Gitiles
Code Review Sign In
192.168.1.100 / T108 / 41f65e67393adc65e024efffac65f99a369de4e1 / . / package / kernel / asr-wl / asr-hostapd / asr-hostapd-2023-06-22 / src / ap / rrm.c
blob: 8220590a0114d87206769a9437e7d457773a883c [file] [log] [blame]
b.liue9582032025-04-17 19:18:16 +0800[diff] [blame]1/*
2 * hostapd / Radio Measurement (RRM)
3 * Copyright(c) 2013 - 2016 Intel Mobile Communications GmbH.
4 * Copyright(c) 2011 - 2016 Intel Corporation. All rights reserved.
5 * Copyright (c) 2016-2017, Jouni Malinen <j@w1.fi>
6 *
7 * This software may be distributed under the terms of the BSD license.
8 * See README for more details.
9 */
10
11#include "utils/includes.h"
12
13#include "utils/common.h"
14#include "common/wpa_ctrl.h"
15#include "hostapd.h"
16#include "ap_drv_ops.h"
17#include "sta_info.h"
18#include "eloop.h"
19#include "neighbor_db.h"
20#include "rrm.h"
21
22#define HOSTAPD_RRM_REQUEST_TIMEOUT 5
23
24
25static void hostapd_lci_rep_timeout_handler(void *eloop_data, void *user_ctx)
26{
27 struct hostapd_data *hapd = eloop_data;
28
29 wpa_printf(MSG_DEBUG, "RRM: LCI request (token %u) timed out",
30 hapd->lci_req_token);
31 hapd->lci_req_active = 0;
32}
33
34
35static void hostapd_handle_lci_report(struct hostapd_data *hapd, u8 token,
36 const u8 *pos, size_t len)
37{
38 if (!hapd->lci_req_active || hapd->lci_req_token != token) {
39 wpa_printf(MSG_DEBUG, "Unexpected LCI report, token %u", token);
40 return;
41 }
42
43 hapd->lci_req_active = 0;
44 eloop_cancel_timeout(hostapd_lci_rep_timeout_handler, hapd, NULL);
45 wpa_printf(MSG_DEBUG, "LCI report token %u len %zu", token, len);
46}
47
48
49static void hostapd_range_rep_timeout_handler(void *eloop_data, void *user_ctx)
50{
51 struct hostapd_data *hapd = eloop_data;
52
53 wpa_printf(MSG_DEBUG, "RRM: Range request (token %u) timed out",
54 hapd->range_req_token);
55 hapd->range_req_active = 0;
56}
57
58
59static void hostapd_handle_range_report(struct hostapd_data *hapd, u8 token,
60 const u8 *pos, size_t len)
61{
62 if (!hapd->range_req_active || hapd->range_req_token != token) {
63 wpa_printf(MSG_DEBUG, "Unexpected range report, token %u",
64 token);
65 return;
66 }
67
68 hapd->range_req_active = 0;
69 eloop_cancel_timeout(hostapd_range_rep_timeout_handler, hapd, NULL);
70 wpa_printf(MSG_DEBUG, "Range report token %u len %zu", token, len);
71}
72
73
74static void hostapd_handle_beacon_report(struct hostapd_data *hapd,
75 const u8 *addr, u8 token, u8 rep_mode,
76 const u8 *pos, size_t len)
77{
78 char report[2 * 255 + 1];
79
80 wpa_printf(MSG_DEBUG, "Beacon report token %u len %zu from " MACSTR,
81 token, len, MAC2STR(addr));
82 /* Skip to the beginning of the Beacon report */
83 if (len < 3)
84 return;
85 pos += 3;
86 len -= 3;
87 report[0] = '\0';
88 if (wpa_snprintf_hex(report, sizeof(report), pos, len) < 0)
89 return;
90 wpa_msg(hapd->msg_ctx, MSG_INFO, BEACON_RESP_RX MACSTR " %u %02x %s",
91 MAC2STR(addr), token, rep_mode, report);
92 if (len < sizeof(struct rrm_measurement_beacon_report))
93 return;
