The full scan at the beginning of the chirping step can take over 15
seconds when 6 GHz and S1G channels are included and the timeout here is
not enough to handle that.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Explicitly flush the scan cache in wpa_supplicant and cfg80211 to avoid
test failures here. An additional BSS table entry from a scan based on a
previous test case could result in causing this test case to report
failure since each beacon response could include multiple entries and
the check for the details would fail due to the unexpected data.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Explicitly wait for the STA to complete connection or channel switch
processing before running the second connectivity check.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
It is possible for the parallel connection attempt with an AP and P2P
device discovery with P2P search on social channels to take close to the
15 second timeout and these test cases could fail because of that
instead of a real issue. Increase the timeout to make this less likely
to cause test failures. In addition, add a debug entry to the log on the
r_dev timeout to avoid confusing print from the i_dev thread reporting a
timeout even when the first timeout was on the rdev_
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Similar to other cases before, this may end up trying to
send the frame before the carrier state is ready. Ensure
it's ready before sending the frame.
To do that, rename the sync_carrier() function and make
the ifname argument optional.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Due to scheduling in UML time-travel, the test may continue
running and find that the failure didn't trigger when really
the frame just didn't make it through to the other side. Add
some time for the necessary processing.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
This makes valgrind reports somewhat cleaner when external libraries
have memory leaks that are not straighforward to fix. In addition,
increase the number of functions to include backtraces since the default
was not large enough to cover some cases.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Allow the Timeout Interval Type field in the Timeout Interval element to
be overridden with a different value for testing purposes to be able to
bypass the association comeback processing in mac80211. This allows the
wpa_supplicant internal functionality to be tested.
Signed-off-by: Jouni Malinen <j@w1.fi>
Add HS20TermsAndConditions signal to D-Bus API to allow clients to be
notified when the network requires the acceptance of terms and
conditions. The URL of the T&C page is provided as a signal parameter.
Signed-off-by: Damien Dejean <damiendejean@chromium.org>
The ps command as shipped by busybox does not support the "command"
column. Change the code to use pgrep instead which will work fine in all
environments.
In addition, raise an exception if PID was not found since the test
would just hang with pid = 0.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Avoid race conditions (especially with UML time travel) between AP
completion of 4-way handshake and traffic test.
Signed-off-by: Jouni Malinen <j@w1.fi>
The test cases that used country code ZA for the actual test on the 5
GHz band ended up failing in some cases due to various race conditions
with the initial AP start on the 5 GHz band using country code US.
Reduce the risk for that type of failures by using the same country code
ZA for both AP starts.
Signed-off-by: Jouni Malinen <j@w1.fi>
Add a test that runs the cfg80211/mac80211 kunit tests (they must be
built as modules to run at this point), and checks the results. The test
is skipped if all the modules fail to load.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Add tests for new response handling logic:
1. Verify MSCS change response handling in association / action frame.
2. Verify MSCS unsolicited response handling.
Signed-off-by: Daniel Gabay <daniel.gabay@intel.com>
It looks like the first broadcast frame might be missed in some cases,
so increase the timeout here to allow another round of frames to be
attempted.
Signed-off-by: Jouni Malinen <j@w1.fi>
fils_offload_to_driver2 and wpas_config_file_key_mgmt require
CONFIG_FILS=y, but they did not use check_fils_capa().
Signed-off-by: Jouni Malinen <j@w1.fi>
Verifying that the station can successfully associate again
after being deauthenticated or disassociated.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
This triggers a kmemleak scan between tests. This allows finding memory
leaks and doing this should attribute the leak to the correct test in
most cases. Note that it does add a sleep after each test, as such it is
most sensible when combined with UML time-travel.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
We need the station to be fully set up on the AP before
running the connectivity check, not just the station to
be set up itself. Just waiting for the events seems to
still be racy so just sleep a little bit.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Appending to a bytes() object is rather inefficient. As such, avoid
doing so by first creating a list and then joining all buffers together
at the end only.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
_FORTIFY_SOURCE requires at least -O2 optimization level.
This may result in compilation warnings. Fix it.
