Commit graph

19299 commits

Author SHA1 Message Date
Chaitanya Tata
3cb51378f2 Abort ongoing scan on DISCONNECT
Along with canceling queued scan, abort ongoing scan if any, this
ensures Wi-Fi interface is in usable state after disconnect is issued,
else subsequent scan after disconnect might fail with EBUSY.

Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
2023-10-28 18:24:42 +03:00
R. Christian McDonald
5b21f4861c l2_packet_freebsd: Enable receiving priority tagged (VID=0) frames
Certain internet service providers transmit VLAN 0 priority tagged
EAPOL frames from the ONT towards the residential gateway. VID 0
should be ignored, and the frame processed according to the priority
set in the 802.1P bits and the encapsulated EtherType (i.e., EAPOL).

The pcap filter utilized by l2_packet_* is inadquate for this use case.

Here we modify the pcap filter on FreeBSD to accept both unencapsulated
and encapsulated (with VLAN 0) EAPOL EtherTypes. This preserves the
original filter behavior while also matching on encapsulated EAPOL.

Additional work is required to support this handling on other platforms.

We also modify the rx_receive handler to offset the packet buffer
and length when handling dot1q encapsulated frames so the existing
packet parsing code works as-is.

Signed-off-by: R. Christian McDonald <rcm@rcm.sh>
Sponsored by: Rubicon Communications, LLC ("Netgate")
2023-10-28 17:50:09 +03:00
Po-Hao Huang
0aa44ccf82 WNM: Lower rankings of current AP if disassociation imminent bit set
If the current AP advertises disassociation imminent, move it to the
back of the candidate list so we don't select it again while other
candidates are available.

Signed-off-by: Po-Hao Huang <phhuang@realtek.com>
2023-10-28 17:43:30 +03:00
Jouni Malinen
3242793cb8 P2P: Remove pending p2p-listen radio work on stopping listen
Some kind of race condition seemed to be hit at least in test sequence
"p2p_ext_vendor_elem_invitation pasn_comeback_after_0_sae" where the P2P
invitation response could have been received just after having scheduled
a new p2p-listen radio work, but before that work had been started. In
the case of accepted invitation, this could result in unnecessary extra
delay when that p2p-listen work ended up getting started at the exact
time that the local device was starting GO.

Avoid this race condition by removing the pending p2p-listen radio work
when P2P listen is stopped.

Signed-off-by: Jouni Malinen <j@w1.fi>
2023-10-28 17:23:25 +03:00
Michael-CY Lee
18330d1f6b hostapd: Update op_class after AP channel switching
Signed-off-by: Michael Lee <michael-cy.lee@mediatek.com>
2023-10-28 13:19:21 +03:00
Kaidong Wang
2563edb8c5 Use 6 GHz default noise when estimating 6 GHz SNR
wpa_supplicant underestimates 6 GHz SNR as it assumes 2 GHz default
noise in the estimation.

Use 6 GHz default noise when estimating 6 GHz SNR.

Signed-off-by: Kaidong Wang <kaidong@chromium.org>
2023-10-28 13:14:24 +03:00
Michael-CY Lee
7a73399321 ACS: Fix typo in bw_40 frequency array
The range for the 5 GHz channel 118 was encoded with an incorrect
channel number.

