1 /* 2 * Driver interaction with Linux nl80211/cfg80211 - Event processing 3 * Copyright (c) 2002-2017, Jouni Malinen <j@w1.fi> 4 * Copyright (c) 2007, Johannes Berg <johannes@sipsolutions.net> 5 * Copyright (c) 2009-2010, Atheros Communications 6 * 7 * This software may be distributed under the terms of the BSD license. 8 * See README for more details. 9 */ 10 11 #include "includes.h" 12 #include <netlink/genl/genl.h> 13 14 #include "utils/common.h" 15 #include "utils/eloop.h" 16 #include "common/qca-vendor.h" 17 #include "common/qca-vendor-attr.h" 18 #include "common/brcm_vendor.h" 19 #include "common/ieee802_11_defs.h" 20 #include "common/ieee802_11_common.h" 21 #include "driver_nl80211.h" 22 23 24 static void 25 nl80211_control_port_frame_tx_status(struct wpa_driver_nl80211_data *drv, 26 const u8 *frame, size_t len, 27 struct nlattr *ack, struct nlattr *cookie); 28 29 30 static const char * nl80211_command_to_string(enum nl80211_commands cmd) 31 { 32 #define C2S(x) case x: return #x; 33 switch (cmd) { 34 C2S(NL80211_CMD_UNSPEC) 35 C2S(NL80211_CMD_GET_WIPHY) 36 C2S(NL80211_CMD_SET_WIPHY) 37 C2S(NL80211_CMD_NEW_WIPHY) 38 C2S(NL80211_CMD_DEL_WIPHY) 39 C2S(NL80211_CMD_GET_INTERFACE) 40 C2S(NL80211_CMD_SET_INTERFACE) 41 C2S(NL80211_CMD_NEW_INTERFACE) 42 C2S(NL80211_CMD_DEL_INTERFACE) 43 C2S(NL80211_CMD_GET_KEY) 44 C2S(NL80211_CMD_SET_KEY) 45 C2S(NL80211_CMD_NEW_KEY) 46 C2S(NL80211_CMD_DEL_KEY) 47 C2S(NL80211_CMD_GET_BEACON) 48 C2S(NL80211_CMD_SET_BEACON) 49 C2S(NL80211_CMD_START_AP) 50 C2S(NL80211_CMD_STOP_AP) 51 C2S(NL80211_CMD_GET_STATION) 52 C2S(NL80211_CMD_SET_STATION) 53 C2S(NL80211_CMD_NEW_STATION) 54 C2S(NL80211_CMD_DEL_STATION) 55 C2S(NL80211_CMD_GET_MPATH) 56 C2S(NL80211_CMD_SET_MPATH) 57 C2S(NL80211_CMD_NEW_MPATH) 58 C2S(NL80211_CMD_DEL_MPATH) 59 C2S(NL80211_CMD_SET_BSS) 60 C2S(NL80211_CMD_SET_REG) 61 C2S(NL80211_CMD_REQ_SET_REG) 62 C2S(NL80211_CMD_GET_MESH_CONFIG) 63 C2S(NL80211_CMD_SET_MESH_CONFIG) 64 C2S(NL80211_CMD_SET_MGMT_EXTRA_IE) 65 C2S(NL80211_CMD_GET_REG) 66 C2S(NL80211_CMD_GET_SCAN) 67 C2S(NL80211_CMD_TRIGGER_SCAN) 68 C2S(NL80211_CMD_NEW_SCAN_RESULTS) 69 C2S(NL80211_CMD_SCAN_ABORTED) 70 C2S(NL80211_CMD_REG_CHANGE) 71 C2S(NL80211_CMD_AUTHENTICATE) 72 C2S(NL80211_CMD_ASSOCIATE) 73 C2S(NL80211_CMD_DEAUTHENTICATE) 74 C2S(NL80211_CMD_DISASSOCIATE) 75 C2S(NL80211_CMD_MICHAEL_MIC_FAILURE) 76 C2S(NL80211_CMD_REG_BEACON_HINT) 77 C2S(NL80211_CMD_JOIN_IBSS) 78 C2S(NL80211_CMD_LEAVE_IBSS) 79 C2S(NL80211_CMD_TESTMODE) 80 C2S(NL80211_CMD_CONNECT) 81 C2S(NL80211_CMD_ROAM) 82 C2S(NL80211_CMD_DISCONNECT) 83 C2S(NL80211_CMD_SET_WIPHY_NETNS) 84 C2S(NL80211_CMD_GET_SURVEY) 85 C2S(NL80211_CMD_NEW_SURVEY_RESULTS) 86 C2S(NL80211_CMD_SET_PMKSA) 87 C2S(NL80211_CMD_DEL_PMKSA) 88 C2S(NL80211_CMD_FLUSH_PMKSA) 89 C2S(NL80211_CMD_REMAIN_ON_CHANNEL) 90 C2S(NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL) 91 C2S(NL80211_CMD_SET_TX_BITRATE_MASK) 92 C2S(NL80211_CMD_REGISTER_FRAME) 93 C2S(NL80211_CMD_FRAME) 94 C2S(NL80211_CMD_FRAME_TX_STATUS) 95 C2S(NL80211_CMD_SET_POWER_SAVE) 96 C2S(NL80211_CMD_GET_POWER_SAVE) 97 C2S(NL80211_CMD_SET_CQM) 98 C2S(NL80211_CMD_NOTIFY_CQM) 99 C2S(NL80211_CMD_SET_CHANNEL) 100 C2S(NL80211_CMD_SET_WDS_PEER) 101 C2S(NL80211_CMD_FRAME_WAIT_CANCEL) 102 C2S(NL80211_CMD_JOIN_MESH) 103 C2S(NL80211_CMD_LEAVE_MESH) 104 C2S(NL80211_CMD_UNPROT_DEAUTHENTICATE) 105 C2S(NL80211_CMD_UNPROT_DISASSOCIATE) 106 C2S(NL80211_CMD_NEW_PEER_CANDIDATE) 107 C2S(NL80211_CMD_GET_WOWLAN) 108 C2S(NL80211_CMD_SET_WOWLAN) 109 C2S(NL80211_CMD_START_SCHED_SCAN) 110 C2S(NL80211_CMD_STOP_SCHED_SCAN) 111 C2S(NL80211_CMD_SCHED_SCAN_RESULTS) 112 C2S(NL80211_CMD_SCHED_SCAN_STOPPED) 113 C2S(NL80211_CMD_SET_REKEY_OFFLOAD) 114 C2S(NL80211_CMD_PMKSA_CANDIDATE) 115 C2S(NL80211_CMD_TDLS_OPER) 116 C2S(NL80211_CMD_TDLS_MGMT) 117 C2S(NL80211_CMD_UNEXPECTED_FRAME) 118 C2S(NL80211_CMD_PROBE_CLIENT) 119 C2S(NL80211_CMD_REGISTER_BEACONS) 120 C2S(NL80211_CMD_UNEXPECTED_4ADDR_FRAME) 121 C2S(NL80211_CMD_SET_NOACK_MAP) 122 C2S(NL80211_CMD_CH_SWITCH_NOTIFY) 123 C2S(NL80211_CMD_START_P2P_DEVICE) 124 C2S(NL80211_CMD_STOP_P2P_DEVICE) 125 C2S(NL80211_CMD_CONN_FAILED) 126 C2S(NL80211_CMD_SET_MCAST_RATE) 127 C2S(NL80211_CMD_SET_MAC_ACL) 128 C2S(NL80211_CMD_RADAR_DETECT) 129 C2S(NL80211_CMD_GET_PROTOCOL_FEATURES) 130 C2S(NL80211_CMD_UPDATE_FT_IES) 131 C2S(NL80211_CMD_FT_EVENT) 132 C2S(NL80211_CMD_CRIT_PROTOCOL_START) 133 C2S(NL80211_CMD_CRIT_PROTOCOL_STOP) 134 C2S(NL80211_CMD_GET_COALESCE) 135 C2S(NL80211_CMD_SET_COALESCE) 136 C2S(NL80211_CMD_CHANNEL_SWITCH) 137 C2S(NL80211_CMD_VENDOR) 138 C2S(NL80211_CMD_SET_QOS_MAP) 139 C2S(NL80211_CMD_ADD_TX_TS) 140 C2S(NL80211_CMD_DEL_TX_TS) 141 C2S(NL80211_CMD_GET_MPP) 142 C2S(NL80211_CMD_JOIN_OCB) 143 C2S(NL80211_CMD_LEAVE_OCB) 144 C2S(NL80211_CMD_CH_SWITCH_STARTED_NOTIFY) 145 C2S(NL80211_CMD_TDLS_CHANNEL_SWITCH) 146 C2S(NL80211_CMD_TDLS_CANCEL_CHANNEL_SWITCH) 147 C2S(NL80211_CMD_WIPHY_REG_CHANGE) 148 C2S(NL80211_CMD_ABORT_SCAN) 149 C2S(NL80211_CMD_START_NAN) 150 C2S(NL80211_CMD_STOP_NAN) 151 C2S(NL80211_CMD_ADD_NAN_FUNCTION) 152 C2S(NL80211_CMD_DEL_NAN_FUNCTION) 153 C2S(NL80211_CMD_CHANGE_NAN_CONFIG) 154 C2S(NL80211_CMD_NAN_MATCH) 155 C2S(NL80211_CMD_SET_MULTICAST_TO_UNICAST) 156 C2S(NL80211_CMD_UPDATE_CONNECT_PARAMS) 157 C2S(NL80211_CMD_SET_PMK) 158 C2S(NL80211_CMD_DEL_PMK) 159 C2S(NL80211_CMD_PORT_AUTHORIZED) 160 C2S(NL80211_CMD_RELOAD_REGDB) 161 C2S(NL80211_CMD_EXTERNAL_AUTH) 162 C2S(NL80211_CMD_STA_OPMODE_CHANGED) 163 C2S(NL80211_CMD_CONTROL_PORT_FRAME) 164 C2S(NL80211_CMD_GET_FTM_RESPONDER_STATS) 165 C2S(NL80211_CMD_PEER_MEASUREMENT_START) 166 C2S(NL80211_CMD_PEER_MEASUREMENT_RESULT) 167 C2S(NL80211_CMD_PEER_MEASUREMENT_COMPLETE) 168 C2S(NL80211_CMD_NOTIFY_RADAR) 169 C2S(NL80211_CMD_UPDATE_OWE_INFO) 170 C2S(NL80211_CMD_PROBE_MESH_LINK) 171 C2S(NL80211_CMD_SET_TID_CONFIG) 172 C2S(NL80211_CMD_UNPROT_BEACON) 173 C2S(NL80211_CMD_CONTROL_PORT_FRAME_TX_STATUS) 174 C2S(NL80211_CMD_SET_SAR_SPECS) 175 C2S(__NL80211_CMD_AFTER_LAST) 176 } 177 #undef C2S 178 179 return "NL80211_CMD_UNKNOWN"; 180 } 181 182 183 static void mlme_event_auth(struct wpa_driver_nl80211_data *drv, 184 const u8 *frame, size_t len) 185 { 186 const struct ieee80211_mgmt *mgmt; 187 union wpa_event_data event; 188 189 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME) && 190 drv->force_connect_cmd) { 191 /* 192 * Avoid reporting two association events that would confuse 193 * the core code. 194 */ 195 wpa_printf(MSG_DEBUG, 196 "nl80211: Ignore auth event when using driver SME"); 197 return; 198 } 199 200 wpa_printf(MSG_DEBUG, "nl80211: Authenticate event"); 201 mgmt = (const struct ieee80211_mgmt *) frame; 202 if (len < 24 + sizeof(mgmt->u.auth)) { 203 wpa_printf(MSG_DEBUG, "nl80211: Too short association event " 204 "frame"); 205 return; 206 } 207 208 os_memcpy(drv->auth_bssid, mgmt->sa, ETH_ALEN); 209 os_memset(drv->auth_attempt_bssid, 0, ETH_ALEN); 210 os_memset(&event, 0, sizeof(event)); 211 os_memcpy(event.auth.peer, mgmt->sa, ETH_ALEN); 212 event.auth.auth_type = le_to_host16(mgmt->u.auth.auth_alg); 213 event.auth.auth_transaction = 214 le_to_host16(mgmt->u.auth.auth_transaction); 215 event.auth.status_code = le_to_host16(mgmt->u.auth.status_code); 216 if (len > 24 + sizeof(mgmt->u.auth)) { 217 event.auth.ies = mgmt->u.auth.variable; 218 event.auth.ies_len = len - 24 - sizeof(mgmt->u.auth); 219 } 220 221 wpa_supplicant_event(drv->ctx, EVENT_AUTH, &event); 222 } 223 224 225 static void nl80211_parse_wmm_params(struct nlattr *wmm_attr, 226 struct wmm_params *wmm_params) 227 { 228 struct nlattr *wmm_info[NL80211_STA_WME_MAX + 1]; 229 static struct nla_policy wme_policy[NL80211_STA_WME_MAX + 1] = { 230 [NL80211_STA_WME_UAPSD_QUEUES] = { .type = NLA_U8 }, 231 }; 232 233 if (!wmm_attr || 234 nla_parse_nested(wmm_info, NL80211_STA_WME_MAX, wmm_attr, 235 wme_policy) || 236 !wmm_info[NL80211_STA_WME_UAPSD_QUEUES]) 237 return; 238 239 wmm_params->uapsd_queues = 240 nla_get_u8(wmm_info[NL80211_STA_WME_UAPSD_QUEUES]); 241 wmm_params->info_bitmap |= WMM_PARAMS_UAPSD_QUEUES_INFO; 242 } 243 244 245 static void mlme_event_assoc(struct wpa_driver_nl80211_data *drv, 246 const u8 *frame, size_t len, struct nlattr *wmm, 247 struct nlattr *req_ie) 248 { 249 const struct ieee80211_mgmt *mgmt; 250 union wpa_event_data event; 251 u16 status; 252 int ssid_len; 253 254 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME) && 255 drv->force_connect_cmd) { 256 /* 257 * Avoid reporting two association events that would confuse 258 * the core code. 259 */ 260 wpa_printf(MSG_DEBUG, 261 "nl80211: Ignore assoc event when using driver SME"); 262 return; 263 } 264 265 wpa_printf(MSG_DEBUG, "nl80211: Associate event"); 266 mgmt = (const struct ieee80211_mgmt *) frame; 267 if (len < 24 + sizeof(mgmt->u.assoc_resp)) { 268 wpa_printf(MSG_DEBUG, "nl80211: Too short association event " 269 "frame"); 270 return; 271 } 272 273 status = le_to_host16(mgmt->u.assoc_resp.status_code); 274 if (status != WLAN_STATUS_SUCCESS) { 275 os_memset(&event, 0, sizeof(event)); 276 event.assoc_reject.bssid = mgmt->bssid; 277 if (len > 24 + sizeof(mgmt->u.assoc_resp)) { 278 event.assoc_reject.resp_ies = 279 (u8 *) mgmt->u.assoc_resp.variable; 280 event.assoc_reject.resp_ies_len = 281 len - 24 - sizeof(mgmt->u.assoc_resp); 282 } 283 event.assoc_reject.status_code = status; 284 285 wpa_supplicant_event(drv->ctx, EVENT_ASSOC_REJECT, &event); 286 return; 287 } 288 289 drv->associated = 1; 290 os_memcpy(drv->bssid, mgmt->sa, ETH_ALEN); 291 os_memcpy(drv->prev_bssid, mgmt->sa, ETH_ALEN); 292 293 os_memset(&event, 0, sizeof(event)); 294 event.assoc_info.resp_frame = frame; 295 event.assoc_info.resp_frame_len = len; 296 if (len > 24 + sizeof(mgmt->u.assoc_resp)) { 297 event.assoc_info.resp_ies = (u8 *) mgmt->u.assoc_resp.variable; 298 event.assoc_info.resp_ies_len = 299 len - 24 - sizeof(mgmt->u.assoc_resp); 300 } 301 302 if (req_ie) { 303 event.assoc_info.req_ies = nla_data(req_ie); 304 event.assoc_info.req_ies_len = nla_len(req_ie); 305 } 306 307 /* When this association was initiated outside of wpa_supplicant, 308 * drv->ssid needs to be set here to satisfy later checking. */ 309 ssid_len = nl80211_get_assoc_ssid(drv, drv->ssid); 310 if (ssid_len > 0) { 311 drv->ssid_len = ssid_len; 312 wpa_printf(MSG_DEBUG, 313 "nl80211: Set drv->ssid based on scan res info to '%s'", 314 wpa_ssid_txt(drv->ssid, drv->ssid_len)); 315 } 316 317 event.assoc_info.freq = drv->assoc_freq; 318 drv->first_bss->freq = drv->assoc_freq; 319 320 nl80211_parse_wmm_params(wmm, &event.assoc_info.wmm_params); 321 322 wpa_supplicant_event(drv->ctx, EVENT_ASSOC, &event); 323 } 324 325 326 #ifdef CONFIG_DRIVER_NL80211_QCA 327 328 static int qca_drv_connect_fail_reason_code_handler(struct nl_msg *msg, 329 void *arg) 330 { 331 struct nlattr *tb[NL80211_ATTR_MAX + 1]; 332 struct nlattr *tb_sta_info[QCA_WLAN_VENDOR_ATTR_GET_STA_INFO_MAX + 1]; 333 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); 334 u32 *reason_code = arg; 335 336 *reason_code = 0; 337 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), 338 genlmsg_attrlen(gnlh, 0), NULL); 339 340 if (!tb[NL80211_ATTR_VENDOR_DATA]) { 341 wpa_printf(MSG_ERROR, "%s: Vendor data not found", __func__); 342 return NL_SKIP; 343 } 344 345 nla_parse(tb_sta_info, QCA_WLAN_VENDOR_ATTR_GET_STA_INFO_MAX, 346 nla_data(tb[NL80211_ATTR_VENDOR_DATA]), 347 nla_len(tb[NL80211_ATTR_VENDOR_DATA]), NULL); 348 349 if (!tb_sta_info[QCA_WLAN_VENDOR_ATTR_GET_STA_INFO_CONNECT_FAIL_REASON_CODE]) { 350 wpa_printf(MSG_INFO, "%s: Vendor attr not found", __func__); 351 return NL_SKIP; 352 } 353 354 *reason_code = nla_get_u32(tb_sta_info[QCA_WLAN_VENDOR_ATTR_GET_STA_INFO_CONNECT_FAIL_REASON_CODE]); 355 356 return NL_SKIP; 357 } 358 359 360 static enum qca_sta_connect_fail_reason_codes 361 drv_get_connect_fail_reason_code(struct wpa_driver_nl80211_data *drv) 362 { 363 enum qca_sta_connect_fail_reason_codes reason_code; 364 struct nl_msg *msg; 365 int ret; 366 367 msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR); 368 if (!msg || nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) || 369 nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD, 370 QCA_NL80211_VENDOR_SUBCMD_GET_STA_INFO)) { 371 nlmsg_free(msg); 372 return 0; 373 } 374 375 ret = send_and_recv_msgs(drv, msg, 376 qca_drv_connect_fail_reason_code_handler, 377 &reason_code, NULL, NULL); 378 if (ret) 379 wpa_printf(MSG_DEBUG, 380 "nl80211: Get connect fail reason_code failed: ret=%d (%s)", 381 ret, strerror(-ret)); 382 383 return reason_code; 384 } 385 386 387 static enum sta_connect_fail_reason_codes 388 convert_connect_fail_reason_codes(enum qca_sta_connect_fail_reason_codes 389 reason_code) 390 { 391 switch (reason_code) { 392 case QCA_STA_CONNECT_FAIL_REASON_NO_BSS_FOUND: 393 return STA_CONNECT_FAIL_REASON_NO_BSS_FOUND; 394 case QCA_STA_CONNECT_FAIL_REASON_AUTH_TX_FAIL: 395 return STA_CONNECT_FAIL_REASON_AUTH_TX_FAIL; 396 case QCA_STA_CONNECT_FAIL_REASON_AUTH_NO_ACK_RECEIVED: 397 return STA_CONNECT_FAIL_REASON_AUTH_NO_ACK_RECEIVED; 398 case QCA_STA_CONNECT_FAIL_REASON_AUTH_NO_RESP_RECEIVED: 399 