1 /*
2 * Driver interaction with Linux nl80211/cfg80211
3 * Copyright (c) 2002-2015, Jouni Malinen <j@w1.fi>
4 * Copyright (c) 2003-2004, Instant802 Networks, Inc.
5 * Copyright (c) 2005-2006, Devicescape Software, Inc.
6 * Copyright (c) 2007, Johannes Berg <johannes@sipsolutions.net>
7 * Copyright (c) 2009-2010, Atheros Communications
8 *
9 * This software may be distributed under the terms of the BSD license.
10 * See README for more details.
11 */
12
13 #include "includes.h"
14 #include <sys/types.h>
15 #include <fcntl.h>
16 #include <net/if.h>
17 #include <netlink/genl/genl.h>
18 #include <netlink/genl/ctrl.h>
19 #ifdef CONFIG_LIBNL3_ROUTE
20 #include <netlink/route/neighbour.h>
21 #endif /* CONFIG_LIBNL3_ROUTE */
22 #include <linux/rtnetlink.h>
23 #include <netpacket/packet.h>
24 #include <linux/errqueue.h>
25
26 #include "common.h"
27 #include "eloop.h"
28 #include "common/qca-vendor.h"
29 #include "common/qca-vendor-attr.h"
30 #include "common/ieee802_11_defs.h"
31 #include "common/ieee802_11_common.h"
32 #include "common/wpa_common.h"
33 #include "netlink.h"
34 #include "linux_defines.h"
35 #include "linux_ioctl.h"
36 #include "radiotap.h"
37 #include "radiotap_iter.h"
38 #include "rfkill.h"
39 #include "driver_nl80211.h"
40 #ifdef CONFIG_DRIVER_NL80211_BRCM
41 #include "common/brcm_vendor.h"
42 #endif /* CONFIG_DRIVER_NL80211_BRCM */
43
44 #ifndef NETLINK_CAP_ACK
45 #define NETLINK_CAP_ACK 10
46 #endif /* NETLINK_CAP_ACK */
47 /* support for extack if compilation headers are too old */
48 #ifndef NETLINK_EXT_ACK
49 #define NETLINK_EXT_ACK 11
50 enum nlmsgerr_attrs {
51 NLMSGERR_ATTR_UNUSED,
52 NLMSGERR_ATTR_MSG,
53 NLMSGERR_ATTR_OFFS,
54 NLMSGERR_ATTR_COOKIE,
55
56 __NLMSGERR_ATTR_MAX,
57 NLMSGERR_ATTR_MAX = __NLMSGERR_ATTR_MAX - 1
58 };
59 #endif
60 #ifndef NLM_F_CAPPED
61 #define NLM_F_CAPPED 0x100
62 #endif
63 #ifndef NLM_F_ACK_TLVS
64 #define NLM_F_ACK_TLVS 0x200
65 #endif
66 #ifndef SOL_NETLINK
67 #define SOL_NETLINK 270
68 #endif
69
70
71 #ifdef ANDROID
72 /* system/core/libnl_2 does not include nl_socket_set_nonblocking() */
73 #undef nl_socket_set_nonblocking
74 #define nl_socket_set_nonblocking(h) android_nl_socket_set_nonblocking(h)
75
76 #endif /* ANDROID */
77
78
nl_create_handle(struct nl_cb * cb,const char * dbg)79 static struct nl_sock * nl_create_handle(struct nl_cb *cb, const char *dbg)
80 {
81 struct nl_sock *handle;
82
83 handle = nl_socket_alloc_cb(cb);
84 if (handle == NULL) {
85 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate netlink "
86 "callbacks (%s)", dbg);
87 return NULL;
88 }
89
90 if (genl_connect(handle)) {
91 wpa_printf(MSG_ERROR, "nl80211: Failed to connect to generic "
92 "netlink (%s)", dbg);
93 nl_socket_free(handle);
94 return NULL;
95 }
96
97 return handle;
98 }
99
100
nl_destroy_handles(struct nl_sock ** handle)101 static void nl_destroy_handles(struct nl_sock **handle)
102 {
103 if (*handle == NULL)
104 return;
105 nl_socket_free(*handle);
106 *handle = NULL;
107 }
108
109
110 #if __WORDSIZE == 64
111 #define ELOOP_SOCKET_INVALID (intptr_t) 0x8888888888888889ULL
112 #else
113 #define ELOOP_SOCKET_INVALID (intptr_t) 0x88888889ULL
114 #endif
115
nl80211_register_eloop_read(struct nl_sock ** handle,eloop_sock_handler handler,void * eloop_data,int persist)116 static void nl80211_register_eloop_read(struct nl_sock **handle,
117 eloop_sock_handler handler,
118 void *eloop_data, int persist)
119 {
120 /*
121 * libnl uses a pretty small buffer (32 kB that gets converted to 64 kB)
122 * by default. It is possible to hit that limit in some cases where
123 * operations are blocked, e.g., with a burst of Deauthentication frames
124 * to hostapd and STA entry deletion. Try to increase the buffer to make
125 * this less likely to occur.
126 */
127 int err;
128
129 err = nl_socket_set_buffer_size(*handle, 262144, 0);
130 if (err < 0) {
131 wpa_printf(MSG_DEBUG,
132 "nl80211: Could not set nl_socket RX buffer size: %s",
133 nl_geterror(err));
134 /* continue anyway with the default (smaller) buffer */
135 }
136
137 nl_socket_set_nonblocking(*handle);
138 eloop_register_read_sock(nl_socket_get_fd(*handle), handler,
139 eloop_data, *handle);
140 if (!persist)
141 *handle = (void *) (((intptr_t) *handle) ^
142 ELOOP_SOCKET_INVALID);
143 }
144
145
nl80211_destroy_eloop_handle(struct nl_sock ** handle,int persist)146 static void nl80211_destroy_eloop_handle(struct nl_sock **handle, int persist)
147 {
148 if (!persist)
149 *handle = (void *) (((intptr_t) *handle) ^
150 ELOOP_SOCKET_INVALID);
151 eloop_unregister_read_sock(nl_socket_get_fd(*handle));
152 nl_destroy_handles(handle);
153 }
154
155
156 static void nl80211_global_deinit(void *priv);
157 static void nl80211_check_global(struct nl80211_global *global);
158
159 static void wpa_driver_nl80211_deinit(struct i802_bss *bss);
160 static int wpa_driver_nl80211_set_mode_ibss(struct i802_bss *bss,
161 struct hostapd_freq_params *freq);
162
163 static int
164 wpa_driver_nl80211_finish_drv_init(struct wpa_driver_nl80211_data *drv,
165 const u8 *set_addr, int first,
166 const char *driver_params);
167 static int nl80211_send_frame_cmd(struct i802_bss *bss,
168 unsigned int freq, unsigned int wait,
169 const u8 *buf, size_t buf_len,
170 int save_cookie,
171 int no_cck, int no_ack, int offchanok,
172 const u16 *csa_offs, size_t csa_offs_len);
173 static int wpa_driver_nl80211_probe_req_report(struct i802_bss *bss,
174 int report);
175
176 #define IFIDX_ANY -1
177
178 static void add_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx,
179 int ifidx_reason);
180 static void del_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx,
181 int ifidx_reason);
182 static int have_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx,
183 int ifidx_reason);
184
185 static int nl80211_set_channel(struct i802_bss *bss,
186 struct hostapd_freq_params *freq, int set_chan);
187 static int nl80211_disable_11b_rates(struct wpa_driver_nl80211_data *drv,
188 int ifindex, int disabled);
189
190 static int nl80211_leave_ibss(struct wpa_driver_nl80211_data *drv,
191 int reset_mode);
192
193 static int i802_set_iface_flags(struct i802_bss *bss, int up);
194 static int nl80211_set_param(void *priv, const char *param);
195 #ifdef CONFIG_MESH
196 static int nl80211_put_mesh_config(struct nl_msg *msg,
197 struct wpa_driver_mesh_bss_params *params);
198 #endif /* CONFIG_MESH */
199 static int i802_sta_disassoc(void *priv, const u8 *own_addr, const u8 *addr,
200 u16 reason);
201
202
203 /* Converts nl80211_chan_width to a common format */
convert2width(int width)204 enum chan_width convert2width(int width)
205 {
206 switch (width) {
207 case NL80211_CHAN_WIDTH_20_NOHT:
208 return CHAN_WIDTH_20_NOHT;
209 case NL80211_CHAN_WIDTH_20:
210 return CHAN_WIDTH_20;
211 case NL80211_CHAN_WIDTH_40:
212 return CHAN_WIDTH_40;
213 case NL80211_CHAN_WIDTH_80:
214 return CHAN_WIDTH_80;
215 case NL80211_CHAN_WIDTH_80P80:
216 return CHAN_WIDTH_80P80;
217 case NL80211_CHAN_WIDTH_160:
218 return CHAN_WIDTH_160;
219 }
220 return CHAN_WIDTH_UNKNOWN;
221 }
222
223
is_ap_interface(enum nl80211_iftype nlmode)224 int is_ap_interface(enum nl80211_iftype nlmode)
225 {
226 return nlmode == NL80211_IFTYPE_AP ||
227 nlmode == NL80211_IFTYPE_P2P_GO;
228 }
229
230
is_sta_interface(enum nl80211_iftype nlmode)231 int is_sta_interface(enum nl80211_iftype nlmode)
232 {
233 return nlmode == NL80211_IFTYPE_STATION ||
234 nlmode == NL80211_IFTYPE_P2P_CLIENT;
235 }
236
237
is_p2p_net_interface(enum nl80211_iftype nlmode)238 static int is_p2p_net_interface(enum nl80211_iftype nlmode)
239 {
240 return nlmode == NL80211_IFTYPE_P2P_CLIENT ||
241 nlmode == NL80211_IFTYPE_P2P_GO;
242 }
243
244
get_bss_ifindex(struct wpa_driver_nl80211_data * drv,int ifindex)245 struct i802_bss * get_bss_ifindex(struct wpa_driver_nl80211_data *drv,
246 int ifindex)
247 {
248 struct i802_bss *bss;
249
250 for (bss = drv->first_bss; bss; bss = bss->next) {
251 if (bss->ifindex == ifindex)
252 return bss;
253 }
254
255 return NULL;
256 }
257
258
is_mesh_interface(enum nl80211_iftype nlmode)259 static int is_mesh_interface(enum nl80211_iftype nlmode)
260 {
261 return nlmode == NL80211_IFTYPE_MESH_POINT;
262 }
263
264
nl80211_mark_disconnected(struct wpa_driver_nl80211_data * drv)265 void nl80211_mark_disconnected(struct wpa_driver_nl80211_data *drv)
266 {
267 if (drv->associated)
268 os_memcpy(drv->prev_bssid, drv->bssid, ETH_ALEN);
269 drv->associated = 0;
270 os_memset(drv->bssid, 0, ETH_ALEN);
271 drv->first_bss->freq = 0;
272 }
273
274
275 /* nl80211 code */
ack_handler(struct nl_msg * msg,void * arg)276 static int ack_handler(struct nl_msg *msg, void *arg)
277 {
278 int *err = arg;
279 *err = 0;
280 return NL_STOP;
281 }
282
283
284 struct nl80211_ack_ext_arg {
285 int *err;
286 void *ext_data;
287 };
288
289
ack_handler_cookie(struct nl_msg * msg,void * arg)290 static int ack_handler_cookie(struct nl_msg *msg, void *arg)
291 {
292 struct nl80211_ack_ext_arg *ext_arg = arg;
293 struct nlattr *tb[NLMSGERR_ATTR_MAX + 1];
294 u64 *cookie = ext_arg->ext_data;
295 struct nlattr *attrs;
296 size_t ack_len, attr_len;
297
298 *ext_arg->err = 0;
299 ack_len = sizeof(struct nlmsghdr) + sizeof(int) +
300 sizeof(struct nlmsghdr);
301 attrs = (struct nlattr *)
302 ((u8 *) nlmsg_data(nlmsg_hdr(msg)) + sizeof(struct nlmsghdr) +
303 sizeof(int));
304 if (nlmsg_hdr(msg)->nlmsg_len <= ack_len)
305 return NL_STOP;
306
307 attr_len = nlmsg_hdr(msg)->nlmsg_len - ack_len;
308
309 if(!(nlmsg_hdr(msg)->nlmsg_flags & NLM_F_ACK_TLVS))
310 return NL_STOP;
311
312 nla_parse(tb, NLMSGERR_ATTR_MAX, attrs, attr_len, NULL);
313 if (tb[NLMSGERR_ATTR_COOKIE])
314 *cookie = nla_get_u64(tb[NLMSGERR_ATTR_COOKIE]);
315
316 return NL_STOP;
317 }
318
319
finish_handler(struct nl_msg * msg,void * arg)320 static int finish_handler(struct nl_msg *msg, void *arg)
321 {
322 int *ret = arg;
323 *ret = 0;
324 return NL_SKIP;
325 }
326
error_handler(struct sockaddr_nl * nla,struct nlmsgerr * err,void * arg)327 static int error_handler(struct sockaddr_nl *nla, struct nlmsgerr *err,
328 void *arg)
329 {
330 struct nlmsghdr *nlh = (struct nlmsghdr *) err - 1;
331 int len = nlh->nlmsg_len;
332 struct nlattr *attrs;
333 struct nlattr *tb[NLMSGERR_ATTR_MAX + 1];
334 int *ret = arg;
335 int ack_len = sizeof(*nlh) + sizeof(int) + sizeof(*nlh);
336
337 *ret = err->error;
338
339 if (!(nlh->nlmsg_flags & NLM_F_ACK_TLVS))
340 return NL_SKIP;
341
342 if (!(nlh->nlmsg_flags & NLM_F_CAPPED))
343 ack_len += err->msg.nlmsg_len - sizeof(*nlh);
344
345 if (len <= ack_len)
346 return NL_STOP;
347
348 attrs = (void *) ((unsigned char *) nlh + ack_len);
349 len -= ack_len;
350
351 nla_parse(tb, NLMSGERR_ATTR_MAX, attrs, len, NULL);
352 if (tb[NLMSGERR_ATTR_MSG]) {
353 len = strnlen((char *) nla_data(tb[NLMSGERR_ATTR_MSG]),
354 nla_len(tb[NLMSGERR_ATTR_MSG]));
355 wpa_printf(MSG_ERROR, "nl80211: kernel reports: %*s",
356 len, (char *) nla_data(tb[NLMSGERR_ATTR_MSG]));
357 }
358
359 return NL_SKIP;
360 }
361
362
no_seq_check(struct nl_msg * msg,void * arg)363 static int no_seq_check(struct nl_msg *msg, void *arg)
364 {
365 return NL_OK;
366 }
367
368
nl80211_nlmsg_clear(struct nl_msg * msg)369 static void nl80211_nlmsg_clear(struct nl_msg *msg)
370 {
371 /*
372 * Clear nlmsg data, e.g., to make sure key material is not left in
373 * heap memory for unnecessarily long time.
374 */
375 if (msg) {
376 struct nlmsghdr *hdr = nlmsg_hdr(msg);
377 void *data = nlmsg_data(hdr);
378 /*
379 * This would use nlmsg_datalen() or the older nlmsg_len() if
380 * only libnl were to maintain a stable API.. Neither will work
381 * with all released versions, so just calculate the length
382 * here.
383 */
384 int len = hdr->nlmsg_len - NLMSG_HDRLEN;
385
386 os_memset(data, 0, len);
387 }
388 }
389
390
send_and_recv(struct nl80211_global * global,struct nl_sock * nl_handle,struct nl_msg * msg,int (* valid_handler)(struct nl_msg *,void *),void * valid_data,int (* ack_handler_custom)(struct nl_msg *,void *),void * ack_data)391 static int send_and_recv(struct nl80211_global *global,
392 struct nl_sock *nl_handle, struct nl_msg *msg,
393 int (*valid_handler)(struct nl_msg *, void *),
394 void *valid_data,
395 int (*ack_handler_custom)(struct nl_msg *, void *),
396 void *ack_data)
397 {
398 struct nl_cb *cb;
399 int err = -ENOMEM, opt;
400
401 if (!msg)
402 return -ENOMEM;
403
404 cb = nl_cb_clone(global->nl_cb);
405 if (!cb)
406 goto out;
407
408 /* try to set NETLINK_EXT_ACK to 1, ignoring errors */
409 opt = 1;
410 setsockopt(nl_socket_get_fd(nl_handle), SOL_NETLINK,
411 NETLINK_EXT_ACK, &opt, sizeof(opt));
412
413 /* try to set NETLINK_CAP_ACK to 1, ignoring errors */
414 opt = 1;
415 setsockopt(nl_socket_get_fd(nl_handle), SOL_NETLINK,
416 NETLINK_CAP_ACK, &opt, sizeof(opt));
417
418 err = nl_send_auto_complete(nl_handle, msg);
419 if (err < 0) {
420 wpa_printf(MSG_INFO,
421 "nl80211: nl_send_auto_complete() failed: %s",
422 nl_geterror(err));
423 /* Need to convert libnl error code to an errno value. For now,
424 * just hardcode this to EBADF; the real error reason is shown
425 * in that error print above. */
426 err = -EBADF;
427 goto out;
428 }
429
430 err = 1;
431
432 nl_cb_err(cb, NL_CB_CUSTOM, error_handler, &err);
433 nl_cb_set(cb, NL_CB_FINISH, NL_CB_CUSTOM, finish_handler, &err);
434 if (ack_handler_custom) {
435 struct nl80211_ack_ext_arg *ext_arg = ack_data;
436
437 ext_arg->err = &err;
438 nl_cb_set(cb, NL_CB_ACK, NL_CB_CUSTOM,
439 ack_handler_custom, ack_data);
440 } else {
441 nl_cb_set(cb, NL_CB_ACK, NL_CB_CUSTOM, ack_handler, &err);
442 }
443
444 if (valid_handler)
445 nl_cb_set(cb, NL_CB_VALID, NL_CB_CUSTOM,
446 valid_handler, valid_data);
447
448 while (err > 0) {
449 int res = nl_recvmsgs(nl_handle, cb);
450
451 if (res == -NLE_DUMP_INTR) {
452 /* Most likely one of the nl80211 dump routines hit a
453 * case where internal results changed while the dump
454 * was being sent. The most common known case for this
455 * is scan results fetching while associated were every
456 * received Beacon frame from the AP may end up
457 * incrementing bss_generation. This
458 * NL80211_CMD_GET_SCAN case tries again in the caller;
459 * other cases (of which there are no known common ones)
460 * will stop and return an error. */
461 wpa_printf(MSG_DEBUG, "nl80211: %s; convert to -EAGAIN",
462 nl_geterror(res));
463 err = -EAGAIN;
464 } else if (res < 0) {
465 wpa_printf(MSG_INFO,
466 "nl80211: %s->nl_recvmsgs failed: %d (%s)",
467 __func__, res, nl_geterror(res));
468 }
469 }
470 out:
471 nl_cb_put(cb);
472 /* Always clear the message as it can potentially contain keys */
473 nl80211_nlmsg_clear(msg);
474 nlmsg_free(msg);
475 return err;
476 }
477
478
send_and_recv_msgs(struct wpa_driver_nl80211_data * drv,struct nl_msg * msg,int (* valid_handler)(struct nl_msg *,void *),void * valid_data,int (* ack_handler_custom)(struct nl_msg *,void *),void * ack_data)479 int send_and_recv_msgs(struct wpa_driver_nl80211_data *drv,
480 struct nl_msg *msg,
481 int (*valid_handler)(struct nl_msg *, void *),
482 void *valid_data,
483 int (*ack_handler_custom)(struct nl_msg *, void *),
484 void *ack_data)
485 {
486 return send_and_recv(drv->global, drv->global->nl, msg,
487 valid_handler, valid_data,
488 ack_handler_custom, ack_data);
489 }
490
491
492 /* Use this method to mark that it is necessary to own the connection/interface
493 * for this operation.
494 * handle may be set to NULL, to get the same behavior as send_and_recv_msgs().
495 * set_owner can be used to mark this socket for receiving control port frames.
496 */
send_and_recv_msgs_owner(struct wpa_driver_nl80211_data * drv,struct nl_msg * msg,struct nl_sock * handle,int set_owner,int (* valid_handler)(struct nl_msg *,void *),void * valid_data,int (* ack_handler_custom)(struct nl_msg *,void *),void * ack_data)497 static int send_and_recv_msgs_owner(struct wpa_driver_nl80211_data *drv,
498 struct nl_msg *msg,
499 struct nl_sock *handle, int set_owner,
500 int (*valid_handler)(struct nl_msg *,
501 void *),
502 void *valid_data,
503 int (*ack_handler_custom)(struct nl_msg *,
504 void *),
505 void *ack_data)
506 {
507 if (!msg)
508 return -ENOMEM;
509
510 /* Control port over nl80211 needs the flags and attributes below.
511 *
512 * The Linux kernel has initial checks for them (in nl80211.c) like:
513 * validate_pae_over_nl80211(...)
514 * or final checks like:
515 * dev->ieee80211_ptr->conn_owner_nlportid != info->snd_portid
516 *
517 * Final operations (e.g., disassociate) don't need to set these
518 * attributes, but they have to be performed on the socket, which has
519 * the connection owner property set in the kernel.
520 */
521 if ((drv->capa.flags2 & WPA_DRIVER_FLAGS2_CONTROL_PORT_RX) &&
522 handle && set_owner &&
523 (nla_put_flag(msg, NL80211_ATTR_CONTROL_PORT_OVER_NL80211) ||
524 nla_put_flag(msg, NL80211_ATTR_SOCKET_OWNER) ||
525 nla_put_u16(msg, NL80211_ATTR_CONTROL_PORT_ETHERTYPE, ETH_P_PAE) ||
526 nla_put_flag(msg, NL80211_ATTR_CONTROL_PORT_NO_PREAUTH)))
527 return -1;
528
529 return send_and_recv(drv->global, handle ? handle : drv->global->nl,
530 msg, valid_handler, valid_data,
531 ack_handler_custom, ack_data);
532 }
533
534
get_connect_handle(struct i802_bss * bss)535 struct nl_sock * get_connect_handle(struct i802_bss *bss)
536 {
537 if ((bss->drv->capa.flags2 & WPA_DRIVER_FLAGS2_CONTROL_PORT_RX) ||
538 bss->use_nl_connect)
539 return bss->nl_connect;
540
541 return NULL;
542 }
543
544
545 struct family_data {
546 const char *group;
547 int id;
548 };
549
550
family_handler(struct nl_msg * msg,void * arg)551 static int family_handler(struct nl_msg *msg, void *arg)
552 {
553 struct family_data *res = arg;
554 struct nlattr *tb[CTRL_ATTR_MAX + 1];
555 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
556 struct nlattr *mcgrp;
557 int i;
558
559 nla_parse(tb, CTRL_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
560 genlmsg_attrlen(gnlh, 0), NULL);
561 if (!tb[CTRL_ATTR_MCAST_GROUPS])
562 return NL_SKIP;
563
564 nla_for_each_nested(mcgrp, tb[CTRL_ATTR_MCAST_GROUPS], i) {
565 struct nlattr *tb2[CTRL_ATTR_MCAST_GRP_MAX + 1];
566 nla_parse(tb2, CTRL_ATTR_MCAST_GRP_MAX, nla_data(mcgrp),
567 nla_len(mcgrp), NULL);
568 if (!tb2[CTRL_ATTR_MCAST_GRP_NAME] ||
569 !tb2[CTRL_ATTR_MCAST_GRP_ID] ||
570 os_strncmp(nla_data(tb2[CTRL_ATTR_MCAST_GRP_NAME]),
571 res->group,
572 nla_len(tb2[CTRL_ATTR_MCAST_GRP_NAME])) != 0)
573 continue;
574 res->id = nla_get_u32(tb2[CTRL_ATTR_MCAST_GRP_ID]);
575 break;
576 };
577
578 return NL_SKIP;
579 }
580
581
nl_get_multicast_id(struct nl80211_global * global,const char * family,const char * group)582 static int nl_get_multicast_id(struct nl80211_global *global,
583 const char *family, const char *group)
584 {
585 struct nl_msg *msg;
586 int ret;
587 struct family_data res = { group, -ENOENT };
588
589 msg = nlmsg_alloc();
590 if (!msg)
591 return -ENOMEM;
592 if (!genlmsg_put(msg, 0, 0, genl_ctrl_resolve(global->nl, "nlctrl"),
593 0, 0, CTRL_CMD_GETFAMILY, 0) ||
594 nla_put_string(msg, CTRL_ATTR_FAMILY_NAME, family)) {
595 nlmsg_free(msg);
596 return -1;
597 }
598
599 ret = send_and_recv(global, global->nl, msg, family_handler, &res,
600 NULL, NULL);
601 if (ret == 0)
602 ret = res.id;
603 return ret;
604 }
605
606
nl80211_cmd(struct wpa_driver_nl80211_data * drv,struct nl_msg * msg,int flags,uint8_t cmd)607 void * nl80211_cmd(struct wpa_driver_nl80211_data *drv,
608 struct nl_msg *msg, int flags, uint8_t cmd)
609 {
610 if (TEST_FAIL())
611 return NULL;
612 return genlmsg_put(msg, 0, 0, drv->global->nl80211_id,
613 0, flags, cmd, 0);
614 }
615
616
nl80211_set_iface_id(struct nl_msg * msg,struct i802_bss * bss)617 static int nl80211_set_iface_id(struct nl_msg *msg, struct i802_bss *bss)
618 {
619 if (bss->wdev_id_set)
620 return nla_put_u64(msg, NL80211_ATTR_WDEV, bss->wdev_id);
621 return nla_put_u32(msg, NL80211_ATTR_IFINDEX, bss->ifindex);
622 }
623
624
nl80211_cmd_msg(struct i802_bss * bss,int flags,uint8_t cmd)625 struct nl_msg * nl80211_cmd_msg(struct i802_bss *bss, int flags, uint8_t cmd)
626 {
627 struct nl_msg *msg;
628
629 msg = nlmsg_alloc();
630 if (!msg)
631 return NULL;
632
633 if (!nl80211_cmd(bss->drv, msg, flags, cmd) ||
634 nl80211_set_iface_id(msg, bss) < 0) {
635 nlmsg_free(msg);
636 return NULL;
637 }
638
639 return msg;
640 }
641
642
643 static struct nl_msg *
nl80211_ifindex_msg(struct wpa_driver_nl80211_data * drv,int ifindex,int flags,uint8_t cmd)644 nl80211_ifindex_msg(struct wpa_driver_nl80211_data *drv, int ifindex,
645 int flags, uint8_t cmd)
646 {
647 struct nl_msg *msg;
648
649 msg = nlmsg_alloc();
650 if (!msg)
651 return NULL;
652
653 if (!nl80211_cmd(drv, msg, flags, cmd) ||
654 nla_put_u32(msg, NL80211_ATTR_IFINDEX, ifindex)) {
655 nlmsg_free(msg);
656 return NULL;
657 }
658
659 return msg;
660 }
661
662
nl80211_drv_msg(struct wpa_driver_nl80211_data * drv,int flags,uint8_t cmd)663 struct nl_msg * nl80211_drv_msg(struct wpa_driver_nl80211_data *drv, int flags,
664 uint8_t cmd)
665 {
666 return nl80211_ifindex_msg(drv, drv->ifindex, flags, cmd);
667 }
668
669
nl80211_bss_msg(struct i802_bss * bss,int flags,uint8_t cmd)670 struct nl_msg * nl80211_bss_msg(struct i802_bss *bss, int flags, uint8_t cmd)
671 {
672 return nl80211_ifindex_msg(bss->drv, bss->ifindex, flags, cmd);
673 }
674
675
676 struct wiphy_idx_data {
677 int wiphy_idx;
678 enum nl80211_iftype nlmode;
679 u8 *macaddr;
680 u8 use_4addr;
681 };
682
683
netdev_info_handler(struct nl_msg * msg,void * arg)684 static int netdev_info_handler(struct nl_msg *msg, void *arg)
685 {
686 struct nlattr *tb[NL80211_ATTR_MAX + 1];
687 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
688 struct wiphy_idx_data *info = arg;
689
690 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
691 genlmsg_attrlen(gnlh, 0), NULL);
692
693 if (tb[NL80211_ATTR_WIPHY])
694 info->wiphy_idx = nla_get_u32(tb[NL80211_ATTR_WIPHY]);
695
696 if (tb[NL80211_ATTR_IFTYPE])
697 info->nlmode = nla_get_u32(tb[NL80211_ATTR_IFTYPE]);
698
699 if (tb[NL80211_ATTR_MAC] && info->macaddr)
700 os_memcpy(info->macaddr, nla_data(tb[NL80211_ATTR_MAC]),
701 ETH_ALEN);
702
703 if (tb[NL80211_ATTR_4ADDR])
704 info->use_4addr = nla_get_u8(tb[NL80211_ATTR_4ADDR]);
705
706 return NL_SKIP;
707 }
708
709
nl80211_get_wiphy_index(struct i802_bss * bss)710 int nl80211_get_wiphy_index(struct i802_bss *bss)
711 {
712 struct nl_msg *msg;
713 struct wiphy_idx_data data = {
714 .wiphy_idx = -1,
715 .macaddr = NULL,
716 };
717
718 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_GET_INTERFACE)))
719 return -1;
720
721 if (send_and_recv_msgs(bss->drv, msg, netdev_info_handler, &data,
722 NULL, NULL) == 0)
723 return data.wiphy_idx;
724 return -1;
725 }
726
727
nl80211_get_ifmode(struct i802_bss * bss)728 static enum nl80211_iftype nl80211_get_ifmode(struct i802_bss *bss)
729 {
730 struct nl_msg *msg;
731 struct wiphy_idx_data data = {
732 .nlmode = NL80211_IFTYPE_UNSPECIFIED,
733 .macaddr = NULL,
734 };
735
736 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_GET_INTERFACE)))
737 return NL80211_IFTYPE_UNSPECIFIED;
738
739 if (send_and_recv_msgs(bss->drv, msg, netdev_info_handler, &data,
740 NULL, NULL) == 0)
741 return data.nlmode;
742 return NL80211_IFTYPE_UNSPECIFIED;
743 }
744
745
nl80211_get_macaddr(struct i802_bss * bss)746 static int nl80211_get_macaddr(struct i802_bss *bss)
747 {
748 struct nl_msg *msg;
749 struct wiphy_idx_data data = {
750 .macaddr = bss->addr,
751 };
752
753 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_GET_INTERFACE)))
754 return -1;
755
756 return send_and_recv_msgs(bss->drv, msg, netdev_info_handler, &data,
757 NULL, NULL);
758 }
759
760
nl80211_get_4addr(struct i802_bss * bss)761 static int nl80211_get_4addr(struct i802_bss *bss)
762 {
763 struct nl_msg *msg;
764 struct wiphy_idx_data data = {
765 .use_4addr = 0,
766 };
767
768 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_GET_INTERFACE)) ||
769 send_and_recv_msgs(bss->drv, msg, netdev_info_handler, &data,
770 NULL, NULL))
771 return -1;
772 return data.use_4addr;
773 }
774
775
nl80211_register_beacons(struct wpa_driver_nl80211_data * drv,struct nl80211_wiphy_data * w)776 static int nl80211_register_beacons(struct wpa_driver_nl80211_data *drv,
777 struct nl80211_wiphy_data *w)
778 {
779 struct nl_msg *msg;
780 int ret;
781
782 msg = nlmsg_alloc();
783 if (!msg)
784 return -1;
785
786 if (!nl80211_cmd(drv, msg, 0, NL80211_CMD_REGISTER_BEACONS) ||
787 nla_put_u32(msg, NL80211_ATTR_WIPHY, w->wiphy_idx)) {
788 nlmsg_free(msg);
789 return -1;
790 }
791
792 ret = send_and_recv(drv->global, w->nl_beacons, msg, NULL, NULL,
793 NULL, NULL);
794 if (ret) {
795 wpa_printf(MSG_DEBUG, "nl80211: Register beacons command "
796 "failed: ret=%d (%s)",
797 ret, strerror(-ret));
798 }
799 return ret;
800 }
801
802
nl80211_recv_beacons(int sock,void * eloop_ctx,void * handle)803 static void nl80211_recv_beacons(int sock, void *eloop_ctx, void *handle)
804 {
805 struct nl80211_wiphy_data *w = eloop_ctx;
806 int res;
807
808 wpa_printf(MSG_EXCESSIVE, "nl80211: Beacon event message available");
809
810 res = nl_recvmsgs(handle, w->nl_cb);
811 if (res < 0) {
812 wpa_printf(MSG_INFO, "nl80211: %s->nl_recvmsgs failed: %d",
813 __func__, res);
814 }
815 }
816
817
process_beacon_event(struct nl_msg * msg,void * arg)818 static int process_beacon_event(struct nl_msg *msg, void *arg)
819 {
820 struct nl80211_wiphy_data *w = arg;
821 struct wpa_driver_nl80211_data *drv;
822 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
823 struct nlattr *tb[NL80211_ATTR_MAX + 1];
824 union wpa_event_data event;
825
826 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
827 genlmsg_attrlen(gnlh, 0), NULL);
828
829 if (gnlh->cmd != NL80211_CMD_FRAME) {
830 wpa_printf(MSG_DEBUG, "nl80211: Unexpected beacon event? (%d)",
831 gnlh->cmd);
832 return NL_SKIP;
833 }
834
835 if (!tb[NL80211_ATTR_FRAME])
836 return NL_SKIP;
837
838 dl_list_for_each(drv, &w->drvs, struct wpa_driver_nl80211_data,
839 wiphy_list) {
840 os_memset(&event, 0, sizeof(event));
841 event.rx_mgmt.frame = nla_data(tb[NL80211_ATTR_FRAME]);
842 event.rx_mgmt.frame_len = nla_len(tb[NL80211_ATTR_FRAME]);
843 wpa_supplicant_event(drv->ctx, EVENT_RX_MGMT, &event);
844 }
845
846 return NL_SKIP;
847 }
848
849
850 static struct nl80211_wiphy_data *
nl80211_get_wiphy_data_ap(struct i802_bss * bss)851 nl80211_get_wiphy_data_ap(struct i802_bss *bss)
852 {
853 static DEFINE_DL_LIST(nl80211_wiphys);
854 struct nl80211_wiphy_data *w;
855 int wiphy_idx, found = 0;
856 struct i802_bss *tmp_bss;
857 u8 channel;
858
859 if (bss->wiphy_data != NULL)
860 return bss->wiphy_data;
861
862 wiphy_idx = nl80211_get_wiphy_index(bss);
863
864 dl_list_for_each(w, &nl80211_wiphys, struct nl80211_wiphy_data, list) {
865 if (w->wiphy_idx == wiphy_idx)
866 goto add;
867 }
868
869 /* alloc new one */
870 w = os_zalloc(sizeof(*w));
871 if (w == NULL)
872 return NULL;
873 w->wiphy_idx = wiphy_idx;
874 dl_list_init(&w->bsss);
875 dl_list_init(&w->drvs);
876
877 /* Beacon frames not supported in IEEE 802.11ad */
878 if (ieee80211_freq_to_chan(bss->freq, &channel) !=
879 HOSTAPD_MODE_IEEE80211AD) {
880 w->nl_cb = nl_cb_alloc(NL_CB_DEFAULT);
881 if (!w->nl_cb) {
882 os_free(w);
883 return NULL;
884 }
885 nl_cb_set(w->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM,
886 no_seq_check, NULL);
887 nl_cb_set(w->nl_cb, NL_CB_VALID, NL_CB_CUSTOM,
888 process_beacon_event, w);
889
890 w->nl_beacons = nl_create_handle(bss->drv->global->nl_cb,
891 "wiphy beacons");
892 if (w->nl_beacons == NULL) {
893 os_free(w);
894 return NULL;
895 }
896
897 if (nl80211_register_beacons(bss->drv, w)) {
898 nl_destroy_handles(&w->nl_beacons);
899 os_free(w);
900 return NULL;
901 }
902
903 nl80211_register_eloop_read(&w->nl_beacons,
904 nl80211_recv_beacons, w, 0);
905 }
906
907 dl_list_add(&nl80211_wiphys, &w->list);
908
909 add:
910 /* drv entry for this bss already there? */
911 dl_list_for_each(tmp_bss, &w->bsss, struct i802_bss, wiphy_list) {
912 if (tmp_bss->drv == bss->drv) {
913 found = 1;
914 break;
915 }
916 }
917 /* if not add it */
918 if (!found)
919 dl_list_add(&w->drvs, &bss->drv->wiphy_list);
920
921 dl_list_add(&w->bsss, &bss->wiphy_list);
922 bss->wiphy_data = w;
923 return w;
924 }
925
926
nl80211_put_wiphy_data_ap(struct i802_bss * bss)927 static void nl80211_put_wiphy_data_ap(struct i802_bss *bss)
928 {
929 struct nl80211_wiphy_data *w = bss->wiphy_data;
930 struct i802_bss *tmp_bss;
931 int found = 0;
932
933 if (w == NULL)
934 return;
935 bss->wiphy_data = NULL;
936 dl_list_del(&bss->wiphy_list);
937
938 /* still any for this drv present? */
939 dl_list_for_each(tmp_bss, &w->bsss, struct i802_bss, wiphy_list) {
940 if (tmp_bss->drv == bss->drv) {
941 found = 1;
942 break;
943 }
944 }
945 /* if not remove it */
946 if (!found)
947 dl_list_del(&bss->drv->wiphy_list);
948
949 if (!dl_list_empty(&w->bsss))
950 return;
951
952 if (w->nl_beacons)
953 nl80211_destroy_eloop_handle(&w->nl_beacons, 0);
954
955 nl_cb_put(w->nl_cb);
956 dl_list_del(&w->list);
957 os_free(w);
958 }
959
960
nl80211_get_ifindex(void * priv)961 static unsigned int nl80211_get_ifindex(void *priv)
962 {
963 struct i802_bss *bss = priv;
964 struct wpa_driver_nl80211_data *drv = bss->drv;
965
966 return drv->ifindex;
967 }
968
969
wpa_driver_nl80211_get_bssid(void * priv,u8 * bssid)970 static int wpa_driver_nl80211_get_bssid(void *priv, u8 *bssid)
971 {
972 struct i802_bss *bss = priv;
973 struct wpa_driver_nl80211_data *drv = bss->drv;
974 if (!drv->associated)
975 return -1;
976 os_memcpy(bssid, drv->bssid, ETH_ALEN);
977 return 0;
978 }
979
980
wpa_driver_nl80211_get_ssid(void * priv,u8 * ssid)981 static int wpa_driver_nl80211_get_ssid(void *priv, u8 *ssid)
982 {
983 struct i802_bss *bss = priv;
984 struct wpa_driver_nl80211_data *drv = bss->drv;
985 if (!drv->associated)
986 return -1;
987 os_memcpy(ssid, drv->ssid, drv->ssid_len);
988 return drv->ssid_len;
989 }
990
991
wpa_driver_nl80211_event_newlink(struct nl80211_global * global,struct wpa_driver_nl80211_data * drv,int ifindex,const char * ifname)992 static void wpa_driver_nl80211_event_newlink(
993 struct nl80211_global *global, struct wpa_driver_nl80211_data *drv,
994 int ifindex, const char *ifname)
995 {
996 union wpa_event_data event;
997
998 if (drv && os_strcmp(drv->first_bss->ifname, ifname) == 0) {
999 if (if_nametoindex(drv->first_bss->ifname) == 0) {
1000 wpa_printf(MSG_DEBUG, "nl80211: Interface %s does not exist - ignore RTM_NEWLINK",
1001 drv->first_bss->ifname);
1002 return;
1003 }
1004 if (!drv->if_removed)
1005 return;
1006 wpa_printf(MSG_DEBUG, "nl80211: Mark if_removed=0 for %s based on RTM_NEWLINK event",
1007 drv->first_bss->ifname);
1008 drv->if_removed = 0;
1009 }
1010
1011 os_memset(&event, 0, sizeof(event));
1012 event.interface_status.ifindex = ifindex;
1013 os_strlcpy(event.interface_status.ifname, ifname,
1014 sizeof(event.interface_status.ifname));
1015 event.interface_status.ievent = EVENT_INTERFACE_ADDED;
1016 if (drv)
1017 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_STATUS, &event);
1018 else
1019 wpa_supplicant_event_global(global->ctx, EVENT_INTERFACE_STATUS,
1020 &event);
1021 }
1022
1023
wpa_driver_nl80211_event_dellink(struct nl80211_global * global,struct wpa_driver_nl80211_data * drv,int ifindex,const char * ifname)1024 static void wpa_driver_nl80211_event_dellink(
1025 struct nl80211_global *global, struct wpa_driver_nl80211_data *drv,
1026 int ifindex, const char *ifname)
1027 {
1028 union wpa_event_data event;
1029
1030 if (drv && os_strcmp(drv->first_bss->ifname, ifname) == 0) {
1031 if (drv->if_removed) {
1032 wpa_printf(MSG_DEBUG, "nl80211: if_removed already set - ignore RTM_DELLINK event for %s",
1033 ifname);
1034 return;
1035 }
1036 wpa_printf(MSG_DEBUG, "RTM_DELLINK: Interface '%s' removed - mark if_removed=1",
1037 ifname);
1038 drv->if_removed = 1;
1039 } else {
1040 wpa_printf(MSG_DEBUG, "RTM_DELLINK: Interface '%s' removed",
1041 ifname);
1042 }
1043
1044 os_memset(&event, 0, sizeof(event));
1045 event.interface_status.ifindex = ifindex;
1046 os_strlcpy(event.interface_status.ifname, ifname,
1047 sizeof(event.interface_status.ifname));
1048 event.interface_status.ievent = EVENT_INTERFACE_REMOVED;
1049 if (drv)
1050 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_STATUS, &event);
1051 else
1052 wpa_supplicant_event_global(global->ctx, EVENT_INTERFACE_STATUS,
1053 &event);
1054 }
1055
1056
wpa_driver_nl80211_own_ifname(struct wpa_driver_nl80211_data * drv,u8 * buf,size_t len)1057 static int wpa_driver_nl80211_own_ifname(struct wpa_driver_nl80211_data *drv,
1058 u8 *buf, size_t len)
1059 {
1060 int attrlen, rta_len;
1061 struct rtattr *attr;
1062
1063 attrlen = len;
1064 attr = (struct rtattr *) buf;
1065
1066 rta_len = RTA_ALIGN(sizeof(struct rtattr));
1067 while (RTA_OK(attr, attrlen)) {
1068 if (attr->rta_type == IFLA_IFNAME) {
1069 if (os_strcmp(((char *) attr) + rta_len,
1070 drv->first_bss->ifname) == 0)
1071 return 1;
1072 else
1073 break;
1074 }
1075 attr = RTA_NEXT(attr, attrlen);
1076 }
1077
1078 return 0;
1079 }
1080
1081
wpa_driver_nl80211_own_ifindex(struct wpa_driver_nl80211_data * drv,int ifindex,u8 * buf,size_t len)1082 static int wpa_driver_nl80211_own_ifindex(struct wpa_driver_nl80211_data *drv,
1083 int ifindex, u8 *buf, size_t len)
1084 {
1085 if (drv->ifindex == ifindex)
1086 return 1;
1087
1088 if (drv->if_removed && wpa_driver_nl80211_own_ifname(drv, buf, len)) {
1089 nl80211_check_global(drv->global);
1090 wpa_printf(MSG_DEBUG, "nl80211: Update ifindex for a removed "
1091 "interface");
1092 if (wpa_driver_nl80211_finish_drv_init(drv, NULL, 0, NULL) < 0)
1093 return -1;
1094 return 1;
1095 }
1096
1097 return 0;
1098 }
1099
1100
1101 static struct wpa_driver_nl80211_data *
nl80211_find_drv(struct nl80211_global * global,int idx,u8 * buf,size_t len,int * init_failed)1102 nl80211_find_drv(struct nl80211_global *global, int idx, u8 *buf, size_t len,
1103 int *init_failed)
1104 {
1105 struct wpa_driver_nl80211_data *drv;
1106 int res;
1107
1108 if (init_failed)
1109 *init_failed = 0;
1110 dl_list_for_each(drv, &global->interfaces,
1111 struct wpa_driver_nl80211_data, list) {
1112 res = wpa_driver_nl80211_own_ifindex(drv, idx, buf, len);
1113 if (res < 0) {
1114 wpa_printf(MSG_DEBUG,
1115 "nl80211: Found matching own interface, but failed to complete reinitialization");
1116 if (init_failed)
1117 *init_failed = 1;
1118 return drv;
1119 }
1120 if (res > 0 || have_ifidx(drv, idx, IFIDX_ANY))
1121 return drv;
1122 }
1123 return NULL;
1124 }
1125
1126
nl80211_refresh_mac(struct wpa_driver_nl80211_data * drv,int ifindex,int notify)1127 static void nl80211_refresh_mac(struct wpa_driver_nl80211_data *drv,
1128 int ifindex, int notify)
1129 {
1130 struct i802_bss *bss;
1131 u8 addr[ETH_ALEN];
1132
1133 bss = get_bss_ifindex(drv, ifindex);
1134 if (bss &&
1135 linux_get_ifhwaddr(drv->global->ioctl_sock,
1136 bss->ifname, addr) < 0) {
1137 wpa_printf(MSG_DEBUG,
1138 "nl80211: %s: failed to re-read MAC address",
1139 bss->ifname);
1140 } else if (bss && os_memcmp(addr, bss->addr, ETH_ALEN) != 0) {
1141 wpa_printf(MSG_DEBUG,
1142 "nl80211: Own MAC address on ifindex %d (%s) changed from "
1143 MACSTR " to " MACSTR,
1144 ifindex, bss->ifname,
1145 MAC2STR(bss->addr), MAC2STR(addr));
1146 os_memcpy(bss->addr, addr, ETH_ALEN);
1147 if (notify)
1148 wpa_supplicant_event(drv->ctx,
1149 EVENT_INTERFACE_MAC_CHANGED, NULL);
1150 }
1151 }
1152
1153
wpa_driver_nl80211_event_rtm_newlink(void * ctx,struct ifinfomsg * ifi,u8 * buf,size_t len)1154 static void wpa_driver_nl80211_event_rtm_newlink(void *ctx,
1155 struct ifinfomsg *ifi,
1156 u8 *buf, size_t len)
1157 {
1158 struct nl80211_global *global = ctx;
1159 struct wpa_driver_nl80211_data *drv;
1160 int attrlen;
1161 struct rtattr *attr;
1162 u32 brid = 0;
1163 char namebuf[IFNAMSIZ];
1164 char ifname[IFNAMSIZ + 1];
1165 char extra[100], *pos, *end;
1166 int init_failed;
1167
1168 extra[0] = '\0';
1169 pos = extra;
1170 end = pos + sizeof(extra);
1171 ifname[0] = '\0';
1172
1173 attrlen = len;
1174 attr = (struct rtattr *) buf;
1175 while (RTA_OK(attr, attrlen)) {
1176 switch (attr->rta_type) {
1177 case IFLA_IFNAME:
1178 if (RTA_PAYLOAD(attr) > IFNAMSIZ)
1179 break;
1180 os_memcpy(ifname, RTA_DATA(attr), RTA_PAYLOAD(attr));
1181 ifname[RTA_PAYLOAD(attr)] = '\0';
1182 break;
1183 case IFLA_MASTER:
1184 brid = nla_get_u32((struct nlattr *) attr);
1185 pos += os_snprintf(pos, end - pos, " master=%u", brid);
1186 break;
1187 case IFLA_WIRELESS:
1188 pos += os_snprintf(pos, end - pos, " wext");
1189 break;
1190 case IFLA_OPERSTATE:
1191 pos += os_snprintf(pos, end - pos, " operstate=%u",
1192 nla_get_u32((struct nlattr *) attr));
1193 break;
1194 case IFLA_LINKMODE:
1195 pos += os_snprintf(pos, end - pos, " linkmode=%u",
1196 nla_get_u32((struct nlattr *) attr));
1197 break;
1198 }
1199 attr = RTA_NEXT(attr, attrlen);
1200 }
1201 extra[sizeof(extra) - 1] = '\0';
1202
1203 wpa_printf(MSG_DEBUG, "RTM_NEWLINK: ifi_index=%d ifname=%s%s ifi_family=%d ifi_flags=0x%x (%s%s%s%s)",
1204 ifi->ifi_index, ifname, extra, ifi->ifi_family,
1205 ifi->ifi_flags,
1206 (ifi->ifi_flags & IFF_UP) ? "[UP]" : "",
1207 (ifi->ifi_flags & IFF_RUNNING) ? "[RUNNING]" : "",
1208 (ifi->ifi_flags & IFF_LOWER_UP) ? "[LOWER_UP]" : "",
1209 (ifi->ifi_flags & IFF_DORMANT) ? "[DORMANT]" : "");
1210
1211 drv = nl80211_find_drv(global, ifi->ifi_index, buf, len, &init_failed);
1212 if (!drv)
1213 goto event_newlink;
1214 if (init_failed)
1215 return; /* do not update interface state */
1216
1217 if (!drv->if_disabled && !(ifi->ifi_flags & IFF_UP)) {
1218 namebuf[0] = '\0';
1219 if (if_indextoname(ifi->ifi_index, namebuf) &&
1220 linux_iface_up(drv->global->ioctl_sock, namebuf) > 0) {
1221 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface down "
1222 "event since interface %s is up", namebuf);
1223 drv->ignore_if_down_event = 0;
1224 /* Re-read MAC address as it may have changed */
1225 nl80211_refresh_mac(drv, ifi->ifi_index, 1);
1226 return;
1227 }
1228 wpa_printf(MSG_DEBUG, "nl80211: Interface down (%s/%s)",
1229 namebuf, ifname);
1230 if (os_strcmp(drv->first_bss->ifname, ifname) != 0) {
1231 wpa_printf(MSG_DEBUG,
1232 "nl80211: Not the main interface (%s) - do not indicate interface down",
1233 drv->first_bss->ifname);
1234 } else if (drv->ignore_if_down_event) {
1235 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface down "
1236 "event generated by mode change");
1237 drv->ignore_if_down_event = 0;
1238 } else {
1239 drv->if_disabled = 1;
1240 wpa_supplicant_event(drv->ctx,
1241 EVENT_INTERFACE_DISABLED, NULL);
1242
1243 /*
1244 * Try to get drv again, since it may be removed as
1245 * part of the EVENT_INTERFACE_DISABLED handling for
1246 * dynamic interfaces
1247 */
1248 drv = nl80211_find_drv(global, ifi->ifi_index,
1249 buf, len, NULL);
1250 if (!drv)
1251 return;
1252 }
1253 }
1254
1255 if (drv->if_disabled && (ifi->ifi_flags & IFF_UP)) {
1256 namebuf[0] = '\0';
1257 if (if_indextoname(ifi->ifi_index, namebuf) &&
1258 linux_iface_up(drv->global->ioctl_sock, namebuf) == 0) {
1259 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface up "
1260 "event since interface %s is down",
1261 namebuf);
1262 return;
1263 }
1264 wpa_printf(MSG_DEBUG, "nl80211: Interface up (%s/%s)",
1265 namebuf, ifname);
1266 if (os_strcmp(drv->first_bss->ifname, ifname) != 0) {
1267 wpa_printf(MSG_DEBUG,
1268 "nl80211: Not the main interface (%s) - do not indicate interface up",
1269 drv->first_bss->ifname);
1270 } else if (if_nametoindex(drv->first_bss->ifname) == 0) {
1271 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface up "
1272 "event since interface %s does not exist",
1273 drv->first_bss->ifname);
1274 } else if (drv->if_removed) {
1275 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface up "
1276 "event since interface %s is marked "
1277 "removed", drv->first_bss->ifname);
1278 } else {
1279 /* Re-read MAC address as it may have changed */
1280 nl80211_refresh_mac(drv, ifi->ifi_index, 0);
1281
1282 drv->if_disabled = 0;
1283 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_ENABLED,
1284 NULL);
1285 }
1286 } else if (ifi->ifi_flags & IFF_UP) {
1287 /* Re-read MAC address as it may have changed */
1288 nl80211_refresh_mac(drv, ifi->ifi_index, 1);
1289 return;
1290 }
1291
1292 /*
1293 * Some drivers send the association event before the operup event--in
1294 * this case, lifting operstate in wpa_driver_nl80211_set_operstate()
1295 * fails. This will hit us when wpa_supplicant does not need to do
1296 * IEEE 802.1X authentication
1297 */
1298 if (drv->operstate == 1 &&
1299 (ifi->ifi_flags & (IFF_LOWER_UP | IFF_DORMANT)) == IFF_LOWER_UP &&
1300 !(ifi->ifi_flags & IFF_RUNNING)) {
1301 wpa_printf(MSG_DEBUG, "nl80211: Set IF_OPER_UP again based on ifi_flags and expected operstate");
1302 netlink_send_oper_ifla(drv->global->netlink, drv->ifindex,
1303 -1, IF_OPER_UP);
1304 }
1305
1306 event_newlink:
1307 if (ifname[0])
1308 wpa_driver_nl80211_event_newlink(global, drv, ifi->ifi_index,
1309 ifname);
1310
1311 if (ifi->ifi_family == AF_BRIDGE && brid && drv) {
1312 struct i802_bss *bss;
1313
1314 /* device has been added to bridge */
1315 if (!if_indextoname(brid, namebuf)) {
1316 wpa_printf(MSG_DEBUG,
1317 "nl80211: Could not find bridge ifname for ifindex %u",
1318 brid);
1319 return;
1320 }
1321 wpa_printf(MSG_DEBUG, "nl80211: Add ifindex %u for bridge %s",
1322 brid, namebuf);
1323 add_ifidx(drv, brid, ifi->ifi_index);
1324
1325 for (bss = drv->first_bss; bss; bss = bss->next) {
1326 if (os_strcmp(ifname, bss->ifname) == 0) {
1327 os_strlcpy(bss->brname, namebuf, IFNAMSIZ);
1328 break;
1329 }
1330 }
1331 }
1332 }
1333
1334
wpa_driver_nl80211_event_rtm_dellink(void * ctx,struct ifinfomsg * ifi,u8 * buf,size_t len)1335 static void wpa_driver_nl80211_event_rtm_dellink(void *ctx,
1336 struct ifinfomsg *ifi,
1337 u8 *buf, size_t len)
1338 {
1339 struct nl80211_global *global = ctx;
1340 struct wpa_driver_nl80211_data *drv;
1341 int attrlen;
1342 struct rtattr *attr;
1343 u32 brid = 0;
1344 char ifname[IFNAMSIZ + 1];
1345 char extra[100], *pos, *end;
1346
1347 extra[0] = '\0';
1348 pos = extra;
1349 end = pos + sizeof(extra);
1350 ifname[0] = '\0';
1351
1352 attrlen = len;
1353 attr = (struct rtattr *) buf;
1354 while (RTA_OK(attr, attrlen)) {
1355 switch (attr->rta_type) {
1356 case IFLA_IFNAME:
1357 if (RTA_PAYLOAD(attr) > IFNAMSIZ)
1358 break;
1359 os_memcpy(ifname, RTA_DATA(attr), RTA_PAYLOAD(attr));
1360 ifname[RTA_PAYLOAD(attr)] = '\0';
1361 break;
1362 case IFLA_MASTER:
1363 brid = nla_get_u32((struct nlattr *) attr);
1364 pos += os_snprintf(pos, end - pos, " master=%u", brid);
1365 break;
1366 case IFLA_OPERSTATE:
1367 pos += os_snprintf(pos, end - pos, " operstate=%u",
1368 nla_get_u32((struct nlattr *) attr));
1369 break;
1370 case IFLA_LINKMODE:
1371 pos += os_snprintf(pos, end - pos, " linkmode=%u",
1372 nla_get_u32((struct nlattr *) attr));
1373 break;
1374 }
1375 attr = RTA_NEXT(attr, attrlen);
1376 }
1377 extra[sizeof(extra) - 1] = '\0';
1378
1379 wpa_printf(MSG_DEBUG, "RTM_DELLINK: ifi_index=%d ifname=%s%s ifi_family=%d ifi_flags=0x%x (%s%s%s%s)",
1380 ifi->ifi_index, ifname, extra, ifi->ifi_family,
1381 ifi->ifi_flags,
1382 (ifi->ifi_flags & IFF_UP) ? "[UP]" : "",
1383 (ifi->ifi_flags & IFF_RUNNING) ? "[RUNNING]" : "",
1384 (ifi->ifi_flags & IFF_LOWER_UP) ? "[LOWER_UP]" : "",
1385 (ifi->ifi_flags & IFF_DORMANT) ? "[DORMANT]" : "");
1386
1387 drv = nl80211_find_drv(global, ifi->ifi_index, buf, len, NULL);
1388
1389 if (ifi->ifi_family == AF_BRIDGE && brid && drv) {
1390 /* device has been removed from bridge */
1391 char namebuf[IFNAMSIZ];
1392
1393 if (!if_indextoname(brid, namebuf)) {
1394 wpa_printf(MSG_DEBUG,
1395 "nl80211: Could not find bridge ifname for ifindex %u",
1396 brid);
1397 } else {
1398 wpa_printf(MSG_DEBUG,
1399 "nl80211: Remove ifindex %u for bridge %s",
1400 brid, namebuf);
1401 }
1402 del_ifidx(drv, brid, ifi->ifi_index);
1403 }
1404
1405 if (ifi->ifi_family != AF_BRIDGE || !brid)
1406 wpa_driver_nl80211_event_dellink(global, drv, ifi->ifi_index,
1407 ifname);
1408 }
1409
1410
1411 struct nl80211_get_assoc_freq_arg {
1412 struct wpa_driver_nl80211_data *drv;
1413 unsigned int assoc_freq;
1414 unsigned int ibss_freq;
1415 u8 assoc_bssid[ETH_ALEN];
1416 u8 assoc_ssid[SSID_MAX_LEN];
1417 u8 assoc_ssid_len;
1418 };
1419
nl80211_get_assoc_freq_handler(struct nl_msg * msg,void * arg)1420 static int nl80211_get_assoc_freq_handler(struct nl_msg *msg, void *arg)
1421 {
1422 struct nlattr *tb[NL80211_ATTR_MAX + 1];
1423 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
1424 struct nlattr *bss[NL80211_BSS_MAX + 1];
1425 static struct nla_policy bss_policy[NL80211_BSS_MAX + 1] = {
1426 [NL80211_BSS_BSSID] = { .type = NLA_UNSPEC },
1427 [NL80211_BSS_FREQUENCY] = { .type = NLA_U32 },
1428 [NL80211_BSS_INFORMATION_ELEMENTS] = { .type = NLA_UNSPEC },
1429 [NL80211_BSS_STATUS] = { .type = NLA_U32 },
1430 };
1431 struct nl80211_get_assoc_freq_arg *ctx = arg;
1432 enum nl80211_bss_status status;
1433
1434 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
1435 genlmsg_attrlen(gnlh, 0), NULL);
1436 if (!tb[NL80211_ATTR_BSS] ||
1437 nla_parse_nested(bss, NL80211_BSS_MAX, tb[NL80211_ATTR_BSS],
1438 bss_policy) ||
1439 !bss[NL80211_BSS_STATUS])
1440 return NL_SKIP;
1441
1442 status = nla_get_u32(bss[NL80211_BSS_STATUS]);
1443 if (status == NL80211_BSS_STATUS_ASSOCIATED &&
1444 bss[NL80211_BSS_FREQUENCY]) {
1445 ctx->assoc_freq = nla_get_u32(bss[NL80211_BSS_FREQUENCY]);
1446 wpa_printf(MSG_DEBUG, "nl80211: Associated on %u MHz",
1447 ctx->assoc_freq);
1448 }
1449 if (status == NL80211_BSS_STATUS_IBSS_JOINED &&
1450 bss[NL80211_BSS_FREQUENCY]) {
1451 ctx->ibss_freq = nla_get_u32(bss[NL80211_BSS_FREQUENCY]);
1452 wpa_printf(MSG_DEBUG, "nl80211: IBSS-joined on %u MHz",
1453 ctx->ibss_freq);
1454 }
1455 if (status == NL80211_BSS_STATUS_ASSOCIATED &&
1456 bss[NL80211_BSS_BSSID]) {
1457 os_memcpy(ctx->assoc_bssid,
1458 nla_data(bss[NL80211_BSS_BSSID]), ETH_ALEN);
1459 wpa_printf(MSG_DEBUG, "nl80211: Associated with "
1460 MACSTR, MAC2STR(ctx->assoc_bssid));
1461 }
1462
1463 if (status == NL80211_BSS_STATUS_ASSOCIATED &&
1464 bss[NL80211_BSS_INFORMATION_ELEMENTS]) {
1465 const u8 *ie, *ssid;
1466 size_t ie_len;
1467
1468 ie = nla_data(bss[NL80211_BSS_INFORMATION_ELEMENTS]);
1469 ie_len = nla_len(bss[NL80211_BSS_INFORMATION_ELEMENTS]);
1470 ssid = get_ie(ie, ie_len, WLAN_EID_SSID);
1471 if (ssid && ssid[1] > 0 && ssid[1] <= SSID_MAX_LEN) {
1472 ctx->assoc_ssid_len = ssid[1];
1473 os_memcpy(ctx->assoc_ssid, ssid + 2, ssid[1]);
1474 }
1475 }
1476
1477 return NL_SKIP;
1478 }
1479
1480
nl80211_get_assoc_ssid(struct wpa_driver_nl80211_data * drv,u8 * ssid)1481 int nl80211_get_assoc_ssid(struct wpa_driver_nl80211_data *drv, u8 *ssid)
1482 {
1483 struct nl_msg *msg;
1484 int ret;
1485 struct nl80211_get_assoc_freq_arg arg;
1486 int count = 0;
1487
1488 try_again:
1489 msg = nl80211_drv_msg(drv, NLM_F_DUMP, NL80211_CMD_GET_SCAN);
1490 os_memset(&arg, 0, sizeof(arg));
1491 arg.drv = drv;
1492 ret = send_and_recv_msgs(drv, msg, nl80211_get_assoc_freq_handler,
1493 &arg, NULL, NULL);
1494 if (ret == -EAGAIN) {
1495 count++;
1496 if (count >= 10) {
1497 wpa_printf(MSG_INFO,
1498 "nl80211: Failed to receive consistent scan result dump for get_assoc_ssid");
1499 } else {
1500 wpa_printf(MSG_DEBUG,
1501 "nl80211: Failed to receive consistent scan result dump for get_assoc_ssid - try again");
1502 goto try_again;
1503 }
1504 }
1505 if (ret == 0) {
1506 os_memcpy(ssid, arg.assoc_ssid, arg.assoc_ssid_len);
1507 return arg.assoc_ssid_len;
1508 }
1509 wpa_printf(MSG_DEBUG, "nl80211: Scan result fetch failed: ret=%d (%s)",
1510 ret, strerror(-ret));
1511 return ret;
1512 }
1513
1514
nl80211_get_assoc_freq(struct wpa_driver_nl80211_data * drv)1515 unsigned int nl80211_get_assoc_freq(struct wpa_driver_nl80211_data *drv)
1516 {
1517 struct nl_msg *msg;
1518 int ret;
1519 struct nl80211_get_assoc_freq_arg arg;
1520 int count = 0;
1521
1522 try_again:
1523 msg = nl80211_drv_msg(drv, NLM_F_DUMP, NL80211_CMD_GET_SCAN);
1524 os_memset(&arg, 0, sizeof(arg));
1525 arg.drv = drv;
1526 ret = send_and_recv_msgs(drv, msg, nl80211_get_assoc_freq_handler,
1527 &arg, NULL, NULL);
1528 if (ret == -EAGAIN) {
1529 count++;
1530 if (count >= 10) {
1531 wpa_printf(MSG_INFO,
1532 "nl80211: Failed to receive consistent scan result dump for get_assoc_freq");
1533 } else {
1534 wpa_printf(MSG_DEBUG,
1535 "nl80211: Failed to receive consistent scan result dump for get_assoc_freq - try again");
1536 goto try_again;
1537 }
1538 }
1539 if (ret == 0) {
1540 unsigned int freq = drv->nlmode == NL80211_IFTYPE_ADHOC ?
