2 * Driver interaction with Linux nl80211/cfg80211
3 * Copyright (c) 2002-2008, Jouni Malinen <j@w1.fi>
4 * Copyright (c) 2003-2004, Instant802 Networks, Inc.
5 * Copyright (c) 2005-2006, Devicescape Software, Inc.
6 * Copyright (c) 2007, Johannes Berg <johannes@sipsolutions.net>
7 * Copyright (c) 2009, Atheros Communications
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License version 2 as
11 * published by the Free Software Foundation.
13 * Alternatively, this software may be distributed under the terms of BSD
16 * See README and COPYING for more details.
20 #include <sys/ioctl.h>
21 #include <net/if_arp.h>
23 #include <netlink/genl/genl.h>
24 #include <netlink/genl/family.h>
25 #include <netlink/genl/ctrl.h>
26 #include "nl80211_copy.h"
28 #include "wireless_copy.h"
34 #include "ieee802_11_defs.h"
36 #if defined(CONFIG_AP) || defined(HOSTAPD)
37 #include <netpacket/packet.h>
38 #include <linux/filter.h>
40 #include "radiotap_iter.h"
41 #endif /* CONFIG_AP || HOSTAPD */
45 #include "../hostapd/hostapd_defs.h"
48 #define ETH_P_ALL 0x0003
51 #endif /* CONFIG_AP */
54 #include "../../hostapd/hostapd.h"
55 #include "../../hostapd/sta_flags.h"
56 #include "ieee802_11_common.h"
59 /* libnl 2.0 compatibility code */
60 #define nl_handle_alloc_cb nl_socket_alloc_cb
61 #define nl_handle_destroy nl_socket_free
62 #endif /* CONFIG_LIBNL20 */
68 #define IFF_LOWER_UP 0x10000 /* driver signals L1 up */
71 #define IFF_DORMANT 0x20000 /* driver signals dormant */
74 #ifndef IF_OPER_DORMANT
75 #define IF_OPER_DORMANT 5
81 enum ieee80211_msg_type {
82 ieee80211_msg_normal = 0,
83 ieee80211_msg_tx_callback_ack = 1,
84 ieee80211_msg_tx_callback_fail = 2,
88 struct i802_bss *next;
90 unsigned int beacon_set:1;
93 struct wpa_driver_nl80211_data {
96 int ioctl_sock; /* socket for ioctl() use */
97 char ifname[IFNAMSIZ + 1];
100 struct wpa_driver_capa capa;
105 int scan_complete_events;
107 struct nl_handle *nl_handle;
108 struct nl_cache *nl_cache;
110 struct genl_family *nl80211;
117 int ap_scan_as_station;
119 #if defined(CONFIG_AP) || defined(HOSTAPD)
123 #endif /* CONFIG_AP || HOSTAPD */
126 unsigned int beacon_set:1;
127 #endif /* CONFIG_AP */
130 struct hostapd_data *hapd;
132 int eapol_sock; /* socket for EAPOL frames */
134 int default_if_indices[16];
146 static void wpa_driver_nl80211_scan_timeout(void *eloop_ctx,
148 static int wpa_driver_nl80211_set_mode(void *priv, int mode);
150 wpa_driver_nl80211_finish_drv_init(struct wpa_driver_nl80211_data *drv);
153 static void nl80211_remove_iface(struct wpa_driver_nl80211_data *drv,
155 #endif /* CONFIG_AP */
158 static void add_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx);
159 static void del_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx);
160 static struct i802_bss * get_bss(struct wpa_driver_nl80211_data *drv,
166 static int ack_handler(struct nl_msg *msg, void *arg)
173 static int finish_handler(struct nl_msg *msg, void *arg)
180 static int error_handler(struct sockaddr_nl *nla, struct nlmsgerr *err,
189 static int no_seq_check(struct nl_msg *msg, void *arg)
195 static int send_and_recv_msgs(struct wpa_driver_nl80211_data *drv,
197 int (*valid_handler)(struct nl_msg *, void *),
203 cb = nl_cb_clone(drv->nl_cb);
207 err = nl_send_auto_complete(drv->nl_handle, msg);
213 nl_cb_err(cb, NL_CB_CUSTOM, error_handler, &err);
214 nl_cb_set(cb, NL_CB_FINISH, NL_CB_CUSTOM, finish_handler, &err);
215 nl_cb_set(cb, NL_CB_ACK, NL_CB_CUSTOM, ack_handler, &err);
218 nl_cb_set(cb, NL_CB_VALID, NL_CB_CUSTOM,
219 valid_handler, valid_data);
222 nl_recvmsgs(drv->nl_handle, cb);
236 static int family_handler(struct nl_msg *msg, void *arg)
238 struct family_data *res = arg;
239 struct nlattr *tb[CTRL_ATTR_MAX + 1];
240 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
241 struct nlattr *mcgrp;
244 nla_parse(tb, CTRL_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
245 genlmsg_attrlen(gnlh, 0), NULL);
246 if (!tb[CTRL_ATTR_MCAST_GROUPS])
249 nla_for_each_nested(mcgrp, tb[CTRL_ATTR_MCAST_GROUPS], i) {
250 struct nlattr *tb2[CTRL_ATTR_MCAST_GRP_MAX + 1];
251 nla_parse(tb2, CTRL_ATTR_MCAST_GRP_MAX, nla_data(mcgrp),
252 nla_len(mcgrp), NULL);
253 if (!tb2[CTRL_ATTR_MCAST_GRP_NAME] ||
254 !tb2[CTRL_ATTR_MCAST_GRP_ID] ||
255 os_strncmp(nla_data(tb2[CTRL_ATTR_MCAST_GRP_NAME]),
257 nla_len(tb2[CTRL_ATTR_MCAST_GRP_NAME])) != 0)
259 res->id = nla_get_u32(tb2[CTRL_ATTR_MCAST_GRP_ID]);
267 static int nl_get_multicast_id(struct wpa_driver_nl80211_data *drv,
268 const char *family, const char *group)
272 struct family_data res = { group, -ENOENT };
277 genlmsg_put(msg, 0, 0, genl_ctrl_resolve(drv->nl_handle, "nlctrl"),
278 0, 0, CTRL_CMD_GETFAMILY, 0);
279 NLA_PUT_STRING(msg, CTRL_ATTR_FAMILY_NAME, family);
281 ret = send_and_recv_msgs(drv, msg, family_handler, &res);
292 static int wpa_driver_nl80211_send_oper_ifla(
293 struct wpa_driver_nl80211_data *drv,
294 int linkmode, int operstate)
298 struct ifinfomsg ifinfo;
305 os_memset(&req, 0, sizeof(req));
307 req.hdr.nlmsg_len = NLMSG_LENGTH(sizeof(struct ifinfomsg));
308 req.hdr.nlmsg_type = RTM_SETLINK;
309 req.hdr.nlmsg_flags = NLM_F_REQUEST;
310 req.hdr.nlmsg_seq = ++nl_seq;
311 req.hdr.nlmsg_pid = 0;
313 req.ifinfo.ifi_family = AF_UNSPEC;
314 req.ifinfo.ifi_type = 0;
315 req.ifinfo.ifi_index = drv->ifindex;
316 req.ifinfo.ifi_flags = 0;
317 req.ifinfo.ifi_change = 0;
319 if (linkmode != -1) {
320 rta = (struct rtattr *)
321 ((char *) &req + NLMSG_ALIGN(req.hdr.nlmsg_len));
322 rta->rta_type = IFLA_LINKMODE;
323 rta->rta_len = RTA_LENGTH(sizeof(char));
324 *((char *) RTA_DATA(rta)) = linkmode;
325 req.hdr.nlmsg_len = NLMSG_ALIGN(req.hdr.nlmsg_len) +
326 RTA_LENGTH(sizeof(char));
328 if (operstate != -1) {
329 rta = (struct rtattr *)
330 ((char *) &req + NLMSG_ALIGN(req.hdr.nlmsg_len));
331 rta->rta_type = IFLA_OPERSTATE;
332 rta->rta_len = RTA_LENGTH(sizeof(char));
333 *((char *) RTA_DATA(rta)) = operstate;
334 req.hdr.nlmsg_len = NLMSG_ALIGN(req.hdr.nlmsg_len) +
335 RTA_LENGTH(sizeof(char));
338 wpa_printf(MSG_DEBUG, "nl80211: Operstate: linkmode=%d, operstate=%d",
339 linkmode, operstate);
341 ret = send(drv->link_event_sock, &req, req.hdr.nlmsg_len, 0);
343 wpa_printf(MSG_DEBUG, "nl80211: Sending operstate IFLA failed:"
344 " %s (assume operstate is not supported)",
348 return ret < 0 ? -1 : 0;
353 static int wpa_driver_nl80211_set_auth_param(
354 struct wpa_driver_nl80211_data *drv, int idx, u32 value)
359 os_memset(&iwr, 0, sizeof(iwr));
360 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
361 iwr.u.param.flags = idx & IW_AUTH_INDEX;
362 iwr.u.param.value = value;
364 if (ioctl(drv->ioctl_sock, SIOCSIWAUTH, &iwr) < 0) {
365 if (errno != EOPNOTSUPP) {
366 wpa_printf(MSG_DEBUG, "WEXT: SIOCSIWAUTH(param %d "
367 "value 0x%x) failed: %s)",
368 idx, value, strerror(errno));
370 ret = errno == EOPNOTSUPP ? -2 : -1;
378 static int wpa_driver_nl80211_get_bssid(void *priv, u8 *bssid)
380 struct wpa_driver_nl80211_data *drv = priv;
381 if (!drv->associated)
383 os_memcpy(bssid, drv->bssid, ETH_ALEN);
388 static int wpa_driver_nl80211_get_ssid(void *priv, u8 *ssid)
390 struct wpa_driver_nl80211_data *drv = priv;
391 if (!drv->associated)
393 os_memcpy(ssid, drv->ssid, drv->ssid_len);
394 return drv->ssid_len;
399 static void wpa_driver_nl80211_event_link(struct wpa_driver_nl80211_data *drv,
400 void *ctx, char *buf, size_t len,
403 union wpa_event_data event;
405 os_memset(&event, 0, sizeof(event));
406 if (len > sizeof(event.interface_status.ifname))
407 len = sizeof(event.interface_status.ifname) - 1;
408 os_memcpy(event.interface_status.ifname, buf, len);
409 event.interface_status.ievent = del ? EVENT_INTERFACE_REMOVED :
410 EVENT_INTERFACE_ADDED;
412 wpa_printf(MSG_DEBUG, "RTM_%sLINK, IFLA_IFNAME: Interface '%s' %s",
414 event.interface_status.ifname,
415 del ? "removed" : "added");
417 if (os_strcmp(drv->ifname, event.interface_status.ifname) == 0) {
424 wpa_supplicant_event(ctx, EVENT_INTERFACE_STATUS, &event);
428 static int wpa_driver_nl80211_own_ifname(struct wpa_driver_nl80211_data *drv,
431 struct ifinfomsg *ifi;
432 int attrlen, _nlmsg_len, rta_len;
437 _nlmsg_len = NLMSG_ALIGN(sizeof(struct ifinfomsg));
439 attrlen = h->nlmsg_len - _nlmsg_len;
443 attr = (struct rtattr *) (((char *) ifi) + _nlmsg_len);
445 rta_len = RTA_ALIGN(sizeof(struct rtattr));
446 while (RTA_OK(attr, attrlen)) {
447 if (attr->rta_type == IFLA_IFNAME) {
448 if (os_strcmp(((char *) attr) + rta_len, drv->ifname)
454 attr = RTA_NEXT(attr, attrlen);
461 static int wpa_driver_nl80211_own_ifindex(struct wpa_driver_nl80211_data *drv,
462 int ifindex, struct nlmsghdr *h)
464 if (drv->ifindex == ifindex)
467 if (drv->if_removed && wpa_driver_nl80211_own_ifname(drv, h)) {
468 drv->ifindex = if_nametoindex(drv->ifname);
469 wpa_printf(MSG_DEBUG, "nl80211: Update ifindex for a removed "
471 wpa_driver_nl80211_finish_drv_init(drv);
479 static void wpa_driver_nl80211_event_rtm_newlink(struct wpa_driver_nl80211_data *drv,
480 void *ctx, struct nlmsghdr *h,
483 struct ifinfomsg *ifi;
484 int attrlen, _nlmsg_len, rta_len;
485 struct rtattr * attr;
487 if (len < sizeof(*ifi))
492 if (!wpa_driver_nl80211_own_ifindex(drv, ifi->ifi_index, h)) {
493 wpa_printf(MSG_DEBUG, "Ignore event for foreign ifindex %d",
498 wpa_printf(MSG_DEBUG, "RTM_NEWLINK: operstate=%d ifi_flags=0x%x "
500 drv->operstate, ifi->ifi_flags,
501 (ifi->ifi_flags & IFF_UP) ? "[UP]" : "",
502 (ifi->ifi_flags & IFF_RUNNING) ? "[RUNNING]" : "",
503 (ifi->ifi_flags & IFF_LOWER_UP) ? "[LOWER_UP]" : "",
504 (ifi->ifi_flags & IFF_DORMANT) ? "[DORMANT]" : "");
506 * Some drivers send the association event before the operup event--in
507 * this case, lifting operstate in wpa_driver_nl80211_set_operstate()
508 * fails. This will hit us when wpa_supplicant does not need to do
509 * IEEE 802.1X authentication
511 if (drv->operstate == 1 &&
512 (ifi->ifi_flags & (IFF_LOWER_UP | IFF_DORMANT)) == IFF_LOWER_UP &&
513 !(ifi->ifi_flags & IFF_RUNNING))
514 wpa_driver_nl80211_send_oper_ifla(drv, -1, IF_OPER_UP);
516 _nlmsg_len = NLMSG_ALIGN(sizeof(struct ifinfomsg));
518 attrlen = h->nlmsg_len - _nlmsg_len;
522 attr = (struct rtattr *) (((char *) ifi) + _nlmsg_len);
524 rta_len = RTA_ALIGN(sizeof(struct rtattr));
525 while (RTA_OK(attr, attrlen)) {
526 if (attr->rta_type == IFLA_IFNAME) {
527 wpa_driver_nl80211_event_link(
529 ((char *) attr) + rta_len,
530 attr->rta_len - rta_len, 0);
532 attr = RTA_NEXT(attr, attrlen);
537 static void wpa_driver_nl80211_event_rtm_dellink(struct wpa_driver_nl80211_data *drv,
538 void *ctx, struct nlmsghdr *h,
541 struct ifinfomsg *ifi;
542 int attrlen, _nlmsg_len, rta_len;
543 struct rtattr * attr;
545 if (len < sizeof(*ifi))
550 _nlmsg_len = NLMSG_ALIGN(sizeof(struct ifinfomsg));
552 attrlen = h->nlmsg_len - _nlmsg_len;
556 attr = (struct rtattr *) (((char *) ifi) + _nlmsg_len);
558 rta_len = RTA_ALIGN(sizeof(struct rtattr));
559 while (RTA_OK(attr, attrlen)) {
560 if (attr->rta_type == IFLA_IFNAME) {
561 wpa_driver_nl80211_event_link(
563 ((char *) attr) + rta_len,
564 attr->rta_len - rta_len, 1);
566 attr = RTA_NEXT(attr, attrlen);
571 static void wpa_driver_nl80211_event_receive_link(int sock, void *eloop_ctx,
576 struct sockaddr_nl from;
582 fromlen = sizeof(from);
583 left = recvfrom(sock, buf, sizeof(buf), MSG_DONTWAIT,
584 (struct sockaddr *) &from, &fromlen);
586 if (errno != EINTR && errno != EAGAIN)
587 perror("recvfrom(netlink)");
591 h = (struct nlmsghdr *) buf;
592 while (left >= (int) sizeof(*h)) {
596 plen = len - sizeof(*h);
597 if (len > left || plen < 0) {
598 wpa_printf(MSG_DEBUG, "Malformed netlink message: "
599 "len=%d left=%d plen=%d",
604 switch (h->nlmsg_type) {
606 wpa_driver_nl80211_event_rtm_newlink(eloop_ctx, sock_ctx,
610 wpa_driver_nl80211_event_rtm_dellink(eloop_ctx, sock_ctx,
615 len = NLMSG_ALIGN(len);
617 h = (struct nlmsghdr *) ((char *) h + len);
621 wpa_printf(MSG_DEBUG, "%d extra bytes in the end of netlink "
625 if (--max_events > 0) {
627 * Try to receive all events in one eloop call in order to
628 * limit race condition on cases where AssocInfo event, Assoc
629 * event, and EAPOL frames are received more or less at the
630 * same time. We want to process the event messages first
631 * before starting EAPOL processing.
