1 /*
2 * Driver interaction with Linux nl80211/cfg80211
3 * Copyright (c) 2002-2015, Jouni Malinen <j@w1.fi>
4 * Copyright (c) 2003-2004, Instant802 Networks, Inc.
5 * Copyright (c) 2005-2006, Devicescape Software, Inc.
6 * Copyright (c) 2007, Johannes Berg <johannes@sipsolutions.net>
7 * Copyright (c) 2009-2010, Atheros Communications
8 *
9 * This software may be distributed under the terms of the BSD license.
10 * See README for more details.
11 */
12
13 #include "includes.h"
14 #include <sys/types.h>
15 #include <fcntl.h>
16 #include <net/if.h>
17 #include <netlink/genl/genl.h>
18 #include <netlink/genl/ctrl.h>
19 #ifdef CONFIG_LIBNL3_ROUTE
20 #include <netlink/route/neighbour.h>
21 #endif /* CONFIG_LIBNL3_ROUTE */
22 #include <linux/rtnetlink.h>
23 #include <netpacket/packet.h>
24 #include <linux/errqueue.h>
25
26 #include "common.h"
27 #include "eloop.h"
28 #include "common/qca-vendor.h"
29 #include "common/qca-vendor-attr.h"
30 #include "common/brcm_vendor.h"
31 #include "common/ieee802_11_defs.h"
32 #include "common/ieee802_11_common.h"
33 #include "common/wpa_common.h"
34 #include "crypto/sha256.h"
35 #include "crypto/sha384.h"
36 #include "netlink.h"
37 #include "linux_defines.h"
38 #include "linux_ioctl.h"
39 #include "radiotap.h"
40 #include "radiotap_iter.h"
41 #include "rfkill.h"
42 #include "driver_nl80211.h"
43 #if defined(CONFIG_DRIVER_NL80211_BRCM) || defined(CONFIG_DRIVER_NL80211_SYNA)
44 #include "common/brcm_vendor.h"
45 #endif /* CONFIG_DRIVER_NL80211_BRCM || CONFIG_DRIVER_NL80211_SYNA */
46
47 #ifndef NETLINK_CAP_ACK
48 #define NETLINK_CAP_ACK 10
49 #endif /* NETLINK_CAP_ACK */
50 /* support for extack if compilation headers are too old */
51 #ifndef NETLINK_EXT_ACK
52 #define NETLINK_EXT_ACK 11
53 enum nlmsgerr_attrs {
54 NLMSGERR_ATTR_UNUSED,
55 NLMSGERR_ATTR_MSG,
56 NLMSGERR_ATTR_OFFS,
57 NLMSGERR_ATTR_COOKIE,
58
59 __NLMSGERR_ATTR_MAX,
60 NLMSGERR_ATTR_MAX = __NLMSGERR_ATTR_MAX - 1
61 };
62 #endif
63 #ifndef NLM_F_CAPPED
64 #define NLM_F_CAPPED 0x100
65 #endif
66 #ifndef NLM_F_ACK_TLVS
67 #define NLM_F_ACK_TLVS 0x200
68 #endif
69 #ifndef SOL_NETLINK
70 #define SOL_NETLINK 270
71 #endif
72
73
74 #ifdef ANDROID
75 /* system/core/libnl_2 does not include nl_socket_set_nonblocking() */
76 #undef nl_socket_set_nonblocking
77 #define nl_socket_set_nonblocking(h) android_nl_socket_set_nonblocking(h)
78
79 #endif /* ANDROID */
80
81
nl_create_handle(struct nl_cb * cb,const char * dbg)82 static struct nl_sock * nl_create_handle(struct nl_cb *cb, const char *dbg)
83 {
84 struct nl_sock *handle;
85
86 handle = nl_socket_alloc_cb(cb);
87 if (handle == NULL) {
88 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate netlink "
89 "callbacks (%s)", dbg);
90 return NULL;
91 }
92
93 if (genl_connect(handle)) {
94 wpa_printf(MSG_ERROR, "nl80211: Failed to connect to generic "
95 "netlink (%s)", dbg);
96 nl_socket_free(handle);
97 return NULL;
98 }
99
100 return handle;
101 }
102
103
nl_destroy_handles(struct nl_sock ** handle)104 static void nl_destroy_handles(struct nl_sock **handle)
105 {
106 if (*handle == NULL)
107 return;
108 nl_socket_free(*handle);
109 *handle = NULL;
110 }
111
112
113 #if __WORDSIZE == 64
114 #define ELOOP_SOCKET_INVALID (intptr_t) 0x8888888888888889ULL
115 #else
116 #define ELOOP_SOCKET_INVALID (intptr_t) 0x88888889ULL
117 #endif
118
nl80211_register_eloop_read(struct nl_sock ** handle,eloop_sock_handler handler,void * eloop_data,int persist)119 static void nl80211_register_eloop_read(struct nl_sock **handle,
120 eloop_sock_handler handler,
121 void *eloop_data, int persist)
122 {
123 /*
124 * libnl uses a pretty small buffer (32 kB that gets converted to 64 kB)
125 * by default. It is possible to hit that limit in some cases where
126 * operations are blocked, e.g., with a burst of Deauthentication frames
127 * to hostapd and STA entry deletion. Try to increase the buffer to make
128 * this less likely to occur.
129 */
130 int err;
131
132 err = nl_socket_set_buffer_size(*handle, 262144, 0);
133 if (err < 0) {
134 wpa_printf(MSG_DEBUG,
135 "nl80211: Could not set nl_socket RX buffer size: %s",
136 nl_geterror(err));
137 /* continue anyway with the default (smaller) buffer */
138 }
139
140 nl_socket_set_nonblocking(*handle);
141 eloop_register_read_sock(nl_socket_get_fd(*handle), handler,
142 eloop_data, *handle);
143 if (!persist)
144 *handle = (void *) (((intptr_t) *handle) ^
145 ELOOP_SOCKET_INVALID);
146 }
147
148
nl80211_destroy_eloop_handle(struct nl_sock ** handle,int persist)149 static void nl80211_destroy_eloop_handle(struct nl_sock **handle, int persist)
150 {
151 if (!persist)
152 *handle = (void *) (((intptr_t) *handle) ^
153 ELOOP_SOCKET_INVALID);
154 eloop_unregister_read_sock(nl_socket_get_fd(*handle));
155 nl_destroy_handles(handle);
156 }
157
158
159 static void nl80211_global_deinit(void *priv);
160 static void nl80211_check_global(struct nl80211_global *global);
161
162 static void wpa_driver_nl80211_deinit(struct i802_bss *bss);
163 static int wpa_driver_nl80211_set_mode_ibss(struct i802_bss *bss,
164 struct hostapd_freq_params *freq);
165
166 static int
167 wpa_driver_nl80211_finish_drv_init(struct wpa_driver_nl80211_data *drv,
168 const u8 *set_addr, int first,
169 const char *driver_params);
170 static int nl80211_send_frame_cmd(struct i802_bss *bss,
171 unsigned int freq, unsigned int wait,
172 const u8 *buf, size_t buf_len,
173 int save_cookie,
174 int no_cck, int no_ack, int offchanok,
175 const u16 *csa_offs, size_t csa_offs_len);
176 static int wpa_driver_nl80211_probe_req_report(struct i802_bss *bss,
177 int report);
178
179 #define IFIDX_ANY -1
180
181 static void add_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx,
182 int ifidx_reason);
183 static void del_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx,
184 int ifidx_reason);
185 static int have_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx,
186 int ifidx_reason);
187
188 static int nl80211_set_channel(struct i802_bss *bss,
189 struct hostapd_freq_params *freq, int set_chan);
190 static int nl80211_disable_11b_rates(struct wpa_driver_nl80211_data *drv,
191 int ifindex, int disabled);
192
193 static int nl80211_leave_ibss(struct wpa_driver_nl80211_data *drv,
194 int reset_mode);
195
196 static int i802_set_iface_flags(struct i802_bss *bss, int up);
197 static int nl80211_set_param(void *priv, const char *param);
198 #ifdef CONFIG_MESH
199 static int nl80211_put_mesh_config(struct nl_msg *msg,
200 struct wpa_driver_mesh_bss_params *params);
201 #endif /* CONFIG_MESH */
202 static int i802_sta_disassoc(void *priv, const u8 *own_addr, const u8 *addr,
203 u16 reason);
204 #if defined(CONFIG_DRIVER_NL80211_BRCM) || defined(CONFIG_DRIVER_NL80211_SYNA)
205 static int nl80211_set_td_policy(void *priv, u32 td_policy);
206 #endif /* CONFIG_DRIVER_NL80211_BRCM || CONFIG_DRIVER_NL80211_SYNA */
207
208 /* Converts nl80211_chan_width to a common format */
convert2width(int width)209 enum chan_width convert2width(int width)
210 {
211 switch (width) {
212 case NL80211_CHAN_WIDTH_20_NOHT:
213 return CHAN_WIDTH_20_NOHT;
214 case NL80211_CHAN_WIDTH_20:
215 return CHAN_WIDTH_20;
216 case NL80211_CHAN_WIDTH_40:
217 return CHAN_WIDTH_40;
218 case NL80211_CHAN_WIDTH_80:
219 return CHAN_WIDTH_80;
220 case NL80211_CHAN_WIDTH_80P80:
221 return CHAN_WIDTH_80P80;
222 case NL80211_CHAN_WIDTH_160:
223 return CHAN_WIDTH_160;
224 case NL80211_CHAN_WIDTH_320:
225 return CHAN_WIDTH_320;
226 default:
227 return CHAN_WIDTH_UNKNOWN;
228 }
229 }
230
231
is_ap_interface(enum nl80211_iftype nlmode)232 int is_ap_interface(enum nl80211_iftype nlmode)
233 {
234 return nlmode == NL80211_IFTYPE_AP ||
235 nlmode == NL80211_IFTYPE_P2P_GO;
236 }
237
238
is_sta_interface(enum nl80211_iftype nlmode)239 int is_sta_interface(enum nl80211_iftype nlmode)
240 {
241 return nlmode == NL80211_IFTYPE_STATION ||
242 nlmode == NL80211_IFTYPE_P2P_CLIENT;
243 }
244
245
is_p2p_net_interface(enum nl80211_iftype nlmode)246 static int is_p2p_net_interface(enum nl80211_iftype nlmode)
247 {
248 return nlmode == NL80211_IFTYPE_P2P_CLIENT ||
249 nlmode == NL80211_IFTYPE_P2P_GO;
250 }
251
252
get_bss_ifindex(struct wpa_driver_nl80211_data * drv,int ifindex)253 struct i802_bss * get_bss_ifindex(struct wpa_driver_nl80211_data *drv,
254 int ifindex)
255 {
256 struct i802_bss *bss;
257
258 for (bss = drv->first_bss; bss; bss = bss->next) {
259 if (bss->ifindex == ifindex)
260 return bss;
261 }
262
263 return NULL;
264 }
265
266
is_mesh_interface(enum nl80211_iftype nlmode)267 static int is_mesh_interface(enum nl80211_iftype nlmode)
268 {
269 return nlmode == NL80211_IFTYPE_MESH_POINT;
270 }
271
272
nl80211_mark_disconnected(struct wpa_driver_nl80211_data * drv)273 void nl80211_mark_disconnected(struct wpa_driver_nl80211_data *drv)
274 {
275 if (drv->associated)
276 os_memcpy(drv->prev_bssid, drv->bssid, ETH_ALEN);
277 drv->associated = 0;
278 os_memset(&drv->sta_mlo_info, 0, sizeof(drv->sta_mlo_info));
279 os_memset(drv->bssid, 0, ETH_ALEN);
280 drv->first_bss->flink->freq = 0;
281 #ifdef CONFIG_DRIVER_NL80211_QCA
282 os_free(drv->pending_roam_data);
283 drv->pending_roam_data = NULL;
284 os_free(drv->pending_t2lm_data);
285 drv->pending_t2lm_data = NULL;
286 os_free(drv->pending_link_reconfig_data);
287 drv->pending_link_reconfig_data = NULL;
288 #endif /* CONFIG_DRIVER_NL80211_QCA */
289
290 drv->auth_mld = false;
291 drv->auth_mld_link_id = -1;
292 os_memset(drv->auth_ap_mld_addr, 0, ETH_ALEN);
293 }
294
295
296 /* nl80211 code */
ack_handler(struct nl_msg * msg,void * arg)297 static int ack_handler(struct nl_msg *msg, void *arg)
298 {
299 int *err = arg;
300 *err = 0;
301 return NL_STOP;
302 }
303
304
305 struct nl80211_ack_ext_arg {
306 int *err;
307 void *ext_data;
308 };
309
310
ack_handler_cookie(struct nl_msg * msg,void * arg)311 static int ack_handler_cookie(struct nl_msg *msg, void *arg)
312 {
313 struct nl80211_ack_ext_arg *ext_arg = arg;
314 struct nlattr *tb[NLMSGERR_ATTR_MAX + 1];
315 u64 *cookie = ext_arg->ext_data;
316 struct nlattr *attrs;
317 size_t ack_len, attr_len;
318
319 *ext_arg->err = 0;
320 ack_len = sizeof(struct nlmsghdr) + sizeof(int) +
321 sizeof(struct nlmsghdr);
322 attrs = (struct nlattr *)
323 ((u8 *) nlmsg_data(nlmsg_hdr(msg)) + sizeof(struct nlmsghdr) +
324 sizeof(int));
325 if (nlmsg_hdr(msg)->nlmsg_len <= ack_len)
326 return NL_STOP;
327
328 attr_len = nlmsg_hdr(msg)->nlmsg_len - ack_len;
329
330 if(!(nlmsg_hdr(msg)->nlmsg_flags & NLM_F_ACK_TLVS))
331 return NL_STOP;
332
333 nla_parse(tb, NLMSGERR_ATTR_MAX, attrs, attr_len, NULL);
334 if (tb[NLMSGERR_ATTR_COOKIE])
335 *cookie = nla_get_u64(tb[NLMSGERR_ATTR_COOKIE]);
336
337 return NL_STOP;
338 }
339
340
finish_handler(struct nl_msg * msg,void * arg)341 static int finish_handler(struct nl_msg *msg, void *arg)
342 {
343 int *ret = arg;
344 *ret = 0;
345 return NL_SKIP;
346 }
347
error_handler(struct sockaddr_nl * nla,struct nlmsgerr * err,void * arg)348 static int error_handler(struct sockaddr_nl *nla, struct nlmsgerr *err,
349 void *arg)
350 {
351 struct nlmsghdr *nlh = (struct nlmsghdr *) err - 1;
352 int len = nlh->nlmsg_len;
353 struct nlattr *attrs;
354 struct nlattr *tb[NLMSGERR_ATTR_MAX + 1];
355 int *ret = arg;
356 int ack_len = sizeof(*nlh) + sizeof(int) + sizeof(*nlh);
357
358 *ret = err->error;
359
360 if (!(nlh->nlmsg_flags & NLM_F_ACK_TLVS))
361 return NL_SKIP;
362
363 if (!(nlh->nlmsg_flags & NLM_F_CAPPED))
364 ack_len += err->msg.nlmsg_len - sizeof(*nlh);
365
366 if (len <= ack_len)
367 return NL_STOP;
368
369 attrs = (void *) ((unsigned char *) nlh + ack_len);
370 len -= ack_len;
371
372 nla_parse(tb, NLMSGERR_ATTR_MAX, attrs, len, NULL);
373 if (tb[NLMSGERR_ATTR_MSG]) {
374 len = strnlen((char *) nla_data(tb[NLMSGERR_ATTR_MSG]),
375 nla_len(tb[NLMSGERR_ATTR_MSG]));
376 wpa_printf(MSG_ERROR, "nl80211: kernel reports: %*s",
377 len, (char *) nla_data(tb[NLMSGERR_ATTR_MSG]));
378 }
379
380 return NL_SKIP;
381 }
382
383
no_seq_check(struct nl_msg * msg,void * arg)384 static int no_seq_check(struct nl_msg *msg, void *arg)
385 {
386 return NL_OK;
387 }
388
389
nl80211_nlmsg_clear(struct nl_msg * msg)390 static void nl80211_nlmsg_clear(struct nl_msg *msg)
391 {
392 /*
393 * Clear nlmsg data, e.g., to make sure key material is not left in
394 * heap memory for unnecessarily long time.
395 */
396 if (msg) {
397 struct nlmsghdr *hdr = nlmsg_hdr(msg);
398 void *data = nlmsg_data(hdr);
399 /*
400 * This would use nlmsg_datalen() or the older nlmsg_len() if
401 * only libnl were to maintain a stable API.. Neither will work
402 * with all released versions, so just calculate the length
403 * here.
404 */
405 int len = hdr->nlmsg_len - NLMSG_HDRLEN;
406
407 os_memset(data, 0, len);
408 }
409 }
410
411
send_and_recv(struct nl80211_global * global,struct nl_sock * nl_handle,struct nl_msg * msg,int (* valid_handler)(struct nl_msg *,void *),void * valid_data,int (* ack_handler_custom)(struct nl_msg *,void *),void * ack_data)412 static int send_and_recv(struct nl80211_global *global,
413 struct nl_sock *nl_handle, struct nl_msg *msg,
414 int (*valid_handler)(struct nl_msg *, void *),
415 void *valid_data,
416 int (*ack_handler_custom)(struct nl_msg *, void *),
417 void *ack_data)
418 {
419 struct nl_cb *cb;
420 int err = -ENOMEM, opt;
421
422 if (!msg)
423 return -ENOMEM;
424
425 cb = nl_cb_clone(global->nl_cb);
426 if (!cb)
427 goto out;
428
429 /* try to set NETLINK_EXT_ACK to 1, ignoring errors */
430 opt = 1;
431 setsockopt(nl_socket_get_fd(nl_handle), SOL_NETLINK,
432 NETLINK_EXT_ACK, &opt, sizeof(opt));
433
434 /* try to set NETLINK_CAP_ACK to 1, ignoring errors */
435 opt = 1;
436 setsockopt(nl_socket_get_fd(nl_handle), SOL_NETLINK,
437 NETLINK_CAP_ACK, &opt, sizeof(opt));
438
439 err = nl_send_auto_complete(nl_handle, msg);
440 if (err < 0) {
441 wpa_printf(MSG_INFO,
442 "nl80211: nl_send_auto_complete() failed: %s",
443 nl_geterror(err));
444 /* Need to convert libnl error code to an errno value. For now,
445 * just hardcode this to EBADF; the real error reason is shown
446 * in that error print above. */
447 err = -EBADF;
448 goto out;
449 }
450
451 err = 1;
452
453 nl_cb_err(cb, NL_CB_CUSTOM, error_handler, &err);
454 nl_cb_set(cb, NL_CB_FINISH, NL_CB_CUSTOM, finish_handler, &err);
455 if (ack_handler_custom) {
456 struct nl80211_ack_ext_arg *ext_arg = ack_data;
457
458 ext_arg->err = &err;
459 nl_cb_set(cb, NL_CB_ACK, NL_CB_CUSTOM,
460 ack_handler_custom, ack_data);
461 } else {
462 nl_cb_set(cb, NL_CB_ACK, NL_CB_CUSTOM, ack_handler, &err);
463 }
464
465 if (valid_handler)
466 nl_cb_set(cb, NL_CB_VALID, NL_CB_CUSTOM,
467 valid_handler, valid_data);
468
469 while (err > 0) {
470 int res = nl_recvmsgs(nl_handle, cb);
471
472 if (res == -NLE_DUMP_INTR) {
473 /* Most likely one of the nl80211 dump routines hit a
474 * case where internal results changed while the dump
475 * was being sent. The most common known case for this
476 * is scan results fetching while associated were every
477 * received Beacon frame from the AP may end up
478 * incrementing bss_generation. This
479 * NL80211_CMD_GET_SCAN case tries again in the caller;
480 * other cases (of which there are no known common ones)
481 * will stop and return an error. */
482 wpa_printf(MSG_DEBUG, "nl80211: %s; convert to -EAGAIN",
483 nl_geterror(res));
484 err = -EAGAIN;
485 } else if (res < 0) {
486 wpa_printf(MSG_INFO,
487 "nl80211: %s->nl_recvmsgs failed: %d (%s)",
488 __func__, res, nl_geterror(res));
489 }
490 }
491 out:
492 nl_cb_put(cb);
493 /* Always clear the message as it can potentially contain keys */
494 nl80211_nlmsg_clear(msg);
495 nlmsg_free(msg);
496 return err;
497 }
498
499
send_and_recv_msgs(struct wpa_driver_nl80211_data * drv,struct nl_msg * msg,int (* valid_handler)(struct nl_msg *,void *),void * valid_data,int (* ack_handler_custom)(struct nl_msg *,void *),void * ack_data)500 int send_and_recv_msgs(struct wpa_driver_nl80211_data *drv,
501 struct nl_msg *msg,
502 int (*valid_handler)(struct nl_msg *, void *),
503 void *valid_data,
504 int (*ack_handler_custom)(struct nl_msg *, void *),
505 void *ack_data)
506 {
507 return send_and_recv(drv->global, drv->global->nl, msg,
508 valid_handler, valid_data,
509 ack_handler_custom, ack_data);
510 }
511
512
513 /* Use this method to mark that it is necessary to own the connection/interface
514 * for this operation.
515 * handle may be set to NULL, to get the same behavior as send_and_recv_msgs().
516 * set_owner can be used to mark this socket for receiving control port frames.
517 */
send_and_recv_msgs_owner(struct wpa_driver_nl80211_data * drv,struct nl_msg * msg,struct nl_sock * handle,int set_owner,int (* valid_handler)(struct nl_msg *,void *),void * valid_data,int (* ack_handler_custom)(struct nl_msg *,void *),void * ack_data)518 static int send_and_recv_msgs_owner(struct wpa_driver_nl80211_data *drv,
519 struct nl_msg *msg,
520 struct nl_sock *handle, int set_owner,
521 int (*valid_handler)(struct nl_msg *,
522 void *),
523 void *valid_data,
524 int (*ack_handler_custom)(struct nl_msg *,
525 void *),
526 void *ack_data)
527 {
528 if (!msg)
529 return -ENOMEM;
530
531 /* Control port over nl80211 needs the flags and attributes below.
532 *
533 * The Linux kernel has initial checks for them (in nl80211.c) like:
534 * validate_pae_over_nl80211(...)
535 * or final checks like:
536 * dev->ieee80211_ptr->conn_owner_nlportid != info->snd_portid
537 *
538 * Final operations (e.g., disassociate) don't need to set these
539 * attributes, but they have to be performed on the socket, which has
540 * the connection owner property set in the kernel.
541 */
542 if ((drv->capa.flags2 & WPA_DRIVER_FLAGS2_CONTROL_PORT_RX) &&
543 handle && set_owner &&
544 (nla_put_flag(msg, NL80211_ATTR_CONTROL_PORT_OVER_NL80211) ||
545 nla_put_flag(msg, NL80211_ATTR_SOCKET_OWNER) ||
546 nla_put_u16(msg, NL80211_ATTR_CONTROL_PORT_ETHERTYPE, ETH_P_PAE) ||
547 nla_put_flag(msg, NL80211_ATTR_CONTROL_PORT_NO_PREAUTH)))
548 return -1;
549
550 return send_and_recv(drv->global, handle ? handle : drv->global->nl,
551 msg, valid_handler, valid_data,
552 ack_handler_custom, ack_data);
553 }
554
555
556 static int
send_and_recv_msgs_connect_handle(struct wpa_driver_nl80211_data * drv,struct nl_msg * msg,struct i802_bss * bss,int set_owner)557 send_and_recv_msgs_connect_handle(struct wpa_driver_nl80211_data *drv,
558 struct nl_msg *msg, struct i802_bss *bss,
559 int set_owner)
560 {
561 struct nl_sock *nl_connect = get_connect_handle(bss);
562
563 if (nl_connect)
564 return send_and_recv_msgs_owner(drv, msg, nl_connect, set_owner,
565 process_bss_event, bss, NULL,
566 NULL);
567 else
568 return send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
569 }
570
571
get_connect_handle(struct i802_bss * bss)572 struct nl_sock * get_connect_handle(struct i802_bss *bss)
573 {
574 if ((bss->drv->capa.flags2 & WPA_DRIVER_FLAGS2_CONTROL_PORT_RX) ||
575 bss->use_nl_connect)
576 return bss->nl_connect;
577
578 return NULL;
579 }
580
581
582 struct family_data {
583 const char *group;
584 int id;
585 };
586
587
family_handler(struct nl_msg * msg,void * arg)588 static int family_handler(struct nl_msg *msg, void *arg)
589 {
590 struct family_data *res = arg;
591 struct nlattr *tb[CTRL_ATTR_MAX + 1];
592 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
593 struct nlattr *mcgrp;
594 int i;
595
596 nla_parse(tb, CTRL_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
597 genlmsg_attrlen(gnlh, 0), NULL);
598 if (!tb[CTRL_ATTR_MCAST_GROUPS])
599 return NL_SKIP;
600
601 nla_for_each_nested(mcgrp, tb[CTRL_ATTR_MCAST_GROUPS], i) {
602 struct nlattr *tb2[CTRL_ATTR_MCAST_GRP_MAX + 1];
603 nla_parse(tb2, CTRL_ATTR_MCAST_GRP_MAX, nla_data(mcgrp),
604 nla_len(mcgrp), NULL);
605 if (!tb2[CTRL_ATTR_MCAST_GRP_NAME] ||
606 !tb2[CTRL_ATTR_MCAST_GRP_ID] ||
607 os_strncmp(nla_data(tb2[CTRL_ATTR_MCAST_GRP_NAME]),
608 res->group,
609 nla_len(tb2[CTRL_ATTR_MCAST_GRP_NAME])) != 0)
610 continue;
611 res->id = nla_get_u32(tb2[CTRL_ATTR_MCAST_GRP_ID]);
612 break;
613 };
614
615 return NL_SKIP;
616 }
617
618
nl_get_multicast_id(struct nl80211_global * global,const char * family,const char * group)619 static int nl_get_multicast_id(struct nl80211_global *global,
620 const char *family, const char *group)
621 {
622 struct nl_msg *msg;
623 int ret;
624 struct family_data res = { group, -ENOENT };
625
626 msg = nlmsg_alloc();
627 if (!msg)
628 return -ENOMEM;
629 if (!genlmsg_put(msg, 0, 0, global->nlctrl_id,
630 0, 0, CTRL_CMD_GETFAMILY, 0) ||
631 nla_put_string(msg, CTRL_ATTR_FAMILY_NAME, family)) {
632 nlmsg_free(msg);
633 return -1;
634 }
635
636 ret = send_and_recv(global, global->nl, msg, family_handler, &res,
637 NULL, NULL);
638 if (ret == 0)
639 ret = res.id;
640 return ret;
641 }
642
643
nl80211_cmd(struct wpa_driver_nl80211_data * drv,struct nl_msg * msg,int flags,uint8_t cmd)644 void * nl80211_cmd(struct wpa_driver_nl80211_data *drv,
645 struct nl_msg *msg, int flags, uint8_t cmd)
646 {
647 if (TEST_FAIL())
648 return NULL;
649 return genlmsg_put(msg, 0, 0, drv->global->nl80211_id,
650 0, flags, cmd, 0);
651 }
652
653
nl80211_set_iface_id(struct nl_msg * msg,struct i802_bss * bss)654 static int nl80211_set_iface_id(struct nl_msg *msg, struct i802_bss *bss)
655 {
656 if (bss->wdev_id_set)
657 return nla_put_u64(msg, NL80211_ATTR_WDEV, bss->wdev_id);
658 return nla_put_u32(msg, NL80211_ATTR_IFINDEX, bss->ifindex);
659 }
660
661
nl80211_cmd_msg(struct i802_bss * bss,int flags,uint8_t cmd)662 struct nl_msg * nl80211_cmd_msg(struct i802_bss *bss, int flags, uint8_t cmd)
663 {
664 struct nl_msg *msg;
665
666 msg = nlmsg_alloc();
667 if (!msg)
668 return NULL;
669
670 if (!nl80211_cmd(bss->drv, msg, flags, cmd) ||
671 nl80211_set_iface_id(msg, bss) < 0) {
672 nlmsg_free(msg);
673 return NULL;
674 }
675
676 return msg;
677 }
678
679
680 static struct nl_msg *
nl80211_ifindex_msg_build(struct wpa_driver_nl80211_data * drv,struct nl_msg * msg,int ifindex,int flags,uint8_t cmd)681 nl80211_ifindex_msg_build(struct wpa_driver_nl80211_data *drv,
682 struct nl_msg *msg, int ifindex, int flags,
683 uint8_t cmd)
684 {
685 if (!msg)
686 return NULL;
687
688 if (!nl80211_cmd(drv, msg, flags, cmd) ||
689 nla_put_u32(msg, NL80211_ATTR_IFINDEX, ifindex)) {
690 nlmsg_free(msg);
691 return NULL;
692 }
693
694 return msg;
695 }
696
697
698 static struct nl_msg *
nl80211_ifindex_msg(struct wpa_driver_nl80211_data * drv,int ifindex,int flags,uint8_t cmd)699 nl80211_ifindex_msg(struct wpa_driver_nl80211_data *drv, int ifindex,
700 int flags, uint8_t cmd)
701 {
702 return nl80211_ifindex_msg_build(drv, nlmsg_alloc(), ifindex, flags,
703 cmd);
704 }
705
706
nl80211_drv_msg(struct wpa_driver_nl80211_data * drv,int flags,uint8_t cmd)707 struct nl_msg * nl80211_drv_msg(struct wpa_driver_nl80211_data *drv, int flags,
708 uint8_t cmd)
709 {
710 return nl80211_ifindex_msg(drv, drv->ifindex, flags, cmd);
711 }
712
713
nl80211_bss_msg(struct i802_bss * bss,int flags,uint8_t cmd)714 struct nl_msg * nl80211_bss_msg(struct i802_bss *bss, int flags, uint8_t cmd)
715 {
716 return nl80211_ifindex_msg(bss->drv, bss->ifindex, flags, cmd);
717 }
718
719
720 struct wiphy_idx_data {
721 int wiphy_idx;
722 enum nl80211_iftype nlmode;
723 u8 *macaddr;
724 u8 use_4addr;
725 };
726
727
netdev_info_handler(struct nl_msg * msg,void * arg)728 static int netdev_info_handler(struct nl_msg *msg, void *arg)
729 {
730 struct nlattr *tb[NL80211_ATTR_MAX + 1];
731 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
732 struct wiphy_idx_data *info = arg;
733
734 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
735 genlmsg_attrlen(gnlh, 0), NULL);
736
737 if (tb[NL80211_ATTR_WIPHY])
738 info->wiphy_idx = nla_get_u32(tb[NL80211_ATTR_WIPHY]);
739
740 if (tb[NL80211_ATTR_IFTYPE])
741 info->nlmode = nla_get_u32(tb[NL80211_ATTR_IFTYPE]);
742
743 if (tb[NL80211_ATTR_MAC] && info->macaddr)
744 os_memcpy(info->macaddr, nla_data(tb[NL80211_ATTR_MAC]),
745 ETH_ALEN);
746
747 if (tb[NL80211_ATTR_4ADDR])
748 info->use_4addr = nla_get_u8(tb[NL80211_ATTR_4ADDR]);
749
750 return NL_SKIP;
751 }
752
753
nl80211_get_wiphy_index(struct i802_bss * bss)754 int nl80211_get_wiphy_index(struct i802_bss *bss)
755 {
756 struct nl_msg *msg;
757 struct wiphy_idx_data data = {
758 .wiphy_idx = -1,
759 .macaddr = NULL,
760 };
761
762 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_GET_INTERFACE)))
763 return -1;
764
765 if (send_and_recv_msgs(bss->drv, msg, netdev_info_handler, &data,
766 NULL, NULL) == 0)
767 return data.wiphy_idx;
768 return -1;
769 }
770
771
nl80211_get_ifmode(struct i802_bss * bss)772 static enum nl80211_iftype nl80211_get_ifmode(struct i802_bss *bss)
773 {
774 struct nl_msg *msg;
775 struct wiphy_idx_data data = {
776 .nlmode = NL80211_IFTYPE_UNSPECIFIED,
777 .macaddr = NULL,
778 };
779
780 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_GET_INTERFACE)))
781 return NL80211_IFTYPE_UNSPECIFIED;
782
783 if (send_and_recv_msgs(bss->drv, msg, netdev_info_handler, &data,
784 NULL, NULL) == 0)
785 return data.nlmode;
786 return NL80211_IFTYPE_UNSPECIFIED;
787 }
788
789
nl80211_get_macaddr(struct i802_bss * bss)790 static int nl80211_get_macaddr(struct i802_bss *bss)
791 {
792 struct nl_msg *msg;
793 struct wiphy_idx_data data = {
794 .macaddr = bss->addr,
795 };
796
797 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_GET_INTERFACE)))
798 return -1;
799
800 return send_and_recv_msgs(bss->drv, msg, netdev_info_handler, &data,
801 NULL, NULL);
802 }
803
804
nl80211_get_4addr(struct i802_bss * bss)805 static int nl80211_get_4addr(struct i802_bss *bss)
806 {
807 struct nl_msg *msg;
808 struct wiphy_idx_data data = {
809 .use_4addr = 0,
810 };
811
812 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_GET_INTERFACE)) ||
813 send_and_recv_msgs(bss->drv, msg, netdev_info_handler, &data,
814 NULL, NULL))
815 return -1;
816 return data.use_4addr;
817 }
818
819
nl80211_register_beacons(struct wpa_driver_nl80211_data * drv,struct nl80211_wiphy_data * w)820 static int nl80211_register_beacons(struct wpa_driver_nl80211_data *drv,
821 struct nl80211_wiphy_data *w)
822 {
823 struct nl_msg *msg;
824 int ret;
825
826 msg = nlmsg_alloc();
827 if (!msg)
828 return -1;
829
830 if (!nl80211_cmd(drv, msg, 0, NL80211_CMD_REGISTER_BEACONS) ||
831 nla_put_u32(msg, NL80211_ATTR_WIPHY, w->wiphy_idx)) {
832 nlmsg_free(msg);
833 return -1;
834 }
835
836 ret = send_and_recv(drv->global, w->nl_beacons, msg, NULL, NULL,
837 NULL, NULL);
838 if (ret) {
839 wpa_printf(MSG_DEBUG, "nl80211: Register beacons command "
840 "failed: ret=%d (%s)",
841 ret, strerror(-ret));
842 }
843 return ret;
844 }
845
846
nl80211_recv_beacons(int sock,void * eloop_ctx,void * handle)847 static void nl80211_recv_beacons(int sock, void *eloop_ctx, void *handle)
848 {
849 struct nl80211_wiphy_data *w = eloop_ctx;
850 int res;
851
852 wpa_printf(MSG_EXCESSIVE, "nl80211: Beacon event message available");
853
854 res = nl_recvmsgs(handle, w->nl_cb);
855 if (res < 0) {
856 wpa_printf(MSG_INFO, "nl80211: %s->nl_recvmsgs failed: %d",
857 __func__, res);
858 }
859 }
860
861
process_beacon_event(struct nl_msg * msg,void * arg)862 static int process_beacon_event(struct nl_msg *msg, void *arg)
863 {
864 struct nl80211_wiphy_data *w = arg;
865 struct wpa_driver_nl80211_data *drv;
866 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
867 struct nlattr *tb[NL80211_ATTR_MAX + 1];
868 union wpa_event_data event;
869
870 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
871 genlmsg_attrlen(gnlh, 0), NULL);
872
873 if (gnlh->cmd != NL80211_CMD_FRAME) {
874 wpa_printf(MSG_DEBUG, "nl80211: Unexpected beacon event? (%d)",
875 gnlh->cmd);
876 return NL_SKIP;
877 }
878
879 if (!tb[NL80211_ATTR_FRAME])
880 return NL_SKIP;
881
882 dl_list_for_each(drv, &w->drvs, struct wpa_driver_nl80211_data,
883 wiphy_list) {
884 os_memset(&event, 0, sizeof(event));
885 event.rx_mgmt.frame = nla_data(tb[NL80211_ATTR_FRAME]);
886 event.rx_mgmt.frame_len = nla_len(tb[NL80211_ATTR_FRAME]);
887 wpa_supplicant_event(drv->ctx, EVENT_RX_MGMT, &event);
888 }
889
890 return NL_SKIP;
891 }
892
893
894 static struct nl80211_wiphy_data *
nl80211_get_wiphy_data_ap(struct i802_bss * bss)895 nl80211_get_wiphy_data_ap(struct i802_bss *bss)
896 {
897 static DEFINE_DL_LIST(nl80211_wiphys);
898 struct nl80211_wiphy_data *w;
899 int wiphy_idx, found = 0;
900 struct i802_bss *tmp_bss;
901 u8 channel;
902
903 if (bss->wiphy_data != NULL)
904 return bss->wiphy_data;
905
906 wiphy_idx = nl80211_get_wiphy_index(bss);
907
908 dl_list_for_each(w, &nl80211_wiphys, struct nl80211_wiphy_data, list) {
909 if (w->wiphy_idx == wiphy_idx)
910 goto add;
911 }
912
913 /* alloc new one */
914 w = os_zalloc(sizeof(*w));
915 if (w == NULL)
916 return NULL;
917 w->wiphy_idx = wiphy_idx;
918 dl_list_init(&w->bsss);
919 dl_list_init(&w->drvs);
920
921 /* Beacon frames not supported in IEEE 802.11ad */
922 if (ieee80211_freq_to_chan(bss->flink->freq, &channel) !=
923 HOSTAPD_MODE_IEEE80211AD) {
924 w->nl_cb = nl_cb_alloc(NL_CB_DEFAULT);
925 if (!w->nl_cb) {
926 os_free(w);
927 return NULL;
928 }
929 nl_cb_set(w->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM,
930 no_seq_check, NULL);
931 nl_cb_set(w->nl_cb, NL_CB_VALID, NL_CB_CUSTOM,
932 process_beacon_event, w);
933
934 w->nl_beacons = nl_create_handle(bss->drv->global->nl_cb,
935 "wiphy beacons");
936 if (w->nl_beacons == NULL) {
937 os_free(w);
938 return NULL;
939 }
940
941 if (nl80211_register_beacons(bss->drv, w)) {
942 nl_destroy_handles(&w->nl_beacons);
943 os_free(w);
944 return NULL;
945 }
946
947 nl80211_register_eloop_read(&w->nl_beacons,
948 nl80211_recv_beacons, w, 0);
949 }
950
951 dl_list_add(&nl80211_wiphys, &w->list);
952
953 add:
954 /* drv entry for this bss already there? */
955 dl_list_for_each(tmp_bss, &w->bsss, struct i802_bss, wiphy_list) {
956 if (tmp_bss->drv == bss->drv) {
957 found = 1;
958 break;
959 }
960 }
961 /* if not add it */
962 if (!found)
963 dl_list_add(&w->drvs, &bss->drv->wiphy_list);
964
965 dl_list_add(&w->bsss, &bss->wiphy_list);
966 bss->wiphy_data = w;
967 return w;
968 }
969
970
nl80211_put_wiphy_data_ap(struct i802_bss * bss)971 static void nl80211_put_wiphy_data_ap(struct i802_bss *bss)
972 {
973 struct nl80211_wiphy_data *w = bss->wiphy_data;
974 struct i802_bss *tmp_bss;
975 int found = 0;
976
977 if (w == NULL)
978 return;
979 bss->wiphy_data = NULL;
980 dl_list_del(&bss->wiphy_list);
981
982 /* still any for this drv present? */
983 dl_list_for_each(tmp_bss, &w->bsss, struct i802_bss, wiphy_list) {
984 if (tmp_bss->drv == bss->drv) {
985 found = 1;
986 break;
987 }
988 }
989 /* if not remove it */
990 if (!found)
991 dl_list_del(&bss->drv->wiphy_list);
992
993 if (!dl_list_empty(&w->bsss))
994 return;
995
996 if (w->nl_beacons)
997 nl80211_destroy_eloop_handle(&w->nl_beacons, 0);
998
999 nl_cb_put(w->nl_cb);
1000 dl_list_del(&w->list);
1001 os_free(w);
1002 }
1003
1004
nl80211_get_ifindex(void * priv)1005 static unsigned int nl80211_get_ifindex(void *priv)
1006 {
1007 struct i802_bss *bss = priv;
1008 struct wpa_driver_nl80211_data *drv = bss->drv;
1009
1010 return drv->ifindex;
1011 }
1012
1013
wpa_driver_nl80211_get_bssid(void * priv,u8 * bssid)1014 static int wpa_driver_nl80211_get_bssid(void *priv, u8 *bssid)
1015 {
1016 struct i802_bss *bss = priv;
1017 struct wpa_driver_nl80211_data *drv = bss->drv;
1018 if (!drv->associated)
1019 return -1;
1020 os_memcpy(bssid, drv->bssid, ETH_ALEN);
1021 return 0;
1022 }
1023
1024
wpa_driver_nl80211_get_ssid(void * priv,u8 * ssid)1025 static int wpa_driver_nl80211_get_ssid(void *priv, u8 *ssid)
1026 {
1027 struct i802_bss *bss = priv;
1028 struct wpa_driver_nl80211_data *drv = bss->drv;
1029 if (!drv->associated)
1030 return -1;
1031 os_memcpy(ssid, drv->ssid, drv->ssid_len);
1032 return drv->ssid_len;
1033 }
1034
1035
get_mlo_info(struct nl_msg * msg,void * arg)1036 static int get_mlo_info(struct nl_msg *msg, void *arg)
1037 {
1038 struct nlattr *tb[NL80211_ATTR_MAX + 1];
1039 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
1040 struct nlattr *link_attr, *link_data[NL80211_ATTR_MAX + 1];
1041 static struct nla_policy link_policy[NL80211_ATTR_MAX + 1] = {
1042 [NL80211_ATTR_MLO_LINK_ID] = { .type = NLA_U8 },
1043 [NL80211_ATTR_MAC] = { .minlen = ETH_ALEN, .maxlen = ETH_ALEN },
1044 };
1045 struct driver_sta_mlo_info *info = arg;
1046 int rem;
1047
1048 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
1049 genlmsg_attrlen(gnlh, 0), NULL);
1050
1051 if (!tb[NL80211_ATTR_MLO_LINKS])
1052 return NL_SKIP;
1053
1054 info->valid_links = 0;
1055 nla_for_each_nested(link_attr, tb[NL80211_ATTR_MLO_LINKS], rem) {
1056 u8 link_id;
1057
1058 if (nla_parse_nested(link_data, NL80211_ATTR_MAX,
1059 link_attr, link_policy) != 0)
1060 continue;
1061
1062 if (!link_data[NL80211_ATTR_MLO_LINK_ID] ||
1063 !link_data[NL80211_ATTR_MAC])
1064 continue;
1065
1066 link_id = nla_get_u8(link_data[NL80211_ATTR_MLO_LINK_ID]);
1067 if (link_id >= MAX_NUM_MLD_LINKS)
1068 continue;
1069 info->valid_links |= BIT(link_id);
1070 os_memcpy(info->links[link_id].addr,
1071 nla_data(link_data[NL80211_ATTR_MAC]), ETH_ALEN);
1072 if (link_data[NL80211_ATTR_WIPHY_FREQ])
1073 info->links[link_id].freq =
1074 nla_get_u32(link_data[NL80211_ATTR_WIPHY_FREQ]);
1075 }
1076
1077 return NL_SKIP;
1078 }
1079
1080
nl80211_get_sta_mlo_info(void * priv,struct driver_sta_mlo_info * mlo_info)1081 static int nl80211_get_sta_mlo_info(void *priv,
1082 struct driver_sta_mlo_info *mlo_info)
1083 {
1084 struct i802_bss *bss = priv;
1085 struct wpa_driver_nl80211_data *drv = bss->drv;
1086
1087 if (!drv->associated)
1088 return -1;
1089
1090 if (drv->capa.flags & WPA_DRIVER_FLAGS_SME) {
1091 struct nl_msg *msg;
1092
1093 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_GET_INTERFACE);
1094 if (send_and_recv_msgs(drv, msg, get_mlo_info,
1095 &drv->sta_mlo_info, NULL, NULL))
1096 return -1;
1097 }
1098
1099 os_memcpy(mlo_info, &drv->sta_mlo_info, sizeof(*mlo_info));
1100 return 0;
1101 }
1102
1103
wpa_driver_nl80211_event_newlink(struct nl80211_global * global,struct wpa_driver_nl80211_data * drv,int ifindex,const char * ifname)1104 static void wpa_driver_nl80211_event_newlink(
1105 struct nl80211_global *global, struct wpa_driver_nl80211_data *drv,
1106 int ifindex, const char *ifname)
1107 {
1108 union wpa_event_data event;
1109
1110 if (drv && os_strcmp(drv->first_bss->ifname, ifname) == 0) {
1111 if (if_nametoindex(drv->first_bss->ifname) == 0) {
1112 wpa_printf(MSG_DEBUG, "nl80211: Interface %s does not exist - ignore RTM_NEWLINK",
1113 drv->first_bss->ifname);
1114 return;
1115 }
1116 if (!drv->if_removed)
1117 return;
1118 wpa_printf(MSG_DEBUG, "nl80211: Mark if_removed=0 for %s based on RTM_NEWLINK event",
1119 drv->first_bss->ifname);
1120 drv->if_removed = 0;
1121 }
1122
1123 os_memset(&event, 0, sizeof(event));
1124 event.interface_status.ifindex = ifindex;
1125 os_strlcpy(event.interface_status.ifname, ifname,
1126 sizeof(event.interface_status.ifname));
1127 event.interface_status.ievent = EVENT_INTERFACE_ADDED;
1128 if (drv)
1129 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_STATUS, &event);
1130 else
1131 wpa_supplicant_event_global(global->ctx, EVENT_INTERFACE_STATUS,
1132 &event);
1133 }
1134
1135
wpa_driver_nl80211_event_dellink(struct nl80211_global * global,struct wpa_driver_nl80211_data * drv,int ifindex,const char * ifname)1136 static void wpa_driver_nl80211_event_dellink(
1137 struct nl80211_global *global, struct wpa_driver_nl80211_data *drv,
1138 int ifindex, const char *ifname)
1139 {
1140 union wpa_event_data event;
1141
1142 if (drv && os_strcmp(drv->first_bss->ifname, ifname) == 0) {
1143 if (drv->if_removed) {
1144 wpa_printf(MSG_DEBUG, "nl80211: if_removed already set - ignore RTM_DELLINK event for %s",
1145 ifname);
1146 return;
1147 }
1148 wpa_printf(MSG_DEBUG, "RTM_DELLINK: Interface '%s' removed - mark if_removed=1",
1149 ifname);
1150 drv->if_removed = 1;
1151 } else {
1152 wpa_printf(MSG_DEBUG, "RTM_DELLINK: Interface '%s' removed",
1153 ifname);
1154 }
1155
1156 os_memset(&event, 0, sizeof(event));
1157 event.interface_status.ifindex = ifindex;
1158 os_strlcpy(event.interface_status.ifname, ifname,
1159 sizeof(event.interface_status.ifname));
1160 event.interface_status.ievent = EVENT_INTERFACE_REMOVED;
1161 if (drv)
1162 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_STATUS, &event);
1163 else
1164 wpa_supplicant_event_global(global->ctx, EVENT_INTERFACE_STATUS,
1165 &event);
1166 }
1167
1168
wpa_driver_nl80211_own_ifname(struct wpa_driver_nl80211_data * drv,u8 * buf,size_t len)1169 static int wpa_driver_nl80211_own_ifname(struct wpa_driver_nl80211_data *drv,
1170 u8 *buf, size_t len)
1171 {
1172 int attrlen, rta_len;
1173 struct rtattr *attr;
1174
1175 attrlen = len;
1176 attr = (struct rtattr *) buf;
1177
1178 rta_len = RTA_ALIGN(sizeof(struct rtattr));
1179 while (RTA_OK(attr, attrlen)) {
1180 if (attr->rta_type == IFLA_IFNAME) {
1181 if (os_strcmp(((char *) attr) + rta_len,
1182 drv->first_bss->ifname) == 0)
1183 return 1;
1184 else
1185 break;
1186 }
1187 attr = RTA_NEXT(attr, attrlen);
1188 }
1189
1190 return 0;
1191 }
1192
1193
wpa_driver_nl80211_own_ifindex(struct wpa_driver_nl80211_data * drv,int ifindex,u8 * buf,size_t len)1194 static int wpa_driver_nl80211_own_ifindex(struct wpa_driver_nl80211_data *drv,
1195 int ifindex, u8 *buf, size_t len)
1196 {
1197 if (drv->ifindex == ifindex)
1198 return 1;
1199
1200 if (drv->if_removed && wpa_driver_nl80211_own_ifname(drv, buf, len)) {
1201 nl80211_check_global(drv->global);
1202 wpa_printf(MSG_DEBUG, "nl80211: Update ifindex for a removed "
1203 "interface");
1204 if (wpa_driver_nl80211_finish_drv_init(drv, NULL, 0, NULL) < 0)
1205 return -1;
1206 return 1;
1207 }
1208
1209 return 0;
1210 }
1211
1212
1213 static struct wpa_driver_nl80211_data *
nl80211_find_drv(struct nl80211_global * global,int idx,u8 * buf,size_t len,int * init_failed)1214 nl80211_find_drv(struct nl80211_global *global, int idx, u8 *buf, size_t len,
1215 int *init_failed)
1216 {
1217 struct wpa_driver_nl80211_data *drv;
1218 int res;
1219
1220 if (init_failed)
1221 *init_failed = 0;
1222 dl_list_for_each(drv, &global->interfaces,
1223 struct wpa_driver_nl80211_data, list) {
1224 res = wpa_driver_nl80211_own_ifindex(drv, idx, buf, len);
1225 if (res < 0) {
1226 wpa_printf(MSG_DEBUG,
1227 "nl80211: Found matching own interface, but failed to complete reinitialization");
1228 if (init_failed)
1229 *init_failed = 1;
1230 return drv;
1231 }
1232 if (res > 0 || have_ifidx(drv, idx, IFIDX_ANY))
1233 return drv;
1234 }
1235 return NULL;
1236 }
1237
1238
nl80211_refresh_mac(struct wpa_driver_nl80211_data * drv,int ifindex,int notify)1239 static void nl80211_refresh_mac(struct wpa_driver_nl80211_data *drv,
1240 int ifindex, int notify)
1241 {
1242 struct i802_bss *bss;
1243 u8 addr[ETH_ALEN];
1244
1245 bss = get_bss_ifindex(drv, ifindex);
1246 if (bss &&
1247 linux_get_ifhwaddr(drv->global->ioctl_sock,
1248 bss->ifname, addr) < 0) {
1249 wpa_printf(MSG_DEBUG,
1250 "nl80211: %s: failed to re-read MAC address",
1251 bss->ifname);
1252 } else if (bss && os_memcmp(addr, bss->addr, ETH_ALEN) != 0) {
1253 wpa_printf(MSG_DEBUG,
1254 "nl80211: Own MAC address on ifindex %d (%s) changed from "
1255 MACSTR " to " MACSTR,
1256 ifindex, bss->ifname,
1257 MAC2STR(bss->addr), MAC2STR(addr));
1258 os_memcpy(bss->prev_addr, bss->addr, ETH_ALEN);
1259 os_memcpy(bss->addr, addr, ETH_ALEN);
1260 if (notify)
1261 wpa_supplicant_event(drv->ctx,
1262 EVENT_INTERFACE_MAC_CHANGED, NULL);
1263 }
1264 }
1265
1266
wpa_driver_nl80211_event_rtm_newlink(void * ctx,struct ifinfomsg * ifi,u8 * buf,size_t len)1267 static void wpa_driver_nl80211_event_rtm_newlink(void *ctx,
1268 struct ifinfomsg *ifi,
1269 u8 *buf, size_t len)
1270 {
1271 struct nl80211_global *global = ctx;
1272 struct wpa_driver_nl80211_data *drv;
1273 int attrlen;
1274 struct rtattr *attr;
1275 u32 brid = 0;
1276 char namebuf[IFNAMSIZ];
1277 char ifname[IFNAMSIZ + 1];
1278 char extra[100], *pos, *end;
1279 int init_failed;
1280
1281 extra[0] = '\0';
1282 pos = extra;
1283 end = pos + sizeof(extra);
1284 ifname[0] = '\0';
1285
1286 attrlen = len;
1287 attr = (struct rtattr *) buf;
1288 while (RTA_OK(attr, attrlen)) {
1289 switch (attr->rta_type) {
1290 case IFLA_IFNAME:
1291 if (RTA_PAYLOAD(attr) > IFNAMSIZ)
1292 break;
1293 os_memcpy(ifname, RTA_DATA(attr), RTA_PAYLOAD(attr));
1294 ifname[RTA_PAYLOAD(attr)] = '\0';
1295 break;
1296 case IFLA_MASTER:
1297 brid = nla_get_u32((struct nlattr *) attr);
1298 pos += os_snprintf(pos, end - pos, " master=%u", brid);
1299 break;
1300 case IFLA_WIRELESS:
1301 pos += os_snprintf(pos, end - pos, " wext");
1302 break;
1303 case IFLA_OPERSTATE:
1304 pos += os_snprintf(pos, end - pos, " operstate=%u",
1305 nla_get_u32((struct nlattr *) attr));
1306 break;
1307 case IFLA_LINKMODE:
1308 pos += os_snprintf(pos, end - pos, " linkmode=%u",
1309 nla_get_u32((struct nlattr *) attr));
1310 break;
1311 }
1312 attr = RTA_NEXT(attr, attrlen);
1313 }
1314 extra[sizeof(extra) - 1] = '\0';
1315
1316 wpa_printf(MSG_DEBUG, "RTM_NEWLINK: ifi_index=%d ifname=%s%s ifi_family=%d ifi_flags=0x%x (%s%s%s%s)",
1317 ifi->ifi_index, ifname, extra, ifi->ifi_family,
1318 ifi->ifi_flags,
1319 (ifi->ifi_flags & IFF_UP) ? "[UP]" : "",
1320 (ifi->ifi_flags & IFF_RUNNING) ? "[RUNNING]" : "",
1321 (ifi->ifi_flags & IFF_LOWER_UP) ? "[LOWER_UP]" : "",
1322 (ifi->ifi_flags & IFF_DORMANT) ? "[DORMANT]" : "");
1323
1324 drv = nl80211_find_drv(global, ifi->ifi_index, buf, len, &init_failed);
1325 if (!drv)
1326 goto event_newlink;
1327 if (init_failed)
1328 return; /* do not update interface state */
1329
1330 if (!drv->if_disabled && !(ifi->ifi_flags & IFF_UP)) {
1331 namebuf[0] = '\0';
1332 if (if_indextoname(ifi->ifi_index, namebuf) &&
1333 linux_iface_up(drv->global->ioctl_sock, namebuf) > 0) {
1334 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface down "
1335 "event since interface %s is up", namebuf);
1336 drv->ignore_if_down_event = 0;
1337 /* Re-read MAC address as it may have changed */
1338 nl80211_refresh_mac(drv, ifi->ifi_index, 1);
1339 return;
1340 }
1341 wpa_printf(MSG_DEBUG, "nl80211: Interface down (%s/%s)",
1342 namebuf, ifname);
1343 if (os_strcmp(drv->first_bss->ifname, ifname) != 0) {
1344 wpa_printf(MSG_DEBUG,
1345 "nl80211: Not the main interface (%s) - do not indicate interface down",
1346 drv->first_bss->ifname);
1347 } else if (drv->ignore_if_down_event) {
1348 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface down "
1349 "event generated by mode change");
1350 drv->ignore_if_down_event = 0;
1351 } else {
1352 drv->if_disabled = 1;
1353 wpa_supplicant_event(drv->ctx,
1354 EVENT_INTERFACE_DISABLED, NULL);
1355
1356 /*
1357 * Try to get drv again, since it may be removed as
1358 * part of the EVENT_INTERFACE_DISABLED handling for
1359 * dynamic interfaces
1360 */
1361 drv = nl80211_find_drv(global, ifi->ifi_index,
1362 buf, len, NULL);
1363 if (!drv)
1364 return;
1365 }
1366 }
1367
1368 if (drv->if_disabled && (ifi->ifi_flags & IFF_UP)) {
1369 namebuf[0] = '\0';
1370 if (if_indextoname(ifi->ifi_index, namebuf) &&
1371 linux_iface_up(drv->global->ioctl_sock, namebuf) == 0) {
1372 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface up "
1373 "event since interface %s is down",
1374 namebuf);
1375 return;
1376 }
1377 wpa_printf(MSG_DEBUG, "nl80211: Interface up (%s/%s)",
1378 namebuf, ifname);
1379 if (os_strcmp(drv->first_bss->ifname, ifname) != 0) {
1380 wpa_printf(MSG_DEBUG,
1381 "nl80211: Not the main interface (%s) - do not indicate interface up",
1382 drv->first_bss->ifname);
1383 } else if (if_nametoindex(drv->first_bss->ifname) == 0) {
1384 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface up "
1385 "event since interface %s does not exist",
1386 drv->first_bss->ifname);
1387 } else if (drv->if_removed) {
1388 wpa_printf(MSG_DEBUG, "nl80211: Ignore interface up "
1389 "event since interface %s is marked "
1390 "removed", drv->first_bss->ifname);
1391 } else {
1392 /* Re-read MAC address as it may have changed */
1393 nl80211_refresh_mac(drv, ifi->ifi_index, 0);
1394
1395 drv->if_disabled = 0;
1396 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_ENABLED,
1397 NULL);
1398 }
1399 } else if (ifi->ifi_flags & IFF_UP) {
1400 /* Re-read MAC address as it may have changed */
1401 nl80211_refresh_mac(drv, ifi->ifi_index, 1);
1402 }
1403
1404 /*
1405 * Some drivers send the association event before the operup event--in
1406 * this case, lifting operstate in wpa_driver_nl80211_set_operstate()
1407 * fails. This will hit us when wpa_supplicant does not need to do
1408 * IEEE 802.1X authentication
1409 */
1410 if (drv->operstate == 1 &&
1411 (ifi->ifi_flags & (IFF_LOWER_UP | IFF_DORMANT)) == IFF_LOWER_UP &&
1412 !(ifi->ifi_flags & IFF_RUNNING)) {
1413 wpa_printf(MSG_DEBUG, "nl80211: Set IF_OPER_UP again based on ifi_flags and expected operstate");
1414 netlink_send_oper_ifla(drv->global->netlink, drv->ifindex,
1415 -1, IF_OPER_UP);
1416 }
1417
1418 event_newlink:
1419 if (ifname[0])
1420 wpa_driver_nl80211_event_newlink(global, drv, ifi->ifi_index,
1421 ifname);
1422
1423 if (ifi->ifi_family == AF_BRIDGE && brid && drv) {
1424 struct i802_bss *bss;
1425
1426 /* device has been added to bridge */
1427 if (!if_indextoname(brid, namebuf)) {
1428 wpa_printf(MSG_DEBUG,
1429 "nl80211: Could not find bridge ifname for ifindex %u",
1430 brid);
1431 return;
1432 }
1433 wpa_printf(MSG_DEBUG, "nl80211: Add ifindex %u for bridge %s",
1434 brid, namebuf);
1435 add_ifidx(drv, brid, ifi->ifi_index);
1436
1437 for (bss = drv->first_bss; bss; bss = bss->next) {
1438 if (os_strcmp(ifname, bss->ifname) == 0) {
1439 os_strlcpy(bss->brname, namebuf, IFNAMSIZ);
1440 break;
1441 }
1442 }
1443 }
1444 }
1445
1446
wpa_driver_nl80211_event_rtm_dellink(void * ctx,struct ifinfomsg * ifi,u8 * buf,size_t len)1447 static void wpa_driver_nl80211_event_rtm_dellink(void *ctx,
1448 struct ifinfomsg *ifi,
1449 u8 *buf, size_t len)
1450 {
1451 struct nl80211_global *global = ctx;
1452 struct wpa_driver_nl80211_data *drv;
1453 int attrlen;
1454 struct rtattr *attr;
1455 u32 brid = 0;
1456 char ifname[IFNAMSIZ + 1];
1457 char extra[100], *pos, *end;
1458
1459 extra[0] = '\0';
1460 pos = extra;
1461 end = pos + sizeof(extra);
1462 ifname[0] = '\0';
1463
1464 attrlen = len;
1465 attr = (struct rtattr *) buf;
1466 while (RTA_OK(attr, attrlen)) {
1467 switch (attr->rta_type) {
1468 case IFLA_IFNAME:
1469 if (RTA_PAYLOAD(attr) > IFNAMSIZ)
1470 break;
1471 os_memcpy(ifname, RTA_DATA(attr), RTA_PAYLOAD(attr));
1472 ifname[RTA_PAYLOAD(attr)] = '\0';
1473 break;
1474 case IFLA_MASTER:
1475 brid = nla_get_u32((struct nlattr *) attr);
1476 pos += os_snprintf(pos, end - pos, " master=%u", brid);
1477 break;
1478 case IFLA_OPERSTATE:
1479 pos += os_snprintf(pos, end - pos, " operstate=%u",
1480 nla_get_u32((struct nlattr *) attr));
1481 break;
1482 case IFLA_LINKMODE:
1483 pos += os_snprintf(pos, end - pos, " linkmode=%u",
1484 nla_get_u32((struct nlattr *) attr));
1485 break;
1486 }
1487 attr = RTA_NEXT(attr, attrlen);
1488 }
1489 extra[sizeof(extra) - 1] = '\0';
1490
1491 wpa_printf(MSG_DEBUG, "RTM_DELLINK: ifi_index=%d ifname=%s%s ifi_family=%d ifi_flags=0x%x (%s%s%s%s)",
1492 ifi->ifi_index, ifname, extra, ifi->ifi_family,
1493 ifi->ifi_flags,
1494 (ifi->ifi_flags & IFF_UP) ? "[UP]" : "",
1495 (ifi->ifi_flags & IFF_RUNNING) ? "[RUNNING]" : "",
1496 (ifi->ifi_flags & IFF_LOWER_UP) ? "[LOWER_UP]" : "",
1497 (ifi->ifi_flags & IFF_DORMANT) ? "[DORMANT]" : "");
1498
1499 drv = nl80211_find_drv(global, ifi->ifi_index, buf, len, NULL);
1500
1501 if (ifi->ifi_family == AF_BRIDGE && brid && drv) {
1502 /* device has been removed from bridge */
1503 char namebuf[IFNAMSIZ];
1504
1505 if (!if_indextoname(brid, namebuf)) {
1506 wpa_printf(MSG_DEBUG,
1507 "nl80211: Could not find bridge ifname for ifindex %u",
1508 brid);
1509 } else {
1510 wpa_printf(MSG_DEBUG,
1511 "nl80211: Remove ifindex %u for bridge %s",
1512 brid, namebuf);
1513 }
1514 del_ifidx(drv, brid, ifi->ifi_index);
1515 }
1516
1517 if (ifi->ifi_family != AF_BRIDGE || !brid)
1518 wpa_driver_nl80211_event_dellink(global, drv, ifi->ifi_index,
1519 ifname);
1520 }
1521
1522
1523 struct nl80211_get_assoc_freq_arg {
1524 struct wpa_driver_nl80211_data *drv;
1525 unsigned int assoc_freq;
1526 unsigned int ibss_freq;
1527 u8 assoc_bssid[ETH_ALEN];
1528 u8 assoc_ssid[SSID_MAX_LEN];
1529 u8 assoc_ssid_len;
1530 u8 bssid[MAX_NUM_MLD_LINKS][ETH_ALEN];
1531 unsigned int freq[MAX_NUM_MLD_LINKS];
1532 };
1533
nl80211_get_assoc_freq_handler(struct nl_msg * msg,void * arg)1534 static int nl80211_get_assoc_freq_handler(struct nl_msg *msg, void *arg)
1535 {
1536 struct nlattr *tb[NL80211_ATTR_MAX + 1];
1537 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
1538 struct nlattr *bss[NL80211_BSS_MAX + 1];
1539 static struct nla_policy bss_policy[NL80211_BSS_MAX + 1] = {
1540 [NL80211_BSS_BSSID] = { .type = NLA_UNSPEC },
1541 [NL80211_BSS_FREQUENCY] = { .type = NLA_U32 },
1542 [NL80211_BSS_INFORMATION_ELEMENTS] = { .type = NLA_UNSPEC },
1543 [NL80211_BSS_STATUS] = { .type = NLA_U32 },
1544 [NL80211_BSS_MLO_LINK_ID] = { .type = NLA_U8 },
1545 };
1546 struct nl80211_get_assoc_freq_arg *ctx = arg;
1547 enum nl80211_bss_status status;
1548 struct wpa_driver_nl80211_data *drv = ctx->drv;
1549
1550 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
1551 genlmsg_attrlen(gnlh, 0), NULL);
1552 if (!tb[NL80211_ATTR_BSS] ||
1553 nla_parse_nested(bss, NL80211_BSS_MAX, tb[NL80211_ATTR_BSS],
1554 bss_policy) ||
1555 !bss[NL80211_BSS_STATUS])
1556 return NL_SKIP;
1557
1558 status = nla_get_u32(bss[NL80211_BSS_STATUS]);
1559 if (status == NL80211_BSS_STATUS_ASSOCIATED &&
1560 bss[NL80211_BSS_FREQUENCY]) {
1561 int link_id = -1;
1562 u32 freq = nla_get_u32(bss[NL80211_BSS_FREQUENCY]);
1563
1564 if (bss[NL80211_BSS_MLO_LINK_ID])
1565 link_id = nla_get_u8(bss[NL80211_BSS_MLO_LINK_ID]);
1566
1567 if (link_id >= 0 && link_id < MAX_NUM_MLD_LINKS) {
1568 ctx->freq[link_id] = freq;
1569 wpa_printf(MSG_DEBUG,
1570 "nl80211: MLO link %d associated on %u MHz",
1571 link_id, ctx->freq[link_id]);
1572 }
1573
1574 if (!drv->sta_mlo_info.valid_links ||
1575 drv->sta_mlo_info.assoc_link_id == link_id) {
1576 ctx->assoc_freq = freq;
1577 wpa_printf(MSG_DEBUG, "nl80211: Associated on %u MHz",
1578 ctx->assoc_freq);
1579 }
1580 }
1581 if (status == NL80211_BSS_STATUS_IBSS_JOINED &&
1582 bss[NL80211_BSS_FREQUENCY]) {
1583 ctx->ibss_freq = nla_get_u32(bss[NL80211_BSS_FREQUENCY]);
1584 wpa_printf(MSG_DEBUG, "nl80211: IBSS-joined on %u MHz",
1585 ctx->ibss_freq);
1586 }
1587 if (status == NL80211_BSS_STATUS_ASSOCIATED &&
1588 bss[NL80211_BSS_BSSID]) {
1589 int link_id = -1;
1590 const u8 *bssid = nla_data(bss[NL80211_BSS_BSSID]);
1591
1592 if (bss[NL80211_BSS_MLO_LINK_ID])
1593 link_id = nla_get_u8(bss[NL80211_BSS_MLO_LINK_ID]);
1594
1595 if (link_id >= 0 && link_id < MAX_NUM_MLD_LINKS) {
1596 os_memcpy(ctx->bssid[link_id], bssid, ETH_ALEN);
1597 wpa_printf(MSG_DEBUG,
1598 "nl80211: MLO link %d associated with "
1599 MACSTR, link_id, MAC2STR(bssid));
1600 }
1601
1602 if (!drv->sta_mlo_info.valid_links ||
1603 drv->sta_mlo_info.assoc_link_id == link_id) {
1604 os_memcpy(ctx->assoc_bssid, bssid, ETH_ALEN);
1605 wpa_printf(MSG_DEBUG, "nl80211: Associated with "
1606 MACSTR, MAC2STR(bssid));
1607 }
1608
1609 }
1610
1611 if (status == NL80211_BSS_STATUS_ASSOCIATED &&
1612 bss[NL80211_BSS_INFORMATION_ELEMENTS]) {
1613 const u8 *ie, *ssid;
1614 size_t ie_len;
1615
1616 ie = nla_data(bss[NL80211_BSS_INFORMATION_ELEMENTS]);
1617 ie_len = nla_len(bss[NL80211_BSS_INFORMATION_ELEMENTS]);
1618 ssid = get_ie(ie, ie_len, WLAN_EID_SSID);
1619 if (ssid && ssid[1] > 0 && ssid[1] <= SSID_MAX_LEN) {
1620 ctx->assoc_ssid_len = ssid[1];
1621 os_memcpy(ctx->assoc_ssid, ssid + 2, ssid[1]);
1622 }
1623 }
1624
1625 return NL_SKIP;
1626 }
1627
1628
nl80211_get_assoc_ssid(struct wpa_driver_nl80211_data * drv,u8 * ssid)1629 int nl80211_get_assoc_ssid(struct wpa_driver_nl80211_data *drv, u8 *ssid)
1630 {
1631 struct nl_msg *msg;
1632 int ret;
1633 struct nl80211_get_assoc_freq_arg arg;
1634 int count = 0;
1635
1636 try_again:
1637 msg = nl80211_drv_msg(drv, NLM_F_DUMP, NL80211_CMD_GET_SCAN);
1638 os_memset(&arg, 0, sizeof(arg));
1639 arg.drv = drv;
1640 ret = send_and_recv_msgs(drv, msg, nl80211_get_assoc_freq_handler,
1641 &arg, NULL, NULL);
1642 if (ret == -EAGAIN) {
1643 count++;
1644 if (count >= 10) {
1645 wpa_printf(MSG_INFO,
1646 "nl80211: Failed to receive consistent scan result dump for get_assoc_ssid");
1647 } else {
1648 wpa_printf(MSG_DEBUG,
1649 "nl80211: Failed to receive consistent scan result dump for get_assoc_ssid - try again");
1650 goto try_again;
1651 }
1652 }
1653 if (ret == 0) {
1654 os_memcpy(ssid, arg.assoc_ssid, arg.assoc_ssid_len);
1655 return arg.assoc_ssid_len;
1656 }
1657 wpa_printf(MSG_DEBUG, "nl80211: Scan result fetch failed: ret=%d (%s)",
1658 ret, strerror(-ret));
1659 return ret;
1660 }
1661
1662
nl80211_get_assoc_freq(struct wpa_driver_nl80211_data * drv)1663 unsigned int nl80211_get_assoc_freq(struct wpa_driver_nl80211_data *drv)
1664 {
1665 struct nl_msg *msg;
1666 int ret;
1667 struct nl80211_get_assoc_freq_arg arg;
1668 int count = 0;
1669
1670 try_again:
1671 msg = nl80211_drv_msg(drv, NLM_F_DUMP, NL80211_CMD_GET_SCAN);
1672 os_memset(&arg, 0, sizeof(arg));
1673 arg.drv = drv;
1674 ret = send_and_recv_msgs(drv, msg, nl80211_get_assoc_freq_handler,
1675 &arg, NULL, NULL);
1676 if (ret == -EAGAIN) {
1677 count++;
1678 if (count >= 10) {
1679 wpa_printf(MSG_INFO,
1680 "nl80211: Failed to receive consistent scan result dump for get_assoc_freq");
1681 } else {
1682 wpa_printf(MSG_DEBUG,
1683 "nl80211: Failed to receive consistent scan result dump for get_assoc_freq - try again");
1684 goto try_again;
1685 }
1686 }
1687 if (ret == 0) {
1688 unsigned int freq = drv->nlmode == NL80211_IFTYPE_ADHOC ?
1689 arg.ibss_freq : arg.assoc_freq;
1690 wpa_printf(MSG_DEBUG, "nl80211: Operating frequency for the "
1691 "associated BSS from scan results: %u MHz", freq);
1692 if (freq)
1693 drv->assoc_freq = freq;
1694
1695 if (drv->sta_mlo_info.valid_links) {
1696 int i;
1697
1698 for (i = 0; i < MAX_NUM_MLD_LINKS; i++)
1699 drv->sta_mlo_info.links[i].freq = arg.freq[i];
1700 }
1701
1702 return drv->assoc_freq;
1703 }
1704 wpa_printf(MSG_DEBUG, "nl80211: Scan result fetch failed: ret=%d "
1705 "(%s)", ret, strerror(-ret));
1706 return drv->assoc_freq;
1707 }
1708
get_link_noise(struct nl_msg * msg,void * arg)1709 static int get_link_noise(struct nl_msg *msg, void *arg)
1710 {
1711 struct nlattr *tb[NL80211_ATTR_MAX + 1];
1712 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
1713 struct nlattr *sinfo[NL80211_SURVEY_INFO_MAX + 1];
1714 static struct nla_policy survey_policy[NL80211_SURVEY_INFO_MAX + 1] = {
1715 [NL80211_SURVEY_INFO_FREQUENCY] = { .type = NLA_U32 },
1716 [NL80211_SURVEY_INFO_NOISE] = { .type = NLA_U8 },
1717 };
1718 struct wpa_signal_info *sig_change = arg;
1719
1720 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
1721 genlmsg_attrlen(gnlh, 0), NULL);
1722
1723 if (!tb[NL80211_ATTR_SURVEY_INFO]) {
1724 wpa_printf(MSG_DEBUG, "nl80211: survey data missing!");
1725 return NL_SKIP;
1726 }
1727
1728 if (nla_parse_nested(sinfo, NL80211_SURVEY_INFO_MAX,
1729 tb[NL80211_ATTR_SURVEY_INFO],
1730 survey_policy)) {
1731 wpa_printf(MSG_DEBUG, "nl80211: failed to parse nested "
1732 "attributes!");
1733 return NL_SKIP;
1734 }
1735
1736 if (!sinfo[NL80211_SURVEY_INFO_FREQUENCY])
1737 return NL_SKIP;
1738
1739 if (nla_get_u32(sinfo[NL80211_SURVEY_INFO_FREQUENCY]) !=
1740 sig_change->frequency)
1741 return NL_SKIP;
1742
1743 if (!sinfo[NL80211_SURVEY_INFO_NOISE])
1744 return NL_SKIP;
1745
1746 sig_change->current_noise =
1747 (s8) nla_get_u8(sinfo[NL80211_SURVEY_INFO_NOISE]);
1748
1749 return NL_SKIP;
1750 }
1751
1752
nl80211_get_link_noise(struct wpa_driver_nl80211_data * drv,struct wpa_signal_info * sig_change)1753 int nl80211_get_link_noise(struct wpa_driver_nl80211_data *drv,
1754 struct wpa_signal_info *sig_change)
1755 {
1756 struct nl_msg *msg;
1757
1758 sig_change->current_noise = WPA_INVALID_NOISE;
1759 sig_change->frequency = drv->assoc_freq;
1760
1761 msg = nl80211_drv_msg(drv, NLM_F_DUMP, NL80211_CMD_GET_SURVEY);
1762 return send_and_recv_msgs(drv, msg, get_link_noise, sig_change,
1763 NULL, NULL);
1764 }
1765
1766
get_channel_info(struct nl_msg * msg,void * arg)1767 static int get_channel_info(struct nl_msg *msg, void *arg)
1768 {
1769 struct nlattr *tb[NL80211_ATTR_MAX + 1] = { 0 };
1770 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
1771 struct wpa_channel_info *chan_info = arg;
1772
1773 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
1774 genlmsg_attrlen(gnlh, 0), NULL);
1775
1776 os_memset(chan_info, 0, sizeof(struct wpa_channel_info));
1777 chan_info->chanwidth = CHAN_WIDTH_UNKNOWN;
1778
1779 if (tb[NL80211_ATTR_WIPHY_FREQ])
1780 chan_info->frequency =
1781 nla_get_u32(tb[NL80211_ATTR_WIPHY_FREQ]);
1782 if (tb[NL80211_ATTR_CHANNEL_WIDTH])
1783 chan_info->chanwidth = convert2width(
1784 nla_get_u32(tb[NL80211_ATTR_CHANNEL_WIDTH]));
1785 if (tb[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) {
1786 enum nl80211_channel_type ct =
1787 nla_get_u32(tb[NL80211_ATTR_WIPHY_CHANNEL_TYPE]);
1788
1789 switch (ct) {
1790 case NL80211_CHAN_HT40MINUS:
1791 chan_info->sec_channel = -1;
1792 break;
1793 case NL80211_CHAN_HT40PLUS:
1794 chan_info->sec_channel = 1;
1795 break;
1796 default:
1797 chan_info->sec_channel = 0;
1798 break;
1799 }
1800 }
1801 if (tb[NL80211_ATTR_CENTER_FREQ1])
1802 chan_info->center_frq1 =
1803 nla_get_u32(tb[NL80211_ATTR_CENTER_FREQ1]);
1804 if (tb[NL80211_ATTR_CENTER_FREQ2])
1805 chan_info->center_frq2 =
1806 nla_get_u32(tb[NL80211_ATTR_CENTER_FREQ2]);
1807
1808 if (chan_info->center_frq2) {
1809 u8 seg1_idx = 0;
1810
1811 if (ieee80211_freq_to_chan(chan_info->center_frq2, &seg1_idx) !=
1812 NUM_HOSTAPD_MODES)
1813 chan_info->seg1_idx = seg1_idx;
1814 }
1815
1816 return NL_SKIP;
1817 }
1818
1819
nl80211_channel_info(void * priv,struct wpa_channel_info * ci)1820 static int nl80211_channel_info(void *priv, struct wpa_channel_info *ci)
1821 {
1822 struct i802_bss *bss = priv;
1823 struct wpa_driver_nl80211_data *drv = bss->drv;
1824 struct nl_msg *msg;
1825
1826 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_GET_INTERFACE);
1827 return send_and_recv_msgs(drv, msg, get_channel_info, ci, NULL, NULL);
1828 }
1829
1830
wpa_driver_nl80211_event_receive(int sock,void * eloop_ctx,void * handle)1831 static void wpa_driver_nl80211_event_receive(int sock, void *eloop_ctx,
1832 void *handle)
1833 {
1834 struct nl_cb *cb = eloop_ctx;
1835 int res;
1836
1837 wpa_printf(MSG_MSGDUMP, "nl80211: Event message available");
1838
1839 res = nl_recvmsgs(handle, cb);
1840 if (res < 0) {
1841 wpa_printf(MSG_INFO, "nl80211: %s->nl_recvmsgs failed: %d",
1842 __func__, res);
1843 }
1844 }
1845
1846
1847 /**
1848 * wpa_driver_nl80211_set_country - ask nl80211 to set the regulatory domain
1849 * @priv: driver_nl80211 private data
1850 * @alpha2_arg: country to which to switch to
1851 * Returns: 0 on success, -1 on failure
1852 *
1853 * This asks nl80211 to set the regulatory domain for given
1854 * country ISO / IEC alpha2.