1541 arg.ibss_freq : arg.assoc_freq;
1542 wpa_printf(MSG_DEBUG, "nl80211: Operating frequency for the "
1543 "associated BSS from scan results: %u MHz", freq);
1544 if (freq)
1545 drv->assoc_freq = freq;
1546 return drv->assoc_freq;
1547 }
1548 wpa_printf(MSG_DEBUG, "nl80211: Scan result fetch failed: ret=%d "
1549 "(%s)", ret, strerror(-ret));
1550 return drv->assoc_freq;
1551 }
1552
1553
get_link_signal(struct nl_msg * msg,void * arg)1554 static int get_link_signal(struct nl_msg *msg, void *arg)
1555 {
1556 struct nlattr *tb[NL80211_ATTR_MAX + 1];
1557 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
1558 struct nlattr *sinfo[NL80211_STA_INFO_MAX + 1];
1559 static struct nla_policy policy[NL80211_STA_INFO_MAX + 1] = {
1560 [NL80211_STA_INFO_SIGNAL] = { .type = NLA_U8 },
1561 [NL80211_STA_INFO_SIGNAL_AVG] = { .type = NLA_U8 },
1562 [NL80211_STA_INFO_BEACON_SIGNAL_AVG] = { .type = NLA_U8 },
1563 };
1564 struct nlattr *rinfo[NL80211_RATE_INFO_MAX + 1];
1565 static struct nla_policy rate_policy[NL80211_RATE_INFO_MAX + 1] = {
1566 [NL80211_RATE_INFO_BITRATE] = { .type = NLA_U16 },
1567 [NL80211_RATE_INFO_MCS] = { .type = NLA_U8 },
1568 [NL80211_RATE_INFO_40_MHZ_WIDTH] = { .type = NLA_FLAG },
1569 [NL80211_RATE_INFO_SHORT_GI] = { .type = NLA_FLAG },
1570 };
1571 struct wpa_signal_info *sig_change = arg;
1572
1573 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
1574 genlmsg_attrlen(gnlh, 0), NULL);
1575 if (!tb[NL80211_ATTR_STA_INFO] ||
1576 nla_parse_nested(sinfo, NL80211_STA_INFO_MAX,
1577 tb[NL80211_ATTR_STA_INFO], policy))
1578 return NL_SKIP;
1579 if (!sinfo[NL80211_STA_INFO_SIGNAL])
1580 return NL_SKIP;
1581
1582 sig_change->current_signal =
1583 (s8) nla_get_u8(sinfo[NL80211_STA_INFO_SIGNAL]);
1584
1585 if (sinfo[NL80211_STA_INFO_SIGNAL_AVG])
1586 sig_change->avg_signal =
1587 (s8) nla_get_u8(sinfo[NL80211_STA_INFO_SIGNAL_AVG]);
1588 else
1589 sig_change->avg_signal = 0;
1590
1591 if (sinfo[NL80211_STA_INFO_BEACON_SIGNAL_AVG])
1592 sig_change->avg_beacon_signal =
1593 (s8)
1594 nla_get_u8(sinfo[NL80211_STA_INFO_BEACON_SIGNAL_AVG]);
1595 else
1596 sig_change->avg_beacon_signal = 0;
1597
1598 if (sinfo[NL80211_STA_INFO_TX_BITRATE]) {
1599 if (nla_parse_nested(rinfo, NL80211_RATE_INFO_MAX,
1600 sinfo[NL80211_STA_INFO_TX_BITRATE],
1601 rate_policy)) {
1602 sig_change->current_txrate = 0;
1603 } else {
1604 if (rinfo[NL80211_RATE_INFO_BITRATE]) {
1605 sig_change->current_txrate =
1606 nla_get_u16(rinfo[
1607 NL80211_RATE_INFO_BITRATE]) * 100;
1608 }
1609 }
1610 }
1611
1612 return NL_SKIP;
1613 }
1614
1615
nl80211_get_link_signal(struct wpa_driver_nl80211_data * drv,struct wpa_signal_info * sig)1616 int nl80211_get_link_signal(struct wpa_driver_nl80211_data *drv,
1617 struct wpa_signal_info *sig)
1618 {
1619 struct nl_msg *msg;
1620
1621 sig->current_signal = -WPA_INVALID_NOISE;
1622 sig->current_txrate = 0;
1623
1624 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_GET_STATION)) ||
1625 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, drv->bssid)) {
1626 nlmsg_free(msg);
1627 return -ENOBUFS;
1628 }
1629
1630 return send_and_recv_msgs(drv, msg, get_link_signal, sig, NULL, NULL);
1631 }
1632
1633
get_link_noise(struct nl_msg * msg,void * arg)1634 static int get_link_noise(struct nl_msg *msg, void *arg)
1635 {
1636 struct nlattr *tb[NL80211_ATTR_MAX + 1];
1637 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
1638 struct nlattr *sinfo[NL80211_SURVEY_INFO_MAX + 1];
1639 static struct nla_policy survey_policy[NL80211_SURVEY_INFO_MAX + 1] = {
1640 [NL80211_SURVEY_INFO_FREQUENCY] = { .type = NLA_U32 },
1641 [NL80211_SURVEY_INFO_NOISE] = { .type = NLA_U8 },
1642 };
1643 struct wpa_signal_info *sig_change = arg;
1644
1645 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
1646 genlmsg_attrlen(gnlh, 0), NULL);
1647
1648 if (!tb[NL80211_ATTR_SURVEY_INFO]) {
1649 wpa_printf(MSG_DEBUG, "nl80211: survey data missing!");
1650 return NL_SKIP;
1651 }
1652
1653 if (nla_parse_nested(sinfo, NL80211_SURVEY_INFO_MAX,
1654 tb[NL80211_ATTR_SURVEY_INFO],
1655 survey_policy)) {
1656 wpa_printf(MSG_DEBUG, "nl80211: failed to parse nested "
1657 "attributes!");
1658 return NL_SKIP;
1659 }
1660
1661 if (!sinfo[NL80211_SURVEY_INFO_FREQUENCY])
1662 return NL_SKIP;
1663
1664 if (nla_get_u32(sinfo[NL80211_SURVEY_INFO_FREQUENCY]) !=
1665 sig_change->frequency)
1666 return NL_SKIP;
1667
1668 if (!sinfo[NL80211_SURVEY_INFO_NOISE])
1669 return NL_SKIP;
1670
1671 sig_change->current_noise =
1672 (s8) nla_get_u8(sinfo[NL80211_SURVEY_INFO_NOISE]);
1673
1674 return NL_SKIP;
1675 }
1676
1677
nl80211_get_link_noise(struct wpa_driver_nl80211_data * drv,struct wpa_signal_info * sig_change)1678 int nl80211_get_link_noise(struct wpa_driver_nl80211_data *drv,
1679 struct wpa_signal_info *sig_change)
1680 {
1681 struct nl_msg *msg;
1682
1683 sig_change->current_noise = WPA_INVALID_NOISE;
1684 sig_change->frequency = drv->assoc_freq;
1685
1686 msg = nl80211_drv_msg(drv, NLM_F_DUMP, NL80211_CMD_GET_SURVEY);
1687 return send_and_recv_msgs(drv, msg, get_link_noise, sig_change,
1688 NULL, NULL);
1689 }
1690
1691
get_channel_info(struct nl_msg * msg,void * arg)1692 static int get_channel_info(struct nl_msg *msg, void *arg)
1693 {
1694 struct nlattr *tb[NL80211_ATTR_MAX + 1] = { 0 };
1695 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
1696 struct wpa_channel_info *chan_info = arg;
1697
1698 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
1699 genlmsg_attrlen(gnlh, 0), NULL);
1700
1701 os_memset(chan_info, 0, sizeof(struct wpa_channel_info));
1702 chan_info->chanwidth = CHAN_WIDTH_UNKNOWN;
1703
1704 if (tb[NL80211_ATTR_WIPHY_FREQ])
1705 chan_info->frequency =
1706 nla_get_u32(tb[NL80211_ATTR_WIPHY_FREQ]);
1707 if (tb[NL80211_ATTR_CHANNEL_WIDTH])
1708 chan_info->chanwidth = convert2width(
1709 nla_get_u32(tb[NL80211_ATTR_CHANNEL_WIDTH]));
1710 if (tb[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) {
1711 enum nl80211_channel_type ct =
1712 nla_get_u32(tb[NL80211_ATTR_WIPHY_CHANNEL_TYPE]);
1713
1714 switch (ct) {
1715 case NL80211_CHAN_HT40MINUS:
1716 chan_info->sec_channel = -1;
1717 break;
1718 case NL80211_CHAN_HT40PLUS:
1719 chan_info->sec_channel = 1;
1720 break;
1721 default:
1722 chan_info->sec_channel = 0;
1723 break;
1724 }
1725 }
1726 if (tb[NL80211_ATTR_CENTER_FREQ1])
1727 chan_info->center_frq1 =
1728 nla_get_u32(tb[NL80211_ATTR_CENTER_FREQ1]);
1729 if (tb[NL80211_ATTR_CENTER_FREQ2])
1730 chan_info->center_frq2 =
1731 nla_get_u32(tb[NL80211_ATTR_CENTER_FREQ2]);
1732
1733 if (chan_info->center_frq2) {
1734 u8 seg1_idx = 0;
1735
1736 if (ieee80211_freq_to_chan(chan_info->center_frq2, &seg1_idx) !=
1737 NUM_HOSTAPD_MODES)
1738 chan_info->seg1_idx = seg1_idx;
1739 }
1740
1741 return NL_SKIP;
1742 }
1743
1744
nl80211_channel_info(void * priv,struct wpa_channel_info * ci)1745 static int nl80211_channel_info(void *priv, struct wpa_channel_info *ci)
1746 {
1747 struct i802_bss *bss = priv;
1748 struct wpa_driver_nl80211_data *drv = bss->drv;
1749 struct nl_msg *msg;
1750
1751 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_GET_INTERFACE);
1752 return send_and_recv_msgs(drv, msg, get_channel_info, ci, NULL, NULL);
1753 }
1754
1755
wpa_driver_nl80211_event_receive(int sock,void * eloop_ctx,void * handle)1756 static void wpa_driver_nl80211_event_receive(int sock, void *eloop_ctx,
1757 void *handle)
1758 {
1759 struct nl_cb *cb = eloop_ctx;
1760 int res;
1761
1762 wpa_printf(MSG_MSGDUMP, "nl80211: Event message available");
1763
1764 res = nl_recvmsgs(handle, cb);
1765 if (res < 0) {
1766 wpa_printf(MSG_INFO, "nl80211: %s->nl_recvmsgs failed: %d",
1767 __func__, res);
1768 }
1769 }
1770
1771
1772 /**
1773 * wpa_driver_nl80211_set_country - ask nl80211 to set the regulatory domain
1774 * @priv: driver_nl80211 private data
1775 * @alpha2_arg: country to which to switch to
1776 * Returns: 0 on success, -1 on failure
1777 *
1778 * This asks nl80211 to set the regulatory domain for given
1779 * country ISO / IEC alpha2.
1780 */
wpa_driver_nl80211_set_country(void * priv,const char * alpha2_arg)1781 static int wpa_driver_nl80211_set_country(void *priv, const char *alpha2_arg)
1782 {
1783 struct i802_bss *bss = priv;
1784 struct wpa_driver_nl80211_data *drv = bss->drv;
1785 char alpha2[3];
1786 struct nl_msg *msg;
1787
1788 msg = nlmsg_alloc();
1789 if (!msg)
1790 return -ENOMEM;
1791
1792 alpha2[0] = alpha2_arg[0];
1793 alpha2[1] = alpha2_arg[1];
1794 alpha2[2] = '\0';
1795
1796 if (!nl80211_cmd(drv, msg, 0, NL80211_CMD_REQ_SET_REG) ||
1797 nla_put_string(msg, NL80211_ATTR_REG_ALPHA2, alpha2)) {
1798 nlmsg_free(msg);
1799 return -EINVAL;
1800 }
1801 if (send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL))
1802 return -EINVAL;
1803 return 0;
1804 }
1805
1806
nl80211_get_country(struct nl_msg * msg,void * arg)1807 static int nl80211_get_country(struct nl_msg *msg, void *arg)
1808 {
1809 char *alpha2 = arg;
1810 struct nlattr *tb_msg[NL80211_ATTR_MAX + 1];
1811 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
1812
1813 nla_parse(tb_msg, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
1814 genlmsg_attrlen(gnlh, 0), NULL);
1815 if (!tb_msg[NL80211_ATTR_REG_ALPHA2]) {
1816 wpa_printf(MSG_DEBUG, "nl80211: No country information available");
1817 return NL_SKIP;
1818 }
1819 os_strlcpy(alpha2, nla_data(tb_msg[NL80211_ATTR_REG_ALPHA2]), 3);
1820 return NL_SKIP;
1821 }
1822
1823
wpa_driver_nl80211_get_country(void * priv,char * alpha2)1824 static int wpa_driver_nl80211_get_country(void *priv, char *alpha2)
1825 {
1826 struct i802_bss *bss = priv;
1827 struct wpa_driver_nl80211_data *drv = bss->drv;
1828 struct nl_msg *msg;
1829 int ret;
1830
1831 msg = nlmsg_alloc();
1832 if (!msg)
1833 return -ENOMEM;
1834
1835 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_REG);
1836 alpha2[0] = '\0';
1837 ret = send_and_recv_msgs(drv, msg, nl80211_get_country, alpha2,
1838 NULL, NULL);
1839 if (!alpha2[0])
1840 ret = -1;
1841
1842 return ret;
1843 }
1844
1845
wpa_driver_nl80211_init_nl_global(struct nl80211_global * global)1846 static int wpa_driver_nl80211_init_nl_global(struct nl80211_global *global)
1847 {
1848 int ret;
1849
1850 global->nl_cb = nl_cb_alloc(NL_CB_DEFAULT);
1851 if (global->nl_cb == NULL) {
1852 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate netlink "
1853 "callbacks");
1854 return -1;
1855 }
1856
1857 global->nl = nl_create_handle(global->nl_cb, "nl");
1858 if (global->nl == NULL)
1859 goto err;
1860
1861 global->nl80211_id = genl_ctrl_resolve(global->nl, "nl80211");
1862 if (global->nl80211_id < 0) {
1863 wpa_printf(MSG_ERROR, "nl80211: 'nl80211' generic netlink not "
1864 "found");
1865 goto err;
1866 }
1867
1868 global->nl_event = nl_create_handle(global->nl_cb, "event");
1869 if (global->nl_event == NULL)
1870 goto err;
1871
1872 ret = nl_get_multicast_id(global, "nl80211", "scan");
1873 if (ret >= 0)
1874 ret = nl_socket_add_membership(global->nl_event, ret);
1875 if (ret < 0) {
1876 wpa_printf(MSG_ERROR, "nl80211: Could not add multicast "
1877 "membership for scan events: %d (%s)",
1878 ret, nl_geterror(ret));
1879 goto err;
1880 }
1881
1882 ret = nl_get_multicast_id(global, "nl80211", "mlme");
1883 if (ret >= 0)
1884 ret = nl_socket_add_membership(global->nl_event, ret);
1885 if (ret < 0) {
1886 wpa_printf(MSG_ERROR, "nl80211: Could not add multicast "
1887 "membership for mlme events: %d (%s)",
1888 ret, nl_geterror(ret));
1889 goto err;
1890 }
1891
1892 ret = nl_get_multicast_id(global, "nl80211", "regulatory");
1893 if (ret >= 0)
1894 ret = nl_socket_add_membership(global->nl_event, ret);
1895 if (ret < 0) {
1896 wpa_printf(MSG_DEBUG, "nl80211: Could not add multicast "
1897 "membership for regulatory events: %d (%s)",
1898 ret, nl_geterror(ret));
1899 /* Continue without regulatory events */
1900 }
1901
1902 ret = nl_get_multicast_id(global, "nl80211", "vendor");
1903 if (ret >= 0)
1904 ret = nl_socket_add_membership(global->nl_event, ret);
1905 if (ret < 0) {
1906 wpa_printf(MSG_DEBUG, "nl80211: Could not add multicast "
1907 "membership for vendor events: %d (%s)",
1908 ret, nl_geterror(ret));
1909 /* Continue without vendor events */
1910 }
1911
1912 nl_cb_set(global->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM,
1913 no_seq_check, NULL);
1914 nl_cb_set(global->nl_cb, NL_CB_VALID, NL_CB_CUSTOM,
1915 process_global_event, global);
1916
1917 nl80211_register_eloop_read(&global->nl_event,
1918 wpa_driver_nl80211_event_receive,
1919 global->nl_cb, 0);
1920
1921 return 0;
1922
1923 err:
1924 nl_destroy_handles(&global->nl_event);
1925 nl_destroy_handles(&global->nl);
1926 nl_cb_put(global->nl_cb);
1927 global->nl_cb = NULL;
1928 return -1;
1929 }
1930
1931
nl80211_check_global(struct nl80211_global * global)1932 static void nl80211_check_global(struct nl80211_global *global)
1933 {
1934 struct nl_sock *handle;
1935 const char *groups[] = { "scan", "mlme", "regulatory", "vendor", NULL };
1936 int ret;
1937 unsigned int i;
1938
1939 /*
1940 * Try to re-add memberships to handle case of cfg80211 getting reloaded
1941 * and all registration having been cleared.
1942 */
1943 handle = (void *) (((intptr_t) global->nl_event) ^
1944 ELOOP_SOCKET_INVALID);
1945
1946 for (i = 0; groups[i]; i++) {
1947 ret = nl_get_multicast_id(global, "nl80211", groups[i]);
1948 if (ret >= 0)
1949 ret = nl_socket_add_membership(handle, ret);
1950 if (ret < 0) {
1951 wpa_printf(MSG_INFO,
1952 "nl80211: Could not re-add multicast membership for %s events: %d (%s)",
1953 groups[i], ret, nl_geterror(ret));
1954 }
1955 }
1956 }
1957
1958
wpa_driver_nl80211_rfkill_blocked(void * ctx)1959 static void wpa_driver_nl80211_rfkill_blocked(void *ctx)
1960 {
1961 struct wpa_driver_nl80211_data *drv = ctx;
1962
1963 wpa_printf(MSG_DEBUG, "nl80211: RFKILL blocked");
1964
1965 /*
1966 * rtnetlink ifdown handler will report interfaces other than the P2P
1967 * Device interface as disabled.
1968 */
1969 if (drv->nlmode == NL80211_IFTYPE_P2P_DEVICE)
1970 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_DISABLED, NULL);
1971 }
1972
1973
wpa_driver_nl80211_rfkill_unblocked(void * ctx)1974 static void wpa_driver_nl80211_rfkill_unblocked(void *ctx)
1975 {
1976 struct wpa_driver_nl80211_data *drv = ctx;
1977 wpa_printf(MSG_DEBUG, "nl80211: RFKILL unblocked");
1978 if (i802_set_iface_flags(drv->first_bss, 1)) {
1979 wpa_printf(MSG_DEBUG, "nl80211: Could not set interface UP "
1980 "after rfkill unblock");
1981 return;
1982 }
1983
1984 if (is_p2p_net_interface(drv->nlmode))
1985 nl80211_disable_11b_rates(drv, drv->ifindex, 1);
1986
1987 /*
1988 * rtnetlink ifup handler will report interfaces other than the P2P
1989 * Device interface as enabled.
1990 */
1991 if (drv->nlmode == NL80211_IFTYPE_P2P_DEVICE)
1992 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_ENABLED, NULL);
1993 }
1994
1995
wpa_driver_nl80211_handle_eapol_tx_status(int sock,void * eloop_ctx,void * handle)1996 static void wpa_driver_nl80211_handle_eapol_tx_status(int sock,
1997 void *eloop_ctx,
1998 void *handle)
1999 {
2000 struct wpa_driver_nl80211_data *drv = eloop_ctx;
2001 u8 data[2048];
2002 struct msghdr msg;
2003 struct iovec entry;
2004 u8 control[512];
2005 struct cmsghdr *cmsg;
2006 int res, found_ee = 0, found_wifi = 0, acked = 0;
2007 union wpa_event_data event;
2008
2009 memset(&msg, 0, sizeof(msg));
2010 msg.msg_iov = &entry;
2011 msg.msg_iovlen = 1;
2012 entry.iov_base = data;
2013 entry.iov_len = sizeof(data);
2014 msg.msg_control = &control;
2015 msg.msg_controllen = sizeof(control);
2016
2017 res = recvmsg(sock, &msg, MSG_ERRQUEUE);
2018 /* if error or not fitting 802.3 header, return */
2019 if (res < 14)
2020 return;
2021
2022 for (cmsg = CMSG_FIRSTHDR(&msg); cmsg; cmsg = CMSG_NXTHDR(&msg, cmsg))
2023 {
2024 if (cmsg->cmsg_level == SOL_SOCKET &&
2025 cmsg->cmsg_type == SCM_WIFI_STATUS) {
2026 int *ack;
2027
2028 found_wifi = 1;
2029 ack = (void *)CMSG_DATA(cmsg);
2030 acked = *ack;
2031 }
2032
2033 if (cmsg->cmsg_level == SOL_PACKET &&
2034 cmsg->cmsg_type == PACKET_TX_TIMESTAMP) {
2035 struct sock_extended_err *err =
2036 (struct sock_extended_err *)CMSG_DATA(cmsg);
2037
2038 if (err->ee_origin == SO_EE_ORIGIN_TXSTATUS)
2039 found_ee = 1;
2040 }
2041 }
2042
2043 if (!found_ee || !found_wifi)
2044 return;
2045
2046 memset(&event, 0, sizeof(event));
2047 event.eapol_tx_status.dst = data;
2048 event.eapol_tx_status.data = data + 14;
2049 event.eapol_tx_status.data_len = res - 14;
2050 event.eapol_tx_status.ack = acked;
2051 wpa_supplicant_event(drv->ctx, EVENT_EAPOL_TX_STATUS, &event);
2052 }
2053
2054
nl80211_init_connect_handle(struct i802_bss * bss)2055 static int nl80211_init_connect_handle(struct i802_bss *bss)
2056 {
2057 if (bss->nl_connect) {
2058 wpa_printf(MSG_DEBUG,
2059 "nl80211: Connect handle already created (nl_connect=%p)",
2060 bss->nl_connect);
2061 return -1;
2062 }
2063
2064 bss->nl_connect = nl_create_handle(bss->nl_cb, "connect");
2065 if (!bss->nl_connect)
2066 return -1;
2067 nl80211_register_eloop_read(&bss->nl_connect,
2068 wpa_driver_nl80211_event_receive,
2069 bss->nl_cb, 1);
2070 return 0;
2071 }
2072
2073
nl80211_init_bss(struct i802_bss * bss)2074 static int nl80211_init_bss(struct i802_bss *bss)
2075 {
2076 bss->nl_cb = nl_cb_alloc(NL_CB_DEFAULT);
2077 if (!bss->nl_cb)
2078 return -1;
2079
2080 nl_cb_set(bss->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM,
2081 no_seq_check, NULL);
2082 nl_cb_set(bss->nl_cb, NL_CB_VALID, NL_CB_CUSTOM,
2083 process_bss_event, bss);
2084
2085 nl80211_init_connect_handle(bss);
2086
2087 return 0;
2088 }
2089
2090
nl80211_destroy_bss(struct i802_bss * bss)2091 static void nl80211_destroy_bss(struct i802_bss *bss)
2092 {
2093 nl_cb_put(bss->nl_cb);
2094 bss->nl_cb = NULL;
2095
2096 if (bss->nl_connect)
2097 nl80211_destroy_eloop_handle(&bss->nl_connect, 1);
2098 }
2099
2100
2101 static void
wpa_driver_nl80211_drv_init_rfkill(struct wpa_driver_nl80211_data * drv)2102 wpa_driver_nl80211_drv_init_rfkill(struct wpa_driver_nl80211_data *drv)
2103 {
2104 struct rfkill_config *rcfg;
2105
2106 if (drv->rfkill)
2107 return;
2108
2109 rcfg = os_zalloc(sizeof(*rcfg));
2110 if (!rcfg)
2111 return;
2112
2113 rcfg->ctx = drv;
2114
2115 /* rfkill uses netdev sysfs for initialization. However, P2P Device is
2116 * not associated with a netdev, so use the name of some other interface
2117 * sharing the same wiphy as the P2P Device interface.
2118 *
2119 * Note: This is valid, as a P2P Device interface is always dynamically
2120 * created and is created only once another wpa_s interface was added.
2121 */
2122 if (drv->nlmode == NL80211_IFTYPE_P2P_DEVICE) {
2123 struct nl80211_global *global = drv->global;
2124 struct wpa_driver_nl80211_data *tmp1;
2125
2126 dl_list_for_each(tmp1, &global->interfaces,
2127 struct wpa_driver_nl80211_data, list) {
2128 if (drv == tmp1 || drv->wiphy_idx != tmp1->wiphy_idx ||
2129 !tmp1->rfkill)
2130 continue;
2131
2132 wpa_printf(MSG_DEBUG,
2133 "nl80211: Use (%s) to initialize P2P Device rfkill",
2134 tmp1->first_bss->ifname);
2135 os_strlcpy(rcfg->ifname, tmp1->first_bss->ifname,
2136 sizeof(rcfg->ifname));
2137 break;
2138 }
2139 } else {
2140 os_strlcpy(rcfg->ifname, drv->first_bss->ifname,
2141 sizeof(rcfg->ifname));
2142 }
2143
2144 rcfg->blocked_cb = wpa_driver_nl80211_rfkill_blocked;
2145 rcfg->unblocked_cb = wpa_driver_nl80211_rfkill_unblocked;
2146 drv->rfkill = rfkill_init(rcfg);
2147 if (!drv->rfkill) {
2148 wpa_printf(MSG_DEBUG, "nl80211: RFKILL status not available");
2149 os_free(rcfg);
2150 }
2151 }
2152
2153
wpa_driver_nl80211_drv_init(void * ctx,const char * ifname,void * global_priv,int hostapd,const u8 * set_addr,const char * driver_params)2154 static void * wpa_driver_nl80211_drv_init(void *ctx, const char *ifname,
2155 void *global_priv, int hostapd,
2156 const u8 *set_addr,
2157 const char *driver_params)
2158 {
2159 struct wpa_driver_nl80211_data *drv;
2160 struct i802_bss *bss;
2161
2162 if (global_priv == NULL)
2163 return NULL;
2164 drv = os_zalloc(sizeof(*drv));
2165 if (drv == NULL)
2166 return NULL;
2167 drv->global = global_priv;
2168 drv->ctx = ctx;
2169 drv->hostapd = !!hostapd;
2170 drv->eapol_sock = -1;
2171
2172 /*
2173 * There is no driver capability flag for this, so assume it is
2174 * supported and disable this on first attempt to use if the driver
2175 * rejects the command due to missing support.
2176 */
2177 drv->set_rekey_offload = 1;
2178
2179 drv->num_if_indices = ARRAY_SIZE(drv->default_if_indices);
2180 drv->if_indices = drv->default_if_indices;
2181
2182 drv->first_bss = os_zalloc(sizeof(*drv->first_bss));
2183 if (!drv->first_bss) {
2184 os_free(drv);
2185 return NULL;
2186 }
2187 bss = drv->first_bss;
2188 bss->drv = drv;
2189 bss->ctx = ctx;
2190
2191 os_strlcpy(bss->ifname, ifname, sizeof(bss->ifname));
2192 drv->monitor_ifidx = -1;
2193 drv->monitor_sock = -1;
2194 drv->eapol_tx_sock = -1;
2195 drv->ap_scan_as_station = NL80211_IFTYPE_UNSPECIFIED;
2196
2197 if (nl80211_init_bss(bss))
2198 goto failed;
2199
2200 if (wpa_driver_nl80211_finish_drv_init(drv, set_addr, 1, driver_params))
2201 goto failed;
2202
2203 if (drv->capa.flags2 & WPA_DRIVER_FLAGS2_CONTROL_PORT_TX_STATUS) {
2204 drv->control_port_ap = 1;
2205 goto skip_wifi_status;
2206 }
2207
2208 drv->eapol_tx_sock = socket(PF_PACKET, SOCK_DGRAM, 0);
2209 if (drv->eapol_tx_sock < 0)
2210 goto failed;
2211
2212 if (drv->data_tx_status) {
2213 int enabled = 1;
2214
2215 if (setsockopt(drv->eapol_tx_sock, SOL_SOCKET, SO_WIFI_STATUS,
2216 &enabled, sizeof(enabled)) < 0) {
2217 wpa_printf(MSG_DEBUG,
2218 "nl80211: wifi status sockopt failed: %s",
2219 strerror(errno));
2220 drv->data_tx_status = 0;
2221 if (!drv->use_monitor)
2222 drv->capa.flags &=
2223 ~WPA_DRIVER_FLAGS_EAPOL_TX_STATUS;
2224 } else {
2225 eloop_register_read_sock(
2226 drv->eapol_tx_sock,
2227 wpa_driver_nl80211_handle_eapol_tx_status,
2228 drv, NULL);
2229 }
2230 }
2231 skip_wifi_status:
2232
2233 if (drv->global) {
2234 nl80211_check_global(drv->global);
2235 dl_list_add(&drv->global->interfaces, &drv->list);
2236 drv->in_interface_list = 1;
2237 }
2238
2239 return bss;
2240
2241 failed:
2242 wpa_driver_nl80211_deinit(bss);
2243 return NULL;
2244 }
2245
2246
2247 /**
2248 * wpa_driver_nl80211_init - Initialize nl80211 driver interface
2249 * @ctx: context to be used when calling wpa_supplicant functions,
2250 * e.g., wpa_supplicant_event()
2251 * @ifname: interface name, e.g., wlan0
2252 * @global_priv: private driver global data from global_init()
2253 * Returns: Pointer to private data, %NULL on failure
2254 */
wpa_driver_nl80211_init(void * ctx,const char * ifname,void * global_priv)2255 static void * wpa_driver_nl80211_init(void *ctx, const char *ifname,
2256 void *global_priv)
2257 {
2258 return wpa_driver_nl80211_drv_init(ctx, ifname, global_priv, 0, NULL,
2259 NULL);
2260 }
2261
2262
nl80211_register_frame(struct i802_bss * bss,struct nl_sock * nl_handle,u16 type,const u8 * match,size_t match_len,bool multicast)2263 static int nl80211_register_frame(struct i802_bss *bss,
2264 struct nl_sock *nl_handle,
2265 u16 type, const u8 *match, size_t match_len,
2266 bool multicast)
2267 {
2268 struct wpa_driver_nl80211_data *drv = bss->drv;
2269 struct nl_msg *msg;
2270 int ret;
2271 char buf[30];
2272
2273 buf[0] = '\0';
2274 wpa_snprintf_hex(buf, sizeof(buf), match, match_len);
2275 wpa_printf(MSG_DEBUG,
2276 "nl80211: Register frame type=0x%x (%s) nl_handle=%p match=%s multicast=%d",
2277 type, fc2str(type), nl_handle, buf, multicast);
2278
2279 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_REGISTER_FRAME)) ||
2280 (multicast && nla_put_flag(msg, NL80211_ATTR_RECEIVE_MULTICAST)) ||
2281 nla_put_u16(msg, NL80211_ATTR_FRAME_TYPE, type) ||
2282 nla_put(msg, NL80211_ATTR_FRAME_MATCH, match_len, match)) {
2283 nlmsg_free(msg);
2284 return -1;
2285 }
2286
2287 ret = send_and_recv(drv->global, nl_handle, msg, NULL, NULL,
2288 NULL, NULL);
2289 if (ret) {
2290 wpa_printf(MSG_DEBUG, "nl80211: Register frame command "
2291 "failed (type=%u): ret=%d (%s)",
2292 type, ret, strerror(-ret));
2293 wpa_hexdump(MSG_DEBUG, "nl80211: Register frame match",
2294 match, match_len);
2295 }
2296 return ret;
2297 }
2298
2299
nl80211_alloc_mgmt_handle(struct i802_bss * bss)2300 static int nl80211_alloc_mgmt_handle(struct i802_bss *bss)
2301 {
2302 if (bss->nl_mgmt) {
2303 wpa_printf(MSG_DEBUG, "nl80211: Mgmt reporting "
2304 "already on! (nl_mgmt=%p)", bss->nl_mgmt);
2305 return -1;
2306 }
2307
2308 bss->nl_mgmt = nl_create_handle(bss->nl_cb, "mgmt");
2309 if (bss->nl_mgmt == NULL)
2310 return -1;
2311
2312 return 0;
2313 }
2314
2315
nl80211_mgmt_handle_register_eloop(struct i802_bss * bss)2316 static void nl80211_mgmt_handle_register_eloop(struct i802_bss *bss)
2317 {
2318 nl80211_register_eloop_read(&bss->nl_mgmt,
2319 wpa_driver_nl80211_event_receive,
2320 bss->nl_cb, 0);
2321 }
2322
2323
nl80211_register_action_frame(struct i802_bss * bss,const u8 * match,size_t match_len)2324 static int nl80211_register_action_frame(struct i802_bss *bss,
2325 const u8 *match, size_t match_len)
2326 {
2327 u16 type = (WLAN_FC_TYPE_MGMT << 2) | (WLAN_FC_STYPE_ACTION << 4);
2328 return nl80211_register_frame(bss, bss->nl_mgmt,
2329 type, match, match_len, false);
2330 }
2331
2332
nl80211_mgmt_subscribe_non_ap(struct i802_bss * bss)2333 static int nl80211_mgmt_subscribe_non_ap(struct i802_bss *bss)
2334 {
2335 struct wpa_driver_nl80211_data *drv = bss->drv;
2336 u16 type = (WLAN_FC_TYPE_MGMT << 2) | (WLAN_FC_STYPE_AUTH << 4);
2337 int ret = 0;
2338
2339 if (nl80211_alloc_mgmt_handle(bss))
2340 return -1;
2341 wpa_printf(MSG_DEBUG, "nl80211: Subscribe to mgmt frames with non-AP "
2342 "handle %p", bss->nl_mgmt);
2343
2344 if (drv->nlmode == NL80211_IFTYPE_ADHOC) {
2345 /* register for any AUTH message */
2346 nl80211_register_frame(bss, bss->nl_mgmt, type, NULL, 0, false);
2347 } else if ((drv->capa.flags & WPA_DRIVER_FLAGS_SAE) &&
2348 !(drv->capa.flags & WPA_DRIVER_FLAGS_SME)) {
2349 /* register for SAE Authentication frames */
2350 nl80211_register_frame(bss, bss->nl_mgmt, type,
2351 (u8 *) "\x03\x00", 2, false);
2352 }
2353
2354 #ifdef CONFIG_PASN
2355 /* register for PASN Authentication frames */
2356 if ((drv->capa.flags & WPA_DRIVER_FLAGS_SME) &&
2357 nl80211_register_frame(bss, bss->nl_mgmt, type,
2358 (u8 *) "\x07\x00", 2, false))
2359 ret = -1;
2360 #endif /* CONFIG_PASN */
2361
2362 #ifdef CONFIG_INTERWORKING
2363 /* QoS Map Configure */
2364 if (nl80211_register_action_frame(bss, (u8 *) "\x01\x04", 2) < 0)
2365 ret = -1;
2366 #endif /* CONFIG_INTERWORKING */
2367 #if defined(CONFIG_P2P) || defined(CONFIG_INTERWORKING) || defined(CONFIG_DPP)
2368 /* GAS Initial Request */
2369 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0a", 2) < 0)
2370 ret = -1;
2371 /* GAS Initial Response */
2372 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0b", 2) < 0)
2373 ret = -1;
2374 /* GAS Comeback Request */
2375 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0c", 2) < 0)
2376 ret = -1;
2377 /* GAS Comeback Response */
2378 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0d", 2) < 0)
2379 ret = -1;
2380 /* Protected GAS Initial Request */
2381 if (nl80211_register_action_frame(bss, (u8 *) "\x09\x0a", 2) < 0)
2382 ret = -1;
2383 /* Protected GAS Initial Response */
2384 if (nl80211_register_action_frame(bss, (u8 *) "\x09\x0b", 2) < 0)
2385 ret = -1;
2386 /* Protected GAS Comeback Request */
2387 if (nl80211_register_action_frame(bss, (u8 *) "\x09\x0c", 2) < 0)
2388 ret = -1;
2389 /* Protected GAS Comeback Response */
2390 if (nl80211_register_action_frame(bss, (u8 *) "\x09\x0d", 2) < 0)
2391 ret = -1;
2392 #endif /* CONFIG_P2P || CONFIG_INTERWORKING || CONFIG_DPP */
2393 #ifdef CONFIG_P2P
2394 /* P2P Public Action */
2395 if (nl80211_register_action_frame(bss,
2396 (u8 *) "\x04\x09\x50\x6f\x9a\x09",
2397 6) < 0)
2398 ret = -1;
2399 /* P2P Action */
2400 if (nl80211_register_action_frame(bss,
2401 (u8 *) "\x7f\x50\x6f\x9a\x09",
2402 5) < 0)
2403 ret = -1;
2404 #endif /* CONFIG_P2P */
2405 #ifdef CONFIG_DPP
2406 /* DPP Public Action */
2407 if (nl80211_register_action_frame(bss,
2408 (u8 *) "\x04\x09\x50\x6f\x9a\x1a",
2409 6) < 0)
2410 ret = -1;
2411 #endif /* CONFIG_DPP */
2412 #ifdef CONFIG_OCV
2413 /* SA Query Request */
2414 if (nl80211_register_action_frame(bss, (u8 *) "\x08\x00", 2) < 0)
2415 ret = -1;
2416 #endif /* CONFIG_OCV */
2417 /* SA Query Response */
2418 if (nl80211_register_action_frame(bss, (u8 *) "\x08\x01", 2) < 0)
2419 ret = -1;
2420 #ifdef CONFIG_TDLS
2421 if ((drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT)) {
2422 /* TDLS Discovery Response */
2423 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0e", 2) <
2424 0)
2425 ret = -1;
2426 }
2427 #endif /* CONFIG_TDLS */
2428 #ifdef CONFIG_FST
2429 /* FST Action frames */
2430 if (nl80211_register_action_frame(bss, (u8 *) "\x12", 1) < 0)
2431 ret = -1;
2432 #endif /* CONFIG_FST */
2433
2434 /* FT Action frames */
2435 if (nl80211_register_action_frame(bss, (u8 *) "\x06", 1) < 0)
2436 ret = -1;
2437 else if (!drv->has_driver_key_mgmt) {
2438 int i;
2439
2440 /* Update supported AKMs only if the driver doesn't advertize
2441 * any AKM capabilities. */
2442 drv->capa.key_mgmt |= WPA_DRIVER_CAPA_KEY_MGMT_FT |
2443 WPA_DRIVER_CAPA_KEY_MGMT_FT_PSK;
2444
2445 /* Update per interface supported AKMs */
2446 for (i = 0; i < WPA_IF_MAX; i++)
2447 drv->capa.key_mgmt_iftype[i] = drv->capa.key_mgmt;
2448 }
2449
2450 /* WNM - BSS Transition Management Request */
2451 if (nl80211_register_action_frame(bss, (u8 *) "\x0a\x07", 2) < 0)
2452 ret = -1;
2453 /* WNM-Sleep Mode Response */
2454 if (nl80211_register_action_frame(bss, (u8 *) "\x0a\x11", 2) < 0)
2455 ret = -1;
2456 #ifdef CONFIG_WNM
2457 /* WNM - Collocated Interference Request */
2458 if (nl80211_register_action_frame(bss, (u8 *) "\x0a\x0b", 2) < 0)
2459 ret = -1;
2460 #endif /* CONFIG_WNM */
2461
2462 #ifdef CONFIG_HS20
2463 /* WNM-Notification */
2464 if (nl80211_register_action_frame(bss, (u8 *) "\x0a\x1a", 2) < 0)
2465 ret = -1;
2466 #endif /* CONFIG_HS20 */
2467
2468 /* WMM-AC ADDTS Response */
2469 if (nl80211_register_action_frame(bss, (u8 *) "\x11\x01", 2) < 0)
2470 ret = -1;
2471
2472 /* WMM-AC DELTS */
2473 if (nl80211_register_action_frame(bss, (u8 *) "\x11\x02", 2) < 0)
2474 ret = -1;
2475
2476 /* Radio Measurement - Neighbor Report Response */
2477 if (nl80211_register_action_frame(bss, (u8 *) "\x05\x05", 2) < 0)
2478 ret = -1;
2479
2480 /* Radio Measurement - Radio Measurement Request */
2481 if (!drv->no_rrm &&
2482 nl80211_register_action_frame(bss, (u8 *) "\x05\x00", 2) < 0)
2483 ret = -1;
2484
2485 /* Radio Measurement - Link Measurement Request */
2486 if ((drv->capa.rrm_flags & WPA_DRIVER_FLAGS_TX_POWER_INSERTION) &&
2487 (nl80211_register_action_frame(bss, (u8 *) "\x05\x02", 2) < 0))
2488 ret = -1;
2489
2490 /* Robust AV MSCS Response */
2491 if (nl80211_register_action_frame(bss, (u8 *) "\x13\x05", 2) < 0)
2492 ret = -1;
2493
2494 nl80211_mgmt_handle_register_eloop(bss);
2495
2496 return ret;
2497 }
2498
2499
nl80211_mgmt_subscribe_mesh(struct i802_bss * bss)2500 static int nl80211_mgmt_subscribe_mesh(struct i802_bss *bss)
2501 {
2502 int ret = 0;
2503
2504 if (nl80211_alloc_mgmt_handle(bss))
2505 return -1;
2506
2507 wpa_printf(MSG_DEBUG,
2508 "nl80211: Subscribe to mgmt frames with mesh handle %p",
2509 bss->nl_mgmt);
2510
2511 /* Auth frames for mesh SAE */
2512 if (nl80211_register_frame(bss, bss->nl_mgmt,
2513 (WLAN_FC_TYPE_MGMT << 2) |
2514 (WLAN_FC_STYPE_AUTH << 4),
2515 NULL, 0, false) < 0)
2516 ret = -1;
2517
2518 /* Mesh peering open */
2519 if (nl80211_register_action_frame(bss, (u8 *) "\x0f\x01", 2) < 0)
2520 ret = -1;
2521 /* Mesh peering confirm */
2522 if (nl80211_register_action_frame(bss, (u8 *) "\x0f\x02", 2) < 0)
2523 ret = -1;
2524 /* Mesh peering close */
2525 if (nl80211_register_action_frame(bss, (u8 *) "\x0f\x03", 2) < 0)
2526 ret = -1;
2527
2528 nl80211_mgmt_handle_register_eloop(bss);
2529
2530 return ret;
2531 }
2532
2533
nl80211_register_spurious_class3(struct i802_bss * bss)2534 static int nl80211_register_spurious_class3(struct i802_bss *bss)
2535 {
2536 struct nl_msg *msg;
2537 int ret;
2538
2539 msg = nl80211_bss_msg(bss, 0, NL80211_CMD_UNEXPECTED_FRAME);
2540 ret = send_and_recv(bss->drv->global, bss->nl_mgmt, msg, NULL, NULL,
2541 NULL, NULL);
2542 if (ret) {
2543 wpa_printf(MSG_DEBUG, "nl80211: Register spurious class3 "
2544 "failed: ret=%d (%s)",
2545 ret, strerror(-ret));
2546 }
2547 return ret;
2548 }
2549
2550
nl80211_action_subscribe_ap(struct i802_bss * bss)2551 static int nl80211_action_subscribe_ap(struct i802_bss *bss)
2552 {
2553 int ret = 0;
2554
2555 /* Public Action frames */
2556 if (nl80211_register_action_frame(bss, (u8 *) "\x04", 1) < 0)
2557 ret = -1;
2558 /* RRM Measurement Report */
2559 if (nl80211_register_action_frame(bss, (u8 *) "\x05\x01", 2) < 0)
2560 ret = -1;
2561 /* RRM Link Measurement Report */
2562 if (nl80211_register_action_frame(bss, (u8 *) "\x05\x03", 2) < 0)
2563 ret = -1;
2564 /* RRM Neighbor Report Request */
2565 if (nl80211_register_action_frame(bss, (u8 *) "\x05\x04", 2) < 0)
2566 ret = -1;
2567 /* FT Action frames */
2568 if (nl80211_register_action_frame(bss, (u8 *) "\x06", 1) < 0)
2569 ret = -1;
2570 /* SA Query */
2571 if (nl80211_register_action_frame(bss, (u8 *) "\x08", 1) < 0)
2572 ret = -1;
2573 /* Protected Dual of Public Action */
2574 if (nl80211_register_action_frame(bss, (u8 *) "\x09", 1) < 0)
2575 ret = -1;
2576 /* WNM */
2577 if (nl80211_register_action_frame(bss, (u8 *) "\x0a", 1) < 0)
2578 ret = -1;
2579 /* WMM */
2580 if (nl80211_register_action_frame(bss, (u8 *) "\x11", 1) < 0)
2581 ret = -1;
2582 #ifdef CONFIG_FST
2583 /* FST Action frames */
2584 if (nl80211_register_action_frame(bss, (u8 *) "\x12", 1) < 0)
2585 ret = -1;
2586 #endif /* CONFIG_FST */
2587 /* Vendor-specific */
2588 if (nl80211_register_action_frame(bss, (u8 *) "\x7f", 1) < 0)
2589 ret = -1;
2590
2591 return ret;
2592 }
2593
2594
nl80211_mgmt_subscribe_ap(struct i802_bss * bss)2595 static int nl80211_mgmt_subscribe_ap(struct i802_bss *bss)
2596 {
2597 static const int stypes[] = {
2598 WLAN_FC_STYPE_AUTH,
2599 WLAN_FC_STYPE_ASSOC_REQ,
2600 WLAN_FC_STYPE_REASSOC_REQ,
2601 WLAN_FC_STYPE_DISASSOC,
2602 WLAN_FC_STYPE_DEAUTH,
2603 WLAN_FC_STYPE_PROBE_REQ,
2604 /* Beacon doesn't work as mac80211 doesn't currently allow
2605 * it, but it wouldn't really be the right thing anyway as
2606 * it isn't per interface ... maybe just dump the scan
2607 * results periodically for OLBC?
2608 */
2609 /* WLAN_FC_STYPE_BEACON, */
2610 };
2611 unsigned int i;
2612
2613 if (nl80211_alloc_mgmt_handle(bss))
2614 return -1;
2615 wpa_printf(MSG_DEBUG, "nl80211: Subscribe to mgmt frames with AP "
2616 "handle %p", bss->nl_mgmt);
2617
2618 for (i = 0; i < ARRAY_SIZE(stypes); i++) {
2619 if (nl80211_register_frame(bss, bss->nl_mgmt,
2620 (WLAN_FC_TYPE_MGMT << 2) |
2621 (stypes[i] << 4),
2622 NULL, 0, false) < 0) {
2623 goto out_err;
2624 }
2625 }
2626
2627 if (nl80211_action_subscribe_ap(bss))
2628 goto out_err;
2629
2630 if (nl80211_register_spurious_class3(bss))
2631 goto out_err;
2632
2633 nl80211_mgmt_handle_register_eloop(bss);
2634 return 0;
2635
2636 out_err:
2637 nl_destroy_handles(&bss->nl_mgmt);
2638 return -1;
2639 }
2640
2641
nl80211_mgmt_subscribe_ap_dev_sme(struct i802_bss * bss)2642 static int nl80211_mgmt_subscribe_ap_dev_sme(struct i802_bss *bss)
2643 {
2644 if (nl80211_alloc_mgmt_handle(bss))
2645 return -1;
2646 wpa_printf(MSG_DEBUG, "nl80211: Subscribe to mgmt frames with AP "
2647 "handle %p (device SME)", bss->nl_mgmt);
2648
2649 if (nl80211_action_subscribe_ap(bss))
2650 goto out_err;
2651
2652 if (bss->drv->device_ap_sme) {
2653 u16 type = (WLAN_FC_TYPE_MGMT << 2) | (WLAN_FC_STYPE_AUTH << 4);
2654
2655 /* Register for all Authentication frames */
2656 if (nl80211_register_frame(bss, bss->nl_mgmt, type, NULL, 0,
2657 false) < 0)
2658 wpa_printf(MSG_DEBUG,
2659 "nl80211: Failed to subscribe to handle Authentication frames - SAE offload may not work");
2660 }
2661
2662 nl80211_mgmt_handle_register_eloop(bss);
2663 return 0;
2664
2665 out_err:
2666 nl_destroy_handles(&bss->nl_mgmt);
2667 return -1;
2668 }
2669
2670
nl80211_mgmt_unsubscribe(struct i802_bss * bss,const char * reason)2671 static void nl80211_mgmt_unsubscribe(struct i802_bss *bss, const char *reason)
2672 {
2673 if (bss->nl_mgmt == NULL)
2674 return;
2675 wpa_printf(MSG_DEBUG, "nl80211: Unsubscribe mgmt frames handle %p "
2676 "(%s)", bss->nl_mgmt, reason);
2677 nl80211_destroy_eloop_handle(&bss->nl_mgmt, 0);
2678
2679 nl80211_put_wiphy_data_ap(bss);
2680 }
2681
2682
wpa_driver_nl80211_send_rfkill(void * eloop_ctx,void * timeout_ctx)2683 static void wpa_driver_nl80211_send_rfkill(void *eloop_ctx, void *timeout_ctx)
2684 {
2685 wpa_supplicant_event(timeout_ctx, EVENT_INTERFACE_DISABLED, NULL);
2686 }
2687
2688
nl80211_del_p2pdev(struct i802_bss * bss)2689 static void nl80211_del_p2pdev(struct i802_bss *bss)
2690 {
2691 struct nl_msg *msg;
2692 int ret;
2693
2694 msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_DEL_INTERFACE);
2695 ret = send_and_recv_msgs(bss->drv, msg, NULL, NULL, NULL, NULL);
2696
2697 wpa_printf(MSG_DEBUG, "nl80211: Delete P2P Device %s (0x%llx): %s",
2698 bss->ifname, (long long unsigned int) bss->wdev_id,
2699 strerror(-ret));
2700 }
2701
2702
nl80211_set_p2pdev(struct i802_bss * bss,int start)2703 static int nl80211_set_p2pdev(struct i802_bss *bss, int start)
2704 {
2705 struct nl_msg *msg;
2706 int ret;
2707
2708 msg = nl80211_cmd_msg(bss, 0, start ? NL80211_CMD_START_P2P_DEVICE :
2709 NL80211_CMD_STOP_P2P_DEVICE);
2710 ret = send_and_recv_msgs(bss->drv, msg, NULL, NULL, NULL, NULL);
2711
2712 wpa_printf(MSG_DEBUG, "nl80211: %s P2P Device %s (0x%llx): %s",
2713 start ? "Start" : "Stop",
2714 bss->ifname, (long long unsigned int) bss->wdev_id,
2715 strerror(-ret));
2716 return ret;
2717 }
2718
2719
i802_set_iface_flags(struct i802_bss * bss,int up)2720 static int i802_set_iface_flags(struct i802_bss *bss, int up)
2721 {
2722 enum nl80211_iftype nlmode;
2723
2724 nlmode = nl80211_get_ifmode(bss);
2725 if (nlmode != NL80211_IFTYPE_P2P_DEVICE) {
2726 return linux_set_iface_flags(bss->drv->global->ioctl_sock,
2727 bss->ifname, up);
2728 }
2729
2730 /* P2P Device has start/stop which is equivalent */
2731 return nl80211_set_p2pdev(bss, up);
2732 }
2733
2734
2735 #ifdef CONFIG_TESTING_OPTIONS
qca_vendor_test_cmd_handler(struct nl_msg * msg,void * arg)2736 static int qca_vendor_test_cmd_handler(struct nl_msg *msg, void *arg)
2737 {
2738 /* struct wpa_driver_nl80211_data *drv = arg; */
2739 struct nlattr *tb[NL80211_ATTR_MAX + 1];
2740 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
2741
2742
2743 wpa_printf(MSG_DEBUG,
2744 "nl80211: QCA vendor test command response received");
2745
2746 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
2747 genlmsg_attrlen(gnlh, 0), NULL);
2748 if (!tb[NL80211_ATTR_VENDOR_DATA]) {
2749 wpa_printf(MSG_DEBUG, "nl80211: No vendor data attribute");
2750 return NL_SKIP;
2751 }
2752
2753 wpa_hexdump(MSG_DEBUG,
2754 "nl80211: Received QCA vendor test command response",
2755 nla_data(tb[NL80211_ATTR_VENDOR_DATA]),
2756 nla_len(tb[NL80211_ATTR_VENDOR_DATA]));
2757
2758 return NL_SKIP;
2759 }
2760 #endif /* CONFIG_TESTING_OPTIONS */
2761
2762
qca_vendor_test(struct wpa_driver_nl80211_data * drv)2763 static void qca_vendor_test(struct wpa_driver_nl80211_data *drv)
2764 {
2765 #ifdef CONFIG_TESTING_OPTIONS
2766 struct nl_msg *msg;
2767 struct nlattr *params;
2768 int ret;
2769
2770 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) ||
2771 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) ||
2772 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD,
2773 QCA_NL80211_VENDOR_SUBCMD_TEST) ||
2774 !(params = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) ||
2775 nla_put_u32(msg, QCA_WLAN_VENDOR_ATTR_TEST, 123)) {
2776 nlmsg_free(msg);
2777 return;
2778 }
2779 nla_nest_end(msg, params);
2780
2781 ret = send_and_recv_msgs(drv, msg, qca_vendor_test_cmd_handler, drv,
2782 NULL, NULL);
2783 wpa_printf(MSG_DEBUG,
2784 "nl80211: QCA vendor test command returned %d (%s)",
2785 ret, strerror(-ret));
2786 #endif /* CONFIG_TESTING_OPTIONS */
2787 }
2788
2789
2790 static int
wpa_driver_nl80211_finish_drv_init(struct wpa_driver_nl80211_data * drv,const u8 * set_addr,int first,const char * driver_params)2791 wpa_driver_nl80211_finish_drv_init(struct wpa_driver_nl80211_data *drv,
2792 const u8 *set_addr, int first,
2793 const char *driver_params)
2794 {
2795 struct i802_bss *bss = drv->first_bss;
2796 int send_rfkill_event = 0;
2797 enum nl80211_iftype nlmode;
2798
2799 drv->ifindex = if_nametoindex(bss->ifname);
2800 bss->ifindex = drv->ifindex;
2801 bss->wdev_id = drv->global->if_add_wdevid;
2802 bss->wdev_id_set = drv->global->if_add_wdevid_set;
2803
2804 bss->if_dynamic = drv->ifindex == drv->global->if_add_ifindex;
2805 bss->if_dynamic = bss->if_dynamic || drv->global->if_add_wdevid_set;
2806 drv->global->if_add_wdevid_set = 0;
2807
2808 if (!bss->if_dynamic && nl80211_get_ifmode(bss) == NL80211_IFTYPE_AP)
2809 bss->static_ap = 1;
2810
2811 if (first &&
2812 nl80211_get_ifmode(bss) != NL80211_IFTYPE_P2P_DEVICE &&
2813 linux_iface_up(drv->global->ioctl_sock, bss->ifname) > 0)
2814 drv->start_iface_up = 1;
2815
2816 if (wpa_driver_nl80211_capa(drv))
2817 return -1;
2818
2819 if (driver_params && nl80211_set_param(bss, driver_params) < 0)
2820 return -1;
2821
2822 wpa_printf(MSG_DEBUG, "nl80211: interface %s in phy %s",
2823 bss->ifname, drv->phyname);
2824
2825 if (set_addr &&
2826 (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 0) ||
2827 linux_set_ifhwaddr(drv->global->ioctl_sock, bss->ifname,
2828 set_addr)))
2829 return -1;
2830
2831 if (first && nl80211_get_ifmode(bss) == NL80211_IFTYPE_AP)
2832 drv->start_mode_ap = 1;
2833
2834 if (drv->hostapd || bss->static_ap)
2835 nlmode = NL80211_IFTYPE_AP;
2836 else if (bss->if_dynamic ||
2837 nl80211_get_ifmode(bss) == NL80211_IFTYPE_MESH_POINT)
2838 nlmode = nl80211_get_ifmode(bss);
2839 else
2840 nlmode = NL80211_IFTYPE_STATION;
2841
2842 if (wpa_driver_nl80211_set_mode(bss, nlmode) < 0) {
2843 wpa_printf(MSG_ERROR, "nl80211: Could not configure driver mode");
2844 return -1;
2845 }
2846
2847 if (nlmode == NL80211_IFTYPE_P2P_DEVICE)
2848 nl80211_get_macaddr(bss);
2849
2850 wpa_driver_nl80211_drv_init_rfkill(drv);
2851
2852 if (!rfkill_is_blocked(drv->rfkill)) {
2853 int ret = i802_set_iface_flags(bss, 1);
2854 if (ret) {
2855 wpa_printf(MSG_ERROR, "nl80211: Could not set "
2856 "interface '%s' UP", bss->ifname);
2857 return ret;
2858 }
2859
2860 if (is_p2p_net_interface(nlmode))
2861 nl80211_disable_11b_rates(bss->drv,
2862 bss->drv->ifindex, 1);
2863
2864 if (nlmode == NL80211_IFTYPE_P2P_DEVICE)
2865 return ret;
2866 } else {
2867 wpa_printf(MSG_DEBUG, "nl80211: Could not yet enable "
2868 "interface '%s' due to rfkill", bss->ifname);
2869 if (nlmode != NL80211_IFTYPE_P2P_DEVICE)
2870 drv->if_disabled = 1;
2871
2872 send_rfkill_event = 1;
2873 }
2874
2875 if (!drv->hostapd && nlmode != NL80211_IFTYPE_P2P_DEVICE)
2876 netlink_send_oper_ifla(drv->global->netlink, drv->ifindex,
2877 1, IF_OPER_DORMANT);
2878
2879 if (nlmode != NL80211_IFTYPE_P2P_DEVICE) {
2880 if (linux_get_ifhwaddr(drv->global->ioctl_sock, bss->ifname,
2881 bss->addr))
2882 return -1;
2883 os_memcpy(drv->perm_addr, bss->addr, ETH_ALEN);
2884 }
2885
2886 if (send_rfkill_event) {
2887 eloop_register_timeout(0, 0, wpa_driver_nl80211_send_rfkill,
2888 drv, drv->ctx);
2889 }
2890
2891 if (drv->vendor_cmd_test_avail)
2892 qca_vendor_test(drv);
2893
2894 return 0;
2895 }
2896
2897
wpa_driver_nl80211_del_beacon(struct i802_bss * bss)2898 static int wpa_driver_nl80211_del_beacon(struct i802_bss *bss)
2899 {
2900 struct nl_msg *msg;
2901 struct wpa_driver_nl80211_data *drv = bss->drv;
2902
2903 wpa_printf(MSG_DEBUG, "nl80211: Remove beacon (ifindex=%d)",
2904 drv->ifindex);
2905 nl80211_put_wiphy_data_ap(bss);
2906 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_DEL_BEACON);
2907 return send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
2908 }
2909
2910
2911 /**
2912 * wpa_driver_nl80211_deinit - Deinitialize nl80211 driver interface
2913 * @bss: Pointer to private nl80211 data from wpa_driver_nl80211_init()
2914 *
2915 * Shut down driver interface and processing of driver events. Free
2916 * private data buffer if one was allocated in wpa_driver_nl80211_init().
2917 */
wpa_driver_nl80211_deinit(struct i802_bss * bss)2918 static void wpa_driver_nl80211_deinit(struct i802_bss *bss)
2919 {
2920 struct wpa_driver_nl80211_data *drv = bss->drv;
2921 unsigned int i;
2922
2923 wpa_printf(MSG_INFO, "nl80211: deinit ifname=%s disabled_11b_rates=%d",
2924 bss->ifname, drv->disabled_11b_rates);
2925
2926 bss->in_deinit = 1;
2927 if (drv->data_tx_status)
2928 eloop_unregister_read_sock(drv->eapol_tx_sock);
2929 if (drv->eapol_tx_sock >= 0)
2930 close(drv->eapol_tx_sock);
2931
2932 if (bss->nl_preq)
2933 wpa_driver_nl80211_probe_req_report(bss, 0);
2934 if (bss->added_if_into_bridge) {
2935 if (linux_br_del_if(drv->global->ioctl_sock, bss->brname,
2936 bss->ifname) < 0)
2937 wpa_printf(MSG_INFO, "nl80211: Failed to remove "
2938 "interface %s from bridge %s: %s",
2939 bss->ifname, bss->brname, strerror(errno));
2940 }
2941
2942 if (drv->rtnl_sk)
2943 nl_socket_free(drv->rtnl_sk);
2944
2945 if (bss->added_bridge) {
2946 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->brname,
2947 0) < 0)
2948 wpa_printf(MSG_INFO,
2949 "nl80211: Could not set bridge %s down",
2950 bss->brname);
2951 if (linux_br_del(drv->global->ioctl_sock, bss->brname) < 0)
2952 wpa_printf(MSG_INFO, "nl80211: Failed to remove "
2953 "bridge %s: %s",
2954 bss->brname, strerror(errno));
2955 }
2956
2957 nl80211_remove_monitor_interface(drv);
2958
2959 if (is_ap_interface(drv->nlmode))
2960 wpa_driver_nl80211_del_beacon(bss);
2961
2962 if (drv->eapol_sock >= 0) {
2963 eloop_unregister_read_sock(drv->eapol_sock);
2964 close(drv->eapol_sock);
2965 }
2966
2967 if (drv->if_indices != drv->default_if_indices)
2968 os_free(drv->if_indices);
2969
2970 if (drv->disabled_11b_rates)
2971 nl80211_disable_11b_rates(drv, drv->ifindex, 0);
2972
2973 netlink_send_oper_ifla(drv->global->netlink, drv->ifindex, 0,
2974 IF_OPER_UP);
2975 eloop_cancel_timeout(wpa_driver_nl80211_send_rfkill, drv, drv->ctx);
2976 rfkill_deinit(drv->rfkill);
2977
2978 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv, drv->ctx);
2979
2980 if (!drv->start_iface_up)
2981 (void) i802_set_iface_flags(bss, 0);
2982
2983 if (drv->addr_changed) {
2984 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname,
2985 0) < 0) {
2986 wpa_printf(MSG_DEBUG,
2987 "nl80211: Could not set interface down to restore permanent MAC address");
2988 }
2989 if (linux_set_ifhwaddr(drv->global->ioctl_sock, bss->ifname,
2990 drv->perm_addr) < 0) {
2991 wpa_printf(MSG_DEBUG,
2992 "nl80211: Could not restore permanent MAC address");
2993 }
2994 }
2995
2996 if (drv->nlmode != NL80211_IFTYPE_P2P_DEVICE) {
2997 if (!drv->hostapd || !drv->start_mode_ap)
2998 wpa_driver_nl80211_set_mode(bss,
2999 NL80211_IFTYPE_STATION);
3000 nl80211_mgmt_unsubscribe(bss, "deinit");
3001 } else {
3002 nl80211_mgmt_unsubscribe(bss, "deinit");
3003 nl80211_del_p2pdev(bss);
3004 }
3005
3006 nl80211_destroy_bss(drv->first_bss);
3007
3008 os_free(drv->filter_ssids);
3009
3010 os_free(drv->auth_ie);
3011 os_free(drv->auth_data);
3012
3013 if (drv->in_interface_list)
3014 dl_list_del(&drv->list);
3015
3016 os_free(drv->extended_capa);
3017 os_free(drv->extended_capa_mask);
3018 for (i = 0; i < drv->num_iface_ext_capa; i++) {
3019 os_free(drv->iface_ext_capa[i].ext_capa);
3020 os_free(drv->iface_ext_capa[i].ext_capa_mask);
3021 }
3022 os_free(drv->first_bss);
3023 #ifdef CONFIG_DRIVER_NL80211_QCA
3024 os_free(drv->pending_roam_data);
3025 #endif /* CONFIG_DRIVER_NL80211_QCA */
3026 os_free(drv);
3027 }
3028
3029
wpa_alg_to_cipher_suite(enum wpa_alg alg,size_t key_len)3030 static u32 wpa_alg_to_cipher_suite(enum wpa_alg alg, size_t key_len)
3031 {
3032 switch (alg) {
3033 case WPA_ALG_WEP:
3034 if (key_len == 5)
3035 return RSN_CIPHER_SUITE_WEP40;
3036 return RSN_CIPHER_SUITE_WEP104;
3037 case WPA_ALG_TKIP:
3038 return RSN_CIPHER_SUITE_TKIP;
3039 case WPA_ALG_CCMP:
3040 return RSN_CIPHER_SUITE_CCMP;
3041 case WPA_ALG_GCMP:
3042 return RSN_CIPHER_SUITE_GCMP;
3043 case WPA_ALG_CCMP_256:
3044 return RSN_CIPHER_SUITE_CCMP_256;
3045 case WPA_ALG_GCMP_256:
3046 return RSN_CIPHER_SUITE_GCMP_256;
3047 case WPA_ALG_BIP_CMAC_128:
3048 return RSN_CIPHER_SUITE_AES_128_CMAC;
3049 case WPA_ALG_BIP_GMAC_128:
3050 return RSN_CIPHER_SUITE_BIP_GMAC_128;
3051 case WPA_ALG_BIP_GMAC_256:
3052 return RSN_CIPHER_SUITE_BIP_GMAC_256;
3053 case WPA_ALG_BIP_CMAC_256:
3054 return RSN_CIPHER_SUITE_BIP_CMAC_256;
3055 case WPA_ALG_SMS4:
3056 return RSN_CIPHER_SUITE_SMS4;
3057 case WPA_ALG_KRK:
3058 return RSN_CIPHER_SUITE_KRK;
3059 case WPA_ALG_NONE:
3060 wpa_printf(MSG_ERROR, "nl80211: Unexpected encryption algorithm %d",
3061 alg);
3062 return 0;
3063 }
3064
3065 wpa_printf(MSG_ERROR, "nl80211: Unsupported encryption algorithm %d",
3066 alg);
3067 return 0;
3068 }
3069
3070
wpa_cipher_to_cipher_suite(unsigned int cipher)3071 static u32 wpa_cipher_to_cipher_suite(unsigned int cipher)
3072 {
3073 switch (cipher) {
3074 case WPA_CIPHER_CCMP_256:
3075 return RSN_CIPHER_SUITE_CCMP_256;
3076 case WPA_CIPHER_GCMP_256:
3077 return RSN_CIPHER_SUITE_GCMP_256;
3078 case WPA_CIPHER_CCMP:
3079 return RSN_CIPHER_SUITE_CCMP;
3080 case WPA_CIPHER_GCMP:
3081 return RSN_CIPHER_SUITE_GCMP;
3082 case WPA_CIPHER_TKIP:
3083 return RSN_CIPHER_SUITE_TKIP;
3084 case WPA_CIPHER_WEP104:
3085 return RSN_CIPHER_SUITE_WEP104;
3086 case WPA_CIPHER_WEP40:
3087 return RSN_CIPHER_SUITE_WEP40;
3088 case WPA_CIPHER_GTK_NOT_USED:
3089 return RSN_CIPHER_SUITE_NO_GROUP_ADDRESSED;
3090 }
3091
3092 return 0;
3093 }
3094
3095
wpa_cipher_to_cipher_suites(unsigned int ciphers,u32 suites[],int max_suites)3096 static int wpa_cipher_to_cipher_suites(unsigned int ciphers, u32 suites[],
3097 int max_suites)
3098 {
3099 int num_suites = 0;
3100
3101 if (num_suites < max_suites && ciphers & WPA_CIPHER_CCMP_256)
3102 suites[num_suites++] = RSN_CIPHER_SUITE_CCMP_256;
3103 if (num_suites < max_suites && ciphers & WPA_CIPHER_GCMP_256)
3104 suites[num_suites++] = RSN_CIPHER_SUITE_GCMP_256;
3105 if (num_suites < max_suites && ciphers & WPA_CIPHER_CCMP)
3106 suites[num_suites++] = RSN_CIPHER_SUITE_CCMP;
3107 if (num_suites < max_suites && ciphers & WPA_CIPHER_GCMP)
3108 suites[num_suites++] = RSN_CIPHER_SUITE_GCMP;
3109 if (num_suites < max_suites && ciphers & WPA_CIPHER_TKIP)
3110 suites[num_suites++] = RSN_CIPHER_SUITE_TKIP;
3111 if (num_suites < max_suites && ciphers & WPA_CIPHER_WEP104)
3112 suites[num_suites++] = RSN_CIPHER_SUITE_WEP104;
3113 if (num_suites < max_suites && ciphers & WPA_CIPHER_WEP40)
3114 suites[num_suites++] = RSN_CIPHER_SUITE_WEP40;
3115
3116 return num_suites;
3117 }
3118
3119
wpa_key_mgmt_to_suites(unsigned int key_mgmt_suites,u32 suites[],int max_suites)3120 static int wpa_key_mgmt_to_suites(unsigned int key_mgmt_suites, u32 suites[],
3121 int max_suites)
3122 {
3123 int num_suites = 0;
3124
3125 #define __AKM(a, b) \
3126 if (num_suites < max_suites && \
3127 (key_mgmt_suites & (WPA_KEY_MGMT_ ## a))) \
3128 suites[num_suites++] = (RSN_AUTH_KEY_MGMT_ ## b)
3129 __AKM(IEEE8021X, UNSPEC_802_1X);
3130 __AKM(PSK, PSK_OVER_802_1X);
3131 __AKM(FT_IEEE8021X, FT_802_1X);
3132 __AKM(FT_PSK, FT_PSK);
3133 __AKM(IEEE8021X_SHA256, 802_1X_SHA256);
3134 __AKM(PSK_SHA256, PSK_SHA256);
3135 __AKM(SAE, SAE);
3136 __AKM(FT_SAE, FT_SAE);
3137 __AKM(CCKM, CCKM);
3138 __AKM(OSEN, OSEN);
3139 __AKM(IEEE8021X_SUITE_B, 802_1X_SUITE_B);
3140 __AKM(IEEE8021X_SUITE_B_192, 802_1X_SUITE_B_192);
3141 __AKM(FILS_SHA256, FILS_SHA256);
3142 __AKM(FILS_SHA384, FILS_SHA384);
3143 __AKM(FT_FILS_SHA256, FT_FILS_SHA256);
3144 __AKM(FT_FILS_SHA384, FT_FILS_SHA384);
3145 __AKM(OWE, OWE);
3146 __AKM(DPP, DPP);
3147 __AKM(FT_IEEE8021X_SHA384, FT_802_1X_SHA384);
3148 #undef __AKM
3149
3150 return num_suites;
3151 }
3152
3153 #ifdef CONFIG_DRIVER_NL80211_BRCM
wpa_driver_do_broadcom_acs(void * priv,struct drv_acs_params * params)3154 static int wpa_driver_do_broadcom_acs(void *priv, struct drv_acs_params
3155 *params)
3156 {
3157 struct i802_bss *bss = priv;
3158 struct wpa_driver_nl80211_data *drv = bss->drv;
3159 struct nl_msg *msg;
3160 struct nlattr *data;
3161 int freq_list_len;
3162 int ret = 0;
3163 do {
3164 freq_list_len =
3165 int_array_len(params->freq_list);
3166 wpa_printf(MSG_DEBUG, "%s: freq_list_len=%d",
3167 __FUNCTION__, freq_list_len);
3168 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR);
3169 if (!msg) {
3170 wpa_printf(MSG_ERROR, "%s: *errof, no memory for msg", __FUNCTION__);
3171 return ret;
3172 }
3173 if ((nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_BRCM))) {
3174 wpa_printf(MSG_ERROR, "%s: *errof, NL80211_ATTR_VENDOR_ID",
3175 __FUNCTION__);
3176 nlmsg_free(msg);
3177 return ret;
3178 }
3179
3180 if ((nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD, BRCM_VENDOR_SCMD_ACS))) {
3181 wpa_printf(MSG_ERROR, "%s: *errof, NL80211_ATTR_VENDOR_SUBCMD",
3182 __FUNCTION__);
3183 nlmsg_free(msg);
3184 return ret;
3185 }
3186 if (!(data = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA))) {
3187 wpa_printf(MSG_ERROR, "%s: *errof, NL80211_ATTR_VENDOR_DATA", __FUNCTION__);
3188 nlmsg_free(msg);
3189 return ret;
3190 }
3191 if ((nla_put_u8(msg, BRCM_VENDOR_ATTR_ACS_HW_MODE, params->hw_mode))) {
3192 wpa_printf(MSG_ERROR, "%s: *errof, BRCM_VENDOR_ATTR_ACS_HW_MODE",
3193 __FUNCTION__);
3194 nlmsg_free(msg);
3195 return ret;
3196 }
3197 if ((nla_put_u8(msg, BRCM_VENDOR_ATTR_ACS_HT_ENABLED, params->ht_enabled))) {
3198 wpa_printf(MSG_ERROR, "%s: *errof, BRCM_VENDOR_ATTR_ACS_HT_ENABLED",
3199 __FUNCTION__);
3200 nlmsg_free(msg);
3201 return ret;
3202 }
3203 if ((nla_put_u8(msg, BRCM_VENDOR_ATTR_ACS_HT40_ENABLED, params->ht40_enabled))) {
3204 wpa_printf(MSG_ERROR, "%s: *errof, BRCM_VENDOR_ATTR_ACS_HT40_ENABLED",
3205 __FUNCTION__);
3206 nlmsg_free(msg);
3207 return ret;
3208 }
3209 if ((nla_put_u8(msg, BRCM_VENDOR_ATTR_ACS_VHT_ENABLED, params->vht_enabled))) {
3210 wpa_printf(MSG_ERROR, "%s: *errof, BRCM_VENDOR_ATTR_ACS_VHT_ENABLED",
3211 __FUNCTION__);
3212 nlmsg_free(msg);
3213 return ret;
3214 }
3215 if ((nla_put_u16(msg, BRCM_VENDOR_ATTR_ACS_CHWIDTH, params->ch_width))) {
3216 wpa_printf(MSG_ERROR, "%s: *errof, BRCM_VENDOR_ATTR_ACS_CHWIDTH",
3217 __FUNCTION__);
3218 nlmsg_free(msg);
3219 return ret;
3220 }
3221 wpa_printf(MSG_DEBUG, "%s: ht40=%d, ch_width=%d\n",
3222 __FUNCTION__, params->ht40_enabled, params->ch_width);
3223 if ((freq_list_len > 0) && (nla_put(msg, BRCM_VENDOR_ATTR_ACS_FREQ_LIST,
3224 sizeof(int) * freq_list_len, params->freq_list))) {
3225 wpa_printf(MSG_ERROR, "%s: *error, BRCM_VENDOR_ATTR_ACS_FREQ_LIST,"
3226 "list_len=%d\n", __FUNCTION__, freq_list_len);
3227 nlmsg_free(msg);
3228 return ret;
3229 }
3230 nla_nest_end(msg, data);
3231 wpa_printf(MSG_DEBUG, "nl80211: ACS Params: HW_MODE: %d HT: %d HT40:"
3232 " %d VHT: %d BW: %d\n",
3233 params->hw_mode, params->ht_enabled, params->ht40_enabled,
3234 params->vht_enabled, params->ch_width);
3235 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
3236 if (ret) {
3237 wpa_printf(MSG_ERROR, "nl80211: Failed to invoke vendor"
3238 " driver ACS function: %s\n",
3239 strerror(errno));
3240 }
3241 } while (0);
3242 return ret;
3243 }
3244 #endif /* CONFIG_DRIVER_NL80211_BRCM */
3245
3246 #ifdef CONFIG_DRIVER_NL80211_QCA
issue_key_mgmt_set_key(struct wpa_driver_nl80211_data * drv,const u8 * key,size_t key_len)3247 static int issue_key_mgmt_set_key(struct wpa_driver_nl80211_data *drv,
3248 const u8 *key, size_t key_len)
3249 {
3250 struct nl_msg *msg;
3251 int ret;
3252
3253 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_KEY_MGMT_OFFLOAD))
3254 return 0;
3255
3256 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) ||
3257 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) ||
3258 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD,
3259 QCA_NL80211_VENDOR_SUBCMD_KEY_MGMT_SET_KEY) ||
3260 nla_put(msg, NL80211_ATTR_VENDOR_DATA, key_len, key)) {
3261 nl80211_nlmsg_clear(msg);
3262 nlmsg_free(msg);
3263 return -1;
3264 }
3265 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
3266 if (ret) {
3267 wpa_printf(MSG_DEBUG,
3268 "nl80211: Key management set key failed: ret=%d (%s)",
3269 ret, strerror(-ret));
3270 }
3271
3272 return ret;
3273 }
3274 #endif /* CONFIG_DRIVER_NL80211_QCA */
3275
3276
3277 #ifdef CONFIG_DRIVER_NL80211_BRCM
key_mgmt_set_key(struct wpa_driver_nl80211_data * drv,const u8 * key,size_t key_len)3278 static int key_mgmt_set_key(struct wpa_driver_nl80211_data *drv,
3279 const u8 *key, size_t key_len)
3280 {
3281 struct nl_msg *msg;
3282 int ret;
3283 struct nlattr *params;
3284
3285 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) ||
3286 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_BRCM) ||
3287 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD,
3288 BRCM_VENDOR_SUBCMD_SET_PMK) ||
3289 !(params = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) ||
3290 nla_put(msg, BRCM_ATTR_DRIVER_KEY_PMK, key_len, key)) {
3291 nl80211_nlmsg_clear(msg);
3292 nlmsg_free(msg);
3293 return -ENOBUFS;
3294 }
3295 nla_nest_end(msg, params);
3296
3297 ret = send_and_recv_msgs(drv, msg, NULL, (void *) -1, NULL, NULL);
3298 if (ret) {
3299 wpa_printf(MSG_DEBUG, "nl80211: Key mgmt set key failed: ret=%d (%s)",
3300 ret, strerror(-ret));
3301 }
3302
3303 return ret;
3304 }
3305 #endif /* CONFIG_DRIVER_NL80211_BRCM */
3306
nl80211_set_pmk(struct wpa_driver_nl80211_data * drv,const u8 * key,size_t key_len,const u8 * addr)3307 static int nl80211_set_pmk(struct wpa_driver_nl80211_data *drv,
3308 const u8 *key, size_t key_len,
3309 const u8 *addr)
3310 {
3311 struct nl_msg *msg = NULL;
3312 int ret;
3313
3314 /*
3315 * If the authenticator address is not set, assume it is
3316 * the current BSSID.
