test

Program sometimes did not setup tc qdisc on some interfaces when creating SSID with dhcpinject enabled initially.

Added delayed startup.

Fixes: WIFI-14522
Signed-off-by: alex18_huang <alex18_huang@accton.com>

.github/workflows/build-dev.yml

@@ -15,21 +15,20 @@ on:
 
 jobs:
   build:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     outputs:
       x64_vm_image_name: ${{ steps.package_and_upload_image.outputs.x64_vm_image_name }}
     strategy:
       fail-fast: false
       matrix:
-        target: [ 'cig_wf186h', 'cig_wf186w', 'cig_wf188n', 'cig_wf196', 'cig_wf189', 'cybertan_eww631-a1', 'cybertan_eww631-b1', 'edgecore_eap101', 'edgecore_eap102', 'edgecore_eap104', 'edgecore_eap111', 'edgecore_ecw5211', 'edgecore_oap101', 'edgecore_oap101-6e', 'edgecore_oap101e', 'edgecore_oap101e-6e', 'hfcl_ion4', 'hfcl_ion4xe', 'hfcl_ion4xi', 'hfcl_ion4x', 'hfcl_ion4x_2', 'hfcl_ion4x_3', 'hfcl_ion4xi_w', 'hfcl_ion4x_w', 'indio_um-305ax', 'indio_um-325ac', 'indio_um-510ac-v3', 'indio_um-550ac', 'sercomm_ap72tip', 'udaya_a5-id2', 'udaya_a6-id2', 'wallys_dr40x9', 'wallys_dr6018', 'wallys_dr6018-v4', 'yuncore_ax820', 'yuncore_ax840', 'yuncore_fap640', 'yuncore_fap650', 'yuncore_fap655' ]
-
+        target: [ 'cig_wf186h', 'cig_wf186w', 'cig_wf188n', 'cig_wf189', 'cig_wf196', 'cig_wf196', 'cybertan_eww631-a1', 'cybertan_eww631-b1', 'sonicfi_rap630w-312g', 'sonicfi_rap63xc-211g', 'sonicfi_rap630c-311g', 'sonicfi_rap630w-311g', 'sonicfi_rap630w-211g', 'sonicfi_rap7110c-341x', 'sonicfi_rap750w-311a', 'edgecore_eap101', 'edgecore_eap102', 'edgecore_eap104', 'edgecore_eap105', 'edgecore_eap111', 'edgecore_eap112', 'edgecore_oap101', 'edgecore_oap101-6e', 'edgecore_oap101e', 'edgecore_oap101e-6e', 'edgecore_oap103', 'hfcl_ion4xe', 'hfcl_ion4xi', 'hfcl_ion4x', 'hfcl_ion4x_2', 'hfcl_ion4x_3', 'hfcl_ion4xi_w', 'hfcl_ion4x_w', 'indio_um-305ax', 'senao_iap4300m', 'senao_iap2300m', 'senao_jeap6500', 'udaya_a6-id2', 'udaya_a6-od2', 'yuncore_ax820', 'yuncore_ax840', 'yuncore_fap640', 'yuncore_fap650', 'yuncore_fap655' ]
     steps:
     - uses: actions/checkout@v3
 
     # Clean unnecessary files to save disk space
     - name: clean unncessary files to save space
       run: |
-        docker rmi `docker images -q`
+        docker rmi `docker images -q` || true
 
     - name: Build image for ${{ matrix.target }}
       id: build
@@ -81,7 +80,7 @@ jobs:
         fi
 
   trigger-testing:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     needs: build
     if: startsWith(github.ref, 'refs/tags/v')
     steps:
@@ -94,7 +93,7 @@ jobs:
         client-payload: '{"ref": "${GITHUB_REF#refs/tags/}", "sha": "${{ github.sha }}"}'
 
   create-x64_vm-ami:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     needs: build
     if: startsWith(github.ref, 'refs/tags/v')
     steps:

feeds/bluetooth/nrf52840/files/etc/init.d/nrf52840

@@ -6,7 +6,8 @@ boot() {
 	. /lib/functions/system.sh
 	case $(board_name) in
 	edgecore,eap102|\
-	edgecore,oap102)
+	edgecore,oap102|\
+	edgecore,oap103)
 		echo 54 > /sys/class/gpio/export
 		echo out > /sys/class/gpio/gpio54/direction
 		echo 0 > /sys/class/gpio/gpio54/value

