When channel 140 is configured in mesh, interface fails to come up due
to channel bond (136,140). Since Channel 136 is not HT40+ capable,
validation for HT channel bonding fails when it checks whether first
channel in the bond (channel 136) is HT40+ capable.
In mesh, during channel setup, secondary channel offset for the
configured channel will be selected as +1 if primary channel is capable
of HT40+. In current code, channel 140 is not allowed as HT40+ and hence
secondary channel offset is selected as -1, which makes 136 as secondary
channel. But channel 136 is not HT40+ supported and fails in channel
bonding validation.
Add 140 to HT40+ allowed list as HT40+ is supported for the channel.
Signed-off-by: Ramya Gnanasekar <quic_rgnanase@quicinc.com>
Pointer entry->ssid might be passed to owe_trans_ssid_match() function
as argument 3 with NULL value, and it may be dereferenced there. This
looks like a theoretical case that would not be reached in practice, but
anyway, it is better to check entry->ssid != NULL more consistently.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Since wpa_supplicant version 2.10 the extended capabilities MSCS and SCS
are advertised in the (Re)Association Request frames.
This causes the association request to be rejected by several access
points. Issue was observed with:
- D-Link DIR600
- TP-Link AC1900
- Synology MR2200ac
To avoid this issue the extended capabilities MSCS and SCS shall only be
added if the bss also supports them. While this may not follow the exact
behavior described in IEEE 802.11, this is a reasonable compromise to
avoid interoperability issues since these capabilities cannot be used
with an AP that does not support them anyway.
Note: The Extended Capabilities element is only included in the
Association Request frames if the AP also sent its extended capabilities
(see wpas_populate_assoc_ies()) as a workaround for misbehaving APs.
This workaround exists since version 2.1.
Signed-off-by: Sebastian Priebe <sebastian.priebe@konplan.com>
There is a delay between sending Association Response frame after having
received Association Request frame, due to the fact that between
receiving the request and sending the response the Beacon frame contents
is updated, after analyzing inputs from the STA. There may be several
updates if multiple fields need to change. This can cause issues with
some devices in noisy environments with many BSSs and connected STAs.
Optimize this by updating the beacon only once, even if there are
multiple reasons for updates.
Signed-off-by: Jurijs Soloveckis <jsoloveckis@maxlinear.com>
If the number of TBTT info is greater than RNR_TBTT_INFO_COUNT_MAX, the
new Neighbor AP Information field would need to be added in the RNR
element. However, the condition of adding Neighbor AP Information field
does not consider number of TBTT info. That would cause invalid Neighbor
AP Information field (the while loop will fill data by eid pointer) when
setting RNR element.
Signed-off-by: Allen.Ye <allen.ye@mediatek.com>
When it comes to set some BSS's beacon, there are two reasons to
update the beacon of co-located hostapd_iface(s) at the same time:
1. 6 GHz out-of-band discovery
2. MLD operational parameters update
BSS load update is unrelated with the above two reasons, and therefore
is not the case to update beacon for co-location. Moreover, updating
beacon for co-location when BSS load update makes hostapd set beacon too
frequently, which makes hostapd busy setting beacon in a multi-BSS case.
Add a new function to update beacon only for current BSS and use the
function during BSS load update.
Signed-off-by: Michael Lee <michael-cy.lee@mediatek.com>
Signed-off-by: Money Wang <money.wang@mediatek.com>
From IEEE 802.11:
The DSSS Parameter Set element is present within Beacon frames
generated by STAs using Clause 15, Clause 16, and Clause 18
PHYs.
The element is present within Beacon frames generated by STAs
using a Clause 19 PHY in the 2.4 GHz band.
Same is applied to the Probe Response frame.
Do not include the DSSS Parameters Set element when operating on other
bands.
Signed-off-by: Jurijs Soloveckis <jsoloveckis@maxlinear.com>
The function should return bool (0/1) and not int. In some environments
bool may be defined as unsigned char, so bits higher then 7 will be
discarded during the downcast. Fix it.
Signed-off-by: Daniel Gabay <daniel.gabay@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
This event may be sent before CTRL-EVENT-CONNECTED, so modify the test
cases to wait directly for TRANSITION-DISABLE by skipping the separate
wait for CTRL-EVENT-CONNECTED.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
It is possible for the sigma_dut process to be scheduled in a manner
that ends up combining the status,RUNNING and status,COMPLETE lines into
a single TCP message. This was supposed to be handled in the
sigma_dut_cmd() implementations, but that design had been broken by code
refactoring that changed the indentation level incorrectly.
