Merge pull request #730 from Telecominfraproject/main

RC2 changes
wireguard: change download URL to a mirror server
2025-10-29 17:42:41 +00:00 · 2024-09-30 12:55:20 -04:00 · 2024-09-30 15:36:46 +02:00 · 2024-09-29 16:24:38 +02:00 · 2024-09-27 15:42:30 +02:00 · 2024-09-23 14:57:21 +02:00
7145 changed files with 807049 additions and 1392811 deletions
--- a/.github/workflows/build-dev.yml
+++ b/.github/workflows/build-dev.yml
@@ -21,11 +21,16 @@ jobs:
    strategy:
      fail-fast: false
      matrix:
-        target: [ 'cig_wf186w', 'cig_wf188n-ca', 'cig_wf188n-ca-ath12', 'cig_wf188n-us', 'cig_wf196-us', 'cig_wf196-ca', 'cig_wf196-ca-ath12', 'cig_wf610d', 'cig_wf660a', 'cig_wf808', 'cybertan_eww622-a1', 'cybertan_eww631-a1', 'cybertan_eww631-b1', 'edgecore_eap101', 'edgecore_eap101-ath12', 'edgecore_eap102', 'edgecore_eap102-ath12', 'edgecore_eap104', 'edgecore_eap104-ath12', 'liteon_wpx8324', 'edgecore_ecs4100-12ph', 'edgecore_ecw5211', 'edgecore_ecw5410', 'edgecore_oap100', 'edgecore_oap101-6e', 'edgecore_oap101e', 'hfcl_ion4','hfcl_ion4xi_wp', 'hfcl_ion4xe', 'hfcl_ion4xi', 'hfcl_ion4x', 'hfcl_ion4x_2', 'hfcl_ion4xi_w', 'hfcl_ion4xi_HMR', 'hfcl_ion4x_w', 'indio_um-305ac', 'indio_um-305ax', 'indio_um-325ac', 'indio_um-510ac-v3', 'indio_um-550ac', 'indio_um-310ax-v1', 'indio_um-510axp-v1', 'indio_um-510axm-v1', 'udaya_a5-id2', 'wallys_dr40x9', 'wallys_dr6018', 'wallys_dr6018_v4', 'x64_vm', 'yuncore_ax840', 'yuncore_fap640', 'yuncore_fap650', 'yuncore_fap655' ]
+        target: [ 'cig_wf186h', 'cig_wf186w', 'cig_wf188n', 'cig_wf196', 'cig_wf189', 'cybertan_eww631-a1', 'cybertan_eww631-b1','sonicfi_rap630c-311g', 'sonicfi_rap630w-311g', 'sonicfi_rap630w-211g', 'edgecore_eap101', 'edgecore_eap102', 'edgecore_eap104', 'edgecore_eap105', 'edgecore_eap111', 'edgecore_eap112', 'edgecore_oap101', 'edgecore_oap101-6e', 'edgecore_oap101e', 'edgecore_oap101e-6e', 'hfcl_ion4xe', 'hfcl_ion4xi', 'hfcl_ion4x', 'hfcl_ion4x_2', 'hfcl_ion4x_3', 'hfcl_ion4xi_w', 'hfcl_ion4x_w', 'indio_um-305ax', 'sercomm_ap72tip', 'udaya_a6-id2', 'wallys_dr5018', 'wallys_dr6018', 'wallys_dr6018-v4', 'yuncore_ax820', 'yuncore_ax840', 'yuncore_fap640', 'yuncore_fap650', 'yuncore_fap655' ]

    steps:
    - uses: actions/checkout@v3

+    # Clean unnecessary files to save disk space
+    - name: clean unncessary files to save space
+      run: |
+        docker rmi `docker images -q`
+
    - name: Build image for ${{ matrix.target }}
      id: build
      run: |
--- a/28
+++ b/28
@@ -0,0 +1,28 @@
+BSD 3-Clause License
+
+Copyright (c) 2024, Telecom Infra Project
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+1. Redistributions of source code must retain the above copyright notice, this
+   list of conditions and the following disclaimer.
+
+2. Redistributions in binary form must reproduce the above copyright notice,
+   this list of conditions and the following disclaimer in the documentation
+   and/or other materials provided with the distribution.
+
+3. Neither the name of the copyright holder nor the names of its
+   contributors may be used to endorse or promote products derived from
+   this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
--- a/config.yml
+++ b/config.yml
@@ -1,16 +1,7 @@
 repo:  https://github.com/openwrt/openwrt.git
-branch: openwrt-21.02
-revision: c67509efd7d0c43eb3f622f06c8a31aa28d22f6e
+branch: openwrt-23.05
+revision: e92cf0c46ffe3ac7fca936c18577bfb19eb4ce9e
 output_dir: ./output

 patch_folders:
-  - patches/backports/
-  - patches/base
-  - patches/wifi
-  - patches/ath79
-  - patches/ramips
-  - patches/ipq40xx
-  - patches/ipq806x
-  - patches/ipq807x
-  - patches/rest
-  - patches/x86
+  - patches
--- a/feeds/bluetooth/nrf52840/files/etc/init.d/nrf52840
+++ b/feeds/bluetooth/nrf52840/files/etc/init.d/nrf52840
@@ -5,7 +5,8 @@ START=80
 boot() {
 	. /lib/functions/system.sh
 	case $(board_name) in
-	edgecore,eap102)
+	edgecore,eap102|\
+	edgecore,oap102)
 		echo 54 > /sys/class/gpio/export
 		echo out > /sys/class/gpio/gpio54/direction
 		echo 0 > /sys/class/gpio/gpio54/value
--- a/feeds/hfcl/hfcl/Makefile
+++ b/feeds/hfcl/hfcl/Makefile
@@ -0,0 +1,29 @@
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=hfcl
+PKG_VERSION:=1.0
+PKG_BUILD_DIR:= $(BUILD_DIR)/$(PKG_NAME)
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/hfcl
+        SECTION:=base
+        CATEGORY:=Utilities
+        TITLE:=hfcl
+endef
+
+define Build/Prepare
+        mkdir -p $(PKG_BUILD_DIR)
+endef
+
+define Build/Compile/Default
+
+endef
+
+Build/Compile = $(Build/Compile/Default)
+
+define Package/hfcl/install
+	cp -rf ./files/* $(1)
+endef
+
+$(eval $(call BuildPackage,hfcl))
--- a/feeds/hfcl/hfcl/files/etc/ucentral_check.sh
+++ b/feeds/hfcl/hfcl/files/etc/ucentral_check.sh
@@ -0,0 +1,43 @@
+#!/bin/sh
+echo "Start Websocket check/recovery script"
+
+ucentral_conn=$(netstat -atulpn | grep -i ucentral | awk '{print $6}')
+hostname_AP=$(uci get system.@system[0].hostname)
+uc_file_check=$(du /etc/config/ucentral | awk '{print $1}' )
+sleep 20
+
+curr_date=$(date)
+
+if [[ "$uc_file_check" = 0 ]]
+then
+	echo "[[$curr_date]]  empty ucentral file found, need to factory reset"
+	ubi_mount=$(mount | grep ubifs | grep noatime | awk '{print $1}')
+	if [[ "$ubi_mount" != "/dev/ubi0_3" ]]
+	then
+		echo "[[$curr_date]]  ubifs not mounted, need to reboot before factory reset, mount was $ubi_mount"
+		/sbin/reboot
+	else
+		/sbin/jffs2reset -y -r
+	fi
+elif [[ "$hostname_AP" = "OpenWrt" ]]
+then
+	echo "[[$curr_date]] hostname set to openwrt, doing ucentral and capabilities load"
+	/usr/share/ucentral/capabilities.uc
+	rlink=$(readlink -f /etc/ucentral/ucentral.active)
+	/usr/share/ucentral/ucentral.uc /etc/ucentral/ucentral.active
+	rm -rf /etc/ucentral/ucentral.active
+	ln -s $rlink /etc/ucentral/ucentral.active
+	sleep 60
+	ucentral_check=$(netstat -atulpn | grep -i ucentral | awk '{print $6}')
+	if [[ "$ucentral_check" != "ESTABLIHED" ]]
+	then
+		echo "[[$curr_date]] loading didn't work, need to factory reset"
+		/sbin/jffs2reset -y -r
+	fi
+elif [[ "$ucentral_conn" != "ESTABLISHED" ]]
+then
+	echo "[[$curr_date]]  Ucentral either crashed or stopped, restarting the same"
+        /etc/init.d/ucentral restart
+else
+        echo "[[$curr_date]]  Ucentral working all fine, nothing to do"
+fi
--- a/feeds/hfcl/hfcl/files/etc/uci-defaults/abc-hfcl-ucentral
+++ b/feeds/hfcl/hfcl/files/etc/uci-defaults/abc-hfcl-ucentral
@@ -0,0 +1,18 @@
+#!/bin/sh
+
+#rm -f /etc/rc.local
+#cp -f /etc/loop.local /etc/rc.local
+
+crontab -r
+
+/etc/init.d/cron enable
+
+/etc/init.d/cron start
+
+sleep 60
+
+crontab -l | { cat; echo "*/3 * * * * /bin/sh /etc/ucentral_check.sh >> /tmp/ucentral_check";} | crontab -
+
+crontab -l | { cat; echo "* */4 * * * rm -rf /tmp/ucentral_check";} | crontab -
+
+/etc/init.d/cron restart
--- a/feeds/hostapd/hostapd/Config.in
+++ b/feeds/hostapd/hostapd/Config.in
@@ -0,0 +1,108 @@
+# wpa_supplicant config
+config WPA_RFKILL_SUPPORT
+	bool "Add rfkill support"
+	depends on PACKAGE_wpa-supplicant || \
+		   PACKAGE_wpa-supplicant-openssl || \
+		   PACKAGE_wpa-supplicant-wolfssl || \
+		   PACKAGE_wpa-supplicant-mbedtls || \
+		   PACKAGE_wpa-supplicant-mesh-openssl || \
+		   PACKAGE_wpa-supplicant-mesh-wolfssl || \
+		   PACKAGE_wpa-supplicant-mesh-mbedtls || \
+		   PACKAGE_wpa-supplicant-basic || \
+		   PACKAGE_wpa-supplicant-mini || \
+		   PACKAGE_wpa-supplicant-p2p || \
+		   PACKAGE_wpad || \
+		   PACKAGE_wpad-openssl || \
+		   PACKAGE_wpad-wolfssl || \
+		   PACKAGE_wpad-mbedtls || \
+		   PACKAGE_wpad-basic || \
+		   PACKAGE_wpad-basic-openssl || \
+		   PACKAGE_wpad-basic-wolfssl || \
+		   PACKAGE_wpad-basic-mbedtls || \
+		   PACKAGE_wpad-mini || \
+		   PACKAGE_wpad-mesh-openssl || \
+		   PACKAGE_wpad-mesh-wolfssl || \
+		   PACKAGE_wpad-mesh-mbedtls
+	default n
+
+config WPA_MSG_MIN_PRIORITY
+	int "Minimum debug message priority"
+	depends on PACKAGE_wpa-supplicant || \
+		   PACKAGE_wpa-supplicant-openssl || \
+		   PACKAGE_wpa-supplicant-wolfssl || \
+		   PACKAGE_wpa-supplicant-mbedtls || \
+		   PACKAGE_wpa-supplicant-mesh-openssl || \
+		   PACKAGE_wpa-supplicant-mesh-wolfssl || \
+		   PACKAGE_wpa-supplicant-mesh-mbedtls || \
+		   PACKAGE_wpa-supplicant-basic || \
+		   PACKAGE_wpa-supplicant-mini || \
+		   PACKAGE_wpa-supplicant-p2p || \
+		   PACKAGE_wpad || \
+		   PACKAGE_wpad-openssl || \
+		   PACKAGE_wpad-wolfssl || \
+		   PACKAGE_wpad-mbedtls || \
+		   PACKAGE_wpad-basic || \
+		   PACKAGE_wpad-basic-openssl || \
+		   PACKAGE_wpad-basic-wolfssl || \
+		   PACKAGE_wpad-basic-mbedtls || \
+		   PACKAGE_wpad-mini || \
+		   PACKAGE_wpad-mesh-openssl || \
+		   PACKAGE_wpad-mesh-wolfssl || \
+		   PACKAGE_wpad-mesh-mbedtls
+	default 3
+	help
+	  Useful values are:
+	    0 = all messages
+		1 = raw message dumps
+		2 = most debugging messages
+		3 = info messages
+		4 = warnings
+		5 = errors
+
+config WPA_WOLFSSL
+	bool
+	default PACKAGE_wpa-supplicant-wolfssl ||\
+	        PACKAGE_wpad-wolfssl ||\
+	        PACKAGE_wpad-basic-wolfssl || \
+	        PACKAGE_wpad-mesh-wolfssl ||\
+	        PACKAGE_eapol-test-wolfssl
+	select WOLFSSL_HAS_AES_CCM
+	select WOLFSSL_HAS_ARC4
+	select WOLFSSL_HAS_DH
+	select WOLFSSL_HAS_OCSP
+	select WOLFSSL_HAS_SESSION_TICKET
+	select WOLFSSL_HAS_WPAS
+
+config DRIVER_11AC_SUPPORT
+	bool
+	default n
+
+config DRIVER_11AX_SUPPORT
+	bool
+	default n
+	select WPA_MBO_SUPPORT
+
+config WPA_ENABLE_WEP
+	bool "Enable support for unsecure and obsolete WEP"
+	help
+	  Wired equivalent privacy (WEP) is an obsolete cryptographic data
+	  confidentiality algorithm that is not considered secure. It should not be used
+	  for anything anymore. The functionality needed to use WEP is available in the
+	  current hostapd release under this optional build parameter and completely
+	  removed in a future release.
+
+config WPA_MBO_SUPPORT
+	bool "Multi Band Operation (Agile Multiband)"
+	default PACKAGE_wpa-supplicant || \
+		PACKAGE_wpa-supplicant-openssl || \
+		PACKAGE_wpa-supplicant-wolfssl || \
+		PACKAGE_wpa-supplicant-mbedtls || \
+		PACKAGE_wpad || \
+		PACKAGE_wpad-openssl || \
+		PACKAGE_wpad-wolfssl || \
+		PACKAGE_wpad-mbedtls
+	help
+	  Multi Band Operation aka (Agile Multiband) enables features
+	  that facilitate efficient use of multiple frequency bands.
+	  Enabling MBO on an AP using RSN requires 802.11w to be enabled.
+	  Hostapd will refuse to start if MBO and RSN are enabled without 11w.
--- a/feeds/hostapd/hostapd/Makefile
+++ b/feeds/hostapd/hostapd/Makefile
@@ -0,0 +1,851 @@
+# SPDX-License-Identifier: GPL-2.0-only
+#
+# Copyright (C) 2006-2021 OpenWrt.org
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=hostapd
+PKG_RELEASE:=4
+
+PKG_SOURCE_URL:=http://w1.fi/hostap.git
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_DATE:=2023-09-08
+PKG_SOURCE_VERSION:=e5ccbfc69ecf297590341ae8b461edba9d8e964c
+PKG_MIRROR_HASH:=fcc6550f46c7f8bbdbf71e63f8f699b9a0878565ad1b90a17855f5ec21283b8f
+
+PKG_MAINTAINER:=Felix Fietkau <nbd@nbd.name>
+PKG_LICENSE:=BSD-3-Clause
+PKG_CPE_ID:=cpe:/a:w1.fi:hostapd
+
+PKG_BUILD_PARALLEL:=1
+PKG_ASLR_PIE_REGULAR:=1
+
+PKG_CONFIG_DEPENDS:= \
+	CONFIG_PACKAGE_hostapd \
+	CONFIG_PACKAGE_hostapd-basic \
+	CONFIG_PACKAGE_hostapd-mini \
+	CONFIG_WPA_RFKILL_SUPPORT \
+	CONFIG_DRIVER_11AC_SUPPORT \
+	CONFIG_DRIVER_11AX_SUPPORT \
+	CONFIG_WPA_ENABLE_WEP
+
+PKG_BUILD_FLAGS:=gc-sections lto
+
+EAPOL_TEST_PROVIDERS:=eapol-test eapol-test-openssl eapol-test-wolfssl
+
+SUPPLICANT_PROVIDERS:=
+HOSTAPD_PROVIDERS:=
+
+LOCAL_TYPE=$(strip \
+		$(if $(findstring wpad,$(BUILD_VARIANT)),wpad, \
+		$(if $(findstring supplicant,$(BUILD_VARIANT)),supplicant, \
+		hostapd \
+		)))
+
+LOCAL_AND_LIB_VARIANT=$(patsubst hostapd-%,%,\
+		      $(patsubst wpad-%,%,\
+		      $(patsubst supplicant-%,%,\
+		      $(BUILD_VARIANT)\
+		      )))
+
+LOCAL_VARIANT=$(patsubst %-internal,%,\
+	      $(patsubst %-openssl,%,\
+	      $(patsubst %-wolfssl,%,\
+	      $(patsubst %-mbedtls,%,\
+	      $(LOCAL_AND_LIB_VARIANT)\
+	      ))))
+
+SSL_VARIANT=$(strip \
+		$(if $(findstring openssl,$(LOCAL_AND_LIB_VARIANT)),openssl,\
+		$(if $(findstring wolfssl,$(LOCAL_AND_LIB_VARIANT)),wolfssl,\
+		$(if $(findstring mbedtls,$(LOCAL_AND_LIB_VARIANT)),mbedtls,\
+		internal\
+		))))
+
+CONFIG_VARIANT:=$(LOCAL_VARIANT)
+ifeq ($(LOCAL_VARIANT),mesh)
+  CONFIG_VARIANT:=full
+endif
+
+include $(INCLUDE_DIR)/package.mk
+
+STAMP_CONFIGURED:=$(STAMP_CONFIGURED)_$(CONFIG_WPA_MSG_MIN_PRIORITY)
+
+ifneq ($(CONFIG_DRIVER_11AC_SUPPORT),)
+  HOSTAPD_IEEE80211AC:=y
+endif
+
+ifneq ($(CONFIG_DRIVER_11AX_SUPPORT),)
+  HOSTAPD_IEEE80211AX:=y
+endif
+
+CORE_DEPENDS = +ucode +libubus +libucode +ucode-mod-fs +ucode-mod-nl80211 +ucode-mod-rtnl +ucode-mod-ubus +ucode-mod-uloop +libblobmsg-json
+OPENSSL_DEPENDS = +PACKAGE_$(1):libopenssl +PACKAGE_$(1):libopenssl-legacy
+
+DRIVER_MAKEOPTS= \
+	CONFIG_ACS=y CONFIG_DRIVER_NL80211=y \
+	CONFIG_IEEE80211AC=$(HOSTAPD_IEEE80211AC) \
+	CONFIG_IEEE80211AX=$(HOSTAPD_IEEE80211AX) \
+	CONFIG_MBO=$(CONFIG_WPA_MBO_SUPPORT) \
+	CONFIG_UCODE=y
+
+ifeq ($(SSL_VARIANT),openssl)
+  DRIVER_MAKEOPTS += CONFIG_TLS=openssl CONFIG_SAE=y
+  TARGET_LDFLAGS += -lcrypto -lssl
+
+  ifeq ($(LOCAL_VARIANT),basic)
+    DRIVER_MAKEOPTS += CONFIG_OWE=y
+  endif
+  ifeq ($(LOCAL_VARIANT),mesh)
+    DRIVER_MAKEOPTS += CONFIG_AP=y CONFIG_MESH=y
+  endif
+  ifeq ($(LOCAL_VARIANT),full)
+    DRIVER_MAKEOPTS += CONFIG_OWE=y CONFIG_SUITEB192=y CONFIG_AP=y CONFIG_MESH=y
+  endif
+endif
+
+ifeq ($(SSL_VARIANT),wolfssl)
+  DRIVER_MAKEOPTS += CONFIG_TLS=wolfssl CONFIG_SAE=y
+  TARGET_LDFLAGS += -lwolfssl
+
+  ifeq ($(LOCAL_VARIANT),basic)
+    DRIVER_MAKEOPTS += CONFIG_OWE=y
+  endif
+  ifeq ($(LOCAL_VARIANT),mesh)
+    DRIVER_MAKEOPTS += CONFIG_AP=y CONFIG_MESH=y CONFIG_WPS_NFC=1
+  endif
+  ifeq ($(LOCAL_VARIANT),full)
+    DRIVER_MAKEOPTS += CONFIG_OWE=y CONFIG_SUITEB192=y CONFIG_AP=y CONFIG_MESH=y CONFIG_WPS_NFC=1
+  endif
+endif
+
+ifeq ($(SSL_VARIANT),mbedtls)
+  DRIVER_MAKEOPTS += CONFIG_TLS=mbedtls CONFIG_SAE=y
+  TARGET_LDFLAGS += -lmbedcrypto -lmbedx509 -lmbedtls
+
+  ifeq ($(LOCAL_VARIANT),basic)
+    DRIVER_MAKEOPTS += CONFIG_OWE=y
+  endif
+  ifeq ($(LOCAL_VARIANT),mesh)
+    DRIVER_MAKEOPTS += CONFIG_AP=y CONFIG_MESH=y CONFIG_WPS_NFC=1
+  endif
+  ifeq ($(LOCAL_VARIANT),full)
+    DRIVER_MAKEOPTS += CONFIG_OWE=y CONFIG_SUITEB192=y CONFIG_AP=y CONFIG_MESH=y CONFIG_WPS_NFC=1
+  endif
+endif
+
+ifneq ($(LOCAL_TYPE),hostapd)
+  ifdef CONFIG_WPA_RFKILL_SUPPORT
+    DRIVER_MAKEOPTS += NEED_RFKILL=y
+  endif
+endif
+
+DRV_DEPENDS:=+libnl-tiny
+
+
+define Package/hostapd/Default
+  SECTION:=net
+  CATEGORY:=Network
+  SUBMENU:=WirelessAPD
+  TITLE:=IEEE 802.1x Authenticator
+  URL:=http://hostap.epitest.fi/
+  DEPENDS:=$(DRV_DEPENDS) +hostapd-common $(CORE_DEPENDS)
+  EXTRA_DEPENDS:=hostapd-common (=$(PKG_VERSION)-$(PKG_RELEASE))
+  USERID:=network=101:network=101
+  PROVIDES:=hostapd
+  CONFLICTS:=$(HOSTAPD_PROVIDERS)
+  HOSTAPD_PROVIDERS+=$(1)
+endef
+
+define Package/hostapd
+$(call Package/hostapd/Default,$(1))
+  TITLE+= (built-in full)
+  VARIANT:=full-internal
+endef
+
+define Package/hostapd/description
+ This package contains a full featured IEEE 802.1x/WPA/EAP/RADIUS
+ Authenticator.
+endef
+
+define Package/hostapd-openssl
+$(call Package/hostapd/Default,$(1))
+  TITLE+= (OpenSSL full)
+  VARIANT:=full-openssl
+  DEPENDS+=$(OPENSSL_DEPENDS)
+endef
+
+Package/hostapd-openssl/description = $(Package/hostapd/description)
+
+define Package/hostapd-wolfssl
+$(call Package/hostapd/Default,$(1))
+  TITLE+= (wolfSSL full)
+  VARIANT:=full-wolfssl
+  DEPENDS+=+PACKAGE_hostapd-wolfssl:libwolfssl
+endef
+
+Package/hostapd-wolfssl/description = $(Package/hostapd/description)
+
+define Package/hostapd-mbedtls
+$(call Package/hostapd/Default,$(1))
+  TITLE+= (mbedTLS full)
+  VARIANT:=full-mbedtls
+  DEPENDS+=+PACKAGE_hostapd-mbedtls:libmbedtls
+endef
+
+Package/hostapd-mbedtls/description = $(Package/hostapd/description)
+
+define Package/hostapd-basic
+$(call Package/hostapd/Default,$(1))
+  TITLE+= (WPA-PSK, 11r, 11w)
+  VARIANT:=basic
+endef
+
+define Package/hostapd-basic/description
+ This package contains a basic IEEE 802.1x/WPA Authenticator with WPA-PSK, 802.11r and 802.11w support.
+endef
+
+define Package/hostapd-basic-openssl
+$(call Package/hostapd/Default,$(1))
+  TITLE+= (WPA-PSK, 11r and 11w)
+  VARIANT:=basic-openssl
+  DEPENDS+=+PACKAGE_hostapd-basic-openssl:libopenssl
+endef
+
+define Package/hostapd-basic-openssl/description
+ This package contains a basic IEEE 802.1x/WPA Authenticator with WPA-PSK, 802.11r and 802.11w support.
+endef
+
+define Package/hostapd-basic-wolfssl
+$(call Package/hostapd/Default,$(1))
+  TITLE+= (WPA-PSK, 11r and 11w)
+  VARIANT:=basic-wolfssl
+  DEPENDS+=+PACKAGE_hostapd-basic-wolfssl:libwolfssl
+endef
+
+define Package/hostapd-basic-wolfssl/description
+ This package contains a basic IEEE 802.1x/WPA Authenticator with WPA-PSK, 802.11r and 802.11w support.
+endef
+
+define Package/hostapd-basic-mbedtls
+$(call Package/hostapd/Default,$(1))
+  TITLE+= (WPA-PSK, 11r and 11w)
+  VARIANT:=basic-mbedtls
+  DEPENDS+=+PACKAGE_hostapd-basic-mbedtls:libmbedtls
+endef
+
+define Package/hostapd-basic-mbedtls/description
+ This package contains a basic IEEE 802.1x/WPA Authenticator with WPA-PSK, 802.11r and 802.11w support.
+endef
+
+define Package/hostapd-mini
+$(call Package/hostapd/Default,$(1))
+  TITLE+= (WPA-PSK only)
+  VARIANT:=mini
+endef
+
+define Package/hostapd-mini/description
+ This package contains a minimal IEEE 802.1x/WPA Authenticator (WPA-PSK only).
+endef
+
+
+define Package/wpad/Default
+  SECTION:=net
+  CATEGORY:=Network
+  SUBMENU:=WirelessAPD
+  TITLE:=IEEE 802.1x Auth/Supplicant
+  DEPENDS:=$(DRV_DEPENDS) +hostapd-common $(CORE_DEPENDS)
+  EXTRA_DEPENDS:=hostapd-common (=$(PKG_VERSION)-$(PKG_RELEASE))
+  USERID:=network=101:network=101
+  URL:=http://hostap.epitest.fi/
+  PROVIDES:=hostapd wpa-supplicant
+  CONFLICTS:=$(HOSTAPD_PROVIDERS) $(SUPPLICANT_PROVIDERS)
+  HOSTAPD_PROVIDERS+=$(1)
+  SUPPLICANT_PROVIDERS+=$(1)
+endef
+
+define Package/wpad
+$(call Package/wpad/Default,$(1))
+  TITLE+= (built-in full)
+  VARIANT:=wpad-full-internal
+endef
+
+define Package/wpad/description
+ This package contains a full featured IEEE 802.1x/WPA/EAP/RADIUS
+ Authenticator and Supplicant
+endef
+
+define Package/wpad-openssl
+$(call Package/wpad/Default,$(1))
+  TITLE+= (OpenSSL full)
+  VARIANT:=wpad-full-openssl
+  DEPENDS+=$(OPENSSL_DEPENDS)
+endef
+
+Package/wpad-openssl/description = $(Package/wpad/description)
+
+define Package/wpad-wolfssl
+$(call Package/wpad/Default,$(1))
+  TITLE+= (wolfSSL full)
+  VARIANT:=wpad-full-wolfssl
+  DEPENDS+=+PACKAGE_wpad-wolfssl:libwolfssl
+endef
+
+Package/wpad-wolfssl/description = $(Package/wpad/description)
+
+define Package/wpad-mbedtls
+$(call Package/wpad/Default,$(1))
+  TITLE+= (mbedTLS full)
+  VARIANT:=wpad-full-mbedtls
+  DEPENDS+=+PACKAGE_wpad-mbedtls:libmbedtls
+endef
+
+Package/wpad-mbedtls/description = $(Package/wpad/description)
+
+define Package/wpad-basic
+$(call Package/wpad/Default,$(1))
+  TITLE+= (WPA-PSK, 11r, 11w)
+  VARIANT:=wpad-basic
+endef
+
+define Package/wpad-basic/description
+ This package contains a basic IEEE 802.1x/WPA Authenticator and Supplicant with WPA-PSK, 802.11r and 802.11w support.
+endef
+
+define Package/wpad-basic-openssl
+$(call Package/wpad/Default,$(1))
+  TITLE+= (OpenSSL, 11r, 11w)
+  VARIANT:=wpad-basic-openssl
+  DEPENDS+=$(OPENSSL_DEPENDS)
+endef
+
+define Package/wpad-basic-openssl/description
+ This package contains a basic IEEE 802.1x/WPA Authenticator and Supplicant with WPA-PSK, SAE (WPA3-Personal), 802.11r and 802.11w support.
+endef
+
+define Package/wpad-basic-wolfssl
+$(call Package/wpad/Default,$(1))
+  TITLE+= (wolfSSL, 11r, 11w)
+  VARIANT:=wpad-basic-wolfssl
+  DEPENDS+=+PACKAGE_wpad-basic-wolfssl:libwolfssl
+endef
+
+define Package/wpad-basic-wolfssl/description
+ This package contains a basic IEEE 802.1x/WPA Authenticator and Supplicant with WPA-PSK, SAE (WPA3-Personal), 802.11r and 802.11w support.
+endef
+
+define Package/wpad-basic-mbedtls
+$(call Package/wpad/Default,$(1))
+  TITLE+= (mbedTLS, 11r, 11w)
+  VARIANT:=wpad-basic-mbedtls
+  DEPENDS+=+PACKAGE_wpad-basic-mbedtls:libmbedtls
+endef
+
+define Package/wpad-basic-mbedtls/description
+ This package contains a basic IEEE 802.1x/WPA Authenticator and Supplicant with WPA-PSK, SAE (WPA3-Personal), 802.11r and 802.11w support.
+endef
+
+define Package/wpad-mini
+$(call Package/wpad/Default,$(1))
+  TITLE+= (WPA-PSK only)
+  VARIANT:=wpad-mini
+endef
+
+define Package/wpad-mini/description
+ This package contains a minimal IEEE 802.1x/WPA Authenticator and Supplicant (WPA-PSK only).
+endef
+
+define Package/wpad-mesh
+$(call Package/wpad/Default,$(1))
+  DEPENDS+=@(!TARGET_uml||BROKEN)
+  PROVIDES+=wpa-supplicant-mesh wpad-mesh
+endef
+
+define Package/wpad-mesh/description
+ This package contains a minimal IEEE 802.1x/WPA Authenticator and Supplicant (with 802.11s mesh and SAE support).
+endef
+
+define Package/wpad-mesh-openssl
+$(call Package/wpad-mesh,$(1))
+  TITLE+= (OpenSSL, 11s, SAE)
+  DEPENDS+=$(OPENSSL_DEPENDS)
+  VARIANT:=wpad-mesh-openssl
+endef
+
+Package/wpad-mesh-openssl/description = $(Package/wpad-mesh/description)
+
+define Package/wpad-mesh-wolfssl
+$(call Package/wpad-mesh,$(1))
+  TITLE+= (wolfSSL, 11s, SAE)
+  DEPENDS+=+PACKAGE_wpad-mesh-wolfssl:libwolfssl
+  VARIANT:=wpad-mesh-wolfssl
+endef
+
+Package/wpad-mesh-wolfssl/description = $(Package/wpad-mesh/description)
+
+define Package/wpad-mesh-mbedtls
+$(call Package/wpad-mesh,$(1))
+  TITLE+= (mbedTLS, 11s, SAE)
+  DEPENDS+=+PACKAGE_wpad-mesh-mbedtls:libmbedtls
+  VARIANT:=wpad-mesh-mbedtls
+endef
+
+Package/wpad-mesh-mbedtls/description = $(Package/wpad-mesh/description)
+
+
+define Package/wpa-supplicant/Default
+  SECTION:=net
+  CATEGORY:=Network
+  SUBMENU:=WirelessAPD
+  TITLE:=WPA Supplicant
+  URL:=http://hostap.epitest.fi/wpa_supplicant/
+  DEPENDS:=$(DRV_DEPENDS) +hostapd-common $(CORE_DEPENDS)
+  EXTRA_DEPENDS:=hostapd-common (=$(PKG_VERSION)-$(PKG_RELEASE))
+  USERID:=network=101:network=101
+  PROVIDES:=wpa-supplicant
+  CONFLICTS:=$(SUPPLICANT_PROVIDERS)
+  SUPPLICANT_PROVIDERS+=$(1)
+endef
+
+define Package/wpa-supplicant
+$(call Package/wpa-supplicant/Default,$(1))
+  TITLE+= (built-in full)
+  VARIANT:=supplicant-full-internal
+endef
+
+define Package/wpa-supplicant-openssl
+$(call Package/wpa-supplicant/Default,$(1))
+  TITLE+= (OpenSSL full)
+  VARIANT:=supplicant-full-openssl
+  DEPENDS+=$(OPENSSL_DEPENDS)
+endef
+
+define Package/wpa-supplicant-wolfssl
+$(call Package/wpa-supplicant/Default,$(1))
+  TITLE+= (wolfSSL full)
+  VARIANT:=supplicant-full-wolfssl
+  DEPENDS+=+PACKAGE_wpa-supplicant-wolfssl:libwolfssl
+endef
+
+define Package/wpa-supplicant-mbedtls
+$(call Package/wpa-supplicant/Default,$(1))
+  TITLE+= (mbedTLS full)
+  VARIANT:=supplicant-full-mbedtls
+  DEPENDS+=+PACKAGE_wpa-supplicant-mbedtls:libmbedtls
+endef
+
+define Package/wpa-supplicant/config
+	source "$(SOURCE)/Config.in"
+endef
+
+define Package/wpa-supplicant-p2p
+$(call Package/wpa-supplicant/Default,$(1))
+  TITLE+= (Wi-Fi P2P support)
+  VARIANT:=supplicant-p2p-internal
+endef
+
+define Package/wpa-supplicant-mesh/Default
+$(call Package/wpa-supplicant/Default,$(1))
+  DEPENDS+=@(!TARGET_uml||BROKEN)
+  PROVIDES+=wpa-supplicant-mesh
+endef
+
+define Package/wpa-supplicant-mesh-openssl
+$(call Package/wpa-supplicant-mesh/Default,$(1))
+  TITLE+= (OpenSSL, 11s, SAE)
+  VARIANT:=supplicant-mesh-openssl
+  DEPENDS+=$(OPENSSL_DEPENDS)
+endef
+
+define Package/wpa-supplicant-mesh-wolfssl
+$(call Package/wpa-supplicant-mesh/Default,$(1))
+  TITLE+= (wolfSSL, 11s, SAE)
+  VARIANT:=supplicant-mesh-wolfssl
+  DEPENDS+=+PACKAGE_wpa-supplicant-mesh-wolfssl:libwolfssl
+endef
+
+define Package/wpa-supplicant-mesh-mbedtls
+$(call Package/wpa-supplicant-mesh/Default,$(1))
+  TITLE+= (mbedTLS, 11s, SAE)
+  VARIANT:=supplicant-mesh-mbedtls
+  DEPENDS+=+PACKAGE_wpa-supplicant-mesh-mbedtls:libmbedtls
+endef
+
+define Package/wpa-supplicant-basic
+$(call Package/wpa-supplicant/Default,$(1))
+  TITLE+= (11r, 11w)
+  VARIANT:=supplicant-basic
+endef
+
+define Package/wpa-supplicant-mini
+$(call Package/wpa-supplicant/Default,$(1))
+  TITLE+= (minimal)
+  VARIANT:=supplicant-mini
+endef
+
+
+define Package/hostapd-common
+  TITLE:=hostapd/wpa_supplicant common support files
+  SECTION:=net
+  CATEGORY:=Network
+  SUBMENU:=WirelessAPD
+endef
+
+define Package/hostapd-utils
+  SECTION:=net
+  CATEGORY:=Network
+  SUBMENU:=WirelessAPD
+  TITLE:=IEEE 802.1x Authenticator (utils)
+  URL:=http://hostap.epitest.fi/
+  DEPENDS:=@$(subst $(space),||,$(foreach pkg,$(HOSTAPD_PROVIDERS),PACKAGE_$(pkg)))
+  VARIANT:=*
+endef
+
+define Package/hostapd-utils/description
+ This package contains a command line utility to control the
+ IEEE 802.1x/WPA/EAP/RADIUS Authenticator.
+endef
+
+define Package/wpa-cli
+  SECTION:=net
+  CATEGORY:=Network
+  SUBMENU:=WirelessAPD
+  DEPENDS:=@$(subst $(space),||,$(foreach pkg,$(SUPPLICANT_PROVIDERS),PACKAGE_$(pkg)))
+  TITLE:=WPA Supplicant command line control utility
+  VARIANT:=*
+endef
+
+define Package/eapol-test/Default
+  TITLE:=802.1x auth test utility
+  SECTION:=net
+  SUBMENU:=WirelessAPD
+  CATEGORY:=Network
+  DEPENDS:=$(DRV_DEPENDS) $(CORE_DEPENDS)
+endef
+
+define Package/eapol-test
+  $(call Package/eapol-test/Default,$(1))
+  TITLE+= (built-in full)
+  VARIANT:=supplicant-full-internal
+endef
+
+define Package/eapol-test-openssl
+  $(call Package/eapol-test/Default,$(1))
+  TITLE+= (OpenSSL full)
+  VARIANT:=supplicant-full-openssl
+  CONFLICTS:=$(filter-out eapol-test-openssl ,$(EAPOL_TEST_PROVIDERS))
+  DEPENDS+=$(OPENSSL_DEPENDS)
+  PROVIDES:=eapol-test
+endef
+
+define Package/eapol-test-wolfssl
+  $(call Package/eapol-test/Default,$(1))
+  TITLE+= (wolfSSL full)
+  VARIANT:=supplicant-full-wolfssl
+  CONFLICTS:=$(filter-out eapol-test-openssl ,$(filter-out eapol-test-wolfssl ,$(EAPOL_TEST_PROVIDERS)))
+  DEPENDS+=+PACKAGE_eapol-test-wolfssl:libwolfssl
+  PROVIDES:=eapol-test
+endef
+
+define Package/eapol-test-mbedtls
+  $(call Package/eapol-test/Default,$(1))
+  TITLE+= (mbedTLS full)
+  VARIANT:=supplicant-full-mbedtls
+  CONFLICTS:=$(filter-out eapol-test-openssl ,$(filter-out eapol-test-mbedtls ,$(EAPOL_TEST_PROVIDERS)))
+  DEPENDS+=+PACKAGE_eapol-test-mbedtls:libmbedtls
+  PROVIDES:=eapol-test
+endef
+
+
+ifneq ($(wildcard $(PKG_BUILD_DIR)/.config_*),$(subst .configured_,.config_,$(STAMP_CONFIGURED)))
+  define Build/Configure/rebuild
+	$(FIND) $(PKG_BUILD_DIR) -name \*.o -or -name \*.a | $(XARGS) rm -f
+	rm -f $(PKG_BUILD_DIR)/hostapd/hostapd
+	rm -f $(PKG_BUILD_DIR)/wpa_supplicant/wpa_supplicant
+	rm -f $(PKG_BUILD_DIR)/.config_*
+	touch $(subst .configured_,.config_,$(STAMP_CONFIGURED))
+  endef
+endif
+
+define Build/Configure
+	$(Build/Configure/rebuild)
+	$(if $(wildcard ./files/hostapd-$(CONFIG_VARIANT).config), \
+		$(CP) ./files/hostapd-$(CONFIG_VARIANT).config $(PKG_BUILD_DIR)/hostapd/.config \
+	)
+	$(if $(wildcard ./files/wpa_supplicant-$(CONFIG_VARIANT).config), \
+		$(CP) ./files/wpa_supplicant-$(CONFIG_VARIANT).config $(PKG_BUILD_DIR)/wpa_supplicant/.config
+	)
+endef
+
+TARGET_CPPFLAGS := \
+	-I$(STAGING_DIR)/usr/include/libnl-tiny \
+	-I$(PKG_BUILD_DIR)/src/crypto \
+	$(TARGET_CPPFLAGS) \
+	-DCONFIG_LIBNL20 \
+	-D_GNU_SOURCE \
+	$(if $(CONFIG_WPA_MSG_MIN_PRIORITY),-DCONFIG_MSG_MIN_PRIORITY=$(CONFIG_WPA_MSG_MIN_PRIORITY))
+
+TARGET_LDFLAGS += -lubox -lubus -lblobmsg_json -lucode -lm -lnl-tiny
+
+ifdef CONFIG_WPA_ENABLE_WEP
+    DRIVER_MAKEOPTS += CONFIG_WEP=y
+endif
+
+define Build/RunMake
+	CFLAGS="$(TARGET_CPPFLAGS) $(TARGET_CFLAGS)" \
+	$(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR)/$(1) \
+		$(TARGET_CONFIGURE_OPTS) \
+		$(DRIVER_MAKEOPTS) \
+		LIBS="$(TARGET_LDFLAGS)" \
+		LIBS_c="$(TARGET_LDFLAGS_C)" \
+		AR="$(TARGET_CROSS)gcc-ar" \
+		BCHECK= \
+		$(if $(findstring s,$(OPENWRT_VERBOSE)),V=1) \
+		$(2)
+endef
+
+define Build/Compile/wpad
+	echo ` \
+		$(call Build/RunMake,hostapd,-s MULTICALL=1 dump_cflags); \
+		$(call Build/RunMake,wpa_supplicant,-s MULTICALL=1 dump_cflags) | \
+		sed -e 's,-n ,,g' -e 's^$(TARGET_CFLAGS)^^' \
+	` > $(PKG_BUILD_DIR)/.cflags
+	sed -i 's/"/\\"/g' $(PKG_BUILD_DIR)/.cflags
+	+$(call Build/RunMake,hostapd, \
+		CFLAGS="$$$$(cat $(PKG_BUILD_DIR)/.cflags)" \
+		MULTICALL=1 \
+		hostapd_cli hostapd_multi.a \
+	)
+	+$(call Build/RunMake,wpa_supplicant, \
+		CFLAGS="$$$$(cat $(PKG_BUILD_DIR)/.cflags)" \
+		MULTICALL=1 \
+		wpa_cli wpa_supplicant_multi.a \
+	)
+	+export MAKEFLAGS="$(MAKE_JOBSERVER)"; $(TARGET_CC) -o $(PKG_BUILD_DIR)/wpad \
+		$(TARGET_CFLAGS) \
+		./files/multicall.c \
+		$(PKG_BUILD_DIR)/hostapd/hostapd_multi.a \
+		$(PKG_BUILD_DIR)/wpa_supplicant/wpa_supplicant_multi.a \
+		$(TARGET_LDFLAGS)
+endef
+
+define Build/Compile/hostapd
+	+$(call Build/RunMake,hostapd, \
+		hostapd hostapd_cli \
+	)
+endef
+
+define Build/Compile/supplicant
+	+$(call Build/RunMake,wpa_supplicant, \
+		wpa_cli wpa_supplicant \
+	)
+endef
+
+define Build/Compile/supplicant-full-internal
+	+$(call Build/RunMake,wpa_supplicant, \
+		eapol_test \
+	)
+endef
+
+define Build/Compile/supplicant-full-openssl
+	+$(call Build/RunMake,wpa_supplicant, \
+		eapol_test \
+	)
+endef
+
+define Build/Compile/supplicant-full-wolfssl
+	+$(call Build/RunMake,wpa_supplicant, \
+		eapol_test \
+	)
+endef
+
+define Build/Compile/supplicant-full-mbedtls
+	+$(call Build/RunMake,wpa_supplicant, \
+		eapol_test \
+	)
+endef
+
+define Build/Compile
+	$(Build/Compile/$(LOCAL_TYPE))
+	$(Build/Compile/$(BUILD_VARIANT))
+endef
+
+define Install/hostapd/full
+	$(INSTALL_DIR) $(1)/etc/init.d $(1)/etc/config $(1)/etc/radius
+	ln -sf hostapd $(1)/usr/sbin/hostapd-radius
+	$(INSTALL_BIN) ./files/radius.init $(1)/etc/init.d/radius
+	$(INSTALL_DATA) ./files/radius.config $(1)/etc/config/radius
+	$(INSTALL_DATA) ./files/radius.clients $(1)/etc/radius/clients
+	$(INSTALL_DATA) ./files/radius.users $(1)/etc/radius/users
+endef
+
+define Package/hostapd-full/conffiles
+/etc/config/radius
+/etc/radius
+endef
+
+ifeq ($(CONFIG_VARIANT),full)
+Package/wpad-mesh-openssl/conffiles = $(Package/hostapd-full/conffiles)
+Package/wpad-mesh-wolfssl/conffiles = $(Package/hostapd-full/conffiles)
+Package/wpad-mesh-mbedtls/conffiles = $(Package/hostapd-full/conffiles)
+Package/wpad/conffiles = $(Package/hostapd-full/conffiles)
+Package/wpad-openssl/conffiles = $(Package/hostapd-full/conffiles)
+Package/wpad-wolfssl/conffiles = $(Package/hostapd-full/conffiles)
+Package/wpad-mbedtls/conffiles = $(Package/hostapd-full/conffiles)
+Package/hostapd/conffiles = $(Package/hostapd-full/conffiles)
+Package/hostapd-openssl/conffiles = $(Package/hostapd-full/conffiles)
+Package/hostapd-wolfssl/conffiles = $(Package/hostapd-full/conffiles)
+Package/hostapd-mbedtls/conffiles = $(Package/hostapd-full/conffiles)
+endif
+
+define Install/hostapd
+	$(INSTALL_DIR) $(1)/usr/sbin $(1)/usr/share/hostap
+	$(INSTALL_DATA) ./files/hostapd.uc $(1)/usr/share/hostap/
+	$(if $(findstring full,$(CONFIG_VARIANT)),$(Install/hostapd/full))
+endef
+
+define Install/supplicant
+	$(INSTALL_DIR) $(1)/usr/sbin $(1)/usr/share/hostap
+	$(INSTALL_DATA) ./files/wpa_supplicant.uc $(1)/usr/share/hostap/
+endef
+
+define Package/hostapd-common/install
+	$(INSTALL_DIR) $(1)/etc/capabilities $(1)/etc/rc.button $(1)/etc/hotplug.d/ieee80211 $(1)/etc/init.d $(1)/lib/netifd  $(1)/usr/share/acl.d $(1)/usr/share/hostap
+	$(INSTALL_BIN) ./files/dhcp-get-server.sh $(1)/lib/netifd/dhcp-get-server.sh
+	$(INSTALL_DATA) ./files/hostapd.sh $(1)/lib/netifd/hostapd.sh
+	$(INSTALL_BIN) ./files/wpad.init $(1)/etc/init.d/wpad
+	$(INSTALL_BIN) ./files/wps-hotplug.sh $(1)/etc/rc.button/wps
+	$(INSTALL_DATA) ./files/wpad_acl.json $(1)/usr/share/acl.d
+	$(INSTALL_DATA) ./files/wpad.json $(1)/etc/capabilities
+	$(INSTALL_DATA) ./files/common.uc $(1)/usr/share/hostap/
+	$(INSTALL_DATA) ./files/wdev.uc $(1)/usr/share/hostap/
+endef
+
+define Package/hostapd/install
+	$(call Install/hostapd,$(1))
+	$(INSTALL_BIN) $(PKG_BUILD_DIR)/hostapd/hostapd $(1)/usr/sbin/
+endef
+Package/hostapd-basic/install = $(Package/hostapd/install)
+Package/hostapd-basic-openssl/install = $(Package/hostapd/install)
+Package/hostapd-basic-wolfssl/install = $(Package/hostapd/install)
+Package/hostapd-basic-mbedtls/install = $(Package/hostapd/install)
+Package/hostapd-mini/install = $(Package/hostapd/install)
+Package/hostapd-openssl/install = $(Package/hostapd/install)
+Package/hostapd-wolfssl/install = $(Package/hostapd/install)
+Package/hostapd-mbedtls/install = $(Package/hostapd/install)
+
+ifneq ($(LOCAL_TYPE),supplicant)
+  define Package/hostapd-utils/install
+	$(INSTALL_DIR) $(1)/usr/sbin
+	$(INSTALL_BIN) $(PKG_BUILD_DIR)/hostapd/hostapd_cli $(1)/usr/sbin/
+  endef
+endif
+
+define Package/wpad/install
+	$(call Install/hostapd,$(1))
+	$(call Install/supplicant,$(1))
+	$(INSTALL_BIN) $(PKG_BUILD_DIR)/wpad $(1)/usr/sbin/
+	$(LN) wpad $(1)/usr/sbin/hostapd
+	$(LN) wpad $(1)/usr/sbin/wpa_supplicant
+endef
+Package/wpad-basic/install = $(Package/wpad/install)
+Package/wpad-basic-openssl/install = $(Package/wpad/install)
+Package/wpad-basic-wolfssl/install = $(Package/wpad/install)
+Package/wpad-basic-mbedtls/install = $(Package/wpad/install)
+Package/wpad-mini/install = $(Package/wpad/install)
+Package/wpad-openssl/install = $(Package/wpad/install)
+Package/wpad-wolfssl/install = $(Package/wpad/install)
+Package/wpad-mbedtls/install = $(Package/wpad/install)
+Package/wpad-mesh-openssl/install = $(Package/wpad/install)
+Package/wpad-mesh-wolfssl/install = $(Package/wpad/install)
+Package/wpad-mesh-mbedtls/install = $(Package/wpad/install)
+
+define Package/wpa-supplicant/install
+	$(call Install/supplicant,$(1))
+	$(INSTALL_BIN) $(PKG_BUILD_DIR)/wpa_supplicant/wpa_supplicant $(1)/usr/sbin/
+endef
+Package/wpa-supplicant-basic/install = $(Package/wpa-supplicant/install)
+Package/wpa-supplicant-mini/install = $(Package/wpa-supplicant/install)
+Package/wpa-supplicant-p2p/install = $(Package/wpa-supplicant/install)
+Package/wpa-supplicant-openssl/install = $(Package/wpa-supplicant/install)
+Package/wpa-supplicant-wolfssl/install = $(Package/wpa-supplicant/install)
+Package/wpa-supplicant-mbedtls/install = $(Package/wpa-supplicant/install)
+Package/wpa-supplicant-mesh-openssl/install = $(Package/wpa-supplicant/install)
+Package/wpa-supplicant-mesh-wolfssl/install = $(Package/wpa-supplicant/install)
+Package/wpa-supplicant-mesh-mbedtls/install = $(Package/wpa-supplicant/install)
+
+ifneq ($(LOCAL_TYPE),hostapd)
+  define Package/wpa-cli/install
+	$(INSTALL_DIR) $(1)/usr/sbin
+	$(CP) $(PKG_BUILD_DIR)/wpa_supplicant/wpa_cli $(1)/usr/sbin/
+  endef
+endif
+
+ifeq ($(BUILD_VARIANT),supplicant-full-internal)
+  define Package/eapol-test/install
+	$(INSTALL_DIR) $(1)/usr/sbin
+	$(CP) $(PKG_BUILD_DIR)/wpa_supplicant/eapol_test $(1)/usr/sbin/
+  endef
+endif
+
+ifeq ($(BUILD_VARIANT),supplicant-full-openssl)
+  define Package/eapol-test-openssl/install
+	$(INSTALL_DIR) $(1)/usr/sbin
+	$(CP) $(PKG_BUILD_DIR)/wpa_supplicant/eapol_test $(1)/usr/sbin/
+  endef
+endif
+
+ifeq ($(BUILD_VARIANT),supplicant-full-wolfssl)
+  define Package/eapol-test-wolfssl/install
+	$(INSTALL_DIR) $(1)/usr/sbin
+	$(CP) $(PKG_BUILD_DIR)/wpa_supplicant/eapol_test $(1)/usr/sbin/
+  endef
+endif
+
+ifeq ($(BUILD_VARIANT),supplicant-full-mbedtls)
+  define Package/eapol-test-mbedtls/install
+	$(INSTALL_DIR) $(1)/usr/sbin
+	$(CP) $(PKG_BUILD_DIR)/wpa_supplicant/eapol_test $(1)/usr/sbin/
+  endef
+endif
+
+# Build hostapd-common before its dependents, to avoid
+# spurious rebuilds when building multiple variants.
+$(eval $(call BuildPackage,hostapd-common))
+$(eval $(call BuildPackage,hostapd))
+$(eval $(call BuildPackage,hostapd-basic))
+$(eval $(call BuildPackage,hostapd-basic-openssl))
+$(eval $(call BuildPackage,hostapd-basic-wolfssl))
+$(eval $(call BuildPackage,hostapd-basic-mbedtls))
+$(eval $(call BuildPackage,hostapd-mini))
+$(eval $(call BuildPackage,hostapd-openssl))
+$(eval $(call BuildPackage,hostapd-wolfssl))
+$(eval $(call BuildPackage,hostapd-mbedtls))
+$(eval $(call BuildPackage,wpad))
+$(eval $(call BuildPackage,wpad-mesh-openssl))
+$(eval $(call BuildPackage,wpad-mesh-wolfssl))
+$(eval $(call BuildPackage,wpad-mesh-mbedtls))
+$(eval $(call BuildPackage,wpad-basic))
+$(eval $(call BuildPackage,wpad-basic-openssl))
+$(eval $(call BuildPackage,wpad-basic-wolfssl))
+$(eval $(call BuildPackage,wpad-basic-mbedtls))
+$(eval $(call BuildPackage,wpad-mini))
+$(eval $(call BuildPackage,wpad-openssl))
+$(eval $(call BuildPackage,wpad-wolfssl))
+$(eval $(call BuildPackage,wpad-mbedtls))
+$(eval $(call BuildPackage,wpa-supplicant))
+$(eval $(call BuildPackage,wpa-supplicant-mesh-openssl))
+$(eval $(call BuildPackage,wpa-supplicant-mesh-wolfssl))
+$(eval $(call BuildPackage,wpa-supplicant-mesh-mbedtls))
+$(eval $(call BuildPackage,wpa-supplicant-basic))
+$(eval $(call BuildPackage,wpa-supplicant-mini))
+$(eval $(call BuildPackage,wpa-supplicant-p2p))
+$(eval $(call BuildPackage,wpa-supplicant-openssl))
+$(eval $(call BuildPackage,wpa-supplicant-wolfssl))
+$(eval $(call BuildPackage,wpa-supplicant-mbedtls))
+$(eval $(call BuildPackage,wpa-cli))
+$(eval $(call BuildPackage,hostapd-utils))
+$(eval $(call BuildPackage,eapol-test))
+$(eval $(call BuildPackage,eapol-test-openssl))
+$(eval $(call BuildPackage,eapol-test-wolfssl))
+$(eval $(call BuildPackage,eapol-test-mbedtls))
--- a/feeds/hostapd/hostapd/README.md
+++ b/feeds/hostapd/hostapd/README.md
@@ -0,0 +1,419 @@
+# UBUS methods - hostapd
+
+## bss_mgmt_enable
+Enable 802.11k/v features.
+
+### arguments
+| Name | Type | Required | Description |
+|---|---|---|---|
+| neighbor_report | bool | no | enable 802.11k neighbor reports |
+| beacon_report | bool | no | enable 802.11k beacon reports |
+| link_measurements | bool | no | enable 802.11k link measurements |
+| bss_transition | bool | no | enable 802.11v BSS transition support |
+
+### example
+`ubus call hostapd.wl5-fb bss_mgmt_enable '{ "neighbor_report": true, "beacon_report": true, "link_measurements": true, "bss_transition": true
+}'`
+
+
+## bss_transition_request
+Initiate an 802.11v transition request.
+
+### arguments
+| Name | Type | Required | Description |
+|---|---|---|---|
+| addr | string | yes | client MAC address |
+| disassociation_imminent | bool | no | set Disassociation Imminent bit |
+| disassociation_timer | int32 | no | disassociate client if it doesn't roam after this time |
+| validity_period | int32 | no | validity of the BSS Transition Candiate List |
+| neighbors | array | no | BSS Transition Candidate List |
+| abridged | bool | no | prefer APs in the BSS Transition Candidate List |
+| dialog_token | int32 | no | identifier for the request/report transaction |
+| mbo_reason | int32 | no | MBO Transition Reason Code Attribute |
+| cell_pref | int32 | no | MBO Cellular Data Connection Preference Attribute |
+| reassoc_delay | int32 | no | MBO Re-association retry delay |
+
+### example
+`ubus call hostapd.wl5-fb bss_transition_request '{ "addr": "68:2F:67:8B:98:ED", "disassociation_imminent": false, "disassociation_timer": 0, "validity_period": 30, "neighbors": ["b6a7b9cbeebabf5900008064090603026a00"], "abridged": 1 }'`
+
+
+## config_add
+Dynamically load a BSS configuration from a file. This is used by netifd's mac80211 support script to configure BSSes on multiple PHYs in a single hostapd instance.
+
+### arguments
+| Name | Type | Required | Description |
+|---|---|---|---|
+| iface | string | yes | WiFi interface name |
+| config | string | yes | path to hostapd config file |
+
+
+## config_remove
+Dynamically remove a BSS configuration.
+
+### arguments
+| Name | Type | Required | Description |
+|---|---|---|---|
+| iface | string | yes | WiFi interface name |
+
+
+## del_client
+Kick a client off the network.
+
+### arguments
+| Name | Type | Required | Description |
+|---|---|---|---|
+| addr | string | yes | client MAC address |
+| reason | int32 | no | 802.11 reason code |
+| deauth | bool | no | deauthenticates client instead of disassociating |
+| ban_time | int32 | no | ban client for N milliseconds |
+
+### example
+`ubus call hostapd.wl5-fb del_client '{ "addr": "68:2f:67:8b:98:ed", "reason": 5, "deauth": true, "ban_time": 10000 }'`
+
+
+## get_clients
+Show associated clients.
+
+### example
+`ubus call hostapd.wl5-fb get_clients`
+
+### output
+```json
+{
+        "freq": 5260,
+        "clients": {
+                "68:2f:67:8b:98:ed": {
+                        "auth": true,
+                        "assoc": true,
+                        "authorized": true,
+                        "preauth": false,
+                        "wds": false,
+                        "wmm": true,
+                        "ht": true,
+                        "vht": true,
+                        "he": false,
+                        "wps": false,
+                        "mfp": true,
+                        "rrm": [
+                                0,
+                                0,
+                                0,
+                                0,
+                                0
+                        ],
+                        "extended_capabilities": [
+                                0,
+                                0,
+                                0,
+                                0,
+                                0,
+                                0,
+                                0,
+                                64
+                        ],
+                        "aid": 3,
+                        "signature": "wifi4|probe:0,1,45,127,107,191,221(0017f2,10),221(001018,2),htcap:006f,htagg:1b,htmcs:0000ffff,vhtcap:0f825832,vhtrxmcs:0000ffea,vhttxmcs:0000ffea,extcap:0000008000000040|assoc:0,1,33,36,48,45,127,191,221(0017f2,10),221(001018,2),221(0050f2,2),htcap:006f,htagg:1b,htmcs:0000ffff,vhtcap:0f825832,vhtrxmcs:0000ffea,vhttxmcs:0000ffea,txpow:14f9,extcap:0000000000000040",
+                        "bytes": {
+                                "rx": 1933667,
+                                "tx": 746805
+                        },
+                        "airtime": {
+                                "rx": 208863,
+                                "tx": 9037883
+                        },
+                        "packets": {
+                                "rx": 3587,
+                                "tx": 2185
+                        },
+                        "rate": {
+                                "rx": 866700,
+                                "tx": 866700
+                        },
+                        "signal": -50,
+                        "capabilities": {
+                                "vht": {
+                                        "su_beamformee": true,
+                                        "mu_beamformee": false,
+                                        "mcs_map": {
+                                                "rx": {
+                                                        "1ss": 9,
+                                                        "2ss": 9,
+                                                        "3ss": 9,
+                                                        "4ss": -1,
+                                                        "5ss": -1,
+                                                        "6ss": -1,
+                                                        "7ss": -1,
+                                                        "8ss": -1
+                                                },
+                                                "tx": {
+                                                        "1ss": 9,
+                                                        "2ss": 9,
+                                                        "3ss": 9,
+                                                        "4ss": -1,
+                                                        "5ss": -1,
+                                                        "6ss": -1,
+                                                        "7ss": -1,
+                                                        "8ss": -1
+                                                }
+                                        }
+                                }
+                        }
+                }
+        }
+}
+```
+
+
+## get_features
+Show HT/VHT support.
+
+### example
+`ubus call hostapd.wl5-fb get_features`
+
+### output
+```json
+{
+        "ht_supported": true,
+        "vht_supported": true
+}
+```
+
+
+## get_status
+Get BSS status.
+
+### example
+`ubus call hostapd.wl5-fb get_status`
+
+### output
+```json
+{
+        "status": "ENABLED",
+        "bssid": "b6:a7:b9:cb:ee:bc",
+        "ssid": "fb",
+        "freq": 5260,
+        "channel": 52,
+        "op_class": 128,
+        "beacon_interval": 100,
+        "phy": "wl5-lan",
+        "rrm": {
+                "neighbor_report_tx": 0
+        },
+        "wnm": {
+                "bss_transition_query_rx": 0,
+                "bss_transition_request_tx": 0,
+                "bss_transition_response_rx": 0
+        },
+        "airtime": {
+                "time": 259561738,
+                "time_busy": 2844249,
+                "utilization": 0
+        },
+        "dfs": {
+                "cac_seconds": 60,
+                "cac_active": false,
+                "cac_seconds_left": 0
+        }
+}
+```
+
+
+## link_measurement_req
+Initiate an 802.11k Link Measurement Request.
+
+### arguments
+| Name | Type | Required | Description |
+|---|---|---|---|
+| addr | string | yes | client MAC address |
+| tx-power-used | int32 | no | transmit power used to transmit the Link Measurement Request frame |
+| tx-power-max | int32 | no | upper limit of transmit power to be used by the client |
+
+
+## list_bans
+List banned clients.
+
+### example
+`ubus call hostapd.wl5-fb list_bans`
+
+### output
+```json
+{
+        "clients": [
+                "68:2f:67:8b:98:ed"
+        ]
+}
+```
+
+
+## notify_response
+When enabled, hostapd will send a ubus notification and wait for a response before responding to various requests. This is used by e.g. usteer to make it possible to ignore probe requests.
+
+:warning: enabling this will cause hostapd to stop responding to probe requests unless a ubus subscriber responds to the ubus notifications.
+
+### arguments
+| Name | Type | Required | Description |
+|---|---|---|---|
+| notify_response | int32 | yes | disable (0) or enable (!0) |
+
+### example
+`ubus call hostapd.wl5-fb notify_response '{ "notify_response": 1 }'`
+
+## reload
+Reload BSS configuration.
+
+:warning: this can cause problems for certain configurations:
+
+```
+Mon May 16 16:09:08 2022 daemon.warn hostapd: Failed to check if DFS is required; ret=-1
+Mon May 16 16:09:08 2022 daemon.warn hostapd: Failed to check if DFS is required; ret=-1
+Mon May 16 16:09:08 2022 daemon.err hostapd: Wrong coupling between HT and VHT/HE channel setting
+```
+
+### example
+`ubus call hostapd.wl5-fb reload`
+
+
+## rrm_beacon_req
+Send a Beacon Measurement Request to a client.
+
+### arguments
+| Name | Type | Required | Description |
+|---|---|---|---|
+| addr | string | yes | client MAC address |
+| op_class | int32 | yes | the Regulatory Class for which this Measurement Request applies |
+| channel | int32 | yes | channel to measure |
+| duration | int32 | yes | compile Beacon Measurement Report after N TU |
+| mode | int32 | yes | mode to be used for measurement (0: passive, 1: active, 2: beacon table) |
+| bssid | string | no | filter BSSes in Beacon Measurement Report by BSSID |
+| ssid | string | no | filter BSSes in Beacon Measurement Report by SSID|
+
+
+## rrm_nr_get_own
+Show Neighbor Report Element for this BSS.
+
+### example
+`ubus call hostapd.wl5-fb rrm_nr_get_own`
+
+### output
+```json
+{
+        "value": [
+                "b6:a7:b9:cb:ee:bc",
+                "fb",
+                "b6a7b9cbeebcaf5900008095090603029b00"
+        ]
+}
+```
+
+
+## rrm_nr_list
+Show Neighbor Report Elements for other BSSes in this ESS.
+
+### example
+`ubus call hostapd.wl5-fb rrm_nr_list`
+
+### output
+```json
+{
+        "list": [
+                [
+                        "b6:a7:b9:cb:ee:ba",
+                        "fb",
+                        "b6a7b9cbeebabf5900008064090603026a00"
+                ]
+        ]
+}
+```
+
+## rrm_nr_set
+Set the Neighbor Report Elements. An element for the node on which this command is executed will always be added.
+
+### arguments
+| Name | Type | Required | Description |
+|---|---|---|---|
+| list | array | yes | array of Neighbor Report Elements in the format of the rrm_nr_list output |
+
+### example
+`ubus call hostapd.wl5-fb rrm_nr_set '{ "list": [ [ "b6:a7:b9:cb:ee:ba", "fb", "b6a7b9cbeebabf5900008064090603026a00" ] ] }'`
+
+
+## set_vendor_elements
+Configure Vendor-specific Information Elements for BSS.
+
+### arguments
+| Name | Type | Required | Description |
+|---|---|---|---|
+| vendor_elements | string | yes | Vendor-specific Information Elements as hex string |
+
+### example
+`ubus call hostapd.wl5-fb set_vendor_elements '{ "vendor_elements": "dd054857dd6662" }'`
+
+
+## switch_chan
+Initiate a channel switch.
+
+:warning: trying to switch to the channel that is currently in use will fail: `Command failed: Operation not supported`
+
+### arguments
+| Name | Type | Required | Description |
+|---|---|---|---|
+| freq | int32 | yes | frequency in MHz to switch to |
+| bcn_count | int32 | no | count in Beacon frames (TBTT) to perform the switch |
+| center_freq1 | int32 | no | segment 0 center frequency in MHz (valid for HT and VHT) |
+| center_freq2 | int32 | no | segment 1 center frequency in MHz (valid only for 80 MHz channel width and an 80+80 channel) |
+| bandwidth | int32 | no | channel width to use |
+| sec_channel_offset| int32 | no | secondary channel offset for HT40 (0 = disabled, 1 = HT40+, -1 = HT40-) |
+| ht | bool | no | enable 802.11n |
+| vht | bool | no | enable 802.11ac |
+| he | bool | no | enable 802.11ax |
+| block_tx | bool | no | block transmission during CSA period |
+| csa_force | bool | no | restart the interface in case the CSA fails |
+
+## example
+`ubus call hostapd.wl5-fb switch_chan '{ "freq": 5180, "bcn_count": 10, "center_freq1": 5210, "bandwidth": 80, "he": 1, "block_tx": 1, "csa_force": 0 }'`
+
+
+## update_airtime
+Set dynamic airtime weight for client.
+
+### arguments
+| Name | Type | Required | Description |
+|---|---|---|---|
+| sta | string | yes | client MAC address |
+| weight | int32 | yes | airtime weight |
+
+
+## update_beacon
+Force beacon frame content to be updated and to start beaconing on an interface that uses start_disabled=1.
+
+### example
+`ubus call hostapd.wl5-fb update_beacon`
+
+
+## wps_status
+Get WPS status for BSS.
+
+### example
+`ubus call hostapd.wl5-fb wps_status`
+
+### output
+```json
+{
+        "pbc_status": "Disabled",
+        "last_wps_result": "None"
+}
+```
+
+
+## wps_cancel
+Cancel WPS Push Button Configuration.
+
+### example
+`ubus call hostapd.wl5-fb wps_cancel`
+
+
+## wps_start
+Start WPS Push Button Configuration.
+
+### example
+`ubus call hostapd.wl5-fb wps_start`
--- a/feeds/hostapd/hostapd/files/common.uc
+++ b/feeds/hostapd/hostapd/files/common.uc
--- a/feeds/hostapd/hostapd/files/dhcp-get-server.sh
+++ b/feeds/hostapd/hostapd/files/dhcp-get-server.sh
@@ -0,0 +1,2 @@
+#!/bin/sh
+[ "$1" = bound ] && echo "$serverid"
--- a/feeds/hostapd/hostapd/files/hostapd-basic.config
+++ b/feeds/hostapd/hostapd/files/hostapd-basic.config
@@ -54,7 +54,7 @@ CONFIG_RSN_PREAUTH=y
 #CONFIG_IEEE80211W=y

