~ubuntu-branches/ubuntu/precise/wpasupplicant/precise-updates
» Revision
19
: .pc/0007-sme-nl80211-set-cipher-suites.patch/src/drivers/driver_nl80211.c
« back to all changes in this revision
Viewing changes to .pc/0007-sme-nl80211-set-cipher-suites.patch/src/drivers/driver_nl80211.c
- browse files at revision 19
- compare with another revision
- download diff
- download tarball
- view history from revision 19
- Committer: Package Import Robot
- Author(s): Marc Deslauriers
- Date: 2014-10-10 09:23:53 UTC
- mfrom: (18.1.2 precise-proposed)
- Revision ID: package-import@ubuntu.com-20141010092353-zo940kiyc1tqwcyi
Tags: 0.7.3-6ubuntu2.3
* SECURITY UPDATE: arbitrary command execution via unsanitized string
passed to action scripts by wpa_cli
- debian/patches/CVE-2014-3686.patch: added os_exec() helper to
src/utils/os.h, src/utils/os_unix.c, src/utils/os_win32.c,
use instead of system() in wpa_supplicant/wpa_cli.c.
- CVE-2014-3686
passed to action scripts by wpa_cli
- debian/patches/CVE-2014-3686.patch: added os_exec() helper to
src/utils/os.h, src/utils/os_unix.c, src/utils/os_win32.c,
use instead of system() in wpa_supplicant/wpa_cli.c.
- CVE-2014-3686
- files added:
- .pc/.quilt_patches
- .pc/0001-nl80211-Fix-UNSPEC-signal-quality-reporting.patch
- .pc/0001-nl80211-Fix-UNSPEC-signal-quality-reporting.patch/src
- .pc/0001-nl80211-Fix-UNSPEC-signal-quality-reporting.patch/src/drivers
- .pc/0001-pmkokc-Set-portValid-TRUE-on-association-for-driver-based-4.patch
- .pc/0001-pmkokc-Set-portValid-TRUE-on-association-for-driver-based-4.patch/wpa_supplicant
- .pc/0001-sme-fix-retry-after-auth-assoc-timeout-failure.patch
- .pc/0001-sme-fix-retry-after-auth-assoc-timeout-failure.patch/wpa_supplicant
- .pc/0002-pmkokc-Clear-WPA-and-EAPOL-state-machine-config-pointer-on-.patch
- .pc/0002-pmkokc-Clear-WPA-and-EAPOL-state-machine-config-pointer-on-.patch/wpa_supplicant
- .pc/0002-sme-optimize-recovery-from-common-load-balancing-mechanisms.patch
- .pc/0002-sme-optimize-recovery-from-common-load-balancing-mechanisms.patch/wpa_supplicant
- .pc/0003-pmkokc-Clear-driver-PMKSA-cache-entry-on-PMKSA-cache-expira.patch
- .pc/0003-pmkokc-Clear-driver-PMKSA-cache-entry-on-PMKSA-cache-expira.patch/src
- .pc/0003-pmkokc-Clear-driver-PMKSA-cache-entry-on-PMKSA-cache-expira.patch/src/rsn_supp
- .pc/0003-sme-blacklist-bss-on-first-failure-if-only-a-single-network-is-enabled.patch
- .pc/0003-sme-blacklist-bss-on-first-failure-if-only-a-single-network-is-enabled.patch/wpa_supplicant
- .pc/0004-pmkokc-Flush-PMKSA-cache-entries-and-invalidate-EAP-state-o.patch
- .pc/0004-pmkokc-Flush-PMKSA-cache-entries-and-invalidate-EAP-state-o.patch/src
- .pc/0004-pmkokc-Flush-PMKSA-cache-entries-and-invalidate-EAP-state-o.patch/src/rsn_supp
- .pc/0004-pmkokc-Flush-PMKSA-cache-entries-and-invalidate-EAP-state-o.patch/wpa_supplicant
- .pc/0004-sme-extend-load-balancing-optimization-in-bss-blacklisting.patch
- .pc/0004-sme-extend-load-balancing-optimization-in-bss-blacklisting.patch/wpa_supplicant
- .pc/0005-pmkokc-Fix-proactive_key_caching-configuration-to-WPA-code.patch
- .pc/0005-pmkokc-Fix-proactive_key_caching-configuration-to-WPA-code.patch/wpa_supplicant
- .pc/0005-pmkokc-Fix-proactive_key_caching-configuration-to-WPA-code.patch/wpa_supplicant/wpas_glue.c
- .pc/0005-sme-optimize-recovery-from-association-command-failures.patch
- .pc/0005-sme-optimize-recovery-from-association-command-failures.patch/wpa_supplicant
- .pc/0006-pmkokc-RSN-Add-a-debug-message-when-considing-addition-of-O.patch
- .pc/0006-pmkokc-RSN-Add-a-debug-message-when-considing-addition-of-O.patch/src
- .pc/0006-pmkokc-RSN-Add-a-debug-message-when-considing-addition-of-O.patch/src/rsn_supp
- .pc/0006-sme-add-timers-for-authentication-and-association.patch
- .pc/0006-sme-add-timers-for-authentication-and-association.patch/wpa_supplicant
- .pc/0007-pmkokc-Clear-OKC-based-PMKSA-caching-entries-if-PMK-is-chan.patch
- .pc/0007-pmkokc-Clear-OKC-based-PMKSA-caching-entries-if-PMK-is-chan.patch/src
- .pc/0007-pmkokc-Clear-OKC-based-PMKSA-caching-entries-if-PMK-is-chan.patch/src/rsn_supp
- .pc/0007-sme-nl80211-set-cipher-suites.patch
- .pc/0007-sme-nl80211-set-cipher-suites.patch/src
- .pc/0007-sme-nl80211-set-cipher-suites.patch/src/drivers
- .pc/0007-sme-nl80211-set-cipher-suites.patch/wpa_supplicant
- .pc/0008-pmkokc-Move-wpa_sm_remove_pmkid-call-to-PMKSA-cache-entry-f.patch
- .pc/0008-pmkokc-Move-wpa_sm_remove_pmkid-call-to-PMKSA-cache-entry-f.patch/src
- .pc/0008-pmkokc-Move-wpa_sm_remove_pmkid-call-to-PMKSA-cache-entry-f.patch/src/rsn_supp
- .pc/0009-pmkokc-Use-PMKSA-cache-entries-with-only-a-single-network-c.patch
- .pc/0009-pmkokc-Use-PMKSA-cache-entries-with-only-a-single-network-c.patch/src
- .pc/0009-pmkokc-Use-PMKSA-cache-entries-with-only-a-single-network-c.patch/src/rsn_supp
- .pc/0009-pmkokc-Use-PMKSA-cache-entries-with-only-a-single-network-c.patch/wpa_supplicant
- .pc/0010-pmkokc-PMKSA-Do-not-evict-active-cache-entry-when-adding-ne.patch
- .pc/0010-pmkokc-PMKSA-Do-not-evict-active-cache-entry-when-adding-ne.patch/src
- .pc/0010-pmkokc-PMKSA-Do-not-evict-active-cache-entry-when-adding-ne.patch/src/rsn_supp
- .pc/0011-pmkokc-PMKSA-Set-cur_pmksa-pointer-during-initial-associati.patch
- .pc/0011-pmkokc-PMKSA-Set-cur_pmksa-pointer-during-initial-associati.patch/src
- .pc/0011-pmkokc-PMKSA-Set-cur_pmksa-pointer-during-initial-associati.patch/src/rsn_supp
- .pc/0012-pmkokc-PMKSA-make-deauthentication-due-to-cache-entry-remov.patch
- .pc/0012-pmkokc-PMKSA-make-deauthentication-due-to-cache-entry-remov.patch/src
- .pc/0012-pmkokc-PMKSA-make-deauthentication-due-to-cache-entry-remov.patch/src/rsn_supp
- .pc/0013-pmkokc-PMKSA-update-current-cache-entry-due-to-association-.patch
- .pc/0013-pmkokc-PMKSA-update-current-cache-entry-due-to-association-.patch/src
- .pc/0013-pmkokc-PMKSA-update-current-cache-entry-due-to-association-.patch/src/rsn_supp
- .pc/0013-pmkokc-PMKSA-update-current-cache-entry-due-to-association-.patch/wpa_supplicant
- .pc/0013-pmkokc-PMKSA-update-current-cache-entry-due-to-association-.patch/wpa_supplicant/ibss_rsn.c
- .pc/0013-pmkokc-PMKSA-update-current-cache-entry-due-to-association-.patch/wpa_supplicant/tests
- .pc/CVE-2014-3686.patch
- .pc/CVE-2014-3686.patch/src
- .pc/CVE-2014-3686.patch/src/utils
- .pc/CVE-2014-3686.patch/wpa_supplicant
- .pc/force-enable-okc.patch
- .pc/force-enable-okc.patch/wpa_supplicant
- .pc/less-aggressive-roaming.patch
- .pc/less-aggressive-roaming.patch/wpa_supplicant
- .pc/session-ticket.patch
- .pc/session-ticket.patch/src
- .pc/session-ticket.patch/src/crypto
- .pc/wpa_supplicant-assoc-timeout.patch
- .pc/wpa_supplicant-assoc-timeout.patch/wpa_supplicant
- .pc/wpa_supplicant-dbus-null-error.patch
- .pc/wpa_supplicant-dbus-null-error.patch/wpa_supplicant
- .pc/wpa_supplicant-dbus-null-error.patch/wpa_supplicant/dbus
- .pc/wpa_supplicant-squelch-driver-disconnect-spam.patch
- .pc/wpa_supplicant-squelch-driver-disconnect-spam.patch/wpa_supplicant
- files modified:
- .pc/applied-patches
added
removed
.pc/0007-sme-nl80211-set-cipher-suites.patch/src/drivers/driver_nl80211.c
1
/*
2
* Driver interaction with Linux nl80211/cfg80211
3
* Copyright (c) 2002-2010, Jouni Malinen <j@w1.fi>
4
* Copyright (c) 2003-2004, Instant802 Networks, Inc.
5
* Copyright (c) 2005-2006, Devicescape Software, Inc.
6
* Copyright (c) 2007, Johannes Berg <johannes@sipsolutions.net>
7
* Copyright (c) 2009-2010, Atheros Communications
8
*
9
* This program is free software; you can redistribute it and/or modify
10
* it under the terms of the GNU General Public License version 2 as
11
* published by the Free Software Foundation.
12
*
13
* Alternatively, this software may be distributed under the terms of BSD
14
* license.
15
*
16
* See README and COPYING for more details.
17
*/
18
19
#include "includes.h"
20
#include <sys/ioctl.h>
21
#include <net/if.h>
22
#include <netlink/genl/genl.h>
23
#include <netlink/genl/family.h>
24
#include <netlink/genl/ctrl.h>
25
#include <netpacket/packet.h>
26
#include <linux/filter.h>
27
#include "nl80211_copy.h"
28
29
#include "common.h"
30
#include "eloop.h"
31
#include "common/ieee802_11_defs.h"
32
#include "netlink.h"
33
#include "linux_ioctl.h"
34
#include "radiotap.h"
35
#include "radiotap_iter.h"
36
#include "driver.h"
37
38
#ifdef CONFIG_LIBNL20
39
/* libnl 2.0 compatibility code */
40
#define nl_handle nl_sock
41
#define nl_handle_alloc_cb nl_socket_alloc_cb
42
#define nl_handle_destroy nl_socket_free
43
#endif /* CONFIG_LIBNL20 */
44
45
46
#ifndef IFF_LOWER_UP
47
#define IFF_LOWER_UP 0x10000 /* driver signals L1 up */
48
#endif
49
#ifndef IFF_DORMANT
50
#define IFF_DORMANT 0x20000 /* driver signals dormant */
51
#endif
52
53
#ifndef IF_OPER_DORMANT
54
#define IF_OPER_DORMANT 5
55
#endif
56
#ifndef IF_OPER_UP
57
#define IF_OPER_UP 6
58
#endif
59
60
struct i802_bss {
61
struct wpa_driver_nl80211_data *drv;
62
struct i802_bss *next;
63
int ifindex;
64
char ifname[IFNAMSIZ + 1];
65
unsigned int beacon_set:1;
66
};
67
68
struct wpa_driver_nl80211_data {
69
void *ctx;
70
struct netlink_data *netlink;
71
int ioctl_sock; /* socket for ioctl() use */
72
char brname[IFNAMSIZ];
73
int ifindex;
74
int if_removed;
75
struct wpa_driver_capa capa;
76
int has_capability;
77
78
int operstate;
79
80
int scan_complete_events;
81
82
struct nl_handle *nl_handle;
83
struct nl_handle *nl_handle_event;
84
struct nl_cache *nl_cache;
85
struct nl_cache *nl_cache_event;
86
struct nl_cb *nl_cb;
87
struct genl_family *nl80211;
88
89
u8 auth_bssid[ETH_ALEN];
90
u8 bssid[ETH_ALEN];
91
int associated;
92
u8 ssid[32];
93
size_t ssid_len;
94
int nlmode;
95
int ap_scan_as_station;
96
unsigned int assoc_freq;
97
98
int monitor_sock;
99
int monitor_ifidx;
100
int probe_req_report;
101
int disable_11b_rates;
102
103
unsigned int pending_remain_on_chan:1;
104
unsigned int added_bridge:1;
105
unsigned int added_if_into_bridge:1;
106
107
u64 remain_on_chan_cookie;
108
u64 send_action_cookie;
109
110
struct wpa_driver_scan_filter *filter_ssids;
111
size_t num_filter_ssids;
112
113
struct i802_bss first_bss;
114
115
#ifdef HOSTAPD
116
int eapol_sock; /* socket for EAPOL frames */
117
118
int default_if_indices[16];
119
int *if_indices;
120
int num_if_indices;
121
122
int last_freq;
123
int last_freq_ht;
124
#endif /* HOSTAPD */
125
};
126
127
128
static void wpa_driver_nl80211_scan_timeout(void *eloop_ctx,
129
void *timeout_ctx);
130
static int wpa_driver_nl80211_set_mode(void *priv, int mode);
131
static int
132
wpa_driver_nl80211_finish_drv_init(struct wpa_driver_nl80211_data *drv);
133
static int wpa_driver_nl80211_mlme(struct wpa_driver_nl80211_data *drv,
134
const u8 *addr, int cmd, u16 reason_code,
135
int local_state_change);
136
static void nl80211_remove_monitor_interface(
137
struct wpa_driver_nl80211_data *drv);
138
139
#ifdef HOSTAPD
140
static void add_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx);
141
static void del_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx);
142
static int have_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx);
143
static int wpa_driver_nl80211_if_remove(void *priv,
144
enum wpa_driver_if_type type,
145
const char *ifname);
146
#else /* HOSTAPD */
147
static int have_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx)
148
{
149
return 0;
150
}
151
#endif /* HOSTAPD */
152
153
static int i802_set_freq(void *priv, struct hostapd_freq_params *freq);
154
static void wpa_driver_nl80211_probe_req_report_timeout(void *eloop_ctx,
155
void *timeout_ctx);
156
static int nl80211_disable_11b_rates(struct wpa_driver_nl80211_data *drv,
157
int ifindex, int disabled);
158
159
160
/* nl80211 code */
161
static int ack_handler(struct nl_msg *msg, void *arg)
162
{
163
int *err = arg;
164
*err = 0;
165
return NL_STOP;
166
}
167
168
static int finish_handler(struct nl_msg *msg, void *arg)
169
{
170
int *ret = arg;
171
*ret = 0;
172
return NL_SKIP;
173
}
174
175
static int error_handler(struct sockaddr_nl *nla, struct nlmsgerr *err,
176
void *arg)
177
{
178
int *ret = arg;
179
*ret = err->error;
180
return NL_SKIP;
181
}
182
183
184
static int no_seq_check(struct nl_msg *msg, void *arg)
185
{
186
return NL_OK;
187
}
188
189
190
static int send_and_recv(struct wpa_driver_nl80211_data *drv,
191
struct nl_handle *nl_handle, struct nl_msg *msg,
192
int (*valid_handler)(struct nl_msg *, void *),
193
void *valid_data)
194
{
195
struct nl_cb *cb;
196
int err = -ENOMEM;
197
198
cb = nl_cb_clone(drv->nl_cb);
199
if (!cb)
200
goto out;
201
202
err = nl_send_auto_complete(nl_handle, msg);
203
if (err < 0)
204
goto out;
205
206
err = 1;
207
208
nl_cb_err(cb, NL_CB_CUSTOM, error_handler, &err);
209
nl_cb_set(cb, NL_CB_FINISH, NL_CB_CUSTOM, finish_handler, &err);
210
nl_cb_set(cb, NL_CB_ACK, NL_CB_CUSTOM, ack_handler, &err);
211
212
if (valid_handler)
213
nl_cb_set(cb, NL_CB_VALID, NL_CB_CUSTOM,
214
valid_handler, valid_data);
215
216
while (err > 0)
217
nl_recvmsgs(nl_handle, cb);
218
out:
219
nl_cb_put(cb);
220
nlmsg_free(msg);
221
return err;
222
}
223
224
225
static int send_and_recv_msgs(struct wpa_driver_nl80211_data *drv,
226
struct nl_msg *msg,
227
int (*valid_handler)(struct nl_msg *, void *),
228
void *valid_data)
229
{
230
return send_and_recv(drv, drv->nl_handle, msg, valid_handler,
231
valid_data);
232
}
233
234
235
struct family_data {
236
const char *group;
237
int id;
238
};
239
240
241
static int family_handler(struct nl_msg *msg, void *arg)
242
{
243
struct family_data *res = arg;
244
struct nlattr *tb[CTRL_ATTR_MAX + 1];
245
struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
246
struct nlattr *mcgrp;
247
int i;
248
249
nla_parse(tb, CTRL_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
250
genlmsg_attrlen(gnlh, 0), NULL);
251
if (!tb[CTRL_ATTR_MCAST_GROUPS])
252
return NL_SKIP;
253
254
nla_for_each_nested(mcgrp, tb[CTRL_ATTR_MCAST_GROUPS], i) {
255
struct nlattr *tb2[CTRL_ATTR_MCAST_GRP_MAX + 1];
256
nla_parse(tb2, CTRL_ATTR_MCAST_GRP_MAX, nla_data(mcgrp),
257
nla_len(mcgrp), NULL);
258
if (!tb2[CTRL_ATTR_MCAST_GRP_NAME] ||
259
!tb2[CTRL_ATTR_MCAST_GRP_ID] ||
260
os_strncmp(nla_data(tb2[CTRL_ATTR_MCAST_GRP_NAME]),
261
res->group,
262
nla_len(tb2[CTRL_ATTR_MCAST_GRP_NAME])) != 0)
263
continue;
264
res->id = nla_get_u32(tb2[CTRL_ATTR_MCAST_GRP_ID]);
265
break;
266
};
267
268
return NL_SKIP;
269
}
270
271
272
static int nl_get_multicast_id(struct wpa_driver_nl80211_data *drv,
273
const char *family, const char *group)
274
{
275
struct nl_msg *msg;
276
int ret = -1;
277
struct family_data res = { group, -ENOENT };
278
279
msg = nlmsg_alloc();
280
if (!msg)
281
return -ENOMEM;
282
genlmsg_put(msg, 0, 0, genl_ctrl_resolve(drv->nl_handle, "nlctrl"),
283
0, 0, CTRL_CMD_GETFAMILY, 0);
284
NLA_PUT_STRING(msg, CTRL_ATTR_FAMILY_NAME, family);
285
286
ret = send_and_recv_msgs(drv, msg, family_handler, &res);
287
msg = NULL;
288
if (ret == 0)
289
ret = res.id;
290
291
nla_put_failure:
292
nlmsg_free(msg);
293
return ret;
294
}
295
296
297
static int wpa_driver_nl80211_get_bssid(void *priv, u8 *bssid)
298
{
299
struct i802_bss *bss = priv;
300
struct wpa_driver_nl80211_data *drv = bss->drv;
301
if (!drv->associated)
302
return -1;
303
os_memcpy(bssid, drv->bssid, ETH_ALEN);
304
return 0;
305
}
306
307
308
static int wpa_driver_nl80211_get_ssid(void *priv, u8 *ssid)
309
{
310
struct i802_bss *bss = priv;
311
struct wpa_driver_nl80211_data *drv = bss->drv;
312
if (!drv->associated)
313
return -1;
314
os_memcpy(ssid, drv->ssid, drv->ssid_len);
315
return drv->ssid_len;
316
}
317
318
319
static void wpa_driver_nl80211_event_link(struct wpa_driver_nl80211_data *drv,
320
char *buf, size_t len, int del)
321
{
322
union wpa_event_data event;
323
324
os_memset(&event, 0, sizeof(event));
325
if (len > sizeof(event.interface_status.ifname))
326
len = sizeof(event.interface_status.ifname) - 1;
327
os_memcpy(event.interface_status.ifname, buf, len);
328
event.interface_status.ievent = del ? EVENT_INTERFACE_REMOVED :
329
EVENT_INTERFACE_ADDED;
330
331
wpa_printf(MSG_DEBUG, "RTM_%sLINK, IFLA_IFNAME: Interface '%s' %s",
332
del ? "DEL" : "NEW",
333
event.interface_status.ifname,
334
del ? "removed" : "added");
335
336
if (os_strcmp(drv->first_bss.ifname, event.interface_status.ifname) == 0) {
337
if (del)
338
drv->if_removed = 1;
339
else
340
drv->if_removed = 0;
341
}
342
343
wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_STATUS, &event);
344
}
345
346
347
static int wpa_driver_nl80211_own_ifname(struct wpa_driver_nl80211_data *drv,
348
u8 *buf, size_t len)
349
{
350
int attrlen, rta_len;
351
struct rtattr *attr;
352
353
attrlen = len;
354
attr = (struct rtattr *) buf;
355
356
rta_len = RTA_ALIGN(sizeof(struct rtattr));
357
while (RTA_OK(attr, attrlen)) {
358
if (attr->rta_type == IFLA_IFNAME) {
359
if (os_strcmp(((char *) attr) + rta_len, drv->first_bss.ifname)
360
== 0)
361
return 1;
362
else
363
break;
364
}
365
attr = RTA_NEXT(attr, attrlen);
366
}
367
368
return 0;
369
}
370
371
372
static int wpa_driver_nl80211_own_ifindex(struct wpa_driver_nl80211_data *drv,
373
int ifindex, u8 *buf, size_t len)
374
{
375
if (drv->ifindex == ifindex)
376
return 1;
377
378
if (drv->if_removed && wpa_driver_nl80211_own_ifname(drv, buf, len)) {
379
drv->first_bss.ifindex = if_nametoindex(drv->first_bss.ifname);
380
wpa_printf(MSG_DEBUG, "nl80211: Update ifindex for a removed "
381
"interface");
382
wpa_driver_nl80211_finish_drv_init(drv);
383
return 1;
384
}
385
386
return 0;
387
}
388
389
390
static void wpa_driver_nl80211_event_rtm_newlink(void *ctx,
391
struct ifinfomsg *ifi,
392
u8 *buf, size_t len)
393
{
394
struct wpa_driver_nl80211_data *drv = ctx;
395
int attrlen, rta_len;
396
struct rtattr *attr;
397
u32 brid = 0;
398
399
if (!wpa_driver_nl80211_own_ifindex(drv, ifi->ifi_index, buf, len) &&
400
!have_ifidx(drv, ifi->ifi_index)) {
401
wpa_printf(MSG_DEBUG, "nl80211: Ignore event for foreign "
402
"ifindex %d", ifi->ifi_index);
403
return;
404
}
405
406
wpa_printf(MSG_DEBUG, "RTM_NEWLINK: operstate=%d ifi_flags=0x%x "
407
"(%s%s%s%s)",
408
drv->operstate, ifi->ifi_flags,
409
(ifi->ifi_flags & IFF_UP) ? "[UP]" : "",
410
(ifi->ifi_flags & IFF_RUNNING) ? "[RUNNING]" : "",
411
(ifi->ifi_flags & IFF_LOWER_UP) ? "[LOWER_UP]" : "",
412
(ifi->ifi_flags & IFF_DORMANT) ? "[DORMANT]" : "");
413
/*
414
* Some drivers send the association event before the operup event--in
415
* this case, lifting operstate in wpa_driver_nl80211_set_operstate()
416
* fails. This will hit us when wpa_supplicant does not need to do
417
* IEEE 802.1X authentication
418
*/
419
if (drv->operstate == 1 &&
420
(ifi->ifi_flags & (IFF_LOWER_UP | IFF_DORMANT)) == IFF_LOWER_UP &&
421
!(ifi->ifi_flags & IFF_RUNNING))
422
netlink_send_oper_ifla(drv->netlink, drv->ifindex,
423
-1, IF_OPER_UP);
424
425
attrlen = len;
426
attr = (struct rtattr *) buf;
427
rta_len = RTA_ALIGN(sizeof(struct rtattr));
428
while (RTA_OK(attr, attrlen)) {
429
if (attr->rta_type == IFLA_IFNAME) {
430
wpa_driver_nl80211_event_link(
431
drv,
432
((char *) attr) + rta_len,
433
attr->rta_len - rta_len, 0);
434
} else if (attr->rta_type == IFLA_MASTER)
435
brid = nla_get_u32((struct nlattr *) attr);
436
attr = RTA_NEXT(attr, attrlen);
437
}
438
439
#ifdef HOSTAPD
440
if (ifi->ifi_family == AF_BRIDGE && brid) {
441
/* device has been added to bridge */
442
char namebuf[IFNAMSIZ];
443
if_indextoname(brid, namebuf);
444
wpa_printf(MSG_DEBUG, "nl80211: Add ifindex %u for bridge %s",
445
brid, namebuf);
446
add_ifidx(drv, brid);
447
}
448
#endif /* HOSTAPD */
449
}
450
451
452
static void wpa_driver_nl80211_event_rtm_dellink(void *ctx,
453
struct ifinfomsg *ifi,
454
u8 *buf, size_t len)
455
{
456
struct wpa_driver_nl80211_data *drv = ctx;
457
int attrlen, rta_len;
458
struct rtattr *attr;
459
u32 brid = 0;
460
461
attrlen = len;
462
attr = (struct rtattr *) buf;
463
464
rta_len = RTA_ALIGN(sizeof(struct rtattr));
465
while (RTA_OK(attr, attrlen)) {
466
if (attr->rta_type == IFLA_IFNAME) {
467
wpa_driver_nl80211_event_link(
468
drv,
469
((char *) attr) + rta_len,
470
attr->rta_len - rta_len, 1);
471
} else if (attr->rta_type == IFLA_MASTER)
472
brid = nla_get_u32((struct nlattr *) attr);
473
attr = RTA_NEXT(attr, attrlen);
474
}
475
476
#ifdef HOSTAPD
477
if (ifi->ifi_family == AF_BRIDGE && brid) {
478
/* device has been removed from bridge */
479
char namebuf[IFNAMSIZ];
480
if_indextoname(brid, namebuf);
481
wpa_printf(MSG_DEBUG, "nl80211: Remove ifindex %u for bridge "
482
"%s", brid, namebuf);
483
del_ifidx(drv, brid);
484
}
485
#endif /* HOSTAPD */
486
}
487
488
489
static void mlme_event_auth(struct wpa_driver_nl80211_data *drv,
490
const u8 *frame, size_t len)
491
{
492
const struct ieee80211_mgmt *mgmt;
493
union wpa_event_data event;
494
495
mgmt = (const struct ieee80211_mgmt *) frame;
496
if (len < 24 + sizeof(mgmt->u.auth)) {
497
wpa_printf(MSG_DEBUG, "nl80211: Too short association event "
498
"frame");
499
return;
500
}
501
502
os_memcpy(drv->auth_bssid, mgmt->sa, ETH_ALEN);
503
os_memset(&event, 0, sizeof(event));
504
os_memcpy(event.auth.peer, mgmt->sa, ETH_ALEN);
505
event.auth.auth_type = le_to_host16(mgmt->u.auth.auth_alg);
506
event.auth.status_code = le_to_host16(mgmt->u.auth.status_code);
507
if (len > 24 + sizeof(mgmt->u.auth)) {
508
event.auth.ies = mgmt->u.auth.variable;
509
event.auth.ies_len = len - 24 - sizeof(mgmt->u.auth);
510
}
511
512
wpa_supplicant_event(drv->ctx, EVENT_AUTH, &event);
513
}
514
515
516
static void mlme_event_assoc(struct wpa_driver_nl80211_data *drv,
517
const u8 *frame, size_t len)
518
{
519
const struct ieee80211_mgmt *mgmt;
520
union wpa_event_data event;
521
u16 status;
522
523
mgmt = (const struct ieee80211_mgmt *) frame;
524
if (len < 24 + sizeof(mgmt->u.assoc_resp)) {
525
wpa_printf(MSG_DEBUG, "nl80211: Too short association event "
526
"frame");
527
return;
528
}
529
530
status = le_to_host16(mgmt->u.assoc_resp.status_code);
531
if (status != WLAN_STATUS_SUCCESS) {
532
os_memset(&event, 0, sizeof(event));
533
if (len > 24 + sizeof(mgmt->u.assoc_resp)) {
534
event.assoc_reject.resp_ies =
535
(u8 *) mgmt->u.assoc_resp.variable;
536
event.assoc_reject.resp_ies_len =
537
len - 24 - sizeof(mgmt->u.assoc_resp);
538
}
539
event.assoc_reject.status_code = status;
540
541
wpa_supplicant_event(drv->ctx, EVENT_ASSOC_REJECT, &event);
542
return;
543
}
544
545
drv->associated = 1;
546
os_memcpy(drv->bssid, mgmt->sa, ETH_ALEN);
547
548
os_memset(&event, 0, sizeof(event));
549
if (len > 24 + sizeof(mgmt->u.assoc_resp)) {
550
event.assoc_info.resp_ies = (u8 *) mgmt->u.assoc_resp.variable;
551
event.assoc_info.resp_ies_len =
552
len - 24 - sizeof(mgmt->u.assoc_resp);
553
}
554
555
event.assoc_info.freq = drv->assoc_freq;
556
557
wpa_supplicant_event(drv->ctx, EVENT_ASSOC, &event);
558
}
559
560
561
static void mlme_event_connect(struct wpa_driver_nl80211_data *drv,
562
enum nl80211_commands cmd, struct nlattr *status,
563
struct nlattr *addr, struct nlattr *req_ie,
564
struct nlattr *resp_ie)
565
{
566
union wpa_event_data event;
567
568
if (drv->capa.flags & WPA_DRIVER_FLAGS_SME) {
569
/*
570
* Avoid reporting two association events that would confuse
571
* the core code.