94 hostapd_ubus_notify_beacon_report(hapd, addr, token, rep_mode, (struct rrm_measurement_beacon_report*) pos, len);
95}
96
97
98static void hostapd_handle_radio_msmt_report(struct hostapd_data *hapd,
99 const u8 *buf, size_t len)
100{
101 const struct ieee80211_mgmt *mgmt = (const struct ieee80211_mgmt *) buf;
102 const u8 *pos, *ie, *end;
103 u8 token, rep_mode;
104
105 end = buf + len;
106 token = mgmt->u.action.u.rrm.dialog_token;
107 pos = mgmt->u.action.u.rrm.variable;
108
109 while ((ie = get_ie(pos, end - pos, WLAN_EID_MEASURE_REPORT))) {
110 if (ie[1] < 3) {
111 wpa_printf(MSG_DEBUG, "Bad Measurement Report element");
112 break;
113 }
114
115 rep_mode = ie[3];
116 wpa_printf(MSG_DEBUG, "Measurement report mode 0x%x type %u",
117 rep_mode, ie[4]);
118
119 switch (ie[4]) {
120 case MEASURE_TYPE_LCI:
121 hostapd_handle_lci_report(hapd, token, ie + 2, ie[1]);
122 break;
123 case MEASURE_TYPE_FTM_RANGE:
124 hostapd_handle_range_report(hapd, token, ie + 2, ie[1]);
125 break;
126 case MEASURE_TYPE_BEACON:
127 hostapd_handle_beacon_report(hapd, mgmt->sa, token,
128 rep_mode, ie + 2, ie[1]);
129 break;
130 default:
131 wpa_printf(MSG_DEBUG,
132 "Measurement report type %u is not supported",
133 ie[4]);
134 break;
135 }
136
137 pos = ie + ie[1] + 2;
138 }
139}
140
141
142static u16 hostapd_parse_location_lci_req_age(const u8 *buf, size_t len)
143{
144 const u8 *subelem;
145
146 /* Range Request element + Location Subject + Maximum Age subelement */
147 if (len < 3 + 1 + 4)
148 return 0;
149
150 /* Subelements are arranged as IEs */
151 subelem = get_ie(buf + 4, len - 4, LCI_REQ_SUBELEM_MAX_AGE);
152 if (subelem && subelem[1] == 2)
153 return WPA_GET_LE16(subelem + 2);
154
155 return 0;
156}
157
158
159static int hostapd_check_lci_age(struct hostapd_neighbor_entry *nr, u16 max_age)
160{
161 struct os_time curr, diff;
162 unsigned long diff_l;
163
164 if (nr->stationary || max_age == 0xffff)
165 return 1;
166
167 if (!max_age)
168 return 0;
169
170 if (os_get_time(&curr))
171 return 0;
172
173 os_time_sub(&curr, &nr->lci_date, &diff);
174
175 /* avoid overflow */
176 if (diff.sec > 0xffff)
177 return 0;
178
179 /* LCI age is calculated in 10th of a second units. */
180 diff_l = diff.sec * 10 + diff.usec / 100000;
181
182 return max_age > diff_l;
183}
184
185
186static size_t hostapd_neighbor_report_len(struct wpabuf *buf,
187 struct hostapd_neighbor_entry *nr,
188 int send_lci, int send_civic)
189{
190 size_t len = 2 + wpabuf_len(nr->nr);
191
192 if (send_lci && nr->lci)
193 len += 2 + wpabuf_len(nr->lci);
194
195 if (send_civic && nr->civic)
196 len += 2 + wpabuf_len(nr->civic);
197
198 return len;
199}
200
201
202static void hostapd_send_nei_report_resp(struct hostapd_data *hapd,
203 const u8 *addr, u8 dialog_token,
204 struct wpa_ssid_value *ssid, u8 lci,
205 u8 civic, u16 lci_max_age)
206{
207 struct hostapd_neighbor_entry *nr;
208 struct wpabuf *buf;
209 u8 *msmt_token;
210
211 /*
212 * The number and length of the Neighbor Report elements in a Neighbor
213 * Report frame is limited by the maximum allowed MMPDU size; + 3 bytes
214 * of RRM header.