1855 */
wpa_driver_nl80211_set_country(void * priv,const char * alpha2_arg)1856 static int wpa_driver_nl80211_set_country(void *priv, const char *alpha2_arg)
1857 {
1858 struct i802_bss *bss = priv;
1859 struct wpa_driver_nl80211_data *drv = bss->drv;
1860 char alpha2[3];
1861 struct nl_msg *msg;
1862
1863 msg = nlmsg_alloc();
1864 if (!msg)
1865 return -ENOMEM;
1866
1867 alpha2[0] = alpha2_arg[0];
1868 alpha2[1] = alpha2_arg[1];
1869 alpha2[2] = '\0';
1870
1871 if (!nl80211_cmd(drv, msg, 0, NL80211_CMD_REQ_SET_REG) ||
1872 nla_put_string(msg, NL80211_ATTR_REG_ALPHA2, alpha2)) {
1873 nlmsg_free(msg);
1874 return -EINVAL;
1875 }
1876 if (send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL))
1877 return -EINVAL;
1878 return 0;
1879 }
1880
1881
nl80211_get_country(struct nl_msg * msg,void * arg)1882 static int nl80211_get_country(struct nl_msg *msg, void *arg)
1883 {
1884 char *alpha2 = arg;
1885 struct nlattr *tb_msg[NL80211_ATTR_MAX + 1];
1886 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
1887
1888 nla_parse(tb_msg, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
1889 genlmsg_attrlen(gnlh, 0), NULL);
1890 if (!tb_msg[NL80211_ATTR_REG_ALPHA2]) {
1891 wpa_printf(MSG_DEBUG, "nl80211: No country information available");
1892 return NL_SKIP;
1893 }
1894 os_strlcpy(alpha2, nla_data(tb_msg[NL80211_ATTR_REG_ALPHA2]), 3);
1895 return NL_SKIP;
1896 }
1897
1898
wpa_driver_nl80211_get_country(void * priv,char * alpha2)1899 static int wpa_driver_nl80211_get_country(void *priv, char *alpha2)
1900 {
1901 struct i802_bss *bss = priv;
1902 struct wpa_driver_nl80211_data *drv = bss->drv;
1903 struct nl_msg *msg;
1904 int ret;
1905
1906 msg = nlmsg_alloc();
1907 if (!msg)
1908 return -ENOMEM;
1909
1910 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_REG);
1911
1912 if (drv->capa.flags & WPA_DRIVER_FLAGS_SELF_MANAGED_REGULATORY) {
1913 /* put wiphy idx to get the interface specific country code
1914 * instead of the global one. */
1915 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, drv->wiphy_idx)) {
1916 nlmsg_free(msg);
1917 return -1;
1918 }
1919 }
1920
1921 alpha2[0] = '\0';
1922 ret = send_and_recv_msgs(drv, msg, nl80211_get_country, alpha2,
1923 NULL, NULL);
1924 if (!alpha2[0])
1925 ret = -1;
1926
1927 return ret;
1928 }
1929
1930
wpa_driver_nl80211_init_nl_global(struct nl80211_global * global)1931 static int wpa_driver_nl80211_init_nl_global(struct nl80211_global *global)
1932 {
1933 int ret;
1934
1935 global->nl_cb = nl_cb_alloc(NL_CB_DEFAULT);
1936 if (global->nl_cb == NULL) {
1937 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate netlink "
1938 "callbacks");
1939 return -1;
1940 }
1941
1942 global->nl = nl_create_handle(global->nl_cb, "nl");
1943 if (global->nl == NULL)
1944 goto err;
1945
1946 global->nl80211_id = genl_ctrl_resolve(global->nl, "nl80211");
1947 if (global->nl80211_id < 0) {
1948 wpa_printf(MSG_ERROR, "nl80211: 'nl80211' generic netlink not "
1949 "found");
1950 goto err;
1951 }
1952
1953 global->nlctrl_id = genl_ctrl_resolve(global->nl, "nlctrl");
1954 if (global->nlctrl_id < 0) {
1955 wpa_printf(MSG_ERROR,
1956 "nl80211: 'nlctrl' generic netlink not found");
1957 goto err;
1958 }
1959
1960 global->nl_event = nl_create_handle(global->nl_cb, "event");
1961 if (global->nl_event == NULL)
1962 goto err;
1963
1964 ret = nl_get_multicast_id(global, "nl80211", "scan");
1965 if (ret >= 0)
1966 ret = nl_socket_add_membership(global->nl_event, ret);
1967 if (ret < 0) {
1968 wpa_printf(MSG_ERROR, "nl80211: Could not add multicast "
1969 "membership for scan events: %d (%s)",
1970 ret, nl_geterror(ret));
1971 goto err;
1972 }
1973
1974 ret = nl_get_multicast_id(global, "nl80211", "mlme");
1975 if (ret >= 0)
1976 ret = nl_socket_add_membership(global->nl_event, ret);
1977 if (ret < 0) {
1978 wpa_printf(MSG_ERROR, "nl80211: Could not add multicast "
1979 "membership for mlme events: %d (%s)",
1980 ret, nl_geterror(ret));
1981 goto err;
1982 }
1983
1984 ret = nl_get_multicast_id(global, "nl80211", "regulatory");
1985 if (ret >= 0)
1986 ret = nl_socket_add_membership(global->nl_event, ret);
1987 if (ret < 0) {
1988 wpa_printf(MSG_DEBUG, "nl80211: Could not add multicast "
1989 "membership for regulatory events: %d (%s)",
1990 ret, nl_geterror(ret));
1991 /* Continue without regulatory events */
1992 }
1993
1994 ret = nl_get_multicast_id(global, "nl80211", "vendor");
1995 if (ret >= 0)
1996 ret = nl_socket_add_membership(global->nl_event, ret);
1997 if (ret < 0) {
1998 wpa_printf(MSG_DEBUG, "nl80211: Could not add multicast "
1999 "membership for vendor events: %d (%s)",
2000 ret, nl_geterror(ret));
2001 /* Continue without vendor events */
2002 }
2003
2004 nl_cb_set(global->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM,
2005 no_seq_check, NULL);
2006 nl_cb_set(global->nl_cb, NL_CB_VALID, NL_CB_CUSTOM,
2007 process_global_event, global);
2008
2009 nl80211_register_eloop_read(&global->nl_event,
2010 wpa_driver_nl80211_event_receive,
2011 global->nl_cb, 0);
2012
2013 return 0;
2014
2015 err:
2016 nl_destroy_handles(&global->nl_event);
2017 nl_destroy_handles(&global->nl);
2018 nl_cb_put(global->nl_cb);
2019 global->nl_cb = NULL;
2020 return -1;
2021 }
2022
2023
nl80211_check_global(struct nl80211_global * global)2024 static void nl80211_check_global(struct nl80211_global *global)
2025 {
2026 struct nl_sock *handle;
2027 const char *groups[] = { "scan", "mlme", "regulatory", "vendor", NULL };
2028 int ret;
2029 unsigned int i;
2030
2031 /*
2032 * Try to re-add memberships to handle case of cfg80211 getting reloaded
2033 * and all registration having been cleared.
2034 */
2035 handle = (void *) (((intptr_t) global->nl_event) ^
2036 ELOOP_SOCKET_INVALID);
2037
2038 for (i = 0; groups[i]; i++) {
2039 ret = nl_get_multicast_id(global, "nl80211", groups[i]);
2040 if (ret >= 0)
2041 ret = nl_socket_add_membership(handle, ret);
2042 if (ret < 0) {
2043 wpa_printf(MSG_INFO,
2044 "nl80211: Could not re-add multicast membership for %s events: %d (%s)",
2045 groups[i], ret, nl_geterror(ret));
2046 }
2047 }
2048 }
2049
2050
wpa_driver_nl80211_rfkill_blocked(void * ctx)2051 static void wpa_driver_nl80211_rfkill_blocked(void *ctx)
2052 {
2053 struct wpa_driver_nl80211_data *drv = ctx;
2054
2055 wpa_printf(MSG_DEBUG, "nl80211: RFKILL blocked");
2056
2057 /*
2058 * rtnetlink ifdown handler will report interfaces other than the P2P
2059 * Device interface as disabled.
2060 */
2061 if (drv->nlmode == NL80211_IFTYPE_P2P_DEVICE)
2062 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_DISABLED, NULL);
2063 }
2064
2065
wpa_driver_nl80211_rfkill_unblocked(void * ctx)2066 static void wpa_driver_nl80211_rfkill_unblocked(void *ctx)
2067 {
2068 struct wpa_driver_nl80211_data *drv = ctx;
2069 wpa_printf(MSG_DEBUG, "nl80211: RFKILL unblocked");
2070 if (i802_set_iface_flags(drv->first_bss, 1)) {
2071 wpa_printf(MSG_DEBUG, "nl80211: Could not set interface UP "
2072 "after rfkill unblock");
2073 return;
2074 }
2075
2076 if (is_p2p_net_interface(drv->nlmode))
2077 nl80211_disable_11b_rates(drv, drv->ifindex, 1);
2078
2079 /*
2080 * rtnetlink ifup handler will report interfaces other than the P2P
2081 * Device interface as enabled.
2082 */
2083 if (drv->nlmode == NL80211_IFTYPE_P2P_DEVICE)
2084 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_ENABLED, NULL);
2085 }
2086
2087
wpa_driver_nl80211_handle_eapol_tx_status(int sock,void * eloop_ctx,void * handle)2088 static void wpa_driver_nl80211_handle_eapol_tx_status(int sock,
2089 void *eloop_ctx,
2090 void *handle)
2091 {
2092 struct wpa_driver_nl80211_data *drv = eloop_ctx;
2093 u8 data[2048];
2094 struct msghdr msg;
2095 struct iovec entry;
2096 u8 control[512];
2097 struct cmsghdr *cmsg;
2098 int res, found_ee = 0, found_wifi = 0, acked = 0;
2099 union wpa_event_data event;
2100
2101 memset(&msg, 0, sizeof(msg));
2102 msg.msg_iov = &entry;
2103 msg.msg_iovlen = 1;
2104 entry.iov_base = data;
2105 entry.iov_len = sizeof(data);
2106 msg.msg_control = &control;
2107 msg.msg_controllen = sizeof(control);
2108
2109 res = recvmsg(sock, &msg, MSG_ERRQUEUE);
2110 /* if error or not fitting 802.3 header, return */
2111 if (res < 14)
2112 return;
2113
2114 for (cmsg = CMSG_FIRSTHDR(&msg); cmsg; cmsg = CMSG_NXTHDR(&msg, cmsg))
2115 {
2116 if (cmsg->cmsg_level == SOL_SOCKET &&
2117 cmsg->cmsg_type == SCM_WIFI_STATUS) {
2118 int *ack;
2119
2120 found_wifi = 1;
2121 ack = (void *)CMSG_DATA(cmsg);
2122 acked = *ack;
2123 }
2124
2125 if (cmsg->cmsg_level == SOL_PACKET &&
2126 cmsg->cmsg_type == PACKET_TX_TIMESTAMP) {
2127 struct sock_extended_err *err =
2128 (struct sock_extended_err *)CMSG_DATA(cmsg);
2129
2130 if (err->ee_origin == SO_EE_ORIGIN_TXSTATUS)
2131 found_ee = 1;
2132 }
2133 }
2134
2135 if (!found_ee || !found_wifi)
2136 return;
2137
2138 memset(&event, 0, sizeof(event));
2139 event.eapol_tx_status.dst = data;
2140 event.eapol_tx_status.data = data + 14;
2141 event.eapol_tx_status.data_len = res - 14;
2142 event.eapol_tx_status.ack = acked;
2143 wpa_supplicant_event(drv->ctx, EVENT_EAPOL_TX_STATUS, &event);
2144 }
2145
2146
nl80211_init_connect_handle(struct i802_bss * bss)2147 static int nl80211_init_connect_handle(struct i802_bss *bss)
2148 {
2149 if (bss->nl_connect) {
2150 wpa_printf(MSG_DEBUG,
2151 "nl80211: Connect handle already created (nl_connect=%p)",
2152 bss->nl_connect);
2153 return -1;
2154 }
2155
2156 bss->nl_connect = nl_create_handle(bss->nl_cb, "connect");
2157 if (!bss->nl_connect)
2158 return -1;
2159 nl80211_register_eloop_read(&bss->nl_connect,
2160 wpa_driver_nl80211_event_receive,
2161 bss->nl_cb, 1);
2162 return 0;
2163 }
2164
2165
nl80211_init_bss(struct i802_bss * bss)2166 static int nl80211_init_bss(struct i802_bss *bss)
2167 {
2168 bss->nl_cb = nl_cb_alloc(NL_CB_DEFAULT);
2169 if (!bss->nl_cb)
2170 return -1;
2171
2172 nl_cb_set(bss->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM,
2173 no_seq_check, NULL);
2174 nl_cb_set(bss->nl_cb, NL_CB_VALID, NL_CB_CUSTOM,
2175 process_bss_event, bss);
2176
2177 nl80211_init_connect_handle(bss);
2178
2179 return 0;
2180 }
2181
2182
nl80211_destroy_bss(struct i802_bss * bss)2183 static void nl80211_destroy_bss(struct i802_bss *bss)
2184 {
2185 nl_cb_put(bss->nl_cb);
2186 bss->nl_cb = NULL;
2187
2188 if (bss->nl_connect)
2189 nl80211_destroy_eloop_handle(&bss->nl_connect, 1);
2190 }
2191
2192
2193 static void
wpa_driver_nl80211_drv_init_rfkill(struct wpa_driver_nl80211_data * drv)2194 wpa_driver_nl80211_drv_init_rfkill(struct wpa_driver_nl80211_data *drv)
2195 {
2196 struct rfkill_config *rcfg;
2197
2198 if (drv->rfkill)
2199 return;
2200
2201 rcfg = os_zalloc(sizeof(*rcfg));
2202 if (!rcfg)
2203 return;
2204
2205 rcfg->ctx = drv;
2206
2207 /* rfkill uses netdev sysfs for initialization. However, P2P Device is
2208 * not associated with a netdev, so use the name of some other interface
2209 * sharing the same wiphy as the P2P Device interface.
2210 *
2211 * Note: This is valid, as a P2P Device interface is always dynamically
2212 * created and is created only once another wpa_s interface was added.
2213 */
2214 if (drv->nlmode == NL80211_IFTYPE_P2P_DEVICE) {
2215 struct nl80211_global *global = drv->global;
2216 struct wpa_driver_nl80211_data *tmp1;
2217
2218 dl_list_for_each(tmp1, &global->interfaces,
2219 struct wpa_driver_nl80211_data, list) {
2220 if (drv == tmp1 || drv->wiphy_idx != tmp1->wiphy_idx ||
2221 !tmp1->rfkill)
2222 continue;
2223
2224 wpa_printf(MSG_DEBUG,
2225 "nl80211: Use (%s) to initialize P2P Device rfkill",
2226 tmp1->first_bss->ifname);
2227 os_strlcpy(rcfg->ifname, tmp1->first_bss->ifname,
2228 sizeof(rcfg->ifname));
2229 break;
2230 }
2231 } else {
2232 os_strlcpy(rcfg->ifname, drv->first_bss->ifname,
2233 sizeof(rcfg->ifname));
2234 }
2235
2236 rcfg->blocked_cb = wpa_driver_nl80211_rfkill_blocked;
2237 rcfg->unblocked_cb = wpa_driver_nl80211_rfkill_unblocked;
2238 drv->rfkill = rfkill_init(rcfg);
2239 if (!drv->rfkill) {
2240 wpa_printf(MSG_DEBUG, "nl80211: RFKILL status not available");
2241 os_free(rcfg);
2242 }
2243 }
2244
2245
wpa_driver_nl80211_drv_init(void * ctx,const char * ifname,void * global_priv,int hostapd,const u8 * set_addr,const char * driver_params)2246 static void * wpa_driver_nl80211_drv_init(void *ctx, const char *ifname,
2247 void *global_priv, int hostapd,
2248 const u8 *set_addr,
2249 const char *driver_params)
2250 {
2251 struct wpa_driver_nl80211_data *drv;
2252 struct i802_bss *bss;
2253 unsigned int i;
2254
2255 if (global_priv == NULL)
2256 return NULL;
2257 drv = os_zalloc(sizeof(*drv));
2258 if (drv == NULL)
2259 return NULL;
2260 drv->global = global_priv;
2261 drv->ctx = ctx;
2262 drv->hostapd = !!hostapd;
2263 drv->eapol_sock = -1;
2264
2265 /*
2266 * There is no driver capability flag for this, so assume it is
2267 * supported and disable this on first attempt to use if the driver
2268 * rejects the command due to missing support.
2269 */
2270 drv->set_rekey_offload = 1;
2271
2272 drv->num_if_indices = ARRAY_SIZE(drv->default_if_indices);
2273 drv->if_indices = drv->default_if_indices;
2274
2275 drv->first_bss = os_zalloc(sizeof(*drv->first_bss));
2276 if (!drv->first_bss) {
2277 os_free(drv);
2278 return NULL;
2279 }
2280 bss = drv->first_bss;
2281 bss->drv = drv;
2282 bss->ctx = ctx;
2283
2284 os_strlcpy(bss->ifname, ifname, sizeof(bss->ifname));
2285 drv->monitor_ifidx = -1;
2286 drv->monitor_sock = -1;
2287 drv->eapol_tx_sock = -1;
2288 drv->ap_scan_as_station = NL80211_IFTYPE_UNSPECIFIED;
2289
2290 if (nl80211_init_bss(bss))
2291 goto failed;
2292
2293 if (wpa_driver_nl80211_finish_drv_init(drv, set_addr, 1, driver_params))
2294 goto failed;
2295
2296 if (drv->capa.flags2 & WPA_DRIVER_FLAGS2_CONTROL_PORT_TX_STATUS) {
2297 drv->control_port_ap = 1;
2298 goto skip_wifi_status;
2299 }
2300
2301 drv->eapol_tx_sock = socket(PF_PACKET, SOCK_DGRAM, 0);
2302 if (drv->eapol_tx_sock < 0)
2303 goto failed;
2304
2305 if (drv->data_tx_status) {
2306 int enabled = 1;
2307
2308 if (setsockopt(drv->eapol_tx_sock, SOL_SOCKET, SO_WIFI_STATUS,
2309 &enabled, sizeof(enabled)) < 0) {
2310 wpa_printf(MSG_DEBUG,
2311 "nl80211: wifi status sockopt failed: %s",
2312 strerror(errno));
2313 drv->data_tx_status = 0;
2314 if (!drv->use_monitor)
2315 drv->capa.flags &=
2316 ~WPA_DRIVER_FLAGS_EAPOL_TX_STATUS;
2317 } else {
2318 eloop_register_read_sock(
2319 drv->eapol_tx_sock,
2320 wpa_driver_nl80211_handle_eapol_tx_status,
2321 drv, NULL);
2322 }
2323 }
2324 skip_wifi_status:
2325
2326 if (drv->global) {
2327 nl80211_check_global(drv->global);
2328 dl_list_add(&drv->global->interfaces, &drv->list);
2329 drv->in_interface_list = 1;
2330 }
2331
2332 /*
2333 * Set the default link to be the first one, and set its address to that
2334 * of the interface.
2335 */
2336 bss->flink = &bss->links[0];
2337 bss->n_links = 1;
2338 os_memcpy(bss->flink->addr, bss->addr, ETH_ALEN);
2339
2340 for (i = 0; i < MAX_NUM_MLD_LINKS; i++)
2341 bss->links[i].link_id = NL80211_DRV_LINK_ID_NA;
2342
2343 return bss;
2344
2345 failed:
2346 wpa_driver_nl80211_deinit(bss);
2347 return NULL;
2348 }
2349
2350
2351 /**
2352 * wpa_driver_nl80211_init - Initialize nl80211 driver interface
2353 * @ctx: context to be used when calling wpa_supplicant functions,
2354 * e.g., wpa_supplicant_event()
2355 * @ifname: interface name, e.g., wlan0
2356 * @global_priv: private driver global data from global_init()
2357 * Returns: Pointer to private data, %NULL on failure
2358 */
wpa_driver_nl80211_init(void * ctx,const char * ifname,void * global_priv)2359 static void * wpa_driver_nl80211_init(void *ctx, const char *ifname,
2360 void *global_priv)
2361 {
2362 return wpa_driver_nl80211_drv_init(ctx, ifname, global_priv, 0, NULL,
2363 NULL);
2364 }
2365
2366
nl80211_register_frame(struct i802_bss * bss,struct nl_sock * nl_handle,u16 type,const u8 * match,size_t match_len,bool multicast)2367 static int nl80211_register_frame(struct i802_bss *bss,
2368 struct nl_sock *nl_handle,
2369 u16 type, const u8 *match, size_t match_len,
2370 bool multicast)
2371 {
2372 struct wpa_driver_nl80211_data *drv = bss->drv;
2373 struct nl_msg *msg;
2374 int ret;
2375 char buf[30];
2376
2377 buf[0] = '\0';
2378 wpa_snprintf_hex(buf, sizeof(buf), match, match_len);
2379 wpa_printf(MSG_DEBUG,
2380 "nl80211: Register frame type=0x%x (%s) nl_handle=%p match=%s multicast=%d",
2381 type, fc2str(type), nl_handle, buf, multicast);
2382
2383 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_REGISTER_FRAME)) ||
2384 (multicast && nla_put_flag(msg, NL80211_ATTR_RECEIVE_MULTICAST)) ||
2385 nla_put_u16(msg, NL80211_ATTR_FRAME_TYPE, type) ||
2386 nla_put(msg, NL80211_ATTR_FRAME_MATCH, match_len, match)) {
2387 nlmsg_free(msg);
2388 return -1;
2389 }
2390
2391 ret = send_and_recv(drv->global, nl_handle, msg, NULL, NULL,
2392 NULL, NULL);
2393 if (ret) {
2394 wpa_printf(MSG_DEBUG, "nl80211: Register frame command "
2395 "failed (type=%u): ret=%d (%s)",
2396 type, ret, strerror(-ret));
2397 wpa_hexdump(MSG_DEBUG, "nl80211: Register frame match",
2398 match, match_len);
2399 }
2400 return ret;
2401 }
2402
2403
nl80211_alloc_mgmt_handle(struct i802_bss * bss)2404 static int nl80211_alloc_mgmt_handle(struct i802_bss *bss)
2405 {
2406 if (bss->nl_mgmt) {
2407 wpa_printf(MSG_DEBUG, "nl80211: Mgmt reporting "
2408 "already on! (nl_mgmt=%p)", bss->nl_mgmt);
2409 return -1;
2410 }
2411
2412 bss->nl_mgmt = nl_create_handle(bss->nl_cb, "mgmt");
2413 if (bss->nl_mgmt == NULL)
2414 return -1;
2415
2416 return 0;
2417 }
2418
2419
nl80211_mgmt_handle_register_eloop(struct i802_bss * bss)2420 static void nl80211_mgmt_handle_register_eloop(struct i802_bss *bss)
2421 {
2422 nl80211_register_eloop_read(&bss->nl_mgmt,
2423 wpa_driver_nl80211_event_receive,
2424 bss->nl_cb, 0);
2425 }
2426
2427
nl80211_register_action_frame(struct i802_bss * bss,const u8 * match,size_t match_len)2428 static int nl80211_register_action_frame(struct i802_bss *bss,
2429 const u8 *match, size_t match_len)
2430 {
2431 u16 type = (WLAN_FC_TYPE_MGMT << 2) | (WLAN_FC_STYPE_ACTION << 4);
2432 return nl80211_register_frame(bss, bss->nl_mgmt,
2433 type, match, match_len, false);
2434 }
2435
2436
nl80211_mgmt_subscribe_non_ap(struct i802_bss * bss)2437 static int nl80211_mgmt_subscribe_non_ap(struct i802_bss *bss)
2438 {
2439 struct wpa_driver_nl80211_data *drv = bss->drv;
2440 u16 type = (WLAN_FC_TYPE_MGMT << 2) | (WLAN_FC_STYPE_AUTH << 4);
2441 int ret = 0;
2442
2443 if (nl80211_alloc_mgmt_handle(bss))
2444 return -1;
2445 wpa_printf(MSG_DEBUG, "nl80211: Subscribe to mgmt frames with non-AP "
2446 "handle %p", bss->nl_mgmt);
2447
2448 if (drv->nlmode == NL80211_IFTYPE_ADHOC) {
2449 /* register for any AUTH message */
2450 nl80211_register_frame(bss, bss->nl_mgmt, type, NULL, 0, false);
2451 } else if ((drv->capa.flags & WPA_DRIVER_FLAGS_SAE) &&
2452 !(drv->capa.flags & WPA_DRIVER_FLAGS_SME)) {
2453 /* register for SAE Authentication frames */
2454 nl80211_register_frame(bss, bss->nl_mgmt, type,
2455 (u8 *) "\x03\x00", 2, false);
2456 }
2457
2458 #ifdef CONFIG_PASN
2459 /* register for PASN Authentication frames */
2460 if (nl80211_register_frame(bss, bss->nl_mgmt, type,
2461 (u8 *) "\x07\x00", 2, false))
2462 ret = -1;
2463 #endif /* CONFIG_PASN */
2464
2465 #ifdef CONFIG_INTERWORKING
2466 /* QoS Map Configure */
2467 if (nl80211_register_action_frame(bss, (u8 *) "\x01\x04", 2) < 0)
2468 ret = -1;
2469 #endif /* CONFIG_INTERWORKING */
2470 #if defined(CONFIG_P2P) || defined(CONFIG_INTERWORKING) || defined(CONFIG_DPP)
2471 /* GAS Initial Request */
2472 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0a", 2) < 0)
2473 ret = -1;
2474 /* GAS Initial Response */
2475 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0b", 2) < 0)
2476 ret = -1;
2477 /* GAS Comeback Request */
2478 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0c", 2) < 0)
2479 ret = -1;
2480 /* GAS Comeback Response */
2481 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0d", 2) < 0)
2482 ret = -1;
2483 /* Protected GAS Initial Request */
2484 if (nl80211_register_action_frame(bss, (u8 *) "\x09\x0a", 2) < 0)
2485 ret = -1;
2486 /* Protected GAS Initial Response */
2487 if (nl80211_register_action_frame(bss, (u8 *) "\x09\x0b", 2) < 0)
2488 ret = -1;
2489 /* Protected GAS Comeback Request */
2490 if (nl80211_register_action_frame(bss, (u8 *) "\x09\x0c", 2) < 0)
2491 ret = -1;
2492 /* Protected GAS Comeback Response */
2493 if (nl80211_register_action_frame(bss, (u8 *) "\x09\x0d", 2) < 0)
2494 ret = -1;
2495 #endif /* CONFIG_P2P || CONFIG_INTERWORKING || CONFIG_DPP */
2496 #ifdef CONFIG_P2P
2497 /* P2P Public Action */
2498 if (nl80211_register_action_frame(bss,
2499 (u8 *) "\x04\x09\x50\x6f\x9a\x09",
2500 6) < 0)
2501 ret = -1;
2502 /* P2P Action */
2503 if (nl80211_register_action_frame(bss,
2504 (u8 *) "\x7f\x50\x6f\x9a\x09",
2505 5) < 0)
2506 ret = -1;
2507 #endif /* CONFIG_P2P */
2508 #ifdef CONFIG_DPP
2509 /* DPP Public Action */
2510 if (nl80211_register_action_frame(bss,
2511 (u8 *) "\x04\x09\x50\x6f\x9a\x1a",
2512 6) < 0)
2513 ret = -1;
2514 #endif /* CONFIG_DPP */
2515 #ifdef CONFIG_OCV
2516 /* SA Query Request */
2517 if (nl80211_register_action_frame(bss, (u8 *) "\x08\x00", 2) < 0)
2518 ret = -1;
2519 #endif /* CONFIG_OCV */
2520 /* SA Query Response */
2521 if (nl80211_register_action_frame(bss, (u8 *) "\x08\x01", 2) < 0)
2522 ret = -1;
2523 #ifdef CONFIG_TDLS
2524 if ((drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT)) {
2525 /* TDLS Discovery Response */
2526 if (nl80211_register_action_frame(bss, (u8 *) "\x04\x0e", 2) <
2527 0)
2528 ret = -1;
2529 }
2530 #endif /* CONFIG_TDLS */
2531 #ifdef CONFIG_FST
2532 /* FST Action frames */
2533 if (nl80211_register_action_frame(bss, (u8 *) "\x12", 1) < 0)
2534 ret = -1;
2535 #endif /* CONFIG_FST */
2536
2537 /* FT Action frames */
2538 if (nl80211_register_action_frame(bss, (u8 *) "\x06", 1) < 0)
2539 ret = -1;
2540 else if (!drv->has_driver_key_mgmt) {
2541 int i;
2542
2543 /* Update supported AKMs only if the driver doesn't advertize
2544 * any AKM capabilities. */
2545 drv->capa.key_mgmt |= WPA_DRIVER_CAPA_KEY_MGMT_FT |
2546 WPA_DRIVER_CAPA_KEY_MGMT_FT_PSK;
2547
2548 /* Update per interface supported AKMs */
2549 for (i = 0; i < WPA_IF_MAX; i++)
2550 drv->capa.key_mgmt_iftype[i] = drv->capa.key_mgmt;
2551 }
2552
2553 /* WNM - BSS Transition Management Request */
2554 if (nl80211_register_action_frame(bss, (u8 *) "\x0a\x07", 2) < 0)
2555 ret = -1;
2556 /* WNM-Sleep Mode Response */
2557 if (nl80211_register_action_frame(bss, (u8 *) "\x0a\x11", 2) < 0)
2558 ret = -1;
2559 #ifdef CONFIG_WNM
2560 /* WNM - Collocated Interference Request */
2561 if (nl80211_register_action_frame(bss, (u8 *) "\x0a\x0b", 2) < 0)
2562 ret = -1;
2563 #endif /* CONFIG_WNM */
2564
2565 #ifdef CONFIG_HS20
2566 /* WNM-Notification */
2567 if (nl80211_register_action_frame(bss, (u8 *) "\x0a\x1a", 2) < 0)
2568 ret = -1;
2569 #endif /* CONFIG_HS20 */
2570
2571 /* WMM-AC ADDTS Response */
2572 if (nl80211_register_action_frame(bss, (u8 *) "\x11\x01", 2) < 0)
2573 ret = -1;
2574
2575 /* WMM-AC DELTS */
2576 if (nl80211_register_action_frame(bss, (u8 *) "\x11\x02", 2) < 0)
2577 ret = -1;
2578
2579 /* Radio Measurement - Neighbor Report Response */
2580 if (nl80211_register_action_frame(bss, (u8 *) "\x05\x05", 2) < 0)
2581 ret = -1;
2582
2583 /* Radio Measurement - Radio Measurement Request */
2584 if (!drv->no_rrm &&
2585 nl80211_register_action_frame(bss, (u8 *) "\x05\x00", 2) < 0)
2586 ret = -1;
2587
2588 /* Radio Measurement - Link Measurement Request */
2589 if ((drv->capa.rrm_flags & WPA_DRIVER_FLAGS_TX_POWER_INSERTION) &&
2590 (nl80211_register_action_frame(bss, (u8 *) "\x05\x02", 2) < 0))
2591 ret = -1;
2592
2593 /* Robust AV SCS Response */
2594 if (nl80211_register_action_frame(bss, (u8 *) "\x13\x01", 2) < 0)
2595 ret = -1;
2596
2597 /* Robust AV MSCS Response */
2598 if (nl80211_register_action_frame(bss, (u8 *) "\x13\x05", 2) < 0)
2599 ret = -1;
2600
2601 /* Protected QoS Management Action frame */
2602 if (nl80211_register_action_frame(bss, (u8 *) "\x7e\x50\x6f\x9a\x1a",
2603 5) < 0)
2604 ret = -1;
2605
2606 nl80211_mgmt_handle_register_eloop(bss);
2607
2608 return ret;
2609 }
2610
2611
nl80211_mgmt_subscribe_mesh(struct i802_bss * bss)2612 static int nl80211_mgmt_subscribe_mesh(struct i802_bss *bss)
2613 {
2614 int ret = 0;
2615
2616 if (nl80211_alloc_mgmt_handle(bss))
2617 return -1;
2618
2619 wpa_printf(MSG_DEBUG,
2620 "nl80211: Subscribe to mgmt frames with mesh handle %p",
2621 bss->nl_mgmt);
2622
2623 /* Auth frames for mesh SAE */
2624 if (nl80211_register_frame(bss, bss->nl_mgmt,
2625 (WLAN_FC_TYPE_MGMT << 2) |
2626 (WLAN_FC_STYPE_AUTH << 4),
2627 NULL, 0, false) < 0)
2628 ret = -1;
2629
2630 /* Mesh peering open */
2631 if (nl80211_register_action_frame(bss, (u8 *) "\x0f\x01", 2) < 0)
2632 ret = -1;
2633 /* Mesh peering confirm */
2634 if (nl80211_register_action_frame(bss, (u8 *) "\x0f\x02", 2) < 0)
2635 ret = -1;
2636 /* Mesh peering close */
2637 if (nl80211_register_action_frame(bss, (u8 *) "\x0f\x03", 2) < 0)
2638 ret = -1;
2639
2640 nl80211_mgmt_handle_register_eloop(bss);
2641
2642 return ret;
2643 }
2644
2645
nl80211_register_spurious_class3(struct i802_bss * bss)2646 static int nl80211_register_spurious_class3(struct i802_bss *bss)
2647 {
2648 struct nl_msg *msg;
2649 int ret;
2650
2651 msg = nl80211_bss_msg(bss, 0, NL80211_CMD_UNEXPECTED_FRAME);
2652 ret = send_and_recv(bss->drv->global, bss->nl_mgmt, msg, NULL, NULL,
2653 NULL, NULL);
2654 if (ret) {
2655 wpa_printf(MSG_DEBUG, "nl80211: Register spurious class3 "
2656 "failed: ret=%d (%s)",
2657 ret, strerror(-ret));
2658 }
2659 return ret;
2660 }
2661
2662
nl80211_action_subscribe_ap(struct i802_bss * bss)2663 static int nl80211_action_subscribe_ap(struct i802_bss *bss)
2664 {
2665 int ret = 0;
2666
2667 /* Public Action frames */
2668 if (nl80211_register_action_frame(bss, (u8 *) "\x04", 1) < 0)
2669 ret = -1;
2670 /* RRM Measurement Report */
2671 if (nl80211_register_action_frame(bss, (u8 *) "\x05\x01", 2) < 0)
2672 ret = -1;
2673 /* RRM Link Measurement Report */
2674 if (nl80211_register_action_frame(bss, (u8 *) "\x05\x03", 2) < 0)
2675 ret = -1;
2676 /* RRM Neighbor Report Request */
2677 if (nl80211_register_action_frame(bss, (u8 *) "\x05\x04", 2) < 0)
2678 ret = -1;
2679 /* FT Action frames */
2680 if (nl80211_register_action_frame(bss, (u8 *) "\x06", 1) < 0)
2681 ret = -1;
2682 /* SA Query */
2683 if (nl80211_register_action_frame(bss, (u8 *) "\x08", 1) < 0)
2684 ret = -1;
2685 /* Protected Dual of Public Action */
2686 if (nl80211_register_action_frame(bss, (u8 *) "\x09", 1) < 0)
2687 ret = -1;
2688 /* WNM */
2689 if (nl80211_register_action_frame(bss, (u8 *) "\x0a", 1) < 0)
2690 ret = -1;
2691 /* WMM */
2692 if (nl80211_register_action_frame(bss, (u8 *) "\x11", 1) < 0)
2693 ret = -1;
2694 #ifdef CONFIG_FST
2695 /* FST Action frames */
2696 if (nl80211_register_action_frame(bss, (u8 *) "\x12", 1) < 0)
2697 ret = -1;
2698 #endif /* CONFIG_FST */
2699 /* Vendor-specific */
2700 if (nl80211_register_action_frame(bss, (u8 *) "\x7f", 1) < 0)
2701 ret = -1;
2702
2703 return ret;
2704 }
2705
2706
nl80211_mgmt_subscribe_ap(struct i802_bss * bss)2707 static int nl80211_mgmt_subscribe_ap(struct i802_bss *bss)
2708 {
2709 static const int stypes[] = {
2710 WLAN_FC_STYPE_AUTH,
2711 WLAN_FC_STYPE_ASSOC_REQ,
2712 WLAN_FC_STYPE_REASSOC_REQ,
2713 WLAN_FC_STYPE_DISASSOC,
2714 WLAN_FC_STYPE_DEAUTH,
2715 WLAN_FC_STYPE_PROBE_REQ,
2716 /* Beacon doesn't work as mac80211 doesn't currently allow
2717 * it, but it wouldn't really be the right thing anyway as
2718 * it isn't per interface ... maybe just dump the scan
2719 * results periodically for OLBC?
2720 */
2721 /* WLAN_FC_STYPE_BEACON, */
2722 };
2723 unsigned int i;
2724
2725 if (nl80211_alloc_mgmt_handle(bss))
2726 return -1;
2727 wpa_printf(MSG_DEBUG, "nl80211: Subscribe to mgmt frames with AP "
2728 "handle %p", bss->nl_mgmt);
2729
2730 for (i = 0; i < ARRAY_SIZE(stypes); i++) {
2731 if (nl80211_register_frame(bss, bss->nl_mgmt,
2732 (WLAN_FC_TYPE_MGMT << 2) |
2733 (stypes[i] << 4),
2734 NULL, 0, false) < 0) {
2735 goto out_err;
2736 }
2737 }
2738
2739 if (nl80211_action_subscribe_ap(bss))
2740 goto out_err;
2741
2742 if (nl80211_register_spurious_class3(bss))
2743 goto out_err;
2744
2745 nl80211_mgmt_handle_register_eloop(bss);
2746 return 0;
2747
2748 out_err:
2749 nl_destroy_handles(&bss->nl_mgmt);
2750 return -1;
2751 }
2752
2753
nl80211_mgmt_subscribe_ap_dev_sme(struct i802_bss * bss)2754 static int nl80211_mgmt_subscribe_ap_dev_sme(struct i802_bss *bss)
2755 {
2756 if (nl80211_alloc_mgmt_handle(bss))
2757 return -1;
2758 wpa_printf(MSG_DEBUG, "nl80211: Subscribe to mgmt frames with AP "
2759 "handle %p (device SME)", bss->nl_mgmt);
2760
2761 if (nl80211_action_subscribe_ap(bss))
2762 goto out_err;
2763
2764 if (bss->drv->device_ap_sme) {
2765 u16 type = (WLAN_FC_TYPE_MGMT << 2) | (WLAN_FC_STYPE_AUTH << 4);
2766
2767 /* Register for all Authentication frames */
2768 if (nl80211_register_frame(bss, bss->nl_mgmt, type, NULL, 0,
2769 false) < 0)
2770 wpa_printf(MSG_DEBUG,
2771 "nl80211: Failed to subscribe to handle Authentication frames - SAE offload may not work");
2772 }
2773
2774 nl80211_mgmt_handle_register_eloop(bss);
2775 return 0;
2776
2777 out_err:
2778 nl_destroy_handles(&bss->nl_mgmt);
2779 return -1;
2780 }
2781
2782
nl80211_mgmt_unsubscribe(struct i802_bss * bss,const char * reason)2783 static void nl80211_mgmt_unsubscribe(struct i802_bss *bss, const char *reason)
2784 {
2785 if (bss->nl_mgmt == NULL)
2786 return;
2787 wpa_printf(MSG_DEBUG, "nl80211: Unsubscribe mgmt frames handle %p "
2788 "(%s)", bss->nl_mgmt, reason);
2789 nl80211_destroy_eloop_handle(&bss->nl_mgmt, 0);
2790
2791 nl80211_put_wiphy_data_ap(bss);
2792 }
2793
2794
wpa_driver_nl80211_send_rfkill(void * eloop_ctx,void * timeout_ctx)2795 static void wpa_driver_nl80211_send_rfkill(void *eloop_ctx, void *timeout_ctx)
2796 {
2797 wpa_supplicant_event(timeout_ctx, EVENT_INTERFACE_DISABLED, NULL);
2798 }
2799
2800
nl80211_del_p2pdev(struct i802_bss * bss)2801 static void nl80211_del_p2pdev(struct i802_bss *bss)
2802 {
2803 struct nl_msg *msg;
2804 int ret;
2805
2806 msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_DEL_INTERFACE);
2807 ret = send_and_recv_msgs(bss->drv, msg, NULL, NULL, NULL, NULL);
2808
2809 wpa_printf(MSG_DEBUG, "nl80211: Delete P2P Device %s (0x%llx): %s",
2810 bss->ifname, (long long unsigned int) bss->wdev_id,
2811 strerror(-ret));
2812 }
2813
2814
nl80211_set_p2pdev(struct i802_bss * bss,int start)2815 static int nl80211_set_p2pdev(struct i802_bss *bss, int start)
2816 {
2817 struct nl_msg *msg;
2818 int ret;
2819
2820 msg = nl80211_cmd_msg(bss, 0, start ? NL80211_CMD_START_P2P_DEVICE :
2821 NL80211_CMD_STOP_P2P_DEVICE);
2822 ret = send_and_recv_msgs(bss->drv, msg, NULL, NULL, NULL, NULL);
2823
2824 wpa_printf(MSG_DEBUG, "nl80211: %s P2P Device %s (0x%llx): %s",
2825 start ? "Start" : "Stop",
2826 bss->ifname, (long long unsigned int) bss->wdev_id,
2827 strerror(-ret));
2828 return ret;
2829 }
2830
2831
i802_set_iface_flags(struct i802_bss * bss,int up)2832 static int i802_set_iface_flags(struct i802_bss *bss, int up)
2833 {
2834 enum nl80211_iftype nlmode;
2835
2836 nlmode = nl80211_get_ifmode(bss);
2837 if (nlmode != NL80211_IFTYPE_P2P_DEVICE) {
2838 return linux_set_iface_flags(bss->drv->global->ioctl_sock,
2839 bss->ifname, up);
2840 }
2841
2842 /* P2P Device has start/stop which is equivalent */
2843 return nl80211_set_p2pdev(bss, up);
2844 }
2845
2846
2847 #ifdef CONFIG_TESTING_OPTIONS
qca_vendor_test_cmd_handler(struct nl_msg * msg,void * arg)2848 static int qca_vendor_test_cmd_handler(struct nl_msg *msg, void *arg)
2849 {
2850 /* struct wpa_driver_nl80211_data *drv = arg; */
2851 struct nlattr *tb[NL80211_ATTR_MAX + 1];
2852 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
2853
2854
2855 wpa_printf(MSG_DEBUG,
2856 "nl80211: QCA vendor test command response received");
2857
2858 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
2859 genlmsg_attrlen(gnlh, 0), NULL);
2860 if (!tb[NL80211_ATTR_VENDOR_DATA]) {
2861 wpa_printf(MSG_DEBUG, "nl80211: No vendor data attribute");
2862 return NL_SKIP;
2863 }
2864
2865 wpa_hexdump(MSG_DEBUG,
2866 "nl80211: Received QCA vendor test command response",
2867 nla_data(tb[NL80211_ATTR_VENDOR_DATA]),
2868 nla_len(tb[NL80211_ATTR_VENDOR_DATA]));
2869
2870 return NL_SKIP;
2871 }
2872 #endif /* CONFIG_TESTING_OPTIONS */
2873
2874
qca_vendor_test(struct wpa_driver_nl80211_data * drv)2875 static void qca_vendor_test(struct wpa_driver_nl80211_data *drv)
2876 {
2877 #ifdef CONFIG_TESTING_OPTIONS
2878 struct nl_msg *msg;
2879 struct nlattr *params;
2880 int ret;
2881
2882 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) ||
2883 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) ||
2884 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD,
2885 QCA_NL80211_VENDOR_SUBCMD_TEST) ||
2886 !(params = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) ||
2887 nla_put_u32(msg, QCA_WLAN_VENDOR_ATTR_TEST, 123)) {
2888 nlmsg_free(msg);
2889 return;
2890 }
2891 nla_nest_end(msg, params);
2892
2893 ret = send_and_recv_msgs(drv, msg, qca_vendor_test_cmd_handler, drv,
2894 NULL, NULL);
2895 wpa_printf(MSG_DEBUG,
2896 "nl80211: QCA vendor test command returned %d (%s)",
2897 ret, strerror(-ret));
2898 #endif /* CONFIG_TESTING_OPTIONS */
2899 }
2900
2901
2902 static int
wpa_driver_nl80211_finish_drv_init(struct wpa_driver_nl80211_data * drv,const u8 * set_addr,int first,const char * driver_params)2903 wpa_driver_nl80211_finish_drv_init(struct wpa_driver_nl80211_data *drv,
2904 const u8 *set_addr, int first,
2905 const char *driver_params)
2906 {
2907 struct i802_bss *bss = drv->first_bss;
2908 int send_rfkill_event = 0;
2909 enum nl80211_iftype nlmode;
2910
2911 drv->ifindex = if_nametoindex(bss->ifname);
2912 bss->ifindex = drv->ifindex;
2913 bss->wdev_id = drv->global->if_add_wdevid;
2914 bss->wdev_id_set = drv->global->if_add_wdevid_set;
2915
2916 bss->if_dynamic = drv->ifindex == drv->global->if_add_ifindex;
2917 bss->if_dynamic = bss->if_dynamic || drv->global->if_add_wdevid_set;
2918 drv->global->if_add_wdevid_set = 0;
2919
2920 if (!bss->if_dynamic && nl80211_get_ifmode(bss) == NL80211_IFTYPE_AP)
2921 bss->static_ap = 1;
2922
2923 if (first &&
2924 nl80211_get_ifmode(bss) != NL80211_IFTYPE_P2P_DEVICE &&
2925 linux_iface_up(drv->global->ioctl_sock, bss->ifname) > 0)
2926 drv->start_iface_up = 1;
2927
2928 if (wpa_driver_nl80211_capa(drv))
2929 return -1;
2930
2931 if (driver_params && nl80211_set_param(bss, driver_params) < 0)
2932 return -1;
2933
2934 wpa_printf(MSG_DEBUG, "nl80211: interface %s in phy %s",
2935 bss->ifname, drv->phyname);
2936
2937 if (set_addr &&
2938 (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 0) ||
2939 linux_set_ifhwaddr(drv->global->ioctl_sock, bss->ifname,
2940 set_addr)))
2941 return -1;
2942
2943 if (first && nl80211_get_ifmode(bss) == NL80211_IFTYPE_STATION)
2944 drv->start_mode_sta = 1;
2945
2946 if (drv->hostapd || bss->static_ap)
2947 nlmode = NL80211_IFTYPE_AP;
2948 else if (bss->if_dynamic ||
2949 nl80211_get_ifmode(bss) == NL80211_IFTYPE_MESH_POINT)
2950 nlmode = nl80211_get_ifmode(bss);
2951 else
2952 nlmode = NL80211_IFTYPE_STATION;
2953
2954 if (wpa_driver_nl80211_set_mode(bss, nlmode) < 0) {
2955 wpa_printf(MSG_ERROR, "nl80211: Could not configure driver mode");
2956 return -1;
2957 }
2958
2959 if (nlmode == NL80211_IFTYPE_P2P_DEVICE)
2960 nl80211_get_macaddr(bss);
2961
2962 wpa_driver_nl80211_drv_init_rfkill(drv);
2963
2964 if (!rfkill_is_blocked(drv->rfkill)) {
2965 int ret = i802_set_iface_flags(bss, 1);
2966 if (ret) {
2967 wpa_printf(MSG_ERROR, "nl80211: Could not set "
2968 "interface '%s' UP", bss->ifname);
2969 return ret;
2970 }
2971
2972 if (is_p2p_net_interface(nlmode))
2973 nl80211_disable_11b_rates(bss->drv,
2974 bss->drv->ifindex, 1);
2975
2976 if (nlmode == NL80211_IFTYPE_P2P_DEVICE)
2977 return ret;
2978 } else {
2979 wpa_printf(MSG_DEBUG, "nl80211: Could not yet enable "
2980 "interface '%s' due to rfkill", bss->ifname);
2981 if (nlmode != NL80211_IFTYPE_P2P_DEVICE)
2982 drv->if_disabled = 1;
2983
2984 send_rfkill_event = 1;
2985 }
2986
2987 if (!drv->hostapd && nlmode != NL80211_IFTYPE_P2P_DEVICE)
2988 netlink_send_oper_ifla(drv->global->netlink, drv->ifindex,
2989 1, IF_OPER_DORMANT);
2990
2991 if (nlmode != NL80211_IFTYPE_P2P_DEVICE) {
2992 if (linux_get_ifhwaddr(drv->global->ioctl_sock, bss->ifname,
2993 bss->addr))
2994 return -1;
2995 os_memcpy(drv->perm_addr, bss->addr, ETH_ALEN);
2996 }
2997
2998 if (send_rfkill_event) {
2999 eloop_register_timeout(0, 0, wpa_driver_nl80211_send_rfkill,
3000 drv, drv->ctx);
3001 }
3002
3003 if (drv->vendor_cmd_test_avail)
3004 qca_vendor_test(drv);
3005
3006 return 0;
3007 }
3008
3009
wpa_driver_nl80211_del_beacon(struct i802_bss * bss,struct i802_link * link)3010 static int wpa_driver_nl80211_del_beacon(struct i802_bss *bss,
3011 struct i802_link *link)
3012 {
3013 struct nl_msg *msg;
3014 struct wpa_driver_nl80211_data *drv = bss->drv;
3015
3016 if (!link->beacon_set)
3017 return 0;
3018
3019 wpa_printf(MSG_DEBUG, "nl80211: Remove beacon (ifindex=%d)",
3020 drv->ifindex);
3021 link->beacon_set = 0;
3022 link->freq = 0;
3023
3024 nl80211_put_wiphy_data_ap(bss);
3025 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_DEL_BEACON);
3026 if (!msg)
3027 return -ENOBUFS;
3028
3029 if (link->link_id != NL80211_DRV_LINK_ID_NA) {
3030 wpa_printf(MSG_DEBUG,
3031 "nl80211: MLD: stop beaconing on link=%u",
3032 link->link_id);
3033
3034 if (nla_put_u8(msg, NL80211_ATTR_MLO_LINK_ID,
3035 link->link_id)) {
3036 nlmsg_free(msg);
3037 return -ENOBUFS;
3038 }
3039 }
3040
3041 return send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
3042 }
3043
3044
wpa_driver_nl80211_del_beacon_all(struct i802_bss * bss)3045 static void wpa_driver_nl80211_del_beacon_all(struct i802_bss *bss)
3046 {
3047 unsigned int i;
3048
3049 for (i = 0; i < bss->n_links; i++)
3050 wpa_driver_nl80211_del_beacon(bss, &bss->links[i]);
3051 }
3052
3053
3054 /**
3055 * wpa_driver_nl80211_deinit - Deinitialize nl80211 driver interface
3056 * @bss: Pointer to private nl80211 data from wpa_driver_nl80211_init()
3057 *
3058 * Shut down driver interface and processing of driver events. Free
3059 * private data buffer if one was allocated in wpa_driver_nl80211_init().
3060 */
wpa_driver_nl80211_deinit(struct i802_bss * bss)3061 static void wpa_driver_nl80211_deinit(struct i802_bss *bss)
3062 {
3063 struct wpa_driver_nl80211_data *drv = bss->drv;
3064 unsigned int i;
3065
3066 wpa_printf(MSG_INFO, "nl80211: deinit ifname=%s disabled_11b_rates=%d",
3067 bss->ifname, drv->disabled_11b_rates);
3068
3069 bss->in_deinit = 1;
3070 if (drv->data_tx_status)
3071 eloop_unregister_read_sock(drv->eapol_tx_sock);
3072 if (drv->eapol_tx_sock >= 0)
3073 close(drv->eapol_tx_sock);
3074
3075 if (bss->nl_preq)
3076 wpa_driver_nl80211_probe_req_report(bss, 0);
3077 if (bss->added_if_into_bridge) {
3078 if (linux_br_del_if(drv->global->ioctl_sock, bss->brname,
3079 bss->ifname) < 0)
3080 wpa_printf(MSG_INFO, "nl80211: Failed to remove "
3081 "interface %s from bridge %s: %s",
3082 bss->ifname, bss->brname, strerror(errno));
3083 }
3084
3085 if (drv->rtnl_sk)
3086 nl_socket_free(drv->rtnl_sk);
3087
3088 if (bss->added_bridge) {
3089 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->brname,
3090 0) < 0)
3091 wpa_printf(MSG_INFO,
3092 "nl80211: Could not set bridge %s down",
3093 bss->brname);
3094 if (linux_br_del(drv->global->ioctl_sock, bss->brname) < 0)
3095 wpa_printf(MSG_INFO, "nl80211: Failed to remove "
3096 "bridge %s: %s",
3097 bss->brname, strerror(errno));
3098 }
3099
3100 nl80211_remove_monitor_interface(drv);
3101
3102 if (is_ap_interface(drv->nlmode))
3103 wpa_driver_nl80211_del_beacon_all(bss);
3104
3105 if (drv->eapol_sock >= 0) {
3106 eloop_unregister_read_sock(drv->eapol_sock);
3107 close(drv->eapol_sock);
3108 }
3109
3110 if (drv->if_indices != drv->default_if_indices)
3111 os_free(drv->if_indices);
3112
3113 if (drv->disabled_11b_rates)
3114 nl80211_disable_11b_rates(drv, drv->ifindex, 0);
3115
3116 netlink_send_oper_ifla(drv->global->netlink, drv->ifindex, 0,
3117 IF_OPER_UP);
3118 eloop_cancel_timeout(wpa_driver_nl80211_send_rfkill, drv, drv->ctx);
3119 rfkill_deinit(drv->rfkill);
3120
3121 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv, drv->ctx);
3122
3123 if (!drv->start_iface_up)
3124 (void) i802_set_iface_flags(bss, 0);
3125
3126 if (drv->addr_changed) {
3127 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname,
3128 0) < 0) {
3129 wpa_printf(MSG_DEBUG,
3130 "nl80211: Could not set interface down to restore permanent MAC address");
3131 }
3132 if (linux_set_ifhwaddr(drv->global->ioctl_sock, bss->ifname,
3133 drv->perm_addr) < 0) {
3134 wpa_printf(MSG_DEBUG,
3135 "nl80211: Could not restore permanent MAC address");
3136 }
3137 }
3138
3139 if (drv->nlmode != NL80211_IFTYPE_P2P_DEVICE) {
3140 if (drv->start_mode_sta)
3141 wpa_driver_nl80211_set_mode(bss,
3142 NL80211_IFTYPE_STATION);
3143 nl80211_mgmt_unsubscribe(bss, "deinit");
3144 } else {
3145 nl80211_mgmt_unsubscribe(bss, "deinit");
3146 nl80211_del_p2pdev(bss);
3147 }
3148
3149 nl80211_destroy_bss(drv->first_bss);
3150
3151 os_free(drv->filter_ssids);
3152
3153 os_free(drv->auth_ie);
3154 os_free(drv->auth_data);
3155
3156 if (drv->in_interface_list)
3157 dl_list_del(&drv->list);
3158
3159 os_free(drv->extended_capa);
3160 os_free(drv->extended_capa_mask);
3161 for (i = 0; i < drv->num_iface_capa; i++) {
3162 os_free(drv->iface_capa[i].ext_capa);
3163 os_free(drv->iface_capa[i].ext_capa_mask);
3164 }
3165 os_free(drv->first_bss);
3166 #ifdef CONFIG_DRIVER_NL80211_QCA
3167 os_free(drv->pending_roam_data);
3168 #endif /* CONFIG_DRIVER_NL80211_QCA */
3169 os_free(drv);
3170 }
3171
3172
wpa_alg_to_cipher_suite(enum wpa_alg alg,size_t key_len)3173 static u32 wpa_alg_to_cipher_suite(enum wpa_alg alg, size_t key_len)
3174 {
3175 switch (alg) {
3176 case WPA_ALG_WEP:
3177 if (key_len == 5)
3178 return RSN_CIPHER_SUITE_WEP40;
3179 return RSN_CIPHER_SUITE_WEP104;
3180 case WPA_ALG_TKIP:
3181 return RSN_CIPHER_SUITE_TKIP;
3182 case WPA_ALG_CCMP:
3183 return RSN_CIPHER_SUITE_CCMP;
3184 case WPA_ALG_GCMP:
3185 return RSN_CIPHER_SUITE_GCMP;
3186 case WPA_ALG_CCMP_256:
3187 return RSN_CIPHER_SUITE_CCMP_256;
3188 case WPA_ALG_GCMP_256:
3189 return RSN_CIPHER_SUITE_GCMP_256;
3190 case WPA_ALG_BIP_CMAC_128:
3191 return RSN_CIPHER_SUITE_AES_128_CMAC;
3192 case WPA_ALG_BIP_GMAC_128:
3193 return RSN_CIPHER_SUITE_BIP_GMAC_128;
3194 case WPA_ALG_BIP_GMAC_256:
3195 return RSN_CIPHER_SUITE_BIP_GMAC_256;
3196 case WPA_ALG_BIP_CMAC_256:
3197 return RSN_CIPHER_SUITE_BIP_CMAC_256;
3198 case WPA_ALG_SMS4:
3199 return RSN_CIPHER_SUITE_SMS4;
3200 case WPA_ALG_KRK:
3201 return RSN_CIPHER_SUITE_KRK;
3202 case WPA_ALG_NONE:
3203 wpa_printf(MSG_ERROR, "nl80211: Unexpected encryption algorithm %d",
3204 alg);
3205 return 0;
3206 }
3207
3208 wpa_printf(MSG_ERROR, "nl80211: Unsupported encryption algorithm %d",
3209 alg);
3210 return 0;
3211 }
3212
3213
wpa_cipher_to_cipher_suite(unsigned int cipher)3214 static u32 wpa_cipher_to_cipher_suite(unsigned int cipher)
3215 {
3216 switch (cipher) {
3217 case WPA_CIPHER_CCMP_256:
3218 return RSN_CIPHER_SUITE_CCMP_256;
3219 case WPA_CIPHER_GCMP_256:
3220 return RSN_CIPHER_SUITE_GCMP_256;
3221 case WPA_CIPHER_CCMP:
3222 return RSN_CIPHER_SUITE_CCMP;
3223 case WPA_CIPHER_GCMP:
3224 return RSN_CIPHER_SUITE_GCMP;
3225 case WPA_CIPHER_TKIP:
3226 return RSN_CIPHER_SUITE_TKIP;
3227 case WPA_CIPHER_WEP104:
3228 return RSN_CIPHER_SUITE_WEP104;
3229 case WPA_CIPHER_WEP40:
3230 return RSN_CIPHER_SUITE_WEP40;
3231 case WPA_CIPHER_GTK_NOT_USED:
3232 return RSN_CIPHER_SUITE_NO_GROUP_ADDRESSED;
3233 default:
3234 return 0;
3235 }
3236 }
3237
3238
wpa_cipher_to_cipher_suites(unsigned int ciphers,u32 suites[],int max_suites)3239 static int wpa_cipher_to_cipher_suites(unsigned int ciphers, u32 suites[],
3240 int max_suites)
3241 {
3242 int num_suites = 0;
3243
3244 if (num_suites < max_suites && ciphers & WPA_CIPHER_CCMP_256)
3245 suites[num_suites++] = RSN_CIPHER_SUITE_CCMP_256;
3246 if (num_suites < max_suites && ciphers & WPA_CIPHER_GCMP_256)
3247 suites[num_suites++] = RSN_CIPHER_SUITE_GCMP_256;
3248 if (num_suites < max_suites && ciphers & WPA_CIPHER_CCMP)
3249 suites[num_suites++] = RSN_CIPHER_SUITE_CCMP;
3250 if (num_suites < max_suites && ciphers & WPA_CIPHER_GCMP)
3251 suites[num_suites++] = RSN_CIPHER_SUITE_GCMP;
3252 if (num_suites < max_suites && ciphers & WPA_CIPHER_TKIP)
3253 suites[num_suites++] = RSN_CIPHER_SUITE_TKIP;
3254 if (num_suites < max_suites && ciphers & WPA_CIPHER_WEP104)
3255 suites[num_suites++] = RSN_CIPHER_SUITE_WEP104;
3256 if (num_suites < max_suites && ciphers & WPA_CIPHER_WEP40)
3257 suites[num_suites++] = RSN_CIPHER_SUITE_WEP40;
3258
3259 return num_suites;
3260 }
3261
3262
wpa_key_mgmt_to_suites(unsigned int key_mgmt_suites,u32 suites[],int max_suites)3263 static int wpa_key_mgmt_to_suites(unsigned int key_mgmt_suites, u32 suites[],
3264 int max_suites)
3265 {
3266 int num_suites = 0;
3267
3268 #define __AKM(a, b) \
3269 if (num_suites < max_suites && \
3270 (key_mgmt_suites & (WPA_KEY_MGMT_ ## a))) \
3271 suites[num_suites++] = (RSN_AUTH_KEY_MGMT_ ## b)
3272 __AKM(IEEE8021X, UNSPEC_802_1X);
3273 __AKM(PSK, PSK_OVER_802_1X);
3274 __AKM(FT_IEEE8021X, FT_802_1X);
3275 __AKM(FT_PSK, FT_PSK);
3276 __AKM(IEEE8021X_SHA256, 802_1X_SHA256);
3277 __AKM(PSK_SHA256, PSK_SHA256);
3278 __AKM(SAE, SAE);
3279 __AKM(SAE_EXT_KEY, SAE_EXT_KEY);
3280 __AKM(FT_SAE, FT_SAE);
3281 __AKM(FT_SAE_EXT_KEY, FT_SAE_EXT_KEY);
3282 __AKM(CCKM, CCKM);
3283 __AKM(OSEN, OSEN);
3284 __AKM(IEEE8021X_SUITE_B, 802_1X_SUITE_B);
3285 __AKM(IEEE8021X_SUITE_B_192, 802_1X_SUITE_B_192);
3286 __AKM(FILS_SHA256, FILS_SHA256);
3287 __AKM(FILS_SHA384, FILS_SHA384);
3288 __AKM(FT_FILS_SHA256, FT_FILS_SHA256);
3289 __AKM(FT_FILS_SHA384, FT_FILS_SHA384);
3290 __AKM(OWE, OWE);
3291 __AKM(DPP, DPP);
3292 __AKM(FT_IEEE8021X_SHA384, FT_802_1X_SHA384);
3293 __AKM(IEEE8021X_SHA384, 802_1X_SHA384);
3294 #undef __AKM
3295
3296 return num_suites;
3297 }
3298
3299 #if defined(CONFIG_DRIVER_NL80211_BRCM) || defined(CONFIG_DRIVER_NL80211_SYNA)
wpa_driver_do_broadcom_acs(struct wpa_driver_nl80211_data * drv,struct drv_acs_params * params)3300 static int wpa_driver_do_broadcom_acs(struct wpa_driver_nl80211_data *drv,
3301 struct drv_acs_params *params)
3302 {
3303 struct nl_msg *msg;
3304 struct nlattr *data;
3305 int freq_list_len;
3306 int ret = -1;
3307
3308 freq_list_len = int_array_len(params->freq_list);
3309 wpa_printf(MSG_DEBUG, "%s: freq_list_len=%d",
3310 __func__, freq_list_len);
3311
3312 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR);
3313 if (!msg ||
3314 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_BRCM) ||
3315 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD,
3316 BRCM_VENDOR_SCMD_ACS) ||
3317 !(data = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) ||
3318 nla_put_u8(msg, BRCM_VENDOR_ATTR_ACS_HW_MODE, params->hw_mode) ||
3319 nla_put_u8(msg, BRCM_VENDOR_ATTR_ACS_HT_ENABLED,
3320 params->ht_enabled) ||
3321 nla_put_u8(msg, BRCM_VENDOR_ATTR_ACS_HT40_ENABLED,
3322 params->ht40_enabled) ||
3323 nla_put_u8(msg, BRCM_VENDOR_ATTR_ACS_VHT_ENABLED,
3324 params->vht_enabled) ||
3325 nla_put_u16(msg, BRCM_VENDOR_ATTR_ACS_CHWIDTH, params->ch_width) ||
3326 (freq_list_len > 0 &&
3327 nla_put(msg, BRCM_VENDOR_ATTR_ACS_FREQ_LIST,
3328 sizeof(int) * freq_list_len, params->freq_list)))
3329 goto fail;
3330 nla_nest_end(msg, data);
3331
3332 wpa_printf(MSG_DEBUG,
3333 "nl80211: ACS Params: HW_MODE: %d HT: %d HT40: %d VHT: %d BW: %d",
3334 params->hw_mode, params->ht_enabled, params->ht40_enabled,
3335 params->vht_enabled, params->ch_width);
3336
3337 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
3338 if (ret) {
3339 wpa_printf(MSG_ERROR,
3340 "nl80211: BRCM Failed to invoke driver ACS function: %s",
3341 strerror(errno));
3342 }
3343
3344 msg = NULL;
3345 fail:
3346 nlmsg_free(msg);
3347 return ret;
3348 }
3349 #endif /* CONFIG_DRIVER_NL80211_BRCM || CONFIG_DRIVER_NL80211_SYNA */
3350
3351 #if (defined(CONFIG_DRIVER_NL80211_BRCM) && !defined(WIFI_BRCM_OPEN_SOURCE_MULTI_AKM)) || \
3352 defined(CONFIG_DRIVER_NL80211_SYNA)
wpa_cross_akm_key_mgmt_to_suites(unsigned int key_mgmt_suites,u32 suites[],int max_suites)3353 static int wpa_cross_akm_key_mgmt_to_suites(unsigned int key_mgmt_suites, u32 suites[],
3354 int max_suites)
3355 {
3356 int num_suites = 0;
3357
3358 #define __AKM_TO_SUITES_ARRAY(a, b) \
3359 if (num_suites < max_suites && \
3360 (key_mgmt_suites & (WPA_KEY_MGMT_ ## a))) \
3361 suites[num_suites++] = (RSN_AUTH_KEY_MGMT_ ## b)
3362 __AKM_TO_SUITES_ARRAY(PSK, PSK_OVER_802_1X);
3363 __AKM_TO_SUITES_ARRAY(SAE, SAE);
3364 #undef __AKM_TO_SUITES_ARRAY
3365
3366 return num_suites;
3367 }
3368 #endif /* (CONFIG_DRIVER_NL80211_BRCM && !WIFI_BRCM_OPEN_SOURCE_MULTI_AKM) ||
3369 * CONFIG_DRIVER_NL80211_SYNA */
3370
3371 #ifdef CONFIG_DRIVER_NL80211_QCA
issue_key_mgmt_set_key(struct wpa_driver_nl80211_data * drv,const u8 * key,size_t key_len)3372 static int issue_key_mgmt_set_key(struct wpa_driver_nl80211_data *drv,
3373 const u8 *key, size_t key_len)
3374 {
3375 struct nl_msg *msg;
3376 int ret;
3377
3378 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_KEY_MGMT_OFFLOAD))
3379 return 0;
3380
3381 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) ||
3382 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) ||
3383 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD,
3384 QCA_NL80211_VENDOR_SUBCMD_KEY_MGMT_SET_KEY) ||
3385 nla_put(msg, NL80211_ATTR_VENDOR_DATA, key_len, key)) {
3386 nl80211_nlmsg_clear(msg);
3387 nlmsg_free(msg);
3388 return -1;
3389 }
3390 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
3391 if (ret) {
3392 wpa_printf(MSG_DEBUG,
3393 "nl80211: Key management set key failed: ret=%d (%s)",
3394 ret, strerror(-ret));
3395 }
3396
3397 return ret;
3398 }
3399 #endif /* CONFIG_DRIVER_NL80211_QCA */
3400
3401
3402 #if defined(CONFIG_DRIVER_NL80211_BRCM) || defined(CONFIG_DRIVER_NL80211_SYNA)
key_mgmt_set_key(struct wpa_driver_nl80211_data * drv,const u8 * key,size_t key_len)3403 static int key_mgmt_set_key(struct wpa_driver_nl80211_data *drv,
3404 const u8 *key, size_t key_len)
3405 {
3406 struct nl_msg *msg;
3407 int ret;
3408 struct nlattr *params;
3409
3410 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) ||
3411 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_BRCM) ||
3412 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD,
3413 BRCM_VENDOR_SCMD_SET_PMK) ||
3414 !(params = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) ||
3415 nla_put(msg, BRCM_ATTR_DRIVER_KEY_PMK, key_len, key)) {
3416 nl80211_nlmsg_clear(msg);
3417 nlmsg_free(msg);
3418 return -ENOBUFS;
3419 }
3420 nla_nest_end(msg, params);
3421
3422 ret = send_and_recv_msgs(drv, msg, NULL, (void *) -1, NULL, NULL);
3423 if (ret) {
3424 wpa_printf(MSG_DEBUG, "nl80211: Key mgmt set key failed: ret=%d (%s)",
3425 ret, strerror(-ret));
3426 }
3427
3428 return ret;
3429 }
3430 #endif /* CONFIG_DRIVER_NL80211_BRCM || CONFIG_DRIVER_NL80211_SYNA */
3431
3432
nl80211_set_pmk(struct wpa_driver_nl80211_data * drv,const u8 * key,size_t key_len,const u8 * addr)3433 static int nl80211_set_pmk(struct wpa_driver_nl80211_data *drv,
3434 const u8 *key, size_t key_len,
3435 const u8 *addr)
3436 {
3437 struct nl_msg *msg = NULL;
3438 int ret;
3439
3440 /*
3441 * If the authenticator address is not set, assume it is
3442 * the current BSSID.
3443 */
3444 if (!addr && drv->associated)
3445 addr = drv->bssid;
3446 else if (!addr)
3447 return -1;
3448
3449 wpa_printf(MSG_DEBUG, "nl80211: Set PMK to the driver for " MACSTR,
3450 MAC2STR(addr));
3451 wpa_hexdump_key(MSG_DEBUG, "nl80211: PMK", key, key_len);
3452 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_SET_PMK);
3453 if (!msg ||
3454 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr) ||
3455 nla_put(msg, NL80211_ATTR_PMK, key_len, key)) {
3456 nl80211_nlmsg_clear(msg);
3457 nlmsg_free(msg);
3458 return -ENOBUFS;
3459 }
3460
3461 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
3462 if (ret) {
3463 wpa_printf(MSG_DEBUG, "nl80211: Set PMK failed: ret=%d (%s)",
3464 ret, strerror(-ret));
3465 }
3466
3467 return ret;
3468 }
3469
3470
wpa_driver_nl80211_set_key(struct i802_bss * bss,struct wpa_driver_set_key_params * params)3471 static int wpa_driver_nl80211_set_key(struct i802_bss *bss,
3472 struct wpa_driver_set_key_params *params)
3473 {
3474 struct wpa_driver_nl80211_data *drv = bss->drv;
3475 int ifindex;
3476 struct nl_msg *msg;
3477 struct nl_msg *key_msg;
3478 int ret;
3479 int skip_set_key = 1;
3480 const char *ifname = params->ifname;
3481 enum wpa_alg alg = params->alg;
3482 const u8 *addr = params->addr;
3483 int key_idx = params->key_idx;
3484 int set_tx = params->set_tx;
3485 const u8 *seq = params->seq;
3486 size_t seq_len = params->seq_len;
3487 const u8 *key = params->key;
3488 size_t key_len = params->key_len;
3489 int vlan_id = params->vlan_id;
3490 enum key_flag key_flag = params->key_flag;
3491 int link_id = params->link_id;
3492
3493 /* Ignore for P2P Device */
3494 if (drv->nlmode == NL80211_IFTYPE_P2P_DEVICE)
3495 return 0;
3496
3497 ifindex = if_nametoindex(ifname);
3498 wpa_printf(MSG_DEBUG, "%s: ifindex=%d (%s) alg=%d addr=%p key_idx=%d "
3499 "set_tx=%d seq_len=%lu key_len=%lu key_flag=0x%x link_id=%d",
3500 __func__, ifindex, ifname, alg, addr, key_idx, set_tx,
3501 (unsigned long) seq_len, (unsigned long) key_len, key_flag,
3502 link_id);
3503
3504 if (check_key_flag(key_flag)) {
3505 wpa_printf(MSG_DEBUG, "%s: invalid key_flag", __func__);
3506 return -EINVAL;
3507 }
3508
3509 #ifdef CONFIG_DRIVER_NL80211_QCA
3510 if ((key_flag & KEY_FLAG_PMK) &&
3511 (drv->capa.flags & WPA_DRIVER_FLAGS_KEY_MGMT_OFFLOAD)) {
3512 wpa_printf(MSG_DEBUG, "%s: calling issue_key_mgmt_set_key",
3513 __func__);
3514 ret = issue_key_mgmt_set_key(drv, key, key_len);
3515 return ret;
3516 }
3517 #endif /* CONFIG_DRIVER_NL80211_QCA */
3518
3519 if (key_flag & KEY_FLAG_PMK) {
3520 if (drv->capa.flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X)
3521 return nl80211_set_pmk(drv, key, key_len, addr);
3522 #if defined(CONFIG_DRIVER_NL80211_BRCM) || defined(CONFIG_DRIVER_NL80211_SYNA)
3523 if (drv->vendor_set_pmk) {
3524 wpa_printf(MSG_INFO, "nl80211: key_mgmt_set_key with key_len %lu", (unsigned long) key_len);
3525 return key_mgmt_set_key(drv, key, key_len);
3526 }
3527 #endif /* CONFIG_DRIVER_NL80211_BRCM || CONFIG_DRIVER_NL80211_SYNA */
3528
3529 /* The driver does not have any offload mechanism for PMK, so
3530 * there is no need to configure this key. */
3531 return 0;
3532 }
3533
3534 ret = -ENOBUFS;
3535 key_msg = nlmsg_alloc();
3536 if (!key_msg)
3537 return ret;
3538
3539 if ((key_flag & KEY_FLAG_PAIRWISE_MASK) ==
3540 KEY_FLAG_PAIRWISE_RX_TX_MODIFY) {
3541 wpa_printf(MSG_DEBUG,
3542 "nl80211: SET_KEY (pairwise RX/TX modify)");
3543 msg = nl80211_ifindex_msg(drv, ifindex, 0, NL80211_CMD_SET_KEY);
3544 if (!msg)
3545 goto fail2;
3546 } else if (alg == WPA_ALG_NONE && (key_flag & KEY_FLAG_RX_TX)) {
3547 wpa_printf(MSG_DEBUG, "%s: invalid key_flag to delete key",
3548 __func__);
3549 ret = -EINVAL;
3550 goto fail2;
3551 } else if (alg == WPA_ALG_NONE) {
3552 wpa_printf(MSG_DEBUG, "nl80211: DEL_KEY");
3553 msg = nl80211_ifindex_msg(drv, ifindex, 0, NL80211_CMD_DEL_KEY);
3554 if (!msg)
3555 goto fail2;
3556 } else {
3557 u32 suite;
3558
3559 suite = wpa_alg_to_cipher_suite(alg, key_len);
3560 if (!suite) {
3561 ret = -EINVAL;
3562 goto fail2;
3563 }
3564 wpa_printf(MSG_DEBUG, "nl80211: NEW_KEY");
3565 msg = nl80211_ifindex_msg(drv, ifindex, 0, NL80211_CMD_NEW_KEY);
3566 if (!msg)
3567 goto fail2;
3568 if (nla_put(key_msg, NL80211_KEY_DATA, key_len, key) ||
3569 nla_put_u32(key_msg, NL80211_KEY_CIPHER, suite))
3570 goto fail;
3571 wpa_hexdump_key(MSG_DEBUG, "nl80211: KEY_DATA", key, key_len);
3572
3573 if (seq && seq_len) {
3574 if (nla_put(key_msg, NL80211_KEY_SEQ, seq_len, seq))
3575 goto fail;
3576 wpa_hexdump(MSG_DEBUG, "nl80211: KEY_SEQ",
3577 seq, seq_len);
3578 }
3579 }
3580
3581 if (addr && !is_broadcast_ether_addr(addr)) {
3582 wpa_printf(MSG_DEBUG, " addr=" MACSTR, MAC2STR(addr));
3583 if (nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr))
3584 goto fail;
3585
3586 if ((key_flag & KEY_FLAG_PAIRWISE_MASK) ==
3587 KEY_FLAG_PAIRWISE_RX ||
3588 (key_flag & KEY_FLAG_PAIRWISE_MASK) ==
3589 KEY_FLAG_PAIRWISE_RX_TX_MODIFY) {
3590 if (nla_put_u8(key_msg, NL80211_KEY_MODE,
3591 key_flag == KEY_FLAG_PAIRWISE_RX ?
