5361 5362 wpa_printf(MSG_DEBUG, "nl80211: Remove interface ifindex=%d", ifidx); 5363 5364 /* stop listening for EAPOL on this interface */ 5365 dl_list_for_each(drv2, &drv->global->interfaces, 5366 struct wpa_driver_nl80211_data, list) 5367 { 5368 del_ifidx(drv2, ifidx, IFIDX_ANY); 5369 /* Remove all bridges learned for this iface */ 5370 del_ifidx(drv2, IFIDX_ANY, ifidx); 5371 } 5372 5373 msg = nl80211_ifindex_msg(drv, ifidx, 0, NL80211_CMD_DEL_INTERFACE); 5374 if (send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL) == 0) 5375 return; 5376 wpa_printf(MSG_ERROR, "Failed to remove interface (ifidx=%d)", ifidx); 5377 } 5378 5379 5380 const char * nl80211_iftype_str(enum nl80211_iftype mode) 5381 { 5382 switch (mode) { 5383 case NL80211_IFTYPE_ADHOC: 5384 return "ADHOC"; 5385 case NL80211_IFTYPE_STATION: 5386 return "STATION"; 5387 case NL80211_IFTYPE_AP: 5388 return "AP"; 5389 case NL80211_IFTYPE_AP_VLAN: 5390 return "AP_VLAN"; 5391 case NL80211_IFTYPE_WDS: 5392 return "WDS"; 5393 case NL80211_IFTYPE_MONITOR: 5394 return "MONITOR"; 5395 case NL80211_IFTYPE_MESH_POINT: 5396 return "MESH_POINT"; 5397 case NL80211_IFTYPE_P2P_CLIENT: 5398 return "P2P_CLIENT"; 5399 case NL80211_IFTYPE_P2P_GO: 5400 return "P2P_GO"; 5401 case NL80211_IFTYPE_P2P_DEVICE: 5402 return "P2P_DEVICE"; 5403 case NL80211_IFTYPE_OCB: 5404 return "OCB"; 5405 case NL80211_IFTYPE_NAN: 5406 return "NAN"; 5407 default: 5408 return "unknown"; 5409 } 5410 } 5411 5412 5413 static int nl80211_create_iface_once(struct wpa_driver_nl80211_data *drv, 5414 const char *ifname, 5415 enum nl80211_iftype iftype, 5416 const u8 *addr, int wds, 5417 int (*handler)(struct nl_msg *, void *), 5418 void *arg) 5419 { 5420 struct nl_msg *msg; 5421 int ifidx; 5422 int ret = -ENOBUFS; 5423 5424 wpa_printf(MSG_DEBUG, "nl80211: Create interface iftype %d (%s)", 5425 iftype, nl80211_iftype_str(iftype)); 5426 5427 msg = nl80211_cmd_msg(drv->first_bss, 0, NL80211_CMD_NEW_INTERFACE); 5428 if (!msg || 5429 nla_put_string(msg, NL80211_ATTR_IFNAME, ifname) || 5430 nla_put_u32(msg, NL80211_ATTR_IFTYPE, iftype)) 5431 goto fail; 5432 5433 if (iftype == NL80211_IFTYPE_MONITOR) { 5434 struct nlattr *flags; 5435 5436 flags = nla_nest_start(msg, NL80211_ATTR_MNTR_FLAGS); 5437 if (!flags || 5438 nla_put_flag(msg, NL80211_MNTR_FLAG_COOK_FRAMES)) 5439 goto fail; 5440 5441 nla_nest_end(msg, flags); 5442 } else if (wds) { 5443 if (nla_put_u8(msg, NL80211_ATTR_4ADDR, wds)) 5444 goto fail; 5445 } 5446 5447 /* 5448 * Tell cfg80211 that the interface belongs to the socket that created 5449 * it, and the interface should be deleted when the socket is closed. 5450 */ 5451 if (nla_put_flag(msg, NL80211_ATTR_IFACE_SOCKET_OWNER)) 5452 goto fail; 5453 5454 if ((addr && iftype == NL80211_IFTYPE_P2P_DEVICE) && 5455 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) 5456 goto fail; 5457 5458 ret = send_and_recv_msgs(drv, msg, handler, arg, NULL, NULL); 5459 msg = NULL; 5460 if (ret) { 5461 fail: 5462 nlmsg_free(msg); 5463 wpa_printf(MSG_ERROR, "Failed to create interface %s: %d (%s)", 5464 ifname, ret, strerror(-ret)); 5465 return ret; 5466 } 5467 5468 if (iftype == NL80211_IFTYPE_P2P_DEVICE) 5469 return 0; 5470 5471 ifidx = if_nametoindex(ifname); 5472 wpa_printf(MSG_DEBUG, "nl80211: New interface %s created: ifindex=%d", 5473 ifname, ifidx); 5474 5475 if (ifidx <= 0) 5476 return -1; 5477 5478 /* 5479 * Some virtual interfaces need to process EAPOL packets and events on 5480 * the parent interface. This is used mainly with hostapd. 5481 */ 5482 if (drv->hostapd || 5483 iftype == NL80211_IFTYPE_AP_VLAN || 5484 iftype == NL80211_IFTYPE_WDS || 5485 iftype == NL80211_IFTYPE_MONITOR) { 5486 /* start listening for EAPOL on this interface */ 5487 add_ifidx(drv, ifidx, IFIDX_ANY); 5488 } 5489 5490 if (addr && iftype != NL80211_IFTYPE_MONITOR && 5491 linux_set_ifhwaddr(drv->global->ioctl_sock, ifname, addr)) { 5492 nl80211_remove_iface(drv, ifidx); 5493 return -1; 5494 } 5495 5496 return ifidx; 5497 } 5498 5499 5500 int nl80211_create_iface(struct wpa_driver_nl80211_data *drv, 5501 const char *ifname, enum nl80211_iftype iftype, 5502 const u8 *addr, int wds, 5503 int (*handler)(struct nl_msg *, void *), 5504 void *arg, int use_existing) 5505 { 5506 int ret; 5507 5508 ret = nl80211_create_iface_once(drv, ifname, iftype, addr, wds, handler, 5509 arg); 5510 5511 /* if error occurred and interface exists already */ 5512 if (ret == -ENFILE && if_nametoindex(ifname)) { 5513 if (use_existing) { 5514 wpa_printf(MSG_DEBUG, "nl80211: Continue using existing interface %s", 5515 ifname); 5516 if (addr && iftype != NL80211_IFTYPE_MONITOR && 5517 linux_set_ifhwaddr(drv->global->ioctl_sock, ifname, 5518 addr) < 0 && 5519 (linux_set_iface_flags(drv->global->ioctl_sock, 5520 ifname, 0) < 0 || 5521 linux_set_ifhwaddr(drv->global->ioctl_sock, ifname, 5522 addr) < 0 || 5523 linux_set_iface_flags(drv->global->ioctl_sock, 5524 ifname, 1) < 0)) 5525 return -1; 5526 return -ENFILE; 5527 } 5528 wpa_printf(MSG_INFO, "Try to remove and re-create %s", ifname); 5529 5530 /* Try to remove the interface that was already there. */ 5531 nl80211_remove_iface(drv, if_nametoindex(ifname)); 5532 5533 /* Try to create the interface again */ 5534 ret = nl80211_create_iface_once(drv, ifname, iftype, addr, 5535 wds, handler, arg); 5536 } 5537 5538 if (ret >= 0 && is_p2p_net_interface(iftype)) { 5539 wpa_printf(MSG_DEBUG, 5540 "nl80211: Interface %s created for P2P - disable 11b rates", 5541 ifname); 5542 nl80211_disable_11b_rates(drv, ret, 1); 5543 } 5544 5545 return ret; 5546 } 5547 5548 5549 static int nl80211_setup_ap(struct i802_bss *bss) 5550 { 5551 struct wpa_driver_nl80211_data *drv = bss->drv; 5552 5553 wpa_printf(MSG_DEBUG, "nl80211: Setup AP(%s) - device_ap_sme=%d use_monitor=%d", 5554 bss->ifname, drv->device_ap_sme, drv->use_monitor); 5555 5556 /* 5557 * Disable Probe Request reporting unless we need it in this way for 5558 * devices that include the AP SME, in the other case (unless using 5559 * monitor iface) we'll get it through the nl_mgmt socket instead. 5560 */ 5561 if (!drv->device_ap_sme) 5562 wpa_driver_nl80211_probe_req_report(bss, 0); 5563 5564 if (!drv->device_ap_sme && !drv->use_monitor) 5565 if (nl80211_mgmt_subscribe_ap(bss)) 5566 return -1; 5567 5568 if (drv->device_ap_sme && !drv->use_monitor) 5569 if (nl80211_mgmt_subscribe_ap_dev_sme(bss)) 5570 wpa_printf(MSG_DEBUG, 5571 "nl80211: Failed to subscribe for mgmt frames from SME driver - trying to run without it"); 5572 5573 if (!drv->device_ap_sme && drv->use_monitor && 5574 nl80211_create_monitor_interface(drv) && 5575 !drv->device_ap_sme) 5576 return -1; 5577 5578 if (drv->device_ap_sme && 5579 wpa_driver_nl80211_probe_req_report(bss, 1) < 0) { 5580 wpa_printf(MSG_DEBUG, "nl80211: Failed to enable " 5581 "Probe Request frame reporting in AP mode"); 5582 /* Try to survive without this */ 5583 } 5584 5585 return 0; 5586 } 5587 5588 5589 static void nl80211_teardown_ap(struct i802_bss *bss) 5590 { 5591 struct wpa_driver_nl80211_data *drv = bss->drv; 5592 5593 wpa_printf(MSG_DEBUG, "nl80211: Teardown AP(%s) - device_ap_sme=%d use_monitor=%d", 5594 bss->ifname, drv->device_ap_sme, drv->use_monitor); 5595 if (drv->device_ap_sme) { 5596 wpa_driver_nl80211_probe_req_report(bss, 0); 5597 if (!drv->use_monitor) 5598 nl80211_mgmt_unsubscribe(bss, "AP teardown (dev SME)"); 5599 } else if (drv->use_monitor) 5600 nl80211_remove_monitor_interface(drv); 5601 else 5602 nl80211_mgmt_unsubscribe(bss, "AP teardown"); 5603 5604 nl80211_put_wiphy_data_ap(bss); 5605 bss->beacon_set = 0; 5606 } 5607 5608 5609 static int nl80211_tx_control_port(void *priv, const u8 *dest, 5610 u16 proto, const u8 *buf, size_t len, 5611 int no_encrypt) 5612 { 5613 struct nl80211_ack_ext_arg ext_arg; 5614 struct i802_bss *bss = priv; 5615 struct nl_msg *msg; 5616 u64 cookie = 0; 5617 int ret; 5618 5619 wpa_printf(MSG_DEBUG, 5620 "nl80211: Send over control port dest=" MACSTR 5621 " proto=0x%04x len=%u no_encrypt=%d", 5622 MAC2STR(dest), proto, (unsigned int) len, no_encrypt); 5623 5624 msg = nl80211_bss_msg(bss, 0, NL80211_CMD_CONTROL_PORT_FRAME); 5625 if (!msg || 5626 nla_put_u16(msg, NL80211_ATTR_CONTROL_PORT_ETHERTYPE, proto) || 5627 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, dest) || 5628 nla_put(msg, NL80211_ATTR_FRAME, len, buf) || 5629 (no_encrypt && 5630 nla_put_flag(msg, NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT))) { 5631 nlmsg_free(msg); 5632 return -ENOBUFS; 5633 } 5634 5635 os_memset(&ext_arg, 0, sizeof(struct nl80211_ack_ext_arg)); 5636 ext_arg.ext_data = &cookie; 5637 ret = send_and_recv_msgs(bss->drv, msg, NULL, NULL, 5638 ack_handler_cookie, &ext_arg); 5639 if (ret) { 5640 wpa_printf(MSG_DEBUG, 5641 "nl80211: tx_control_port failed: ret=%d (%s)", 5642 ret, strerror(-ret)); 5643 } else { 5644 struct wpa_driver_nl80211_data *drv = bss->drv; 5645 5646 wpa_printf(MSG_DEBUG, 5647 "nl80211: tx_control_port cookie=0x%llx", 5648 (long long unsigned int) cookie); 5649 drv->eapol_tx_cookie = cookie; 5650 } 5651 5652 return ret; 5653 } 5654 5655 5656 static int nl80211_send_eapol_data(struct i802_bss *bss, 5657 const u8 *addr, const u8 *data, 5658 size_t data_len) 5659 { 5660 struct sockaddr_ll ll; 5661 int ret; 5662 5663 if (bss->drv->eapol_tx_sock < 0) { 5664 wpa_printf(MSG_DEBUG, "nl80211: No socket to send EAPOL"); 5665 return -1; 5666 } 5667 5668 os_memset(&ll, 0, sizeof(ll)); 5669 ll.sll_family = AF_PACKET; 5670 ll.sll_ifindex = bss->ifindex; 5671 ll.sll_protocol = htons(ETH_P_PAE); 5672 ll.sll_halen = ETH_ALEN; 5673 os_memcpy(ll.sll_addr, addr, ETH_ALEN); 5674 ret = sendto(bss->drv->eapol_tx_sock, data, data_len, 0, 5675 (struct sockaddr *) &ll, sizeof(ll)); 5676 if (ret < 0) 5677 wpa_printf(MSG_ERROR, "nl80211: EAPOL TX: %s", 5678 strerror(errno)); 5679 5680 return ret; 5681 } 5682 5683 5684 static const u8 rfc1042_header[6] = { 0xaa, 0xaa, 0x03, 0x00, 0x00, 0x00 }; 5685 5686 static int wpa_driver_nl80211_hapd_send_eapol( 5687 void *priv, const u8 *addr, const u8 *data, 5688 size_t data_len, int encrypt, const u8 *own_addr, u32 flags) 5689 { 5690 struct i802_bss *bss = priv; 5691 struct wpa_driver_nl80211_data *drv = bss->drv; 5692 struct ieee80211_hdr *hdr; 5693 size_t len; 5694 u8 *pos; 5695 int res; 5696 int qos = flags & WPA_STA_WMM; 5697 5698 /* For now, disable EAPOL TX over control port in AP mode by default 5699 * since it does not provide TX status notifications. */ 5700 if (drv->control_port_ap && 5701 (drv->capa.flags & WPA_DRIVER_FLAGS_CONTROL_PORT)) 5702 return nl80211_tx_control_port(bss, addr, ETH_P_EAPOL, 5703 data, data_len, !encrypt); 5704 5705 if (drv->device_ap_sme || !drv->use_monitor) 5706 return nl80211_send_eapol_data(bss, addr, data, data_len); 5707 5708 len = sizeof(*hdr) + (qos ? 2 : 0) + sizeof(rfc1042_header) + 2 + 5709 data_len; 5710 hdr = os_zalloc(len); 5711 if (hdr == NULL) { 5712 wpa_printf(MSG_INFO, "nl80211: Failed to allocate EAPOL buffer(len=%lu)", 5713 (unsigned long) len); 5714 return -1; 5715 } 5716 5717 hdr->frame_control = 5718 IEEE80211_FC(WLAN_FC_TYPE_DATA, WLAN_FC_STYPE_DATA); 5719 hdr->frame_control |= host_to_le16(WLAN_FC_FROMDS); 5720 if (encrypt) 5721 hdr->frame_control |= host_to_le16(WLAN_FC_ISWEP); 5722 if (qos) { 5723 hdr->frame_control |= 5724 host_to_le16(WLAN_FC_STYPE_QOS_DATA << 4); 5725 } 5726 5727 memcpy(hdr->IEEE80211_DA_FROMDS, addr, ETH_ALEN); 5728 memcpy(hdr->IEEE80211_BSSID_FROMDS, own_addr, ETH_ALEN); 5729 memcpy(hdr->IEEE80211_SA_FROMDS, own_addr, ETH_ALEN); 5730 pos = (u8 *) (hdr + 1); 5731 5732 if (qos) { 5733 /* Set highest priority in QoS header */ 5734 pos[0] = 7; 5735 pos[1] = 0; 5736 pos += 2; 5737 } 5738 5739 memcpy(pos, rfc1042_header, sizeof(rfc1042_header)); 5740 pos += sizeof(rfc1042_header); 5741 WPA_PUT_BE16(pos, ETH_P_PAE); 5742 pos += 2; 5743 memcpy(pos, data, data_len); 5744 5745 res = nl80211_send_monitor(drv, hdr, len, encrypt, 0); 5746 if (res < 0) { 5747 wpa_printf(MSG_ERROR, 5748 "hapd_send_eapol - packet len: %lu - failed", 5749 (unsigned long) len); 5750 } 5751 os_free(hdr); 5752 5753 return res; 5754 } 5755 5756 5757 static int wpa_driver_nl80211_sta_set_flags(void *priv, const u8 *addr, 5758 unsigned int total_flags, 5759 unsigned int flags_or, 5760 unsigned int flags_and) 5761 { 5762 struct i802_bss *bss = priv; 5763 struct nl_msg *msg; 5764 struct nlattr *flags; 5765 struct nl80211_sta_flag_update upd; 5766 5767 wpa_printf(MSG_DEBUG, "nl80211: Set STA flags - ifname=%s addr=" MACSTR 5768 " total_flags=0x%x flags_or=0x%x flags_and=0x%x authorized=%d", 5769 bss->ifname, MAC2STR(addr), total_flags, flags_or, flags_and, 5770 !!(total_flags & WPA_STA_AUTHORIZED)); 5771 5772 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_STATION)) || 5773 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) 5774 goto fail; 5775 5776 /* 5777 * Backwards compatibility version using NL80211_ATTR_STA_FLAGS. This 5778 * can be removed eventually. 5779 */ 5780 flags = nla_nest_start(msg, NL80211_ATTR_STA_FLAGS); 5781 if (!flags || 5782 ((total_flags & WPA_STA_AUTHORIZED) && 5783 nla_put_flag(msg, NL80211_STA_FLAG_AUTHORIZED)) || 5784 ((total_flags & WPA_STA_WMM) && 5785 nla_put_flag(msg, NL80211_STA_FLAG_WME)) || 5786 ((total_flags & WPA_STA_SHORT_PREAMBLE) && 5787 nla_put_flag(msg, NL80211_STA_FLAG_SHORT_PREAMBLE)) || 5788 ((total_flags & WPA_STA_MFP) && 5789 nla_put_flag(msg, NL80211_STA_FLAG_MFP)) || 5790 ((total_flags & WPA_STA_TDLS_PEER) && 5791 nla_put_flag(msg, NL80211_STA_FLAG_TDLS_PEER))) 5792 goto fail; 5793 5794 nla_nest_end(msg, flags); 5795 5796 os_memset(&upd, 0, sizeof(upd)); 5797 upd.mask = sta_flags_nl80211(flags_or | ~flags_and); 5798 upd.set = sta_flags_nl80211(flags_or); 5799 if (nla_put(msg, NL80211_ATTR_STA_FLAGS2, sizeof(upd), &upd)) 5800 goto fail; 5801 5802 return send_and_recv_msgs(bss->drv, msg, NULL, NULL, NULL, NULL); 5803 fail: 5804 nlmsg_free(msg); 5805 return -ENOBUFS; 5806 } 5807 5808 5809 static int driver_nl80211_sta_set_airtime_weight(void *priv, const u8 *addr, 5810 unsigned int weight) 5811 { 5812 struct i802_bss *bss = priv; 5813 struct nl_msg *msg; 5814 int ret; 5815 5816 wpa_printf(MSG_DEBUG, 5817 "nl80211: Set STA airtime weight - ifname=%s addr=" MACSTR 5818 " weight=%u", bss->ifname, MAC2STR(addr), weight); 5819 5820 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_STATION)) || 5821 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr) || 5822 nla_put_u16(msg, NL80211_ATTR_AIRTIME_WEIGHT, weight)) 5823 goto fail; 5824 5825 ret = send_and_recv_msgs(bss->drv, msg, NULL, NULL, NULL, NULL); 5826 if (ret) { 5827 wpa_printf(MSG_DEBUG, 5828 "nl80211: SET_STATION[AIRTIME_WEIGHT] failed: ret=%d (%s)", 5829 ret, strerror(-ret)); 5830 } 5831 return ret; 5832 fail: 5833 nlmsg_free(msg); 5834 return -ENOBUFS; 5835 } 5836 5837 5838 static int wpa_driver_nl80211_ap(struct wpa_driver_nl80211_data *drv, 5839 struct wpa_driver_associate_params *params) 5840 { 5841 enum nl80211_iftype nlmode, old_mode; 5842 5843 if (params->p2p) { 5844 wpa_printf(MSG_DEBUG, "nl80211: Setup AP operations for P2P " 5845 "group (GO)"); 5846 nlmode = NL80211_IFTYPE_P2P_GO; 5847 } else 5848 nlmode = NL80211_IFTYPE_AP; 5849 5850 old_mode = drv->nlmode; 5851 if (wpa_driver_nl80211_set_mode(drv->first_bss, nlmode)) { 5852 nl80211_remove_monitor_interface(drv); 5853 return -1; 5854 } 5855 5856 if (params->freq.freq && 5857 nl80211_set_channel(drv->first_bss, ¶ms->freq, 0)) { 5858 if (old_mode != nlmode) 5859 wpa_driver_nl80211_set_mode(drv->first_bss, old_mode); 5860 nl80211_remove_monitor_interface(drv); 5861 return -1; 5862 } 5863 5864 return 0; 5865 } 5866 5867 5868 static int nl80211_leave_ibss(struct wpa_driver_nl80211_data *drv, 5869 int reset_mode) 5870 { 5871 struct nl_msg *msg; 5872 int ret; 5873 5874 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_LEAVE_IBSS); 5875 ret = send_and_recv_msgs_connect_handle(drv, msg, drv->first_bss, 1); 5876 if (ret) { 5877 wpa_printf(MSG_DEBUG, "nl80211: Leave IBSS failed: ret=%d " 5878 "(%s)", ret, strerror(-ret)); 5879 } else { 5880 wpa_printf(MSG_DEBUG, 5881 "nl80211: Leave IBSS request sent successfully"); 5882 } 5883 5884 if (reset_mode && 5885 wpa_driver_nl80211_set_mode(drv->first_bss, 5886 NL80211_IFTYPE_STATION)) { 5887 wpa_printf(MSG_INFO, "nl80211: Failed to set interface into " 5888 "station mode"); 5889 } 5890 5891 return ret; 5892 } 5893 5894 5895 static int nl80211_ht_vht_overrides(struct nl_msg *msg, 5896 struct wpa_driver_associate_params *params) 5897 { 5898 if (params->disable_ht && nla_put_flag(msg, NL80211_ATTR_DISABLE_HT)) 5899 return -1; 5900 5901 if (params->htcaps && params->htcaps_mask) { 5902 int sz = sizeof(struct ieee80211_ht_capabilities); 5903 wpa_hexdump(MSG_DEBUG, " * htcaps", params->htcaps, sz); 5904 wpa_hexdump(MSG_DEBUG, " * htcaps_mask", 5905 params->htcaps_mask, sz); 5906 if (nla_put(msg, NL80211_ATTR_HT_CAPABILITY, sz, 5907 params->htcaps) || 5908 nla_put(msg, NL80211_ATTR_HT_CAPABILITY_MASK, sz, 5909 params->htcaps_mask)) 5910 return -1; 5911 } 5912 5913 #ifdef CONFIG_VHT_OVERRIDES 5914 if (params->disable_vht) { 5915 wpa_printf(MSG_DEBUG, " * VHT disabled"); 5916 if (nla_put_flag(msg, NL80211_ATTR_DISABLE_VHT)) 5917 return -1; 5918 } 5919 5920 if (params->vhtcaps && params->vhtcaps_mask) { 5921 int sz = sizeof(struct ieee80211_vht_capabilities); 5922 wpa_hexdump(MSG_DEBUG, " * vhtcaps", params->vhtcaps, sz); 5923 wpa_hexdump(MSG_DEBUG, " * vhtcaps_mask", 5924 params->vhtcaps_mask, sz); 5925 if (nla_put(msg, NL80211_ATTR_VHT_CAPABILITY, sz, 5926 params->vhtcaps) || 5927 nla_put(msg, NL80211_ATTR_VHT_CAPABILITY_MASK, sz, 5928 params->vhtcaps_mask)) 5929 return -1; 5930 } 5931 #endif /* CONFIG_VHT_OVERRIDES */ 5932 5933 #ifdef CONFIG_HE_OVERRIDES 5934 if (params->disable_he) { 5935 wpa_printf(MSG_DEBUG, " * HE disabled"); 5936 if (nla_put_flag(msg, NL80211_ATTR_DISABLE_HE)) 5937 return -1; 5938 } 5939 #endif /* CONFIG_HE_OVERRIDES */ 5940 5941 return 0; 5942 } 5943 5944 5945 static int wpa_driver_nl80211_ibss(struct wpa_driver_nl80211_data *drv, 5946 struct wpa_driver_associate_params *params) 5947 { 5948 struct nl_msg *msg; 5949 int ret = -1; 5950 int count = 0; 5951 5952 wpa_printf(MSG_DEBUG, "nl80211: Join IBSS (ifindex=%d)", drv->ifindex); 5953 5954 if (wpa_driver_nl80211_set_mode_ibss(drv->first_bss, ¶ms->freq)) { 5955 wpa_printf(MSG_INFO, "nl80211: Failed to set interface into " 5956 "IBSS mode"); 5957 return -1; 5958 } 5959 5960 retry: 5961 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_JOIN_IBSS)) || 5962 params->ssid == NULL || params->ssid_len > sizeof(drv->ssid)) 5963 goto fail; 5964 5965 wpa_printf(MSG_DEBUG, " * SSID=%s", 5966 wpa_ssid_txt(params->ssid, params->ssid_len)); 5967 if (nla_put(msg, NL80211_ATTR_SSID, params->ssid_len, params->ssid)) 5968 goto fail; 5969 os_memcpy(drv->ssid, params->ssid, params->ssid_len); 5970 drv->ssid_len = params->ssid_len; 5971 5972 if (nl80211_put_freq_params(msg, ¶ms->freq) < 0 || 5973 nl80211_put_beacon_int(msg, params->beacon_int)) 5974 goto fail; 5975 5976 ret = nl80211_set_conn_keys(params, msg); 5977 if (ret) 5978 goto fail; 5979 5980 if (params->bssid && params->fixed_bssid) { 5981 wpa_printf(MSG_DEBUG, " * BSSID=" MACSTR, 5982 MAC2STR(params->bssid)); 5983 if (nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid)) 5984 goto fail; 5985 } 5986 5987 if (params->fixed_freq) { 5988 wpa_printf(MSG_DEBUG, " * fixed_freq"); 5989 if (nla_put_flag(msg, NL80211_ATTR_FREQ_FIXED)) 5990 goto fail; 5991 } 5992 5993 if (params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X || 5994 params->key_mgmt_suite == WPA_KEY_MGMT_PSK || 5995 params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 || 5996 params->key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256) { 5997 wpa_printf(MSG_DEBUG, " * control port"); 5998 if (nla_put_flag(msg, NL80211_ATTR_CONTROL_PORT)) 5999 goto fail; 6000 } 6001 6002 if (params->wpa_ie) { 6003 wpa_hexdump(MSG_DEBUG, 6004 " * Extra IEs for Beacon/Probe Response frames", 6005 params->wpa_ie, params->wpa_ie_len); 6006 if (nla_put(msg, NL80211_ATTR_IE, params->wpa_ie_len, 6007 params->wpa_ie)) 6008 goto fail; 6009 } 6010 6011 ret = nl80211_ht_vht_overrides(msg, params); 6012 if (ret < 0) 6013 goto fail; 6014 6015 ret = send_and_recv_msgs_connect_handle(drv, msg, drv->first_bss, 1); 6016 msg = NULL; 6017 if (ret) { 6018 wpa_printf(MSG_DEBUG, "nl80211: Join IBSS failed: ret=%d (%s)", 6019 ret, strerror(-ret)); 6020 count++; 6021 if (ret == -EALREADY && count == 1) { 6022 wpa_printf(MSG_DEBUG, "nl80211: Retry IBSS join after " 6023 "forced leave"); 6024 nl80211_leave_ibss(drv, 0); 6025 nlmsg_free(msg); 6026 goto retry; 6027 } 6028 } else { 6029 wpa_printf(MSG_DEBUG, 6030 "nl80211: Join IBSS request sent successfully"); 6031 } 6032 6033 fail: 6034 nlmsg_free(msg); 6035 return ret; 6036 } 6037 6038 6039 static int nl80211_put_fils_connect_params(struct wpa_driver_nl80211_data *drv, 6040 struct wpa_driver_associate_params *params, 6041 struct nl_msg *msg) 6042 { 6043 if (params->fils_erp_username_len) { 6044 wpa_hexdump_ascii(MSG_DEBUG, " * FILS ERP EMSKname/username", 6045 params->fils_erp_username, 6046 params->fils_erp_username_len); 6047 if (nla_put(msg, NL80211_ATTR_FILS_ERP_USERNAME, 6048 params->fils_erp_username_len, 6049 params->fils_erp_username)) 6050 return -1; 6051 } 6052 6053 if (params->fils_erp_realm_len) { 6054 wpa_hexdump_ascii(MSG_DEBUG, " * FILS ERP Realm", 6055 params->fils_erp_realm, 6056 params->fils_erp_realm_len); 6057 if (nla_put(msg, NL80211_ATTR_FILS_ERP_REALM, 6058 params->fils_erp_realm_len, params->fils_erp_realm)) 6059 return -1; 6060 } 6061 6062 if (params->fils_erp_rrk_len) { 6063 wpa_printf(MSG_DEBUG, " * FILS ERP next seq %u", 6064 params->fils_erp_next_seq_num); 6065 if (nla_put_u16(msg, NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM, 6066 params->fils_erp_next_seq_num)) 6067 return -1; 6068 6069 wpa_printf(MSG_DEBUG, " * FILS ERP rRK (len=%lu)", 6070 (unsigned long) params->fils_erp_rrk_len); 6071 if (nla_put(msg, NL80211_ATTR_FILS_ERP_RRK, 6072 params->fils_erp_rrk_len, params->fils_erp_rrk)) 6073 return -1; 6074 } 6075 6076 return 0; 6077 } 6078 6079 6080 static int nl80211_connect_common(struct wpa_driver_nl80211_data *drv, 6081 struct wpa_driver_associate_params *params, 6082 struct nl_msg *msg) 6083 { 6084 if (nla_put_flag(msg, NL80211_ATTR_IFACE_SOCKET_OWNER)) 6085 return -1; 6086 6087 if (params->bssid) { 6088 wpa_printf(MSG_DEBUG, " * bssid=" MACSTR, 6089 MAC2STR(params->bssid)); 6090 if (nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid)) 6091 return -1; 6092 } 6093 6094 if (params->bssid_hint) { 6095 wpa_printf(MSG_DEBUG, " * bssid_hint=" MACSTR, 6096 MAC2STR(params->bssid_hint)); 6097 if (nla_put(msg, NL80211_ATTR_MAC_HINT, ETH_ALEN, 6098 params->bssid_hint)) 6099 return -1; 6100 } 6101 6102 if (params->freq.freq) { 6103 wpa_printf(MSG_DEBUG, " * freq=%d", params->freq.freq); 6104 if (nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, 6105 params->freq.freq)) 6106 return -1; 6107 drv->assoc_freq = params->freq.freq; 6108 } else 6109 drv->assoc_freq = 0; 6110 6111 if (params->freq_hint) { 6112 wpa_printf(MSG_DEBUG, " * freq_hint=%d", params->freq_hint); 6113 if (nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ_HINT, 6114 params->freq_hint)) 6115 return -1; 6116 } 6117 6118 if (params->freq.edmg.channels && params->freq.edmg.bw_config) { 6119 wpa_printf(MSG_DEBUG, 6120 " * EDMG configuration: channels=0x%x bw_config=%d", 6121 params->freq.edmg.channels, 6122 params->freq.edmg.bw_config); 6123 if (nla_put_u8(msg, NL80211_ATTR_WIPHY_EDMG_CHANNELS, 6124 params->freq.edmg.channels) || 6125 nla_put_u8(msg, NL80211_ATTR_WIPHY_EDMG_BW_CONFIG, 6126 params->freq.edmg.bw_config)) 6127 return -1; 6128 } 6129 6130 if (params->bg_scan_period >= 0) { 6131 wpa_printf(MSG_DEBUG, " * bg scan period=%d", 6132 params->bg_scan_period); 6133 if (nla_put_u16(msg, NL80211_ATTR_BG_SCAN_PERIOD, 6134 params->bg_scan_period)) 6135 return -1; 6136 } 6137 6138 if (params->ssid) { 6139 wpa_printf(MSG_DEBUG, " * SSID=%s", 6140 wpa_ssid_txt(params->ssid, params->ssid_len)); 6141 if (nla_put(msg, NL80211_ATTR_SSID, params->ssid_len, 6142 params->ssid)) 6143 return -1; 6144 if (params->ssid_len > sizeof(drv->ssid)) 6145 return -1; 6146 os_memcpy(drv->ssid, params->ssid, params->ssid_len); 6147 drv->ssid_len = params->ssid_len; 6148 } 6149 6150 wpa_hexdump(MSG_DEBUG, " * IEs", params->wpa_ie, params->wpa_ie_len); 6151 if (params->wpa_ie && 6152 nla_put(msg, NL80211_ATTR_IE, params->wpa_ie_len, params->wpa_ie)) 6153 return -1; 6154 6155 if (params->wpa_proto) { 6156 enum nl80211_wpa_versions ver = 0; 6157 6158 if (params->wpa_proto & WPA_PROTO_WPA) 6159 ver |= NL80211_WPA_VERSION_1; 6160 if (params->wpa_proto & WPA_PROTO_RSN) 6161 ver |= NL80211_WPA_VERSION_2; 6162 6163 wpa_printf(MSG_DEBUG, " * WPA Versions 0x%x", ver); 6164 if (nla_put_u32(msg, NL80211_ATTR_WPA_VERSIONS, ver)) 6165 return -1; 6166 } 6167 6168 if (params->pairwise_suite != WPA_CIPHER_NONE) { 6169 u32 cipher = wpa_cipher_to_cipher_suite(params->pairwise_suite); 6170 wpa_printf(MSG_DEBUG, " * pairwise=0x%x", cipher); 6171 if (nla_put_u32(msg, NL80211_ATTR_CIPHER_SUITES_PAIRWISE, 6172 cipher)) 6173 return -1; 6174 } 6175 6176 if (params->group_suite == WPA_CIPHER_GTK_NOT_USED && 6177 !