Commit graph

19075 commits

Author SHA1 Message Date
Jouni Malinen
45817ad1a3 tests: Clear STA state at the end of ap_ft_reassoc_proto
Do not leave dev[0] in state where it is waiting for
NL80211_CMD_ASSOCIATE to complete since that might deliver an
ASSOC_TIMED_OUT event to the next test case.

Signed-off-by: Jouni Malinen <j@w1.fi>
2023-12-10 19:30:44 +02:00
Jouni Malinen
8e294c3a2c P2P: Recover from successfully requested, but not started, listen
It is possible for the start_listen() callback to be called to request
the driver to start a driver operation and stop_listen() called
immediately after that (e.g., due to a request to transmit a P2P Public
Action frame) before the driver has had time to start ROC and send an
event to notify of that. Such a sequence could result in
p2p->pending_listen_freq being left to a nonzero value without getting a
call to p2p_listen_cb() to clear it. This would stop an ongoing P2P
listen operation since no following p2p_listen() call would start the
listen due to the pending command being assumed to be in effect.

Fix this by detecting this particular sequence and clearing
p2p->pending_listen_freq.

This was found with the p2p_listen_and_offchannel_tx test case with the
new kernel scheduled and UML time-travel.

Signed-off-by: Jouni Malinen <j@w1.fi>
2023-12-10 19:30:44 +02:00
Jouni Malinen
97f7f9ce9b tests: Make dpp_two_initiators more robust
This test case has a race condition between the first and second
initiated DPP exchange. New kernel scheduling with UML time-travel is
making the first exchange complete before the first one can be started.
Making this fully robust would likely need ext_mgmt_frame_handling=1 and
more complex test script, but as an initial workaround, split URI
parsing from dev[2] to happen before dev[1] is started so that only a
single DPP_AUTH_INIT command is needed during the race window.

In addition, detect the race condition and SKIP the test instead of
reporting FAIL.

Signed-off-by: Jouni Malinen <j@w1.fi>
2023-12-10 19:30:44 +02:00
Jouni Malinen
b0fc0154f5 tests: Wait for hostapd event in addition to wpa_supplicant
Wait for hostapd to complete processing before taking the next step in a
test instead of waiting just for wpa_supplicant. This avoids race
conditions with UML time-travel.

Signed-off-by: Jouni Malinen <j@w1.fi>
2023-12-09 19:02:38 +02:00
Jouni Malinen
37a7b14dd9 tests: Wait for regdom events in wpas_config_file
Make sure the pending regdom changes are processed before returning to
avoid some potential race conditions.

Signed-off-by: Jouni Malinen <j@w1.fi>
2023-12-09 19:02:38 +02:00
Jouni Malinen
5a4a5aa82d tests: Wait for CTRL-EVENT-REGDOM-CHANGE before starting AP
Wait for the country change to take effect before trying to start
wpa_supplicant AP mode on the 5 GHz band.

Signed-off-by: Jouni Malinen <j@w1.fi>
2023-12-09 19:02:38 +02:00
Jouni Malinen
e521477a38 tests: Wait a bit after radio work start in dpp_listen()
Even though the radio work has started here, kernel might not have
started ROC (i.e., the REMAIN_ON_CHANNEL event has not yet been
received). Wait a bit to increase likelihood of everything being ready
for the following DPP operation.

Signed-off-by: Jouni Malinen <j@w1.fi>
2023-12-09 19:02:38 +02:00
Jouni Malinen
c3c326d2a1 tests: Avoid race condition in RRM beacon report tests
At least with UML time-travel, it is possible for the response frame to
be received before the TX status of the request is delivered. Such a
sequence resulted in run_req_beacon() dropping the response event and
the following step failing due to a missing event. Avoid this by caching
the received response in run_req_beacon() and returning them to the
caller.

Signed-off-by: Jouni Malinen <j@w1.fi>
2023-12-09 19:02:38 +02:00
Jouni Malinen
0aecf9e62c tests: Make sigma_dut AP SAE tests more robust
Wait some time before requesting disconnection to allow hostapd to
complete 4-way handshake processing. Wait some time after disconnection
has been completed on the STA before trying to use SAE again with the AP
so that hostapd has a chance to complete disconnection with UML
time-travel.

Signed-off-by: Jouni Malinen <j@w1.fi>
2023-12-09 19:02:38 +02:00
Jouni Malinen
2bbcb9ec13 tests: bgscan_simple and BTM query
Signed-off-by: Jouni Malinen <j@w1.fi>
2023-12-09 11:38:21 +02:00
Ben Greear
ceb7f65dcc bgscan: Allow simple bgscan to do BTM queries
Allow doing X BSS transition management query calls before falling back
to scan.