 # Support Operating Channel Validation
-#CONFIG_OCV=y
+CONFIG_OCV=y

 # Integrated EAP server
 #CONFIG_EAP=y
@@ -386,6 +386,9 @@ CONFIG_TLS=internal
 # Airtime policy support
 CONFIG_AIRTIME_POLICY=y

+# Proxy ARP support
+#CONFIG_PROXYARP=y
+
 # Override default value for the wpa_disable_eapol_key_retries configuration
 # parameter. See that parameter in hostapd.conf for more details.
 #CFLAGS += -DDEFAULT_WPA_DISABLE_EAPOL_KEY_RETRIES=1
--- a/feeds/hostapd/hostapd/files/hostapd-full.config
+++ b/feeds/hostapd/hostapd/files/hostapd-full.config
@@ -54,7 +54,7 @@ CONFIG_RSN_PREAUTH=y
 #CONFIG_IEEE80211W=y

 # Support Operating Channel Validation
-#CONFIG_OCV=y
+CONFIG_OCV=y

 # Integrated EAP server
 CONFIG_EAP=y
@@ -142,7 +142,7 @@ CONFIG_PKCS12=y

 # RADIUS authentication server. This provides access to the integrated EAP
 # server from external hosts using RADIUS.
-#CONFIG_RADIUS_SERVER=y
+CONFIG_RADIUS_SERVER=y

 # Build IPv6 support for RADIUS operations
 CONFIG_IPV6=y
@@ -316,7 +316,7 @@ CONFIG_INTERNAL_LIBTOMMATH=y
 CONFIG_INTERWORKING=y

 # Hotspot 2.0
-#CONFIG_HS20=y
+CONFIG_HS20=y

 # Enable SQLite database support in hlr_auc_gw, EAP-SIM DB, and eap_user_file
 #CONFIG_SQLITE=y
@@ -371,9 +371,9 @@ CONFIG_INTERWORKING=y
 CONFIG_TAXONOMY=y

 # Fast Initial Link Setup (FILS) (IEEE 802.11ai)
-CONFIG_FILS=y
+#CONFIG_FILS=y
 # FILS shared key authentication with PFS
-CONFIG_FILS_SK_PFS=y
+#CONFIG_FILS_SK_PFS=y

 # Include internal line edit mode in hostapd_cli. This can be used to provide
 # limited command line editing and history support.
@@ -386,6 +386,9 @@ CONFIG_FILS_SK_PFS=y
 # Airtime policy support
 CONFIG_AIRTIME_POLICY=y

+# Proxy ARP support
+CONFIG_PROXYARP=y
+
 # Override default value for the wpa_disable_eapol_key_retries configuration
 # parameter. See that parameter in hostapd.conf for more details.
 #CFLAGS += -DDEFAULT_WPA_DISABLE_EAPOL_KEY_RETRIES=1
--- a/feeds/hostapd/hostapd/files/hostapd-mini.config
+++ b/feeds/hostapd/hostapd/files/hostapd-mini.config
@@ -386,6 +386,9 @@ CONFIG_TLS=internal
 # Airtime policy support
 #CONFIG_AIRTIME_POLICY=y

+# Proxy ARP support
+#CONFIG_PROXYARP=y
+
 # Override default value for the wpa_disable_eapol_key_retries configuration
 # parameter. See that parameter in hostapd.conf for more details.
 #CFLAGS += -DDEFAULT_WPA_DISABLE_EAPOL_KEY_RETRIES=1
--- a/feeds/hostapd/hostapd/files/hostapd.sh
+++ b/feeds/hostapd/hostapd/files/hostapd.sh
@@ -47,16 +47,15 @@ hostapd_append_wpa_key_mgmt() {
 			[ "${ieee80211w:-0}" -gt 0 ] && append wpa_key_mgmt "WPA-${auth_type_l}-SHA256"
 		;;
 		eap192)
-			append wpa_key_mgmt "WPA-EAP-SUITE-B-192"
-			append wpa_key_mgmt "WPA-EAP-SHA256"
-			[ "${ieee80211r:-0}" -gt 0 ] && append wpa_key_mgmt "FT-EAP"
+			[ "${ieee80211r:-0}" -gt 0 ] || append wpa_key_mgmt "WPA-EAP-SUITE-B-192"
+			[ "${ieee80211r:-0}" -gt 0 ] && append wpa_key_mgmt "FT-EAP-SHA384"
 		;;
-		eap-eap256)
+		eap-eap2)
 			append wpa_key_mgmt "WPA-EAP"
 			append wpa_key_mgmt "WPA-EAP-SHA256"
 			[ "${ieee80211r:-0}" -gt 0 ] && append wpa_key_mgmt "FT-EAP"
 		;;
-		eap256)
+		eap2)
 			append wpa_key_mgmt "WPA-EAP-SHA256"
 			[ "${ieee80211r:-0}" -gt 0 ] && append wpa_key_mgmt "FT-EAP"
 		;;
@@ -74,6 +73,10 @@ hostapd_append_wpa_key_mgmt() {
 		owe)
 			append wpa_key_mgmt "OWE"
 		;;
+		psk2-radius)
+			append wpa_key_mgmt "WPA-PSK"
+			[ "${ieee80211r:-0}" -gt 0 ] && append wpa_key_mgmt "FT-PSK"
+		;;
 	esac

 	[ "$fils" -gt 0 ] && {
@@ -127,9 +130,30 @@ hostapd_common_add_device_config() {

 	config_add_boolean multiple_bssid rnr_beacon he_co_locate ema

+	config_add_boolean afc
+	config_add_string \
+		afc_request_version afc_request_id afc_serial_number \
+		afc_location_type afc_location afc_height afc_height_type
+	config_add_array afc_cert_ids afc_freq_range afc_op_class
+	config_add_int \
+		afc_min_power afc_major_axis afc_minor_axis afc_orientation \
+		afc_vertical_tolerance
+
 	hostapd_add_log_config
 }

+
+hostapd_get_list() {
+	local var="$1"
+	local field="$2"
+
+	local cur __val_list
+	json_get_values __val_list "$field"
+	for cur in $__val_list; do
+		append "$var" "$cur" ","
+	done
+}
+
 hostapd_prepare_device_config() {
 	local config="$1"
 	local driver="$2"
@@ -140,7 +164,7 @@ hostapd_prepare_device_config() {
 		acs_chan_bias local_pwr_constraint spectrum_mgmt_required airtime_mode cell_density \
 		rts_threshold beacon_rate rssi_reject_assoc_rssi rssi_ignore_probe_request maxassoc \
 		multiple_bssid he_co_locate rnr_beacon ema acs_exclude_dfs \
-		maxassoc_ignore_probe
+		maxassoc_ignore_probe band

 	hostapd_set_log_options base_cfg

@@ -253,6 +277,45 @@ hostapd_prepare_device_config() {
 	[ "$multiple_bssid" -gt 0 ] && append base_cfg "multiple_bssid=$multiple_bssid" "$N"
 	[ "$ema" -gt 0 ] && append base_cfg "ema=$ema" "$N"
 	[ "$acs_exclude_dfs" -gt 0 ] && append base_cfg "acs_exclude_dfs=$acs_exclude_dfs" "$N"
+	if [ "$band" = "6g" ]; then
+		json_get_vars afc he_6ghz_reg_pwr_type
+	else
+		afc=0
+		he_6ghz_reg_pwr_type=
+	fi
+	set_default afc 0
+	[ "$afc" -gt 0 ] && {
+		for v in afc_request_version afc_request_id afc_serial_number afc_min_power afc_height afc_height_type afc_vertical_tolerance \
+				 afc_major_axis afc_minor_axis afc_orientation; do
+			json_get_var val $v
+			append base_cfg "$v=$val" "$N"
+		done
+
+		for v in afc_cert_ids afc_op_class afc_freq_range; do
+			val=
+			hostapd_get_list val $v
+			append base_cfg "$v=$val" "$N"
+		done
+
+		json_get_vars afc_location_type afc_location
+		case "$afc_location_type" in
+			ellipse)
+				append base_cfg "afc_location_type=0" "$N"
+				append base_cfg "afc_linear_polygon=$afc_location" "$N"
+			;;
+			linear_polygon)
+				append base_cfg "afc_location_type=1" "$N"
+				append base_cfg "afc_linear_polygon=$afc_location" "$N"
+			;;
+			radial_polygon)
+				append base_cfg "afc_location_type=2" "$N"
+				append base_cfg "afc_radial_polygon=$afc_location" "$N"
+			;;
+		esac
+
+		he_6ghz_reg_pwr_type=1
+	}
+	[ -n "$he_6ghz_reg_pwr_type" ] && append base_cfg "he_6ghz_reg_pwr_type=$he_6ghz_reg_pwr_type" "$N"

 	json_get_values opts hostapd_options
 	for val in $opts; do
@@ -345,8 +408,8 @@ hostapd_common_add_bss_config() {
 	config_add_string lci civic

 	config_add_boolean ieee80211r pmk_r1_push ft_psk_generate_local ft_over_ds
-	config_add_int r0_key_lifetime reassociation_deadline
-	config_add_string mobility_domain r1_key_holder
+	config_add_int r0_key_lifetime reassociation_deadline ft_l2_refresh
+	config_add_string mobility_domain r1_key_holder ft_key
 	config_add_array r0kh r1kh

 	config_add_int ieee80211w_max_timeout ieee80211w_retry_timeout
@@ -440,6 +503,7 @@ hostapd_set_psk() {
 	local ifname="$1"

 	rm -f /var/run/hostapd-${ifname}.psk
+	touch /var/run/hostapd-${ifname}.psk
 	for_each_station hostapd_set_psk_file ${ifname}
 }

@@ -603,7 +667,7 @@ append_radius_server() {
 	set_default dae_port 3799
 	set_default request_cui 0

-	[ "$eap_server" -eq 0 ] && {
+	[ "$eap_server" -eq 0  -a -n "$auth_server" ] && {
 		append bss_conf "auth_server_addr=$auth_server" "$N"
 		append bss_conf "auth_server_port=$auth_port" "$N"
 		append bss_conf "auth_server_shared_secret=$auth_secret" "$N"
@@ -745,11 +809,11 @@ hostapd_set_bss_options() {
 	}

 	case "$auth_type" in
-		sae|owe|eap192|eap256)
+		sae|owe|eap192|eap2)
 			set_default ieee80211w 2
 			set_default sae_require_mfp 1
 		;;
-		psk-sae|psk2-radius|eap-eap256)
+		psk-sae|psk2-radius|eap-eap2)
 			set_default ieee80211w 1
 			set_default sae_require_mfp 1
 		;;
@@ -772,9 +836,7 @@ hostapd_set_bss_options() {
 			# with WPS enabled, we got to be in unconfigured state.
 			wps_not_configured=1
 			vlan_possible=1
-			[ "$macfilter" = radius ] && {
-				append_radius_server
-			}
+			append_radius_server
 		;;
 		psk|sae|psk-sae)
 			json_get_vars key wpa_psk_file
@@ -793,14 +855,12 @@ hostapd_set_bss_options() {
 			}
 			[ "$eapol_version" -ge "1" -a "$eapol_version" -le "2" ] && append bss_conf "eapol_version=$eapol_version" "$N"

-			[ "$macfilter" = radius ] && {
-				append_radius_server
-			}
+			append_radius_server
 			set_default dynamic_vlan 0
 			vlan_possible=1
 			wps_possible=1
 		;;
-		eap|eap192|eap-eap256|eap256)
+		eap|eap192|eap-eap2|eap2)
 			append_radius_server
 			# radius can provide VLAN ID for clients
 			vlan_possible=1
@@ -928,10 +988,11 @@ hostapd_set_bss_options() {
 		set_default ieee80211r 0

 		if [ "$ieee80211r" -gt "0" ]; then
-			json_get_vars mobility_domain ft_psk_generate_local ft_over_ds reassociation_deadline
+			json_get_vars mobility_domain ft_psk_generate_local ft_over_ds reassociation_deadline ft_l2_refresh

 			set_default mobility_domain "$(echo "$ssid" | md5sum | head -c 4)"
 			set_default ft_over_ds 1
+			set_default ft_l2_refresh 30
 			set_default reassociation_deadline 1000
 			skip_kh_setup=0

@@ -954,9 +1015,10 @@ hostapd_set_bss_options() {
 			append bss_conf "ft_psk_generate_local=$ft_psk_generate_local" "$N"
 			append bss_conf "ft_over_ds=$ft_over_ds" "$N"
 			append bss_conf "reassociation_deadline=$reassociation_deadline" "$N"
+			[ -n "$ft_l2_refresh" ] && append bss_conf "ft_l2_refresh=$ft_l2_refresh" "$N"

 			if [ "$skip_kh_setup" -eq "0" ]; then
-				json_get_vars r0_key_lifetime r1_key_holder pmk_r1_push
+				json_get_vars r0_key_lifetime r1_key_holder pmk_r1_push ft_key
 				json_get_values r0kh r0kh
 				json_get_values r1kh r1kh

@@ -964,12 +1026,15 @@ hostapd_set_bss_options() {
 				set_default pmk_r1_push 0

 				[ -n "$r0kh" -a -n "$r1kh" ] || {
-					key=`echo -n "$mobility_domain/$auth_secret" | md5sum | awk '{print $1}'`
+					[ -z "$ft_key" ] && {
+						key=`echo -n "$mobility_domain/$auth_secret" | md5sum | awk '{print $1}'`

-					set_default r0kh "ff:ff:ff:ff:ff:ff,*,$key"
-					set_default r1kh "00:00:00:00:00:00,00:00:00:00:00:00,$key"
+						set_default r0kh "ff:ff:ff:ff:ff:ff,*,$key"
+						set_default r1kh "00:00:00:00:00:00,00:00:00:00:00:00,$key"
+					}
 				}

+				[ -n "$ft_key" ] && append bss_conf "ft_key=$ft_key" "$N"
 				[ -n "$r1_key_holder" ] && append bss_conf "r1_key_holder=$r1_key_holder" "$N"
 				append bss_conf "r0_key_lifetime=$r0_key_lifetime" "$N"
 				append bss_conf "pmk_r1_push=$pmk_r1_push" "$N"
@@ -1346,10 +1411,10 @@ wpa_supplicant_add_network() {
 		default_disabled

 	case "$auth_type" in
-		sae|owe|eap-eap256)
+		sae|owe|eap-eap2)
 			set_default ieee80211w 2
 		;;
-		psk-sae|eap192|eap256)
+		psk-sae|eap192|eap2)
 			set_default ieee80211w 1
 		;;
 	esac
@@ -1427,7 +1492,7 @@ wpa_supplicant_add_network() {
 			fi
 			append network_data "$passphrase" "$N$T"
 		;;
-		eap|eap192|eap-eap256|eap256)
+		eap|eap192|eap-eap2|eap2)
 			hostapd_append_wpa_key_mgmt
 			key_mgmt="$wpa_key_mgmt"

--- a/feeds/hostapd/hostapd/files/hostapd.uc
+++ b/feeds/hostapd/hostapd/files/hostapd.uc
@@ -0,0 +1,812 @@
+let libubus = require("ubus");
+import { open, readfile } from "fs";
+import { wdev_create, wdev_remove, is_equal, vlist_new, phy_is_fullmac, phy_open } from "common";
+
+let ubus = libubus.connect();
+
+hostapd.data.config = {};
+
+hostapd.data.file_fields = {
+	vlan_file: true,
+	wpa_psk_file: true,
+	accept_mac_file: true,
+	deny_mac_file: true,
+	eap_user_file: true,
+	ca_cert: true,
+	server_cert: true,
+	server_cert2: true,
+	private_key: true,
+	private_key2: true,
+	dh_file: true,
+	eap_sim_db: true,
+};
+
+function iface_remove(cfg)
+{
+	if (!cfg || !cfg.bss || !cfg.bss[0] || !cfg.bss[0].ifname)
+		return;
+
+	for (let bss in cfg.bss)
+		wdev_remove(bss.ifname);
+}
+
+function iface_gen_config(phy, config, start_disabled)
+{
+	let str = `data:
+${join("\n", config.radio.data)}
+channel=${config.radio.channel}
+`;
+
+	for (let i = 0; i < length(config.bss); i++) {
+		let bss = config.bss[i];
+		let type = i > 0 ? "bss" : "interface";
+		let nasid = bss.nasid ?? replace(bss.bssid, ":", "");
+
+		str += `
+${type}=${bss.ifname}
+bssid=${bss.bssid}
+${join("\n", bss.data)}
+nas_identifier=${nasid}
+`;
+		if (start_disabled)
+			str += `
+start_disabled=1
+`;
+	}
+
+	return str;
+}
+
+function iface_freq_info(iface, config, params)
+{
+	let freq = params.frequency;
+	if (!freq)
+		return null;
+
+	let sec_offset = params.sec_chan_offset;
+	if (sec_offset != -1 && sec_offset != 1)
+		sec_offset = 0;
+
+	let width = 0;
+	for (let line in config.radio.data) {
+		if (!sec_offset && match(line, /^ht_capab=.*HT40/)) {
+			sec_offset = null; // auto-detect
+			continue;
+		}
+
+		let val = match(line, /^(vht_oper_chwidth|he_oper_chwidth)=(\d+)/);
+		if (!val)
+			continue;
+
+		val = int(val[2]);
+		if (val > width)
+			width = val;
+	}
+
+	if (freq < 4000)
+		width = 0;
+
+	return hostapd.freq_info(freq, sec_offset, width);
+}
+
+function iface_add(phy, config, phy_status)
+{
+	let config_inline = iface_gen_config(phy, config, !!phy_status);
+
+	let bss = config.bss[0];
+	let ret = hostapd.add_iface(`bss_config=${phy}:${config_inline}`);
+	if (ret < 0)
+		return false;
+
+	if (!phy_status)
+		return true;
+
+	let iface = hostapd.interfaces[phy];
+	if (!iface)
+		return false;
+
+	let freq_info = iface_freq_info(iface, config, phy_status);
+
+	return iface.start(freq_info) >= 0;
+}
+
+function iface_config_macaddr_list(config)
+{
+	let macaddr_list = {};
+	for (let i = 0; i < length(config.bss); i++) {
+		let bss = config.bss[i];
+		if (!bss.default_macaddr)
+			macaddr_list[bss.bssid] = i;
+	}
+
+	return macaddr_list;
+}
+
+function iface_update_supplicant_macaddr(phy, config)
+{
+	let macaddr_list = [];
+	for (let i = 0; i < length(config.bss); i++)
+		push(macaddr_list, config.bss[i].bssid);
+	ubus.call("wpa_supplicant", "phy_set_macaddr_list", { phy: phy, macaddr: macaddr_list });
+}
+
+function iface_restart(phydev, config, old_config)
+{
+	let phy = phydev.name;
+
+	hostapd.remove_iface(phy);
+	iface_remove(old_config);
+	iface_remove(config);
+
+	if (!config.bss || !config.bss[0]) {
+		hostapd.printf(`No bss for phy ${phy}`);
+		return;
+	}
+
+	phydev.macaddr_init(iface_config_macaddr_list(config));
+	for (let i = 0; i < length(config.bss); i++) {
+		let bss = config.bss[i];
+		if (bss.default_macaddr)
+			bss.bssid = phydev.macaddr_next();
+	}
+
+	iface_update_supplicant_macaddr(phy, config);
+
+	let bss = config.bss[0];
+	let err = wdev_create(phy, bss.ifname, { mode: "ap" });
+	if (err)
+		hostapd.printf(`Failed to create ${bss.ifname} on phy ${phy}: ${err}`);
+
+	let ubus = hostapd.data.ubus;
+	let phy_status = ubus.call("wpa_supplicant", "phy_status", { phy: phy });
+	if (phy_status && phy_status.state == "COMPLETED") {
+		if (iface_add(phy, config, phy_status))
+			return;
+
+		hostapd.printf(`Failed to bring up phy ${phy} ifname=${bss.ifname} with supplicant provided frequency`);
+	}
+
+	ubus.call("wpa_supplicant", "phy_set_state", { phy: phy, stop: true });
+	if (!iface_add(phy, config))
+		hostapd.printf(`hostapd.add_iface failed for phy ${phy} ifname=${bss.ifname}`);
+	ubus.call("wpa_supplicant", "phy_set_state", { phy: phy, stop: false });
+}
+
+function array_to_obj(arr, key, start)
+{
+	let obj = {};
+
+	start ??= 0;
+	for (let i = start; i < length(arr); i++) {
+		let cur = arr[i];
+		obj[cur[key]] = cur;
+	}
+
+	return obj;
+}
+
+function find_array_idx(arr, key, val)
+{
+	for (let i = 0; i < length(arr); i++)
+		if (arr[i][key] == val)
+			return i;
+
+	return -1;
+}
+
+function bss_reload_psk(bss, config, old_config)
+{
+	if (is_equal(old_config.hash.wpa_psk_file, config.hash.wpa_psk_file))
+		return;
+
+	old_config.hash.wpa_psk_file = config.hash.wpa_psk_file;
+	if (!is_equal(old_config, config))
+		return;
+
+	let ret = bss.ctrl("RELOAD_WPA_PSK");
+	ret ??= "failed";
+
+	hostapd.printf(`Reload WPA PSK file for bss ${config.ifname}: ${ret}`);
+}
+
+function remove_file_fields(config)
+{
+	return filter(config, (line) => !hostapd.data.file_fields[split(line, "=")[0]]);
+}
+
+function bss_remove_file_fields(config)
+{
+	let new_cfg = {};
+
+	for (let key in config)
+		new_cfg[key] = config[key];
+	new_cfg.data = remove_file_fields(new_cfg.data);
+	new_cfg.hash = {};
+	for (let key in config.hash)
+		new_cfg.hash[key] = config.hash[key];
+	delete new_cfg.hash.wpa_psk_file;
+	delete new_cfg.hash.vlan_file;
+
+	return new_cfg;
+}
+
+function bss_config_hash(config)
+{
+	return hostapd.sha1(remove_file_fields(config) + "");
+}
+
+function bss_find_existing(config, prev_config, prev_hash)
+{
+	let hash = bss_config_hash(config.data);
+
+	for (let i = 0; i < length(prev_config.bss); i++) {
+		if (!prev_hash[i] || hash != prev_hash[i])
+			continue;
+
+		prev_hash[i] = null;
+		return i;
+	}
+
+	return -1;
+}
+
+function get_config_bss(config, idx)
+{
+	if (!config.bss[idx]) {
+		hostapd.printf(`Invalid bss index ${idx}`);
+		return null;
+	}
+
+	let ifname = config.bss[idx].ifname;
+	if (!ifname)
+		hostapd.printf(`Could not find bss ${config.bss[idx].ifname}`);
+
+	return hostapd.bss[ifname];
+}
+
+function iface_reload_config(phydev, config, old_config)
+{
+	let phy = phydev.name;
+
+	if (!old_config || !is_equal(old_config.radio, config.radio))
+		return false;
+
+	if (is_equal(old_config.bss, config.bss))
+		return true;
+
+	if (!old_config.bss || !old_config.bss[0])
+		return false;
+
+	let iface = hostapd.interfaces[phy];
+	if (!iface) {
+		hostapd.printf(`Could not find previous interface ${iface_name}`);
+		return false;
+	}
+
+	let iface_name = old_config.bss[0].ifname;
+	let first_bss = hostapd.bss[iface_name];
+	if (!first_bss) {
+		hostapd.printf(`Could not find bss of previous interface ${iface_name}`);
+		return false;
+	}
+
+	let macaddr_list = iface_config_macaddr_list(config);
+	let bss_list = [];
+	let bss_list_cfg = [];
+	let prev_bss_hash = [];
+
+	for (let bss in old_config.bss) {
+		let hash = bss_config_hash(bss.data);
+		push(prev_bss_hash, bss_config_hash(bss.data));
+	}
+
+	// Step 1: find (possibly renamed) interfaces with the same config
+	// and store them in the new order (with gaps)
+	for (let i = 0; i < length(config.bss); i++) {
+		let prev;
+
+		// For fullmac devices, the first interface needs to be preserved,
+		// since it's treated as the master
+		if (!i && phy_is_fullmac(phy)) {
+			prev = 0;
+			prev_bss_hash[0] = null;
+		} else {
+			prev = bss_find_existing(config.bss[i], old_config, prev_bss_hash);
+		}
+		if (prev < 0)
+			continue;
+
+		let cur_config = config.bss[i];
+		let prev_config = old_config.bss[prev];
+
+		let prev_bss = get_config_bss(old_config, prev);
+		if (!prev_bss)
+			return false;
+
+		// try to preserve MAC address of this BSS by reassigning another
+		// BSS if necessary
+		if (cur_config.default_macaddr &&
+		    !macaddr_list[prev_config.bssid]) {
+			macaddr_list[prev_config.bssid] = i;
+			cur_config.bssid = prev_config.bssid;
+		}
+
+		bss_list[i] = prev_bss;
+		bss_list_cfg[i] = old_config.bss[prev];
+	}
+
+	if (config.mbssid && !bss_list_cfg[0]) {
+		hostapd.printf("First BSS changed with MBSSID enabled");
+		return false;
+	}
+
+	// Step 2: if none were found, rename and preserve the first one
+	if (length(bss_list) == 0) {
+		// can't change the bssid of the first bss
+		if (config.bss[0].bssid != old_config.bss[0].bssid) {
+			if (!config.bss[0].default_macaddr) {
+				hostapd.printf(`BSSID of first interface changed: ${lc(old_config.bss[0].bssid)} -> ${lc(config.bss[0].bssid)}`);
+				return false;
+			}
+
+			config.bss[0].bssid = old_config.bss[0].bssid;
+		}
+
+		let prev_bss = get_config_bss(old_config, 0);
+		if (!prev_bss)
+			return false;
+
+		macaddr_list[config.bss[0].bssid] = 0;
+		bss_list[0] = prev_bss;
+		bss_list_cfg[0] = old_config.bss[0];
+		prev_bss_hash[0] = null;
+	}
+
+	// Step 3: delete all unused old interfaces
+	for (let i = 0; i < length(prev_bss_hash); i++) {
+		if (!prev_bss_hash[i])
+			continue;
+
+		let prev_bss = get_config_bss(old_config, i);
+		if (!prev_bss)
+			return false;
+
+		let ifname = old_config.bss[i].ifname;
+		hostapd.printf(`Remove bss '${ifname}' on phy '${phy}'`);
+		prev_bss.delete();
+		wdev_remove(ifname);
+	}
+
+	// Step 4: rename preserved interfaces, use temporary name on duplicates
+	let rename_list = [];
+	for (let i = 0; i < length(bss_list); i++) {
+		if (!bss_list[i])
+			continue;
+
+		let old_ifname = bss_list_cfg[i].ifname;
+		let new_ifname = config.bss[i].ifname;
+		if (old_ifname == new_ifname)
+			continue;
+
+		if (hostapd.bss[new_ifname]) {
+			new_ifname = "tmp_" + substr(hostapd.sha1(new_ifname), 0, 8);
+			push(rename_list, i);
+		}
+
+		hostapd.printf(`Rename bss ${old_ifname} to ${new_ifname}`);
+		if (!bss_list[i].rename(new_ifname)) {
+			hostapd.printf(`Failed to rename bss ${old_ifname} to ${new_ifname}`);
+			return false;
+		}
+
+		bss_list_cfg[i].ifname = new_ifname;
+	}
+
+	// Step 5: rename interfaces with temporary names
+	for (let i in rename_list) {
+		let new_ifname = config.bss[i].ifname;
+		if (!bss_list[i].rename(new_ifname)) {
+			hostapd.printf(`Failed to rename bss to ${new_ifname}`);
+			return false;
+		}
+		bss_list_cfg[i].ifname = new_ifname;
+	}
+
+	// Step 6: assign BSSID for newly created interfaces
+	let macaddr_data = {
+		num_global: config.num_global_macaddr ?? 1,
+		mbssid: config.mbssid ?? 0,
+	};
+	macaddr_list = phydev.macaddr_init(macaddr_list, macaddr_data);
+	for (let i = 0; i < length(config.bss); i++) {
+		if (bss_list[i])
+			continue;
+		let bsscfg = config.bss[i];
+
+		let mac_idx = macaddr_list[bsscfg.bssid];
+		if (mac_idx < 0)
+			macaddr_list[bsscfg.bssid] = i;
+		if (mac_idx == i)
+			continue;
+
+		// statically assigned bssid of the new interface is in conflict
+		// with the bssid of a reused interface. reassign the reused interface
+		if (!bsscfg.default_macaddr) {
+			// can't update bssid of the first BSS, need to restart
+			if (!mac_idx < 0)
+				return false;
+
+			bsscfg = config.bss[mac_idx];
+		}
+
+		let addr = phydev.macaddr_next(i);
+		if (!addr) {
+			hostapd.printf(`Failed to generate mac address for phy ${phy}`);
+			return false;
+		}
+		bsscfg.bssid = addr;
+	}
+
+	let config_inline = iface_gen_config(phy, config);
+
+	// Step 7: fill in the gaps with new interfaces
+	for (let i = 0; i < length(config.bss); i++) {
+		let ifname = config.bss[i].ifname;
+		let bss = bss_list[i];
+
+		if (bss)
+			continue;
+
+		hostapd.printf(`Add bss ${ifname} on phy ${phy}`);
+		bss_list[i] = iface.add_bss(config_inline, i);
+		if (!bss_list[i]) {
+			hostapd.printf(`Failed to add new bss ${ifname} on phy ${phy}`);
+			return false;
+		}
+	}
+
+	// Step 8: update interface bss order
+	if (!iface.set_bss_order(bss_list)) {
+		hostapd.printf(`Failed to update BSS order on phy '${phy}'`);
+		return false;
+	}
+
+	// Step 9: update config
+	for (let i = 0; i < length(config.bss); i++) {
+		if (!bss_list_cfg[i])
+			continue;
+
+		let ifname = config.bss[i].ifname;
+		let bss = bss_list[i];
+
+		if (is_equal(config.bss[i], bss_list_cfg[i]))
+			continue;
+
+		if (is_equal(bss_remove_file_fields(config.bss[i]),
+		             bss_remove_file_fields(bss_list_cfg[i]))) {
+			hostapd.printf(`Update config data files for bss ${ifname}`);
+			if (bss.set_config(config_inline, i, true) < 0) {
+				hostapd.printf(`Could not update config data files for bss ${ifname}`);
+				return false;
+			} else {
+				bss.ctrl("RELOAD_WPA_PSK");
+				continue;
+			}
+		}
+
+		bss_reload_psk(bss, config.bss[i], bss_list_cfg[i]);
+		if (is_equal(config.bss[i], bss_list_cfg[i]))
+			continue;
+
+		hostapd.printf(`Reload config for bss '${config.bss[0].ifname}' on phy '${phy}'`);
+		if (bss.set_config(config_inline, i) < 0) {
+			hostapd.printf(`Failed to set config for bss ${ifname}`);
+			return false;
+		}
+	}
+
+	return true;
+}
+
+function iface_set_config(phy, config)
+{
+	let old_config = hostapd.data.config[phy];
+
+	hostapd.data.config[phy] = config;
+
+	if (!config) {
+		hostapd.remove_iface(phy);
+		return iface_remove(old_config);
+	}
+
+	let phydev = phy_open(phy);
+	if (!phydev) {
+		hostapd.printf(`Failed to open phy ${phy}`);
+		return false;
+	}
+
+	try {
+		let ret = iface_reload_config(phydev, config, old_config);
+		if (ret) {
+			iface_update_supplicant_macaddr(phy, config);
+			hostapd.printf(`Reloaded settings for phy ${phy}`);
+			return 0;
+		}
+	} catch (e) {
+			hostapd.printf(`Error reloading config: ${e}\n${e.stacktrace[0].context}`);
+	}
+
+	hostapd.printf(`Restart interface for phy ${phy}`);
+	let ret = iface_restart(phydev, config, old_config);
+
+	return ret;
+}
+
+function config_add_bss(config, name)
+{
+	let bss = {
+		ifname: name,
+		data: [],
+		hash: {}
+	};
+
+	push(config.bss, bss);
+
+	return bss;
+}
+
+function iface_load_config(filename)
+{
+	let f = open(filename, "r");
+	if (!f)
+		return null;
+
+	let config = {
+		radio: {
+			data: []
+		},
+		bss: [],
+		orig_file: filename,
+	};
+
+	let bss;
+	let line;
+	while ((line = trim(f.read("line"))) != null) {
+		let val = split(line, "=", 2);
+		if (!val[0])
+			continue;
+
+		if (val[0] == "interface") {
+			bss = config_add_bss(config, val[1]);
+			break;
+		}
+
+		if (val[0] == "channel") {
+			config.radio.channel = val[1];
+			continue;
+		}
+
+		if (val[0] == "#num_global_macaddr" ||
+		    val[0] == "mbssid")
+			config[val[0]] = int(val[1]);
+
+		push(config.radio.data, line);
+	}
+
+	while ((line = trim(f.read("line"))) != null) {
+		if (line == "#default_macaddr")
+			bss.default_macaddr = true;
+
+		let val = split(line, "=", 2);
+		if (!val[0])
+			continue;
+
+		if (val[0] == "bssid") {
+			bss.bssid = lc(val[1]);
+			continue;
+		}
+
+		if (val[0] == "nas_identifier")
+			bss.nasid = val[1];
+
+		if (val[0] == "bss") {
+			bss = config_add_bss(config, val[1]);
+			continue;
+		}
+
+		if (hostapd.data.file_fields[val[0]])
+			bss.hash[val[0]] = hostapd.sha1(readfile(val[1]));
+
+		push(bss.data, line);
+	}
+	f.close();
+
+	return config;
+}
+
+function ex_wrap(func) {
+	return (req) => {
+		try {
+			let ret = func(req);
+			return ret;
+		} catch(e) {
+			hostapd.printf(`Exception in ubus function: ${e}\n${e.stacktrace[0].context}`);
+		}
+		return libubus.STATUS_UNKNOWN_ERROR;
+	};
+}
+
+let main_obj = {
+	reload: {
+		args: {
+			phy: "",
+		},
+		call: ex_wrap(function(req) {
+			let phy_list = req.args.phy ? [ req.args.phy ] : keys(hostapd.data.config);
+			for (let phy_name in phy_list) {
+				let phy = hostapd.data.config[phy_name];
+				let config = iface_load_config(phy.orig_file);
+				iface_set_config(phy_name, config);
+			}
+
+			return 0;
+		})
+	},
+	apsta_state: {
+		args: {
+			phy: "",
+			up: true,
+			frequency: 0,
+			sec_chan_offset: 0,
+			csa: true,
+			csa_count: 0,
+		},
+		call: ex_wrap(function(req) {
+			if (req.args.up == null || !req.args.phy)
+				return libubus.STATUS_INVALID_ARGUMENT;
+
+			let phy = req.args.phy;
+			let config = hostapd.data.config[phy];
+			if (!config || !config.bss || !config.bss[0] || !config.bss[0].ifname)
+				return 0;
+
+			let iface = hostapd.interfaces[phy];
+			if (!iface)
+				return 0;
+
+			if (!req.args.up) {
+				iface.stop();
+				return 0;
+			}
+
+			if (!req.args.frequency)
+				return libubus.STATUS_INVALID_ARGUMENT;
+
+			let freq_info = iface_freq_info(iface, config, req.args);
+			if (!freq_info)
+				return libubus.STATUS_UNKNOWN_ERROR;
+
+			let ret;
+			if (req.args.csa) {
+				freq_info.csa_count = req.args.csa_count ?? 10;
+				ret = iface.switch_channel(freq_info);
+			} else {
+				ret = iface.start(freq_info);
+			}
+			if (!ret)
+				return libubus.STATUS_UNKNOWN_ERROR;
+
+			return 0;
+		})
+	},
+	config_get_macaddr_list: {
+		args: {
+			phy: ""
+		},
+		call: ex_wrap(function(req) {
+			let phy = req.args.phy;
+			if (!phy)
+				return libubus.STATUS_INVALID_ARGUMENT;
+
+			let ret = {
+				macaddr: [],
+			};
+
+			let config = hostapd.data.config[phy];
+			if (!config)
+				return ret;
+
+			ret.macaddr = map(config.bss, (bss) => bss.bssid);
+			return ret;
+		})
+	},
+	config_set: {
+		args: {
+			phy: "",
+			config: "",
+			prev_config: "",
+		},
+		call: ex_wrap(function(req) {
+			let phy = req.args.phy;
+			let file = req.args.config;
+			let prev_file = req.args.prev_config;
+
+			if (!phy)
+				return libubus.STATUS_INVALID_ARGUMENT;
+
+			if (prev_file && !hostapd.data.config[phy]) {
+				let config = iface_load_config(prev_file);
+				if (config)
+					config.radio.data = [];
+				hostapd.data.config[phy] = config;
+			}
+
+			let config = iface_load_config(file);
+
+			hostapd.printf(`Set new config for phy ${phy}: ${file}`);
+			iface_set_config(phy, config);
+
+			return {
+				pid: hostapd.getpid()
+			};
+		})
+	},
+	config_add: {
+		args: {
+			iface: "",
+			config: "",
+		},
+		call: ex_wrap(function(req) {
+			if (!req.args.iface || !req.args.config)
+				return libubus.STATUS_INVALID_ARGUMENT;
+
+			if (hostapd.add_iface(`bss_config=${req.args.iface}:${req.args.config}`) < 0)
+				return libubus.STATUS_INVALID_ARGUMENT;
+
+			return {
+				pid: hostapd.getpid()
+			};
+		})
+	},
+	config_remove: {
+		args: {
+			iface: ""
+		},
+		call: ex_wrap(function(req) {
+			if (!req.args.iface)
+				return libubus.STATUS_INVALID_ARGUMENT;
+
+			hostapd.remove_iface(req.args.iface);
+			return 0;
+		})
+	},
+};
+
+hostapd.data.ubus = ubus;
+hostapd.data.obj = ubus.publish("hostapd", main_obj);
+
+function bss_event(type, name, data) {
+	let ubus = hostapd.data.ubus;
+
+	data ??= {};
+	data.name = name;
+	hostapd.data.obj.notify(`bss.${type}`, data, null, null, null, -1);
+	ubus.call("service", "event", { type: `hostapd.${name}.${type}`, data: {} });
+}
+
+return {
+	shutdown: function() {
+		for (let phy in hostapd.data.config)
+			iface_set_config(phy, null);
+		hostapd.ubus.disconnect();
+	},
+	bss_add: function(name, obj) {
+		bss_event("add", name);
+	},
+	bss_reload: function(name, obj, reconf) {
+		bss_event("reload", name, { reconf: reconf != 0 });
+	},
+	bss_remove: function(name, obj) {
+		bss_event("remove", name);
+	}
+};
--- a/feeds/hostapd/hostapd/files/multicall.c
+++ b/feeds/hostapd/hostapd/files/multicall.c
--- a/feeds/hostapd/hostapd/files/radius.clients
+++ b/feeds/hostapd/hostapd/files/radius.clients
@@ -0,0 +1 @@
+0.0.0.0/0 radius
--- a/feeds/hostapd/hostapd/files/radius.config
+++ b/feeds/hostapd/hostapd/files/radius.config
@@ -0,0 +1,9 @@
+config radius
+	option disabled '1'
+	option ca_cert '/etc/radius/ca.pem'
+	option cert '/etc/radius/cert.pem'
+	option key '/etc/radius/key.pem'
+	option users '/etc/radius/users'
+	option clients '/etc/radius/clients'
+	option auth_port '1812'
+	option acct_port '1813'
--- a/feeds/hostapd/hostapd/files/radius.init
+++ b/feeds/hostapd/hostapd/files/radius.init
@@ -0,0 +1,42 @@
+#!/bin/sh /etc/rc.common
+
+START=30
+
+USE_PROCD=1
+NAME=radius
+
+radius_start() {
+	local cfg="$1"
+
+	config_get_bool disabled "$cfg" disabled 0
+
+	[ "$disabled" -gt 0 ] && return
+
+	config_get ca "$cfg" ca_cert
+	config_get key "$cfg" key
+	config_get cert "$cfg" cert
+	config_get users "$cfg" users
+	config_get clients "$cfg" clients
+	config_get auth_port "$cfg" auth_port 1812
+	config_get acct_port "$cfg" acct_port 1813
+	config_get identity "$cfg" identity "$(cat /proc/sys/kernel/hostname)"
+
+	procd_open_instance $cfg
+	procd_set_param command /usr/sbin/hostapd-radius \
+		-C "$ca" \
+		-c "$cert" -k "$key" \
+		-s "$clients" -u "$users" \
+		-p "$auth_port" -P "$acct_port" \
+		-i "$identity"
+	procd_close_instance
+}
+
+start_service() {
+	config_load radius
+	config_foreach radius_start radius
+}
+
+service_triggers()
+{
+	procd_add_reload_trigger "radius"
+}
--- a/feeds/hostapd/hostapd/files/radius.users
+++ b/feeds/hostapd/hostapd/files/radius.users
@@ -0,0 +1,14 @@
+{
+	"phase1": {
+		"wildcard": [
+			{
+				"name": "*",
+				"methods": [ "PEAP" ]
+			}
+		]
+	},
+	"phase2": {
+		"users": {
+		}
+	}
+}
--- a/feeds/hostapd/hostapd/files/wdev.uc
+++ b/feeds/hostapd/hostapd/files/wdev.uc
@@ -0,0 +1,207 @@
+#!/usr/bin/env ucode
+'use strict';
+import { vlist_new, is_equal, wdev_create, wdev_remove, phy_open } from "/usr/share/hostap/common.uc";
+import { readfile, writefile, basename, readlink, glob } from "fs";
+let libubus = require("ubus");
+
+let keep_devices = {};
+let phy = shift(ARGV);
+let command = shift(ARGV);
+let phydev;
+
+const mesh_params = [
+	"mesh_retry_timeout", "mesh_confirm_timeout", "mesh_holding_timeout", "mesh_max_peer_links",
+	"mesh_max_retries", "mesh_ttl", "mesh_element_ttl", "mesh_hwmp_max_preq_retries",
+	"mesh_path_refresh_time", "mesh_min_discovery_timeout", "mesh_hwmp_active_path_timeout",
+	"mesh_hwmp_preq_min_interval", "mesh_hwmp_net_diameter_traversal_time", "mesh_hwmp_rootmode",
+	"mesh_hwmp_rann_interval", "mesh_gate_announcements", "mesh_sync_offset_max_neighor",
+	"mesh_rssi_threshold", "mesh_hwmp_active_path_to_root_timeout", "mesh_hwmp_root_interval",
+	"mesh_hwmp_confirmation_interval", "mesh_awake_window", "mesh_plink_timeout",
+	"mesh_auto_open_plinks", "mesh_fwding", "mesh_power_mode"
+];
+
+function iface_stop(wdev)
+{
+	if (keep_devices[wdev.ifname])
+		return;
+
+	wdev_remove(wdev.ifname);
+}
+
+function iface_start(wdev)
+{
+	let ifname = wdev.ifname;
+
+	if (readfile(`/sys/class/net/${ifname}/ifindex`)) {
+		system([ "ip", "link", "set", "dev", ifname, "down" ]);
+		wdev_remove(ifname);
+	}
+	let wdev_config = {};
+	for (let key in wdev)
+		wdev_config[key] = wdev[key];
+	if (!wdev_config.macaddr && wdev.mode != "monitor")
+		wdev_config.macaddr = phydev.macaddr_next();
+	wdev_create(phy, ifname, wdev_config);
+	system([ "ip", "link", "set", "dev", ifname, "up" ]);
+	if (wdev.freq)
+		system(`iw dev ${ifname} set freq ${wdev.freq} ${wdev.htmode}`);
+	if (wdev.mode == "adhoc") {
+		let cmd = ["iw", "dev", ifname, "ibss", "join", wdev.ssid, wdev.freq, wdev.htmode, "fixed-freq" ];
+		if (wdev.bssid)
+			push(cmd, wdev.bssid);
+		for (let key in [ "beacon-interval", "basic-rates", "mcast-rate", "keys" ])
+			if (wdev[key])
+				push(cmd, key, wdev[key]);
+		system(cmd);
+	} else if (wdev.mode == "mesh") {
+		let cmd = [ "iw", "dev", ifname, "mesh", "join", wdev.ssid, "freq", wdev.freq, wdev.htmode ];
+		for (let key in [ "mcast-rate", "beacon-interval" ])
+			if (wdev[key])
+				push(cmd, key, wdev[key]);
+		system(cmd);
+
+		cmd = ["iw", "dev", ifname, "set", "mesh_param" ];
+		let len = length(cmd);
+
+		for (let param in mesh_params)
+			if (wdev[param])
+				push(cmd, param, wdev[param]);
+
+		if (len == length(cmd))
+			return;
+
+		system(cmd);
+	}
+
+}
+
+function iface_cb(new_if, old_if)
+{
+	if (old_if && new_if && is_equal(old_if, new_if))
+		return;
+
+	if (old_if)
+		iface_stop(old_if);
+	if (new_if)
+		iface_start(new_if);
+}
+
+function drop_inactive(config)
+{
+	for (let key in config) {
+		if (!readfile(`/sys/class/net/${key}/ifindex`))
+			delete config[key];
+	}
+}
+
+function add_ifname(config)
+{
+	for (let key in config)
+		config[key].ifname = key;
+}
+
+function delete_ifname(config)
+{
+	for (let key in config)
+		delete config[key].ifname;
+}
+
+function add_existing(phy, config)
+{
+	let wdevs = glob(`/sys/class/ieee80211/${phy}/device/net/*`);
+	wdevs = map(wdevs, (arg) => basename(arg));
+	for (let wdev in wdevs) {
+		if (config[wdev])
+			continue;
+
+		if (basename(readlink(`/sys/class/net/${wdev}/phy80211`)) != phy)
+			continue;
+
+		if (trim(readfile(`/sys/class/net/${wdev}/operstate`)) == "down")
+			config[wdev] = {};
+	}
+}
+
+function usage()
+{
+	warn(`Usage: ${basename(sourcepath())} <phy> <command> [<arguments>]
+
+Commands:
+	set_config <config> [<device]...] - set phy configuration
+	get_macaddr <id>		  - get phy MAC address for vif index <id>
+`);
+	exit(1);
+}
+
+const commands = {
+	set_config: function(args) {
+		let statefile = `/var/run/wdev-${phy}.json`;
+
+		let new_config = shift(args);
+		for (let dev in ARGV)
+			keep_devices[dev] = true;
+
+		if (!new_config)
+			usage();
+
+		new_config = json(new_config);
+		if (!new_config) {
+			warn("Invalid configuration\n");
+			exit(1);
+		}
+
+		let old_config = readfile(statefile);
+		if (old_config)
+			old_config = json(old_config);
+
+		let config = vlist_new(iface_cb);
+		if (type(old_config) == "object")
+			config.data = old_config;
+
+		add_existing(phy, config.data);
+		add_ifname(config.data);
+		drop_inactive(config.data);
+
+		let ubus = libubus.connect();
+		let data = ubus.call("hostapd", "config_get_macaddr_list", { phy: phy });
+		let macaddr_list = [];
+		if (type(data) == "object" && data.macaddr)
+			macaddr_list = data.macaddr;
+		ubus.disconnect();
+		phydev.macaddr_init(macaddr_list);
+
+		add_ifname(new_config);
+		config.update(new_config);
+
+		drop_inactive(config.data);
+		delete_ifname(config.data);
+		writefile(statefile, sprintf("%J", config.data));
+	},
+	get_macaddr: function(args) {
+		let data = {};
+
+		for (let arg in args) {
+			arg = split(arg, "=", 2);
+			data[arg[0]] = arg[1];
+		}
+
+		let macaddr = phydev.macaddr_generate(data);
+		if (!macaddr) {
+			warn(`Could not get MAC address for phy ${phy}\n`);
+			exit(1);
+		}
+
+		print(macaddr + "\n");
+	},
+};
+
+if (!phy || !command | !commands[command])
+	usage();
+
+phydev = phy_open(phy);
+if (!phydev) {
+	warn(`PHY ${phy} does not exist\n`);
+	exit(1);
+}
+
+commands[command](ARGV);
--- a/feeds/hostapd/hostapd/files/wpa_supplicant-basic.config
+++ b/feeds/hostapd/hostapd/files/wpa_supplicant-basic.config
@@ -26,7 +26,7 @@
 # replacement for WEXT and its use allows wpa_supplicant to properly control
 # the driver to improve existing functionality like roaming and to support new
 # functionality.
-CONFIG_DRIVER_WEXT=y
+#CONFIG_DRIVER_WEXT=y

 # Driver interface for Linux drivers using the nl80211 kernel interface
 CONFIG_DRIVER_NL80211=y
@@ -315,7 +315,7 @@ CONFIG_NO_LINUX_PACKET_SOCKET_WAR=y
 #CONFIG_IEEE80211W=y

 # Support Operating Channel Validation
-#CONFIG_OCV=y
+CONFIG_OCV=y

 # Select TLS implementation
 # openssl = OpenSSL (default)
--- a/feeds/hostapd/hostapd/files/wpa_supplicant-full.config
+++ b/feeds/hostapd/hostapd/files/wpa_supplicant-full.config
@@ -26,7 +26,7 @@
 # replacement for WEXT and its use allows wpa_supplicant to properly control
 # the driver to improve existing functionality like roaming and to support new
 # functionality.
-CONFIG_DRIVER_WEXT=y
+#CONFIG_DRIVER_WEXT=y

 # Driver interface for Linux drivers using the nl80211 kernel interface
 CONFIG_DRIVER_NL80211=y
@@ -315,7 +315,7 @@ CONFIG_NO_LINUX_PACKET_SOCKET_WAR=y
 #CONFIG_IEEE80211W=y

 # Support Operating Channel Validation
-#CONFIG_OCV=y
+CONFIG_OCV=y

 # Select TLS implementation
 # openssl = OpenSSL (default)
@@ -578,7 +578,7 @@ CONFIG_HS20=y
 #CONFIG_MBO=y

 # Fast Initial Link Setup (FILS) (IEEE 802.11ai)
-#CONFIG_FILS=y
+CONFIG_FILS=y
 # FILS shared key authentication with PFS
 #CONFIG_FILS_SK_PFS=y

--- a/feeds/hostapd/hostapd/files/wpa_supplicant-mini.config
+++ b/feeds/hostapd/hostapd/files/wpa_supplicant-mini.config
@@ -26,7 +26,7 @@
 # replacement for WEXT and its use allows wpa_supplicant to properly control
 # the driver to improve existing functionality like roaming and to support new
 # functionality.
-CONFIG_DRIVER_WEXT=y
+#CONFIG_DRIVER_WEXT=y

 # Driver interface for Linux drivers using the nl80211 kernel interface
 CONFIG_DRIVER_NL80211=y
--- a/feeds/hostapd/hostapd/files/wpa_supplicant-p2p.config
+++ b/feeds/hostapd/hostapd/files/wpa_supplicant-p2p.config
@@ -26,7 +26,7 @@
 # replacement for WEXT and its use allows wpa_supplicant to properly control
 # the driver to improve existing functionality like roaming and to support new
 # functionality.
-CONFIG_DRIVER_WEXT=y
+#CONFIG_DRIVER_WEXT=y

 # Driver interface for Linux drivers using the nl80211 kernel interface
 CONFIG_DRIVER_NL80211=y
@@ -578,7 +578,7 @@ CONFIG_P2P=y
 #CONFIG_MBO=y

 # Fast Initial Link Setup (FILS) (IEEE 802.11ai)
-#CONFIG_FILS=y
+CONFIG_FILS=y
 # FILS shared key authentication with PFS
 #CONFIG_FILS_SK_PFS=y

@@ -622,4 +622,4 @@ CONFIG_UBUS=y
 # OpenWrt patch 380-disable-ctrl-iface-mib.patch
 # leads to the MIB only being compiled in if
 # CONFIG_CTRL_IFACE_MIB is enabled.
-#CONFIG_CTRL_IFACE_MIB=y
+CONFIG_CTRL_IFACE_MIB=y
--- a/feeds/hostapd/hostapd/files/wpa_supplicant.uc
+++ b/feeds/hostapd/hostapd/files/wpa_supplicant.uc
--- a/feeds/hostapd/hostapd/files/wpad.init
+++ b/feeds/hostapd/hostapd/files/wpad.init
--- a/feeds/hostapd/hostapd/files/wpad.json
+++ b/feeds/hostapd/hostapd/files/wpad.json
--- a/feeds/hostapd/hostapd/files/wpad_acl.json
+++ b/feeds/hostapd/hostapd/files/wpad_acl.json
@@ -0,0 +1,16 @@
+{
+	"user": "network",
+	"access": {
+		"service": {
+			"methods": [ "event" ]
+		},
+		"wpa_supplicant": {
+			"methods": [ "phy_set_state", "phy_set_macaddr_list", "phy_status" ]
+		},
+		"hostapd": {
+			"methods": [ "apsta_state" ]
+		}
+	},
+	"publish": [ "hostapd", "hostapd.*", "wpa_supplicant", "wpa_supplicant.*" ],
+	"send": [ "bss.*", "wps_credentials" ]
+}
--- a/feeds/hostapd/hostapd/files/wps-hotplug.sh
+++ b/feeds/hostapd/hostapd/files/wps-hotplug.sh
@@ -0,0 +1,69 @@
+#!/bin/sh
+
+wps_catch_credentials() {
+	local iface ifaces ifc ifname ssid encryption key radio radios
+	local found=0
+
+	. /usr/share/libubox/jshn.sh
+	ubus -S -t 30 listen wps_credentials | while read creds; do
+		json_init
+		json_load "$creds"
+		json_select wps_credentials || continue
+		json_get_vars ifname ssid key encryption
+		local ifcname="$ifname"
+		json_init
+		json_load "$(ubus -S call network.wireless status)"
+		json_get_keys radios
+		for radio in $radios; do
+			json_select $radio
+			json_select interfaces
+			json_get_keys ifaces
+			for ifc in $ifaces; do
+				json_select $ifc
+				json_get_vars ifname
+				[ "$ifname" = "$ifcname" ] && {
+					ubus -S call uci set "{\"config\":\"wireless\", \"type\":\"wifi-iface\",		\
+								\"match\": { \"device\": \"$radio\", \"encryption\": \"wps\" },	\
+								\"values\": { \"encryption\": \"$encryption\", 			\
+										\"ssid\": \"$ssid\", 				\
+										\"key\": \"$key\" } }"
+					ubus -S call uci commit '{"config": "wireless"}'
+					ubus -S call uci apply
+				}
+				json_select ..
+			done
+			json_select ..
+			json_select ..
+		done
+	done
+}
+
+if [ "$ACTION" = "released" ] && [ "$BUTTON" = "wps" ]; then
+	# If the button was pressed for 3 seconds or more, trigger WPS on
+	# wpa_supplicant only, no matter if hostapd is running or not.  If
+	# was pressed for less than 3 seconds, try triggering on
+	# hostapd. If there is no hostapd instance to trigger it on or WPS
+	# is not enabled on them, trigger it on wpa_supplicant.
+	if [ "$SEEN" -lt 3 ] ; then
+		wps_done=0
+		ubusobjs="$( ubus -S list hostapd.* )"
+		for ubusobj in $ubusobjs; do
+			ubus -S call $ubusobj wps_start && wps_done=1
+		done
+		[ $wps_done = 0 ] || return 0
+	fi
+	wps_done=0
+	ubusobjs="$( ubus -S list wpa_supplicant.* )"
+	for ubusobj in $ubusobjs; do
+		ifname="$(echo $ubusobj | cut -d'.' -f2 )"
+		multi_ap=""
+		if [ -e "/var/run/wpa_supplicant-${ifname}.conf.is_multiap" ]; then
+			ubus -S call $ubusobj wps_start '{ "multi_ap": true }' && wps_done=1
+		else
+			ubus -S call $ubusobj wps_start && wps_done=1
+		fi
+	done
+	[ $wps_done = 0 ] || wps_catch_credentials &
+fi
+
+return 0
--- a/feeds/hostapd/hostapd/patches/001-wolfssl-init-RNG-with-ECC-key.patch
+++ b/feeds/hostapd/hostapd/patches/001-wolfssl-init-RNG-with-ECC-key.patch
@@ -0,0 +1,43 @@
+From 21ce83b4ae2b9563175fdb4fc4312096cc399cf8 Mon Sep 17 00:00:00 2001
+From: David Bauer <mail@david-bauer.net>
+Date: Wed, 5 May 2021 00:44:34 +0200
+Subject: [PATCH] wolfssl: add RNG to EC key
+
+Since upstream commit 6467de5a8840 ("Randomize z ordinates in
+scalar mult when timing resistant") WolfSSL requires a RNG for
+the EC key when built hardened which is the default.
+
+Set the RNG for the EC key to fix connections for OWE clients.
+
+Signed-off-by: David Bauer <mail@david-bauer.net>
+---
+ src/crypto/crypto_wolfssl.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+--- a/src/crypto/crypto_wolfssl.c
+++ b/src/crypto/crypto_wolfssl.c
+@@ -1340,6 +1340,7 @@ int ecc_projective_add_point(ecc_point *
+ 
+ struct crypto_ec {
+ 	ecc_key key;
+	WC_RNG rng;
+ 	mp_int a;
+ 	mp_int prime;
+ 	mp_int order;
+@@ -1394,6 +1395,8 @@ struct crypto_ec * crypto_ec_init(int gr
+ 		return NULL;
+ 
+ 	if (wc_ecc_init(&e->key) != 0 ||
+	    wc_InitRng(&e->rng) != 0 ||
+	    wc_ecc_set_rng(&e->key, &e->rng) != 0 ||
+ 	    wc_ecc_set_curve(&e->key, 0, curve_id) != 0 ||
+ 	    mp_init(&e->a) != MP_OKAY ||
+ 	    mp_init(&e->prime) != MP_OKAY ||
+@@ -1425,6 +1428,7 @@ void crypto_ec_deinit(struct crypto_ec*
+ 	mp_clear(&e->order);
+ 	mp_clear(&e->prime);
+ 	mp_clear(&e->a);
+	wc_FreeRng(&e->rng);
+ 	wc_ecc_free(&e->key);
+ 	os_free(e);
+ }
--- a/feeds/hostapd/hostapd/patches/010-mesh-Allow-DFS-channels-to-be-selected-if-dfs-is-ena.patch
+++ b/feeds/hostapd/hostapd/patches/010-mesh-Allow-DFS-channels-to-be-selected-if-dfs-is-ena.patch
@@ -0,0 +1,135 @@
+From 8de8cd8380af0c43d4fde67a668d79ef73b26b26 Mon Sep 17 00:00:00 2001
+From: Peter Oh <peter.oh@bowerswilkins.com>
+Date: Tue, 30 Jun 2020 14:18:58 +0200
+Subject: [PATCH 10/19] mesh: Allow DFS channels to be selected if dfs is
+ enabled
+
+Note: DFS is assumed to be usable if a country code has been set
+
+Signed-off-by: Benjamin Berg <benjamin@sipsolutions.net>
+Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>
+---
+ wpa_supplicant/wpa_supplicant.c | 25 +++++++++++++++++++------
+ 1 file changed, 19 insertions(+), 6 deletions(-)
+
+--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
+@@ -2638,7 +2638,7 @@ static int drv_supports_vht(struct wpa_s
+ }
+ 
+ 
+-static bool ibss_mesh_is_80mhz_avail(int channel, struct hostapd_hw_modes *mode)
+static bool ibss_mesh_is_80mhz_avail(int channel, struct hostapd_hw_modes *mode, bool dfs_enabled)
+ {
+ 	int i;
+ 
+@@ -2647,7 +2647,10 @@ static bool ibss_mesh_is_80mhz_avail(int
+ 
+ 		chan = hw_get_channel_chan(mode, i, NULL);
+ 		if (!chan ||
+-		    chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
+		    chan->flag & HOSTAPD_CHAN_DISABLED)
+			return false;
+		
+		if (!dfs_enabled && chan->flag & (HOSTAPD_CHAN_RADAR | HOSTAPD_CHAN_NO_IR))
+ 			return false;
+ 	}
+ 
+@@ -2774,7 +2777,7 @@ static void ibss_mesh_select_40mhz(struc
+ 				   const struct wpa_ssid *ssid,
+ 				   struct hostapd_hw_modes *mode,
+ 				   struct hostapd_freq_params *freq,
+-				   int obss_scan) {
+				   int obss_scan, bool dfs_enabled) {
+ 	int chan_idx;
+ 	struct hostapd_channel_data *pri_chan = NULL, *sec_chan = NULL;
+ 	int i, res;
+@@ -2798,8 +2801,11 @@ static void ibss_mesh_select_40mhz(struc
+ 		return;
+ 
+ 	/* Check primary channel flags */
+-	if (pri_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
+	if (pri_chan->flag & HOSTAPD_CHAN_DISABLED)
+ 		return;
+	if (pri_chan->flag & (HOSTAPD_CHAN_RADAR | HOSTAPD_CHAN_NO_IR))
+		if (!dfs_enabled)
+			return;
+ 
+ #ifdef CONFIG_HT_OVERRIDES
+ 	if (ssid->disable_ht40)
+@@ -2825,8 +2831,11 @@ static void ibss_mesh_select_40mhz(struc
+ 		return;
+ 
+ 	/* Check secondary channel flags */
+-	if (sec_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
+	if (sec_chan->flag & HOSTAPD_CHAN_DISABLED)
+ 		return;
+	if (sec_chan->flag & (HOSTAPD_CHAN_RADAR | HOSTAPD_CHAN_NO_IR))
+		if (!dfs_enabled)
+			return;
+ 
+ 	if (ht40 == -1) {
+ 		if (!(pri_chan->flag & HOSTAPD_CHAN_HT40MINUS))
+@@ -2880,7 +2889,7 @@ static bool ibss_mesh_select_80_160mhz(s
+ 				       const struct wpa_ssid *ssid,
+ 				       struct hostapd_hw_modes *mode,
+ 				       struct hostapd_freq_params *freq,
+-				       int ieee80211_mode, bool is_6ghz) {
+				       int ieee80211_mode, bool is_6ghz, bool dfs_enabled) {
+ 	static const int bw80[] = {
+ 		5180, 5260, 5500, 5580, 5660, 5745, 5825,
+ 		5955, 6035, 6115, 6195, 6275, 6355, 6435,
+@@ -2925,7 +2934,7 @@ static bool ibss_mesh_select_80_160mhz(s
+ 		goto skip_80mhz;
+ 
+ 	/* Use 40 MHz if channel not usable */
+-	if (!ibss_mesh_is_80mhz_avail(channel, mode))
+	if (!ibss_mesh_is_80mhz_avail(channel, mode, dfs_enabled))
+ 		goto skip_80mhz;
+ 
+ 	chwidth = CONF_OPER_CHWIDTH_80MHZ;
+@@ -2939,7 +2948,7 @@ static bool ibss_mesh_select_80_160mhz(s
+ 	if ((mode->he_capab[ieee80211_mode].phy_cap[
+ 		     HE_PHYCAP_CHANNEL_WIDTH_SET_IDX] &
+ 	     HE_PHYCAP_CHANNEL_WIDTH_SET_160MHZ_IN_5G) && is_6ghz &&
+-	    ibss_mesh_is_80mhz_avail(channel + 16, mode)) {
+	    ibss_mesh_is_80mhz_avail(channel + 16, mode, dfs_enabled)) {
+ 		for (j = 0; j < ARRAY_SIZE(bw160); j++) {
+ 			if (freq->freq == bw160[j]) {
+ 				chwidth = CONF_OPER_CHWIDTH_160MHZ;
+@@ -2967,10 +2976,12 @@ static bool ibss_mesh_select_80_160mhz(s
+ 				if (!chan)
+ 					continue;
+ 
+-				if (chan->flag & (HOSTAPD_CHAN_DISABLED |
+-						  HOSTAPD_CHAN_NO_IR |
+-						  HOSTAPD_CHAN_RADAR))
+				if (chan->flag & HOSTAPD_CHAN_DISABLED)
+ 					continue;
+				if (chan->flag & (HOSTAPD_CHAN_RADAR |
+						  HOSTAPD_CHAN_NO_IR))
+					if (!dfs_enabled)
+						continue;
+ 
+ 				/* Found a suitable second segment for 80+80 */
+ 				chwidth = CONF_OPER_CHWIDTH_80P80MHZ;
+@@ -3025,6 +3036,7 @@ void ibss_mesh_setup_freq(struct wpa_sup
+ 	int i, obss_scan = 1;
+ 	u8 channel;
+ 	bool is_6ghz;
+	bool dfs_enabled = wpa_s->conf->country[0] && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_RADAR);
+ 
+ 	freq->freq = ssid->frequency;
+ 
+@@ -3070,9 +3082,9 @@ void ibss_mesh_setup_freq(struct wpa_sup
+ 	freq->channel = channel;
+ 	/* Setup higher BW only for 5 GHz */
+ 	if (mode->mode == HOSTAPD_MODE_IEEE80211A) {
+-		ibss_mesh_select_40mhz(wpa_s, ssid, mode, freq, obss_scan);
+		ibss_mesh_select_40mhz(wpa_s, ssid, mode, freq, obss_scan, dfs_enabled);
+ 		if (!ibss_mesh_select_80_160mhz(wpa_s, ssid, mode, freq,
+-						ieee80211_mode, is_6ghz))
+						ieee80211_mode, is_6ghz, dfs_enabled))
+ 			freq->he_enabled = freq->vht_enabled = false;
+ 	}
+ 
--- a/feeds/hostapd/hostapd/patches/011-mesh-use-deterministic-channel-on-channel-switch.patch
+++ b/feeds/hostapd/hostapd/patches/011-mesh-use-deterministic-channel-on-channel-switch.patch
@@ -28,8 +28,8 @@ Signed-off-by: Markus Theil <markus.theil@tu-ilmenau.de>
 +#include "crypto/crypto.h"
 
 
- static int dfs_get_used_n_chans(struct hostapd_iface *iface, int *seg1)
-@@ -480,9 +481,14 @@ dfs_get_valid_channel(struct hostapd_ifa
+ enum dfs_channel_type {
+@@ -526,9 +527,14 @@ dfs_get_valid_channel(struct hostapd_ifa
 	int num_available_chandefs;
 	int chan_idx, chan_idx2;
 	int sec_chan_idx_80p80 = -1;
@@ -44,7 +44,7 @@ Signed-off-by: Markus Theil <markus.theil@tu-ilmenau.de>
 	wpa_printf(MSG_DEBUG, "DFS: Selecting random channel");
 	*secondary_channel = 0;
 	*oper_centr_freq_seg0_idx = 0;
-@@ -502,8 +508,20 @@ dfs_get_valid_channel(struct hostapd_ifa
+@@ -548,8 +554,20 @@ dfs_get_valid_channel(struct hostapd_ifa
 	if (num_available_chandefs == 0)
 		return NULL;
 
@@ -64,11 +64,11 @@ Signed-off-by: Markus Theil <markus.theil@tu-ilmenau.de>
 		return NULL;
 +
 	chan_idx = _rand % num_available_chandefs;
- 	dfs_find_channel(iface, &chan, chan_idx, skip_radar);
+ 	dfs_find_channel(iface, &chan, chan_idx, type);
 	if (!chan) {
 --- a/src/drivers/driver_nl80211.c
 +++ b/src/drivers/driver_nl80211.c
-@@ -9797,6 +9797,10 @@ static int nl80211_switch_channel(void *
+@@ -11017,6 +11017,10 @@ static int nl80211_switch_channel(void *
 	if (ret)
 		goto error;
 
--- a/feeds/hostapd/hostapd/patches/021-fix-sta-add-after-previous-connection.patch
+++ b/feeds/hostapd/hostapd/patches/021-fix-sta-add-after-previous-connection.patch
@@ -0,0 +1,26 @@
+--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
+@@ -4621,6 +4621,13 @@ static int add_associated_sta(struct hos
+ 	 * drivers to accept the STA parameter configuration. Since this is
+ 	 * after a new FT-over-DS exchange, a new TK has been derived, so key
+ 	 * reinstallation is not a concern for this case.
+	 *
+	 * If the STA was associated and authorized earlier, but came for a new
+	 * connection (!added_unassoc + !reassoc), remove the existing STA entry
+	 * so that it can be re-added. This case is rarely seen when the AP could
+	 * not receive the deauth/disassoc frame from the STA. And the STA comes
+	 * back with new connection within a short period or before the inactive
+	 * STA entry is removed from the list.
+ 	 */
+ 	wpa_printf(MSG_DEBUG, "Add associated STA " MACSTR
+ 		   " (added_unassoc=%d auth_alg=%u ft_over_ds=%u reassoc=%d authorized=%d ft_tk=%d fils_tk=%d)",
+@@ -4634,7 +4641,8 @@ static int add_associated_sta(struct hos
+ 	    (!(sta->flags & WLAN_STA_AUTHORIZED) ||
+ 	     (reassoc && sta->ft_over_ds && sta->auth_alg == WLAN_AUTH_FT) ||
+ 	     (!wpa_auth_sta_ft_tk_already_set(sta->wpa_sm) &&
+-	      !wpa_auth_sta_fils_tk_already_set(sta->wpa_sm)))) {
+	      !wpa_auth_sta_fils_tk_already_set(sta->wpa_sm)) ||
+	     (!reassoc && (sta->flags & WLAN_STA_AUTHORIZED)))) {
+ 		hostapd_drv_sta_remove(hapd, sta->addr);
+ 		wpa_auth_sm_event(sta->wpa_sm, WPA_DRV_STA_REMOVED);
+ 		set = 0;
--- a/feeds/hostapd/hostapd/patches/022-hostapd-fix-use-of-uninitialized-stack-variables.patch
+++ b/feeds/hostapd/hostapd/patches/022-hostapd-fix-use-of-uninitialized-stack-variables.patch
@@ -0,0 +1,25 @@
+From: Felix Fietkau <nbd@nbd.name>
+Date: Thu, 8 Jul 2021 16:33:03 +0200
+Subject: [PATCH] hostapd: fix use of uninitialized stack variables
+
+When a CSA is performed on an 80 MHz channel, hostapd_change_config_freq
+unconditionally calls hostapd_set_oper_centr_freq_seg0/1_idx with seg0/1
+filled by ieee80211_freq_to_chan.
+However, if ieee80211_freq_to_chan fails (because the freq is 0 or invalid),
+seg0/1 remains uninitialized and filled with stack garbage, causing errors
+such as "hostapd: 80 MHz: center segment 1 configured"
+
+Signed-off-by: Felix Fietkau <nbd@nbd.name>
+---
+
+--- a/src/ap/hostapd.c
+++ b/src/ap/hostapd.c
+@@ -3764,7 +3764,7 @@ static int hostapd_change_config_freq(st
+ 				      struct hostapd_freq_params *old_params)
+ {
+ 	int channel;
+-	u8 seg0, seg1;
+	u8 seg0 = 0, seg1 = 0;
+ 	struct hostapd_hw_modes *mode;
+ 
+ 	if (!params->channel) {
--- a/feeds/hostapd/hostapd/patches/023-ndisc_snoop-call-dl_list_del-before-freeing-ipv6-add.patch
+++ b/feeds/hostapd/hostapd/patches/023-ndisc_snoop-call-dl_list_del-before-freeing-ipv6-add.patch
--- a/feeds/hostapd/hostapd/patches/030-driver_nl80211-rewrite-neigh-code-to-not-depend-on-l.patch
+++ b/feeds/hostapd/hostapd/patches/030-driver_nl80211-rewrite-neigh-code-to-not-depend-on-l.patch
@@ -20,7 +20,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
 #include <linux/rtnetlink.h>
 #include <netpacket/packet.h>
 #include <linux/errqueue.h>
-@@ -5233,26 +5230,29 @@ fail:
+@@ -5783,26 +5780,29 @@ fail:
 
 static void rtnl_neigh_delete_fdb_entry(struct i802_bss *bss, const u8 *addr)
 {
@@ -64,7 +64,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
 	if (err < 0) {
 		wpa_printf(MSG_DEBUG, "nl80211: bridge FDB entry delete for "
 			   MACSTR " ifindex=%d failed: %s", MAC2STR(addr),
-@@ -5262,9 +5262,8 @@ static void rtnl_neigh_delete_fdb_entry(
+@@ -5812,9 +5812,8 @@ static void rtnl_neigh_delete_fdb_entry(
 			   MACSTR, MAC2STR(addr));
 	}
 
@@ -76,7 +76,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
 }
 
 
-@@ -7633,7 +7632,6 @@ static void *i802_init(struct hostapd_da
+@@ -8492,7 +8491,6 @@ static void *i802_init(struct hostapd_da
 	    (params->num_bridge == 0 || !params->bridge[0]))
 		add_ifidx(drv, br_ifindex, drv->ifindex);
 
@@ -84,7 +84,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
 	if (bss->added_if_into_bridge || bss->already_in_bridge) {
 		int err;
 
-@@ -7650,7 +7648,6 @@ static void *i802_init(struct hostapd_da
+@@ -8509,7 +8507,6 @@ static void *i802_init(struct hostapd_da
 			goto failed;
 		}
 	}
@@ -92,7 +92,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
 
 	if (drv->capa.flags2 & WPA_DRIVER_FLAGS2_CONTROL_PORT_RX) {
 		wpa_printf(MSG_DEBUG,
-@@ -10581,13 +10578,14 @@ static int wpa_driver_br_add_ip_neigh(vo
+@@ -11883,13 +11880,14 @@ static int wpa_driver_br_add_ip_neigh(vo
 				      const u8 *ipaddr, int prefixlen,
 				      const u8 *addr)
 {
@@ -112,7 +112,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
 	int res;
 
 	if (!ipaddr || prefixlen == 0 || !addr)
-@@ -10606,85 +10604,66 @@ static int wpa_driver_br_add_ip_neigh(vo
+@@ -11908,85 +11906,66 @@ static int wpa_driver_br_add_ip_neigh(vo
 	}
 
 	if (version == 4) {
@@ -220,7 +220,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
 		addrsize = 16;
 	} else {
 		return -EINVAL;
-@@ -10702,41 +10681,30 @@ static int wpa_driver_br_delete_ip_neigh
+@@ -12004,41 +11983,30 @@ static int wpa_driver_br_delete_ip_neigh
 		return -1;
 	}
 
--- a/feeds/hostapd/hostapd/patches/040-mesh-allow-processing-authentication-frames-in-block.patch
+++ b/feeds/hostapd/hostapd/patches/040-mesh-allow-processing-authentication-frames-in-block.patch
@@ -0,0 +1,34 @@
+From: Felix Fietkau <nbd@nbd.name>
+Date: Mon, 18 Feb 2019 12:57:11 +0100
+Subject: [PATCH] mesh: allow processing authentication frames in blocked state
+
+If authentication fails repeatedly e.g. because of a weak signal, the link
+can end up in blocked state. If one of the nodes tries to establish a link
+again before it is unblocked on the other side, it will block the link to
+that other side. The same happens on the other side when it unblocks the
+link. In that scenario, the link never recovers on its own.
+
+To fix this, allow restarting authentication even if the link is in blocked
+state, but don't initiate the attempt until the blocked period is over.
+
+Signed-off-by: Felix Fietkau <nbd@nbd.name>
+---
+
+--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
+@@ -3020,15 +3020,6 @@ static void handle_auth(struct hostapd_d
+ 				       seq_ctrl);
+ 			return;
+ 		}
+-#ifdef CONFIG_MESH
+-		if ((hapd->conf->mesh & MESH_ENABLED) &&
+-		    sta->plink_state == PLINK_BLOCKED) {
+-			wpa_printf(MSG_DEBUG, "Mesh peer " MACSTR
+-				   " is blocked - drop Authentication frame",
+-				   MAC2STR(sa));
+-			return;
+-		}
+-#endif /* CONFIG_MESH */
+ #ifdef CONFIG_PASN
+ 		if (auth_alg == WLAN_AUTH_PASN &&
+ 		    (sta->flags & WLAN_STA_ASSOC)) {
--- a/feeds/hostapd/hostapd/patches/050-build_fix.patch
+++ b/feeds/hostapd/hostapd/patches/050-build_fix.patch
@@ -0,0 +1,20 @@
+--- a/hostapd/Makefile
+++ b/hostapd/Makefile
+@@ -324,6 +324,7 @@ ifdef CONFIG_FILS
+ CFLAGS += -DCONFIG_FILS
+ OBJS += ../src/ap/fils_hlp.o
+ NEED_SHA384=y
+NEED_HMAC_SHA384_KDF=y
+ NEED_AES_SIV=y
+ ifdef CONFIG_FILS_SK_PFS
+ CFLAGS += -DCONFIG_FILS_SK_PFS
+--- a/wpa_supplicant/Makefile
+++ b/wpa_supplicant/Makefile
+@@ -331,6 +331,7 @@ endif
+ ifdef CONFIG_FILS
+ CFLAGS += -DCONFIG_FILS
+ NEED_SHA384=y
+NEED_HMAC_SHA384_KDF=y
+ NEED_AES_SIV=y
+ ifdef CONFIG_FILS_SK_PFS
+ CFLAGS += -DCONFIG_FILS_SK_PFS
--- a/feeds/hostapd/hostapd/patches/110-mbedtls-TLS-crypto-option-initial-port.patch
+++ b/feeds/hostapd/hostapd/patches/110-mbedtls-TLS-crypto-option-initial-port.patch
--- a/feeds/hostapd/hostapd/patches/120-mbedtls-fips186_2_prf.patch
+++ b/feeds/hostapd/hostapd/patches/120-mbedtls-fips186_2_prf.patch
@@ -0,0 +1,114 @@
+From c8dba4bd750269bcc80fed3d546e2077cb4cdf0e Mon Sep 17 00:00:00 2001
+From: Glenn Strauss <gstrauss@gluelogic.com>
+Date: Tue, 19 Jul 2022 20:02:21 -0400
+Subject: [PATCH 2/7] mbedtls: fips186_2_prf()
+
+Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
+---
+ hostapd/Makefile            |  4 ---
+ src/crypto/crypto_mbedtls.c | 60 +++++++++++++++++++++++++++++++++++++
+ wpa_supplicant/Makefile     |  4 ---
+ 3 files changed, 60 insertions(+), 8 deletions(-)
+
+--- a/hostapd/Makefile
+++ b/hostapd/Makefile
+@@ -759,10 +759,6 @@ endif
+ OBJS += ../src/crypto/crypto_$(CONFIG_CRYPTO).o
+ HOBJS += ../src/crypto/crypto_$(CONFIG_CRYPTO).o
+ SOBJS += ../src/crypto/crypto_$(CONFIG_CRYPTO).o
+-ifdef NEED_FIPS186_2_PRF
+-OBJS += ../src/crypto/fips_prf_internal.o
+-SHA1OBJS += ../src/crypto/sha1-internal.o
+-endif
+ ifeq ($(CONFIG_CRYPTO), mbedtls)
+ ifdef CONFIG_DPP
+ LIBS += -lmbedx509
+--- a/src/crypto/crypto_mbedtls.c
+++ b/src/crypto/crypto_mbedtls.c
+@@ -132,6 +132,12 @@
+ #define CRYPTO_MBEDTLS_HMAC_KDF_SHA512
+ #endif
+ 
+#if defined(EAP_SIM) || defined(EAP_SIM_DYNAMIC) || defined(EAP_SERVER_SIM) \
+ || defined(EAP_AKA) || defined(EAP_AKA_DYNAMIC) || defined(EAP_SERVER_AKA)
+/* EAP_SIM=y EAP_AKA=y */
+#define CRYPTO_MBEDTLS_FIPS186_2_PRF
+#endif
+
+ #if defined(EAP_FAST) || defined(EAP_FAST_DYNAMIC) || defined(EAP_SERVER_FAST) \
+  || defined(EAP_TEAP) || defined(EAP_TEAP_DYNAMIC) || defined(EAP_SERVER_FAST)
+ #define CRYPTO_MBEDTLS_SHA1_T_PRF
+@@ -813,6 +819,60 @@ int sha1_t_prf(const u8 *key, size_t key
+ 
+ #endif /* CRYPTO_MBEDTLS_SHA1_T_PRF */
+ 
+#ifdef CRYPTO_MBEDTLS_FIPS186_2_PRF
+
+/* fips_prf_internal.c sha1-internal.c */
+
+/* used only by src/eap_common/eap_sim_common.c:eap_sim_prf()
+ * for eap_sim_derive_keys() and eap_sim_derive_keys_reauth()
+ * where xlen is 160 */
+
+int fips186_2_prf(const u8 *seed, size_t seed_len, u8 *x, size_t xlen)
+{
+	/* FIPS 186-2 + change notice 1 */
+
+	mbedtls_sha1_context ctx;
+	u8 * const xkey = ctx.MBEDTLS_PRIVATE(buffer);
+	u32 * const xstate = ctx.MBEDTLS_PRIVATE(state);
+	const u32 xstate_init[] =
+	  { 0x67452301, 0xEFCDAB89, 0x98BADCFE, 0x10325476, 0xC3D2E1F0 };
+
+	mbedtls_sha1_init(&ctx);
+	os_memcpy(xkey, seed, seed_len < 64 ? seed_len : 64);
+
+	/* note: does not fill extra bytes if (xlen % 20) (SHA1_MAC_LEN) */
+	for (; xlen >= 20; xlen -= 20) {
+		/* XSEED_j = 0 */
+		/* XVAL = (XKEY + XSEED_j) mod 2^b */
+
+		/* w_i = G(t, XVAL) */
+		os_memcpy(xstate, xstate_init, sizeof(xstate_init));
+		mbedtls_internal_sha1_process(&ctx, xkey);
+
+	  #if __BYTE_ORDER == __LITTLE_ENDIAN
+		xstate[0] = host_to_be32(xstate[0]);
+		xstate[1] = host_to_be32(xstate[1]);
+		xstate[2] = host_to_be32(xstate[2]);
+		xstate[3] = host_to_be32(xstate[3]);
+		xstate[4] = host_to_be32(xstate[4]);
+	  #endif
+		os_memcpy(x, xstate, 20);
+		if (xlen == 20) /*(done; skip prep for next loop)*/
+			break;
+
+		/* XKEY = (1 + XKEY + w_i) mod 2^b */
+		for (u32 carry = 1, k = 20; k-- > 0; carry >>= 8)
+			xkey[k] = (carry += xkey[k] + x[k]) & 0xff;
+		x += 20;
+		/* x_j = w_0|w_1 (each pair of iterations through loop)*/
+	}
+
+	mbedtls_sha1_free(&ctx);
+	return 0;
+}
+
+#endif /* CRYPTO_MBEDTLS_FIPS186_2_PRF */
+
+ #endif /* MBEDTLS_SHA1_C */
+ 
+ 
+--- a/wpa_supplicant/Makefile
+++ b/wpa_supplicant/Makefile
+@@ -1174,10 +1174,6 @@ endif
+ OBJS += ../src/crypto/crypto_$(CONFIG_CRYPTO).o
+ OBJS_p += ../src/crypto/crypto_$(CONFIG_CRYPTO).o
+ OBJS_priv += ../src/crypto/crypto_$(CONFIG_CRYPTO).o
+-ifdef NEED_FIPS186_2_PRF
+-OBJS += ../src/crypto/fips_prf_internal.o
+-SHA1OBJS += ../src/crypto/sha1-internal.o
+-endif
+ ifeq ($(CONFIG_CRYPTO), mbedtls)
+ LIBS += -lmbedcrypto
+ LIBS_p += -lmbedcrypto
--- a/feeds/hostapd/hostapd/patches/130-mbedtls-annotate-with-TEST_FAIL-for-hwsim-tests.patch
+++ b/feeds/hostapd/hostapd/patches/130-mbedtls-annotate-with-TEST_FAIL-for-hwsim-tests.patch
@@ -0,0 +1,421 @@
+From 31bd19e0e0254b910cccfd3ddc6a6a9222bbcfc0 Mon Sep 17 00:00:00 2001
+From: Glenn Strauss <gstrauss@gluelogic.com>
+Date: Sun, 9 Oct 2022 05:12:17 -0400
+Subject: [PATCH 3/7] mbedtls: annotate with TEST_FAIL() for hwsim tests
+
+Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
+---
+ src/crypto/crypto_mbedtls.c | 124 ++++++++++++++++++++++++++++++++++++
+ 1 file changed, 124 insertions(+)
+
+--- a/src/crypto/crypto_mbedtls.c
+++ b/src/crypto/crypto_mbedtls.c
+@@ -280,6 +280,9 @@ __attribute_noinline__
+ static int md_vector(size_t num_elem, const u8 *addr[], const size_t *len,
+                      u8 *mac, mbedtls_md_type_t md_type)
+ {
+	if (TEST_FAIL())
+		return -1;
+
+ 	mbedtls_md_context_t ctx;
+ 	mbedtls_md_init(&ctx);
+ 	if (mbedtls_md_setup(&ctx, mbedtls_md_info_from_type(md_type), 0) != 0){
+@@ -343,6 +346,9 @@ __attribute_noinline__
+ static int sha384_512_vector(size_t num_elem, const u8 *addr[],
+                              const size_t *len, u8 *mac, int is384)
+ {
+	if (TEST_FAIL())
+		return -1;
+
+ 	struct mbedtls_sha512_context ctx;
+ 	mbedtls_sha512_init(&ctx);
+   #if MBEDTLS_VERSION_MAJOR >= 3
+@@ -375,6 +381,9 @@ int sha384_vector(size_t num_elem, const
+ #include <mbedtls/sha256.h>
+ int sha256_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
+ {
+	if (TEST_FAIL())
+		return -1;
+
+ 	struct mbedtls_sha256_context ctx;
+ 	mbedtls_sha256_init(&ctx);
+   #if MBEDTLS_VERSION_MAJOR >= 3
+@@ -397,6 +406,9 @@ int sha256_vector(size_t num_elem, const
+ #include <mbedtls/sha1.h>
+ int sha1_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
+ {
+	if (TEST_FAIL())
+		return -1;
+
+ 	struct mbedtls_sha1_context ctx;
+ 	mbedtls_sha1_init(&ctx);
+   #if MBEDTLS_VERSION_MAJOR >= 3
+@@ -419,6 +431,9 @@ int sha1_vector(size_t num_elem, const u
+ #include <mbedtls/md5.h>
+ int md5_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
+ {
+	if (TEST_FAIL())
+		return -1;
+
+ 	struct mbedtls_md5_context ctx;
+ 	mbedtls_md5_init(&ctx);
+   #if MBEDTLS_VERSION_MAJOR >= 3
+@@ -441,6 +456,9 @@ int md5_vector(size_t num_elem, const u8
+ #include <mbedtls/md4.h>
+ int md4_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
+ {
+	if (TEST_FAIL())
+		return -1;
+
+ 	struct mbedtls_md4_context ctx;
+ 	mbedtls_md4_init(&ctx);
+ 	mbedtls_md4_starts_ret(&ctx);
+@@ -460,6 +478,9 @@ static int hmac_vector(const u8 *key, si
+                        const u8 *addr[], const size_t *len, u8 *mac,
+                        mbedtls_md_type_t md_type)
+ {
+	if (TEST_FAIL())
+		return -1;
+
+ 	mbedtls_md_context_t ctx;
+ 	mbedtls_md_init(&ctx);
+ 	if (mbedtls_md_setup(&ctx, mbedtls_md_info_from_type(md_type), 1) != 0){
+@@ -571,6 +592,9 @@ static int hmac_kdf_expand(const u8 *prk
+                            const char *label, const u8 *info, size_t info_len,
+                            u8 *okm, size_t okm_len, mbedtls_md_type_t md_type)
+ {
+	if (TEST_FAIL())
+		return -1;
+
+ 	const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(md_type);
+   #ifdef MBEDTLS_HKDF_C
+ 	if (label == NULL)  /* RFC 5869 HKDF-Expand when (label == NULL) */
+@@ -663,6 +687,9 @@ static int hmac_prf_bits(const u8 *key,
+                          const u8 *data, size_t data_len, u8 *buf,
+                          size_t buf_len_bits, mbedtls_md_type_t md_type)
+ {
+	if (TEST_FAIL())
+		return -1;
+
+ 	mbedtls_md_context_t ctx;
+ 	mbedtls_md_init(&ctx);
+ 	const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(md_type);
+@@ -938,6 +965,9 @@ int pbkdf2_sha1(const char *passphrase,
+ 
+ static void *aes_crypt_init_mode(const u8 *key, size_t len, int mode)
+ {
+	if (TEST_FAIL())
+		return NULL;
+
+ 	mbedtls_aes_context *aes = os_malloc(sizeof(*aes));
+ 	if (!aes)
+ 		return NULL;
+@@ -996,6 +1026,9 @@ void aes_decrypt_deinit(void *ctx)
+ /* aes-wrap.c */
+ int aes_wrap(const u8 *kek, size_t kek_len, int n, const u8 *plain, u8 *cipher)
+ {
+	if (TEST_FAIL())
+		return -1;
+
+ 	mbedtls_nist_kw_context ctx;
+ 	mbedtls_nist_kw_init(&ctx);
+ 	size_t olen;
+@@ -1010,6 +1043,9 @@ int aes_wrap(const u8 *kek, size_t kek_l
+ /* aes-unwrap.c */
+ int aes_unwrap(const u8 *kek, size_t kek_len, int n, const u8 *cipher, u8 *plain)
+ {
+	if (TEST_FAIL())
+		return -1;
+
+ 	mbedtls_nist_kw_context ctx;
+ 	mbedtls_nist_kw_init(&ctx);
+ 	size_t olen;
+@@ -1041,6 +1077,9 @@ int omac1_aes_vector(
+     const u8 *key, size_t key_len, size_t num_elem, const u8 *addr[],
+     const size_t *len, u8 *mac)
+ {
+	if (TEST_FAIL())
+		return -1;
+
+ 	mbedtls_cipher_type_t cipher_type;
+ 	switch (key_len) {
+ 	case 16: cipher_type = MBEDTLS_CIPHER_AES_128_ECB; break;
+@@ -1103,6 +1142,9 @@ int omac1_aes_256(const u8 *key, const u
+ /* aes-encblock.c */
+ int aes_128_encrypt_block(const u8 *key, const u8 *in, u8 *out)
+ {
+	if (TEST_FAIL())
+		return -1;
+
+ 	mbedtls_aes_context aes;
+ 	mbedtls_aes_init(&aes);
+ 	int ret = mbedtls_aes_setkey_enc(&aes, key, 128)
+@@ -1118,6 +1160,9 @@ int aes_128_encrypt_block(const u8 *key,
+ int aes_ctr_encrypt(const u8 *key, size_t key_len, const u8 *nonce,
+ 		    u8 *data, size_t data_len)
+ {
+	if (TEST_FAIL())
+		return -1;
+
+ 	unsigned char counter[MBEDTLS_AES_BLOCK_SIZE];
+ 	unsigned char stream_block[MBEDTLS_AES_BLOCK_SIZE];
+ 	os_memcpy(counter, nonce, MBEDTLS_AES_BLOCK_SIZE);/*(must be writable)*/
+@@ -1160,11 +1205,17 @@ static int aes_128_cbc_oper(const u8 *ke
+ 
+ int aes_128_cbc_encrypt(const u8 *key, const u8 *iv, u8 *data, size_t data_len)
+ {
+	if (TEST_FAIL())
+		return -1;
+
+ 	return aes_128_cbc_oper(key, iv, data, data_len, MBEDTLS_AES_ENCRYPT);
+ }
+ 
+ int aes_128_cbc_decrypt(const u8 *key, const u8 *iv, u8 *data, size_t data_len)
+ {
+	if (TEST_FAIL())
+		return -1;
+
+ 	return aes_128_cbc_oper(key, iv, data, data_len, MBEDTLS_AES_DECRYPT);
+ }
+ 
+@@ -1407,6 +1458,10 @@ int crypto_hash_finish(struct crypto_has
+ 	}
+ 	mbedtls_md_free(mctx);
+ 	os_free(mctx);
+
+	if (TEST_FAIL())
+		return -1;
+
+ 	return 0;
+ }
+ 
+@@ -1421,6 +1476,9 @@ int crypto_hash_finish(struct crypto_has
+ 
+ struct crypto_bignum *crypto_bignum_init(void)
+ {
+	if (TEST_FAIL())
+		return NULL;
+
+ 	mbedtls_mpi *bn = os_malloc(sizeof(*bn));
+ 	if (bn)
+ 		mbedtls_mpi_init(bn);
+@@ -1429,6 +1487,9 @@ struct crypto_bignum *crypto_bignum_init
+ 
+ struct crypto_bignum *crypto_bignum_init_set(const u8 *buf, size_t len)
+ {
+	if (TEST_FAIL())
+		return NULL;
+
+ 	mbedtls_mpi *bn = os_malloc(sizeof(*bn));
+ 	if (bn) {
+ 		mbedtls_mpi_init(bn);
+@@ -1442,6 +1503,9 @@ struct crypto_bignum *crypto_bignum_init
+ 
+ struct crypto_bignum *crypto_bignum_init_uint(unsigned int val)
+ {
+	if (TEST_FAIL())
+		return NULL;
+
+   #if 0 /*(hostap use of this interface passes int, not uint)*/
+ 	val = host_to_be32(val);
+ 	return crypto_bignum_init_set((const u8 *)&val, sizeof(val));
+@@ -1467,6 +1531,9 @@ void crypto_bignum_deinit(struct crypto_
+ int crypto_bignum_to_bin(const struct crypto_bignum *a,
+ 			 u8 *buf, size_t buflen, size_t padlen)
+ {
+	if (TEST_FAIL())
+		return -1;
+
+ 	size_t n = mbedtls_mpi_size((mbedtls_mpi *)a);
+ 	if (n < padlen)
+ 		n = padlen;
+@@ -1477,6 +1544,9 @@ int crypto_bignum_to_bin(const struct cr
+ 
+ int crypto_bignum_rand(struct crypto_bignum *r, const struct crypto_bignum *m)
+ {
+	if (TEST_FAIL())
+		return -1;
+
+ 	/*assert(r != m);*//* r must not be same as m for mbedtls_mpi_random()*/
+   #if MBEDTLS_VERSION_NUMBER >= 0x021B0000 /* mbedtls 2.27.0 */
+ 	return mbedtls_mpi_random((mbedtls_mpi *)r, 0, (mbedtls_mpi *)m,
+@@ -1513,6 +1583,9 @@ int crypto_bignum_exptmod(const struct c
+ 			  const struct crypto_bignum *c,
+ 			  struct crypto_bignum *d)
+ {
+	if (TEST_FAIL())
+		return -1;
+
+ 	/* (check if input params match d; d is the result) */
+ 	/* (a == d) is ok in current mbedtls implementation */
+ 	if (b == d || c == d) { /*(not ok; store result in intermediate)*/
+@@ -1540,6 +1613,9 @@ int crypto_bignum_inverse(const struct c
+ 			  const struct crypto_bignum *b,
+ 			  struct crypto_bignum *c)
+ {
+	if (TEST_FAIL())
+		return -1;
+
+ 	return mbedtls_mpi_inv_mod((mbedtls_mpi *)c,
+ 				   (const mbedtls_mpi *)a,
+ 				   (const mbedtls_mpi *)b) ? -1 : 0;
+@@ -1549,6 +1625,9 @@ int crypto_bignum_sub(const struct crypt
+ 		      const struct crypto_bignum *b,
+ 		      struct crypto_bignum *c)
+ {
+	if (TEST_FAIL())
+		return -1;
+
+ 	return mbedtls_mpi_sub_mpi((mbedtls_mpi *)c,
+ 				   (const mbedtls_mpi *)a,
+ 				   (const mbedtls_mpi *)b) ? -1 : 0;
+@@ -1558,6 +1637,9 @@ int crypto_bignum_div(const struct crypt
+ 		      const struct crypto_bignum *b,
+ 		      struct crypto_bignum *c)
+ {
+	if (TEST_FAIL())
+		return -1;
+
+ 	/*(most current use of this crypto.h interface has a == c (result),
+ 	 * so store result in an intermediate to avoid overwritten input)*/
+ 	mbedtls_mpi R;
+@@ -1575,6 +1657,9 @@ int crypto_bignum_addmod(const struct cr
+ 			 const struct crypto_bignum *c,
+ 			 struct crypto_bignum *d)
+ {
+	if (TEST_FAIL())
+		return -1;
+
+ 	return mbedtls_mpi_add_mpi((mbedtls_mpi *)d,
+ 				   (const mbedtls_mpi *)a,
+ 				   (const mbedtls_mpi *)b)
+@@ -1588,6 +1673,9 @@ int crypto_bignum_mulmod(const struct cr
+ 			 const struct crypto_bignum *c,
+ 			 struct crypto_bignum *d)
+ {
+	if (TEST_FAIL())
+		return -1;
+
+ 	return mbedtls_mpi_mul_mpi((mbedtls_mpi *)d,
+ 				   (const mbedtls_mpi *)a,
+ 				   (const mbedtls_mpi *)b)
+@@ -1600,6 +1688,9 @@ int crypto_bignum_sqrmod(const struct cr
+ 			 const struct crypto_bignum *b,
+ 			 struct crypto_bignum *c)
+ {
+	if (TEST_FAIL())
+		return -1;
+
+   #if 1
+ 	return crypto_bignum_mulmod(a, a, b, c);
+   #else
+@@ -1650,6 +1741,9 @@ int crypto_bignum_is_odd(const struct cr
+ int crypto_bignum_legendre(const struct crypto_bignum *a,
+ 			   const struct crypto_bignum *p)
+ {
+	if (TEST_FAIL())
+		return -2;
+
+ 	/* Security Note:
+ 	 * mbedtls_mpi_exp_mod() is not documented to run in constant time,
+ 	 * though mbedtls/library/bignum.c uses constant_time_internal.h funcs.
+@@ -1702,6 +1796,9 @@ int crypto_mod_exp(const u8 *base, size_
+ 		   const u8 *modulus, size_t modulus_len,
+ 		   u8 *result, size_t *result_len)
+ {
+	if (TEST_FAIL())
+		return -1;
+
+ 	mbedtls_mpi bn_base, bn_exp, bn_modulus, bn_result;
+ 	mbedtls_mpi_init(&bn_base);
+ 	mbedtls_mpi_init(&bn_exp);
+@@ -1769,6 +1866,9 @@ static int crypto_mbedtls_dh_init_public
+ int crypto_dh_init(u8 generator, const u8 *prime, size_t prime_len, u8 *privkey,
+ 		   u8 *pubkey)
+ {
+	if (TEST_FAIL())
+		return -1;
+
+   #if 0 /*(crypto_dh_init() duplicated (and identical) in crypto_*.c modules)*/
+ 	size_t pubkey_len, pad;
+ 
+@@ -1810,6 +1910,9 @@ int crypto_dh_derive_secret(u8 generator
+ 			    const u8 *pubkey, size_t pubkey_len,
+ 			    u8 *secret, size_t *len)
+ {
+	if (TEST_FAIL())
+		return -1;
+
+   #if 0
+ 	if (pubkey_len > prime_len ||
+ 	    (pubkey_len == prime_len &&
+@@ -2512,6 +2615,9 @@ const struct crypto_ec_point * crypto_ec
+ 
+ struct crypto_ec_point *crypto_ec_point_init(struct crypto_ec *e)
+ {
+	if (TEST_FAIL())
+		return NULL;
+
+ 	mbedtls_ecp_point *p = os_malloc(sizeof(*p));
+ 	if (p != NULL)
+ 		mbedtls_ecp_point_init(p);
+@@ -2536,6 +2642,9 @@ int crypto_ec_point_x(struct crypto_ec *
+ int crypto_ec_point_to_bin(struct crypto_ec *e,
+ 			   const struct crypto_ec_point *point, u8 *x, u8 *y)
+ {
+	if (TEST_FAIL())
+		return -1;
+
+ 	/* crypto.h documents crypto_ec_point_to_bin() output is big-endian */
+ 	size_t len = CRYPTO_EC_plen(e);
+ 	if (x) {
+@@ -2563,6 +2672,9 @@ int crypto_ec_point_to_bin(struct crypto
+ struct crypto_ec_point * crypto_ec_point_from_bin(struct crypto_ec *e,
+ 						  const u8 *val)
+ {
+	if (TEST_FAIL())
+		return NULL;
+
+ 	size_t len = CRYPTO_EC_plen(e);
+ 	mbedtls_ecp_point *p = os_malloc(sizeof(*p));
+ 	u8 buf[1+MBEDTLS_MPI_MAX_SIZE*2];
+@@ -2615,6 +2727,9 @@ int crypto_ec_point_add(struct crypto_ec
+ 			const struct crypto_ec_point *b,
+ 			struct crypto_ec_point *c)
+ {
+	if (TEST_FAIL())
+		return -1;
+
+ 	/* mbedtls does not provide an mbedtls_ecp_point add function */
+ 	mbedtls_mpi one;
+ 	mbedtls_mpi_init(&one);
+@@ -2631,6 +2746,9 @@ int crypto_ec_point_mul(struct crypto_ec
+ 			const struct crypto_bignum *b,
+ 			struct crypto_ec_point *res)
+ {
+	if (TEST_FAIL())
+		return -1;
+
+ 	return mbedtls_ecp_mul(
+ 		(mbedtls_ecp_group *)e, (mbedtls_ecp_point *)res,
+ 		(const mbedtls_mpi *)b, (const mbedtls_ecp_point *)p,
+@@ -2639,6 +2757,9 @@ int crypto_ec_point_mul(struct crypto_ec
+ 
+ int crypto_ec_point_invert(struct crypto_ec *e, struct crypto_ec_point *p)
+ {
+	if (TEST_FAIL())
+		return -1;
+
+ 	if (mbedtls_ecp_get_type((mbedtls_ecp_group *)e)
+ 	    == MBEDTLS_ECP_TYPE_MONTGOMERY) {
+ 		/* e.g. MBEDTLS_ECP_DP_CURVE25519 and MBEDTLS_ECP_DP_CURVE448 */
+@@ -2751,6 +2872,9 @@ struct crypto_bignum *
+ crypto_ec_point_compute_y_sqr(struct crypto_ec *e,
+ 			      const struct crypto_bignum *x)
+ {
+	if (TEST_FAIL())
+		return NULL;
+
+ 	mbedtls_mpi *y2 = os_malloc(sizeof(*y2));
+ 	if (y2 == NULL)
+ 		return NULL;
--- a/feeds/hostapd/hostapd/patches/140-tests-Makefile-make-run-tests-with-CONFIG_TLS.patch
+++ b/feeds/hostapd/hostapd/patches/140-tests-Makefile-make-run-tests-with-CONFIG_TLS.patch
--- a/feeds/hostapd/hostapd/patches/150-add-NULL-checks-encountered-during-tests-hwsim.patch
+++ b/feeds/hostapd/hostapd/patches/150-add-NULL-checks-encountered-during-tests-hwsim.patch
@@ -0,0 +1,45 @@
+From 33afce36c54b0cad38643629ded10ff5d727f077 Mon Sep 17 00:00:00 2001
+From: Glenn Strauss <gstrauss@gluelogic.com>
+Date: Fri, 12 Aug 2022 05:34:47 -0400
+Subject: [PATCH 5/7] add NULL checks (encountered during tests/hwsim)
+
+sae_derive_commit_element_ecc NULL pwe_ecc check
+dpp_gen_keypair() NULL curve check
+
+Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
+---
+ src/common/dpp_crypto.c | 6 ++++++
+ src/common/sae.c        | 7 +++++++
+ 2 files changed, 13 insertions(+)
+
+--- a/src/common/dpp_crypto.c
+++ b/src/common/dpp_crypto.c
+@@ -269,6 +269,12 @@ int dpp_get_pubkey_hash(struct crypto_ec
+ 
+ struct crypto_ec_key * dpp_gen_keypair(const struct dpp_curve_params *curve)
+ {
+	if (curve == NULL) {
+		wpa_printf(MSG_DEBUG,
+		           "DPP: %s curve must be initialized", __func__);
+		return NULL;
+	}
+
+ 	struct crypto_ec_key *key;
+ 
+ 	wpa_printf(MSG_DEBUG, "DPP: Generating a keypair");
+--- a/src/common/sae.c
+++ b/src/common/sae.c
+@@ -1278,6 +1278,13 @@ void sae_deinit_pt(struct sae_pt *pt)
+ static int sae_derive_commit_element_ecc(struct sae_data *sae,
+ 					 struct crypto_bignum *mask)
+ {
+	if (sae->tmp->pwe_ecc == NULL) {
+		wpa_printf(MSG_DEBUG,
+		           "SAE: %s sae->tmp->pwe_ecc must be initialized",
+		           __func__);
+		return -1;
+	}
+
+ 	/* COMMIT-ELEMENT = inverse(scalar-op(mask, PWE)) */
+ 	if (!sae->tmp->own_commit_element_ecc) {
+ 		sae->tmp->own_commit_element_ecc =
--- a/feeds/hostapd/hostapd/patches/160-dpp_pkex-EC-point-mul-w-value-prime.patch
+++ b/feeds/hostapd/hostapd/patches/160-dpp_pkex-EC-point-mul-w-value-prime.patch
@@ -0,0 +1,26 @@
+From 54211caa2e0e5163aefef390daf88a971367a702 Mon Sep 17 00:00:00 2001
+From: Glenn Strauss <gstrauss@gluelogic.com>
+Date: Tue, 4 Oct 2022 17:09:24 -0400
+Subject: [PATCH 6/7] dpp_pkex: EC point mul w/ value < prime
+
+crypto_ec_point_mul() with mbedtls requires point
+be multiplied by a multiplicand with value < prime
+
+Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
+---
+ src/common/dpp_crypto.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+--- a/src/common/dpp_crypto.c
+++ b/src/common/dpp_crypto.c
+@@ -1588,7 +1588,9 @@ dpp_pkex_derive_Qr(const struct dpp_curv
+ 	Pr = crypto_ec_key_get_public_key(Pr_key);
+ 	Qr = crypto_ec_point_init(ec);
+ 	hash_bn = crypto_bignum_init_set(hash, curve->hash_len);
+-	if (!Pr || !Qr || !hash_bn || crypto_ec_point_mul(ec, Pr, hash_bn, Qr))
+	if (!Pr || !Qr || !hash_bn ||
+	    crypto_bignum_mod(hash_bn, crypto_ec_get_prime(ec), hash_bn) ||
+	    crypto_ec_point_mul(ec, Pr, hash_bn, Qr))
+ 		goto fail;
+ 
+ 	if (crypto_ec_point_is_at_infinity(ec, Qr)) {
--- a/feeds/hostapd/hostapd/patches/170-hostapd-update-cfs0-and-cfs1-for-160MHz.patch
+++ b/feeds/hostapd/hostapd/patches/170-hostapd-update-cfs0-and-cfs1-for-160MHz.patch
@@ -0,0 +1,141 @@
+From d4c4ef302f98fd6bce173b8636e7e350d8b44981 Mon Sep 17 00:00:00 2001
+From: P Praneesh <ppranees@codeaurora.org>
+Date: Fri, 19 Mar 2021 12:17:27 +0530
+Subject: [PATCH] hostapd: update cfs0 and cfs1 for 160MHz
+
+As per standard Draft P802.11ax_D8.0,( Table 26-9—Setting
+of the VHT Channel Width and VHT NSS at an HE STA
+transmitting the OM Control subfield ), center frequency of
+160MHz should be published in HT information subset 2 of
+HT information when EXT NSS BW field is enabled.
+
+If the supported number of NSS in 160MHz is at least max NSS
+support, then center_freq_seg0 indicates the center frequency of 80MHz and
+center_freq_seg1 indicates the center frequency of 160MHz.
+
+If the supported number of NSS in 160MHz is less than max NSS
+support, then center_freq_seg0 indicates the center frequency of 80MHz and
+center_freq_seg1 is 0. The center frequency of 160MHz is published in HT
+operation information element instead.
+
+Signed-off-by: P Praneesh <ppranees@codeaurora.org>
+---
+ hostapd/config_file.c           |  2 ++
+ src/ap/ieee802_11_ht.c          |  7 +++++++
+ src/ap/ieee802_11_vht.c         | 16 ++++++++++++++++
+ src/common/hw_features_common.c |  1 +
+ src/common/ieee802_11_defs.h    |  1 +
+ 5 files changed, 27 insertions(+)
+
+--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
+@@ -1153,6 +1153,8 @@ static int hostapd_config_vht_capab(stru
+ 		conf->vht_capab |= VHT_CAP_RX_ANTENNA_PATTERN;
+ 	if (os_strstr(capab, "[TX-ANTENNA-PATTERN]"))
+ 		conf->vht_capab |= VHT_CAP_TX_ANTENNA_PATTERN;
+	if (os_strstr(capab, "[EXT-NSS-BW-SUPP]"))
+		conf->vht_capab |= VHT_CAP_EXTENDED_NSS_BW_SUPPORT;
+ 	return 0;
+ }
+ #endif /* CONFIG_IEEE80211AC */
+--- a/src/ap/ieee802_11_ht.c
+++ b/src/ap/ieee802_11_ht.c
+@@ -82,7 +82,9 @@ u8 * hostapd_eid_ht_capabilities(struct
+ u8 * hostapd_eid_ht_operation(struct hostapd_data *hapd, u8 *eid)
+ {
+ 	struct ieee80211_ht_operation *oper;
+	le32 vht_capabilities_info;
+ 	u8 *pos = eid;
+	u8 chwidth;
+ 
+ 	if (!hapd->iconf->ieee80211n || hapd->conf->disable_11n ||
+ 	    is_6ghz_op_class(hapd->iconf->op_class))
+@@ -103,6 +105,13 @@ u8 * hostapd_eid_ht_operation(struct hos
+ 		oper->ht_param |= HT_INFO_HT_PARAM_SECONDARY_CHNL_BELOW |
+ 			HT_INFO_HT_PARAM_STA_CHNL_WIDTH;
+ 
+	vht_capabilities_info = host_to_le32(hapd->iface->current_mode->vht_capab);
+	chwidth = hostapd_get_oper_chwidth(hapd->iconf);
+	if (vht_capabilities_info & VHT_CAP_EXTENDED_NSS_BW_SUPPORT
+		&& ((chwidth == CHANWIDTH_160MHZ) || (chwidth == CHANWIDTH_80P80MHZ))) {
+		oper->operation_mode = host_to_le16(hapd->iconf->vht_oper_centr_freq_seg0_idx << 5);
+	}
+
+ 	pos += sizeof(*oper);
+ 
+ 	return pos;
+--- a/src/ap/ieee802_11_vht.c
+++ b/src/ap/ieee802_11_vht.c
+@@ -25,6 +25,7 @@ u8 * hostapd_eid_vht_capabilities(struct
+ 	struct ieee80211_vht_capabilities *cap;
+ 	struct hostapd_hw_modes *mode = hapd->iface->current_mode;
+ 	u8 *pos = eid;
+	u8 chwidth;
+ 
+ 	if (!mode || is_6ghz_op_class(hapd->iconf->op_class))
+ 		return eid;
+@@ -62,6 +63,17 @@ u8 * hostapd_eid_vht_capabilities(struct
+ 			host_to_le32(nsts << VHT_CAP_BEAMFORMEE_STS_OFFSET);
+ 	}
+ 
+	chwidth = hostapd_get_oper_chwidth(hapd->iconf);
+	if (((host_to_le32(mode->vht_capab)) & VHT_CAP_EXTENDED_NSS_BW_SUPPORT)
+		&& ((chwidth == CHANWIDTH_160MHZ) || (chwidth == CHANWIDTH_80P80MHZ))) {
+		cap->vht_capabilities_info |= VHT_CAP_EXTENDED_NSS_BW_SUPPORT;
+		cap->vht_capabilities_info &= ~(host_to_le32(VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ));
+		cap->vht_capabilities_info &= ~(host_to_le32(VHT_CAP_SUPP_CHAN_WIDTH_160MHZ));
+		cap->vht_capabilities_info &= ~(host_to_le32(VHT_CAP_SUPP_CHAN_WIDTH_MASK));
+	} else {
+		cap->vht_capabilities_info &= ~VHT_CAP_EXTENDED_NSS_BW_SUPPORT_MASK;
+	}
+
+ 	/* Supported MCS set comes from hw */
+ 	os_memcpy(&cap->vht_supported_mcs_set, mode->vht_mcs_set, 8);
+ 
+@@ -74,6 +86,7 @@ u8 * hostapd_eid_vht_capabilities(struct
+ u8 * hostapd_eid_vht_operation(struct hostapd_data *hapd, u8 *eid)
+ {
+ 	struct ieee80211_vht_operation *oper;
+	le32 vht_capabilities_info;
+ 	u8 *pos = eid;
+ 	enum oper_chan_width oper_chwidth =
+ 		hostapd_get_oper_chwidth(hapd->iconf);
+@@ -106,6 +119,7 @@ u8 * hostapd_eid_vht_operation(struct ho
+ 	oper->vht_op_info_chan_center_freq_seg1_idx = seg1;
+ 
+ 	oper->vht_op_info_chwidth = oper_chwidth;
+	vht_capabilities_info = host_to_le32(hapd->iface->current_mode->vht_capab);
+ 	if (oper_chwidth == CONF_OPER_CHWIDTH_160MHZ) {
+ 		/*
+ 		 * Convert 160 MHz channel width to new style as interop
+@@ -119,6 +133,9 @@ u8 * hostapd_eid_vht_operation(struct ho
+ 			oper->vht_op_info_chan_center_freq_seg0_idx -= 8;
+ 		else
+ 			oper->vht_op_info_chan_center_freq_seg0_idx += 8;
+
+		if (vht_capabilities_info & VHT_CAP_EXTENDED_NSS_BW_SUPPORT)
+			oper->vht_op_info_chan_center_freq_seg1_idx = 0;
+ 	} else if (oper_chwidth == CONF_OPER_CHWIDTH_80P80MHZ) {
+ 		/*
+ 		 * Convert 80+80 MHz channel width to new style as interop
+--- a/src/common/hw_features_common.c
+++ b/src/common/hw_features_common.c
+@@ -811,6 +811,7 @@ int ieee80211ac_cap_check(u32 hw, u32 co
+ 	VHT_CAP_CHECK(VHT_CAP_VHT_LINK_ADAPTATION_VHT_MRQ_MFB);
+ 	VHT_CAP_CHECK(VHT_CAP_RX_ANTENNA_PATTERN);
+ 	VHT_CAP_CHECK(VHT_CAP_TX_ANTENNA_PATTERN);
+	VHT_CAP_CHECK(VHT_CAP_EXTENDED_NSS_BW_SUPPORT);
+ 
+ #undef VHT_CAP_CHECK
+ #undef VHT_CAP_CHECK_MAX
+--- a/src/common/ieee802_11_defs.h
+++ b/src/common/ieee802_11_defs.h
+@@ -1349,6 +1349,8 @@ struct ieee80211_ampe_ie {
+ #define VHT_CAP_VHT_LINK_ADAPTATION_VHT_MRQ_MFB     ((u32) BIT(26) | BIT(27))
+ #define VHT_CAP_RX_ANTENNA_PATTERN                  ((u32) BIT(28))
+ #define VHT_CAP_TX_ANTENNA_PATTERN                  ((u32) BIT(29))
+#define VHT_CAP_EXTENDED_NSS_BW_SUPPORT		    ((u32) BIT(30))
+#define VHT_CAP_EXTENDED_NSS_BW_SUPPORT_MASK	    ((u32) BIT(30) | BIT(31))
+ 
+ #define VHT_OPMODE_CHANNEL_WIDTH_MASK		    ((u8) BIT(0) | BIT(1))
+ #define VHT_OPMODE_CHANNEL_RxNSS_MASK		    ((u8) BIT(4) | BIT(5) | \
--- a/feeds/hostapd/hostapd/patches/180-driver_nl80211-fix-setting-QoS-map-on-secondary-BSSs.patch
+++ b/feeds/hostapd/hostapd/patches/180-driver_nl80211-fix-setting-QoS-map-on-secondary-BSSs.patch
@@ -0,0 +1,20 @@
+From: Felix Fietkau <nbd@nbd.name>
+Date: Thu, 14 Sep 2023 10:53:50 +0200
+Subject: [PATCH] driver_nl80211: fix setting QoS map on secondary BSSs
+
+The setting is per-BSS, not per PHY
+
+Signed-off-by: Felix Fietkau <nbd@nbd.name>
+---
+
+--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
+@@ -11341,7 +11341,7 @@ static int nl80211_set_qos_map(void *pri
+ 	wpa_hexdump(MSG_DEBUG, "nl80211: Setting QoS Map",
+ 		    qos_map_set, qos_map_set_len);
+ 
+-	if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_SET_QOS_MAP)) ||
+	if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_QOS_MAP)) ||
+ 	    nla_put(msg, NL80211_ATTR_QOS_MAP, qos_map_set_len, qos_map_set)) {
+ 		nlmsg_free(msg);
+ 		return -ENOBUFS;
--- a/feeds/hostapd/hostapd/patches/181-driver_nl80211-update-drv-ifindex-on-removing-the-fi.patch
+++ b/feeds/hostapd/hostapd/patches/181-driver_nl80211-update-drv-ifindex-on-removing-the-fi.patch
@@ -0,0 +1,18 @@
+From: Felix Fietkau <nbd@nbd.name>
+Date: Thu, 14 Sep 2023 11:28:03 +0200
+Subject: [PATCH] driver_nl80211: update drv->ifindex on removing the first
+ BSS
+
+Signed-off-by: Felix Fietkau <nbd@nbd.name>
+---
+
+--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
+@@ -8867,6 +8867,7 @@ static int wpa_driver_nl80211_if_remove(
+ 		if (drv->first_bss->next) {
+ 			drv->first_bss = drv->first_bss->next;
+ 			drv->ctx = drv->first_bss->ctx;
+			drv->ifindex = drv->first_bss->ifindex;
+ 			os_free(bss);
+ 		} else {
+ 			wpa_printf(MSG_DEBUG, "nl80211: No second BSS to reassign context to");
--- a/feeds/hostapd/hostapd/patches/182-nl80211-move-nl80211_put_freq_params-call-outside-of.patch
+++ b/feeds/hostapd/hostapd/patches/182-nl80211-move-nl80211_put_freq_params-call-outside-of.patch
@@ -0,0 +1,34 @@
+From: Felix Fietkau <nbd@nbd.name>
+Date: Mon, 18 Sep 2023 16:47:41 +0200
+Subject: [PATCH] nl80211: move nl80211_put_freq_params call outside of
+ 802.11ax #ifdef
+
+The relevance of this call is not specific to 802.11ax, so it should be done
+even with CONFIG_IEEE80211AX disabled.
+
+Fixes: b3921db426ea ("nl80211: Add frequency info in start AP command")
+Signed-off-by: Felix Fietkau <nbd@nbd.name>
+---
+
+--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
+@@ -5226,6 +5226,9 @@ static int wpa_driver_nl80211_set_ap(voi
+ 		nla_nest_end(msg, ftm);
+ 	}
+ 
+	if (params->freq && nl80211_put_freq_params(msg, params->freq) < 0)
+		goto fail;
+
+ #ifdef CONFIG_IEEE80211AX
+ 	if (params->he_spr_ctrl) {
+ 		struct nlattr *spr;
+@@ -5260,9 +5263,6 @@ static int wpa_driver_nl80211_set_ap(voi
+ 		nla_nest_end(msg, spr);
+ 	}
+ 
+-	if (params->freq && nl80211_put_freq_params(msg, params->freq) < 0)
+-		goto fail;
+-
+ 	if (params->freq && params->freq->he_enabled) {
+ 		struct nlattr *bss_color;
+ 
--- a/feeds/hostapd/hostapd/patches/183-hostapd-cancel-channel_list_update_timeout-in-hostap.patch
+++ b/feeds/hostapd/hostapd/patches/183-hostapd-cancel-channel_list_update_timeout-in-hostap.patch
@@ -0,0 +1,28 @@
+From: Felix Fietkau <nbd@nbd.name>
+Date: Wed, 20 Sep 2023 13:41:10 +0200
+Subject: [PATCH] hostapd: cancel channel_list_update_timeout in
+ hostapd_cleanup_iface_partial
+
+Fixes a crash when disabling an interface during channel list update
+
+Signed-off-by: Felix Fietkau <nbd@nbd.name>
+---
+
+--- a/src/ap/hostapd.c
+++ b/src/ap/hostapd.c
+@@ -569,6 +569,7 @@ static void sta_track_deinit(struct host
+ void hostapd_cleanup_iface_partial(struct hostapd_iface *iface)
+ {
+ 	wpa_printf(MSG_DEBUG, "%s(%p)", __func__, iface);
+	eloop_cancel_timeout(channel_list_update_timeout, iface, NULL);
+ #ifdef NEED_AP_MLME
+ 	hostapd_stop_setup_timers(iface);
+ #endif /* NEED_AP_MLME */
+@@ -598,7 +599,6 @@ void hostapd_cleanup_iface_partial(struc
+ static void hostapd_cleanup_iface(struct hostapd_iface *iface)
+ {
+ 	wpa_printf(MSG_DEBUG, "%s(%p)", __func__, iface);
+-	eloop_cancel_timeout(channel_list_update_timeout, iface, NULL);
+ 	eloop_cancel_timeout(hostapd_interface_setup_failure_handler, iface,
+ 			     NULL);
+ 
--- a/feeds/hostapd/hostapd/patches/200-multicall.patch
+++ b/feeds/hostapd/hostapd/patches/200-multicall.patch
@@ -18,7 +18,7 @@
 OBJS += ../src/ap/vlan_init.o
 OBJS += ../src/ap/vlan_ifconfig.o
 OBJS += ../src/ap/vlan.o
-@@ -349,10 +351,14 @@ CFLAGS += -DCONFIG_MBO
+@@ -357,10 +359,14 @@ CFLAGS += -DCONFIG_MBO
 OBJS += ../src/ap/mbo_ap.o
 endif
 
@@ -36,7 +36,7 @@
 LIBS += $(DRV_AP_LIBS)
 
 ifdef CONFIG_L2_PACKET
-@@ -1277,6 +1283,12 @@ install: $(addprefix $(DESTDIR)$(BINDIR)
+@@ -1380,6 +1386,12 @@ install: $(addprefix $(DESTDIR)$(BINDIR)
 _OBJS_VAR := OBJS
 include ../src/objs.mk
 
@@ -49,7 +49,7 @@
 hostapd: $(OBJS)
 	$(Q)$(CC) $(LDFLAGS) -o hostapd $(OBJS) $(LIBS)
 	@$(E) "  LD " $@
-@@ -1351,6 +1363,12 @@ include ../src/objs.mk
+@@ -1460,6 +1472,12 @@ include ../src/objs.mk
 _OBJS_VAR := SOBJS
 include ../src/objs.mk
 
@@ -64,15 +64,15 @@
 	@$(E) "  LD " $@
 --- a/wpa_supplicant/Makefile
 +++ b/wpa_supplicant/Makefile
-@@ -17,6 +17,7 @@ endif
+@@ -10,6 +10,7 @@ ALL += dbus/fi.w1.wpa_supplicant1.servic
 EXTRA_TARGETS=dynamic_eap_methods
 
 CONFIG_FILE=.config
 +-include $(if $(MULTICALL),../hostapd/.config)
 include ../src/build.rules
 
- ifdef LIBS
-@@ -354,7 +355,9 @@ endif
+ ifdef CONFIG_BUILD_PASN_SO
+@@ -382,7 +383,9 @@ endif
 ifdef CONFIG_IBSS_RSN
 NEED_RSN_AUTHENTICATOR=y
 CFLAGS += -DCONFIG_IBSS_RSN
@@ -82,7 +82,7 @@
 OBJS += ibss_rsn.o
 endif
 
-@@ -886,6 +889,10 @@ ifdef CONFIG_DYNAMIC_EAP_METHODS
+@@ -924,6 +927,10 @@ ifdef CONFIG_DYNAMIC_EAP_METHODS
 CFLAGS += -DCONFIG_DYNAMIC_EAP_METHODS
 LIBS += -ldl -rdynamic
 endif
@@ -93,7 +93,7 @@
 endif
 
 ifdef CONFIG_AP
-@@ -893,9 +900,11 @@ NEED_EAP_COMMON=y
+@@ -931,9 +938,11 @@ NEED_EAP_COMMON=y
 NEED_RSN_AUTHENTICATOR=y
 CFLAGS += -DCONFIG_AP
 OBJS += ap.o
@@ -105,7 +105,7 @@
 OBJS += ../src/ap/hostapd.o
 OBJS += ../src/ap/wpa_auth_glue.o
 OBJS += ../src/ap/utils.o
-@@ -975,6 +984,12 @@ endif
+@@ -1022,6 +1031,12 @@ endif
 ifdef CONFIG_HS20
 OBJS += ../src/ap/hs20.o
 endif
@@ -118,7 +118,7 @@
 endif
 
 ifdef CONFIG_MBO
-@@ -983,7 +998,9 @@ CFLAGS += -DCONFIG_MBO
+@@ -1030,7 +1045,9 @@ CFLAGS += -DCONFIG_MBO
 endif
 
 ifdef NEED_RSN_AUTHENTICATOR
@@ -128,7 +128,7 @@
 NEED_AES_WRAP=y
 OBJS += ../src/ap/wpa_auth.o
 OBJS += ../src/ap/wpa_auth_ie.o
-@@ -1878,6 +1895,12 @@ wpa_priv: $(BCHECK) $(OBJS_priv)
+@@ -2010,6 +2027,12 @@ wpa_priv: $(BCHECK) $(OBJS_priv)
 
 _OBJS_VAR := OBJS
 include ../src/objs.mk
@@ -141,7 +141,7 @@
 wpa_supplicant: $(BCHECK) $(OBJS) $(EXTRA_progs)
 	$(Q)$(LDO) $(LDFLAGS) -o wpa_supplicant $(OBJS) $(LIBS) $(EXTRALIBS)
 	@$(E) "  LD " $@
-@@ -1983,6 +2006,12 @@ eap_eke.so: ../src/eap_peer/eap_eke.c ..
+@@ -2142,6 +2165,12 @@ eap_gpsk.so: $(SRC_EAP_GPSK)
 	$(Q)sed -e 's|\@BINDIR\@|$(BINDIR)|g' $< >$@
 	@$(E) "  sed" $<
 
@@ -156,7 +156,7 @@
 wpa_cli.exe: wpa_cli
 --- a/src/drivers/driver.h
 +++ b/src/drivers/driver.h
-@@ -6018,8 +6018,8 @@ union wpa_event_data {
+@@ -6667,8 +6667,8 @@ union wpa_event_data {
  * Driver wrapper code should call this function whenever an event is received
  * from the driver.
  */
@@ -167,7 +167,7 @@
 
 /**
  * wpa_supplicant_event_global - Report a driver event for wpa_supplicant
-@@ -6031,7 +6031,7 @@ void wpa_supplicant_event(void *ctx, enu
+@@ -6680,7 +6680,7 @@ void wpa_supplicant_event(void *ctx, enu
  * Same as wpa_supplicant_event(), but we search for the interface in
  * wpa_global.
  */
@@ -178,7 +178,7 @@
 /*
 --- a/src/ap/drv_callbacks.c
 +++ b/src/ap/drv_callbacks.c
-@@ -1827,8 +1827,8 @@ err:
+@@ -2184,8 +2184,8 @@ err:
 #endif /* CONFIG_OWE */
 
 
@@ -189,7 +189,7 @@
 {
 	struct hostapd_data *hapd = ctx;
 #ifndef CONFIG_NO_STDOUT_DEBUG
-@@ -2073,7 +2073,7 @@ void wpa_supplicant_event(void *ctx, enu
+@@ -2489,7 +2489,7 @@ void wpa_supplicant_event(void *ctx, enu
 }
 
 
@@ -200,7 +200,7 @@
 	struct hapd_interfaces *interfaces = ctx;
 --- a/wpa_supplicant/wpa_priv.c
 +++ b/wpa_supplicant/wpa_priv.c
-@@ -1038,8 +1038,8 @@ static void wpa_priv_send_ft_response(st
+@@ -1039,8 +1039,8 @@ static void wpa_priv_send_ft_response(st
 }
 
 
@@ -211,7 +211,7 @@
 {
 	struct wpa_priv_interface *iface = ctx;
 
-@@ -1102,7 +1102,7 @@ void wpa_supplicant_event(void *ctx, enu
+@@ -1103,7 +1103,7 @@ void wpa_supplicant_event(void *ctx, enu
 }
 
 
@@ -220,7 +220,7 @@
 				 union wpa_event_data *data)
 {
 	struct wpa_priv_global *global = ctx;
-@@ -1215,6 +1215,8 @@ int main(int argc, char *argv[])
+@@ -1217,6 +1217,8 @@ int main(int argc, char *argv[])
 	if (os_program_init())
 		return -1;
 
@@ -231,7 +231,7 @@
 	os_memset(&global, 0, sizeof(global));
 --- a/wpa_supplicant/events.c
 +++ b/wpa_supplicant/events.c
-@@ -4666,8 +4666,8 @@ static void wpas_event_unprot_beacon(str
+@@ -5353,8 +5353,8 @@ static void wpas_link_reconfig(struct wp
 }
 
 
@@ -242,7 +242,7 @@
 {
 	struct wpa_supplicant *wpa_s = ctx;
 	int resched;
-@@ -5512,7 +5512,7 @@ void wpa_supplicant_event(void *ctx, enu
+@@ -6272,7 +6272,7 @@ void wpa_supplicant_event(void *ctx, enu
 }
 
 
@@ -253,7 +253,7 @@
 	struct wpa_supplicant *wpa_s;
 --- a/wpa_supplicant/wpa_supplicant.c
 +++ b/wpa_supplicant/wpa_supplicant.c
-@@ -6814,7 +6814,6 @@ struct wpa_interface * wpa_supplicant_ma
+@@ -7462,7 +7462,6 @@ struct wpa_interface * wpa_supplicant_ma
 	return NULL;
 }
 
@@ -261,7 +261,7 @@
 /**
  * wpa_supplicant_match_existing - Match existing interfaces
  * @global: Pointer to global data from wpa_supplicant_init()
-@@ -6849,6 +6848,11 @@ static int wpa_supplicant_match_existing
+@@ -7497,6 +7496,11 @@ static int wpa_supplicant_match_existing
 
