Hello Jouni!
I have configured hostapd to provide multiple SSIDs at one phy
interface. And on every hostapd startup I see in hostapd logs
following errors:
May 13 09:20:30 turris hostapd: nl80211: Frame command failed: ret=-22 (Invalid argument) (freq=0 wait=0)
May 13 09:20:30 turris hostapd: handle_probe_req: send failed
May 13 09:20:30 turris hostapd: nl80211: Frame command failed: ret=-22 (Invalid argument) (freq=0 wait=0)
May 13 09:20:30 turris hostapd: handle_probe_req: send failed
May 13 09:20:30 turris hostapd: nl80211: Frame command failed: ret=-22 (Invalid argument) (freq=0 wait=0)
May 13 09:20:30 turris hostapd: handle_probe_req: send failed
May 13 09:20:30 turris hostapd: nl80211: Frame command failed: ret=-22 (Invalid argument) (freq=0 wait=0)
May 13 09:20:30 turris hostapd: handle_probe_req: send failed
May 13 09:20:30 turris hostapd: nl80211: Frame command failed: ret=-22 (Invalid argument) (freq=0 wait=0)
May 13 09:20:30 turris hostapd: handle_probe_req: send failed
May 13 09:20:30 turris hostapd: nl80211: Frame command failed: ret=-22 (Invalid argument) (freq=0 wait=0)
May 13 09:20:30 turris hostapd: handle_probe_req: send failed
May 13 09:20:33 turris hostapd: wlan1: ACS-COMPLETED freq=2452 channel=9
May 13 09:20:33 turris hostapd: wlan1: interface state ACS->HT_SCAN
May 13 09:20:35 turris hostapd: 20/40 MHz operation not permitted on channel pri=9 sec=13 based on overlapping BSSes
I tried to debug this issue, so I applied following patch for hostapd to
get more debug logs:
diff --git a/src/ap/beacon.c b/src/ap/beacon.c
index 47ced9a16..73f7cd464 100644
--- a/src/ap/beacon.c
+++ b/src/ap/beacon.c
@@ -794,6 +794,10 @@ void sta_track_claim_taxonomy_info(struct hostapd_iface *iface, const u8 *addr,
}
#endif /* CONFIG_TAXONOMY */
+static inline bool ieee80211_is_action(u16 fc)
+{
+ return WLAN_FC_GET_TYPE(host_to_le16(fc)) == WLAN_FC_TYPE_MGMT && WLAN_FC_GET_STYPE(host_to_le16(fc)) == WLAN_FC_STYPE_ACTION;
+}
void handle_probe_req(struct hostapd_data *hapd,
const struct ieee80211_mgmt *mgmt, size_t len,
@@ -1054,6 +1058,7 @@ void handle_probe_req(struct hostapd_data *hapd,
hapd->cs_c_off_ecsa_proberesp;
}
+ wpa_printf(MSG_INFO, "hostapd_drv_send_mlme_csa sa=" MACSTR " is_action=%d is_category_public=%d", MAC2STR(((struct ieee80211_mgmt *)resp)->sa), !!ieee80211_is_action(((struct ieee80211_mgmt *)resp)->frame_control), !!(((struct ieee80211_mgmt *)resp)->u.action.category == WLAN_ACTION_PUBLIC));
ret = hostapd_drv_send_mlme(hapd, resp, resp_len, noack,
csa_offs_len ? csa_offs : NULL,
csa_offs_len, 0);
And for "send failed" packets there are following debug lines:
hostapd_drv_send_mlme_csa sa=00:00:00:00:00:00 is_action=0 is_category_public=0
Which is really suspicious. Hostapd is trying to send mgmt frames with
zero source address.
I looked into relevant linux kernel source code and there is following
check in nl80211/mlme layer, file linux/net/wireless/mlme.c [1]:
int cfg80211_mlme_mgmt_tx(struct cfg80211_registered_device *rdev,
struct wireless_dev *wdev,
struct cfg80211_mgmt_tx_params *params, u64 *cookie)
{
...
if (!ether_addr_equal(mgmt->sa, wdev_address(wdev))) {
/* Allow random TA to be used with Public Action frames if the
* driver has indicated support for this. Otherwise, only allow
* the local address to be used.
*/
if (!ieee80211_is_action(mgmt->frame_control) ||
mgmt->u.action.category != WLAN_CATEGORY_PUBLIC)
return -EINVAL;
...
Note that this layer is driver-independent. I put kernel debug log prior
above return -EINVAL and I verified that this is the reason why hostapd
cannot send those mgtm packets with zero source address. It is
disallowed by Linux kernel when category of mgmt packet is not public.
I guess this is bug in hostapd code as it is trying to send invalid mgmt
packets which Linux kernel cannot process and send over the air.
Do you have any idea why hostapd is trying to do it? And is there some
easy fix for this problem?
Just to note that it happens for wifi card managed by mwifiex_sdio
driver as found in mainline kernel.
[1] - https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/net/wireless/mlme.c?h=v5.6#n675
_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap
