xref: /freebsd/contrib/wpa/src/ap/hostapd.c (revision 190cef3d52236565eb22e18b33e9e865ec634aa3)
1 /*
2  * hostapd / Initialization and configuration
3  * Copyright (c) 2002-2014, Jouni Malinen <j@w1.fi>
4  *
5  * This software may be distributed under the terms of the BSD license.
6  * See README for more details.
7  */
8 
9 #include "utils/includes.h"
10 
11 #include "utils/common.h"
12 #include "utils/eloop.h"
13 #include "common/ieee802_11_defs.h"
14 #include "common/wpa_ctrl.h"
15 #include "common/hw_features_common.h"
16 #include "radius/radius_client.h"
17 #include "radius/radius_das.h"
18 #include "eap_server/tncs.h"
19 #include "eapol_auth/eapol_auth_sm.h"
20 #include "eapol_auth/eapol_auth_sm_i.h"
21 #include "fst/fst.h"
22 #include "hostapd.h"
23 #include "authsrv.h"
24 #include "sta_info.h"
25 #include "accounting.h"
26 #include "ap_list.h"
27 #include "beacon.h"
28 #include "iapp.h"
29 #include "ieee802_1x.h"
30 #include "ieee802_11_auth.h"
31 #include "vlan_init.h"
32 #include "wpa_auth.h"
33 #include "wps_hostapd.h"
34 #include "hw_features.h"
35 #include "wpa_auth_glue.h"
36 #include "ap_drv_ops.h"
37 #include "ap_config.h"
38 #include "p2p_hostapd.h"
39 #include "gas_serv.h"
40 #include "dfs.h"
41 #include "ieee802_11.h"
42 #include "bss_load.h"
43 #include "x_snoop.h"
44 #include "dhcp_snoop.h"
45 #include "ndisc_snoop.h"
46 #include "neighbor_db.h"
47 #include "rrm.h"
48 
49 
50 static int hostapd_flush_old_stations(struct hostapd_data *hapd, u16 reason);
51 static int hostapd_setup_encryption(char *iface, struct hostapd_data *hapd);
52 static int hostapd_broadcast_wep_clear(struct hostapd_data *hapd);
53 static int setup_interface2(struct hostapd_iface *iface);
54 static void channel_list_update_timeout(void *eloop_ctx, void *timeout_ctx);
55 
56 
57 int hostapd_for_each_interface(struct hapd_interfaces *interfaces,
58 			       int (*cb)(struct hostapd_iface *iface,
59 					 void *ctx), void *ctx)
60 {
61 	size_t i;
62 	int ret;
63 
64 	for (i = 0; i < interfaces->count; i++) {
65 		ret = cb(interfaces->iface[i], ctx);
66 		if (ret)
67 			return ret;
68 	}
69 
70 	return 0;
71 }
72 
73 
74 static void hostapd_reload_bss(struct hostapd_data *hapd)
75 {
76 	struct hostapd_ssid *ssid;
77 
78 #ifndef CONFIG_NO_RADIUS
79 	radius_client_reconfig(hapd->radius, hapd->conf->radius);
80 #endif /* CONFIG_NO_RADIUS */
81 
82 	ssid = &hapd->conf->ssid;
83 	if (!ssid->wpa_psk_set && ssid->wpa_psk && !ssid->wpa_psk->next &&
84 	    ssid->wpa_passphrase_set && ssid->wpa_passphrase) {
85 		/*
86 		 * Force PSK to be derived again since SSID or passphrase may
87 		 * have changed.
88 		 */
89 		hostapd_config_clear_wpa_psk(&hapd->conf->ssid.wpa_psk);
90 	}
91 	if (hostapd_setup_wpa_psk(hapd->conf)) {
92 		wpa_printf(MSG_ERROR, "Failed to re-configure WPA PSK "
93 			   "after reloading configuration");
94 	}
95 
96 	if (hapd->conf->ieee802_1x || hapd->conf->wpa)
97 		hostapd_set_drv_ieee8021x(hapd, hapd->conf->iface, 1);
98 	else
99 		hostapd_set_drv_ieee8021x(hapd, hapd->conf->iface, 0);
100 
101 	if ((hapd->conf->wpa || hapd->conf->osen) && hapd->wpa_auth == NULL) {
102 		hostapd_setup_wpa(hapd);
103 		if (hapd->wpa_auth)
104 			wpa_init_keys(hapd->wpa_auth);
105 	} else if (hapd->conf->wpa) {
106 		const u8 *wpa_ie;
107 		size_t wpa_ie_len;
108 		hostapd_reconfig_wpa(hapd);
109 		wpa_ie = wpa_auth_get_wpa_ie(hapd->wpa_auth, &wpa_ie_len);
110 		if (hostapd_set_generic_elem(hapd, wpa_ie, wpa_ie_len))
111 			wpa_printf(MSG_ERROR, "Failed to configure WPA IE for "
112 				   "the kernel driver.");
113 	} else if (hapd->wpa_auth) {
114 		wpa_deinit(hapd->wpa_auth);
115 		hapd->wpa_auth = NULL;
116 		hostapd_set_privacy(hapd, 0);
117 		hostapd_setup_encryption(hapd->conf->iface, hapd);
118 		hostapd_set_generic_elem(hapd, (u8 *) "", 0);
119 	}
120 
121 	ieee802_11_set_beacon(hapd);
122 	hostapd_update_wps(hapd);
123 
124 	if (hapd->conf->ssid.ssid_set &&
125 	    hostapd_set_ssid(hapd, hapd->conf->ssid.ssid,
126 			     hapd->conf->ssid.ssid_len)) {
127 		wpa_printf(MSG_ERROR, "Could not set SSID for kernel driver");
128 		/* try to continue */
129 	}
130 	wpa_printf(MSG_DEBUG, "Reconfigured interface %s", hapd->conf->iface);
131 }
132 
133 
134 static void hostapd_clear_old(struct hostapd_iface *iface)
135 {
136 	size_t j;
137 
138 	/*
139 	 * Deauthenticate all stations since the new configuration may not
140 	 * allow them to use the BSS anymore.
141 	 */
142 	for (j = 0; j < iface->num_bss; j++) {
143 		hostapd_flush_old_stations(iface->bss[j],
144 					   WLAN_REASON_PREV_AUTH_NOT_VALID);
145 		hostapd_broadcast_wep_clear(iface->bss[j]);
146 
147 #ifndef CONFIG_NO_RADIUS
148 		/* TODO: update dynamic data based on changed configuration
149 		 * items (e.g., open/close sockets, etc.) */
150 		radius_client_flush(iface->bss[j]->radius, 0);
151 #endif /* CONFIG_NO_RADIUS */
152 	}
153 }
154 
155 
156 int hostapd_reload_config(struct hostapd_iface *iface)
157 {
158 	struct hostapd_data *hapd = iface->bss[0];
159 	struct hostapd_config *newconf, *oldconf;
160 	size_t j;
161 
162 	if (iface->config_fname == NULL) {
163 		/* Only in-memory config in use - assume it has been updated */
164 		hostapd_clear_old(iface);
165 		for (j = 0; j < iface->num_bss; j++)
166 			hostapd_reload_bss(iface->bss[j]);
167 		return 0;
168 	}
169 
170 	if (iface->interfaces == NULL ||
171 	    iface->interfaces->config_read_cb == NULL)
172 		return -1;
173 	newconf = iface->interfaces->config_read_cb(iface->config_fname);
174 	if (newconf == NULL)
175 		return -1;
176 
177 	hostapd_clear_old(iface);
178 
179 	oldconf = hapd->iconf;
180 	iface->conf = newconf;
181 
182 	for (j = 0; j < iface->num_bss; j++) {
183 		hapd = iface->bss[j];
184 		hapd->iconf = newconf;
185 		hapd->iconf->channel = oldconf->channel;
186 		hapd->iconf->acs = oldconf->acs;
187 		hapd->iconf->secondary_channel = oldconf->secondary_channel;
188 		hapd->iconf->ieee80211n = oldconf->ieee80211n;
189 		hapd->iconf->ieee80211ac = oldconf->ieee80211ac;
190 		hapd->iconf->ht_capab = oldconf->ht_capab;
191 		hapd->iconf->vht_capab = oldconf->vht_capab;
192 		hapd->iconf->vht_oper_chwidth = oldconf->vht_oper_chwidth;
193 		hapd->iconf->vht_oper_centr_freq_seg0_idx =
194 			oldconf->vht_oper_centr_freq_seg0_idx;
195 		hapd->iconf->vht_oper_centr_freq_seg1_idx =
196 			oldconf->vht_oper_centr_freq_seg1_idx;
197 		hapd->conf = newconf->bss[j];
198 		hostapd_reload_bss(hapd);
199 	}
200 
201 	hostapd_config_free(oldconf);
202 
203 
204 	return 0;
205 }
206 
207 
208 static void hostapd_broadcast_key_clear_iface(struct hostapd_data *hapd,
209 					      const char *ifname)
210 {
211 	int i;
212 
213 	if (!ifname)
214 		return;
215 	for (i = 0; i < NUM_WEP_KEYS; i++) {
216 		if (hostapd_drv_set_key(ifname, hapd, WPA_ALG_NONE, NULL, i,
217 					0, NULL, 0, NULL, 0)) {
218 			wpa_printf(MSG_DEBUG, "Failed to clear default "
219 				   "encryption keys (ifname=%s keyidx=%d)",
220 				   ifname, i);
221 		}
222 	}
223 #ifdef CONFIG_IEEE80211W
224 	if (hapd->conf->ieee80211w) {
225 		for (i = NUM_WEP_KEYS; i < NUM_WEP_KEYS + 2; i++) {
226 			if (hostapd_drv_set_key(ifname, hapd, WPA_ALG_NONE,
227 						NULL, i, 0, NULL,
228 						0, NULL, 0)) {
229 				wpa_printf(MSG_DEBUG, "Failed to clear "
230 					   "default mgmt encryption keys "
231 					   "(ifname=%s keyidx=%d)", ifname, i);
232 			}
233 		}
234 	}
235 #endif /* CONFIG_IEEE80211W */
236 }
237 
238 
239 static int hostapd_broadcast_wep_clear(struct hostapd_data *hapd)
240 {
241 	hostapd_broadcast_key_clear_iface(hapd, hapd->conf->iface);
242 	return 0;
243 }
244 
245 
246 static int hostapd_broadcast_wep_set(struct hostapd_data *hapd)
247 {
248 	int errors = 0, idx;
249 	struct hostapd_ssid *ssid = &hapd->conf->ssid;
250 
251 	idx = ssid->wep.idx;
252 	if (ssid->wep.default_len &&
253 	    hostapd_drv_set_key(hapd->conf->iface,
254 				hapd, WPA_ALG_WEP, broadcast_ether_addr, idx,
255 				1, NULL, 0, ssid->wep.key[idx],
256 				ssid->wep.len[idx])) {
257 		wpa_printf(MSG_WARNING, "Could not set WEP encryption.");
258 		errors++;
259 	}
260 
261 	return errors;
262 }
263 
264 
265 static void hostapd_free_hapd_data(struct hostapd_data *hapd)
266 {
267 	os_free(hapd->probereq_cb);
268 	hapd->probereq_cb = NULL;
269 	hapd->num_probereq_cb = 0;
270 
271 #ifdef CONFIG_P2P
272 	wpabuf_free(hapd->p2p_beacon_ie);
273 	hapd->p2p_beacon_ie = NULL;
274 	wpabuf_free(hapd->p2p_probe_resp_ie);
275 	hapd->p2p_probe_resp_ie = NULL;
276 #endif /* CONFIG_P2P */
277 
278 	if (!hapd->started) {
279 		wpa_printf(MSG_ERROR, "%s: Interface %s wasn't started",
280 			   __func__, hapd->conf->iface);
281 		return;
282 	}
283 	hapd->started = 0;
284 
285 	wpa_printf(MSG_DEBUG, "%s(%s)", __func__, hapd->conf->iface);
286 	iapp_deinit(hapd->iapp);
287 	hapd->iapp = NULL;
288 	accounting_deinit(hapd);
289 	hostapd_deinit_wpa(hapd);
290 	vlan_deinit(hapd);
291 	hostapd_acl_deinit(hapd);
292 #ifndef CONFIG_NO_RADIUS
293 	radius_client_deinit(hapd->radius);
294 	hapd->radius = NULL;
295 	radius_das_deinit(hapd->radius_das);
296 	hapd->radius_das = NULL;
297 #endif /* CONFIG_NO_RADIUS */
298 
299 	hostapd_deinit_wps(hapd);
300 
301 	authsrv_deinit(hapd);
302 
303 	if (hapd->interface_added) {
304 		hapd->interface_added = 0;
305 		if (hostapd_if_remove(hapd, WPA_IF_AP_BSS, hapd->conf->iface)) {
306 			wpa_printf(MSG_WARNING,
307 				   "Failed to remove BSS interface %s",
308 				   hapd->conf->iface);
309 			hapd->interface_added = 1;
310 		} else {
311 			/*
312 			 * Since this was a dynamically added interface, the
313 			 * driver wrapper may have removed its internal instance
314 			 * and hapd->drv_priv is not valid anymore.
315 			 */
316 			hapd->drv_priv = NULL;
317 		}
318 	}
319 
320 	wpabuf_free(hapd->time_adv);
321 
322 #ifdef CONFIG_INTERWORKING
323 	gas_serv_deinit(hapd);
324 #endif /* CONFIG_INTERWORKING */
325 
326 	bss_load_update_deinit(hapd);
327 	ndisc_snoop_deinit(hapd);
328 	dhcp_snoop_deinit(hapd);
329 	x_snoop_deinit(hapd);
330 
331 #ifdef CONFIG_SQLITE
332 	bin_clear_free(hapd->tmp_eap_user.identity,
333 		       hapd->tmp_eap_user.identity_len);
334 	bin_clear_free(hapd->tmp_eap_user.password,
335 		       hapd->tmp_eap_user.password_len);
336 #endif /* CONFIG_SQLITE */
337 
338 #ifdef CONFIG_MESH
339 	wpabuf_free(hapd->mesh_pending_auth);
340 	hapd->mesh_pending_auth = NULL;
341 #endif /* CONFIG_MESH */
342 
343 	hostapd_clean_rrm(hapd);
344 }
345 
346 
347 /**
348  * hostapd_cleanup - Per-BSS cleanup (deinitialization)
349  * @hapd: Pointer to BSS data
350  *
351  * This function is used to free all per-BSS data structures and resources.
352  * Most of the modules that are initialized in hostapd_setup_bss() are
353  * deinitialized here.
354  */
355 static void hostapd_cleanup(struct hostapd_data *hapd)
356 {
357 	wpa_printf(MSG_DEBUG, "%s(hapd=%p (%s))", __func__, hapd,
358 		   hapd->conf->iface);
359 	if (hapd->iface->interfaces &&
360 	    hapd->iface->interfaces->ctrl_iface_deinit)
361 		hapd->iface->interfaces->ctrl_iface_deinit(hapd);
362 	hostapd_free_hapd_data(hapd);
363 }
364 
365 
366 static void sta_track_deinit(struct hostapd_iface *iface)
367 {
368 	struct hostapd_sta_info *info;
369 
370 	if (!iface->num_sta_seen)
371 		return;
372 
373 	while ((info = dl_list_first(&iface->sta_seen, struct hostapd_sta_info,
374 				     list))) {
375 		dl_list_del(&info->list);
376 		iface->num_sta_seen--;
377 		sta_track_del(info);
378 	}
379 }
380 
381 
382 static void hostapd_cleanup_iface_partial(struct hostapd_iface *iface)
383 {
384 	wpa_printf(MSG_DEBUG, "%s(%p)", __func__, iface);
385 #ifdef CONFIG_IEEE80211N
386 #ifdef NEED_AP_MLME
387 	hostapd_stop_setup_timers(iface);
388 #endif /* NEED_AP_MLME */
389 #endif /* CONFIG_IEEE80211N */
390 	hostapd_free_hw_features(iface->hw_features, iface->num_hw_features);
391 	iface->hw_features = NULL;
392 	os_free(iface->current_rates);
393 	iface->current_rates = NULL;
394 	os_free(iface->basic_rates);
395 	iface->basic_rates = NULL;
396 	ap_list_deinit(iface);
397 	sta_track_deinit(iface);
398 }
399 
400 
401 /**
402  * hostapd_cleanup_iface - Complete per-interface cleanup
403  * @iface: Pointer to interface data
404  *
405  * This function is called after per-BSS data structures are deinitialized
406  * with hostapd_cleanup().