return STA_CONNECT_FAIL_REASON_AUTH_NO_RESP_RECEIVED; 400 case QCA_STA_CONNECT_FAIL_REASON_ASSOC_REQ_TX_FAIL: 401 return STA_CONNECT_FAIL_REASON_ASSOC_REQ_TX_FAIL; 402 case QCA_STA_CONNECT_FAIL_REASON_ASSOC_NO_ACK_RECEIVED: 403 return STA_CONNECT_FAIL_REASON_ASSOC_NO_ACK_RECEIVED; 404 case QCA_STA_CONNECT_FAIL_REASON_ASSOC_NO_RESP_RECEIVED: 405 return STA_CONNECT_FAIL_REASON_ASSOC_NO_RESP_RECEIVED; 406 default: 407 return STA_CONNECT_FAIL_REASON_UNSPECIFIED; 408 } 409 } 410 411 #endif /* CONFIG_DRIVER_NL80211_QCA */ 412 413 414 static void mlme_event_connect(struct wpa_driver_nl80211_data *drv, 415 enum nl80211_commands cmd, struct nlattr *status, 416 struct nlattr *addr, struct nlattr *req_ie, 417 struct nlattr *resp_ie, 418 struct nlattr *timed_out, 419 struct nlattr *timeout_reason, 420 struct nlattr *authorized, 421 struct nlattr *key_replay_ctr, 422 struct nlattr *ptk_kck, 423 struct nlattr *ptk_kek, 424 struct nlattr *subnet_status, 425 struct nlattr *fils_erp_next_seq_num, 426 struct nlattr *fils_pmk, 427 struct nlattr *fils_pmkid) 428 { 429 union wpa_event_data event; 430 const u8 *ssid = NULL; 431 u16 status_code; 432 int ssid_len; 433 434 if (drv->capa.flags & WPA_DRIVER_FLAGS_SME) { 435 /* 436 * Avoid reporting two association events that would confuse 437 * the core code. 438 */ 439 wpa_printf(MSG_DEBUG, "nl80211: Ignore connect event (cmd=%d) " 440 "when using userspace SME", cmd); 441 return; 442 } 443 444 drv->connect_reassoc = 0; 445 446 status_code = status ? nla_get_u16(status) : WLAN_STATUS_SUCCESS; 447 448 if (cmd == NL80211_CMD_CONNECT) { 449 wpa_printf(MSG_DEBUG, 450 "nl80211: Connect event (status=%u ignore_next_local_disconnect=%d)", 451 status_code, drv->ignore_next_local_disconnect); 452 } else if (cmd == NL80211_CMD_ROAM) { 453 wpa_printf(MSG_DEBUG, "nl80211: Roam event"); 454 } 455 456 os_memset(&event, 0, sizeof(event)); 457 if (cmd == NL80211_CMD_CONNECT && status_code != WLAN_STATUS_SUCCESS) { 458 if (addr) 459 event.assoc_reject.bssid = nla_data(addr); 460 if (drv->ignore_next_local_disconnect) { 461 drv->ignore_next_local_disconnect = 0; 462 if (!event.assoc_reject.bssid || 463 (os_memcmp(event.assoc_reject.bssid, 464 drv->auth_attempt_bssid, 465 ETH_ALEN) != 0)) { 466 /* 467 * Ignore the event that came without a BSSID or 468 * for the old connection since this is likely 469 * not relevant to the new Connect command. 470 */ 471 wpa_printf(MSG_DEBUG, 472 "nl80211: Ignore connection failure event triggered during reassociation"); 473 return; 474 } 475 } 476 if (resp_ie) { 477 event.assoc_reject.resp_ies = nla_data(resp_ie); 478 event.assoc_reject.resp_ies_len = nla_len(resp_ie); 479 } 480 event.assoc_reject.status_code = status_code; 481 event.assoc_reject.timed_out = timed_out != NULL; 482 if (timed_out && timeout_reason) { 483 enum nl80211_timeout_reason reason; 484 485 reason = nla_get_u32(timeout_reason); 486 switch (reason) { 487 case NL80211_TIMEOUT_SCAN: 488 event.assoc_reject.timeout_reason = "scan"; 489 break; 490 case NL80211_TIMEOUT_AUTH: 491 event.assoc_reject.timeout_reason = "auth"; 492 break; 493 case NL80211_TIMEOUT_ASSOC: 494 event.assoc_reject.timeout_reason = "assoc"; 495 break; 496 default: 497 break; 498 } 499 } 500 if (fils_erp_next_seq_num) 501 event.assoc_reject.fils_erp_next_seq_num = 502 nla_get_u16(fils_erp_next_seq_num); 503 504 #ifdef CONFIG_DRIVER_NL80211_QCA 505 if (drv->get_sta_info_vendor_cmd_avail) { 506 enum qca_sta_connect_fail_reason_codes reason_code; 507 508 reason_code = drv_get_connect_fail_reason_code(drv); 509 event.assoc_reject.reason_code = 510 convert_connect_fail_reason_codes(reason_code); 511 } 512 #endif /* CONFIG_DRIVER_NL80211_QCA */ 513 514 wpa_supplicant_event(drv->ctx, EVENT_ASSOC_REJECT, &event); 515 return; 516 } 517 518 drv->associated = 1; 519 if (addr) { 520 os_memcpy(drv->bssid, nla_data(addr), ETH_ALEN); 521 os_memcpy(drv->prev_bssid, drv->bssid, ETH_ALEN); 522 } 523 524 if (req_ie) { 525 event.assoc_info.req_ies = nla_data(req_ie); 526 event.assoc_info.req_ies_len = nla_len(req_ie); 527 528 if (cmd == NL80211_CMD_ROAM) { 529 ssid = get_ie(event.assoc_info.req_ies, 530 event.assoc_info.req_ies_len, 531 WLAN_EID_SSID); 532 if (ssid && ssid[1] > 0 && ssid[1] <= 32) { 533 drv->ssid_len = ssid[1]; 534 os_memcpy(drv->ssid, ssid + 2, ssid[1]); 535 wpa_printf(MSG_DEBUG, 536 "nl80211: Set drv->ssid based on req_ie to '%s'", 537 wpa_ssid_txt(drv->ssid, 538 drv->ssid_len)); 539 } 540 } 541 } 542 if (resp_ie) { 543 event.assoc_info.resp_ies = nla_data(resp_ie); 544 event.assoc_info.resp_ies_len = nla_len(resp_ie); 545 } 546 547 event.assoc_info.freq = nl80211_get_assoc_freq(drv); 548 drv->first_bss->freq = drv->assoc_freq; 549 550 if ((!ssid || ssid[1] == 0 || ssid[1] > 32) && 551 (ssid_len = nl80211_get_assoc_ssid(drv, drv->ssid)) > 0) { 552 /* When this connection was initiated outside of wpa_supplicant, 553 * drv->ssid needs to be set here to satisfy later checking. */ 554 drv->ssid_len = ssid_len; 555 wpa_printf(MSG_DEBUG, 556 "nl80211: Set drv->ssid based on scan res info to '%s'", 557 wpa_ssid_txt(drv->ssid, drv->ssid_len)); 558 } 559 560 if (authorized && nla_get_u8(authorized)) { 561 event.assoc_info.authorized = 1; 562 wpa_printf(MSG_DEBUG, "nl80211: connection authorized"); 563 } 564 if (key_replay_ctr) { 565 event.assoc_info.key_replay_ctr = nla_data(key_replay_ctr); 566 event.assoc_info.key_replay_ctr_len = nla_len(key_replay_ctr); 567 } 568 if (ptk_kck) { 569 event.assoc_info.ptk_kck = nla_data(ptk_kck); 570 event.assoc_info.ptk_kck_len = nla_len(ptk_kck); 571 } 572 if (ptk_kek) { 573 event.assoc_info.ptk_kek = nla_data(ptk_kek); 574 event.assoc_info.ptk_kek_len = nla_len(ptk_kek); 575 } 576 577 if (subnet_status) { 578 /* 579 * At least for now, this is only available from 580 * QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_SUBNET_STATUS and that 581 * attribute has the same values 0, 1, 2 as are used in the 582 * variable here, so no mapping between different values are 583 * needed. 584 */ 585 event.assoc_info.subnet_status = nla_get_u8(subnet_status); 586 } 587 588 if (fils_erp_next_seq_num) 589 event.assoc_info.fils_erp_next_seq_num = 590 nla_get_u16(fils_erp_next_seq_num); 591 592 if (fils_pmk) { 593 event.assoc_info.fils_pmk = nla_data(fils_pmk); 594 event.assoc_info.fils_pmk_len = nla_len(fils_pmk); 595 } 596 597 if (fils_pmkid) 598 event.assoc_info.fils_pmkid = nla_data(fils_pmkid); 599 600 wpa_supplicant_event(drv->ctx, EVENT_ASSOC, &event); 601 602 /* Avoid a race condition by stopping to ignore any following 603 * disconnection events now that the driver has indicated it is 604 * connected since that connection could have been triggered by a roam 605 * operation that happened in parallel with the disconnection request. 606 */ 607 drv->ignore_next_local_disconnect = 0; 608 } 609 610 611 static void mlme_event_disconnect(struct wpa_driver_nl80211_data *drv, 612 struct nlattr *reason, struct nlattr *addr, 613 struct nlattr *by_ap) 614 { 615 union wpa_event_data data; 616 unsigned int locally_generated = by_ap == NULL; 617 618 if (drv->capa.flags & WPA_DRIVER_FLAGS_SME) { 619 /* 620 * Avoid reporting two disassociation events that could 621 * confuse the core code. 622 */ 623 wpa_printf(MSG_DEBUG, "nl80211: Ignore disconnect " 624 "event when using userspace SME"); 625 return; 626 } 627 628 if (drv->ignore_next_local_disconnect) { 629 drv->ignore_next_local_disconnect = 0; 630 if (locally_generated) { 631 wpa_printf(MSG_DEBUG, "nl80211: Ignore disconnect " 632 "event triggered during reassociation"); 633 return; 634 } 635 wpa_printf(MSG_WARNING, "nl80211: Was expecting local " 636 "disconnect but got another disconnect " 637 "event first"); 638 } 639 640 wpa_printf(MSG_DEBUG, "nl80211: Disconnect event"); 641 nl80211_mark_disconnected(drv); 642 os_memset(&data, 0, sizeof(data)); 643 if (reason) 644 data.deauth_info.reason_code = nla_get_u16(reason); 645 data.deauth_info.locally_generated = by_ap == NULL; 646 wpa_supplicant_event(drv->ctx, EVENT_DEAUTH, &data); 647 } 648 649 650 static int calculate_chan_offset(int width, int freq, int cf1, int cf2) 651 { 652 int freq1 = 0; 653 654 switch (convert2width(width)) { 655 case CHAN_WIDTH_20_NOHT: 656 case CHAN_WIDTH_20: 657 return 0; 658 case CHAN_WIDTH_40: 659 freq1 = cf1 - 10; 660 break; 661 case CHAN_WIDTH_80: 662 freq1 = cf1 - 30; 663 break; 664 case CHAN_WIDTH_160: 665 freq1 = cf1 - 70; 666 break; 667 case CHAN_WIDTH_80P80: 668 freq1 = cf1 - 30; 669 break; 670 case CHAN_WIDTH_UNKNOWN: 671 case CHAN_WIDTH_2160: 672 case CHAN_WIDTH_4320: 673 case CHAN_WIDTH_6480: 674 case CHAN_WIDTH_8640: 675 /* FIXME: implement this */ 676 return 0; 677 } 678 679 return (abs(freq - freq1) / 20) % 2 == 0 ? 1 : -1; 680 } 681 682 683 static void mlme_event_ch_switch(struct wpa_driver_nl80211_data *drv, 684 struct nlattr *ifindex, struct nlattr *freq, 685 struct nlattr *type, struct nlattr *bw, 686 struct nlattr *cf1, struct nlattr *cf2, 687 int finished) 688 { 689 struct i802_bss *bss; 690 union wpa_event_data data; 691 int ht_enabled = 1; 692 int chan_offset = 0; 693 int ifidx; 694 695 wpa_printf(MSG_DEBUG, "nl80211: Channel switch%s event", 696 finished ? "" : " started"); 697 698 if (!freq) 699 return; 700 701 ifidx = nla_get_u32(ifindex); 702 bss = get_bss_ifindex(drv, ifidx); 703 if (bss == NULL) { 704 wpa_printf(MSG_WARNING, "nl80211: Unknown ifindex (%d) for channel switch, ignoring", 705 ifidx); 706 return; 707 } 708 709 if (type) { 710 enum nl80211_channel_type ch_type = nla_get_u32(type); 711 712 wpa_printf(MSG_DEBUG, "nl80211: Channel type: %d", ch_type); 713 switch (ch_type) { 714 case NL80211_CHAN_NO_HT: 715 ht_enabled = 0; 716 break; 717 case NL80211_CHAN_HT20: 718 break; 719 case NL80211_CHAN_HT40PLUS: 720 chan_offset = 1; 721 break; 722 case NL80211_CHAN_HT40MINUS: 723 chan_offset = -1; 724 break; 725 } 726 } else if (bw && cf1) { 727 /* This can happen for example with VHT80 ch switch */ 728 chan_offset = calculate_chan_offset(nla_get_u32(bw), 729 nla_get_u32(freq), 730 nla_get_u32(cf1), 731 cf2 ? nla_get_u32(cf2) : 0); 732 wpa_printf(MSG_DEBUG, "nl80211: Calculated channel offset: %d", 733 chan_offset); 734 } else { 735 wpa_printf(MSG_WARNING, "nl80211: Unknown secondary channel information - following channel definition calculations may fail"); 736 } 737 738 os_memset(&data, 0, sizeof(data)); 739 data.ch_switch.freq = nla_get_u32(freq); 740 data.ch_switch.ht_enabled = ht_enabled; 741 data.ch_switch.ch_offset = chan_offset; 742 if (bw) 743 data.ch_switch.ch_width = convert2width(nla_get_u32(bw)); 744 if (cf1) 745 data.ch_switch.cf1 = nla_get_u32(cf1); 746 if (cf2) 747 data.ch_switch.cf2 = nla_get_u32(cf2); 748 749 if (finished) 750 bss->freq = data.ch_switch.freq; 751 drv->assoc_freq = data.ch_switch.freq; 752 753 wpa_supplicant_event(bss->ctx, finished ? 754 EVENT_CH_SWITCH : EVENT_CH_SWITCH_STARTED, &data); 755 } 756 757 758 static void mlme_timeout_event(struct wpa_driver_nl80211_data *drv, 759 enum nl80211_commands cmd, struct nlattr *addr) 760 { 761 union wpa_event_data event; 762 enum wpa_event_type ev; 763 764 if (nla_len(addr) != ETH_ALEN) 765 return; 766 767 wpa_printf(MSG_DEBUG, "nl80211: MLME event %d; timeout with " MACSTR, 768 cmd, MAC2STR((u8 *) nla_data(addr))); 769 770 if (cmd == NL80211_CMD_AUTHENTICATE) 771 ev = EVENT_AUTH_TIMED_OUT; 772 else if (cmd == NL80211_CMD_ASSOCIATE) 773 ev = EVENT_ASSOC_TIMED_OUT; 774 else 775 return; 776 777 os_memset(&event, 0, sizeof(event)); 778 os_memcpy(event.timeout_event.addr, nla_data(addr), ETH_ALEN); 779 wpa_supplicant_event(drv->ctx, ev, &event); 780 } 781 782 783 static void mlme_event_mgmt(struct i802_bss *bss, 784 struct nlattr *freq, struct nlattr *sig, 785 const u8 *frame, size_t len) 786 { 787 struct wpa_driver_nl80211_data *drv = bss->drv; 788 const struct ieee80211_mgmt *mgmt; 789 union wpa_event_data event; 790 u16 fc, stype; 791 int ssi_signal = 0; 792 int rx_freq = 0; 793 794 wpa_printf(MSG_MSGDUMP, "nl80211: Frame event"); 795 mgmt = (const struct ieee80211_mgmt *) frame; 796 if (len < 24) { 797 wpa_printf(MSG_DEBUG, "nl80211: Too short management frame"); 798 return; 799 } 800 801 fc = le_to_host16(mgmt->frame_control); 802 stype = WLAN_FC_GET_STYPE(fc); 803 804 if (sig) 805 ssi_signal = (s32) nla_get_u32(sig); 806 807 os_memset(&event, 0, sizeof(event)); 808 if (freq) { 809 event.rx_mgmt.freq = nla_get_u32(freq); 810 rx_freq = drv->last_mgmt_freq = event.rx_mgmt.freq; 811 } 812 wpa_printf(MSG_DEBUG, 813 "nl80211: RX frame da=" MACSTR " sa=" MACSTR " bssid=" MACSTR 814 " freq=%d ssi_signal=%d fc=0x%x seq_ctrl=0x%x stype=%u (%s) len=%u", 815 MAC2STR(mgmt->da), MAC2STR(mgmt->sa), MAC2STR(mgmt->bssid), 816 rx_freq, ssi_signal, fc, 817 le_to_host16(mgmt->seq_ctrl), stype, fc2str(fc), 818 (unsigned int) len); 819 event.rx_mgmt.frame = frame; 820 event.rx_mgmt.frame_len = len; 821 event.rx_mgmt.ssi_signal = ssi_signal; 822 event.rx_mgmt.drv_priv = bss; 823 wpa_supplicant_event(drv->ctx, EVENT_RX_MGMT, &event); 824 } 825 826 827 static void mlme_event_mgmt_tx_status(struct wpa_driver_nl80211_data *drv, 828 struct nlattr *cookie, const u8 *frame, 829 size_t len, struct nlattr *ack) 830 { 831 union wpa_event_data event; 832 const struct ieee80211_hdr *hdr = (const struct ieee80211_hdr *) frame; 833 u16 fc = le_to_host16(hdr->frame_control); 834 u64 cookie_val = 0; 835 836 if (cookie) 837 cookie_val = nla_get_u64(cookie); 838 wpa_printf(MSG_DEBUG, 839 "nl80211: Frame TX status event A1=" MACSTR 840 " %sstype=%d cookie=0x%llx%s ack=%d", 841 MAC2STR(hdr->addr1), 842 WLAN_FC_GET_TYPE(fc) != WLAN_FC_TYPE_MGMT ? "not-mgmt " : "", 843 WLAN_FC_GET_STYPE(fc), (long long unsigned int) cookie_val, 844 cookie ? "" : "(N/A)", ack != NULL); 845 846 if (cookie_val && cookie_val == drv->eapol_tx_cookie && 847 len >= ETH_HLEN && 848 WPA_GET_BE16(frame + 2 * ETH_ALEN) == ETH_P_PAE) { 849 wpa_printf(MSG_DEBUG, 850 "nl80211: Work around misdelivered control port TX status for EAPOL"); 851 nl80211_control_port_frame_tx_status(drv, frame, len, ack, 852 cookie); 853 return; 854 } 855 856 if (WLAN_FC_GET_TYPE(fc) != WLAN_FC_TYPE_MGMT) 857 return; 858 859 if (!is_ap_interface(drv->nlmode) && 860 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_ACTION) { 861 if (!cookie) 862 return; 863 864 wpa_printf(MSG_DEBUG, 865 "nl80211: Frame TX status: cookie=0x%llx%s (ack=%d)", 866 (long long unsigned int) cookie_val, 867 cookie_val == drv->send_frame_cookie ? 