Commit graph

19079 commits

Author SHA1 Message Date
Jurijs Soloveckis
f0aea885f8 EHT: Fix HE Channel Center Freq Seg0/Seg1 for 6 GHz 320 MHz cases
Fix for the HE Channel Center Freq Seg0/Seg1 within the HE 6GHz
Operation Information field. As downgrade of bandwidths for VHT and HE
when using puncturing is TODO for 320 MHz and/or if puncturing is
disabled and bandwidth is 320 MHz, the same rules as for 160 MHz should
be applied for Channel Center Freq Seg0/Seg1 within 6 GHz Operation
Information field.

Signed-off-by: Jurijs Soloveckis <jsoloveckis@maxlinear.com>
2023-11-24 18:38:32 +02:00
Jurijs Soloveckis
07c03a6557 EHT: Fix conditions for including EHT Operation Information field
Include EHT Operation Information field only if the operating bandwidth
is 320 MHz or there is at least one punctured 20 MHz subchannel. This
behavior is defined in IEEE P802.11be/D4.0, 35.15.1 (Basic EHT BSS
operation).

Signed-off-by: Jurijs Soloveckis <jsoloveckis@maxlinear.com>
2023-11-24 18:36:27 +02:00
Juliusz Sosinowicz
01d95b75b8 SAE: prime_len means length in bytes not bits
The prime_len variable is used as the length in bytes but it is set as
the length in bits. This fixes the sae DH group tests with wolfSSL.

Fixes: f8f20717f8 ("SAE: Use const_time selection for PWE in FFC")
Signed-off-by: Juliusz Sosinowicz <juliusz@wolfssl.com>
2023-11-24 18:07:34 +02:00
Jouni Malinen
6374bd899c tests: MBSSID beacon protection
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-11-24 12:55:18 +02:00
Jouni Malinen
a02585cef7 MBSSID: Use BIGTK from the transmitted BSS for beacon protection
MBSSID shares a single Beacon frame with multiple BSSs. This implies
that the key used for beacon protection (BIGTK) needs to be shared. The
nontransmitted BSSs managed their own BIGTK previously and that resulted
in providing incorrect value to the stations associated with those BSSs.
Use the BIGTK from the transmitted BSS to fix this.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-11-24 12:53:09 +02:00
Jouni Malinen
9ea6e2695d tests: MBSSID with a single SSID and different AKMs
Test functionality in cases where MBSSID is used with a WPA2-Personal
only BSS as the transmitted BSS and WPA3-Personal BSS as the
nontransmitted BSS.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-11-23 23:21:18 +02:00
Jouni Malinen
a768556f7b Prefer SAE over PSK in WPA3-Personal transition mode cases
Order scan results in a manner that prefers BSSs that support SAE over
ones that support PSK without SAE if the SNR of the SAE BSS is good or
at least at the same level as the SNR for the PSK BSS. This improves
likelihood of using SAE when the local network profile allows
WPA3-Personal transition mode and the ESS uses a mix BSSs with different
sets of AKMs.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-11-23 23:16:58 +02:00
Jouni Malinen
d883b25760 tests: OWE transition mode disabled on STA and AP using transition mode
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-11-23 20:43:04 +02:00
Jouni Malinen
43184bf06a OWE: Optimize transition mode AP scan with owe_only=1 STA configuration
Extend the optimization from commit 9c97126576 ("OWE: Optimize
transition mode scan to use known channels") to cover cases where the
STA is configued with OWE transition mode disabled, but the AP uses OWE
transition mode.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-11-23 20:41:35 +02:00
Ainy Kumari
4ff287e922 P2P: Do not skip updating BSS table when frequency is changed
BSS table is not updated when a non-P2P station runs a scan without P2P
IE in Probe Response frame, since that would remove P2P IE information.
However, this results also in not updating mandatory rates in Supported
Rates and BSS Membership Selectors element even though AP/GO changes
frequency from 2.4 GHz to 5 GHz band.

This is causing connection failure since BSS table has 1 Mbps as
mandatory rate for AP connection but minimum supported rate in 5 GHz
band is 6 Mbps.

To avoid connection failures in such cases, don't skip updating BSS
table when the BSS frequency is changed. This covers the most important
case addressed in commit ff57398fca ("P2P: Do not drop P2P IEs from
BSS table on non-P2P scans") while still allowing other changes to be
taken into account if the GO were to actually change channels (or band,
which would be the most likely case needing the update).