572
*/
573
wpa_printf(MSG_DEBUG, "nl80211: Ignore connect event (cmd=%d) "
574
"when using userspace SME", cmd);
575
return;
576
}
577
578
os_memset(&event, 0, sizeof(event));
579
if (cmd == NL80211_CMD_CONNECT &&
580
nla_get_u16(status) != WLAN_STATUS_SUCCESS) {
581
if (resp_ie) {
582
event.assoc_reject.resp_ies = nla_data(resp_ie);
583
event.assoc_reject.resp_ies_len = nla_len(resp_ie);
584
}
585
event.assoc_reject.status_code = nla_get_u16(status);
586
wpa_supplicant_event(drv->ctx, EVENT_ASSOC_REJECT, &event);
587
return;
588
}
589
590
drv->associated = 1;
591
if (addr)
592
os_memcpy(drv->bssid, nla_data(addr), ETH_ALEN);
593
594
if (req_ie) {
595
event.assoc_info.req_ies = nla_data(req_ie);
596
event.assoc_info.req_ies_len = nla_len(req_ie);
597
}
598
if (resp_ie) {
599
event.assoc_info.resp_ies = nla_data(resp_ie);
600
event.assoc_info.resp_ies_len = nla_len(resp_ie);
601
}
602
603
wpa_supplicant_event(drv->ctx, EVENT_ASSOC, &event);
604
}
605
606
607
static void mlme_timeout_event(struct wpa_driver_nl80211_data *drv,
608
enum nl80211_commands cmd, struct nlattr *addr)
609
{
610
union wpa_event_data event;
611
enum wpa_event_type ev;
612
613
if (nla_len(addr) != ETH_ALEN)
614
return;
615
616
wpa_printf(MSG_DEBUG, "nl80211: MLME event %d; timeout with " MACSTR,
617
cmd, MAC2STR((u8 *) nla_data(addr)));
618
619
if (cmd == NL80211_CMD_AUTHENTICATE)
620
ev = EVENT_AUTH_TIMED_OUT;
621
else if (cmd == NL80211_CMD_ASSOCIATE)
622
ev = EVENT_ASSOC_TIMED_OUT;
623
else
624
return;
625
626
os_memset(&event, 0, sizeof(event));
627
os_memcpy(event.timeout_event.addr, nla_data(addr), ETH_ALEN);
628
wpa_supplicant_event(drv->ctx, ev, &event);
629
}
630
631
632
static void mlme_event_action(struct wpa_driver_nl80211_data *drv,
633
struct nlattr *freq, const u8 *frame, size_t len)
634
{
635
const struct ieee80211_mgmt *mgmt;
636
union wpa_event_data event;
637
u16 fc, stype;
638
639
mgmt = (const struct ieee80211_mgmt *) frame;
640
if (len < 24) {
641
wpa_printf(MSG_DEBUG, "nl80211: Too short action frame");
642
return;
643
}
644
645
fc = le_to_host16(mgmt->frame_control);
646
stype = WLAN_FC_GET_STYPE(fc);
647
648
os_memset(&event, 0, sizeof(event));
649
event.rx_action.da = mgmt->da;
650
event.rx_action.sa = mgmt->sa;
651
event.rx_action.bssid = mgmt->bssid;
652
event.rx_action.category = mgmt->u.action.category;
653
event.rx_action.data = &mgmt->u.action.category + 1;
654
event.rx_action.len = frame + len - event.rx_action.data;
655
if (freq)
656
event.rx_action.freq = nla_get_u32(freq);
657
wpa_supplicant_event(drv->ctx, EVENT_RX_ACTION, &event);
658
}
659
660
661
static void mlme_event_action_tx_status(struct wpa_driver_nl80211_data *drv,
662
struct nlattr *cookie, const u8 *frame,
663
size_t len, struct nlattr *ack)
664
{
665
union wpa_event_data event;
666
const struct ieee80211_hdr *hdr;
667
u16 fc;
668
u64 cookie_val;
669
670
if (!cookie)
671
return;
672
673
cookie_val = nla_get_u64(cookie);
674
wpa_printf(MSG_DEBUG, "nl80211: Action TX status: cookie=0%llx%s",
675
(long long unsigned int) cookie_val,
676
cookie_val == drv->send_action_cookie ?
677
" (match)" : " (unknown)");
678
if (cookie_val != drv->send_action_cookie)
679
return;
680
681
hdr = (const struct ieee80211_hdr *) frame;
682
fc = le_to_host16(hdr->frame_control);
683
684
os_memset(&event, 0, sizeof(event));
685
event.tx_status.type = WLAN_FC_GET_TYPE(fc);
686
event.tx_status.stype = WLAN_FC_GET_STYPE(fc);
687
event.tx_status.dst = hdr->addr1;
688
event.tx_status.data = frame;
689
event.tx_status.data_len = len;
690
event.tx_status.ack = ack != NULL;
691
wpa_supplicant_event(drv->ctx, EVENT_TX_STATUS, &event);
692
}
693
694
695
static void mlme_event_deauth_disassoc(struct wpa_driver_nl80211_data *drv,
696
enum wpa_event_type type,
697
const u8 *frame, size_t len)
698
{
699
const struct ieee80211_mgmt *mgmt;
700
union wpa_event_data event;
701
const u8 *bssid = NULL;
702
u16 reason_code = 0;
703
704
mgmt = (const struct ieee80211_mgmt *) frame;
705
if (len >= 24) {
706
bssid = mgmt->bssid;
707
708
if (drv->associated != 0 &&
709
os_memcmp(bssid, drv->bssid, ETH_ALEN) != 0 &&
710
os_memcmp(bssid, drv->auth_bssid, ETH_ALEN) != 0) {
711
/*
712
* We have presumably received this deauth as a
713
* response to a clear_state_mismatch() outgoing
714
* deauth. Don't let it take us offline!
715
*/
716
wpa_printf(MSG_DEBUG, "nl80211: Deauth received "
717
"from Unknown BSSID " MACSTR " -- ignoring",
718
MAC2STR(bssid));
719
return;
720
}
721
}
722
723
drv->associated = 0;
724
os_memset(&event, 0, sizeof(event));
725
726
/* Note: Same offset for Reason Code in both frame subtypes */
727
if (len >= 24 + sizeof(mgmt->u.deauth))
728
reason_code = le_to_host16(mgmt->u.deauth.reason_code);
729
730
if (type == EVENT_DISASSOC) {
731
event.disassoc_info.addr = bssid;
732
event.disassoc_info.reason_code = reason_code;
733
} else {
734
event.deauth_info.addr = bssid;
735
event.deauth_info.reason_code = reason_code;
736
}
737
738
wpa_supplicant_event(drv->ctx, type, &event);
739
}
740
741
742
static void mlme_event(struct wpa_driver_nl80211_data *drv,
743
enum nl80211_commands cmd, struct nlattr *frame,
744
struct nlattr *addr, struct nlattr *timed_out,
745
struct nlattr *freq, struct nlattr *ack,
746
struct nlattr *cookie)
747
{
748
if (timed_out && addr) {
749
mlme_timeout_event(drv, cmd, addr);
750
return;
751
}
752
753
if (frame == NULL) {
754
wpa_printf(MSG_DEBUG, "nl80211: MLME event %d without frame "
755
"data", cmd);
756
return;
757
}
758
759
wpa_printf(MSG_DEBUG, "nl80211: MLME event %d", cmd);
760
wpa_hexdump(MSG_MSGDUMP, "nl80211: MLME event frame",
761
nla_data(frame), nla_len(frame));
762
763
switch (cmd) {
764
case NL80211_CMD_AUTHENTICATE:
765
mlme_event_auth(drv, nla_data(frame), nla_len(frame));
766
break;
767
case NL80211_CMD_ASSOCIATE:
768
mlme_event_assoc(drv, nla_data(frame), nla_len(frame));
769
break;
770
case NL80211_CMD_DEAUTHENTICATE:
771
mlme_event_deauth_disassoc(drv, EVENT_DEAUTH,
772
nla_data(frame), nla_len(frame));
773
break;
774
case NL80211_CMD_DISASSOCIATE:
775
mlme_event_deauth_disassoc(drv, EVENT_DISASSOC,
776
nla_data(frame), nla_len(frame));
777
break;
778
case NL80211_CMD_ACTION:
779
mlme_event_action(drv, freq, nla_data(frame), nla_len(frame));
780
break;
781
case NL80211_CMD_ACTION_TX_STATUS:
782
mlme_event_action_tx_status(drv, cookie, nla_data(frame),
783
nla_len(frame), ack);
784
break;
785
default:
786
break;
787
}
788
}
789
790
791
static void mlme_event_michael_mic_failure(struct wpa_driver_nl80211_data *drv,
792
struct nlattr *tb[])
793
{
794
union wpa_event_data data;
795
796
wpa_printf(MSG_DEBUG, "nl80211: MLME event Michael MIC failure");
797
os_memset(&data, 0, sizeof(data));
798
if (tb[NL80211_ATTR_MAC]) {
799
wpa_hexdump(MSG_DEBUG, "nl80211: Source MAC address",
800
nla_data(tb[NL80211_ATTR_MAC]),
801
nla_len(tb[NL80211_ATTR_MAC]));
802
data.michael_mic_failure.src = nla_data(tb[NL80211_ATTR_MAC]);
803
}
804
if (tb[NL80211_ATTR_KEY_SEQ]) {
805
wpa_hexdump(MSG_DEBUG, "nl80211: TSC",
806
nla_data(tb[NL80211_ATTR_KEY_SEQ]),
807
nla_len(tb[NL80211_ATTR_KEY_SEQ]));
808
}
809
if (tb[NL80211_ATTR_KEY_TYPE]) {
810
enum nl80211_key_type key_type =
811
nla_get_u32(tb[NL80211_ATTR_KEY_TYPE]);
812
wpa_printf(MSG_DEBUG, "nl80211: Key Type %d", key_type);
813
if (key_type == NL80211_KEYTYPE_PAIRWISE)
814
data.michael_mic_failure.unicast = 1;
815
} else
816
data.michael_mic_failure.unicast = 1;
817
818
if (tb[NL80211_ATTR_KEY_IDX]) {
819
u8 key_id = nla_get_u8(tb[NL80211_ATTR_KEY_IDX]);
820
wpa_printf(MSG_DEBUG, "nl80211: Key Id %d", key_id);
821
}
822
823
wpa_supplicant_event(drv->ctx, EVENT_MICHAEL_MIC_FAILURE, &data);
824
}
825
826
827
static void mlme_event_join_ibss(struct wpa_driver_nl80211_data *drv,
828
struct nlattr *tb[])
829
{
830
if (tb[NL80211_ATTR_MAC] == NULL) {
831
wpa_printf(MSG_DEBUG, "nl80211: No address in IBSS joined "
832
"event");
833
return;
834
}
835
os_memcpy(drv->bssid, nla_data(tb[NL80211_ATTR_MAC]), ETH_ALEN);
836
drv->associated = 1;
837
wpa_printf(MSG_DEBUG, "nl80211: IBSS " MACSTR " joined",
838
MAC2STR(drv->bssid));
839
840
wpa_supplicant_event(drv->ctx, EVENT_ASSOC, NULL);
841
}
842
843
844
static void mlme_event_remain_on_channel(struct wpa_driver_nl80211_data *drv,
845
int cancel_event, struct nlattr *tb[])
846
{
847
unsigned int freq, chan_type, duration;
848
union wpa_event_data data;
849
u64 cookie;
850
851
if (tb[NL80211_ATTR_WIPHY_FREQ])
852
freq = nla_get_u32(tb[NL80211_ATTR_WIPHY_FREQ]);
853
else
854
freq = 0;
855
856
if (tb[NL80211_ATTR_WIPHY_CHANNEL_TYPE])
857
chan_type = nla_get_u32(tb[NL80211_ATTR_WIPHY_CHANNEL_TYPE]);
858
else
859
chan_type = 0;
860
861
if (tb[NL80211_ATTR_DURATION])
862
duration = nla_get_u32(tb[NL80211_ATTR_DURATION]);
863
else
864
duration = 0;
865
866
if (tb[NL80211_ATTR_COOKIE])
867
cookie = nla_get_u64(tb[NL80211_ATTR_COOKIE]);
868
else
869
cookie = 0;
870
871
wpa_printf(MSG_DEBUG, "nl80211: Remain-on-channel event (cancel=%d "
872
"freq=%u channel_type=%u duration=%u cookie=0x%llx (%s))",
873
cancel_event, freq, chan_type, duration,
874
(long long unsigned int) cookie,
875
cookie == drv->remain_on_chan_cookie ? "match" : "unknown");
876
877
if (cookie != drv->remain_on_chan_cookie)
878
return; /* not for us */
879
880
drv->pending_remain_on_chan = !cancel_event;
881
882
os_memset(&data, 0, sizeof(data));
883
data.remain_on_channel.freq = freq;
884
data.remain_on_channel.duration = duration;
885
wpa_supplicant_event(drv->ctx, cancel_event ?
886
EVENT_CANCEL_REMAIN_ON_CHANNEL :
887
EVENT_REMAIN_ON_CHANNEL, &data);
888
}
889
890
891
static void send_scan_event(struct wpa_driver_nl80211_data *drv, int aborted,
892
struct nlattr *tb[])
893
{
894
union wpa_event_data event;
895
struct nlattr *nl;
896
int rem;
897
struct scan_info *info;
898
#define MAX_REPORT_FREQS 50
899
int freqs[MAX_REPORT_FREQS];
900
int num_freqs = 0;
901
902
os_memset(&event, 0, sizeof(event));
903
info = &event.scan_info;
904
info->aborted = aborted;
905
906
if (tb[NL80211_ATTR_SCAN_SSIDS]) {
907
nla_for_each_nested(nl, tb[NL80211_ATTR_SCAN_SSIDS], rem) {
908
struct wpa_driver_scan_ssid *s =
909
&info->ssids[info->num_ssids];
910
s->ssid = nla_data(nl);
911
s->ssid_len = nla_len(nl);
912
info->num_ssids++;
913
if (info->num_ssids == WPAS_MAX_SCAN_SSIDS)
914
break;
915
}
916
}
917
if (tb[NL80211_ATTR_SCAN_FREQUENCIES]) {
918
nla_for_each_nested(nl, tb[NL80211_ATTR_SCAN_FREQUENCIES], rem)
919
{
920
freqs[num_freqs] = nla_get_u32(nl);
921
num_freqs++;
922
if (num_freqs == MAX_REPORT_FREQS - 1)
923
break;
924
}
925
info->freqs = freqs;
926
info->num_freqs = num_freqs;
927
}
928
wpa_supplicant_event(drv->ctx, EVENT_SCAN_RESULTS, &event);
929
}
930
931
932
static void nl80211_cqm_event(struct wpa_driver_nl80211_data *drv,
933
struct nlattr *tb[])
934
{
935
static struct nla_policy cqm_policy[NL80211_ATTR_CQM_MAX + 1] = {
936
[NL80211_ATTR_CQM_RSSI_THOLD] = { .type = NLA_U32 },
937
[NL80211_ATTR_CQM_RSSI_HYST] = { .type = NLA_U8 },
938
[NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT] = { .type = NLA_U32 },
939
};
940
struct nlattr *cqm[NL80211_ATTR_CQM_MAX + 1];
941
enum nl80211_cqm_rssi_threshold_event event;
942
union wpa_event_data ed;
943
944
if (tb[NL80211_ATTR_CQM] == NULL ||
945
nla_parse_nested(cqm, NL80211_ATTR_CQM_MAX, tb[NL80211_ATTR_CQM],
946
cqm_policy)) {
947
wpa_printf(MSG_DEBUG, "nl80211: Ignore invalid CQM event");
948
return;
949
}
950
951
if (cqm[NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT] == NULL)
952
return;
953
event = nla_get_u32(cqm[NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT]);
954
955
os_memset(&ed, 0, sizeof(ed));
956
957
if (event == NL80211_CQM_RSSI_THRESHOLD_EVENT_HIGH) {
958
wpa_printf(MSG_DEBUG, "nl80211: Connection quality monitor "
959
"event: RSSI high");
960
ed.signal_change.above_threshold = 1;
961
} else if (event == NL80211_CQM_RSSI_THRESHOLD_EVENT_LOW) {
962
wpa_printf(MSG_DEBUG, "nl80211: Connection quality monitor "
963
"event: RSSI low");
964
ed.signal_change.above_threshold = 0;
965
} else
966
return;
967
968
wpa_supplicant_event(drv->ctx, EVENT_SIGNAL_CHANGE, &ed);
969
}
970
971
972
static int process_event(struct nl_msg *msg, void *arg)
973
{
974
struct wpa_driver_nl80211_data *drv = arg;
975
struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
976
struct nlattr *tb[NL80211_ATTR_MAX + 1];
977
union wpa_event_data data;
978
979
nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
980
genlmsg_attrlen(gnlh, 0), NULL);
981
982
if (tb[NL80211_ATTR_IFINDEX]) {
983
int ifindex = nla_get_u32(tb[NL80211_ATTR_IFINDEX]);
984
if (ifindex != drv->ifindex && !have_ifidx(drv, ifindex)) {
985
wpa_printf(MSG_DEBUG, "nl80211: Ignored event (cmd=%d)"
986
" for foreign interface (ifindex %d)",
987
gnlh->cmd, ifindex);
988
return NL_SKIP;
989
}
990
}
991
992
if (drv->ap_scan_as_station &&
993
(gnlh->cmd == NL80211_CMD_NEW_SCAN_RESULTS ||
994
gnlh->cmd == NL80211_CMD_SCAN_ABORTED)) {
995
wpa_driver_nl80211_set_mode(&drv->first_bss,
996
IEEE80211_MODE_AP);
997
drv->ap_scan_as_station = 0;
998
}
999
1000
switch (gnlh->cmd) {
1001
case NL80211_CMD_TRIGGER_SCAN:
1002
wpa_printf(MSG_DEBUG, "nl80211: Scan trigger");
1003
break;
1004
case NL80211_CMD_NEW_SCAN_RESULTS:
1005
wpa_printf(MSG_DEBUG, "nl80211: New scan results available");
1006
drv->scan_complete_events = 1;
1007
eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv,
1008
drv->ctx);
1009
send_scan_event(drv, 0, tb);
1010
break;
1011
case NL80211_CMD_SCAN_ABORTED:
1012
wpa_printf(MSG_DEBUG, "nl80211: Scan aborted");
1013
/*
1014
* Need to indicate that scan results are available in order
1015
* not to make wpa_supplicant stop its scanning.
1016
*/
1017
eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv,
1018
drv->ctx);
1019
send_scan_event(drv, 1, tb);
1020
break;
1021
case NL80211_CMD_AUTHENTICATE:
1022
case NL80211_CMD_ASSOCIATE:
1023
case NL80211_CMD_DEAUTHENTICATE:
1024
case NL80211_CMD_DISASSOCIATE:
1025
case NL80211_CMD_ACTION:
1026
case NL80211_CMD_ACTION_TX_STATUS:
1027
mlme_event(drv, gnlh->cmd, tb[NL80211_ATTR_FRAME],
1028
tb[NL80211_ATTR_MAC], tb[NL80211_ATTR_TIMED_OUT],
1029
tb[NL80211_ATTR_WIPHY_FREQ], tb[NL80211_ATTR_ACK],
1030
tb[NL80211_ATTR_COOKIE]);
1031
break;
1032
case NL80211_CMD_CONNECT:
1033
case NL80211_CMD_ROAM:
1034
mlme_event_connect(drv, gnlh->cmd,
1035
tb[NL80211_ATTR_STATUS_CODE],
1036
tb[NL80211_ATTR_MAC],
1037
tb[NL80211_ATTR_REQ_IE],
1038
tb[NL80211_ATTR_RESP_IE]);
1039
break;
1040
case NL80211_CMD_DISCONNECT:
1041
if (drv->capa.flags & WPA_DRIVER_FLAGS_SME) {
1042
/*
1043
* Avoid reporting two disassociation events that could
1044
* confuse the core code.
1045
*/
1046
wpa_printf(MSG_DEBUG, "nl80211: Ignore disconnect "
1047
"event when using userspace SME");
1048
break;
1049
}
1050
drv->associated = 0;
1051
os_memset(&data, 0, sizeof(data));
1052
if (tb[NL80211_ATTR_REASON_CODE])
1053
data.disassoc_info.reason_code =
1054
nla_get_u16(tb[NL80211_ATTR_REASON_CODE]);
1055
wpa_supplicant_event(drv->ctx, EVENT_DISASSOC, &data);
1056
break;
1057
case NL80211_CMD_MICHAEL_MIC_FAILURE:
1058
mlme_event_michael_mic_failure(drv, tb);
1059
break;
1060
case NL80211_CMD_JOIN_IBSS:
1061
mlme_event_join_ibss(drv, tb);
1062
break;
1063
case NL80211_CMD_REMAIN_ON_CHANNEL:
1064
mlme_event_remain_on_channel(drv, 0, tb);
1065
break;
1066
case NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL:
1067
mlme_event_remain_on_channel(drv, 1, tb);
1068
break;
1069
case NL80211_CMD_NOTIFY_CQM:
1070
nl80211_cqm_event(drv, tb);
1071
break;
1072
default:
1073
wpa_printf(MSG_DEBUG, "nl80211: Ignored unknown event "
1074
"(cmd=%d)", gnlh->cmd);
1075
break;
1076
}
1077
1078
return NL_SKIP;
1079
}
1080
1081
1082
static void wpa_driver_nl80211_event_receive(int sock, void *eloop_ctx,
1083
void *sock_ctx)
1084
{
1085
struct nl_cb *cb;
1086
struct wpa_driver_nl80211_data *drv = eloop_ctx;
1087
1088
wpa_printf(MSG_DEBUG, "nl80211: Event message available");
1089
1090
cb = nl_cb_clone(drv->nl_cb);
1091
if (!cb)
1092
return;
1093
nl_cb_set(cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM, no_seq_check, NULL);
1094
nl_cb_set(cb, NL_CB_VALID, NL_CB_CUSTOM, process_event, drv);
1095
nl_recvmsgs(drv->nl_handle_event, cb);
1096
nl_cb_put(cb);
1097
}
1098
1099
1100
/**
1101
* wpa_driver_nl80211_set_country - ask nl80211 to set the regulatory domain
1102
* @priv: driver_nl80211 private data
1103
* @alpha2_arg: country to which to switch to
1104
* Returns: 0 on success, -1 on failure
1105
*
1106
* This asks nl80211 to set the regulatory domain for given
1107
* country ISO / IEC alpha2.
