Update the version number for the build and also add the ChangeLog
entries for both hostapd and wpa_supplicant to describe main changes
between v2.10 and v2.11. Update the copyright years for the main
programs.
Signed-off-by: Jouni Malinen <j@w1.fi>
In the hostapd_cleanup_driver() function, the NULL check for the driver
private data (drv_priv) is located within the CONFIG_IEEE80211BE feature
flag. As a result, on platforms where CONFIG_IEEE80211BE is not defined,
driver->hapd_deinit(drv_priv) is called with drv_priv set to NULL. This
leads to a null pointer exception in wpa_driver_nl80211_deinit().
To address this issue, move the NULL check for drv_priv outside the
CONFIG_IEEE80211BE build flag. This ensures that the check is performed
regardless of the value of CONFIG_IEEE80211BE, preventing the NULL
pointer exception.
Fixes: df34c2ced3 ("AP MLD: De-initialize/disable link BSS properly")
Signed-off-by: Sunil Ravi <sunilravi@google.com>
Currently wpa_ft_parse_ies() is setting FTE information to wpa_buf
pointer data which is generated after defragmentation. This data will
not contain FTE and Fragment element(s) headers.
IEEE P802.11be/D5.0 describes the MIC to be calculated on the
concatenation of FTE and corresponding Fragment element(s) which
implies the element headers are included for each element in the
fragmented case.
Fix this by correctly populating FTE information when FTE is
fragmented.
Fixes: 43b5f11d9 ("Defragmentation of FTE")
Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
During CSA with DFS channels, disable, enable interface is a part of the
algorithm. When interface was enabled old operating class before switch
and new channel were used causing mismatch in
configured_fixed_chan_to_freq() function.
Example of log when switch from channel 157 to 108 was triggered:
"Could not convert op_class 124 channel 108 to operating frequency"
Fixes: bb781c763 ("AP: Populate iface->freq before starting AP")
Signed-off-by: Marek Kwaczynski <marek@mazekey.pl>
When multi_ap is active, hostapd creates an AP-VLAN interface for 4addr
stations, even though wds_sta is not configured.
A check should be added to determine if wds_sta is active before
re-enabling the WDS mode by creating an AP-VLAN for 4addr stations.
Signed-off-by: Baligh Gasmi <gasmibal@gmail.com>
Going through five extra rounds of SAE commit messages in cases where
SAE peers are somehow unsynchronized feels unnecessary much to do by
default, so drop the default value to 3.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Reduce the number of unwanted SAE commit retries in synchronization
error cases when Sync > dot11RSNASAESync in mesh cases by discarding
received SAE commit messages for 10 seconds after a sync error has been
detected.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
I've run into a case where I can bring a 2.4 GHz AP up without it being
in a bridge while I used the 'bridge=' config option. This happens when
the HT scan needed for 40 MHz operation failed to start from the get go
because another dev on the same phy was already in a scan. At the end
the AP is up and running but not added into any bridge.
Upon looking at the code, it seems that some hardware fails to issue a
scan while in AP and thus we have a fallback that switches the interface
from AP to STA before retrying another scan (it will change it back to
AP later on when finished). As we cannot have a (non-WDS) STA in a
bridge, during that procedure, we also remove/add the AP/STA from/to the
bridge as needed.
However, in wpa_driver_nl80211_scan() we do not set
drv->ap_scan_as_station until the end of the switch-to-sta &
retry-scan-start block. This means that when the recursive call to
wpa_driver_nl80211_scan() fails (the hardware is busy in my case) we
restore the interface to AP with wpa_driver_nl80211_set_mode() but that
will not add it back to the bridge. Problem.
To fix this lets always set drv->ap_scan_as_station before calling
wpa_driver_nl80211_set_mode(). In case wpa_driver_nl80211_set_mode() or
wpa_driver_nl80211_scan() fails lets call nl80211_restore_ap_mode() that
will set the mode back to AP but also handle the bridge thing as needed.
Signed-off-by: Nicolas Escande <nico.escande@gmail.com>
The USD passive subscriber and solicited transmission only publisher
require receiving multicast NAN action frames in order to work.
Currently, we are not requesting to receive multicast when
registering NAN action frames. As a result, USD passive subscribe or
solicited only publish may not work.
The NL80211_ATTR_RECEIVE_MULTICAST attribute corresponds to wiphy
ext feature NL80211_EXT_FEATURE_MULTICAST_REGISTRATIONS, which
requires driver support and only a few drivers in the kernel tree
support it. Namely ath9k, ath9k_htc, ath10k and hwsim. We should
fall back to register non multicast action frames if the driver
has no support.
It was confirmed that ath9k_htc starts to work after the changes.
Note that even without requesting to receive multicast Action
frames, some drivers would still upload them. For example, rtl8192cu
and hwsim. This is why test cases like test_nan_usd_match would not
fail.
Tested-on: TP-LINK TL-WN821N v3(AR7010+AR9287, ath9k_htc)
Signed-off-by: Chien Wong <m@xv97.com>
The Wi-Fi Aware Specification v4.0 only defines unsolicited
transmissions only, solicited transmissions only and both unsolicited
and solicited transmissions publish. The other possibility is undefined
so we should reject it.
Signed-off-by: Chien Wong <m@xv97.com>
When the first link is deleted and there are still remaining links,
drv->ctx should be updated to the new default link on the bss.
Otherwise, drv->ctx points to the address that has already been freed
and makes hostapd crash.
Fixes: d2b62b3fe5 ("AP MLD: Support link removal before removing interface")
Signed-off-by: Michael-CY Lee <michael-cy.lee@mediatek.com>
Currently, when the ACS is updating the puncturing bitmap, the function
acs_update_puncturing_bitmap() sets the primary channel bitmap to 0.
This leads to a potential issue where the primary channel could be
punctured if ACS selects a different best channel within the same
segment.
To fix this issue, ensure that the primary channel bitmap is correctly
set by calculating the index of the primary channel based on the
frequency difference between the current channel and the best channel in
the segment, and is then passed to acs_update_puncturing_bitmap().
Fixes: af0f60e7dd ("EHT: Calculate puncturing bitmap for ACS")
Signed-off-by: Hari Naraayana Desikan Kannan <quic_hnaraaya@quicinc.com>
The current ACS algorithm incorrectly returns success even when there is
no survey list, leading to improper interference factor calculation.