407  */
408 static void hostapd_cleanup_iface(struct hostapd_iface *iface)
409 {
410 	wpa_printf(MSG_DEBUG, "%s(%p)", __func__, iface);
411 	eloop_cancel_timeout(channel_list_update_timeout, iface, NULL);
412 
413 	hostapd_cleanup_iface_partial(iface);
414 	hostapd_config_free(iface->conf);
415 	iface->conf = NULL;
416 
417 	os_free(iface->config_fname);
418 	os_free(iface->bss);
419 	wpa_printf(MSG_DEBUG, "%s: free iface=%p", __func__, iface);
420 	os_free(iface);
421 }
422 
423 
424 static void hostapd_clear_wep(struct hostapd_data *hapd)
425 {
426 	if (hapd->drv_priv && !hapd->iface->driver_ap_teardown) {
427 		hostapd_set_privacy(hapd, 0);
428 		hostapd_broadcast_wep_clear(hapd);
429 	}
430 }
431 
432 
433 static int hostapd_setup_encryption(char *iface, struct hostapd_data *hapd)
434 {
435 	int i;
436 
437 	hostapd_broadcast_wep_set(hapd);
438 
439 	if (hapd->conf->ssid.wep.default_len) {
440 		hostapd_set_privacy(hapd, 1);
441 		return 0;
442 	}
443 
444 	/*
445 	 * When IEEE 802.1X is not enabled, the driver may need to know how to
446 	 * set authentication algorithms for static WEP.
447 	 */
448 	hostapd_drv_set_authmode(hapd, hapd->conf->auth_algs);
449 
450 	for (i = 0; i < 4; i++) {
451 		if (hapd->conf->ssid.wep.key[i] &&
452 		    hostapd_drv_set_key(iface, hapd, WPA_ALG_WEP, NULL, i,
453 					i == hapd->conf->ssid.wep.idx, NULL, 0,
454 					hapd->conf->ssid.wep.key[i],
455 					hapd->conf->ssid.wep.len[i])) {
456 			wpa_printf(MSG_WARNING, "Could not set WEP "
457 				   "encryption.");
458 			return -1;
459 		}
460 		if (hapd->conf->ssid.wep.key[i] &&
461 		    i == hapd->conf->ssid.wep.idx)
462 			hostapd_set_privacy(hapd, 1);
463 	}
464 
465 	return 0;
466 }
467 
468 
469 static int hostapd_flush_old_stations(struct hostapd_data *hapd, u16 reason)
470 {
471 	int ret = 0;
472 	u8 addr[ETH_ALEN];
473 
474 	if (hostapd_drv_none(hapd) || hapd->drv_priv == NULL)
475 		return 0;
476 
477 	if (!hapd->iface->driver_ap_teardown) {
478 		wpa_dbg(hapd->msg_ctx, MSG_DEBUG,
479 			"Flushing old station entries");
480 
481 		if (hostapd_flush(hapd)) {
482 			wpa_msg(hapd->msg_ctx, MSG_WARNING,
483 				"Could not connect to kernel driver");
484 			ret = -1;
485 		}
486 	}
487 	wpa_dbg(hapd->msg_ctx, MSG_DEBUG, "Deauthenticate all stations");
488 	os_memset(addr, 0xff, ETH_ALEN);
489 	hostapd_drv_sta_deauth(hapd, addr, reason);
490 	hostapd_free_stas(hapd);
491 
492 	return ret;
493 }
494 
495 
496 static void hostapd_bss_deinit_no_free(struct hostapd_data *hapd)
497 {
498 	hostapd_free_stas(hapd);
499 	hostapd_flush_old_stations(hapd, WLAN_REASON_DEAUTH_LEAVING);
500 	hostapd_clear_wep(hapd);
501 }
502 
503 
504 /**
505  * hostapd_validate_bssid_configuration - Validate BSSID configuration
506  * @iface: Pointer to interface data
507  * Returns: 0 on success, -1 on failure
508  *
509  * This function is used to validate that the configured BSSIDs are valid.
510  */
511 static int hostapd_validate_bssid_configuration(struct hostapd_iface *iface)
512 {
513 	u8 mask[ETH_ALEN] = { 0 };
514 	struct hostapd_data *hapd = iface->bss[0];
515 	unsigned int i = iface->conf->num_bss, bits = 0, j;
516 	int auto_addr = 0;
517 
518 	if (hostapd_drv_none(hapd))
519 		return 0;
520 
521 	if (iface->conf->use_driver_iface_addr)
522 		return 0;
523 
524 	/* Generate BSSID mask that is large enough to cover the BSSIDs. */
525 
526 	/* Determine the bits necessary to cover the number of BSSIDs. */
527 	for (i--; i; i >>= 1)
528 		bits++;
529 
530 	/* Determine the bits necessary to any configured BSSIDs,
531 	   if they are higher than the number of BSSIDs. */
532 	for (j = 0; j < iface->conf->num_bss; j++) {
533 		if (is_zero_ether_addr(iface->conf->bss[j]->bssid)) {
534 			if (j)
535 				auto_addr++;
536 			continue;
537 		}
538 
539 		for (i = 0; i < ETH_ALEN; i++) {
540 			mask[i] |=
541 				iface->conf->bss[j]->bssid[i] ^
542 				hapd->own_addr[i];
543 		}
544 	}
545 
546 	if (!auto_addr)
547 		goto skip_mask_ext;
548 
549 	for (i = 0; i < ETH_ALEN && mask[i] == 0; i++)
550 		;
551 	j = 0;
552 	if (i < ETH_ALEN) {
553 		j = (5 - i) * 8;
554 
555 		while (mask[i] != 0) {
556 			mask[i] >>= 1;
557 			j++;
558 		}
559 	}
560 
561 	if (bits < j)
562 		bits = j;
563 
564 	if (bits > 40) {
565 		wpa_printf(MSG_ERROR, "Too many bits in the BSSID mask (%u)",
566 			   bits);
567 		return -1;
568 	}
569 
570 	os_memset(mask, 0xff, ETH_ALEN);
571 	j = bits / 8;
572 	for (i = 5; i > 5 - j; i--)
573 		mask[i] = 0;
574 	j = bits % 8;
575 	while (j--)
576 		mask[i] <<= 1;
577 
578 skip_mask_ext:
579 	wpa_printf(MSG_DEBUG, "BSS count %lu, BSSID mask " MACSTR " (%d bits)",
580 		   (unsigned long) iface->conf->num_bss, MAC2STR(mask), bits);
581 
582 	if (!auto_addr)
583 		return 0;
584 
585 	for (i = 0; i < ETH_ALEN; i++) {
586 		if ((hapd->own_addr[i] & mask[i]) != hapd->own_addr[i]) {
587 			wpa_printf(MSG_ERROR, "Invalid BSSID mask " MACSTR
588 				   " for start address " MACSTR ".",
589 				   MAC2STR(mask), MAC2STR(hapd->own_addr));
590 			wpa_printf(MSG_ERROR, "Start address must be the "
591 				   "first address in the block (i.e., addr "
592 				   "AND mask == addr).");
593 			return -1;
594 		}
595 	}
596 
597 	return 0;
598 }
599 
600 
601 static int mac_in_conf(struct hostapd_config *conf, const void *a)
602 {
603 	size_t i;
604 
605 	for (i = 0; i < conf->num_bss; i++) {
606 		if (hostapd_mac_comp(conf->bss[i]->bssid, a) == 0) {
607 			return 1;
608 		}
609 	}
610 
611 	return 0;
612 }
613 
614 
615 #ifndef CONFIG_NO_RADIUS
616 
617 static int hostapd_das_nas_mismatch(struct hostapd_data *hapd,
618 				    struct radius_das_attrs *attr)
619 {
620 	if (attr->nas_identifier &&
621 	    (!hapd->conf->nas_identifier ||
622 	     os_strlen(hapd->conf->nas_identifier) !=
623 	     attr->nas_identifier_len ||
624 	     os_memcmp(hapd->conf->nas_identifier, attr->nas_identifier,
625 		       attr->nas_identifier_len) != 0)) {
626 		wpa_printf(MSG_DEBUG, "RADIUS DAS: NAS-Identifier mismatch");
627 		return 1;
628 	}
629 
630 	if (attr->nas_ip_addr &&
631 	    (hapd->conf->own_ip_addr.af != AF_INET ||
632 	     os_memcmp(&hapd->conf->own_ip_addr.u.v4, attr->nas_ip_addr, 4) !=
633 	     0)) {
634 		wpa_printf(MSG_DEBUG, "RADIUS DAS: NAS-IP-Address mismatch");
635 		return 1;
636 	}
637 
638 #ifdef CONFIG_IPV6
639 	if (attr->nas_ipv6_addr &&
640 	    (hapd->conf->own_ip_addr.af != AF_INET6 ||
641 	     os_memcmp(&hapd->conf->own_ip_addr.u.v6, attr->nas_ipv6_addr, 16)
642 	     != 0)) {
643 		wpa_printf(MSG_DEBUG, "RADIUS DAS: NAS-IPv6-Address mismatch");
644 		return 1;
645 	}
646 #endif /* CONFIG_IPV6 */
647 
648 	return 0;
649 }
650 
651 
652 static struct sta_info * hostapd_das_find_sta(struct hostapd_data *hapd,
653 					      struct radius_das_attrs *attr,
654 					      int *multi)
655 {
656 	struct sta_info *selected, *sta;
657 	char buf[128];
658 	int num_attr = 0;
659 	int count;
660 
661 	*multi = 0;
662 
663 	for (sta = hapd->sta_list; sta; sta = sta->next)
664 		sta->radius_das_match = 1;
665 
666 	if (attr->sta_addr) {
667 		num_attr++;
668 		sta = ap_get_sta(hapd, attr->sta_addr);
669 		if (!sta) {
670 			wpa_printf(MSG_DEBUG,
671 				   "RADIUS DAS: No Calling-Station-Id match");
672 			return NULL;
673 		}
674 
675 		selected = sta;
676 		for (sta = hapd->sta_list; sta; sta = sta->next) {
677 			if (sta != selected)
678 				sta->radius_das_match = 0;
679 		}
680 		wpa_printf(MSG_DEBUG, "RADIUS DAS: Calling-Station-Id match");
681 	}
682 
683 	if (attr->acct_session_id) {
684 		num_attr++;
685 		if (attr->acct_session_id_len != 16) {
686 			wpa_printf(MSG_DEBUG,
687 				   "RADIUS DAS: Acct-Session-Id cannot match");
688 			return NULL;
689 		}
690 		count = 0;
691 
692 		for (sta = hapd->sta_list; sta; sta = sta->next) {
693 			if (!sta->radius_das_match)
694 				continue;
695 			os_snprintf(buf, sizeof(buf), "%016llX",
696 				    (unsigned long long) sta->acct_session_id);
697 			if (os_memcmp(attr->acct_session_id, buf, 16) != 0)
698 				sta->radius_das_match = 0;
699 			else
700 				count++;
701 		}
702 
703 		if (count == 0) {
704 			wpa_printf(MSG_DEBUG,
705 				   "RADIUS DAS: No matches remaining after Acct-Session-Id check");
706 			return NULL;
707 		}
708 		wpa_printf(MSG_DEBUG, "RADIUS DAS: Acct-Session-Id match");
709 	}
710 
711 	if (attr->acct_multi_session_id) {
712 		num_attr++;
713 		if (attr->acct_multi_session_id_len != 16) {
714 			wpa_printf(MSG_DEBUG,
715 				   "RADIUS DAS: Acct-Multi-Session-Id cannot match");
716 			return NULL;
717 		}
718 		count = 0;
719 
720 		for (sta = hapd->sta_list; sta; sta = sta->next) {
721 			if (!sta->radius_das_match)
722 				continue;
723 			if (!sta->eapol_sm ||
724 			    !sta->eapol_sm->acct_multi_session_id) {
725 				sta->radius_das_match = 0;
726 				continue;
727 			}
728 			os_snprintf(buf, sizeof(buf), "%016llX",
729 				    (unsigned long long)
730 				    sta->eapol_sm->acct_multi_session_id);
731 			if (os_memcmp(attr->acct_multi_session_id, buf, 16) !=
732 			    0)
733 				sta->radius_das_match = 0;
734 			else
735 				count++;
736 		}
737 
738 		if (count == 0) {
739 			wpa_printf(MSG_DEBUG,
740 				   "RADIUS DAS: No matches remaining after Acct-Multi-Session-Id check");
741 			return NULL;
742 		}
743 		wpa_printf(MSG_DEBUG,
744 			   "RADIUS DAS: Acct-Multi-Session-Id match");
745 	}
746 
747 	if (attr->cui) {
748 		num_attr++;
749 		count = 0;
750 
751 		for (sta = hapd->sta_list; sta; sta = sta->next) {
752 			struct wpabuf *cui;
753 
754 			if (!sta->radius_das_match)
755 				continue;
756 			cui = ieee802_1x_get_radius_cui(sta->eapol_sm);
757 			if (!cui || wpabuf_len(cui) != attr->cui_len ||
758 			    os_memcmp(wpabuf_head(cui), attr->cui,
759 				      attr->cui_len) != 0)
760 				sta->radius_das_match = 0;
761 			else
762 				count++;
763 		}
764 
765 		if (count == 0) {
766 			wpa_printf(MSG_DEBUG,
767 				   "RADIUS DAS: No matches remaining after Chargeable-User-Identity check");
768 			return NULL;
769 		}
770 		wpa_printf(MSG_DEBUG,
771 			   "RADIUS DAS: Chargeable-User-Identity match");
772 	}
773 
774 	if (attr->user_name) {
775 		num_attr++;
776 		count = 0;
777 
778 		for (sta = hapd->sta_list; sta; sta = sta->next) {
779 			u8 *identity;
780 			size_t identity_len;
781 
782 			if (!sta->radius_das_match)
783 				continue;
784 			identity = ieee802_1x_get_identity(sta->eapol_sm,
785 							   &identity_len);
786 			if (!identity ||
787 			    identity_len != attr->user_name_len ||
788 			    os_memcmp(identity, attr->user_name, identity_len)
789 			    != 0)
790 				sta->radius_das_match = 0;
791 			else
792 				count++;
793 		}
794 
795 		if (count == 0) {
796 			wpa_printf(MSG_DEBUG,
797 				   "RADIUS DAS: No matches remaining after User-Name check");
798 			return NULL;
799 		}
800 		wpa_printf(MSG_DEBUG,
801 			   "RADIUS DAS: User-Name match");
802 	}
803 
804 	if (num_attr == 0) {
805 		/*
806 		 * In theory, we could match all current associations, but it
807 		 * seems safer to just reject requests that do not include any
808 		 * session identification attributes.
809 		 */
810 		wpa_printf(MSG_DEBUG,
811 			   "RADIUS DAS: No session identification attributes included");
812 		return NULL;
813 	}
814 
815 	selected = NULL;
816 	for (sta = hapd->sta_list; sta; sta = sta->next) {
817 		if (sta->radius_das_match) {
818 			if (selected) {
819 				*multi = 1;
820 				return NULL;
821 			}
822 			selected = sta;
823 		}
824 	}
825 
826 	return selected;
827 }
828 
829 
830 static int hostapd_das_disconnect_pmksa(struct hostapd_data *hapd,
831 					struct radius_das_attrs *attr)
832 {
833 	if (!hapd->wpa_auth)
834 		return -1;
835 	return wpa_auth_radius_das_disconnect_pmksa(hapd->wpa_auth, attr);
836 }
837 
838 
839 static enum radius_das_res
840 hostapd_das_disconnect(void *ctx, struct radius_das_attrs *attr)
841 {
842 	struct hostapd_data *hapd = ctx;
843 	struct sta_info *sta;
844 	int multi;
845 
846 	if (hostapd_das_nas_mismatch(hapd, attr))
847 		return RADIUS_DAS_NAS_MISMATCH;
848 
849 	sta = hostapd_das_find_sta(hapd, attr, &multi);
850 	if (sta == NULL) {
851 		if (multi) {
852 			wpa_printf(MSG_DEBUG,
853 				   "RADIUS DAS: Multiple sessions match - not supported");
854 			return RADIUS_DAS_MULTI_SESSION_MATCH;
855 		}
856 		if (hostapd_das_disconnect_pmksa(hapd, attr) == 0) {
857 			wpa_printf(MSG_DEBUG,
858 				   "RADIUS DAS: PMKSA cache entry matched");
859 			return RADIUS_DAS_SUCCESS;
860 		}
861 		wpa_printf(MSG_DEBUG, "RADIUS DAS: No matching session found");
862 		return RADIUS_DAS_SESSION_NOT_FOUND;
863 	}
864 
865 	wpa_printf(MSG_DEBUG, "RADIUS DAS: Found a matching session " MACSTR
866 		   " - disconnecting", MAC2STR(sta->addr));
867 	wpa_auth_pmksa_remove(hapd->wpa_auth, sta->addr);
868 
869 	hostapd_drv_sta_deauth(hapd, sta->addr,
870 			       WLAN_REASON_PREV_AUTH_NOT_VALID);
871 	ap_sta_deauthenticate(hapd, sta, WLAN_REASON_PREV_AUTH_NOT_VALID);
872 
873 	return RADIUS_DAS_SUCCESS;
874 }
875 
876 #endif /* CONFIG_NO_RADIUS */
877 
878 
879 /**
880  * hostapd_setup_bss - Per-BSS setup (initialization)
881  * @hapd: Pointer to BSS data
882  * @first: Whether this BSS is the first BSS of an interface; -1 = not first,
883  *	but interface may exist
884  *
885  * This function is used to initialize all per-BSS data structures and
886  * resources. This gets called in a loop for each BSS when an interface is
887  * initialized. Most of the modules that are initialized here will be
888  * deinitialized in hostapd_cleanup().
