Commit graph

8908 commits

Author SHA1 Message Date
Vinay Gannevaram
ea241cbe9d PASN: Rename struct wpas_pasn to pasn_data
struct wpas_pasn is common to both initiator and responder, so rename it
to pasn_data to avoid the "wpas_" prefix that could be seen as a
reference to wpa_supplicant (PASN initiator).

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-11-04 12:59:29 +02:00
Vinay Gannevaram
6be84343af PASN: Add pairing verification wrapper function for Wi-Fi Aware
Wi-Fi Aware uses PASN handshake to authenticate peer devices. Devices
can simply verify each other for subsequent sessions as long as the keys
remain valid after authentication has been successful and pairing has
been established.

In pairing verification, Wi-Fi Aware devices uses PASN Authentication
frames with custom PMKID and Wi-Fi Aware R4 specific verification IEs.
It does not use wrapped data in the Authentication frames. This function
provides support to construct PASN Authentication frames for pairing
verification.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-11-04 12:58:44 +02:00
Jouni Malinen
325236948a PASN: Mark wpas_pasn_start() comeback argument const
Make it clear that this argument is not modified and freed within PASN
processing to be consistent with the only use of it by calling
wpas_pasn_build_auth_1() which has already marked it const.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-11-04 12:56:37 +02:00
Vinay Gannevaram
b1ed44b6a6 PASN: Allow extra elements to be added into PASN Authentication frames
Wi-Fi Aware defines protocol specific elements in PASN Authentication
frames for pairing setup. Add an option to add this type of custom
elements into PASN frames. This is mainly for the libpasn.so use cases.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-11-04 12:33:38 +02:00
Vinay Gannevaram
78c5bb7f50 PASN: Move responder functionality into a separate file
PASN responder validates auth 1 frame and sends auth 2 frame to the
initiator. It analyses the auth 3 frame and verifies successful
authentication. Wi-Fi Aware modules can reuse this functionality through
a shared library libpasn.so generated from this code. Move the PASN
functionality that is now decoupled from the hapd context into a
separate file in a common directory to make it easier to build such a
library.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-11-04 00:52:17 +02:00
Vinay Gannevaram
c7edfce79a PASN: Move initiator changes into a separate file
PASN initiator functionality builds auth 1 and auth 3 frames, and
processes auth 2 frame received from the responder. Wi-Fi Aware modules
can reuse this functionality through a shared library libpasn.so
generated from this code. Move the PASN functionality that is now
decoupled from the wpa_s context into a separate file in a common
directory to make it easier to build such a library.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-11-04 00:52:17 +02:00
Vinay Gannevaram
975b7a02cb Move SAE comeback token functionality into a separate file
This is helpful in being able to get the functionality needed for SAE
into a separate library (libpasn.so) without needing all of the
ieee802_11.c functionality.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-11-04 00:52:17 +02:00
Vinay Gannevaram
1711fe9121 PASN: Compute MIC from RSNE and RSNXE of the frame for Wi-Fi Aware
Wi-Fi Aware R4 specification defines Beacon RSNE/RSNXE to be same as
RSNE/RSNXE present in Auth2 frame. So, MIC validation should be done
with the RSNE and RSNXE received in Auth2 frame.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-11-04 00:52:17 +02:00
Vinay Gannevaram
6f80014b10 PASN: Allow custom PMKID in Authentication frames for Wi-Fi Aware
Wi-Fi Aware R4 specification introduces a custom PMKID derived from
Nonce and TAG. This custom PMKID is included in PASN Authentication
frames during pairing verification. So, allow use of a custom PMKID in
PASN frames and validate it using a function handler. Wi-Fi Aware
component that uses libpasn.so should take care of validating the custom
PMKID.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-11-04 00:52:17 +02:00
Vinay Gannevaram
e99047da2b PASN: Add a handler func to send mgmt frames to the driver from AP
Introduce a function handler to transmit PASN Authentication frames to
the driver. This removes the hapd dependency for sending the frames.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-11-04 00:52:17 +02:00
Vinay Gannevaram
4022ffc5db PASN: Store AKMP in the PTKSA cache
PTK is stored in the PTKSA cache following a successful PASN handshake,
however AKMP is removed upon a WPA PASN reset. The PASN handshake is
used in the Wi-Fi Aware R4 specification to define the pairing setup
process. KDK is used to generate a new set of keys, while AKMP is
required for key derivation for pairing. So, keep AKMP in the PTKSA
cache.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-11-04 00:52:17 +02:00
Vinay Gannevaram
c55eadede7 PASN: Remove hapd dependency in processing PASN Authentication frames
Remove hapd dependency in processing PASN M1/M3 frames and build PASN M2
frame. Initialize required pasn parameters from hapd before passing
Authentication frames.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-11-04 00:52:17 +02:00
Vinay Gannevaram
6dc833bc5c PASN: Remove hapd dependency for PASN and SAE comeback
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-11-04 00:52:17 +02:00
Vinay Gannevaram
1861f57162 PASN: Remove hapd dependency for pasn_derive_keys()
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-11-04 00:52:17 +02:00
Vinay Gannevaram
1fa266e99d PASN: Remove hapd dependency for SAE and FILS wrapped data
This makes hostapd use the struct defines from pasn_common.h so that the
same struct is shared with wpa_supplicant.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-11-04 00:52:17 +02:00
Vinay Gannevaram
bc9fbe1b24 PASN: Common wpas_pasn structure for initiator and responder
Make struct wpas_pasn common for both the initiator and the responder by
adding required parameters for responder to the existing struct
wpas_pasn. This makes both hostapd and wpa_supplicant share the same
structure definitions in preparation for allowing PASN functionality to
be built into a separate library.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-11-04 00:52:17 +02:00
Vinay Gannevaram
14b5ebce73 PASN: Add a common header file for initiator and responder
This is a step towards decoupling the PASN initiator and responder
implemenentation is decoupled from the wpa_s and hapd contexts and
moving to a common folder for better abstraction. Move the struct
wpas_pasn definition to a common file for initiator and responder. The
idea is to provide a library libpasn.so from PASN common code. Include
C++ compatibilty wrapper to extend libpasn.so support for modules using
cpp code base.

