This is needed for the driver to know on which link it should transmit
the frames in MLO cases.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Get rid of the duplicated code for setting IEEE 802.1X port
authorization for MLD and non-MLD cases.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Handle IEEE 802.1X port authorization in the context of MLO.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
When a non-AP MLD is deauthenticated/disassociated from an MLD AP, make
sure to clean up its state from all links.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
This is a step towards handling of deauthentication/disassociation from
an MLD AP.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Handle association request callback in the context of MLO.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Add the full station profile to the Multi-Link element in the
(Re)Association Response frame. In addition, use the AP MLD's MLD MAC
address as SA/BSSID once the non-AP MLD has been added to the driver to
use address translation in the driver.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Implement processing of the Multi-Link element in the (Re)Association
Request frame, including processing of the Per-STA Profile subelement.
After handling the basic parsing of the element and extracting the
information about the requested links, handle the link specific
processing for each link:
- Find the interface with the corresponding link ID.
- Process the station profile in the interface.
- Prepare the Per-STA Profile subelement to be included in the
Multi-Link element in the (Re)Association Response frame.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Find an AID that is unused on all the affiliated links when assigning an
AID to a non-AP MLD.
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
In case the AP is an AP MLD, parse the Multi-Link element from the
Authentication frame, store the relevant information, and prepare the
response Multi-Link element.
If the AP is not an AP MLD or the parsing of the element fails, continue
the authentication flow without MLD support.
For SAE, it is needed to skip various fixed fields in
the Authentication frame. Implement it for SAE with H2E.
TODO: This should be extended to other authentication algorithms which
are allowed for MLD connections and have fixed fields in the
Authentication frames, according to IEEE P802.11-REVme/D3.0, Table 9-69
(Presence of fields and elements in Authentications frames).
This commit doesn't support FILS, FT, etc.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Define a struct to hold MLD station info and implement publishing of the
Basic Multi-Link element. Add it into Beacon and Probe Response frames.
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Once a station is added to the underlying driver, the driver is expected
to do address translation and use MLD addresses. Thus, when handling a
received Management frame, match it against the MLD address.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
To simplify the handling of MLD stations, assume that all
interfaces/BSSs use the same IEEE 802.1X authenticator, the same RADIUS
server instance, and the same RADIUS client.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
In MLO, multiple BSSs can transmit on different frequencies. Select
link frequencies according to the transmitter address.
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
- Include RNR element in Beacon frames of AP MLDs.
- Whenever a new interface is added to an AP MLD, reconfigure
the Beacon frame templates for all other interfaces, to allow
updating their RNR elements.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
This includes:
- Modifications of the driver API, to include the link ID as part
of 'struct hostapd_freq_params'.
- Modifications to nl80211 driver.
- Modifications for the driver wrappers.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
To be used in later patches, e.g., for link tracking etc.
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Add support for including multiple hostapd interfaces in the same AP
MLD, i.e., all using the same underlying driver network interface.
To do so, when a new hostapd interface is added, if there is already
another interface using the same underlying network interface, associate
the new interface with the same private data object, instead of creating
a new one.
As some of the BSSs are non-first BSSs, meaning that they reuse the
drv_priv of the initial BSS, make sure not to double free it.
Currently multiple BSS entries are not supported so always use bss[0]
for MLD.
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Retrieve the EML capabilities as well as the MLD capabilities and ops
from nl80211 and expose them using the new driver interface
get_mld_capa().
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
We will start using this structure to also track MLD related
capabilities instead of just extended capabilities. As such, give the
structure a more generic name.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
The last update of the wireless-regdb database to the wireless-regdb.git
version of 2023-02-13 in commit c4034a69fe ("tests: Update regulatory
database to VMs") forgot to update regulatory.db.p7s. Update it as well.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
AP cannot come up in channels that are marked as NO_IR. If AP moves to
HAPD_IFACE_DISABLED state, it will deinitialize the nl80211 driver
interface and sockets.