868 " (match)" : " (unknown)", ack != NULL); 869 if (cookie_val != drv->send_frame_cookie) 870 return; 871 } else if (!is_ap_interface(drv->nlmode) && 872 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_AUTH) { 873 wpa_printf(MSG_DEBUG, 874 "nl80211: Authentication frame TX status: ack=%d", 875 !!ack); 876 } 877 878 os_memset(&event, 0, sizeof(event)); 879 event.tx_status.type = WLAN_FC_GET_TYPE(fc); 880 event.tx_status.stype = WLAN_FC_GET_STYPE(fc); 881 event.tx_status.dst = hdr->addr1; 882 event.tx_status.data = frame; 883 event.tx_status.data_len = len; 884 event.tx_status.ack = ack != NULL; 885 wpa_supplicant_event(drv->ctx, EVENT_TX_STATUS, &event); 886 } 887 888 889 static void mlme_event_deauth_disassoc(struct wpa_driver_nl80211_data *drv, 890 enum wpa_event_type type, 891 const u8 *frame, size_t len) 892 { 893 const struct ieee80211_mgmt *mgmt; 894 union wpa_event_data event; 895 const u8 *bssid = NULL; 896 u16 reason_code = 0; 897 898 if (type == EVENT_DEAUTH) 899 wpa_printf(MSG_DEBUG, "nl80211: Deauthenticate event"); 900 else 901 wpa_printf(MSG_DEBUG, "nl80211: Disassociate event"); 902 903 mgmt = (const struct ieee80211_mgmt *) frame; 904 if (len >= 24) { 905 bssid = mgmt->bssid; 906 907 if ((drv->capa.flags & WPA_DRIVER_FLAGS_SME) && 908 !drv->associated && 909 os_memcmp(bssid, drv->auth_bssid, ETH_ALEN) != 0 && 910 os_memcmp(bssid, drv->auth_attempt_bssid, ETH_ALEN) != 0 && 911 os_memcmp(bssid, drv->prev_bssid, ETH_ALEN) == 0) { 912 /* 913 * Avoid issues with some roaming cases where 914 * disconnection event for the old AP may show up after 915 * we have started connection with the new AP. 916 * In case of locally generated event clear 917 * ignore_next_local_deauth as well, to avoid next local 918 * deauth event be wrongly ignored. 919 */ 920 if (!os_memcmp(mgmt->sa, drv->first_bss->addr, 921 ETH_ALEN)) { 922 wpa_printf(MSG_DEBUG, 923 "nl80211: Received a locally generated deauth event. Clear ignore_next_local_deauth flag"); 924 drv->ignore_next_local_deauth = 0; 925 } else { 926 wpa_printf(MSG_DEBUG, 927 "nl80211: Ignore deauth/disassoc event from old AP " MACSTR " when already authenticating with " MACSTR, 928 MAC2STR(bssid), 929 MAC2STR(drv->auth_attempt_bssid)); 930 } 931 return; 932 } 933 934 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME) && 935 drv->connect_reassoc && drv->associated && 936 os_memcmp(bssid, drv->prev_bssid, ETH_ALEN) == 0 && 937 os_memcmp(bssid, drv->auth_attempt_bssid, ETH_ALEN) != 0) { 938 /* 939 * Avoid issues with some roaming cases where 940 * disconnection event for the old AP may show up after 941 * we have started connection with the new AP. 942 */ 943 wpa_printf(MSG_DEBUG, 944 "nl80211: Ignore deauth/disassoc event from old AP " 945 MACSTR 946 " when already connecting with " MACSTR, 947 MAC2STR(bssid), 948 MAC2STR(drv->auth_attempt_bssid)); 949 return; 950 } 951 952 if (drv->associated != 0 && 953 os_memcmp(bssid, drv->bssid, ETH_ALEN) != 0 && 954 os_memcmp(bssid, drv->auth_bssid, ETH_ALEN) != 0) { 955 /* 956 * We have presumably received this deauth as a 957 * response to a clear_state_mismatch() outgoing 958 * deauth. Don't let it take us offline! 959 */ 960 wpa_printf(MSG_DEBUG, "nl80211: Deauth received " 961 "from Unknown BSSID " MACSTR " -- ignoring", 962 MAC2STR(bssid)); 963 return; 964 } 965 } 966 967 nl80211_mark_disconnected(drv); 968 os_memset(&event, 0, sizeof(event)); 969 970 /* Note: Same offset for Reason Code in both frame subtypes */ 971 if (len >= 24 + sizeof(mgmt->u.deauth)) 972 reason_code = le_to_host16(mgmt->u.deauth.reason_code); 973 974 if (type == EVENT_DISASSOC) { 975 event.disassoc_info.locally_generated = 976 !os_memcmp(mgmt->sa, drv->first_bss->addr, ETH_ALEN); 977 event.disassoc_info.addr = bssid; 978 event.disassoc_info.reason_code = reason_code; 979 if (frame + len > mgmt->u.disassoc.variable) { 980 event.disassoc_info.ie = mgmt->u.disassoc.variable; 981 event.disassoc_info.ie_len = frame + len - 982 mgmt->u.disassoc.variable; 983 } 984 } else { 985 event.deauth_info.locally_generated = 986 !os_memcmp(mgmt->sa, drv->first_bss->addr, ETH_ALEN); 987 if (drv->ignore_deauth_event) { 988 wpa_printf(MSG_DEBUG, "nl80211: Ignore deauth event due to previous forced deauth-during-auth"); 989 drv->ignore_deauth_event = 0; 990 if (event.deauth_info.locally_generated) 991 drv->ignore_next_local_deauth = 0; 992 return; 993 } 994 if (drv->ignore_next_local_deauth) { 995 drv->ignore_next_local_deauth = 0; 996 if (event.deauth_info.locally_generated) { 997 wpa_printf(MSG_DEBUG, "nl80211: Ignore deauth event triggered due to own deauth request"); 998 return; 999 } 1000 wpa_printf(MSG_WARNING, "nl80211: Was expecting local deauth but got another disconnect event first"); 1001 } 1002 event.deauth_info.addr = bssid; 1003 event.deauth_info.reason_code = reason_code; 1004 if (frame + len > mgmt->u.deauth.variable) { 1005 event.deauth_info.ie = mgmt->u.deauth.variable; 1006 event.deauth_info.ie_len = frame + len - 1007 mgmt->u.deauth.variable; 1008 } 1009 } 1010 1011 wpa_supplicant_event(drv->ctx, type, &event); 1012 } 1013 1014 1015 static void mlme_event_unprot_disconnect(struct wpa_driver_nl80211_data *drv, 1016 enum wpa_event_type type, 1017 const u8 *frame, size_t len) 1018 { 1019 const struct ieee80211_mgmt *mgmt; 1020 union wpa_event_data event; 1021 u16 reason_code = 0; 1022 1023 if (type == EVENT_UNPROT_DEAUTH) 1024 wpa_printf(MSG_DEBUG, "nl80211: Unprot Deauthenticate event"); 1025 else 1026 wpa_printf(MSG_DEBUG, "nl80211: Unprot Disassociate event"); 1027 1028 if (len < 24) 1029 return; 1030 1031 mgmt = (const struct ieee80211_mgmt *) frame; 1032 1033 os_memset(&event, 0, sizeof(event)); 1034 /* Note: Same offset for Reason Code in both frame subtypes */ 1035 if (len >= 24 + sizeof(mgmt->u.deauth)) 1036 reason_code = le_to_host16(mgmt->u.deauth.reason_code); 1037 1038 if (type == EVENT_UNPROT_DISASSOC) { 1039 event.unprot_disassoc.sa = mgmt->sa; 1040 event.unprot_disassoc.da = mgmt->da; 1041 event.unprot_disassoc.reason_code = reason_code; 1042 } else { 1043 event.unprot_deauth.sa = mgmt->sa; 1044 event.unprot_deauth.da = mgmt->da; 1045 event.unprot_deauth.reason_code = reason_code; 1046 } 1047 1048 wpa_supplicant_event(drv->ctx, type, &event); 1049 } 1050 1051 1052 static void mlme_event_unprot_beacon(struct wpa_driver_nl80211_data *drv, 1053 const u8 *frame, size_t len) 1054 { 1055 const struct ieee80211_mgmt *mgmt; 1056 union wpa_event_data event; 1057 1058 if (len < 24) 1059 return; 1060 1061 mgmt = (const struct ieee80211_mgmt *) frame; 1062 1063 os_memset(&event, 0, sizeof(event)); 1064 event.unprot_beacon.sa = mgmt->sa; 1065 wpa_supplicant_event(drv->ctx, EVENT_UNPROT_BEACON, &event); 1066 } 1067 1068 1069 static void mlme_event(struct i802_bss *bss, 1070 enum nl80211_commands cmd, struct nlattr *frame, 1071 struct nlattr *addr, struct nlattr *timed_out, 1072 struct nlattr *freq, struct nlattr *ack, 1073 struct nlattr *cookie, struct nlattr *sig, 1074 struct nlattr *wmm, struct nlattr *req_ie) 1075 { 1076 struct wpa_driver_nl80211_data *drv = bss->drv; 1077 const u8 *data; 1078 size_t len; 1079 1080 if (timed_out && addr) { 1081 mlme_timeout_event(drv, cmd, addr); 1082 return; 1083 } 1084 1085 if (frame == NULL) { 1086 wpa_printf(MSG_DEBUG, 1087 "nl80211: MLME event %d (%s) without frame data", 1088 cmd, nl80211_command_to_string(cmd)); 1089 return; 1090 } 1091 1092 data = nla_data(frame); 1093 len = nla_len(frame); 1094 if (len < 4 + 2 * ETH_ALEN) { 1095 wpa_printf(MSG_MSGDUMP, "nl80211: MLME event %d (%s) on %s(" 1096 MACSTR ") - too short", 1097 cmd, nl80211_command_to_string(cmd), bss->ifname, 1098 MAC2STR(bss->addr)); 1099 return; 1100 } 1101 wpa_printf(MSG_MSGDUMP, "nl80211: MLME event %d (%s) on %s(" MACSTR 1102 ") A1=" MACSTR " A2=" MACSTR, cmd, 1103 nl80211_command_to_string(cmd), bss->ifname, 1104 MAC2STR(bss->addr), MAC2STR(data + 4), 1105 MAC2STR(data + 4 + ETH_ALEN)); 1106 if (cmd != NL80211_CMD_FRAME_TX_STATUS && !(data[4] & 0x01) && 1107 os_memcmp(bss->addr, data + 4, ETH_ALEN) != 0 && 1108 (is_zero_ether_addr(bss->rand_addr) || 1109 os_memcmp(bss->rand_addr, data + 4, ETH_ALEN) != 0) && 1110 os_memcmp(bss->addr, data + 4 + ETH_ALEN, ETH_ALEN) != 0) { 1111 wpa_printf(MSG_MSGDUMP, "nl80211: %s: Ignore MLME frame event " 1112 "for foreign address", bss->ifname); 1113 return; 1114 } 1115 wpa_hexdump(MSG_MSGDUMP, "nl80211: MLME event frame", 1116 nla_data(frame), nla_len(frame)); 1117 1118 switch (cmd) { 1119 case NL80211_CMD_AUTHENTICATE: 1120 mlme_event_auth(drv, nla_data(frame), nla_len(frame)); 1121 break; 1122 case NL80211_CMD_ASSOCIATE: 1123 mlme_event_assoc(drv, nla_data(frame), nla_len(frame), wmm, 1124 req_ie); 1125 break; 1126 case NL80211_CMD_DEAUTHENTICATE: 1127 mlme_event_deauth_disassoc(drv, EVENT_DEAUTH, 1128 nla_data(frame), nla_len(frame)); 1129 break; 1130 case NL80211_CMD_DISASSOCIATE: 1131 mlme_event_deauth_disassoc(drv, EVENT_DISASSOC, 1132 nla_data(frame), nla_len(frame)); 1133 break; 1134 case NL80211_CMD_FRAME: 1135 mlme_event_mgmt(bss, freq, sig, nla_data(frame), 1136 nla_len(frame)); 1137 break; 1138 case NL80211_CMD_FRAME_TX_STATUS: 1139 mlme_event_mgmt_tx_status(drv, cookie, nla_data(frame), 1140 nla_len(frame), ack); 1141 break; 1142 case NL80211_CMD_UNPROT_DEAUTHENTICATE: 1143 mlme_event_unprot_disconnect(drv, EVENT_UNPROT_DEAUTH, 1144 nla_data(frame), nla_len(frame)); 1145 break; 1146 case NL80211_CMD_UNPROT_DISASSOCIATE: 1147 mlme_event_unprot_disconnect(drv, EVENT_UNPROT_DISASSOC, 1148 nla_data(frame), nla_len(frame)); 1149 break; 1150 case NL80211_CMD_UNPROT_BEACON: 1151 mlme_event_unprot_beacon(drv, nla_data(frame), nla_len(frame)); 1152 break; 1153 default: 1154 break; 1155 } 1156 } 1157 1158 1159 static void mlme_event_michael_mic_failure(struct i802_bss *bss, 1160 struct nlattr *tb[]) 1161 { 1162 union wpa_event_data data; 1163 1164 wpa_printf(MSG_DEBUG, "nl80211: MLME event Michael MIC failure"); 1165 os_memset(&data, 0, sizeof(data)); 1166 if (tb[NL80211_ATTR_MAC]) { 1167 wpa_hexdump(MSG_DEBUG, "nl80211: Source MAC address", 1168 nla_data(tb[NL80211_ATTR_MAC]), 1169 nla_len(tb[NL80211_ATTR_MAC])); 1170 data.michael_mic_failure.src = nla_data(tb[NL80211_ATTR_MAC]); 1171 } 1172 if (tb[NL80211_ATTR_KEY_SEQ]) { 1173 wpa_hexdump(MSG_DEBUG, "nl80211: TSC", 1174 nla_data(tb[NL80211_ATTR_KEY_SEQ]), 1175 nla_len(tb[NL80211_ATTR_KEY_SEQ])); 1176 } 1177 if (tb[NL80211_ATTR_KEY_TYPE]) { 1178 enum nl80211_key_type key_type = 1179 nla_get_u32(tb[NL80211_ATTR_KEY_TYPE]); 1180 wpa_printf(MSG_DEBUG, "nl80211: Key Type %d", key_type); 1181 if (key_type == NL80211_KEYTYPE_PAIRWISE) 1182 data.michael_mic_failure.unicast = 1; 1183 } else 1184 data.michael_mic_failure.unicast = 1; 1185 1186 if (tb[NL80211_ATTR_KEY_IDX]) { 1187 u8 key_id = nla_get_u8(tb[NL80211_ATTR_KEY_IDX]); 1188 wpa_printf(MSG_DEBUG, "nl80211: Key Id %d", key_id); 1189 } 1190 1191 wpa_supplicant_event(bss->ctx, EVENT_MICHAEL_MIC_FAILURE, &data); 1192 } 1193 1194 1195 static void mlme_event_join_ibss(struct wpa_driver_nl80211_data *drv, 1196 struct nlattr *tb[]) 1197 { 1198 unsigned int freq; 1199 union wpa_event_data event; 1200 1201 if (tb[NL80211_ATTR_MAC] == NULL) { 1202 wpa_printf(MSG_DEBUG, "nl80211: No address in IBSS joined " 1203 "event"); 1204 return; 1205 } 1206 os_memcpy(drv->bssid, nla_data(tb[NL80211_ATTR_MAC]), ETH_ALEN); 1207 1208 drv->associated = 1; 1209 wpa_printf(MSG_DEBUG, "nl80211: IBSS " MACSTR " joined", 1210 MAC2STR(drv->bssid)); 1211 1212 freq = nl80211_get_assoc_freq(drv); 1213 if (freq) { 1214 wpa_printf(MSG_DEBUG, "nl80211: IBSS on frequency %u MHz", 1215 freq); 1216 drv->first_bss->freq = freq; 1217 } 1218 1219 os_memset(&event, 0, sizeof(event)); 1220 event.assoc_info.freq = freq; 1221 1222 wpa_supplicant_event(drv->ctx, EVENT_ASSOC, &event); 1223 } 1224 1225 1226 static void mlme_event_remain_on_channel(struct wpa_driver_nl80211_data *drv, 1227 int cancel_event, struct nlattr *tb[]) 1228 { 1229 unsigned int freq, chan_type, duration; 1230 union wpa_event_data data; 1231 u64 cookie; 1232 1233 if (tb[NL80211_ATTR_WIPHY_FREQ]) 1234 freq = nla_get_u32(tb[NL80211_ATTR_WIPHY_FREQ]); 1235 else 1236 freq = 0; 1237 1238 if (tb[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) 1239 chan_type = nla_get_u32(tb[NL80211_ATTR_WIPHY_CHANNEL_TYPE]); 1240 else 1241 chan_type = 0; 1242 1243 if (tb[NL80211_ATTR_DURATION]) 1244 duration = nla_get_u32(tb[NL80211_ATTR_DURATION]); 1245 else 1246 duration = 0; 1247 1248 if (tb[NL80211_ATTR_COOKIE]) 1249 cookie = nla_get_u64(tb[NL80211_ATTR_COOKIE]); 1250 else 1251 cookie = 0; 1252 1253 wpa_printf(MSG_DEBUG, "nl80211: Remain-on-channel event (cancel=%d " 1254 "freq=%u channel_type=%u duration=%u cookie=0x%llx (%s))", 1255 cancel_event, freq, chan_type, duration, 1256 (long long unsigned int) cookie, 1257 cookie == drv->remain_on_chan_cookie ? "match" : "unknown"); 1258 1259 if (cookie != drv->remain_on_chan_cookie) 1260 return; /* not for us */ 1261 1262 if (cancel_event) 1263 drv->pending_remain_on_chan = 0; 1264 1265 os_memset(&data, 0, sizeof(data)); 1266 data.remain_on_channel.freq = freq; 1267 data.remain_on_channel.duration = duration; 1268 wpa_supplicant_event(drv->ctx, cancel_event ? 