github.com/google/syzkaller@v0.0.0-20240517125934-c0f1611a36d6/sys/linux/test/80211_setup_station

github.com/google/syzkaller@v0.0.0-20240517125934-c0f1611a36d6/sys/linux/test/80211_setup_station (about)

     1  # requires: -sandbox=namespace
     2  
     3  r0 = socket$nl_generic(0x10, 0x3, 0x10)
     4  r1 = syz_genetlink_get_family_id$nl80211(&AUTO='nl80211\x00', 0xffffffffffffffff)
     5  ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &AUTO={'wlan1\x00', <r2=>0x0})
     6  
     7  # Set station mode for wlan1.
     8  
     9  sendmsg$NL80211_CMD_SET_INTERFACE(r0, &AUTO={0x0, 0x0, &AUTO={&AUTO={AUTO, r1, 0x5, 0x0, 0x0, {AUTO, {@val={AUTO, AUTO, r2, nil}, @void}}, [@NL80211_ATTR_IFTYPE={AUTO, AUTO, 0x2, nil}]}, AUTO}, AUTO, AUTO, AUTO, 0x0}, 0x0)
    10  
    11  # Connect wlan1.
    12  
    13  sendmsg$NL80211_CMD_CONNECT(r0, &AUTO={0x0, 0x0, &AUTO={&AUTO={AUTO, r1, 0x5, 0x0, 0x0, {AUTO, {@val={AUTO, AUTO, r2, nil},@void}}, [@NL80211_ATTR_SSID={AUTO,AUTO,@default_ap_ssid,nil}, @NL80211_ATTR_MAC={AUTO,AUTO,@from_mac=@device_a,nil}, @NL80211_ATTR_AUTH_TYPE={AUTO, AUTO, 0, nil}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={AUTO,AUTO,@default,nil}]]}, AUTO}, AUTO, AUTO, AUTO, 0x0}, 0x0)
    14  
    15  # Inject probe response.
    16  
    17  syz_80211_inject_frame(&AUTO=@device_b, &AUTO=@mgmt_frame=@probe_response={{{AUTO, AUTO, AUTO, AUTO, AUTO, 0, 0, 0, 0, AUTO, 0}, {0, 0}, @device_b, @device_a, @from_mac=@device_a, {0,0}, @void}, 0x0, @default, 0x1, @val={AUTO, AUTO, @default_ap_ssid}, @val={AUTO, AUTO, [{0x2,0x1}, {0x4,0x1}, {0xb,0x1}, {0x16,0x1}, {0x0c,0}, {0x12,0x0}, {0x18,0x0}, {0x24,0x0}]}, @void, @void, @void, @void, @void, @void, []}, AUTO)
    18  
    19  # Wait 50ms and inject auth response.
    20  
    21  nanosleep(&AUTO={0x0,0x2FAF080}, &AUTO={0,0})
    22  
    23  syz_80211_inject_frame(&AUTO=@device_b, &AUTO=@mgmt_frame=@auth={{{AUTO, AUTO, AUTO, AUTO, AUTO, 0, 0, 0, 0, AUTO, 0}, {0, 0}, @device_b, @device_a, @from_mac=@device_a, {0,0x1}, @void}, 0x0, 0x2, 0x0, @void, []}, AUTO)
    24  
    25  # Wait 50ms and inject association response.
    26  
    27  nanosleep(&AUTO={0x0,0x2FAF080}, &AUTO={0,0})
    28  
    29  syz_80211_inject_frame(&AUTO=@device_b, &AUTO=@mgmt_frame=@assoc_resp={{{AUTO, AUTO, AUTO, AUTO, AUTO, 0, 0, 0, 0, AUTO, 0}, {0, 0}, @device_b, @device_a, @from_mac=@device_a, {0,0x2}, @void}, 0x1, 0x0, @default, @val={AUTO, AUTO, [{0x2,0x1}, {0x4,0x1}, {0xb,0x1}, {0x16,0x1}, {0x0c,0}, {0x12,0x0}, {0x18,0x0}, {0x24,0x0}]}, @void, []}, AUTO)