3592 NL80211_KEY_NO_TX : NL80211_KEY_SET_TX))
3593 goto fail;
3594 } else if ((key_flag & KEY_FLAG_GROUP_MASK) ==
3595 KEY_FLAG_GROUP_RX) {
3596 wpa_printf(MSG_DEBUG, " RSN IBSS RX GTK");
3597 if (nla_put_u32(key_msg, NL80211_KEY_TYPE,
3598 NL80211_KEYTYPE_GROUP))
3599 goto fail;
3600 } else if (!(key_flag & KEY_FLAG_PAIRWISE)) {
3601 wpa_printf(MSG_DEBUG,
3602 " key_flag missing PAIRWISE when setting a pairwise key");
3603 ret = -EINVAL;
3604 goto fail;
3605 } else if (alg == WPA_ALG_WEP &&
3606 (key_flag & KEY_FLAG_RX_TX) == KEY_FLAG_RX_TX) {
3607 wpa_printf(MSG_DEBUG, " unicast WEP key");
3608 skip_set_key = 0;
3609 } else {
3610 wpa_printf(MSG_DEBUG, " pairwise key");
3611 }
3612 } else if ((key_flag & KEY_FLAG_PAIRWISE) ||
3613 !(key_flag & KEY_FLAG_GROUP)) {
3614 wpa_printf(MSG_DEBUG,
3615 " invalid key_flag for a broadcast key");
3616 ret = -EINVAL;
3617 goto fail;
3618 } else {
3619 wpa_printf(MSG_DEBUG, " broadcast key");
3620 if (key_flag & KEY_FLAG_DEFAULT)
3621 skip_set_key = 0;
3622 }
3623 if (nla_put_u8(key_msg, NL80211_KEY_IDX, key_idx) ||
3624 nla_put_nested(msg, NL80211_ATTR_KEY, key_msg))
3625 goto fail;
3626 nl80211_nlmsg_clear(key_msg);
3627 nlmsg_free(key_msg);
3628 key_msg = NULL;
3629
3630 if (vlan_id && (drv->capa.flags & WPA_DRIVER_FLAGS_VLAN_OFFLOAD)) {
3631 wpa_printf(MSG_DEBUG, "nl80211: VLAN ID %d", vlan_id);
3632 if (nla_put_u16(msg, NL80211_ATTR_VLAN_ID, vlan_id))
3633 goto fail;
3634 }
3635
3636 if (link_id != -1) {
3637 wpa_printf(MSG_DEBUG, "nl80211: Link ID %d", link_id);
3638 if (nla_put_u8(msg, NL80211_ATTR_MLO_LINK_ID, link_id))
3639 goto fail;
3640 }
3641
3642 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
3643 if ((ret == -ENOENT || ret == -ENOLINK) && alg == WPA_ALG_NONE)
3644 ret = 0;
3645 if (ret)
3646 wpa_printf(MSG_DEBUG, "nl80211: set_key failed; err=%d %s",
3647 ret, strerror(-ret));
3648
3649 /*
3650 * If we failed or don't need to set the key as default (below),
3651 * we're done here.
3652 */
3653 if (ret || skip_set_key)
3654 return ret;
3655 wpa_printf(MSG_DEBUG, "nl80211: NL80211_CMD_SET_KEY - default key");
3656
3657 ret = -ENOBUFS;
3658 key_msg = nlmsg_alloc();
3659 if (!key_msg)
3660 return ret;
3661
3662 msg = nl80211_ifindex_msg(drv, ifindex, 0, NL80211_CMD_SET_KEY);
3663 if (!msg)
3664 goto fail2;
3665 if (!key_msg ||
3666 nla_put_u8(key_msg, NL80211_KEY_IDX, key_idx) ||
3667 nla_put_flag(key_msg, wpa_alg_bip(alg) ?
3668 (key_idx == 6 || key_idx == 7 ?
3669 NL80211_KEY_DEFAULT_BEACON :
3670 NL80211_KEY_DEFAULT_MGMT) :
3671 NL80211_KEY_DEFAULT))
3672 goto fail;
3673 if (addr && is_broadcast_ether_addr(addr)) {
3674 struct nlattr *types;
3675
3676 types = nla_nest_start(key_msg, NL80211_KEY_DEFAULT_TYPES);
3677 if (!types ||
3678 nla_put_flag(key_msg, NL80211_KEY_DEFAULT_TYPE_MULTICAST))
3679 goto fail;
3680 nla_nest_end(key_msg, types);
3681 } else if (addr) {
3682 struct nlattr *types;
3683
3684 types = nla_nest_start(key_msg, NL80211_KEY_DEFAULT_TYPES);
3685 if (!types ||
3686 nla_put_flag(key_msg, NL80211_KEY_DEFAULT_TYPE_UNICAST))
3687 goto fail;
3688 nla_nest_end(key_msg, types);
3689 }
3690
3691 if (nla_put_nested(msg, NL80211_ATTR_KEY, key_msg))
3692 goto fail;
3693 nl80211_nlmsg_clear(key_msg);
3694 nlmsg_free(key_msg);
3695 key_msg = NULL;
3696
3697 if (vlan_id && (drv->capa.flags & WPA_DRIVER_FLAGS_VLAN_OFFLOAD)) {
3698 wpa_printf(MSG_DEBUG, "nl80211: set_key default - VLAN ID %d",
3699 vlan_id);
3700 if (nla_put_u16(msg, NL80211_ATTR_VLAN_ID, vlan_id))
3701 goto fail;
3702 }
3703
3704 if (link_id != -1) {
3705 wpa_printf(MSG_DEBUG, "nl80211: set_key default - Link ID %d",
3706 link_id);
3707 if (nla_put_u8(msg, NL80211_ATTR_MLO_LINK_ID, link_id))
3708 goto fail;
3709 }
3710
3711 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
3712 if (ret)
3713 wpa_printf(MSG_DEBUG,
3714 "nl80211: set_key default failed; err=%d %s",
3715 ret, strerror(-ret));
3716 return ret;
3717
3718 fail:
3719 nl80211_nlmsg_clear(msg);
3720 nlmsg_free(msg);
3721 fail2:
3722 nl80211_nlmsg_clear(key_msg);
3723 nlmsg_free(key_msg);
3724 return ret;
3725 }
3726
3727
nl_add_key(struct nl_msg * msg,enum wpa_alg alg,int key_idx,int defkey,const u8 * seq,size_t seq_len,const u8 * key,size_t key_len)3728 static int nl_add_key(struct nl_msg *msg, enum wpa_alg alg,
3729 int key_idx, int defkey,
3730 const u8 *seq, size_t seq_len,
3731 const u8 *key, size_t key_len)
3732 {
3733 struct nlattr *key_attr = nla_nest_start(msg, NL80211_ATTR_KEY);
3734 u32 suite;
3735
3736 if (!key_attr)
3737 return -1;
3738
3739 suite = wpa_alg_to_cipher_suite(alg, key_len);
3740 if (!suite)
3741 return -1;
3742
3743 if (defkey && wpa_alg_bip(alg)) {
3744 if (nla_put_flag(msg, NL80211_KEY_DEFAULT_MGMT))
3745 return -1;
3746 } else if (defkey) {
3747 if (nla_put_flag(msg, NL80211_KEY_DEFAULT))
3748 return -1;
3749 }
3750
3751 if (nla_put_u8(msg, NL80211_KEY_IDX, key_idx) ||
3752 nla_put_u32(msg, NL80211_KEY_CIPHER, suite) ||
3753 (seq && seq_len &&
3754 nla_put(msg, NL80211_KEY_SEQ, seq_len, seq)) ||
3755 nla_put(msg, NL80211_KEY_DATA, key_len, key))
3756 return -1;
3757
3758 nla_nest_end(msg, key_attr);
3759
3760 return 0;
3761 }
3762
3763
nl80211_set_conn_keys(struct wpa_driver_associate_params * params,struct nl_msg * msg)3764 static int nl80211_set_conn_keys(struct wpa_driver_associate_params *params,
3765 struct nl_msg *msg)
3766 {
3767 int i, privacy = 0;
3768 struct nlattr *nl_keys, *nl_key;
3769
3770 for (i = 0; i < 4; i++) {
3771 if (!params->wep_key[i])
3772 continue;
3773 privacy = 1;
3774 break;
3775 }
3776 if (params->wps == WPS_MODE_PRIVACY)
3777 privacy = 1;
3778 if (params->pairwise_suite &&
3779 params->pairwise_suite != WPA_CIPHER_NONE)
3780 privacy = 1;
3781
3782 if (!privacy)
3783 return 0;
3784
3785 if (nla_put_flag(msg, NL80211_ATTR_PRIVACY))
3786 return -ENOBUFS;
3787
3788 nl_keys = nla_nest_start(msg, NL80211_ATTR_KEYS);
3789 if (!nl_keys)
3790 return -ENOBUFS;
3791
3792 for (i = 0; i < 4; i++) {
3793 if (!params->wep_key[i])
3794 continue;
3795
3796 nl_key = nla_nest_start(msg, i);
3797 if (!nl_key ||
3798 nla_put(msg, NL80211_KEY_DATA, params->wep_key_len[i],
3799 params->wep_key[i]) ||
3800 nla_put_u32(msg, NL80211_KEY_CIPHER,
3801 params->wep_key_len[i] == 5 ?
3802 RSN_CIPHER_SUITE_WEP40 :
3803 RSN_CIPHER_SUITE_WEP104) ||
3804 nla_put_u8(msg, NL80211_KEY_IDX, i) ||
3805 (i == params->wep_tx_keyidx &&
3806 nla_put_flag(msg, NL80211_KEY_DEFAULT)))
3807 return -ENOBUFS;
3808
3809 nla_nest_end(msg, nl_key);
3810 }
3811 nla_nest_end(msg, nl_keys);
3812
3813 return 0;
3814 }
3815
3816
wpa_driver_nl80211_mlme(struct wpa_driver_nl80211_data * drv,const u8 * addr,int cmd,u16 reason_code,int local_state_change,struct i802_bss * bss)3817 int wpa_driver_nl80211_mlme(struct wpa_driver_nl80211_data *drv,
3818 const u8 *addr, int cmd, u16 reason_code,
3819 int local_state_change,
3820 struct i802_bss *bss)
3821 {
3822 int ret;
3823 struct nl_msg *msg;
3824 struct nl_sock *nl_connect = get_connect_handle(bss);
3825
3826 if (!(msg = nl80211_drv_msg(drv, 0, cmd)) ||
3827 nla_put_u16(msg, NL80211_ATTR_REASON_CODE, reason_code) ||
3828 (addr && nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) ||
3829 (local_state_change &&
3830 nla_put_flag(msg, NL80211_ATTR_LOCAL_STATE_CHANGE))) {
3831 nlmsg_free(msg);
3832 return -1;
3833 }
3834
3835 if (nl_connect)
3836 ret = send_and_recv(drv->global, nl_connect, msg,
3837 process_bss_event, bss, NULL, NULL);
3838 else
3839 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
3840 if (ret) {
3841 wpa_dbg(drv->ctx, MSG_DEBUG,
3842 "nl80211: MLME command failed: reason=%u ret=%d (%s)",
3843 reason_code, ret, strerror(-ret));
3844 }
3845 return ret;
3846 }
3847
3848
wpa_driver_nl80211_disconnect(struct wpa_driver_nl80211_data * drv,u16 reason_code,struct i802_bss * bss)3849 static int wpa_driver_nl80211_disconnect(struct wpa_driver_nl80211_data *drv,
3850 u16 reason_code,
3851 struct i802_bss *bss)
3852 {
3853 int ret;
3854 int drv_associated = drv->associated;
3855
3856 wpa_printf(MSG_DEBUG, "%s(reason_code=%d)", __func__, reason_code);
3857 nl80211_mark_disconnected(drv);
3858 /* Disconnect command doesn't need BSSID - it uses cached value */
3859 ret = wpa_driver_nl80211_mlme(drv, NULL, NL80211_CMD_DISCONNECT,
3860 reason_code, 0, bss);
3861 /*
3862 * For locally generated disconnect, supplicant already generates a
3863 * DEAUTH event, so ignore the event from NL80211.
3864 */
3865 drv->ignore_next_local_disconnect = drv_associated && (ret == 0);
3866
3867 return ret;
3868 }
3869
3870
wpa_driver_nl80211_deauthenticate(struct i802_bss * bss,const u8 * addr,u16 reason_code)3871 static int wpa_driver_nl80211_deauthenticate(struct i802_bss *bss,
3872 const u8 *addr, u16 reason_code)
3873 {
3874 struct wpa_driver_nl80211_data *drv = bss->drv;
3875 int ret;
3876 int drv_associated = drv->associated;
3877
3878 if (drv->nlmode == NL80211_IFTYPE_ADHOC) {
3879 nl80211_mark_disconnected(drv);
3880 return nl80211_leave_ibss(drv, 1);
3881 }
3882 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME)) {
3883 return wpa_driver_nl80211_disconnect(drv, reason_code, bss);
3884 }
3885 wpa_printf(MSG_DEBUG, "%s(addr=" MACSTR " reason_code=%d)",
3886 __func__, MAC2STR(addr), reason_code);
3887 nl80211_mark_disconnected(drv);
3888 ret = wpa_driver_nl80211_mlme(drv, addr, NL80211_CMD_DEAUTHENTICATE,
3889 reason_code, 0, bss);
3890 /*
3891 * For locally generated deauthenticate, supplicant already generates a
3892 * DEAUTH event, so ignore the event from NL80211.
3893 */
3894 drv->ignore_next_local_deauth = drv_associated && (ret == 0);
3895
3896 return ret;
3897 }
3898
3899
nl80211_copy_auth_params(struct wpa_driver_nl80211_data * drv,struct wpa_driver_auth_params * params)3900 static void nl80211_copy_auth_params(struct wpa_driver_nl80211_data *drv,
3901 struct wpa_driver_auth_params *params)
3902 {
3903 int i;
3904
3905 drv->auth_freq = params->freq;
3906 drv->auth_alg = params->auth_alg;
3907 drv->auth_wep_tx_keyidx = params->wep_tx_keyidx;
3908 drv->auth_local_state_change = params->local_state_change;
3909 drv->auth_p2p = params->p2p;
3910
3911 if (params->bssid)
3912 os_memcpy(drv->auth_bssid_, params->bssid, ETH_ALEN);
3913 else
3914 os_memset(drv->auth_bssid_, 0, ETH_ALEN);
3915
3916 if (params->ssid) {
3917 os_memcpy(drv->auth_ssid, params->ssid, params->ssid_len);
3918 drv->auth_ssid_len = params->ssid_len;
3919 } else
3920 drv->auth_ssid_len = 0;
3921
3922
3923 os_free(drv->auth_ie);
3924 drv->auth_ie = NULL;
3925 drv->auth_ie_len = 0;
3926 if (params->ie) {
3927 drv->auth_ie = os_malloc(params->ie_len);
3928 if (drv->auth_ie) {
3929 os_memcpy(drv->auth_ie, params->ie, params->ie_len);
3930 drv->auth_ie_len = params->ie_len;
3931 }
3932 }
3933
3934 if (params->mld && params->ap_mld_addr) {
3935 drv->auth_mld = params->mld;
3936 drv->auth_mld_link_id = params->mld_link_id;
3937 os_memcpy(drv->auth_ap_mld_addr, params->ap_mld_addr, ETH_ALEN);
3938 } else {
3939 drv->auth_mld = false;
3940 drv->auth_mld_link_id = -1;
3941 }
3942
3943 os_free(drv->auth_data);
3944 drv->auth_data = NULL;
3945 drv->auth_data_len = 0;
3946 if (params->auth_data) {
3947 drv->auth_data = os_memdup(params->auth_data,
3948 params->auth_data_len);
3949 if (drv->auth_data)
3950 drv->auth_data_len = params->auth_data_len;
3951 }
3952
3953 for (i = 0; i < 4; i++) {
3954 if (params->wep_key[i] && params->wep_key_len[i] &&
3955 params->wep_key_len[i] <= 16) {
3956 os_memcpy(drv->auth_wep_key[i], params->wep_key[i],
3957 params->wep_key_len[i]);
3958 drv->auth_wep_key_len[i] = params->wep_key_len[i];
3959 } else
3960 drv->auth_wep_key_len[i] = 0;
3961 }
3962 }
3963
3964
nl80211_unmask_11b_rates(struct i802_bss * bss)3965 static void nl80211_unmask_11b_rates(struct i802_bss *bss)
3966 {
3967 struct wpa_driver_nl80211_data *drv = bss->drv;
3968
3969 if (is_p2p_net_interface(drv->nlmode) || !drv->disabled_11b_rates)
3970 return;
3971
3972 /*
3973 * Looks like we failed to unmask 11b rates previously. This could
3974 * happen, e.g., if the interface was down at the point in time when a
3975 * P2P group was terminated.
3976 */
3977 wpa_printf(MSG_DEBUG,
3978 "nl80211: Interface %s mode is for non-P2P, but 11b rates were disabled - re-enable them",
3979 bss->ifname);
3980 nl80211_disable_11b_rates(drv, drv->ifindex, 0);
3981 }
3982
3983
get_nl_auth_type(int wpa_auth_alg)3984 static enum nl80211_auth_type get_nl_auth_type(int wpa_auth_alg)
3985 {
3986 if (wpa_auth_alg & WPA_AUTH_ALG_OPEN)
3987 return NL80211_AUTHTYPE_OPEN_SYSTEM;
3988 if (wpa_auth_alg & WPA_AUTH_ALG_SHARED)
3989 return NL80211_AUTHTYPE_SHARED_KEY;
3990 if (wpa_auth_alg & WPA_AUTH_ALG_LEAP)
3991 return NL80211_AUTHTYPE_NETWORK_EAP;
3992 if (wpa_auth_alg & WPA_AUTH_ALG_FT)
3993 return NL80211_AUTHTYPE_FT;
3994 if (wpa_auth_alg & WPA_AUTH_ALG_SAE)
3995 return NL80211_AUTHTYPE_SAE;
3996 if (wpa_auth_alg & WPA_AUTH_ALG_FILS)
3997 return NL80211_AUTHTYPE_FILS_SK;
3998 if (wpa_auth_alg & WPA_AUTH_ALG_FILS_SK_PFS)
3999 return NL80211_AUTHTYPE_FILS_SK_PFS;
4000
4001 return NL80211_AUTHTYPE_MAX;
4002 }
4003
4004
wpa_driver_nl80211_authenticate(struct i802_bss * bss,struct wpa_driver_auth_params * params)4005 static int wpa_driver_nl80211_authenticate(
4006 struct i802_bss *bss, struct wpa_driver_auth_params *params)
4007 {
4008 struct wpa_driver_nl80211_data *drv = bss->drv;
4009 int ret = -1, i;
4010 struct nl_msg *msg;
4011 enum nl80211_auth_type type;
4012 enum nl80211_iftype nlmode;
4013 int count = 0;
4014 int is_retry;
4015 struct wpa_driver_set_key_params p;
4016
4017 nl80211_unmask_11b_rates(bss);
4018
4019 is_retry = drv->retry_auth;
4020 drv->retry_auth = 0;
4021 drv->ignore_deauth_event = 0;
4022
4023 nl80211_mark_disconnected(drv);
4024 os_memset(drv->auth_bssid, 0, ETH_ALEN);
4025 if (params->bssid)
4026 os_memcpy(drv->auth_attempt_bssid, params->bssid, ETH_ALEN);
4027 else
4028 os_memset(drv->auth_attempt_bssid, 0, ETH_ALEN);
4029 /* FIX: IBSS mode */
4030 nlmode = params->p2p ?
4031 NL80211_IFTYPE_P2P_CLIENT : NL80211_IFTYPE_STATION;
4032 if (drv->nlmode != nlmode &&
4033 wpa_driver_nl80211_set_mode(bss, nlmode) < 0)
4034 return -1;
4035
4036 retry:
4037 wpa_printf(MSG_DEBUG, "nl80211: Authenticate (ifindex=%d)",
4038 drv->ifindex);
4039
4040 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_AUTHENTICATE);
4041 if (!msg)
4042 goto fail;
4043
4044 os_memset(&p, 0, sizeof(p));
4045 p.ifname = bss->ifname;
4046 p.alg = WPA_ALG_WEP;
4047 p.link_id = -1;
4048 for (i = 0; i < 4; i++) {
4049 if (!params->wep_key[i])
4050 continue;
4051 p.key_idx = i;
4052 p.set_tx = i == params->wep_tx_keyidx;
4053 p.key = params->wep_key[i];
4054 p.key_len = params->wep_key_len[i];
4055 p.key_flag = i == params->wep_tx_keyidx ?
4056 KEY_FLAG_GROUP_RX_TX_DEFAULT :
4057 KEY_FLAG_GROUP_RX_TX;
4058 wpa_driver_nl80211_set_key(bss, &p);
4059 if (params->wep_tx_keyidx != i)
4060 continue;
4061 if (nl_add_key(msg, WPA_ALG_WEP, i, 1, NULL, 0,
4062 params->wep_key[i], params->wep_key_len[i]))
4063 goto fail;
4064 }
4065
4066 if (params->bssid) {
4067 wpa_printf(MSG_DEBUG, " * bssid=" MACSTR,
4068 MAC2STR(params->bssid));
4069 if (nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid))
4070 goto fail;
4071 }
4072 if (params->freq) {
4073 wpa_printf(MSG_DEBUG, " * freq=%d", params->freq);
4074 if (nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, params->freq))
4075 goto fail;
4076 }
4077 if (params->ssid) {
4078 wpa_printf(MSG_DEBUG, " * SSID=%s",
4079 wpa_ssid_txt(params->ssid, params->ssid_len));
4080 if (nla_put(msg, NL80211_ATTR_SSID, params->ssid_len,
4081 params->ssid))
4082 goto fail;
4083 }
4084 wpa_hexdump(MSG_DEBUG, " * IEs", params->ie, params->ie_len);
4085 if (params->ie &&
4086 nla_put(msg, NL80211_ATTR_IE, params->ie_len, params->ie))
4087 goto fail;
4088 if (params->auth_data) {
4089 wpa_hexdump(MSG_DEBUG, " * auth_data", params->auth_data,
4090 params->auth_data_len);
4091 if (nla_put(msg, NL80211_ATTR_SAE_DATA, params->auth_data_len,
4092 params->auth_data))
4093 goto fail;
4094 }
4095 type = get_nl_auth_type(params->auth_alg);
4096 wpa_printf(MSG_DEBUG, " * Auth Type %d", type);
4097 if (type == NL80211_AUTHTYPE_MAX ||
4098 nla_put_u32(msg, NL80211_ATTR_AUTH_TYPE, type))
4099 goto fail;
4100 if (params->local_state_change) {
4101 wpa_printf(MSG_DEBUG, " * Local state change only");
4102 if (nla_put_flag(msg, NL80211_ATTR_LOCAL_STATE_CHANGE))
4103 goto fail;
4104 }
4105
4106 if (params->mld && params->ap_mld_addr) {
4107 wpa_printf(MSG_DEBUG, " * MLD: link_id=%u, MLD addr=" MACSTR,
4108 params->mld_link_id, MAC2STR(params->ap_mld_addr));
4109
4110 if (nla_put_u8(msg, NL80211_ATTR_MLO_LINK_ID,
4111 params->mld_link_id) ||
4112 nla_put(msg, NL80211_ATTR_MLD_ADDR, ETH_ALEN,
4113 params->ap_mld_addr))
4114 goto fail;
4115 }
4116
4117 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
4118 msg = NULL;
4119 if (ret) {
4120 wpa_dbg(drv->ctx, MSG_DEBUG,
4121 "nl80211: MLME command failed (auth): count=%d ret=%d (%s)",
4122 count, ret, strerror(-ret));
4123 count++;
4124 if ((ret == -EALREADY || ret == -EEXIST) && count == 1 &&
4125 params->bssid && !params->local_state_change) {
4126 /*
4127 * mac80211 does not currently accept new
4128 * authentication if we are already authenticated. As a
4129 * workaround, force deauthentication and try again.
4130 */
4131 wpa_printf(MSG_DEBUG, "nl80211: Retry authentication "
4132 "after forced deauthentication");
4133 drv->ignore_deauth_event = 1;
4134 wpa_driver_nl80211_deauthenticate(
4135 bss, params->bssid,
4136 WLAN_REASON_PREV_AUTH_NOT_VALID);
4137 nlmsg_free(msg);
4138 goto retry;
4139 }
4140
4141 if (ret == -ENOENT && params->freq && !is_retry) {
4142 /*
4143 * cfg80211 has likely expired the BSS entry even
4144 * though it was previously available in our internal
4145 * BSS table. To recover quickly, start a single
4146 * channel scan on the specified channel.
4147 */
4148 struct wpa_driver_scan_params scan;
4149 int freqs[2];
4150
4151 os_memset(&scan, 0, sizeof(scan));
4152 scan.num_ssids = 1;
4153 if (params->ssid) {
4154 scan.ssids[0].ssid = params->ssid;
4155 scan.ssids[0].ssid_len = params->ssid_len;
4156 }
4157 freqs[0] = params->freq;
4158 freqs[1] = 0;
4159 scan.freqs = freqs;
4160 wpa_printf(MSG_DEBUG, "nl80211: Trigger single "
4161 "channel scan to refresh cfg80211 BSS "
4162 "entry");
4163 ret = wpa_driver_nl80211_scan(bss, &scan);
4164 if (ret == 0) {
4165 nl80211_copy_auth_params(drv, params);
4166 drv->scan_for_auth = 1;
4167 }
4168 } else if (is_retry) {
4169 /*
4170 * Need to indicate this with an event since the return
4171 * value from the retry is not delivered to core code.
4172 */
4173 union wpa_event_data event;
4174 wpa_printf(MSG_DEBUG, "nl80211: Authentication retry "
4175 "failed");
4176 os_memset(&event, 0, sizeof(event));
4177 os_memcpy(event.timeout_event.addr, drv->auth_bssid_,
4178 ETH_ALEN);
4179 wpa_supplicant_event(drv->ctx, EVENT_AUTH_TIMED_OUT,
4180 &event);
4181 }
4182 } else {
4183 wpa_printf(MSG_DEBUG,
4184 "nl80211: Authentication request send successfully");
4185 }
4186
4187 fail:
4188 nlmsg_free(msg);
4189 return ret;
4190 }
4191
4192
wpa_driver_nl80211_authenticate_retry(struct wpa_driver_nl80211_data * drv)4193 int wpa_driver_nl80211_authenticate_retry(struct wpa_driver_nl80211_data *drv)
4194 {
4195 struct wpa_driver_auth_params params;
4196 struct i802_bss *bss = drv->first_bss;
4197 int i;
4198
4199 wpa_printf(MSG_DEBUG, "nl80211: Try to authenticate again");
4200
4201 os_memset(¶ms, 0, sizeof(params));
4202 params.freq = drv->auth_freq;
4203 params.auth_alg = drv->auth_alg;
4204 params.wep_tx_keyidx = drv->auth_wep_tx_keyidx;
4205 params.local_state_change = drv->auth_local_state_change;
4206 params.p2p = drv->auth_p2p;
4207
4208 if (!is_zero_ether_addr(drv->auth_bssid_))
4209 params.bssid = drv->auth_bssid_;
4210
4211 if (drv->auth_ssid_len) {
4212 params.ssid = drv->auth_ssid;
4213 params.ssid_len = drv->auth_ssid_len;
4214 }
4215
4216 params.ie = drv->auth_ie;
4217 params.ie_len = drv->auth_ie_len;
4218 params.auth_data = drv->auth_data;
4219 params.auth_data_len = drv->auth_data_len;
4220 params.mld = drv->auth_mld;
4221 params.mld_link_id = drv->auth_mld_link_id;
4222 if (drv->auth_mld)
4223 params.ap_mld_addr = drv->auth_ap_mld_addr;
4224
4225 for (i = 0; i < 4; i++) {
4226 if (drv->auth_wep_key_len[i]) {
4227 params.wep_key[i] = drv->auth_wep_key[i];
4228 params.wep_key_len[i] = drv->auth_wep_key_len[i];
4229 }
4230 }
4231
4232 drv->retry_auth = 1;
4233 return wpa_driver_nl80211_authenticate(bss, ¶ms);
4234 }
4235
4236
nl80211_get_link(struct i802_bss * bss,s8 link_id)4237 struct i802_link * nl80211_get_link(struct i802_bss *bss, s8 link_id)
4238 {
4239 unsigned int i;
4240
4241 for (i = 0; i < bss->n_links; i++) {
4242 if (bss->links[i].link_id != link_id)
4243 continue;
4244
4245 return &bss->links[i];
4246 }
4247
4248 return bss->flink;
4249 }
4250
4251
nl80211_link_set_freq(struct i802_bss * bss,s8 link_id,int freq)4252 static void nl80211_link_set_freq(struct i802_bss *bss, s8 link_id, int freq)
4253 {
4254 struct i802_link *link = nl80211_get_link(bss, link_id);
4255
4256 link->freq = freq;
4257 }
4258
4259
nl80211_get_link_freq(struct i802_bss * bss,const u8 * addr,bool bss_freq_debug)4260 static int nl80211_get_link_freq(struct i802_bss *bss, const u8 *addr,
4261 bool bss_freq_debug)
4262 {
4263 size_t i;
4264
4265 for (i = 0; i < bss->n_links; i++) {
4266 if (os_memcmp(bss->links[i].addr, addr, ETH_ALEN) == 0) {
4267 wpa_printf(MSG_DEBUG,
4268 "nl80211: Use link freq=%d for address "
4269 MACSTR,
4270 bss->links[i].freq, MAC2STR(addr));
4271 return bss->links[i].freq;
4272 }
4273 }
4274
4275 if (bss_freq_debug)
4276 wpa_printf(MSG_DEBUG, "nl80211: Use bss->freq=%d",
4277 bss->flink->freq);
4278
4279 return bss->flink->freq;
4280 }
4281
4282
wpa_driver_nl80211_send_mlme(struct i802_bss * bss,const u8 * data,size_t data_len,int noack,unsigned int freq,int no_cck,int offchanok,unsigned int wait_time,const u16 * csa_offs,size_t csa_offs_len,int no_encrypt,int link_id)4283 static int wpa_driver_nl80211_send_mlme(struct i802_bss *bss, const u8 *data,
4284 size_t data_len, int noack,
4285 unsigned int freq, int no_cck,
4286 int offchanok,
4287 unsigned int wait_time,
4288 const u16 *csa_offs,
4289 size_t csa_offs_len, int no_encrypt,
4290 int link_id)
4291 {
4292 struct wpa_driver_nl80211_data *drv = bss->drv;
4293 struct ieee80211_mgmt *mgmt;
4294 int encrypt = !no_encrypt;
4295 u16 fc;
4296 int use_cookie = 1;
4297 int res;
4298 struct i802_link *link = nl80211_get_link(bss, link_id);
4299
4300 mgmt = (struct ieee80211_mgmt *) data;
4301 fc = le_to_host16(mgmt->frame_control);
4302 wpa_printf(MSG_DEBUG, "nl80211: send_mlme - da=" MACSTR
4303 " noack=%d freq=%u no_cck=%d offchanok=%d wait_time=%u no_encrypt=%d fc=0x%x (%s) nlmode=%d",
4304 MAC2STR(mgmt->da), noack, freq, no_cck, offchanok, wait_time,
4305 no_encrypt, fc, fc2str(fc), drv->nlmode);
4306
4307 if ((is_sta_interface(drv->nlmode) ||
4308 drv->nlmode == NL80211_IFTYPE_P2P_DEVICE) &&
4309 WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT &&
4310 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_PROBE_RESP) {
4311 /*
4312 * The use of last_mgmt_freq is a bit of a hack,
4313 * but it works due to the single-threaded nature
4314 * of wpa_supplicant.
4315 */
4316 if (freq == 0) {
4317 wpa_printf(MSG_DEBUG, "nl80211: Use last_mgmt_freq=%d",
4318 drv->last_mgmt_freq);
4319 freq = drv->last_mgmt_freq;
4320 }
4321 wait_time = 0;
4322 use_cookie = 0;
4323 no_cck = 1;
4324 offchanok = 1;
4325 goto send_frame_cmd;
4326 }
4327
4328 if (drv->device_ap_sme && is_ap_interface(drv->nlmode)) {
4329 unsigned int link_freq = nl80211_get_link_freq(bss, mgmt->sa,
4330 !freq);
4331
4332 if (!freq)
4333 freq = link_freq;
4334
4335 if (freq == link_freq)
4336 wait_time = 0;
4337
4338 goto send_frame_cmd;
4339 }
4340
4341 if (WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT &&
4342 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_AUTH) {
4343 /*
4344 * Only one of the authentication frame types is encrypted.
4345 * In order for static WEP encryption to work properly (i.e.,
4346 * to not encrypt the frame), we need to tell mac80211 about
4347 * the frames that must not be encrypted.
4348 */
4349 u16 auth_alg = le_to_host16(mgmt->u.auth.auth_alg);
4350 u16 auth_trans = le_to_host16(mgmt->u.auth.auth_transaction);
4351 if (auth_alg != WLAN_AUTH_SHARED_KEY || auth_trans != 3)
4352 encrypt = 0;
4353 }
4354
4355 if (is_sta_interface(drv->nlmode) &&
4356 WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT &&
4357 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_AUTH) {
4358 if (freq == 0 &&
4359 (drv->capa.flags & WPA_DRIVER_FLAGS_SAE) &&
4360 !(drv->capa.flags & WPA_DRIVER_FLAGS_SME)) {
4361 freq = nl80211_get_assoc_freq(drv);
4362 wpa_printf(MSG_DEBUG,
4363 "nl80211: send_mlme - Use assoc_freq=%u for external auth",
4364 freq);
4365 }
4366
4367 /* Allow off channel for PASN authentication */
4368 if (data_len >= IEEE80211_HDRLEN + 2 &&
4369 WPA_GET_LE16(data + IEEE80211_HDRLEN) == WLAN_AUTH_PASN &&
4370 !offchanok) {
4371 wpa_printf(MSG_DEBUG,
4372 "nl80211: send_mlme: allow off channel for PASN");
4373 offchanok = 1;
4374 }
4375 }
4376
4377 #ifdef CONFIG_PASN
4378 if (is_sta_interface(drv->nlmode) &&
4379 WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT &&
4380 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_DEAUTH) {
4381 wpa_printf(MSG_DEBUG,
4382 "nl80211: send_mlme: allow Deauthentication frame for PASN");
4383
4384 use_cookie = 0;
4385 offchanok = 1;
4386 goto send_frame_cmd;
4387 }
4388 #endif /* CONFIG_PASN */
4389
4390 if (freq == 0 && drv->nlmode == NL80211_IFTYPE_ADHOC) {
4391 freq = nl80211_get_assoc_freq(drv);
4392 wpa_printf(MSG_DEBUG,
4393 "nl80211: send_mlme - Use assoc_freq=%u for IBSS",
4394 freq);
4395 }
4396 if (freq == 0) {
4397 wpa_printf(MSG_DEBUG, "nl80211: send_mlme - Use bss->freq=%u",
4398 link->freq);
4399 freq = link->freq;
4400 }
4401
4402 if (drv->use_monitor && is_ap_interface(drv->nlmode)) {
4403 wpa_printf(MSG_DEBUG,
4404 "nl80211: send_frame(freq=%u bss->freq=%u) -> send_monitor",
4405 freq, link->freq);
4406 return nl80211_send_monitor(drv, data, data_len, encrypt,
4407 noack);
4408 }
4409
4410 if ((noack || WLAN_FC_GET_TYPE(fc) != WLAN_FC_TYPE_MGMT ||
4411 WLAN_FC_GET_STYPE(fc) != WLAN_FC_STYPE_ACTION) &&
4412 link_id == NL80211_DRV_LINK_ID_NA)
4413 use_cookie = 0;
4414 send_frame_cmd:
4415 #ifdef CONFIG_TESTING_OPTIONS
4416 if (no_encrypt && !encrypt && !drv->use_monitor) {
4417 wpa_printf(MSG_DEBUG,
4418 "nl80211: Request to send an unencrypted frame - use a monitor interface for this");
4419 if (nl80211_create_monitor_interface(drv) < 0)
4420 return -1;
4421 res = nl80211_send_monitor(drv, data, data_len, encrypt,
4422 noack);
4423 nl80211_remove_monitor_interface(drv);
4424 return res;
4425 }
4426 #endif /* CONFIG_TESTING_OPTIONS */
4427
4428 wpa_printf(MSG_DEBUG, "nl80211: send_mlme -> send_frame_cmd");
4429 res = nl80211_send_frame_cmd(bss, freq, wait_time, data, data_len,
4430 use_cookie, no_cck, noack, offchanok,
4431 csa_offs, csa_offs_len);
4432 if (!res)
4433 drv->send_frame_link_id = link_id;
4434
4435 return res;
4436 }
4437
4438
nl80211_put_basic_rates(struct nl_msg * msg,const int * basic_rates)4439 static int nl80211_put_basic_rates(struct nl_msg *msg, const int *basic_rates)
4440 {
4441 u8 rates[NL80211_MAX_SUPP_RATES];
4442 u8 rates_len = 0;
4443 int i;
4444
4445 if (!basic_rates)
4446 return 0;
4447
4448 for (i = 0; i < NL80211_MAX_SUPP_RATES && basic_rates[i] >= 0; i++)
4449 rates[rates_len++] = basic_rates[i] / 5;
4450
4451 return nla_put(msg, NL80211_ATTR_BSS_BASIC_RATES, rates_len, rates);
4452 }
4453
4454
nl80211_set_bss(struct i802_bss * bss,int cts,int preamble,int slot,int ht_opmode,int ap_isolate,const int * basic_rates)4455 static int nl80211_set_bss(struct i802_bss *bss, int cts, int preamble,
4456 int slot, int ht_opmode, int ap_isolate,
4457 const int *basic_rates)
4458 {
4459 struct wpa_driver_nl80211_data *drv = bss->drv;
4460 struct nl_msg *msg;
4461
4462 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_BSS)) ||
4463 (cts >= 0 &&
4464 nla_put_u8(msg, NL80211_ATTR_BSS_CTS_PROT, cts)) ||
4465 (preamble >= 0 &&
4466 nla_put_u8(msg, NL80211_ATTR_BSS_SHORT_PREAMBLE, preamble)) ||
4467 (slot >= 0 &&
4468 nla_put_u8(msg, NL80211_ATTR_BSS_SHORT_SLOT_TIME, slot)) ||
4469 (ht_opmode >= 0 &&
4470 nla_put_u16(msg, NL80211_ATTR_BSS_HT_OPMODE, ht_opmode)) ||
4471 (ap_isolate >= 0 &&
4472 nla_put_u8(msg, NL80211_ATTR_AP_ISOLATE, ap_isolate)) ||
4473 nl80211_put_basic_rates(msg, basic_rates)) {
4474 nlmsg_free(msg);
4475 return -ENOBUFS;
4476 }
4477
4478 return send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
4479 }
4480
4481
wpa_driver_nl80211_set_acl(void * priv,struct hostapd_acl_params * params)4482 static int wpa_driver_nl80211_set_acl(void *priv,
4483 struct hostapd_acl_params *params)
4484 {
4485 struct i802_bss *bss = priv;
4486 struct wpa_driver_nl80211_data *drv = bss->drv;
4487 struct nl_msg *msg;
4488 struct nl_msg *acl;
4489 unsigned int i;
4490 int ret;
4491 size_t acl_nla_sz, acl_nlmsg_sz, nla_sz, nlmsg_sz;
4492
4493 if (!(drv->capa.max_acl_mac_addrs))
4494 return -ENOTSUP;
4495
4496 if (params->num_mac_acl > drv->capa.max_acl_mac_addrs)
4497 return -ENOTSUP;
4498
4499 wpa_printf(MSG_DEBUG, "nl80211: Set %s ACL (num_mac_acl=%u)",
4500 params->acl_policy ? "Accept" : "Deny", params->num_mac_acl);
4501
4502 acl_nla_sz = nla_total_size(ETH_ALEN) * params->num_mac_acl;
4503 acl_nlmsg_sz = nlmsg_total_size(acl_nla_sz);
4504 acl = nlmsg_alloc_size(acl_nlmsg_sz);
4505 if (!acl)
4506 return -ENOMEM;
4507 for (i = 0; i < params->num_mac_acl; i++) {
4508 if (nla_put(acl, i + 1, ETH_ALEN, params->mac_acl[i].addr)) {
4509 nlmsg_free(acl);
4510 return -ENOMEM;
4511 }
4512 }
4513
4514 /*
4515 * genetlink message header (Length of user header is 0) +
4516 * u32 attr: NL80211_ATTR_IFINDEX +
4517 * u32 attr: NL80211_ATTR_ACL_POLICY +
4518 * nested acl attr
4519 */
4520 nla_sz = GENL_HDRLEN +
4521 nla_total_size(4) * 2 +
4522 nla_total_size(acl_nla_sz);
4523 nlmsg_sz = nlmsg_total_size(nla_sz);
4524 if (!(msg = nl80211_ifindex_msg_build(drv, nlmsg_alloc_size(nlmsg_sz),
4525 drv->ifindex, 0,
4526 NL80211_CMD_SET_MAC_ACL)) ||
4527 nla_put_u32(msg, NL80211_ATTR_ACL_POLICY, params->acl_policy ?
4528 NL80211_ACL_POLICY_DENY_UNLESS_LISTED :
4529 NL80211_ACL_POLICY_ACCEPT_UNLESS_LISTED) ||
4530 nla_put_nested(msg, NL80211_ATTR_MAC_ADDRS, acl)) {
4531 nlmsg_free(msg);
4532 nlmsg_free(acl);
4533 return -ENOMEM;
4534 }
4535 nlmsg_free(acl);
4536
4537 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
4538 if (ret) {
4539 wpa_printf(MSG_DEBUG, "nl80211: Failed to set MAC ACL: %d (%s)",
4540 ret, strerror(-ret));
4541 }
4542
4543 return ret;
4544 }
4545
4546
nl80211_put_beacon_int(struct nl_msg * msg,int beacon_int)4547 static int nl80211_put_beacon_int(struct nl_msg *msg, int beacon_int)
4548 {
4549 if (beacon_int > 0) {
4550 wpa_printf(MSG_DEBUG, " * beacon_int=%d", beacon_int);
4551 return nla_put_u32(msg, NL80211_ATTR_BEACON_INTERVAL,
4552 beacon_int);
4553 }
4554
4555 return 0;
4556 }
4557
4558
nl80211_put_dtim_period(struct nl_msg * msg,int dtim_period)4559 static int nl80211_put_dtim_period(struct nl_msg *msg, int dtim_period)
4560 {
4561 if (dtim_period > 0) {
4562 wpa_printf(MSG_DEBUG, " * dtim_period=%d", dtim_period);
4563 return nla_put_u32(msg, NL80211_ATTR_DTIM_PERIOD, dtim_period);
4564 }
4565
4566 return 0;
4567 }
4568
4569
4570 #ifdef CONFIG_MESH
nl80211_set_mesh_config(void * priv,struct wpa_driver_mesh_bss_params * params)4571 static int nl80211_set_mesh_config(void *priv,
4572 struct wpa_driver_mesh_bss_params *params)
4573 {
4574 struct i802_bss *bss = priv;
4575 struct wpa_driver_nl80211_data *drv = bss->drv;
4576 struct nl_msg *msg;
4577 int ret;
4578
4579 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_SET_MESH_CONFIG);
4580 if (!msg)
4581 return -1;
4582
4583 ret = nl80211_put_mesh_config(msg, params);
4584 if (ret < 0) {
4585 nlmsg_free(msg);
4586 return ret;
4587 }
4588
4589 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
4590 if (ret) {
4591 wpa_printf(MSG_ERROR,
4592 "nl80211: Mesh config set failed: %d (%s)",
4593 ret, strerror(-ret));
4594 return ret;
4595 }
4596 return 0;
4597 }
4598 #endif /* CONFIG_MESH */
4599
4600
nl80211_put_beacon_rate(struct nl_msg * msg,u64 flags,u64 flags2,struct wpa_driver_ap_params * params)4601 static int nl80211_put_beacon_rate(struct nl_msg *msg, u64 flags, u64 flags2,
4602 struct wpa_driver_ap_params *params)
4603 {
4604 struct nlattr *bands, *band;
4605 struct nl80211_txrate_vht vht_rate;
4606 struct nl80211_txrate_he he_rate;
4607
4608 if (!params->freq ||
4609 (params->beacon_rate == 0 &&
4610 params->rate_type == BEACON_RATE_LEGACY))
4611 return 0;
4612
4613 bands = nla_nest_start(msg, NL80211_ATTR_TX_RATES);
4614 if (!bands)
4615 return -1;
4616
4617 switch (params->freq->mode) {
4618 case HOSTAPD_MODE_IEEE80211B:
4619 case HOSTAPD_MODE_IEEE80211G:
4620 band = nla_nest_start(msg, NL80211_BAND_2GHZ);
4621 break;
4622 case HOSTAPD_MODE_IEEE80211A:
4623 if (is_6ghz_freq(params->freq->freq))
4624 band = nla_nest_start(msg, NL80211_BAND_6GHZ);
4625 else
4626 band = nla_nest_start(msg, NL80211_BAND_5GHZ);
4627 break;
4628 case HOSTAPD_MODE_IEEE80211AD:
4629 band = nla_nest_start(msg, NL80211_BAND_60GHZ);
4630 break;
4631 default:
4632 return 0;
4633 }
4634
4635 if (!band)
4636 return -1;
4637
4638 os_memset(&vht_rate, 0, sizeof(vht_rate));
4639 os_memset(&he_rate, 0, sizeof(he_rate));
4640
4641 switch (params->rate_type) {
4642 case BEACON_RATE_LEGACY:
4643 if (!(flags & WPA_DRIVER_FLAGS_BEACON_RATE_LEGACY)) {
4644 wpa_printf(MSG_INFO,
4645 "nl80211: Driver does not support setting Beacon frame rate (legacy)");
4646 return -1;
4647 }
4648
4649 if (nla_put_u8(msg, NL80211_TXRATE_LEGACY,
4650 (u8) (params->beacon_rate / 5)) ||
4651 nla_put(msg, NL80211_TXRATE_HT, 0, NULL) ||
4652 (params->freq->vht_enabled &&
4653 nla_put(msg, NL80211_TXRATE_VHT, sizeof(vht_rate),
4654 &vht_rate)))
4655 return -1;
4656
4657 wpa_printf(MSG_DEBUG, " * beacon_rate = legacy:%u (* 100 kbps)",
4658 params->beacon_rate);
4659 break;
4660 case BEACON_RATE_HT:
4661 if (!(flags & WPA_DRIVER_FLAGS_BEACON_RATE_HT)) {
4662 wpa_printf(MSG_INFO,
4663 "nl80211: Driver does not support setting Beacon frame rate (HT)");
4664 return -1;
4665 }
4666 if (nla_put(msg, NL80211_TXRATE_LEGACY, 0, NULL) ||
4667 nla_put_u8(msg, NL80211_TXRATE_HT, params->beacon_rate) ||
4668 (params->freq->vht_enabled &&
4669 nla_put(msg, NL80211_TXRATE_VHT, sizeof(vht_rate),
4670 &vht_rate)))
4671 return -1;
4672 wpa_printf(MSG_DEBUG, " * beacon_rate = HT-MCS %u",
4673 params->beacon_rate);
4674 break;
4675 case BEACON_RATE_VHT:
4676 if (!(flags & WPA_DRIVER_FLAGS_BEACON_RATE_VHT)) {
4677 wpa_printf(MSG_INFO,
4678 "nl80211: Driver does not support setting Beacon frame rate (VHT)");
4679 return -1;
4680 }
4681 vht_rate.mcs[0] = BIT(params->beacon_rate);
4682 if (nla_put(msg, NL80211_TXRATE_LEGACY, 0, NULL))
4683 return -1;
4684 if (nla_put(msg, NL80211_TXRATE_HT, 0, NULL))
4685 return -1;
4686 if (nla_put(msg, NL80211_TXRATE_VHT, sizeof(vht_rate),
4687 &vht_rate))
4688 return -1;
4689 wpa_printf(MSG_DEBUG, " * beacon_rate = VHT-MCS %u",
4690 params->beacon_rate);
4691 break;
4692 case BEACON_RATE_HE:
4693 if (!(flags2 & WPA_DRIVER_FLAGS2_BEACON_RATE_HE)) {
4694 wpa_printf(MSG_INFO,
4695 "nl80211: Driver does not support setting Beacon frame rate (HE)");
4696 return -1;
4697 }
4698 he_rate.mcs[0] = BIT(params->beacon_rate);
4699 if (nla_put(msg, NL80211_TXRATE_LEGACY, 0, NULL) ||
4700 nla_put(msg, NL80211_TXRATE_HT, 0, NULL) ||
4701 nla_put(msg, NL80211_TXRATE_VHT, sizeof(vht_rate),
4702 &vht_rate) ||
4703 nla_put(msg, NL80211_TXRATE_HE, sizeof(he_rate), &he_rate))
4704 return -1;
4705 wpa_printf(MSG_DEBUG, " * beacon_rate = HE-MCS %u",
4706 params->beacon_rate);
4707 break;
4708 }
4709
4710 nla_nest_end(msg, band);
4711 nla_nest_end(msg, bands);
4712
4713 return 0;
4714 }
4715
4716
nl80211_set_multicast_to_unicast(struct i802_bss * bss,int multicast_to_unicast)4717 static int nl80211_set_multicast_to_unicast(struct i802_bss *bss,
4718 int multicast_to_unicast)
4719 {
4720 struct wpa_driver_nl80211_data *drv = bss->drv;
4721 struct nl_msg *msg;
4722 int ret;
4723
4724 msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_MULTICAST_TO_UNICAST);
4725 if (!msg ||
4726 (multicast_to_unicast &&
4727 nla_put_flag(msg, NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED))) {
4728 wpa_printf(MSG_ERROR,
4729 "nl80211: Failed to build NL80211_CMD_SET_MULTICAST_TO_UNICAST msg for %s",
4730 bss->ifname);
4731 nlmsg_free(msg);
4732 return -ENOBUFS;
4733 }
4734
4735 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
4736
4737 switch (ret) {
4738 case 0:
4739 wpa_printf(MSG_DEBUG,
4740 "nl80211: multicast to unicast %s on interface %s",
4741 multicast_to_unicast ? "enabled" : "disabled",
4742 bss->ifname);
4743 break;
4744 case -EOPNOTSUPP:
4745 if (!multicast_to_unicast)
4746 break;
4747 wpa_printf(MSG_INFO,
4748 "nl80211: multicast to unicast not supported on interface %s",
4749 bss->ifname);
4750 break;
4751 default:
4752 wpa_printf(MSG_ERROR,
4753 "nl80211: %s multicast to unicast failed with %d (%s) on interface %s",
4754 multicast_to_unicast ? "enabling" : "disabling",
4755 ret, strerror(-ret), bss->ifname);
4756 break;
4757 }
4758
4759 return ret;
4760 }
4761
4762
4763 #ifdef CONFIG_SAE
nl80211_put_sae_pwe(struct nl_msg * msg,enum sae_pwe pwe)4764 static int nl80211_put_sae_pwe(struct nl_msg *msg, enum sae_pwe pwe)
4765 {
4766 u8 sae_pwe;
4767
4768 wpa_printf(MSG_DEBUG, "nl802111: sae_pwe=%d", pwe);
4769 if (pwe == SAE_PWE_HUNT_AND_PECK)
4770 sae_pwe = NL80211_SAE_PWE_HUNT_AND_PECK;
4771 else if (pwe == SAE_PWE_HASH_TO_ELEMENT)
4772 sae_pwe = NL80211_SAE_PWE_HASH_TO_ELEMENT;
4773 else if (pwe == SAE_PWE_BOTH)
4774 sae_pwe = NL80211_SAE_PWE_BOTH;
4775 else if (pwe == SAE_PWE_FORCE_HUNT_AND_PECK)
4776 return 0; /* special test mode */
4777 else
4778 return -1;
4779 if (nla_put_u8(msg, NL80211_ATTR_SAE_PWE, sae_pwe))
4780 return -1;
4781
4782 return 0;
4783 }
4784 #endif /* CONFIG_SAE */
4785
4786
4787 #ifdef CONFIG_FILS
nl80211_fils_discovery(struct i802_bss * bss,struct nl_msg * msg,struct wpa_driver_ap_params * params)4788 static int nl80211_fils_discovery(struct i802_bss *bss, struct nl_msg *msg,
4789 struct wpa_driver_ap_params *params)
4790 {
4791 struct nlattr *attr;
4792
4793 if (!bss->drv->fils_discovery) {
4794 wpa_printf(MSG_ERROR,
4795 "nl80211: Driver does not support FILS Discovery frame transmission for %s",
4796 bss->ifname);
4797 return -1;
4798 }
4799
4800 attr = nla_nest_start(msg, NL80211_ATTR_FILS_DISCOVERY);
4801 if (!attr ||
4802 nla_put_u32(msg, NL80211_FILS_DISCOVERY_ATTR_INT_MIN,
4803 params->fd_min_int) ||
4804 nla_put_u32(msg, NL80211_FILS_DISCOVERY_ATTR_INT_MAX,
4805 params->fd_max_int) ||
4806 (params->fd_frame_tmpl &&
4807 nla_put(msg, NL80211_FILS_DISCOVERY_ATTR_TMPL,
4808 params->fd_frame_tmpl_len, params->fd_frame_tmpl)))
4809 return -1;
4810
4811 nla_nest_end(msg, attr);
4812 return 0;
4813 }
4814 #endif /* CONFIG_FILS */
4815
4816
4817 #ifdef CONFIG_IEEE80211AX
4818
nl80211_unsol_bcast_probe_resp(struct i802_bss * bss,struct nl_msg * msg,struct wpa_driver_ap_params * params)4819 static int nl80211_unsol_bcast_probe_resp(struct i802_bss *bss,
4820 struct nl_msg *msg,
4821 struct wpa_driver_ap_params *params)
4822 {
4823 struct nlattr *attr;
4824
4825 if (!bss->drv->unsol_bcast_probe_resp) {
4826 wpa_printf(MSG_ERROR,
4827 "nl80211: Driver does not support unsolicited broadcast Probe Response frame transmission for %s",
4828 bss->ifname);
4829 return -1;
4830 }
4831
4832 wpa_printf(MSG_DEBUG,
4833 "nl80211: Unsolicited broadcast Probe Response frame interval: %u",
4834 params->unsol_bcast_probe_resp_interval);
4835 attr = nla_nest_start(msg, NL80211_ATTR_UNSOL_BCAST_PROBE_RESP);
4836 if (!attr ||
4837 nla_put_u32(msg, NL80211_UNSOL_BCAST_PROBE_RESP_ATTR_INT,
4838 params->unsol_bcast_probe_resp_interval) ||
4839 (params->unsol_bcast_probe_resp_tmpl &&
4840 nla_put(msg, NL80211_UNSOL_BCAST_PROBE_RESP_ATTR_TMPL,
4841 params->unsol_bcast_probe_resp_tmpl_len,
4842 params->unsol_bcast_probe_resp_tmpl)))
4843 return -1;
4844
4845 nla_nest_end(msg, attr);
4846 return 0;
4847 }
4848
4849
nl80211_mbssid(struct nl_msg * msg,struct wpa_driver_ap_params * params)4850 static int nl80211_mbssid(struct nl_msg *msg,
4851 struct wpa_driver_ap_params *params)
4852 {
4853 struct nlattr *config, *elems;
4854 int ifidx;
4855
4856 if (!params->mbssid_tx_iface)
4857 return 0;
4858
4859 config = nla_nest_start(msg, NL80211_ATTR_MBSSID_CONFIG);
4860 if (!config ||
4861 nla_put_u8(msg, NL80211_MBSSID_CONFIG_ATTR_INDEX,
4862 params->mbssid_index))
4863 return -1;
4864
4865 if (params->mbssid_tx_iface) {
4866 ifidx = if_nametoindex(params->mbssid_tx_iface);
4867 if (ifidx <= 0 ||
4868 nla_put_u32(msg, NL80211_MBSSID_CONFIG_ATTR_TX_IFINDEX,
4869 ifidx))
4870 return -1;
4871 }
4872
4873 if (params->ema && nla_put_flag(msg, NL80211_MBSSID_CONFIG_ATTR_EMA))
4874 return -1;
4875
4876 nla_nest_end(msg, config);
4877
4878 if (params->mbssid_elem_count && params->mbssid_elem_len &&
4879 params->mbssid_elem_offset && *params->mbssid_elem_offset) {
4880 u8 i, **offs = params->mbssid_elem_offset;
4881
4882 elems = nla_nest_start(msg, NL80211_ATTR_MBSSID_ELEMS);
4883 if (!elems)
4884 return -1;
4885
4886 for (i = 0; i < params->mbssid_elem_count - 1; i++) {
4887 if (nla_put(msg, i + 1, offs[i + 1] - offs[i], offs[i]))
4888 return -1;
4889 }
4890
4891 if (nla_put(msg, i + 1,
4892 *offs + params->mbssid_elem_len - offs[i],
4893 offs[i]))
4894 return -1;
4895
4896 nla_nest_end(msg, elems);
4897 }
4898
4899 if (!params->ema)
4900 return 0;
4901
4902 if (params->rnr_elem_count && params->rnr_elem_len &&
4903 params->rnr_elem_offset && *params->rnr_elem_offset) {
4904 u8 i, **offs = params->rnr_elem_offset;
4905
4906 elems = nla_nest_start(msg, NL80211_ATTR_EMA_RNR_ELEMS);
4907 if (!elems)
4908 return -1;
4909
4910 for (i = 0; i < params->rnr_elem_count - 1; i++) {
4911 if (nla_put(msg, i + 1, offs[i + 1] - offs[i], offs[i]))
4912 return -1;
4913 }
4914
4915 if (nla_put(msg, i + 1, *offs + params->rnr_elem_len - offs[i],
4916 offs[i]))
4917 return -1;
4918 nla_nest_end(msg, elems);
4919 }
4920
4921 return 0;
4922 }
4923
4924 #endif /* CONFIG_IEEE80211AX */
4925
4926
4927 #ifdef CONFIG_DRIVER_NL80211_QCA
qca_set_allowed_ap_freqs(struct wpa_driver_nl80211_data * drv,const int * freqs,int num_freqs)4928 static void qca_set_allowed_ap_freqs(struct wpa_driver_nl80211_data *drv,
4929 const int *freqs, int num_freqs)
4930 {
4931 struct nl_msg *msg;
4932 struct nlattr *params, *freqs_list;
4933 int i, ret;
4934
4935 if (!drv->set_wifi_conf_vendor_cmd_avail || !drv->qca_ap_allowed_freqs)
4936 return;
4937
4938 wpa_printf(MSG_DEBUG, "nl80211: Set AP allowed frequency list");
4939
4940 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) ||
4941 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) ||
4942 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD,
4943 QCA_NL80211_VENDOR_SUBCMD_SET_WIFI_CONFIGURATION) ||
4944 !(params = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)))
4945 goto err;
4946
4947 freqs_list = nla_nest_start(
4948 msg, QCA_WLAN_VENDOR_ATTR_CONFIG_AP_ALLOWED_FREQ_LIST);
4949 if (!freqs_list)
4950 goto err;
4951
4952 for (i = 0; i < num_freqs; i++) {
4953 if (nla_put_u32(msg, i, freqs[i]))
4954 goto err;
4955 }
4956
4957 nla_nest_end(msg, freqs_list);
4958 nla_nest_end(msg, params);
4959
4960 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
4961 if (ret)
4962 wpa_printf(MSG_ERROR,
4963 "nl80211: Failed set AP alllowed frequency list: %d (%s)",
4964 ret, strerror(-ret));
4965
4966 return;
4967 err:
4968 nlmsg_free(msg);
4969 }
4970 #endif /* CONFIG_DRIVER_NL80211_QCA */
4971
4972
nl80211_put_freq_params(struct nl_msg * msg,const struct hostapd_freq_params * freq)4973 static int nl80211_put_freq_params(struct nl_msg *msg,
4974 const struct hostapd_freq_params *freq)
4975 {
4976 enum hostapd_hw_mode hw_mode;
4977 int is_24ghz;
4978 u8 channel;
4979
4980 wpa_printf(MSG_DEBUG, " * freq=%d", freq->freq);
4981 if (nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, freq->freq))
4982 return -ENOBUFS;
4983
4984 wpa_printf(MSG_DEBUG, " * eht_enabled=%d", freq->eht_enabled);
4985 wpa_printf(MSG_DEBUG, " * he_enabled=%d", freq->he_enabled);
4986 wpa_printf(MSG_DEBUG, " * vht_enabled=%d", freq->vht_enabled);
4987 wpa_printf(MSG_DEBUG, " * ht_enabled=%d", freq->ht_enabled);
4988 wpa_printf(MSG_DEBUG, " * radar_background=%d",
4989 freq->radar_background);
4990
4991 hw_mode = ieee80211_freq_to_chan(freq->freq, &channel);
4992 is_24ghz = hw_mode == HOSTAPD_MODE_IEEE80211G ||
4993 hw_mode == HOSTAPD_MODE_IEEE80211B;
4994
4995 if (freq->vht_enabled ||
4996 ((freq->he_enabled || freq->eht_enabled) && !is_24ghz)) {
4997 enum nl80211_chan_width cw;
4998
4999 wpa_printf(MSG_DEBUG, " * bandwidth=%d", freq->bandwidth);
5000 switch (freq->bandwidth) {
5001 case 20:
5002 cw = NL80211_CHAN_WIDTH_20;
5003 break;
5004 case 40:
5005 cw = NL80211_CHAN_WIDTH_40;
5006 break;
5007 case 80:
5008 if (freq->center_freq2)
5009 cw = NL80211_CHAN_WIDTH_80P80;
5010 else
5011 cw = NL80211_CHAN_WIDTH_80;
5012 break;
5013 case 160:
5014 cw = NL80211_CHAN_WIDTH_160;
5015 break;
5016 case 320:
5017 cw = NL80211_CHAN_WIDTH_320;
5018 break;
5019 default:
5020 return -EINVAL;
5021 }
5022
5023 wpa_printf(MSG_DEBUG, " * channel_width=%d", cw);
5024 wpa_printf(MSG_DEBUG, " * center_freq1=%d",
5025 freq->center_freq1);
5026 wpa_printf(MSG_DEBUG, " * center_freq2=%d",
5027 freq->center_freq2);
5028 if (nla_put_u32(msg, NL80211_ATTR_CHANNEL_WIDTH, cw) ||
5029 nla_put_u32(msg, NL80211_ATTR_CENTER_FREQ1,
5030 freq->center_freq1) ||
5031 (freq->center_freq2 &&
5032 nla_put_u32(msg, NL80211_ATTR_CENTER_FREQ2,
5033 freq->center_freq2)))
5034 return -ENOBUFS;
5035 } else if (freq->ht_enabled) {
5036 enum nl80211_channel_type ct;
5037
5038 wpa_printf(MSG_DEBUG, " * sec_channel_offset=%d",
5039 freq->sec_channel_offset);
5040 switch (freq->sec_channel_offset) {
5041 case -1:
5042 ct = NL80211_CHAN_HT40MINUS;
5043 break;
5044 case 1:
5045 ct = NL80211_CHAN_HT40PLUS;
5046 break;
5047 default:
5048 ct = NL80211_CHAN_HT20;
5049 break;
5050 }
5051
5052 wpa_printf(MSG_DEBUG, " * channel_type=%d", ct);
5053 if (nla_put_u32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE, ct))
5054 return -ENOBUFS;
5055 } else if (freq->edmg.channels && freq->edmg.bw_config) {
5056 wpa_printf(MSG_DEBUG,
5057 " * EDMG configuration: channels=0x%x bw_config=%d",
5058 freq->edmg.channels, freq->edmg.bw_config);
5059 if (nla_put_u8(msg, NL80211_ATTR_WIPHY_EDMG_CHANNELS,
5060 freq->edmg.channels) ||
5061 nla_put_u8(msg, NL80211_ATTR_WIPHY_EDMG_BW_CONFIG,
5062 freq->edmg.bw_config))
5063 return -1;
5064 } else {
5065 wpa_printf(MSG_DEBUG, " * channel_type=%d",
5066 NL80211_CHAN_NO_HT);
5067 if (nla_put_u32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE,
5068 NL80211_CHAN_NO_HT))
5069 return -ENOBUFS;
5070 }
5071 if (freq->radar_background &&
5072 nla_put_flag(msg, NL80211_ATTR_RADAR_BACKGROUND))
5073 return -ENOBUFS;
5074
5075 return 0;
5076 }
5077
5078
wpa_driver_nl80211_set_ap(void * priv,struct wpa_driver_ap_params * params)5079 static int wpa_driver_nl80211_set_ap(void *priv,
5080 struct wpa_driver_ap_params *params)
5081 {
5082 struct i802_bss *bss = priv;
5083 struct wpa_driver_nl80211_data *drv = bss->drv;
5084 struct i802_link *link = bss->flink;
5085 struct nl_msg *msg;
5086 u8 cmd = NL80211_CMD_NEW_BEACON;
5087 int ret = -ENOBUFS;
5088 int beacon_set;
5089 int num_suites;
5090 u32 suites[20], suite;
5091 u32 ver;
5092 #ifdef CONFIG_MESH
5093 struct wpa_driver_mesh_bss_params mesh_params;
5094 #endif /* CONFIG_MESH */
5095
5096 if (params->mld_ap) {
5097 size_t i;
5098
5099 for (i = 0; i < bss->n_links; i++) {
5100 if (bss->links[i].link_id == params->mld_link_id) {
5101 link = &bss->links[i];
5102 break;
5103 }
5104 }
5105
5106 if (i == bss->n_links) {
5107 wpa_printf(MSG_DEBUG, "nl80211: Link ID=%u not found",
5108 params->mld_link_id);
5109 return -EINVAL;
5110 }
5111 }
5112
5113 beacon_set = params->reenable ? 0 : link->beacon_set;
5114
5115 wpa_printf(MSG_DEBUG, "nl80211: Set beacon (beacon_set=%d)",
5116 beacon_set);
5117 if (beacon_set)
5118 cmd = NL80211_CMD_SET_BEACON;
5119 else if (!drv->device_ap_sme && !drv->use_monitor &&
5120 !nl80211_get_wiphy_data_ap(bss))
5121 return -ENOBUFS;
5122
5123 wpa_hexdump(MSG_DEBUG, "nl80211: Beacon head",
5124 params->head, params->head_len);
5125 wpa_hexdump(MSG_DEBUG, "nl80211: Beacon tail",
5126 params->tail, params->tail_len);
5127 wpa_printf(MSG_DEBUG, "nl80211: ifindex=%d", bss->ifindex);
5128 wpa_printf(MSG_DEBUG, "nl80211: beacon_int=%d", params->beacon_int);
5129 wpa_printf(MSG_DEBUG, "nl80211: beacon_rate=%u", params->beacon_rate);
5130 wpa_printf(MSG_DEBUG, "nl80211: rate_type=%d", params->rate_type);
5131 wpa_printf(MSG_DEBUG, "nl80211: dtim_period=%d", params->dtim_period);
5132 wpa_printf(MSG_DEBUG, "nl80211: ssid=%s",
5133 wpa_ssid_txt(params->ssid, params->ssid_len));
5134 if (!(msg = nl80211_bss_msg(bss, 0, cmd)) ||
5135 nla_put(msg, NL80211_ATTR_BEACON_HEAD, params->head_len,
5136 params->head) ||
5137 nla_put(msg, NL80211_ATTR_BEACON_TAIL, params->tail_len,
5138 params->tail) ||
5139 nl80211_put_beacon_int(msg, params->beacon_int) ||
5140 nl80211_put_beacon_rate(msg, drv->capa.flags, drv->capa.flags2,
5141 params) ||
5142 nl80211_put_dtim_period(msg, params->dtim_period) ||
5143 nla_put(msg, NL80211_ATTR_SSID, params->ssid_len, params->ssid))
5144 goto fail;
5145
5146 if (params->mld_ap) {
5147 wpa_printf(MSG_DEBUG, "nl80211: link_id=%u",
5148 params->mld_link_id);
5149
5150 if (nla_put_u8(msg, NL80211_ATTR_MLO_LINK_ID,
5151 params->mld_link_id) ||
5152 (params->freq &&
5153 nl80211_put_freq_params(msg, params->freq) < 0))
5154 goto fail;
5155
5156 nl80211_link_set_freq(bss, params->mld_link_id,
5157 params->freq->freq);
5158 }
5159
5160 if (params->proberesp && params->proberesp_len) {
5161 wpa_hexdump(MSG_DEBUG, "nl80211: proberesp (offload)",
5162 params->proberesp, params->proberesp_len);
5163 if (nla_put(msg, NL80211_ATTR_PROBE_RESP, params->proberesp_len,
5164 params->proberesp))
5165 goto fail;
5166 }
5167 switch (params->hide_ssid) {
5168 case NO_SSID_HIDING:
5169 wpa_printf(MSG_DEBUG, "nl80211: hidden SSID not in use");
5170 if (nla_put_u32(msg, NL80211_ATTR_HIDDEN_SSID,
5171 NL80211_HIDDEN_SSID_NOT_IN_USE))
5172 goto fail;
5173 break;
5174 case HIDDEN_SSID_ZERO_LEN:
5175 wpa_printf(MSG_DEBUG, "nl80211: hidden SSID zero len");
5176 if (nla_put_u32(msg, NL80211_ATTR_HIDDEN_SSID,
5177 NL80211_HIDDEN_SSID_ZERO_LEN))
5178 goto fail;
5179 break;
5180 case HIDDEN_SSID_ZERO_CONTENTS:
5181 wpa_printf(MSG_DEBUG, "nl80211: hidden SSID zero contents");
5182 if (nla_put_u32(msg, NL80211_ATTR_HIDDEN_SSID,
5183 NL80211_HIDDEN_SSID_ZERO_CONTENTS))
5184 goto fail;
5185 break;
5186 }
5187 wpa_printf(MSG_DEBUG, "nl80211: privacy=%d", params->privacy);
5188 if (params->privacy &&
5189 nla_put_flag(msg, NL80211_ATTR_PRIVACY))
5190 goto fail;
5191 wpa_printf(MSG_DEBUG, "nl80211: auth_algs=0x%x", params->auth_algs);
5192 if ((params->auth_algs & (WPA_AUTH_ALG_OPEN | WPA_AUTH_ALG_SHARED)) ==
5193 (WPA_AUTH_ALG_OPEN | WPA_AUTH_ALG_SHARED)) {
5194 /* Leave out the attribute */
5195 } else if (params->auth_algs & WPA_AUTH_ALG_SHARED) {
5196 if (nla_put_u32(msg, NL80211_ATTR_AUTH_TYPE,
5197 NL80211_AUTHTYPE_SHARED_KEY))
5198 goto fail;
5199 } else {
5200 if (nla_put_u32(msg, NL80211_ATTR_AUTH_TYPE,
5201 NL80211_AUTHTYPE_OPEN_SYSTEM))
5202 goto fail;
5203 }
5204
5205 wpa_printf(MSG_DEBUG, "nl80211: wpa_version=0x%x", params->wpa_version);
5206 ver = 0;
5207 if (params->wpa_version & WPA_PROTO_WPA)
5208 ver |= NL80211_WPA_VERSION_1;
5209 if (params->wpa_version & WPA_PROTO_RSN)
5210 ver |= NL80211_WPA_VERSION_2;
5211 if (ver &&
5212 nla_put_u32(msg, NL80211_ATTR_WPA_VERSIONS, ver))
5213 goto fail;
5214
5215 wpa_printf(MSG_DEBUG, "nl80211: key_mgmt_suites=0x%x",
5216 params->key_mgmt_suites);
5217 num_suites = wpa_key_mgmt_to_suites(params->key_mgmt_suites,
5218 suites, ARRAY_SIZE(suites));
5219 if (num_suites > NL80211_MAX_NR_AKM_SUITES)
5220 wpa_printf(MSG_DEBUG,
5221 "nl80211: Not enough room for all AKM suites (num_suites=%d > NL80211_MAX_NR_AKM_SUITES)",
5222 num_suites);
5223 else if (num_suites &&
5224 nla_put(msg, NL80211_ATTR_AKM_SUITES, num_suites * sizeof(u32),
5225 suites))
5226 goto fail;
5227
5228 if ((params->key_mgmt_suites & WPA_KEY_MGMT_PSK) &&
5229 (drv->capa.flags2 & WPA_DRIVER_FLAGS2_4WAY_HANDSHAKE_AP_PSK) &&
5230 params->psk_len) {
5231 if (nla_put(msg, NL80211_ATTR_PMK, params->psk_len, params->psk)) {
5232 wpa_printf(MSG_ERROR, "nl80211: Setting PSK failed");
5233 goto fail;
5234 } else
5235 wpa_printf(MSG_DEBUG, "nl80211: Setting PSK for offload");
5236 }
5237
5238 if (wpa_key_mgmt_sae(params->key_mgmt_suites) &&
5239 (drv->capa.flags2 & WPA_DRIVER_FLAGS2_SAE_OFFLOAD_AP) &&
5240 params->sae_password) {
5241 if (nla_put(msg, NL80211_ATTR_SAE_PASSWORD,
5242 os_strlen(params->sae_password), params->sae_password)) {
5243 wpa_printf(MSG_ERROR, "nl80211: Setting SAE password failed");
5244 goto fail;
5245 } else
5246 wpa_printf(MSG_DEBUG, "nl80211: SAE password for offload");
5247 }
5248
5249 if (params->key_mgmt_suites & WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
5250 (!params->pairwise_ciphers ||
5251 params->pairwise_ciphers & (WPA_CIPHER_WEP104 | WPA_CIPHER_WEP40)) &&
5252 (nla_put_u16(msg, NL80211_ATTR_CONTROL_PORT_ETHERTYPE, ETH_P_PAE) ||
5253 nla_put_flag(msg, NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT)))
5254 goto fail;
5255
5256 if (drv->device_ap_sme) {
5257 u32 flags = 0;
5258
5259 if (params->key_mgmt_suites & (WPA_KEY_MGMT_SAE |
5260 WPA_KEY_MGMT_SAE_EXT_KEY)) {
5261 /* Add the previously used flag attribute to support
5262 * older kernel versions and the newer flag bit for
5263 * newer kernels. */
5264 if (nla_put_flag(msg,
5265 NL80211_ATTR_EXTERNAL_AUTH_SUPPORT))
5266 goto fail;
5267 flags |= NL80211_AP_SETTINGS_EXTERNAL_AUTH_SUPPORT;
5268 }
5269
5270 flags |= NL80211_AP_SETTINGS_SA_QUERY_OFFLOAD_SUPPORT;
5271
5272 if (nla_put_u32(msg, NL80211_ATTR_AP_SETTINGS_FLAGS, flags))
5273 goto fail;
5274 }
5275
5276 wpa_printf(MSG_DEBUG, "nl80211: pairwise_ciphers=0x%x",
5277 params->pairwise_ciphers);
5278 num_suites = wpa_cipher_to_cipher_suites(params->pairwise_ciphers,
5279 suites, ARRAY_SIZE(suites));
5280 if (num_suites &&
5281 nla_put(msg, NL80211_ATTR_CIPHER_SUITES_PAIRWISE,
5282 num_suites * sizeof(u32), suites))
5283 goto fail;
5284
5285 wpa_printf(MSG_DEBUG, "nl80211: group_cipher=0x%x",
5286 params->group_cipher);
5287 suite = wpa_cipher_to_cipher_suite(params->group_cipher);
5288 if (suite &&
5289 nla_put_u32(msg, NL80211_ATTR_CIPHER_SUITE_GROUP, suite))
5290 goto fail;
5291
5292 if (params->beacon_ies) {
5293 wpa_hexdump_buf(MSG_DEBUG, "nl80211: beacon_ies",
5294 params->beacon_ies);
5295 if (nla_put(msg, NL80211_ATTR_IE,
5296 wpabuf_len(params->beacon_ies),
5297 wpabuf_head(params->beacon_ies)))
5298 goto fail;
5299 }
5300 if (params->proberesp_ies) {
5301 wpa_hexdump_buf(MSG_DEBUG, "nl80211: proberesp_ies",
5302 params->proberesp_ies);
5303 if (nla_put(msg, NL80211_ATTR_IE_PROBE_RESP,
5304 wpabuf_len(params->proberesp_ies),
5305 wpabuf_head(params->proberesp_ies)))
5306 goto fail;
5307 }
5308 if (params->assocresp_ies) {
5309 wpa_hexdump_buf(MSG_DEBUG, "nl80211: assocresp_ies",
5310 params->assocresp_ies);
5311 if (nla_put(msg, NL80211_ATTR_IE_ASSOC_RESP,
5312 wpabuf_len(params->assocresp_ies),
5313 wpabuf_head(params->assocresp_ies)))
5314 goto fail;
5315 }
5316
5317 if (drv->capa.flags & WPA_DRIVER_FLAGS_INACTIVITY_TIMER) {
5318 wpa_printf(MSG_DEBUG, "nl80211: ap_max_inactivity=%d",
5319 params->ap_max_inactivity);
5320 if (nla_put_u16(msg, NL80211_ATTR_INACTIVITY_TIMEOUT,
5321 params->ap_max_inactivity))
5322 goto fail;
5323 }
5324
5325 #ifdef CONFIG_P2P
5326 if (params->p2p_go_ctwindow > 0) {
5327 if (drv->p2p_go_ctwindow_supported) {
5328 wpa_printf(MSG_DEBUG, "nl80211: P2P GO ctwindow=%d",
5329 params->p2p_go_ctwindow);
5330 if (nla_put_u8(msg, NL80211_ATTR_P2P_CTWINDOW,
5331 params->p2p_go_ctwindow))
5332 goto fail;
5333 } else {
5334 wpa_printf(MSG_INFO,
5335 "nl80211: Driver does not support CTWindow configuration - ignore this parameter");
5336 }
5337 }
5338 #endif /* CONFIG_P2P */
5339
5340 if (params->pbss) {
5341 wpa_printf(MSG_DEBUG, "nl80211: PBSS");
5342 if (nla_put_flag(msg, NL80211_ATTR_PBSS))
5343 goto fail;
5344 }
5345
5346 if (params->ftm_responder) {
5347 struct nlattr *ftm;
5348
5349 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_FTM_RESPONDER)) {
5350 ret = -ENOTSUP;
5351 goto fail;
5352 }
5353
5354 ftm = nla_nest_start(msg, NL80211_ATTR_FTM_RESPONDER);
5355 if (!ftm ||
5356 nla_put_flag(msg, NL80211_FTM_RESP_ATTR_ENABLED) ||
5357 (params->lci &&
5358 nla_put(msg, NL80211_FTM_RESP_ATTR_LCI,
5359 wpabuf_len(params->lci),
5360 wpabuf_head(params->lci))) ||
5361 (params->civic &&
5362 nla_put(msg, NL80211_FTM_RESP_ATTR_CIVICLOC,
5363 wpabuf_len(params->civic),
5364 wpabuf_head(params->civic))))
5365 goto fail;
5366 nla_nest_end(msg, ftm);
5367 }
5368
5369 #ifdef CONFIG_IEEE80211AX
5370 if (params->he_spr_ctrl) {
5371 struct nlattr *spr;
5372
5373 spr = nla_nest_start(msg, NL80211_ATTR_HE_OBSS_PD);
5374 wpa_printf(MSG_DEBUG, "nl80211: he_spr_ctrl=0x%x",
5375 params->he_spr_ctrl);
5376
5377 if (!spr ||
5378 nla_put_u8(msg, NL80211_HE_OBSS_PD_ATTR_SR_CTRL,
5379 params->he_spr_ctrl) ||
5380 ((params->he_spr_ctrl &
5381 SPATIAL_REUSE_NON_SRG_OFFSET_PRESENT) &&
5382 nla_put_u8(msg, NL80211_HE_OBSS_PD_ATTR_NON_SRG_MAX_OFFSET,
5383 params->he_spr_non_srg_obss_pd_max_offset)))
5384 goto fail;
5385
5386 if ((params->he_spr_ctrl &
5387 SPATIAL_REUSE_SRG_INFORMATION_PRESENT) &&
5388 (nla_put_u8(msg, NL80211_HE_OBSS_PD_ATTR_MIN_OFFSET,
5389 params->he_spr_srg_obss_pd_min_offset) ||
5390 nla_put_u8(msg, NL80211_HE_OBSS_PD_ATTR_MAX_OFFSET,
5391 params->he_spr_srg_obss_pd_max_offset) ||
5392 nla_put(msg, NL80211_HE_OBSS_PD_ATTR_BSS_COLOR_BITMAP,
5393 sizeof(params->he_spr_bss_color_bitmap),
5394 params->he_spr_bss_color_bitmap) ||
5395 nla_put(msg, NL80211_HE_OBSS_PD_ATTR_PARTIAL_BSSID_BITMAP,
5396 sizeof(params->he_spr_partial_bssid_bitmap),
5397 params->he_spr_partial_bssid_bitmap)))
5398 goto fail;
5399
5400 nla_nest_end(msg, spr);
5401 }
5402
5403 if (params->freq && nl80211_put_freq_params(msg, params->freq) < 0)
5404 goto fail;
5405
5406 if (params->freq && params->freq->he_enabled) {
5407 struct nlattr *bss_color;
5408
5409 bss_color = nla_nest_start(msg, NL80211_ATTR_HE_BSS_COLOR);
5410 if (!bss_color ||
5411 (params->he_bss_color_disabled &&
5412 nla_put_flag(msg, NL80211_HE_BSS_COLOR_ATTR_DISABLED)) ||
5413 (params->he_bss_color_partial &&
5414 nla_put_flag(msg, NL80211_HE_BSS_COLOR_ATTR_PARTIAL)) ||
5415 nla_put_u8(msg, NL80211_HE_BSS_COLOR_ATTR_COLOR,
5416 params->he_bss_color))
5417 goto fail;
5418 nla_nest_end(msg, bss_color);
5419 }
5420
5421 if (params->twt_responder) {
5422 wpa_printf(MSG_DEBUG, "nl80211: twt_responder=%d",
5423 params->twt_responder);
5424 if (nla_put_flag(msg, NL80211_ATTR_TWT_RESPONDER))
5425 goto fail;
5426 }
5427
5428 if (params->unsol_bcast_probe_resp_interval &&
5429 nl80211_unsol_bcast_probe_resp(bss, msg, params) < 0)
5430 goto fail;
5431
5432 if (nl80211_mbssid(msg, params) < 0)
5433 goto fail;
5434 #endif /* CONFIG_IEEE80211AX */
5435
5436 #ifdef CONFIG_SAE
5437 if (wpa_key_mgmt_sae(params->key_mgmt_suites) &&
5438 nl80211_put_sae_pwe(msg, params->sae_pwe) < 0)
5439 goto fail;
5440 #endif /* CONFIG_SAE */
5441
5442 #ifdef CONFIG_FILS
5443 if (params->fd_max_int && nl80211_fils_discovery(bss, msg, params) < 0)
5444 goto fail;
5445 #endif /* CONFIG_FILS */
5446
5447 if (params->punct_bitmap) {
5448 wpa_printf(MSG_DEBUG, "nl80211: Puncturing bitmap=0x%04x",
5449 params->punct_bitmap);
5450 if (nla_put_u32(msg, NL80211_ATTR_PUNCT_BITMAP,
5451 params->punct_bitmap))
5452 goto fail;
5453 }
5454
5455 #ifdef CONFIG_DRIVER_NL80211_QCA
5456 if (cmd == NL80211_CMD_NEW_BEACON && params->allowed_freqs)
5457 qca_set_allowed_ap_freqs(drv, params->allowed_freqs,
5458 int_array_len(params->allowed_freqs));
5459 #endif /* CONFIG_DRIVER_NL80211_QCA */
5460
5461 ret = send_and_recv_msgs_connect_handle(drv, msg, bss, 1);
5462 if (ret) {
5463 wpa_printf(MSG_DEBUG, "nl80211: Beacon set failed: %d (%s)",
5464 ret, strerror(-ret));
5465 } else {
5466 link->beacon_set = 1;
5467 nl80211_set_bss(bss, params->cts_protect, params->preamble,
5468 params->short_slot_time, params->ht_opmode,
5469 params->isolate, params->basic_rates);
5470 nl80211_set_multicast_to_unicast(bss,
5471 params->multicast_to_unicast);
5472 if (beacon_set && params->freq &&
5473 params->freq->bandwidth != link->bandwidth) {
5474 wpa_printf(MSG_DEBUG,
5475 "nl80211: Update BSS %s bandwidth: %d -> %d",
5476 bss->ifname, link->bandwidth,
5477 params->freq->bandwidth);
5478 ret = nl80211_set_channel(bss, params->freq, 1);
5479 if (ret) {
5480 wpa_printf(MSG_DEBUG,
5481 "nl80211: Frequency set failed: %d (%s)",
5482 ret, strerror(-ret));
5483 } else {
5484 wpa_printf(MSG_DEBUG,
5485 "nl80211: Frequency set succeeded for ht2040 coex");
5486 link->bandwidth = params->freq->bandwidth;
5487 }
5488 } else if (!beacon_set && params->freq) {
5489 /*
5490 * cfg80211 updates the driver on frequence change in AP
5491 * mode only at the point when beaconing is started, so
5492 * set the initial value here.