3317 */
3318 if (!addr && drv->associated)
3319 addr = drv->bssid;
3320 else if (!addr)
3321 return -1;
3322
3323 wpa_printf(MSG_DEBUG, "nl80211: Set PMK to the driver for " MACSTR,
3324 MAC2STR(addr));
3325 wpa_hexdump_key(MSG_DEBUG, "nl80211: PMK", key, key_len);
3326 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_SET_PMK);
3327 if (!msg ||
3328 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr) ||
3329 nla_put(msg, NL80211_ATTR_PMK, key_len, key)) {
3330 nl80211_nlmsg_clear(msg);
3331 nlmsg_free(msg);
3332 return -ENOBUFS;
3333 }
3334
3335 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
3336 if (ret) {
3337 wpa_printf(MSG_DEBUG, "nl80211: Set PMK failed: ret=%d (%s)",
3338 ret, strerror(-ret));
3339 }
3340
3341 return ret;
3342 }
3343
3344
wpa_driver_nl80211_set_key(struct i802_bss * bss,struct wpa_driver_set_key_params * params)3345 static int wpa_driver_nl80211_set_key(struct i802_bss *bss,
3346 struct wpa_driver_set_key_params *params)
3347 {
3348 struct wpa_driver_nl80211_data *drv = bss->drv;
3349 int ifindex;
3350 struct nl_msg *msg;
3351 struct nl_msg *key_msg;
3352 int ret;
3353 int skip_set_key = 1;
3354 const char *ifname = params->ifname;
3355 enum wpa_alg alg = params->alg;
3356 const u8 *addr = params->addr;
3357 int key_idx = params->key_idx;
3358 int set_tx = params->set_tx;
3359 const u8 *seq = params->seq;
3360 size_t seq_len = params->seq_len;
3361 const u8 *key = params->key;
3362 size_t key_len = params->key_len;
3363 int vlan_id = params->vlan_id;
3364 enum key_flag key_flag = params->key_flag;
3365
3366 /* Ignore for P2P Device */
3367 if (drv->nlmode == NL80211_IFTYPE_P2P_DEVICE)
3368 return 0;
3369
3370 ifindex = if_nametoindex(ifname);
3371 wpa_printf(MSG_DEBUG, "%s: ifindex=%d (%s) alg=%d addr=%p key_idx=%d "
3372 "set_tx=%d seq_len=%lu key_len=%lu key_flag=0x%x",
3373 __func__, ifindex, ifname, alg, addr, key_idx, set_tx,
3374 (unsigned long) seq_len, (unsigned long) key_len, key_flag);
3375
3376 if (check_key_flag(key_flag)) {
3377 wpa_printf(MSG_DEBUG, "%s: invalid key_flag", __func__);
3378 return -EINVAL;
3379 }
3380
3381 #ifdef CONFIG_DRIVER_NL80211_QCA
3382 if ((key_flag & KEY_FLAG_PMK) &&
3383 (drv->capa.flags & WPA_DRIVER_FLAGS_KEY_MGMT_OFFLOAD)) {
3384 wpa_printf(MSG_DEBUG, "%s: calling issue_key_mgmt_set_key",
3385 __func__);
3386 ret = issue_key_mgmt_set_key(drv, key, key_len);
3387 return ret;
3388 }
3389 #endif /* CONFIG_DRIVER_NL80211_QCA */
3390
3391 if (key_flag & KEY_FLAG_PMK) {
3392 if (drv->capa.flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X)
3393 return nl80211_set_pmk(drv, key, key_len, addr);
3394 #ifdef CONFIG_DRIVER_NL80211_BRCM
3395 if (drv->vendor_set_pmk) {
3396 wpa_printf(MSG_INFO, "nl80211: key_mgmt_set_key with key_len %lu", (unsigned long) key_len);
3397 return key_mgmt_set_key(drv, key, key_len);
3398 }
3399 #endif /* CONFIG_DRIVER_NL80211_BRCM */
3400 /* The driver does not have any offload mechanism for PMK, so
3401 * there is no need to configure this key. */
3402 return 0;
3403 }
3404
3405 ret = -ENOBUFS;
3406 key_msg = nlmsg_alloc();
3407 if (!key_msg)
3408 return ret;
3409
3410 if ((key_flag & KEY_FLAG_PAIRWISE_MASK) ==
3411 KEY_FLAG_PAIRWISE_RX_TX_MODIFY) {
3412 wpa_printf(MSG_DEBUG,
3413 "nl80211: SET_KEY (pairwise RX/TX modify)");
3414 msg = nl80211_ifindex_msg(drv, ifindex, 0, NL80211_CMD_SET_KEY);
3415 if (!msg)
3416 goto fail2;
3417 } else if (alg == WPA_ALG_NONE && (key_flag & KEY_FLAG_RX_TX)) {
3418 wpa_printf(MSG_DEBUG, "%s: invalid key_flag to delete key",
3419 __func__);
3420 ret = -EINVAL;
3421 goto fail2;
3422 } else if (alg == WPA_ALG_NONE) {
3423 wpa_printf(MSG_DEBUG, "nl80211: DEL_KEY");
3424 msg = nl80211_ifindex_msg(drv, ifindex, 0, NL80211_CMD_DEL_KEY);
3425 if (!msg)
3426 goto fail2;
3427 } else {
3428 u32 suite;
3429
3430 suite = wpa_alg_to_cipher_suite(alg, key_len);
3431 if (!suite) {
3432 ret = -EINVAL;
3433 goto fail2;
3434 }
3435 wpa_printf(MSG_DEBUG, "nl80211: NEW_KEY");
3436 msg = nl80211_ifindex_msg(drv, ifindex, 0, NL80211_CMD_NEW_KEY);
3437 if (!msg)
3438 goto fail2;
3439 if (nla_put(key_msg, NL80211_KEY_DATA, key_len, key) ||
3440 nla_put_u32(key_msg, NL80211_KEY_CIPHER, suite))
3441 goto fail;
3442 wpa_hexdump_key(MSG_DEBUG, "nl80211: KEY_DATA", key, key_len);
3443
3444 if (seq && seq_len) {
3445 if (nla_put(key_msg, NL80211_KEY_SEQ, seq_len, seq))
3446 goto fail;
3447 wpa_hexdump(MSG_DEBUG, "nl80211: KEY_SEQ",
3448 seq, seq_len);
3449 }
3450 }
3451
3452 if (addr && !is_broadcast_ether_addr(addr)) {
3453 wpa_printf(MSG_DEBUG, " addr=" MACSTR, MAC2STR(addr));
3454 if (nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr))
3455 goto fail;
3456
3457 if ((key_flag & KEY_FLAG_PAIRWISE_MASK) ==
3458 KEY_FLAG_PAIRWISE_RX ||
3459 (key_flag & KEY_FLAG_PAIRWISE_MASK) ==
3460 KEY_FLAG_PAIRWISE_RX_TX_MODIFY) {
3461 if (nla_put_u8(key_msg, NL80211_KEY_MODE,
3462 key_flag == KEY_FLAG_PAIRWISE_RX ?
3463 NL80211_KEY_NO_TX : NL80211_KEY_SET_TX))
3464 goto fail;
3465 } else if ((key_flag & KEY_FLAG_GROUP_MASK) ==
3466 KEY_FLAG_GROUP_RX) {
3467 wpa_printf(MSG_DEBUG, " RSN IBSS RX GTK");
3468 if (nla_put_u32(key_msg, NL80211_KEY_TYPE,
3469 NL80211_KEYTYPE_GROUP))
3470 goto fail;
3471 } else if (!(key_flag & KEY_FLAG_PAIRWISE)) {
3472 wpa_printf(MSG_DEBUG,
3473 " key_flag missing PAIRWISE when setting a pairwise key");
3474 ret = -EINVAL;
3475 goto fail;
3476 } else if (alg == WPA_ALG_WEP &&
3477 (key_flag & KEY_FLAG_RX_TX) == KEY_FLAG_RX_TX) {
3478 wpa_printf(MSG_DEBUG, " unicast WEP key");
3479 skip_set_key = 0;
3480 } else {
3481 wpa_printf(MSG_DEBUG, " pairwise key");
3482 }
3483 } else if ((key_flag & KEY_FLAG_PAIRWISE) ||
3484 !(key_flag & KEY_FLAG_GROUP)) {
3485 wpa_printf(MSG_DEBUG,
3486 " invalid key_flag for a broadcast key");
3487 ret = -EINVAL;
3488 goto fail;
3489 } else {
3490 wpa_printf(MSG_DEBUG, " broadcast key");
3491 if (key_flag & KEY_FLAG_DEFAULT)
3492 skip_set_key = 0;
3493 }
3494 if (nla_put_u8(key_msg, NL80211_KEY_IDX, key_idx) ||
3495 nla_put_nested(msg, NL80211_ATTR_KEY, key_msg))
3496 goto fail;
3497 nl80211_nlmsg_clear(key_msg);
3498 nlmsg_free(key_msg);
3499 key_msg = NULL;
3500
3501 if (vlan_id && (drv->capa.flags & WPA_DRIVER_FLAGS_VLAN_OFFLOAD)) {
3502 wpa_printf(MSG_DEBUG, "nl80211: VLAN ID %d", vlan_id);
3503 if (nla_put_u16(msg, NL80211_ATTR_VLAN_ID, vlan_id))
3504 goto fail;
3505 }
3506
3507 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
3508 if ((ret == -ENOENT || ret == -ENOLINK) && alg == WPA_ALG_NONE)
3509 ret = 0;
3510 if (ret)
3511 wpa_printf(MSG_DEBUG, "nl80211: set_key failed; err=%d %s",
3512 ret, strerror(-ret));
3513
3514 /*
3515 * If we failed or don't need to set the key as default (below),
3516 * we're done here.
3517 */
3518 if (ret || skip_set_key)
3519 return ret;
3520 wpa_printf(MSG_DEBUG, "nl80211: NL80211_CMD_SET_KEY - default key");
3521
3522 ret = -ENOBUFS;
3523 key_msg = nlmsg_alloc();
3524 if (!key_msg)
3525 return ret;
3526
3527 msg = nl80211_ifindex_msg(drv, ifindex, 0, NL80211_CMD_SET_KEY);
3528 if (!msg)
3529 goto fail2;
3530 if (!key_msg ||
3531 nla_put_u8(key_msg, NL80211_KEY_IDX, key_idx) ||
3532 nla_put_flag(key_msg, wpa_alg_bip(alg) ?
3533 (key_idx == 6 || key_idx == 7 ?
3534 NL80211_KEY_DEFAULT_BEACON :
3535 NL80211_KEY_DEFAULT_MGMT) :
3536 NL80211_KEY_DEFAULT))
3537 goto fail;
3538 if (addr && is_broadcast_ether_addr(addr)) {
3539 struct nlattr *types;
3540
3541 types = nla_nest_start(key_msg, NL80211_KEY_DEFAULT_TYPES);
3542 if (!types ||
3543 nla_put_flag(key_msg, NL80211_KEY_DEFAULT_TYPE_MULTICAST))
3544 goto fail;
3545 nla_nest_end(key_msg, types);
3546 } else if (addr) {
3547 struct nlattr *types;
3548
3549 types = nla_nest_start(key_msg, NL80211_KEY_DEFAULT_TYPES);
3550 if (!types ||
3551 nla_put_flag(key_msg, NL80211_KEY_DEFAULT_TYPE_UNICAST))
3552 goto fail;
3553 nla_nest_end(key_msg, types);
3554 }
3555
3556 if (nla_put_nested(msg, NL80211_ATTR_KEY, key_msg))
3557 goto fail;
3558 nl80211_nlmsg_clear(key_msg);
3559 nlmsg_free(key_msg);
3560 key_msg = NULL;
3561
3562 if (vlan_id && (drv->capa.flags & WPA_DRIVER_FLAGS_VLAN_OFFLOAD)) {
3563 wpa_printf(MSG_DEBUG, "nl80211: set_key default - VLAN ID %d",
3564 vlan_id);
3565 if (nla_put_u16(msg, NL80211_ATTR_VLAN_ID, vlan_id))
3566 goto fail;
3567 }
3568
3569 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
3570 if (ret)
3571 wpa_printf(MSG_DEBUG,
3572 "nl80211: set_key default failed; err=%d %s",
3573 ret, strerror(-ret));
3574 return ret;
3575
3576 fail:
3577 nl80211_nlmsg_clear(msg);
3578 nlmsg_free(msg);
3579 fail2:
3580 nl80211_nlmsg_clear(key_msg);
3581 nlmsg_free(key_msg);
3582 return ret;
3583 }
3584
3585
nl_add_key(struct nl_msg * msg,enum wpa_alg alg,int key_idx,int defkey,const u8 * seq,size_t seq_len,const u8 * key,size_t key_len)3586 static int nl_add_key(struct nl_msg *msg, enum wpa_alg alg,
3587 int key_idx, int defkey,
3588 const u8 *seq, size_t seq_len,
3589 const u8 *key, size_t key_len)
3590 {
3591 struct nlattr *key_attr = nla_nest_start(msg, NL80211_ATTR_KEY);
3592 u32 suite;
3593
3594 if (!key_attr)
3595 return -1;
3596
3597 suite = wpa_alg_to_cipher_suite(alg, key_len);
3598 if (!suite)
3599 return -1;
3600
3601 if (defkey && wpa_alg_bip(alg)) {
3602 if (nla_put_flag(msg, NL80211_KEY_DEFAULT_MGMT))
3603 return -1;
3604 } else if (defkey) {
3605 if (nla_put_flag(msg, NL80211_KEY_DEFAULT))
3606 return -1;
3607 }
3608
3609 if (nla_put_u8(msg, NL80211_KEY_IDX, key_idx) ||
3610 nla_put_u32(msg, NL80211_KEY_CIPHER, suite) ||
3611 (seq && seq_len &&
3612 nla_put(msg, NL80211_KEY_SEQ, seq_len, seq)) ||
3613 nla_put(msg, NL80211_KEY_DATA, key_len, key))
3614 return -1;
3615
3616 nla_nest_end(msg, key_attr);
3617
3618 return 0;
3619 }
3620
3621
nl80211_set_conn_keys(struct wpa_driver_associate_params * params,struct nl_msg * msg)3622 static int nl80211_set_conn_keys(struct wpa_driver_associate_params *params,
3623 struct nl_msg *msg)
3624 {
3625 int i, privacy = 0;
3626 struct nlattr *nl_keys, *nl_key;
3627
3628 for (i = 0; i < 4; i++) {
3629 if (!params->wep_key[i])
3630 continue;
3631 privacy = 1;
3632 break;
3633 }
3634 if (params->wps == WPS_MODE_PRIVACY)
3635 privacy = 1;
3636 if (params->pairwise_suite &&
3637 params->pairwise_suite != WPA_CIPHER_NONE)
3638 privacy = 1;
3639
3640 if (!privacy)
3641 return 0;
3642
3643 if (nla_put_flag(msg, NL80211_ATTR_PRIVACY))
3644 return -ENOBUFS;
3645
3646 nl_keys = nla_nest_start(msg, NL80211_ATTR_KEYS);
3647 if (!nl_keys)
3648 return -ENOBUFS;
3649
3650 for (i = 0; i < 4; i++) {
3651 if (!params->wep_key[i])
3652 continue;
3653
3654 nl_key = nla_nest_start(msg, i);
3655 if (!nl_key ||
3656 nla_put(msg, NL80211_KEY_DATA, params->wep_key_len[i],
3657 params->wep_key[i]) ||
3658 nla_put_u32(msg, NL80211_KEY_CIPHER,
3659 params->wep_key_len[i] == 5 ?
3660 RSN_CIPHER_SUITE_WEP40 :
3661 RSN_CIPHER_SUITE_WEP104) ||
3662 nla_put_u8(msg, NL80211_KEY_IDX, i) ||
3663 (i == params->wep_tx_keyidx &&
3664 nla_put_flag(msg, NL80211_KEY_DEFAULT)))
3665 return -ENOBUFS;
3666
3667 nla_nest_end(msg, nl_key);
3668 }
3669 nla_nest_end(msg, nl_keys);
3670
3671 return 0;
3672 }
3673
3674
wpa_driver_nl80211_mlme(struct wpa_driver_nl80211_data * drv,const u8 * addr,int cmd,u16 reason_code,int local_state_change,struct nl_sock * nl_connect)3675 int wpa_driver_nl80211_mlme(struct wpa_driver_nl80211_data *drv,
3676 const u8 *addr, int cmd, u16 reason_code,
3677 int local_state_change,
3678 struct nl_sock *nl_connect)
3679 {
3680 int ret;
3681 struct nl_msg *msg;
3682
3683 if (!(msg = nl80211_drv_msg(drv, 0, cmd)) ||
3684 nla_put_u16(msg, NL80211_ATTR_REASON_CODE, reason_code) ||
3685 (addr && nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) ||
3686 (local_state_change &&
3687 nla_put_flag(msg, NL80211_ATTR_LOCAL_STATE_CHANGE))) {
3688 nlmsg_free(msg);
3689 return -1;
3690 }
3691
3692 if (nl_connect)
3693 ret = send_and_recv(drv->global, nl_connect, msg, NULL, NULL,
3694 NULL, NULL);
3695 else
3696 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
3697 if (ret) {
3698 wpa_dbg(drv->ctx, MSG_DEBUG,
3699 "nl80211: MLME command failed: reason=%u ret=%d (%s)",
3700 reason_code, ret, strerror(-ret));
3701 }
3702 return ret;
3703 }
3704
3705
wpa_driver_nl80211_disconnect(struct wpa_driver_nl80211_data * drv,u16 reason_code,struct nl_sock * nl_connect)3706 static int wpa_driver_nl80211_disconnect(struct wpa_driver_nl80211_data *drv,
3707 u16 reason_code,
3708 struct nl_sock *nl_connect)
3709 {
3710 int ret;
3711 int drv_associated = drv->associated;
3712
3713 wpa_printf(MSG_DEBUG, "%s(reason_code=%d)", __func__, reason_code);
3714 nl80211_mark_disconnected(drv);
3715 /* Disconnect command doesn't need BSSID - it uses cached value */
3716 ret = wpa_driver_nl80211_mlme(drv, NULL, NL80211_CMD_DISCONNECT,
3717 reason_code, 0, nl_connect);
3718 /*
3719 * For locally generated disconnect, supplicant already generates a
3720 * DEAUTH event, so ignore the event from NL80211.
3721 */
3722 drv->ignore_next_local_disconnect = drv_associated && (ret == 0);
3723
3724 return ret;
3725 }
3726
3727
wpa_driver_nl80211_deauthenticate(struct i802_bss * bss,const u8 * addr,u16 reason_code)3728 static int wpa_driver_nl80211_deauthenticate(struct i802_bss *bss,
3729 const u8 *addr, u16 reason_code)
3730 {
3731 struct wpa_driver_nl80211_data *drv = bss->drv;
3732 int ret;
3733 int drv_associated = drv->associated;
3734
3735 if (drv->nlmode == NL80211_IFTYPE_ADHOC) {
3736 nl80211_mark_disconnected(drv);
3737 return nl80211_leave_ibss(drv, 1);
3738 }
3739 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME)) {
3740 return wpa_driver_nl80211_disconnect(drv, reason_code,
3741 get_connect_handle(bss));
3742 }
3743 wpa_printf(MSG_DEBUG, "%s(addr=" MACSTR " reason_code=%d)",
3744 __func__, MAC2STR(addr), reason_code);
3745 nl80211_mark_disconnected(drv);
3746 ret = wpa_driver_nl80211_mlme(drv, addr, NL80211_CMD_DEAUTHENTICATE,
3747 reason_code, 0, get_connect_handle(bss));
3748 /*
3749 * For locally generated deauthenticate, supplicant already generates a
3750 * DEAUTH event, so ignore the event from NL80211.
3751 */
3752 drv->ignore_next_local_deauth = drv_associated && (ret == 0);
3753
3754 return ret;
3755 }
3756
3757
nl80211_copy_auth_params(struct wpa_driver_nl80211_data * drv,struct wpa_driver_auth_params * params)3758 static void nl80211_copy_auth_params(struct wpa_driver_nl80211_data *drv,
3759 struct wpa_driver_auth_params *params)
3760 {
3761 int i;
3762
3763 drv->auth_freq = params->freq;
3764 drv->auth_alg = params->auth_alg;
3765 drv->auth_wep_tx_keyidx = params->wep_tx_keyidx;
3766 drv->auth_local_state_change = params->local_state_change;
3767 drv->auth_p2p = params->p2p;
3768
3769 if (params->bssid)
3770 os_memcpy(drv->auth_bssid_, params->bssid, ETH_ALEN);
3771 else
3772 os_memset(drv->auth_bssid_, 0, ETH_ALEN);
3773
3774 if (params->ssid) {
3775 os_memcpy(drv->auth_ssid, params->ssid, params->ssid_len);
3776 drv->auth_ssid_len = params->ssid_len;
3777 } else
3778 drv->auth_ssid_len = 0;
3779
3780
3781 os_free(drv->auth_ie);
3782 drv->auth_ie = NULL;
3783 drv->auth_ie_len = 0;
3784 if (params->ie) {
3785 drv->auth_ie = os_malloc(params->ie_len);
3786 if (drv->auth_ie) {
3787 os_memcpy(drv->auth_ie, params->ie, params->ie_len);
3788 drv->auth_ie_len = params->ie_len;
3789 }
3790 }
3791
3792 os_free(drv->auth_data);
3793 drv->auth_data = NULL;
3794 drv->auth_data_len = 0;
3795 if (params->auth_data) {
3796 drv->auth_data = os_memdup(params->auth_data,
3797 params->auth_data_len);
3798 if (drv->auth_data)
3799 drv->auth_data_len = params->auth_data_len;
3800 }
3801
3802 for (i = 0; i < 4; i++) {
3803 if (params->wep_key[i] && params->wep_key_len[i] &&
3804 params->wep_key_len[i] <= 16) {
3805 os_memcpy(drv->auth_wep_key[i], params->wep_key[i],
3806 params->wep_key_len[i]);
3807 drv->auth_wep_key_len[i] = params->wep_key_len[i];
3808 } else
3809 drv->auth_wep_key_len[i] = 0;
3810 }
3811 }
3812
3813
nl80211_unmask_11b_rates(struct i802_bss * bss)3814 static void nl80211_unmask_11b_rates(struct i802_bss *bss)
3815 {
3816 struct wpa_driver_nl80211_data *drv = bss->drv;
3817
3818 if (is_p2p_net_interface(drv->nlmode) || !drv->disabled_11b_rates)
3819 return;
3820
3821 /*
3822 * Looks like we failed to unmask 11b rates previously. This could
3823 * happen, e.g., if the interface was down at the point in time when a
3824 * P2P group was terminated.
3825 */
3826 wpa_printf(MSG_DEBUG,
3827 "nl80211: Interface %s mode is for non-P2P, but 11b rates were disabled - re-enable them",
3828 bss->ifname);
3829 nl80211_disable_11b_rates(drv, drv->ifindex, 0);
3830 }
3831
3832
get_nl_auth_type(int wpa_auth_alg)3833 static enum nl80211_auth_type get_nl_auth_type(int wpa_auth_alg)
3834 {
3835 if (wpa_auth_alg & WPA_AUTH_ALG_OPEN)
3836 return NL80211_AUTHTYPE_OPEN_SYSTEM;
3837 if (wpa_auth_alg & WPA_AUTH_ALG_SHARED)
3838 return NL80211_AUTHTYPE_SHARED_KEY;
3839 if (wpa_auth_alg & WPA_AUTH_ALG_LEAP)
3840 return NL80211_AUTHTYPE_NETWORK_EAP;
3841 if (wpa_auth_alg & WPA_AUTH_ALG_FT)
3842 return NL80211_AUTHTYPE_FT;
3843 if (wpa_auth_alg & WPA_AUTH_ALG_SAE)
3844 return NL80211_AUTHTYPE_SAE;
3845 if (wpa_auth_alg & WPA_AUTH_ALG_FILS)
3846 return NL80211_AUTHTYPE_FILS_SK;
3847 if (wpa_auth_alg & WPA_AUTH_ALG_FILS_SK_PFS)
3848 return NL80211_AUTHTYPE_FILS_SK_PFS;
3849
3850 return NL80211_AUTHTYPE_MAX;
3851 }
3852
3853
wpa_driver_nl80211_authenticate(struct i802_bss * bss,struct wpa_driver_auth_params * params)3854 static int wpa_driver_nl80211_authenticate(
3855 struct i802_bss *bss, struct wpa_driver_auth_params *params)
3856 {
3857 struct wpa_driver_nl80211_data *drv = bss->drv;
3858 int ret = -1, i;
3859 struct nl_msg *msg;
3860 enum nl80211_auth_type type;
3861 enum nl80211_iftype nlmode;
3862 int count = 0;
3863 int is_retry;
3864 struct wpa_driver_set_key_params p;
3865
3866 nl80211_unmask_11b_rates(bss);
3867
3868 is_retry = drv->retry_auth;
3869 drv->retry_auth = 0;
3870 drv->ignore_deauth_event = 0;
3871
3872 nl80211_mark_disconnected(drv);
3873 os_memset(drv->auth_bssid, 0, ETH_ALEN);
3874 if (params->bssid)
3875 os_memcpy(drv->auth_attempt_bssid, params->bssid, ETH_ALEN);
3876 else
3877 os_memset(drv->auth_attempt_bssid, 0, ETH_ALEN);
3878 /* FIX: IBSS mode */
3879 nlmode = params->p2p ?
3880 NL80211_IFTYPE_P2P_CLIENT : NL80211_IFTYPE_STATION;
3881 if (drv->nlmode != nlmode &&
3882 wpa_driver_nl80211_set_mode(bss, nlmode) < 0)
3883 return -1;
3884
3885 retry:
3886 wpa_printf(MSG_DEBUG, "nl80211: Authenticate (ifindex=%d)",
3887 drv->ifindex);
3888
3889 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_AUTHENTICATE);
3890 if (!msg)
3891 goto fail;
3892
3893 os_memset(&p, 0, sizeof(p));
3894 p.ifname = bss->ifname;
3895 p.alg = WPA_ALG_WEP;
3896 for (i = 0; i < 4; i++) {
3897 if (!params->wep_key[i])
3898 continue;
3899 p.key_idx = i;
3900 p.set_tx = i == params->wep_tx_keyidx;
3901 p.key = params->wep_key[i];
3902 p.key_len = params->wep_key_len[i];
3903 p.key_flag = i == params->wep_tx_keyidx ?
3904 KEY_FLAG_GROUP_RX_TX_DEFAULT :
3905 KEY_FLAG_GROUP_RX_TX;
3906 wpa_driver_nl80211_set_key(bss, &p);
3907 if (params->wep_tx_keyidx != i)
3908 continue;
3909 if (nl_add_key(msg, WPA_ALG_WEP, i, 1, NULL, 0,
3910 params->wep_key[i], params->wep_key_len[i]))
3911 goto fail;
3912 }
3913
3914 if (params->bssid) {
3915 wpa_printf(MSG_DEBUG, " * bssid=" MACSTR,
3916 MAC2STR(params->bssid));
3917 if (nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid))
3918 goto fail;
3919 }
3920 if (params->freq) {
3921 wpa_printf(MSG_DEBUG, " * freq=%d", params->freq);
3922 if (nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, params->freq))
3923 goto fail;
3924 }
3925 if (params->ssid) {
3926 wpa_printf(MSG_DEBUG, " * SSID=%s",
3927 wpa_ssid_txt(params->ssid, params->ssid_len));
3928 if (nla_put(msg, NL80211_ATTR_SSID, params->ssid_len,
3929 params->ssid))
3930 goto fail;
3931 }
3932 wpa_hexdump(MSG_DEBUG, " * IEs", params->ie, params->ie_len);
3933 if (params->ie &&
3934 nla_put(msg, NL80211_ATTR_IE, params->ie_len, params->ie))
3935 goto fail;
3936 if (params->auth_data) {
3937 wpa_hexdump(MSG_DEBUG, " * auth_data", params->auth_data,
3938 params->auth_data_len);
3939 if (nla_put(msg, NL80211_ATTR_SAE_DATA, params->auth_data_len,
3940 params->auth_data))
3941 goto fail;
3942 }
3943 type = get_nl_auth_type(params->auth_alg);
3944 wpa_printf(MSG_DEBUG, " * Auth Type %d", type);
3945 if (type == NL80211_AUTHTYPE_MAX ||
3946 nla_put_u32(msg, NL80211_ATTR_AUTH_TYPE, type))
3947 goto fail;
3948 if (params->local_state_change) {
3949 wpa_printf(MSG_DEBUG, " * Local state change only");
3950 if (nla_put_flag(msg, NL80211_ATTR_LOCAL_STATE_CHANGE))
3951 goto fail;
3952 }
3953
3954 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
3955 msg = NULL;
3956 if (ret) {
3957 wpa_dbg(drv->ctx, MSG_DEBUG,
3958 "nl80211: MLME command failed (auth): count=%d ret=%d (%s)",
3959 count, ret, strerror(-ret));
3960 count++;
3961 if ((ret == -EALREADY || ret == -EEXIST) && count == 1 &&
3962 params->bssid && !params->local_state_change) {
3963 /*
3964 * mac80211 does not currently accept new
3965 * authentication if we are already authenticated. As a
3966 * workaround, force deauthentication and try again.
3967 */
3968 wpa_printf(MSG_DEBUG, "nl80211: Retry authentication "
3969 "after forced deauthentication");
3970 drv->ignore_deauth_event = 1;
3971 wpa_driver_nl80211_deauthenticate(
3972 bss, params->bssid,
3973 WLAN_REASON_PREV_AUTH_NOT_VALID);
3974 nlmsg_free(msg);
3975 goto retry;
3976 }
3977
3978 if (ret == -ENOENT && params->freq && !is_retry) {
3979 /*
3980 * cfg80211 has likely expired the BSS entry even
3981 * though it was previously available in our internal
3982 * BSS table. To recover quickly, start a single
3983 * channel scan on the specified channel.
3984 */
3985 struct wpa_driver_scan_params scan;
3986 int freqs[2];
3987
3988 os_memset(&scan, 0, sizeof(scan));
3989 scan.num_ssids = 1;
3990 if (params->ssid) {
3991 scan.ssids[0].ssid = params->ssid;
3992 scan.ssids[0].ssid_len = params->ssid_len;
3993 }
3994 freqs[0] = params->freq;
3995 freqs[1] = 0;
3996 scan.freqs = freqs;
3997 wpa_printf(MSG_DEBUG, "nl80211: Trigger single "
3998 "channel scan to refresh cfg80211 BSS "
3999 "entry");
4000 ret = wpa_driver_nl80211_scan(bss, &scan);
4001 if (ret == 0) {
4002 nl80211_copy_auth_params(drv, params);
4003 drv->scan_for_auth = 1;
4004 }
4005 } else if (is_retry) {
4006 /*
4007 * Need to indicate this with an event since the return
4008 * value from the retry is not delivered to core code.
4009 */
4010 union wpa_event_data event;
4011 wpa_printf(MSG_DEBUG, "nl80211: Authentication retry "
4012 "failed");
4013 os_memset(&event, 0, sizeof(event));
4014 os_memcpy(event.timeout_event.addr, drv->auth_bssid_,
4015 ETH_ALEN);
4016 wpa_supplicant_event(drv->ctx, EVENT_AUTH_TIMED_OUT,
4017 &event);
4018 }
4019 } else {
4020 wpa_printf(MSG_DEBUG,
4021 "nl80211: Authentication request send successfully");
4022 }
4023
4024 fail:
4025 nlmsg_free(msg);
4026 return ret;
4027 }
4028
4029
wpa_driver_nl80211_authenticate_retry(struct wpa_driver_nl80211_data * drv)4030 int wpa_driver_nl80211_authenticate_retry(struct wpa_driver_nl80211_data *drv)
4031 {
4032 struct wpa_driver_auth_params params;
4033 struct i802_bss *bss = drv->first_bss;
4034 int i;
4035
4036 wpa_printf(MSG_DEBUG, "nl80211: Try to authenticate again");
4037
4038 os_memset(¶ms, 0, sizeof(params));
4039 params.freq = drv->auth_freq;
4040 params.auth_alg = drv->auth_alg;
4041 params.wep_tx_keyidx = drv->auth_wep_tx_keyidx;
4042 params.local_state_change = drv->auth_local_state_change;
4043 params.p2p = drv->auth_p2p;
4044
4045 if (!is_zero_ether_addr(drv->auth_bssid_))
4046 params.bssid = drv->auth_bssid_;
4047
4048 if (drv->auth_ssid_len) {
4049 params.ssid = drv->auth_ssid;
4050 params.ssid_len = drv->auth_ssid_len;
4051 }
4052
4053 params.ie = drv->auth_ie;
4054 params.ie_len = drv->auth_ie_len;
4055 params.auth_data = drv->auth_data;
4056 params.auth_data_len = drv->auth_data_len;
4057
4058 for (i = 0; i < 4; i++) {
4059 if (drv->auth_wep_key_len[i]) {
4060 params.wep_key[i] = drv->auth_wep_key[i];
4061 params.wep_key_len[i] = drv->auth_wep_key_len[i];
4062 }
4063 }
4064
4065 drv->retry_auth = 1;
4066 return wpa_driver_nl80211_authenticate(bss, ¶ms);
4067 }
4068
4069
wpa_driver_nl80211_send_mlme(struct i802_bss * bss,const u8 * data,size_t data_len,int noack,unsigned int freq,int no_cck,int offchanok,unsigned int wait_time,const u16 * csa_offs,size_t csa_offs_len,int no_encrypt)4070 static int wpa_driver_nl80211_send_mlme(struct i802_bss *bss, const u8 *data,
4071 size_t data_len, int noack,
4072 unsigned int freq, int no_cck,
4073 int offchanok,
4074 unsigned int wait_time,
4075 const u16 *csa_offs,
4076 size_t csa_offs_len, int no_encrypt)
4077 {
4078 struct wpa_driver_nl80211_data *drv = bss->drv;
4079 struct ieee80211_mgmt *mgmt;
4080 int encrypt = !no_encrypt;
4081 u16 fc;
4082 int use_cookie = 1;
4083 int res;
4084
4085 mgmt = (struct ieee80211_mgmt *) data;
4086 fc = le_to_host16(mgmt->frame_control);
4087 wpa_printf(MSG_DEBUG, "nl80211: send_mlme - da=" MACSTR
4088 " noack=%d freq=%u no_cck=%d offchanok=%d wait_time=%u no_encrypt=%d fc=0x%x (%s) nlmode=%d",
4089 MAC2STR(mgmt->da), noack, freq, no_cck, offchanok, wait_time,
4090 no_encrypt, fc, fc2str(fc), drv->nlmode);
4091
4092 if ((is_sta_interface(drv->nlmode) ||
4093 drv->nlmode == NL80211_IFTYPE_P2P_DEVICE) &&
4094 WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT &&
4095 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_PROBE_RESP) {
4096 /*
4097 * The use of last_mgmt_freq is a bit of a hack,
4098 * but it works due to the single-threaded nature
4099 * of wpa_supplicant.
4100 */
4101 if (freq == 0) {
4102 wpa_printf(MSG_DEBUG, "nl80211: Use last_mgmt_freq=%d",
4103 drv->last_mgmt_freq);
4104 freq = drv->last_mgmt_freq;
4105 }
4106 wait_time = 0;
4107 use_cookie = 0;
4108 no_cck = 1;
4109 offchanok = 1;
4110 goto send_frame_cmd;
4111 }
4112
4113 if (drv->device_ap_sme && is_ap_interface(drv->nlmode)) {
4114 if (freq == 0) {
4115 wpa_printf(MSG_DEBUG, "nl80211: Use bss->freq=%d",
4116 bss->freq);
4117 freq = bss->freq;
4118 }
4119 if ((int) freq == bss->freq)
4120 wait_time = 0;
4121 goto send_frame_cmd;
4122 }
4123
4124 if (WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT &&
4125 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_AUTH) {
4126 /*
4127 * Only one of the authentication frame types is encrypted.
4128 * In order for static WEP encryption to work properly (i.e.,
4129 * to not encrypt the frame), we need to tell mac80211 about
4130 * the frames that must not be encrypted.
4131 */
4132 u16 auth_alg = le_to_host16(mgmt->u.auth.auth_alg);
4133 u16 auth_trans = le_to_host16(mgmt->u.auth.auth_transaction);
4134 if (auth_alg != WLAN_AUTH_SHARED_KEY || auth_trans != 3)
4135 encrypt = 0;
4136 }
4137
4138 if (is_sta_interface(drv->nlmode) &&
4139 WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT &&
4140 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_AUTH) {
4141 if (freq == 0 &&
4142 (drv->capa.flags & WPA_DRIVER_FLAGS_SAE) &&
4143 !(drv->capa.flags & WPA_DRIVER_FLAGS_SME)) {
4144 freq = nl80211_get_assoc_freq(drv);
4145 wpa_printf(MSG_DEBUG,
4146 "nl80211: send_mlme - Use assoc_freq=%u for external auth",
4147 freq);
4148 }
4149
4150 /* Allow off channel for PASN authentication */
4151 if (data_len >= IEEE80211_HDRLEN + 2 &&
4152 WPA_GET_LE16(data + IEEE80211_HDRLEN) == WLAN_AUTH_PASN &&
4153 !offchanok) {
4154 wpa_printf(MSG_DEBUG,
4155 "nl80211: send_mlme: allow off channel for PASN");
4156 offchanok = 1;
4157 }
4158 }
4159
4160 if (freq == 0 && drv->nlmode == NL80211_IFTYPE_ADHOC) {
4161 freq = nl80211_get_assoc_freq(drv);
4162 wpa_printf(MSG_DEBUG,
4163 "nl80211: send_mlme - Use assoc_freq=%u for IBSS",
4164 freq);
4165 }
4166 if (freq == 0) {
4167 wpa_printf(MSG_DEBUG, "nl80211: send_mlme - Use bss->freq=%u",
4168 bss->freq);
4169 freq = bss->freq;
4170 }
4171
4172 if (drv->use_monitor) {
4173 wpa_printf(MSG_DEBUG,
4174 "nl80211: send_frame(freq=%u bss->freq=%u) -> send_monitor",
4175 freq, bss->freq);
4176 return nl80211_send_monitor(drv, data, data_len, encrypt,
4177 noack);
4178 }
4179
4180 if (noack || WLAN_FC_GET_TYPE(fc) != WLAN_FC_TYPE_MGMT ||
4181 WLAN_FC_GET_STYPE(fc) != WLAN_FC_STYPE_ACTION)
4182 use_cookie = 0;
4183 send_frame_cmd:
4184 #ifdef CONFIG_TESTING_OPTIONS
4185 if (no_encrypt && !encrypt && !drv->use_monitor) {
4186 wpa_printf(MSG_DEBUG,
4187 "nl80211: Request to send an unencrypted frame - use a monitor interface for this");
4188 if (nl80211_create_monitor_interface(drv) < 0)
4189 return -1;
4190 res = nl80211_send_monitor(drv, data, data_len, encrypt,
4191 noack);
4192 nl80211_remove_monitor_interface(drv);
4193 return res;
4194 }
4195 #endif /* CONFIG_TESTING_OPTIONS */
4196
4197 wpa_printf(MSG_DEBUG, "nl80211: send_mlme -> send_frame_cmd");
4198 res = nl80211_send_frame_cmd(bss, freq, wait_time, data, data_len,
4199 use_cookie, no_cck, noack, offchanok,
4200 csa_offs, csa_offs_len);
4201
4202 return res;
4203 }
4204
4205
nl80211_put_basic_rates(struct nl_msg * msg,const int * basic_rates)4206 static int nl80211_put_basic_rates(struct nl_msg *msg, const int *basic_rates)
4207 {
4208 u8 rates[NL80211_MAX_SUPP_RATES];
4209 u8 rates_len = 0;
4210 int i;
4211
4212 if (!basic_rates)
4213 return 0;
4214
4215 for (i = 0; i < NL80211_MAX_SUPP_RATES && basic_rates[i] >= 0; i++)
4216 rates[rates_len++] = basic_rates[i] / 5;
4217
4218 return nla_put(msg, NL80211_ATTR_BSS_BASIC_RATES, rates_len, rates);
4219 }
4220
4221
nl80211_set_bss(struct i802_bss * bss,int cts,int preamble,int slot,int ht_opmode,int ap_isolate,const int * basic_rates)4222 static int nl80211_set_bss(struct i802_bss *bss, int cts, int preamble,
4223 int slot, int ht_opmode, int ap_isolate,
4224 const int *basic_rates)
4225 {
4226 struct wpa_driver_nl80211_data *drv = bss->drv;
4227 struct nl_msg *msg;
4228
4229 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_BSS)) ||
4230 (cts >= 0 &&
4231 nla_put_u8(msg, NL80211_ATTR_BSS_CTS_PROT, cts)) ||
4232 (preamble >= 0 &&
4233 nla_put_u8(msg, NL80211_ATTR_BSS_SHORT_PREAMBLE, preamble)) ||
4234 (slot >= 0 &&
4235 nla_put_u8(msg, NL80211_ATTR_BSS_SHORT_SLOT_TIME, slot)) ||
4236 (ht_opmode >= 0 &&
4237 nla_put_u16(msg, NL80211_ATTR_BSS_HT_OPMODE, ht_opmode)) ||
4238 (ap_isolate >= 0 &&
4239 nla_put_u8(msg, NL80211_ATTR_AP_ISOLATE, ap_isolate)) ||
4240 nl80211_put_basic_rates(msg, basic_rates)) {
4241 nlmsg_free(msg);
4242 return -ENOBUFS;
4243 }
4244
4245 return send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
4246 }
4247
4248
wpa_driver_nl80211_set_acl(void * priv,struct hostapd_acl_params * params)4249 static int wpa_driver_nl80211_set_acl(void *priv,
4250 struct hostapd_acl_params *params)
4251 {
4252 struct i802_bss *bss = priv;
4253 struct wpa_driver_nl80211_data *drv = bss->drv;
4254 struct nl_msg *msg;
4255 struct nl_msg *acl;
4256 unsigned int i;
4257 int ret;
4258
4259 if (!(drv->capa.max_acl_mac_addrs))
4260 return -ENOTSUP;
4261
4262 if (params->num_mac_acl > drv->capa.max_acl_mac_addrs)
4263 return -ENOTSUP;
4264
4265 wpa_printf(MSG_DEBUG, "nl80211: Set %s ACL (num_mac_acl=%u)",
4266 params->acl_policy ? "Accept" : "Deny", params->num_mac_acl);
4267
4268 acl = nlmsg_alloc();
4269 if (!acl)
4270 return -ENOMEM;
4271 for (i = 0; i < params->num_mac_acl; i++) {
4272 if (nla_put(acl, i + 1, ETH_ALEN, params->mac_acl[i].addr)) {
4273 nlmsg_free(acl);
4274 return -ENOMEM;
4275 }
4276 }
4277
4278 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_SET_MAC_ACL)) ||
4279 nla_put_u32(msg, NL80211_ATTR_ACL_POLICY, params->acl_policy ?