This leads to treating 0 as a valid interference factor, which affects
channel selection judgment.
Fix the issue by ensuring success is only returned when the survey list
is not empty, thereby ignoring non-zero values in the interference
factor calculation.
Signed-off-by: Hari Naraayana Desikan Kannan <quic_hnaraaya@quicinc.com>
Update the documentation to reflect the ACS algorithm used in the code.
No functionality change.
Signed-off-by: Hari Naraayana Desikan Kannan <quic_hnaraaya@quicinc.com>
While TKIP should not really be used at all anymore and is not allowed
for WPA3 (which is required for Wi-Fi 7), there are some deployed APs
that allow WPA2 PSK to be used with MLO and even allowing WPA+WPA2 mode
with TKIP as the group cipher). IEEE P802.11be/D5.0 does not seem to
explicitly disallow this combination, so handle the MLO GTK KDE key
processing similarly to the way GTK KDE is processed, i.e., including
swapping of Michael MIC Tx and Rx keys for TKIP.
This fixes issues with Michael MIC failures if TKIP is used as a group
cipher for a multi-link association.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Add a new "ssid_verified=1" entry into the control interface STATUS
command output if the SSID has been verified for the current
association. This verification may have been done implicitly (e.g., with
SAE H2E and FT protocol binding in the SSID into key derivation or with
FILS protecting the SSID element in the (Re)Association Request frame)
or explicitly with the recently added SSID protection mechanism during
the 4-way handshake.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
On the AP responder side, KDK was derived if the driver advertises
WPA_DRIVER_FLAGS2_SEC_LTF_AP. That is not correct, i.e., this needs to
also depend on the initiator indicating support for this in the RSNXE of
PASN authentication frame 1.
Signed-off-by: Sai Pratyusha Magam <quic_smagam@quicinc.com>
The matching code currently only tests whether the prefix of a function
matches. Make this more strict by ensuring that the function name is not
longer.
However, as this breaks some tests (due to inlining), add the ability to
do an explicit prefix match by appending a '*' to the function name. Use
this to change the eap_eke_prf match to eap_eke_prf_* in order to match
one of the actual implementations.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
The functions specified by the user might be longer than the function in
the backtrace, potentially overflowing the memcmp(). In practice, it
should not be a relevant out-of-memory read. However, we can use
strncmp() instead.
Note that, as before, this is only a prefix match. If a function name is
longer in the backtrace it will still match.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
If the kck_len is 0 then the pointer may be NULL. If that happens UBSAN
complains about the NULL pointer as memcpy() has the arguments declared
to never be NULL even if the copied number of bytes were zero.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Since 0ce1545dcb ("nl80211: Determine maximum number of supported
AKMs") we get the maximum number of supported AKMs from the kernel.
Let's use that instead of the legacy NL80211_MAX_NR_AKM_SUITES when
setting up AP mode operation.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Some deployed STAs that advertise SecureLTF support in the RSNXE in
(Re)Association Request frames, do not derive KDK during PTK generation.
Since the correct key calculations in the AP includes an additional KDK
generation in such cases, this causes different PTK-KCK being derived
and the AP ultimately discarding EAPOL-Key message 2/4 due to MIC
validation failure.
Try to derive a PTK without KDK as a workaround in such cases and allow
the 4-way handshake to continue if this results in a matching MIC.
Signed-off-by: Sai Pratyusha Magam <quic_smagam@quicinc.com>
When an HE BSS color event is received from the driver, the event was
delevered to the first link BSS ctx. To support HE BSS color with MLO,
there is a need to identify the correct link for which the event is
intended.
Add link ID parsing support in the event handler and pass the link ID
(if included) down to the event handler so that appropriate link can be
selected.
Signed-off-by: Aditya Kumar Singh <quic_adisi@quicinc.com>
Almost same logic is there in handling four different commands related
to color collision. Later when link ID needs to be parsed, it would be
more duplicate logic at four different places. Hence refactor and bring
it in a single function.
No functionality changes.
Signed-off-by: Aditya Kumar Singh <quic_adisi@quicinc.com>
In function handle_assoc(), ieee802_11_update_beacons() was used to
update the Beacon frames. However, with commit a5d0bb42a2 ("Reduce
delay between Association Request and Association Response"), it was
changed to ieee802_11_set_beacons() which basically overturned what
commit e59d2a31cf ("hostapd: Fix premature beacon set during
association handling") did which is not correct.
Fix this and use ieee802_11_update_beacons() instead of
ieee802_11_set_beacons().
Fixes: a5d0bb42a2 ("Reduce delay between Association Request and Association Response")
Signed-off-by: Aditya Kumar Singh <quic_adisi@quicinc.com>
There is no need to depend on all uses (i.e., both hostapd and
wpa_supplicant) to verify that the length of the Rejected Groups field
in the Rejected Groups element is valid (i.e., a multiple of two octets)
since the common parser can reject the message when detecting this.
Signed-off-by: Jouni Malinen <j@w1.fi>
The latest Linux kernel is mandating link ID with NL80211_CMD_TDLS_MGMT
for MLO connections. This resulted in not being able to perform TDLS
operations during a multi-link association.
Fix this by sending link ID in NL80211_CMD_TDLS_MGMT when available. If
link ID info is not available, send the link ID of the association link.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Always check the Message-Authenticator attribute in a received RADIUS
message if it is present. Previously, this would have been skipped if
the attribute was not required to be present.
Signed-off-by: Jouni Malinen <j@w1.fi>
hostapd required Message-Authenticator attribute to be included in EAP
authentication cases, but that requirement was not in place for MAC ACL
cases. Start requiring Message-Authenticator attribute for MAC ACL by
default. Unlike the EAP case, this can still be disabled with
radius_require_message_authenticator=1 to maintain compatibility with
some RADIUS servers when used in a network where the connection to such
a server is secure.
Signed-off-by: Jouni Malinen <j@w1.fi>
Do not allow the exception for missing Message-Authenticator in
Access-Reject without EAP-Message. While such exception is allowed in
RADIUS definition, there is no strong reason to maintain this since
Access-Reject is supposed to include EAP-Message and even if it doesn't,
discarding Access-Reject will result in the connection not completing.