Signed-off-by: Ainy Kumari <quic_ainykuma@quicinc.com>
2023-11-23 19:56:17 +02:00
Vinayak Yadawad
73b49016f2 Fix references to correct driver capability flag for PSK/OWE offloads
Fix references to the appropriate driver capability drv_flags2. The
initial version used the incorrect drv_flags value and by doing so,
ended up using incorrect driver capabilities (DEAUTH_TX_STATUS,
BSS_SELECT, TDLS_SUPPORT) which could result in incorrect OWE
functionality for both AP and STA cases.

Fixes: d984c7b298 ("hostapd: Add support for OWE offload for STA/AP interface")
Fixes: da364180fb ("hostapd: Support 4-way handshake offload for AP/P2P GO")
Signed-off-by: Vinayak Yadawad <vinayak.yadawad@broadcom.com>
2023-11-23 11:41:18 +02:00
Benjamin Berg
1bd5e35b87 tests: Disable IPv6 in WNM keep-alive test
Otherwise the station or AP might be doing router advertisements,
causing keep alive already without the mechnism that is being tested.

Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
2023-11-23 11:30:30 +02:00
Jouni Malinen
73e9261c5e tests: Suite B 192-bit level RSA failing (no CS match)
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-11-22 19:42:06 +02:00
Jouni Malinen
415839406a OpenSSL: Allow openssl_ciphers override with Suite B config on server
The openssl_ciphers parameter is a global data entry on the server
instead of the per-connection design on client. As such, hostapd needs
to make a local copy of the global value and use that whenever setting
per-connection parameters. This is needed particularly when testing
Suite B functionality where the Suite B specific parameters might end up
overriding the cipher list.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-11-22 19:39:45 +02:00
Prasanna JS
e9b13938a9 Add EHT mode support for ratemask configuration vendor command
Extend enum qca_wlan_ratemask_params_type to configure ratemask for EHT
mode.

Signed-off-by: Prasanna JS <quic_pjs@quicinc.com>
2023-11-21 21:14:30 +02:00
Purushottam Kushwaha
239469eb1d Define new command in qca_tsf_cmd to get AP channel switch TSF time
Define a new command QCA_TSF_SYNC_GET_CSA_TIMESTAMP in qca_tsf_cmd to
retrieve the TSF time value at which the AP will move and starts
beaconing on a new channel. Userspace queries this TSF after receiving
NL80211_CMD_CH_SWITCH_STARTED_NOTIFY event on the AP interface. This TSF
can be communicated via an OOB mechanism to connected STAs which may
fail to receive the CSA frames due to channel congestion.

Signed-off-by: Purushottam Kushwaha <quic_pkushwah@quicinc.com>
2023-11-21 21:13:44 +02:00
Jouni Malinen
30748d2b3f SAE: Require PMKID match to PMKSA with SAE-EXT-KEY
This check was supposed to be done for all SAE cases other than FT
roaming.

Signed-off-by: Jouni Malinen <j@w1.fi>
2023-11-11 23:44:52 +02:00
Jouni Malinen
86c0fbb6fb tests: WNM Disassociation Imminent and bssid set
Signed-off-by: Jouni Malinen <j@w1.fi>
2023-11-11 23:44:04 +02:00
Jouni Malinen
9b89df7584 WNM: Do not start scan on disassociation imminent if BSSID is set
If the local network profile specifies a specific BSSID, there will not
be an acceptable alternative AP for the current one. As such, there is
not much point in trying to scan and wait for the results to make this
conclusion. Skip the scan and reject the BSS transition management
request even if that ends up getting disassociated from the BSS that
happens the be the only one that the local configuration allows to be
used.

Signed-off-by: Jouni Malinen <j@w1.fi>
2023-11-11 23:44:04 +02:00
Vinayak Yadawad
b089803091 hostapd: Add support for SAE offload for AP interface
The driver advertising SAE AP offload support would take care of SAE
authentication and PMK generation at the driver/firmware. This feature
requires the driver to be supporting 4-way handshake offload to process
the generated PMK at the driver level for 4-way handshake.

