Commit graph

9014 commits

Author SHA1 Message Date
Jouni Malinen
07a7bcd7ea WMM: Advertise support for 16 PTKSA replay counters for non-AP STA
In theory, each device that supports WMM (or the IEEE 802.11 QoS for
that matter) is expected to advertise how many replay counters it
supports and the peer device is supposed to use that information to
restrict the total number of different MSDU priorities (AC/UP) that
might be used. In practice, this is not really done in deployed devices
and instead, it is just assumed that everyone supports the eight
different replay counters so that there is no need to restrict which
MSDU priorities can be used.

hostapd implementation of WMM has advertised support for 16 PTKSA replay
counters from the beginning while wpa_supplicant has not had any code
for setting the supported replay counter fields in RSNE, i.e., has left
the value to 0 which implies that only a single replay counter is
supported. While this does not really result in any real issues with
deployed devices, this is not really correct behavior based on the
current IEEE 802.11 standard and the WMM specification.

Update wpa_supplicant to use similar design to the hostapd RSNE
generation by setting the number of supported PTKSA replay counters to
16 whenever WMM is enabled. For now, this is done based on the
association being for HT/VHT/HE/EHT and also based on the AP supporting
WMM since it is much more likely for the local device to support WMM and
eight replay counters (which can be indicated only with the value that
implies support for 16 counters since there is no separate value for 8).

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-04-18 11:40:10 +03:00
Aloka Dixit
ac54b61273 nl80211: Support for RNR elements
Add new nested netlink attribute, NL80211_ATTR_EMA_RNR_ELEMS, to send
the reduced neighbor report (RNR) elements to the driver when EMA is
enabled. This attribute includes the count of RNR elements and data at
each index. While generating EMA beacons, the driver will include RNR
group at a given index along with MBSSID group. The last element, if
present, has RNR data common for all EMA beacons such as neighbor APs.

Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
2023-04-18 11:39:32 +03:00
Aloka Dixit
5d06acefdd RNR: Add elements by default for EMA AP
As per IEEE Std 802.11ax-2021, 11.1.3.8.3 Discovery of
a nontransmitted BSSID profile, an EMA AP that transmits a Beacon
frame carrying a partial list of nontransmitted BSSID profiles
should include in the frame a Reduced Neighbor Report element
carrying information for at least the nontransmitted BSSIDs that
are not present in the Multiple BSSID element carried in that frame.

Add this support by splitting the reduced neighbor report (RNR) in as
many elements as the number of multiple BSSID elements. Each RNR element
excludes the non-transmitting profiles already included in the MBSSID
element at the same index. If present, the last additional group will
have the data common for all EMA beacons such as neighbor AP information
gathered through neighbor reports.

The hwsim test case he_ap_ema demonstrates this support.

Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
2023-04-18 11:35:06 +03:00
Aloka Dixit
8f1d384197 RNR: Skip interfaces on the same radio for MBSSID
Do not include interfaces on the same radio in reduced neighbor
report elements (RNR) as multiple BSSID elements from the same
management frame already include these if MBSSID feature is enabled.

Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
2023-04-18 11:14:07 +03:00
Jouni Malinen
921f82cf18 Sync with wireless-next.git include/uapi/linux/nl80211.h
This brings in nl80211 definitions as of 2023-03-30.

Signed-off-by: Jouni Malinen <j@w1.fi>
2023-04-06 13:03:23 +03:00
Veerendranath Jakkam
302d761a85 Add QCA vendor feature flag for allowed frequency list
Add a vendor feature flag for the driver to indicate support for allowed
frequency configuration in AP mode.

Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
2023-04-03 23:09:07 +03:00
Ainy Kumari
44c38af04f Add QCA vendor interface to get connected channels utilization
Add a new vendor command to trigger computation of connected channel
statistics such as channel utilization in STA mode.