feeds/hostapd/hostapd/patches/600-ubus_support.patch

@@ -0,0 +1,738 @@
+--- a/hostapd/Makefile
++++ b/hostapd/Makefile
+@@ -166,6 +166,12 @@ OBJS += ../src/common/hw_features_common
+ 
+ OBJS += ../src/eapol_auth/eapol_auth_sm.o
+ 
++ifdef CONFIG_UBUS
++CFLAGS += -DUBUS_SUPPORT
++OBJS += ../src/utils/uloop.o
++OBJS += ../src/ap/ubus.o
++LIBS += -lubox -lubus
++endif
+ 
+ ifdef CONFIG_CODE_COVERAGE
+ CFLAGS += -O0 -fprofile-arcs -ftest-coverage
+--- a/src/ap/hostapd.h
++++ b/src/ap/hostapd.h
+@@ -18,6 +18,7 @@
+ #include "utils/list.h"
+ #include "ap_config.h"
+ #include "drivers/driver.h"
++#include "ubus.h"
+ 
+ #define OCE_STA_CFON_ENABLED(hapd) \
+ 	((hapd->conf->oce & OCE_STA_CFON) && \
+@@ -184,6 +185,7 @@ struct hostapd_data {
+ 	struct hostapd_iface *iface;
+ 	struct hostapd_config *iconf;
+ 	struct hostapd_bss_config *conf;
++	struct hostapd_ubus_bss ubus;
+ 	int interface_added; /* virtual interface added for this BSS */
+ 	unsigned int started:1;
+ 	unsigned int disabled:1;
+@@ -695,6 +697,7 @@ hostapd_alloc_bss_data(struct hostapd_if
+ 		       struct hostapd_bss_config *bss);
+ int hostapd_setup_interface(struct hostapd_iface *iface);
+ int hostapd_setup_interface_complete(struct hostapd_iface *iface, int err);
++void hostapd_set_own_neighbor_report(struct hostapd_data *hapd);
+ void hostapd_interface_deinit(struct hostapd_iface *iface);
+ void hostapd_interface_free(struct hostapd_iface *iface);
+ struct hostapd_iface * hostapd_alloc_iface(void);
+--- a/src/ap/hostapd.c
++++ b/src/ap/hostapd.c
+@@ -435,6 +435,7 @@ void hostapd_free_hapd_data(struct hosta
+ 	hapd->beacon_set_done = 0;
+ 
+ 	wpa_printf(MSG_DEBUG, "%s(%s)", __func__, hapd->conf->iface);
++	hostapd_ubus_free_bss(hapd);
+ 	accounting_deinit(hapd);
+ 	hostapd_deinit_wpa(hapd);
+ 	vlan_deinit(hapd);
+@@ -1187,6 +1188,8 @@ static int hostapd_start_beacon(struct h
+ 	if (hapd->driver && hapd->driver->set_operstate)
+ 		hapd->driver->set_operstate(hapd->drv_priv, 1);
+ 
++	hostapd_ubus_add_bss(hapd);
++
+ 	return 0;
+ }
+ 
+@@ -2275,6 +2278,7 @@ static int hostapd_setup_interface_compl
+ 	if (err)
+ 		goto fail;
+ 
++	hostapd_ubus_add_iface(iface);
+ 	wpa_printf(MSG_DEBUG, "Completing interface initialization");
+ 	if (iface->freq) {
+ #ifdef NEED_AP_MLME
+@@ -2494,6 +2498,7 @@ dfs_offload:
+ 
+ fail:
+ 	wpa_printf(MSG_ERROR, "Interface initialization failed");
++	hostapd_ubus_free_iface(iface);
+ 
+ 	if (iface->is_no_ir) {
+ 		hostapd_set_state(iface, HAPD_IFACE_NO_IR);
+@@ -2984,6 +2989,7 @@ void hostapd_interface_deinit_free(struc
+ 		   (unsigned int) iface->conf->num_bss);
+ 	driver = iface->bss[0]->driver;
+ 	drv_priv = iface->bss[0]->drv_priv;
++	hostapd_ubus_free_iface(iface);
+ 	hostapd_interface_deinit(iface);
+ 	wpa_printf(MSG_DEBUG, "%s: driver=%p drv_priv=%p -> hapd_deinit",
+ 		   __func__, driver, drv_priv);
+--- a/src/ap/ieee802_11.c
++++ b/src/ap/ieee802_11.c
+@@ -2786,7 +2786,7 @@ static void handle_auth(struct hostapd_d
+ 	u16 auth_alg, auth_transaction, status_code;
+ 	u16 resp = WLAN_STATUS_SUCCESS;
+ 	struct sta_info *sta = NULL;
+-	int res, reply_res;
++	int res, reply_res, ubus_resp;
+ 	u16 fc;
+ 	const u8 *challenge = NULL;
+ 	u8 resp_ies[2 + WLAN_AUTH_CHALLENGE_LEN];
+@@ -2795,6 +2795,11 @@ static void handle_auth(struct hostapd_d
+ 	struct radius_sta rad_info;
+ 	const u8 *dst, *sa, *bssid;
+ 	bool mld_sta = false;
++	struct hostapd_ubus_request req = {
++		.type = HOSTAPD_UBUS_AUTH_REQ,
++		.mgmt_frame = mgmt,
++		.ssi_signal = rssi,
++	};
+ 
+ 	if (len < IEEE80211_HDRLEN + sizeof(mgmt->u.auth)) {
+ 		wpa_printf(MSG_INFO, "handle_auth - too short payload (len=%lu)",
+@@ -2986,6 +2991,13 @@ static void handle_auth(struct hostapd_d
+ 		resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
+ 		goto fail;
+ 	}
++	ubus_resp = hostapd_ubus_handle_event(hapd, &req);
++	if (0 && ubus_resp) {
++		wpa_printf(MSG_DEBUG, "Station " MACSTR " rejected by ubus handler.\n",
++			MAC2STR(mgmt->sa));
++		resp = ubus_resp > 0 ? (u16) ubus_resp : WLAN_STATUS_UNSPECIFIED_FAILURE;
++		goto fail;
++	}
+ 	if (res == HOSTAPD_ACL_PENDING)
+ 		return;
+ 
+@@ -5161,7 +5173,7 @@ static void handle_assoc(struct hostapd_
+ 	int resp = WLAN_STATUS_SUCCESS;
+ 	u16 reply_res = WLAN_STATUS_UNSPECIFIED_FAILURE;
+ 	const u8 *pos;
+-	int left, i;
++	int left, i, ubus_resp;
+ 	struct sta_info *sta;
+ 	u8 *tmp = NULL;
+ #ifdef CONFIG_FILS
+@@ -5374,6 +5386,11 @@ static void handle_assoc(struct hostapd_
+ 		left = res;
+ 	}
+ #endif /* CONFIG_FILS */
++	struct hostapd_ubus_request req = {
++		.type = HOSTAPD_UBUS_ASSOC_REQ,
++		.mgmt_frame = mgmt,
++		.ssi_signal = rssi,
++	};
+ 
+ 	/* followed by SSID and Supported rates; and HT capabilities if 802.11n
+ 	 * is used */
+@@ -5472,6 +5489,13 @@ static void handle_assoc(struct hostapd_
+ 	}
+ #endif /* CONFIG_FILS */
+ 
++	ubus_resp = hostapd_ubus_handle_event(hapd, &req);
++	if (0 && ubus_resp) {
++		wpa_printf(MSG_DEBUG, "Station " MACSTR " assoc rejected by ubus handler.\n",
++		       MAC2STR(mgmt->sa));
++		resp = ubus_resp > 0 ? (u16) ubus_resp : WLAN_STATUS_UNSPECIFIED_FAILURE;
++		goto fail;
++	}
+  fail:
+ 
+ 	/*
+@@ -5753,6 +5777,7 @@ static void handle_disassoc(struct hosta
+ 			   (unsigned long) len);
+ 		return;
+ 	}
++	hostapd_ubus_notify(hapd, "disassoc", mgmt->sa);
+ 
+ 	sta = ap_get_sta(hapd, mgmt->sa);
+ 	if (!sta) {
+@@ -5784,6 +5809,8 @@ static void handle_deauth(struct hostapd
+ 	/* Clear the PTKSA cache entries for PASN */
+ 	ptksa_cache_flush(hapd->ptksa, mgmt->sa, WPA_CIPHER_NONE);
+ 
++	hostapd_ubus_notify(hapd, "deauth", mgmt->sa);
++
+ 	sta = ap_get_sta(hapd, mgmt->sa);
+ 	if (!sta) {
+ 		wpa_msg(hapd->msg_ctx, MSG_DEBUG, "Station " MACSTR
+--- a/src/ap/beacon.c
++++ b/src/ap/beacon.c
+@@ -1036,6 +1036,12 @@ void handle_probe_req(struct hostapd_dat
+ 	u16 csa_offs[2];
+ 	size_t csa_offs_len;
+ 	struct radius_sta rad_info;
++	struct hostapd_ubus_request req = {
++		.type = HOSTAPD_UBUS_PROBE_REQ,
++		.mgmt_frame = mgmt,
++		.ssi_signal = ssi_signal,
++		.elems = &elems,
++	};
+ 
+ 	if (hapd->iconf->rssi_ignore_probe_request && ssi_signal &&
+ 	    ssi_signal < hapd->iconf->rssi_ignore_probe_request)
+@@ -1222,6 +1228,12 @@ void handle_probe_req(struct hostapd_dat
+ 	}
+ #endif /* CONFIG_P2P */
+ 
++	if (hostapd_ubus_handle_event(hapd, &req)) {
++		wpa_printf(MSG_DEBUG, "Probe request for " MACSTR " rejected by ubus handler.\n",
++		       MAC2STR(mgmt->sa));
++		return;
++	}
++
+ 	/* TODO: verify that supp_rates contains at least one matching rate
+ 	 * with AP configuration */
+ 
+--- a/src/ap/drv_callbacks.c
++++ b/src/ap/drv_callbacks.c
+@@ -260,6 +260,10 @@ int hostapd_notif_assoc(struct hostapd_d
+ 	u16 reason = WLAN_REASON_UNSPECIFIED;
+ 	int status = WLAN_STATUS_SUCCESS;
+ 	const u8 *p2p_dev_addr = NULL;
++	struct hostapd_ubus_request req = {
++		.type = HOSTAPD_UBUS_ASSOC_REQ,
++		.addr = addr,
++	};
+ 
+ 	if (addr == NULL) {
+ 		/*
+@@ -396,6 +400,12 @@ int hostapd_notif_assoc(struct hostapd_d
+ 		goto fail;
+ 	}
+ 
++	if (hostapd_ubus_handle_event(hapd, &req)) {
++		wpa_printf(MSG_DEBUG, "Station " MACSTR " assoc rejected by ubus handler.\n",
++			   MAC2STR(req.addr));
++		goto fail;
++	}
++
+ #ifdef CONFIG_P2P
+ 	if (elems.p2p) {
+ 		wpabuf_free(sta->p2p_ie);
+--- a/src/ap/sta_info.c
++++ b/src/ap/sta_info.c
+@@ -471,6 +471,7 @@ void ap_handle_timer(void *eloop_ctx, vo
+ 		hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
+ 			       HOSTAPD_LEVEL_INFO, "deauthenticated due to "
+ 			       "local deauth request");
++		hostapd_ubus_notify(hapd, "local-deauth", sta->addr);
+ 		ap_free_sta(hapd, sta);
+ 		return;
+ 	}
+@@ -626,6 +627,7 @@ skip_poll:
+ 		mlme_deauthenticate_indication(
+ 			hapd, sta,
+ 			WLAN_REASON_PREV_AUTH_NOT_VALID);
++		hostapd_ubus_notify(hapd, "inactive-deauth", sta->addr);
+ 		ap_free_sta(hapd, sta);
+ 		break;
+ 	}
+@@ -1344,15 +1346,28 @@ void ap_sta_set_authorized(struct hostap
+ 					sta->addr, authorized, dev_addr);
+ 
+ 	if (authorized) {
++		static const char * const auth_algs[] = {
++			[WLAN_AUTH_OPEN] = "open",
++			[WLAN_AUTH_SHARED_KEY] = "shared",
++			[WLAN_AUTH_FT] = "ft",
++			[WLAN_AUTH_SAE] = "sae",
++			[WLAN_AUTH_FILS_SK] = "fils-sk",
++			[WLAN_AUTH_FILS_SK_PFS] = "fils-sk-pfs",
++			[WLAN_AUTH_FILS_PK] = "fils-pk",
++			[WLAN_AUTH_PASN] = "pasn",
++		};
++		const char *auth_alg = NULL;
+ 		const u8 *dpp_pkhash;
+ 		const char *keyid;
+ 		char dpp_pkhash_buf[100];
+ 		char keyid_buf[100];
+ 		char ip_addr[100];
++		char alg_buf[100];
+ 
+ 		dpp_pkhash_buf[0] = '\0';
+ 		keyid_buf[0] = '\0';
+ 		ip_addr[0] = '\0';
++		alg_buf[0] = '\0';
+ #ifdef CONFIG_P2P
+ 		if (wpa_auth_get_ip_addr(sta->wpa_sm, ip_addr_buf) == 0) {
+ 			os_snprintf(ip_addr, sizeof(ip_addr),
+@@ -1362,6 +1377,13 @@ void ap_sta_set_authorized(struct hostap
+ 		}
+ #endif /* CONFIG_P2P */
+ 
++		if (sta->auth_alg < ARRAY_SIZE(auth_algs))
++			auth_alg = auth_algs[sta->auth_alg];
++
++		if (auth_alg)
++			os_snprintf(alg_buf, sizeof(alg_buf),
++				" auth_alg=%s", auth_alg);
++
+ 		keyid = ap_sta_wpa_get_keyid(hapd, sta);
+ 		if (keyid) {
+ 			os_snprintf(keyid_buf, sizeof(keyid_buf),
+@@ -1380,17 +1402,19 @@ void ap_sta_set_authorized(struct hostap
+ 					 dpp_pkhash, SHA256_MAC_LEN);
+ 		}
+ 
+-		wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_CONNECTED "%s%s%s%s",
+-			buf, ip_addr, keyid_buf, dpp_pkhash_buf);
++		hostapd_ubus_notify_authorized(hapd, sta);
++		wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_CONNECTED "%s%s%s%s%s",
++			buf, ip_addr, keyid_buf, dpp_pkhash_buf, alg_buf);
+ 
+ 		if (hapd->msg_ctx_parent &&
+ 		    hapd->msg_ctx_parent != hapd->msg_ctx)
+ 			wpa_msg_no_global(hapd->msg_ctx_parent, MSG_INFO,
+-					  AP_STA_CONNECTED "%s%s%s%s",
++					  AP_STA_CONNECTED "%s%s%s%s%s",
+ 					  buf, ip_addr, keyid_buf,
+-					  dpp_pkhash_buf);
++					  dpp_pkhash_buf, alg_buf);
+ 	} else {
+ 		wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_DISCONNECTED "%s", buf);
++		hostapd_ubus_notify(hapd, "disassoc", sta->addr);
+ 
+ 		if (hapd->msg_ctx_parent &&
+ 		    hapd->msg_ctx_parent != hapd->msg_ctx)
+--- a/src/ap/wpa_auth_glue.c
++++ b/src/ap/wpa_auth_glue.c
+@@ -269,6 +269,7 @@ static void hostapd_wpa_auth_psk_failure
+ 	struct hostapd_data *hapd = ctx;
+ 	wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_POSSIBLE_PSK_MISMATCH MACSTR,
+ 		MAC2STR(addr));
++	hostapd_ubus_notify(hapd, "key-mismatch", addr);
+ }
+ 
+ 
+--- a/wpa_supplicant/Makefile
++++ b/wpa_supplicant/Makefile
+@@ -192,6 +192,13 @@ ifdef CONFIG_EAPOL_TEST
+ CFLAGS += -Werror -DEAPOL_TEST
+ endif
+ 
++ifdef CONFIG_UBUS
++CFLAGS += -DUBUS_SUPPORT
++OBJS += ubus.o
++OBJS += ../src/utils/uloop.o
++LIBS += -lubox -lubus
++endif
++
+ ifdef CONFIG_CODE_COVERAGE
+ CFLAGS += -O0 -fprofile-arcs -ftest-coverage
+ LIBS += -lgcov
+@@ -987,6 +994,9 @@ ifdef CONFIG_CTRL_IFACE_MIB
+ CFLAGS += -DCONFIG_CTRL_IFACE_MIB
+ endif
+ OBJS += ../src/ap/ctrl_iface_ap.o
++ifdef CONFIG_UBUS
++OBJS += ../src/ap/ubus.o
++endif
+ endif
+ 
+ CFLAGS += -DEAP_SERVER -DEAP_SERVER_IDENTITY
+--- a/wpa_supplicant/wpa_supplicant.c