Fixes: d68946d510 ("tests: sigma_dut and DPP push button first on Enrollee")
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
This is needed to avoid generating an nontransmitted BSS profile that
would claim the Extended Rates element to be non-inherited.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
The List of Element ID Extensions field is not an optional field, so
include it in the Non-Inheritance element with Length=0 to indicate that
there is no Element ID Extension List.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Drivers will often report regdom changes in the middle of a scan if they
detect during that scan that the regulatory domain has changed. If this
happens and we enter a regdom that supports 6 GHz channels when the
previous one didn't (this often happens in 6 GHz-capable regdoms for
devices after suspend/resume), immediately trigger a 6 GHz-only scan if
we were not able to connect to an AP on a legacy band.
This should significantly improve connection time to 6 GHz AP after
regdom has been reset.
Signed-off-by: Matthew Wang <matthewmwang@chromium.org>
Store 6 GHz capability on channel list update for wpa_supplicant use.
This will be used in the next commit to extend scanning behavior based
on changes to 6 GHz channel availability.
Signed-off-by: Matthew Wang <matthewmwang@chromium.org>
Presence of any 6ghz channels indicates nl80211 driver 6 GHz support,
not non-DISABLED channels. This increases the timeout for scan
completion for cases where 6 GHz might get scanned even if all the
channel there are currently DISABLED.
Signed-off-by: Matthew Wang <matthewmwang@chromium.org>
wpa_supplicant_trigger_scan() previously wouldn't include any of the IEs
generated by wpa_supplicant_extra_ies(). Instruct it to do so in most
cases. This is necessary because MBO STAs are required to include MBO
capabilities in their Probe Request frames.
Signed-off-by: Matthew Wang <matthewmwang@chromium.org>
Use more specific condition for the allocation failure to allow
wpa_supplicant_trigger_scan() implementation to be modified without
making this test case fail.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Wait for allocation failure using wait_fail_trigger() instead of waiting
for a scan failure event since that failure event will go away with
implementation change.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
To support Opportunistic Key Caching for Suite B key management, KCK
needs to be stored on PMKSA to derive the new PMKID correctly when
processing reassociation from a STA to a new AP.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
To support Opportunistic Key Caching for Suite B key management, KCK
needs to be stored on PMKSA to derive the new PMKID correctly for the
new roaming AP.
Signed-off-by: Vinoth V <vinoth117@gmail.com>
After GO negotiation is completed, the P2P Client needs to scan the GO
before connecting. Only SSID was specified for this and the driver still
might need to scan all channels which wastes time. wpa_supplicant can
pass the known BSSID in the scan request in additional P2P cases and
this allows the driver sto stop the scan once the specific BSSID is
found. This helps reduce some time for P2P connection.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
A driver may not support setting MAC address when interface is UP, so
wpa_supplicant used to always sets the interface down for MAC address
change.
Try to change the address first without setting the interface down and
then fall back to DOWN/set addr/UP if the first attempt failed. This can
reduce the interface setup time for time-critical use cases.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Handler function for "Scan" method call of a network device doesn't set
non_coloc_6ghz, therefore wpa_supplicant doesn't scan non-PSC channels
on 6GHz band only if a co-located AP was reported on the channel.
Add NonColoc6GHz and 6GHzOnly flags to the wpas_dbus_handler_scan, so
that dBus scan requests can cover non-PSC channels and scan only 6 GHz
channels.
Signed-off-by: Kaidong Wang <kaidong@chromium.org>
Parse the reconfiguration Multi-Link element and:
- Don't select a BSS for connection if it is part of an MLD
and is going to be removed.
- Don't scan for missing links that are to be removed.
- Don't include removed links in association.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Add a control interface to trigger ML probes for testing purposes.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Add support for building and sending ML probe requests. During connect,
try to send an ML probe request if we are going to connect to an MLD AP
and the BSS information for some of the links is missing.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Extend 'struct wpa_driver_scan_params' to allow higher layer to indicate
if minimal probe request content should be included by the driver as part
of the scan logic.
Implement this with driver_nl80211, by setting
NL80211_SCAN_FLAG_MIN_PREQ_CONTENT.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Make the current HE BSS color available in STATUS command output since
this can change dynamically based on color collisions.