4280 NL80211_ACL_POLICY_DENY_UNLESS_LISTED :
4281 NL80211_ACL_POLICY_ACCEPT_UNLESS_LISTED) ||
4282 nla_put_nested(msg, NL80211_ATTR_MAC_ADDRS, acl)) {
4283 nlmsg_free(msg);
4284 nlmsg_free(acl);
4285 return -ENOMEM;
4286 }
4287 nlmsg_free(acl);
4288
4289 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
4290 if (ret) {
4291 wpa_printf(MSG_DEBUG, "nl80211: Failed to set MAC ACL: %d (%s)",
4292 ret, strerror(-ret));
4293 }
4294
4295 return ret;
4296 }
4297
4298
nl80211_put_beacon_int(struct nl_msg * msg,int beacon_int)4299 static int nl80211_put_beacon_int(struct nl_msg *msg, int beacon_int)
4300 {
4301 if (beacon_int > 0) {
4302 wpa_printf(MSG_DEBUG, " * beacon_int=%d", beacon_int);
4303 return nla_put_u32(msg, NL80211_ATTR_BEACON_INTERVAL,
4304 beacon_int);
4305 }
4306
4307 return 0;
4308 }
4309
4310
nl80211_put_dtim_period(struct nl_msg * msg,int dtim_period)4311 static int nl80211_put_dtim_period(struct nl_msg *msg, int dtim_period)
4312 {
4313 if (dtim_period > 0) {
4314 wpa_printf(MSG_DEBUG, " * dtim_period=%d", dtim_period);
4315 return nla_put_u32(msg, NL80211_ATTR_DTIM_PERIOD, dtim_period);
4316 }
4317
4318 return 0;
4319 }
4320
4321
4322 #ifdef CONFIG_MESH
nl80211_set_mesh_config(void * priv,struct wpa_driver_mesh_bss_params * params)4323 static int nl80211_set_mesh_config(void *priv,
4324 struct wpa_driver_mesh_bss_params *params)
4325 {
4326 struct i802_bss *bss = priv;
4327 struct wpa_driver_nl80211_data *drv = bss->drv;
4328 struct nl_msg *msg;
4329 int ret;
4330
4331 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_SET_MESH_CONFIG);
4332 if (!msg)
4333 return -1;
4334
4335 ret = nl80211_put_mesh_config(msg, params);
4336 if (ret < 0) {
4337 nlmsg_free(msg);
4338 return ret;
4339 }
4340
4341 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
4342 if (ret) {
4343 wpa_printf(MSG_ERROR,
4344 "nl80211: Mesh config set failed: %d (%s)",
4345 ret, strerror(-ret));
4346 return ret;
4347 }
4348 return 0;
4349 }
4350 #endif /* CONFIG_MESH */
4351
4352
nl80211_put_beacon_rate(struct nl_msg * msg,u64 flags,u64 flags2,struct wpa_driver_ap_params * params)4353 static int nl80211_put_beacon_rate(struct nl_msg *msg, u64 flags, u64 flags2,
4354 struct wpa_driver_ap_params *params)
4355 {
4356 struct nlattr *bands, *band;
4357 struct nl80211_txrate_vht vht_rate;
4358 struct nl80211_txrate_he he_rate;
4359
4360 if (!params->freq ||
4361 (params->beacon_rate == 0 &&
4362 params->rate_type == BEACON_RATE_LEGACY))
4363 return 0;
4364
4365 bands = nla_nest_start(msg, NL80211_ATTR_TX_RATES);
4366 if (!bands)
4367 return -1;
4368
4369 switch (params->freq->mode) {
4370 case HOSTAPD_MODE_IEEE80211B:
4371 case HOSTAPD_MODE_IEEE80211G:
4372 band = nla_nest_start(msg, NL80211_BAND_2GHZ);
4373 break;
4374 case HOSTAPD_MODE_IEEE80211A:
4375 if (is_6ghz_freq(params->freq->freq))
4376 band = nla_nest_start(msg, NL80211_BAND_6GHZ);
4377 else
4378 band = nla_nest_start(msg, NL80211_BAND_5GHZ);
4379 break;
4380 case HOSTAPD_MODE_IEEE80211AD:
4381 band = nla_nest_start(msg, NL80211_BAND_60GHZ);
4382 break;
4383 default:
4384 return 0;
4385 }
4386
4387 if (!band)
4388 return -1;
4389
4390 os_memset(&vht_rate, 0, sizeof(vht_rate));
4391 os_memset(&he_rate, 0, sizeof(he_rate));
4392
4393 switch (params->rate_type) {
4394 case BEACON_RATE_LEGACY:
4395 if (!(flags & WPA_DRIVER_FLAGS_BEACON_RATE_LEGACY)) {
4396 wpa_printf(MSG_INFO,
4397 "nl80211: Driver does not support setting Beacon frame rate (legacy)");
4398 return -1;
4399 }
4400
4401 if (nla_put_u8(msg, NL80211_TXRATE_LEGACY,
4402 (u8) params->beacon_rate / 5) ||
4403 nla_put(msg, NL80211_TXRATE_HT, 0, NULL) ||
4404 (params->freq->vht_enabled &&
4405 nla_put(msg, NL80211_TXRATE_VHT, sizeof(vht_rate),
4406 &vht_rate)))
4407 return -1;
4408
4409 wpa_printf(MSG_DEBUG, " * beacon_rate = legacy:%u (* 100 kbps)",
4410 params->beacon_rate);
4411 break;
4412 case BEACON_RATE_HT:
4413 if (!(flags & WPA_DRIVER_FLAGS_BEACON_RATE_HT)) {
4414 wpa_printf(MSG_INFO,
4415 "nl80211: Driver does not support setting Beacon frame rate (HT)");
4416 return -1;
4417 }
4418 if (nla_put(msg, NL80211_TXRATE_LEGACY, 0, NULL) ||
4419 nla_put_u8(msg, NL80211_TXRATE_HT, params->beacon_rate) ||
4420 (params->freq->vht_enabled &&
4421 nla_put(msg, NL80211_TXRATE_VHT, sizeof(vht_rate),
4422 &vht_rate)))
4423 return -1;
4424 wpa_printf(MSG_DEBUG, " * beacon_rate = HT-MCS %u",
4425 params->beacon_rate);
4426 break;
4427 case BEACON_RATE_VHT:
4428 if (!(flags & WPA_DRIVER_FLAGS_BEACON_RATE_VHT)) {
4429 wpa_printf(MSG_INFO,
4430 "nl80211: Driver does not support setting Beacon frame rate (VHT)");
4431 return -1;
4432 }
4433 vht_rate.mcs[0] = BIT(params->beacon_rate);
4434 if (nla_put(msg, NL80211_TXRATE_LEGACY, 0, NULL))
4435 return -1;
4436 if (nla_put(msg, NL80211_TXRATE_HT, 0, NULL))
4437 return -1;
4438 if (nla_put(msg, NL80211_TXRATE_VHT, sizeof(vht_rate),
4439 &vht_rate))
4440 return -1;
4441 wpa_printf(MSG_DEBUG, " * beacon_rate = VHT-MCS %u",
4442 params->beacon_rate);
4443 break;
4444 case BEACON_RATE_HE:
4445 if (!(flags2 & WPA_DRIVER_FLAGS2_BEACON_RATE_HE)) {
4446 wpa_printf(MSG_INFO,
4447 "nl80211: Driver does not support setting Beacon frame rate (HE)");
4448 return -1;
4449 }
4450 he_rate.mcs[0] = BIT(params->beacon_rate);
4451 if (nla_put(msg, NL80211_TXRATE_LEGACY, 0, NULL) ||
4452 nla_put(msg, NL80211_TXRATE_HT, 0, NULL) ||
4453 nla_put(msg, NL80211_TXRATE_VHT, sizeof(vht_rate),
4454 &vht_rate) ||
4455 nla_put(msg, NL80211_TXRATE_HE, sizeof(he_rate), &he_rate))
4456 return -1;
4457 wpa_printf(MSG_DEBUG, " * beacon_rate = HE-MCS %u",
4458 params->beacon_rate);
4459 break;
4460 }
4461
4462 nla_nest_end(msg, band);
4463 nla_nest_end(msg, bands);
4464
4465 return 0;
4466 }
4467
4468
nl80211_set_multicast_to_unicast(struct i802_bss * bss,int multicast_to_unicast)4469 static int nl80211_set_multicast_to_unicast(struct i802_bss *bss,
4470 int multicast_to_unicast)
4471 {
4472 struct wpa_driver_nl80211_data *drv = bss->drv;
4473 struct nl_msg *msg;
4474 int ret;
4475
4476 msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_MULTICAST_TO_UNICAST);
4477 if (!msg ||
4478 (multicast_to_unicast &&
4479 nla_put_flag(msg, NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED))) {
4480 wpa_printf(MSG_ERROR,
4481 "nl80211: Failed to build NL80211_CMD_SET_MULTICAST_TO_UNICAST msg for %s",
4482 bss->ifname);
4483 nlmsg_free(msg);
4484 return -ENOBUFS;
4485 }
4486
4487 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
4488
4489 switch (ret) {
4490 case 0:
4491 wpa_printf(MSG_DEBUG,
4492 "nl80211: multicast to unicast %s on interface %s",
4493 multicast_to_unicast ? "enabled" : "disabled",
4494 bss->ifname);
4495 break;
4496 case -EOPNOTSUPP:
4497 if (!multicast_to_unicast)
4498 break;
4499 wpa_printf(MSG_INFO,
4500 "nl80211: multicast to unicast not supported on interface %s",
4501 bss->ifname);
4502 break;
4503 default:
4504 wpa_printf(MSG_ERROR,
4505 "nl80211: %s multicast to unicast failed with %d (%s) on interface %s",
4506 multicast_to_unicast ? "enabling" : "disabling",
4507 ret, strerror(-ret), bss->ifname);
4508 break;
4509 }
4510
4511 return ret;
4512 }
4513
4514
4515 #ifdef CONFIG_SAE
nl80211_put_sae_pwe(struct nl_msg * msg,int pwe)4516 static int nl80211_put_sae_pwe(struct nl_msg *msg, int pwe)
4517 {
4518 u8 sae_pwe;
4519
4520 wpa_printf(MSG_DEBUG, "nl802111: sae_pwe=%d", pwe);
4521 if (pwe == 0)
4522 sae_pwe = NL80211_SAE_PWE_HUNT_AND_PECK;
4523 else if (pwe == 1)
4524 sae_pwe = NL80211_SAE_PWE_HASH_TO_ELEMENT;
4525 else if (pwe == 2)
4526 sae_pwe = NL80211_SAE_PWE_BOTH;
4527 else if (pwe == 3)
4528 return 0; /* special test mode */
4529 else
4530 return -1;
4531 if (nla_put_u8(msg, NL80211_ATTR_SAE_PWE, sae_pwe))
4532 return -1;
4533
4534 return 0;
4535 }
4536 #endif /* CONFIG_SAE */
4537
4538
4539 #ifdef CONFIG_FILS
nl80211_fils_discovery(struct i802_bss * bss,struct nl_msg * msg,struct wpa_driver_ap_params * params)4540 static int nl80211_fils_discovery(struct i802_bss *bss, struct nl_msg *msg,
4541 struct wpa_driver_ap_params *params)
4542 {
4543 struct nlattr *attr;
4544
4545 if (!bss->drv->fils_discovery) {
4546 wpa_printf(MSG_ERROR,
4547 "nl80211: Driver does not support FILS Discovery frame transmission for %s",
4548 bss->ifname);
4549 return -1;
4550 }
4551
4552 attr = nla_nest_start(msg, NL80211_ATTR_FILS_DISCOVERY);
4553 if (!attr ||
4554 nla_put_u32(msg, NL80211_FILS_DISCOVERY_ATTR_INT_MIN,
4555 params->fd_min_int) ||
4556 nla_put_u32(msg, NL80211_FILS_DISCOVERY_ATTR_INT_MAX,
4557 params->fd_max_int) ||
4558 (params->fd_frame_tmpl &&
4559 nla_put(msg, NL80211_FILS_DISCOVERY_ATTR_TMPL,
4560 params->fd_frame_tmpl_len, params->fd_frame_tmpl)))
4561 return -1;
4562
4563 nla_nest_end(msg, attr);
4564 return 0;
4565 }
4566 #endif /* CONFIG_FILS */
4567
4568
4569 #ifdef CONFIG_IEEE80211AX
nl80211_unsol_bcast_probe_resp(struct i802_bss * bss,struct nl_msg * msg,struct wpa_driver_ap_params * params)4570 static int nl80211_unsol_bcast_probe_resp(struct i802_bss *bss,
4571 struct nl_msg *msg,
4572 struct wpa_driver_ap_params *params)
4573 {
4574 struct nlattr *attr;
4575
4576 if (!bss->drv->unsol_bcast_probe_resp) {
4577 wpa_printf(MSG_ERROR,
4578 "nl80211: Driver does not support unsolicited broadcast Probe Response frame transmission for %s",
4579 bss->ifname);
4580 return -1;
4581 }
4582
4583 wpa_printf(MSG_DEBUG,
4584 "nl80211: Unsolicited broadcast Probe Response frame interval: %u",
4585 params->unsol_bcast_probe_resp_interval);
4586 attr = nla_nest_start(msg, NL80211_ATTR_UNSOL_BCAST_PROBE_RESP);
4587 if (!attr ||
4588 nla_put_u32(msg, NL80211_UNSOL_BCAST_PROBE_RESP_ATTR_INT,
4589 params->unsol_bcast_probe_resp_interval) ||
4590 (params->unsol_bcast_probe_resp_tmpl &&
4591 nla_put(msg, NL80211_UNSOL_BCAST_PROBE_RESP_ATTR_TMPL,
4592 params->unsol_bcast_probe_resp_tmpl_len,
4593 params->unsol_bcast_probe_resp_tmpl)))
4594 return -1;
4595
4596 nla_nest_end(msg, attr);
4597 return 0;
4598 }
4599 #endif /* CONFIG_IEEE80211AX */
4600
4601
wpa_driver_nl80211_set_ap(void * priv,struct wpa_driver_ap_params * params)4602 static int wpa_driver_nl80211_set_ap(void *priv,
4603 struct wpa_driver_ap_params *params)
4604 {
4605 struct i802_bss *bss = priv;
4606 struct wpa_driver_nl80211_data *drv = bss->drv;
4607 struct nl_msg *msg;
4608 u8 cmd = NL80211_CMD_NEW_BEACON;
4609 int ret = -ENOBUFS;
4610 int beacon_set;
4611 int num_suites;
4612 u32 suites[20], suite;
4613 u32 ver;
4614 #ifdef CONFIG_MESH
4615 struct wpa_driver_mesh_bss_params mesh_params;
4616 #endif /* CONFIG_MESH */
4617
4618 beacon_set = params->reenable ? 0 : bss->beacon_set;
4619
4620 wpa_printf(MSG_DEBUG, "nl80211: Set beacon (beacon_set=%d)",
4621 beacon_set);
4622 if (beacon_set)
4623 cmd = NL80211_CMD_SET_BEACON;
4624 else if (!drv->device_ap_sme && !drv->use_monitor &&
4625 !nl80211_get_wiphy_data_ap(bss))
4626 return -ENOBUFS;
4627
4628 wpa_hexdump(MSG_DEBUG, "nl80211: Beacon head",
4629 params->head, params->head_len);
4630 wpa_hexdump(MSG_DEBUG, "nl80211: Beacon tail",
4631 params->tail, params->tail_len);
4632 wpa_printf(MSG_DEBUG, "nl80211: ifindex=%d", bss->ifindex);
4633 wpa_printf(MSG_DEBUG, "nl80211: beacon_int=%d", params->beacon_int);
4634 wpa_printf(MSG_DEBUG, "nl80211: beacon_rate=%u", params->beacon_rate);
4635 wpa_printf(MSG_DEBUG, "nl80211: rate_type=%d", params->rate_type);
4636 wpa_printf(MSG_DEBUG, "nl80211: dtim_period=%d", params->dtim_period);
4637 wpa_printf(MSG_DEBUG, "nl80211: ssid=%s",
4638 wpa_ssid_txt(params->ssid, params->ssid_len));
4639 if (!(msg = nl80211_bss_msg(bss, 0, cmd)) ||
4640 nla_put(msg, NL80211_ATTR_BEACON_HEAD, params->head_len,
4641 params->head) ||
4642 nla_put(msg, NL80211_ATTR_BEACON_TAIL, params->tail_len,
4643 params->tail) ||
4644 nl80211_put_beacon_int(msg, params->beacon_int) ||
4645 nl80211_put_beacon_rate(msg, drv->capa.flags, drv->capa.flags2,
4646 params) ||
4647 nl80211_put_dtim_period(msg, params->dtim_period) ||
4648 nla_put(msg, NL80211_ATTR_SSID, params->ssid_len, params->ssid))
4649 goto fail;
4650 if (params->proberesp && params->proberesp_len) {
4651 wpa_hexdump(MSG_DEBUG, "nl80211: proberesp (offload)",
4652 params->proberesp, params->proberesp_len);
4653 if (nla_put(msg, NL80211_ATTR_PROBE_RESP, params->proberesp_len,
4654 params->proberesp))
4655 goto fail;
4656 }
4657 switch (params->hide_ssid) {
4658 case NO_SSID_HIDING:
4659 wpa_printf(MSG_DEBUG, "nl80211: hidden SSID not in use");
4660 if (nla_put_u32(msg, NL80211_ATTR_HIDDEN_SSID,
4661 NL80211_HIDDEN_SSID_NOT_IN_USE))
4662 goto fail;
4663 break;
4664 case HIDDEN_SSID_ZERO_LEN:
4665 wpa_printf(MSG_DEBUG, "nl80211: hidden SSID zero len");
4666 if (nla_put_u32(msg, NL80211_ATTR_HIDDEN_SSID,
4667 NL80211_HIDDEN_SSID_ZERO_LEN))
4668 goto fail;
4669 break;
4670 case HIDDEN_SSID_ZERO_CONTENTS:
4671 wpa_printf(MSG_DEBUG, "nl80211: hidden SSID zero contents");
4672 if (nla_put_u32(msg, NL80211_ATTR_HIDDEN_SSID,
4673 NL80211_HIDDEN_SSID_ZERO_CONTENTS))
4674 goto fail;
4675 break;
4676 }
4677 wpa_printf(MSG_DEBUG, "nl80211: privacy=%d", params->privacy);
4678 if (params->privacy &&
4679 nla_put_flag(msg, NL80211_ATTR_PRIVACY))
4680 goto fail;
4681 wpa_printf(MSG_DEBUG, "nl80211: auth_algs=0x%x", params->auth_algs);
4682 if ((params->auth_algs & (WPA_AUTH_ALG_OPEN | WPA_AUTH_ALG_SHARED)) ==
4683 (WPA_AUTH_ALG_OPEN | WPA_AUTH_ALG_SHARED)) {
4684 /* Leave out the attribute */
4685 } else if (params->auth_algs & WPA_AUTH_ALG_SHARED) {
4686 if (nla_put_u32(msg, NL80211_ATTR_AUTH_TYPE,
4687 NL80211_AUTHTYPE_SHARED_KEY))
4688 goto fail;
4689 } else {
4690 if (nla_put_u32(msg, NL80211_ATTR_AUTH_TYPE,
4691 NL80211_AUTHTYPE_OPEN_SYSTEM))
4692 goto fail;
4693 }
4694
4695 wpa_printf(MSG_DEBUG, "nl80211: wpa_version=0x%x", params->wpa_version);
4696 ver = 0;
4697 if (params->wpa_version & WPA_PROTO_WPA)
4698 ver |= NL80211_WPA_VERSION_1;
4699 if (params->wpa_version & WPA_PROTO_RSN)
4700 ver |= NL80211_WPA_VERSION_2;
4701 if (ver &&
4702 nla_put_u32(msg, NL80211_ATTR_WPA_VERSIONS, ver))
4703 goto fail;
4704
4705 wpa_printf(MSG_DEBUG, "nl80211: key_mgmt_suites=0x%x",
4706 params->key_mgmt_suites);
4707 num_suites = wpa_key_mgmt_to_suites(params->key_mgmt_suites,
4708 suites, ARRAY_SIZE(suites));
4709 if (num_suites > NL80211_MAX_NR_AKM_SUITES)
4710 wpa_printf(MSG_DEBUG,
4711 "nl80211: Not enough room for all AKM suites (num_suites=%d > NL80211_MAX_NR_AKM_SUITES)",
4712 num_suites);
4713 else if (num_suites &&
4714 nla_put(msg, NL80211_ATTR_AKM_SUITES, num_suites * sizeof(u32),
4715 suites))
4716 goto fail;
4717
4718 if (params->key_mgmt_suites & WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
4719 (!params->pairwise_ciphers ||
4720 params->pairwise_ciphers & (WPA_CIPHER_WEP104 | WPA_CIPHER_WEP40)) &&
4721 (nla_put_u16(msg, NL80211_ATTR_CONTROL_PORT_ETHERTYPE, ETH_P_PAE) ||
4722 nla_put_flag(msg, NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT)))
4723 goto fail;
4724
4725 if (drv->device_ap_sme &&
4726 (params->key_mgmt_suites & WPA_KEY_MGMT_SAE) &&
4727 nla_put_flag(msg, NL80211_ATTR_EXTERNAL_AUTH_SUPPORT))
4728 goto fail;
4729
4730 wpa_printf(MSG_DEBUG, "nl80211: pairwise_ciphers=0x%x",
4731 params->pairwise_ciphers);
4732 num_suites = wpa_cipher_to_cipher_suites(params->pairwise_ciphers,
4733 suites, ARRAY_SIZE(suites));
4734 if (num_suites &&
4735 nla_put(msg, NL80211_ATTR_CIPHER_SUITES_PAIRWISE,
4736 num_suites * sizeof(u32), suites))
4737 goto fail;
4738
4739 wpa_printf(MSG_DEBUG, "nl80211: group_cipher=0x%x",
4740 params->group_cipher);
4741 suite = wpa_cipher_to_cipher_suite(params->group_cipher);
4742 if (suite &&
4743 nla_put_u32(msg, NL80211_ATTR_CIPHER_SUITE_GROUP, suite))
4744 goto fail;
4745
4746 if (params->beacon_ies) {
4747 wpa_hexdump_buf(MSG_DEBUG, "nl80211: beacon_ies",
4748 params->beacon_ies);
4749 if (nla_put(msg, NL80211_ATTR_IE,
4750 wpabuf_len(params->beacon_ies),
4751 wpabuf_head(params->beacon_ies)))
4752 goto fail;
4753 }
4754 if (params->proberesp_ies) {
4755 wpa_hexdump_buf(MSG_DEBUG, "nl80211: proberesp_ies",
4756 params->proberesp_ies);
4757 if (nla_put(msg, NL80211_ATTR_IE_PROBE_RESP,
4758 wpabuf_len(params->proberesp_ies),
4759 wpabuf_head(params->proberesp_ies)))
4760 goto fail;
4761 }
4762 if (params->assocresp_ies) {
4763 wpa_hexdump_buf(MSG_DEBUG, "nl80211: assocresp_ies",
4764 params->assocresp_ies);
4765 if (nla_put(msg, NL80211_ATTR_IE_ASSOC_RESP,
4766 wpabuf_len(params->assocresp_ies),
4767 wpabuf_head(params->assocresp_ies)))
4768 goto fail;
4769 }
4770
4771 if (drv->capa.flags & WPA_DRIVER_FLAGS_INACTIVITY_TIMER) {
4772 wpa_printf(MSG_DEBUG, "nl80211: ap_max_inactivity=%d",
4773 params->ap_max_inactivity);
4774 if (nla_put_u16(msg, NL80211_ATTR_INACTIVITY_TIMEOUT,
4775 params->ap_max_inactivity))
4776 goto fail;
4777 }
4778
4779 #ifdef CONFIG_P2P
4780 if (params->p2p_go_ctwindow > 0) {
4781 if (drv->p2p_go_ctwindow_supported) {
4782 wpa_printf(MSG_DEBUG, "nl80211: P2P GO ctwindow=%d",
4783 params->p2p_go_ctwindow);
4784 if (nla_put_u8(msg, NL80211_ATTR_P2P_CTWINDOW,
4785 params->p2p_go_ctwindow))
4786 goto fail;
4787 } else {
4788 wpa_printf(MSG_INFO,
4789 "nl80211: Driver does not support CTWindow configuration - ignore this parameter");
4790 }
4791 }
4792 #endif /* CONFIG_P2P */
4793
4794 if (params->pbss) {
4795 wpa_printf(MSG_DEBUG, "nl80211: PBSS");
4796 if (nla_put_flag(msg, NL80211_ATTR_PBSS))
4797 goto fail;
4798 }
4799
4800 if (params->ftm_responder) {
4801 struct nlattr *ftm;
4802
4803 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_FTM_RESPONDER)) {
4804 ret = -ENOTSUP;
4805 goto fail;
4806 }
4807
4808 ftm = nla_nest_start(msg, NL80211_ATTR_FTM_RESPONDER);
4809 if (!ftm ||
4810 nla_put_flag(msg, NL80211_FTM_RESP_ATTR_ENABLED) ||
4811 (params->lci &&
4812 nla_put(msg, NL80211_FTM_RESP_ATTR_LCI,
4813 wpabuf_len(params->lci),
4814 wpabuf_head(params->lci))) ||
4815 (params->civic &&
4816 nla_put(msg, NL80211_FTM_RESP_ATTR_CIVICLOC,
4817 wpabuf_len(params->civic),
4818 wpabuf_head(params->civic))))
4819 goto fail;
4820 nla_nest_end(msg, ftm);
4821 }
4822
4823 #ifdef CONFIG_IEEE80211AX
4824 if (params->he_spr_ctrl) {
4825 struct nlattr *spr;
4826
4827 spr = nla_nest_start(msg, NL80211_ATTR_HE_OBSS_PD);
4828 wpa_printf(MSG_DEBUG, "nl80211: he_spr_ctrl=0x%x",
4829 params->he_spr_ctrl);
4830
4831 if (!spr ||
4832 nla_put_u8(msg, NL80211_HE_OBSS_PD_ATTR_SR_CTRL,
4833 params->he_spr_ctrl) ||
4834 ((params->he_spr_ctrl &
4835 SPATIAL_REUSE_NON_SRG_OFFSET_PRESENT) &&
4836 nla_put_u8(msg, NL80211_HE_OBSS_PD_ATTR_NON_SRG_MAX_OFFSET,
4837 params->he_spr_non_srg_obss_pd_max_offset)))
4838 goto fail;
4839
4840 if ((params->he_spr_ctrl &
4841 SPATIAL_REUSE_SRG_INFORMATION_PRESENT) &&
4842 (nla_put_u8(msg, NL80211_HE_OBSS_PD_ATTR_MIN_OFFSET,
4843 params->he_spr_srg_obss_pd_min_offset) ||
4844 nla_put_u8(msg, NL80211_HE_OBSS_PD_ATTR_MAX_OFFSET,
4845 params->he_spr_srg_obss_pd_max_offset) ||
4846 nla_put(msg, NL80211_HE_OBSS_PD_ATTR_BSS_COLOR_BITMAP,
4847 sizeof(params->he_spr_bss_color_bitmap),
4848 params->he_spr_bss_color_bitmap) ||
4849 nla_put(msg, NL80211_HE_OBSS_PD_ATTR_PARTIAL_BSSID_BITMAP,
4850 sizeof(params->he_spr_partial_bssid_bitmap),
4851 params->he_spr_partial_bssid_bitmap)))
4852 goto fail;
4853
4854 nla_nest_end(msg, spr);
4855 }
4856
4857 if (params->freq && params->freq->he_enabled) {
4858 struct nlattr *bss_color;
4859
4860 bss_color = nla_nest_start(msg, NL80211_ATTR_HE_BSS_COLOR);
4861 if (!bss_color ||
4862 (params->he_bss_color_disabled &&
4863 nla_put_flag(msg, NL80211_HE_BSS_COLOR_ATTR_DISABLED)) ||
4864 (params->he_bss_color_partial &&
4865 nla_put_flag(msg, NL80211_HE_BSS_COLOR_ATTR_PARTIAL)) ||
4866 nla_put_u8(msg, NL80211_HE_BSS_COLOR_ATTR_COLOR,
4867 params->he_bss_color))
4868 goto fail;
4869 nla_nest_end(msg, bss_color);
4870 }
4871
4872 if (params->twt_responder) {
4873 wpa_printf(MSG_DEBUG, "nl80211: twt_responder=%d",
4874 params->twt_responder);
4875 if (nla_put_flag(msg, NL80211_ATTR_TWT_RESPONDER))
4876 goto fail;
4877 }
4878
4879 if (params->unsol_bcast_probe_resp_interval &&
4880 nl80211_unsol_bcast_probe_resp(bss, msg, params) < 0)
4881 goto fail;
4882 #endif /* CONFIG_IEEE80211AX */
4883
4884 #ifdef CONFIG_SAE
4885 if (((params->key_mgmt_suites & WPA_KEY_MGMT_SAE) ||
4886 (params->key_mgmt_suites & WPA_KEY_MGMT_FT_SAE)) &&
4887 nl80211_put_sae_pwe(msg, params->sae_pwe) < 0)
4888 goto fail;
4889 #endif /* CONFIG_SAE */
4890
4891 #ifdef CONFIG_FILS
4892 if (params->fd_max_int && nl80211_fils_discovery(bss, msg, params) < 0)
4893 goto fail;
4894 #endif /* CONFIG_FILS */
4895
4896 ret = send_and_recv_msgs_owner(drv, msg, get_connect_handle(bss), 1,
4897 NULL, NULL, NULL, NULL);
4898 if (ret) {
4899 wpa_printf(MSG_DEBUG, "nl80211: Beacon set failed: %d (%s)",
4900 ret, strerror(-ret));
4901 } else {
4902 bss->beacon_set = 1;
4903 nl80211_set_bss(bss, params->cts_protect, params->preamble,
4904 params->short_slot_time, params->ht_opmode,
4905 params->isolate, params->basic_rates);
4906 nl80211_set_multicast_to_unicast(bss,
4907 params->multicast_to_unicast);
4908 if (beacon_set && params->freq &&
4909 params->freq->bandwidth != bss->bandwidth) {
4910 wpa_printf(MSG_DEBUG,
4911 "nl80211: Update BSS %s bandwidth: %d -> %d",
4912 bss->ifname, bss->bandwidth,
4913 params->freq->bandwidth);
4914 ret = nl80211_set_channel(bss, params->freq, 1);
4915 if (ret) {
4916 wpa_printf(MSG_DEBUG,
4917 "nl80211: Frequency set failed: %d (%s)",
4918 ret, strerror(-ret));
4919 } else {
4920 wpa_printf(MSG_DEBUG,
4921 "nl80211: Frequency set succeeded for ht2040 coex");
4922 bss->bandwidth = params->freq->bandwidth;
4923 }
4924 } else if (!beacon_set && params->freq) {
4925 /*
4926 * cfg80211 updates the driver on frequence change in AP
4927 * mode only at the point when beaconing is started, so
4928 * set the initial value here.
4929 */
4930 bss->bandwidth = params->freq->bandwidth;
4931 }
4932 }
4933
4934 #ifdef CONFIG_MESH
4935 if (is_mesh_interface(drv->nlmode) && params->ht_opmode != -1) {
4936 os_memset(&mesh_params, 0, sizeof(mesh_params));
4937 mesh_params.flags |= WPA_DRIVER_MESH_CONF_FLAG_HT_OP_MODE;
4938 mesh_params.ht_opmode = params->ht_opmode;
4939 ret = nl80211_set_mesh_config(priv, &mesh_params);
4940 if (ret < 0)
4941 return ret;
4942 }
4943 #endif /* CONFIG_MESH */
4944
4945 return ret;
4946 fail:
4947 nlmsg_free(msg);
4948 return ret;
4949 }
4950
4951
nl80211_put_freq_params(struct nl_msg * msg,const struct hostapd_freq_params * freq)4952 static int nl80211_put_freq_params(struct nl_msg *msg,
4953 const struct hostapd_freq_params *freq)
4954 {
4955 enum hostapd_hw_mode hw_mode;
4956 int is_24ghz;
4957 u8 channel;
4958
4959 wpa_printf(MSG_DEBUG, " * freq=%d", freq->freq);
4960 if (nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, freq->freq))
4961 return -ENOBUFS;
4962
4963 wpa_printf(MSG_DEBUG, " * he_enabled=%d", freq->he_enabled);
4964 wpa_printf(MSG_DEBUG, " * vht_enabled=%d", freq->vht_enabled);
4965 wpa_printf(MSG_DEBUG, " * ht_enabled=%d", freq->ht_enabled);
4966
4967 hw_mode = ieee80211_freq_to_chan(freq->freq, &channel);
4968 is_24ghz = hw_mode == HOSTAPD_MODE_IEEE80211G ||
4969 hw_mode == HOSTAPD_MODE_IEEE80211B;
4970
4971 if (freq->vht_enabled || (freq->he_enabled && !is_24ghz)) {
4972 enum nl80211_chan_width cw;
4973
4974 wpa_printf(MSG_DEBUG, " * bandwidth=%d", freq->bandwidth);
4975 switch (freq->bandwidth) {
4976 case 20:
4977 cw = NL80211_CHAN_WIDTH_20;
4978 break;
4979 case 40:
4980 cw = NL80211_CHAN_WIDTH_40;
4981 break;
4982 case 80:
4983 if (freq->center_freq2)
4984 cw = NL80211_CHAN_WIDTH_80P80;
4985 else
4986 cw = NL80211_CHAN_WIDTH_80;
4987 break;
4988 case 160:
4989 cw = NL80211_CHAN_WIDTH_160;
4990 break;
4991 default:
4992 return -EINVAL;
4993 }
4994
4995 wpa_printf(MSG_DEBUG, " * channel_width=%d", cw);
4996 wpa_printf(MSG_DEBUG, " * center_freq1=%d",
4997 freq->center_freq1);
4998 wpa_printf(MSG_DEBUG, " * center_freq2=%d",
4999 freq->center_freq2);
5000 if (nla_put_u32(msg, NL80211_ATTR_CHANNEL_WIDTH, cw) ||
5001 nla_put_u32(msg, NL80211_ATTR_CENTER_FREQ1,
5002 freq->center_freq1) ||
5003 (freq->center_freq2 &&
5004 nla_put_u32(msg, NL80211_ATTR_CENTER_FREQ2,
5005 freq->center_freq2)))
5006 return -ENOBUFS;
5007 } else if (freq->ht_enabled) {
5008 enum nl80211_channel_type ct;
5009
5010 wpa_printf(MSG_DEBUG, " * sec_channel_offset=%d",
5011 freq->sec_channel_offset);
5012 switch (freq->sec_channel_offset) {
5013 case -1:
5014 ct = NL80211_CHAN_HT40MINUS;
5015 break;
5016 case 1:
5017 ct = NL80211_CHAN_HT40PLUS;
5018 break;
5019 default:
5020 ct = NL80211_CHAN_HT20;
5021 break;
5022 }
5023
5024 wpa_printf(MSG_DEBUG, " * channel_type=%d", ct);
5025 if (nla_put_u32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE, ct))
5026 return -ENOBUFS;
5027 } else if (freq->edmg.channels && freq->edmg.bw_config) {
5028 wpa_printf(MSG_DEBUG,
5029 " * EDMG configuration: channels=0x%x bw_config=%d",
5030 freq->edmg.channels, freq->edmg.bw_config);
5031 if (nla_put_u8(msg, NL80211_ATTR_WIPHY_EDMG_CHANNELS,
5032 freq->edmg.channels) ||
5033 nla_put_u8(msg, NL80211_ATTR_WIPHY_EDMG_BW_CONFIG,
5034 freq->edmg.bw_config))
5035 return -1;
5036 } else {
5037 wpa_printf(MSG_DEBUG, " * channel_type=%d",
5038 NL80211_CHAN_NO_HT);
5039 if (nla_put_u32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE,
5040 NL80211_CHAN_NO_HT))
5041 return -ENOBUFS;
5042 }
5043 return 0;
5044 }
5045
5046
nl80211_set_channel(struct i802_bss * bss,struct hostapd_freq_params * freq,int set_chan)5047 static int nl80211_set_channel(struct i802_bss *bss,
5048 struct hostapd_freq_params *freq, int set_chan)
5049 {
5050 struct wpa_driver_nl80211_data *drv = bss->drv;
5051 struct nl_msg *msg;
5052 int ret;
5053
5054 wpa_printf(MSG_DEBUG,
5055 "nl80211: Set freq %d (ht_enabled=%d, vht_enabled=%d, he_enabled=%d, bandwidth=%d MHz, cf1=%d MHz, cf2=%d MHz)",
5056 freq->freq, freq->ht_enabled, freq->vht_enabled, freq->he_enabled,
5057 freq->bandwidth, freq->center_freq1, freq->center_freq2);
5058
5059 msg = nl80211_drv_msg(drv, 0, set_chan ? NL80211_CMD_SET_CHANNEL :
5060 NL80211_CMD_SET_WIPHY);
5061 if (!msg || nl80211_put_freq_params(msg, freq) < 0) {
5062 nlmsg_free(msg);
5063 return -1;
5064 }
5065
5066 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
5067 if (ret == 0) {
5068 bss->freq = freq->freq;
5069 return 0;
5070 }
5071 wpa_printf(MSG_DEBUG, "nl80211: Failed to set channel (freq=%d): "
5072 "%d (%s)", freq->freq, ret, strerror(-ret));
5073 return -1;
5074 }
5075
5076
sta_flags_nl80211(int flags)5077 static u32 sta_flags_nl80211(int flags)
5078 {
5079 u32 f = 0;
5080
5081 if (flags & WPA_STA_AUTHORIZED)
5082 f |= BIT(NL80211_STA_FLAG_AUTHORIZED);
5083 if (flags & WPA_STA_WMM)
5084 f |= BIT(NL80211_STA_FLAG_WME);
5085 if (flags & WPA_STA_SHORT_PREAMBLE)
5086 f |= BIT(NL80211_STA_FLAG_SHORT_PREAMBLE);
5087 if (flags & WPA_STA_MFP)
5088 f |= BIT(NL80211_STA_FLAG_MFP);
5089 if (flags & WPA_STA_TDLS_PEER)
5090 f |= BIT(NL80211_STA_FLAG_TDLS_PEER);
5091 if (flags & WPA_STA_AUTHENTICATED)
5092 f |= BIT(NL80211_STA_FLAG_AUTHENTICATED);
5093 if (flags & WPA_STA_ASSOCIATED)
5094 f |= BIT(NL80211_STA_FLAG_ASSOCIATED);
5095
5096 return f;
5097 }
5098
5099
5100 #ifdef CONFIG_MESH
sta_plink_state_nl80211(enum mesh_plink_state state)5101 static u32 sta_plink_state_nl80211(enum mesh_plink_state state)
5102 {
5103 switch (state) {
5104 case PLINK_IDLE:
5105 return NL80211_PLINK_LISTEN;
5106 case PLINK_OPN_SNT:
5107 return NL80211_PLINK_OPN_SNT;
5108 case PLINK_OPN_RCVD:
5109 return NL80211_PLINK_OPN_RCVD;
5110 case PLINK_CNF_RCVD:
5111 return NL80211_PLINK_CNF_RCVD;
5112 case PLINK_ESTAB:
5113 return NL80211_PLINK_ESTAB;
5114 case PLINK_HOLDING:
5115 return NL80211_PLINK_HOLDING;
5116 case PLINK_BLOCKED:
5117 return NL80211_PLINK_BLOCKED;
5118 default:
5119 wpa_printf(MSG_ERROR, "nl80211: Invalid mesh plink state %d",
5120 state);
5121 }
5122 return -1;
5123 }
5124 #endif /* CONFIG_MESH */
5125
5126
wpa_driver_nl80211_sta_add(void * priv,struct hostapd_sta_add_params * params)5127 static int wpa_driver_nl80211_sta_add(void *priv,
5128 struct hostapd_sta_add_params *params)
5129 {
5130 struct i802_bss *bss = priv;
5131 struct wpa_driver_nl80211_data *drv = bss->drv;
5132 struct nl_msg *msg;
5133 struct nl80211_sta_flag_update upd;
5134 int ret = -ENOBUFS;
5135
5136 if ((params->flags & WPA_STA_TDLS_PEER) &&
5137 !(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT))
5138 return -EOPNOTSUPP;
5139
5140 wpa_printf(MSG_DEBUG, "nl80211: %s STA " MACSTR,
5141 params->set ? "Set" : "Add", MAC2STR(params->addr));
5142 msg = nl80211_bss_msg(bss, 0, params->set ? NL80211_CMD_SET_STATION :
5143 NL80211_CMD_NEW_STATION);
5144 if (!msg || nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, params->addr))
5145 goto fail;
5146
5147 /*
5148 * Set the below properties only in one of the following cases:
5149 * 1. New station is added, already associated.
5150 * 2. Set WPA_STA_TDLS_PEER station.
5151 * 3. Set an already added unassociated station, if driver supports
5152 * full AP client state. (Set these properties after station became
5153 * associated will be rejected by the driver).
5154 */
5155 if (!params->set || (params->flags & WPA_STA_TDLS_PEER) ||
5156 (params->set && FULL_AP_CLIENT_STATE_SUPP(drv->capa.flags) &&
5157 (params->flags & WPA_STA_ASSOCIATED))) {
5158 wpa_hexdump(MSG_DEBUG, " * supported rates",
5159 params->supp_rates, params->supp_rates_len);
5160 wpa_printf(MSG_DEBUG, " * capability=0x%x",
5161 params->capability);
5162 if (nla_put(msg, NL80211_ATTR_STA_SUPPORTED_RATES,
5163 params->supp_rates_len, params->supp_rates) ||
5164 nla_put_u16(msg, NL80211_ATTR_STA_CAPABILITY,
5165 params->capability))
5166 goto fail;
5167
5168 if (params->ht_capabilities) {
5169 wpa_hexdump(MSG_DEBUG, " * ht_capabilities",
5170 (u8 *) params->ht_capabilities,
5171 sizeof(*params->ht_capabilities));
5172 if (nla_put(msg, NL80211_ATTR_HT_CAPABILITY,
5173 sizeof(*params->ht_capabilities),
5174 params->ht_capabilities))
5175 goto fail;
5176 }
5177
5178 if (params->vht_capabilities) {
5179 wpa_hexdump(MSG_DEBUG, " * vht_capabilities",
5180 (u8 *) params->vht_capabilities,
5181 sizeof(*params->vht_capabilities));
5182 if (nla_put(msg, NL80211_ATTR_VHT_CAPABILITY,
5183 sizeof(*params->vht_capabilities),
5184 params->vht_capabilities))
5185 goto fail;
5186 }
5187
5188 if (params->he_capab) {
5189 wpa_hexdump(MSG_DEBUG, " * he_capab",
5190 params->he_capab, params->he_capab_len);
5191 if (nla_put(msg, NL80211_ATTR_HE_CAPABILITY,
5192 params->he_capab_len, params->he_capab))
5193 goto fail;
5194 }
5195
5196 if (params->he_6ghz_capab) {
5197 wpa_hexdump(MSG_DEBUG, " * he_6ghz_capab",
5198 params->he_6ghz_capab,
5199 sizeof(*params->he_6ghz_capab));
5200 if (nla_put(msg, NL80211_ATTR_HE_6GHZ_CAPABILITY,
5201 sizeof(*params->he_6ghz_capab),
5202 params->he_6ghz_capab))
5203 goto fail;
5204 }
5205
5206 if (params->ext_capab) {
5207 wpa_hexdump(MSG_DEBUG, " * ext_capab",
5208 params->ext_capab, params->ext_capab_len);
5209 if (nla_put(msg, NL80211_ATTR_STA_EXT_CAPABILITY,
5210 params->ext_capab_len, params->ext_capab))
5211 goto fail;
5212 }
5213
5214 if (is_ap_interface(drv->nlmode) &&
5215 nla_put_u8(msg, NL80211_ATTR_STA_SUPPORT_P2P_PS,
5216 params->support_p2p_ps ?
5217 NL80211_P2P_PS_SUPPORTED :
5218 NL80211_P2P_PS_UNSUPPORTED))
5219 goto fail;
5220 }
5221 if (!params->set) {
5222 if (params->aid) {
5223 wpa_printf(MSG_DEBUG, " * aid=%u", params->aid);
5224 if (nla_put_u16(msg, NL80211_ATTR_STA_AID, params->aid))
5225 goto fail;
5226 } else {
5227 /*
5228 * cfg80211 validates that AID is non-zero, so we have
5229 * to make this a non-zero value for the TDLS case where
5230 * a dummy STA entry is used for now and for a station
5231 * that is still not associated.
5232 */
5233 wpa_printf(MSG_DEBUG, " * aid=1 (%s workaround)",
5234 (params->flags & WPA_STA_TDLS_PEER) ?
5235 "TDLS" : "UNASSOC_STA");
5236 if (nla_put_u16(msg, NL80211_ATTR_STA_AID, 1))
5237 goto fail;
5238 }
5239 wpa_printf(MSG_DEBUG, " * listen_interval=%u",
5240 params->listen_interval);
5241 if (nla_put_u16(msg, NL80211_ATTR_STA_LISTEN_INTERVAL,
5242 params->listen_interval))
5243 goto fail;
5244 } else if (params->aid && (params->flags & WPA_STA_TDLS_PEER)) {
5245 wpa_printf(MSG_DEBUG, " * peer_aid=%u", params->aid);
5246 if (nla_put_u16(msg, NL80211_ATTR_PEER_AID, params->aid))
5247 goto fail;
5248 } else if (FULL_AP_CLIENT_STATE_SUPP(drv->capa.flags) &&
5249 (params->flags & WPA_STA_ASSOCIATED)) {
5250 wpa_printf(MSG_DEBUG, " * aid=%u", params->aid);
5251 wpa_printf(MSG_DEBUG, " * listen_interval=%u",
5252 params->listen_interval);
5253 if (nla_put_u16(msg, NL80211_ATTR_STA_AID, params->aid) ||
5254 nla_put_u16(msg, NL80211_ATTR_STA_LISTEN_INTERVAL,
5255 params->listen_interval))
5256 goto fail;
5257 }
5258
5259 if (params->vht_opmode_enabled) {
5260 wpa_printf(MSG_DEBUG, " * opmode=%u", params->vht_opmode);
5261 if (nla_put_u8(msg, NL80211_ATTR_OPMODE_NOTIF,
5262 params->vht_opmode))
5263 goto fail;
5264 }
5265
5266 if (params->supp_channels) {
5267 wpa_hexdump(MSG_DEBUG, " * supported channels",
5268 params->supp_channels, params->supp_channels_len);
5269 if (nla_put(msg, NL80211_ATTR_STA_SUPPORTED_CHANNELS,
5270 params->supp_channels_len, params->supp_channels))
5271 goto fail;
5272 }
5273
5274 if (params->supp_oper_classes) {
5275 wpa_hexdump(MSG_DEBUG, " * supported operating classes",
5276 params->supp_oper_classes,
5277 params->supp_oper_classes_len);
5278 if (nla_put(msg, NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES,
5279 params->supp_oper_classes_len,
5280 params->supp_oper_classes))
5281 goto fail;
5282 }
5283
5284 os_memset(&upd, 0, sizeof(upd));
5285 upd.set = sta_flags_nl80211(params->flags);
5286 upd.mask = upd.set | sta_flags_nl80211(params->flags_mask);
5287
5288 /*
5289 * If the driver doesn't support full AP client state, ignore ASSOC/AUTH
5290 * flags, as nl80211 driver moves a new station, by default, into
5291 * associated state.
5292 *
5293 * On the other hand, if the driver supports that feature and the
5294 * station is added in unauthenticated state, set the
5295 * authenticated/associated bits in the mask to prevent moving this
5296 * station to associated state before it is actually associated.
5297 *
5298 * This is irrelevant for mesh mode where the station is added to the
5299 * driver as authenticated already, and ASSOCIATED isn't part of the
5300 * nl80211 API.
5301 */
5302 if (!is_mesh_interface(drv->nlmode)) {
5303 if (!FULL_AP_CLIENT_STATE_SUPP(drv->capa.flags)) {
5304 wpa_printf(MSG_DEBUG,
5305 "nl80211: Ignore ASSOC/AUTH flags since driver doesn't support full AP client state");
5306 upd.mask &= ~(BIT(NL80211_STA_FLAG_ASSOCIATED) |
5307 BIT(NL80211_STA_FLAG_AUTHENTICATED));
5308 } else if (!params->set &&
5309 !(params->flags & WPA_STA_TDLS_PEER)) {
5310 if (!(params->flags & WPA_STA_AUTHENTICATED))
5311 upd.mask |= BIT(NL80211_STA_FLAG_AUTHENTICATED);
5312 if (!(params->flags & WPA_STA_ASSOCIATED))
5313 upd.mask |= BIT(NL80211_STA_FLAG_ASSOCIATED);
5314 }
5315 #ifdef CONFIG_MESH
5316 } else {
5317 if (params->plink_state == PLINK_ESTAB && params->peer_aid) {
5318 ret = nla_put_u16(msg, NL80211_ATTR_MESH_PEER_AID,
5319 params->peer_aid);
5320 if (ret)
5321 goto fail;
5322 }
5323 #endif /* CONFIG_MESH */
5324 }
5325
5326 wpa_printf(MSG_DEBUG, " * flags set=0x%x mask=0x%x",
5327 upd.set, upd.mask);
5328 if (nla_put(msg, NL80211_ATTR_STA_FLAGS2, sizeof(upd), &upd))
5329 goto fail;
5330
5331 #ifdef CONFIG_MESH
5332 if (params->plink_state &&
5333 nla_put_u8(msg, NL80211_ATTR_STA_PLINK_STATE,
5334 sta_plink_state_nl80211(params->plink_state)))
5335 goto fail;
5336 #endif /* CONFIG_MESH */
5337
5338 if ((!params->set || (params->flags & WPA_STA_TDLS_PEER) ||
5339 FULL_AP_CLIENT_STATE_SUPP(drv->capa.flags)) &&
5340 (params->flags & WPA_STA_WMM)) {
5341 struct nlattr *wme = nla_nest_start(msg, NL80211_ATTR_STA_WME);
5342
5343 wpa_printf(MSG_DEBUG, " * qosinfo=0x%x", params->qosinfo);
5344 if (!wme ||
5345 nla_put_u8(msg, NL80211_STA_WME_UAPSD_QUEUES,
5346 params->qosinfo & WMM_QOSINFO_STA_AC_MASK) ||
5347 nla_put_u8(msg, NL80211_STA_WME_MAX_SP,
5348 (params->qosinfo >> WMM_QOSINFO_STA_SP_SHIFT) &
5349 WMM_QOSINFO_STA_SP_MASK))
5350 goto fail;
5351 nla_nest_end(msg, wme);
5352 }
5353
5354 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
5355 msg = NULL;
5356 if (ret)
5357 wpa_printf(MSG_DEBUG, "nl80211: NL80211_CMD_%s_STATION "
5358 "result: %d (%s)", params->set ? "SET" : "NEW", ret,
5359 strerror(-ret));
5360 if (ret == -EEXIST)
5361 ret = 0;
5362 fail:
5363 nlmsg_free(msg);
5364 return ret;
5365 }
5366
5367
rtnl_neigh_delete_fdb_entry(struct i802_bss * bss,const u8 * addr)5368 static void rtnl_neigh_delete_fdb_entry(struct i802_bss *bss, const u8 *addr)
5369 {
5370 #ifdef CONFIG_LIBNL3_ROUTE
5371 struct wpa_driver_nl80211_data *drv = bss->drv;
5372 struct rtnl_neigh *rn;
5373 struct nl_addr *nl_addr;
5374 int err;
5375
5376 rn = rtnl_neigh_alloc();
5377 if (!rn)
5378 return;
5379
5380 rtnl_neigh_set_family(rn, AF_BRIDGE);
5381 rtnl_neigh_set_ifindex(rn, bss->ifindex);
5382 nl_addr = nl_addr_build(AF_BRIDGE, (void *) addr, ETH_ALEN);
5383 if (!nl_addr) {
5384 rtnl_neigh_put(rn);
5385 return;
5386 }
5387 rtnl_neigh_set_lladdr(rn, nl_addr);
5388
5389 err = rtnl_neigh_delete(drv->rtnl_sk, rn, 0);
5390 if (err < 0) {
5391 wpa_printf(MSG_DEBUG, "nl80211: bridge FDB entry delete for "
5392 MACSTR " ifindex=%d failed: %s", MAC2STR(addr),
5393 bss->ifindex, nl_geterror(err));
5394 } else {
5395 wpa_printf(MSG_DEBUG, "nl80211: deleted bridge FDB entry for "
5396 MACSTR, MAC2STR(addr));
5397 }
5398
5399 nl_addr_put(nl_addr);
5400 rtnl_neigh_put(rn);
5401 #endif /* CONFIG_LIBNL3_ROUTE */
5402 }
5403
5404
wpa_driver_nl80211_sta_remove(struct i802_bss * bss,const u8 * addr,int deauth,u16 reason_code)5405 static int wpa_driver_nl80211_sta_remove(struct i802_bss *bss, const u8 *addr,
5406 int deauth, u16 reason_code)
5407 {
5408 struct wpa_driver_nl80211_data *drv = bss->drv;
5409 struct nl_msg *msg;
5410 int ret;
5411
5412 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_DEL_STATION)) ||
5413 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr) ||
5414 (deauth == 0 &&
5415 nla_put_u8(msg, NL80211_ATTR_MGMT_SUBTYPE,
5416 WLAN_FC_STYPE_DISASSOC)) ||
5417 (deauth == 1 &&
5418 nla_put_u8(msg, NL80211_ATTR_MGMT_SUBTYPE,
5419 WLAN_FC_STYPE_DEAUTH)) ||
5420 (reason_code &&
5421 nla_put_u16(msg, NL80211_ATTR_REASON_CODE, reason_code))) {
5422 nlmsg_free(msg);
5423 return -ENOBUFS;
5424 }
5425
5426 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
5427 wpa_printf(MSG_DEBUG, "nl80211: sta_remove -> DEL_STATION %s " MACSTR
5428 " --> %d (%s)",
5429 bss->ifname, MAC2STR(addr), ret, strerror(-ret));
5430
5431 if (drv->rtnl_sk)
5432 rtnl_neigh_delete_fdb_entry(bss, addr);
5433
5434 if (ret == -ENOENT)
5435 return 0;
5436 return ret;
5437 }
5438
5439
nl80211_remove_iface(struct wpa_driver_nl80211_data * drv,int ifidx)5440 void nl80211_remove_iface(struct wpa_driver_nl80211_data *drv, int ifidx)
5441 {
5442 struct nl_msg *msg;
5443 struct wpa_driver_nl80211_data *drv2;
5444
5445 wpa_printf(MSG_DEBUG, "nl80211: Remove interface ifindex=%d", ifidx);
5446
5447 /* stop listening for EAPOL on this interface */
5448 dl_list_for_each(drv2, &drv->global->interfaces,
5449 struct wpa_driver_nl80211_data, list)
5450 {
5451 del_ifidx(drv2, ifidx, IFIDX_ANY);
5452 /* Remove all bridges learned for this iface */
5453 del_ifidx(drv2, IFIDX_ANY, ifidx);
5454 }
5455
5456 msg = nl80211_ifindex_msg(drv, ifidx, 0, NL80211_CMD_DEL_INTERFACE);
5457 if (send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL) == 0)
5458 return;
5459 wpa_printf(MSG_ERROR, "Failed to remove interface (ifidx=%d)", ifidx);
5460 }
5461
5462
nl80211_iftype_str(enum nl80211_iftype mode)5463 const char * nl80211_iftype_str(enum nl80211_iftype mode)
5464 {
5465 switch (mode) {
5466 case NL80211_IFTYPE_ADHOC:
5467 return "ADHOC";
5468 case NL80211_IFTYPE_STATION:
5469 return "STATION";
5470 case NL80211_IFTYPE_AP:
5471 return "AP";
5472 case NL80211_IFTYPE_AP_VLAN:
5473 return "AP_VLAN";
5474 case NL80211_IFTYPE_WDS:
5475 return "WDS";
5476 case NL80211_IFTYPE_MONITOR:
5477 return "MONITOR";
5478 case NL80211_IFTYPE_MESH_POINT:
5479 return "MESH_POINT";
5480 case NL80211_IFTYPE_P2P_CLIENT:
5481 return "P2P_CLIENT";
5482 case NL80211_IFTYPE_P2P_GO:
5483 return "P2P_GO";
5484 case NL80211_IFTYPE_P2P_DEVICE:
5485 return "P2P_DEVICE";
5486 case NL80211_IFTYPE_OCB:
5487 return "OCB";
5488 case NL80211_IFTYPE_NAN:
5489 return "NAN";
5490 default:
5491 return "unknown";
5492 }
5493 }
5494
5495
nl80211_create_iface_once(struct wpa_driver_nl80211_data * drv,const char * ifname,enum nl80211_iftype iftype,const u8 * addr,int wds,int (* handler)(struct nl_msg *,void *),void * arg)5496 static int nl80211_create_iface_once(struct wpa_driver_nl80211_data *drv,
5497 const char *ifname,
5498 enum nl80211_iftype iftype,
5499 const u8 *addr, int wds,
5500 int (*handler)(struct nl_msg *, void *),
5501 void *arg)
5502 {
5503 struct nl_msg *msg;
5504 int ifidx;
5505 int ret = -ENOBUFS;
5506
5507 wpa_printf(MSG_DEBUG, "nl80211: Create interface iftype %d (%s)",
5508 iftype, nl80211_iftype_str(iftype));
5509
5510 msg = nl80211_cmd_msg(drv->first_bss, 0, NL80211_CMD_NEW_INTERFACE);
5511 if (!msg ||
5512 nla_put_string(msg, NL80211_ATTR_IFNAME, ifname) ||
5513 nla_put_u32(msg, NL80211_ATTR_IFTYPE, iftype))
5514 goto fail;
5515
5516 if (iftype == NL80211_IFTYPE_MONITOR) {
5517 struct nlattr *flags;
5518
5519 flags = nla_nest_start(msg, NL80211_ATTR_MNTR_FLAGS);
5520 if (!flags ||
5521 nla_put_flag(msg, NL80211_MNTR_FLAG_COOK_FRAMES))
5522 goto fail;
5523
5524 nla_nest_end(msg, flags);
5525 } else if (wds) {
5526 if (nla_put_u8(msg, NL80211_ATTR_4ADDR, wds))
5527 goto fail;
5528 }
5529
5530 /*
5531 * Tell cfg80211 that the interface belongs to the socket that created
5532 * it, and the interface should be deleted when the socket is closed.
5533 */
5534 if (nla_put_flag(msg, NL80211_ATTR_IFACE_SOCKET_OWNER))
5535 goto fail;
5536
5537 if ((addr && iftype == NL80211_IFTYPE_P2P_DEVICE) &&
5538 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr))
5539 goto fail;
5540
5541 ret = send_and_recv_msgs(drv, msg, handler, arg, NULL, NULL);
5542 msg = NULL;
5543 if (ret) {
5544 fail:
5545 nlmsg_free(msg);
5546 wpa_printf(MSG_ERROR, "Failed to create interface %s: %d (%s)",
5547 ifname, ret, strerror(-ret));
5548 return ret;
5549 }
5550
5551 if (iftype == NL80211_IFTYPE_P2P_DEVICE)
5552 return 0;
5553
5554 ifidx = if_nametoindex(ifname);
5555 wpa_printf(MSG_DEBUG, "nl80211: New interface %s created: ifindex=%d",
5556 ifname, ifidx);
5557
5558 if (ifidx <= 0)
5559 return -1;
5560
5561 /*
5562 * Some virtual interfaces need to process EAPOL packets and events on
5563 * the parent interface. This is used mainly with hostapd.
5564 */
5565 if (drv->hostapd ||
5566 iftype == NL80211_IFTYPE_AP_VLAN ||
5567 iftype == NL80211_IFTYPE_WDS ||
5568 iftype == NL80211_IFTYPE_MONITOR) {
5569 /* start listening for EAPOL on this interface */
5570 add_ifidx(drv, ifidx, IFIDX_ANY);
5571 }
5572
5573 if (addr && iftype != NL80211_IFTYPE_MONITOR &&
5574 linux_set_ifhwaddr(drv->global->ioctl_sock, ifname, addr)) {
5575 nl80211_remove_iface(drv, ifidx);
5576 return -1;
5577 }
5578
5579 return ifidx;
5580 }
5581
5582
nl80211_create_iface(struct wpa_driver_nl80211_data * drv,const char * ifname,enum nl80211_iftype iftype,const u8 * addr,int wds,int (* handler)(struct nl_msg *,void *),void * arg,int use_existing)5583 int nl80211_create_iface(struct wpa_driver_nl80211_data *drv,
5584 const char *ifname, enum nl80211_iftype iftype,
5585 const u8 *addr, int wds,
5586 int (*handler)(struct nl_msg *, void *),
5587 void *arg, int use_existing)
5588 {
5589 int ret;
5590
5591 ret = nl80211_create_iface_once(drv, ifname, iftype, addr, wds, handler,
5592 arg);
5593
5594 /* if error occurred and interface exists already */
5595 if (ret == -ENFILE && if_nametoindex(ifname)) {
5596 if (use_existing) {
5597 wpa_printf(MSG_DEBUG, "nl80211: Continue using existing interface %s",
5598 ifname);
5599 if (addr && iftype != NL80211_IFTYPE_MONITOR &&
5600 linux_set_ifhwaddr(drv->global->ioctl_sock, ifname,
5601 addr) < 0 &&
5602 (linux_set_iface_flags(drv->global->ioctl_sock,
5603 ifname, 0) < 0 ||
5604 linux_set_ifhwaddr(drv->global->ioctl_sock, ifname,
5605 addr) < 0 ||
5606 linux_set_iface_flags(drv->global->ioctl_sock,
5607 ifname, 1) < 0))
5608 return -1;
5609 return -ENFILE;
5610 }
5611 wpa_printf(MSG_INFO, "Try to remove and re-create %s", ifname);
5612
5613 /* Try to remove the interface that was already there. */
5614 nl80211_remove_iface(drv, if_nametoindex(ifname));
5615
5616 /* Try to create the interface again */
5617 ret = nl80211_create_iface_once(drv, ifname, iftype, addr,
5618 wds, handler, arg);
5619 }
5620
5621 if (ret >= 0 && is_p2p_net_interface(iftype)) {
5622 wpa_printf(MSG_DEBUG,
5623 "nl80211: Interface %s created for P2P - disable 11b rates",
5624 ifname);
5625 nl80211_disable_11b_rates(drv, ret, 1);
5626 }
5627
5628 return ret;
5629 }
5630
5631
nl80211_setup_ap(struct i802_bss * bss)5632 static int nl80211_setup_ap(struct i802_bss *bss)
5633 {
5634 struct wpa_driver_nl80211_data *drv = bss->drv;
5635
5636 wpa_printf(MSG_DEBUG, "nl80211: Setup AP(%s) - device_ap_sme=%d use_monitor=%d",
5637 bss->ifname, drv->device_ap_sme, drv->use_monitor);
5638
5639 /*
5640 * Disable Probe Request reporting unless we need it in this way for
5641 * devices that include the AP SME, in the other case (unless using
5642 * monitor iface) we'll get it through the nl_mgmt socket instead.
5643 */
5644 if (!drv->device_ap_sme)
5645 wpa_driver_nl80211_probe_req_report(bss, 0);
5646
5647 if (!drv->device_ap_sme && !drv->use_monitor)
5648 if (nl80211_mgmt_subscribe_ap(bss))
5649 return -1;
5650
5651 if (drv->device_ap_sme && !drv->use_monitor)
5652 if (nl80211_mgmt_subscribe_ap_dev_sme(bss))
5653 wpa_printf(MSG_DEBUG,
5654 "nl80211: Failed to subscribe for mgmt frames from SME driver - trying to run without it");
5655
5656 if (!drv->device_ap_sme && drv->use_monitor &&
5657 nl80211_create_monitor_interface(drv) &&
5658 !drv->device_ap_sme)
5659 return -1;
5660
5661 if (drv->device_ap_sme &&
5662 wpa_driver_nl80211_probe_req_report(bss, 1) < 0) {
5663 wpa_printf(MSG_DEBUG, "nl80211: Failed to enable "
5664 "Probe Request frame reporting in AP mode");
5665 /* Try to survive without this */
5666 }
5667
5668 return 0;
5669 }
5670
5671
nl80211_teardown_ap(struct i802_bss * bss)5672 static void nl80211_teardown_ap(struct i802_bss *bss)
5673 {
5674 struct wpa_driver_nl80211_data *drv = bss->drv;
5675
5676 wpa_printf(MSG_DEBUG, "nl80211: Teardown AP(%s) - device_ap_sme=%d use_monitor=%d",
5677 bss->ifname, drv->device_ap_sme, drv->use_monitor);
5678 if (drv->device_ap_sme) {
5679 wpa_driver_nl80211_probe_req_report(bss, 0);
5680 if (!drv->use_monitor)
5681 nl80211_mgmt_unsubscribe(bss, "AP teardown (dev SME)");
5682 } else if (drv->use_monitor)
5683 nl80211_remove_monitor_interface(drv);
5684 else
5685 nl80211_mgmt_unsubscribe(bss, "AP teardown");
5686
5687 nl80211_put_wiphy_data_ap(bss);
5688 bss->beacon_set = 0;
5689 }
5690
5691
nl80211_tx_control_port(void * priv,const u8 * dest,u16 proto,const u8 * buf,size_t len,int no_encrypt)5692 static int nl80211_tx_control_port(void *priv, const u8 *dest,
5693 u16 proto, const u8 *buf, size_t len,
5694 int no_encrypt)
5695 {
5696 struct nl80211_ack_ext_arg ext_arg;
5697 struct i802_bss *bss = priv;
5698 struct nl_msg *msg;
5699 u64 cookie = 0;
5700 int ret;
5701
5702 wpa_printf(MSG_DEBUG,
5703 "nl80211: Send over control port dest=" MACSTR
5704 " proto=0x%04x len=%u no_encrypt=%d",
5705 MAC2STR(dest), proto, (unsigned int) len, no_encrypt);
5706
5707 msg = nl80211_bss_msg(bss, 0, NL80211_CMD_CONTROL_PORT_FRAME);
5708 if (!msg ||
5709 nla_put_u16(msg, NL80211_ATTR_CONTROL_PORT_ETHERTYPE, proto) ||
5710 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, dest) ||
5711 nla_put(msg, NL80211_ATTR_FRAME, len, buf) ||
5712 (no_encrypt &&
5713 nla_put_flag(msg, NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT))) {
5714 nlmsg_free(msg);
5715 return -ENOBUFS;
5716 }
5717
5718 os_memset(&ext_arg, 0, sizeof(struct nl80211_ack_ext_arg));
5719 ext_arg.ext_data = &cookie;
5720 ret = send_and_recv_msgs(bss->drv, msg, NULL, NULL,
5721 ack_handler_cookie, &ext_arg);
5722 if (ret) {
5723 wpa_printf(MSG_DEBUG,
5724 "nl80211: tx_control_port failed: ret=%d (%s)",
5725 ret, strerror(-ret));
5726 } else {
5727 struct wpa_driver_nl80211_data *drv = bss->drv;
5728
5729 wpa_printf(MSG_DEBUG,
5730 "nl80211: tx_control_port cookie=0x%llx",
5731 (long long unsigned int) cookie);
5732 drv->eapol_tx_cookie = cookie;
5733 }
5734
5735 return ret;
5736 }
5737
5738
nl80211_send_eapol_data(struct i802_bss * bss,const u8 * addr,const u8 * data,size_t data_len)5739 static int nl80211_send_eapol_data(struct i802_bss *bss,
5740 const u8 *addr, const u8 *data,
5741 size_t data_len)
5742 {
5743 struct sockaddr_ll ll;
5744 int ret;
5745
5746 if (bss->drv->eapol_tx_sock < 0) {
5747 wpa_printf(MSG_DEBUG, "nl80211: No socket to send EAPOL");
5748 return -1;
5749 }
5750
5751 os_memset(&ll, 0, sizeof(ll));
5752 ll.sll_family = AF_PACKET;
5753 ll.sll_ifindex = bss->ifindex;
5754 ll.sll_protocol = htons(ETH_P_PAE);
5755 ll.sll_halen = ETH_ALEN;
5756 os_memcpy(ll.sll_addr, addr, ETH_ALEN);
5757 ret = sendto(bss->drv->eapol_tx_sock, data, data_len, 0,
5758 (struct sockaddr *) &ll, sizeof(ll));
5759 if (ret < 0)
5760 wpa_printf(MSG_ERROR, "nl80211: EAPOL TX: %s",
5761 strerror(errno));
5762
5763 return ret;
5764 }
5765
5766
5767 static const u8 rfc1042_header[6] = { 0xaa, 0xaa, 0x03, 0x00, 0x00, 0x00 };
5768
wpa_driver_nl80211_hapd_send_eapol(void * priv,const u8 * addr,const u8 * data,size_t data_len,int encrypt,const u8 * own_addr,u32 flags)5769 static int wpa_driver_nl80211_hapd_send_eapol(
5770 void *priv, const u8 *addr, const u8 *data,
5771 size_t data_len, int encrypt, const u8 *own_addr, u32 flags)
5772 {
5773 struct i802_bss *bss = priv;
5774 struct wpa_driver_nl80211_data *drv = bss->drv;
5775 struct ieee80211_hdr *hdr;
5776 size_t len;
5777 u8 *pos;
5778 int res;
5779 int qos = flags & WPA_STA_WMM;
5780
5781 /* For now, disable EAPOL TX over control port in AP mode by default
5782 * since it does not provide TX status notifications. */
5783 if (drv->control_port_ap &&
5784 (drv->capa.flags & WPA_DRIVER_FLAGS_CONTROL_PORT))
5785 return nl80211_tx_control_port(bss, addr, ETH_P_EAPOL,
5786 data, data_len, !encrypt);
5787
5788 if (drv->device_ap_sme || !drv->use_monitor)
5789 return nl80211_send_eapol_data(bss, addr, data, data_len);
5790
5791 len = sizeof(*hdr) + (qos ? 2 : 0) + sizeof(rfc1042_header) + 2 +
5792 data_len;
5793 hdr = os_zalloc(len);
5794 if (hdr == NULL) {
5795 wpa_printf(MSG_INFO, "nl80211: Failed to allocate EAPOL buffer(len=%lu)",
5796 (unsigned long) len);
5797 return -1;
5798 }
5799
5800 hdr->frame_control =
5801 IEEE80211_FC(WLAN_FC_TYPE_DATA, WLAN_FC_STYPE_DATA);
5802 hdr->frame_control |= host_to_le16(WLAN_FC_FROMDS);
5803 if (encrypt)
5804 hdr->frame_control |= host_to_le16(WLAN_FC_ISWEP);
5805 if (qos) {
5806 hdr->frame_control |=
5807 host_to_le16(WLAN_FC_STYPE_QOS_DATA << 4);
5808 }
5809
5810 memcpy(hdr->IEEE80211_DA_FROMDS, addr, ETH_ALEN);
5811 memcpy(hdr->IEEE80211_BSSID_FROMDS, own_addr, ETH_ALEN);
5812 memcpy(hdr->IEEE80211_SA_FROMDS, own_addr, ETH_ALEN);
5813 pos = (u8 *) (hdr + 1);
5814
5815 if (qos) {
5816 /* Set highest priority in QoS header */
5817 pos[0] = 7;
5818 pos[1] = 0;
5819 pos += 2;
5820 }
5821
5822 memcpy(pos, rfc1042_header, sizeof(rfc1042_header));
5823 pos += sizeof(rfc1042_header);
5824 WPA_PUT_BE16(pos, ETH_P_PAE);
5825 pos += 2;
5826 memcpy(pos, data, data_len);
5827
5828 res = nl80211_send_monitor(drv, hdr, len, encrypt, 0);
5829 if (res < 0) {
5830 wpa_printf(MSG_ERROR,
5831 "hapd_send_eapol - packet len: %lu - failed",
5832 (unsigned long) len);
5833 }
5834 os_free(hdr);
5835
5836 return res;
5837 }
5838
5839
wpa_driver_nl80211_sta_set_flags(void * priv,const u8 * addr,unsigned int total_flags,unsigned int flags_or,unsigned int flags_and)5840 static int wpa_driver_nl80211_sta_set_flags(void *priv, const u8 *addr,
5841 unsigned int total_flags,
5842 unsigned int flags_or,
5843 unsigned int flags_and)
5844 {
5845 struct i802_bss *bss = priv;
5846 struct nl_msg *msg;
5847 struct nlattr *flags;
5848 struct nl80211_sta_flag_update upd;
5849
5850 wpa_printf(MSG_DEBUG, "nl80211: Set STA flags - ifname=%s addr=" MACSTR
5851 " total_flags=0x%x flags_or=0x%x flags_and=0x%x authorized=%d",
5852 bss->ifname, MAC2STR(addr), total_flags, flags_or, flags_and,
5853 !!(total_flags & WPA_STA_AUTHORIZED));
5854
5855 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_STATION)) ||
5856 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr))
5857 goto fail;
5858
5859 /*
5860 * Backwards compatibility version using NL80211_ATTR_STA_FLAGS. This
5861 * can be removed eventually.
5862 */
5863 flags = nla_nest_start(msg, NL80211_ATTR_STA_FLAGS);
5864 if (!flags ||
5865 ((total_flags & WPA_STA_AUTHORIZED) &&
5866 nla_put_flag(msg, NL80211_STA_FLAG_AUTHORIZED)) ||
5867 ((total_flags & WPA_STA_WMM) &&
5868 nla_put_flag(msg, NL80211_STA_FLAG_WME)) ||
5869 ((total_flags & WPA_STA_SHORT_PREAMBLE) &&
5870 nla_put_flag(msg, NL80211_STA_FLAG_SHORT_PREAMBLE)) ||
5871 ((total_flags & WPA_STA_MFP) &&
5872 nla_put_flag(msg, NL80211_STA_FLAG_MFP)) ||
5873 ((total_flags & WPA_STA_TDLS_PEER) &&
5874 nla_put_flag(msg, NL80211_STA_FLAG_TDLS_PEER)))
5875 goto fail;
5876
5877 nla_nest_end(msg, flags);
5878
5879 os_memset(&upd, 0, sizeof(upd));
5880 upd.mask = sta_flags_nl80211(flags_or | ~flags_and);
5881 upd.set = sta_flags_nl80211(flags_or);
5882 if (nla_put(msg, NL80211_ATTR_STA_FLAGS2, sizeof(upd), &upd))
5883 goto fail;
5884
5885 return send_and_recv_msgs(bss->drv, msg, NULL, NULL, NULL, NULL);
5886 fail:
5887 nlmsg_free(msg);
5888 return -ENOBUFS;
5889 }
5890
5891
driver_nl80211_sta_set_airtime_weight(void * priv,const u8 * addr,unsigned int weight)5892 static int driver_nl80211_sta_set_airtime_weight(void *priv, const u8 *addr,
5893 unsigned int weight)
5894 {
5895 struct i802_bss *bss = priv;
5896 struct nl_msg *msg;
5897
5898 wpa_printf(MSG_DEBUG,
5899 "nl80211: Set STA airtime weight - ifname=%s addr=" MACSTR
5900 " weight=%u", bss->ifname, MAC2STR(addr), weight);
5901
5902 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_STATION)) ||
5903 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr) ||
5904 nla_put_u16(msg, NL80211_ATTR_AIRTIME_WEIGHT, weight))
5905 goto fail;
5906
5907 return send_and_recv_msgs(bss->drv, msg, NULL, NULL, NULL, NULL);
5908 fail:
5909 nlmsg_free(msg);
5910 return -ENOBUFS;
5911 }
5912
5913
wpa_driver_nl80211_ap(struct wpa_driver_nl80211_data * drv,struct wpa_driver_associate_params * params)5914 static int wpa_driver_nl80211_ap(struct wpa_driver_nl80211_data *drv,
5915 struct wpa_driver_associate_params *params)
5916 {
5917 enum nl80211_iftype nlmode, old_mode;
5918
5919 if (params->p2p) {
5920 wpa_printf(MSG_DEBUG, "nl80211: Setup AP operations for P2P "
5921 "group (GO)");
5922 nlmode = NL80211_IFTYPE_P2P_GO;
5923 } else
5924 nlmode = NL80211_IFTYPE_AP;
5925
5926 old_mode = drv->nlmode;
5927 if (wpa_driver_nl80211_set_mode(drv->first_bss, nlmode)) {
5928 nl80211_remove_monitor_interface(drv);
5929 return -1;
5930 }
5931
5932 if (params->freq.freq &&
5933 nl80211_set_channel(drv->first_bss, ¶ms->freq, 0)) {
5934 if (old_mode != nlmode)
5935 wpa_driver_nl80211_set_mode(drv->first_bss, old_mode);
5936 nl80211_remove_monitor_interface(drv);
5937 return -1;
5938 }
5939
5940 return 0;
5941 }
5942
5943
nl80211_leave_ibss(struct wpa_driver_nl80211_data * drv,int reset_mode)5944 static int nl80211_leave_ibss(struct wpa_driver_nl80211_data *drv,
5945 int reset_mode)
5946 {
5947 struct nl_msg *msg;
5948 int ret;
5949
5950 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_LEAVE_IBSS);
5951 ret = send_and_recv_msgs_owner(drv, msg,
5952 get_connect_handle(drv->first_bss), 1,
5953 NULL, NULL, NULL, NULL);
5954 if (ret) {
5955 wpa_printf(MSG_DEBUG, "nl80211: Leave IBSS failed: ret=%d "
5956 "(%s)", ret, strerror(-ret));
5957 } else {
5958 wpa_printf(MSG_DEBUG,
5959 "nl80211: Leave IBSS request sent successfully");
5960 }
5961
5962 if (reset_mode &&
5963 wpa_driver_nl80211_set_mode(drv->first_bss,
5964 NL80211_IFTYPE_STATION)) {
5965 wpa_printf(MSG_INFO, "nl80211: Failed to set interface into "
5966 "station mode");
5967 }
5968
5969 return ret;
5970 }
5971
5972
nl80211_ht_vht_overrides(struct nl_msg * msg,struct wpa_driver_associate_params * params)5973 static int nl80211_ht_vht_overrides(struct nl_msg *msg,
5974 struct wpa_driver_associate_params *params)
5975 {
5976 if (params->disable_ht && nla_put_flag(msg, NL80211_ATTR_DISABLE_HT))
5977 return -1;
5978
5979 if (params->htcaps && params->htcaps_mask) {
5980 int sz = sizeof(struct ieee80211_ht_capabilities);
5981 wpa_hexdump(MSG_DEBUG, " * htcaps", params->htcaps, sz);
5982 wpa_hexdump(MSG_DEBUG, " * htcaps_mask",
5983 params->htcaps_mask, sz);
5984 if (nla_put(msg, NL80211_ATTR_HT_CAPABILITY, sz,
5985 params->htcaps) ||
5986 nla_put(msg, NL80211_ATTR_HT_CAPABILITY_MASK, sz,
5987 params->htcaps_mask))
5988 return -1;
5989 }
5990
5991 #ifdef CONFIG_VHT_OVERRIDES
5992 if (params->disable_vht) {
5993 wpa_printf(MSG_DEBUG, " * VHT disabled");
5994 if (nla_put_flag(msg, NL80211_ATTR_DISABLE_VHT))
5995 return -1;
5996 }
5997
5998 if (params->vhtcaps && params->vhtcaps_mask) {
5999 int sz = sizeof(struct ieee80211_vht_capabilities);
6000 wpa_hexdump(MSG_DEBUG, " * vhtcaps", params->vhtcaps, sz);
6001 wpa_hexdump(MSG_DEBUG, " * vhtcaps_mask",
6002 params->vhtcaps_mask, sz);
6003 if (nla_put(msg, NL80211_ATTR_VHT_CAPABILITY, sz,
6004 params->vhtcaps) ||
6005 nla_put(msg, NL80211_ATTR_VHT_CAPABILITY_MASK, sz,
6006 params->vhtcaps_mask))
6007 return -1;
6008 }
6009 #endif /* CONFIG_VHT_OVERRIDES */
6010
6011 return 0;
6012 }
6013
6014
wpa_driver_nl80211_ibss(struct wpa_driver_nl80211_data * drv,struct wpa_driver_associate_params * params)6015 static int wpa_driver_nl80211_ibss(struct wpa_driver_nl80211_data *drv,
6016 struct wpa_driver_associate_params *params)
6017 {
6018 struct nl_msg *msg;
6019 int ret = -1;
6020 int count = 0;
6021
6022 wpa_printf(MSG_DEBUG, "nl80211: Join IBSS (ifindex=%d)", drv->ifindex);
6023
6024 if (wpa_driver_nl80211_set_mode_ibss(drv->first_bss, ¶ms->freq)) {
6025 wpa_printf(MSG_INFO, "nl80211: Failed to set interface into "
6026 "IBSS mode");
6027 return -1;
6028 }
6029
6030 retry:
6031 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_JOIN_IBSS)) ||
6032 params->ssid == NULL || params->ssid_len > sizeof(drv->ssid))
6033 goto fail;
6034
6035 wpa_printf(MSG_DEBUG, " * SSID=%s",
6036 wpa_ssid_txt(params->ssid, params->ssid_len));
6037 if (nla_put(msg, NL80211_ATTR_SSID, params->ssid_len, params->ssid))
6038 goto fail;
6039 os_memcpy(drv->ssid, params->ssid, params->ssid_len);
6040 drv->ssid_len = params->ssid_len;
6041
6042 if (nl80211_put_freq_params(msg, ¶ms->freq) < 0 ||
6043 nl80211_put_beacon_int(msg, params->beacon_int))
6044 goto fail;
6045
6046 ret = nl80211_set_conn_keys(params, msg);
6047 if (ret)
6048 goto fail;
6049
6050 if (params->bssid && params->fixed_bssid) {
6051 wpa_printf(MSG_DEBUG, " * BSSID=" MACSTR,
6052 MAC2STR(params->bssid));
6053 if (nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid))
6054 goto fail;
6055 }
6056
6057 if (params->fixed_freq) {
6058 wpa_printf(MSG_DEBUG, " * fixed_freq");
6059 if (nla_put_flag(msg, NL80211_ATTR_FREQ_FIXED))
6060 goto fail;
6061 }
6062
6063 if (params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
6064 params->key_mgmt_suite == WPA_KEY_MGMT_PSK ||
6065 params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
6066 params->key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256) {
6067 wpa_printf(MSG_DEBUG, " * control port");
6068 if (nla_put_flag(msg, NL80211_ATTR_CONTROL_PORT))
6069 goto fail;
6070 }
6071
6072 if (params->wpa_ie) {
6073 wpa_hexdump(MSG_DEBUG,
6074 " * Extra IEs for Beacon/Probe Response frames",
6075 params->wpa_ie, params->wpa_ie_len);
6076 if (nla_put(msg, NL80211_ATTR_IE, params->wpa_ie_len,
6077 params->wpa_ie))
6078 goto fail;
6079 }
6080
6081 ret = nl80211_ht_vht_overrides(msg, params);
6082 if (ret < 0)
6083 goto fail;
6084
6085 ret = send_and_recv_msgs_owner(drv, msg,
6086 get_connect_handle(drv->first_bss), 1,
6087 NULL, NULL, NULL, NULL);
6088 msg = NULL;
6089 if (ret) {
6090 wpa_printf(MSG_DEBUG, "nl80211: Join IBSS failed: ret=%d (%s)",
6091 ret, strerror(-ret));
6092 count++;
6093 if (ret == -EALREADY && count == 1) {
6094 wpa_printf(MSG_DEBUG, "nl80211: Retry IBSS join after "
6095 "forced leave");
6096 nl80211_leave_ibss(drv, 0);
6097 nlmsg_free(msg);
6098 goto retry;
6099 }
6100 } else {
6101 wpa_printf(MSG_DEBUG,
6102 "nl80211: Join IBSS request sent successfully");
6103 }
6104
6105 fail:
6106 nlmsg_free(msg);
6107 return ret;
6108 }
6109
6110
nl80211_put_fils_connect_params(struct wpa_driver_nl80211_data * drv,struct wpa_driver_associate_params * params,struct nl_msg * msg)6111 static int nl80211_put_fils_connect_params(struct wpa_driver_nl80211_data *drv,
6112 struct wpa_driver_associate_params *params,
6113 struct nl_msg *msg)
6114 {
6115 if (params->fils_erp_username_len) {
6116 wpa_hexdump_ascii(MSG_DEBUG, " * FILS ERP EMSKname/username",
6117 params->fils_erp_username,
6118 params->fils_erp_username_len);
6119 if (nla_put(msg, NL80211_ATTR_FILS_ERP_USERNAME,
6120 params->fils_erp_username_len,
6121 params->fils_erp_username))
6122 return -1;
6123 }
6124
6125 if (params->fils_erp_realm_len) {
6126 wpa_hexdump_ascii(MSG_DEBUG, " * FILS ERP Realm",
6127 params->fils_erp_realm,
6128 params->fils_erp_realm_len);
6129 if (nla_put(msg, NL80211_ATTR_FILS_ERP_REALM,
6130 params->fils_erp_realm_len, params->fils_erp_realm))
6131 return -1;
6132 }
6133
6134 if (params->fils_erp_rrk_len) {
6135 wpa_printf(MSG_DEBUG, " * FILS ERP next seq %u",
6136 params->fils_erp_next_seq_num);
6137 if (nla_put_u16(msg, NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM,
6138 params->fils_erp_next_seq_num))
6139 return -1;
6140
6141 wpa_printf(MSG_DEBUG, " * FILS ERP rRK (len=%lu)",
6142 (unsigned long) params->fils_erp_rrk_len);
6143 if (nla_put(msg, NL80211_ATTR_FILS_ERP_RRK,
6144 params->fils_erp_rrk_len, params->fils_erp_rrk))
6145 return -1;
6146 }
6147
6148 return 0;
6149 }
6150
6151
nl80211_connect_common(struct wpa_driver_nl80211_data * drv,struct wpa_driver_associate_params * params,struct nl_msg * msg)6152 static int nl80211_connect_common(struct wpa_driver_nl80211_data *drv,
6153 struct wpa_driver_associate_params *params,
6154 struct nl_msg *msg)
6155 {
6156 if (nla_put_flag(msg, NL80211_ATTR_IFACE_SOCKET_OWNER))
6157 return -1;
6158
6159 if (params->bssid) {
6160 wpa_printf(MSG_DEBUG, " * bssid=" MACSTR,
6161 MAC2STR(params->bssid));
6162 if (nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid))
6163 return -1;
6164 }
6165
6166 if (params->bssid_hint) {
6167 wpa_printf(MSG_DEBUG, " * bssid_hint=" MACSTR,
6168 MAC2STR(params->bssid_hint));
6169 if (nla_put(msg, NL80211_ATTR_MAC_HINT, ETH_ALEN,
6170 params->bssid_hint))
6171 return -1;
6172 }
6173
6174 if (params->freq.freq) {
6175 wpa_printf(MSG_DEBUG, " * freq=%d", params->freq.freq);
6176 if (nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ,
6177 params->freq.freq))
6178 return -1;
6179 drv->assoc_freq = params->freq.freq;
6180 } else
6181 drv->assoc_freq = 0;
6182
6183 if (params->freq_hint) {
6184 wpa_printf(MSG_DEBUG, " * freq_hint=%d", params->freq_hint);
6185 if (nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ_HINT,
6186 params->freq_hint))
6187 return -1;
6188 }
6189
6190 if (params->freq.edmg.channels && params->freq.edmg.bw_config) {
6191 wpa_printf(MSG_DEBUG,
6192 " * EDMG configuration: channels=0x%x bw_config=%d",
6193 params->freq.edmg.channels,
6194 params->freq.edmg.bw_config);
6195 if (nla_put_u8(msg, NL80211_ATTR_WIPHY_EDMG_CHANNELS,
6196 params->freq.edmg.channels) ||
6197 nla_put_u8(msg, NL80211_ATTR_WIPHY_EDMG_BW_CONFIG,
6198 params->freq.edmg.bw_config))
6199 return -1;
6200 }
6201
6202 if (params->bg_scan_period >= 0) {
6203 wpa_printf(MSG_DEBUG, " * bg scan period=%d",
6204 params->bg_scan_period);
6205 if (nla_put_u16(msg, NL80211_ATTR_BG_SCAN_PERIOD,
6206 params->bg_scan_period))
6207 return -1;
6208 }
6209
6210 if (params->ssid) {
6211 wpa_printf(MSG_DEBUG, " * SSID=%s",
6212 wpa_ssid_txt(params->ssid, params->ssid_len));
6213 if (nla_put(msg, NL80211_ATTR_SSID, params->ssid_len,
6214 params->ssid))
6215 return -1;
6216 if (params->ssid_len > sizeof(drv->ssid))
6217 return -1;
6218 os_memcpy(drv->ssid, params->ssid, params->ssid_len);
6219 drv->ssid_len = params->ssid_len;
6220 }
6221
6222 wpa_hexdump(MSG_DEBUG, " * IEs", params->wpa_ie, params->wpa_ie_len);
6223 if (params->wpa_ie &&
6224 nla_put(msg, NL80211_ATTR_IE, params->wpa_ie_len, params->wpa_ie))
6225 return -1;
6226
6227 if (params->wpa_proto) {
6228 enum nl80211_wpa_versions ver = 0;
6229
6230 if (params->wpa_proto & WPA_PROTO_WPA)
6231 ver |= NL80211_WPA_VERSION_1;
6232 if (params->wpa_proto & WPA_PROTO_RSN)
6233 ver |= NL80211_WPA_VERSION_2;
6234
6235 wpa_printf(MSG_DEBUG, " * WPA Versions 0x%x", ver);
6236 if (nla_put_u32(msg, NL80211_ATTR_WPA_VERSIONS, ver))
6237 return -1;
6238 }
6239
6240 if (params->pairwise_suite != WPA_CIPHER_NONE) {
6241 u32 cipher = wpa_cipher_to_cipher_suite(params->pairwise_suite);
6242 wpa_printf(MSG_DEBUG, " * pairwise=0x%x", cipher);
6243 if (nla_put_u32(msg, NL80211_ATTR_CIPHER_SUITES_PAIRWISE,
6244 cipher))
6245 return -1;
6246 }
6247
6248 if (params->group_suite == WPA_CIPHER_GTK_NOT_USED &&
6249 !(drv->capa.enc & WPA_DRIVER_CAPA_ENC_GTK_NOT_USED)) {
6250 /*
6251 * This is likely to work even though many drivers do not
6252 * advertise support for operations without GTK.