++++ b/wpa_supplicant/wpa_supplicant.c
+@@ -7593,6 +7593,8 @@ struct wpa_supplicant * wpa_supplicant_a
+ 	}
+ #endif /* CONFIG_P2P */
+ 
++	wpas_ubus_add_bss(wpa_s);
++
+ 	return wpa_s;
+ }
+ 
+@@ -7619,6 +7621,8 @@ int wpa_supplicant_remove_iface(struct w
+ 	struct wpa_supplicant *parent = wpa_s->parent;
+ #endif /* CONFIG_MESH */
+ 
++	wpas_ubus_free_bss(wpa_s);
++
+ 	/* Remove interface from the global list of interfaces */
+ 	prev = global->ifaces;
+ 	if (prev == wpa_s) {
+@@ -7965,8 +7969,12 @@ int wpa_supplicant_run(struct wpa_global
+ 	eloop_register_signal_terminate(wpa_supplicant_terminate, global);
+ 	eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
+ 
++	wpas_ubus_add(global);
++
+ 	eloop_run();
+ 
++	wpas_ubus_free(global);
++
+ 	return 0;
+ }
+ 
+--- a/wpa_supplicant/wpa_supplicant_i.h
++++ b/wpa_supplicant/wpa_supplicant_i.h
+@@ -21,6 +21,7 @@
+ #include "config_ssid.h"
+ #include "wmm_ac.h"
+ #include "pasn/pasn_common.h"
++#include "ubus.h"
+ 
+ extern const char *const wpa_supplicant_version;
+ extern const char *const wpa_supplicant_license;
+@@ -319,6 +320,8 @@ struct wpa_global {
+ #endif /* CONFIG_WIFI_DISPLAY */
+ 
+ 	struct psk_list_entry *add_psk; /* From group formation */
++
++	struct ubus_object ubus_global;
+ };
+ 
+ 
+@@ -685,6 +688,7 @@ struct wpa_supplicant {
+ 	unsigned char own_addr[ETH_ALEN];
+ 	unsigned char perm_addr[ETH_ALEN];
+ 	char ifname[100];
++	struct wpas_ubus_bss ubus;
+ #ifdef CONFIG_MATCH_IFACE
+ 	int matched;
+ #endif /* CONFIG_MATCH_IFACE */
+--- a/wpa_supplicant/wps_supplicant.c
++++ b/wpa_supplicant/wps_supplicant.c
+@@ -33,6 +33,7 @@
+ #include "p2p/p2p.h"
+ #include "p2p_supplicant.h"
+ #include "wps_supplicant.h"
++#include "ubus.h"
+ 
+ 
+ #ifndef WPS_PIN_SCAN_IGNORE_SEL_REG
+@@ -402,6 +403,8 @@ static int wpa_supplicant_wps_cred(void
+ 	wpa_hexdump_key(MSG_DEBUG, "WPS: Received Credential attribute",
+ 			cred->cred_attr, cred->cred_attr_len);
+ 
++	wpas_ubus_notify(wpa_s, cred);
++
+ 	if (wpa_s->conf->wps_cred_processing == 1)
+ 		return 0;
+ 
+--- a/wpa_supplicant/main.c
++++ b/wpa_supplicant/main.c
+@@ -203,7 +203,7 @@ int main(int argc, char *argv[])
+ 
+ 	for (;;) {
+ 		c = getopt(argc, argv,
+-			   "b:Bc:C:D:de:f:g:G:hi:I:KLMm:No:O:p:P:qsTtuv::W");
++			   "b:Bc:C:D:de:f:g:G:hi:I:KLMm:nNo:O:p:P:qsTtuv::W");
+ 		if (c < 0)
+ 			break;
+ 		switch (c) {
+@@ -268,6 +268,9 @@ int main(int argc, char *argv[])
+ 			params.conf_p2p_dev = optarg;
+ 			break;
+ #endif /* CONFIG_P2P */
++		case 'n':
++			iface_count = 0;
++			break;
+ 		case 'o':
+ 			params.override_driver = optarg;
+ 			break;
+--- a/src/ap/rrm.c
++++ b/src/ap/rrm.c
+@@ -89,6 +89,9 @@ static void hostapd_handle_beacon_report
+ 		return;
+ 	wpa_msg(hapd->msg_ctx, MSG_INFO, BEACON_RESP_RX MACSTR " %u %02x %s",
+ 		MAC2STR(addr), token, rep_mode, report);
++	if (len < sizeof(struct rrm_measurement_beacon_report))
++		return;
++	hostapd_ubus_notify_beacon_report(hapd, addr, token, rep_mode, (struct rrm_measurement_beacon_report*) pos, len);
+ }
+ 
+ 
+--- a/src/ap/vlan_init.c
++++ b/src/ap/vlan_init.c
+@@ -22,6 +22,7 @@
+ static int vlan_if_add(struct hostapd_data *hapd, struct hostapd_vlan *vlan,
+ 		       int existsok)
+ {
++	bool vlan_exists = iface_exists(vlan->ifname);
+ 	int ret;
+ #ifdef CONFIG_WEP
+ 	int i;
+@@ -36,7 +37,7 @@ static int vlan_if_add(struct hostapd_da
+ 	}
+ #endif /* CONFIG_WEP */
+ 
+-	if (!iface_exists(vlan->ifname))
++	if (!vlan_exists)
+ 		ret = hostapd_vlan_if_add(hapd, vlan->ifname);
+ 	else if (!existsok)
+ 		return -1;
+@@ -51,6 +52,9 @@ static int vlan_if_add(struct hostapd_da
+ 	if (hapd->wpa_auth)
+ 		ret = wpa_auth_ensure_group(hapd->wpa_auth, vlan->vlan_id);
+ 
++	if (!ret && !vlan_exists)
++		hostapd_ubus_add_vlan(hapd, vlan);
++
+ 	if (ret == 0)
+ 		return ret;
+ 
+@@ -77,6 +81,8 @@ int vlan_if_remove(struct hostapd_data *
+ 			   "WPA deinitialization for VLAN %d failed (%d)",
+ 			   vlan->vlan_id, ret);
+ 
++	hostapd_ubus_remove_vlan(hapd, vlan);
++
+ 	return hostapd_vlan_if_remove(hapd, vlan->ifname);
+ }
+ 
+--- a/src/ap/dfs.c
++++ b/src/ap/dfs.c
+@@ -1216,6 +1216,8 @@ int hostapd_dfs_pre_cac_expired(struct h
+ 		"freq=%d ht_enabled=%d chan_offset=%d chan_width=%d cf1=%d cf2=%d",
+ 		freq, ht_enabled, chan_offset, chan_width, cf1, cf2);
+ 
++	hostapd_ubus_notify_radar_detected(iface, freq, chan_width, cf1, cf2);
++
+ 	/* Proceed only if DFS is not offloaded to the driver */
+ 	if (iface->drv_flags & WPA_DRIVER_FLAGS_DFS_OFFLOAD)
+ 		return 0;
+--- a/src/ap/airtime_policy.c
++++ b/src/ap/airtime_policy.c
+@@ -112,8 +112,14 @@ static void set_sta_weights(struct hosta
+ {
+ 	struct sta_info *sta;
+ 
+-	for (sta = hapd->sta_list; sta; sta = sta->next)
+-		sta_set_airtime_weight(hapd, sta, weight);
++	for (sta = hapd->sta_list; sta; sta = sta->next) {
++		unsigned int sta_weight = weight;
++
++		if (sta->dyn_airtime_weight)
++			sta_weight = (weight * sta->dyn_airtime_weight) / 256;
++
++		sta_set_airtime_weight(hapd, sta, sta_weight);
++	}
+ }
+ 
+ 
+@@ -244,7 +250,10 @@ int airtime_policy_new_sta(struct hostap
+ 	unsigned int weight;
+ 
+ 	if (hapd->iconf->airtime_mode == AIRTIME_MODE_STATIC) {
+-		weight = get_weight_for_sta(hapd, sta->addr);
++		if (sta->dyn_airtime_weight)
++			weight = sta->dyn_airtime_weight;
++		else
++			weight = get_weight_for_sta(hapd, sta->addr);
+ 		if (weight)
+ 			return sta_set_airtime_weight(hapd, sta, weight);
+ 	}
+--- a/src/ap/sta_info.h
++++ b/src/ap/sta_info.h
+@@ -322,6 +322,7 @@ struct sta_info {
+ #endif /* CONFIG_TESTING_OPTIONS */
+ #ifdef CONFIG_AIRTIME_POLICY
+ 	unsigned int airtime_weight;
++	unsigned int dyn_airtime_weight;
+ 	struct os_reltime backlogged_until;
+ #endif /* CONFIG_AIRTIME_POLICY */
+ 
+--- a/src/ap/wnm_ap.c
++++ b/src/ap/wnm_ap.c
+@@ -455,7 +455,8 @@ static void ieee802_11_rx_bss_trans_mgmt
+ 		MAC2STR(addr), reason, hex ? " neighbor=" : "", hex);
+ 	os_free(hex);
+ 
+-	ieee802_11_send_bss_trans_mgmt_request(hapd, addr, dialog_token);
++	if (!hostapd_ubus_notify_bss_transition_query(hapd, addr, dialog_token, reason, pos, end - pos))
++		ieee802_11_send_bss_trans_mgmt_request(hapd, addr, dialog_token);
+ }
+ 
+ 
+@@ -477,7 +478,7 @@ static void ieee802_11_rx_bss_trans_mgmt
+ 					      size_t len)
+ {
+ 	u8 dialog_token, status_code, bss_termination_delay;
+-	const u8 *pos, *end;
++	const u8 *pos, *end, *target_bssid = NULL;
+ 	int enabled = hapd->conf->bss_transition;
+ 	struct sta_info *sta;
+ 
+@@ -524,6 +525,7 @@ static void ieee802_11_rx_bss_trans_mgmt
+ 			wpa_printf(MSG_DEBUG, "WNM: not enough room for Target BSSID field");
+ 			return;
+ 		}
++		target_bssid = pos;
+ 		sta->agreed_to_steer = 1;
+ 		eloop_cancel_timeout(ap_sta_reset_steer_flag_timer, hapd, sta);
+ 		eloop_register_timeout(2, 0, ap_sta_reset_steer_flag_timer,
+@@ -543,6 +545,10 @@ static void ieee802_11_rx_bss_trans_mgmt
+ 			MAC2STR(addr), status_code, bss_termination_delay);
+ 	}
+ 
++	hostapd_ubus_notify_bss_transition_response(hapd, sta->addr, dialog_token,
++						    status_code, bss_termination_delay,
++						    target_bssid, pos, end - pos);
++
+ 	wpa_hexdump(MSG_DEBUG, "WNM: BSS Transition Candidate List Entries",
+ 		    pos, end - pos);
+ }
+--- a/src/utils/eloop.c
++++ b/src/utils/eloop.c
+@@ -77,6 +77,9 @@ struct eloop_sock_table {
+ struct eloop_data {
+ 	int max_sock;
+ 
++	eloop_timeout_poll_handler timeout_poll_cb;
++	eloop_poll_handler poll_cb;
++
+ 	size_t count; /* sum of all table counts */
+ #ifdef CONFIG_ELOOP_POLL
+ 	size_t max_pollfd_map; /* number of pollfds_map currently allocated */
+@@ -1121,6 +1124,12 @@ void eloop_run(void)
+ 				os_reltime_sub(&timeout->time, &now, &tv);
+ 			else
+ 				tv.sec = tv.usec = 0;
++		}
++
++		if (eloop.timeout_poll_cb && eloop.timeout_poll_cb(&tv, !!timeout))
++			timeout = (void *)1;
++
++		if (timeout) {
+ #if defined(CONFIG_ELOOP_POLL) || defined(CONFIG_ELOOP_EPOLL)
+ 			timeout_ms = tv.sec * 1000 + tv.usec / 1000;
+ #endif /* defined(CONFIG_ELOOP_POLL) || defined(CONFIG_ELOOP_EPOLL) */
+@@ -1190,7 +1199,8 @@ void eloop_run(void)
+ 		eloop.exceptions.changed = 0;
+ 
+ 		eloop_process_pending_signals();
+-
++		if (eloop.poll_cb)
++			eloop.poll_cb();
+ 
+ 		/* check if some registered timeouts have occurred */
+ 		timeout = dl_list_first(&eloop.timeout, struct eloop_timeout,
+@@ -1252,6 +1262,14 @@ out:
+ 	return;
+ }
+ 
++int eloop_register_cb(eloop_poll_handler poll_cb,
++		      eloop_timeout_poll_handler timeout_cb)
++{
++	eloop.poll_cb = poll_cb;
++	eloop.timeout_poll_cb = timeout_cb;
++
++	return 0;
++}
+ 
+ void eloop_terminate(void)
+ {
+--- a/src/utils/eloop.h
++++ b/src/utils/eloop.h
+@@ -65,6 +65,9 @@ typedef void (*eloop_timeout_handler)(vo
+  */
+ typedef void (*eloop_signal_handler)(int sig, void *signal_ctx);
+ 
++typedef bool (*eloop_timeout_poll_handler)(struct os_reltime *tv, bool tv_set);
++typedef void (*eloop_poll_handler)(void);
++
+ /**
+  * eloop_init() - Initialize global event loop data
+  * Returns: 0 on success, -1 on failure
+@@ -73,6 +76,9 @@ typedef void (*eloop_signal_handler)(int
+  */
+ int eloop_init(void);
+ 
++int eloop_register_cb(eloop_poll_handler poll_cb,
++		      eloop_timeout_poll_handler timeout_cb);
++
+ /**
+  * eloop_register_read_sock - Register handler for read events
+  * @sock: File descriptor number for the socket
+@@ -320,6 +326,8 @@ int eloop_register_signal_reconfig(eloop
+  */
+ int eloop_sock_requeue(void);
+ 
++void eloop_add_uloop(void);
++
+ /**
+  * eloop_run - Start the event loop
+  *
+--- /dev/null
++++ b/src/utils/uloop.c
+@@ -0,0 +1,64 @@
++#include <libubox/uloop.h>
++#include "includes.h"
++#include "common.h"
++#include "eloop.h"
++
++static void eloop_uloop_event_cb(int sock, void *eloop_ctx, void *sock_ctx)
++{
++}
++
++static void eloop_uloop_fd_cb(struct uloop_fd *fd, unsigned int events)
++{
++	unsigned int changed = events ^ fd->flags;
++
++	if (changed & ULOOP_READ) {
++		if (events & ULOOP_READ)
++			eloop_register_sock(fd->fd, EVENT_TYPE_READ, eloop_uloop_event_cb, fd, fd);
++		else
++			eloop_unregister_sock(fd->fd, EVENT_TYPE_READ);
++	}
++
++	if (changed & ULOOP_WRITE) {
++		if (events & ULOOP_WRITE)
++			eloop_register_sock(fd->fd, EVENT_TYPE_WRITE, eloop_uloop_event_cb, fd, fd);
++		else
++			eloop_unregister_sock(fd->fd, EVENT_TYPE_WRITE);
++	}
++}
++
++static bool uloop_timeout_poll_handler(struct os_reltime *tv, bool tv_set)
++{
++	struct os_reltime tv_uloop;
++	int timeout_ms = uloop_get_next_timeout();
++
++	if (timeout_ms < 0)
++		return false;
++
++	tv_uloop.sec = timeout_ms / 1000;
++	tv_uloop.usec = (timeout_ms % 1000) * 1000;
++
++	if (!tv_set || os_reltime_before(&tv_uloop, tv)) {
++		*tv = tv_uloop;
++		return true;
++	}
++
++	return false;
++}
++
++static void uloop_poll_handler(void)
++{
++	uloop_run_timeout(0);
++}
++
++void eloop_add_uloop(void)
++{
++	static bool init_done = false;
++
++	if (!init_done) {
++		uloop_init();
++		uloop_fd_set_cb = eloop_uloop_fd_cb;
++		init_done = true;
++	}
++
++	eloop_register_cb(uloop_poll_handler, uloop_timeout_poll_handler);
++}