Signed-off-by: Jouni Malinen <j@w1.fi>
Even if this might not be strictly speaking necessary for mitigating
certain RADIUS protocol attacks, be consistent with the RADIUS server
behavior and move the Message-Authenticator attribute to be the first
attribute in the RADIUS DAS responses from hostapd.
Signed-off-by: Jouni Malinen <j@w1.fi>
Even if this is not strictly speaking necessary for mitigating certain
RADIUS protocol attacks, be consistent with the RADIUS server behavior
and move the Message-Authenticator attribute to be the first attribute
in the message from RADIUS client in hostapd.
Signed-off-by: Jouni Malinen <j@w1.fi>
Move the Message-Authenticator attribute to be the first attribute in
the RADIUS messages. This mitigates certain MD5 attacks against
RADIUS/UDP.
Signed-off-by: Jouni Malinen <j@w1.fi>
If a Message-Authenticator attribute was already added to a RADIUS
message, use that attribute instead of adding a new one when finishing
message building. This allows the Message-Authenticator attribute to be
placed as the first attribute in the message.
Signed-off-by: Jouni Malinen <j@w1.fi>
When parsing a SAE Commit message, the temporary peer_rejected_groups
parameter was left to its old value in cases where the new SAE Commit
message did not include the Rejected Groups element. This could result
in unexpected behavior if a previously processed SAE Commit message
included a Rejected Groups element that claimed one of the enabled
groups to be rejected.
Explicitly clear the peer_rejected_groups value when parsing an SAE
Commit message without a Rejected Groups element to avoid rejecting the
new message based on some previously received incorrect information.
This avoids some potential denial-of-service issues during the lifetime
of the SAE temporary data.
Signed-off-by: Jouni Malinen <j@w1.fi>
Instead of practically ignoring an odd octet at the end of the element,
check for such invalid case explicitly. This is needed to avoid a
potential group downgrade attack.
Signed-off-by: Jouni Malinen <j@w1.fi>
Add a vendor attribute to configure a STA to follow AP advertised
preference values to select roam candidates with BTM.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Use the existing QCA_WLAN_VENDOR_ATTR_TWT_SETUP_RESPONDER_PM_MODE
attribute for TWT setup request to configure the Responder PM Mode bit
in the control field of the TWT element or broadcast TWT schedule.
Signed-off-by: Purushottam Kushwaha <quic_pkushwah@quicinc.com>
Add a flag attribute
QCA_WLAN_VENDOR_ATTR_TWT_SET_PARAM_UNAVAILABILITY_MODE into enum
qca_wlan_vendor_attr_twt_set_param to configure the TWT responder
unavailability outside of the SPs of its broadcast TWT schedule.
Signed-off-by: Purushottam Kushwaha <quic_pkushwah@quicinc.com>
Authentication rejection was found when doing fuzz testing even with a
valid SAE commit message when it was sent after a SAE commit message
that included an incorrect password identifier. The test steps for this
are as below:
1. Peer sends an abnormal commit message with incorrect password
identifier
2. APUT rejects as expected
3. Peer sends a valid commit message
4. APUT rejects again, which is not expected
In step 2, as the abnormal data fakes an empty password identifier
element, it passes sae_is_password_id_elem() checking. Memory is then
allocated for sae->tmp->pw_id. The authentication process then fails
due to no available password with this invalid password identifier.
In step 4, though the peer sends a valid commit message, APUT rejects
this SAE commit again due to no password identifier element (due to that
sae->tmp->pw_id being set), which is not expected.
Free the sae->tmp->pw_id field and set it to NULL when SAE commit
message processing fails due to an unknown password identifier so that
the bogus value is not used as a requirement for any consecutive SAE
commit from the same STA before the STA entry gets cleared.
Signed-off-by: Chenming Huang <quic_chenhuan@quicinc.com>
The Link Id attribute is required for secure ranging context to identify
the link on which the command is received for an MLD.
Signed-off-by: Nidhi Jain <quic_nidhjain@quicinc.com>
The Link Id attribute is required for QCA_NL80211_VENDOR_SUBCMD_PASN to
identify the link on which the command is received for an MLD.
Signed-off-by: Nidhi Jain <quic_nidhjain@quicinc.com>
The Link Id attribute is required for external ACS context to identify
the link on which the command is received for an AP MLD.
Signed-off-by: Diya Sati <quic_dsati@quicinc.com>
Add support for SSID protection in 4-way handshake based on the
mechanism added in IEEE 802.11REVme/D6.0. This is a mitigation against
CVE-2023-52424 (a.k.a. the SSID Confusion Attack).
This functionality is disabled by default and can be enabled with
ssid_protection=1. Once there has been more testing of this to confirm
there is no significant interoperability issues, the goal is to be able
to change this to be enabled by default.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Add support for SSID protection in 4-way handshake based on the
mechanism added in IEEE 802.11REVme/D6.0. This is a mitigation against
CVE-2023-52424 (a.k.a. the SSID Confusion Attack).
This functionality is disabled by default and can be enabled with
ssid_protection=1 in the network profile. Once there has been more
testing of this to confirm there is no significant interoperability
issues, the goal is to be able to change this to be enabled by default.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Send the link ID in the nl80211 command to switch color if the AP is
affiliated with an AP MLD.
Signed-off-by: Aditya Kumar Singh <quic_adisi@quicinc.com>
Once CCA is finished, Beacon frames need to be updated. The BCCA element
needs to be removed and the new color value shall be advertised in the
BSS Color Information field of the HE Operation element.
Update the Beacon frames accordingly.
Signed-off-by: Aditya Kumar Singh <quic_adisi@quicinc.com>
Add hostapd_cli command "color_change <color>" to change BSS color at
run time. hostapd_cli status can be used to check the updated color.
Usage: hostapd_cli -i <interface> color_change <color>
If 0 value is given, HE BSS color would be disabled. Same or a non-zero
value between [1-63] can be given to enable color again.
Signed-off-by: Aditya Kumar Singh <quic_adisi@quicinc.com>
Currently, if ACS scan request fails, states are cleared and returned.
However, in case of MLO, there is a possibilty of getting return value
of -EBUSY. In this case, ACS can retry the scan request after some time
similary to the HT40 scan.