6253 */
6254 wpa_printf(MSG_DEBUG, " * skip group cipher configuration for GTK_NOT_USED due to missing driver support advertisement");
6255 } else if (params->group_suite != WPA_CIPHER_NONE) {
6256 u32 cipher = wpa_cipher_to_cipher_suite(params->group_suite);
6257 wpa_printf(MSG_DEBUG, " * group=0x%x", cipher);
6258 if (nla_put_u32(msg, NL80211_ATTR_CIPHER_SUITE_GROUP, cipher))
6259 return -1;
6260 }
6261
6262 if (params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
6263 params->key_mgmt_suite == WPA_KEY_MGMT_PSK ||
6264 params->key_mgmt_suite == WPA_KEY_MGMT_FT_IEEE8021X ||
6265 params->key_mgmt_suite == WPA_KEY_MGMT_FT_PSK ||
6266 params->key_mgmt_suite == WPA_KEY_MGMT_CCKM ||
6267 params->key_mgmt_suite == WPA_KEY_MGMT_OSEN ||
6268 params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
6269 params->key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256 ||
6270 params->key_mgmt_suite == WPA_KEY_MGMT_SAE ||
6271 params->key_mgmt_suite == WPA_KEY_MGMT_FT_SAE ||
6272 params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B ||
6273 params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192 ||
6274 params->key_mgmt_suite == WPA_KEY_MGMT_FT_IEEE8021X_SHA384 ||
6275 params->key_mgmt_suite == WPA_KEY_MGMT_FILS_SHA256 ||
6276 params->key_mgmt_suite == WPA_KEY_MGMT_FILS_SHA384 ||
6277 params->key_mgmt_suite == WPA_KEY_MGMT_FT_FILS_SHA256 ||
6278 params->key_mgmt_suite == WPA_KEY_MGMT_FT_FILS_SHA384 ||
6279 params->key_mgmt_suite == WPA_KEY_MGMT_OWE ||
6280 params->key_mgmt_suite == WPA_KEY_MGMT_DPP) {
6281 int mgmt = RSN_AUTH_KEY_MGMT_PSK_OVER_802_1X;
6282
6283 switch (params->key_mgmt_suite) {
6284 case WPA_KEY_MGMT_CCKM:
6285 mgmt = RSN_AUTH_KEY_MGMT_CCKM;
6286 break;
6287 case WPA_KEY_MGMT_IEEE8021X:
6288 mgmt = RSN_AUTH_KEY_MGMT_UNSPEC_802_1X;
6289 break;
6290 case WPA_KEY_MGMT_FT_IEEE8021X:
6291 mgmt = RSN_AUTH_KEY_MGMT_FT_802_1X;
6292 break;
6293 case WPA_KEY_MGMT_FT_PSK:
6294 mgmt = RSN_AUTH_KEY_MGMT_FT_PSK;
6295 break;
6296 case WPA_KEY_MGMT_IEEE8021X_SHA256:
6297 mgmt = RSN_AUTH_KEY_MGMT_802_1X_SHA256;
6298 break;
6299 case WPA_KEY_MGMT_PSK_SHA256:
6300 mgmt = RSN_AUTH_KEY_MGMT_PSK_SHA256;
6301 break;
6302 case WPA_KEY_MGMT_OSEN:
6303 mgmt = RSN_AUTH_KEY_MGMT_OSEN;
6304 break;
6305 case WPA_KEY_MGMT_SAE:
6306 mgmt = RSN_AUTH_KEY_MGMT_SAE;
6307 break;
6308 case WPA_KEY_MGMT_FT_SAE:
6309 mgmt = RSN_AUTH_KEY_MGMT_FT_SAE;
6310 break;
6311 case WPA_KEY_MGMT_IEEE8021X_SUITE_B:
6312 mgmt = RSN_AUTH_KEY_MGMT_802_1X_SUITE_B;
6313 break;
6314 case WPA_KEY_MGMT_IEEE8021X_SUITE_B_192:
6315 mgmt = RSN_AUTH_KEY_MGMT_802_1X_SUITE_B_192;
6316 break;
6317 case WPA_KEY_MGMT_FT_IEEE8021X_SHA384:
6318 mgmt = RSN_AUTH_KEY_MGMT_FT_802_1X_SHA384;
6319 break;
6320 case WPA_KEY_MGMT_FILS_SHA256:
6321 mgmt = RSN_AUTH_KEY_MGMT_FILS_SHA256;
6322 break;
6323 case WPA_KEY_MGMT_FILS_SHA384:
6324 mgmt = RSN_AUTH_KEY_MGMT_FILS_SHA384;
6325 break;
6326 case WPA_KEY_MGMT_FT_FILS_SHA256:
6327 mgmt = RSN_AUTH_KEY_MGMT_FT_FILS_SHA256;
6328 break;
6329 case WPA_KEY_MGMT_FT_FILS_SHA384:
6330 mgmt = RSN_AUTH_KEY_MGMT_FT_FILS_SHA384;
6331 break;
6332 case WPA_KEY_MGMT_OWE:
6333 mgmt = RSN_AUTH_KEY_MGMT_OWE;
6334 break;
6335 case WPA_KEY_MGMT_DPP:
6336 mgmt = RSN_AUTH_KEY_MGMT_DPP;
6337 break;
6338 case WPA_KEY_MGMT_PSK:
6339 default:
6340 mgmt = RSN_AUTH_KEY_MGMT_PSK_OVER_802_1X;
6341 break;
6342 }
6343 wpa_printf(MSG_DEBUG, " * akm=0x%x", mgmt);
6344 if (nla_put_u32(msg, NL80211_ATTR_AKM_SUITES, mgmt))
6345 return -1;
6346 }
6347
6348 if (params->req_handshake_offload &&
6349 (drv->capa.flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X)) {
6350 wpa_printf(MSG_DEBUG, " * WANT_1X_4WAY_HS");
6351 if (nla_put_flag(msg, NL80211_ATTR_WANT_1X_4WAY_HS))
6352 return -1;
6353 }
6354
6355 /* Add PSK in case of 4-way handshake offload */
6356 if (params->psk &&
6357 (drv->capa.flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK)) {
6358 wpa_hexdump_key(MSG_DEBUG, " * PSK", params->psk, 32);
6359 if (nla_put(msg, NL80211_ATTR_PMK, 32, params->psk))
6360 return -1;
6361 }
6362
6363 if (nla_put_flag(msg, NL80211_ATTR_CONTROL_PORT))
6364 return -1;
6365
6366 if (params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
6367 (params->pairwise_suite == WPA_CIPHER_NONE ||
6368 params->pairwise_suite == WPA_CIPHER_WEP104 ||
6369 params->pairwise_suite == WPA_CIPHER_WEP40) &&
6370 (nla_put_u16(msg, NL80211_ATTR_CONTROL_PORT_ETHERTYPE, ETH_P_PAE) ||
6371 nla_put_flag(msg, NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT)))
6372 return -1;
6373
6374 if (params->rrm_used) {
6375 u32 drv_rrm_flags = drv->capa.rrm_flags;
6376 if ((!((drv_rrm_flags &
6377 WPA_DRIVER_FLAGS_DS_PARAM_SET_IE_IN_PROBES) &&
6378 (drv_rrm_flags & WPA_DRIVER_FLAGS_QUIET)) &&
6379 !(drv_rrm_flags & WPA_DRIVER_FLAGS_SUPPORT_RRM)) ||
6380 nla_put_flag(msg, NL80211_ATTR_USE_RRM))
6381 return -1;
6382 }
6383
6384 if (nl80211_ht_vht_overrides(msg, params) < 0)
6385 return -1;
6386
6387 if (params->p2p)
6388 wpa_printf(MSG_DEBUG, " * P2P group");
6389
6390 if (params->pbss) {
6391 wpa_printf(MSG_DEBUG, " * PBSS");
6392 if (nla_put_flag(msg, NL80211_ATTR_PBSS))
6393 return -1;
6394 }
6395
6396 drv->connect_reassoc = 0;
6397 if (params->prev_bssid) {
6398 wpa_printf(MSG_DEBUG, " * prev_bssid=" MACSTR,
6399 MAC2STR(params->prev_bssid));
6400 if (nla_put(msg, NL80211_ATTR_PREV_BSSID, ETH_ALEN,
6401 params->prev_bssid))
6402 return -1;
6403 drv->connect_reassoc = 1;
6404 }
6405
6406 if ((params->auth_alg & WPA_AUTH_ALG_FILS) &&
6407 nl80211_put_fils_connect_params(drv, params, msg) != 0)
6408 return -1;
6409
6410 if ((params->key_mgmt_suite == WPA_KEY_MGMT_SAE ||
6411 params->key_mgmt_suite == WPA_KEY_MGMT_FT_SAE) &&
6412 (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME)) &&
6413 nla_put_flag(msg, NL80211_ATTR_EXTERNAL_AUTH_SUPPORT))
6414 return -1;
6415
6416 return 0;
6417 }
6418
6419
wpa_driver_nl80211_try_connect(struct wpa_driver_nl80211_data * drv,struct wpa_driver_associate_params * params,struct nl_sock * nl_connect)6420 static int wpa_driver_nl80211_try_connect(
6421 struct wpa_driver_nl80211_data *drv,
6422 struct wpa_driver_associate_params *params,
6423 struct nl_sock *nl_connect)
6424 {
6425 struct nl_msg *msg;
6426 enum nl80211_auth_type type;
6427 int ret;
6428 int algs;
6429
6430 #ifdef CONFIG_DRIVER_NL80211_QCA
6431 if (params->req_key_mgmt_offload && params->psk &&
6432 (params->key_mgmt_suite == WPA_KEY_MGMT_PSK ||
6433 params->key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256 ||
6434 params->key_mgmt_suite == WPA_KEY_MGMT_FT_PSK)) {
6435 wpa_printf(MSG_DEBUG, "nl80211: Key management set PSK");
6436 ret = issue_key_mgmt_set_key(drv, params->psk, 32);
6437 if (ret)
6438 return ret;
6439 }
6440 #endif /* CONFIG_DRIVER_NL80211_QCA */
6441
6442 wpa_printf(MSG_DEBUG, "nl80211: Connect (ifindex=%d)", drv->ifindex);
6443 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_CONNECT);
6444 if (!msg)
6445 return -1;
6446
6447 ret = nl80211_connect_common(drv, params, msg);
6448 if (ret)
6449 goto fail;
6450
6451 if (params->mgmt_frame_protection == MGMT_FRAME_PROTECTION_REQUIRED &&
6452 nla_put_u32(msg, NL80211_ATTR_USE_MFP, NL80211_MFP_REQUIRED))
6453 goto fail;
6454
6455 if (params->mgmt_frame_protection == MGMT_FRAME_PROTECTION_OPTIONAL &&
6456 (drv->capa.flags & WPA_DRIVER_FLAGS_MFP_OPTIONAL) &&
6457 nla_put_u32(msg, NL80211_ATTR_USE_MFP, NL80211_MFP_OPTIONAL))
6458 goto fail;
6459
6460 #ifdef CONFIG_SAE
6461 if ((params->key_mgmt_suite == WPA_KEY_MGMT_SAE ||
6462 params->key_mgmt_suite == WPA_KEY_MGMT_FT_SAE) &&
6463 nl80211_put_sae_pwe(msg, params->sae_pwe) < 0)
6464 goto fail;
6465 #endif /* CONFIG_SAE */
6466
6467 algs = 0;
6468 if (params->auth_alg & WPA_AUTH_ALG_OPEN)
6469 algs++;
6470 if (params->auth_alg & WPA_AUTH_ALG_SHARED)
6471 algs++;
6472 if (params->auth_alg & WPA_AUTH_ALG_LEAP)
6473 algs++;
6474 if (params->auth_alg & WPA_AUTH_ALG_FILS)
6475 algs++;
6476 if (params->auth_alg & WPA_AUTH_ALG_FT)
6477 algs++;
6478 if (algs > 1) {
6479 wpa_printf(MSG_DEBUG, " * Leave out Auth Type for automatic "
6480 "selection");
6481 goto skip_auth_type;
6482 }
6483
6484 type = get_nl_auth_type(params->auth_alg);
6485 wpa_printf(MSG_DEBUG, " * Auth Type %d", type);
6486 if (type == NL80211_AUTHTYPE_MAX ||
6487 nla_put_u32(msg, NL80211_ATTR_AUTH_TYPE, type))
6488 goto fail;
6489
6490 skip_auth_type:
6491 ret = nl80211_set_conn_keys(params, msg);
6492 if (ret)
6493 goto fail;
6494
6495 ret = send_and_recv_msgs_owner(drv, msg, nl_connect, 1, NULL,
6496 NULL, NULL, NULL);
6497 msg = NULL;
6498 if (ret) {
6499 wpa_printf(MSG_DEBUG, "nl80211: MLME connect failed: ret=%d "
6500 "(%s)", ret, strerror(-ret));
6501 } else {
6502 #ifdef CONFIG_DRIVER_NL80211_QCA
6503 drv->roam_indication_done = false;
6504 #endif /* CONFIG_DRIVER_NL80211_QCA */
6505 wpa_printf(MSG_DEBUG,
6506 "nl80211: Connect request send successfully");
6507 }
6508
6509 fail:
6510 nl80211_nlmsg_clear(msg);
6511 nlmsg_free(msg);
6512 return ret;
6513
6514 }
6515
6516
wpa_driver_nl80211_connect(struct wpa_driver_nl80211_data * drv,struct wpa_driver_associate_params * params,struct nl_sock * nl_connect)6517 static int wpa_driver_nl80211_connect(
6518 struct wpa_driver_nl80211_data *drv,
6519 struct wpa_driver_associate_params *params,
6520 struct nl_sock *nl_connect)
6521 {
6522 int ret;
6523
6524 /* Store the connection attempted bssid for future use */
6525 if (params->bssid)
6526 os_memcpy(drv->auth_attempt_bssid, params->bssid, ETH_ALEN);
6527 else
6528 os_memset(drv->auth_attempt_bssid, 0, ETH_ALEN);
6529
6530 ret = wpa_driver_nl80211_try_connect(drv, params, nl_connect);
6531 if (ret == -EALREADY) {
6532 /*
6533 * cfg80211 does not currently accept new connections if
6534 * we are already connected. As a workaround, force
6535 * disconnection and try again.
6536 */
6537 wpa_printf(MSG_DEBUG, "nl80211: Explicitly "
6538 "disconnecting before reassociation "
6539 "attempt");
6540 if (wpa_driver_nl80211_disconnect(
6541 drv, WLAN_REASON_PREV_AUTH_NOT_VALID, nl_connect))
6542 return -1;
6543 ret = wpa_driver_nl80211_try_connect(drv, params, nl_connect);
6544 }
6545 return ret;
6546 }
6547
6548
wpa_driver_nl80211_associate(void * priv,struct wpa_driver_associate_params * params)6549 static int wpa_driver_nl80211_associate(
6550 void *priv, struct wpa_driver_associate_params *params)
6551 {
6552 struct i802_bss *bss = priv;
6553 struct wpa_driver_nl80211_data *drv = bss->drv;
6554 int ret = -1;
6555 struct nl_msg *msg;
6556
6557 nl80211_unmask_11b_rates(bss);
6558
6559 if (params->mode == IEEE80211_MODE_AP)
6560 return wpa_driver_nl80211_ap(drv, params);
6561
6562 if (params->mode == IEEE80211_MODE_IBSS)
6563 return wpa_driver_nl80211_ibss(drv, params);
6564
6565 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME)) {
6566 enum nl80211_iftype nlmode = params->p2p ?
6567 NL80211_IFTYPE_P2P_CLIENT : NL80211_IFTYPE_STATION;
6568
6569 if (wpa_driver_nl80211_set_mode(priv, nlmode) < 0)
6570 return -1;
6571 if (params->key_mgmt_suite == WPA_KEY_MGMT_SAE ||
6572 params->key_mgmt_suite == WPA_KEY_MGMT_FT_SAE)
6573 bss->use_nl_connect = 1;
6574 else
6575 bss->use_nl_connect = 0;
6576
6577 return wpa_driver_nl80211_connect(drv, params,
6578 get_connect_handle(bss));
6579 }
6580
6581 nl80211_mark_disconnected(drv);
6582
6583 wpa_printf(MSG_DEBUG, "nl80211: Associate (ifindex=%d)",
6584 drv->ifindex);
6585 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_ASSOCIATE);
6586 if (!msg)
6587 return -1;
6588
6589 ret = nl80211_connect_common(drv, params, msg);
6590 if (ret)
6591 goto fail;
6592
6593 if (params->mgmt_frame_protection == MGMT_FRAME_PROTECTION_REQUIRED &&
6594 nla_put_u32(msg, NL80211_ATTR_USE_MFP, NL80211_MFP_REQUIRED))
6595 goto fail;
6596
6597 if (params->fils_kek) {
6598 wpa_printf(MSG_DEBUG, " * FILS KEK (len=%u)",
6599 (unsigned int) params->fils_kek_len);
6600 if (nla_put(msg, NL80211_ATTR_FILS_KEK, params->fils_kek_len,
6601 params->fils_kek))
6602 goto fail;
6603 }
6604 if (params->fils_nonces) {
6605 wpa_hexdump(MSG_DEBUG, " * FILS nonces (for AAD)",
6606 params->fils_nonces,
6607 params->fils_nonces_len);
6608 if (nla_put(msg, NL80211_ATTR_FILS_NONCES,
6609 params->fils_nonces_len, params->fils_nonces))
6610 goto fail;
6611 }
6612
6613 ret = send_and_recv_msgs_owner(drv, msg,
6614 get_connect_handle(drv->first_bss), 1,
6615 NULL, NULL, NULL, NULL);
6616 msg = NULL;
6617 if (ret) {
6618 wpa_dbg(drv->ctx, MSG_DEBUG,
6619 "nl80211: MLME command failed (assoc): ret=%d (%s)",
6620 ret, strerror(-ret));
6621 nl80211_dump_scan(drv);
6622 } else {
6623 wpa_printf(MSG_DEBUG,
6624 "nl80211: Association request send successfully");
6625 }
6626
6627 fail:
6628 nlmsg_free(msg);
6629 return ret;
6630 }
6631
6632
nl80211_set_mode(struct wpa_driver_nl80211_data * drv,int ifindex,enum nl80211_iftype mode)6633 static int nl80211_set_mode(struct wpa_driver_nl80211_data *drv,
6634 int ifindex, enum nl80211_iftype mode)
6635 {
6636 struct nl_msg *msg;
6637 int ret = -ENOBUFS;
6638
6639 wpa_printf(MSG_DEBUG, "nl80211: Set mode ifindex %d iftype %d (%s)",
6640 ifindex, mode, nl80211_iftype_str(mode));
6641
6642 msg = nl80211_cmd_msg(drv->first_bss, 0, NL80211_CMD_SET_INTERFACE);
6643 if (!msg || nla_put_u32(msg, NL80211_ATTR_IFTYPE, mode))
6644 goto fail;
6645
6646 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
6647 msg = NULL;
6648 if (!ret)
6649 return 0;
6650 fail:
6651 nlmsg_free(msg);
6652 wpa_printf(MSG_DEBUG, "nl80211: Failed to set interface %d to mode %d:"
6653 " %d (%s)", ifindex, mode, ret, strerror(-ret));
6654 return ret;
6655 }
6656
6657
wpa_driver_nl80211_set_mode_impl(struct i802_bss * bss,enum nl80211_iftype nlmode,struct hostapd_freq_params * desired_freq_params)6658 static int wpa_driver_nl80211_set_mode_impl(
6659 struct i802_bss *bss,
6660 enum nl80211_iftype nlmode,
6661 struct hostapd_freq_params *desired_freq_params)
6662 {
6663 struct wpa_driver_nl80211_data *drv = bss->drv;
6664 int ret = -1;
6665 int i;
6666 int was_ap = is_ap_interface(drv->nlmode);
6667 int res;
6668 int mode_switch_res;
6669
6670 if (TEST_FAIL())
6671 return -1;
6672
6673 mode_switch_res = nl80211_set_mode(drv, drv->ifindex, nlmode);
6674 if (mode_switch_res && nlmode == nl80211_get_ifmode(bss))
6675 mode_switch_res = 0;
6676
6677 if (mode_switch_res == 0) {
6678 drv->nlmode = nlmode;
6679 ret = 0;
6680 goto done;
6681 }
6682
6683 if (mode_switch_res == -ENODEV)
6684 return -1;
6685
6686 if (nlmode == drv->nlmode) {
6687 wpa_printf(MSG_DEBUG, "nl80211: Interface already in "
6688 "requested mode - ignore error");
6689 ret = 0;
6690 goto done; /* Already in the requested mode */
6691 }
6692
6693 /* mac80211 doesn't allow mode changes while the device is up, so
6694 * take the device down, try to set the mode again, and bring the
6695 * device back up.
6696 */
6697 wpa_printf(MSG_DEBUG, "nl80211: Try mode change after setting "
6698 "interface down");
6699 for (i = 0; i < 10; i++) {
6700 res = i802_set_iface_flags(bss, 0);
6701 if (res == -EACCES || res == -ENODEV)
6702 break;
6703 if (res != 0) {
6704 wpa_printf(MSG_DEBUG, "nl80211: Failed to set "
6705 "interface down");
6706 os_sleep(0, 100000);
6707 continue;
6708 }
6709
6710 /*
6711 * Setting the mode will fail for some drivers if the phy is
6712 * on a frequency that the mode is disallowed in.
6713 */
6714 if (desired_freq_params) {
6715 res = nl80211_set_channel(bss, desired_freq_params, 0);
6716 if (res) {
6717 wpa_printf(MSG_DEBUG,
6718 "nl80211: Failed to set frequency on interface");
6719 }
6720 }
6721
6722 if (i == 0 && was_ap && !is_ap_interface(nlmode) &&
6723 bss->brname[0] &&
6724 (bss->added_if_into_bridge || bss->already_in_bridge)) {
6725 wpa_printf(MSG_DEBUG,
6726 "nl80211: Remove AP interface %s temporarily from the bridge %s to allow its mode to be set to STATION",
6727 bss->ifname, bss->brname);
6728 if (linux_br_del_if(drv->global->ioctl_sock,
6729 bss->brname, bss->ifname) < 0)
6730 wpa_printf(MSG_INFO,
6731 "nl80211: Failed to remove interface %s from bridge %s: %s",
6732 bss->ifname, bss->brname,
6733 strerror(errno));
6734 }
6735
6736 /* Try to set the mode again while the interface is down */
6737 mode_switch_res = nl80211_set_mode(drv, drv->ifindex, nlmode);
6738 if (mode_switch_res == -EBUSY) {
6739 wpa_printf(MSG_DEBUG,
6740 "nl80211: Delaying mode set while interface going down");
6741 os_sleep(0, 100000);
6742 continue;
6743 }
6744 ret = mode_switch_res;
6745 break;
6746 }
6747
6748 if (!ret) {
6749 wpa_printf(MSG_DEBUG, "nl80211: Mode change succeeded while "
6750 "interface is down");
6751 drv->nlmode = nlmode;
6752 drv->ignore_if_down_event = 1;
6753 }
6754
6755 /* Bring the interface back up */
6756 res = linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 1);
6757 if (res != 0) {
6758 wpa_printf(MSG_DEBUG,
6759 "nl80211: Failed to set interface up after switching mode");
6760 ret = -1;
6761 }
6762
6763 done:
6764 if (ret) {
6765 wpa_printf(MSG_DEBUG, "nl80211: Interface mode change to %d "
6766 "from %d failed", nlmode, drv->nlmode);
6767 return ret;
6768 }
6769
6770 if (is_p2p_net_interface(nlmode)) {
6771 wpa_printf(MSG_DEBUG,
6772 "nl80211: Interface %s mode change to P2P - disable 11b rates",
6773 bss->ifname);
6774 nl80211_disable_11b_rates(drv, drv->ifindex, 1);
6775 } else if (drv->disabled_11b_rates) {
6776 wpa_printf(MSG_DEBUG,
6777 "nl80211: Interface %s mode changed to non-P2P - re-enable 11b rates",
6778 bss->ifname);
6779 nl80211_disable_11b_rates(drv, drv->ifindex, 0);
6780 }
6781
6782 if (is_ap_interface(nlmode)) {
6783 nl80211_mgmt_unsubscribe(bss, "start AP");
6784 /* Setup additional AP mode functionality if needed */
6785 if (nl80211_setup_ap(bss))
6786 return -1;
6787 } else if (was_ap) {
6788 /* Remove additional AP mode functionality */
6789 nl80211_teardown_ap(bss);
6790 } else {
6791 nl80211_mgmt_unsubscribe(bss, "mode change");
6792 }
6793
6794 if (is_mesh_interface(nlmode) &&
6795 nl80211_mgmt_subscribe_mesh(bss))
6796 return -1;
6797
6798 if (!bss->in_deinit && !is_ap_interface(nlmode) &&
6799 !is_mesh_interface(nlmode) &&
6800 nl80211_mgmt_subscribe_non_ap(bss) < 0)
6801 wpa_printf(MSG_DEBUG, "nl80211: Failed to register Action "
6802 "frame processing - ignore for now");
6803
6804 return 0;
6805 }
6806
6807
nl80211_restore_ap_mode(struct i802_bss * bss)6808 void nl80211_restore_ap_mode(struct i802_bss *bss)
6809 {
6810 struct wpa_driver_nl80211_data *drv = bss->drv;
6811 int was_ap = is_ap_interface(drv->nlmode);
6812 int br_ifindex;
6813
6814 wpa_driver_nl80211_set_mode(bss, drv->ap_scan_as_station);
6815 if (!was_ap && is_ap_interface(drv->ap_scan_as_station) &&
6816 bss->brname[0] &&
6817 (bss->added_if_into_bridge || bss->already_in_bridge)) {
6818 wpa_printf(MSG_DEBUG,
6819 "nl80211: Add AP interface %s back into the bridge %s",
6820 bss->ifname, bss->brname);
6821 if (linux_br_add_if(drv->global->ioctl_sock, bss->brname,
6822 bss->ifname) < 0) {
6823 wpa_printf(MSG_WARNING,
6824 "nl80211: Failed to add interface %s into bridge %s: %s",
6825 bss->ifname, bss->brname, strerror(errno));
6826 }
6827 br_ifindex = if_nametoindex(bss->brname);
6828 add_ifidx(drv, br_ifindex, drv->ifindex);
6829 }
6830 drv->ap_scan_as_station = NL80211_IFTYPE_UNSPECIFIED;
6831 }
6832
6833
wpa_driver_nl80211_set_mode(struct i802_bss * bss,enum nl80211_iftype nlmode)6834 int wpa_driver_nl80211_set_mode(struct i802_bss *bss,
6835 enum nl80211_iftype nlmode)
6836 {
6837 return wpa_driver_nl80211_set_mode_impl(bss, nlmode, NULL);
6838 }
6839
6840
wpa_driver_nl80211_set_mode_ibss(struct i802_bss * bss,struct hostapd_freq_params * freq)6841 static int wpa_driver_nl80211_set_mode_ibss(struct i802_bss *bss,
6842 struct hostapd_freq_params *freq)
6843 {
6844 return wpa_driver_nl80211_set_mode_impl(bss, NL80211_IFTYPE_ADHOC,
6845 freq);
6846 }
6847
6848
wpa_driver_nl80211_get_capa(void * priv,struct wpa_driver_capa * capa)6849 static int wpa_driver_nl80211_get_capa(void *priv,
6850 struct wpa_driver_capa *capa)
6851 {
6852 struct i802_bss *bss = priv;
6853 struct wpa_driver_nl80211_data *drv = bss->drv;
6854
6855 if (!drv->has_capability)
6856 return -1;
6857 os_memcpy(capa, &drv->capa, sizeof(*capa));
6858 if (drv->extended_capa && drv->extended_capa_mask) {
6859 capa->extended_capa = drv->extended_capa;
6860 capa->extended_capa_mask = drv->extended_capa_mask;
6861 capa->extended_capa_len = drv->extended_capa_len;
6862 }
6863
6864 return 0;
6865 }
6866
6867
wpa_driver_nl80211_set_operstate(void * priv,int state)6868 static int wpa_driver_nl80211_set_operstate(void *priv, int state)
6869 {
6870 struct i802_bss *bss = priv;
6871 struct wpa_driver_nl80211_data *drv = bss->drv;
6872
6873 wpa_printf(MSG_DEBUG, "nl80211: Set %s operstate %d->%d (%s)",
6874 bss->ifname, drv->operstate, state,
6875 state ? "UP" : "DORMANT");
6876 drv->operstate = state;
6877 return netlink_send_oper_ifla(drv->global->netlink, drv->ifindex, -1,
6878 state ? IF_OPER_UP : IF_OPER_DORMANT);
6879 }
6880
6881
wpa_driver_nl80211_set_supp_port(void * priv,int authorized)6882 static int wpa_driver_nl80211_set_supp_port(void *priv, int authorized)
6883 {
6884 struct i802_bss *bss = priv;
6885 struct wpa_driver_nl80211_data *drv = bss->drv;
6886 struct nl_msg *msg;
6887 struct nl80211_sta_flag_update upd;
6888 int ret;
6889
6890 if (!drv->associated && is_zero_ether_addr(drv->bssid) && !authorized) {
6891 wpa_printf(MSG_DEBUG, "nl80211: Skip set_supp_port(unauthorized) while not associated");
6892 return 0;
6893 }
6894
6895 wpa_printf(MSG_DEBUG, "nl80211: Set supplicant port %sauthorized for "
6896 MACSTR, authorized ? "" : "un", MAC2STR(drv->bssid));
6897
6898 os_memset(&upd, 0, sizeof(upd));
6899 upd.mask = BIT(NL80211_STA_FLAG_AUTHORIZED);
6900 if (authorized)
6901 upd.set = BIT(NL80211_STA_FLAG_AUTHORIZED);
6902
6903 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_STATION)) ||
6904 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, drv->bssid) ||
6905 nla_put(msg, NL80211_ATTR_STA_FLAGS2, sizeof(upd), &upd)) {
6906 nlmsg_free(msg);
6907 return -ENOBUFS;
6908 }
6909
6910 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
6911 if (!ret)
6912 return 0;
6913 wpa_printf(MSG_DEBUG, "nl80211: Failed to set STA flag: %d (%s)",
6914 ret, strerror(-ret));
6915 return ret;
6916 }
6917
6918
6919 /* Set kernel driver on given frequency (MHz) */
i802_set_freq(void * priv,struct hostapd_freq_params * freq)6920 static int i802_set_freq(void *priv, struct hostapd_freq_params *freq)
6921 {
6922 struct i802_bss *bss = priv;
6923 return nl80211_set_channel(bss, freq, 0);
6924 }
6925
6926
min_int(int a,int b)6927 static inline int min_int(int a, int b)
6928 {
6929 if (a < b)
6930 return a;
6931 return b;
6932 }
6933
6934
get_key_handler(struct nl_msg * msg,void * arg)6935 static int get_key_handler(struct nl_msg *msg, void *arg)
6936 {
6937 struct nlattr *tb[NL80211_ATTR_MAX + 1];
6938 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
6939
6940 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
6941 genlmsg_attrlen(gnlh, 0), NULL);
6942
6943 /*
6944 * TODO: validate the key index and mac address!
6945 * Otherwise, there's a race condition as soon as
6946 * the kernel starts sending key notifications.
6947 */
6948
6949 if (tb[NL80211_ATTR_KEY_SEQ])
6950 memcpy(arg, nla_data(tb[NL80211_ATTR_KEY_SEQ]),
6951 min_int(nla_len(tb[NL80211_ATTR_KEY_SEQ]), 6));
6952 nl80211_nlmsg_clear(msg);
6953 return NL_SKIP;
6954 }
6955
6956
i802_get_seqnum(const char * iface,void * priv,const u8 * addr,int idx,u8 * seq)6957 static int i802_get_seqnum(const char *iface, void *priv, const u8 *addr,
6958 int idx, u8 *seq)
6959 {
6960 struct i802_bss *bss = priv;
6961 struct wpa_driver_nl80211_data *drv = bss->drv;
6962 struct nl_msg *msg;
6963
6964 msg = nl80211_ifindex_msg(drv, if_nametoindex(iface), 0,
6965 NL80211_CMD_GET_KEY);
6966 if (!msg ||
6967 (addr && nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) ||
6968 nla_put_u8(msg, NL80211_ATTR_KEY_IDX, idx)) {
6969 nlmsg_free(msg);
6970 return -ENOBUFS;
6971 }
6972
6973 memset(seq, 0, 6);
6974
6975 return send_and_recv_msgs(drv, msg, get_key_handler, seq, NULL, NULL);
6976 }
6977
6978
i802_set_rts(void * priv,int rts)6979 static int i802_set_rts(void *priv, int rts)
6980 {
6981 struct i802_bss *bss = priv;
6982 struct wpa_driver_nl80211_data *drv = bss->drv;
6983 struct nl_msg *msg;
6984 int ret;
6985 u32 val;
6986
6987 if (rts >= 2347 || rts == -1)
6988 val = (u32) -1;
6989 else
6990 val = rts;
6991
6992 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_SET_WIPHY)) ||
6993 nla_put_u32(msg, NL80211_ATTR_WIPHY_RTS_THRESHOLD, val)) {
6994 nlmsg_free(msg);
6995 return -ENOBUFS;
6996 }
6997
6998 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
6999 if (!ret)
7000 return 0;
7001 wpa_printf(MSG_DEBUG, "nl80211: Failed to set RTS threshold %d: "
7002 "%d (%s)", rts, ret, strerror(-ret));
7003 return ret;
7004 }
7005
7006
i802_set_frag(void * priv,int frag)7007 static int i802_set_frag(void *priv, int frag)
7008 {
7009 struct i802_bss *bss = priv;
7010 struct wpa_driver_nl80211_data *drv = bss->drv;
7011 struct nl_msg *msg;
7012 int ret;
7013 u32 val;
7014
7015 if (frag >= 2346 || frag == -1)
7016 val = (u32) -1;
7017 else
7018 val = frag;
7019
7020 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_SET_WIPHY)) ||
7021 nla_put_u32(msg, NL80211_ATTR_WIPHY_FRAG_THRESHOLD, val)) {
7022 nlmsg_free(msg);
7023 return -ENOBUFS;
7024 }
7025
7026 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
7027 if (!ret)
7028 return 0;
7029 wpa_printf(MSG_DEBUG, "nl80211: Failed to set fragmentation threshold "
7030 "%d: %d (%s)", frag, ret, strerror(-ret));
7031 return ret;
7032 }
7033
7034
i802_flush(void * priv)7035 static int i802_flush(void *priv)
7036 {
7037 struct i802_bss *bss = priv;
7038 struct nl_msg *msg;
7039 int res;
7040
7041 wpa_printf(MSG_DEBUG, "nl80211: flush -> DEL_STATION %s (all)",
7042 bss->ifname);
7043
7044 /*
7045 * XXX: FIX! this needs to flush all VLANs too
7046 */
7047 msg = nl80211_bss_msg(bss, 0, NL80211_CMD_DEL_STATION);
7048 res = send_and_recv_msgs(bss->drv, msg, NULL, NULL, NULL, NULL);
7049 if (res) {
7050 wpa_printf(MSG_DEBUG, "nl80211: Station flush failed: ret=%d "
7051 "(%s)", res, strerror(-res));
7052 }
7053 return res;
7054 }
7055
7056
get_sta_tid_stats(struct hostap_sta_driver_data * data,struct nlattr * attr)7057 static void get_sta_tid_stats(struct hostap_sta_driver_data *data,
7058 struct nlattr *attr)
7059 {
7060 struct nlattr *tid_stats[NL80211_TID_STATS_MAX + 1], *tidattr;
7061 struct nlattr *txq_stats[NL80211_TXQ_STATS_MAX + 1];
7062 static struct nla_policy txq_stats_policy[NL80211_TXQ_STATS_MAX + 1] = {
7063 [NL80211_TXQ_STATS_BACKLOG_BYTES] = { .type = NLA_U32 },
7064 [NL80211_TXQ_STATS_BACKLOG_PACKETS] = { .type = NLA_U32 },
7065 };
7066 int rem;
7067
7068 nla_for_each_nested(tidattr, attr, rem) {
7069 if (nla_parse_nested(tid_stats, NL80211_TID_STATS_MAX,
7070 tidattr, NULL) != 0 ||
7071 !tid_stats[NL80211_TID_STATS_TXQ_STATS] ||
7072 nla_parse_nested(txq_stats, NL80211_TXQ_STATS_MAX,
7073 tid_stats[NL80211_TID_STATS_TXQ_STATS],
7074 txq_stats_policy) != 0)
7075 continue;
7076 /* sum the backlogs over all TIDs for station */
7077 if (txq_stats[NL80211_TXQ_STATS_BACKLOG_BYTES])
7078 data->backlog_bytes += nla_get_u32(
7079 txq_stats[NL80211_TXQ_STATS_BACKLOG_BYTES]);
7080 if (txq_stats[NL80211_TXQ_STATS_BACKLOG_PACKETS])
7081 data->backlog_bytes += nla_get_u32(
7082 txq_stats[NL80211_TXQ_STATS_BACKLOG_PACKETS]);
7083 }
7084 }
7085
7086
get_sta_handler(struct nl_msg * msg,void * arg)7087 static int get_sta_handler(struct nl_msg *msg, void *arg)
7088 {
7089 struct nlattr *tb[NL80211_ATTR_MAX + 1];
7090 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
7091 struct hostap_sta_driver_data *data = arg;
7092 struct nlattr *stats[NL80211_STA_INFO_MAX + 1];
7093 static struct nla_policy stats_policy[NL80211_STA_INFO_MAX + 1] = {
7094 [NL80211_STA_INFO_INACTIVE_TIME] = { .type = NLA_U32 },
7095 [NL80211_STA_INFO_RX_BYTES] = { .type = NLA_U32 },
7096 [NL80211_STA_INFO_TX_BYTES] = { .type = NLA_U32 },
7097 [NL80211_STA_INFO_RX_PACKETS] = { .type = NLA_U32 },
7098 [NL80211_STA_INFO_TX_PACKETS] = { .type = NLA_U32 },
7099 [NL80211_STA_INFO_TX_FAILED] = { .type = NLA_U32 },
7100 [NL80211_STA_INFO_RX_BYTES64] = { .type = NLA_U64 },
7101 [NL80211_STA_INFO_TX_BYTES64] = { .type = NLA_U64 },
7102 [NL80211_STA_INFO_SIGNAL] = { .type = NLA_U8 },
7103 [NL80211_STA_INFO_ACK_SIGNAL] = { .type = NLA_U8 },
7104 [NL80211_STA_INFO_RX_DURATION] = { .type = NLA_U64 },
7105 [NL80211_STA_INFO_TX_DURATION] = { .type = NLA_U64 },
7106 };
7107 struct nlattr *rate[NL80211_RATE_INFO_MAX + 1];
7108 static struct nla_policy rate_policy[NL80211_RATE_INFO_MAX + 1] = {
7109 [NL80211_RATE_INFO_BITRATE] = { .type = NLA_U16 },
7110 [NL80211_RATE_INFO_BITRATE32] = { .type = NLA_U32 },
7111 [NL80211_RATE_INFO_MCS] = { .type = NLA_U8 },
7112 [NL80211_RATE_INFO_VHT_MCS] = { .type = NLA_U8 },
7113 [NL80211_RATE_INFO_SHORT_GI] = { .type = NLA_FLAG },
7114 [NL80211_RATE_INFO_VHT_NSS] = { .type = NLA_U8 },
7115 };
7116
7117 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
7118 genlmsg_attrlen(gnlh, 0), NULL);
7119
7120 /*
7121 * TODO: validate the interface and mac address!
7122 * Otherwise, there's a race condition as soon as
7123 * the kernel starts sending station notifications.
7124 */
7125
7126 if (!tb[NL80211_ATTR_STA_INFO]) {
7127 wpa_printf(MSG_DEBUG, "sta stats missing!");
7128 return NL_SKIP;
7129 }
7130 if (nla_parse_nested(stats, NL80211_STA_INFO_MAX,
7131 tb[NL80211_ATTR_STA_INFO],
7132 stats_policy)) {
7133 wpa_printf(MSG_DEBUG, "failed to parse nested attributes!");
7134 return NL_SKIP;
7135 }
7136
7137 if (stats[NL80211_STA_INFO_INACTIVE_TIME])
7138 data->inactive_msec =
7139 nla_get_u32(stats[NL80211_STA_INFO_INACTIVE_TIME]);
7140 /* For backwards compatibility, fetch the 32-bit counters first. */
7141 if (stats[NL80211_STA_INFO_RX_BYTES])
7142 data->rx_bytes = nla_get_u32(stats[NL80211_STA_INFO_RX_BYTES]);
7143 if (stats[NL80211_STA_INFO_TX_BYTES])
7144 data->tx_bytes = nla_get_u32(stats[NL80211_STA_INFO_TX_BYTES]);
7145 if (stats[NL80211_STA_INFO_RX_BYTES64] &&
7146 stats[NL80211_STA_INFO_TX_BYTES64]) {
7147 /*
7148 * The driver supports 64-bit counters, so use them to override
7149 * the 32-bit values.
7150 */
7151 data->rx_bytes =
7152 nla_get_u64(stats[NL80211_STA_INFO_RX_BYTES64]);
7153 data->tx_bytes =
7154 nla_get_u64(stats[NL80211_STA_INFO_TX_BYTES64]);
7155 data->bytes_64bit = 1;
7156 }
7157 if (stats[NL80211_STA_INFO_RX_PACKETS])
7158 data->rx_packets =
7159 nla_get_u32(stats[NL80211_STA_INFO_RX_PACKETS]);
7160 if (stats[NL80211_STA_INFO_TX_PACKETS])
7161 data->tx_packets =
7162 nla_get_u32(stats[NL80211_STA_INFO_TX_PACKETS]);
7163 if (stats[NL80211_STA_INFO_RX_DURATION])
7164 data->rx_airtime =
7165 nla_get_u64(stats[NL80211_STA_INFO_RX_DURATION]);
7166 if (stats[NL80211_STA_INFO_TX_DURATION])
7167 data->tx_airtime =
7168 nla_get_u64(stats[NL80211_STA_INFO_TX_DURATION]);
7169 if (stats[NL80211_STA_INFO_TX_FAILED])
7170 data->tx_retry_failed =
7171 nla_get_u32(stats[NL80211_STA_INFO_TX_FAILED]);
7172 if (stats[NL80211_STA_INFO_SIGNAL])
7173 data->signal = nla_get_u8(stats[NL80211_STA_INFO_SIGNAL]);
7174 if (stats[NL80211_STA_INFO_ACK_SIGNAL]) {
7175 data->last_ack_rssi =
7176 nla_get_u8(stats[NL80211_STA_INFO_ACK_SIGNAL]);
7177 data->flags |= STA_DRV_DATA_LAST_ACK_RSSI;
7178 }
7179
7180 if (stats[NL80211_STA_INFO_TX_BITRATE] &&
7181 nla_parse_nested(rate, NL80211_RATE_INFO_MAX,
7182 stats[NL80211_STA_INFO_TX_BITRATE],
7183 rate_policy) == 0) {
7184 if (rate[NL80211_RATE_INFO_BITRATE32])
7185 data->current_tx_rate =
7186 nla_get_u32(rate[NL80211_RATE_INFO_BITRATE32]);
7187 else if (rate[NL80211_RATE_INFO_BITRATE])
7188 data->current_tx_rate =
7189 nla_get_u16(rate[NL80211_RATE_INFO_BITRATE]);
7190
7191 if (rate[NL80211_RATE_INFO_MCS]) {
7192 data->tx_mcs = nla_get_u8(rate[NL80211_RATE_INFO_MCS]);
7193 data->flags |= STA_DRV_DATA_TX_MCS;
7194 }
7195 if (rate[NL80211_RATE_INFO_VHT_MCS]) {
7196 data->tx_vhtmcs =
7197 nla_get_u8(rate[NL80211_RATE_INFO_VHT_MCS]);
7198 data->flags |= STA_DRV_DATA_TX_VHT_MCS;
7199 }
7200 if (rate[NL80211_RATE_INFO_SHORT_GI])
7201 data->flags |= STA_DRV_DATA_TX_SHORT_GI;
7202 if (rate[NL80211_RATE_INFO_VHT_NSS]) {
7203 data->tx_vht_nss =
7204 nla_get_u8(rate[NL80211_RATE_INFO_VHT_NSS]);
7205 data->flags |= STA_DRV_DATA_TX_VHT_NSS;
7206 }
7207 }
7208
7209 if (stats[NL80211_STA_INFO_RX_BITRATE] &&
7210 nla_parse_nested(rate, NL80211_RATE_INFO_MAX,
7211 stats[NL80211_STA_INFO_RX_BITRATE],
7212 rate_policy) == 0) {
7213 if (rate[NL80211_RATE_INFO_BITRATE32])
7214 data->current_rx_rate =
7215 nla_get_u32(rate[NL80211_RATE_INFO_BITRATE32]);
7216 else if (rate[NL80211_RATE_INFO_BITRATE])
7217 data->current_rx_rate =
7218 nla_get_u16(rate[NL80211_RATE_INFO_BITRATE]);
7219
7220 if (rate[NL80211_RATE_INFO_MCS]) {
7221 data->rx_mcs =
7222 nla_get_u8(rate[NL80211_RATE_INFO_MCS]);
7223 data->flags |= STA_DRV_DATA_RX_MCS;
7224 }
7225 if (rate[NL80211_RATE_INFO_VHT_MCS]) {
7226 data->rx_vhtmcs =
7227 nla_get_u8(rate[NL80211_RATE_INFO_VHT_MCS]);
7228 data->flags |= STA_DRV_DATA_RX_VHT_MCS;
7229 }
7230 if (rate[NL80211_RATE_INFO_SHORT_GI])
7231 data->flags |= STA_DRV_DATA_RX_SHORT_GI;
7232 if (rate[NL80211_RATE_INFO_VHT_NSS]) {
7233 data->rx_vht_nss =
7234 nla_get_u8(rate[NL80211_RATE_INFO_VHT_NSS]);
7235 data->flags |= STA_DRV_DATA_RX_VHT_NSS;
7236 }
7237 }
7238
7239 if (stats[NL80211_STA_INFO_TID_STATS])
7240 get_sta_tid_stats(data, stats[NL80211_STA_INFO_TID_STATS]);
7241
7242 return NL_SKIP;
7243 }
7244
i802_read_sta_data(struct i802_bss * bss,struct hostap_sta_driver_data * data,const u8 * addr)7245 static int i802_read_sta_data(struct i802_bss *bss,
7246 struct hostap_sta_driver_data *data,
7247 const u8 *addr)
7248 {
7249 struct nl_msg *msg;
7250
7251 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_GET_STATION)) ||
7252 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) {
7253 nlmsg_free(msg);
7254 return -ENOBUFS;
7255 }
7256
7257 return send_and_recv_msgs(bss->drv, msg, get_sta_handler, data,
7258 NULL, NULL);
7259 }
7260
7261
i802_set_tx_queue_params(void * priv,int queue,int aifs,int cw_min,int cw_max,int burst_time)7262 static int i802_set_tx_queue_params(void *priv, int queue, int aifs,
7263 int cw_min, int cw_max, int burst_time)
7264 {
7265 struct i802_bss *bss = priv;
7266 struct wpa_driver_nl80211_data *drv = bss->drv;
7267 struct nl_msg *msg;
7268 struct nlattr *txq, *params;
7269 int res;
7270
7271 msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_WIPHY);
7272 if (!msg)
7273 return -1;
7274
7275 txq = nla_nest_start(msg, NL80211_ATTR_WIPHY_TXQ_PARAMS);
7276 if (!txq)
7277 goto fail;
7278
7279 /* We are only sending parameters for a single TXQ at a time */
7280 params = nla_nest_start(msg, 1);
7281 if (!params)
7282 goto fail;
7283
7284 switch (queue) {
7285 case 0:
7286 if (nla_put_u8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_VO))
7287 goto fail;
7288 break;
7289 case 1:
7290 if (nla_put_u8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_VI))
7291 goto fail;
7292 break;
7293 case 2:
7294 if (nla_put_u8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_BE))
7295 goto fail;
7296 break;
7297 case 3:
7298 if (nla_put_u8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_BK))
7299 goto fail;
7300 break;
7301 }
7302 /* Burst time is configured in units of 0.1 msec and TXOP parameter in
7303 * 32 usec, so need to convert the value here. */
7304 if (nla_put_u16(msg, NL80211_TXQ_ATTR_TXOP,
7305 (burst_time * 100 + 16) / 32) ||
7306 nla_put_u16(msg, NL80211_TXQ_ATTR_CWMIN, cw_min) ||
7307 nla_put_u16(msg, NL80211_TXQ_ATTR_CWMAX, cw_max) ||
7308 nla_put_u8(msg, NL80211_TXQ_ATTR_AIFS, aifs))
7309 goto fail;
7310
7311 nla_nest_end(msg, params);
7312
7313 nla_nest_end(msg, txq);
7314
7315 res = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
7316 wpa_printf(MSG_DEBUG,
7317 "nl80211: TX queue param set: queue=%d aifs=%d cw_min=%d cw_max=%d burst_time=%d --> res=%d",
7318 queue, aifs, cw_min, cw_max, burst_time, res);
7319 if (res == 0)
7320 return 0;
7321 msg = NULL;
7322 fail:
7323 nlmsg_free(msg);
7324 return -1;
7325 }
7326
7327
i802_set_sta_vlan(struct i802_bss * bss,const u8 * addr,const char * ifname,int vlan_id)7328 static int i802_set_sta_vlan(struct i802_bss *bss, const u8 *addr,
7329 const char *ifname, int vlan_id)
7330 {
7331 struct wpa_driver_nl80211_data *drv = bss->drv;
7332 struct nl_msg *msg;
7333 int ret;
7334
7335 wpa_printf(MSG_DEBUG, "nl80211: %s[%d]: set_sta_vlan(" MACSTR
7336 ", ifname=%s[%d], vlan_id=%d)",
7337 bss->ifname, if_nametoindex(bss->ifname),
7338 MAC2STR(addr), ifname, if_nametoindex(ifname), vlan_id);
7339 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_STATION)) ||
7340 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr) ||
7341 (vlan_id && (drv->capa.flags & WPA_DRIVER_FLAGS_VLAN_OFFLOAD) &&
7342 nla_put_u16(msg, NL80211_ATTR_VLAN_ID, vlan_id)) ||
7343 nla_put_u32(msg, NL80211_ATTR_STA_VLAN, if_nametoindex(ifname))) {
7344 nlmsg_free(msg);
7345 return -ENOBUFS;
7346 }
7347
7348 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
7349 if (ret < 0) {
7350 wpa_printf(MSG_ERROR, "nl80211: NL80211_ATTR_STA_VLAN (addr="
7351 MACSTR " ifname=%s vlan_id=%d) failed: %d (%s)",
7352 MAC2STR(addr), ifname, vlan_id, ret,
7353 strerror(-ret));
7354 }
7355 return ret;
7356 }
7357
7358
i802_get_inact_sec(void * priv,const u8 * addr)7359 static int i802_get_inact_sec(void *priv, const u8 *addr)
7360 {
7361 struct hostap_sta_driver_data data;
7362 int ret;
7363
7364 os_memset(&data, 0, sizeof(data));
7365 data.inactive_msec = (unsigned long) -1;
7366 ret = i802_read_sta_data(priv, &data, addr);
7367 if (ret == -ENOENT)
7368 return -ENOENT;
7369 if (ret || data.inactive_msec == (unsigned long) -1)
7370 return -1;
7371 return data.inactive_msec / 1000;
7372 }
7373
7374
i802_sta_clear_stats(void * priv,const u8 * addr)7375 static int i802_sta_clear_stats(void *priv, const u8 *addr)
7376 {
7377 #if 0
7378 /* TODO */
7379 #endif
7380 return 0;
7381 }
7382
7383
i802_sta_deauth(void * priv,const u8 * own_addr,const u8 * addr,u16 reason)7384 static int i802_sta_deauth(void *priv, const u8 *own_addr, const u8 *addr,
7385 u16 reason)
7386 {
7387 struct i802_bss *bss = priv;
7388 struct wpa_driver_nl80211_data *drv = bss->drv;
7389 struct ieee80211_mgmt mgmt;
7390 u8 channel;
7391
7392 if (ieee80211_freq_to_chan(bss->freq, &channel) ==
7393 HOSTAPD_MODE_IEEE80211AD) {
7394 /* Deauthentication is not used in DMG/IEEE 802.11ad;
7395 * disassociate the STA instead. */
7396 return i802_sta_disassoc(priv, own_addr, addr, reason);
7397 }
7398
7399 if (is_mesh_interface(drv->nlmode))
7400 return -1;
7401
7402 if (drv->device_ap_sme)
7403 return wpa_driver_nl80211_sta_remove(bss, addr, 1, reason);
7404
7405 memset(&mgmt, 0, sizeof(mgmt));
7406 mgmt.frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT,
7407 WLAN_FC_STYPE_DEAUTH);
7408 memcpy(mgmt.da, addr, ETH_ALEN);
7409 memcpy(mgmt.sa, own_addr, ETH_ALEN);
7410 memcpy(mgmt.bssid, own_addr, ETH_ALEN);
7411 mgmt.u.deauth.reason_code = host_to_le16(reason);
7412 return wpa_driver_nl80211_send_mlme(bss, (u8 *) &mgmt,
7413 IEEE80211_HDRLEN +
7414 sizeof(mgmt.u.deauth), 0, 0, 0, 0,
7415 0, NULL, 0, 0);
7416 }
7417
7418
i802_sta_disassoc(void * priv,const u8 * own_addr,const u8 * addr,u16 reason)7419 static int i802_sta_disassoc(void *priv, const u8 *own_addr, const u8 *addr,
7420 u16 reason)
7421 {
7422 struct i802_bss *bss = priv;
7423 struct wpa_driver_nl80211_data *drv = bss->drv;
7424 struct ieee80211_mgmt mgmt;
7425
7426 if (is_mesh_interface(drv->nlmode))
7427 return -1;
7428
7429 if (drv->device_ap_sme)
7430 return wpa_driver_nl80211_sta_remove(bss, addr, 0, reason);
7431
7432 memset(&mgmt, 0, sizeof(mgmt));
7433 mgmt.frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT,
7434 WLAN_FC_STYPE_DISASSOC);
7435 memcpy(mgmt.da, addr, ETH_ALEN);
7436 memcpy(mgmt.sa, own_addr, ETH_ALEN);
7437 memcpy(mgmt.bssid, own_addr, ETH_ALEN);
7438 mgmt.u.disassoc.reason_code = host_to_le16(reason);
7439 return wpa_driver_nl80211_send_mlme(bss, (u8 *) &mgmt,
7440 IEEE80211_HDRLEN +
7441 sizeof(mgmt.u.disassoc), 0, 0, 0, 0,
7442 0, NULL, 0, 0);
7443 }
7444
7445
dump_ifidx(struct wpa_driver_nl80211_data * drv)7446 static void dump_ifidx(struct wpa_driver_nl80211_data *drv)
7447 {
7448 char buf[200], *pos, *end;
7449 int i, res;
7450
7451 pos = buf;
7452 end = pos + sizeof(buf);
7453
7454 for (i = 0; i < drv->num_if_indices; i++) {
7455 if (!drv->if_indices[i].ifindex)
7456 continue;
7457 res = os_snprintf(pos, end - pos, " %d(%d)",
7458 drv->if_indices[i].ifindex,
7459 drv->if_indices[i].reason);
7460 if (os_snprintf_error(end - pos, res))
7461 break;
7462 pos += res;
7463 }
7464 *pos = '\0';
7465
7466 wpa_printf(MSG_DEBUG, "nl80211: if_indices[%d]:%s",
7467 drv->num_if_indices, buf);
7468 }
7469
7470
add_ifidx(struct wpa_driver_nl80211_data * drv,int ifidx,int ifidx_reason)7471 static void add_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx,
7472 int ifidx_reason)
7473 {
7474 int i;
7475 struct drv_nl80211_if_info *old;
7476
7477 wpa_printf(MSG_DEBUG,
7478 "nl80211: Add own interface ifindex %d (ifidx_reason %d)",
7479 ifidx, ifidx_reason);
7480 if (have_ifidx(drv, ifidx, ifidx_reason)) {
7481 wpa_printf(MSG_DEBUG, "nl80211: ifindex %d already in the list",
7482 ifidx);
7483 return;
7484 }
7485 for (i = 0; i < drv->num_if_indices; i++) {
7486 if (drv->if_indices[i].ifindex == 0) {
7487 drv->if_indices[i].ifindex = ifidx;
7488 drv->if_indices[i].reason = ifidx_reason;
7489 dump_ifidx(drv);
7490 return;
7491 }
7492 }
7493
7494 if (drv->if_indices != drv->default_if_indices)
7495 old = drv->if_indices;
7496 else
7497 old = NULL;
7498
7499 drv->if_indices = os_realloc_array(old, drv->num_if_indices + 1,
7500 sizeof(*old));
7501 if (!drv->if_indices) {
7502 if (!old)
7503 drv->if_indices = drv->default_if_indices;
7504 else
7505 drv->if_indices = old;
7506 wpa_printf(MSG_ERROR, "Failed to reallocate memory for "
7507 "interfaces");
7508 wpa_printf(MSG_ERROR, "Ignoring EAPOL on interface %d", ifidx);
7509 return;
7510 }
7511 if (!old)
7512 os_memcpy(drv->if_indices, drv->default_if_indices,
7513 sizeof(drv->default_if_indices));
7514 drv->if_indices[drv->num_if_indices].ifindex = ifidx;
7515 drv->if_indices[drv->num_if_indices].reason = ifidx_reason;
7516 drv->num_if_indices++;
7517 dump_ifidx(drv);
7518 }
7519
7520
del_ifidx(struct wpa_driver_nl80211_data * drv,int ifidx,int ifidx_reason)7521 static void del_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx,
7522 int ifidx_reason)
7523 {
7524 int i;
7525
7526 for (i = 0; i < drv->num_if_indices; i++) {
7527 if ((drv->if_indices[i].ifindex == ifidx ||
7528 ifidx == IFIDX_ANY) &&
7529 (drv->if_indices[i].reason == ifidx_reason ||
7530 ifidx_reason == IFIDX_ANY)) {
7531 drv->if_indices[i].ifindex = 0;
7532 drv->if_indices[i].reason = 0;
7533 break;
7534 }
7535 }
7536 dump_ifidx(drv);
7537 }
7538
7539
have_ifidx(struct wpa_driver_nl80211_data * drv,int ifidx,int ifidx_reason)7540 static int have_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx,
7541 int ifidx_reason)
7542 {
7543 int i;
7544
7545 for (i = 0; i < drv->num_if_indices; i++)
7546 if (drv->if_indices[i].ifindex == ifidx &&
7547 (drv->if_indices[i].reason == ifidx_reason ||
7548 ifidx_reason == IFIDX_ANY))
7549 return 1;
7550
7551 return 0;
7552 }
7553
7554
i802_set_wds_sta(void * priv,const u8 * addr,int aid,int val,const char * bridge_ifname,char * ifname_wds)7555 static int i802_set_wds_sta(void *priv, const u8 *addr, int aid, int val,
7556 const char *bridge_ifname, char *ifname_wds)
7557 {
7558 struct i802_bss *bss = priv;
7559 struct wpa_driver_nl80211_data *drv = bss->drv;
7560 char name[IFNAMSIZ + 1];
7561 union wpa_event_data event;
7562 int ret;
7563
7564 ret = os_snprintf(name, sizeof(name), "%s.sta%d", bss->ifname, aid);
7565 if (ret >= (int) sizeof(name))
7566 wpa_printf(MSG_WARNING,
7567 "nl80211: WDS interface name was truncated");
7568 else if (ret < 0)
7569 return ret;
7570
7571 if (ifname_wds)
7572 os_strlcpy(ifname_wds, name, IFNAMSIZ + 1);
7573
7574 wpa_printf(MSG_DEBUG, "nl80211: Set WDS STA addr=" MACSTR
7575 " aid=%d val=%d name=%s", MAC2STR(addr), aid, val, name);
7576 if (val) {
7577 if (!if_nametoindex(name)) {
7578 if (nl80211_create_iface(drv, name,
7579 NL80211_IFTYPE_AP_VLAN,
7580 bss->addr, 1, NULL, NULL, 0) <
7581 0)
7582 return -1;
7583 if (bridge_ifname &&
7584 linux_br_add_if(drv->global->ioctl_sock,
7585 bridge_ifname, name) < 0)
7586 return -1;
7587
7588 os_memset(&event, 0, sizeof(event));
7589 event.wds_sta_interface.sta_addr = addr;
7590 event.wds_sta_interface.ifname = name;
7591 event.wds_sta_interface.istatus = INTERFACE_ADDED;
7592 wpa_supplicant_event(bss->ctx,
7593 EVENT_WDS_STA_INTERFACE_STATUS,
7594 &event);
7595 }
7596 if (linux_set_iface_flags(drv->global->ioctl_sock, name, 1)) {
7597 wpa_printf(MSG_ERROR, "nl80211: Failed to set WDS STA "
7598 "interface %s up", name);
7599 }
7600 return i802_set_sta_vlan(priv, addr, name, 0);
7601 } else {
7602 if (bridge_ifname &&
7603 linux_br_del_if(drv->global->ioctl_sock, bridge_ifname,
7604 name) < 0)
7605 wpa_printf(MSG_INFO,
7606 "nl80211: Failed to remove interface %s from bridge %s: %s",
7607 name, bridge_ifname, strerror(errno));
7608
7609 i802_set_sta_vlan(priv, addr, bss->ifname, 0);
7610 nl80211_remove_iface(drv, if_nametoindex(name));
7611 os_memset(&event, 0, sizeof(event));
7612 event.wds_sta_interface.sta_addr = addr;
7613 event.wds_sta_interface.ifname = name;
7614 event.wds_sta_interface.istatus = INTERFACE_REMOVED;
7615 wpa_supplicant_event(bss->ctx, EVENT_WDS_STA_INTERFACE_STATUS,
7616 &event);
7617 return 0;
7618 }
7619 }
7620
7621
handle_eapol(int sock,void * eloop_ctx,void * sock_ctx)7622 static void handle_eapol(int sock, void *eloop_ctx, void *sock_ctx)
7623 {
7624 struct wpa_driver_nl80211_data *drv = eloop_ctx;
7625 struct sockaddr_ll lladdr;
7626 unsigned char buf[3000];
7627 int len;
7628 socklen_t fromlen = sizeof(lladdr);
7629
7630 len = recvfrom(sock, buf, sizeof(buf), 0,
7631 (struct sockaddr *)&lladdr, &fromlen);
7632 if (len < 0) {
7633 wpa_printf(MSG_ERROR, "nl80211: EAPOL recv failed: %s",
7634 strerror(errno));
7635 return;
7636 }
7637
7638 if (have_ifidx(drv, lladdr.sll_ifindex, IFIDX_ANY))
7639 drv_event_eapol_rx(drv->ctx, lladdr.sll_addr, buf, len);
7640 }
7641
7642
i802_check_bridge(struct wpa_driver_nl80211_data * drv,struct i802_bss * bss,const char * brname,const char * ifname)7643 static int i802_check_bridge(struct wpa_driver_nl80211_data *drv,
7644 struct i802_bss *bss,
7645 const char *brname, const char *ifname)
7646 {
7647 int br_ifindex;
7648 char in_br[IFNAMSIZ];
7649
7650 os_strlcpy(bss->brname, brname, IFNAMSIZ);
7651 br_ifindex = if_nametoindex(brname);
7652 if (br_ifindex == 0) {
7653 /*
7654 * Bridge was configured, but the bridge device does
7655 * not exist. Try to add it now.