This library can be used in applications implementing protocols based on
the PASN handshake.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-11-04 00:52:15 +02:00
Vinay Gannevaram
90bb73c518 PASN: Remove wpa_sm dependency to add an entry to PMKSA cache
Store PMKSA cache entry in wpas_pasn and remove wpa_sm dependency to add
an entry to PMKSA cache. This is a step towards allowing the PASN
implementation to be used outside the context of wpa_supplicant.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-11-04 00:41:56 +02:00
Vinay Gannevaram
10e455c44a Enable use of PMKSA caching independent of RSN supplicant state machine
Allow PMKSA caching functionality to be used even if sm, current_cb, and
free_cb are uninitialized. This makes RSN supplicant state machine
independent PMKSA caching possible for other modules, enabling
functional reuse.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-11-04 00:19:14 +02:00
Jouni Malinen
1d0ee1908b Fix the vendor ID assignment for configuring periodic sounding
This was supposed to update the requested value to the next available
one, not to duplicate the already assigned value.

Fixes: b17b86da47 ("QCA vendor attribute to configure periodic sounding")
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-11-03 19:22:53 +02:00
Kiran Kumar Lokere
b17b86da47 QCA vendor attribute to configure periodic sounding
Add a new QCA vendor attribute to configure the periodic sounding
for Tx beamformer functionality.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-11-03 17:53:32 +02:00
Vinay Gannevaram
ef5a9a009d nl80211: Fix parsing PASN peer and src addresses from vendor nl attributes
Need to copy the actual data of the attribute, not the beginning of the
data structure pointing to the attribute.

Fixes: de3b91a172 ("nl80211: Define vendor interface functions to offload PASN authentication")
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-11-03 17:37:38 +02:00
Jouni Malinen
2c55c9273c More debug prints for EAPOL-Key message generation (Authenticator)
AES-WRAP(KEK) protection of the Key Data field did not include all the
details in the log. Extend that to cover the details that were already
present for the AES-SIV case to make the debug log more useful for
analyzing issues in this area. Furthermore, print the full EAPOL-Key
frame in the log.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-11-03 12:38:06 +02:00
Veerendranath Jakkam
9dafad1ea3 EHT: Definitions for STA Control fields of Basic Multi-Link element
Define subelement IDs and Per-STA Profile STA control fields of Basic
Multi-Link element as described in IEEE P802.11be/D2.2. Also add define
for Multi-Link Control field length.

Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
2022-10-31 17:07:38 +02:00
Veerendranath Jakkam
1fbea7d432 EHT: Multi-Link element defragmentation
Add support for element defragmentation of different types of Multi-Link
elements.

Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
2022-10-31 16:54:45 +02:00
Veerendranath Jakkam
ec03b71ee9 common: Refactor element defragmentation
Instead of saving the pointers to the fragment elements during parsing
of the frame, append all fragments found right after the element to the
element length. Defragmentation of the element can be done by parsing
appended fragment elements. This approach removes the limit on the
maximum number of fragmented elements supported in a frame.

Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
2022-10-31 12:36:21 +02:00
Veerendranath Jakkam
347ea8f0a5 EHT: Parse Multi-Link elements
Parse and store pointers to different types of Multi-Link elements
received in Management frames.

Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
2022-10-31 12:10:17 +02:00
Veerendranath Jakkam
73f540b6a7 MLD STA: Fetch MLO association Link ID info to core wpa_supplicant
Fetch the MLO association Link ID info from the driver to the
wpa_supplicant instance of the corresponding MLD STA interface. This
info is needed when setting the MLO connection info to wpa_sm.

Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
2022-10-31 12:07:41 +02:00
Veerendranath Jakkam
ee46b7d6d3 nl80211: Check MLO link status info in NL80211_CMD_CONNECT
NL80211_CMD_CONNECT event indicates MLO links status info with kernel
commit 53ad07e9823b ("wifi: cfg80211: support reporting failed links").
Consider MLO links as valid links only if the status is success (or was
not indicated).

Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
2022-10-31 12:01:30 +02:00
Morten Brørup
6e015cd454 RADIUS: Add Filter-Id attribute
Add Filter-Id to the list of RADIUS attributes.

Signed-off-by: Morten Brørup <mb@smartsharesystems.com>
2022-10-31 11:56:57 +02:00
Jhalak Naik
06800f612f Add QCA vendor attributes for EHT support in external ACS
Add support for new vendor sub-command attributes for 320 MHz
channel width and puncturing information as part of the
external ACS.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-10-17 11:27:04 +03:00
Amarnath Hullur Subramanyam
0423686639 Vendor attribute to configure QoS/AC upgrade for UDP frames
Introduce a new attribute to configure access category
override for UDP frames of BE/BK category. Unlike, the
earlier attribute QCA_WLAN_VENDOR_ATTR_CONFIG_UDP_QOS_UPGRADE
which will override for all UDP frames, this attribute is
for overriding only for BE/BK based UDP frames.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-10-17 11:26:56 +03:00
Jouni Malinen
e5d15e2254 EHT: Allow EHT to be disabled using disable_eht=1 in wpa_supplicant
This is similar to the previously added disable_ht/vht/he parameters.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-10-17 11:13:09 +03:00
Jouni Malinen
ebe6a7c948 FT: Cover variable length KCK in function documentation
FT can use different KCK length based on the AKM and PMK-R0 length.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-10-16 17:43:15 +03:00
Jouni Malinen
eda4ba081c FT: Reassociation Response frame validation for FT-SAE-EXT-KEY
Cover the variable length MIC field when validating the Reassociation
Response frame.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-10-16 17:43:15 +03:00
Jouni Malinen
0f7253d35d FT: Response processing for FT-SAE-EXT-KEY
Cover the variable length MIC field when processing the response from an
AP.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-10-16 17:43:15 +03:00
Jouni Malinen
a1eb1bb0e0 FT: Supplicant side FTE generation for FT-SAE-EXT-KEY
Add the SHA512-based variant.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-10-16 17:43:15 +03:00
Jouni Malinen
883e33594d FT: Authentication request frame processing for FT-SAE-EXT-KEY
Figure out the correct hash algorithm based on which MIC field length
assumption results in successful parsing. This is needed since the key
length is not yet known at this point on the AP when using the new
FT-SAE-EXT-KEY AKM.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-10-16 17:43:15 +03:00
Jouni Malinen
879363bbc1 FT: Reassociation Request frame parsing for FT-SAE-EXT-KEY
Handle the new MIC field length option for the SHA512-based variant.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-10-16 17:43:15 +03:00
Jouni Malinen
e8f23c9480 FT: Association Response frame FTE generation for FT-SAE-EXT-KEY
Add the SHA512-based variant.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-10-16 17:43:15 +03:00
Jouni Malinen
a76a314c15 FT: Extend PMK-R0 derivation for FT-SAE-EXT-KEY
Provide AKM to the helper function to cover the SHA512-based derivation
case.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-10-16 17:43:11 +03:00
Jouni Malinen
79cd846b2e FT: Extend PTK derivation for FT-SAE-EXT-KEY
Cover the SHA512-based derivation case.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-10-16 17:24:25 +03:00
Jouni Malinen
39b60f3348 FT: Extend PMK-R1 derivation for FT-SAE-EXT-KEY
Cover the SHA512-based derivation case.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-10-16 17:22:47 +03:00
Jouni Malinen
fb4fc704c0 FT: Debug print FTE subelements during parsing
This can be helpful in trying to figure out issues with determination of
the MIC field length.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-10-16 17:20:19 +03:00
Jouni Malinen
25b52e5f83 FT: Extend FTE parsing for FT-SAE-EXT-KEY
Provide AKM, key length, and information about needed subelements to the
parser function so that the variable length MIC field cases can be
recognized for FT-SAE-EXT-KEY. Knowledge about R0KH-ID/R1KH-ID being
needed is required to be able to iterate over possible MIC field lengths
for the case where the AP does not yet know the correct key length at
the beginning of FT protocol.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-10-16 17:17:49 +03:00
Jouni Malinen
4f58afee9a FT: Extend MIC derivation for FT-SAE-EXT-KEY
Provide AKM to the helper function so that the new SHA256 and SHA512
options can be covered for FT-SAE-EXT-KEY.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-10-16 17:07:54 +03:00
Jouni Malinen
dcd46edf5f FT: Extend PMKR1Name derivation for FT-SAE-EXT-KEY
Provide key length instead of SHA384/SHA256 selection to the helper
function so that the new SHA512 option can be covered for
FT-SAE-EXT-KEY.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-10-16 17:03:10 +03:00
Jouni Malinen
9fd2455642 FT: Support longer SAE PMK for FT in INITPSK AP
This is needed for the new FT-SAE-EXT-KEY AKM that uses variable length
PMK.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-10-16 16:54:21 +03:00
Jouni Malinen
c41bd98be3 FT: AP mode FTE writing to support FT-SAE-KEY-EXT
Provide enough information to allow the FTE to be built using the
correct MIC field length based on the used AKM and key length.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-10-16 16:51:12 +03:00
Jouni Malinen
efa0f51d33 FT: Accept 512-bit PMK-R1 from RRB
This will be needed for FT-SAE-KEY-EXT.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-10-16 16:41:12 +03:00
Harsh Kumar Bijlani
eb0821c90c Add service class id attribute in SCS rule config vendor subcommand
Add service class id attribute
QCA_WLAN_VENDOR_ATTR_SCS_RULE_CONFIG_SERVICE_CLASS_ID in SCS rule
configuration vendor subcommand
QCA_NL80211_VENDOR_SUBCMD_SCS_RULE_CONFIG.