638 static void mlme_event_auth(struct wpa_driver_nl80211_data *drv,
639 const u8 *frame, size_t len)
641 const struct ieee80211_mgmt *mgmt;
642 union wpa_event_data event;
644 mgmt = (const struct ieee80211_mgmt *) frame;
645 if (len < 24 + sizeof(mgmt->u.auth)) {
646 wpa_printf(MSG_DEBUG, "nl80211: Too short association event "
651 os_memset(&event, 0, sizeof(event));
652 os_memcpy(event.auth.peer, mgmt->sa, ETH_ALEN);
653 event.auth.auth_type = le_to_host16(mgmt->u.auth.auth_alg);
654 event.auth.status_code = le_to_host16(mgmt->u.auth.status_code);
655 if (len > 24 + sizeof(mgmt->u.auth)) {
656 event.auth.ies = mgmt->u.auth.variable;
657 event.auth.ies_len = len - 24 - sizeof(mgmt->u.auth);
660 wpa_supplicant_event(drv->ctx, EVENT_AUTH, &event);
664 static void mlme_event_assoc(struct wpa_driver_nl80211_data *drv,
665 const u8 *frame, size_t len)
667 const struct ieee80211_mgmt *mgmt;
668 union wpa_event_data event;
671 mgmt = (const struct ieee80211_mgmt *) frame;
672 if (len < 24 + sizeof(mgmt->u.assoc_resp)) {
673 wpa_printf(MSG_DEBUG, "nl80211: Too short association event "
678 status = le_to_host16(mgmt->u.assoc_resp.status_code);
679 if (status != WLAN_STATUS_SUCCESS) {
680 os_memset(&event, 0, sizeof(event));
681 if (len > 24 + sizeof(mgmt->u.assoc_resp)) {
682 event.assoc_reject.resp_ies =
683 (u8 *) mgmt->u.assoc_resp.variable;
684 event.assoc_reject.resp_ies_len =
685 len - 24 - sizeof(mgmt->u.assoc_resp);
687 event.assoc_reject.status_code = status;
689 wpa_supplicant_event(drv->ctx, EVENT_ASSOC_REJECT, &event);
694 os_memcpy(drv->bssid, mgmt->sa, ETH_ALEN);
696 os_memset(&event, 0, sizeof(event));
697 if (len > 24 + sizeof(mgmt->u.assoc_resp)) {
698 event.assoc_info.resp_ies = (u8 *) mgmt->u.assoc_resp.variable;
699 event.assoc_info.resp_ies_len =
700 len - 24 - sizeof(mgmt->u.assoc_resp);
703 wpa_supplicant_event(drv->ctx, EVENT_ASSOC, &event);
707 static void mlme_event(struct wpa_driver_nl80211_data *drv,
708 enum nl80211_commands cmd, struct nlattr *frame)
711 wpa_printf(MSG_DEBUG, "nl80211: MLME event %d without frame "
716 wpa_printf(MSG_DEBUG, "nl80211: MLME event %d", cmd);
717 wpa_hexdump(MSG_MSGDUMP, "nl80211: MLME event frame",
718 nla_data(frame), nla_len(frame));
721 case NL80211_CMD_AUTHENTICATE:
722 mlme_event_auth(drv, nla_data(frame), nla_len(frame));
724 case NL80211_CMD_ASSOCIATE:
725 mlme_event_assoc(drv, nla_data(frame), nla_len(frame));
727 case NL80211_CMD_DEAUTHENTICATE:
729 wpa_supplicant_event(drv->ctx, EVENT_DEAUTH, NULL);
731 case NL80211_CMD_DISASSOCIATE:
733 wpa_supplicant_event(drv->ctx, EVENT_DISASSOC, NULL);
743 static void mlme_event_michael_mic_failure(struct wpa_driver_nl80211_data *drv,
746 union wpa_event_data data;
748 wpa_printf(MSG_DEBUG, "nl80211: MLME event Michael MIC failure");
749 os_memset(&data, 0, sizeof(data));
750 if (tb[NL80211_ATTR_MAC]) {
751 wpa_hexdump(MSG_DEBUG, "nl80211: Source MAC address",
752 nla_data(tb[NL80211_ATTR_MAC]),
753 nla_len(tb[NL80211_ATTR_MAC]));
754 data.michael_mic_failure.src = nla_data(tb[NL80211_ATTR_MAC]);
756 if (tb[NL80211_ATTR_KEY_SEQ]) {
757 wpa_hexdump(MSG_DEBUG, "nl80211: TSC",
758 nla_data(tb[NL80211_ATTR_KEY_SEQ]),
759 nla_len(tb[NL80211_ATTR_KEY_SEQ]));
761 if (tb[NL80211_ATTR_KEY_TYPE]) {
762 enum nl80211_key_type key_type =
763 nla_get_u32(tb[NL80211_ATTR_KEY_TYPE]);
764 wpa_printf(MSG_DEBUG, "nl80211: Key Type %d", key_type);
765 if (key_type == NL80211_KEYTYPE_PAIRWISE)
766 data.michael_mic_failure.unicast = 1;
768 data.michael_mic_failure.unicast = 1;
770 if (tb[NL80211_ATTR_KEY_IDX]) {
771 u8 key_id = nla_get_u8(tb[NL80211_ATTR_KEY_IDX]);
772 wpa_printf(MSG_DEBUG, "nl80211: Key Id %d", key_id);
775 wpa_supplicant_event(drv->ctx, EVENT_MICHAEL_MIC_FAILURE, &data);
779 static int process_event(struct nl_msg *msg, void *arg)
781 struct wpa_driver_nl80211_data *drv = arg;
782 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
783 struct nlattr *tb[NL80211_ATTR_MAX + 1];
785 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
786 genlmsg_attrlen(gnlh, 0), NULL);
788 if (tb[NL80211_ATTR_IFINDEX]) {
789 int ifindex = nla_get_u32(tb[NL80211_ATTR_IFINDEX]);
790 if (ifindex != drv->ifindex) {
791 wpa_printf(MSG_DEBUG, "nl80211: Ignored event (cmd=%d)"
792 " for foreign interface (ifindex %d)",
798 if (drv->ap_scan_as_station &&
799 (gnlh->cmd == NL80211_CMD_NEW_SCAN_RESULTS ||
800 gnlh->cmd == NL80211_CMD_SCAN_ABORTED)) {
801 wpa_driver_nl80211_set_mode(drv, IEEE80211_MODE_AP);
802 drv->ap_scan_as_station = 0;
806 case NL80211_CMD_NEW_SCAN_RESULTS:
807 wpa_printf(MSG_DEBUG, "nl80211: New scan results available");
808 drv->scan_complete_events = 1;
809 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv,
811 wpa_supplicant_event(drv->ctx, EVENT_SCAN_RESULTS, NULL);
813 case NL80211_CMD_SCAN_ABORTED:
814 wpa_printf(MSG_DEBUG, "nl80211: Scan aborted");
816 * Need to indicate that scan results are available in order
817 * not to make wpa_supplicant stop its scanning.
819 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv,
821 wpa_supplicant_event(drv->ctx, EVENT_SCAN_RESULTS, NULL);
824 case NL80211_CMD_AUTHENTICATE:
825 case NL80211_CMD_ASSOCIATE:
826 case NL80211_CMD_DEAUTHENTICATE:
827 case NL80211_CMD_DISASSOCIATE:
828 mlme_event(drv, gnlh->cmd, tb[NL80211_ATTR_FRAME]);
831 case NL80211_CMD_MICHAEL_MIC_FAILURE:
832 mlme_event_michael_mic_failure(drv, tb);
835 wpa_printf(MSG_DEBUG, "nl80211: Ignored unknown event "
836 "(cmd=%d)", gnlh->cmd);
844 static void wpa_driver_nl80211_event_receive(int sock, void *eloop_ctx,
848 struct wpa_driver_nl80211_data *drv = eloop_ctx;
850 wpa_printf(MSG_DEBUG, "nl80211: Event message available");
852 cb = nl_cb_clone(drv->nl_cb);
855 nl_cb_set(cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM, no_seq_check, NULL);
856 nl_cb_set(cb, NL_CB_VALID, NL_CB_CUSTOM, process_event, drv);
857 nl_recvmsgs(drv->nl_handle, cb);
862 static int hostapd_set_iface_flags(struct wpa_driver_nl80211_data *drv,
863 const char *ifname, int dev_up)
867 if (drv->ioctl_sock < 0)
870 os_memset(&ifr, 0, sizeof(ifr));
871 os_strlcpy(ifr.ifr_name, ifname, IFNAMSIZ);
873 if (ioctl(drv->ioctl_sock, SIOCGIFFLAGS, &ifr) != 0) {
874 perror("ioctl[SIOCGIFFLAGS]");
875 wpa_printf(MSG_DEBUG, "Could not read interface flags (%s)",
881 if (ifr.ifr_flags & IFF_UP)
883 ifr.ifr_flags |= IFF_UP;
885 if (!(ifr.ifr_flags & IFF_UP))
887 ifr.ifr_flags &= ~IFF_UP;
890 if (ioctl(drv->ioctl_sock, SIOCSIFFLAGS, &ifr) != 0) {
891 perror("ioctl[SIOCSIFFLAGS]");
900 * wpa_driver_nl80211_set_country - ask nl80211 to set the regulatory domain
901 * @priv: driver_nl80211 private data
902 * @alpha2_arg: country to which to switch to
903 * Returns: 0 on success, -1 on failure
905 * This asks nl80211 to set the regulatory domain for given
906 * country ISO / IEC alpha2.