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
It is possible to execute the tests directly inside the a VM without
necessarily running the repository wrapper script to do so. In these
cases, passing the VM flag using an environment variable allows
correctly flagging this fact to the tests.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
The regulatory domain cannot be reset while the AP is still active. Add
the appropriate commands to bring down the AP after the test, which will
also make resetting the regulatory domain work.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
pyrad does an internal call to getaddrinfo with the service "www".
Make sure this service is known by writing an appropriate
/etc/services file.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
pyrad internally uses socket.getaddrinfo. While it is documented that
one can pass an empty string to bind to all interfaces. The underlying
function expects None instead though, breaking the call.
Either way, it does not hurt to set the bind address to 127.0.0.1
explicitly, so do so to avoid issues.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
It seems that the messages from ip may have a trailing space in some
cases, which may break matching in surrounding logic. Strip the output
to remove whitespace and avoid any issues this may cause.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Extend the previously used minimal test case with full validation of the
selected channel and connection since hostapd now has support for the
HT40- case as well.
Signed-off-by: Jouni Malinen <j@w1.fi>
With UML time-travel, it was possible for a GAS frame to end up in the
capture file for the next test case and if that next case used tshark to
count the number of frames (which is done, e.g., in
gas_anqp_address3_assoc), the following test case could have indicated
failure even when everything worked correctly.
Signed-off-by: Jouni Malinen <j@w1.fi>
The cfg80211 default QoS mapping might be updated to align with the
recommendations in section 4 in RF C8325. Align the QoS mapping tests
accordingly. For now, allow both the previous and new mapping to pass
the test.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Add a simple test that exemplifies TX power configuration when operating
on the 6 GHz band.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Some of these can take close to the previously used timeouts and this
could result in reporting failures in cases that worked fine.
Signed-off-by: Jouni Malinen <j@w1.fi>
Test EHT connection on the 5 GHz band with channel bandwidths 20-160 MHz
and up to 320 MHz on the 6 GHz band.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
This avoids issues with old scan results from a previous test causing
incorrect association after WPS exchange.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
The previous timeout allowed only a single chirping round, and sometimes
not even that full round. That resulted in test failures for cases where
there was not really any incorrect behavior.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Stop dev[0] from trying to associate at the end of the test case to
reduce risk for leaving out some pending operations that could mess up
the following test case.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Handle the cases where the first attempt to start scan fails due to an
ongoing scan. Stop such scan and try again instead of failing the test
case immediately.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
This avoids race conditions with UML time-travel where some cases ended
up not reporting the DPP-TX-STATUS event and that resulted in discarding
events that are more important to verify for correct behavior.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
One of the sigma_dut testing cases missed the t.join() call to make
surte the separate thread terminated. This could result in confusing
"unexpected stdout output" in a middle of an unrelated test case.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Stop and restart P2P_FIND on dev[1] to avoid timing issues where the
wait on dev[1] makes the test case fail even though this was trying to
verify that dev[0] is reacting quickly enough.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Wait a bit between the DPP-SCAN-PEER-QR-CODE event and reporting of the
QR Code to avoid a race condition.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Avoid a race condition that could result in the relay (hostapd)
maintaining STA association with PMF and discarding of the GAS frames.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Terminate the group explicitly before cleanup to avoid a race condition
between an automatically started scan to find the GO again and the scan
started to clear the scan cache.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Wait a bit to allow stopping of the DPP_LISTEN operation to be completed
before issuing the DPP_QR_CODE command that would send the frame that
these test cases expect to not get ACKed.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Wait some time between the first DPP Authentication Response that
indicates the response is not yet available and the second DPP
Authentication Response to make this sequence a bit more realistic and
less likely to hit race conditions with UML time-travel.
Signed-off-by: Jouni Malinen <j@w1.fi>
Wait for hostapd to complete STA authorization before running the
connectivity test between two associated STAs.