5493 */
5494 link->bandwidth = params->freq->bandwidth;
5495 }
5496 }
5497
5498 #ifdef CONFIG_MESH
5499 if (is_mesh_interface(drv->nlmode) && params->ht_opmode != -1) {
5500 os_memset(&mesh_params, 0, sizeof(mesh_params));
5501 mesh_params.flags |= WPA_DRIVER_MESH_CONF_FLAG_HT_OP_MODE;
5502 mesh_params.ht_opmode = params->ht_opmode;
5503 ret = nl80211_set_mesh_config(priv, &mesh_params);
5504 if (ret < 0)
5505 return ret;
5506 }
5507 #endif /* CONFIG_MESH */
5508
5509 return ret;
5510 fail:
5511 nlmsg_free(msg);
5512 return ret;
5513 }
5514
5515
nl80211_link_valid(struct i802_bss * bss,s8 link_id)5516 static bool nl80211_link_valid(struct i802_bss *bss, s8 link_id)
5517 {
5518 unsigned int i;
5519
5520 if (link_id < 0)
5521 return false;
5522
5523 for (i = 0; i < bss->n_links; i++) {
5524 wpa_printf(MSG_DEBUG, "nl80211: %s - i=%u, link_id=%u",
5525 __func__, i, bss->links[i].link_id);
5526 if (bss->links[i].link_id == NL80211_DRV_LINK_ID_NA)
5527 continue;
5528
5529 if (bss->links[i].link_id == link_id)
5530 return true;
5531 }
5532
5533 return false;
5534 }
5535
5536
nl80211_set_channel(struct i802_bss * bss,struct hostapd_freq_params * freq,int set_chan)5537 static int nl80211_set_channel(struct i802_bss *bss,
5538 struct hostapd_freq_params *freq, int set_chan)
5539 {
5540 struct wpa_driver_nl80211_data *drv = bss->drv;
5541 struct nl_msg *msg;
5542 int ret;
5543
5544 wpa_printf(MSG_DEBUG,
5545 "nl80211: Set freq %d (ht_enabled=%d, vht_enabled=%d, he_enabled=%d, eht_enabled=%d, bandwidth=%d MHz, cf1=%d MHz, cf2=%d MHz)",
5546 freq->freq, freq->ht_enabled, freq->vht_enabled,
5547 freq->he_enabled, freq->eht_enabled, freq->bandwidth,
5548 freq->center_freq1, freq->center_freq2);
5549
5550 msg = nl80211_drv_msg(drv, 0, set_chan ? NL80211_CMD_SET_CHANNEL :
5551 NL80211_CMD_SET_WIPHY);
5552 if (!msg || nl80211_put_freq_params(msg, freq) < 0) {
5553 nlmsg_free(msg);
5554 return -1;
5555 }
5556
5557 if (nl80211_link_valid(bss, freq->link_id)) {
5558 wpa_printf(MSG_DEBUG, "nl80211: Set link_id=%u for freq",
5559 freq->link_id);
5560
5561 if (nla_put_u8(msg, NL80211_ATTR_MLO_LINK_ID, freq->link_id)) {
5562 nlmsg_free(msg);
5563 return -ENOBUFS;
5564 }
5565 }
5566
5567 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
5568 if (ret == 0) {
5569 nl80211_link_set_freq(bss, freq->link_id, freq->freq);
5570 return 0;
5571 }
5572 wpa_printf(MSG_DEBUG, "nl80211: Failed to set channel (freq=%d): "
5573 "%d (%s)", freq->freq, ret, strerror(-ret));
5574 return -1;
5575 }
5576
5577
sta_flags_nl80211(int flags)5578 static u32 sta_flags_nl80211(int flags)
5579 {
5580 u32 f = 0;
5581
5582 if (flags & WPA_STA_AUTHORIZED)
5583 f |= BIT(NL80211_STA_FLAG_AUTHORIZED);
5584 if (flags & WPA_STA_WMM)
5585 f |= BIT(NL80211_STA_FLAG_WME);
5586 if (flags & WPA_STA_SHORT_PREAMBLE)
5587 f |= BIT(NL80211_STA_FLAG_SHORT_PREAMBLE);
5588 if (flags & WPA_STA_MFP)
5589 f |= BIT(NL80211_STA_FLAG_MFP);
5590 if (flags & WPA_STA_TDLS_PEER)
5591 f |= BIT(NL80211_STA_FLAG_TDLS_PEER);
5592 if (flags & WPA_STA_AUTHENTICATED)
5593 f |= BIT(NL80211_STA_FLAG_AUTHENTICATED);
5594 if (flags & WPA_STA_ASSOCIATED)
5595 f |= BIT(NL80211_STA_FLAG_ASSOCIATED);
5596
5597 return f;
5598 }
5599
5600
5601 #ifdef CONFIG_MESH
sta_plink_state_nl80211(enum mesh_plink_state state)5602 static u32 sta_plink_state_nl80211(enum mesh_plink_state state)
5603 {
5604 switch (state) {
5605 case PLINK_IDLE:
5606 return NL80211_PLINK_LISTEN;
5607 case PLINK_OPN_SNT:
5608 return NL80211_PLINK_OPN_SNT;
5609 case PLINK_OPN_RCVD:
5610 return NL80211_PLINK_OPN_RCVD;
5611 case PLINK_CNF_RCVD:
5612 return NL80211_PLINK_CNF_RCVD;
5613 case PLINK_ESTAB:
5614 return NL80211_PLINK_ESTAB;
5615 case PLINK_HOLDING:
5616 return NL80211_PLINK_HOLDING;
5617 case PLINK_BLOCKED:
5618 return NL80211_PLINK_BLOCKED;
5619 default:
5620 wpa_printf(MSG_ERROR, "nl80211: Invalid mesh plink state %d",
5621 state);
5622 }
5623 return -1;
5624 }
5625 #endif /* CONFIG_MESH */
5626
5627
wpa_driver_nl80211_sta_add(void * priv,struct hostapd_sta_add_params * params)5628 static int wpa_driver_nl80211_sta_add(void *priv,
5629 struct hostapd_sta_add_params *params)
5630 {
5631 struct i802_bss *bss = priv;
5632 struct wpa_driver_nl80211_data *drv = bss->drv;
5633 struct nl_msg *msg;
5634 struct nl80211_sta_flag_update upd;
5635 int ret = -ENOBUFS;
5636 u8 cmd;
5637 const char *cmd_string;
5638
5639 if ((params->flags & WPA_STA_TDLS_PEER) &&
5640 !(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT))
5641 return -EOPNOTSUPP;
5642
5643 if (params->mld_link_sta) {
5644 cmd = params->set ? NL80211_CMD_MODIFY_LINK_STA :
5645 NL80211_CMD_ADD_LINK_STA;
5646 cmd_string = params->set ? "NL80211_CMD_MODIFY_LINK_STA" :
5647 "NL80211_CMD_ADD_LINK_STA";
5648 } else {
5649 cmd = params->set ? NL80211_CMD_SET_STATION :
5650 NL80211_CMD_NEW_STATION;
5651 cmd_string = params->set ? "NL80211_CMD_SET_STATION" :
5652 "NL80211_CMD_NEW_STATION";
5653 }
5654
5655 wpa_printf(MSG_DEBUG, "nl80211: %s STA " MACSTR,
5656 cmd_string, MAC2STR(params->addr));
5657 msg = nl80211_bss_msg(bss, 0, cmd);
5658 if (!msg)
5659 goto fail;
5660
5661 /*
5662 * Set the below properties only in one of the following cases:
5663 * 1. New station is added, already associated.
5664 * 2. Set WPA_STA_TDLS_PEER station.
5665 * 3. Set an already added unassociated station, if driver supports
5666 * full AP client state. (Set these properties after station became
5667 * associated will be rejected by the driver).
5668 */
5669 if (!params->set || (params->flags & WPA_STA_TDLS_PEER) ||
5670 (params->set && FULL_AP_CLIENT_STATE_SUPP(drv->capa.flags) &&
5671 (params->flags & WPA_STA_ASSOCIATED))) {
5672 wpa_hexdump(MSG_DEBUG, " * supported rates",
5673 params->supp_rates, params->supp_rates_len);
5674 wpa_printf(MSG_DEBUG, " * capability=0x%x",
5675 params->capability);
5676 if (nla_put(msg, NL80211_ATTR_STA_SUPPORTED_RATES,
5677 params->supp_rates_len, params->supp_rates) ||
5678 nla_put_u16(msg, NL80211_ATTR_STA_CAPABILITY,
5679 params->capability))
5680 goto fail;
5681
5682 if (params->ht_capabilities) {
5683 wpa_hexdump(MSG_DEBUG, " * ht_capabilities",
5684 (u8 *) params->ht_capabilities,
5685 sizeof(*params->ht_capabilities));
5686 if (nla_put(msg, NL80211_ATTR_HT_CAPABILITY,
5687 sizeof(*params->ht_capabilities),
5688 params->ht_capabilities))
5689 goto fail;
5690 }
5691
5692 if (params->vht_capabilities) {
5693 wpa_hexdump(MSG_DEBUG, " * vht_capabilities",
5694 (u8 *) params->vht_capabilities,
5695 sizeof(*params->vht_capabilities));
5696 if (nla_put(msg, NL80211_ATTR_VHT_CAPABILITY,
5697 sizeof(*params->vht_capabilities),
5698 params->vht_capabilities))
5699 goto fail;
5700 }
5701
5702 if (params->he_capab) {
5703 wpa_hexdump(MSG_DEBUG, " * he_capab",
5704 params->he_capab, params->he_capab_len);
5705 if (nla_put(msg, NL80211_ATTR_HE_CAPABILITY,
5706 params->he_capab_len, params->he_capab))
5707 goto fail;
5708 }
5709
5710 if (params->he_6ghz_capab) {
5711 wpa_hexdump(MSG_DEBUG, " * he_6ghz_capab",
5712 params->he_6ghz_capab,
5713 sizeof(*params->he_6ghz_capab));
5714 if (nla_put(msg, NL80211_ATTR_HE_6GHZ_CAPABILITY,
5715 sizeof(*params->he_6ghz_capab),
5716 params->he_6ghz_capab))
5717 goto fail;
5718 }
5719
5720 if (params->eht_capab) {
5721 wpa_hexdump(MSG_DEBUG, " * eht_capab",
5722 params->eht_capab, params->eht_capab_len);
5723 if (nla_put(msg, NL80211_ATTR_EHT_CAPABILITY,
5724 params->eht_capab_len, params->eht_capab))
5725 goto fail;
5726 }
5727
5728 if (params->ext_capab) {
5729 wpa_hexdump(MSG_DEBUG, " * ext_capab",
5730 params->ext_capab, params->ext_capab_len);
5731 if (nla_put(msg, NL80211_ATTR_STA_EXT_CAPABILITY,
5732 params->ext_capab_len, params->ext_capab))
5733 goto fail;
5734 }
5735
5736 if (is_ap_interface(drv->nlmode) &&
5737 nla_put_u8(msg, NL80211_ATTR_STA_SUPPORT_P2P_PS,
5738 params->support_p2p_ps ?
5739 NL80211_P2P_PS_SUPPORTED :
5740 NL80211_P2P_PS_UNSUPPORTED))
5741 goto fail;
5742 }
5743 if (!params->set) {
5744 if (params->aid) {
5745 wpa_printf(MSG_DEBUG, " * aid=%u", params->aid);
5746 if (nla_put_u16(msg, NL80211_ATTR_STA_AID, params->aid))
5747 goto fail;
5748 } else {
5749 /*
5750 * cfg80211 validates that AID is non-zero, so we have
5751 * to make this a non-zero value for the TDLS case where
5752 * a stub STA entry is used for now and for a station
5753 * that is still not associated.
5754 */
5755 wpa_printf(MSG_DEBUG, " * aid=1 (%s workaround)",
5756 (params->flags & WPA_STA_TDLS_PEER) ?
5757 "TDLS" : "UNASSOC_STA");
5758 if (nla_put_u16(msg, NL80211_ATTR_STA_AID, 1))
5759 goto fail;
5760 }
5761 wpa_printf(MSG_DEBUG, " * listen_interval=%u",
5762 params->listen_interval);
5763 if (nla_put_u16(msg, NL80211_ATTR_STA_LISTEN_INTERVAL,
5764 params->listen_interval))
5765 goto fail;
5766 } else if (params->aid && (params->flags & WPA_STA_TDLS_PEER)) {
5767 wpa_printf(MSG_DEBUG, " * peer_aid=%u", params->aid);
5768 if (nla_put_u16(msg, NL80211_ATTR_PEER_AID, params->aid))
5769 goto fail;
5770 } else if (FULL_AP_CLIENT_STATE_SUPP(drv->capa.flags) &&
5771 (params->flags & WPA_STA_ASSOCIATED)) {
5772 wpa_printf(MSG_DEBUG, " * aid=%u", params->aid);
5773 wpa_printf(MSG_DEBUG, " * listen_interval=%u",
5774 params->listen_interval);
5775 if (nla_put_u16(msg, NL80211_ATTR_STA_AID, params->aid) ||
5776 nla_put_u16(msg, NL80211_ATTR_STA_LISTEN_INTERVAL,
5777 params->listen_interval))
5778 goto fail;
5779 }
5780
5781 if (params->vht_opmode_enabled) {
5782 wpa_printf(MSG_DEBUG, " * opmode=%u", params->vht_opmode);
5783 if (nla_put_u8(msg, NL80211_ATTR_OPMODE_NOTIF,
5784 params->vht_opmode))
5785 goto fail;
5786 }
5787
5788 if (params->supp_channels) {
5789 wpa_hexdump(MSG_DEBUG, " * supported channels",
5790 params->supp_channels, params->supp_channels_len);
5791 if (nla_put(msg, NL80211_ATTR_STA_SUPPORTED_CHANNELS,
5792 params->supp_channels_len, params->supp_channels))
5793 goto fail;
5794 }
5795
5796 if (params->supp_oper_classes) {
5797 wpa_hexdump(MSG_DEBUG, " * supported operating classes",
5798 params->supp_oper_classes,
5799 params->supp_oper_classes_len);
5800 if (nla_put(msg, NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES,
5801 params->supp_oper_classes_len,
5802 params->supp_oper_classes))
5803 goto fail;
5804 }
5805
5806 os_memset(&upd, 0, sizeof(upd));
5807 upd.set = sta_flags_nl80211(params->flags);
5808 upd.mask = upd.set | sta_flags_nl80211(params->flags_mask);
5809
5810 /*
5811 * If the driver doesn't support full AP client state, ignore ASSOC/AUTH
5812 * flags, as nl80211 driver moves a new station, by default, into
5813 * associated state.
5814 *
5815 * On the other hand, if the driver supports that feature and the
5816 * station is added in unauthenticated state, set the
5817 * authenticated/associated bits in the mask to prevent moving this
5818 * station to associated state before it is actually associated.
5819 *
5820 * This is irrelevant for mesh mode where the station is added to the
5821 * driver as authenticated already, and ASSOCIATED isn't part of the
5822 * nl80211 API.
5823 */
5824 if (!is_mesh_interface(drv->nlmode)) {
5825 if (!FULL_AP_CLIENT_STATE_SUPP(drv->capa.flags)) {
5826 wpa_printf(MSG_DEBUG,
5827 "nl80211: Ignore ASSOC/AUTH flags since driver doesn't support full AP client state");
5828 upd.mask &= ~(BIT(NL80211_STA_FLAG_ASSOCIATED) |
5829 BIT(NL80211_STA_FLAG_AUTHENTICATED));
5830 } else if (!params->set &&
5831 !(params->flags & WPA_STA_TDLS_PEER)) {
5832 if (!(params->flags & WPA_STA_AUTHENTICATED))
5833 upd.mask |= BIT(NL80211_STA_FLAG_AUTHENTICATED);
5834 if (!(params->flags & WPA_STA_ASSOCIATED))
5835 upd.mask |= BIT(NL80211_STA_FLAG_ASSOCIATED);
5836 }
5837 #ifdef CONFIG_MESH
5838 } else {
5839 if (params->plink_state == PLINK_ESTAB && params->peer_aid) {
5840 ret = nla_put_u16(msg, NL80211_ATTR_MESH_PEER_AID,
5841 params->peer_aid);
5842 if (ret)
5843 goto fail;
5844 }
5845 #endif /* CONFIG_MESH */
5846 }
5847
5848 wpa_printf(MSG_DEBUG, " * flags set=0x%x mask=0x%x",
5849 upd.set, upd.mask);
5850 if (nla_put(msg, NL80211_ATTR_STA_FLAGS2, sizeof(upd), &upd))
5851 goto fail;
5852
5853 #ifdef CONFIG_MESH
5854 if (params->plink_state &&
5855 nla_put_u8(msg, NL80211_ATTR_STA_PLINK_STATE,
5856 sta_plink_state_nl80211(params->plink_state)))
5857 goto fail;
5858 #endif /* CONFIG_MESH */
5859
5860 if ((!params->set || (params->flags & WPA_STA_TDLS_PEER) ||
5861 FULL_AP_CLIENT_STATE_SUPP(drv->capa.flags)) &&
5862 (params->flags & WPA_STA_WMM)) {
5863 struct nlattr *wme = nla_nest_start(msg, NL80211_ATTR_STA_WME);
5864
5865 wpa_printf(MSG_DEBUG, " * qosinfo=0x%x", params->qosinfo);
5866 if (!wme ||
5867 nla_put_u8(msg, NL80211_STA_WME_UAPSD_QUEUES,
5868 params->qosinfo & WMM_QOSINFO_STA_AC_MASK) ||
5869 nla_put_u8(msg, NL80211_STA_WME_MAX_SP,
5870 (params->qosinfo >> WMM_QOSINFO_STA_SP_SHIFT) &
5871 WMM_QOSINFO_STA_SP_MASK))
5872 goto fail;
5873 nla_nest_end(msg, wme);
5874 }
5875
5876 /* In case we are an AP MLD need to always specify the link ID */
5877 if (params->mld_link_id >= 0) {
5878 wpa_printf(MSG_DEBUG, " * mld_link_id=%d",
5879 params->mld_link_id);
5880 if (nla_put_u8(msg, NL80211_ATTR_MLO_LINK_ID,
5881 params->mld_link_id))
5882 goto fail;
5883
5884 /*
5885 * If the link address is specified the station is a non-AP MLD
5886 * and thus need to provide the MLD address as the station
5887 * address, and the non-AP MLD link address as the link address.
5888 */
5889 if (params->mld_link_addr) {
5890 wpa_printf(MSG_DEBUG, " * mld_link_addr=" MACSTR,
5891 MAC2STR(params->mld_link_addr));
5892
5893 if (nla_put(msg, NL80211_ATTR_MLD_ADDR,
5894 ETH_ALEN, params->addr) ||
5895 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN,
5896 params->mld_link_addr))
5897 goto fail;
5898 } else {
5899 if (nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN,
5900 params->addr))
5901 goto fail;
5902 }
5903 } else {
5904 if (nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, params->addr))
5905 goto fail;
5906 }
5907
5908 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
5909 msg = NULL;
5910 if (ret)
5911 wpa_printf(MSG_DEBUG, "nl80211: %s result: %d (%s)",
5912 cmd_string, ret, strerror(-ret));
5913 if (ret == -EEXIST)
5914 ret = 0;
5915 fail:
5916 nlmsg_free(msg);
5917 return ret;
5918 }
5919
5920
rtnl_neigh_delete_fdb_entry(struct i802_bss * bss,const u8 * addr)5921 static void rtnl_neigh_delete_fdb_entry(struct i802_bss *bss, const u8 *addr)
5922 {
5923 #ifdef CONFIG_LIBNL3_ROUTE
5924 struct wpa_driver_nl80211_data *drv = bss->drv;
5925 struct rtnl_neigh *rn;
5926 struct nl_addr *nl_addr;
5927 int err;
5928
5929 rn = rtnl_neigh_alloc();
5930 if (!rn)
5931 return;
5932
5933 rtnl_neigh_set_family(rn, AF_BRIDGE);
5934 rtnl_neigh_set_ifindex(rn, bss->ifindex);
5935 nl_addr = nl_addr_build(AF_BRIDGE, (void *) addr, ETH_ALEN);
5936 if (!nl_addr) {
5937 rtnl_neigh_put(rn);
5938 return;
5939 }
5940 rtnl_neigh_set_lladdr(rn, nl_addr);
5941
5942 err = rtnl_neigh_delete(drv->rtnl_sk, rn, 0);
5943 if (err < 0) {
5944 wpa_printf(MSG_DEBUG, "nl80211: bridge FDB entry delete for "
5945 MACSTR " ifindex=%d failed: %s", MAC2STR(addr),
5946 bss->ifindex, nl_geterror(err));
5947 } else {
5948 wpa_printf(MSG_DEBUG, "nl80211: deleted bridge FDB entry for "
5949 MACSTR, MAC2STR(addr));
5950 }
5951
5952 nl_addr_put(nl_addr);
5953 rtnl_neigh_put(rn);
5954 #endif /* CONFIG_LIBNL3_ROUTE */
5955 }
5956
5957
wpa_driver_nl80211_sta_remove(struct i802_bss * bss,const u8 * addr,int deauth,u16 reason_code)5958 static int wpa_driver_nl80211_sta_remove(struct i802_bss *bss, const u8 *addr,
5959 int deauth, u16 reason_code)
5960 {
5961 struct wpa_driver_nl80211_data *drv = bss->drv;
5962 struct nl_msg *msg;
5963 int ret;
5964
5965 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_DEL_STATION)) ||
5966 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr) ||
5967 (deauth == 0 &&
5968 nla_put_u8(msg, NL80211_ATTR_MGMT_SUBTYPE,
5969 WLAN_FC_STYPE_DISASSOC)) ||
5970 (deauth == 1 &&
5971 nla_put_u8(msg, NL80211_ATTR_MGMT_SUBTYPE,
5972 WLAN_FC_STYPE_DEAUTH)) ||
5973 (reason_code &&
5974 nla_put_u16(msg, NL80211_ATTR_REASON_CODE, reason_code))) {
5975 nlmsg_free(msg);
5976 return -ENOBUFS;
5977 }
5978
5979 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
5980 wpa_printf(MSG_DEBUG, "nl80211: sta_remove -> DEL_STATION %s " MACSTR
5981 " --> %d (%s)",
5982 bss->ifname, MAC2STR(addr), ret, strerror(-ret));
5983
5984 if (drv->rtnl_sk)
5985 rtnl_neigh_delete_fdb_entry(bss, addr);
5986
5987 if (ret == -ENOENT)
5988 return 0;
5989 return ret;
5990 }
5991
5992
nl80211_remove_iface(struct wpa_driver_nl80211_data * drv,int ifidx)5993 void nl80211_remove_iface(struct wpa_driver_nl80211_data *drv, int ifidx)
5994 {
5995 struct nl_msg *msg;
5996 struct wpa_driver_nl80211_data *drv2;
5997
5998 wpa_printf(MSG_DEBUG, "nl80211: Remove interface ifindex=%d", ifidx);
5999
6000 /* stop listening for EAPOL on this interface */
6001 dl_list_for_each(drv2, &drv->global->interfaces,
6002 struct wpa_driver_nl80211_data, list)
6003 {
6004 del_ifidx(drv2, ifidx, IFIDX_ANY);
6005 /* Remove all bridges learned for this iface */
6006 del_ifidx(drv2, IFIDX_ANY, ifidx);
6007 }
6008
6009 msg = nl80211_ifindex_msg(drv, ifidx, 0, NL80211_CMD_DEL_INTERFACE);
6010 if (send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL) == 0)
6011 return;
6012 wpa_printf(MSG_ERROR, "Failed to remove interface (ifidx=%d)", ifidx);
6013 }
6014
6015
nl80211_iftype_str(enum nl80211_iftype mode)6016 const char * nl80211_iftype_str(enum nl80211_iftype mode)
6017 {
6018 switch (mode) {
6019 case NL80211_IFTYPE_ADHOC:
6020 return "ADHOC";
6021 case NL80211_IFTYPE_STATION:
6022 return "STATION";
6023 case NL80211_IFTYPE_AP:
6024 return "AP";
6025 case NL80211_IFTYPE_AP_VLAN:
6026 return "AP_VLAN";
6027 case NL80211_IFTYPE_WDS:
6028 return "WDS";
6029 case NL80211_IFTYPE_MONITOR:
6030 return "MONITOR";
6031 case NL80211_IFTYPE_MESH_POINT:
6032 return "MESH_POINT";
6033 case NL80211_IFTYPE_P2P_CLIENT:
6034 return "P2P_CLIENT";
6035 case NL80211_IFTYPE_P2P_GO:
6036 return "P2P_GO";
6037 case NL80211_IFTYPE_P2P_DEVICE:
6038 return "P2P_DEVICE";
6039 case NL80211_IFTYPE_OCB:
6040 return "OCB";
6041 case NL80211_IFTYPE_NAN:
6042 return "NAN";
6043 default:
6044 return "unknown";
6045 }
6046 }
6047
6048
nl80211_create_iface_once(struct wpa_driver_nl80211_data * drv,const char * ifname,enum nl80211_iftype iftype,const u8 * addr,int wds,int (* handler)(struct nl_msg *,void *),void * arg)6049 static int nl80211_create_iface_once(struct wpa_driver_nl80211_data *drv,
6050 const char *ifname,
6051 enum nl80211_iftype iftype,
6052 const u8 *addr, int wds,
6053 int (*handler)(struct nl_msg *, void *),
6054 void *arg)
6055 {
6056 struct nl_msg *msg;
6057 int ifidx;
6058 int ret = -ENOBUFS;
6059
6060 wpa_printf(MSG_DEBUG, "nl80211: Create interface iftype %d (%s)",
6061 iftype, nl80211_iftype_str(iftype));
6062
6063 msg = nl80211_cmd_msg(drv->first_bss, 0, NL80211_CMD_NEW_INTERFACE);
6064 if (!msg ||
6065 nla_put_string(msg, NL80211_ATTR_IFNAME, ifname) ||
6066 nla_put_u32(msg, NL80211_ATTR_IFTYPE, iftype))
6067 goto fail;
6068
6069 if (iftype == NL80211_IFTYPE_MONITOR) {
6070 struct nlattr *flags;
6071
6072 flags = nla_nest_start(msg, NL80211_ATTR_MNTR_FLAGS);
6073 if (!flags ||
6074 nla_put_flag(msg, NL80211_MNTR_FLAG_COOK_FRAMES))
6075 goto fail;
6076
6077 nla_nest_end(msg, flags);
6078 } else if (wds) {
6079 if (nla_put_u8(msg, NL80211_ATTR_4ADDR, wds))
6080 goto fail;
6081 }
6082
6083 /*
6084 * Tell cfg80211 that the interface belongs to the socket that created
6085 * it, and the interface should be deleted when the socket is closed.
6086 */
6087 if (nla_put_flag(msg, NL80211_ATTR_IFACE_SOCKET_OWNER))
6088 goto fail;
6089
6090 if ((addr && iftype == NL80211_IFTYPE_P2P_DEVICE) &&
6091 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr))
6092 goto fail;
6093
6094 ret = send_and_recv_msgs(drv, msg, handler, arg, NULL, NULL);
6095 msg = NULL;
6096 if (ret) {
6097 fail:
6098 nlmsg_free(msg);
6099 wpa_printf(MSG_ERROR, "Failed to create interface %s: %d (%s)",
6100 ifname, ret, strerror(-ret));
6101 return ret;
6102 }
6103
6104 if (iftype == NL80211_IFTYPE_P2P_DEVICE)
6105 return 0;
6106
6107 ifidx = if_nametoindex(ifname);
6108 wpa_printf(MSG_DEBUG, "nl80211: New interface %s created: ifindex=%d",
6109 ifname, ifidx);
6110
6111 if (ifidx <= 0)
6112 return -1;
6113
6114 /*
6115 * Some virtual interfaces need to process EAPOL packets and events on
6116 * the parent interface. This is used mainly with hostapd.
6117 */
6118 if (drv->hostapd ||
6119 iftype == NL80211_IFTYPE_AP_VLAN ||
6120 iftype == NL80211_IFTYPE_WDS ||
6121 iftype == NL80211_IFTYPE_MONITOR) {
6122 /* start listening for EAPOL on this interface */
6123 add_ifidx(drv, ifidx, IFIDX_ANY);
6124 }
6125
6126 if (addr && iftype != NL80211_IFTYPE_MONITOR &&
6127 linux_set_ifhwaddr(drv->global->ioctl_sock, ifname, addr)) {
6128 nl80211_remove_iface(drv, ifidx);
6129 return -1;
6130 }
6131
6132 return ifidx;
6133 }
6134
6135
nl80211_create_iface(struct wpa_driver_nl80211_data * drv,const char * ifname,enum nl80211_iftype iftype,const u8 * addr,int wds,int (* handler)(struct nl_msg *,void *),void * arg,int use_existing)6136 int nl80211_create_iface(struct wpa_driver_nl80211_data *drv,
6137 const char *ifname, enum nl80211_iftype iftype,
6138 const u8 *addr, int wds,
6139 int (*handler)(struct nl_msg *, void *),
6140 void *arg, int use_existing)
6141 {
6142 int ret;
6143
6144 ret = nl80211_create_iface_once(drv, ifname, iftype, addr, wds, handler,
6145 arg);
6146
6147 /* if error occurred and interface exists already */
6148 if (ret == -ENFILE && if_nametoindex(ifname)) {
6149 if (use_existing) {
6150 wpa_printf(MSG_DEBUG, "nl80211: Continue using existing interface %s",
6151 ifname);
6152 if (addr && iftype != NL80211_IFTYPE_MONITOR &&
6153 linux_set_ifhwaddr(drv->global->ioctl_sock, ifname,
6154 addr) < 0 &&
6155 (linux_set_iface_flags(drv->global->ioctl_sock,
6156 ifname, 0) < 0 ||
6157 linux_set_ifhwaddr(drv->global->ioctl_sock, ifname,
6158 addr) < 0 ||
6159 linux_set_iface_flags(drv->global->ioctl_sock,
6160 ifname, 1) < 0))
6161 return -1;
6162 return -ENFILE;
6163 }
6164 wpa_printf(MSG_INFO, "Try to remove and re-create %s", ifname);
6165
6166 /* Try to remove the interface that was already there. */
6167 nl80211_remove_iface(drv, if_nametoindex(ifname));
6168
6169 /* Try to create the interface again */
6170 ret = nl80211_create_iface_once(drv, ifname, iftype, addr,
6171 wds, handler, arg);
6172 }
6173
6174 if (ret >= 0 && is_p2p_net_interface(iftype)) {
6175 wpa_printf(MSG_DEBUG,
6176 "nl80211: Interface %s created for P2P - disable 11b rates",
6177 ifname);
6178 nl80211_disable_11b_rates(drv, ret, 1);
6179 }
6180
6181 return ret;
6182 }
6183
6184
nl80211_setup_ap(struct i802_bss * bss)6185 static int nl80211_setup_ap(struct i802_bss *bss)
6186 {
6187 struct wpa_driver_nl80211_data *drv = bss->drv;
6188
6189 wpa_printf(MSG_DEBUG, "nl80211: Setup AP(%s) - device_ap_sme=%d use_monitor=%d",
6190 bss->ifname, drv->device_ap_sme, drv->use_monitor);
6191
6192 /*
6193 * Disable Probe Request reporting unless we need it in this way for
6194 * devices that include the AP SME, in the other case (unless using
6195 * monitor iface) we'll get it through the nl_mgmt socket instead.
6196 */
6197 if (!drv->device_ap_sme)
6198 wpa_driver_nl80211_probe_req_report(bss, 0);
6199
6200 if (!drv->device_ap_sme && !drv->use_monitor)
6201 if (nl80211_mgmt_subscribe_ap(bss))
6202 return -1;
6203
6204 if (drv->device_ap_sme && !drv->use_monitor)
6205 if (nl80211_mgmt_subscribe_ap_dev_sme(bss))
6206 wpa_printf(MSG_DEBUG,
6207 "nl80211: Failed to subscribe for mgmt frames from SME driver - trying to run without it");
6208
6209 if (!drv->device_ap_sme && drv->use_monitor &&
6210 nl80211_create_monitor_interface(drv) &&
6211 !drv->device_ap_sme)
6212 return -1;
6213
6214 if (drv->device_ap_sme &&
6215 wpa_driver_nl80211_probe_req_report(bss, 1) < 0) {
6216 wpa_printf(MSG_DEBUG, "nl80211: Failed to enable "
6217 "Probe Request frame reporting in AP mode");
6218 /* Try to survive without this */
6219 }
6220
6221 return 0;
6222 }
6223
6224
nl80211_teardown_ap(struct i802_bss * bss)6225 static void nl80211_teardown_ap(struct i802_bss *bss)
6226 {
6227 struct wpa_driver_nl80211_data *drv = bss->drv;
6228
6229 wpa_printf(MSG_DEBUG, "nl80211: Teardown AP(%s) - device_ap_sme=%d use_monitor=%d",
6230 bss->ifname, drv->device_ap_sme, drv->use_monitor);
6231 if (drv->device_ap_sme) {
6232 wpa_driver_nl80211_probe_req_report(bss, 0);
6233 if (!drv->use_monitor)
6234 nl80211_mgmt_unsubscribe(bss, "AP teardown (dev SME)");
6235 } else if (drv->use_monitor)
6236 nl80211_remove_monitor_interface(drv);
6237 else
6238 nl80211_mgmt_unsubscribe(bss, "AP teardown");
6239
6240 nl80211_put_wiphy_data_ap(bss);
6241 bss->flink->beacon_set = 0;
6242 }
6243
6244
nl80211_tx_control_port(void * priv,const u8 * dest,u16 proto,const u8 * buf,size_t len,int no_encrypt,int link_id)6245 static int nl80211_tx_control_port(void *priv, const u8 *dest,
6246 u16 proto, const u8 *buf, size_t len,
6247 int no_encrypt, int link_id)
6248 {
6249 struct nl80211_ack_ext_arg ext_arg;
6250 struct i802_bss *bss = priv;
6251 struct nl_msg *msg;
6252 u64 cookie = 0;
6253 int ret;
6254
6255 wpa_printf(MSG_DEBUG,
6256 "nl80211: Send over control port dest=" MACSTR
6257 " proto=0x%04x len=%u no_encrypt=%d",
6258 MAC2STR(dest), proto, (unsigned int) len, no_encrypt);
6259
6260 msg = nl80211_bss_msg(bss, 0, NL80211_CMD_CONTROL_PORT_FRAME);
6261 if (!msg ||
6262 nla_put_u16(msg, NL80211_ATTR_CONTROL_PORT_ETHERTYPE, proto) ||
6263 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, dest) ||
6264 nla_put(msg, NL80211_ATTR_FRAME, len, buf) ||
6265 (no_encrypt &&
6266 nla_put_flag(msg, NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT)) ||
6267 (link_id != NL80211_DRV_LINK_ID_NA &&
6268 nla_put_u8(msg, NL80211_ATTR_MLO_LINK_ID, link_id))) {
6269 nlmsg_free(msg);
6270 return -ENOBUFS;
6271 }
6272
6273 os_memset(&ext_arg, 0, sizeof(struct nl80211_ack_ext_arg));
6274 ext_arg.ext_data = &cookie;
6275 ret = send_and_recv_msgs(bss->drv, msg, NULL, NULL,
6276 ack_handler_cookie, &ext_arg);
6277 if (ret) {
6278 wpa_printf(MSG_DEBUG,
6279 "nl80211: tx_control_port failed: ret=%d (%s)",
6280 ret, strerror(-ret));
6281 } else {
6282 struct wpa_driver_nl80211_data *drv = bss->drv;
6283
6284 wpa_printf(MSG_DEBUG,
6285 "nl80211: tx_control_port cookie=0x%llx",
6286 (long long unsigned int) cookie);
6287 drv->eapol_tx_cookie = cookie;
6288 drv->eapol_tx_link_id = link_id;
6289 }
6290
6291 return ret;
6292 }
6293
6294
nl80211_send_eapol_data(struct i802_bss * bss,const u8 * addr,const u8 * data,size_t data_len)6295 static int nl80211_send_eapol_data(struct i802_bss *bss,
6296 const u8 *addr, const u8 *data,
6297 size_t data_len)
6298 {
6299 struct sockaddr_ll ll;
6300 int ret;
6301
6302 if (bss->drv->eapol_tx_sock < 0) {
6303 wpa_printf(MSG_DEBUG, "nl80211: No socket to send EAPOL");
6304 return -1;
6305 }
6306
6307 os_memset(&ll, 0, sizeof(ll));
6308 ll.sll_family = AF_PACKET;
6309 ll.sll_ifindex = bss->ifindex;
6310 ll.sll_protocol = htons(ETH_P_PAE);
6311 ll.sll_halen = ETH_ALEN;
6312 os_memcpy(ll.sll_addr, addr, ETH_ALEN);
6313 ret = sendto(bss->drv->eapol_tx_sock, data, data_len, 0,
6314 (struct sockaddr *) &ll, sizeof(ll));
6315 if (ret < 0)
6316 wpa_printf(MSG_ERROR, "nl80211: EAPOL TX: %s",
6317 strerror(errno));
6318
6319 return ret;
6320 }
6321
6322
6323 static const u8 rfc1042_header[6] = { 0xaa, 0xaa, 0x03, 0x00, 0x00, 0x00 };
6324
wpa_driver_nl80211_hapd_send_eapol(void * priv,const u8 * addr,const u8 * data,size_t data_len,int encrypt,const u8 * own_addr,u32 flags,int link_id)6325 static int wpa_driver_nl80211_hapd_send_eapol(
6326 void *priv, const u8 *addr, const u8 *data,
6327 size_t data_len, int encrypt, const u8 *own_addr, u32 flags,
6328 int link_id)
6329 {
6330 struct i802_bss *bss = priv;
6331 struct wpa_driver_nl80211_data *drv = bss->drv;
6332 struct ieee80211_hdr *hdr;
6333 size_t len;
6334 u8 *pos;
6335 int res;
6336 int qos = flags & WPA_STA_WMM;
6337
6338 /* For now, disable EAPOL TX over control port in AP mode by default
6339 * since it does not provide TX status notifications. */
6340 if (drv->control_port_ap &&
6341 (drv->capa.flags & WPA_DRIVER_FLAGS_CONTROL_PORT))
6342 return nl80211_tx_control_port(bss, addr, ETH_P_EAPOL,
6343 data, data_len, !encrypt,
6344 link_id);
6345
6346 if (drv->device_ap_sme || !drv->use_monitor)
6347 return nl80211_send_eapol_data(bss, addr, data, data_len);
6348
6349 len = sizeof(*hdr) + (qos ? 2 : 0) + sizeof(rfc1042_header) + 2 +
6350 data_len;
6351 hdr = os_zalloc(len);
6352 if (hdr == NULL) {
6353 wpa_printf(MSG_INFO, "nl80211: Failed to allocate EAPOL buffer(len=%lu)",
6354 (unsigned long) len);
6355 return -1;
6356 }
6357
6358 hdr->frame_control =
6359 IEEE80211_FC(WLAN_FC_TYPE_DATA, WLAN_FC_STYPE_DATA);
6360 hdr->frame_control |= host_to_le16(WLAN_FC_FROMDS);
6361 if (encrypt)
6362 hdr->frame_control |= host_to_le16(WLAN_FC_ISWEP);
6363 if (qos) {
6364 hdr->frame_control |=
6365 host_to_le16(WLAN_FC_STYPE_QOS_DATA << 4);
6366 }
6367
6368 memcpy(hdr->IEEE80211_DA_FROMDS, addr, ETH_ALEN);
6369 memcpy(hdr->IEEE80211_BSSID_FROMDS, own_addr, ETH_ALEN);
6370 memcpy(hdr->IEEE80211_SA_FROMDS, own_addr, ETH_ALEN);
6371 pos = (u8 *) (hdr + 1);
6372
6373 if (qos) {
6374 /* Set highest priority in QoS header */
6375 pos[0] = 7;
6376 pos[1] = 0;
6377 pos += 2;
6378 }
6379
6380 memcpy(pos, rfc1042_header, sizeof(rfc1042_header));
6381 pos += sizeof(rfc1042_header);
6382 WPA_PUT_BE16(pos, ETH_P_PAE);
6383 pos += 2;
6384 memcpy(pos, data, data_len);
6385
6386 res = nl80211_send_monitor(drv, hdr, len, encrypt, 0);
6387 if (res < 0) {
6388 wpa_printf(MSG_ERROR,
6389 "hapd_send_eapol - packet len: %lu - failed",
6390 (unsigned long) len);
6391 }
6392 os_free(hdr);
6393
6394 return res;
6395 }
6396
6397
wpa_driver_nl80211_sta_set_flags(void * priv,const u8 * addr,unsigned int total_flags,unsigned int flags_or,unsigned int flags_and)6398 static int wpa_driver_nl80211_sta_set_flags(void *priv, const u8 *addr,
6399 unsigned int total_flags,
6400 unsigned int flags_or,
6401 unsigned int flags_and)
6402 {
6403 struct i802_bss *bss = priv;
6404 struct nl_msg *msg;
6405 struct nlattr *flags;
6406 struct nl80211_sta_flag_update upd;
6407
6408 wpa_printf(MSG_DEBUG, "nl80211: Set STA flags - ifname=%s addr=" MACSTR
6409 " total_flags=0x%x flags_or=0x%x flags_and=0x%x authorized=%d",
6410 bss->ifname, MAC2STR(addr), total_flags, flags_or, flags_and,
6411 !!(total_flags & WPA_STA_AUTHORIZED));
6412
6413 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_STATION)) ||
6414 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr))
6415 goto fail;
6416
6417 /*
6418 * Backwards compatibility version using NL80211_ATTR_STA_FLAGS. This
6419 * can be removed eventually.
6420 */
6421 flags = nla_nest_start(msg, NL80211_ATTR_STA_FLAGS);
6422 if (!flags ||
6423 ((total_flags & WPA_STA_AUTHORIZED) &&
6424 nla_put_flag(msg, NL80211_STA_FLAG_AUTHORIZED)) ||
6425 ((total_flags & WPA_STA_WMM) &&
6426 nla_put_flag(msg, NL80211_STA_FLAG_WME)) ||
6427 ((total_flags & WPA_STA_SHORT_PREAMBLE) &&
6428 nla_put_flag(msg, NL80211_STA_FLAG_SHORT_PREAMBLE)) ||
6429 ((total_flags & WPA_STA_MFP) &&
6430 nla_put_flag(msg, NL80211_STA_FLAG_MFP)) ||
6431 ((total_flags & WPA_STA_TDLS_PEER) &&
6432 nla_put_flag(msg, NL80211_STA_FLAG_TDLS_PEER)))
6433 goto fail;
6434
6435 nla_nest_end(msg, flags);
6436
6437 os_memset(&upd, 0, sizeof(upd));
6438 upd.mask = sta_flags_nl80211(flags_or | ~flags_and);
6439 upd.set = sta_flags_nl80211(flags_or);
6440 if (nla_put(msg, NL80211_ATTR_STA_FLAGS2, sizeof(upd), &upd))
6441 goto fail;
6442
6443 return send_and_recv_msgs(bss->drv, msg, NULL, NULL, NULL, NULL);
6444 fail:
6445 nlmsg_free(msg);
6446 return -ENOBUFS;
6447 }
6448
6449
driver_nl80211_sta_set_airtime_weight(void * priv,const u8 * addr,unsigned int weight)6450 static int driver_nl80211_sta_set_airtime_weight(void *priv, const u8 *addr,
6451 unsigned int weight)
6452 {
6453 struct i802_bss *bss = priv;
6454 struct nl_msg *msg;
6455 int ret;
6456
6457 wpa_printf(MSG_DEBUG,
6458 "nl80211: Set STA airtime weight - ifname=%s addr=" MACSTR
6459 " weight=%u", bss->ifname, MAC2STR(addr), weight);
6460
6461 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_STATION)) ||
6462 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr) ||
6463 nla_put_u16(msg, NL80211_ATTR_AIRTIME_WEIGHT, weight))
6464 goto fail;
6465
6466 ret = send_and_recv_msgs(bss->drv, msg, NULL, NULL, NULL, NULL);
6467 if (ret) {
6468 wpa_printf(MSG_DEBUG,
6469 "nl80211: SET_STATION[AIRTIME_WEIGHT] failed: ret=%d (%s)",
6470 ret, strerror(-ret));
6471 }
6472 return ret;
6473 fail:
6474 nlmsg_free(msg);
6475 return -ENOBUFS;
6476 }
6477
6478
wpa_driver_nl80211_ap(struct wpa_driver_nl80211_data * drv,struct wpa_driver_associate_params * params)6479 static int wpa_driver_nl80211_ap(struct wpa_driver_nl80211_data *drv,
6480 struct wpa_driver_associate_params *params)
6481 {
6482 enum nl80211_iftype nlmode, old_mode;
6483
6484 if (params->p2p) {
6485 wpa_printf(MSG_DEBUG, "nl80211: Setup AP operations for P2P "
6486 "group (GO)");
6487 nlmode = NL80211_IFTYPE_P2P_GO;
6488 } else
6489 nlmode = NL80211_IFTYPE_AP;
6490
6491 old_mode = drv->nlmode;
6492 if (wpa_driver_nl80211_set_mode(drv->first_bss, nlmode)) {
6493 nl80211_remove_monitor_interface(drv);
6494 return -1;
6495 }
6496
6497 if (params->freq.freq &&
6498 nl80211_set_channel(drv->first_bss, ¶ms->freq, 0)) {
6499 if (old_mode != nlmode)
6500 wpa_driver_nl80211_set_mode(drv->first_bss, old_mode);
6501 nl80211_remove_monitor_interface(drv);
6502 return -1;
6503 }
6504
6505 return 0;
6506 }
6507
6508
nl80211_leave_ibss(struct wpa_driver_nl80211_data * drv,int reset_mode)6509 static int nl80211_leave_ibss(struct wpa_driver_nl80211_data *drv,
6510 int reset_mode)
6511 {
6512 struct nl_msg *msg;
6513 int ret;
6514
6515 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_LEAVE_IBSS);
6516 ret = send_and_recv_msgs_connect_handle(drv, msg, drv->first_bss, 1);
6517 if (ret) {
6518 wpa_printf(MSG_DEBUG, "nl80211: Leave IBSS failed: ret=%d "
6519 "(%s)", ret, strerror(-ret));
6520 } else {
6521 wpa_printf(MSG_DEBUG,
6522 "nl80211: Leave IBSS request sent successfully");
6523 }
6524
6525 if (reset_mode &&
6526 wpa_driver_nl80211_set_mode(drv->first_bss,
6527 NL80211_IFTYPE_STATION)) {
6528 wpa_printf(MSG_INFO, "nl80211: Failed to set interface into "
6529 "station mode");
6530 }
6531
6532 return ret;
6533 }
6534
6535
nl80211_ht_vht_overrides(struct nl_msg * msg,struct wpa_driver_associate_params * params)6536 static int nl80211_ht_vht_overrides(struct nl_msg *msg,
6537 struct wpa_driver_associate_params *params)
6538 {
6539 if (params->disable_ht && nla_put_flag(msg, NL80211_ATTR_DISABLE_HT))
6540 return -1;
6541
6542 if (params->htcaps && params->htcaps_mask) {
6543 int sz = sizeof(struct ieee80211_ht_capabilities);
6544 wpa_hexdump(MSG_DEBUG, " * htcaps", params->htcaps, sz);
6545 wpa_hexdump(MSG_DEBUG, " * htcaps_mask",
6546 params->htcaps_mask, sz);
6547 if (nla_put(msg, NL80211_ATTR_HT_CAPABILITY, sz,
6548 params->htcaps) ||
6549 nla_put(msg, NL80211_ATTR_HT_CAPABILITY_MASK, sz,
6550 params->htcaps_mask))
6551 return -1;
6552 }
6553
6554 #ifdef CONFIG_VHT_OVERRIDES
6555 if (params->disable_vht) {
6556 wpa_printf(MSG_DEBUG, " * VHT disabled");
6557 if (nla_put_flag(msg, NL80211_ATTR_DISABLE_VHT))
6558 return -1;
6559 }
6560
6561 if (params->vhtcaps && params->vhtcaps_mask) {
6562 int sz = sizeof(struct ieee80211_vht_capabilities);
6563 wpa_hexdump(MSG_DEBUG, " * vhtcaps", params->vhtcaps, sz);
6564 wpa_hexdump(MSG_DEBUG, " * vhtcaps_mask",
6565 params->vhtcaps_mask, sz);
6566 if (nla_put(msg, NL80211_ATTR_VHT_CAPABILITY, sz,
6567 params->vhtcaps) ||
6568 nla_put(msg, NL80211_ATTR_VHT_CAPABILITY_MASK, sz,
6569 params->vhtcaps_mask))
6570 return -1;
6571 }
6572 #endif /* CONFIG_VHT_OVERRIDES */
6573
6574 #ifdef CONFIG_HE_OVERRIDES
6575 if (params->disable_he) {
6576 wpa_printf(MSG_DEBUG, " * HE disabled");
6577 if (nla_put_flag(msg, NL80211_ATTR_DISABLE_HE))
6578 return -1;
6579 }
6580 #endif /* CONFIG_HE_OVERRIDES */
6581
6582 if (params->disable_eht) {
6583 wpa_printf(MSG_DEBUG, " * EHT disabled");
6584 if (nla_put_flag(msg, NL80211_ATTR_DISABLE_EHT))
6585 return -1;
6586 }
6587
6588 return 0;
6589 }
6590
6591
wpa_driver_nl80211_ibss(struct wpa_driver_nl80211_data * drv,struct wpa_driver_associate_params * params)6592 static int wpa_driver_nl80211_ibss(struct wpa_driver_nl80211_data *drv,
6593 struct wpa_driver_associate_params *params)
6594 {
6595 struct nl_msg *msg;
6596 int ret = -1;
6597 int count = 0;
6598
6599 wpa_printf(MSG_DEBUG, "nl80211: Join IBSS (ifindex=%d)", drv->ifindex);
6600
6601 if (wpa_driver_nl80211_set_mode_ibss(drv->first_bss, ¶ms->freq)) {
6602 wpa_printf(MSG_INFO, "nl80211: Failed to set interface into "
6603 "IBSS mode");
6604 return -1;
6605 }
6606
6607 retry:
6608 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_JOIN_IBSS)) ||
6609 params->ssid == NULL || params->ssid_len > sizeof(drv->ssid))
6610 goto fail;
6611
6612 wpa_printf(MSG_DEBUG, " * SSID=%s",
6613 wpa_ssid_txt(params->ssid, params->ssid_len));
6614 if (nla_put(msg, NL80211_ATTR_SSID, params->ssid_len, params->ssid))
6615 goto fail;
6616 os_memcpy(drv->ssid, params->ssid, params->ssid_len);
6617 drv->ssid_len = params->ssid_len;
6618
6619 if (nl80211_put_freq_params(msg, ¶ms->freq) < 0 ||
6620 nl80211_put_beacon_int(msg, params->beacon_int))
6621 goto fail;
6622
6623 ret = nl80211_set_conn_keys(params, msg);
6624 if (ret)
6625 goto fail;
6626
6627 if (params->bssid && params->fixed_bssid) {
6628 wpa_printf(MSG_DEBUG, " * BSSID=" MACSTR,
6629 MAC2STR(params->bssid));
6630 if (nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid))
6631 goto fail;
6632 }
6633
6634 if (params->fixed_freq) {
6635 wpa_printf(MSG_DEBUG, " * fixed_freq");
6636 if (nla_put_flag(msg, NL80211_ATTR_FREQ_FIXED))
6637 goto fail;
6638 }
6639
6640 if (params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
6641 params->key_mgmt_suite == WPA_KEY_MGMT_PSK ||
6642 params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
6643 params->key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256 ||
6644 params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA384) {
6645 wpa_printf(MSG_DEBUG, " * control port");
6646 if (nla_put_flag(msg, NL80211_ATTR_CONTROL_PORT))
6647 goto fail;
6648 }
6649
6650 if (params->wpa_ie) {
6651 wpa_hexdump(MSG_DEBUG,
6652 " * Extra IEs for Beacon/Probe Response frames",
6653 params->wpa_ie, params->wpa_ie_len);
6654 if (nla_put(msg, NL80211_ATTR_IE, params->wpa_ie_len,
6655 params->wpa_ie))
6656 goto fail;
6657 }
6658
6659 ret = nl80211_ht_vht_overrides(msg, params);
6660 if (ret < 0)
6661 goto fail;
6662
6663 ret = send_and_recv_msgs_connect_handle(drv, msg, drv->first_bss, 1);
6664 msg = NULL;
6665 if (ret) {
6666 wpa_printf(MSG_DEBUG, "nl80211: Join IBSS failed: ret=%d (%s)",
6667 ret, strerror(-ret));
6668 count++;
6669 if (ret == -EALREADY && count == 1) {
6670 wpa_printf(MSG_DEBUG, "nl80211: Retry IBSS join after "
6671 "forced leave");
6672 nl80211_leave_ibss(drv, 0);
6673 nlmsg_free(msg);
6674 goto retry;
6675 }
6676 } else {
6677 wpa_printf(MSG_DEBUG,
6678 "nl80211: Join IBSS request sent successfully");
6679 }
6680
6681 fail:
6682 nlmsg_free(msg);
6683 return ret;
6684 }
6685
6686
nl80211_put_fils_connect_params(struct wpa_driver_nl80211_data * drv,struct wpa_driver_associate_params * params,struct nl_msg * msg)6687 static int nl80211_put_fils_connect_params(struct wpa_driver_nl80211_data *drv,
6688 struct wpa_driver_associate_params *params,
6689 struct nl_msg *msg)
6690 {
6691 if (params->fils_erp_username_len) {
6692 wpa_hexdump_ascii(MSG_DEBUG, " * FILS ERP EMSKname/username",
6693 params->fils_erp_username,
6694 params->fils_erp_username_len);
6695 if (nla_put(msg, NL80211_ATTR_FILS_ERP_USERNAME,
6696 params->fils_erp_username_len,
6697 params->fils_erp_username))
6698 return -1;
6699 }
6700
6701 if (params->fils_erp_realm_len) {
6702 wpa_hexdump_ascii(MSG_DEBUG, " * FILS ERP Realm",
6703 params->fils_erp_realm,
6704 params->fils_erp_realm_len);
6705 if (nla_put(msg, NL80211_ATTR_FILS_ERP_REALM,
6706 params->fils_erp_realm_len, params->fils_erp_realm))
6707 return -1;
6708 }
6709
6710 if (params->fils_erp_rrk_len) {
6711 wpa_printf(MSG_DEBUG, " * FILS ERP next seq %u",
6712 params->fils_erp_next_seq_num);
6713 if (nla_put_u16(msg, NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM,
6714 params->fils_erp_next_seq_num))
6715 return -1;
6716
6717 wpa_printf(MSG_DEBUG, " * FILS ERP rRK (len=%lu)",
6718 (unsigned long) params->fils_erp_rrk_len);
6719 if (nla_put(msg, NL80211_ATTR_FILS_ERP_RRK,
6720 params->fils_erp_rrk_len, params->fils_erp_rrk))
6721 return -1;
6722 }
6723
6724 return 0;
6725 }
6726
6727
num_bits_set(u32 val)6728 static unsigned int num_bits_set(u32 val)
6729 {
6730 unsigned int c;
6731
6732 for (c = 0; val; c++)
6733 val &= val - 1;
6734
6735 return c;
6736 }
6737
6738
nl80211_connect_common(struct wpa_driver_nl80211_data * drv,struct wpa_driver_associate_params * params,struct nl_msg * msg)6739 static int nl80211_connect_common(struct wpa_driver_nl80211_data *drv,
6740 struct wpa_driver_associate_params *params,
6741 struct nl_msg *msg)
6742 {
6743 if (params->mld_params.mld_addr && params->mld_params.valid_links > 0) {
6744 struct wpa_driver_mld_params *mld_params = ¶ms->mld_params;
6745 struct nlattr *links, *attr;
6746 int i;
6747 u8 link_id;
6748
6749 wpa_printf(MSG_DEBUG, " * MLD: MLD addr=" MACSTR,
6750 MAC2STR(mld_params->mld_addr));
6751
6752 if (nla_put(msg, NL80211_ATTR_MLD_ADDR, ETH_ALEN,
6753 mld_params->mld_addr) ||
6754 nla_put_u8(msg, NL80211_ATTR_MLO_LINK_ID,
6755 mld_params->assoc_link_id))
6756 return -1;
6757
6758 links = nla_nest_start(msg, NL80211_ATTR_MLO_LINKS);
6759 if (!links)
6760 return -1;
6761
6762 attr = nla_nest_start(msg, 0);
6763 if (!attr)
6764 return -1;
6765
6766 /* First add the association link ID */
6767 link_id = mld_params->assoc_link_id;
6768 if (nla_put_u8(msg, NL80211_ATTR_MLO_LINK_ID, link_id) ||
6769 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN,
6770 mld_params->mld_links[link_id].bssid) ||
6771 nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ,
6772 mld_params->mld_links[link_id].freq))
6773 return -1;
6774
6775 os_memcpy(drv->sta_mlo_info.links[link_id].bssid,
6776 mld_params->mld_links[link_id].bssid, ETH_ALEN);
6777
6778 nla_nest_end(msg, attr);
6779
6780 for (i = 1, link_id = 0; link_id < MAX_NUM_MLD_LINKS;
6781 link_id++) {
6782 if (!(mld_params->valid_links & BIT(link_id)) ||
6783 link_id == mld_params->assoc_link_id)
6784 continue;
6785
6786 attr = nla_nest_start(msg, i);
6787 if (!attr)
6788 return -1;
6789
6790 if (nla_put_u8(msg, NL80211_ATTR_MLO_LINK_ID,
6791 link_id) ||
6792 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN,
6793 mld_params->mld_links[link_id].bssid) ||
6794 nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ,
6795 mld_params->mld_links[link_id].freq) ||
6796 (mld_params->mld_links[link_id].ies &&
6797 mld_params->mld_links[i].ies_len &&
6798 nla_put(msg, NL80211_ATTR_IE,
6799 mld_params->mld_links[link_id].ies_len,
6800 mld_params->mld_links[link_id].ies)))
6801 return -1;
6802
6803 os_memcpy(drv->sta_mlo_info.links[link_id].bssid,
6804 mld_params->mld_links[link_id].bssid,
6805 ETH_ALEN);
6806 nla_nest_end(msg, attr);
6807 i++;
6808 }
6809
6810 nla_nest_end(msg, links);
6811
6812 os_memcpy(drv->sta_mlo_info.ap_mld_addr,
6813 params->mld_params.mld_addr, ETH_ALEN);
6814 drv->sta_mlo_info.assoc_link_id = mld_params->assoc_link_id;
6815 drv->sta_mlo_info.req_links = mld_params->valid_links;
6816 }
6817
6818 if (nla_put_flag(msg, NL80211_ATTR_IFACE_SOCKET_OWNER))
6819 return -1;
6820
6821 if (params->bssid && !params->mld_params.mld_addr) {
6822 wpa_printf(MSG_DEBUG, " * bssid=" MACSTR,
6823 MAC2STR(params->bssid));
6824 if (nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid))
6825 return -1;
6826 }
6827
6828 if (params->bssid_hint) {
6829 wpa_printf(MSG_DEBUG, " * bssid_hint=" MACSTR,
6830 MAC2STR(params->bssid_hint));
6831 if (nla_put(msg, NL80211_ATTR_MAC_HINT, ETH_ALEN,
6832 params->bssid_hint))
6833 return -1;
6834 }
6835
6836 if (params->freq.freq && !params->mld_params.mld_addr) {
6837 wpa_printf(MSG_DEBUG, " * freq=%d", params->freq.freq);
6838 if (nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ,
6839 params->freq.freq))
6840 return -1;
6841 drv->assoc_freq = params->freq.freq;
6842 } else
6843 drv->assoc_freq = 0;
6844
6845 if (params->freq_hint) {
6846 wpa_printf(MSG_DEBUG, " * freq_hint=%d", params->freq_hint);
6847 if (nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ_HINT,
6848 params->freq_hint))
6849 return -1;
6850 }
6851
6852 if (params->freq.edmg.channels && params->freq.edmg.bw_config) {
6853 wpa_printf(MSG_DEBUG,
6854 " * EDMG configuration: channels=0x%x bw_config=%d",
6855 params->freq.edmg.channels,
6856 params->freq.edmg.bw_config);
6857 if (nla_put_u8(msg, NL80211_ATTR_WIPHY_EDMG_CHANNELS,
6858 params->freq.edmg.channels) ||
6859 nla_put_u8(msg, NL80211_ATTR_WIPHY_EDMG_BW_CONFIG,
6860 params->freq.edmg.bw_config))
6861 return -1;
6862 }
6863
6864 if (params->bg_scan_period >= 0) {
6865 wpa_printf(MSG_DEBUG, " * bg scan period=%d",
6866 params->bg_scan_period);
6867 if (nla_put_u16(msg, NL80211_ATTR_BG_SCAN_PERIOD,
6868 params->bg_scan_period))
6869 return -1;
6870 }
6871
6872 if (params->ssid) {
6873 wpa_printf(MSG_DEBUG, " * SSID=%s",
6874 wpa_ssid_txt(params->ssid, params->ssid_len));
6875 if (nla_put(msg, NL80211_ATTR_SSID, params->ssid_len,
6876 params->ssid))
6877 return -1;
6878 if (params->ssid_len > sizeof(drv->ssid))
6879 return -1;
6880 os_memcpy(drv->ssid, params->ssid, params->ssid_len);
6881 drv->ssid_len = params->ssid_len;
6882 }
6883
6884 wpa_hexdump(MSG_DEBUG, " * IEs", params->wpa_ie, params->wpa_ie_len);
6885 if (params->wpa_ie &&
6886 nla_put(msg, NL80211_ATTR_IE, params->wpa_ie_len, params->wpa_ie))
6887 return -1;
6888
6889 if (params->wpa_proto) {
6890 enum nl80211_wpa_versions ver = 0;
6891
6892 if (params->wpa_proto & WPA_PROTO_WPA)
6893 ver |= NL80211_WPA_VERSION_1;
6894 if (params->wpa_proto & WPA_PROTO_RSN)
6895 ver |= NL80211_WPA_VERSION_2;
6896
6897 wpa_printf(MSG_DEBUG, " * WPA Versions 0x%x", ver);
6898 if (nla_put_u32(msg, NL80211_ATTR_WPA_VERSIONS, ver))
6899 return -1;
6900 }
6901
6902 if (params->pairwise_suite != WPA_CIPHER_NONE) {
6903 u32 cipher = wpa_cipher_to_cipher_suite(params->pairwise_suite);
6904 wpa_printf(MSG_DEBUG, " * pairwise=0x%x", cipher);
6905 if (nla_put_u32(msg, NL80211_ATTR_CIPHER_SUITES_PAIRWISE,
6906 cipher))
6907 return -1;
6908 }
6909
6910 if (params->group_suite == WPA_CIPHER_GTK_NOT_USED &&
6911 !(drv->capa.enc & WPA_DRIVER_CAPA_ENC_GTK_NOT_USED)) {
6912 /*
6913 * This is likely to work even though many drivers do not
6914 * advertise support for operations without GTK.
6915 */
6916 wpa_printf(MSG_DEBUG, " * skip group cipher configuration for GTK_NOT_USED due to missing driver support advertisement");
6917 } else if (params->group_suite != WPA_CIPHER_NONE) {
6918 u32 cipher = wpa_cipher_to_cipher_suite(params->group_suite);
6919 wpa_printf(MSG_DEBUG, " * group=0x%x", cipher);
6920 if (nla_put_u32(msg, NL80211_ATTR_CIPHER_SUITE_GROUP, cipher))
6921 return -1;
6922 }
6923
6924 if (params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
6925 params->key_mgmt_suite == WPA_KEY_MGMT_PSK ||
6926 params->key_mgmt_suite == WPA_KEY_MGMT_FT_IEEE8021X ||
6927 params->key_mgmt_suite == WPA_KEY_MGMT_FT_PSK ||
6928 params->key_mgmt_suite == WPA_KEY_MGMT_CCKM ||
6929 params->key_mgmt_suite == WPA_KEY_MGMT_OSEN ||
6930 params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
6931 params->key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256 ||
6932 params->key_mgmt_suite == WPA_KEY_MGMT_SAE ||
6933 params->key_mgmt_suite == WPA_KEY_MGMT_SAE_EXT_KEY ||
6934 params->key_mgmt_suite == WPA_KEY_MGMT_FT_SAE ||
6935 params->key_mgmt_suite == WPA_KEY_MGMT_FT_SAE_EXT_KEY ||
6936 params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B ||
6937 params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192 ||
6938 params->key_mgmt_suite == WPA_KEY_MGMT_FT_IEEE8021X_SHA384 ||
6939 params->key_mgmt_suite == WPA_KEY_MGMT_FILS_SHA256 ||
6940 params->key_mgmt_suite == WPA_KEY_MGMT_FILS_SHA384 ||
6941 params->key_mgmt_suite == WPA_KEY_MGMT_FT_FILS_SHA256 ||
6942 params->key_mgmt_suite == WPA_KEY_MGMT_FT_FILS_SHA384 ||
6943 params->key_mgmt_suite == WPA_KEY_MGMT_OWE ||
6944 params->key_mgmt_suite == WPA_KEY_MGMT_DPP ||
6945 params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA384) {
6946 u32 *mgmt;
6947 unsigned int akm_count = 1, i;
6948
6949 /*
6950 * Make sure the driver has capability to handle default AKM in
6951 * key_mgmt_suite plus allowed AKMs in allowed_key_mgmts.