 #endif /* CONFIG_MATCH_IFACE */
 
@@ -273,7 +273,7 @@
 
 /**
  * wpa_supplicant_add_iface - Add a new network interface
-@@ -7105,6 +7109,8 @@ struct wpa_global * wpa_supplicant_init(
+@@ -7753,6 +7757,8 @@ struct wpa_global * wpa_supplicant_init(
 #ifndef CONFIG_NO_WPA_MSG
 	wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
 #endif /* CONFIG_NO_WPA_MSG */
@@ -284,7 +284,7 @@
 		wpa_debug_open_file(params->wpa_debug_file_path);
 --- a/hostapd/main.c
 +++ b/hostapd/main.c
-@@ -590,6 +590,11 @@ fail:
+@@ -698,6 +698,11 @@ fail:
 	return -1;
 }
 
@@ -296,14 +296,14 @@
 
 #ifdef CONFIG_WPS
 static int gen_uuid(const char *txt_addr)
-@@ -683,6 +688,8 @@ int main(int argc, char *argv[])
+@@ -791,6 +796,8 @@ int main(int argc, char *argv[])
 		return -1;
 #endif /* CONFIG_DPP */
 
 +	wpa_supplicant_event = hostapd_wpa_event;
 +	wpa_supplicant_event_global = hostapd_wpa_event_global;
 	for (;;) {
- 		c = getopt(argc, argv, "b:Bde:f:hi:KP:sSTtu:vg:G:");
+ 		c = getopt(argc, argv, "b:Bde:f:hi:KP:sSTtu:vg:G:q");
 		if (c < 0)
 --- a/src/drivers/drivers.c
 +++ b/src/drivers/drivers.c
@@ -320,7 +320,7 @@
 {
 --- a/wpa_supplicant/eapol_test.c
 +++ b/wpa_supplicant/eapol_test.c
-@@ -30,7 +30,12 @@
+@@ -31,7 +31,12 @@
 #include "ctrl_iface.h"
 #include "pcsc_funcs.h"
 #include "wpas_glue.h"
@@ -333,7 +333,7 @@
 
 const struct wpa_driver_ops *const wpa_drivers[] = { NULL };
 
-@@ -1292,6 +1297,10 @@ static void usage(void)
+@@ -1303,6 +1308,10 @@ static void usage(void)
 	       "option several times.\n");
 }
 
@@ -344,7 +344,7 @@
 
 int main(int argc, char *argv[])
 {
-@@ -1312,6 +1321,8 @@ int main(int argc, char *argv[])
+@@ -1323,6 +1332,8 @@ int main(int argc, char *argv[])
 	if (os_program_init())
 		return -1;
 
--- a/feeds/hostapd/hostapd/patches/300-noscan.patch
+++ b/feeds/hostapd/hostapd/patches/300-noscan.patch
@@ -1,6 +1,6 @@
 --- a/hostapd/config_file.c
 +++ b/hostapd/config_file.c
-@@ -3439,6 +3439,10 @@ static int hostapd_config_fill(struct ho
+@@ -3448,6 +3448,10 @@ static int hostapd_config_fill(struct ho
 		if (bss->ocv && !bss->ieee80211w)
 			bss->ieee80211w = 1;
 #endif /* CONFIG_OCV */
@@ -13,7 +13,7 @@
 	} else if (os_strcmp(buf, "ht_capab") == 0) {
 --- a/src/ap/ap_config.h
 +++ b/src/ap/ap_config.h
-@@ -995,6 +995,8 @@ struct hostapd_config {
+@@ -1075,6 +1075,8 @@ struct hostapd_config {
 
 	int ht_op_mode_fixed;
 	u16 ht_capab;
@@ -24,7 +24,7 @@
 	int no_pri_sec_switch;
 --- a/src/ap/hw_features.c
 +++ b/src/ap/hw_features.c
-@@ -517,7 +517,8 @@ static int ieee80211n_check_40mhz(struct
+@@ -546,7 +546,8 @@ static int ieee80211n_check_40mhz(struct
 	int ret;
 
 	/* Check that HT40 is used and PRI / SEC switch is allowed */
@@ -36,7 +36,7 @@
 	hostapd_set_state(iface, HAPD_IFACE_HT_SCAN);
 --- a/src/ap/ieee802_11_ht.c
 +++ b/src/ap/ieee802_11_ht.c
-@@ -230,6 +230,9 @@ void hostapd_2040_coex_action(struct hos
+@@ -239,6 +239,9 @@ void hostapd_2040_coex_action(struct hos
 		return;
 	}
 
@@ -46,7 +46,7 @@
 	if (len < IEEE80211_HDRLEN + 2 + sizeof(*bc_ie)) {
 		wpa_printf(MSG_DEBUG,
 			   "Ignore too short 20/40 BSS Coexistence Management frame");
-@@ -390,6 +393,9 @@ void ht40_intolerant_add(struct hostapd_
+@@ -399,6 +402,9 @@ void ht40_intolerant_add(struct hostapd_
 	if (iface->current_mode->mode != HOSTAPD_MODE_IEEE80211G)
 		return;
 
--- a/feeds/hostapd/hostapd/patches/301-mesh-noscan.patch
+++ b/feeds/hostapd/hostapd/patches/301-mesh-noscan.patch
@@ -0,0 +1,71 @@
+--- a/wpa_supplicant/config.c
+++ b/wpa_supplicant/config.c
+@@ -2600,6 +2600,7 @@ static const struct parse_data ssid_fiel
+ #else /* CONFIG_MESH */
+ 	{ INT_RANGE(mode, 0, 4) },
+ #endif /* CONFIG_MESH */
+	{ INT_RANGE(noscan, 0, 1) },
+ 	{ INT_RANGE(proactive_key_caching, 0, 1) },
+ 	{ INT_RANGE(disabled, 0, 2) },
+ 	{ STR(id_str) },
+--- a/wpa_supplicant/config_file.c
+++ b/wpa_supplicant/config_file.c
+@@ -775,6 +775,7 @@ static void wpa_config_write_network(FIL
+ #endif /* IEEE8021X_EAPOL */
+ 	INT(mode);
+ 	INT(no_auto_peer);
+	INT(noscan);
+ 	INT(mesh_fwding);
+ 	INT(frequency);
+ 	INT(enable_edmg);
+--- a/wpa_supplicant/mesh.c
+++ b/wpa_supplicant/mesh.c
+@@ -506,6 +506,8 @@ static int wpa_supplicant_mesh_init(stru
+ 			   frequency);
+ 		goto out_free;
+ 	}
+	if (ssid->noscan)
+		conf->noscan = 1;
+ 
+ 	if (ssid->mesh_basic_rates == NULL) {
+ 		/*
+--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
+@@ -2710,7 +2710,7 @@ static bool ibss_mesh_can_use_vht(struct
+ 				  const struct wpa_ssid *ssid,
+ 				  struct hostapd_hw_modes *mode)
+ {
+-	if (mode->mode != HOSTAPD_MODE_IEEE80211A)
+	if (mode->mode != HOSTAPD_MODE_IEEE80211A && !(ssid->noscan))
+ 		return false;
+ 
+ 	if (!drv_supports_vht(wpa_s, ssid))
+@@ -2783,7 +2783,7 @@ static void ibss_mesh_select_40mhz(struc
+ 	int i, res;
+ 	unsigned int j;
+ 	static const int ht40plus[] = {
+-		36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157, 165, 173,
+		1, 2, 3, 4, 5, 6, 36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157, 165, 173,
+ 		184, 192
+ 	};
+ 	int ht40 = -1;
+@@ -3033,7 +3033,7 @@ void ibss_mesh_setup_freq(struct wpa_sup
+ 	int ieee80211_mode = wpas_mode_to_ieee80211_mode(ssid->mode);
+ 	enum hostapd_hw_mode hw_mode;
+ 	struct hostapd_hw_modes *mode = NULL;
+-	int i, obss_scan = 1;
+	int i, obss_scan = !(ssid->noscan);
+ 	u8 channel;
+ 	bool is_6ghz;
+ 	bool dfs_enabled = wpa_s->conf->country[0] && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_RADAR);
+--- a/wpa_supplicant/config_ssid.h
+++ b/wpa_supplicant/config_ssid.h
+@@ -1035,6 +1035,8 @@ struct wpa_ssid {
+ 	 */
+ 	int no_auto_peer;
+ 
+	int noscan;
+
+ 	/**
+ 	 * mesh_rssi_threshold - Set mesh parameter mesh_rssi_threshold (dBm)
+ 	 *
--- a/feeds/hostapd/hostapd/patches/310-rescan_immediately.patch
+++ b/feeds/hostapd/hostapd/patches/310-rescan_immediately.patch
@@ -1,6 +1,6 @@
 --- a/wpa_supplicant/wpa_supplicant.c
 +++ b/wpa_supplicant/wpa_supplicant.c
-@@ -5147,7 +5147,7 @@ wpa_supplicant_alloc(struct wpa_supplica
+@@ -5767,7 +5767,7 @@ wpa_supplicant_alloc(struct wpa_supplica
 	if (wpa_s == NULL)
 		return NULL;
 	wpa_s->scan_req = INITIAL_SCAN_REQ;
--- a/feeds/hostapd/hostapd/patches/320-optional_rfkill.patch
+++ b/feeds/hostapd/hostapd/patches/320-optional_rfkill.patch
@@ -1,6 +1,6 @@
 --- a/src/drivers/drivers.mak
 +++ b/src/drivers/drivers.mak
-@@ -50,7 +50,6 @@ NEED_SME=y
+@@ -54,7 +54,6 @@ NEED_SME=y
 NEED_AP_MLME=y
 NEED_NETLINK=y
 NEED_LINUX_IOCTL=y
@@ -8,7 +8,7 @@
 NEED_RADIOTAP=y
 NEED_LIBNL=y
 endif
-@@ -107,7 +106,6 @@ DRV_WPA_CFLAGS += -DCONFIG_DRIVER_WEXT
+@@ -111,7 +110,6 @@ DRV_WPA_CFLAGS += -DCONFIG_DRIVER_WEXT
 CONFIG_WIRELESS_EXTENSION=y
 NEED_NETLINK=y
 NEED_LINUX_IOCTL=y
@@ -16,7 +16,7 @@
 endif
 
 ifdef CONFIG_DRIVER_NDIS
-@@ -133,7 +131,6 @@ endif
+@@ -137,7 +135,6 @@ endif
 ifdef CONFIG_WIRELESS_EXTENSION
 DRV_WPA_CFLAGS += -DCONFIG_WIRELESS_EXTENSION
 DRV_WPA_OBJS += ../src/drivers/driver_wext.o
@@ -24,7 +24,7 @@
 endif
 
 ifdef NEED_NETLINK
-@@ -142,6 +139,7 @@ endif
+@@ -146,6 +143,7 @@ endif
 
 ifdef NEED_RFKILL
 DRV_OBJS += ../src/drivers/rfkill.o
--- a/feeds/hostapd/hostapd/patches/330-nl80211_fix_set_freq.patch
+++ b/feeds/hostapd/hostapd/patches/330-nl80211_fix_set_freq.patch
@@ -0,0 +1,11 @@
+--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
+@@ -5407,7 +5407,7 @@ static int nl80211_set_channel(struct i8
+ 		   freq->he_enabled, freq->eht_enabled, freq->bandwidth,
+ 		   freq->center_freq1, freq->center_freq2);
+ 
+-	msg = nl80211_drv_msg(drv, 0, set_chan ? NL80211_CMD_SET_CHANNEL :
+	msg = nl80211_bss_msg(bss, 0, set_chan ? NL80211_CMD_SET_CHANNEL :
+ 			      NL80211_CMD_SET_WIPHY);
+ 	if (!msg || nl80211_put_freq_params(msg, freq) < 0) {
+ 		nlmsg_free(msg);
--- a/feeds/hostapd/hostapd/patches/341-mesh-ctrl-iface-channel-switch.patch
+++ b/feeds/hostapd/hostapd/patches/341-mesh-ctrl-iface-channel-switch.patch
@@ -1,6 +1,6 @@
 --- a/wpa_supplicant/ap.c
 +++ b/wpa_supplicant/ap.c
-@@ -1513,15 +1513,35 @@ int ap_switch_channel(struct wpa_supplic
+@@ -1825,15 +1825,35 @@ int ap_switch_channel(struct wpa_supplic
 
 
 #ifdef CONFIG_CTRL_IFACE
--- a/feeds/hostapd/hostapd/patches/350-nl80211_del_beacon_bss.patch
+++ b/feeds/hostapd/hostapd/patches/350-nl80211_del_beacon_bss.patch
@@ -0,0 +1,35 @@
+--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
+@@ -3008,12 +3008,12 @@ static int wpa_driver_nl80211_del_beacon
+ 		return 0;
+ 
+ 	wpa_printf(MSG_DEBUG, "nl80211: Remove beacon (ifindex=%d)",
+-		   drv->ifindex);
+		   bss->ifindex);
+ 	link->beacon_set = 0;
+ 	link->freq = 0;
+ 
+ 	nl80211_put_wiphy_data_ap(bss);
+-	msg = nl80211_drv_msg(drv, 0, NL80211_CMD_DEL_BEACON);
+	msg = nl80211_bss_msg(bss, 0, NL80211_CMD_DEL_BEACON);
+ 	if (!msg)
+ 		return -ENOBUFS;
+ 
+@@ -6100,7 +6100,7 @@ static void nl80211_teardown_ap(struct i
+ 		nl80211_mgmt_unsubscribe(bss, "AP teardown");
+ 
+ 	nl80211_put_wiphy_data_ap(bss);
+-	bss->flink->beacon_set = 0;
+	wpa_driver_nl80211_del_beacon_all(bss);
+ }
+ 
+ 
+@@ -8859,8 +8859,6 @@ static int wpa_driver_nl80211_if_remove(
+ 	} else {
+ 		wpa_printf(MSG_DEBUG, "nl80211: First BSS - reassign context");
+ 		nl80211_teardown_ap(bss);
+-		if (!bss->added_if && !drv->first_bss->next)
+-			wpa_driver_nl80211_del_beacon_all(bss);
+ 		nl80211_destroy_bss(bss);
+ 		if (!bss->added_if)
+ 			i802_set_iface_flags(bss, 0);
--- a/feeds/hostapd/hostapd/patches/380-disable_ctrl_iface_mib.patch
+++ b/feeds/hostapd/hostapd/patches/380-disable_ctrl_iface_mib.patch
@@ -0,0 +1,239 @@
+--- a/hostapd/Makefile
+++ b/hostapd/Makefile
+@@ -221,6 +221,9 @@ endif
+ ifdef CONFIG_NO_CTRL_IFACE
+ CFLAGS += -DCONFIG_NO_CTRL_IFACE
+ else
+ifdef CONFIG_CTRL_IFACE_MIB
+CFLAGS += -DCONFIG_CTRL_IFACE_MIB
+endif
+ ifeq ($(CONFIG_CTRL_IFACE), udp)
+ CFLAGS += -DCONFIG_CTRL_IFACE_UDP
+ else
+--- a/hostapd/ctrl_iface.c
+++ b/hostapd/ctrl_iface.c
+@@ -3314,6 +3314,7 @@ static int hostapd_ctrl_iface_receive_pr
+ 						      reply_size);
+ 	} else if (os_strcmp(buf, "STATUS-DRIVER") == 0) {
+ 		reply_len = hostapd_drv_status(hapd, reply, reply_size);
+#ifdef CONFIG_CTRL_IFACE_MIB
+ 	} else if (os_strcmp(buf, "MIB") == 0) {
+ 		reply_len = ieee802_11_get_mib(hapd, reply, reply_size);
+ 		if (reply_len >= 0) {
+@@ -3355,6 +3356,7 @@ static int hostapd_ctrl_iface_receive_pr
+ 	} else if (os_strncmp(buf, "STA-NEXT ", 9) == 0) {
+ 		reply_len = hostapd_ctrl_iface_sta_next(hapd, buf + 9, reply,
+ 							reply_size);
+#endif
+ 	} else if (os_strcmp(buf, "ATTACH") == 0) {
+ 		if (hostapd_ctrl_iface_attach(hapd, from, fromlen, NULL))
+ 			reply_len = -1;
+--- a/wpa_supplicant/Makefile
+++ b/wpa_supplicant/Makefile
+@@ -983,6 +983,9 @@ ifdef CONFIG_FILS
+ OBJS += ../src/ap/fils_hlp.o
+ endif
+ ifdef CONFIG_CTRL_IFACE
+ifdef CONFIG_CTRL_IFACE_MIB
+CFLAGS += -DCONFIG_CTRL_IFACE_MIB
+endif
+ OBJS += ../src/ap/ctrl_iface_ap.o
+ endif
+ 
+--- a/wpa_supplicant/ctrl_iface.c
+++ b/wpa_supplicant/ctrl_iface.c
+@@ -2326,7 +2326,7 @@ static int wpa_supplicant_ctrl_iface_sta
+ 			pos += ret;
+ 		}
+ 
+-#ifdef CONFIG_AP
+#if defined(CONFIG_AP) && defined(CONFIG_CTRL_IFACE_MIB)
+ 		if (wpa_s->ap_iface) {
+ 			pos += ap_ctrl_iface_wpa_get_status(wpa_s, pos,
+ 							    end - pos,
+@@ -12087,6 +12087,7 @@ char * wpa_supplicant_ctrl_iface_process
+ 			reply_len = -1;
+ 	} else if (os_strncmp(buf, "NOTE ", 5) == 0) {
+ 		wpa_printf(MSG_INFO, "NOTE: %s", buf + 5);
+#ifdef CONFIG_CTRL_IFACE_MIB
+ 	} else if (os_strcmp(buf, "MIB") == 0) {
+ 		reply_len = wpa_sm_get_mib(wpa_s->wpa, reply, reply_size);
+ 		if (reply_len >= 0) {
+@@ -12099,6 +12100,7 @@ char * wpa_supplicant_ctrl_iface_process
+ 				reply_size - reply_len);
+ #endif /* CONFIG_MACSEC */
+ 		}
+#endif
+ 	} else if (os_strncmp(buf, "STATUS", 6) == 0) {
+ 		reply_len = wpa_supplicant_ctrl_iface_status(
+ 			wpa_s, buf + 6, reply, reply_size);
+@@ -12587,6 +12589,7 @@ char * wpa_supplicant_ctrl_iface_process
+ 		reply_len = wpa_supplicant_ctrl_iface_bss(
+ 			wpa_s, buf + 4, reply, reply_size);
+ #ifdef CONFIG_AP
+#ifdef CONFIG_CTRL_IFACE_MIB
+ 	} else if (os_strcmp(buf, "STA-FIRST") == 0) {
+ 		reply_len = ap_ctrl_iface_sta_first(wpa_s, reply, reply_size);
+ 	} else if (os_strncmp(buf, "STA ", 4) == 0) {
+@@ -12595,12 +12598,15 @@ char * wpa_supplicant_ctrl_iface_process
+ 	} else if (os_strncmp(buf, "STA-NEXT ", 9) == 0) {
+ 		reply_len = ap_ctrl_iface_sta_next(wpa_s, buf + 9, reply,
+ 						   reply_size);
+#endif
+#ifdef CONFIG_CTRL_IFACE_MIB
+ 	} else if (os_strncmp(buf, "DEAUTHENTICATE ", 15) == 0) {
+ 		if (ap_ctrl_iface_sta_deauthenticate(wpa_s, buf + 15))
+ 			reply_len = -1;
+ 	} else if (os_strncmp(buf, "DISASSOCIATE ", 13) == 0) {
+ 		if (ap_ctrl_iface_sta_disassociate(wpa_s, buf + 13))
+ 			reply_len = -1;
+#endif
+ 	} else if (os_strncmp(buf, "CHAN_SWITCH ", 12) == 0) {
+ 		if (ap_ctrl_iface_chanswitch(wpa_s, buf + 12))
+ 			reply_len = -1;
+--- a/src/ap/ctrl_iface_ap.c
+++ b/src/ap/ctrl_iface_ap.c
+@@ -26,6 +26,26 @@
+ #include "taxonomy.h"
+ #include "wnm_ap.h"
+ 
+static const char * hw_mode_str(enum hostapd_hw_mode mode)
+{
+	switch (mode) {
+	case HOSTAPD_MODE_IEEE80211B:
+		return "b";
+	case HOSTAPD_MODE_IEEE80211G:
+		return "g";
+	case HOSTAPD_MODE_IEEE80211A:
+		return "a";
+	case HOSTAPD_MODE_IEEE80211AD:
+		return "ad";
+	case HOSTAPD_MODE_IEEE80211ANY:
+		return "any";
+	case NUM_HOSTAPD_MODES:
+		return "invalid";
+	}
+	return "unknown";
+}
+
+#ifdef CONFIG_CTRL_IFACE_MIB
+ 
+ static size_t hostapd_write_ht_mcs_bitmask(char *buf, size_t buflen,
+ 					   size_t curr_len, const u8 *mcs_set)
+@@ -212,26 +232,6 @@ static const char * timeout_next_str(int
+ }
+ 
+ 
+-static const char * hw_mode_str(enum hostapd_hw_mode mode)
+-{
+-	switch (mode) {
+-	case HOSTAPD_MODE_IEEE80211B:
+-		return "b";
+-	case HOSTAPD_MODE_IEEE80211G:
+-		return "g";
+-	case HOSTAPD_MODE_IEEE80211A:
+-		return "a";
+-	case HOSTAPD_MODE_IEEE80211AD:
+-		return "ad";
+-	case HOSTAPD_MODE_IEEE80211ANY:
+-		return "any";
+-	case NUM_HOSTAPD_MODES:
+-		return "invalid";
+-	}
+-	return "unknown";
+-}
+-
+-
+ static int hostapd_ctrl_iface_sta_mib(struct hostapd_data *hapd,
+ 				      struct sta_info *sta,
+ 				      char *buf, size_t buflen)
+@@ -493,6 +493,7 @@ int hostapd_ctrl_iface_sta_next(struct h
+ 	return hostapd_ctrl_iface_sta_mib(hapd, sta->next, buf, buflen);
+ }
+ 
+#endif
+ 
+ #ifdef CONFIG_P2P_MANAGER
+ static int p2p_manager_disconnect(struct hostapd_data *hapd, u16 stype,
+@@ -884,12 +885,12 @@ int hostapd_ctrl_iface_status(struct hos
+ 			return len;
+ 		len += ret;
+ 	}
+-
+#ifdef CONFIG_CTRL_IFACE_MIB
+ 	if (iface->conf->ieee80211n && !hapd->conf->disable_11n && mode) {
+ 		len = hostapd_write_ht_mcs_bitmask(buf, buflen, len,
+ 						   mode->mcs_set);
+ 	}
+-
+#endif /* CONFIG_CTRL_IFACE_MIB */
+ 	if (iface->current_rates && iface->num_rates) {
+ 		ret = os_snprintf(buf + len, buflen - len, "supported_rates=");
+ 		if (os_snprintf_error(buflen - len, ret))
+--- a/src/ap/ieee802_1x.c
+++ b/src/ap/ieee802_1x.c
+@@ -2834,6 +2834,7 @@ static const char * bool_txt(bool val)
+ 	return val ? "TRUE" : "FALSE";
+ }
+ 
+#ifdef CONFIG_CTRL_IFACE_MIB
+ 
+ int ieee802_1x_get_mib(struct hostapd_data *hapd, char *buf, size_t buflen)
+ {
+@@ -3020,6 +3021,7 @@ int ieee802_1x_get_mib_sta(struct hostap
+ 	return len;
+ }
+ 
+#endif
+ 
+ #ifdef CONFIG_HS20
+ static void ieee802_1x_wnm_notif_send(void *eloop_ctx, void *timeout_ctx)
+--- a/src/ap/wpa_auth.c
+++ b/src/ap/wpa_auth.c
+@@ -5328,6 +5328,7 @@ static const char * wpa_bool_txt(int val
+ 	return val ? "TRUE" : "FALSE";
+ }
+ 
+#ifdef CONFIG_CTRL_IFACE_MIB
+ 
+ #define RSN_SUITE "%02x-%02x-%02x-%d"
+ #define RSN_SUITE_ARG(s) \
+@@ -5480,7 +5481,7 @@ int wpa_get_mib_sta(struct wpa_state_mac
+ 
+ 	return len;
+ }
+-
+#endif
+ 
+ void wpa_auth_countermeasures_start(struct wpa_authenticator *wpa_auth)
+ {
+--- a/src/rsn_supp/wpa.c
+++ b/src/rsn_supp/wpa.c
+@@ -3834,6 +3834,8 @@ static u32 wpa_key_mgmt_suite(struct wpa
+ }
+ 
+ 
+#ifdef CONFIG_CTRL_IFACE_MIB
+
+ #define RSN_SUITE "%02x-%02x-%02x-%d"
+ #define RSN_SUITE_ARG(s) \
+ ((s) >> 24) & 0xff, ((s) >> 16) & 0xff, ((s) >> 8) & 0xff, (s) & 0xff
+@@ -3915,6 +3917,7 @@ int wpa_sm_get_mib(struct wpa_sm *sm, ch
+ 
+ 	return (int) len;
+ }
+#endif
+ #endif /* CONFIG_CTRL_IFACE */
+ 
+ 
+--- a/wpa_supplicant/ap.c
+++ b/wpa_supplicant/ap.c
+@@ -1499,7 +1499,7 @@ int wpas_ap_wps_nfc_report_handover(stru
+ #endif /* CONFIG_WPS */
+ 
+ 
+-#ifdef CONFIG_CTRL_IFACE
+#if defined(CONFIG_CTRL_IFACE) && defined(CONFIG_CTRL_IFACE_MIB)
+ 
+ int ap_ctrl_iface_sta_first(struct wpa_supplicant *wpa_s,
+ 			    char *buf, size_t buflen)
--- a/feeds/hostapd/hostapd/patches/381-hostapd_cli_UNKNOWN-COMMAND.patch
+++ b/feeds/hostapd/hostapd/patches/381-hostapd_cli_UNKNOWN-COMMAND.patch
@@ -1,6 +1,6 @@
 --- a/hostapd/hostapd_cli.c
 +++ b/hostapd/hostapd_cli.c
-@@ -744,7 +744,7 @@ static int wpa_ctrl_command_sta(struct w
+@@ -757,7 +757,7 @@ static int wpa_ctrl_command_sta(struct w
 	}
 
 	buf[len] = '\0';
--- a/feeds/hostapd/hostapd/patches/390-wpa_ie_cap_workaround.patch
+++ b/feeds/hostapd/hostapd/patches/390-wpa_ie_cap_workaround.patch
@@ -1,6 +1,6 @@
 --- a/src/common/wpa_common.c
 +++ b/src/common/wpa_common.c
-@@ -2444,6 +2444,31 @@ u32 wpa_akm_to_suite(int akm)
+@@ -2841,6 +2841,31 @@ u32 wpa_akm_to_suite(int akm)
 }
 
 
@@ -32,7 +32,7 @@
 int wpa_compare_rsn_ie(int ft_initial_assoc,
 		       const u8 *ie1, size_t ie1len,
 		       const u8 *ie2, size_t ie2len)
-@@ -2451,8 +2476,19 @@ int wpa_compare_rsn_ie(int ft_initial_as
+@@ -2848,8 +2873,19 @@ int wpa_compare_rsn_ie(int ft_initial_as
 	if (ie1 == NULL || ie2 == NULL)
 		return -1;
 
--- a/feeds/hostapd/hostapd/patches/400-wps_single_auth_enc_type.patch
+++ b/feeds/hostapd/hostapd/patches/400-wps_single_auth_enc_type.patch
@@ -11,7 +11,7 @@
 			bss->wpa_pairwise |= WPA_CIPHER_TKIP;
 #endif /* CONFIG_NO_TKIP */
 		bss->rsn_pairwise = bss->wpa_pairwise;
-@@ -1178,8 +1177,7 @@ int hostapd_init_wps(struct hostapd_data
+@@ -1181,8 +1180,7 @@ int hostapd_init_wps(struct hostapd_data
 					  WPA_CIPHER_GCMP_256)) {
 			wps->encr_types |= WPS_ENCR_AES;
 			wps->encr_types_rsn |= WPS_ENCR_AES;
--- a/feeds/hostapd/hostapd/patches/410-limit_debug_messages.patch
+++ b/feeds/hostapd/hostapd/patches/410-limit_debug_messages.patch
@@ -60,7 +60,7 @@
 #ifdef CONFIG_DEBUG_FILE
 static char *last_path = NULL;
 #endif /* CONFIG_DEBUG_FILE */
-@@ -636,7 +610,7 @@ void wpa_msg_register_ifname_cb(wpa_msg_
+@@ -644,7 +618,7 @@ void wpa_msg_register_ifname_cb(wpa_msg_
 }
 
 
@@ -69,7 +69,7 @@
 {
 	va_list ap;
 	char *buf;
-@@ -674,7 +648,7 @@ void wpa_msg(void *ctx, int level, const
+@@ -682,7 +656,7 @@ void wpa_msg(void *ctx, int level, const
 }
 
 
@@ -80,9 +80,9 @@
 	char *buf;
 --- a/src/utils/wpa_debug.h
 +++ b/src/utils/wpa_debug.h
-@@ -50,6 +50,17 @@ int wpa_debug_reopen_file(void);
- void wpa_debug_close_file(void);
+@@ -51,6 +51,17 @@ void wpa_debug_close_file(void);
 void wpa_debug_setup_stdout(void);
+ void wpa_debug_stop_log(void);
 
 +/* internal */
 +void _wpa_hexdump(int level, const char *title, const u8 *buf,
@@ -98,7 +98,7 @@
 /**
  * wpa_debug_printf_timestamp - Print timestamp for debug output
  *
-@@ -70,9 +81,15 @@ void wpa_debug_print_timestamp(void);
+@@ -71,9 +82,15 @@ void wpa_debug_print_timestamp(void);
  *
  * Note: New line '\n' is added to the end of the text when printing to stdout.
  */
@@ -115,7 +115,7 @@
 /**
  * wpa_hexdump - conditional hex dump
  * @level: priority level (MSG_*) of the message
-@@ -84,7 +101,13 @@ PRINTF_FORMAT(2, 3);
+@@ -85,7 +102,13 @@ PRINTF_FORMAT(2, 3);
  * output may be directed to stdout, stderr, and/or syslog based on
  * configuration. The contents of buf is printed out has hex dump.
  */
@@ -130,7 +130,7 @@
 
 static inline void wpa_hexdump_buf(int level, const char *title,
 				   const struct wpabuf *buf)
-@@ -106,7 +129,13 @@ static inline void wpa_hexdump_buf(int l
+@@ -107,7 +130,13 @@ static inline void wpa_hexdump_buf(int l
  * like wpa_hexdump(), but by default, does not include secret keys (passwords,
  * etc.) in debug output.
  */
@@ -145,7 +145,7 @@
 
 static inline void wpa_hexdump_buf_key(int level, const char *title,
 				       const struct wpabuf *buf)
-@@ -128,8 +157,14 @@ static inline void wpa_hexdump_buf_key(i
+@@ -129,8 +158,14 @@ static inline void wpa_hexdump_buf_key(i
  * the hex numbers and ASCII characters (for printable range) are shown. 16
  * bytes per line will be shown.
  */
@@ -162,7 +162,7 @@
 
 /**
  * wpa_hexdump_ascii_key - conditional hex dump, hide keys
-@@ -145,8 +180,14 @@ void wpa_hexdump_ascii(int level, const
+@@ -146,8 +181,14 @@ void wpa_hexdump_ascii(int level, const
  * bytes per line will be shown. This works like wpa_hexdump_ascii(), but by
  * default, does not include secret keys (passwords, etc.) in debug output.
  */
@@ -179,7 +179,7 @@
 
 /*
  * wpa_dbg() behaves like wpa_msg(), but it can be removed from build to reduce
-@@ -183,7 +224,12 @@ void wpa_hexdump_ascii_key(int level, co
+@@ -184,7 +225,12 @@ void wpa_hexdump_ascii_key(int level, co
  *
  * Note: New line '\n' is added to the end of the text when printing to stdout.
  */
@@ -193,7 +193,7 @@
 
 /**
  * wpa_msg_ctrl - Conditional printf for ctrl_iface monitors
-@@ -197,8 +243,13 @@ void wpa_msg(void *ctx, int level, const
+@@ -198,8 +244,13 @@ void wpa_msg(void *ctx, int level, const
  * attached ctrl_iface monitors. In other words, it can be used for frequent
  * events that do not need to be sent to syslog.
  */
--- a/feeds/hostapd/hostapd/patches/420-indicate-features.patch
+++ b/feeds/hostapd/hostapd/patches/420-indicate-features.patch
@@ -0,0 +1,63 @@
+--- a/hostapd/main.c
+++ b/hostapd/main.c
+@@ -31,7 +31,7 @@
+ #include "config_file.h"
+ #include "eap_register.h"
+ #include "ctrl_iface.h"
+-
+#include "build_features.h"
+ 
+ struct hapd_global {
+ 	void **drv_priv;
+@@ -799,7 +799,7 @@ int main(int argc, char *argv[])
+ 	wpa_supplicant_event = hostapd_wpa_event;
+ 	wpa_supplicant_event_global = hostapd_wpa_event_global;
+ 	for (;;) {
+-		c = getopt(argc, argv, "b:Bde:f:hi:KP:sSTtu:vg:G:q");
+		c = getopt(argc, argv, "b:Bde:f:hi:KP:sSTtu:g:G:qv::");
+ 		if (c < 0)
+ 			break;
+ 		switch (c) {
+@@ -836,6 +836,8 @@ int main(int argc, char *argv[])
+ 			break;
+ #endif /* CONFIG_DEBUG_LINUX_TRACING */
+ 		case 'v':
+			if (optarg)
+				exit(!has_feature(optarg));
+ 			show_version();
+ 			exit(1);
+ 		case 'g':
+--- a/wpa_supplicant/main.c
+++ b/wpa_supplicant/main.c
+@@ -12,6 +12,7 @@
+ #endif /* __linux__ */
+ 
+ #include "common.h"
+#include "build_features.h"
+ #include "crypto/crypto.h"
+ #include "fst/fst.h"
+ #include "wpa_supplicant_i.h"
+@@ -202,7 +203,7 @@ int main(int argc, char *argv[])
+ 
+ 	for (;;) {
+ 		c = getopt(argc, argv,
+-			   "b:Bc:C:D:de:f:g:G:hi:I:KLMm:No:O:p:P:qsTtuvW");
+			   "b:Bc:C:D:de:f:g:G:hi:I:KLMm:No:O:p:P:qsTtuv::W");
+ 		if (c < 0)
+ 			break;
+ 		switch (c) {
+@@ -302,8 +303,12 @@ int main(int argc, char *argv[])
+ 			break;
+ #endif /* CONFIG_CTRL_IFACE_DBUS_NEW */
+ 		case 'v':
+-			printf("%s\n", wpa_supplicant_version);
+-			exitcode = 0;
+			if (optarg) {
+				exitcode = !has_feature(optarg);
+			} else {
+				printf("%s\n", wpa_supplicant_version);
+				exitcode = 0;
+			}
+ 			goto out;
+ 		case 'W':
+ 			params.wait_for_monitor++;
--- a/feeds/hostapd/hostapd/patches/430-hostapd_cli_ifdef.patch
+++ b/feeds/hostapd/hostapd/patches/430-hostapd_cli_ifdef.patch
@@ -1,6 +1,6 @@
 --- a/hostapd/hostapd_cli.c
 +++ b/hostapd/hostapd_cli.c
-@@ -388,7 +388,6 @@ static int hostapd_cli_cmd_disassociate(
+@@ -401,7 +401,6 @@ static int hostapd_cli_cmd_disassociate(
 }
 
 
@@ -8,7 +8,7 @@
 static int hostapd_cli_cmd_signature(struct wpa_ctrl *ctrl, int argc,
 				     char *argv[])
 {
-@@ -401,7 +400,6 @@ static int hostapd_cli_cmd_signature(str
+@@ -414,7 +413,6 @@ static int hostapd_cli_cmd_signature(str
 	os_snprintf(buf, sizeof(buf), "SIGNATURE %s", argv[0]);
 	return wpa_ctrl_command(ctrl, buf);
 }
@@ -16,7 +16,7 @@
 
 
 static int hostapd_cli_cmd_sa_query(struct wpa_ctrl *ctrl, int argc,
-@@ -418,7 +416,6 @@ static int hostapd_cli_cmd_sa_query(stru
+@@ -431,7 +429,6 @@ static int hostapd_cli_cmd_sa_query(stru
 }
 
 
@@ -24,7 +24,7 @@
 static int hostapd_cli_cmd_wps_pin(struct wpa_ctrl *ctrl, int argc,
 				   char *argv[])
 {
-@@ -644,7 +641,6 @@ static int hostapd_cli_cmd_wps_config(st
+@@ -657,7 +654,6 @@ static int hostapd_cli_cmd_wps_config(st
 			 ssid_hex, argv[1]);
 	return wpa_ctrl_command(ctrl, buf);
 }
@@ -32,7 +32,7 @@
 
 
 static int hostapd_cli_cmd_disassoc_imminent(struct wpa_ctrl *ctrl, int argc,
-@@ -1571,13 +1567,10 @@ static const struct hostapd_cli_cmd host
+@@ -1610,13 +1606,10 @@ static const struct hostapd_cli_cmd host
 	{ "disassociate", hostapd_cli_cmd_disassociate,
 	  hostapd_complete_stations,
 	  "<addr> = disassociate a station" },
@@ -46,7 +46,7 @@
 	{ "wps_pin", hostapd_cli_cmd_wps_pin, NULL,
 	  "<uuid> <pin> [timeout] [addr] = add WPS Enrollee PIN" },
 	{ "wps_check_pin", hostapd_cli_cmd_wps_check_pin, NULL,
-@@ -1602,7 +1595,6 @@ static const struct hostapd_cli_cmd host
+@@ -1641,7 +1634,6 @@ static const struct hostapd_cli_cmd host
 	  "<SSID> <auth> <encr> <key> = configure AP" },
 	{ "wps_get_status", hostapd_cli_cmd_wps_get_status, NULL,
 	  "= show current WPS status" },
--- a/feeds/hostapd/hostapd/patches/431-wpa_cli_ifdef.patch
+++ b/feeds/hostapd/hostapd/patches/431-wpa_cli_ifdef.patch
--- a/feeds/hostapd/hostapd/patches/460-wpa_supplicant-add-new-config-params-to-be-used-with.patch
+++ b/feeds/hostapd/hostapd/patches/460-wpa_supplicant-add-new-config-params-to-be-used-with.patch
@@ -22,7 +22,7 @@ Signed-hostap: Antonio Quartulli <ordex@autistici.org>
 #include "common/defs.h"
 #include "common/ieee802_11_defs.h"
 #include "common/wpa_common.h"
-@@ -851,6 +852,9 @@ struct wpa_driver_associate_params {
+@@ -953,6 +954,9 @@ struct wpa_driver_associate_params {
 	 * responsible for selecting with which BSS to associate. */
 	const u8 *bssid;
 
@@ -42,7 +42,7 @@ Signed-hostap: Antonio Quartulli <ordex@autistici.org>
 #include "config.h"
 
 
-@@ -2321,6 +2322,97 @@ static char * wpa_config_write_peerkey(c
+@@ -2389,6 +2390,97 @@ static char * wpa_config_write_mac_value
 #endif /* NO_CONFIG_WRITE */
 
 
@@ -140,7 +140,7 @@ Signed-hostap: Antonio Quartulli <ordex@autistici.org>
 /* Helper macros for network block parser */
 
 #ifdef OFFSET
-@@ -2606,6 +2698,8 @@ static const struct parse_data ssid_fiel
+@@ -2674,6 +2766,8 @@ static const struct parse_data ssid_fiel
 	{ INT(ap_max_inactivity) },
 	{ INT(dtim_period) },
 	{ INT(beacon_int) },
@@ -162,7 +162,7 @@ Signed-hostap: Antonio Quartulli <ordex@autistici.org>
 
 
 #define DEFAULT_EAP_WORKAROUND ((unsigned int) -1)
-@@ -843,6 +845,9 @@ struct wpa_ssid {
+@@ -879,6 +881,9 @@ struct wpa_ssid {
 	 */
 	void *parent_cred;
 
@@ -174,7 +174,7 @@ Signed-hostap: Antonio Quartulli <ordex@autistici.org>
 	 * macsec_policy - Determines the policy for MACsec secure session
 --- a/wpa_supplicant/wpa_supplicant.c
 +++ b/wpa_supplicant/wpa_supplicant.c
-@@ -3673,6 +3673,12 @@ static void wpas_start_assoc_cb(struct w
+@@ -4175,6 +4175,12 @@ static void wpas_start_assoc_cb(struct w
 			params.beacon_int = ssid->beacon_int;
 		else
 			params.beacon_int = wpa_s->conf->beacon_int;
--- a/feeds/hostapd/hostapd/patches/463-add-mcast_rate-to-11s.patch
+++ b/feeds/hostapd/hostapd/patches/463-add-mcast_rate-to-11s.patch
@@ -0,0 +1,68 @@
+From: Sven Eckelmann <sven.eckelmann@openmesh.com>
+Date: Thu, 11 May 2017 08:21:45 +0200
+Subject: [PATCH] set mcast_rate in mesh mode
+
+The wpa_supplicant code for IBSS allows to set the mcast rate. It is
+recommended to increase this value from 1 or 6 Mbit/s to something higher
+when using a mesh protocol on top which uses the multicast packet loss as
+indicator for the link quality.
+
+This setting was unfortunately not applied for mesh mode. But it would be
+beneficial when wpa_supplicant would behave similar to IBSS mode and set
+this argument during mesh join like authsae already does. At least it is
+helpful for companies/projects which are currently switching to 802.11s
+(without mesh_fwding and with mesh_ttl set to 1) as replacement for IBSS
+because newer drivers seem to support 802.11s but not IBSS anymore.
+
+Signed-off-by: Sven Eckelmann <sven.eckelmann@openmesh.com>
+Tested-by: Simon Wunderlich <simon.wunderlich@openmesh.com>
+
+--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
+@@ -1827,6 +1827,7 @@ struct wpa_driver_mesh_join_params {
+ #define WPA_DRIVER_MESH_FLAG_AMPE	0x00000008
+ 	unsigned int flags;
+ 	bool handle_dfs;
+	int mcast_rate;
+ };
+ 
+ struct wpa_driver_set_key_params {
+--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
+@@ -11667,6 +11667,18 @@ static int nl80211_put_mesh_id(struct nl
+ }
+ 
+ 
+static int nl80211_put_mcast_rate(struct nl_msg *msg, int mcast_rate)
+{
+	if (mcast_rate > 0) {
+		wpa_printf(MSG_DEBUG, "  * mcast_rate=%.1f",
+			   (double)mcast_rate / 10);
+		return nla_put_u32(msg, NL80211_ATTR_MCAST_RATE, mcast_rate);
+	}
+
+	return 0;
+}
+
+
+ static int nl80211_put_mesh_config(struct nl_msg *msg,
+ 				   struct wpa_driver_mesh_bss_params *params)
+ {
+@@ -11728,6 +11740,7 @@ static int nl80211_join_mesh(struct i802
+ 	    nl80211_put_basic_rates(msg, params->basic_rates) ||
+ 	    nl80211_put_mesh_id(msg, params->meshid, params->meshid_len) ||
+ 	    nl80211_put_beacon_int(msg, params->beacon_int) ||
+	    nl80211_put_mcast_rate(msg, params->mcast_rate) ||
+ 	    nl80211_put_dtim_period(msg, params->dtim_period))
+ 		goto fail;
+ 
+--- a/wpa_supplicant/mesh.c
+++ b/wpa_supplicant/mesh.c
+@@ -632,6 +632,7 @@ int wpa_supplicant_join_mesh(struct wpa_
+ 
+ 	params->meshid = ssid->ssid;
+ 	params->meshid_len = ssid->ssid_len;
+	params->mcast_rate = ssid->mcast_rate;
+ 	ibss_mesh_setup_freq(wpa_s, ssid, &params->freq);
+ 	wpa_s->mesh_ht_enabled = !!params->freq.ht_enabled;
+ 	wpa_s->mesh_vht_enabled = !!params->freq.vht_enabled;
--- a/feeds/hostapd/hostapd/patches/464-fix-mesh-obss-check.patch
+++ b/feeds/hostapd/hostapd/patches/464-fix-mesh-obss-check.patch
@@ -0,0 +1,13 @@
+--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
+@@ -3040,6 +3040,10 @@ void ibss_mesh_setup_freq(struct wpa_sup
+ 
+ 	freq->freq = ssid->frequency;
+ 
+	if (ssid->fixed_freq) {
+		obss_scan = 0;
+	}
+
+ 	if (ssid->mode == WPAS_MODE_IBSS && !ssid->fixed_freq) {
+ 		struct wpa_bss *bss = ibss_find_existing_bss(wpa_s, ssid);
+ 
--- a/feeds/hostapd/hostapd/patches/465-hostapd-config-support-random-BSS-color.patch
+++ b/feeds/hostapd/hostapd/patches/465-hostapd-config-support-random-BSS-color.patch
@@ -0,0 +1,24 @@
+From c9304d3303d563ad6d2619f4e07864ed12f96889 Mon Sep 17 00:00:00 2001
+From: David Bauer <mail@david-bauer.net>
+Date: Sat, 14 May 2022 21:41:03 +0200
+Subject: [PATCH] hostapd: config: support random BSS color
+
+Configure the HE BSS color to a random value in case the config defines
+a BSS color which exceeds the max BSS color (63).
+
+Signed-off-by: David Bauer <mail@david-bauer.net>
+---
+ hostapd/config_file.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
+@@ -3500,6 +3500,8 @@ static int hostapd_config_fill(struct ho
+ 	} else if (os_strcmp(buf, "he_bss_color") == 0) {
+ 		conf->he_op.he_bss_color = atoi(pos) & 0x3f;
+ 		conf->he_op.he_bss_color_disabled = 0;
+		if (atoi(pos) > 63)
+			conf->he_op.he_bss_color = os_random() % 63 + 1;
+ 	} else if (os_strcmp(buf, "he_bss_color_partial") == 0) {
+ 		conf->he_op.he_bss_color_partial = atoi(pos);
+ 	} else if (os_strcmp(buf, "he_default_pe_duration") == 0) {
--- a/feeds/hostapd/hostapd/patches/470-survey_data_fallback.patch
+++ b/feeds/hostapd/hostapd/patches/470-survey_data_fallback.patch
@@ -0,0 +1,30 @@
+--- a/src/ap/acs.c
+++ b/src/ap/acs.c
+@@ -455,17 +455,17 @@ static int acs_get_bw_center_chan(int fr
+ static int acs_survey_is_sufficient(struct freq_survey *survey)
+ {
+ 	if (!(survey->filled & SURVEY_HAS_NF)) {
+		survey->nf = -95;
+ 		wpa_printf(MSG_INFO,
+ 			   "ACS: Survey for freq %d is missing noise floor",
+ 			   survey->freq);
+-		return 0;
+ 	}
+ 
+ 	if (!(survey->filled & SURVEY_HAS_CHAN_TIME)) {
+		survey->channel_time = 0;
+ 		wpa_printf(MSG_INFO,
+ 			   "ACS: Survey for freq %d is missing channel time",
+ 			   survey->freq);
+-		return 0;
+ 	}
+ 
+ 	if (!(survey->filled & SURVEY_HAS_CHAN_TIME_BUSY) &&
+@@ -473,7 +473,6 @@ static int acs_survey_is_sufficient(stru
+ 		wpa_printf(MSG_INFO,
+ 			   "ACS: Survey for freq %d is missing RX and busy time (at least one is required)",
+ 			   survey->freq);
+-		return 0;
+ 	}
+ 
+ 	return 1;
--- a/feeds/hostapd/hostapd/patches/500-lto-jobserver-support.patch
+++ b/feeds/hostapd/hostapd/patches/500-lto-jobserver-support.patch
@@ -1,6 +1,6 @@
 --- a/hostapd/Makefile
 +++ b/hostapd/Makefile
-@@ -1293,7 +1293,7 @@ hostapd_multi.a: $(BCHECK) $(OBJS)
+@@ -1396,7 +1396,7 @@ hostapd_multi.a: $(BCHECK) $(OBJS)
 	@$(AR) cr $@ hostapd_multi.o $(OBJS)
 
 hostapd: $(OBJS)
@@ -9,7 +9,7 @@
 	@$(E) "  LD " $@
 
 ifdef CONFIG_WPA_TRACE
-@@ -1304,7 +1304,7 @@ _OBJS_VAR := OBJS_c
+@@ -1407,7 +1407,7 @@ _OBJS_VAR := OBJS_c
 include ../src/objs.mk
 
 hostapd_cli: $(OBJS_c)
@@ -20,7 +20,7 @@
 NOBJS = nt_password_hash.o ../src/crypto/ms_funcs.o $(SHA1OBJS)
 --- a/wpa_supplicant/Makefile
 +++ b/wpa_supplicant/Makefile
-@@ -1905,31 +1905,31 @@ wpa_supplicant_multi.a: .config $(BCHECK
+@@ -2037,31 +2037,31 @@ wpa_supplicant_multi.a: .config $(BCHECK
 	@$(AR) cr $@ wpa_supplicant_multi.o $(OBJS)
 
 wpa_supplicant: $(BCHECK) $(OBJS) $(EXTRA_progs)
--- a/feeds/hostapd/hostapd/patches/590-rrm-wnm-statistics.patch
+++ b/feeds/hostapd/hostapd/patches/590-rrm-wnm-statistics.patch
@@ -1,6 +1,6 @@
 --- a/src/ap/hostapd.h
 +++ b/src/ap/hostapd.h
-@@ -148,6 +148,21 @@ struct hostapd_sae_commit_queue {
+@@ -163,6 +163,21 @@ struct hostapd_sae_commit_queue {
 };
 
 /**
@@ -22,9 +22,9 @@
  * struct hostapd_data - hostapd per-BSS data structure
  */
 struct hostapd_data {
-@@ -161,6 +176,9 @@ struct hostapd_data {
+@@ -182,6 +197,9 @@ struct hostapd_data {
 