Signed-off-by: Harsh Kumar Bijlani<quic_hbijlani@quicinc.com>
2022-10-14 16:35:29 +03:00
Chaoli Zhou
f8a05de669 Move default action from after switch to within
Move from this type of constructions:

switch (val) {
case 1:
	something;
	break;
}
default-action;

into following:

switch (val) {
case 1:
	something;
	break;
default:
	default-action;
	break
}

for cases where the switch statement is not expected to contain a full
set of enum values and as such, does not lose value from not having the
default target.

This makes the intent of default behavior clearer for static analyzers like
gcc with -Wswitch-default.

Signed-off-by: Chaoli Zhou <quic_zchaoli@quicinc.com>
2022-10-14 16:08:20 +03:00
Vishal Miskin
7614fcebe0 ACS: Filter out 6 GHz channels if HE or EHT is not enabled
Do not include 6 GHz channels in the ACS possible channel list if
neither HE (ieee80211ax=1) nor EHT (ieee80211be=1) is enabled since
those channels cannot be used in such combination.

Signed-off-by: Vishal Miskin <quic_vmiskin@quicinc.com>
2022-10-13 21:21:51 +03:00
Swarn Singh
1864664ca3 Android: Delay QCA roam+auth event until NL80211_CMD_ROAM is received
Information from both NL80211_CMD_ROAM and
QCA_NL80211_VENDOR_SUBCMD_KEY_MGMT_ROAM_AUTH events is required for
processing the roam events correctly, especially to get the newly
connected BSS details. Indicate the roam event to private libraries only
after NL80211_CMD_ROAM and QCA_NL80211_VENDOR_SUBCMD_KEY_MGMT_ROAM_AUTH
events are received.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-10-13 18:34:26 +03:00
Jouni Malinen
8219d2b7dd PASN: Fix CONFIG_PASN=y build without CONFIG_IEEE80211R=y
Do not try to use variables that are not defined without
CONFIG_IEEE80211R=y and add the forgotten "inline" for the function
wrapper.