215 */
216 buf = wpabuf_alloc(3 + IEEE80211_MAX_MMPDU_SIZE);
217 if (!buf)
218 return;
219
220 wpabuf_put_u8(buf, WLAN_ACTION_RADIO_MEASUREMENT);
221 wpabuf_put_u8(buf, WLAN_RRM_NEIGHBOR_REPORT_RESPONSE);
222 wpabuf_put_u8(buf, dialog_token);
223
224 dl_list_for_each(nr, &hapd->nr_db, struct hostapd_neighbor_entry,
225 list) {
226 int send_lci;
227 size_t len;
228
229 if (ssid->ssid_len != nr->ssid.ssid_len ||
230 os_memcmp(ssid->ssid, nr->ssid.ssid, ssid->ssid_len) != 0)
231 continue;
232
233 send_lci = (lci != 0) && hostapd_check_lci_age(nr, lci_max_age);
234 len = hostapd_neighbor_report_len(buf, nr, send_lci, civic);
235
236 if (len - 2 > 0xff) {
237 wpa_printf(MSG_DEBUG,
238 "NR entry for " MACSTR " exceeds 0xFF bytes",
239 MAC2STR(nr->bssid));
240 continue;
241 }
242
243 if (len > wpabuf_tailroom(buf))
244 break;
245
246 wpabuf_put_u8(buf, WLAN_EID_NEIGHBOR_REPORT);
247 wpabuf_put_u8(buf, len - 2);
248 wpabuf_put_buf(buf, nr->nr);
249
250 if (send_lci && nr->lci) {
251 wpabuf_put_u8(buf, WLAN_EID_MEASURE_REPORT);
252 wpabuf_put_u8(buf, wpabuf_len(nr->lci));
253 /*
254 * Override measurement token - the first byte of the
255 * Measurement Report element.
256 */
257 msmt_token = wpabuf_put(buf, 0);
258 wpabuf_put_buf(buf, nr->lci);
259 *msmt_token = lci;
260 }
261
262 if (civic && nr->civic) {
263 wpabuf_put_u8(buf, WLAN_EID_MEASURE_REPORT);
264 wpabuf_put_u8(buf, wpabuf_len(nr->civic));
265 /*
266 * Override measurement token - the first byte of the
267 * Measurement Report element.
268 */
269 msmt_token = wpabuf_put(buf, 0);
270 wpabuf_put_buf(buf, nr->civic);
271 *msmt_token = civic;
272 }
273 }
274
275 hapd->openwrt_stats.rrm.neighbor_report_tx++;
276
277 hostapd_drv_send_action(hapd, hapd->iface->freq, 0, addr,
278 wpabuf_head(buf), wpabuf_len(buf));
279 wpabuf_free(buf);
280}
281
282
283static void hostapd_handle_nei_report_req(struct hostapd_data *hapd,
284 const u8 *buf, size_t len)
285{
286 const struct ieee80211_mgmt *mgmt = (const struct ieee80211_mgmt *) buf;
287 const u8 *pos, *ie, *end;
288 struct wpa_ssid_value ssid = {
289 .ssid_len = 0
290 };
291 u8 token;
292 u8 lci = 0, civic = 0; /* Measurement tokens */
293 u16 lci_max_age = 0;
294
295 if (!(hapd->conf->radio_measurements[0] &
296 WLAN_RRM_CAPS_NEIGHBOR_REPORT))
297 return;
298
299 end = buf + len;
300
301 token = mgmt->u.action.u.rrm.dialog_token;
302 pos = mgmt->u.action.u.rrm.variable;
303 len = end - pos;
304
305 ie = get_ie(pos, len, WLAN_EID_SSID);
306 if (ie && ie[1] && ie[1] <= SSID_MAX_LEN) {
307 ssid.ssid_len = ie[1];
308 os_memcpy(ssid.ssid, ie + 2, ssid.ssid_len);
309 } else {
310 ssid.ssid_len = hapd->conf->ssid.ssid_len;
311 os_memcpy(ssid.ssid, hapd->conf->ssid.ssid, ssid.ssid_len);
312 }
313
314 while ((ie = get_ie(pos, len, WLAN_EID_MEASURE_REQUEST))) {
315 if (ie[1] < 3)
316 break;
317
318 wpa_printf(MSG_DEBUG,
319 "Neighbor report request, measure type %u",
320 ie[4]);
321