Hence, introduce a new state called HAPD_IFACE_NO_IR, for 6 GHz APs to
handle NO_IR scenarios, such as AFC, where the channels not allowed by
AFC will have HOSTAPD_CHAN_NO_IR flag set. In this state, AP is still
kept in a non-operational state (stopped) without deinitializing the
nl80211 driver interface. wiphy reg change event can then update the
channels and bring up the AP in a valid channel.
Signed-off-by: Pooventhiran G <quic_pooventh@quicinc.com>
Define a QCA vendor command to configure MLO link id to the driver on
which the TDLS discovery response frame needs to be transmitted when the
local station is connected in MLO mode. This command is configured to
the driver the prior to every TDLS discover frame transmission when the
station is connected in MLO mode. If the station is connected in non-MLO
mode this command is not configured to the driver for TDLS discovery
frame transmission.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Add support to indicate link reconfiguration event reported by the QCA
vendor interface to the wpa_supplicant control interface.
Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
Add support to indicate TID-to-link mapping changes reported by the QCA
vendor interface to the wpa_supplicant control interface.
Signed-off-by: Shivani Baranwal <quic_shivbara@quicinc.com>
Per IEEE P802.11az/D7.0, 12.12.3.2 (PASN Frame Construction and
Processing), responder should REFUSE PASN authentication frame 1 with
Base AKM as PASN AKM if dot11NoAuthPASNActivated is false. That
configuration was not previously available and hostapd was hardcoded
with dot11NoAuthPASNActivated being true.
Allow this to be configured and reject PASN authentication frame 1 from
initiator if pasn_noauth=0 and Base AKM in RSNE of this frame is PASN.
The default value for pasn_noauth is 1 to maintain previous
functionality even though the dot11NoAuthPASNActivated is defined to
have default value of false.
Signed-off-by: Sai Pratyusha Magam <quic_smagam@quicinc.com>
The current value of 50 is not sufficient for getting survey info for
all the frequencies when the 6 GHz band is enabled. Increase the limit
to 100 to be able to receive survey info for 6 GHz frequencies also.
Signed-off-by: Ainy Kumari <quic_ainykuma@quicinc.com>
The Linux kernel expects to use the AP MLD address in
NL80211_ATTR_PREV_BSSID for reassociation requests when the current
association is MLO capable.
Previously, wpa_supplicant was using the BSSID value in
NL80211_ATTR_PREV_BSSID even if the connection is MLO capable. Fix this
by sending the AP MLD address in NL80211_ATTR_PREV_BSSID for
reassociation requests when MLO is used.
Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
In some cases like unknown-group rejection, AP MLD can't parse the
received Authentication frame to the point of the Multi-Link element if
the group used by the peer is unknown to the AP MLD.
In such cases, AP MLD not including Multi-Link element in rejection
Authentication frames can be considered as standard compliant since AP
MLD doesn't know whether the received Authentication frame has
Multi-Link element or not.
To avoid connection issues in such cases, don't reject Authentication
frames without Multi-Link element when status code is other than
WLAN_STATUS_SUCCESS, WLAN_STATUS_SAE_HASH_TO_ELEMENT,
WLAN_STATUS_SAE_PK, and WLAN_STATUS_ANTI_CLOGGING_TOKEN_REQ.
Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
Add a new vendor command and attributes to notify TID-to-link mapping
changes to the userspace.
Signed-off-by: Shivani Baranwal <quic_shivbara@quicinc.com>
Setting 4addr mode on fronthaul BSS breaks WPS association on backhaul
STA which is still on 3addr mode.
Fix the interop issue by not setting 4addr mode on fronthaul BSS with
WPS instead of setting by default for multi-ap case.
Fronthaul BSS for non-WPS STA shall continue to use 4addr mode.