889  */
890 static int hostapd_setup_bss(struct hostapd_data *hapd, int first)
891 {
892 	struct hostapd_bss_config *conf = hapd->conf;
893 	u8 ssid[SSID_MAX_LEN + 1];
894 	int ssid_len, set_ssid;
895 	char force_ifname[IFNAMSIZ];
896 	u8 if_addr[ETH_ALEN];
897 	int flush_old_stations = 1;
898 
899 	wpa_printf(MSG_DEBUG, "%s(hapd=%p (%s), first=%d)",
900 		   __func__, hapd, conf->iface, first);
901 
902 #ifdef EAP_SERVER_TNC
903 	if (conf->tnc && tncs_global_init() < 0) {
904 		wpa_printf(MSG_ERROR, "Failed to initialize TNCS");
905 		return -1;
906 	}
907 #endif /* EAP_SERVER_TNC */
908 
909 	if (hapd->started) {
910 		wpa_printf(MSG_ERROR, "%s: Interface %s was already started",
911 			   __func__, conf->iface);
912 		return -1;
913 	}
914 	hapd->started = 1;
915 
916 	if (!first || first == -1) {
917 		u8 *addr = hapd->own_addr;
918 
919 		if (!is_zero_ether_addr(conf->bssid)) {
920 			/* Allocate the configured BSSID. */
921 			os_memcpy(hapd->own_addr, conf->bssid, ETH_ALEN);
922 
923 			if (hostapd_mac_comp(hapd->own_addr,
924 					     hapd->iface->bss[0]->own_addr) ==
925 			    0) {
926 				wpa_printf(MSG_ERROR, "BSS '%s' may not have "
927 					   "BSSID set to the MAC address of "
928 					   "the radio", conf->iface);
929 				return -1;
930 			}
931 		} else if (hapd->iconf->use_driver_iface_addr) {
932 			addr = NULL;
933 		} else {
934 			/* Allocate the next available BSSID. */
935 			do {
936 				inc_byte_array(hapd->own_addr, ETH_ALEN);
937 			} while (mac_in_conf(hapd->iconf, hapd->own_addr));
938 		}
939 
940 		hapd->interface_added = 1;
941 		if (hostapd_if_add(hapd->iface->bss[0], WPA_IF_AP_BSS,
942 				   conf->iface, addr, hapd,
943 				   &hapd->drv_priv, force_ifname, if_addr,
944 				   conf->bridge[0] ? conf->bridge : NULL,
945 				   first == -1)) {
946 			wpa_printf(MSG_ERROR, "Failed to add BSS (BSSID="
947 				   MACSTR ")", MAC2STR(hapd->own_addr));
948 			hapd->interface_added = 0;
949 			return -1;
950 		}
951 
952 		if (!addr)
953 			os_memcpy(hapd->own_addr, if_addr, ETH_ALEN);
954 	}
955 
956 	if (conf->wmm_enabled < 0)
957 		conf->wmm_enabled = hapd->iconf->ieee80211n;
958 
959 #ifdef CONFIG_IEEE80211R
960 	if (is_zero_ether_addr(conf->r1_key_holder))
961 		os_memcpy(conf->r1_key_holder, hapd->own_addr, ETH_ALEN);
962 #endif /* CONFIG_IEEE80211R */
963 
964 #ifdef CONFIG_MESH
965 	if (hapd->iface->mconf == NULL)
966 		flush_old_stations = 0;
967 #endif /* CONFIG_MESH */
968 
969 	if (flush_old_stations)
970 		hostapd_flush_old_stations(hapd,
971 					   WLAN_REASON_PREV_AUTH_NOT_VALID);
972 	hostapd_set_privacy(hapd, 0);
973 
974 	hostapd_broadcast_wep_clear(hapd);
975 	if (hostapd_setup_encryption(conf->iface, hapd))
976 		return -1;
977 
978 	/*
979 	 * Fetch the SSID from the system and use it or,
980 	 * if one was specified in the config file, verify they
981 	 * match.
982 	 */
983 	ssid_len = hostapd_get_ssid(hapd, ssid, sizeof(ssid));
984 	if (ssid_len < 0) {
985 		wpa_printf(MSG_ERROR, "Could not read SSID from system");
986 		return -1;
987 	}
988 	if (conf->ssid.ssid_set) {
989 		/*
990 		 * If SSID is specified in the config file and it differs
991 		 * from what is being used then force installation of the
992 		 * new SSID.
993 		 */
994 		set_ssid = (conf->ssid.ssid_len != (size_t) ssid_len ||
995 			    os_memcmp(conf->ssid.ssid, ssid, ssid_len) != 0);
996 	} else {
997 		/*
998 		 * No SSID in the config file; just use the one we got
999 		 * from the system.
1000 		 */
1001 		set_ssid = 0;
1002 		conf->ssid.ssid_len = ssid_len;
1003 		os_memcpy(conf->ssid.ssid, ssid, conf->ssid.ssid_len);
1004 	}
1005 
1006 	if (!hostapd_drv_none(hapd)) {
1007 		wpa_printf(MSG_ERROR, "Using interface %s with hwaddr " MACSTR
1008 			   " and ssid \"%s\"",
1009 			   conf->iface, MAC2STR(hapd->own_addr),
1010 			   wpa_ssid_txt(conf->ssid.ssid, conf->ssid.ssid_len));
1011 	}
1012 
1013 	if (hostapd_setup_wpa_psk(conf)) {
1014 		wpa_printf(MSG_ERROR, "WPA-PSK setup failed.");
1015 		return -1;
1016 	}
1017 
1018 	/* Set SSID for the kernel driver (to be used in beacon and probe
1019 	 * response frames) */
1020 	if (set_ssid && hostapd_set_ssid(hapd, conf->ssid.ssid,
1021 					 conf->ssid.ssid_len)) {
1022 		wpa_printf(MSG_ERROR, "Could not set SSID for kernel driver");
1023 		return -1;
1024 	}
1025 
1026 	if (wpa_debug_level <= MSG_MSGDUMP)
1027 		conf->radius->msg_dumps = 1;
1028 #ifndef CONFIG_NO_RADIUS
1029 	hapd->radius = radius_client_init(hapd, conf->radius);
1030 	if (hapd->radius == NULL) {
1031 		wpa_printf(MSG_ERROR, "RADIUS client initialization failed.");
1032 		return -1;
1033 	}
1034 
1035 	if (conf->radius_das_port) {
1036 		struct radius_das_conf das_conf;
1037 		os_memset(&das_conf, 0, sizeof(das_conf));
1038 		das_conf.port = conf->radius_das_port;
1039 		das_conf.shared_secret = conf->radius_das_shared_secret;
1040 		das_conf.shared_secret_len =
1041 			conf->radius_das_shared_secret_len;
1042 		das_conf.client_addr = &conf->radius_das_client_addr;
1043 		das_conf.time_window = conf->radius_das_time_window;
1044 		das_conf.require_event_timestamp =
1045 			conf->radius_das_require_event_timestamp;
1046 		das_conf.require_message_authenticator =
1047 			conf->radius_das_require_message_authenticator;
1048 		das_conf.ctx = hapd;
1049 		das_conf.disconnect = hostapd_das_disconnect;
1050 		hapd->radius_das = radius_das_init(&das_conf);
1051 		if (hapd->radius_das == NULL) {
1052 			wpa_printf(MSG_ERROR, "RADIUS DAS initialization "
1053 				   "failed.");
1054 			return -1;
1055 		}
1056 	}
1057 #endif /* CONFIG_NO_RADIUS */
1058 
1059 	if (hostapd_acl_init(hapd)) {
1060 		wpa_printf(MSG_ERROR, "ACL initialization failed.");
1061 		return -1;
1062 	}
1063 	if (hostapd_init_wps(hapd, conf))
1064 		return -1;
1065 
1066 	if (authsrv_init(hapd) < 0)
1067 		return -1;
1068 
1069 	if (ieee802_1x_init(hapd)) {
1070 		wpa_printf(MSG_ERROR, "IEEE 802.1X initialization failed.");
1071 		return -1;
1072 	}
1073 
1074 	if ((conf->wpa || conf->osen) && hostapd_setup_wpa(hapd))
1075 		return -1;
1076 
1077 	if (accounting_init(hapd)) {
1078 		wpa_printf(MSG_ERROR, "Accounting initialization failed.");
1079 		return -1;
1080 	}
1081 
1082 	if (conf->ieee802_11f &&
1083 	    (hapd->iapp = iapp_init(hapd, conf->iapp_iface)) == NULL) {
1084 		wpa_printf(MSG_ERROR, "IEEE 802.11F (IAPP) initialization "
1085 			   "failed.");
1086 		return -1;
1087 	}
1088 
1089 #ifdef CONFIG_INTERWORKING
1090 	if (gas_serv_init(hapd)) {
1091 		wpa_printf(MSG_ERROR, "GAS server initialization failed");
1092 		return -1;
1093 	}
1094 
1095 	if (conf->qos_map_set_len &&
1096 	    hostapd_drv_set_qos_map(hapd, conf->qos_map_set,
1097 				    conf->qos_map_set_len)) {
1098 		wpa_printf(MSG_ERROR, "Failed to initialize QoS Map");
1099 		return -1;
1100 	}
1101 #endif /* CONFIG_INTERWORKING */
1102 
1103 	if (conf->bss_load_update_period && bss_load_update_init(hapd)) {
1104 		wpa_printf(MSG_ERROR, "BSS Load initialization failed");
1105 		return -1;
1106 	}
1107 
1108 	if (conf->proxy_arp) {
1109 		if (x_snoop_init(hapd)) {
1110 			wpa_printf(MSG_ERROR,
1111 				   "Generic snooping infrastructure initialization failed");
1112 			return -1;
1113 		}
1114 
1115 		if (dhcp_snoop_init(hapd)) {
1116 			wpa_printf(MSG_ERROR,
1117 				   "DHCP snooping initialization failed");
1118 			return -1;
1119 		}
1120 
1121 		if (ndisc_snoop_init(hapd)) {
1122 			wpa_printf(MSG_ERROR,
1123 				   "Neighbor Discovery snooping initialization failed");
1124 			return -1;
1125 		}
1126 	}
1127 
1128 	if (!hostapd_drv_none(hapd) && vlan_init(hapd)) {
1129 		wpa_printf(MSG_ERROR, "VLAN initialization failed.");
1130 		return -1;
1131 	}
1132 
1133 	if (!conf->start_disabled && ieee802_11_set_beacon(hapd) < 0)
1134 		return -1;
1135 
1136 	if (hapd->wpa_auth && wpa_init_keys(hapd->wpa_auth) < 0)
1137 		return -1;
1138 
1139 	if (hapd->driver && hapd->driver->set_operstate)
1140 		hapd->driver->set_operstate(hapd->drv_priv, 1);
1141 
1142 	return 0;
1143 }
1144 
1145 
1146 static void hostapd_tx_queue_params(struct hostapd_iface *iface)
1147 {
1148 	struct hostapd_data *hapd = iface->bss[0];
1149 	int i;
1150 	struct hostapd_tx_queue_params *p;
1151 
1152 #ifdef CONFIG_MESH
1153 	if (iface->mconf == NULL)
1154 		return;
1155 #endif /* CONFIG_MESH */
1156 
1157 	for (i = 0; i < NUM_TX_QUEUES; i++) {
1158 		p = &iface->conf->tx_queue[i];
1159 
1160 		if (hostapd_set_tx_queue_params(hapd, i, p->aifs, p->cwmin,
1161 						p->cwmax, p->burst)) {
1162 			wpa_printf(MSG_DEBUG, "Failed to set TX queue "
1163 				   "parameters for queue %d.", i);
1164 			/* Continue anyway */
1165 		}
1166 	}
1167 }
1168 
1169 
1170 static int hostapd_set_acl_list(struct hostapd_data *hapd,
1171 				struct mac_acl_entry *mac_acl,
1172 				int n_entries, u8 accept_acl)
1173 {
1174 	struct hostapd_acl_params *acl_params;
1175 	int i, err;
1176 
1177 	acl_params = os_zalloc(sizeof(*acl_params) +
1178 			       (n_entries * sizeof(acl_params->mac_acl[0])));
1179 	if (!acl_params)
1180 		return -ENOMEM;
1181 
1182 	for (i = 0; i < n_entries; i++)
1183 		os_memcpy(acl_params->mac_acl[i].addr, mac_acl[i].addr,
1184 			  ETH_ALEN);
1185 
1186 	acl_params->acl_policy = accept_acl;
1187 	acl_params->num_mac_acl = n_entries;
1188 
1189 	err = hostapd_drv_set_acl(hapd, acl_params);
1190 
1191 	os_free(acl_params);
1192 
1193 	return err;
1194 }
1195 
1196 
1197 static void hostapd_set_acl(struct hostapd_data *hapd)
1198 {
1199 	struct hostapd_config *conf = hapd->iconf;
1200 	int err;
1201 	u8 accept_acl;
1202 
1203 	if (hapd->iface->drv_max_acl_mac_addrs == 0)
1204 		return;
1205 
1206 	if (conf->bss[0]->macaddr_acl == DENY_UNLESS_ACCEPTED) {
1207 		accept_acl = 1;
1208 		err = hostapd_set_acl_list(hapd, conf->bss[0]->accept_mac,
1209 					   conf->bss[0]->num_accept_mac,
1210 					   accept_acl);
1211 		if (err) {
1212 			wpa_printf(MSG_DEBUG, "Failed to set accept acl");
1213 			return;
1214 		}
1215 	} else if (conf->bss[0]->macaddr_acl == ACCEPT_UNLESS_DENIED) {
1216 		accept_acl = 0;
1217 		err = hostapd_set_acl_list(hapd, conf->bss[0]->deny_mac,
1218 					   conf->bss[0]->num_deny_mac,
1219 					   accept_acl);
1220 		if (err) {
1221 			wpa_printf(MSG_DEBUG, "Failed to set deny acl");
1222 			return;
1223 		}
1224 	}
1225 }
1226 
1227 
1228 static int start_ctrl_iface_bss(struct hostapd_data *hapd)
1229 {
1230 	if (!hapd->iface->interfaces ||
1231 	    !hapd->iface->interfaces->ctrl_iface_init)
1232 		return 0;
1233 
1234 	if (hapd->iface->interfaces->ctrl_iface_init(hapd)) {
1235 		wpa_printf(MSG_ERROR,
1236 			   "Failed to setup control interface for %s",
1237 			   hapd->conf->iface);
1238 		return -1;
1239 	}
1240 
1241 	return 0;
1242 }
1243 
1244 
1245 static int start_ctrl_iface(struct hostapd_iface *iface)
1246 {
1247 	size_t i;
1248 
1249 	if (!iface->interfaces || !iface->interfaces->ctrl_iface_init)
1250 		return 0;
1251 
1252 	for (i = 0; i < iface->num_bss; i++) {
1253 		struct hostapd_data *hapd = iface->bss[i];
1254 		if (iface->interfaces->ctrl_iface_init(hapd)) {
1255 			wpa_printf(MSG_ERROR,
1256 				   "Failed to setup control interface for %s",
1257 				   hapd->conf->iface);
1258 			return -1;
1259 		}
1260 	}
1261 
1262 	return 0;
1263 }
1264 
1265 
1266 static void channel_list_update_timeout(void *eloop_ctx, void *timeout_ctx)
1267 {
1268 	struct hostapd_iface *iface = eloop_ctx;
1269 
1270 	if (!iface->wait_channel_update) {
1271 		wpa_printf(MSG_INFO, "Channel list update timeout, but interface was not waiting for it");
1272 		return;
1273 	}
1274 
1275 	/*
1276 	 * It is possible that the existing channel list is acceptable, so try
1277 	 * to proceed.