feeds/hostapd/hostapd/patches/601-ucode_support.patch

@@ -0,0 +1,723 @@
+--- a/hostapd/Makefile
++++ b/hostapd/Makefile
+@@ -168,9 +168,21 @@ OBJS += ../src/eapol_auth/eapol_auth_sm.
+ 
+ ifdef CONFIG_UBUS
+ CFLAGS += -DUBUS_SUPPORT
+-OBJS += ../src/utils/uloop.o
+ OBJS += ../src/ap/ubus.o
+-LIBS += -lubox -lubus
++LIBS += -lubus
++NEED_ULOOP:=y
++endif
++
++ifdef CONFIG_UCODE
++CFLAGS += -DUCODE_SUPPORT
++OBJS += ../src/utils/ucode.o
++OBJS += ../src/ap/ucode.o
++NEED_ULOOP:=y
++endif
++
++ifdef NEED_ULOOP
++OBJS += ../src/utils/uloop.o
++LIBS += -lubox
+ endif
+ 
+ ifdef CONFIG_CODE_COVERAGE
+--- a/hostapd/main.c
++++ b/hostapd/main.c
+@@ -1007,6 +1007,7 @@ int main(int argc, char *argv[])
+ 	}
+ 
+ 	hostapd_global_ctrl_iface_init(&interfaces);
++	hostapd_ucode_init(&interfaces);
+ 
+ 	if (hostapd_global_run(&interfaces, daemonize, pid_file)) {
+ 		wpa_printf(MSG_ERROR, "Failed to start eloop");
+@@ -1016,6 +1017,7 @@ int main(int argc, char *argv[])
+ 	ret = 0;
+ 
+  out:
++	hostapd_ucode_free();
+ 	hostapd_global_ctrl_iface_deinit(&interfaces);
+ 	/* Deinitialize all interfaces */
+ 	for (i = 0; i < interfaces.count; i++) {
+--- a/src/ap/hostapd.h
++++ b/src/ap/hostapd.h
+@@ -19,6 +19,7 @@
+ #include "ap_config.h"
+ #include "drivers/driver.h"
+ #include "ubus.h"
++#include "ucode.h"
+ 
+ #define OCE_STA_CFON_ENABLED(hapd) \
+ 	((hapd->conf->oce & OCE_STA_CFON) && \
+@@ -51,6 +52,10 @@ struct hapd_interfaces {
+ 	struct hostapd_config * (*config_read_cb)(const char *config_fname);
+ 	int (*ctrl_iface_init)(struct hostapd_data *hapd);
+ 	void (*ctrl_iface_deinit)(struct hostapd_data *hapd);
++	int (*ctrl_iface_recv)(struct hostapd_data *hapd,
++			       char *buf, char *reply, int reply_size,
++			       struct sockaddr_storage *from,
++			       socklen_t fromlen);
+ 	int (*for_each_interface)(struct hapd_interfaces *interfaces,
+ 				  int (*cb)(struct hostapd_iface *iface,
+ 					    void *ctx), void *ctx);
+@@ -186,6 +191,7 @@ struct hostapd_data {
+ 	struct hostapd_config *iconf;
+ 	struct hostapd_bss_config *conf;
+ 	struct hostapd_ubus_bss ubus;
++	struct hostapd_ucode_bss ucode;
+ 	int interface_added; /* virtual interface added for this BSS */
+ 	unsigned int started:1;
+ 	unsigned int disabled:1;
+@@ -506,6 +512,7 @@ struct hostapd_sta_info {
+  */
+ struct hostapd_iface {
+ 	struct hapd_interfaces *interfaces;
++	struct hostapd_ucode_iface ucode;
+ 	void *owner;
+ 	char *config_fname;
+ 	struct hostapd_config *conf;
+@@ -706,6 +713,8 @@ struct hostapd_iface * hostapd_init(stru
+ struct hostapd_iface *
+ hostapd_interface_init_bss(struct hapd_interfaces *interfaces, const char *phy,
+ 			   const char *config_fname, int debug);
++int hostapd_setup_bss(struct hostapd_data *hapd, int first, bool start_beacon);
++void hostapd_bss_deinit(struct hostapd_data *hapd);
+ void hostapd_new_assoc_sta(struct hostapd_data *hapd, struct sta_info *sta,
+ 			   int reassoc);
+ void hostapd_interface_deinit_free(struct hostapd_iface *iface);
+@@ -732,6 +741,7 @@ hostapd_switch_channel_fallback(struct h
+ void hostapd_cleanup_cs_params(struct hostapd_data *hapd);
+ void hostapd_periodic_iface(struct hostapd_iface *iface);
+ int hostapd_owe_trans_get_info(struct hostapd_data *hapd);
++void hostapd_owe_update_trans(struct hostapd_iface *iface);
+ void hostapd_ocv_check_csa_sa_query(void *eloop_ctx, void *timeout_ctx);
+ 
+ void hostapd_switch_color(struct hostapd_data *hapd, u64 bitmap);
+--- a/src/ap/hostapd.c
++++ b/src/ap/hostapd.c
+@@ -252,6 +252,8 @@ int hostapd_reload_config(struct hostapd
+ 	struct hostapd_config *newconf, *oldconf;
+ 	size_t j;
+ 
++	hostapd_ucode_reload_bss(hapd);
++
+ 	if (iface->config_fname == NULL) {
+ 		/* Only in-memory config in use - assume it has been updated */
+ 		hostapd_clear_old(iface);
+@@ -435,6 +437,7 @@ void hostapd_free_hapd_data(struct hosta
+ 	hapd->beacon_set_done = 0;
+ 
+ 	wpa_printf(MSG_DEBUG, "%s(%s)", __func__, hapd->conf->iface);
++	hostapd_ucode_free_bss(hapd);
+ 	hostapd_ubus_free_bss(hapd);
+ 	accounting_deinit(hapd);
+ 	hostapd_deinit_wpa(hapd);
+@@ -538,7 +541,7 @@ void hostapd_free_hapd_data(struct hosta
+  * Most of the modules that are initialized in hostapd_setup_bss() are
+  * deinitialized here.
+  */
+-static void hostapd_cleanup(struct hostapd_data *hapd)
++void hostapd_cleanup(struct hostapd_data *hapd)
+ {
+ 	wpa_printf(MSG_DEBUG, "%s(hapd=%p (%s))", __func__, hapd,
+ 		   hapd->conf ? hapd->conf->iface : "N/A");
+@@ -600,6 +603,7 @@ void hostapd_cleanup_iface_partial(struc
+ static void hostapd_cleanup_iface(struct hostapd_iface *iface)
+ {
+ 	wpa_printf(MSG_DEBUG, "%s(%p)", __func__, iface);
++	hostapd_ucode_free_iface(iface);
+ 	eloop_cancel_timeout(hostapd_interface_setup_failure_handler, iface,
+ 			     NULL);
+ 
+@@ -1189,6 +1193,7 @@ static int hostapd_start_beacon(struct h
+ 		hapd->driver->set_operstate(hapd->drv_priv, 1);
+ 
+ 	hostapd_ubus_add_bss(hapd);
++	hostapd_ucode_add_bss(hapd);
+ 
+ 	return 0;
+ }
+@@ -1211,7 +1216,7 @@ static int hostapd_start_beacon(struct h
+  * initialized. Most of the modules that are initialized here will be
+  * deinitialized in hostapd_cleanup().
+  */
+-static int hostapd_setup_bss(struct hostapd_data *hapd, int first,
++int hostapd_setup_bss(struct hostapd_data *hapd, int first,
+ 			     bool start_beacon)
+ {
+ 	struct hostapd_bss_config *conf = hapd->conf;
+@@ -2237,7 +2242,7 @@ static int hostapd_owe_iface_iter2(struc
+ #endif /* CONFIG_OWE */
+ 
+ 
+-static void hostapd_owe_update_trans(struct hostapd_iface *iface)
++void hostapd_owe_update_trans(struct hostapd_iface *iface)
+ {
+ #ifdef CONFIG_OWE
+ 	/* Check whether the enabled BSS can complete OWE transition mode
+@@ -2698,7 +2703,7 @@ hostapd_alloc_bss_data(struct hostapd_if
+ }
+ 
+ 
+-static void hostapd_bss_deinit(struct hostapd_data *hapd)
++void hostapd_bss_deinit(struct hostapd_data *hapd)
+ {
+ 	if (!hapd)
+ 		return;
+@@ -3491,7 +3496,8 @@ int hostapd_remove_iface(struct hapd_int
+ 		hapd_iface = interfaces->iface[i];
+ 		if (hapd_iface == NULL)
+ 			return -1;
+-		if (!os_strcmp(hapd_iface->conf->bss[0]->iface, buf)) {
++		if (!os_strcmp(hapd_iface->phy, buf) ||
++		    !os_strcmp(hapd_iface->conf->bss[0]->iface, buf)) {
+ 			wpa_printf(MSG_INFO, "Remove interface '%s'", buf);
+ 			hapd_iface->driver_ap_teardown =
+ 				!!(hapd_iface->drv_flags &
+--- a/wpa_supplicant/Makefile
++++ b/wpa_supplicant/Makefile
+@@ -195,8 +195,20 @@ endif
+ ifdef CONFIG_UBUS
+ CFLAGS += -DUBUS_SUPPORT
+ OBJS += ubus.o
++LIBS += -lubus
++NEED_ULOOP:=y
++endif
++
++ifdef CONFIG_UCODE
++CFLAGS += -DUCODE_SUPPORT
++OBJS += ../src/utils/ucode.o
++OBJS += ucode.o
++NEED_ULOOP:=y
++endif
++
++ifdef NEED_ULOOP
+ OBJS += ../src/utils/uloop.o
+-LIBS += -lubox -lubus
++LIBS += -lubox
+ endif
+ 
+ ifdef CONFIG_CODE_COVERAGE
+@@ -997,6 +1009,9 @@ OBJS += ../src/ap/ctrl_iface_ap.o
+ ifdef CONFIG_UBUS
+ OBJS += ../src/ap/ubus.o
+ endif
++ifdef CONFIG_UCODE
++OBJS += ../src/ap/ucode.o
++endif
+ endif
+ 
+ CFLAGS += -DEAP_SERVER -DEAP_SERVER_IDENTITY
+--- a/wpa_supplicant/wpa_supplicant.c
++++ b/wpa_supplicant/wpa_supplicant.c
+@@ -1044,6 +1044,7 @@ void wpa_supplicant_set_state(struct wpa
+ 		sme_sched_obss_scan(wpa_s, 0);
+ 	}
+ 	wpa_s->wpa_state = state;
++	wpas_ucode_update_state(wpa_s);
+ 
+ #ifdef CONFIG_BGSCAN
+ 	if (state == WPA_COMPLETED && wpa_s->current_ssid != wpa_s->bgscan_ssid)
+@@ -7594,6 +7595,7 @@ struct wpa_supplicant * wpa_supplicant_a
+ #endif /* CONFIG_P2P */
+ 
+ 	wpas_ubus_add_bss(wpa_s);
++	wpas_ucode_add_bss(wpa_s);
+ 
+ 	return wpa_s;
+ }
+@@ -7621,6 +7623,7 @@ int wpa_supplicant_remove_iface(struct w
+ 	struct wpa_supplicant *parent = wpa_s->parent;
+ #endif /* CONFIG_MESH */
+ 
++	wpas_ucode_free_bss(wpa_s);
+ 	wpas_ubus_free_bss(wpa_s);
+ 
+ 	/* Remove interface from the global list of interfaces */
+@@ -7931,6 +7934,7 @@ struct wpa_global * wpa_supplicant_init(
+ 
+ 	eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
+ 			       wpas_periodic, global, NULL);
++	wpas_ucode_init(global);
+ 
+ 	return global;
+ }
+@@ -7969,12 +7973,8 @@ int wpa_supplicant_run(struct wpa_global
+ 	eloop_register_signal_terminate(wpa_supplicant_terminate, global);
+ 	eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
+ 
+-	wpas_ubus_add(global);
+-
+ 	eloop_run();
+ 
+-	wpas_ubus_free(global);
+-
+ 	return 0;
+ }
+ 
+@@ -8007,6 +8007,8 @@ void wpa_supplicant_deinit(struct wpa_gl
+ 
+ 	wpas_notify_supplicant_deinitialized(global);
+ 
++	wpas_ucode_free();
++
+ 	eap_peer_unregister_methods();
+ #ifdef CONFIG_AP
+ 	eap_server_unregister_methods();
+--- a/wpa_supplicant/wpa_supplicant_i.h
++++ b/wpa_supplicant/wpa_supplicant_i.h
+@@ -22,6 +22,7 @@
+ #include "wmm_ac.h"
+ #include "pasn/pasn_common.h"
+ #include "ubus.h"
++#include "ucode.h"
+ 
+ extern const char *const wpa_supplicant_version;
+ extern const char *const wpa_supplicant_license;
+@@ -689,6 +690,7 @@ struct wpa_supplicant {
+ 	unsigned char perm_addr[ETH_ALEN];
+ 	char ifname[100];
+ 	struct wpas_ubus_bss ubus;
++	struct wpas_ucode_bss ucode;
+ #ifdef CONFIG_MATCH_IFACE
+ 	int matched;
+ #endif /* CONFIG_MATCH_IFACE */
+--- a/hostapd/ctrl_iface.c
++++ b/hostapd/ctrl_iface.c
+@@ -4856,6 +4856,7 @@ try_again:
+ 		return -1;
+ 	}
+ 
++	interface->ctrl_iface_recv = hostapd_ctrl_iface_receive_process;
+ 	wpa_msg_register_cb(hostapd_ctrl_iface_msg_cb);
+ 
+ 	return 0;
+@@ -4957,6 +4958,7 @@ fail:
+ 	os_free(fname);
+ 
+ 	interface->global_ctrl_sock = s;
++	interface->ctrl_iface_recv = hostapd_ctrl_iface_receive_process;
+ 	eloop_register_read_sock(s, hostapd_global_ctrl_iface_receive,
+ 				 interface, NULL);
+ 
+--- a/src/drivers/driver.h
++++ b/src/drivers/driver.h
+@@ -3787,6 +3787,25 @@ struct wpa_driver_ops {
+ 			 const char *ifname);
+ 
+ 	/**
++	 * if_rename - Rename a virtual interface
++	 * @priv: Private driver interface data
++	 * @type: Interface type
++	 * @ifname: Interface name of the virtual interface to be renamed
++	 *	    (NULL when renaming the AP BSS interface)
++	 * @new_name: New interface name of the virtual interface
++	 * Returns: 0 on success, -1 on failure
++	 */
++	int (*if_rename)(void *priv, enum wpa_driver_if_type type,
++			 const char *ifname, const char *new_name);
++
++	/**
++	 * set_first_bss - Make a virtual interface the first (primary) bss
++	 * @priv: Private driver interface data
++	 * Returns: 0 on success, -1 on failure
++	 */
++	int (*set_first_bss)(void *priv);
++
++	/**
+ 	 * set_sta_vlan - Bind a station into a specific interface (AP only)
+ 	 * @priv: Private driver interface data
+ 	 * @ifname: Interface (main or virtual BSS or VLAN)
+@@ -6440,6 +6459,7 @@ union wpa_event_data {
+ 
+ 	/**
+ 	 * struct ch_switch
++	 * @count: Count until channel switch activates
+ 	 * @freq: Frequency of new channel in MHz
+ 	 * @ht_enabled: Whether this is an HT channel
+ 	 * @ch_offset: Secondary channel offset
+@@ -6450,6 +6470,7 @@ union wpa_event_data {
+ 	 * @punct_bitmap: Puncturing bitmap
+ 	 */