Fixes: ed8e13decc (ACS: Extract bw40/80/160 freqs out of acs_usable_bwXXX_chan())
Signed-off-by: Michael Lee <michael-cy.lee@mediatek.com>
2023-10-28 13:12:38 +03:00
Johannes Berg
d01f677c2a tests: hwsim: Add more tracing
Add SKB tracing (which shows now why/where a frame was dropped
in the stack), and also -T for stack trace at each event.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2023-10-28 13:05:13 +03:00
Johannes Berg
d76dbe6c7c tests: ap_mixed_security: Give AP time to set up stations
Give the AP some time to set up stations fully (in the
kernel) so that traffic forwarding will work.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2023-10-28 12:34:57 +03:00
Johannes Berg
ee74376589 tests: GAS: Wait for STA before ANQP_GET
We can't do ANQP when the STA is connected but the AP hasn't fully set
up the STA yet, so wait on the AP side before continuing.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2023-10-28 12:34:57 +03:00
Johannes Berg
3918c4123f tests: ap_open_poll_sta_no_ack: Fix mgmt-rx race
We need to wait for the MGMT-RX event before disabling
ext_mgmt_frame_handling again, otherwise we might be disabling it and
hostapd only receives the deauth frame after we already disable it,
defeating the purpose of the test.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2023-10-28 12:34:57 +03:00
Johannes Berg
95325f0969 tests: ap_pmf: Wait for STA appropriately
With PMF, we cannot do even deauth unless we wait for the STA to have
fully connected on the AP side, the STA thinking it has isn't sufficient
since it immediately says so after M4. Add wait_sta() before disconnect,
and also before SA_QUERY.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2023-10-28 12:34:57 +03:00
Johannes Berg
b3e3e3b0d5 tests: pmksa_cache: Wait for STA on AP side before query
Before querying the PMKSA cache, wait for the STA to have appeared on
the AP side, otherwise scheduling differences may have us asking when
the STA thinks it's connected but the AP hasn't fully processed that.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2023-10-28 12:34:57 +03:00
Johannes Berg
b99bb32f55 Don't disconnect on scan_freq update from control interface
It doesn't make sense to disconnect on updates to the
network's scan_freq, and in fact doing so causes some
(timing-/scheduling-dependent) test failures.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2023-10-28 12:34:57 +03:00
Johannes Berg
dbcaf927cd tests: ap_tdls: Wait before connectivity checks
All processes need to have a bit of time to mark the kernel STAs
authorized, otherwise traffic may fail. Give them some time, and also
use check_connectivity() in connectivity() since it's the same check,
just different arguments.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2023-10-28 12:34:57 +03:00
Johannes Berg
f562fd014a tests: Blocked rekey: Give slightly more time
Due to scheduling changes, we don't always now succeed to reconnect in
exactly 1 second, it might take 1.01. Give it 1.1 for a bit more leeway,
it's not clear why it should be exactly 1 second anyway.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2023-10-28 12:34:57 +03:00
Johannes Berg
01afbeaf9d tests: ap_hs20: Add more wait_sta()
We should always wait_sta() so that we know we can even deauth next,
otherwise the key might not be installed yet by the time we try to
connect to the next AP.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2023-10-28 12:34:57 +03:00
Johannes Berg
0f896ded9d tests: ap_hs20_connect_no_full_match: Add appropriate waits
We need to appropriately wait for the STA to connect/disconnect before
continuing with the test, add that.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2023-10-28 12:12:01 +03:00
Johannes Berg
83c5db6c0a tests: autogo_legacy: Wait for 4-way handshake
We need to wait for the 4-way handshake to be completed on the GO side,
so the GO will actually have marked the station as authorized and will
forward packets.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2023-10-28 12:11:06 +03:00
Johannes Berg
7e558095c7 tests: RRM: Wait for AP STA before requests to AP
Before requesting anything about the specific STA from the AP wait for
it to show up, so that things don't fail if the hostapd process didn't
yet get time to process things.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2023-10-28 12:10:18 +03:00
Johannes Berg
4f4923bb08 tests: PASN: Try get_ptksa() from AP a few times
We wait for the PASN auth to complete on the wpas side, but there's no
indication of this on the AP side. So if scheduling ordering is bad, we
can ask the AP for the PTKSA cache before it even received the frame
from the kernel and created the PTKSA entry.

To fix this, try this a few times, to see if it becomes available.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2023-10-28 12:09:26 +03:00
Johannes Berg
376bead963 tests: persistent_go_client_list: Ignore client order
Clients could connect in a different order depending on
timing differences, don't check for the order here.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2023-10-28 12:08:20 +03:00
Johannes Berg
434d557bc3 tests: FT/RRM: Wait for STA before check_beacon_req()
check_beacon_req() will request from hostapd to request a beacon
report from the STA, but that only works if it already knows about
the STA. Due to scheduling issues, it may not know even if wpa_s
reports it has successfully connected, so also wait for the STA to
show up in hostapd before check_beacon_req().

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2023-10-28 12:06:59 +03:00
Johannes Berg
257ba3afae tests: Wait for radio work to start after DPP_LISTEN command
Since DPP listen is a radio work, it doesn't start immediately and
then we can end up missing whatever happens next in the test. Wait
for the radio work to start before continuing the test.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2023-10-28 12:06:29 +03:00
Stefan Schake
1d7ce8e2d7 tests: Multi-AP backhaul to backhaul+fronthaul BSS
Signed-off-by: Stefan Schake <stefan.schake@devolo.de>
2023-10-28 11:51:19 +03:00
Stefan Schake
cc5a008004 Ensure WDS is available on combined backhaul and fronthaul APs
It is valid to configure an AP to be both backhaul and
fronthaul (multi_ap=3), so we should not test for a missing
fronthaul flag but instead test directly for backhaul capability.

