Cumulative patch from commit 8960afa4bfa423774a8ca58cc21a4a7c1ab6089e
8960afa wpa_cli: Run action file in case of an AP event
1cece2f OpenSSL: Comment out tls_connection_get_eap_fast_key without EAP-FAST
7358170 TLS: Split tls_connection_prf() into two functions
f150db6 OpenSSL: Remove two more accesses of ssl_ctx->cert_store
6dc3206 scan: Fix a memory leak on an error path
9ce3e61 nl80211: Add TEST_FAIL() to nl80211_set_mac_addr()
8880240 scan: Clean up code a bit - phase1 is used in all WPS cases
e1ae287 scan: Clean up code a bit - ssid cannot be NULL here
a170394 Update ChangeLog files for v2.6
a26c9c2 Fix sending non-Public Action frames over P2P Device interface
4d916ed nl80211: Register for only for specific Action frames in AP mode
31d7fb1 P2PS: Allow P2P_CONNECT command for P2PS connection with/without PIN
467fc14 P2PS: Correct config_methods for different P2P cases
9d136b0 EAP-SAKE: Do not debug print result if eap_sake_compute_mic() fails
0884633 EAP-PAX: Do not debug print result if eap_pax_mac() fails
92abe37 EAP-FAST: Check sha1_t_prf() result in eap_fast_get_cmk()
636a238 WPS: Check sha256_vector() result in wps_build_oob_dev_pw()
2c3d95c Check md5_vector() result in decrypt_ms_key()
38eee0f Check hmac_md5() result in radius_msg_verify_msg_auth()
05dad94 Check md5_vector() result in radius_msg_verify()
aae125e WPS: Fix debug prints in wps_derive_psk() error case
7d1007a Fix external radio work debug printing on removal
b6317b4 wpa_supplicant: Add wps_disabled parameter to network block
23d71a0 Set wpa_psk_set in wpa_supplicant AP mode is PSK is available
6641954 Fix AP mode key_mgmt configuration in wpa_supplicant default case
ad6cee3 P2P: Do not enable P2P group processing for non-P2P AP mode
a185e9b tests/remote: Add hwsim wrapper
ff9bb8a tests/remote: Add test_example.py
a73fa13 tests/remote: Add utils file
ede4719 tests/remote: Add monitor.py
3b11ad3 Send CTRL-EVENT-REGDOM-CHANGE event on the parent interface
4de70e2 Add MGMT_RX_PROCESS test command for wpa_supplicant
f42c3ce mesh: Calculate MTK before sending it to MAC in case Open is dropped
baa1213 mesh: Add missing action to cancel timer
e8a1b6b D-Bus: Check driver capability for IBSS in Modes property of Capabilities
7a1887f wpa_cli: Add backspace key process for some terminal
3dd0e9e wpa_supplicant: Fix CONFIG_AP build without CTRL_IFACE
d58b60d drivers: Add NEED_RADIOTAP
6a9681e OpenSSL: Make dh5_init() match the generic implementation
46bac65 WPS: Fix segmentation fault in new DH key derivation
e447133 OpenSSL: BoringSSL has SSL_get_client_random(), etc.