Hence, retry the scan after 5 seconds if -EBUSY is returned. Maximum of
15 re-attempts are made before giving up.
Signed-off-by: Harshitha Prem <quic_hprem@quicinc.com>
Co-developed-by: Aditya Kumar Singh <quic_adisi@quicinc.com>
Signed-off-by: Aditya Kumar Singh <quic_adisi@quicinc.com>
Currently, RADIUS client, auth server, and 802.1X are copied from the
first link's BSS into the non-first link during its setup. However,
there could be a case where the first link is not initialized fully
because of ACS/HT40 SCAN/DFS. Hence, in such cases, NULL is getting
copied and later it leads to segmentation fault.
Initialize those on behalf of the first link in such case and update it
so that the next time other non-first link can use it.
Signed-off-by: Aditya Kumar Singh <quic_adisi@quicinc.com>
Parse the Multiple BSSID element in Beacon frames and create and update
all the nontransmitted BSSs.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Userspace tools can use QCA_WLAN_VENDOR_ATTR_CONFIG_IF_OFFLOAD_TYPE to
configure the different below acceleration features (hardware, software)
on a per interface basis.
0 - No acceleration Packets are processed through the Linux kernel
networking stack.
1 - Software based acceleration: Packets are processed through the
shortcut forwarding engine (SFE) to bypass the Linux networking stack
for improved throughput performance. This option is applicable for AP,
STA, and Mesh mode and available for all radio designs. From the
performance aspect, this option consumes more CPU compared to the other
two options. Linux traffic control can be further applied with this
option to have more control on the traffic flows.
2 - Hybrid acceleration (software and hardware acceleration combined):
Packets are processed through both hardware and software in this case.
Packet classification is done by the hardware and then the packets are
delivered to software along with classification results as meta data.
Software can choose to do more classification/QoS based on use cases.
This is applicable for AP, STA, and Mesh modes and is available for all
radio designs. From the performance aspect, this option consumes
relatively less CPU compared to the SFE option above. Linux traffic
control rules cannot be applied with this option.
3 - Hardware based acceleration : Packets are processed through special
hardware (Direct Switch) rings which can directly forward the packets
between ethernet hardware and Wi-Fi hardware with very less software
involvement. This is applicable only for AP and STA modes; not
applicable for Mesh mode. From the performance aspect, this option
consumes very much less CPU compared to the other options. Linux traffic
control rules cannot be applied when this option is used. This option is
applicable only for specific radio designs. When this option is not
available, the default option (SFE) would be configured.
Signed-off-by: Balamurugan Mahalingam <quic_bmahalin@quicinc.com>
Add following vendor attributes to dynamically configure parameters to
detect data stall for consecutive TX no ack.
- QCA_WLAN_VENDOR_ATTR_CONFIG_CONSECUTIVE_TX_NO_ACK_DURATION
- QCA_WLAN_VENDOR_ATTR_CONFIG_CONSECUTIVE_TX_NO_ACK_THRESHOLD
Signed-off-by: Jianmin Zhu <quic_jianminz@quicinc.com>
Add a new hostapd configuration parameter max_acceptable_idle_period to
allow the AP to accept per-STA requested BSS max idle periods.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Allow hostapd to be configured to not disconnect a STA if the STA fails
to reply to a group key handshake when BSS max idle period management is
used. This might be needed for some STAs that use aggressive power
saving (e.g., battery powered IoT devices).
This is disabled by default since this can delayed group rekeying
slightly and also to maintain the previous behavior. The more relaxed
operation can be enabled with the new configuration parameter
no_disconnect_on_group_keyerror=1.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Allow AP's behavior for BSS Max Idle Period management to be configured.
Previously, this was automatically enabled for all CONFIG_WNM_AP=y
builds. This can now be changed with the new hostapd configuration
parameter bss_max_idle:
0 = BSS Max Idle Period management disabled
1 = BSS Max Idle Period management enabled
(default and the previous behavior)
2 = BSS Max Idle Period management enabled with requirement for
protected keep-alive frames
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Add attributes to QCA_NL80211_VENDOR_SUBCMD_SET_WIFI_CONFIGURATION
vendor command to configure asymmetric TX/RX NSS and chains per band.
Also document driver's response when existing attributes to configure
TX/RX NSS and chains for all the bands 2.4 GHz and 5/6 GHz are used in
the same command.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Add kernel documentation to the attributes used in the vendor command
QCA_NL80211_VENDOR_SUBCMD_SET_WIFI_CONFIGURATION to configure the NSS
and chains values used for transmitting and receiving the data.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Userspace can use QCA_WLAN_VENDOR_ATTR_CONFIG_REDUCED_POWER_SCAN_MODE to
configure reduce power scan mode to the driver/firmware.
Signed-off-by: Mukul Sharma <quic_mukul@quicinc.com>
When AP is beaconing only on the 6 GHz band and unsol_bcast_presp
interval is set, AP sends unsolicited broadcast Probe Response frames
for in-band discovery. hostapd sent the Probe Response template for this
frame only when setting a new Beacon frame template.
Extend this to update the Probe Response template during BSS color
change.
Signed-off-by: Rathees Kumar R Chinannan <quic_rrchinan@quicinc.com>
When AP is beaconing only on the 6 GHz band and unsol_bcast_presp
interval is set, AP sends unsolicited broadcast Probe Response frames
for in-band discovery. hostapd sent the Probe Response template for this
frame only when setting a new Beacon frame template.
Extend this to update the Probe Response template during channel switch.
Signed-off-by: Rathees Kumar R Chinannan <quic_rrchinan@quicinc.com>
When AP is beaconing only on the 6 GHz band and unsol_bcast_presp
interval is set, AP sends unsolicited broadcast Probe Response frames
for in-band discovery. hostapd sent the Probe Response template for this
frame only when setting a new beacon.
As a preparation for extending this functionality to other cases, move
the generation of the unsolicited broadcast Probe Response template into
a more generic function and data structure.
Signed-off-by: Rathees Kumar R Chinannan <quic_rrchinan@quicinc.com>
According to IEEE Std 802.11-2020, Operating classes Table E-2 (Europe)
and Table E-6 (China) map channels in the range 149 to 161 to the global
operating class 125, while Table E-1 (United States) maps these channels
to global operating classes 125 and 124 as well. The global operating
class 125 contains all channels from the global operating class 124 and
some additional channels.