322 switch (ie[4]) { /* Measurement Type */
323 case MEASURE_TYPE_LCI:
324 lci = ie[2]; /* Measurement Token */
325 lci_max_age = hostapd_parse_location_lci_req_age(ie + 2,
326 ie[1]);
327 break;
328 case MEASURE_TYPE_LOCATION_CIVIC:
329 civic = ie[2]; /* Measurement token */
330 break;
331 }
332
333 pos = ie + ie[1] + 2;
334 len = end - pos;
335 }
336
337 hostapd_send_nei_report_resp(hapd, mgmt->sa, token, &ssid, lci, civic,
338 lci_max_age);
339}
340
341
342void hostapd_handle_radio_measurement(struct hostapd_data *hapd,
343 const u8 *buf, size_t len)
344{
345 const struct ieee80211_mgmt *mgmt = (const struct ieee80211_mgmt *) buf;
346
347 /*
348 * Check for enough bytes: header + (1B)Category + (1B)Action +
349 * (1B)Dialog Token.
350 */
351 if (len < IEEE80211_HDRLEN + 3)
352 return;
353
354 wpa_printf(MSG_DEBUG, "Radio measurement frame, action %u from " MACSTR,
355 mgmt->u.action.u.rrm.action, MAC2STR(mgmt->sa));
356
357 switch (mgmt->u.action.u.rrm.action) {
358 case WLAN_RRM_LINK_MEASUREMENT_REPORT:
359 hostapd_ubus_handle_link_measurement(hapd, buf, len);
360 break;
361 case WLAN_RRM_RADIO_MEASUREMENT_REPORT:
362 hostapd_handle_radio_msmt_report(hapd, buf, len);
363 break;
364 case WLAN_RRM_NEIGHBOR_REPORT_REQUEST:
365 hostapd_handle_nei_report_req(hapd, buf, len);
366 break;
367 default:
368 wpa_printf(MSG_DEBUG, "RRM action %u is not supported",
369 mgmt->u.action.u.rrm.action);
370 break;
371 }
372}
373
374
375int hostapd_send_lci_req(struct hostapd_data *hapd, const u8 *addr)
376{
377 struct wpabuf *buf;
378 struct sta_info *sta = ap_get_sta(hapd, addr);
379 int ret;
380
381 if (!sta || !(sta->flags & WLAN_STA_AUTHORIZED)) {
382 wpa_printf(MSG_INFO,
383 "Request LCI: Destination address is not connected");
384 return -1;
385 }
386
387 if (!(sta->rrm_enabled_capa[1] & WLAN_RRM_CAPS_LCI_MEASUREMENT)) {
388 wpa_printf(MSG_INFO,
389 "Request LCI: Station does not support LCI in RRM");
390 return -1;
391 }
392
393 if (hapd->lci_req_active) {
394 wpa_printf(MSG_DEBUG,
395 "Request LCI: LCI request is already in process, overriding");
396 hapd->lci_req_active = 0;
397 eloop_cancel_timeout(hostapd_lci_rep_timeout_handler, hapd,
398 NULL);
399 }
400
401 /* Measurement request (5) + Measurement element with LCI (10) */
402 buf = wpabuf_alloc(5 + 10);
403 if (!buf)
404 return -1;
405
406 hapd->lci_req_token++;
407 /* For wraparounds - the token must be nonzero */
408 if (!hapd->lci_req_token)
409 hapd->lci_req_token++;
410
411 wpabuf_put_u8(buf, WLAN_ACTION_RADIO_MEASUREMENT);
412 wpabuf_put_u8(buf, WLAN_RRM_RADIO_MEASUREMENT_REQUEST);
413 wpabuf_put_u8(buf, hapd->lci_req_token);
414 wpabuf_put_le16(buf, 0); /* Number of repetitions */
415
416 wpabuf_put_u8(buf, WLAN_EID_MEASURE_REQUEST);
417 wpabuf_put_u8(buf, 3 + 1 + 4);
418
419 wpabuf_put_u8(buf, 1); /* Measurement Token */
420 /*
421 * Parallel and Enable bits are 0, Duration, Request, and Report are
422 * reserved.