- 	u8 own_addr[ETH_ALEN];
+ 	struct hostapd_data *mld_first_bss;
 
 +	/* OpenWrt specific statistics */
 +	struct hostapd_openwrt_stats openwrt_stats;
@@ -42,9 +42,9 @@
 	wpa_printf(MSG_DEBUG, "WNM: Send BSS Transition Management Request to "
 		   MACSTR " dialog_token=%u req_mode=0x%x disassoc_timer=%u "
 		   "validity_interval=%u",
-@@ -646,10 +647,12 @@ int ieee802_11_rx_wnm_action_ap(struct h
- 
- 	switch (action) {
+@@ -790,10 +791,12 @@ int ieee802_11_rx_wnm_action_ap(struct h
+ 					       plen);
+ 		return 0;
 	case WNM_BSS_TRANS_MGMT_QUERY:
 +		hapd->openwrt_stats.wnm.bss_transition_query_rx++;
 		ieee802_11_rx_bss_trans_mgmt_query(hapd, mgmt->sa, payload,
@@ -55,7 +55,7 @@
 		ieee802_11_rx_bss_trans_mgmt_resp(hapd, mgmt->sa, payload,
 						  plen);
 		return 0;
-@@ -696,6 +699,7 @@ int wnm_send_disassoc_imminent(struct ho
+@@ -840,6 +843,7 @@ int wnm_send_disassoc_imminent(struct ho
 
 	pos = mgmt->u.action.u.bss_tm_req.variable;
 
@@ -63,7 +63,7 @@
 	wpa_printf(MSG_DEBUG, "WNM: Send BSS Transition Management Request frame to indicate imminent disassociation (disassoc_timer=%d) to "
 		   MACSTR, disassoc_timer, MAC2STR(sta->addr));
 	if (hostapd_drv_send_mlme(hapd, buf, pos - buf, 0, NULL, 0, 0) < 0) {
-@@ -777,6 +781,7 @@ int wnm_send_ess_disassoc_imminent(struc
+@@ -921,6 +925,7 @@ int wnm_send_ess_disassoc_imminent(struc
 		return -1;
 	}
 
@@ -71,7 +71,7 @@
 	if (disassoc_timer) {
 		/* send disassociation frame after time-out */
 		set_disassoc_timer(hapd, sta, disassoc_timer);
-@@ -856,6 +861,7 @@ int wnm_send_bss_tm_req(struct hostapd_d
+@@ -1001,6 +1006,7 @@ int wnm_send_bss_tm_req(struct hostapd_d
 	}
 	os_free(buf);
 
--- a/feeds/hostapd/hostapd/patches/599-wpa_supplicant-fix-warnings.patch
+++ b/feeds/hostapd/hostapd/patches/599-wpa_supplicant-fix-warnings.patch
--- a/feeds/hostapd/hostapd/patches/600-ubus_support.patch
+++ b/feeds/hostapd/hostapd/patches/600-ubus_support.patch
@@ -0,0 +1,738 @@
+--- a/hostapd/Makefile
+++ b/hostapd/Makefile
+@@ -166,6 +166,12 @@ OBJS += ../src/common/hw_features_common
+ 
+ OBJS += ../src/eapol_auth/eapol_auth_sm.o
+ 
+ifdef CONFIG_UBUS
+CFLAGS += -DUBUS_SUPPORT
+OBJS += ../src/utils/uloop.o
+OBJS += ../src/ap/ubus.o
+LIBS += -lubox -lubus
+endif
+ 
+ ifdef CONFIG_CODE_COVERAGE
+ CFLAGS += -O0 -fprofile-arcs -ftest-coverage
+--- a/src/ap/hostapd.h
+++ b/src/ap/hostapd.h
+@@ -18,6 +18,7 @@
+ #include "utils/list.h"
+ #include "ap_config.h"
+ #include "drivers/driver.h"
+#include "ubus.h"
+ 
+ #define OCE_STA_CFON_ENABLED(hapd) \
+ 	((hapd->conf->oce & OCE_STA_CFON) && \
+@@ -184,6 +185,7 @@ struct hostapd_data {
+ 	struct hostapd_iface *iface;
+ 	struct hostapd_config *iconf;
+ 	struct hostapd_bss_config *conf;
+	struct hostapd_ubus_bss ubus;
+ 	int interface_added; /* virtual interface added for this BSS */
+ 	unsigned int started:1;
+ 	unsigned int disabled:1;
+@@ -695,6 +697,7 @@ hostapd_alloc_bss_data(struct hostapd_if
+ 		       struct hostapd_bss_config *bss);
+ int hostapd_setup_interface(struct hostapd_iface *iface);
+ int hostapd_setup_interface_complete(struct hostapd_iface *iface, int err);
+void hostapd_set_own_neighbor_report(struct hostapd_data *hapd);
+ void hostapd_interface_deinit(struct hostapd_iface *iface);
+ void hostapd_interface_free(struct hostapd_iface *iface);
+ struct hostapd_iface * hostapd_alloc_iface(void);
+--- a/src/ap/hostapd.c
+++ b/src/ap/hostapd.c
+@@ -435,6 +435,7 @@ void hostapd_free_hapd_data(struct hosta
+ 	hapd->beacon_set_done = 0;
+ 
+ 	wpa_printf(MSG_DEBUG, "%s(%s)", __func__, hapd->conf->iface);
+	hostapd_ubus_free_bss(hapd);
+ 	accounting_deinit(hapd);
+ 	hostapd_deinit_wpa(hapd);
+ 	vlan_deinit(hapd);
+@@ -1187,6 +1188,8 @@ static int hostapd_start_beacon(struct h
+ 	if (hapd->driver && hapd->driver->set_operstate)
+ 		hapd->driver->set_operstate(hapd->drv_priv, 1);
+ 
+	hostapd_ubus_add_bss(hapd);
+
+ 	return 0;
+ }
+ 
+@@ -2275,6 +2278,7 @@ static int hostapd_setup_interface_compl
+ 	if (err)
+ 		goto fail;
+ 
+	hostapd_ubus_add_iface(iface);
+ 	wpa_printf(MSG_DEBUG, "Completing interface initialization");
+ 	if (iface->freq) {
+ #ifdef NEED_AP_MLME
+@@ -2494,6 +2498,7 @@ dfs_offload:
+ 
+ fail:
+ 	wpa_printf(MSG_ERROR, "Interface initialization failed");
+	hostapd_ubus_free_iface(iface);
+ 
+ 	if (iface->is_no_ir) {
+ 		hostapd_set_state(iface, HAPD_IFACE_NO_IR);
+@@ -2984,6 +2989,7 @@ void hostapd_interface_deinit_free(struc
+ 		   (unsigned int) iface->conf->num_bss);
+ 	driver = iface->bss[0]->driver;
+ 	drv_priv = iface->bss[0]->drv_priv;
+	hostapd_ubus_free_iface(iface);
+ 	hostapd_interface_deinit(iface);
+ 	wpa_printf(MSG_DEBUG, "%s: driver=%p drv_priv=%p -> hapd_deinit",
+ 		   __func__, driver, drv_priv);
+--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
+@@ -2786,7 +2786,7 @@ static void handle_auth(struct hostapd_d
+ 	u16 auth_alg, auth_transaction, status_code;
+ 	u16 resp = WLAN_STATUS_SUCCESS;
+ 	struct sta_info *sta = NULL;
+-	int res, reply_res;
+	int res, reply_res, ubus_resp;
+ 	u16 fc;
+ 	const u8 *challenge = NULL;
+ 	u8 resp_ies[2 + WLAN_AUTH_CHALLENGE_LEN];
+@@ -2795,6 +2795,11 @@ static void handle_auth(struct hostapd_d
+ 	struct radius_sta rad_info;
+ 	const u8 *dst, *sa, *bssid;
+ 	bool mld_sta = false;
+	struct hostapd_ubus_request req = {
+		.type = HOSTAPD_UBUS_AUTH_REQ,
+		.mgmt_frame = mgmt,
+		.ssi_signal = rssi,
+	};
+ 
+ 	if (len < IEEE80211_HDRLEN + sizeof(mgmt->u.auth)) {
+ 		wpa_printf(MSG_INFO, "handle_auth - too short payload (len=%lu)",
+@@ -2986,6 +2991,13 @@ static void handle_auth(struct hostapd_d
+ 		resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
+ 		goto fail;
+ 	}
+	ubus_resp = hostapd_ubus_handle_event(hapd, &req);
+	if (0 && ubus_resp) {
+		wpa_printf(MSG_DEBUG, "Station " MACSTR " rejected by ubus handler.\n",
+			MAC2STR(mgmt->sa));
+		resp = ubus_resp > 0 ? (u16) ubus_resp : WLAN_STATUS_UNSPECIFIED_FAILURE;
+		goto fail;
+	}
+ 	if (res == HOSTAPD_ACL_PENDING)
+ 		return;
+ 
+@@ -5161,7 +5173,7 @@ static void handle_assoc(struct hostapd_
+ 	int resp = WLAN_STATUS_SUCCESS;
+ 	u16 reply_res = WLAN_STATUS_UNSPECIFIED_FAILURE;
+ 	const u8 *pos;
+-	int left, i;
+	int left, i, ubus_resp;
+ 	struct sta_info *sta;
+ 	u8 *tmp = NULL;
+ #ifdef CONFIG_FILS
+@@ -5374,6 +5386,11 @@ static void handle_assoc(struct hostapd_
+ 		left = res;
+ 	}
+ #endif /* CONFIG_FILS */
+	struct hostapd_ubus_request req = {
+		.type = HOSTAPD_UBUS_ASSOC_REQ,
+		.mgmt_frame = mgmt,
+		.ssi_signal = rssi,
+	};
+ 
+ 	/* followed by SSID and Supported rates; and HT capabilities if 802.11n
+ 	 * is used */
+@@ -5472,6 +5489,13 @@ static void handle_assoc(struct hostapd_
+ 	}
+ #endif /* CONFIG_FILS */
+ 
+	ubus_resp = hostapd_ubus_handle_event(hapd, &req);
+	if (0 && ubus_resp) {
+		wpa_printf(MSG_DEBUG, "Station " MACSTR " assoc rejected by ubus handler.\n",
+		       MAC2STR(mgmt->sa));
+		resp = ubus_resp > 0 ? (u16) ubus_resp : WLAN_STATUS_UNSPECIFIED_FAILURE;
+		goto fail;
+	}
+  fail:
+ 
+ 	/*
+@@ -5753,6 +5777,7 @@ static void handle_disassoc(struct hosta
+ 			   (unsigned long) len);
+ 		return;
+ 	}
+	hostapd_ubus_notify(hapd, "disassoc", mgmt->sa);
+ 
+ 	sta = ap_get_sta(hapd, mgmt->sa);
+ 	if (!sta) {
+@@ -5784,6 +5809,8 @@ static void handle_deauth(struct hostapd
+ 	/* Clear the PTKSA cache entries for PASN */
+ 	ptksa_cache_flush(hapd->ptksa, mgmt->sa, WPA_CIPHER_NONE);
+ 
+	hostapd_ubus_notify(hapd, "deauth", mgmt->sa);
+
+ 	sta = ap_get_sta(hapd, mgmt->sa);
+ 	if (!sta) {
+ 		wpa_msg(hapd->msg_ctx, MSG_DEBUG, "Station " MACSTR
+--- a/src/ap/beacon.c
+++ b/src/ap/beacon.c
+@@ -1036,6 +1036,12 @@ void handle_probe_req(struct hostapd_dat
+ 	u16 csa_offs[2];
+ 	size_t csa_offs_len;
+ 	struct radius_sta rad_info;
+	struct hostapd_ubus_request req = {
+		.type = HOSTAPD_UBUS_PROBE_REQ,
+		.mgmt_frame = mgmt,
+		.ssi_signal = ssi_signal,
+		.elems = &elems,
+	};
+ 
+ 	if (hapd->iconf->rssi_ignore_probe_request && ssi_signal &&
+ 	    ssi_signal < hapd->iconf->rssi_ignore_probe_request)
+@@ -1222,6 +1228,12 @@ void handle_probe_req(struct hostapd_dat
+ 	}
+ #endif /* CONFIG_P2P */
+ 
+	if (hostapd_ubus_handle_event(hapd, &req)) {
+		wpa_printf(MSG_DEBUG, "Probe request for " MACSTR " rejected by ubus handler.\n",
+		       MAC2STR(mgmt->sa));
+		return;
+	}
+
+ 	/* TODO: verify that supp_rates contains at least one matching rate
+ 	 * with AP configuration */
+ 
+--- a/src/ap/drv_callbacks.c
+++ b/src/ap/drv_callbacks.c
+@@ -260,6 +260,10 @@ int hostapd_notif_assoc(struct hostapd_d
+ 	u16 reason = WLAN_REASON_UNSPECIFIED;
+ 	int status = WLAN_STATUS_SUCCESS;
+ 	const u8 *p2p_dev_addr = NULL;
+	struct hostapd_ubus_request req = {
+		.type = HOSTAPD_UBUS_ASSOC_REQ,
+		.addr = addr,
+	};
+ 
+ 	if (addr == NULL) {
+ 		/*
+@@ -396,6 +400,12 @@ int hostapd_notif_assoc(struct hostapd_d
+ 		goto fail;
+ 	}
+ 
+	if (hostapd_ubus_handle_event(hapd, &req)) {
+		wpa_printf(MSG_DEBUG, "Station " MACSTR " assoc rejected by ubus handler.\n",
+			   MAC2STR(req.addr));
+		goto fail;
+	}
+
+ #ifdef CONFIG_P2P
+ 	if (elems.p2p) {
+ 		wpabuf_free(sta->p2p_ie);
+--- a/src/ap/sta_info.c
+++ b/src/ap/sta_info.c
+@@ -471,6 +471,7 @@ void ap_handle_timer(void *eloop_ctx, vo
+ 		hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
+ 			       HOSTAPD_LEVEL_INFO, "deauthenticated due to "
+ 			       "local deauth request");
+		hostapd_ubus_notify(hapd, "local-deauth", sta->addr);
+ 		ap_free_sta(hapd, sta);
+ 		return;
+ 	}
+@@ -626,6 +627,7 @@ skip_poll:
+ 		mlme_deauthenticate_indication(
+ 			hapd, sta,
+ 			WLAN_REASON_PREV_AUTH_NOT_VALID);
+		hostapd_ubus_notify(hapd, "inactive-deauth", sta->addr);
+ 		ap_free_sta(hapd, sta);
+ 		break;
+ 	}
+@@ -1344,15 +1346,28 @@ void ap_sta_set_authorized(struct hostap
+ 					sta->addr, authorized, dev_addr);
+ 
+ 	if (authorized) {
+		static const char * const auth_algs[] = {
+			[WLAN_AUTH_OPEN] = "open",
+			[WLAN_AUTH_SHARED_KEY] = "shared",
+			[WLAN_AUTH_FT] = "ft",
+			[WLAN_AUTH_SAE] = "sae",
+			[WLAN_AUTH_FILS_SK] = "fils-sk",
+			[WLAN_AUTH_FILS_SK_PFS] = "fils-sk-pfs",
+			[WLAN_AUTH_FILS_PK] = "fils-pk",
+			[WLAN_AUTH_PASN] = "pasn",
+		};
+		const char *auth_alg = NULL;
+ 		const u8 *dpp_pkhash;
+ 		const char *keyid;
+ 		char dpp_pkhash_buf[100];
+ 		char keyid_buf[100];
+ 		char ip_addr[100];
+		char alg_buf[100];
+ 
+ 		dpp_pkhash_buf[0] = '\0';
+ 		keyid_buf[0] = '\0';
+ 		ip_addr[0] = '\0';
+		alg_buf[0] = '\0';
+ #ifdef CONFIG_P2P
+ 		if (wpa_auth_get_ip_addr(sta->wpa_sm, ip_addr_buf) == 0) {
+ 			os_snprintf(ip_addr, sizeof(ip_addr),
+@@ -1362,6 +1377,13 @@ void ap_sta_set_authorized(struct hostap
+ 		}
+ #endif /* CONFIG_P2P */
+ 
+		if (sta->auth_alg < ARRAY_SIZE(auth_algs))
+			auth_alg = auth_algs[sta->auth_alg];
+
+		if (auth_alg)
+			os_snprintf(alg_buf, sizeof(alg_buf),
+				" auth_alg=%s", auth_alg);
+
+ 		keyid = ap_sta_wpa_get_keyid(hapd, sta);
+ 		if (keyid) {
+ 			os_snprintf(keyid_buf, sizeof(keyid_buf),
+@@ -1380,17 +1402,19 @@ void ap_sta_set_authorized(struct hostap
+ 					 dpp_pkhash, SHA256_MAC_LEN);
+ 		}
+ 
+-		wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_CONNECTED "%s%s%s%s",
+-			buf, ip_addr, keyid_buf, dpp_pkhash_buf);
+		hostapd_ubus_notify_authorized(hapd, sta);
+		wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_CONNECTED "%s%s%s%s%s",
+			buf, ip_addr, keyid_buf, dpp_pkhash_buf, alg_buf);
+ 
+ 		if (hapd->msg_ctx_parent &&
+ 		    hapd->msg_ctx_parent != hapd->msg_ctx)
+ 			wpa_msg_no_global(hapd->msg_ctx_parent, MSG_INFO,
+-					  AP_STA_CONNECTED "%s%s%s%s",
+					  AP_STA_CONNECTED "%s%s%s%s%s",
+ 					  buf, ip_addr, keyid_buf,
+-					  dpp_pkhash_buf);
+					  dpp_pkhash_buf, alg_buf);
+ 	} else {
+ 		wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_DISCONNECTED "%s", buf);
+		hostapd_ubus_notify(hapd, "disassoc", sta->addr);
+ 
+ 		if (hapd->msg_ctx_parent &&
+ 		    hapd->msg_ctx_parent != hapd->msg_ctx)
+--- a/src/ap/wpa_auth_glue.c
+++ b/src/ap/wpa_auth_glue.c
+@@ -269,6 +269,7 @@ static void hostapd_wpa_auth_psk_failure
+ 	struct hostapd_data *hapd = ctx;
+ 	wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_POSSIBLE_PSK_MISMATCH MACSTR,
+ 		MAC2STR(addr));
+	hostapd_ubus_notify(hapd, "key-mismatch", addr);
+ }
+ 
+ 
+--- a/wpa_supplicant/Makefile
+++ b/wpa_supplicant/Makefile
+@@ -192,6 +192,13 @@ ifdef CONFIG_EAPOL_TEST
+ CFLAGS += -Werror -DEAPOL_TEST
+ endif
+ 
+ifdef CONFIG_UBUS
+CFLAGS += -DUBUS_SUPPORT
+OBJS += ubus.o
+OBJS += ../src/utils/uloop.o
+LIBS += -lubox -lubus
+endif
+
+ ifdef CONFIG_CODE_COVERAGE
+ CFLAGS += -O0 -fprofile-arcs -ftest-coverage
+ LIBS += -lgcov
+@@ -987,6 +994,9 @@ ifdef CONFIG_CTRL_IFACE_MIB
+ CFLAGS += -DCONFIG_CTRL_IFACE_MIB
+ endif
+ OBJS += ../src/ap/ctrl_iface_ap.o
+ifdef CONFIG_UBUS
+OBJS += ../src/ap/ubus.o
+endif
+ endif
+ 
+ CFLAGS += -DEAP_SERVER -DEAP_SERVER_IDENTITY
+--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
+@@ -7593,6 +7593,8 @@ struct wpa_supplicant * wpa_supplicant_a
+ 	}
+ #endif /* CONFIG_P2P */
+ 
+	wpas_ubus_add_bss(wpa_s);
+
+ 	return wpa_s;
+ }
+ 
+@@ -7619,6 +7621,8 @@ int wpa_supplicant_remove_iface(struct w
+ 	struct wpa_supplicant *parent = wpa_s->parent;
+ #endif /* CONFIG_MESH */
+ 
+	wpas_ubus_free_bss(wpa_s);
+
+ 	/* Remove interface from the global list of interfaces */
+ 	prev = global->ifaces;
+ 	if (prev == wpa_s) {
+@@ -7965,8 +7969,12 @@ int wpa_supplicant_run(struct wpa_global
+ 	eloop_register_signal_terminate(wpa_supplicant_terminate, global);
+ 	eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
+ 
+	wpas_ubus_add(global);
+
+ 	eloop_run();
+ 
+	wpas_ubus_free(global);
+
+ 	return 0;
+ }
+ 
+--- a/wpa_supplicant/wpa_supplicant_i.h
+++ b/wpa_supplicant/wpa_supplicant_i.h
+@@ -21,6 +21,7 @@
+ #include "config_ssid.h"
+ #include "wmm_ac.h"
+ #include "pasn/pasn_common.h"
+#include "ubus.h"
+ 
+ extern const char *const wpa_supplicant_version;
+ extern const char *const wpa_supplicant_license;
+@@ -319,6 +320,8 @@ struct wpa_global {
+ #endif /* CONFIG_WIFI_DISPLAY */
+ 
+ 	struct psk_list_entry *add_psk; /* From group formation */
+
+	struct ubus_object ubus_global;
+ };
+ 
+ 
+@@ -685,6 +688,7 @@ struct wpa_supplicant {
+ 	unsigned char own_addr[ETH_ALEN];
+ 	unsigned char perm_addr[ETH_ALEN];
+ 	char ifname[100];
+	struct wpas_ubus_bss ubus;
+ #ifdef CONFIG_MATCH_IFACE
+ 	int matched;
+ #endif /* CONFIG_MATCH_IFACE */
+--- a/wpa_supplicant/wps_supplicant.c
+++ b/wpa_supplicant/wps_supplicant.c
+@@ -33,6 +33,7 @@
+ #include "p2p/p2p.h"
+ #include "p2p_supplicant.h"
+ #include "wps_supplicant.h"
+#include "ubus.h"
+ 
+ 
+ #ifndef WPS_PIN_SCAN_IGNORE_SEL_REG
+@@ -402,6 +403,8 @@ static int wpa_supplicant_wps_cred(void
+ 	wpa_hexdump_key(MSG_DEBUG, "WPS: Received Credential attribute",
+ 			cred->cred_attr, cred->cred_attr_len);
+ 
+	wpas_ubus_notify(wpa_s, cred);
+
+ 	if (wpa_s->conf->wps_cred_processing == 1)
+ 		return 0;
+ 
+--- a/wpa_supplicant/main.c
+++ b/wpa_supplicant/main.c
+@@ -203,7 +203,7 @@ int main(int argc, char *argv[])
+ 
+ 	for (;;) {
+ 		c = getopt(argc, argv,
+-			   "b:Bc:C:D:de:f:g:G:hi:I:KLMm:No:O:p:P:qsTtuv::W");
+			   "b:Bc:C:D:de:f:g:G:hi:I:KLMm:nNo:O:p:P:qsTtuv::W");
+ 		if (c < 0)
+ 			break;
+ 		switch (c) {
+@@ -268,6 +268,9 @@ int main(int argc, char *argv[])
+ 			params.conf_p2p_dev = optarg;
+ 			break;
+ #endif /* CONFIG_P2P */
+		case 'n':
+			iface_count = 0;
+			break;
+ 		case 'o':
+ 			params.override_driver = optarg;
+ 			break;
+--- a/src/ap/rrm.c
+++ b/src/ap/rrm.c
+@@ -89,6 +89,9 @@ static void hostapd_handle_beacon_report
+ 		return;
+ 	wpa_msg(hapd->msg_ctx, MSG_INFO, BEACON_RESP_RX MACSTR " %u %02x %s",
+ 		MAC2STR(addr), token, rep_mode, report);
+	if (len < sizeof(struct rrm_measurement_beacon_report))
+		return;
+	hostapd_ubus_notify_beacon_report(hapd, addr, token, rep_mode, (struct rrm_measurement_beacon_report*) pos, len);
+ }
+ 
+ 
+--- a/src/ap/vlan_init.c
+++ b/src/ap/vlan_init.c
+@@ -22,6 +22,7 @@
+ static int vlan_if_add(struct hostapd_data *hapd, struct hostapd_vlan *vlan,
+ 		       int existsok)
+ {
+	bool vlan_exists = iface_exists(vlan->ifname);
+ 	int ret;
+ #ifdef CONFIG_WEP
+ 	int i;
+@@ -36,7 +37,7 @@ static int vlan_if_add(struct hostapd_da
+ 	}
+ #endif /* CONFIG_WEP */
+ 
+-	if (!iface_exists(vlan->ifname))
+	if (!vlan_exists)
+ 		ret = hostapd_vlan_if_add(hapd, vlan->ifname);
+ 	else if (!existsok)
+ 		return -1;
+@@ -51,6 +52,9 @@ static int vlan_if_add(struct hostapd_da
+ 	if (hapd->wpa_auth)
+ 		ret = wpa_auth_ensure_group(hapd->wpa_auth, vlan->vlan_id);
+ 
+	if (!ret && !vlan_exists)
+		hostapd_ubus_add_vlan(hapd, vlan);
+
+ 	if (ret == 0)
+ 		return ret;
+ 
+@@ -77,6 +81,8 @@ int vlan_if_remove(struct hostapd_data *
+ 			   "WPA deinitialization for VLAN %d failed (%d)",
+ 			   vlan->vlan_id, ret);
+ 
+	hostapd_ubus_remove_vlan(hapd, vlan);
+
+ 	return hostapd_vlan_if_remove(hapd, vlan->ifname);
+ }
+ 
+--- a/src/ap/dfs.c
+++ b/src/ap/dfs.c
+@@ -1216,6 +1216,8 @@ int hostapd_dfs_pre_cac_expired(struct h
+ 		"freq=%d ht_enabled=%d chan_offset=%d chan_width=%d cf1=%d cf2=%d",
+ 		freq, ht_enabled, chan_offset, chan_width, cf1, cf2);
+ 
+	hostapd_ubus_notify_radar_detected(iface, freq, chan_width, cf1, cf2);
+
+ 	/* Proceed only if DFS is not offloaded to the driver */
+ 	if (iface->drv_flags & WPA_DRIVER_FLAGS_DFS_OFFLOAD)
+ 		return 0;
+--- a/src/ap/airtime_policy.c
+++ b/src/ap/airtime_policy.c
+@@ -112,8 +112,14 @@ static void set_sta_weights(struct hosta
+ {
+ 	struct sta_info *sta;
+ 
+-	for (sta = hapd->sta_list; sta; sta = sta->next)
+-		sta_set_airtime_weight(hapd, sta, weight);
+	for (sta = hapd->sta_list; sta; sta = sta->next) {
+		unsigned int sta_weight = weight;
+
+		if (sta->dyn_airtime_weight)
+			sta_weight = (weight * sta->dyn_airtime_weight) / 256;
+
+		sta_set_airtime_weight(hapd, sta, sta_weight);
+	}
+ }
+ 
+ 
+@@ -244,7 +250,10 @@ int airtime_policy_new_sta(struct hostap
+ 	unsigned int weight;
+ 
+ 	if (hapd->iconf->airtime_mode == AIRTIME_MODE_STATIC) {
+-		weight = get_weight_for_sta(hapd, sta->addr);
+		if (sta->dyn_airtime_weight)
+			weight = sta->dyn_airtime_weight;
+		else
+			weight = get_weight_for_sta(hapd, sta->addr);
+ 		if (weight)
+ 			return sta_set_airtime_weight(hapd, sta, weight);
+ 	}
+--- a/src/ap/sta_info.h
+++ b/src/ap/sta_info.h
+@@ -322,6 +322,7 @@ struct sta_info {
+ #endif /* CONFIG_TESTING_OPTIONS */
+ #ifdef CONFIG_AIRTIME_POLICY
+ 	unsigned int airtime_weight;
+	unsigned int dyn_airtime_weight;
+ 	struct os_reltime backlogged_until;
+ #endif /* CONFIG_AIRTIME_POLICY */
+ 
+--- a/src/ap/wnm_ap.c
+++ b/src/ap/wnm_ap.c
+@@ -455,7 +455,8 @@ static void ieee802_11_rx_bss_trans_mgmt
+ 		MAC2STR(addr), reason, hex ? " neighbor=" : "", hex);
+ 	os_free(hex);
+ 
+-	ieee802_11_send_bss_trans_mgmt_request(hapd, addr, dialog_token);
+	if (!hostapd_ubus_notify_bss_transition_query(hapd, addr, dialog_token, reason, pos, end - pos))
+		ieee802_11_send_bss_trans_mgmt_request(hapd, addr, dialog_token);
+ }
+ 
+ 
+@@ -477,7 +478,7 @@ static void ieee802_11_rx_bss_trans_mgmt
+ 					      size_t len)
+ {
+ 	u8 dialog_token, status_code, bss_termination_delay;
+-	const u8 *pos, *end;
+	const u8 *pos, *end, *target_bssid = NULL;
+ 	int enabled = hapd->conf->bss_transition;
+ 	struct sta_info *sta;
+ 
+@@ -524,6 +525,7 @@ static void ieee802_11_rx_bss_trans_mgmt
+ 			wpa_printf(MSG_DEBUG, "WNM: not enough room for Target BSSID field");
+ 			return;
+ 		}
+		target_bssid = pos;
+ 		sta->agreed_to_steer = 1;
+ 		eloop_cancel_timeout(ap_sta_reset_steer_flag_timer, hapd, sta);
+ 		eloop_register_timeout(2, 0, ap_sta_reset_steer_flag_timer,
+@@ -543,6 +545,10 @@ static void ieee802_11_rx_bss_trans_mgmt
+ 			MAC2STR(addr), status_code, bss_termination_delay);
+ 	}
+ 
+	hostapd_ubus_notify_bss_transition_response(hapd, sta->addr, dialog_token,
+						    status_code, bss_termination_delay,
+						    target_bssid, pos, end - pos);
+
+ 	wpa_hexdump(MSG_DEBUG, "WNM: BSS Transition Candidate List Entries",
+ 		    pos, end - pos);
+ }
+--- a/src/utils/eloop.c
+++ b/src/utils/eloop.c
+@@ -77,6 +77,9 @@ struct eloop_sock_table {
+ struct eloop_data {
+ 	int max_sock;
+ 
+	eloop_timeout_poll_handler timeout_poll_cb;
+	eloop_poll_handler poll_cb;
+
+ 	size_t count; /* sum of all table counts */
+ #ifdef CONFIG_ELOOP_POLL
+ 	size_t max_pollfd_map; /* number of pollfds_map currently allocated */
+@@ -1121,6 +1124,12 @@ void eloop_run(void)
+ 				os_reltime_sub(&timeout->time, &now, &tv);
+ 			else
+ 				tv.sec = tv.usec = 0;
+		}
+
+		if (eloop.timeout_poll_cb && eloop.timeout_poll_cb(&tv, !!timeout))
+			timeout = (void *)1;
+
+		if (timeout) {
+ #if defined(CONFIG_ELOOP_POLL) || defined(CONFIG_ELOOP_EPOLL)
+ 			timeout_ms = tv.sec * 1000 + tv.usec / 1000;
+ #endif /* defined(CONFIG_ELOOP_POLL) || defined(CONFIG_ELOOP_EPOLL) */
+@@ -1190,7 +1199,8 @@ void eloop_run(void)
+ 		eloop.exceptions.changed = 0;
+ 
+ 		eloop_process_pending_signals();
+-
+		if (eloop.poll_cb)
+			eloop.poll_cb();
+ 
+ 		/* check if some registered timeouts have occurred */
+ 		timeout = dl_list_first(&eloop.timeout, struct eloop_timeout,
+@@ -1252,6 +1262,14 @@ out:
+ 	return;
+ }
+ 
+int eloop_register_cb(eloop_poll_handler poll_cb,
+		      eloop_timeout_poll_handler timeout_cb)
+{
+	eloop.poll_cb = poll_cb;
+	eloop.timeout_poll_cb = timeout_cb;
+
+	return 0;
+}
+ 
+ void eloop_terminate(void)
+ {
+--- a/src/utils/eloop.h
+++ b/src/utils/eloop.h
+@@ -65,6 +65,9 @@ typedef void (*eloop_timeout_handler)(vo
+  */
+ typedef void (*eloop_signal_handler)(int sig, void *signal_ctx);
+ 
+typedef bool (*eloop_timeout_poll_handler)(struct os_reltime *tv, bool tv_set);
+typedef void (*eloop_poll_handler)(void);
+
+ /**
+  * eloop_init() - Initialize global event loop data
+  * Returns: 0 on success, -1 on failure
+@@ -73,6 +76,9 @@ typedef void (*eloop_signal_handler)(int
+  */
+ int eloop_init(void);
+ 
+int eloop_register_cb(eloop_poll_handler poll_cb,
+		      eloop_timeout_poll_handler timeout_cb);
+
+ /**
+  * eloop_register_read_sock - Register handler for read events
+  * @sock: File descriptor number for the socket
+@@ -320,6 +326,8 @@ int eloop_register_signal_reconfig(eloop
+  */
+ int eloop_sock_requeue(void);
+ 
+void eloop_add_uloop(void);
+
+ /**
+  * eloop_run - Start the event loop
+  *
+--- /dev/null
+++ b/src/utils/uloop.c
+@@ -0,0 +1,64 @@
+#include <libubox/uloop.h>
+#include "includes.h"
+#include "common.h"
+#include "eloop.h"
+
+static void eloop_uloop_event_cb(int sock, void *eloop_ctx, void *sock_ctx)
+{
+}
+
+static void eloop_uloop_fd_cb(struct uloop_fd *fd, unsigned int events)
+{
+	unsigned int changed = events ^ fd->flags;
+
+	if (changed & ULOOP_READ) {
+		if (events & ULOOP_READ)
+			eloop_register_sock(fd->fd, EVENT_TYPE_READ, eloop_uloop_event_cb, fd, fd);
+		else
+			eloop_unregister_sock(fd->fd, EVENT_TYPE_READ);
+	}
+
+	if (changed & ULOOP_WRITE) {
+		if (events & ULOOP_WRITE)
+			eloop_register_sock(fd->fd, EVENT_TYPE_WRITE, eloop_uloop_event_cb, fd, fd);
+		else
+			eloop_unregister_sock(fd->fd, EVENT_TYPE_WRITE);
+	}
+}
+
+static bool uloop_timeout_poll_handler(struct os_reltime *tv, bool tv_set)
+{
+	struct os_reltime tv_uloop;
+	int timeout_ms = uloop_get_next_timeout();
+
+	if (timeout_ms < 0)
+		return false;
+
+	tv_uloop.sec = timeout_ms / 1000;
+	tv_uloop.usec = (timeout_ms % 1000) * 1000;
+
+	if (!tv_set || os_reltime_before(&tv_uloop, tv)) {
+		*tv = tv_uloop;
+		return true;
+	}
+
+	return false;
+}
+
+static void uloop_poll_handler(void)
+{
+	uloop_run_timeout(0);
+}
+
+void eloop_add_uloop(void)
+{
+	static bool init_done = false;
+
+	if (!init_done) {
+		uloop_init();
+		uloop_fd_set_cb = eloop_uloop_fd_cb;
+		init_done = true;
+	}
+
+	eloop_register_cb(uloop_poll_handler, uloop_timeout_poll_handler);
+}
--- a/feeds/hostapd/hostapd/patches/601-ucode_support.patch
+++ b/feeds/hostapd/hostapd/patches/601-ucode_support.patch
@@ -0,0 +1,723 @@
+--- a/hostapd/Makefile
+++ b/hostapd/Makefile
+@@ -168,9 +168,21 @@ OBJS += ../src/eapol_auth/eapol_auth_sm.
+ 
+ ifdef CONFIG_UBUS
+ CFLAGS += -DUBUS_SUPPORT
+-OBJS += ../src/utils/uloop.o
+ OBJS += ../src/ap/ubus.o
+-LIBS += -lubox -lubus
+LIBS += -lubus
+NEED_ULOOP:=y
+endif
+
+ifdef CONFIG_UCODE
+CFLAGS += -DUCODE_SUPPORT
+OBJS += ../src/utils/ucode.o
+OBJS += ../src/ap/ucode.o
+NEED_ULOOP:=y
+endif
+
+ifdef NEED_ULOOP
+OBJS += ../src/utils/uloop.o
+LIBS += -lubox
+ endif
+ 
+ ifdef CONFIG_CODE_COVERAGE
+--- a/hostapd/main.c
+++ b/hostapd/main.c
+@@ -1007,6 +1007,7 @@ int main(int argc, char *argv[])
+ 	}
+ 
+ 	hostapd_global_ctrl_iface_init(&interfaces);
+	hostapd_ucode_init(&interfaces);
+ 
+ 	if (hostapd_global_run(&interfaces, daemonize, pid_file)) {
+ 		wpa_printf(MSG_ERROR, "Failed to start eloop");
+@@ -1016,6 +1017,7 @@ int main(int argc, char *argv[])
+ 	ret = 0;
+ 
+  out:
+	hostapd_ucode_free();
+ 	hostapd_global_ctrl_iface_deinit(&interfaces);
+ 	/* Deinitialize all interfaces */
+ 	for (i = 0; i < interfaces.count; i++) {
+--- a/src/ap/hostapd.h
+++ b/src/ap/hostapd.h
+@@ -19,6 +19,7 @@
+ #include "ap_config.h"
+ #include "drivers/driver.h"
+ #include "ubus.h"
+#include "ucode.h"
+ 
+ #define OCE_STA_CFON_ENABLED(hapd) \
+ 	((hapd->conf->oce & OCE_STA_CFON) && \
+@@ -51,6 +52,10 @@ struct hapd_interfaces {
+ 	struct hostapd_config * (*config_read_cb)(const char *config_fname);
+ 	int (*ctrl_iface_init)(struct hostapd_data *hapd);
+ 	void (*ctrl_iface_deinit)(struct hostapd_data *hapd);
+	int (*ctrl_iface_recv)(struct hostapd_data *hapd,
+			       char *buf, char *reply, int reply_size,
+			       struct sockaddr_storage *from,
+			       socklen_t fromlen);
+ 	int (*for_each_interface)(struct hapd_interfaces *interfaces,
+ 				  int (*cb)(struct hostapd_iface *iface,
+ 					    void *ctx), void *ctx);
+@@ -186,6 +191,7 @@ struct hostapd_data {
+ 	struct hostapd_config *iconf;
+ 	struct hostapd_bss_config *conf;
+ 	struct hostapd_ubus_bss ubus;
+	struct hostapd_ucode_bss ucode;
+ 	int interface_added; /* virtual interface added for this BSS */
+ 	unsigned int started:1;
+ 	unsigned int disabled:1;
+@@ -506,6 +512,7 @@ struct hostapd_sta_info {
+  */
+ struct hostapd_iface {
+ 	struct hapd_interfaces *interfaces;
+	struct hostapd_ucode_iface ucode;
+ 	void *owner;
+ 	char *config_fname;
+ 	struct hostapd_config *conf;
+@@ -706,6 +713,8 @@ struct hostapd_iface * hostapd_init(stru
+ struct hostapd_iface *
+ hostapd_interface_init_bss(struct hapd_interfaces *interfaces, const char *phy,
+ 			   const char *config_fname, int debug);
+int hostapd_setup_bss(struct hostapd_data *hapd, int first, bool start_beacon);
+void hostapd_bss_deinit(struct hostapd_data *hapd);
+ void hostapd_new_assoc_sta(struct hostapd_data *hapd, struct sta_info *sta,
+ 			   int reassoc);
+ void hostapd_interface_deinit_free(struct hostapd_iface *iface);
+@@ -732,6 +741,7 @@ hostapd_switch_channel_fallback(struct h
+ void hostapd_cleanup_cs_params(struct hostapd_data *hapd);
+ void hostapd_periodic_iface(struct hostapd_iface *iface);
+ int hostapd_owe_trans_get_info(struct hostapd_data *hapd);
+void hostapd_owe_update_trans(struct hostapd_iface *iface);
+ void hostapd_ocv_check_csa_sa_query(void *eloop_ctx, void *timeout_ctx);
+ 
+ void hostapd_switch_color(struct hostapd_data *hapd, u64 bitmap);
+--- a/src/ap/hostapd.c
+++ b/src/ap/hostapd.c
+@@ -252,6 +252,8 @@ int hostapd_reload_config(struct hostapd
+ 	struct hostapd_config *newconf, *oldconf;
+ 	size_t j;
+ 
+	hostapd_ucode_reload_bss(hapd);
+
+ 	if (iface->config_fname == NULL) {
+ 		/* Only in-memory config in use - assume it has been updated */
+ 		hostapd_clear_old(iface);
+@@ -435,6 +437,7 @@ void hostapd_free_hapd_data(struct hosta
+ 	hapd->beacon_set_done = 0;
+ 
+ 	wpa_printf(MSG_DEBUG, "%s(%s)", __func__, hapd->conf->iface);
+	hostapd_ucode_free_bss(hapd);
+ 	hostapd_ubus_free_bss(hapd);
+ 	accounting_deinit(hapd);
+ 	hostapd_deinit_wpa(hapd);
+@@ -538,7 +541,7 @@ void hostapd_free_hapd_data(struct hosta
+  * Most of the modules that are initialized in hostapd_setup_bss() are
+  * deinitialized here.
+  */
+-static void hostapd_cleanup(struct hostapd_data *hapd)
+void hostapd_cleanup(struct hostapd_data *hapd)
+ {
+ 	wpa_printf(MSG_DEBUG, "%s(hapd=%p (%s))", __func__, hapd,
+ 		   hapd->conf ? hapd->conf->iface : "N/A");
+@@ -600,6 +603,7 @@ void hostapd_cleanup_iface_partial(struc
+ static void hostapd_cleanup_iface(struct hostapd_iface *iface)
+ {
+ 	wpa_printf(MSG_DEBUG, "%s(%p)", __func__, iface);
+	hostapd_ucode_free_iface(iface);
+ 	eloop_cancel_timeout(hostapd_interface_setup_failure_handler, iface,
+ 			     NULL);
+ 
+@@ -1189,6 +1193,7 @@ static int hostapd_start_beacon(struct h
+ 		hapd->driver->set_operstate(hapd->drv_priv, 1);
+ 
+ 	hostapd_ubus_add_bss(hapd);
+	hostapd_ucode_add_bss(hapd);
+ 
+ 	return 0;
+ }
+@@ -1211,7 +1216,7 @@ static int hostapd_start_beacon(struct h
+  * initialized. Most of the modules that are initialized here will be
+  * deinitialized in hostapd_cleanup().
+  */
+-static int hostapd_setup_bss(struct hostapd_data *hapd, int first,
+int hostapd_setup_bss(struct hostapd_data *hapd, int first,
+ 			     bool start_beacon)
+ {
+ 	struct hostapd_bss_config *conf = hapd->conf;
+@@ -2237,7 +2242,7 @@ static int hostapd_owe_iface_iter2(struc
+ #endif /* CONFIG_OWE */
+ 
+ 
+-static void hostapd_owe_update_trans(struct hostapd_iface *iface)
+void hostapd_owe_update_trans(struct hostapd_iface *iface)
+ {
+ #ifdef CONFIG_OWE
+ 	/* Check whether the enabled BSS can complete OWE transition mode
+@@ -2698,7 +2703,7 @@ hostapd_alloc_bss_data(struct hostapd_if
+ }
+ 
+ 
+-static void hostapd_bss_deinit(struct hostapd_data *hapd)
+void hostapd_bss_deinit(struct hostapd_data *hapd)
+ {
+ 	if (!hapd)
+ 		return;
+@@ -3491,7 +3496,8 @@ int hostapd_remove_iface(struct hapd_int
+ 		hapd_iface = interfaces->iface[i];
+ 		if (hapd_iface == NULL)
+ 			return -1;
+-		if (!os_strcmp(hapd_iface->conf->bss[0]->iface, buf)) {
+		if (!os_strcmp(hapd_iface->phy, buf) ||
+		    !os_strcmp(hapd_iface->conf->bss[0]->iface, buf)) {
+ 			wpa_printf(MSG_INFO, "Remove interface '%s'", buf);
+ 			hapd_iface->driver_ap_teardown =
+ 				!!(hapd_iface->drv_flags &
+--- a/wpa_supplicant/Makefile
+++ b/wpa_supplicant/Makefile
+@@ -195,8 +195,20 @@ endif
+ ifdef CONFIG_UBUS
+ CFLAGS += -DUBUS_SUPPORT
+ OBJS += ubus.o
+LIBS += -lubus
+NEED_ULOOP:=y
+endif
+
+ifdef CONFIG_UCODE
+CFLAGS += -DUCODE_SUPPORT
+OBJS += ../src/utils/ucode.o
+OBJS += ucode.o
+NEED_ULOOP:=y
+endif
+
+ifdef NEED_ULOOP
+ OBJS += ../src/utils/uloop.o
+-LIBS += -lubox -lubus
+LIBS += -lubox
+ endif
+ 
+ ifdef CONFIG_CODE_COVERAGE
+@@ -997,6 +1009,9 @@ OBJS += ../src/ap/ctrl_iface_ap.o
+ ifdef CONFIG_UBUS
+ OBJS += ../src/ap/ubus.o
+ endif
+ifdef CONFIG_UCODE
+OBJS += ../src/ap/ucode.o
+endif
+ endif
+ 
+ CFLAGS += -DEAP_SERVER -DEAP_SERVER_IDENTITY
+--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
+@@ -1044,6 +1044,7 @@ void wpa_supplicant_set_state(struct wpa
+ 		sme_sched_obss_scan(wpa_s, 0);
+ 	}
+ 	wpa_s->wpa_state = state;
+	wpas_ucode_update_state(wpa_s);
+ 
+ #ifdef CONFIG_BGSCAN
+ 	if (state == WPA_COMPLETED && wpa_s->current_ssid != wpa_s->bgscan_ssid)
+@@ -7594,6 +7595,7 @@ struct wpa_supplicant * wpa_supplicant_a
+ #endif /* CONFIG_P2P */
+ 
+ 	wpas_ubus_add_bss(wpa_s);
+	wpas_ucode_add_bss(wpa_s);
+ 
+ 	return wpa_s;
+ }
+@@ -7621,6 +7623,7 @@ int wpa_supplicant_remove_iface(struct w
+ 	struct wpa_supplicant *parent = wpa_s->parent;
+ #endif /* CONFIG_MESH */
+ 
+	wpas_ucode_free_bss(wpa_s);
+ 	wpas_ubus_free_bss(wpa_s);
+ 
+ 	/* Remove interface from the global list of interfaces */
+@@ -7931,6 +7934,7 @@ struct wpa_global * wpa_supplicant_init(
+ 
+ 	eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
+ 			       wpas_periodic, global, NULL);
+	wpas_ucode_init(global);
+ 
+ 	return global;
+ }
+@@ -7969,12 +7973,8 @@ int wpa_supplicant_run(struct wpa_global
+ 	eloop_register_signal_terminate(wpa_supplicant_terminate, global);
+ 	eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
+ 
+-	wpas_ubus_add(global);
+-
+ 	eloop_run();
+ 
+-	wpas_ubus_free(global);
+-
+ 	return 0;
+ }
+ 
+@@ -8007,6 +8007,8 @@ void wpa_supplicant_deinit(struct wpa_gl
+ 
+ 	wpas_notify_supplicant_deinitialized(global);
+ 
+	wpas_ucode_free();
+
+ 	eap_peer_unregister_methods();
+ #ifdef CONFIG_AP
+ 	eap_server_unregister_methods();
+--- a/wpa_supplicant/wpa_supplicant_i.h
+++ b/wpa_supplicant/wpa_supplicant_i.h
+@@ -22,6 +22,7 @@
+ #include "wmm_ac.h"
+ #include "pasn/pasn_common.h"
+ #include "ubus.h"
+#include "ucode.h"
+ 
+ extern const char *const wpa_supplicant_version;
+ extern const char *const wpa_supplicant_license;
+@@ -689,6 +690,7 @@ struct wpa_supplicant {
+ 	unsigned char perm_addr[ETH_ALEN];
+ 	char ifname[100];
+ 	struct wpas_ubus_bss ubus;
+	struct wpas_ucode_bss ucode;
+ #ifdef CONFIG_MATCH_IFACE
+ 	int matched;
+ #endif /* CONFIG_MATCH_IFACE */
+--- a/hostapd/ctrl_iface.c
+++ b/hostapd/ctrl_iface.c
+@@ -4856,6 +4856,7 @@ try_again:
+ 		return -1;
+ 	}
+ 
+	interface->ctrl_iface_recv = hostapd_ctrl_iface_receive_process;
+ 	wpa_msg_register_cb(hostapd_ctrl_iface_msg_cb);
+ 
+ 	return 0;
+@@ -4957,6 +4958,7 @@ fail:
+ 	os_free(fname);
+ 
+ 	interface->global_ctrl_sock = s;
+	interface->ctrl_iface_recv = hostapd_ctrl_iface_receive_process;
+ 	eloop_register_read_sock(s, hostapd_global_ctrl_iface_receive,
+ 				 interface, NULL);
+ 
+--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
+@@ -3787,6 +3787,25 @@ struct wpa_driver_ops {
+ 			 const char *ifname);
+ 
+ 	/**
+	 * if_rename - Rename a virtual interface
+	 * @priv: Private driver interface data
+	 * @type: Interface type
+	 * @ifname: Interface name of the virtual interface to be renamed
+	 *	    (NULL when renaming the AP BSS interface)
+	 * @new_name: New interface name of the virtual interface
+	 * Returns: 0 on success, -1 on failure
+	 */
+	int (*if_rename)(void *priv, enum wpa_driver_if_type type,
+			 const char *ifname, const char *new_name);
+
+	/**
+	 * set_first_bss - Make a virtual interface the first (primary) bss
+	 * @priv: Private driver interface data
+	 * Returns: 0 on success, -1 on failure
+	 */
+	int (*set_first_bss)(void *priv);
+
+	/**
+ 	 * set_sta_vlan - Bind a station into a specific interface (AP only)
+ 	 * @priv: Private driver interface data
+ 	 * @ifname: Interface (main or virtual BSS or VLAN)
+@@ -6440,6 +6459,7 @@ union wpa_event_data {
+ 
+ 	/**
+ 	 * struct ch_switch
+	 * @count: Count until channel switch activates
+ 	 * @freq: Frequency of new channel in MHz
+ 	 * @ht_enabled: Whether this is an HT channel
+ 	 * @ch_offset: Secondary channel offset
+@@ -6450,6 +6470,7 @@ union wpa_event_data {
+ 	 * @punct_bitmap: Puncturing bitmap
+ 	 */
+ 	struct ch_switch {
+		int count;
+ 		int freq;
+ 		int ht_enabled;
+ 		int ch_offset;
+--- a/src/drivers/driver_nl80211_event.c
+++ b/src/drivers/driver_nl80211_event.c
+@@ -1202,6 +1202,7 @@ static void mlme_event_ch_switch(struct
+ 				 struct nlattr *bw, struct nlattr *cf1,
+ 				 struct nlattr *cf2,
+ 				 struct nlattr *punct_bitmap,
+				 struct nlattr *count,
+ 				 int finished)
+ {
+ 	struct i802_bss *bss;
+@@ -1265,6 +1266,8 @@ static void mlme_event_ch_switch(struct
+ 		data.ch_switch.cf1 = nla_get_u32(cf1);
+ 	if (cf2)
+ 		data.ch_switch.cf2 = nla_get_u32(cf2);
+	if (count)
+		data.ch_switch.count = nla_get_u32(count);
+ 
+ 	if (finished)
+ 		bss->flink->freq = data.ch_switch.freq;
+@@ -3912,6 +3915,7 @@ static void do_process_drv_event(struct
+ 				     tb[NL80211_ATTR_CENTER_FREQ1],
+ 				     tb[NL80211_ATTR_CENTER_FREQ2],
+ 				     tb[NL80211_ATTR_PUNCT_BITMAP],
+				     tb[NL80211_ATTR_CH_SWITCH_COUNT],
+ 				     0);
+ 		break;
+ 	case NL80211_CMD_CH_SWITCH_NOTIFY:
+@@ -3924,6 +3928,7 @@ static void do_process_drv_event(struct
+ 				     tb[NL80211_ATTR_CENTER_FREQ1],
+ 				     tb[NL80211_ATTR_CENTER_FREQ2],
+ 				     tb[NL80211_ATTR_PUNCT_BITMAP],
+					 NULL,
+ 				     1);
+ 		break;
+ 	case NL80211_CMD_DISCONNECT:
+--- a/wpa_supplicant/events.c
+++ b/wpa_supplicant/events.c
+@@ -5389,6 +5389,7 @@ void supplicant_event(void *ctx, enum wp
+ 		event_to_string(event), event);
+ #endif /* CONFIG_NO_STDOUT_DEBUG */
+ 
+	wpas_ucode_event(wpa_s, event, data);
+ 	switch (event) {
+ 	case EVENT_AUTH:
+ #ifdef CONFIG_FST
+--- a/src/ap/ap_drv_ops.h
+++ b/src/ap/ap_drv_ops.h
+@@ -393,6 +393,23 @@ static inline int hostapd_drv_stop_ap(st
+ 	return hapd->driver->stop_ap(hapd->drv_priv);
+ }
+ 
+static inline int hostapd_drv_if_rename(struct hostapd_data *hapd,
+					enum wpa_driver_if_type type,
+					const char *ifname,
+					const char *new_name)
+{
+	if (!hapd->driver || !hapd->driver->if_rename || !hapd->drv_priv)
+		return -1;
+	return hapd->driver->if_rename(hapd->drv_priv, type, ifname, new_name);
+}
+
+static inline int hostapd_drv_set_first_bss(struct hostapd_data *hapd)
+{
+	if (!hapd->driver || !hapd->driver->set_first_bss || !hapd->drv_priv)
+		return 0;
+	return hapd->driver->set_first_bss(hapd->drv_priv);
+}
+
+ static inline int hostapd_drv_channel_info(struct hostapd_data *hapd,
+ 					   struct wpa_channel_info *ci)
+ {
+--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
+@@ -1333,7 +1333,7 @@ static void wpa_driver_nl80211_event_rtm
+ 		}
+ 		wpa_printf(MSG_DEBUG, "nl80211: Interface down (%s/%s)",
+ 			   namebuf, ifname);
+-		if (os_strcmp(drv->first_bss->ifname, ifname) != 0) {
+		if (drv->first_bss->ifindex != ifi->ifi_index) {
+ 			wpa_printf(MSG_DEBUG,
+ 				   "nl80211: Not the main interface (%s) - do not indicate interface down",
+ 				   drv->first_bss->ifname);
+@@ -1369,7 +1369,7 @@ static void wpa_driver_nl80211_event_rtm
+ 		}
+ 		wpa_printf(MSG_DEBUG, "nl80211: Interface up (%s/%s)",
+ 			   namebuf, ifname);
+-		if (os_strcmp(drv->first_bss->ifname, ifname) != 0) {
+		if (drv->first_bss->ifindex != ifi->ifi_index) {
+ 			wpa_printf(MSG_DEBUG,
+ 				   "nl80211: Not the main interface (%s) - do not indicate interface up",
+ 				   drv->first_bss->ifname);
+@@ -8432,6 +8432,7 @@ static void *i802_init(struct hostapd_da
+ 	char master_ifname[IFNAMSIZ];
+ 	int ifindex, br_ifindex = 0;
+ 	int br_added = 0;
+	int err;
+ 
+ 	bss = wpa_driver_nl80211_drv_init(hapd, params->ifname,
+ 					  params->global_priv, 1,
+@@ -8491,21 +8492,17 @@ static void *i802_init(struct hostapd_da
+ 	    (params->num_bridge == 0 || !params->bridge[0]))
+ 		add_ifidx(drv, br_ifindex, drv->ifindex);
+ 
+-	if (bss->added_if_into_bridge || bss->already_in_bridge) {
+-		int err;
+-
+-		drv->rtnl_sk = nl_socket_alloc();
+-		if (drv->rtnl_sk == NULL) {
+-			wpa_printf(MSG_ERROR, "nl80211: Failed to allocate nl_sock");
+-			goto failed;
+-		}
+	drv->rtnl_sk = nl_socket_alloc();
+	if (drv->rtnl_sk == NULL) {
+		wpa_printf(MSG_ERROR, "nl80211: Failed to allocate nl_sock");
+		goto failed;
+	}
+ 
+-		err = nl_connect(drv->rtnl_sk, NETLINK_ROUTE);
+-		if (err) {
+-			wpa_printf(MSG_ERROR, "nl80211: Failed to connect nl_sock to NETLINK_ROUTE: %s",
+-				   nl_geterror(err));
+-			goto failed;
+-		}
+	err = nl_connect(drv->rtnl_sk, NETLINK_ROUTE);
+	if (err) {
+		wpa_printf(MSG_ERROR, "nl80211: Failed to connect nl_sock to NETLINK_ROUTE: %s",
+			   nl_geterror(err));
+		goto failed;
+ 	}
+ 
+ 	if (drv->capa.flags2 & WPA_DRIVER_FLAGS2_CONTROL_PORT_RX) {
+@@ -8875,6 +8872,50 @@ static int wpa_driver_nl80211_if_remove(
+ 	return 0;
+ }
+ 
+static int wpa_driver_nl80211_if_rename(struct i802_bss *bss,
+					enum wpa_driver_if_type type,
+					const char *ifname, const char *new_name)
+{
+	struct wpa_driver_nl80211_data *drv = bss->drv;
+	struct ifinfomsg ifi = {
+		.ifi_family = AF_UNSPEC,
+		.ifi_index = bss->ifindex,
+	};
+	struct nl_msg *msg;
+	int res = -ENOMEM;
+
+	if (ifname)
+		ifi.ifi_index = if_nametoindex(ifname);
+
+	msg = nlmsg_alloc_simple(RTM_SETLINK, 0);
+	if (!msg)
+		return res;
+
+	if (nlmsg_append(msg, &ifi, sizeof(ifi), NLMSG_ALIGNTO) < 0)
+		goto out;
+
+	if (nla_put_string(msg, IFLA_IFNAME, new_name))
+		goto out;
+
+	res = nl_send_auto_complete(drv->rtnl_sk, msg);
+	if (res < 0)
+		goto out;
+
+	res = nl_wait_for_ack(drv->rtnl_sk);
+	if (res) {
+		wpa_printf(MSG_INFO,
+			   "nl80211: Renaming device %s to %s failed: %s",
+			   ifname ? ifname : bss->ifname, new_name, nl_geterror(res));
+		goto out;
+	}
+
+	if (type == WPA_IF_AP_BSS && !ifname)
+		os_strlcpy(bss->ifname, new_name, sizeof(bss->ifname));
+
+out:
+	nlmsg_free(msg);
+	return res;
+}
+ 
+ static int cookie_handler(struct nl_msg *msg, void *arg)
+ {
+@@ -10513,6 +10554,37 @@ static int driver_nl80211_if_remove(void
+ }
+ 
+ 
+static int driver_nl80211_if_rename(void *priv, enum wpa_driver_if_type type,
+				    const char *ifname, const char *new_name)
+{
+	struct i802_bss *bss = priv;
+	return wpa_driver_nl80211_if_rename(bss, type, ifname, new_name);
+}
+
+
+static int driver_nl80211_set_first_bss(void *priv)
+{
+	struct i802_bss *bss = priv, *tbss;
+	struct wpa_driver_nl80211_data *drv = bss->drv;
+
+	if (drv->first_bss == bss)
+		return 0;
+
+	for (tbss = drv->first_bss; tbss; tbss = tbss->next) {
+		if (tbss->next != bss)
+			continue;
+
+		tbss->next = bss->next;
+		bss->next = drv->first_bss;
+		drv->first_bss = bss;
+		drv->ctx = bss->ctx;
+		return 0;
+	}
+
+	return -1;
+}
+
+
+ static int driver_nl80211_send_mlme(void *priv, const u8 *data,
+ 				    size_t data_len, int noack,
+ 				    unsigned int freq,
+@@ -13697,6 +13769,8 @@ const struct wpa_driver_ops wpa_driver_n
+ 	.set_acl = wpa_driver_nl80211_set_acl,
+ 	.if_add = wpa_driver_nl80211_if_add,
+ 	.if_remove = driver_nl80211_if_remove,
+	.if_rename = driver_nl80211_if_rename,
+	.set_first_bss = driver_nl80211_set_first_bss,
+ 	.send_mlme = driver_nl80211_send_mlme,
+ 	.get_hw_feature_data = nl80211_get_hw_feature_data,
+ 	.sta_add = wpa_driver_nl80211_sta_add,
+--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
+@@ -547,11 +547,16 @@ static const char * sae_get_password(str
+ 				     struct sae_pt **s_pt,
+ 				     const struct sae_pk **s_pk)
+ {
+	struct hostapd_bss_config *conf = hapd->conf;
+	struct hostapd_ssid *ssid = &conf->ssid;
+	struct hostapd_sta_wpa_psk_short *psk;
+ 	const char *password = NULL;
+-	struct sae_password_entry *pw;
+-	struct sae_pt *pt = NULL;
+-	const struct sae_pk *pk = NULL;
+-	struct hostapd_sta_wpa_psk_short *psk = NULL;
+	struct sae_password_entry *pw = NULL;
+ 	struct sae_pt *pt = NULL;
+ 	const struct sae_pk *pk = NULL;
+ 
+	if (sta && sta->use_sta_psk)
+		goto use_sta_psk;
+ 
+ 	for (pw = hapd->conf->sae_passwords; pw; pw = pw->next) {
+ 		if (!is_broadcast_ether_addr(pw->peer_addr) &&
+@@ -582,6 +587,31 @@ static const char * sae_get_password(str
+ 		}
+ 	}
+ 
+use_sta_psk:
+	if (!password && sta) {
+		for (psk = sta->psk; psk; psk = psk->next) {
+			if (!psk->is_passphrase)
+				continue;
+
+			password = psk->passphrase;
+			if (!sta->use_sta_psk)
+				break;
+
+			if (sta->sae_pt) {
+				pt = sta->sae_pt;
+				break;
+			}
+
+			pt = sae_derive_pt(conf->sae_groups, ssid->ssid,
+					   ssid->ssid_len,
+					   (const u8 *) password,
+					   os_strlen(password),
+					   NULL);
+			sta->sae_pt = pt;
+			break;
+		}
+	}
+
+ 	if (pw_entry)
+ 		*pw_entry = pw;
+ 	if (s_pt)
+@@ -3105,6 +3135,12 @@ static void handle_auth(struct hostapd_d
+ 		goto fail;
+ 	}
+ 
+	res = hostapd_ucode_sta_auth(hapd, sta);
+	if (res) {
+		resp = res;
+		goto fail;
+	}
+
+ 	sta->flags &= ~WLAN_STA_PREAUTH;
+ 	ieee802_1x_notify_pre_auth(sta->eapol_sm, 0);
+ 
+--- a/src/ap/sta_info.c
+++ b/src/ap/sta_info.c
+@@ -425,6 +425,9 @@ void ap_free_sta(struct hostapd_data *ha
+ 	forced_memzero(sta->last_tk, WPA_TK_MAX_LEN);
+ #endif /* CONFIG_TESTING_OPTIONS */
+ 
+	if (sta->sae_pt)
+		sae_deinit_pt(sta->sae_pt);
+
+ 	os_free(sta);
+ }
+ 
+@@ -1326,6 +1329,8 @@ void ap_sta_set_authorized(struct hostap
+ 		sta->flags &= ~WLAN_STA_AUTHORIZED;
+ 	}
+ 
+	if (authorized)
+		hostapd_ucode_sta_connected(hapd, sta);
+ #ifdef CONFIG_P2P
+ 	if (hapd->p2p_group == NULL) {
+ 		if (sta->p2p_ie != NULL &&
+--- a/src/ap/sta_info.h
+++ b/src/ap/sta_info.h
+@@ -198,6 +198,9 @@ struct sta_info {
+ 	int vlan_id_bound; /* updated by ap_sta_bind_vlan() */
+ 	 /* PSKs from RADIUS authentication server */
+ 	struct hostapd_sta_wpa_psk_short *psk;
+	struct sae_pt *sae_pt;
+	int use_sta_psk;
+	int psk_idx;
+ 
+ 	char *identity; /* User-Name from RADIUS */
+ 	char *radius_cui; /* Chargeable-User-Identity from RADIUS */
+--- a/src/ap/wpa_auth_glue.c
+++ b/src/ap/wpa_auth_glue.c
+@@ -341,6 +341,7 @@ static const u8 * hostapd_wpa_auth_get_p
+ 	struct sta_info *sta = ap_get_sta(hapd, addr);
+ 	const u8 *psk;
+ 
+	sta->psk_idx = 0;
+ 	if (vlan_id)
+ 		*vlan_id = 0;
+ 	if (psk_len)
+@@ -387,13 +388,18 @@ static const u8 * hostapd_wpa_auth_get_p
+ 	 * returned psk which should not be returned again.
+ 	 * logic list (all hostapd_get_psk; all sta->psk)
+ 	 */
+	if (sta && sta->use_sta_psk)
+		psk = NULL;
+ 	if (sta && sta->psk && !psk) {
+ 		struct hostapd_sta_wpa_psk_short *pos;
+		int psk_idx;
+ 
+ 		if (vlan_id)
+ 			*vlan_id = 0;
+ 		psk = sta->psk->psk;
+		sta->psk_idx = psk_idx = 1;
+ 		for (pos = sta->psk; pos; pos = pos->next) {
+			psk_idx++;
+ 			if (pos->is_passphrase) {
+ 				if (pbkdf2_sha1(pos->passphrase,
+ 						hapd->conf->ssid.ssid,
+@@ -406,10 +412,14 @@ static const u8 * hostapd_wpa_auth_get_p
+ 				pos->is_passphrase = 0;
+ 			}
+ 			if (pos->psk == prev_psk) {
+				sta->psk_idx = psk_idx;
+ 				psk = pos->next ? pos->next->psk : NULL;
+ 				break;
+ 			}
+ 		}
+
+		if (!psk)
+			sta->psk_idx = 0;
+ 	}
+ 	return psk;
+ }
--- a/feeds/hostapd/hostapd/patches/610-hostapd_cli_ujail_permission.patch
+++ b/feeds/hostapd/hostapd/patches/610-hostapd_cli_ujail_permission.patch
@@ -0,0 +1,33 @@
+--- a/src/common/wpa_ctrl.c
+++ b/src/common/wpa_ctrl.c
+@@ -135,7 +135,7 @@ try_again:
+ 		return NULL;
+ 	}
+ 	tries++;
+-#ifdef ANDROID
+
+ 	/* Set client socket file permissions so that bind() creates the client
+ 	 * socket with these permissions and there is no need to try to change
+ 	 * them with chmod() after bind() which would have potential issues with
+@@ -147,7 +147,7 @@ try_again:
+ 	 * operations to allow the response to go through. Those are using the
+ 	 * no-deference-symlinks version to avoid races. */
+ 	fchmod(ctrl->s, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP);
+-#endif /* ANDROID */
+
+ 	if (bind(ctrl->s, (struct sockaddr *) &ctrl->local,
+ 		    sizeof(ctrl->local)) < 0) {
+ 		if (errno == EADDRINUSE && tries < 2) {
+@@ -165,7 +165,11 @@ try_again:
+ 		return NULL;
+ 	}
+ 
+-#ifdef ANDROID
+#ifndef ANDROID
+	/* Set group even if we do not have privileges to change owner */
+	lchown(ctrl->local.sun_path, -1, 101);
+	lchown(ctrl->local.sun_path, 101, 101);
+#else
+ 	/* Set group even if we do not have privileges to change owner */
+ 	lchown(ctrl->local.sun_path, -1, AID_WIFI);
+ 	lchown(ctrl->local.sun_path, AID_SYSTEM, AID_WIFI);
--- a/feeds/hostapd/hostapd/patches/701-reload_config_inline.patch
+++ b/feeds/hostapd/hostapd/patches/701-reload_config_inline.patch
@@ -0,0 +1,33 @@
+--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
+@@ -4816,7 +4816,12 @@ struct hostapd_config * hostapd_config_r
+ 	int errors = 0;
+ 	size_t i;
+ 
+-	f = fopen(fname, "r");
+	if (!strncmp(fname, "data:", 5)) {
+		f = fmemopen((void *)(fname + 5), strlen(fname + 5), "r");
+		fname = "<inline>";
+	} else {
+		f = fopen(fname, "r");
+	}
+ 	if (f == NULL) {
+ 		wpa_printf(MSG_ERROR, "Could not open configuration file '%s' "
+ 			   "for reading.", fname);
+--- a/wpa_supplicant/config_file.c
+++ b/wpa_supplicant/config_file.c
+@@ -326,8 +326,13 @@ struct wpa_config * wpa_config_read(cons
+ 	while (cred_tail && cred_tail->next)
+ 		cred_tail = cred_tail->next;
+ 
+	if (!strncmp(name, "data:", 5)) {
+		f = fmemopen((void *)(name + 5), strlen(name + 5), "r");
+		name = "<inline>";
+	} else {
+		f = fopen(name, "r");
+	}
+ 	wpa_printf(MSG_DEBUG, "Reading configuration file '%s'", name);
+-	f = fopen(name, "r");
+ 	if (f == NULL) {
+ 		wpa_printf(MSG_ERROR, "Failed to open config file '%s', "
+ 			   "error: %s", name, strerror(errno));
--- a/feeds/hostapd/hostapd/patches/710-vlan_no_bridge.patch
+++ b/feeds/hostapd/hostapd/patches/710-vlan_no_bridge.patch
@@ -1,6 +1,6 @@
 --- a/src/ap/ap_config.h
 +++ b/src/ap/ap_config.h
-@@ -115,6 +115,7 @@ struct hostapd_ssid {
+@@ -121,6 +121,7 @@ struct hostapd_ssid {
 #define DYNAMIC_VLAN_OPTIONAL 1
 #define DYNAMIC_VLAN_REQUIRED 2
 	int dynamic_vlan;
@@ -30,7 +30,7 @@
 