908 static int wpa_driver_nl80211_set_country(void *priv, const char *alpha2_arg)
910 struct wpa_driver_nl80211_data *drv = priv;
918 alpha2[0] = alpha2_arg[0];
919 alpha2[1] = alpha2_arg[1];
922 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
923 0, NL80211_CMD_REQ_SET_REG, 0);
925 NLA_PUT_STRING(msg, NL80211_ATTR_REG_ALPHA2, alpha2);
926 if (send_and_recv_msgs(drv, msg, NULL, NULL))
934 struct wiphy_info_data {
940 static int wiphy_info_handler(struct nl_msg *msg, void *arg)
942 struct nlattr *tb[NL80211_ATTR_MAX + 1];
943 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
944 struct wiphy_info_data *info = arg;
946 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
947 genlmsg_attrlen(gnlh, 0), NULL);
949 if (tb[NL80211_ATTR_MAX_NUM_SCAN_SSIDS])
950 info->max_scan_ssids =
951 nla_get_u8(tb[NL80211_ATTR_MAX_NUM_SCAN_SSIDS]);
953 if (tb[NL80211_ATTR_SUPPORTED_IFTYPES]) {
954 struct nlattr *nl_mode;
956 nla_for_each_nested(nl_mode,
957 tb[NL80211_ATTR_SUPPORTED_IFTYPES], i) {
958 if (nl_mode->nla_type == NL80211_IFTYPE_AP) {
959 info->ap_supported = 1;
969 static int wpa_driver_nl80211_get_info(struct wpa_driver_nl80211_data *drv,
970 struct wiphy_info_data *info)
974 os_memset(info, 0, sizeof(*info));
979 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
980 0, NL80211_CMD_GET_WIPHY, 0);
982 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
984 if (send_and_recv_msgs(drv, msg, wiphy_info_handler, info) == 0)
993 static void wpa_driver_nl80211_capa(struct wpa_driver_nl80211_data *drv)
995 struct wiphy_info_data info;
996 if (wpa_driver_nl80211_get_info(drv, &info))
998 drv->has_capability = 1;
999 /* For now, assume TKIP, CCMP, WPA, WPA2 are supported */
1000 drv->capa.key_mgmt = WPA_DRIVER_CAPA_KEY_MGMT_WPA |
1001 WPA_DRIVER_CAPA_KEY_MGMT_WPA_PSK |
1002 WPA_DRIVER_CAPA_KEY_MGMT_WPA2 |
1003 WPA_DRIVER_CAPA_KEY_MGMT_WPA2_PSK;
1004 drv->capa.enc = WPA_DRIVER_CAPA_ENC_WEP40 |
1005 WPA_DRIVER_CAPA_ENC_WEP104 |
1006 WPA_DRIVER_CAPA_ENC_TKIP |
1007 WPA_DRIVER_CAPA_ENC_CCMP;
1009 drv->capa.max_scan_ssids = info.max_scan_ssids;
1010 if (info.ap_supported)
1011 drv->capa.flags |= WPA_DRIVER_FLAGS_AP;
1015 static int wpa_driver_nl80211_init_nl(struct wpa_driver_nl80211_data *drv,
1020 /* Initialize generic netlink and nl80211 */
1022 drv->nl_cb = nl_cb_alloc(NL_CB_DEFAULT);
1023 if (drv->nl_cb == NULL) {
1024 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate netlink "
1029 drv->nl_handle = nl_handle_alloc_cb(drv->nl_cb);
1030 if (drv->nl_handle == NULL) {
1031 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate netlink "
1036 if (genl_connect(drv->nl_handle)) {
1037 wpa_printf(MSG_ERROR, "nl80211: Failed to connect to generic "
1042 #ifdef CONFIG_LIBNL20
1043 if (genl_ctrl_alloc_cache(drv->nl_handle, &drv->nl_cache) < 0) {
1044 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate generic "
1048 #else /* CONFIG_LIBNL20 */
1049 drv->nl_cache = genl_ctrl_alloc_cache(drv->nl_handle);
1050 if (drv->nl_cache == NULL) {
1051 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate generic "
1055 #endif /* CONFIG_LIBNL20 */
1058 drv->nl80211 = genl_ctrl_search_by_name(drv->nl_cache, "nl80211");
1059 if (drv->nl80211 == NULL) {
1060 wpa_printf(MSG_ERROR, "nl80211: 'nl80211' generic netlink not "
1065 ret = nl_get_multicast_id(drv, "nl80211", "scan");
1067 ret = nl_socket_add_membership(drv->nl_handle, ret);
1069 wpa_printf(MSG_ERROR, "nl80211: Could not add multicast "
1070 "membership for scan events: %d (%s)",
1071 ret, strerror(-ret));
1075 ret = nl_get_multicast_id(drv, "nl80211", "mlme");
1077 ret = nl_socket_add_membership(drv->nl_handle, ret);
1079 wpa_printf(MSG_ERROR, "nl80211: Could not add multicast "
1080 "membership for mlme events: %d (%s)",
1081 ret, strerror(-ret));
1085 eloop_register_read_sock(nl_socket_get_fd(drv->nl_handle),
1086 wpa_driver_nl80211_event_receive, drv, ctx);
1091 nl_cache_free(drv->nl_cache);
1093 nl_handle_destroy(drv->nl_handle);
1095 nl_cb_put(drv->nl_cb);
1102 * wpa_driver_nl80211_init - Initialize nl80211 driver interface
1103 * @ctx: context to be used when calling wpa_supplicant functions,
1104 * e.g., wpa_supplicant_event()
1105 * @ifname: interface name, e.g., wlan0
1106 * Returns: Pointer to private data, %NULL on failure
1108 static void * wpa_driver_nl80211_init(void *ctx, const char *ifname)
1111 struct sockaddr_nl local;
1112 struct wpa_driver_nl80211_data *drv;
1114 drv = os_zalloc(sizeof(*drv));
1118 os_strlcpy(drv->ifname, ifname, sizeof(drv->ifname));
1120 drv->monitor_ifidx = -1;
1121 drv->monitor_sock = -1;
1122 #endif /* CONFIG_AP */
1124 if (wpa_driver_nl80211_init_nl(drv, ctx))
1127 drv->capa.flags |= WPA_DRIVER_FLAGS_SME;
1129 drv->ioctl_sock = socket(PF_INET, SOCK_DGRAM, 0);
1130 if (drv->ioctl_sock < 0) {
1131 perror("socket(PF_INET,SOCK_DGRAM)");
1135 s = socket(PF_NETLINK, SOCK_RAW, NETLINK_ROUTE);
1137 perror("socket(PF_NETLINK,SOCK_RAW,NETLINK_ROUTE)");
1141 os_memset(&local, 0, sizeof(local));
1142 local.nl_family = AF_NETLINK;
1143 local.nl_groups = RTMGRP_LINK;
1144 if (bind(s, (struct sockaddr *) &local, sizeof(local)) < 0) {
1145 perror("bind(netlink)");
1151 eloop_register_read_sock(s, wpa_driver_nl80211_event_receive_link, drv,
1153 #endif /* HOSTAPD */
1154 drv->link_event_sock = s;
1156 if (wpa_driver_nl80211_finish_drv_init(drv))
1162 eloop_unregister_read_sock(drv->link_event_sock);
1163 close(drv->link_event_sock);
1165 close(drv->ioctl_sock);
1167 genl_family_put(drv->nl80211);
1168 nl_cache_free(drv->nl_cache);
1169 nl_handle_destroy(drv->nl_handle);
1170 nl_cb_put(drv->nl_cb);
1178 wpa_driver_nl80211_finish_drv_init(struct wpa_driver_nl80211_data *drv)
1180 drv->ifindex = if_nametoindex(drv->ifname);
1182 if (wpa_driver_nl80211_set_mode(drv, IEEE80211_MODE_INFRA) < 0) {
1183 wpa_printf(MSG_DEBUG, "nl80211: Could not configure driver to "
1184 "use managed mode");
1187 if (hostapd_set_iface_flags(drv, drv->ifname, 1)) {
1188 wpa_printf(MSG_ERROR, "Could not set interface '%s' "
1193 wpa_driver_nl80211_capa(drv);
1195 wpa_driver_nl80211_send_oper_ifla(drv, 1, IF_OPER_DORMANT);
1202 * wpa_driver_nl80211_deinit - Deinitialize nl80211 driver interface
1203 * @priv: Pointer to private nl80211 data from wpa_driver_nl80211_init()
1205 * Shut down driver interface and processing of driver events. Free
1206 * private data buffer if one was allocated in wpa_driver_nl80211_init().
1208 static void wpa_driver_nl80211_deinit(void *priv)
1210 struct wpa_driver_nl80211_data *drv = priv;
1213 if (drv->monitor_ifidx >= 0)
1214 nl80211_remove_iface(drv, drv->monitor_ifidx);
1215 if (drv->monitor_sock >= 0) {
1216 eloop_unregister_read_sock(drv->monitor_sock);
1217 close(drv->monitor_sock);
1219 #endif /* CONFIG_AP */
1221 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv, drv->ctx);
1224 wpa_driver_nl80211_set_auth_param(drv, IW_AUTH_DROP_UNENCRYPTED, 0);
1225 #endif /* NO_WEXT */
1227 wpa_driver_nl80211_send_oper_ifla(priv, 0, IF_OPER_UP);
1229 eloop_unregister_read_sock(drv->link_event_sock);
1231 hostapd_set_iface_flags(drv, drv->ifname, 0);
1232 wpa_driver_nl80211_set_mode(drv, IEEE80211_MODE_INFRA);
1234 close(drv->link_event_sock);
1235 close(drv->ioctl_sock);
1237 eloop_unregister_read_sock(nl_socket_get_fd(drv->nl_handle));
1238 genl_family_put(drv->nl80211);
1239 nl_cache_free(drv->nl_cache);
1240 nl_handle_destroy(drv->nl_handle);
1241 nl_cb_put(drv->nl_cb);
1248 * wpa_driver_nl80211_scan_timeout - Scan timeout to report scan completion
1249 * @eloop_ctx: Driver private data
1250 * @timeout_ctx: ctx argument given to wpa_driver_nl80211_init()
1252 * This function can be used as registered timeout when starting a scan to
1253 * generate a scan completed event if the driver does not report this.
1255 static void wpa_driver_nl80211_scan_timeout(void *eloop_ctx, void *timeout_ctx)
1257 struct wpa_driver_nl80211_data *drv = eloop_ctx;
1258 if (drv->ap_scan_as_station) {
1259 wpa_driver_nl80211_set_mode(drv, IEEE80211_MODE_AP);
1260 drv->ap_scan_as_station = 0;
1262 wpa_printf(MSG_DEBUG, "Scan timeout - try to get results");
1263 wpa_supplicant_event(timeout_ctx, EVENT_SCAN_RESULTS, NULL);
1268 * wpa_driver_nl80211_scan - Request the driver to initiate scan
1269 * @priv: Pointer to private driver data from wpa_driver_nl80211_init()
1270 * @params: Scan parameters
1271 * Returns: 0 on success, -1 on failure
1273 static int wpa_driver_nl80211_scan(void *priv,
1274 struct wpa_driver_scan_params *params)
1276 struct wpa_driver_nl80211_data *drv = priv;
1277 int ret = 0, timeout;
1278 struct nl_msg *msg, *ssids, *freqs;
1281 msg = nlmsg_alloc();
1282 ssids = nlmsg_alloc();
1283 freqs = nlmsg_alloc();
1284 if (!msg || !ssids || !freqs) {
1291 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
1292 NL80211_CMD_TRIGGER_SCAN, 0);
1294 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
1296 for (i = 0; i < params->num_ssids; i++) {
1297 NLA_PUT(ssids, i + 1, params->ssids[i].ssid_len,
1298 params->ssids[i].ssid);
1300 if (params->num_ssids)
1301 nla_put_nested(msg, NL80211_ATTR_SCAN_SSIDS, ssids);
1303 if (params->extra_ies) {
1304 NLA_PUT(msg, NL80211_ATTR_IE, params->extra_ies_len,
1308 if (params->freqs) {
1309 for (i = 0; params->freqs[i]; i++)
1310 NLA_PUT_U32(freqs, i + 1, params->freqs[i]);
1311 nla_put_nested(msg, NL80211_ATTR_SCAN_FREQUENCIES, freqs);
1314 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
1317 wpa_printf(MSG_DEBUG, "nl80211: Scan trigger failed: ret=%d "
1318 "(%s)", ret, strerror(-ret));
1320 if (drv->nlmode == NL80211_IFTYPE_AP) {
1322 * mac80211 does not allow scan requests in AP mode, so
1323 * try to do this in station mode.
1325 if (wpa_driver_nl80211_set_mode(drv,
1326 IEEE80211_MODE_INFRA))
1327 goto nla_put_failure;
1329 if (wpa_driver_nl80211_scan(drv, params)) {
1330 wpa_driver_nl80211_set_mode(drv,
1332 goto nla_put_failure;
1335 /* Restore AP mode when processing scan results */
1336 drv->ap_scan_as_station = 1;
1339 goto nla_put_failure;
1341 goto nla_put_failure;
1342 #endif /* HOSTAPD */
1345 /* Not all drivers generate "scan completed" wireless event, so try to
1346 * read results after a timeout. */
1348 if (drv->scan_complete_events) {
1350 * The driver seems to deliver events to notify when scan is
1351 * complete, so use longer timeout to avoid race conditions
1352 * with scanning and following association request.
1356 wpa_printf(MSG_DEBUG, "Scan requested (ret=%d) - scan timeout %d "
1357 "seconds", ret, timeout);
1358 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv, drv->ctx);
1359 eloop_register_timeout(timeout, 0, wpa_driver_nl80211_scan_timeout,
1370 static int bss_info_handler(struct nl_msg *msg, void *arg)
1372 struct nlattr *tb[NL80211_ATTR_MAX + 1];
1373 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
1374 struct nlattr *bss[NL80211_BSS_MAX + 1];
1375 static struct nla_policy bss_policy[NL80211_BSS_MAX + 1] = {
1376 [NL80211_BSS_BSSID] = { .type = NLA_UNSPEC },
1377 [NL80211_BSS_FREQUENCY] = { .type = NLA_U32 },
1378 [NL80211_BSS_TSF] = { .type = NLA_U64 },
1379 [NL80211_BSS_BEACON_INTERVAL] = { .type = NLA_U16 },
1380 [NL80211_BSS_CAPABILITY] = { .type = NLA_U16 },
1381 [NL80211_BSS_INFORMATION_ELEMENTS] = { .type = NLA_UNSPEC },
1382 [NL80211_BSS_SIGNAL_MBM] = { .type = NLA_U32 },
1383 [NL80211_BSS_SIGNAL_UNSPEC] = { .type = NLA_U8 },
1385 struct wpa_scan_results *res = arg;
1386 struct wpa_scan_res **tmp;
1387 struct wpa_scan_res *r;
1391 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
1392 genlmsg_attrlen(gnlh, 0), NULL);
1393 if (!tb[NL80211_ATTR_BSS])
1395 if (nla_parse_nested(bss, NL80211_BSS_MAX, tb[NL80211_ATTR_BSS],
1398 if (bss[NL80211_BSS_INFORMATION_ELEMENTS]) {
1399 ie = nla_data(bss[NL80211_BSS_INFORMATION_ELEMENTS]);
1400 ie_len = nla_len(bss[NL80211_BSS_INFORMATION_ELEMENTS]);
1406 r = os_zalloc(sizeof(*r) + ie_len);
1409 if (bss[NL80211_BSS_BSSID])
1410 os_memcpy(r->bssid, nla_data(bss[NL80211_BSS_BSSID]),
1412 if (bss[NL80211_BSS_FREQUENCY])
1413 r->freq = nla_get_u32(bss[NL80211_BSS_FREQUENCY]);
1414 if (bss[NL80211_BSS_BEACON_INTERVAL])
1415 r->beacon_int = nla_get_u16(bss[NL80211_BSS_BEACON_INTERVAL]);
1416 if (bss[NL80211_BSS_CAPABILITY])
1417 r->caps = nla_get_u16(bss[NL80211_BSS_CAPABILITY]);
1418 r->flags |= WPA_SCAN_NOISE_INVALID;
1419 if (bss[NL80211_BSS_SIGNAL_MBM]) {
1420 r->level = nla_get_u32(bss[NL80211_BSS_SIGNAL_MBM]);
1421 r->level /= 100; /* mBm to dBm */
1422 r->flags |= WPA_SCAN_LEVEL_DBM | WPA_SCAN_QUAL_INVALID;
1423 } else if (bss[NL80211_BSS_SIGNAL_UNSPEC]) {
1424 r->level = nla_get_u8(bss[NL80211_BSS_SIGNAL_UNSPEC]);
1425 r->flags |= WPA_SCAN_LEVEL_INVALID;
1427 r->flags |= WPA_SCAN_LEVEL_INVALID | WPA_SCAN_QUAL_INVALID;
1428 if (bss[NL80211_BSS_TSF])
1429 r->tsf = nla_get_u64(bss[NL80211_BSS_TSF]);
1432 os_memcpy(r + 1, ie, ie_len);
1434 tmp = os_realloc(res->res,
1435 (res->num + 1) * sizeof(struct wpa_scan_res *));
1440 tmp[res->num++] = r;
1448 * wpa_driver_nl80211_get_scan_results - Fetch the latest scan results
1449 * @priv: Pointer to private wext data from wpa_driver_nl80211_init()
1450 * Returns: Scan results on success, -1 on failure
1452 static struct wpa_scan_results *
1453 wpa_driver_nl80211_get_scan_results(void *priv)
1455 struct wpa_driver_nl80211_data *drv = priv;
1457 struct wpa_scan_results *res;
1460 res = os_zalloc(sizeof(*res));
1463 msg = nlmsg_alloc();
1465 goto nla_put_failure;
1467 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, NLM_F_DUMP,
1468 NL80211_CMD_GET_SCAN, 0);
1469 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
1471 ret = send_and_recv_msgs(drv, msg, bss_info_handler, res);
1474 wpa_printf(MSG_DEBUG, "Received scan results (%lu BSSes)",
1475 (unsigned long) res->num);
1478 wpa_printf(MSG_DEBUG, "nl80211: Scan result fetch failed: ret=%d "
1479 "(%s)", ret, strerror(-ret));
1482 wpa_scan_results_free(res);
1487 static int nl_set_encr(int ifindex, struct wpa_driver_nl80211_data *drv,
1488 wpa_alg alg, const u8 *addr, int key_idx, int set_tx,
1489 const u8 *seq, size_t seq_len,
1490 const u8 *key, size_t key_len)
1495 wpa_printf(MSG_DEBUG, "%s: ifindex=%d alg=%d addr=%p key_idx=%d "