Signed-off-by: Jouni Malinen <j@w1.fi>
It can take significant amount of time to find the peer in this type of
a case where an AP connection is forced on a different channel while
going through p2p_find on both devices.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
DPP initiator will try three channels in this sequence and it can take
very close to the previously used five second timeout before being able
to try on the actual operating channel of the AP. This could result in
the test case failing unnecessarily. Increase the timeout to avoid this.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Avoid potential race condition in ap_cipher_tkip_countermeasures_ap by
sending the first test frame only after the AP has completed processing
the 4-way handshake and also wait a bit to allow the group key handshake
to be completed.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
If a tests hits a WARN_ON_ONCE then the retriggering will make it appear
to pass, since the warning will not happen again. Make this more
reliable by resetting the states at the beginning of each test.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
The kernel has an asynchronous work to enable TX, which hasn't always
run by the time we get to TX tests. Do a sysfs read from the carrier
file before TX, on newer kernels this synchronises the needed state.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
It looks like the lifetime_in_memory test cases can hit a read failure
(Errno 5 - Input/output error) every now and then, so skip memory areas
that report that, but go through all readable process memory.
Signed-off-by: Jouni Malinen <j@w1.fi>
Wait for AP/GO to complete processing before taking the next step in a
test instead of waiting just for STA. This avoids race conditions with
UML time-travel.
Signed-off-by: Jouni Malinen <j@w1.fi>
The remaining lifetime of the PMKSA entry is decreasing, so need to
allow it to differ between the old and new entries.
Signed-off-by: Jouni Malinen <j@w1.fi>
Avoid race condition with TX status reporting for the broadcast
Deauthentication frame. This could be delivered after the SET command
for ext_mgmt_frame_handled=1 and as such, could result in an
MGMT-TX-STATUS event that would confuse the next step in the test.
Signed-off-by: Jouni Malinen <j@w1.fi>
Wait for the externally triggered scan to actually start before issuing
the own scan command to avoid a race condition with UML time-travel.
Signed-off-by: Jouni Malinen <j@w1.fi>
Do not leave dev[0] in state where it is waiting for
NL80211_CMD_ASSOCIATE to complete since that might deliver an
ASSOC_TIMED_OUT event to the next test case.
Signed-off-by: Jouni Malinen <j@w1.fi>
This test case has a race condition between the first and second
initiated DPP exchange. New kernel scheduling with UML time-travel is
making the first exchange complete before the first one can be started.
Making this fully robust would likely need ext_mgmt_frame_handling=1 and
more complex test script, but as an initial workaround, split URI
parsing from dev[2] to happen before dev[1] is started so that only a
single DPP_AUTH_INIT command is needed during the race window.
In addition, detect the race condition and SKIP the test instead of
reporting FAIL.
Signed-off-by: Jouni Malinen <j@w1.fi>
Wait for hostapd to complete processing before taking the next step in a
test instead of waiting just for wpa_supplicant. This avoids race
conditions with UML time-travel.
Signed-off-by: Jouni Malinen <j@w1.fi>
Even though the radio work has started here, kernel might not have
started ROC (i.e., the REMAIN_ON_CHANNEL event has not yet been
received). Wait a bit to increase likelihood of everything being ready
for the following DPP operation.
Signed-off-by: Jouni Malinen <j@w1.fi>
At least with UML time-travel, it is possible for the response frame to
be received before the TX status of the request is delivered. Such a
sequence resulted in run_req_beacon() dropping the response event and
the following step failing due to a missing event. Avoid this by caching
the received response in run_req_beacon() and returning them to the
caller.
Signed-off-by: Jouni Malinen <j@w1.fi>
Wait some time before requesting disconnection to allow hostapd to
complete 4-way handshake processing. Wait some time after disconnection
has been completed on the STA before trying to use SAE again with the AP
so that hostapd has a chance to complete disconnection with UML
time-travel.
Signed-off-by: Jouni Malinen <j@w1.fi>
The underlying driver can reject only specific links in an association
request. In that case we will only ignore the corresponding BSS. Add a
test for this flow by simulating an association failure on the second
link specifically.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Test ML association, automatic link discovery using ML probe requests
and marking BSSs as failed after an ML association failure, if the
corresponding link also rejected the association.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Also check that we can discover BSSs requests using ML probe requests.