Hence, to make the selection of the current operating class generic, use
operating class 125 for all 20 MHz channels in the range 149 to 161.
Signed-off-by: Amith A <quic_amitajit@quicinc.com>
If a non-PSC 6 GHz channel with bandwidth higher than 20 MHz is
configured, duplicate beacons/FD/UBPR will be transmitted in other 20
MHz channels of the current configured bandwidth to aid in faster scan.
In such cases the duplicate FD needs to carry the Operating Class and
Primary Channel subfields for non-AP STAs to identify the primary
non-PSC.
IEEE Std 802.11-2020, 9.6.7.36 (FILS Discovery frame format):
"The Operating Class subfield specifies the operating class of the
Primary Channel of the transmitting AP (see 9.4.1.36).
The Primary Channel subfield is set to the channel number of the primary
channel (see 11.15.2) if the FILS Discovery frame is transmitted as a
non-HT duplicate PPDU; otherwise, the subfield is not present."
Hence, add the Operating Class and Primary Channel subfields if the
current channel is non-PSC and the channel bandwidth is 40 MHz or
higher.
Signed-off-by: Sriram R <quic_srirrama@quicinc.com>
Signed-off-by: Karthikeyan Kathirvel <quic_kathirve@quicinc.com>
There is a chance that the driver has switched the channel width so we
should update the bandwidth, too, when receiving a channel switch event.
Otherwise, this may cause out of sync for bandwidth between i802_link
and hostapd_config.
Signed-off-by: Chenming Huang <quic_chenhuan@quicinc.com>
If not set, 0 is set by default and this could fail in the following
code path when link ID is not matching:
hostapd_drv_set_ap -> wpa_driver_nl80211_set_ap -> nl80211_set_channel
Signed-off-by: Chenming Huang <quic_chenhuan@quicinc.com>
Add a new QCA vendor subcommand QCA_NL80211_VENDOR_SUBCMD_AP_SUSPEND to
allow suspend and resume the AP interface. When an AP is suspended, it
disconnects all connected clients and stops all TX/RX operations on the
AP interface. The driver retains the AP configuration and on resume, all
AP operations are resumed with the same configuration.
This subcommand is also used in the event path to notify userspace about
AP suspended or resumed state changes.
This uses attributes defined in enum qca_wlan_vendor_attr_ap_suspend.
Signed-off-by: Purushottam Kushwaha <quic_pkushwah@quicinc.com>
Previously, MLO Link KDE was added only for each link that was
negotiated for the ML association. However, IEEE Std 802.11be/D5.0,
12.7.6.1 defines the MLO Link KDE to be included "for each affiliated
AP" which is not constrained by what the non-AP MLD might have requested
or what the negotiation outcome for this particular ML association is.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
There is no need to store the AP MLD's RSNE/RSNXE within per-supplicant
data structure in struct wpa_state_machine since those elements are
available from the generic authenticator data in struct
wpa_authenticator.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
There is no need to store the AP MLD's link MAC addresses within
per-supplicant data structure in struct wpa_state_machine since those
MAC addresses are available from the generic authenticator data in
struct wpa_authenticator.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
There is no need to store the AP MLD MAC address within per-supplicant
data structure in struct wpa_state_machine since that MLD MAC address is
available from the generic authenticator data in struct
wpa_authenticator.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Add QCA_ROAMING_MODE_AGGRESSIVE in enum qca_roaming_policy to set
aggressive roaming mode. In addition, document the existing enum values.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
When the RADIUS response included a Session-Timeout attribute, but is
otherwise valid (an Access-Accept with a valid Tunnel-Password), the
association still failed due to the strict comparison of the accepted
value with HOSTAPD_ACL_ACCEPT. Apparently this combination wasn't
previously tested.
Extend this to allow a packet containing a valid Session-Timeout
attribute to be accepted by extending the "success" comparison to
include HOSTAPD_ACL_ACCEPT_TIMEOUT.
Fixes: 1c3438fec4 ("RADIUS ACL/PSK check during 4-way handshake")
Signed-off-by: Lee Harding <somerandomstring@gmail.com>
Hardcoded conversion for 5 GHz band was used, but this won't work for
other cases. Set the correct center segment indexes in channel switch
fallback for non-5GHz band.
Signed-off-by: Jurijs Soloveckis <jsoloveckis@maxlinear.com>
If the TX success response races with the RX frame then the state
machine was simply move to P2P_SD_DURING_FIND to continue the operation.
However, this does not take into account broadcast queries where the
callback handler updates the peer's sd_pending_bcast_queries.
Fix this by exporting the callback and calling it directly. This is
fine, as the operation is cancelled immediately afterwards, ensuring
that the callback is not called a second time.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
The functions that determine the length of the RNR information and that
build the actual RNR need to use the same conditions for skipping BSSs.
Use a shared helper function for this to avoid having to maintain two
copies of the same implementation and the risking those getting out of
sync.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
RNR formation for co-location or MLO did not work as expected. Fix this.
For example, during co-location, if the BSS is also its ML partner
there is no need to include a separate TBTT for it.
Also, during co-location, if the BSS is not its partner but it is ML
capable, the TBTT length should be 16 bytes and it should include the
MLD Parameters for it in the RNR.
During co-location, for a given Neighbor AP (operating on a given
channel and op-class) if it has BSSs which are ML capable as well as
BSSs which are not, there should be two Neighbor AP Info present: one
indicating TBTT length as 13 bytes and one indicating TBTT info length
as 16 bytes.
Signed-off-by: Aditya Kumar Singh <quic_adisi@quicinc.com>
Include link ID and partner link details in the STATUS command output
for AP MLDs.
The details would be seen as below for an AP MLD interface:
$ hostapd_cli -i wlan0 status | grep link
num_links=1
link_id=0
link_addr=AA:BB:CC:DD:EE:FF
$ hostapd_cli -i wlan1 status | grep link
num_links=2
link_id=0
link_addr=AA:BB:CC:DD:EE:FF
partner_link[1]=AA:BB:CC:DD:EE:AA
Signed-off-by: Harshitha Prem <quic_hprem@quicinc.com>
Co-developed-by: Manish Dharanenthiran <quic_mdharane@quicinc.com>
Signed-off-by: Manish Dharanenthiran <quic_mdharane@quicinc.com>
Signed-off-by: Aditya Kumar Singh <quic_adisi@quicinc.com>
Whenever a BSS was set up,hostapd flushed all stations via the flush()
driver operation which maps to NL80211_CMD_DEL_STATION in the nl80211
interface. However, in case of MLO, a station could have been connected
to other links by the time this link is coming up. Since link ID was not
passed to flush(), all those stations entries were also removed in the
driver which is wrong.