1108
*/
1109
static int wpa_driver_nl80211_set_country(void *priv, const char *alpha2_arg)
1110
{
1111
struct i802_bss *bss = priv;
1112
struct wpa_driver_nl80211_data *drv = bss->drv;
1113
char alpha2[3];
1114
struct nl_msg *msg;
1115
1116
msg = nlmsg_alloc();
1117
if (!msg)
1118
return -ENOMEM;
1119
1120
alpha2[0] = alpha2_arg[0];
1121
alpha2[1] = alpha2_arg[1];
1122
alpha2[2] = '\0';
1123
1124
genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
1125
0, NL80211_CMD_REQ_SET_REG, 0);
1126
1127
NLA_PUT_STRING(msg, NL80211_ATTR_REG_ALPHA2, alpha2);
1128
if (send_and_recv_msgs(drv, msg, NULL, NULL))
1129
return -EINVAL;
1130
return 0;
1131
nla_put_failure:
1132
return -EINVAL;
1133
}
1134
1135
1136
#ifndef HOSTAPD
1137
struct wiphy_info_data {
1138
int max_scan_ssids;
1139
int ap_supported;
1140
int auth_supported;
1141
int connect_supported;
1142
};
1143
1144
1145
static int wiphy_info_handler(struct nl_msg *msg, void *arg)
1146
{
1147
struct nlattr *tb[NL80211_ATTR_MAX + 1];
1148
struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
1149
struct wiphy_info_data *info = arg;
1150
1151
nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
1152
genlmsg_attrlen(gnlh, 0), NULL);
1153
1154
if (tb[NL80211_ATTR_MAX_NUM_SCAN_SSIDS])
1155
info->max_scan_ssids =
1156
nla_get_u8(tb[NL80211_ATTR_MAX_NUM_SCAN_SSIDS]);
1157
1158
if (tb[NL80211_ATTR_SUPPORTED_IFTYPES]) {
1159
struct nlattr *nl_mode;
1160
int i;
1161
nla_for_each_nested(nl_mode,
1162
tb[NL80211_ATTR_SUPPORTED_IFTYPES], i) {
1163
if (nl_mode->nla_type == NL80211_IFTYPE_AP) {
1164
info->ap_supported = 1;
1165
break;
1166
}
1167
}
1168
}
1169
1170
if (tb[NL80211_ATTR_SUPPORTED_COMMANDS]) {
1171
struct nlattr *nl_cmd;
1172
int i;
1173
1174
nla_for_each_nested(nl_cmd,
1175
tb[NL80211_ATTR_SUPPORTED_COMMANDS], i) {
1176
u32 cmd = nla_get_u32(nl_cmd);
1177
if (cmd == NL80211_CMD_AUTHENTICATE)
1178
info->auth_supported = 1;
1179
else if (cmd == NL80211_CMD_CONNECT)
1180
info->connect_supported = 1;
1181
}
1182
}
1183
1184
return NL_SKIP;
1185
}
1186
1187
1188
static int wpa_driver_nl80211_get_info(struct wpa_driver_nl80211_data *drv,
1189
struct wiphy_info_data *info)
1190
{
1191
struct nl_msg *msg;
1192
1193
os_memset(info, 0, sizeof(*info));
1194
msg = nlmsg_alloc();
1195
if (!msg)
1196
return -1;
1197
1198
genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
1199
0, NL80211_CMD_GET_WIPHY, 0);
1200
1201
NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->first_bss.ifindex);
1202
1203
if (send_and_recv_msgs(drv, msg, wiphy_info_handler, info) == 0)
1204
return 0;
1205
msg = NULL;
1206
nla_put_failure:
1207
nlmsg_free(msg);
1208
return -1;
1209
}
1210
1211
1212
static int wpa_driver_nl80211_capa(struct wpa_driver_nl80211_data *drv)
1213
{
1214
struct wiphy_info_data info;
1215
if (wpa_driver_nl80211_get_info(drv, &info))
1216
return -1;
1217
drv->has_capability = 1;
1218
/* For now, assume TKIP, CCMP, WPA, WPA2 are supported */
1219
drv->capa.key_mgmt = WPA_DRIVER_CAPA_KEY_MGMT_WPA |
1220
WPA_DRIVER_CAPA_KEY_MGMT_WPA_PSK |
1221
WPA_DRIVER_CAPA_KEY_MGMT_WPA2 |
1222
WPA_DRIVER_CAPA_KEY_MGMT_WPA2_PSK;
1223
drv->capa.enc = WPA_DRIVER_CAPA_ENC_WEP40 |
1224
WPA_DRIVER_CAPA_ENC_WEP104 |
1225
WPA_DRIVER_CAPA_ENC_TKIP |
1226
WPA_DRIVER_CAPA_ENC_CCMP;
1227
drv->capa.auth = WPA_DRIVER_AUTH_OPEN |
1228
WPA_DRIVER_AUTH_SHARED |
1229
WPA_DRIVER_AUTH_LEAP;
1230
1231
drv->capa.max_scan_ssids = info.max_scan_ssids;
1232
if (info.ap_supported)
1233
drv->capa.flags |= WPA_DRIVER_FLAGS_AP;
1234
1235
if (info.auth_supported)
1236
drv->capa.flags |= WPA_DRIVER_FLAGS_SME;
1237
else if (!info.connect_supported) {
1238
wpa_printf(MSG_INFO, "nl80211: Driver does not support "
1239
"authentication/association or connect commands");
1240
return -1;
1241
}
1242
1243
drv->capa.flags |= WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC_DONE;
1244
drv->capa.max_remain_on_chan = 5000;
1245
1246
return 0;
1247
}
1248
#endif /* HOSTAPD */
1249
1250
1251
static int wpa_driver_nl80211_init_nl(struct wpa_driver_nl80211_data *drv,
1252
void *ctx)
1253
{
1254
int ret;
1255
1256
/* Initialize generic netlink and nl80211 */
1257
1258
drv->nl_cb = nl_cb_alloc(NL_CB_DEFAULT);
1259
if (drv->nl_cb == NULL) {
1260
wpa_printf(MSG_ERROR, "nl80211: Failed to allocate netlink "
1261
"callbacks");
1262
goto err1;
1263
}
1264
1265
drv->nl_handle = nl_handle_alloc_cb(drv->nl_cb);
1266
if (drv->nl_handle == NULL) {
1267
wpa_printf(MSG_ERROR, "nl80211: Failed to allocate netlink "
1268
"callbacks");
1269
goto err2;
1270
}
1271
1272
drv->nl_handle_event = nl_handle_alloc_cb(drv->nl_cb);
1273
if (drv->nl_handle_event == NULL) {
1274
wpa_printf(MSG_ERROR, "nl80211: Failed to allocate netlink "
1275
"callbacks (event)");
1276
goto err2b;
1277
}
1278
1279
if (genl_connect(drv->nl_handle)) {
1280
wpa_printf(MSG_ERROR, "nl80211: Failed to connect to generic "
1281
"netlink");
1282
goto err3;
1283
}
1284
1285
if (genl_connect(drv->nl_handle_event)) {
1286
wpa_printf(MSG_ERROR, "nl80211: Failed to connect to generic "
1287
"netlink (event)");
1288
goto err3;
1289
}
1290
1291
#ifdef CONFIG_LIBNL20
1292
if (genl_ctrl_alloc_cache(drv->nl_handle, &drv->nl_cache) < 0) {
1293
wpa_printf(MSG_ERROR, "nl80211: Failed to allocate generic "
1294
"netlink cache");
1295
goto err3;
1296
}
1297
if (genl_ctrl_alloc_cache(drv->nl_handle_event, &drv->nl_cache_event) <
1298
0) {
1299
wpa_printf(MSG_ERROR, "nl80211: Failed to allocate generic "
1300
"netlink cache (event)");
1301
goto err3b;
1302
}
1303
#else /* CONFIG_LIBNL20 */
1304
drv->nl_cache = genl_ctrl_alloc_cache(drv->nl_handle);
1305
if (drv->nl_cache == NULL) {
1306
wpa_printf(MSG_ERROR, "nl80211: Failed to allocate generic "
1307
"netlink cache");
1308
goto err3;
1309
}
1310
drv->nl_cache_event = genl_ctrl_alloc_cache(drv->nl_handle_event);
1311
if (drv->nl_cache_event == NULL) {
1312
wpa_printf(MSG_ERROR, "nl80211: Failed to allocate generic "
1313
"netlink cache (event)");
1314
goto err3b;
1315
}
1316
#endif /* CONFIG_LIBNL20 */
1317
1318
drv->nl80211 = genl_ctrl_search_by_name(drv->nl_cache, "nl80211");
1319
if (drv->nl80211 == NULL) {
1320
wpa_printf(MSG_ERROR, "nl80211: 'nl80211' generic netlink not "
1321
"found");
1322
goto err4;
1323
}
1324
1325
ret = nl_get_multicast_id(drv, "nl80211", "scan");
1326
if (ret >= 0)
1327
ret = nl_socket_add_membership(drv->nl_handle_event, ret);
1328
if (ret < 0) {
1329
wpa_printf(MSG_ERROR, "nl80211: Could not add multicast "
1330
"membership for scan events: %d (%s)",
1331
ret, strerror(-ret));
1332
goto err4;
1333
}
1334
1335
ret = nl_get_multicast_id(drv, "nl80211", "mlme");
1336
if (ret >= 0)
1337
ret = nl_socket_add_membership(drv->nl_handle_event, ret);
1338
if (ret < 0) {
1339
wpa_printf(MSG_ERROR, "nl80211: Could not add multicast "
1340
"membership for mlme events: %d (%s)",
1341
ret, strerror(-ret));
1342
goto err4;
1343
}
1344
1345
eloop_register_read_sock(nl_socket_get_fd(drv->nl_handle_event),
1346
wpa_driver_nl80211_event_receive, drv, ctx);
1347
1348
return 0;
1349
1350
err4:
1351
nl_cache_free(drv->nl_cache_event);
1352
err3b:
1353
nl_cache_free(drv->nl_cache);
1354
err3:
1355
nl_handle_destroy(drv->nl_handle_event);
1356
err2b:
1357
nl_handle_destroy(drv->nl_handle);
1358
err2:
1359
nl_cb_put(drv->nl_cb);
1360
err1:
1361
return -1;
1362
}
1363
1364
1365
/**
1366
* wpa_driver_nl80211_init - Initialize nl80211 driver interface
1367
* @ctx: context to be used when calling wpa_supplicant functions,
1368
* e.g., wpa_supplicant_event()
1369
* @ifname: interface name, e.g., wlan0
1370
* Returns: Pointer to private data, %NULL on failure
1371
*/
1372
static void * wpa_driver_nl80211_init(void *ctx, const char *ifname)
1373
{
1374
struct wpa_driver_nl80211_data *drv;
1375
struct netlink_config *cfg;
1376
struct i802_bss *bss;
1377
1378
drv = os_zalloc(sizeof(*drv));
1379
if (drv == NULL)
1380
return NULL;
1381
drv->ctx = ctx;
1382
bss = &drv->first_bss;
1383
bss->drv = drv;
1384
os_strlcpy(bss->ifname, ifname, sizeof(bss->ifname));
1385
drv->monitor_ifidx = -1;
1386
drv->monitor_sock = -1;
1387
drv->ioctl_sock = -1;
1388
1389
if (wpa_driver_nl80211_init_nl(drv, ctx)) {
1390
os_free(drv);
1391
return NULL;
1392
}
1393
1394
drv->ioctl_sock = socket(PF_INET, SOCK_DGRAM, 0);
1395
if (drv->ioctl_sock < 0) {
1396
perror("socket(PF_INET,SOCK_DGRAM)");
1397
goto failed;
1398
}
1399
1400
cfg = os_zalloc(sizeof(*cfg));
1401
if (cfg == NULL)
1402
goto failed;
1403
cfg->ctx = drv;
1404
cfg->newlink_cb = wpa_driver_nl80211_event_rtm_newlink;
1405
cfg->dellink_cb = wpa_driver_nl80211_event_rtm_dellink;
1406
drv->netlink = netlink_init(cfg);
1407
if (drv->netlink == NULL) {
1408
os_free(cfg);
1409
goto failed;
1410
}
1411
if (wpa_driver_nl80211_finish_drv_init(drv))
1412
goto failed;
1413
1414
return bss;
1415
1416
failed:
1417
netlink_deinit(drv->netlink);
1418
if (drv->ioctl_sock >= 0)
1419
close(drv->ioctl_sock);
1420
1421
genl_family_put(drv->nl80211);
1422
nl_cache_free(drv->nl_cache);
1423
nl_handle_destroy(drv->nl_handle);
1424
nl_cb_put(drv->nl_cb);
1425
eloop_unregister_read_sock(nl_socket_get_fd(drv->nl_handle_event));
1426
1427
os_free(drv);
1428
return NULL;
1429
}
1430
1431
1432
static int nl80211_register_action_frame(struct wpa_driver_nl80211_data *drv,
1433
const u8 *match, size_t match_len)
1434
{
1435
struct nl_msg *msg;
1436
int ret = -1;
1437
1438
msg = nlmsg_alloc();
1439
if (!msg)
1440
return -1;
1441
1442
genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
1443
NL80211_CMD_REGISTER_ACTION, 0);
1444
1445
NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
1446
NLA_PUT(msg, NL80211_ATTR_FRAME_MATCH, match_len, match);
1447
1448
ret = send_and_recv(drv, drv->nl_handle_event, msg, NULL, NULL);
1449
msg = NULL;
1450
if (ret) {
1451
wpa_printf(MSG_DEBUG, "nl80211: Register Action command "
1452
"failed: ret=%d (%s)", ret, strerror(-ret));
1453
wpa_hexdump(MSG_DEBUG, "nl80211: Register Action match",
1454
match, match_len);
1455
goto nla_put_failure;
1456
}
1457
ret = 0;
1458
nla_put_failure:
1459
nlmsg_free(msg);
1460
return ret;
1461
}
1462
1463
1464
static int nl80211_register_action_frames(struct wpa_driver_nl80211_data *drv)
1465
{
1466
/* FT Action frames */
1467
if (nl80211_register_action_frame(drv, (u8 *) "\x06", 1) < 0)
1468
return -1;
1469
else
1470
drv->capa.key_mgmt |= WPA_DRIVER_CAPA_KEY_MGMT_FT |
1471
WPA_DRIVER_CAPA_KEY_MGMT_FT_PSK;
1472
1473
return 0;
1474
}
1475
1476
1477
static int
1478
wpa_driver_nl80211_finish_drv_init(struct wpa_driver_nl80211_data *drv)
1479
{
1480
struct i802_bss *bss = &drv->first_bss;
1481
1482
drv->ifindex = if_nametoindex(bss->ifname);
1483
drv->first_bss.ifindex = drv->ifindex;
1484
1485
#ifndef HOSTAPD
1486
if (wpa_driver_nl80211_set_mode(bss, IEEE80211_MODE_INFRA) < 0) {
1487
wpa_printf(MSG_DEBUG, "nl80211: Could not configure driver to "
1488
"use managed mode");
1489
}
1490
1491
if (linux_set_iface_flags(drv->ioctl_sock, bss->ifname, 1)) {
1492
wpa_printf(MSG_ERROR, "Could not set interface '%s' UP",
1493
bss->ifname);
1494
return -1;
1495
}
1496
1497
if (wpa_driver_nl80211_capa(drv))
1498
return -1;
1499
1500
netlink_send_oper_ifla(drv->netlink, drv->ifindex,
1501
1, IF_OPER_DORMANT);
1502
#endif /* HOSTAPD */
1503
1504
if (nl80211_register_action_frames(drv) < 0) {
1505
wpa_printf(MSG_DEBUG, "nl80211: Failed to register Action "
1506
"frame processing - ignore for now");
1507
/*
1508
* Older kernel versions did not support this, so ignore the
1509
* error for now. Some functionality may not be available
1510
* because of this.
1511
*/
1512
}
1513
1514
return 0;
1515
}
1516
1517
1518
static int wpa_driver_nl80211_del_beacon(struct wpa_driver_nl80211_data *drv)
1519
{
1520
struct nl_msg *msg;
1521
1522
msg = nlmsg_alloc();
1523
if (!msg)
1524
return -ENOMEM;
1525
1526
genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
1527
0, NL80211_CMD_DEL_BEACON, 0);
1528
NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
1529
1530
return send_and_recv_msgs(drv, msg, NULL, NULL);
1531
nla_put_failure:
1532
return -ENOBUFS;
1533
}
1534
1535
1536
/**
1537
* wpa_driver_nl80211_deinit - Deinitialize nl80211 driver interface
1538
* @priv: Pointer to private nl80211 data from wpa_driver_nl80211_init()
1539
*
1540
* Shut down driver interface and processing of driver events. Free
1541
* private data buffer if one was allocated in wpa_driver_nl80211_init().
1542
*/
1543
static void wpa_driver_nl80211_deinit(void *priv)
1544
{
1545
struct i802_bss *bss = priv;
1546
struct wpa_driver_nl80211_data *drv = bss->drv;
1547
1548
if (drv->added_if_into_bridge) {
1549
if (linux_br_del_if(drv->ioctl_sock, drv->brname, bss->ifname)
1550
< 0)
1551
wpa_printf(MSG_INFO, "nl80211: Failed to remove "
1552
"interface %s from bridge %s: %s",
1553
bss->ifname, drv->brname, strerror(errno));
1554
}
1555
if (drv->added_bridge) {
1556
if (linux_br_del(drv->ioctl_sock, drv->brname) < 0)
1557
wpa_printf(MSG_INFO, "nl80211: Failed to remove "
1558
"bridge %s: %s",
1559
drv->brname, strerror(errno));
1560
}
1561
1562
nl80211_remove_monitor_interface(drv);
1563
1564
if (drv->nlmode == NL80211_IFTYPE_AP)
1565
wpa_driver_nl80211_del_beacon(drv);
1566
1567
#ifdef HOSTAPD
1568
if (drv->last_freq_ht) {
1569
/* Clear HT flags from the driver */
1570
struct hostapd_freq_params freq;
1571
os_memset(&freq, 0, sizeof(freq));
1572
freq.freq = drv->last_freq;
1573
i802_set_freq(priv, &freq);
1574
}
1575
1576
if (drv->eapol_sock >= 0) {
1577
eloop_unregister_read_sock(drv->eapol_sock);
1578
close(drv->eapol_sock);
1579
}
1580
1581
if (drv->if_indices != drv->default_if_indices)
1582
os_free(drv->if_indices);
1583
#endif /* HOSTAPD */
1584
1585
if (drv->disable_11b_rates)
1586
nl80211_disable_11b_rates(drv, drv->ifindex, 0);
1587
1588
netlink_send_oper_ifla(drv->netlink, drv->ifindex, 0, IF_OPER_UP);
1589
netlink_deinit(drv->netlink);
1590
1591
eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv, drv->ctx);
1592
1593
(void) linux_set_iface_flags(drv->ioctl_sock, bss->ifname, 0);
1594
wpa_driver_nl80211_set_mode(bss, IEEE80211_MODE_INFRA);
1595
1596
if (drv->ioctl_sock >= 0)
1597
close(drv->ioctl_sock);
1598
1599
eloop_unregister_read_sock(nl_socket_get_fd(drv->nl_handle_event));
1600
genl_family_put(drv->nl80211);
1601
nl_cache_free(drv->nl_cache);
1602
nl_cache_free(drv->nl_cache_event);
1603
nl_handle_destroy(drv->nl_handle);
1604
nl_handle_destroy(drv->nl_handle_event);
1605
nl_cb_put(drv->nl_cb);
1606
1607
eloop_cancel_timeout(wpa_driver_nl80211_probe_req_report_timeout,
1608
drv, NULL);
1609
1610
os_free(drv->filter_ssids);
1611
1612
os_free(drv);
1613
}
1614
1615
1616
/**
1617
* wpa_driver_nl80211_scan_timeout - Scan timeout to report scan completion
1618
* @eloop_ctx: Driver private data
1619
* @timeout_ctx: ctx argument given to wpa_driver_nl80211_init()
1620
*
1621
* This function can be used as registered timeout when starting a scan to
1622
* generate a scan completed event if the driver does not report this.
1623
*/
1624
static void wpa_driver_nl80211_scan_timeout(void *eloop_ctx, void *timeout_ctx)
1625
{
1626
struct wpa_driver_nl80211_data *drv = eloop_ctx;
1627
if (drv->ap_scan_as_station) {
1628
wpa_driver_nl80211_set_mode(&drv->first_bss,
1629
IEEE80211_MODE_AP);
1630
drv->ap_scan_as_station = 0;
1631
}
1632
wpa_printf(MSG_DEBUG, "Scan timeout - try to get results");
1633
wpa_supplicant_event(timeout_ctx, EVENT_SCAN_RESULTS, NULL);
1634
}
1635
1636
1637
/**
1638
* wpa_driver_nl80211_scan - Request the driver to initiate scan
1639
* @priv: Pointer to private driver data from wpa_driver_nl80211_init()
1640
* @params: Scan parameters
1641
* Returns: 0 on success, -1 on failure
1642
*/
1643
static int wpa_driver_nl80211_scan(void *priv,
1644
struct wpa_driver_scan_params *params)
1645
{
1646
struct i802_bss *bss = priv;
1647
struct wpa_driver_nl80211_data *drv = bss->drv;
1648
int ret = 0, timeout;
1649
struct nl_msg *msg, *ssids, *freqs;
1650
size_t i;
1651
1652
msg = nlmsg_alloc();
1653
ssids = nlmsg_alloc();
1654
freqs = nlmsg_alloc();
1655
if (!msg || !ssids || !freqs) {
1656
nlmsg_free(msg);
1657
nlmsg_free(ssids);
1658
nlmsg_free(freqs);
1659
return -1;
1660
}
1661
1662
os_free(drv->filter_ssids);
1663
drv->filter_ssids = params->filter_ssids;
1664
params->filter_ssids = NULL;
1665
drv->num_filter_ssids = params->num_filter_ssids;
1666
1667
genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
1668
NL80211_CMD_TRIGGER_SCAN, 0);
1669
1670
NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
1671
1672
for (i = 0; i < params->num_ssids; i++) {
1673
wpa_hexdump_ascii(MSG_MSGDUMP, "nl80211: Scan SSID",
1674
params->ssids[i].ssid,
1675
params->ssids[i].ssid_len);
1676
NLA_PUT(ssids, i + 1, params->ssids[i].ssid_len,
1677
params->ssids[i].ssid);
1678
}
1679
if (params->num_ssids)
1680
nla_put_nested(msg, NL80211_ATTR_SCAN_SSIDS, ssids);
1681
1682
if (params->extra_ies) {
1683
wpa_hexdump_ascii(MSG_MSGDUMP, "nl80211: Scan extra IEs",
1684
params->extra_ies, params->extra_ies_len);
1685
NLA_PUT(msg, NL80211_ATTR_IE, params->extra_ies_len,
1686
params->extra_ies);
1687
}
1688
1689
if (params->freqs) {
1690
for (i = 0; params->freqs[i]; i++) {
1691
wpa_printf(MSG_MSGDUMP, "nl80211: Scan frequency %u "
1692
"MHz", params->freqs[i]);
1693
NLA_PUT_U32(freqs, i + 1, params->freqs[i]);
1694
}
1695
nla_put_nested(msg, NL80211_ATTR_SCAN_FREQUENCIES, freqs);
1696
}
1697
1698
ret = send_and_recv_msgs(drv, msg, NULL, NULL);
1699
msg = NULL;
1700
if (ret) {
1701
wpa_printf(MSG_DEBUG, "nl80211: Scan trigger failed: ret=%d "
1702
"(%s)", ret, strerror(-ret));
1703
#ifdef HOSTAPD
1704
if (drv->nlmode == NL80211_IFTYPE_AP) {
1705
/*
1706
* mac80211 does not allow scan requests in AP mode, so
1707
* try to do this in station mode.
1708
*/
1709
if (wpa_driver_nl80211_set_mode(bss,
1710
IEEE80211_MODE_INFRA))
1711
goto nla_put_failure;
1712
1713
if (wpa_driver_nl80211_scan(drv, params)) {
1714
wpa_driver_nl80211_set_mode(bss,
1715
IEEE80211_MODE_AP);
1716
goto nla_put_failure;
1717
}
1718
1719
/* Restore AP mode when processing scan results */
1720
drv->ap_scan_as_station = 1;
1721
ret = 0;
1722
} else
1723
goto nla_put_failure;
1724
#else /* HOSTAPD */
1725
goto nla_put_failure;
1726
#endif /* HOSTAPD */
1727
}
1728
1729
/* Not all drivers generate "scan completed" wireless event, so try to
1730
* read results after a timeout. */
1731
timeout = 10;
1732
if (drv->scan_complete_events) {
1733
/*
1734
* The driver seems to deliver events to notify when scan is
1735
* complete, so use longer timeout to avoid race conditions
1736
* with scanning and following association request.