1496 "set_tx=%d seq_len=%lu key_len=%lu",
1497 __func__, ifindex, alg, addr, key_idx, set_tx,
1498 (unsigned long) seq_len, (unsigned long) key_len);
1500 msg = nlmsg_alloc();
1504 if (alg == WPA_ALG_NONE) {
1505 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
1506 0, NL80211_CMD_DEL_KEY, 0);
1508 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
1509 0, NL80211_CMD_NEW_KEY, 0);
1510 NLA_PUT(msg, NL80211_ATTR_KEY_DATA, key_len, key);
1514 NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
1517 NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
1521 NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER, 0x000FAC02);
1524 NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER, 0x000FAC04);
1527 NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER, 0x000FAC06);
1530 wpa_printf(MSG_ERROR, "%s: Unsupported encryption "
1531 "algorithm %d", __func__, alg);
1538 NLA_PUT(msg, NL80211_ATTR_KEY_SEQ, seq_len, seq);
1540 if (addr && os_memcmp(addr, "\xff\xff\xff\xff\xff\xff", ETH_ALEN) != 0)
1542 wpa_printf(MSG_DEBUG, " addr=" MACSTR, MAC2STR(addr));
1543 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
1545 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, key_idx);
1546 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifindex);
1548 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
1549 if (ret == -ENOENT && alg == WPA_ALG_NONE)
1552 wpa_printf(MSG_DEBUG, "nl80211: set_key failed; err=%d %s)",
1553 ret, strerror(-ret));
1556 * If we failed or don't need to set the default TX key (below),
1559 if (ret || !set_tx || alg == WPA_ALG_NONE)
1561 #ifdef HOSTAPD /* FIX: is this needed? */
1564 #endif /* HOSTAPD */
1566 msg = nlmsg_alloc();
1570 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
1571 0, NL80211_CMD_SET_KEY, 0);
1572 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, key_idx);
1573 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifindex);
1574 if (alg == WPA_ALG_IGTK)
1575 NLA_PUT_FLAG(msg, NL80211_ATTR_KEY_DEFAULT_MGMT);
1577 NLA_PUT_FLAG(msg, NL80211_ATTR_KEY_DEFAULT);
1579 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
1583 wpa_printf(MSG_DEBUG, "nl80211: set_key default failed; "
1584 "err=%d %s)", ret, strerror(-ret));
1592 static int wpa_driver_nl80211_set_key(void *priv, wpa_alg alg,
1593 const u8 *addr, int key_idx,
1594 int set_tx, const u8 *seq,
1596 const u8 *key, size_t key_len)
1598 struct wpa_driver_nl80211_data *drv = priv;
1599 return nl_set_encr(drv->ifindex, drv, alg, addr, key_idx, set_tx, seq,
1600 seq_len, key, key_len);
1604 static int wpa_driver_nl80211_mlme(struct wpa_driver_nl80211_data *drv,
1605 const u8 *addr, int cmd, u16 reason_code)
1610 msg = nlmsg_alloc();
1614 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0, cmd, 0);
1616 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
1617 NLA_PUT_U16(msg, NL80211_ATTR_REASON_CODE, reason_code);
1618 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
1620 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
1623 wpa_printf(MSG_DEBUG, "nl80211: MLME command failed: ret=%d "
1624 "(%s)", ret, strerror(-ret));
1625 goto nla_put_failure;
1635 static int wpa_driver_nl80211_deauthenticate(void *priv, const u8 *addr,
1638 struct wpa_driver_nl80211_data *drv = priv;
1639 wpa_printf(MSG_DEBUG, "%s", __func__);
1640 return wpa_driver_nl80211_mlme(drv, addr, NL80211_CMD_DEAUTHENTICATE,
1645 static int wpa_driver_nl80211_disassociate(void *priv, const u8 *addr,
1648 struct wpa_driver_nl80211_data *drv = priv;
1649 wpa_printf(MSG_DEBUG, "%s", __func__);
1650 return wpa_driver_nl80211_mlme(drv, addr, NL80211_CMD_DISASSOCIATE,
1655 static int wpa_driver_nl80211_authenticate(
1656 void *priv, struct wpa_driver_auth_params *params)
1658 struct wpa_driver_nl80211_data *drv = priv;
1661 enum nl80211_auth_type type;
1663 drv->associated = 0;
1665 msg = nlmsg_alloc();
1669 wpa_printf(MSG_DEBUG, "nl80211: Authenticate (ifindex=%d)",
1672 for (i = 0; i < 4; i++) {
1673 if (!params->wep_key[i])
1675 wpa_driver_nl80211_set_key(drv, WPA_ALG_WEP, NULL, i,
1676 i == params->wep_tx_keyidx, NULL, 0,
1678 params->wep_key_len[i]);
1681 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
1682 NL80211_CMD_AUTHENTICATE, 0);
1684 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
1685 if (params->bssid) {
1686 wpa_printf(MSG_DEBUG, " * bssid=" MACSTR,
1687 MAC2STR(params->bssid));
1688 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid);
1691 wpa_printf(MSG_DEBUG, " * freq=%d", params->freq);
1692 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, params->freq);
1695 wpa_hexdump_ascii(MSG_DEBUG, " * SSID",
1696 params->ssid, params->ssid_len);
1697 NLA_PUT(msg, NL80211_ATTR_SSID, params->ssid_len,
1700 wpa_hexdump(MSG_DEBUG, " * IEs", params->ie, params->ie_len);
1702 NLA_PUT(msg, NL80211_ATTR_IE, params->ie_len, params->ie);
1704 * TODO: if multiple auth_alg options enabled, try them one by one if
1705 * the AP rejects authentication due to unknown auth alg
1707 if (params->auth_alg & AUTH_ALG_OPEN_SYSTEM)
1708 type = NL80211_AUTHTYPE_OPEN_SYSTEM;
1709 else if (params->auth_alg & AUTH_ALG_SHARED_KEY)
1710 type = NL80211_AUTHTYPE_SHARED_KEY;
1711 else if (params->auth_alg & AUTH_ALG_LEAP)
1712 type = NL80211_AUTHTYPE_NETWORK_EAP;
1713 else if (params->auth_alg & AUTH_ALG_FT)
1714 type = NL80211_AUTHTYPE_FT;
1716 goto nla_put_failure;
1717 wpa_printf(MSG_DEBUG, " * Auth Type %d", type);
1718 NLA_PUT_U32(msg, NL80211_ATTR_AUTH_TYPE, type);
1720 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
1723 wpa_printf(MSG_DEBUG, "nl80211: MLME command failed: ret=%d "
1724 "(%s)", ret, strerror(-ret));
1725 goto nla_put_failure;
1728 wpa_printf(MSG_DEBUG, "nl80211: Authentication request send "
1737 #if defined(CONFIG_AP) || defined(HOSTAPD)
1739 struct phy_info_arg {
1741 struct hostapd_hw_modes *modes;
1744 static int phy_info_handler(struct nl_msg *msg, void *arg)
1746 struct nlattr *tb_msg[NL80211_ATTR_MAX + 1];
1747 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
1748 struct phy_info_arg *phy_info = arg;
1750 struct nlattr *tb_band[NL80211_BAND_ATTR_MAX + 1];
1752 struct nlattr *tb_freq[NL80211_FREQUENCY_ATTR_MAX + 1];
1753 static struct nla_policy freq_policy[NL80211_FREQUENCY_ATTR_MAX + 1] = {
1754 [NL80211_FREQUENCY_ATTR_FREQ] = { .type = NLA_U32 },
1755 [NL80211_FREQUENCY_ATTR_DISABLED] = { .type = NLA_FLAG },
1756 [NL80211_FREQUENCY_ATTR_PASSIVE_SCAN] = { .type = NLA_FLAG },
1757 [NL80211_FREQUENCY_ATTR_NO_IBSS] = { .type = NLA_FLAG },
1758 [NL80211_FREQUENCY_ATTR_RADAR] = { .type = NLA_FLAG },
1759 [NL80211_FREQUENCY_ATTR_MAX_TX_POWER] = { .type = NLA_U32 },
1762 struct nlattr *tb_rate[NL80211_BITRATE_ATTR_MAX + 1];
1763 static struct nla_policy rate_policy[NL80211_BITRATE_ATTR_MAX + 1] = {
1764 [NL80211_BITRATE_ATTR_RATE] = { .type = NLA_U32 },
1765 [NL80211_BITRATE_ATTR_2GHZ_SHORTPREAMBLE] = { .type = NLA_FLAG },
1768 struct nlattr *nl_band;
1769 struct nlattr *nl_freq;
1770 struct nlattr *nl_rate;
1771 int rem_band, rem_freq, rem_rate;
1772 struct hostapd_hw_modes *mode;
1773 int idx, mode_is_set;
1775 nla_parse(tb_msg, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
1776 genlmsg_attrlen(gnlh, 0), NULL);
1778 if (!tb_msg[NL80211_ATTR_WIPHY_BANDS])
1781 nla_for_each_nested(nl_band, tb_msg[NL80211_ATTR_WIPHY_BANDS], rem_band) {
1782 mode = realloc(phy_info->modes, (*phy_info->num_modes + 1) * sizeof(*mode));
1785 phy_info->modes = mode;
1789 mode = &phy_info->modes[*(phy_info->num_modes)];
1790 memset(mode, 0, sizeof(*mode));
1791 *(phy_info->num_modes) += 1;
1793 nla_parse(tb_band, NL80211_BAND_ATTR_MAX, nla_data(nl_band),
1794 nla_len(nl_band), NULL);
1796 if (tb_band[NL80211_BAND_ATTR_HT_CAPA]) {
1797 mode->ht_capab = nla_get_u16(
1798 tb_band[NL80211_BAND_ATTR_HT_CAPA]);
1801 nla_for_each_nested(nl_freq, tb_band[NL80211_BAND_ATTR_FREQS], rem_freq) {
1802 nla_parse(tb_freq, NL80211_FREQUENCY_ATTR_MAX, nla_data(nl_freq),
1803 nla_len(nl_freq), freq_policy);
1804 if (!tb_freq[NL80211_FREQUENCY_ATTR_FREQ])
1806 mode->num_channels++;
1809 mode->channels = calloc(mode->num_channels, sizeof(struct hostapd_channel_data));
1810 if (!mode->channels)
1815 nla_for_each_nested(nl_freq, tb_band[NL80211_BAND_ATTR_FREQS], rem_freq) {
1816 nla_parse(tb_freq, NL80211_FREQUENCY_ATTR_MAX, nla_data(nl_freq),
1817 nla_len(nl_freq), freq_policy);
1818 if (!tb_freq[NL80211_FREQUENCY_ATTR_FREQ])
1821 mode->channels[idx].freq = nla_get_u32(tb_freq[NL80211_FREQUENCY_ATTR_FREQ]);
1822 mode->channels[idx].flag = 0;
1825 /* crude heuristic */
1826 if (mode->channels[idx].freq < 4000)
1827 mode->mode = HOSTAPD_MODE_IEEE80211B;
1829 mode->mode = HOSTAPD_MODE_IEEE80211A;
1833 /* crude heuristic */
1834 if (mode->channels[idx].freq < 4000)
1835 if (mode->channels[idx].freq == 2484)
1836 mode->channels[idx].chan = 14;
1838 mode->channels[idx].chan = (mode->channels[idx].freq - 2407) / 5;
1840 mode->channels[idx].chan = mode->channels[idx].freq/5 - 1000;
1842 if (tb_freq[NL80211_FREQUENCY_ATTR_DISABLED])
1843 mode->channels[idx].flag |=
1844 HOSTAPD_CHAN_DISABLED;
1845 if (tb_freq[NL80211_FREQUENCY_ATTR_PASSIVE_SCAN])
1846 mode->channels[idx].flag |=
1847 HOSTAPD_CHAN_PASSIVE_SCAN;
1848 if (tb_freq[NL80211_FREQUENCY_ATTR_NO_IBSS])
1849 mode->channels[idx].flag |=
1850 HOSTAPD_CHAN_NO_IBSS;
1851 if (tb_freq[NL80211_FREQUENCY_ATTR_RADAR])
1852 mode->channels[idx].flag |=
1855 if (tb_freq[NL80211_FREQUENCY_ATTR_MAX_TX_POWER] &&
1856 !tb_freq[NL80211_FREQUENCY_ATTR_DISABLED])
1857 mode->channels[idx].max_tx_power =
1858 nla_get_u32(tb_freq[NL80211_FREQUENCY_ATTR_MAX_TX_POWER]) / 100;
1863 nla_for_each_nested(nl_rate, tb_band[NL80211_BAND_ATTR_RATES], rem_rate) {
1864 nla_parse(tb_rate, NL80211_BITRATE_ATTR_MAX, nla_data(nl_rate),
1865 nla_len(nl_rate), rate_policy);
1866 if (!tb_rate[NL80211_BITRATE_ATTR_RATE])
1871 mode->rates = calloc(mode->num_rates, sizeof(struct hostapd_rate_data));
1877 nla_for_each_nested(nl_rate, tb_band[NL80211_BAND_ATTR_RATES], rem_rate) {
1878 nla_parse(tb_rate, NL80211_BITRATE_ATTR_MAX, nla_data(nl_rate),
1879 nla_len(nl_rate), rate_policy);
1880 if (!tb_rate[NL80211_BITRATE_ATTR_RATE])
1882 mode->rates[idx].rate = nla_get_u32(tb_rate[NL80211_BITRATE_ATTR_RATE]);
1884 /* crude heuristic */
1885 if (mode->mode == HOSTAPD_MODE_IEEE80211B &&
1886 mode->rates[idx].rate > 200)
1887 mode->mode = HOSTAPD_MODE_IEEE80211G;
1889 if (tb_rate[NL80211_BITRATE_ATTR_2GHZ_SHORTPREAMBLE])
1890 mode->rates[idx].flags |= HOSTAPD_RATE_PREAMBLE2;
1899 static struct hostapd_hw_modes *
1900 wpa_driver_nl80211_add_11b(struct hostapd_hw_modes *modes, u16 *num_modes)
1903 struct hostapd_hw_modes *mode11g = NULL, *nmodes, *mode;
1904 int i, mode11g_idx = -1;
1906 /* If only 802.11g mode is included, use it to construct matching
1907 * 802.11b mode data. */
1909 for (m = 0; m < *num_modes; m++) {
1910 if (modes[m].mode == HOSTAPD_MODE_IEEE80211B)
1911 return modes; /* 802.11b already included */
1912 if (modes[m].mode == HOSTAPD_MODE_IEEE80211G)
1916 if (mode11g_idx < 0)
1917 return modes; /* 2.4 GHz band not supported at all */
1919 nmodes = os_realloc(modes, (*num_modes + 1) * sizeof(*nmodes));
1921 return modes; /* Could not add 802.11b mode */
1923 mode = &nmodes[*num_modes];
1924 os_memset(mode, 0, sizeof(*mode));
1928 mode->mode = HOSTAPD_MODE_IEEE80211B;
1930 mode11g = &modes[mode11g_idx];
1931 mode->num_channels = mode11g->num_channels;
1932 mode->channels = os_malloc(mode11g->num_channels *
1933 sizeof(struct hostapd_channel_data));
1934 if (mode->channels == NULL) {
1936 return modes; /* Could not add 802.11b mode */
1938 os_memcpy(mode->channels, mode11g->channels,
1939 mode11g->num_channels * sizeof(struct hostapd_channel_data));
1941 mode->num_rates = 0;
1942 mode->rates = os_malloc(4 * sizeof(struct hostapd_rate_data));
1943 if (mode->rates == NULL) {
1944 os_free(mode->channels);
1946 return modes; /* Could not add 802.11b mode */
1949 for (i = 0; i < mode11g->num_rates; i++) {
1950 if (mode11g->rates[i].rate > 110 ||
1951 mode11g->rates[i].flags &
1952 (HOSTAPD_RATE_ERP | HOSTAPD_RATE_OFDM))
1954 mode->rates[mode->num_rates] = mode11g->rates[i];
1956 if (mode->num_rates == 4)
1960 if (mode->num_rates == 0) {
1961 os_free(mode->channels);
1962 os_free(mode->rates);
1964 return modes; /* No 802.11b rates */
1967 wpa_printf(MSG_DEBUG, "nl80211: Added 802.11b mode based on 802.11g "
1974 static struct hostapd_hw_modes *
1975 wpa_driver_nl80211_get_hw_feature_data(void *priv, u16 *num_modes, u16 *flags)
1977 struct wpa_driver_nl80211_data *drv = priv;
1979 struct phy_info_arg result = {
1980 .num_modes = num_modes,
1987 msg = nlmsg_alloc();
1991 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
1992 0, NL80211_CMD_GET_WIPHY, 0);
1994 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
1996 if (send_and_recv_msgs(drv, msg, phy_info_handler, &result) == 0)
1997 return wpa_driver_nl80211_add_11b(result.modes, num_modes);
2003 static int wpa_driver_nl80211_send_frame(struct wpa_driver_nl80211_data *drv,
2004 const void *data, size_t len,
2008 0x00, 0x00, /* radiotap version */
2009 0x0e, 0x00, /* radiotap length */
2010 0x02, 0xc0, 0x00, 0x00, /* bmap: flags, tx and rx flags */
2011 IEEE80211_RADIOTAP_F_FRAG, /* F_FRAG (fragment if required) */
2013 0x00, 0x00, /* RX and TX flags to indicate that */
2014 0x00, 0x00, /* this is the injected frame directly */
2016 struct iovec iov[2] = {
2018 .iov_base = &rtap_hdr,
2019 .iov_len = sizeof(rtap_hdr),
2022 .iov_base = (void *) data,
2026 struct msghdr msg = {
2031 .msg_control = NULL,
2032 .msg_controllen = 0,
2037 rtap_hdr[8] |= IEEE80211_RADIOTAP_F_WEP;
2039 return sendmsg(drv->monitor_sock, &msg, 0);
2043 static int wpa_driver_nl80211_send_mlme(void *priv, const u8 *data,
2046 struct wpa_driver_nl80211_data *drv = priv;
2047 struct ieee80211_mgmt *mgmt;
2048 int do_not_encrypt = 0;
2051 mgmt = (struct ieee80211_mgmt *) data;
2052 fc = le_to_host16(mgmt->frame_control);
2054 if (WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT &&
2055 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_AUTH) {
2057 * Only one of the authentication frame types is encrypted.
