AP MLD: Do not store per-supplicant AP RSNE/RSNXE information

There is no need to store the AP MLD's RSNE/RSNXE within per-supplicant
data structure in struct wpa_state_machine since those elements are
available from the generic authenticator data in struct
wpa_authenticator.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
This commit is contained in:
Jouni Malinen 2024-04-22 14:19:57 +03:00 committed by Jouni Malinen
parent 20872d5256
commit b26971774c
6 changed files with 30 additions and 137 deletions

View file

@ -4512,13 +4512,6 @@ static int ieee80211_ml_process_link(struct hostapd_data *hapd,
wpa_printf(MSG_DEBUG, "MLD: link=%u, association OK (aid=%u)",
hapd->mld_link_id, sta->aid);
/*
* Get RSNE and RSNXE for the current BSS as they are required by the
* Authenticator.
*/
link->rsne = hostapd_wpa_ie(hapd, WLAN_EID_RSN);
link->rsnxe = hostapd_wpa_ie(hapd, WLAN_EID_RSNX);
sta->flags |= WLAN_STA_AUTH | WLAN_STA_ASSOC_REQ_OK;
/* TODO: What other processing is required? */
@ -4570,15 +4563,6 @@ int hostapd_process_assoc_ml_info(struct hostapd_data *hapd,
if (!hostapd_is_mld_ap(hapd))
return 0;
/*
* This is not really needed, but make the interaction with the RSN
* Authenticator more consistent
*/
sta->mld_info.links[hapd->mld_link_id].rsne =
hostapd_wpa_ie(hapd, WLAN_EID_RSN);
sta->mld_info.links[hapd->mld_link_id].rsnxe =
hostapd_wpa_ie(hapd, WLAN_EID_RSNX);
for (i = 0; i < MAX_NUM_MLD_LINKS; i++) {
struct hostapd_data *bss = NULL;
struct mld_link_info *link = &sta->mld_info.links[i];

View file

@ -94,8 +94,6 @@ struct mld_info {
u16 status;
u16 resp_sta_profile_len;
u8 *resp_sta_profile;
const u8 *rsne, *rsnxe;
} links[MAX_NUM_MLD_LINKS];
};

View file

@ -4148,27 +4148,6 @@ static u8 * replace_ie(const char *name, const u8 *old_buf, size_t *len, u8 eid,
#ifdef CONFIG_IEEE80211BE
void wpa_auth_ml_get_rsn_info(struct wpa_authenticator *a,
struct wpa_auth_ml_link_rsn_info *info)
{
info->rsn_ies = a->wpa_ie;
info->rsn_ies_len = a->wpa_ie_len;
wpa_printf(MSG_DEBUG, "RSN: MLD: link_id=%u, rsn_ies_len=%zu",
info->link_id, info->rsn_ies_len);
}
static void wpa_auth_get_ml_rsn_info(struct wpa_authenticator *wpa_auth,
struct wpa_auth_ml_rsn_info *info)
{
if (!wpa_auth->cb->get_ml_rsn_info)
return;
wpa_auth->cb->get_ml_rsn_info(wpa_auth->cb_ctx, info);
}
void wpa_auth_ml_get_key_info(struct wpa_authenticator *a,
struct wpa_auth_ml_link_key_info *info,
bool mgmt_frame_prot, bool beacon_prot)
@ -4443,6 +4422,7 @@ static size_t wpa_auth_ml_kdes_len(struct wpa_state_machine *sm)
/* MLO Link KDE for each link */
for (link_id = 0; link_id < MAX_NUM_MLD_LINKS; link_id++) {
struct wpa_authenticator *wpa_auth;
const u8 *ie;
if (!sm->mld_links[link_id].valid)
continue;
@ -4451,9 +4431,15 @@ static size_t wpa_auth_ml_kdes_len(struct wpa_state_machine *sm)
if (!wpa_auth)
continue;
kde_len += 2 + RSN_SELECTOR_LEN + 1 + ETH_ALEN +
sm->mld_links[link_id].rsne_len +
sm->mld_links[link_id].rsnxe_len;
kde_len += 2 + RSN_SELECTOR_LEN + 1 + ETH_ALEN;
ie = get_ie(wpa_auth->wpa_ie, wpa_auth->wpa_ie_len,
WLAN_EID_RSN);
if (ie)
kde_len += 2 + ie[1];
ie = get_ie(wpa_auth->wpa_ie, wpa_auth->wpa_ie_len,
WLAN_EID_RSNX);
if (ie)
kde_len += 2 + ie[1];
}
kde_len += wpa_auth_ml_group_kdes_len(sm);
@ -4478,6 +4464,8 @@ static u8 * wpa_auth_ml_kdes(struct wpa_state_machine *sm, u8 *pos)
for (link_id = 0; link_id < MAX_NUM_MLD_LINKS; link_id++) {
struct wpa_authenticator *wpa_auth;
const u8 *rsne, *rsnxe;
size_t rsne_len, rsnxe_len;
if (!sm->mld_links[link_id].valid)
continue;
@ -4486,41 +4474,45 @@ static u8 * wpa_auth_ml_kdes(struct wpa_state_machine *sm, u8 *pos)
if (!wpa_auth)
continue;
rsne = get_ie(wpa_auth->wpa_ie, wpa_auth->wpa_ie_len,
WLAN_EID_RSN);
rsne_len = rsne ? 2 + rsne[1] : 0;
rsnxe = get_ie(wpa_auth->wpa_ie, wpa_auth->wpa_ie_len,
WLAN_EID_RSNX);
rsnxe_len = rsnxe ? 2 + rsnxe[1] : 0;
wpa_printf(MSG_DEBUG,
"RSN: MLO Link: link=%u, len=%zu", link_id,
RSN_SELECTOR_LEN + 1 + ETH_ALEN +
sm->mld_links[link_id].rsne_len +
sm->mld_links[link_id].rsnxe_len);
rsne_len + rsnxe_len);
*pos++ = WLAN_EID_VENDOR_SPECIFIC;
*pos++ = RSN_SELECTOR_LEN + 1 + ETH_ALEN +
sm->mld_links[link_id].rsne_len +
sm->mld_links[link_id].rsnxe_len;
rsne_len + rsnxe_len;
RSN_SELECTOR_PUT(pos, RSN_KEY_DATA_MLO_LINK);
pos += RSN_SELECTOR_LEN;
/* Add the Link Information */
*pos = link_id;
if (sm->mld_links[link_id].rsne_len)
if (rsne_len)
*pos |= RSN_MLO_LINK_KDE_LI_RSNE_INFO;
if (sm->mld_links[link_id].rsnxe_len)
if (rsnxe_len)
*pos |= RSN_MLO_LINK_KDE_LI_RSNXE_INFO;
pos++;
os_memcpy(pos, wpa_auth->addr, ETH_ALEN);
pos += ETH_ALEN;
if (sm->mld_links[link_id].rsne_len) {
os_memcpy(pos, sm->mld_links[link_id].rsne,
sm->mld_links[link_id].rsne_len);
pos += sm->mld_links[link_id].rsne_len;
if (rsne_len) {
os_memcpy(pos, rsne, rsne_len);
pos += rsne_len;
}
if (sm->mld_links[link_id].rsnxe_len) {
os_memcpy(pos, sm->mld_links[link_id].rsnxe,
sm->mld_links[link_id].rsnxe_len);
pos += sm->mld_links[link_id].rsnxe_len;
if (rsnxe_len) {
os_memcpy(pos, rsnxe, rsnxe_len);
pos += rsnxe_len;
}
}
@ -7219,33 +7211,5 @@ void wpa_auth_set_ml_info(struct wpa_state_machine *sm,
}
ml_rsn_info.n_mld_links = i;
wpa_auth_get_ml_rsn_info(sm->wpa_auth, &ml_rsn_info);
for (i = 0; i < ml_rsn_info.n_mld_links; i++) {
struct mld_link *sm_link;
const u8 *rsn_ies;
u8 rsn_ies_len;
sm_link = &sm->mld_links[ml_rsn_info.links[i].link_id];
rsn_ies = ml_rsn_info.links[i].rsn_ies;
rsn_ies_len = ml_rsn_info.links[i].rsn_ies_len;
/* This should not really happen */
if (!rsn_ies || rsn_ies_len < 2 || rsn_ies[0] != WLAN_EID_RSN ||
rsn_ies[1] + 2 > rsn_ies_len) {
wpa_printf(MSG_INFO, "WPA_AUTH: MLD: Invalid RSNE");
continue;
}
sm_link->rsne = rsn_ies;
sm_link->rsne_len = rsn_ies[1] + 2;
if (rsn_ies[1] + 2UL + 2UL < rsn_ies_len &&
rsn_ies[rsn_ies[1] + 2] == WLAN_EID_RSNX) {
sm_link->rsnxe = rsn_ies + 2 + rsn_ies[1];
sm_link->rsnxe_len = sm_link->rsnxe[1] + 2;
}
}
#endif /* CONFIG_IEEE80211BE */
}