Signed-off-by: Ainy Kumari <quic_ainykuma@quicinc.com>
Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
2023-04-03 23:04:13 +03:00
Veerendranath Jakkam
bb4560252d Add QCA vendor attribute to configure list of allowed frequencies for AP
Define a new attribute QCA_WLAN_VENDOR_ATTR_CONFIG_AP_ALLOWED_FREQ_LIST
to configure the full list of allowed frequencies for the AP operation.
The configuration is valid only from the next BSS start until the BSS is
stopped. The drivers shall filter out channels on top of this list of
channels based on regulatory or other constraints. This can be used to
specify user's choice of frequencies, allowed list of channels with
static puncturing feature, etc.

Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
2023-04-03 23:00:00 +03:00
Jouni Malinen
0059fa5bae 6 GHz: Fix secondary channel setting
center_idx_to_bw_6ghz() does not return the bandwidth in MHz and as
such, the check here against 20 (MHz) is never true. The returned value
is greater than 0 for the over 20 MHz cases.

Fixes: 15742566fd ("6 GHz: Fix operating class in Supported Operating Classes element")
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-03-29 18:25:37 +03:00
Jouni Malinen
d17fca576c OpenSSL: Add TLS 1.3 signature algorithms for Suite B
These are needed to allow the Suite B 192-bit negotiation to succeed
when using TLS 1.3 (which is still disabled by default).

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-03-22 23:58:47 +02:00
Ainy Kumari
cf8f13ac85 Add support to send 320 MHz bandwidth through vendor subcmd
Extend QCA_WLAN_VENDOR_ATTR_CONFIG_CHANNEL_WIDTH to configure 320 MHz
bandwidth to the driver/firmware.

Signed-off-by: Ainy Kumari <quic_ainykuma@quicinc.com>
2023-03-22 16:31:36 +02:00
Aloka Dixit
a0403c0239 EHT: Validate the puncturing bitmap for ACS
Validate the generated puncturing bitmap against non-OFDMA patterns.

Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
2023-03-17 19:49:57 +02:00
Aloka Dixit
af0f60e7dd EHT: Calculate puncturing bitmap for ACS
Generate puncturing bitmap after the ideal channel selection using
the threshold.

Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
2023-03-17 19:49:57 +02:00
Aloka Dixit
f3206fbe94 EHT: Configuration option for ACS puncturing threshold
Add a new option 'punct_acs_threshold' where the value indicates
the percentage of ideal channel average interference factor above
which a channel should be punctured. Default is set to 0 which disables
the puncturing for ACS.

Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
2023-03-17 19:49:57 +02:00
Aloka Dixit
e3621867c5 EHT: Process puncturing bitmap from channel switch event
Retrieve the puncturing bitmap sent by the driver in channel switch
events and add a new member punct_bitmap in struct ch_switch to store
it.

Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
2023-03-17 19:49:57 +02:00
Aloka Dixit
e277e577c8 nl80211: Send EHT puncturing bitmap to the driver for switch command
Propagate puncturing bitmap from the channel switch command to the driver.

Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
2023-03-17 19:49:57 +02:00
Aloka Dixit
29a882bed3 EHT: Configure puncturing bitmap during channel switch
Parse, validate, and configure puncturing bitmap if provided in the
channel switch command.

Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
2023-03-17 19:49:54 +02:00
Aloka Dixit
4942b19fff EHT: Send puncturing bitmap to the driver for AP bring up
Send the user configured puncturing bitmap to the driver.

Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
Signed-off-by: Muna Sinada <quic_msinada@quicinc.com>
2023-03-17 19:46:24 +02:00
Muna Sinada
f9fc2eabbd EHT: Add puncturing bitmap to EHT Operation element
Add preamble puncturing bitmap to the EHT Operation element as per IEEE
P802.11be/D3.0, Figure 9-1002c (EHT Operation Information field format).
Bits set to 1 indicate that the subchannel is punctured, otherwise
active.

Signed-off-by: Muna Sinada <quic_msinada@quicinc.com>
Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
Signed-off-by: Balamurugan Mahalingam <quic_bmahalin@quicinc.com>
2023-03-17 19:46:24 +02:00
Aloka Dixit
46a5d989d4 EHT: Downgrade bandwidths for VHT and HE when using puncturing
Legacy modes (VHT, HE) should advertise downgraded bandwidth if
RU puncturing is enabled in EHT mode. This is required for the legacy
stations which cannot parse the EHT Operation elements hence do not
support EHT RU puncturing.

Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
Signed-off-by: Ramanathan Choodamani <quic_rchoodam@quicinc.com>
2023-03-17 19:46:24 +02:00
Aloka Dixit
7618269ec6 EHT: Validate puncturing bitmap
Validate preamble puncturing bitmap.

Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
2023-03-17 18:54:50 +02:00
Muna Sinada
9102fda31f EHT: Add configuration option for puncturing in AP mode
Add a new option to configure the disabled subchannel bitmap as per
IEEE P802.11be/D3.0, Figure 9-1002c (EHT Operation Information
field format).

Signed-off-by: Muna Sinada <quic_msinada@quicinc.com>
Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
2023-03-17 11:06:20 +02:00
Aloka Dixit
9e79439fcb nl80211: Retrieve driver support for EHT puncturing
Retrieve the driver support for preamble puncturing.

Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
Signed-off-by: Muna Sinada <quic_msinada@quicinc.com>
2023-03-15 22:07:29 +02:00
Jouni Malinen
507be376cd Sync with wireless-next.git include/uapi/linux/nl80211.h
This brings in nl80211 definitions as of 2023-03-07.

Signed-off-by: Jouni Malinen <j@w1.fi>
2023-03-15 11:46:03 +02:00
Aloka Dixit
591256a8c6 FILS: 320 MHz support in FD frame
Indicate 320 MHz channel width in FILS discovery frame if applicable.

Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
2023-03-14 11:27:43 +02:00
Aloka Dixit
903e3a1e62 FILS: Fix maximum NSS calculation for FD frame
Maximum NSS calculation assumed the host to be little endian while
retrieving MCS values from HE capabilities which is incorrect. Use
WPA_GET_LE16() instead.

Add a check for HE as the current NSS calculation assumes HE support.

Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
2023-03-14 11:27:00 +02:00
Aloka Dixit
ecae45ff66 FILS: Make HE a requirement for FILS discovery
FILS discovery frame generation currently assumes HE support for
calculating the number of spatial streams. Add a check to reject
the configuration if the feature is enabled without enabling HE.

Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
2023-03-14 11:15:06 +02:00
Pooventhiran G
4e86692ff1 AP: Fix 6 GHz AP setup after disable-enable
Once ACS picks a channel, iface->freq and iface->conf->channel are
updated. So, AP comes up in the last operating channel when 'ENABLED'
after 'DISABLED' though ACS is configured.

But this will fail for 6 GHz APs since configured_fixed_chan_to_freq()
checks if iface->conf->channel is filled or not irrespective of ACS
configuration, and the checks inside configured_fixed_chan_to_freq()
fail the AP setup. Fix this by clearing iface->freq and
iface->conf->channel in AP setup for ACS configuration.

Fixes: bb781c763f ("AP: Populate iface->freq before starting AP")
Signed-off-by: Pooventhiran G <quic_pooventh@quicinc.com>
2023-03-09 21:00:43 +02:00
Chenming Huang
a34b8477a7 ml80211: Put wiphy idx to obtain correct country code
If wiphy idx not provided, kernel returns global reg domain when
processing NL80211_CMD_GET_REG. To obtain the correct country code for
the self-managed regulatory cases, put wiphy idx into nl_msg when
sending this command to kernel.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-03-09 20:59:20 +02:00
Jeff Johnson
1491fc64a8 Define QCA vendor per-enum 64-bit pad attributes
When writing 64-bit attributes into the netlink buffer, senders may
add a padding attribute to allow the payload of the 64-bit attribute
to be 64-bit aligned. For QCA vendor attributes, currently the
attribute QCA_WLAN_VENDOR_ATTR_PAD in enum qca_wlan_vendor_attr is
defined for this purpose.