(drv->capa.enc & WPA_DRIVER_CAPA_ENC_GTK_NOT_USED)) { 6178 /* 6179 * This is likely to work even though many drivers do not 6180 * advertise support for operations without GTK. 6181 */ 6182 wpa_printf(MSG_DEBUG, " * skip group cipher configuration for GTK_NOT_USED due to missing driver support advertisement"); 6183 } else if (params->group_suite != WPA_CIPHER_NONE) { 6184 u32 cipher = wpa_cipher_to_cipher_suite(params->group_suite); 6185 wpa_printf(MSG_DEBUG, " * group=0x%x", cipher); 6186 if (nla_put_u32(msg, NL80211_ATTR_CIPHER_SUITE_GROUP, cipher)) 6187 return -1; 6188 } 6189 6190 if (params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X || 6191 params->key_mgmt_suite == WPA_KEY_MGMT_PSK || 6192 params->key_mgmt_suite == WPA_KEY_MGMT_FT_IEEE8021X || 6193 params->key_mgmt_suite == WPA_KEY_MGMT_FT_PSK || 6194 params->key_mgmt_suite == WPA_KEY_MGMT_CCKM || 6195 params->key_mgmt_suite == WPA_KEY_MGMT_OSEN || 6196 params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 || 6197 params->key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256 || 6198 params->key_mgmt_suite == WPA_KEY_MGMT_SAE || 6199 params->key_mgmt_suite == WPA_KEY_MGMT_FT_SAE || 6200 params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B || 6201 params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192 || 6202 params->key_mgmt_suite == WPA_KEY_MGMT_FT_IEEE8021X_SHA384 || 6203 params->key_mgmt_suite == WPA_KEY_MGMT_FILS_SHA256 || 6204 params->key_mgmt_suite == WPA_KEY_MGMT_FILS_SHA384 || 6205 params->key_mgmt_suite == WPA_KEY_MGMT_FT_FILS_SHA256 || 6206 params->key_mgmt_suite == WPA_KEY_MGMT_FT_FILS_SHA384 || 6207 params->key_mgmt_suite == WPA_KEY_MGMT_OWE || 6208 params->key_mgmt_suite == WPA_KEY_MGMT_DPP) { 6209 int mgmt = RSN_AUTH_KEY_MGMT_PSK_OVER_802_1X; 6210 6211 switch (params->key_mgmt_suite) { 6212 case WPA_KEY_MGMT_CCKM: 6213 mgmt = RSN_AUTH_KEY_MGMT_CCKM; 6214 break; 6215 case WPA_KEY_MGMT_IEEE8021X: 6216 mgmt = RSN_AUTH_KEY_MGMT_UNSPEC_802_1X; 6217 break; 6218 case WPA_KEY_MGMT_FT_IEEE8021X: 6219 mgmt = RSN_AUTH_KEY_MGMT_FT_802_1X; 6220 break; 6221 case WPA_KEY_MGMT_FT_PSK: 6222 mgmt = RSN_AUTH_KEY_MGMT_FT_PSK; 6223 break; 6224 case WPA_KEY_MGMT_IEEE8021X_SHA256: 6225 mgmt = RSN_AUTH_KEY_MGMT_802_1X_SHA256; 6226 break; 6227 case WPA_KEY_MGMT_PSK_SHA256: 6228 mgmt = RSN_AUTH_KEY_MGMT_PSK_SHA256; 6229 break; 6230 case WPA_KEY_MGMT_OSEN: 6231 mgmt = RSN_AUTH_KEY_MGMT_OSEN; 6232 break; 6233 case WPA_KEY_MGMT_SAE: 6234 mgmt = RSN_AUTH_KEY_MGMT_SAE; 6235 break; 6236 case WPA_KEY_MGMT_FT_SAE: 6237 mgmt = RSN_AUTH_KEY_MGMT_FT_SAE; 6238 break; 6239 case WPA_KEY_MGMT_IEEE8021X_SUITE_B: 6240 mgmt = RSN_AUTH_KEY_MGMT_802_1X_SUITE_B; 6241 break; 6242 case WPA_KEY_MGMT_IEEE8021X_SUITE_B_192: 6243 mgmt = RSN_AUTH_KEY_MGMT_802_1X_SUITE_B_192; 6244 break; 6245 case WPA_KEY_MGMT_FT_IEEE8021X_SHA384: 6246 mgmt = RSN_AUTH_KEY_MGMT_FT_802_1X_SHA384; 6247 break; 6248 case WPA_KEY_MGMT_FILS_SHA256: 6249 mgmt = RSN_AUTH_KEY_MGMT_FILS_SHA256; 6250 break; 6251 case WPA_KEY_MGMT_FILS_SHA384: 6252 mgmt = RSN_AUTH_KEY_MGMT_FILS_SHA384; 6253 break; 6254 case WPA_KEY_MGMT_FT_FILS_SHA256: 6255 mgmt = RSN_AUTH_KEY_MGMT_FT_FILS_SHA256; 6256 break; 6257 case WPA_KEY_MGMT_FT_FILS_SHA384: 6258 mgmt = RSN_AUTH_KEY_MGMT_FT_FILS_SHA384; 6259 break; 6260 case WPA_KEY_MGMT_OWE: 6261 mgmt = RSN_AUTH_KEY_MGMT_OWE; 6262 break; 6263 case WPA_KEY_MGMT_DPP: 6264 mgmt = RSN_AUTH_KEY_MGMT_DPP; 6265 break; 6266 case WPA_KEY_MGMT_PSK: 6267 default: 6268 mgmt = RSN_AUTH_KEY_MGMT_PSK_OVER_802_1X; 6269 break; 6270 } 6271 wpa_printf(MSG_DEBUG, " * akm=0x%x", mgmt); 6272 if (nla_put_u32(msg, NL80211_ATTR_AKM_SUITES, mgmt)) 6273 return -1; 6274 } 6275 6276 if (params->req_handshake_offload && 6277 (drv->capa.flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X)) { 6278 wpa_printf(MSG_DEBUG, " * WANT_1X_4WAY_HS"); 6279 if (nla_put_flag(msg, NL80211_ATTR_WANT_1X_4WAY_HS)) 6280 return -1; 6281 } 6282 6283 /* Add PSK in case of 4-way handshake offload */ 6284 if (params->psk && 6285 (drv->capa.flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK)) { 6286 wpa_hexdump_key(MSG_DEBUG, " * PSK", params->psk, 32); 6287 if (nla_put(msg, NL80211_ATTR_PMK, 32, params->psk)) 6288 return -1; 6289 } 6290 6291 if (nla_put_flag(msg, NL80211_ATTR_CONTROL_PORT)) 6292 return -1; 6293 6294 if (params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_NO_WPA && 6295 (params->pairwise_suite == WPA_CIPHER_NONE || 6296 params->pairwise_suite == WPA_CIPHER_WEP104 || 6297 params->pairwise_suite == WPA_CIPHER_WEP40) && 6298 (nla_put_u16(msg, NL80211_ATTR_CONTROL_PORT_ETHERTYPE, ETH_P_PAE) || 6299 nla_put_flag(msg, NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT))) 6300 return -1; 6301 6302 if (params->rrm_used) { 6303 u32 drv_rrm_flags = drv->capa.rrm_flags; 6304 if ((!((drv_rrm_flags & 6305 WPA_DRIVER_FLAGS_DS_PARAM_SET_IE_IN_PROBES) && 6306 (drv_rrm_flags & WPA_DRIVER_FLAGS_QUIET)) && 6307 !(drv_rrm_flags & WPA_DRIVER_FLAGS_SUPPORT_RRM)) || 6308 nla_put_flag(msg, NL80211_ATTR_USE_RRM)) 6309 return -1; 6310 } 6311 6312 if (nl80211_ht_vht_overrides(msg, params) < 0) 6313 return -1; 6314 6315 if (params->p2p) 6316 wpa_printf(MSG_DEBUG, " * P2P group"); 6317 6318 if (params->pbss) { 6319 wpa_printf(MSG_DEBUG, " * PBSS"); 6320 if (nla_put_flag(msg, NL80211_ATTR_PBSS)) 6321 return -1; 6322 } 6323 6324 drv->connect_reassoc = 0; 6325 if (params->prev_bssid) { 6326 wpa_printf(MSG_DEBUG, " * prev_bssid=" MACSTR, 6327 MAC2STR(params->prev_bssid)); 6328 if (nla_put(msg, NL80211_ATTR_PREV_BSSID, ETH_ALEN, 6329 params->prev_bssid)) 6330 return -1; 6331 drv->connect_reassoc = 1; 6332 } 6333 6334 if ((params->auth_alg & WPA_AUTH_ALG_FILS) && 6335 nl80211_put_fils_connect_params(drv, params, msg) != 0) 6336 return -1; 6337 6338 if ((params->key_mgmt_suite == WPA_KEY_MGMT_SAE || 6339 params->key_mgmt_suite == WPA_KEY_MGMT_FT_SAE) && 6340 (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME)) && 6341 nla_put_flag(msg, NL80211_ATTR_EXTERNAL_AUTH_SUPPORT)) 6342 return -1; 6343 6344 return 0; 6345 } 6346 6347 6348 static int wpa_driver_nl80211_try_connect( 6349 struct wpa_driver_nl80211_data *drv, 6350 struct wpa_driver_associate_params *params, 6351 struct i802_bss *bss) 6352 { 6353 struct nl_msg *msg; 6354 enum nl80211_auth_type type; 6355 int ret; 6356 int algs; 6357 6358 #ifdef CONFIG_DRIVER_NL80211_QCA 6359 if (params->req_key_mgmt_offload && params->psk && 6360 (params->key_mgmt_suite == WPA_KEY_MGMT_PSK || 6361 params->key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256 || 6362 params->key_mgmt_suite == WPA_KEY_MGMT_FT_PSK)) { 6363 wpa_printf(MSG_DEBUG, "nl80211: Key management set PSK"); 6364 ret = issue_key_mgmt_set_key(drv, params->psk, 32); 6365 if (ret) 6366 return ret; 6367 } 6368 #endif /* CONFIG_DRIVER_NL80211_QCA */ 6369 6370 wpa_printf(MSG_DEBUG, "nl80211: Connect (ifindex=%d)", drv->ifindex); 6371 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_CONNECT); 6372 if (!msg) 6373 return -1; 6374 6375 ret = nl80211_connect_common(drv, params, msg); 6376 if (ret) 6377 goto fail; 6378 6379 if (params->mgmt_frame_protection == MGMT_FRAME_PROTECTION_REQUIRED && 6380 nla_put_u32(msg, NL80211_ATTR_USE_MFP, NL80211_MFP_REQUIRED)) 6381 goto fail; 6382 6383 if (params->mgmt_frame_protection == MGMT_FRAME_PROTECTION_OPTIONAL && 6384 (drv->capa.flags & WPA_DRIVER_FLAGS_MFP_OPTIONAL) && 6385 nla_put_u32(msg, NL80211_ATTR_USE_MFP, NL80211_MFP_OPTIONAL)) 6386 goto fail; 6387 6388 #ifdef CONFIG_SAE 6389 if ((params->key_mgmt_suite == WPA_KEY_MGMT_SAE || 6390 params->key_mgmt_suite == WPA_KEY_MGMT_FT_SAE) && 6391 nl80211_put_sae_pwe(msg, params->sae_pwe) < 0) 6392 goto fail; 6393 #endif /* CONFIG_SAE */ 6394 6395 algs = 0; 6396 if (params->auth_alg & WPA_AUTH_ALG_OPEN) 6397 algs++; 6398 if (params->auth_alg & WPA_AUTH_ALG_SHARED) 6399 algs++; 6400 if (params->auth_alg & WPA_AUTH_ALG_LEAP) 6401 algs++; 6402 if (params->auth_alg & WPA_AUTH_ALG_FILS) 6403 algs++; 6404 if (params->auth_alg & WPA_AUTH_ALG_FT) 6405 algs++; 6406 if (algs > 1) { 6407 wpa_printf(MSG_DEBUG, " * Leave out Auth Type for automatic " 6408 "selection"); 6409 goto skip_auth_type; 6410 } 6411 6412 type = get_nl_auth_type(params->auth_alg); 6413 wpa_printf(MSG_DEBUG, " * Auth Type %d", type); 6414 if (type == NL80211_AUTHTYPE_MAX || 6415 nla_put_u32(msg, NL80211_ATTR_AUTH_TYPE, type)) 6416 goto fail; 6417 6418 skip_auth_type: 6419 ret = nl80211_set_conn_keys(params, msg); 6420 if (ret) 6421 goto fail; 6422 6423 ret = send_and_recv_msgs_connect_handle(drv, msg, bss, 1); 6424 msg = NULL; 6425 if (ret) { 6426 wpa_printf(MSG_DEBUG, "nl80211: MLME connect failed: ret=%d " 6427 "(%s)", ret, strerror(-ret)); 6428 } else { 6429 #ifdef CONFIG_DRIVER_NL80211_QCA 6430 drv->roam_indication_done = false; 6431 #endif /* CONFIG_DRIVER_NL80211_QCA */ 6432 wpa_printf(MSG_DEBUG, 6433 "nl80211: Connect request send successfully"); 6434 } 6435 6436 fail: 6437 nl80211_nlmsg_clear(msg); 6438 nlmsg_free(msg); 6439 return ret; 6440 6441 } 6442 6443 6444 static int wpa_driver_nl80211_connect( 6445 struct wpa_driver_nl80211_data *drv, 6446 struct wpa_driver_associate_params *params, 6447 struct i802_bss *bss) 6448 { 6449 int ret; 6450 6451 /* Store the connection attempted bssid for future use */ 6452 if (params->bssid) 6453 os_memcpy(drv->auth_attempt_bssid, params->bssid, ETH_ALEN); 6454 else 6455 os_memset(drv->auth_attempt_bssid, 0, ETH_ALEN); 6456 6457 ret = wpa_driver_nl80211_try_connect(drv, params, bss); 6458 if (ret == -EALREADY) { 6459 /* 6460 * cfg80211 does not currently accept new connections if 6461 * we are already connected. As a workaround, force 6462 * disconnection and try again. 6463 */ 6464 wpa_printf(MSG_DEBUG, "nl80211: Explicitly " 6465 "disconnecting before reassociation " 6466 "attempt"); 6467 if (wpa_driver_nl80211_disconnect( 6468 drv, WLAN_REASON_PREV_AUTH_NOT_VALID, bss)) 6469 return -1; 6470 ret = wpa_driver_nl80211_try_connect(drv, params, bss); 6471 } 6472 return ret; 6473 } 6474 6475 6476 static int wpa_driver_nl80211_associate( 6477 void *priv, struct wpa_driver_associate_params *params) 6478 { 6479 struct i802_bss *bss = priv; 6480 struct wpa_driver_nl80211_data *drv = bss->drv; 6481 int ret = -1; 6482 struct nl_msg *msg; 6483 6484 nl80211_unmask_11b_rates(bss); 6485 6486 if (params->mode == IEEE80211_MODE_AP) 6487 return wpa_driver_nl80211_ap(drv, params); 6488 6489 if (params->mode == IEEE80211_MODE_IBSS) 6490 return wpa_driver_nl80211_ibss(drv, params); 6491 6492 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME)) { 6493 enum nl80211_iftype nlmode = params->p2p ? 6494 NL80211_IFTYPE_P2P_CLIENT : NL80211_IFTYPE_STATION; 6495 6496 if (wpa_driver_nl80211_set_mode(priv, nlmode) < 0) 6497 return -1; 6498 if (params->key_mgmt_suite == WPA_KEY_MGMT_SAE || 6499 params->key_mgmt_suite == WPA_KEY_MGMT_FT_SAE) 6500 bss->use_nl_connect = 1; 6501 else 6502 bss->use_nl_connect = 0; 6503 6504 return wpa_driver_nl80211_connect(drv, params, bss); 6505 } 6506 6507 nl80211_mark_disconnected(drv); 6508 6509 wpa_printf(MSG_DEBUG, "nl80211: Associate (ifindex=%d)", 6510 drv->ifindex); 6511 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_ASSOCIATE); 6512 if (!msg) 6513 return -1; 6514 6515 ret = nl80211_connect_common(drv, params, msg); 6516 if (ret) 6517 goto fail; 6518 6519 if (params->mgmt_frame_protection == MGMT_FRAME_PROTECTION_REQUIRED && 6520 nla_put_u32(msg, NL80211_ATTR_USE_MFP, NL80211_MFP_REQUIRED)) 6521 goto fail; 6522 6523 if (params->fils_kek) { 6524 wpa_printf(MSG_DEBUG, " * FILS KEK (len=%u)", 6525 (unsigned int) params->fils_kek_len); 6526 if (nla_put(msg, NL80211_ATTR_FILS_KEK, params->fils_kek_len, 6527 params->fils_kek)) 6528 goto fail; 6529 } 6530 if (params->fils_nonces) { 6531 wpa_hexdump(MSG_DEBUG, " * FILS nonces (for AAD)", 6532 params->fils_nonces, 6533 params->fils_nonces_len); 6534 if (nla_put(msg, NL80211_ATTR_FILS_NONCES, 6535 params->fils_nonces_len, params->fils_nonces)) 6536 goto fail; 6537 } 6538 6539 ret = send_and_recv_msgs_connect_handle(drv, msg, drv->first_bss, 1); 6540 msg = NULL; 6541 if (ret) { 6542 wpa_dbg(drv->ctx, MSG_DEBUG, 6543 "nl80211: MLME command failed (assoc): ret=%d (%s)", 6544 ret, strerror(-ret)); 6545 nl80211_dump_scan(drv); 6546 } else { 6547 wpa_printf(MSG_DEBUG, 6548 "nl80211: Association request send successfully"); 6549 } 6550 6551 fail: 6552 nlmsg_free(msg); 6553 return ret; 6554 } 6555 6556 6557 static int nl80211_set_mode(struct wpa_driver_nl80211_data *drv, 6558 int ifindex, enum nl80211_iftype mode) 6559 { 6560 struct nl_msg *msg; 6561 int ret = -ENOBUFS; 6562 6563 wpa_printf(MSG_DEBUG, "nl80211: Set mode ifindex %d iftype %d (%s)", 6564 ifindex, mode, nl80211_iftype_str(mode)); 6565 6566 msg = nl80211_cmd_msg(drv->first_bss, 0, NL80211_CMD_SET_INTERFACE); 6567 if (!msg || nla_put_u32(msg, NL80211_ATTR_IFTYPE, mode)) 6568 goto fail; 6569 6570 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); 6571 msg = NULL; 6572 if (!ret) 6573 return 0; 6574 fail: 6575 nlmsg_free(msg); 6576 wpa_printf(MSG_DEBUG, "nl80211: Failed to set interface %d to mode %d:" 6577 " %d (%s)", ifindex, mode, ret, strerror(-ret)); 6578 return ret; 6579 } 6580 6581 6582 static int wpa_driver_nl80211_set_mode_impl( 6583 struct i802_bss *bss, 6584 enum nl80211_iftype nlmode, 6585 struct hostapd_freq_params *desired_freq_params) 6586 { 6587 struct wpa_driver_nl80211_data *drv = bss->drv; 6588 int ret = -1; 6589 int i; 6590 int was_ap = is_ap_interface(drv->nlmode); 6591 int res; 6592 int mode_switch_res; 6593 6594 if (TEST_FAIL()) 6595 return -1; 6596 6597 mode_switch_res = nl80211_set_mode(drv, drv->ifindex, nlmode); 6598 if (mode_switch_res && nlmode == nl80211_get_ifmode(bss)) 6599 mode_switch_res = 0; 6600 6601 if (mode_switch_res == 0) { 6602 drv->nlmode = nlmode; 6603 ret = 0; 6604 goto done; 6605 } 6606 6607 if (mode_switch_res == -ENODEV) 6608 return -1; 6609 6610 if (nlmode == drv->nlmode) { 6611 wpa_printf(MSG_DEBUG, "nl80211: Interface already in " 6612 "requested mode - ignore error"); 6613 ret = 0; 6614 goto done; /* Already in the requested mode */ 6615 } 6616 6617 /* mac80211 doesn't allow mode changes while the device is up, so 6618 * take the device down, try to set the mode again, and bring the 6619 * device back up. 6620 */ 6621 wpa_printf(MSG_DEBUG, "nl80211: Try mode change after setting " 6622 "interface down"); 6623 for (i = 0; i < 10; i++) { 6624 res = i802_set_iface_flags(bss, 0); 6625 if (res == -EACCES || res == -ENODEV) 6626 break; 6627 if (res != 0) { 6628 wpa_printf(MSG_DEBUG, "nl80211: Failed to set " 6629 "interface down"); 6630 os_sleep(0, 100000); 6631 continue; 6632 } 6633 6634 /* 6635 * Setting the mode will fail for some drivers if the phy is 6636 * on a frequency that the mode is disallowed in. 6637 */ 6638 if (desired_freq_params) { 6639 res = nl80211_set_channel(bss, desired_freq_params, 0); 6640 if (res) { 6641 wpa_printf(MSG_DEBUG, 6642 "nl80211: Failed to set frequency on interface"); 6643 } 6644 } 6645 6646 if (i == 0 && was_ap && !is_ap_interface(nlmode) && 6647 bss->brname[0] && 6648 (bss->added_if_into_bridge || bss->already_in_bridge)) { 6649 wpa_printf(MSG_DEBUG, 6650 "nl80211: Remove AP interface %s temporarily from the bridge %s to allow its mode to be set to STATION", 6651 bss->ifname, bss->brname); 6652 if (linux_br_del_if(drv->global->ioctl_sock, 6653 bss->brname, bss->ifname) < 0) 6654 wpa_printf(MSG_INFO, 6655 "nl80211: Failed to remove interface %s from bridge %s: %s", 6656 bss->ifname, bss->brname, 6657 strerror(errno)); 6658 } 6659 6660 /* Try to set the mode again while the interface is down */ 6661 mode_switch_res = nl80211_set_mode(drv, drv->ifindex, nlmode); 6662 if (mode_switch_res == -EBUSY) { 6663 wpa_printf(MSG_DEBUG, 6664 "nl80211: Delaying mode set while interface going down"); 6665 os_sleep(0, 100000); 6666 continue; 6667 } 6668 ret = mode_switch_res; 6669 break; 6670 } 6671 6672 if (!ret) { 6673 wpa_printf(MSG_DEBUG, "nl80211: Mode change succeeded while " 6674 "interface is down"); 6675 drv->nlmode = nlmode; 6676 drv->ignore_if_down_event = 1; 6677 } 6678 6679 /* Bring the interface back up */ 6680 res = linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 1); 6681 if (res != 0) { 6682 wpa_printf(MSG_DEBUG, 6683 "nl80211: Failed to set interface up after switching mode"); 6684 ret = -1; 6685 } 6686 6687 done: 6688 if (ret) { 6689 wpa_printf(MSG_DEBUG, "nl80211: Interface mode change to %d " 6690 "from %d failed", nlmode, drv->nlmode); 6691 return ret; 6692 } 6693 6694 if (is_p2p_net_interface(nlmode)) { 6695 wpa_printf(MSG_DEBUG, 6696 "nl80211: Interface %s mode change to P2P - disable 11b rates", 6697 bss->ifname); 6698 nl80211_disable_11b_rates(drv, drv->ifindex, 1); 6699 } else if (drv->disabled_11b_rates) { 6700 wpa_printf(MSG_DEBUG, 6701 "nl80211: Interface %s mode changed to non-P2P - re-enable 11b rates", 6702 bss->ifname); 6703 nl80211_disable_11b_rates(drv, drv->ifindex, 0); 6704 } 6705 6706 if (is_ap_interface(nlmode)) { 6707 nl80211_mgmt_unsubscribe(bss, "start AP"); 6708 /* Setup additional AP mode functionality if needed */ 6709 if (nl80211_setup_ap(bss)) 6710 return -1; 6711 } else if (was_ap) { 6712 /* Remove additional AP mode functionality */ 6713 nl80211_teardown_ap(bss); 6714 } else { 6715 nl80211_mgmt_unsubscribe(bss, "mode change"); 6716 } 6717 6718 if (is_mesh_interface(nlmode) && 6719 nl80211_mgmt_subscribe_mesh(bss)) 6720 return -1; 6721 6722 if (!bss->in_deinit && !is_ap_interface(nlmode) && 6723 !is_mesh_interface(nlmode) && 6724 nl80211_mgmt_subscribe_non_ap(bss) < 0) 6725 wpa_printf(MSG_DEBUG, "nl80211: Failed to register Action " 6726 "frame processing - ignore for now"); 6727 6728 return 0; 6729 } 6730 6731 6732 void nl80211_restore_ap_mode(struct i802_bss *bss) 6733 { 6734 struct wpa_driver_nl80211_data *drv = bss->drv; 6735 int was_ap = is_ap_interface(drv->nlmode); 6736 6737 wpa_driver_nl80211_set_mode(bss, drv->ap_scan_as_station); 6738 if (!was_ap && is_ap_interface(drv->ap_scan_as_station) && 6739 bss->brname[0] && 6740 (bss->added_if_into_bridge || bss->already_in_bridge)) { 6741 wpa_printf(MSG_DEBUG, 6742 "nl80211: Add AP interface %s back into the bridge %s", 6743 bss->ifname, bss->brname); 6744 if (linux_br_add_if(drv->global->ioctl_sock, bss->brname, 6745 bss->ifname) < 0) { 6746 wpa_printf(MSG_WARNING, 6747 "nl80211: Failed to add interface %s into bridge %s: %s", 6748 bss->ifname, bss->brname, strerror(errno)); 6749 } 6750 } 6751 drv->ap_scan_as_station = NL80211_IFTYPE_UNSPECIFIED; 6752 } 6753 6754 6755 int wpa_driver_nl80211_set_mode(struct i802_bss *bss, 6756 enum nl80211_iftype nlmode) 6757 { 6758 return wpa_driver_nl80211_set_mode_impl(bss, nlmode, NULL); 6759 } 6760 6761 6762 static int wpa_driver_nl80211_set_mode_ibss(struct i802_bss *bss, 6763 struct hostapd_freq_params *freq) 6764 { 6765 return wpa_driver_nl80211_set_mode_impl(bss, NL80211_IFTYPE_ADHOC, 6766 freq); 6767 } 6768 6769 6770 static int wpa_driver_nl80211_get_capa(void *priv, 6771 struct wpa_driver_capa *capa) 6772 { 6773 struct i802_bss *bss = priv; 6774 struct wpa_driver_nl80211_data *drv = bss->drv; 6775 6776 if (!drv->has_capability) 6777 return -1; 6778 os_memcpy(capa, &drv->capa, sizeof(*capa)); 6779 if (drv->extended_capa && drv->extended_capa_mask) { 6780 capa->extended_capa = drv->extended_capa; 6781 capa->extended_capa_mask = drv->extended_capa_mask; 6782 capa->extended_capa_len = drv->extended_capa_len; 6783 } 6784 6785 return 0; 6786 } 6787 6788 6789 static int wpa_driver_nl80211_set_operstate(void *priv, int state) 6790 { 6791 struct i802_bss *bss = priv; 6792 struct wpa_driver_nl80211_data *drv = bss->drv; 6793 6794 wpa_printf(MSG_DEBUG, "nl80211: Set %s operstate %d->%d (%s)", 6795 bss->ifname, drv->operstate, state, 6796 state ? "UP" : "DORMANT"); 6797 drv->operstate = state; 6798 return netlink_send_oper_ifla(drv->global->netlink, drv->ifindex, -1, 6799 state ? IF_OPER_UP : IF_OPER_DORMANT); 6800 } 6801 6802 6803 static int wpa_driver_nl80211_set_supp_port(void *priv, int authorized) 6804 { 6805 struct i802_bss *bss = priv; 6806 struct wpa_driver_nl80211_data *drv = bss->drv; 6807 struct nl_msg *msg; 6808 struct nl80211_sta_flag_update upd; 6809 int ret; 6810 6811 if (!drv->associated && is_zero_ether_addr(drv->bssid) && !authorized) { 6812 wpa_printf(MSG_DEBUG, "nl80211: Skip set_supp_port(unauthorized) while not associated"); 6813 return 0; 6814 } 6815 6816 wpa_printf(MSG_DEBUG, "nl80211: Set supplicant port %sauthorized for " 6817 MACSTR, authorized ? "" : "un", MAC2STR(drv->bssid)); 6818 6819 os_memset(&upd, 0, sizeof(upd)); 6820 upd.mask = BIT(NL80211_STA_FLAG_AUTHORIZED); 6821 if (authorized) 6822 upd.set = BIT(NL80211_STA_FLAG_AUTHORIZED); 6823 6824 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_STATION)) || 6825 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, drv->bssid) || 6826 nla_put(msg, NL80211_ATTR_STA_FLAGS2, sizeof(upd), &upd)) { 6827 nlmsg_free(msg); 6828 return -ENOBUFS; 6829 } 6830 6831 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); 6832 if (!ret) 6833 return 0; 6834 wpa_printf(MSG_DEBUG, "nl80211: Failed to set STA flag: %d (%s)", 6835 ret, strerror(-ret)); 6836 return ret; 6837 } 6838 6839 6840 /* Set kernel driver on given frequency (MHz) */ 6841 static int i802_set_freq(void *priv, struct hostapd_freq_params *freq) 6842 { 6843 struct i802_bss *bss = priv; 6844 return nl80211_set_channel(bss, freq, 0); 6845 } 6846 6847 6848 static inline int min_int(int a, int b) 6849 { 6850 if (a < b) 6851 return a; 6852 return b; 6853 } 6854 6855 6856 static int get_key_handler(struct nl_msg *msg, void *arg) 6857 { 6858 struct nlattr *tb[NL80211_ATTR_MAX + 1]; 6859 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); 6860 6861 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), 6862 genlmsg_attrlen(gnlh, 0), NULL); 6863 6864 /* 6865 * TODO: validate the key index and mac address! 6866 * Otherwise, there's a race condition as soon as 6867 * the kernel starts sending key notifications. 6868 */ 6869 6870 if (tb[NL80211_ATTR_KEY_SEQ]) 6871 memcpy(arg, nla_data(tb[NL80211_ATTR_KEY_SEQ]), 6872 min_int(nla_len(tb[NL80211_ATTR_KEY_SEQ]), 6)); 6873 nl80211_nlmsg_clear(msg); 6874 return NL_SKIP; 6875 } 6876 6877 6878 static int i802_get_seqnum(const char *iface, void *priv, const u8 *addr, 6879 int idx, u8 *seq) 6880 { 6881 struct i802_bss *bss = priv; 6882 struct wpa_driver_nl80211_data *drv = bss->drv; 6883 struct nl_msg *msg; 6884 6885 msg = nl80211_ifindex_msg(drv, if_nametoindex(iface), 0, 6886 NL80211_CMD_GET_KEY); 6887 if (!msg || 6888 (addr && nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) || 6889 nla_put_u8(msg, NL80211_ATTR_KEY_IDX, idx)) { 6890 nlmsg_free(msg); 6891 return -ENOBUFS; 6892 } 6893 6894 memset(seq, 0, 6); 6895 6896 return send_and_recv_msgs(drv, msg, get_key_handler, seq, NULL, NULL); 6897 } 6898 6899 6900 static int i802_set_rts(void *priv, int rts) 6901 { 6902 struct i802_bss *bss = priv; 6903 struct wpa_driver_nl80211_data *drv = bss->drv; 6904 struct nl_msg *msg; 6905 int ret; 6906 u32 val; 6907 6908 if (rts >= 2347 || rts == -1) 6909 val = (u32) -1; 6910 else 6911 val = rts; 6912 6913 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_SET_WIPHY)) || 6914 nla_put_u32(msg, NL80211_ATTR_WIPHY_RTS_THRESHOLD, val)) { 6915 nlmsg_free(msg); 6916 return -ENOBUFS; 6917 } 6918 6919 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); 6920 if (!ret) 6921 return 0; 6922 wpa_printf(MSG_DEBUG, "nl80211: Failed to set RTS threshold %d: " 6923 "%d (%s)", rts, ret, strerror(-ret)); 6924 return ret; 6925 } 6926 6927 6928 static int i802_set_frag(void *priv, int frag) 6929 { 6930 struct i802_bss *bss = priv; 6931 struct wpa_driver_nl80211_data *drv = bss->drv; 6932 struct nl_msg *msg; 6933 int ret; 6934 u32 val; 6935 6936 if (frag >= 2346 || frag == -1) 6937 val = (u32) -1; 6938 else 6939 val = frag; 6940 6941 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_SET_WIPHY)) || 6942 nla_put_u32(msg, NL80211_ATTR_WIPHY_FRAG_THRESHOLD, val)) { 6943 nlmsg_free(msg); 6944 return -ENOBUFS; 6945 } 6946 6947 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); 6948 if (!ret) 6949 return 0; 6950 wpa_printf(MSG_DEBUG, "nl80211: Failed to set fragmentation threshold " 6951 "%d: %d (%s)", frag, ret, strerror(-ret)); 6952 return ret; 6953 } 6954 6955 6956 static int i802_flush(void *priv) 6957 { 6958 struct i802_bss *bss = priv; 6959 struct nl_msg *msg; 6960 int res; 6961 6962 wpa_printf(MSG_DEBUG, "nl80211: flush -> DEL_STATION %s (all)", 6963 bss->ifname); 6964 6965 /* 6966 * XXX: FIX! this needs to flush all VLANs too 6967 */ 6968 msg = nl80211_bss_msg(bss, 0, NL80211_CMD_DEL_STATION); 6969 res = send_and_recv_msgs(bss->drv, msg, NULL, NULL, NULL, NULL); 6970 if (res) { 6971 wpa_printf(MSG_DEBUG, "nl80211: Station flush failed: ret=%d " 6972 "(%s)", res, strerror(-res)); 6973 } 6974 return res; 6975 } 6976 6977 6978 static void get_sta_tid_stats(struct hostap_sta_driver_data *data, 6979 struct nlattr *attr) 6980 { 6981 struct nlattr *tid_stats[NL80211_TID_STATS_MAX + 1], *tidattr; 6982 struct nlattr *txq_stats[NL80211_TXQ_STATS_MAX + 1]; 6983 static struct nla_policy txq_stats_policy[NL80211_TXQ_STATS_MAX + 1] = { 6984 [NL80211_TXQ_STATS_BACKLOG_BYTES] = { .type = NLA_U32 }, 6985 [NL80211_TXQ_STATS_BACKLOG_PACKETS] = { .type = NLA_U32 }, 6986 }; 6987 int rem; 6988 6989 nla_for_each_nested(tidattr, attr, rem) { 6990 if (nla_parse_nested(tid_stats, NL80211_TID_STATS_MAX, 6991 tidattr, NULL) != 0 || 6992 !tid_stats[NL80211_TID_STATS_TXQ_STATS] || 6993 nla_parse_nested(txq_stats, NL80211_TXQ_STATS_MAX, 6994 tid_stats[NL80211_TID_STATS_TXQ_STATS], 6995 txq_stats_policy) != 0) 6996 continue; 6997 /* sum the backlogs over all TIDs for station */ 6998 if (txq_stats[NL80211_TXQ_STATS_BACKLOG_BYTES]) 6999 data->backlog_bytes += nla_get_u32( 7000 txq_stats[NL80211_TXQ_STATS_BACKLOG_BYTES]); 7001 if (txq_stats[NL80211_TXQ_STATS_BACKLOG_PACKETS]) 7002 data->backlog_bytes += nla_get_u32( 7003 txq_stats[NL80211_TXQ_STATS_BACKLOG_PACKETS]); 7004 } 7005 } 7006 7007 7008 static int get_sta_handler(struct nl_msg *msg, void *arg) 7009 { 7010 struct nlattr *tb[NL80211_ATTR_MAX + 1]; 7011 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); 7012 struct hostap_sta_driver_data *data = arg; 7013 struct nlattr *stats[NL80211_STA_INFO_MAX + 1]; 7014 static struct nla_policy stats_policy[NL80211_STA_INFO_MAX + 1] = { 7015 [NL80211_STA_INFO_INACTIVE_TIME] = { .type = NLA_U32 }, 7016 [NL80211_STA_INFO_RX_BYTES] = { .type = NLA_U32 }, 7017 [NL80211_STA_INFO_TX_BYTES] = { .type = NLA_U32 }, 7018 [NL80211_STA_INFO_RX_PACKETS] = { .type = NLA_U32 }, 7019 [NL80211_STA_INFO_TX_PACKETS] = { .type = NLA_U32 }, 7020 [NL80211_STA_INFO_TX_FAILED] = { .type = NLA_U32 }, 7021 [NL80211_STA_INFO_RX_BYTES64] = { .type = NLA_U64 }, 7022 [NL80211_STA_INFO_TX_BYTES64] = { .type = NLA_U64 }, 7023 [NL80211_STA_INFO_SIGNAL] = { .type = NLA_U8 }, 7024 [NL80211_STA_INFO_ACK_SIGNAL] = { .type = NLA_U8 }, 7025 [NL80211_STA_INFO_RX_DURATION] = { .type = NLA_U64 }, 7026 [NL80211_STA_INFO_TX_DURATION] = { .type = NLA_U64 }, 7027 }; 7028 struct nlattr *rate[NL80211_RATE_INFO_MAX + 1]; 7029 static struct nla_policy rate_policy[NL80211_RATE_INFO_MAX + 1] = { 7030 [NL80211_RATE_INFO_BITRATE] = { .type = NLA_U16 }, 7031 [NL80211_RATE_INFO_BITRATE32] = { .type = NLA_U32 }, 7032 [NL80211_RATE_INFO_MCS] = { .type = NLA_U8 }, 7033 [NL80211_RATE_INFO_VHT_MCS] = { .type = NLA_U8 }, 7034 [NL80211_RATE_INFO_SHORT_GI] = { .type = NLA_FLAG }, 7035 [NL80211_RATE_INFO_VHT_NSS] = { .type = NLA_U8 }, 7036 }; 7037 7038 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), 7039 genlmsg_attrlen(gnlh, 0), NULL); 7040 7041 /* 7042 * TODO: validate the interface and mac address! 7043 * Otherwise, there's a race condition as soon as 7044 * the kernel starts sending station notifications. 7045 */ 7046 7047 if (!tb[NL80211_ATTR_STA_INFO]) { 7048 wpa_printf(MSG_DEBUG, "sta stats missing!"); 7049 return NL_SKIP; 7050 } 7051 if (nla_parse_nested(stats, NL80211_STA_INFO_MAX, 7052 tb[NL80211_ATTR_STA_INFO], 7053 stats_policy)) { 7054 wpa_printf(MSG_DEBUG, "failed to parse nested attributes!"); 7055 return NL_SKIP; 7056 } 7057 7058 if (stats[NL80211_STA_INFO_INACTIVE_TIME]) 7059 data->inactive_msec = 7060 nla_get_u32(stats[NL80211_STA_INFO_INACTIVE_TIME]); 7061 /* For backwards compatibility, fetch the 32-bit counters first. */ 7062 if (stats[NL80211_STA_INFO_RX_BYTES]) 7063 data->rx_bytes = nla_get_u32(stats[NL80211_STA_INFO_RX_BYTES]); 7064 if (stats[NL80211_STA_INFO_TX_BYTES]) 7065 data->tx_bytes = nla_get_u32(stats[NL80211_STA_INFO_TX_BYTES]); 7066 if (stats[NL80211_STA_INFO_RX_BYTES64] && 7067 stats[NL80211_STA_INFO_TX_BYTES64]) { 7068 /* 7069 * The driver supports 64-bit counters, so use them to override 7070 * the 32-bit values. 