Include the link ID along with the command in AP MLD so that the driver
can use this link ID and flush only the stations that use the passed
link ID as one of their links.
Signed-off-by: Aditya Kumar Singh <quic_adisi@quicinc.com>
This is needed for MLO group rekeying.
Signed-off-by: Rameshkumar Sundaram <quic_ramess@quicinc.com>
Co-developed-by: Adil Saeed Musthafa <quic_adilm@quicinc.com>
Signed-off-by: Adil Saeed Musthafa <quic_adilm@quicinc.com>
Signed-off-by: Aditya Kumar Singh <quic_adisi@quicinc.com>
Group rekeying was not supported for ML stations when non-association
link initiates a group rekey. Support this by arming the group key rekey
timer on one of the affiliated links and whenever this timer fires,
rekey group keys on all the affiliated links.
Signed-off-by: Rameshkumar Sundaram <quic_ramess@quicinc.com>
Co-developed-by: Adil Saeed Musthafa <quic_adilm@quicinc.com>
Signed-off-by: Adil Saeed Musthafa <quic_adilm@quicinc.com>
Signed-off-by: Aditya Kumar Singh <quic_adisi@quicinc.com>
Calculate links specific MLO GTK/IGTK/BIGTK KDE lengths based on
corresponding cipher and key instead of taking length of one link and
multiplying it by no of associated links. This is needed since the group
ciphers might be different between the affiliated links.
Signed-off-by: Rameshkumar Sundaram <quic_ramess@quicinc.com>
Co-developed-by: Adil Saeed Musthafa <quic_adilm@quicinc.com>
Signed-off-by: Adil Saeed Musthafa <quic_adilm@quicinc.com>
Signed-off-by: Aditya Kumar Singh <quic_adisi@quicinc.com>
This makes it easier to extend the design for MLO group rekeying.
Signed-off-by: Rameshkumar Sundaram <quic_ramess@quicinc.com>
Co-developed-by: Adil Saeed Musthafa <quic_adilm@quicinc.com>
Signed-off-by: Adil Saeed Musthafa <quic_adilm@quicinc.com>
Signed-off-by: Aditya Kumar Singh <quic_adisi@quicinc.com>
Make the code more readable by using a define for the PN length to avoid
potential confusion of this 6 octet length with the MAC address length.
In addition, Use ETH_ALEN more consistently for the latter.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Add required ML specific members in struct wpa_authenticator and struct
wpa_state_machine to maintain self and partner link information.
Maintain state machine object in all associated link stations and
destroy/remove references from the same whenever link stations are
getting removed.
Increase the wpa_group object reference count for all links in which ML
station is getting associated and release the same whenever link
stations are getting removed.
Signed-off-by: Rameshkumar Sundaram <quic_ramess@quicinc.com>
Signed-off-by: Aditya Kumar Singh <quic_adisi@quicinc.com>
All links were iterated over during processing ML info in Association
Request frame. However, the association link info will not be present in
the ML info and hence the following debug print is observed during ML
association (assoc link is 1):
MLD: No link match for link_id=1
Skip processing for the association link to avoid this.
Signed-off-by: Aditya Kumar Singh <quic_adisi@quicinc.com>
Whenever there is a beacon update for any one of the affiliated link,
all the other partner links' beacon should be refreshed.
Signed-off-by: Sriram R <quic_srirrama@quicinc.com>
Signed-off-by: Aditya Kumar Singh <quic_adisi@quicinc.com>
Add link ID support into EAPOL RX handler so that the events can
be routed to the appropriate link BSSs.
Signed-off-by: Sriram R <quic_srirrama@quicinc.com>
Signed-off-by: Aditya Kumar Singh <quic_adisi@quicinc.com>
Add link ID support into EAPOL TX status handler so that the events can
be routed to the appropriate link BSSs.
Check each BSS's other partner link BSS STA list as well in
hostapd_find_by_sta() to support this.
Signed-off-by: Sriram R <quic_srirrama@quicinc.com>
Signed-off-by: Aditya Kumar Singh <quic_adisi@quicinc.com>
hostapd_eapol_tx_status() function is used only in drv_callbacks.c.
However, it is defined in ieee802_11.c which is not really the correct
place for it.
Hence, move the function into drv_callbacks.c and make it static.
No functionality changes.
Signed-off-by: Sriram R <quic_srirrama@quicinc.com>
Signed-off-by: Aditya Kumar Singh <quic_adisi@quicinc.com>
Control port TX status events were handled on drv's first BSS
only. However, to support multiple MLDs there is requirement to handle
this on a given BSS.
Use the passed BSS instead of always going with drv's first BSS.
Signed-off-by: Sriram R <quic_srirrama@quicinc.com>
Signed-off-by: Aditya Kumar Singh <quic_adisi@quicinc.com>
Management frame TX status events were handled on drv's first BSS
only. However, to support multiple MLDs there is requirement to handle
this on a given BSS.
Use the passed BSS instead of always going with drv's first BSS.
Signed-off-by: Sriram R <quic_srirrama@quicinc.com>
Signed-off-by: Aditya Kumar Singh <quic_adisi@quicinc.com>
Pass ctx in mlme_event_mgmt(). This will help in routing the event
properly to the link BSS.
Signed-off-by: Sriram R <quic_srirrama@quicinc.com>
Signed-off-by: Aditya Kumar Singh <quic_adisi@quicinc.com>
The get_hapd_bssid() function matched the given BSSID in all BSSs of its
own interface. However with MLO, there is requirement to check its own
partner BSS at least.
Compare the BSS's link partners as well and if the specified link ID
matches the link ID of the partner, return the BSS.