6952 */
6953 if (drv->capa.max_num_akms <=
6954 num_bits_set(params->allowed_key_mgmts)) {
6955 wpa_printf(MSG_INFO,
6956 "nl80211: Not enough support for the allowed AKMs (max_num_akms=%u <= num_bits_set=%u)",
6957 drv->capa.max_num_akms,
6958 num_bits_set(params->allowed_key_mgmts));
6959 return -1;
6960 }
6961
6962 mgmt = os_malloc(sizeof(u32) * drv->capa.max_num_akms);
6963 if (!mgmt)
6964 return -1;
6965
6966 mgmt[0] = RSN_AUTH_KEY_MGMT_PSK_OVER_802_1X;
6967
6968 switch (params->key_mgmt_suite) {
6969 case WPA_KEY_MGMT_CCKM:
6970 mgmt[0] = RSN_AUTH_KEY_MGMT_CCKM;
6971 break;
6972 case WPA_KEY_MGMT_IEEE8021X:
6973 mgmt[0] = RSN_AUTH_KEY_MGMT_UNSPEC_802_1X;
6974 break;
6975 case WPA_KEY_MGMT_FT_IEEE8021X:
6976 mgmt[0] = RSN_AUTH_KEY_MGMT_FT_802_1X;
6977 break;
6978 case WPA_KEY_MGMT_FT_PSK:
6979 mgmt[0] = RSN_AUTH_KEY_MGMT_FT_PSK;
6980 break;
6981 case WPA_KEY_MGMT_IEEE8021X_SHA256:
6982 mgmt[0] = RSN_AUTH_KEY_MGMT_802_1X_SHA256;
6983 break;
6984 case WPA_KEY_MGMT_PSK_SHA256:
6985 mgmt[0] = RSN_AUTH_KEY_MGMT_PSK_SHA256;
6986 break;
6987 case WPA_KEY_MGMT_OSEN:
6988 mgmt[0] = RSN_AUTH_KEY_MGMT_OSEN;
6989 break;
6990 case WPA_KEY_MGMT_SAE:
6991 mgmt[0] = RSN_AUTH_KEY_MGMT_SAE;
6992 break;
6993 case WPA_KEY_MGMT_SAE_EXT_KEY:
6994 mgmt[0] = RSN_AUTH_KEY_MGMT_SAE_EXT_KEY;
6995 break;
6996 case WPA_KEY_MGMT_FT_SAE:
6997 mgmt[0] = RSN_AUTH_KEY_MGMT_FT_SAE;
6998 break;
6999 case WPA_KEY_MGMT_FT_SAE_EXT_KEY:
7000 mgmt[0] = RSN_AUTH_KEY_MGMT_FT_SAE_EXT_KEY;
7001 break;
7002 case WPA_KEY_MGMT_IEEE8021X_SUITE_B:
7003 mgmt[0] = RSN_AUTH_KEY_MGMT_802_1X_SUITE_B;
7004 break;
7005 case WPA_KEY_MGMT_IEEE8021X_SUITE_B_192:
7006 mgmt[0] = RSN_AUTH_KEY_MGMT_802_1X_SUITE_B_192;
7007 break;
7008 case WPA_KEY_MGMT_FT_IEEE8021X_SHA384:
7009 mgmt[0] = RSN_AUTH_KEY_MGMT_FT_802_1X_SHA384;
7010 break;
7011 case WPA_KEY_MGMT_FILS_SHA256:
7012 mgmt[0] = RSN_AUTH_KEY_MGMT_FILS_SHA256;
7013 break;
7014 case WPA_KEY_MGMT_FILS_SHA384:
7015 mgmt[0] = RSN_AUTH_KEY_MGMT_FILS_SHA384;
7016 break;
7017 case WPA_KEY_MGMT_FT_FILS_SHA256:
7018 mgmt[0] = RSN_AUTH_KEY_MGMT_FT_FILS_SHA256;
7019 break;
7020 case WPA_KEY_MGMT_FT_FILS_SHA384:
7021 mgmt[0] = RSN_AUTH_KEY_MGMT_FT_FILS_SHA384;
7022 break;
7023 case WPA_KEY_MGMT_OWE:
7024 mgmt[0] = RSN_AUTH_KEY_MGMT_OWE;
7025 break;
7026 case WPA_KEY_MGMT_DPP:
7027 mgmt[0] = RSN_AUTH_KEY_MGMT_DPP;
7028 break;
7029 case WPA_KEY_MGMT_IEEE8021X_SHA384:
7030 mgmt[0] = RSN_AUTH_KEY_MGMT_802_1X_SHA384;
7031 break;
7032 case WPA_KEY_MGMT_PSK:
7033 default:
7034 mgmt[0] = RSN_AUTH_KEY_MGMT_PSK_OVER_802_1X;
7035 break;
7036 }
7037
7038 if (drv->capa.max_num_akms > 1) {
7039 akm_count += wpa_key_mgmt_to_suites(
7040 params->allowed_key_mgmts, &mgmt[1],
7041 drv->capa.max_num_akms - 1);
7042 }
7043
7044 for (i = 0; i < akm_count; i++)
7045 wpa_printf(MSG_DEBUG, " * akm[%d]=0x%x", i, mgmt[i]);
7046
7047 if (nla_put(msg, NL80211_ATTR_AKM_SUITES,
7048 akm_count * sizeof(u32), mgmt)) {
7049 os_free(mgmt);
7050 return -1;
7051 }
7052
7053 os_free(mgmt);
7054 }
7055
7056 #if (defined(CONFIG_DRIVER_NL80211_BRCM) && !defined(WIFI_BRCM_OPEN_SOURCE_MULTI_AKM)) || \
7057 defined(CONFIG_DRIVER_NL80211_SYNA)
7058 if (IS_CROSS_AKM_ROAM_KEY_MGMT(params->key_mgmt_suite)) {
7059 int num_suites;
7060 u32 suites[NL80211_MAX_NR_AKM_SUITES];
7061
7062 wpa_printf(MSG_INFO, "nl80211: key_mgmt_suites=0x%x",
7063 params->key_mgmt_suite);
7064 num_suites = wpa_cross_akm_key_mgmt_to_suites(params->key_mgmt_suite,
7065 suites, ARRAY_SIZE(suites));
7066 if (num_suites &&
7067 nla_put(msg, NL80211_ATTR_AKM_SUITES, num_suites * sizeof(u32), suites)) {
7068 wpa_printf(MSG_ERROR, "Updating multi akm_suite failed");
7069 return -1;
7070 }
7071 }
7072 #endif /* (CONFIG_DRIVER_NL80211_BRCM && !WIFI_BRCM_OPEN_SOURCE_MULTI_AKM) ||
7073 * CONFIG_DRIVER_NL80211_SYNA */
7074 if (params->req_handshake_offload &&
7075 (drv->capa.flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X)) {
7076 wpa_printf(MSG_DEBUG, " * WANT_1X_4WAY_HS");
7077 if (nla_put_flag(msg, NL80211_ATTR_WANT_1X_4WAY_HS))
7078 return -1;
7079 }
7080
7081 /* Add PSK in case of 4-way handshake offload */
7082 if (params->psk &&
7083 (drv->capa.flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK)) {
7084 wpa_hexdump_key(MSG_DEBUG, " * PSK", params->psk, 32);
7085 if (nla_put(msg, NL80211_ATTR_PMK, 32, params->psk))
7086 return -1;
7087 }
7088
7089 if (nla_put_flag(msg, NL80211_ATTR_CONTROL_PORT))
7090 return -1;
7091
7092 if (params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
7093 (params->pairwise_suite == WPA_CIPHER_NONE ||
7094 params->pairwise_suite == WPA_CIPHER_WEP104 ||
7095 params->pairwise_suite == WPA_CIPHER_WEP40) &&
7096 (nla_put_u16(msg, NL80211_ATTR_CONTROL_PORT_ETHERTYPE, ETH_P_PAE) ||
7097 nla_put_flag(msg, NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT)))
7098 return -1;
7099
7100 if (params->rrm_used) {
7101 u32 drv_rrm_flags = drv->capa.rrm_flags;
7102 if ((!((drv_rrm_flags &
7103 WPA_DRIVER_FLAGS_DS_PARAM_SET_IE_IN_PROBES) &&
7104 (drv_rrm_flags & WPA_DRIVER_FLAGS_QUIET)) &&
7105 !(drv_rrm_flags & WPA_DRIVER_FLAGS_SUPPORT_RRM)) ||
7106 nla_put_flag(msg, NL80211_ATTR_USE_RRM))
7107 return -1;
7108 }
7109
7110 if (nl80211_ht_vht_overrides(msg, params) < 0)
7111 return -1;
7112
7113 if (params->p2p)
7114 wpa_printf(MSG_DEBUG, " * P2P group");
7115
7116 if (params->pbss) {
7117 wpa_printf(MSG_DEBUG, " * PBSS");
7118 if (nla_put_flag(msg, NL80211_ATTR_PBSS))
7119 return -1;
7120 }
7121
7122 drv->connect_reassoc = 0;
7123 if (params->prev_bssid) {
7124 wpa_printf(MSG_DEBUG, " * prev_bssid=" MACSTR,
7125 MAC2STR(params->prev_bssid));
7126 if (nla_put(msg, NL80211_ATTR_PREV_BSSID, ETH_ALEN,
7127 params->prev_bssid))
7128 return -1;
7129 drv->connect_reassoc = 1;
7130 }
7131
7132 if ((params->auth_alg & WPA_AUTH_ALG_FILS) &&
7133 nl80211_put_fils_connect_params(drv, params, msg) != 0)
7134 return -1;
7135
7136 if ((wpa_key_mgmt_sae(params->key_mgmt_suite) ||
7137 wpa_key_mgmt_sae(params->allowed_key_mgmts)) &&
7138 (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME)) &&
7139 nla_put_flag(msg, NL80211_ATTR_EXTERNAL_AUTH_SUPPORT))
7140 return -1;
7141
7142 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME) &&
7143 nla_put_flag(msg, NL80211_ATTR_MLO_SUPPORT))
7144 return -1;
7145
7146 return 0;
7147 }
7148
7149
wpa_driver_nl80211_try_connect(struct wpa_driver_nl80211_data * drv,struct wpa_driver_associate_params * params,struct i802_bss * bss)7150 static int wpa_driver_nl80211_try_connect(
7151 struct wpa_driver_nl80211_data *drv,
7152 struct wpa_driver_associate_params *params,
7153 struct i802_bss *bss)
7154 {
7155 struct nl_msg *msg;
7156 enum nl80211_auth_type type;
7157 int ret;
7158 int algs;
7159
7160 #ifdef CONFIG_DRIVER_NL80211_QCA
7161 if (params->req_key_mgmt_offload && params->psk &&
7162 (wpa_key_mgmt_wpa_psk_no_sae(params->key_mgmt_suite) ||
7163 wpa_key_mgmt_wpa_psk_no_sae(params->allowed_key_mgmts))) {
7164 wpa_printf(MSG_DEBUG, "nl80211: Key management set PSK");
7165 ret = issue_key_mgmt_set_key(drv, params->psk, 32);
7166 if (ret)
7167 return ret;
7168 }
7169 #endif /* CONFIG_DRIVER_NL80211_QCA */
7170
7171 wpa_printf(MSG_DEBUG, "nl80211: Connect (ifindex=%d)", drv->ifindex);
7172 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_CONNECT);
7173 if (!msg)
7174 return -1;
7175
7176 ret = nl80211_connect_common(drv, params, msg);
7177 if (ret)
7178 goto fail;
7179
7180 if (params->mgmt_frame_protection == MGMT_FRAME_PROTECTION_REQUIRED &&
7181 nla_put_u32(msg, NL80211_ATTR_USE_MFP, NL80211_MFP_REQUIRED))
7182 goto fail;
7183
7184 if (params->mgmt_frame_protection == MGMT_FRAME_PROTECTION_OPTIONAL &&
7185 (drv->capa.flags & WPA_DRIVER_FLAGS_MFP_OPTIONAL) &&
7186 nla_put_u32(msg, NL80211_ATTR_USE_MFP, NL80211_MFP_OPTIONAL))
7187 goto fail;
7188
7189 #ifdef CONFIG_SAE
7190 if ((wpa_key_mgmt_sae(params->key_mgmt_suite) ||
7191 wpa_key_mgmt_sae(params->allowed_key_mgmts)) &&
7192 nl80211_put_sae_pwe(msg, params->sae_pwe) < 0)
7193 goto fail;
7194
7195 /* Add SAE password in case of SAE authentication offload */
7196 if ((params->sae_password || params->passphrase) &&
7197 (drv->capa.flags2 & WPA_DRIVER_FLAGS2_SAE_OFFLOAD_STA)) {
7198 const char *password;
7199 size_t pwd_len;
7200
7201 if (params->sae_password && params->sae_password_id) {
7202 wpa_printf(MSG_INFO,
7203 "nl80211: Use of SAE password identifiers not supported with driver-based SAE");
7204 goto fail;
7205 }
7206
7207 password = params->sae_password;
7208 if (!password)
7209 password = params->passphrase;
7210 pwd_len = os_strlen(password);
7211 wpa_printf(MSG_DEBUG, " * SAE password");
7212 if (nla_put(msg, NL80211_ATTR_SAE_PASSWORD, pwd_len, password))
7213 goto fail;
7214 }
7215 #endif /* CONFIG_SAE */
7216
7217 algs = 0;
7218 if (params->auth_alg & WPA_AUTH_ALG_OPEN)
7219 algs++;
7220 if (params->auth_alg & WPA_AUTH_ALG_SHARED)
7221 algs++;
7222 if (params->auth_alg & WPA_AUTH_ALG_LEAP)
7223 algs++;
7224 if (params->auth_alg & WPA_AUTH_ALG_FILS)
7225 algs++;
7226 if (params->auth_alg & WPA_AUTH_ALG_FT)
7227 algs++;
7228 if (params->auth_alg & WPA_AUTH_ALG_SAE)
7229 algs++;
7230 if (algs > 1) {
7231 wpa_printf(MSG_DEBUG, " * Leave out Auth Type for automatic "
7232 "selection");
7233 goto skip_auth_type;
7234 }
7235
7236 type = get_nl_auth_type(params->auth_alg);
7237 wpa_printf(MSG_DEBUG, " * Auth Type %d", type);
7238 if (type == NL80211_AUTHTYPE_MAX ||
7239 nla_put_u32(msg, NL80211_ATTR_AUTH_TYPE, type))
7240 goto fail;
7241
7242 skip_auth_type:
7243 ret = nl80211_set_conn_keys(params, msg);
7244 if (ret)
7245 goto fail;
7246
7247 ret = send_and_recv_msgs_connect_handle(drv, msg, bss, 1);
7248 msg = NULL;
7249 if (ret) {
7250 wpa_printf(MSG_DEBUG, "nl80211: MLME connect failed: ret=%d "
7251 "(%s)", ret, strerror(-ret));
7252 } else {
7253 #ifdef CONFIG_DRIVER_NL80211_QCA
7254 drv->roam_indication_done = false;
7255 #endif /* CONFIG_DRIVER_NL80211_QCA */
7256 wpa_printf(MSG_DEBUG,
7257 "nl80211: Connect request send successfully");
7258 }
7259
7260 fail:
7261 nl80211_nlmsg_clear(msg);
7262 nlmsg_free(msg);
7263 return ret;
7264
7265 }
7266
7267
wpa_driver_nl80211_connect(struct wpa_driver_nl80211_data * drv,struct wpa_driver_associate_params * params,struct i802_bss * bss)7268 static int wpa_driver_nl80211_connect(
7269 struct wpa_driver_nl80211_data *drv,
7270 struct wpa_driver_associate_params *params,
7271 struct i802_bss *bss)
7272 {
7273 int ret;
7274
7275 /* Store the connection attempted bssid for future use */
7276 if (params->bssid)
7277 os_memcpy(drv->auth_attempt_bssid, params->bssid, ETH_ALEN);
7278 else
7279 os_memset(drv->auth_attempt_bssid, 0, ETH_ALEN);
7280
7281 ret = wpa_driver_nl80211_try_connect(drv, params, bss);
7282 if (ret == -EALREADY) {
7283 /*
7284 * cfg80211 does not currently accept new connections if
7285 * we are already connected. As a workaround, force
7286 * disconnection and try again.
7287 */
7288 wpa_printf(MSG_DEBUG, "nl80211: Explicitly "
7289 "disconnecting before reassociation "
7290 "attempt");
7291 if (wpa_driver_nl80211_disconnect(
7292 drv, WLAN_REASON_PREV_AUTH_NOT_VALID, bss))
7293 return -1;
7294 ret = wpa_driver_nl80211_try_connect(drv, params, bss);
7295 }
7296 return ret;
7297 }
7298
7299
wpa_driver_nl80211_associate(void * priv,struct wpa_driver_associate_params * params)7300 static int wpa_driver_nl80211_associate(
7301 void *priv, struct wpa_driver_associate_params *params)
7302 {
7303 struct i802_bss *bss = priv;
7304 struct wpa_driver_nl80211_data *drv = bss->drv;
7305 int ret = -1;
7306 struct nl_msg *msg;
7307
7308 nl80211_unmask_11b_rates(bss);
7309
7310 if (params->mode == IEEE80211_MODE_AP)
7311 return wpa_driver_nl80211_ap(drv, params);
7312
7313 if (params->mode == IEEE80211_MODE_IBSS)
7314 return wpa_driver_nl80211_ibss(drv, params);
7315
7316 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME)) {
7317 enum nl80211_iftype nlmode = params->p2p ?
7318 NL80211_IFTYPE_P2P_CLIENT : NL80211_IFTYPE_STATION;
7319
7320 if (wpa_driver_nl80211_set_mode(priv, nlmode) < 0)
7321 return -1;
7322 if (wpa_key_mgmt_sae(params->key_mgmt_suite) ||
7323 wpa_key_mgmt_sae(params->allowed_key_mgmts))
7324 bss->use_nl_connect = 1;
7325 else
7326 bss->use_nl_connect = 0;
7327
7328 return wpa_driver_nl80211_connect(drv, params, bss);
7329 }
7330
7331 nl80211_mark_disconnected(drv);
7332
7333 wpa_printf(MSG_DEBUG, "nl80211: Associate (ifindex=%d)",
7334 drv->ifindex);
7335 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_ASSOCIATE);
7336 if (!msg)
7337 return -1;
7338
7339 ret = nl80211_connect_common(drv, params, msg);
7340 if (ret)
7341 goto fail;
7342
7343 if (params->mgmt_frame_protection == MGMT_FRAME_PROTECTION_REQUIRED &&
7344 nla_put_u32(msg, NL80211_ATTR_USE_MFP, NL80211_MFP_REQUIRED))
7345 goto fail;
7346
7347 if (params->fils_kek) {
7348 wpa_printf(MSG_DEBUG, " * FILS KEK (len=%u)",
7349 (unsigned int) params->fils_kek_len);
7350 if (nla_put(msg, NL80211_ATTR_FILS_KEK, params->fils_kek_len,
7351 params->fils_kek))
7352 goto fail;
7353 }
7354 if (params->fils_nonces) {
7355 wpa_hexdump(MSG_DEBUG, " * FILS nonces (for AAD)",
7356 params->fils_nonces,
7357 params->fils_nonces_len);
7358 if (nla_put(msg, NL80211_ATTR_FILS_NONCES,
7359 params->fils_nonces_len, params->fils_nonces))
7360 goto fail;
7361 }
7362
7363 ret = send_and_recv_msgs_connect_handle(drv, msg, drv->first_bss, 1);
7364 msg = NULL;
7365 if (ret) {
7366 wpa_dbg(drv->ctx, MSG_DEBUG,
7367 "nl80211: MLME command failed (assoc): ret=%d (%s)",
7368 ret, strerror(-ret));
7369 nl80211_dump_scan(drv);
7370 } else {
7371 wpa_printf(MSG_DEBUG,
7372 "nl80211: Association request send successfully");
7373 }
7374
7375 fail:
7376 nlmsg_free(msg);
7377 return ret;
7378 }
7379
7380
nl80211_set_mode(struct wpa_driver_nl80211_data * drv,int ifindex,enum nl80211_iftype mode)7381 static int nl80211_set_mode(struct wpa_driver_nl80211_data *drv,
7382 int ifindex, enum nl80211_iftype mode)
7383 {
7384 struct nl_msg *msg;
7385 int ret = -ENOBUFS;
7386
7387 wpa_printf(MSG_DEBUG, "nl80211: Set mode ifindex %d iftype %d (%s)",
7388 ifindex, mode, nl80211_iftype_str(mode));
7389
7390 msg = nl80211_cmd_msg(drv->first_bss, 0, NL80211_CMD_SET_INTERFACE);
7391 if (!msg || nla_put_u32(msg, NL80211_ATTR_IFTYPE, mode))
7392 goto fail;
7393
7394 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
7395 msg = NULL;
7396 if (!ret)
7397 return 0;
7398 fail:
7399 nlmsg_free(msg);
7400 wpa_printf(MSG_DEBUG, "nl80211: Failed to set interface %d to mode %d:"
7401 " %d (%s)", ifindex, mode, ret, strerror(-ret));
7402 return ret;
7403 }
7404
7405
wpa_driver_nl80211_set_mode_impl(struct i802_bss * bss,enum nl80211_iftype nlmode,struct hostapd_freq_params * desired_freq_params)7406 static int wpa_driver_nl80211_set_mode_impl(
7407 struct i802_bss *bss,
7408 enum nl80211_iftype nlmode,
7409 struct hostapd_freq_params *desired_freq_params)
7410 {
7411 struct wpa_driver_nl80211_data *drv = bss->drv;
7412 int ret = -1;
7413 int i;
7414 int was_ap = is_ap_interface(drv->nlmode);
7415 int res;
7416 int mode_switch_res;
7417
7418 if (TEST_FAIL())
7419 return -1;
7420
7421 mode_switch_res = nl80211_set_mode(drv, drv->ifindex, nlmode);
7422 if (mode_switch_res && nlmode == nl80211_get_ifmode(bss))
7423 mode_switch_res = 0;
7424
7425 if (mode_switch_res == 0) {
7426 drv->nlmode = nlmode;
7427 ret = 0;
7428 goto done;
7429 }
7430
7431 if (mode_switch_res == -ENODEV)
7432 return -1;
7433
7434 if (nlmode == drv->nlmode) {
7435 wpa_printf(MSG_DEBUG, "nl80211: Interface already in "
7436 "requested mode - ignore error");
7437 ret = 0;
7438 goto done; /* Already in the requested mode */
7439 }
7440
7441 /* mac80211 doesn't allow mode changes while the device is up, so
7442 * take the device down, try to set the mode again, and bring the
7443 * device back up.
7444 */
7445 wpa_printf(MSG_DEBUG, "nl80211: Try mode change after setting "
7446 "interface down");
7447 for (i = 0; i < 10; i++) {
7448 res = i802_set_iface_flags(bss, 0);
7449 if (res == -EACCES || res == -ENODEV)
7450 break;
7451 if (res != 0) {
7452 wpa_printf(MSG_DEBUG, "nl80211: Failed to set "
7453 "interface down");
7454 os_sleep(0, 100000);
7455 continue;
7456 }
7457
7458 /*
7459 * Setting the mode will fail for some drivers if the phy is
7460 * on a frequency that the mode is disallowed in.
7461 */
7462 if (desired_freq_params) {
7463 res = nl80211_set_channel(bss, desired_freq_params, 0);
7464 if (res) {
7465 wpa_printf(MSG_DEBUG,
7466 "nl80211: Failed to set frequency on interface");
7467 }
7468 }
7469
7470 if (i == 0 && was_ap && !is_ap_interface(nlmode) &&
7471 bss->brname[0] &&
7472 (bss->added_if_into_bridge || bss->already_in_bridge)) {
7473 wpa_printf(MSG_DEBUG,
7474 "nl80211: Remove AP interface %s temporarily from the bridge %s to allow its mode to be set to STATION",
7475 bss->ifname, bss->brname);
7476 if (linux_br_del_if(drv->global->ioctl_sock,
7477 bss->brname, bss->ifname) < 0)
7478 wpa_printf(MSG_INFO,
7479 "nl80211: Failed to remove interface %s from bridge %s: %s",
7480 bss->ifname, bss->brname,
7481 strerror(errno));
7482 }
7483
7484 /* Try to set the mode again while the interface is down */
7485 mode_switch_res = nl80211_set_mode(drv, drv->ifindex, nlmode);
7486 if (mode_switch_res == -EBUSY) {
7487 wpa_printf(MSG_DEBUG,
7488 "nl80211: Delaying mode set while interface going down");
7489 os_sleep(0, 100000);
7490 continue;
7491 }
7492 ret = mode_switch_res;
7493 break;
7494 }
7495
7496 if (!ret) {
7497 wpa_printf(MSG_DEBUG, "nl80211: Mode change succeeded while "
7498 "interface is down");
7499 drv->nlmode = nlmode;
7500 drv->ignore_if_down_event = 1;
7501 }
7502
7503 /* Bring the interface back up */
7504 res = linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 1);
7505 if (res != 0) {
7506 wpa_printf(MSG_DEBUG,
7507 "nl80211: Failed to set interface up after switching mode");
7508 ret = -1;
7509 }
7510
7511 done:
7512 if (ret) {
7513 wpa_printf(MSG_DEBUG, "nl80211: Interface mode change to %d "
7514 "from %d failed", nlmode, drv->nlmode);
7515 return ret;
7516 }
7517
7518 if (is_p2p_net_interface(nlmode)) {
7519 wpa_printf(MSG_DEBUG,
7520 "nl80211: Interface %s mode change to P2P - disable 11b rates",
7521 bss->ifname);
7522 nl80211_disable_11b_rates(drv, drv->ifindex, 1);
7523 } else if (drv->disabled_11b_rates) {
7524 wpa_printf(MSG_DEBUG,
7525 "nl80211: Interface %s mode changed to non-P2P - re-enable 11b rates",
7526 bss->ifname);
7527 nl80211_disable_11b_rates(drv, drv->ifindex, 0);
7528 }
7529
7530 if (is_ap_interface(nlmode)) {
7531 nl80211_mgmt_unsubscribe(bss, "start AP");
7532 /* Setup additional AP mode functionality if needed */
7533 if (nl80211_setup_ap(bss))
7534 return -1;
7535 } else if (was_ap) {
7536 /* Remove additional AP mode functionality */
7537 nl80211_teardown_ap(bss);
7538 } else {
7539 nl80211_mgmt_unsubscribe(bss, "mode change");
7540 }
7541
7542 if (is_mesh_interface(nlmode) &&
7543 nl80211_mgmt_subscribe_mesh(bss))
7544 return -1;
7545
7546 if (!bss->in_deinit && !is_ap_interface(nlmode) &&
7547 !is_mesh_interface(nlmode) &&
7548 nl80211_mgmt_subscribe_non_ap(bss) < 0)
7549 wpa_printf(MSG_DEBUG, "nl80211: Failed to register Action "
7550 "frame processing - ignore for now");
7551
7552 return 0;
7553 }
7554
7555
nl80211_restore_ap_mode(struct i802_bss * bss)7556 void nl80211_restore_ap_mode(struct i802_bss *bss)
7557 {
7558 struct wpa_driver_nl80211_data *drv = bss->drv;
7559 int was_ap = is_ap_interface(drv->nlmode);
7560 int br_ifindex;
7561
7562 wpa_driver_nl80211_set_mode(bss, drv->ap_scan_as_station);
7563 if (!was_ap && is_ap_interface(drv->ap_scan_as_station) &&
7564 bss->brname[0] &&
7565 (bss->added_if_into_bridge || bss->already_in_bridge)) {
7566 wpa_printf(MSG_DEBUG,
7567 "nl80211: Add AP interface %s back into the bridge %s",
7568 bss->ifname, bss->brname);
7569 if (linux_br_add_if(drv->global->ioctl_sock, bss->brname,
7570 bss->ifname) < 0) {
7571 wpa_printf(MSG_WARNING,
7572 "nl80211: Failed to add interface %s into bridge %s: %s",
7573 bss->ifname, bss->brname, strerror(errno));
7574 }
7575 br_ifindex = if_nametoindex(bss->brname);
7576 add_ifidx(drv, br_ifindex, drv->ifindex);
7577 }
7578 drv->ap_scan_as_station = NL80211_IFTYPE_UNSPECIFIED;
7579 }
7580
7581
wpa_driver_nl80211_set_mode(struct i802_bss * bss,enum nl80211_iftype nlmode)7582 int wpa_driver_nl80211_set_mode(struct i802_bss *bss,
7583 enum nl80211_iftype nlmode)
7584 {
7585 return wpa_driver_nl80211_set_mode_impl(bss, nlmode, NULL);
7586 }
7587
7588
wpa_driver_nl80211_set_mode_ibss(struct i802_bss * bss,struct hostapd_freq_params * freq)7589 static int wpa_driver_nl80211_set_mode_ibss(struct i802_bss *bss,
7590 struct hostapd_freq_params *freq)
7591 {
7592 return wpa_driver_nl80211_set_mode_impl(bss, NL80211_IFTYPE_ADHOC,
7593 freq);
7594 }
7595
7596
wpa_driver_nl80211_get_capa(void * priv,struct wpa_driver_capa * capa)7597 static int wpa_driver_nl80211_get_capa(void *priv,
7598 struct wpa_driver_capa *capa)
7599 {
7600 struct i802_bss *bss = priv;
7601 struct wpa_driver_nl80211_data *drv = bss->drv;
7602
7603 if (!drv->has_capability)
7604 return -1;
7605 os_memcpy(capa, &drv->capa, sizeof(*capa));
7606 if (drv->extended_capa && drv->extended_capa_mask) {
7607 capa->extended_capa = drv->extended_capa;
7608 capa->extended_capa_mask = drv->extended_capa_mask;
7609 capa->extended_capa_len = drv->extended_capa_len;
7610 }
7611
7612 return 0;
7613 }
7614
7615
wpa_driver_nl80211_set_operstate(void * priv,int state)7616 static int wpa_driver_nl80211_set_operstate(void *priv, int state)
7617 {
7618 struct i802_bss *bss = priv;
7619 struct wpa_driver_nl80211_data *drv = bss->drv;
7620
7621 wpa_printf(MSG_DEBUG, "nl80211: Set %s operstate %d->%d (%s)",
7622 bss->ifname, drv->operstate, state,
7623 state ? "UP" : "DORMANT");
7624 drv->operstate = state;
7625 return netlink_send_oper_ifla(drv->global->netlink, drv->ifindex, -1,
7626 state ? IF_OPER_UP : IF_OPER_DORMANT);
7627 }
7628
7629
wpa_driver_nl80211_set_supp_port(void * priv,int authorized)7630 static int wpa_driver_nl80211_set_supp_port(void *priv, int authorized)
7631 {
7632 struct i802_bss *bss = priv;
7633 struct wpa_driver_nl80211_data *drv = bss->drv;
7634 struct nl_msg *msg;
7635 struct nl80211_sta_flag_update upd;
7636 int ret;
7637 const u8 *connected_addr = drv->sta_mlo_info.valid_links ?
7638 drv->sta_mlo_info.ap_mld_addr : drv->bssid;
7639
7640 if (!drv->associated && is_zero_ether_addr(connected_addr) &&
7641 !authorized) {
7642 wpa_printf(MSG_DEBUG, "nl80211: Skip set_supp_port(unauthorized) while not associated");
7643 return 0;
7644 }
7645
7646 wpa_printf(MSG_DEBUG, "nl80211: Set supplicant port %sauthorized for "
7647 MACSTR, authorized ? "" : "un", MAC2STR(connected_addr));
7648
7649 os_memset(&upd, 0, sizeof(upd));
7650 upd.mask = BIT(NL80211_STA_FLAG_AUTHORIZED);
7651 if (authorized)
7652 upd.set = BIT(NL80211_STA_FLAG_AUTHORIZED);
7653
7654 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_STATION)) ||
7655 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, connected_addr) ||
7656 nla_put(msg, NL80211_ATTR_STA_FLAGS2, sizeof(upd), &upd)) {
7657 nlmsg_free(msg);
7658 return -ENOBUFS;
7659 }
7660
7661 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
7662 if (!ret)
7663 return 0;
7664 wpa_printf(MSG_DEBUG, "nl80211: Failed to set STA flag: %d (%s)",
7665 ret, strerror(-ret));
7666 return ret;
7667 }
7668
7669
7670 /* Set kernel driver on given frequency (MHz) */
i802_set_freq(void * priv,struct hostapd_freq_params * freq)7671 static int i802_set_freq(void *priv, struct hostapd_freq_params *freq)
7672 {
7673 struct i802_bss *bss = priv;
7674 return nl80211_set_channel(bss, freq, 0);
7675 }
7676
7677
min_int(int a,int b)7678 static inline int min_int(int a, int b)
7679 {
7680 if (a < b)
7681 return a;
7682 return b;
7683 }
7684
7685
get_key_handler(struct nl_msg * msg,void * arg)7686 static int get_key_handler(struct nl_msg *msg, void *arg)
7687 {
7688 struct nlattr *tb[NL80211_ATTR_MAX + 1];
7689 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
7690
7691 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
7692 genlmsg_attrlen(gnlh, 0), NULL);
7693
7694 /*
7695 * TODO: validate the key index and mac address!
7696 * Otherwise, there's a race condition as soon as
7697 * the kernel starts sending key notifications.
7698 */
7699
7700 if (tb[NL80211_ATTR_KEY_SEQ])
7701 memcpy(arg, nla_data(tb[NL80211_ATTR_KEY_SEQ]),
7702 min_int(nla_len(tb[NL80211_ATTR_KEY_SEQ]), 6));
7703 nl80211_nlmsg_clear(msg);
7704 return NL_SKIP;
7705 }
7706
7707
i802_get_seqnum(const char * iface,void * priv,const u8 * addr,int idx,int link_id,u8 * seq)7708 static int i802_get_seqnum(const char *iface, void *priv, const u8 *addr,
7709 int idx, int link_id, u8 *seq)
7710 {
7711 struct i802_bss *bss = priv;
7712 struct wpa_driver_nl80211_data *drv = bss->drv;
7713 struct nl_msg *msg;
7714 int res;
7715
7716 msg = nl80211_ifindex_msg(drv, if_nametoindex(iface), 0,
7717 NL80211_CMD_GET_KEY);
7718 if (!msg ||
7719 (addr && nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) ||
7720 (link_id != NL80211_DRV_LINK_ID_NA &&
7721 nla_put_u8(msg, NL80211_ATTR_MLO_LINK_ID, link_id)) ||
7722 nla_put_u8(msg, NL80211_ATTR_KEY_IDX, idx)) {
7723 nlmsg_free(msg);
7724 return -ENOBUFS;
7725 }
7726
7727 os_memset(seq, 0, 6);
7728 res = send_and_recv_msgs(drv, msg, get_key_handler, seq, NULL, NULL);
7729 if (res) {
7730 wpa_printf(MSG_DEBUG,
7731 "nl80211: Failed to get current TX sequence for a key (link_id=%d idx=%d): %d (%s)",
7732 link_id, idx, res, strerror(-res));
7733 }
7734
7735 return res;
7736 }
7737
7738
i802_set_rts(void * priv,int rts)7739 static int i802_set_rts(void *priv, int rts)
7740 {
7741 struct i802_bss *bss = priv;
7742 struct wpa_driver_nl80211_data *drv = bss->drv;
7743 struct nl_msg *msg;
7744 int ret;
7745 u32 val;
7746
7747 if (rts >= 2347 || rts == -1)
7748 val = (u32) -1;
7749 else
7750 val = rts;
7751
7752 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_SET_WIPHY)) ||
7753 nla_put_u32(msg, NL80211_ATTR_WIPHY_RTS_THRESHOLD, val)) {
7754 nlmsg_free(msg);
7755 return -ENOBUFS;
7756 }
7757
7758 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
7759 if (!ret)
7760 return 0;
7761 wpa_printf(MSG_DEBUG, "nl80211: Failed to set RTS threshold %d: "
7762 "%d (%s)", rts, ret, strerror(-ret));
7763 return ret;
7764 }
7765
7766
i802_set_frag(void * priv,int frag)7767 static int i802_set_frag(void *priv, int frag)
7768 {
7769 struct i802_bss *bss = priv;
7770 struct wpa_driver_nl80211_data *drv = bss->drv;
7771 struct nl_msg *msg;
7772 int ret;
7773 u32 val;
7774
7775 if (frag >= 2346 || frag == -1)
7776 val = (u32) -1;
7777 else
7778 val = frag;
7779
7780 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_SET_WIPHY)) ||
7781 nla_put_u32(msg, NL80211_ATTR_WIPHY_FRAG_THRESHOLD, val)) {
7782 nlmsg_free(msg);
7783 return -ENOBUFS;
7784 }
7785
7786 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
7787 if (!ret)
7788 return 0;
7789 wpa_printf(MSG_DEBUG, "nl80211: Failed to set fragmentation threshold "
7790 "%d: %d (%s)", frag, ret, strerror(-ret));
7791 return ret;
7792 }
7793
7794
i802_flush(void * priv)7795 static int i802_flush(void *priv)
7796 {
7797 struct i802_bss *bss = priv;
7798 struct nl_msg *msg;
7799 int res;
7800
7801 wpa_printf(MSG_DEBUG, "nl80211: flush -> DEL_STATION %s (all)",
7802 bss->ifname);
7803
7804 /*
7805 * XXX: FIX! this needs to flush all VLANs too
7806 */
7807 msg = nl80211_bss_msg(bss, 0, NL80211_CMD_DEL_STATION);
7808 res = send_and_recv_msgs(bss->drv, msg, NULL, NULL, NULL, NULL);
7809 if (res) {
7810 wpa_printf(MSG_DEBUG, "nl80211: Station flush failed: ret=%d "
7811 "(%s)", res, strerror(-res));
7812 }
7813 return res;
7814 }
7815
7816
get_sta_tid_stats(struct hostap_sta_driver_data * data,struct nlattr * attr)7817 static void get_sta_tid_stats(struct hostap_sta_driver_data *data,
7818 struct nlattr *attr)
7819 {
7820 struct nlattr *tid_stats[NL80211_TID_STATS_MAX + 1], *tidattr;
7821 struct nlattr *txq_stats[NL80211_TXQ_STATS_MAX + 1];
7822 static struct nla_policy txq_stats_policy[NL80211_TXQ_STATS_MAX + 1] = {
7823 [NL80211_TXQ_STATS_BACKLOG_BYTES] = { .type = NLA_U32 },
7824 [NL80211_TXQ_STATS_BACKLOG_PACKETS] = { .type = NLA_U32 },
7825 };
7826 int rem;
7827
7828 nla_for_each_nested(tidattr, attr, rem) {
7829 if (nla_parse_nested(tid_stats, NL80211_TID_STATS_MAX,
7830 tidattr, NULL) != 0 ||
7831 !tid_stats[NL80211_TID_STATS_TXQ_STATS] ||
7832 nla_parse_nested(txq_stats, NL80211_TXQ_STATS_MAX,
7833 tid_stats[NL80211_TID_STATS_TXQ_STATS],
7834 txq_stats_policy) != 0)
7835 continue;
7836 /* sum the backlogs over all TIDs for station */
7837 if (txq_stats[NL80211_TXQ_STATS_BACKLOG_BYTES])
7838 data->backlog_bytes += nla_get_u32(
7839 txq_stats[NL80211_TXQ_STATS_BACKLOG_BYTES]);
7840 if (txq_stats[NL80211_TXQ_STATS_BACKLOG_PACKETS])
7841 data->backlog_bytes += nla_get_u32(
7842 txq_stats[NL80211_TXQ_STATS_BACKLOG_PACKETS]);
7843 }
7844 }
7845
7846
get_sta_handler(struct nl_msg * msg,void * arg)7847 static int get_sta_handler(struct nl_msg *msg, void *arg)
7848 {
7849 struct nlattr *tb[NL80211_ATTR_MAX + 1];
7850 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
7851 struct hostap_sta_driver_data *data = arg;
7852 struct nlattr *stats[NL80211_STA_INFO_MAX + 1];
7853 static struct nla_policy stats_policy[NL80211_STA_INFO_MAX + 1] = {
7854 [NL80211_STA_INFO_INACTIVE_TIME] = { .type = NLA_U32 },
7855 [NL80211_STA_INFO_RX_BYTES] = { .type = NLA_U32 },
7856 [NL80211_STA_INFO_TX_BYTES] = { .type = NLA_U32 },
7857 [NL80211_STA_INFO_SIGNAL] = { .type = NLA_U8 },
7858 [NL80211_STA_INFO_RX_PACKETS] = { .type = NLA_U32 },
7859 [NL80211_STA_INFO_TX_PACKETS] = { .type = NLA_U32 },
7860 [NL80211_STA_INFO_TX_RETRIES] = { .type = NLA_U32 },
7861 [NL80211_STA_INFO_TX_FAILED] = { .type = NLA_U32 },
7862 [NL80211_STA_INFO_SIGNAL_AVG] = { .type = NLA_U8 },
7863 [NL80211_STA_INFO_CONNECTED_TIME] = { .type = NLA_U32 },
7864 [NL80211_STA_INFO_BEACON_LOSS] = { .type = NLA_U32 },
7865 [NL80211_STA_INFO_RX_BYTES64] = { .type = NLA_U64 },
7866 [NL80211_STA_INFO_TX_BYTES64] = { .type = NLA_U64 },
7867 [NL80211_STA_INFO_EXPECTED_THROUGHPUT] = { .type = NLA_U32 },
7868 [NL80211_STA_INFO_RX_DROP_MISC] = { .type = NLA_U64 },
7869 [NL80211_STA_INFO_BEACON_RX] = { .type = NLA_U64 },
7870 [NL80211_STA_INFO_BEACON_SIGNAL_AVG] = { .type = NLA_U8},
7871 [NL80211_STA_INFO_RX_DURATION] = { .type = NLA_U64 },
7872 [NL80211_STA_INFO_ACK_SIGNAL] = { .type = NLA_U8 },
7873 [NL80211_STA_INFO_ACK_SIGNAL_AVG] = { .type = NLA_S8 },
7874 [NL80211_STA_INFO_RX_MPDUS] = { .type = NLA_U32 },
7875 [NL80211_STA_INFO_FCS_ERROR_COUNT] = { .type = NLA_U32 },
7876 [NL80211_STA_INFO_TX_DURATION] = { .type = NLA_U64 },
7877 };
7878 struct nlattr *rate[NL80211_RATE_INFO_MAX + 1];
7879 static struct nla_policy rate_policy[NL80211_RATE_INFO_MAX + 1] = {
7880 [NL80211_RATE_INFO_BITRATE] = { .type = NLA_U16 },
7881 [NL80211_RATE_INFO_BITRATE32] = { .type = NLA_U32 },
7882 [NL80211_RATE_INFO_MCS] = { .type = NLA_U8 },
7883 [NL80211_RATE_INFO_VHT_MCS] = { .type = NLA_U8 },
7884 [NL80211_RATE_INFO_SHORT_GI] = { .type = NLA_FLAG },
7885 [NL80211_RATE_INFO_VHT_NSS] = { .type = NLA_U8 },
7886 [NL80211_RATE_INFO_HE_MCS] = { .type = NLA_U8 },
7887 [NL80211_RATE_INFO_HE_NSS] = { .type = NLA_U8 },
7888 [NL80211_RATE_INFO_HE_GI] = { .type = NLA_U8 },
7889 [NL80211_RATE_INFO_HE_DCM] = { .type = NLA_U8 },
7890 };
7891
7892 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
7893 genlmsg_attrlen(gnlh, 0), NULL);
7894
7895 /*
7896 * TODO: validate the interface and mac address!
7897 * Otherwise, there's a race condition as soon as
7898 * the kernel starts sending station notifications.
7899 */
7900
7901 if (!tb[NL80211_ATTR_STA_INFO]) {
7902 wpa_printf(MSG_DEBUG, "sta stats missing!");
7903 return NL_SKIP;
7904 }
7905 if (nla_parse_nested(stats, NL80211_STA_INFO_MAX,
7906 tb[NL80211_ATTR_STA_INFO],
7907 stats_policy)) {
7908 wpa_printf(MSG_DEBUG, "failed to parse nested attributes!");
7909 return NL_SKIP;
7910 }
7911
7912 if (stats[NL80211_STA_INFO_INACTIVE_TIME])
7913 data->inactive_msec =
7914 nla_get_u32(stats[NL80211_STA_INFO_INACTIVE_TIME]);
7915 /* For backwards compatibility, fetch the 32-bit counters first. */
7916 if (stats[NL80211_STA_INFO_RX_BYTES])
7917 data->rx_bytes = nla_get_u32(stats[NL80211_STA_INFO_RX_BYTES]);
7918 if (stats[NL80211_STA_INFO_TX_BYTES])
7919 data->tx_bytes = nla_get_u32(stats[NL80211_STA_INFO_TX_BYTES]);
7920 if (stats[NL80211_STA_INFO_RX_BYTES64] &&
7921 stats[NL80211_STA_INFO_TX_BYTES64]) {
7922 /*
7923 * The driver supports 64-bit counters, so use them to override
7924 * the 32-bit values.
7925 */
7926 data->rx_bytes =
7927 nla_get_u64(stats[NL80211_STA_INFO_RX_BYTES64]);
7928 data->tx_bytes =
7929 nla_get_u64(stats[NL80211_STA_INFO_TX_BYTES64]);
7930 data->bytes_64bit = 1;
7931 }
7932 if (stats[NL80211_STA_INFO_SIGNAL])
7933 data->signal = (s8) nla_get_u8(stats[NL80211_STA_INFO_SIGNAL]);
7934 if (stats[NL80211_STA_INFO_RX_PACKETS])
7935 data->rx_packets =
7936 nla_get_u32(stats[NL80211_STA_INFO_RX_PACKETS]);
7937 if (stats[NL80211_STA_INFO_TX_PACKETS])
7938 data->tx_packets =
7939 nla_get_u32(stats[NL80211_STA_INFO_TX_PACKETS]);
7940 if (stats[NL80211_STA_INFO_TX_RETRIES])
7941 data->tx_retry_count =
7942 nla_get_u32(stats[NL80211_STA_INFO_TX_RETRIES]);
7943 if (stats[NL80211_STA_INFO_TX_FAILED])
7944 data->tx_retry_failed =
7945 nla_get_u32(stats[NL80211_STA_INFO_TX_FAILED]);
7946 if (stats[NL80211_STA_INFO_SIGNAL_AVG])
7947 data->avg_signal =
7948 (s8) nla_get_u8(stats[NL80211_STA_INFO_SIGNAL_AVG]);
7949 if (stats[NL80211_STA_INFO_CONNECTED_TIME]) {
7950 data->connected_sec =
7951 nla_get_u32(stats[NL80211_STA_INFO_CONNECTED_TIME]);
7952 data->flags |= STA_DRV_DATA_CONN_TIME;
7953 }
7954 if (stats[NL80211_STA_INFO_BEACON_LOSS])
7955 data->beacon_loss_count =
7956 nla_get_u32(stats[NL80211_STA_INFO_BEACON_LOSS]);
7957 if (stats[NL80211_STA_INFO_EXPECTED_THROUGHPUT])
7958 data->expected_throughput =
7959 nla_get_u32(stats[NL80211_STA_INFO_EXPECTED_THROUGHPUT]);
7960 if (stats[NL80211_STA_INFO_RX_DROP_MISC])
7961 data->rx_drop_misc =
7962 nla_get_u64(stats[NL80211_STA_INFO_RX_DROP_MISC]);
7963 if (stats[NL80211_STA_INFO_BEACON_RX])
7964 data->beacons_count =
7965 nla_get_u64(stats[NL80211_STA_INFO_BEACON_RX]);
7966 if (stats[NL80211_STA_INFO_BEACON_SIGNAL_AVG])
7967 data->avg_beacon_signal =
7968 (s8) nla_get_u8(stats[NL80211_STA_INFO_BEACON_SIGNAL_AVG]);
7969 if (stats[NL80211_STA_INFO_RX_DURATION])
7970 data->rx_airtime =
7971 nla_get_u64(stats[NL80211_STA_INFO_RX_DURATION]);
7972 if (stats[NL80211_STA_INFO_ACK_SIGNAL]) {
7973 data->last_ack_rssi =
7974 nla_get_u8(stats[NL80211_STA_INFO_ACK_SIGNAL]);
7975 data->flags |= STA_DRV_DATA_LAST_ACK_RSSI;
7976 }
7977 if (stats[NL80211_STA_INFO_ACK_SIGNAL_AVG])
7978 data->avg_ack_signal =
7979 nla_get_s8(stats[NL80211_STA_INFO_ACK_SIGNAL_AVG]);
7980 if (stats[NL80211_STA_INFO_RX_MPDUS])
7981 data->rx_mpdus = nla_get_u32(stats[NL80211_STA_INFO_RX_MPDUS]);
7982 if (stats[NL80211_STA_INFO_FCS_ERROR_COUNT])
7983 data->fcs_error_count =
7984 nla_get_u32(stats[NL80211_STA_INFO_FCS_ERROR_COUNT]);
7985 if (stats[NL80211_STA_INFO_TX_DURATION])
7986 data->tx_airtime =
7987 nla_get_u64(stats[NL80211_STA_INFO_TX_DURATION]);
7988
7989 if (stats[NL80211_STA_INFO_TX_BITRATE] &&
7990 nla_parse_nested(rate, NL80211_RATE_INFO_MAX,
7991 stats[NL80211_STA_INFO_TX_BITRATE],
7992 rate_policy) == 0) {
7993 if (rate[NL80211_RATE_INFO_BITRATE32])
7994 data->current_tx_rate =
7995 nla_get_u32(rate[NL80211_RATE_INFO_BITRATE32]);
7996 else if (rate[NL80211_RATE_INFO_BITRATE])
7997 data->current_tx_rate =
7998 nla_get_u16(rate[NL80211_RATE_INFO_BITRATE]);
7999
8000 /* Convert from 100 kbps to kbps; it's a more convenient unit.
8001 * It's also safe up until ~1Tbps. */
8002 data->current_tx_rate = data->current_tx_rate * 100;
8003
8004 if (rate[NL80211_RATE_INFO_MCS]) {
8005 data->tx_mcs = nla_get_u8(rate[NL80211_RATE_INFO_MCS]);
8006 data->flags |= STA_DRV_DATA_TX_MCS;
8007 }
8008 if (rate[NL80211_RATE_INFO_VHT_MCS]) {
8009 data->tx_vhtmcs =
8010 nla_get_u8(rate[NL80211_RATE_INFO_VHT_MCS]);
8011 data->flags |= STA_DRV_DATA_TX_VHT_MCS;
8012 }
8013 if (rate[NL80211_RATE_INFO_SHORT_GI]) {
8014 data->tx_guard_interval = GUARD_INTERVAL_0_4;
8015 data->flags |= STA_DRV_DATA_TX_SHORT_GI;
8016 }
8017 if (rate[NL80211_RATE_INFO_VHT_NSS]) {
8018 data->tx_vht_nss =
8019 nla_get_u8(rate[NL80211_RATE_INFO_VHT_NSS]);
8020 data->flags |= STA_DRV_DATA_TX_VHT_NSS;
8021 }
8022 if (rate[NL80211_RATE_INFO_HE_MCS]) {
8023 data->tx_hemcs =
8024 nla_get_u8(rate[NL80211_RATE_INFO_HE_MCS]);
8025 data->flags |= STA_DRV_DATA_TX_HE_MCS;
8026 }
8027 if (rate[NL80211_RATE_INFO_HE_NSS]) {
8028 data->tx_he_nss =
8029 nla_get_u8(rate[NL80211_RATE_INFO_HE_NSS]);
8030 data->flags |= STA_DRV_DATA_TX_HE_NSS;
8031 }
8032 if (rate[NL80211_RATE_INFO_HE_GI]) {
8033 switch (nla_get_u8(rate[NL80211_RATE_INFO_HE_GI])) {
8034 case NL80211_RATE_INFO_HE_GI_0_8:
8035 data->tx_guard_interval = GUARD_INTERVAL_0_8;
8036 break;
8037 case NL80211_RATE_INFO_HE_GI_1_6:
8038 data->tx_guard_interval = GUARD_INTERVAL_1_6;
8039 break;
8040 case NL80211_RATE_INFO_HE_GI_3_2:
8041 data->tx_guard_interval = GUARD_INTERVAL_3_2;
8042 break;
8043 }
8044 data->flags |= STA_DRV_DATA_TX_HE_GI;
8045 }
8046 if (rate[NL80211_RATE_INFO_HE_DCM]) {
8047 data->tx_dcm =
8048 nla_get_u8(rate[NL80211_RATE_INFO_HE_DCM]);
8049 data->flags |= STA_DRV_DATA_TX_HE_DCM;
8050 }
8051 }
8052
8053 if (stats[NL80211_STA_INFO_RX_BITRATE] &&
8054 nla_parse_nested(rate, NL80211_RATE_INFO_MAX,
8055 stats[NL80211_STA_INFO_RX_BITRATE],
8056 rate_policy) == 0) {
8057 if (rate[NL80211_RATE_INFO_BITRATE32])
8058 data->current_rx_rate =
8059 nla_get_u32(rate[NL80211_RATE_INFO_BITRATE32]);
8060 else if (rate[NL80211_RATE_INFO_BITRATE])
8061 data->current_rx_rate =
8062 nla_get_u16(rate[NL80211_RATE_INFO_BITRATE]);
8063
8064 /* Convert from 100 kbps to kbps; it's a more convenient unit.
8065 * It's also safe up until ~1Tbps. */
8066 data->current_rx_rate = data->current_rx_rate * 100;
8067
8068 if (rate[NL80211_RATE_INFO_MCS]) {
8069 data->rx_mcs = nla_get_u8(rate[NL80211_RATE_INFO_MCS]);
8070 data->flags |= STA_DRV_DATA_RX_MCS;
8071 }
8072 if (rate[NL80211_RATE_INFO_VHT_MCS]) {
8073 data->rx_vhtmcs =
8074 nla_get_u8(rate[NL80211_RATE_INFO_VHT_MCS]);
8075 data->flags |= STA_DRV_DATA_RX_VHT_MCS;
8076 }
8077 if (rate[NL80211_RATE_INFO_SHORT_GI]) {
8078 data->rx_guard_interval = GUARD_INTERVAL_0_4;
8079 data->flags |= STA_DRV_DATA_RX_SHORT_GI;
8080 }
8081 if (rate[NL80211_RATE_INFO_VHT_NSS]) {
8082 data->rx_vht_nss =
8083 nla_get_u8(rate[NL80211_RATE_INFO_VHT_NSS]);
8084 data->flags |= STA_DRV_DATA_RX_VHT_NSS;
8085 }
8086 if (rate[NL80211_RATE_INFO_HE_MCS]) {
8087 data->rx_hemcs =
8088 nla_get_u8(rate[NL80211_RATE_INFO_HE_MCS]);
8089 data->flags |= STA_DRV_DATA_RX_HE_MCS;
8090 }
8091 if (rate[NL80211_RATE_INFO_HE_NSS]) {
8092 data->rx_he_nss =
8093 nla_get_u8(rate[NL80211_RATE_INFO_HE_NSS]);
8094 data->flags |= STA_DRV_DATA_RX_HE_NSS;
8095 }
8096 if (rate[NL80211_RATE_INFO_HE_GI]) {
8097 switch (nla_get_u8(rate[NL80211_RATE_INFO_HE_GI])) {
8098 case NL80211_RATE_INFO_HE_GI_0_8:
8099 data->rx_guard_interval = GUARD_INTERVAL_0_8;
8100 break;
8101 case NL80211_RATE_INFO_HE_GI_1_6:
8102 data->rx_guard_interval = GUARD_INTERVAL_1_6;
8103 break;
8104 case NL80211_RATE_INFO_HE_GI_3_2:
8105 data->rx_guard_interval = GUARD_INTERVAL_3_2;
8106 break;
8107 }
8108 data->flags |= STA_DRV_DATA_RX_HE_GI;
8109 }
8110 if (rate[NL80211_RATE_INFO_HE_DCM]) {
8111 data->rx_dcm =
8112 nla_get_u8(rate[NL80211_RATE_INFO_HE_DCM]);
8113 data->flags |= STA_DRV_DATA_RX_HE_DCM;
8114 }
8115 }
8116
8117 if (stats[NL80211_STA_INFO_TID_STATS])
8118 get_sta_tid_stats(data, stats[NL80211_STA_INFO_TID_STATS]);
8119
8120 return NL_SKIP;
8121 }
8122
8123
nl80211_get_link_signal(struct wpa_driver_nl80211_data * drv,const u8 * bssid,struct hostap_sta_driver_data * data)8124 int nl80211_get_link_signal(struct wpa_driver_nl80211_data *drv,
8125 const u8 *bssid,
8126 struct hostap_sta_driver_data *data)
8127 {
8128 struct nl_msg *msg;
8129
8130 data->signal = -WPA_INVALID_NOISE;
8131 data->current_tx_rate = 0;
8132
8133 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_GET_STATION)) ||
8134 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid)) {
8135 nlmsg_free(msg);
8136 return -ENOBUFS;
8137 }
8138
8139 return send_and_recv_msgs(drv, msg, get_sta_handler, data, NULL, NULL);
8140 }
8141
8142
i802_read_sta_data(struct i802_bss * bss,struct hostap_sta_driver_data * data,const u8 * addr)8143 static int i802_read_sta_data(struct i802_bss *bss,
8144 struct hostap_sta_driver_data *data,
8145 const u8 *addr)
8146 {
8147 struct nl_msg *msg;
8148
8149 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_GET_STATION)) ||
8150 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) {
8151 nlmsg_free(msg);
8152 return -ENOBUFS;
8153 }
8154
8155 return send_and_recv_msgs(bss->drv, msg, get_sta_handler, data,
8156 NULL, NULL);
8157 }
8158
8159
i802_set_tx_queue_params(void * priv,int queue,int aifs,int cw_min,int cw_max,int burst_time,int link_id)8160 static int i802_set_tx_queue_params(void *priv, int queue, int aifs,
8161 int cw_min, int cw_max, int burst_time,
8162 int link_id)
8163 {
8164 struct i802_bss *bss = priv;
8165 struct wpa_driver_nl80211_data *drv = bss->drv;
8166 struct nl_msg *msg;
8167 struct nlattr *txq, *params;
8168 int res;
8169
8170 msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_WIPHY);
8171 if (!msg)
8172 return -1;
8173
8174 txq = nla_nest_start(msg, NL80211_ATTR_WIPHY_TXQ_PARAMS);
8175 if (!txq)
8176 goto fail;
8177
8178 /* We are only sending parameters for a single TXQ at a time */
8179 params = nla_nest_start(msg, 1);
8180 if (!params)
8181 goto fail;
8182
8183 switch (queue) {
8184 case 0:
8185 if (nla_put_u8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_VO))
8186 goto fail;
8187 break;
8188 case 1:
8189 if (nla_put_u8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_VI))
8190 goto fail;
8191 break;
8192 case 2:
8193 if (nla_put_u8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_BE))
8194 goto fail;
8195 break;
8196 case 3:
8197 if (nla_put_u8(msg, NL80211_TXQ_ATTR_QUEUE, NL80211_TXQ_Q_BK))
8198 goto fail;
8199 break;
8200 }
8201 /* Burst time is configured in units of 0.1 msec and TXOP parameter in
8202 * 32 usec, so need to convert the value here. */
8203 if (nla_put_u16(msg, NL80211_TXQ_ATTR_TXOP,
8204 (burst_time * 100 + 16) / 32) ||
8205 nla_put_u16(msg, NL80211_TXQ_ATTR_CWMIN, cw_min) ||
8206 nla_put_u16(msg, NL80211_TXQ_ATTR_CWMAX, cw_max) ||
8207 nla_put_u8(msg, NL80211_TXQ_ATTR_AIFS, aifs))
8208 goto fail;
8209
8210 nla_nest_end(msg, params);
8211
8212 nla_nest_end(msg, txq);
8213
8214 if (link_id != NL80211_DRV_LINK_ID_NA &&
8215 nla_put_u8(msg, NL80211_ATTR_MLO_LINK_ID, link_id))
8216 goto fail;
8217
8218 res = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
8219 wpa_printf(MSG_DEBUG,
8220 "nl80211: TX queue param set: queue=%d aifs=%d cw_min=%d cw_max=%d burst_time=%d --> res=%d",
8221 queue, aifs, cw_min, cw_max, burst_time, res);
8222 if (res == 0)
8223 return 0;
8224 msg = NULL;
8225 fail:
8226 nlmsg_free(msg);
8227 return -1;
8228 }
8229
8230
i802_set_sta_vlan(struct i802_bss * bss,const u8 * addr,const char * ifname,int vlan_id,int link_id)8231 static int i802_set_sta_vlan(struct i802_bss *bss, const u8 *addr,
8232 const char *ifname, int vlan_id, int link_id)
8233 {
8234 struct wpa_driver_nl80211_data *drv = bss->drv;
8235 struct nl_msg *msg;
8236 int ret;
8237
8238 wpa_printf(MSG_DEBUG, "nl80211: %s[%d]: set_sta_vlan(" MACSTR
8239 ", ifname=%s[%d], vlan_id=%d)",
8240 bss->ifname, if_nametoindex(bss->ifname),
8241 MAC2STR(addr), ifname, if_nametoindex(ifname), vlan_id);
8242 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_STATION)) ||
8243 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr) ||
8244 (vlan_id && (drv->capa.flags & WPA_DRIVER_FLAGS_VLAN_OFFLOAD) &&
8245 nla_put_u16(msg, NL80211_ATTR_VLAN_ID, vlan_id)) ||
8246 (link_id != NL80211_DRV_LINK_ID_NA &&
8247 nla_put_u8(msg, NL80211_ATTR_MLO_LINK_ID, link_id)) ||
8248 nla_put_u32(msg, NL80211_ATTR_STA_VLAN, if_nametoindex(ifname))) {
8249 nlmsg_free(msg);
8250 return -ENOBUFS;
8251 }
8252
8253 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
8254 if (ret < 0) {
8255 wpa_printf(MSG_ERROR, "nl80211: NL80211_ATTR_STA_VLAN (addr="
8256 MACSTR " ifname=%s vlan_id=%d) failed: %d (%s)",
8257 MAC2STR(addr), ifname, vlan_id, ret,
8258 strerror(-ret));
8259 }
8260 return ret;
8261 }
8262
8263
i802_get_inact_sec(void * priv,const u8 * addr)8264 static int i802_get_inact_sec(void *priv, const u8 *addr)
8265 {
8266 struct hostap_sta_driver_data data;
8267 int ret;
8268
8269 os_memset(&data, 0, sizeof(data));
8270 data.inactive_msec = (unsigned long) -1;
8271 ret = i802_read_sta_data(priv, &data, addr);
8272 if (ret == -ENOENT)
8273 return -ENOENT;
8274 if (ret || data.inactive_msec == (unsigned long) -1)
8275 return -1;
8276 return data.inactive_msec / 1000;
8277 }
8278
8279
i802_sta_clear_stats(void * priv,const u8 * addr)8280 static int i802_sta_clear_stats(void *priv, const u8 *addr)
8281 {
8282 #if 0
8283 /* TODO */
8284 #endif
8285 return 0;
8286 }
8287
8288
i802_sta_deauth(void * priv,const u8 * own_addr,const u8 * addr,u16 reason,int link_id)8289 static int i802_sta_deauth(void *priv, const u8 *own_addr, const u8 *addr,
8290 u16 reason, int link_id)
8291 {
8292 struct i802_bss *bss = priv;
8293 struct wpa_driver_nl80211_data *drv = bss->drv;
8294 struct ieee80211_mgmt mgmt;
8295 u8 channel;
8296 struct i802_link *link = nl80211_get_link(bss, link_id);
8297
8298 if (ieee80211_freq_to_chan(link->freq, &channel) ==
8299 HOSTAPD_MODE_IEEE80211AD) {
8300 /* Deauthentication is not used in DMG/IEEE 802.11ad;
8301 * disassociate the STA instead. */
8302 return i802_sta_disassoc(priv, own_addr, addr, reason);
8303 }
8304
8305 if (is_mesh_interface(drv->nlmode))
8306 return -1;
8307
8308 if (drv->device_ap_sme)
8309 return wpa_driver_nl80211_sta_remove(bss, addr, 1, reason);
8310
8311 memset(&mgmt, 0, sizeof(mgmt));
8312 mgmt.frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT,
8313 WLAN_FC_STYPE_DEAUTH);
8314 memcpy(mgmt.da, addr, ETH_ALEN);
8315 memcpy(mgmt.sa, own_addr, ETH_ALEN);
8316 memcpy(mgmt.bssid, own_addr, ETH_ALEN);
8317 mgmt.u.deauth.reason_code = host_to_le16(reason);
8318 return wpa_driver_nl80211_send_mlme(bss, (u8 *) &mgmt,
8319 IEEE80211_HDRLEN +
8320 sizeof(mgmt.u.deauth), 0, 0, 0, 0,
8321 0, NULL, 0, 0, -1);
8322 }
8323
8324
i802_sta_disassoc(void * priv,const u8 * own_addr,const u8 * addr,u16 reason)8325 static int i802_sta_disassoc(void *priv, const u8 *own_addr, const u8 *addr,
8326 u16 reason)
8327 {
8328 struct i802_bss *bss = priv;
8329 struct wpa_driver_nl80211_data *drv = bss->drv;
8330 struct ieee80211_mgmt mgmt;
8331
8332 if (is_mesh_interface(drv->nlmode))
8333 return -1;
8334
8335 if (drv->device_ap_sme)
8336 return wpa_driver_nl80211_sta_remove(bss, addr, 0, reason);
8337
8338 memset(&mgmt, 0, sizeof(mgmt));
8339 mgmt.frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT,
8340 WLAN_FC_STYPE_DISASSOC);
8341 memcpy(mgmt.da, addr, ETH_ALEN);
8342 memcpy(mgmt.sa, own_addr, ETH_ALEN);
8343 memcpy(mgmt.bssid, own_addr, ETH_ALEN);
8344 mgmt.u.disassoc.reason_code = host_to_le16(reason);
8345 return wpa_driver_nl80211_send_mlme(bss, (u8 *) &mgmt,
8346 IEEE80211_HDRLEN +
8347 sizeof(mgmt.u.disassoc), 0, 0, 0, 0,
8348 0, NULL, 0, 0, -1);
8349 }
8350
8351
dump_ifidx(struct wpa_driver_nl80211_data * drv)8352 static void dump_ifidx(struct wpa_driver_nl80211_data *drv)
8353 {
8354 char buf[200], *pos, *end;
8355 int i, res;
8356
8357 pos = buf;
8358 end = pos + sizeof(buf);
8359
8360 for (i = 0; i < drv->num_if_indices; i++) {
8361 if (!drv->if_indices[i].ifindex)
8362 continue;
8363 res = os_snprintf(pos, end - pos, " %d(%d)",
8364 drv->if_indices[i].ifindex,
8365 drv->if_indices[i].reason);
8366 if (os_snprintf_error(end - pos, res))
8367 break;
8368 pos += res;
8369 }
8370 *pos = '\0';
8371
8372 wpa_printf(MSG_DEBUG, "nl80211: if_indices[%d]:%s",
8373 drv->num_if_indices, buf);
8374 }
8375
8376
add_ifidx(struct wpa_driver_nl80211_data * drv,int ifidx,int ifidx_reason)8377 static void add_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx,
8378 int ifidx_reason)
8379 {
8380 int i;
8381 struct drv_nl80211_if_info *old;
8382
8383 wpa_printf(MSG_DEBUG,
8384 "nl80211: Add own interface ifindex %d (ifidx_reason %d)",
8385 ifidx, ifidx_reason);
8386 if (have_ifidx(drv, ifidx, ifidx_reason)) {
8387 wpa_printf(MSG_DEBUG, "nl80211: ifindex %d already in the list",
8388 ifidx);
8389 return;
8390 }
8391 for (i = 0; i < drv->num_if_indices; i++) {
8392 if (drv->if_indices[i].ifindex == 0) {
8393 drv->if_indices[i].ifindex = ifidx;
8394 drv->if_indices[i].reason = ifidx_reason;
8395 dump_ifidx(drv);
8396 return;
8397 }
8398 }
8399
8400 if (drv->if_indices != drv->default_if_indices)
8401 old = drv->if_indices;
8402 else
8403 old = NULL;
8404
8405 drv->if_indices = os_realloc_array(old, drv->num_if_indices + 1,
8406 sizeof(*old));
8407 if (!drv->if_indices) {
8408 if (!old)
8409 drv->if_indices = drv->default_if_indices;
8410 else
8411 drv->if_indices = old;
8412 wpa_printf(MSG_ERROR, "Failed to reallocate memory for "
8413 "interfaces");
8414 wpa_printf(MSG_ERROR, "Ignoring EAPOL on interface %d", ifidx);
8415 return;
8416 }
8417 if (!old)
8418 os_memcpy(drv->if_indices, drv->default_if_indices,
8419 sizeof(drv->default_if_indices));
8420 drv->if_indices[drv->num_if_indices].ifindex = ifidx;
8421 drv->if_indices[drv->num_if_indices].reason = ifidx_reason;
8422 drv->num_if_indices++;
8423 dump_ifidx(drv);
8424 }
8425
8426
del_ifidx(struct wpa_driver_nl80211_data * drv,int ifidx,int ifidx_reason)8427 static void del_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx,
8428 int ifidx_reason)
8429 {
8430 int i;
8431
8432 for (i = 0; i < drv->num_if_indices; i++) {
8433 if ((drv->if_indices[i].ifindex == ifidx ||
8434 ifidx == IFIDX_ANY) &&
8435 (drv->if_indices[i].reason == ifidx_reason ||
8436 ifidx_reason == IFIDX_ANY)) {
8437 drv->if_indices[i].ifindex = 0;
8438 drv->if_indices[i].reason = 0;
8439 break;
8440 }
8441 }
8442 dump_ifidx(drv);
8443 }
8444
8445
have_ifidx(struct wpa_driver_nl80211_data * drv,int ifidx,int ifidx_reason)8446 static int have_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx,
8447 int ifidx_reason)
8448 {
8449 int i;
8450
8451 for (i = 0; i < drv->num_if_indices; i++)
8452 if (drv->if_indices[i].ifindex == ifidx &&
8453 (drv->if_indices[i].reason == ifidx_reason ||
8454 ifidx_reason == IFIDX_ANY))
8455 return 1;
8456
8457 return 0;
8458 }
8459
8460
i802_set_wds_sta(void * priv,const u8 * addr,int aid,int val,const char * bridge_ifname,char * ifname_wds)8461 static int i802_set_wds_sta(void *priv, const u8 *addr, int aid, int val,
8462 const char *bridge_ifname, char *ifname_wds)
8463 {
8464 struct i802_bss *bss = priv;
8465 struct wpa_driver_nl80211_data *drv = bss->drv;
8466 char name[IFNAMSIZ + 1];
8467 union wpa_event_data event;
8468 int ret;
8469
8470 ret = os_snprintf(name, sizeof(name), "%s.sta%d", bss->ifname, aid);
8471 if (ret >= (int) sizeof(name))
8472 wpa_printf(MSG_WARNING,
8473 "nl80211: WDS interface name was truncated");
8474 else if (ret < 0)
8475 return ret;
8476
8477 if (ifname_wds)
8478 os_strlcpy(ifname_wds, name, IFNAMSIZ + 1);
8479
8480 wpa_printf(MSG_DEBUG, "nl80211: Set WDS STA addr=" MACSTR
8481 " aid=%d val=%d name=%s", MAC2STR(addr), aid, val, name);
8482 if (val) {
8483 if (!if_nametoindex(name)) {
8484 if (nl80211_create_iface(drv, name,
8485 NL80211_IFTYPE_AP_VLAN,
8486 bss->addr, 1, NULL, NULL, 0) <
8487 0)
8488 return -1;
8489 if (bridge_ifname &&
8490 linux_br_add_if(drv->global->ioctl_sock,
8491 bridge_ifname, name) < 0)
8492 return -1;
8493
8494 os_memset(&event, 0, sizeof(event));
8495 event.wds_sta_interface.sta_addr = addr;
8496 event.wds_sta_interface.ifname = name;
8497 event.wds_sta_interface.istatus = INTERFACE_ADDED;
8498 wpa_supplicant_event(bss->ctx,
8499 EVENT_WDS_STA_INTERFACE_STATUS,
8500 &event);
8501 }
8502 if (linux_set_iface_flags(drv->global->ioctl_sock, name, 1)) {
8503 wpa_printf(MSG_ERROR, "nl80211: Failed to set WDS STA "
8504 "interface %s up", name);
8505 }
8506 return i802_set_sta_vlan(priv, addr, name, 0,
8507 NL80211_DRV_LINK_ID_NA);
8508 } else {
8509 if (bridge_ifname &&
8510 linux_br_del_if(drv->global->ioctl_sock, bridge_ifname,
8511 name) < 0)
8512 wpa_printf(MSG_INFO,
8513 "nl80211: Failed to remove interface %s from bridge %s: %s",
8514 name, bridge_ifname, strerror(errno));
8515
8516 i802_set_sta_vlan(priv, addr, bss->ifname, 0,
8517 NL80211_DRV_LINK_ID_NA);
8518 nl80211_remove_iface(drv, if_nametoindex(name));
8519 os_memset(&event, 0, sizeof(event));
8520 event.wds_sta_interface.sta_addr = addr;
8521 event.wds_sta_interface.ifname = name;
8522 event.wds_sta_interface.istatus = INTERFACE_REMOVED;
8523 wpa_supplicant_event(bss->ctx, EVENT_WDS_STA_INTERFACE_STATUS,
8524 &event);
8525 return 0;
8526 }
8527 }
8528
8529
handle_eapol(int sock,void * eloop_ctx,void * sock_ctx)8530 static void handle_eapol(int sock, void *eloop_ctx, void *sock_ctx)
8531 {
8532 struct wpa_driver_nl80211_data *drv = eloop_ctx;
8533 struct sockaddr_ll lladdr;
8534 unsigned char buf[3000];
8535 int len;
8536 socklen_t fromlen = sizeof(lladdr);
8537
8538 len = recvfrom(sock, buf, sizeof(buf), 0,
8539 (struct sockaddr *)&lladdr, &fromlen);
8540 if (len < 0) {
8541 wpa_printf(MSG_ERROR, "nl80211: EAPOL recv failed: %s",
8542 strerror(errno));
8543 return;
8544 }
8545
8546 if (have_ifidx(drv, lladdr.sll_ifindex, IFIDX_ANY))
8547 drv_event_eapol_rx(drv->ctx, lladdr.sll_addr, buf, len);
8548 }
8549
8550
i802_check_bridge(struct wpa_driver_nl80211_data * drv,struct i802_bss * bss,const char * brname,const char * ifname)8551 static int i802_check_bridge(struct wpa_driver_nl80211_data *drv,
8552 struct i802_bss *bss,
8553 const char *brname, const char *ifname)
8554 {
8555 int br_ifindex;
8556 char in_br[IFNAMSIZ];
8557
8558 os_strlcpy(bss->brname, brname, IFNAMSIZ);
8559 br_ifindex = if_nametoindex(brname);
8560 if (br_ifindex == 0) {
8561 /*
8562 * Bridge was configured, but the bridge device does
8563 * not exist. Try to add it now.