7071 */ 7072 data->rx_bytes = 7073 nla_get_u64(stats[NL80211_STA_INFO_RX_BYTES64]); 7074 data->tx_bytes = 7075 nla_get_u64(stats[NL80211_STA_INFO_TX_BYTES64]); 7076 data->bytes_64bit = 1; 7077 } 7078 if (stats[NL80211_STA_INFO_RX_PACKETS]) 7079 data->rx_packets = 7080 nla_get_u32(stats[NL80211_STA_INFO_RX_PACKETS]); 7081 if (stats[NL80211_STA_INFO_TX_PACKETS]) 7082 data->tx_packets = 7083 nla_get_u32(stats[NL80211_STA_INFO_TX_PACKETS]); 7084 if (stats[NL80211_STA_INFO_RX_DURATION]) 7085 data->rx_airtime = 7086 nla_get_u64(stats[NL80211_STA_INFO_RX_DURATION]); 7087 if (stats[NL80211_STA_INFO_TX_DURATION]) 7088 data->tx_airtime = 7089 nla_get_u64(stats[NL80211_STA_INFO_TX_DURATION]); 7090 if (stats[NL80211_STA_INFO_TX_FAILED]) 7091 data->tx_retry_failed = 7092 nla_get_u32(stats[NL80211_STA_INFO_TX_FAILED]); 7093 if (stats[NL80211_STA_INFO_SIGNAL]) 7094 data->signal = nla_get_u8(stats[NL80211_STA_INFO_SIGNAL]); 7095 if (stats[NL80211_STA_INFO_ACK_SIGNAL]) { 7096 data->last_ack_rssi = 7097 nla_get_u8(stats[NL80211_STA_INFO_ACK_SIGNAL]); 7098 data->flags |= STA_DRV_DATA_LAST_ACK_RSSI; 7099 } 7100 7101 if (stats[NL80211_STA_INFO_TX_BITRATE] && 7102 nla_parse_nested(rate, NL80211_RATE_INFO_MAX, 7103 stats[NL80211_STA_INFO_TX_BITRATE], 7104 rate_policy) == 0) { 7105 if (rate[NL80211_RATE_INFO_BITRATE32]) 7106 data->current_tx_rate = 7107 nla_get_u32(rate[NL80211_RATE_INFO_BITRATE32]); 7108 else if (rate[NL80211_RATE_INFO_BITRATE]) 7109 data->current_tx_rate = 7110 nla_get_u16(rate[NL80211_RATE_INFO_BITRATE]); 7111 7112 if (rate[NL80211_RATE_INFO_MCS]) { 7113 data->tx_mcs = nla_get_u8(rate[NL80211_RATE_INFO_MCS]); 7114 data->flags |= STA_DRV_DATA_TX_MCS; 7115 } 7116 if (rate[NL80211_RATE_INFO_VHT_MCS]) { 7117 data->tx_vhtmcs = 7118 nla_get_u8(rate[NL80211_RATE_INFO_VHT_MCS]); 7119 data->flags |= STA_DRV_DATA_TX_VHT_MCS; 7120 } 7121 if (rate[NL80211_RATE_INFO_SHORT_GI]) 7122 data->flags |= STA_DRV_DATA_TX_SHORT_GI; 7123 if (rate[NL80211_RATE_INFO_VHT_NSS]) { 7124 data->tx_vht_nss = 7125 nla_get_u8(rate[NL80211_RATE_INFO_VHT_NSS]); 7126 data->flags |= STA_DRV_DATA_TX_VHT_NSS; 7127 } 7128 } 7129 7130 if (stats[NL80211_STA_INFO_RX_BITRATE] && 7131 nla_parse_nested(rate, NL80211_RATE_INFO_MAX, 7132 stats[NL80211_STA_INFO_RX_BITRATE], 7133 rate_policy) == 0) { 7134 if (rate[NL80211_RATE_INFO_BITRATE32]) 7135 data->current_rx_rate = 7136 nla_get_u32(rate[NL80211_RATE_INFO_BITRATE32]); 7137 else if (rate[NL80211_RATE_INFO_BITRATE]) 7138 data->current_rx_rate = 7139 nla_get_u16(rate[NL80211_RATE_INFO_BITRATE]); 7140 7141 if (rate[NL80211_RATE_INFO_MCS]) { 7142 data->rx_mcs = 7143 nla_get_u8(rate[NL80211_RATE_INFO_MCS]); 7144 data->flags |= STA_DRV_DATA_RX_MCS; 7145 } 7146 if (rate[NL80211_RATE_INFO_VHT_MCS]) { 7147 data->rx_vhtmcs = 7148 nla_get_u8(rate[NL80211_RATE_INFO_VHT_MCS]); 7149 data->flags |= STA_DRV_DATA_RX_VHT_MCS; 7150 } 7151 if (rate[NL80211_RATE_INFO_SHORT_GI]) 7152 data->flags |= STA_DRV_DATA_RX_SHORT_GI; 7153 if (rate[NL80211_RATE_INFO_VHT_NSS]) { 7154 data->rx_vht_nss = 7155 nla_get_u8(rate[NL80211_RATE_INFO_VHT_NSS]); 7156 data->flags |= STA_DRV_DATA_RX_VHT_NSS; 7157 } 7158 } 7159 7160 if (stats[NL80211_STA_INFO_TID_STATS]) 7161 get_sta_tid_stats(data, stats[NL80211_STA_INFO_TID_STATS]); 7162 7163 return NL_SKIP; 7164 } 7165 7166 static int i802_read_sta_data(struct i802_bss *bss, 7167 struct hostap_sta_driver_data *data, 7168 const u8 *addr) 7169 { 7170 struct nl_msg *msg; 7171 7172 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_GET_STATION)) || 7173 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) { 7174 nlmsg_free(msg); 7175 return -ENOBUFS; 7176 } 7177 7178 return send_and_recv_msgs(bss->drv, msg, get_sta_handler, data, 7179 NULL, NULL); 7180 } 7181 7182 7183 static int i802_set_tx_queue_params(void *priv, int queue, int aifs, 7184 int cw_min, int cw_max, int burst_time) 7185 { 7186 struct i802_bss *bss = priv; 7187 struct wpa_driver_nl80211_data *drv = bss->drv; 7188 struct nl_msg *msg; 7189 struct nlattr *txq, *params; 7190 int res; 7191 7192 msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_WIPHY); 7193 if (!msg) 7194 return -1; 7195 7196 txq = nla_nest_start(msg, NL80211_ATTR_WIPHY_TXQ_PARAMS); 7197 if (!txq) 7198 goto fail; 7199 7200 /* We are only sending parameters for a single TXQ at a time */ 7201 params = nla_nest_start(msg, 1); 7202 if (!params) 7203 goto fail; 7204 7205 switch (queue) { 7206 case 0: 7207 if (nla_put_u8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_VO)) 7208 goto fail; 7209 break; 7210 case 1: 7211 if (nla_put_u8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_VI)) 7212 goto fail; 7213 break; 7214 case 2: 7215 if (nla_put_u8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_BE)) 7216 goto fail; 7217 break; 7218 case 3: 7219 if (nla_put_u8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_BK)) 7220 goto fail; 7221 break; 7222 } 7223 /* Burst time is configured in units of 0.1 msec and TXOP parameter in 7224 * 32 usec, so need to convert the value here. */ 7225 if (nla_put_u16(msg, NL80211_TXQ_ATTR_TXOP, 7226 (burst_time * 100 + 16) / 32) || 7227 nla_put_u16(msg, NL80211_TXQ_ATTR_CWMIN, cw_min) || 7228 nla_put_u16(msg, NL80211_TXQ_ATTR_CWMAX, cw_max) || 7229 nla_put_u8(msg, NL80211_TXQ_ATTR_AIFS, aifs)) 7230 goto fail; 7231 7232 nla_nest_end(msg, params); 7233 7234 nla_nest_end(msg, txq); 7235 7236 res = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); 7237 wpa_printf(MSG_DEBUG, 7238 "nl80211: TX queue param set: queue=%d aifs=%d cw_min=%d cw_max=%d burst_time=%d --> res=%d", 7239 queue, aifs, cw_min, cw_max, burst_time, res); 7240 if (res == 0) 7241 return 0; 7242 msg = NULL; 7243 fail: 7244 nlmsg_free(msg); 7245 return -1; 7246 } 7247 7248 7249 static int i802_set_sta_vlan(struct i802_bss *bss, const u8 *addr, 7250 const char *ifname, int vlan_id) 7251 { 7252 struct wpa_driver_nl80211_data *drv = bss->drv; 7253 struct nl_msg *msg; 7254 int ret; 7255 7256 wpa_printf(MSG_DEBUG, "nl80211: %s[%d]: set_sta_vlan(" MACSTR 7257 ", ifname=%s[%d], vlan_id=%d)", 7258 bss->ifname, if_nametoindex(bss->ifname), 7259 MAC2STR(addr), ifname, if_nametoindex(ifname), vlan_id); 7260 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_STATION)) || 7261 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr) || 7262 (vlan_id && (drv->capa.flags & WPA_DRIVER_FLAGS_VLAN_OFFLOAD) && 7263 nla_put_u16(msg, NL80211_ATTR_VLAN_ID, vlan_id)) || 7264 nla_put_u32(msg, NL80211_ATTR_STA_VLAN, if_nametoindex(ifname))) { 7265 nlmsg_free(msg); 7266 return -ENOBUFS; 7267 } 7268 7269 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); 7270 if (ret < 0) { 7271 wpa_printf(MSG_ERROR, "nl80211: NL80211_ATTR_STA_VLAN (addr=" 7272 MACSTR " ifname=%s vlan_id=%d) failed: %d (%s)", 7273 MAC2STR(addr), ifname, vlan_id, ret, 7274 strerror(-ret)); 7275 } 7276 return ret; 7277 } 7278 7279 7280 static int i802_get_inact_sec(void *priv, const u8 *addr) 7281 { 7282 struct hostap_sta_driver_data data; 7283 int ret; 7284 7285 os_memset(&data, 0, sizeof(data)); 7286 data.inactive_msec = (unsigned long) -1; 7287 ret = i802_read_sta_data(priv, &data, addr); 7288 if (ret == -ENOENT) 7289 return -ENOENT; 7290 if (ret || data.inactive_msec == (unsigned long) -1) 7291 return -1; 7292 return data.inactive_msec / 1000; 7293 } 7294 7295 7296 static int i802_sta_clear_stats(void *priv, const u8 *addr) 7297 { 7298 #if 0 7299 /* TODO */ 7300 #endif 7301 return 0; 7302 } 7303 7304 7305 static int i802_sta_deauth(void *priv, const u8 *own_addr, const u8 *addr, 7306 u16 reason) 7307 { 7308 struct i802_bss *bss = priv; 7309 struct wpa_driver_nl80211_data *drv = bss->drv; 7310 struct ieee80211_mgmt mgmt; 7311 u8 channel; 7312 7313 if (ieee80211_freq_to_chan(bss->freq, &channel) == 7314 HOSTAPD_MODE_IEEE80211AD) { 7315 /* Deauthentication is not used in DMG/IEEE 802.11ad; 7316 * disassociate the STA instead. */ 7317 return i802_sta_disassoc(priv, own_addr, addr, reason); 7318 } 7319 7320 if (is_mesh_interface(drv->nlmode)) 7321 return -1; 7322 7323 if (drv->device_ap_sme) 7324 return wpa_driver_nl80211_sta_remove(bss, addr, 1, reason); 7325 7326 memset(&mgmt, 0, sizeof(mgmt)); 7327 mgmt.frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT, 7328 WLAN_FC_STYPE_DEAUTH); 7329 memcpy(mgmt.da, addr, ETH_ALEN); 7330 memcpy(mgmt.sa, own_addr, ETH_ALEN); 7331 memcpy(mgmt.bssid, own_addr, ETH_ALEN); 7332 mgmt.u.deauth.reason_code = host_to_le16(reason); 7333 return wpa_driver_nl80211_send_mlme(bss, (u8 *) &mgmt, 7334 IEEE80211_HDRLEN + 7335 sizeof(mgmt.u.deauth), 0, 0, 0, 0, 7336 0, NULL, 0, 0); 7337 } 7338 7339 7340 static int i802_sta_disassoc(void *priv, const u8 *own_addr, const u8 *addr, 7341 u16 reason) 7342 { 7343 struct i802_bss *bss = priv; 7344 struct wpa_driver_nl80211_data *drv = bss->drv; 7345 struct ieee80211_mgmt mgmt; 7346 7347 if (is_mesh_interface(drv->nlmode)) 7348 return -1; 7349 7350 if (drv->device_ap_sme) 7351 return wpa_driver_nl80211_sta_remove(bss, addr, 0, reason); 7352 7353 memset(&mgmt, 0, sizeof(mgmt)); 7354 mgmt.frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT, 7355 WLAN_FC_STYPE_DISASSOC); 7356 memcpy(mgmt.da, addr, ETH_ALEN); 7357 memcpy(mgmt.sa, own_addr, ETH_ALEN); 7358 memcpy(mgmt.bssid, own_addr, ETH_ALEN); 7359 mgmt.u.disassoc.reason_code = host_to_le16(reason); 7360 return wpa_driver_nl80211_send_mlme(bss, (u8 *) &mgmt, 7361 IEEE80211_HDRLEN + 7362 sizeof(mgmt.u.disassoc), 0, 0, 0, 0, 7363 0, NULL, 0, 0); 7364 } 7365 7366 7367 static void dump_ifidx(struct wpa_driver_nl80211_data *drv) 7368 { 7369 char buf[200], *pos, *end; 7370 int i, res; 7371 7372 pos = buf; 7373 end = pos + sizeof(buf); 7374 7375 for (i = 0; i < drv->num_if_indices; i++) { 7376 if (!drv->if_indices[i].ifindex) 7377 continue; 7378 res = os_snprintf(pos, end - pos, " %d(%d)", 7379 drv->if_indices[i].ifindex, 7380 drv->if_indices[i].reason); 7381 if (os_snprintf_error(end - pos, res)) 7382 break; 7383 pos += res; 7384 } 7385 *pos = '\0'; 7386 7387 wpa_printf(MSG_DEBUG, "nl80211: if_indices[%d]:%s", 7388 drv->num_if_indices, buf); 7389 } 7390 7391 7392 static void add_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx, 7393 int ifidx_reason) 7394 { 7395 int i; 7396 struct drv_nl80211_if_info *old; 7397 7398 wpa_printf(MSG_DEBUG, 7399 "nl80211: Add own interface ifindex %d (ifidx_reason %d)", 7400 ifidx, ifidx_reason); 7401 if (have_ifidx(drv, ifidx, ifidx_reason)) { 7402 wpa_printf(MSG_DEBUG, "nl80211: ifindex %d already in the list", 7403 ifidx); 7404 return; 7405 } 7406 for (i = 0; i < drv->num_if_indices; i++) { 7407 if (drv->if_indices[i].ifindex == 0) { 7408 drv->if_indices[i].ifindex = ifidx; 7409 drv->if_indices[i].reason = ifidx_reason; 7410 dump_ifidx(drv); 7411 return; 7412 } 7413 } 7414 7415 if (drv->if_indices != drv->default_if_indices) 7416 old = drv->if_indices; 7417 else 7418 old = NULL; 7419 7420 drv->if_indices = os_realloc_array(old, drv->num_if_indices + 1, 7421 sizeof(*old)); 7422 if (!drv->if_indices) { 7423 if (!old) 7424 drv->if_indices = drv->default_if_indices; 7425 else 7426 drv->if_indices = old; 7427 wpa_printf(MSG_ERROR, "Failed to reallocate memory for " 7428 "interfaces"); 7429 wpa_printf(MSG_ERROR, "Ignoring EAPOL on interface %d", ifidx); 7430 return; 7431 } 7432 if (!old) 7433 os_memcpy(drv->if_indices, drv->default_if_indices, 7434 sizeof(drv->default_if_indices)); 7435 drv->if_indices[drv->num_if_indices].ifindex = ifidx; 7436 drv->if_indices[drv->num_if_indices].reason = ifidx_reason; 7437 drv->num_if_indices++; 7438 dump_ifidx(drv); 7439 } 7440 7441 7442 static void del_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx, 7443 int ifidx_reason) 7444 { 7445 int i; 7446 7447 for (i = 0; i < drv->num_if_indices; i++) { 7448 if ((drv->if_indices[i].ifindex == ifidx || 7449 ifidx == IFIDX_ANY) && 7450 (drv->if_indices[i].reason == ifidx_reason || 7451 ifidx_reason == IFIDX_ANY)) { 7452 drv->if_indices[i].ifindex = 0; 7453 drv->if_indices[i].reason = 0; 7454 break; 7455 } 7456 } 7457 dump_ifidx(drv); 7458 } 7459 7460 7461 static int have_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx, 7462 int ifidx_reason) 7463 { 7464 int i; 7465 7466 for (i = 0; i < drv->num_if_indices; i++) 7467 if (drv->if_indices[i].ifindex == ifidx && 7468 (drv->if_indices[i].reason == ifidx_reason || 7469 ifidx_reason == IFIDX_ANY)) 7470 return 1; 7471 7472 return 0; 7473 } 7474 7475 7476 static int i802_set_wds_sta(void *priv, const u8 *addr, int aid, int val, 7477 const char *bridge_ifname, char *ifname_wds) 7478 { 7479 struct i802_bss *bss = priv; 7480 struct wpa_driver_nl80211_data *drv = bss->drv; 7481 char name[IFNAMSIZ + 1]; 7482 union wpa_event_data event; 7483 int ret; 7484 7485 ret = os_snprintf(name, sizeof(name), "%s.sta%d", bss->ifname, aid); 7486 if (ret >= (int) sizeof(name)) 7487 wpa_printf(MSG_WARNING, 7488 "nl80211: WDS interface name was truncated"); 7489 else if (ret < 0) 7490 return ret; 7491 7492 if (ifname_wds) 7493 os_strlcpy(ifname_wds, name, IFNAMSIZ + 1); 7494 7495 wpa_printf(MSG_DEBUG, "nl80211: Set WDS STA addr=" MACSTR 7496 " aid=%d val=%d name=%s", MAC2STR(addr), aid, val, name); 7497 if (val) { 7498 if (!if_nametoindex(name)) { 7499 if (nl80211_create_iface(drv, name, 7500 NL80211_IFTYPE_AP_VLAN, 7501 bss->addr, 1, NULL, NULL, 0) < 7502 0) 7503 return -1; 7504 if (bridge_ifname && 7505 linux_br_add_if(drv->global->ioctl_sock, 7506 bridge_ifname, name) < 0) 7507 return -1; 7508 7509 os_memset(&event, 0, sizeof(event)); 7510 event.wds_sta_interface.sta_addr = addr; 7511 event.wds_sta_interface.ifname = name; 7512 event.wds_sta_interface.istatus = INTERFACE_ADDED; 7513 wpa_supplicant_event(bss->ctx, 7514 EVENT_WDS_STA_INTERFACE_STATUS, 7515 &event); 7516 } 7517 if (linux_set_iface_flags(drv->global->ioctl_sock, name, 1)) { 7518 wpa_printf(MSG_ERROR, "nl80211: Failed to set WDS STA " 7519 "interface %s up", name); 7520 } 7521 return i802_set_sta_vlan(priv, addr, name, 0); 7522 } else { 7523 if (bridge_ifname && 7524 linux_br_del_if(drv->global->ioctl_sock, bridge_ifname, 7525 name) < 0) 7526 wpa_printf(MSG_INFO, 7527 "nl80211: Failed to remove interface %s from bridge %s: %s", 7528 name, bridge_ifname, strerror(errno)); 7529 7530 i802_set_sta_vlan(priv, addr, bss->ifname, 0); 7531 nl80211_remove_iface(drv, if_nametoindex(name)); 7532 os_memset(&event, 0, sizeof(event)); 7533 event.wds_sta_interface.sta_addr = addr; 7534 event.wds_sta_interface.ifname = name; 7535 event.wds_sta_interface.istatus = INTERFACE_REMOVED; 7536 wpa_supplicant_event(bss->ctx, EVENT_WDS_STA_INTERFACE_STATUS, 7537 &event); 7538 return 0; 7539 } 7540 } 7541 7542 7543 static void handle_eapol(int sock, void *eloop_ctx, void *sock_ctx) 7544 { 7545 struct wpa_driver_nl80211_data *drv = eloop_ctx; 7546 struct sockaddr_ll lladdr; 7547 unsigned char buf[3000]; 7548 int len; 7549 socklen_t fromlen = sizeof(lladdr); 7550 7551 len = recvfrom(sock, buf, sizeof(buf), 0, 7552 (struct sockaddr *)&lladdr, &fromlen); 7553 if (len < 0) { 7554 wpa_printf(MSG_ERROR, "nl80211: EAPOL recv failed: %s", 7555 strerror(errno)); 7556 return; 7557 } 7558 7559 if (have_ifidx(drv, lladdr.sll_ifindex, IFIDX_ANY)) 7560 drv_event_eapol_rx(drv->ctx, lladdr.sll_addr, buf, len); 7561 } 7562 7563 7564 static int i802_check_bridge(struct wpa_driver_nl80211_data *drv, 7565 struct i802_bss *bss, 7566 const char *brname, const char *ifname) 7567 { 7568 int br_ifindex; 7569 char in_br[IFNAMSIZ]; 7570 7571 os_strlcpy(bss->brname, brname, IFNAMSIZ); 7572 br_ifindex = if_nametoindex(brname); 7573 if (br_ifindex == 0) { 7574 /* 7575 * Bridge was configured, but the bridge device does 7576 * not exist. Try to add it now. 7577 */ 7578 if (linux_br_add(drv->global->ioctl_sock, brname) < 0) { 7579 wpa_printf(MSG_ERROR, "nl80211: Failed to add the " 7580 "bridge interface %s: %s", 7581 brname, strerror(errno)); 7582 return -1; 7583 } 7584 bss->added_bridge = 1; 7585 br_ifindex = if_nametoindex(brname); 7586 add_ifidx(drv, br_ifindex, drv->ifindex); 7587 } 7588 bss->br_ifindex = br_ifindex; 7589 7590 if (linux_br_get(in_br, ifname) == 0) { 7591 if (os_strcmp(in_br, brname) == 0) { 7592 bss->already_in_bridge = 1; 7593 return 0; /* already in the bridge */ 7594 } 7595 7596 wpa_printf(MSG_DEBUG, "nl80211: Removing interface %s from " 7597 "bridge %s", ifname, in_br); 7598 if (linux_br_del_if(drv->global->ioctl_sock, in_br, ifname) < 7599 0) { 7600 wpa_printf(MSG_ERROR, "nl80211: Failed to " 7601 "remove interface %s from bridge " 7602 "%s: %s", 7603 ifname, in_br, strerror(errno)); 7604 return -1; 7605 } 7606 } 7607 7608 wpa_printf(MSG_DEBUG, "nl80211: Adding interface %s into bridge %s", 7609 ifname, brname); 7610 if (linux_br_add_if(drv->global->ioctl_sock, brname, ifname) < 0) { 7611 wpa_printf(MSG_WARNING, 7612 "nl80211: Failed to add interface %s into bridge %s: %s", 7613 ifname, brname, strerror(errno)); 7614 /* Try to continue without the interface being in a bridge. This 7615 * may be needed for some cases, e.g., with Open vSwitch, where 7616 * an external component will need to handle bridge 7617 * configuration. */ 7618 return 0; 7619 } 7620 bss->added_if_into_bridge = 1; 7621 7622 return 0; 7623 } 7624 7625 7626 static void *i802_init(struct hostapd_data *hapd, 7627 struct wpa_init_params *params) 7628 { 7629 struct wpa_driver_nl80211_data *drv; 7630 struct i802_bss *bss; 7631 size_t i; 7632 char master_ifname[IFNAMSIZ]; 7633 int ifindex, br_ifindex = 0; 7634 int br_added = 0; 7635 7636 bss = wpa_driver_nl80211_drv_init(hapd, params->ifname, 7637 params->global_priv, 1, 7638 params->bssid, params->driver_params); 7639 if (bss == NULL) 7640 return NULL; 7641 7642 drv = bss->drv; 7643 7644 if (linux_br_get(master_ifname, params->ifname) == 0) { 7645 wpa_printf(MSG_DEBUG, "nl80211: Interface %s is in bridge %s", 7646 params->ifname, master_ifname); 7647 br_ifindex = if_nametoindex(master_ifname); 7648 os_strlcpy(bss->brname, master_ifname, IFNAMSIZ); 7649 } else if ((params->num_bridge == 0 || !params->bridge[0]) && 7650 linux_master_get(master_ifname, params->ifname) == 0) { 7651 wpa_printf(MSG_DEBUG, "nl80211: Interface %s is in master %s", 7652 params->ifname, master_ifname); 7653 /* start listening for EAPOL on the master interface */ 7654 add_ifidx(drv, if_nametoindex(master_ifname), drv->ifindex); 7655 7656 /* check if master itself is under bridge */ 7657 if (linux_br_get(master_ifname, master_ifname) == 0) { 7658 wpa_printf(MSG_DEBUG, "nl80211: which is in bridge %s", 7659 master_ifname); 7660 br_ifindex = if_nametoindex(master_ifname); 7661 os_strlcpy(bss->brname, master_ifname, IFNAMSIZ); 7662 } 7663 } else { 7664 master_ifname[0] = '\0'; 7665 } 7666 7667 bss->br_ifindex = br_ifindex; 7668 7669 for (i = 0; i < params->num_bridge; i++) { 7670 if (params->bridge[i]) { 7671 ifindex = if_nametoindex(params->bridge[i]); 7672 if (ifindex) 7673 add_ifidx(drv, ifindex, drv->ifindex); 7674 if (ifindex == br_ifindex) 7675 br_added = 1; 7676 } 7677 } 7678 7679 /* start listening for EAPOL on the default AP interface */ 7680 add_ifidx(drv, drv->ifindex, IFIDX_ANY); 7681 7682 if (params->num_bridge && params->bridge[0]) { 7683 if (i802_check_bridge(drv, bss, params->bridge[0], 7684 params->ifname) < 0) 7685 goto failed; 7686 if (os_strcmp(params->bridge[0], master_ifname) != 0) 7687 br_added = 1; 7688 } 7689 7690 if (!br_added && br_ifindex && 7691 (params->num_bridge == 0 || !params->bridge[0])) 7692 add_ifidx(drv, br_ifindex, drv->ifindex); 7693 7694 #ifdef CONFIG_LIBNL3_ROUTE 7695 if (bss->added_if_into_bridge || bss->already_in_bridge) { 7696 int err; 7697 7698 drv->rtnl_sk = nl_socket_alloc(); 7699 if (drv->rtnl_sk == NULL) { 7700 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate nl_sock"); 7701 goto failed; 7702 } 7703 7704 err = nl_connect(drv->rtnl_sk, NETLINK_ROUTE); 7705 if (err) { 7706 wpa_printf(MSG_ERROR, "nl80211: Failed to connect nl_sock to NETLINK_ROUTE: %s", 7707 nl_geterror(err)); 7708 goto failed; 7709 } 7710 } 7711 #endif /* CONFIG_LIBNL3_ROUTE */ 7712 7713 if (drv->capa.flags2 & WPA_DRIVER_FLAGS2_CONTROL_PORT_RX) { 7714 wpa_printf(MSG_DEBUG, 7715 "nl80211: Do not open EAPOL RX socket - using control port for RX"); 7716 goto skip_eapol_sock; 7717 } 7718 7719 drv->eapol_sock = socket(PF_PACKET, SOCK_DGRAM, htons(ETH_P_PAE)); 7720 if (drv->eapol_sock < 0) { 7721 wpa_printf(MSG_ERROR, "nl80211: socket(PF_PACKET, SOCK_DGRAM, ETH_P_PAE) failed: %s", 7722 strerror(errno)); 7723 goto failed; 7724 } 7725 7726 if (eloop_register_read_sock(drv->eapol_sock, handle_eapol, drv, NULL)) 7727 { 7728 wpa_printf(MSG_INFO, "nl80211: Could not register read socket for eapol"); 7729 goto failed; 7730 } 7731 skip_eapol_sock: 7732 7733 if (linux_get_ifhwaddr(drv->global->ioctl_sock, bss->ifname, 7734 params->own_addr)) 7735 goto failed; 7736 os_memcpy(drv->perm_addr, params->own_addr, ETH_ALEN); 7737 7738 memcpy(bss->addr, params->own_addr, ETH_ALEN); 7739 7740 return bss; 7741 7742 failed: 7743 wpa_driver_nl80211_deinit(bss); 7744 return NULL; 7745 } 7746 7747 7748 static void i802_deinit(void *priv) 7749 { 7750 struct i802_bss *bss = priv; 7751 wpa_driver_nl80211_deinit(bss); 7752 } 7753 7754 7755 static enum nl80211_iftype wpa_driver_nl80211_if_type( 7756 enum wpa_driver_if_type type) 7757 { 7758 switch (type) { 7759 case WPA_IF_STATION: 7760 return NL80211_IFTYPE_STATION; 7761 case WPA_IF_P2P_CLIENT: 7762 case WPA_IF_P2P_GROUP: 7763 return NL80211_IFTYPE_P2P_CLIENT; 7764 case WPA_IF_AP_VLAN: 7765 return NL80211_IFTYPE_AP_VLAN; 7766 case WPA_IF_AP_BSS: 7767 return NL80211_IFTYPE_AP; 7768 case WPA_IF_P2P_GO: 7769 return NL80211_IFTYPE_P2P_GO; 7770 case WPA_IF_P2P_DEVICE: 7771 return NL80211_IFTYPE_P2P_DEVICE; 7772 case WPA_IF_MESH: 7773 return NL80211_IFTYPE_MESH_POINT; 7774 default: 7775 return -1; 7776 } 7777 } 7778 7779 7780 static int nl80211_addr_in_use(struct nl80211_global *global, const u8 *addr) 7781 { 7782 struct wpa_driver_nl80211_data *drv; 7783 dl_list_for_each(drv, &global->interfaces, 7784 struct wpa_driver_nl80211_data, list) { 7785 if (os_memcmp(addr, drv->first_bss->addr, ETH_ALEN) == 0) 7786 return 1; 7787 } 7788 return 0; 7789 } 7790 7791 7792 static int nl80211_vif_addr(struct wpa_driver_nl80211_data *drv, u8 *new_addr) 7793 { 7794 unsigned int idx; 7795 7796 if (!drv->global) 7797 return -1; 7798 7799 os_memcpy(new_addr, drv->first_bss->addr, ETH_ALEN); 7800 for (idx = 0; idx < 64; idx++) { 7801 new_addr[0] = drv->first_bss->addr[0] | 0x02; 7802 new_addr[0] ^= idx << 2; 7803 if (!nl80211_addr_in_use(drv->global, new_addr)) 7804 break; 7805 } 7806 if (idx == 64) 7807 return -1; 7808 7809 wpa_printf(MSG_DEBUG, "nl80211: Assigned new virtual interface address " 7810 MACSTR, MAC2STR(new_addr)); 7811 7812 return 0; 7813 } 7814 7815 7816 struct wdev_info { 7817 u64 wdev_id; 7818 int wdev_id_set; 7819 u8 macaddr[ETH_ALEN]; 7820 }; 7821 7822 static int nl80211_wdev_handler(struct nl_msg *msg, void *arg) 7823 { 7824 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); 7825 struct nlattr *tb[NL80211_ATTR_MAX + 1]; 7826 struct wdev_info *wi = arg; 7827 7828 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), 7829 genlmsg_attrlen(gnlh, 0), NULL); 7830 if (tb[NL80211_ATTR_WDEV]) { 7831 wi->wdev_id = nla_get_u64(tb[NL80211_ATTR_WDEV]); 7832 wi->wdev_id_set = 1; 7833 } 7834 7835 if (tb[NL80211_ATTR_MAC]) 7836 os_memcpy(wi->macaddr, nla_data(tb[NL80211_ATTR_MAC]), 7837 ETH_ALEN); 7838 7839 return NL_SKIP; 7840 } 7841 7842 7843 static int wpa_driver_nl80211_if_add(void *priv, enum wpa_driver_if_type type, 7844 const char *ifname, const u8 *addr, 7845 void *bss_ctx, void **drv_priv, 7846 char *force_ifname, u8 *if_addr, 7847 const char *bridge, int use_existing, 7848 int setup_ap) 7849 { 7850 enum nl80211_iftype nlmode; 7851 struct i802_bss *bss = priv; 7852 struct wpa_driver_nl80211_data *drv = bss->drv; 7853 int ifidx; 7854 int added = 1; 7855 7856 if (addr) 7857 os_memcpy(if_addr, addr, ETH_ALEN); 7858 nlmode = wpa_driver_nl80211_if_type(type); 7859 if (nlmode == NL80211_IFTYPE_P2P_DEVICE) { 7860 struct wdev_info p2pdev_info; 7861 7862 os_memset(&p2pdev_info, 0, sizeof(p2pdev_info)); 7863 ifidx = nl80211_create_iface(drv, ifname, nlmode, addr, 7864 0, nl80211_wdev_handler, 7865 &p2pdev_info, use_existing); 7866 if (!p2pdev_info.wdev_id_set || ifidx != 0) { 7867 wpa_printf(MSG_ERROR, "nl80211: Failed to create a P2P Device interface %s", 7868 ifname); 7869 return -1; 7870 } 7871 7872 drv->global->if_add_wdevid = p2pdev_info.wdev_id; 7873 drv->global->if_add_wdevid_set = p2pdev_info.wdev_id_set; 7874 if (!is_zero_ether_addr(p2pdev_info.macaddr)) 7875 os_memcpy(if_addr, p2pdev_info.macaddr, ETH_ALEN); 7876 wpa_printf(MSG_DEBUG, "nl80211: New P2P Device interface %s (0x%llx) created", 7877 ifname, 7878 (long long unsigned int) p2pdev_info.wdev_id); 7879 } else { 7880 ifidx = nl80211_create_iface(drv, ifname, nlmode, addr, 7881 0, NULL, NULL, use_existing); 7882 if (use_existing && ifidx == -ENFILE) { 7883 added = 0; 7884 ifidx = if_nametoindex(ifname); 7885 } else if (ifidx < 0) { 7886 return -1; 7887 } 7888 } 7889 7890 if (!addr) { 7891 if (nlmode == NL80211_IFTYPE_P2P_DEVICE) 7892 os_memcpy(if_addr, bss->addr, ETH_ALEN); 7893 else if (linux_get_ifhwaddr(drv->global->ioctl_sock, 7894 ifname, if_addr) < 0) { 7895 if (added) 7896 nl80211_remove_iface(drv, ifidx); 7897 return -1; 7898 } 7899 } 7900 7901 if (!addr && 7902 (type == WPA_IF_P2P_CLIENT || type == WPA_IF_P2P_GROUP || 7903 type == WPA_IF_P2P_GO || type == WPA_IF_MESH || 7904 type == WPA_IF_STATION)) { 7905 /* Enforce unique address */ 7906 u8 new_addr[ETH_ALEN]; 7907 7908 if (linux_get_ifhwaddr(drv->global->ioctl_sock, ifname, 7909 new_addr) < 0) { 7910 if (added) 7911 nl80211_remove_iface(drv, ifidx); 7912 return -1; 7913 } 7914 if (nl80211_addr_in_use(drv->global, new_addr)) { 7915 wpa_printf(MSG_DEBUG, "nl80211: Allocate new address " 7916 "for interface %s type %d", ifname, type); 7917 if (nl80211_vif_addr(drv, new_addr) < 0) { 7918 if (added) 7919 nl80211_remove_iface(drv, ifidx); 7920 return -1; 7921 } 7922 if (linux_set_ifhwaddr(drv->global->ioctl_sock, ifname, 7923 new_addr) < 0) { 7924 if (added) 7925 nl80211_remove_iface(drv, ifidx); 7926 return -1; 7927 } 7928 } 7929 os_memcpy(if_addr, new_addr, ETH_ALEN); 7930 } 7931 7932 if (type == WPA_IF_AP_BSS && setup_ap) { 7933 struct i802_bss *new_bss = os_zalloc(sizeof(*new_bss)); 7934 if (new_bss == NULL) { 7935 if (added) 7936 nl80211_remove_iface(drv, ifidx); 7937 return -1; 7938 } 7939 7940 if (bridge && 7941 i802_check_bridge(drv, new_bss, bridge, ifname) < 0) { 7942 wpa_printf(MSG_ERROR, "nl80211: Failed to add the new " 7943 "interface %s to a bridge %s", 7944 ifname, bridge); 7945 if (added) 7946 nl80211_remove_iface(drv, ifidx); 7947 os_free(new_bss); 7948 return -1; 7949 } 7950 7951 if (linux_set_iface_flags(drv->global->ioctl_sock, ifname, 1)) 7952 { 7953 if (added) 7954 nl80211_remove_iface(drv, ifidx); 7955 os_free(new_bss); 7956 return -1; 7957 } 7958 os_strlcpy(new_bss->ifname, ifname, IFNAMSIZ); 7959 os_memcpy(new_bss->addr, if_addr, ETH_ALEN); 7960 new_bss->ifindex = ifidx; 7961 new_bss->drv = drv; 7962 new_bss->next = drv->first_bss->next; 7963 new_bss->freq = drv->first_bss->freq; 7964 new_bss->ctx = bss_ctx; 7965 new_bss->added_if = added; 7966 drv->first_bss->next = new_bss; 7967 if (drv_priv) 7968 *drv_priv = new_bss; 7969 nl80211_init_bss(new_bss); 7970 7971 /* Subscribe management frames for this WPA_IF_AP_BSS */ 7972 if (nl80211_setup_ap(new_bss)) 7973 return -1; 7974 } 7975 7976 if (drv->global) 7977 drv->global->if_add_ifindex = ifidx; 7978 7979 /* 7980 * Some virtual interfaces need to process EAPOL packets and events on 7981 * the parent interface. This is used mainly with hostapd. 