Signed-off-by: Sriram R <quic_srirrama@quicinc.com>
Signed-off-by: Aditya Kumar Singh <quic_adisi@quicinc.com>
Modify necessary helper functions to support multiple BSS support for
MLO to make the changes scalable.
Signed-off-by: Sriram R <quic_srirrama@quicinc.com>
Signed-off-by: Aditya Kumar Singh <quic_adisi@quicinc.com>
AP MLD was added with an assumption of only a single BSS per link in the
hostapd configuration. This needs to be extended when a cohosted ML BSS
exist in the same configuration.
Extend the support for cohosted BSSs. This is required for MBSSID MLO
support as well.
Signed-off-by: Sriram R <quic_srirrama@quicinc.com>
Signed-off-by: Aditya Kumar Singh <quic_adisi@quicinc.com>
Authenticator state machine ML info was set only when it was created.
However, if the association is tried again, the state machine will
already exist and hence the ML info will not be refreshed. This leads to
an issue where if in the subsequent association request, the MLD info is
different than the old info, validation of it will fail.
Fix this issue by refreshing the authenticator state machine's ML info
every time association request is handled.
Signed-off-by: Aditya Kumar Singh <quic_adisi@quicinc.com>
This became unused, so remove the argument from this function, all its
callers, and from places that became unused with these changes.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
The nl80211 driver interface function mlme_event_mgmt_tx_status(),
filled in link_id only if the frame was the last transmitted on the
whole drv (driver) level. With co-hosted MLDs, there could be cases
where multiple frames are sent out by various interfaces (BSS) under the
same drv. Now while handling the TX status, only one interface will get
the proper link_id. Rest will get -1 and the event will be routed to the
first BSS always. If the frame was not sent from the first BSS this
leads to possibility of the frame getting dropped.
Hence to make the underlying link identification easier, modify
authentication and association frames to be always sent with the link
address as A1 and A3 for ease of TX status handling.
Signed-off-by: Sriram R <quic_srirrama@quicinc.com>
Signed-off-by: Aditya Kumar Singh <quic_adisi@quicinc.com>
The changes in nl80211 to get rid of the libnl3-route dependency are not
sufficient to fully remove the depency from other parts of the code.
Revert the makefile related changes from that commit to avoid build
issues for cases where CONFIG_FULL_DYNAMIC_VLAN=y and
CONFIG_VLAN_NETLINK=y are used without CONFIG_DRIVER_MACSEC_LINUX=y
pulling in the needed library.
Fixes: a210fdb1c7 ("nl80211: Rewrite neigh code to not depend on libnl3-route")
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Introduce an attribute QCA_WLAN_VENDOR_ATTR_CONFIG_KEEP_ALIVE_INTERVAL
in QCA_NL80211_VENDOR_SUBCMD_SET_WIFI_CONFIGURATION to configure
station's keep-alive interval to the driver/firmware. This can be used
to resolve kickout issues from APs which kick out STAs before the BSS
maximum idle period expires.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Add a QCA vendor command for registering NL80211_CMD_GET_STATION
response as a unicast event when there is a NL80211_CMD_GET_STATION
request from any userspace module.
The driver will send the unicast events with the same netlink port ID
which is used by userspace application for sending the registration
command. If multiple registration commands are received with different
netlink port IDs, the driver will send unicast event with each netlink
port ID separately.
Userspace application can deregister the unicast events with disable
configuration. The registrations will be removed automatically by the
driver when the corresponding netlink socket is closed.
This will help avoid multiple NL80211_CMD_GET_STATION requests from
different userspace applications in short span. The userspace
application which registers for the unicast event can avoid sending
NL80211_CMD_GET_STATION request again if the response is available with
a recently received unicast event.
Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
Add support for TWT responder for AP operating in HT and VHT modes by
introducing a new configuration parameter ht_vht_twt_responder. When
this is enabled, TWT responder mode support in HT and VHT modes is
enabled if the driver supports this and is disabled otherwise.
Signed-off-by: Manaswini Paluri<quic_mpaluri@quicinc.com>
Add a feature flag to indicate driver support for TWT responder for AP
operating in HT and VHT modes.
Signed-off-by: Manaswini Paluri<quic_mpaluri@quicinc.com>
i802_sta_deauth() already has the link_id passed to it in its arguments.
Use that to pass it down to send MLME handler as well.
Signed-off-by: Aditya Kumar Singh <quic_adisi@quicinc.com>
Function nl80211_link_add() created the link add netlink message on drv
basis which in turn always uses the drv's first BSS. To support link add
for various other interfaces, use the per-BSS function to create the
netlink message.
Signed-off-by: Aditya Kumar Singh <quic_adisi@quicinc.com>
for_each_mld_link() macro used three nested for loops. Since now the
affliated links are linked together via a linked list, the logic can be
improved by using dl_list_for_each() macro instead which uses one for
loop.
Modify for_each_mld_link() macro to use dl_list_for_each() instead.
Signed-off-by: Aditya Kumar Singh <quic_adisi@quicinc.com>
Add support for additional (vendor) elements to be added
to only Probe Response frames, for testing.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
If the build path is long, the contents of the _DIRS variable can be
very long, since it repeats the same directories very often. In some
cases, this has triggered an "Argument list too long" build error.
Reported-by: Robert Marko <robimarko@gmail.com>
Suggested-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
If authentication fails repeatedly, e.g., because of a weak signal, the
link can end up in blocked state. If one of the nodes tries to establish
a link again before it is unblocked on the other side, it will block the
link to that other side. The same happens on the other side when it
unblocks the link. In that scenario, the link never recovers on its own.
To fix this, allow restarting authentication even if the link is in
blocked state, but don't initiate the attempt until the blocked period
is over. This reverts commit 09d96de09e ("mesh: Drop Authentication
frames from BLOCKED STA").
Signed-off-by: Felix Fietkau <nbd@nbd.name>
This fixes a segmentation fault on STA disconnect in case IPv6 addresses
where learned for the STA based on snooped neighbor solicication.
Fixes: bd00c4311c ("AP: Add Neighbor Discovery snooping mechanism for Proxy ARP")
Signed-off-by: Felix Fietkau <nbd@nbd.name>
RRM link measurement request/report management frames are used to get
the radio link information between the connected stations.
Add new hostapd_cli command req_link_measurement to send an RRM link
measurement request to an associated station. Add support to handle the
link measurement report in hostapd.