Example format to do 4 BTM queries before attempting a scan:
bgscan="simple:30:-65:300:4"

Signed-off-by: Ben Greear <greearb@candelatech.com>
2023-12-09 11:31:32 +02:00
Jouni Malinen
a83d3132e8 WNM: Define BSS transition management reason values
Signed-off-by: Jouni Malinen <j@w1.fi>
2023-12-09 11:22:14 +02:00
Vinayak Yadawad
7ee7b046a9 nl80211: Use attribute NL80211_ATTR_BSSID to scan for specific BSSID
With changes to optimize scan for specific BSSID, there arises a
scenario where in nl80211_trigger_scan() is called with a scan
randomization enabled. A combination of NL80211_ATTR_MAC for BSSID and
scan randomization, which uses NL80211_ATTR_MAC for a different purpose,
results in invalid error for the scan request. To fix the issue use
attribute NL80211_ATTR_BSSID instead of NL80211_ATTR_MAC.

NL80211_ATTR_BSSID was introduced in kernel commit 2fa436b3a2a7
("nl80211: Use different attrs for BSSID and random MAC addr in scan
req") in 2016. Prior to that, only NL80211_ATTR_MAC could be used for
specifying the target BSSID. For backwards compatibility, add the
NL80211_ATTR_MAC attribute as well when not using a random MAC address.

Signed-off-by: Vinayak Yadawad <vinayak.yadawad@broadcom.com>
2023-12-09 10:56:20 +02:00
Benjamin Berg
5bbc9462a0 tests: Test driver association ML link rejection flow
The underlying driver can reject only specific links in an association
request. In that case we will only ignore the corresponding BSS. Add a
test for this flow by simulating an association failure on the second
link specifically.

Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
2023-12-06 22:41:40 +02:00
Benjamin Berg
e086ce16a4 tests: Add some MLD association tests
Test ML association, automatic link discovery using ML probe requests
and marking BSSs as failed after an ML association failure, if the
corresponding link also rejected the association.

Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
2023-12-06 22:39:23 +02:00
Andrei Otcheretianski
a02f52a055 tests: Update ML discovery test to also check probe requests
Also check that we can discover BSSs requests using ML probe requests.
Note that this requires a new enough mac80211 which parses the ML probe
request and reports the contained BSSs.

Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2023-12-06 22:37:14 +02:00
Ilan Peer
32434aa68a AP: Always include WPA_STA_AUTHORIZED in station flags mask
As otherwise, the underlying driver would not handle a change
in the 'authorized' state.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2023-12-06 21:54:08 +02:00
Ilan Peer
174a8fc416 AP MLD: Do not modify flags for link stations
All the station flags other than WPA_STA_SHORT_PREAMBLE are relevant
only for the MLD station and not to the link stations (as these flags
are related to the MLD state and not the link state).

As for the WPA_STA_SHORT_PREAMBLE, since the station is an EHT
station, it must have short preamble.

Thus, do not propagate the flags change for link stations to the driver.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2023-12-06 21:49:09 +02:00
Johannes Berg
a40f64a198 tests: kernel: Add test for regulatory disconnect in cfg80211
Add a test for regulatory disconnect, since that was broken
for quite a while in various ways.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2023-12-06 12:51:19 +02:00
Chaitanya Tata
0b5d111653 Fix MBO build with GAS dependency
On the default configuration if MBO only is enabled then build breaks as GAS
is not selected, if other features that auto-enable GAS are selected
then it works.

Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
2023-12-06 12:47:22 +02:00
Mikelis Vuls
58116877b6 EHT: Fix updating center freq segment 0 index for HE and VHT
Add additional check for 6 GHz operating class. Otherwise this results
in setting incorrect segment 0 index for 5 GHz 40 MHz channel 157-161,
which has the same center segment 0 index 159 as 6 GHz 320 MHz expected
channel.

Fixes: 085a3fc76e ("EHT: Add 320 channel width support")
Signed-off-by: Mikelis Vuls <mvuls@maxlinear.com>
2023-12-06 12:11:13 +02:00
Jouni Malinen
40b04b7034 Document Tunnel-Password encoding for passphrase/PSK
Signed-off-by: Jouni Malinen <j@w1.fi>
2023-12-06 12:11:13 +02:00
Jaap Keuter
37d122c2f1 KaY: Make debug output consistent
Be consistent in capitalization and peer presentation.

Signed-off-by: Jaap Keuter <jaap.keuter@xs4all.nl>
2023-12-06 12:11:08 +02:00
Jurijs Soloveckis
f0cb823512 EHT: Add configuration for the EHT default PE duration
Add a new configuration parameter for the duration of PE field in EHT TB
PPDU.

