Add sub-command QCA_NL80211_VENDOR_SUBCMD_PEER_FLUSH_PENDING to flush
pending packets in firmware. The attributes are listed in enum
qca_wlan_vendor_attr_flush_pending. The QCA_WLAN_VENDOR_ATTR_PEER_ADDR
specifies the peer MAC address and the QCA_WLAN_VENDOR_ATTR_AC specifies
the access category of the pending packets.
Signed-off-by: Lin Tingting <tinlin@qti.qualcomm.com>
A new vendor attribute QCA_WLAN_VENDOR_ATTR_LL_STATS_WMM_AC_PENDING_MSDU
is added for vendor sub-command QCA_NL80211_VENDOR_SUBCMD_LL_STATS_GET.
This attribute is for pending MSDUs corresponding to respective AC.
Signed-off-by: Zhang Qian <zhangq@qti.qualcomm.com>
This adds support for SAE in AP mode with the atheros driver interface.
EVENT_RX_MGMT includes SAE processing while EVENT_AUTH would require
more changes to make this work.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Undefine the __bitwise macro before defining it to avoid conflicts
with the one from linux/types.h; the same is done some lines above
when __CHECKER__ is defined. Fixes the following warning:
In file included from ../src/l2_packet/l2_packet_linux.c:15:0:
hostap/src/utils/common.h:438:0: warning: "__bitwise" redefined
#define __bitwise
In file included from /usr/include/linux/filter.h:9:0,
from ../src/l2_packet/l2_packet_linux.c:13:
/usr/include/linux/types.h:21:0: note: this is the location of the previous definition
#define __bitwise __bitwise__
Signed-off-by: Beniamino Galvani <bgalvani@redhat.com>
../src/common/dpp.c: In function 'dpp_test_gen_invalid_key':
../src/common/dpp.c:5531:10: warning: return makes integer from pointer without a cast [-Wint-conversion]
return NULL;
^
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
There should be no wpa_pmk_to_ptk() calls with the cipher argument
indicating a cipher that is not allowed as a pairwise cipher. However,
it looks like that was possible to happen with wlantest. Check for this
corner case explicitly to avoid generating confusing debug logs.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This is for protocol testing to check what happens if the Responser
receives an unexpected Authentication Response instead of Authentication
Confirm.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This prevents issues where an unexpected message in the DPP
Authentication exchange or PKEX could result in undefined behavior.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This extends wpa_supplicant DPP implementation to retransmit DPP
Authentication Response frame every 10 seconds up to 5 times if the peer
does not reply with DPP Authentication Confirm frame.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Previously, this command stopped listen operation immediately, but if
there was an ongoing authentication exchange, a new listen operation was
started. This is not really expected behavior, so stop the
authentication exchange first with this command to avoid restarting
listen operation.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
The new role=either parameter can now be used with DPP_AUTH_INIT to
indicate that the initiator can take either the Configurator or Enrollee
role.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This extends wpa_supplicant to iterate over all available channels from
the intersection of what the peer indicates and the local device
supports when initiating DPP Authentication. In addition, retry DPP
Authentication Request frame up to five times if no response is
received.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This is an initial step in allowing non-operating channel operations
with DPP when hostapd is the Responder. For now, this is only used for
specifying role=configurator/enrollee and qr=mutual cases similarly to
the wpa_supplicant configuration for in Responder role. Request to use a
non-operating channel will be rejected.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Add the following vendor commands and their vendor attributes for
spectral scan.
1) QCA_NL80211_VENDOR_SUBCMD_SPECTRAL_SCAN_GET_CONFIG
Get current values of spectral parameters.
2) QCA_NL80211_VENDOR_SUBCMD_SPECTRAL_SCAN_GET_DIAG_STATS
Get stats for spectral scan debug.
3) QCA_NL80211_VENDOR_SUBCMD_SPECTRAL_SCAN_GET_CAP_INFO
Get the spectral hardware capability.