423 */
424 wpabuf_put_u8(buf, 0);
425 wpabuf_put_u8(buf, MEASURE_TYPE_LCI);
426
427 wpabuf_put_u8(buf, LOCATION_SUBJECT_REMOTE);
428
429 wpabuf_put_u8(buf, LCI_REQ_SUBELEM_MAX_AGE);
430 wpabuf_put_u8(buf, 2);
431 wpabuf_put_le16(buf, 0xffff);
432
433 ret = hostapd_drv_send_action(hapd, hapd->iface->freq, 0, addr,
434 wpabuf_head(buf), wpabuf_len(buf));
435 wpabuf_free(buf);
436 if (ret)
437 return ret;
438
439 hapd->lci_req_active = 1;
440
441 eloop_register_timeout(HOSTAPD_RRM_REQUEST_TIMEOUT, 0,
442 hostapd_lci_rep_timeout_handler, hapd, NULL);
443
444 return 0;
445}
446
447
448int hostapd_send_range_req(struct hostapd_data *hapd, const u8 *addr,
449 u16 random_interval, u8 min_ap,
450 const u8 *responders, unsigned int n_responders)
451{
452 struct wpabuf *buf;
453 struct sta_info *sta;
454 u8 *len;
455 unsigned int i;
456 int ret;
457
458 wpa_printf(MSG_DEBUG, "Request range: dest addr " MACSTR
459 " rand interval %u min AP %u n_responders %u", MAC2STR(addr),
460 random_interval, min_ap, n_responders);
461
462 if (min_ap == 0 || min_ap > n_responders) {
463 wpa_printf(MSG_INFO, "Request range: Wrong min AP count");
464 return -1;
465 }
466
467 sta = ap_get_sta(hapd, addr);
468 if (!sta || !(sta->flags & WLAN_STA_AUTHORIZED)) {
469 wpa_printf(MSG_INFO,
470 "Request range: Destination address is not connected");
471 return -1;
472 }
473
474 if (!(sta->rrm_enabled_capa[4] & WLAN_RRM_CAPS_FTM_RANGE_REPORT)) {
475 wpa_printf(MSG_ERROR,
476 "Request range: Destination station does not support FTM range report in RRM");
477 return -1;
478 }
479
480 if (hapd->range_req_active) {
481 wpa_printf(MSG_DEBUG,
482 "Request range: Range request is already in process; overriding");
483 hapd->range_req_active = 0;
484 eloop_cancel_timeout(hostapd_range_rep_timeout_handler, hapd,
485 NULL);
486 }
487
488 /* Action + measurement type + token + reps + EID + len = 7 */
489 buf = wpabuf_alloc(7 + 255);
490 if (!buf)
491 return -1;
492
493 hapd->range_req_token++;
494 if (!hapd->range_req_token) /* For wraparounds */
495 hapd->range_req_token++;
496
497 /* IEEE P802.11-REVmc/D5.0, 9.6.7.2 */
498 wpabuf_put_u8(buf, WLAN_ACTION_RADIO_MEASUREMENT);
499 wpabuf_put_u8(buf, WLAN_RRM_RADIO_MEASUREMENT_REQUEST);
500 wpabuf_put_u8(buf, hapd->range_req_token); /* Dialog Token */
501 wpabuf_put_le16(buf, 0); /* Number of Repetitions */
502
503 /* IEEE P802.11-REVmc/D5.0, 9.4.2.21 */
504 wpabuf_put_u8(buf, WLAN_EID_MEASURE_REQUEST);
505 len = wpabuf_put(buf, 1); /* Length will be set later */
506
507 wpabuf_put_u8(buf, 1); /* Measurement Token */
508 /*
509 * Parallel and Enable bits are 0; Duration, Request, and Report are
510 * reserved.