03626e9 Skip connection attempt for non-RSN networks if PMF is set to required
2295004 Ignore pmf=1/2 parameter for non-RSN networks
2a3f565 Reject SET commands with newline characters in the string values
b166cd8 Reject SET_CRED commands with newline characters in the string values
0fe5a23 Remove newlines from wpa_supplicant config network output
73e4abb Reject psk parameter set with invalid passphrase character
ecbb0b3 WPS: Reject a Credential with invalid passphrase
f4830be nl80211: Try running without mgmt frame subscription (driver AP SME)
df5bde8 Android: Remove EAP-FAST option
60d9f67 WPS: Explicitly clear wpabuf memory with key information
9b377be P2P: Copy config from p2pdev when not using dedicated group interface
3c88d26 P2P: Fix wpas_p2p_nfc_auth_join()
2f19563 WNM: Fetch scan results before checking transition candidates
4ac3398 Use a shared helper function for parsing hostapd.conf IEs
a911227 Add assocresp_elements parameter for hostapd
49fe2ad OpenSSL: Support OpenSSL 1.1.0 DH opacity
b92d2a5 FT: Fix RRB for FT over-the-air case
9e5a5de systemd: Update service files according to D-Bus interface version
ac7aea8 Assign QCA vendor command/attributes for set/get wifi configuration
57b3888 P2P: Add P2P_GROUP_MEMBER command to fetch client interface address
0ee8925 P2P: Trigger event when invitation is accepted
bd86ea0 nl80211: Get rid of unused assignment warning
18ae3a6 bsd: Set level correctly for non FreeBSD systems
cf667c6 RRM: Modify the processing of a received neighbor report
00ed0aa SME: Add support for global RRM flag
b5d172e nl80211: Add support for global RRM flag
a7f0bb7 driver: Add global RRM support flag
864b952 nl80211: Register to receive Radio Measurement Request frames
4a74201 wpa_supplicant: Handle LCI request
220754c hostapd: Add FTM range request
f4f185a hostapd: Add LCI request
629e180 hostapd: Save RM enabled capability of station
2572df3 hostapd: Handle Neighbor Report Request frame
061269b hostapd: Add own neighbor report data to neighbor database
9b4b226 hostapd: Add a database of neighboring APs
0101821 hostapd: Extend the configuration of RRM capabilities
6a4f0ed Fix spelling of "neighbor" in a function name
d41a535 wpa_supplicant: Add LCI and civic request to Neighbor Report Request
624b8a0 utils: Add ssid_parse() function
e4fbc8d Add measurement and neighbor report definitions
9d955f7 utils: Rename hostapd_parse_bin to wpabuf_parse_bin and move it
74e982d hostapd: Set LCI and Location Civic information in configuration
1854eec Add POLL_STA command to check connectivity in AP mode
3dbfb28 Allow AP to disconnect STA without sending Deauth/Disassoc frame
de92314 Add inactive_msec into STA output
61c1011 Extend VENDOR_ELEM parameters to cover non-P2P Probe Request frame
6922d44 nl80211: Implement configure_data_frame_filters() callback
ece4ac5 HS 2.0: Add support for configuring frame filters
e42adb9 driver: Add a packet filtering function declaration
ae33239 AP: Pass station P2P PS capabilities info during station add/set
7405bb0 Sync with mac80211-next.git include/uapi/linux/nl80211.h
90f1496 wpa_supplicant: "don't care" value for pbss in ssid structure
e52a698 RADIUS: Fix a possible memory leak on an error path
f1863f2 RADIUS: Fix possible memory leak when parsing per-STA passphrase
3433721 P2P: Continue p2p_find after sending non-success Invitation Response
