For a memory constrained system, it may be more important to reduce
binary size than include support for these capabilities.
By default this is enabled.
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
For a memory constrained system, it may be more important to reduce
binary size than include support for these capabilities.
By default this is enabled.
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
Removing radio measurements and supported operating class indication
might be needed to reduce binary size for a memory constrained system
that does not need more advanced features. However, removing these is
not recommended since they can help the AP manage the network and STA
steering.
By default this functionality is enabled.
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
Beacon hinting is a feature that can temporarily change the regulatory
rule flags on the channel where the radio hears the beacon. Add a new
event CTRL-EVENT-REGDOM-BEACON-HINT to notify the wpa_supplicant user
about an important update to the regulatory rules including which
frequencies are impacted, new power limit, and new rule flags.
Signed-off-by: Jun Yu <junyuu@chromium.org>
Do not allow offchannel operation for action frame transmission if
no frequency is specified, as this doesn't make sense.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
The wpa_auth_callbacks for mesh was missing a for_each_sta
implementation. This is an issue with pmksa cache, as when a cache entry
expires the for_each_sta callback is called in order to clear the pmksa
reference for all sta that was using this entry. Not having a
for_each_sta callback will prevent this cleanup to happen then a sta
could still use this pmksa entry even after it has been freed.
This used after free was not a problem up until recently where
dpp_pkhash is now stored in pmksa entry and retreived later on causing
crash with below backtrace:
_wpa_snprintf_hex src/utils/common.c:326
wpa_snprintf_hex src/utils/common.c:348
hostapd_ctrl_iface_sta_mib src/ap/ctrl_iface_ap.c:542
hostapd_ctrl_iface_sta_mib src/ap/ctrl_iface_ap.c:542
hostapd_ctrl_iface_sta_mib src/ap/ctrl_iface_ap.c:600
hostapd_ctrl_iface_sta src/ap/ctrl_iface_ap.c:615
wpa_supplicant_ctrl_iface_process src/wpa_supplicant/ctrl_iface.c:12741
wpa_supplicant_global_ctrl_iface_receive src/wpa_supplicant/ctrl_iface_unix.c:1141
eloop_sock_table_dispatch src/utils/eloop.c:625
eloop_run src/utils/eloop.c:1238
wpa_supplicant_run src/wpa_supplicant/wpa_supplicant.c:8021
main src/wpa_supplicant/main.c:393
Adding a for_each_sta callbacks fixes that.
Fixes: 043dedee83 ("DPP: Expose enrollee pubkey hash for identification")
Signed-off-by: Remi Pommarel <repk@triplefau.lt>
The length of the PMK ended up getting lost when a PMKSA cache entry was
added based on externally managed information. Set the PMK length in SAE
context to get the correct length stored into the actual PMKSA cache
entry that gets created in this path.
Signed-off-by: Jouni Malinen <j@w1.fi>
According to this message https://marc.info/?l=binutils&m=165363679302282
the type bfd_hostptr_t is dropped in favor of uintptr_t.
Replace the use of this type in the code.
Signed-off-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Going through everything to test parsing of the basic ML element and the
RNR element is not really feasible for MBSSID mode. As such, add a unit
test to excercise parsing the available links from the RNR, basic ML
element and MBSSID-Index element if present.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
nl80211_set_secure_ranging_ctx() was already ignoring the operation, but
this is included only with CONFIG_DRIVER_NL80211_QCA=y. Make the default
case use same behavior based on the callback function not being defined.
This is needed to allow the following test cases to work:
pasn_owe_tm_kdk_secure_ltf pasn_sae_kdk_secure_ltf
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
USe the link ID information to determine the specific affiliated link
when processing channel switch events on an AP MLD.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
There is an issue when starting a non-MLD AP on the same interface that
previous operated as an AP MLD. When the previous AP MLD got stopped,
links were not removed when using hostapd. Next non-MLD AP will fail to
start because some nl80211 operations still require link id (e.g., set
freq).