1269 EVENT_CANCEL_REMAIN_ON_CHANNEL : 1270 EVENT_REMAIN_ON_CHANNEL, &data); 1271 } 1272 1273 1274 static void mlme_event_ft_event(struct wpa_driver_nl80211_data *drv, 1275 struct nlattr *tb[]) 1276 { 1277 union wpa_event_data data; 1278 1279 os_memset(&data, 0, sizeof(data)); 1280 1281 if (tb[NL80211_ATTR_IE]) { 1282 data.ft_ies.ies = nla_data(tb[NL80211_ATTR_IE]); 1283 data.ft_ies.ies_len = nla_len(tb[NL80211_ATTR_IE]); 1284 } 1285 1286 if (tb[NL80211_ATTR_IE_RIC]) { 1287 data.ft_ies.ric_ies = nla_data(tb[NL80211_ATTR_IE_RIC]); 1288 data.ft_ies.ric_ies_len = nla_len(tb[NL80211_ATTR_IE_RIC]); 1289 } 1290 1291 if (tb[NL80211_ATTR_MAC]) 1292 os_memcpy(data.ft_ies.target_ap, 1293 nla_data(tb[NL80211_ATTR_MAC]), ETH_ALEN); 1294 1295 wpa_printf(MSG_DEBUG, "nl80211: FT event target_ap " MACSTR, 1296 MAC2STR(data.ft_ies.target_ap)); 1297 1298 wpa_supplicant_event(drv->ctx, EVENT_FT_RESPONSE, &data); 1299 } 1300 1301 1302 static void mlme_event_dh_event(struct wpa_driver_nl80211_data *drv, 1303 struct i802_bss *bss, 1304 struct nlattr *tb[]) 1305 { 1306 union wpa_event_data data; 1307 1308 if (!is_ap_interface(drv->nlmode)) 1309 return; 1310 if (!tb[NL80211_ATTR_MAC] || !tb[NL80211_ATTR_IE]) 1311 return; 1312 1313 os_memset(&data, 0, sizeof(data)); 1314 data.update_dh.peer = nla_data(tb[NL80211_ATTR_MAC]); 1315 data.update_dh.ie = nla_data(tb[NL80211_ATTR_IE]); 1316 data.update_dh.ie_len = nla_len(tb[NL80211_ATTR_IE]); 1317 1318 wpa_printf(MSG_DEBUG, "nl80211: DH event - peer " MACSTR, 1319 MAC2STR(data.update_dh.peer)); 1320 1321 wpa_supplicant_event(bss->ctx, EVENT_UPDATE_DH, &data); 1322 } 1323 1324 1325 static void send_scan_event(struct wpa_driver_nl80211_data *drv, int aborted, 1326 struct nlattr *tb[], int external_scan) 1327 { 1328 union wpa_event_data event; 1329 struct nlattr *nl; 1330 int rem; 1331 struct scan_info *info; 1332 #define MAX_REPORT_FREQS 100 1333 int freqs[MAX_REPORT_FREQS]; 1334 int num_freqs = 0; 1335 1336 if (!external_scan && drv->scan_for_auth) { 1337 drv->scan_for_auth = 0; 1338 wpa_printf(MSG_DEBUG, "nl80211: Scan results for missing " 1339 "cfg80211 BSS entry"); 1340 wpa_driver_nl80211_authenticate_retry(drv); 1341 return; 1342 } 1343 1344 os_memset(&event, 0, sizeof(event)); 1345 info = &event.scan_info; 1346 info->aborted = aborted; 1347 info->external_scan = external_scan; 1348 info->nl_scan_event = 1; 1349 1350 if (tb[NL80211_ATTR_SCAN_SSIDS]) { 1351 nla_for_each_nested(nl, tb[NL80211_ATTR_SCAN_SSIDS], rem) { 1352 struct wpa_driver_scan_ssid *s = 1353 &info->ssids[info->num_ssids]; 1354 s->ssid = nla_data(nl); 1355 s->ssid_len = nla_len(nl); 1356 wpa_printf(MSG_DEBUG, "nl80211: Scan probed for SSID '%s'", 1357 wpa_ssid_txt(s->ssid, s->ssid_len)); 1358 info->num_ssids++; 1359 if (info->num_ssids == WPAS_MAX_SCAN_SSIDS) 1360 break; 1361 } 1362 } 1363 if (tb[NL80211_ATTR_SCAN_FREQUENCIES]) { 1364 char msg[500], *pos, *end; 1365 int res; 1366 1367 pos = msg; 1368 end = pos + sizeof(msg); 1369 *pos = '\0'; 1370 1371 nla_for_each_nested(nl, tb[NL80211_ATTR_SCAN_FREQUENCIES], rem) 1372 { 1373 freqs[num_freqs] = nla_get_u32(nl); 1374 res = os_snprintf(pos, end - pos, " %d", 1375 freqs[num_freqs]); 1376 if (!os_snprintf_error(end - pos, res)) 1377 pos += res; 1378 num_freqs++; 1379 if (num_freqs == MAX_REPORT_FREQS - 1) 1380 break; 1381 } 1382 info->freqs = freqs; 1383 info->num_freqs = num_freqs; 1384 wpa_printf(MSG_DEBUG, "nl80211: Scan included frequencies:%s", 1385 msg); 1386 } 1387 1388 if (tb[NL80211_ATTR_SCAN_START_TIME_TSF] && 1389 tb[NL80211_ATTR_SCAN_START_TIME_TSF_BSSID]) { 1390 info->scan_start_tsf = 1391 nla_get_u64(tb[NL80211_ATTR_SCAN_START_TIME_TSF]); 1392 os_memcpy(info->scan_start_tsf_bssid, 1393 nla_data(tb[NL80211_ATTR_SCAN_START_TIME_TSF_BSSID]), 1394 ETH_ALEN); 1395 } 1396 1397 wpa_supplicant_event(drv->ctx, EVENT_SCAN_RESULTS, &event); 1398 } 1399 1400 1401 static void nl80211_cqm_event(struct wpa_driver_nl80211_data *drv, 1402 struct nlattr *tb[]) 1403 { 1404 static struct nla_policy cqm_policy[NL80211_ATTR_CQM_MAX + 1] = { 1405 [NL80211_ATTR_CQM_RSSI_THOLD] = { .type = NLA_U32 }, 1406 [NL80211_ATTR_CQM_RSSI_HYST] = { .type = NLA_U8 }, 1407 [NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT] = { .type = NLA_U32 }, 1408 [NL80211_ATTR_CQM_PKT_LOSS_EVENT] = { .type = NLA_U32 }, 1409 [NL80211_ATTR_CQM_TXE_RATE] = { .type = NLA_U32 }, 1410 [NL80211_ATTR_CQM_TXE_PKTS] = { .type = NLA_U32 }, 1411 [NL80211_ATTR_CQM_TXE_INTVL] = { .type = NLA_U32 }, 1412 [NL80211_ATTR_CQM_BEACON_LOSS_EVENT] = { .type = NLA_FLAG }, 1413 }; 1414 struct nlattr *cqm[NL80211_ATTR_CQM_MAX + 1]; 1415 enum nl80211_cqm_rssi_threshold_event event; 1416 union wpa_event_data ed; 1417 int res; 1418 1419 if (tb[NL80211_ATTR_CQM] == NULL || 1420 nla_parse_nested(cqm, NL80211_ATTR_CQM_MAX, tb[NL80211_ATTR_CQM], 1421 cqm_policy)) { 1422 wpa_printf(MSG_DEBUG, "nl80211: Ignore invalid CQM event"); 1423 return; 1424 } 1425 1426 os_memset(&ed, 0, sizeof(ed)); 1427 1428 if (cqm[NL80211_ATTR_CQM_PKT_LOSS_EVENT]) { 1429 if (!tb[NL80211_ATTR_MAC]) 1430 return; 1431 os_memcpy(ed.low_ack.addr, nla_data(tb[NL80211_ATTR_MAC]), 1432 ETH_ALEN); 1433 ed.low_ack.num_packets = 1434 nla_get_u32(cqm[NL80211_ATTR_CQM_PKT_LOSS_EVENT]); 1435 wpa_printf(MSG_DEBUG, "nl80211: Packet loss event for " MACSTR 1436 " (num_packets %u)", 1437 MAC2STR(ed.low_ack.addr), ed.low_ack.num_packets); 1438 wpa_supplicant_event(drv->ctx, EVENT_STATION_LOW_ACK, &ed); 1439 return; 1440 } 1441 1442 if (cqm[NL80211_ATTR_CQM_BEACON_LOSS_EVENT]) { 1443 wpa_printf(MSG_DEBUG, "nl80211: Beacon loss event"); 1444 wpa_supplicant_event(drv->ctx, EVENT_BEACON_LOSS, NULL); 1445 return; 1446 } 1447 1448 if (cqm[NL80211_ATTR_CQM_TXE_RATE] && 1449 cqm[NL80211_ATTR_CQM_TXE_PKTS] && 1450 cqm[NL80211_ATTR_CQM_TXE_INTVL] && 1451 cqm[NL80211_ATTR_MAC]) { 1452 wpa_printf(MSG_DEBUG, "nl80211: CQM TXE event for " MACSTR 1453 " (rate: %u pkts: %u interval: %u)", 1454 MAC2STR((u8 *) nla_data(cqm[NL80211_ATTR_MAC])), 1455 nla_get_u32(cqm[NL80211_ATTR_CQM_TXE_RATE]), 1456 nla_get_u32(cqm[NL80211_ATTR_CQM_TXE_PKTS]), 1457 nla_get_u32(cqm[NL80211_ATTR_CQM_TXE_INTVL])); 1458 return; 1459 } 1460 1461 if (cqm[NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT] == NULL) { 1462 wpa_printf(MSG_DEBUG, 1463 "nl80211: Not a CQM RSSI threshold event"); 1464 return; 1465 } 1466 event = nla_get_u32(cqm[NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT]); 1467 1468 if (event == NL80211_CQM_RSSI_THRESHOLD_EVENT_HIGH) { 1469 wpa_printf(MSG_DEBUG, "nl80211: Connection quality monitor " 1470 "event: RSSI high"); 1471 ed.signal_change.above_threshold = 1; 1472 } else if (event == NL80211_CQM_RSSI_THRESHOLD_EVENT_LOW) { 1473 wpa_printf(MSG_DEBUG, "nl80211: Connection quality monitor " 1474 "event: RSSI low"); 1475 ed.signal_change.above_threshold = 0; 1476 } else { 1477 wpa_printf(MSG_DEBUG, 1478 "nl80211: Unknown CQM RSSI threshold event: %d", 1479 event); 1480 return; 1481 } 1482 1483 /* 1484 * nl80211_get_link_signal() and nl80211_get_link_noise() set default 1485 * values in case querying the driver fails. 1486 */ 1487 res = nl80211_get_link_signal(drv, &ed.signal_change); 1488 if (res == 0) { 1489 wpa_printf(MSG_DEBUG, "nl80211: Signal: %d dBm txrate: %d", 1490 ed.signal_change.current_signal, 1491 ed.signal_change.current_txrate); 1492 } else { 1493 wpa_printf(MSG_DEBUG, 1494 "nl80211: Querying the driver for signal info failed"); 1495 } 1496 1497 res = nl80211_get_link_noise(drv, &ed.signal_change); 1498 if (res == 0) { 1499 wpa_printf(MSG_DEBUG, "nl80211: Noise: %d dBm", 1500 ed.signal_change.current_noise); 1501 } else { 1502 wpa_printf(MSG_DEBUG, 1503 "nl80211: Querying the driver for noise info failed"); 1504 } 1505 1506 wpa_supplicant_event(drv->ctx, EVENT_SIGNAL_CHANGE, &ed); 1507 } 1508 1509 1510 static void nl80211_new_peer_candidate(struct wpa_driver_nl80211_data *drv, 1511 struct nlattr **tb) 1512 { 1513 const u8 *addr; 1514 union wpa_event_data data; 1515 1516 if (drv->nlmode != NL80211_IFTYPE_MESH_POINT || 1517 !tb[NL80211_ATTR_MAC] || !tb[NL80211_ATTR_IE]) 1518 return; 1519 1520 addr = nla_data(tb[NL80211_ATTR_MAC]); 1521 wpa_printf(MSG_DEBUG, "nl80211: New peer candidate " MACSTR, 1522 MAC2STR(addr)); 1523 1524 os_memset(&data, 0, sizeof(data)); 1525 data.mesh_peer.peer = addr; 1526 data.mesh_peer.ies = nla_data(tb[NL80211_ATTR_IE]); 1527 data.mesh_peer.ie_len = nla_len(tb[NL80211_ATTR_IE]); 1528 wpa_supplicant_event(drv->ctx, EVENT_NEW_PEER_CANDIDATE, &data); 1529 } 1530 1531 1532 static void nl80211_new_station_event(struct wpa_driver_nl80211_data *drv, 1533 struct i802_bss *bss, 1534 struct nlattr **tb) 1535 { 1536 u8 *addr; 1537 union wpa_event_data data; 1538 1539 if (tb[NL80211_ATTR_MAC] == NULL) 1540 return; 1541 addr = nla_data(tb[NL80211_ATTR_MAC]); 1542 wpa_printf(MSG_DEBUG, "nl80211: New station " MACSTR, MAC2STR(addr)); 1543 1544 if (is_ap_interface(drv->nlmode) && drv->device_ap_sme) { 1545 u8 *ies = NULL; 1546 size_t ies_len = 0; 1547 if (tb[NL80211_ATTR_IE]) { 1548 ies = nla_data(tb[NL80211_ATTR_IE]); 1549 ies_len = nla_len(tb[NL80211_ATTR_IE]); 1550 } 1551 wpa_hexdump(MSG_DEBUG, "nl80211: Assoc Req IEs", ies, ies_len); 1552 drv_event_assoc(bss->ctx, addr, ies, ies_len, 0); 1553 return; 1554 } 1555 1556 if (drv->nlmode != NL80211_IFTYPE_ADHOC) 1557 return; 1558 1559 os_memset(&data, 0, sizeof(data)); 1560 os_memcpy(data.ibss_rsn_start.peer, addr, ETH_ALEN); 1561 wpa_supplicant_event(bss->ctx, EVENT_IBSS_RSN_START, &data); 1562 } 1563 1564 1565 static void nl80211_del_station_event(struct wpa_driver_nl80211_data *drv, 1566 struct i802_bss *bss, 1567 struct nlattr **tb) 1568 { 1569 u8 *addr; 1570 union wpa_event_data data; 1571 1572 if (tb[NL80211_ATTR_MAC] == NULL) 1573 return; 1574 addr = nla_data(tb[NL80211_ATTR_MAC]); 1575 wpa_printf(MSG_DEBUG, "nl80211: Delete station " MACSTR, 1576 MAC2STR(addr)); 1577 1578 if (is_ap_interface(drv->nlmode) && drv->device_ap_sme) { 1579 drv_event_disassoc(bss->ctx, addr); 1580 return; 1581 } 1582 1583 if (drv->nlmode != NL80211_IFTYPE_ADHOC) 1584 return; 1585 1586 os_memset(&data, 0, sizeof(data)); 1587 os_memcpy(data.ibss_peer_lost.peer, addr, ETH_ALEN); 1588 wpa_supplicant_event(bss->ctx, EVENT_IBSS_PEER_LOST, &data); 1589 } 1590 1591 1592 static void nl80211_rekey_offload_event(struct wpa_driver_nl80211_data *drv, 1593 struct nlattr **tb) 1594 { 1595 struct nlattr *rekey_info[NUM_NL80211_REKEY_DATA]; 1596 static struct nla_policy rekey_policy[NUM_NL80211_REKEY_DATA] = { 1597 [NL80211_REKEY_DATA_KEK] = { 1598 .minlen = NL80211_KEK_LEN, 1599 .maxlen = NL80211_KEK_LEN, 1600 }, 1601 [NL80211_REKEY_DATA_KCK] = { 1602 .minlen = NL80211_KCK_LEN, 1603 .maxlen = NL80211_KCK_LEN, 1604 }, 1605 [NL80211_REKEY_DATA_REPLAY_CTR] = { 1606 .minlen = NL80211_REPLAY_CTR_LEN, 1607 .maxlen = NL80211_REPLAY_CTR_LEN, 1608 }, 1609 }; 1610 union wpa_event_data data; 1611 1612 if (!tb[NL80211_ATTR_MAC] || 1613 !tb[NL80211_ATTR_REKEY_DATA] || 1614 nla_parse_nested(rekey_info, MAX_NL80211_REKEY_DATA, 1615 tb[NL80211_ATTR_REKEY_DATA], rekey_policy) || 1616 !rekey_info[NL80211_REKEY_DATA_REPLAY_CTR]) 1617 return; 1618 1619 os_memset(&data, 0, sizeof(data)); 1620 data.driver_gtk_rekey.bssid = nla_data(tb[NL80211_ATTR_MAC]); 1621 wpa_printf(MSG_DEBUG, "nl80211: Rekey offload event for BSSID " MACSTR, 1622 MAC2STR(data.driver_gtk_rekey.bssid)); 1623 data.driver_gtk_rekey.replay_ctr = 1624 nla_data(rekey_info[NL80211_REKEY_DATA_REPLAY_CTR]); 1625 