With changes to optimize scan for specific BSSID, there arises a
scenario where in nl80211_trigger_scan() is called with a scan
randomization enabled. A combination of NL80211_ATTR_MAC for BSSID and
scan randomization, which uses NL80211_ATTR_MAC for a different purpose,
results in invalid error for the scan request. To fix the issue use
attribute NL80211_ATTR_BSSID instead of NL80211_ATTR_MAC.
NL80211_ATTR_BSSID was introduced in kernel commit 2fa436b3a2a7
("nl80211: Use different attrs for BSSID and random MAC addr in scan
req") in 2016. Prior to that, only NL80211_ATTR_MAC could be used for
specifying the target BSSID. For backwards compatibility, add the
NL80211_ATTR_MAC attribute as well when not using a random MAC address.
Signed-off-by: Vinayak Yadawad <vinayak.yadawad@broadcom.com>
The underlying driver can reject only specific links in an association
request. In that case we will only ignore the corresponding BSS. Add a
test for this flow by simulating an association failure on the second
link specifically.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Test ML association, automatic link discovery using ML probe requests
and marking BSSs as failed after an ML association failure, if the
corresponding link also rejected the association.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Also check that we can discover BSSs requests using ML probe requests.
Note that this requires a new enough mac80211 which parses the ML probe
request and reports the contained BSSs.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
All the station flags other than WPA_STA_SHORT_PREAMBLE are relevant
only for the MLD station and not to the link stations (as these flags
are related to the MLD state and not the link state).
As for the WPA_STA_SHORT_PREAMBLE, since the station is an EHT
station, it must have short preamble.
Thus, do not propagate the flags change for link stations to the driver.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
On the default configuration if MBO only is enabled then build breaks as GAS
is not selected, if other features that auto-enable GAS are selected
then it works.
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
Add additional check for 6 GHz operating class. Otherwise this results
in setting incorrect segment 0 index for 5 GHz 40 MHz channel 157-161,
which has the same center segment 0 index 159 as 6 GHz 320 MHz expected
channel.
Fixes: 085a3fc76e ("EHT: Add 320 channel width support")
Signed-off-by: Mikelis Vuls <mvuls@maxlinear.com>
Add a new QCA subcommand QCA_NL80211_VENDOR_SUBCMD_REGULATORY_TPC_INFO
and related attributes qca_wlan_vendor_attr_tpc_links,
qca_wlan_vendor_attr_tpc definition to query transmit power information
on STA interface from the driver for a connected AP.
The information includes regulatory max transmit power limit, AP local
power constraint advertised from AP's Beacon and Probe Response frames.
For PSD power mode, the information includes PSD power levels for each
subchannel of operating bandwidth. The information is driver calculated
power limits based on current regulatory domain, AP local power
constraint and other IEs. The information will be set to target. Target
will decide final TX power based on this and chip specific power
conformance test limits (CTL), and SAR limits.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
For AP MLD case, HT-scan and ACS happens per link. To determine the
correct link, link id is required.
Signed-off-by: Chenming Huang <quic_chenhuan@quicinc.com>
For a memory constrained system, it may be more important to reduce
binary size than include support for these capabilities.
By default this is enabled.
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
For a memory constrained system, it may be more important to reduce
binary size than include support for these capabilities.
By default this is enabled.
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
Removing radio measurements and supported operating class indication
might be needed to reduce binary size for a memory constrained system
that does not need more advanced features. However, removing these is
not recommended since they can help the AP manage the network and STA
steering.
By default this functionality is enabled.
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
Beacon hinting is a feature that can temporarily change the regulatory
rule flags on the channel where the radio hears the beacon. Add a new
event CTRL-EVENT-REGDOM-BEACON-HINT to notify the wpa_supplicant user
about an important update to the regulatory rules including which
frequencies are impacted, new power limit, and new rule flags.