8564 */
8565 if (linux_br_add(drv->global->ioctl_sock, brname) < 0) {
8566 wpa_printf(MSG_ERROR, "nl80211: Failed to add the "
8567 "bridge interface %s: %s",
8568 brname, strerror(errno));
8569 return -1;
8570 }
8571 bss->added_bridge = 1;
8572 br_ifindex = if_nametoindex(brname);
8573 add_ifidx(drv, br_ifindex, drv->ifindex);
8574 }
8575 bss->br_ifindex = br_ifindex;
8576
8577 if (linux_br_get(in_br, ifname) == 0) {
8578 if (os_strcmp(in_br, brname) == 0) {
8579 bss->already_in_bridge = 1;
8580 return 0; /* already in the bridge */
8581 }
8582
8583 wpa_printf(MSG_DEBUG, "nl80211: Removing interface %s from "
8584 "bridge %s", ifname, in_br);
8585 if (linux_br_del_if(drv->global->ioctl_sock, in_br, ifname) <
8586 0) {
8587 wpa_printf(MSG_ERROR, "nl80211: Failed to "
8588 "remove interface %s from bridge "
8589 "%s: %s",
8590 ifname, in_br, strerror(errno));
8591 return -1;
8592 }
8593 }
8594
8595 wpa_printf(MSG_DEBUG, "nl80211: Adding interface %s into bridge %s",
8596 ifname, brname);
8597 if (linux_br_add_if(drv->global->ioctl_sock, brname, ifname) < 0) {
8598 wpa_printf(MSG_WARNING,
8599 "nl80211: Failed to add interface %s into bridge %s: %s",
8600 ifname, brname, strerror(errno));
8601 /* Try to continue without the interface being in a bridge. This
8602 * may be needed for some cases, e.g., with Open vSwitch, where
8603 * an external component will need to handle bridge
8604 * configuration. */
8605 return 0;
8606 }
8607 bss->added_if_into_bridge = 1;
8608
8609 return 0;
8610 }
8611
8612
i802_init(struct hostapd_data * hapd,struct wpa_init_params * params)8613 static void *i802_init(struct hostapd_data *hapd,
8614 struct wpa_init_params *params)
8615 {
8616 struct wpa_driver_nl80211_data *drv;
8617 struct i802_bss *bss;
8618 size_t i;
8619 char master_ifname[IFNAMSIZ];
8620 int ifindex, br_ifindex = 0;
8621 int br_added = 0;
8622
8623 bss = wpa_driver_nl80211_drv_init(hapd, params->ifname,
8624 params->global_priv, 1,
8625 params->bssid, params->driver_params);
8626 if (bss == NULL)
8627 return NULL;
8628
8629 drv = bss->drv;
8630
8631 if (linux_br_get(master_ifname, params->ifname) == 0) {
8632 wpa_printf(MSG_DEBUG, "nl80211: Interface %s is in bridge %s",
8633 params->ifname, master_ifname);
8634 br_ifindex = if_nametoindex(master_ifname);
8635 os_strlcpy(bss->brname, master_ifname, IFNAMSIZ);
8636 } else if ((params->num_bridge == 0 || !params->bridge[0]) &&
8637 linux_master_get(master_ifname, params->ifname) == 0) {
8638 wpa_printf(MSG_DEBUG, "nl80211: Interface %s is in master %s",
8639 params->ifname, master_ifname);
8640 /* start listening for EAPOL on the master interface */
8641 add_ifidx(drv, if_nametoindex(master_ifname), drv->ifindex);
8642
8643 /* check if master itself is under bridge */
8644 if (linux_br_get(master_ifname, master_ifname) == 0) {
8645 wpa_printf(MSG_DEBUG, "nl80211: which is in bridge %s",
8646 master_ifname);
8647 br_ifindex = if_nametoindex(master_ifname);
8648 os_strlcpy(bss->brname, master_ifname, IFNAMSIZ);
8649 }
8650 } else {
8651 master_ifname[0] = '\0';
8652 }
8653
8654 bss->br_ifindex = br_ifindex;
8655
8656 for (i = 0; i < params->num_bridge; i++) {
8657 if (params->bridge[i]) {
8658 ifindex = if_nametoindex(params->bridge[i]);
8659 if (ifindex)
8660 add_ifidx(drv, ifindex, drv->ifindex);
8661 if (ifindex == br_ifindex)
8662 br_added = 1;
8663 }
8664 }
8665
8666 /* start listening for EAPOL on the default AP interface */
8667 add_ifidx(drv, drv->ifindex, IFIDX_ANY);
8668
8669 if (params->num_bridge && params->bridge[0]) {
8670 if (i802_check_bridge(drv, bss, params->bridge[0],
8671 params->ifname) < 0)
8672 goto failed;
8673 if (os_strcmp(params->bridge[0], master_ifname) != 0)
8674 br_added = 1;
8675 }
8676
8677 if (!br_added && br_ifindex &&
8678 (params->num_bridge == 0 || !params->bridge[0]))
8679 add_ifidx(drv, br_ifindex, drv->ifindex);
8680
8681 #ifdef CONFIG_LIBNL3_ROUTE
8682 if (bss->added_if_into_bridge || bss->already_in_bridge) {
8683 int err;
8684
8685 drv->rtnl_sk = nl_socket_alloc();
8686 if (drv->rtnl_sk == NULL) {
8687 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate nl_sock");
8688 goto failed;
8689 }
8690
8691 err = nl_connect(drv->rtnl_sk, NETLINK_ROUTE);
8692 if (err) {
8693 wpa_printf(MSG_ERROR, "nl80211: Failed to connect nl_sock to NETLINK_ROUTE: %s",
8694 nl_geterror(err));
8695 goto failed;
8696 }
8697 }
8698 #endif /* CONFIG_LIBNL3_ROUTE */
8699
8700 if (drv->capa.flags2 & WPA_DRIVER_FLAGS2_CONTROL_PORT_RX) {
8701 wpa_printf(MSG_DEBUG,
8702 "nl80211: Do not open EAPOL RX socket - using control port for RX");
8703 goto skip_eapol_sock;
8704 }
8705
8706 drv->eapol_sock = socket(PF_PACKET, SOCK_DGRAM, htons(ETH_P_PAE));
8707 if (drv->eapol_sock < 0) {
8708 wpa_printf(MSG_ERROR, "nl80211: socket(PF_PACKET, SOCK_DGRAM, ETH_P_PAE) failed: %s",
8709 strerror(errno));
8710 goto failed;
8711 }
8712
8713 if (eloop_register_read_sock(drv->eapol_sock, handle_eapol, drv, NULL))
8714 {
8715 wpa_printf(MSG_INFO, "nl80211: Could not register read socket for eapol");
8716 goto failed;
8717 }
8718 skip_eapol_sock:
8719
8720 if (linux_get_ifhwaddr(drv->global->ioctl_sock, bss->ifname,
8721 params->own_addr))
8722 goto failed;
8723 os_memcpy(drv->perm_addr, params->own_addr, ETH_ALEN);
8724
8725 memcpy(bss->addr, params->own_addr, ETH_ALEN);
8726
8727 return bss;
8728
8729 failed:
8730 wpa_driver_nl80211_deinit(bss);
8731 return NULL;
8732 }
8733
8734
i802_deinit(void * priv)8735 static void i802_deinit(void *priv)
8736 {
8737 struct i802_bss *bss = priv;
8738 wpa_driver_nl80211_deinit(bss);
8739 }
8740
8741
wpa_driver_nl80211_if_type(enum wpa_driver_if_type type)8742 static enum nl80211_iftype wpa_driver_nl80211_if_type(
8743 enum wpa_driver_if_type type)
8744 {
8745 switch (type) {
8746 case WPA_IF_STATION:
8747 return NL80211_IFTYPE_STATION;
8748 case WPA_IF_P2P_CLIENT:
8749 case WPA_IF_P2P_GROUP:
8750 return NL80211_IFTYPE_P2P_CLIENT;
8751 case WPA_IF_AP_VLAN:
8752 return NL80211_IFTYPE_AP_VLAN;
8753 case WPA_IF_AP_BSS:
8754 return NL80211_IFTYPE_AP;
8755 case WPA_IF_P2P_GO:
8756 return NL80211_IFTYPE_P2P_GO;
8757 case WPA_IF_P2P_DEVICE:
8758 return NL80211_IFTYPE_P2P_DEVICE;
8759 case WPA_IF_MESH:
8760 return NL80211_IFTYPE_MESH_POINT;
8761 default:
8762 return -1;
8763 }
8764 }
8765
8766
nl80211_addr_in_use(struct nl80211_global * global,const u8 * addr)8767 static int nl80211_addr_in_use(struct nl80211_global *global, const u8 *addr)
8768 {
8769 struct wpa_driver_nl80211_data *drv;
8770 dl_list_for_each(drv, &global->interfaces,
8771 struct wpa_driver_nl80211_data, list) {
8772 if (os_memcmp(addr, drv->first_bss->addr, ETH_ALEN) == 0)
8773 return 1;
8774 }
8775 return 0;
8776 }
8777
8778
nl80211_vif_addr(struct wpa_driver_nl80211_data * drv,u8 * new_addr)8779 static int nl80211_vif_addr(struct wpa_driver_nl80211_data *drv, u8 *new_addr)
8780 {
8781 unsigned int idx;
8782
8783 if (!drv->global)
8784 return -1;
8785
8786 os_memcpy(new_addr, drv->first_bss->addr, ETH_ALEN);
8787 for (idx = 0; idx < 64; idx++) {
8788 new_addr[0] = drv->first_bss->addr[0] | 0x02;
8789 new_addr[0] ^= idx << 2;
8790 if (!nl80211_addr_in_use(drv->global, new_addr))
8791 break;
8792 }
8793 if (idx == 64)
8794 return -1;
8795
8796 wpa_printf(MSG_DEBUG, "nl80211: Assigned new virtual interface address "
8797 MACSTR, MAC2STR(new_addr));
8798
8799 return 0;
8800 }
8801
8802
8803 struct wdev_info {
8804 u64 wdev_id;
8805 int wdev_id_set;
8806 u8 macaddr[ETH_ALEN];
8807 };
8808
nl80211_wdev_handler(struct nl_msg * msg,void * arg)8809 static int nl80211_wdev_handler(struct nl_msg *msg, void *arg)
8810 {
8811 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
8812 struct nlattr *tb[NL80211_ATTR_MAX + 1];
8813 struct wdev_info *wi = arg;
8814
8815 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
8816 genlmsg_attrlen(gnlh, 0), NULL);
8817 if (tb[NL80211_ATTR_WDEV]) {
8818 wi->wdev_id = nla_get_u64(tb[NL80211_ATTR_WDEV]);
8819 wi->wdev_id_set = 1;
8820 }
8821
8822 if (tb[NL80211_ATTR_MAC])
8823 os_memcpy(wi->macaddr, nla_data(tb[NL80211_ATTR_MAC]),
8824 ETH_ALEN);
8825
8826 return NL_SKIP;
8827 }
8828
8829
wpa_driver_nl80211_if_add(void * priv,enum wpa_driver_if_type type,const char * ifname,const u8 * addr,void * bss_ctx,void ** drv_priv,char * force_ifname,u8 * if_addr,const char * bridge,int use_existing,int setup_ap)8830 static int wpa_driver_nl80211_if_add(void *priv, enum wpa_driver_if_type type,
8831 const char *ifname, const u8 *addr,
8832 void *bss_ctx, void **drv_priv,
8833 char *force_ifname, u8 *if_addr,
8834 const char *bridge, int use_existing,
8835 int setup_ap)
8836 {
8837 enum nl80211_iftype nlmode;
8838 struct i802_bss *bss = priv;
8839 struct wpa_driver_nl80211_data *drv = bss->drv;
8840 int ifidx;
8841 int added = 1;
8842
8843 if (addr)
8844 os_memcpy(if_addr, addr, ETH_ALEN);
8845 nlmode = wpa_driver_nl80211_if_type(type);
8846 if (nlmode == NL80211_IFTYPE_P2P_DEVICE) {
8847 struct wdev_info p2pdev_info;
8848
8849 os_memset(&p2pdev_info, 0, sizeof(p2pdev_info));
8850 ifidx = nl80211_create_iface(drv, ifname, nlmode, addr,
8851 0, nl80211_wdev_handler,
8852 &p2pdev_info, use_existing);
8853 if (!p2pdev_info.wdev_id_set || ifidx != 0) {
8854 wpa_printf(MSG_ERROR, "nl80211: Failed to create a P2P Device interface %s",
8855 ifname);
8856 return -1;
8857 }
8858
8859 drv->global->if_add_wdevid = p2pdev_info.wdev_id;
8860 drv->global->if_add_wdevid_set = p2pdev_info.wdev_id_set;
8861 if (!is_zero_ether_addr(p2pdev_info.macaddr)) {
8862 os_memcpy(if_addr, p2pdev_info.macaddr, ETH_ALEN);
8863 os_memcpy(drv->global->p2p_perm_addr, p2pdev_info.macaddr, ETH_ALEN);
8864 }
8865 wpa_printf(MSG_DEBUG, "nl80211: New P2P Device interface %s (0x%llx) created",
8866 ifname,
8867 (long long unsigned int) p2pdev_info.wdev_id);
8868 } else {
8869 ifidx = nl80211_create_iface(drv, ifname, nlmode, addr,
8870 0, NULL, NULL, use_existing);
8871 if (use_existing && ifidx == -ENFILE) {
8872 added = 0;
8873 ifidx = if_nametoindex(ifname);
8874 } else if (ifidx < 0) {
8875 return -1;
8876 }
8877 }
8878
8879 if (!addr) {
8880 if (nlmode == NL80211_IFTYPE_P2P_DEVICE)
8881 os_memcpy(if_addr, bss->addr, ETH_ALEN);
8882 else if (linux_get_ifhwaddr(drv->global->ioctl_sock,
8883 ifname, if_addr) < 0) {
8884 if (added)
8885 nl80211_remove_iface(drv, ifidx);
8886 return -1;
8887 }
8888 }
8889
8890 if (!addr &&
8891 (type == WPA_IF_P2P_CLIENT || type == WPA_IF_P2P_GROUP ||
8892 type == WPA_IF_P2P_GO || type == WPA_IF_MESH ||
8893 type == WPA_IF_STATION || type == WPA_IF_AP_BSS)) {
8894 /* Enforce unique address */
8895 u8 new_addr[ETH_ALEN];
8896
8897 if (linux_get_ifhwaddr(drv->global->ioctl_sock, ifname,
8898 new_addr) < 0) {
8899 if (added)
8900 nl80211_remove_iface(drv, ifidx);
8901 return -1;
8902 }
8903 if (nl80211_addr_in_use(drv->global, new_addr)) {
8904 wpa_printf(MSG_DEBUG, "nl80211: Allocate new address "
8905 "for interface %s type %d", ifname, type);
8906 if (nl80211_vif_addr(drv, new_addr) < 0) {
8907 if (added)
8908 nl80211_remove_iface(drv, ifidx);
8909 return -1;
8910 }
8911 if (linux_set_ifhwaddr(drv->global->ioctl_sock, ifname,
8912 new_addr) < 0) {
8913 if (added)
8914 nl80211_remove_iface(drv, ifidx);
8915 return -1;
8916 }
8917 }
8918 os_memcpy(if_addr, new_addr, ETH_ALEN);
8919 }
8920
8921 if (type == WPA_IF_AP_BSS && setup_ap) {
8922 struct i802_bss *new_bss = os_zalloc(sizeof(*new_bss));
8923 unsigned int i;
8924
8925 if (new_bss == NULL) {
8926 if (added)
8927 nl80211_remove_iface(drv, ifidx);
8928 return -1;
8929 }
8930
8931 /* Initialize here before any failure path */
8932 for (i = 0; i < MAX_NUM_MLD_LINKS; i++)
8933 new_bss->links[i].link_id = NL80211_DRV_LINK_ID_NA;
8934
8935 if (bridge &&
8936 i802_check_bridge(drv, new_bss, bridge, ifname) < 0) {
8937 wpa_printf(MSG_ERROR, "nl80211: Failed to add the new "
8938 "interface %s to a bridge %s",
8939 ifname, bridge);
8940 if (added)
8941 nl80211_remove_iface(drv, ifidx);
8942 os_free(new_bss);
8943 return -1;
8944 }
8945
8946 if (linux_set_iface_flags(drv->global->ioctl_sock, ifname, 1))
8947 {
8948 if (added)
8949 nl80211_remove_iface(drv, ifidx);
8950 os_free(new_bss);
8951 return -1;
8952 }
8953 os_strlcpy(new_bss->ifname, ifname, IFNAMSIZ);
8954 os_memcpy(new_bss->addr, if_addr, ETH_ALEN);
8955 new_bss->ifindex = ifidx;
8956 new_bss->drv = drv;
8957 new_bss->next = drv->first_bss->next;
8958 new_bss->flink = &new_bss->links[0];
8959 new_bss->n_links = 1;
8960 os_memcpy(new_bss->flink->addr, new_bss->addr, ETH_ALEN);
8961
8962 new_bss->flink->freq = drv->first_bss->flink->freq;
8963 new_bss->ctx = bss_ctx;
8964 new_bss->added_if = added;
8965 drv->first_bss->next = new_bss;
8966 if (drv_priv)
8967 *drv_priv = new_bss;
8968 nl80211_init_bss(new_bss);
8969
8970 /* Subscribe management frames for this WPA_IF_AP_BSS */
8971 if (nl80211_setup_ap(new_bss))
8972 return -1;
8973 }
8974
8975 if (drv->global)
8976 drv->global->if_add_ifindex = ifidx;
8977
8978 /*
8979 * Some virtual interfaces need to process EAPOL packets and events on
8980 * the parent interface. This is used mainly with hostapd.
8981 */
8982 if (ifidx > 0 &&
8983 (drv->hostapd ||
8984 nlmode == NL80211_IFTYPE_AP_VLAN ||
8985 nlmode == NL80211_IFTYPE_WDS ||
8986 nlmode == NL80211_IFTYPE_MONITOR))
8987 add_ifidx(drv, ifidx, IFIDX_ANY);
8988
8989 return 0;
8990 }
8991
8992
wpa_driver_nl80211_if_remove(struct i802_bss * bss,enum wpa_driver_if_type type,const char * ifname)8993 static int wpa_driver_nl80211_if_remove(struct i802_bss *bss,
8994 enum wpa_driver_if_type type,
8995 const char *ifname)
8996 {
8997 struct wpa_driver_nl80211_data *drv = bss->drv;
8998 int ifindex = if_nametoindex(ifname);
8999
9000 wpa_printf(MSG_DEBUG, "nl80211: %s(type=%d ifname=%s) ifindex=%d added_if=%d",
9001 __func__, type, ifname, ifindex, bss->added_if);
9002 if (ifindex > 0 && (bss->added_if || bss->ifindex != ifindex))
9003 nl80211_remove_iface(drv, ifindex);
9004 else if (ifindex > 0 && !bss->added_if) {
9005 struct wpa_driver_nl80211_data *drv2;
9006 dl_list_for_each(drv2, &drv->global->interfaces,
9007 struct wpa_driver_nl80211_data, list) {
9008 del_ifidx(drv2, ifindex, IFIDX_ANY);
9009 del_ifidx(drv2, IFIDX_ANY, ifindex);
9010 }
9011 }
9012
9013 if (type != WPA_IF_AP_BSS)
9014 return 0;
9015
9016 if (bss->added_if_into_bridge) {
9017 if (linux_br_del_if(drv->global->ioctl_sock, bss->brname,
9018 bss->ifname) < 0)
9019 wpa_printf(MSG_INFO, "nl80211: Failed to remove "
9020 "interface %s from bridge %s: %s",
9021 bss->ifname, bss->brname, strerror(errno));
9022 }
9023 if (bss->added_bridge) {
9024 if (linux_br_del(drv->global->ioctl_sock, bss->brname) < 0)
9025 wpa_printf(MSG_INFO, "nl80211: Failed to remove "
9026 "bridge %s: %s",
9027 bss->brname, strerror(errno));
9028 }
9029
9030 if (bss != drv->first_bss) {
9031 struct i802_bss *tbss;
9032
9033 wpa_printf(MSG_DEBUG, "nl80211: Not the first BSS - remove it");
9034 for (tbss = drv->first_bss; tbss; tbss = tbss->next) {
9035 if (tbss->next == bss) {
9036 tbss->next = bss->next;
9037 /* Unsubscribe management frames */
9038 nl80211_teardown_ap(bss);
9039 nl80211_destroy_bss(bss);
9040 if (!bss->added_if)
9041 i802_set_iface_flags(bss, 0);
9042 os_free(bss);
9043 bss = NULL;
9044 break;
9045 }
9046 }
9047 if (bss)
9048 wpa_printf(MSG_INFO, "nl80211: %s - could not find "
9049 "BSS %p in the list", __func__, bss);
9050 } else {
9051 wpa_printf(MSG_DEBUG, "nl80211: First BSS - reassign context");
9052 nl80211_teardown_ap(bss);
9053 if (!bss->added_if && !drv->first_bss->next)
9054 wpa_driver_nl80211_del_beacon_all(bss);
9055 nl80211_destroy_bss(bss);
9056 if (!bss->added_if)
9057 i802_set_iface_flags(bss, 0);
9058 if (drv->first_bss->next) {
9059 drv->first_bss = drv->first_bss->next;
9060 drv->ctx = drv->first_bss->ctx;
9061 os_free(bss);
9062 } else {
9063 wpa_printf(MSG_DEBUG, "nl80211: No second BSS to reassign context to");
9064 }
9065 }
9066
9067 return 0;
9068 }
9069
9070
cookie_handler(struct nl_msg * msg,void * arg)9071 static int cookie_handler(struct nl_msg *msg, void *arg)
9072 {
9073 struct nlattr *tb[NL80211_ATTR_MAX + 1];
9074 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
9075 u64 *cookie = arg;
9076 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
9077 genlmsg_attrlen(gnlh, 0), NULL);
9078 if (tb[NL80211_ATTR_COOKIE])
9079 *cookie = nla_get_u64(tb[NL80211_ATTR_COOKIE]);
9080 return NL_SKIP;
9081 }
9082
9083
nl80211_send_frame_cmd(struct i802_bss * bss,unsigned int freq,unsigned int wait,const u8 * buf,size_t buf_len,int save_cookie,int no_cck,int no_ack,int offchanok,const u16 * csa_offs,size_t csa_offs_len)9084 static int nl80211_send_frame_cmd(struct i802_bss *bss,
9085 unsigned int freq, unsigned int wait,
9086 const u8 *buf, size_t buf_len,
9087 int save_cookie, int no_cck, int no_ack,
9088 int offchanok, const u16 *csa_offs,
9089 size_t csa_offs_len)
9090 {
9091 struct wpa_driver_nl80211_data *drv = bss->drv;
9092 struct nl_msg *msg;
9093 u64 cookie;
9094 int ret = -1;
9095
9096 wpa_printf(MSG_MSGDUMP, "nl80211: CMD_FRAME freq=%u wait=%u no_cck=%d "
9097 "no_ack=%d offchanok=%d",
9098 freq, wait, no_cck, no_ack, offchanok);
9099 wpa_hexdump(MSG_MSGDUMP, "CMD_FRAME", buf, buf_len);
9100
9101 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_FRAME)) ||
9102 (freq && nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, freq)) ||
9103 (wait && nla_put_u32(msg, NL80211_ATTR_DURATION, wait)) ||
9104 (offchanok && ((drv->capa.flags & WPA_DRIVER_FLAGS_OFFCHANNEL_TX) ||
9105 drv->test_use_roc_tx) &&
9106 nla_put_flag(msg, NL80211_ATTR_OFFCHANNEL_TX_OK)) ||
9107 (no_cck && nla_put_flag(msg, NL80211_ATTR_TX_NO_CCK_RATE)) ||
9108 (no_ack && nla_put_flag(msg, NL80211_ATTR_DONT_WAIT_FOR_ACK)) ||
9109 (csa_offs && nla_put(msg, NL80211_ATTR_CSA_C_OFFSETS_TX,
9110 csa_offs_len * sizeof(u16), csa_offs)) ||
9111 nla_put(msg, NL80211_ATTR_FRAME, buf_len, buf))
9112 goto fail;
9113
9114 cookie = 0;
9115 ret = send_and_recv_msgs(drv, msg, cookie_handler, &cookie, NULL, NULL);
9116 msg = NULL;
9117 if (ret) {
9118 wpa_printf(MSG_DEBUG, "nl80211: Frame command failed: ret=%d "
9119 "(%s) (freq=%u wait=%u)", ret, strerror(-ret),
9120 freq, wait);
9121 } else {
9122 wpa_printf(MSG_MSGDUMP, "nl80211: Frame TX command accepted%s; "
9123 "cookie 0x%llx", no_ack ? " (no ACK)" : "",
9124 (long long unsigned int) cookie);
9125
9126 if (save_cookie)
9127 drv->send_frame_cookie = no_ack ? (u64) -1 : cookie;
9128
9129 if (!wait) {
9130 /* There is no need to store this cookie since there
9131 * is no wait that could be canceled later. */
9132 goto fail;
9133 }
9134 if (drv->num_send_frame_cookies == MAX_SEND_FRAME_COOKIES) {
9135 wpa_printf(MSG_DEBUG,
9136 "nl80211: Drop oldest pending send frame cookie 0x%llx",
9137 (long long unsigned int)
9138 drv->send_frame_cookies[0]);
9139 os_memmove(&drv->send_frame_cookies[0],
9140 &drv->send_frame_cookies[1],
9141 (MAX_SEND_FRAME_COOKIES - 1) *
9142 sizeof(u64));
9143 drv->num_send_frame_cookies--;
9144 }
9145 drv->send_frame_cookies[drv->num_send_frame_cookies] = cookie;
9146 drv->num_send_frame_cookies++;
9147 }
9148
9149 fail:
9150 nlmsg_free(msg);
9151 return ret;
9152 }
9153
9154
wpa_driver_nl80211_send_action(struct i802_bss * bss,unsigned int freq,unsigned int wait_time,const u8 * dst,const u8 * src,const u8 * bssid,const u8 * data,size_t data_len,int no_cck)9155 static int wpa_driver_nl80211_send_action(struct i802_bss *bss,
9156 unsigned int freq,
9157 unsigned int wait_time,
9158 const u8 *dst, const u8 *src,
9159 const u8 *bssid,
9160 const u8 *data, size_t data_len,
9161 int no_cck)
9162 {
9163 struct wpa_driver_nl80211_data *drv = bss->drv;
9164 int ret = -1;
9165 u8 *buf;
9166 struct ieee80211_hdr *hdr;
9167 int offchanok = 1;
9168
9169 if (is_ap_interface(drv->nlmode) && (int) freq == bss->flink->freq &&
9170 bss->flink->beacon_set)
9171 offchanok = 0;
9172
9173 wpa_printf(MSG_DEBUG, "nl80211: Send Action frame (ifindex=%d, "
9174 "freq=%u MHz wait=%d ms no_cck=%d offchanok=%d)",
9175 drv->ifindex, freq, wait_time, no_cck, offchanok);
9176
9177 buf = os_zalloc(24 + data_len);
9178 if (buf == NULL)
9179 return ret;
9180 os_memcpy(buf + 24, data, data_len);
9181 hdr = (struct ieee80211_hdr *) buf;
9182 hdr->frame_control =
9183 IEEE80211_FC(WLAN_FC_TYPE_MGMT, WLAN_FC_STYPE_ACTION);
9184 os_memcpy(hdr->addr1, dst, ETH_ALEN);
9185 os_memcpy(hdr->addr2, src, ETH_ALEN);
9186 os_memcpy(hdr->addr3, bssid, ETH_ALEN);
9187
9188 if (os_memcmp(bss->addr, src, ETH_ALEN) != 0) {
9189 wpa_printf(MSG_DEBUG, "nl80211: Use random TA " MACSTR,
9190 MAC2STR(src));
9191 os_memcpy(bss->rand_addr, src, ETH_ALEN);
9192 } else {
9193 os_memset(bss->rand_addr, 0, ETH_ALEN);
9194 }
9195
9196 #ifdef CONFIG_MESH
9197 if (is_mesh_interface(drv->nlmode)) {
9198 struct hostapd_hw_modes *modes;
9199 u16 num_modes, flags;
9200 u8 dfs_domain;
9201 int i;
9202
9203 modes = nl80211_get_hw_feature_data(bss, &num_modes,
9204 &flags, &dfs_domain);
9205 if (dfs_domain != HOSTAPD_DFS_REGION_ETSI &&
9206 ieee80211_is_dfs(bss->flink->freq, modes, num_modes))
9207 offchanok = 0;
9208 if (modes) {
9209 for (i = 0; i < num_modes; i++) {
9210 os_free(modes[i].channels);
9211 os_free(modes[i].rates);
9212 }
9213 os_free(modes);
9214 }
9215 }
9216 #endif /* CONFIG_MESH */
9217
9218 if (is_ap_interface(drv->nlmode) &&
9219 (!(drv->capa.flags & WPA_DRIVER_FLAGS_OFFCHANNEL_TX) ||
9220 (int) freq == bss->flink->freq || drv->device_ap_sme ||
9221 !drv->use_monitor))
9222 ret = wpa_driver_nl80211_send_mlme(bss, buf, 24 + data_len,
9223 0, freq, no_cck, offchanok,
9224 wait_time, NULL, 0, 0, -1);
9225 else
9226 ret = nl80211_send_frame_cmd(bss, freq, wait_time, buf,
9227 24 + data_len,
9228 1, no_cck, 0, offchanok, NULL, 0);
9229
9230 os_free(buf);
9231 return ret;
9232 }
9233
9234
nl80211_frame_wait_cancel(struct i802_bss * bss,u64 cookie)9235 static void nl80211_frame_wait_cancel(struct i802_bss *bss, u64 cookie)
9236 {
9237 struct wpa_driver_nl80211_data *drv = bss->drv;
9238 struct nl_msg *msg;
9239 int ret;
9240
9241 wpa_printf(MSG_DEBUG, "nl80211: Cancel TX frame wait: cookie=0x%llx",
9242 (long long unsigned int) cookie);
9243 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_FRAME_WAIT_CANCEL)) ||
9244 nla_put_u64(msg, NL80211_ATTR_COOKIE, cookie)) {
9245 nlmsg_free(msg);
9246 return;
9247 }
9248
9249 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
9250 if (ret)
9251 wpa_printf(MSG_DEBUG, "nl80211: wait cancel failed: ret=%d "
9252 "(%s)", ret, strerror(-ret));
9253 }
9254
9255
wpa_driver_nl80211_send_action_cancel_wait(void * priv)9256 static void wpa_driver_nl80211_send_action_cancel_wait(void *priv)
9257 {
9258 struct i802_bss *bss = priv;
9259 struct wpa_driver_nl80211_data *drv = bss->drv;
9260 unsigned int i;
9261 u64 cookie;
9262
9263 /* Cancel the last pending TX cookie */
9264 if (drv->send_frame_cookie != (u64) -1)
9265 nl80211_frame_wait_cancel(bss, drv->send_frame_cookie);
9266
9267 /*
9268 * Cancel the other pending TX cookies, if any. This is needed since
9269 * the driver may keep a list of all pending offchannel TX operations
9270 * and free up the radio only once they have expired or cancelled.
9271 */
9272 for (i = drv->num_send_frame_cookies; i > 0; i--) {
9273 cookie = drv->send_frame_cookies[i - 1];
9274 if (cookie != drv->send_frame_cookie)
9275 nl80211_frame_wait_cancel(bss, cookie);
9276 }
9277 drv->num_send_frame_cookies = 0;
9278 }
9279
9280
wpa_driver_nl80211_remain_on_channel(void * priv,unsigned int freq,unsigned int duration)9281 static int wpa_driver_nl80211_remain_on_channel(void *priv, unsigned int freq,
9282 unsigned int duration)
9283 {
9284 struct i802_bss *bss = priv;
9285 struct wpa_driver_nl80211_data *drv = bss->drv;
9286 struct nl_msg *msg;
9287 int ret;
9288 u64 cookie;
9289
9290 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_REMAIN_ON_CHANNEL)) ||
9291 nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, freq) ||
9292 nla_put_u32(msg, NL80211_ATTR_DURATION, duration)) {
9293 nlmsg_free(msg);
9294 return -1;
9295 }
9296
9297 cookie = 0;
9298 ret = send_and_recv_msgs(drv, msg, cookie_handler, &cookie, NULL, NULL);
9299 if (ret == 0) {
9300 wpa_printf(MSG_DEBUG, "nl80211: Remain-on-channel cookie "
9301 "0x%llx for freq=%u MHz duration=%u",
9302 (long long unsigned int) cookie, freq, duration);
9303 drv->remain_on_chan_cookie = cookie;
9304 drv->pending_remain_on_chan = 1;
9305 return 0;
9306 }
9307 wpa_printf(MSG_DEBUG, "nl80211: Failed to request remain-on-channel "
9308 "(freq=%d duration=%u): %d (%s)",
9309 freq, duration, ret, strerror(-ret));
9310 return -1;
9311 }
9312
9313
wpa_driver_nl80211_cancel_remain_on_channel(void * priv)9314 static int wpa_driver_nl80211_cancel_remain_on_channel(void *priv)
9315 {
9316 struct i802_bss *bss = priv;
9317 struct wpa_driver_nl80211_data *drv = bss->drv;
9318 struct nl_msg *msg;
9319 int ret;
9320
9321 if (!drv->pending_remain_on_chan) {
9322 wpa_printf(MSG_DEBUG, "nl80211: No pending remain-on-channel "
9323 "to cancel");
9324 return -1;
9325 }
9326
9327 wpa_printf(MSG_DEBUG, "nl80211: Cancel remain-on-channel with cookie "
9328 "0x%llx",
9329 (long long unsigned int) drv->remain_on_chan_cookie);
9330
9331 msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL);
9332 if (!msg ||
9333 nla_put_u64(msg, NL80211_ATTR_COOKIE, drv->remain_on_chan_cookie)) {
9334 nlmsg_free(msg);
9335 return -1;
9336 }
9337
9338 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
9339 if (ret == 0)
9340 return 0;
9341 wpa_printf(MSG_DEBUG, "nl80211: Failed to cancel remain-on-channel: "
9342 "%d (%s)", ret, strerror(-ret));
9343 return -1;
9344 }
9345
9346
wpa_driver_nl80211_probe_req_report(struct i802_bss * bss,int report)9347 static int wpa_driver_nl80211_probe_req_report(struct i802_bss *bss, int report)
9348 {
9349 struct wpa_driver_nl80211_data *drv = bss->drv;
9350
9351 if (!report) {
9352 if (bss->nl_preq && drv->device_ap_sme &&
9353 is_ap_interface(drv->nlmode) && !bss->in_deinit &&
9354 !bss->static_ap) {
9355 /*
9356 * Do not disable Probe Request reporting that was
9357 * enabled in nl80211_setup_ap().
9358 */
9359 wpa_printf(MSG_DEBUG, "nl80211: Skip disabling of "
9360 "Probe Request reporting nl_preq=%p while "
9361 "in AP mode", bss->nl_preq);
9362 } else if (bss->nl_preq) {
9363 wpa_printf(MSG_DEBUG, "nl80211: Disable Probe Request "
9364 "reporting nl_preq=%p", bss->nl_preq);
9365 nl80211_destroy_eloop_handle(&bss->nl_preq, 0);
9366 }
9367 return 0;
9368 }
9369
9370 if (bss->nl_preq) {
9371 wpa_printf(MSG_DEBUG, "nl80211: Probe Request reporting "
9372 "already on! nl_preq=%p", bss->nl_preq);
9373 return 0;
9374 }
9375
9376 bss->nl_preq = nl_create_handle(drv->global->nl_cb, "preq");
9377 if (bss->nl_preq == NULL)
9378 return -1;
9379 wpa_printf(MSG_DEBUG, "nl80211: Enable Probe Request "
9380 "reporting nl_preq=%p", bss->nl_preq);
9381
9382 if (nl80211_register_frame(bss, bss->nl_preq,
9383 (WLAN_FC_TYPE_MGMT << 2) |
9384 (WLAN_FC_STYPE_PROBE_REQ << 4),
9385 NULL, 0, false) < 0)
9386 goto out_err;
9387
9388 nl80211_register_eloop_read(&bss->nl_preq,
9389 wpa_driver_nl80211_event_receive,
9390 bss->nl_cb, 0);
9391
9392 return 0;
9393
9394 out_err:
9395 nl_destroy_handles(&bss->nl_preq);
9396 return -1;
9397 }
9398
9399
nl80211_disable_11b_rates(struct wpa_driver_nl80211_data * drv,int ifindex,int disabled)9400 static int nl80211_disable_11b_rates(struct wpa_driver_nl80211_data *drv,
9401 int ifindex, int disabled)
9402 {
9403 struct nl_msg *msg;
9404 struct nlattr *bands, *band;
9405 int ret;
9406
9407 wpa_printf(MSG_DEBUG,
9408 "nl80211: NL80211_CMD_SET_TX_BITRATE_MASK (ifindex=%d %s)",
9409 ifindex, disabled ? "NL80211_TXRATE_LEGACY=OFDM-only" :
9410 "no NL80211_TXRATE_LEGACY constraint");
9411
9412 msg = nl80211_ifindex_msg(drv, ifindex, 0,
9413 NL80211_CMD_SET_TX_BITRATE_MASK);
9414 if (!msg)
9415 return -1;
9416
9417 bands = nla_nest_start(msg, NL80211_ATTR_TX_RATES);
9418 if (!bands)
9419 goto fail;
9420
9421 /*
9422 * Disable 2 GHz rates 1, 2, 5.5, 11 Mbps by masking out everything
9423 * else apart from 6, 9, 12, 18, 24, 36, 48, 54 Mbps from non-MCS
9424 * rates. All 5 GHz rates are left enabled.
9425 */
9426 band = nla_nest_start(msg, NL80211_BAND_2GHZ);
9427 if (!band ||
9428 (disabled && nla_put(msg, NL80211_TXRATE_LEGACY, 8,
9429 "\x0c\x12\x18\x24\x30\x48\x60\x6c")))
9430 goto fail;
9431 nla_nest_end(msg, band);
9432
9433 nla_nest_end(msg, bands);
9434
9435 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
9436 if (ret) {
9437 wpa_printf(MSG_DEBUG, "nl80211: Set TX rates failed: ret=%d "
9438 "(%s)", ret, strerror(-ret));
9439 } else
9440 drv->disabled_11b_rates = disabled;
9441
9442 return ret;
9443
9444 fail:
9445 nlmsg_free(msg);
9446 return -1;
9447 }
9448
9449
nl80211_remove_links(struct i802_bss * bss)9450 static void nl80211_remove_links(struct i802_bss *bss)
9451 {
9452 struct wpa_driver_nl80211_data *drv = bss->drv;
9453 struct nl_msg *msg;
9454 int ret;
9455 u8 link_id;
9456
9457 while (bss->links[0].link_id != NL80211_DRV_LINK_ID_NA) {
9458 struct i802_link *link = &bss->links[0];
9459
9460 wpa_printf(MSG_DEBUG, "nl80211: MLD: remove link_id=%u",
9461 link->link_id);
9462
9463 wpa_driver_nl80211_del_beacon(bss, link);
9464
9465 link_id = link->link_id;
9466
9467 /* First remove the link locally */
9468 if (bss->n_links == 1) {
9469 bss->flink->link_id = NL80211_DRV_LINK_ID_NA;
9470 os_memcpy(bss->flink->addr, bss->addr, ETH_ALEN);
9471 } else {
9472 struct i802_link *other = &bss->links[bss->n_links - 1];
9473
9474 os_memcpy(link, other, sizeof(*link));
9475 other->link_id = NL80211_DRV_LINK_ID_NA;
9476 os_memset(other->addr, 0, ETH_ALEN);
9477
9478 bss->n_links--;
9479 }
9480
9481 /* Remove the link from the kernel */
9482 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_REMOVE_LINK);
9483 if (!msg ||
9484 nla_put_u8(msg, NL80211_ATTR_MLO_LINK_ID, link_id)) {
9485 nlmsg_free(msg);
9486 wpa_printf(MSG_ERROR,
9487 "nl80211: remove link (%d) failed",
9488 link_id);
9489 return;
9490 }
9491
9492 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
9493 if (ret) {
9494 wpa_printf(MSG_ERROR,
9495 "nl80211: remove link (%d) failed. ret=%d (%s)",
9496 link_id, ret, strerror(-ret));
9497 return;
9498 }
9499 }
9500 }
9501
9502
wpa_driver_nl80211_deinit_ap(void * priv)9503 static int wpa_driver_nl80211_deinit_ap(void *priv)
9504 {
9505 struct i802_bss *bss = priv;
9506 struct wpa_driver_nl80211_data *drv = bss->drv;
9507
9508 if (!is_ap_interface(drv->nlmode))
9509 return -1;
9510
9511 /* Stop beaconing */
9512 wpa_driver_nl80211_del_beacon(bss, bss->flink);
9513
9514 nl80211_remove_links(bss);
9515
9516 /*
9517 * If the P2P GO interface was dynamically added, then it is
9518 * possible that the interface change to station is not possible.
9519 */
9520 if (drv->nlmode == NL80211_IFTYPE_P2P_GO && bss->if_dynamic)
9521 return 0;
9522
9523 return wpa_driver_nl80211_set_mode(priv, NL80211_IFTYPE_STATION);
9524 }
9525
9526
wpa_driver_nl80211_stop_ap(void * priv)9527 static int wpa_driver_nl80211_stop_ap(void *priv)
9528 {
9529 struct i802_bss *bss = priv;
9530 struct wpa_driver_nl80211_data *drv = bss->drv;
9531
9532 if (!is_ap_interface(drv->nlmode))
9533 return -1;
9534
9535 wpa_driver_nl80211_del_beacon_all(bss);
9536
9537 return 0;
9538 }
9539
9540
wpa_driver_nl80211_deinit_p2p_cli(void * priv)9541 static int wpa_driver_nl80211_deinit_p2p_cli(void *priv)
9542 {
9543 struct i802_bss *bss = priv;
9544 struct wpa_driver_nl80211_data *drv = bss->drv;
9545 if (drv->nlmode != NL80211_IFTYPE_P2P_CLIENT)
9546 return -1;
9547
9548 /*
9549 * If the P2P Client interface was dynamically added, then it is
9550 * possible that the interface change to station is not possible.
9551 */
9552 if (bss->if_dynamic)
9553 return 0;
9554
9555 return wpa_driver_nl80211_set_mode(priv, NL80211_IFTYPE_STATION);
9556 }
9557
9558
wpa_driver_nl80211_resume(void * priv)9559 static void wpa_driver_nl80211_resume(void *priv)
9560 {
9561 struct i802_bss *bss = priv;
9562 enum nl80211_iftype nlmode = nl80211_get_ifmode(bss);
9563
9564 if (i802_set_iface_flags(bss, 1))
9565 wpa_printf(MSG_DEBUG, "nl80211: Failed to set interface up on resume event");
9566
9567 if (is_p2p_net_interface(nlmode))
9568 nl80211_disable_11b_rates(bss->drv, bss->drv->ifindex, 1);
9569 }
9570
9571
nl80211_signal_monitor(void * priv,int threshold,int hysteresis)9572 static int nl80211_signal_monitor(void *priv, int threshold, int hysteresis)
9573 {
9574 struct i802_bss *bss = priv;
9575 struct wpa_driver_nl80211_data *drv = bss->drv;
9576 struct nl_msg *msg;
9577 struct nlattr *cqm;
9578
9579 wpa_printf(MSG_DEBUG, "nl80211: Signal monitor threshold=%d "
9580 "hysteresis=%d", threshold, hysteresis);
9581
9582 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_CQM)) ||
9583 !(cqm = nla_nest_start(msg, NL80211_ATTR_CQM)) ||
9584 nla_put_u32(msg, NL80211_ATTR_CQM_RSSI_THOLD, threshold) ||
9585 nla_put_u32(msg, NL80211_ATTR_CQM_RSSI_HYST, hysteresis)) {
9586 nlmsg_free(msg);
9587 return -1;
9588 }
9589 nla_nest_end(msg, cqm);
9590
9591 return send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
9592 }
9593
9594
get_channel_width(struct nl_msg * msg,void * arg)9595 static int get_channel_width(struct nl_msg *msg, void *arg)
9596 {
9597 struct nlattr *tb[NL80211_ATTR_MAX + 1];
9598 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
9599 struct wpa_signal_info *sig_change = arg;
9600
9601 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
9602 genlmsg_attrlen(gnlh, 0), NULL);
9603
9604 sig_change->center_frq1 = -1;
9605 sig_change->center_frq2 = -1;
9606 sig_change->chanwidth = CHAN_WIDTH_UNKNOWN;
9607
9608 if (tb[NL80211_ATTR_CHANNEL_WIDTH]) {
9609 sig_change->chanwidth = convert2width(
9610 nla_get_u32(tb[NL80211_ATTR_CHANNEL_WIDTH]));
9611 if (tb[NL80211_ATTR_CENTER_FREQ1])
9612 sig_change->center_frq1 =
9613 nla_get_u32(tb[NL80211_ATTR_CENTER_FREQ1]);
9614 if (tb[NL80211_ATTR_CENTER_FREQ2])
9615 sig_change->center_frq2 =
9616 nla_get_u32(tb[NL80211_ATTR_CENTER_FREQ2]);
9617 }
9618
9619 return NL_SKIP;
9620 }
9621
9622
nl80211_get_channel_width(struct wpa_driver_nl80211_data * drv,struct wpa_signal_info * sig)9623 static int nl80211_get_channel_width(struct wpa_driver_nl80211_data *drv,
9624 struct wpa_signal_info *sig)
9625 {
9626 struct nl_msg *msg;
9627
9628 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_GET_INTERFACE);
9629 return send_and_recv_msgs(drv, msg, get_channel_width, sig, NULL, NULL);
9630 }
9631
9632
nl80211_signal_poll(void * priv,struct wpa_signal_info * si)9633 static int nl80211_signal_poll(void *priv, struct wpa_signal_info *si)
9634 {
9635 struct i802_bss *bss = priv;
9636 struct wpa_driver_nl80211_data *drv = bss->drv;
9637 int res;
9638
9639 os_memset(si, 0, sizeof(*si));
9640 res = nl80211_get_link_signal(drv, drv->bssid, &si->data);
9641 if (res) {
9642 if (drv->nlmode != NL80211_IFTYPE_ADHOC &&
9643 drv->nlmode != NL80211_IFTYPE_MESH_POINT)
9644 return res;
9645 si->data.signal = 0;
9646 }
9647
9648 res = nl80211_get_channel_width(drv, si);
9649 if (res != 0)
9650 return res;
9651
9652 return nl80211_get_link_noise(drv, si);
9653 }
9654
9655
get_links_noise(struct nl_msg * msg,void * arg)9656 static int get_links_noise(struct nl_msg *msg, void *arg)
9657 {
9658 struct nlattr *tb[NL80211_ATTR_MAX + 1];
9659 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
9660 struct nlattr *sinfo[NL80211_SURVEY_INFO_MAX + 1];
9661 static struct nla_policy survey_policy[NL80211_SURVEY_INFO_MAX + 1] = {
9662 [NL80211_SURVEY_INFO_FREQUENCY] = { .type = NLA_U32 },
9663 [NL80211_SURVEY_INFO_NOISE] = { .type = NLA_U8 },
9664 };
9665 struct wpa_mlo_signal_info *mlo_sig = arg;
9666 int i;
9667
9668 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
9669 genlmsg_attrlen(gnlh, 0), NULL);
9670
9671 if (!tb[NL80211_ATTR_SURVEY_INFO]) {
9672 wpa_printf(MSG_DEBUG, "nl80211: Survey data missing");
9673 return NL_SKIP;
9674 }
9675
9676 if (nla_parse_nested(sinfo, NL80211_SURVEY_INFO_MAX,
9677 tb[NL80211_ATTR_SURVEY_INFO],
9678 survey_policy)) {
9679 wpa_printf(MSG_DEBUG,
9680 "nl80211: Failed to parse nested attributes");
9681 return NL_SKIP;
9682 }
9683
9684 if (!sinfo[NL80211_SURVEY_INFO_FREQUENCY])
9685 return NL_SKIP;
9686
9687 if (!sinfo[NL80211_SURVEY_INFO_NOISE])
9688 return NL_SKIP;
9689
9690 for (i = 0; i < MAX_NUM_MLD_LINKS; i++) {
9691 if (!(mlo_sig->valid_links & BIT(i)))
9692 continue;
9693
9694 if (nla_get_u32(sinfo[NL80211_SURVEY_INFO_FREQUENCY]) !=
9695 mlo_sig->links[i].frequency)
9696 continue;
9697
9698 mlo_sig->links[i].current_noise =
9699 (s8) nla_get_u8(sinfo[NL80211_SURVEY_INFO_NOISE]);
9700 break;
9701 }
9702
9703 return NL_SKIP;
9704 }
9705
9706
nl80211_get_links_noise(struct wpa_driver_nl80211_data * drv,struct wpa_mlo_signal_info * mlo_sig)9707 static int nl80211_get_links_noise(struct wpa_driver_nl80211_data *drv,
9708 struct wpa_mlo_signal_info *mlo_sig)
9709 {
9710 struct nl_msg *msg;
9711
9712 msg = nl80211_drv_msg(drv, NLM_F_DUMP, NL80211_CMD_GET_SURVEY);
9713 return send_and_recv_msgs(drv, msg, get_links_noise, mlo_sig,
9714 NULL, NULL);
9715 }
9716
9717
get_links_channel_width(struct nl_msg * msg,void * arg)9718 static int get_links_channel_width(struct nl_msg *msg, void *arg)
9719 {
9720 struct nlattr *tb[NL80211_ATTR_MAX + 1];
9721 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
9722 struct wpa_mlo_signal_info *mlo_sig = arg;
9723 struct nlattr *link;
9724 int rem_links;
9725
9726 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
9727 genlmsg_attrlen(gnlh, 0), NULL);
9728
9729 if (!tb[NL80211_ATTR_MLO_LINKS])
9730 return NL_SKIP;
9731
9732 nla_for_each_nested(link, tb[NL80211_ATTR_MLO_LINKS], rem_links) {
9733 struct nlattr *tb2[NL80211_ATTR_MAX + 1];
9734 int link_id;
9735
9736 nla_parse(tb2, NL80211_ATTR_MAX, nla_data(link), nla_len(link),
9737 NULL);
9738
9739 if (!tb2[NL80211_ATTR_MLO_LINK_ID])
9740 continue;
9741
9742 link_id = nla_get_u8(tb2[NL80211_ATTR_MLO_LINK_ID]);
9743 if (link_id >= MAX_NUM_MLD_LINKS)
9744 continue;
9745
9746 if (!tb2[NL80211_ATTR_CHANNEL_WIDTH])
9747 continue;
9748 mlo_sig->links[link_id].chanwidth = convert2width(
9749 nla_get_u32(tb2[NL80211_ATTR_CHANNEL_WIDTH]));
9750 if (tb2[NL80211_ATTR_CENTER_FREQ1])
9751 mlo_sig->links[link_id].center_frq1 =
9752 nla_get_u32(tb2[NL80211_ATTR_CENTER_FREQ1]);
9753 if (tb2[NL80211_ATTR_CENTER_FREQ2])
9754 mlo_sig->links[link_id].center_frq2 =
9755 nla_get_u32(tb2[NL80211_ATTR_CENTER_FREQ2]);
9756 }
9757
9758 return NL_SKIP;
9759 }
9760
9761
nl80211_get_links_channel_width(struct wpa_driver_nl80211_data * drv,struct wpa_mlo_signal_info * mlo_sig)9762 static int nl80211_get_links_channel_width(struct wpa_driver_nl80211_data *drv,
9763 struct wpa_mlo_signal_info *mlo_sig)
9764 {
9765 struct nl_msg *msg;
9766
9767 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_GET_INTERFACE);
9768 return send_and_recv_msgs(drv, msg, get_links_channel_width, mlo_sig,
9769 NULL, NULL);
9770 }
9771
9772
nl80211_mlo_signal_poll(void * priv,struct wpa_mlo_signal_info * mlo_si)9773 static int nl80211_mlo_signal_poll(void *priv,
9774 struct wpa_mlo_signal_info *mlo_si)
9775 {
9776 struct i802_bss *bss = priv;
9777 struct wpa_driver_nl80211_data *drv = bss->drv;
9778 int res;
9779 int i;
9780
9781 if (drv->nlmode != NL80211_IFTYPE_STATION ||
9782 !drv->sta_mlo_info.valid_links)
9783 return -1;
9784
9785 os_memset(mlo_si, 0, sizeof(*mlo_si));
9786 mlo_si->valid_links = drv->sta_mlo_info.valid_links;
9787
9788 for (i = 0; i < MAX_NUM_MLD_LINKS; i++) {
9789 if (!(mlo_si->valid_links & BIT(i)))
9790 continue;
9791
9792 res = nl80211_get_link_signal(drv,
9793 drv->sta_mlo_info.links[i].bssid,
9794 &mlo_si->links[i].data);
9795 if (res != 0)
9796 return res;
9797
9798 mlo_si->links[i].center_frq1 = -1;
9799 mlo_si->links[i].center_frq2 = -1;
9800 mlo_si->links[i].chanwidth = CHAN_WIDTH_UNKNOWN;
9801 mlo_si->links[i].current_noise = WPA_INVALID_NOISE;
9802 mlo_si->links[i].frequency = drv->sta_mlo_info.links[i].freq;
9803 }
9804
9805 res = nl80211_get_links_channel_width(drv, mlo_si);
9806 if (res != 0)
9807 return res;
9808
9809 return nl80211_get_links_noise(drv, mlo_si);
9810 }
9811
9812
nl80211_set_param(void * priv,const char * param)9813 static int nl80211_set_param(void *priv, const char *param)
9814 {
9815 struct i802_bss *bss = priv;
9816 struct wpa_driver_nl80211_data *drv = bss->drv;
9817
9818 if (param == NULL)
9819 return 0;
9820 wpa_printf(MSG_DEBUG, "nl80211: driver param='%s'", param);
9821
9822 #ifdef CONFIG_P2P
9823 if (os_strstr(param, "use_p2p_group_interface=1")) {
9824 wpa_printf(MSG_DEBUG, "nl80211: Use separate P2P group "
9825 "interface");
9826 drv->capa.flags |= WPA_DRIVER_FLAGS_P2P_CONCURRENT;
9827 drv->capa.flags |= WPA_DRIVER_FLAGS_P2P_MGMT_AND_NON_P2P;
9828 }
9829 #endif /* CONFIG_P2P */
9830
9831 if (os_strstr(param, "use_monitor=1"))
9832 drv->use_monitor = 1;
9833
9834 if (os_strstr(param, "force_connect_cmd=1")) {
9835 drv->capa.flags &= ~WPA_DRIVER_FLAGS_SME;
9836 drv->force_connect_cmd = 1;
9837 }
9838
9839 if (os_strstr(param, "force_bss_selection=1"))
9840 drv->capa.flags |= WPA_DRIVER_FLAGS_BSS_SELECTION;
9841
9842 if (os_strstr(param, "no_offchannel_tx=1")) {
9843 drv->capa.flags &= ~WPA_DRIVER_FLAGS_OFFCHANNEL_TX;
9844 drv->test_use_roc_tx = 1;
9845 }
9846
9847 if (os_strstr(param, "control_port=0")) {
9848 drv->capa.flags &= ~WPA_DRIVER_FLAGS_CONTROL_PORT;
9849 drv->capa.flags2 &= ~(WPA_DRIVER_FLAGS2_CONTROL_PORT_RX |
9850 WPA_DRIVER_FLAGS2_CONTROL_PORT_TX_STATUS);
9851 drv->control_port_ap = 0;
9852 }
9853
9854 if (os_strstr(param, "control_port_ap=1"))
9855 drv->control_port_ap = 1;
9856
9857 if (os_strstr(param, "control_port_ap=0")) {
9858 drv->capa.flags2 &= ~WPA_DRIVER_FLAGS2_CONTROL_PORT_TX_STATUS;
9859 drv->control_port_ap = 0;
9860 }
9861
9862 if (os_strstr(param, "full_ap_client_state=0"))
9863 drv->capa.flags &= ~WPA_DRIVER_FLAGS_FULL_AP_CLIENT_STATE;
9864
9865 if (os_strstr(param, "no_rrm=1")) {
9866 drv->no_rrm = 1;
9867
9868 if (!bss->in_deinit && !is_ap_interface(drv->nlmode) &&
9869 !is_mesh_interface(drv->nlmode)) {
9870 nl80211_mgmt_unsubscribe(bss, "no_rrm=1");
9871 if (nl80211_mgmt_subscribe_non_ap(bss) < 0)
9872 wpa_printf(MSG_DEBUG,
9873 "nl80211: Failed to re-register Action frame processing - ignore for now");
9874 }
9875 }
9876
9877 if (os_strstr(param, "secure_ltf=1")) {
9878 drv->capa.flags2 |= WPA_DRIVER_FLAGS2_SEC_LTF_STA |
9879 WPA_DRIVER_FLAGS2_SEC_LTF_AP;
9880 }
9881
9882 return 0;
9883 }
9884
9885
nl80211_global_init(void * ctx)9886 static void * nl80211_global_init(void *ctx)
9887 {
9888 struct nl80211_global *global;
9889 struct netlink_config *cfg;
9890
9891 global = os_zalloc(sizeof(*global));
9892 if (global == NULL)
9893 return NULL;
9894 global->ctx = ctx;
9895 global->ioctl_sock = -1;
9896 dl_list_init(&global->interfaces);
9897 global->if_add_ifindex = -1;
9898
9899 cfg = os_zalloc(sizeof(*cfg));
9900 if (cfg == NULL)
9901 goto err;
9902
9903 cfg->ctx = global;
9904 cfg->newlink_cb = wpa_driver_nl80211_event_rtm_newlink;
9905 cfg->dellink_cb = wpa_driver_nl80211_event_rtm_dellink;
9906 global->netlink = netlink_init(cfg);
9907 if (global->netlink == NULL) {
9908 os_free(cfg);
9909 goto err;
9910 }
9911
9912 if (wpa_driver_nl80211_init_nl_global(global) < 0)
9913 goto err;
9914
9915 global->ioctl_sock = socket(PF_INET, SOCK_DGRAM, 0);
9916 if (global->ioctl_sock < 0) {
9917 wpa_printf(MSG_ERROR, "nl80211: socket(PF_INET,SOCK_DGRAM) failed: %s",
9918 strerror(errno));
9919 goto err;
9920 }
9921
9922 return global;
9923
9924 err:
9925 nl80211_global_deinit(global);
9926 return NULL;
9927 }
9928
9929
nl80211_global_deinit(void * priv)9930 static void nl80211_global_deinit(void *priv)
9931 {
9932 struct nl80211_global *global = priv;
9933 if (global == NULL)
9934 return;
9935 if (!dl_list_empty(&global->interfaces)) {
9936 wpa_printf(MSG_ERROR, "nl80211: %u interface(s) remain at "
9937 "nl80211_global_deinit",
9938 dl_list_len(&global->interfaces));
9939 }
9940
9941 if (global->netlink)
9942 netlink_deinit(global->netlink);
9943
9944 nl_destroy_handles(&global->nl);
9945
9946 if (global->nl_event)
9947 nl80211_destroy_eloop_handle(&global->nl_event, 0);
9948
9949 nl_cb_put(global->nl_cb);
9950
9951 if (global->ioctl_sock >= 0)
9952 close(global->ioctl_sock);
9953
9954 os_free(global);
9955 }
9956
9957
nl80211_get_radio_name(void * priv)9958 static const char * nl80211_get_radio_name(void *priv)
9959 {
9960 struct i802_bss *bss = priv;
9961 struct wpa_driver_nl80211_data *drv = bss->drv;
9962 return drv->phyname;
9963 }
9964
9965
nl80211_pmkid(struct i802_bss * bss,int cmd,struct wpa_pmkid_params * params,bool skip_pmk)9966 static int nl80211_pmkid(struct i802_bss *bss, int cmd,
9967 struct wpa_pmkid_params *params, bool skip_pmk)
9968 {
9969 struct nl_msg *msg;
9970
9971 if (cmd == NL80211_CMD_SET_PMKSA)
9972 wpa_printf(MSG_DEBUG,
9973 "nl80211: NL80211_CMD_SET_PMKSA with skip_pmk=%s pmk_len=%zu",
9974 skip_pmk ? "true" : "false", params->pmk_len);
9975
9976 if (!(msg = nl80211_bss_msg(bss, 0, cmd)) ||
9977 (params->pmkid &&
9978 nla_put(msg, NL80211_ATTR_PMKID, 16, params->pmkid)) ||
9979 (params->bssid &&
9980 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid)) ||
9981 (params->ssid_len &&
9982 nla_put(msg, NL80211_ATTR_SSID, params->ssid_len, params->ssid)) ||
9983 (params->fils_cache_id &&
9984 nla_put(msg, NL80211_ATTR_FILS_CACHE_ID, 2,
9985 params->fils_cache_id)) ||
9986 (params->pmk_lifetime &&
9987 nla_put_u32(msg, NL80211_ATTR_PMK_LIFETIME,
9988 params->pmk_lifetime)) ||
9989 (params->pmk_reauth_threshold &&
9990 nla_put_u8(msg, NL80211_ATTR_PMK_REAUTH_THRESHOLD,
9991 params->pmk_reauth_threshold)) ||
9992 (cmd != NL80211_CMD_DEL_PMKSA &&
9993 params->pmk_len && !skip_pmk &&
9994 nla_put(msg, NL80211_ATTR_PMK, params->pmk_len, params->pmk))) {
9995 nl80211_nlmsg_clear(msg);
9996 nlmsg_free(msg);
9997 return -ENOBUFS;
9998 }
9999
10000 return send_and_recv_msgs(bss->drv, msg, NULL, NULL, NULL, NULL);
10001 }
10002
10003
nl80211_add_pmkid(void * priv,struct wpa_pmkid_params * params)10004 static int nl80211_add_pmkid(void *priv, struct wpa_pmkid_params *params)
10005 {
10006 struct i802_bss *bss = priv;
10007 const size_t PMK_MAX_LEN = 64; /* current cfg80211 limit */
10008 const size_t LEGACY_PMK_MAX_LEN = 48; /* old cfg80211 limit */
10009 bool skip_pmk = params->pmk_len > PMK_MAX_LEN;
10010 int ret;
10011
10012 if (params->bssid)
10013 wpa_printf(MSG_DEBUG, "nl80211: Add PMKID for " MACSTR,
10014 MAC2STR(params->bssid));
10015 else if (params->fils_cache_id && params->ssid_len) {
10016 wpa_printf(MSG_DEBUG,
10017 "nl80211: Add PMKSA for cache id %02x%02x SSID %s",
10018 params->fils_cache_id[0], params->fils_cache_id[1],
10019 wpa_ssid_txt(params->ssid, params->ssid_len));
10020 }
10021
10022 ret = nl80211_pmkid(bss, NL80211_CMD_SET_PMKSA, params, skip_pmk);
10023 /*
10024 * Try again by skipping PMK if the first attempt failed with ERANGE
10025 * error, PMK was not skipped, and PMK length is greater than the
10026 * legacy kernel maximum allowed limit.
10027 */
10028 if (ret == -ERANGE && !skip_pmk &&
10029 params->pmk_len > LEGACY_PMK_MAX_LEN)
10030 ret = nl80211_pmkid(bss, NL80211_CMD_SET_PMKSA, params, true);
10031 if (ret < 0) {
10032 wpa_printf(MSG_DEBUG,
10033 "nl80211: NL80211_CMD_SET_PMKSA failed: %d (%s)",
10034 ret, strerror(-ret));
10035 }
10036
10037 return ret;
10038 }
10039
10040
nl80211_remove_pmkid(void * priv,struct wpa_pmkid_params * params)10041 static int nl80211_remove_pmkid(void *priv, struct wpa_pmkid_params *params)
10042 {
10043 struct i802_bss *bss = priv;
10044 int ret;
10045
10046 if (params->bssid)
10047 wpa_printf(MSG_DEBUG, "nl80211: Delete PMKID for " MACSTR,
10048 MAC2STR(params->bssid));
10049 else if (params->fils_cache_id && params->ssid_len) {
10050 wpa_printf(MSG_DEBUG,
10051 "nl80211: Delete PMKSA for cache id %02x%02x SSID %s",
10052 params->fils_cache_id[0], params->fils_cache_id[1],
10053 wpa_ssid_txt(params->ssid, params->ssid_len));
10054 }
10055
10056 ret = nl80211_pmkid(bss, NL80211_CMD_DEL_PMKSA, params, true);
10057 if (ret < 0) {
10058 wpa_printf(MSG_DEBUG,
10059 "nl80211: NL80211_CMD_DEL_PMKSA failed: %d (%s)",
10060 ret, strerror(-ret));
10061 }
10062
10063 return ret;
10064 }
10065
10066
nl80211_flush_pmkid(void * priv)10067 static int nl80211_flush_pmkid(void *priv)
10068 {
10069 struct i802_bss *bss = priv;
10070 struct nl_msg *msg;
10071
10072 wpa_printf(MSG_DEBUG, "nl80211: Flush PMKIDs");
10073 msg = nl80211_bss_msg(bss, 0, NL80211_CMD_FLUSH_PMKSA);
10074 if (!msg)
10075 return -ENOBUFS;
10076 return send_and_recv_msgs(bss->drv, msg, NULL, NULL, NULL, NULL);
10077 }
10078
10079
clean_survey_results(struct survey_results * survey_results)10080 static void clean_survey_results(struct survey_results *survey_results)
10081 {
10082 struct freq_survey *survey, *tmp;
10083
10084 if (dl_list_empty(&survey_results->survey_list))
10085 return;
10086
10087 dl_list_for_each_safe(survey, tmp, &survey_results->survey_list,
10088 struct freq_survey, list) {
10089 dl_list_del(&survey->list);
10090 os_free(survey);
10091 }
10092 }
10093
10094
add_survey(struct nlattr ** sinfo,u32 ifidx,struct dl_list * survey_list)10095 static void add_survey(struct nlattr **sinfo, u32 ifidx,
10096 struct dl_list *survey_list)
10097 {
10098 struct freq_survey *survey;
10099
10100 survey = os_zalloc(sizeof(struct freq_survey));
10101 if (!survey)
10102 return;
10103
10104 survey->ifidx = ifidx;
10105 survey->freq = nla_get_u32(sinfo[NL80211_SURVEY_INFO_FREQUENCY]);
10106 survey->filled = 0;
10107
10108 if (sinfo[NL80211_SURVEY_INFO_NOISE]) {
10109 survey->nf = (int8_t)
10110 nla_get_u8(sinfo[NL80211_SURVEY_INFO_NOISE]);
10111 survey->filled |= SURVEY_HAS_NF;
10112 }
10113
10114 if (sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME]) {
10115 survey->channel_time =
10116 nla_get_u64(sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME]);
10117 survey->filled |= SURVEY_HAS_CHAN_TIME;
10118 }
10119
10120 if (sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_BUSY]) {
10121 survey->channel_time_busy =
10122 nla_get_u64(sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_BUSY]);
10123 survey->filled |= SURVEY_HAS_CHAN_TIME_BUSY;
10124 }
10125
10126 if (sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_RX]) {
10127 survey->channel_time_rx =
10128 nla_get_u64(sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_RX]);
10129 survey->filled |= SURVEY_HAS_CHAN_TIME_RX;
10130 }
10131
10132 if (sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_TX]) {
10133 survey->channel_time_tx =
10134 nla_get_u64(sinfo[NL80211_SURVEY_INFO_CHANNEL_TIME_TX]);
10135 survey->filled |= SURVEY_HAS_CHAN_TIME_TX;
10136 }
10137
10138 wpa_printf(MSG_DEBUG, "nl80211: Freq survey dump event (freq=%d MHz noise=%d channel_time=%ld busy_time=%ld tx_time=%ld rx_time=%ld filled=%04x)",
10139 survey->freq,
10140 survey->nf,
10141 (unsigned long int) survey->channel_time,
10142 (unsigned long int) survey->channel_time_busy,
10143 (unsigned long int) survey->channel_time_tx,
10144 (unsigned long int) survey->channel_time_rx,
10145 survey->filled);
10146
10147 dl_list_add_tail(survey_list, &survey->list);
10148 }
10149
10150
check_survey_ok(struct nlattr ** sinfo,u32 surveyed_freq,unsigned int freq_filter)10151 static int check_survey_ok(struct nlattr **sinfo, u32 surveyed_freq,
10152 unsigned int freq_filter)
10153 {
10154 if (!freq_filter)
10155 return 1;
10156
10157 return freq_filter == surveyed_freq;
10158 }
10159
10160
survey_handler(struct nl_msg * msg,void * arg)10161 static int survey_handler(struct nl_msg *msg, void *arg)
10162 {
10163 struct nlattr *tb[NL80211_ATTR_MAX + 1];
10164 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
10165 struct nlattr *sinfo[NL80211_SURVEY_INFO_MAX + 1];
10166 struct survey_results *survey_results;
10167 u32 surveyed_freq = 0;
10168 u32 ifidx;
10169
10170 static struct nla_policy survey_policy[NL80211_SURVEY_INFO_MAX + 1] = {
10171 [NL80211_SURVEY_INFO_FREQUENCY] = { .type = NLA_U32 },
10172 [NL80211_SURVEY_INFO_NOISE] = { .type = NLA_U8 },
10173 };
10174
10175 survey_results = (struct survey_results *) arg;
10176
10177 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
10178 genlmsg_attrlen(gnlh, 0), NULL);
10179
10180 if (!tb[NL80211_ATTR_IFINDEX])
10181 return NL_SKIP;
10182
10183 ifidx = nla_get_u32(tb[NL80211_ATTR_IFINDEX]);
10184
10185 if (!tb[NL80211_ATTR_SURVEY_INFO])
10186 return NL_SKIP;
10187
10188 if (nla_parse_nested(sinfo, NL80211_SURVEY_INFO_MAX,
10189 tb[NL80211_ATTR_SURVEY_INFO],
10190 survey_policy))
10191 return NL_SKIP;
10192
10193 if (!sinfo[NL80211_SURVEY_INFO_FREQUENCY]) {
10194 wpa_printf(MSG_ERROR, "nl80211: Invalid survey data");
10195 return NL_SKIP;
10196 }
10197
10198 surveyed_freq = nla_get_u32(sinfo[NL80211_SURVEY_INFO_FREQUENCY]);
10199
10200 if (!check_survey_ok(sinfo, surveyed_freq,
10201 survey_results->freq_filter))
10202 return NL_SKIP;
10203
10204 if (survey_results->freq_filter &&
10205 survey_results->freq_filter != surveyed_freq) {
10206 wpa_printf(MSG_EXCESSIVE, "nl80211: Ignoring survey data for freq %d MHz",
10207 surveyed_freq);
10208 return NL_SKIP;
10209 }
10210
10211 add_survey(sinfo, ifidx, &survey_results->survey_list);
10212
10213 return NL_SKIP;
10214 }
10215
10216
wpa_driver_nl80211_get_survey(void * priv,unsigned int freq)10217 static int wpa_driver_nl80211_get_survey(void *priv, unsigned int freq)
10218 {
10219 struct i802_bss *bss = priv;
10220 struct wpa_driver_nl80211_data *drv = bss->drv;
10221 struct nl_msg *msg;
10222 int err;
10223 union wpa_event_data data;
10224 struct survey_results *survey_results;
10225
10226 os_memset(&data, 0, sizeof(data));
10227 survey_results = &data.survey_results;
10228
10229 dl_list_init(&survey_results->survey_list);
10230
10231 msg = nl80211_drv_msg(drv, NLM_F_DUMP, NL80211_CMD_GET_SURVEY);
10232 if (!msg)
10233 return -ENOBUFS;
10234
10235 if (freq)
10236 data.survey_results.freq_filter = freq;
10237
10238 do {
10239 wpa_printf(MSG_DEBUG, "nl80211: Fetch survey data");
10240 err = send_and_recv_msgs(drv, msg, survey_handler,
10241 survey_results, NULL, NULL);
10242 } while (err > 0);
10243
10244 if (err)
10245 wpa_printf(MSG_ERROR, "nl80211: Failed to process survey data");
10246 else
10247 wpa_supplicant_event(drv->ctx, EVENT_SURVEY, &data);
10248
10249 clean_survey_results(survey_results);
10250 return err;
10251 }
10252
10253
nl80211_set_rekey_info(void * priv,const u8 * kek,size_t kek_len,const u8 * kck,size_t kck_len,const u8 * replay_ctr)10254 static void nl80211_set_rekey_info(void *priv, const u8 *kek, size_t kek_len,
10255 const u8 *kck, size_t kck_len,
10256 const u8 *replay_ctr)
10257 {
10258 struct i802_bss *bss = priv;
10259 struct wpa_driver_nl80211_data *drv = bss->drv;
10260 struct nlattr *replay_nested;
10261 struct nl_msg *msg;
10262 int ret;
10263
10264 if (!drv->set_rekey_offload)
10265 return;
10266
10267 wpa_printf(MSG_DEBUG, "nl80211: Set rekey offload");
10268 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_REKEY_OFFLOAD)) ||
10269 !(replay_nested = nla_nest_start(msg, NL80211_ATTR_REKEY_DATA)) ||
10270 nla_put(msg, NL80211_REKEY_DATA_KEK, kek_len, kek) ||
10271 (kck_len && nla_put(msg, NL80211_REKEY_DATA_KCK, kck_len, kck)) ||
10272 nla_put(msg, NL80211_REKEY_DATA_REPLAY_CTR, NL80211_REPLAY_CTR_LEN,
10273 replay_ctr)) {
10274 nl80211_nlmsg_clear(msg);
10275 nlmsg_free(msg);
10276 return;
10277 }
10278
10279 nla_nest_end(msg, replay_nested);
10280
10281 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
10282 if (ret == -EOPNOTSUPP) {
10283 wpa_printf(MSG_DEBUG,
10284 "nl80211: Driver does not support rekey offload");
10285 drv->set_rekey_offload = 0;
10286 }
10287 }
10288
10289
nl80211_send_null_frame(struct i802_bss * bss,const u8 * own_addr,const u8 * addr,int qos)10290 static void nl80211_send_null_frame(struct i802_bss *bss, const u8 *own_addr,
10291 const u8 *addr, int qos)
10292 {
10293 /* send data frame to poll STA and check whether
10294 * this frame is ACKed */
10295 struct {
10296 struct ieee80211_hdr hdr;
10297 u16 qos_ctl;
10298 } STRUCT_PACKED nulldata;
10299 size_t size;
10300
10301 /* Send data frame to poll STA and check whether this frame is ACKed */
10302
10303 os_memset(&nulldata, 0, sizeof(nulldata));
10304
10305 if (qos) {
10306 nulldata.hdr.frame_control =
10307 IEEE80211_FC(WLAN_FC_TYPE_DATA,
10308 WLAN_FC_STYPE_QOS_NULL);
10309 size = sizeof(nulldata);
10310 } else {
10311 nulldata.hdr.frame_control =
10312 IEEE80211_FC(WLAN_FC_TYPE_DATA,
10313 WLAN_FC_STYPE_NULLFUNC);
10314 size = sizeof(struct ieee80211_hdr);
10315 }
10316
10317 nulldata.hdr.frame_control |= host_to_le16(WLAN_FC_FROMDS);
10318 os_memcpy(nulldata.hdr.IEEE80211_DA_FROMDS, addr, ETH_ALEN);
10319 os_memcpy(nulldata.hdr.IEEE80211_BSSID_FROMDS, own_addr, ETH_ALEN);
10320 os_memcpy(nulldata.hdr.IEEE80211_SA_FROMDS, own_addr, ETH_ALEN);
10321
10322 if (wpa_driver_nl80211_send_mlme(bss, (u8 *) &nulldata, size, 0, 0, 0,
10323 0, 0, NULL, 0, 0, -1) < 0)
10324 wpa_printf(MSG_DEBUG, "nl80211_send_null_frame: Failed to "
10325 "send poll frame");
10326 }
10327
nl80211_poll_client(void * priv,const u8 * own_addr,const u8 * addr,int qos)10328 static void nl80211_poll_client(void *priv, const u8 *own_addr, const u8 *addr,
10329 int qos)
10330 {
10331 struct i802_bss *bss = priv;
10332 struct wpa_driver_nl80211_data *drv = bss->drv;
10333 struct nl_msg *msg;
10334 u64 cookie;
10335 int ret;
10336
10337 if (!drv->poll_command_supported) {
10338 nl80211_send_null_frame(bss, own_addr, addr, qos);
10339 return;
10340 }
10341
10342 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_PROBE_CLIENT)) ||
10343 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) {
10344 nlmsg_free(msg);
10345 return;
10346 }
10347
10348 ret = send_and_recv_msgs(drv, msg, cookie_handler, &cookie, NULL, NULL);
10349 if (ret < 0) {
10350 wpa_printf(MSG_DEBUG, "nl80211: Client probe request for "
10351 MACSTR " failed: ret=%d (%s)",
10352 MAC2STR(addr), ret, strerror(-ret));
10353 } else {
10354 wpa_printf(MSG_DEBUG,
10355 "nl80211: Client probe request addr=" MACSTR
10356 " cookie=%llu", MAC2STR(addr),
10357 (long long unsigned int) cookie);
10358 }
10359 }
10360
10361
nl80211_set_power_save(struct i802_bss * bss,int enabled)10362 static int nl80211_set_power_save(struct i802_bss *bss, int enabled)
10363 {
10364 struct nl_msg *msg;
10365 int ret;
10366
10367 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_POWER_SAVE)) ||
10368 nla_put_u32(msg, NL80211_ATTR_PS_STATE,
10369 enabled ? NL80211_PS_ENABLED : NL80211_PS_DISABLED)) {
10370 nlmsg_free(msg);
10371 return -ENOBUFS;
10372 }
10373
10374 ret = send_and_recv_msgs(bss->drv, msg, NULL, NULL, NULL, NULL);
10375 if (ret < 0) {
10376 wpa_printf(MSG_DEBUG,
10377 "nl80211: Setting PS state %s failed: %d (%s)",
10378 enabled ? "enabled" : "disabled",
10379 ret, strerror(-ret));
10380 }
10381 return ret;
10382 }
10383
10384
nl80211_set_p2p_powersave(void * priv,int legacy_ps,int opp_ps,int ctwindow)10385 static int nl80211_set_p2p_powersave(void *priv, int legacy_ps, int opp_ps,
10386 int ctwindow)
10387 {
10388 struct i802_bss *bss = priv;
10389
10390 wpa_printf(MSG_DEBUG, "nl80211: set_p2p_powersave (legacy_ps=%d "
10391 "opp_ps=%d ctwindow=%d)", legacy_ps, opp_ps, ctwindow);
10392
10393 if (opp_ps != -1 || ctwindow != -1) {
10394 #ifdef ANDROID_P2P
10395 wpa_driver_set_p2p_ps(priv, legacy_ps, opp_ps, ctwindow);
10396 #else /* ANDROID_P2P */
10397 return -1; /* Not yet supported */
10398 #endif /* ANDROID_P2P */
10399 }
10400
10401 if (legacy_ps == -1)
10402 return 0;
10403 if (legacy_ps != 0 && legacy_ps != 1)
10404 return -1; /* Not yet supported */
10405
10406 return nl80211_set_power_save(bss, legacy_ps);
10407 }
10408
10409
nl80211_start_radar_detection(void * priv,struct hostapd_freq_params * freq)10410 static int nl80211_start_radar_detection(void *priv,
10411 struct hostapd_freq_params *freq)
10412 {
10413 struct i802_bss *bss = priv;
10414 struct wpa_driver_nl80211_data *drv = bss->drv;
10415 struct nl_msg *msg;
10416 int ret;
10417
10418 wpa_printf(MSG_DEBUG, "nl80211: Start radar detection (CAC) %d MHz (ht_enabled=%d, vht_enabled=%d, he_enabled=%d, bandwidth=%d MHz, cf1=%d MHz, cf2=%d MHz)",
10419 freq->freq, freq->ht_enabled, freq->vht_enabled, freq->he_enabled,
10420 freq->bandwidth, freq->center_freq1, freq->center_freq2);
10421
10422 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_RADAR)) {
10423 wpa_printf(MSG_DEBUG, "nl80211: Driver does not support radar "
10424 "detection");
10425 return -1;
10426 }
10427
10428 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_RADAR_DETECT)) ||
10429 nl80211_put_freq_params(msg, freq) < 0) {
10430 nlmsg_free(msg);
10431 return -1;
10432 }
10433
10434 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
10435 if (ret == 0)
10436 return 0;
10437 wpa_printf(MSG_DEBUG, "nl80211: Failed to start radar detection: "
10438 "%d (%s)", ret, strerror(-ret));
10439 return -1;
10440 }
10441
10442 #ifdef CONFIG_TDLS
10443
nl80211_add_peer_capab(struct nl_msg * msg,enum tdls_peer_capability capa)10444 static int nl80211_add_peer_capab(struct nl_msg *msg,
10445 enum tdls_peer_capability capa)
10446 {
10447 u32 peer_capab = 0;
10448
10449 if (!capa)
10450 return 0;
10451
10452 if (capa & TDLS_PEER_HT)
10453 peer_capab |= NL80211_TDLS_PEER_HT;
10454 if (capa & TDLS_PEER_VHT)
10455 peer_capab |= NL80211_TDLS_PEER_VHT;
10456 if (capa & TDLS_PEER_WMM)
10457 peer_capab |= NL80211_TDLS_PEER_WMM;
10458 if (capa & TDLS_PEER_HE)
10459 peer_capab |= NL80211_TDLS_PEER_HE;
10460
10461 return nla_put_u32(msg, NL80211_ATTR_TDLS_PEER_CAPABILITY,
10462 peer_capab);
10463 }
10464
10465
10466 static int
nl80211_tdls_set_discovery_resp_link(struct wpa_driver_nl80211_data * drv,int link_id)10467 nl80211_tdls_set_discovery_resp_link(struct wpa_driver_nl80211_data *drv,
10468 int link_id)
10469 {
10470 #ifdef CONFIG_DRIVER_NL80211_QCA
10471 struct nl_msg *msg;
10472 struct nlattr *params;
10473
10474 wpa_printf(MSG_DEBUG, "nl80211: TDLS Discovery Response Tx link ID %u",
10475 link_id);
10476
10477 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) ||
10478 nla_put_u32(msg, NL80211_ATTR_IFINDEX, drv->ifindex) ||
10479 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) ||
10480 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD,
10481 QCA_NL80211_VENDOR_SUBCMD_TDLS_DISC_RSP_EXT) ||
10482 !(params = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) ||
10483 nla_put_u8(msg, QCA_WLAN_VENDOR_ATTR_TDLS_DISC_RSP_EXT_TX_LINK,
10484 link_id)) {
10485 wpa_printf(MSG_ERROR,
10486 "%s: err in adding vendor_cmd and vendor_data",
10487 __func__);
10488 nlmsg_free(msg);
10489 return -1;
10490 }
10491 nla_nest_end(msg, params);
10492
10493 return send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
10494 #else /* CONFIG_DRIVER_NL80211_QCA */
10495 wpa_printf(MSG_ERROR,
10496 "nl80211: Setting TX link for TDLS Discovery Response not supported");
10497 return -1;
10498 #endif /* CONFIG_DRIVER_NL80211_QCA */
10499 }
10500
10501
nl80211_send_tdls_mgmt(void * priv,const u8 * dst,u8 action_code,u8 dialog_token,u16 status_code,u32 peer_capab,int initiator,const u8 * buf,size_t len,int link_id)10502 static int nl80211_send_tdls_mgmt(void *priv, const u8 *dst, u8 action_code,
10503 u8 dialog_token, u16 status_code,
10504 u32 peer_capab, int initiator, const u8 *buf,
10505 size_t len, int link_id)
10506 {
10507 struct i802_bss *bss = priv;
10508 struct wpa_driver_nl80211_data *drv = bss->drv;
10509 struct nl_msg *msg;
10510
10511 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT))
10512 return -EOPNOTSUPP;
10513
10514 if (!dst)
10515 return -EINVAL;
10516
10517 if (link_id >= 0 &&
10518 nl80211_tdls_set_discovery_resp_link(drv, link_id) < 0)
10519 return -EOPNOTSUPP;
10520
10521 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_TDLS_MGMT)) ||
10522 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, dst) ||
10523 nla_put_u8(msg, NL80211_ATTR_TDLS_ACTION, action_code) ||
10524 nla_put_u8(msg, NL80211_ATTR_TDLS_DIALOG_TOKEN, dialog_token) ||
10525 nla_put_u16(msg, NL80211_ATTR_STATUS_CODE, status_code) ||
10526 nl80211_add_peer_capab(msg, peer_capab) ||
10527 (initiator && nla_put_flag(msg, NL80211_ATTR_TDLS_INITIATOR)) ||
10528 nla_put(msg, NL80211_ATTR_IE, len, buf))
10529 goto fail;
10530
10531 return send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
10532
10533 fail:
10534 nlmsg_free(msg);
10535 return -ENOBUFS;
10536 }
10537
10538
nl80211_tdls_oper(void * priv,enum tdls_oper oper,const u8 * peer)10539 static int nl80211_tdls_oper(void *priv, enum tdls_oper oper, const u8 *peer)
10540 {
10541 struct i802_bss *bss = priv;
10542 struct wpa_driver_nl80211_data *drv = bss->drv;
10543 struct nl_msg *msg;
10544 enum nl80211_tdls_operation nl80211_oper;
10545 int res;
10546
10547 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT))
10548 return -EOPNOTSUPP;
10549
10550 switch (oper) {
10551 case TDLS_DISCOVERY_REQ:
10552 nl80211_oper = NL80211_TDLS_DISCOVERY_REQ;
10553 break;
10554 case TDLS_SETUP:
10555 nl80211_oper = NL80211_TDLS_SETUP;
10556 break;
10557 case TDLS_TEARDOWN:
10558 nl80211_oper = NL80211_TDLS_TEARDOWN;
10559 break;
10560 case TDLS_ENABLE_LINK:
10561 nl80211_oper = NL80211_TDLS_ENABLE_LINK;
10562 break;
10563 case TDLS_DISABLE_LINK:
10564 nl80211_oper = NL80211_TDLS_DISABLE_LINK;
10565 break;
10566 case TDLS_ENABLE:
10567 return 0;
10568 case TDLS_DISABLE:
10569 return 0;
10570 default:
10571 return -EINVAL;
10572 }
10573
10574 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_TDLS_OPER)) ||
10575 nla_put_u8(msg, NL80211_ATTR_TDLS_OPERATION, nl80211_oper) ||
10576 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, peer)) {
10577 nlmsg_free(msg);
10578 return -ENOBUFS;
10579 }
10580
10581 res = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
10582 wpa_printf(MSG_DEBUG, "nl80211: TDLS_OPER: oper=%d mac=" MACSTR
10583 " --> res=%d (%s)", nl80211_oper, MAC2STR(peer), res,
10584 strerror(-res));
10585 return res;
10586 }
10587
10588
10589 static int
nl80211_tdls_enable_channel_switch(void * priv,const u8 * addr,u8 oper_class,const struct hostapd_freq_params * params)10590 nl80211_tdls_enable_channel_switch(void *priv, const u8 *addr, u8 oper_class,
10591 const struct hostapd_freq_params *params)
10592 {
10593 struct i802_bss *bss = priv;
10594 struct wpa_driver_nl80211_data *drv = bss->drv;
10595 struct nl_msg *msg;
10596 int ret = -ENOBUFS;
10597
10598 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT) ||
10599 !(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_CHANNEL_SWITCH))
10600 return -EOPNOTSUPP;
10601
10602 wpa_printf(MSG_DEBUG, "nl80211: Enable TDLS channel switch " MACSTR
10603 " oper_class=%u freq=%u",
10604 MAC2STR(addr), oper_class, params->freq);
10605 msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_TDLS_CHANNEL_SWITCH);
10606 if (!msg ||
10607 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr) ||
10608 nla_put_u8(msg, NL80211_ATTR_OPER_CLASS, oper_class) ||
10609 (ret = nl80211_put_freq_params(msg, params))) {
10610 nlmsg_free(msg);
10611 wpa_printf(MSG_DEBUG, "nl80211: Could not build TDLS chan switch");
10612 return ret;
10613 }
10614
10615 return send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
10616 }
10617
10618
10619 static int
nl80211_tdls_disable_channel_switch(void * priv,const u8 * addr)10620 nl80211_tdls_disable_channel_switch(void *priv, const u8 *addr)
10621 {
10622 struct i802_bss *bss = priv;
10623 struct wpa_driver_nl80211_data *drv = bss->drv;
10624 struct nl_msg *msg;
10625
10626 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT) ||
10627 !(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_CHANNEL_SWITCH))
10628 return -EOPNOTSUPP;
10629
10630 wpa_printf(MSG_DEBUG, "nl80211: Disable TDLS channel switch " MACSTR,
10631 MAC2STR(addr));
10632 msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_TDLS_CANCEL_CHANNEL_SWITCH);
10633 if (!msg ||
10634 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) {
10635 nlmsg_free(msg);
10636 wpa_printf(MSG_DEBUG,
10637 "nl80211: Could not build TDLS cancel chan switch");
10638 return -ENOBUFS;
10639 }
10640
10641 return send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
10642 }
10643
10644 #endif /* CONFIG TDLS */
10645
10646
driver_nl80211_set_key(void * priv,struct wpa_driver_set_key_params * params)10647 static int driver_nl80211_set_key(void *priv,
10648 struct wpa_driver_set_key_params *params)
10649 {
10650 struct i802_bss *bss = priv;
10651
10652 return wpa_driver_nl80211_set_key(bss, params);
10653 }
10654
10655
driver_nl80211_scan2(void * priv,struct wpa_driver_scan_params * params)10656 static int driver_nl80211_scan2(void *priv,
10657 struct wpa_driver_scan_params *params)
10658 {
10659 struct i802_bss *bss = priv;
10660 #ifdef CONFIG_DRIVER_NL80211_QCA
10661 struct wpa_driver_nl80211_data *drv = bss->drv;
10662
10663 /*
10664 * Do a vendor specific scan if possible. If only_new_results is
10665 * set, do a normal scan since a kernel (cfg80211) BSS cache flush
10666 * cannot be achieved through a vendor scan. The below condition may
10667 * need to be modified if new scan flags are added in the future whose
10668 * functionality can only be achieved through a normal scan.