Fixes: 5c65ad6c0b ("PASN: Support PASN with FT key derivation")
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-10-04 20:41:54 +03:00
Veerendranath Jakkam
61c6e7c62c nl80211: Parsing of MLO connection info from roam+auth event
Add support to parse MLO connection information from
QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_MLO_LINKS for
QCA_NL80211_VENDOR_SUBCMD_KEY_MGMT_ROAM_AUTH event.

Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
2022-09-29 13:26:53 +03:00
Rohan Dutta
3d842d9108 MLD STA: Add support for parsing MLO KDEs
Add support for parsing MLO KDEs as defined in Table 12-10 (KDE
selectors) in IEEE P802.11be/D2.0.

Signed-off-by: Rohan Dutta <quic_drohan@quicinc.com>
Co-authored-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
2022-09-28 23:24:36 +03:00
Rachit Kankane
e1105bab89 Add QCA vendor interface support for Spatial Reuse (SR) feature
Add a new vendor sub-command to implement Spatial Reuse feature.
Userspace enables SR feature with specific configuration parameters. The
driver/firmware upon receiving the command, enables the SR feature if it
is supported by the currently connected AP. The driver may reject the
command if it cannot enable the SR with the configured parameters. The
driver sends events to userspace to indicate when SR feature is enabled
or disabled internally. Userspace can also query SR feature related
parameters and statistics from the driver/firmware as needed.

Signed-off-by: Rachit Kankane <quic_rkankane@quicinc.com>
Signed-off-by: Aleti Nageshwar Reddy <quic_anageshw@quicinc.com>
2022-09-26 12:50:43 +03:00
Chaoli Zhou
1f39f85b72 Fix compiler warning on shift overflow in QCA vendor definitions
Fix the following compiler error:
qca-vendor.h:5892:54: error: result of ‘1 << 31’ requires 33 bits to represent, but ‘int’ only has 32 bits [-Werror=shift-overflow=]
 5892 |  QCA_WLAN_VENDOR_CHANNEL_PROP_FLAG_HE40INTOL     = 1 << 31,

This "1" needs to be marked unsigned for this case of MSB=1.

Signed-off-by: Chaoli Zhou <quic_zchaoli@quicinc.com>
2022-09-23 19:38:07 +03:00
Sunil Ravi
a7684a21c7 Update hw mode after ACS selects the channel
hostapd based automatic channel selection doesn't update the hardware
mode after the channel is selected. This change specifically helps
channel 14 which can operate only in IEEE 802.11b mode.

Signed-off-by: Sunil Ravi <sunilravi@google.com>
2022-09-23 00:23:56 +03:00
Shay Bar
01944c0957 Fix RNR BSSID setting for own interfaces
bss->conf->bssid may be kept unset and will cause an empty BSSID field
in RNR. Fix this to use own_addr instead.

Signed-off-by: Shay Bar <shay.bar@celeno.com>
Signed-off-by: moran.daori <moran.daori@celeno.com>
2022-09-16 22:15:56 +03:00
stijn@linux-ipv6.be
f77c0f914a ACS: Include frequency in info messages
The ACS info messages frequently appear for multiple channels. Without
the actual frequency in the messages, they are not very informative.
Add the frequency to them to improve this.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2022-09-16 21:39:47 +03:00
Sergey Matyukevich
0c7b3814ca Use a less generic name for IEEE802.11 CRC-32 routine
Hostapd uses 'crc32' name for IEEE802.11 CRC-32 routine. This name is
too generic. Buildroot autobuilder detected build configuration that
failed to build due to the naming conflict: static linking with openssl
using zlib-ng as a zlib provider, e.g. see:
- http://autobuild.buildroot.net/results/9901df820d3afa4cde78e8ad6d62cb8ce7e69fdb/
- http://autobuild.buildroot.net/results/ac19975f0bf77f4a8ca574c374092ba81cd5a332/

Use a less generic name ieee80211_crc32 for IEEE802.11 CRC-32 routine
to avoid such naming conflicts.

Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com>
2022-09-16 21:39:47 +03:00
David Bauer
7ed17eee3a ACS: Don't select indoor channel on outdoor operation
Don't select channels designated for exclusive indoor use when the
country string is set for outdoor operation (country3=0x4f, i.e., the
third character of the country string is 'O').