7982 */ 7983 if (ifidx > 0 && 7984 (drv->hostapd || 7985 nlmode == NL80211_IFTYPE_AP_VLAN || 7986 nlmode == NL80211_IFTYPE_WDS || 7987 nlmode == NL80211_IFTYPE_MONITOR)) 7988 add_ifidx(drv, ifidx, IFIDX_ANY); 7989 7990 return 0; 7991 } 7992 7993 7994 static int wpa_driver_nl80211_if_remove(struct i802_bss *bss, 7995 enum wpa_driver_if_type type, 7996 const char *ifname) 7997 { 7998 struct wpa_driver_nl80211_data *drv = bss->drv; 7999 int ifindex = if_nametoindex(ifname); 8000 8001 wpa_printf(MSG_DEBUG, "nl80211: %s(type=%d ifname=%s) ifindex=%d added_if=%d", 8002 __func__, type, ifname, ifindex, bss->added_if); 8003 if (ifindex > 0 && (bss->added_if || bss->ifindex != ifindex)) 8004 nl80211_remove_iface(drv, ifindex); 8005 else if (ifindex > 0 && !bss->added_if) { 8006 struct wpa_driver_nl80211_data *drv2; 8007 dl_list_for_each(drv2, &drv->global->interfaces, 8008 struct wpa_driver_nl80211_data, list) { 8009 del_ifidx(drv2, ifindex, IFIDX_ANY); 8010 del_ifidx(drv2, IFIDX_ANY, ifindex); 8011 } 8012 } 8013 8014 if (type != WPA_IF_AP_BSS) 8015 return 0; 8016 8017 if (bss->added_if_into_bridge) { 8018 if (linux_br_del_if(drv->global->ioctl_sock, bss->brname, 8019 bss->ifname) < 0) 8020 wpa_printf(MSG_INFO, "nl80211: Failed to remove " 8021 "interface %s from bridge %s: %s", 8022 bss->ifname, bss->brname, strerror(errno)); 8023 } 8024 if (bss->added_bridge) { 8025 if (linux_br_del(drv->global->ioctl_sock, bss->brname) < 0) 8026 wpa_printf(MSG_INFO, "nl80211: Failed to remove " 8027 "bridge %s: %s", 8028 bss->brname, strerror(errno)); 8029 } 8030 8031 if (bss != drv->first_bss) { 8032 struct i802_bss *tbss; 8033 8034 wpa_printf(MSG_DEBUG, "nl80211: Not the first BSS - remove it"); 8035 for (tbss = drv->first_bss; tbss; tbss = tbss->next) { 8036 if (tbss->next == bss) { 8037 tbss->next = bss->next; 8038 /* Unsubscribe management frames */ 8039 nl80211_teardown_ap(bss); 8040 nl80211_destroy_bss(bss); 8041 if (!bss->added_if) 8042 i802_set_iface_flags(bss, 0); 8043 os_free(bss); 8044 bss = NULL; 8045 break; 8046 } 8047 } 8048 if (bss) 8049 wpa_printf(MSG_INFO, "nl80211: %s - could not find " 8050 "BSS %p in the list", __func__, bss); 8051 } else { 8052 wpa_printf(MSG_DEBUG, "nl80211: First BSS - reassign context"); 8053 nl80211_teardown_ap(bss); 8054 if (!bss->added_if && !drv->first_bss->next) 8055 wpa_driver_nl80211_del_beacon(bss); 8056 nl80211_destroy_bss(bss); 8057 if (!bss->added_if) 8058 i802_set_iface_flags(bss, 0); 8059 if (drv->first_bss->next) { 8060 drv->first_bss = drv->first_bss->next; 8061 drv->ctx = drv->first_bss->ctx; 8062 os_free(bss); 8063 } else { 8064 wpa_printf(MSG_DEBUG, "nl80211: No second BSS to reassign context to"); 8065 } 8066 } 8067 8068 return 0; 8069 } 8070 8071 8072 static int cookie_handler(struct nl_msg *msg, void *arg) 8073 { 8074 struct nlattr *tb[NL80211_ATTR_MAX + 1]; 8075 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); 8076 u64 *cookie = arg; 8077 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), 8078 genlmsg_attrlen(gnlh, 0), NULL); 8079 if (tb[NL80211_ATTR_COOKIE]) 8080 *cookie = nla_get_u64(tb[NL80211_ATTR_COOKIE]); 8081 return NL_SKIP; 8082 } 8083 8084 8085 static int nl80211_send_frame_cmd(struct i802_bss *bss, 8086 unsigned int freq, unsigned int wait, 8087 const u8 *buf, size_t buf_len, 8088 int save_cookie, int no_cck, int no_ack, 8089 int offchanok, const u16 *csa_offs, 8090 size_t csa_offs_len) 8091 { 8092 struct wpa_driver_nl80211_data *drv = bss->drv; 8093 struct nl_msg *msg; 8094 u64 cookie; 8095 int ret = -1; 8096 8097 wpa_printf(MSG_MSGDUMP, "nl80211: CMD_FRAME freq=%u wait=%u no_cck=%d " 8098 "no_ack=%d offchanok=%d", 8099 freq, wait, no_cck, no_ack, offchanok); 8100 wpa_hexdump(MSG_MSGDUMP, "CMD_FRAME", buf, buf_len); 8101 8102 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_FRAME)) || 8103 (freq && nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, freq)) || 8104 (wait && nla_put_u32(msg, NL80211_ATTR_DURATION, wait)) || 8105 (offchanok && ((drv->capa.flags & WPA_DRIVER_FLAGS_OFFCHANNEL_TX) || 8106 drv->test_use_roc_tx) && 8107 nla_put_flag(msg, NL80211_ATTR_OFFCHANNEL_TX_OK)) || 8108 (no_cck && nla_put_flag(msg, NL80211_ATTR_TX_NO_CCK_RATE)) || 8109 (no_ack && nla_put_flag(msg, NL80211_ATTR_DONT_WAIT_FOR_ACK)) || 8110 (csa_offs && nla_put(msg, NL80211_ATTR_CSA_C_OFFSETS_TX, 8111 csa_offs_len * sizeof(u16), csa_offs)) || 8112 nla_put(msg, NL80211_ATTR_FRAME, buf_len, buf)) 8113 goto fail; 8114 8115 cookie = 0; 8116 ret = send_and_recv_msgs(drv, msg, cookie_handler, &cookie, NULL, NULL); 8117 msg = NULL; 8118 if (ret) { 8119 wpa_printf(MSG_DEBUG, "nl80211: Frame command failed: ret=%d " 8120 "(%s) (freq=%u wait=%u)", ret, strerror(-ret), 8121 freq, wait); 8122 } else { 8123 wpa_printf(MSG_MSGDUMP, "nl80211: Frame TX command accepted%s; " 8124 "cookie 0x%llx", no_ack ? " (no ACK)" : "", 8125 (long long unsigned int) cookie); 8126 8127 if (save_cookie) 8128 drv->send_frame_cookie = no_ack ? (u64) -1 : cookie; 8129 8130 if (drv->num_send_frame_cookies == MAX_SEND_FRAME_COOKIES) { 8131 wpa_printf(MSG_DEBUG, 8132 "nl80211: Drop oldest pending send frame cookie 0x%llx", 8133 (long long unsigned int) 8134 drv->send_frame_cookies[0]); 8135 os_memmove(&drv->send_frame_cookies[0], 8136 &drv->send_frame_cookies[1], 8137 (MAX_SEND_FRAME_COOKIES - 1) * 8138 sizeof(u64)); 8139 drv->num_send_frame_cookies--; 8140 } 8141 drv->send_frame_cookies[drv->num_send_frame_cookies] = cookie; 8142 drv->num_send_frame_cookies++; 8143 } 8144 8145 fail: 8146 nlmsg_free(msg); 8147 return ret; 8148 } 8149 8150 8151 static int wpa_driver_nl80211_send_action(struct i802_bss *bss, 8152 unsigned int freq, 8153 unsigned int wait_time, 8154 const u8 *dst, const u8 *src, 8155 const u8 *bssid, 8156 const u8 *data, size_t data_len, 8157 int no_cck) 8158 { 8159 struct wpa_driver_nl80211_data *drv = bss->drv; 8160 int ret = -1; 8161 u8 *buf; 8162 struct ieee80211_hdr *hdr; 8163 int offchanok = 1; 8164 8165 if (is_ap_interface(drv->nlmode) && (int) freq == bss->freq && 8166 bss->beacon_set) 8167 offchanok = 0; 8168 8169 wpa_printf(MSG_DEBUG, "nl80211: Send Action frame (ifindex=%d, " 8170 "freq=%u MHz wait=%d ms no_cck=%d offchanok=%d)", 8171 drv->ifindex, freq, wait_time, no_cck, offchanok); 8172 8173 buf = os_zalloc(24 + data_len); 8174 if (buf == NULL) 8175 return ret; 8176 os_memcpy(buf + 24, data, data_len); 8177 hdr = (struct ieee80211_hdr *) buf; 8178 hdr->frame_control = 8179 IEEE80211_FC(WLAN_FC_TYPE_MGMT, WLAN_FC_STYPE_ACTION); 8180 os_memcpy(hdr->addr1, dst, ETH_ALEN); 8181 os_memcpy(hdr->addr2, src, ETH_ALEN); 8182 os_memcpy(hdr->addr3, bssid, ETH_ALEN); 8183 8184 if (os_memcmp(bss->addr, src, ETH_ALEN) != 0) { 8185 wpa_printf(MSG_DEBUG, "nl80211: Use random TA " MACSTR, 8186 MAC2STR(src)); 8187 os_memcpy(bss->rand_addr, src, ETH_ALEN); 8188 } else { 8189 os_memset(bss->rand_addr, 0, ETH_ALEN); 8190 } 8191 8192 #ifdef CONFIG_MESH 8193 if (is_mesh_interface(drv->nlmode)) { 8194 struct hostapd_hw_modes *modes; 8195 u16 num_modes, flags; 8196 u8 dfs_domain; 8197 int i; 8198 8199 modes = nl80211_get_hw_feature_data(bss, &num_modes, 8200 &flags, &dfs_domain); 8201 if (dfs_domain != HOSTAPD_DFS_REGION_ETSI && 8202 ieee80211_is_dfs(bss->freq, modes, num_modes)) 8203 offchanok = 0; 8204 if (modes) { 8205 for (i = 0; i < num_modes; i++) { 8206 os_free(modes[i].channels); 8207 os_free(modes[i].rates); 8208 } 8209 os_free(modes); 8210 } 8211 } 8212 #endif /* CONFIG_MESH */ 8213 8214 if (is_ap_interface(drv->nlmode) && 8215 (!(drv->capa.flags & WPA_DRIVER_FLAGS_OFFCHANNEL_TX) || 8216 (int) freq == bss->freq || drv->device_ap_sme || 8217 !drv->use_monitor)) 8218 ret = wpa_driver_nl80211_send_mlme(bss, buf, 24 + data_len, 8219 0, freq, no_cck, offchanok, 8220 wait_time, NULL, 0, 0); 8221 else 8222 ret = nl80211_send_frame_cmd(bss, freq, wait_time, buf, 8223 24 + data_len, 8224 1, no_cck, 0, offchanok, NULL, 0); 8225 8226 os_free(buf); 8227 return ret; 8228 } 8229 8230 8231 static void nl80211_frame_wait_cancel(struct i802_bss *bss, u64 cookie) 8232 { 8233 struct wpa_driver_nl80211_data *drv = bss->drv; 8234 struct nl_msg *msg; 8235 int ret; 8236 8237 wpa_printf(MSG_DEBUG, "nl80211: Cancel TX frame wait: cookie=0x%llx", 8238 (long long unsigned int) cookie); 8239 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_FRAME_WAIT_CANCEL)) || 8240 nla_put_u64(msg, NL80211_ATTR_COOKIE, cookie)) { 8241 nlmsg_free(msg); 8242 return; 8243 } 8244 8245 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); 8246 if (ret) 8247 wpa_printf(MSG_DEBUG, "nl80211: wait cancel failed: ret=%d " 8248 "(%s)", ret, strerror(-ret)); 8249 } 8250 8251 8252 static void wpa_driver_nl80211_send_action_cancel_wait(void *priv) 8253 { 8254 struct i802_bss *bss = priv; 8255 struct wpa_driver_nl80211_data *drv = bss->drv; 8256 unsigned int i; 8257 u64 cookie; 8258 8259 /* Cancel the last pending TX cookie */ 8260 nl80211_frame_wait_cancel(bss, drv->send_frame_cookie); 8261 8262 /* 8263 * Cancel the other pending TX cookies, if any. This is needed since 8264 * the driver may keep a list of all pending offchannel TX operations 8265 * and free up the radio only once they have expired or cancelled. 8266 */ 8267 for (i = drv->num_send_frame_cookies; i > 0; i--) { 8268 cookie = drv->send_frame_cookies[i - 1]; 8269 if (cookie != drv->send_frame_cookie) 8270 nl80211_frame_wait_cancel(bss, cookie); 8271 } 8272 drv->num_send_frame_cookies = 0; 8273 } 8274 8275 8276 static int wpa_driver_nl80211_remain_on_channel(void *priv, unsigned int freq, 8277 unsigned int duration) 8278 { 8279 struct i802_bss *bss = priv; 8280 struct wpa_driver_nl80211_data *drv = bss->drv; 8281 struct nl_msg *msg; 8282 int ret; 8283 u64 cookie; 8284 8285 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_REMAIN_ON_CHANNEL)) || 8286 nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, freq) || 8287 nla_put_u32(msg, NL80211_ATTR_DURATION, duration)) { 8288 nlmsg_free(msg); 8289 return -1; 8290 } 8291 8292 cookie = 0; 8293 ret = send_and_recv_msgs(drv, msg, cookie_handler, &cookie, NULL, NULL); 8294 if (ret == 0) { 8295 wpa_printf(MSG_DEBUG, "nl80211: Remain-on-channel cookie " 8296 "0x%llx for freq=%u MHz duration=%u", 8297 (long long unsigned int) cookie, freq, duration); 8298 drv->remain_on_chan_cookie = cookie; 8299 drv->pending_remain_on_chan = 1; 8300 return 0; 8301 } 8302 wpa_printf(MSG_DEBUG, "nl80211: Failed to request remain-on-channel " 8303 "(freq=%d duration=%u): %d (%s)", 8304 freq, duration, ret, strerror(-ret)); 8305 return -1; 8306 } 8307 8308 8309 static int wpa_driver_nl80211_cancel_remain_on_channel(void *priv) 8310 { 8311 struct i802_bss *bss = priv; 8312 struct wpa_driver_nl80211_data *drv = bss->drv; 8313 struct nl_msg *msg; 8314 int ret; 8315 8316 if (!drv->pending_remain_on_chan) { 8317 wpa_printf(MSG_DEBUG, "nl80211: No pending remain-on-channel " 8318 "to cancel"); 8319 return -1; 8320 } 8321 8322 wpa_printf(MSG_DEBUG, "nl80211: Cancel remain-on-channel with cookie " 8323 "0x%llx", 8324 (long long unsigned int) drv->remain_on_chan_cookie); 8325 8326 msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL); 8327 if (!msg || 8328 nla_put_u64(msg, NL80211_ATTR_COOKIE, drv->remain_on_chan_cookie)) { 8329 nlmsg_free(msg); 8330 return -1; 8331 } 8332 8333 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); 8334 if (ret == 0) 8335 return 0; 8336 wpa_printf(MSG_DEBUG, "nl80211: Failed to cancel remain-on-channel: " 8337 "%d (%s)", ret, strerror(-ret)); 8338 return -1; 8339 } 8340 8341 8342 static int wpa_driver_nl80211_probe_req_report(struct i802_bss *bss, int report) 8343 { 8344 struct wpa_driver_nl80211_data *drv = bss->drv; 8345 8346 if (!report) { 8347 if (bss->nl_preq && drv->device_ap_sme && 8348 is_ap_interface(drv->nlmode) && !bss->in_deinit && 8349 !bss->static_ap) { 8350 /* 8351 * Do not disable Probe Request reporting that was 8352 * enabled in nl80211_setup_ap(). 8353 */ 8354 wpa_printf(MSG_DEBUG, "nl80211: Skip disabling of " 8355 "Probe Request reporting nl_preq=%p while " 8356 "in AP mode", bss->nl_preq); 8357 } else if (bss->nl_preq) { 8358 wpa_printf(MSG_DEBUG, "nl80211: Disable Probe Request " 8359 "reporting nl_preq=%p", bss->nl_preq); 8360 nl80211_destroy_eloop_handle(&bss->nl_preq, 0); 8361 } 8362 return 0; 8363 } 8364 8365 if (bss->nl_preq) { 8366 wpa_printf(MSG_DEBUG, "nl80211: Probe Request reporting " 8367 "already on! nl_preq=%p", bss->nl_preq); 8368 return 0; 8369 } 8370 8371 bss->nl_preq = nl_create_handle(drv->global->nl_cb, "preq"); 8372 if (bss->nl_preq == NULL) 8373 return -1; 8374 wpa_printf(MSG_DEBUG, "nl80211: Enable Probe Request " 8375 "reporting nl_preq=%p", bss->nl_preq); 8376 8377 if (nl80211_register_frame(bss, bss->nl_preq, 8378 (WLAN_FC_TYPE_MGMT << 2) | 8379 (WLAN_FC_STYPE_PROBE_REQ << 4), 8380 NULL, 0, false) < 0) 8381 goto out_err; 8382 8383 nl80211_register_eloop_read(&bss->nl_preq, 8384 wpa_driver_nl80211_event_receive, 8385 bss->nl_cb, 0); 8386 8387 return 0; 8388 8389 out_err: 8390 nl_destroy_handles(&bss->nl_preq); 8391 return -1; 8392 } 8393 8394 8395 static int nl80211_disable_11b_rates(struct wpa_driver_nl80211_data *drv, 8396 int ifindex, int disabled) 8397 { 8398 struct nl_msg *msg; 8399 struct nlattr *bands, *band; 8400 int ret; 8401 8402 wpa_printf(MSG_DEBUG, 8403 "nl80211: NL80211_CMD_SET_TX_BITRATE_MASK (ifindex=%d %s)", 8404 ifindex, disabled ? "NL80211_TXRATE_LEGACY=OFDM-only" : 8405 "no NL80211_TXRATE_LEGACY constraint"); 8406 8407 msg = nl80211_ifindex_msg(drv, ifindex, 0, 8408 NL80211_CMD_SET_TX_BITRATE_MASK); 8409 if (!msg) 8410 return -1; 8411 8412 bands = nla_nest_start(msg, NL80211_ATTR_TX_RATES); 8413 if (!bands) 8414 goto fail; 8415 8416 /* 8417 * Disable 2 GHz rates 1, 2, 5.5, 11 Mbps by masking out everything 8418 * else apart from 6, 9, 12, 18, 24, 36, 48, 54 Mbps from non-MCS 8419 * rates. All 5 GHz rates are left enabled. 8420 */ 8421 band = nla_nest_start(msg, NL80211_BAND_2GHZ); 8422 if (!band || 8423 (disabled && nla_put(msg, NL80211_TXRATE_LEGACY, 8, 8424 "\x0c\x12\x18\x24\x30\x48\x60\x6c"))) 8425 goto fail; 8426 nla_nest_end(msg, band); 8427 8428 nla_nest_end(msg, bands); 8429 8430 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); 8431 if (ret) { 8432 wpa_printf(MSG_DEBUG, "nl80211: Set TX rates failed: ret=%d " 8433 "(%s)", ret, strerror(-ret)); 8434 } else 8435 drv->disabled_11b_rates = disabled; 8436 8437 return ret; 8438 8439 fail: 8440 nlmsg_free(msg); 8441 return -1; 8442 } 8443 8444 8445 static int wpa_driver_nl80211_deinit_ap(void *priv) 8446 { 8447 struct i802_bss *bss = priv; 8448 struct wpa_driver_nl80211_data *drv = bss->drv; 8449 if (!is_ap_interface(drv->nlmode)) 8450 return -1; 8451 wpa_driver_nl80211_del_beacon(bss); 8452 bss->beacon_set = 0; 8453 8454 /* 8455 * If the P2P GO interface was dynamically added, then it is 8456 * possible that the interface change to station is not possible. 8457 */ 8458 if (drv->nlmode == NL80211_IFTYPE_P2P_GO && bss->if_dynamic) 8459 return 0; 8460 8461 return wpa_driver_nl80211_set_mode(priv, NL80211_IFTYPE_STATION); 8462 } 8463 8464 8465 static int wpa_driver_nl80211_stop_ap(void *priv) 8466 { 8467 struct i802_bss *bss = priv; 8468 struct wpa_driver_nl80211_data *drv = bss->drv; 8469 if (!is_ap_interface(drv->nlmode)) 8470 return -1; 8471 wpa_driver_nl80211_del_beacon(bss); 8472 bss->beacon_set = 0; 8473 return 0; 8474 } 8475 8476 8477 static int wpa_driver_nl80211_deinit_p2p_cli(void *priv) 8478 { 8479 struct i802_bss *bss = priv; 8480 struct wpa_driver_nl80211_data *drv = bss->drv; 8481 if (drv->nlmode != NL80211_IFTYPE_P2P_CLIENT) 8482 return -1; 8483 8484 /* 8485 * If the P2P Client interface was dynamically added, then it is 8486 * possible that the interface change to station is not possible. 8487 */ 8488 if (bss->if_dynamic) 8489 return 0; 8490 8491 return wpa_driver_nl80211_set_mode(priv, NL80211_IFTYPE_STATION); 8492 } 8493 8494 8495 static void wpa_driver_nl80211_resume(void *priv) 8496 { 8497 struct i802_bss *bss = priv; 8498 enum nl80211_iftype nlmode = nl80211_get_ifmode(bss); 8499 8500 if (i802_set_iface_flags(bss, 1)) 8501 wpa_printf(MSG_DEBUG, "nl80211: Failed to set interface up on resume event"); 8502 8503 if (is_p2p_net_interface(nlmode)) 8504 nl80211_disable_11b_rates(bss->drv, bss->drv->ifindex, 1); 8505 } 8506 8507 8508 static int nl80211_signal_monitor(void *priv, int threshold, int hysteresis) 8509 { 8510 struct i802_bss *bss = priv; 8511 struct wpa_driver_nl80211_data *drv = bss->drv; 8512 struct nl_msg *msg; 8513 struct nlattr *cqm; 8514 8515 wpa_printf(MSG_DEBUG, "nl80211: Signal monitor threshold=%d " 8516 "hysteresis=%d", threshold, hysteresis); 8517 8518 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_CQM)) || 8519 !(cqm = nla_nest_start(msg, NL80211_ATTR_CQM)) || 8520 nla_put_u32(msg, NL80211_ATTR_CQM_RSSI_THOLD, threshold) || 8521 nla_put_u32(msg, NL80211_ATTR_CQM_RSSI_HYST, hysteresis)) { 8522 nlmsg_free(msg); 8523 return -1; 8524 } 8525 nla_nest_end(msg, cqm); 8526 8527 return send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); 8528 } 8529 8530 8531 static int get_channel_width(struct nl_msg *msg, void *arg) 8532 { 8533 struct nlattr *tb[NL80211_ATTR_MAX + 1]; 8534 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); 8535 struct wpa_signal_info *sig_change = arg; 8536 8537 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), 8538 genlmsg_attrlen(gnlh, 0), NULL); 8539 8540 sig_change->center_frq1 = -1; 8541 sig_change->center_frq2 = -1; 8542 sig_change->chanwidth = CHAN_WIDTH_UNKNOWN; 8543 8544 if (tb[NL80211_ATTR_CHANNEL_WIDTH]) { 8545 sig_change->chanwidth = convert2width( 8546 nla_get_u32(tb[NL80211_ATTR_CHANNEL_WIDTH])); 8547 if (tb[NL80211_ATTR_CENTER_FREQ1]) 8548 sig_change->center_frq1 = 8549 nla_get_u32(tb[NL80211_ATTR_CENTER_FREQ1]); 8550 if (tb[NL80211_ATTR_CENTER_FREQ2]) 8551 sig_change->center_frq2 = 8552 nla_get_u32(tb[NL80211_ATTR_CENTER_FREQ2]); 8553 } 8554 8555 return NL_SKIP; 8556 } 8557 8558 8559 static int nl80211_get_channel_width(struct wpa_driver_nl80211_data *drv, 8560 struct wpa_signal_info *sig) 8561 { 8562 struct nl_msg *msg; 8563 8564 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_GET_INTERFACE); 8565 return send_and_recv_msgs(drv, msg, get_channel_width, sig, NULL, NULL); 8566 } 8567 8568 8569 static int nl80211_signal_poll(void *priv, struct wpa_signal_info *si) 8570 { 8571 struct i802_bss *bss = priv; 8572 struct wpa_driver_nl80211_data *drv = bss->drv; 8573 int res; 8574 8575 os_memset(si, 0, sizeof(*si)); 8576 res = nl80211_get_link_signal(drv, si); 8577 if (res) { 8578 if (drv->nlmode != NL80211_IFTYPE_ADHOC && 8579 drv->nlmode != NL80211_IFTYPE_MESH_POINT) 8580 return res; 8581 si->current_signal = 0; 8582 } 8583 8584 res = nl80211_get_channel_width(drv, si); 8585 if (res != 0) 8586 return res; 8587 8588 return nl80211_get_link_noise(drv, si); 8589 } 8590 8591 8592 static int nl80211_set_param(void *priv, const char *param) 8593 { 8594 struct i802_bss *bss = priv; 8595 struct wpa_driver_nl80211_data *drv = bss->drv; 8596 8597 if (param == NULL) 8598 return 0; 8599 wpa_printf(MSG_DEBUG, "nl80211: driver param='%s'", param); 8600 8601 #ifdef CONFIG_P2P 8602 if (os_strstr(param, "use_p2p_group_interface=1")) { 8603 wpa_printf(MSG_DEBUG, "nl80211: Use separate P2P group " 8604 "interface"); 8605 drv->capa.flags |= WPA_DRIVER_FLAGS_P2P_CONCURRENT; 8606 drv->capa.flags |= WPA_DRIVER_FLAGS_P2P_MGMT_AND_NON_P2P; 8607 } 8608 #endif /* CONFIG_P2P */ 8609 8610 if (os_strstr(param, "use_monitor=1")) 8611 drv->use_monitor = 1; 8612 8613 if (os_strstr(param, "force_connect_cmd=1")) { 8614 drv->capa.flags &= ~WPA_DRIVER_FLAGS_SME; 8615 drv->force_connect_cmd = 1; 8616 } 8617 8618 if (os_strstr(param, "force_bss_selection=1")) 8619 drv->capa.flags |= WPA_DRIVER_FLAGS_BSS_SELECTION; 8620 8621 if (os_strstr(param, "no_offchannel_tx=1")) { 8622 drv->capa.flags &= ~WPA_DRIVER_FLAGS_OFFCHANNEL_TX; 8623 drv->test_use_roc_tx = 1; 8624 } 8625 8626 if (os_strstr(param, "control_port=0")) { 8627 drv->capa.flags &= ~WPA_DRIVER_FLAGS_CONTROL_PORT; 8628 drv->capa.flags2 &= ~(WPA_DRIVER_FLAGS2_CONTROL_PORT_RX | 8629 WPA_DRIVER_FLAGS2_CONTROL_PORT_TX_STATUS); 8630 drv->control_port_ap = 0; 8631 } 8632 8633 if (os_strstr(param, "control_port_ap=1")) 8634 drv->control_port_ap = 1; 8635 8636 if (os_strstr(param, "control_port_ap=0")) { 8637 drv->capa.flags2 &= ~WPA_DRIVER_FLAGS2_CONTROL_PORT_TX_STATUS; 8638 drv->control_port_ap = 0; 8639 } 8640 8641 if (os_strstr(param, "full_ap_client_state=0")) 8642 drv->capa.flags &= ~WPA_DRIVER_FLAGS_FULL_AP_CLIENT_STATE; 8643 8644 if (os_strstr(param, "no_rrm=1")) { 8645 drv->no_rrm = 1; 8646 8647 if (!bss->in_deinit && !is_ap_interface(drv->nlmode) && 8648 !is_mesh_interface(drv->nlmode)) { 8649 nl80211_mgmt_unsubscribe(bss, "no_rrm=1"); 8650 if (nl80211_mgmt_subscribe_non_ap(bss) < 0) 8651 wpa_printf(MSG_DEBUG, 8652 "nl80211: Failed to re-register Action frame processing - ignore for now"); 8653 } 8654 } 8655 8656 return 0; 8657 } 8658 8659 8660 static void * nl80211_global_init(void *ctx) 8661 { 8662 struct nl80211_global *global; 8663 struct netlink_config *cfg; 8664 8665 global = os_zalloc(sizeof(*global)); 8666 if (global == NULL) 8667 return NULL; 8668 global->ctx = ctx; 8669 global->ioctl_sock = -1; 8670 dl_list_init(&global->interfaces); 8671 global->if_add_ifindex = -1; 8672 8673 cfg = os_zalloc(sizeof(*cfg)); 8674 if (cfg == NULL) 8675 goto err; 8676 8677 cfg->ctx = global; 8678 cfg->newlink_cb = wpa_driver_nl80211_event_rtm_newlink; 8679 cfg->dellink_cb = wpa_driver_nl80211_event_rtm_dellink; 8680 global->netlink = netlink_init(cfg); 8681 if (global->netlink == NULL) { 8682 os_free(cfg); 8683 goto err; 8684 } 8685 8686 if (wpa_driver_nl80211_init_nl_global(global) < 0) 8687 goto err; 8688 8689 global->ioctl_sock = socket(PF_INET, SOCK_DGRAM, 0); 8690 if (global->ioctl_sock < 0) { 8691 wpa_printf(MSG_ERROR, "nl80211: socket(PF_INET,SOCK_DGRAM) failed: %s", 8692 strerror(errno)); 8693 goto err; 8694 } 8695 8696 return global; 8697 8698 err: 8699 nl80211_global_deinit(global); 8700 return NULL; 8701 } 8702 8703 8704 static void nl80211_global_deinit(void *priv) 8705 { 8706 struct nl80211_global *global = priv; 8707 if (global == NULL) 8708 return; 8709 if (!dl_list_empty(&global->interfaces)) { 8710 wpa_printf(MSG_ERROR, "nl80211: %u interface(s) remain at " 8711 "nl80211_global_deinit", 8712 dl_list_len(&global->interfaces)); 8713 } 8714 8715 if (global->netlink) 8716 netlink_deinit(global->netlink); 8717 8718 nl_destroy_handles(&global->nl); 8719 8720 if (global->nl_event) 8721 nl80211_destroy_eloop_handle(&global->nl_event, 0); 8722 8723 nl_cb_put(global->nl_cb); 8724 8725 if (global->ioctl_sock >= 0) 8726 close(global->ioctl_sock); 8727 8728 os_free(global); 8729 } 8730 8731 8732 static const char * nl80211_get_radio_name(void *priv) 8733 { 8734 struct i802_bss *bss = priv; 8735 struct wpa_driver_nl80211_data *drv = bss->drv; 8736 return drv->phyname; 8737 } 8738 8739 8740 static int nl80211_pmkid(struct i802_bss *bss, int cmd, 8741 struct wpa_pmkid_params *params) 8742 { 8743 struct nl_msg *msg; 8744 const size_t PMK_MAX_LEN = 48; /* current cfg80211 limit */ 8745 8746 if (!