Signed-off-by: Vinayak Yadawad <vinayak.yadawad@broadcom.com>
2023-11-11 23:44:01 +02:00
Vinayak Yadawad
d984c7b298 hostapd: Add support for OWE offload for STA/AP interface
The driver advertising OWE offload support would take care of
Diffie-Hellman Parameter element generation and processing part. The
driver would be responsible for OWE PMK generation in this case.

Avoid the Diffie-Hellman Parameter element handling in
wpa_supplicant/hostapd for drivers advertising OWE offload support. This
change is applicable only for drivers supporting 4-way handshake
offload.

Signed-off-by: Vinayak Yadawad <vinayak.yadawad@broadcom.com>
2023-11-11 22:36:24 +02:00
Vinayak Yadawad
da364180fb hostapd: Support 4-way handshake offload for AP/P2P GO
Add support for offloaded 4-way handshake in AP/P2P GO mode. For drivers
supporting the AP PSK offload, wpa_supplicant/hostapd passes down the
PSK for the driver to handle the 4-way handshake. The driver is expected
to indicate port authorized event to indicate that the 4-way handshake
is completed successfully.

Signed-off-by: Vinayak Yadawad <vinayak.yadawad@broadcom.com>
2023-11-11 22:34:06 +02:00
Kaidong Wang
77386f51ac Adjust the RSSI and throughput estimate in roaming algorithm
The max transmit power of Standard Power (SP) Access Points (AP) on
6 GHz band and APs on 2.4 GHz and 5 GHz bands is limited by effective
isotropic radiated power (EIRP), while the max transmit power of Low
Power Indoor (LPI) APs on 6 GHz Band is limited by power spectral
density (PSD). Therefore the max transmit power of LPI APs grows as the
channel width increases, similar to the noise power which has constant
PSD.

Adjust the RSSI, SNR and throughput estimate based on max transmit power
config and max channel width in the roaming algorithm.

Signed-off-by: Kaidong Wang <kaidong@chromium.org>
2023-11-10 16:34:01 +02:00
Kaidong Wang
790beb84ac Adjust the SNR when comparing BSSes based on Tx power config
The max transmit power of Standard Power (SP) Access Points (AP) on
6 GHz band and APs on 2.4 GHz and 5 GHz bands is limited by effective
isotropic radiated power (EIRP), while the max transmit power of Low
Power Indoor (LPI) APs on 6 GHz Band is limited by power spectral
density (PSD). Therefore the max transmit power of LPI APs grows as the
channel width increases, similar to the noise power which has constant
PSD.

Adjust the SNR of BSSes based on the transmit power config and max
channel width. EIRP limited APs usually have constant max transmit power
on different channel widths, their SNR decreases on larger channel width
because the noise power is higher, while PSD limited APs have constant
SNR over all channel widths.

Signed-off-by: Kaidong Wang <kaidong@chromium.org>
2023-11-10 16:34:01 +02:00
Jouni Malinen
cab5f5fa7a tests: OWE and BSS entries after multiple scans/associations
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-11-08 14:21:41 +02:00
Jouni Malinen
93a68a1fc9 OWE: Remove now unnecessary attempt to update transition mode BSS
With the SSID updating of a BSS entry removed from owe_trans_ssid(),
this call to owe_trans_ssid() is not really doing anything, so remove
it. This reverts 6972b0fa2b ("OWE: Update transition mode information
on selecting a new BSS").

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-11-08 14:21:41 +02:00
Andrzej Ostruszka
00b3125871 OWE: Do not update the BSS entry with zero length SSID for transition
Overwriting of SSID for the hidden OWE BSS entry has some side effects:
- first the entry is notified over DBus with empty SSID and the update
  of SSID is never signaled (it is not even possible at the moment to
  notify the SSID change - see wpas_dbus_bss_signal_prop_changed()),
- during (and after) association there will be multiple entries
  referring to the same BSSID/SSID pair.

Stop overwriting the SSID in an existing BSS entry based on OWE
transition mode information. Instead, depend on a new BSS entry getting
added for the hidden OWE BSS based on active scans for the SSID learned
from the open BSS. This would not have been sufficient for the initial
OWE design, but with the optimized scanning behavior from commit
c04562e67e ("OWE: Improve discovery of OWE transition mode AP"), this
can now depend on the exact same mechanism as other uses of hidden
SSIDs. This helps in keeping the D-Bus interface in sync with the BSS
parameters.