1737
*/
1738
timeout = 30;
1739
}
1740
wpa_printf(MSG_DEBUG, "Scan requested (ret=%d) - scan timeout %d "
1741
"seconds", ret, timeout);
1742
eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv, drv->ctx);
1743
eloop_register_timeout(timeout, 0, wpa_driver_nl80211_scan_timeout,
1744
drv, drv->ctx);
1745
1746
nla_put_failure:
1747
nlmsg_free(ssids);
1748
nlmsg_free(msg);
1749
nlmsg_free(freqs);
1750
return ret;
1751
}
1752
1753
1754
static const u8 * nl80211_get_ie(const u8 *ies, size_t ies_len, u8 ie)
1755
{
1756
const u8 *end, *pos;
1757
1758
if (ies == NULL)
1759
return NULL;
1760
1761
pos = ies;
1762
end = ies + ies_len;
1763
1764
while (pos + 1 < end) {
1765
if (pos + 2 + pos[1] > end)
1766
break;
1767
if (pos[0] == ie)
1768
return pos;
1769
pos += 2 + pos[1];
1770
}
1771
1772
return NULL;
1773
}
1774
1775
1776
static int nl80211_scan_filtered(struct wpa_driver_nl80211_data *drv,
1777
const u8 *ie, size_t ie_len)
1778
{
1779
const u8 *ssid;
1780
size_t i;
1781
1782
if (drv->filter_ssids == NULL)
1783
return 0;
1784
1785
ssid = nl80211_get_ie(ie, ie_len, WLAN_EID_SSID);
1786
if (ssid == NULL)
1787
return 1;
1788
1789
for (i = 0; i < drv->num_filter_ssids; i++) {
1790
if (ssid[1] == drv->filter_ssids[i].ssid_len &&
1791
os_memcmp(ssid + 2, drv->filter_ssids[i].ssid, ssid[1]) ==
1792
0)
1793
return 0;
1794
}
1795
1796
return 1;
1797
}
1798
1799
1800
struct nl80211_bss_info_arg {
1801
struct wpa_driver_nl80211_data *drv;
1802
struct wpa_scan_results *res;
1803
};
1804
1805
static int bss_info_handler(struct nl_msg *msg, void *arg)
1806
{
1807
struct nlattr *tb[NL80211_ATTR_MAX + 1];
1808
struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
1809
struct nlattr *bss[NL80211_BSS_MAX + 1];
1810
static struct nla_policy bss_policy[NL80211_BSS_MAX + 1] = {
1811
[NL80211_BSS_BSSID] = { .type = NLA_UNSPEC },
1812
[NL80211_BSS_FREQUENCY] = { .type = NLA_U32 },
1813
[NL80211_BSS_TSF] = { .type = NLA_U64 },
1814
[NL80211_BSS_BEACON_INTERVAL] = { .type = NLA_U16 },
1815
[NL80211_BSS_CAPABILITY] = { .type = NLA_U16 },
1816
[NL80211_BSS_INFORMATION_ELEMENTS] = { .type = NLA_UNSPEC },
1817
[NL80211_BSS_SIGNAL_MBM] = { .type = NLA_U32 },
1818
[NL80211_BSS_SIGNAL_UNSPEC] = { .type = NLA_U8 },
1819
[NL80211_BSS_STATUS] = { .type = NLA_U32 },
1820
[NL80211_BSS_SEEN_MS_AGO] = { .type = NLA_U32 },
1821
[NL80211_BSS_BEACON_IES] = { .type = NLA_UNSPEC },
1822
};
1823
struct nl80211_bss_info_arg *_arg = arg;
1824
struct wpa_scan_results *res = _arg->res;
1825
struct wpa_scan_res **tmp;
1826
struct wpa_scan_res *r;
1827
const u8 *ie, *beacon_ie;
1828
size_t ie_len, beacon_ie_len;
1829
u8 *pos;
1830
1831
nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
1832
genlmsg_attrlen(gnlh, 0), NULL);
1833
if (!tb[NL80211_ATTR_BSS])
1834
return NL_SKIP;
1835
if (nla_parse_nested(bss, NL80211_BSS_MAX, tb[NL80211_ATTR_BSS],
1836
bss_policy))
1837
return NL_SKIP;
1838
if (bss[NL80211_BSS_INFORMATION_ELEMENTS]) {
1839
ie = nla_data(bss[NL80211_BSS_INFORMATION_ELEMENTS]);
1840
ie_len = nla_len(bss[NL80211_BSS_INFORMATION_ELEMENTS]);
1841
} else {
1842
ie = NULL;
1843
ie_len = 0;
1844
}
1845
if (bss[NL80211_BSS_BEACON_IES]) {
1846
beacon_ie = nla_data(bss[NL80211_BSS_BEACON_IES]);
1847
beacon_ie_len = nla_len(bss[NL80211_BSS_BEACON_IES]);
1848
} else {
1849
beacon_ie = NULL;
1850
beacon_ie_len = 0;
1851
}
1852
1853
if (nl80211_scan_filtered(_arg->drv, ie ? ie : beacon_ie,
1854
ie ? ie_len : beacon_ie_len))
1855
return NL_SKIP;
1856
1857
r = os_zalloc(sizeof(*r) + ie_len + beacon_ie_len);
1858
if (r == NULL)
1859
return NL_SKIP;
1860
if (bss[NL80211_BSS_BSSID])
1861
os_memcpy(r->bssid, nla_data(bss[NL80211_BSS_BSSID]),
1862
ETH_ALEN);
1863
if (bss[NL80211_BSS_FREQUENCY])
1864
r->freq = nla_get_u32(bss[NL80211_BSS_FREQUENCY]);
1865
if (bss[NL80211_BSS_BEACON_INTERVAL])
1866
r->beacon_int = nla_get_u16(bss[NL80211_BSS_BEACON_INTERVAL]);
1867
if (bss[NL80211_BSS_CAPABILITY])
1868
r->caps = nla_get_u16(bss[NL80211_BSS_CAPABILITY]);
1869
r->flags |= WPA_SCAN_NOISE_INVALID;
1870
if (bss[NL80211_BSS_SIGNAL_MBM]) {
1871
r->level = nla_get_u32(bss[NL80211_BSS_SIGNAL_MBM]);
1872
r->level /= 100; /* mBm to dBm */
1873
r->flags |= WPA_SCAN_LEVEL_DBM | WPA_SCAN_QUAL_INVALID;
1874
} else if (bss[NL80211_BSS_SIGNAL_UNSPEC]) {
1875
r->level = nla_get_u8(bss[NL80211_BSS_SIGNAL_UNSPEC]);
1876
r->flags |= WPA_SCAN_LEVEL_INVALID;
1877
} else
1878
r->flags |= WPA_SCAN_LEVEL_INVALID | WPA_SCAN_QUAL_INVALID;
1879
if (bss[NL80211_BSS_TSF])
1880
r->tsf = nla_get_u64(bss[NL80211_BSS_TSF]);
1881
if (bss[NL80211_BSS_SEEN_MS_AGO])
1882
r->age = nla_get_u32(bss[NL80211_BSS_SEEN_MS_AGO]);
1883
r->ie_len = ie_len;
1884
pos = (u8 *) (r + 1);
1885
if (ie) {
1886
os_memcpy(pos, ie, ie_len);
1887
pos += ie_len;
1888
}
1889
r->beacon_ie_len = beacon_ie_len;
1890
if (beacon_ie)
1891
os_memcpy(pos, beacon_ie, beacon_ie_len);
1892
1893
if (bss[NL80211_BSS_STATUS]) {
1894
enum nl80211_bss_status status;
1895
status = nla_get_u32(bss[NL80211_BSS_STATUS]);
1896
switch (status) {
1897
case NL80211_BSS_STATUS_AUTHENTICATED:
1898
r->flags |= WPA_SCAN_AUTHENTICATED;
1899
break;
1900
case NL80211_BSS_STATUS_ASSOCIATED:
1901
r->flags |= WPA_SCAN_ASSOCIATED;
1902
break;
1903
default:
1904
break;
1905
}
1906
}
1907
1908
tmp = os_realloc(res->res,
1909
(res->num + 1) * sizeof(struct wpa_scan_res *));
1910
if (tmp == NULL) {
1911
os_free(r);
1912
return NL_SKIP;
1913
}
1914
tmp[res->num++] = r;
1915
res->res = tmp;
1916
1917
return NL_SKIP;
1918
}
1919
1920
1921
static void clear_state_mismatch(struct wpa_driver_nl80211_data *drv,
1922
const u8 *addr)
1923
{
1924
if (drv->capa.flags & WPA_DRIVER_FLAGS_SME) {
1925
wpa_printf(MSG_DEBUG, "nl80211: Clear possible state "
1926
"mismatch (" MACSTR ")", MAC2STR(addr));
1927
wpa_driver_nl80211_mlme(drv, addr,
1928
NL80211_CMD_DEAUTHENTICATE,
1929
WLAN_REASON_PREV_AUTH_NOT_VALID, 1);
1930
}
1931
}
1932
1933
1934
static void wpa_driver_nl80211_check_bss_status(
1935
struct wpa_driver_nl80211_data *drv, struct wpa_scan_results *res)
1936
{
1937
size_t i;
1938
1939
for (i = 0; i < res->num; i++) {
1940
struct wpa_scan_res *r = res->res[i];
1941
if (r->flags & WPA_SCAN_AUTHENTICATED) {
1942
wpa_printf(MSG_DEBUG, "nl80211: Scan results "
1943
"indicates BSS status with " MACSTR
1944
" as authenticated",
1945
MAC2STR(r->bssid));
1946
if (drv->nlmode == NL80211_IFTYPE_STATION &&
1947
os_memcmp(r->bssid, drv->bssid, ETH_ALEN) != 0 &&
1948
os_memcmp(r->bssid, drv->auth_bssid, ETH_ALEN) !=
1949
0) {
1950
wpa_printf(MSG_DEBUG, "nl80211: Unknown BSSID"
1951
" in local state (auth=" MACSTR
1952
" assoc=" MACSTR ")",
1953
MAC2STR(drv->auth_bssid),
1954
MAC2STR(drv->bssid));
1955
clear_state_mismatch(drv, r->bssid);
1956
}
1957
}
1958
1959
if (r->flags & WPA_SCAN_ASSOCIATED) {
1960
wpa_printf(MSG_DEBUG, "nl80211: Scan results "
1961
"indicate BSS status with " MACSTR
1962
" as associated",
1963
MAC2STR(r->bssid));
1964
if (drv->nlmode == NL80211_IFTYPE_STATION &&
1965
!drv->associated) {
1966
wpa_printf(MSG_DEBUG, "nl80211: Local state "
1967
"(not associated) does not match "
1968
"with BSS state");
1969
clear_state_mismatch(drv, r->bssid);
1970
} else if (drv->nlmode == NL80211_IFTYPE_STATION &&
1971
os_memcmp(drv->bssid, r->bssid, ETH_ALEN) !=
1972
0) {
1973
wpa_printf(MSG_DEBUG, "nl80211: Local state "
1974
"(associated with " MACSTR ") does "
1975
"not match with BSS state",
1976
MAC2STR(drv->bssid));
1977
clear_state_mismatch(drv, r->bssid);
1978
clear_state_mismatch(drv, drv->bssid);
1979
}
1980
}
1981
}
1982
}
1983
1984
1985
static void wpa_scan_results_free(struct wpa_scan_results *res)
1986
{
1987
size_t i;
1988
1989
if (res == NULL)
1990
return;
1991
1992
for (i = 0; i < res->num; i++)
1993
os_free(res->res[i]);
1994
os_free(res->res);
1995
os_free(res);
1996
}
1997
1998
1999
static struct wpa_scan_results *
2000
nl80211_get_scan_results(struct wpa_driver_nl80211_data *drv)
2001
{
2002
struct nl_msg *msg;
2003
struct wpa_scan_results *res;
2004
int ret;
2005
struct nl80211_bss_info_arg arg;
2006
2007
res = os_zalloc(sizeof(*res));
2008
if (res == NULL)
2009
return NULL;
2010
msg = nlmsg_alloc();
2011
if (!msg)
2012
goto nla_put_failure;
2013
2014
genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, NLM_F_DUMP,
2015
NL80211_CMD_GET_SCAN, 0);
2016
NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
2017
2018
arg.drv = drv;
2019
arg.res = res;
2020
ret = send_and_recv_msgs(drv, msg, bss_info_handler, &arg);
2021
msg = NULL;
2022
if (ret == 0) {
2023
wpa_printf(MSG_DEBUG, "Received scan results (%lu BSSes)",
2024
(unsigned long) res->num);
2025
return res;
2026
}
2027
wpa_printf(MSG_DEBUG, "nl80211: Scan result fetch failed: ret=%d "
2028
"(%s)", ret, strerror(-ret));
2029
nla_put_failure:
2030
nlmsg_free(msg);
2031
wpa_scan_results_free(res);
2032
return NULL;
2033
}
2034
2035
2036
/**
2037
* wpa_driver_nl80211_get_scan_results - Fetch the latest scan results
2038
* @priv: Pointer to private wext data from wpa_driver_nl80211_init()
2039
* Returns: Scan results on success, -1 on failure
2040
*/
2041
static struct wpa_scan_results *
2042
wpa_driver_nl80211_get_scan_results(void *priv)
2043
{
2044
struct i802_bss *bss = priv;
2045
struct wpa_driver_nl80211_data *drv = bss->drv;
2046
struct wpa_scan_results *res;
2047
2048
res = nl80211_get_scan_results(drv);
2049
if (res)
2050
wpa_driver_nl80211_check_bss_status(drv, res);
2051
return res;
2052
}
2053
2054
2055
static void nl80211_dump_scan(struct wpa_driver_nl80211_data *drv)
2056
{
2057
struct wpa_scan_results *res;
2058
size_t i;
2059
2060
res = nl80211_get_scan_results(drv);
2061
if (res == NULL) {
2062
wpa_printf(MSG_DEBUG, "nl80211: Failed to get scan results");
2063
return;
2064
}
2065
2066
wpa_printf(MSG_DEBUG, "nl80211: Scan result dump");
2067
for (i = 0; i < res->num; i++) {
2068
struct wpa_scan_res *r = res->res[i];
2069
wpa_printf(MSG_DEBUG, "nl80211: %d/%d " MACSTR "%s%s",
2070
(int) i, (int) res->num, MAC2STR(r->bssid),
2071
r->flags & WPA_SCAN_AUTHENTICATED ? " [auth]" : "",
2072
r->flags & WPA_SCAN_ASSOCIATED ? " [assoc]" : "");
2073
}
2074
2075
wpa_scan_results_free(res);
2076
}
2077
2078
2079
static int wpa_driver_nl80211_set_key(const char *ifname, void *priv,
2080
enum wpa_alg alg, const u8 *addr,
2081
int key_idx, int set_tx,
2082
const u8 *seq, size_t seq_len,
2083
const u8 *key, size_t key_len)
2084
{
2085
struct i802_bss *bss = priv;
2086
struct wpa_driver_nl80211_data *drv = bss->drv;
2087
int ifindex = if_nametoindex(ifname);
2088
struct nl_msg *msg;
2089
int ret;
2090
2091
wpa_printf(MSG_DEBUG, "%s: ifindex=%d alg=%d addr=%p key_idx=%d "
2092
"set_tx=%d seq_len=%lu key_len=%lu",
2093
__func__, ifindex, alg, addr, key_idx, set_tx,
2094
(unsigned long) seq_len, (unsigned long) key_len);
2095
2096
msg = nlmsg_alloc();
2097
if (!msg)
2098
return -ENOMEM;
2099
2100
if (alg == WPA_ALG_NONE) {
2101
genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
2102
0, NL80211_CMD_DEL_KEY, 0);
2103
} else {
2104
genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
2105
0, NL80211_CMD_NEW_KEY, 0);
2106
NLA_PUT(msg, NL80211_ATTR_KEY_DATA, key_len, key);
2107
switch (alg) {
2108
case WPA_ALG_WEP:
2109
if (key_len == 5)
2110
NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
2111
WLAN_CIPHER_SUITE_WEP40);
2112
else
2113
NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
2114
WLAN_CIPHER_SUITE_WEP104);
2115
break;
2116
case WPA_ALG_TKIP:
2117
NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
2118
WLAN_CIPHER_SUITE_TKIP);
2119
break;
2120
case WPA_ALG_CCMP:
2121
NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
2122
WLAN_CIPHER_SUITE_CCMP);
2123
break;
2124
case WPA_ALG_IGTK:
2125
NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
2126
WLAN_CIPHER_SUITE_AES_CMAC);
2127
break;
2128
default:
2129
wpa_printf(MSG_ERROR, "%s: Unsupported encryption "
2130
"algorithm %d", __func__, alg);
2131
nlmsg_free(msg);
2132
return -1;
2133
}
2134
}
2135
2136
if (seq && seq_len)
2137
NLA_PUT(msg, NL80211_ATTR_KEY_SEQ, seq_len, seq);
2138
2139
if (addr && os_memcmp(addr, "\xff\xff\xff\xff\xff\xff", ETH_ALEN) != 0)
2140
{
2141
wpa_printf(MSG_DEBUG, " addr=" MACSTR, MAC2STR(addr));
2142
NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
2143
}
2144
NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, key_idx);
2145
NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifindex);
2146
2147
ret = send_and_recv_msgs(drv, msg, NULL, NULL);
2148
if ((ret == -ENOENT || ret == -ENOLINK) && alg == WPA_ALG_NONE)
2149
ret = 0;
2150
if (ret)
2151
wpa_printf(MSG_DEBUG, "nl80211: set_key failed; err=%d %s)",
2152
ret, strerror(-ret));
2153
2154
/*
2155
* If we failed or don't need to set the default TX key (below),
2156
* we're done here.
2157
*/
2158
if (ret || !set_tx || alg == WPA_ALG_NONE)
2159
return ret;
2160
#ifdef HOSTAPD
2161
if (addr)
2162
return ret;
2163
#else /* HOSTAPD */
2164
if (drv->nlmode == NL80211_IFTYPE_AP && addr)
2165
return ret;
2166
#endif /* HOSTAPD */
2167
2168
msg = nlmsg_alloc();
2169
if (!msg)
2170
return -ENOMEM;
2171
2172
genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
2173
0, NL80211_CMD_SET_KEY, 0);
2174
NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, key_idx);
2175
NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifindex);
2176
if (alg == WPA_ALG_IGTK)
2177
NLA_PUT_FLAG(msg, NL80211_ATTR_KEY_DEFAULT_MGMT);
2178
else
2179
NLA_PUT_FLAG(msg, NL80211_ATTR_KEY_DEFAULT);
2180
2181
ret = send_and_recv_msgs(drv, msg, NULL, NULL);
2182
if (ret == -ENOENT)
2183
ret = 0;
2184
if (ret)
2185
wpa_printf(MSG_DEBUG, "nl80211: set_key default failed; "
2186
"err=%d %s)", ret, strerror(-ret));
2187
return ret;
2188
2189
nla_put_failure:
2190
return -ENOBUFS;
2191
}
2192
2193
2194
static int nl_add_key(struct nl_msg *msg, enum wpa_alg alg,
2195
int key_idx, int defkey,
2196
const u8 *seq, size_t seq_len,
2197
const u8 *key, size_t key_len)
2198
{
2199
struct nlattr *key_attr = nla_nest_start(msg, NL80211_ATTR_KEY);
2200
if (!key_attr)
2201
return -1;
2202
2203
if (defkey && alg == WPA_ALG_IGTK)
2204
NLA_PUT_FLAG(msg, NL80211_KEY_DEFAULT_MGMT);
2205
else if (defkey)
2206
NLA_PUT_FLAG(msg, NL80211_KEY_DEFAULT);
2207
2208
NLA_PUT_U8(msg, NL80211_KEY_IDX, key_idx);
2209
2210
switch (alg) {
2211
case WPA_ALG_WEP:
2212
if (key_len == 5)
2213
NLA_PUT_U32(msg, NL80211_KEY_CIPHER,
2214
WLAN_CIPHER_SUITE_WEP40);
2215
else
2216
NLA_PUT_U32(msg, NL80211_KEY_CIPHER,
2217
WLAN_CIPHER_SUITE_WEP104);
2218
break;
2219
case WPA_ALG_TKIP:
2220
NLA_PUT_U32(msg, NL80211_KEY_CIPHER, WLAN_CIPHER_SUITE_TKIP);
2221
break;
2222
case WPA_ALG_CCMP:
2223
NLA_PUT_U32(msg, NL80211_KEY_CIPHER, WLAN_CIPHER_SUITE_CCMP);
2224
break;
2225
case WPA_ALG_IGTK:
2226
NLA_PUT_U32(msg, NL80211_KEY_CIPHER,
2227
WLAN_CIPHER_SUITE_AES_CMAC);
2228
break;
2229
default:
2230
wpa_printf(MSG_ERROR, "%s: Unsupported encryption "
2231
"algorithm %d", __func__, alg);
2232
return -1;
2233
}
2234
2235
if (seq && seq_len)
2236
NLA_PUT(msg, NL80211_KEY_SEQ, seq_len, seq);
2237
2238
NLA_PUT(msg, NL80211_KEY_DATA, key_len, key);
2239
2240
nla_nest_end(msg, key_attr);
2241
2242
return 0;
2243
nla_put_failure:
2244
return -1;
2245
}
2246
2247
2248
static int nl80211_set_conn_keys(struct wpa_driver_associate_params *params,
2249
struct nl_msg *msg)
2250
{
2251
int i, privacy = 0;
2252
struct nlattr *nl_keys, *nl_key;
2253
2254
for (i = 0; i < 4; i++) {
2255
if (!params->wep_key[i])
2256
continue;
2257
privacy = 1;
2258
break;
2259
}
2260
if (!privacy)
2261
return 0;
2262
2263
NLA_PUT_FLAG(msg, NL80211_ATTR_PRIVACY);
2264
2265
nl_keys = nla_nest_start(msg, NL80211_ATTR_KEYS);
2266
if (!nl_keys)
2267
goto nla_put_failure;
2268
2269
for (i = 0; i < 4; i++) {
2270
if (!params->wep_key[i])
2271
continue;
2272
2273
nl_key = nla_nest_start(msg, i);
2274
if (!nl_key)
2275
goto nla_put_failure;
2276
2277
NLA_PUT(msg, NL80211_KEY_DATA, params->wep_key_len[i],
2278
params->wep_key[i]);
2279
if (params->wep_key_len[i] == 5)
2280
NLA_PUT_U32(msg, NL80211_KEY_CIPHER,
2281
WLAN_CIPHER_SUITE_WEP40);
2282
else
2283
NLA_PUT_U32(msg, NL80211_KEY_CIPHER,
2284
WLAN_CIPHER_SUITE_WEP104);
2285
2286
NLA_PUT_U8(msg, NL80211_KEY_IDX, i);
2287
2288
if (i == params->wep_tx_keyidx)
2289
NLA_PUT_FLAG(msg, NL80211_KEY_DEFAULT);
2290
2291
nla_nest_end(msg, nl_key);
2292
}
2293
nla_nest_end(msg, nl_keys);
2294
2295
return 0;
2296
2297
nla_put_failure:
2298
return -ENOBUFS;
2299
}
2300
2301
2302
static int wpa_driver_nl80211_mlme(struct wpa_driver_nl80211_data *drv,
2303
const u8 *addr, int cmd, u16 reason_code,
2304
int local_state_change)
2305
{
2306
int ret = -1;
2307
struct nl_msg *msg;
2308
2309
msg = nlmsg_alloc();
2310
if (!msg)
2311
return -1;
2312
2313
genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0, cmd, 0);
2314
2315
NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
2316
NLA_PUT_U16(msg, NL80211_ATTR_REASON_CODE, reason_code);
2317
NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
2318
if (local_state_change)
2319
NLA_PUT_FLAG(msg, NL80211_ATTR_LOCAL_STATE_CHANGE);
2320
2321
ret = send_and_recv_msgs(drv, msg, NULL, NULL);
2322
msg = NULL;
2323
if (ret) {
2324
wpa_printf(MSG_DEBUG, "nl80211: MLME command failed: ret=%d "
2325
"(%s)", ret, strerror(-ret));
2326
goto nla_put_failure;
2327
}
2328
ret = 0;
2329
2330
nla_put_failure:
2331
nlmsg_free(msg);
2332
return ret;
2333
}
2334
2335
2336
static int wpa_driver_nl80211_disconnect(struct wpa_driver_nl80211_data *drv,
2337
const u8 *addr, int reason_code)
2338
{
2339
wpa_printf(MSG_DEBUG, "%s", __func__);
2340
drv->associated = 0;
2341
return wpa_driver_nl80211_mlme(drv, addr, NL80211_CMD_DISCONNECT,
2342
reason_code, 0);
2343
}
2344
2345
2346
static int wpa_driver_nl80211_deauthenticate(void *priv, const u8 *addr,
2347
int reason_code)
2348
{
2349
struct i802_bss *bss = priv;
2350
struct wpa_driver_nl80211_data *drv = bss->drv;
2351
if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME))
2352
return wpa_driver_nl80211_disconnect(drv, addr, reason_code);
2353
wpa_printf(MSG_DEBUG, "%s", __func__);
2354
drv->associated = 0;
2355
return wpa_driver_nl80211_mlme(drv, addr, NL80211_CMD_DEAUTHENTICATE,
2356
reason_code, 0);
2357
}
2358
2359
2360
static int wpa_driver_nl80211_disassociate(void *priv, const u8 *addr,
2361
int reason_code)
2362
{
2363
struct i802_bss *bss = priv;
2364
struct wpa_driver_nl80211_data *drv = bss->drv;
2365
if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME))
2366
return wpa_driver_nl80211_disconnect(drv, addr, reason_code);
2367
wpa_printf(MSG_DEBUG, "%s", __func__);
2368
drv->associated = 0;
2369
return wpa_driver_nl80211_mlme(drv, addr, NL80211_CMD_DISASSOCIATE,
2370
reason_code, 0);
2371
}
2372
2373
2374
static int wpa_driver_nl80211_authenticate(
2375
void *priv, struct wpa_driver_auth_params *params)
2376
{
2377
struct i802_bss *bss = priv;
2378
struct wpa_driver_nl80211_data *drv = bss->drv;
2379
int ret = -1, i;
2380
struct nl_msg *msg;
2381
enum nl80211_auth_type type;
2382
int count = 0;
2383
2384
drv->associated = 0;
2385
os_memset(drv->auth_bssid, 0, ETH_ALEN);
2386
/* FIX: IBSS mode */
2387
if (drv->nlmode != NL80211_IFTYPE_STATION)
2388
wpa_driver_nl80211_set_mode(priv, IEEE80211_MODE_INFRA);
2389
2390
if (wpa_driver_nl80211_set_mode(priv, IEEE80211_MODE_INFRA) < 0)
2391
return -1;
2392
2393
retry:
2394
msg = nlmsg_alloc();
2395
if (!msg)
2396
return -1;
2397
2398
wpa_printf(MSG_DEBUG, "nl80211: Authenticate (ifindex=%d)",
2399
drv->ifindex);
2400
2401
genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
2402
NL80211_CMD_AUTHENTICATE, 0);
2403
2404
for (i = 0; i < 4; i++) {
2405
if (!params->wep_key[i])
2406
continue;
2407
wpa_driver_nl80211_set_key(bss->ifname, priv, WPA_ALG_WEP,
2408
NULL, i,
2409
i == params->wep_tx_keyidx, NULL, 0,
2410
params->wep_key[i],
2411
params->wep_key_len[i]);
2412
if (params->wep_tx_keyidx != i)
2413
continue;
2414
if (nl_add_key(msg, WPA_ALG_WEP, i, 1, NULL, 0,
2415
params->wep_key[i], params->wep_key_len[i])) {
2416
nlmsg_free(msg);
2417
return -1;
2418
}
2419
}
2420
2421
NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
2422
if (params->bssid) {
2423
wpa_printf(MSG_DEBUG, " * bssid=" MACSTR,
2424
MAC2STR(params->bssid));
2425
NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid);
2426
}
2427
if (params->freq) {
2428
wpa_printf(MSG_DEBUG, " * freq=%d", params->freq);
2429
NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, params->freq);
2430
}
2431
if (params->ssid) {
2432
wpa_hexdump_ascii(MSG_DEBUG, " * SSID",
2433
params->ssid, params->ssid_len);
2434
NLA_PUT(msg, NL80211_ATTR_SSID, params->ssid_len,
2435
params->ssid);
2436
}
2437
wpa_hexdump(MSG_DEBUG, " * IEs", params->ie, params->ie_len);
2438
if (params->ie)
2439
NLA_PUT(msg, NL80211_ATTR_IE, params->ie_len, params->ie);
2440
if (params->auth_alg & WPA_AUTH_ALG_OPEN)
2441
type = NL80211_AUTHTYPE_OPEN_SYSTEM;
2442
else if (params->auth_alg & WPA_AUTH_ALG_SHARED)
2443
type = NL80211_AUTHTYPE_SHARED_KEY;
2444
else if (params->auth_alg & WPA_AUTH_ALG_LEAP)
2445
type = NL80211_AUTHTYPE_NETWORK_EAP;
2446
else if (params->auth_alg & WPA_AUTH_ALG_FT)
2447
type = NL80211_AUTHTYPE_FT;
2448
else
2449
goto nla_put_failure;
2450
wpa_printf(MSG_DEBUG, " * Auth Type %d", type);
2451
NLA_PUT_U32(msg, NL80211_ATTR_AUTH_TYPE, type);
2452
if (params->local_state_change) {
2453
wpa_printf(MSG_DEBUG, " * Local state change only");
2454
NLA_PUT_FLAG(msg, NL80211_ATTR_LOCAL_STATE_CHANGE);
2455
}
2456
2457
ret = send_and_recv_msgs(drv, msg, NULL, NULL);
2458
msg = NULL;
2459
if (ret) {
2460
wpa_printf(MSG_DEBUG, "nl80211: MLME command failed: ret=%d "
2461
"(%s)", ret, strerror(-ret));
2462
count++;
2463
if (ret == -EALREADY && count == 1 && params->bssid &&
2464
!params->local_state_change) {
2465
/*
2466
* mac80211 does not currently accept new
2467
* authentication if we are already authenticated. As a
2468
* workaround, force deauthentication and try again.