wpa_hexdump(MSG_DEBUG, "nl80211: Rekey offload - Replay Counter", 1626 data.driver_gtk_rekey.replay_ctr, NL80211_REPLAY_CTR_LEN); 1627 wpa_supplicant_event(drv->ctx, EVENT_DRIVER_GTK_REKEY, &data); 1628 } 1629 1630 1631 static void nl80211_pmksa_candidate_event(struct wpa_driver_nl80211_data *drv, 1632 struct nlattr **tb) 1633 { 1634 struct nlattr *cand[NUM_NL80211_PMKSA_CANDIDATE]; 1635 static struct nla_policy cand_policy[NUM_NL80211_PMKSA_CANDIDATE] = { 1636 [NL80211_PMKSA_CANDIDATE_INDEX] = { .type = NLA_U32 }, 1637 [NL80211_PMKSA_CANDIDATE_BSSID] = { 1638 .minlen = ETH_ALEN, 1639 .maxlen = ETH_ALEN, 1640 }, 1641 [NL80211_PMKSA_CANDIDATE_PREAUTH] = { .type = NLA_FLAG }, 1642 }; 1643 union wpa_event_data data; 1644 1645 wpa_printf(MSG_DEBUG, "nl80211: PMKSA candidate event"); 1646 1647 if (!tb[NL80211_ATTR_PMKSA_CANDIDATE] || 1648 nla_parse_nested(cand, MAX_NL80211_PMKSA_CANDIDATE, 1649 tb[NL80211_ATTR_PMKSA_CANDIDATE], cand_policy) || 1650 !cand[NL80211_PMKSA_CANDIDATE_INDEX] || 1651 !cand[NL80211_PMKSA_CANDIDATE_BSSID]) 1652 return; 1653 1654 os_memset(&data, 0, sizeof(data)); 1655 os_memcpy(data.pmkid_candidate.bssid, 1656 nla_data(cand[NL80211_PMKSA_CANDIDATE_BSSID]), ETH_ALEN); 1657 data.pmkid_candidate.index = 1658 nla_get_u32(cand[NL80211_PMKSA_CANDIDATE_INDEX]); 1659 data.pmkid_candidate.preauth = 1660 cand[NL80211_PMKSA_CANDIDATE_PREAUTH] != NULL; 1661 wpa_supplicant_event(drv->ctx, EVENT_PMKID_CANDIDATE, &data); 1662 } 1663 1664 1665 static void nl80211_client_probe_event(struct wpa_driver_nl80211_data *drv, 1666 struct nlattr **tb) 1667 { 1668 union wpa_event_data data; 1669 const u8 *addr; 1670 u64 cookie = 0; 1671 1672 addr = nla_data(tb[NL80211_ATTR_MAC]); 1673 if (!addr) 1674 return; 1675 if (tb[NL80211_ATTR_COOKIE]) 1676 cookie = nla_get_u64(tb[NL80211_ATTR_COOKIE]); 1677 wpa_printf(MSG_DEBUG, "nl80211: Probe client event (addr=" MACSTR 1678 " ack=%d cookie=%llu)", MAC2STR(addr), 1679 tb[NL80211_ATTR_ACK] != NULL, 1680 (long long unsigned int) cookie); 1681 if (!tb[NL80211_ATTR_ACK]) 1682 return; 1683 1684 os_memset(&data, 0, sizeof(data)); 1685 os_memcpy(data.client_poll.addr, addr, ETH_ALEN); 1686 wpa_supplicant_event(drv->ctx, EVENT_DRIVER_CLIENT_POLL_OK, &data); 1687 } 1688 1689 1690 static void nl80211_tdls_oper_event(struct wpa_driver_nl80211_data *drv, 1691 struct nlattr **tb) 1692 { 1693 union wpa_event_data data; 1694 1695 wpa_printf(MSG_DEBUG, "nl80211: TDLS operation event"); 1696 1697 if (!tb[NL80211_ATTR_MAC] || !tb[NL80211_ATTR_TDLS_OPERATION]) 1698 return; 1699 1700 os_memset(&data, 0, sizeof(data)); 1701 os_memcpy(data.tdls.peer, nla_data(tb[NL80211_ATTR_MAC]), ETH_ALEN); 1702 switch (nla_get_u8(tb[NL80211_ATTR_TDLS_OPERATION])) { 1703 case NL80211_TDLS_SETUP: 1704 wpa_printf(MSG_DEBUG, "nl80211: TDLS setup request for peer " 1705 MACSTR, MAC2STR(data.tdls.peer)); 1706 data.tdls.oper = TDLS_REQUEST_SETUP; 1707 break; 1708 case NL80211_TDLS_TEARDOWN: 1709 wpa_printf(MSG_DEBUG, "nl80211: TDLS teardown request for peer " 1710 MACSTR, MAC2STR(data.tdls.peer)); 1711 data.tdls.oper = TDLS_REQUEST_TEARDOWN; 1712 break; 1713 case NL80211_TDLS_DISCOVERY_REQ: 1714 wpa_printf(MSG_DEBUG, 1715 "nl80211: TDLS discovery request for peer " MACSTR, 1716 MAC2STR(data.tdls.peer)); 1717 data.tdls.oper = TDLS_REQUEST_DISCOVER; 1718 break; 1719 default: 1720 wpa_printf(MSG_DEBUG, "nl80211: Unsupported TDLS operatione " 1721 "event"); 1722 return; 1723 } 1724 if (tb[NL80211_ATTR_REASON_CODE]) { 1725 data.tdls.reason_code = 1726 nla_get_u16(tb[NL80211_ATTR_REASON_CODE]); 1727 } 1728 1729 wpa_supplicant_event(drv->ctx, EVENT_TDLS, &data); 1730 } 1731 1732 1733 static void nl80211_stop_ap(struct wpa_driver_nl80211_data *drv, 1734 struct nlattr **tb) 1735 { 1736 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_UNAVAILABLE, NULL); 1737 } 1738 1739 1740 static void nl80211_connect_failed_event(struct wpa_driver_nl80211_data *drv, 1741 struct nlattr **tb) 1742 { 1743 union wpa_event_data data; 1744 u32 reason; 1745 1746 wpa_printf(MSG_DEBUG, "nl80211: Connect failed event"); 1747 1748 if (!tb[NL80211_ATTR_MAC] || !tb[NL80211_ATTR_CONN_FAILED_REASON]) 1749 return; 1750 1751 os_memset(&data, 0, sizeof(data)); 1752 os_memcpy(data.connect_failed_reason.addr, 1753 nla_data(tb[NL80211_ATTR_MAC]), ETH_ALEN); 1754 1755 reason = nla_get_u32(tb[NL80211_ATTR_CONN_FAILED_REASON]); 1756 switch (reason) { 1757 case NL80211_CONN_FAIL_MAX_CLIENTS: 1758 wpa_printf(MSG_DEBUG, "nl80211: Max client reached"); 1759 data.connect_failed_reason.code = MAX_CLIENT_REACHED; 1760 break; 1761 case NL80211_CONN_FAIL_BLOCKED_CLIENT: 1762 wpa_printf(MSG_DEBUG, "nl80211: Blocked client " MACSTR 1763 " tried to connect", 1764 MAC2STR(data.connect_failed_reason.addr)); 1765 data.connect_failed_reason.code = BLOCKED_CLIENT; 1766 break; 1767 default: 1768 wpa_printf(MSG_DEBUG, "nl8021l: Unknown connect failed reason " 1769 "%u", reason); 1770 return; 1771 } 1772 1773 wpa_supplicant_event(drv->ctx, EVENT_CONNECT_FAILED_REASON, &data); 1774 } 1775 1776 1777 static void nl80211_radar_event(struct wpa_driver_nl80211_data *drv, 1778 struct nlattr **tb) 1779 { 1780 union wpa_event_data data; 1781 enum nl80211_radar_event event_type; 1782 1783 if (!tb[NL80211_ATTR_WIPHY_FREQ] || !tb[NL80211_ATTR_RADAR_EVENT]) 1784 return; 1785 1786 os_memset(&data, 0, sizeof(data)); 1787 data.dfs_event.freq = nla_get_u32(tb[NL80211_ATTR_WIPHY_FREQ]); 1788 event_type = nla_get_u32(tb[NL80211_ATTR_RADAR_EVENT]); 1789 1790 /* Check HT params */ 1791 if (tb[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) { 1792 data.dfs_event.ht_enabled = 1; 1793 data.dfs_event.chan_offset = 0; 1794 1795 switch (nla_get_u32(tb[NL80211_ATTR_WIPHY_CHANNEL_TYPE])) { 1796 case NL80211_CHAN_NO_HT: 1797 data.dfs_event.ht_enabled = 0; 1798 break; 1799 case NL80211_CHAN_HT20: 1800 break; 1801 case NL80211_CHAN_HT40PLUS: 1802 data.dfs_event.chan_offset = 1; 1803 break; 1804 case NL80211_CHAN_HT40MINUS: 1805 data.dfs_event.chan_offset = -1; 1806 break; 1807 } 1808 } 1809 1810 /* Get VHT params */ 1811 if (tb[NL80211_ATTR_CHANNEL_WIDTH]) 1812 data.dfs_event.chan_width = 1813 convert2width(nla_get_u32( 1814 tb[NL80211_ATTR_CHANNEL_WIDTH])); 1815 if (tb[NL80211_ATTR_CENTER_FREQ1]) 1816 data.dfs_event.cf1 = nla_get_u32(tb[NL80211_ATTR_CENTER_FREQ1]); 1817 if (tb[NL80211_ATTR_CENTER_FREQ2]) 1818 data.dfs_event.cf2 = nla_get_u32(tb[NL80211_ATTR_CENTER_FREQ2]); 1819 1820 wpa_printf(MSG_DEBUG, "nl80211: DFS event on freq %d MHz, ht: %d, offset: %d, width: %d, cf1: %dMHz, cf2: %dMHz", 1821 data.dfs_event.freq, data.dfs_event.ht_enabled, 1822 data.dfs_event.chan_offset, data.dfs_event.chan_width, 1823 data.dfs_event.cf1, data.dfs_event.cf2); 1824 1825 switch (event_type) { 1826 case NL80211_RADAR_DETECTED: 1827 wpa_supplicant_event(drv->ctx, EVENT_DFS_RADAR_DETECTED, &data); 1828 break; 1829 case NL80211_RADAR_CAC_FINISHED: 1830 wpa_supplicant_event(drv->ctx, EVENT_DFS_CAC_FINISHED, &data); 1831 break; 1832 case NL80211_RADAR_CAC_ABORTED: 1833 wpa_supplicant_event(drv->ctx, EVENT_DFS_CAC_ABORTED, &data); 1834 break; 1835 case NL80211_RADAR_NOP_FINISHED: 1836 wpa_supplicant_event(drv->ctx, EVENT_DFS_NOP_FINISHED, &data); 1837 break; 1838 case NL80211_RADAR_PRE_CAC_EXPIRED: 1839 wpa_supplicant_event(drv->ctx, EVENT_DFS_PRE_CAC_EXPIRED, 1840 &data); 1841 break; 1842 case NL80211_RADAR_CAC_STARTED: 1843 wpa_supplicant_event(drv->ctx, EVENT_DFS_CAC_STARTED, &data); 1844 break; 1845 default: 1846 wpa_printf(MSG_DEBUG, "nl80211: Unknown radar event %d " 1847 "received", event_type); 1848 break; 1849 } 1850 } 1851 1852 1853 static void nl80211_spurious_frame(struct i802_bss *bss, struct nlattr **tb, 1854 int wds) 1855 { 1856 struct wpa_driver_nl80211_data *drv = bss->drv; 1857 union wpa_event_data event; 1858 1859 if (!tb[NL80211_ATTR_MAC]) 1860 return; 1861 1862 os_memset(&event, 0, sizeof(event)); 1863 event.rx_from_unknown.bssid = bss->addr; 1864 event.rx_from_unknown.addr = nla_data(tb[NL80211_ATTR_MAC]); 1865 event.rx_from_unknown.wds = wds; 1866 1867 wpa_supplicant_event(drv->ctx, EVENT_RX_FROM_UNKNOWN, &event); 1868 } 1869 1870 1871 #ifdef CONFIG_DRIVER_NL80211_QCA 1872 1873 static void qca_nl80211_avoid_freq(struct wpa_driver_nl80211_data *drv, 1874 const u8 *data, size_t len) 1875 { 1876 u32 i, count; 1877 union wpa_event_data event; 1878 struct wpa_freq_range *range = NULL; 1879 const struct qca_avoid_freq_list *freq_range; 1880 1881 freq_range = (const struct qca_avoid_freq_list *) data; 1882 if (len < sizeof(freq_range->count)) 1883 return; 1884 1885 count = freq_range->count; 1886 if (len < sizeof(freq_range->count) + 1887 count * sizeof(struct qca_avoid_freq_range)) { 1888 wpa_printf(MSG_DEBUG, "nl80211: Ignored too short avoid frequency list (len=%u)", 1889 (unsigned int) len); 1890 return; 1891 } 1892 1893 if (count > 0) { 1894 range = os_calloc(count, sizeof(struct wpa_freq_range)); 1895 if (range == NULL) 1896 return; 1897 } 1898 1899 os_memset(&event, 0, sizeof(event)); 1900 for (i = 0; i < count; i++) { 1901 unsigned int idx = event.freq_range.num; 1902 range[idx].min = freq_range->range[i].start_freq; 1903 range[idx].max = freq_range->range[i].end_freq; 1904 wpa_printf(MSG_DEBUG, "nl80211: Avoid frequency range: %u-%u", 1905 range[idx].min, range[idx].max); 1906 if (range[idx].min > range[idx].max) { 1907 wpa_printf(MSG_DEBUG, "nl80211: Ignore invalid frequency range"); 1908 continue; 1909 } 1910 event.freq_range.num++; 1911 } 1912 event.freq_range.range = range; 1913 1914 wpa_supplicant_event(drv->ctx, EVENT_AVOID_FREQUENCIES, &event); 1915 1916 os_free(range); 1917 } 1918 1919 1920 static enum hostapd_hw_mode get_qca_hw_mode(u8 hw_mode) 1921 { 1922 switch (hw_mode) { 1923 case QCA_ACS_MODE_IEEE80211B: 1924 return HOSTAPD_MODE_IEEE80211B; 1925 case QCA_ACS_MODE_IEEE80211G: 1926 return HOSTAPD_MODE_IEEE80211G; 1927 case QCA_ACS_MODE_IEEE80211A: 1928 return HOSTAPD_MODE_IEEE80211A; 1929 case QCA_ACS_MODE_IEEE80211AD: 1930 return HOSTAPD_MODE_IEEE80211AD; 1931 case QCA_ACS_MODE_IEEE80211ANY: 1932 return HOSTAPD_MODE_IEEE80211ANY; 1933 default: 1934 return NUM_HOSTAPD_MODES; 1935 } 1936 } 1937 1938 1939 static unsigned int chan_to_freq(struct wpa_driver_nl80211_data *drv, 1940 u8 chan, enum hostapd_hw_mode hw_mode) 1941 { 1942 if (hw_mode == NUM_HOSTAPD_MODES) { 1943 /* For drivers that do not report ACS_HW_MODE */ 1944 u16 num_modes, flags; 1945 struct hostapd_hw_modes *modes; 1946 u8 dfs_domain; 1947 int i; 1948 1949 modes = nl80211_get_hw_feature_data(drv->first_bss, &num_modes, 1950 &flags, &dfs_domain); 1951 if (!modes) { 1952 wpa_printf(MSG_DEBUG, 1953 "nl80211: Fetching hardware mode failed"); 1954 goto try_2_4_or_5; 1955 } 1956 if (num_modes == 1) 1957 hw_mode = modes[0].mode; 1958 1959 for (i = 0; i < num_modes; i++) { 1960 os_free(modes[i].channels); 1961 os_free(modes[i].rates); 1962 } 1963 1964 os_free(modes); 1965 } 1966 1967 if (hw_mode == HOSTAPD_MODE_IEEE80211AD) { 1968 if (chan >= 1 && chan <= 6) 1969 return 56160 + (2160 * chan); 1970 return 0; 1971 } 1972 1973 try_2_4_or_5: 1974 if (chan >= 1 && chan <= 13) 1975 return 2407 + 5 * chan; 1976 if (chan == 14) 1977 return 2484; 1978 if (chan >= 36 && chan <= 177) 1979 return 5000 + 5 * chan; 1980 1981 return 0; 1982 } 1983 1984 1985 static void qca_nl80211_acs_select_ch(struct wpa_driver_nl80211_data *drv, 1986 const u8 *data, size_t len) 1987 { 1988 struct nlattr *tb[QCA_WLAN_VENDOR_ATTR_ACS_MAX + 1]; 1989 union wpa_event_data event; 1990 u8 chan; 1991 1992 wpa_printf(MSG_DEBUG, 1993 "nl80211: ACS channel selection vendor event received"); 1994 1995 if (nla_parse(tb, QCA_WLAN_VENDOR_ATTR_ACS_MAX, 1996 (struct nlattr *) data, len, NULL) || 1997 (!tb[QCA_WLAN_VENDOR_ATTR_ACS_PRIMARY_FREQUENCY] && 1998 !tb[QCA_WLAN_VENDOR_ATTR_ACS_PRIMARY_CHANNEL]) || 1999 (!tb[QCA_WLAN_VENDOR_ATTR_ACS_SECONDARY_FREQUENCY] && 2000 !tb[QCA_WLAN_VENDOR_ATTR_ACS_SECONDARY_CHANNEL])) 2001 return; 2002 2003 os_memset(&event, 0, sizeof(event)); 2004 event.acs_selected_channels.hw_mode = NUM_HOSTAPD_MODES; 2005 2006 if (tb[QCA_WLAN_VENDOR_ATTR_ACS_HW_MODE]) { 2007 u8 hw_mode = nla_get_u8(tb[QCA_WLAN_VENDOR_ATTR_ACS_HW_MODE]); 2008 2009 event.acs_selected_channels.hw_mode = get_qca_hw_mode(hw_mode); 2010 if (event.acs_selected_channels.hw_mode == NUM_HOSTAPD_MODES || 2011 event.acs_selected_channels.hw_mode == 2012 HOSTAPD_MODE_IEEE80211ANY) { 2013 wpa_printf(MSG_DEBUG, 2014 "nl80211: Invalid hw_mode %d in ACS selection event", 2015 hw_mode); 2016 return; 2017 } 2018 } 2019 2020 if (tb[QCA_WLAN_VENDOR_ATTR_ACS_PRIMARY_FREQUENCY]) { 2021 event.acs_selected_channels.pri_freq = nla_get_u32( 2022 tb[QCA_WLAN_VENDOR_ATTR_ACS_PRIMARY_FREQUENCY]); 2023 } else { 2024 chan = nla_get_u8(tb[QCA_WLAN_VENDOR_ATTR_ACS_PRIMARY_CHANNEL]); 2025 event.acs_selected_channels.pri_freq = 2026 chan_to_freq(drv, chan, 2027 event.acs_selected_channels.hw_mode); 2028 } 2029 2030 if (tb[QCA_WLAN_VENDOR_ATTR_ACS_SECONDARY_FREQUENCY]) { 2031 event.acs_selected_channels.sec_freq = nla_get_u32( 2032 tb[QCA_WLAN_VENDOR_ATTR_ACS_SECONDARY_FREQUENCY]); 