Signed-off-by: Andrzej Ostruszka <andrzejo@chromium.org>
2023-11-08 14:21:41 +02:00
Jouni Malinen
9c97126576 OWE: Optimize transition mode scan to use known channels
If the currently available scan results include OWE transition mode BSS
with an unknown SSID, optimize the following scan for OWE to use only
the channels on which a known transition mode BSS has been seen.

This is needed to be able to remove the design that updates BSS entries
with the learned OWE SSID in manner that does not result in regression
to scanning latencies.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-11-08 14:21:40 +02:00
Jouni Malinen
5b12a05590 Use SSID from driver when finding the current BSS entry
The local network profile may not have matching SSID (it could be either
the wildcard 0-length SSID or visible SSID in case of OWE transition
mode), so check whether an exact match with a BSS entry can be made
using the current SSID information from the driver (i.e., the SSID of
the current association) when picking the BSS entry to use as the
current one for an association.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-11-08 11:56:03 +02:00
Ben Greear
a3020f852e MLD: Use BSS Parameters in TBTT Info to check SSID match
Use the Same SSID and Colocated AP bits as an alternative way of finding
a match on the current SSID.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2023-11-07 19:42:29 +02:00
Ben Greear
0635f83e48 MLD: Support multiple TBTT Information fields in RNR elements
The Reduced Neighbor Report element can include one or more TBTT
Information fields.  Only the first one was parsed previously. Extend
this to use a loop to go through all included TBTT Information fields.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2023-11-07 19:38:06 +02:00
Jouni Malinen
c18aef6241 MLD: Move TBTT Information field parsing into a helper function
This makes it more convenient to process multiple TBTT Information
fields within an RNR element.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-11-07 19:19:22 +02:00
Ben Greear
99a8dd0495 MLD: Support multiple RNR elements
Beacon frames are allowed to optionally include one more more Reduced
Neighbor Report elements. Only the first one was parsed previously.
Extend this to use a loop to go through all included RNR elements.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2023-11-07 18:55:50 +02:00
Jouni Malinen
be212bdb55 MLD: Move RNR element parsing into a helper function
This makes it more convenient to process multiple elements.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-11-07 18:44:22 +02:00
Jouni Malinen
84c33cc81f MBSSID: Use DTIM Count 0 in the Beacon template for nontransmitted BSSID
The driver is expected to update the DTIM Count field for each BSS that
corresponds to a nontransmitted BSSID. Initialized this value to 0 in
the Beacon frame template so that the DTIM count would be somewhat
functional even if the driver were not to update this.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-11-07 10:44:28 +02:00
Chaitanya Tata
3e1fb2dec7 dragonfly: Fix legendre symbol calculation failure handling
In case of low-memory conditions, the computation for legendre symbol
can fail and return -2 as per documentation, but the check for that
was missed here. And this can can cause an infinite loop searching for
qr and qnr if the error repeats for each attempt.

Break the loop if calculation fails, we can leave retry to the callers
or user. This is similar to the way allocation and generation of a new
random number was handled in this loop.

Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
2023-11-06 20:07:05 +02:00
Mohan Prabu
76ae985b0a Remove QCA_WLAN_VENDOR_ATTR_CONFIG_MLO_LINK_ID constraint
Currently the documentation for QCA_WLAN_VENDOR_ATTR_CONFIG_MLO_LINK_ID
indicates it is only for use inside nest attribute
QCA_WLAN_VENDOR_ATTR_CONFIG_MLO_LINKS.  Update the documentation to
allow it to be used outside that nest as well.

Signed-off-by: Mohan Prabu <quic_mprabub@quicinc.com>
2023-11-06 20:02:46 +02:00
Jouni Malinen
cc1867f5ca MLD STA: Use MLD MAC address as destination for EAPOL-Key request
Also this EAPOL frame uses the MLD MAC address of the AP MLD when sent
during an MLO association.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-11-06 20:02:09 +02:00
Rohan Dutta
c92311fed7 MLD STA: Fix destination address for Group Key handshake msg 2/2
For MLO association, specify destination address as the MLD MAC address
for sending Group Key msg 2/2.

Signed-off-by: Rohan Dutta <quic_drohan@quicinc.com>
2023-11-06 19:58:22 +02:00
Jouni Malinen
1af364e3ce tests: AP MLD and GTK rekeying with MLD client connection using two links
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-11-06 19:56:41 +02:00
Gokul Sivakumar
4f20dd52ff wpa_cli/hostapd_cli: Add driver_flags2 command
Leverage the already available control socket cmd "DRIVER_FLAGS2" and
dump the driver capab "flags2" bitmask on triggering the new CLI CMD
"driver_flags2", similar to the already existing CLI CMD "driver_flags".