2469
*/
2470
wpa_printf(MSG_DEBUG, "nl80211: Retry authentication "
2471
"after forced deauthentication");
2472
wpa_driver_nl80211_deauthenticate(
2473
bss, params->bssid,
2474
WLAN_REASON_PREV_AUTH_NOT_VALID);
2475
nlmsg_free(msg);
2476
goto retry;
2477
}
2478
goto nla_put_failure;
2479
}
2480
ret = 0;
2481
wpa_printf(MSG_DEBUG, "nl80211: Authentication request send "
2482
"successfully");
2483
2484
nla_put_failure:
2485
nlmsg_free(msg);
2486
return ret;
2487
}
2488
2489
2490
struct phy_info_arg {
2491
u16 *num_modes;
2492
struct hostapd_hw_modes *modes;
2493
};
2494
2495
static int phy_info_handler(struct nl_msg *msg, void *arg)
2496
{
2497
struct nlattr *tb_msg[NL80211_ATTR_MAX + 1];
2498
struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
2499
struct phy_info_arg *phy_info = arg;
2500
2501
struct nlattr *tb_band[NL80211_BAND_ATTR_MAX + 1];
2502
2503
struct nlattr *tb_freq[NL80211_FREQUENCY_ATTR_MAX + 1];
2504
static struct nla_policy freq_policy[NL80211_FREQUENCY_ATTR_MAX + 1] = {
2505
[NL80211_FREQUENCY_ATTR_FREQ] = { .type = NLA_U32 },
2506
[NL80211_FREQUENCY_ATTR_DISABLED] = { .type = NLA_FLAG },
2507
[NL80211_FREQUENCY_ATTR_PASSIVE_SCAN] = { .type = NLA_FLAG },
2508
[NL80211_FREQUENCY_ATTR_NO_IBSS] = { .type = NLA_FLAG },
2509
[NL80211_FREQUENCY_ATTR_RADAR] = { .type = NLA_FLAG },
2510
[NL80211_FREQUENCY_ATTR_MAX_TX_POWER] = { .type = NLA_U32 },
2511
};
2512
2513
struct nlattr *tb_rate[NL80211_BITRATE_ATTR_MAX + 1];
2514
static struct nla_policy rate_policy[NL80211_BITRATE_ATTR_MAX + 1] = {
2515
[NL80211_BITRATE_ATTR_RATE] = { .type = NLA_U32 },
2516
[NL80211_BITRATE_ATTR_2GHZ_SHORTPREAMBLE] = { .type = NLA_FLAG },
2517
};
2518
2519
struct nlattr *nl_band;
2520
struct nlattr *nl_freq;
2521
struct nlattr *nl_rate;
2522
int rem_band, rem_freq, rem_rate;
2523
struct hostapd_hw_modes *mode;
2524
int idx, mode_is_set;
2525
2526
nla_parse(tb_msg, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
2527
genlmsg_attrlen(gnlh, 0), NULL);
2528
2529
if (!tb_msg[NL80211_ATTR_WIPHY_BANDS])
2530
return NL_SKIP;
2531
2532
nla_for_each_nested(nl_band, tb_msg[NL80211_ATTR_WIPHY_BANDS], rem_band) {
2533
mode = os_realloc(phy_info->modes, (*phy_info->num_modes + 1) * sizeof(*mode));
2534
if (!mode)
2535
return NL_SKIP;
2536
phy_info->modes = mode;
2537
2538
mode_is_set = 0;
2539
2540
mode = &phy_info->modes[*(phy_info->num_modes)];
2541
memset(mode, 0, sizeof(*mode));
2542
*(phy_info->num_modes) += 1;
2543
2544
nla_parse(tb_band, NL80211_BAND_ATTR_MAX, nla_data(nl_band),
2545
nla_len(nl_band), NULL);
2546
2547
if (tb_band[NL80211_BAND_ATTR_HT_CAPA]) {
2548
mode->ht_capab = nla_get_u16(
2549
tb_band[NL80211_BAND_ATTR_HT_CAPA]);
2550
}
2551
2552
if (tb_band[NL80211_BAND_ATTR_HT_AMPDU_FACTOR]) {
2553
mode->a_mpdu_params |= nla_get_u8(
2554
tb_band[NL80211_BAND_ATTR_HT_AMPDU_FACTOR]) &
2555
0x03;
2556
}
2557
2558
if (tb_band[NL80211_BAND_ATTR_HT_AMPDU_DENSITY]) {
2559
mode->a_mpdu_params |= nla_get_u8(
2560
tb_band[NL80211_BAND_ATTR_HT_AMPDU_DENSITY]) <<
2561
2;
2562
}
2563
2564
if (tb_band[NL80211_BAND_ATTR_HT_MCS_SET] &&
2565
nla_len(tb_band[NL80211_BAND_ATTR_HT_MCS_SET])) {
2566
u8 *mcs;
2567
mcs = nla_data(tb_band[NL80211_BAND_ATTR_HT_MCS_SET]);
2568
os_memcpy(mode->mcs_set, mcs, 16);
2569
}
2570
2571
nla_for_each_nested(nl_freq, tb_band[NL80211_BAND_ATTR_FREQS], rem_freq) {
2572
nla_parse(tb_freq, NL80211_FREQUENCY_ATTR_MAX, nla_data(nl_freq),
2573
nla_len(nl_freq), freq_policy);
2574
if (!tb_freq[NL80211_FREQUENCY_ATTR_FREQ])
2575
continue;
2576
mode->num_channels++;
2577
}
2578
2579
mode->channels = os_zalloc(mode->num_channels * sizeof(struct hostapd_channel_data));
2580
if (!mode->channels)
2581
return NL_SKIP;
2582
2583
idx = 0;
2584
2585
nla_for_each_nested(nl_freq, tb_band[NL80211_BAND_ATTR_FREQS], rem_freq) {
2586
nla_parse(tb_freq, NL80211_FREQUENCY_ATTR_MAX, nla_data(nl_freq),
2587
nla_len(nl_freq), freq_policy);
2588
if (!tb_freq[NL80211_FREQUENCY_ATTR_FREQ])
2589
continue;
2590
2591
mode->channels[idx].freq = nla_get_u32(tb_freq[NL80211_FREQUENCY_ATTR_FREQ]);
2592
mode->channels[idx].flag = 0;
2593
2594
if (!mode_is_set) {
2595
/* crude heuristic */
2596
if (mode->channels[idx].freq < 4000)
2597
mode->mode = HOSTAPD_MODE_IEEE80211B;
2598
else
2599
mode->mode = HOSTAPD_MODE_IEEE80211A;
2600
mode_is_set = 1;
2601
}
2602
2603
/* crude heuristic */
2604
if (mode->channels[idx].freq < 4000)
2605
if (mode->channels[idx].freq == 2484)
2606
mode->channels[idx].chan = 14;
2607
else
2608
mode->channels[idx].chan = (mode->channels[idx].freq - 2407) / 5;
2609
else
2610
mode->channels[idx].chan = mode->channels[idx].freq/5 - 1000;
2611
2612
if (tb_freq[NL80211_FREQUENCY_ATTR_DISABLED])
2613
mode->channels[idx].flag |=
2614
HOSTAPD_CHAN_DISABLED;
2615
if (tb_freq[NL80211_FREQUENCY_ATTR_PASSIVE_SCAN])
2616
mode->channels[idx].flag |=
2617
HOSTAPD_CHAN_PASSIVE_SCAN;
2618
if (tb_freq[NL80211_FREQUENCY_ATTR_NO_IBSS])
2619
mode->channels[idx].flag |=
2620
HOSTAPD_CHAN_NO_IBSS;
2621
if (tb_freq[NL80211_FREQUENCY_ATTR_RADAR])
2622
mode->channels[idx].flag |=
2623
HOSTAPD_CHAN_RADAR;
2624
2625
if (tb_freq[NL80211_FREQUENCY_ATTR_MAX_TX_POWER] &&
2626
!tb_freq[NL80211_FREQUENCY_ATTR_DISABLED])
2627
mode->channels[idx].max_tx_power =
2628
nla_get_u32(tb_freq[NL80211_FREQUENCY_ATTR_MAX_TX_POWER]) / 100;
2629
2630
idx++;
2631
}
2632
2633
nla_for_each_nested(nl_rate, tb_band[NL80211_BAND_ATTR_RATES], rem_rate) {
2634
nla_parse(tb_rate, NL80211_BITRATE_ATTR_MAX, nla_data(nl_rate),
2635
nla_len(nl_rate), rate_policy);
2636
if (!tb_rate[NL80211_BITRATE_ATTR_RATE])
2637
continue;
2638
mode->num_rates++;
2639
}
2640
2641
mode->rates = os_zalloc(mode->num_rates * sizeof(int));
2642
if (!mode->rates)
2643
return NL_SKIP;
2644
2645
idx = 0;
2646
2647
nla_for_each_nested(nl_rate, tb_band[NL80211_BAND_ATTR_RATES], rem_rate) {
2648
nla_parse(tb_rate, NL80211_BITRATE_ATTR_MAX, nla_data(nl_rate),
2649
nla_len(nl_rate), rate_policy);
2650
if (!tb_rate[NL80211_BITRATE_ATTR_RATE])
2651
continue;
2652
mode->rates[idx] = nla_get_u32(tb_rate[NL80211_BITRATE_ATTR_RATE]);
2653
2654
/* crude heuristic */
2655
if (mode->mode == HOSTAPD_MODE_IEEE80211B &&
2656
mode->rates[idx] > 200)
2657
mode->mode = HOSTAPD_MODE_IEEE80211G;
2658
2659
idx++;
2660
}
2661
}
2662
2663
return NL_SKIP;
2664
}
2665
2666
static struct hostapd_hw_modes *
2667
wpa_driver_nl80211_add_11b(struct hostapd_hw_modes *modes, u16 *num_modes)
2668
{
2669
u16 m;
2670
struct hostapd_hw_modes *mode11g = NULL, *nmodes, *mode;
2671
int i, mode11g_idx = -1;
2672
2673
/* If only 802.11g mode is included, use it to construct matching
2674
* 802.11b mode data. */
2675
2676
for (m = 0; m < *num_modes; m++) {
2677
if (modes[m].mode == HOSTAPD_MODE_IEEE80211B)
2678
return modes; /* 802.11b already included */
2679
if (modes[m].mode == HOSTAPD_MODE_IEEE80211G)
2680
mode11g_idx = m;
2681
}
2682
2683
if (mode11g_idx < 0)
2684
return modes; /* 2.4 GHz band not supported at all */
2685
2686
nmodes = os_realloc(modes, (*num_modes + 1) * sizeof(*nmodes));
2687
if (nmodes == NULL)
2688
return modes; /* Could not add 802.11b mode */
2689
2690
mode = &nmodes[*num_modes];
2691
os_memset(mode, 0, sizeof(*mode));
2692
(*num_modes)++;
2693
modes = nmodes;
2694
2695
mode->mode = HOSTAPD_MODE_IEEE80211B;
2696
2697
mode11g = &modes[mode11g_idx];
2698
mode->num_channels = mode11g->num_channels;
2699
mode->channels = os_malloc(mode11g->num_channels *
2700
sizeof(struct hostapd_channel_data));
2701
if (mode->channels == NULL) {
2702
(*num_modes)--;
2703
return modes; /* Could not add 802.11b mode */
2704
}
2705
os_memcpy(mode->channels, mode11g->channels,
2706
mode11g->num_channels * sizeof(struct hostapd_channel_data));
2707
2708
mode->num_rates = 0;
2709
mode->rates = os_malloc(4 * sizeof(int));
2710
if (mode->rates == NULL) {
2711
os_free(mode->channels);
2712
(*num_modes)--;
2713
return modes; /* Could not add 802.11b mode */
2714
}
2715
2716
for (i = 0; i < mode11g->num_rates; i++) {
2717
if (mode11g->rates[i] != 10 && mode11g->rates[i] != 20 &&
2718
mode11g->rates[i] != 55 && mode11g->rates[i] != 110)
2719
continue;
2720
mode->rates[mode->num_rates] = mode11g->rates[i];
2721
mode->num_rates++;
2722
if (mode->num_rates == 4)
2723
break;
2724
}
2725
2726
if (mode->num_rates == 0) {
2727
os_free(mode->channels);
2728
os_free(mode->rates);
2729
(*num_modes)--;
2730
return modes; /* No 802.11b rates */
2731
}
2732
2733
wpa_printf(MSG_DEBUG, "nl80211: Added 802.11b mode based on 802.11g "
2734
"information");
2735
2736
return modes;
2737
}
2738
2739
2740
static struct hostapd_hw_modes *
2741
wpa_driver_nl80211_get_hw_feature_data(void *priv, u16 *num_modes, u16 *flags)
2742
{
2743
struct i802_bss *bss = priv;
2744
struct wpa_driver_nl80211_data *drv = bss->drv;
2745
struct nl_msg *msg;
2746
struct phy_info_arg result = {
2747
.num_modes = num_modes,
2748
.modes = NULL,
2749
};
2750
2751
*num_modes = 0;
2752
*flags = 0;
2753
2754
msg = nlmsg_alloc();
2755
if (!msg)
2756
return NULL;
2757
2758
genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
2759
0, NL80211_CMD_GET_WIPHY, 0);
2760
2761
NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
2762
2763
if (send_and_recv_msgs(drv, msg, phy_info_handler, &result) == 0)
2764
return wpa_driver_nl80211_add_11b(result.modes, num_modes);
2765
nla_put_failure:
2766
return NULL;
2767
}
2768
2769
2770
static int wpa_driver_nl80211_send_frame(struct wpa_driver_nl80211_data *drv,
2771
const void *data, size_t len,
2772
int encrypt)
2773
{
2774
__u8 rtap_hdr[] = {
2775
0x00, 0x00, /* radiotap version */
2776
0x0e, 0x00, /* radiotap length */
2777
0x02, 0xc0, 0x00, 0x00, /* bmap: flags, tx and rx flags */
2778
IEEE80211_RADIOTAP_F_FRAG, /* F_FRAG (fragment if required) */
2779
0x00, /* padding */
2780
0x00, 0x00, /* RX and TX flags to indicate that */
2781
0x00, 0x00, /* this is the injected frame directly */
2782
};
2783
struct iovec iov[2] = {
2784
{
2785
.iov_base = &rtap_hdr,
2786
.iov_len = sizeof(rtap_hdr),
2787
},
2788
{
2789
.iov_base = (void *) data,
2790
.iov_len = len,
2791
}
2792
};
2793
struct msghdr msg = {
2794
.msg_name = NULL,
2795
.msg_namelen = 0,
2796
.msg_iov = iov,
2797
.msg_iovlen = 2,
2798
.msg_control = NULL,
2799
.msg_controllen = 0,
2800
.msg_flags = 0,
2801
};
2802
2803
if (encrypt)
2804
rtap_hdr[8] |= IEEE80211_RADIOTAP_F_WEP;
2805
2806
return sendmsg(drv->monitor_sock, &msg, 0);
2807
}
2808
2809
2810
static int wpa_driver_nl80211_send_mlme(void *priv, const u8 *data,
2811
size_t data_len)
2812
{
2813
struct i802_bss *bss = priv;
2814
struct wpa_driver_nl80211_data *drv = bss->drv;
2815
struct ieee80211_mgmt *mgmt;
2816
int encrypt = 1;
2817
u16 fc;
2818
2819
mgmt = (struct ieee80211_mgmt *) data;
2820
fc = le_to_host16(mgmt->frame_control);
2821
2822
if (WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT &&
2823
WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_AUTH) {
2824
/*
2825
* Only one of the authentication frame types is encrypted.
2826
* In order for static WEP encryption to work properly (i.e.,
2827
* to not encrypt the frame), we need to tell mac80211 about
2828
* the frames that must not be encrypted.
2829
*/
2830
u16 auth_alg = le_to_host16(mgmt->u.auth.auth_alg);
2831
u16 auth_trans = le_to_host16(mgmt->u.auth.auth_transaction);
2832
if (auth_alg != WLAN_AUTH_SHARED_KEY || auth_trans != 3)
2833
encrypt = 0;
2834
}
2835
2836
return wpa_driver_nl80211_send_frame(drv, data, data_len, encrypt);
2837
}
2838
2839
2840
static int wpa_driver_nl80211_set_beacon(void *priv,
2841
const u8 *head, size_t head_len,
2842
const u8 *tail, size_t tail_len,
2843
int dtim_period, int beacon_int)
2844
{
2845
struct i802_bss *bss = priv;
2846
struct wpa_driver_nl80211_data *drv = bss->drv;
2847
struct nl_msg *msg;
2848
u8 cmd = NL80211_CMD_NEW_BEACON;
2849
int ret;
2850
int beacon_set;
2851
int ifindex = if_nametoindex(bss->ifname);
2852
2853
beacon_set = bss->beacon_set;
2854
2855
msg = nlmsg_alloc();
2856
if (!msg)
2857
return -ENOMEM;
2858
2859
wpa_printf(MSG_DEBUG, "nl80211: Set beacon (beacon_set=%d)",
2860
beacon_set);
2861
if (beacon_set)
2862
cmd = NL80211_CMD_SET_BEACON;
2863
2864
genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
2865
0, cmd, 0);
2866
NLA_PUT(msg, NL80211_ATTR_BEACON_HEAD, head_len, head);
2867
NLA_PUT(msg, NL80211_ATTR_BEACON_TAIL, tail_len, tail);
2868
NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifindex);
2869
NLA_PUT_U32(msg, NL80211_ATTR_BEACON_INTERVAL, beacon_int);
2870
NLA_PUT_U32(msg, NL80211_ATTR_DTIM_PERIOD, dtim_period);
2871
2872
ret = send_and_recv_msgs(drv, msg, NULL, NULL);
2873
if (ret) {
2874
wpa_printf(MSG_DEBUG, "nl80211: Beacon set failed: %d (%s)",
2875
ret, strerror(-ret));
2876
} else {
2877
bss->beacon_set = 1;
2878
}
2879
return ret;
2880
nla_put_failure:
2881
return -ENOBUFS;
2882
}
2883
2884
2885
static int wpa_driver_nl80211_set_freq(struct wpa_driver_nl80211_data *drv,
2886
int freq, int ht_enabled,
2887
int sec_channel_offset)
2888
{
2889
struct nl_msg *msg;
2890
int ret;
2891
2892
msg = nlmsg_alloc();
2893
if (!msg)
2894
return -1;
2895
2896
genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
2897
NL80211_CMD_SET_WIPHY, 0);
2898
2899
NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
2900
NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, freq);
2901
if (ht_enabled) {
2902
switch (sec_channel_offset) {
2903
case -1:
2904
NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE,
2905
NL80211_CHAN_HT40MINUS);
2906
break;
2907
case 1:
2908
NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE,
2909
NL80211_CHAN_HT40PLUS);
2910
break;
2911
default:
2912
NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE,
2913
NL80211_CHAN_HT20);
2914
break;
2915
}
2916
}
2917
2918
ret = send_and_recv_msgs(drv, msg, NULL, NULL);
2919
if (ret == 0)
2920
return 0;
2921
wpa_printf(MSG_DEBUG, "nl80211: Failed to set channel (freq=%d): "
2922
"%d (%s)", freq, ret, strerror(-ret));
2923
nla_put_failure:
2924
return -1;
2925
}
2926
2927
2928
static int wpa_driver_nl80211_sta_add(void *priv,
2929
struct hostapd_sta_add_params *params)
2930
{
2931
struct i802_bss *bss = priv;
2932
struct wpa_driver_nl80211_data *drv = bss->drv;
2933
struct nl_msg *msg;
2934
int ret = -ENOBUFS;
2935
2936
msg = nlmsg_alloc();
2937
if (!msg)
2938
return -ENOMEM;
2939
2940
genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
2941
0, NL80211_CMD_NEW_STATION, 0);
2942
2943
NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(bss->ifname));
2944
NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, params->addr);
2945
NLA_PUT_U16(msg, NL80211_ATTR_STA_AID, params->aid);
2946
NLA_PUT(msg, NL80211_ATTR_STA_SUPPORTED_RATES, params->supp_rates_len,
2947
params->supp_rates);
2948
NLA_PUT_U16(msg, NL80211_ATTR_STA_LISTEN_INTERVAL,
2949
params->listen_interval);
2950
if (params->ht_capabilities) {
2951
NLA_PUT(msg, NL80211_ATTR_HT_CAPABILITY,
2952
sizeof(*params->ht_capabilities),
2953
params->ht_capabilities);
2954
}
2955
2956
ret = send_and_recv_msgs(drv, msg, NULL, NULL);
2957
if (ret)
2958
wpa_printf(MSG_DEBUG, "nl80211: NL80211_CMD_NEW_STATION "
2959
"result: %d (%s)", ret, strerror(-ret));
2960
if (ret == -EEXIST)
2961
ret = 0;
2962
nla_put_failure:
2963
return ret;
2964
}
2965
2966
2967
static int wpa_driver_nl80211_sta_remove(void *priv, const u8 *addr)
2968
{
2969
struct i802_bss *bss = priv;
2970
struct wpa_driver_nl80211_data *drv = bss->drv;
2971
struct nl_msg *msg;
2972
int ret;
2973
2974
msg = nlmsg_alloc();
2975
if (!msg)
2976
return -ENOMEM;
2977
2978
genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
2979
0, NL80211_CMD_DEL_STATION, 0);
2980
2981
NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
2982
if_nametoindex(bss->ifname));
2983
NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
2984
2985
ret = send_and_recv_msgs(drv, msg, NULL, NULL);
2986
if (ret == -ENOENT)
2987
return 0;
2988
return ret;
2989
nla_put_failure:
2990
return -ENOBUFS;
2991
}
2992
2993
2994
static void nl80211_remove_iface(struct wpa_driver_nl80211_data *drv,
2995
int ifidx)
2996
{
2997
struct nl_msg *msg;
2998
2999
wpa_printf(MSG_DEBUG, "nl80211: Remove interface ifindex=%d", ifidx);
3000
3001
#ifdef HOSTAPD
3002
/* stop listening for EAPOL on this interface */
3003
del_ifidx(drv, ifidx);
3004
#endif /* HOSTAPD */
3005
3006
msg = nlmsg_alloc();
3007
if (!msg)
3008
goto nla_put_failure;
3009
3010
genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
3011
0, NL80211_CMD_DEL_INTERFACE, 0);
3012
NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifidx);
3013
3014
if (send_and_recv_msgs(drv, msg, NULL, NULL) == 0)
3015
return;
3016
nla_put_failure:
3017
wpa_printf(MSG_ERROR, "Failed to remove interface (ifidx=%d)", ifidx);
3018
}
3019
3020
3021
static int nl80211_create_iface_once(struct wpa_driver_nl80211_data *drv,
3022
const char *ifname,
3023
enum nl80211_iftype iftype,
3024
const u8 *addr, int wds)
3025
{
3026
struct nl_msg *msg, *flags = NULL;
3027
int ifidx;
3028
int ret = -ENOBUFS;
3029
3030
msg = nlmsg_alloc();
3031
if (!msg)
3032
return -1;
3033
3034
genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
3035
0, NL80211_CMD_NEW_INTERFACE, 0);
3036
NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
3037
NLA_PUT_STRING(msg, NL80211_ATTR_IFNAME, ifname);
3038
NLA_PUT_U32(msg, NL80211_ATTR_IFTYPE, iftype);
3039
3040
if (iftype == NL80211_IFTYPE_MONITOR) {
3041
int err;
3042
3043
flags = nlmsg_alloc();
3044
if (!flags)
3045
goto nla_put_failure;
3046
3047
NLA_PUT_FLAG(flags, NL80211_MNTR_FLAG_COOK_FRAMES);
3048
3049
err = nla_put_nested(msg, NL80211_ATTR_MNTR_FLAGS, flags);
3050
3051
nlmsg_free(flags);
3052
3053
if (err)
3054
goto nla_put_failure;
3055
} else if (wds) {
3056
NLA_PUT_U8(msg, NL80211_ATTR_4ADDR, wds);
3057
}
3058
3059
ret = send_and_recv_msgs(drv, msg, NULL, NULL);
3060
if (ret) {
3061
nla_put_failure:
3062
wpa_printf(MSG_ERROR, "Failed to create interface %s: %d (%s)",
3063
ifname, ret, strerror(-ret));
3064
return ret;
3065
}
3066
3067
ifidx = if_nametoindex(ifname);
3068
wpa_printf(MSG_DEBUG, "nl80211: New interface %s created: ifindex=%d",
3069
ifname, ifidx);
3070
3071
if (ifidx <= 0)
3072
return -1;
3073
3074
#ifdef HOSTAPD
3075
/* start listening for EAPOL on this interface */
3076
add_ifidx(drv, ifidx);
3077
#endif /* HOSTAPD */
3078
3079
if (addr && iftype != NL80211_IFTYPE_MONITOR &&
3080
linux_set_ifhwaddr(drv->ioctl_sock, ifname, addr)) {
3081
nl80211_remove_iface(drv, ifidx);
3082
return -1;
3083
}
3084
3085
return ifidx;
3086
}
3087
3088
3089
static int nl80211_create_iface(struct wpa_driver_nl80211_data *drv,
3090
const char *ifname, enum nl80211_iftype iftype,
3091
const u8 *addr, int wds)
3092
{
3093
int ret;
3094
3095
ret = nl80211_create_iface_once(drv, ifname, iftype, addr, wds);
3096
3097
/* if error occured and interface exists already */
3098
if (ret == -ENFILE && if_nametoindex(ifname)) {
3099
wpa_printf(MSG_INFO, "Try to remove and re-create %s", ifname);
3100
3101
/* Try to remove the interface that was already there. */
3102
nl80211_remove_iface(drv, if_nametoindex(ifname));
3103
3104
/* Try to create the interface again */
3105
ret = nl80211_create_iface_once(drv, ifname, iftype, addr,
3106
wds);
3107
}
3108
3109
if (ret >= 0 && drv->disable_11b_rates)
3110
nl80211_disable_11b_rates(drv, ret, 1);
3111
3112
return ret;
3113
}
3114
3115
3116
static void handle_tx_callback(void *ctx, u8 *buf, size_t len, int ok)
3117
{
3118
struct ieee80211_hdr *hdr;
3119
u16 fc;
3120
union wpa_event_data event;
3121
3122
hdr = (struct ieee80211_hdr *) buf;
3123
fc = le_to_host16(hdr->frame_control);
3124
3125
os_memset(&event, 0, sizeof(event));
3126
event.tx_status.type = WLAN_FC_GET_TYPE(fc);
3127
event.tx_status.stype = WLAN_FC_GET_STYPE(fc);
3128
event.tx_status.dst = hdr->addr1;
3129
event.tx_status.data = buf;
3130
event.tx_status.data_len = len;
3131
event.tx_status.ack = ok;
3132
wpa_supplicant_event(ctx, EVENT_TX_STATUS, &event);
3133
}
3134
3135
3136
static void from_unknown_sta(struct wpa_driver_nl80211_data *drv,
3137
u8 *buf, size_t len)
3138
{
3139
union wpa_event_data event;
3140
os_memset(&event, 0, sizeof(event));
3141
event.rx_from_unknown.frame = buf;
3142
event.rx_from_unknown.len = len;
3143
wpa_supplicant_event(drv->ctx, EVENT_RX_FROM_UNKNOWN, &event);
3144
}
3145
3146
3147
static void handle_frame(struct wpa_driver_nl80211_data *drv,
3148
u8 *buf, size_t len, int datarate, int ssi_signal)
3149
{
3150
struct ieee80211_hdr *hdr;
3151
u16 fc;
3152
union wpa_event_data event;
3153
3154
hdr = (struct ieee80211_hdr *) buf;
3155
fc = le_to_host16(hdr->frame_control);
3156
3157
switch (WLAN_FC_GET_TYPE(fc)) {
3158
case WLAN_FC_TYPE_MGMT:
3159
os_memset(&event, 0, sizeof(event));
3160
event.rx_mgmt.frame = buf;
3161
event.rx_mgmt.frame_len = len;
3162
event.rx_mgmt.datarate = datarate;
3163
event.rx_mgmt.ssi_signal = ssi_signal;
3164
wpa_supplicant_event(drv->ctx, EVENT_RX_MGMT, &event);
3165
break;
3166
case WLAN_FC_TYPE_CTRL:
3167
/* can only get here with PS-Poll frames */
3168
wpa_printf(MSG_DEBUG, "CTRL");
3169
from_unknown_sta(drv, buf, len);
3170
break;
3171
case WLAN_FC_TYPE_DATA:
3172
from_unknown_sta(drv, buf, len);
3173
break;
3174
}
3175
}
3176
3177
3178
static void handle_monitor_read(int sock, void *eloop_ctx, void *sock_ctx)
3179
{
3180
struct wpa_driver_nl80211_data *drv = eloop_ctx;
3181
int len;
3182
unsigned char buf[3000];
3183
struct ieee80211_radiotap_iterator iter;
3184
int ret;
3185
int datarate = 0, ssi_signal = 0;
3186
int injected = 0, failed = 0, rxflags = 0;
3187
3188
len = recv(sock, buf, sizeof(buf), 0);
3189
if (len < 0) {
3190
perror("recv");
3191
return;
3192
}
3193
3194
if (drv->nlmode == NL80211_IFTYPE_STATION && !drv->probe_req_report) {
3195
wpa_printf(MSG_DEBUG, "nl80211: Ignore monitor interface "
3196
"frame since Probe Request reporting is disabled");
3197
return;
3198
}
3199
3200
if (ieee80211_radiotap_iterator_init(&iter, (void*)buf, len)) {
3201
printf("received invalid radiotap frame\n");
3202
return;
3203
}
3204
3205
while (1) {
3206
ret = ieee80211_radiotap_iterator_next(&iter);
3207
if (ret == -ENOENT)
3208
break;
3209
if (ret) {
3210
printf("received invalid radiotap frame (%d)\n", ret);
3211
return;
3212
}
3213
switch (iter.this_arg_index) {
3214
case IEEE80211_RADIOTAP_FLAGS:
3215
if (*iter.this_arg & IEEE80211_RADIOTAP_F_FCS)
3216
len -= 4;
3217
break;
3218
case IEEE80211_RADIOTAP_RX_FLAGS:
3219
rxflags = 1;
3220
break;
3221
case IEEE80211_RADIOTAP_TX_FLAGS:
3222
injected = 1;
3223
failed = le_to_host16((*(uint16_t *) iter.this_arg)) &
3224
IEEE80211_RADIOTAP_F_TX_FAIL;
3225
break;
3226
case IEEE80211_RADIOTAP_DATA_RETRIES:
3227
break;
3228
case IEEE80211_RADIOTAP_CHANNEL:
3229
/* TODO: convert from freq/flags to channel number */
3230
break;
3231
case IEEE80211_RADIOTAP_RATE:
3232
datarate = *iter.this_arg * 5;
3233
break;
3234
case IEEE80211_RADIOTAP_DB_ANTSIGNAL:
3235
ssi_signal = *iter.this_arg;
3236
break;
3237
}
3238
}
3239
3240
if (rxflags && injected)
3241
return;
3242
3243
if (!injected)
3244
handle_frame(drv, buf + iter.max_length,
3245
len - iter.max_length, datarate, ssi_signal);
3246
else
3247
handle_tx_callback(drv->ctx, buf + iter.max_length,
3248
len - iter.max_length, !failed);
3249
}
3250
3251
3252
/*
3253
* we post-process the filter code later and rewrite
3254
* this to the offset to the last instruction
3255
*/
3256
#define PASS 0xFF
3257
#define FAIL 0xFE
3258
3259
static struct sock_filter msock_filter_insns[] = {
3260
/*
3261
* do a little-endian load of the radiotap length field
3262
*/
3263
/* load lower byte into A */
3264
BPF_STMT(BPF_LD | BPF_B | BPF_ABS, 2),
3265
/* put it into X (== index register) */
3266
BPF_STMT(BPF_MISC| BPF_TAX, 0),
3267
/* load upper byte into A */
3268
BPF_STMT(BPF_LD | BPF_B | BPF_ABS, 3),
3269
/* left-shift it by 8 */
3270
BPF_STMT(BPF_ALU | BPF_LSH | BPF_K, 8),
3271
/* or with X */
3272
BPF_STMT(BPF_ALU | BPF_OR | BPF_X, 0),
3273
/* put result into X */
3274
BPF_STMT(BPF_MISC| BPF_TAX, 0),
3275
3276
/*
3277
* Allow management frames through, this also gives us those
3278
* management frames that we sent ourselves with status
3279
*/
3280
/* load the lower byte of the IEEE 802.11 frame control field */
3281
BPF_STMT(BPF_LD | BPF_B | BPF_IND, 0),
3282
/* mask off frame type and version */
3283
BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0xF),
3284
/* accept frame if it's both 0, fall through otherwise */
3285
BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 0, PASS, 0),
3286
3287
/*
3288
* TODO: add a bit to radiotap RX flags that indicates
3289
* that the sending station is not associated, then
3290
* add a filter here that filters on our DA and that flag
3291
* to allow us to deauth frames to that bad station.