Signed-off-by: Jurijs Soloveckis <jsoloveckis@maxlinear.com>
2023-12-06 12:02:44 +02:00
Jaap Keuter
e8121c52f4 tests: Drop use of ifconfig, use ip instead
Signed-off-by: Jaap Keuter <jaap.keuter@xs4all.nl>
2023-12-06 11:57:57 +02:00
Liangwei Dong
5a47bbc36b Add QCA vendor command to query transmit power information
Add a new QCA subcommand QCA_NL80211_VENDOR_SUBCMD_REGULATORY_TPC_INFO
and related attributes qca_wlan_vendor_attr_tpc_links,
qca_wlan_vendor_attr_tpc definition to query transmit power information
on STA interface from the driver for a connected AP.

The information includes regulatory max transmit power limit, AP local
power constraint advertised from AP's Beacon and Probe Response frames.
For PSD power mode, the information includes PSD power levels for each
subchannel of operating bandwidth. The information is driver calculated
power limits based on current regulatory domain, AP local power
constraint and other IEs. The information will be set to target. Target
will decide final TX power based on this and chip specific power
conformance test limits (CTL), and SAR limits.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-12-05 13:01:27 +02:00
Chenming Huang
9c2d6c4232 Add QCA vendor attributes for link id for HT-scan/ACS command
For AP MLD case, HT-scan and ACS happens per link. To determine the
correct link, link id is required.

Signed-off-by: Chenming Huang <quic_chenhuan@quicinc.com>
2023-12-05 12:52:01 +02:00
Nagarajan Maran
7b67055794 Add QCA vendor commands for SDWF
Define subcmd IDs 235 and 236 for Service Defined Wi-Fi (SDWF).

Signed-off-by: Nagarajan Maran <quic_nmaran@quicinc.com>
2023-12-04 17:33:27 +02:00
Chaitanya Tata
20c82a2708 Add an option to remove WMM-AC
For a memory constrained system, it may be more important to reduce
binary size than include support for these capabilities.

By default this is enabled.

Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
2023-12-03 11:43:45 +02:00
Chaitanya Tata
32b5f7f501 Add an option to remove Robust AV (SCS, MSCS, QoS Management)
For a memory constrained system, it may be more important to reduce
binary size than include support for these capabilities.

By default this is enabled.

Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
2023-12-03 11:43:45 +02:00
Chaitanya Tata
6ed8eba00d Add an option to remove RRM and supported operating class indication
Removing radio measurements and supported operating class indication
might be needed to reduce binary size for a memory constrained system
that does not need more advanced features. However, removing these is
not recommended since they can help the AP manage the network and STA
steering.

By default this functionality is enabled.

Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
2023-12-03 11:43:43 +02:00
Jun Yu
4b80ad1194 Populate the new beacon hint event to wpa_msg()
Beacon hinting is a feature that can temporarily change the regulatory
rule flags on the channel where the radio hears the beacon. Add a new
event CTRL-EVENT-REGDOM-BEACON-HINT to notify the wpa_supplicant user
about an important update to the regulatory rules including which
frequencies are impacted, new power limit, and new rule flags.

Signed-off-by: Jun Yu <junyuu@chromium.org>
2023-12-02 20:48:15 +02:00
Ilan Peer
d8cae2d024 nl80211: Do not allow off channel when frequency is not specified
Do not allow offchannel operation for action frame transmission if
no frequency is specified, as this doesn't make sense.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2023-12-02 20:35:21 +02:00
Remi Pommarel
bbb0d3a40e mesh: Add for_each_sta implementation in wpa_auth_callbacks
The wpa_auth_callbacks for mesh was missing a for_each_sta
implementation. This is an issue with pmksa cache, as when a cache entry
expires the for_each_sta callback is called in order to clear the pmksa
reference for all sta that was using this entry. Not having a
for_each_sta callback will prevent this cleanup to happen then a sta
could still use this pmksa entry even after it has been freed.

This used after free was not a problem up until recently where
dpp_pkhash is now stored in pmksa entry and retreived later on causing
crash with below backtrace:

  _wpa_snprintf_hex                        src/utils/common.c:326
  wpa_snprintf_hex                         src/utils/common.c:348
  hostapd_ctrl_iface_sta_mib               src/ap/ctrl_iface_ap.c:542
  hostapd_ctrl_iface_sta_mib               src/ap/ctrl_iface_ap.c:542
  hostapd_ctrl_iface_sta_mib               src/ap/ctrl_iface_ap.c:600
  hostapd_ctrl_iface_sta                   src/ap/ctrl_iface_ap.c:615
  wpa_supplicant_ctrl_iface_process        src/wpa_supplicant/ctrl_iface.c:12741
  wpa_supplicant_global_ctrl_iface_receive src/wpa_supplicant/ctrl_iface_unix.c:1141
  eloop_sock_table_dispatch                src/utils/eloop.c:625
  eloop_run                                src/utils/eloop.c:1238
  wpa_supplicant_run                       src/wpa_supplicant/wpa_supplicant.c:8021
  main                                     src/wpa_supplicant/main.c:393

Adding a for_each_sta callbacks fixes that.