511 */
512 wpabuf_put_u8(buf, 0); /* Measurement Request Mode */
513 wpabuf_put_u8(buf, MEASURE_TYPE_FTM_RANGE); /* Measurement Type */
514
515 /* IEEE P802.11-REVmc/D5.0, 9.4.2.21.19 */
516 wpabuf_put_le16(buf, random_interval); /* Randomization Interval */
517 wpabuf_put_u8(buf, min_ap); /* Minimum AP Count */
518
519 /* FTM Range Subelements */
520
521 /*
522 * Taking the neighbor report part of the range request from neighbor
523 * database instead of requesting the separate bits of data from the
524 * user.
525 */
526 for (i = 0; i < n_responders; i++) {
527 struct hostapd_neighbor_entry *nr;
528
529 nr = hostapd_neighbor_get(hapd, responders + ETH_ALEN * i,
530 NULL);
531 if (!nr) {
532 wpa_printf(MSG_INFO, "Missing neighbor report for "
533 MACSTR, MAC2STR(responders + ETH_ALEN * i));
534 wpabuf_free(buf);
535 return -1;
536 }
537
538 if (wpabuf_tailroom(buf) < 2 + wpabuf_len(nr->nr)) {
539 wpa_printf(MSG_ERROR, "Too long range request");
540 wpabuf_free(buf);
541 return -1;
542 }
543
544 wpabuf_put_u8(buf, WLAN_EID_NEIGHBOR_REPORT);
545 wpabuf_put_u8(buf, wpabuf_len(nr->nr));
546 wpabuf_put_buf(buf, nr->nr);
547 }
548
549 /* Action + measurement type + token + reps + EID + len = 7 */
550 *len = wpabuf_len(buf) - 7;
551
552 ret = hostapd_drv_send_action(hapd, hapd->iface->freq, 0, addr,
553 wpabuf_head(buf), wpabuf_len(buf));
554 wpabuf_free(buf);
555 if (ret)
556 return ret;
557
558 hapd->range_req_active = 1;
559
560 eloop_register_timeout(HOSTAPD_RRM_REQUEST_TIMEOUT, 0,
561 hostapd_range_rep_timeout_handler, hapd, NULL);
562
563 return 0;
564}
565
566
567void hostapd_clean_rrm(struct hostapd_data *hapd)
568{
569 hostapd_free_neighbor_db(hapd);
570 eloop_cancel_timeout(hostapd_lci_rep_timeout_handler, hapd, NULL);
571 hapd->lci_req_active = 0;
572 eloop_cancel_timeout(hostapd_range_rep_timeout_handler, hapd, NULL);
573 hapd->range_req_active = 0;
574}
575
576
577int hostapd_send_beacon_req(struct hostapd_data *hapd, const u8 *addr,
578 u8 req_mode, const struct wpabuf *req)
579{
580 struct wpabuf *buf;
581 struct sta_info *sta = ap_get_sta(hapd, addr);
582 int ret;
583 enum beacon_report_mode mode;
584 const u8 *pos;
585
586 /* Request data:
587 * Operating Class (1), Channel Number (1), Randomization Interval (2),
588 * Measurement Duration (2), Measurement Mode (1), BSSID (6),
589 * Optional Subelements (variable)
590 */
591 if (wpabuf_len(req) < 13) {
592 wpa_printf(MSG_INFO, "Beacon request: Too short request data");