 --- a/hostapd/config_file.c
 +++ b/hostapd/config_file.c
-@@ -3342,6 +3342,8 @@ static int hostapd_config_fill(struct ho
+@@ -3351,6 +3351,8 @@ static int hostapd_config_fill(struct ho
 #ifndef CONFIG_NO_VLAN
 	} else if (os_strcmp(buf, "dynamic_vlan") == 0) {
 		bss->ssid.dynamic_vlan = atoi(pos);
--- a/feeds/hostapd/hostapd/patches/711-wds_bridge_force.patch
+++ b/feeds/hostapd/hostapd/patches/711-wds_bridge_force.patch
@@ -0,0 +1,22 @@
+--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
+@@ -2318,6 +2318,8 @@ static int hostapd_config_fill(struct ho
+ 			   sizeof(conf->bss[0]->iface));
+ 	} else if (os_strcmp(buf, "bridge") == 0) {
+ 		os_strlcpy(bss->bridge, pos, sizeof(bss->bridge));
+		if (!bss->wds_bridge[0])
+			os_strlcpy(bss->wds_bridge, pos, sizeof(bss->wds_bridge));
+ 	} else if (os_strcmp(buf, "bridge_hairpin") == 0) {
+ 		bss->bridge_hairpin = atoi(pos);
+ 	} else if (os_strcmp(buf, "vlan_bridge") == 0) {
+--- a/src/ap/ap_drv_ops.c
+++ b/src/ap/ap_drv_ops.c
+@@ -348,8 +348,6 @@ int hostapd_set_wds_sta(struct hostapd_d
+ 		return -1;
+ 	if (hapd->conf->wds_bridge[0])
+ 		bridge = hapd->conf->wds_bridge;
+-	else if (hapd->conf->bridge[0])
+-		bridge = hapd->conf->bridge;
+ 	return hapd->driver->set_wds_sta(hapd->drv_priv, addr, aid, val,
+ 					 bridge, ifname_wds);
+ }
--- a/feeds/hostapd/hostapd/patches/720-iface_max_num_sta.patch
+++ b/feeds/hostapd/hostapd/patches/720-iface_max_num_sta.patch
@@ -1,6 +1,6 @@
 --- a/hostapd/config_file.c
 +++ b/hostapd/config_file.c
-@@ -2853,6 +2853,14 @@ static int hostapd_config_fill(struct ho
+@@ -2848,6 +2848,14 @@ static int hostapd_config_fill(struct ho
 				   line, bss->max_num_sta, MAX_STA_COUNT);
 			return 1;
 		}
@@ -17,20 +17,20 @@
 	} else if (os_strcmp(buf, "extended_key_id") == 0) {
 --- a/src/ap/hostapd.h
 +++ b/src/ap/hostapd.h
-@@ -672,6 +672,7 @@ void hostapd_cleanup_cs_params(struct ho
+@@ -742,6 +742,7 @@ void hostapd_cleanup_cs_params(struct ho
 void hostapd_periodic_iface(struct hostapd_iface *iface);
 int hostapd_owe_trans_get_info(struct hostapd_data *hapd);
 void hostapd_ocv_check_csa_sa_query(void *eloop_ctx, void *timeout_ctx);
 +int hostapd_check_max_sta(struct hostapd_data *hapd);
 
- /* utils.c */
- int hostapd_register_probereq_cb(struct hostapd_data *hapd,
+ void hostapd_switch_color(struct hostapd_data *hapd, u64 bitmap);
+ void hostapd_cleanup_cca_params(struct hostapd_data *hapd);
 --- a/src/ap/hostapd.c
 +++ b/src/ap/hostapd.c
-@@ -209,6 +209,30 @@ static int hostapd_iface_conf_changed(st
+@@ -244,6 +244,29 @@ static int hostapd_iface_conf_changed(st
+ 	return 0;
 }
 
- 
 +static inline int hostapd_iface_num_sta(struct hostapd_iface *iface)
 +{
 +	int num_sta = 0;
@@ -54,13 +54,12 @@
 +
 +	return 0;
 +}
-+
+ 
 int hostapd_reload_config(struct hostapd_iface *iface)
 {
- 	struct hapd_interfaces *interfaces = iface->interfaces;
 --- a/src/ap/beacon.c
 +++ b/src/ap/beacon.c
-@@ -1039,7 +1039,7 @@ void handle_probe_req(struct hostapd_dat
+@@ -1252,7 +1252,7 @@ void handle_probe_req(struct hostapd_dat
 	if (hapd->conf->no_probe_resp_if_max_sta &&
 	    is_multicast_ether_addr(mgmt->da) &&
 	    is_multicast_ether_addr(mgmt->bssid) &&
@@ -71,7 +70,7 @@
 			   " since no room for additional STA",
 --- a/src/ap/ap_config.h
 +++ b/src/ap/ap_config.h
-@@ -959,6 +959,8 @@ struct hostapd_config {
+@@ -1039,6 +1039,8 @@ struct hostapd_config {
 	unsigned int track_sta_max_num;
 	unsigned int track_sta_max_age;
 
--- a/feeds/hostapd/hostapd/patches/730-ft_iface.patch
+++ b/feeds/hostapd/hostapd/patches/730-ft_iface.patch
@@ -1,6 +1,6 @@
 --- a/hostapd/config_file.c
 +++ b/hostapd/config_file.c
-@@ -3011,6 +3011,8 @@ static int hostapd_config_fill(struct ho
+@@ -3007,6 +3007,8 @@ static int hostapd_config_fill(struct ho
 		wpa_printf(MSG_INFO,
 			   "Line %d: Obsolete peerkey parameter ignored", line);
 #ifdef CONFIG_IEEE80211R_AP
@@ -11,17 +11,17 @@
 		    hexstr2bin(pos, bss->mobility_domain,
 --- a/src/ap/ap_config.h
 +++ b/src/ap/ap_config.h
-@@ -275,6 +275,7 @@ struct airtime_sta_weight {
+@@ -283,6 +283,7 @@ struct airtime_sta_weight {
 struct hostapd_bss_config {
 	char iface[IFNAMSIZ + 1];
 	char bridge[IFNAMSIZ + 1];
 +	char ft_iface[IFNAMSIZ + 1];
 	char vlan_bridge[IFNAMSIZ + 1];
 	char wds_bridge[IFNAMSIZ + 1];
- 
+ 	int bridge_hairpin; /* hairpin_mode on bridge members */
 --- a/src/ap/wpa_auth_glue.c
 +++ b/src/ap/wpa_auth_glue.c
-@@ -1565,8 +1565,12 @@ int hostapd_setup_wpa(struct hostapd_dat
+@@ -1727,8 +1727,12 @@ int hostapd_setup_wpa(struct hostapd_dat
 	    wpa_key_mgmt_ft(hapd->conf->wpa_key_mgmt)) {
 		const char *ft_iface;
 
--- a/feeds/hostapd/hostapd/patches/740-snoop_iface.patch
+++ b/feeds/hostapd/hostapd/patches/740-snoop_iface.patch
@@ -1,18 +1,18 @@
 --- a/src/ap/ap_config.h
 +++ b/src/ap/ap_config.h
-@@ -276,6 +276,7 @@ struct hostapd_bss_config {
+@@ -284,6 +284,7 @@ struct hostapd_bss_config {
 	char iface[IFNAMSIZ + 1];
 	char bridge[IFNAMSIZ + 1];
 	char ft_iface[IFNAMSIZ + 1];
 +	char snoop_iface[IFNAMSIZ + 1];
 	char vlan_bridge[IFNAMSIZ + 1];
 	char wds_bridge[IFNAMSIZ + 1];
- 
+ 	int bridge_hairpin; /* hairpin_mode on bridge members */
 --- a/src/ap/x_snoop.c
 +++ b/src/ap/x_snoop.c
-@@ -31,28 +31,31 @@ int x_snoop_init(struct hostapd_data *ha
- 		return -1;
- 	}
+@@ -33,28 +33,31 @@ int x_snoop_init(struct hostapd_data *ha
+ 
+ 	hapd->x_snoop_initialized = true;
 
 -	if (hostapd_drv_br_port_set_attr(hapd, DRV_BR_PORT_ATTR_HAIRPIN_MODE,
 +	if (!conf->snoop_iface[0] &&
@@ -46,7 +46,7 @@
 		wpa_printf(MSG_DEBUG,
 			   "x_snoop: Failed to enable multicast snooping on the bridge");
 		return -1;
-@@ -71,8 +74,12 @@ x_snoop_get_l2_packet(struct hostapd_dat
+@@ -73,8 +76,12 @@ x_snoop_get_l2_packet(struct hostapd_dat
 {
 	struct hostapd_bss_config *conf = hapd->conf;
 	struct l2_packet_data *l2;
@@ -60,24 +60,26 @@
 	if (l2 == NULL) {
 		wpa_printf(MSG_DEBUG,
 			   "x_snoop: Failed to initialize L2 packet processing %s",
-@@ -125,7 +132,10 @@ void x_snoop_mcast_to_ucast_convert_send
+@@ -127,9 +134,12 @@ void x_snoop_mcast_to_ucast_convert_send
 
 void x_snoop_deinit(struct hostapd_data *hapd)
 {
-	hostapd_drv_br_set_net_param(hapd, DRV_BR_NET_PARAM_GARP_ACCEPT, 0);
 +	struct hostapd_bss_config *conf = hapd->conf;
 +
+ 	if (!hapd->x_snoop_initialized)
+ 		return;
+-	hostapd_drv_br_set_net_param(hapd, DRV_BR_NET_PARAM_GARP_ACCEPT, 0);
 +	hostapd_drv_br_set_net_param(hapd, DRV_BR_NET_PARAM_GARP_ACCEPT,
 +				     conf->snoop_iface[0] ? conf->snoop_iface : NULL, 0);
 	hostapd_drv_br_port_set_attr(hapd, DRV_BR_PORT_ATTR_PROXYARP, 0);
 	hostapd_drv_br_port_set_attr(hapd, DRV_BR_PORT_ATTR_HAIRPIN_MODE, 0);
- }
+ 	hapd->x_snoop_initialized = false;
 --- a/hostapd/config_file.c
 +++ b/hostapd/config_file.c
-@@ -2343,6 +2343,8 @@ static int hostapd_config_fill(struct ho
- 		os_strlcpy(bss->bridge, pos, sizeof(bss->bridge));
- 		if (!bss->wds_bridge[0])
+@@ -2322,6 +2322,8 @@ static int hostapd_config_fill(struct ho
 			os_strlcpy(bss->wds_bridge, pos, sizeof(bss->wds_bridge));
+ 	} else if (os_strcmp(buf, "bridge_hairpin") == 0) {
+ 		bss->bridge_hairpin = atoi(pos);
 +	} else if (os_strcmp(buf, "snoop_iface") == 0) {
 +		os_strlcpy(bss->snoop_iface, pos, sizeof(bss->snoop_iface));
 	} else if (os_strcmp(buf, "vlan_bridge") == 0) {
@@ -85,7 +87,7 @@
 	} else if (os_strcmp(buf, "wds_bridge") == 0) {
 --- a/src/ap/ap_drv_ops.h
 +++ b/src/ap/ap_drv_ops.h
-@@ -340,12 +340,12 @@ static inline int hostapd_drv_br_port_se
+@@ -366,12 +366,12 @@ static inline int hostapd_drv_br_port_se
 
 static inline int hostapd_drv_br_set_net_param(struct hostapd_data *hapd,
 					       enum drv_br_net_param param,
@@ -102,7 +104,7 @@
 static inline int hostapd_drv_vendor_cmd(struct hostapd_data *hapd,
 --- a/src/drivers/driver.h
 +++ b/src/drivers/driver.h
-@@ -3756,7 +3756,7 @@ struct wpa_driver_ops {
+@@ -4209,7 +4209,7 @@ struct wpa_driver_ops {
 	 * Returns: 0 on success, negative (<0) on failure
 	 */
 	int (*br_set_net_param)(void *priv, enum drv_br_net_param param,
@@ -113,7 +115,7 @@
 	 * get_wowlan - Get wake-on-wireless status
 --- a/src/drivers/driver_nl80211.c
 +++ b/src/drivers/driver_nl80211.c
-@@ -10825,7 +10825,7 @@ static const char * drv_br_net_param_str
+@@ -12168,7 +12168,7 @@ static const char * drv_br_net_param_str
 
 
 static int wpa_driver_br_set_net_param(void *priv, enum drv_br_net_param param,
@@ -122,7 +124,7 @@
 {
 	struct i802_bss *bss = priv;
 	char path[128];
-@@ -10851,8 +10851,11 @@ static int wpa_driver_br_set_net_param(v
+@@ -12194,8 +12194,11 @@ static int wpa_driver_br_set_net_param(v
 			return -EINVAL;
 	}
 