(msg = nl80211_bss_msg(bss, 0, cmd)) || 8747 (params->pmkid && 8748 nla_put(msg, NL80211_ATTR_PMKID, 16, params->pmkid)) || 8749 (params->bssid && 8750 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid)) || 8751 (params->ssid_len && 8752 nla_put(msg, NL80211_ATTR_SSID, params->ssid_len, params->ssid)) || 8753 (params->fils_cache_id && 8754 nla_put(msg, NL80211_ATTR_FILS_CACHE_ID, 2, 8755 params->fils_cache_id)) || 8756 (params->pmk_lifetime && 8757 nla_put_u32(msg, NL80211_ATTR_PMK_LIFETIME, 8758 params->pmk_lifetime)) || 8759 (params->pmk_reauth_threshold && 8760 nla_put_u8(msg, NL80211_ATTR_PMK_REAUTH_THRESHOLD, 8761 params->pmk_reauth_threshold)) || 8762 (cmd != NL80211_CMD_DEL_PMKSA && 8763 params->pmk_len && params->pmk_len <= PMK_MAX_LEN && 8764 nla_put(msg, NL80211_ATTR_PMK, params->pmk_len, params->pmk))) { 8765 nl80211_nlmsg_clear(msg); 8766 nlmsg_free(msg); 8767 return -ENOBUFS; 8768 } 8769 8770 return send_and_recv_msgs(bss->drv, msg, NULL, NULL, NULL, NULL); 8771 } 8772 8773 8774 static int nl80211_add_pmkid(void *priv, struct wpa_pmkid_params *params) 8775 { 8776 struct i802_bss *bss = priv; 8777 int ret; 8778 8779 if (params->bssid) 8780 wpa_printf(MSG_DEBUG, "nl80211: Add PMKID for " MACSTR, 8781 MAC2STR(params->bssid)); 8782 else if (params->fils_cache_id && params->ssid_len) { 8783 wpa_printf(MSG_DEBUG, 8784 "nl80211: Add PMKSA for cache id %02x%02x SSID %s", 8785 params->fils_cache_id[0], params->fils_cache_id[1], 8786 wpa_ssid_txt(params->ssid, params->ssid_len)); 8787 } 8788 8789 ret = nl80211_pmkid(bss, NL80211_CMD_SET_PMKSA, params); 8790 if (ret < 0) { 8791 wpa_printf(MSG_DEBUG, 8792 "nl80211: NL80211_CMD_SET_PMKSA failed: %d (%s)", 8793 ret, strerror(-ret)); 8794 } 8795 8796 return ret; 8797 } 8798 8799 8800 static int nl80211_remove_pmkid(void *priv, struct wpa_pmkid_params *params) 8801 { 8802 struct i802_bss *bss = priv; 8803 int ret; 8804 8805 if (params->bssid) 8806 wpa_printf(MSG_DEBUG, "nl80211: Delete PMKID for " MACSTR, 8807 MAC2STR(params->bssid)); 8808 else if (params->fils_cache_id && params->ssid_len) { 8809 wpa_printf(MSG_DEBUG, 8810 "nl80211: Delete PMKSA for cache id %02x%02x SSID %s", 8811 params->fils_cache_id[0], params->fils_cache_id[1], 8812 wpa_ssid_txt(params->ssid, params->ssid_len)); 8813 } 8814 8815 ret = nl80211_pmkid(bss, NL80211_CMD_DEL_PMKSA, params); 8816 if (ret < 0) { 8817 wpa_printf(MSG_DEBUG, 8818 "nl80211: NL80211_CMD_DEL_PMKSA failed: %d (%s)", 8819 ret, strerror(-ret)); 8820 } 8821 8822 return ret; 8823 } 8824 8825 8826 static int nl80211_flush_pmkid(void *priv) 8827 { 8828 struct i802_bss *bss = priv; 8829 struct nl_msg *msg; 8830 8831 wpa_printf(MSG_DEBUG, "nl80211: Flush PMKIDs"); 8832 msg = nl80211_bss_msg(bss, 0, NL80211_CMD_FLUSH_PMKSA); 8833 if (!msg) 8834 return -ENOBUFS; 8835 return send_and_recv_msgs(bss->drv, msg, NULL, NULL, NULL, NULL); 8836 } 8837 8838 8839 static void clean_survey_results(struct survey_results *survey_results) 8840 { 8841 struct freq_survey *survey, *tmp; 8842 8843 if (dl_list_empty(&survey_results->survey_list)) 8844 return; 8845 8846 dl_list_for_each_safe(survey, tmp, &survey_results->survey_list, 8847 struct freq_survey, list) { 8848 dl_list_del(&survey->list); 8849 os_free(survey); 8850 } 8851 } 8852 8853 8854 static void add_survey(struct nlattr **sinfo, u32 ifidx, 8855 struct dl_list *survey_list) 8856 { 8857 struct freq_survey *survey; 8858 8859 survey = os_zalloc(sizeof(struct freq_survey)); 8860 if (!survey) 8861 return; 8862 8863 survey->ifidx = ifidx; 8864 survey->freq = nla_get_u32(sinfo[NL80211_SURVEY_INFO_FREQUENCY]); 8865 survey->filled = 0; 8866 8867 if (sinfo[NL80211_SURVEY_INFO_NOISE]) { 8868 survey->nf = (int8_t) 8869 nla_get_u8(sinfo[NL80211_SURVEY_INFO_NOISE]); 8870 survey->filled |= SURVEY_HAS_NF; 8871 } 8872 8873 if (sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME]) { 8874 survey->channel_time = 8875 nla_get_u64(sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME]); 8876 survey->filled |= SURVEY_HAS_CHAN_TIME; 8877 } 8878 8879 if (sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_BUSY]) { 8880 survey->channel_time_busy = 8881 nla_get_u64(sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_BUSY]); 8882 survey->filled |= SURVEY_HAS_CHAN_TIME_BUSY; 8883 } 8884 8885 if (sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_RX]) { 8886 survey->channel_time_rx = 8887 nla_get_u64(sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_RX]); 8888 survey->filled |= SURVEY_HAS_CHAN_TIME_RX; 8889 } 8890 8891 if (sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_TX]) { 8892 survey->channel_time_tx = 8893 nla_get_u64(sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_TX]); 8894 survey->filled |= SURVEY_HAS_CHAN_TIME_TX; 8895 } 8896 8897 wpa_printf(MSG_DEBUG, "nl80211: Freq survey dump event (freq=%d MHz noise=%d channel_time=%ld busy_time=%ld tx_time=%ld rx_time=%ld filled=%04x)", 8898 survey->freq, 8899 survey->nf, 8900 (unsigned long int) survey->channel_time, 8901 (unsigned long int) survey->channel_time_busy, 8902 (unsigned long int) survey->channel_time_tx, 8903 (unsigned long int) survey->channel_time_rx, 8904 survey->filled); 8905 8906 dl_list_add_tail(survey_list, &survey->list); 8907 } 8908 8909 8910 static int check_survey_ok(struct nlattr **sinfo, u32 surveyed_freq, 8911 unsigned int freq_filter) 8912 { 8913 if (!freq_filter) 8914 return 1; 8915 8916 return freq_filter == surveyed_freq; 8917 } 8918 8919 8920 static int survey_handler(struct nl_msg *msg, void *arg) 8921 { 8922 struct nlattr *tb[NL80211_ATTR_MAX + 1]; 8923 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); 8924 struct nlattr *sinfo[NL80211_SURVEY_INFO_MAX + 1]; 8925 struct survey_results *survey_results; 8926 u32 surveyed_freq = 0; 8927 u32 ifidx; 8928 8929 static struct nla_policy survey_policy[NL80211_SURVEY_INFO_MAX + 1] = { 8930 [NL80211_SURVEY_INFO_FREQUENCY] = { .type = NLA_U32 }, 8931 [NL80211_SURVEY_INFO_NOISE] = { .type = NLA_U8 }, 8932 }; 8933 8934 survey_results = (struct survey_results *) arg; 8935 8936 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), 8937 genlmsg_attrlen(gnlh, 0), NULL); 8938 8939 if (!tb[NL80211_ATTR_IFINDEX]) 8940 return NL_SKIP; 8941 8942 ifidx = nla_get_u32(tb[NL80211_ATTR_IFINDEX]); 8943 8944 if (!tb[NL80211_ATTR_SURVEY_INFO]) 8945 return NL_SKIP; 8946 8947 if (nla_parse_nested(sinfo, NL80211_SURVEY_INFO_MAX, 8948 tb[NL80211_ATTR_SURVEY_INFO], 8949 survey_policy)) 8950 return NL_SKIP; 8951 8952 if (!sinfo[NL80211_SURVEY_INFO_FREQUENCY]) { 8953 wpa_printf(MSG_ERROR, "nl80211: Invalid survey data"); 8954 return NL_SKIP; 8955 } 8956 8957 surveyed_freq = nla_get_u32(sinfo[NL80211_SURVEY_INFO_FREQUENCY]); 8958 8959 if (!check_survey_ok(sinfo, surveyed_freq, 8960 survey_results->freq_filter)) 8961 return NL_SKIP; 8962 8963 if (survey_results->freq_filter && 8964 survey_results->freq_filter != surveyed_freq) { 8965 wpa_printf(MSG_EXCESSIVE, "nl80211: Ignoring survey data for freq %d MHz", 8966 surveyed_freq); 8967 return NL_SKIP; 8968 } 8969 8970 add_survey(sinfo, ifidx, &survey_results->survey_list); 8971 8972 return NL_SKIP; 8973 } 8974 8975 8976 static int wpa_driver_nl80211_get_survey(void *priv, unsigned int freq) 8977 { 8978 struct i802_bss *bss = priv; 8979 struct wpa_driver_nl80211_data *drv = bss->drv; 8980 struct nl_msg *msg; 8981 int err; 8982 union wpa_event_data data; 8983 struct survey_results *survey_results; 8984 8985 os_memset(&data, 0, sizeof(data)); 8986 survey_results = &data.survey_results; 8987 8988 dl_list_init(&survey_results->survey_list); 8989 8990 msg = nl80211_drv_msg(drv, NLM_F_DUMP, NL80211_CMD_GET_SURVEY); 8991 if (!msg) 8992 return -ENOBUFS; 8993 8994 if (freq) 8995 data.survey_results.freq_filter = freq; 8996 8997 do { 8998 wpa_printf(MSG_DEBUG, "nl80211: Fetch survey data"); 8999 err = send_and_recv_msgs(drv, msg, survey_handler, 9000 survey_results, NULL, NULL); 9001 } while (err > 0); 9002 9003 if (err) 9004 wpa_printf(MSG_ERROR, "nl80211: Failed to process survey data"); 9005 else 9006 wpa_supplicant_event(drv->ctx, EVENT_SURVEY, &data); 9007 9008 clean_survey_results(survey_results); 9009 return err; 9010 } 9011 9012 9013 static void nl80211_set_rekey_info(void *priv, const u8 *kek, size_t kek_len, 9014 const u8 *kck, size_t kck_len, 9015 const u8 *replay_ctr) 9016 { 9017 struct i802_bss *bss = priv; 9018 struct wpa_driver_nl80211_data *drv = bss->drv; 9019 struct nlattr *replay_nested; 9020 struct nl_msg *msg; 9021 int ret; 9022 9023 if (!drv->set_rekey_offload) 9024 return; 9025 9026 wpa_printf(MSG_DEBUG, "nl80211: Set rekey offload"); 9027 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_REKEY_OFFLOAD)) || 9028 !(replay_nested = nla_nest_start(msg, NL80211_ATTR_REKEY_DATA)) || 9029 nla_put(msg, NL80211_REKEY_DATA_KEK, kek_len, kek) || 9030 (kck_len && nla_put(msg, NL80211_REKEY_DATA_KCK, kck_len, kck)) || 9031 nla_put(msg, NL80211_REKEY_DATA_REPLAY_CTR, NL80211_REPLAY_CTR_LEN, 9032 replay_ctr)) { 9033 nl80211_nlmsg_clear(msg); 9034 nlmsg_free(msg); 9035 return; 9036 } 9037 9038 nla_nest_end(msg, replay_nested); 9039 9040 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); 9041 if (ret == -EOPNOTSUPP) { 9042 wpa_printf(MSG_DEBUG, 9043 "nl80211: Driver does not support rekey offload"); 9044 drv->set_rekey_offload = 0; 9045 } 9046 } 9047 9048 9049 static void nl80211_send_null_frame(struct i802_bss *bss, const u8 *own_addr, 9050 const u8 *addr, int qos) 9051 { 9052 /* send data frame to poll STA and check whether 9053 * this frame is ACKed */ 9054 struct { 9055 struct ieee80211_hdr hdr; 9056 u16 qos_ctl; 9057 } STRUCT_PACKED nulldata; 9058 size_t size; 9059 9060 /* Send data frame to poll STA and check whether this frame is ACKed */ 9061 9062 os_memset(&nulldata, 0, sizeof(nulldata)); 9063 9064 if (qos) { 9065 nulldata.hdr.frame_control = 9066 IEEE80211_FC(WLAN_FC_TYPE_DATA, 9067 WLAN_FC_STYPE_QOS_NULL); 9068 size = sizeof(nulldata); 9069 } else { 9070 nulldata.hdr.frame_control = 9071 IEEE80211_FC(WLAN_FC_TYPE_DATA, 9072 WLAN_FC_STYPE_NULLFUNC); 9073 size = sizeof(struct ieee80211_hdr); 9074 } 9075 9076 nulldata.hdr.frame_control |= host_to_le16(WLAN_FC_FROMDS); 9077 os_memcpy(nulldata.hdr.IEEE80211_DA_FROMDS, addr, ETH_ALEN); 9078 os_memcpy(nulldata.hdr.IEEE80211_BSSID_FROMDS, own_addr, ETH_ALEN); 9079 os_memcpy(nulldata.hdr.IEEE80211_SA_FROMDS, own_addr, ETH_ALEN); 9080 9081 if (wpa_driver_nl80211_send_mlme(bss, (u8 *) &nulldata, size, 0, 0, 0, 9082 0, 0, NULL, 0, 0) < 0) 9083 wpa_printf(MSG_DEBUG, "nl80211_send_null_frame: Failed to " 9084 "send poll frame"); 9085 } 9086 9087 static void nl80211_poll_client(void *priv, const u8 *own_addr, const u8 *addr, 9088 int qos) 9089 { 9090 struct i802_bss *bss = priv; 9091 struct wpa_driver_nl80211_data *drv = bss->drv; 9092 struct nl_msg *msg; 9093 u64 cookie; 9094 int ret; 9095 9096 if (!drv->poll_command_supported) { 9097 nl80211_send_null_frame(bss, own_addr, addr, qos); 9098 return; 9099 } 9100 9101 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_PROBE_CLIENT)) || 9102 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) { 9103 nlmsg_free(msg); 9104 return; 9105 } 9106 9107 ret = send_and_recv_msgs(drv, msg, cookie_handler, &cookie, NULL, NULL); 9108 if (ret < 0) { 9109 wpa_printf(MSG_DEBUG, "nl80211: Client probe request for " 9110 MACSTR " failed: ret=%d (%s)", 9111 MAC2STR(addr), ret, strerror(-ret)); 9112 } else { 9113 wpa_printf(MSG_DEBUG, 9114 "nl80211: Client probe request addr=" MACSTR 9115 " cookie=%llu", MAC2STR(addr), 9116 (long long unsigned int) cookie); 9117 } 9118 } 9119 9120 9121 static int nl80211_set_power_save(struct i802_bss *bss, int enabled) 9122 { 9123 struct nl_msg *msg; 9124 int ret; 9125 9126 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_POWER_SAVE)) || 9127 nla_put_u32(msg, NL80211_ATTR_PS_STATE, 9128 enabled ? NL80211_PS_ENABLED : NL80211_PS_DISABLED)) { 9129 nlmsg_free(msg); 9130 return -ENOBUFS; 9131 } 9132 9133 ret = send_and_recv_msgs(bss->drv, msg, NULL, NULL, NULL, NULL); 9134 if (ret < 0) { 9135 wpa_printf(MSG_DEBUG, 9136 "nl80211: Setting PS state %s failed: %d (%s)", 9137 enabled ? "enabled" : "disabled", 9138 ret, strerror(-ret)); 9139 } 9140 return ret; 9141 } 9142 9143 9144 static int nl80211_set_p2p_powersave(void *priv, int legacy_ps, int opp_ps, 9145 int ctwindow) 9146 { 9147 struct i802_bss *bss = priv; 9148 9149 wpa_printf(MSG_DEBUG, "nl80211: set_p2p_powersave (legacy_ps=%d " 9150 "opp_ps=%d ctwindow=%d)", legacy_ps, opp_ps, ctwindow); 9151 9152 if (opp_ps != -1 || ctwindow != -1) { 9153 #ifdef ANDROID_P2P 9154 wpa_driver_set_p2p_ps(priv, legacy_ps, opp_ps, ctwindow); 9155 #else /* ANDROID_P2P */ 9156 return -1; /* Not yet supported */ 9157 #endif /* ANDROID_P2P */ 9158 } 9159 9160 if (legacy_ps == -1) 9161 return 0; 9162 if (legacy_ps != 0 && legacy_ps != 1) 9163 return -1; /* Not yet supported */ 9164 9165 return nl80211_set_power_save(bss, legacy_ps); 9166 } 9167 9168 9169 static int nl80211_start_radar_detection(void *priv, 9170 struct hostapd_freq_params *freq) 9171 { 9172 struct i802_bss *bss = priv; 9173 struct wpa_driver_nl80211_data *drv = bss->drv; 9174 struct nl_msg *msg; 9175 int ret; 9176 9177 wpa_printf(MSG_DEBUG, "nl80211: Start radar detection (CAC) %d MHz (ht_enabled=%d, vht_enabled=%d, he_enabled=%d, bandwidth=%d MHz, cf1=%d MHz, cf2=%d MHz)", 9178 freq->freq, freq->ht_enabled, freq->vht_enabled, freq->he_enabled, 9179 freq->bandwidth, freq->center_freq1, freq->center_freq2); 9180 9181 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_RADAR)) { 9182 wpa_printf(MSG_DEBUG, "nl80211: Driver does not support radar " 9183 "detection"); 9184 return -1; 9185 } 9186 9187 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_RADAR_DETECT)) || 9188 nl80211_put_freq_params(msg, freq) < 0) { 9189 nlmsg_free(msg); 9190 return -1; 9191 } 9192 9193 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); 9194 if (ret == 0) 9195 return 0; 9196 wpa_printf(MSG_DEBUG, "nl80211: Failed to start radar detection: " 9197 "%d (%s)", ret, strerror(-ret)); 9198 return -1; 9199 } 9200 9201 #ifdef CONFIG_TDLS 9202 9203 static int nl80211_add_peer_capab(struct nl_msg *msg, 9204 enum tdls_peer_capability capa) 9205 { 9206 u32 peer_capab = 0; 9207 9208 if (!capa) 9209 return 0; 9210 9211 if (capa & TDLS_PEER_HT) 9212 peer_capab |= NL80211_TDLS_PEER_HT; 9213 if (capa & TDLS_PEER_VHT) 9214 peer_capab |= NL80211_TDLS_PEER_VHT; 9215 if (capa & TDLS_PEER_WMM) 9216 peer_capab |= NL80211_TDLS_PEER_WMM; 9217 if (capa & TDLS_PEER_HE) 9218 peer_capab |= NL80211_TDLS_PEER_HE; 9219 9220 return nla_put_u32(msg, NL80211_ATTR_TDLS_PEER_CAPABILITY, 9221 peer_capab); 9222 } 9223 9224 9225 static int nl80211_send_tdls_mgmt(void *priv, const u8 *dst, u8 action_code, 9226 u8 dialog_token, u16 status_code, 9227 u32 peer_capab, int initiator, const u8 *buf, 9228 size_t len) 9229 { 9230 struct i802_bss *bss = priv; 9231 struct wpa_driver_nl80211_data *drv = bss->drv; 9232 struct nl_msg *msg; 9233 9234 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT)) 9235 return -EOPNOTSUPP; 9236 9237 if (!dst) 9238 return -EINVAL; 9239 9240 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_TDLS_MGMT)) || 9241 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, dst) || 9242 nla_put_u8(msg, NL80211_ATTR_TDLS_ACTION, action_code) || 9243 nla_put_u8(msg, NL80211_ATTR_TDLS_DIALOG_TOKEN, dialog_token) || 9244 nla_put_u16(msg, NL80211_ATTR_STATUS_CODE, status_code) || 9245 nl80211_add_peer_capab(msg, peer_capab) || 9246 (initiator && nla_put_flag(msg, NL80211_ATTR_TDLS_INITIATOR)) || 9247 nla_put(msg, NL80211_ATTR_IE, len, buf)) 9248 goto fail; 9249 9250 return send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); 9251 9252 fail: 9253 nlmsg_free(msg); 9254 return -ENOBUFS; 9255 } 9256 9257 9258 static int nl80211_tdls_oper(void *priv, enum tdls_oper oper, const u8 *peer) 9259 { 9260 struct i802_bss *bss = priv; 9261 struct wpa_driver_nl80211_data *drv = bss->drv; 9262 struct nl_msg *msg; 9263 enum nl80211_tdls_operation nl80211_oper; 9264 int res; 9265 9266 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT)) 9267 return -EOPNOTSUPP; 9268 9269 switch (oper) { 9270 case TDLS_DISCOVERY_REQ: 9271 nl80211_oper = NL80211_TDLS_DISCOVERY_REQ; 9272 break; 9273 case TDLS_SETUP: 9274 nl80211_oper = NL80211_TDLS_SETUP; 9275 break; 9276 case TDLS_TEARDOWN: 9277 nl80211_oper = NL80211_TDLS_TEARDOWN; 9278 break; 9279 case TDLS_ENABLE_LINK: 9280 nl80211_oper = NL80211_TDLS_ENABLE_LINK; 9281 break; 9282 case TDLS_DISABLE_LINK: 9283 nl80211_oper = NL80211_TDLS_DISABLE_LINK; 9284 break; 9285 case TDLS_ENABLE: 9286 return 0; 9287 case TDLS_DISABLE: 9288 return 0; 9289 default: 9290 return -EINVAL; 9291 } 9292 9293 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_TDLS_OPER)) || 9294 nla_put_u8(msg, NL80211_ATTR_TDLS_OPERATION, nl80211_oper) || 9295 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, peer)) { 9296 nlmsg_free(msg); 9297 return -ENOBUFS; 9298 } 9299 9300 res = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); 9301 wpa_printf(MSG_DEBUG, "nl80211: TDLS_OPER: oper=%d mac=" MACSTR 9302 " --> res=%d (%s)", nl80211_oper, MAC2STR(peer), res, 9303 strerror(-res)); 9304 return res; 9305 } 9306 9307 9308 static int 9309 nl80211_tdls_enable_channel_switch(void *priv, const u8 *addr, u8 oper_class, 9310 const struct hostapd_freq_params *params) 9311 { 9312 struct i802_bss *bss = priv; 9313 struct wpa_driver_nl80211_data *drv = bss->drv; 9314 struct nl_msg *msg; 9315 int ret = -ENOBUFS; 9316 9317 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT) || 9318 !(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_CHANNEL_SWITCH)) 9319 return -EOPNOTSUPP; 9320 9321 wpa_printf(MSG_DEBUG, "nl80211: Enable TDLS channel switch " MACSTR 9322 " oper_class=%u freq=%u", 9323 MAC2STR(addr), oper_class, params->freq); 9324 msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_TDLS_CHANNEL_SWITCH); 9325 if (!msg || 9326 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr) || 9327 nla_put_u8(msg, NL80211_ATTR_OPER_CLASS, oper_class) || 9328 (ret = nl80211_put_freq_params(msg, params))) { 9329 nlmsg_free(msg); 9330 wpa_printf(MSG_DEBUG, "nl80211: Could not build TDLS chan switch"); 9331 return ret; 9332 } 9333 9334 return send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); 9335 } 9336 9337 9338 static int 9339 nl80211_tdls_disable_channel_switch(void *priv, const u8 *addr) 9340 { 9341 struct i802_bss *bss = priv; 9342 struct wpa_driver_nl80211_data *drv = bss->drv; 9343 struct nl_msg *msg; 9344 9345 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT) || 9346 !(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_CHANNEL_SWITCH)) 9347 return -EOPNOTSUPP; 9348 9349 wpa_printf(MSG_DEBUG, "nl80211: Disable TDLS channel switch " MACSTR, 9350 MAC2STR(addr)); 9351 msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_TDLS_CANCEL_CHANNEL_SWITCH); 9352 if (!msg || 9353 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) { 9354 nlmsg_free(msg); 9355 wpa_printf(MSG_DEBUG, 9356 "nl80211: Could not build TDLS cancel chan switch"); 9357 return -ENOBUFS; 9358 } 9359 9360 return send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); 9361 } 9362 9363 #endif /* CONFIG TDLS */ 9364 9365 9366 static int driver_nl80211_set_key(void *priv, 9367 struct wpa_driver_set_key_params *params) 9368 { 9369 struct i802_bss *bss = priv; 9370 9371 return wpa_driver_nl80211_set_key(bss, params); 9372 } 9373 9374 9375 static int driver_nl80211_scan2(void *priv, 9376 struct wpa_driver_scan_params *params) 9377 { 9378 struct i802_bss *bss = priv; 9379 #ifdef CONFIG_DRIVER_NL80211_QCA 9380 struct wpa_driver_nl80211_data *drv = bss->drv; 9381 9382 /* 9383 * Do a vendor specific scan if possible. If only_new_results is 9384 * set, do a normal scan since a kernel (cfg80211) BSS cache flush 9385 * cannot be achieved through a vendor scan. The below condition may 9386 * need to be modified if new scan flags are added in the future whose 9387 * functionality can only be achieved through a normal scan. 9388 */ 9389 if (drv->scan_vendor_cmd_avail && !params->only_new_results) 9390 return wpa_driver_nl80211_vendor_scan(bss, params); 9391 #endif /* CONFIG_DRIVER_NL80211_QCA */ 9392 return wpa_driver_nl80211_scan(bss, params); 9393 } 9394 9395 9396 static int driver_nl80211_deauthenticate(void *priv, const u8 *addr, 9397 u16 reason_code) 9398 { 9399 struct i802_bss *bss = priv; 9400 return wpa_driver_nl80211_deauthenticate(bss, addr, reason_code); 9401 } 9402 9403 9404 static int driver_nl80211_authenticate(void *priv, 9405 struct wpa_driver_auth_params *params) 9406 { 9407 struct i802_bss *bss = priv; 9408 return wpa_driver_nl80211_authenticate(bss, params); 9409 } 9410 9411 9412 static void driver_nl80211_deinit(void *priv) 9413 { 9414 struct i802_bss *bss = priv; 9415 wpa_driver_nl80211_deinit(bss); 9416 } 9417 9418 9419 static int driver_nl80211_if_remove(void *priv, enum wpa_driver_if_type type, 9420 const char *ifname) 9421 { 9422 struct i802_bss *bss = priv; 9423 return wpa_driver_nl80211_if_remove(bss, type, ifname); 9424 } 9425 9426 9427 static int driver_nl80211_send_mlme(void *priv, const u8 *data, 9428 size_t data_len, int noack, 9429 unsigned int freq, 9430 const u16 *csa_offs, size_t csa_offs_len, 9431 int no_encrypt, unsigned int wait) 9432 { 9433 struct i802_bss *bss = priv; 9434 return wpa_driver_nl80211_send_mlme(bss, data, data_len, noack, 9435 freq, 0, 0, wait, csa_offs, 9436 csa_offs_len, no_encrypt); 9437 } 9438 9439 9440 static int driver_nl80211_sta_remove(void *priv, const u8 *addr) 9441 { 9442 struct i802_bss *bss = priv; 9443 return wpa_driver_nl80211_sta_remove(bss, addr, -1, 0); 9444 } 9445 9446 9447 static int driver_nl80211_set_sta_vlan(void *priv, const u8 *addr, 9448 const char *ifname, int vlan_id) 9449 { 9450 struct i802_bss *bss = priv; 9451 return i802_set_sta_vlan(bss, addr, ifname, vlan_id); 9452 } 9453 9454 9455 static int driver_nl80211_read_sta_data(void *priv, 9456 struct hostap_sta_driver_data *data, 9457 const u8 *addr) 9458 { 9459 struct i802_bss *bss = priv; 9460 9461 os_memset(data, 0, sizeof(*data)); 9462 return i802_read_sta_data(bss, data, addr); 9463 } 9464 9465 9466 static int driver_nl80211_send_action(void *priv, unsigned int freq, 9467 unsigned int wait_time, 9468 const u8 *dst, const u8 *src, 9469 const u8 *bssid, 9470 const u8 *data, size_t data_len, 9471 int no_cck) 9472 { 9473 struct i802_bss *bss = priv; 9474 return wpa_driver_nl80211_send_action(bss, freq, wait_time, dst, src, 9475 bssid, data, data_len, no_cck); 9476 } 9477 9478 9479 static int driver_nl80211_probe_req_report(void *priv, int report) 9480 { 9481 struct i802_bss *bss = priv; 9482 return wpa_driver_nl80211_probe_req_report(bss, report); 9483 } 9484 9485 9486 static int wpa_driver_nl80211_update_ft_ies(void *priv, const u8 *md, 9487 const u8 *ies, size_t ies_len) 9488 { 9489 int ret; 9490 struct nl_msg *msg; 9491 struct i802_bss *bss = priv; 9492 struct wpa_driver_nl80211_data *drv = bss->drv; 9493 u16 mdid = WPA_GET_LE16(md); 9494 9495 wpa_printf(MSG_DEBUG, "nl80211: Updating FT IEs"); 9496 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_UPDATE_FT_IES)) || 9497 nla_put(msg, NL80211_ATTR_IE, ies_len, ies) || 9498 nla_put_u16(msg, NL80211_ATTR_MDID, mdid)) { 9499 nlmsg_free(msg); 9500 return -ENOBUFS; 9501 } 9502 9503 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); 9504 if (ret) { 9505 wpa_printf(MSG_DEBUG, "nl80211: update_ft_ies failed " 9506 "err=%d (%s)", ret, strerror(-ret)); 9507 } 9508 9509 return ret; 9510 } 9511 9512 9513 static int nl80211_update_dh_ie(void *priv, const u8 *peer_mac, 9514 u16 reason_code, const u8 *ie, size_t ie_len) 9515 { 9516 int ret; 9517 struct nl_msg *msg; 9518 struct i802_bss *bss = priv; 9519 struct wpa_driver_nl80211_data *drv = bss->drv; 9520 9521 wpa_printf(MSG_DEBUG, "nl80211: Updating DH IE peer: " MACSTR 9522 " reason %u", MAC2STR(peer_mac), reason_code); 9523 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_UPDATE_OWE_INFO)) || 9524 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, peer_mac) || 9525 nla_put_u16(msg, NL80211_ATTR_STATUS_CODE, reason_code) || 9526 (ie && nla_put(msg, NL80211_ATTR_IE, ie_len, ie))) { 9527 nlmsg_free(msg); 9528 return -ENOBUFS; 9529 } 9530 9531 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); 9532 if (ret) { 9533 wpa_printf(MSG_DEBUG, 9534 "nl80211: update_dh_ie failed err=%d (%s)", 9535 ret, strerror(-ret)); 9536 } 9537 9538 return ret; 9539 } 9540 9541 9542 static const u8 * wpa_driver_nl80211_get_macaddr(void *priv) 9543 { 9544 struct i802_bss *bss = priv; 9545 struct wpa_driver_nl80211_data *drv = bss->drv; 9546 9547 if (drv->nlmode != NL80211_IFTYPE_P2P_DEVICE) 9548 return NULL; 9549 9550 return bss->addr; 9551 } 9552 9553 9554 static const char * scan_state_str(enum scan_states scan_state) 9555 { 9556 switch (scan_state) { 9557 case NO_SCAN: 9558 return "NO_SCAN"; 9559 case SCAN_REQUESTED: 9560 return "SCAN_REQUESTED"; 9561 case SCAN_STARTED: 9562 return "SCAN_STARTED"; 9563 case SCAN_COMPLETED: 9564 return "SCAN_COMPLETED"; 9565 case SCAN_ABORTED: 9566 return "SCAN_ABORTED"; 9567 case SCHED_SCAN_STARTED: 9568 return "SCHED_SCAN_STARTED"; 9569 case SCHED_SCAN_STOPPED: 9570 return "SCHED_SCAN_STOPPED"; 9571 case SCHED_SCAN_RESULTS: 9572 return "SCHED_SCAN_RESULTS"; 9573 } 9574 9575 return "??"; 9576 } 9577 9578 9579 static int wpa_driver_nl80211_status(void *priv, char *buf, size_t buflen) 9580 { 9581 struct i802_bss *bss = priv; 9582 struct wpa_driver_nl80211_data *drv = bss->drv; 9583 int res; 9584 char *pos, *end; 9585 struct nl_msg *msg; 9586 char alpha2[3] = { 0, 0, 0 }; 9587 9588 pos = buf; 9589 end = buf + buflen; 9590 9591 res = os_snprintf(pos, end - pos, 9592 "ifindex=%d\n" 9593 "ifname=%s\n" 9594 "brname=%s\n" 9595 "addr=" MACSTR "\n" 9596 "freq=%d\n" 9597 "%s%s%s%s%s%s", 9598 bss->ifindex, 9599 bss->ifname, 9600 bss->brname, 9601 MAC2STR(bss->addr), 9602 bss->freq, 9603 bss->beacon_set ? "beacon_set=1\n" : "", 9604 bss->added_if_into_bridge ? 9605 "added_if_into_bridge=1\n" : "", 9606 bss->already_in_bridge ? "already_in_bridge=1\n" : "", 9607 bss->added_bridge ? "added_bridge=1\n" : "", 9608 bss->in_deinit ? "in_deinit=1\n" : "", 9609 bss->if_dynamic ? "if_dynamic=1\n" : ""); 9610 if (os_snprintf_error(end - pos, res)) 9611 return pos - buf; 9612 pos += res; 9613 9614 if (bss->wdev_id_set) { 9615 res = os_snprintf(pos, end - pos, "wdev_id=%llu\n", 9616 (unsigned long long) bss->wdev_id); 9617 if (os_snprintf_error(end - pos, res)) 9618 return pos - buf; 9619 pos += res; 9620 } 9621 9622 res = os_snprintf(pos, end - pos, 9623 "phyname=%s\n" 9624 "perm_addr=" MACSTR "\n" 9625 "drv_ifindex=%d\n" 9626 "operstate=%d\n" 9627 "scan_state=%s\n" 9628 "auth_bssid=" MACSTR "\n" 9629 "auth_attempt_bssid=" MACSTR "\n" 9630 "bssid=" MACSTR "\n" 9631 "prev_bssid=" MACSTR "\n" 9632 "associated=%d\n" 9633 "assoc_freq=%u\n" 9634 "monitor_sock=%d\n" 9635 "monitor_ifidx=%d\n" 9636 "monitor_refcount=%d\n" 9637 "last_mgmt_freq=%u\n" 9638 "eapol_tx_sock=%d\n" 9639 "%s%s%s%s%s%s%s%s%s%s%s%s%s", 9640 drv->phyname, 9641 MAC2STR(drv->perm_addr), 9642 drv->ifindex, 9643 drv->operstate, 9644 scan_state_str(drv->scan_state), 9645 MAC2STR(drv->auth_bssid), 9646 MAC2STR(drv->auth_attempt_bssid), 9647 MAC2STR(drv->bssid), 9648 MAC2STR(drv->prev_bssid), 9649 drv->associated, 9650 drv->assoc_freq, 9651 drv->monitor_sock, 9652 drv->monitor_ifidx, 9653 drv->monitor_refcount, 9654 drv->last_mgmt_freq, 9655 drv->eapol_tx_sock, 9656 drv->ignore_if_down_event ? 9657 "ignore_if_down_event=1\n" : "", 9658 drv->scan_complete_events ? 9659 "scan_complete_events=1\n" : "", 9660 drv->disabled_11b_rates ? 9661 "disabled_11b_rates=1\n" : "", 9662 drv->pending_remain_on_chan ? 9663 "pending_remain_on_chan=1\n" : "", 9664 drv->in_interface_list ? "in_interface_list=1\n" : "", 9665 drv->device_ap_sme ? "device_ap_sme=1\n" : "", 9666 drv->poll_command_supported ? 9667 "poll_command_supported=1\n" : "", 9668 drv->data_tx_status ? "data_tx_status=1\n" : "", 9669 drv->scan_for_auth ? "scan_for_auth=1\n" : "", 9670 drv->retry_auth ? "retry_auth=1\n" : "", 9671 drv->use_monitor ? "use_monitor=1\n" : "", 9672 drv->ignore_next_local_disconnect ? 9673 "ignore_next_local_disconnect=1\n" : "", 9674 drv->ignore_next_local_deauth ? 