View file

@ -648,8 +648,6 @@ void wpa_auth_sta_radius_psk_resp(struct wpa_state_machine *sm, bool success);
void wpa_auth_set_ml_info(struct wpa_state_machine *sm,
u8 mld_assoc_link_id, struct mld_info *info);
void wpa_auth_ml_get_rsn_info(struct wpa_authenticator *a,
struct wpa_auth_ml_link_rsn_info *info);
void wpa_auth_ml_get_key_info(struct wpa_authenticator *a,
struct wpa_auth_ml_link_key_info *info,
bool mgmt_frame_prot, bool beacon_prot);

View file

@ -1533,52 +1533,6 @@ static int hostapd_set_ltf_keyseed(void *ctx, const u8 *peer_addr,
#ifdef CONFIG_IEEE80211BE
static int hostapd_wpa_auth_get_ml_rsn_info(void *ctx,
struct wpa_auth_ml_rsn_info *info)
{
struct hostapd_data *hapd = ctx;
unsigned int i;
wpa_printf(MSG_DEBUG, "WPA_AUTH: MLD: Get RSN info CB: n_mld_links=%u",
info->n_mld_links);
if (!hapd->conf->mld_ap || !hapd->iface || !hapd->iface->interfaces)
return -1;
for (i = 0; i < info->n_mld_links; i++) {
unsigned int link_id = info->links[i].link_id;
struct hostapd_data *bss;
bool link_bss_found = false;
wpa_printf(MSG_DEBUG,
"WPA_AUTH: MLD: Get link RSN CB: link_id=%u",
link_id);
if (hapd->mld_link_id == link_id) {
wpa_auth_ml_get_rsn_info(hapd->wpa_auth,
&info->links[i]);
continue;
}
for_each_mld_link(bss, hapd) {
if (bss == hapd || bss->mld_link_id != link_id)
continue;
wpa_auth_ml_get_rsn_info(bss->wpa_auth,
&info->links[i]);
link_bss_found = true;
break;
}
if (!link_bss_found)
wpa_printf(MSG_DEBUG,
"WPA_AUTH: MLD: link=%u not found", link_id);
}
return 0;
}
static int hostapd_wpa_auth_get_ml_key_info(void *ctx,
struct wpa_auth_ml_key_info *info)
{
@ -1696,7 +1650,6 @@ int hostapd_setup_wpa(struct hostapd_data *hapd)
.set_ltf_keyseed = hostapd_set_ltf_keyseed,
#endif /* CONFIG_PASN */
#ifdef CONFIG_IEEE80211BE
.get_ml_rsn_info = hostapd_wpa_auth_get_ml_rsn_info,
.get_ml_key_info = hostapd_wpa_auth_get_ml_key_info,
#endif /* CONFIG_IEEE80211BE */
.get_drv_flags = hostapd_wpa_auth_get_drv_flags,

View file

@ -180,10 +180,6 @@ struct wpa_state_machine {
bool valid;
u8 peer_addr[ETH_ALEN];
const u8 *rsne;
size_t rsne_len;
const u8 *rsnxe;
size_t rsnxe_len;
struct wpa_authenticator *wpa_auth;
} mld_links[MAX_NUM_MLD_LINKS];
#endif /* CONFIG_IEEE80211BE */