In theory, each device that supports WMM (or the IEEE 802.11 QoS for
that matter) is expected to advertise how many replay counters it
supports and the peer device is supposed to use that information to
restrict the total number of different MSDU priorities (AC/UP) that
might be used. In practice, this is not really done in deployed devices
and instead, it is just assumed that everyone supports the eight
different replay counters so that there is no need to restrict which
MSDU priorities can be used.
hostapd implementation of WMM has advertised support for 16 PTKSA replay
counters from the beginning while wpa_supplicant has not had any code
for setting the supported replay counter fields in RSNE, i.e., has left
the value to 0 which implies that only a single replay counter is
supported. While this does not really result in any real issues with
deployed devices, this is not really correct behavior based on the
current IEEE 802.11 standard and the WMM specification.
Update wpa_supplicant to use similar design to the hostapd RSNE
generation by setting the number of supported PTKSA replay counters to
16 whenever WMM is enabled. For now, this is done based on the
association being for HT/VHT/HE/EHT and also based on the AP supporting
WMM since it is much more likely for the local device to support WMM and
eight replay counters (which can be indicated only with the value that
implies support for 16 counters since there is no separate value for 8).
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Add new nested netlink attribute, NL80211_ATTR_EMA_RNR_ELEMS, to send
the reduced neighbor report (RNR) elements to the driver when EMA is
enabled. This attribute includes the count of RNR elements and data at
each index. While generating EMA beacons, the driver will include RNR
group at a given index along with MBSSID group. The last element, if
present, has RNR data common for all EMA beacons such as neighbor APs.
Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
As per IEEE Std 802.11ax-2021, 11.1.3.8.3 Discovery of
a nontransmitted BSSID profile, an EMA AP that transmits a Beacon
frame carrying a partial list of nontransmitted BSSID profiles
should include in the frame a Reduced Neighbor Report element
carrying information for at least the nontransmitted BSSIDs that
are not present in the Multiple BSSID element carried in that frame.
Add this support by splitting the reduced neighbor report (RNR) in as
many elements as the number of multiple BSSID elements. Each RNR element
excludes the non-transmitting profiles already included in the MBSSID
element at the same index. If present, the last additional group will
have the data common for all EMA beacons such as neighbor AP information
gathered through neighbor reports.
The hwsim test case he_ap_ema demonstrates this support.
Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
Do not include interfaces on the same radio in reduced neighbor
report elements (RNR) as multiple BSSID elements from the same
management frame already include these if MBSSID feature is enabled.
Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
Add a vendor feature flag for the driver to indicate support for allowed
frequency configuration in AP mode.
Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
Add a new vendor command to trigger computation of connected channel
statistics such as channel utilization in STA mode.
Signed-off-by: Ainy Kumari <quic_ainykuma@quicinc.com>
Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
Define a new attribute QCA_WLAN_VENDOR_ATTR_CONFIG_AP_ALLOWED_FREQ_LIST
to configure the full list of allowed frequencies for the AP operation.
The configuration is valid only from the next BSS start until the BSS is
stopped. The drivers shall filter out channels on top of this list of
channels based on regulatory or other constraints. This can be used to
specify user's choice of frequencies, allowed list of channels with
static puncturing feature, etc.
Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
center_idx_to_bw_6ghz() does not return the bandwidth in MHz and as
such, the check here against 20 (MHz) is never true. The returned value
is greater than 0 for the over 20 MHz cases.
Fixes: 15742566fd ("6 GHz: Fix operating class in Supported Operating Classes element")
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
These are needed to allow the Suite B 192-bit negotiation to succeed
when using TLS 1.3 (which is still disabled by default).
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Extend QCA_WLAN_VENDOR_ATTR_CONFIG_CHANNEL_WIDTH to configure 320 MHz
bandwidth to the driver/firmware.
Signed-off-by: Ainy Kumari <quic_ainykuma@quicinc.com>
Add a new option 'punct_acs_threshold' where the value indicates
the percentage of ideal channel average interference factor above
which a channel should be punctured. Default is set to 0 which disables
the puncturing for ACS.
Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
Retrieve the puncturing bitmap sent by the driver in channel switch
events and add a new member punct_bitmap in struct ch_switch to store
it.
Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
Send the user configured puncturing bitmap to the driver.
Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
Signed-off-by: Muna Sinada <quic_msinada@quicinc.com>
Add preamble puncturing bitmap to the EHT Operation element as per IEEE
P802.11be/D3.0, Figure 9-1002c (EHT Operation Information field format).
Bits set to 1 indicate that the subchannel is punctured, otherwise
active.
Signed-off-by: Muna Sinada <quic_msinada@quicinc.com>
Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
Signed-off-by: Balamurugan Mahalingam <quic_bmahalin@quicinc.com>
Legacy modes (VHT, HE) should advertise downgraded bandwidth if
RU puncturing is enabled in EHT mode. This is required for the legacy
stations which cannot parse the EHT Operation elements hence do not
support EHT RU puncturing.
Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
Signed-off-by: Ramanathan Choodamani <quic_rchoodam@quicinc.com>
Add a new option to configure the disabled subchannel bitmap as per
IEEE P802.11be/D3.0, Figure 9-1002c (EHT Operation Information
field format).
Signed-off-by: Muna Sinada <quic_msinada@quicinc.com>
Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
Retrieve the driver support for preamble puncturing.
Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
Signed-off-by: Muna Sinada <quic_msinada@quicinc.com>
Maximum NSS calculation assumed the host to be little endian while
retrieving MCS values from HE capabilities which is incorrect. Use
WPA_GET_LE16() instead.
Add a check for HE as the current NSS calculation assumes HE support.
Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
FILS discovery frame generation currently assumes HE support for
calculating the number of spatial streams. Add a check to reject
the configuration if the feature is enabled without enabling HE.
Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
Once ACS picks a channel, iface->freq and iface->conf->channel are
updated. So, AP comes up in the last operating channel when 'ENABLED'
after 'DISABLED' though ACS is configured.
But this will fail for 6 GHz APs since configured_fixed_chan_to_freq()
checks if iface->conf->channel is filled or not irrespective of ACS
configuration, and the checks inside configured_fixed_chan_to_freq()
fail the AP setup. Fix this by clearing iface->freq and
iface->conf->channel in AP setup for ACS configuration.
Fixes: bb781c763f ("AP: Populate iface->freq before starting AP")
Signed-off-by: Pooventhiran G <quic_pooventh@quicinc.com>
If wiphy idx not provided, kernel returns global reg domain when
processing NL80211_CMD_GET_REG. To obtain the correct country code for
the self-managed regulatory cases, put wiphy idx into nl_msg when
sending this command to kernel.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
When writing 64-bit attributes into the netlink buffer, senders may
add a padding attribute to allow the payload of the 64-bit attribute
to be 64-bit aligned. For QCA vendor attributes, currently the
attribute QCA_WLAN_VENDOR_ATTR_PAD in enum qca_wlan_vendor_attr is
defined for this purpose.
Unfortunately, when adding attributes to the netlink buffer, all
attributes at a given level of nesting must be defined in the same
enum so that they can be unambiguously parsed. This means that
QCA_WLAN_VENDOR_ATTR_PAD can only be used to pad 64-bit attributes
defined in enum qca_wlan_vendor_attr.
There are many other QCA vendor enums which define 64-bit attributes,
so add a pad attribute to all of them so that the 64-bit attributes
can be unambiguously padded.
Signed-off-by: Jeff Johnson <quic_jjohnson@quicinc.com>
Add a new vendor command and attributes to control and fetch the state
information of the MLO links affiliated with a specific interface.
This will enable user space to dynamically control the MLO links states
based on the latency, throughput and power save requirements.