Unfortunately, when adding attributes to the netlink buffer, all
attributes at a given level of nesting must be defined in the same
enum so that they can be unambiguously parsed. This means that
QCA_WLAN_VENDOR_ATTR_PAD can only be used to pad 64-bit attributes
defined in enum qca_wlan_vendor_attr.

There are many other QCA vendor enums which define 64-bit attributes,
so add a pad attribute to all of them so that the 64-bit attributes
can be unambiguously padded.

Signed-off-by: Jeff Johnson <quic_jjohnson@quicinc.com>
2023-03-09 20:56:20 +02:00
Jingxiang Ge
55e31699e9 qca-vendor: Add QCA_WLAN_VENDOR_ATTR_LL_STATS_IFACE_NF_CAL_VAL
Add QCA_WLAN_VENDOR_ATTR_LL_STATS_IFACE_NF_CAL_VAL attribute
for noise floor calibration value.

Signed-off-by: Jingxiang Ge <quic_jge@quicinc.com>
2023-03-09 20:43:36 +02:00
Shivani Baranwal
b1f85957c4 Add QCA vendor commands to set and get MLO links state information
Add a new vendor command and attributes to control and fetch the state
information of the MLO links affiliated with a specific interface.

This will enable user space to dynamically control the MLO links states
based on the latency, throughput and power save requirements.

Signed-off-by: Shivani Baranwal <quic_shivbara@quicinc.com>
2023-03-09 20:43:14 +02:00
Ilan Peer
c4cb62ca8e WPA_AUTH: MLO: Add functions to get the AA and SPA
As a preparation to use AP MLD address and non-AP MLD address
in the RSN Authenticator state machine, add utility functions to
get the current AA and SPA.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2023-03-07 23:54:50 +02:00
Ilan Peer
cab963e9f8 AP: Split check_assoc_ies()
As a preparation for processing an association request with
ML element, split the function such that the elements checking
would be separate from parsing.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2023-03-07 23:46:18 +02:00
Ilan Peer
7a7a2256c0 common: Support parsing link specific association request
An association request in the context of an MLO connection can
contain an ML element that holds the per station profile for
the additional links negotiated. To support this, add a function
to parse the per station profile.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2023-03-07 22:03:40 +02:00
Ilan Peer
b39e356931 common: Add support for clearing elements
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2023-03-07 21:48:22 +02:00
Ilan Peer
0b2fc42686 common: Split ieee8021_parse_elems()
As a preparation to parse management frames that include ML elements
with per station profiles, split the function to a helper function that
would not memset() the elements structure.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2023-03-07 21:46:09 +02:00
Andrei Otcheretianski
df6561ec06 nl80211: AP MLD support for adding multi link stations
Multi link stations are represented in the kernel using a single
station with multiple links and the first ADD_STA command also
creates the first link. Subsequent links should be added with
LINK_ADD commands.

Implement this logic and provide the required MLD information per
station/link.

Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2023-03-07 21:43:41 +02:00
Andrei Otcheretianski
b8b4ceb8d6 nl80211: Properly stop and deinit MLO AP
Delete all the links and stop beaconing on all the links on AP
deinit/stop.

Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2023-03-07 21:35:06 +02:00
Andrei Otcheretianski
2f8fc46ede nl80211: Provide link_id in EAPOL_RX and RX_MGMT events
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2023-03-07 21:28:49 +02:00
Ilan Peer
821374d43a nl80211: Introduce and implement a callback to add an MLO link for AP MLD
Add a driver callback to add a link to an AP interface.
As the kernel removes all links on underline interface removal, there
is currently no need to support individual link removal.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2023-03-07 21:15:00 +02:00
Ilan Peer
47269be36e nl80211: Refactor i802_bss to support multiple links
Refactor struct i802_bss to support multiple links as a
preparation to support MLD AP.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2023-03-07 21:06:25 +02:00
Anthony Refuerzo
eb146ee804 AP: Add some bridge port attribute settings
"multicast_to_unicast" and "hairpin_mode" are usually set outside of
hostapd. However, DFS channel change events pull the BSS out of the
bridge causing these attributes to be lost. Make these settings tunable
within hostapd so they are retained after the BSS is brought up again.