1278 	 */
1279 	wpa_printf(MSG_DEBUG, "Channel list update timeout - try to continue anyway");
1280 	setup_interface2(iface);
1281 }
1282 
1283 
1284 void hostapd_channel_list_updated(struct hostapd_iface *iface, int initiator)
1285 {
1286 	if (!iface->wait_channel_update || initiator != REGDOM_SET_BY_USER)
1287 		return;
1288 
1289 	wpa_printf(MSG_DEBUG, "Channel list updated - continue setup");
1290 	eloop_cancel_timeout(channel_list_update_timeout, iface, NULL);
1291 	setup_interface2(iface);
1292 }
1293 
1294 
1295 static int setup_interface(struct hostapd_iface *iface)
1296 {
1297 	struct hostapd_data *hapd = iface->bss[0];
1298 	size_t i;
1299 
1300 	/*
1301 	 * It is possible that setup_interface() is called after the interface
1302 	 * was disabled etc., in which case driver_ap_teardown is possibly set
1303 	 * to 1. Clear it here so any other key/station deletion, which is not
1304 	 * part of a teardown flow, would also call the relevant driver
1305 	 * callbacks.
1306 	 */
1307 	iface->driver_ap_teardown = 0;
1308 
1309 	if (!iface->phy[0]) {
1310 		const char *phy = hostapd_drv_get_radio_name(hapd);
1311 		if (phy) {
1312 			wpa_printf(MSG_DEBUG, "phy: %s", phy);
1313 			os_strlcpy(iface->phy, phy, sizeof(iface->phy));
1314 		}
1315 	}
1316 
1317 	/*
1318 	 * Make sure that all BSSes get configured with a pointer to the same
1319 	 * driver interface.
1320 	 */
1321 	for (i = 1; i < iface->num_bss; i++) {
1322 		iface->bss[i]->driver = hapd->driver;
1323 		iface->bss[i]->drv_priv = hapd->drv_priv;
1324 	}
1325 
1326 	if (hostapd_validate_bssid_configuration(iface))
1327 		return -1;
1328 
1329 	/*
1330 	 * Initialize control interfaces early to allow external monitoring of
1331 	 * channel setup operations that may take considerable amount of time
1332 	 * especially for DFS cases.
1333 	 */
1334 	if (start_ctrl_iface(iface))
1335 		return -1;
1336 
1337 	if (hapd->iconf->country[0] && hapd->iconf->country[1]) {
1338 		char country[4], previous_country[4];
1339 
1340 		hostapd_set_state(iface, HAPD_IFACE_COUNTRY_UPDATE);
1341 		if (hostapd_get_country(hapd, previous_country) < 0)
1342 			previous_country[0] = '\0';
1343 
1344 		os_memcpy(country, hapd->iconf->country, 3);
1345 		country[3] = '\0';
1346 		if (hostapd_set_country(hapd, country) < 0) {
1347 			wpa_printf(MSG_ERROR, "Failed to set country code");
1348 			return -1;
1349 		}
1350 
1351 		wpa_printf(MSG_DEBUG, "Previous country code %s, new country code %s",
1352 			   previous_country, country);
1353 
1354 		if (os_strncmp(previous_country, country, 2) != 0) {
1355 			wpa_printf(MSG_DEBUG, "Continue interface setup after channel list update");
1356 			iface->wait_channel_update = 1;
1357 			eloop_register_timeout(5, 0,
1358 					       channel_list_update_timeout,
1359 					       iface, NULL);
1360 			return 0;
1361 		}
1362 	}
1363 
1364 	return setup_interface2(iface);
1365 }
1366 
1367 
1368 static int setup_interface2(struct hostapd_iface *iface)
1369 {
1370 	iface->wait_channel_update = 0;
1371 
1372 	if (hostapd_get_hw_features(iface)) {
1373 		/* Not all drivers support this yet, so continue without hw
1374 		 * feature data. */
1375 	} else {
1376 		int ret = hostapd_select_hw_mode(iface);
1377 		if (ret < 0) {
1378 			wpa_printf(MSG_ERROR, "Could not select hw_mode and "
1379 				   "channel. (%d)", ret);
1380 			goto fail;
1381 		}
1382 		if (ret == 1) {
1383 			wpa_printf(MSG_DEBUG, "Interface initialization will be completed in a callback (ACS)");
1384 			return 0;
1385 		}
1386 		ret = hostapd_check_ht_capab(iface);
1387 		if (ret < 0)
1388 			goto fail;
1389 		if (ret == 1) {
1390 			wpa_printf(MSG_DEBUG, "Interface initialization will "
1391 				   "be completed in a callback");
1392 			return 0;
1393 		}
1394 
1395 		if (iface->conf->ieee80211h)
1396 			wpa_printf(MSG_DEBUG, "DFS support is enabled");
1397 	}
1398 	return hostapd_setup_interface_complete(iface, 0);
1399 
1400 fail:
1401 	hostapd_set_state(iface, HAPD_IFACE_DISABLED);
1402 	wpa_msg(iface->bss[0]->msg_ctx, MSG_INFO, AP_EVENT_DISABLED);
1403 	if (iface->interfaces && iface->interfaces->terminate_on_error)
1404 		eloop_terminate();
1405 	return -1;
1406 }
1407 
1408 
1409 #ifdef CONFIG_FST
1410 
1411 static const u8 * fst_hostapd_get_bssid_cb(void *ctx)
1412 {
1413 	struct hostapd_data *hapd = ctx;
1414 
1415 	return hapd->own_addr;
1416 }
1417 
1418 
1419 static void fst_hostapd_get_channel_info_cb(void *ctx,
1420 					    enum hostapd_hw_mode *hw_mode,
1421 					    u8 *channel)
1422 {
1423 	struct hostapd_data *hapd = ctx;
1424 
1425 	*hw_mode = ieee80211_freq_to_chan(hapd->iface->freq, channel);
1426 }
1427 
1428 
1429 static void fst_hostapd_set_ies_cb(void *ctx, const struct wpabuf *fst_ies)
1430 {
1431 	struct hostapd_data *hapd = ctx;
1432 
1433 	if (hapd->iface->fst_ies != fst_ies) {
1434 		hapd->iface->fst_ies = fst_ies;
1435 		if (ieee802_11_set_beacon(hapd))
1436 			wpa_printf(MSG_WARNING, "FST: Cannot set beacon");
1437 	}
1438 }
1439 
1440 
1441 static int fst_hostapd_send_action_cb(void *ctx, const u8 *da,
1442 				      struct wpabuf *buf)
1443 {
1444 	struct hostapd_data *hapd = ctx;
1445 
1446 	return hostapd_drv_send_action(hapd, hapd->iface->freq, 0, da,
1447 				       wpabuf_head(buf), wpabuf_len(buf));
1448 }
1449 
1450 
1451 static const struct wpabuf * fst_hostapd_get_mb_ie_cb(void *ctx, const u8 *addr)
1452 {
1453 	struct hostapd_data *hapd = ctx;
1454 	struct sta_info *sta = ap_get_sta(hapd, addr);
1455 
1456 	return sta ? sta->mb_ies : NULL;
1457 }
1458 
1459 
1460 static void fst_hostapd_update_mb_ie_cb(void *ctx, const u8 *addr,
1461 					const u8 *buf, size_t size)
1462 {
1463 	struct hostapd_data *hapd = ctx;
1464 	struct sta_info *sta = ap_get_sta(hapd, addr);
1465 
1466 	if (sta) {
1467 		struct mb_ies_info info;
1468 
1469 		if (!mb_ies_info_by_ies(&info, buf, size)) {
1470 			wpabuf_free(sta->mb_ies);
1471 			sta->mb_ies = mb_ies_by_info(&info);
1472 		}
1473 	}
1474 }
1475 
1476 
1477 static const u8 * fst_hostapd_get_sta(struct fst_get_peer_ctx **get_ctx,
1478 				      Boolean mb_only)
1479 {
1480 	struct sta_info *s = (struct sta_info *) *get_ctx;
1481 
1482 	if (mb_only) {
1483 		for (; s && !s->mb_ies; s = s->next)
1484 			;
1485 	}
1486 
1487 	if (s) {
1488 		*get_ctx = (struct fst_get_peer_ctx *) s->next;
1489 
1490 		return s->addr;
1491 	}
1492 
1493 	*get_ctx = NULL;
1494 	return NULL;
1495 }
1496 
1497 
1498 static const u8 * fst_hostapd_get_peer_first(void *ctx,
1499 					     struct fst_get_peer_ctx **get_ctx,
1500 					     Boolean mb_only)
1501 {
1502 	struct hostapd_data *hapd = ctx;
1503 
1504 	*get_ctx = (struct fst_get_peer_ctx *) hapd->sta_list;
1505 
1506 	return fst_hostapd_get_sta(get_ctx, mb_only);
1507 }
1508 
1509 
1510 static const u8 * fst_hostapd_get_peer_next(void *ctx,
1511 					    struct fst_get_peer_ctx **get_ctx,
1512 					    Boolean mb_only)
1513 {
1514 	return fst_hostapd_get_sta(get_ctx, mb_only);
1515 }
1516 
1517 
1518 void fst_hostapd_fill_iface_obj(struct hostapd_data *hapd,
1519 				struct fst_wpa_obj *iface_obj)
1520 {
1521 	iface_obj->ctx = hapd;
1522 	iface_obj->get_bssid = fst_hostapd_get_bssid_cb;
1523 	iface_obj->get_channel_info = fst_hostapd_get_channel_info_cb;
1524 	iface_obj->set_ies = fst_hostapd_set_ies_cb;
1525 	iface_obj->send_action = fst_hostapd_send_action_cb;
1526 	iface_obj->get_mb_ie = fst_hostapd_get_mb_ie_cb;
1527 	iface_obj->update_mb_ie = fst_hostapd_update_mb_ie_cb;
1528 	iface_obj->get_peer_first = fst_hostapd_get_peer_first;
1529 	iface_obj->get_peer_next = fst_hostapd_get_peer_next;
1530 }
1531 
1532 #endif /* CONFIG_FST */
1533 
1534 
1535 #ifdef NEED_AP_MLME
1536 static enum nr_chan_width hostapd_get_nr_chan_width(struct hostapd_data *hapd,
1537 						    int ht, int vht)
1538 {
1539 	if (!ht && !vht)
1540 		return NR_CHAN_WIDTH_20;
1541 	if (!hapd->iconf->secondary_channel)
1542 		return NR_CHAN_WIDTH_20;
1543 	if (!vht || hapd->iconf->vht_oper_chwidth == VHT_CHANWIDTH_USE_HT)
1544 		return NR_CHAN_WIDTH_40;
1545 	if (hapd->iconf->vht_oper_chwidth == VHT_CHANWIDTH_80MHZ)
1546 		return NR_CHAN_WIDTH_80;
1547 	if (hapd->iconf->vht_oper_chwidth == VHT_CHANWIDTH_160MHZ)
1548 		return NR_CHAN_WIDTH_160;
1549 	if (hapd->iconf->vht_oper_chwidth == VHT_CHANWIDTH_80P80MHZ)
1550 		return NR_CHAN_WIDTH_80P80;
1551 	return NR_CHAN_WIDTH_20;
1552 }
1553 #endif /* NEED_AP_MLME */
1554 
1555 
1556 static void hostapd_set_own_neighbor_report(struct hostapd_data *hapd)
1557 {
1558 #ifdef NEED_AP_MLME
1559 	u16 capab = hostapd_own_capab_info(hapd);
1560 	int ht = hapd->iconf->ieee80211n && !hapd->conf->disable_11n;
1561 	int vht = hapd->iconf->ieee80211ac && !hapd->conf->disable_11ac;
1562 	struct wpa_ssid_value ssid;
1563 	u8 channel, op_class;
1564 	int center_freq1 = 0, center_freq2 = 0;
1565 	enum nr_chan_width width;
1566 	u32 bssid_info;
1567 	struct wpabuf *nr;
1568 
1569 	if (!(hapd->conf->radio_measurements[0] &
1570 	      WLAN_RRM_CAPS_NEIGHBOR_REPORT))
1571 		return;
1572 
1573 	bssid_info = 3; /* AP is reachable */
1574 	bssid_info |= NEI_REP_BSSID_INFO_SECURITY; /* "same as the AP" */
1575 	bssid_info |= NEI_REP_BSSID_INFO_KEY_SCOPE; /* "same as the AP" */
1576 
1577 	if (capab & WLAN_CAPABILITY_SPECTRUM_MGMT)
1578 		bssid_info |= NEI_REP_BSSID_INFO_SPECTRUM_MGMT;
1579 
1580 	bssid_info |= NEI_REP_BSSID_INFO_RM; /* RRM is supported */
1581 
1582 	if (hapd->conf->wmm_enabled) {
1583 		bssid_info |= NEI_REP_BSSID_INFO_QOS;
1584 
1585 		if (hapd->conf->wmm_uapsd &&
1586 		    (hapd->iface->drv_flags & WPA_DRIVER_FLAGS_AP_UAPSD))
1587 			bssid_info |= NEI_REP_BSSID_INFO_APSD;
1588 	}
1589 
1590 	if (ht) {
1591 		bssid_info |= NEI_REP_BSSID_INFO_HT |
1592 			NEI_REP_BSSID_INFO_DELAYED_BA;
1593 
1594 		/* VHT bit added in IEEE P802.11-REVmc/D4.3 */
1595 		if (vht)
1596 			bssid_info |= NEI_REP_BSSID_INFO_VHT;
1597 	}
1598 
1599 	/* TODO: Set NEI_REP_BSSID_INFO_MOBILITY_DOMAIN if MDE is set */
1600 
1601 	ieee80211_freq_to_channel_ext(hapd->iface->freq,
1602 				      hapd->iconf->secondary_channel,
1603 				      hapd->iconf->vht_oper_chwidth,
1604 				      &op_class, &channel);
1605 	width = hostapd_get_nr_chan_width(hapd, ht, vht);
1606 	if (vht) {
1607 		center_freq1 = ieee80211_chan_to_freq(
1608 			NULL, op_class,
1609 			hapd->iconf->vht_oper_centr_freq_seg0_idx);
1610 		if (width == NR_CHAN_WIDTH_80P80)
1611 			center_freq2 = ieee80211_chan_to_freq(
1612 				NULL, op_class,
1613 				hapd->iconf->vht_oper_centr_freq_seg1_idx);
1614 	} else if (ht) {
1615 		center_freq1 = hapd->iface->freq +
1616 			10 * hapd->iconf->secondary_channel;
1617 	}
1618 
1619 	ssid.ssid_len = hapd->conf->ssid.ssid_len;
1620 	os_memcpy(ssid.ssid, hapd->conf->ssid.ssid, ssid.ssid_len);
1621 
1622 	/*
1623 	 * Neighbor Report element size = BSSID + BSSID info + op_class + chan +
1624 	 * phy type + wide bandwidth channel subelement.
1625 	 */
1626 	nr = wpabuf_alloc(ETH_ALEN + 4 + 1 + 1 + 1 + 5);
1627 	if (!nr)
1628 		return;
1629 
1630 	wpabuf_put_data(nr, hapd->own_addr, ETH_ALEN);
1631 	wpabuf_put_le32(nr, bssid_info);
1632 	wpabuf_put_u8(nr, op_class);
1633 	wpabuf_put_u8(nr, channel);
1634 	wpabuf_put_u8(nr, ieee80211_get_phy_type(hapd->iface->freq, ht, vht));
1635 
1636 	/*
1637 	 * Wide Bandwidth Channel subelement may be needed to allow the
1638 	 * receiving STA to send packets to the AP. See IEEE P802.11-REVmc/D5.0
1639 	 * Figure 9-301.