2058 * In order for static WEP encryption to work properly (i.e.,
2059 * to not encrypt the frame), we need to tell mac80211 about
2060 * the frames that must not be encrypted.
2062 u16 auth_alg = le_to_host16(mgmt->u.auth.auth_alg);
2063 u16 auth_trans = le_to_host16(mgmt->u.auth.auth_transaction);
2064 if (auth_alg == WLAN_AUTH_OPEN ||
2065 (auth_alg == WLAN_AUTH_SHARED_KEY && auth_trans != 3))
2069 return wpa_driver_nl80211_send_frame(drv, data, data_len,
2074 static int wpa_driver_nl80211_set_beacon_iface(int ifindex, void *priv,
2075 const u8 *head, size_t head_len,
2076 const u8 *tail, size_t tail_len,
2079 struct wpa_driver_nl80211_data *drv = priv;
2081 u8 cmd = NL80211_CMD_NEW_BEACON;
2085 struct i802_bss *bss;
2087 bss = get_bss(drv, ifindex);
2090 beacon_set = bss->beacon_set;
2092 beacon_set = drv->beacon_set;
2093 #endif /* HOSTAPD */
2095 msg = nlmsg_alloc();
2099 wpa_printf(MSG_DEBUG, "nl80211: Set beacon (beacon_set=%d)",
2102 cmd = NL80211_CMD_SET_BEACON;
2104 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
2106 NLA_PUT(msg, NL80211_ATTR_BEACON_HEAD, head_len, head);
2107 NLA_PUT(msg, NL80211_ATTR_BEACON_TAIL, tail_len, tail);
2108 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifindex);
2109 if (!drv->beacon_int)
2110 drv->beacon_int = 100;
2111 NLA_PUT_U32(msg, NL80211_ATTR_BEACON_INTERVAL, drv->beacon_int);
2112 NLA_PUT_U32(msg, NL80211_ATTR_DTIM_PERIOD, dtim_period);
2114 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
2116 wpa_printf(MSG_DEBUG, "nl80211: Beacon set failed: %d (%s)",
2117 ret, strerror(-ret));
2120 bss->beacon_set = 1;
2122 drv->beacon_set = 1;
2123 #endif /* HOSTAPD */
2131 static int wpa_driver_nl80211_set_beacon_int(void *priv, int value)
2133 struct wpa_driver_nl80211_data *drv = priv;
2136 drv->beacon_int = value;
2139 if (!drv->bss.beacon_set)
2142 if (!drv->beacon_set)
2144 #endif /* HOSTAPD */
2146 msg = nlmsg_alloc();
2150 wpa_printf(MSG_DEBUG, "nl80211: Set beacon interval %d", value);
2151 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
2152 0, NL80211_CMD_SET_BEACON, 0);
2153 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
2155 NLA_PUT_U32(msg, NL80211_ATTR_BEACON_INTERVAL, value);
2157 return send_and_recv_msgs(drv, msg, NULL, NULL);
2163 static int wpa_driver_nl80211_set_freq(struct wpa_driver_nl80211_data *drv,
2164 int freq, int ht_enabled,
2165 int sec_channel_offset)
2170 msg = nlmsg_alloc();
2174 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
2175 NL80211_CMD_SET_WIPHY, 0);
2177 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
2178 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, freq);
2180 switch (sec_channel_offset) {
2182 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE,
2183 NL80211_CHAN_HT40MINUS);
2186 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE,
2187 NL80211_CHAN_HT40PLUS);
2190 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE,
2196 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
2199 wpa_printf(MSG_DEBUG, "nl80211: Failed to set channel (freq=%d): "
2200 "%d (%s)", freq, ret, strerror(-ret));
2205 #endif /* CONFIG_AP || HOSTAPD */
2210 static int wpa_driver_nl80211_set_beacon(void *priv,
2211 const u8 *head, size_t head_len,
2212 const u8 *tail, size_t tail_len,
2215 struct wpa_driver_nl80211_data *drv = priv;
2216 return wpa_driver_nl80211_set_beacon_iface(drv->ifindex, priv,
2222 #endif /* CONFIG_AP */
2224 #if defined(CONFIG_AP) || defined(HOSTAPD)
2226 static void nl80211_remove_iface(struct wpa_driver_nl80211_data *drv,
2232 /* stop listening for EAPOL on this interface */
2233 del_ifidx(drv, ifidx);
2234 #endif /* HOSTAPD */
2236 msg = nlmsg_alloc();
2238 goto nla_put_failure;
2240 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
2241 0, NL80211_CMD_DEL_INTERFACE, 0);
2242 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifidx);
2244 if (send_and_recv_msgs(drv, msg, NULL, NULL) == 0)
2247 wpa_printf(MSG_ERROR, "Failed to remove interface (ifidx=%d).\n",
2252 static int nl80211_create_iface(struct wpa_driver_nl80211_data *drv,
2253 const char *ifname, enum nl80211_iftype iftype,
2256 struct nl_msg *msg, *flags = NULL;
2263 #endif /* NO_WEXT */
2264 #endif /* HOSTAPD */
2266 msg = nlmsg_alloc();
2270 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
2271 0, NL80211_CMD_NEW_INTERFACE, 0);
2272 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
2273 NLA_PUT_STRING(msg, NL80211_ATTR_IFNAME, ifname);
2274 NLA_PUT_U32(msg, NL80211_ATTR_IFTYPE, iftype);
2276 if (iftype == NL80211_IFTYPE_MONITOR) {
2279 flags = nlmsg_alloc();
2281 goto nla_put_failure;
2283 NLA_PUT_FLAG(flags, NL80211_MNTR_FLAG_COOK_FRAMES);
2285 err = nla_put_nested(msg, NL80211_ATTR_MNTR_FLAGS, flags);
2290 goto nla_put_failure;
2293 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
2296 wpa_printf(MSG_ERROR, "Failed to create interface %s.",
2301 ifidx = if_nametoindex(ifname);
2307 /* start listening for EAPOL on this interface */
2308 add_ifidx(drv, ifidx);
2312 case NL80211_IFTYPE_AP:
2313 os_strlcpy(ifreq.ifr_name, ifname, IFNAMSIZ);
2314 memcpy(ifreq.ifr_hwaddr.sa_data, addr, ETH_ALEN);
2315 ifreq.ifr_hwaddr.sa_family = ARPHRD_ETHER;
2317 if (ioctl(drv->ioctl_sock, SIOCSIFHWADDR, &ifreq)) {
2318 nl80211_remove_iface(drv, ifidx);
2322 case NL80211_IFTYPE_WDS:
2326 memset(&iwr, 0, sizeof(iwr));
2327 os_strlcpy(iwr.ifr_name, ifname, IFNAMSIZ);
2328 iwr.u.addr.sa_family = ARPHRD_ETHER;
2329 memcpy(iwr.u.addr.sa_data, addr, ETH_ALEN);
2330 if (ioctl(drv->ioctl_sock, SIOCSIWAP, &iwr))
2333 #endif /* NO_WEXT */
2339 #endif /* HOSTAPD */
2344 #endif /* CONFIG_AP || HOSTAPD */
2348 void ap_tx_status(void *ctx, const u8 *addr,
2349 const u8 *buf, size_t len, int ack);
2350 void ap_rx_from_unknown_sta(void *ctx, const u8 *addr);
2351 void ap_mgmt_rx(void *ctx, u8 *buf, size_t len, u16 stype,
2352 struct hostapd_frame_info *fi);
2353 void ap_mgmt_tx_cb(void *ctx, u8 *buf, size_t len, u16 stype, int ok);
2355 #endif /* CONFIG_AP */
2357 #if defined(CONFIG_AP) || defined(HOSTAPD)
2359 static void handle_tx_callback(void *ctx, u8 *buf, size_t len, int ok)
2361 struct ieee80211_hdr *hdr;
2362 u16 fc, type, stype;
2364 hdr = (struct ieee80211_hdr *) buf;
2365 fc = le_to_host16(hdr->frame_control);
2367 type = WLAN_FC_GET_TYPE(fc);
2368 stype = WLAN_FC_GET_STYPE(fc);
2371 case WLAN_FC_TYPE_MGMT:
2372 wpa_printf(MSG_DEBUG, "MGMT (TX callback) %s",
2373 ok ? "ACK" : "fail");
2375 hostapd_mgmt_tx_cb(ctx, buf, len, stype, ok);
2377 ap_mgmt_tx_cb(ctx, buf, len, stype, ok);
2378 #endif /* HOSTAPD */
2380 case WLAN_FC_TYPE_CTRL:
2381 wpa_printf(MSG_DEBUG, "CTRL (TX callback) %s",
2382 ok ? "ACK" : "fail");
2384 case WLAN_FC_TYPE_DATA:
2386 hostapd_tx_status(ctx, hdr->addr1, buf, len, ok);
2388 ap_tx_status(ctx, hdr->addr1, buf, len, ok);
2389 #endif /* HOSTAPD */
2392 wpa_printf(MSG_DEBUG, "unknown TX callback frame type %d",
2399 static void handle_frame(struct wpa_driver_nl80211_data *drv,
2400 u8 *buf, size_t len,
2401 struct hostapd_frame_info *hfi,
2402 enum ieee80211_msg_type msg_type)
2404 struct ieee80211_hdr *hdr;
2405 u16 fc, type, stype;
2406 size_t data_len = len;
2408 void *ctx = drv->ctx;
2410 struct hostapd_iface *iface = drv->hapd->iface;
2411 struct hostapd_data *hapd = NULL;
2412 int broadcast_bssid = 0;
2414 #endif /* HOSTAPD */
2417 * PS-Poll frames are 16 bytes. All other frames are
2418 * 24 bytes or longer.