Note that this requires a new enough mac80211 which parses the ML probe
request and reports the contained BSSs.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Going through everything to test parsing of the basic ML element and the
RNR element is not really feasible for MBSSID mode. As such, add a unit
test to excercise parsing the available links from the RNR, basic ML
element and MBSSID-Index element if present.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Having the ability to trigger multiple failures in one test can be
useful. Add support to the test infrastructure to do this.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
These were either sending the command to the wrong
hostapd/wpa_supplicant instance or using the wrong command. This
currently causes the wait to just immediately stop, but with future
commits it would start failing.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Future commits change the related code and exception string. Avoiding
using the context is easy here and actually avoids two layers of
nesting.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
IEEE P802.11be/D4.0, 9.4.2.312.2.3 states that the AP MLD ID should only
be included in some ML probe responses. Beacon frames shouldn't include
AP MLD ID.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
With more channels now available in some regulatory domains, some scan
operations can take longer. Give them more time to complete in tests.
For two cases this required adding a timeout parameter to connect(),
which is then passed through.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Test functionality in cases where MBSSID is used with a WPA2-Personal
only BSS as the transmitted BSS and WPA3-Personal BSS as the
nontransmitted BSS.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Otherwise the station or AP might be doing router advertisements,
causing keep alive already without the mechnism that is being tested.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
dpp_config_legacy_gen_two_conf_psk and dpp_config_legacy_gen_two_conf
tried to set a DPP parameter before having verified that CONFIG_DPP was
used in the build.
Signed-off-by: Jouni Malinen <j@w1.fi>
Starting a thread to initiate DPP before starting the responder through
sigma_dut can result in unexpected testing behavior since there may not
be enough time to get the responder enabled before timing out som
initiator actions. Wait a second at the beginning of the initiator
thread in dpp_init_conf() similarly to how this was handled in other
initiator-from-thread cases.
Signed-off-by: Jouni Malinen <j@w1.fi>
Wait for stdout/stderr in a more robust manner to avoid blocking the
pipes and kill the sigma_dut process if it fails to terminate cleanly.
Signed-off-by: Jouni Malinen <j@w1.fi>
Responder receives Authentication Request and Config Request in a
sequence and it is possible for the Config Request to be received before
MGMT_RX_PROCESS has been processed for Authentication Request in the
cases where the test script is in the middle of RX processing. This can
result in DPP-AUTH-SUCCESS being delivered only after the MGMT-RX event
for Config Reques which means that wait_auth_success() would lose that
MGMT-RX event.
Avoid this issue by caching the "extra" MGMT-RX event within
wait_auth_success() and having the caller verify if the Config Request
(GAS Initial Request) has already been received before waiting to
receive it.
This makes dpp_gas, dpp_gas_comeback_after_failure, and
dpp_gas_timeout_handling more robust.
Signed-off-by: Jouni Malinen <j@w1.fi>
UML time travel allows the deauthentication event to be processed more
quickly than the delivery of EAP-Success to the client through the test
script, so accept either sequence here.
Signed-off-by: Jouni Malinen <j@w1.fi>
connect_network() tried to make test log more readable with a
dump_monitor() call at the end of the function. However, this could end
up practically dropping an event that arrives more or less immediately
after CTRL-EVENT-CONNECTED. This could happen with UML time travel,
e.g., in suite_b_192_pmksa_caching_roam.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Wait for hostapd connection event before issue HS20_WNM_NOTIF to avoid a
race condition with UML time travel.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
This event may be sent before CTRL-EVENT-CONNECTED, so modify the test
cases to wait directly for TRANSITION-DISABLE by skipping the separate
wait for CTRL-EVENT-CONNECTED.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
It is possible for the sigma_dut process to be scheduled in a manner
that ends up combining the status,RUNNING and status,COMPLETE lines into
a single TCP message. This was supposed to be handled in the
sigma_dut_cmd() implementations, but that design had been broken by code
refactoring that changed the indentation level incorrectly.
Fixes: d68946d510 ("tests: sigma_dut and DPP push button first on Enrollee")
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Use more specific condition for the allocation failure to allow
wpa_supplicant_trigger_scan() implementation to be modified without
making this test case fail.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Wait for allocation failure using wait_fail_trigger() instead of waiting
for a scan failure event since that failure event will go away with
implementation change.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>