7656 */
7657 if (linux_br_add(drv->global->ioctl_sock, brname) < 0) {
7658 wpa_printf(MSG_ERROR, "nl80211: Failed to add the "
7659 "bridge interface %s: %s",
7660 brname, strerror(errno));
7661 return -1;
7662 }
7663 bss->added_bridge = 1;
7664 br_ifindex = if_nametoindex(brname);
7665 add_ifidx(drv, br_ifindex, drv->ifindex);
7666 }
7667 bss->br_ifindex = br_ifindex;
7668
7669 if (linux_br_get(in_br, ifname) == 0) {
7670 if (os_strcmp(in_br, brname) == 0) {
7671 bss->already_in_bridge = 1;
7672 return 0; /* already in the bridge */
7673 }
7674
7675 wpa_printf(MSG_DEBUG, "nl80211: Removing interface %s from "
7676 "bridge %s", ifname, in_br);
7677 if (linux_br_del_if(drv->global->ioctl_sock, in_br, ifname) <
7678 0) {
7679 wpa_printf(MSG_ERROR, "nl80211: Failed to "
7680 "remove interface %s from bridge "
7681 "%s: %s",
7682 ifname, in_br, strerror(errno));
7683 return -1;
7684 }
7685 }
7686
7687 wpa_printf(MSG_DEBUG, "nl80211: Adding interface %s into bridge %s",
7688 ifname, brname);
7689 if (linux_br_add_if(drv->global->ioctl_sock, brname, ifname) < 0) {
7690 wpa_printf(MSG_WARNING,
7691 "nl80211: Failed to add interface %s into bridge %s: %s",
7692 ifname, brname, strerror(errno));
7693 /* Try to continue without the interface being in a bridge. This
7694 * may be needed for some cases, e.g., with Open vSwitch, where
7695 * an external component will need to handle bridge
7696 * configuration. */
7697 return 0;
7698 }
7699 bss->added_if_into_bridge = 1;
7700
7701 return 0;
7702 }
7703
7704
i802_init(struct hostapd_data * hapd,struct wpa_init_params * params)7705 static void *i802_init(struct hostapd_data *hapd,
7706 struct wpa_init_params *params)
7707 {
7708 struct wpa_driver_nl80211_data *drv;
7709 struct i802_bss *bss;
7710 size_t i;
7711 char master_ifname[IFNAMSIZ];
7712 int ifindex, br_ifindex = 0;
7713 int br_added = 0;
7714
7715 bss = wpa_driver_nl80211_drv_init(hapd, params->ifname,
7716 params->global_priv, 1,
7717 params->bssid, params->driver_params);
7718 if (bss == NULL)
7719 return NULL;
7720
7721 drv = bss->drv;
7722
7723 if (linux_br_get(master_ifname, params->ifname) == 0) {
7724 wpa_printf(MSG_DEBUG, "nl80211: Interface %s is in bridge %s",
7725 params->ifname, master_ifname);
7726 br_ifindex = if_nametoindex(master_ifname);
7727 os_strlcpy(bss->brname, master_ifname, IFNAMSIZ);
7728 } else if ((params->num_bridge == 0 || !params->bridge[0]) &&
7729 linux_master_get(master_ifname, params->ifname) == 0) {
7730 wpa_printf(MSG_DEBUG, "nl80211: Interface %s is in master %s",
7731 params->ifname, master_ifname);
7732 /* start listening for EAPOL on the master interface */
7733 add_ifidx(drv, if_nametoindex(master_ifname), drv->ifindex);
7734
7735 /* check if master itself is under bridge */
7736 if (linux_br_get(master_ifname, master_ifname) == 0) {
7737 wpa_printf(MSG_DEBUG, "nl80211: which is in bridge %s",
7738 master_ifname);
7739 br_ifindex = if_nametoindex(master_ifname);
7740 os_strlcpy(bss->brname, master_ifname, IFNAMSIZ);
7741 }
7742 } else {
7743 master_ifname[0] = '\0';
7744 }
7745
7746 bss->br_ifindex = br_ifindex;
7747
7748 for (i = 0; i < params->num_bridge; i++) {
7749 if (params->bridge[i]) {
7750 ifindex = if_nametoindex(params->bridge[i]);
7751 if (ifindex)
7752 add_ifidx(drv, ifindex, drv->ifindex);
7753 if (ifindex == br_ifindex)
7754 br_added = 1;
7755 }
7756 }
7757
7758 /* start listening for EAPOL on the default AP interface */
7759 add_ifidx(drv, drv->ifindex, IFIDX_ANY);
7760
7761 if (params->num_bridge && params->bridge[0]) {
7762 if (i802_check_bridge(drv, bss, params->bridge[0],
7763 params->ifname) < 0)
7764 goto failed;
7765 if (os_strcmp(params->bridge[0], master_ifname) != 0)
7766 br_added = 1;
7767 }
7768
7769 if (!br_added && br_ifindex &&
7770 (params->num_bridge == 0 || !params->bridge[0]))
7771 add_ifidx(drv, br_ifindex, drv->ifindex);
7772
7773 #ifdef CONFIG_LIBNL3_ROUTE
7774 if (bss->added_if_into_bridge || bss->already_in_bridge) {
7775 int err;
7776
7777 drv->rtnl_sk = nl_socket_alloc();
7778 if (drv->rtnl_sk == NULL) {
7779 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate nl_sock");
7780 goto failed;
7781 }
7782
7783 err = nl_connect(drv->rtnl_sk, NETLINK_ROUTE);
7784 if (err) {
7785 wpa_printf(MSG_ERROR, "nl80211: Failed to connect nl_sock to NETLINK_ROUTE: %s",
7786 nl_geterror(err));
7787 goto failed;
7788 }
7789 }
7790 #endif /* CONFIG_LIBNL3_ROUTE */
7791
7792 if (drv->capa.flags2 & WPA_DRIVER_FLAGS2_CONTROL_PORT_RX) {
7793 wpa_printf(MSG_DEBUG,
7794 "nl80211: Do not open EAPOL RX socket - using control port for RX");
7795 goto skip_eapol_sock;
7796 }
7797
7798 drv->eapol_sock = socket(PF_PACKET, SOCK_DGRAM, htons(ETH_P_PAE));
7799 if (drv->eapol_sock < 0) {
7800 wpa_printf(MSG_ERROR, "nl80211: socket(PF_PACKET, SOCK_DGRAM, ETH_P_PAE) failed: %s",
7801 strerror(errno));
7802 goto failed;
7803 }
7804
7805 if (eloop_register_read_sock(drv->eapol_sock, handle_eapol, drv, NULL))
7806 {
7807 wpa_printf(MSG_INFO, "nl80211: Could not register read socket for eapol");
7808 goto failed;
7809 }
7810 skip_eapol_sock:
7811
7812 if (linux_get_ifhwaddr(drv->global->ioctl_sock, bss->ifname,
7813 params->own_addr))
7814 goto failed;
7815 os_memcpy(drv->perm_addr, params->own_addr, ETH_ALEN);
7816
7817 memcpy(bss->addr, params->own_addr, ETH_ALEN);
7818
7819 return bss;
7820
7821 failed:
7822 wpa_driver_nl80211_deinit(bss);
7823 return NULL;
7824 }
7825
7826
i802_deinit(void * priv)7827 static void i802_deinit(void *priv)
7828 {
7829 struct i802_bss *bss = priv;
7830 wpa_driver_nl80211_deinit(bss);
7831 }
7832
7833
wpa_driver_nl80211_if_type(enum wpa_driver_if_type type)7834 static enum nl80211_iftype wpa_driver_nl80211_if_type(
7835 enum wpa_driver_if_type type)
7836 {
7837 switch (type) {
7838 case WPA_IF_STATION:
7839 return NL80211_IFTYPE_STATION;
7840 case WPA_IF_P2P_CLIENT:
7841 case WPA_IF_P2P_GROUP:
7842 return NL80211_IFTYPE_P2P_CLIENT;
7843 case WPA_IF_AP_VLAN:
7844 return NL80211_IFTYPE_AP_VLAN;
7845 case WPA_IF_AP_BSS:
7846 return NL80211_IFTYPE_AP;
7847 case WPA_IF_P2P_GO:
7848 return NL80211_IFTYPE_P2P_GO;
7849 case WPA_IF_P2P_DEVICE:
7850 return NL80211_IFTYPE_P2P_DEVICE;
7851 case WPA_IF_MESH:
7852 return NL80211_IFTYPE_MESH_POINT;
7853 default:
7854 return -1;
7855 }
7856 }
7857
7858
nl80211_addr_in_use(struct nl80211_global * global,const u8 * addr)7859 static int nl80211_addr_in_use(struct nl80211_global *global, const u8 *addr)
7860 {
7861 struct wpa_driver_nl80211_data *drv;
7862 dl_list_for_each(drv, &global->interfaces,
7863 struct wpa_driver_nl80211_data, list) {
7864 if (os_memcmp(addr, drv->first_bss->addr, ETH_ALEN) == 0)
7865 return 1;
7866 }
7867 return 0;
7868 }
7869
7870
nl80211_vif_addr(struct wpa_driver_nl80211_data * drv,u8 * new_addr)7871 static int nl80211_vif_addr(struct wpa_driver_nl80211_data *drv, u8 *new_addr)
7872 {
7873 unsigned int idx;
7874
7875 if (!drv->global)
7876 return -1;
7877
7878 os_memcpy(new_addr, drv->first_bss->addr, ETH_ALEN);
7879 for (idx = 0; idx < 64; idx++) {
7880 new_addr[0] = drv->first_bss->addr[0] | 0x02;
7881 new_addr[0] ^= idx << 2;
7882 if (!nl80211_addr_in_use(drv->global, new_addr))
7883 break;
7884 }
7885 if (idx == 64)
7886 return -1;
7887
7888 wpa_printf(MSG_DEBUG, "nl80211: Assigned new virtual interface address "
7889 MACSTR, MAC2STR(new_addr));
7890
7891 return 0;
7892 }
7893
7894
7895 struct wdev_info {
7896 u64 wdev_id;
7897 int wdev_id_set;
7898 u8 macaddr[ETH_ALEN];
7899 };
7900
nl80211_wdev_handler(struct nl_msg * msg,void * arg)7901 static int nl80211_wdev_handler(struct nl_msg *msg, void *arg)
7902 {
7903 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
7904 struct nlattr *tb[NL80211_ATTR_MAX + 1];
7905 struct wdev_info *wi = arg;
7906
7907 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
7908 genlmsg_attrlen(gnlh, 0), NULL);
7909 if (tb[NL80211_ATTR_WDEV]) {
7910 wi->wdev_id = nla_get_u64(tb[NL80211_ATTR_WDEV]);
7911 wi->wdev_id_set = 1;
7912 }
7913
7914 if (tb[NL80211_ATTR_MAC])
7915 os_memcpy(wi->macaddr, nla_data(tb[NL80211_ATTR_MAC]),
7916 ETH_ALEN);
7917
7918 return NL_SKIP;
7919 }
7920
7921
wpa_driver_nl80211_if_add(void * priv,enum wpa_driver_if_type type,const char * ifname,const u8 * addr,void * bss_ctx,void ** drv_priv,char * force_ifname,u8 * if_addr,const char * bridge,int use_existing,int setup_ap)7922 static int wpa_driver_nl80211_if_add(void *priv, enum wpa_driver_if_type type,
7923 const char *ifname, const u8 *addr,
7924 void *bss_ctx, void **drv_priv,
7925 char *force_ifname, u8 *if_addr,
7926 const char *bridge, int use_existing,
7927 int setup_ap)
7928 {
7929 enum nl80211_iftype nlmode;
7930 struct i802_bss *bss = priv;
7931 struct wpa_driver_nl80211_data *drv = bss->drv;
7932 int ifidx;
7933 int added = 1;
7934
7935 if (addr)
7936 os_memcpy(if_addr, addr, ETH_ALEN);
7937 nlmode = wpa_driver_nl80211_if_type(type);
7938 if (nlmode == NL80211_IFTYPE_P2P_DEVICE) {
7939 struct wdev_info p2pdev_info;
7940
7941 os_memset(&p2pdev_info, 0, sizeof(p2pdev_info));
7942 ifidx = nl80211_create_iface(drv, ifname, nlmode, addr,
7943 0, nl80211_wdev_handler,
7944 &p2pdev_info, use_existing);
7945 if (!p2pdev_info.wdev_id_set || ifidx != 0) {
7946 wpa_printf(MSG_ERROR, "nl80211: Failed to create a P2P Device interface %s",
7947 ifname);
7948 return -1;
7949 }
7950
7951 drv->global->if_add_wdevid = p2pdev_info.wdev_id;
7952 drv->global->if_add_wdevid_set = p2pdev_info.wdev_id_set;
7953 if (!is_zero_ether_addr(p2pdev_info.macaddr)) {
7954 os_memcpy(if_addr, p2pdev_info.macaddr, ETH_ALEN);
7955 os_memcpy(drv->global->p2p_perm_addr, p2pdev_info.macaddr, ETH_ALEN);
7956 }
7957 wpa_printf(MSG_DEBUG, "nl80211: New P2P Device interface %s (0x%llx) created",
7958 ifname,
7959 (long long unsigned int) p2pdev_info.wdev_id);
7960 } else {
7961 ifidx = nl80211_create_iface(drv, ifname, nlmode, addr,
7962 0, NULL, NULL, use_existing);
7963 if (use_existing && ifidx == -ENFILE) {
7964 added = 0;
7965 ifidx = if_nametoindex(ifname);
7966 } else if (ifidx < 0) {
7967 return -1;
7968 }
7969 }
7970
7971 if (!addr) {
7972 if (nlmode == NL80211_IFTYPE_P2P_DEVICE)
7973 os_memcpy(if_addr, bss->addr, ETH_ALEN);
7974 else if (linux_get_ifhwaddr(drv->global->ioctl_sock,
7975 ifname, if_addr) < 0) {
7976 if (added)
7977 nl80211_remove_iface(drv, ifidx);
7978 return -1;
7979 }
7980 }
7981
7982 if (!addr &&
7983 (type == WPA_IF_P2P_CLIENT || type == WPA_IF_P2P_GROUP ||
7984 type == WPA_IF_P2P_GO || type == WPA_IF_MESH ||
7985 type == WPA_IF_STATION)) {
7986 /* Enforce unique address */
7987 u8 new_addr[ETH_ALEN];
7988
7989 if (linux_get_ifhwaddr(drv->global->ioctl_sock, ifname,
7990 new_addr) < 0) {
7991 if (added)
7992 nl80211_remove_iface(drv, ifidx);
7993 return -1;
7994 }
7995 if (nl80211_addr_in_use(drv->global, new_addr)) {
7996 wpa_printf(MSG_DEBUG, "nl80211: Allocate new address "
7997 "for interface %s type %d", ifname, type);
7998 if (nl80211_vif_addr(drv, new_addr) < 0) {
7999 if (added)
8000 nl80211_remove_iface(drv, ifidx);
8001 return -1;
8002 }
8003 if (linux_set_ifhwaddr(drv->global->ioctl_sock, ifname,
8004 new_addr) < 0) {
8005 if (added)
8006 nl80211_remove_iface(drv, ifidx);
8007 return -1;
8008 }
8009 }
8010 os_memcpy(if_addr, new_addr, ETH_ALEN);
8011 }
8012
8013 if (type == WPA_IF_AP_BSS && setup_ap) {
8014 struct i802_bss *new_bss = os_zalloc(sizeof(*new_bss));
8015 if (new_bss == NULL) {
8016 if (added)
8017 nl80211_remove_iface(drv, ifidx);
8018 return -1;
8019 }
8020
8021 if (bridge &&
8022 i802_check_bridge(drv, new_bss, bridge, ifname) < 0) {
8023 wpa_printf(MSG_ERROR, "nl80211: Failed to add the new "
8024 "interface %s to a bridge %s",
8025 ifname, bridge);
8026 if (added)
8027 nl80211_remove_iface(drv, ifidx);
8028 os_free(new_bss);
8029 return -1;
8030 }
8031
8032 if (linux_set_iface_flags(drv->global->ioctl_sock, ifname, 1))
8033 {
8034 if (added)
8035 nl80211_remove_iface(drv, ifidx);
8036 os_free(new_bss);
8037 return -1;
8038 }
8039 os_strlcpy(new_bss->ifname, ifname, IFNAMSIZ);
8040 os_memcpy(new_bss->addr, if_addr, ETH_ALEN);
8041 new_bss->ifindex = ifidx;
8042 new_bss->drv = drv;
8043 new_bss->next = drv->first_bss->next;
8044 new_bss->freq = drv->first_bss->freq;
8045 new_bss->ctx = bss_ctx;
8046 new_bss->added_if = added;
8047 drv->first_bss->next = new_bss;
8048 if (drv_priv)
8049 *drv_priv = new_bss;
8050 nl80211_init_bss(new_bss);
8051
8052 /* Subscribe management frames for this WPA_IF_AP_BSS */
8053 if (nl80211_setup_ap(new_bss))
8054 return -1;
8055 }
8056
8057 if (drv->global)
8058 drv->global->if_add_ifindex = ifidx;
8059
8060 /*
8061 * Some virtual interfaces need to process EAPOL packets and events on
8062 * the parent interface. This is used mainly with hostapd.
8063 */
8064 if (ifidx > 0 &&
8065 (drv->hostapd ||
8066 nlmode == NL80211_IFTYPE_AP_VLAN ||
8067 nlmode == NL80211_IFTYPE_WDS ||
8068 nlmode == NL80211_IFTYPE_MONITOR))
8069 add_ifidx(drv, ifidx, IFIDX_ANY);
8070
8071 return 0;
8072 }
8073
8074
wpa_driver_nl80211_if_remove(struct i802_bss * bss,enum wpa_driver_if_type type,const char * ifname)8075 static int wpa_driver_nl80211_if_remove(struct i802_bss *bss,
8076 enum wpa_driver_if_type type,
8077 const char *ifname)
8078 {
8079 struct wpa_driver_nl80211_data *drv = bss->drv;
8080 int ifindex = if_nametoindex(ifname);
8081
8082 wpa_printf(MSG_DEBUG, "nl80211: %s(type=%d ifname=%s) ifindex=%d added_if=%d",
8083 __func__, type, ifname, ifindex, bss->added_if);
8084 if (ifindex > 0 && (bss->added_if || bss->ifindex != ifindex))
8085 nl80211_remove_iface(drv, ifindex);
8086 else if (ifindex > 0 && !bss->added_if) {
8087 struct wpa_driver_nl80211_data *drv2;
8088 dl_list_for_each(drv2, &drv->global->interfaces,
8089 struct wpa_driver_nl80211_data, list) {
8090 del_ifidx(drv2, ifindex, IFIDX_ANY);
8091 del_ifidx(drv2, IFIDX_ANY, ifindex);
8092 }
8093 }
8094
8095 if (type != WPA_IF_AP_BSS)
8096 return 0;
8097
8098 if (bss->added_if_into_bridge) {
8099 if (linux_br_del_if(drv->global->ioctl_sock, bss->brname,
8100 bss->ifname) < 0)
8101 wpa_printf(MSG_INFO, "nl80211: Failed to remove "
8102 "interface %s from bridge %s: %s",
8103 bss->ifname, bss->brname, strerror(errno));
8104 }
8105 if (bss->added_bridge) {
8106 if (linux_br_del(drv->global->ioctl_sock, bss->brname) < 0)
8107 wpa_printf(MSG_INFO, "nl80211: Failed to remove "
8108 "bridge %s: %s",
8109 bss->brname, strerror(errno));
8110 }
8111
8112 if (bss != drv->first_bss) {
8113 struct i802_bss *tbss;
8114
8115 wpa_printf(MSG_DEBUG, "nl80211: Not the first BSS - remove it");
8116 for (tbss = drv->first_bss; tbss; tbss = tbss->next) {
8117 if (tbss->next == bss) {
8118 tbss->next = bss->next;
8119 /* Unsubscribe management frames */
8120 nl80211_teardown_ap(bss);
8121 nl80211_destroy_bss(bss);
8122 if (!bss->added_if)
8123 i802_set_iface_flags(bss, 0);
8124 os_free(bss);
8125 bss = NULL;
8126 break;
8127 }
8128 }
8129 if (bss)
8130 wpa_printf(MSG_INFO, "nl80211: %s - could not find "
8131 "BSS %p in the list", __func__, bss);
8132 } else {
8133 wpa_printf(MSG_DEBUG, "nl80211: First BSS - reassign context");
8134 nl80211_teardown_ap(bss);
8135 if (!bss->added_if && !drv->first_bss->next)
8136 wpa_driver_nl80211_del_beacon(bss);
8137 nl80211_destroy_bss(bss);
8138 if (!bss->added_if)
8139 i802_set_iface_flags(bss, 0);
8140 if (drv->first_bss->next) {
8141 drv->first_bss = drv->first_bss->next;
8142 drv->ctx = drv->first_bss->ctx;
8143 os_free(bss);
8144 } else {
8145 wpa_printf(MSG_DEBUG, "nl80211: No second BSS to reassign context to");
8146 }
8147 }
8148
8149 return 0;
8150 }
8151
8152
cookie_handler(struct nl_msg * msg,void * arg)8153 static int cookie_handler(struct nl_msg *msg, void *arg)
8154 {
8155 struct nlattr *tb[NL80211_ATTR_MAX + 1];
8156 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
8157 u64 *cookie = arg;
8158 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
8159 genlmsg_attrlen(gnlh, 0), NULL);
8160 if (tb[NL80211_ATTR_COOKIE])
8161 *cookie = nla_get_u64(tb[NL80211_ATTR_COOKIE]);
8162 return NL_SKIP;
8163 }
8164
8165
nl80211_send_frame_cmd(struct i802_bss * bss,unsigned int freq,unsigned int wait,const u8 * buf,size_t buf_len,int save_cookie,int no_cck,int no_ack,int offchanok,const u16 * csa_offs,size_t csa_offs_len)8166 static int nl80211_send_frame_cmd(struct i802_bss *bss,
8167 unsigned int freq, unsigned int wait,
8168 const u8 *buf, size_t buf_len,
8169 int save_cookie, int no_cck, int no_ack,
8170 int offchanok, const u16 *csa_offs,
8171 size_t csa_offs_len)
8172 {
8173 struct wpa_driver_nl80211_data *drv = bss->drv;
8174 struct nl_msg *msg;
8175 u64 cookie;
8176 int ret = -1;
8177
8178 wpa_printf(MSG_MSGDUMP, "nl80211: CMD_FRAME freq=%u wait=%u no_cck=%d "
8179 "no_ack=%d offchanok=%d",
8180 freq, wait, no_cck, no_ack, offchanok);
8181 wpa_hexdump(MSG_MSGDUMP, "CMD_FRAME", buf, buf_len);
8182
8183 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_FRAME)) ||
8184 (freq && nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, freq)) ||
8185 (wait && nla_put_u32(msg, NL80211_ATTR_DURATION, wait)) ||
8186 (offchanok && ((drv->capa.flags & WPA_DRIVER_FLAGS_OFFCHANNEL_TX) ||
8187 drv->test_use_roc_tx) &&
8188 nla_put_flag(msg, NL80211_ATTR_OFFCHANNEL_TX_OK)) ||
8189 (no_cck && nla_put_flag(msg, NL80211_ATTR_TX_NO_CCK_RATE)) ||
8190 (no_ack && nla_put_flag(msg, NL80211_ATTR_DONT_WAIT_FOR_ACK)) ||
8191 (csa_offs && nla_put(msg, NL80211_ATTR_CSA_C_OFFSETS_TX,
8192 csa_offs_len * sizeof(u16), csa_offs)) ||
8193 nla_put(msg, NL80211_ATTR_FRAME, buf_len, buf))
8194 goto fail;
8195
8196 cookie = 0;
8197 ret = send_and_recv_msgs(drv, msg, cookie_handler, &cookie, NULL, NULL);
8198 msg = NULL;
8199 if (ret) {
8200 wpa_printf(MSG_DEBUG, "nl80211: Frame command failed: ret=%d "
8201 "(%s) (freq=%u wait=%u)", ret, strerror(-ret),
8202 freq, wait);
8203 } else {
8204 wpa_printf(MSG_MSGDUMP, "nl80211: Frame TX command accepted%s; "
8205 "cookie 0x%llx", no_ack ? " (no ACK)" : "",
8206 (long long unsigned int) cookie);
8207
8208 if (save_cookie)
8209 drv->send_frame_cookie = no_ack ? (u64) -1 : cookie;
8210
8211 if (drv->num_send_frame_cookies == MAX_SEND_FRAME_COOKIES) {
8212 wpa_printf(MSG_DEBUG,
8213 "nl80211: Drop oldest pending send frame cookie 0x%llx",
8214 (long long unsigned int)
8215 drv->send_frame_cookies[0]);
8216 os_memmove(&drv->send_frame_cookies[0],
8217 &drv->send_frame_cookies[1],
8218 (MAX_SEND_FRAME_COOKIES - 1) *
8219 sizeof(u64));
8220 drv->num_send_frame_cookies--;
8221 }
8222 drv->send_frame_cookies[drv->num_send_frame_cookies] = cookie;
8223 drv->num_send_frame_cookies++;
8224 }
8225
8226 fail:
8227 nlmsg_free(msg);
8228 return ret;
8229 }
8230
8231
wpa_driver_nl80211_send_action(struct i802_bss * bss,unsigned int freq,unsigned int wait_time,const u8 * dst,const u8 * src,const u8 * bssid,const u8 * data,size_t data_len,int no_cck)8232 static int wpa_driver_nl80211_send_action(struct i802_bss *bss,
8233 unsigned int freq,
8234 unsigned int wait_time,
8235 const u8 *dst, const u8 *src,
8236 const u8 *bssid,
8237 const u8 *data, size_t data_len,
8238 int no_cck)
8239 {
8240 struct wpa_driver_nl80211_data *drv = bss->drv;
8241 int ret = -1;
8242 u8 *buf;
8243 struct ieee80211_hdr *hdr;
8244 int offchanok = 1;
8245
8246 if (is_ap_interface(drv->nlmode) && (int) freq == bss->freq &&
8247 bss->beacon_set)
8248 offchanok = 0;
8249
8250 wpa_printf(MSG_DEBUG, "nl80211: Send Action frame (ifindex=%d, "
8251 "freq=%u MHz wait=%d ms no_cck=%d offchanok=%d)",
8252 drv->ifindex, freq, wait_time, no_cck, offchanok);
8253
8254 buf = os_zalloc(24 + data_len);
8255 if (buf == NULL)
8256 return ret;
8257 os_memcpy(buf + 24, data, data_len);
8258 hdr = (struct ieee80211_hdr *) buf;
8259 hdr->frame_control =
8260 IEEE80211_FC(WLAN_FC_TYPE_MGMT, WLAN_FC_STYPE_ACTION);
8261 os_memcpy(hdr->addr1, dst, ETH_ALEN);
8262 os_memcpy(hdr->addr2, src, ETH_ALEN);
8263 os_memcpy(hdr->addr3, bssid, ETH_ALEN);
8264
8265 if (os_memcmp(bss->addr, src, ETH_ALEN) != 0) {
8266 wpa_printf(MSG_DEBUG, "nl80211: Use random TA " MACSTR,
8267 MAC2STR(src));
8268 os_memcpy(bss->rand_addr, src, ETH_ALEN);
8269 } else {
8270 os_memset(bss->rand_addr, 0, ETH_ALEN);
8271 }
8272
8273 #ifdef CONFIG_MESH
8274 if (is_mesh_interface(drv->nlmode)) {
8275 struct hostapd_hw_modes *modes;
8276 u16 num_modes, flags;
8277 u8 dfs_domain;
8278 int i;
8279
8280 modes = nl80211_get_hw_feature_data(bss, &num_modes,
8281 &flags, &dfs_domain);
8282 if (dfs_domain != HOSTAPD_DFS_REGION_ETSI &&
8283 ieee80211_is_dfs(bss->freq, modes, num_modes))
8284 offchanok = 0;
8285 if (modes) {
8286 for (i = 0; i < num_modes; i++) {
8287 os_free(modes[i].channels);
8288 os_free(modes[i].rates);
8289 }
8290 os_free(modes);
8291 }
8292 }
8293 #endif /* CONFIG_MESH */
8294
8295 if (is_ap_interface(drv->nlmode) &&
8296 (!(drv->capa.flags & WPA_DRIVER_FLAGS_OFFCHANNEL_TX) ||
8297 (int) freq == bss->freq || drv->device_ap_sme ||
8298 !drv->use_monitor))
8299 ret = wpa_driver_nl80211_send_mlme(bss, buf, 24 + data_len,
8300 0, freq, no_cck, offchanok,
8301 wait_time, NULL, 0, 0);
8302 else
8303 ret = nl80211_send_frame_cmd(bss, freq, wait_time, buf,
8304 24 + data_len,
8305 1, no_cck, 0, offchanok, NULL, 0);
8306
8307 os_free(buf);
8308 return ret;
8309 }
8310
8311
nl80211_frame_wait_cancel(struct i802_bss * bss,u64 cookie)8312 static void nl80211_frame_wait_cancel(struct i802_bss *bss, u64 cookie)
8313 {
8314 struct wpa_driver_nl80211_data *drv = bss->drv;
8315 struct nl_msg *msg;
8316 int ret;
8317
8318 wpa_printf(MSG_DEBUG, "nl80211: Cancel TX frame wait: cookie=0x%llx",
8319 (long long unsigned int) cookie);
8320 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_FRAME_WAIT_CANCEL)) ||
8321 nla_put_u64(msg, NL80211_ATTR_COOKIE, cookie)) {
8322 nlmsg_free(msg);
8323 return;
8324 }
8325
8326 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
8327 if (ret)
8328 wpa_printf(MSG_DEBUG, "nl80211: wait cancel failed: ret=%d "
8329 "(%s)", ret, strerror(-ret));
8330 }
8331
8332
wpa_driver_nl80211_send_action_cancel_wait(void * priv)8333 static void wpa_driver_nl80211_send_action_cancel_wait(void *priv)
8334 {
8335 struct i802_bss *bss = priv;
8336 struct wpa_driver_nl80211_data *drv = bss->drv;
8337 unsigned int i;
8338 u64 cookie;
8339
8340 /* Cancel the last pending TX cookie */
8341 nl80211_frame_wait_cancel(bss, drv->send_frame_cookie);
8342
8343 /*
8344 * Cancel the other pending TX cookies, if any. This is needed since
8345 * the driver may keep a list of all pending offchannel TX operations
8346 * and free up the radio only once they have expired or cancelled.
8347 */
8348 for (i = drv->num_send_frame_cookies; i > 0; i--) {
8349 cookie = drv->send_frame_cookies[i - 1];
8350 if (cookie != drv->send_frame_cookie)
8351 nl80211_frame_wait_cancel(bss, cookie);
8352 }
8353 drv->num_send_frame_cookies = 0;
8354 }
8355
8356
wpa_driver_nl80211_remain_on_channel(void * priv,unsigned int freq,unsigned int duration)8357 static int wpa_driver_nl80211_remain_on_channel(void *priv, unsigned int freq,
8358 unsigned int duration)
8359 {
8360 struct i802_bss *bss = priv;
8361 struct wpa_driver_nl80211_data *drv = bss->drv;
8362 struct nl_msg *msg;
8363 int ret;
8364 u64 cookie;
8365
8366 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_REMAIN_ON_CHANNEL)) ||
8367 nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, freq) ||
8368 nla_put_u32(msg, NL80211_ATTR_DURATION, duration)) {
8369 nlmsg_free(msg);
8370 return -1;
8371 }
8372
8373 cookie = 0;
8374 ret = send_and_recv_msgs(drv, msg, cookie_handler, &cookie, NULL, NULL);
8375 if (ret == 0) {
8376 wpa_printf(MSG_DEBUG, "nl80211: Remain-on-channel cookie "
8377 "0x%llx for freq=%u MHz duration=%u",
8378 (long long unsigned int) cookie, freq, duration);
8379 drv->remain_on_chan_cookie = cookie;
8380 drv->pending_remain_on_chan = 1;
8381 return 0;
8382 }
8383 wpa_printf(MSG_DEBUG, "nl80211: Failed to request remain-on-channel "
8384 "(freq=%d duration=%u): %d (%s)",
8385 freq, duration, ret, strerror(-ret));
8386 return -1;
8387 }
8388
8389
wpa_driver_nl80211_cancel_remain_on_channel(void * priv)8390 static int wpa_driver_nl80211_cancel_remain_on_channel(void *priv)
8391 {
8392 struct i802_bss *bss = priv;
8393 struct wpa_driver_nl80211_data *drv = bss->drv;
8394 struct nl_msg *msg;
8395 int ret;
8396
8397 if (!drv->pending_remain_on_chan) {
8398 wpa_printf(MSG_DEBUG, "nl80211: No pending remain-on-channel "
8399 "to cancel");
8400 return -1;
8401 }
8402
8403 wpa_printf(MSG_DEBUG, "nl80211: Cancel remain-on-channel with cookie "
8404 "0x%llx",
8405 (long long unsigned int) drv->remain_on_chan_cookie);
8406
8407 msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL);
8408 if (!msg ||
8409 nla_put_u64(msg, NL80211_ATTR_COOKIE, drv->remain_on_chan_cookie)) {
8410 nlmsg_free(msg);
8411 return -1;
8412 }
8413
8414 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
8415 if (ret == 0)
8416 return 0;
8417 wpa_printf(MSG_DEBUG, "nl80211: Failed to cancel remain-on-channel: "
8418 "%d (%s)", ret, strerror(-ret));
8419 return -1;
8420 }
8421
8422
wpa_driver_nl80211_probe_req_report(struct i802_bss * bss,int report)8423 static int wpa_driver_nl80211_probe_req_report(struct i802_bss *bss, int report)
8424 {
8425 struct wpa_driver_nl80211_data *drv = bss->drv;
8426
8427 if (!report) {
8428 if (bss->nl_preq && drv->device_ap_sme &&
8429 is_ap_interface(drv->nlmode) && !bss->in_deinit &&
8430 !bss->static_ap) {
8431 /*
8432 * Do not disable Probe Request reporting that was
8433 * enabled in nl80211_setup_ap().
8434 */
8435 wpa_printf(MSG_DEBUG, "nl80211: Skip disabling of "
8436 "Probe Request reporting nl_preq=%p while "
8437 "in AP mode", bss->nl_preq);
8438 } else if (bss->nl_preq) {
8439 wpa_printf(MSG_DEBUG, "nl80211: Disable Probe Request "
8440 "reporting nl_preq=%p", bss->nl_preq);
8441 nl80211_destroy_eloop_handle(&bss->nl_preq, 0);
8442 }
8443 return 0;
8444 }
8445
8446 if (bss->nl_preq) {
8447 wpa_printf(MSG_DEBUG, "nl80211: Probe Request reporting "
8448 "already on! nl_preq=%p", bss->nl_preq);
8449 return 0;
8450 }
8451
8452 bss->nl_preq = nl_create_handle(drv->global->nl_cb, "preq");
8453 if (bss->nl_preq == NULL)
8454 return -1;
8455 wpa_printf(MSG_DEBUG, "nl80211: Enable Probe Request "
8456 "reporting nl_preq=%p", bss->nl_preq);
8457
8458 if (nl80211_register_frame(bss, bss->nl_preq,
8459 (WLAN_FC_TYPE_MGMT << 2) |
8460 (WLAN_FC_STYPE_PROBE_REQ << 4),
8461 NULL, 0, false) < 0)
8462 goto out_err;
8463
8464 nl80211_register_eloop_read(&bss->nl_preq,
8465 wpa_driver_nl80211_event_receive,
8466 bss->nl_cb, 0);
8467
8468 return 0;
8469
8470 out_err:
8471 nl_destroy_handles(&bss->nl_preq);
8472 return -1;
8473 }
8474
8475
nl80211_disable_11b_rates(struct wpa_driver_nl80211_data * drv,int ifindex,int disabled)8476 static int nl80211_disable_11b_rates(struct wpa_driver_nl80211_data *drv,
8477 int ifindex, int disabled)
8478 {
8479 struct nl_msg *msg;
8480 struct nlattr *bands, *band;
8481 int ret;
8482
8483 wpa_printf(MSG_DEBUG,
8484 "nl80211: NL80211_CMD_SET_TX_BITRATE_MASK (ifindex=%d %s)",
8485 ifindex, disabled ? "NL80211_TXRATE_LEGACY=OFDM-only" :
8486 "no NL80211_TXRATE_LEGACY constraint");
8487
8488 msg = nl80211_ifindex_msg(drv, ifindex, 0,
8489 NL80211_CMD_SET_TX_BITRATE_MASK);
8490 if (!msg)
8491 return -1;
8492
8493 bands = nla_nest_start(msg, NL80211_ATTR_TX_RATES);
8494 if (!bands)
8495 goto fail;
8496
8497 /*
8498 * Disable 2 GHz rates 1, 2, 5.5, 11 Mbps by masking out everything
8499 * else apart from 6, 9, 12, 18, 24, 36, 48, 54 Mbps from non-MCS
8500 * rates. All 5 GHz rates are left enabled.
8501 */
8502 band = nla_nest_start(msg, NL80211_BAND_2GHZ);
8503 if (!band ||
8504 (disabled && nla_put(msg, NL80211_TXRATE_LEGACY, 8,
8505 "\x0c\x12\x18\x24\x30\x48\x60\x6c")))
8506 goto fail;
8507 nla_nest_end(msg, band);
8508
8509 nla_nest_end(msg, bands);
8510
8511 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
8512 if (ret) {
8513 wpa_printf(MSG_DEBUG, "nl80211: Set TX rates failed: ret=%d "
8514 "(%s)", ret, strerror(-ret));
8515 } else
8516 drv->disabled_11b_rates = disabled;
8517
8518 return ret;
8519
8520 fail:
8521 nlmsg_free(msg);
8522 return -1;
8523 }
8524
8525
wpa_driver_nl80211_deinit_ap(void * priv)8526 static int wpa_driver_nl80211_deinit_ap(void *priv)
8527 {
8528 struct i802_bss *bss = priv;
8529 struct wpa_driver_nl80211_data *drv = bss->drv;
8530 if (!is_ap_interface(drv->nlmode))
8531 return -1;
8532 wpa_driver_nl80211_del_beacon(bss);
8533 bss->beacon_set = 0;
8534
8535 /*
8536 * If the P2P GO interface was dynamically added, then it is
8537 * possible that the interface change to station is not possible.
8538 */
8539 if (drv->nlmode == NL80211_IFTYPE_P2P_GO && bss->if_dynamic)
8540 return 0;
8541
8542 return wpa_driver_nl80211_set_mode(priv, NL80211_IFTYPE_STATION);
8543 }
8544
8545
wpa_driver_nl80211_stop_ap(void * priv)8546 static int wpa_driver_nl80211_stop_ap(void *priv)
8547 {
8548 struct i802_bss *bss = priv;
8549 struct wpa_driver_nl80211_data *drv = bss->drv;
8550 if (!is_ap_interface(drv->nlmode))
8551 return -1;
8552 wpa_driver_nl80211_del_beacon(bss);
8553 bss->beacon_set = 0;
8554 return 0;
8555 }
8556
8557
wpa_driver_nl80211_deinit_p2p_cli(void * priv)8558 static int wpa_driver_nl80211_deinit_p2p_cli(void *priv)
8559 {
8560 struct i802_bss *bss = priv;
8561 struct wpa_driver_nl80211_data *drv = bss->drv;
8562 if (drv->nlmode != NL80211_IFTYPE_P2P_CLIENT)
8563 return -1;
8564
8565 /*
8566 * If the P2P Client interface was dynamically added, then it is
8567 * possible that the interface change to station is not possible.
8568 */
8569 if (bss->if_dynamic)
8570 return 0;
8571
8572 return wpa_driver_nl80211_set_mode(priv, NL80211_IFTYPE_STATION);
8573 }
8574
8575
wpa_driver_nl80211_resume(void * priv)8576 static void wpa_driver_nl80211_resume(void *priv)
8577 {
8578 struct i802_bss *bss = priv;
8579 enum nl80211_iftype nlmode = nl80211_get_ifmode(bss);
8580
8581 if (i802_set_iface_flags(bss, 1))
8582 wpa_printf(MSG_DEBUG, "nl80211: Failed to set interface up on resume event");
8583
8584 if (is_p2p_net_interface(nlmode))
8585 nl80211_disable_11b_rates(bss->drv, bss->drv->ifindex, 1);
8586 }
8587
8588
nl80211_signal_monitor(void * priv,int threshold,int hysteresis)8589 static int nl80211_signal_monitor(void *priv, int threshold, int hysteresis)
8590 {
8591 struct i802_bss *bss = priv;
8592 struct wpa_driver_nl80211_data *drv = bss->drv;
8593 struct nl_msg *msg;
8594 struct nlattr *cqm;
8595
8596 wpa_printf(MSG_DEBUG, "nl80211: Signal monitor threshold=%d "
8597 "hysteresis=%d", threshold, hysteresis);
8598
8599 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_CQM)) ||
8600 !(cqm = nla_nest_start(msg, NL80211_ATTR_CQM)) ||
8601 nla_put_u32(msg, NL80211_ATTR_CQM_RSSI_THOLD, threshold) ||
8602 nla_put_u32(msg, NL80211_ATTR_CQM_RSSI_HYST, hysteresis)) {
8603 nlmsg_free(msg);
8604 return -1;
8605 }
8606 nla_nest_end(msg, cqm);
8607
8608 return send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
8609 }
8610
8611
get_channel_width(struct nl_msg * msg,void * arg)8612 static int get_channel_width(struct nl_msg *msg, void *arg)
8613 {
8614 struct nlattr *tb[NL80211_ATTR_MAX + 1];
8615 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
8616 struct wpa_signal_info *sig_change = arg;
8617
8618 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
8619 genlmsg_attrlen(gnlh, 0), NULL);
8620
8621 sig_change->center_frq1 = -1;
8622 sig_change->center_frq2 = -1;
8623 sig_change->chanwidth = CHAN_WIDTH_UNKNOWN;
8624
8625 if (tb[NL80211_ATTR_CHANNEL_WIDTH]) {
8626 sig_change->chanwidth = convert2width(
8627 nla_get_u32(tb[NL80211_ATTR_CHANNEL_WIDTH]));
8628 if (tb[NL80211_ATTR_CENTER_FREQ1])
8629 sig_change->center_frq1 =
8630 nla_get_u32(tb[NL80211_ATTR_CENTER_FREQ1]);
8631 if (tb[NL80211_ATTR_CENTER_FREQ2])
8632 sig_change->center_frq2 =
8633 nla_get_u32(tb[NL80211_ATTR_CENTER_FREQ2]);
8634 }
8635
8636 return NL_SKIP;
8637 }
8638
8639
nl80211_get_channel_width(struct wpa_driver_nl80211_data * drv,struct wpa_signal_info * sig)8640 static int nl80211_get_channel_width(struct wpa_driver_nl80211_data *drv,
8641 struct wpa_signal_info *sig)
8642 {
8643 struct nl_msg *msg;
8644
8645 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_GET_INTERFACE);
8646 return send_and_recv_msgs(drv, msg, get_channel_width, sig, NULL, NULL);
8647 }
8648
8649
nl80211_signal_poll(void * priv,struct wpa_signal_info * si)8650 static int nl80211_signal_poll(void *priv, struct wpa_signal_info *si)
8651 {
8652 struct i802_bss *bss = priv;
8653 struct wpa_driver_nl80211_data *drv = bss->drv;
8654 int res;
8655
8656 os_memset(si, 0, sizeof(*si));
8657 res = nl80211_get_link_signal(drv, si);
8658 if (res) {
8659 if (drv->nlmode != NL80211_IFTYPE_ADHOC &&
8660 drv->nlmode != NL80211_IFTYPE_MESH_POINT)
8661 return res;
8662 si->current_signal = 0;
8663 }
8664
8665 res = nl80211_get_channel_width(drv, si);
8666 if (res != 0)
8667 return res;
8668
8669 return nl80211_get_link_noise(drv, si);
8670 }
8671
8672
nl80211_set_param(void * priv,const char * param)8673 static int nl80211_set_param(void *priv, const char *param)
8674 {
8675 struct i802_bss *bss = priv;
8676 struct wpa_driver_nl80211_data *drv = bss->drv;
8677
8678 if (param == NULL)
8679 return 0;
8680 wpa_printf(MSG_DEBUG, "nl80211: driver param='%s'", param);
8681
8682 #ifdef CONFIG_P2P
8683 if (os_strstr(param, "use_p2p_group_interface=1")) {
8684 wpa_printf(MSG_DEBUG, "nl80211: Use separate P2P group "
8685 "interface");
8686 drv->capa.flags |= WPA_DRIVER_FLAGS_P2P_CONCURRENT;
8687 drv->capa.flags |= WPA_DRIVER_FLAGS_P2P_MGMT_AND_NON_P2P;
8688 }
8689 #endif /* CONFIG_P2P */
8690
8691 if (os_strstr(param, "use_monitor=1"))
8692 drv->use_monitor = 1;
8693
8694 if (os_strstr(param, "force_connect_cmd=1")) {
8695 drv->capa.flags &= ~WPA_DRIVER_FLAGS_SME;
8696 drv->force_connect_cmd = 1;
8697 }
8698
8699 if (os_strstr(param, "force_bss_selection=1"))
8700 drv->capa.flags |= WPA_DRIVER_FLAGS_BSS_SELECTION;
8701
8702 if (os_strstr(param, "no_offchannel_tx=1")) {
8703 drv->capa.flags &= ~WPA_DRIVER_FLAGS_OFFCHANNEL_TX;
8704 drv->test_use_roc_tx = 1;
8705 }
8706
8707 if (os_strstr(param, "control_port=0")) {
8708 drv->capa.flags &= ~WPA_DRIVER_FLAGS_CONTROL_PORT;
8709 drv->capa.flags2 &= ~(WPA_DRIVER_FLAGS2_CONTROL_PORT_RX |
8710 WPA_DRIVER_FLAGS2_CONTROL_PORT_TX_STATUS);
8711 drv->control_port_ap = 0;
8712 }
8713
8714 if (os_strstr(param, "control_port_ap=1"))
8715 drv->control_port_ap = 1;
8716
8717 if (os_strstr(param, "control_port_ap=0")) {
8718 drv->capa.flags2 &= ~WPA_DRIVER_FLAGS2_CONTROL_PORT_TX_STATUS;
8719 drv->control_port_ap = 0;
8720 }
8721
8722 if (os_strstr(param, "full_ap_client_state=0"))
8723 drv->capa.flags &= ~WPA_DRIVER_FLAGS_FULL_AP_CLIENT_STATE;
8724
8725 if (os_strstr(param, "no_rrm=1")) {
8726 drv->no_rrm = 1;
8727
8728 if (!bss->in_deinit && !is_ap_interface(drv->nlmode) &&
8729 !is_mesh_interface(drv->nlmode)) {
8730 nl80211_mgmt_unsubscribe(bss, "no_rrm=1");
8731 if (nl80211_mgmt_subscribe_non_ap(bss) < 0)
8732 wpa_printf(MSG_DEBUG,
8733 "nl80211: Failed to re-register Action frame processing - ignore for now");
8734 }
8735 }
8736
8737 return 0;
8738 }
8739
8740
nl80211_global_init(void * ctx)8741 static void * nl80211_global_init(void *ctx)
8742 {
8743 struct nl80211_global *global;
8744 struct netlink_config *cfg;
8745
8746 global = os_zalloc(sizeof(*global));
8747 if (global == NULL)
8748 return NULL;
8749 global->ctx = ctx;
8750 global->ioctl_sock = -1;
8751 dl_list_init(&global->interfaces);
8752 global->if_add_ifindex = -1;
8753
8754 cfg = os_zalloc(sizeof(*cfg));
8755 if (cfg == NULL)
8756 goto err;
8757
8758 cfg->ctx = global;
8759 cfg->newlink_cb = wpa_driver_nl80211_event_rtm_newlink;
8760 cfg->dellink_cb = wpa_driver_nl80211_event_rtm_dellink;
8761 global->netlink = netlink_init(cfg);
8762 if (global->netlink == NULL) {
8763 os_free(cfg);
8764 goto err;
8765 }
8766
8767 if (wpa_driver_nl80211_init_nl_global(global) < 0)
8768 goto err;
8769
8770 global->ioctl_sock = socket(PF_INET, SOCK_DGRAM, 0);
8771 if (global->ioctl_sock < 0) {
8772 wpa_printf(MSG_ERROR, "nl80211: socket(PF_INET,SOCK_DGRAM) failed: %s",
8773 strerror(errno));
8774 goto err;
8775 }
8776
8777 return global;
8778
8779 err:
8780 nl80211_global_deinit(global);
8781 return NULL;
8782 }
8783
8784
nl80211_global_deinit(void * priv)8785 static void nl80211_global_deinit(void *priv)
8786 {
8787 struct nl80211_global *global = priv;
8788 if (global == NULL)
8789 return;
8790 if (!dl_list_empty(&global->interfaces)) {
8791 wpa_printf(MSG_ERROR, "nl80211: %u interface(s) remain at "
8792 "nl80211_global_deinit",
8793 dl_list_len(&global->interfaces));
8794 }
8795
8796 if (global->netlink)
8797 netlink_deinit(global->netlink);
8798
8799 nl_destroy_handles(&global->nl);
8800
8801 if (global->nl_event)
8802 nl80211_destroy_eloop_handle(&global->nl_event, 0);
8803
8804 nl_cb_put(global->nl_cb);
8805
8806 if (global->ioctl_sock >= 0)
8807 close(global->ioctl_sock);
8808
8809 os_free(global);
8810 }
8811
8812
nl80211_get_radio_name(void * priv)8813 static const char * nl80211_get_radio_name(void *priv)
8814 {
8815 struct i802_bss *bss = priv;
8816 struct wpa_driver_nl80211_data *drv = bss->drv;
8817 return drv->phyname;
8818 }
8819
8820
nl80211_pmkid(struct i802_bss * bss,int cmd,struct wpa_pmkid_params * params)8821 static int nl80211_pmkid(struct i802_bss *bss, int cmd,
8822 struct wpa_pmkid_params *params)
8823 {
8824 struct nl_msg *msg;
8825 const size_t PMK_MAX_LEN = 48; /* current cfg80211 limit */
8826
8827 if (!(msg = nl80211_bss_msg(bss, 0, cmd)) ||
8828 (params->pmkid &&
8829 nla_put(msg, NL80211_ATTR_PMKID, 16, params->pmkid)) ||
8830 (params->bssid &&
8831 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid)) ||
8832 (params->ssid_len &&
8833 nla_put(msg, NL80211_ATTR_SSID, params->ssid_len, params->ssid)) ||
8834 (params->fils_cache_id &&
8835 nla_put(msg, NL80211_ATTR_FILS_CACHE_ID, 2,
8836 params->fils_cache_id)) ||
8837 (params->pmk_lifetime &&
8838 nla_put_u32(msg, NL80211_ATTR_PMK_LIFETIME,
8839 params->pmk_lifetime)) ||
8840 (params->pmk_reauth_threshold &&
8841 nla_put_u8(msg, NL80211_ATTR_PMK_REAUTH_THRESHOLD,
8842 params->pmk_reauth_threshold)) ||
8843 (cmd != NL80211_CMD_DEL_PMKSA &&
8844 params->pmk_len && params->pmk_len <= PMK_MAX_LEN &&
8845 nla_put(msg, NL80211_ATTR_PMK, params->pmk_len, params->pmk))) {
8846 nl80211_nlmsg_clear(msg);
8847 nlmsg_free(msg);
8848 return -ENOBUFS;
8849 }
8850
8851 return send_and_recv_msgs(bss->drv, msg, NULL, NULL, NULL, NULL);
8852 }
8853
8854
nl80211_add_pmkid(void * priv,struct wpa_pmkid_params * params)8855 static int nl80211_add_pmkid(void *priv, struct wpa_pmkid_params *params)
8856 {
8857 struct i802_bss *bss = priv;
8858 int ret;
8859
8860 if (params->bssid)
8861 wpa_printf(MSG_DEBUG, "nl80211: Add PMKID for " MACSTR,
8862 MAC2STR(params->bssid));
8863 else if (params->fils_cache_id && params->ssid_len) {
8864 wpa_printf(MSG_DEBUG,
8865 "nl80211: Add PMKSA for cache id %02x%02x SSID %s",
8866 params->fils_cache_id[0], params->fils_cache_id[1],
8867 wpa_ssid_txt(params->ssid, params->ssid_len));
8868 }
8869
8870 ret = nl80211_pmkid(bss, NL80211_CMD_SET_PMKSA, params);
8871 if (ret < 0) {
8872 wpa_printf(MSG_DEBUG,
8873 "nl80211: NL80211_CMD_SET_PMKSA failed: %d (%s)",
8874 ret, strerror(-ret));
8875 }
8876
8877 return ret;
8878 }
8879
8880
nl80211_remove_pmkid(void * priv,struct wpa_pmkid_params * params)8881 static int nl80211_remove_pmkid(void *priv, struct wpa_pmkid_params *params)
8882 {
8883 struct i802_bss *bss = priv;
8884 int ret;
8885
8886 if (params->bssid)
8887 wpa_printf(MSG_DEBUG, "nl80211: Delete PMKID for " MACSTR,
8888 MAC2STR(params->bssid));
8889 else if (params->fils_cache_id && params->ssid_len) {
8890 wpa_printf(MSG_DEBUG,
8891 "nl80211: Delete PMKSA for cache id %02x%02x SSID %s",
8892 params->fils_cache_id[0], params->fils_cache_id[1],
8893 wpa_ssid_txt(params->ssid, params->ssid_len));
8894 }
8895
8896 ret = nl80211_pmkid(bss, NL80211_CMD_DEL_PMKSA, params);
8897 if (ret < 0) {
8898 wpa_printf(MSG_DEBUG,
8899 "nl80211: NL80211_CMD_DEL_PMKSA failed: %d (%s)",
8900 ret, strerror(-ret));
8901 }
8902
8903 return ret;
8904 }
8905
8906
nl80211_flush_pmkid(void * priv)8907 static int nl80211_flush_pmkid(void *priv)
8908 {
8909 struct i802_bss *bss = priv;
8910 struct nl_msg *msg;
8911
8912 wpa_printf(MSG_DEBUG, "nl80211: Flush PMKIDs");
8913 msg = nl80211_bss_msg(bss, 0, NL80211_CMD_FLUSH_PMKSA);
8914 if (!msg)
8915 return -ENOBUFS;
8916 return send_and_recv_msgs(bss->drv, msg, NULL, NULL, NULL, NULL);
8917 }
8918
8919
clean_survey_results(struct survey_results * survey_results)8920 static void clean_survey_results(struct survey_results *survey_results)
8921 {
8922 struct freq_survey *survey, *tmp;
8923
8924 if (dl_list_empty(&survey_results->survey_list))
8925 return;
8926
8927 dl_list_for_each_safe(survey, tmp, &survey_results->survey_list,
8928 struct freq_survey, list) {
8929 dl_list_del(&survey->list);
8930 os_free(survey);
8931 }
8932 }
8933
8934
add_survey(struct nlattr ** sinfo,u32 ifidx,struct dl_list * survey_list)8935 static void add_survey(struct nlattr **sinfo, u32 ifidx,
8936 struct dl_list *survey_list)
8937 {
8938 struct freq_survey *survey;
8939
8940 survey = os_zalloc(sizeof(struct freq_survey));
8941 if (!survey)
8942 return;
8943
8944 survey->ifidx = ifidx;
8945 survey->freq = nla_get_u32(sinfo[NL80211_SURVEY_INFO_FREQUENCY]);
8946 survey->filled = 0;
8947
8948 if (sinfo[NL80211_SURVEY_INFO_NOISE]) {
8949 survey->nf = (int8_t)
8950 nla_get_u8(sinfo[NL80211_SURVEY_INFO_NOISE]);
8951 survey->filled |= SURVEY_HAS_NF;
8952 }
8953
8954 if (sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME]) {
8955 survey->channel_time =
8956 nla_get_u64(sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME]);
8957 survey->filled |= SURVEY_HAS_CHAN_TIME;
8958 }
8959
8960 if (sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_BUSY]) {
8961 survey->channel_time_busy =
8962 nla_get_u64(sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_BUSY]);
8963 survey->filled |= SURVEY_HAS_CHAN_TIME_BUSY;
8964 }
8965
8966 if (sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_RX]) {
8967 survey->channel_time_rx =
8968 nla_get_u64(sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_RX]);
8969 survey->filled |= SURVEY_HAS_CHAN_TIME_RX;
8970 }
8971
8972 if (sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_TX]) {
8973 survey->channel_time_tx =
8974 nla_get_u64(sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_TX]);
8975 survey->filled |= SURVEY_HAS_CHAN_TIME_TX;
8976 }
8977
8978 wpa_printf(MSG_DEBUG, "nl80211: Freq survey dump event (freq=%d MHz noise=%d channel_time=%ld busy_time=%ld tx_time=%ld rx_time=%ld filled=%04x)",
8979 survey->freq,
8980 survey->nf,
8981 (unsigned long int) survey->channel_time,
8982 (unsigned long int) survey->channel_time_busy,
8983 (unsigned long int) survey->channel_time_tx,
8984 (unsigned long int) survey->channel_time_rx,
8985 survey->filled);
8986
8987 dl_list_add_tail(survey_list, &survey->list);
8988 }
8989
8990
check_survey_ok(struct nlattr ** sinfo,u32 surveyed_freq,unsigned int freq_filter)8991 static int check_survey_ok(struct nlattr **sinfo, u32 surveyed_freq,
8992 unsigned int freq_filter)
8993 {
8994 if (!freq_filter)
8995 return 1;
8996
8997 return freq_filter == surveyed_freq;
8998 }
8999
9000
survey_handler(struct nl_msg * msg,void * arg)9001 static int survey_handler(struct nl_msg *msg, void *arg)
9002 {
9003 struct nlattr *tb[NL80211_ATTR_MAX + 1];
9004 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
9005 struct nlattr *sinfo[NL80211_SURVEY_INFO_MAX + 1];
9006 struct survey_results *survey_results;
9007 u32 surveyed_freq = 0;
9008 u32 ifidx;
9009
9010 static struct nla_policy survey_policy[NL80211_SURVEY_INFO_MAX + 1] = {
9011 [NL80211_SURVEY_INFO_FREQUENCY] = { .type = NLA_U32 },
9012 [NL80211_SURVEY_INFO_NOISE] = { .type = NLA_U8 },
9013 };
9014
9015 survey_results = (struct survey_results *) arg;
9016
9017 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
9018 genlmsg_attrlen(gnlh, 0), NULL);
9019
9020 if (!tb[NL80211_ATTR_IFINDEX])
9021 return NL_SKIP;
9022
9023 ifidx = nla_get_u32(tb[NL80211_ATTR_IFINDEX]);
9024
9025 if (!tb[NL80211_ATTR_SURVEY_INFO])
9026 return NL_SKIP;
9027
9028 if (nla_parse_nested(sinfo, NL80211_SURVEY_INFO_MAX,
9029 tb[NL80211_ATTR_SURVEY_INFO],
9030 survey_policy))
9031 return NL_SKIP;
9032
9033 if (!sinfo[NL80211_SURVEY_INFO_FREQUENCY]) {
9034 wpa_printf(MSG_ERROR, "nl80211: Invalid survey data");
9035 return NL_SKIP;
9036 }
9037
9038 surveyed_freq = nla_get_u32(sinfo[NL80211_SURVEY_INFO_FREQUENCY]);
9039
9040 if (!check_survey_ok(sinfo, surveyed_freq,
9041 survey_results->freq_filter))
9042 return NL_SKIP;
9043
9044 if (survey_results->freq_filter &&
9045 survey_results->freq_filter != surveyed_freq) {
9046 wpa_printf(MSG_EXCESSIVE, "nl80211: Ignoring survey data for freq %d MHz",
9047 surveyed_freq);
9048 return NL_SKIP;
9049 }
9050
9051 add_survey(sinfo, ifidx, &survey_results->survey_list);
9052
9053 return NL_SKIP;
9054 }
9055
9056
wpa_driver_nl80211_get_survey(void * priv,unsigned int freq)9057 static int wpa_driver_nl80211_get_survey(void *priv, unsigned int freq)
9058 {
9059 struct i802_bss *bss = priv;
9060 struct wpa_driver_nl80211_data *drv = bss->drv;
9061 struct nl_msg *msg;
9062 int err;
9063 union wpa_event_data data;
9064 struct survey_results *survey_results;
9065
9066 os_memset(&data, 0, sizeof(data));
9067 survey_results = &data.survey_results;
9068
9069 dl_list_init(&survey_results->survey_list);
9070
9071 msg = nl80211_drv_msg(drv, NLM_F_DUMP, NL80211_CMD_GET_SURVEY);
9072 if (!msg)
9073 return -ENOBUFS;
9074
9075 if (freq)
9076 data.survey_results.freq_filter = freq;
9077
9078 do {
9079 wpa_printf(MSG_DEBUG, "nl80211: Fetch survey data");
9080 err = send_and_recv_msgs(drv, msg, survey_handler,
9081 survey_results, NULL, NULL);
9082 } while (err > 0);
9083
9084 if (err)
9085 wpa_printf(MSG_ERROR, "nl80211: Failed to process survey data");
9086 else
9087 wpa_supplicant_event(drv->ctx, EVENT_SURVEY, &data);
9088
9089 clean_survey_results(survey_results);
9090 return err;
9091 }
9092
9093
nl80211_set_rekey_info(void * priv,const u8 * kek,size_t kek_len,const u8 * kck,size_t kck_len,const u8 * replay_ctr)9094 static void nl80211_set_rekey_info(void *priv, const u8 *kek, size_t kek_len,
9095 const u8 *kck, size_t kck_len,
9096 const u8 *replay_ctr)
9097 {
9098 struct i802_bss *bss = priv;
9099 struct wpa_driver_nl80211_data *drv = bss->drv;
9100 struct nlattr *replay_nested;
9101 struct nl_msg *msg;
9102 int ret;
9103
9104 if (!drv->set_rekey_offload)
9105 return;
9106
9107 wpa_printf(MSG_DEBUG, "nl80211: Set rekey offload");
9108 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_REKEY_OFFLOAD)) ||
9109 !(replay_nested = nla_nest_start(msg, NL80211_ATTR_REKEY_DATA)) ||
9110 nla_put(msg, NL80211_REKEY_DATA_KEK, kek_len, kek) ||
9111 (kck_len && nla_put(msg, NL80211_REKEY_DATA_KCK, kck_len, kck)) ||
9112 nla_put(msg, NL80211_REKEY_DATA_REPLAY_CTR, NL80211_REPLAY_CTR_LEN,
9113 replay_ctr)) {
9114 nl80211_nlmsg_clear(msg);
9115 nlmsg_free(msg);
9116 return;
9117 }
9118
9119 nla_nest_end(msg, replay_nested);
9120
9121 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
9122 if (ret == -EOPNOTSUPP) {
9123 wpa_printf(MSG_DEBUG,
9124 "nl80211: Driver does not support rekey offload");
9125 drv->set_rekey_offload = 0;
9126 }
9127 }
9128
9129
nl80211_send_null_frame(struct i802_bss * bss,const u8 * own_addr,const u8 * addr,int qos)9130 static void nl80211_send_null_frame(struct i802_bss *bss, const u8 *own_addr,
9131 const u8 *addr, int qos)
9132 {
9133 /* send data frame to poll STA and check whether
9134 * this frame is ACKed */
9135 struct {
9136 struct ieee80211_hdr hdr;
9137 u16 qos_ctl;
9138 } STRUCT_PACKED nulldata;
9139 size_t size;
9140
9141 /* Send data frame to poll STA and check whether this frame is ACKed */
9142
9143 os_memset(&nulldata, 0, sizeof(nulldata));
9144
9145 if (qos) {
9146 nulldata.hdr.frame_control =
9147 IEEE80211_FC(WLAN_FC_TYPE_DATA,
9148 WLAN_FC_STYPE_QOS_NULL);
9149 size = sizeof(nulldata);
9150 } else {
9151 nulldata.hdr.frame_control =
9152 IEEE80211_FC(WLAN_FC_TYPE_DATA,
9153 WLAN_FC_STYPE_NULLFUNC);
9154 size = sizeof(struct ieee80211_hdr);
9155 }
9156
9157 nulldata.hdr.frame_control |= host_to_le16(WLAN_FC_FROMDS);
9158 os_memcpy(nulldata.hdr.IEEE80211_DA_FROMDS, addr, ETH_ALEN);
9159 os_memcpy(nulldata.hdr.IEEE80211_BSSID_FROMDS, own_addr, ETH_ALEN);
9160 os_memcpy(nulldata.hdr.IEEE80211_SA_FROMDS, own_addr, ETH_ALEN);
9161
9162 if (wpa_driver_nl80211_send_mlme(bss, (u8 *) &nulldata, size, 0, 0, 0,
9163 0, 0, NULL, 0, 0) < 0)
9164 wpa_printf(MSG_DEBUG, "nl80211_send_null_frame: Failed to "
9165 "send poll frame");
9166 }
9167
nl80211_poll_client(void * priv,const u8 * own_addr,const u8 * addr,int qos)9168 static void nl80211_poll_client(void *priv, const u8 *own_addr, const u8 *addr,
9169 int qos)
9170 {
9171 struct i802_bss *bss = priv;
9172 struct wpa_driver_nl80211_data *drv = bss->drv;
9173 struct nl_msg *msg;
9174 u64 cookie;
9175 int ret;
9176
9177 if (!drv->poll_command_supported) {
9178 nl80211_send_null_frame(bss, own_addr, addr, qos);
9179 return;
9180 }
9181
9182 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_PROBE_CLIENT)) ||
9183 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) {
9184 nlmsg_free(msg);
9185 return;
9186 }
9187
9188 ret = send_and_recv_msgs(drv, msg, cookie_handler, &cookie, NULL, NULL);
9189 if (ret < 0) {
9190 wpa_printf(MSG_DEBUG, "nl80211: Client probe request for "
9191 MACSTR " failed: ret=%d (%s)",
9192 MAC2STR(addr), ret, strerror(-ret));
9193 } else {
9194 wpa_printf(MSG_DEBUG,
9195 "nl80211: Client probe request addr=" MACSTR
9196 " cookie=%llu", MAC2STR(addr),
9197 (long long unsigned int) cookie);
9198 }
9199 }
9200
9201
nl80211_set_power_save(struct i802_bss * bss,int enabled)9202 static int nl80211_set_power_save(struct i802_bss *bss, int enabled)
9203 {
9204 struct nl_msg *msg;
9205 int ret;
9206
9207 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_POWER_SAVE)) ||
9208 nla_put_u32(msg, NL80211_ATTR_PS_STATE,
9209 enabled ? NL80211_PS_ENABLED : NL80211_PS_DISABLED)) {
9210 nlmsg_free(msg);
9211 return -ENOBUFS;
9212 }
9213
9214 ret = send_and_recv_msgs(bss->drv, msg, NULL, NULL, NULL, NULL);
9215 if (ret < 0) {
9216 wpa_printf(MSG_DEBUG,
9217 "nl80211: Setting PS state %s failed: %d (%s)",
9218 enabled ? "enabled" : "disabled",
9219 ret, strerror(-ret));
9220 }
9221 return ret;
9222 }
9223
9224
nl80211_set_p2p_powersave(void * priv,int legacy_ps,int opp_ps,int ctwindow)9225 static int nl80211_set_p2p_powersave(void *priv, int legacy_ps, int opp_ps,
9226 int ctwindow)
9227 {
9228 struct i802_bss *bss = priv;
9229
9230 wpa_printf(MSG_DEBUG, "nl80211: set_p2p_powersave (legacy_ps=%d "
9231 "opp_ps=%d ctwindow=%d)", legacy_ps, opp_ps, ctwindow);
9232
9233 if (opp_ps != -1 || ctwindow != -1) {
9234 #ifdef ANDROID_P2P
9235 wpa_driver_set_p2p_ps(priv, legacy_ps, opp_ps, ctwindow);
9236 #else /* ANDROID_P2P */
9237 return -1; /* Not yet supported */
9238 #endif /* ANDROID_P2P */
9239 }
9240
9241 if (legacy_ps == -1)
9242 return 0;
9243 if (legacy_ps != 0 && legacy_ps != 1)
9244 return -1; /* Not yet supported */
9245
9246 return nl80211_set_power_save(bss, legacy_ps);
9247 }
9248
9249
nl80211_start_radar_detection(void * priv,struct hostapd_freq_params * freq)9250 static int nl80211_start_radar_detection(void *priv,
9251 struct hostapd_freq_params *freq)
9252 {
9253 struct i802_bss *bss = priv;
9254 struct wpa_driver_nl80211_data *drv = bss->drv;
9255 struct nl_msg *msg;
9256 int ret;
9257
9258 wpa_printf(MSG_DEBUG, "nl80211: Start radar detection (CAC) %d MHz (ht_enabled=%d, vht_enabled=%d, he_enabled=%d, bandwidth=%d MHz, cf1=%d MHz, cf2=%d MHz)",
9259 freq->freq, freq->ht_enabled, freq->vht_enabled, freq->he_enabled,
9260 freq->bandwidth, freq->center_freq1, freq->center_freq2);
9261
9262 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_RADAR)) {
9263 wpa_printf(MSG_DEBUG, "nl80211: Driver does not support radar "
9264 "detection");
9265 return -1;
9266 }
9267
9268 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_RADAR_DETECT)) ||
9269 nl80211_put_freq_params(msg, freq) < 0) {
9270 nlmsg_free(msg);
9271 return -1;
9272 }
9273
9274 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
9275 if (ret == 0)
9276 return 0;
9277 wpa_printf(MSG_DEBUG, "nl80211: Failed to start radar detection: "
9278 "%d (%s)", ret, strerror(-ret));
9279 return -1;
9280 }
9281
9282 #ifdef CONFIG_TDLS
9283
nl80211_send_tdls_mgmt(void * priv,const u8 * dst,u8 action_code,u8 dialog_token,u16 status_code,u32 peer_capab,int initiator,const u8 * buf,size_t len)9284 static int nl80211_send_tdls_mgmt(void *priv, const u8 *dst, u8 action_code,
9285 u8 dialog_token, u16 status_code,
9286 u32 peer_capab, int initiator, const u8 *buf,
9287 size_t len)
9288 {
9289 struct i802_bss *bss = priv;
9290 struct wpa_driver_nl80211_data *drv = bss->drv;
9291 struct nl_msg *msg;
9292
9293 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT))
9294 return -EOPNOTSUPP;
9295
9296 if (!dst)
9297 return -EINVAL;
9298
9299 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_TDLS_MGMT)) ||
9300 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, dst) ||
9301 nla_put_u8(msg, NL80211_ATTR_TDLS_ACTION, action_code) ||
9302 nla_put_u8(msg, NL80211_ATTR_TDLS_DIALOG_TOKEN, dialog_token) ||
9303 nla_put_u16(msg, NL80211_ATTR_STATUS_CODE, status_code))
9304 goto fail;
9305 if (peer_capab) {
9306 /*
9307 * The internal enum tdls_peer_capability definition is
9308 * currently identical with the nl80211 enum
9309 * nl80211_tdls_peer_capability, so no conversion is needed
9310 * here.