9675 "ignore_next_local_deauth=1\n" : ""); 9676 if (os_snprintf_error(end - pos, res)) 9677 return pos - buf; 9678 pos += res; 9679 9680 if (drv->has_capability) { 9681 res = os_snprintf(pos, end - pos, 9682 "capa.key_mgmt=0x%x\n" 9683 "capa.enc=0x%x\n" 9684 "capa.auth=0x%x\n" 9685 "capa.flags=0x%llx\n" 9686 "capa.rrm_flags=0x%x\n" 9687 "capa.max_scan_ssids=%d\n" 9688 "capa.max_sched_scan_ssids=%d\n" 9689 "capa.sched_scan_supported=%d\n" 9690 "capa.max_match_sets=%d\n" 9691 "capa.max_remain_on_chan=%u\n" 9692 "capa.max_stations=%u\n" 9693 "capa.probe_resp_offloads=0x%x\n" 9694 "capa.max_acl_mac_addrs=%u\n" 9695 "capa.num_multichan_concurrent=%u\n" 9696 "capa.mac_addr_rand_sched_scan_supported=%d\n" 9697 "capa.mac_addr_rand_scan_supported=%d\n" 9698 "capa.conc_capab=%u\n" 9699 "capa.max_conc_chan_2_4=%u\n" 9700 "capa.max_conc_chan_5_0=%u\n" 9701 "capa.max_sched_scan_plans=%u\n" 9702 "capa.max_sched_scan_plan_interval=%u\n" 9703 "capa.max_sched_scan_plan_iterations=%u\n", 9704 drv->capa.key_mgmt, 9705 drv->capa.enc, 9706 drv->capa.auth, 9707 (unsigned long long) drv->capa.flags, 9708 drv->capa.rrm_flags, 9709 drv->capa.max_scan_ssids, 9710 drv->capa.max_sched_scan_ssids, 9711 drv->capa.sched_scan_supported, 9712 drv->capa.max_match_sets, 9713 drv->capa.max_remain_on_chan, 9714 drv->capa.max_stations, 9715 drv->capa.probe_resp_offloads, 9716 drv->capa.max_acl_mac_addrs, 9717 drv->capa.num_multichan_concurrent, 9718 drv->capa.mac_addr_rand_sched_scan_supported, 9719 drv->capa.mac_addr_rand_scan_supported, 9720 drv->capa.conc_capab, 9721 drv->capa.max_conc_chan_2_4, 9722 drv->capa.max_conc_chan_5_0, 9723 drv->capa.max_sched_scan_plans, 9724 drv->capa.max_sched_scan_plan_interval, 9725 drv->capa.max_sched_scan_plan_iterations); 9726 if (os_snprintf_error(end - pos, res)) 9727 return pos - buf; 9728 pos += res; 9729 } 9730 9731 msg = nlmsg_alloc(); 9732 if (msg && 9733 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_REG) && 9734 nla_put_u32(msg, NL80211_ATTR_WIPHY, drv->wiphy_idx) == 0) { 9735 if (send_and_recv_msgs(drv, msg, nl80211_get_country, 9736 alpha2, NULL, NULL) == 0 && 9737 alpha2[0]) { 9738 res = os_snprintf(pos, end - pos, "country=%s\n", 9739 alpha2); 9740 if (os_snprintf_error(end - pos, res)) 9741 return pos - buf; 9742 pos += res; 9743 } 9744 } else { 9745 nlmsg_free(msg); 9746 } 9747 9748 return pos - buf; 9749 } 9750 9751 9752 static int set_beacon_data(struct nl_msg *msg, struct beacon_data *settings) 9753 { 9754 if ((settings->head && 9755 nla_put(msg, NL80211_ATTR_BEACON_HEAD, 9756 settings->head_len, settings->head)) || 9757 (settings->tail && 9758 nla_put(msg, NL80211_ATTR_BEACON_TAIL, 9759 settings->tail_len, settings->tail)) || 9760 (settings->beacon_ies && 9761 nla_put(msg, NL80211_ATTR_IE, 9762 settings->beacon_ies_len, settings->beacon_ies)) || 9763 (settings->proberesp_ies && 9764 nla_put(msg, NL80211_ATTR_IE_PROBE_RESP, 9765 settings->proberesp_ies_len, settings->proberesp_ies)) || 9766 (settings->assocresp_ies && 9767 nla_put(msg, NL80211_ATTR_IE_ASSOC_RESP, 9768 settings->assocresp_ies_len, settings->assocresp_ies)) || 9769 (settings->probe_resp && 9770 nla_put(msg, NL80211_ATTR_PROBE_RESP, 9771 settings->probe_resp_len, settings->probe_resp))) 9772 return -ENOBUFS; 9773 9774 return 0; 9775 } 9776 9777 9778 static int nl80211_switch_channel(void *priv, struct csa_settings *settings) 9779 { 9780 struct nl_msg *msg; 9781 struct i802_bss *bss = priv; 9782 struct wpa_driver_nl80211_data *drv = bss->drv; 9783 struct nlattr *beacon_csa; 9784 int ret = -ENOBUFS; 9785 int csa_off_len = 0; 9786 int i; 9787 9788 wpa_printf(MSG_DEBUG, 9789 "nl80211: Channel switch request (cs_count=%u block_tx=%u freq=%d channel=%d sec_channel_offset=%d width=%d cf1=%d cf2=%d%s%s%s)", 9790 settings->cs_count, settings->block_tx, 9791 settings->freq_params.freq, 9792 settings->freq_params.channel, 9793 settings->freq_params.sec_channel_offset, 9794 settings->freq_params.bandwidth, 9795 settings->freq_params.center_freq1, 9796 settings->freq_params.center_freq2, 9797 settings->freq_params.ht_enabled ? " ht" : "", 9798 settings->freq_params.vht_enabled ? " vht" : "", 9799 settings->freq_params.he_enabled ? " he" : ""); 9800 9801 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_AP_CSA)) { 9802 wpa_printf(MSG_DEBUG, "nl80211: Driver does not support channel switch command"); 9803 return -EOPNOTSUPP; 9804 } 9805 9806 if (drv->nlmode != NL80211_IFTYPE_AP && 9807 drv->nlmode != NL80211_IFTYPE_P2P_GO && 9808 drv->nlmode != NL80211_IFTYPE_MESH_POINT) 9809 return -EOPNOTSUPP; 9810 9811 /* 9812 * Remove empty counters, assuming Probe Response and Beacon frame 9813 * counters match. This implementation assumes that there are only two 9814 * counters. 9815 */ 9816 if (settings->counter_offset_beacon[0] && 9817 !settings->counter_offset_beacon[1]) { 9818 csa_off_len = 1; 9819 } else if (settings->counter_offset_beacon[1] && 9820 !settings->counter_offset_beacon[0]) { 9821 csa_off_len = 1; 9822 settings->counter_offset_beacon[0] = 9823 settings->counter_offset_beacon[1]; 9824 settings->counter_offset_presp[0] = 9825 settings->counter_offset_presp[1]; 9826 } else if (settings->counter_offset_beacon[1] && 9827 settings->counter_offset_beacon[0]) { 9828 csa_off_len = 2; 9829 } else { 9830 wpa_printf(MSG_ERROR, "nl80211: No CSA counters provided"); 9831 return -EINVAL; 9832 } 9833 9834 /* Check CSA counters validity */ 9835 if (drv->capa.max_csa_counters && 9836 csa_off_len > drv->capa.max_csa_counters) { 9837 wpa_printf(MSG_ERROR, 9838 "nl80211: Too many CSA counters provided"); 9839 return -EINVAL; 9840 } 9841 9842 if (!settings->beacon_csa.tail) 9843 return -EINVAL; 9844 9845 for (i = 0; i < csa_off_len; i++) { 9846 u16 csa_c_off_bcn = settings->counter_offset_beacon[i]; 9847 u16 csa_c_off_presp = settings->counter_offset_presp[i]; 9848 9849 if ((settings->beacon_csa.tail_len <= csa_c_off_bcn) || 9850 (settings->beacon_csa.tail[csa_c_off_bcn] != 9851 settings->cs_count)) 9852 return -EINVAL; 9853 9854 if (settings->beacon_csa.probe_resp && 9855 ((settings->beacon_csa.probe_resp_len <= 9856 csa_c_off_presp) || 9857 (settings->beacon_csa.probe_resp[csa_c_off_presp] != 9858 settings->cs_count))) 9859 return -EINVAL; 9860 } 9861 9862 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_CHANNEL_SWITCH)) || 9863 nla_put_u32(msg, NL80211_ATTR_CH_SWITCH_COUNT, 9864 settings->cs_count) || 9865 (ret = nl80211_put_freq_params(msg, &settings->freq_params)) || 9866 (settings->block_tx && 9867 nla_put_flag(msg, NL80211_ATTR_CH_SWITCH_BLOCK_TX))) 9868 goto error; 9869 9870 /* beacon_after params */ 9871 ret = set_beacon_data(msg, &settings->beacon_after); 9872 if (ret) 9873 goto error; 9874 9875 /* beacon_csa params */ 9876 beacon_csa = nla_nest_start(msg, NL80211_ATTR_CSA_IES); 9877 if (!beacon_csa) 9878 goto fail; 9879 9880 ret = set_beacon_data(msg, &settings->beacon_csa); 9881 if (ret) 9882 goto error; 9883 9884 if (nla_put(msg, NL80211_ATTR_CSA_C_OFF_BEACON, 9885 csa_off_len * sizeof(u16), 9886 settings->counter_offset_beacon) || 9887 (settings->beacon_csa.probe_resp && 9888 nla_put(msg, NL80211_ATTR_CSA_C_OFF_PRESP, 9889 csa_off_len * sizeof(u16), 9890 settings->counter_offset_presp))) 9891 goto fail; 9892 9893 nla_nest_end(msg, beacon_csa); 9894 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); 9895 if (ret) { 9896 wpa_printf(MSG_DEBUG, "nl80211: switch_channel failed err=%d (%s)", 9897 ret, strerror(-ret)); 9898 } 9899 return ret; 9900 9901 fail: 9902 ret = -ENOBUFS; 9903 error: 9904 nlmsg_free(msg); 9905 wpa_printf(MSG_DEBUG, "nl80211: Could not build channel switch request"); 9906 return ret; 9907 } 9908 9909 9910 static int nl80211_add_ts(void *priv, u8 tsid, const u8 *addr, 9911 u8 user_priority, u16 admitted_time) 9912 { 9913 struct i802_bss *bss = priv; 9914 struct wpa_driver_nl80211_data *drv = bss->drv; 9915 struct nl_msg *msg; 9916 int ret; 9917 9918 wpa_printf(MSG_DEBUG, 9919 "nl80211: add_ts request: tsid=%u admitted_time=%u up=%d", 9920 tsid, admitted_time, user_priority); 9921 9922 if (!is_sta_interface(drv->nlmode)) 9923 return -ENOTSUP; 9924 9925 msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_ADD_TX_TS); 9926 if (!msg || 9927 nla_put_u8(msg, NL80211_ATTR_TSID, tsid) || 9928 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr) || 9929 nla_put_u8(msg, NL80211_ATTR_USER_PRIO, user_priority) || 9930 nla_put_u16(msg, NL80211_ATTR_ADMITTED_TIME, admitted_time)) { 9931 nlmsg_free(msg); 9932 return -ENOBUFS; 9933 } 9934 9935 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); 9936 if (ret) 9937 wpa_printf(MSG_DEBUG, "nl80211: add_ts failed err=%d (%s)", 9938 ret, strerror(-ret)); 9939 return ret; 9940 } 9941 9942 9943 static int nl80211_del_ts(void *priv, u8 tsid, const u8 *addr) 9944 { 9945 struct i802_bss *bss = priv; 9946 struct wpa_driver_nl80211_data *drv = bss->drv; 9947 struct nl_msg *msg; 9948 int ret; 9949 9950 wpa_printf(MSG_DEBUG, "nl80211: del_ts request: tsid=%u", tsid); 9951 9952 if (!is_sta_interface(drv->nlmode)) 9953 return -ENOTSUP; 9954 9955 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_DEL_TX_TS)) || 9956 nla_put_u8(msg, NL80211_ATTR_TSID, tsid) || 9957 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) { 9958 nlmsg_free(msg); 9959 return -ENOBUFS; 9960 } 9961 9962 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); 9963 if (ret) 9964 wpa_printf(MSG_DEBUG, "nl80211: del_ts failed err=%d (%s)", 9965 ret, strerror(-ret)); 9966 return ret; 9967 } 9968 9969 9970 #ifdef CONFIG_TESTING_OPTIONS 9971 static int cmd_reply_handler(struct nl_msg *msg, void *arg) 9972 { 9973 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); 9974 struct wpabuf *buf = arg; 9975 9976 if (!buf) 9977 return NL_SKIP; 9978 9979 if ((size_t) genlmsg_attrlen(gnlh, 0) > wpabuf_tailroom(buf)) { 9980 wpa_printf(MSG_INFO, "nl80211: insufficient buffer space for reply"); 9981 return NL_SKIP; 9982 } 9983 9984 wpabuf_put_data(buf, genlmsg_attrdata(gnlh, 0), 9985 genlmsg_attrlen(gnlh, 0)); 9986 9987 return NL_SKIP; 9988 } 9989 #endif /* CONFIG_TESTING_OPTIONS */ 9990 9991 9992 static int vendor_reply_handler(struct nl_msg *msg, void *arg) 9993 { 9994 struct nlattr *tb[NL80211_ATTR_MAX + 1]; 9995 struct nlattr *nl_vendor_reply, *nl; 9996 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); 9997 struct wpabuf *buf = arg; 9998 int rem; 9999 10000 if (!buf) 10001 return NL_SKIP; 10002 10003 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), 10004 genlmsg_attrlen(gnlh, 0), NULL); 10005 nl_vendor_reply = tb[NL80211_ATTR_VENDOR_DATA]; 10006 10007 if (!nl_vendor_reply) 10008 return NL_SKIP; 10009 10010 if ((size_t) nla_len(nl_vendor_reply) > wpabuf_tailroom(buf)) { 10011 wpa_printf(MSG_INFO, "nl80211: Vendor command: insufficient buffer space for reply"); 10012 return NL_SKIP; 10013 } 10014 10015 nla_for_each_nested(nl, nl_vendor_reply, rem) { 10016 wpabuf_put_data(buf, nla_data(nl), nla_len(nl)); 10017 } 10018 10019 return NL_SKIP; 10020 } 10021 10022 10023 static bool is_cmd_with_nested_attrs(unsigned int vendor_id, 10024 unsigned int subcmd) 10025 { 10026 if (vendor_id != OUI_QCA) 10027 return true; 10028 10029 switch (subcmd) { 10030 case QCA_NL80211_VENDOR_SUBCMD_AVOID_FREQUENCY: 10031 case QCA_NL80211_VENDOR_SUBCMD_STATS_EXT: 10032 case QCA_NL80211_VENDOR_SUBCMD_SCANNING_MAC_OUI: 10033 case QCA_NL80211_VENDOR_SUBCMD_KEY_MGMT_SET_KEY: 10034 case QCA_NL80211_VENDOR_SUBCMD_SPECTRAL_SCAN_GET_STATUS: 10035 case QCA_NL80211_VENDOR_SUBCMD_NAN: 10036 return false; 10037 default: 10038 return true; 10039 } 10040 } 10041 10042 10043 static int nl80211_vendor_cmd(void *priv, unsigned int vendor_id, 10044 unsigned int subcmd, const u8 *data, 10045 size_t data_len, enum nested_attr nested_attr, 10046 struct wpabuf *buf) 10047 { 10048 struct i802_bss *bss = priv; 10049 struct wpa_driver_nl80211_data *drv = bss->drv; 10050 struct nl_msg *msg; 10051 int ret, nla_flag; 10052 10053 #ifdef CONFIG_TESTING_OPTIONS 10054 if (vendor_id == 0xffffffff) { 10055 msg = nlmsg_alloc(); 10056 if (!msg) 10057 return -ENOMEM; 10058 10059 nl80211_cmd(drv, msg, 0, subcmd); 10060 if (nlmsg_append(msg, (void *) data, data_len, NLMSG_ALIGNTO) < 10061 0) 10062 goto fail; 10063 /* This test vendor_cmd can be used with nl80211 commands that 10064 * need the connect nl_sock, so use the owner-setting variant 10065 * of send_and_recv_msgs(). */ 10066 ret = send_and_recv_msgs_owner(drv, msg, 10067 get_connect_handle(bss), 0, 10068 cmd_reply_handler, buf, 10069 NULL, NULL); 10070 if (ret) 10071 wpa_printf(MSG_DEBUG, "nl80211: command failed err=%d", 10072 ret); 10073 return ret; 10074 } 10075 #endif /* CONFIG_TESTING_OPTIONS */ 10076 10077 if (nested_attr == NESTED_ATTR_USED) 10078 nla_flag = NLA_F_NESTED; 10079 else if (nested_attr == NESTED_ATTR_UNSPECIFIED && 10080 is_cmd_with_nested_attrs(vendor_id, subcmd)) 10081 nla_flag = NLA_F_NESTED; 10082 else 10083 nla_flag = 0; 10084 10085 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_VENDOR)) || 10086 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, vendor_id) || 10087 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD, subcmd) || 10088 (data && 10089 nla_put(msg, nla_flag | NL80211_ATTR_VENDOR_DATA, 10090 data_len, data))) 10091 goto fail; 10092 10093 ret = send_and_recv_msgs(drv, msg, vendor_reply_handler, buf, 10094 NULL, NULL); 10095 if (ret) 10096 wpa_printf(MSG_DEBUG, "nl80211: vendor command failed err=%d", 10097 ret); 10098 return ret; 10099 10100 fail: 10101 nlmsg_free(msg); 10102 return -ENOBUFS; 10103 } 10104 10105 10106 static int nl80211_set_qos_map(void *priv, const u8 *qos_map_set, 10107 u8 qos_map_set_len) 10108 { 10109 struct i802_bss *bss = priv; 10110 struct wpa_driver_nl80211_data *drv = bss->drv; 10111 struct nl_msg *msg; 10112 int ret; 10113 10114 wpa_hexdump(MSG_DEBUG, "nl80211: Setting QoS Map", 10115 qos_map_set, qos_map_set_len); 10116 10117 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_SET_QOS_MAP)) || 10118 nla_put(msg, NL80211_ATTR_QOS_MAP, qos_map_set_len, qos_map_set)) { 10119 nlmsg_free(msg); 10120 return -ENOBUFS; 10121 } 10122 10123 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); 10124 if (ret) 10125 wpa_printf(MSG_DEBUG, "nl80211: Setting QoS Map failed"); 10126 10127 return ret; 10128 } 10129 10130 10131 static int get_wowlan_handler(struct nl_msg *msg, void *arg) 10132 { 10133 struct nlattr *tb[NL80211_ATTR_MAX + 1]; 10134 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); 10135 int *wowlan_enabled = arg; 10136 10137 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), 10138 genlmsg_attrlen(gnlh, 0), NULL); 10139 10140 *wowlan_enabled = !!tb[NL80211_ATTR_WOWLAN_TRIGGERS]; 10141 10142 return NL_SKIP; 10143 } 10144 10145 10146 static int nl80211_get_wowlan(void *priv) 10147 { 10148 struct i802_bss *bss = priv; 10149 struct wpa_driver_nl80211_data *drv = bss->drv; 10150 struct nl_msg *msg; 10151 int wowlan_enabled; 10152 int ret; 10153 10154 wpa_printf(MSG_DEBUG, "nl80211: Getting wowlan status"); 10155 10156 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_GET_WOWLAN); 10157 10158 ret = send_and_recv_msgs(drv, msg, get_wowlan_handler, &wowlan_enabled, 10159 NULL, NULL); 10160 if (ret) { 10161 wpa_printf(MSG_DEBUG, "nl80211: Getting wowlan status failed"); 10162 return 0; 10163 } 10164 10165 wpa_printf(MSG_DEBUG, "nl80211: wowlan is %s", 10166 wowlan_enabled ? "enabled" : "disabled"); 10167 10168 return wowlan_enabled; 10169 } 10170 10171 10172 static int nl80211_set_wowlan(void *priv, 10173 const struct wowlan_triggers *triggers) 10174 { 10175 struct i802_bss *bss = priv; 10176 struct wpa_driver_nl80211_data *drv = bss->drv; 10177 struct nl_msg *msg; 10178 struct nlattr *wowlan_triggers; 10179 int ret; 10180 10181 wpa_printf(MSG_DEBUG, "nl80211: Setting wowlan"); 10182 10183 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_SET_WOWLAN)) || 10184 !(wowlan_triggers = nla_nest_start(msg, 10185 NL80211_ATTR_WOWLAN_TRIGGERS)) || 10186 (triggers->any && 10187 nla_put_flag(msg, NL80211_WOWLAN_TRIG_ANY)) || 10188 (triggers->disconnect && 10189 nla_put_flag(msg, NL80211_WOWLAN_TRIG_DISCONNECT)) || 10190 (triggers->magic_pkt && 10191 nla_put_flag(msg, NL80211_WOWLAN_TRIG_MAGIC_PKT)) || 10192 (triggers->gtk_rekey_failure && 10193 nla_put_flag(msg, NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE)) || 10194 (triggers->eap_identity_req && 10195 nla_put_flag(msg, NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST)) || 10196 (triggers->four_way_handshake && 10197 nla_put_flag(msg, NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE)) || 10198 (triggers->rfkill_release && 10199 nla_put_flag(msg, NL80211_WOWLAN_TRIG_RFKILL_RELEASE))) { 10200 nlmsg_free(msg); 10201 return -ENOBUFS; 10202 } 10203 10204 nla_nest_end(msg, wowlan_triggers); 10205 10206 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); 10207 if (ret) 10208 wpa_printf(MSG_DEBUG, "nl80211: Setting wowlan failed"); 10209 10210 return ret; 10211 } 10212 10213 10214 #ifdef CONFIG_DRIVER_NL80211_QCA 10215 static int nl80211_roaming(void *priv, int allowed, const u8 *bssid) 10216 { 10217 struct i802_bss *bss = priv; 10218 struct wpa_driver_nl80211_data *drv = bss->drv; 10219 struct nl_msg *msg; 10220 struct nlattr *params; 10221 10222 wpa_printf(MSG_DEBUG, "nl80211: Roaming policy: allowed=%d", allowed); 10223 10224 if (!drv->roaming_vendor_cmd_avail) { 10225 wpa_printf(MSG_DEBUG, 10226 "nl80211: Ignore roaming policy change since driver does not provide command for setting it"); 10227 return -1; 10228 } 10229 10230 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) || 10231 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) || 10232 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD, 10233 QCA_NL80211_VENDOR_SUBCMD_ROAMING) || 10234 !(params = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) || 10235 nla_put_u32(msg, QCA_WLAN_VENDOR_ATTR_ROAMING_POLICY, 10236 allowed ? QCA_ROAMING_ALLOWED_WITHIN_ESS : 10237 QCA_ROAMING_NOT_ALLOWED) || 10238 (bssid && 10239 nla_put(msg, QCA_WLAN_VENDOR_ATTR_MAC_ADDR, ETH_ALEN, bssid))) { 10240 nlmsg_free(msg); 10241 return -1; 10242 } 10243 nla_nest_end(msg, params); 10244 10245 return send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); 10246 } 10247 10248 10249 static int nl80211_disable_fils(void *priv, int disable) 10250 { 10251 struct i802_bss *bss = priv; 10252 struct wpa_driver_nl80211_data *drv = bss->drv; 10253 struct nl_msg *msg; 10254 struct nlattr *params; 10255 10256 wpa_printf(MSG_DEBUG, "nl80211: Disable FILS=%d", disable); 10257 10258 if (!drv->set_wifi_conf_vendor_cmd_avail) 10259 return -1; 10260 10261 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) || 10262 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) || 10263 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD, 10264 QCA_NL80211_VENDOR_SUBCMD_SET_WIFI_CONFIGURATION) || 10265 !(params = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) || 10266 nla_put_u8(msg, QCA_WLAN_VENDOR_ATTR_CONFIG_DISABLE_FILS, 10267 disable)) { 10268 nlmsg_free(msg); 10269 return -1; 10270 } 10271 nla_nest_end(msg, params); 10272 10273 return send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); 10274 } 10275 10276 10277 /* Reserved QCA_WLAN_VENDOR_ATTR_ROAMING_REQ_ID value for wpa_supplicant */ 10278 #define WPA_SUPPLICANT_CLIENT_ID 1 10279 10280 static int nl80211_set_bssid_tmp_disallow(void *priv, unsigned int num_bssid, 10281 const u8 *bssid) 10282 { 10283 struct i802_bss *bss = priv; 10284 struct wpa_driver_nl80211_data *drv = bss->drv; 10285 struct nl_msg *msg; 10286 struct nlattr *params, *nlbssids, *attr; 10287 unsigned int i; 10288 10289 wpa_printf(MSG_DEBUG, 10290 "nl80211: Set temporarily disallowed BSSIDs (num=%u)", 10291 num_bssid); 10292 10293 if (!drv->roam_vendor_cmd_avail) 10294 return -1; 10295 10296 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) || 10297 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) || 10298 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD, 10299 QCA_NL80211_VENDOR_SUBCMD_ROAM) || 10300 !(params = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) || 10301 nla_put_u32(msg, QCA_WLAN_VENDOR_ATTR_ROAMING_SUBCMD, 10302 QCA_WLAN_VENDOR_ROAMING_SUBCMD_SET_BLACKLIST_BSSID) || 10303 nla_put_u32(msg, QCA_WLAN_VENDOR_ATTR_ROAMING_REQ_ID, 10304 WPA_SUPPLICANT_CLIENT_ID) || 10305 nla_put_u32(msg, 10306 QCA_WLAN_VENDOR_ATTR_ROAMING_PARAM_SET_BSSID_PARAMS_NUM_BSSID, 10307 num_bssid)) 10308 goto fail; 10309 10310 nlbssids = nla_nest_start( 10311 msg, QCA_WLAN_VENDOR_ATTR_ROAMING_PARAM_SET_BSSID_PARAMS); 10312 if (!nlbssids) 10313 goto fail; 10314 10315 for (i = 0; i < num_bssid; i++) { 10316 attr = nla_nest_start(msg, i); 10317 if (!attr) 10318 goto fail; 10319 if (nla_put(msg, 10320 QCA_WLAN_VENDOR_ATTR_ROAMING_PARAM_SET_BSSID_PARAMS_BSSID, 10321 ETH_ALEN, &bssid[i * ETH_ALEN])) 10322 goto fail; 10323 wpa_printf(MSG_DEBUG, "nl80211: BSSID[%u]: " MACSTR, i, 10324 MAC2STR(&bssid[i * ETH_ALEN])); 10325 nla_nest_end(msg, attr); 10326 } 10327 nla_nest_end(msg, nlbssids); 10328 nla_nest_end(msg, params); 10329 10330 return send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); 10331 10332 fail: 10333 nlmsg_free(msg); 10334 return -1; 10335 } 10336 10337 10338 static int nl80211_add_sta_node(void *priv, const u8 *addr, u16 auth_alg) 10339 { 10340 struct i802_bss *bss = priv; 10341 struct wpa_driver_nl80211_data *drv = bss->drv; 10342 struct nl_msg *msg; 10343 struct nlattr *params; 10344 10345 if (!drv->add_sta_node_vendor_cmd_avail) 10346 return -EOPNOTSUPP; 10347 10348 wpa_printf(MSG_DEBUG, "nl80211: Add STA node"); 10349 10350 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) || 10351 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) || 10352 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD, 10353 QCA_NL80211_VENDOR_SUBCMD_ADD_STA_NODE) || 10354 !(params = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) || 10355 (addr && 10356 nla_put(msg, QCA_WLAN_VENDOR_ATTR_ADD_STA_NODE_MAC_ADDR, ETH_ALEN, 10357 addr)) || 10358 nla_put_u16(msg, QCA_WLAN_VENDOR_ATTR_ADD_STA_NODE_AUTH_ALGO, 10359 auth_alg)) { 10360 nlmsg_free(msg); 10361 wpa_printf(MSG_ERROR, 10362 "%s: err in adding vendor_cmd and vendor_data", 10363 __func__); 10364 return -1; 10365 } 10366 nla_nest_end(msg, params); 10367 10368 return send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); 10369 } 10370 10371 #endif /* CONFIG_DRIVER_NL80211_QCA */ 10372 10373 10374 static int nl80211_set_mac_addr(void *priv, const u8 *addr) 10375 { 10376 struct i802_bss *bss = priv; 10377 struct wpa_driver_nl80211_data *drv = bss->drv; 10378 int new_addr = addr != NULL; 10379 10380 if (TEST_FAIL()) 10381 return -1; 10382 10383 if (!addr) 10384 addr = drv->perm_addr; 10385 10386 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 0) < 0) 10387 return -1; 10388 10389 if (linux_set_ifhwaddr(drv->global->ioctl_sock, bss->ifname, addr) < 0) 10390 { 10391 wpa_printf(MSG_DEBUG, 10392 "nl80211: failed to set_mac_addr for %s to " MACSTR, 10393 bss->ifname, MAC2STR(addr)); 10394 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 10395 1) < 0) { 10396 wpa_printf(MSG_DEBUG, 10397 "nl80211: Could not restore interface UP after failed set_mac_addr"); 10398 } 10399 return -1; 10400 } 10401 10402 wpa_printf(MSG_DEBUG, "nl80211: set_mac_addr for %s to " MACSTR, 10403 bss->ifname, MAC2STR(addr)); 10404 drv->addr_changed = new_addr; 10405 os_memcpy(bss->addr, addr, ETH_ALEN); 10406 10407 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 1) < 0) 10408 { 10409 wpa_printf(MSG_DEBUG, 10410 "nl80211: Could not restore interface UP after set_mac_addr"); 10411 } 10412 10413 return 0; 10414 } 10415 10416 10417 #ifdef CONFIG_MESH 10418 10419 static int wpa_driver_nl80211_init_mesh(void *priv) 10420 { 10421 if (wpa_driver_nl80211_set_mode(priv, NL80211_IFTYPE_MESH_POINT)) { 10422 wpa_printf(MSG_INFO, 10423 "nl80211: Failed to set interface into mesh mode"); 10424 return -1; 10425 } 10426 return 0; 10427 } 10428 10429 10430 static int nl80211_put_mesh_id(struct nl_msg *msg, const u8 *mesh_id, 10431 size_t mesh_id_len) 10432 { 10433 if (mesh_id) { 10434 wpa_printf(MSG_DEBUG, " * Mesh ID (SSID)=%s", 10435 wpa_ssid_txt(mesh_id, mesh_id_len)); 10436 return nla_put(msg, NL80211_ATTR_MESH_ID, mesh_id_len, mesh_id); 10437 } 10438 10439 return 0; 10440 } 10441 10442 10443 static int nl80211_put_mesh_config(struct nl_msg *msg, 10444 struct wpa_driver_mesh_bss_params *params) 10445 { 10446 struct nlattr *container; 10447 10448 container = nla_nest_start(msg, NL80211_ATTR_MESH_CONFIG); 10449 if (!container) 10450 return -1; 10451 10452 if (((params->flags & WPA_DRIVER_MESH_CONF_FLAG_AUTO_PLINKS) && 10453 nla_put_u8(msg, NL80211_MESHCONF_AUTO_OPEN_PLINKS, 10454 params->auto_plinks)) || 10455 ((params->flags & WPA_DRIVER_MESH_CONF_FLAG_MAX_PEER_LINKS) && 10456 nla_put_u16(msg, NL80211_MESHCONF_MAX_PEER_LINKS, 10457 params->max_peer_links)) || 10458 ((params->flags & WPA_DRIVER_MESH_CONF_FLAG_RSSI_THRESHOLD) && 10459 nla_put_u32(msg, NL80211_MESHCONF_RSSI_THRESHOLD, 10460 params->rssi_threshold))) 10461 return -1; 10462 10463 /* 10464 * Set NL80211_MESHCONF_PLINK_TIMEOUT even if user mpm is used because 10465 * the timer could disconnect stations even in that case. 10466 */ 10467 if ((params->flags & WPA_DRIVER_MESH_CONF_FLAG_PEER_LINK_TIMEOUT) && 10468 nla_put_u32(msg, NL80211_MESHCONF_PLINK_TIMEOUT, 10469 params->peer_link_timeout)) { 10470 wpa_printf(MSG_ERROR, "nl80211: Failed to set PLINK_TIMEOUT"); 10471 return -1; 10472 } 10473 10474 if ((params->flags & WPA_DRIVER_MESH_CONF_FLAG_HT_OP_MODE) && 10475 nla_put_u16(msg, NL80211_MESHCONF_HT_OPMODE, params->ht_opmode)) { 10476 wpa_printf(MSG_ERROR, "nl80211: Failed to set HT_OP_MODE"); 10477 return -1; 10478 } 10479 10480 nla_nest_end(msg, container); 10481 10482 return 0; 10483 } 10484 10485 10486 static int nl80211_join_mesh(struct i802_bss *bss, 10487 struct wpa_driver_mesh_join_params *params) 10488 { 10489 struct wpa_driver_nl80211_data *drv = bss->drv; 10490 struct nl_msg *msg; 10491 struct nlattr *container; 10492 int ret = -1; 10493 10494 wpa_printf(MSG_DEBUG, "nl80211: mesh join (ifindex=%d)", drv->ifindex); 10495 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_JOIN_MESH); 10496 if (!msg || 10497 nl80211_put_freq_params(msg, ¶ms->freq) || 10498 nl80211_put_basic_rates(msg, params->basic_rates) || 10499 nl80211_put_mesh_id(msg, params->meshid, params->meshid_len) || 10500 nl80211_put_beacon_int(msg, params->beacon_int) || 10501 nl80211_put_dtim_period(msg, params->dtim_period)) 10502 goto fail; 10503 10504 wpa_printf(MSG_DEBUG, " * flags=%08X", params->flags); 10505 10506 if (params->handle_dfs && nla_put_flag(msg, NL80211_ATTR_HANDLE_DFS)) 10507 goto fail; 10508 10509 container = nla_nest_start(msg, NL80211_ATTR_MESH_SETUP); 10510 if (!container) 10511 goto fail; 10512 10513 if (params->ies) { 10514 wpa_hexdump(MSG_DEBUG, " * IEs", params->ies, params->ie_len); 10515 if (nla_put(msg, NL80211_MESH_SETUP_IE, params->ie_len, 10516 params->ies)) 10517 goto fail; 10518 } 10519 /* WPA_DRIVER_MESH_FLAG_OPEN_AUTH is treated as default by nl80211 */ 10520 if (params->flags & WPA_DRIVER_MESH_FLAG_SAE_AUTH) { 10521 if (nla_put_u8(msg, NL80211_MESH_SETUP_AUTH_PROTOCOL, 0x1) || 10522 nla_put_flag(msg, NL80211_MESH_SETUP_USERSPACE_AUTH)) 10523 goto fail; 10524 } 10525 if ((params->flags & WPA_DRIVER_MESH_FLAG_AMPE) && 10526 nla_put_flag(msg, NL80211_MESH_SETUP_USERSPACE_AMPE)) 10527 goto fail; 10528 if ((params->flags & WPA_DRIVER_MESH_FLAG_USER_MPM) && 10529 nla_put_flag(msg, NL80211_MESH_SETUP_USERSPACE_MPM)) 10530 goto fail; 10531 nla_nest_end(msg, container); 10532 10533 params->conf.flags |= WPA_DRIVER_MESH_CONF_FLAG_AUTO_PLINKS; 10534 params->conf.flags |= WPA_DRIVER_MESH_CONF_FLAG_PEER_LINK_TIMEOUT; 10535 params->conf.flags |= WPA_DRIVER_MESH_CONF_FLAG_MAX_PEER_LINKS; 10536 if (nl80211_put_mesh_config(msg, ¶ms->conf) < 0) 10537 goto fail; 10538 10539 ret = send_and_recv_msgs_connect_handle(drv, msg, bss, 1); 10540 msg = NULL; 10541 if (ret) { 10542 wpa_printf(MSG_DEBUG, "nl80211: mesh join failed: ret=%d (%s)", 10543 ret, strerror(-ret)); 10544 goto fail; 10545 } 10546 ret = 0; 10547 drv->assoc_freq = bss->freq = params->freq.freq; 10548 wpa_printf(MSG_DEBUG, "nl80211: mesh join request send successfully"); 10549 10550 fail: 10551 nlmsg_free(msg); 10552 return ret; 10553 } 10554 10555 10556 static int 10557 wpa_driver_nl80211_join_mesh(void *priv, 10558 struct wpa_driver_mesh_join_params *params) 10559 { 10560 struct i802_bss *bss = priv; 10561 int ret, timeout; 10562 10563 timeout = params->conf.peer_link_timeout; 10564 10565 /* Disable kernel inactivity timer */ 10566 if (params->flags & WPA_DRIVER_MESH_FLAG_USER_MPM) 10567 params->conf.peer_link_timeout = 0; 10568 10569 ret = nl80211_join_mesh(bss, params); 10570 if (ret == -EINVAL && params->conf.peer_link_timeout == 0) { 10571 wpa_printf(MSG_DEBUG, 10572 "nl80211: Mesh join retry for peer_link_timeout"); 10573 /* 10574 * Old kernel does not support setting 10575 * NL80211_MESHCONF_PLINK_TIMEOUT to zero, so set 60 seconds 10576 * into future from peer_link_timeout. 