+ 	struct ch_switch {
++		int count;
+ 		int freq;
+ 		int ht_enabled;
+ 		int ch_offset;
+--- a/src/drivers/driver_nl80211_event.c
++++ b/src/drivers/driver_nl80211_event.c
+@@ -1202,6 +1202,7 @@ static void mlme_event_ch_switch(struct
+ 				 struct nlattr *bw, struct nlattr *cf1,
+ 				 struct nlattr *cf2,
+ 				 struct nlattr *punct_bitmap,
++				 struct nlattr *count,
+ 				 int finished)
+ {
+ 	struct i802_bss *bss;
+@@ -1265,6 +1266,8 @@ static void mlme_event_ch_switch(struct
+ 		data.ch_switch.cf1 = nla_get_u32(cf1);
+ 	if (cf2)
+ 		data.ch_switch.cf2 = nla_get_u32(cf2);
++	if (count)
++		data.ch_switch.count = nla_get_u32(count);
+ 
+ 	if (finished)
+ 		bss->flink->freq = data.ch_switch.freq;
+@@ -3912,6 +3915,7 @@ static void do_process_drv_event(struct
+ 				     tb[NL80211_ATTR_CENTER_FREQ1],
+ 				     tb[NL80211_ATTR_CENTER_FREQ2],
+ 				     tb[NL80211_ATTR_PUNCT_BITMAP],
++				     tb[NL80211_ATTR_CH_SWITCH_COUNT],
+ 				     0);
+ 		break;
+ 	case NL80211_CMD_CH_SWITCH_NOTIFY:
+@@ -3924,6 +3928,7 @@ static void do_process_drv_event(struct
+ 				     tb[NL80211_ATTR_CENTER_FREQ1],
+ 				     tb[NL80211_ATTR_CENTER_FREQ2],
+ 				     tb[NL80211_ATTR_PUNCT_BITMAP],
++					 NULL,
+ 				     1);
+ 		break;
+ 	case NL80211_CMD_DISCONNECT:
+--- a/wpa_supplicant/events.c
++++ b/wpa_supplicant/events.c
+@@ -5389,6 +5389,7 @@ void supplicant_event(void *ctx, enum wp
+ 		event_to_string(event), event);
+ #endif /* CONFIG_NO_STDOUT_DEBUG */
+ 
++	wpas_ucode_event(wpa_s, event, data);
+ 	switch (event) {
+ 	case EVENT_AUTH:
+ #ifdef CONFIG_FST
+--- a/src/ap/ap_drv_ops.h
++++ b/src/ap/ap_drv_ops.h
+@@ -393,6 +393,23 @@ static inline int hostapd_drv_stop_ap(st
+ 	return hapd->driver->stop_ap(hapd->drv_priv);
+ }
+ 
++static inline int hostapd_drv_if_rename(struct hostapd_data *hapd,
++					enum wpa_driver_if_type type,
++					const char *ifname,
++					const char *new_name)
++{
++	if (!hapd->driver || !hapd->driver->if_rename || !hapd->drv_priv)
++		return -1;
++	return hapd->driver->if_rename(hapd->drv_priv, type, ifname, new_name);
++}
++
++static inline int hostapd_drv_set_first_bss(struct hostapd_data *hapd)
++{
++	if (!hapd->driver || !hapd->driver->set_first_bss || !hapd->drv_priv)
++		return 0;
++	return hapd->driver->set_first_bss(hapd->drv_priv);
++}
++
+ static inline int hostapd_drv_channel_info(struct hostapd_data *hapd,
+ 					   struct wpa_channel_info *ci)
+ {
+--- a/src/drivers/driver_nl80211.c
++++ b/src/drivers/driver_nl80211.c
+@@ -1333,7 +1333,7 @@ static void wpa_driver_nl80211_event_rtm
+ 		}
+ 		wpa_printf(MSG_DEBUG, "nl80211: Interface down (%s/%s)",
+ 			   namebuf, ifname);
+-		if (os_strcmp(drv->first_bss->ifname, ifname) != 0) {
++		if (drv->first_bss->ifindex != ifi->ifi_index) {
+ 			wpa_printf(MSG_DEBUG,
+ 				   "nl80211: Not the main interface (%s) - do not indicate interface down",
+ 				   drv->first_bss->ifname);
+@@ -1369,7 +1369,7 @@ static void wpa_driver_nl80211_event_rtm
+ 		}
+ 		wpa_printf(MSG_DEBUG, "nl80211: Interface up (%s/%s)",
+ 			   namebuf, ifname);
+-		if (os_strcmp(drv->first_bss->ifname, ifname) != 0) {
++		if (drv->first_bss->ifindex != ifi->ifi_index) {
+ 			wpa_printf(MSG_DEBUG,
+ 				   "nl80211: Not the main interface (%s) - do not indicate interface up",
+ 				   drv->first_bss->ifname);
+@@ -8432,6 +8432,7 @@ static void *i802_init(struct hostapd_da
+ 	char master_ifname[IFNAMSIZ];
+ 	int ifindex, br_ifindex = 0;
+ 	int br_added = 0;
++	int err;
+ 
+ 	bss = wpa_driver_nl80211_drv_init(hapd, params->ifname,
+ 					  params->global_priv, 1,
+@@ -8491,21 +8492,17 @@ static void *i802_init(struct hostapd_da
+ 	    (params->num_bridge == 0 || !params->bridge[0]))
+ 		add_ifidx(drv, br_ifindex, drv->ifindex);
+ 
+-	if (bss->added_if_into_bridge || bss->already_in_bridge) {
+-		int err;
+-
+-		drv->rtnl_sk = nl_socket_alloc();
+-		if (drv->rtnl_sk == NULL) {
+-			wpa_printf(MSG_ERROR, "nl80211: Failed to allocate nl_sock");
+-			goto failed;
+-		}
++	drv->rtnl_sk = nl_socket_alloc();
++	if (drv->rtnl_sk == NULL) {
++		wpa_printf(MSG_ERROR, "nl80211: Failed to allocate nl_sock");
++		goto failed;
++	}
+ 
+-		err = nl_connect(drv->rtnl_sk, NETLINK_ROUTE);
+-		if (err) {
+-			wpa_printf(MSG_ERROR, "nl80211: Failed to connect nl_sock to NETLINK_ROUTE: %s",
+-				   nl_geterror(err));
+-			goto failed;
+-		}
++	err = nl_connect(drv->rtnl_sk, NETLINK_ROUTE);
++	if (err) {
++		wpa_printf(MSG_ERROR, "nl80211: Failed to connect nl_sock to NETLINK_ROUTE: %s",
++			   nl_geterror(err));
++		goto failed;
+ 	}
+ 
+ 	if (drv->capa.flags2 & WPA_DRIVER_FLAGS2_CONTROL_PORT_RX) {
+@@ -8875,6 +8872,50 @@ static int wpa_driver_nl80211_if_remove(
+ 	return 0;
+ }
+ 
++static int wpa_driver_nl80211_if_rename(struct i802_bss *bss,
++					enum wpa_driver_if_type type,
++					const char *ifname, const char *new_name)
++{
++	struct wpa_driver_nl80211_data *drv = bss->drv;
++	struct ifinfomsg ifi = {
++		.ifi_family = AF_UNSPEC,
++		.ifi_index = bss->ifindex,
++	};
++	struct nl_msg *msg;
++	int res = -ENOMEM;
++
++	if (ifname)
++		ifi.ifi_index = if_nametoindex(ifname);
++
++	msg = nlmsg_alloc_simple(RTM_SETLINK, 0);
++	if (!msg)
++		return res;
++
++	if (nlmsg_append(msg, &ifi, sizeof(ifi), NLMSG_ALIGNTO) < 0)
++		goto out;
++
++	if (nla_put_string(msg, IFLA_IFNAME, new_name))
++		goto out;
++
++	res = nl_send_auto_complete(drv->rtnl_sk, msg);
++	if (res < 0)
++		goto out;
++
++	res = nl_wait_for_ack(drv->rtnl_sk);
++	if (res) {
++		wpa_printf(MSG_INFO,
++			   "nl80211: Renaming device %s to %s failed: %s",
++			   ifname ? ifname : bss->ifname, new_name, nl_geterror(res));
++		goto out;
++	}
++
++	if (type == WPA_IF_AP_BSS && !ifname)
++		os_strlcpy(bss->ifname, new_name, sizeof(bss->ifname));
++
++out:
++	nlmsg_free(msg);
++	return res;
++}
+ 
+ static int cookie_handler(struct nl_msg *msg, void *arg)
+ {
+@@ -10513,6 +10554,37 @@ static int driver_nl80211_if_remove(void
+ }
+ 
+ 
++static int driver_nl80211_if_rename(void *priv, enum wpa_driver_if_type type,
++				    const char *ifname, const char *new_name)
++{
++	struct i802_bss *bss = priv;
++	return wpa_driver_nl80211_if_rename(bss, type, ifname, new_name);
++}
++
++
++static int driver_nl80211_set_first_bss(void *priv)
++{
++	struct i802_bss *bss = priv, *tbss;
++	struct wpa_driver_nl80211_data *drv = bss->drv;
++
++	if (drv->first_bss == bss)
++		return 0;
++
++	for (tbss = drv->first_bss; tbss; tbss = tbss->next) {
++		if (tbss->next != bss)
++			continue;
++
++		tbss->next = bss->next;
++		bss->next = drv->first_bss;
++		drv->first_bss = bss;
++		drv->ctx = bss->ctx;
++		return 0;
++	}
++
++	return -1;
++}
++
++
+ static int driver_nl80211_send_mlme(void *priv, const u8 *data,
+ 				    size_t data_len, int noack,
+ 				    unsigned int freq,
+@@ -13697,6 +13769,8 @@ const struct wpa_driver_ops wpa_driver_n
+ 	.set_acl = wpa_driver_nl80211_set_acl,
+ 	.if_add = wpa_driver_nl80211_if_add,
+ 	.if_remove = driver_nl80211_if_remove,
++	.if_rename = driver_nl80211_if_rename,
++	.set_first_bss = driver_nl80211_set_first_bss,
+ 	.send_mlme = driver_nl80211_send_mlme,
+ 	.get_hw_feature_data = nl80211_get_hw_feature_data,
+ 	.sta_add = wpa_driver_nl80211_sta_add,
+--- a/src/ap/ieee802_11.c
++++ b/src/ap/ieee802_11.c
+@@ -547,11 +547,16 @@ static const char * sae_get_password(str
+ 				     struct sae_pt **s_pt,
+ 				     const struct sae_pk **s_pk)
+ {
++	struct hostapd_bss_config *conf = hapd->conf;
++	struct hostapd_ssid *ssid = &conf->ssid;
++	struct hostapd_sta_wpa_psk_short *psk;
+ 	const char *password = NULL;
+-	struct sae_password_entry *pw;
+-	struct sae_pt *pt = NULL;
+-	const struct sae_pk *pk = NULL;
+-	struct hostapd_sta_wpa_psk_short *psk = NULL;
++	struct sae_password_entry *pw = NULL;
++ 	struct sae_pt *pt = NULL;
++ 	const struct sae_pk *pk = NULL;
++ 
++	if (sta && sta->use_sta_psk)
++		goto use_sta_psk;
+ 
+ 	for (pw = hapd->conf->sae_passwords; pw; pw = pw->next) {
+ 		if (!is_broadcast_ether_addr(pw->peer_addr) &&
+@@ -582,6 +587,31 @@ static const char * sae_get_password(str
+ 		}
+ 	}
+ 
++use_sta_psk:
++	if (!password && sta) {
++		for (psk = sta->psk; psk; psk = psk->next) {
++			if (!psk->is_passphrase)
++				continue;
++
++			password = psk->passphrase;
++			if (!sta->use_sta_psk)
++				break;
++
++			if (sta->sae_pt) {
++				pt = sta->sae_pt;
++				break;
++			}
++
++			pt = sae_derive_pt(conf->sae_groups, ssid->ssid,
++					   ssid->ssid_len,
++					   (const u8 *) password,
++					   os_strlen(password),
++					   NULL);
++			sta->sae_pt = pt;
++			break;
++		}
++	}
++
+ 	if (pw_entry)
+ 		*pw_entry = pw;
+ 	if (s_pt)
+@@ -3105,6 +3135,12 @@ static void handle_auth(struct hostapd_d
+ 		goto fail;
+ 	}
+ 
++	res = hostapd_ucode_sta_auth(hapd, sta);
++	if (res) {
++		resp = res;
++		goto fail;
++	}
++
+ 	sta->flags &= ~WLAN_STA_PREAUTH;
+ 	ieee802_1x_notify_pre_auth(sta->eapol_sm, 0);
+ 
+--- a/src/ap/sta_info.c
++++ b/src/ap/sta_info.c
+@@ -425,6 +425,9 @@ void ap_free_sta(struct hostapd_data *ha
+ 	forced_memzero(sta->last_tk, WPA_TK_MAX_LEN);
+ #endif /* CONFIG_TESTING_OPTIONS */
+ 
++	if (sta->sae_pt)
++		sae_deinit_pt(sta->sae_pt);
++
+ 	os_free(sta);
+ }
+ 
+@@ -1326,6 +1329,8 @@ void ap_sta_set_authorized(struct hostap
+ 		sta->flags &= ~WLAN_STA_AUTHORIZED;
+ 	}
+ 
++	if (authorized)
++		hostapd_ucode_sta_connected(hapd, sta);
+ #ifdef CONFIG_P2P
+ 	if (hapd->p2p_group == NULL) {
+ 		if (sta->p2p_ie != NULL &&
+--- a/src/ap/sta_info.h
++++ b/src/ap/sta_info.h
+@@ -198,6 +198,9 @@ struct sta_info {
+ 	int vlan_id_bound; /* updated by ap_sta_bind_vlan() */
+ 	 /* PSKs from RADIUS authentication server */
+ 	struct hostapd_sta_wpa_psk_short *psk;
++	struct sae_pt *sae_pt;
++	int use_sta_psk;
++	int psk_idx;
+ 
+ 	char *identity; /* User-Name from RADIUS */
+ 	char *radius_cui; /* Chargeable-User-Identity from RADIUS */
+--- a/src/ap/wpa_auth_glue.c
++++ b/src/ap/wpa_auth_glue.c
+@@ -341,6 +341,7 @@ static const u8 * hostapd_wpa_auth_get_p
+ 	struct sta_info *sta = ap_get_sta(hapd, addr);
+ 	const u8 *psk;
+ 
++	sta->psk_idx = 0;
+ 	if (vlan_id)
+ 		*vlan_id = 0;
+ 	if (psk_len)
+@@ -387,13 +388,18 @@ static const u8 * hostapd_wpa_auth_get_p
+ 	 * returned psk which should not be returned again.
+ 	 * logic list (all hostapd_get_psk; all sta->psk)
+ 	 */
++	if (sta && sta->use_sta_psk)
++		psk = NULL;
+ 	if (sta && sta->psk && !psk) {
+ 		struct hostapd_sta_wpa_psk_short *pos;
++		int psk_idx;
+ 
+ 		if (vlan_id)
+ 			*vlan_id = 0;
+ 		psk = sta->psk->psk;
++		sta->psk_idx = psk_idx = 1;
+ 		for (pos = sta->psk; pos; pos = pos->next) {
++			psk_idx++;
+ 			if (pos->is_passphrase) {
+ 				if (pbkdf2_sha1(pos->passphrase,
+ 						hapd->conf->ssid.ssid,
+@@ -406,10 +412,14 @@ static const u8 * hostapd_wpa_auth_get_p
+ 				pos->is_passphrase = 0;
+ 			}
+ 			if (pos->psk == prev_psk) {
++				sta->psk_idx = psk_idx;
+ 				psk = pos->next ? pos->next->psk : NULL;
+ 				break;
+ 			}
+ 		}
++
++		if (!psk)
++			sta->psk_idx = 0;
+ 	}
+ 	return psk;
+ }