0f34665 Mark wpa_supplicant_{start,stop}_sched_scan() static
Also reverting:
c7f648c wpa_supplicant_8: Add a temporary hack to work around BoringSSL incompatibility
1e1c48d2 Update AP IE regardless WPA_DRIVER_FLAGS_BSS_SELECTION flag
Change-Id: Idb9bfa80e9d9a4d10323dab5ce2bb24f4baf550c
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c
index 798e694..12a417b 100644
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
@@ -1989,6 +1989,10 @@
if (nl80211_register_action_frame(bss, (u8 *) "\x05\x05", 2) < 0)
ret = -1;
+ /* Radio Measurement - Radio Measurement Request */
+ if (nl80211_register_action_frame(bss, (u8 *) "\x05\x00", 2) < 0)
+ ret = -1;
+
/* Radio Measurement - Link Measurement Request */
if ((drv->capa.rrm_flags & WPA_DRIVER_FLAGS_TX_POWER_INSERTION) &&
(nl80211_register_action_frame(bss, (u8 *) "\x05\x02", 2) < 0))
@@ -2050,6 +2054,49 @@
}
+static int nl80211_action_subscribe_ap(struct i802_bss *bss)
+{
+ int ret = 0;
+
+ /* Public Action frames */
+ if (nl80211_register_action_frame(bss, (u8 *) "\x04", 1) < 0)
+ ret = -1;
+ /* RRM Measurement Report */
+ if (nl80211_register_action_frame(bss, (u8 *) "\x05\x01", 2) < 0)
+ ret = -1;
+ /* RRM Neighbor Report Request */
+ if (nl80211_register_action_frame(bss, (u8 *) "\x05\x04", 2) < 0)
+ ret = -1;
+ /* FT Action frames */
+ if (nl80211_register_action_frame(bss, (u8 *) "\x06", 1) < 0)
+ ret = -1;
+#ifdef CONFIG_IEEE80211W
+ /* SA Query */
+ if (nl80211_register_action_frame(bss, (u8 *) "\x08", 1) < 0)
+ ret = -1;
+#endif /* CONFIG_IEEE80211W */
+ /* Protected Dual of Public Action */
+ if (nl80211_register_action_frame(bss, (u8 *) "\x09", 1) < 0)
+ ret = -1;
+ /* WNM */
+ if (nl80211_register_action_frame(bss, (u8 *) "\x0a", 1) < 0)
+ ret = -1;
+ /* WMM */
+ if (nl80211_register_action_frame(bss, (u8 *) "\x11", 1) < 0)
+ ret = -1;
+#ifdef CONFIG_FST
+ /* FST Action frames */
+ if (nl80211_register_action_frame(bss, (u8 *) "\x12", 1) < 0)
+ ret = -1;
+#endif /* CONFIG_FST */
+ /* Vendor-specific */
+ if (nl80211_register_action_frame(bss, (u8 *) "\x7f", 1) < 0)
+ ret = -1;
+
+ return ret;
+}
+
+
static int nl80211_mgmt_subscribe_ap(struct i802_bss *bss)
{
static const int stypes[] = {
@@ -2058,7 +2105,6 @@
WLAN_FC_STYPE_REASSOC_REQ,
WLAN_FC_STYPE_DISASSOC,
WLAN_FC_STYPE_DEAUTH,
- WLAN_FC_STYPE_ACTION,
WLAN_FC_STYPE_PROBE_REQ,
/* Beacon doesn't work as mac80211 doesn't currently allow
* it, but it wouldn't really be the right thing anyway as
@@ -2083,6 +2129,9 @@
}
}
+ if (nl80211_action_subscribe_ap(bss))
+ goto out_err;
+
if (nl80211_register_spurious_class3(bss))
goto out_err;
@@ -2105,10 +2154,7 @@
wpa_printf(MSG_DEBUG, "nl80211: Subscribe to mgmt frames with AP "
"handle %p (device SME)", bss->nl_mgmt);
- if (nl80211_register_frame(bss, bss->nl_mgmt,
- (WLAN_FC_TYPE_MGMT << 2) |
- (WLAN_FC_STYPE_ACTION << 4),
- NULL, 0) < 0)
+ if (nl80211_action_subscribe_ap(bss))
goto out_err;
nl80211_mgmt_handle_register_eloop(bss);
@@ -3877,6 +3923,13 @@
params->ext_capab_len, params->ext_capab))
goto fail;
}
+
+ if (is_ap_interface(drv->nlmode) &&
+ nla_put_u8(msg, NL80211_ATTR_STA_SUPPORT_P2P_PS,
+ params->support_p2p_ps ?
+ NL80211_P2P_PS_SUPPORTED :
+ NL80211_P2P_PS_UNSUPPORTED))
+ goto fail;
}
if (!params->set) {
if (params->aid) {
@@ -4291,7 +4344,8 @@
if (drv->device_ap_sme && !drv->use_monitor)
if (nl80211_mgmt_subscribe_ap_dev_sme(bss))
- return -1;
+ wpa_printf(MSG_DEBUG,