4) QCA_NL80211_VENDOR_SUBCMD_SPECTRAL_SCAN_GET_STATUS
Get the current status of spectral scan.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Some drivers may accept the remain-on-channel command, but instead of
indicating start event for remain-on-channel, just indicate that the
operation has been canceled immediately. This listen cancel from the
WAIT_PEER_CONNECT state ended up in discontinuation of further
WAIT_PEER_IDLE/WAIT_PEER_CONNECT state transitions. Hence, delay the
subsequent IDLE state by 100 ms.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Add QCA_WLAN_VENDOR_ATTR_LL_STATS_EXT_REPORT_TIME
and QCA_WLAN_VENDOR_ATTR_LL_STATS_EXT_MEASUREMENT_TIME to record
timestamp and duration for the last MAC counters. Some user layer
application is delay sensitive. It needs to know time stamp and
measurment duration for the counters.
Signed-off-by: Zhang Qian <zhangq@qti.qualcomm.com>
K and z can be derived already based on information available at the
time the PKEX Exchange Request is being processed, so move these there
from the PKEX Commit-Reveal Request processing since that matches the
DPP tech spec description close and allows PKEX exchange to be aborted
earlier if anything unexpected happens.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Add limit on number of failed attempts that could have used PKEX code.
If the limit (5) is reached, drop the PKEX state (including the code)
and report this on the control interface to indicate that a new code
needs to be entered due to possible attack.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Clean up the pending PKEX exchange if Commit-Reveal Request processing
indicates a mismatch in the PKEX code. Previously, the this case was
silently ignored and the session was left in pending state that
prevented new PKEX exchanges from getting initated. Now, a new attempt
is allowed to be initiated.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Number of places writing BIGNUM values with left-padding were open
coding this helper functionality unnecessarily.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Report mismatching finite cyclic group with PKEX Exchange Response using
STATUS_BAD_GROUP and provide more detailed error report over the control
interface on the peer device when this happens.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
The optional channel information was removed from the discovery object
in the DPP tech spec, so no need to maintain this TODO note anymore.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
The previously used WLAN_REASON_MICHAEL_MIC_FAILURE (14) value as a
response to Authentication frame or (Re)Association Request frame is not
correct since the resp value is encoded in the Status Code (not Reason
Code) field. Status Code 14 is WLAN_STATUS_UNKNOWN_AUTH_TRANSACTION
which is really what this value would have meant in the response frames.
There is no Michael MIC failure status code, so have to use the generic
"Unspecified failure" (1) reason code for these cases.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This cleans up dpp_pkex_rx_commit_reveal_req() a bit and makes it easier
to add protocol testing functionality to PKEX exchange similarly to the
previously added DPP Authentication case.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This cleans up dpp_pkex_rx_exchange_resp() a bit and makes it easier to
add protocol testing functionality to PKEX exchange similarly to the
previously added DPP Authentication case.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This cleans up dpp_pkex_rx_exchange_req() a bit and makes it easier to
add protocol testing functionality to PKEX exchange similarly to the
previously added DPP Authentication case.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Indicate to upper layers if PKEX Commit-Reveal Request frame AES-SIV
decryption fails. That is a likely sign of the PKEX code mismatch
between the devices.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Build breakage was introduced by commit
d8afdb210e ('Allow EAPOL-Key messages 1/4
and 3/4 to be retransmitted for testing') for some
CONFIG_TESTING_OPTIONS=y builds without CONFIG_IEEE80211W=y.
Signed-off-by: Lior David <qca_liord@qca.qualcomm.com>
This provides access to the Minimum/Maximum Transmit Power Capabilitie
fileds (the nominal minimum/maximum transmit power with which the STA
is capable of transmitting in the current channel; signed integer in
units of decibels relative to 1 mW).
Signed-off-by: bhagavathi perumal s <bperumal@qti.qualcomm.com>