feeds/hostapd/hostapd/patches/751-wispr-ft.patch

@@ -0,0 +1,539 @@
+--- a/src/ap/wpa_auth.h
++++ b/src/ap/wpa_auth.h
+@@ -16,7 +16,11 @@
+ 
+ struct vlan_description;
+ struct mld_info;
+-
++struct rate_description {
++	u32 rx;
++	u32 tx;
++};
++ 
+ #define MAX_OWN_IE_OVERRIDE 256
+ 
+ #ifdef _MSC_VER
+@@ -88,6 +92,7 @@ struct ft_rrb_frame {
+ #define FT_RRB_IDENTITY      15
+ #define FT_RRB_RADIUS_CUI    16
+ #define FT_RRB_SESSION_TIMEOUT  17 /* le32 seconds */
++#define FT_RRB_RATE_LIMIT	18
+ 
+ struct ft_rrb_tlv {
+ 	le16 type;
+@@ -368,6 +373,10 @@ struct wpa_auth_callbacks {
+ 			struct vlan_description *vlan);
+ 	int (*get_vlan)(void *ctx, const u8 *sta_addr,
+ 			struct vlan_description *vlan);
++	int (*set_rate_limit)(void *ctx, const u8 *sta_addr,
++			      struct rate_description *rate);
++	int (*get_rate_limit)(void *ctx, const u8 *sta_addr,
++			      struct rate_description *rate);
+ 	int (*set_identity)(void *ctx, const u8 *sta_addr,
+ 			    const u8 *identity, size_t identity_len);
+ 	size_t (*get_identity)(void *ctx, const u8 *sta_addr, const u8 **buf);
+@@ -536,7 +545,7 @@ int wpa_ft_fetch_pmk_r1(struct wpa_authe
+ 			struct vlan_description *vlan,
+ 			const u8 **identity, size_t *identity_len,
+ 			const u8 **radius_cui, size_t *radius_cui_len,
+-			int *session_timeout);
++			int *session_timeout, struct rate_description *rate);
+ 
+ #endif /* CONFIG_IEEE80211R_AP */
+ 
+--- a/src/ap/wpa_auth_glue.c
++++ b/src/ap/wpa_auth_glue.c
+@@ -1200,6 +1200,40 @@ static int hostapd_wpa_auth_get_vlan(voi
+ }
+ 
+ 
++static int hostapd_wpa_auth_set_rate_limit(void *ctx, const u8 *sta_addr,
++					   struct rate_description *rate)
++{
++	struct hostapd_data *hapd = ctx;
++	struct sta_info *sta;
++
++	sta = ap_get_sta(hapd, sta_addr);
++	if (!sta || !sta->wpa_sm)
++		return -1;
++
++	memcpy(sta->bandwidth, rate, sizeof(*rate));
++	hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
++		       HOSTAPD_LEVEL_INFO, "rate-limit %d %d", sta->bandwidth[0], sta->bandwidth[1]);
++
++	return 0;
++}
++
++
++static int hostapd_wpa_auth_get_rate_limit(void *ctx, const u8 *sta_addr,
++					   struct rate_description *rate)
++{
++	struct hostapd_data *hapd = ctx;
++	struct sta_info *sta;
++
++	sta = ap_get_sta(hapd, sta_addr);
++	if (!sta)
++		return -1;
++
++	memcpy(rate, sta->bandwidth, sizeof(*rate));
++
++	return 0;
++}
++
++
+ static int
+ hostapd_wpa_auth_set_identity(void *ctx, const u8 *sta_addr,
+ 			      const u8 *identity, size_t identity_len)
+@@ -1640,6 +1674,8 @@ int hostapd_setup_wpa(struct hostapd_dat
+ 		.add_tspec = hostapd_wpa_auth_add_tspec,
+ 		.set_vlan = hostapd_wpa_auth_set_vlan,
+ 		.get_vlan = hostapd_wpa_auth_get_vlan,
++		.set_rate_limit = hostapd_wpa_auth_set_rate_limit,
++		.get_rate_limit = hostapd_wpa_auth_get_rate_limit,
+ 		.set_identity = hostapd_wpa_auth_set_identity,
+ 		.get_identity = hostapd_wpa_auth_get_identity,
+ 		.set_radius_cui = hostapd_wpa_auth_set_radius_cui,
+--- a/src/ap/wpa_auth_ft.c
++++ b/src/ap/wpa_auth_ft.c
+@@ -379,6 +379,14 @@ static size_t wpa_ft_vlan_len(const stru
+ 	return tlv_len;
+ }
+ 
++static size_t wpa_ft_rate_limit_len(const struct rate_description *rate)
++{
++	if (!rate || (!rate->rx && !rate->tx))
++		return 0;
++
++	return (sizeof(struct ft_rrb_tlv) + 8);
++}
++
+ 
+ static size_t wpa_ft_vlan_lin(const struct vlan_description *vlan,
+ 			      u8 *start, u8 *endpos)
+@@ -434,10 +442,48 @@ static size_t wpa_ft_vlan_lin(const stru
+ }
+ 
+ 
++static size_t wpa_ft_rate_limit_lin(const struct rate_description *rate,
++				    u8 *start, u8 *endpos)
++{
++	size_t tlv_len;
++	int i, len;
++	struct ft_rrb_tlv *hdr;
++	u8 *pos = start;
++
++	if (!rate)
++		return 0;
++
++	tlv_len = 0;
++	if (rate->rx || rate->tx) {
++		tlv_len += sizeof(*hdr);
++		if (start + tlv_len > endpos)
++			return tlv_len;
++		hdr = (struct ft_rrb_tlv *) pos;
++		hdr->type = host_to_le16(FT_RRB_RATE_LIMIT);
++		hdr->len = host_to_le16(2 * sizeof(le32));
++		pos = start + tlv_len;
++
++		tlv_len += sizeof(u32);
++		if (start + tlv_len > endpos)
++			return tlv_len;
++		WPA_PUT_LE32(pos, rate->rx);
++		pos = start + tlv_len;
++		tlv_len += sizeof(u32);
++		if (start + tlv_len > endpos)
++			return tlv_len;
++		WPA_PUT_LE32(pos, rate->tx);
++		pos = start + tlv_len;
++	}
++
++	return tlv_len;
++}
++
++
+ static int wpa_ft_rrb_lin(const struct tlv_list *tlvs1,
+ 			  const struct tlv_list *tlvs2,
+ 			  const struct vlan_description *vlan,
+-			  u8 **plain, size_t *plain_len)
++			  u8 **plain, size_t *plain_len,
++			  const struct rate_description *rate)
+ {
+ 	u8 *pos, *endpos;
+ 	size_t tlv_len;
+@@ -445,6 +491,7 @@ static int wpa_ft_rrb_lin(const struct t
+ 	tlv_len = wpa_ft_tlv_len(tlvs1);
+ 	tlv_len += wpa_ft_tlv_len(tlvs2);
+ 	tlv_len += wpa_ft_vlan_len(vlan);
++	tlv_len += wpa_ft_rate_limit_len(rate);
+ 
+ 	*plain_len = tlv_len;
+ 	*plain = os_zalloc(tlv_len);
+@@ -458,6 +505,7 @@ static int wpa_ft_rrb_lin(const struct t
+ 	pos += wpa_ft_tlv_lin(tlvs1, pos, endpos);
+ 	pos += wpa_ft_tlv_lin(tlvs2, pos, endpos);
+ 	pos += wpa_ft_vlan_lin(vlan, pos, endpos);
++	pos += wpa_ft_rate_limit_lin(rate, pos, endpos);
+ 
+ 	/* validity check */
+ 	if (pos != endpos) {
+@@ -526,7 +574,8 @@ static int wpa_ft_rrb_build(const u8 *ke
+ 			    const struct tlv_list *tlvs_auth,
+ 			    const struct vlan_description *vlan,
+ 			    const u8 *src_addr, u8 type,
+-			    u8 **packet, size_t *packet_len)
++			    u8 **packet, size_t *packet_len,
++			    const struct rate_description *rate)
+ {
+ 	u8 *plain = NULL, *auth = NULL, *pos, *tmp;
+ 	size_t plain_len = 0, auth_len = 0;
+@@ -534,10 +583,10 @@ static int wpa_ft_rrb_build(const u8 *ke
+ 	size_t pad_len = 0;
+ 
+ 	*packet = NULL;
+-	if (wpa_ft_rrb_lin(tlvs_enc0, tlvs_enc1, vlan, &plain, &plain_len) < 0)
++	if (wpa_ft_rrb_lin(tlvs_enc0, tlvs_enc1, vlan, &plain, &plain_len, rate) < 0)
+ 		goto out;
+ 
+-	if (wpa_ft_rrb_lin(tlvs_auth, NULL, NULL, &auth, &auth_len) < 0)
++	if (wpa_ft_rrb_lin(tlvs_auth, NULL, NULL, &auth, &auth_len, NULL) < 0)
+ 		goto out;
+ 
+ 	*packet_len = sizeof(u16) + auth_len + plain_len;
+@@ -700,6 +749,24 @@ static int wpa_ft_get_vlan(struct wpa_au
+ }
+ 
+ 
++static int wpa_ft_get_rate_limit(struct wpa_authenticator *wpa_auth,
++				 const u8 *sta_addr, struct rate_description *rate)
++{
++	if (!wpa_auth->cb->get_rate_limit)
++		return -1;
++	return wpa_auth->cb->get_rate_limit(wpa_auth->cb_ctx, sta_addr, rate);
++}
++
++
++static int wpa_ft_set_rate_limit(struct wpa_authenticator *wpa_auth,
++				 const u8 *sta_addr, struct rate_description *rate)
++{
++	if (!wpa_auth->cb->set_rate_limit)
++		return -1;
++	return wpa_auth->cb->set_rate_limit(wpa_auth->cb_ctx, sta_addr, rate);
++}
++
++
+ static int
+ wpa_ft_set_identity(struct wpa_authenticator *wpa_auth, const u8 *sta_addr,
+ 		    const u8 *identity, size_t identity_len)
+@@ -1025,7 +1092,7 @@ wpa_ft_rrb_seq_req(struct wpa_authentica
+ 
+ 	if (wpa_ft_rrb_build(key, key_len, NULL, NULL, seq_req_auth, NULL,
+ 			     wpa_auth->addr, FT_PACKET_R0KH_R1KH_SEQ_REQ,
+-			     &packet, &packet_len) < 0) {
++			     &packet, &packet_len, NULL) < 0) {
+ 		item = NULL; /* some other seq resp might still accept this */
+ 		goto err;
+ 	}
+@@ -1208,6 +1275,7 @@ struct wpa_ft_pmk_r0_sa {
+ 	u8 spa[ETH_ALEN];
+ 	int pairwise; /* Pairwise cipher suite, WPA_CIPHER_* */
+ 	struct vlan_description *vlan;
++	struct rate_description *rate;
+ 	os_time_t expiration; /* 0 for no expiration */
+ 	u8 *identity;
+ 	size_t identity_len;
+@@ -1226,6 +1294,7 @@ struct wpa_ft_pmk_r1_sa {
+ 	u8 spa[ETH_ALEN];
+ 	int pairwise; /* Pairwise cipher suite, WPA_CIPHER_* */
+ 	struct vlan_description *vlan;
++	struct rate_description *rate;
+ 	u8 *identity;
+ 	size_t identity_len;
+ 	u8 *radius_cui;
+@@ -1254,6 +1323,7 @@ static void wpa_ft_free_pmk_r0(struct wp
+ 
+ 	os_memset(r0->pmk_r0, 0, PMK_LEN_MAX);
+ 	os_free(r0->vlan);
++	os_free(r0->rate);
+ 	os_free(r0->identity);
+ 	os_free(r0->radius_cui);
+ 	os_free(r0);
+@@ -1307,6 +1377,7 @@ static void wpa_ft_free_pmk_r1(struct wp
+ 	eloop_cancel_timeout(wpa_ft_expire_pmk_r1, r1, NULL);
+ 
+ 	os_memset(r1->pmk_r1, 0, PMK_LEN_MAX);
++	os_free(r1->rate);
+ 	os_free(r1->vlan);
+ 	os_free(r1->identity);
+ 	os_free(r1->radius_cui);
+@@ -1360,7 +1431,8 @@ static int wpa_ft_store_pmk_r0(struct wp
+ 			       const struct vlan_description *vlan,
+ 			       int expires_in, int session_timeout,
+ 			       const u8 *identity, size_t identity_len,
+-			       const u8 *radius_cui, size_t radius_cui_len)
++			       const u8 *radius_cui, size_t radius_cui_len,
++			       struct rate_description *rate)
+ {
+ 	struct wpa_ft_pmk_cache *cache = wpa_auth->ft_pmk_cache;
+ 	struct wpa_ft_pmk_r0_sa *r0;
+@@ -1388,6 +1460,14 @@ static int wpa_ft_store_pmk_r0(struct wp
+ 		}
+ 		*r0->vlan = *vlan;
+ 	}
++	if (rate) {
++		r0->rate = os_zalloc(sizeof(*rate));
++		if (!r0->rate) {
++			bin_clear_free(r0, sizeof(*r0));
++			return -1;
++		}
++		*r0->rate = *rate;
++	}
+ 	if (identity) {