2423 hdr = (struct ieee80211_hdr *) buf;
2424 fc = le_to_host16(hdr->frame_control);
2426 type = WLAN_FC_GET_TYPE(fc);
2427 stype = WLAN_FC_GET_STYPE(fc);
2430 case WLAN_FC_TYPE_DATA:
2433 switch (fc & (WLAN_FC_FROMDS | WLAN_FC_TODS)) {
2437 case WLAN_FC_FROMDS:
2445 case WLAN_FC_TYPE_CTRL:
2446 /* discard non-ps-poll frames */
2447 if (stype != WLAN_FC_STYPE_PSPOLL)
2451 case WLAN_FC_TYPE_MGMT:
2460 /* find interface frame belongs to */
2461 for (i = 0; i < iface->num_bss; i++) {
2462 if (memcmp(bssid, iface->bss[i]->own_addr, ETH_ALEN) == 0) {
2463 hapd = iface->bss[i];
2469 hapd = iface->bss[0];
2471 if (bssid[0] != 0xff || bssid[1] != 0xff ||
2472 bssid[2] != 0xff || bssid[3] != 0xff ||
2473 bssid[4] != 0xff || bssid[5] != 0xff) {
2475 * Unknown BSSID - drop frame if this is not from
2476 * passive scanning or a beacon (at least ProbeReq
2477 * frames to other APs may be allowed through RX
2478 * filtering in the wlan hw/driver)
2480 if ((type != WLAN_FC_TYPE_MGMT ||
2481 stype != WLAN_FC_STYPE_BEACON))
2484 broadcast_bssid = 1;
2487 #endif /* HOSTAPD */
2490 case ieee80211_msg_normal:
2491 /* continue processing */
2493 case ieee80211_msg_tx_callback_ack:
2494 handle_tx_callback(ctx, buf, data_len, 1);
2496 case ieee80211_msg_tx_callback_fail:
2497 handle_tx_callback(ctx, buf, data_len, 0);
2502 case WLAN_FC_TYPE_MGMT:
2503 if (stype != WLAN_FC_STYPE_BEACON &&
2504 stype != WLAN_FC_STYPE_PROBE_REQ)
2505 wpa_printf(MSG_MSGDUMP, "MGMT");
2507 if (broadcast_bssid) {
2508 for (i = 0; i < iface->num_bss; i++)
2509 hostapd_mgmt_rx(iface->bss[i], buf, data_len,
2512 hostapd_mgmt_rx(hapd, buf, data_len, stype, hfi);
2514 ap_mgmt_rx(drv->ctx, buf, data_len, stype, hfi);
2515 #endif /* HOSTAPD */
2517 case WLAN_FC_TYPE_CTRL:
2518 /* can only get here with PS-Poll frames */
2519 wpa_printf(MSG_DEBUG, "CTRL");
2521 hostapd_rx_from_unknown_sta(drv->hapd, hdr->addr2);
2523 ap_rx_from_unknown_sta(drv->ctx, hdr->addr2);
2524 #endif /* HOSTAPD */
2526 case WLAN_FC_TYPE_DATA:
2528 hostapd_rx_from_unknown_sta(drv->hapd, hdr->addr2);
2530 ap_rx_from_unknown_sta(drv->ctx, hdr->addr2);
2531 #endif /* HOSTAPD */
2537 static void handle_monitor_read(int sock, void *eloop_ctx, void *sock_ctx)
2539 struct wpa_driver_nl80211_data *drv = eloop_ctx;
2541 unsigned char buf[3000];
2542 struct ieee80211_radiotap_iterator iter;
2544 struct hostapd_frame_info hfi;
2545 int injected = 0, failed = 0, msg_type, rxflags = 0;
2547 len = recv(sock, buf, sizeof(buf), 0);
2553 if (ieee80211_radiotap_iterator_init(&iter, (void*)buf, len)) {
2554 printf("received invalid radiotap frame\n");
2558 memset(&hfi, 0, sizeof(hfi));
2561 ret = ieee80211_radiotap_iterator_next(&iter);
2565 printf("received invalid radiotap frame (%d)\n", ret);
2568 switch (iter.this_arg_index) {
2569 case IEEE80211_RADIOTAP_FLAGS:
2570 if (*iter.this_arg & IEEE80211_RADIOTAP_F_FCS)
2573 case IEEE80211_RADIOTAP_RX_FLAGS:
2576 case IEEE80211_RADIOTAP_TX_FLAGS:
2578 failed = le_to_host16((*(uint16_t *) iter.this_arg)) &
2579 IEEE80211_RADIOTAP_F_TX_FAIL;
2581 case IEEE80211_RADIOTAP_DATA_RETRIES:
2583 case IEEE80211_RADIOTAP_CHANNEL:
2584 /* TODO convert from freq/flags to channel number
2589 case IEEE80211_RADIOTAP_RATE:
2590 hfi.datarate = *iter.this_arg * 5;
2592 case IEEE80211_RADIOTAP_DB_ANTSIGNAL:
2593 hfi.ssi_signal = *iter.this_arg;
2598 if (rxflags && injected)
2602 msg_type = ieee80211_msg_normal;
2604 msg_type = ieee80211_msg_tx_callback_fail;
2606 msg_type = ieee80211_msg_tx_callback_ack;
2608 handle_frame(drv, buf + iter.max_length,
2609 len - iter.max_length, &hfi, msg_type);
2614 * we post-process the filter code later and rewrite
2615 * this to the offset to the last instruction
2620 static struct sock_filter msock_filter_insns[] = {
2622 * do a little-endian load of the radiotap length field
2624 /* load lower byte into A */
2625 BPF_STMT(BPF_LD | BPF_B | BPF_ABS, 2),
2626 /* put it into X (== index register) */
2627 BPF_STMT(BPF_MISC| BPF_TAX, 0),
2628 /* load upper byte into A */
2629 BPF_STMT(BPF_LD | BPF_B | BPF_ABS, 3),
2630 /* left-shift it by 8 */
2631 BPF_STMT(BPF_ALU | BPF_LSH | BPF_K, 8),
2633 BPF_STMT(BPF_ALU | BPF_OR | BPF_X, 0),
2634 /* put result into X */
2635 BPF_STMT(BPF_MISC| BPF_TAX, 0),
2638 * Allow management frames through, this also gives us those
2639 * management frames that we sent ourselves with status
2641 /* load the lower byte of the IEEE 802.11 frame control field */
2642 BPF_STMT(BPF_LD | BPF_B | BPF_IND, 0),
2643 /* mask off frame type and version */
2644 BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0xF),
2645 /* accept frame if it's both 0, fall through otherwise */
2646 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 0, PASS, 0),
2649 * TODO: add a bit to radiotap RX flags that indicates
2650 * that the sending station is not associated, then
2651 * add a filter here that filters on our DA and that flag
2652 * to allow us to deauth frames to that bad station.
2654 * Not a regression -- we didn't do it before either.
2659 * drop non-data frames, WDS frames
2661 /* load the lower byte of the frame control field */
2662 BPF_STMT(BPF_LD | BPF_B | BPF_IND, 0),
2663 /* mask off QoS bit */
2664 BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0x0c),
2665 /* drop non-data frames */
2666 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 8, 0, FAIL),
2667 /* load the upper byte of the frame control field */
2668 BPF_STMT(BPF_LD | BPF_B | BPF_IND, 0),
2669 /* mask off toDS/fromDS */
2670 BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0x03),
2671 /* drop WDS frames */
2672 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 3, FAIL, 0),
2676 * add header length to index
2678 /* load the lower byte of the frame control field */
2679 BPF_STMT(BPF_LD | BPF_B | BPF_IND, 0),
2680 /* mask off QoS bit */
2681 BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0x80),
2682 /* right shift it by 6 to give 0 or 2 */
2683 BPF_STMT(BPF_ALU | BPF_RSH | BPF_K, 6),
2684 /* add data frame header length */
2685 BPF_STMT(BPF_ALU | BPF_ADD | BPF_K, 24),
2686 /* add index, was start of 802.11 header */
2687 BPF_STMT(BPF_ALU | BPF_ADD | BPF_X, 0),
2688 /* move to index, now start of LL header */
2689 BPF_STMT(BPF_MISC | BPF_TAX, 0),
2692 * Accept empty data frames, we use those for
2695 BPF_STMT(BPF_LD | BPF_W | BPF_LEN, 0),
2696 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_X, 0, PASS, 0),
2699 * Accept EAPOL frames
2701 BPF_STMT(BPF_LD | BPF_W | BPF_IND, 0),
2702 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 0xAAAA0300, 0, FAIL),
2703 BPF_STMT(BPF_LD | BPF_W | BPF_IND, 4),
2704 BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 0x0000888E, PASS, FAIL),
2706 /* keep these last two statements or change the code below */
2707 /* return 0 == "DROP" */
2708 BPF_STMT(BPF_RET | BPF_K, 0),
2709 /* return ~0 == "keep all" */
2710 BPF_STMT(BPF_RET | BPF_K, ~0),
2713 static struct sock_fprog msock_filter = {
2714 .len = sizeof(msock_filter_insns)/sizeof(msock_filter_insns[0]),
2715 .filter = msock_filter_insns,
2719 static int add_monitor_filter(int s)
2723 /* rewrite all PASS/FAIL jump offsets */
2724 for (idx = 0; idx < msock_filter.len; idx++) {
2725 struct sock_filter *insn = &msock_filter_insns[idx];
2727 if (BPF_CLASS(insn->code) == BPF_JMP) {
2728 if (insn->code == (BPF_JMP|BPF_JA)) {
2729 if (insn->k == PASS)
2730 insn->k = msock_filter.len - idx - 2;
2731 else if (insn->k == FAIL)
2732 insn->k = msock_filter.len - idx - 3;
2735 if (insn->jt == PASS)
2736 insn->jt = msock_filter.len - idx - 2;
2737 else if (insn->jt == FAIL)
2738 insn->jt = msock_filter.len - idx - 3;
2740 if (insn->jf == PASS)
2741 insn->jf = msock_filter.len - idx - 2;
2742 else if (insn->jf == FAIL)
2743 insn->jf = msock_filter.len - idx - 3;
2747 if (setsockopt(s, SOL_SOCKET, SO_ATTACH_FILTER,
2748 &msock_filter, sizeof(msock_filter))) {
2749 perror("SO_ATTACH_FILTER");
2758 nl80211_create_monitor_interface(struct wpa_driver_nl80211_data *drv)
2761 struct sockaddr_ll ll;
2765 snprintf(buf, IFNAMSIZ, "mon.%s", drv->ifname);
2766 buf[IFNAMSIZ - 1] = '\0';
2768 drv->monitor_ifidx =
2769 nl80211_create_iface(drv, buf, NL80211_IFTYPE_MONITOR, NULL);
2771 if (drv->monitor_ifidx < 0)
2774 if (hostapd_set_iface_flags(drv, buf, 1))
2777 memset(&ll, 0, sizeof(ll));
2778 ll.sll_family = AF_PACKET;
2779 ll.sll_ifindex = drv->monitor_ifidx;
2780 drv->monitor_sock = socket(PF_PACKET, SOCK_RAW, htons(ETH_P_ALL));
2781 if (drv->monitor_sock < 0) {
2782 perror("socket[PF_PACKET,SOCK_RAW]");
2786 if (add_monitor_filter(drv->monitor_sock)) {
2787 wpa_printf(MSG_INFO, "Failed to set socket filter for monitor "
2788 "interface; do filtering in user space");
2789 /* This works, but will cost in performance. */
2792 if (bind(drv->monitor_sock, (struct sockaddr *) &ll, sizeof(ll)) < 0) {
2793 perror("monitor socket bind");
2797 optlen = sizeof(optval);
2800 (drv->monitor_sock, SOL_SOCKET, SO_PRIORITY, &optval, optlen)) {
2801 perror("Failed to set socket priority");
2805 if (eloop_register_read_sock(drv->monitor_sock, handle_monitor_read,
2807 printf("Could not register monitor read socket\n");
2813 nl80211_remove_iface(drv, drv->monitor_ifidx);
2817 #endif /* CONFIG_AP || HOSTAPD */
2821 static int wpa_driver_nl80211_ap(struct wpa_driver_nl80211_data *drv,
2822 struct wpa_driver_associate_params *params)
2824 if (drv->monitor_ifidx < 0 &&
2825 nl80211_create_monitor_interface(drv))
2828 if (wpa_driver_nl80211_set_mode(drv, params->mode) ||
2829 wpa_driver_nl80211_set_freq(drv, params->freq, 0, 0)) {
2830 nl80211_remove_iface(drv, drv->monitor_ifidx);
2831 drv->monitor_ifidx = -1;
2835 /* TODO: setup monitor interface (and add code somewhere to remove this
2836 * when AP mode is stopped; associate with mode != 2 or drv_deinit) */
2840 #endif /* CONFIG_AP */
2843 static int wpa_driver_nl80211_associate(
2844 void *priv, struct wpa_driver_associate_params *params)
2846 struct wpa_driver_nl80211_data *drv = priv;
2851 if (params->mode == 2)
2852 return wpa_driver_nl80211_ap(drv, params);
2853 #endif /* CONFIG_AP */
2856 wpa_driver_nl80211_set_auth_param(drv, IW_AUTH_DROP_UNENCRYPTED,
2857 params->drop_unencrypted);
2858 #endif /* NO_WEXT */
2860 drv->associated = 0;
2862 msg = nlmsg_alloc();
2866 wpa_printf(MSG_DEBUG, "nl80211: Associate (ifindex=%d)",
2868 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
2869 NL80211_CMD_ASSOCIATE, 0);
2871 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
2872 if (params->bssid) {
2873 wpa_printf(MSG_DEBUG, " * bssid=" MACSTR,
2874 MAC2STR(params->bssid));
2875 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid);
2878 wpa_printf(MSG_DEBUG, " * freq=%d", params->freq);
2879 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, params->freq);
2882 wpa_hexdump_ascii(MSG_DEBUG, " * SSID",
2883 params->ssid, params->ssid_len);
2884 NLA_PUT(msg, NL80211_ATTR_SSID, params->ssid_len,
2886 if (params->ssid_len > sizeof(drv->ssid))
2887 goto nla_put_failure;
2888 os_memcpy(drv->ssid, params->ssid, params->ssid_len);
2889 drv->ssid_len = params->ssid_len;
2891 wpa_hexdump(MSG_DEBUG, " * IEs", params->wpa_ie, params->wpa_ie_len);
2893 NLA_PUT(msg, NL80211_ATTR_IE, params->wpa_ie_len,
2896 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
2899 wpa_printf(MSG_DEBUG, "nl80211: MLME command failed: ret=%d "
2900 "(%s)", ret, strerror(-ret));
2901 goto nla_put_failure;
2904 wpa_printf(MSG_DEBUG, "nl80211: Association request send "
2913 static int nl80211_set_mode(struct wpa_driver_nl80211_data *drv,
2914 int ifindex, int mode)
2919 msg = nlmsg_alloc();
2923 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
2924 0, NL80211_CMD_SET_INTERFACE, 0);
2925 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifindex);
2926 NLA_PUT_U32(msg, NL80211_ATTR_IFTYPE, mode);
2928 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
2932 wpa_printf(MSG_DEBUG, "nl80211: Failed to set interface %d to mode %d:"
2933 " %d (%s)", ifindex, mode, ret, strerror(-ret));
2938 static int wpa_driver_nl80211_set_mode(void *priv, int mode)
2940 struct wpa_driver_nl80211_data *drv = priv;
2946 nlmode = NL80211_IFTYPE_STATION;
2949 nlmode = NL80211_IFTYPE_ADHOC;
2952 nlmode = NL80211_IFTYPE_AP;
2958 if (nl80211_set_mode(drv, drv->ifindex, nlmode) == 0) {
2959 drv->nlmode = nlmode;
2963 if (nlmode == drv->nlmode)
2964 return 0; /* Already in the requested mode */
2966 /* mac80211 doesn't allow mode changes while the device is up, so
2967 * take the device down, try to set the mode again, and bring the
2970 if (hostapd_set_iface_flags(drv, drv->ifname, 0) == 0) {
2971 /* Try to set the mode again while the interface is down */
2972 ret = nl80211_set_mode(drv, drv->ifindex, nlmode);
2973 if (hostapd_set_iface_flags(drv, drv->ifname, 1))
2978 drv->nlmode = nlmode;
2984 static int wpa_driver_nl80211_get_capa(void *priv,
2985 struct wpa_driver_capa *capa)
2987 struct wpa_driver_nl80211_data *drv = priv;
2988 if (!drv->has_capability)
2990 os_memcpy(capa, &drv->capa, sizeof(*capa));
2995 static int wpa_driver_nl80211_set_operstate(void *priv, int state)
2997 struct wpa_driver_nl80211_data *drv = priv;
2999 wpa_printf(MSG_DEBUG, "%s: operstate %d->%d (%s)",
3000 __func__, drv->operstate, state, state ? "UP" : "DORMANT");
3001 drv->operstate = state;
3002 return wpa_driver_nl80211_send_oper_ifla(
3003 drv, -1, state ? IF_OPER_UP : IF_OPER_DORMANT);
3009 static const u8 rfc1042_header[6] = { 0xaa, 0xaa, 0x03, 0x00, 0x00, 0x00 };
3011 static int i802_sta_deauth(void *priv, const u8 *addr, int reason);
3012 static int i802_sta_disassoc(void *priv, const u8 *addr, int reason);
3015 static struct i802_bss * get_bss(struct wpa_driver_nl80211_data *drv,
3018 struct i802_bss *bss = &drv->bss;
3020 if (ifindex == bss->ifindex)
3024 wpa_printf(MSG_DEBUG, "nl80211: get_bss(%d) failed", ifindex);
3029 static void add_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx)
3034 wpa_printf(MSG_DEBUG, "nl80211: Add own interface ifindex %d",
3036 for (i = 0; i < drv->num_if_indices; i++) {
3037 if (drv->if_indices[i] == 0) {
3038 drv->if_indices[i] = ifidx;
3043 if (drv->if_indices != drv->default_if_indices)
3044 old = drv->if_indices;
3048 drv->if_indices = realloc(old,
3049 sizeof(int) * (drv->num_if_indices + 1));
3050 if (!drv->if_indices) {
3052 drv->if_indices = drv->default_if_indices;
3054 drv->if_indices = old;
3055 wpa_printf(MSG_ERROR, "Failed to reallocate memory for "
3057 wpa_printf(MSG_ERROR, "Ignoring EAPOL on interface %d", ifidx);
3060 drv->if_indices[drv->num_if_indices] = ifidx;
3061 drv->num_if_indices++;
3065 static void del_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx)
3069 for (i = 0; i < drv->num_if_indices; i++) {
3070 if (drv->if_indices[i] == ifidx) {
3071 drv->if_indices[i] = 0;
3078 static int have_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx)
3082 for (i = 0; i < drv->num_if_indices; i++)
3083 if (drv->if_indices[i] == ifidx)
3090 static int i802_set_key(const char *iface, void *priv, wpa_alg alg,
3091 const u8 *addr, int key_idx, int set_tx, const u8 *seq,
3092 size_t seq_len, const u8 *key, size_t key_len)
3094 struct wpa_driver_nl80211_data *drv = priv;
3095 return nl_set_encr(if_nametoindex(iface), drv, alg, addr, key_idx,
3096 set_tx, seq, seq_len, key, key_len);
3100 static inline int min_int(int a, int b)
3108 static int get_key_handler(struct nl_msg *msg, void *arg)
3110 struct nlattr *tb[NL80211_ATTR_MAX + 1];
3111 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
3113 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
3114 genlmsg_attrlen(gnlh, 0), NULL);
3117 * TODO: validate the key index and mac address!