1640 	 */
1641 	wpabuf_put_u8(nr, WNM_NEIGHBOR_WIDE_BW_CHAN);
1642 	wpabuf_put_u8(nr, 3);
1643 	wpabuf_put_u8(nr, width);
1644 	wpabuf_put_u8(nr, center_freq1);
1645 	wpabuf_put_u8(nr, center_freq2);
1646 
1647 	hostapd_neighbor_set(hapd, hapd->own_addr, &ssid, nr, hapd->iconf->lci,
1648 			     hapd->iconf->civic);
1649 
1650 	wpabuf_free(nr);
1651 #endif /* NEED_AP_MLME */
1652 }
1653 
1654 
1655 static int hostapd_setup_interface_complete_sync(struct hostapd_iface *iface,
1656 						 int err)
1657 {
1658 	struct hostapd_data *hapd = iface->bss[0];
1659 	size_t j;
1660 	u8 *prev_addr;
1661 	int delay_apply_cfg = 0;
1662 	int res_dfs_offload = 0;
1663 
1664 	if (err)
1665 		goto fail;
1666 
1667 	wpa_printf(MSG_DEBUG, "Completing interface initialization");
1668 	if (iface->conf->channel) {
1669 #ifdef NEED_AP_MLME
1670 		int res;
1671 #endif /* NEED_AP_MLME */
1672 
1673 		iface->freq = hostapd_hw_get_freq(hapd, iface->conf->channel);
1674 		wpa_printf(MSG_DEBUG, "Mode: %s  Channel: %d  "
1675 			   "Frequency: %d MHz",
1676 			   hostapd_hw_mode_txt(iface->conf->hw_mode),
1677 			   iface->conf->channel, iface->freq);
1678 
1679 #ifdef NEED_AP_MLME
1680 		/* Handle DFS only if it is not offloaded to the driver */
1681 		if (!(iface->drv_flags & WPA_DRIVER_FLAGS_DFS_OFFLOAD)) {
1682 			/* Check DFS */
1683 			res = hostapd_handle_dfs(iface);
1684 			if (res <= 0) {
1685 				if (res < 0)
1686 					goto fail;
1687 				return res;
1688 			}
1689 		} else {
1690 			/* If DFS is offloaded to the driver */
1691 			res_dfs_offload = hostapd_handle_dfs_offload(iface);
1692 			if (res_dfs_offload <= 0) {
1693 				if (res_dfs_offload < 0)
1694 					goto fail;
1695 			} else {
1696 				wpa_printf(MSG_DEBUG,
1697 					   "Proceed with AP/channel setup");
1698 				/*
1699 				 * If this is a DFS channel, move to completing
1700 				 * AP setup.
1701 				 */
1702 				if (res_dfs_offload == 1)
1703 					goto dfs_offload;
1704 				/* Otherwise fall through. */
1705 			}
1706 		}
1707 #endif /* NEED_AP_MLME */
1708 
1709 #ifdef CONFIG_MESH
1710 		if (iface->mconf != NULL) {
1711 			wpa_printf(MSG_DEBUG,
1712 				   "%s: Mesh configuration will be applied while joining the mesh network",
1713 				   iface->bss[0]->conf->iface);
1714 			delay_apply_cfg = 1;
1715 		}
1716 #endif /* CONFIG_MESH */
1717 
1718 		if (!delay_apply_cfg &&
1719 		    hostapd_set_freq(hapd, hapd->iconf->hw_mode, iface->freq,
1720 				     hapd->iconf->channel,
1721 				     hapd->iconf->ieee80211n,
1722 				     hapd->iconf->ieee80211ac,
1723 				     hapd->iconf->secondary_channel,
1724 				     hapd->iconf->vht_oper_chwidth,
1725 				     hapd->iconf->vht_oper_centr_freq_seg0_idx,
1726 				     hapd->iconf->vht_oper_centr_freq_seg1_idx)) {
1727 			wpa_printf(MSG_ERROR, "Could not set channel for "
1728 				   "kernel driver");
1729 			goto fail;
1730 		}
1731 	}
1732 
1733 	if (iface->current_mode) {
1734 		if (hostapd_prepare_rates(iface, iface->current_mode)) {
1735 			wpa_printf(MSG_ERROR, "Failed to prepare rates "
1736 				   "table.");
1737 			hostapd_logger(hapd, NULL, HOSTAPD_MODULE_IEEE80211,
1738 				       HOSTAPD_LEVEL_WARNING,
1739 				       "Failed to prepare rates table.");
1740 			goto fail;
1741 		}
1742 	}
1743 
1744 	if (hapd->iconf->rts_threshold > -1 &&
1745 	    hostapd_set_rts(hapd, hapd->iconf->rts_threshold)) {
1746 		wpa_printf(MSG_ERROR, "Could not set RTS threshold for "
1747 			   "kernel driver");
1748 		goto fail;
1749 	}
1750 
1751 	if (hapd->iconf->fragm_threshold > -1 &&
1752 	    hostapd_set_frag(hapd, hapd->iconf->fragm_threshold)) {
1753 		wpa_printf(MSG_ERROR, "Could not set fragmentation threshold "
1754 			   "for kernel driver");
1755 		goto fail;
1756 	}
1757 
1758 	prev_addr = hapd->own_addr;
1759 
1760 	for (j = 0; j < iface->num_bss; j++) {
1761 		hapd = iface->bss[j];
1762 		if (j)
1763 			os_memcpy(hapd->own_addr, prev_addr, ETH_ALEN);
1764 		if (hostapd_setup_bss(hapd, j == 0)) {
1765 			do {
1766 				hapd = iface->bss[j];
1767 				hostapd_bss_deinit_no_free(hapd);
1768 				hostapd_free_hapd_data(hapd);
1769 			} while (j-- > 0);
1770 			goto fail;
1771 		}
1772 		if (is_zero_ether_addr(hapd->conf->bssid))
1773 			prev_addr = hapd->own_addr;
1774 	}
1775 	hapd = iface->bss[0];
1776 
1777 	hostapd_tx_queue_params(iface);
1778 
1779 	ap_list_init(iface);
1780 
1781 	hostapd_set_acl(hapd);
1782 
1783 	if (hostapd_driver_commit(hapd) < 0) {
1784 		wpa_printf(MSG_ERROR, "%s: Failed to commit driver "
1785 			   "configuration", __func__);
1786 		goto fail;
1787 	}
1788 
1789 	/*
1790 	 * WPS UPnP module can be initialized only when the "upnp_iface" is up.
1791 	 * If "interface" and "upnp_iface" are the same (e.g., non-bridge
1792 	 * mode), the interface is up only after driver_commit, so initialize
1793 	 * WPS after driver_commit.
1794 	 */
1795 	for (j = 0; j < iface->num_bss; j++) {
1796 		if (hostapd_init_wps_complete(iface->bss[j]))
1797 			goto fail;
1798 	}
1799 
1800 	if ((iface->drv_flags & WPA_DRIVER_FLAGS_DFS_OFFLOAD) &&
1801 	    !res_dfs_offload) {
1802 		/*
1803 		 * If freq is DFS, and DFS is offloaded to the driver, then wait
1804 		 * for CAC to complete.
1805 		 */
1806 		wpa_printf(MSG_DEBUG, "%s: Wait for CAC to complete", __func__);
1807 		return res_dfs_offload;
1808 	}
1809 
1810 #ifdef NEED_AP_MLME
1811 dfs_offload:
1812 #endif /* NEED_AP_MLME */
1813 
1814 #ifdef CONFIG_FST
1815 	if (hapd->iconf->fst_cfg.group_id[0]) {
1816 		struct fst_wpa_obj iface_obj;
1817 
1818 		fst_hostapd_fill_iface_obj(hapd, &iface_obj);
1819 		iface->fst = fst_attach(hapd->conf->iface, hapd->own_addr,
1820 					&iface_obj, &hapd->iconf->fst_cfg);
1821 		if (!iface->fst) {
1822 			wpa_printf(MSG_ERROR, "Could not attach to FST %s",
1823 				   hapd->iconf->fst_cfg.group_id);
1824 			goto fail;
1825 		}
1826 	}
1827 #endif /* CONFIG_FST */
1828 
1829 	hostapd_set_state(iface, HAPD_IFACE_ENABLED);
1830 	wpa_msg(iface->bss[0]->msg_ctx, MSG_INFO, AP_EVENT_ENABLED);
1831 	if (hapd->setup_complete_cb)
1832 		hapd->setup_complete_cb(hapd->setup_complete_cb_ctx);
1833 
1834 	wpa_printf(MSG_DEBUG, "%s: Setup of interface done.",
1835 		   iface->bss[0]->conf->iface);
1836 	if (iface->interfaces && iface->interfaces->terminate_on_error > 0)
1837 		iface->interfaces->terminate_on_error--;
1838 
1839 	for (j = 0; j < iface->num_bss; j++)
1840 		hostapd_set_own_neighbor_report(iface->bss[j]);
1841 
1842 	return 0;
1843 
1844 fail:
1845 	wpa_printf(MSG_ERROR, "Interface initialization failed");
1846 	hostapd_set_state(iface, HAPD_IFACE_DISABLED);
1847 	wpa_msg(hapd->msg_ctx, MSG_INFO, AP_EVENT_DISABLED);
1848 #ifdef CONFIG_FST
1849 	if (iface->fst) {
1850 		fst_detach(iface->fst);
1851 		iface->fst = NULL;
1852 	}
1853 #endif /* CONFIG_FST */
1854 	if (iface->interfaces && iface->interfaces->terminate_on_error)
1855 		eloop_terminate();
1856 	return -1;
1857 }
1858 
1859 
1860 /**
1861  * hostapd_setup_interface_complete - Complete interface setup
1862  *
1863  * This function is called when previous steps in the interface setup has been
1864  * completed. This can also start operations, e.g., DFS, that will require
1865  * additional processing before interface is ready to be enabled. Such
1866  * operations will call this function from eloop callbacks when finished.
1867  */
1868 int hostapd_setup_interface_complete(struct hostapd_iface *iface, int err)
1869 {
1870 	struct hapd_interfaces *interfaces = iface->interfaces;
1871 	struct hostapd_data *hapd = iface->bss[0];
1872 	unsigned int i;
1873 	int not_ready_in_sync_ifaces = 0;
1874 
1875 	if (!iface->need_to_start_in_sync)
1876 		return hostapd_setup_interface_complete_sync(iface, err);
1877 
1878 	if (err) {
1879 		wpa_printf(MSG_ERROR, "Interface initialization failed");
1880 		hostapd_set_state(iface, HAPD_IFACE_DISABLED);
1881 		iface->need_to_start_in_sync = 0;
1882 		wpa_msg(hapd->msg_ctx, MSG_INFO, AP_EVENT_DISABLED);
1883 		if (interfaces && interfaces->terminate_on_error)
1884 			eloop_terminate();
1885 		return -1;
1886 	}
1887 
1888 	if (iface->ready_to_start_in_sync) {
1889 		/* Already in ready and waiting. should never happpen */
1890 		return 0;
1891 	}
1892 
1893 	for (i = 0; i < interfaces->count; i++) {
1894 		if (interfaces->iface[i]->need_to_start_in_sync &&
1895 		    !interfaces->iface[i]->ready_to_start_in_sync)
1896 			not_ready_in_sync_ifaces++;
1897 	}
1898 
1899 	/*
1900 	 * Check if this is the last interface, if yes then start all the other
1901 	 * waiting interfaces. If not, add this interface to the waiting list.
1902 	 */
1903 	if (not_ready_in_sync_ifaces > 1 && iface->state == HAPD_IFACE_DFS) {
1904 		/*
1905 		 * If this interface went through CAC, do not synchronize, just
1906 		 * start immediately.
1907 		 */
1908 		iface->need_to_start_in_sync = 0;
1909 		wpa_printf(MSG_INFO,
1910 			   "%s: Finished CAC - bypass sync and start interface",
1911 			   iface->bss[0]->conf->iface);
1912 		return hostapd_setup_interface_complete_sync(iface, err);
1913 	}
1914 
1915 	if (not_ready_in_sync_ifaces > 1) {
1916 		/* need to wait as there are other interfaces still coming up */
1917 		iface->ready_to_start_in_sync = 1;
1918 		wpa_printf(MSG_INFO,
1919 			   "%s: Interface waiting to sync with other interfaces",
1920 			   iface->bss[0]->conf->iface);
1921 		return 0;
1922 	}
1923 
1924 	wpa_printf(MSG_INFO,
1925 		   "%s: Last interface to sync - starting all interfaces",
1926 		   iface->bss[0]->conf->iface);
1927 	iface->need_to_start_in_sync = 0;
1928 	hostapd_setup_interface_complete_sync(iface, err);
1929 	for (i = 0; i < interfaces->count; i++) {
1930 		if (interfaces->iface[i]->need_to_start_in_sync &&
1931 		    interfaces->iface[i]->ready_to_start_in_sync) {
1932 			hostapd_setup_interface_complete_sync(
1933 				interfaces->iface[i], 0);
1934 			/* Only once the interfaces are sync started */
1935 			interfaces->iface[i]->need_to_start_in_sync = 0;
1936 		}
1937 	}
1938 
1939 	return 0;
1940 }
1941 
1942 
1943 /**
1944  * hostapd_setup_interface - Setup of an interface
1945  * @iface: Pointer to interface data.
1946  * Returns: 0 on success, -1 on failure
1947  *
1948  * Initializes the driver interface, validates the configuration,
1949  * and sets driver parameters based on the configuration.
1950  * Flushes old stations, sets the channel, encryption,
1951  * beacons, and WDS links based on the configuration.
1952  *
1953  * If interface setup requires more time, e.g., to perform HT co-ex scans, ACS,
1954  * or DFS operations, this function returns 0 before such operations have been
1955  * completed. The pending operations are registered into eloop and will be
1956  * completed from eloop callbacks. Those callbacks end up calling
1957  * hostapd_setup_interface_complete() once setup has been completed.
1958  */
1959 int hostapd_setup_interface(struct hostapd_iface *iface)
1960 {
1961 	int ret;
1962 
1963 	ret = setup_interface(iface);
1964 	if (ret) {
1965 		wpa_printf(MSG_ERROR, "%s: Unable to setup interface.",
1966 			   iface->bss[0]->conf->iface);
1967 		return -1;
1968 	}
1969 
1970 	return 0;
1971 }
1972 
1973 
1974 /**
1975  * hostapd_alloc_bss_data - Allocate and initialize per-BSS data
1976  * @hapd_iface: Pointer to interface data
1977  * @conf: Pointer to per-interface configuration
1978  * @bss: Pointer to per-BSS configuration for this BSS
1979  * Returns: Pointer to allocated BSS data
1980  *
1981  * This function is used to allocate per-BSS data structure. This data will be
1982  * freed after hostapd_cleanup() is called for it during interface
1983  * deinitialization.
1984  */
1985 struct hostapd_data *
1986 hostapd_alloc_bss_data(struct hostapd_iface *hapd_iface,
1987 		       struct hostapd_config *conf,
1988 		       struct hostapd_bss_config *bss)
1989 {
1990 	struct hostapd_data *hapd;
1991 
1992 	hapd = os_zalloc(sizeof(*hapd));
1993 	if (hapd == NULL)
1994 		return NULL;
1995 
1996 	hapd->new_assoc_sta_cb = hostapd_new_assoc_sta;
1997 	hapd->iconf = conf;
1998 	hapd->conf = bss;
1999 	hapd->iface = hapd_iface;
2000 	hapd->driver = hapd->iconf->driver;
2001 	hapd->ctrl_sock = -1;
2002 	dl_list_init(&hapd->ctrl_dst);
2003 	dl_list_init(&hapd->nr_db);
2004 
2005 	return hapd;
2006 }
2007 
2008 
2009 static void hostapd_bss_deinit(struct hostapd_data *hapd)
2010 {
2011 	if (!hapd)
2012 		return;
2013 	wpa_printf(MSG_DEBUG, "%s: deinit bss %s", __func__,
2014 		   hapd->conf->iface);
2015 	hostapd_bss_deinit_no_free(hapd);
2016 	wpa_msg(hapd->msg_ctx, MSG_INFO, AP_EVENT_DISABLED);
2017 	hostapd_cleanup(hapd);
2018 }
2019 
2020 
2021 void hostapd_interface_deinit(struct hostapd_iface *iface)
2022 {
2023 	int j;
2024 
2025 	wpa_printf(MSG_DEBUG, "%s(%p)", __func__, iface);
2026 	if (iface == NULL)
2027 		return;
2028 
2029 	hostapd_set_state(iface, HAPD_IFACE_DISABLED);
2030 
2031 #ifdef CONFIG_IEEE80211N
2032 #ifdef NEED_AP_MLME
2033 	hostapd_stop_setup_timers(iface);
2034 	eloop_cancel_timeout(ap_ht2040_timeout, iface, NULL);
2035 #endif /* NEED_AP_MLME */
2036 #endif /* CONFIG_IEEE80211N */
2037 	eloop_cancel_timeout(channel_list_update_timeout, iface, NULL);
2038 	iface->wait_channel_update = 0;
2039 
2040 #ifdef CONFIG_FST
2041 	if (iface->fst) {
2042 		fst_detach(iface->fst);
2043 		iface->fst = NULL;
2044 	}
2045 #endif /* CONFIG_FST */
2046 
2047 	for (j = iface->num_bss - 1; j >= 0; j--) {
2048 		if (!iface->bss)
2049 			break;
2050 		hostapd_bss_deinit(iface->bss[j]);
2051 	}
2052 }
2053 
2054 
2055 void hostapd_interface_free(struct hostapd_iface *iface)
2056 {
2057 	size_t j;
2058 	wpa_printf(MSG_DEBUG, "%s(%p)", __func__, iface);
2059 	for (j = 0; j < iface->num_bss; j++) {
2060 		if (!iface->bss)
2061 			break;
2062 		wpa_printf(MSG_DEBUG, "%s: free hapd %p",
2063 			   __func__, iface->bss[j]);
2064 		os_free(iface->bss[j]);
2065 	}
2066 	hostapd_cleanup_iface(iface);
2067 }
2068 
2069 
2070 struct hostapd_iface * hostapd_alloc_iface(void)
2071 {
2072 	struct hostapd_iface *hapd_iface;
2073 
2074 	hapd_iface = os_zalloc(sizeof(*hapd_iface));
2075 	if (!hapd_iface)
2076 		return NULL;
2077 
2078 	dl_list_init(&hapd_iface->sta_seen);
2079 
2080 	return hapd_iface;
2081 }
2082 
2083 
2084 /**
2085  * hostapd_init - Allocate and initialize per-interface data
2086  * @config_file: Path to the configuration file
2087  * Returns: Pointer to the allocated interface data or %NULL on failure
2088  *
2089  * This function is used to allocate main data structures for per-interface
2090  * data. The allocated data buffer will be freed by calling
2091  * hostapd_cleanup_iface().