10577 */ 10578 params->conf.peer_link_timeout = timeout + 60; 10579 ret = nl80211_join_mesh(priv, params); 10580 } 10581 10582 params->conf.peer_link_timeout = timeout; 10583 return ret; 10584 } 10585 10586 10587 static int wpa_driver_nl80211_leave_mesh(void *priv) 10588 { 10589 struct i802_bss *bss = priv; 10590 struct wpa_driver_nl80211_data *drv = bss->drv; 10591 struct nl_msg *msg; 10592 int ret; 10593 10594 wpa_printf(MSG_DEBUG, "nl80211: mesh leave (ifindex=%d)", drv->ifindex); 10595 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_LEAVE_MESH); 10596 ret = send_and_recv_msgs_connect_handle(drv, msg, bss, 0); 10597 if (ret) { 10598 wpa_printf(MSG_DEBUG, "nl80211: mesh leave failed: ret=%d (%s)", 10599 ret, strerror(-ret)); 10600 } else { 10601 wpa_printf(MSG_DEBUG, 10602 "nl80211: mesh leave request send successfully"); 10603 } 10604 10605 if (drv->start_mode_sta && 10606 wpa_driver_nl80211_set_mode(drv->first_bss, 10607 NL80211_IFTYPE_STATION)) { 10608 wpa_printf(MSG_INFO, 10609 "nl80211: Failed to set interface into station mode"); 10610 } 10611 return ret; 10612 } 10613 10614 10615 static int nl80211_probe_mesh_link(void *priv, const u8 *addr, const u8 *eth, 10616 size_t len) 10617 { 10618 struct i802_bss *bss = priv; 10619 struct wpa_driver_nl80211_data *drv = bss->drv; 10620 struct nl_msg *msg; 10621 int ret; 10622 10623 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_PROBE_MESH_LINK); 10624 if (!msg || 10625 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr) || 10626 nla_put(msg, NL80211_ATTR_FRAME, len, eth)) { 10627 nlmsg_free(msg); 10628 return -ENOBUFS; 10629 } 10630 10631 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); 10632 if (ret) { 10633 wpa_printf(MSG_DEBUG, "nl80211: mesh link probe to " MACSTR 10634 " failed: ret=%d (%s)", 10635 MAC2STR(addr), ret, strerror(-ret)); 10636 } else { 10637 wpa_printf(MSG_DEBUG, "nl80211: Mesh link to " MACSTR 10638 " probed successfully", MAC2STR(addr)); 10639 } 10640 10641 return ret; 10642 } 10643 10644 #endif /* CONFIG_MESH */ 10645 10646 10647 static int wpa_driver_br_add_ip_neigh(void *priv, u8 version, 10648 const u8 *ipaddr, int prefixlen, 10649 const u8 *addr) 10650 { 10651 #ifdef CONFIG_LIBNL3_ROUTE 10652 struct i802_bss *bss = priv; 10653 struct wpa_driver_nl80211_data *drv = bss->drv; 10654 struct rtnl_neigh *rn; 10655 struct nl_addr *nl_ipaddr = NULL; 10656 struct nl_addr *nl_lladdr = NULL; 10657 int family, addrsize; 10658 int res; 10659 10660 if (!ipaddr || prefixlen == 0 || !addr) 10661 return -EINVAL; 10662 10663 if (bss->br_ifindex == 0) { 10664 wpa_printf(MSG_DEBUG, 10665 "nl80211: bridge must be set before adding an ip neigh to it"); 10666 return -1; 10667 } 10668 10669 if (!drv->rtnl_sk) { 10670 wpa_printf(MSG_DEBUG, 10671 "nl80211: nl_sock for NETLINK_ROUTE is not initialized"); 10672 return -1; 10673 } 10674 10675 if (version == 4) { 10676 family = AF_INET; 10677 addrsize = 4; 10678 } else if (version == 6) { 10679 family = AF_INET6; 10680 addrsize = 16; 10681 } else { 10682 return -EINVAL; 10683 } 10684 10685 rn = rtnl_neigh_alloc(); 10686 if (rn == NULL) 10687 return -ENOMEM; 10688 10689 /* set the destination ip address for neigh */ 10690 nl_ipaddr = nl_addr_build(family, (void *) ipaddr, addrsize); 10691 if (nl_ipaddr == NULL) { 10692 wpa_printf(MSG_DEBUG, "nl80211: nl_ipaddr build failed"); 10693 res = -ENOMEM; 10694 goto errout; 10695 } 10696 nl_addr_set_prefixlen(nl_ipaddr, prefixlen); 10697 res = rtnl_neigh_set_dst(rn, nl_ipaddr); 10698 if (res) { 10699 wpa_printf(MSG_DEBUG, 10700 "nl80211: neigh set destination addr failed"); 10701 goto errout; 10702 } 10703 10704 /* set the corresponding lladdr for neigh */ 10705 nl_lladdr = nl_addr_build(AF_BRIDGE, (u8 *) addr, ETH_ALEN); 10706 if (nl_lladdr == NULL) { 10707 wpa_printf(MSG_DEBUG, "nl80211: neigh set lladdr failed"); 10708 res = -ENOMEM; 10709 goto errout; 10710 } 10711 rtnl_neigh_set_lladdr(rn, nl_lladdr); 10712 10713 rtnl_neigh_set_ifindex(rn, bss->br_ifindex); 10714 rtnl_neigh_set_state(rn, NUD_PERMANENT); 10715 10716 res = rtnl_neigh_add(drv->rtnl_sk, rn, NLM_F_CREATE); 10717 if (res) { 10718 wpa_printf(MSG_DEBUG, 10719 "nl80211: Adding bridge ip neigh failed: %s", 10720 nl_geterror(res)); 10721 } 10722 errout: 10723 if (nl_lladdr) 10724 nl_addr_put(nl_lladdr); 10725 if (nl_ipaddr) 10726 nl_addr_put(nl_ipaddr); 10727 if (rn) 10728 rtnl_neigh_put(rn); 10729 return res; 10730 #else /* CONFIG_LIBNL3_ROUTE */ 10731 return -1; 10732 #endif /* CONFIG_LIBNL3_ROUTE */ 10733 } 10734 10735 10736 static int wpa_driver_br_delete_ip_neigh(void *priv, u8 version, 10737 const u8 *ipaddr) 10738 { 10739 #ifdef CONFIG_LIBNL3_ROUTE 10740 struct i802_bss *bss = priv; 10741 struct wpa_driver_nl80211_data *drv = bss->drv; 10742 struct rtnl_neigh *rn; 10743 struct nl_addr *nl_ipaddr; 10744 int family, addrsize; 10745 int res; 10746 10747 if (!ipaddr) 10748 return -EINVAL; 10749 10750 if (version == 4) { 10751 family = AF_INET; 10752 addrsize = 4; 10753 } else if (version == 6) { 10754 family = AF_INET6; 10755 addrsize = 16; 10756 } else { 10757 return -EINVAL; 10758 } 10759 10760 if (bss->br_ifindex == 0) { 10761 wpa_printf(MSG_DEBUG, 10762 "nl80211: bridge must be set to delete an ip neigh"); 10763 return -1; 10764 } 10765 10766 if (!drv->rtnl_sk) { 10767 wpa_printf(MSG_DEBUG, 10768 "nl80211: nl_sock for NETLINK_ROUTE is not initialized"); 10769 return -1; 10770 } 10771 10772 rn = rtnl_neigh_alloc(); 10773 if (rn == NULL) 10774 return -ENOMEM; 10775 10776 /* set the destination ip address for neigh */ 10777 nl_ipaddr = nl_addr_build(family, (void *) ipaddr, addrsize); 10778 if (nl_ipaddr == NULL) { 10779 wpa_printf(MSG_DEBUG, "nl80211: nl_ipaddr build failed"); 10780 res = -ENOMEM; 10781 goto errout; 10782 } 10783 res = rtnl_neigh_set_dst(rn, nl_ipaddr); 10784 if (res) { 10785 wpa_printf(MSG_DEBUG, 10786 "nl80211: neigh set destination addr failed"); 10787 goto errout; 10788 } 10789 10790 rtnl_neigh_set_ifindex(rn, bss->br_ifindex); 10791 10792 res = rtnl_neigh_delete(drv->rtnl_sk, rn, 0); 10793 if (res) { 10794 wpa_printf(MSG_DEBUG, 10795 "nl80211: Deleting bridge ip neigh failed: %s", 10796 nl_geterror(res)); 10797 } 10798 errout: 10799 if (nl_ipaddr) 10800 nl_addr_put(nl_ipaddr); 10801 if (rn) 10802 rtnl_neigh_put(rn); 10803 return res; 10804 #else /* CONFIG_LIBNL3_ROUTE */ 10805 return -1; 10806 #endif /* CONFIG_LIBNL3_ROUTE */ 10807 } 10808 10809 10810 static int linux_write_system_file(const char *path, unsigned int val) 10811 { 10812 char buf[50]; 10813 int fd, len; 10814 10815 len = os_snprintf(buf, sizeof(buf), "%u\n", val); 10816 if (os_snprintf_error(sizeof(buf), len)) 10817 return -1; 10818 10819 fd = open(path, O_WRONLY); 10820 if (fd < 0) 10821 return -1; 10822 10823 if (write(fd, buf, len) < 0) { 10824 wpa_printf(MSG_DEBUG, 10825 "nl80211: Failed to write Linux system file: %s with the value of %d", 10826 path, val); 10827 close(fd); 10828 return -1; 10829 } 10830 close(fd); 10831 10832 return 0; 10833 } 10834 10835 10836 static const char * drv_br_port_attr_str(enum drv_br_port_attr attr) 10837 { 10838 switch (attr) { 10839 case DRV_BR_PORT_ATTR_PROXYARP: 10840 return "proxyarp_wifi"; 10841 case DRV_BR_PORT_ATTR_HAIRPIN_MODE: 10842 return "hairpin_mode"; 10843 } 10844 10845 return NULL; 10846 } 10847 10848 10849 static int wpa_driver_br_port_set_attr(void *priv, enum drv_br_port_attr attr, 10850 unsigned int val) 10851 { 10852 struct i802_bss *bss = priv; 10853 char path[128]; 10854 const char *attr_txt; 10855 10856 attr_txt = drv_br_port_attr_str(attr); 10857 if (attr_txt == NULL) 10858 return -EINVAL; 10859 10860 os_snprintf(path, sizeof(path), "/sys/class/net/%s/brport/%s", 10861 bss->ifname, attr_txt); 10862 10863 if (linux_write_system_file(path, val)) 10864 return -1; 10865 10866 return 0; 10867 } 10868 10869 10870 static const char * drv_br_net_param_str(enum drv_br_net_param param) 10871 { 10872 switch (param) { 10873 case DRV_BR_NET_PARAM_GARP_ACCEPT: 10874 return "arp_accept"; 10875 default: 10876 return NULL; 10877 } 10878 } 10879 10880 10881 static int wpa_driver_br_set_net_param(void *priv, enum drv_br_net_param param, 10882 unsigned int val) 10883 { 10884 struct i802_bss *bss = priv; 10885 char path[128]; 10886 const char *param_txt; 10887 int ip_version = 4; 10888 10889 if (param == DRV_BR_MULTICAST_SNOOPING) { 10890 os_snprintf(path, sizeof(path), 10891 "/sys/devices/virtual/net/%s/bridge/multicast_snooping", 10892 bss->brname); 10893 goto set_val; 10894 } 10895 10896 param_txt = drv_br_net_param_str(param); 10897 if (param_txt == NULL) 10898 return -EINVAL; 10899 10900 switch (param) { 10901 case DRV_BR_NET_PARAM_GARP_ACCEPT: 10902 ip_version = 4; 10903 break; 10904 default: 10905 return -EINVAL; 10906 } 10907 10908 os_snprintf(path, sizeof(path), "/proc/sys/net/ipv%d/conf/%s/%s", 10909 ip_version, bss->brname, param_txt); 10910 10911 set_val: 10912 if (linux_write_system_file(path, val)) 10913 return -1; 10914 10915 return 0; 10916 } 10917 10918 10919 #ifdef CONFIG_DRIVER_NL80211_QCA 10920 10921 static int hw_mode_to_qca_acs(enum hostapd_hw_mode hw_mode) 10922 { 10923 switch (hw_mode) { 10924 case HOSTAPD_MODE_IEEE80211B: 10925 return QCA_ACS_MODE_IEEE80211B; 10926 case HOSTAPD_MODE_IEEE80211G: 10927 return QCA_ACS_MODE_IEEE80211G; 10928 case HOSTAPD_MODE_IEEE80211A: 10929 return QCA_ACS_MODE_IEEE80211A; 10930 case HOSTAPD_MODE_IEEE80211AD: 10931 return QCA_ACS_MODE_IEEE80211AD; 10932 case HOSTAPD_MODE_IEEE80211ANY: 10933 return QCA_ACS_MODE_IEEE80211ANY; 10934 default: 10935 return -1; 10936 } 10937 } 10938 10939 10940 static int add_acs_ch_list(struct nl_msg *msg, const int *freq_list) 10941 { 10942 int num_channels = 0, num_freqs; 10943 u8 *ch_list; 10944 enum hostapd_hw_mode hw_mode; 10945 int ret = 0; 10946 int i; 10947 10948 if (!freq_list) 10949 return 0; 10950 10951 num_freqs = int_array_len(freq_list); 10952 ch_list = os_malloc(sizeof(u8) * num_freqs); 10953 if (!ch_list) 10954 return -1; 10955 10956 for (i = 0; i < num_freqs; i++) { 10957 const int freq = freq_list[i]; 10958 10959 if (freq == 0) 10960 break; 10961 /* Send 2.4 GHz and 5 GHz channels with 10962 * QCA_WLAN_VENDOR_ATTR_ACS_CH_LIST to maintain backwards 10963 * compatibility. 10964 */ 10965 if (!(freq >= 2412 && freq <= 2484) && 10966 !(freq >= 5180 && freq <= 5900) && 10967 !(freq >= 5945 && freq <= 7115)) 10968 continue; 10969 hw_mode = ieee80211_freq_to_chan(freq, &ch_list[num_channels]); 10970 if (hw_mode != NUM_HOSTAPD_MODES) 10971 num_channels++; 10972 } 10973 10974 if (num_channels) 10975 ret = nla_put(msg, QCA_WLAN_VENDOR_ATTR_ACS_CH_LIST, 10976 num_channels, ch_list); 10977 10978 os_free(ch_list); 10979 return ret; 10980 } 10981 10982 10983 static int add_acs_freq_list(struct nl_msg *msg, const int *freq_list) 10984 { 10985 int i, len, ret; 10986 u32 *freqs; 10987 10988 if (!freq_list) 10989 return 0; 10990 len = int_array_len(freq_list); 10991 freqs = os_malloc(sizeof(u32) * len); 10992 if (!freqs) 10993 return -1; 10994 for (i = 0; i < len; i++) 10995 freqs[i] = freq_list[i]; 10996 ret = nla_put(msg, QCA_WLAN_VENDOR_ATTR_ACS_FREQ_LIST, 10997 sizeof(u32) * len, freqs); 10998 os_free(freqs); 10999 return ret; 11000 } 11001 11002 11003 static int nl80211_qca_do_acs(struct wpa_driver_nl80211_data *drv, 11004 struct drv_acs_params *params) 11005 { 11006 struct nl_msg *msg; 11007 struct nlattr *data; 11008 int ret; 11009 int mode; 11010 11011 mode = hw_mode_to_qca_acs(params->hw_mode); 11012 if (mode < 0) 11013 return -1; 11014 11015 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) || 11016 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) || 11017 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD, 11018 QCA_NL80211_VENDOR_SUBCMD_DO_ACS) || 11019 !(data = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) || 11020 nla_put_u8(msg, QCA_WLAN_VENDOR_ATTR_ACS_HW_MODE, mode) || 11021 (params->ht_enabled && 11022 nla_put_flag(msg, QCA_WLAN_VENDOR_ATTR_ACS_HT_ENABLED)) || 11023 (params->ht40_enabled && 11024 nla_put_flag(msg, QCA_WLAN_VENDOR_ATTR_ACS_HT40_ENABLED)) || 11025 (params->vht_enabled && 11026 nla_put_flag(msg, QCA_WLAN_VENDOR_ATTR_ACS_VHT_ENABLED)) || 11027 nla_put_u16(msg, QCA_WLAN_VENDOR_ATTR_ACS_CHWIDTH, 11028 params->ch_width) || 11029 add_acs_ch_list(msg, params->freq_list) || 11030 add_acs_freq_list(msg, params->freq_list) || 11031 (params->edmg_enabled && 11032 nla_put_flag(msg, QCA_WLAN_VENDOR_ATTR_ACS_EDMG_ENABLED))) { 11033 nlmsg_free(msg); 11034 return -ENOBUFS; 11035 } 11036 nla_nest_end(msg, data); 11037 11038 wpa_printf(MSG_DEBUG, 11039 "nl80211: ACS Params: HW_MODE: %d HT: %d HT40: %d VHT: %d BW: %d EDMG: %d", 11040 params->hw_mode, params->ht_enabled, params->ht40_enabled, 11041 params->vht_enabled, params->ch_width, params->edmg_enabled); 11042 11043 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); 11044 if (ret) { 11045 wpa_printf(MSG_DEBUG, 11046 "nl80211: Failed to invoke driver ACS function: %s", 11047 strerror(-ret)); 11048 } 11049 return ret; 11050 } 11051 11052 11053 static int nl80211_set_band(void *priv, u32 band_mask) 11054 { 11055 struct i802_bss *bss = priv; 11056 struct wpa_driver_nl80211_data *drv = bss->drv; 11057 struct nl_msg *msg; 11058 struct nlattr *data; 11059 int ret; 11060 enum qca_set_band qca_band_value; 11061 u32 qca_band_mask = QCA_SETBAND_AUTO; 11062 11063 if (!drv->setband_vendor_cmd_avail || 11064 (band_mask > (WPA_SETBAND_2G | WPA_SETBAND_5G | WPA_SETBAND_6G))) 11065 return -1; 11066 11067 if (band_mask & WPA_SETBAND_5G) 11068 qca_band_mask |= QCA_SETBAND_5G; 11069 if (band_mask & WPA_SETBAND_2G) 11070 qca_band_mask |= QCA_SETBAND_2G; 11071 if (band_mask & WPA_SETBAND_6G) 11072 qca_band_mask |= QCA_SETBAND_6G; 11073 11074 /* 11075 * QCA_WLAN_VENDOR_ATTR_SETBAND_VALUE is a legacy interface hence make 11076 * it suite to its values (AUTO/5G/2G) for backwards compatibility. 11077 */ 11078 qca_band_value = ((qca_band_mask & QCA_SETBAND_5G) && 11079 (qca_band_mask & QCA_SETBAND_2G)) ? 11080 QCA_SETBAND_AUTO : 11081 qca_band_mask & ~QCA_SETBAND_6G; 11082 11083 wpa_printf(MSG_DEBUG, 11084 "nl80211: QCA_BAND_MASK = 0x%x, QCA_BAND_VALUE = %d", 11085 qca_band_mask, qca_band_value); 11086 11087 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) || 11088 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) || 11089 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD, 11090 QCA_NL80211_VENDOR_SUBCMD_SETBAND) || 11091 !(data = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) || 11092 nla_put_u32(msg, QCA_WLAN_VENDOR_ATTR_SETBAND_VALUE, 11093 qca_band_value) || 11094 nla_put_u32(msg, QCA_WLAN_VENDOR_ATTR_SETBAND_MASK, 11095 qca_band_mask)) { 11096 nlmsg_free(msg); 11097 return -ENOBUFS; 11098 } 11099 nla_nest_end(msg, data); 11100 11101 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); 11102 if (ret) { 11103 wpa_printf(MSG_DEBUG, 11104 "nl80211: Driver setband function failed: %s", 11105 strerror(-ret)); 11106 } 11107 return ret; 11108 } 11109 11110 11111 struct nl80211_pcl { 11112 unsigned int num; 11113 unsigned int *freq_list; 11114 }; 11115 11116 static int preferred_freq_info_handler(struct nl_msg *msg, void *arg) 11117 { 11118 struct nlattr *tb[NL80211_ATTR_MAX + 1]; 11119 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); 11120 struct nl80211_pcl *param = arg; 11121 struct nlattr *nl_vend, *attr; 11122 enum qca_iface_type iface_type; 11123 struct nlattr *tb_vendor[QCA_WLAN_VENDOR_ATTR_MAX + 1]; 11124 unsigned int num, max_num; 11125 u32 *freqs; 11126 11127 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), 11128 genlmsg_attrlen(gnlh, 0), NULL); 11129 11130 nl_vend = tb[NL80211_ATTR_VENDOR_DATA]; 11131 if (!nl_vend) 11132 return NL_SKIP; 11133 11134 nla_parse(tb_vendor, QCA_WLAN_VENDOR_ATTR_MAX, 11135 nla_data(nl_vend), nla_len(nl_vend), NULL); 11136 11137 attr = tb_vendor[ 11138 QCA_WLAN_VENDOR_ATTR_GET_PREFERRED_FREQ_LIST_IFACE_TYPE]; 11139 if (!attr) { 11140 wpa_printf(MSG_ERROR, "nl80211: iface_type couldn't be found"); 11141 param->num = 0; 11142 return NL_SKIP; 11143 } 11144 11145 iface_type = (enum qca_iface_type) nla_get_u32(attr); 11146 wpa_printf(MSG_DEBUG, "nl80211: Driver returned iface_type=%d", 11147 iface_type); 11148 11149 attr = tb_vendor[QCA_WLAN_VENDOR_ATTR_GET_PREFERRED_FREQ_LIST]; 11150 if (!attr) { 11151 wpa_printf(MSG_ERROR, 11152 "nl80211: preferred_freq_list couldn't be found"); 11153 param->num = 0; 11154 return NL_SKIP; 11155 } 11156 11157 /* 11158 * param->num has the maximum number of entries for which there 11159 * is room in the freq_list provided by the caller. 11160 */ 11161 freqs = nla_data(attr); 11162 max_num = nla_len(attr) / sizeof(u32); 11163 if (max_num > param->num) 11164 max_num = param->num; 11165 for (num = 0; num < max_num; num++) 11166 param->freq_list[num] = freqs[num]; 11167 param->num = num; 11168 11169 return NL_SKIP; 11170 } 11171 11172 11173 static int nl80211_get_pref_freq_list(void *priv, 11174 enum wpa_driver_if_type if_type, 11175 unsigned int *num, 11176 unsigned int *freq_list) 11177 { 11178 struct i802_bss *bss = priv; 11179 struct wpa_driver_nl80211_data *drv = bss->drv; 11180 struct nl_msg *msg; 11181 int ret; 11182 unsigned int i; 11183 struct nlattr *params; 11184 struct nl80211_pcl param; 11185 enum qca_iface_type iface_type; 11186 11187 if (!drv->get_pref_freq_list) 11188 return -1; 11189 11190 switch (if_type) { 11191 case WPA_IF_STATION: 11192 iface_type = QCA_IFACE_TYPE_STA; 11193 break; 11194 case WPA_IF_AP_BSS: 11195 iface_type = QCA_IFACE_TYPE_AP; 11196 break; 11197 case WPA_IF_P2P_GO: 11198 iface_type = QCA_IFACE_TYPE_P2P_GO; 11199 break; 11200 case WPA_IF_P2P_CLIENT: 11201 iface_type = QCA_IFACE_TYPE_P2P_CLIENT; 11202 break; 11203 case WPA_IF_IBSS: 11204 iface_type = QCA_IFACE_TYPE_IBSS; 11205 break; 11206 case WPA_IF_TDLS: 11207 iface_type = QCA_IFACE_TYPE_TDLS; 11208 break; 11209 default: 11210 return -1; 11211 } 11212 11213 param.num = *num; 11214 param.freq_list = freq_list; 11215 11216 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) || 11217 nla_put_u32(msg, NL80211_ATTR_IFINDEX, drv->ifindex) || 11218 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) || 11219 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD, 11220 QCA_NL80211_VENDOR_SUBCMD_GET_PREFERRED_FREQ_LIST) || 11221 !(params = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) || 11222 nla_put_u32(msg, 11223 QCA_WLAN_VENDOR_ATTR_GET_PREFERRED_FREQ_LIST_IFACE_TYPE, 11224 iface_type)) { 11225 wpa_printf(MSG_ERROR, 11226 "%s: err in adding vendor_cmd and vendor_data", 11227 __func__); 11228 nlmsg_free(msg); 11229 return -1; 11230 } 11231 nla_nest_end(msg, params); 11232 11233 os_memset(freq_list, 0, *num * sizeof(freq_list[0])); 11234 ret = send_and_recv_msgs(drv, msg, preferred_freq_info_handler, ¶m, 11235 NULL, NULL); 11236 if (ret) { 11237 wpa_printf(MSG_ERROR, 11238 "%s: err in send_and_recv_msgs", __func__); 11239 return ret; 11240 } 11241 11242 *num = param.num; 11243 11244 for (i = 0; i < *num; i++) { 11245 wpa_printf(MSG_DEBUG, "nl80211: preferred_channel_list[%d]=%d", 11246 i, freq_list[i]); 11247 } 11248 11249 return 0; 11250 } 11251 11252 11253 static int nl80211_set_prob_oper_freq(void *priv, unsigned int freq) 11254 { 11255 struct i802_bss *bss = priv; 11256 struct wpa_driver_nl80211_data *drv = bss->drv; 11257 struct nl_msg *msg; 11258 int ret; 11259 struct nlattr *params; 11260 11261 if (!drv->set_prob_oper_freq) 11262 return -1; 11263 11264 wpa_printf(MSG_DEBUG, 11265 "nl80211: Set P2P probable operating freq %u for ifindex %d", 11266 freq, bss->ifindex); 11267 11268 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) || 11269 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) || 11270 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD, 11271 QCA_NL80211_VENDOR_SUBCMD_SET_PROBABLE_OPER_CHANNEL) || 11272 !(params = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) || 11273 nla_put_u32(msg, 11274 QCA_WLAN_VENDOR_ATTR_PROBABLE_OPER_CHANNEL_IFACE_TYPE, 11275 QCA_IFACE_TYPE_P2P_CLIENT) || 11276 nla_put_u32(msg, 11277 QCA_WLAN_VENDOR_ATTR_PROBABLE_OPER_CHANNEL_FREQ, 11278 freq)) { 11279 wpa_printf(MSG_ERROR, 11280 "%s: err in adding vendor_cmd and vendor_data", 11281 __func__); 11282 nlmsg_free(msg); 11283 return -1; 11284 } 11285 nla_nest_end(msg, params); 11286 11287 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); 11288 msg = NULL; 11289 if (ret) { 11290 wpa_printf(MSG_ERROR, "%s: err in send_and_recv_msgs", 11291 __func__); 11292 return ret; 11293 } 11294 nlmsg_free(msg); 11295 return 0; 11296 } 11297 11298 11299 static int nl80211_p2p_lo_start(void *priv, unsigned int freq, 11300 unsigned int period, unsigned int interval, 11301 unsigned int count, const u8 *device_types, 11302 size_t dev_types_len, 11303 const u8 *ies, size_t ies_len) 11304 { 11305 struct i802_bss *bss = priv; 11306 struct wpa_driver_nl80211_data *drv = bss->drv; 11307 struct nl_msg *msg; 11308 struct nlattr *container; 11309 int ret; 11310 11311 wpa_printf(MSG_DEBUG, 11312 "nl80211: Start P2P Listen offload: freq=%u, period=%u, interval=%u, count=%u", 11313 freq, period, interval, count); 11314 11315 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_P2P_LISTEN_OFFLOAD)) 11316 return -1; 11317 11318 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) || 11319 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) || 11320 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD, 11321 QCA_NL80211_VENDOR_SUBCMD_P2P_LISTEN_OFFLOAD_START)) 11322 goto fail; 11323 11324 container = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA); 11325 if (!container) 11326 goto fail; 11327 11328 if (nla_put_u32(msg, QCA_WLAN_VENDOR_ATTR_P2P_LISTEN_OFFLOAD_CHANNEL, 11329 freq) || 11330 nla_put_u32(msg, QCA_WLAN_VENDOR_ATTR_P2P_LISTEN_OFFLOAD_PERIOD, 11331 period) || 11332 nla_put_u32(msg, QCA_WLAN_VENDOR_ATTR_P2P_LISTEN_OFFLOAD_INTERVAL, 11333 interval) || 11334 nla_put_u32(msg, QCA_WLAN_VENDOR_ATTR_P2P_LISTEN_OFFLOAD_COUNT, 11335 count) || 11336 nla_put(msg, QCA_WLAN_VENDOR_ATTR_P2P_LISTEN_OFFLOAD_DEVICE_TYPES, 11337 dev_types_len, device_types) || 11338 nla_put(msg, QCA_WLAN_VENDOR_ATTR_P2P_LISTEN_OFFLOAD_VENDOR_IE, 11339 ies_len, ies)) 11340 goto fail; 11341 11342 nla_nest_end(msg, container); 11343 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); 11344 msg = NULL; 11345 if (ret) { 11346 wpa_printf(MSG_DEBUG, 11347 "nl80211: Failed to send P2P Listen offload vendor command"); 11348 goto fail; 11349 } 11350 11351 return 0; 11352 11353 fail: 11354 nlmsg_free(msg); 11355 return -1; 11356 } 11357 11358 11359 static int nl80211_p2p_lo_stop(void *priv) 11360 { 11361 struct i802_bss *bss = priv; 11362 struct wpa_driver_nl80211_data *drv = bss->drv; 11363 struct nl_msg *msg; 11364 11365 wpa_printf(MSG_DEBUG, "nl80211: Stop P2P Listen offload"); 11366 11367 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_P2P_LISTEN_OFFLOAD)) 11368 return -1; 11369 11370 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) || 11371 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) || 11372 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD, 11373 QCA_NL80211_VENDOR_SUBCMD_P2P_LISTEN_OFFLOAD_STOP)) { 11374 nlmsg_free(msg); 11375 return -1; 11376 } 11377 11378 return send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); 11379 } 11380 11381 11382 static int nl80211_set_tdls_mode(void *priv, int tdls_external_control) 11383 { 11384 struct i802_bss *bss = priv; 11385 struct wpa_driver_nl80211_data *drv = bss->drv; 11386 struct nl_msg *msg; 11387 struct nlattr *params; 11388 int ret; 11389 u32 tdls_mode; 11390 11391 wpa_printf(MSG_DEBUG, 11392 "nl80211: Set TDKS mode: tdls_external_control=%d", 11393 tdls_external_control); 11394 11395 if (tdls_external_control == 1) 11396 tdls_mode = QCA_WLAN_VENDOR_TDLS_TRIGGER_MODE_IMPLICIT | 11397 QCA_WLAN_VENDOR_TDLS_TRIGGER_MODE_EXTERNAL; 11398 else 11399 tdls_mode = QCA_WLAN_VENDOR_TDLS_TRIGGER_MODE_EXPLICIT; 11400 11401 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) || 11402 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) || 11403 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD, 11404 QCA_NL80211_VENDOR_SUBCMD_CONFIGURE_TDLS)) 11405 goto fail; 11406 11407 params = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA); 11408 if (!params) 11409 goto fail; 11410 11411 if (nla_put_u32(msg, QCA_WLAN_VENDOR_ATTR_TDLS_CONFIG_TRIGGER_MODE, 11412 tdls_mode)) 11413 goto fail; 11414 11415 nla_nest_end(msg, params); 11416 11417 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); 11418 msg = NULL; 11419 if (ret) { 11420 wpa_printf(MSG_ERROR, 11421 "nl80211: Set TDLS mode failed: ret=%d (%s)", 11422 ret, strerror(-ret)); 11423 goto fail; 11424 } 11425 return 0; 11426 fail: 11427 nlmsg_free(msg); 11428 return -1; 11429 } 11430 11431 11432 #ifdef CONFIG_MBO 11433 11434 static enum mbo_transition_reject_reason 11435 nl80211_mbo_reject_reason_mapping(enum qca_wlan_btm_candidate_status status) 11436 { 11437 switch (status) { 11438 case QCA_STATUS_REJECT_EXCESSIVE_FRAME_LOSS_EXPECTED: 11439 return MBO_TRANSITION_REJECT_REASON_FRAME_LOSS; 11440 case QCA_STATUS_REJECT_EXCESSIVE_DELAY_EXPECTED: 11441 return MBO_TRANSITION_REJECT_REASON_DELAY; 11442 case QCA_STATUS_REJECT_INSUFFICIENT_QOS_CAPACITY: 11443 return MBO_TRANSITION_REJECT_REASON_QOS_CAPACITY; 11444 case QCA_STATUS_REJECT_LOW_RSSI: 11445 return MBO_TRANSITION_REJECT_REASON_RSSI; 11446 case QCA_STATUS_REJECT_HIGH_INTERFERENCE: 11447 return MBO_TRANSITION_REJECT_REASON_INTERFERENCE; 11448 case QCA_STATUS_REJECT_UNKNOWN: 11449 default: 11450 return MBO_TRANSITION_REJECT_REASON_UNSPECIFIED; 11451 } 11452 } 11453 11454 11455 static void nl80211_parse_btm_candidate_info(struct candidate_list *candidate, 11456 struct nlattr *tb[], int num) 11457 { 11458 enum qca_wlan_btm_candidate_status status; 11459 char buf[50]; 11460 11461 os_memcpy(candidate->bssid, 11462 nla_data(tb[QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO_BSSID]), 11463 ETH_ALEN); 11464 11465 status = nla_get_u32( 11466 tb[QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO_STATUS]); 11467 candidate->is_accept = status == QCA_STATUS_ACCEPT; 11468 candidate->reject_reason = nl80211_mbo_reject_reason_mapping(status); 11469 11470 if (candidate->is_accept) 11471 os_snprintf(buf, sizeof(buf), "Accepted"); 11472 else 11473 os_snprintf(buf, sizeof(buf), 11474 "Rejected, Reject_reason: %d", 11475 candidate->reject_reason); 11476 wpa_printf(MSG_DEBUG, "nl80211: BSSID[%d]: " MACSTR " %s", 11477 num, MAC2STR(candidate->bssid), buf); 11478 } 11479 11480 11481 static int 11482 nl80211_get_bss_transition_status_handler(struct nl_msg *msg, void *arg) 11483 { 11484 struct wpa_bss_candidate_info *info = arg; 11485 struct candidate_list *candidate = info->candidates; 11486 struct nlattr *tb_msg[NL80211_ATTR_MAX + 1]; 11487 struct nlattr *tb_vendor[QCA_WLAN_VENDOR_ATTR_MAX + 1]; 11488 struct nlattr *tb[QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO_MAX + 1]; 11489 static struct nla_policy policy[ 11490 QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO_MAX + 1] = { 11491 [QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO_BSSID] = { 11492 .minlen = ETH_ALEN 11493 }, 11494 [QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO_STATUS] = { 11495 .type = NLA_U32, 11496 }, 11497 }; 11498 struct nlattr *attr; 11499 int rem; 11500 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); 11501 u8 num; 11502 11503 num = info->num; /* number of candidates sent to driver */ 11504 info->num = 0; 11505 nla_parse(tb_msg, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), 11506 genlmsg_attrlen(gnlh, 0), NULL); 11507 11508 if (!tb_msg[NL80211_ATTR_VENDOR_DATA] || 11509 nla_parse_nested(tb_vendor, QCA_WLAN_VENDOR_ATTR_MAX, 11510 tb_msg[NL80211_ATTR_VENDOR_DATA], NULL) || 11511 !tb_vendor[QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO]) 11512 return NL_SKIP; 11513 11514 wpa_printf(MSG_DEBUG, 11515 "nl80211: WNM Candidate list received from driver"); 11516 nla_for_each_nested(attr, 11517 tb_vendor[QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO], 11518 rem) { 11519 if (info->num >= num || 11520 nla_parse_nested( 11521 tb, QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO_MAX, 11522 attr, policy) || 11523 !tb[QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO_BSSID] || 11524 !tb[QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO_STATUS]) 11525 break; 11526 11527 nl80211_parse_btm_candidate_info(candidate, tb, info->num); 11528 11529 candidate++; 11530 info->num++; 11531 } 11532 11533 return NL_SKIP; 11534 } 11535 11536 11537 static struct wpa_bss_candidate_info * 11538 nl80211_get_bss_transition_status(void *priv, struct wpa_bss_trans_info *params) 11539 { 11540 struct i802_bss *bss = priv; 11541 struct wpa_driver_nl80211_data *drv = bss->drv; 11542 struct nl_msg *msg; 11543 struct nlattr *attr, *attr1, *attr2; 11544 struct wpa_bss_candidate_info *info; 11545 u8 i; 11546 int ret; 11547 u8 *pos; 11548 11549 if (!drv->fetch_bss_trans_status) 11550 return NULL; 11551 11552 info = os_zalloc(sizeof(*info)); 11553 if (!info) 11554 return NULL; 11555 /* Allocate memory for number of candidates sent to driver */ 11556 info->candidates = os_calloc(params->n_candidates, 11557 sizeof(*info->candidates)); 11558 if (!info->candidates) { 11559 os_free(info); 11560 return NULL; 11561 } 11562 11563 /* Copy the number of candidates being sent to driver. This is used in 11564 * nl80211_get_bss_transition_status_handler() to limit the number of 11565 * candidates that can be populated in info->candidates and will be 11566 * later overwritten with the actual number of candidates received from 11567 * the driver. 