Fixes: 043dedee83 ("DPP: Expose enrollee pubkey hash for identification")
Signed-off-by: Remi Pommarel <repk@triplefau.lt>
2023-12-02 20:34:34 +02:00
Jouni Malinen
b07f19e082 test: Mesh PMKSA entry validation with MESH_PMKSA_ADD
Signed-off-by: Jouni Malinen <j@w1.fi>
2023-12-02 20:32:56 +02:00
Jouni Malinen
4f69b4a31e mesh: Fix PMKSA cache entry addition with external PMKSA management
The length of the PMK ended up getting lost when a PMKSA cache entry was
added based on externally managed information. Set the PMK length in SAE
context to get the correct length stored into the actual PMKSA cache
entry that gets created in this path.

Signed-off-by: Jouni Malinen <j@w1.fi>
2023-12-02 20:31:16 +02:00
Jaap Keuter
0302c3ad22 trace: binutils replaces bfd_hostptr_t with uintptr_t
According to this message https://marc.info/?l=binutils&m=165363679302282
the type bfd_hostptr_t is dropped in favor of uintptr_t.
Replace the use of this type in the code.

Signed-off-by: Jaap Keuter <jaap.keuter@xs4all.nl>
2023-12-02 19:08:25 +02:00
Andrei Otcheretianski
d5ef16e987 tests: Add a unit test for RNR/basic ML element parsing
Going through everything to test parsing of the basic ML element and the
RNR element is not really feasible for MBSSID mode. As such, add a unit
test to excercise parsing the available links from the RNR, basic ML
element and MBSSID-Index element if present.

Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2023-12-02 19:02:02 +02:00
Jouni Malinen
a7fdd58039 tests: Update capability checks to include OpenSSL 3.1 and 3.2
Signed-off-by: Jouni Malinen <j@w1.fi>
2023-12-02 11:22:24 +02:00
Jouni Malinen
033634019d Ignore missing set_secure_ranging_ctx callback for testing purposes
nl80211_set_secure_ranging_ctx() was already ignoring the operation, but
this is included only with CONFIG_DRIVER_NL80211_QCA=y. Make the default
case use same behavior based on the callback function not being defined.
This is needed to allow the following test cases to work:
pasn_owe_tm_kdk_secure_ltf pasn_sae_kdk_secure_ltf

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-11-27 12:01:15 +02:00
Chenming Huang
d54d0d8983 AP MLD: Handle DFS in correct link
Link ID is needed for AP MLD to handle DFS events in the correct link.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-11-26 17:31:46 +02:00
Chenming Huang
f1fee0d1ff AP MLD: Handle channel switch event in correct link
USe the link ID information to determine the specific affiliated link
when processing channel switch events on an AP MLD.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-11-26 17:25:41 +02:00
Chenming Huang
fb6598864b nl80211: Add link ID when setting BSS attributes for AP MLD
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-11-26 17:12:46 +02:00
Chenming Huang
5487d8d9e9 nl80211: Specify link ID when sending Management frames
Extend nl80211_send_frame_cmd() to include the link ID to use for TX
with NL80211_CMD_FRAME.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-11-26 17:12:05 +02:00
Chenming Huang
859cbc396f nl80211: Remove links when stopping AP MLD in hostapd
There is an issue when starting a non-MLD AP on the same interface that
previous operated as an AP MLD. When the previous AP MLD got stopped,
links were not removed when using hostapd. Next non-MLD AP will fail to
start because some nl80211 operations still require link id (e.g., set
freq).

Remove links when AP MLD is stop to avoid such issue. This was already
done in the deinit_ap() handler when using wpa_supplicant, but hostapd
needs to do same.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-11-26 17:05:59 +02:00
Ilan Peer
50526415cb tests: Test GTK rekey in test_eht_mld_link_removal()
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2023-11-26 17:01:30 +02:00
Ilan Peer
780e72cc14 AP MLD: Do not include empty MLO KDEs
Do include group MLO KDEs for links for which the information is
missing.

In addition, set the KDE buffer length based on the added data.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2023-11-26 17:01:02 +02:00
Ilan Peer
ecd9ea0c8a AP MLD: Do not access WPA authenticator object if not valid
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2023-11-26 16:56:18 +02:00
Ilan Peer
21e8fcc807 nl80211: Add support for handling MLO removed links
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2023-11-26 13:42:43 +02:00
Ilan Peer
782d897e3c tests: Verify link removal (MLO)
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2023-11-26 13:25:57 +02:00