RRM link measurement support can be enabled with the following new
configuration parameter:
rrm_link_measurement_report=1
Signed-off-by: Raj Kumar Bhagat <quic_rajkbhag@quicinc.com>
Signed-off-by: Yuvarani V <quic_yuvarani@quicinc.com>
The DTIM information in the per-STA profile is set incorrectly. The DTIM
period is set in the LSB octet of the DTIM Info subfield (2 octets),
which is intended for the DTIM count.
Fix this by setting the DTIM period and DTIM count information properly
to the MSB and LSB octets of the DTIM Info subfield, respectively.
Signed-off-by: Karthikeyan Kathirvel <quic_kathirve@quicinc.com>
Signed-off-by: Govindaraj Saminathan <quic_gsaminat@quicinc.com>
When we are configuring automatic channel selection, we are not able to
switch to a given DFS channel because when we are trying to move to a
DFS channel, the interface is disabled and enabled again. When the
interface is disabled and enabled we are setting iface's freq and
channel to 0 in setup_interface2() in case ACS is enabled, and now we
don't know to which channel we were trying to move. Now ACS will run and
the interface will be up in the channel that is suitable.
To fix this issue add a flag named is_ch_switch_dfs to check if the
channel switch request is for a DFS channel and we can use this in
setup_interface2() to decide whther we have to set iface's freq and
channel to 0 or not. This way iface's freq and channel will retain the
values while channel switching to a DFS channel when ACS is enabled.
Signed-off-by: Rajat Soni <quic_rajson@quicinc.com>
Add a new flag radar_detected which is used in the following cases
when setting up a link on a DFS channel while the interface is not yet
enabled:
1. DFS link received CAC start event
2. If no radar detected, link setup succeeeds after CAC end
event is received. Else go to 3.
3. Radar detected on this link -> set radar_detected bit
4. CAC end received for the current freq -> Do not setup interface
as radar already detected. Clear radar_detected bit.
5. The driver sends channel switch event to switch to another channel
a. Switch to another DFS channel -> go to 1
b. Switch to non-DFS channel -> proceed to set up interface
Or when receiving a CAC start event when the interface is already set up:
1. DFS link already set up successfully
2. Radar detected on this link -> set radar_detected bit
a. Switch to DFS channel
a.1. CAC start -> clear radar_detected bit and partner RNR
a.2. If radar detected, go to 2.
a.3. CAC end -> clear radar_detected bit
a.4. Link enabled successfully
b. Switch to non-DFS channel
b.1 No op and the driver handles this
Signed-off-by: Chenming Huang <quic_chenhuan@quicinc.com>
When one link is still under CAC or disabled, peer links should not
carry the information of this link in the RNR elements.
With this change, the RNR element will be included only if a peer link
is in HAPD_IFACE_ENABLED state.
Signed-off-by: Chenming Huang <quic_chenhuan@quicinc.com>
Link ID is more accurate to specify the BSS for a radar event in some
corner cases, e.g., when there is a radar detection event and the driver
then switches to another DFS channel. There will then be two events
coming from the driver (CAC start and channel switch complete). In case
the CAC-start event comes first, hostapd still stores the previous
frequency and cannot find the correct link by calling
nl80211_get_mld_link_by_freq() with the new frequency.
Signed-off-by: Chenming Huang <quic_chenhuan@quicinc.com>
The AP MLD case missed the "else" branch which handles legacy STA's
disassociation. So this STA's sta_info will not be cleared ever.
Add the "else" check to make sure the sta_info gets cleared.
Fixes: 7ceafb6e9f ("AP MLD: Handle disassociation notification with SME offload to driver")
Signed-off-by: Chenming Huang <quic_chenhuan@quicinc.com>
OBSS scan can be required in different links if operating as an AP MLD.
When triggering scan, specify the link ID for the driver to find the
correct link to scan.
Signed-off-by: Chenming Huang <quic_chenhuan@quicinc.com>
If the driver provides an identifying cookie value for scan operations,
use that to select which link processes the scan result. This is needed
for OBSS scans that can be required in different links if operating as
an AP MLD. Distinguish the scans using scan_cookie for QCA vendor scan
events.
Signed-off-by: Chenming Huang <quic_chenhuan@quicinc.com>
In AP MLD case, HT scan results need to be handled in the link that
triggered this scan. So find the link that has a valid scan_cb to handle
EVENT_SCAN_RESULTS.
Signed-off-by: Chenming Huang <quic_chenhuan@quicinc.com>
Modules that use libpasn for PASN authentication need the context of
PASN data. PASN data is a common context for the library and the modules
using it. Hence, initialize the context through init and deinit
functions. Also use set and get functions to update the parameters.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
PMKSA cache API is included in libpasn.so used by external modules,
e.g., Wi-Fi Aware. To avoid dependency on IEEE8021X_EAPOL define for the
external modules at compile time, remove PMKSA cache static inline
functions from the header file and add wrapper function stubs.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
PTKSA cache API is included in libpasn.so used by external modules,
e.g., Wi-Fi Aware. To avoid dependency on CONFIG_PTKSA_CACHE define for
the external modules at compile time, remove PTKSA cache static inline
functions from the header file and add wrapper function stubs.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Add the Extended Capabilities element for a non-TX BSS into the non-TX
BSSID profile subelement in the Multiple BSSID element if the non-TX BSS
has different extended capabilities than the TX BSS.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Add a new attribute QCA_WLAN_VENDOR_ATTR_AVOID_FREQUENCY_IFINDEX
for QCA_NL80211_VENDOR_SUBCMD_AVOID_FREQUENCY_EXT subcommand to
apply rules for avoid frequencies on a specific netdev. This is a
32-bit unsigned optional attribute.
Signed-off-by: Purushottam Kushwaha <quic_pkushwah@quicinc.com>
This reverts commit bffd2b3994.
Revert this commit to fix a regression when setting up P2P Group Owner
on some old device.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
The OpenSSL 3.0 (or newer) version of omac1_aes_vector() did not free
the EVP_MAC. This resulted in a memory leak that shows up in a bit
strange way in valgrind reports and because of that, was not caught
during automated testing.
Fixes: 0c61f6234f ("OpenSSL: Implement CMAC using the EVP_MAC API")
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