2092  */
2093 struct hostapd_iface * hostapd_init(struct hapd_interfaces *interfaces,
2094 				    const char *config_file)
2095 {
2096 	struct hostapd_iface *hapd_iface = NULL;
2097 	struct hostapd_config *conf = NULL;
2098 	struct hostapd_data *hapd;
2099 	size_t i;
2100 
2101 	hapd_iface = hostapd_alloc_iface();
2102 	if (hapd_iface == NULL)
2103 		goto fail;
2104 
2105 	hapd_iface->config_fname = os_strdup(config_file);
2106 	if (hapd_iface->config_fname == NULL)
2107 		goto fail;
2108 
2109 	conf = interfaces->config_read_cb(hapd_iface->config_fname);
2110 	if (conf == NULL)
2111 		goto fail;
2112 	hapd_iface->conf = conf;
2113 
2114 	hapd_iface->num_bss = conf->num_bss;
2115 	hapd_iface->bss = os_calloc(conf->num_bss,
2116 				    sizeof(struct hostapd_data *));
2117 	if (hapd_iface->bss == NULL)
2118 		goto fail;
2119 
2120 	for (i = 0; i < conf->num_bss; i++) {
2121 		hapd = hapd_iface->bss[i] =
2122 			hostapd_alloc_bss_data(hapd_iface, conf,
2123 					       conf->bss[i]);
2124 		if (hapd == NULL)
2125 			goto fail;
2126 		hapd->msg_ctx = hapd;
2127 	}
2128 
2129 	return hapd_iface;
2130 
2131 fail:
2132 	wpa_printf(MSG_ERROR, "Failed to set up interface with %s",
2133 		   config_file);
2134 	if (conf)
2135 		hostapd_config_free(conf);
2136 	if (hapd_iface) {
2137 		os_free(hapd_iface->config_fname);
2138 		os_free(hapd_iface->bss);
2139 		wpa_printf(MSG_DEBUG, "%s: free iface %p",
2140 			   __func__, hapd_iface);
2141 		os_free(hapd_iface);
2142 	}
2143 	return NULL;
2144 }
2145 
2146 
2147 static int ifname_in_use(struct hapd_interfaces *interfaces, const char *ifname)
2148 {
2149 	size_t i, j;
2150 
2151 	for (i = 0; i < interfaces->count; i++) {
2152 		struct hostapd_iface *iface = interfaces->iface[i];
2153 		for (j = 0; j < iface->num_bss; j++) {
2154 			struct hostapd_data *hapd = iface->bss[j];
2155 			if (os_strcmp(ifname, hapd->conf->iface) == 0)
2156 				return 1;
2157 		}
2158 	}
2159 
2160 	return 0;
2161 }
2162 
2163 
2164 /**
2165  * hostapd_interface_init_bss - Read configuration file and init BSS data
2166  *
2167  * This function is used to parse configuration file for a BSS. This BSS is
2168  * added to an existing interface sharing the same radio (if any) or a new
2169  * interface is created if this is the first interface on a radio. This
2170  * allocate memory for the BSS. No actual driver operations are started.
2171  *
2172  * This is similar to hostapd_interface_init(), but for a case where the
2173  * configuration is used to add a single BSS instead of all BSSes for a radio.
2174  */
2175 struct hostapd_iface *
2176 hostapd_interface_init_bss(struct hapd_interfaces *interfaces, const char *phy,
2177 			   const char *config_fname, int debug)
2178 {
2179 	struct hostapd_iface *new_iface = NULL, *iface = NULL;
2180 	struct hostapd_data *hapd;
2181 	int k;
2182 	size_t i, bss_idx;
2183 
2184 	if (!phy || !*phy)
2185 		return NULL;
2186 
2187 	for (i = 0; i < interfaces->count; i++) {
2188 		if (os_strcmp(interfaces->iface[i]->phy, phy) == 0) {
2189 			iface = interfaces->iface[i];
2190 			break;
2191 		}
2192 	}
2193 
2194 	wpa_printf(MSG_INFO, "Configuration file: %s (phy %s)%s",
2195 		   config_fname, phy, iface ? "" : " --> new PHY");
2196 	if (iface) {
2197 		struct hostapd_config *conf;
2198 		struct hostapd_bss_config **tmp_conf;
2199 		struct hostapd_data **tmp_bss;
2200 		struct hostapd_bss_config *bss;
2201 		const char *ifname;
2202 
2203 		/* Add new BSS to existing iface */
2204 		conf = interfaces->config_read_cb(config_fname);
2205 		if (conf == NULL)
2206 			return NULL;
2207 		if (conf->num_bss > 1) {
2208 			wpa_printf(MSG_ERROR, "Multiple BSSes specified in BSS-config");
2209 			hostapd_config_free(conf);
2210 			return NULL;
2211 		}
2212 
2213 		ifname = conf->bss[0]->iface;
2214 		if (ifname[0] != '\0' && ifname_in_use(interfaces, ifname)) {
2215 			wpa_printf(MSG_ERROR,
2216 				   "Interface name %s already in use", ifname);
2217 			hostapd_config_free(conf);
2218 			return NULL;
2219 		}
2220 
2221 		tmp_conf = os_realloc_array(
2222 			iface->conf->bss, iface->conf->num_bss + 1,
2223 			sizeof(struct hostapd_bss_config *));
2224 		tmp_bss = os_realloc_array(iface->bss, iface->num_bss + 1,
2225 					   sizeof(struct hostapd_data *));
2226 		if (tmp_bss)
2227 			iface->bss = tmp_bss;
2228 		if (tmp_conf) {
2229 			iface->conf->bss = tmp_conf;
2230 			iface->conf->last_bss = tmp_conf[0];
2231 		}
2232 		if (tmp_bss == NULL || tmp_conf == NULL) {
2233 			hostapd_config_free(conf);
2234 			return NULL;
2235 		}
2236 		bss = iface->conf->bss[iface->conf->num_bss] = conf->bss[0];
2237 		iface->conf->num_bss++;
2238 
2239 		hapd = hostapd_alloc_bss_data(iface, iface->conf, bss);
2240 		if (hapd == NULL) {
2241 			iface->conf->num_bss--;
2242 			hostapd_config_free(conf);
2243 			return NULL;
2244 		}
2245 		iface->conf->last_bss = bss;
2246 		iface->bss[iface->num_bss] = hapd;
2247 		hapd->msg_ctx = hapd;
2248 
2249 		bss_idx = iface->num_bss++;
2250 		conf->num_bss--;
2251 		conf->bss[0] = NULL;
2252 		hostapd_config_free(conf);
2253 	} else {
2254 		/* Add a new iface with the first BSS */
2255 		new_iface = iface = hostapd_init(interfaces, config_fname);
2256 		if (!iface)
2257 			return NULL;
2258 		os_strlcpy(iface->phy, phy, sizeof(iface->phy));
2259 		iface->interfaces = interfaces;
2260 		bss_idx = 0;
2261 	}
2262 
2263 	for (k = 0; k < debug; k++) {
2264 		if (iface->bss[bss_idx]->conf->logger_stdout_level > 0)
2265 			iface->bss[bss_idx]->conf->logger_stdout_level--;
2266 	}
2267 
2268 	if (iface->conf->bss[bss_idx]->iface[0] == '\0' &&
2269 	    !hostapd_drv_none(iface->bss[bss_idx])) {
2270 		wpa_printf(MSG_ERROR, "Interface name not specified in %s",
2271 			   config_fname);
2272 		if (new_iface)
2273 			hostapd_interface_deinit_free(new_iface);
2274 		return NULL;
2275 	}
2276 
2277 	return iface;
2278 }
2279 
2280 
2281 void hostapd_interface_deinit_free(struct hostapd_iface *iface)
2282 {
2283 	const struct wpa_driver_ops *driver;
2284 	void *drv_priv;
2285 
2286 	wpa_printf(MSG_DEBUG, "%s(%p)", __func__, iface);
2287 	if (iface == NULL)
2288 		return;
2289 	wpa_printf(MSG_DEBUG, "%s: num_bss=%u conf->num_bss=%u",
2290 		   __func__, (unsigned int) iface->num_bss,
2291 		   (unsigned int) iface->conf->num_bss);
2292 	driver = iface->bss[0]->driver;
2293 	drv_priv = iface->bss[0]->drv_priv;
2294 	hostapd_interface_deinit(iface);
2295 	wpa_printf(MSG_DEBUG, "%s: driver=%p drv_priv=%p -> hapd_deinit",
2296 		   __func__, driver, drv_priv);
2297 	if (driver && driver->hapd_deinit && drv_priv) {
2298 		driver->hapd_deinit(drv_priv);
2299 		iface->bss[0]->drv_priv = NULL;
2300 	}
2301 	hostapd_interface_free(iface);
2302 }
2303 
2304 
2305 static void hostapd_deinit_driver(const struct wpa_driver_ops *driver,
2306 				  void *drv_priv,
2307 				  struct hostapd_iface *hapd_iface)
2308 {
2309 	size_t j;
2310 
2311 	wpa_printf(MSG_DEBUG, "%s: driver=%p drv_priv=%p -> hapd_deinit",
2312 		   __func__, driver, drv_priv);
2313 	if (driver && driver->hapd_deinit && drv_priv) {
2314 		driver->hapd_deinit(drv_priv);
2315 		for (j = 0; j < hapd_iface->num_bss; j++) {
2316 			wpa_printf(MSG_DEBUG, "%s:bss[%d]->drv_priv=%p",
2317 				   __func__, (int) j,
2318 				   hapd_iface->bss[j]->drv_priv);
2319 			if (hapd_iface->bss[j]->drv_priv == drv_priv)
2320 				hapd_iface->bss[j]->drv_priv = NULL;
2321 		}
2322 	}
2323 }
2324 
2325 
2326 int hostapd_enable_iface(struct hostapd_iface *hapd_iface)
2327 {
2328 	size_t j;
2329 
2330 	if (hapd_iface->bss[0]->drv_priv != NULL) {
2331 		wpa_printf(MSG_ERROR, "Interface %s already enabled",
2332 			   hapd_iface->conf->bss[0]->iface);
2333 		return -1;
2334 	}
2335 
2336 	wpa_printf(MSG_DEBUG, "Enable interface %s",
2337 		   hapd_iface->conf->bss[0]->iface);
2338 
2339 	for (j = 0; j < hapd_iface->num_bss; j++)
2340 		hostapd_set_security_params(hapd_iface->conf->bss[j], 1);
2341 	if (hostapd_config_check(hapd_iface->conf, 1) < 0) {
2342 		wpa_printf(MSG_INFO, "Invalid configuration - cannot enable");
2343 		return -1;
2344 	}
2345 
2346 	if (hapd_iface->interfaces == NULL ||
2347 	    hapd_iface->interfaces->driver_init == NULL ||
2348 	    hapd_iface->interfaces->driver_init(hapd_iface))
2349 		return -1;
2350 
2351 	if (hostapd_setup_interface(hapd_iface)) {
2352 		hostapd_deinit_driver(hapd_iface->bss[0]->driver,
2353 				      hapd_iface->bss[0]->drv_priv,
2354 				      hapd_iface);
2355 		return -1;
2356 	}
2357 
2358 	return 0;
2359 }
2360 
2361 
2362 int hostapd_reload_iface(struct hostapd_iface *hapd_iface)
2363 {
2364 	size_t j;
2365 
2366 	wpa_printf(MSG_DEBUG, "Reload interface %s",
2367 		   hapd_iface->conf->bss[0]->iface);
2368 	for (j = 0; j < hapd_iface->num_bss; j++)
2369 		hostapd_set_security_params(hapd_iface->conf->bss[j], 1);
2370 	if (hostapd_config_check(hapd_iface->conf, 1) < 0) {
2371 		wpa_printf(MSG_ERROR, "Updated configuration is invalid");
2372 		return -1;
2373 	}
2374 	hostapd_clear_old(hapd_iface);
2375 	for (j = 0; j < hapd_iface->num_bss; j++)
2376 		hostapd_reload_bss(hapd_iface->bss[j]);
2377 
2378 	return 0;
2379 }
2380 
2381 
2382 int hostapd_disable_iface(struct hostapd_iface *hapd_iface)
2383 {
2384 	size_t j;
2385 	const struct wpa_driver_ops *driver;
2386 	void *drv_priv;
2387 
2388 	if (hapd_iface == NULL)
2389 		return -1;
2390 
2391 	if (hapd_iface->bss[0]->drv_priv == NULL) {
2392 		wpa_printf(MSG_INFO, "Interface %s already disabled",
2393 			   hapd_iface->conf->bss[0]->iface);
2394 		return -1;
2395 	}
2396 
2397 	wpa_msg(hapd_iface->bss[0]->msg_ctx, MSG_INFO, AP_EVENT_DISABLED);
2398 	driver = hapd_iface->bss[0]->driver;
2399 	drv_priv = hapd_iface->bss[0]->drv_priv;
2400 
2401 	hapd_iface->driver_ap_teardown =
2402 		!!(hapd_iface->drv_flags &
2403 		   WPA_DRIVER_FLAGS_AP_TEARDOWN_SUPPORT);
2404 
2405 	/* same as hostapd_interface_deinit without deinitializing ctrl-iface */
2406 	for (j = 0; j < hapd_iface->num_bss; j++) {
2407 		struct hostapd_data *hapd = hapd_iface->bss[j];
2408 		hostapd_bss_deinit_no_free(hapd);
2409 		hostapd_free_hapd_data(hapd);
2410 	}
2411 
2412 	hostapd_deinit_driver(driver, drv_priv, hapd_iface);
2413 
2414 	/* From hostapd_cleanup_iface: These were initialized in
2415 	 * hostapd_setup_interface and hostapd_setup_interface_complete
2416 	 */
2417 	hostapd_cleanup_iface_partial(hapd_iface);
2418 
2419 	wpa_printf(MSG_DEBUG, "Interface %s disabled",
2420 		   hapd_iface->bss[0]->conf->iface);
2421 	hostapd_set_state(hapd_iface, HAPD_IFACE_DISABLED);
2422 	return 0;
2423 }
2424 
2425 
2426 static struct hostapd_iface *
2427 hostapd_iface_alloc(struct hapd_interfaces *interfaces)
2428 {
2429 	struct hostapd_iface **iface, *hapd_iface;
2430 
2431 	iface = os_realloc_array(interfaces->iface, interfaces->count + 1,
2432 				 sizeof(struct hostapd_iface *));
2433 	if (iface == NULL)
2434 		return NULL;
2435 	interfaces->iface = iface;
2436 	hapd_iface = interfaces->iface[interfaces->count] =
2437 		hostapd_alloc_iface();
2438 	if (hapd_iface == NULL) {
2439 		wpa_printf(MSG_ERROR, "%s: Failed to allocate memory for "
2440 			   "the interface", __func__);
2441 		return NULL;
2442 	}
2443 	interfaces->count++;
2444 	hapd_iface->interfaces = interfaces;
2445 
2446 	return hapd_iface;
2447 }
2448 
2449 
2450 static struct hostapd_config *
2451 hostapd_config_alloc(struct hapd_interfaces *interfaces, const char *ifname,
2452 		     const char *ctrl_iface, const char *driver)
2453 {
2454 	struct hostapd_bss_config *bss;
2455 	struct hostapd_config *conf;
2456 
2457 	/* Allocates memory for bss and conf */
2458 	conf = hostapd_config_defaults();
2459 	if (conf == NULL) {
2460 		 wpa_printf(MSG_ERROR, "%s: Failed to allocate memory for "
2461 				"configuration", __func__);
2462 		return NULL;
2463 	}
2464 
2465 	if (driver) {
2466 		int j;
2467 
2468 		for (j = 0; wpa_drivers[j]; j++) {
2469 			if (os_strcmp(driver, wpa_drivers[j]->name) == 0) {
2470 				conf->driver = wpa_drivers[j];
2471 				goto skip;
2472 			}
2473 		}
2474 
2475 		wpa_printf(MSG_ERROR,
2476 			   "Invalid/unknown driver '%s' - registering the default driver",
2477 			   driver);
2478 	}
2479 
2480 	conf->driver = wpa_drivers[0];
2481 	if (conf->driver == NULL) {
2482 		wpa_printf(MSG_ERROR, "No driver wrappers registered!");
2483 		hostapd_config_free(conf);
2484 		return NULL;
2485 	}
2486 
2487 skip:
2488 	bss = conf->last_bss = conf->bss[0];
2489 
2490 	os_strlcpy(bss->iface, ifname, sizeof(bss->iface));
2491 	bss->ctrl_interface = os_strdup(ctrl_iface);
2492 	if (bss->ctrl_interface == NULL) {
2493 		hostapd_config_free(conf);
2494 		return NULL;
2495 	}
2496 
2497 	/* Reading configuration file skipped, will be done in SET!