2033 } else { 2034 chan = nla_get_u8( 2035 tb[QCA_WLAN_VENDOR_ATTR_ACS_SECONDARY_CHANNEL]); 2036 event.acs_selected_channels.sec_freq = 2037 chan_to_freq(drv, chan, 2038 event.acs_selected_channels.hw_mode); 2039 } 2040 2041 if (tb[QCA_WLAN_VENDOR_ATTR_ACS_EDMG_CHANNEL]) 2042 event.acs_selected_channels.edmg_channel = 2043 nla_get_u8(tb[QCA_WLAN_VENDOR_ATTR_ACS_EDMG_CHANNEL]); 2044 if (tb[QCA_WLAN_VENDOR_ATTR_ACS_VHT_SEG0_CENTER_CHANNEL]) 2045 event.acs_selected_channels.vht_seg0_center_ch = 2046 nla_get_u8(tb[QCA_WLAN_VENDOR_ATTR_ACS_VHT_SEG0_CENTER_CHANNEL]); 2047 if (tb[QCA_WLAN_VENDOR_ATTR_ACS_VHT_SEG1_CENTER_CHANNEL]) 2048 event.acs_selected_channels.vht_seg1_center_ch = 2049 nla_get_u8(tb[QCA_WLAN_VENDOR_ATTR_ACS_VHT_SEG1_CENTER_CHANNEL]); 2050 if (tb[QCA_WLAN_VENDOR_ATTR_ACS_CHWIDTH]) 2051 event.acs_selected_channels.ch_width = 2052 nla_get_u16(tb[QCA_WLAN_VENDOR_ATTR_ACS_CHWIDTH]); 2053 wpa_printf(MSG_INFO, 2054 "nl80211: ACS Results: PFreq: %d SFreq: %d BW: %d VHT0: %d VHT1: %d HW_MODE: %d EDMGCH: %d", 2055 event.acs_selected_channels.pri_freq, 2056 event.acs_selected_channels.sec_freq, 2057 event.acs_selected_channels.ch_width, 2058 event.acs_selected_channels.vht_seg0_center_ch, 2059 event.acs_selected_channels.vht_seg1_center_ch, 2060 event.acs_selected_channels.hw_mode, 2061 event.acs_selected_channels.edmg_channel); 2062 2063 /* Ignore ACS channel list check for backwards compatibility */ 2064 2065 wpa_supplicant_event(drv->ctx, EVENT_ACS_CHANNEL_SELECTED, &event); 2066 } 2067 2068 2069 static void qca_nl80211_key_mgmt_auth(struct wpa_driver_nl80211_data *drv, 2070 const u8 *data, size_t len) 2071 { 2072 struct nlattr *tb[QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_MAX + 1]; 2073 u8 *bssid; 2074 2075 wpa_printf(MSG_DEBUG, 2076 "nl80211: Key management roam+auth vendor event received"); 2077 2078 if (nla_parse(tb, QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_MAX, 2079 (struct nlattr *) data, len, NULL) || 2080 !tb[QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_BSSID] || 2081 nla_len(tb[QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_BSSID]) != ETH_ALEN || 2082 !tb[QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_REQ_IE] || 2083 !tb[QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_RESP_IE] || 2084 !tb[QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_AUTHORIZED]) 2085 return; 2086 2087 bssid = nla_data(tb[QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_BSSID]); 2088 wpa_printf(MSG_DEBUG, " * roam BSSID " MACSTR, MAC2STR(bssid)); 2089 2090 mlme_event_connect(drv, NL80211_CMD_ROAM, NULL, 2091 tb[QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_BSSID], 2092 tb[QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_REQ_IE], 2093 tb[QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_RESP_IE], 2094 NULL, NULL, 2095 tb[QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_AUTHORIZED], 2096 tb[QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_KEY_REPLAY_CTR], 2097 tb[QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_PTK_KCK], 2098 tb[QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_PTK_KEK], 2099 tb[QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_SUBNET_STATUS], 2100 tb[QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_FILS_ERP_NEXT_SEQ_NUM], 2101 tb[QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_PMK], 2102 tb[QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_PMKID]); 2103 } 2104 2105 2106 static void 2107 qca_nl80211_key_mgmt_auth_handler(struct wpa_driver_nl80211_data *drv, 2108 const u8 *data, size_t len) 2109 { 2110 if (!drv->roam_indication_done) { 2111 wpa_printf(MSG_DEBUG, 2112 "nl80211: Pending roam indication, delay processing roam+auth vendor event"); 2113 os_get_reltime(&drv->pending_roam_ind_time); 2114 2115 os_free(drv->pending_roam_data); 2116 drv->pending_roam_data = os_memdup(data, len); 2117 if (!drv->pending_roam_data) 2118 return; 2119 drv->pending_roam_data_len = len; 2120 return; 2121 } 2122 drv->roam_indication_done = false; 2123 qca_nl80211_key_mgmt_auth(drv, data, len); 2124 } 2125 2126 2127 static void qca_nl80211_dfs_offload_radar_event( 2128 struct wpa_driver_nl80211_data *drv, u32 subcmd, u8 *msg, int length) 2129 { 2130 union wpa_event_data data; 2131 struct nlattr *tb[NL80211_ATTR_MAX + 1]; 2132 2133 wpa_printf(MSG_DEBUG, 2134 "nl80211: DFS offload radar vendor event received"); 2135 2136 if (nla_parse(tb, NL80211_ATTR_MAX, 2137 (struct nlattr *) msg, length, NULL)) 2138 return; 2139 2140 if (!tb[NL80211_ATTR_WIPHY_FREQ]) { 2141 wpa_printf(MSG_INFO, 2142 "nl80211: Error parsing WIPHY_FREQ in FS offload radar vendor event"); 2143 return; 2144 } 2145 2146 os_memset(&data, 0, sizeof(data)); 2147 data.dfs_event.freq = nla_get_u32(tb[NL80211_ATTR_WIPHY_FREQ]); 2148 2149 wpa_printf(MSG_DEBUG, "nl80211: DFS event on freq %d MHz", 2150 data.dfs_event.freq); 2151 2152 /* Check HT params */ 2153 if (tb[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) { 2154 data.dfs_event.ht_enabled = 1; 2155 data.dfs_event.chan_offset = 0; 2156 2157 switch (nla_get_u32(tb[NL80211_ATTR_WIPHY_CHANNEL_TYPE])) { 2158 case NL80211_CHAN_NO_HT: 2159 data.dfs_event.ht_enabled = 0; 2160 break; 2161 case NL80211_CHAN_HT20: 2162 break; 2163 case NL80211_CHAN_HT40PLUS: 2164 data.dfs_event.chan_offset = 1; 2165 break; 2166 case NL80211_CHAN_HT40MINUS: 2167 data.dfs_event.chan_offset = -1; 2168 break; 2169 } 2170 } 2171 2172 /* Get VHT params */ 2173 if (tb[NL80211_ATTR_CHANNEL_WIDTH]) 2174 data.dfs_event.chan_width = 2175 convert2width(nla_get_u32( 2176 tb[NL80211_ATTR_CHANNEL_WIDTH])); 2177 if (tb[NL80211_ATTR_CENTER_FREQ1]) 2178 data.dfs_event.cf1 = nla_get_u32(tb[NL80211_ATTR_CENTER_FREQ1]); 2179 if (tb[NL80211_ATTR_CENTER_FREQ2]) 2180 data.dfs_event.cf2 = nla_get_u32(tb[NL80211_ATTR_CENTER_FREQ2]); 2181 2182 wpa_printf(MSG_DEBUG, "nl80211: DFS event on freq %d MHz, ht: %d, " 2183 "offset: %d, width: %d, cf1: %dMHz, cf2: %dMHz", 2184 data.dfs_event.freq, data.dfs_event.ht_enabled, 2185 data.dfs_event.chan_offset, data.dfs_event.chan_width, 2186 data.dfs_event.cf1, data.dfs_event.cf2); 2187 2188 switch (subcmd) { 2189 case QCA_NL80211_VENDOR_SUBCMD_DFS_OFFLOAD_RADAR_DETECTED: 2190 wpa_supplicant_event(drv->ctx, EVENT_DFS_RADAR_DETECTED, &data); 2191 break; 2192 case QCA_NL80211_VENDOR_SUBCMD_DFS_OFFLOAD_CAC_STARTED: 2193 wpa_supplicant_event(drv->ctx, EVENT_DFS_CAC_STARTED, &data); 2194 break; 2195 case QCA_NL80211_VENDOR_SUBCMD_DFS_OFFLOAD_CAC_FINISHED: 2196 wpa_supplicant_event(drv->ctx, EVENT_DFS_CAC_FINISHED, &data); 2197 break; 2198 case QCA_NL80211_VENDOR_SUBCMD_DFS_OFFLOAD_CAC_ABORTED: 2199 wpa_supplicant_event(drv->ctx, EVENT_DFS_CAC_ABORTED, &data); 2200 break; 2201 case QCA_NL80211_VENDOR_SUBCMD_DFS_OFFLOAD_CAC_NOP_FINISHED: 2202 wpa_supplicant_event(drv->ctx, EVENT_DFS_NOP_FINISHED, &data); 2203 break; 2204 default: 2205 wpa_printf(MSG_DEBUG, 2206 "nl80211: Unknown DFS offload radar event %d received", 2207 subcmd); 2208 break; 2209 } 2210 } 2211 2212 2213 static void qca_nl80211_scan_trigger_event(struct wpa_driver_nl80211_data *drv, 2214 u8 *data, size_t len) 2215 { 2216 struct nlattr *tb[QCA_WLAN_VENDOR_ATTR_SCAN_MAX + 1]; 2217 u64 cookie = 0; 2218 union wpa_event_data event; 2219 struct scan_info *info; 2220 2221 if (nla_parse(tb, QCA_WLAN_VENDOR_ATTR_SCAN_MAX, 2222 (struct nlattr *) data, len, NULL) || 2223 !tb[QCA_WLAN_VENDOR_ATTR_SCAN_COOKIE]) 2224 return; 2225 2226 cookie = nla_get_u64(tb[QCA_WLAN_VENDOR_ATTR_SCAN_COOKIE]); 2227 if (cookie != drv->vendor_scan_cookie) { 2228 /* External scan trigger event, ignore */ 2229 return; 2230 } 2231 2232 /* Cookie match, own scan */ 2233 os_memset(&event, 0, sizeof(event)); 2234 info = &event.scan_info; 2235 info->external_scan = 0; 2236 info->nl_scan_event = 0; 2237 2238 drv->scan_state = SCAN_STARTED; 2239 wpa_supplicant_event(drv->ctx, EVENT_SCAN_STARTED, &event); 2240 } 2241 2242 2243 static void send_vendor_scan_event(struct wpa_driver_nl80211_data *drv, 2244 int aborted, struct nlattr *tb[], 2245 int external_scan) 2246 { 2247 union wpa_event_data event; 2248 struct nlattr *nl; 2249 int rem; 2250 struct scan_info *info; 2251 int freqs[MAX_REPORT_FREQS]; 2252 int num_freqs = 0; 2253 2254 os_memset(&event, 0, sizeof(event)); 2255 info = &event.scan_info; 2256 info->aborted = aborted; 2257 info->external_scan = external_scan; 2258 2259 if (tb[QCA_WLAN_VENDOR_ATTR_SCAN_SSIDS]) { 2260 nla_for_each_nested(nl, 2261 tb[QCA_WLAN_VENDOR_ATTR_SCAN_SSIDS], rem) { 2262 struct wpa_driver_scan_ssid *s = 2263 &info->ssids[info->num_ssids]; 2264 s->ssid = nla_data(nl); 2265 s->ssid_len = nla_len(nl); 2266 wpa_printf(MSG_DEBUG, 2267 "nl80211: Scan probed for SSID '%s'", 2268 wpa_ssid_txt(s->ssid, s->ssid_len)); 2269 info->num_ssids++; 2270 if (info->num_ssids == WPAS_MAX_SCAN_SSIDS) 2271 break; 2272 } 2273 } 2274 2275 if (tb[QCA_WLAN_VENDOR_ATTR_SCAN_FREQUENCIES]) { 2276 char msg[500], *pos, *end; 2277 int res; 2278 2279 pos = msg; 2280 end = pos + sizeof(msg); 2281 *pos = '\0'; 2282 2283 nla_for_each_nested(nl, 2284 tb[QCA_WLAN_VENDOR_ATTR_SCAN_FREQUENCIES], 2285 rem) { 2286 freqs[num_freqs] = nla_get_u32(nl); 2287 res = os_snprintf(pos, end - pos, " %d", 2288 freqs[num_freqs]); 2289 if (!os_snprintf_error(end - pos, res)) 2290 pos += res; 2291 num_freqs++; 2292 if (num_freqs == MAX_REPORT_FREQS - 1) 2293 break; 2294 } 2295 2296 info->freqs = freqs; 2297 info->num_freqs = num_freqs; 2298 wpa_printf(MSG_DEBUG, "nl80211: Scan included frequencies:%s", 2299 msg); 2300 } 2301 wpa_supplicant_event(drv->ctx, EVENT_SCAN_RESULTS, &event); 2302 } 2303 2304 2305 static void qca_nl80211_scan_done_event(struct wpa_driver_nl80211_data *drv, 2306 u8 *data, size_t len) 2307 { 2308 struct nlattr *tb[QCA_WLAN_VENDOR_ATTR_SCAN_MAX + 1]; 2309 u64 cookie = 0; 2310 enum scan_status status; 2311 int external_scan; 2312 2313 if (nla_parse(tb, QCA_WLAN_VENDOR_ATTR_SCAN_MAX, 2314 (struct nlattr *) data, len, NULL) || 2315 !tb[QCA_WLAN_VENDOR_ATTR_SCAN_STATUS] || 2316 !tb[QCA_WLAN_VENDOR_ATTR_SCAN_COOKIE]) 2317 return; 2318 2319 status = nla_get_u8(tb[QCA_WLAN_VENDOR_ATTR_SCAN_STATUS]); 2320 if (status >= VENDOR_SCAN_STATUS_MAX) 2321 return; /* invalid status */ 2322 2323 cookie = nla_get_u64(tb[QCA_WLAN_VENDOR_ATTR_SCAN_COOKIE]); 2324 if (cookie != drv->vendor_scan_cookie) { 2325 /* Event from an external scan, get scan results */ 2326 external_scan = 1; 2327 } else { 2328 external_scan = 0; 2329 if (status == VENDOR_SCAN_STATUS_NEW_RESULTS) 2330 drv->scan_state = SCAN_COMPLETED; 2331 else 2332 drv->scan_state = SCAN_ABORTED; 2333 2334 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv, 2335 drv->ctx); 2336 drv->vendor_scan_cookie = 0; 2337 drv->last_scan_cmd = 0; 2338 } 2339 2340 send_vendor_scan_event(drv, (status == VENDOR_SCAN_STATUS_ABORTED), tb, 2341 external_scan); 2342 } 2343 2344 2345 static void qca_nl80211_p2p_lo_stop_event(struct wpa_driver_nl80211_data *drv, 2346 u8 *data, size_t len) 2347 { 2348 struct nlattr *tb[QCA_WLAN_VENDOR_ATTR_P2P_LISTEN_OFFLOAD_MAX + 1]; 2349 union wpa_event_data event; 2350 2351 wpa_printf(MSG_DEBUG, 2352 "nl80211: P2P listen offload stop vendor event received"); 2353 2354 if (nla_parse(tb, QCA_WLAN_VENDOR_ATTR_P2P_LISTEN_OFFLOAD_MAX, 2355 (struct nlattr *) data, len, NULL) || 2356 !tb[QCA_WLAN_VENDOR_ATTR_P2P_LISTEN_OFFLOAD_STOP_REASON]) 2357 return; 2358 2359 os_memset(&event, 0, sizeof(event)); 2360 event.p2p_lo_stop.reason_code = 2361 nla_get_u8(tb[QCA_WLAN_VENDOR_ATTR_P2P_LISTEN_OFFLOAD_STOP_REASON]); 2362 2363 wpa_printf(MSG_DEBUG, 2364 "nl80211: P2P Listen offload stop reason: %d", 2365 event.p2p_lo_stop.reason_code); 2366 wpa_supplicant_event(drv->ctx, EVENT_P2P_LO_STOP, &event); 2367 } 2368 2369 #endif /* CONFIG_DRIVER_NL80211_QCA */ 2370 2371 2372 static void nl80211_vendor_event_qca(struct wpa_driver_nl80211_data *drv, 2373 u32 subcmd, u8 *data, size_t len) 2374 { 2375 switch (subcmd) { 2376 case QCA_NL80211_VENDOR_SUBCMD_TEST: 2377 wpa_hexdump(MSG_DEBUG, "nl80211: QCA test event", data, len); 2378 break; 2379 #ifdef CONFIG_DRIVER_NL80211_QCA 2380 case QCA_NL80211_VENDOR_SUBCMD_AVOID_FREQUENCY: 2381 qca_nl80211_avoid_freq(drv, data, len); 2382 break; 2383 case QCA_NL80211_VENDOR_SUBCMD_KEY_MGMT_ROAM_AUTH: 2384 qca_nl80211_key_mgmt_auth_handler(drv, data, len); 2385 break; 2386 case QCA_NL80211_VENDOR_SUBCMD_DO_ACS: 2387 qca_nl80211_acs_select_ch(drv, data, len); 2388 break; 2389 case QCA_NL80211_VENDOR_SUBCMD_DFS_OFFLOAD_CAC_STARTED: 2390 case QCA_NL80211_VENDOR_SUBCMD_DFS_OFFLOAD_CAC_FINISHED: 2391 case QCA_NL80211_VENDOR_SUBCMD_DFS_OFFLOAD_CAC_ABORTED: 2392 case QCA_NL80211_VENDOR_SUBCMD_DFS_OFFLOAD_CAC_NOP_FINISHED: 2393 case QCA_NL80211_VENDOR_SUBCMD_DFS_OFFLOAD_RADAR_DETECTED: 2394 qca_nl80211_dfs_offload_radar_event(drv, subcmd, data, len); 2395 break; 2396 case QCA_NL80211_VENDOR_SUBCMD_TRIGGER_SCAN: 2397 qca_nl80211_scan_trigger_event(drv, data, len); 2398 break; 2399 case QCA_NL80211_VENDOR_SUBCMD_SCAN_DONE: 2400 qca_nl80211_scan_done_event(drv, data, len); 2401 break; 