Signed-off-by: Antonio Prcela <antonio.prcela@gmail.com>
Signed-off-by: Antonio Prcela <antonio.prcela@sartura.hr>
Use the wpas_notify_mesh_peer_*() functions for sending the control
interface events in addition to the D-Bus events so that these are all
done consistently.
Signed-off-by: Jouni Malinen <j@w1.fi>
When using mesh we have incoherent
MESH-PEER-CONNECTED/MESH-PEER-DISCONNECTED messages when we restart one
of the devices without disconnecting it first. Sometimes we have the
right behavior, a peer disconnect and then a peer connect, sometimes we
only have a a peer connected without a peer disconnected first, and
sometimes we have nothing at all.
As the plink count seem to be correctly tracked and because we only send
the connected event on plink count increase, lets send the peer
disconnected event on plink count decrease.
Signed-off-by: Nicolas Escande <nico.escande@gmail.com>
When using wpa_supplicant to connect to a mesh network or to create an
AP, the current code doesn't respect all CONFIG_XXX_OVERRIDES network
parameters, just disable_ht in CONFIG_HT_OVERRIDES.
Add support for some of the others modulation related disable flags:
- disable_ht40 with CONFIG_HT_OVERRIDES
- disable_vht with CONFIG_VHT_OVERRIDES
- disable_he with CONFIG_HE_OVERRIDES
Signed-off-by: Nicolas Escande <nico.escande@gmail.com>
Previously the NL80211_CMD_SET_QOS_MAP command was sent to the radio
interface. Send this command using nl80211_cmd_msg() and the bss,
instead of drv.
Signed-off-by: Arnon Meydav <ameydav@maxlinear.com>
This should allow STA to make better choice about which BSS to roam to.
Use estimated throughput as comparison value. Can improve the estimated
throughput calculation to improve this selection criteria if wanted in
the future.
Signed-off-by: Ben Greear <greearb@candelatech.com>
Along with canceling queued scan, abort ongoing scan if any, this
ensures Wi-Fi interface is in usable state after disconnect is issued,
else subsequent scan after disconnect might fail with EBUSY.
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
Certain internet service providers transmit VLAN 0 priority tagged
EAPOL frames from the ONT towards the residential gateway. VID 0
should be ignored, and the frame processed according to the priority
set in the 802.1P bits and the encapsulated EtherType (i.e., EAPOL).
The pcap filter utilized by l2_packet_* is inadquate for this use case.
Here we modify the pcap filter on FreeBSD to accept both unencapsulated
and encapsulated (with VLAN 0) EAPOL EtherTypes. This preserves the
original filter behavior while also matching on encapsulated EAPOL.
Additional work is required to support this handling on other platforms.
We also modify the rx_receive handler to offset the packet buffer
and length when handling dot1q encapsulated frames so the existing
packet parsing code works as-is.
Signed-off-by: R. Christian McDonald <rcm@rcm.sh>
Sponsored by: Rubicon Communications, LLC ("Netgate")
If the current AP advertises disassociation imminent, move it to the
back of the candidate list so we don't select it again while other
candidates are available.
Signed-off-by: Po-Hao Huang <phhuang@realtek.com>
Some kind of race condition seemed to be hit at least in test sequence
"p2p_ext_vendor_elem_invitation pasn_comeback_after_0_sae" where the P2P
invitation response could have been received just after having scheduled
a new p2p-listen radio work, but before that work had been started. In
the case of accepted invitation, this could result in unnecessary extra
delay when that p2p-listen work ended up getting started at the exact
time that the local device was starting GO.
Avoid this race condition by removing the pending p2p-listen radio work
when P2P listen is stopped.
Signed-off-by: Jouni Malinen <j@w1.fi>
wpa_supplicant underestimates 6 GHz SNR as it assumes 2 GHz default
noise in the estimation.
Use 6 GHz default noise when estimating 6 GHz SNR.
Signed-off-by: Kaidong Wang <kaidong@chromium.org>
The range for the 5 GHz channel 118 was encoded with an incorrect
channel number.
Fixes: ed8e13decc (ACS: Extract bw40/80/160 freqs out of acs_usable_bwXXX_chan())
Signed-off-by: Michael Lee <michael-cy.lee@mediatek.com>