+ 		r0->identity = os_malloc(identity_len);
+ 		if (r0->identity) {
+@@ -1447,7 +1527,8 @@ static int wpa_ft_store_pmk_r1(struct wp
+ 			       const struct vlan_description *vlan,
+ 			       int expires_in, int session_timeout,
+ 			       const u8 *identity, size_t identity_len,
+-			       const u8 *radius_cui, size_t radius_cui_len)
++			       const u8 *radius_cui, size_t radius_cui_len,
++			       struct rate_description *rate)
+ {
+ 	struct wpa_ft_pmk_cache *cache = wpa_auth->ft_pmk_cache;
+ 	int max_expires_in = wpa_auth->conf.r1_max_key_lifetime;
+@@ -1477,6 +1558,14 @@ static int wpa_ft_store_pmk_r1(struct wp
+ 		}
+ 		*r1->vlan = *vlan;
+ 	}
++	if (rate) {
++		r1->rate = os_zalloc(sizeof(*rate));
++		if (!r1->rate) {
++			bin_clear_free(r1, sizeof(*r1));
++			return -1;
++		}
++		*r1->rate = *rate;
++	}
+ 	if (identity) {
+ 		r1->identity = os_malloc(identity_len);
+ 		if (r1->identity) {
+@@ -1513,7 +1602,7 @@ int wpa_ft_fetch_pmk_r1(struct wpa_authe
+ 			struct vlan_description *vlan,
+ 			const u8 **identity, size_t *identity_len,
+ 			const u8 **radius_cui, size_t *radius_cui_len,
+-			int *session_timeout)
++			int *session_timeout, struct rate_description *rate)
+ {
+ 	struct wpa_ft_pmk_cache *cache = wpa_auth->ft_pmk_cache;
+ 	struct wpa_ft_pmk_r1_sa *r1;
+@@ -1533,6 +1622,12 @@ int wpa_ft_fetch_pmk_r1(struct wpa_authe
+ 				*vlan = *r1->vlan;
+ 			if (vlan && !r1->vlan)
+ 				os_memset(vlan, 0, sizeof(*vlan));
++			if (rate) {
++				if (r1->rate)
++					*rate = *r1->rate;
++				else
++					memset(rate, 0, sizeof(*rate));
++			}
+ 			if (identity && identity_len) {
+ 				*identity = r1->identity;
+ 				*identity_len = r1->identity_len;
+@@ -2059,7 +2154,7 @@ static int wpa_ft_pull_pmk_r1(struct wpa
+ 
+ 	if (wpa_ft_rrb_build(key, key_len, req_enc, NULL, req_auth, NULL,
+ 			     sm->wpa_auth->addr, FT_PACKET_R0KH_R1KH_PULL,
+-			     &packet, &packet_len) < 0)
++			     &packet, &packet_len, NULL) < 0)
+ 		return -1;
+ 
+ 	ft_pending_req_ies = wpabuf_alloc_copy(ies, ies_len);
+@@ -2088,6 +2183,7 @@ int wpa_ft_store_pmk_fils(struct wpa_sta
+ {
+ 	int expires_in = sm->wpa_auth->conf.r0_key_lifetime;
+ 	struct vlan_description vlan;
++	struct rate_description rate;
+ 	const u8 *identity, *radius_cui;
+ 	size_t identity_len, radius_cui_len;
+ 	int session_timeout;
+@@ -2099,6 +2195,7 @@ int wpa_ft_store_pmk_fils(struct wpa_sta
+ 			   MAC2STR(sm->addr));
+ 		return -1;
+ 	}
++	wpa_ft_get_rate_limit(sm->wpa_auth, sm->addr, &rate);
+ 
+ 	identity_len = wpa_ft_get_identity(sm->wpa_auth, sm->addr, &identity);
+ 	radius_cui_len = wpa_ft_get_radius_cui(sm->wpa_auth, sm->addr,
+@@ -2108,7 +2205,7 @@ int wpa_ft_store_pmk_fils(struct wpa_sta
+ 	return wpa_ft_store_pmk_r0(sm->wpa_auth, sm->addr, pmk_r0, pmk_r0_len,
+ 				   pmk_r0_name, sm->pairwise, &vlan, expires_in,
+ 				   session_timeout, identity, identity_len,
+-				   radius_cui, radius_cui_len);
++				   radius_cui, radius_cui_len, &rate);
+ }
+ 
+ 
+@@ -2172,6 +2269,7 @@ void wpa_auth_ft_store_keys(struct wpa_s
+ 	int psk_local = sm->wpa_auth->conf.ft_psk_generate_local;
+ 	int expires_in = sm->wpa_auth->conf.r0_key_lifetime;
+ 	struct vlan_description vlan;
++	struct rate_description rate;
+ 	const u8 *identity, *radius_cui;
+ 	size_t identity_len, radius_cui_len;
+ 	int session_timeout;
+@@ -2185,6 +2283,8 @@ void wpa_auth_ft_store_keys(struct wpa_s
+ 		return;
+ 	}
+ 
++	wpa_ft_get_rate_limit(sm->wpa_auth, sm->addr, &rate);
++
+ 	identity_len = wpa_ft_get_identity(sm->wpa_auth, sm->addr, &identity);
+ 	radius_cui_len = wpa_ft_get_radius_cui(sm->wpa_auth, sm->addr,
+ 					       &radius_cui);
+@@ -2195,11 +2295,12 @@ void wpa_auth_ft_store_keys(struct wpa_s
+ 			    pmk_r0_name,
+ 			    sm->pairwise, &vlan, expires_in,
+ 			    session_timeout, identity, identity_len,
+-			    radius_cui, radius_cui_len);
++			    radius_cui, radius_cui_len, &rate);
+ 	wpa_ft_store_pmk_r1(sm->wpa_auth, sm->addr, pmk_r1, key_len,
+ 			    sm->pmk_r1_name, sm->pairwise, &vlan,
+ 			    expires_in, session_timeout, identity,
+-			    identity_len, radius_cui, radius_cui_len);
++			    identity_len, radius_cui, radius_cui_len,
++			    &rate);
+ }
+ 
+ 
+@@ -3100,7 +3201,8 @@ static int wpa_ft_local_derive_pmk_r1(st
+ 				      const u8 **radius_cui,
+ 				      size_t *radius_cui_len,
+ 				      int *out_session_timeout,
+-				      size_t *pmk_r1_len)
++				      size_t *pmk_r1_len,
++				      struct rate_description *rate)
+ {
+ 	struct wpa_auth_config *conf = &wpa_auth->conf;
+ 	const struct wpa_ft_pmk_r0_sa *r0;
+@@ -3136,7 +3238,8 @@ static int wpa_ft_local_derive_pmk_r1(st
+ 			    out_pmk_r1_name,
+ 			    sm->pairwise, r0->vlan, expires_in, session_timeout,
+ 			    r0->identity, r0->identity_len,
+-			    r0->radius_cui, r0->radius_cui_len);
++			    r0->radius_cui, r0->radius_cui_len,
++			    r0->rate);
+ 
+ 	*out_pairwise = sm->pairwise;
+ 	if (vlan) {
+@@ -3146,6 +3249,13 @@ static int wpa_ft_local_derive_pmk_r1(st
+ 			os_memset(vlan, 0, sizeof(*vlan));
+ 	}
+ 
++	if (rate) {
++		if (r0->rate)
++			*rate = *r0->rate;
++		else
++			os_memset(rate, 0, sizeof(*rate));
++	}
++
+ 	if (identity && identity_len) {
+ 		*identity = r0->identity;
+ 		*identity_len = r0->identity_len;
+@@ -3178,6 +3288,7 @@ static int wpa_ft_process_auth_req(struc
+ 	u8 *pos, *end;
+ 	int pairwise, session_timeout = 0;
+ 	struct vlan_description vlan;
++	struct rate_description rate = {};
+ 	const u8 *identity, *radius_cui;
+ 	size_t identity_len = 0, radius_cui_len = 0;
+ 	size_t pmk_r1_len, kdk_len, len;
+@@ -3274,7 +3385,7 @@ static int wpa_ft_process_auth_req(struc
+ 					pmk_r1, &pmk_r1_len, &pairwise, &vlan,
+ 					&identity, &identity_len, &radius_cui,
+ 					&radius_cui_len,
+-					&session_timeout) == 0) {
++					&session_timeout, &rate) == 0) {
+ 			wpa_printf(MSG_DEBUG,
+ 				   "FT: Found PMKR1Name (using SHA%zu) from local cache",
+ 				   pmk_r1_len * 8);
+@@ -3290,7 +3401,7 @@ static int wpa_ft_process_auth_req(struc
+ 				       pmk_r1_name, pmk_r1, &pairwise,
+ 				       &vlan, &identity, &identity_len,
+ 				       &radius_cui, &radius_cui_len,
+-				       &session_timeout, &pmk_r1_len) == 0) {
++				       &session_timeout, &pmk_r1_len, &rate) == 0) {
+ 		wpa_printf(MSG_DEBUG,
+ 			   "FT: Generated PMK-R1 based on local PMK-R0");
+ 		goto pmk_r1_derived;
+@@ -3392,6 +3503,7 @@ pmk_r1_derived:
+ 		wpa_printf(MSG_DEBUG, "FT: Failed to configure VLAN");
+ 		goto out;
+ 	}
++	wpa_ft_set_rate_limit(sm->wpa_auth, sm->addr, &rate);
+ 	if (wpa_ft_set_identity(sm->wpa_auth, sm->addr,
+ 				identity, identity_len) < 0 ||
+ 	    wpa_ft_set_radius_cui(sm->wpa_auth, sm->addr,
+@@ -3973,7 +4085,7 @@ static int wpa_ft_rrb_build_r0(const u8
+ 
+ 	ret = wpa_ft_rrb_build(key, key_len, tlvs, sess_tlv, tlv_auth,
+ 			       pmk_r0->vlan, src_addr, type,
+-			       packet, packet_len);
++			       packet, packet_len, pmk_r0->rate);
+ 
+ 	forced_memzero(pmk_r1, sizeof(pmk_r1));
+ 
+@@ -4113,7 +4225,7 @@ static int wpa_ft_rrb_rx_pull(struct wpa
+ 		ret = wpa_ft_rrb_build(key, key_len, resp, NULL, resp_auth,
+ 				       NULL, wpa_auth->addr,
+ 				       FT_PACKET_R0KH_R1KH_RESP,
+-				       &packet, &packet_len);
++				       &packet, &packet_len, NULL);
+ 	} else {
+ 		ret = wpa_ft_rrb_build_r0(key, key_len, resp, r0, f_r1kh_id,
+ 					  f_s1kh_id, resp_auth, wpa_auth->addr,
+@@ -4165,11 +4277,15 @@ static int wpa_ft_rrb_rx_r1(struct wpa_a
+ 	size_t f_expires_in_len;
+ 	size_t f_identity_len, f_radius_cui_len;
+ 	size_t f_session_timeout_len;
++	size_t f_rate_len;
++	const u8 *f_rate;
+ 	int pairwise;
+ 	int ret = -1;
+ 	int expires_in;
+ 	int session_timeout;
+ 	struct vlan_description vlan;
++	struct rate_description rate;
++	int has_rate = 0;
+ 	size_t pmk_r1_len;
+ 
+ 	RRB_GET_AUTH(FT_RRB_R0KH_ID, r0kh_id, msgtype, -1);
+@@ -4279,6 +4395,13 @@ static int wpa_ft_rrb_rx_r1(struct wpa_a
+ 	wpa_printf(MSG_DEBUG, "FT: vlan %d%s",
+ 		   le_to_host16(vlan.untagged), vlan.tagged[0] ? "+" : "");
+ 
++	RRB_GET_OPTIONAL(FT_RRB_RATE_LIMIT, rate, msgtype, 2 * sizeof(le32));
++	if (f_rate) {
++		memcpy(&rate, f_rate, sizeof(rate));
++		rate.rx = le_to_host32(rate.rx);
++		rate.tx = le_to_host32(rate.tx);
++		has_rate = 1;
++	};
+ 	RRB_GET_OPTIONAL(FT_RRB_IDENTITY, identity, msgtype, -1);
+ 	if (f_identity)
+ 		wpa_hexdump_ascii(MSG_DEBUG, "FT: Identity", f_identity,
+@@ -4301,7 +4424,7 @@ static int wpa_ft_rrb_rx_r1(struct wpa_a
+ 				f_pmk_r1_name,
+ 				pairwise, &vlan, expires_in, session_timeout,
+ 				f_identity, f_identity_len, f_radius_cui,
+-				f_radius_cui_len) < 0)
++				f_radius_cui_len, has_rate ? &rate : 0) < 0)
+ 		goto out;
+ 
+ 	ret = 0;
+@@ -4614,7 +4737,7 @@ static int wpa_ft_rrb_rx_seq_req(struct
+ 
+ 	if (wpa_ft_rrb_build(key, key_len, NULL, NULL, seq_resp_auth, NULL,
+ 			     wpa_auth->addr, FT_PACKET_R0KH_R1KH_SEQ_RESP,
+-			     &packet, &packet_len) < 0)
++			     &packet, &packet_len, NULL) < 0)
+ 		goto out;
+ 
+ 	wpa_ft_rrb_oui_send(wpa_auth, src_addr,