2498 	 * From reading the configuration till the end has to be done in
2499 	 * SET
2500 	 */
2501 	return conf;
2502 }
2503 
2504 
2505 static int hostapd_data_alloc(struct hostapd_iface *hapd_iface,
2506 			      struct hostapd_config *conf)
2507 {
2508 	size_t i;
2509 	struct hostapd_data *hapd;
2510 
2511 	hapd_iface->bss = os_calloc(conf->num_bss,
2512 				    sizeof(struct hostapd_data *));
2513 	if (hapd_iface->bss == NULL)
2514 		return -1;
2515 
2516 	for (i = 0; i < conf->num_bss; i++) {
2517 		hapd = hapd_iface->bss[i] =
2518 			hostapd_alloc_bss_data(hapd_iface, conf, conf->bss[i]);
2519 		if (hapd == NULL) {
2520 			while (i > 0) {
2521 				i--;
2522 				os_free(hapd_iface->bss[i]);
2523 				hapd_iface->bss[i] = NULL;
2524 			}
2525 			os_free(hapd_iface->bss);
2526 			hapd_iface->bss = NULL;
2527 			return -1;
2528 		}
2529 		hapd->msg_ctx = hapd;
2530 	}
2531 
2532 	hapd_iface->conf = conf;
2533 	hapd_iface->num_bss = conf->num_bss;
2534 
2535 	return 0;
2536 }
2537 
2538 
2539 int hostapd_add_iface(struct hapd_interfaces *interfaces, char *buf)
2540 {
2541 	struct hostapd_config *conf = NULL;
2542 	struct hostapd_iface *hapd_iface = NULL, *new_iface = NULL;
2543 	struct hostapd_data *hapd;
2544 	char *ptr;
2545 	size_t i, j;
2546 	const char *conf_file = NULL, *phy_name = NULL;
2547 
2548 	if (os_strncmp(buf, "bss_config=", 11) == 0) {
2549 		char *pos;
2550 		phy_name = buf + 11;
2551 		pos = os_strchr(phy_name, ':');
2552 		if (!pos)
2553 			return -1;
2554 		*pos++ = '\0';
2555 		conf_file = pos;
2556 		if (!os_strlen(conf_file))
2557 			return -1;
2558 
2559 		hapd_iface = hostapd_interface_init_bss(interfaces, phy_name,
2560 							conf_file, 0);
2561 		if (!hapd_iface)
2562 			return -1;
2563 		for (j = 0; j < interfaces->count; j++) {
2564 			if (interfaces->iface[j] == hapd_iface)
2565 				break;
2566 		}
2567 		if (j == interfaces->count) {
2568 			struct hostapd_iface **tmp;
2569 			tmp = os_realloc_array(interfaces->iface,
2570 					       interfaces->count + 1,
2571 					       sizeof(struct hostapd_iface *));
2572 			if (!tmp) {
2573 				hostapd_interface_deinit_free(hapd_iface);
2574 				return -1;
2575 			}
2576 			interfaces->iface = tmp;
2577 			interfaces->iface[interfaces->count++] = hapd_iface;
2578 			new_iface = hapd_iface;
2579 		}
2580 
2581 		if (new_iface) {
2582 			if (interfaces->driver_init(hapd_iface))
2583 				goto fail;
2584 
2585 			if (hostapd_setup_interface(hapd_iface)) {
2586 				hostapd_deinit_driver(
2587 					hapd_iface->bss[0]->driver,
2588 					hapd_iface->bss[0]->drv_priv,
2589 					hapd_iface);
2590 				goto fail;
2591 			}
2592 		} else {
2593 			/* Assign new BSS with bss[0]'s driver info */
2594 			hapd = hapd_iface->bss[hapd_iface->num_bss - 1];
2595 			hapd->driver = hapd_iface->bss[0]->driver;
2596 			hapd->drv_priv = hapd_iface->bss[0]->drv_priv;
2597 			os_memcpy(hapd->own_addr, hapd_iface->bss[0]->own_addr,
2598 				  ETH_ALEN);
2599 
2600 			if (start_ctrl_iface_bss(hapd) < 0 ||
2601 			    (hapd_iface->state == HAPD_IFACE_ENABLED &&
2602 			     hostapd_setup_bss(hapd, -1))) {
2603 				hostapd_cleanup(hapd);
2604 				hapd_iface->bss[hapd_iface->num_bss - 1] = NULL;
2605 				hapd_iface->conf->num_bss--;
2606 				hapd_iface->num_bss--;
2607 				wpa_printf(MSG_DEBUG, "%s: free hapd %p %s",
2608 					   __func__, hapd, hapd->conf->iface);
2609 				hostapd_config_free_bss(hapd->conf);
2610 				hapd->conf = NULL;
2611 				os_free(hapd);
2612 				return -1;
2613 			}
2614 		}
2615 		return 0;
2616 	}
2617 
2618 	ptr = os_strchr(buf, ' ');
2619 	if (ptr == NULL)
2620 		return -1;
2621 	*ptr++ = '\0';
2622 
2623 	if (os_strncmp(ptr, "config=", 7) == 0)
2624 		conf_file = ptr + 7;
2625 
2626 	for (i = 0; i < interfaces->count; i++) {
2627 		if (!os_strcmp(interfaces->iface[i]->conf->bss[0]->iface,
2628 			       buf)) {
2629 			wpa_printf(MSG_INFO, "Cannot add interface - it "
2630 				   "already exists");
2631 			return -1;
2632 		}
2633 	}
2634 
2635 	hapd_iface = hostapd_iface_alloc(interfaces);
2636 	if (hapd_iface == NULL) {
2637 		wpa_printf(MSG_ERROR, "%s: Failed to allocate memory "
2638 			   "for interface", __func__);
2639 		goto fail;
2640 	}
2641 	new_iface = hapd_iface;
2642 
2643 	if (conf_file && interfaces->config_read_cb) {
2644 		conf = interfaces->config_read_cb(conf_file);
2645 		if (conf && conf->bss)
2646 			os_strlcpy(conf->bss[0]->iface, buf,
2647 				   sizeof(conf->bss[0]->iface));
2648 	} else {
2649 		char *driver = os_strchr(ptr, ' ');
2650 
2651 		if (driver)
2652 			*driver++ = '\0';
2653 		conf = hostapd_config_alloc(interfaces, buf, ptr, driver);
2654 	}
2655 
2656 	if (conf == NULL || conf->bss == NULL) {
2657 		wpa_printf(MSG_ERROR, "%s: Failed to allocate memory "
2658 			   "for configuration", __func__);
2659 		goto fail;
2660 	}
2661 
2662 	if (hostapd_data_alloc(hapd_iface, conf) < 0) {
2663 		wpa_printf(MSG_ERROR, "%s: Failed to allocate memory "
2664 			   "for hostapd", __func__);
2665 		goto fail;
2666 	}
2667 	conf = NULL;
2668 
2669 	if (start_ctrl_iface(hapd_iface) < 0)
2670 		goto fail;
2671 
2672 	wpa_printf(MSG_INFO, "Add interface '%s'",
2673 		   hapd_iface->conf->bss[0]->iface);
2674 
2675 	return 0;
2676 
2677 fail:
2678 	if (conf)
2679 		hostapd_config_free(conf);
2680 	if (hapd_iface) {
2681 		if (hapd_iface->bss) {
2682 			for (i = 0; i < hapd_iface->num_bss; i++) {
2683 				hapd = hapd_iface->bss[i];
2684 				if (!hapd)
2685 					continue;
2686 				if (hapd_iface->interfaces &&
2687 				    hapd_iface->interfaces->ctrl_iface_deinit)
2688 					hapd_iface->interfaces->
2689 						ctrl_iface_deinit(hapd);
2690 				wpa_printf(MSG_DEBUG, "%s: free hapd %p (%s)",
2691 					   __func__, hapd_iface->bss[i],
2692 					   hapd->conf->iface);
2693 				hostapd_cleanup(hapd);
2694 				os_free(hapd);
2695 				hapd_iface->bss[i] = NULL;
2696 			}
2697 			os_free(hapd_iface->bss);
2698 			hapd_iface->bss = NULL;
2699 		}
2700 		if (new_iface) {
2701 			interfaces->count--;
2702 			interfaces->iface[interfaces->count] = NULL;
2703 		}
2704 		hostapd_cleanup_iface(hapd_iface);
2705 	}
2706 	return -1;
2707 }
2708 
2709 
2710 static int hostapd_remove_bss(struct hostapd_iface *iface, unsigned int idx)
2711 {
2712 	size_t i;
2713 
2714 	wpa_printf(MSG_INFO, "Remove BSS '%s'", iface->conf->bss[idx]->iface);
2715 
2716 	/* Remove hostapd_data only if it has already been initialized */
2717 	if (idx < iface->num_bss) {
2718 		struct hostapd_data *hapd = iface->bss[idx];
2719 
2720 		hostapd_bss_deinit(hapd);
2721 		wpa_printf(MSG_DEBUG, "%s: free hapd %p (%s)",
2722 			   __func__, hapd, hapd->conf->iface);
2723 		hostapd_config_free_bss(hapd->conf);
2724 		hapd->conf = NULL;
2725 		os_free(hapd);
2726 
2727 		iface->num_bss--;
2728 
2729 		for (i = idx; i < iface->num_bss; i++)
2730 			iface->bss[i] = iface->bss[i + 1];
2731 	} else {
2732 		hostapd_config_free_bss(iface->conf->bss[idx]);
2733 		iface->conf->bss[idx] = NULL;
2734 	}
2735 
2736 	iface->conf->num_bss--;
2737 	for (i = idx; i < iface->conf->num_bss; i++)
2738 		iface->conf->bss[i] = iface->conf->bss[i + 1];
2739 
2740 	return 0;
2741 }
2742 
2743 
2744 int hostapd_remove_iface(struct hapd_interfaces *interfaces, char *buf)
2745 {
2746 	struct hostapd_iface *hapd_iface;
2747 	size_t i, j, k = 0;
2748 
2749 	for (i = 0; i < interfaces->count; i++) {
2750 		hapd_iface = interfaces->iface[i];
2751 		if (hapd_iface == NULL)
2752 			return -1;
2753 		if (!os_strcmp(hapd_iface->conf->bss[0]->iface, buf)) {
2754 			wpa_printf(MSG_INFO, "Remove interface '%s'", buf);
2755 			hapd_iface->driver_ap_teardown =
2756 				!!(hapd_iface->drv_flags &
2757 				   WPA_DRIVER_FLAGS_AP_TEARDOWN_SUPPORT);
2758 
2759 			hostapd_interface_deinit_free(hapd_iface);
2760 			k = i;
2761 			while (k < (interfaces->count - 1)) {
2762 				interfaces->iface[k] =
2763 					interfaces->iface[k + 1];
2764 				k++;
2765 			}
2766 			interfaces->count--;
2767 			return 0;
2768 		}
2769 
2770 		for (j = 0; j < hapd_iface->conf->num_bss; j++) {
2771 			if (!os_strcmp(hapd_iface->conf->bss[j]->iface, buf)) {
2772 				hapd_iface->driver_ap_teardown =
2773 					!(hapd_iface->drv_flags &
2774 					  WPA_DRIVER_FLAGS_AP_TEARDOWN_SUPPORT);
2775 				return hostapd_remove_bss(hapd_iface, j);
2776 			}
2777 		}
2778 	}
2779 	return -1;
2780 }
2781 
2782 
2783 /**
2784  * hostapd_new_assoc_sta - Notify that a new station associated with the AP
2785  * @hapd: Pointer to BSS data
2786  * @sta: Pointer to the associated STA data
2787  * @reassoc: 1 to indicate this was a re-association; 0 = first association
2788  *
2789  * This function will be called whenever a station associates with the AP. It
2790  * can be called from ieee802_11.c for drivers that export MLME to hostapd and
2791  * from drv_callbacks.c based on driver events for drivers that take care of
2792  * management frames (IEEE 802.11 authentication and association) internally.
2793  */
2794 void hostapd_new_assoc_sta(struct hostapd_data *hapd, struct sta_info *sta,
2795 			   int reassoc)
2796 {
2797 	if (hapd->tkip_countermeasures) {
2798 		hostapd_drv_sta_deauth(hapd, sta->addr,
2799 				       WLAN_REASON_MICHAEL_MIC_FAILURE);
2800 		return;
2801 	}
2802 
2803 	hostapd_prune_associations(hapd, sta->addr);
2804 	ap_sta_clear_disconnect_timeouts(hapd, sta);
2805 
2806 	/* IEEE 802.11F (IAPP) */
2807 	if (hapd->conf->ieee802_11f)
2808 		iapp_new_station(hapd->iapp, sta);
2809 
2810 #ifdef CONFIG_P2P
2811 	if (sta->p2p_ie == NULL && !sta->no_p2p_set) {
2812 		sta->no_p2p_set = 1;
2813 		hapd->num_sta_no_p2p++;
2814 		if (hapd->num_sta_no_p2p == 1)
2815 			hostapd_p2p_non_p2p_sta_connected(hapd);
2816 	}
2817 #endif /* CONFIG_P2P */
2818 
2819 	/* Start accounting here, if IEEE 802.1X and WPA are not used.