--- a/feeds/hostapd/hostapd/patches/750-qos_map_set_without_interworking.patch
+++ b/feeds/hostapd/hostapd/patches/750-qos_map_set_without_interworking.patch
@@ -0,0 +1,97 @@
+--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
+@@ -1604,6 +1604,8 @@ static int parse_anqp_elem(struct hostap
+ 	return 0;
+ }
+ 
+#endif /* CONFIG_INTERWORKING */
+
+ 
+ static int parse_qos_map_set(struct hostapd_bss_config *bss,
+ 			     char *buf, int line)
+@@ -1645,8 +1647,6 @@ static int parse_qos_map_set(struct host
+ 	return 0;
+ }
+ 
+-#endif /* CONFIG_INTERWORKING */
+-
+ 
+ #ifdef CONFIG_HS20
+ static int hs20_parse_conn_capab(struct hostapd_bss_config *bss, char *buf,
+@@ -4062,10 +4062,10 @@ static int hostapd_config_fill(struct ho
+ 		bss->gas_frag_limit = val;
+ 	} else if (os_strcmp(buf, "gas_comeback_delay") == 0) {
+ 		bss->gas_comeback_delay = atoi(pos);
+#endif /* CONFIG_INTERWORKING */
+ 	} else if (os_strcmp(buf, "qos_map_set") == 0) {
+ 		if (parse_qos_map_set(bss, pos, line) < 0)
+ 			return 1;
+-#endif /* CONFIG_INTERWORKING */
+ #ifdef CONFIG_RADIUS_TEST
+ 	} else if (os_strcmp(buf, "dump_msk_file") == 0) {
+ 		os_free(bss->dump_msk_file);
+--- a/src/ap/hostapd.c
+++ b/src/ap/hostapd.c
+@@ -1486,6 +1486,7 @@ int hostapd_setup_bss(struct hostapd_dat
+ 		wpa_printf(MSG_ERROR, "GAS server initialization failed");
+ 		return -1;
+ 	}
+#endif /* CONFIG_INTERWORKING */
+ 
+ 	if (conf->qos_map_set_len &&
+ 	    hostapd_drv_set_qos_map(hapd, conf->qos_map_set,
+@@ -1493,7 +1494,6 @@ int hostapd_setup_bss(struct hostapd_dat
+ 		wpa_printf(MSG_ERROR, "Failed to initialize QoS Map");
+ 		return -1;
+ 	}
+-#endif /* CONFIG_INTERWORKING */
+ 
+ 	if (conf->bss_load_update_period && bss_load_update_init(hapd)) {
+ 		wpa_printf(MSG_ERROR, "BSS Load initialization failed");
+--- a/wpa_supplicant/events.c
+++ b/wpa_supplicant/events.c
+@@ -2683,8 +2683,6 @@ void wnm_bss_keep_alive_deinit(struct wp
+ }
+ 
+ 
+-#ifdef CONFIG_INTERWORKING
+-
+ static int wpas_qos_map_set(struct wpa_supplicant *wpa_s, const u8 *qos_map,
+ 			    size_t len)
+ {
+@@ -2717,8 +2715,6 @@ static void interworking_process_assoc_r
+ 	}
+ }
+ 
+-#endif /* CONFIG_INTERWORKING */
+-
+ 
+ static void wpa_supplicant_set_4addr_mode(struct wpa_supplicant *wpa_s)
+ {
+@@ -3098,10 +3094,8 @@ static int wpa_supplicant_event_associnf
+ 		wnm_process_assoc_resp(wpa_s, data->assoc_info.resp_ies,
+ 				       data->assoc_info.resp_ies_len);
+ #endif /* CONFIG_WNM */
+-#ifdef CONFIG_INTERWORKING
+ 		interworking_process_assoc_resp(wpa_s, data->assoc_info.resp_ies,
+ 						data->assoc_info.resp_ies_len);
+-#endif /* CONFIG_INTERWORKING */
+ 		if (wpa_s->hw_capab == CAPAB_VHT &&
+ 		    get_ie(data->assoc_info.resp_ies,
+ 			   data->assoc_info.resp_ies_len, WLAN_EID_VHT_CAP))
+--- a/src/ap/ieee802_11_shared.c
+++ b/src/ap/ieee802_11_shared.c
+@@ -1116,13 +1116,11 @@ u8 * hostapd_eid_rsnxe(struct hostapd_da
+ u16 check_ext_capab(struct hostapd_data *hapd, struct sta_info *sta,
+ 		    const u8 *ext_capab_ie, size_t ext_capab_ie_len)
+ {
+-#ifdef CONFIG_INTERWORKING
+ 	/* check for QoS Map support */
+ 	if (ext_capab_ie_len >= 5) {
+ 		if (ext_capab_ie[4] & 0x01)
+ 			sta->qos_map_enabled = 1;
+ 	}
+-#endif /* CONFIG_INTERWORKING */
+ 
+ 	if (ext_capab_ie_len > 0) {
+ 		sta->ecsa_supported = !!(ext_capab_ie[0] & BIT(2));
--- a/feeds/hostapd/hostapd/patches/750-wispr.patch
+++ b/feeds/hostapd/hostapd/patches/750-wispr.patch
@@ -0,0 +1,113 @@
+Index: hostapd-2021-02-20-59e9794c/src/ap/ieee802_1x.c
+===================================================================
+--- hostapd-2021-02-20-59e9794c.orig/src/ap/ieee802_1x.c
+++ hostapd-2021-02-20-59e9794c/src/ap/ieee802_1x.c
+@@ -1904,6 +1904,25 @@ static int ieee802_1x_update_vlan(struct
+ }
+ #endif /* CONFIG_NO_VLAN */
+ 
+static int ieee802_1x_update_wispr(struct hostapd_data *hapd,
+				   struct sta_info *sta,
+				   struct radius_msg *msg)
+{
+	memset(sta->bandwidth, 0, sizeof(sta->bandwidth));
+
+	if (radius_msg_get_wispr(msg, &sta->bandwidth))
+		return 0;
+
+	if (!sta->bandwidth[0] && !sta->bandwidth[1])
+		return 0;
+
+	hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE8021X,
+		       HOSTAPD_LEVEL_INFO,
+		       "received wispr bandwidth from RADIUS server %d/%d",
+		       sta->bandwidth[0], sta->bandwidth[1]);
+
+	return 0;
+}
+ 
+ /**
+  * ieee802_1x_receive_auth - Process RADIUS frames from Authentication Server
+@@ -2029,6 +2048,7 @@ ieee802_1x_receive_auth(struct radius_ms
+ 		ieee802_1x_check_hs20(hapd, sta, msg,
+ 				      session_timeout_set ?
+ 				      (int) session_timeout : -1);
+		ieee802_1x_update_wispr(hapd, sta, msg);
+ 		break;
+ 	case RADIUS_CODE_ACCESS_REJECT:
+ 		sm->eap_if->aaaFail = true;
+Index: hostapd-2021-02-20-59e9794c/src/ap/sta_info.h
+===================================================================
+--- hostapd-2021-02-20-59e9794c.orig/src/ap/sta_info.h
+++ hostapd-2021-02-20-59e9794c/src/ap/sta_info.h
+@@ -117,6 +117,7 @@ struct sta_info {
+ 	u8 supported_rates[WLAN_SUPP_RATES_MAX];
+ 	int supported_rates_len;
+ 	u8 qosinfo; /* Valid when WLAN_STA_WMM is set */
+	u32 bandwidth[2];
+ 
+ #ifdef CONFIG_MESH
+ 	enum mesh_plink_state plink_state;
+Index: hostapd-2021-02-20-59e9794c/src/radius/radius.c
+===================================================================
+--- hostapd-2021-02-20-59e9794c.orig/src/radius/radius.c
+++ hostapd-2021-02-20-59e9794c/src/radius/radius.c
+@@ -1182,6 +1182,35 @@ radius_msg_get_cisco_keys(struct radius_
+ 	return keys;
+ }
+ 
+#define RADIUS_VENDOR_ID_WISPR	14122
+#define RADIUS_WISPR_AV_BW_UP	7
+#define RADIUS_WISPR_AV_BW_DOWN	8
+
+int
+radius_msg_get_wispr(struct radius_msg *msg, u32 *bandwidth)
+{
+	int i;
+
+	if (msg == NULL || bandwidth == NULL)
+		return 1;
+
+	for (i = 0; i < 2; i++) {
+		size_t keylen;
+		u8 *key;
+
+		key = radius_msg_get_vendor_attr(msg, RADIUS_VENDOR_ID_WISPR,
+						 RADIUS_WISPR_AV_BW_UP + i, &keylen);
+		if (!key)
+			continue;
+
+		if (keylen == 4)
+			bandwidth[i] = ntohl(*((u32 *)key));
+		os_free(key);
+	}
+
+	return 0;
+}
+
+ 
+ int radius_msg_add_mppe_keys(struct radius_msg *msg,
+ 			     const u8 *req_authenticator,
+Index: hostapd-2021-02-20-59e9794c/src/radius/radius.h
+===================================================================
+--- hostapd-2021-02-20-59e9794c.orig/src/radius/radius.h
+++ hostapd-2021-02-20-59e9794c/src/radius/radius.h
+@@ -205,6 +205,10 @@ enum {
+ 	RADIUS_VENDOR_ATTR_WFA_HS20_T_C_URL = 10,
+ };
+ 
+#define RADIUS_VENDOR_ID_WISPR	14122
+#define RADIUS_WISPR_AV_BW_UP	7
+#define RADIUS_WISPR_AV_BW_DOWN	8
+
+ #ifdef _MSC_VER
+ #pragma pack(pop)
+ #endif /* _MSC_VER */
+@@ -277,6 +281,7 @@ radius_msg_get_ms_keys(struct radius_msg
+ struct radius_ms_mppe_keys *
+ radius_msg_get_cisco_keys(struct radius_msg *msg, struct radius_msg *sent_msg,
+ 			  const u8 *secret, size_t secret_len);
+int radius_msg_get_wispr(struct radius_msg *msg, u32 *bandwidth);
+ int radius_msg_add_mppe_keys(struct radius_msg *msg,
+ 			     const u8 *req_authenticator,
+ 			     const u8 *secret, size_t secret_len,
--- a/feeds/hostapd/hostapd/patches/751-qos_map_ignore_when_unsupported.patch
+++ b/feeds/hostapd/hostapd/patches/751-qos_map_ignore_when_unsupported.patch
@@ -0,0 +1,12 @@
+--- a/src/ap/ap_drv_ops.c
+++ b/src/ap/ap_drv_ops.c
+@@ -927,7 +927,8 @@ int hostapd_start_dfs_cac(struct hostapd
+ int hostapd_drv_set_qos_map(struct hostapd_data *hapd,
+ 			    const u8 *qos_map_set, u8 qos_map_set_len)
+ {
+-	if (!hapd->driver || !hapd->driver->set_qos_map || !hapd->drv_priv)
+	if (!hapd->driver || !hapd->driver->set_qos_map || !hapd->drv_priv ||
+	    !(hapd->iface->drv_flags & WPA_DRIVER_FLAGS_QOS_MAPPING))
+ 		return 0;
+ 	return hapd->driver->set_qos_map(hapd->drv_priv, qos_map_set,
+ 					 qos_map_set_len);
--- a/feeds/hostapd/hostapd/patches/751-wispr-ft.patch
+++ b/feeds/hostapd/hostapd/patches/751-wispr-ft.patch
@@ -0,0 +1,539 @@
+--- a/src/ap/wpa_auth.h
+++ b/src/ap/wpa_auth.h
+@@ -16,7 +16,11 @@
+ 
+ struct vlan_description;
+ struct mld_info;
+-
+struct rate_description {
+	u32 rx;
+	u32 tx;
+};
+ 
+ #define MAX_OWN_IE_OVERRIDE 256
+ 
+ #ifdef _MSC_VER
+@@ -88,6 +92,7 @@ struct ft_rrb_frame {
+ #define FT_RRB_IDENTITY      15
+ #define FT_RRB_RADIUS_CUI    16
+ #define FT_RRB_SESSION_TIMEOUT  17 /* le32 seconds */
+#define FT_RRB_RATE_LIMIT	18
+ 
+ struct ft_rrb_tlv {
+ 	le16 type;
+@@ -368,6 +373,10 @@ struct wpa_auth_callbacks {
+ 			struct vlan_description *vlan);
+ 	int (*get_vlan)(void *ctx, const u8 *sta_addr,
+ 			struct vlan_description *vlan);
+	int (*set_rate_limit)(void *ctx, const u8 *sta_addr,
+			      struct rate_description *rate);
+	int (*get_rate_limit)(void *ctx, const u8 *sta_addr,
+			      struct rate_description *rate);
+ 	int (*set_identity)(void *ctx, const u8 *sta_addr,
+ 			    const u8 *identity, size_t identity_len);
+ 	size_t (*get_identity)(void *ctx, const u8 *sta_addr, const u8 **buf);
+@@ -536,7 +545,7 @@ int wpa_ft_fetch_pmk_r1(struct wpa_authe
+ 			struct vlan_description *vlan,
+ 			const u8 **identity, size_t *identity_len,
+ 			const u8 **radius_cui, size_t *radius_cui_len,
+-			int *session_timeout);
+			int *session_timeout, struct rate_description *rate);
+ 
+ #endif /* CONFIG_IEEE80211R_AP */
+ 
+--- a/src/ap/wpa_auth_glue.c
+++ b/src/ap/wpa_auth_glue.c
+@@ -1200,6 +1200,40 @@ static int hostapd_wpa_auth_get_vlan(voi
+ }
+ 
+ 
+static int hostapd_wpa_auth_set_rate_limit(void *ctx, const u8 *sta_addr,
+					   struct rate_description *rate)
+{
+	struct hostapd_data *hapd = ctx;
+	struct sta_info *sta;
+
+	sta = ap_get_sta(hapd, sta_addr);
+	if (!sta || !sta->wpa_sm)
+		return -1;
+
+	memcpy(sta->bandwidth, rate, sizeof(*rate));
+	hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
+		       HOSTAPD_LEVEL_INFO, "rate-limit %d %d", sta->bandwidth[0], sta->bandwidth[1]);
+
+	return 0;
+}
+
+
+static int hostapd_wpa_auth_get_rate_limit(void *ctx, const u8 *sta_addr,
+					   struct rate_description *rate)
+{
+	struct hostapd_data *hapd = ctx;
+	struct sta_info *sta;
+
+	sta = ap_get_sta(hapd, sta_addr);
+	if (!sta)
+		return -1;
+
+	memcpy(rate, sta->bandwidth, sizeof(*rate));
+
+	return 0;
+}
+
+
+ static int
+ hostapd_wpa_auth_set_identity(void *ctx, const u8 *sta_addr,
+ 			      const u8 *identity, size_t identity_len)
+@@ -1640,6 +1674,8 @@ int hostapd_setup_wpa(struct hostapd_dat
+ 		.add_tspec = hostapd_wpa_auth_add_tspec,
+ 		.set_vlan = hostapd_wpa_auth_set_vlan,
+ 		.get_vlan = hostapd_wpa_auth_get_vlan,
+		.set_rate_limit = hostapd_wpa_auth_set_rate_limit,
+		.get_rate_limit = hostapd_wpa_auth_get_rate_limit,
+ 		.set_identity = hostapd_wpa_auth_set_identity,
+ 		.get_identity = hostapd_wpa_auth_get_identity,
+ 		.set_radius_cui = hostapd_wpa_auth_set_radius_cui,
+--- a/src/ap/wpa_auth_ft.c
+++ b/src/ap/wpa_auth_ft.c
+@@ -379,6 +379,14 @@ static size_t wpa_ft_vlan_len(const stru
+ 	return tlv_len;
+ }
+ 
+static size_t wpa_ft_rate_limit_len(const struct rate_description *rate)
+{
+	if (!rate || (!rate->rx && !rate->tx))
+		return 0;
+
+	return (sizeof(struct ft_rrb_tlv) + 8);
+}
+
+ 
+ static size_t wpa_ft_vlan_lin(const struct vlan_description *vlan,
+ 			      u8 *start, u8 *endpos)
+@@ -434,10 +442,48 @@ static size_t wpa_ft_vlan_lin(const stru
+ }
+ 
+ 
+static size_t wpa_ft_rate_limit_lin(const struct rate_description *rate,
+				    u8 *start, u8 *endpos)
+{
+	size_t tlv_len;
+	int i, len;
+	struct ft_rrb_tlv *hdr;
+	u8 *pos = start;
+
+	if (!rate)
+		return 0;
+
+	tlv_len = 0;
+	if (rate->rx || rate->tx) {
+		tlv_len += sizeof(*hdr);
+		if (start + tlv_len > endpos)
+			return tlv_len;
+		hdr = (struct ft_rrb_tlv *) pos;
+		hdr->type = host_to_le16(FT_RRB_RATE_LIMIT);
+		hdr->len = host_to_le16(2 * sizeof(le32));
+		pos = start + tlv_len;
+
+		tlv_len += sizeof(u32);
+		if (start + tlv_len > endpos)
+			return tlv_len;
+		WPA_PUT_LE32(pos, rate->rx);
+		pos = start + tlv_len;
+		tlv_len += sizeof(u32);
+		if (start + tlv_len > endpos)
+			return tlv_len;
+		WPA_PUT_LE32(pos, rate->tx);
+		pos = start + tlv_len;
+	}
+
+	return tlv_len;
+}
+
+
+ static int wpa_ft_rrb_lin(const struct tlv_list *tlvs1,
+ 			  const struct tlv_list *tlvs2,
+ 			  const struct vlan_description *vlan,
+-			  u8 **plain, size_t *plain_len)
+			  u8 **plain, size_t *plain_len,
+			  const struct rate_description *rate)
+ {
+ 	u8 *pos, *endpos;
+ 	size_t tlv_len;
+@@ -445,6 +491,7 @@ static int wpa_ft_rrb_lin(const struct t
+ 	tlv_len = wpa_ft_tlv_len(tlvs1);
+ 	tlv_len += wpa_ft_tlv_len(tlvs2);
+ 	tlv_len += wpa_ft_vlan_len(vlan);
+	tlv_len += wpa_ft_rate_limit_len(rate);
+ 
+ 	*plain_len = tlv_len;
+ 	*plain = os_zalloc(tlv_len);
+@@ -458,6 +505,7 @@ static int wpa_ft_rrb_lin(const struct t
+ 	pos += wpa_ft_tlv_lin(tlvs1, pos, endpos);
+ 	pos += wpa_ft_tlv_lin(tlvs2, pos, endpos);
+ 	pos += wpa_ft_vlan_lin(vlan, pos, endpos);
+	pos += wpa_ft_rate_limit_lin(rate, pos, endpos);
+ 
+ 	/* validity check */
+ 	if (pos != endpos) {
+@@ -526,7 +574,8 @@ static int wpa_ft_rrb_build(const u8 *ke
+ 			    const struct tlv_list *tlvs_auth,
+ 			    const struct vlan_description *vlan,
+ 			    const u8 *src_addr, u8 type,
+-			    u8 **packet, size_t *packet_len)
+			    u8 **packet, size_t *packet_len,
+			    const struct rate_description *rate)
+ {
+ 	u8 *plain = NULL, *auth = NULL, *pos, *tmp;
+ 	size_t plain_len = 0, auth_len = 0;
+@@ -534,10 +583,10 @@ static int wpa_ft_rrb_build(const u8 *ke
+ 	size_t pad_len = 0;
+ 
+ 	*packet = NULL;
+-	if (wpa_ft_rrb_lin(tlvs_enc0, tlvs_enc1, vlan, &plain, &plain_len) < 0)
+	if (wpa_ft_rrb_lin(tlvs_enc0, tlvs_enc1, vlan, &plain, &plain_len, rate) < 0)
+ 		goto out;
+ 
+-	if (wpa_ft_rrb_lin(tlvs_auth, NULL, NULL, &auth, &auth_len) < 0)
+	if (wpa_ft_rrb_lin(tlvs_auth, NULL, NULL, &auth, &auth_len, NULL) < 0)
+ 		goto out;
+ 
+ 	*packet_len = sizeof(u16) + auth_len + plain_len;
+@@ -700,6 +749,24 @@ static int wpa_ft_get_vlan(struct wpa_au
+ }
+ 
+ 
+static int wpa_ft_get_rate_limit(struct wpa_authenticator *wpa_auth,
+				 const u8 *sta_addr, struct rate_description *rate)
+{
+	if (!wpa_auth->cb->get_rate_limit)
+		return -1;
+	return wpa_auth->cb->get_rate_limit(wpa_auth->cb_ctx, sta_addr, rate);
+}
+
+
+static int wpa_ft_set_rate_limit(struct wpa_authenticator *wpa_auth,
+				 const u8 *sta_addr, struct rate_description *rate)
+{
+	if (!wpa_auth->cb->set_rate_limit)
+		return -1;
+	return wpa_auth->cb->set_rate_limit(wpa_auth->cb_ctx, sta_addr, rate);
+}
+
+
+ static int
+ wpa_ft_set_identity(struct wpa_authenticator *wpa_auth, const u8 *sta_addr,
+ 		    const u8 *identity, size_t identity_len)
+@@ -1025,7 +1092,7 @@ wpa_ft_rrb_seq_req(struct wpa_authentica
+ 
+ 	if (wpa_ft_rrb_build(key, key_len, NULL, NULL, seq_req_auth, NULL,
+ 			     wpa_auth->addr, FT_PACKET_R0KH_R1KH_SEQ_REQ,
+-			     &packet, &packet_len) < 0) {
+			     &packet, &packet_len, NULL) < 0) {
+ 		item = NULL; /* some other seq resp might still accept this */
+ 		goto err;
+ 	}
+@@ -1208,6 +1275,7 @@ struct wpa_ft_pmk_r0_sa {
+ 	u8 spa[ETH_ALEN];
+ 	int pairwise; /* Pairwise cipher suite, WPA_CIPHER_* */
+ 	struct vlan_description *vlan;
+	struct rate_description *rate;
+ 	os_time_t expiration; /* 0 for no expiration */
+ 	u8 *identity;
+ 	size_t identity_len;
+@@ -1226,6 +1294,7 @@ struct wpa_ft_pmk_r1_sa {
+ 	u8 spa[ETH_ALEN];
+ 	int pairwise; /* Pairwise cipher suite, WPA_CIPHER_* */
+ 	struct vlan_description *vlan;
+	struct rate_description *rate;
+ 	u8 *identity;
+ 	size_t identity_len;
+ 	u8 *radius_cui;
+@@ -1254,6 +1323,7 @@ static void wpa_ft_free_pmk_r0(struct wp
+ 
+ 	os_memset(r0->pmk_r0, 0, PMK_LEN_MAX);
+ 	os_free(r0->vlan);
+	os_free(r0->rate);
+ 	os_free(r0->identity);
+ 	os_free(r0->radius_cui);
+ 	os_free(r0);
+@@ -1307,6 +1377,7 @@ static void wpa_ft_free_pmk_r1(struct wp
+ 	eloop_cancel_timeout(wpa_ft_expire_pmk_r1, r1, NULL);
+ 
+ 	os_memset(r1->pmk_r1, 0, PMK_LEN_MAX);
+	os_free(r1->rate);
+ 	os_free(r1->vlan);
+ 	os_free(r1->identity);
+ 	os_free(r1->radius_cui);
+@@ -1360,7 +1431,8 @@ static int wpa_ft_store_pmk_r0(struct wp
+ 			       const struct vlan_description *vlan,
+ 			       int expires_in, int session_timeout,
+ 			       const u8 *identity, size_t identity_len,
+-			       const u8 *radius_cui, size_t radius_cui_len)
+			       const u8 *radius_cui, size_t radius_cui_len,
+			       struct rate_description *rate)
+ {
+ 	struct wpa_ft_pmk_cache *cache = wpa_auth->ft_pmk_cache;
+ 	struct wpa_ft_pmk_r0_sa *r0;
+@@ -1388,6 +1460,14 @@ static int wpa_ft_store_pmk_r0(struct wp
+ 		}
+ 		*r0->vlan = *vlan;
+ 	}
+	if (rate) {
+		r0->rate = os_zalloc(sizeof(*rate));
+		if (!r0->rate) {
+			bin_clear_free(r0, sizeof(*r0));
+			return -1;
+		}
+		*r0->rate = *rate;
+	}
+ 	if (identity) {
+ 		r0->identity = os_malloc(identity_len);
+ 		if (r0->identity) {
+@@ -1447,7 +1527,8 @@ static int wpa_ft_store_pmk_r1(struct wp
+ 			       const struct vlan_description *vlan,
+ 			       int expires_in, int session_timeout,
+ 			       const u8 *identity, size_t identity_len,
+-			       const u8 *radius_cui, size_t radius_cui_len)
+			       const u8 *radius_cui, size_t radius_cui_len,
+			       struct rate_description *rate)
+ {
+ 	struct wpa_ft_pmk_cache *cache = wpa_auth->ft_pmk_cache;
+ 	int max_expires_in = wpa_auth->conf.r1_max_key_lifetime;
+@@ -1477,6 +1558,14 @@ static int wpa_ft_store_pmk_r1(struct wp
+ 		}
+ 		*r1->vlan = *vlan;
+ 	}
+	if (rate) {
+		r1->rate = os_zalloc(sizeof(*rate));
+		if (!r1->rate) {
+			bin_clear_free(r1, sizeof(*r1));
+			return -1;
+		}
+		*r1->rate = *rate;
+	}
+ 	if (identity) {
+ 		r1->identity = os_malloc(identity_len);
+ 		if (r1->identity) {
+@@ -1513,7 +1602,7 @@ int wpa_ft_fetch_pmk_r1(struct wpa_authe
+ 			struct vlan_description *vlan,
+ 			const u8 **identity, size_t *identity_len,
+ 			const u8 **radius_cui, size_t *radius_cui_len,
+-			int *session_timeout)
+			int *session_timeout, struct rate_description *rate)
+ {
+ 	struct wpa_ft_pmk_cache *cache = wpa_auth->ft_pmk_cache;
+ 	struct wpa_ft_pmk_r1_sa *r1;
+@@ -1533,6 +1622,12 @@ int wpa_ft_fetch_pmk_r1(struct wpa_authe
+ 				*vlan = *r1->vlan;
+ 			if (vlan && !r1->vlan)
+ 				os_memset(vlan, 0, sizeof(*vlan));
+			if (rate) {
+				if (r1->rate)
+					*rate = *r1->rate;
+				else
+					memset(rate, 0, sizeof(*rate));
+			}
+ 			if (identity && identity_len) {
+ 				*identity = r1->identity;
+ 				*identity_len = r1->identity_len;
+@@ -2059,7 +2154,7 @@ static int wpa_ft_pull_pmk_r1(struct wpa
+ 
+ 	if (wpa_ft_rrb_build(key, key_len, req_enc, NULL, req_auth, NULL,
+ 			     sm->wpa_auth->addr, FT_PACKET_R0KH_R1KH_PULL,
+-			     &packet, &packet_len) < 0)
+			     &packet, &packet_len, NULL) < 0)
+ 		return -1;
+ 
+ 	ft_pending_req_ies = wpabuf_alloc_copy(ies, ies_len);
+@@ -2088,6 +2183,7 @@ int wpa_ft_store_pmk_fils(struct wpa_sta
+ {
+ 	int expires_in = sm->wpa_auth->conf.r0_key_lifetime;
+ 	struct vlan_description vlan;
+	struct rate_description rate;
+ 	const u8 *identity, *radius_cui;
+ 	size_t identity_len, radius_cui_len;
+ 	int session_timeout;
+@@ -2099,6 +2195,7 @@ int wpa_ft_store_pmk_fils(struct wpa_sta
+ 			   MAC2STR(sm->addr));
+ 		return -1;
+ 	}
+	wpa_ft_get_rate_limit(sm->wpa_auth, sm->addr, &rate);
+ 
+ 	identity_len = wpa_ft_get_identity(sm->wpa_auth, sm->addr, &identity);
+ 	radius_cui_len = wpa_ft_get_radius_cui(sm->wpa_auth, sm->addr,
+@@ -2108,7 +2205,7 @@ int wpa_ft_store_pmk_fils(struct wpa_sta
+ 	return wpa_ft_store_pmk_r0(sm->wpa_auth, sm->addr, pmk_r0, pmk_r0_len,
+ 				   pmk_r0_name, sm->pairwise, &vlan, expires_in,
+ 				   session_timeout, identity, identity_len,
+-				   radius_cui, radius_cui_len);
+				   radius_cui, radius_cui_len, &rate);
+ }
+ 
+ 
+@@ -2172,6 +2269,7 @@ void wpa_auth_ft_store_keys(struct wpa_s
+ 	int psk_local = sm->wpa_auth->conf.ft_psk_generate_local;
+ 	int expires_in = sm->wpa_auth->conf.r0_key_lifetime;
+ 	struct vlan_description vlan;
+	struct rate_description rate;
+ 	const u8 *identity, *radius_cui;
+ 	size_t identity_len, radius_cui_len;
+ 	int session_timeout;
+@@ -2185,6 +2283,8 @@ void wpa_auth_ft_store_keys(struct wpa_s
+ 		return;
+ 	}
+ 
+	wpa_ft_get_rate_limit(sm->wpa_auth, sm->addr, &rate);
+
+ 	identity_len = wpa_ft_get_identity(sm->wpa_auth, sm->addr, &identity);
+ 	radius_cui_len = wpa_ft_get_radius_cui(sm->wpa_auth, sm->addr,
+ 					       &radius_cui);
+@@ -2195,11 +2295,12 @@ void wpa_auth_ft_store_keys(struct wpa_s
+ 			    pmk_r0_name,
+ 			    sm->pairwise, &vlan, expires_in,
+ 			    session_timeout, identity, identity_len,
+-			    radius_cui, radius_cui_len);
+			    radius_cui, radius_cui_len, &rate);
+ 	wpa_ft_store_pmk_r1(sm->wpa_auth, sm->addr, pmk_r1, key_len,
+ 			    sm->pmk_r1_name, sm->pairwise, &vlan,
+ 			    expires_in, session_timeout, identity,
+-			    identity_len, radius_cui, radius_cui_len);
+			    identity_len, radius_cui, radius_cui_len,
+			    &rate);
+ }
+ 
+ 
+@@ -3100,7 +3201,8 @@ static int wpa_ft_local_derive_pmk_r1(st
+ 				      const u8 **radius_cui,
+ 				      size_t *radius_cui_len,
+ 				      int *out_session_timeout,
+-				      size_t *pmk_r1_len)
+				      size_t *pmk_r1_len,
+				      struct rate_description *rate)
+ {
+ 	struct wpa_auth_config *conf = &wpa_auth->conf;
+ 	const struct wpa_ft_pmk_r0_sa *r0;
+@@ -3136,7 +3238,8 @@ static int wpa_ft_local_derive_pmk_r1(st
+ 			    out_pmk_r1_name,
+ 			    sm->pairwise, r0->vlan, expires_in, session_timeout,
+ 			    r0->identity, r0->identity_len,
+-			    r0->radius_cui, r0->radius_cui_len);
+			    r0->radius_cui, r0->radius_cui_len,
+			    r0->rate);
+ 
+ 	*out_pairwise = sm->pairwise;
+ 	if (vlan) {
+@@ -3146,6 +3249,13 @@ static int wpa_ft_local_derive_pmk_r1(st
+ 			os_memset(vlan, 0, sizeof(*vlan));
+ 	}
+ 
+	if (rate) {
+		if (r0->rate)
+			*rate = *r0->rate;
+		else
+			os_memset(rate, 0, sizeof(*rate));
+	}
+
+ 	if (identity && identity_len) {
+ 		*identity = r0->identity;
+ 		*identity_len = r0->identity_len;
+@@ -3178,6 +3288,7 @@ static int wpa_ft_process_auth_req(struc
+ 	u8 *pos, *end;
+ 	int pairwise, session_timeout = 0;
+ 	struct vlan_description vlan;
+	struct rate_description rate = {};
+ 	const u8 *identity, *radius_cui;
+ 	size_t identity_len = 0, radius_cui_len = 0;
+ 	size_t pmk_r1_len, kdk_len, len;
+@@ -3274,7 +3385,7 @@ static int wpa_ft_process_auth_req(struc
+ 					pmk_r1, &pmk_r1_len, &pairwise, &vlan,
+ 					&identity, &identity_len, &radius_cui,
+ 					&radius_cui_len,
+-					&session_timeout) == 0) {
+					&session_timeout, &rate) == 0) {
+ 			wpa_printf(MSG_DEBUG,
+ 				   "FT: Found PMKR1Name (using SHA%zu) from local cache",
+ 				   pmk_r1_len * 8);
+@@ -3290,7 +3401,7 @@ static int wpa_ft_process_auth_req(struc
+ 				       pmk_r1_name, pmk_r1, &pairwise,
+ 				       &vlan, &identity, &identity_len,
+ 				       &radius_cui, &radius_cui_len,
+-				       &session_timeout, &pmk_r1_len) == 0) {
+				       &session_timeout, &pmk_r1_len, &rate) == 0) {
+ 		wpa_printf(MSG_DEBUG,
+ 			   "FT: Generated PMK-R1 based on local PMK-R0");
+ 		goto pmk_r1_derived;
+@@ -3392,6 +3503,7 @@ pmk_r1_derived:
+ 		wpa_printf(MSG_DEBUG, "FT: Failed to configure VLAN");
+ 		goto out;
+ 	}
+	wpa_ft_set_rate_limit(sm->wpa_auth, sm->addr, &rate);
+ 	if (wpa_ft_set_identity(sm->wpa_auth, sm->addr,
+ 				identity, identity_len) < 0 ||
+ 	    wpa_ft_set_radius_cui(sm->wpa_auth, sm->addr,
+@@ -3973,7 +4085,7 @@ static int wpa_ft_rrb_build_r0(const u8
+ 
+ 	ret = wpa_ft_rrb_build(key, key_len, tlvs, sess_tlv, tlv_auth,
+ 			       pmk_r0->vlan, src_addr, type,
+-			       packet, packet_len);
+			       packet, packet_len, pmk_r0->rate);
+ 
+ 	forced_memzero(pmk_r1, sizeof(pmk_r1));
+ 
+@@ -4113,7 +4225,7 @@ static int wpa_ft_rrb_rx_pull(struct wpa
+ 		ret = wpa_ft_rrb_build(key, key_len, resp, NULL, resp_auth,
+ 				       NULL, wpa_auth->addr,
+ 				       FT_PACKET_R0KH_R1KH_RESP,
+-				       &packet, &packet_len);
+				       &packet, &packet_len, NULL);
+ 	} else {
+ 		ret = wpa_ft_rrb_build_r0(key, key_len, resp, r0, f_r1kh_id,
+ 					  f_s1kh_id, resp_auth, wpa_auth->addr,
+@@ -4165,11 +4277,15 @@ static int wpa_ft_rrb_rx_r1(struct wpa_a
+ 	size_t f_expires_in_len;
+ 	size_t f_identity_len, f_radius_cui_len;
+ 	size_t f_session_timeout_len;
+	size_t f_rate_len;
+	const u8 *f_rate;
+ 	int pairwise;
+ 	int ret = -1;
+ 	int expires_in;
+ 	int session_timeout;
+ 	struct vlan_description vlan;
+	struct rate_description rate;
+	int has_rate = 0;
+ 	size_t pmk_r1_len;
+ 
+ 	RRB_GET_AUTH(FT_RRB_R0KH_ID, r0kh_id, msgtype, -1);
+@@ -4279,6 +4395,13 @@ static int wpa_ft_rrb_rx_r1(struct wpa_a
+ 	wpa_printf(MSG_DEBUG, "FT: vlan %d%s",
+ 		   le_to_host16(vlan.untagged), vlan.tagged[0] ? "+" : "");
+ 
+	RRB_GET_OPTIONAL(FT_RRB_RATE_LIMIT, rate, msgtype, 2 * sizeof(le32));
+	if (f_rate) {
+		memcpy(&rate, f_rate, sizeof(rate));
+		rate.rx = le_to_host32(rate.rx);
+		rate.tx = le_to_host32(rate.tx);
+		has_rate = 1;
+	};
+ 	RRB_GET_OPTIONAL(FT_RRB_IDENTITY, identity, msgtype, -1);
+ 	if (f_identity)
+ 		wpa_hexdump_ascii(MSG_DEBUG, "FT: Identity", f_identity,
+@@ -4301,7 +4424,7 @@ static int wpa_ft_rrb_rx_r1(struct wpa_a
+ 				f_pmk_r1_name,
+ 				pairwise, &vlan, expires_in, session_timeout,
+ 				f_identity, f_identity_len, f_radius_cui,
+-				f_radius_cui_len) < 0)
+				f_radius_cui_len, has_rate ? &rate : 0) < 0)
+ 		goto out;
+ 
+ 	ret = 0;
+@@ -4614,7 +4737,7 @@ static int wpa_ft_rrb_rx_seq_req(struct
+ 
+ 	if (wpa_ft_rrb_build(key, key_len, NULL, NULL, seq_resp_auth, NULL,
+ 			     wpa_auth->addr, FT_PACKET_R0KH_R1KH_SEQ_RESP,
+-			     &packet, &packet_len) < 0)
+			     &packet, &packet_len, NULL) < 0)
+ 		goto out;
+ 
+ 	wpa_ft_rrb_oui_send(wpa_auth, src_addr,
--- a/feeds/hostapd/hostapd/patches/760-acs_exclude_dfs.patch
+++ b/feeds/hostapd/hostapd/patches/760-acs_exclude_dfs.patch
--- a/feeds/hostapd/hostapd/patches/760-dynamic_own_ip.patch
+++ b/feeds/hostapd/hostapd/patches/760-dynamic_own_ip.patch
@@ -1,6 +1,6 @@
 --- a/src/ap/ap_config.h
 +++ b/src/ap/ap_config.h
-@@ -301,6 +301,7 @@ struct hostapd_bss_config {
+@@ -310,6 +310,7 @@ struct hostapd_bss_config {
 	unsigned int eap_sim_db_timeout;
 	int eap_server_erp; /* Whether ERP is enabled on internal EAP server */
 	struct hostapd_ip_addr own_ip_addr;
@@ -10,7 +10,7 @@
 	int acct_interim_interval;
 --- a/src/radius/radius_client.c
 +++ b/src/radius/radius_client.c
-@@ -162,6 +162,8 @@ struct radius_client_data {
+@@ -163,6 +163,8 @@ struct radius_client_data {
 	 */
 	void *ctx;
 
@@ -19,7 +19,7 @@
 	/**
 	 * conf - RADIUS client configuration (list of RADIUS servers to use)
 	 */
-@@ -719,6 +721,30 @@ static void radius_client_list_add(struc
+@@ -720,6 +722,30 @@ static void radius_client_list_add(struc
 
 
 /**
@@ -50,7 +50,7 @@
  * radius_client_send - Send a RADIUS request
  * @radius: RADIUS client context from radius_client_init()
  * @msg: RADIUS message to be sent
-@@ -1219,6 +1245,10 @@ radius_change_server(struct radius_clien
+@@ -1238,6 +1264,10 @@ radius_change_server(struct radius_clien
 			wpa_printf(MSG_DEBUG, "RADIUS local address: %s:%u",
 				   inet_ntoa(claddr.sin_addr),
 				   ntohs(claddr.sin_port));
@@ -61,7 +61,7 @@
 		}
 		break;
 #ifdef CONFIG_IPV6
-@@ -1230,6 +1260,10 @@ radius_change_server(struct radius_clien
+@@ -1249,6 +1279,10 @@ radius_change_server(struct radius_clien
 				   inet_ntop(AF_INET6, &claddr6.sin6_addr,
 					     abuf, sizeof(abuf)),
 				   ntohs(claddr6.sin6_port));
@@ -74,7 +74,7 @@
 	}
 --- a/src/radius/radius_client.h
 +++ b/src/radius/radius_client.h
-@@ -244,6 +244,8 @@ int radius_client_register(struct radius
+@@ -249,6 +249,8 @@ int radius_client_register(struct radius
 void radius_client_set_interim_error_cb(struct radius_client_data *radius,
 					void (*cb)(const u8 *addr, void *ctx),
 					void *ctx);
@@ -85,7 +85,7 @@
 		       RadiusType msg_type, const u8 *addr);
 --- a/src/ap/ieee802_1x.c
 +++ b/src/ap/ieee802_1x.c
-@@ -535,6 +535,10 @@ int add_common_radius_attr(struct hostap
+@@ -598,6 +598,10 @@ int add_common_radius_attr(struct hostap
 	struct hostapd_radius_attr *attr;
 	int len;
 
@@ -98,7 +98,7 @@
 	    hapd->conf->own_ip_addr.af == AF_INET &&
 --- a/hostapd/config_file.c
 +++ b/hostapd/config_file.c
-@@ -2696,6 +2696,8 @@ static int hostapd_config_fill(struct ho
+@@ -2688,6 +2688,8 @@ static int hostapd_config_fill(struct ho
 	} else if (os_strcmp(buf, "iapp_interface") == 0) {
 		wpa_printf(MSG_INFO, "DEPRECATED: iapp_interface not used");
 #endif /* CONFIG_IAPP */
--- a/feeds/hostapd/hostapd/patches/761-shared_das_port.patch
+++ b/feeds/hostapd/hostapd/patches/761-shared_das_port.patch
@@ -0,0 +1,298 @@
+--- a/src/radius/radius_das.h
+++ b/src/radius/radius_das.h
+@@ -44,6 +44,7 @@ struct radius_das_attrs {
+ struct radius_das_conf {
+ 	int port;
+ 	const u8 *shared_secret;
+	const u8 *nas_identifier;
+ 	size_t shared_secret_len;
+ 	const struct hostapd_ip_addr *client_addr;
+ 	unsigned int time_window;
+--- a/src/ap/hostapd.c
+++ b/src/ap/hostapd.c
+@@ -1423,6 +1423,7 @@ int hostapd_setup_bss(struct hostapd_dat
+ 
+ 			os_memset(&das_conf, 0, sizeof(das_conf));
+ 			das_conf.port = conf->radius_das_port;
+			das_conf.nas_identifier = conf->nas_identifier;
+ 			das_conf.shared_secret = conf->radius_das_shared_secret;
+ 			das_conf.shared_secret_len =
+ 				conf->radius_das_shared_secret_len;
+--- a/src/radius/radius_das.c
+++ b/src/radius/radius_das.c
+@@ -12,13 +12,26 @@
+ #include "utils/common.h"
+ #include "utils/eloop.h"
+ #include "utils/ip_addr.h"
+#include "utils/list.h"
+ #include "radius.h"
+ #include "radius_das.h"
+ 
+ 
+-struct radius_das_data {
+static struct dl_list das_ports = DL_LIST_HEAD_INIT(das_ports);
+
+struct radius_das_port {
+	struct dl_list list;
+	struct dl_list das_data;
+
+	int port;
+ 	int sock;
+};
+
+struct radius_das_data {
+	struct dl_list list;
+	struct radius_das_port *port;
+ 	u8 *shared_secret;
+	u8 *nas_identifier;
+ 	size_t shared_secret_len;
+ 	struct hostapd_ip_addr client_addr;
+ 	unsigned int time_window;
+@@ -378,56 +391,17 @@ fail:
+ }
+ 
+ 
+-static void radius_das_receive(int sock, void *eloop_ctx, void *sock_ctx)
+static void
+radius_das_receive_msg(struct radius_das_data *das, struct radius_msg *msg,
+		       struct sockaddr *from, socklen_t fromlen,
+		       char *abuf, int from_port)
+ {
+-	struct radius_das_data *das = eloop_ctx;
+-	u8 buf[1500];
+-	union {
+-		struct sockaddr_storage ss;
+-		struct sockaddr_in sin;
+-#ifdef CONFIG_IPV6
+-		struct sockaddr_in6 sin6;
+-#endif /* CONFIG_IPV6 */
+-	} from;
+-	char abuf[50];
+-	int from_port = 0;
+-	socklen_t fromlen;
+-	int len;
+-	struct radius_msg *msg, *reply = NULL;
+	struct radius_msg *reply = NULL;
+ 	struct radius_hdr *hdr;
+ 	struct wpabuf *rbuf;
+	struct os_time now;
+ 	u32 val;
+ 	int res;
+-	struct os_time now;
+-
+-	fromlen = sizeof(from);
+-	len = recvfrom(sock, buf, sizeof(buf), 0,
+-		       (struct sockaddr *) &from.ss, &fromlen);
+-	if (len < 0) {
+-		wpa_printf(MSG_ERROR, "DAS: recvfrom: %s", strerror(errno));
+-		return;
+-	}
+-
+-	os_strlcpy(abuf, inet_ntoa(from.sin.sin_addr), sizeof(abuf));
+-	from_port = ntohs(from.sin.sin_port);
+-
+-	wpa_printf(MSG_DEBUG, "DAS: Received %d bytes from %s:%d",
+-		   len, abuf, from_port);
+-	if (das->client_addr.u.v4.s_addr &&
+-	    das->client_addr.u.v4.s_addr != from.sin.sin_addr.s_addr) {
+-		wpa_printf(MSG_DEBUG, "DAS: Drop message from unknown client");
+-		return;
+-	}
+-
+-	msg = radius_msg_parse(buf, len);
+-	if (msg == NULL) {
+-		wpa_printf(MSG_DEBUG, "DAS: Parsing incoming RADIUS packet "
+-			   "from %s:%d failed", abuf, from_port);
+-		return;
+-	}
+-
+-	if (wpa_debug_level <= MSG_MSGDUMP)
+-		radius_msg_dump(msg);
+ 
+ 	if (radius_msg_verify_das_req(msg, das->shared_secret,
+ 				       das->shared_secret_len,
+@@ -494,9 +468,8 @@ static void radius_das_receive(int sock,
+ 			radius_msg_dump(reply);
+ 
+ 		rbuf = radius_msg_get_buf(reply);
+-		res = sendto(das->sock, wpabuf_head(rbuf),
+-			     wpabuf_len(rbuf), 0,
+-			     (struct sockaddr *) &from.ss, fromlen);
+		res = sendto(das->port->sock, wpabuf_head(rbuf),
+			     wpabuf_len(rbuf), 0, from, fromlen);
+ 		if (res < 0) {
+ 			wpa_printf(MSG_ERROR, "DAS: sendto(to %s:%d): %s",
+ 				   abuf, from_port, strerror(errno));
+@@ -508,6 +481,72 @@ fail:
+ 	radius_msg_free(reply);
+ }
+ 
+static void radius_das_receive(int sock, void *eloop_ctx, void *sock_ctx)
+{
+	struct radius_das_port *p = eloop_ctx;
+	struct radius_das_data *das;
+	u8 buf[1500];
+	union {
+		struct sockaddr_storage ss;
+		struct sockaddr_in sin;
+#ifdef CONFIG_IPV6
+		struct sockaddr_in6 sin6;
+#endif /* CONFIG_IPV6 */
+	} from;
+	struct radius_msg *msg;
+	size_t nasid_len = 0;
+	u8 *nasid_buf = NULL;
+	char abuf[50];
+	int from_port = 0;
+	socklen_t fromlen;
+	int found = 0;
+	int len;
+
+	fromlen = sizeof(from);
+	len = recvfrom(sock, buf, sizeof(buf), 0,
+		       (struct sockaddr *) &from.ss, &fromlen);
+	if (len < 0) {
+		wpa_printf(MSG_ERROR, "DAS: recvfrom: %s", strerror(errno));
+		return;
+	}
+
+	os_strlcpy(abuf, inet_ntoa(from.sin.sin_addr), sizeof(abuf));
+	from_port = ntohs(from.sin.sin_port);
+
+	msg = radius_msg_parse(buf, len);
+	if (msg == NULL) {
+		wpa_printf(MSG_DEBUG, "DAS: Parsing incoming RADIUS packet "
+			   "from %s:%d failed", abuf, from_port);
+		return;
+	}
+
+	wpa_printf(MSG_DEBUG, "DAS: Received %d bytes from %s:%d",
+		   len, abuf, from_port);
+
+	if (wpa_debug_level <= MSG_MSGDUMP)
+		radius_msg_dump(msg);
+
+	radius_msg_get_attr_ptr(msg, RADIUS_ATTR_NAS_IDENTIFIER,
+				&nasid_buf, &nasid_len, NULL);
+	dl_list_for_each(das, &p->das_data, struct radius_das_data, list) {
+		if (das->client_addr.u.v4.s_addr &&
+		    das->client_addr.u.v4.s_addr != from.sin.sin_addr.s_addr)
+			continue;
+
+		if (das->nas_identifier && nasid_buf &&
+		    (nasid_len != os_strlen(das->nas_identifier) ||
+		     os_memcmp(das->nas_identifier, nasid_buf, nasid_len) != 0))
+			continue;
+
+		found = 1;
+		radius_das_receive_msg(das, msg, (struct sockaddr *)&from.ss,
+				       fromlen, abuf, from_port);
+	}
+
+	if (!found)
+		wpa_printf(MSG_DEBUG, "DAS: Drop message from unknown client");
+}
+
+ 
+ static int radius_das_open_socket(int port)
+ {
+@@ -533,6 +572,49 @@ static int radius_das_open_socket(int po
+ }
+ 
+ 
+static struct radius_das_port *
+radius_das_open_port(int port)
+{
+	struct radius_das_port *p;
+
+	dl_list_for_each(p, &das_ports, struct radius_das_port, list) {
+		if (p->port == port)
+			return p;
+	}
+
+	p = os_zalloc(sizeof(*p));
+	if (p == NULL)
+		return NULL;
+
+	dl_list_init(&p->das_data);
+	p->port = port;
+	p->sock = radius_das_open_socket(port);
+	if (p->sock < 0)
+		goto free_port;
+
+	if (eloop_register_read_sock(p->sock, radius_das_receive, p, NULL))
+		goto close_port;
+
+	dl_list_add(&das_ports, &p->list);
+
+	return p;
+
+close_port:
+	close(p->sock);
+free_port:
+	os_free(p);
+
+	return NULL;
+}
+
+static void radius_das_close_port(struct radius_das_port *p)
+{
+	dl_list_del(&p->list);
+	eloop_unregister_read_sock(p->sock);
+	close(p->sock);
+	free(p);
+}
+
+ struct radius_das_data *
+ radius_das_init(struct radius_das_conf *conf)
+ {
+@@ -553,6 +635,8 @@ radius_das_init(struct radius_das_conf *
+ 	das->ctx = conf->ctx;
+ 	das->disconnect = conf->disconnect;
+ 	das->coa = conf->coa;
+	if (conf->nas_identifier)
+		das->nas_identifier = os_strdup(conf->nas_identifier);
+ 
+ 	os_memcpy(&das->client_addr, conf->client_addr,
+ 		  sizeof(das->client_addr));
+@@ -565,19 +649,15 @@ radius_das_init(struct radius_das_conf *
+ 	}
+ 	das->shared_secret_len = conf->shared_secret_len;
+ 
+-	das->sock = radius_das_open_socket(conf->port);
+-	if (das->sock < 0) {
+	das->port = radius_das_open_port(conf->port);
+	if (!das->port) {
+ 		wpa_printf(MSG_ERROR, "Failed to open UDP socket for RADIUS "
+ 			   "DAS");
+ 		radius_das_deinit(das);
+ 		return NULL;
+ 	}
+ 
+-	if (eloop_register_read_sock(das->sock, radius_das_receive, das, NULL))
+-	{
+-		radius_das_deinit(das);
+-		return NULL;
+-	}
+	dl_list_add(&das->port->das_data, &das->list);
+ 
+ 	return das;
+ }
+@@ -588,11 +668,14 @@ void radius_das_deinit(struct radius_das
+ 	if (das == NULL)
+ 		return;
+ 
+-	if (das->sock >= 0) {
+-		eloop_unregister_read_sock(das->sock);
+-		close(das->sock);
+	if (das->port) {
+		dl_list_del(&das->list);
+
+		if (dl_list_empty(&das->port->das_data))
+			radius_das_close_port(das->port);
+ 	}
+ 
+	os_free(das->nas_identifier);
+ 	os_free(das->shared_secret);
+ 	os_free(das);
+ }
--- a/feeds/hostapd/hostapd/patches/770-radius_server.patch
+++ b/feeds/hostapd/hostapd/patches/770-radius_server.patch
@@ -0,0 +1,154 @@
+--- a/hostapd/Makefile
+++ b/hostapd/Makefile
+@@ -63,6 +63,10 @@ endif
+ OBJS += main.o
+ OBJS += config_file.o
+ 
+ifdef CONFIG_RADIUS_SERVER
+OBJS += radius.o
+endif
+
+ OBJS += ../src/ap/hostapd.o
+ OBJS += ../src/ap/wpa_auth_glue.o
+ OBJS += ../src/ap/drv_callbacks.o
+--- a/hostapd/main.c
+++ b/hostapd/main.c
+@@ -40,6 +40,7 @@ struct hapd_global {
+ 
+ static struct hapd_global global;
+ 
+extern int radius_main(int argc, char **argv);
+ 
+ #ifndef CONFIG_NO_HOSTAPD_LOGGER
+ static void hostapd_logger_cb(void *ctx, const u8 *addr, unsigned int module,
+@@ -771,6 +772,11 @@ int main(int argc, char *argv[])
+ 	if (os_program_init())
+ 		return -1;
+ 
+#ifdef RADIUS_SERVER
+	if (strstr(argv[0], "radius"))
+		return radius_main(argc, argv);
+#endif
+
+ 	os_memset(&interfaces, 0, sizeof(interfaces));
+ 	interfaces.reload_config = hostapd_reload_config;
+ 	interfaces.config_read_cb = hostapd_config_read;
+--- a/src/radius/radius_server.c
+++ b/src/radius/radius_server.c
+@@ -63,6 +63,12 @@ struct radius_server_counters {
+ 	u32 unknown_acct_types;
+ };
+ 
+struct radius_accept_attr {
+	u8 type;
+	u16 len;
+	void *data;
+};
+
+ /**
+  * struct radius_session - Internal RADIUS server data for a session
+  */
+@@ -90,7 +96,7 @@ struct radius_session {
+ 	unsigned int macacl:1;
+ 	unsigned int t_c_filtering:1;
+ 
+-	struct hostapd_radius_attr *accept_attr;
+	struct radius_accept_attr *accept_attr;
+ 
+ 	u32 t_c_timestamp; /* Last read T&C timestamp from user DB */
+ };
+@@ -394,6 +400,7 @@ static void radius_server_session_free(s
+ 	radius_msg_free(sess->last_reply);
+ 	os_free(sess->username);
+ 	os_free(sess->nas_ip);
+	os_free(sess->accept_attr);
+ 	os_free(sess);
+ 	data->num_sess--;
+ }
+@@ -554,6 +561,36 @@ radius_server_erp_find_key(struct radius
+ }
+ #endif /* CONFIG_ERP */
+ 
+static struct radius_accept_attr *
+radius_server_copy_attr(const struct hostapd_radius_attr *data)
+{
+	const struct hostapd_radius_attr *attr;
+	struct radius_accept_attr *attr_new;
+	size_t data_size = 0;
+	void *data_buf;
+	int n_attr = 1;
+
+	for (attr = data; attr; attr = attr->next) {
+		n_attr++;
+		data_size += wpabuf_len(attr->val);
+	}
+
+	attr_new = os_zalloc(n_attr * sizeof(*attr) + data_size);
+	if (!attr_new)
+		return NULL;
+
+	data_buf = &attr_new[n_attr];
+	for (n_attr = 0, attr = data; attr; attr = attr->next) {
+		struct radius_accept_attr *cur = &attr_new[n_attr++];
+
+		cur->type = attr->type;
+		cur->len = wpabuf_len(attr->val);
+		cur->data = memcpy(data_buf, wpabuf_head(attr->val), cur->len);
+		data_buf += cur->len;
+	}
+
+	return attr_new;
+}
+ 
+ static struct radius_session *
+ radius_server_get_new_session(struct radius_server_data *data,
+@@ -607,7 +644,7 @@ radius_server_get_new_session(struct rad
+ 		eap_user_free(tmp);
+ 		return NULL;
+ 	}
+-	sess->accept_attr = tmp->accept_attr;
+	sess->accept_attr = radius_server_copy_attr(tmp->accept_attr);
+ 	sess->macacl = tmp->macacl;
+ 	eap_user_free(tmp);
+ 
+@@ -1118,11 +1155,10 @@ radius_server_encapsulate_eap(struct rad
+ 	}
+ 
+ 	if (code == RADIUS_CODE_ACCESS_ACCEPT) {
+-		struct hostapd_radius_attr *attr;
+-		for (attr = sess->accept_attr; attr; attr = attr->next) {
+-			if (!radius_msg_add_attr(msg, attr->type,
+-						 wpabuf_head(attr->val),
+-						 wpabuf_len(attr->val))) {
+		struct radius_accept_attr *attr;
+		for (attr = sess->accept_attr; attr->data; attr++) {
+			if (!radius_msg_add_attr(msg, attr->type, attr->data,
+						 attr->len)) {
+ 				wpa_printf(MSG_ERROR, "Could not add RADIUS attribute");
+ 				radius_msg_free(msg);
+ 				return NULL;
+@@ -1211,11 +1247,10 @@ radius_server_macacl(struct radius_serve
+ 	}
+ 
+ 	if (code == RADIUS_CODE_ACCESS_ACCEPT) {
+-		struct hostapd_radius_attr *attr;
+-		for (attr = sess->accept_attr; attr; attr = attr->next) {
+-			if (!radius_msg_add_attr(msg, attr->type,
+-						 wpabuf_head(attr->val),
+-						 wpabuf_len(attr->val))) {
+		struct radius_accept_attr *attr;
+		for (attr = sess->accept_attr; attr->data; attr++) {
+			if (!radius_msg_add_attr(msg, attr->type, attr->data,
+						 attr->len)) {
+ 				wpa_printf(MSG_ERROR, "Could not add RADIUS attribute");
+ 				radius_msg_free(msg);
+ 				return NULL;
+@@ -2512,7 +2547,7 @@ static int radius_server_get_eap_user(vo
+ 	ret = data->get_eap_user(data->conf_ctx, identity, identity_len,
+ 				 phase2, user);
+ 	if (ret == 0 && user) {
+-		sess->accept_attr = user->accept_attr;
+		sess->accept_attr = radius_server_copy_attr(user->accept_attr);
+ 		sess->remediation = user->remediation;
+ 		sess->macacl = user->macacl;
+ 		sess->t_c_timestamp = user->t_c_timestamp;
--- a/feeds/hostapd/hostapd/patches/780-maxassoc.patch
+++ b/feeds/hostapd/hostapd/patches/780-maxassoc.patch
--- a/feeds/hostapd/hostapd/patches/790-wired-dynamic-vlan.patch
+++ b/feeds/hostapd/hostapd/patches/790-wired-dynamic-vlan.patch
@@ -0,0 +1,33 @@
+Index: hostapd-2021-02-20-59e9794c/src/ap/vlan_init.c
+===================================================================
+--- hostapd-2021-02-20-59e9794c.orig/src/ap/vlan_init.c
+++ hostapd-2021-02-20-59e9794c/src/ap/vlan_init.c
+@@ -37,7 +37,14 @@ static int vlan_if_add(struct hostapd_da
+ 	}
+ #endif /* CONFIG_WEP */
+ 
+-	if (!vlan_exists)
+	if (!hapd->driver || !hapd->driver->if_add) {
+		char *dot = strstr(vlan->ifname, ".");
+		if (dot)
+			*dot = '\0';
+		ret = 0;
+	}
+	
+	else if (!vlan_exists)
+ 		ret = hostapd_vlan_if_add(hapd, vlan->ifname);
+ 	else if (!existsok)
+ 		return -1;
+Index: hostapd-2021-02-20-59e9794c/src/ap/vlan_init.c
+===================================================================
+--- hostapd-2021-02-20-59e9794c.orig/src/ap/vlan_init.c
+++ hostapd-2021-02-20-59e9794c/src/ap/vlan_init.c
+@@ -59,7 +59,7 @@ static int vlan_if_add(struct hostapd_da
+ 	if (hapd->wpa_auth)
+ 		ret = wpa_auth_ensure_group(hapd->wpa_auth, vlan->vlan_id);
+ 
+-	if (!ret && !vlan_exists)
+	if (!ret && !vlan_exists && hapd->driver->if_add)
+ 		hostapd_ubus_add_vlan(hapd, vlan);
+ 
+ 	if (ret == 0)
--- a/feeds/hostapd/hostapd/patches/800-fix-ap-sta-channel-setup-failed.patch
+++ b/feeds/hostapd/hostapd/patches/800-fix-ap-sta-channel-setup-failed.patch
--- a/feeds/hostapd/hostapd/patches/900-coa.patch
+++ b/feeds/hostapd/hostapd/patches/900-coa.patch
--- a/feeds/hostapd/hostapd/patches/901-cfg-section.patch
+++ b/feeds/hostapd/hostapd/patches/901-cfg-section.patch
@@ -0,0 +1,37 @@
+Index: hostapd-2023-09-08-e5ccbfc6/hostapd/config_file.c
+===================================================================
+--- hostapd-2023-09-08-e5ccbfc6.orig/hostapd/config_file.c
+++ hostapd-2023-09-08-e5ccbfc6/hostapd/config_file.c
+@@ -2345,6 +2345,8 @@ static int hostapd_config_fill(struct ho
+ 			return 1;
+ 		}
+ 		conf->driver = driver;
+	} else if (os_strcmp(buf, "uci_section") == 0) {
+		bss->uci_section = os_strdup(pos);
+ 	} else if (os_strcmp(buf, "driver_params") == 0) {
+ 		os_free(conf->driver_params);
+ 		conf->driver_params = os_strdup(pos);
+Index: hostapd-2023-09-08-e5ccbfc6/src/ap/ap_config.h
+===================================================================
+--- hostapd-2023-09-08-e5ccbfc6.orig/src/ap/ap_config.h
+++ hostapd-2023-09-08-e5ccbfc6/src/ap/ap_config.h
+@@ -287,6 +287,7 @@ struct hostapd_bss_config {
+ 	char snoop_iface[IFNAMSIZ + 1];
+ 	char vlan_bridge[IFNAMSIZ + 1];
+ 	char wds_bridge[IFNAMSIZ + 1];
+	char *uci_section;
+ 	int bridge_hairpin; /* hairpin_mode on bridge members */
+ 
+ 	enum hostapd_logger_level logger_syslog_level, logger_stdout_level;
+Index: hostapd-2023-09-08-e5ccbfc6/src/ap/ap_config.c
+===================================================================
+--- hostapd-2023-09-08-e5ccbfc6.orig/src/ap/ap_config.c
+++ hostapd-2023-09-08-e5ccbfc6/src/ap/ap_config.c
+@@ -798,6 +798,7 @@ void hostapd_config_free_bss(struct host
+ 	os_free(conf->radius_req_attr_sqlite);
+ 	os_free(conf->rsn_preauth_interfaces);
+ 	os_free(conf->ctrl_interface);
+	os_free(conf->uci_section);
+ 	os_free(conf->config_id);
+ 	os_free(conf->ca_cert);
+ 	os_free(conf->server_cert);
--- a/feeds/hostapd/hostapd/patches/901-coa-ubus.patch
+++ b/feeds/hostapd/hostapd/patches/901-coa-ubus.patch
@@ -0,0 +1,28 @@
+Index: hostapd-2021-02-20-59e9794c/src/ap/hostapd.c
+===================================================================
+--- hostapd-2021-02-20-59e9794c.orig/src/ap/hostapd.c
+++ hostapd-2021-02-20-59e9794c/src/ap/hostapd.c
+@@ -1034,6 +1034,23 @@ hostapd_das_disconnect(void *ctx, struct
+ 	struct hostapd_data *hapd = ctx;
+ 	struct sta_info *sta;
+ 	int multi;
+	int ubus_resp;
+	struct hostapd_ubus_request req = {
+		.type = HOSTAPD_UBUS_COA,
+		.mgmt_frame = 0,
+		.ssi_signal = 0,
+		.addr = attr->sta_addr,
+	};
+
+	if (hostapd_ubus_handle_event(hapd, &req)) {
+		wpa_printf(MSG_INFO, "DAS: disconnect due approved via ubus");
+		sta = ap_get_sta(hapd, attr->sta_addr);
+		if (sta) {
+			hostapd_drv_sta_deauth(hapd, attr->sta_addr, 2);
+			ap_sta_deauthenticate(hapd, sta, 2);
+		}
+		return RADIUS_DAS_SUCCESS;
+	}
+ 
+ 	if (hostapd_das_nas_mismatch(hapd, attr))
+ 		return RADIUS_DAS_NAS_MISMATCH;
--- a/feeds/hostapd/hostapd/patches/990-ctrl-make-WNM_AP-functions-dependant-on-CONFIG_AP.patch
+++ b/feeds/hostapd/hostapd/patches/990-ctrl-make-WNM_AP-functions-dependant-on-CONFIG_AP.patch
@@ -0,0 +1,33 @@
+From f0e9f5aab52b3eab85d28338cc996972ced4c39c Mon Sep 17 00:00:00 2001
+From: David Bauer <mail@david-bauer.net>
+Date: Tue, 17 May 2022 23:07:59 +0200
+Subject: [PATCH] ctrl: make WNM_AP functions dependant on CONFIG_AP
+
+This fixes linking errors found when compiling wpa_supplicant with
+CONFIG_WNM_AP enabled but CONFIG_AP disabled.
+
+Signed-off-by: David Bauer <mail@david-bauer.net>
+---
+ wpa_supplicant/ctrl_iface.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+--- a/wpa_supplicant/ctrl_iface.c
+++ b/wpa_supplicant/ctrl_iface.c
+@@ -12763,7 +12763,7 @@ char * wpa_supplicant_ctrl_iface_process
+ 		if (wpas_ctrl_iface_coloc_intf_report(wpa_s, buf + 18))
+ 			reply_len = -1;
+ #endif /* CONFIG_WNM */
+-#ifdef CONFIG_WNM_AP
+#if defined(CONFIG_AP) && defined(CONFIG_WNM_AP)
+ 	} else if (os_strncmp(buf, "DISASSOC_IMMINENT ", 18) == 0) {
+ 		if (ap_ctrl_iface_disassoc_imminent(wpa_s, buf + 18))
+ 			reply_len = -1;
+@@ -12773,7 +12773,7 @@ char * wpa_supplicant_ctrl_iface_process
+ 	} else if (os_strncmp(buf, "BSS_TM_REQ ", 11) == 0) {
+ 		if (ap_ctrl_iface_bss_tm_req(wpa_s, buf + 11))
+ 			reply_len = -1;
+-#endif /* CONFIG_WNM_AP */
+#endif /* CONFIG_AP && CONFIG_WNM_AP */
+ 	} else if (os_strcmp(buf, "FLUSH") == 0) {
+ 		wpa_supplicant_ctrl_iface_flush(wpa_s);
+ 	} else if (os_strncmp(buf, "RADIO_WORK ", 11) == 0) {
--- a/Show More
+++ b/Show More