3292
*
3293
* Not a regression -- we didn't do it before either.
3294
*/
3295
3296
#if 0
3297
/*
3298
* drop non-data frames
3299
*/
3300
/* load the lower byte of the frame control field */
3301
BPF_STMT(BPF_LD | BPF_B | BPF_IND, 0),
3302
/* mask off QoS bit */
3303
BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0x0c),
3304
/* drop non-data frames */
3305
BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 8, 0, FAIL),
3306
#endif
3307
/* load the upper byte of the frame control field */
3308
BPF_STMT(BPF_LD | BPF_B | BPF_IND, 1),
3309
/* mask off toDS/fromDS */
3310
BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0x03),
3311
/* accept WDS frames */
3312
BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 3, PASS, 0),
3313
3314
/*
3315
* add header length to index
3316
*/
3317
/* load the lower byte of the frame control field */
3318
BPF_STMT(BPF_LD | BPF_B | BPF_IND, 0),
3319
/* mask off QoS bit */
3320
BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0x80),
3321
/* right shift it by 6 to give 0 or 2 */
3322
BPF_STMT(BPF_ALU | BPF_RSH | BPF_K, 6),
3323
/* add data frame header length */
3324
BPF_STMT(BPF_ALU | BPF_ADD | BPF_K, 24),
3325
/* add index, was start of 802.11 header */
3326
BPF_STMT(BPF_ALU | BPF_ADD | BPF_X, 0),
3327
/* move to index, now start of LL header */
3328
BPF_STMT(BPF_MISC | BPF_TAX, 0),
3329
3330
/*
3331
* Accept empty data frames, we use those for
3332
* polling activity.
3333
*/
3334
BPF_STMT(BPF_LD | BPF_W | BPF_LEN, 0),
3335
BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_X, 0, PASS, 0),
3336
3337
/*
3338
* Accept EAPOL frames
3339
*/
3340
BPF_STMT(BPF_LD | BPF_W | BPF_IND, 0),
3341
BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 0xAAAA0300, 0, FAIL),
3342
BPF_STMT(BPF_LD | BPF_W | BPF_IND, 4),
3343
BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 0x0000888E, PASS, FAIL),
3344
3345
/* keep these last two statements or change the code below */
3346
/* return 0 == "DROP" */
3347
BPF_STMT(BPF_RET | BPF_K, 0),
3348
/* return ~0 == "keep all" */
3349
BPF_STMT(BPF_RET | BPF_K, ~0),
3350
};
3351
3352
static struct sock_fprog msock_filter = {
3353
.len = sizeof(msock_filter_insns)/sizeof(msock_filter_insns[0]),
3354
.filter = msock_filter_insns,
3355
};
3356
3357
3358
static int add_monitor_filter(int s)
3359
{
3360
int idx;
3361
3362
/* rewrite all PASS/FAIL jump offsets */
3363
for (idx = 0; idx < msock_filter.len; idx++) {
3364
struct sock_filter *insn = &msock_filter_insns[idx];
3365
3366
if (BPF_CLASS(insn->code) == BPF_JMP) {
3367
if (insn->code == (BPF_JMP|BPF_JA)) {
3368
if (insn->k == PASS)
3369
insn->k = msock_filter.len - idx - 2;
3370
else if (insn->k == FAIL)
3371
insn->k = msock_filter.len - idx - 3;
3372
}
3373
3374
if (insn->jt == PASS)
3375
insn->jt = msock_filter.len - idx - 2;
3376
else if (insn->jt == FAIL)
3377
insn->jt = msock_filter.len - idx - 3;
3378
3379
if (insn->jf == PASS)
3380
insn->jf = msock_filter.len - idx - 2;
3381
else if (insn->jf == FAIL)
3382
insn->jf = msock_filter.len - idx - 3;
3383
}
3384
}
3385
3386
if (setsockopt(s, SOL_SOCKET, SO_ATTACH_FILTER,
3387
&msock_filter, sizeof(msock_filter))) {
3388
perror("SO_ATTACH_FILTER");
3389
return -1;
3390
}
3391
3392
return 0;
3393
}
3394
3395
3396
static void nl80211_remove_monitor_interface(
3397
struct wpa_driver_nl80211_data *drv)
3398
{
3399
if (drv->monitor_ifidx >= 0) {
3400
nl80211_remove_iface(drv, drv->monitor_ifidx);
3401
drv->monitor_ifidx = -1;
3402
}
3403
if (drv->monitor_sock >= 0) {
3404
eloop_unregister_read_sock(drv->monitor_sock);
3405
close(drv->monitor_sock);
3406
drv->monitor_sock = -1;
3407
}
3408
}
3409
3410
3411
static int
3412
nl80211_create_monitor_interface(struct wpa_driver_nl80211_data *drv)
3413
{
3414
char buf[IFNAMSIZ];
3415
struct sockaddr_ll ll;
3416
int optval;
3417
socklen_t optlen;
3418
3419
snprintf(buf, IFNAMSIZ, "mon.%s", drv->first_bss.ifname);
3420
buf[IFNAMSIZ - 1] = '\0';
3421
3422
drv->monitor_ifidx =
3423
nl80211_create_iface(drv, buf, NL80211_IFTYPE_MONITOR, NULL,
3424
0);
3425
3426
if (drv->monitor_ifidx < 0)
3427
return -1;
3428
3429
if (linux_set_iface_flags(drv->ioctl_sock, buf, 1))
3430
goto error;
3431
3432
memset(&ll, 0, sizeof(ll));
3433
ll.sll_family = AF_PACKET;
3434
ll.sll_ifindex = drv->monitor_ifidx;
3435
drv->monitor_sock = socket(PF_PACKET, SOCK_RAW, htons(ETH_P_ALL));
3436
if (drv->monitor_sock < 0) {
3437
perror("socket[PF_PACKET,SOCK_RAW]");
3438
goto error;
3439
}
3440
3441
if (add_monitor_filter(drv->monitor_sock)) {
3442
wpa_printf(MSG_INFO, "Failed to set socket filter for monitor "
3443
"interface; do filtering in user space");
3444
/* This works, but will cost in performance. */
3445
}
3446
3447
if (bind(drv->monitor_sock, (struct sockaddr *) &ll, sizeof(ll)) < 0) {
3448
perror("monitor socket bind");
3449
goto error;
3450
}
3451
3452
optlen = sizeof(optval);
3453
optval = 20;
3454
if (setsockopt
3455
(drv->monitor_sock, SOL_SOCKET, SO_PRIORITY, &optval, optlen)) {
3456
perror("Failed to set socket priority");
3457
goto error;
3458
}
3459
3460
if (eloop_register_read_sock(drv->monitor_sock, handle_monitor_read,
3461
drv, NULL)) {
3462
printf("Could not register monitor read socket\n");
3463
goto error;
3464
}
3465
3466
return 0;
3467
error:
3468
nl80211_remove_monitor_interface(drv);
3469
return -1;
3470
}
3471
3472
3473
static const u8 rfc1042_header[6] = { 0xaa, 0xaa, 0x03, 0x00, 0x00, 0x00 };
3474
3475
static int wpa_driver_nl80211_hapd_send_eapol(
3476
void *priv, const u8 *addr, const u8 *data,
3477
size_t data_len, int encrypt, const u8 *own_addr)
3478
{
3479
struct i802_bss *bss = priv;
3480
struct wpa_driver_nl80211_data *drv = bss->drv;
3481
struct ieee80211_hdr *hdr;
3482
size_t len;
3483
u8 *pos;
3484
int res;
3485
#if 0 /* FIX */
3486
int qos = sta->flags & WPA_STA_WMM;
3487
#else
3488
int qos = 0;
3489
#endif
3490
3491
len = sizeof(*hdr) + (qos ? 2 : 0) + sizeof(rfc1042_header) + 2 +
3492
data_len;
3493
hdr = os_zalloc(len);
3494
if (hdr == NULL) {
3495
printf("malloc() failed for i802_send_data(len=%lu)\n",
3496
(unsigned long) len);
3497
return -1;
3498
}
3499
3500
hdr->frame_control =
3501
IEEE80211_FC(WLAN_FC_TYPE_DATA, WLAN_FC_STYPE_DATA);
3502
hdr->frame_control |= host_to_le16(WLAN_FC_FROMDS);
3503
if (encrypt)
3504
hdr->frame_control |= host_to_le16(WLAN_FC_ISWEP);
3505
#if 0 /* To be enabled if qos determination is added above */
3506
if (qos) {
3507
hdr->frame_control |=
3508
host_to_le16(WLAN_FC_STYPE_QOS_DATA << 4);
3509
}
3510
#endif
3511
3512
memcpy(hdr->IEEE80211_DA_FROMDS, addr, ETH_ALEN);
3513
memcpy(hdr->IEEE80211_BSSID_FROMDS, own_addr, ETH_ALEN);
3514
memcpy(hdr->IEEE80211_SA_FROMDS, own_addr, ETH_ALEN);
3515
pos = (u8 *) (hdr + 1);
3516
3517
#if 0 /* To be enabled if qos determination is added above */
3518
if (qos) {
3519
/* add an empty QoS header if needed */
3520
pos[0] = 0;
3521
pos[1] = 0;
3522
pos += 2;
3523
}
3524
#endif
3525
3526
memcpy(pos, rfc1042_header, sizeof(rfc1042_header));
3527
pos += sizeof(rfc1042_header);
3528
WPA_PUT_BE16(pos, ETH_P_PAE);
3529
pos += 2;
3530
memcpy(pos, data, data_len);
3531
3532
res = wpa_driver_nl80211_send_frame(drv, (u8 *) hdr, len, encrypt);
3533
if (res < 0) {
3534
wpa_printf(MSG_ERROR, "i802_send_eapol - packet len: %lu - "
3535
"failed: %d (%s)",
3536
(unsigned long) len, errno, strerror(errno));
3537
}
3538
os_free(hdr);
3539
3540
return res;
3541
}
3542
3543
3544
static u32 sta_flags_nl80211(int flags)
3545
{
3546
u32 f = 0;
3547
3548
if (flags & WPA_STA_AUTHORIZED)
3549
f |= BIT(NL80211_STA_FLAG_AUTHORIZED);
3550
if (flags & WPA_STA_WMM)
3551
f |= BIT(NL80211_STA_FLAG_WME);
3552
if (flags & WPA_STA_SHORT_PREAMBLE)
3553
f |= BIT(NL80211_STA_FLAG_SHORT_PREAMBLE);
3554
if (flags & WPA_STA_MFP)
3555
f |= BIT(NL80211_STA_FLAG_MFP);
3556
3557
return f;
3558
}
3559
3560
3561
static int wpa_driver_nl80211_sta_set_flags(void *priv, const u8 *addr,
3562
int total_flags,
3563
int flags_or, int flags_and)
3564
{
3565
struct i802_bss *bss = priv;
3566
struct wpa_driver_nl80211_data *drv = bss->drv;
3567
struct nl_msg *msg, *flags = NULL;
3568
struct nl80211_sta_flag_update upd;
3569
3570
msg = nlmsg_alloc();
3571
if (!msg)
3572
return -ENOMEM;
3573
3574
flags = nlmsg_alloc();
3575
if (!flags) {
3576
nlmsg_free(msg);
3577
return -ENOMEM;
3578
}
3579
3580
genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
3581
0, NL80211_CMD_SET_STATION, 0);
3582
3583
NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
3584
if_nametoindex(bss->ifname));
3585
NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
3586
3587
/*
3588
* Backwards compatibility version using NL80211_ATTR_STA_FLAGS. This
3589
* can be removed eventually.
3590
*/
3591
if (total_flags & WPA_STA_AUTHORIZED)
3592
NLA_PUT_FLAG(flags, NL80211_STA_FLAG_AUTHORIZED);
3593
3594
if (total_flags & WPA_STA_WMM)
3595
NLA_PUT_FLAG(flags, NL80211_STA_FLAG_WME);
3596
3597
if (total_flags & WPA_STA_SHORT_PREAMBLE)
3598
NLA_PUT_FLAG(flags, NL80211_STA_FLAG_SHORT_PREAMBLE);
3599
3600
if (total_flags & WPA_STA_MFP)
3601
NLA_PUT_FLAG(flags, NL80211_STA_FLAG_MFP);
3602
3603
if (nla_put_nested(msg, NL80211_ATTR_STA_FLAGS, flags))
3604
goto nla_put_failure;
3605
3606
os_memset(&upd, 0, sizeof(upd));
3607
upd.mask = sta_flags_nl80211(flags_or | ~flags_and);
3608
upd.set = sta_flags_nl80211(flags_or);
3609
NLA_PUT(msg, NL80211_ATTR_STA_FLAGS2, sizeof(upd), &upd);
3610
3611
nlmsg_free(flags);
3612
3613
return send_and_recv_msgs(drv, msg, NULL, NULL);
3614
nla_put_failure:
3615
nlmsg_free(flags);
3616
return -ENOBUFS;
3617
}
3618
3619
3620
static int wpa_driver_nl80211_ap(struct wpa_driver_nl80211_data *drv,
3621
struct wpa_driver_associate_params *params)
3622
{
3623
if (wpa_driver_nl80211_set_mode(&drv->first_bss, params->mode) ||
3624
wpa_driver_nl80211_set_freq(drv, params->freq, 0, 0)) {
3625
nl80211_remove_monitor_interface(drv);
3626
return -1;
3627
}
3628
3629
/* TODO: setup monitor interface (and add code somewhere to remove this
3630
* when AP mode is stopped; associate with mode != 2 or drv_deinit) */
3631
3632
return 0;
3633
}
3634
3635
3636
static int nl80211_leave_ibss(struct wpa_driver_nl80211_data *drv)
3637
{
3638
struct nl_msg *msg;
3639
int ret = -1;
3640
3641
msg = nlmsg_alloc();
3642
if (!msg)
3643
return -1;
3644
3645
genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
3646
NL80211_CMD_LEAVE_IBSS, 0);
3647
NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
3648
ret = send_and_recv_msgs(drv, msg, NULL, NULL);
3649
msg = NULL;
3650
if (ret) {
3651
wpa_printf(MSG_DEBUG, "nl80211: Leave IBSS failed: ret=%d "
3652
"(%s)", ret, strerror(-ret));
3653
goto nla_put_failure;
3654
}
3655
3656
ret = 0;
3657
wpa_printf(MSG_DEBUG, "nl80211: Leave IBSS request sent successfully");
3658
3659
nla_put_failure:
3660
nlmsg_free(msg);
3661
return ret;
3662
}
3663
3664
3665
static int wpa_driver_nl80211_ibss(struct wpa_driver_nl80211_data *drv,
3666
struct wpa_driver_associate_params *params)
3667
{
3668
struct nl_msg *msg;
3669
int ret = -1;
3670
int count = 0;
3671
3672
wpa_printf(MSG_DEBUG, "nl80211: Join IBSS (ifindex=%d)", drv->ifindex);
3673
3674
if (wpa_driver_nl80211_set_mode(&drv->first_bss, params->mode)) {
3675
wpa_printf(MSG_INFO, "nl80211: Failed to set interface into "
3676
"IBSS mode");
3677
return -1;
3678
}
3679
3680
retry:
3681
msg = nlmsg_alloc();
3682
if (!msg)
3683
return -1;
3684
3685
genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
3686
NL80211_CMD_JOIN_IBSS, 0);
3687
NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
3688
3689
if (params->ssid == NULL || params->ssid_len > sizeof(drv->ssid))
3690
goto nla_put_failure;
3691
3692
wpa_hexdump_ascii(MSG_DEBUG, " * SSID",
3693
params->ssid, params->ssid_len);
3694
NLA_PUT(msg, NL80211_ATTR_SSID, params->ssid_len,
3695
params->ssid);
3696
os_memcpy(drv->ssid, params->ssid, params->ssid_len);
3697
drv->ssid_len = params->ssid_len;
3698
3699
wpa_printf(MSG_DEBUG, " * freq=%d", params->freq);
3700
NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, params->freq);
3701
3702
ret = nl80211_set_conn_keys(params, msg);
3703
if (ret)
3704
goto nla_put_failure;
3705
3706
if (params->wpa_ie) {
3707
wpa_hexdump(MSG_DEBUG,
3708
" * Extra IEs for Beacon/Probe Response frames",
3709
params->wpa_ie, params->wpa_ie_len);
3710
NLA_PUT(msg, NL80211_ATTR_IE, params->wpa_ie_len,
3711
params->wpa_ie);
3712
}
3713
3714
ret = send_and_recv_msgs(drv, msg, NULL, NULL);
3715
msg = NULL;
3716
if (ret) {
3717
wpa_printf(MSG_DEBUG, "nl80211: Join IBSS failed: ret=%d (%s)",
3718
ret, strerror(-ret));
3719
count++;
3720
if (ret == -EALREADY && count == 1) {
3721
wpa_printf(MSG_DEBUG, "nl80211: Retry IBSS join after "
3722
"forced leave");
3723
nl80211_leave_ibss(drv);
3724
nlmsg_free(msg);
3725
goto retry;
3726
}
3727
3728
goto nla_put_failure;
3729
}
3730
ret = 0;
3731
wpa_printf(MSG_DEBUG, "nl80211: Join IBSS request sent successfully");
3732
3733
nla_put_failure:
3734
nlmsg_free(msg);
3735
return ret;
3736
}
3737
3738
3739
static int wpa_driver_nl80211_connect(
3740
struct wpa_driver_nl80211_data *drv,
3741
struct wpa_driver_associate_params *params)
3742
{
3743
struct nl_msg *msg;
3744
enum nl80211_auth_type type;
3745
int ret = 0;
3746
3747
msg = nlmsg_alloc();
3748
if (!msg)
3749
return -1;
3750
3751
wpa_printf(MSG_DEBUG, "nl80211: Connect (ifindex=%d)", drv->ifindex);
3752
genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
3753
NL80211_CMD_CONNECT, 0);
3754
3755
NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
3756
if (params->bssid) {
3757
wpa_printf(MSG_DEBUG, " * bssid=" MACSTR,
3758
MAC2STR(params->bssid));
3759
NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid);
3760
}
3761
if (params->freq) {
3762
wpa_printf(MSG_DEBUG, " * freq=%d", params->freq);
3763
NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, params->freq);
3764
}
3765
if (params->ssid) {
3766
wpa_hexdump_ascii(MSG_DEBUG, " * SSID",
3767
params->ssid, params->ssid_len);
3768
NLA_PUT(msg, NL80211_ATTR_SSID, params->ssid_len,
3769
params->ssid);
3770
if (params->ssid_len > sizeof(drv->ssid))
3771
goto nla_put_failure;
3772
os_memcpy(drv->ssid, params->ssid, params->ssid_len);
3773
drv->ssid_len = params->ssid_len;
3774
}
3775
wpa_hexdump(MSG_DEBUG, " * IEs", params->wpa_ie, params->wpa_ie_len);
3776
if (params->wpa_ie)
3777
NLA_PUT(msg, NL80211_ATTR_IE, params->wpa_ie_len,
3778
params->wpa_ie);
3779
3780
if (params->auth_alg & WPA_AUTH_ALG_OPEN)
3781
type = NL80211_AUTHTYPE_OPEN_SYSTEM;
3782
else if (params->auth_alg & WPA_AUTH_ALG_SHARED)
3783
type = NL80211_AUTHTYPE_SHARED_KEY;
3784
else if (params->auth_alg & WPA_AUTH_ALG_LEAP)
3785
type = NL80211_AUTHTYPE_NETWORK_EAP;
3786
else if (params->auth_alg & WPA_AUTH_ALG_FT)
3787
type = NL80211_AUTHTYPE_FT;
3788
else
3789
goto nla_put_failure;
3790
3791
wpa_printf(MSG_DEBUG, " * Auth Type %d", type);
3792
NLA_PUT_U32(msg, NL80211_ATTR_AUTH_TYPE, type);
3793
3794
if (params->wpa_ie && params->wpa_ie_len) {
3795
enum nl80211_wpa_versions ver;
3796
3797
if (params->wpa_ie[0] == WLAN_EID_RSN)
3798
ver = NL80211_WPA_VERSION_2;
3799
else
3800
ver = NL80211_WPA_VERSION_1;
3801
3802
wpa_printf(MSG_DEBUG, " * WPA Version %d", ver);
3803
NLA_PUT_U32(msg, NL80211_ATTR_WPA_VERSIONS, ver);
3804
}
3805
3806
if (params->pairwise_suite != CIPHER_NONE) {
3807
int cipher;
3808
3809
switch (params->pairwise_suite) {
3810
case CIPHER_WEP40:
3811
cipher = WLAN_CIPHER_SUITE_WEP40;
3812
break;
3813
case CIPHER_WEP104:
3814
cipher = WLAN_CIPHER_SUITE_WEP104;
3815
break;
3816
case CIPHER_CCMP:
3817
cipher = WLAN_CIPHER_SUITE_CCMP;
3818
break;
3819
case CIPHER_TKIP:
3820
default:
3821
cipher = WLAN_CIPHER_SUITE_TKIP;
3822
break;
3823
}
3824
NLA_PUT_U32(msg, NL80211_ATTR_CIPHER_SUITES_PAIRWISE, cipher);
3825
}
3826
3827
if (params->group_suite != CIPHER_NONE) {
3828
int cipher;
3829
3830
switch (params->group_suite) {
3831
case CIPHER_WEP40:
3832
cipher = WLAN_CIPHER_SUITE_WEP40;
3833
break;
3834
case CIPHER_WEP104:
3835
cipher = WLAN_CIPHER_SUITE_WEP104;
3836
break;
3837
case CIPHER_CCMP:
3838
cipher = WLAN_CIPHER_SUITE_CCMP;
3839
break;
3840
case CIPHER_TKIP:
3841
default:
3842
cipher = WLAN_CIPHER_SUITE_TKIP;
3843
break;
3844
}
3845
NLA_PUT_U32(msg, NL80211_ATTR_CIPHER_SUITE_GROUP, cipher);
3846
}
3847
3848
if (params->key_mgmt_suite == KEY_MGMT_802_1X ||
3849
params->key_mgmt_suite == KEY_MGMT_PSK) {
3850
int mgmt = WLAN_AKM_SUITE_PSK;
3851
3852
switch (params->key_mgmt_suite) {
3853
case KEY_MGMT_802_1X:
3854
mgmt = WLAN_AKM_SUITE_8021X;
3855
break;
3856
case KEY_MGMT_PSK:
3857
default:
3858
mgmt = WLAN_AKM_SUITE_PSK;
3859
break;
3860
}
3861
NLA_PUT_U32(msg, NL80211_ATTR_AKM_SUITES, mgmt);
3862
}
3863
3864
ret = nl80211_set_conn_keys(params, msg);
3865
if (ret)
3866
goto nla_put_failure;
3867
3868
ret = send_and_recv_msgs(drv, msg, NULL, NULL);
3869
msg = NULL;
3870
if (ret) {
3871
wpa_printf(MSG_DEBUG, "nl80211: MLME connect failed: ret=%d "
3872
"(%s)", ret, strerror(-ret));
3873
goto nla_put_failure;
3874
}
3875
ret = 0;
3876
wpa_printf(MSG_DEBUG, "nl80211: Connect request send successfully");
3877
3878
nla_put_failure:
3879
nlmsg_free(msg);
3880
return ret;
3881
3882
}
3883
3884
3885
static int wpa_driver_nl80211_associate(
3886
void *priv, struct wpa_driver_associate_params *params)
3887
{
3888
struct i802_bss *bss = priv;
3889
struct wpa_driver_nl80211_data *drv = bss->drv;
3890
int ret = -1;
3891
struct nl_msg *msg;
3892
3893
if (params->mode == IEEE80211_MODE_AP)
3894
return wpa_driver_nl80211_ap(drv, params);
3895
3896
if (params->mode == IEEE80211_MODE_IBSS)
3897
return wpa_driver_nl80211_ibss(drv, params);
3898
3899
if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME)) {
3900
if (wpa_driver_nl80211_set_mode(priv, params->mode) < 0)
3901
return -1;
3902
return wpa_driver_nl80211_connect(drv, params);
3903
}
3904
3905
drv->associated = 0;
3906
3907
msg = nlmsg_alloc();
3908
if (!msg)
3909
return -1;
3910
3911
wpa_printf(MSG_DEBUG, "nl80211: Associate (ifindex=%d)",
3912
drv->ifindex);
3913
genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
3914
NL80211_CMD_ASSOCIATE, 0);
3915
3916
NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
3917
if (params->bssid) {
3918
wpa_printf(MSG_DEBUG, " * bssid=" MACSTR,
3919
MAC2STR(params->bssid));
3920
NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid);
3921
}
3922
if (params->freq) {
3923
wpa_printf(MSG_DEBUG, " * freq=%d", params->freq);
3924
NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, params->freq);
3925
drv->assoc_freq = params->freq;
3926
} else
3927
drv->assoc_freq = 0;
3928
if (params->ssid) {
3929
wpa_hexdump_ascii(MSG_DEBUG, " * SSID",
3930
params->ssid, params->ssid_len);
3931
NLA_PUT(msg, NL80211_ATTR_SSID, params->ssid_len,
3932
params->ssid);
3933
if (params->ssid_len > sizeof(drv->ssid))
3934
goto nla_put_failure;
3935
os_memcpy(drv->ssid, params->ssid, params->ssid_len);
3936
drv->ssid_len = params->ssid_len;
3937
}
3938
wpa_hexdump(MSG_DEBUG, " * IEs", params->wpa_ie, params->wpa_ie_len);
3939
if (params->wpa_ie)
3940
NLA_PUT(msg, NL80211_ATTR_IE, params->wpa_ie_len,
3941
params->wpa_ie);
3942
3943
#ifdef CONFIG_IEEE80211W
3944
if (params->mgmt_frame_protection == MGMT_FRAME_PROTECTION_REQUIRED)
3945
NLA_PUT_U32(msg, NL80211_ATTR_USE_MFP, NL80211_MFP_REQUIRED);
3946
#endif /* CONFIG_IEEE80211W */
3947
3948
NLA_PUT_FLAG(msg, NL80211_ATTR_CONTROL_PORT);
3949
3950
if (params->prev_bssid) {
3951
wpa_printf(MSG_DEBUG, " * prev_bssid=" MACSTR,
3952
MAC2STR(params->prev_bssid));
3953
NLA_PUT(msg, NL80211_ATTR_PREV_BSSID, ETH_ALEN,
3954
params->prev_bssid);
3955
}
3956
3957
ret = send_and_recv_msgs(drv, msg, NULL, NULL);
3958
msg = NULL;
3959
if (ret) {
3960
wpa_printf(MSG_DEBUG, "nl80211: MLME command failed: ret=%d "
3961
"(%s)", ret, strerror(-ret));
3962
nl80211_dump_scan(drv);
3963
goto nla_put_failure;
3964
}
3965
ret = 0;
3966
wpa_printf(MSG_DEBUG, "nl80211: Association request send "
3967
"successfully");
3968
3969
nla_put_failure:
3970
nlmsg_free(msg);
3971
return ret;
3972
}
3973
3974
3975
static int nl80211_set_mode(struct wpa_driver_nl80211_data *drv,
3976
int ifindex, int mode)
3977
{
3978
struct nl_msg *msg;
3979
int ret = -ENOBUFS;
3980
3981
msg = nlmsg_alloc();
3982
if (!msg)
3983
return -ENOMEM;
3984
3985
genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
3986
0, NL80211_CMD_SET_INTERFACE, 0);
3987
NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifindex);
3988
NLA_PUT_U32(msg, NL80211_ATTR_IFTYPE, mode);
3989
3990
ret = send_and_recv_msgs(drv, msg, NULL, NULL);
3991
if (!ret)
3992
return 0;
3993
nla_put_failure:
3994
wpa_printf(MSG_DEBUG, "nl80211: Failed to set interface %d to mode %d:"
3995
" %d (%s)", ifindex, mode, ret, strerror(-ret));
3996
return ret;
3997
}
3998
3999
4000
static int wpa_driver_nl80211_set_mode(void *priv, int mode)
4001
{
4002
struct i802_bss *bss = priv;
4003
struct wpa_driver_nl80211_data *drv = bss->drv;
4004
int ret = -1;
4005
int nlmode;
4006
4007
switch (mode) {
4008
case 0:
4009
nlmode = NL80211_IFTYPE_STATION;
4010
break;
4011
case 1:
4012
nlmode = NL80211_IFTYPE_ADHOC;
4013
break;
4014
case 2:
4015
nlmode = NL80211_IFTYPE_AP;
4016
break;
4017
default:
4018
return -1;
4019
}
4020
4021
if (nl80211_set_mode(drv, drv->ifindex, nlmode) == 0) {
4022
drv->nlmode = nlmode;
4023
ret = 0;
4024
goto done;
4025
}
4026
4027
if (nlmode == drv->nlmode) {
4028
wpa_printf(MSG_DEBUG, "nl80211: Interface already in "
4029
"requested mode - ignore error");
4030
ret = 0;
4031
goto done; /* Already in the requested mode */
4032
}
4033
4034
/* mac80211 doesn't allow mode changes while the device is up, so
4035
* take the device down, try to set the mode again, and bring the
4036
* device back up.