9311 */
9312 if (nla_put_u32(msg, NL80211_ATTR_TDLS_PEER_CAPABILITY,
9313 peer_capab))
9314 goto fail;
9315 }
9316 if ((initiator &&
9317 nla_put_flag(msg, NL80211_ATTR_TDLS_INITIATOR)) ||
9318 nla_put(msg, NL80211_ATTR_IE, len, buf))
9319 goto fail;
9320
9321 return send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
9322
9323 fail:
9324 nlmsg_free(msg);
9325 return -ENOBUFS;
9326 }
9327
9328
nl80211_tdls_oper(void * priv,enum tdls_oper oper,const u8 * peer)9329 static int nl80211_tdls_oper(void *priv, enum tdls_oper oper, const u8 *peer)
9330 {
9331 struct i802_bss *bss = priv;
9332 struct wpa_driver_nl80211_data *drv = bss->drv;
9333 struct nl_msg *msg;
9334 enum nl80211_tdls_operation nl80211_oper;
9335 int res;
9336
9337 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT))
9338 return -EOPNOTSUPP;
9339
9340 switch (oper) {
9341 case TDLS_DISCOVERY_REQ:
9342 nl80211_oper = NL80211_TDLS_DISCOVERY_REQ;
9343 break;
9344 case TDLS_SETUP:
9345 nl80211_oper = NL80211_TDLS_SETUP;
9346 break;
9347 case TDLS_TEARDOWN:
9348 nl80211_oper = NL80211_TDLS_TEARDOWN;
9349 break;
9350 case TDLS_ENABLE_LINK:
9351 nl80211_oper = NL80211_TDLS_ENABLE_LINK;
9352 break;
9353 case TDLS_DISABLE_LINK:
9354 nl80211_oper = NL80211_TDLS_DISABLE_LINK;
9355 break;
9356 case TDLS_ENABLE:
9357 return 0;
9358 case TDLS_DISABLE:
9359 return 0;
9360 default:
9361 return -EINVAL;
9362 }
9363
9364 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_TDLS_OPER)) ||
9365 nla_put_u8(msg, NL80211_ATTR_TDLS_OPERATION, nl80211_oper) ||
9366 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, peer)) {
9367 nlmsg_free(msg);
9368 return -ENOBUFS;
9369 }
9370
9371 res = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
9372 wpa_printf(MSG_DEBUG, "nl80211: TDLS_OPER: oper=%d mac=" MACSTR
9373 " --> res=%d (%s)", nl80211_oper, MAC2STR(peer), res,
9374 strerror(-res));
9375 return res;
9376 }
9377
9378
9379 static int
nl80211_tdls_enable_channel_switch(void * priv,const u8 * addr,u8 oper_class,const struct hostapd_freq_params * params)9380 nl80211_tdls_enable_channel_switch(void *priv, const u8 *addr, u8 oper_class,
9381 const struct hostapd_freq_params *params)
9382 {
9383 struct i802_bss *bss = priv;
9384 struct wpa_driver_nl80211_data *drv = bss->drv;
9385 struct nl_msg *msg;
9386 int ret = -ENOBUFS;
9387
9388 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT) ||
9389 !(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_CHANNEL_SWITCH))
9390 return -EOPNOTSUPP;
9391
9392 wpa_printf(MSG_DEBUG, "nl80211: Enable TDLS channel switch " MACSTR
9393 " oper_class=%u freq=%u",
9394 MAC2STR(addr), oper_class, params->freq);
9395 msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_TDLS_CHANNEL_SWITCH);
9396 if (!msg ||
9397 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr) ||
9398 nla_put_u8(msg, NL80211_ATTR_OPER_CLASS, oper_class) ||
9399 (ret = nl80211_put_freq_params(msg, params))) {
9400 nlmsg_free(msg);
9401 wpa_printf(MSG_DEBUG, "nl80211: Could not build TDLS chan switch");
9402 return ret;
9403 }
9404
9405 return send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
9406 }
9407
9408
9409 static int
nl80211_tdls_disable_channel_switch(void * priv,const u8 * addr)9410 nl80211_tdls_disable_channel_switch(void *priv, const u8 *addr)
9411 {
9412 struct i802_bss *bss = priv;
9413 struct wpa_driver_nl80211_data *drv = bss->drv;
9414 struct nl_msg *msg;
9415
9416 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT) ||
9417 !(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_CHANNEL_SWITCH))
9418 return -EOPNOTSUPP;
9419
9420 wpa_printf(MSG_DEBUG, "nl80211: Disable TDLS channel switch " MACSTR,
9421 MAC2STR(addr));
9422 msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_TDLS_CANCEL_CHANNEL_SWITCH);
9423 if (!msg ||
9424 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) {
9425 nlmsg_free(msg);
9426 wpa_printf(MSG_DEBUG,
9427 "nl80211: Could not build TDLS cancel chan switch");
9428 return -ENOBUFS;
9429 }
9430
9431 return send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
9432 }
9433
9434 #endif /* CONFIG TDLS */
9435
9436
driver_nl80211_set_key(void * priv,struct wpa_driver_set_key_params * params)9437 static int driver_nl80211_set_key(void *priv,
9438 struct wpa_driver_set_key_params *params)
9439 {
9440 struct i802_bss *bss = priv;
9441
9442 return wpa_driver_nl80211_set_key(bss, params);
9443 }
9444
9445
driver_nl80211_scan2(void * priv,struct wpa_driver_scan_params * params)9446 static int driver_nl80211_scan2(void *priv,
9447 struct wpa_driver_scan_params *params)
9448 {
9449 struct i802_bss *bss = priv;
9450 #ifdef CONFIG_DRIVER_NL80211_QCA
9451 struct wpa_driver_nl80211_data *drv = bss->drv;
9452
9453 /*
9454 * Do a vendor specific scan if possible. If only_new_results is
9455 * set, do a normal scan since a kernel (cfg80211) BSS cache flush
9456 * cannot be achieved through a vendor scan. The below condition may
9457 * need to be modified if new scan flags are added in the future whose
9458 * functionality can only be achieved through a normal scan.
9459 */
9460 if (drv->scan_vendor_cmd_avail && !params->only_new_results)
9461 return wpa_driver_nl80211_vendor_scan(bss, params);
9462 #endif /* CONFIG_DRIVER_NL80211_QCA */
9463 return wpa_driver_nl80211_scan(bss, params);
9464 }
9465
9466
driver_nl80211_deauthenticate(void * priv,const u8 * addr,u16 reason_code)9467 static int driver_nl80211_deauthenticate(void *priv, const u8 *addr,
9468 u16 reason_code)
9469 {
9470 struct i802_bss *bss = priv;
9471 return wpa_driver_nl80211_deauthenticate(bss, addr, reason_code);
9472 }
9473
9474
driver_nl80211_authenticate(void * priv,struct wpa_driver_auth_params * params)9475 static int driver_nl80211_authenticate(void *priv,
9476 struct wpa_driver_auth_params *params)
9477 {
9478 struct i802_bss *bss = priv;
9479 return wpa_driver_nl80211_authenticate(bss, params);
9480 }
9481
9482
driver_nl80211_deinit(void * priv)9483 static void driver_nl80211_deinit(void *priv)
9484 {
9485 struct i802_bss *bss = priv;
9486 wpa_driver_nl80211_deinit(bss);
9487 }
9488
9489
driver_nl80211_if_remove(void * priv,enum wpa_driver_if_type type,const char * ifname)9490 static int driver_nl80211_if_remove(void *priv, enum wpa_driver_if_type type,
9491 const char *ifname)
9492 {
9493 struct i802_bss *bss = priv;
9494 return wpa_driver_nl80211_if_remove(bss, type, ifname);
9495 }
9496
9497
driver_nl80211_send_mlme(void * priv,const u8 * data,size_t data_len,int noack,unsigned int freq,const u16 * csa_offs,size_t csa_offs_len,int no_encrypt,unsigned int wait)9498 static int driver_nl80211_send_mlme(void *priv, const u8 *data,
9499 size_t data_len, int noack,
9500 unsigned int freq,
9501 const u16 *csa_offs, size_t csa_offs_len,
9502 int no_encrypt, unsigned int wait)
9503 {
9504 struct i802_bss *bss = priv;
9505 return wpa_driver_nl80211_send_mlme(bss, data, data_len, noack,
9506 freq, 0, 0, wait, csa_offs,
9507 csa_offs_len, no_encrypt);
9508 }
9509
9510
driver_nl80211_sta_remove(void * priv,const u8 * addr)9511 static int driver_nl80211_sta_remove(void *priv, const u8 *addr)
9512 {
9513 struct i802_bss *bss = priv;
9514 return wpa_driver_nl80211_sta_remove(bss, addr, -1, 0);
9515 }
9516
9517
driver_nl80211_set_sta_vlan(void * priv,const u8 * addr,const char * ifname,int vlan_id)9518 static int driver_nl80211_set_sta_vlan(void *priv, const u8 *addr,
9519 const char *ifname, int vlan_id)
9520 {
9521 struct i802_bss *bss = priv;
9522 return i802_set_sta_vlan(bss, addr, ifname, vlan_id);
9523 }
9524
9525
driver_nl80211_read_sta_data(void * priv,struct hostap_sta_driver_data * data,const u8 * addr)9526 static int driver_nl80211_read_sta_data(void *priv,
9527 struct hostap_sta_driver_data *data,
9528 const u8 *addr)
9529 {
9530 struct i802_bss *bss = priv;
9531
9532 os_memset(data, 0, sizeof(*data));
9533 return i802_read_sta_data(bss, data, addr);
9534 }
9535
9536
driver_nl80211_send_action(void * priv,unsigned int freq,unsigned int wait_time,const u8 * dst,const u8 * src,const u8 * bssid,const u8 * data,size_t data_len,int no_cck)9537 static int driver_nl80211_send_action(void *priv, unsigned int freq,
9538 unsigned int wait_time,
9539 const u8 *dst, const u8 *src,
9540 const u8 *bssid,
9541 const u8 *data, size_t data_len,
9542 int no_cck)
9543 {
9544 struct i802_bss *bss = priv;
9545 return wpa_driver_nl80211_send_action(bss, freq, wait_time, dst, src,
9546 bssid, data, data_len, no_cck);
9547 }
9548
9549
driver_nl80211_probe_req_report(void * priv,int report)9550 static int driver_nl80211_probe_req_report(void *priv, int report)
9551 {
9552 struct i802_bss *bss = priv;
9553 return wpa_driver_nl80211_probe_req_report(bss, report);
9554 }
9555
9556
wpa_driver_nl80211_update_ft_ies(void * priv,const u8 * md,const u8 * ies,size_t ies_len)9557 static int wpa_driver_nl80211_update_ft_ies(void *priv, const u8 *md,
9558 const u8 *ies, size_t ies_len)
9559 {
9560 int ret;
9561 struct nl_msg *msg;
9562 struct i802_bss *bss = priv;
9563 struct wpa_driver_nl80211_data *drv = bss->drv;
9564 u16 mdid = WPA_GET_LE16(md);
9565
9566 wpa_printf(MSG_DEBUG, "nl80211: Updating FT IEs");
9567 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_UPDATE_FT_IES)) ||
9568 nla_put(msg, NL80211_ATTR_IE, ies_len, ies) ||
9569 nla_put_u16(msg, NL80211_ATTR_MDID, mdid)) {
9570 nlmsg_free(msg);
9571 return -ENOBUFS;
9572 }
9573
9574 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
9575 if (ret) {
9576 wpa_printf(MSG_DEBUG, "nl80211: update_ft_ies failed "
9577 "err=%d (%s)", ret, strerror(-ret));
9578 }
9579
9580 return ret;
9581 }
9582
9583
nl80211_update_dh_ie(void * priv,const u8 * peer_mac,u16 reason_code,const u8 * ie,size_t ie_len)9584 static int nl80211_update_dh_ie(void *priv, const u8 *peer_mac,
9585 u16 reason_code, const u8 *ie, size_t ie_len)
9586 {
9587 int ret;
9588 struct nl_msg *msg;
9589 struct i802_bss *bss = priv;
9590 struct wpa_driver_nl80211_data *drv = bss->drv;
9591
9592 wpa_printf(MSG_DEBUG, "nl80211: Updating DH IE peer: " MACSTR
9593 " reason %u", MAC2STR(peer_mac), reason_code);
9594 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_UPDATE_OWE_INFO)) ||
9595 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, peer_mac) ||
9596 nla_put_u16(msg, NL80211_ATTR_STATUS_CODE, reason_code) ||
9597 (ie && nla_put(msg, NL80211_ATTR_IE, ie_len, ie))) {
9598 nlmsg_free(msg);
9599 return -ENOBUFS;
9600 }
9601
9602 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
9603 if (ret) {
9604 wpa_printf(MSG_DEBUG,
9605 "nl80211: update_dh_ie failed err=%d (%s)",
9606 ret, strerror(-ret));
9607 }
9608
9609 return ret;
9610 }
9611
9612
wpa_driver_nl80211_get_macaddr(void * priv)9613 static const u8 * wpa_driver_nl80211_get_macaddr(void *priv)
9614 {
9615 struct i802_bss *bss = priv;
9616 struct wpa_driver_nl80211_data *drv = bss->drv;
9617
9618 if (drv->nlmode != NL80211_IFTYPE_P2P_DEVICE)
9619 return NULL;
9620
9621 return bss->addr;
9622 }
9623
9624
scan_state_str(enum scan_states scan_state)9625 static const char * scan_state_str(enum scan_states scan_state)
9626 {
9627 switch (scan_state) {
9628 case NO_SCAN:
9629 return "NO_SCAN";
9630 case SCAN_REQUESTED:
9631 return "SCAN_REQUESTED";
9632 case SCAN_STARTED:
9633 return "SCAN_STARTED";
9634 case SCAN_COMPLETED:
9635 return "SCAN_COMPLETED";
9636 case SCAN_ABORTED:
9637 return "SCAN_ABORTED";
9638 case SCHED_SCAN_STARTED:
9639 return "SCHED_SCAN_STARTED";
9640 case SCHED_SCAN_STOPPED:
9641 return "SCHED_SCAN_STOPPED";
9642 case SCHED_SCAN_RESULTS:
9643 return "SCHED_SCAN_RESULTS";
9644 }
9645
9646 return "??";
9647 }
9648
9649
wpa_driver_nl80211_status(void * priv,char * buf,size_t buflen)9650 static int wpa_driver_nl80211_status(void *priv, char *buf, size_t buflen)
9651 {
9652 struct i802_bss *bss = priv;
9653 struct wpa_driver_nl80211_data *drv = bss->drv;
9654 int res;
9655 char *pos, *end;
9656 struct nl_msg *msg;
9657 char alpha2[3] = { 0, 0, 0 };
9658
9659 pos = buf;
9660 end = buf + buflen;
9661
9662 res = os_snprintf(pos, end - pos,
9663 "ifindex=%d\n"
9664 "ifname=%s\n"
9665 "brname=%s\n"
9666 "addr=" MACSTR "\n"
9667 "freq=%d\n"
9668 "%s%s%s%s%s%s",
9669 bss->ifindex,
9670 bss->ifname,
9671 bss->brname,
9672 MAC2STR(bss->addr),
9673 bss->freq,
9674 bss->beacon_set ? "beacon_set=1\n" : "",
9675 bss->added_if_into_bridge ?
9676 "added_if_into_bridge=1\n" : "",
9677 bss->already_in_bridge ? "already_in_bridge=1\n" : "",
9678 bss->added_bridge ? "added_bridge=1\n" : "",
9679 bss->in_deinit ? "in_deinit=1\n" : "",
9680 bss->if_dynamic ? "if_dynamic=1\n" : "");
9681 if (os_snprintf_error(end - pos, res))
9682 return pos - buf;
9683 pos += res;
9684
9685 if (bss->wdev_id_set) {
9686 res = os_snprintf(pos, end - pos, "wdev_id=%llu\n",
9687 (unsigned long long) bss->wdev_id);
9688 if (os_snprintf_error(end - pos, res))
9689 return pos - buf;
9690 pos += res;
9691 }
9692
9693 res = os_snprintf(pos, end - pos,
9694 "phyname=%s\n"
9695 "perm_addr=" MACSTR "\n"
9696 "drv_ifindex=%d\n"
9697 "operstate=%d\n"
9698 "scan_state=%s\n"
9699 "auth_bssid=" MACSTR "\n"
9700 "auth_attempt_bssid=" MACSTR "\n"
9701 "bssid=" MACSTR "\n"
9702 "prev_bssid=" MACSTR "\n"
9703 "associated=%d\n"
9704 "assoc_freq=%u\n"
9705 "monitor_sock=%d\n"
9706 "monitor_ifidx=%d\n"
9707 "monitor_refcount=%d\n"
9708 "last_mgmt_freq=%u\n"
9709 "eapol_tx_sock=%d\n"
9710 "%s%s%s%s%s%s%s%s%s%s%s%s%s",
9711 drv->phyname,
9712 MAC2STR(drv->perm_addr),
9713 drv->ifindex,
9714 drv->operstate,
9715 scan_state_str(drv->scan_state),
9716 MAC2STR(drv->auth_bssid),
9717 MAC2STR(drv->auth_attempt_bssid),
9718 MAC2STR(drv->bssid),
9719 MAC2STR(drv->prev_bssid),
9720 drv->associated,
9721 drv->assoc_freq,
9722 drv->monitor_sock,
9723 drv->monitor_ifidx,
9724 drv->monitor_refcount,
9725 drv->last_mgmt_freq,
9726 drv->eapol_tx_sock,
9727 drv->ignore_if_down_event ?
9728 "ignore_if_down_event=1\n" : "",
9729 drv->scan_complete_events ?
9730 "scan_complete_events=1\n" : "",
9731 drv->disabled_11b_rates ?
9732 "disabled_11b_rates=1\n" : "",
9733 drv->pending_remain_on_chan ?
9734 "pending_remain_on_chan=1\n" : "",
9735 drv->in_interface_list ? "in_interface_list=1\n" : "",
9736 drv->device_ap_sme ? "device_ap_sme=1\n" : "",
9737 drv->poll_command_supported ?
9738 "poll_command_supported=1\n" : "",
9739 drv->data_tx_status ? "data_tx_status=1\n" : "",
9740 drv->scan_for_auth ? "scan_for_auth=1\n" : "",
9741 drv->retry_auth ? "retry_auth=1\n" : "",
9742 drv->use_monitor ? "use_monitor=1\n" : "",
9743 drv->ignore_next_local_disconnect ?
9744 "ignore_next_local_disconnect=1\n" : "",
9745 drv->ignore_next_local_deauth ?
9746 "ignore_next_local_deauth=1\n" : "");
9747 if (os_snprintf_error(end - pos, res))
9748 return pos - buf;
9749 pos += res;
9750
9751 if (drv->has_capability) {
9752 res = os_snprintf(pos, end - pos,
9753 "capa.key_mgmt=0x%x\n"
9754 "capa.enc=0x%x\n"
9755 "capa.auth=0x%x\n"
9756 "capa.flags=0x%llx\n"
9757 "capa.rrm_flags=0x%x\n"
9758 "capa.max_scan_ssids=%d\n"
9759 "capa.max_sched_scan_ssids=%d\n"
9760 "capa.sched_scan_supported=%d\n"
9761 "capa.max_match_sets=%d\n"
9762 "capa.max_remain_on_chan=%u\n"
9763 "capa.max_stations=%u\n"
9764 "capa.probe_resp_offloads=0x%x\n"
9765 "capa.max_acl_mac_addrs=%u\n"
9766 "capa.num_multichan_concurrent=%u\n"
9767 "capa.mac_addr_rand_sched_scan_supported=%d\n"
9768 "capa.mac_addr_rand_scan_supported=%d\n"
9769 "capa.conc_capab=%u\n"
9770 "capa.max_conc_chan_2_4=%u\n"
9771 "capa.max_conc_chan_5_0=%u\n"
9772 "capa.max_sched_scan_plans=%u\n"
9773 "capa.max_sched_scan_plan_interval=%u\n"
9774 "capa.max_sched_scan_plan_iterations=%u\n",
9775 drv->capa.key_mgmt,
9776 drv->capa.enc,
9777 drv->capa.auth,
9778 (unsigned long long) drv->capa.flags,
9779 drv->capa.rrm_flags,
9780 drv->capa.max_scan_ssids,
9781 drv->capa.max_sched_scan_ssids,
9782 drv->capa.sched_scan_supported,
9783 drv->capa.max_match_sets,
9784 drv->capa.max_remain_on_chan,
9785 drv->capa.max_stations,
9786 drv->capa.probe_resp_offloads,
9787 drv->capa.max_acl_mac_addrs,
9788 drv->capa.num_multichan_concurrent,
9789 drv->capa.mac_addr_rand_sched_scan_supported,
9790 drv->capa.mac_addr_rand_scan_supported,
9791 drv->capa.conc_capab,
9792 drv->capa.max_conc_chan_2_4,
9793 drv->capa.max_conc_chan_5_0,
9794 drv->capa.max_sched_scan_plans,
9795 drv->capa.max_sched_scan_plan_interval,
9796 drv->capa.max_sched_scan_plan_iterations);
9797 if (os_snprintf_error(end - pos, res))
9798 return pos - buf;
9799 pos += res;
9800 }
9801
9802 msg = nlmsg_alloc();
9803 if (msg &&
9804 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_REG) &&
9805 nla_put_u32(msg, NL80211_ATTR_WIPHY, drv->wiphy_idx) == 0) {
9806 if (send_and_recv_msgs(drv, msg, nl80211_get_country,
9807 alpha2, NULL, NULL) == 0 &&
9808 alpha2[0]) {
9809 res = os_snprintf(pos, end - pos, "country=%s\n",
9810 alpha2);
9811 if (os_snprintf_error(end - pos, res))
9812 return pos - buf;
9813 pos += res;
9814 }
9815 } else {
9816 nlmsg_free(msg);
9817 }
9818
9819 return pos - buf;
9820 }
9821
9822
set_beacon_data(struct nl_msg * msg,struct beacon_data * settings)9823 static int set_beacon_data(struct nl_msg *msg, struct beacon_data *settings)
9824 {
9825 if ((settings->head &&
9826 nla_put(msg, NL80211_ATTR_BEACON_HEAD,
9827 settings->head_len, settings->head)) ||
9828 (settings->tail &&
9829 nla_put(msg, NL80211_ATTR_BEACON_TAIL,
9830 settings->tail_len, settings->tail)) ||
9831 (settings->beacon_ies &&
9832 nla_put(msg, NL80211_ATTR_IE,
9833 settings->beacon_ies_len, settings->beacon_ies)) ||
9834 (settings->proberesp_ies &&
9835 nla_put(msg, NL80211_ATTR_IE_PROBE_RESP,
9836 settings->proberesp_ies_len, settings->proberesp_ies)) ||
9837 (settings->assocresp_ies &&
9838 nla_put(msg, NL80211_ATTR_IE_ASSOC_RESP,
9839 settings->assocresp_ies_len, settings->assocresp_ies)) ||
9840 (settings->probe_resp &&
9841 nla_put(msg, NL80211_ATTR_PROBE_RESP,
9842 settings->probe_resp_len, settings->probe_resp)))
9843 return -ENOBUFS;
9844
9845 return 0;
9846 }
9847
9848
nl80211_switch_channel(void * priv,struct csa_settings * settings)9849 static int nl80211_switch_channel(void *priv, struct csa_settings *settings)
9850 {
9851 struct nl_msg *msg;
9852 struct i802_bss *bss = priv;
9853 struct wpa_driver_nl80211_data *drv = bss->drv;
9854 struct nlattr *beacon_csa;
9855 int ret = -ENOBUFS;
9856 int csa_off_len = 0;
9857 int i;
9858
9859 wpa_printf(MSG_DEBUG, "nl80211: Channel switch request (cs_count=%u block_tx=%u freq=%d width=%d cf1=%d cf2=%d)",
9860 settings->cs_count, settings->block_tx,
9861 settings->freq_params.freq, settings->freq_params.bandwidth,
9862 settings->freq_params.center_freq1,
9863 settings->freq_params.center_freq2);
9864
9865 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_AP_CSA)) {
9866 wpa_printf(MSG_DEBUG, "nl80211: Driver does not support channel switch command");
9867 return -EOPNOTSUPP;
9868 }
9869
9870 if (drv->nlmode != NL80211_IFTYPE_AP &&
9871 drv->nlmode != NL80211_IFTYPE_P2P_GO &&
9872 drv->nlmode != NL80211_IFTYPE_MESH_POINT)
9873 return -EOPNOTSUPP;
9874
9875 /*
9876 * Remove empty counters, assuming Probe Response and Beacon frame
9877 * counters match. This implementation assumes that there are only two
9878 * counters.
9879 */
9880 if (settings->counter_offset_beacon[0] &&
9881 !settings->counter_offset_beacon[1]) {
9882 csa_off_len = 1;
9883 } else if (settings->counter_offset_beacon[1] &&
9884 !settings->counter_offset_beacon[0]) {
9885 csa_off_len = 1;
9886 settings->counter_offset_beacon[0] =
9887 settings->counter_offset_beacon[1];
9888 settings->counter_offset_presp[0] =
9889 settings->counter_offset_presp[1];
9890 } else if (settings->counter_offset_beacon[1] &&
9891 settings->counter_offset_beacon[0]) {
9892 csa_off_len = 2;
9893 } else {
9894 wpa_printf(MSG_ERROR, "nl80211: No CSA counters provided");
9895 return -EINVAL;
9896 }
9897
9898 /* Check CSA counters validity */
9899 if (drv->capa.max_csa_counters &&
9900 csa_off_len > drv->capa.max_csa_counters) {
9901 wpa_printf(MSG_ERROR,
9902 "nl80211: Too many CSA counters provided");
9903 return -EINVAL;
9904 }
9905
9906 if (!settings->beacon_csa.tail)
9907 return -EINVAL;
9908
9909 for (i = 0; i < csa_off_len; i++) {
9910 u16 csa_c_off_bcn = settings->counter_offset_beacon[i];
9911 u16 csa_c_off_presp = settings->counter_offset_presp[i];
9912
9913 if ((settings->beacon_csa.tail_len <= csa_c_off_bcn) ||
9914 (settings->beacon_csa.tail[csa_c_off_bcn] !=
9915 settings->cs_count))
9916 return -EINVAL;
9917
9918 if (settings->beacon_csa.probe_resp &&
9919 ((settings->beacon_csa.probe_resp_len <=
9920 csa_c_off_presp) ||
9921 (settings->beacon_csa.probe_resp[csa_c_off_presp] !=
9922 settings->cs_count)))
9923 return -EINVAL;
9924 }
9925
9926 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_CHANNEL_SWITCH)) ||
9927 nla_put_u32(msg, NL80211_ATTR_CH_SWITCH_COUNT,
9928 settings->cs_count) ||
9929 (ret = nl80211_put_freq_params(msg, &settings->freq_params)) ||
9930 (settings->block_tx &&
9931 nla_put_flag(msg, NL80211_ATTR_CH_SWITCH_BLOCK_TX)))
9932 goto error;
9933
9934 /* beacon_after params */
9935 ret = set_beacon_data(msg, &settings->beacon_after);
9936 if (ret)
9937 goto error;
9938
9939 /* beacon_csa params */
9940 beacon_csa = nla_nest_start(msg, NL80211_ATTR_CSA_IES);
9941 if (!beacon_csa)
9942 goto fail;
9943
9944 ret = set_beacon_data(msg, &settings->beacon_csa);
9945 if (ret)
9946 goto error;
9947
9948 if (nla_put(msg, NL80211_ATTR_CSA_C_OFF_BEACON,
9949 csa_off_len * sizeof(u16),
9950 settings->counter_offset_beacon) ||
9951 (settings->beacon_csa.probe_resp &&
9952 nla_put(msg, NL80211_ATTR_CSA_C_OFF_PRESP,
9953 csa_off_len * sizeof(u16),
9954 settings->counter_offset_presp)))
9955 goto fail;
9956
9957 nla_nest_end(msg, beacon_csa);
9958 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
9959 if (ret) {
9960 wpa_printf(MSG_DEBUG, "nl80211: switch_channel failed err=%d (%s)",
9961 ret, strerror(-ret));
9962 }
9963 return ret;
9964
9965 fail:
9966 ret = -ENOBUFS;
9967 error:
9968 nlmsg_free(msg);
9969 wpa_printf(MSG_DEBUG, "nl80211: Could not build channel switch request");
9970 return ret;
9971 }
9972
9973
nl80211_add_ts(void * priv,u8 tsid,const u8 * addr,u8 user_priority,u16 admitted_time)9974 static int nl80211_add_ts(void *priv, u8 tsid, const u8 *addr,
9975 u8 user_priority, u16 admitted_time)
9976 {
9977 struct i802_bss *bss = priv;
9978 struct wpa_driver_nl80211_data *drv = bss->drv;
9979 struct nl_msg *msg;
9980 int ret;
9981
9982 wpa_printf(MSG_DEBUG,
9983 "nl80211: add_ts request: tsid=%u admitted_time=%u up=%d",
9984 tsid, admitted_time, user_priority);
9985
9986 if (!is_sta_interface(drv->nlmode))
9987 return -ENOTSUP;
9988
9989 msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_ADD_TX_TS);
9990 if (!msg ||
9991 nla_put_u8(msg, NL80211_ATTR_TSID, tsid) ||
9992 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr) ||
9993 nla_put_u8(msg, NL80211_ATTR_USER_PRIO, user_priority) ||
9994 nla_put_u16(msg, NL80211_ATTR_ADMITTED_TIME, admitted_time)) {
9995 nlmsg_free(msg);
9996 return -ENOBUFS;
9997 }
9998
9999 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
10000 if (ret)
10001 wpa_printf(MSG_DEBUG, "nl80211: add_ts failed err=%d (%s)",
10002 ret, strerror(-ret));
10003 return ret;
10004 }
10005
10006
nl80211_del_ts(void * priv,u8 tsid,const u8 * addr)10007 static int nl80211_del_ts(void *priv, u8 tsid, const u8 *addr)
10008 {
10009 struct i802_bss *bss = priv;
10010 struct wpa_driver_nl80211_data *drv = bss->drv;
10011 struct nl_msg *msg;
10012 int ret;
10013
10014 wpa_printf(MSG_DEBUG, "nl80211: del_ts request: tsid=%u", tsid);
10015
10016 if (!is_sta_interface(drv->nlmode))
10017 return -ENOTSUP;
10018
10019 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_DEL_TX_TS)) ||
10020 nla_put_u8(msg, NL80211_ATTR_TSID, tsid) ||
10021 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) {
10022 nlmsg_free(msg);
10023 return -ENOBUFS;
10024 }
10025
10026 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
10027 if (ret)
10028 wpa_printf(MSG_DEBUG, "nl80211: del_ts failed err=%d (%s)",
10029 ret, strerror(-ret));
10030 return ret;
10031 }
10032
10033
10034 #ifdef CONFIG_TESTING_OPTIONS
cmd_reply_handler(struct nl_msg * msg,void * arg)10035 static int cmd_reply_handler(struct nl_msg *msg, void *arg)
10036 {
10037 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
10038 struct wpabuf *buf = arg;
10039
10040 if (!buf)
10041 return NL_SKIP;
10042
10043 if ((size_t) genlmsg_attrlen(gnlh, 0) > wpabuf_tailroom(buf)) {
10044 wpa_printf(MSG_INFO, "nl80211: insufficient buffer space for reply");
10045 return NL_SKIP;
10046 }
10047
10048 wpabuf_put_data(buf, genlmsg_attrdata(gnlh, 0),
10049 genlmsg_attrlen(gnlh, 0));
10050
10051 return NL_SKIP;
10052 }
10053 #endif /* CONFIG_TESTING_OPTIONS */
10054
10055
vendor_reply_handler(struct nl_msg * msg,void * arg)10056 static int vendor_reply_handler(struct nl_msg *msg, void *arg)
10057 {
10058 struct nlattr *tb[NL80211_ATTR_MAX + 1];
10059 struct nlattr *nl_vendor_reply, *nl;
10060 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
10061 struct wpabuf *buf = arg;
10062 int rem;
10063
10064 if (!buf)
10065 return NL_SKIP;
10066
10067 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
10068 genlmsg_attrlen(gnlh, 0), NULL);
10069 nl_vendor_reply = tb[NL80211_ATTR_VENDOR_DATA];
10070
10071 if (!nl_vendor_reply)
10072 return NL_SKIP;
10073
10074 if ((size_t) nla_len(nl_vendor_reply) > wpabuf_tailroom(buf)) {
10075 wpa_printf(MSG_INFO, "nl80211: Vendor command: insufficient buffer space for reply");
10076 return NL_SKIP;
10077 }
10078
10079 nla_for_each_nested(nl, nl_vendor_reply, rem) {
10080 wpabuf_put_data(buf, nla_data(nl), nla_len(nl));
10081 }
10082
10083 return NL_SKIP;
10084 }
10085
10086
is_cmd_with_nested_attrs(unsigned int vendor_id,unsigned int subcmd)10087 static bool is_cmd_with_nested_attrs(unsigned int vendor_id,
10088 unsigned int subcmd)
10089 {
10090 if (vendor_id != OUI_QCA)
10091 return true;
10092
10093 switch (subcmd) {
10094 case QCA_NL80211_VENDOR_SUBCMD_AVOID_FREQUENCY:
10095 case QCA_NL80211_VENDOR_SUBCMD_STATS_EXT:
10096 case QCA_NL80211_VENDOR_SUBCMD_SCANNING_MAC_OUI:
10097 case QCA_NL80211_VENDOR_SUBCMD_KEY_MGMT_SET_KEY:
10098 case QCA_NL80211_VENDOR_SUBCMD_SPECTRAL_SCAN_GET_STATUS:
10099 case QCA_NL80211_VENDOR_SUBCMD_NAN:
10100 return false;
10101 default:
10102 return true;
10103 }
10104 }
10105
10106
nl80211_vendor_cmd(void * priv,unsigned int vendor_id,unsigned int subcmd,const u8 * data,size_t data_len,enum nested_attr nested_attr,struct wpabuf * buf)10107 static int nl80211_vendor_cmd(void *priv, unsigned int vendor_id,
10108 unsigned int subcmd, const u8 *data,
10109 size_t data_len, enum nested_attr nested_attr,
10110 struct wpabuf *buf)
10111 {
10112 struct i802_bss *bss = priv;
10113 struct wpa_driver_nl80211_data *drv = bss->drv;
10114 struct nl_msg *msg;
10115 int ret, nla_flag;
10116
10117 #ifdef CONFIG_TESTING_OPTIONS
10118 if (vendor_id == 0xffffffff) {
10119 msg = nlmsg_alloc();
10120 if (!msg)
10121 return -ENOMEM;
10122
10123 nl80211_cmd(drv, msg, 0, subcmd);
10124 if (nlmsg_append(msg, (void *) data, data_len, NLMSG_ALIGNTO) <
10125 0)
10126 goto fail;
10127 /* This test vendor_cmd can be used with nl80211 commands that
10128 * need the connect nl_sock, so use the owner-setting variant
10129 * of send_and_recv_msgs(). */
10130 ret = send_and_recv_msgs_owner(drv, msg,
10131 get_connect_handle(bss), 0,
10132 cmd_reply_handler, buf,
10133 NULL, NULL);
10134 if (ret)
10135 wpa_printf(MSG_DEBUG, "nl80211: command failed err=%d",
10136 ret);
10137 return ret;
10138 }
10139 #endif /* CONFIG_TESTING_OPTIONS */
10140
10141 if (nested_attr == NESTED_ATTR_USED)
10142 nla_flag = NLA_F_NESTED;
10143 else if (nested_attr == NESTED_ATTR_UNSPECIFIED &&
10144 is_cmd_with_nested_attrs(vendor_id, subcmd))
10145 nla_flag = NLA_F_NESTED;
10146 else
10147 nla_flag = 0;
10148
10149 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_VENDOR)) ||
10150 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, vendor_id) ||
10151 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD, subcmd) ||
10152 (data &&
10153 nla_put(msg, nla_flag | NL80211_ATTR_VENDOR_DATA,
10154 data_len, data)))
10155 goto fail;
10156
10157 ret = send_and_recv_msgs(drv, msg, vendor_reply_handler, buf,
10158 NULL, NULL);
10159 if (ret)
10160 wpa_printf(MSG_DEBUG, "nl80211: vendor command failed err=%d",
10161 ret);
10162 return ret;
10163
10164 fail:
10165 nlmsg_free(msg);
10166 return -ENOBUFS;
10167 }
10168
10169
nl80211_set_qos_map(void * priv,const u8 * qos_map_set,u8 qos_map_set_len)10170 static int nl80211_set_qos_map(void *priv, const u8 *qos_map_set,
10171 u8 qos_map_set_len)
10172 {
10173 struct i802_bss *bss = priv;
10174 struct wpa_driver_nl80211_data *drv = bss->drv;
10175 struct nl_msg *msg;
10176 int ret;
10177
10178 wpa_hexdump(MSG_DEBUG, "nl80211: Setting QoS Map",
10179 qos_map_set, qos_map_set_len);
10180
10181 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_SET_QOS_MAP)) ||
10182 nla_put(msg, NL80211_ATTR_QOS_MAP, qos_map_set_len, qos_map_set)) {
10183 nlmsg_free(msg);
10184 return -ENOBUFS;
10185 }
10186
10187 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
10188 if (ret)
10189 wpa_printf(MSG_DEBUG, "nl80211: Setting QoS Map failed");
10190
10191 return ret;
10192 }
10193
10194
get_wowlan_handler(struct nl_msg * msg,void * arg)10195 static int get_wowlan_handler(struct nl_msg *msg, void *arg)
10196 {
10197 struct nlattr *tb[NL80211_ATTR_MAX + 1];
10198 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
10199 int *wowlan_enabled = arg;
10200
10201 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
10202 genlmsg_attrlen(gnlh, 0), NULL);
10203
10204 *wowlan_enabled = !!tb[NL80211_ATTR_WOWLAN_TRIGGERS];
10205
10206 return NL_SKIP;
10207 }
10208
10209
nl80211_get_wowlan(void * priv)10210 static int nl80211_get_wowlan(void *priv)
10211 {
10212 struct i802_bss *bss = priv;
10213 struct wpa_driver_nl80211_data *drv = bss->drv;
10214 struct nl_msg *msg;
10215 int wowlan_enabled;
10216 int ret;
10217
10218 wpa_printf(MSG_DEBUG, "nl80211: Getting wowlan status");
10219
10220 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_GET_WOWLAN);
10221
10222 ret = send_and_recv_msgs(drv, msg, get_wowlan_handler, &wowlan_enabled,
10223 NULL, NULL);
10224 if (ret) {
10225 wpa_printf(MSG_DEBUG, "nl80211: Getting wowlan status failed");
10226 return 0;
10227 }
10228
10229 wpa_printf(MSG_DEBUG, "nl80211: wowlan is %s",
10230 wowlan_enabled ? "enabled" : "disabled");
10231
10232 return wowlan_enabled;
10233 }
10234
10235
nl80211_set_wowlan(void * priv,const struct wowlan_triggers * triggers)10236 static int nl80211_set_wowlan(void *priv,
10237 const struct wowlan_triggers *triggers)
10238 {
10239 struct i802_bss *bss = priv;
10240 struct wpa_driver_nl80211_data *drv = bss->drv;
10241 struct nl_msg *msg;
10242 struct nlattr *wowlan_triggers;
10243 int ret;
10244
10245 wpa_printf(MSG_DEBUG, "nl80211: Setting wowlan");
10246
10247 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_SET_WOWLAN)) ||
10248 !(wowlan_triggers = nla_nest_start(msg,
10249 NL80211_ATTR_WOWLAN_TRIGGERS)) ||
10250 (triggers->any &&
10251 nla_put_flag(msg, NL80211_WOWLAN_TRIG_ANY)) ||
10252 (triggers->disconnect &&
10253 nla_put_flag(msg, NL80211_WOWLAN_TRIG_DISCONNECT)) ||
10254 (triggers->magic_pkt &&
10255 nla_put_flag(msg, NL80211_WOWLAN_TRIG_MAGIC_PKT)) ||
10256 (triggers->gtk_rekey_failure &&
10257 nla_put_flag(msg, NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE)) ||
10258 (triggers->eap_identity_req &&
10259 nla_put_flag(msg, NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST)) ||
10260 (triggers->four_way_handshake &&
10261 nla_put_flag(msg, NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE)) ||
10262 (triggers->rfkill_release &&
10263 nla_put_flag(msg, NL80211_WOWLAN_TRIG_RFKILL_RELEASE))) {
10264 nlmsg_free(msg);
10265 return -ENOBUFS;
10266 }
10267
10268 nla_nest_end(msg, wowlan_triggers);
10269
10270 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
10271 if (ret)
10272 wpa_printf(MSG_DEBUG, "nl80211: Setting wowlan failed");
10273
10274 return ret;
10275 }
10276
10277
10278 #ifdef CONFIG_DRIVER_NL80211_QCA
nl80211_roaming(void * priv,int allowed,const u8 * bssid)10279 static int nl80211_roaming(void *priv, int allowed, const u8 *bssid)
10280 {
10281 struct i802_bss *bss = priv;
10282 struct wpa_driver_nl80211_data *drv = bss->drv;
10283 struct nl_msg *msg;
10284 struct nlattr *params;
10285
10286 wpa_printf(MSG_DEBUG, "nl80211: Roaming policy: allowed=%d", allowed);
10287
10288 if (!drv->roaming_vendor_cmd_avail) {
10289 wpa_printf(MSG_DEBUG,
10290 "nl80211: Ignore roaming policy change since driver does not provide command for setting it");
10291 return -1;
10292 }
10293
10294 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) ||
10295 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) ||
10296 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD,
10297 QCA_NL80211_VENDOR_SUBCMD_ROAMING) ||
10298 !(params = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) ||
10299 nla_put_u32(msg, QCA_WLAN_VENDOR_ATTR_ROAMING_POLICY,
10300 allowed ? QCA_ROAMING_ALLOWED_WITHIN_ESS :
10301 QCA_ROAMING_NOT_ALLOWED) ||
10302 (bssid &&
10303 nla_put(msg, QCA_WLAN_VENDOR_ATTR_MAC_ADDR, ETH_ALEN, bssid))) {
10304 nlmsg_free(msg);
10305 return -1;
10306 }
10307 nla_nest_end(msg, params);
10308
10309 return send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
10310 }
10311
10312
nl80211_disable_fils(void * priv,int disable)10313 static int nl80211_disable_fils(void *priv, int disable)
10314 {
10315 struct i802_bss *bss = priv;
10316 struct wpa_driver_nl80211_data *drv = bss->drv;
10317 struct nl_msg *msg;
10318 struct nlattr *params;
10319
10320 wpa_printf(MSG_DEBUG, "nl80211: Disable FILS=%d", disable);
10321
10322 if (!drv->set_wifi_conf_vendor_cmd_avail)
10323 return -1;
10324
10325 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) ||
10326 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) ||
10327 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD,
10328 QCA_NL80211_VENDOR_SUBCMD_SET_WIFI_CONFIGURATION) ||
10329 !(params = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) ||
10330 nla_put_u8(msg, QCA_WLAN_VENDOR_ATTR_CONFIG_DISABLE_FILS,
10331 disable)) {
10332 nlmsg_free(msg);
10333 return -1;
10334 }
10335 nla_nest_end(msg, params);
10336
10337 return send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
10338 }
10339
10340
10341 /* Reserved QCA_WLAN_VENDOR_ATTR_ROAMING_REQ_ID value for wpa_supplicant */
10342 #define WPA_SUPPLICANT_CLIENT_ID 1
10343
nl80211_set_bssid_tmp_disallow(void * priv,unsigned int num_bssid,const u8 * bssid)10344 static int nl80211_set_bssid_tmp_disallow(void *priv, unsigned int num_bssid,
10345 const u8 *bssid)
10346 {
10347 struct i802_bss *bss = priv;
10348 struct wpa_driver_nl80211_data *drv = bss->drv;
10349 struct nl_msg *msg;
10350 struct nlattr *params, *nlbssids, *attr;
10351 unsigned int i;
10352
10353 wpa_printf(MSG_DEBUG,
10354 "nl80211: Set temporarily disallowed BSSIDs (num=%u)",
10355 num_bssid);
10356
10357 if (!drv->roam_vendor_cmd_avail)
10358 return -1;
10359
10360 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) ||
10361 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) ||
10362 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD,
10363 QCA_NL80211_VENDOR_SUBCMD_ROAM) ||
10364 !(params = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) ||
10365 nla_put_u32(msg, QCA_WLAN_VENDOR_ATTR_ROAMING_SUBCMD,
10366 QCA_WLAN_VENDOR_ROAMING_SUBCMD_SET_BLACKLIST_BSSID) ||
10367 nla_put_u32(msg, QCA_WLAN_VENDOR_ATTR_ROAMING_REQ_ID,
10368 WPA_SUPPLICANT_CLIENT_ID) ||
10369 nla_put_u32(msg,
10370 QCA_WLAN_VENDOR_ATTR_ROAMING_PARAM_SET_BSSID_PARAMS_NUM_BSSID,
10371 num_bssid))
10372 goto fail;
10373
10374 nlbssids = nla_nest_start(
10375 msg, QCA_WLAN_VENDOR_ATTR_ROAMING_PARAM_SET_BSSID_PARAMS);
10376 if (!nlbssids)
10377 goto fail;
10378
10379 for (i = 0; i < num_bssid; i++) {
10380 attr = nla_nest_start(msg, i);
10381 if (!attr)
10382 goto fail;
10383 if (nla_put(msg,
10384 QCA_WLAN_VENDOR_ATTR_ROAMING_PARAM_SET_BSSID_PARAMS_BSSID,
10385 ETH_ALEN, &bssid[i * ETH_ALEN]))
10386 goto fail;
10387 wpa_printf(MSG_DEBUG, "nl80211: BSSID[%u]: " MACSTR, i,
10388 MAC2STR(&bssid[i * ETH_ALEN]));
10389 nla_nest_end(msg, attr);
10390 }
10391 nla_nest_end(msg, nlbssids);
10392 nla_nest_end(msg, params);
10393
10394 return send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
10395
10396 fail:
10397 nlmsg_free(msg);
10398 return -1;
10399 }
10400
10401
nl80211_add_sta_node(void * priv,const u8 * addr,u16 auth_alg)10402 static int nl80211_add_sta_node(void *priv, const u8 *addr, u16 auth_alg)
10403 {
10404 struct i802_bss *bss = priv;
10405 struct wpa_driver_nl80211_data *drv = bss->drv;
10406 struct nl_msg *msg;
10407 struct nlattr *params;
10408
10409 if (!drv->add_sta_node_vendor_cmd_avail)
10410 return -EOPNOTSUPP;
10411
10412 wpa_printf(MSG_DEBUG, "nl80211: Add STA node");
10413
10414 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) ||
10415 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) ||
10416 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD,
10417 QCA_NL80211_VENDOR_SUBCMD_ADD_STA_NODE) ||
10418 !(params = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) ||
10419 (addr &&
10420 nla_put(msg, QCA_WLAN_VENDOR_ATTR_ADD_STA_NODE_MAC_ADDR, ETH_ALEN,
10421 addr)) ||
10422 nla_put_u16(msg, QCA_WLAN_VENDOR_ATTR_ADD_STA_NODE_AUTH_ALGO,
10423 auth_alg)) {
10424 nlmsg_free(msg);
10425 wpa_printf(MSG_ERROR,
10426 "%s: err in adding vendor_cmd and vendor_data",
10427 __func__);
10428 return -1;
10429 }
10430 nla_nest_end(msg, params);
10431
10432 return send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
10433 }
10434
10435 #endif /* CONFIG_DRIVER_NL80211_QCA */
10436
10437
nl80211_set_mac_addr(void * priv,const u8 * addr)10438 static int nl80211_set_mac_addr(void *priv, const u8 *addr)
10439 {
10440 struct i802_bss *bss = priv;
10441 struct wpa_driver_nl80211_data *drv = bss->drv;
10442 int new_addr = addr != NULL;
10443 #ifdef CONFIG_DRIVER_NL80211_BRCM
10444 struct nl_msg *msg;
10445 struct nlattr *params;
10446 int ret;
10447 #endif /* CONFIG_DRIVER_NL80211_BRCM */
10448 wpa_printf(MSG_DEBUG, "Enter: %s", __FUNCTION__);
10449
10450 if (TEST_FAIL())
10451 return -1;
10452 if (drv->nlmode == NL80211_IFTYPE_P2P_DEVICE) {
10453 #ifdef CONFIG_DRIVER_NL80211_BRCM
10454 if (!addr ) {
10455 addr = drv->global->p2p_perm_addr;
10456 }
10457
10458 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_VENDOR)) ||
10459 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_BRCM) ||
10460 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD,
10461 BRCM_VENDOR_SUBCMD_SET_MAC) ||
10462 !(params = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) ||
10463 nla_put(msg, BRCM_ATTR_DRIVER_MAC_ADDR, ETH_ALEN, addr)) {
10464 wpa_printf(MSG_ERROR, "failed to put p2p randmac");
10465 nl80211_nlmsg_clear(msg);
10466 nlmsg_free(msg);
10467 return -ENOBUFS;
10468 }
10469 nla_nest_end(msg, params);
10470
10471 ret = send_and_recv_msgs(drv, msg, NULL, (void *) -1, NULL, NULL);
10472 if (ret) {
10473 wpa_printf(MSG_ERROR, "nl80211: p2p set macaddr failed: ret=%d (%s)",
10474 ret, strerror(-ret));
10475 }
10476 memcpy(bss->addr, addr, ETH_ALEN);
10477 return ret;
10478 #else
10479 return -ENOTSUP;
10480 #endif /* CONFIG_DRIVER_NL80211_BRCM */
10481 }
10482 if (!addr)
10483 addr = drv->perm_addr;
10484
10485 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 0) < 0)
10486 return -1;
10487
10488 if (linux_set_ifhwaddr(drv->global->ioctl_sock, bss->ifname, addr) < 0)
10489 {
10490 wpa_printf(MSG_DEBUG,
10491 "nl80211: failed to set_mac_addr for %s to " MACSTR,
10492 bss->ifname, MAC2STR(addr));
10493 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname,
10494 1) < 0) {
10495 wpa_printf(MSG_DEBUG,
10496 "nl80211: Could not restore interface UP after failed set_mac_addr");
10497 }
10498 return -1;
10499 }
10500
10501 wpa_printf(MSG_DEBUG, "nl80211: set_mac_addr for %s to " MACSTR,
10502 bss->ifname, MAC2STR(addr));
10503 drv->addr_changed = new_addr;
10504 os_memcpy(bss->addr, addr, ETH_ALEN);
10505
10506 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 1) < 0)
10507 {
10508 wpa_printf(MSG_DEBUG,
10509 "nl80211: Could not restore interface UP after set_mac_addr");
10510 }
10511 return 0;
10512 }
10513
10514
10515 #ifdef CONFIG_MESH
10516
wpa_driver_nl80211_init_mesh(void * priv)10517 static int wpa_driver_nl80211_init_mesh(void *priv)
10518 {
10519 if (wpa_driver_nl80211_set_mode(priv, NL80211_IFTYPE_MESH_POINT)) {
10520 wpa_printf(MSG_INFO,
10521 "nl80211: Failed to set interface into mesh mode");
10522 return -1;
10523 }
10524 return 0;
10525 }
10526
10527
nl80211_put_mesh_id(struct nl_msg * msg,const u8 * mesh_id,size_t mesh_id_len)10528 static int nl80211_put_mesh_id(struct nl_msg *msg, const u8 *mesh_id,
10529 size_t mesh_id_len)
10530 {
10531 if (mesh_id) {
10532 wpa_printf(MSG_DEBUG, " * Mesh ID (SSID)=%s",
10533 wpa_ssid_txt(mesh_id, mesh_id_len));
10534 return nla_put(msg, NL80211_ATTR_MESH_ID, mesh_id_len, mesh_id);
10535 }
10536
10537 return 0;
10538 }
10539
10540
nl80211_put_mesh_config(struct nl_msg * msg,struct wpa_driver_mesh_bss_params * params)10541 static int nl80211_put_mesh_config(struct nl_msg *msg,
10542 struct wpa_driver_mesh_bss_params *params)
10543 {
10544 struct nlattr *container;
10545
10546 container = nla_nest_start(msg, NL80211_ATTR_MESH_CONFIG);
10547 if (!container)
10548 return -1;
10549
10550 if (((params->flags & WPA_DRIVER_MESH_CONF_FLAG_AUTO_PLINKS) &&
10551 nla_put_u8(msg, NL80211_MESHCONF_AUTO_OPEN_PLINKS,
10552 params->auto_plinks)) ||
10553 ((params->flags & WPA_DRIVER_MESH_CONF_FLAG_MAX_PEER_LINKS) &&
10554 nla_put_u16(msg, NL80211_MESHCONF_MAX_PEER_LINKS,
10555 params->max_peer_links)) ||
10556 ((params->flags & WPA_DRIVER_MESH_CONF_FLAG_RSSI_THRESHOLD) &&
10557 nla_put_u32(msg, NL80211_MESHCONF_RSSI_THRESHOLD,
10558 params->rssi_threshold)))
10559 return -1;
10560
10561 /*
10562 * Set NL80211_MESHCONF_PLINK_TIMEOUT even if user mpm is used because
10563 * the timer could disconnect stations even in that case.
10564 */
10565 if ((params->flags & WPA_DRIVER_MESH_CONF_FLAG_PEER_LINK_TIMEOUT) &&
10566 nla_put_u32(msg, NL80211_MESHCONF_PLINK_TIMEOUT,
10567 params->peer_link_timeout)) {
10568 wpa_printf(MSG_ERROR, "nl80211: Failed to set PLINK_TIMEOUT");
10569 return -1;
10570 }
10571
10572 if ((params->flags & WPA_DRIVER_MESH_CONF_FLAG_HT_OP_MODE) &&
10573 nla_put_u16(msg, NL80211_MESHCONF_HT_OPMODE, params->ht_opmode)) {
10574 wpa_printf(MSG_ERROR, "nl80211: Failed to set HT_OP_MODE");
10575 return -1;
10576 }
10577
10578 nla_nest_end(msg, container);
10579
10580 return 0;
10581 }
10582
10583
nl80211_join_mesh(struct i802_bss * bss,struct wpa_driver_mesh_join_params * params)10584 static int nl80211_join_mesh(struct i802_bss *bss,
10585 struct wpa_driver_mesh_join_params *params)
10586 {
10587 struct wpa_driver_nl80211_data *drv = bss->drv;
10588 struct nl_msg *msg;
10589 struct nlattr *container;
10590 int ret = -1;
10591
10592 wpa_printf(MSG_DEBUG, "nl80211: mesh join (ifindex=%d)", drv->ifindex);
10593 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_JOIN_MESH);
10594 if (!msg ||
10595 nl80211_put_freq_params(msg, ¶ms->freq) ||
10596 nl80211_put_basic_rates(msg, params->basic_rates) ||
10597 nl80211_put_mesh_id(msg, params->meshid, params->meshid_len) ||
10598 nl80211_put_beacon_int(msg, params->beacon_int) ||
10599 nl80211_put_dtim_period(msg, params->dtim_period))
10600 goto fail;
10601
10602 wpa_printf(MSG_DEBUG, " * flags=%08X", params->flags);
10603
10604 if (params->handle_dfs && nla_put_flag(msg, NL80211_ATTR_HANDLE_DFS))
10605 goto fail;
10606
10607 container = nla_nest_start(msg, NL80211_ATTR_MESH_SETUP);
10608 if (!container)
10609 goto fail;
10610
10611 if (params->ies) {
10612 wpa_hexdump(MSG_DEBUG, " * IEs", params->ies, params->ie_len);
10613 if (nla_put(msg, NL80211_MESH_SETUP_IE, params->ie_len,
10614 params->ies))
10615 goto fail;
10616 }
10617 /* WPA_DRIVER_MESH_FLAG_OPEN_AUTH is treated as default by nl80211 */
10618 if (params->flags & WPA_DRIVER_MESH_FLAG_SAE_AUTH) {
10619 if (nla_put_u8(msg, NL80211_MESH_SETUP_AUTH_PROTOCOL, 0x1) ||
10620 nla_put_flag(msg, NL80211_MESH_SETUP_USERSPACE_AUTH))
10621 goto fail;
10622 }
10623 if ((params->flags & WPA_DRIVER_MESH_FLAG_AMPE) &&
10624 nla_put_flag(msg, NL80211_MESH_SETUP_USERSPACE_AMPE))
10625 goto fail;
10626 if ((params->flags & WPA_DRIVER_MESH_FLAG_USER_MPM) &&
10627 nla_put_flag(msg, NL80211_MESH_SETUP_USERSPACE_MPM))
10628 goto fail;
10629 nla_nest_end(msg, container);
10630
10631 params->conf.flags |= WPA_DRIVER_MESH_CONF_FLAG_AUTO_PLINKS;
10632 params->conf.flags |= WPA_DRIVER_MESH_CONF_FLAG_PEER_LINK_TIMEOUT;
10633 params->conf.flags |= WPA_DRIVER_MESH_CONF_FLAG_MAX_PEER_LINKS;
10634 if (nl80211_put_mesh_config(msg, ¶ms->conf) < 0)
10635 goto fail;
10636
10637 ret = send_and_recv_msgs_owner(drv, msg, get_connect_handle(bss), 1,
10638 NULL, NULL, NULL, NULL);
10639 msg = NULL;
10640 if (ret) {
10641 wpa_printf(MSG_DEBUG, "nl80211: mesh join failed: ret=%d (%s)",
10642 ret, strerror(-ret));
10643 goto fail;
10644 }
10645 ret = 0;
10646 drv->assoc_freq = bss->freq = params->freq.freq;
10647 wpa_printf(MSG_DEBUG, "nl80211: mesh join request send successfully");
10648
10649 fail:
10650 nlmsg_free(msg);
10651 return ret;
10652 }
10653
10654
10655 static int
wpa_driver_nl80211_join_mesh(void * priv,struct wpa_driver_mesh_join_params * params)10656 wpa_driver_nl80211_join_mesh(void *priv,
10657 struct wpa_driver_mesh_join_params *params)
10658 {
10659 struct i802_bss *bss = priv;
10660 int ret, timeout;
10661
10662 timeout = params->conf.peer_link_timeout;
10663
10664 /* Disable kernel inactivity timer */
10665 if (params->flags & WPA_DRIVER_MESH_FLAG_USER_MPM)
10666 params->conf.peer_link_timeout = 0;
10667
10668 ret = nl80211_join_mesh(bss, params);
10669 if (ret == -EINVAL && params->conf.peer_link_timeout == 0) {
10670 wpa_printf(MSG_DEBUG,
10671 "nl80211: Mesh join retry for peer_link_timeout");
10672 /*
10673 * Old kernel does not support setting
10674 * NL80211_MESHCONF_PLINK_TIMEOUT to zero, so set 60 seconds
10675 * into future from peer_link_timeout.