Signed-off-by: Stefan Schake <stefan.schake@devolo.de>
2023-10-28 11:50:33 +03:00
Koen Vandeputte
1aeeebaa68 defconfig: Remove remaining reference to IEEE80211W symbol
This symbol was removed in an earlier commit. Remove this leftover which
was forgotten then.

Fixes: 7d2ed8bae ("Remove CONFIG_IEEE80211W build parameter")
Signed-off-by: Koen Vandeputte <koen.vandeputte@citymesh.com>
2023-10-28 11:39:54 +03:00
Jouni Malinen
aaeeb631e0 tests: More thorough testing of PMF and need for association comeback
Signed-off-by: Jouni Malinen <j@w1.fi>
2023-10-28 11:34:35 +03:00
Jouni Malinen
8477fa7eb8 Check the need for SA Query earlier in association processing
The way these checks were done for WPS enabled APs were unnecessarily
complex and missed one of the cases. Simplify this by doing the check
only once and do that earlier in the process to minimize changes to STA
state.

Fixes: a7f55f7f68 ("WPS: Enable SA Query checks for WPS AP")
Signed-off-by: Jouni Malinen <j@w1.fi>
2023-10-28 11:31:42 +03:00
Jouni Malinen
3d8215affe tests: wpa_supplicant AP with all possible 20 MHz PRI for 80 MHz channel
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-10-27 13:49:48 +03:00
Xinyue Ling
a6440b57cf Update correct VHT/HE/EHT mode in channel switch event
Currently if ch_switch_vht_config is present, only ieee80211ac config
will be updated in hostapd_config and ieee80211ax/ieee80211be config may
be wrong. Fix this by adding handlings for ch_switch_he_config and
ch_switch_eht_config as well.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-10-26 16:01:12 +03:00
Vinay Gannevaram
c860647160 Add NULL check for pmksa cache free_cb() callback
free_cb can be NULL during the pmksa_cache_auth_init() from the modules
using libpasn.so. So check it explicitly before dereferencing.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-10-26 15:46:17 +03:00
Jouni Malinen
97b6cc6e58 tests: VHT80 and channel 161
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-10-26 13:52:54 +03:00
Jouni Malinen
7df76a4dd5 tests: EHT+MLO AP with SAE and transition mode
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-10-25 14:06:23 +03:00
Jouni Malinen
6affbf1fb0 tests: Remove exception for SAE MLD testing
hostapd now has support for SAE in MLD cases, so there is no need to
maintain this exception that allowed the test case to pass even if the
connection failed.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-10-25 13:53:35 +03:00
Veerendranath Jakkam
2f911fb155 SAE: Remove current PMKSA from driver after reauth threshold is passed
wpa_supplicant postpones expired PMKSA deletion untillassociation is
lost for SAE to avoid forced disconnection. But during this time the
driver may use the expired PMKSA for reassociation with the current
connected AP.

Remove the current PMKSA for SAE from the driver after reauth threshold
is passed when the driver takes care of BSS selection.

Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
2023-10-12 18:31:08 +03:00
Sai Pratyusha Magam
2d4be0019d Double the first group rekey timeout if over 100 associated stations
Increase the first group rekey timeout from 500 ms to 1000 ms when the
number of associated stations is greater than 100. This is to avoid
client disconnections due to group handshake timeout in multiclient
scenarios where it might take more than 500 ms to be able deliver Group
Key msg 1/2 to all associated STAs.

Signed-off-by: Sai Pratyusha Magam <quic_smagam@quicinc.com>
2023-10-05 17:32:17 +03:00
Purushottam Kushwaha
a89cf6ba47 Reserve QCA vendor sub command id 234
This is reserved for QCA use.

Signed-off-by: Purushottam Kushwaha <quic_pkushwah@quicinc.com>
2023-10-05 11:58:25 +03:00
Aloka Dixit
1dfcafff36 FILS: EHT additions
Add support for EHT phy index and maximum NSS as per IEEE P802.11be/D4.0,
9.6.7.36 and 9.4.2.313.4.

Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
2023-09-29 18:33:24 +03:00
Aloka Dixit
26f29ef46d FILS: Fix NSS calculation for HE mode
Maximum NSS calculation for HE mode checks if both Tx and Rx support
a given NSS. Modify it to instead check if either of these two support
the given NSS.

Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
2023-09-29 18:03:39 +03:00
Aloka Dixit
fcbb643ff3 FILS: Rename local variable to indicate HE mode
Rename the local variable mcs_nss_size to he_mcs_nss_size in
hostapd_fils_discovery_cap() and hostapd_gen_fils_discovery_nss()
to limit its usage to HE mode.

Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
2023-09-29 17:59:13 +03:00
Aloka Dixit
dcf66d2f42 FILS: Move maximum NSS determination to a new function
Create a separate function to set the maximum number of spatial streams
in FILS discovery frames.

Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
2023-09-29 17:56:43 +03:00
Aloka Dixit
24e0938b37 FILS: Move phy index determination to new function
Move the phy index determination for FILS discovery frames to a new
function without changing the functionality. HE support is mandatory for
operating in the 6 GHz band hence the phy index will always be set to
FD_CAP_PHY_INDEX_HE for this band.

Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
2023-09-29 17:51:21 +03:00
Jouni Malinen
015af1beea DPP: Use CONFIG_SAE consistently to avoid a compiler warning
The sae_password_entry is used in this function only if CONFIG_SAE is
defined, so declare this variable only under the same condition.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-09-29 17:12:13 +03:00
Aloka Dixit
55ea12bb77 AP MLD: Add missing CONFIG_SAE checks
Fix the compilation errors caused by missing checks for CONFIG_SAE.

Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
2023-09-29 17:11:32 +03:00
Yuvarani V
ef8d48c4cf Update Wide Bandwidth Channel Switch element
Update Wide Bandwidth Channel Switch element as per IEEE
P802.11-REVme/D4.0, 9.4.2.159 (Wide Bandwidth Channel Switch element)
and Table 9-314 (VHT Operation Information subfields).

Update New Channel Width, New Channel Center Frequency Segment 0, and
New Channel Center Frequency Segment 1 fields as per IEEE
P802.11-REVme/D4.0 for 160 MHz and 80+80 MHz bandwidth. This replaces
the use of now deprecated Channel Width 2 and 3 values with a more
backwards compatible design.

Signed-off-by: Yuvarani V <quic_yuvarani@quicinc.com>
2023-09-29 12:27:26 +03:00
Veerendranath Jakkam
c4c5c991da SAE: Do not reject reauth threshold passed PMKSA in association event
Do not reject reauth threshold passed PMKSA indicated in successful
association event since the PMKSA is still valid.

Additionally, remove the reauth threshold passed PMKSA entry from the
driver to prevent using it further in the driver.

Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
2023-09-28 18:57:50 +03:00
Vinay Gannevaram
7a9587ceef PASN: Copy PMK to PASN context on responder
Wi-Fi Aware pairing responder needs to forward the derive PMK to the
framework on successful pairing setup. The framework will set
corresponding PMK while a pairing verification is initiated by the
paired peer. Since the PMK is not updated for responder's PASN context,
framework does not have a valid PMK and verification fails. Hence copy
the derived PMK to PASN context.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-09-28 18:43:56 +03:00
Aditya Kumar Singh
e59d2a31cf hostapd: Fix premature beacon set during association handling
Currently, during association handling, if any of the iface parameters
changes due to some reason, it calls ieee802_11_set_beacons() function.
This function sets beacon for the all the BSSes in that iface even if
the beacon was not set already. This leads to setting the beacon
prematurely for some BSSes which was intentionally not started.

Fix the above issue by calling ieee802_11_update_beacons() function
instead. This function only updates the beacon if it was already set.

While at it, do the same while freeing STA entry.

Signed-off-by: Aditya Kumar Singh <quic_adisi@quicinc.com>
2023-09-26 11:41:53 +03:00
Shuibing Dai
ae928e67a1 Add channel 144 (5720 MHz) into operating class conversion tables
Based on IEEE Std 802.11-2020 Table E-3 (Operating classes in Japan) and
Table E-4 (Global operating classes), we update channel 144 for those
corresponding operating classes.

The changes applicable to the global operating classes fixes an issue of
P2P GO not starting on channel 144 (frequency 5720 MHz) in cases where
the driver supports DFS operations.

Signed-off-by: Shuibing Dai <shuibing@google.com>
2023-09-26 11:41:09 +03:00