3118 * Otherwise, there's a race condition as soon as
3119 * the kernel starts sending key notifications.
3122 if (tb[NL80211_ATTR_KEY_SEQ])
3123 memcpy(arg, nla_data(tb[NL80211_ATTR_KEY_SEQ]),
3124 min_int(nla_len(tb[NL80211_ATTR_KEY_SEQ]), 6));
3129 static int i802_get_seqnum(const char *iface, void *priv, const u8 *addr,
3132 struct wpa_driver_nl80211_data *drv = priv;
3135 msg = nlmsg_alloc();
3139 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
3140 0, NL80211_CMD_GET_KEY, 0);
3143 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
3144 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, idx);
3145 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(iface));
3149 return send_and_recv_msgs(drv, msg, get_key_handler, seq);
3155 static int i802_set_rate_sets(void *priv, int *supp_rates, int *basic_rates,
3158 struct wpa_driver_nl80211_data *drv = priv;
3160 u8 rates[NL80211_MAX_SUPP_RATES];
3164 msg = nlmsg_alloc();
3168 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
3169 NL80211_CMD_SET_BSS, 0);
3171 for (i = 0; i < NL80211_MAX_SUPP_RATES && basic_rates[i] >= 0; i++)
3172 rates[rates_len++] = basic_rates[i] / 5;
3174 NLA_PUT(msg, NL80211_ATTR_BSS_BASIC_RATES, rates_len, rates);
3176 /* TODO: multi-BSS support */
3177 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(drv->ifname));
3179 return send_and_recv_msgs(drv, msg, NULL, NULL);
3185 /* Set kernel driver on given frequency (MHz) */
3186 static int i802_set_freq(void *priv, struct hostapd_freq_params *freq)
3188 struct wpa_driver_nl80211_data *drv = priv;
3189 return wpa_driver_nl80211_set_freq(drv, freq->freq, freq->ht_enabled,
3190 freq->sec_channel_offset);
3194 static int i802_set_rts(void *priv, int rts)
3199 struct wpa_driver_nl80211_data *drv = priv;
3202 memset(&iwr, 0, sizeof(iwr));
3203 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
3204 iwr.u.rts.value = rts;
3205 iwr.u.rts.fixed = 1;
3207 if (ioctl(drv->ioctl_sock, SIOCSIWRTS, &iwr) < 0) {
3208 perror("ioctl[SIOCSIWRTS]");
3213 #endif /* NO_WEXT */
3217 static int i802_set_frag(void *priv, int frag)
3222 struct wpa_driver_nl80211_data *drv = priv;
3225 memset(&iwr, 0, sizeof(iwr));
3226 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
3227 iwr.u.frag.value = frag;
3228 iwr.u.frag.fixed = 1;
3230 if (ioctl(drv->ioctl_sock, SIOCSIWFRAG, &iwr) < 0) {
3231 perror("ioctl[SIOCSIWFRAG]");
3236 #endif /* NO_WEXT */
3240 static int i802_set_retry(void *priv, int short_retry, int long_retry)
3245 struct wpa_driver_nl80211_data *drv = priv;
3248 memset(&iwr, 0, sizeof(iwr));
3249 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
3251 iwr.u.retry.value = short_retry;
3252 iwr.u.retry.flags = IW_RETRY_LIMIT | IW_RETRY_MIN;
3253 if (ioctl(drv->ioctl_sock, SIOCSIWRETRY, &iwr) < 0) {
3254 perror("ioctl[SIOCSIWRETRY(short)]");
3258 iwr.u.retry.value = long_retry;
3259 iwr.u.retry.flags = IW_RETRY_LIMIT | IW_RETRY_MAX;
3260 if (ioctl(drv->ioctl_sock, SIOCSIWRETRY, &iwr) < 0) {
3261 perror("ioctl[SIOCSIWRETRY(long)]");
3266 #endif /* NO_WEXT */
3270 static int i802_flush(void *priv)
3272 struct wpa_driver_nl80211_data *drv = priv;
3275 msg = nlmsg_alloc();
3279 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
3280 0, NL80211_CMD_DEL_STATION, 0);
3283 * XXX: FIX! this needs to flush all VLANs too
3285 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
3286 if_nametoindex(drv->ifname));
3288 return send_and_recv_msgs(drv, msg, NULL, NULL);
3294 static int get_sta_handler(struct nl_msg *msg, void *arg)
3296 struct nlattr *tb[NL80211_ATTR_MAX + 1];
3297 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
3298 struct hostap_sta_driver_data *data = arg;
3299 struct nlattr *stats[NL80211_STA_INFO_MAX + 1];
3300 static struct nla_policy stats_policy[NL80211_STA_INFO_MAX + 1] = {
3301 [NL80211_STA_INFO_INACTIVE_TIME] = { .type = NLA_U32 },
3302 [NL80211_STA_INFO_RX_BYTES] = { .type = NLA_U32 },
3303 [NL80211_STA_INFO_TX_BYTES] = { .type = NLA_U32 },
3304 [NL80211_STA_INFO_RX_PACKETS] = { .type = NLA_U32 },
3305 [NL80211_STA_INFO_TX_PACKETS] = { .type = NLA_U32 },
3308 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
3309 genlmsg_attrlen(gnlh, 0), NULL);
3312 * TODO: validate the interface and mac address!
3313 * Otherwise, there's a race condition as soon as
3314 * the kernel starts sending station notifications.
3317 if (!tb[NL80211_ATTR_STA_INFO]) {
3318 wpa_printf(MSG_DEBUG, "sta stats missing!");
3321 if (nla_parse_nested(stats, NL80211_STA_INFO_MAX,
3322 tb[NL80211_ATTR_STA_INFO],
3324 wpa_printf(MSG_DEBUG, "failed to parse nested attributes!");
3328 if (stats[NL80211_STA_INFO_INACTIVE_TIME])
3329 data->inactive_msec =
3330 nla_get_u32(stats[NL80211_STA_INFO_INACTIVE_TIME]);
3331 if (stats[NL80211_STA_INFO_RX_BYTES])
3332 data->rx_bytes = nla_get_u32(stats[NL80211_STA_INFO_RX_BYTES]);
3333 if (stats[NL80211_STA_INFO_TX_BYTES])
3334 data->tx_bytes = nla_get_u32(stats[NL80211_STA_INFO_TX_BYTES]);
3335 if (stats[NL80211_STA_INFO_RX_PACKETS])
3337 nla_get_u32(stats[NL80211_STA_INFO_RX_PACKETS]);
3338 if (stats[NL80211_STA_INFO_TX_PACKETS])
3340 nla_get_u32(stats[NL80211_STA_INFO_TX_PACKETS]);
3345 static int i802_read_sta_data(void *priv, struct hostap_sta_driver_data *data,
3348 struct wpa_driver_nl80211_data *drv = priv;
3351 os_memset(data, 0, sizeof(*data));
3352 msg = nlmsg_alloc();
3356 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
3357 0, NL80211_CMD_GET_STATION, 0);
3359 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
3360 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(drv->ifname));
3362 return send_and_recv_msgs(drv, msg, get_sta_handler, data);
3368 static int i802_send_eapol(void *priv, const u8 *addr, const u8 *data,
3369 size_t data_len, int encrypt, const u8 *own_addr)
3371 struct wpa_driver_nl80211_data *drv = priv;
3372 struct ieee80211_hdr *hdr;
3377 int qos = sta->flags & WLAN_STA_WME;
3382 len = sizeof(*hdr) + (qos ? 2 : 0) + sizeof(rfc1042_header) + 2 +
3384 hdr = os_zalloc(len);
3386 printf("malloc() failed for i802_send_data(len=%lu)\n",
3387 (unsigned long) len);
3391 hdr->frame_control =
3392 IEEE80211_FC(WLAN_FC_TYPE_DATA, WLAN_FC_STYPE_DATA);
3393 hdr->frame_control |= host_to_le16(WLAN_FC_FROMDS);
3395 hdr->frame_control |= host_to_le16(WLAN_FC_ISWEP);
3396 #if 0 /* To be enabled if qos determination is added above */
3398 hdr->frame_control |=
3399 host_to_le16(WLAN_FC_STYPE_QOS_DATA << 4);
3403 memcpy(hdr->IEEE80211_DA_FROMDS, addr, ETH_ALEN);
3404 memcpy(hdr->IEEE80211_BSSID_FROMDS, own_addr, ETH_ALEN);
3405 memcpy(hdr->IEEE80211_SA_FROMDS, own_addr, ETH_ALEN);
3406 pos = (u8 *) (hdr + 1);
3408 #if 0 /* To be enabled if qos determination is added above */
3410 /* add an empty QoS header if needed */
3417 memcpy(pos, rfc1042_header, sizeof(rfc1042_header));
3418 pos += sizeof(rfc1042_header);
3419 WPA_PUT_BE16(pos, ETH_P_PAE);
3421 memcpy(pos, data, data_len);
3423 res = wpa_driver_nl80211_send_frame(drv, (u8 *) hdr, len, encrypt);
3425 wpa_printf(MSG_ERROR, "i802_send_eapol - packet len: %lu - "
3427 (unsigned long) len, errno, strerror(errno));
3435 static int i802_sta_add(const char *ifname, void *priv,
3436 struct hostapd_sta_add_params *params)
3438 struct wpa_driver_nl80211_data *drv = priv;
3442 msg = nlmsg_alloc();
3446 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
3447 0, NL80211_CMD_NEW_STATION, 0);
3449 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
3450 if_nametoindex(drv->ifname));
3451 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, params->addr);
3452 NLA_PUT_U16(msg, NL80211_ATTR_STA_AID, params->aid);
3453 NLA_PUT(msg, NL80211_ATTR_STA_SUPPORTED_RATES, params->supp_rates_len,
3454 params->supp_rates);
3455 NLA_PUT_U16(msg, NL80211_ATTR_STA_LISTEN_INTERVAL,
3456 params->listen_interval);
3458 #ifdef CONFIG_IEEE80211N
3459 if (params->ht_capabilities) {
3460 NLA_PUT(msg, NL80211_ATTR_HT_CAPABILITY,
3461 params->ht_capabilities->length,
3462 ¶ms->ht_capabilities->data);
3464 #endif /* CONFIG_IEEE80211N */
3466 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
3468 wpa_printf(MSG_DEBUG, "nl80211: NL80211_CMD_NEW_STATION "
3469 "result: %d (%s)", ret, strerror(-ret));
3477 static int i802_sta_remove(void *priv, const u8 *addr)
3479 struct wpa_driver_nl80211_data *drv = priv;
3483 msg = nlmsg_alloc();
3487 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
3488 0, NL80211_CMD_DEL_STATION, 0);
3490 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
3491 if_nametoindex(drv->ifname));
3492 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
3494 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
3503 static int i802_sta_set_flags(void *priv, const u8 *addr,
3504 int total_flags, int flags_or, int flags_and)
3506 struct wpa_driver_nl80211_data *drv = priv;
3507 struct nl_msg *msg, *flags = NULL;
3509 msg = nlmsg_alloc();
3513 flags = nlmsg_alloc();
3519 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
3520 0, NL80211_CMD_SET_STATION, 0);
3522 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
3523 if_nametoindex(drv->ifname));
3524 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
3526 if (total_flags & WLAN_STA_AUTHORIZED)
3527 NLA_PUT_FLAG(flags, NL80211_STA_FLAG_AUTHORIZED);
3529 if (total_flags & WLAN_STA_WMM)
3530 NLA_PUT_FLAG(flags, NL80211_STA_FLAG_WME);
3532 if (total_flags & WLAN_STA_SHORT_PREAMBLE)
3533 NLA_PUT_FLAG(flags, NL80211_STA_FLAG_SHORT_PREAMBLE);
3535 if (total_flags & WLAN_STA_MFP)
3536 NLA_PUT_FLAG(flags, NL80211_STA_FLAG_MFP);
3538 if (nla_put_nested(msg, NL80211_ATTR_STA_FLAGS, flags))
3539 goto nla_put_failure;
3543 return send_and_recv_msgs(drv, msg, NULL, NULL);
3550 static int i802_set_tx_queue_params(void *priv, int queue, int aifs,
3551 int cw_min, int cw_max, int burst_time)
3553 struct wpa_driver_nl80211_data *drv = priv;
3555 struct nlattr *txq, *params;
3557 msg = nlmsg_alloc();
3561 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
3562 0, NL80211_CMD_SET_WIPHY, 0);
3564 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(drv->ifname));
3566 txq = nla_nest_start(msg, NL80211_ATTR_WIPHY_TXQ_PARAMS);
3568 goto nla_put_failure;
3570 /* We are only sending parameters for a single TXQ at a time */
3571 params = nla_nest_start(msg, 1);
3573 goto nla_put_failure;
3575 NLA_PUT_U8(msg, NL80211_TXQ_ATTR_QUEUE, queue);
3576 /* Burst time is configured in units of 0.1 msec and TXOP parameter in
3577 * 32 usec, so need to convert the value here. */
3578 NLA_PUT_U16(msg, NL80211_TXQ_ATTR_TXOP, (burst_time * 100 + 16) / 32);
3579 NLA_PUT_U16(msg, NL80211_TXQ_ATTR_CWMIN, cw_min);
3580 NLA_PUT_U16(msg, NL80211_TXQ_ATTR_CWMAX, cw_max);
3581 NLA_PUT_U8(msg, NL80211_TXQ_ATTR_AIFS, aifs);
3583 nla_nest_end(msg, params);
3585 nla_nest_end(msg, txq);
3587 if (send_and_recv_msgs(drv, msg, NULL, NULL) == 0)
3594 static int i802_bss_add(void *priv, const char *ifname, const u8 *bssid)
3596 struct wpa_driver_nl80211_data *drv = priv;
3598 struct i802_bss *bss;
3600 bss = os_zalloc(sizeof(*bss));
3603 bss->ifindex = if_nametoindex(ifname);
3605 ifidx = nl80211_create_iface(priv, ifname, NL80211_IFTYPE_AP, bssid);