Signed-off-by: Anthony Refuerzo <anthony96922@gmail.com>
2023-03-01 10:50:07 +02:00
Jouni Malinen
f628e6b30e nl80211: Make sure scan frequency debug buffer is NUL terminated
In theory, os_snprintf() could have filled the buffer to the end and
while the pos variable would not have been incremented beyond that,
there would not necessarily be a NUL termination at the end. Force the
array to end in NUL just in case.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-03-01 10:38:02 +02:00
Avraham Stern
41d23254b9 nl80211: Fix frequencies array boundary check for scanned frequencies
The number of frequencies is increased before the boundary check,
thus it should be allowed to be equal to the number of elements in
the array. Update the limit to allow the full array to be used.

In addition, add the missing byte for the NULL terminator for the debug
print to be able to fit all values (assuming they are <= 9999 MHz).

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
2023-03-01 10:36:04 +02:00
Jouni Malinen
bfd236df21 webkit2: Avoid deprecated function call
webkit_web_context_set_tls_errors_policy() has been deprecated. Use its
replacement webkit_website_data_manager_set_tls_errors_policy() when
building against sufficiently recent version of webkit2.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-02-23 16:30:04 +02:00
Shivani Baranwal
2c32026827 P2P: Filter out 6 GHz frequencies if not allowed for P2P connection
Add check to filter out 6 GHz frequencies from the local driver
frequency preference list when 6 GHz is not allowed for the P2P
connection. Earlier, 6 GHz frequency channels were included in the
preferred list if the p2p_6ghz_disable parameter was not set
irrespective of the allow_6ghz parameter.

Signed-off-by: Shivani Baranwal <quic_shivbara@quicinc.com>
2023-02-23 13:20:50 +02:00
Avraham Stern
6b9c86466c nl80211: Replace the channel flags for VHT support
The flags that indicate that a channel is allowed for 80/160 MHz use
are divided according to the position of the control channel (e.g.,
HOSTAPD_CHAN_VHT_10_70, HOSTAPD_CHAN_VHT_30_50, etc.).

However, the position of the control channel does not add any extra
regulatory information because when trying to use a 80/160 MHz channel
all the desired bandwidth has to be allowed for 80/160 MHz use,
regardless of the control channel position.

In addition, these flags are set only if the driver reports one
regulatory rule that allows the entire 80/160 MHz bandwidth.
However, even when a 80/160 MHz channel is allowed, in some cases the
bandwidth will be split into several regulatory rules because
different segments of the bandwidth differ in other flags (that don't
affect the use of the bandwidth for VHT channels). So, in such cases
these flags will not be set, although VHT channels are allowed.

As the result, VHT channels will not be used although they are allowed
by the regulatory domain.

Fix this by introducing new flags that indicate if a 2 0MHz channel is
allowed to be used as a part of a wider (80/160 MHz) channel.
The new flags are set for each 20 MHz channel independently and thus
will be set even if the regulatory rules for the bandwidth are split.

A 80/160 MHz channel is allowed if all its 20 MHz sub-channels are
allowed for 80/160 MHz usage.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2023-02-22 21:44:09 +02:00
Jouni Malinen
6f63aca7b1 DPP: Allow both STA and AP configObject to be set
Extend @CONF-OBJ-SEP@ behavior to allow the second entry to be used for
different netRole. In other words, allow both the AP and STA netRole
(though, only a single one per netRole) configuration to be set.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-02-22 17:07:07 +02:00
Jouni Malinen
7292e30b7f DPP: Fix @CONF-OBJ-SEP@ parsing for multiple configs
The first call to dpp_configuration_parse_helper() was supposed to use
the separately prepared tmp string with only the first configuration
entry, but it ended up using the full string that included both
configuration entries. This could result in the first configObject
getting a mix of parameters from both entries.

Fix the parsing to use only the text before the @CONF-OBJ-SEP@ separator
for the first entry.

Fixes: 7eb06a3369 ("DPP2: Allow multiple Config Objects to be build on Configurator")
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-02-22 17:01:58 +02:00