Signed-off-by: Jun Yu <junyuu@chromium.org>
Do not allow offchannel operation for action frame transmission if
no frequency is specified, as this doesn't make sense.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
The wpa_auth_callbacks for mesh was missing a for_each_sta
implementation. This is an issue with pmksa cache, as when a cache entry
expires the for_each_sta callback is called in order to clear the pmksa
reference for all sta that was using this entry. Not having a
for_each_sta callback will prevent this cleanup to happen then a sta
could still use this pmksa entry even after it has been freed.
This used after free was not a problem up until recently where
dpp_pkhash is now stored in pmksa entry and retreived later on causing
crash with below backtrace:
_wpa_snprintf_hex src/utils/common.c:326
wpa_snprintf_hex src/utils/common.c:348
hostapd_ctrl_iface_sta_mib src/ap/ctrl_iface_ap.c:542
hostapd_ctrl_iface_sta_mib src/ap/ctrl_iface_ap.c:542
hostapd_ctrl_iface_sta_mib src/ap/ctrl_iface_ap.c:600
hostapd_ctrl_iface_sta src/ap/ctrl_iface_ap.c:615
wpa_supplicant_ctrl_iface_process src/wpa_supplicant/ctrl_iface.c:12741
wpa_supplicant_global_ctrl_iface_receive src/wpa_supplicant/ctrl_iface_unix.c:1141
eloop_sock_table_dispatch src/utils/eloop.c:625
eloop_run src/utils/eloop.c:1238
wpa_supplicant_run src/wpa_supplicant/wpa_supplicant.c:8021
main src/wpa_supplicant/main.c:393
Adding a for_each_sta callbacks fixes that.
Fixes: 043dedee83 ("DPP: Expose enrollee pubkey hash for identification")
Signed-off-by: Remi Pommarel <repk@triplefau.lt>
The length of the PMK ended up getting lost when a PMKSA cache entry was
added based on externally managed information. Set the PMK length in SAE
context to get the correct length stored into the actual PMKSA cache
entry that gets created in this path.
Signed-off-by: Jouni Malinen <j@w1.fi>
According to this message https://marc.info/?l=binutils&m=165363679302282
the type bfd_hostptr_t is dropped in favor of uintptr_t.
Replace the use of this type in the code.
Signed-off-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Going through everything to test parsing of the basic ML element and the
RNR element is not really feasible for MBSSID mode. As such, add a unit
test to excercise parsing the available links from the RNR, basic ML
element and MBSSID-Index element if present.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
nl80211_set_secure_ranging_ctx() was already ignoring the operation, but
this is included only with CONFIG_DRIVER_NL80211_QCA=y. Make the default
case use same behavior based on the callback function not being defined.
This is needed to allow the following test cases to work:
pasn_owe_tm_kdk_secure_ltf pasn_sae_kdk_secure_ltf
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
USe the link ID information to determine the specific affiliated link
when processing channel switch events on an AP MLD.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
There is an issue when starting a non-MLD AP on the same interface that
previous operated as an AP MLD. When the previous AP MLD got stopped,
links were not removed when using hostapd. Next non-MLD AP will fail to
start because some nl80211 operations still require link id (e.g., set
freq).
Remove links when AP MLD is stop to avoid such issue. This was already
done in the deinit_ap() handler when using wpa_supplicant, but hostapd
needs to do same.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Do include group MLO KDEs for links for which the information is
missing.
In addition, set the KDE buffer length based on the added data.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
The tag is inserted as the first item in the stack trace, making it
trivial to match against it from the test.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Having the ability to trigger multiple failures in one test can be
useful. Add support to the test infrastructure to do this.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Refactor the backtrace matching a bit in order to allow triggering
multiple failures in one test.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Get rid of more or less duplicated implementation of backtrace matching
for the two testing failure cases.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Move the hostapd and wpa_supplicant control interface handlers into a
shared functions instead of duplicated implementation.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
These were either sending the command to the wrong
hostapd/wpa_supplicant instance or using the wrong command. This
currently causes the wait to just immediately stop, but with future
commits it would start failing.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Future commits change the related code and exception string. Avoiding
using the context is easy here and actually avoids two layers of
nesting.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>