Signed-off-by: Sathishkumar Muruganandam <quic_murugana@quicinc.com>
The parameter req_pmk_r1_name was not used at all in the function
wpa_ft_local_derive_pmk_r1(). In addition, the PMK-R1-NAME should be
updated in this function along with the PMK-R1. This means the parameter
should change from "req_pmk_r1_name" to "out_pmk_r1_name" to match the
design used for other paths that derive the PMK-R1.
sm->pmk_r1_name needs to be properly updated when pmk_r1_name is derived
from the local pmk_r0.
Signed-off-by: Adil Saeed Musthafa <quic_adilm@quicinc.com>
Prune-associations should be done only after the new station is
authorized. Otherwise any STA can cause denial of service to connected
stations in PMF case when more than a single interface is being
controlled by the same hostapd process.
Signed-off-by: Adil Saeed Musthafa <quic_adilm@quicinc.com>
Define a new QCA vendor attribute to configure channel bandwidth to the
driver for CTS frame transmission. This is used for testing purposes.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Add QCA_WLAN_VENDOR_FEATURE_ENHANCED_AUDIO_EXPERIENCE_OVER_WLAN in
enum qca_wlan_vendor_features to indicate the device supports enhanced
audio experience over WLAN feature.
Also, update the documentation where other subcommand(s) or attribute(s)
require this new feature flag. These subcommand(s) and attributes are
under development and would be restricted to the supported drivers
advertising QCA_WLAN_VENDOR_FEATURE_ENHANCED_AUDIO_EXPERIENCE_OVER_WLAN.
As such, it is still acceptable to introduce a new requirement for the
previously defined interface.
Signed-off-by: Purushottam Kushwaha <quic_pkushwah@quicinc.com>
Add vendor attributes for EHT testbed STA configuration.
This includes enabling STR MLMR mode and forcing power save
on active MLO links for a defined number of beacon periods.
Signed-off-by: Gururaj Pandurangi <quic_panduran@quicinc.com>
Add vendor attributes related to MLO and EMLSR mode
capability configuration for EHT testbed STA. It includes
EHT OM control support and EMLSR padding delay configuration.
Also, generalise the naming of HE OMI control enumeration to
OMI control as it now consists of both HE and EHT OMI control
fields.
Signed-off-by: Gururaj Pandurangi <quic_panduran@quicinc.com>
Some station devices are apparently sending the EAPOL-Logoff message in
some cases before the initial authentication for WPA2/WPA3-Enterprise.
hostapd would have forced a "post EAP-Failure" disconnection in 10 ms
for such cases while still allowing the EAP authentication to try to
complete.
This is not ideal and could result in interoperability issues, so skip
the forced disconnection in the particular case where the EAPOL-Logoff
message is received before the first authentication is completed.
In addition, disconnect the STA without starting new EAP authentication
and the 10 ms delay if an EAPOL-Logoff message is received after
authentication has been completed successfully. This results in cleaner
behavior by avoiding the extra start of a new EAP authentication in a
case where the STA is going to be disconnected shortly.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
When starting a new BSS as AP mode, the network configs have been passed
in from the BSS config. There is no need to scan before creating a new
BSS. Reuse connect_without_scan structure member to bypass scan when the
mode is WPAS_MODE_AP.
Signed-off-by: Jintao Lin <jintaolin@chromium.org>
If IEEE8021X_EAPOL is not defined wpa_supplicant will not compile with
following error:
events.c: In function 'wpa_supplicant_connect':
events.c:1827:14: warning: implicit declaration of function 'eap_is_wps_pbc_enrollee' [-Wimplicit-function-declaration]
1827 | if ((eap_is_wps_pbc_enrollee(&ssid->eap) &&
| ^~~~~~~~~~~~~~~~~~~~~~~
events.c:1827:43: error: 'struct wpa_ssid' has no member named 'eap'
1827 | if ((eap_is_wps_pbc_enrollee(&ssid->eap) &&
| ^~
Add ifdef statements around the calling function to fix the issue.
Signed-off-by: Nick Hainke <vincent@systemli.org>