10669 */
10670 if (drv->scan_vendor_cmd_avail && !params->only_new_results)
10671 return wpa_driver_nl80211_vendor_scan(bss, params);
10672 #endif /* CONFIG_DRIVER_NL80211_QCA */
10673 return wpa_driver_nl80211_scan(bss, params);
10674 }
10675
10676
driver_nl80211_deauthenticate(void * priv,const u8 * addr,u16 reason_code)10677 static int driver_nl80211_deauthenticate(void *priv, const u8 *addr,
10678 u16 reason_code)
10679 {
10680 struct i802_bss *bss = priv;
10681 return wpa_driver_nl80211_deauthenticate(bss, addr, reason_code);
10682 }
10683
10684
driver_nl80211_authenticate(void * priv,struct wpa_driver_auth_params * params)10685 static int driver_nl80211_authenticate(void *priv,
10686 struct wpa_driver_auth_params *params)
10687 {
10688 struct i802_bss *bss = priv;
10689 return wpa_driver_nl80211_authenticate(bss, params);
10690 }
10691
10692
driver_nl80211_deinit(void * priv)10693 static void driver_nl80211_deinit(void *priv)
10694 {
10695 struct i802_bss *bss = priv;
10696 wpa_driver_nl80211_deinit(bss);
10697 }
10698
10699
driver_nl80211_if_remove(void * priv,enum wpa_driver_if_type type,const char * ifname)10700 static int driver_nl80211_if_remove(void *priv, enum wpa_driver_if_type type,
10701 const char *ifname)
10702 {
10703 struct i802_bss *bss = priv;
10704 return wpa_driver_nl80211_if_remove(bss, type, ifname);
10705 }
10706
10707
driver_nl80211_send_mlme(void * priv,const u8 * data,size_t data_len,int noack,unsigned int freq,const u16 * csa_offs,size_t csa_offs_len,int no_encrypt,unsigned int wait,int link_id)10708 static int driver_nl80211_send_mlme(void *priv, const u8 *data,
10709 size_t data_len, int noack,
10710 unsigned int freq,
10711 const u16 *csa_offs, size_t csa_offs_len,
10712 int no_encrypt, unsigned int wait,
10713 int link_id)
10714 {
10715 struct i802_bss *bss = priv;
10716 return wpa_driver_nl80211_send_mlme(bss, data, data_len, noack,
10717 freq, 0, 0, wait, csa_offs,
10718 csa_offs_len, no_encrypt, link_id);
10719 }
10720
10721
driver_nl80211_sta_remove(void * priv,const u8 * addr)10722 static int driver_nl80211_sta_remove(void *priv, const u8 *addr)
10723 {
10724 struct i802_bss *bss = priv;
10725 return wpa_driver_nl80211_sta_remove(bss, addr, -1, 0);
10726 }
10727
10728
driver_nl80211_set_sta_vlan(void * priv,const u8 * addr,const char * ifname,int vlan_id,int link_id)10729 static int driver_nl80211_set_sta_vlan(void *priv, const u8 *addr,
10730 const char *ifname, int vlan_id,
10731 int link_id)
10732 {
10733 struct i802_bss *bss = priv;
10734 return i802_set_sta_vlan(bss, addr, ifname, vlan_id, link_id);
10735 }
10736
10737
driver_nl80211_read_sta_data(void * priv,struct hostap_sta_driver_data * data,const u8 * addr)10738 static int driver_nl80211_read_sta_data(void *priv,
10739 struct hostap_sta_driver_data *data,
10740 const u8 *addr)
10741 {
10742 struct i802_bss *bss = priv;
10743
10744 os_memset(data, 0, sizeof(*data));
10745 return i802_read_sta_data(bss, data, addr);
10746 }
10747
10748
driver_nl80211_send_action(void * priv,unsigned int freq,unsigned int wait_time,const u8 * dst,const u8 * src,const u8 * bssid,const u8 * data,size_t data_len,int no_cck)10749 static int driver_nl80211_send_action(void *priv, unsigned int freq,
10750 unsigned int wait_time,
10751 const u8 *dst, const u8 *src,
10752 const u8 *bssid,
10753 const u8 *data, size_t data_len,
10754 int no_cck)
10755 {
10756 struct i802_bss *bss = priv;
10757 return wpa_driver_nl80211_send_action(bss, freq, wait_time, dst, src,
10758 bssid, data, data_len, no_cck);
10759 }
10760
10761
driver_nl80211_probe_req_report(void * priv,int report)10762 static int driver_nl80211_probe_req_report(void *priv, int report)
10763 {
10764 struct i802_bss *bss = priv;
10765 return wpa_driver_nl80211_probe_req_report(bss, report);
10766 }
10767
10768
wpa_driver_nl80211_update_ft_ies(void * priv,const u8 * md,const u8 * ies,size_t ies_len)10769 static int wpa_driver_nl80211_update_ft_ies(void *priv, const u8 *md,
10770 const u8 *ies, size_t ies_len)
10771 {
10772 int ret;
10773 struct nl_msg *msg;
10774 struct i802_bss *bss = priv;
10775 struct wpa_driver_nl80211_data *drv = bss->drv;
10776 u16 mdid = WPA_GET_LE16(md);
10777
10778 wpa_printf(MSG_DEBUG, "nl80211: Updating FT IEs");
10779 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_UPDATE_FT_IES)) ||
10780 nla_put(msg, NL80211_ATTR_IE, ies_len, ies) ||
10781 nla_put_u16(msg, NL80211_ATTR_MDID, mdid)) {
10782 nlmsg_free(msg);
10783 return -ENOBUFS;
10784 }
10785
10786 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
10787 if (ret) {
10788 wpa_printf(MSG_DEBUG, "nl80211: update_ft_ies failed "
10789 "err=%d (%s)", ret, strerror(-ret));
10790 }
10791
10792 return ret;
10793 }
10794
10795
nl80211_update_dh_ie(void * priv,const u8 * peer_mac,u16 reason_code,const u8 * ie,size_t ie_len)10796 static int nl80211_update_dh_ie(void *priv, const u8 *peer_mac,
10797 u16 reason_code, const u8 *ie, size_t ie_len)
10798 {
10799 int ret;
10800 struct nl_msg *msg;
10801 struct i802_bss *bss = priv;
10802 struct wpa_driver_nl80211_data *drv = bss->drv;
10803
10804 wpa_printf(MSG_DEBUG, "nl80211: Updating DH IE peer: " MACSTR
10805 " reason %u", MAC2STR(peer_mac), reason_code);
10806 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_UPDATE_OWE_INFO)) ||
10807 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, peer_mac) ||
10808 nla_put_u16(msg, NL80211_ATTR_STATUS_CODE, reason_code) ||
10809 (ie && nla_put(msg, NL80211_ATTR_IE, ie_len, ie))) {
10810 nlmsg_free(msg);
10811 return -ENOBUFS;
10812 }
10813
10814 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
10815 if (ret) {
10816 wpa_printf(MSG_DEBUG,
10817 "nl80211: update_dh_ie failed err=%d (%s)",
10818 ret, strerror(-ret));
10819 }
10820
10821 return ret;
10822 }
10823
10824
wpa_driver_nl80211_get_macaddr(void * priv)10825 static const u8 * wpa_driver_nl80211_get_macaddr(void *priv)
10826 {
10827 struct i802_bss *bss = priv;
10828 struct wpa_driver_nl80211_data *drv = bss->drv;
10829
10830 if (drv->nlmode != NL80211_IFTYPE_P2P_DEVICE)
10831 return NULL;
10832
10833 return bss->addr;
10834 }
10835
10836
scan_state_str(enum scan_states scan_state)10837 static const char * scan_state_str(enum scan_states scan_state)
10838 {
10839 switch (scan_state) {
10840 case NO_SCAN:
10841 return "NO_SCAN";
10842 case SCAN_REQUESTED:
10843 return "SCAN_REQUESTED";
10844 case SCAN_STARTED:
10845 return "SCAN_STARTED";
10846 case SCAN_COMPLETED:
10847 return "SCAN_COMPLETED";
10848 case SCAN_ABORTED:
10849 return "SCAN_ABORTED";
10850 case SCHED_SCAN_STARTED:
10851 return "SCHED_SCAN_STARTED";
10852 case SCHED_SCAN_STOPPED:
10853 return "SCHED_SCAN_STOPPED";
10854 case SCHED_SCAN_RESULTS:
10855 return "SCHED_SCAN_RESULTS";
10856 }
10857
10858 return "??";
10859 }
10860
10861
wpa_driver_nl80211_status(void * priv,char * buf,size_t buflen)10862 static int wpa_driver_nl80211_status(void *priv, char *buf, size_t buflen)
10863 {
10864 struct i802_bss *bss = priv;
10865 struct wpa_driver_nl80211_data *drv = bss->drv;
10866 int res;
10867 char *pos, *end;
10868 struct nl_msg *msg;
10869 char alpha2[3] = { 0, 0, 0 };
10870
10871 pos = buf;
10872 end = buf + buflen;
10873
10874 res = os_snprintf(pos, end - pos,
10875 "ifindex=%d\n"
10876 "ifname=%s\n"
10877 "brname=%s\n"
10878 "addr=" MACSTR "\n"
10879 "freq=%d\n"
10880 "%s%s%s%s%s%s",
10881 bss->ifindex,
10882 bss->ifname,
10883 bss->brname,
10884 MAC2STR(bss->addr),
10885 bss->flink->freq,
10886 bss->flink->beacon_set ? "beacon_set=1\n" : "",
10887 bss->added_if_into_bridge ?
10888 "added_if_into_bridge=1\n" : "",
10889 bss->already_in_bridge ? "already_in_bridge=1\n" : "",
10890 bss->added_bridge ? "added_bridge=1\n" : "",
10891 bss->in_deinit ? "in_deinit=1\n" : "",
10892 bss->if_dynamic ? "if_dynamic=1\n" : "");
10893 if (os_snprintf_error(end - pos, res))
10894 return pos - buf;
10895 pos += res;
10896
10897 if (bss->wdev_id_set) {
10898 res = os_snprintf(pos, end - pos, "wdev_id=%llu\n",
10899 (unsigned long long) bss->wdev_id);
10900 if (os_snprintf_error(end - pos, res))
10901 return pos - buf;
10902 pos += res;
10903 }
10904
10905 res = os_snprintf(pos, end - pos,
10906 "phyname=%s\n"
10907 "perm_addr=" MACSTR "\n"
10908 "drv_ifindex=%d\n"
10909 "operstate=%d\n"
10910 "scan_state=%s\n"
10911 "auth_bssid=" MACSTR "\n"
10912 "auth_attempt_bssid=" MACSTR "\n"
10913 "bssid=" MACSTR "\n"
10914 "prev_bssid=" MACSTR "\n"
10915 "associated=%d\n"
10916 "assoc_freq=%u\n"
10917 "monitor_sock=%d\n"
10918 "monitor_ifidx=%d\n"
10919 "monitor_refcount=%d\n"
10920 "last_mgmt_freq=%u\n"
10921 "eapol_tx_sock=%d\n"
10922 "%s%s%s%s%s%s%s%s%s%s%s%s%s",
10923 drv->phyname,
10924 MAC2STR(drv->perm_addr),
10925 drv->ifindex,
10926 drv->operstate,
10927 scan_state_str(drv->scan_state),
10928 MAC2STR(drv->auth_bssid),
10929 MAC2STR(drv->auth_attempt_bssid),
10930 MAC2STR(drv->bssid),
10931 MAC2STR(drv->prev_bssid),
10932 drv->associated,
10933 drv->assoc_freq,
10934 drv->monitor_sock,
10935 drv->monitor_ifidx,
10936 drv->monitor_refcount,
10937 drv->last_mgmt_freq,
10938 drv->eapol_tx_sock,
10939 drv->ignore_if_down_event ?
10940 "ignore_if_down_event=1\n" : "",
10941 drv->scan_complete_events ?
10942 "scan_complete_events=1\n" : "",
10943 drv->disabled_11b_rates ?
10944 "disabled_11b_rates=1\n" : "",
10945 drv->pending_remain_on_chan ?
10946 "pending_remain_on_chan=1\n" : "",
10947 drv->in_interface_list ? "in_interface_list=1\n" : "",
10948 drv->device_ap_sme ? "device_ap_sme=1\n" : "",
10949 drv->poll_command_supported ?
10950 "poll_command_supported=1\n" : "",
10951 drv->data_tx_status ? "data_tx_status=1\n" : "",
10952 drv->scan_for_auth ? "scan_for_auth=1\n" : "",
10953 drv->retry_auth ? "retry_auth=1\n" : "",
10954 drv->use_monitor ? "use_monitor=1\n" : "",
10955 drv->ignore_next_local_disconnect ?
10956 "ignore_next_local_disconnect=1\n" : "",
10957 drv->ignore_next_local_deauth ?
10958 "ignore_next_local_deauth=1\n" : "");
10959 if (os_snprintf_error(end - pos, res))
10960 return pos - buf;
10961 pos += res;
10962
10963 if (drv->sta_mlo_info.valid_links) {
10964 int i;
10965 struct driver_sta_mlo_info *mlo = &drv->sta_mlo_info;
10966
10967 res = os_snprintf(pos, end - pos,
10968 "ap_mld_addr=" MACSTR "\n"
10969 "default_map=%d\n",
10970 MAC2STR(mlo->ap_mld_addr),
10971 mlo->default_map);
10972 if (os_snprintf_error(end - pos, res))
10973 return pos - buf;
10974 pos += res;
10975
10976 for (i = 0; i < MAX_NUM_MLD_LINKS; i++) {
10977 if (!(mlo->valid_links & BIT(i)))
10978 continue;
10979
10980 res = os_snprintf(pos, end - pos,
10981 "link_addr[%u]=" MACSTR "\n"
10982 "link_bssid[%u]=" MACSTR "\n"
10983 "link_freq[%u]=%u\n",
10984 i, MAC2STR(mlo->links[i].addr),
10985 i, MAC2STR(mlo->links[i].bssid),
10986 i, mlo->links[i].freq);
10987 if (os_snprintf_error(end - pos, res))
10988 return pos - buf;
10989 pos += res;
10990
10991 if (!mlo->default_map) {
10992 res = os_snprintf(
10993 pos, end - pos,
10994 "uplink_map[%u]=%x\n"
10995 "downlink_map[%u]=%x\n",
10996 i, mlo->links[i].t2lmap.uplink,
10997 i, mlo->links[i].t2lmap.downlink);
10998 if (os_snprintf_error(end - pos, res))
10999 return pos - buf;
11000 pos += res;
11001 }
11002 }
11003 }
11004
11005 if (drv->has_capability) {
11006 res = os_snprintf(pos, end - pos,
11007 "capa.key_mgmt=0x%x\n"
11008 "capa.enc=0x%x\n"
11009 "capa.auth=0x%x\n"
11010 "capa.flags=0x%llx\n"
11011 "capa.flags2=0x%llx\n"
11012 "capa.rrm_flags=0x%x\n"
11013 "capa.max_scan_ssids=%d\n"
11014 "capa.max_sched_scan_ssids=%d\n"
11015 "capa.sched_scan_supported=%d\n"
11016 "capa.max_match_sets=%d\n"
11017 "capa.max_remain_on_chan=%u\n"
11018 "capa.max_stations=%u\n"
11019 "capa.probe_resp_offloads=0x%x\n"
11020 "capa.max_acl_mac_addrs=%u\n"
11021 "capa.num_multichan_concurrent=%u\n"
11022 "capa.mac_addr_rand_sched_scan_supported=%d\n"
11023 "capa.mac_addr_rand_scan_supported=%d\n"
11024 "capa.conc_capab=%u\n"
11025 "capa.max_conc_chan_2_4=%u\n"
11026 "capa.max_conc_chan_5_0=%u\n"
11027 "capa.max_sched_scan_plans=%u\n"
11028 "capa.max_sched_scan_plan_interval=%u\n"
11029 "capa.max_sched_scan_plan_iterations=%u\n"
11030 "capa.mbssid_max_interfaces=%u\n"
11031 "capa.ema_max_periodicity=%u\n",
11032 drv->capa.key_mgmt,
11033 drv->capa.enc,
11034 drv->capa.auth,
11035 (unsigned long long) drv->capa.flags,
11036 (unsigned long long) drv->capa.flags2,
11037 drv->capa.rrm_flags,
11038 drv->capa.max_scan_ssids,
11039 drv->capa.max_sched_scan_ssids,
11040 drv->capa.sched_scan_supported,
11041 drv->capa.max_match_sets,
11042 drv->capa.max_remain_on_chan,
11043 drv->capa.max_stations,
11044 drv->capa.probe_resp_offloads,
11045 drv->capa.max_acl_mac_addrs,
11046 drv->capa.num_multichan_concurrent,
11047 drv->capa.mac_addr_rand_sched_scan_supported,
11048 drv->capa.mac_addr_rand_scan_supported,
11049 drv->capa.conc_capab,
11050 drv->capa.max_conc_chan_2_4,
11051 drv->capa.max_conc_chan_5_0,
11052 drv->capa.max_sched_scan_plans,
11053 drv->capa.max_sched_scan_plan_interval,
11054 drv->capa.max_sched_scan_plan_iterations,
11055 drv->capa.mbssid_max_interfaces,
11056 drv->capa.ema_max_periodicity);
11057 if (os_snprintf_error(end - pos, res))
11058 return pos - buf;
11059 pos += res;
11060 }
11061
11062 msg = nlmsg_alloc();
11063 if (msg &&
11064 nl80211_cmd(drv, msg, 0, NL80211_CMD_GET_REG) &&
11065 nla_put_u32(msg, NL80211_ATTR_WIPHY, drv->wiphy_idx) == 0) {
11066 if (send_and_recv_msgs(drv, msg, nl80211_get_country,
11067 alpha2, NULL, NULL) == 0 &&
11068 alpha2[0]) {
11069 res = os_snprintf(pos, end - pos, "country=%s\n",
11070 alpha2);
11071 if (os_snprintf_error(end - pos, res))
11072 return pos - buf;
11073 pos += res;
11074 }
11075 } else {
11076 nlmsg_free(msg);
11077 }
11078
11079 return pos - buf;
11080 }
11081
11082
set_beacon_data(struct nl_msg * msg,struct beacon_data * settings)11083 static int set_beacon_data(struct nl_msg *msg, struct beacon_data *settings)
11084 {
11085 if ((settings->head &&
11086 nla_put(msg, NL80211_ATTR_BEACON_HEAD,
11087 settings->head_len, settings->head)) ||
11088 (settings->tail &&
11089 nla_put(msg, NL80211_ATTR_BEACON_TAIL,
11090 settings->tail_len, settings->tail)) ||
11091 (settings->beacon_ies &&
11092 nla_put(msg, NL80211_ATTR_IE,
11093 settings->beacon_ies_len, settings->beacon_ies)) ||
11094 (settings->proberesp_ies &&
11095 nla_put(msg, NL80211_ATTR_IE_PROBE_RESP,
11096 settings->proberesp_ies_len, settings->proberesp_ies)) ||
11097 (settings->assocresp_ies &&
11098 nla_put(msg, NL80211_ATTR_IE_ASSOC_RESP,
11099 settings->assocresp_ies_len, settings->assocresp_ies)) ||
11100 (settings->probe_resp &&
11101 nla_put(msg, NL80211_ATTR_PROBE_RESP,
11102 settings->probe_resp_len, settings->probe_resp)))
11103 return -ENOBUFS;
11104
11105 return 0;
11106 }
11107
11108
nl80211_switch_channel(void * priv,struct csa_settings * settings)11109 static int nl80211_switch_channel(void *priv, struct csa_settings *settings)
11110 {
11111 struct nl_msg *msg;
11112 struct i802_bss *bss = priv;
11113 struct wpa_driver_nl80211_data *drv = bss->drv;
11114 struct nlattr *beacon_csa;
11115 int ret = -ENOBUFS;
11116 int csa_off_len = 0;
11117 int i;
11118
11119 wpa_printf(MSG_DEBUG,
11120 "nl80211: Channel switch request (cs_count=%u block_tx=%u freq=%d channel=%d sec_channel_offset=%d width=%d cf1=%d cf2=%d puncturing_bitmap=0x%04x%s%s%s)",
11121 settings->cs_count, settings->block_tx,
11122 settings->freq_params.freq,
11123 settings->freq_params.channel,
11124 settings->freq_params.sec_channel_offset,
11125 settings->freq_params.bandwidth,
11126 settings->freq_params.center_freq1,
11127 settings->freq_params.center_freq2,
11128 settings->punct_bitmap,
11129 settings->freq_params.ht_enabled ? " ht" : "",
11130 settings->freq_params.vht_enabled ? " vht" : "",
11131 settings->freq_params.he_enabled ? " he" : "");
11132
11133 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_AP_CSA)) {
11134 wpa_printf(MSG_DEBUG, "nl80211: Driver does not support channel switch command");
11135 return -EOPNOTSUPP;
11136 }
11137
11138 if (drv->nlmode != NL80211_IFTYPE_AP &&
11139 drv->nlmode != NL80211_IFTYPE_P2P_GO &&
11140 drv->nlmode != NL80211_IFTYPE_MESH_POINT)
11141 return -EOPNOTSUPP;
11142
11143 /*
11144 * Remove empty counters, assuming Probe Response and Beacon frame
11145 * counters match. This implementation assumes that there are only two
11146 * counters.
11147 */
11148 if (settings->counter_offset_beacon[0] &&
11149 !settings->counter_offset_beacon[1]) {
11150 csa_off_len = 1;
11151 } else if (settings->counter_offset_beacon[1] &&
11152 !settings->counter_offset_beacon[0]) {
11153 csa_off_len = 1;
11154 settings->counter_offset_beacon[0] =
11155 settings->counter_offset_beacon[1];
11156 settings->counter_offset_presp[0] =
11157 settings->counter_offset_presp[1];
11158 } else if (settings->counter_offset_beacon[1] &&
11159 settings->counter_offset_beacon[0]) {
11160 csa_off_len = 2;
11161 } else {
11162 wpa_printf(MSG_ERROR, "nl80211: No CSA counters provided");
11163 return -EINVAL;
11164 }
11165
11166 /* Check CSA counters validity */
11167 if (drv->capa.max_csa_counters &&
11168 csa_off_len > drv->capa.max_csa_counters) {
11169 wpa_printf(MSG_ERROR,
11170 "nl80211: Too many CSA counters provided");
11171 return -EINVAL;
11172 }
11173
11174 if (!settings->beacon_csa.tail)
11175 return -EINVAL;
11176
11177 for (i = 0; i < csa_off_len; i++) {
11178 u16 csa_c_off_bcn = settings->counter_offset_beacon[i];
11179 u16 csa_c_off_presp = settings->counter_offset_presp[i];
11180
11181 if ((settings->beacon_csa.tail_len <= csa_c_off_bcn) ||
11182 (settings->beacon_csa.tail[csa_c_off_bcn] !=
11183 settings->cs_count))
11184 return -EINVAL;
11185
11186 if (settings->beacon_csa.probe_resp &&
11187 ((settings->beacon_csa.probe_resp_len <=
11188 csa_c_off_presp) ||
11189 (settings->beacon_csa.probe_resp[csa_c_off_presp] !=
11190 settings->cs_count)))
11191 return -EINVAL;
11192 }
11193
11194 if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_CHANNEL_SWITCH)) ||
11195 nla_put_u32(msg, NL80211_ATTR_CH_SWITCH_COUNT,
11196 settings->cs_count) ||
11197 (ret = nl80211_put_freq_params(msg, &settings->freq_params)) ||
11198 (settings->block_tx &&
11199 nla_put_flag(msg, NL80211_ATTR_CH_SWITCH_BLOCK_TX)) ||
11200 (settings->punct_bitmap &&
11201 nla_put_u32(msg, NL80211_ATTR_PUNCT_BITMAP,
11202 settings->punct_bitmap)))
11203 goto error;
11204
11205 /* beacon_after params */
11206 ret = set_beacon_data(msg, &settings->beacon_after);
11207 if (ret)
11208 goto error;
11209
11210 /* beacon_csa params */
11211 beacon_csa = nla_nest_start(msg, NL80211_ATTR_CSA_IES);
11212 if (!beacon_csa)
11213 goto fail;
11214
11215 ret = set_beacon_data(msg, &settings->beacon_csa);
11216 if (ret)
11217 goto error;
11218
11219 if (nla_put(msg, NL80211_ATTR_CSA_C_OFF_BEACON,
11220 csa_off_len * sizeof(u16),
11221 settings->counter_offset_beacon) ||
11222 (settings->beacon_csa.probe_resp &&
11223 nla_put(msg, NL80211_ATTR_CSA_C_OFF_PRESP,
11224 csa_off_len * sizeof(u16),
11225 settings->counter_offset_presp)))
11226 goto fail;
11227
11228 nla_nest_end(msg, beacon_csa);
11229 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
11230 if (ret) {
11231 wpa_printf(MSG_DEBUG, "nl80211: switch_channel failed err=%d (%s)",
11232 ret, strerror(-ret));
11233 }
11234 return ret;
11235
11236 fail:
11237 ret = -ENOBUFS;
11238 error:
11239 nlmsg_free(msg);
11240 wpa_printf(MSG_DEBUG, "nl80211: Could not build channel switch request");
11241 return ret;
11242 }
11243
11244
11245 #ifdef CONFIG_IEEE80211AX
nl80211_switch_color(void * priv,struct cca_settings * settings)11246 static int nl80211_switch_color(void *priv, struct cca_settings *settings)
11247 {
11248 struct i802_bss *bss = priv;
11249 struct wpa_driver_nl80211_data *drv = bss->drv;
11250 struct nlattr *beacon_cca;
11251 struct nl_msg *msg;
11252 int ret = -ENOBUFS;
11253
11254 wpa_printf(MSG_DEBUG,
11255 "nl80211: Color change request (cca_count=%u color=%d)",
11256 settings->cca_count, settings->cca_color);
11257
11258 if (drv->nlmode != NL80211_IFTYPE_AP)
11259 return -EOPNOTSUPP;
11260
11261 if (!settings->beacon_cca.tail)
11262 return -EINVAL;
11263
11264 if (settings->beacon_cca.tail_len <= settings->counter_offset_beacon ||
11265 settings->beacon_cca.tail[settings->counter_offset_beacon] !=
11266 settings->cca_count)
11267 return -EINVAL;
11268
11269 if (settings->beacon_cca.probe_resp &&
11270 (settings->beacon_cca.probe_resp_len <=
11271 settings->counter_offset_presp ||
11272 settings->beacon_cca.probe_resp[settings->counter_offset_presp] !=
11273 settings->cca_count))
11274 return -EINVAL;
11275
11276 msg = nl80211_bss_msg(bss, 0, NL80211_CMD_COLOR_CHANGE_REQUEST);
11277 if (!msg ||
11278 nla_put_u8(msg, NL80211_ATTR_COLOR_CHANGE_COUNT,
11279 settings->cca_count) ||
11280 nla_put_u8(msg, NL80211_ATTR_COLOR_CHANGE_COLOR,
11281 settings->cca_color))
11282 goto error;
11283
11284 /* beacon_after params */
11285 ret = set_beacon_data(msg, &settings->beacon_after);
11286 if (ret)
11287 goto error;
11288
11289 /* beacon_csa params */
11290 beacon_cca = nla_nest_start(msg, NL80211_ATTR_COLOR_CHANGE_ELEMS);
11291 if (!beacon_cca) {
11292 ret = -ENOBUFS;
11293 goto error;
11294 }
11295
11296 ret = set_beacon_data(msg, &settings->beacon_cca);
11297 if (ret)
11298 goto error;
11299
11300 if (nla_put_u16(msg, NL80211_ATTR_CNTDWN_OFFS_BEACON,
11301 settings->counter_offset_beacon) ||
11302 (settings->beacon_cca.probe_resp &&
11303 nla_put_u16(msg, NL80211_ATTR_CNTDWN_OFFS_PRESP,
11304 settings->counter_offset_presp))) {
11305 ret = -ENOBUFS;
11306 goto error;
11307 }
11308
11309 nla_nest_end(msg, beacon_cca);
11310 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
11311 if (ret) {
11312 wpa_printf(MSG_DEBUG,
11313 "nl80211: switch_color failed err=%d (%s)",
11314 ret, strerror(-ret));
11315 }
11316 return ret;
11317
11318 error:
11319 nlmsg_free(msg);
11320 wpa_printf(MSG_DEBUG, "nl80211: Could not build color switch request");
11321 return ret;
11322 }
11323 #endif /* CONFIG_IEEE80211AX */
11324
11325
nl80211_add_ts(void * priv,u8 tsid,const u8 * addr,u8 user_priority,u16 admitted_time)11326 static int nl80211_add_ts(void *priv, u8 tsid, const u8 *addr,
11327 u8 user_priority, u16 admitted_time)
11328 {
11329 struct i802_bss *bss = priv;
11330 struct wpa_driver_nl80211_data *drv = bss->drv;
11331 struct nl_msg *msg;
11332 int ret;
11333
11334 wpa_printf(MSG_DEBUG,
11335 "nl80211: add_ts request: tsid=%u admitted_time=%u up=%d",
11336 tsid, admitted_time, user_priority);
11337
11338 if (!is_sta_interface(drv->nlmode))
11339 return -ENOTSUP;
11340
11341 msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_ADD_TX_TS);
11342 if (!msg ||
11343 nla_put_u8(msg, NL80211_ATTR_TSID, tsid) ||
11344 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr) ||
11345 nla_put_u8(msg, NL80211_ATTR_USER_PRIO, user_priority) ||
11346 nla_put_u16(msg, NL80211_ATTR_ADMITTED_TIME, admitted_time)) {
11347 nlmsg_free(msg);
11348 return -ENOBUFS;
11349 }
11350
11351 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
11352 if (ret)
11353 wpa_printf(MSG_DEBUG, "nl80211: add_ts failed err=%d (%s)",
11354 ret, strerror(-ret));
11355 return ret;
11356 }
11357
11358
nl80211_del_ts(void * priv,u8 tsid,const u8 * addr)11359 static int nl80211_del_ts(void *priv, u8 tsid, const u8 *addr)
11360 {
11361 struct i802_bss *bss = priv;
11362 struct wpa_driver_nl80211_data *drv = bss->drv;
11363 struct nl_msg *msg;
11364 int ret;
11365
11366 wpa_printf(MSG_DEBUG, "nl80211: del_ts request: tsid=%u", tsid);
11367
11368 if (!is_sta_interface(drv->nlmode))
11369 return -ENOTSUP;
11370
11371 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_DEL_TX_TS)) ||
11372 nla_put_u8(msg, NL80211_ATTR_TSID, tsid) ||
11373 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) {
11374 nlmsg_free(msg);
11375 return -ENOBUFS;
11376 }
11377
11378 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
11379 if (ret)
11380 wpa_printf(MSG_DEBUG, "nl80211: del_ts failed err=%d (%s)",
11381 ret, strerror(-ret));
11382 return ret;
11383 }
11384
11385
11386 #ifdef CONFIG_TESTING_OPTIONS
cmd_reply_handler(struct nl_msg * msg,void * arg)11387 static int cmd_reply_handler(struct nl_msg *msg, void *arg)
11388 {
11389 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
11390 struct wpabuf *buf = arg;
11391
11392 if (!buf)
11393 return NL_SKIP;
11394
11395 if ((size_t) genlmsg_attrlen(gnlh, 0) > wpabuf_tailroom(buf)) {
11396 wpa_printf(MSG_INFO, "nl80211: insufficient buffer space for reply");
11397 return NL_SKIP;
11398 }
11399
11400 wpabuf_put_data(buf, genlmsg_attrdata(gnlh, 0),
11401 genlmsg_attrlen(gnlh, 0));
11402
11403 return NL_SKIP;
11404 }
11405 #endif /* CONFIG_TESTING_OPTIONS */
11406
11407
vendor_reply_handler(struct nl_msg * msg,void * arg)11408 static int vendor_reply_handler(struct nl_msg *msg, void *arg)
11409 {
11410 struct nlattr *tb[NL80211_ATTR_MAX + 1];
11411 struct nlattr *nl_vendor_reply, *nl;
11412 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
11413 struct wpabuf *buf = arg;
11414 int rem;
11415
11416 if (!buf)
11417 return NL_SKIP;
11418
11419 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
11420 genlmsg_attrlen(gnlh, 0), NULL);
11421 nl_vendor_reply = tb[NL80211_ATTR_VENDOR_DATA];
11422
11423 if (!nl_vendor_reply)
11424 return NL_SKIP;
11425
11426 if ((size_t) nla_len(nl_vendor_reply) > wpabuf_tailroom(buf)) {
11427 wpa_printf(MSG_INFO, "nl80211: Vendor command: insufficient buffer space for reply");
11428 return NL_SKIP;
11429 }
11430
11431 nla_for_each_nested(nl, nl_vendor_reply, rem) {
11432 wpabuf_put_data(buf, nla_data(nl), nla_len(nl));
11433 }
11434
11435 return NL_SKIP;
11436 }
11437
11438
is_cmd_with_nested_attrs(unsigned int vendor_id,unsigned int subcmd)11439 static bool is_cmd_with_nested_attrs(unsigned int vendor_id,
11440 unsigned int subcmd)
11441 {
11442 if (vendor_id != OUI_QCA)
11443 return true;
11444
11445 switch (subcmd) {
11446 case QCA_NL80211_VENDOR_SUBCMD_AVOID_FREQUENCY:
11447 case QCA_NL80211_VENDOR_SUBCMD_STATS_EXT:
11448 case QCA_NL80211_VENDOR_SUBCMD_SCANNING_MAC_OUI:
11449 case QCA_NL80211_VENDOR_SUBCMD_KEY_MGMT_SET_KEY:
11450 case QCA_NL80211_VENDOR_SUBCMD_SPECTRAL_SCAN_GET_STATUS:
11451 case QCA_NL80211_VENDOR_SUBCMD_NAN:
11452 return false;
11453 default:
11454 return true;
11455 }
11456 }
11457
11458
nl80211_vendor_cmd(void * priv,unsigned int vendor_id,unsigned int subcmd,const u8 * data,size_t data_len,enum nested_attr nested_attr,struct wpabuf * buf)11459 static int nl80211_vendor_cmd(void *priv, unsigned int vendor_id,
11460 unsigned int subcmd, const u8 *data,
11461 size_t data_len, enum nested_attr nested_attr,
11462 struct wpabuf *buf)
11463 {
11464 struct i802_bss *bss = priv;
11465 struct wpa_driver_nl80211_data *drv = bss->drv;
11466 struct nl_msg *msg;
11467 int ret, nla_flag;
11468
11469 #ifdef CONFIG_TESTING_OPTIONS
11470 if (vendor_id == 0xffffffff) {
11471 msg = nlmsg_alloc();
11472 if (!msg)
11473 return -ENOMEM;
11474
11475 nl80211_cmd(drv, msg, 0, subcmd);
11476 if (nlmsg_append(msg, (void *) data, data_len, NLMSG_ALIGNTO) <
11477 0)
11478 goto fail;
11479 /* This test vendor_cmd can be used with nl80211 commands that
11480 * need the connect nl_sock, so use the owner-setting variant
11481 * of send_and_recv_msgs(). */
11482 ret = send_and_recv_msgs_owner(drv, msg,
11483 get_connect_handle(bss), 0,
11484 cmd_reply_handler, buf,
11485 NULL, NULL);
11486 if (ret)
11487 wpa_printf(MSG_DEBUG, "nl80211: command failed err=%d",
11488 ret);
11489 return ret;
11490 }
11491 #endif /* CONFIG_TESTING_OPTIONS */
11492
11493 if (nested_attr == NESTED_ATTR_USED)
11494 nla_flag = NLA_F_NESTED;
11495 else if (nested_attr == NESTED_ATTR_UNSPECIFIED &&
11496 is_cmd_with_nested_attrs(vendor_id, subcmd))
11497 nla_flag = NLA_F_NESTED;
11498 else
11499 nla_flag = 0;
11500
11501 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_VENDOR)) ||
11502 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, vendor_id) ||
11503 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD, subcmd) ||
11504 (data &&
11505 nla_put(msg, nla_flag | NL80211_ATTR_VENDOR_DATA,
11506 data_len, data)))
11507 goto fail;
11508
11509 ret = send_and_recv_msgs(drv, msg, vendor_reply_handler, buf,
11510 NULL, NULL);
11511 if (ret)
11512 wpa_printf(MSG_DEBUG, "nl80211: vendor command failed err=%d",
11513 ret);
11514 return ret;
11515
11516 fail:
11517 nlmsg_free(msg);
11518 return -ENOBUFS;
11519 }
11520
11521
nl80211_set_qos_map(void * priv,const u8 * qos_map_set,u8 qos_map_set_len)11522 static int nl80211_set_qos_map(void *priv, const u8 *qos_map_set,
11523 u8 qos_map_set_len)
11524 {
11525 struct i802_bss *bss = priv;
11526 struct wpa_driver_nl80211_data *drv = bss->drv;
11527 struct nl_msg *msg;
11528 int ret;
11529
11530 wpa_hexdump(MSG_DEBUG, "nl80211: Setting QoS Map",
11531 qos_map_set, qos_map_set_len);
11532
11533 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_SET_QOS_MAP)) ||
11534 nla_put(msg, NL80211_ATTR_QOS_MAP, qos_map_set_len, qos_map_set)) {
11535 nlmsg_free(msg);
11536 return -ENOBUFS;
11537 }
11538
11539 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
11540 if (ret)
11541 wpa_printf(MSG_DEBUG, "nl80211: Setting QoS Map failed");
11542
11543 return ret;
11544 }
11545
11546
get_wowlan_handler(struct nl_msg * msg,void * arg)11547 static int get_wowlan_handler(struct nl_msg *msg, void *arg)
11548 {
11549 struct nlattr *tb[NL80211_ATTR_MAX + 1];
11550 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
11551 int *wowlan_enabled = arg;
11552
11553 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
11554 genlmsg_attrlen(gnlh, 0), NULL);
11555
11556 *wowlan_enabled = !!tb[NL80211_ATTR_WOWLAN_TRIGGERS];
11557
11558 return NL_SKIP;
11559 }
11560
11561
nl80211_get_wowlan(void * priv)11562 static int nl80211_get_wowlan(void *priv)
11563 {
11564 struct i802_bss *bss = priv;
11565 struct wpa_driver_nl80211_data *drv = bss->drv;
11566 struct nl_msg *msg;
11567 int wowlan_enabled;
11568 int ret;
11569
11570 wpa_printf(MSG_DEBUG, "nl80211: Getting wowlan status");
11571
11572 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_GET_WOWLAN);
11573
11574 ret = send_and_recv_msgs(drv, msg, get_wowlan_handler, &wowlan_enabled,
11575 NULL, NULL);
11576 if (ret) {
11577 wpa_printf(MSG_DEBUG, "nl80211: Getting wowlan status failed");
11578 return 0;
11579 }
11580
11581 wpa_printf(MSG_DEBUG, "nl80211: wowlan is %s",
11582 wowlan_enabled ? "enabled" : "disabled");
11583
11584 return wowlan_enabled;
11585 }
11586
11587
nl80211_set_wowlan(void * priv,const struct wowlan_triggers * triggers)11588 static int nl80211_set_wowlan(void *priv,
11589 const struct wowlan_triggers *triggers)
11590 {
11591 struct i802_bss *bss = priv;
11592 struct wpa_driver_nl80211_data *drv = bss->drv;
11593 struct nl_msg *msg;
11594 struct nlattr *wowlan_triggers;
11595 int ret;
11596
11597 wpa_printf(MSG_DEBUG, "nl80211: Setting wowlan");
11598
11599 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_SET_WOWLAN)) ||
11600 !(wowlan_triggers = nla_nest_start(msg,
11601 NL80211_ATTR_WOWLAN_TRIGGERS)) ||
11602 (triggers->any &&
11603 nla_put_flag(msg, NL80211_WOWLAN_TRIG_ANY)) ||
11604 (triggers->disconnect &&
11605 nla_put_flag(msg, NL80211_WOWLAN_TRIG_DISCONNECT)) ||
11606 (triggers->magic_pkt &&
11607 nla_put_flag(msg, NL80211_WOWLAN_TRIG_MAGIC_PKT)) ||
11608 (triggers->gtk_rekey_failure &&
11609 nla_put_flag(msg, NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE)) ||
11610 (triggers->eap_identity_req &&
11611 nla_put_flag(msg, NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST)) ||
11612 (triggers->four_way_handshake &&
11613 nla_put_flag(msg, NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE)) ||
11614 (triggers->rfkill_release &&
11615 nla_put_flag(msg, NL80211_WOWLAN_TRIG_RFKILL_RELEASE))) {
11616 nlmsg_free(msg);
11617 return -ENOBUFS;
11618 }
11619
11620 nla_nest_end(msg, wowlan_triggers);
11621
11622 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
11623 if (ret)
11624 wpa_printf(MSG_DEBUG, "nl80211: Setting wowlan failed");
11625
11626 return ret;
11627 }
11628
11629
11630 #ifdef CONFIG_DRIVER_NL80211_QCA
nl80211_roaming(void * priv,int allowed,const u8 * bssid)11631 static int nl80211_roaming(void *priv, int allowed, const u8 *bssid)
11632 {
11633 struct i802_bss *bss = priv;
11634 struct wpa_driver_nl80211_data *drv = bss->drv;
11635 struct nl_msg *msg;
11636 struct nlattr *params;
11637
11638 wpa_printf(MSG_DEBUG, "nl80211: Roaming policy: allowed=%d", allowed);
11639
11640 if (!drv->roaming_vendor_cmd_avail) {
11641 wpa_printf(MSG_DEBUG,
11642 "nl80211: Ignore roaming policy change since driver does not provide command for setting it");
11643 return -1;
11644 }
11645
11646 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) ||
11647 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) ||
11648 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD,
11649 QCA_NL80211_VENDOR_SUBCMD_ROAMING) ||
11650 !(params = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) ||
11651 nla_put_u32(msg, QCA_WLAN_VENDOR_ATTR_ROAMING_POLICY,
11652 allowed ? QCA_ROAMING_ALLOWED_WITHIN_ESS :
11653 QCA_ROAMING_NOT_ALLOWED) ||
11654 (bssid &&
11655 nla_put(msg, QCA_WLAN_VENDOR_ATTR_MAC_ADDR, ETH_ALEN, bssid))) {
11656 nlmsg_free(msg);
11657 return -1;
11658 }
11659 nla_nest_end(msg, params);
11660
11661 return send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
11662 }
11663
11664
nl80211_disable_fils(void * priv,int disable)11665 static int nl80211_disable_fils(void *priv, int disable)
11666 {
11667 struct i802_bss *bss = priv;
11668 struct wpa_driver_nl80211_data *drv = bss->drv;
11669 struct nl_msg *msg;
11670 struct nlattr *params;
11671
11672 wpa_printf(MSG_DEBUG, "nl80211: Disable FILS=%d", disable);
11673
11674 if (!drv->set_wifi_conf_vendor_cmd_avail)
11675 return -1;
11676
11677 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) ||
11678 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) ||
11679 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD,
11680 QCA_NL80211_VENDOR_SUBCMD_SET_WIFI_CONFIGURATION) ||
11681 !(params = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) ||
11682 nla_put_u8(msg, QCA_WLAN_VENDOR_ATTR_CONFIG_DISABLE_FILS,
11683 disable)) {
11684 nlmsg_free(msg);
11685 return -1;
11686 }
11687 nla_nest_end(msg, params);
11688
11689 return send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
11690 }
11691
11692
11693 /* Reserved QCA_WLAN_VENDOR_ATTR_ROAMING_REQ_ID value for wpa_supplicant */
11694 #define WPA_SUPPLICANT_CLIENT_ID 1
11695
nl80211_set_bssid_tmp_disallow(void * priv,unsigned int num_bssid,const u8 * bssid)11696 static int nl80211_set_bssid_tmp_disallow(void *priv, unsigned int num_bssid,
11697 const u8 *bssid)
11698 {
11699 struct i802_bss *bss = priv;
11700 struct wpa_driver_nl80211_data *drv = bss->drv;
11701 struct nl_msg *msg;
11702 struct nlattr *params, *nlbssids, *attr;
11703 unsigned int i;
11704
11705 wpa_printf(MSG_DEBUG,
11706 "nl80211: Set temporarily disallowed BSSIDs (num=%u)",
11707 num_bssid);
11708
11709 if (!drv->roam_vendor_cmd_avail)
11710 return -1;
11711
11712 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) ||
11713 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) ||
11714 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD,
11715 QCA_NL80211_VENDOR_SUBCMD_ROAM) ||
11716 !(params = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) ||
11717 nla_put_u32(msg, QCA_WLAN_VENDOR_ATTR_ROAMING_SUBCMD,
11718 QCA_WLAN_VENDOR_ROAMING_SUBCMD_SET_BLACKLIST_BSSID) ||
11719 nla_put_u32(msg, QCA_WLAN_VENDOR_ATTR_ROAMING_REQ_ID,
11720 WPA_SUPPLICANT_CLIENT_ID) ||
11721 nla_put_u32(msg,
11722 QCA_WLAN_VENDOR_ATTR_ROAMING_PARAM_SET_BSSID_PARAMS_NUM_BSSID,
11723 num_bssid))
11724 goto fail;
11725
11726 nlbssids = nla_nest_start(
11727 msg, QCA_WLAN_VENDOR_ATTR_ROAMING_PARAM_SET_BSSID_PARAMS);
11728 if (!nlbssids)
11729 goto fail;
11730
11731 for (i = 0; i < num_bssid; i++) {
11732 attr = nla_nest_start(msg, i);
11733 if (!attr)
11734 goto fail;
11735 if (nla_put(msg,
11736 QCA_WLAN_VENDOR_ATTR_ROAMING_PARAM_SET_BSSID_PARAMS_BSSID,
11737 ETH_ALEN, &bssid[i * ETH_ALEN]))
11738 goto fail;
11739 wpa_printf(MSG_DEBUG, "nl80211: BSSID[%u]: " MACSTR, i,
11740 MAC2STR(&bssid[i * ETH_ALEN]));
11741 nla_nest_end(msg, attr);
11742 }
11743 nla_nest_end(msg, nlbssids);
11744 nla_nest_end(msg, params);
11745
11746 return send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
11747
11748 fail:
11749 nlmsg_free(msg);
11750 return -1;
11751 }
11752
11753
nl80211_add_sta_node(void * priv,const u8 * addr,u16 auth_alg)11754 static int nl80211_add_sta_node(void *priv, const u8 *addr, u16 auth_alg)
11755 {
11756 struct i802_bss *bss = priv;
11757 struct wpa_driver_nl80211_data *drv = bss->drv;
11758 struct nl_msg *msg;
11759 struct nlattr *params;
11760
11761 if (!drv->add_sta_node_vendor_cmd_avail)
11762 return -EOPNOTSUPP;
11763
11764 wpa_printf(MSG_DEBUG, "nl80211: Add STA node");
11765
11766 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) ||
11767 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) ||
11768 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD,
11769 QCA_NL80211_VENDOR_SUBCMD_ADD_STA_NODE) ||
11770 !(params = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) ||
11771 (addr &&
11772 nla_put(msg, QCA_WLAN_VENDOR_ATTR_ADD_STA_NODE_MAC_ADDR, ETH_ALEN,
11773 addr)) ||
11774 nla_put_u16(msg, QCA_WLAN_VENDOR_ATTR_ADD_STA_NODE_AUTH_ALGO,
11775 auth_alg)) {
11776 nlmsg_free(msg);
11777 wpa_printf(MSG_ERROR,
11778 "%s: err in adding vendor_cmd and vendor_data",
11779 __func__);
11780 return -1;
11781 }
11782 nla_nest_end(msg, params);
11783
11784 return send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
11785 }
11786
11787 #endif /* CONFIG_DRIVER_NL80211_QCA */
11788
11789
nl80211_set_mac_addr(void * priv,const u8 * addr)11790 static int nl80211_set_mac_addr(void *priv, const u8 *addr)
11791 {
11792 struct i802_bss *bss = priv;
11793 struct wpa_driver_nl80211_data *drv = bss->drv;
11794 int new_addr = addr != NULL;
11795 #if defined(CONFIG_DRIVER_NL80211_BRCM) || defined(CONFIG_DRIVER_NL80211_SYNA)
11796 struct nl_msg *msg;
11797 struct nlattr *params;
11798 int ret;
11799 #endif /* CONFIG_DRIVER_NL80211_BRCM || CONFIG_DRIVER_NL80211_SYNA */
11800 wpa_printf(MSG_DEBUG, "Enter: %s", __FUNCTION__);
11801
11802 if (TEST_FAIL())
11803 return -1;
11804 if (drv->nlmode == NL80211_IFTYPE_P2P_DEVICE) {
11805 #if defined(CONFIG_DRIVER_NL80211_BRCM) || defined(CONFIG_DRIVER_NL80211_SYNA)
11806 if (!addr ) {
11807 addr = drv->global->p2p_perm_addr;
11808 }
11809
11810 if (!(msg = nl80211_cmd_msg(bss, 0, NL80211_CMD_VENDOR)) ||
11811 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_BRCM) ||
11812 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD,
11813 BRCM_VENDOR_SCMD_SET_MAC) ||
11814 !(params = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) ||
11815 nla_put(msg, BRCM_ATTR_DRIVER_MAC_ADDR, ETH_ALEN, addr)) {
11816 wpa_printf(MSG_ERROR, "failed to put p2p randmac");
11817 nl80211_nlmsg_clear(msg);
11818 nlmsg_free(msg);
11819 return -ENOBUFS;
11820 }
11821 nla_nest_end(msg, params);
11822
11823 ret = send_and_recv_msgs(drv, msg, NULL, (void *) -1, NULL, NULL);
11824 if (ret) {
11825 wpa_printf(MSG_ERROR, "nl80211: p2p set macaddr failed: ret=%d (%s)",
11826 ret, strerror(-ret));
11827 }
11828 memcpy(bss->addr, addr, ETH_ALEN);
11829 return ret;
11830 #else
11831 return -ENOTSUP;
11832 #endif /* CONFIG_DRIVER_NL80211_BRCM || CONFIG_DRIVER_NL80211_SYNA */
11833 }
11834 if (!addr)
11835 addr = drv->perm_addr;
11836
11837 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 0) < 0)
11838 return -1;
11839
11840 if (linux_set_ifhwaddr(drv->global->ioctl_sock, bss->ifname, addr) < 0)
11841 {
11842 wpa_printf(MSG_DEBUG,
11843 "nl80211: failed to set_mac_addr for %s to " MACSTR,
11844 bss->ifname, MAC2STR(addr));
11845 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname,
11846 1) < 0) {
11847 wpa_printf(MSG_DEBUG,
11848 "nl80211: Could not restore interface UP after failed set_mac_addr");
11849 }
11850 return -1;
11851 }
11852
11853 wpa_printf(MSG_DEBUG, "nl80211: set_mac_addr for %s to " MACSTR,
11854 bss->ifname, MAC2STR(addr));
11855 drv->addr_changed = new_addr;
11856 os_memcpy(bss->prev_addr, bss->addr, ETH_ALEN);
11857 os_memcpy(bss->addr, addr, ETH_ALEN);
11858
11859 if (linux_set_iface_flags(drv->global->ioctl_sock, bss->ifname, 1) < 0)
11860 {
11861 wpa_printf(MSG_DEBUG,
11862 "nl80211: Could not restore interface UP after set_mac_addr");
11863 }
11864
11865 return 0;
11866 }
11867
11868
11869 #ifdef CONFIG_MESH
11870
wpa_driver_nl80211_init_mesh(void * priv)11871 static int wpa_driver_nl80211_init_mesh(void *priv)
11872 {
11873 if (wpa_driver_nl80211_set_mode(priv, NL80211_IFTYPE_MESH_POINT)) {
11874 wpa_printf(MSG_INFO,
11875 "nl80211: Failed to set interface into mesh mode");
11876 return -1;
11877 }
11878 return 0;
11879 }
11880
11881
nl80211_put_mesh_id(struct nl_msg * msg,const u8 * mesh_id,size_t mesh_id_len)11882 static int nl80211_put_mesh_id(struct nl_msg *msg, const u8 *mesh_id,
11883 size_t mesh_id_len)
11884 {
11885 if (mesh_id) {
11886 wpa_printf(MSG_DEBUG, " * Mesh ID (SSID)=%s",
11887 wpa_ssid_txt(mesh_id, mesh_id_len));
11888 return nla_put(msg, NL80211_ATTR_MESH_ID, mesh_id_len, mesh_id);
11889 }
11890
11891 return 0;
11892 }
11893
11894
nl80211_put_mesh_config(struct nl_msg * msg,struct wpa_driver_mesh_bss_params * params)11895 static int nl80211_put_mesh_config(struct nl_msg *msg,
11896 struct wpa_driver_mesh_bss_params *params)
11897 {
11898 struct nlattr *container;
11899
11900 container = nla_nest_start(msg, NL80211_ATTR_MESH_CONFIG);
11901 if (!container)
11902 return -1;
11903
11904 if (((params->flags & WPA_DRIVER_MESH_CONF_FLAG_AUTO_PLINKS) &&
11905 nla_put_u8(msg, NL80211_MESHCONF_AUTO_OPEN_PLINKS,
11906 params->auto_plinks)) ||
11907 ((params->flags & WPA_DRIVER_MESH_CONF_FLAG_FORWARDING) &&
11908 nla_put_u8(msg, NL80211_MESHCONF_FORWARDING,
11909 params->forwarding)) ||
11910 ((params->flags & WPA_DRIVER_MESH_CONF_FLAG_MAX_PEER_LINKS) &&
11911 nla_put_u16(msg, NL80211_MESHCONF_MAX_PEER_LINKS,
11912 params->max_peer_links)) ||
11913 ((params->flags & WPA_DRIVER_MESH_CONF_FLAG_RSSI_THRESHOLD) &&
11914 nla_put_u32(msg, NL80211_MESHCONF_RSSI_THRESHOLD,
11915 params->rssi_threshold)))
11916 return -1;
11917
11918 /*
11919 * Set NL80211_MESHCONF_PLINK_TIMEOUT even if user mpm is used because
11920 * the timer could disconnect stations even in that case.
11921 */
11922 if ((params->flags & WPA_DRIVER_MESH_CONF_FLAG_PEER_LINK_TIMEOUT) &&
11923 nla_put_u32(msg, NL80211_MESHCONF_PLINK_TIMEOUT,
11924 params->peer_link_timeout)) {
11925 wpa_printf(MSG_ERROR, "nl80211: Failed to set PLINK_TIMEOUT");
11926 return -1;
11927 }
11928
11929 if ((params->flags & WPA_DRIVER_MESH_CONF_FLAG_HT_OP_MODE) &&
11930 nla_put_u16(msg, NL80211_MESHCONF_HT_OPMODE, params->ht_opmode)) {
11931 wpa_printf(MSG_ERROR, "nl80211: Failed to set HT_OP_MODE");
11932 return -1;
11933 }
11934
11935 nla_nest_end(msg, container);
11936
11937 return 0;
11938 }
11939
11940
nl80211_join_mesh(struct i802_bss * bss,struct wpa_driver_mesh_join_params * params)11941 static int nl80211_join_mesh(struct i802_bss *bss,
11942 struct wpa_driver_mesh_join_params *params)
11943 {
11944 struct wpa_driver_nl80211_data *drv = bss->drv;
11945 struct nl_msg *msg;
11946 struct nlattr *container;
11947 int ret = -1;
11948
11949 wpa_printf(MSG_DEBUG, "nl80211: mesh join (ifindex=%d)", drv->ifindex);
11950 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_JOIN_MESH);
11951 if (!msg ||
11952 nl80211_put_freq_params(msg, ¶ms->freq) ||
11953 nl80211_put_basic_rates(msg, params->basic_rates) ||
11954 nl80211_put_mesh_id(msg, params->meshid, params->meshid_len) ||
11955 nl80211_put_beacon_int(msg, params->beacon_int) ||
11956 nl80211_put_dtim_period(msg, params->dtim_period))
11957 goto fail;
11958
11959 wpa_printf(MSG_DEBUG, " * flags=%08X", params->flags);
11960
11961 if (params->handle_dfs && nla_put_flag(msg, NL80211_ATTR_HANDLE_DFS))
11962 goto fail;
11963
11964 container = nla_nest_start(msg, NL80211_ATTR_MESH_SETUP);
11965 if (!container)
11966 goto fail;
11967
11968 if (params->ies) {
11969 wpa_hexdump(MSG_DEBUG, " * IEs", params->ies, params->ie_len);
11970 if (nla_put(msg, NL80211_MESH_SETUP_IE, params->ie_len,
11971 params->ies))
11972 goto fail;
11973 }
11974 /* WPA_DRIVER_MESH_FLAG_OPEN_AUTH is treated as default by nl80211 */
11975 if (params->flags & WPA_DRIVER_MESH_FLAG_SAE_AUTH) {
11976 if (nla_put_u8(msg, NL80211_MESH_SETUP_AUTH_PROTOCOL, 0x1) ||
11977 nla_put_flag(msg, NL80211_MESH_SETUP_USERSPACE_AUTH))
11978 goto fail;
11979 }
11980 if ((params->flags & WPA_DRIVER_MESH_FLAG_AMPE) &&
11981 nla_put_flag(msg, NL80211_MESH_SETUP_USERSPACE_AMPE))
11982 goto fail;
11983 if ((params->flags & WPA_DRIVER_MESH_FLAG_USER_MPM) &&
11984 nla_put_flag(msg, NL80211_MESH_SETUP_USERSPACE_MPM))
11985 goto fail;
11986 nla_nest_end(msg, container);
11987
11988 params->conf.flags |= WPA_DRIVER_MESH_CONF_FLAG_AUTO_PLINKS;
11989 params->conf.flags |= WPA_DRIVER_MESH_CONF_FLAG_PEER_LINK_TIMEOUT;
11990 params->conf.flags |= WPA_DRIVER_MESH_CONF_FLAG_MAX_PEER_LINKS;
11991 if (nl80211_put_mesh_config(msg, ¶ms->conf) < 0)
11992 goto fail;
11993
11994 ret = send_and_recv_msgs_connect_handle(drv, msg, bss, 1);
11995 msg = NULL;
11996 if (ret) {
11997 wpa_printf(MSG_DEBUG, "nl80211: mesh join failed: ret=%d (%s)",
11998 ret, strerror(-ret));
11999 goto fail;
12000 }
12001 ret = 0;
12002 drv->assoc_freq = bss->flink->freq = params->freq.freq;
12003 wpa_printf(MSG_DEBUG, "nl80211: mesh join request send successfully");
12004
12005 fail:
12006 nlmsg_free(msg);
12007 return ret;
12008 }
12009
12010
12011 static int
wpa_driver_nl80211_join_mesh(void * priv,struct wpa_driver_mesh_join_params * params)12012 wpa_driver_nl80211_join_mesh(void *priv,
12013 struct wpa_driver_mesh_join_params *params)
12014 {
12015 struct i802_bss *bss = priv;
12016 int ret, timeout;
12017
12018 timeout = params->conf.peer_link_timeout;
12019
12020 /* Disable kernel inactivity timer */
12021 if (params->flags & WPA_DRIVER_MESH_FLAG_USER_MPM)
12022 params->conf.peer_link_timeout = 0;
12023
12024 ret = nl80211_join_mesh(bss, params);
12025 if (ret == -EINVAL && params->conf.peer_link_timeout == 0) {
12026 wpa_printf(MSG_DEBUG,
12027 "nl80211: Mesh join retry for peer_link_timeout");
12028 /*
12029 * Old kernel does not support setting
12030 * NL80211_MESHCONF_PLINK_TIMEOUT to zero, so set 60 seconds
12031 * into future from peer_link_timeout.
12032 */
12033 params->conf.peer_link_timeout = timeout + 60;
12034 ret = nl80211_join_mesh(priv, params);
12035 }
12036
12037 params->conf.peer_link_timeout = timeout;
12038 return ret;
12039 }
12040
12041
wpa_driver_nl80211_leave_mesh(void * priv)12042 static int wpa_driver_nl80211_leave_mesh(void *priv)
12043 {
12044 struct i802_bss *bss = priv;
12045 struct wpa_driver_nl80211_data *drv = bss->drv;
12046 struct nl_msg *msg;
12047 int ret;
12048
12049 wpa_printf(MSG_DEBUG, "nl80211: mesh leave (ifindex=%d)", drv->ifindex);
12050 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_LEAVE_MESH);
12051 ret = send_and_recv_msgs_connect_handle(drv, msg, bss, 0);
12052 if (ret) {
12053 wpa_printf(MSG_DEBUG, "nl80211: mesh leave failed: ret=%d (%s)",
12054 ret, strerror(-ret));
12055 } else {
12056 wpa_printf(MSG_DEBUG,
12057 "nl80211: mesh leave request send successfully");
12058 drv->first_bss->flink->freq = 0;
12059 }
12060
12061 if (drv->start_mode_sta &&
12062 wpa_driver_nl80211_set_mode(drv->first_bss,
12063 NL80211_IFTYPE_STATION)) {
12064 wpa_printf(MSG_INFO,
12065 "nl80211: Failed to set interface into station mode");
12066 }
12067 return ret;
12068 }
12069
12070
nl80211_probe_mesh_link(void * priv,const u8 * addr,const u8 * eth,size_t len)12071 static int nl80211_probe_mesh_link(void *priv, const u8 *addr, const u8 *eth,
12072 size_t len)
12073 {
12074 struct i802_bss *bss = priv;
12075 struct wpa_driver_nl80211_data *drv = bss->drv;
12076 struct nl_msg *msg;
12077 int ret;
12078
12079 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_PROBE_MESH_LINK);
12080 if (!msg ||
12081 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr) ||
12082 nla_put(msg, NL80211_ATTR_FRAME, len, eth)) {
12083 nlmsg_free(msg);
12084 return -ENOBUFS;
12085 }
12086
12087 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
12088 if (ret) {
12089 wpa_printf(MSG_DEBUG, "nl80211: mesh link probe to " MACSTR
12090 " failed: ret=%d (%s)",
12091 MAC2STR(addr), ret, strerror(-ret));
12092 } else {
12093 wpa_printf(MSG_DEBUG, "nl80211: Mesh link to " MACSTR
12094 " probed successfully", MAC2STR(addr));
12095 }
12096
12097 return ret;
12098 }
12099
12100 #endif /* CONFIG_MESH */
12101
12102
wpa_driver_br_add_ip_neigh(void * priv,u8 version,const u8 * ipaddr,int prefixlen,const u8 * addr)12103 static int wpa_driver_br_add_ip_neigh(void *priv, u8 version,
12104 const u8 *ipaddr, int prefixlen,
12105 const u8 *addr)
12106 {
12107 #ifdef CONFIG_LIBNL3_ROUTE
12108 struct i802_bss *bss = priv;
12109 struct wpa_driver_nl80211_data *drv = bss->drv;
12110 struct rtnl_neigh *rn;
12111 struct nl_addr *nl_ipaddr = NULL;
12112 struct nl_addr *nl_lladdr = NULL;
12113 int family, addrsize;
12114 int res;
12115
12116 if (!ipaddr || prefixlen == 0 || !addr)
12117 return -EINVAL;
12118
12119 if (bss->br_ifindex == 0) {
12120 wpa_printf(MSG_DEBUG,
12121 "nl80211: bridge must be set before adding an ip neigh to it");
12122 return -1;
12123 }
12124
12125 if (!drv->rtnl_sk) {
12126 wpa_printf(MSG_DEBUG,
12127 "nl80211: nl_sock for NETLINK_ROUTE is not initialized");
12128 return -1;
12129 }
12130
12131 if (version == 4) {
12132 family = AF_INET;
12133 addrsize = 4;
12134 } else if (version == 6) {
12135 family = AF_INET6;
12136 addrsize = 16;
12137 } else {
12138 return -EINVAL;
12139 }
12140
12141 rn = rtnl_neigh_alloc();
12142 if (rn == NULL)
12143 return -ENOMEM;
12144
12145 /* set the destination ip address for neigh */
12146 nl_ipaddr = nl_addr_build(family, (void *) ipaddr, addrsize);
12147 if (nl_ipaddr == NULL) {
12148 wpa_printf(MSG_DEBUG, "nl80211: nl_ipaddr build failed");
12149 res = -ENOMEM;
12150 goto errout;
12151 }
12152 nl_addr_set_prefixlen(nl_ipaddr, prefixlen);
12153 res = rtnl_neigh_set_dst(rn, nl_ipaddr);
12154 if (res) {
12155 wpa_printf(MSG_DEBUG,
12156 "nl80211: neigh set destination addr failed");
12157 goto errout;
12158 }
12159
12160 /* set the corresponding lladdr for neigh */
12161 nl_lladdr = nl_addr_build(AF_BRIDGE, (u8 *) addr, ETH_ALEN);
12162 if (nl_lladdr == NULL) {
12163 wpa_printf(MSG_DEBUG, "nl80211: neigh set lladdr failed");
12164 res = -ENOMEM;
12165 goto errout;
12166 }
12167 rtnl_neigh_set_lladdr(rn, nl_lladdr);
12168
12169 rtnl_neigh_set_ifindex(rn, bss->br_ifindex);
12170 rtnl_neigh_set_state(rn, NUD_PERMANENT);
12171
12172 res = rtnl_neigh_add(drv->rtnl_sk, rn, NLM_F_CREATE);
12173 if (res) {
12174 wpa_printf(MSG_DEBUG,
12175 "nl80211: Adding bridge ip neigh failed: %s",
12176 nl_geterror(res));
12177 }
12178 errout:
12179 if (nl_lladdr)
12180 nl_addr_put(nl_lladdr);
12181 if (nl_ipaddr)
12182 nl_addr_put(nl_ipaddr);
12183 if (rn)
12184 rtnl_neigh_put(rn);
12185 return res;
12186 #else /* CONFIG_LIBNL3_ROUTE */
12187 return -1;
12188 #endif /* CONFIG_LIBNL3_ROUTE */
12189 }
12190
12191
wpa_driver_br_delete_ip_neigh(void * priv,u8 version,const u8 * ipaddr)12192 static int wpa_driver_br_delete_ip_neigh(void *priv, u8 version,
12193 const u8 *ipaddr)
12194 {
12195 #ifdef CONFIG_LIBNL3_ROUTE
12196 struct i802_bss *bss = priv;
12197 struct wpa_driver_nl80211_data *drv = bss->drv;
12198 struct rtnl_neigh *rn;
12199 struct nl_addr *nl_ipaddr;
12200 int family, addrsize;
12201 int res;
12202
12203 if (!ipaddr)
12204 return -EINVAL;
12205
12206 if (version == 4) {
12207 family = AF_INET;
12208 addrsize = 4;
12209 } else if (version == 6) {
12210 family = AF_INET6;
12211 addrsize = 16;
12212 } else {
12213 return -EINVAL;
12214 }
12215
12216 if (bss->br_ifindex == 0) {
12217 wpa_printf(MSG_DEBUG,
12218 "nl80211: bridge must be set to delete an ip neigh");
12219 return -1;
12220 }
12221
12222 if (!drv->rtnl_sk) {
12223 wpa_printf(MSG_DEBUG,
12224 "nl80211: nl_sock for NETLINK_ROUTE is not initialized");
12225 return -1;
12226 }
12227
12228 rn = rtnl_neigh_alloc();
12229 if (rn == NULL)
12230 return -ENOMEM;
12231
12232 /* set the destination ip address for neigh */
12233 nl_ipaddr = nl_addr_build(family, (void *) ipaddr, addrsize);
12234 if (nl_ipaddr == NULL) {
12235 wpa_printf(MSG_DEBUG, "nl80211: nl_ipaddr build failed");
12236 res = -ENOMEM;
12237 goto errout;
12238 }
12239 res = rtnl_neigh_set_dst(rn, nl_ipaddr);
12240 if (res) {
12241 wpa_printf(MSG_DEBUG,
12242 "nl80211: neigh set destination addr failed");
12243 goto errout;
12244 }
12245
12246 rtnl_neigh_set_ifindex(rn, bss->br_ifindex);
12247
12248 res = rtnl_neigh_delete(drv->rtnl_sk, rn, 0);
12249 if (res) {
12250 wpa_printf(MSG_DEBUG,
12251 "nl80211: Deleting bridge ip neigh failed: %s",
12252 nl_geterror(res));
12253 }
12254 errout:
12255 if (nl_ipaddr)
12256 nl_addr_put(nl_ipaddr);
12257 if (rn)
12258 rtnl_neigh_put(rn);
12259 return res;
12260 #else /* CONFIG_LIBNL3_ROUTE */
12261 return -1;
12262 #endif /* CONFIG_LIBNL3_ROUTE */
12263 }
12264
12265
linux_write_system_file(const char * path,unsigned int val)12266 static int linux_write_system_file(const char *path, unsigned int val)
12267 {
12268 char buf[50];
12269 int fd, len;
12270
12271 len = os_snprintf(buf, sizeof(buf), "%u\n", val);
12272 if (os_snprintf_error(sizeof(buf), len))
12273 return -1;
12274
12275 fd = open(path, O_WRONLY);
12276 if (fd < 0)
12277 return -1;
12278
12279 if (write(fd, buf, len) < 0) {
12280 wpa_printf(MSG_DEBUG,
12281 "nl80211: Failed to write Linux system file: %s with the value of %d",
12282 path, val);
12283 close(fd);
12284 return -1;
12285 }
12286 close(fd);
12287
12288 return 0;
12289 }
12290
12291
drv_br_port_attr_str(enum drv_br_port_attr attr)12292 static const char * drv_br_port_attr_str(enum drv_br_port_attr attr)
12293 {
12294 switch (attr) {
12295 case DRV_BR_PORT_ATTR_PROXYARP:
12296 return "proxyarp_wifi";
12297 case DRV_BR_PORT_ATTR_HAIRPIN_MODE:
12298 return "hairpin_mode";
12299 case DRV_BR_PORT_ATTR_MCAST2UCAST:
12300 return "multicast_to_unicast";
12301 }
12302
12303 return NULL;
12304 }
12305
12306
wpa_driver_br_port_set_attr(void * priv,enum drv_br_port_attr attr,unsigned int val)12307 static int wpa_driver_br_port_set_attr(void *priv, enum drv_br_port_attr attr,
12308 unsigned int val)
12309 {
12310 struct i802_bss *bss = priv;
12311 char path[128];
12312 const char *attr_txt;
12313
12314 attr_txt = drv_br_port_attr_str(attr);
12315 if (attr_txt == NULL)
12316 return -EINVAL;
12317
12318 os_snprintf(path, sizeof(path), "/sys/class/net/%s/brport/%s",
12319 bss->ifname, attr_txt);
12320
12321 if (linux_write_system_file(path, val))
12322 return -1;
12323
12324 return 0;
12325 }
12326
12327
drv_br_net_param_str(enum drv_br_net_param param)12328 static const char * drv_br_net_param_str(enum drv_br_net_param param)
12329 {
12330 switch (param) {
12331 case DRV_BR_NET_PARAM_GARP_ACCEPT:
12332 return "arp_accept";
12333 default:
12334 return NULL;
12335 }
12336 }
12337
12338
wpa_driver_br_set_net_param(void * priv,enum drv_br_net_param param,unsigned int val)12339 static int wpa_driver_br_set_net_param(void *priv, enum drv_br_net_param param,
12340 unsigned int val)
12341 {
12342 struct i802_bss *bss = priv;
12343 char path[128];
12344 const char *param_txt;
12345 int ip_version = 4;
12346
12347 if (param == DRV_BR_MULTICAST_SNOOPING) {
12348 os_snprintf(path, sizeof(path),
12349 "/sys/devices/virtual/net/%s/bridge/multicast_snooping",
12350 bss->brname);
12351 goto set_val;
12352 }
12353
12354 param_txt = drv_br_net_param_str(param);
12355 if (param_txt == NULL)
12356 return -EINVAL;
12357
12358 switch (param) {
12359 case DRV_BR_NET_PARAM_GARP_ACCEPT:
12360 ip_version = 4;
12361 break;
12362 default:
12363 return -EINVAL;
12364 }
12365
12366 os_snprintf(path, sizeof(path), "/proc/sys/net/ipv%d/conf/%s/%s",
12367 ip_version, bss->brname, param_txt);
12368
12369 set_val:
12370 if (linux_write_system_file(path, val))
12371 return -1;
12372
12373 return 0;
12374 }
12375
12376
12377 #ifdef CONFIG_DRIVER_NL80211_QCA
12378
hw_mode_to_qca_acs(enum hostapd_hw_mode hw_mode)12379 static int hw_mode_to_qca_acs(enum hostapd_hw_mode hw_mode)
12380 {
12381 switch (hw_mode) {
12382 case HOSTAPD_MODE_IEEE80211B:
12383 return QCA_ACS_MODE_IEEE80211B;
12384 case HOSTAPD_MODE_IEEE80211G:
12385 return QCA_ACS_MODE_IEEE80211G;
12386 case HOSTAPD_MODE_IEEE80211A:
12387 return QCA_ACS_MODE_IEEE80211A;
12388 case HOSTAPD_MODE_IEEE80211AD:
12389 return QCA_ACS_MODE_IEEE80211AD;
12390 case HOSTAPD_MODE_IEEE80211ANY:
12391 return QCA_ACS_MODE_IEEE80211ANY;
12392 default:
12393 return -1;
12394 }
12395 }
12396
12397
add_acs_ch_list(struct nl_msg * msg,const int * freq_list)12398 static int add_acs_ch_list(struct nl_msg *msg, const int *freq_list)
12399 {
12400 int num_channels = 0, num_freqs;
12401 u8 *ch_list;
12402 enum hostapd_hw_mode hw_mode;
12403 int ret = 0;
12404 int i;
12405
12406 if (!freq_list)
12407 return 0;
12408
12409 num_freqs = int_array_len(freq_list);
12410 ch_list = os_malloc(sizeof(u8) * num_freqs);
12411 if (!ch_list)
12412 return -1;
12413
12414 for (i = 0; i < num_freqs; i++) {
12415 const int freq = freq_list[i];
12416
12417 if (freq == 0)
12418 break;
12419 /* Send 2.4 GHz and 5 GHz channels with
12420 * QCA_WLAN_VENDOR_ATTR_ACS_CH_LIST to maintain backwards
12421 * compatibility.