4037
*/
4038
if (linux_set_iface_flags(drv->ioctl_sock, bss->ifname, 0) == 0) {
4039
/* Try to set the mode again while the interface is down */
4040
ret = nl80211_set_mode(drv, drv->ifindex, nlmode);
4041
if (linux_set_iface_flags(drv->ioctl_sock, bss->ifname, 1))
4042
ret = -1;
4043
}
4044
4045
if (!ret) {
4046
wpa_printf(MSG_DEBUG, "nl80211: Mode change succeeded while "
4047
"interface is down");
4048
drv->nlmode = nlmode;
4049
}
4050
4051
done:
4052
if (!ret && nlmode == NL80211_IFTYPE_AP) {
4053
/* Setup additional AP mode functionality if needed */
4054
if (drv->monitor_ifidx < 0 &&
4055
nl80211_create_monitor_interface(drv))
4056
return -1;
4057
} else if (!ret && nlmode != NL80211_IFTYPE_AP) {
4058
/* Remove additional AP mode functionality */
4059
nl80211_remove_monitor_interface(drv);
4060
bss->beacon_set = 0;
4061
}
4062
4063
if (ret)
4064
wpa_printf(MSG_DEBUG, "nl80211: Interface mode change to %d "
4065
"from %d failed", nlmode, drv->nlmode);
4066
4067
return ret;
4068
}
4069
4070
4071
static int wpa_driver_nl80211_get_capa(void *priv,
4072
struct wpa_driver_capa *capa)
4073
{
4074
struct i802_bss *bss = priv;
4075
struct wpa_driver_nl80211_data *drv = bss->drv;
4076
if (!drv->has_capability)
4077
return -1;
4078
os_memcpy(capa, &drv->capa, sizeof(*capa));
4079
return 0;
4080
}
4081
4082
4083
static int wpa_driver_nl80211_set_operstate(void *priv, int state)
4084
{
4085
struct i802_bss *bss = priv;
4086
struct wpa_driver_nl80211_data *drv = bss->drv;
4087
4088
wpa_printf(MSG_DEBUG, "%s: operstate %d->%d (%s)",
4089
__func__, drv->operstate, state, state ? "UP" : "DORMANT");
4090
drv->operstate = state;
4091
return netlink_send_oper_ifla(drv->netlink, drv->ifindex, -1,
4092
state ? IF_OPER_UP : IF_OPER_DORMANT);
4093
}
4094
4095
4096
static int wpa_driver_nl80211_set_supp_port(void *priv, int authorized)
4097
{
4098
struct i802_bss *bss = priv;
4099
struct wpa_driver_nl80211_data *drv = bss->drv;
4100
struct nl_msg *msg;
4101
struct nl80211_sta_flag_update upd;
4102
4103
msg = nlmsg_alloc();
4104
if (!msg)
4105
return -ENOMEM;
4106
4107
genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
4108
0, NL80211_CMD_SET_STATION, 0);
4109
4110
NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
4111
if_nametoindex(bss->ifname));
4112
NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, drv->bssid);
4113
4114
os_memset(&upd, 0, sizeof(upd));
4115
upd.mask = BIT(NL80211_STA_FLAG_AUTHORIZED);
4116
if (authorized)
4117
upd.set = BIT(NL80211_STA_FLAG_AUTHORIZED);
4118
NLA_PUT(msg, NL80211_ATTR_STA_FLAGS2, sizeof(upd), &upd);
4119
4120
return send_and_recv_msgs(drv, msg, NULL, NULL);
4121
nla_put_failure:
4122
return -ENOBUFS;
4123
}
4124
4125
4126
#ifdef HOSTAPD
4127
4128
static void add_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx)
4129
{
4130
int i;
4131
int *old;
4132
4133
wpa_printf(MSG_DEBUG, "nl80211: Add own interface ifindex %d",
4134
ifidx);
4135
for (i = 0; i < drv->num_if_indices; i++) {
4136
if (drv->if_indices[i] == 0) {
4137
drv->if_indices[i] = ifidx;
4138
return;
4139
}
4140
}
4141
4142
if (drv->if_indices != drv->default_if_indices)
4143
old = drv->if_indices;
4144
else
4145
old = NULL;
4146
4147
drv->if_indices = os_realloc(old,
4148
sizeof(int) * (drv->num_if_indices + 1));
4149
if (!drv->if_indices) {
4150
if (!old)
4151
drv->if_indices = drv->default_if_indices;
4152
else
4153
drv->if_indices = old;
4154
wpa_printf(MSG_ERROR, "Failed to reallocate memory for "
4155
"interfaces");
4156
wpa_printf(MSG_ERROR, "Ignoring EAPOL on interface %d", ifidx);
4157
return;
4158
} else if (!old)
4159
os_memcpy(drv->if_indices, drv->default_if_indices,
4160
sizeof(drv->default_if_indices));
4161
drv->if_indices[drv->num_if_indices] = ifidx;
4162
drv->num_if_indices++;
4163
}
4164
4165
4166
static void del_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx)
4167
{
4168
int i;
4169
4170
for (i = 0; i < drv->num_if_indices; i++) {
4171
if (drv->if_indices[i] == ifidx) {
4172
drv->if_indices[i] = 0;
4173
break;
4174
}
4175
}
4176
}
4177
4178
4179
static int have_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx)
4180
{
4181
int i;
4182
4183
for (i = 0; i < drv->num_if_indices; i++)
4184
if (drv->if_indices[i] == ifidx)
4185
return 1;
4186
4187
return 0;
4188
}
4189
4190
4191
static inline int min_int(int a, int b)
4192
{
4193
if (a < b)
4194
return a;
4195
return b;
4196
}
4197
4198
4199
static int get_key_handler(struct nl_msg *msg, void *arg)
4200
{
4201
struct nlattr *tb[NL80211_ATTR_MAX + 1];
4202
struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
4203
4204
nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
4205
genlmsg_attrlen(gnlh, 0), NULL);
4206
4207
/*
4208
* TODO: validate the key index and mac address!
4209
* Otherwise, there's a race condition as soon as
4210
* the kernel starts sending key notifications.
4211
*/
4212
4213
if (tb[NL80211_ATTR_KEY_SEQ])
4214
memcpy(arg, nla_data(tb[NL80211_ATTR_KEY_SEQ]),
4215
min_int(nla_len(tb[NL80211_ATTR_KEY_SEQ]), 6));
4216
return NL_SKIP;
4217
}
4218
4219
4220
static int i802_get_seqnum(const char *iface, void *priv, const u8 *addr,
4221
int idx, u8 *seq)
4222
{
4223
struct i802_bss *bss = priv;
4224
struct wpa_driver_nl80211_data *drv = bss->drv;
4225
struct nl_msg *msg;
4226
4227
msg = nlmsg_alloc();
4228
if (!msg)
4229
return -ENOMEM;
4230
4231
genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
4232
0, NL80211_CMD_GET_KEY, 0);
4233
4234
if (addr)
4235
NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
4236
NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, idx);
4237
NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(iface));
4238
4239
memset(seq, 0, 6);
4240
4241
return send_and_recv_msgs(drv, msg, get_key_handler, seq);
4242
nla_put_failure:
4243
return -ENOBUFS;
4244
}
4245
4246
4247
static int i802_set_rate_sets(void *priv, int *supp_rates, int *basic_rates,
4248
int mode)
4249
{
4250
struct i802_bss *bss = priv;
4251
struct wpa_driver_nl80211_data *drv = bss->drv;
4252
struct nl_msg *msg;
4253
u8 rates[NL80211_MAX_SUPP_RATES];
4254
u8 rates_len = 0;
4255
int i;
4256
4257
msg = nlmsg_alloc();
4258
if (!msg)
4259
return -ENOMEM;
4260
4261
genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
4262
NL80211_CMD_SET_BSS, 0);
4263
4264
for (i = 0; i < NL80211_MAX_SUPP_RATES && basic_rates[i] >= 0; i++)
4265
rates[rates_len++] = basic_rates[i] / 5;
4266
4267
NLA_PUT(msg, NL80211_ATTR_BSS_BASIC_RATES, rates_len, rates);
4268
4269
NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(bss->ifname));
4270
4271
return send_and_recv_msgs(drv, msg, NULL, NULL);
4272
nla_put_failure:
4273
return -ENOBUFS;
4274
}
4275
4276
#endif /* HOSTAPD */
4277
4278
4279
/* Set kernel driver on given frequency (MHz) */
4280
static int i802_set_freq(void *priv, struct hostapd_freq_params *freq)
4281
{
4282
struct i802_bss *bss = priv;
4283
struct wpa_driver_nl80211_data *drv = bss->drv;
4284
return wpa_driver_nl80211_set_freq(drv, freq->freq, freq->ht_enabled,
4285
freq->sec_channel_offset);
4286
}
4287
4288
4289
#ifdef HOSTAPD
4290
4291
static int i802_set_rts(void *priv, int rts)
4292
{
4293
struct i802_bss *bss = priv;
4294
struct wpa_driver_nl80211_data *drv = bss->drv;
4295
struct nl_msg *msg;
4296
int ret = -ENOBUFS;
4297
u32 val;
4298
4299
msg = nlmsg_alloc();
4300
if (!msg)
4301
return -ENOMEM;
4302
4303
if (rts >= 2347)
4304
val = (u32) -1;
4305
else
4306
val = rts;
4307
4308
genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
4309
0, NL80211_CMD_SET_WIPHY, 0);
4310
NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
4311
NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_RTS_THRESHOLD, val);
4312
4313
ret = send_and_recv_msgs(drv, msg, NULL, NULL);
4314
if (!ret)
4315
return 0;
4316
nla_put_failure:
4317
wpa_printf(MSG_DEBUG, "nl80211: Failed to set RTS threshold %d: "
4318
"%d (%s)", rts, ret, strerror(-ret));
4319
return ret;
4320
}
4321
4322
4323
static int i802_set_frag(void *priv, int frag)
4324
{
4325
struct i802_bss *bss = priv;
4326
struct wpa_driver_nl80211_data *drv = bss->drv;
4327
struct nl_msg *msg;
4328
int ret = -ENOBUFS;
4329
u32 val;
4330
4331
msg = nlmsg_alloc();
4332
if (!msg)
4333
return -ENOMEM;
4334
4335
if (frag >= 2346)
4336
val = (u32) -1;
4337
else
4338
val = frag;
4339
4340
genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
4341
0, NL80211_CMD_SET_WIPHY, 0);
4342
NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
4343
NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FRAG_THRESHOLD, val);
4344
4345
ret = send_and_recv_msgs(drv, msg, NULL, NULL);
4346
if (!ret)
4347
return 0;
4348
nla_put_failure:
4349
wpa_printf(MSG_DEBUG, "nl80211: Failed to set fragmentation threshold "
4350
"%d: %d (%s)", frag, ret, strerror(-ret));
4351
return ret;
4352
}
4353
4354
4355
static int i802_flush(void *priv)
4356
{
4357
struct i802_bss *bss = priv;
4358
struct wpa_driver_nl80211_data *drv = bss->drv;
4359
struct nl_msg *msg;
4360
4361
msg = nlmsg_alloc();
4362
if (!msg)
4363
return -1;
4364
4365
genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
4366
0, NL80211_CMD_DEL_STATION, 0);
4367
4368
/*
4369
* XXX: FIX! this needs to flush all VLANs too
4370
*/
4371
NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
4372
if_nametoindex(bss->ifname));
4373
4374
return send_and_recv_msgs(drv, msg, NULL, NULL);
4375
nla_put_failure:
4376
return -ENOBUFS;
4377
}
4378
4379
4380
static int get_sta_handler(struct nl_msg *msg, void *arg)
4381
{
4382
struct nlattr *tb[NL80211_ATTR_MAX + 1];
4383
struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
4384
struct hostap_sta_driver_data *data = arg;
4385
struct nlattr *stats[NL80211_STA_INFO_MAX + 1];
4386
static struct nla_policy stats_policy[NL80211_STA_INFO_MAX + 1] = {
4387
[NL80211_STA_INFO_INACTIVE_TIME] = { .type = NLA_U32 },
4388
[NL80211_STA_INFO_RX_BYTES] = { .type = NLA_U32 },
4389
[NL80211_STA_INFO_TX_BYTES] = { .type = NLA_U32 },
4390
[NL80211_STA_INFO_RX_PACKETS] = { .type = NLA_U32 },
4391
[NL80211_STA_INFO_TX_PACKETS] = { .type = NLA_U32 },
4392
};
4393
4394
nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
4395
genlmsg_attrlen(gnlh, 0), NULL);
4396
4397
/*
4398
* TODO: validate the interface and mac address!
4399
* Otherwise, there's a race condition as soon as
4400
* the kernel starts sending station notifications.
4401
*/
4402
4403
if (!tb[NL80211_ATTR_STA_INFO]) {
4404
wpa_printf(MSG_DEBUG, "sta stats missing!");
4405
return NL_SKIP;
4406
}
4407
if (nla_parse_nested(stats, NL80211_STA_INFO_MAX,
4408
tb[NL80211_ATTR_STA_INFO],
4409
stats_policy)) {
4410
wpa_printf(MSG_DEBUG, "failed to parse nested attributes!");
4411
return NL_SKIP;
4412
}
4413
4414
if (stats[NL80211_STA_INFO_INACTIVE_TIME])
4415
data->inactive_msec =
4416
nla_get_u32(stats[NL80211_STA_INFO_INACTIVE_TIME]);
4417
if (stats[NL80211_STA_INFO_RX_BYTES])
4418
data->rx_bytes = nla_get_u32(stats[NL80211_STA_INFO_RX_BYTES]);
4419
if (stats[NL80211_STA_INFO_TX_BYTES])
4420
data->tx_bytes = nla_get_u32(stats[NL80211_STA_INFO_TX_BYTES]);
4421
if (stats[NL80211_STA_INFO_RX_PACKETS])
4422
data->rx_packets =
4423
nla_get_u32(stats[NL80211_STA_INFO_RX_PACKETS]);
4424
if (stats[NL80211_STA_INFO_TX_PACKETS])
4425
data->tx_packets =
4426
nla_get_u32(stats[NL80211_STA_INFO_TX_PACKETS]);
4427
4428
return NL_SKIP;
4429
}
4430
4431
static int i802_read_sta_data(void *priv, struct hostap_sta_driver_data *data,
4432
const u8 *addr)
4433
{
4434
struct i802_bss *bss = priv;
4435
struct wpa_driver_nl80211_data *drv = bss->drv;
4436
struct nl_msg *msg;
4437
4438
os_memset(data, 0, sizeof(*data));
4439
msg = nlmsg_alloc();
4440
if (!msg)
4441
return -ENOMEM;
4442
4443
genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
4444
0, NL80211_CMD_GET_STATION, 0);
4445
4446
NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
4447
NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(bss->ifname));
4448
4449
return send_and_recv_msgs(drv, msg, get_sta_handler, data);
4450
nla_put_failure:
4451
return -ENOBUFS;
4452
}
4453
4454
4455
static int i802_set_tx_queue_params(void *priv, int queue, int aifs,
4456
int cw_min, int cw_max, int burst_time)
4457
{
4458
struct i802_bss *bss = priv;
4459
struct wpa_driver_nl80211_data *drv = bss->drv;
4460
struct nl_msg *msg;
4461
struct nlattr *txq, *params;
4462
4463
msg = nlmsg_alloc();
4464
if (!msg)
4465
return -1;
4466
4467
genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
4468
0, NL80211_CMD_SET_WIPHY, 0);
4469
4470
NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(bss->ifname));
4471
4472
txq = nla_nest_start(msg, NL80211_ATTR_WIPHY_TXQ_PARAMS);
4473
if (!txq)
4474
goto nla_put_failure;
4475
4476
/* We are only sending parameters for a single TXQ at a time */
4477
params = nla_nest_start(msg, 1);
4478
if (!params)
4479
goto nla_put_failure;
4480
4481
NLA_PUT_U8(msg, NL80211_TXQ_ATTR_QUEUE, queue);
4482
/* Burst time is configured in units of 0.1 msec and TXOP parameter in
4483
* 32 usec, so need to convert the value here. */
4484
NLA_PUT_U16(msg, NL80211_TXQ_ATTR_TXOP, (burst_time * 100 + 16) / 32);
4485
NLA_PUT_U16(msg, NL80211_TXQ_ATTR_CWMIN, cw_min);
4486
NLA_PUT_U16(msg, NL80211_TXQ_ATTR_CWMAX, cw_max);
4487
NLA_PUT_U8(msg, NL80211_TXQ_ATTR_AIFS, aifs);
4488
4489
nla_nest_end(msg, params);
4490
4491
nla_nest_end(msg, txq);
4492
4493
if (send_and_recv_msgs(drv, msg, NULL, NULL) == 0)
4494
return 0;
4495
nla_put_failure:
4496
return -1;
4497
}
4498
4499
4500
static int i802_set_bss(void *priv, int cts, int preamble, int slot)
4501
{
4502
struct i802_bss *bss = priv;
4503
struct wpa_driver_nl80211_data *drv = bss->drv;
4504
struct nl_msg *msg;
4505
4506
msg = nlmsg_alloc();
4507
if (!msg)
4508
return -ENOMEM;
4509
4510
genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
4511
NL80211_CMD_SET_BSS, 0);
4512
4513
if (cts >= 0)
4514
NLA_PUT_U8(msg, NL80211_ATTR_BSS_CTS_PROT, cts);
4515
if (preamble >= 0)
4516
NLA_PUT_U8(msg, NL80211_ATTR_BSS_SHORT_PREAMBLE, preamble);
4517
if (slot >= 0)
4518
NLA_PUT_U8(msg, NL80211_ATTR_BSS_SHORT_SLOT_TIME, slot);
4519
4520
NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(bss->ifname));
4521
4522
return send_and_recv_msgs(drv, msg, NULL, NULL);
4523
nla_put_failure:
4524
return -ENOBUFS;
4525
}
4526
4527
4528
static int i802_set_cts_protect(void *priv, int value)
4529
{
4530
return i802_set_bss(priv, value, -1, -1);
4531
}
4532
4533
4534
static int i802_set_preamble(void *priv, int value)
4535
{
4536
return i802_set_bss(priv, -1, value, -1);
4537
}
4538
4539
4540
static int i802_set_short_slot_time(void *priv, int value)
4541
{
4542
return i802_set_bss(priv, -1, -1, value);
4543
}
4544
4545
4546
static int i802_set_sta_vlan(void *priv, const u8 *addr,
4547
const char *ifname, int vlan_id)
4548
{
4549
struct i802_bss *bss = priv;
4550
struct wpa_driver_nl80211_data *drv = bss->drv;
4551
struct nl_msg *msg;
4552
int ret = -ENOBUFS;
4553
4554
msg = nlmsg_alloc();
4555
if (!msg)
4556
return -ENOMEM;
4557
4558
genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
4559
0, NL80211_CMD_SET_STATION, 0);
4560
4561
NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
4562
if_nametoindex(bss->ifname));
4563
NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
4564
NLA_PUT_U32(msg, NL80211_ATTR_STA_VLAN,
4565
if_nametoindex(ifname));
4566
4567
ret = send_and_recv_msgs(drv, msg, NULL, NULL);
4568
if (ret < 0) {
4569
wpa_printf(MSG_ERROR, "nl80211: NL80211_ATTR_STA_VLAN (addr="
4570
MACSTR " ifname=%s vlan_id=%d) failed: %d (%s)",
4571
MAC2STR(addr), ifname, vlan_id, ret,
4572
strerror(-ret));
4573
}
4574
nla_put_failure:
4575
return ret;
4576
}
4577
4578
4579
static int i802_set_wds_sta(void *priv, const u8 *addr, int aid, int val)
4580
{
4581
struct i802_bss *bss = priv;
4582
struct wpa_driver_nl80211_data *drv = bss->drv;
4583
char name[IFNAMSIZ + 1];
4584
4585
os_snprintf(name, sizeof(name), "%s.sta%d", bss->ifname, aid);
4586
wpa_printf(MSG_DEBUG, "nl80211: Set WDS STA addr=" MACSTR
4587
" aid=%d val=%d name=%s", MAC2STR(addr), aid, val, name);
4588
if (val) {
4589
if (nl80211_create_iface(drv, name, NL80211_IFTYPE_AP_VLAN,
4590
NULL, 1) < 0)
4591
return -1;
4592
linux_set_iface_flags(drv->ioctl_sock, name, 1);
4593
return i802_set_sta_vlan(priv, addr, name, 0);
4594
} else {
4595
i802_set_sta_vlan(priv, addr, bss->ifname, 0);
4596
return wpa_driver_nl80211_if_remove(priv, WPA_IF_AP_VLAN,
4597
name);
4598
}
4599
}
4600
4601
4602
static void handle_eapol(int sock, void *eloop_ctx, void *sock_ctx)
4603
{
4604
struct wpa_driver_nl80211_data *drv = eloop_ctx;
4605
struct sockaddr_ll lladdr;
4606
unsigned char buf[3000];
4607
int len;
4608
socklen_t fromlen = sizeof(lladdr);
4609
4610
len = recvfrom(sock, buf, sizeof(buf), 0,
4611
(struct sockaddr *)&lladdr, &fromlen);
4612
if (len < 0) {
4613
perror("recv");
4614
return;
4615
}
4616
4617
if (have_ifidx(drv, lladdr.sll_ifindex))
4618
drv_event_eapol_rx(drv->ctx, lladdr.sll_addr, buf, len);
4619
}
4620
4621
4622
static int i802_get_inact_sec(void *priv, const u8 *addr)
4623
{
4624
struct hostap_sta_driver_data data;
4625
int ret;
4626
4627
data.inactive_msec = (unsigned long) -1;
4628
ret = i802_read_sta_data(priv, &data, addr);
4629
if (ret || data.inactive_msec == (unsigned long) -1)
4630
return -1;
4631
return data.inactive_msec / 1000;
4632
}
4633
4634
4635
static int i802_sta_clear_stats(void *priv, const u8 *addr)
4636
{
4637
#if 0
4638
/* TODO */
4639
#endif
4640
return 0;
4641
}
4642
4643
4644
static int i802_sta_deauth(void *priv, const u8 *own_addr, const u8 *addr,
4645
int reason)
4646
{
4647
struct i802_bss *bss = priv;
4648
struct ieee80211_mgmt mgmt;
4649
4650
memset(&mgmt, 0, sizeof(mgmt));
4651
mgmt.frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT,
4652
WLAN_FC_STYPE_DEAUTH);
4653
memcpy(mgmt.da, addr, ETH_ALEN);
4654
memcpy(mgmt.sa, own_addr, ETH_ALEN);
4655
memcpy(mgmt.bssid, own_addr, ETH_ALEN);
4656
mgmt.u.deauth.reason_code = host_to_le16(reason);
4657
return wpa_driver_nl80211_send_mlme(bss, (u8 *) &mgmt,
4658
IEEE80211_HDRLEN +
4659
sizeof(mgmt.u.deauth));
4660
}
4661
4662
4663
static int i802_sta_disassoc(void *priv, const u8 *own_addr, const u8 *addr,
4664
int reason)
4665
{
4666
struct i802_bss *bss = priv;
4667
struct ieee80211_mgmt mgmt;
4668
4669
memset(&mgmt, 0, sizeof(mgmt));
4670
mgmt.frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT,
4671
WLAN_FC_STYPE_DISASSOC);
4672
memcpy(mgmt.da, addr, ETH_ALEN);
4673
memcpy(mgmt.sa, own_addr, ETH_ALEN);
4674
memcpy(mgmt.bssid, own_addr, ETH_ALEN);
4675
mgmt.u.disassoc.reason_code = host_to_le16(reason);
4676
return wpa_driver_nl80211_send_mlme(bss, (u8 *) &mgmt,
4677
IEEE80211_HDRLEN +
4678
sizeof(mgmt.u.disassoc));
4679
}
4680
4681
4682
static int i802_check_bridge(struct wpa_driver_nl80211_data *drv,
4683
const char *brname, const char *ifname)
4684
{
4685
int ifindex;
4686
char in_br[IFNAMSIZ];
4687
4688
os_strlcpy(drv->brname, brname, IFNAMSIZ);
4689
ifindex = if_nametoindex(brname);
4690
if (ifindex == 0) {
4691
/*
4692
* Bridge was configured, but the bridge device does
4693
* not exist. Try to add it now.