Signed-off-by: Shivani Baranwal <quic_shivbara@quicinc.com>
As a preparation to use AP MLD address and non-AP MLD address
in the RSN Authenticator state machine, add utility functions to
get the current AA and SPA.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
As a preparation for processing an association request with
ML element, split the function such that the elements checking
would be separate from parsing.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
An association request in the context of an MLO connection can
contain an ML element that holds the per station profile for
the additional links negotiated. To support this, add a function
to parse the per station profile.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
As a preparation to parse management frames that include ML elements
with per station profiles, split the function to a helper function that
would not memset() the elements structure.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Multi link stations are represented in the kernel using a single
station with multiple links and the first ADD_STA command also
creates the first link. Subsequent links should be added with
LINK_ADD commands.
Implement this logic and provide the required MLD information per
station/link.
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Add a driver callback to add a link to an AP interface.
As the kernel removes all links on underline interface removal, there
is currently no need to support individual link removal.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
"multicast_to_unicast" and "hairpin_mode" are usually set outside of
hostapd. However, DFS channel change events pull the BSS out of the
bridge causing these attributes to be lost. Make these settings tunable
within hostapd so they are retained after the BSS is brought up again.
Signed-off-by: Anthony Refuerzo <anthony96922@gmail.com>
In theory, os_snprintf() could have filled the buffer to the end and
while the pos variable would not have been incremented beyond that,
there would not necessarily be a NUL termination at the end. Force the
array to end in NUL just in case.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
The number of frequencies is increased before the boundary check,
thus it should be allowed to be equal to the number of elements in
the array. Update the limit to allow the full array to be used.
In addition, add the missing byte for the NULL terminator for the debug
print to be able to fit all values (assuming they are <= 9999 MHz).
Signed-off-by: Avraham Stern <avraham.stern@intel.com>
webkit_web_context_set_tls_errors_policy() has been deprecated. Use its
replacement webkit_website_data_manager_set_tls_errors_policy() when
building against sufficiently recent version of webkit2.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Add check to filter out 6 GHz frequencies from the local driver
frequency preference list when 6 GHz is not allowed for the P2P
connection. Earlier, 6 GHz frequency channels were included in the
preferred list if the p2p_6ghz_disable parameter was not set
irrespective of the allow_6ghz parameter.
Signed-off-by: Shivani Baranwal <quic_shivbara@quicinc.com>
The flags that indicate that a channel is allowed for 80/160 MHz use
are divided according to the position of the control channel (e.g.,
HOSTAPD_CHAN_VHT_10_70, HOSTAPD_CHAN_VHT_30_50, etc.).
However, the position of the control channel does not add any extra
regulatory information because when trying to use a 80/160 MHz channel
all the desired bandwidth has to be allowed for 80/160 MHz use,
regardless of the control channel position.
In addition, these flags are set only if the driver reports one
regulatory rule that allows the entire 80/160 MHz bandwidth.
However, even when a 80/160 MHz channel is allowed, in some cases the
bandwidth will be split into several regulatory rules because
different segments of the bandwidth differ in other flags (that don't
affect the use of the bandwidth for VHT channels). So, in such cases
these flags will not be set, although VHT channels are allowed.
As the result, VHT channels will not be used although they are allowed
by the regulatory domain.
Fix this by introducing new flags that indicate if a 2 0MHz channel is
allowed to be used as a part of a wider (80/160 MHz) channel.
The new flags are set for each 20 MHz channel independently and thus
will be set even if the regulatory rules for the bandwidth are split.
A 80/160 MHz channel is allowed if all its 20 MHz sub-channels are
allowed for 80/160 MHz usage.
Signed-off-by: Avraham Stern <avraham.stern@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Extend @CONF-OBJ-SEP@ behavior to allow the second entry to be used for
different netRole. In other words, allow both the AP and STA netRole
(though, only a single one per netRole) configuration to be set.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
The first call to dpp_configuration_parse_helper() was supposed to use
the separately prepared tmp string with only the first configuration
entry, but it ended up using the full string that included both
configuration entries. This could result in the first configObject
getting a mix of parameters from both entries.
Fix the parsing to use only the text before the @CONF-OBJ-SEP@ separator
for the first entry.
Fixes: 7eb06a3369 ("DPP2: Allow multiple Config Objects to be build on Configurator")
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>