$ hostapd_cli -i wlan0 driver_flags2
(OR)
$ wpa_cli -i wlan0 driver_flags2
0000000000000020:
BEACON_RATE_HE

Signed-off-by: Gokul Sivakumar <gokulkumar.sivakumar@infineon.com>
2023-11-06 15:16:18 +02:00
Gokul Sivakumar
c0da381a31 nl80211: Add capa.flags2 to STATUS-DRIVER
This adds the newer driver capability "flags2" bitmask to the
hostapd_cli/wpa_cli "status driver" result.

Signed-off-by: Gokul Sivakumar <gokulkumar.sivakumar@infineon.com>
2023-11-06 15:15:59 +02:00
Gokul Sivakumar
d193726aa1 nl80211: Dump driver_flags2 in debug prints
This was already done for driver_flags, but the newer driver_flags2 was
not covered here.

Signed-off-by: Gokul Sivakumar <gokulkumar.sivakumar@infineon.com>
2023-11-06 15:15:41 +02:00
Gokul Sivakumar
ed1ae82a39 Update the driver_flags2 to string conversion
Populate the switch case in the driver_flag2_to_string() function with
the full list of feature MACROs represented with the "flags2" bitmask.

Signed-off-by: Gokul Sivakumar <gokulkumar.sivakumar@infineon.com>
2023-11-06 15:14:32 +02:00
Gokul Sivakumar
bbc7ffe852 Rename driver capability for radar background detection
Use the WPA_DRIVER_FLAGS2_ prefer for this to be more consistent.

Signed-off-by: Gokul Sivakumar <gokulkumar.sivakumar@infineon.com>
2023-11-06 15:07:01 +02:00
krishna T
5025047ac3 Fix use after free warning introduced by gcc 12.1
gcc 12.1 complains about using pointer after realloc as it could
potentially be moved/freed, causing any uses after UB.

Fix this by doing checks before realloc and use those statuses and
update with new BSS.

Signed-off-by: Krishna T <krishna.t@nordicsemi.no>
2023-11-06 10:57:34 +02:00
Chung-Hsien Hsu
236c0cfbcd SAE: Pass SAE password on connect for SAE authentication offload support
Pass SAE password on connect if driver advertises SAE authentication
offload support.

Signed-off-by: Chung-Hsien Hsu <chung-hsien.hsu@infineon.com>
Signed-off-by: Daisuke Mizobuchi <mizo@atmark-techno.com>
2023-11-05 20:35:10 +02:00
Chung-Hsien Hsu
6cc78b3945 nl80211: Set NL80211_WPA_VERSION_2 vs. _3 based on AKM
Signed-off-by: Chung-Hsien Hsu <chung-hsien.hsu@infineon.com>
Signed-off-by: Daisuke Mizobuchi <mizo@atmark-techno.com>
2023-11-05 20:35:10 +02:00
Chung-Hsien Hsu
c3b8452e0e nl80211: SAE authentication offload support
Set WPA_DRIVER_FLAGS2_SAE_OFFLOAD flag if the driver indicates SAE
authentication offload support for STA mode. Allow SAE password to be
provided to the driver in such cases when using the CONNECT command.

Signed-off-by: Chung-Hsien Hsu <chung-hsien.hsu@infineon.com>
Signed-off-by: Daisuke Mizobuchi <mizo@atmark-techno.com>
2023-11-05 20:35:07 +02:00
Ze Gan
750403f3ad mka: Fix re-establishment by resetting MI
The key server may be removed due to the ingress packets delay. In this
situation, the endpoint of the key server may not be aware of this
participant who has removed the key server from the peer list. Because
the egress traffic is normal, the key server will not remove this
participant from the peer list of the key server. So in the next MKA
message, the key server will not dispatch a new SAK to this participant.
And this participant cannot be aware of that that is a new round of
communication so that it will not update its MI at re-adding the key
server to its peer list. So we need to update MI to avoid the failure of
re-establishment MKA session.

Signed-off-by: Ze Gan <ganze718@gmail.com>
2023-11-05 19:25:27 +02:00