2820 	 * IEEE 802.1X/WPA code will start accounting after the station has
2821 	 * been authorized. */
2822 	if (!hapd->conf->ieee802_1x && !hapd->conf->wpa && !hapd->conf->osen) {
2823 		ap_sta_set_authorized(hapd, sta, 1);
2824 		os_get_reltime(&sta->connected_time);
2825 		accounting_sta_start(hapd, sta);
2826 	}
2827 
2828 	/* Start IEEE 802.1X authentication process for new stations */
2829 	ieee802_1x_new_station(hapd, sta);
2830 	if (reassoc) {
2831 		if (sta->auth_alg != WLAN_AUTH_FT &&
2832 		    !(sta->flags & (WLAN_STA_WPS | WLAN_STA_MAYBE_WPS)))
2833 			wpa_auth_sm_event(sta->wpa_sm, WPA_REAUTH);
2834 	} else
2835 		wpa_auth_sta_associated(hapd->wpa_auth, sta->wpa_sm);
2836 
2837 	if (!(hapd->iface->drv_flags & WPA_DRIVER_FLAGS_INACTIVITY_TIMER)) {
2838 		wpa_printf(MSG_DEBUG,
2839 			   "%s: %s: reschedule ap_handle_timer timeout for "
2840 			   MACSTR " (%d seconds - ap_max_inactivity)",
2841 			   hapd->conf->iface, __func__, MAC2STR(sta->addr),
2842 			   hapd->conf->ap_max_inactivity);
2843 		eloop_cancel_timeout(ap_handle_timer, hapd, sta);
2844 		eloop_register_timeout(hapd->conf->ap_max_inactivity, 0,
2845 				       ap_handle_timer, hapd, sta);
2846 	}
2847 }
2848 
2849 
2850 const char * hostapd_state_text(enum hostapd_iface_state s)
2851 {
2852 	switch (s) {
2853 	case HAPD_IFACE_UNINITIALIZED:
2854 		return "UNINITIALIZED";
2855 	case HAPD_IFACE_DISABLED:
2856 		return "DISABLED";
2857 	case HAPD_IFACE_COUNTRY_UPDATE:
2858 		return "COUNTRY_UPDATE";
2859 	case HAPD_IFACE_ACS:
2860 		return "ACS";
2861 	case HAPD_IFACE_HT_SCAN:
2862 		return "HT_SCAN";
2863 	case HAPD_IFACE_DFS:
2864 		return "DFS";
2865 	case HAPD_IFACE_ENABLED:
2866 		return "ENABLED";
2867 	}
2868 
2869 	return "UNKNOWN";
2870 }
2871 
2872 
2873 void hostapd_set_state(struct hostapd_iface *iface, enum hostapd_iface_state s)
2874 {
2875 	wpa_printf(MSG_INFO, "%s: interface state %s->%s",
2876 		   iface->conf ? iface->conf->bss[0]->iface : "N/A",
2877 		   hostapd_state_text(iface->state), hostapd_state_text(s));
2878 	iface->state = s;
2879 }
2880 
2881 
2882 int hostapd_csa_in_progress(struct hostapd_iface *iface)
2883 {
2884 	unsigned int i;
2885 
2886 	for (i = 0; i < iface->num_bss; i++)
2887 		if (iface->bss[i]->csa_in_progress)
2888 			return 1;
2889 	return 0;
2890 }
2891 
2892 
2893 #ifdef NEED_AP_MLME
2894 
2895 static void free_beacon_data(struct beacon_data *beacon)
2896 {
2897 	os_free(beacon->head);
2898 	beacon->head = NULL;
2899 	os_free(beacon->tail);
2900 	beacon->tail = NULL;
2901 	os_free(beacon->probe_resp);
2902 	beacon->probe_resp = NULL;
2903 	os_free(beacon->beacon_ies);
2904 	beacon->beacon_ies = NULL;
2905 	os_free(beacon->proberesp_ies);
2906 	beacon->proberesp_ies = NULL;
2907 	os_free(beacon->assocresp_ies);
2908 	beacon->assocresp_ies = NULL;
2909 }
2910 
2911 
2912 static int hostapd_build_beacon_data(struct hostapd_data *hapd,
2913 				     struct beacon_data *beacon)
2914 {
2915 	struct wpabuf *beacon_extra, *proberesp_extra, *assocresp_extra;
2916 	struct wpa_driver_ap_params params;
2917 	int ret;
2918 
2919 	os_memset(beacon, 0, sizeof(*beacon));
2920 	ret = ieee802_11_build_ap_params(hapd, &params);
2921 	if (ret < 0)
2922 		return ret;
2923 
2924 	ret = hostapd_build_ap_extra_ies(hapd, &beacon_extra,
2925 					 &proberesp_extra,
2926 					 &assocresp_extra);
2927 	if (ret)
2928 		goto free_ap_params;
2929 
2930 	ret = -1;
2931 	beacon->head = os_malloc(params.head_len);
2932 	if (!beacon->head)
2933 		goto free_ap_extra_ies;
2934 
2935 	os_memcpy(beacon->head, params.head, params.head_len);
2936 	beacon->head_len = params.head_len;
2937 
2938 	beacon->tail = os_malloc(params.tail_len);
2939 	if (!beacon->tail)
2940 		goto free_beacon;
2941 
2942 	os_memcpy(beacon->tail, params.tail, params.tail_len);
2943 	beacon->tail_len = params.tail_len;
2944 
2945 	if (params.proberesp != NULL) {
2946 		beacon->probe_resp = os_malloc(params.proberesp_len);
2947 		if (!beacon->probe_resp)
2948 			goto free_beacon;
2949 
2950 		os_memcpy(beacon->probe_resp, params.proberesp,
2951 			  params.proberesp_len);
2952 		beacon->probe_resp_len = params.proberesp_len;
2953 	}
2954 
2955 	/* copy the extra ies */
2956 	if (beacon_extra) {
2957 		beacon->beacon_ies = os_malloc(wpabuf_len(beacon_extra));
2958 		if (!beacon->beacon_ies)
2959 			goto free_beacon;
2960 
2961 		os_memcpy(beacon->beacon_ies,
2962 			  beacon_extra->buf, wpabuf_len(beacon_extra));
2963 		beacon->beacon_ies_len = wpabuf_len(beacon_extra);
2964 	}
2965 
2966 	if (proberesp_extra) {
2967 		beacon->proberesp_ies =
2968 			os_malloc(wpabuf_len(proberesp_extra));
2969 		if (!beacon->proberesp_ies)
2970 			goto free_beacon;
2971 
2972 		os_memcpy(beacon->proberesp_ies, proberesp_extra->buf,
2973 			  wpabuf_len(proberesp_extra));
2974 		beacon->proberesp_ies_len = wpabuf_len(proberesp_extra);
2975 	}
2976 
2977 	if (assocresp_extra) {
2978 		beacon->assocresp_ies =
2979 			os_malloc(wpabuf_len(assocresp_extra));
2980 		if (!beacon->assocresp_ies)
2981 			goto free_beacon;
2982 
2983 		os_memcpy(beacon->assocresp_ies, assocresp_extra->buf,
2984 			  wpabuf_len(assocresp_extra));
2985 		beacon->assocresp_ies_len = wpabuf_len(assocresp_extra);
2986 	}
2987 
2988 	ret = 0;
2989 free_beacon:
2990 	/* if the function fails, the caller should not free beacon data */
2991 	if (ret)
2992 		free_beacon_data(beacon);
2993 
2994 free_ap_extra_ies:
2995 	hostapd_free_ap_extra_ies(hapd, beacon_extra, proberesp_extra,
2996 				  assocresp_extra);
2997 free_ap_params:
2998 	ieee802_11_free_ap_params(&params);
2999 	return ret;
3000 }
3001 
3002 
3003 /*
3004  * TODO: This flow currently supports only changing channel and width within
3005  * the same hw_mode. Any other changes to MAC parameters or provided settings
3006  * are not supported.
3007  */
3008 static int hostapd_change_config_freq(struct hostapd_data *hapd,
3009 				      struct hostapd_config *conf,
3010 				      struct hostapd_freq_params *params,
3011 				      struct hostapd_freq_params *old_params)
3012 {
3013 	int channel;
3014 
3015 	if (!params->channel) {
3016 		/* check if the new channel is supported by hw */
3017 		params->channel = hostapd_hw_get_channel(hapd, params->freq);
3018 	}
3019 
3020 	channel = params->channel;
3021 	if (!channel)
3022 		return -1;
3023 
3024 	/* if a pointer to old_params is provided we save previous state */
3025 	if (old_params &&
3026 	    hostapd_set_freq_params(old_params, conf->hw_mode,
3027 				    hostapd_hw_get_freq(hapd, conf->channel),
3028 				    conf->channel, conf->ieee80211n,
3029 				    conf->ieee80211ac,
3030 				    conf->secondary_channel,
3031 				    conf->vht_oper_chwidth,
3032 				    conf->vht_oper_centr_freq_seg0_idx,
3033 				    conf->vht_oper_centr_freq_seg1_idx,
3034 				    conf->vht_capab))
3035 		return -1;
3036 
3037 	switch (params->bandwidth) {
3038 	case 0:
3039 	case 20:
3040 	case 40:
3041 		conf->vht_oper_chwidth = VHT_CHANWIDTH_USE_HT;
3042 		break;
3043 	case 80:
3044 		if (params->center_freq2)
3045 			conf->vht_oper_chwidth = VHT_CHANWIDTH_80P80MHZ;
3046 		else
3047 			conf->vht_oper_chwidth = VHT_CHANWIDTH_80MHZ;
3048 		break;
3049 	case 160:
3050 		conf->vht_oper_chwidth = VHT_CHANWIDTH_160MHZ;
3051 		break;
3052 	default:
3053 		return -1;
3054 	}
3055 
3056 	conf->channel = channel;
3057 	conf->ieee80211n = params->ht_enabled;
3058 	conf->secondary_channel = params->sec_channel_offset;
3059 	ieee80211_freq_to_chan(params->center_freq1,
3060 			       &conf->vht_oper_centr_freq_seg0_idx);
3061 	ieee80211_freq_to_chan(params->center_freq2,
3062 			       &conf->vht_oper_centr_freq_seg1_idx);
3063 
3064 	/* TODO: maybe call here hostapd_config_check here? */
3065 
3066 	return 0;
3067 }
3068 
3069 
3070 static int hostapd_fill_csa_settings(struct hostapd_data *hapd,
3071 				     struct csa_settings *settings)
3072 {
3073 	struct hostapd_iface *iface = hapd->iface;
3074 	struct hostapd_freq_params old_freq;
3075 	int ret;
3076 	u8 chan, vht_bandwidth;
3077 
3078 	os_memset(&old_freq, 0, sizeof(old_freq));
3079 	if (!iface || !iface->freq || hapd->csa_in_progress)
3080 		return -1;
3081 
3082 	switch (settings->freq_params.bandwidth) {
3083 	case 80:
3084 		if (settings->freq_params.center_freq2)
3085 			vht_bandwidth = VHT_CHANWIDTH_80P80MHZ;
3086 		else
3087 			vht_bandwidth = VHT_CHANWIDTH_80MHZ;
3088 		break;
3089 	case 160:
3090 		vht_bandwidth = VHT_CHANWIDTH_160MHZ;
3091 		break;
3092 	default:
3093 		vht_bandwidth = VHT_CHANWIDTH_USE_HT;
3094 		break;
3095 	}
3096 
3097 	if (ieee80211_freq_to_channel_ext(
3098 		    settings->freq_params.freq,
3099 		    settings->freq_params.sec_channel_offset,
3100 		    vht_bandwidth,
3101 		    &hapd->iface->cs_oper_class,
3102 		    &chan) == NUM_HOSTAPD_MODES) {
3103 		wpa_printf(MSG_DEBUG,
3104 			   "invalid frequency for channel switch (freq=%d, sec_channel_offset=%d, vht_enabled=%d)",
3105 			   settings->freq_params.freq,
3106 			   settings->freq_params.sec_channel_offset,
3107 			   settings->freq_params.vht_enabled);
3108 		return -1;
3109 	}
3110 
3111 	settings->freq_params.channel = chan;
3112 
3113 	ret = hostapd_change_config_freq(iface->bss[0], iface->conf,
3114 					 &settings->freq_params,
3115 					 &old_freq);
3116 	if (ret)
3117 		return ret;
3118 
3119 	ret = hostapd_build_beacon_data(hapd, &settings->beacon_after);
3120 
3121 	/* change back the configuration */
3122 	hostapd_change_config_freq(iface->bss[0], iface->conf,
3123 				   &old_freq, NULL);
3124 
3125 	if (ret)
3126 		return ret;
3127 
3128 	/* set channel switch parameters for csa ie */
3129 	hapd->cs_freq_params = settings->freq_params;
3130 	hapd->cs_count = settings->cs_count;
3131 	hapd->cs_block_tx = settings->block_tx;
3132 
3133 	ret = hostapd_build_beacon_data(hapd, &settings->beacon_csa);
3134 	if (ret) {
3135 		free_beacon_data(&settings->beacon_after);
3136 		return ret;
3137 	}
3138 
3139 	settings->counter_offset_beacon[0] = hapd->cs_c_off_beacon;
3140 	settings->counter_offset_presp[0] = hapd->cs_c_off_proberesp;
3141 	settings->counter_offset_beacon[1] = hapd->cs_c_off_ecsa_beacon;
3142 	settings->counter_offset_presp[1] = hapd->cs_c_off_ecsa_proberesp;
3143 
3144 	return 0;
3145 }
3146 
3147 
3148 void hostapd_cleanup_cs_params(struct hostapd_data *hapd)
3149 {
3150 	os_memset(&hapd->cs_freq_params, 0, sizeof(hapd->cs_freq_params));
3151 	hapd->cs_count = 0;
3152 	hapd->cs_block_tx = 0;
3153 	hapd->cs_c_off_beacon = 0;
3154 	hapd->cs_c_off_proberesp = 0;
3155 	hapd->csa_in_progress = 0;
3156 	hapd->cs_c_off_ecsa_beacon = 0;
3157 	hapd->cs_c_off_ecsa_proberesp = 0;
3158 }
3159 
3160 
3161 int hostapd_switch_channel(struct hostapd_data *hapd,
3162 			   struct csa_settings *settings)
3163 {
3164 	int ret;
3165 
3166 	if (!(hapd->iface->drv_flags & WPA_DRIVER_FLAGS_AP_CSA)) {
3167 		wpa_printf(MSG_INFO, "CSA is not supported");
3168 		return -1;
3169 	}
3170 
3171 	ret = hostapd_fill_csa_settings(hapd, settings);
3172 	if (ret)
3173 		return ret;
3174 
3175 	ret = hostapd_drv_switch_channel(hapd, settings);
3176 	free_beacon_data(&settings->beacon_csa);
3177 	free_beacon_data(&settings->beacon_after);
3178 
3179 	if (ret) {
3180 		/* if we failed, clean cs parameters */
3181 		hostapd_cleanup_cs_params(hapd);
3182 		return ret;
3183 	}
3184 
3185 	hapd->csa_in_progress = 1;
3186 	return 0;
3187 }
3188 
3189 
3190 void
3191 hostapd_switch_channel_fallback(struct hostapd_iface *iface,
3192 				const struct hostapd_freq_params *freq_params)
3193 {
3194 	int vht_seg0_idx = 0, vht_seg1_idx = 0, vht_bw = VHT_CHANWIDTH_USE_HT;
3195 	unsigned int i;
3196 
3197 	wpa_printf(MSG_DEBUG, "Restarting all CSA-related BSSes");
3198 
3199 	if (freq_params->center_freq1)
3200 		vht_seg0_idx = 36 + (freq_params->center_freq1 - 5180) / 5;
3201 	if (freq_params->center_freq2)
3202 		vht_seg1_idx = 36 + (freq_params->center_freq2 - 5180) / 5;
3203 
3204 	switch (freq_params->bandwidth) {
3205 	case 0:
3206 	case 20:
3207 	case 40:
3208 		vht_bw = VHT_CHANWIDTH_USE_HT;
3209 		break;
3210 	case 80:
3211 		if (freq_params->center_freq2)
3212 			vht_bw = VHT_CHANWIDTH_80P80MHZ;
3213 		else
3214 			vht_bw = VHT_CHANWIDTH_80MHZ;
3215 		break;
3216 	case 160:
3217 		vht_bw = VHT_CHANWIDTH_160MHZ;
3218 		break;
3219 	default:
3220 		wpa_printf(MSG_WARNING, "Unknown CSA bandwidth: %d",
3221 			   freq_params->bandwidth);
3222 		break;
3223 	}
3224 
3225 	iface->freq = freq_params->freq;
3226 	iface->conf->channel = freq_params->channel;
3227 	iface->conf->secondary_channel = freq_params->sec_channel_offset;
3228 	iface->conf->vht_oper_centr_freq_seg0_idx = vht_seg0_idx;
3229 	iface->conf->vht_oper_centr_freq_seg1_idx = vht_seg1_idx;
3230 	iface->conf->vht_oper_chwidth = vht_bw;
3231 	iface->conf->ieee80211n = freq_params->ht_enabled;
3232 	iface->conf->ieee80211ac = freq_params->vht_enabled;
3233 
3234 	/*
3235 	 * cs_params must not be cleared earlier because the freq_params
3236 	 * argument may actually point to one of these.
3237 	 */
3238 	for (i = 0; i < iface->num_bss; i++)
3239 		hostapd_cleanup_cs_params(iface->bss[i]);
3240 
3241 	hostapd_disable_iface(iface);
3242 	hostapd_enable_iface(iface);
3243 }
3244 
3245 #endif /* NEED_AP_MLME */
3246 
3247 
3248 struct hostapd_data * hostapd_get_iface(struct hapd_interfaces *interfaces,
3249 					const char *ifname)
3250 {
3251 	size_t i, j;
3252 
3253 	for (i = 0; i < interfaces->count; i++) {
3254 		struct hostapd_iface *iface = interfaces->iface[i];
3255 
3256 		for (j = 0; j < iface->num_bss; j++) {
3257 			struct hostapd_data *hapd = iface->bss[j];
3258 
3259 			if (os_strcmp(ifname, hapd->conf->iface) == 0)
3260 				return hapd;
3261 		}
3262 	}
3263 
3264 	return NULL;
3265 }
3266 
3267 
3268 void hostapd_periodic_iface(struct hostapd_iface *iface)
3269 {
3270 	size_t i;
3271 
3272 	ap_list_timer(iface);
3273 
3274 	for (i = 0; i < iface->num_bss; i++) {
3275 		struct hostapd_data *hapd = iface->bss[i];
3276 
3277 		if (!hapd->started)
3278 			continue;
3279 
3280 #ifndef CONFIG_NO_RADIUS
3281 		hostapd_acl_expire(hapd);
3282 #endif /* CONFIG_NO_RADIUS */
3283 	}
3284 }
3285