+ "nl80211: Failed to subscribe for mgmt frames from SME driver - trying to run without it");
if (!drv->device_ap_sme && drv->use_monitor &&
nl80211_create_monitor_interface(drv) &&
@@ -4822,9 +4876,10 @@
if (params->rrm_used) {
u32 drv_rrm_flags = drv->capa.rrm_flags;
- if (!(drv_rrm_flags &
- WPA_DRIVER_FLAGS_DS_PARAM_SET_IE_IN_PROBES) ||
- !(drv_rrm_flags & WPA_DRIVER_FLAGS_QUIET) ||
+ if ((!((drv_rrm_flags &
+ WPA_DRIVER_FLAGS_DS_PARAM_SET_IE_IN_PROBES) &&
+ (drv_rrm_flags & WPA_DRIVER_FLAGS_QUIET)) &&
+ !(drv_rrm_flags & WPA_DRIVER_FLAGS_SUPPORT_RRM)) ||
nla_put_flag(msg, NL80211_ATTR_USE_RRM))
return -1;
}
@@ -8249,6 +8304,9 @@
struct wpa_driver_nl80211_data *drv = bss->drv;
int new_addr = addr != NULL;
+ if (TEST_FAIL())
+ return -1;
+
if (!addr)
addr = drv->perm_addr;
@@ -9053,6 +9111,97 @@
#endif /* CONFIG_DRIVER_NL80211_QCA */
+static int nl80211_write_to_file(const char *name, unsigned int val)
+{
+ int fd, len;
+ char tmp[128];
+
+ fd = open(name, O_RDWR);
+ if (fd < 0) {
+ wpa_printf(MSG_ERROR, "nl80211: Failed to open %s: %s",
+ name, strerror(errno));
+ return fd;
+ }
+
+ len = os_snprintf(tmp, sizeof(tmp), "%u\n", val);
+ len = write(fd, tmp, len);
+ if (len < 0)
+ wpa_printf(MSG_ERROR, "nl80211: Failed to write to %s: %s",
+ name, strerror(errno));
+ close(fd);
+
+ return 0;
+}
+
+
+static int nl80211_configure_data_frame_filters(void *priv, u32 filter_flags)
+{
+ struct i802_bss *bss = priv;
+ char path[128];
+ int ret;
+
+ wpa_printf(MSG_DEBUG, "nl80211: Data frame filter flags=0x%x",
+ filter_flags);
+
+ /* Configure filtering of unicast frame encrypted using GTK */
+ ret = os_snprintf(path, sizeof(path),
+ "/proc/sys/net/ipv4/conf/%s/drop_unicast_in_l2_multicast",
+ bss->ifname);
+ if (os_snprintf_error(sizeof(path), ret))
+ return -1;
+
+ ret = nl80211_write_to_file(path,
+ !!(filter_flags &
+ WPA_DATA_FRAME_FILTER_FLAG_GTK));
+ if (ret) {
+ wpa_printf(MSG_ERROR,
+ "nl80211: Failed to set IPv4 unicast in multicast filter");
+ return ret;
+ }
+
+ os_snprintf(path, sizeof(path),
+ "/proc/sys/net/ipv6/conf/%s/drop_unicast_in_l2_multicast",
+ bss->ifname);
+ ret = nl80211_write_to_file(path,
+ !!(filter_flags &
+ WPA_DATA_FRAME_FILTER_FLAG_GTK));
+
+ if (ret) {
+ wpa_printf(MSG_ERROR,
+ "nl80211: Failed to set IPv6 unicast in multicast filter");
+ return ret;
+ }
+
+ /* Configure filtering of unicast frame encrypted using GTK */
+ os_snprintf(path, sizeof(path),
+ "/proc/sys/net/ipv4/conf/%s/drop_gratuitous_arp",
+ bss->ifname);
+ ret = nl80211_write_to_file(path,
+ !!(filter_flags &
+ WPA_DATA_FRAME_FILTER_FLAG_ARP));
+ if (ret) {
+ wpa_printf(MSG_ERROR,
+ "nl80211: Failed set gratuitous ARP filter");
+ return ret;
+ }
+
+ /* Configure filtering of IPv6 NA frames */
+ os_snprintf(path, sizeof(path),
+ "/proc/sys/net/ipv6/conf/%s/drop_unsolicited_na",
+ bss->ifname);
+ ret = nl80211_write_to_file(path,
+ !!(filter_flags &
+ WPA_DATA_FRAME_FILTER_FLAG_NA));
+ if (ret) {
+ wpa_printf(MSG_ERROR,
+ "nl80211: Failed to set unsolicited NA filter");
+ return ret;
+ }
+
+ return 0;
+}
+
+
const struct wpa_driver_ops wpa_driver_nl80211_ops = {
.name = "nl80211",
.desc = "Linux nl80211/cfg80211",
@@ -9169,4 +9318,5 @@
.get_pref_freq_list = nl80211_get_pref_freq_list,
.set_prob_oper_freq = nl80211_set_prob_oper_freq,
#endif /* CONFIG_DRIVER_NL80211_QCA */
+ .configure_data_frame_filters = nl80211_configure_data_frame_filters,
};