2402 case QCA_NL80211_VENDOR_SUBCMD_P2P_LISTEN_OFFLOAD_STOP: 2403 qca_nl80211_p2p_lo_stop_event(drv, data, len); 2404 break; 2405 #endif /* CONFIG_DRIVER_NL80211_QCA */ 2406 default: 2407 wpa_printf(MSG_DEBUG, 2408 "nl80211: Ignore unsupported QCA vendor event %u", 2409 subcmd); 2410 break; 2411 } 2412 } 2413 2414 2415 #ifdef CONFIG_DRIVER_NL80211_BRCM 2416 2417 static void brcm_nl80211_acs_select_ch(struct wpa_driver_nl80211_data *drv, 2418 const u8 *data, size_t len) 2419 { 2420 struct nlattr *tb[BRCM_VENDOR_ATTR_ACS_LAST + 1]; 2421 union wpa_event_data event; 2422 2423 wpa_printf(MSG_DEBUG, 2424 "nl80211: BRCM ACS channel selection vendor event received"); 2425 2426 if (nla_parse(tb, BRCM_VENDOR_ATTR_ACS_LAST, (struct nlattr *) data, 2427 len, NULL) || 2428 !tb[BRCM_VENDOR_ATTR_ACS_PRIMARY_FREQ] || 2429 !tb[BRCM_VENDOR_ATTR_ACS_SECONDARY_FREQ]) 2430 return; 2431 2432 os_memset(&event, 0, sizeof(event)); 2433 if (tb[BRCM_VENDOR_ATTR_ACS_PRIMARY_FREQ]) 2434 event.acs_selected_channels.pri_freq = 2435 nla_get_u32(tb[BRCM_VENDOR_ATTR_ACS_PRIMARY_FREQ]); 2436 if (tb[BRCM_VENDOR_ATTR_ACS_SECONDARY_FREQ]) 2437 event.acs_selected_channels.sec_freq = 2438 nla_get_u32(tb[BRCM_VENDOR_ATTR_ACS_SECONDARY_FREQ]); 2439 if (tb[BRCM_VENDOR_ATTR_ACS_VHT_SEG0_CENTER_CHANNEL]) 2440 event.acs_selected_channels.vht_seg0_center_ch = 2441 nla_get_u8(tb[BRCM_VENDOR_ATTR_ACS_VHT_SEG0_CENTER_CHANNEL]); 2442 if (tb[BRCM_VENDOR_ATTR_ACS_VHT_SEG0_CENTER_CHANNEL]) 2443 event.acs_selected_channels.vht_seg1_center_ch = 2444 nla_get_u8(tb[BRCM_VENDOR_ATTR_ACS_VHT_SEG1_CENTER_CHANNEL]); 2445 if (tb[BRCM_VENDOR_ATTR_ACS_CHWIDTH]) 2446 event.acs_selected_channels.ch_width = 2447 nla_get_u16(tb[BRCM_VENDOR_ATTR_ACS_CHWIDTH]); 2448 if (tb[BRCM_VENDOR_ATTR_ACS_HW_MODE]) { 2449 event.acs_selected_channels.hw_mode = nla_get_u8(tb[BRCM_VENDOR_ATTR_ACS_HW_MODE]); 2450 if (event.acs_selected_channels.hw_mode == NUM_HOSTAPD_MODES || 2451 event.acs_selected_channels.hw_mode == 2452 HOSTAPD_MODE_IEEE80211ANY) { 2453 wpa_printf(MSG_DEBUG, 2454 "nl80211: Invalid hw_mode %d in ACS selection event", 2455 event.acs_selected_channels.hw_mode); 2456 return; 2457 } 2458 } 2459 2460 wpa_printf(MSG_DEBUG, 2461 "nl80211: ACS Results: PCH: %d SCH: %d BW: %d VHT0: %d VHT1: %d HW_MODE: %d", 2462 event.acs_selected_channels.pri_freq, 2463 event.acs_selected_channels.sec_freq, 2464 event.acs_selected_channels.ch_width, 2465 event.acs_selected_channels.vht_seg0_center_ch, 2466 event.acs_selected_channels.vht_seg1_center_ch, 2467 event.acs_selected_channels.hw_mode); 2468 wpa_supplicant_event(drv->ctx, EVENT_ACS_CHANNEL_SELECTED, &event); 2469 } 2470 2471 2472 static void nl80211_vendor_event_brcm(struct wpa_driver_nl80211_data *drv, 2473 u32 subcmd, u8 *data, size_t len) 2474 { 2475 wpa_printf(MSG_DEBUG, "nl80211: Got BRCM vendor event %u", subcmd); 2476 switch (subcmd) { 2477 case BRCM_VENDOR_EVENT_PRIV_STR: 2478 case BRCM_VENDOR_EVENT_HANGED: 2479 /* Dump the event on to the console */ 2480 wpa_msg(NULL, MSG_INFO, "%s", data); 2481 break; 2482 case BRCM_VENDOR_EVENT_ACS: 2483 brcm_nl80211_acs_select_ch(drv, data, len); 2484 break; 2485 default: 2486 wpa_printf(MSG_DEBUG, 2487 "%s: Ignore unsupported BRCM vendor event %u", 2488 __func__, subcmd); 2489 break; 2490 } 2491 } 2492 2493 #endif /* CONFIG_DRIVER_NL80211_BRCM */ 2494 2495 2496 static void nl80211_vendor_event(struct wpa_driver_nl80211_data *drv, 2497 struct nlattr **tb) 2498 { 2499 u32 vendor_id, subcmd, wiphy = 0; 2500 int wiphy_idx; 2501 u8 *data = NULL; 2502 size_t len = 0; 2503 2504 if (!tb[NL80211_ATTR_VENDOR_ID] || 2505 !tb[NL80211_ATTR_VENDOR_SUBCMD]) 2506 return; 2507 2508 vendor_id = nla_get_u32(tb[NL80211_ATTR_VENDOR_ID]); 2509 subcmd = nla_get_u32(tb[NL80211_ATTR_VENDOR_SUBCMD]); 2510 2511 if (tb[NL80211_ATTR_WIPHY]) 2512 wiphy = nla_get_u32(tb[NL80211_ATTR_WIPHY]); 2513 2514 wpa_printf(MSG_DEBUG, "nl80211: Vendor event: wiphy=%u vendor_id=0x%x subcmd=%u", 2515 wiphy, vendor_id, subcmd); 2516 2517 if (tb[NL80211_ATTR_VENDOR_DATA]) { 2518 data = nla_data(tb[NL80211_ATTR_VENDOR_DATA]); 2519 len = nla_len(tb[NL80211_ATTR_VENDOR_DATA]); 2520 wpa_hexdump(MSG_MSGDUMP, "nl80211: Vendor data", data, len); 2521 } 2522 2523 wiphy_idx = nl80211_get_wiphy_index(drv->first_bss); 2524 if (wiphy_idx >= 0 && wiphy_idx != (int) wiphy) { 2525 wpa_printf(MSG_DEBUG, "nl80211: Ignore vendor event for foreign wiphy %u (own: %d)", 2526 wiphy, wiphy_idx); 2527 return; 2528 } 2529 2530 #ifdef ANDROID 2531 #ifdef ANDROID_LIB_EVENT 2532 wpa_driver_nl80211_driver_event(drv, vendor_id, subcmd, data, len); 2533 #endif /* ANDROID_LIB_EVENT */ 2534 #endif /* ANDROID */ 2535 2536 switch (vendor_id) { 2537 case OUI_QCA: 2538 nl80211_vendor_event_qca(drv, subcmd, data, len); 2539 break; 2540 #ifdef CONFIG_DRIVER_NL80211_BRCM 2541 case OUI_BRCM: 2542 nl80211_vendor_event_brcm(drv, subcmd, data, len); 2543 break; 2544 #endif /* CONFIG_DRIVER_NL80211_BRCM */ 2545 default: 2546 wpa_printf(MSG_DEBUG, "nl80211: Ignore unsupported vendor event"); 2547 break; 2548 } 2549 } 2550 2551 2552 static void nl80211_reg_change_event(struct wpa_driver_nl80211_data *drv, 2553 struct nlattr *tb[]) 2554 { 2555 union wpa_event_data data; 2556 enum nl80211_reg_initiator init; 2557 2558 wpa_printf(MSG_DEBUG, "nl80211: Regulatory domain change"); 2559 2560 if (tb[NL80211_ATTR_REG_INITIATOR] == NULL) 2561 return; 2562 2563 os_memset(&data, 0, sizeof(data)); 2564 init = nla_get_u8(tb[NL80211_ATTR_REG_INITIATOR]); 2565 wpa_printf(MSG_DEBUG, " * initiator=%d", init); 2566 switch (init) { 2567 case NL80211_REGDOM_SET_BY_CORE: 2568 data.channel_list_changed.initiator = REGDOM_SET_BY_CORE; 2569 break; 2570 case NL80211_REGDOM_SET_BY_USER: 2571 data.channel_list_changed.initiator = REGDOM_SET_BY_USER; 2572 break; 2573 case NL80211_REGDOM_SET_BY_DRIVER: 2574 data.channel_list_changed.initiator = REGDOM_SET_BY_DRIVER; 2575 break; 2576 case NL80211_REGDOM_SET_BY_COUNTRY_IE: 2577 data.channel_list_changed.initiator = REGDOM_SET_BY_COUNTRY_IE; 2578 break; 2579 } 2580 2581 if (tb[NL80211_ATTR_REG_TYPE]) { 2582 enum nl80211_reg_type type; 2583 type = nla_get_u8(tb[NL80211_ATTR_REG_TYPE]); 2584 wpa_printf(MSG_DEBUG, " * type=%d", type); 2585 switch (type) { 2586 case NL80211_REGDOM_TYPE_COUNTRY: 2587 data.channel_list_changed.type = REGDOM_TYPE_COUNTRY; 2588 break; 2589 case NL80211_REGDOM_TYPE_WORLD: 2590 data.channel_list_changed.type = REGDOM_TYPE_WORLD; 2591 break; 2592 case NL80211_REGDOM_TYPE_CUSTOM_WORLD: 2593 data.channel_list_changed.type = 2594 REGDOM_TYPE_CUSTOM_WORLD; 2595 break; 2596 case NL80211_REGDOM_TYPE_INTERSECTION: 2597 data.channel_list_changed.type = 2598 REGDOM_TYPE_INTERSECTION; 2599 break; 2600 } 2601 } 2602 2603 if (tb[NL80211_ATTR_REG_ALPHA2]) { 2604 os_strlcpy(data.channel_list_changed.alpha2, 2605 nla_get_string(tb[NL80211_ATTR_REG_ALPHA2]), 2606 sizeof(data.channel_list_changed.alpha2)); 2607 wpa_printf(MSG_DEBUG, " * alpha2=%s", 2608 data.channel_list_changed.alpha2); 2609 } 2610 2611 wpa_supplicant_event(drv->ctx, EVENT_CHANNEL_LIST_CHANGED, &data); 2612 } 2613 2614 2615 static void nl80211_dump_freq(const char *title, struct nlattr *nl_freq) 2616 { 2617 static struct nla_policy freq_policy[NL80211_FREQUENCY_ATTR_MAX + 1] = { 2618 [NL80211_FREQUENCY_ATTR_FREQ] = { .type = NLA_U32 }, 2619 [NL80211_FREQUENCY_ATTR_DISABLED] = { .type = NLA_FLAG }, 2620 [NL80211_FREQUENCY_ATTR_NO_IR] = { .type = NLA_FLAG }, 2621 [NL80211_FREQUENCY_ATTR_RADAR] = { .type = NLA_FLAG }, 2622 [NL80211_FREQUENCY_ATTR_MAX_TX_POWER] = { .type = NLA_U32 }, 2623 }; 2624 struct nlattr *tb[NL80211_FREQUENCY_ATTR_MAX + 1]; 2625 u32 freq = 0, max_tx_power = 0; 2626 2627 nla_parse(tb, NL80211_FREQUENCY_ATTR_MAX, 2628 nla_data(nl_freq), nla_len(nl_freq), freq_policy); 2629 2630 if (tb[NL80211_FREQUENCY_ATTR_FREQ]) 2631 freq = nla_get_u32(tb[NL80211_FREQUENCY_ATTR_FREQ]); 2632 if (tb[NL80211_FREQUENCY_ATTR_MAX_TX_POWER]) 2633 max_tx_power = 2634 nla_get_u32(tb[NL80211_FREQUENCY_ATTR_MAX_TX_POWER]); 2635 2636 wpa_printf(MSG_DEBUG, 2637 "nl80211: Channel (%s): freq=%u max_tx_power=%u%s%s%s", 2638 title, freq, max_tx_power, 2639 tb[NL80211_FREQUENCY_ATTR_DISABLED] ? " disabled" : "", 2640 tb[NL80211_FREQUENCY_ATTR_NO_IR] ? " no-IR" : "", 2641 tb[NL80211_FREQUENCY_ATTR_RADAR] ? " radar" : ""); 2642 } 2643 2644 2645 static void nl80211_reg_beacon_hint_event(struct wpa_driver_nl80211_data *drv, 2646 struct nlattr *tb[]) 2647 { 2648 union wpa_event_data data; 2649 2650 wpa_printf(MSG_DEBUG, "nl80211: Regulatory beacon hint"); 2651 os_memset(&data, 0, sizeof(data)); 2652 data.channel_list_changed.initiator = REGDOM_BEACON_HINT; 2653 2654 if (tb[NL80211_ATTR_FREQ_BEFORE]) 2655 nl80211_dump_freq("before", tb[NL80211_ATTR_FREQ_BEFORE]); 2656 if (tb[NL80211_ATTR_FREQ_AFTER]) 2657 nl80211_dump_freq("after", tb[NL80211_ATTR_FREQ_AFTER]); 2658 2659 wpa_supplicant_event(drv->ctx, EVENT_CHANNEL_LIST_CHANGED, &data); 2660 } 2661 2662 2663 static void nl80211_external_auth(struct wpa_driver_nl80211_data *drv, 2664 struct nlattr **tb) 2665 { 2666 union wpa_event_data event; 2667 enum nl80211_external_auth_action act; 2668 2669 if (!tb[NL80211_ATTR_AKM_SUITES] || 2670 !tb[NL80211_ATTR_EXTERNAL_AUTH_ACTION] || 2671 !tb[NL80211_ATTR_BSSID] || 2672 !tb[NL80211_ATTR_SSID]) 2673 return; 2674 2675 os_memset(&event, 0, sizeof(event)); 2676 act = nla_get_u32(tb[NL80211_ATTR_EXTERNAL_AUTH_ACTION]); 2677 switch (act) { 2678 case NL80211_EXTERNAL_AUTH_START: 2679 event.external_auth.action = EXT_AUTH_START; 2680 break; 2681 case NL80211_EXTERNAL_AUTH_ABORT: 2682 event.external_auth.action = EXT_AUTH_ABORT; 2683 break; 2684 default: 2685 return; 2686 } 2687 2688 event.external_auth.key_mgmt_suite = 2689 nla_get_u32(tb[NL80211_ATTR_AKM_SUITES]); 2690 2691 event.external_auth.ssid_len = nla_len(tb[NL80211_ATTR_SSID]); 2692 if (event.external_auth.ssid_len > SSID_MAX_LEN) 2693 return; 2694 event.external_auth.ssid = nla_data(tb[NL80211_ATTR_SSID]); 2695 2696 event.external_auth.bssid = nla_data(tb[NL80211_ATTR_BSSID]); 2697 2698 wpa_printf(MSG_DEBUG, 2699 "nl80211: External auth action: %u, AKM: 0x%x", 2700 event.external_auth.action, 2701 event.external_auth.key_mgmt_suite); 2702 wpa_supplicant_event(drv->ctx, EVENT_EXTERNAL_AUTH, &event); 2703 } 2704 2705 2706 static void nl80211_port_authorized(struct wpa_driver_nl80211_data *drv, 2707 struct nlattr **tb) 2708 { 2709 const u8 *addr; 2710 2711 if (!tb[NL80211_ATTR_MAC] || 2712 nla_len(tb[NL80211_ATTR_MAC]) != ETH_ALEN) { 2713 wpa_printf(MSG_DEBUG, 2714 "nl80211: Ignore port authorized event without BSSID"); 2715 return; 2716 } 2717 2718 addr = nla_data(tb[NL80211_ATTR_MAC]); 2719 if (os_memcmp(addr, drv->bssid, ETH_ALEN) != 0) { 2720 wpa_printf(MSG_DEBUG, 2721 "nl80211: Ignore port authorized event for " MACSTR 2722 " (not the currently connected BSSID " MACSTR ")", 2723 MAC2STR(addr), MAC2STR(drv->bssid)); 2724 return; 2725 } 2726 2727 wpa_supplicant_event(drv->ctx, EVENT_PORT_AUTHORIZED, NULL); 2728 } 2729 2730 2731 static void nl80211_sta_opmode_change_event(struct wpa_driver_nl80211_data *drv, 2732 struct nlattr **tb) 2733 { 2734 union wpa_event_data ed; 2735 u8 smps_mode, max_bw; 2736 2737 if (!tb[NL80211_ATTR_MAC] || 2738 (!tb[NL80211_ATTR_CHANNEL_WIDTH] && 2739 !tb[NL80211_ATTR_SMPS_MODE] && 2740 !tb[NL80211_ATTR_NSS])) 2741 return; 2742 2743 ed.sta_opmode.smps_mode = SMPS_INVALID; 2744 ed.sta_opmode.chan_width = CHAN_WIDTH_UNKNOWN; 2745 ed.sta_opmode.rx_nss = 0xff; 2746 ed.sta_opmode.addr = nla_data(tb[NL80211_ATTR_MAC]); 2747 2748 if (tb[NL80211_ATTR_SMPS_MODE]) { 2749 smps_mode = nla_get_u8(tb[NL80211_ATTR_SMPS_MODE]); 2750 switch (smps_mode) { 2751 case NL80211_SMPS_OFF: 2752 ed.sta_opmode.smps_mode = SMPS_OFF; 2753 break; 2754 case NL80211_SMPS_STATIC: 2755 ed.sta_opmode.smps_mode = SMPS_STATIC; 2756 break; 2757 case NL80211_SMPS_DYNAMIC: 2758 ed.sta_opmode.smps_mode = SMPS_DYNAMIC; 2759 break; 2760 default: 2761 ed.sta_opmode.smps_mode = SMPS_INVALID; 2762 break; 2763 } 2764 } 2765 2766 if (tb[NL80211_ATTR_CHANNEL_WIDTH]) { 2767 max_bw = nla_get_u32(tb[NL80211_ATTR_CHANNEL_WIDTH]); 2768 switch (max_bw) { 2769 case NL80211_CHAN_WIDTH_20_NOHT: 2770 ed.sta_opmode.chan_width = CHAN_WIDTH_20_NOHT; 2771 break; 2772 case NL80211_CHAN_WIDTH_20: 2773 ed.sta_opmode.chan_width = CHAN_WIDTH_20; 2774 break; 2775 case NL80211_CHAN_WIDTH_40: 2776 ed.sta_opmode.chan_width = CHAN_WIDTH_40; 2777 break; 2778 case NL80211_CHAN_WIDTH_80: 2779 ed.sta_opmode.chan_width = CHAN_WIDTH_80; 2780 break; 2781 case NL80211_CHAN_WIDTH_80P80: 2782 ed.sta_opmode.chan_width = CHAN_WIDTH_80P80; 2783 break; 2784 case NL80211_CHAN_WIDTH_160: 2785 ed.sta_opmode.chan_width = CHAN_WIDTH_160; 2786 break; 2787 default: 2788 ed.sta_opmode.chan_width = CHAN_WIDTH_UNKNOWN; 2789 break; 2790 2791 } 2792 } 2793 2794 if (tb[NL80211_ATTR_NSS]) 2795 ed.sta_opmode.rx_nss = nla_get_u8(tb[NL80211_ATTR_NSS]); 2796 2797 wpa_supplicant_event(drv->ctx, EVENT_STATION_OPMODE_CHANGED, &ed); 2798 } 2799 2800 2801 static void nl80211_control_port_frame(struct wpa_driver_nl80211_data *drv, 2802 struct nlattr **tb) 2803 { 2804 u8 *src_addr; 2805 u16 ethertype; 2806 2807 if (!tb[NL80211_ATTR_MAC] || 2808 !tb[NL80211_ATTR_FRAME] || 2809 !tb[NL80211_ATTR_CONTROL_PORT_ETHERTYPE]) 2810 return; 2811 2812 src_addr = nla_data(tb[NL80211_ATTR_MAC]); 2813 ethertype = nla_get_u16(tb[NL80211_ATTR_CONTROL_PORT_ETHERTYPE]); 2814 2815 switch (ethertype) { 2816 case ETH_P_RSN_PREAUTH: 2817 wpa_printf(MSG_INFO, "nl80211: Got pre-auth frame from " 2818 MACSTR " over control port unexpectedly", 2819 MAC2STR(src_addr)); 2820 break; 2821 case ETH_P_PAE: 2822 drv_event_eapol_rx(drv->ctx, src_addr, 2823 nla_data(tb[NL80211_ATTR_FRAME]), 2824 nla_len(tb[NL80211_ATTR_FRAME])); 2825 break; 2826 default: 2827 wpa_printf(MSG_INFO, "nl80211: Unxpected ethertype 0x%04x from " 2828 MACSTR " over control port", 2829 ethertype, MAC2STR(src_addr)); 2830 break; 2831 } 2832 } 2833 2834 2835 static void 2836 nl80211_control_port_frame_tx_status(struct wpa_driver_nl80211_data *drv, 2837 const u8 *frame, size_t len, 2838 struct nlattr *ack, struct nlattr *cookie) 2839 { 2840 union wpa_event_data event; 2841 2842 if (!cookie || len < ETH_HLEN) 2843 return; 2844 2845 wpa_printf(MSG_DEBUG, 2846 "nl80211: Control port TX status (ack=%d), cookie=%llu", 2847 ack != NULL, (long long unsigned int) nla_get_u64(cookie)); 2848 2849 os_memset(&event, 0, sizeof(event)); 2850 event.eapol_tx_status.dst = frame; 2851 event.eapol_tx_status.data = frame + ETH_HLEN; 2852 event.eapol_tx_status.data_len = len - ETH_HLEN; 2853 event.eapol_tx_status.ack = ack != NULL; 2854 wpa_supplicant_event(drv->ctx, EVENT_EAPOL_TX_STATUS, &event); 2855 } 2856 2857 2858 static void do_process_drv_event(struct i802_bss *bss, int cmd, 2859 struct nlattr **tb) 2860 { 2861 struct wpa_driver_nl80211_data *drv = bss->drv; 2862 int external_scan_event = 0; 2863 struct nlattr *frame = tb[NL80211_ATTR_FRAME]; 2864 2865 wpa_printf(MSG_DEBUG, "nl80211: Drv Event %d (%s) received for %s", 2866 cmd, nl80211_command_to_string(cmd), bss->ifname); 2867 2868 #ifdef CONFIG_DRIVER_NL80211_QCA 2869 if (cmd == NL80211_CMD_ROAM && 2870 (drv->capa.flags & WPA_DRIVER_FLAGS_KEY_MGMT_OFFLOAD)) { 2871 if (drv->pending_roam_data) { 2872 struct os_reltime now, age; 2873 2874 os_get_reltime(&now); 2875 os_reltime_sub(&now, &drv->pending_roam_ind_time, &age); 2876 if (age.sec == 0 && age.usec < 100000) { 2877 wpa_printf(MSG_DEBUG, 2878 "nl80211: Process pending roam+auth vendor event"); 2879 qca_nl80211_key_mgmt_auth( 2880 drv, drv->pending_roam_data, 2881 drv->pending_roam_data_len); 2882 } 2883 os_free(drv->pending_roam_data); 2884 drv->pending_roam_data = NULL; 2885 return; 2886 } 2887 /* 2888 * Device will use roam+auth vendor event to indicate 2889 * roaming, so ignore the regular roam event. 2890 */ 2891 drv->roam_indication_done = true; 2892 wpa_printf(MSG_DEBUG, 2893 "nl80211: Ignore roam event (cmd=%d), device will use vendor event roam+auth", 2894 cmd); 2895 return; 2896 } 2897 #endif /* CONFIG_DRIVER_NL80211_QCA */ 2898 2899 if (drv->ap_scan_as_station != NL80211_IFTYPE_UNSPECIFIED && 2900 (cmd == NL80211_CMD_NEW_SCAN_RESULTS || 2901 cmd == NL80211_CMD_SCAN_ABORTED)) 2902 nl80211_restore_ap_mode(bss); 2903 2904 switch (cmd) { 2905 case NL80211_CMD_TRIGGER_SCAN: 2906 wpa_dbg(drv->ctx, MSG_DEBUG, "nl80211: Scan trigger"); 2907 drv->scan_state = SCAN_STARTED; 2908 if (drv->scan_for_auth) { 2909 /* 2910 * Cannot indicate EVENT_SCAN_STARTED here since we skip 2911 * EVENT_SCAN_RESULTS in scan_for_auth case and the 2912 * upper layer implementation could get confused about 2913 * scanning state. 2914 */ 2915 wpa_printf(MSG_DEBUG, "nl80211: Do not indicate scan-start event due to internal scan_for_auth"); 2916 break; 2917 } 2918 wpa_supplicant_event(drv->ctx, EVENT_SCAN_STARTED, NULL); 2919 break; 2920 case NL80211_CMD_START_SCHED_SCAN: 2921 wpa_dbg(drv->ctx, MSG_DEBUG, "nl80211: Sched scan started"); 2922 drv->scan_state = SCHED_SCAN_STARTED; 2923 break; 2924 case NL80211_CMD_SCHED_SCAN_STOPPED: 2925 wpa_dbg(drv->ctx, MSG_DEBUG, "nl80211: Sched scan stopped"); 2926 drv->scan_state = SCHED_SCAN_STOPPED; 2927 wpa_supplicant_event(drv->ctx, EVENT_SCHED_SCAN_STOPPED, NULL); 2928 break; 2929 case NL80211_CMD_NEW_SCAN_RESULTS: 2930 wpa_dbg(drv->ctx, MSG_DEBUG, 2931 "nl80211: New scan results available"); 2932 if (drv->last_scan_cmd != NL80211_CMD_VENDOR) 2933 drv->scan_state = SCAN_COMPLETED; 2934 drv->scan_complete_events = 1; 2935 if (drv->last_scan_cmd == NL80211_CMD_TRIGGER_SCAN) { 2936 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, 2937 drv, drv->ctx); 2938 drv->last_scan_cmd = 0; 2939 } else { 2940 external_scan_event = 1; 2941 } 2942 send_scan_event(drv, 0, tb, external_scan_event); 2943 break; 2944 case NL80211_CMD_SCHED_SCAN_RESULTS: 2945 wpa_dbg(drv->ctx, MSG_DEBUG, 2946 "nl80211: New sched scan results available"); 2947 drv->scan_state = SCHED_SCAN_RESULTS; 2948 send_scan_event(drv, 0, tb, 0); 2949 break; 2950 case NL80211_CMD_SCAN_ABORTED: 2951 wpa_dbg(drv->ctx, MSG_DEBUG, "nl80211: Scan aborted"); 2952 if (drv->last_scan_cmd != NL80211_CMD_VENDOR) 2953 drv->scan_state = SCAN_ABORTED; 2954 if (drv->last_scan_cmd == NL80211_CMD_TRIGGER_SCAN) { 2955 /* 2956 * Need to indicate that scan results are available in 2957 * order not to make wpa_supplicant stop its scanning. 2958 */ 2959 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, 2960 drv, drv->ctx); 2961 drv->last_scan_cmd = 0; 2962 } else { 2963 external_scan_event = 1; 2964 } 2965 send_scan_event(drv, 1, tb, external_scan_event); 2966 break; 2967 case NL80211_CMD_AUTHENTICATE: 2968 case NL80211_CMD_ASSOCIATE: 2969 case NL80211_CMD_DEAUTHENTICATE: 2970 case NL80211_CMD_DISASSOCIATE: 2971 case NL80211_CMD_FRAME_TX_STATUS: 2972 case NL80211_CMD_UNPROT_DEAUTHENTICATE: 2973 case NL80211_CMD_UNPROT_DISASSOCIATE: 2974 mlme_event(bss, cmd, tb[NL80211_ATTR_FRAME], 2975 tb[NL80211_ATTR_MAC], tb[NL80211_ATTR_TIMED_OUT], 2976 tb[NL80211_ATTR_WIPHY_FREQ], tb[NL80211_ATTR_ACK], 2977 tb[NL80211_ATTR_COOKIE], 2978 tb[NL80211_ATTR_RX_SIGNAL_DBM], 2979 tb[NL80211_ATTR_STA_WME], 2980 tb[NL80211_ATTR_REQ_IE]); 2981 break; 2982 case NL80211_CMD_CONNECT: 2983 case NL80211_CMD_ROAM: 2984 mlme_event_connect(drv, cmd, 2985 tb[NL80211_ATTR_STATUS_CODE], 2986 tb[NL80211_ATTR_MAC], 2987 tb[NL80211_ATTR_REQ_IE], 2988 tb[NL80211_ATTR_RESP_IE], 2989 tb[NL80211_ATTR_TIMED_OUT], 2990 tb[NL80211_ATTR_TIMEOUT_REASON], 2991 NULL, NULL, NULL, 2992 tb[NL80211_ATTR_FILS_KEK], 2993 NULL, 2994 tb[NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM], 2995 tb[NL80211_ATTR_PMK], 2996 tb[NL80211_ATTR_PMKID]); 2997 break; 2998 case NL80211_CMD_CH_SWITCH_STARTED_NOTIFY: 2999 mlme_event_ch_switch(drv, 3000 tb[NL80211_ATTR_IFINDEX], 3001 tb[NL80211_ATTR_WIPHY_FREQ], 3002 tb[NL80211_ATTR_WIPHY_CHANNEL_TYPE], 3003 tb[NL80211_ATTR_CHANNEL_WIDTH], 3004 tb[NL80211_ATTR_CENTER_FREQ1], 3005 tb[NL80211_ATTR_CENTER_FREQ2], 3006 0); 3007 break; 3008 case NL80211_CMD_CH_SWITCH_NOTIFY: 3009 mlme_event_ch_switch(drv, 3010 tb[NL80211_ATTR_IFINDEX], 3011 tb[NL80211_ATTR_WIPHY_FREQ], 3012 tb[NL80211_ATTR_WIPHY_CHANNEL_TYPE], 3013 tb[NL80211_ATTR_CHANNEL_WIDTH], 3014 tb[NL80211_ATTR_CENTER_FREQ1], 3015 tb[NL80211_ATTR_CENTER_FREQ2], 3016 1); 3017 break; 3018 case NL80211_CMD_DISCONNECT: 3019 mlme_event_disconnect(drv, tb[NL80211_ATTR_REASON_CODE], 3020 tb[NL80211_ATTR_MAC], 3021 tb[NL80211_ATTR_DISCONNECTED_BY_AP]); 3022 break; 3023 case NL80211_CMD_MICHAEL_MIC_FAILURE: 3024 mlme_event_michael_mic_failure(bss, tb); 3025 break; 3026 case NL80211_CMD_JOIN_IBSS: 3027 mlme_event_join_ibss(drv, tb); 3028 break; 3029 case NL80211_CMD_REMAIN_ON_CHANNEL: 3030 mlme_event_remain_on_channel(drv, 0, tb); 3031 break; 3032 case NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL: 3033 mlme_event_remain_on_channel(drv, 1, tb); 3034 break; 3035 case NL80211_CMD_NOTIFY_CQM: 3036 nl80211_cqm_event(drv, tb); 3037 break; 3038 case NL80211_CMD_REG_CHANGE: 3039 case NL80211_CMD_WIPHY_REG_CHANGE: 3040 nl80211_reg_change_event(drv, tb); 3041 break; 3042 case NL80211_CMD_REG_BEACON_HINT: 3043 nl80211_reg_beacon_hint_event(drv, tb); 3044 break; 3045 case NL80211_CMD_NEW_STATION: 3046 nl80211_new_station_event(drv, bss, tb); 3047 break; 3048 case NL80211_CMD_DEL_STATION: 3049 nl80211_del_station_event(drv, bss, tb); 3050 break; 3051 case NL80211_CMD_SET_REKEY_OFFLOAD: 3052 nl80211_rekey_offload_event(drv, tb); 3053 break; 3054 case NL80211_CMD_PMKSA_CANDIDATE: 3055 nl80211_pmksa_candidate_event(drv, tb); 3056 break; 3057 case NL80211_CMD_PROBE_CLIENT: 3058 nl80211_client_probe_event(drv, tb); 3059 break; 3060 case NL80211_CMD_TDLS_OPER: 3061 nl80211_tdls_oper_event(drv, tb); 3062 break; 3063 case NL80211_CMD_CONN_FAILED: 3064 nl80211_connect_failed_event(drv, tb); 3065 break; 3066 case NL80211_CMD_FT_EVENT: 3067 mlme_event_ft_event(drv, tb); 3068 break; 3069 case NL80211_CMD_RADAR_DETECT: 3070 nl80211_radar_event(drv, tb); 3071 break; 3072 case NL80211_CMD_STOP_AP: 3073 nl80211_stop_ap(drv, tb); 3074 break; 3075 case NL80211_CMD_VENDOR: 3076 nl80211_vendor_event(drv, tb); 3077 break; 3078 case NL80211_CMD_NEW_PEER_CANDIDATE: 3079 nl80211_new_peer_candidate(drv, tb); 3080 break; 3081 case NL80211_CMD_PORT_AUTHORIZED: 3082 nl80211_port_authorized(drv, tb); 3083 break; 3084 case NL80211_CMD_STA_OPMODE_CHANGED: 3085 nl80211_sta_opmode_change_event(drv, tb); 3086 break; 3087 case NL80211_CMD_UPDATE_OWE_INFO: 3088 mlme_event_dh_event(drv, bss, tb); 3089 break; 3090 case NL80211_CMD_UNPROT_BEACON: 3091 if (frame) 3092 mlme_event_unprot_beacon(drv, nla_data(frame), 3093 nla_len(frame)); 3094 break; 3095 case NL80211_CMD_CONTROL_PORT_FRAME_TX_STATUS: 3096 if (!frame) 3097 break; 3098 nl80211_control_port_frame_tx_status(drv, 3099 nla_data(frame), 3100 nla_len(frame), 3101 tb[NL80211_ATTR_ACK], 3102 tb[NL80211_ATTR_COOKIE]); 3103 break; 3104 default: 3105 wpa_dbg(drv->ctx, MSG_DEBUG, "nl80211: Ignored unknown event " 3106 "(cmd=%d)", cmd); 3107 break; 3108 } 3109 } 3110 3111 3112 int process_global_event(struct nl_msg *msg, void *arg) 3113 { 3114 struct nl80211_global *global = arg; 3115 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); 3116 struct nlattr *tb[NL80211_ATTR_MAX + 1]; 3117 struct wpa_driver_nl80211_data *drv, *tmp; 3118 int ifidx = -1, wiphy_idx = -1, wiphy_idx_rx = -1; 3119 struct i802_bss *bss; 3120 u64 wdev_id = 0; 3121 int wdev_id_set = 0; 3122 int wiphy_idx_set = 0; 3123 3124 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), 3125 genlmsg_attrlen(gnlh, 0), NULL); 3126 3127 if (tb[NL80211_ATTR_IFINDEX]) 3128 ifidx = nla_get_u32(tb[NL80211_ATTR_IFINDEX]); 3129 else if (tb[NL80211_ATTR_WDEV]) { 3130 wdev_id = nla_get_u64(tb[NL80211_ATTR_WDEV]); 3131 wdev_id_set = 1; 3132 } else if (tb[NL80211_ATTR_WIPHY]) { 3133 wiphy_idx_rx = nla_get_u32(tb[NL80211_ATTR_WIPHY]); 3134 wiphy_idx_set = 1; 3135 } 3136 3137 dl_list_for_each_safe(drv, tmp, &global->interfaces, 3138 struct wpa_driver_nl80211_data, list) { 3139 for (bss = drv->first_bss; bss; bss = bss->next) { 3140 if (wiphy_idx_set) 3141 wiphy_idx = nl80211_get_wiphy_index(bss); 3142 if ((ifidx == -1 && !wiphy_idx_set && !wdev_id_set) || 3143 ifidx == bss->ifindex || 3144 (wiphy_idx_set && wiphy_idx == wiphy_idx_rx) || 3145 (wdev_id_set && bss->wdev_id_set && 3146 wdev_id == bss->wdev_id)) { 3147 do_process_drv_event(bss, gnlh->cmd, tb); 3148 return NL_SKIP; 3149 } 3150 } 3151 wpa_printf(MSG_DEBUG, 3152 "nl80211: Ignored event %d (%s) for foreign interface (ifindex %d wdev 0x%llx)", 3153 gnlh->cmd, nl80211_command_to_string(gnlh->cmd), 3154 ifidx, (long long unsigned int) wdev_id); 3155 } 3156 3157 return NL_SKIP; 3158 } 3159 3160 3161 int process_bss_event(struct nl_msg *msg, void *arg) 3162 { 3163 struct i802_bss *bss = arg; 3164 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); 3165 struct nlattr *tb[NL80211_ATTR_MAX + 1]; 3166 3167 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), 3168 genlmsg_attrlen(gnlh, 0), NULL); 3169 3170 wpa_printf(MSG_DEBUG, "nl80211: BSS Event %d (%s) received for %s", 3171 gnlh->cmd, nl80211_command_to_string(gnlh->cmd), 3172 bss->ifname); 3173 3174 switch (gnlh->cmd) { 3175 case NL80211_CMD_FRAME: 3176 case NL80211_CMD_FRAME_TX_STATUS: 3177 mlme_event(bss, gnlh->cmd, tb[NL80211_ATTR_FRAME], 3178 tb[NL80211_ATTR_MAC], tb[NL80211_ATTR_TIMED_OUT], 3179 tb[NL80211_ATTR_WIPHY_FREQ], tb[NL80211_ATTR_ACK], 3180 tb[NL80211_ATTR_COOKIE], 3181 tb[NL80211_ATTR_RX_SIGNAL_DBM], 3182 tb[NL80211_ATTR_STA_WME], NULL); 3183 break; 3184 case NL80211_CMD_UNEXPECTED_FRAME: 3185 nl80211_spurious_frame(bss, tb, 0); 3186 break; 3187 case NL80211_CMD_UNEXPECTED_4ADDR_FRAME: 3188 nl80211_spurious_frame(bss, tb, 1); 3189 break; 3190 case NL80211_CMD_EXTERNAL_AUTH: 3191 nl80211_external_auth(bss->drv, tb); 3192 break; 3193 case NL80211_CMD_CONTROL_PORT_FRAME: 3194 nl80211_control_port_frame(bss->drv, tb); 3195 break; 3196 default: 3197 wpa_printf(MSG_DEBUG, "nl80211: Ignored unknown event " 3198 "(cmd=%d)", gnlh->cmd); 3199 break; 3200 } 3201 3202 return NL_SKIP; 3203 } 3204