12422 */
12423 if (!(freq >= 2412 && freq <= 2484) &&
12424 !(freq >= 5180 && freq <= 5900) &&
12425 !(freq >= 5945 && freq <= 7115))
12426 continue;
12427 hw_mode = ieee80211_freq_to_chan(freq, &ch_list[num_channels]);
12428 if (hw_mode != NUM_HOSTAPD_MODES)
12429 num_channels++;
12430 }
12431
12432 if (num_channels)
12433 ret = nla_put(msg, QCA_WLAN_VENDOR_ATTR_ACS_CH_LIST,
12434 num_channels, ch_list);
12435
12436 os_free(ch_list);
12437 return ret;
12438 }
12439
12440
add_acs_freq_list(struct nl_msg * msg,const int * freq_list)12441 static int add_acs_freq_list(struct nl_msg *msg, const int *freq_list)
12442 {
12443 int i, len, ret;
12444 u32 *freqs;
12445
12446 if (!freq_list)
12447 return 0;
12448 len = int_array_len(freq_list);
12449 freqs = os_malloc(sizeof(u32) * len);
12450 if (!freqs)
12451 return -1;
12452 for (i = 0; i < len; i++)
12453 freqs[i] = freq_list[i];
12454 ret = nla_put(msg, QCA_WLAN_VENDOR_ATTR_ACS_FREQ_LIST,
12455 sizeof(u32) * len, freqs);
12456 os_free(freqs);
12457 return ret;
12458 }
12459
12460
nl80211_qca_do_acs(struct wpa_driver_nl80211_data * drv,struct drv_acs_params * params)12461 static int nl80211_qca_do_acs(struct wpa_driver_nl80211_data *drv,
12462 struct drv_acs_params *params)
12463 {
12464 struct nl_msg *msg;
12465 struct nlattr *data;
12466 int ret;
12467 int mode;
12468
12469 mode = hw_mode_to_qca_acs(params->hw_mode);
12470 if (mode < 0)
12471 return -1;
12472
12473 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) ||
12474 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) ||
12475 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD,
12476 QCA_NL80211_VENDOR_SUBCMD_DO_ACS) ||
12477 !(data = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) ||
12478 nla_put_u8(msg, QCA_WLAN_VENDOR_ATTR_ACS_HW_MODE, mode) ||
12479 (params->ht_enabled &&
12480 nla_put_flag(msg, QCA_WLAN_VENDOR_ATTR_ACS_HT_ENABLED)) ||
12481 (params->ht40_enabled &&
12482 nla_put_flag(msg, QCA_WLAN_VENDOR_ATTR_ACS_HT40_ENABLED)) ||
12483 (params->vht_enabled &&
12484 nla_put_flag(msg, QCA_WLAN_VENDOR_ATTR_ACS_VHT_ENABLED)) ||
12485 (params->eht_enabled &&
12486 nla_put_flag(msg, QCA_WLAN_VENDOR_ATTR_ACS_EHT_ENABLED)) ||
12487 nla_put_u16(msg, QCA_WLAN_VENDOR_ATTR_ACS_CHWIDTH,
12488 params->ch_width) ||
12489 add_acs_ch_list(msg, params->freq_list) ||
12490 add_acs_freq_list(msg, params->freq_list) ||
12491 (params->edmg_enabled &&
12492 nla_put_flag(msg, QCA_WLAN_VENDOR_ATTR_ACS_EDMG_ENABLED))) {
12493 nlmsg_free(msg);
12494 return -ENOBUFS;
12495 }
12496 nla_nest_end(msg, data);
12497
12498 wpa_printf(MSG_DEBUG,
12499 "nl80211: ACS Params: HW_MODE: %d HT: %d HT40: %d VHT: %d EHT: %d BW: %d EDMG: %d",
12500 params->hw_mode, params->ht_enabled, params->ht40_enabled,
12501 params->vht_enabled, params->eht_enabled, params->ch_width,
12502 params->edmg_enabled);
12503
12504 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
12505 if (ret) {
12506 wpa_printf(MSG_DEBUG,
12507 "nl80211: Failed to invoke driver ACS function: %s",
12508 strerror(-ret));
12509 }
12510 return ret;
12511 }
12512
12513
nl80211_set_band(void * priv,u32 band_mask)12514 static int nl80211_set_band(void *priv, u32 band_mask)
12515 {
12516 struct i802_bss *bss = priv;
12517 struct wpa_driver_nl80211_data *drv = bss->drv;
12518 struct nl_msg *msg;
12519 struct nlattr *data;
12520 int ret;
12521 enum qca_set_band qca_band_value;
12522 u32 qca_band_mask = QCA_SETBAND_AUTO;
12523
12524 if (!drv->setband_vendor_cmd_avail ||
12525 (band_mask > (WPA_SETBAND_2G | WPA_SETBAND_5G | WPA_SETBAND_6G)))
12526 return -1;
12527
12528 if (band_mask & WPA_SETBAND_5G)
12529 qca_band_mask |= QCA_SETBAND_5G;
12530 if (band_mask & WPA_SETBAND_2G)
12531 qca_band_mask |= QCA_SETBAND_2G;
12532 if (band_mask & WPA_SETBAND_6G)
12533 qca_band_mask |= QCA_SETBAND_6G;
12534
12535 /*
12536 * QCA_WLAN_VENDOR_ATTR_SETBAND_VALUE is a legacy interface hence make
12537 * it suite to its values (AUTO/5G/2G) for backwards compatibility.
12538 */
12539 qca_band_value = ((qca_band_mask & QCA_SETBAND_5G) &&
12540 (qca_band_mask & QCA_SETBAND_2G)) ?
12541 QCA_SETBAND_AUTO :
12542 qca_band_mask & ~QCA_SETBAND_6G;
12543
12544 wpa_printf(MSG_DEBUG,
12545 "nl80211: QCA_BAND_MASK = 0x%x, QCA_BAND_VALUE = %d",
12546 qca_band_mask, qca_band_value);
12547
12548 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) ||
12549 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) ||
12550 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD,
12551 QCA_NL80211_VENDOR_SUBCMD_SETBAND) ||
12552 !(data = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) ||
12553 nla_put_u32(msg, QCA_WLAN_VENDOR_ATTR_SETBAND_VALUE,
12554 qca_band_value) ||
12555 nla_put_u32(msg, QCA_WLAN_VENDOR_ATTR_SETBAND_MASK,
12556 qca_band_mask)) {
12557 nlmsg_free(msg);
12558 return -ENOBUFS;
12559 }
12560 nla_nest_end(msg, data);
12561
12562 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
12563 if (ret) {
12564 wpa_printf(MSG_DEBUG,
12565 "nl80211: Driver setband function failed: %s",
12566 strerror(-ret));
12567 }
12568 return ret;
12569 }
12570
12571
12572 struct nl80211_pcl {
12573 unsigned int num;
12574 struct weighted_pcl *freq_list;
12575 };
12576
get_pcl_attr_values(struct weighted_pcl * wpcl,struct nlattr * nl[])12577 static void get_pcl_attr_values(struct weighted_pcl *wpcl, struct nlattr *nl[])
12578 {
12579 if (nl[QCA_WLAN_VENDOR_ATTR_PCL_FREQ])
12580 wpcl->freq = nla_get_u32(nl[QCA_WLAN_VENDOR_ATTR_PCL_FREQ]);
12581 if (nl[QCA_WLAN_VENDOR_ATTR_PCL_WEIGHT])
12582 wpcl->weight = nla_get_u8(nl[QCA_WLAN_VENDOR_ATTR_PCL_WEIGHT]);
12583 if (nl[QCA_WLAN_VENDOR_ATTR_PCL_FLAG]) {
12584 u32 flags = nla_get_u32(nl[QCA_WLAN_VENDOR_ATTR_PCL_FLAG]);
12585
12586 wpcl->flag = 0;
12587 if (flags & BIT(0))
12588 wpcl->flag |= WEIGHTED_PCL_GO;
12589 if (flags & BIT(1))
12590 wpcl->flag |= WEIGHTED_PCL_CLI;
12591 if (flags & BIT(2))
12592 wpcl->flag |= WEIGHTED_PCL_MUST_CONSIDER;
12593 if (flags & BIT(3))
12594 wpcl->flag |= WEIGHTED_PCL_EXCLUDE;
12595 } else {
12596 wpcl->flag = WEIGHTED_PCL_GO | WEIGHTED_PCL_CLI;
12597 }
12598 }
12599
12600
preferred_freq_info_handler(struct nl_msg * msg,void * arg)12601 static int preferred_freq_info_handler(struct nl_msg *msg, void *arg)
12602 {
12603 struct nlattr *tb[NL80211_ATTR_MAX + 1];
12604 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
12605 struct nl80211_pcl *param = arg;
12606 struct nlattr *nl_vend, *attr;
12607 enum qca_iface_type iface_type;
12608 struct nlattr *tb_vendor[QCA_WLAN_VENDOR_ATTR_MAX + 1];
12609 struct nlattr *nl_pcl[QCA_WLAN_VENDOR_ATTR_PCL_MAX + 1];
12610 unsigned int num, max_num;
12611 u32 *freqs;
12612
12613 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
12614 genlmsg_attrlen(gnlh, 0), NULL);
12615
12616 nl_vend = tb[NL80211_ATTR_VENDOR_DATA];
12617 if (!nl_vend)
12618 return NL_SKIP;
12619
12620 nla_parse(tb_vendor, QCA_WLAN_VENDOR_ATTR_MAX,
12621 nla_data(nl_vend), nla_len(nl_vend), NULL);
12622
12623 attr = tb_vendor[
12624 QCA_WLAN_VENDOR_ATTR_GET_PREFERRED_FREQ_LIST_IFACE_TYPE];
12625 if (!attr) {
12626 wpa_printf(MSG_ERROR, "nl80211: iface_type couldn't be found");
12627 param->num = 0;
12628 return NL_SKIP;
12629 }
12630
12631 iface_type = (enum qca_iface_type) nla_get_u32(attr);
12632 wpa_printf(MSG_DEBUG, "nl80211: Driver returned iface_type=%d",
12633 iface_type);
12634
12635 attr = tb_vendor[
12636 QCA_WLAN_VENDOR_ATTR_GET_PREFERRED_FREQ_LIST_WEIGHED_PCL];
12637 if (attr) {
12638 int rem;
12639 struct nlattr *wpcl = attr;
12640 unsigned int i;
12641
12642 num = 0;
12643 nla_for_each_nested(attr, wpcl, rem) {
12644 if (num == param->num)
12645 break; /* not enough room for all entries */
12646 if (nla_parse(nl_pcl, QCA_WLAN_VENDOR_ATTR_PCL_MAX,
12647 nla_data(attr), nla_len(attr), NULL)) {
12648 wpa_printf(MSG_ERROR,
12649 "nl80211: Failed to parse PCL info");
12650 param->num = 0;
12651 return NL_SKIP;
12652 }
12653 get_pcl_attr_values(¶m->freq_list[num], nl_pcl);
12654 num++;
12655 }
12656 param->num = num;
12657
12658 /* Sort frequencies based on their weight */
12659 for (i = 0; i < num; i++) {
12660 unsigned int j;
12661
12662 for (j = i + 1; j < num; j++) {
12663 if (param->freq_list[i].weight <
12664 param->freq_list[j].weight) {
12665 struct weighted_pcl tmp;
12666
12667 tmp = param->freq_list[i];
12668 param->freq_list[i] =
12669 param->freq_list[j];
12670 param->freq_list[j] = tmp;
12671 }
12672 }
12673 }
12674 } else if (tb_vendor[QCA_WLAN_VENDOR_ATTR_GET_PREFERRED_FREQ_LIST]) {
12675 wpa_printf(MSG_DEBUG,
12676 "nl80211: Driver does not provide weighted PCL; use the non-weighted variant");
12677 attr = tb_vendor[QCA_WLAN_VENDOR_ATTR_GET_PREFERRED_FREQ_LIST];
12678 /*
12679 * param->num has the maximum number of entries for which there
12680 * is room in the freq_list provided by the caller.
12681 */
12682 freqs = nla_data(attr);
12683 max_num = nla_len(attr) / sizeof(u32);
12684 if (max_num > param->num)
12685 max_num = param->num;
12686 for (num = 0; num < max_num; num++) {
12687 param->freq_list[num].freq = freqs[num];
12688 param->freq_list[num].flag =
12689 WEIGHTED_PCL_GO | WEIGHTED_PCL_CLI;
12690 }
12691 param->num = num;
12692 } else {
12693 wpa_printf(MSG_ERROR,
12694 "nl80211: preferred_freq_list couldn't be found");
12695 param->num = 0;
12696 return NL_SKIP;
12697 }
12698 return NL_SKIP;
12699 }
12700
12701
nl80211_get_pref_freq_list(void * priv,enum wpa_driver_if_type if_type,unsigned int * num,struct weighted_pcl * freq_list)12702 static int nl80211_get_pref_freq_list(void *priv,
12703 enum wpa_driver_if_type if_type,
12704 unsigned int *num,
12705 struct weighted_pcl *freq_list)
12706 {
12707 struct i802_bss *bss = priv;
12708 struct wpa_driver_nl80211_data *drv = bss->drv;
12709 struct nl_msg *msg;
12710 int ret;
12711 unsigned int i;
12712 struct nlattr *params;
12713 struct nl80211_pcl param;
12714 enum qca_iface_type iface_type;
12715
12716 if (!drv->get_pref_freq_list)
12717 return -1;
12718
12719 switch (if_type) {
12720 case WPA_IF_STATION:
12721 iface_type = QCA_IFACE_TYPE_STA;
12722 break;
12723 case WPA_IF_AP_BSS:
12724 iface_type = QCA_IFACE_TYPE_AP;
12725 break;
12726 case WPA_IF_P2P_GO:
12727 iface_type = QCA_IFACE_TYPE_P2P_GO;
12728 break;
12729 case WPA_IF_P2P_CLIENT:
12730 iface_type = QCA_IFACE_TYPE_P2P_CLIENT;
12731 break;
12732 case WPA_IF_IBSS:
12733 iface_type = QCA_IFACE_TYPE_IBSS;
12734 break;
12735 case WPA_IF_TDLS:
12736 iface_type = QCA_IFACE_TYPE_TDLS;
12737 break;
12738 default:
12739 return -1;
12740 }
12741
12742 param.num = *num;
12743 param.freq_list = freq_list;
12744
12745 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) ||
12746 nla_put_u32(msg, NL80211_ATTR_IFINDEX, drv->ifindex) ||
12747 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) ||
12748 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD,
12749 QCA_NL80211_VENDOR_SUBCMD_GET_PREFERRED_FREQ_LIST) ||
12750 !(params = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) ||
12751 nla_put_u32(msg,
12752 QCA_WLAN_VENDOR_ATTR_GET_PREFERRED_FREQ_LIST_IFACE_TYPE,
12753 iface_type)) {
12754 wpa_printf(MSG_ERROR,
12755 "%s: err in adding vendor_cmd and vendor_data",
12756 __func__);
12757 nlmsg_free(msg);
12758 return -1;
12759 }
12760 nla_nest_end(msg, params);
12761
12762 if (freq_list)
12763 os_memset(freq_list, 0, *num * sizeof(struct weighted_pcl));
12764 ret = send_and_recv_msgs(drv, msg, preferred_freq_info_handler, ¶m,
12765 NULL, NULL);
12766 if (ret) {
12767 wpa_printf(MSG_ERROR,
12768 "%s: err in send_and_recv_msgs", __func__);
12769 return ret;
12770 }
12771
12772 *num = param.num;
12773
12774 for (i = 0; i < *num; i++) {
12775 wpa_printf(MSG_DEBUG,
12776 "nl80211: preferred_channel_list[%d]=%d[%d]:0x%x",
12777 i, freq_list[i].freq, freq_list[i].weight,
12778 freq_list[i].flag);
12779 }
12780
12781 return 0;
12782 }
12783
12784
nl80211_set_prob_oper_freq(void * priv,unsigned int freq)12785 static int nl80211_set_prob_oper_freq(void *priv, unsigned int freq)
12786 {
12787 struct i802_bss *bss = priv;
12788 struct wpa_driver_nl80211_data *drv = bss->drv;
12789 struct nl_msg *msg;
12790 int ret;
12791 struct nlattr *params;
12792
12793 if (!drv->set_prob_oper_freq)
12794 return -1;
12795
12796 wpa_printf(MSG_DEBUG,
12797 "nl80211: Set P2P probable operating freq %u for ifindex %d",
12798 freq, bss->ifindex);
12799
12800 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) ||
12801 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) ||
12802 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD,
12803 QCA_NL80211_VENDOR_SUBCMD_SET_PROBABLE_OPER_CHANNEL) ||
12804 !(params = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) ||
12805 nla_put_u32(msg,
12806 QCA_WLAN_VENDOR_ATTR_PROBABLE_OPER_CHANNEL_IFACE_TYPE,
12807 QCA_IFACE_TYPE_P2P_CLIENT) ||
12808 nla_put_u32(msg,
12809 QCA_WLAN_VENDOR_ATTR_PROBABLE_OPER_CHANNEL_FREQ,
12810 freq)) {
12811 wpa_printf(MSG_ERROR,
12812 "%s: err in adding vendor_cmd and vendor_data",
12813 __func__);
12814 nlmsg_free(msg);
12815 return -1;
12816 }
12817 nla_nest_end(msg, params);
12818
12819 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
12820 msg = NULL;
12821 if (ret) {
12822 wpa_printf(MSG_ERROR, "%s: err in send_and_recv_msgs",
12823 __func__);
12824 return ret;
12825 }
12826 nlmsg_free(msg);
12827 return 0;
12828 }
12829
12830
nl80211_p2p_lo_start(void * priv,unsigned int freq,unsigned int period,unsigned int interval,unsigned int count,const u8 * device_types,size_t dev_types_len,const u8 * ies,size_t ies_len)12831 static int nl80211_p2p_lo_start(void *priv, unsigned int freq,
12832 unsigned int period, unsigned int interval,
12833 unsigned int count, const u8 *device_types,
12834 size_t dev_types_len,
12835 const u8 *ies, size_t ies_len)
12836 {
12837 struct i802_bss *bss = priv;
12838 struct wpa_driver_nl80211_data *drv = bss->drv;
12839 struct nl_msg *msg;
12840 struct nlattr *container;
12841 int ret;
12842
12843 wpa_printf(MSG_DEBUG,
12844 "nl80211: Start P2P Listen offload: freq=%u, period=%u, interval=%u, count=%u",
12845 freq, period, interval, count);
12846
12847 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_P2P_LISTEN_OFFLOAD))
12848 return -1;
12849
12850 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) ||
12851 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) ||
12852 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD,
12853 QCA_NL80211_VENDOR_SUBCMD_P2P_LISTEN_OFFLOAD_START))
12854 goto fail;
12855
12856 container = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA);
12857 if (!container)
12858 goto fail;
12859
12860 if (nla_put_u32(msg, QCA_WLAN_VENDOR_ATTR_P2P_LISTEN_OFFLOAD_CHANNEL,
12861 freq) ||
12862 nla_put_u32(msg, QCA_WLAN_VENDOR_ATTR_P2P_LISTEN_OFFLOAD_PERIOD,
12863 period) ||
12864 nla_put_u32(msg, QCA_WLAN_VENDOR_ATTR_P2P_LISTEN_OFFLOAD_INTERVAL,
12865 interval) ||
12866 nla_put_u32(msg, QCA_WLAN_VENDOR_ATTR_P2P_LISTEN_OFFLOAD_COUNT,
12867 count) ||
12868 nla_put(msg, QCA_WLAN_VENDOR_ATTR_P2P_LISTEN_OFFLOAD_DEVICE_TYPES,
12869 dev_types_len, device_types) ||
12870 nla_put(msg, QCA_WLAN_VENDOR_ATTR_P2P_LISTEN_OFFLOAD_VENDOR_IE,
12871 ies_len, ies))
12872 goto fail;
12873
12874 nla_nest_end(msg, container);
12875 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
12876 msg = NULL;
12877 if (ret) {
12878 wpa_printf(MSG_DEBUG,
12879 "nl80211: Failed to send P2P Listen offload vendor command");
12880 goto fail;
12881 }
12882
12883 return 0;
12884
12885 fail:
12886 nlmsg_free(msg);
12887 return -1;
12888 }
12889
12890
nl80211_p2p_lo_stop(void * priv)12891 static int nl80211_p2p_lo_stop(void *priv)
12892 {
12893 struct i802_bss *bss = priv;
12894 struct wpa_driver_nl80211_data *drv = bss->drv;
12895 struct nl_msg *msg;
12896
12897 wpa_printf(MSG_DEBUG, "nl80211: Stop P2P Listen offload");
12898
12899 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_P2P_LISTEN_OFFLOAD))
12900 return -1;
12901
12902 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) ||
12903 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) ||
12904 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD,
12905 QCA_NL80211_VENDOR_SUBCMD_P2P_LISTEN_OFFLOAD_STOP)) {
12906 nlmsg_free(msg);
12907 return -1;
12908 }
12909
12910 return send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
12911 }
12912
12913
nl80211_set_tdls_mode(void * priv,int tdls_external_control)12914 static int nl80211_set_tdls_mode(void *priv, int tdls_external_control)
12915 {
12916 struct i802_bss *bss = priv;
12917 struct wpa_driver_nl80211_data *drv = bss->drv;
12918 struct nl_msg *msg;
12919 struct nlattr *params;
12920 int ret;
12921 u32 tdls_mode;
12922
12923 wpa_printf(MSG_DEBUG,
12924 "nl80211: Set TDKS mode: tdls_external_control=%d",
12925 tdls_external_control);
12926
12927 if (tdls_external_control == 1)
12928 tdls_mode = QCA_WLAN_VENDOR_TDLS_TRIGGER_MODE_IMPLICIT |
12929 QCA_WLAN_VENDOR_TDLS_TRIGGER_MODE_EXTERNAL;
12930 else
12931 tdls_mode = QCA_WLAN_VENDOR_TDLS_TRIGGER_MODE_EXPLICIT;
12932
12933 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) ||
12934 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) ||
12935 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD,
12936 QCA_NL80211_VENDOR_SUBCMD_CONFIGURE_TDLS))
12937 goto fail;
12938
12939 params = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA);
12940 if (!params)
12941 goto fail;
12942
12943 if (nla_put_u32(msg, QCA_WLAN_VENDOR_ATTR_TDLS_CONFIG_TRIGGER_MODE,
12944 tdls_mode))
12945 goto fail;
12946
12947 nla_nest_end(msg, params);
12948
12949 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
12950 msg = NULL;
12951 if (ret) {
12952 wpa_printf(MSG_ERROR,
12953 "nl80211: Set TDLS mode failed: ret=%d (%s)",
12954 ret, strerror(-ret));
12955 goto fail;
12956 }
12957 return 0;
12958 fail:
12959 nlmsg_free(msg);
12960 return -1;
12961 }
12962
12963
12964 #ifdef CONFIG_MBO
12965
12966 static enum mbo_transition_reject_reason
nl80211_mbo_reject_reason_mapping(enum qca_wlan_btm_candidate_status status)12967 nl80211_mbo_reject_reason_mapping(enum qca_wlan_btm_candidate_status status)
12968 {
12969 switch (status) {
12970 case QCA_STATUS_REJECT_EXCESSIVE_FRAME_LOSS_EXPECTED:
12971 return MBO_TRANSITION_REJECT_REASON_FRAME_LOSS;
12972 case QCA_STATUS_REJECT_EXCESSIVE_DELAY_EXPECTED:
12973 return MBO_TRANSITION_REJECT_REASON_DELAY;
12974 case QCA_STATUS_REJECT_INSUFFICIENT_QOS_CAPACITY:
12975 return MBO_TRANSITION_REJECT_REASON_QOS_CAPACITY;
12976 case QCA_STATUS_REJECT_LOW_RSSI:
12977 return MBO_TRANSITION_REJECT_REASON_RSSI;
12978 case QCA_STATUS_REJECT_HIGH_INTERFERENCE:
12979 return MBO_TRANSITION_REJECT_REASON_INTERFERENCE;
12980 case QCA_STATUS_REJECT_UNKNOWN:
12981 default:
12982 return MBO_TRANSITION_REJECT_REASON_UNSPECIFIED;
12983 }
12984 }
12985
12986
nl80211_parse_btm_candidate_info(struct candidate_list * candidate,struct nlattr * tb[],int num)12987 static void nl80211_parse_btm_candidate_info(struct candidate_list *candidate,
12988 struct nlattr *tb[], int num)
12989 {
12990 enum qca_wlan_btm_candidate_status status;
12991 char buf[50];
12992
12993 os_memcpy(candidate->bssid,
12994 nla_data(tb[QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO_BSSID]),
12995 ETH_ALEN);
12996
12997 status = nla_get_u32(
12998 tb[QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO_STATUS]);
12999 candidate->is_accept = status == QCA_STATUS_ACCEPT;
13000 candidate->reject_reason = nl80211_mbo_reject_reason_mapping(status);
13001
13002 if (candidate->is_accept)
13003 os_snprintf(buf, sizeof(buf), "Accepted");
13004 else
13005 os_snprintf(buf, sizeof(buf),
13006 "Rejected, Reject_reason: %d",
13007 candidate->reject_reason);
13008 wpa_printf(MSG_DEBUG, "nl80211: BSSID[%d]: " MACSTR " %s",
13009 num, MAC2STR(candidate->bssid), buf);
13010 }
13011
13012
13013 static int
nl80211_get_bss_transition_status_handler(struct nl_msg * msg,void * arg)13014 nl80211_get_bss_transition_status_handler(struct nl_msg *msg, void *arg)
13015 {
13016 struct wpa_bss_candidate_info *info = arg;
13017 struct candidate_list *candidate = info->candidates;
13018 struct nlattr *tb_msg[NL80211_ATTR_MAX + 1];
13019 struct nlattr *tb_vendor[QCA_WLAN_VENDOR_ATTR_MAX + 1];
13020 struct nlattr *tb[QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO_MAX + 1];
13021 static struct nla_policy policy[
13022 QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO_MAX + 1] = {
13023 [QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO_BSSID] = {
13024 .minlen = ETH_ALEN
13025 },
13026 [QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO_STATUS] = {
13027 .type = NLA_U32,
13028 },
13029 };
13030 struct nlattr *attr;
13031 int rem;
13032 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
13033 u8 num;
13034
13035 num = info->num; /* number of candidates sent to driver */
13036 info->num = 0;
13037 nla_parse(tb_msg, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
13038 genlmsg_attrlen(gnlh, 0), NULL);
13039
13040 if (!tb_msg[NL80211_ATTR_VENDOR_DATA] ||
13041 nla_parse_nested(tb_vendor, QCA_WLAN_VENDOR_ATTR_MAX,
13042 tb_msg[NL80211_ATTR_VENDOR_DATA], NULL) ||
13043 !tb_vendor[QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO])
13044 return NL_SKIP;
13045
13046 wpa_printf(MSG_DEBUG,
13047 "nl80211: WNM Candidate list received from driver");
13048 nla_for_each_nested(attr,
13049 tb_vendor[QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO],
13050 rem) {
13051 if (info->num >= num ||
13052 nla_parse_nested(
13053 tb, QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO_MAX,
13054 attr, policy) ||
13055 !tb[QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO_BSSID] ||
13056 !tb[QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO_STATUS])
13057 break;
13058
13059 nl80211_parse_btm_candidate_info(candidate, tb, info->num);
13060
13061 candidate++;
13062 info->num++;
13063 }
13064
13065 return NL_SKIP;
13066 }
13067
13068
13069 static struct wpa_bss_candidate_info *
nl80211_get_bss_transition_status(void * priv,struct wpa_bss_trans_info * params)13070 nl80211_get_bss_transition_status(void *priv, struct wpa_bss_trans_info *params)
13071 {
13072 struct i802_bss *bss = priv;
13073 struct wpa_driver_nl80211_data *drv = bss->drv;
13074 struct nl_msg *msg;
13075 struct nlattr *attr, *attr1, *attr2;
13076 struct wpa_bss_candidate_info *info;
13077 u8 i;
13078 int ret;
13079 u8 *pos;
13080
13081 if (!drv->fetch_bss_trans_status)
13082 return NULL;
13083
13084 info = os_zalloc(sizeof(*info));
13085 if (!info)
13086 return NULL;
13087 /* Allocate memory for number of candidates sent to driver */
13088 info->candidates = os_calloc(params->n_candidates,
13089 sizeof(*info->candidates));
13090 if (!info->candidates) {
13091 os_free(info);
13092 return NULL;
13093 }
13094
13095 /* Copy the number of candidates being sent to driver. This is used in
13096 * nl80211_get_bss_transition_status_handler() to limit the number of
13097 * candidates that can be populated in info->candidates and will be
13098 * later overwritten with the actual number of candidates received from
13099 * the driver.
13100 */
13101 info->num = params->n_candidates;
13102
13103 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) ||
13104 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) ||
13105 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD,
13106 QCA_NL80211_VENDOR_SUBCMD_FETCH_BSS_TRANSITION_STATUS))
13107 goto fail;
13108
13109 attr = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA);
13110 if (!attr)
13111 goto fail;
13112
13113 if (nla_put_u8(msg, QCA_WLAN_VENDOR_ATTR_BTM_MBO_TRANSITION_REASON,
13114 params->mbo_transition_reason))
13115 goto fail;
13116
13117 attr1 = nla_nest_start(msg, QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO);
13118 if (!attr1)
13119 goto fail;
13120
13121 wpa_printf(MSG_DEBUG,
13122 "nl80211: WNM Candidate list info sending to driver: mbo_transition_reason: %d n_candidates: %d",
13123 params->mbo_transition_reason, params->n_candidates);
13124 pos = params->bssid;
13125 for (i = 0; i < params->n_candidates; i++) {
13126 wpa_printf(MSG_DEBUG, "nl80211: BSSID[%d]: " MACSTR, i,
13127 MAC2STR(pos));
13128 attr2 = nla_nest_start(msg, i);
13129 if (!attr2 ||
13130 nla_put(msg, QCA_WLAN_VENDOR_ATTR_BTM_CANDIDATE_INFO_BSSID,
13131 ETH_ALEN, pos))
13132 goto fail;
13133 pos += ETH_ALEN;
13134 nla_nest_end(msg, attr2);
13135 }
13136
13137 nla_nest_end(msg, attr1);
13138 nla_nest_end(msg, attr);
13139
13140 ret = send_and_recv_msgs(drv, msg,
13141 nl80211_get_bss_transition_status_handler,
13142 info, NULL, NULL);
13143 msg = NULL;
13144 if (ret) {
13145 wpa_printf(MSG_ERROR,
13146 "nl80211: WNM Get BSS transition status failed: ret=%d (%s)",
13147 ret, strerror(-ret));
13148 goto fail;
13149 }
13150 return info;
13151
13152 fail:
13153 nlmsg_free(msg);
13154 os_free(info->candidates);
13155 os_free(info);
13156 return NULL;
13157 }
13158
13159
13160 /**
13161 * nl80211_ignore_assoc_disallow - Configure driver to ignore assoc_disallow
13162 * @priv: Pointer to private driver data from wpa_driver_nl80211_init()
13163 * @ignore_assoc_disallow: 0 to not ignore, 1 to ignore
13164 * Returns: 0 on success, -1 on failure
13165 */
nl80211_ignore_assoc_disallow(void * priv,int ignore_disallow)13166 static int nl80211_ignore_assoc_disallow(void *priv, int ignore_disallow)
13167 {
13168 struct i802_bss *bss = priv;
13169 struct wpa_driver_nl80211_data *drv = bss->drv;
13170 struct nl_msg *msg;
13171 struct nlattr *attr;
13172 int ret = -1;
13173
13174 if (!drv->set_wifi_conf_vendor_cmd_avail)
13175 return -1;
13176
13177 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) ||
13178 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) ||
13179 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD,
13180 QCA_NL80211_VENDOR_SUBCMD_SET_WIFI_CONFIGURATION))
13181 goto fail;
13182
13183 attr = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA);
13184 if (!attr)
13185 goto fail;
13186
13187 wpa_printf(MSG_DEBUG, "nl80211: Set ignore_assoc_disallow %d",
13188 ignore_disallow);
13189 if (nla_put_u8(msg, QCA_WLAN_VENDOR_ATTR_CONFIG_IGNORE_ASSOC_DISALLOWED,
13190 ignore_disallow))
13191 goto fail;
13192
13193 nla_nest_end(msg, attr);
13194
13195 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
13196 msg = NULL;
13197 if (ret) {
13198 wpa_printf(MSG_ERROR,
13199 "nl80211: Set ignore_assoc_disallow failed: ret=%d (%s)",
13200 ret, strerror(-ret));
13201 goto fail;
13202 }
13203
13204 fail:
13205 nlmsg_free(msg);
13206 return ret;
13207 }
13208
13209 #endif /* CONFIG_MBO */
13210
13211
13212 #ifdef CONFIG_PASN
13213
nl80211_send_pasn_resp(void * priv,struct pasn_auth * params)13214 static int nl80211_send_pasn_resp(void *priv, struct pasn_auth *params)
13215 {
13216 unsigned int i;
13217 struct i802_bss *bss = priv;
13218 struct nl_msg *msg = NULL;
13219 struct nlattr *nlpeers, *attr, *attr1;
13220 struct wpa_driver_nl80211_data *drv = bss->drv;
13221
13222 wpa_dbg(drv->ctx, MSG_DEBUG,
13223 "nl80211: PASN authentication response for %d entries",
13224 params->num_peers);
13225 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR);
13226 if (!msg ||
13227 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) ||
13228 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD,
13229 QCA_NL80211_VENDOR_SUBCMD_PASN))
13230 goto fail;
13231
13232 attr = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA);
13233 if (!attr)
13234 goto fail;
13235
13236 nlpeers = nla_nest_start(msg, QCA_WLAN_VENDOR_ATTR_PASN_PEERS);
13237 if (!nlpeers)
13238 goto fail;
13239
13240 for (i = 0; i < params->num_peers; i++) {
13241 attr1 = nla_nest_start(msg, i);
13242 if (!attr1 ||
13243 nla_put(msg, QCA_WLAN_VENDOR_ATTR_PASN_PEER_SRC_ADDR,
13244 ETH_ALEN, params->peer[i].own_addr) ||
13245 nla_put(msg, QCA_WLAN_VENDOR_ATTR_PASN_PEER_MAC_ADDR,
13246 ETH_ALEN, params->peer[i].peer_addr))
13247 goto fail;
13248
13249 if (params->peer[i].status == 0 &&
13250 nla_put_flag(msg,
13251 QCA_WLAN_VENDOR_ATTR_PASN_PEER_STATUS_SUCCESS))
13252 goto fail;
13253
13254 wpa_printf(MSG_DEBUG,
13255 "nl80211: Own address[%u]: " MACSTR
13256 " Peer address[%u]: " MACSTR " Status: %s",
13257 i, MAC2STR(params->peer[i].own_addr), i,
13258 MAC2STR(params->peer[i].peer_addr),
13259 params->peer[i].status ? "Fail" : "Success");
13260 nla_nest_end(msg, attr1);
13261 }
13262
13263 nla_nest_end(msg, nlpeers);
13264 nla_nest_end(msg, attr);
13265
13266 return send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
13267
13268 fail:
13269 nlmsg_free(msg);
13270 return -1;
13271 }
13272
13273
wpa_ltf_keyseed_len_to_sha_type(size_t len)13274 static u32 wpa_ltf_keyseed_len_to_sha_type(size_t len)
13275 {
13276 if (len == SHA384_MAC_LEN)
13277 return QCA_WLAN_VENDOR_SHA_384;
13278 if (len == SHA256_MAC_LEN)
13279 return QCA_WLAN_VENDOR_SHA_256;
13280
13281 wpa_printf(MSG_ERROR, "nl80211: Unexpected LTF keyseed len %zu", len);
13282 return (u32) -1;
13283 }
13284
13285
nl80211_set_secure_ranging_ctx(void * priv,struct secure_ranging_params * params)13286 static int nl80211_set_secure_ranging_ctx(void *priv,
13287 struct secure_ranging_params *params)
13288 {
13289 int ret;
13290 u32 suite;
13291 struct nlattr *attr;
13292 struct nl_msg *msg = NULL;
13293 struct i802_bss *bss = priv;
13294 struct wpa_driver_nl80211_data *drv = bss->drv;
13295
13296 /* Configure secure ranging context only to the drivers that support it.
13297 */
13298 if (!drv->secure_ranging_ctx_vendor_cmd_avail)
13299 return 0;
13300
13301 if (!params->peer_addr || !params->own_addr)
13302 return -1;
13303
13304 wpa_dbg(drv->ctx, MSG_DEBUG,
13305 "nl80211: Secure ranging context for " MACSTR,
13306 MAC2STR(params->peer_addr));
13307
13308 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR);
13309 if (!msg ||
13310 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) ||
13311 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD,
13312 QCA_NL80211_VENDOR_SUBCMD_SECURE_RANGING_CONTEXT))
13313 goto fail;
13314
13315 attr = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA);
13316 if (!attr)
13317 goto fail;
13318
13319 if (nla_put(msg, QCA_WLAN_VENDOR_ATTR_SECURE_RANGING_CTX_PEER_MAC_ADDR,
13320 ETH_ALEN, params->peer_addr) ||
13321 nla_put(msg, QCA_WLAN_VENDOR_ATTR_SECURE_RANGING_CTX_SRC_ADDR,
13322 ETH_ALEN, params->own_addr) ||
13323 nla_put_u32(msg, QCA_WLAN_VENDOR_ATTR_SECURE_RANGING_CTX_ACTION,
13324 params->action))
13325 goto fail;
13326
13327 if (params->cipher) {
13328 suite = wpa_cipher_to_cipher_suite(params->cipher);
13329 if (!suite ||
13330 nla_put_u32(msg,
13331 QCA_WLAN_VENDOR_ATTR_SECURE_RANGING_CTX_CIPHER,
13332 suite))
13333 goto fail;
13334 }
13335
13336 if (params->tk_len && params->tk) {
13337 if (nla_put(msg, QCA_WLAN_VENDOR_ATTR_SECURE_RANGING_CTX_TK,
13338 params->tk_len, params->tk))
13339 goto fail;
13340 wpa_hexdump_key(MSG_DEBUG, "nl80211: TK",
13341 params->tk, params->tk_len);
13342 }
13343
13344 if (params->ltf_keyseed_len && params->ltf_keyseed) {
13345 u32 sha_type = wpa_ltf_keyseed_len_to_sha_type(
13346 params->ltf_keyseed_len);
13347
13348 if (sha_type == (u32) -1 ||
13349 nla_put_u32(
13350 msg,
13351 QCA_WLAN_VENDOR_ATTR_SECURE_RANGING_CTX_SHA_TYPE,
13352 sha_type) ||
13353 nla_put(msg,
13354 QCA_WLAN_VENDOR_ATTR_SECURE_RANGING_CTX_LTF_KEYSEED,
13355 params->ltf_keyseed_len, params->ltf_keyseed))
13356 goto fail;
13357 wpa_hexdump_key(MSG_DEBUG, "nl80211: LTF keyseed",
13358 params->ltf_keyseed, params->ltf_keyseed_len);
13359 }
13360 nla_nest_end(msg, attr);
13361
13362 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
13363 if (ret)
13364 wpa_printf(MSG_DEBUG,
13365 "nl80211: Set secure ranging context failed: ret=%d (%s)",
13366 ret, strerror(-ret));
13367 return ret;
13368 fail:
13369 nlmsg_free(msg);
13370 return -1;
13371 }
13372
13373 #endif /* CONFIG_PASN */
13374
13375 #endif /* CONFIG_DRIVER_NL80211_QCA */
13376
nl80211_do_acs(void * priv,struct drv_acs_params * params)13377 static int nl80211_do_acs(void *priv, struct drv_acs_params *params)
13378 {
13379 #if defined(CONFIG_DRIVER_NL80211_QCA) || defined(CONFIG_DRIVER_NL80211_BRCM) \
13380 || defined(CONFIG_DRIVER_NL80211_SYNA)
13381 struct i802_bss *bss = priv;
13382 struct wpa_driver_nl80211_data *drv = bss->drv;
13383 #endif /* CONFIG_DRIVER_NL80211_QCA || CONFIG_DRIVER_NL80211_BRCM \
13384 || defined(CONFIG_DRIVER_NL80211_SYNA) */
13385
13386 #ifdef CONFIG_DRIVER_NL80211_QCA
13387 if (drv->qca_do_acs)
13388 return nl80211_qca_do_acs(drv, params);
13389 #endif /* CONFIG_DRIVER_NL80211_QCA */
13390
13391 #if defined(CONFIG_DRIVER_NL80211_BRCM) || defined(CONFIG_DRIVER_NL80211_SYNA)
13392 if (drv->brcm_do_acs)
13393 return wpa_driver_do_broadcom_acs(drv, params);
13394 #endif /* CONFIG_DRIVER_NL80211_BRCM || CONFIG_DRIVER_NL80211_SYNA */
13395
13396 return -1;
13397 }
13398
13399
nl80211_write_to_file(const char * name,unsigned int val)13400 static int nl80211_write_to_file(const char *name, unsigned int val)
13401 {
13402 int fd, len;
13403 char tmp[128];
13404 int ret = 0;
13405
13406 fd = open(name, O_RDWR);
13407 if (fd < 0) {
13408 int level;
13409 /*
13410 * Flags may not exist on older kernels, or while we're tearing
13411 * down a disappearing device.
13412 */
13413 if (errno == ENOENT) {
13414 ret = 0;
13415 level = MSG_DEBUG;
13416 } else {
13417 ret = -1;
13418 level = MSG_ERROR;
13419 }
13420 wpa_printf(level, "nl80211: Failed to open %s: %s",
13421 name, strerror(errno));
13422 return ret;
13423 }
13424
13425 len = os_snprintf(tmp, sizeof(tmp), "%u\n", val);
13426 len = write(fd, tmp, len);
13427 if (len < 0) {
13428 ret = -1;
13429 wpa_printf(MSG_ERROR, "nl80211: Failed to write to %s: %s",
13430 name, strerror(errno));
13431 }
13432 close(fd);
13433
13434 return ret;
13435 }
13436
13437
nl80211_configure_data_frame_filters(void * priv,u32 filter_flags)13438 static int nl80211_configure_data_frame_filters(void *priv, u32 filter_flags)
13439 {
13440 struct i802_bss *bss = priv;
13441 char path[128];
13442 int ret;
13443
13444 /* P2P-Device has no netdev that can (or should) be configured here */
13445 if (nl80211_get_ifmode(bss) == NL80211_IFTYPE_P2P_DEVICE)
13446 return 0;
13447
13448 wpa_printf(MSG_DEBUG, "nl80211: Data frame filter flags=0x%x",
13449 filter_flags);
13450
13451 /* Configure filtering of unicast frame encrypted using GTK */
13452 ret = os_snprintf(path, sizeof(path),
13453 "/proc/sys/net/ipv4/conf/%s/drop_unicast_in_l2_multicast",
13454 bss->ifname);
13455 if (os_snprintf_error(sizeof(path), ret))
13456 return -1;
13457
13458 ret = nl80211_write_to_file(path,
13459 !!(filter_flags &
13460 WPA_DATA_FRAME_FILTER_FLAG_GTK));
13461 if (ret) {
13462 wpa_printf(MSG_ERROR,
13463 "nl80211: Failed to set IPv4 unicast in multicast filter");
13464 return ret;
13465 }
13466
13467 os_snprintf(path, sizeof(path),
13468 "/proc/sys/net/ipv6/conf/%s/drop_unicast_in_l2_multicast",
13469 bss->ifname);
13470 ret = nl80211_write_to_file(path,
13471 !!(filter_flags &
13472 WPA_DATA_FRAME_FILTER_FLAG_GTK));
13473
13474 if (ret) {
13475 wpa_printf(MSG_ERROR,
13476 "nl80211: Failed to set IPv6 unicast in multicast filter");
13477 return ret;
13478 }
13479
13480 /* Configure filtering of unicast frame encrypted using GTK */
13481 os_snprintf(path, sizeof(path),
13482 "/proc/sys/net/ipv4/conf/%s/drop_gratuitous_arp",
13483 bss->ifname);
13484 ret = nl80211_write_to_file(path,
13485 !!(filter_flags &
13486 WPA_DATA_FRAME_FILTER_FLAG_ARP));
13487 if (ret) {
13488 wpa_printf(MSG_ERROR,
13489 "nl80211: Failed set gratuitous ARP filter");
13490 return ret;
13491 }
13492
13493 /* Configure filtering of IPv6 NA frames */
13494 os_snprintf(path, sizeof(path),
13495 "/proc/sys/net/ipv6/conf/%s/drop_unsolicited_na",
13496 bss->ifname);
13497 ret = nl80211_write_to_file(path,
13498 !!(filter_flags &
13499 WPA_DATA_FRAME_FILTER_FLAG_NA));
13500 if (ret) {
13501 wpa_printf(MSG_ERROR,
13502 "nl80211: Failed to set unsolicited NA filter");
13503 return ret;
13504 }
13505
13506 return 0;
13507 }
13508
13509
nl80211_get_ext_capab(void * priv,enum wpa_driver_if_type type,const u8 ** ext_capa,const u8 ** ext_capa_mask,unsigned int * ext_capa_len)13510 static int nl80211_get_ext_capab(void *priv, enum wpa_driver_if_type type,
13511 const u8 **ext_capa, const u8 **ext_capa_mask,
13512 unsigned int *ext_capa_len)
13513 {
13514 struct i802_bss *bss = priv;
13515 struct wpa_driver_nl80211_data *drv = bss->drv;
13516 enum nl80211_iftype nlmode;
13517 unsigned int i;
13518
13519 if (!ext_capa || !ext_capa_mask || !ext_capa_len)
13520 return -1;
13521
13522 nlmode = wpa_driver_nl80211_if_type(type);
13523
13524 /* By default, use the per-radio values */
13525 *ext_capa = drv->extended_capa;
13526 *ext_capa_mask = drv->extended_capa_mask;
13527 *ext_capa_len = drv->extended_capa_len;
13528
13529 /* Replace the default value if a per-interface type value exists */
13530 for (i = 0; i < drv->num_iface_capa; i++) {
13531 if (nlmode == drv->iface_capa[i].iftype) {
13532 *ext_capa = drv->iface_capa[i].ext_capa;
13533 *ext_capa_mask = drv->iface_capa[i].ext_capa_mask;
13534 *ext_capa_len = drv->iface_capa[i].ext_capa_len;
13535 break;
13536 }
13537 }
13538
13539 return 0;
13540 }
13541
13542
nl80211_get_mld_capab(void * priv,enum wpa_driver_if_type type,u16 * eml_capa,u16 * mld_capa_and_ops)13543 static int nl80211_get_mld_capab(void *priv, enum wpa_driver_if_type type,
13544 u16 *eml_capa, u16 *mld_capa_and_ops)
13545 {
13546 struct i802_bss *bss = priv;
13547 struct wpa_driver_nl80211_data *drv = bss->drv;
13548 enum nl80211_iftype nlmode;
13549 unsigned int i;
13550
13551 if (!eml_capa || !mld_capa_and_ops)
13552 return -1;
13553
13554 nlmode = wpa_driver_nl80211_if_type(type);
13555
13556 /* By default, set to zero */
13557 *eml_capa = 0;
13558 *mld_capa_and_ops = 0;
13559
13560 /* Replace the default value if a per-interface type value exists */
13561 for (i = 0; i < drv->num_iface_capa; i++) {
13562 if (nlmode == drv->iface_capa[i].iftype) {
13563 *eml_capa = drv->iface_capa[i].eml_capa;
13564 *mld_capa_and_ops =
13565 drv->iface_capa[i].mld_capa_and_ops;
13566 break;
13567 }
13568 }
13569
13570 return 0;
13571 }
13572
13573
nl80211_update_connection_params(void * priv,struct wpa_driver_associate_params * params,enum wpa_drv_update_connect_params_mask mask)13574 static int nl80211_update_connection_params(
13575 void *priv, struct wpa_driver_associate_params *params,
13576 enum wpa_drv_update_connect_params_mask mask)
13577 {
13578 struct i802_bss *bss = priv;
13579 struct wpa_driver_nl80211_data *drv = bss->drv;
13580 struct nl_msg *msg;
13581 int ret = -1;
13582 enum nl80211_auth_type type;
13583
13584 /* Update Connection Params is intended for drivers that implement
13585 * internal SME and expect these updated connection params from
13586 * wpa_supplicant. Do not send this request for the drivers using
13587 * SME from wpa_supplicant.
13588 */
13589 if (drv->capa.flags & WPA_DRIVER_FLAGS_SME)
13590 return 0;
13591
13592 /* Handle any connection param update here which might receive kernel handling in future */
13593 #if defined(CONFIG_DRIVER_NL80211_BRCM) || defined(CONFIG_DRIVER_NL80211_SYNA)
13594 if (mask & WPA_DRV_UPDATE_TD_POLICY) {
13595 ret = nl80211_set_td_policy(priv, params->td_policy);
13596 if (ret) {
13597 wpa_dbg(drv->ctx, MSG_DEBUG,
13598 "nl80211: Update connect params command failed: ret=%d (%s)",
13599 ret, strerror(-ret));
13600 }
13601 return ret;
13602 }
13603 #endif /* CONFIG_DRIVER_NL80211_BRCM || CONFIG_DRIVER_NL80211_SYNA */
13604
13605 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_UPDATE_CONNECT_PARAMS);
13606 if (!msg)
13607 goto fail;
13608
13609 wpa_printf(MSG_DEBUG, "nl80211: Update connection params (ifindex=%d)",
13610 drv->ifindex);
13611
13612 if ((mask & WPA_DRV_UPDATE_ASSOC_IES) && params->wpa_ie) {
13613 if (nla_put(msg, NL80211_ATTR_IE, params->wpa_ie_len,
13614 params->wpa_ie))
13615 goto fail;
13616 wpa_hexdump(MSG_DEBUG, " * IEs", params->wpa_ie,
13617 params->wpa_ie_len);
13618 }
13619
13620 if (mask & WPA_DRV_UPDATE_AUTH_TYPE) {
13621 type = get_nl_auth_type(params->auth_alg);
13622 if (type == NL80211_AUTHTYPE_MAX ||
13623 nla_put_u32(msg, NL80211_ATTR_AUTH_TYPE, type))
13624 goto fail;
13625 wpa_printf(MSG_DEBUG, " * Auth Type %d", type);
13626 }
13627
13628 if ((mask & WPA_DRV_UPDATE_FILS_ERP_INFO) &&
13629 nl80211_put_fils_connect_params(drv, params, msg))
13630 goto fail;
13631
13632 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
13633 msg = NULL;
13634 if (ret)
13635 wpa_dbg(drv->ctx, MSG_DEBUG,
13636 "nl80211: Update connect params command failed: ret=%d (%s)",
13637 ret, strerror(-ret));
13638
13639 fail:
13640 nlmsg_free(msg);
13641 return ret;
13642 }
13643
13644
nl80211_send_external_auth_status(void * priv,struct external_auth * params)13645 static int nl80211_send_external_auth_status(void *priv,
13646 struct external_auth *params)
13647 {
13648 struct i802_bss *bss = priv;
13649 struct wpa_driver_nl80211_data *drv = bss->drv;
13650 struct nl_msg *msg = NULL;
13651 int ret = -1;
13652
13653 /* External auth command/status is intended for drivers that implement
13654 * internal SME but want to offload authentication processing (e.g.,
13655 * SAE) to hostapd/wpa_supplicant. Do not send the status to drivers
13656 * which do not support AP SME or use wpa_supplicant/hostapd SME.
13657 */
13658 if ((is_ap_interface(drv->nlmode) && !bss->drv->device_ap_sme) ||
13659 (drv->capa.flags & WPA_DRIVER_FLAGS_SME))
13660 return -1;
13661
13662 wpa_dbg(drv->ctx, MSG_DEBUG,
13663 "nl80211: External auth status: %u", params->status);
13664
13665 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_EXTERNAL_AUTH);
13666 if (!msg ||
13667 nla_put_u16(msg, NL80211_ATTR_STATUS_CODE, params->status) ||
13668 (params->ssid && params->ssid_len &&
13669 nla_put(msg, NL80211_ATTR_SSID, params->ssid_len, params->ssid)) ||
13670 (params->pmkid &&
13671 nla_put(msg, NL80211_ATTR_PMKID, PMKID_LEN, params->pmkid)) ||
13672 (params->bssid &&
13673 nla_put(msg, NL80211_ATTR_BSSID, ETH_ALEN, params->bssid)))
13674 goto fail;
13675 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
13676 msg = NULL;
13677 if (ret) {
13678 wpa_printf(MSG_DEBUG,
13679 "nl80211: External Auth status update failed: ret=%d (%s)",
13680 ret, strerror(-ret));
13681 goto fail;
13682 }
13683 fail:
13684 nlmsg_free(msg);
13685 return ret;
13686 }
13687
13688
nl80211_set_4addr_mode(void * priv,const char * bridge_ifname,int val)13689 static int nl80211_set_4addr_mode(void *priv, const char *bridge_ifname,
13690 int val)
13691 {
13692 struct i802_bss *bss = priv;
13693 struct wpa_driver_nl80211_data *drv = bss->drv;
13694 struct nl_msg *msg;
13695 int ret = -ENOBUFS;
13696
13697 wpa_printf(MSG_DEBUG, "nl80211: %s 4addr mode (bridge_ifname: %s)",
13698 val ? "Enable" : "Disable", bridge_ifname);
13699
13700 msg = nl80211_cmd_msg(drv->first_bss, 0, NL80211_CMD_SET_INTERFACE);
13701 if (!msg || nla_put_u8(msg, NL80211_ATTR_4ADDR, val))
13702 goto fail;
13703
13704 if (bridge_ifname[0] && bss->added_if_into_bridge && !val) {
13705 if (linux_br_del_if(drv->global->ioctl_sock,
13706 bridge_ifname, bss->ifname)) {
13707 wpa_printf(MSG_ERROR,
13708 "nl80211: Failed to remove interface %s from bridge %s",
13709 bss->ifname, bridge_ifname);
13710 return -1;
13711 }
13712 bss->added_if_into_bridge = 0;
13713 }
13714
13715 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
13716 msg = NULL;
13717 if (ret && val && nl80211_get_4addr(bss) == 1) {
13718 wpa_printf(MSG_DEBUG,
13719 "nl80211: 4addr mode was already enabled");
13720 ret = 0;
13721 }
13722 if (!ret) {
13723 if (bridge_ifname[0] && val &&
13724 i802_check_bridge(drv, bss, bridge_ifname, bss->ifname) < 0)
13725 return -1;
13726 return 0;
13727 }
13728
13729 fail:
13730 nlmsg_free(msg);
13731 wpa_printf(MSG_ERROR, "nl80211: Failed to enable/disable 4addr");
13732
13733 return ret;
13734 }
13735
13736
13737 #ifdef CONFIG_DPP
nl80211_dpp_listen(void * priv,bool enable)13738 static int nl80211_dpp_listen(void *priv, bool enable)
13739 {
13740 struct i802_bss *bss = priv;
13741 struct wpa_driver_nl80211_data *drv = bss->drv;
13742 u16 type = (WLAN_FC_TYPE_MGMT << 2) | (WLAN_FC_STYPE_ACTION << 4);
13743 struct nl_sock *handle;
13744
13745 if (!drv->multicast_registrations || !bss->nl_mgmt)
13746 return 0; /* cannot do more than hope broadcast RX works */
13747
13748 wpa_printf(MSG_DEBUG,
13749 "nl80211: Update DPP Public Action frame registration (%s multicast RX)",
13750 enable ? "enable" : "disable");
13751 handle = (void *) (((intptr_t) bss->nl_mgmt) ^ ELOOP_SOCKET_INVALID);
13752 return nl80211_register_frame(bss, handle, type,
13753 (u8 *) "\x04\x09\x50\x6f\x9a\x1a", 6,
13754 enable);
13755 }
13756 #endif /* CONFIG_DPP */
13757
13758 #if defined(CONFIG_DRIVER_NL80211_BRCM) || defined(CONFIG_DRIVER_NL80211_SYNA)
nl80211_set_td_policy(void * priv,u32 td_policy)13759 static int nl80211_set_td_policy(void *priv, u32 td_policy)
13760 {
13761 struct i802_bss *bss = priv;
13762 struct wpa_driver_nl80211_data *drv = bss->drv;
13763 struct nl_msg *msg;
13764 int ret;
13765 struct nlattr *params;
13766
13767 if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) ||
13768 nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_BRCM) ||
13769 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD, BRCM_VENDOR_SCMD_SET_TD_POLICY) ||
13770 !(params = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) ||
13771 (nla_put_u32(msg, BRCM_ATTR_DRIVER_TD_POLICY, td_policy))) {
13772 nl80211_nlmsg_clear(msg);
13773 nlmsg_free(msg);
13774 return -ENOBUFS;
13775 }
13776 nla_nest_end(msg, params);
13777 wpa_printf(MSG_DEBUG, "nl80211: Transition Disable Policy %d\n", td_policy);
13778
13779 ret = send_and_recv_msgs(drv, msg, NULL, (void *) -1, NULL, NULL);
13780 if (ret) {
13781 wpa_printf(MSG_DEBUG, "nl80211: Transition Disable setting failed: ret=%d (%s)",
13782 ret, strerror(-ret));
13783 }
13784
13785 return ret;
13786 }
13787 #endif /* CONFIG_DRIVER_NL80211_BRCM || CONFIG_DRIVER_NL80211_SYNA */
13788
nl80211_link_add(void * priv,u8 link_id,const u8 * addr)13789 static int nl80211_link_add(void *priv, u8 link_id, const u8 *addr)
13790 {
13791 struct i802_bss *bss = priv;
13792 struct wpa_driver_nl80211_data *drv = bss->drv;
13793 struct nl_msg *msg;
13794 unsigned int idx, i;
13795 int ret;
13796
13797 wpa_printf(MSG_DEBUG, "nl80211: MLD: add link_id=%u, addr=" MACSTR,
13798 link_id, MAC2STR(addr));
13799
13800 if (drv->nlmode != NL80211_IFTYPE_AP) {
13801 wpa_printf(MSG_DEBUG,
13802 "nl80211: MLD: cannot add link to iftype=%u",
13803 drv->nlmode);
13804 return -EINVAL;
13805 }
13806
13807 if (bss->n_links >= MAX_NUM_MLD_LINKS) {
13808 wpa_printf(MSG_DEBUG, "nl80211: MLD: already have n_links=%zu",
13809 bss->n_links);
13810 return -EINVAL;
13811 }
13812
13813 for (i = 0; i < bss->n_links; i++) {
13814 if (bss->links[i].link_id == link_id &&
13815 bss->links[i].beacon_set) {
13816 wpa_printf(MSG_DEBUG,
13817 "nl80211: MLD: link already set");
13818 return -EINVAL;
13819 }
13820 }
13821
13822 /* try using the first link entry, assuming it is not beaconing yet */
13823 if (bss->n_links == 1 &&
13824 bss->flink->link_id == NL80211_DRV_LINK_ID_NA) {
13825 if (bss->flink->beacon_set) {
13826 wpa_printf(MSG_DEBUG, "nl80211: BSS already beaconing");
13827 return -EINVAL;
13828 }
13829
13830 idx = 0;
13831 } else {
13832 idx = bss->n_links;
13833 }
13834
13835 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_ADD_LINK);
13836 if (!msg ||
13837 nla_put_u8(msg, NL80211_ATTR_MLO_LINK_ID, link_id) ||
13838 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) {
13839 nlmsg_free(msg);
13840 return -ENOBUFS;
13841 }
13842
13843 ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
13844 if (ret) {
13845 wpa_printf(MSG_DEBUG, "nl80211: add link failed. ret=%d (%s)",
13846 ret, strerror(-ret));
13847 return ret;
13848 }
13849
13850 bss->links[idx].link_id = link_id;
13851 os_memcpy(bss->links[idx].addr, addr, ETH_ALEN);
13852
13853 bss->n_links = idx + 1;
13854
13855 wpa_printf(MSG_DEBUG, "nl80211: MLD: n_links=%zu", bss->n_links);
13856 return 0;
13857 }
13858
13859
13860 #ifdef CONFIG_TESTING_OPTIONS
13861
testing_nl80211_register_frame(void * priv,u16 type,const u8 * match,size_t match_len,bool multicast)13862 static int testing_nl80211_register_frame(void *priv, u16 type,
13863 const u8 *match, size_t match_len,
13864 bool multicast)
13865 {
13866 struct i802_bss *bss = priv;
13867 struct nl_sock *handle;
13868
13869 if (!bss->nl_mgmt)
13870 return -1;
13871 handle = (void *) (((intptr_t) bss->nl_mgmt) ^ ELOOP_SOCKET_INVALID);
13872 return nl80211_register_frame(bss, handle, type, match, match_len,
13873 multicast);
13874 }
13875
13876
testing_nl80211_radio_disable(void * priv,int disabled)13877 static int testing_nl80211_radio_disable(void *priv, int disabled)
13878 {
13879 struct i802_bss *bss = priv;
13880 struct wpa_driver_nl80211_data *drv = bss->drv;
13881
13882 /* For now, this is supported only partially in station mode with
13883 * SME-in-wpa_supplicant case where the NL80211_ATTR_LOCAL_STATE_CHANGE
13884 * attribute can be used to avoid sending out the Deauthentication frame
13885 * to the currently associated AP. */
13886
13887 if (!disabled)
13888 return 0;
13889
13890 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME))
13891 return -1;
13892
13893 if (!drv->associated)
13894 return 0;
13895
13896 return wpa_driver_nl80211_mlme(drv, drv->bssid,
13897 NL80211_CMD_DEAUTHENTICATE,
13898 WLAN_REASON_PREV_AUTH_NOT_VALID, 1,
13899 drv->first_bss);
13900 }
13901
13902 #endif /* CONFIG_TESTING_OPTIONS */
13903
13904
13905 const struct wpa_driver_ops wpa_driver_nl80211_ops = {
13906 .name = "nl80211",
13907 .desc = "Linux nl80211/cfg80211",
13908 .get_bssid = wpa_driver_nl80211_get_bssid,
13909 .get_ssid = wpa_driver_nl80211_get_ssid,
13910 .set_key = driver_nl80211_set_key,
13911 .scan2 = driver_nl80211_scan2,
13912 .sched_scan = wpa_driver_nl80211_sched_scan,
13913 .stop_sched_scan = wpa_driver_nl80211_stop_sched_scan,
13914 .get_scan_results2 = wpa_driver_nl80211_get_scan_results,
13915 .abort_scan = wpa_driver_nl80211_abort_scan,
13916 .deauthenticate = driver_nl80211_deauthenticate,
13917 .authenticate = driver_nl80211_authenticate,
13918 .associate = wpa_driver_nl80211_associate,
13919 .global_init = nl80211_global_init,
13920 .global_deinit = nl80211_global_deinit,
13921 .init2 = wpa_driver_nl80211_init,
13922 .deinit = driver_nl80211_deinit,
13923 .get_capa = wpa_driver_nl80211_get_capa,
13924 .set_operstate = wpa_driver_nl80211_set_operstate,
13925 .set_supp_port = wpa_driver_nl80211_set_supp_port,
13926 .set_country = wpa_driver_nl80211_set_country,
13927 .get_country = wpa_driver_nl80211_get_country,
13928 .set_ap = wpa_driver_nl80211_set_ap,
13929 .set_acl = wpa_driver_nl80211_set_acl,
13930 .if_add = wpa_driver_nl80211_if_add,
13931 .if_remove = driver_nl80211_if_remove,
13932 .send_mlme = driver_nl80211_send_mlme,
13933 .get_hw_feature_data = nl80211_get_hw_feature_data,
13934 .sta_add = wpa_driver_nl80211_sta_add,
13935 .sta_remove = driver_nl80211_sta_remove,
13936 .tx_control_port = nl80211_tx_control_port,
13937 .hapd_send_eapol = wpa_driver_nl80211_hapd_send_eapol,
13938 .sta_set_flags = wpa_driver_nl80211_sta_set_flags,
13939 .sta_set_airtime_weight = driver_nl80211_sta_set_airtime_weight,
13940 .hapd_init = i802_init,
13941 .hapd_deinit = i802_deinit,
13942 .set_wds_sta = i802_set_wds_sta,
13943 .get_seqnum = i802_get_seqnum,
13944 .flush = i802_flush,
13945 .get_inact_sec = i802_get_inact_sec,
13946 .sta_clear_stats = i802_sta_clear_stats,
13947 .set_rts = i802_set_rts,
13948 .set_frag = i802_set_frag,
13949 .set_tx_queue_params = i802_set_tx_queue_params,
13950 .set_sta_vlan = driver_nl80211_set_sta_vlan,
13951 .sta_deauth = i802_sta_deauth,
13952 .sta_disassoc = i802_sta_disassoc,
13953 .read_sta_data = driver_nl80211_read_sta_data,
13954 .set_freq = i802_set_freq,
13955 .send_action = driver_nl80211_send_action,
13956 .send_action_cancel_wait = wpa_driver_nl80211_send_action_cancel_wait,
13957 .remain_on_channel = wpa_driver_nl80211_remain_on_channel,
13958 .cancel_remain_on_channel =
13959 wpa_driver_nl80211_cancel_remain_on_channel,
13960 .probe_req_report = driver_nl80211_probe_req_report,
13961 .deinit_ap = wpa_driver_nl80211_deinit_ap,
13962 .deinit_p2p_cli = wpa_driver_nl80211_deinit_p2p_cli,
13963 .resume = wpa_driver_nl80211_resume,
13964 .signal_monitor = nl80211_signal_monitor,
13965 .signal_poll = nl80211_signal_poll,
13966 .mlo_signal_poll = nl80211_mlo_signal_poll,
13967 .channel_info = nl80211_channel_info,
13968 .set_param = nl80211_set_param,
13969 .get_radio_name = nl80211_get_radio_name,
13970 .add_pmkid = nl80211_add_pmkid,
13971 .remove_pmkid = nl80211_remove_pmkid,
13972 .flush_pmkid = nl80211_flush_pmkid,
13973 .set_rekey_info = nl80211_set_rekey_info,
13974 .poll_client = nl80211_poll_client,
13975 .set_p2p_powersave = nl80211_set_p2p_powersave,
13976 .start_dfs_cac = nl80211_start_radar_detection,
13977 .stop_ap = wpa_driver_nl80211_stop_ap,
13978 #ifdef CONFIG_TDLS
13979 .send_tdls_mgmt = nl80211_send_tdls_mgmt,
13980 .tdls_oper = nl80211_tdls_oper,
13981 .tdls_enable_channel_switch = nl80211_tdls_enable_channel_switch,
13982 .tdls_disable_channel_switch = nl80211_tdls_disable_channel_switch,
13983 #endif /* CONFIG_TDLS */
13984 .update_ft_ies = wpa_driver_nl80211_update_ft_ies,
13985 .update_dh_ie = nl80211_update_dh_ie,
13986 .get_mac_addr = wpa_driver_nl80211_get_macaddr,
13987 .get_survey = wpa_driver_nl80211_get_survey,
13988 .status = wpa_driver_nl80211_status,
13989 .switch_channel = nl80211_switch_channel,
13990 #ifdef CONFIG_IEEE80211AX
13991 .switch_color = nl80211_switch_color,
13992 #endif /* CONFIG_IEEE80211AX */
13993 #ifdef ANDROID_P2P
13994 .set_noa = wpa_driver_set_p2p_noa,
13995 .get_noa = wpa_driver_get_p2p_noa,
13996 .set_ap_wps_ie = wpa_driver_set_ap_wps_p2p_ie,
13997 #endif /* ANDROID_P2P */
13998 #ifdef ANDROID
13999 #ifndef ANDROID_LIB_STUB
14000 .driver_cmd = wpa_driver_nl80211_driver_cmd,
14001 #endif /* !ANDROID_LIB_STUB */
14002 #endif /* ANDROID */
14003 .vendor_cmd = nl80211_vendor_cmd,
14004 .set_qos_map = nl80211_set_qos_map,
14005 .get_wowlan = nl80211_get_wowlan,
14006 .set_wowlan = nl80211_set_wowlan,
14007 .set_mac_addr = nl80211_set_mac_addr,
14008 #ifdef CONFIG_MESH
14009 .init_mesh = wpa_driver_nl80211_init_mesh,
14010 .join_mesh = wpa_driver_nl80211_join_mesh,
14011 .leave_mesh = wpa_driver_nl80211_leave_mesh,
14012 .probe_mesh_link = nl80211_probe_mesh_link,
14013 #endif /* CONFIG_MESH */
14014 .br_add_ip_neigh = wpa_driver_br_add_ip_neigh,
14015 .br_delete_ip_neigh = wpa_driver_br_delete_ip_neigh,
14016 .br_port_set_attr = wpa_driver_br_port_set_attr,
14017 .br_set_net_param = wpa_driver_br_set_net_param,
14018 .add_tx_ts = nl80211_add_ts,
14019 .del_tx_ts = nl80211_del_ts,
14020 .get_ifindex = nl80211_get_ifindex,
14021 #ifdef CONFIG_DRIVER_NL80211_QCA
14022 .roaming = nl80211_roaming,
14023 .disable_fils = nl80211_disable_fils,
14024 .set_band = nl80211_set_band,
14025 .get_pref_freq_list = nl80211_get_pref_freq_list,
14026 .set_prob_oper_freq = nl80211_set_prob_oper_freq,
14027 .p2p_lo_start = nl80211_p2p_lo_start,
14028 .p2p_lo_stop = nl80211_p2p_lo_stop,
14029 .set_default_scan_ies = nl80211_set_default_scan_ies,
14030 .set_tdls_mode = nl80211_set_tdls_mode,
14031 #ifdef CONFIG_MBO
14032 .get_bss_transition_status = nl80211_get_bss_transition_status,
14033 .ignore_assoc_disallow = nl80211_ignore_assoc_disallow,
14034 #endif /* CONFIG_MBO */
14035 .set_bssid_tmp_disallow = nl80211_set_bssid_tmp_disallow,
14036 .add_sta_node = nl80211_add_sta_node,
14037 #ifdef CONFIG_PASN
14038 .send_pasn_resp = nl80211_send_pasn_resp,
14039 .set_secure_ranging_ctx = nl80211_set_secure_ranging_ctx,
14040 #endif /* CONFIG_PASN */
14041 #endif /* CONFIG_DRIVER_NL80211_QCA */
14042 .do_acs = nl80211_do_acs,
14043 .configure_data_frame_filters = nl80211_configure_data_frame_filters,
14044 .get_ext_capab = nl80211_get_ext_capab,
14045 .get_mld_capab = nl80211_get_mld_capab,
14046 .update_connect_params = nl80211_update_connection_params,
14047 .send_external_auth_status = nl80211_send_external_auth_status,
14048 .set_4addr_mode = nl80211_set_4addr_mode,
14049 #ifdef CONFIG_DPP
14050 .dpp_listen = nl80211_dpp_listen,
14051 #endif /* CONFIG_DPP */
14052 .get_sta_mlo_info = nl80211_get_sta_mlo_info,
14053 .link_add = nl80211_link_add,
14054 #ifdef CONFIG_TESTING_OPTIONS
14055 .register_frame = testing_nl80211_register_frame,
14056 .radio_disable = testing_nl80211_radio_disable,
14057 #endif /* CONFIG_TESTING_OPTIONS */
14058 };
14059