4694
*/
4695
if (linux_br_add(drv->ioctl_sock, brname) < 0) {
4696
wpa_printf(MSG_ERROR, "nl80211: Failed to add the "
4697
"bridge interface %s: %s",
4698
brname, strerror(errno));
4699
return -1;
4700
}
4701
drv->added_bridge = 1;
4702
add_ifidx(drv, if_nametoindex(brname));
4703
}
4704
4705
if (linux_br_get(in_br, ifname) == 0) {
4706
if (os_strcmp(in_br, brname) == 0)
4707
return 0; /* already in the bridge */
4708
4709
wpa_printf(MSG_DEBUG, "nl80211: Removing interface %s from "
4710
"bridge %s", ifname, in_br);
4711
if (linux_br_del_if(drv->ioctl_sock, in_br, ifname) < 0) {
4712
wpa_printf(MSG_ERROR, "nl80211: Failed to "
4713
"remove interface %s from bridge "
4714
"%s: %s",
4715
ifname, brname, strerror(errno));
4716
return -1;
4717
}
4718
}
4719
4720
wpa_printf(MSG_DEBUG, "nl80211: Adding interface %s into bridge %s",
4721
ifname, brname);
4722
if (linux_br_add_if(drv->ioctl_sock, brname, ifname) < 0) {
4723
wpa_printf(MSG_ERROR, "nl80211: Failed to add interface %s "
4724
"into bridge %s: %s",
4725
ifname, brname, strerror(errno));
4726
return -1;
4727
}
4728
drv->added_if_into_bridge = 1;
4729
4730
return 0;
4731
}
4732
4733
4734
static void *i802_init(struct hostapd_data *hapd,
4735
struct wpa_init_params *params)
4736
{
4737
struct wpa_driver_nl80211_data *drv;
4738
struct i802_bss *bss;
4739
size_t i;
4740
char brname[IFNAMSIZ];
4741
int ifindex, br_ifindex;
4742
int br_added = 0;
4743
4744
bss = wpa_driver_nl80211_init(hapd, params->ifname);
4745
if (bss == NULL)
4746
return NULL;
4747
4748
drv = bss->drv;
4749
if (linux_br_get(brname, params->ifname) == 0) {
4750
wpa_printf(MSG_DEBUG, "nl80211: Interface %s is in bridge %s",
4751
params->ifname, brname);
4752
br_ifindex = if_nametoindex(brname);
4753
} else {
4754
brname[0] = '\0';
4755
br_ifindex = 0;
4756
}
4757
4758
drv->num_if_indices = sizeof(drv->default_if_indices) / sizeof(int);
4759
drv->if_indices = drv->default_if_indices;
4760
for (i = 0; i < params->num_bridge; i++) {
4761
if (params->bridge[i]) {
4762
ifindex = if_nametoindex(params->bridge[i]);
4763
if (ifindex)
4764
add_ifidx(drv, ifindex);
4765
if (ifindex == br_ifindex)
4766
br_added = 1;
4767
}
4768
}
4769
if (!br_added && br_ifindex &&
4770
(params->num_bridge == 0 || !params->bridge[0]))
4771
add_ifidx(drv, br_ifindex);
4772
4773
/* start listening for EAPOL on the default AP interface */
4774
add_ifidx(drv, drv->ifindex);
4775
4776
if (linux_set_iface_flags(drv->ioctl_sock, bss->ifname, 0))
4777
goto failed;
4778
4779
if (params->bssid) {
4780
if (linux_set_ifhwaddr(drv->ioctl_sock, bss->ifname,
4781
params->bssid))
4782
goto failed;
4783
}
4784
4785
if (wpa_driver_nl80211_set_mode(bss, IEEE80211_MODE_AP)) {
4786
wpa_printf(MSG_ERROR, "nl80211: Failed to set interface %s "
4787
"into AP mode", bss->ifname);
4788
goto failed;
4789
}
4790
4791
if (params->num_bridge && params->bridge[0] &&
4792
i802_check_bridge(drv, params->bridge[0], params->ifname) < 0)
4793
goto failed;
4794
4795
if (linux_set_iface_flags(drv->ioctl_sock, bss->ifname, 1))
4796
goto failed;
4797
4798
drv->eapol_sock = socket(PF_PACKET, SOCK_DGRAM, htons(ETH_P_PAE));
4799
if (drv->eapol_sock < 0) {
4800
perror("socket(PF_PACKET, SOCK_DGRAM, ETH_P_PAE)");
4801
goto failed;
4802
}
4803
4804
if (eloop_register_read_sock(drv->eapol_sock, handle_eapol, drv, NULL))
4805
{
4806
printf("Could not register read socket for eapol\n");
4807
goto failed;
4808
}
4809
4810
if (linux_get_ifhwaddr(drv->ioctl_sock, bss->ifname, params->own_addr))
4811
goto failed;
4812
4813
return bss;
4814
4815
failed:
4816
nl80211_remove_monitor_interface(drv);
4817
if (drv->ioctl_sock >= 0)
4818
close(drv->ioctl_sock);
4819
4820
genl_family_put(drv->nl80211);
4821
nl_cache_free(drv->nl_cache);
4822
nl_handle_destroy(drv->nl_handle);
4823
nl_cb_put(drv->nl_cb);
4824
4825
os_free(drv);
4826
return NULL;
4827
}
4828
4829
4830
static void i802_deinit(void *priv)
4831
{
4832
wpa_driver_nl80211_deinit(priv);
4833
}
4834
4835
#endif /* HOSTAPD */
4836
4837
4838
static enum nl80211_iftype wpa_driver_nl80211_if_type(
4839
enum wpa_driver_if_type type)
4840
{
4841
switch (type) {
4842
case WPA_IF_STATION:
4843
return NL80211_IFTYPE_STATION;
4844
case WPA_IF_AP_VLAN:
4845
return NL80211_IFTYPE_AP_VLAN;
4846
case WPA_IF_AP_BSS:
4847
return NL80211_IFTYPE_AP;
4848
}
4849
return -1;
4850
}
4851
4852
4853
static int wpa_driver_nl80211_if_add(void *priv, enum wpa_driver_if_type type,
4854
const char *ifname, const u8 *addr,
4855
void *bss_ctx, void **drv_priv,
4856
char *force_ifname, u8 *if_addr)
4857
{
4858
struct i802_bss *bss = priv;
4859
struct wpa_driver_nl80211_data *drv = bss->drv;
4860
int ifidx;
4861
#ifdef HOSTAPD
4862
struct i802_bss *new_bss = NULL;
4863
4864
if (type == WPA_IF_AP_BSS) {
4865
new_bss = os_zalloc(sizeof(*new_bss));
4866
if (new_bss == NULL)
4867
return -1;
4868
}
4869
#endif /* HOSTAPD */
4870
4871
if (addr)
4872
os_memcpy(if_addr, addr, ETH_ALEN);
4873
ifidx = nl80211_create_iface(drv, ifname,
4874
wpa_driver_nl80211_if_type(type), addr,
4875
0);
4876
if (ifidx < 0) {
4877
#ifdef HOSTAPD
4878
os_free(new_bss);
4879
#endif /* HOSTAPD */
4880
return -1;
4881
}
4882
4883
if (!addr &&
4884
linux_get_ifhwaddr(drv->ioctl_sock, bss->ifname, if_addr) < 0)
4885
return -1;
4886
4887
#ifdef HOSTAPD
4888
if (type == WPA_IF_AP_BSS) {
4889
if (linux_set_iface_flags(drv->ioctl_sock, ifname, 1)) {
4890
nl80211_remove_iface(drv, ifidx);
4891
os_free(new_bss);
4892
return -1;
4893
}
4894
os_strlcpy(new_bss->ifname, ifname, IFNAMSIZ);
4895
new_bss->ifindex = ifidx;
4896
new_bss->drv = drv;
4897
new_bss->next = drv->first_bss.next;
4898
drv->first_bss.next = new_bss;
4899
if (drv_priv)
4900
*drv_priv = new_bss;
4901
}
4902
#endif /* HOSTAPD */
4903
4904
return 0;
4905
}
4906
4907
4908
static int wpa_driver_nl80211_if_remove(void *priv,
4909
enum wpa_driver_if_type type,
4910
const char *ifname)
4911
{
4912
struct i802_bss *bss = priv;
4913
struct wpa_driver_nl80211_data *drv = bss->drv;
4914
int ifindex = if_nametoindex(ifname);
4915
4916
wpa_printf(MSG_DEBUG, "nl80211: %s(type=%d ifname=%s) ifindex=%d",
4917
__func__, type, ifname, ifindex);
4918
if (ifindex <= 0)
4919
return -1;
4920
nl80211_remove_iface(drv, ifindex);
4921
4922
#ifdef HOSTAPD
4923
if (type != WPA_IF_AP_BSS)
4924
return 0;
4925
4926
if (bss != &drv->first_bss) {
4927
struct i802_bss *tbss = &drv->first_bss;
4928
4929
while (tbss) {
4930
if (tbss->next != bss)
4931
continue;
4932
4933
tbss->next = bss->next;
4934
os_free(bss);
4935
break;
4936
}
4937
}
4938
#endif /* HOSTAPD */
4939
4940
return 0;
4941
}
4942
4943
4944
static int cookie_handler(struct nl_msg *msg, void *arg)
4945
{
4946
struct nlattr *tb[NL80211_ATTR_MAX + 1];
4947
struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
4948
u64 *cookie = arg;
4949
nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
4950
genlmsg_attrlen(gnlh, 0), NULL);
4951
if (tb[NL80211_ATTR_COOKIE])
4952
*cookie = nla_get_u64(tb[NL80211_ATTR_COOKIE]);
4953
return NL_SKIP;
4954
}
4955
4956
4957
static int wpa_driver_nl80211_send_action(void *priv, unsigned int freq,
4958
const u8 *dst, const u8 *src,
4959
const u8 *bssid,
4960
const u8 *data, size_t data_len)
4961
{
4962
struct i802_bss *bss = priv;
4963
struct wpa_driver_nl80211_data *drv = bss->drv;
4964
int ret = -1;
4965
struct nl_msg *msg;
4966
u8 *buf;
4967
struct ieee80211_hdr *hdr;
4968
u64 cookie;
4969
4970
wpa_printf(MSG_DEBUG, "nl80211: Send Action frame (ifindex=%d)",
4971
drv->ifindex);
4972
4973
buf = os_zalloc(24 + data_len);
4974
if (buf == NULL)
4975
return ret;
4976
os_memcpy(buf + 24, data, data_len);
4977
hdr = (struct ieee80211_hdr *) buf;
4978
hdr->frame_control =
4979
IEEE80211_FC(WLAN_FC_TYPE_MGMT, WLAN_FC_STYPE_ACTION);
4980
os_memcpy(hdr->addr1, dst, ETH_ALEN);
4981
os_memcpy(hdr->addr2, src, ETH_ALEN);
4982
os_memcpy(hdr->addr3, bssid, ETH_ALEN);
4983
4984
if (drv->nlmode == NL80211_IFTYPE_AP) {
4985
ret = wpa_driver_nl80211_send_mlme(priv, buf, 24 + data_len);
4986
os_free(buf);
4987
return ret;
4988
}
4989
4990
msg = nlmsg_alloc();
4991
if (!msg) {
4992
os_free(buf);
4993
return -1;
4994
}
4995
4996
genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
4997
NL80211_CMD_ACTION, 0);
4998
4999
NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
5000
NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, freq);
5001
NLA_PUT(msg, NL80211_ATTR_FRAME, 24 + data_len, buf);
5002
os_free(buf);
5003
buf = NULL;
5004
5005
cookie = 0;
5006
ret = send_and_recv_msgs(drv, msg, cookie_handler, &cookie);
5007
msg = NULL;
5008
if (ret) {
5009
wpa_printf(MSG_DEBUG, "nl80211: Action command failed: ret=%d "
5010
"(%s)", ret, strerror(-ret));
5011
goto nla_put_failure;
5012
}
5013
wpa_printf(MSG_DEBUG, "nl80211: Action TX command accepted; "
5014
"cookie 0x%llx", (long long unsigned int) cookie);
5015
drv->send_action_cookie = cookie;
5016
ret = 0;
5017
5018
nla_put_failure:
5019
os_free(buf);
5020
nlmsg_free(msg);
5021
return ret;
5022
}
5023
5024
5025
static int wpa_driver_nl80211_remain_on_channel(void *priv, unsigned int freq,
5026
unsigned int duration)
5027
{
5028
struct i802_bss *bss = priv;
5029
struct wpa_driver_nl80211_data *drv = bss->drv;
5030
struct nl_msg *msg;
5031
int ret;
5032
u64 cookie;
5033
5034
msg = nlmsg_alloc();
5035
if (!msg)
5036
return -1;
5037
5038
genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
5039
NL80211_CMD_REMAIN_ON_CHANNEL, 0);
5040
5041
NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
5042
NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, freq);
5043
NLA_PUT_U32(msg, NL80211_ATTR_DURATION, duration);
5044
5045
cookie = 0;
5046
ret = send_and_recv_msgs(drv, msg, cookie_handler, &cookie);
5047
if (ret == 0) {
5048
wpa_printf(MSG_DEBUG, "nl80211: Remain-on-channel cookie "
5049
"0x%llx for freq=%u MHz duration=%u",
5050
(long long unsigned int) cookie, freq, duration);
5051
drv->remain_on_chan_cookie = cookie;
5052
return 0;
5053
}
5054
wpa_printf(MSG_DEBUG, "nl80211: Failed to request remain-on-channel "
5055
"(freq=%d): %d (%s)", freq, ret, strerror(-ret));
5056
nla_put_failure:
5057
return -1;
5058
}
5059
5060
5061
static int wpa_driver_nl80211_cancel_remain_on_channel(void *priv)
5062
{
5063
struct i802_bss *bss = priv;
5064
struct wpa_driver_nl80211_data *drv = bss->drv;
5065
struct nl_msg *msg;
5066
int ret;
5067
5068
if (!drv->pending_remain_on_chan) {
5069
wpa_printf(MSG_DEBUG, "nl80211: No pending remain-on-channel "
5070
"to cancel");
5071
return -1;
5072
}
5073
5074
wpa_printf(MSG_DEBUG, "nl80211: Cancel remain-on-channel with cookie "
5075
"0x%llx",
5076
(long long unsigned int) drv->remain_on_chan_cookie);
5077
5078
msg = nlmsg_alloc();
5079
if (!msg)
5080
return -1;
5081
5082
genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
5083
NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL, 0);
5084
5085
NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
5086
NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, drv->remain_on_chan_cookie);
5087
5088
ret = send_and_recv_msgs(drv, msg, NULL, NULL);
5089
if (ret == 0)
5090
return 0;
5091
wpa_printf(MSG_DEBUG, "nl80211: Failed to cancel remain-on-channel: "
5092
"%d (%s)", ret, strerror(-ret));
5093
nla_put_failure:
5094
return -1;
5095
}
5096
5097
5098
static void wpa_driver_nl80211_probe_req_report_timeout(void *eloop_ctx,
5099
void *timeout_ctx)
5100
{
5101
struct wpa_driver_nl80211_data *drv = eloop_ctx;
5102
if (drv->monitor_ifidx < 0)
5103
return; /* monitor interface already removed */
5104
5105
if (drv->nlmode != NL80211_IFTYPE_STATION)
5106
return; /* not in station mode anymore */
5107
5108
if (drv->probe_req_report)
5109
return; /* reporting enabled */
5110
5111
wpa_printf(MSG_DEBUG, "nl80211: Remove monitor interface due to no "
5112
"Probe Request reporting needed anymore");
5113
nl80211_remove_monitor_interface(drv);
5114
}
5115
5116
5117
static int wpa_driver_nl80211_probe_req_report(void *priv, int report)
5118
{
5119
struct i802_bss *bss = priv;
5120
struct wpa_driver_nl80211_data *drv = bss->drv;
5121
5122
if (drv->nlmode != NL80211_IFTYPE_STATION) {
5123
wpa_printf(MSG_DEBUG, "nl80211: probe_req_report control only "
5124
"allowed in station mode (iftype=%d)",
5125
drv->nlmode);
5126
return -1;
5127
}
5128
drv->probe_req_report = report;
5129
5130
if (report) {
5131
eloop_cancel_timeout(
5132
wpa_driver_nl80211_probe_req_report_timeout,
5133
drv, NULL);
5134
if (drv->monitor_ifidx < 0 &&
5135
nl80211_create_monitor_interface(drv))
5136
return -1;
5137
} else {
5138
/*
5139
* It takes a while to remove the monitor interface, so try to
5140
* avoid doing this if it is needed again shortly. Instead,
5141
* schedule the interface to be removed later if no need for it
5142
* is seen.
5143
*/
5144
wpa_printf(MSG_DEBUG, "nl80211: Scheduling monitor interface "
5145
"to be removed after 10 seconds of no use");
5146
eloop_register_timeout(
5147
10, 0, wpa_driver_nl80211_probe_req_report_timeout,
5148
drv, NULL);
5149
}
5150
5151
return 0;
5152
}
5153
5154
5155
static int nl80211_disable_11b_rates(struct wpa_driver_nl80211_data *drv,
5156
int ifindex, int disabled)
5157
{
5158
struct nl_msg *msg;
5159
struct nlattr *bands, *band;
5160
int ret;
5161
5162
msg = nlmsg_alloc();
5163
if (!msg)
5164
return -1;
5165
5166
genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
5167
NL80211_CMD_SET_TX_BITRATE_MASK, 0);
5168
NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifindex);
5169
5170
bands = nla_nest_start(msg, NL80211_ATTR_TX_RATES);
5171
if (!bands)
5172
goto nla_put_failure;
5173
5174
/*
5175
* Disable 2 GHz rates 1, 2, 5.5, 11 Mbps by masking out everything
5176
* else apart from 6, 9, 12, 18, 24, 36, 48, 54 Mbps from non-MCS
5177
* rates. All 5 GHz rates are left enabled.
5178
*/
5179
band = nla_nest_start(msg, NL80211_BAND_2GHZ);
5180
if (!band)
5181
goto nla_put_failure;
5182
NLA_PUT(msg, NL80211_TXRATE_LEGACY, 8,
5183
"\x0c\x12\x18\x24\x30\x48\x60\x6c");
5184
nla_nest_end(msg, band);
5185
5186
nla_nest_end(msg, bands);
5187
5188
ret = send_and_recv_msgs(drv, msg, NULL, NULL);
5189
msg = NULL;
5190
if (ret) {
5191
wpa_printf(MSG_DEBUG, "nl80211: Set TX rates failed: ret=%d "
5192
"(%s)", ret, strerror(-ret));
5193
}
5194
5195
return ret;
5196
5197
nla_put_failure:
5198
nlmsg_free(msg);
5199
return -1;
5200
}
5201
5202
5203
static int wpa_driver_nl80211_disable_11b_rates(void *priv, int disabled)
5204
{
5205
struct i802_bss *bss = priv;
5206
struct wpa_driver_nl80211_data *drv = bss->drv;
5207
drv->disable_11b_rates = disabled;
5208
return nl80211_disable_11b_rates(drv, drv->ifindex, disabled);
5209
}
5210
5211
5212
static int wpa_driver_nl80211_deinit_ap(void *priv)
5213
{
5214
struct i802_bss *bss = priv;
5215
struct wpa_driver_nl80211_data *drv = bss->drv;
5216
if (drv->nlmode != NL80211_IFTYPE_AP)
5217
return -1;
5218
wpa_driver_nl80211_del_beacon(drv);
5219
return wpa_driver_nl80211_set_mode(priv, IEEE80211_MODE_INFRA);
5220
}
5221
5222
5223
static void wpa_driver_nl80211_resume(void *priv)
5224
{
5225
struct i802_bss *bss = priv;
5226
struct wpa_driver_nl80211_data *drv = bss->drv;
5227
if (linux_set_iface_flags(drv->ioctl_sock, bss->ifname, 1)) {
5228
wpa_printf(MSG_DEBUG, "nl80211: Failed to set interface up on "
5229
"resume event");
5230
}
5231
}
5232
5233
5234
static int nl80211_send_ft_action(void *priv, u8 action, const u8 *target_ap,
5235
const u8 *ies, size_t ies_len)
5236
{
5237
struct i802_bss *bss = priv;
5238
struct wpa_driver_nl80211_data *drv = bss->drv;
5239
int ret;
5240
u8 *data, *pos;
5241
size_t data_len;
5242
u8 own_addr[ETH_ALEN];
5243
5244
if (linux_get_ifhwaddr(drv->ioctl_sock, bss->ifname, own_addr) < 0)
5245
return -1;
5246
5247
if (action != 1) {
5248
wpa_printf(MSG_ERROR, "nl80211: Unsupported send_ft_action "
5249
"action %d", action);
5250
return -1;
5251
}
5252
5253
/*
5254
* Action frame payload:
5255
* Category[1] = 6 (Fast BSS Transition)
5256
* Action[1] = 1 (Fast BSS Transition Request)
5257
* STA Address
5258
* Target AP Address
5259
* FT IEs
5260
*/
5261
5262
data_len = 2 + 2 * ETH_ALEN + ies_len;
5263
data = os_malloc(data_len);
5264
if (data == NULL)
5265
return -1;
5266
pos = data;
5267
*pos++ = 0x06; /* FT Action category */
5268
*pos++ = action;
5269
os_memcpy(pos, own_addr, ETH_ALEN);
5270
pos += ETH_ALEN;
5271
os_memcpy(pos, target_ap, ETH_ALEN);
5272
pos += ETH_ALEN;
5273
os_memcpy(pos, ies, ies_len);
5274
5275
ret = wpa_driver_nl80211_send_action(bss, drv->assoc_freq, drv->bssid,
5276
own_addr, drv->bssid,
5277
data, data_len);
5278
os_free(data);
5279
5280
return ret;
5281
}
5282
5283
5284
static int nl80211_signal_monitor(void *priv, int threshold, int hysteresis)
5285
{
5286
struct i802_bss *bss = priv;
5287
struct wpa_driver_nl80211_data *drv = bss->drv;
5288
struct nl_msg *msg, *cqm = NULL;
5289
5290
wpa_printf(MSG_DEBUG, "nl80211: Signal monitor threshold=%d "
5291
"hysteresis=%d", threshold, hysteresis);
5292
5293
msg = nlmsg_alloc();
5294
if (!msg)
5295
return -1;
5296
5297
genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
5298
0, NL80211_CMD_SET_CQM, 0);
5299
5300
NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, bss->ifindex);
5301
5302
cqm = nlmsg_alloc();
5303
if (cqm == NULL)
5304
return -1;
5305
5306
NLA_PUT_U32(cqm, NL80211_ATTR_CQM_RSSI_THOLD, threshold);
5307
NLA_PUT_U32(cqm, NL80211_ATTR_CQM_RSSI_HYST, hysteresis);
5308
nla_put_nested(msg, NL80211_ATTR_CQM, cqm);
5309
5310
if (send_and_recv_msgs(drv, msg, NULL, NULL) == 0)
5311
return 0;
5312
msg = NULL;
5313
5314
nla_put_failure:
5315
if (cqm)
5316
nlmsg_free(cqm);
5317
nlmsg_free(msg);
5318
return -1;
5319
}
5320
5321
5322
static int nl80211_send_frame(void *priv, const u8 *data, size_t data_len,
5323
int encrypt)
5324
{
5325
struct i802_bss *bss = priv;
5326
struct wpa_driver_nl80211_data *drv = bss->drv;
5327
return wpa_driver_nl80211_send_frame(drv, data, data_len, encrypt);
5328
}
5329
5330
5331
const struct wpa_driver_ops wpa_driver_nl80211_ops = {
5332
.name = "nl80211",
5333
.desc = "Linux nl80211/cfg80211",
5334
.get_bssid = wpa_driver_nl80211_get_bssid,
5335
.get_ssid = wpa_driver_nl80211_get_ssid,
5336
.set_key = wpa_driver_nl80211_set_key,
5337
.scan2 = wpa_driver_nl80211_scan,
5338
.get_scan_results2 = wpa_driver_nl80211_get_scan_results,
5339
.deauthenticate = wpa_driver_nl80211_deauthenticate,
5340
.disassociate = wpa_driver_nl80211_disassociate,
5341
.authenticate = wpa_driver_nl80211_authenticate,
5342
.associate = wpa_driver_nl80211_associate,
5343
.init = wpa_driver_nl80211_init,
5344
.deinit = wpa_driver_nl80211_deinit,
5345
.get_capa = wpa_driver_nl80211_get_capa,
5346
.set_operstate = wpa_driver_nl80211_set_operstate,
5347
.set_supp_port = wpa_driver_nl80211_set_supp_port,
5348
.set_country = wpa_driver_nl80211_set_country,
5349
.set_beacon = wpa_driver_nl80211_set_beacon,
5350
.if_add = wpa_driver_nl80211_if_add,
5351
.if_remove = wpa_driver_nl80211_if_remove,
5352
.send_mlme = wpa_driver_nl80211_send_mlme,
5353
.get_hw_feature_data = wpa_driver_nl80211_get_hw_feature_data,
5354
.sta_add = wpa_driver_nl80211_sta_add,
5355
.sta_remove = wpa_driver_nl80211_sta_remove,
5356
.hapd_send_eapol = wpa_driver_nl80211_hapd_send_eapol,
5357
.sta_set_flags = wpa_driver_nl80211_sta_set_flags,
5358
#ifdef HOSTAPD
5359
.hapd_init = i802_init,
5360
.hapd_deinit = i802_deinit,
5361
.get_seqnum = i802_get_seqnum,
5362
.flush = i802_flush,
5363
.read_sta_data = i802_read_sta_data,
5364
.sta_deauth = i802_sta_deauth,
5365
.sta_disassoc = i802_sta_disassoc,
5366
.get_inact_sec = i802_get_inact_sec,
5367
.sta_clear_stats = i802_sta_clear_stats,
5368
.set_rts = i802_set_rts,
5369
.set_frag = i802_set_frag,
5370
.set_rate_sets = i802_set_rate_sets,
5371
.set_cts_protect = i802_set_cts_protect,
5372
.set_preamble = i802_set_preamble,
5373
.set_short_slot_time = i802_set_short_slot_time,
5374
.set_tx_queue_params = i802_set_tx_queue_params,
5375
.set_sta_vlan = i802_set_sta_vlan,
5376
.set_wds_sta = i802_set_wds_sta,
5377
#endif /* HOSTAPD */
5378
.set_freq = i802_set_freq,
5379
.send_action = wpa_driver_nl80211_send_action,
5380
.remain_on_channel = wpa_driver_nl80211_remain_on_channel,
5381
.cancel_remain_on_channel =
5382
wpa_driver_nl80211_cancel_remain_on_channel,
5383
.probe_req_report = wpa_driver_nl80211_probe_req_report,
5384
.disable_11b_rates = wpa_driver_nl80211_disable_11b_rates,
5385
.deinit_ap = wpa_driver_nl80211_deinit_ap,
5386
.resume = wpa_driver_nl80211_resume,
5387
.send_ft_action = nl80211_send_ft_action,
5388
.signal_monitor = nl80211_signal_monitor,
5389
.send_frame = nl80211_send_frame,
5390
};
Loggerhead is a web-based interface for Breezy
Version: 2.0.1