feeds/hostapd/hostapd/patches/999-ft-anonce.patch

@@ -0,0 +1,10 @@
+--- a/src/ap/wpa_auth_i.h
++++ b/src/ap/wpa_auth_i.h
+@@ -54,6 +54,7 @@ struct wpa_state_machine {
+ 	bool MICVerified;
+ 	bool GUpdateStationKeys;
+ 	u8 ANonce[WPA_NONCE_LEN];
++	struct os_reltime ANonce_time;
+ 	u8 SNonce[WPA_NONCE_LEN];
+ 	u8 alt_SNonce[WPA_NONCE_LEN];
+ 	u8 alt_replay_counter[WPA_REPLAY_COUNTER_LEN];

feeds/hostapd/hostapd/patches/999-re-assoc-event.patch

@@ -0,0 +1,147 @@
+--- a/src/ap/ieee802_11.c
++++ b/src/ap/ieee802_11.c
+@@ -522,6 +522,7 @@ static void handle_auth_ft_finish(void *
+ 
+ 	hostapd_logger(hapd, dst, HOSTAPD_MODULE_IEEE80211,
+ 		       HOSTAPD_LEVEL_DEBUG, "authentication OK (FT)");
++	hostapd_ubus_notify(hapd, "ft-finish", sta->addr);
+ 	sta->flags |= WLAN_STA_AUTH;
+ 	mlme_authenticate_indication(hapd, sta);
+ }
+@@ -5273,6 +5274,8 @@ static void handle_assoc(struct hostapd_
+ 	}
+ 
+ 	sta = ap_get_sta(hapd, mgmt->sa);
++	if (sta && reassoc)
++		memcpy(sta->origin_ap, mgmt->u.reassoc_req.current_ap, 6);
+ #ifdef CONFIG_IEEE80211R_AP
+ 	if (sta && sta->auth_alg == WLAN_AUTH_FT &&
+ 	    (sta->flags & WLAN_STA_AUTH) == 0) {
+@@ -5426,6 +5429,7 @@ static void handle_assoc(struct hostapd_
+ 		.type = HOSTAPD_UBUS_ASSOC_REQ,
+ 		.mgmt_frame = mgmt,
+ 		.ssi_signal = rssi,
++		.reassoc = reassoc,
+ 	};
+ 
+ 	/* followed by SSID and Supported rates; and HT capabilities if 802.11n
+@@ -6496,7 +6500,7 @@ static void handle_assoc_cb(struct hosta
+ 		 * Open, static WEP, FT protocol, or FILS; no separate
+ 		 * authorization step.
+ 		 */
+-		ap_sta_set_authorized(hapd, sta, 1);
++		_ap_sta_set_authorized(hapd, sta, 1, reassoc);
+ 	}
+ 
+ 	if (reassoc)
+--- a/src/ap/ubus.c
++++ b/src/ap/ubus.c
+@@ -1870,6 +1870,8 @@ int hostapd_ubus_handle_event(struct hos
+ 	if (req->ssi_signal)
+ 		blobmsg_add_u32(&b, "signal", req->ssi_signal);
+ 	blobmsg_add_u32(&b, "freq", hapd->iface->freq);
++	if (req->reassoc && req->mgmt_frame)
++		blobmsg_add_macaddr(&b, "origin", req->mgmt_frame->u.reassoc_req.current_ap);
+ 
+ 	if (req->elems) {
+ 		if(req->elems->ht_capabilities)
+@@ -1940,6 +1942,7 @@ void hostapd_ubus_notify(struct hostapd_
+ 	blob_buf_init(&b, 0);
+ 	blobmsg_add_macaddr(&b, "address", addr);
+ 	blobmsg_add_string(&b, "ifname", hapd->conf->iface);
++	blobmsg_printf(&b, "target", MACSTR, MAC2STR(hapd->conf->bssid));
+ 
+ 	ubus_notify(ctx, &hapd->ubus.obj, type, b.head, -1);
+ }
+@@ -1958,7 +1961,7 @@ void hostapd_ubus_notify_csa(struct host
+ }
+ 
+ 
+-void hostapd_ubus_notify_authorized(struct hostapd_data *hapd, struct sta_info *sta)
++void hostapd_ubus_notify_authorized(struct hostapd_data *hapd, struct sta_info *sta, int reassoc)
+ {
+ 	if (!hapd->ubus.obj.has_subscribers)
+ 		return;
+@@ -1975,6 +1978,9 @@ void hostapd_ubus_notify_authorized(stru
+ 		blobmsg_add_u32(&b, "", sta->bandwidth[1]);
+ 		blobmsg_close_array(&b, r);
+ 	}
++	if (reassoc)
++		blobmsg_add_macaddr(&b, "origin", sta->origin_ap);
++	blobmsg_printf(&b, "target", MACSTR, MAC2STR(hapd->conf->bssid));
+ 
+ 	ubus_notify(ctx, &hapd->ubus.obj, "sta-authorized", b.head, -1);
+ }
+--- a/src/ap/ubus.h
++++ b/src/ap/ubus.h
+@@ -22,6 +22,7 @@ struct hostapd_ubus_request {
+ 	const struct ieee802_11_elems *elems;
+ 	int ssi_signal; /* dBm */
+ 	const u8 *addr;
++	int reassoc;
+ };
+ 
+ struct hostapd_iface;
+@@ -49,7 +50,7 @@ void hostapd_ubus_remove_vlan(struct hos
+ 
+ int hostapd_ubus_handle_event(struct hostapd_data *hapd, struct hostapd_ubus_request *req);
+ void hostapd_ubus_notify(struct hostapd_data *hapd, const char *type, const u8 *mac);
+-void hostapd_ubus_notify_authorized(struct hostapd_data *hapd, struct sta_info *sta);
++void hostapd_ubus_notify_authorized(struct hostapd_data *hapd, struct sta_info *sta, int reassoc);
+ void hostapd_ubus_notify_beacon_report(struct hostapd_data *hapd,
+ 				       const u8 *addr, u8 token, u8 rep_mode,
+ 				       struct rrm_measurement_beacon_report *rep,
+--- a/src/ap/sta_info.c
++++ b/src/ap/sta_info.c
+@@ -1297,8 +1297,8 @@ const u8 * ap_sta_wpa_get_dpp_pkhash(str
+ }
+ 
+ 
+-void ap_sta_set_authorized(struct hostapd_data *hapd, struct sta_info *sta,
+-			   int authorized)
++void _ap_sta_set_authorized(struct hostapd_data *hapd, struct sta_info *sta,
++			    int authorized, int reassoc)
+ {
+ 	const u8 *dev_addr = NULL;
+ 	char buf[100];
+@@ -1404,7 +1404,7 @@ void ap_sta_set_authorized(struct hostap
+ 					 dpp_pkhash, SHA256_MAC_LEN);
+ 		}
+ 
+-		hostapd_ubus_notify_authorized(hapd, sta);
++		hostapd_ubus_notify_authorized(hapd, sta, reassoc);
+ 		wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_CONNECTED "%s%s%s%s%s",
+ 			buf, ip_addr, keyid_buf, dpp_pkhash_buf, alg_buf);
+ 
+@@ -1434,6 +1434,11 @@ void ap_sta_set_authorized(struct hostap
+ 	}
+ #endif /* CONFIG_FST */
+ }
++void ap_sta_set_authorized(struct hostapd_data *hapd, struct sta_info *sta,
++			   int authorized)
++{
++	_ap_sta_set_authorized(hapd, sta, authorized, 0);
++}
+ 
+ 
+ void ap_sta_disconnect(struct hostapd_data *hapd, struct sta_info *sta,
+--- a/src/ap/sta_info.h
++++ b/src/ap/sta_info.h
+@@ -102,6 +102,7 @@ struct sta_info {
+ 	struct sta_info *next; /* next entry in sta list */
+ 	struct sta_info *hnext; /* next entry in hash table list */
+ 	u8 addr[6];
++	u8 origin_ap[6];
+ 	be32 ipaddr;
+ 	struct dl_list ip6addr; /* list head for struct ip6addr */
+ 	u16 aid; /* STA's unique AID (1 .. 2007) or 0 if not yet assigned */
+@@ -398,6 +399,9 @@ const u8 * ap_sta_wpa_get_dpp_pkhash(str
+ void ap_sta_disconnect(struct hostapd_data *hapd, struct sta_info *sta,
+ 		       const u8 *addr, u16 reason);
+ 
++void _ap_sta_set_authorized(struct hostapd_data *hapd,
++			    struct sta_info *sta, int authorized,
++			    int reassoc);
+ void ap_sta_set_authorized(struct hostapd_data *hapd,
+ 			   struct sta_info *sta, int authorized);
+ static inline int ap_sta_is_authorized(struct sta_info *sta)