593 return -1;
594 }
595 pos = wpabuf_head(req);
596 mode = pos[6];
597
598 if (!sta || !(sta->flags & WLAN_STA_AUTHORIZED)) {
599 wpa_printf(MSG_INFO,
600 "Beacon request: " MACSTR " is not connected",
601 MAC2STR(addr));
602 return -1;
603 }
604
605 switch (mode) {
606 case BEACON_REPORT_MODE_PASSIVE:
607 if (!(sta->rrm_enabled_capa[0] &
608 WLAN_RRM_CAPS_BEACON_REPORT_PASSIVE)) {
609 wpa_printf(MSG_INFO,
610 "Beacon request: " MACSTR
611 " does not support passive beacon report",
612 MAC2STR(addr));
613 return -1;
614 }
615 break;
616 case BEACON_REPORT_MODE_ACTIVE:
617 if (!(sta->rrm_enabled_capa[0] &
618 WLAN_RRM_CAPS_BEACON_REPORT_ACTIVE)) {
619 wpa_printf(MSG_INFO,
620 "Beacon request: " MACSTR
621 " does not support active beacon report",
622 MAC2STR(addr));
623 return -1;
624 }
625 break;
626 case BEACON_REPORT_MODE_TABLE:
627 if (!(sta->rrm_enabled_capa[0] &
628 WLAN_RRM_CAPS_BEACON_REPORT_TABLE)) {
629 wpa_printf(MSG_INFO,
630 "Beacon request: " MACSTR
631 " does not support table beacon report",
632 MAC2STR(addr));
633 return -1;
634 }
635 break;
636 default:
637 wpa_printf(MSG_INFO,
638 "Beacon request: Unknown measurement mode %d", mode);
639 return -1;
640 }
641
642 buf = wpabuf_alloc(5 + 2 + 3 + wpabuf_len(req));
643 if (!buf)
644 return -1;
645
646 hapd->beacon_req_token++;
647 if (!hapd->beacon_req_token)
648 hapd->beacon_req_token++;
649
650 wpabuf_put_u8(buf, WLAN_ACTION_RADIO_MEASUREMENT);
651 wpabuf_put_u8(buf, WLAN_RRM_RADIO_MEASUREMENT_REQUEST);
652 wpabuf_put_u8(buf, hapd->beacon_req_token);
653 wpabuf_put_le16(buf, 0); /* Number of repetitions */
654
655 /* Measurement Request element */
656 wpabuf_put_u8(buf, WLAN_EID_MEASURE_REQUEST);
657 wpabuf_put_u8(buf, 3 + wpabuf_len(req));
658 wpabuf_put_u8(buf, 1); /* Measurement Token */
659 wpabuf_put_u8(buf, req_mode); /* Measurement Request Mode */
660 wpabuf_put_u8(buf, MEASURE_TYPE_BEACON); /* Measurement Type */
661 wpabuf_put_buf(buf, req);
662
663 ret = hostapd_drv_send_action(hapd, hapd->iface->freq, 0, addr,
664 wpabuf_head(buf), wpabuf_len(buf));
665 wpabuf_free(buf);
666 if (ret < 0)
667 return ret;
668
669 return hapd->beacon_req_token;
670}
671
672
673void hostapd_rrm_beacon_req_tx_status(struct hostapd_data *hapd,
674 const struct ieee80211_mgmt *mgmt,
675 size_t len, int ok)
676{
677 if (len < 24 + 3)
678 return;
679 wpa_msg(hapd->msg_ctx, MSG_INFO, BEACON_REQ_TX_STATUS MACSTR
680 " %u ack=%d", MAC2STR(mgmt->da),
681 mgmt->u.action.u.rrm.dialog_token, ok);
682}