11568 */ 11569 info->num = params->n_candidates; 11570 11571 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) || 11572 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) || 11573 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD, 11574 QCA_NL80211_VENDOR_SUBCMD_FETCH_BSS_TRANSITION_STATUS)) 11575 goto fail; 11576 11577 attr = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA); 11578 if (!attr) 11579 goto fail; 11580 11581 if (nla_put_u8(msg, QCA_WLAN_VENDOR_ATTR_BTM_MBO_TRANSITION_REASON, 11582 params->mbo_transition_reason)) 11583 goto fail; 11584 11585 attr1 = nla_nest_start(msg, QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO); 11586 if (!attr1) 11587 goto fail; 11588 11589 wpa_printf(MSG_DEBUG, 11590 "nl80211: WNM Candidate list info sending to driver: mbo_transition_reason: %d n_candidates: %d", 11591 params->mbo_transition_reason, params->n_candidates); 11592 pos = params->bssid; 11593 for (i = 0; i < params->n_candidates; i++) { 11594 wpa_printf(MSG_DEBUG, "nl80211: BSSID[%d]: " MACSTR, i, 11595 MAC2STR(pos)); 11596 attr2 = nla_nest_start(msg, i); 11597 if (!attr2 || 11598 nla_put(msg, QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO_BSSID, 11599 ETH_ALEN, pos)) 11600 goto fail; 11601 pos += ETH_ALEN; 11602 nla_nest_end(msg, attr2); 11603 } 11604 11605 nla_nest_end(msg, attr1); 11606 nla_nest_end(msg, attr); 11607 11608 ret = send_and_recv_msgs(drv, msg, 11609 nl80211_get_bss_transition_status_handler, 11610 info, NULL, NULL); 11611 msg = NULL; 11612 if (ret) { 11613 wpa_printf(MSG_ERROR, 11614 "nl80211: WNM Get BSS transition status failed: ret=%d (%s)", 11615 ret, strerror(-ret)); 11616 goto fail; 11617 } 11618 return info; 11619 11620 fail: 11621 nlmsg_free(msg); 11622 os_free(info->candidates); 11623 os_free(info); 11624 return NULL; 11625 } 11626 11627 11628 /** 11629 * nl80211_ignore_assoc_disallow - Configure driver to ignore assoc_disallow 11630 * @priv: Pointer to private driver data from wpa_driver_nl80211_init() 11631 * @ignore_assoc_disallow: 0 to not ignore, 1 to ignore 11632 * Returns: 0 on success, -1 on failure 11633 */ 11634 static int nl80211_ignore_assoc_disallow(void *priv, int ignore_disallow) 11635 { 11636 struct i802_bss *bss = priv; 11637 struct wpa_driver_nl80211_data *drv = bss->drv; 11638 struct nl_msg *msg; 11639 struct nlattr *attr; 11640 int ret = -1; 11641 11642 if (!drv->set_wifi_conf_vendor_cmd_avail) 11643 return -1; 11644 11645 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) || 11646 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) || 11647 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD, 11648 QCA_NL80211_VENDOR_SUBCMD_SET_WIFI_CONFIGURATION)) 11649 goto fail; 11650 11651 attr = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA); 11652 if (!attr) 11653 goto fail; 11654 11655 wpa_printf(MSG_DEBUG, "nl80211: Set ignore_assoc_disallow %d", 11656 ignore_disallow); 11657 if (nla_put_u8(msg, QCA_WLAN_VENDOR_ATTR_CONFIG_IGNORE_ASSOC_DISALLOWED, 11658 ignore_disallow)) 11659 goto fail; 11660 11661 nla_nest_end(msg, attr); 11662 11663 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); 11664 msg = NULL; 11665 if (ret) { 11666 wpa_printf(MSG_ERROR, 11667 "nl80211: Set ignore_assoc_disallow failed: ret=%d (%s)", 11668 ret, strerror(-ret)); 11669 goto fail; 11670 } 11671 11672 fail: 11673 nlmsg_free(msg); 11674 return ret; 11675 } 11676 11677 #endif /* CONFIG_MBO */ 11678 11679 #endif /* CONFIG_DRIVER_NL80211_QCA */ 11680 11681 11682 #ifdef CONFIG_DRIVER_NL80211_BRCM 11683 static int wpa_driver_do_broadcom_acs(struct wpa_driver_nl80211_data *drv, 11684 struct drv_acs_params *params) 11685 { 11686 struct nl_msg *msg; 11687 struct nlattr *data; 11688 int freq_list_len; 11689 int ret = -1; 11690 11691 freq_list_len = int_array_len(params->freq_list); 11692 wpa_printf(MSG_DEBUG, "%s: freq_list_len=%d", 11693 __func__, freq_list_len); 11694 11695 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR); 11696 if (!msg || 11697 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_BRCM) || 11698 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD, 11699 BRCM_VENDOR_SCMD_ACS) || 11700 !(data = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) || 11701 nla_put_u8(msg, BRCM_VENDOR_ATTR_ACS_HW_MODE, params->hw_mode) || 11702 nla_put_u8(msg, BRCM_VENDOR_ATTR_ACS_HT_ENABLED, 11703 params->ht_enabled) || 11704 nla_put_u8(msg, BRCM_VENDOR_ATTR_ACS_HT40_ENABLED, 11705 params->ht40_enabled) || 11706 nla_put_u8(msg, BRCM_VENDOR_ATTR_ACS_VHT_ENABLED, 11707 params->vht_enabled) || 11708 nla_put_u16(msg, BRCM_VENDOR_ATTR_ACS_CHWIDTH, params->ch_width) || 11709 (freq_list_len > 0 && 11710 nla_put(msg, BRCM_VENDOR_ATTR_ACS_FREQ_LIST, 11711 sizeof(int) * freq_list_len, params->freq_list))) 11712 goto fail; 11713 nla_nest_end(msg, data); 11714 11715 wpa_printf(MSG_DEBUG, 11716 "nl80211: ACS Params: HW_MODE: %d HT: %d HT40: %d VHT: %d BW: %d", 11717 params->hw_mode, params->ht_enabled, params->ht40_enabled, 11718 params->vht_enabled, params->ch_width); 11719 11720 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); 11721 if (ret) { 11722 wpa_printf(MSG_ERROR, 11723 "nl80211: BRCM Failed to invoke driver ACS function: %s", 11724 strerror(errno)); 11725 } 11726 11727 msg = NULL; 11728 fail: 11729 nlmsg_free(msg); 11730 return ret; 11731 } 11732 #endif /* CONFIG_DRIVER_NL80211_BRCM */ 11733 11734 11735 static int nl80211_do_acs(void *priv, struct drv_acs_params *params) 11736 { 11737 #if defined(CONFIG_DRIVER_NL80211_QCA) || defined(CONFIG_DRIVER_NL80211_BRCM) 11738 struct i802_bss *bss = priv; 11739 struct wpa_driver_nl80211_data *drv = bss->drv; 11740 #endif /* CONFIG_DRIVER_NL80211_QCA || CONFIG_DRIVER_NL80211_BRCM */ 11741 11742 #ifdef CONFIG_DRIVER_NL80211_QCA 11743 if (drv->qca_do_acs) 11744 return nl80211_qca_do_acs(drv, params); 11745 #endif /* CONFIG_DRIVER_NL80211_QCA */ 11746 11747 #ifdef CONFIG_DRIVER_NL80211_BRCM 11748 if (drv->brcm_do_acs) 11749 return wpa_driver_do_broadcom_acs(drv, params); 11750 #endif /* CONFIG_DRIVER_NL80211_BRCM */ 11751 11752 return -1; 11753 } 11754 11755 11756 static int nl80211_write_to_file(const char *name, unsigned int val) 11757 { 11758 int fd, len; 11759 char tmp[128]; 11760 int ret = 0; 11761 11762 fd = open(name, O_RDWR); 11763 if (fd < 0) { 11764 int level; 11765 /* 11766 * Flags may not exist on older kernels, or while we're tearing 11767 * down a disappearing device. 11768 */ 11769 if (errno == ENOENT) { 11770 ret = 0; 11771 level = MSG_DEBUG; 11772 } else { 11773 ret = -1; 11774 level = MSG_ERROR; 11775 } 11776 wpa_printf(level, "nl80211: Failed to open %s: %s", 11777 name, strerror(errno)); 11778 return ret; 11779 } 11780 11781 len = os_snprintf(tmp, sizeof(tmp), "%u\n", val); 11782 len = write(fd, tmp, len); 11783 if (len < 0) { 11784 ret = -1; 11785 wpa_printf(MSG_ERROR, "nl80211: Failed to write to %s: %s", 11786 name, strerror(errno)); 11787 } 11788 close(fd); 11789 11790 return ret; 11791 } 11792 11793 11794 static int nl80211_configure_data_frame_filters(void *priv, u32 filter_flags) 11795 { 11796 struct i802_bss *bss = priv; 11797 char path[128]; 11798 int ret; 11799 11800 /* P2P-Device has no netdev that can (or should) be configured here */ 11801 if (nl80211_get_ifmode(bss) == NL80211_IFTYPE_P2P_DEVICE) 11802 return 0; 11803 11804 wpa_printf(MSG_DEBUG, "nl80211: Data frame filter flags=0x%x", 11805 filter_flags); 11806 11807 /* Configure filtering of unicast frame encrypted using GTK */ 11808 ret = os_snprintf(path, sizeof(path), 11809 "/proc/sys/net/ipv4/conf/%s/drop_unicast_in_l2_multicast", 11810 bss->ifname); 11811 if (os_snprintf_error(sizeof(path), ret)) 11812 return -1; 11813 11814 ret = nl80211_write_to_file(path, 11815 !!(filter_flags & 11816 WPA_DATA_FRAME_FILTER_FLAG_GTK)); 11817 if (ret) { 11818 wpa_printf(MSG_ERROR, 11819 "nl80211: Failed to set IPv4 unicast in multicast filter"); 11820 return ret; 11821 } 11822 11823 os_snprintf(path, sizeof(path), 11824 "/proc/sys/net/ipv6/conf/%s/drop_unicast_in_l2_multicast", 11825 bss->ifname); 11826 ret = nl80211_write_to_file(path, 11827 !!(filter_flags & 11828 WPA_DATA_FRAME_FILTER_FLAG_GTK)); 11829 11830 if (ret) { 11831 wpa_printf(MSG_ERROR, 11832 "nl80211: Failed to set IPv6 unicast in multicast filter"); 11833 return ret; 11834 } 11835 11836 /* Configure filtering of unicast frame encrypted using GTK */ 11837 os_snprintf(path, sizeof(path), 11838 "/proc/sys/net/ipv4/conf/%s/drop_gratuitous_arp", 11839 bss->ifname); 11840 ret = nl80211_write_to_file(path, 11841 !!(filter_flags & 11842 WPA_DATA_FRAME_FILTER_FLAG_ARP)); 11843 if (ret) { 11844 wpa_printf(MSG_ERROR, 11845 "nl80211: Failed set gratuitous ARP filter"); 11846 return ret; 11847 } 11848 11849 /* Configure filtering of IPv6 NA frames */ 11850 os_snprintf(path, sizeof(path), 11851 "/proc/sys/net/ipv6/conf/%s/drop_unsolicited_na", 11852 bss->ifname); 11853 ret = nl80211_write_to_file(path, 11854 !!(filter_flags & 11855 WPA_DATA_FRAME_FILTER_FLAG_NA)); 11856 if (ret) { 11857 wpa_printf(MSG_ERROR, 11858 "nl80211: Failed to set unsolicited NA filter"); 11859 return ret; 11860 } 11861 11862 return 0; 11863 } 11864 11865 11866 static int nl80211_get_ext_capab(void *priv, enum wpa_driver_if_type type, 11867 const u8 **ext_capa, const u8 **ext_capa_mask, 11868 unsigned int *ext_capa_len) 11869 { 11870 struct i802_bss *bss = priv; 11871 struct wpa_driver_nl80211_data *drv = bss->drv; 11872 enum nl80211_iftype nlmode; 11873 unsigned int i; 11874 11875 if (!ext_capa || !ext_capa_mask || !ext_capa_len) 11876 return -1; 11877 11878 nlmode = wpa_driver_nl80211_if_type(type); 11879 11880 /* By default, use the per-radio values */ 11881 *ext_capa = drv->extended_capa; 11882 *ext_capa_mask = drv->extended_capa_mask; 11883 *ext_capa_len = drv->extended_capa_len; 11884 11885 /* Replace the default value if a per-interface type value exists */ 11886 for (i = 0; i < drv->num_iface_ext_capa; i++) { 11887 if (nlmode == drv->iface_ext_capa[i].iftype) { 11888 *ext_capa = drv->iface_ext_capa[i].ext_capa; 11889 *ext_capa_mask = drv->iface_ext_capa[i].ext_capa_mask; 11890 *ext_capa_len = drv->iface_ext_capa[i].ext_capa_len; 11891 break; 11892 } 11893 } 11894 11895 return 0; 11896 } 11897 11898 11899 static int nl80211_update_connection_params( 11900 void *priv, struct wpa_driver_associate_params *params, 11901 enum wpa_drv_update_connect_params_mask mask) 11902 { 11903 struct i802_bss *bss = priv; 11904 struct wpa_driver_nl80211_data *drv = bss->drv; 11905 struct nl_msg *msg; 11906 int ret = -1; 11907 enum nl80211_auth_type type; 11908 11909 /* Update Connection Params is intended for drivers that implement 11910 * internal SME and expect these updated connection params from 11911 * wpa_supplicant. Do not send this request for the drivers using 11912 * SME from wpa_supplicant. 11913 */ 11914 if (drv->capa.flags & WPA_DRIVER_FLAGS_SME) 11915 return 0; 11916 11917 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_UPDATE_CONNECT_PARAMS); 11918 if (!msg) 11919 goto fail; 11920 11921 wpa_printf(MSG_DEBUG, "nl80211: Update connection params (ifindex=%d)", 11922 drv->ifindex); 11923 11924 if ((mask & WPA_DRV_UPDATE_ASSOC_IES) && params->wpa_ie) { 11925 if (nla_put(msg, NL80211_ATTR_IE, params->wpa_ie_len, 11926 params->wpa_ie)) 11927 goto fail; 11928 wpa_hexdump(MSG_DEBUG, " * IEs", params->wpa_ie, 11929 params->wpa_ie_len); 11930 } 11931 11932 if (mask & WPA_DRV_UPDATE_AUTH_TYPE) { 11933 type = get_nl_auth_type(params->auth_alg); 11934 if (type == NL80211_AUTHTYPE_MAX || 11935 nla_put_u32(msg, NL80211_ATTR_AUTH_TYPE, type)) 11936 goto fail; 11937 wpa_printf(MSG_DEBUG, " * Auth Type %d", type); 11938 } 11939 11940 if ((mask & WPA_DRV_UPDATE_FILS_ERP_INFO) && 11941 nl80211_put_fils_connect_params(drv, params, msg)) 11942 goto fail; 11943 11944 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); 11945 msg = NULL; 11946 if (ret) 11947 wpa_dbg(drv->ctx, MSG_DEBUG, 11948 "nl80211: Update connect params command failed: ret=%d (%s)", 11949 ret, strerror(-ret)); 11950 11951 fail: 11952 nlmsg_free(msg); 11953 return ret; 11954 } 11955 11956 11957 static int nl80211_send_external_auth_status(void *priv, 11958 struct external_auth *params) 11959 { 11960 struct i802_bss *bss = priv; 11961 struct wpa_driver_nl80211_data *drv = bss->drv; 11962 struct nl_msg *msg = NULL; 11963 int ret = -1; 11964 11965 /* External auth command/status is intended for drivers that implement 11966 * internal SME but want to offload authentication processing (e.g., 11967 * SAE) to hostapd/wpa_supplicant. Do not send the status to drivers 11968 * which do not support AP SME or use wpa_supplicant/hostapd SME. 11969 */ 11970 if ((is_ap_interface(drv->nlmode) && !bss->drv->device_ap_sme) || 11971 (drv->capa.flags & WPA_DRIVER_FLAGS_SME)) 11972 return -1; 11973 11974 wpa_dbg(drv->ctx, MSG_DEBUG, 11975 "nl80211: External auth status: %u", params->status); 11976 11977 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_EXTERNAL_AUTH); 11978 if (!msg || 11979 nla_put_u16(msg, NL80211_ATTR_STATUS_CODE, params->status) || 11980 (params->ssid && params->ssid_len && 11981 nla_put(msg, NL80211_ATTR_SSID, params->ssid_len, params->ssid)) || 11982 (params->pmkid && 11983 nla_put(msg, NL80211_ATTR_PMKID, PMKID_LEN, params->pmkid)) || 11984 (params->bssid && 11985 nla_put(msg, NL80211_ATTR_BSSID, ETH_ALEN, params->bssid))) 11986 goto fail; 11987 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); 11988 msg = NULL; 11989 if (ret) { 11990 wpa_printf(MSG_DEBUG, 11991 "nl80211: External Auth status update failed: ret=%d (%s)", 11992 ret, strerror(-ret)); 11993 goto fail; 11994 } 11995 fail: 11996 nlmsg_free(msg); 11997 return ret; 11998 } 11999 12000 12001 static int nl80211_set_4addr_mode(void *priv, const char *bridge_ifname, 12002 int val) 12003 { 12004 struct i802_bss *bss = priv; 12005 struct wpa_driver_nl80211_data *drv = bss->drv; 12006 struct nl_msg *msg; 12007 int ret = -ENOBUFS; 12008 12009 wpa_printf(MSG_DEBUG, "nl80211: %s 4addr mode (bridge_ifname: %s)", 12010 val ? "Enable" : "Disable", bridge_ifname); 12011 12012 msg = nl80211_cmd_msg(drv->first_bss, 0, NL80211_CMD_SET_INTERFACE); 12013 if (!msg || nla_put_u8(msg, NL80211_ATTR_4ADDR, val)) 12014 goto fail; 12015 12016 if (bridge_ifname[0] && bss->added_if_into_bridge && !val) { 12017 if (linux_br_del_if(drv->global->ioctl_sock, 12018 bridge_ifname, bss->ifname)) { 12019 wpa_printf(MSG_ERROR, 12020 "nl80211: Failed to remove interface %s from bridge %s", 12021 bss->ifname, bridge_ifname); 12022 return -1; 12023 } 12024 bss->added_if_into_bridge = 0; 12025 } 12026 12027 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); 12028 msg = NULL; 12029 if (ret && val && nl80211_get_4addr(bss) == 1) { 12030 wpa_printf(MSG_DEBUG, 12031 "nl80211: 4addr mode was already enabled"); 12032 ret = 0; 12033 } 12034 if (!ret) { 12035 if (bridge_ifname[0] && val && 12036 i802_check_bridge(drv, bss, bridge_ifname, bss->ifname) < 0) 12037 return -1; 12038 return 0; 12039 } 12040 12041 fail: 12042 nlmsg_free(msg); 12043 wpa_printf(MSG_ERROR, "nl80211: Failed to enable/disable 4addr"); 12044 12045 return ret; 12046 } 12047 12048 12049 #ifdef CONFIG_DPP 12050 static int nl80211_dpp_listen(void *priv, bool enable) 12051 { 12052 struct i802_bss *bss = priv; 12053 struct wpa_driver_nl80211_data *drv = bss->drv; 12054 u16 type = (WLAN_FC_TYPE_MGMT << 2) | (WLAN_FC_STYPE_ACTION << 4); 12055 struct nl_sock *handle; 12056 12057 if (!drv->multicast_registrations || !bss->nl_mgmt) 12058 return 0; /* cannot do more than hope broadcast RX works */ 12059 12060 wpa_printf(MSG_DEBUG, 12061 "nl80211: Update DPP Public Action frame registration (%s multicast RX)", 12062 enable ? "enable" : "disable"); 12063 handle = (void *) (((intptr_t) bss->nl_mgmt) ^ ELOOP_SOCKET_INVALID); 12064 return nl80211_register_frame(bss, handle, type, 12065 (u8 *) "\x04\x09\x50\x6f\x9a\x1a", 6, 12066 enable); 12067 } 12068 #endif /* CONFIG_DPP */ 12069 12070 12071 #ifdef CONFIG_TESTING_OPTIONS 12072 static int testing_nl80211_register_frame(void *priv, u16 type, 12073 const u8 *match, size_t match_len, 12074 bool multicast) 12075 { 12076 struct i802_bss *bss = priv; 12077 struct nl_sock *handle; 12078 12079 if (!bss->nl_mgmt) 12080 return -1; 12081 handle = (void *) (((intptr_t) bss->nl_mgmt) ^ ELOOP_SOCKET_INVALID); 12082 return nl80211_register_frame(bss, handle, type, match, match_len, 12083 multicast); 12084 } 12085 #endif /* CONFIG_TESTING_OPTIONS */ 12086 12087 12088 const struct wpa_driver_ops wpa_driver_nl80211_ops = { 12089 .name = "nl80211", 12090 .desc = "Linux nl80211/cfg80211", 12091 .get_bssid = wpa_driver_nl80211_get_bssid, 12092 .get_ssid = wpa_driver_nl80211_get_ssid, 12093 .set_key = driver_nl80211_set_key, 12094 .scan2 = driver_nl80211_scan2, 12095 .sched_scan = wpa_driver_nl80211_sched_scan, 12096 .stop_sched_scan = wpa_driver_nl80211_stop_sched_scan, 12097 .get_scan_results2 = wpa_driver_nl80211_get_scan_results, 12098 .abort_scan = wpa_driver_nl80211_abort_scan, 12099 .deauthenticate = driver_nl80211_deauthenticate, 12100 .authenticate = driver_nl80211_authenticate, 12101 .associate = wpa_driver_nl80211_associate, 12102 .global_init = nl80211_global_init, 12103 .global_deinit = nl80211_global_deinit, 12104 .init2 = wpa_driver_nl80211_init, 12105 .deinit = driver_nl80211_deinit, 12106 .get_capa = wpa_driver_nl80211_get_capa, 12107 .set_operstate = wpa_driver_nl80211_set_operstate, 12108 .set_supp_port = wpa_driver_nl80211_set_supp_port, 12109 .set_country = wpa_driver_nl80211_set_country, 12110 .get_country = wpa_driver_nl80211_get_country, 12111 .set_ap = wpa_driver_nl80211_set_ap, 12112 .set_acl = wpa_driver_nl80211_set_acl, 12113 .if_add = wpa_driver_nl80211_if_add, 12114 .if_remove = driver_nl80211_if_remove, 12115 .send_mlme = driver_nl80211_send_mlme, 12116 .get_hw_feature_data = nl80211_get_hw_feature_data, 12117 .sta_add = wpa_driver_nl80211_sta_add, 12118 .sta_remove = driver_nl80211_sta_remove, 12119 .tx_control_port = nl80211_tx_control_port, 12120 .hapd_send_eapol = wpa_driver_nl80211_hapd_send_eapol, 12121 .sta_set_flags = wpa_driver_nl80211_sta_set_flags, 12122 .sta_set_airtime_weight = driver_nl80211_sta_set_airtime_weight, 12123 .hapd_init = i802_init, 12124 .hapd_deinit = i802_deinit, 12125 .set_wds_sta = i802_set_wds_sta, 12126 .get_seqnum = i802_get_seqnum, 12127 .flush = i802_flush, 12128 .get_inact_sec = i802_get_inact_sec, 12129 .sta_clear_stats = i802_sta_clear_stats, 12130 .set_rts = i802_set_rts, 12131 .set_frag = i802_set_frag, 12132 .set_tx_queue_params = i802_set_tx_queue_params, 12133 .set_sta_vlan = driver_nl80211_set_sta_vlan, 12134 .sta_deauth = i802_sta_deauth, 12135 .sta_disassoc = i802_sta_disassoc, 12136 .read_sta_data = driver_nl80211_read_sta_data, 12137 .set_freq = i802_set_freq, 12138 .send_action = driver_nl80211_send_action, 12139 .send_action_cancel_wait = wpa_driver_nl80211_send_action_cancel_wait, 12140 .remain_on_channel = wpa_driver_nl80211_remain_on_channel, 12141 .cancel_remain_on_channel = 12142 wpa_driver_nl80211_cancel_remain_on_channel, 12143 .probe_req_report = driver_nl80211_probe_req_report, 12144 .deinit_ap = wpa_driver_nl80211_deinit_ap, 12145 .deinit_p2p_cli = wpa_driver_nl80211_deinit_p2p_cli, 12146 .resume = wpa_driver_nl80211_resume, 12147 .signal_monitor = nl80211_signal_monitor, 12148 .signal_poll = nl80211_signal_poll, 12149 .channel_info = nl80211_channel_info, 12150 .set_param = nl80211_set_param, 12151 .get_radio_name = nl80211_get_radio_name, 12152 .add_pmkid = nl80211_add_pmkid, 12153 .remove_pmkid = nl80211_remove_pmkid, 12154 .flush_pmkid = nl80211_flush_pmkid, 12155 .set_rekey_info = nl80211_set_rekey_info, 12156 .poll_client = nl80211_poll_client, 12157 .set_p2p_powersave = nl80211_set_p2p_powersave, 12158 .start_dfs_cac = nl80211_start_radar_detection, 12159 .stop_ap = wpa_driver_nl80211_stop_ap, 12160 #ifdef CONFIG_TDLS 12161 .send_tdls_mgmt = nl80211_send_tdls_mgmt, 12162 .tdls_oper = nl80211_tdls_oper, 12163 .tdls_enable_channel_switch = nl80211_tdls_enable_channel_switch, 12164 .tdls_disable_channel_switch = nl80211_tdls_disable_channel_switch, 12165 #endif /* CONFIG_TDLS */ 12166 .update_ft_ies = wpa_driver_nl80211_update_ft_ies, 12167 .update_dh_ie = nl80211_update_dh_ie, 12168 .get_mac_addr = wpa_driver_nl80211_get_macaddr, 12169 .get_survey = wpa_driver_nl80211_get_survey, 12170 .status = wpa_driver_nl80211_status, 12171 .switch_channel = nl80211_switch_channel, 12172 #ifdef ANDROID_P2P 12173 .set_noa = wpa_driver_set_p2p_noa, 12174 .get_noa = wpa_driver_get_p2p_noa, 12175 .set_ap_wps_ie = wpa_driver_set_ap_wps_p2p_ie, 12176 #endif /* ANDROID_P2P */ 12177 #ifdef ANDROID 12178 #ifndef ANDROID_LIB_STUB 12179 .driver_cmd = wpa_driver_nl80211_driver_cmd, 12180 #endif /* !ANDROID_LIB_STUB */ 12181 #endif /* ANDROID */ 12182 .vendor_cmd = nl80211_vendor_cmd, 12183 .set_qos_map = nl80211_set_qos_map, 12184 .get_wowlan = nl80211_get_wowlan, 12185 .set_wowlan = nl80211_set_wowlan, 12186 .set_mac_addr = nl80211_set_mac_addr, 12187 #ifdef CONFIG_MESH 12188 .init_mesh = wpa_driver_nl80211_init_mesh, 12189 .join_mesh = wpa_driver_nl80211_join_mesh, 12190 .leave_mesh = wpa_driver_nl80211_leave_mesh, 12191 .probe_mesh_link = nl80211_probe_mesh_link, 12192 #endif /* CONFIG_MESH */ 12193 .br_add_ip_neigh = wpa_driver_br_add_ip_neigh, 12194 .br_delete_ip_neigh = wpa_driver_br_delete_ip_neigh, 12195 .br_port_set_attr = wpa_driver_br_port_set_attr, 12196 .br_set_net_param = wpa_driver_br_set_net_param, 12197 .add_tx_ts = nl80211_add_ts, 12198 .del_tx_ts = nl80211_del_ts, 12199 .get_ifindex = nl80211_get_ifindex, 12200 #ifdef CONFIG_DRIVER_NL80211_QCA 12201 .roaming = nl80211_roaming, 12202 .disable_fils = nl80211_disable_fils, 12203 .set_band = nl80211_set_band, 12204 .get_pref_freq_list = nl80211_get_pref_freq_list, 12205 .set_prob_oper_freq = nl80211_set_prob_oper_freq, 12206 .p2p_lo_start = nl80211_p2p_lo_start, 12207 .p2p_lo_stop = nl80211_p2p_lo_stop, 12208 .set_default_scan_ies = nl80211_set_default_scan_ies, 12209 .set_tdls_mode = nl80211_set_tdls_mode, 12210 #ifdef CONFIG_MBO 12211 .get_bss_transition_status = nl80211_get_bss_transition_status, 12212 .ignore_assoc_disallow = nl80211_ignore_assoc_disallow, 12213 #endif /* CONFIG_MBO */ 12214 .set_bssid_tmp_disallow = nl80211_set_bssid_tmp_disallow, 12215 .add_sta_node = nl80211_add_sta_node, 12216 #endif /* CONFIG_DRIVER_NL80211_QCA */ 12217 .do_acs = nl80211_do_acs, 12218 .configure_data_frame_filters = nl80211_configure_data_frame_filters, 12219 .get_ext_capab = nl80211_get_ext_capab, 12220 .update_connect_params = nl80211_update_connection_params, 12221 .send_external_auth_status = nl80211_send_external_auth_status, 12222 .set_4addr_mode = nl80211_set_4addr_mode, 12223 #ifdef CONFIG_DPP 12224 .dpp_listen = nl80211_dpp_listen, 12225 #endif /* CONFIG_DPP */ 12226 #ifdef CONFIG_TESTING_OPTIONS 12227 .register_frame = testing_nl80211_register_frame, 12228 #endif /* CONFIG_TESTING_OPTIONS */ 12229 }; 12230