Remove links when AP MLD is stop to avoid such issue. This was already
done in the deinit_ap() handler when using wpa_supplicant, but hostapd
needs to do same.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Do include group MLO KDEs for links for which the information is
missing.
In addition, set the KDE buffer length based on the added data.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
The tag is inserted as the first item in the stack trace, making it
trivial to match against it from the test.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Having the ability to trigger multiple failures in one test can be
useful. Add support to the test infrastructure to do this.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Refactor the backtrace matching a bit in order to allow triggering
multiple failures in one test.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Get rid of more or less duplicated implementation of backtrace matching
for the two testing failure cases.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Move the hostapd and wpa_supplicant control interface handlers into a
shared functions instead of duplicated implementation.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
These were either sending the command to the wrong
hostapd/wpa_supplicant instance or using the wrong command. This
currently causes the wait to just immediately stop, but with future
commits it would start failing.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Future commits change the related code and exception string. Avoiding
using the context is easy here and actually avoids two layers of
nesting.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
When processing a (Re)Association Request frame and no corresponding
station is found, try to find the station using the station MLD MAC
address from the Basic ML element, as it is possible that the station
is trying to re-associate but with a different link address (in such
a case the underlying driver would not perform address translations).
When sending the (Re)Association Response frame, use the addresses from
the (Re)Association Request frame and not the AP MLD MAC address, again,
to avoid the address translation done in the driver.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
When connecting, pending_bssid is set to the main link that we are
authenticating/associating on. Later on, the MLD MAC address will be
stored in the bssid, but we may also try to deauthenticate before we are
connected and in that case, pending_bssid is not yet set to the MLD MAC
address.
As such, use the ap_mld_addr instead of pending_bssid if n_mld_links is
non-zero. This is the sensible thing to do and expected behavior on
nl80211.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
For AP MLD, when BSSID configuration is specified without mld_addr, the
first link address is used as the MLD MAC address as well. Though IEEE
P802.11be allows this, the current implementation and the kernel aren't
happy about it. Better avoid this.
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
This improves chances with APs that do not reply to Probe Request frame
with short SSID or with direct BSSID.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
According to IEEE P802.11be/D4.0, 35.3.4.2, the AP MLD ID must be
included in the Probe Request ML element in case it is sent to a
transmitted BSS in which case it should be set to 0. If it is sent to an
non-transmitted BSSID, the AP MLD ID should not be included.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
IEEE P802.11be/D4.0, 9.4.2.312.2.3 states that the AP MLD ID should only
be included in some ML probe responses. Beacon frames shouldn't include
AP MLD ID.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
This responds by simply embedding most of the IEs from the other links
into the ML element. This is not correct really, as inheritance rules
should be applied and an inheritance element may need to be added.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Add a simple for_each_mld_link helper that sets first variable to the
hapd data for every link. It takes the interfaces and MLD ID as
arguments and two extra integers as scratch variables (for the interface
and bss offsets).
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
This adds the parsing of ML probe requests. Handling will be added by a
later commit.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
To support ML probe request we will need to include IEs from the other
hapd instances in the response. Split the function to allow just
generating the per-instance IEs separately.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
This effectively moves setting the csa/ecsa/cca position to happen
only when a Probe Response template for offloading is generated.
One could probably avoid the global variable altogether, as the
value is immediately consumed into struct {csa,cca}_settings.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
If for some reason association fails and a link which has an error is
reported, add that specific link to the ignore list. After that,
immediately retrigger the connection code. In the usual case, we are
then going to reconnect to the same AP MLD but with that particular link
not being included in the connection.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
If a link specific error occured, mark the offending link within the
association parameters.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
The kernel may report the link that caused an error by setting
NLMSGERR_ATTR_OFFS pointing to the NL80211_ATTR_MLO_LINKS element
that was the reason for the error.
Parse this information if the optional struct nl80211_err_info is
passed to send_and_recv_msgs().
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