3610 if (hostapd_set_iface_flags(priv, ifname, 1)) {
3611 nl80211_remove_iface(priv, ifidx);
3615 bss->next = drv->bss.next;
3616 drv->bss.next = bss;
3621 static int i802_bss_remove(void *priv, const char *ifname)
3623 struct wpa_driver_nl80211_data *drv = priv;
3624 struct i802_bss *bss, *prev;
3625 int ifindex = if_nametoindex(ifname);
3626 nl80211_remove_iface(priv, ifindex);
3628 bss = drv->bss.next;
3630 if (ifindex == bss->ifindex) {
3631 prev->next = bss->next;
3642 static int i802_set_beacon(const char *iface, void *priv,
3643 const u8 *head, size_t head_len,
3644 const u8 *tail, size_t tail_len, int dtim_period)
3646 return wpa_driver_nl80211_set_beacon_iface(if_nametoindex(iface), priv,
3653 static int i802_del_beacon(struct wpa_driver_nl80211_data *drv)
3657 msg = nlmsg_alloc();
3661 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
3662 0, NL80211_CMD_DEL_BEACON, 0);
3663 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(drv->ifname));
3665 return send_and_recv_msgs(drv, msg, NULL, NULL);
3671 static int i802_set_bss(void *priv, int cts, int preamble, int slot)
3673 struct wpa_driver_nl80211_data *drv = priv;
3676 msg = nlmsg_alloc();
3680 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
3681 NL80211_CMD_SET_BSS, 0);
3684 NLA_PUT_U8(msg, NL80211_ATTR_BSS_CTS_PROT, cts);
3686 NLA_PUT_U8(msg, NL80211_ATTR_BSS_SHORT_PREAMBLE, preamble);
3688 NLA_PUT_U8(msg, NL80211_ATTR_BSS_SHORT_SLOT_TIME, slot);
3690 /* TODO: multi-BSS support */
3691 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(drv->ifname));
3693 return send_and_recv_msgs(drv, msg, NULL, NULL);
3699 static int i802_set_cts_protect(void *priv, int value)
3701 return i802_set_bss(priv, value, -1, -1);
3705 static int i802_set_preamble(void *priv, int value)
3707 return i802_set_bss(priv, -1, value, -1);
3711 static int i802_set_short_slot_time(void *priv, int value)
3713 return i802_set_bss(priv, -1, -1, value);
3717 static enum nl80211_iftype i802_if_type(enum hostapd_driver_if_type type)
3720 case HOSTAPD_IF_VLAN:
3721 return NL80211_IFTYPE_AP_VLAN;
3722 case HOSTAPD_IF_WDS:
3723 return NL80211_IFTYPE_WDS;
3729 static int i802_if_add(const char *iface, void *priv,
3730 enum hostapd_driver_if_type type, char *ifname,
3733 if (nl80211_create_iface(priv, ifname, i802_if_type(type), addr) < 0)
3739 static int i802_if_update(void *priv, enum hostapd_driver_if_type type,
3740 char *ifname, const u8 *addr)
3742 /* unused at the moment */
3747 static int i802_if_remove(void *priv, enum hostapd_driver_if_type type,
3748 const char *ifname, const u8 *addr)
3750 nl80211_remove_iface(priv, if_nametoindex(ifname));
3755 static int i802_set_sta_vlan(void *priv, const u8 *addr,
3756 const char *ifname, int vlan_id)
3758 struct wpa_driver_nl80211_data *drv = priv;
3761 msg = nlmsg_alloc();
3765 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
3766 0, NL80211_CMD_SET_STATION, 0);
3768 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
3769 if_nametoindex(drv->ifname));
3770 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
3771 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX,
3772 if_nametoindex(ifname));
3774 return send_and_recv_msgs(drv, msg, NULL, NULL);
3780 static void handle_eapol(int sock, void *eloop_ctx, void *sock_ctx)
3782 struct wpa_driver_nl80211_data *drv = eloop_ctx;
3783 struct sockaddr_ll lladdr;
3784 unsigned char buf[3000];
3786 socklen_t fromlen = sizeof(lladdr);
3788 len = recvfrom(sock, buf, sizeof(buf), 0,
3789 (struct sockaddr *)&lladdr, &fromlen);
3795 if (have_ifidx(drv, lladdr.sll_ifindex)) {
3796 struct hostapd_data *hapd;
3797 hapd = hostapd_sta_get_bss(drv->hapd, lladdr.sll_addr);
3800 hostapd_eapol_receive(hapd, lladdr.sll_addr, buf, len);
3805 static int i802_get_inact_sec(void *priv, const u8 *addr)
3807 struct hostap_sta_driver_data data;
3810 data.inactive_msec = (unsigned long) -1;
3811 ret = i802_read_sta_data(priv, &data, addr);
3812 if (ret || data.inactive_msec == (unsigned long) -1)
3814 return data.inactive_msec / 1000;
3818 static int i802_sta_clear_stats(void *priv, const u8 *addr)
3827 static int i802_sta_deauth(void *priv, const u8 *addr, int reason)
3829 struct wpa_driver_nl80211_data *drv = priv;
3830 struct ieee80211_mgmt mgmt;
3832 memset(&mgmt, 0, sizeof(mgmt));
3833 mgmt.frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT,
3834 WLAN_FC_STYPE_DEAUTH);
3835 memcpy(mgmt.da, addr, ETH_ALEN);
3836 memcpy(mgmt.sa, drv->hapd->own_addr, ETH_ALEN);
3837 memcpy(mgmt.bssid, drv->hapd->own_addr, ETH_ALEN);
3838 mgmt.u.deauth.reason_code = host_to_le16(reason);
3839 return wpa_driver_nl80211_send_mlme(drv, (u8 *) &mgmt,
3841 sizeof(mgmt.u.deauth));
3845 static int i802_sta_disassoc(void *priv, const u8 *addr, int reason)
3847 struct wpa_driver_nl80211_data *drv = priv;
3848 struct ieee80211_mgmt mgmt;
3850 memset(&mgmt, 0, sizeof(mgmt));
3851 mgmt.frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT,
3852 WLAN_FC_STYPE_DISASSOC);
3853 memcpy(mgmt.da, addr, ETH_ALEN);
3854 memcpy(mgmt.sa, drv->hapd->own_addr, ETH_ALEN);
3855 memcpy(mgmt.bssid, drv->hapd->own_addr, ETH_ALEN);
3856 mgmt.u.disassoc.reason_code = host_to_le16(reason);
3857 return wpa_driver_nl80211_send_mlme(drv, (u8 *) &mgmt,
3859 sizeof(mgmt.u.disassoc));
3863 static void *i802_init(struct hostapd_data *hapd,
3864 struct wpa_init_params *params)
3866 struct wpa_driver_nl80211_data *drv;
3870 drv = os_zalloc(sizeof(struct wpa_driver_nl80211_data));
3872 printf("Could not allocate memory for i802 driver data\n");
3878 memcpy(drv->ifname, params->ifname, sizeof(drv->ifname));
3879 drv->ifindex = if_nametoindex(drv->ifname);
3880 drv->bss.ifindex = drv->ifindex;
3882 drv->num_if_indices = sizeof(drv->default_if_indices) / sizeof(int);
3883 drv->if_indices = drv->default_if_indices;
3884 for (i = 0; i < params->num_bridge; i++) {
3885 if (params->bridge[i])
3886 add_ifidx(drv, if_nametoindex(params->bridge[i]));
3889 drv->ioctl_sock = socket(PF_INET, SOCK_DGRAM, 0);
3890 if (drv->ioctl_sock < 0) {
3891 perror("socket[PF_INET,SOCK_DGRAM]");
3895 /* start listening for EAPOL on the default AP interface */
3896 add_ifidx(drv, drv->ifindex);
3898 if (hostapd_set_iface_flags(drv, drv->ifname, 0))
3901 if (params->bssid) {
3902 os_strlcpy(ifr.ifr_name, drv->ifname, IFNAMSIZ);
3903 os_memcpy(ifr.ifr_hwaddr.sa_data, params->bssid, ETH_ALEN);
3904 ifr.ifr_hwaddr.sa_family = ARPHRD_ETHER;
3906 if (ioctl(drv->ioctl_sock, SIOCSIFHWADDR, &ifr)) {
3907 perror("ioctl(SIOCSIFHWADDR)");
3912 if (wpa_driver_nl80211_init_nl(drv, drv->hapd))
3915 /* Initialise a monitor interface */
3916 if (nl80211_create_monitor_interface(drv))
3919 if (nl80211_set_mode(drv, drv->ifindex, NL80211_IFTYPE_AP)) {
3920 wpa_printf(MSG_ERROR, "nl80211: Failed to set interface %s "
3921 "into AP mode", drv->ifname);
3925 if (hostapd_set_iface_flags(drv, drv->ifname, 1))
3928 drv->eapol_sock = socket(PF_PACKET, SOCK_DGRAM, htons(ETH_P_PAE));
3929 if (drv->eapol_sock < 0) {
3930 perror("socket(PF_PACKET, SOCK_DGRAM, ETH_P_PAE)");
3934 if (eloop_register_read_sock(drv->eapol_sock, handle_eapol, drv, NULL))
3936 printf("Could not register read socket for eapol\n");
3940 os_memset(&ifr, 0, sizeof(ifr));
3941 os_strlcpy(ifr.ifr_name, drv->ifname, sizeof(ifr.ifr_name));
3942 if (ioctl(drv->ioctl_sock, SIOCGIFHWADDR, &ifr) != 0) {
3943 perror("ioctl(SIOCGIFHWADDR)");
3947 if (ifr.ifr_hwaddr.sa_family != ARPHRD_ETHER) {
3948 printf("Invalid HW-addr family 0x%04x\n",
3949 ifr.ifr_hwaddr.sa_family);
3952 os_memcpy(drv->hapd->own_addr, ifr.ifr_hwaddr.sa_data, ETH_ALEN);
3957 nl80211_remove_iface(drv, drv->monitor_ifidx);
3964 static void i802_deinit(void *priv)
3966 struct wpa_driver_nl80211_data *drv = priv;
3967 struct i802_bss *bss, *prev;
3969 if (drv->last_freq_ht) {
3970 /* Clear HT flags from the driver */
3971 struct hostapd_freq_params freq;
3972 os_memset(&freq, 0, sizeof(freq));
3973 freq.freq = drv->last_freq;
3974 i802_set_freq(priv, &freq);
3977 i802_del_beacon(drv);
3979 /* remove monitor interface */
3980 nl80211_remove_iface(drv, drv->monitor_ifidx);
3982 (void) hostapd_set_iface_flags(drv, drv->ifname, 0);
3984 if (drv->monitor_sock >= 0) {
3985 eloop_unregister_read_sock(drv->monitor_sock);
3986 close(drv->monitor_sock);
3988 if (drv->ioctl_sock >= 0)
3989 close(drv->ioctl_sock);
3990 if (drv->eapol_sock >= 0) {
3991 eloop_unregister_read_sock(drv->eapol_sock);
3992 close(drv->eapol_sock);
3995 eloop_unregister_read_sock(nl_socket_get_fd(drv->nl_handle));
3996 genl_family_put(drv->nl80211);
3997 nl_cache_free(drv->nl_cache);
3998 nl_handle_destroy(drv->nl_handle);
3999 nl_cb_put(drv->nl_cb);
4001 if (drv->if_indices != drv->default_if_indices)
4002 free(drv->if_indices);
4004 bss = drv->bss.next;
4014 #endif /* HOSTAPD */
4017 const struct wpa_driver_ops wpa_driver_nl80211_ops = {
4019 .desc = "Linux nl80211/cfg80211",
4020 .get_bssid = wpa_driver_nl80211_get_bssid,
4021 .get_ssid = wpa_driver_nl80211_get_ssid,
4022 .set_key = wpa_driver_nl80211_set_key,
4023 .scan2 = wpa_driver_nl80211_scan,
4024 .get_scan_results2 = wpa_driver_nl80211_get_scan_results,
4025 .deauthenticate = wpa_driver_nl80211_deauthenticate,
4026 .disassociate = wpa_driver_nl80211_disassociate,
4027 .authenticate = wpa_driver_nl80211_authenticate,
4028 .associate = wpa_driver_nl80211_associate,
4029 .init = wpa_driver_nl80211_init,
4030 .deinit = wpa_driver_nl80211_deinit,
4031 .get_capa = wpa_driver_nl80211_get_capa,
4032 .set_operstate = wpa_driver_nl80211_set_operstate,
4033 .set_country = wpa_driver_nl80211_set_country,
4034 .set_mode = wpa_driver_nl80211_set_mode,
4036 .set_beacon = wpa_driver_nl80211_set_beacon,
4037 #endif /* CONFIG_AP */
4038 #if defined(CONFIG_AP) || defined(HOSTAPD)
4039 .send_mlme = wpa_driver_nl80211_send_mlme,
4040 .set_beacon_int = wpa_driver_nl80211_set_beacon_int,
4041 .get_hw_feature_data = wpa_driver_nl80211_get_hw_feature_data,
4042 #endif /* CONFIG_AP || HOSTAPD */
4044 .hapd_init = i802_init,
4045 .hapd_deinit = i802_deinit,
4046 .hapd_set_key = i802_set_key,
4047 .get_seqnum = i802_get_seqnum,
4048 .flush = i802_flush,
4049 .read_sta_data = i802_read_sta_data,
4050 .hapd_send_eapol = i802_send_eapol,
4051 .sta_set_flags = i802_sta_set_flags,
4052 .sta_deauth = i802_sta_deauth,
4053 .sta_disassoc = i802_sta_disassoc,
4054 .sta_remove = i802_sta_remove,
4055 .sta_add = i802_sta_add,
4056 .get_inact_sec = i802_get_inact_sec,
4057 .sta_clear_stats = i802_sta_clear_stats,
4058 .set_freq = i802_set_freq,
4059 .set_rts = i802_set_rts,
4060 .set_frag = i802_set_frag,
4061 .set_retry = i802_set_retry,
4062 .set_rate_sets = i802_set_rate_sets,
4063 .hapd_set_beacon = i802_set_beacon,
4064 .set_cts_protect = i802_set_cts_protect,
4065 .set_preamble = i802_set_preamble,
4066 .set_short_slot_time = i802_set_short_slot_time,
4067 .set_tx_queue_params = i802_set_tx_queue_params,
4068 .bss_add = i802_bss_add,
4069 .bss_remove = i802_bss_remove,
4070 .if_add = i802_if_add,
4071 .if_update = i802_if_update,
4072 .if_remove = i802_if_remove,
4073 .set_sta_vlan = i802_set_sta_vlan,
4074 #endif /* HOSTAPD */