10676 */
10677 params->conf.peer_link_timeout = timeout + 60;
10678 ret = nl80211_join_mesh(priv, params);
10679 }
10680
10681 params->conf.peer_link_timeout = timeout;
10682 return ret;
10683 }
10684
10685
wpa_driver_nl80211_leave_mesh(void * priv)10686 static int wpa_driver_nl80211_leave_mesh(void *priv)
10687 {
10688 struct i802_bss *bss = priv;
10689 struct wpa_driver_nl80211_data *drv = bss->drv;
10690 struct nl_msg *msg;
10691 int ret;
10692
10693 wpa_printf(MSG_DEBUG, "nl80211: mesh leave (ifindex=%d)", drv->ifindex);
10694 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_LEAVE_MESH);
10695 ret = send_and_recv_msgs_owner(drv, msg, get_connect_handle(bss), 0,
10696 NULL, NULL, NULL, NULL);
10697 if (ret) {
10698 wpa_printf(MSG_DEBUG, "nl80211: mesh leave failed: ret=%d (%s)",
10699 ret, strerror(-ret));
10700 } else {
10701 wpa_printf(MSG_DEBUG,
10702 "nl80211: mesh leave request send successfully");
10703 }
10704
10705 if (wpa_driver_nl80211_set_mode(drv->first_bss,
10706 NL80211_IFTYPE_STATION)) {
10707 wpa_printf(MSG_INFO,
10708 "nl80211: Failed to set interface into station mode");
10709 }
10710 return ret;
10711 }
10712
10713
nl80211_probe_mesh_link(void * priv,const u8 * addr,const u8 * eth,size_t len)10714 static int nl80211_probe_mesh_link(void *priv, const u8 *addr, const u8 *eth,
10715 size_t len)
10716 {
10717 struct i802_bss *bss = priv;
10718 struct wpa_driver_nl80211_data *drv = bss->drv;
10719 struct nl_msg *msg;
10720 int ret;
10721
10722 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_PROBE_MESH_LINK);
10723 if (!msg ||
10724 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr) ||
10725 nla_put(msg, NL80211_ATTR_FRAME, len, eth)) {
10726 nlmsg_free(msg);
10727 return -ENOBUFS;
10728 }
10729
10730 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
10731 if (ret) {
10732 wpa_printf(MSG_DEBUG, "nl80211: mesh link probe to " MACSTR
10733 " failed: ret=%d (%s)",
10734 MAC2STR(addr), ret, strerror(-ret));
10735 } else {
10736 wpa_printf(MSG_DEBUG, "nl80211: Mesh link to " MACSTR
10737 " probed successfully", MAC2STR(addr));
10738 }
10739
10740 return ret;
10741 }
10742
10743 #endif /* CONFIG_MESH */
10744
10745
wpa_driver_br_add_ip_neigh(void * priv,u8 version,const u8 * ipaddr,int prefixlen,const u8 * addr)10746 static int wpa_driver_br_add_ip_neigh(void *priv, u8 version,
10747 const u8 *ipaddr, int prefixlen,
10748 const u8 *addr)
10749 {
10750 #ifdef CONFIG_LIBNL3_ROUTE
10751 struct i802_bss *bss = priv;
10752 struct wpa_driver_nl80211_data *drv = bss->drv;
10753 struct rtnl_neigh *rn;
10754 struct nl_addr *nl_ipaddr = NULL;
10755 struct nl_addr *nl_lladdr = NULL;
10756 int family, addrsize;
10757 int res;
10758
10759 if (!ipaddr || prefixlen == 0 || !addr)
10760 return -EINVAL;
10761
10762 if (bss->br_ifindex == 0) {
10763 wpa_printf(MSG_DEBUG,
10764 "nl80211: bridge must be set before adding an ip neigh to it");
10765 return -1;
10766 }
10767
10768 if (!drv->rtnl_sk) {
10769 wpa_printf(MSG_DEBUG,
10770 "nl80211: nl_sock for NETLINK_ROUTE is not initialized");
10771 return -1;
10772 }
10773
10774 if (version == 4) {
10775 family = AF_INET;
10776 addrsize = 4;
10777 } else if (version == 6) {
10778 family = AF_INET6;
10779 addrsize = 16;
10780 } else {
10781 return -EINVAL;
10782 }
10783
10784 rn = rtnl_neigh_alloc();
10785 if (rn == NULL)
10786 return -ENOMEM;
10787
10788 /* set the destination ip address for neigh */
10789 nl_ipaddr = nl_addr_build(family, (void *) ipaddr, addrsize);
10790 if (nl_ipaddr == NULL) {
10791 wpa_printf(MSG_DEBUG, "nl80211: nl_ipaddr build failed");
10792 res = -ENOMEM;
10793 goto errout;
10794 }
10795 nl_addr_set_prefixlen(nl_ipaddr, prefixlen);
10796 res = rtnl_neigh_set_dst(rn, nl_ipaddr);
10797 if (res) {
10798 wpa_printf(MSG_DEBUG,
10799 "nl80211: neigh set destination addr failed");
10800 goto errout;
10801 }
10802
10803 /* set the corresponding lladdr for neigh */
10804 nl_lladdr = nl_addr_build(AF_BRIDGE, (u8 *) addr, ETH_ALEN);
10805 if (nl_lladdr == NULL) {
10806 wpa_printf(MSG_DEBUG, "nl80211: neigh set lladdr failed");
10807 res = -ENOMEM;
10808 goto errout;
10809 }
10810 rtnl_neigh_set_lladdr(rn, nl_lladdr);
10811
10812 rtnl_neigh_set_ifindex(rn, bss->br_ifindex);
10813 rtnl_neigh_set_state(rn, NUD_PERMANENT);
10814
10815 res = rtnl_neigh_add(drv->rtnl_sk, rn, NLM_F_CREATE);
10816 if (res) {
10817 wpa_printf(MSG_DEBUG,
10818 "nl80211: Adding bridge ip neigh failed: %s",
10819 nl_geterror(res));
10820 }
10821 errout:
10822 if (nl_lladdr)
10823 nl_addr_put(nl_lladdr);
10824 if (nl_ipaddr)
10825 nl_addr_put(nl_ipaddr);
10826 if (rn)
10827 rtnl_neigh_put(rn);
10828 return res;
10829 #else /* CONFIG_LIBNL3_ROUTE */
10830 return -1;
10831 #endif /* CONFIG_LIBNL3_ROUTE */
10832 }
10833
10834
wpa_driver_br_delete_ip_neigh(void * priv,u8 version,const u8 * ipaddr)10835 static int wpa_driver_br_delete_ip_neigh(void *priv, u8 version,
10836 const u8 *ipaddr)
10837 {
10838 #ifdef CONFIG_LIBNL3_ROUTE
10839 struct i802_bss *bss = priv;
10840 struct wpa_driver_nl80211_data *drv = bss->drv;
10841 struct rtnl_neigh *rn;
10842 struct nl_addr *nl_ipaddr;
10843 int family, addrsize;
10844 int res;
10845
10846 if (!ipaddr)
10847 return -EINVAL;
10848
10849 if (version == 4) {
10850 family = AF_INET;
10851 addrsize = 4;
10852 } else if (version == 6) {
10853 family = AF_INET6;
10854 addrsize = 16;
10855 } else {
10856 return -EINVAL;
10857 }
10858
10859 if (bss->br_ifindex == 0) {
10860 wpa_printf(MSG_DEBUG,
10861 "nl80211: bridge must be set to delete an ip neigh");
10862 return -1;
10863 }
10864
10865 if (!drv->rtnl_sk) {
10866 wpa_printf(MSG_DEBUG,
10867 "nl80211: nl_sock for NETLINK_ROUTE is not initialized");
10868 return -1;
10869 }
10870
10871 rn = rtnl_neigh_alloc();
10872 if (rn == NULL)
10873 return -ENOMEM;
10874
10875 /* set the destination ip address for neigh */
10876 nl_ipaddr = nl_addr_build(family, (void *) ipaddr, addrsize);
10877 if (nl_ipaddr == NULL) {
10878 wpa_printf(MSG_DEBUG, "nl80211: nl_ipaddr build failed");
10879 res = -ENOMEM;
10880 goto errout;
10881 }
10882 res = rtnl_neigh_set_dst(rn, nl_ipaddr);
10883 if (res) {
10884 wpa_printf(MSG_DEBUG,
10885 "nl80211: neigh set destination addr failed");
10886 goto errout;
10887 }
10888
10889 rtnl_neigh_set_ifindex(rn, bss->br_ifindex);
10890
10891 res = rtnl_neigh_delete(drv->rtnl_sk, rn, 0);
10892 if (res) {
10893 wpa_printf(MSG_DEBUG,
10894 "nl80211: Deleting bridge ip neigh failed: %s",
10895 nl_geterror(res));
10896 }
10897 errout:
10898 if (nl_ipaddr)
10899 nl_addr_put(nl_ipaddr);
10900 if (rn)
10901 rtnl_neigh_put(rn);
10902 return res;
10903 #else /* CONFIG_LIBNL3_ROUTE */
10904 return -1;
10905 #endif /* CONFIG_LIBNL3_ROUTE */
10906 }
10907
10908
linux_write_system_file(const char * path,unsigned int val)10909 static int linux_write_system_file(const char *path, unsigned int val)
10910 {
10911 char buf[50];
10912 int fd, len;
10913
10914 len = os_snprintf(buf, sizeof(buf), "%u\n", val);
10915 if (os_snprintf_error(sizeof(buf), len))
10916 return -1;
10917
10918 fd = open(path, O_WRONLY);
10919 if (fd < 0)
10920 return -1;
10921
10922 if (write(fd, buf, len) < 0) {
10923 wpa_printf(MSG_DEBUG,
10924 "nl80211: Failed to write Linux system file: %s with the value of %d",
10925 path, val);
10926 close(fd);
10927 return -1;
10928 }
10929 close(fd);
10930
10931 return 0;
10932 }
10933
10934
drv_br_port_attr_str(enum drv_br_port_attr attr)10935 static const char * drv_br_port_attr_str(enum drv_br_port_attr attr)
10936 {
10937 switch (attr) {
10938 case DRV_BR_PORT_ATTR_PROXYARP:
10939 return "proxyarp_wifi";
10940 case DRV_BR_PORT_ATTR_HAIRPIN_MODE:
10941 return "hairpin_mode";
10942 }
10943
10944 return NULL;
10945 }
10946
10947
wpa_driver_br_port_set_attr(void * priv,enum drv_br_port_attr attr,unsigned int val)10948 static int wpa_driver_br_port_set_attr(void *priv, enum drv_br_port_attr attr,
10949 unsigned int val)
10950 {
10951 struct i802_bss *bss = priv;
10952 char path[128];
10953 const char *attr_txt;
10954
10955 attr_txt = drv_br_port_attr_str(attr);
10956 if (attr_txt == NULL)
10957 return -EINVAL;
10958
10959 os_snprintf(path, sizeof(path), "/sys/class/net/%s/brport/%s",
10960 bss->ifname, attr_txt);
10961
10962 if (linux_write_system_file(path, val))
10963 return -1;
10964
10965 return 0;
10966 }
10967
10968
drv_br_net_param_str(enum drv_br_net_param param)10969 static const char * drv_br_net_param_str(enum drv_br_net_param param)
10970 {
10971 switch (param) {
10972 case DRV_BR_NET_PARAM_GARP_ACCEPT:
10973 return "arp_accept";
10974 default:
10975 return NULL;
10976 }
10977 }
10978
10979
wpa_driver_br_set_net_param(void * priv,enum drv_br_net_param param,unsigned int val)10980 static int wpa_driver_br_set_net_param(void *priv, enum drv_br_net_param param,
10981 unsigned int val)
10982 {
10983 struct i802_bss *bss = priv;
10984 char path[128];
10985 const char *param_txt;
10986 int ip_version = 4;
10987
10988 if (param == DRV_BR_MULTICAST_SNOOPING) {
10989 os_snprintf(path, sizeof(path),
10990 "/sys/devices/virtual/net/%s/bridge/multicast_snooping",
10991 bss->brname);
10992 goto set_val;
10993 }
10994
10995 param_txt = drv_br_net_param_str(param);
10996 if (param_txt == NULL)
10997 return -EINVAL;
10998
10999 switch (param) {
11000 case DRV_BR_NET_PARAM_GARP_ACCEPT:
11001 ip_version = 4;
11002 break;
11003 default:
11004 return -EINVAL;
11005 }
11006
11007 os_snprintf(path, sizeof(path), "/proc/sys/net/ipv%d/conf/%s/%s",
11008 ip_version, bss->brname, param_txt);
11009
11010 set_val:
11011 if (linux_write_system_file(path, val))
11012 return -1;
11013
11014 return 0;
11015 }
11016
11017
11018 #ifdef CONFIG_DRIVER_NL80211_QCA
11019
hw_mode_to_qca_acs(enum hostapd_hw_mode hw_mode)11020 static int hw_mode_to_qca_acs(enum hostapd_hw_mode hw_mode)
11021 {
11022 switch (hw_mode) {
11023 case HOSTAPD_MODE_IEEE80211B:
11024 return QCA_ACS_MODE_IEEE80211B;
11025 case HOSTAPD_MODE_IEEE80211G:
11026 return QCA_ACS_MODE_IEEE80211G;
11027 case HOSTAPD_MODE_IEEE80211A:
11028 return QCA_ACS_MODE_IEEE80211A;
11029 case HOSTAPD_MODE_IEEE80211AD:
11030 return QCA_ACS_MODE_IEEE80211AD;
11031 case HOSTAPD_MODE_IEEE80211ANY:
11032 return QCA_ACS_MODE_IEEE80211ANY;
11033 default:
11034 return -1;
11035 }
11036 }
11037
11038
add_acs_ch_list(struct nl_msg * msg,const int * freq_list)11039 static int add_acs_ch_list(struct nl_msg *msg, const int *freq_list)
11040 {
11041 int num_channels = 0, num_freqs;
11042 u8 *ch_list;
11043 enum hostapd_hw_mode hw_mode;
11044 int ret = 0;
11045 int i;
11046
11047 if (!freq_list)
11048 return 0;
11049
11050 num_freqs = int_array_len(freq_list);
11051 ch_list = os_malloc(sizeof(u8) * num_freqs);
11052 if (!ch_list)
11053 return -1;
11054
11055 for (i = 0; i < num_freqs; i++) {
11056 const int freq = freq_list[i];
11057
11058 if (freq == 0)
11059 break;
11060 /* Send 2.4 GHz and 5 GHz channels with
11061 * QCA_WLAN_VENDOR_ATTR_ACS_CH_LIST to maintain backwards
11062 * compatibility.
11063 */
11064 if (!(freq >= 2412 && freq <= 2484) &&
11065 !(freq >= 5180 && freq <= 5900))
11066 continue;
11067 hw_mode = ieee80211_freq_to_chan(freq, &ch_list[num_channels]);
11068 if (hw_mode != NUM_HOSTAPD_MODES)
11069 num_channels++;
11070 }
11071
11072 if (num_channels)
11073 ret = nla_put(msg, QCA_WLAN_VENDOR_ATTR_ACS_CH_LIST,
11074 num_channels, ch_list);
11075
11076 os_free(ch_list);
11077 return ret;
11078 }
11079
11080
add_acs_freq_list(struct nl_msg * msg,const int * freq_list)11081 static int add_acs_freq_list(struct nl_msg *msg, const int *freq_list)
11082 {
11083 int i, len, ret;
11084 u32 *freqs;
11085
11086 if (!freq_list)
11087 return 0;
11088 len = int_array_len(freq_list);
11089 freqs = os_malloc(sizeof(u32) * len);
11090 if (!freqs)
11091 return -1;
11092 for (i = 0; i < len; i++)
11093 freqs[i] = freq_list[i];
11094 ret = nla_put(msg, QCA_WLAN_VENDOR_ATTR_ACS_FREQ_LIST,
11095 sizeof(u32) * len, freqs);
11096 os_free(freqs);
11097 return ret;
11098 }
11099
11100
wpa_driver_do_acs(void * priv,struct drv_acs_params * params)11101 static int wpa_driver_do_acs(void *priv, struct drv_acs_params *params)
11102 {
11103 struct i802_bss *bss = priv;
11104 struct wpa_driver_nl80211_data *drv = bss->drv;
11105 struct nl_msg *msg;
11106 struct nlattr *data;
11107 int ret;
11108 int mode;
11109
11110 mode = hw_mode_to_qca_acs(params->hw_mode);
11111 if (mode < 0)
11112 return -1;
11113
11114 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) ||
11115 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) ||
11116 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD,
11117 QCA_NL80211_VENDOR_SUBCMD_DO_ACS) ||
11118 !(data = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) ||
11119 nla_put_u8(msg, QCA_WLAN_VENDOR_ATTR_ACS_HW_MODE, mode) ||
11120 (params->ht_enabled &&
11121 nla_put_flag(msg, QCA_WLAN_VENDOR_ATTR_ACS_HT_ENABLED)) ||
11122 (params->ht40_enabled &&
11123 nla_put_flag(msg, QCA_WLAN_VENDOR_ATTR_ACS_HT40_ENABLED)) ||
11124 (params->vht_enabled &&
11125 nla_put_flag(msg, QCA_WLAN_VENDOR_ATTR_ACS_VHT_ENABLED)) ||
11126 nla_put_u16(msg, QCA_WLAN_VENDOR_ATTR_ACS_CHWIDTH,
11127 params->ch_width) ||
11128 add_acs_ch_list(msg, params->freq_list) ||
11129 add_acs_freq_list(msg, params->freq_list) ||
11130 (params->edmg_enabled &&
11131 nla_put_flag(msg, QCA_WLAN_VENDOR_ATTR_ACS_EDMG_ENABLED))) {
11132 nlmsg_free(msg);
11133 return -ENOBUFS;
11134 }
11135 nla_nest_end(msg, data);
11136
11137 wpa_printf(MSG_DEBUG,
11138 "nl80211: ACS Params: HW_MODE: %d HT: %d HT40: %d VHT: %d BW: %d EDMG: %d",
11139 params->hw_mode, params->ht_enabled, params->ht40_enabled,
11140 params->vht_enabled, params->ch_width, params->edmg_enabled);
11141
11142 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
11143 if (ret) {
11144 wpa_printf(MSG_DEBUG,
11145 "nl80211: Failed to invoke driver ACS function: %s",
11146 strerror(-ret));
11147 }
11148 return ret;
11149 }
11150
11151
nl80211_set_band(void * priv,u32 band_mask)11152 static int nl80211_set_band(void *priv, u32 band_mask)
11153 {
11154 struct i802_bss *bss = priv;
11155 struct wpa_driver_nl80211_data *drv = bss->drv;
11156 struct nl_msg *msg;
11157 struct nlattr *data;
11158 int ret;
11159 enum qca_set_band qca_band_value;
11160 u32 qca_band_mask = QCA_SETBAND_AUTO;
11161
11162 if (!drv->setband_vendor_cmd_avail ||
11163 (band_mask > (WPA_SETBAND_2G | WPA_SETBAND_5G | WPA_SETBAND_6G)))
11164 return -1;
11165
11166 if (band_mask & WPA_SETBAND_5G)
11167 qca_band_mask |= QCA_SETBAND_5G;
11168 if (band_mask & WPA_SETBAND_2G)
11169 qca_band_mask |= QCA_SETBAND_2G;
11170 if (band_mask & WPA_SETBAND_6G)
11171 qca_band_mask |= QCA_SETBAND_6G;
11172
11173 /*
11174 * QCA_WLAN_VENDOR_ATTR_SETBAND_VALUE is a legacy interface hence make
11175 * it suite to its values (AUTO/5G/2G) for backwards compatibility.
11176 */
11177 qca_band_value = ((qca_band_mask & QCA_SETBAND_5G) &&
11178 (qca_band_mask & QCA_SETBAND_2G)) ?
11179 QCA_SETBAND_AUTO :
11180 qca_band_mask & ~QCA_SETBAND_6G;
11181
11182 wpa_printf(MSG_DEBUG,
11183 "nl80211: QCA_BAND_MASK = 0x%x, QCA_BAND_VALUE = %d",
11184 qca_band_mask, qca_band_value);
11185
11186 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) ||
11187 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) ||
11188 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD,
11189 QCA_NL80211_VENDOR_SUBCMD_SETBAND) ||
11190 !(data = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) ||
11191 nla_put_u32(msg, QCA_WLAN_VENDOR_ATTR_SETBAND_VALUE,
11192 qca_band_value) ||
11193 nla_put_u32(msg, QCA_WLAN_VENDOR_ATTR_SETBAND_MASK,
11194 qca_band_mask)) {
11195 nlmsg_free(msg);
11196 return -ENOBUFS;
11197 }
11198 nla_nest_end(msg, data);
11199
11200 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
11201 if (ret) {
11202 wpa_printf(MSG_DEBUG,
11203 "nl80211: Driver setband function failed: %s",
11204 strerror(-ret));
11205 }
11206 return ret;
11207 }
11208
11209
11210 struct nl80211_pcl {
11211 unsigned int num;
11212 unsigned int *freq_list;
11213 };
11214
preferred_freq_info_handler(struct nl_msg * msg,void * arg)11215 static int preferred_freq_info_handler(struct nl_msg *msg, void *arg)
11216 {
11217 struct nlattr *tb[NL80211_ATTR_MAX + 1];
11218 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
11219 struct nl80211_pcl *param = arg;
11220 struct nlattr *nl_vend, *attr;
11221 enum qca_iface_type iface_type;
11222 struct nlattr *tb_vendor[QCA_WLAN_VENDOR_ATTR_MAX + 1];
11223 unsigned int num, max_num;
11224 u32 *freqs;
11225
11226 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
11227 genlmsg_attrlen(gnlh, 0), NULL);
11228
11229 nl_vend = tb[NL80211_ATTR_VENDOR_DATA];
11230 if (!nl_vend)
11231 return NL_SKIP;
11232
11233 nla_parse(tb_vendor, QCA_WLAN_VENDOR_ATTR_MAX,
11234 nla_data(nl_vend), nla_len(nl_vend), NULL);
11235
11236 attr = tb_vendor[
11237 QCA_WLAN_VENDOR_ATTR_GET_PREFERRED_FREQ_LIST_IFACE_TYPE];
11238 if (!attr) {
11239 wpa_printf(MSG_ERROR, "nl80211: iface_type couldn't be found");
11240 param->num = 0;
11241 return NL_SKIP;
11242 }
11243
11244 iface_type = (enum qca_iface_type) nla_get_u32(attr);
11245 wpa_printf(MSG_DEBUG, "nl80211: Driver returned iface_type=%d",
11246 iface_type);
11247
11248 attr = tb_vendor[QCA_WLAN_VENDOR_ATTR_GET_PREFERRED_FREQ_LIST];
11249 if (!attr) {
11250 wpa_printf(MSG_ERROR,
11251 "nl80211: preferred_freq_list couldn't be found");
11252 param->num = 0;
11253 return NL_SKIP;
11254 }
11255
11256 /*
11257 * param->num has the maximum number of entries for which there
11258 * is room in the freq_list provided by the caller.
11259 */
11260 freqs = nla_data(attr);
11261 max_num = nla_len(attr) / sizeof(u32);
11262 if (max_num > param->num)
11263 max_num = param->num;
11264 for (num = 0; num < max_num; num++)
11265 param->freq_list[num] = freqs[num];
11266 param->num = num;
11267
11268 return NL_SKIP;
11269 }
11270
11271
nl80211_get_pref_freq_list(void * priv,enum wpa_driver_if_type if_type,unsigned int * num,unsigned int * freq_list)11272 static int nl80211_get_pref_freq_list(void *priv,
11273 enum wpa_driver_if_type if_type,
11274 unsigned int *num,
11275 unsigned int *freq_list)
11276 {
11277 struct i802_bss *bss = priv;
11278 struct wpa_driver_nl80211_data *drv = bss->drv;
11279 struct nl_msg *msg;
11280 int ret;
11281 unsigned int i;
11282 struct nlattr *params;
11283 struct nl80211_pcl param;
11284 enum qca_iface_type iface_type;
11285
11286 if (!drv->get_pref_freq_list)
11287 return -1;
11288
11289 switch (if_type) {
11290 case WPA_IF_STATION:
11291 iface_type = QCA_IFACE_TYPE_STA;
11292 break;
11293 case WPA_IF_AP_BSS:
11294 iface_type = QCA_IFACE_TYPE_AP;
11295 break;
11296 case WPA_IF_P2P_GO:
11297 iface_type = QCA_IFACE_TYPE_P2P_GO;
11298 break;
11299 case WPA_IF_P2P_CLIENT:
11300 iface_type = QCA_IFACE_TYPE_P2P_CLIENT;
11301 break;
11302 case WPA_IF_IBSS:
11303 iface_type = QCA_IFACE_TYPE_IBSS;
11304 break;
11305 case WPA_IF_TDLS:
11306 iface_type = QCA_IFACE_TYPE_TDLS;
11307 break;
11308 default:
11309 return -1;
11310 }
11311
11312 param.num = *num;
11313 param.freq_list = freq_list;
11314
11315 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) ||
11316 nla_put_u32(msg, NL80211_ATTR_IFINDEX, drv->ifindex) ||
11317 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) ||
11318 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD,
11319 QCA_NL80211_VENDOR_SUBCMD_GET_PREFERRED_FREQ_LIST) ||
11320 !(params = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) ||
11321 nla_put_u32(msg,
11322 QCA_WLAN_VENDOR_ATTR_GET_PREFERRED_FREQ_LIST_IFACE_TYPE,
11323 iface_type)) {
11324 wpa_printf(MSG_ERROR,
11325 "%s: err in adding vendor_cmd and vendor_data",
11326 __func__);
11327 nlmsg_free(msg);
11328 return -1;
11329 }
11330 nla_nest_end(msg, params);
11331
11332 os_memset(freq_list, 0, *num * sizeof(freq_list[0]));
11333 ret = send_and_recv_msgs(drv, msg, preferred_freq_info_handler, ¶m,
11334 NULL, NULL);
11335 if (ret) {
11336 wpa_printf(MSG_ERROR,
11337 "%s: err in send_and_recv_msgs", __func__);
11338 return ret;
11339 }
11340
11341 *num = param.num;
11342
11343 for (i = 0; i < *num; i++) {
11344 wpa_printf(MSG_DEBUG, "nl80211: preferred_channel_list[%d]=%d",
11345 i, freq_list[i]);
11346 }
11347
11348 return 0;
11349 }
11350
11351
nl80211_set_prob_oper_freq(void * priv,unsigned int freq)11352 static int nl80211_set_prob_oper_freq(void *priv, unsigned int freq)
11353 {
11354 struct i802_bss *bss = priv;
11355 struct wpa_driver_nl80211_data *drv = bss->drv;
11356 struct nl_msg *msg;
11357 int ret;
11358 struct nlattr *params;
11359
11360 if (!drv->set_prob_oper_freq)
11361 return -1;
11362
11363 wpa_printf(MSG_DEBUG,
11364 "nl80211: Set P2P probable operating freq %u for ifindex %d",
11365 freq, bss->ifindex);
11366
11367 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) ||
11368 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) ||
11369 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD,
11370 QCA_NL80211_VENDOR_SUBCMD_SET_PROBABLE_OPER_CHANNEL) ||
11371 !(params = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) ||
11372 nla_put_u32(msg,
11373 QCA_WLAN_VENDOR_ATTR_PROBABLE_OPER_CHANNEL_IFACE_TYPE,
11374 QCA_IFACE_TYPE_P2P_CLIENT) ||
11375 nla_put_u32(msg,
11376 QCA_WLAN_VENDOR_ATTR_PROBABLE_OPER_CHANNEL_FREQ,
11377 freq)) {
11378 wpa_printf(MSG_ERROR,
11379 "%s: err in adding vendor_cmd and vendor_data",
11380 __func__);
11381 nlmsg_free(msg);
11382 return -1;
11383 }
11384 nla_nest_end(msg, params);
11385
11386 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
11387 msg = NULL;
11388 if (ret) {
11389 wpa_printf(MSG_ERROR, "%s: err in send_and_recv_msgs",
11390 __func__);
11391 return ret;
11392 }
11393 nlmsg_free(msg);
11394 return 0;
11395 }
11396
11397
nl80211_p2p_lo_start(void * priv,unsigned int freq,unsigned int period,unsigned int interval,unsigned int count,const u8 * device_types,size_t dev_types_len,const u8 * ies,size_t ies_len)11398 static int nl80211_p2p_lo_start(void *priv, unsigned int freq,
11399 unsigned int period, unsigned int interval,
11400 unsigned int count, const u8 *device_types,
11401 size_t dev_types_len,
11402 const u8 *ies, size_t ies_len)
11403 {
11404 struct i802_bss *bss = priv;
11405 struct wpa_driver_nl80211_data *drv = bss->drv;
11406 struct nl_msg *msg;
11407 struct nlattr *container;
11408 int ret;
11409
11410 wpa_printf(MSG_DEBUG,
11411 "nl80211: Start P2P Listen offload: freq=%u, period=%u, interval=%u, count=%u",
11412 freq, period, interval, count);
11413
11414 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_P2P_LISTEN_OFFLOAD))
11415 return -1;
11416
11417 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) ||
11418 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) ||
11419 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD,
11420 QCA_NL80211_VENDOR_SUBCMD_P2P_LISTEN_OFFLOAD_START))
11421 goto fail;
11422
11423 container = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA);
11424 if (!container)
11425 goto fail;
11426
11427 if (nla_put_u32(msg, QCA_WLAN_VENDOR_ATTR_P2P_LISTEN_OFFLOAD_CHANNEL,
11428 freq) ||
11429 nla_put_u32(msg, QCA_WLAN_VENDOR_ATTR_P2P_LISTEN_OFFLOAD_PERIOD,
11430 period) ||
11431 nla_put_u32(msg, QCA_WLAN_VENDOR_ATTR_P2P_LISTEN_OFFLOAD_INTERVAL,
11432 interval) ||
11433 nla_put_u32(msg, QCA_WLAN_VENDOR_ATTR_P2P_LISTEN_OFFLOAD_COUNT,
11434 count) ||
11435 nla_put(msg, QCA_WLAN_VENDOR_ATTR_P2P_LISTEN_OFFLOAD_DEVICE_TYPES,
11436 dev_types_len, device_types) ||
11437 nla_put(msg, QCA_WLAN_VENDOR_ATTR_P2P_LISTEN_OFFLOAD_VENDOR_IE,
11438 ies_len, ies))
11439 goto fail;
11440
11441 nla_nest_end(msg, container);
11442 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
11443 msg = NULL;
11444 if (ret) {
11445 wpa_printf(MSG_DEBUG,
11446 "nl80211: Failed to send P2P Listen offload vendor command");
11447 goto fail;
11448 }
11449
11450 return 0;
11451
11452 fail:
11453 nlmsg_free(msg);
11454 return -1;
11455 }
11456
11457
nl80211_p2p_lo_stop(void * priv)11458 static int nl80211_p2p_lo_stop(void *priv)
11459 {
11460 struct i802_bss *bss = priv;
11461 struct wpa_driver_nl80211_data *drv = bss->drv;
11462 struct nl_msg *msg;
11463
11464 wpa_printf(MSG_DEBUG, "nl80211: Stop P2P Listen offload");
11465
11466 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_P2P_LISTEN_OFFLOAD))
11467 return -1;
11468
11469 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) ||
11470 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) ||
11471 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD,
11472 QCA_NL80211_VENDOR_SUBCMD_P2P_LISTEN_OFFLOAD_STOP)) {
11473 nlmsg_free(msg);
11474 return -1;
11475 }
11476
11477 return send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
11478 }
11479
11480
nl80211_set_tdls_mode(void * priv,int tdls_external_control)11481 static int nl80211_set_tdls_mode(void *priv, int tdls_external_control)
11482 {
11483 struct i802_bss *bss = priv;
11484 struct wpa_driver_nl80211_data *drv = bss->drv;
11485 struct nl_msg *msg;
11486 struct nlattr *params;
11487 int ret;
11488 u32 tdls_mode;
11489
11490 wpa_printf(MSG_DEBUG,
11491 "nl80211: Set TDKS mode: tdls_external_control=%d",
11492 tdls_external_control);
11493
11494 if (tdls_external_control == 1)
11495 tdls_mode = QCA_WLAN_VENDOR_TDLS_TRIGGER_MODE_IMPLICIT |
11496 QCA_WLAN_VENDOR_TDLS_TRIGGER_MODE_EXTERNAL;
11497 else
11498 tdls_mode = QCA_WLAN_VENDOR_TDLS_TRIGGER_MODE_EXPLICIT;
11499
11500 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) ||
11501 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) ||
11502 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD,
11503 QCA_NL80211_VENDOR_SUBCMD_CONFIGURE_TDLS))
11504 goto fail;
11505
11506 params = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA);
11507 if (!params)
11508 goto fail;
11509
11510 if (nla_put_u32(msg, QCA_WLAN_VENDOR_ATTR_TDLS_CONFIG_TRIGGER_MODE,
11511 tdls_mode))
11512 goto fail;
11513
11514 nla_nest_end(msg, params);
11515
11516 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
11517 msg = NULL;
11518 if (ret) {
11519 wpa_printf(MSG_ERROR,
11520 "nl80211: Set TDLS mode failed: ret=%d (%s)",
11521 ret, strerror(-ret));
11522 goto fail;
11523 }
11524 return 0;
11525 fail:
11526 nlmsg_free(msg);
11527 return -1;
11528 }
11529
11530
11531 #ifdef CONFIG_MBO
11532
11533 static enum mbo_transition_reject_reason
nl80211_mbo_reject_reason_mapping(enum qca_wlan_btm_candidate_status status)11534 nl80211_mbo_reject_reason_mapping(enum qca_wlan_btm_candidate_status status)
11535 {
11536 switch (status) {
11537 case QCA_STATUS_REJECT_EXCESSIVE_FRAME_LOSS_EXPECTED:
11538 return MBO_TRANSITION_REJECT_REASON_FRAME_LOSS;
11539 case QCA_STATUS_REJECT_EXCESSIVE_DELAY_EXPECTED:
11540 return MBO_TRANSITION_REJECT_REASON_DELAY;
11541 case QCA_STATUS_REJECT_INSUFFICIENT_QOS_CAPACITY:
11542 return MBO_TRANSITION_REJECT_REASON_QOS_CAPACITY;
11543 case QCA_STATUS_REJECT_LOW_RSSI:
11544 return MBO_TRANSITION_REJECT_REASON_RSSI;
11545 case QCA_STATUS_REJECT_HIGH_INTERFERENCE:
11546 return MBO_TRANSITION_REJECT_REASON_INTERFERENCE;
11547 case QCA_STATUS_REJECT_UNKNOWN:
11548 default:
11549 return MBO_TRANSITION_REJECT_REASON_UNSPECIFIED;
11550 }
11551 }
11552
11553
nl80211_parse_btm_candidate_info(struct candidate_list * candidate,struct nlattr * tb[],int num)11554 static void nl80211_parse_btm_candidate_info(struct candidate_list *candidate,
11555 struct nlattr *tb[], int num)
11556 {
11557 enum qca_wlan_btm_candidate_status status;
11558 char buf[50];
11559
11560 os_memcpy(candidate->bssid,
11561 nla_data(tb[QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO_BSSID]),
11562 ETH_ALEN);
11563
11564 status = nla_get_u32(
11565 tb[QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO_STATUS]);
11566 candidate->is_accept = status == QCA_STATUS_ACCEPT;
11567 candidate->reject_reason = nl80211_mbo_reject_reason_mapping(status);
11568
11569 if (candidate->is_accept)
11570 os_snprintf(buf, sizeof(buf), "Accepted");
11571 else
11572 os_snprintf(buf, sizeof(buf),
11573 "Rejected, Reject_reason: %d",
11574 candidate->reject_reason);
11575 wpa_printf(MSG_DEBUG, "nl80211: BSSID[%d]: " MACSTR " %s",
11576 num, MAC2STR(candidate->bssid), buf);
11577 }
11578
11579
11580 static int
nl80211_get_bss_transition_status_handler(struct nl_msg * msg,void * arg)11581 nl80211_get_bss_transition_status_handler(struct nl_msg *msg, void *arg)
11582 {
11583 struct wpa_bss_candidate_info *info = arg;
11584 struct candidate_list *candidate = info->candidates;
11585 struct nlattr *tb_msg[NL80211_ATTR_MAX + 1];
11586 struct nlattr *tb_vendor[QCA_WLAN_VENDOR_ATTR_MAX + 1];
11587 struct nlattr *tb[QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO_MAX + 1];
11588 static struct nla_policy policy[
11589 QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO_MAX + 1] = {
11590 [QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO_BSSID] = {
11591 .minlen = ETH_ALEN
11592 },
11593 [QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO_STATUS] = {
11594 .type = NLA_U32,
11595 },
11596 };
11597 struct nlattr *attr;
11598 int rem;
11599 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
11600 u8 num;
11601
11602 num = info->num; /* number of candidates sent to driver */
11603 info->num = 0;
11604 nla_parse(tb_msg, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
11605 genlmsg_attrlen(gnlh, 0), NULL);
11606
11607 if (!tb_msg[NL80211_ATTR_VENDOR_DATA] ||
11608 nla_parse_nested(tb_vendor, QCA_WLAN_VENDOR_ATTR_MAX,
11609 tb_msg[NL80211_ATTR_VENDOR_DATA], NULL) ||
11610 !tb_vendor[QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO])
11611 return NL_SKIP;
11612
11613 wpa_printf(MSG_DEBUG,
11614 "nl80211: WNM Candidate list received from driver");
11615 nla_for_each_nested(attr,
11616 tb_vendor[QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO],
11617 rem) {
11618 if (info->num >= num ||
11619 nla_parse_nested(
11620 tb, QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO_MAX,
11621 attr, policy) ||
11622 !tb[QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO_BSSID] ||
11623 !tb[QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO_STATUS])
11624 break;
11625
11626 nl80211_parse_btm_candidate_info(candidate, tb, info->num);
11627
11628 candidate++;
11629 info->num++;
11630 }
11631
11632 return NL_SKIP;
11633 }
11634
11635
11636 static struct wpa_bss_candidate_info *
nl80211_get_bss_transition_status(void * priv,struct wpa_bss_trans_info * params)11637 nl80211_get_bss_transition_status(void *priv, struct wpa_bss_trans_info *params)
11638 {
11639 struct i802_bss *bss = priv;
11640 struct wpa_driver_nl80211_data *drv = bss->drv;
11641 struct nl_msg *msg;
11642 struct nlattr *attr, *attr1, *attr2;
11643 struct wpa_bss_candidate_info *info;
11644 u8 i;
11645 int ret;
11646 u8 *pos;
11647
11648 if (!drv->fetch_bss_trans_status)
11649 return NULL;
11650
11651 info = os_zalloc(sizeof(*info));
11652 if (!info)
11653 return NULL;
11654 /* Allocate memory for number of candidates sent to driver */
11655 info->candidates = os_calloc(params->n_candidates,
11656 sizeof(*info->candidates));
11657 if (!info->candidates) {
11658 os_free(info);
11659 return NULL;
11660 }
11661
11662 /* Copy the number of candidates being sent to driver. This is used in
11663 * nl80211_get_bss_transition_status_handler() to limit the number of
11664 * candidates that can be populated in info->candidates and will be
11665 * later overwritten with the actual number of candidates received from
11666 * the driver.
11667 */
11668 info->num = params->n_candidates;
11669
11670 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) ||
11671 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) ||
11672 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD,
11673 QCA_NL80211_VENDOR_SUBCMD_FETCH_BSS_TRANSITION_STATUS))
11674 goto fail;
11675
11676 attr = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA);
11677 if (!attr)
11678 goto fail;
11679
11680 if (nla_put_u8(msg, QCA_WLAN_VENDOR_ATTR_BTM_MBO_TRANSITION_REASON,
11681 params->mbo_transition_reason))
11682 goto fail;
11683
11684 attr1 = nla_nest_start(msg, QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO);
11685 if (!attr1)
11686 goto fail;
11687
11688 wpa_printf(MSG_DEBUG,
11689 "nl80211: WNM Candidate list info sending to driver: mbo_transition_reason: %d n_candidates: %d",
11690 params->mbo_transition_reason, params->n_candidates);
11691 pos = params->bssid;
11692 for (i = 0; i < params->n_candidates; i++) {
11693 wpa_printf(MSG_DEBUG, "nl80211: BSSID[%d]: " MACSTR, i,
11694 MAC2STR(pos));
11695 attr2 = nla_nest_start(msg, i);
11696 if (!attr2 ||
11697 nla_put(msg, QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO_BSSID,
11698 ETH_ALEN, pos))
11699 goto fail;
11700 pos += ETH_ALEN;
11701 nla_nest_end(msg, attr2);
11702 }
11703
11704 nla_nest_end(msg, attr1);
11705 nla_nest_end(msg, attr);
11706
11707 ret = send_and_recv_msgs(drv, msg,
11708 nl80211_get_bss_transition_status_handler,
11709 info, NULL, NULL);
11710 msg = NULL;
11711 if (ret) {
11712 wpa_printf(MSG_ERROR,
11713 "nl80211: WNM Get BSS transition status failed: ret=%d (%s)",
11714 ret, strerror(-ret));
11715 goto fail;
11716 }
11717 return info;
11718
11719 fail:
11720 nlmsg_free(msg);
11721 os_free(info->candidates);
11722 os_free(info);
11723 return NULL;
11724 }
11725
11726
11727 /**
11728 * nl80211_ignore_assoc_disallow - Configure driver to ignore assoc_disallow
11729 * @priv: Pointer to private driver data from wpa_driver_nl80211_init()
11730 * @ignore_assoc_disallow: 0 to not ignore, 1 to ignore
11731 * Returns: 0 on success, -1 on failure
11732 */
nl80211_ignore_assoc_disallow(void * priv,int ignore_disallow)11733 static int nl80211_ignore_assoc_disallow(void *priv, int ignore_disallow)
11734 {
11735 struct i802_bss *bss = priv;
11736 struct wpa_driver_nl80211_data *drv = bss->drv;
11737 struct nl_msg *msg;
11738 struct nlattr *attr;
11739 int ret = -1;
11740
11741 if (!drv->set_wifi_conf_vendor_cmd_avail)
11742 return -1;
11743
11744 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) ||
11745 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) ||
11746 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD,
11747 QCA_NL80211_VENDOR_SUBCMD_SET_WIFI_CONFIGURATION))
11748 goto fail;
11749
11750 attr = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA);
11751 if (!attr)
11752 goto fail;
11753
11754 wpa_printf(MSG_DEBUG, "nl80211: Set ignore_assoc_disallow %d",
11755 ignore_disallow);
11756 if (nla_put_u8(msg, QCA_WLAN_VENDOR_ATTR_CONFIG_IGNORE_ASSOC_DISALLOWED,
11757 ignore_disallow))
11758 goto fail;
11759
11760 nla_nest_end(msg, attr);
11761
11762 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
11763 msg = NULL;
11764 if (ret) {
11765 wpa_printf(MSG_ERROR,
11766 "nl80211: Set ignore_assoc_disallow failed: ret=%d (%s)",
11767 ret, strerror(-ret));
11768 goto fail;
11769 }
11770
11771 fail:
11772 nlmsg_free(msg);
11773 return ret;
11774 }
11775
11776 #endif /* CONFIG_MBO */
11777
11778 #endif /* CONFIG_DRIVER_NL80211_QCA */
11779
11780
nl80211_write_to_file(const char * name,unsigned int val)11781 static int nl80211_write_to_file(const char *name, unsigned int val)
11782 {
11783 int fd, len;
11784 char tmp[128];
11785 int ret = 0;
11786
11787 fd = open(name, O_RDWR);
11788 if (fd < 0) {
11789 int level;
11790 /*
11791 * Flags may not exist on older kernels, or while we're tearing
11792 * down a disappearing device.
11793 */
11794 if (errno == ENOENT) {
11795 ret = 0;
11796 level = MSG_DEBUG;
11797 } else {
11798 ret = -1;
11799 level = MSG_ERROR;
11800 }
11801 wpa_printf(level, "nl80211: Failed to open %s: %s",
11802 name, strerror(errno));
11803 return ret;
11804 }
11805
11806 len = os_snprintf(tmp, sizeof(tmp), "%u\n", val);
11807 len = write(fd, tmp, len);
11808 if (len < 0) {
11809 ret = -1;
11810 wpa_printf(MSG_ERROR, "nl80211: Failed to write to %s: %s",
11811 name, strerror(errno));
11812 }
11813 close(fd);
11814
11815 return ret;
11816 }
11817
11818
nl80211_configure_data_frame_filters(void * priv,u32 filter_flags)11819 static int nl80211_configure_data_frame_filters(void *priv, u32 filter_flags)
11820 {
11821 struct i802_bss *bss = priv;
11822 char path[128];
11823 int ret;
11824
11825 /* P2P-Device has no netdev that can (or should) be configured here */
11826 if (nl80211_get_ifmode(bss) == NL80211_IFTYPE_P2P_DEVICE)
11827 return 0;
11828
11829 wpa_printf(MSG_DEBUG, "nl80211: Data frame filter flags=0x%x",
11830 filter_flags);
11831
11832 /* Configure filtering of unicast frame encrypted using GTK */
11833 ret = os_snprintf(path, sizeof(path),
11834 "/proc/sys/net/ipv4/conf/%s/drop_unicast_in_l2_multicast",
11835 bss->ifname);
11836 if (os_snprintf_error(sizeof(path), ret))
11837 return -1;
11838
11839 ret = nl80211_write_to_file(path,
11840 !!(filter_flags &
11841 WPA_DATA_FRAME_FILTER_FLAG_GTK));
11842 if (ret) {
11843 wpa_printf(MSG_ERROR,
11844 "nl80211: Failed to set IPv4 unicast in multicast filter");
11845 return ret;
11846 }
11847
11848 os_snprintf(path, sizeof(path),
11849 "/proc/sys/net/ipv6/conf/%s/drop_unicast_in_l2_multicast",
11850 bss->ifname);
11851 ret = nl80211_write_to_file(path,
11852 !!(filter_flags &
11853 WPA_DATA_FRAME_FILTER_FLAG_GTK));
11854
11855 if (ret) {
11856 wpa_printf(MSG_ERROR,
11857 "nl80211: Failed to set IPv6 unicast in multicast filter");
11858 return ret;
11859 }
11860
11861 /* Configure filtering of unicast frame encrypted using GTK */
11862 os_snprintf(path, sizeof(path),
11863 "/proc/sys/net/ipv4/conf/%s/drop_gratuitous_arp",
11864 bss->ifname);
11865 ret = nl80211_write_to_file(path,
11866 !!(filter_flags &
11867 WPA_DATA_FRAME_FILTER_FLAG_ARP));
11868 if (ret) {
11869 wpa_printf(MSG_ERROR,
11870 "nl80211: Failed set gratuitous ARP filter");
11871 return ret;
11872 }
11873
11874 /* Configure filtering of IPv6 NA frames */
11875 os_snprintf(path, sizeof(path),
11876 "/proc/sys/net/ipv6/conf/%s/drop_unsolicited_na",
11877 bss->ifname);
11878 ret = nl80211_write_to_file(path,
11879 !!(filter_flags &
11880 WPA_DATA_FRAME_FILTER_FLAG_NA));
11881 if (ret) {
11882 wpa_printf(MSG_ERROR,
11883 "nl80211: Failed to set unsolicited NA filter");
11884 return ret;
11885 }
11886
11887 return 0;
11888 }
11889
11890
nl80211_get_ext_capab(void * priv,enum wpa_driver_if_type type,const u8 ** ext_capa,const u8 ** ext_capa_mask,unsigned int * ext_capa_len)11891 static int nl80211_get_ext_capab(void *priv, enum wpa_driver_if_type type,
11892 const u8 **ext_capa, const u8 **ext_capa_mask,
11893 unsigned int *ext_capa_len)
11894 {
11895 struct i802_bss *bss = priv;
11896 struct wpa_driver_nl80211_data *drv = bss->drv;
11897 enum nl80211_iftype nlmode;
11898 unsigned int i;
11899
11900 if (!ext_capa || !ext_capa_mask || !ext_capa_len)
11901 return -1;
11902
11903 nlmode = wpa_driver_nl80211_if_type(type);
11904
11905 /* By default, use the per-radio values */
11906 *ext_capa = drv->extended_capa;
11907 *ext_capa_mask = drv->extended_capa_mask;
11908 *ext_capa_len = drv->extended_capa_len;
11909
11910 /* Replace the default value if a per-interface type value exists */
11911 for (i = 0; i < drv->num_iface_ext_capa; i++) {
11912 if (nlmode == drv->iface_ext_capa[i].iftype) {
11913 *ext_capa = drv->iface_ext_capa[i].ext_capa;
11914 *ext_capa_mask = drv->iface_ext_capa[i].ext_capa_mask;
11915 *ext_capa_len = drv->iface_ext_capa[i].ext_capa_len;
11916 break;
11917 }
11918 }
11919
11920 return 0;
11921 }
11922
11923
nl80211_update_connection_params(void * priv,struct wpa_driver_associate_params * params,enum wpa_drv_update_connect_params_mask mask)11924 static int nl80211_update_connection_params(
11925 void *priv, struct wpa_driver_associate_params *params,
11926 enum wpa_drv_update_connect_params_mask mask)
11927 {
11928 struct i802_bss *bss = priv;
11929 struct wpa_driver_nl80211_data *drv = bss->drv;
11930 struct nl_msg *msg;
11931 int ret = -1;
11932 enum nl80211_auth_type type;
11933
11934 /* Update Connection Params is intended for drivers that implement
11935 * internal SME and expect these updated connection params from
11936 * wpa_supplicant. Do not send this request for the drivers using
11937 * SME from wpa_supplicant.
11938 */
11939 if (drv->capa.flags & WPA_DRIVER_FLAGS_SME)
11940 return 0;
11941
11942 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_UPDATE_CONNECT_PARAMS);
11943 if (!msg)
11944 goto fail;
11945
11946 wpa_printf(MSG_DEBUG, "nl80211: Update connection params (ifindex=%d)",
11947 drv->ifindex);
11948
11949 if ((mask & WPA_DRV_UPDATE_ASSOC_IES) && params->wpa_ie) {
11950 if (nla_put(msg, NL80211_ATTR_IE, params->wpa_ie_len,
11951 params->wpa_ie))
11952 goto fail;
11953 wpa_hexdump(MSG_DEBUG, " * IEs", params->wpa_ie,
11954 params->wpa_ie_len);
11955 }
11956
11957 if (mask & WPA_DRV_UPDATE_AUTH_TYPE) {
11958 type = get_nl_auth_type(params->auth_alg);
11959 if (type == NL80211_AUTHTYPE_MAX ||
11960 nla_put_u32(msg, NL80211_ATTR_AUTH_TYPE, type))
11961 goto fail;
11962 wpa_printf(MSG_DEBUG, " * Auth Type %d", type);
11963 }
11964
11965 if ((mask & WPA_DRV_UPDATE_FILS_ERP_INFO) &&
11966 nl80211_put_fils_connect_params(drv, params, msg))
11967 goto fail;
11968
11969 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
11970 msg = NULL;
11971 if (ret)
11972 wpa_dbg(drv->ctx, MSG_DEBUG,
11973 "nl80211: Update connect params command failed: ret=%d (%s)",
11974 ret, strerror(-ret));
11975
11976 fail:
11977 nlmsg_free(msg);
11978 return ret;
11979 }
11980
11981
nl80211_send_external_auth_status(void * priv,struct external_auth * params)11982 static int nl80211_send_external_auth_status(void *priv,
11983 struct external_auth *params)
11984 {
11985 struct i802_bss *bss = priv;
11986 struct wpa_driver_nl80211_data *drv = bss->drv;
11987 struct nl_msg *msg = NULL;
11988 int ret = -1;
11989
11990 /* External auth command/status is intended for drivers that implement
11991 * internal SME but want to offload authentication processing (e.g.,
11992 * SAE) to hostapd/wpa_supplicant. Do not send the status to drivers
11993 * which do not support AP SME or use wpa_supplicant/hostapd SME.
11994 */
11995 if ((is_ap_interface(drv->nlmode) && !bss->drv->device_ap_sme) ||
11996 (drv->capa.flags & WPA_DRIVER_FLAGS_SME))
11997 return -1;
11998
11999 wpa_dbg(drv->ctx, MSG_DEBUG,
12000 "nl80211: External auth status: %u", params->status);
12001
12002 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_EXTERNAL_AUTH);
12003 if (!msg ||
12004 nla_put_u16(msg, NL80211_ATTR_STATUS_CODE, params->status) ||
12005 (params->ssid && params->ssid_len &&
12006 nla_put(msg, NL80211_ATTR_SSID, params->ssid_len, params->ssid)) ||
12007 (params->pmkid &&
12008 nla_put(msg, NL80211_ATTR_PMKID, PMKID_LEN, params->pmkid)) ||
12009 (params->bssid &&
12010 nla_put(msg, NL80211_ATTR_BSSID, ETH_ALEN, params->bssid)))
12011 goto fail;
12012 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
12013 msg = NULL;
12014 if (ret) {
12015 wpa_printf(MSG_DEBUG,
12016 "nl80211: External Auth status update failed: ret=%d (%s)",
12017 ret, strerror(-ret));
12018 goto fail;
12019 }
12020 fail:
12021 nlmsg_free(msg);
12022 return ret;
12023 }
12024
12025
nl80211_set_4addr_mode(void * priv,const char * bridge_ifname,int val)12026 static int nl80211_set_4addr_mode(void *priv, const char *bridge_ifname,
12027 int val)
12028 {
12029 struct i802_bss *bss = priv;
12030 struct wpa_driver_nl80211_data *drv = bss->drv;
12031 struct nl_msg *msg;
12032 int ret = -ENOBUFS;
12033
12034 wpa_printf(MSG_DEBUG, "nl80211: %s 4addr mode (bridge_ifname: %s)",
12035 val ? "Enable" : "Disable", bridge_ifname);
12036
12037 msg = nl80211_cmd_msg(drv->first_bss, 0, NL80211_CMD_SET_INTERFACE);
12038 if (!msg || nla_put_u8(msg, NL80211_ATTR_4ADDR, val))
12039 goto fail;
12040
12041 if (bridge_ifname[0] && bss->added_if_into_bridge && !val) {
12042 if (linux_br_del_if(drv->global->ioctl_sock,
12043 bridge_ifname, bss->ifname)) {
12044 wpa_printf(MSG_ERROR,
12045 "nl80211: Failed to remove interface %s from bridge %s",
12046 bss->ifname, bridge_ifname);
12047 return -1;
12048 }
12049 bss->added_if_into_bridge = 0;
12050 }
12051
12052 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
12053 msg = NULL;
12054 if (ret && val && nl80211_get_4addr(bss) == 1) {
12055 wpa_printf(MSG_DEBUG,
12056 "nl80211: 4addr mode was already enabled");
12057 ret = 0;
12058 }
12059 if (!ret) {
12060 if (bridge_ifname[0] && val &&
12061 i802_check_bridge(drv, bss, bridge_ifname, bss->ifname) < 0)
12062 return -1;
12063 return 0;
12064 }
12065
12066 fail:
12067 nlmsg_free(msg);
12068 wpa_printf(MSG_ERROR, "nl80211: Failed to enable/disable 4addr");
12069
12070 return ret;
12071 }
12072
12073
12074 #ifdef CONFIG_DPP
nl80211_dpp_listen(void * priv,bool enable)12075 static int nl80211_dpp_listen(void *priv, bool enable)
12076 {
12077 struct i802_bss *bss = priv;
12078 struct wpa_driver_nl80211_data *drv = bss->drv;
12079 u16 type = (WLAN_FC_TYPE_MGMT << 2) | (WLAN_FC_STYPE_ACTION << 4);
12080 struct nl_sock *handle;
12081
12082 if (!drv->multicast_registrations || !bss->nl_mgmt)
12083 return 0; /* cannot do more than hope broadcast RX works */
12084
12085 wpa_printf(MSG_DEBUG,
12086 "nl80211: Update DPP Public Action frame registration (%s multicast RX)",
12087 enable ? "enable" : "disable");
12088 handle = (void *) (((intptr_t) bss->nl_mgmt) ^ ELOOP_SOCKET_INVALID);
12089 return nl80211_register_frame(bss, handle, type,
12090 (u8 *) "\x04\x09\x50\x6f\x9a\x1a", 6,
12091 enable);
12092 }
12093 #endif /* CONFIG_DPP */
12094
12095
12096 const struct wpa_driver_ops wpa_driver_nl80211_ops = {
12097 .name = "nl80211",
12098 .desc = "Linux nl80211/cfg80211",
12099 .get_bssid = wpa_driver_nl80211_get_bssid,
12100 .get_ssid = wpa_driver_nl80211_get_ssid,
12101 .set_key = driver_nl80211_set_key,
12102 .scan2 = driver_nl80211_scan2,
12103 .sched_scan = wpa_driver_nl80211_sched_scan,
12104 .stop_sched_scan = wpa_driver_nl80211_stop_sched_scan,
12105 .get_scan_results2 = wpa_driver_nl80211_get_scan_results,
12106 .abort_scan = wpa_driver_nl80211_abort_scan,
12107 .deauthenticate = driver_nl80211_deauthenticate,
12108 .authenticate = driver_nl80211_authenticate,
12109 .associate = wpa_driver_nl80211_associate,
12110 .global_init = nl80211_global_init,
12111 .global_deinit = nl80211_global_deinit,
12112 .init2 = wpa_driver_nl80211_init,
12113 .deinit = driver_nl80211_deinit,
12114 .get_capa = wpa_driver_nl80211_get_capa,
12115 .set_operstate = wpa_driver_nl80211_set_operstate,
12116 .set_supp_port = wpa_driver_nl80211_set_supp_port,
12117 .set_country = wpa_driver_nl80211_set_country,
12118 .get_country = wpa_driver_nl80211_get_country,
12119 .set_ap = wpa_driver_nl80211_set_ap,
12120 .set_acl = wpa_driver_nl80211_set_acl,
12121 .if_add = wpa_driver_nl80211_if_add,
12122 .if_remove = driver_nl80211_if_remove,
12123 .send_mlme = driver_nl80211_send_mlme,
12124 .get_hw_feature_data = nl80211_get_hw_feature_data,
12125 .sta_add = wpa_driver_nl80211_sta_add,
12126 .sta_remove = driver_nl80211_sta_remove,
12127 .tx_control_port = nl80211_tx_control_port,
12128 .hapd_send_eapol = wpa_driver_nl80211_hapd_send_eapol,
12129 .sta_set_flags = wpa_driver_nl80211_sta_set_flags,
12130 .sta_set_airtime_weight = driver_nl80211_sta_set_airtime_weight,
12131 .hapd_init = i802_init,
12132 .hapd_deinit = i802_deinit,
12133 .set_wds_sta = i802_set_wds_sta,
12134 .get_seqnum = i802_get_seqnum,
12135 .flush = i802_flush,
12136 .get_inact_sec = i802_get_inact_sec,
12137 .sta_clear_stats = i802_sta_clear_stats,
12138 .set_rts = i802_set_rts,
12139 .set_frag = i802_set_frag,
12140 .set_tx_queue_params = i802_set_tx_queue_params,
12141 .set_sta_vlan = driver_nl80211_set_sta_vlan,
12142 .sta_deauth = i802_sta_deauth,
12143 .sta_disassoc = i802_sta_disassoc,
12144 .read_sta_data = driver_nl80211_read_sta_data,
12145 .set_freq = i802_set_freq,
12146 .send_action = driver_nl80211_send_action,
12147 .send_action_cancel_wait = wpa_driver_nl80211_send_action_cancel_wait,
12148 .remain_on_channel = wpa_driver_nl80211_remain_on_channel,
12149 .cancel_remain_on_channel =
12150 wpa_driver_nl80211_cancel_remain_on_channel,
12151 .probe_req_report = driver_nl80211_probe_req_report,
12152 .deinit_ap = wpa_driver_nl80211_deinit_ap,
12153 .deinit_p2p_cli = wpa_driver_nl80211_deinit_p2p_cli,
12154 .resume = wpa_driver_nl80211_resume,
12155 .signal_monitor = nl80211_signal_monitor,
12156 .signal_poll = nl80211_signal_poll,
12157 .channel_info = nl80211_channel_info,
12158 .set_param = nl80211_set_param,
12159 .get_radio_name = nl80211_get_radio_name,
12160 .add_pmkid = nl80211_add_pmkid,
12161 .remove_pmkid = nl80211_remove_pmkid,
12162 .flush_pmkid = nl80211_flush_pmkid,
12163 .set_rekey_info = nl80211_set_rekey_info,
12164 .poll_client = nl80211_poll_client,
12165 .set_p2p_powersave = nl80211_set_p2p_powersave,
12166 .start_dfs_cac = nl80211_start_radar_detection,
12167 .stop_ap = wpa_driver_nl80211_stop_ap,
12168 #ifdef CONFIG_TDLS
12169 .send_tdls_mgmt = nl80211_send_tdls_mgmt,
12170 .tdls_oper = nl80211_tdls_oper,
12171 .tdls_enable_channel_switch = nl80211_tdls_enable_channel_switch,
12172 .tdls_disable_channel_switch = nl80211_tdls_disable_channel_switch,
12173 #endif /* CONFIG_TDLS */
12174 .update_ft_ies = wpa_driver_nl80211_update_ft_ies,
12175 .update_dh_ie = nl80211_update_dh_ie,
12176 .get_mac_addr = wpa_driver_nl80211_get_macaddr,
12177 .get_survey = wpa_driver_nl80211_get_survey,
12178 .status = wpa_driver_nl80211_status,
12179 .switch_channel = nl80211_switch_channel,
12180 #ifdef ANDROID_P2P
12181 .set_noa = wpa_driver_set_p2p_noa,
12182 .get_noa = wpa_driver_get_p2p_noa,
12183 .set_ap_wps_ie = wpa_driver_set_ap_wps_p2p_ie,
12184 #endif /* ANDROID_P2P */
12185 #ifdef ANDROID
12186 #ifndef ANDROID_LIB_STUB
12187 .driver_cmd = wpa_driver_nl80211_driver_cmd,
12188 #endif /* !ANDROID_LIB_STUB */
12189 #endif /* ANDROID */
12190 .vendor_cmd = nl80211_vendor_cmd,
12191 .set_qos_map = nl80211_set_qos_map,
12192 .get_wowlan = nl80211_get_wowlan,
12193 .set_wowlan = nl80211_set_wowlan,
12194 .set_mac_addr = nl80211_set_mac_addr,
12195 #ifdef CONFIG_MESH
12196 .init_mesh = wpa_driver_nl80211_init_mesh,
12197 .join_mesh = wpa_driver_nl80211_join_mesh,
12198 .leave_mesh = wpa_driver_nl80211_leave_mesh,
12199 .probe_mesh_link = nl80211_probe_mesh_link,
12200 #endif /* CONFIG_MESH */
12201 .br_add_ip_neigh = wpa_driver_br_add_ip_neigh,
12202 .br_delete_ip_neigh = wpa_driver_br_delete_ip_neigh,
12203 .br_port_set_attr = wpa_driver_br_port_set_attr,
12204 .br_set_net_param = wpa_driver_br_set_net_param,
12205 .add_tx_ts = nl80211_add_ts,
12206 .del_tx_ts = nl80211_del_ts,
12207 .get_ifindex = nl80211_get_ifindex,
12208 #ifdef CONFIG_DRIVER_NL80211_QCA
12209 .roaming = nl80211_roaming,
12210 .disable_fils = nl80211_disable_fils,
12211 .do_acs = wpa_driver_do_acs,
12212 .set_band = nl80211_set_band,
12213 .get_pref_freq_list = nl80211_get_pref_freq_list,
12214 .set_prob_oper_freq = nl80211_set_prob_oper_freq,
12215 .p2p_lo_start = nl80211_p2p_lo_start,
12216 .p2p_lo_stop = nl80211_p2p_lo_stop,
12217 .set_default_scan_ies = nl80211_set_default_scan_ies,
12218 .set_tdls_mode = nl80211_set_tdls_mode,
12219 #ifdef CONFIG_MBO
12220 .get_bss_transition_status = nl80211_get_bss_transition_status,
12221 .ignore_assoc_disallow = nl80211_ignore_assoc_disallow,
12222 #endif /* CONFIG_MBO */
12223 .set_bssid_tmp_disallow = nl80211_set_bssid_tmp_disallow,
12224 .add_sta_node = nl80211_add_sta_node,
12225 #endif /* CONFIG_DRIVER_NL80211_QCA */
12226 .configure_data_frame_filters = nl80211_configure_data_frame_filters,
12227 #if defined(CONFIG_DRIVER_NL80211_BRCM)
12228 .do_acs = wpa_driver_do_broadcom_acs,
12229 #endif /* CONFIG_DRIVER_NL80211_BRCM */
12230 .get_ext_capab = nl80211_get_ext_capab,
12231 .update_connect_params = nl80211_update_connection_params,
12232 .send_external_auth_status = nl80211_send_external_auth_status,
12233 .set_4addr_mode = nl80211_set_4addr_mode,
12234 #ifdef CONFIG_DPP
12235 .dpp_listen = nl80211_dpp_listen,
12236 #endif /* CONFIG_DPP */
12237 };
12238