Signed-off-by: David Bauer <mail@david-bauer.net>
2022-09-16 21:00:21 +03:00
nakul kachhwaha
ef2d2e81a9 Add a new QCA vendor attribute to support flexible TWT
Add a new attribute QCA_WLAN_VENDOR_ATTR_TWT_NUDGE_SP_START_OFFSET to
configure offset to shift start of the service period. This attribute
will be used when device supports flexible TWT. If provided, this
attribute will override QCA_WLAN_VENDOR_ATTR_TWT_NUDGE_WAKE_TIME.

Signed-off-by: nakul kachhwaha <quic_nkachhwa@quicinc.com>
2022-09-16 20:02:49 +03:00
Veerendranath Jakkam
1b6f3b5850 MLD STA: Indicate per link channel switch
Parse link id info from channel switch events and indicate the info to
control interface using new per link channel switch events. If channel
switch happens on the link which used during association both legacy
and new per-link channel switch events will be reported.

Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
2022-09-15 16:00:51 +03:00
Veerendranath Jakkam
b7f98d92dc MLD STA: Add per-link MLO signal poll
Add support to fetch and indicate per-link MLO signal poll information
via a new control interface command MLO_SIGNAL_POLL.

Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
2022-09-15 16:00:51 +03:00
Veerendranath Jakkam
8dd5b9a9ed nl80211: Send bssid info as parameter to nl80211_get_link_signal()
Add bssid as parameter to nl80211_get_link_signal() instead of using
bssid from driver structure. This is useful for calling the function
per-MLO link.

Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
2022-09-15 16:00:51 +03:00
Shivani Baranwal
cc29cadf2e Helper function to get MLD address from Basic Multi-Link element
Add a utility function to fetch Multi-Link Device (MLD) address from a
Basic Multi-Link element.

Signed-off-by: Shivani Baranwal <quic_shivbara@quicinc.com>
2022-09-15 16:00:38 +03:00
Veerendranath Jakkam
e211286140 nl80211: Use AP MLD address to set supplicant port as authorized
Use AP MLD address as the peer's MAC address to set supplicant port as
authorized for MLO connection.

Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
2022-09-15 05:58:14 +03:00
Shivani Baranwal
7784964cbe MLD STA: Fetch MLO connection info into core wpa_supplicant
Add support to fetch MLO connection info from the driver to the
wpa_supplicant instance of corresponding MLD STA interface. In addition,
return true for BSSs associated with MLO links from wpa_bss_in_use() to
avoid getting them cleared from scan results.

Co-authored-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
Signed-off-by: Shivani Baranwal <quic_shivbara@quicinc.com>
2022-09-15 05:55:40 +03:00
Veerendranath Jakkam
e2147f917f nl80211: Indicate MLO connection info in driver status
Indicate MLO connection info in DRIVER-STATUS control interface command.

Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
2022-09-15 05:40:21 +03:00
Veerendranath Jakkam
c7741009f7 nl80211: Parse MLO connection info in NL80211_CMD_CONNECT event
Parse NL80211_ATTR_MLO_LINKS in NL80211_CMD_CONNECT event and cache the
MLO connection information. Set the legacy connection fields such as
assoc_freq and bssid to the values of the MLO link on which association
happened.

Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
2022-09-15 05:31:55 +03:00
Veerendranath Jakkam
bd499f0e6e Add a helper function to get ML IE of specified type from IEs buffer
Add a helper function to find the specified type of Multi-Link element
from IEs buffer.

Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
2022-09-15 05:08:36 +03:00
Veerendranath Jakkam
36645f8394 EHT: Add Multi-Link element field definitions
Define the following fields described in IEEE P802.11be/D2.1:
- Multi-Link element types as defined in Table 9-401c (Type subfield
  encoding)
- Basic Multi-Link element presence bitmap as defined in Figure
  9-1002g (Presence Bitmap subfield of the Basic Multi-Link element
  format)

Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
2022-09-15 04:23:18 +03:00
Qiwei Cai
62612dfc1a P2P: Use only PSC for P2P group in the 6 GHz band
P2P connections in the 6 GHz band should be limited to preferred
scanning channels since AP/GO discovery cannot depend on 2.4/5 GHz
discovery.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-09-14 23:54:20 +03:00
Chaoli Zhou
7974d80531 Configure RRM elements to the driver in the driver-AP-SME case
Support updating the RRM IEs to the driver for Probe Response and
(Re)Association response frames in the AP mode when the SME is
implemented in the driver.

Signed-off-by: Chaoli Zhou <quic_zchaoli@quicinc.com>
2022-09-14 21:32:23 +03:00
Manaswini Paluri
122cdd5925 Enable TWT responder AP role only if IEEE 802.11ax/HE is enabled
Set TWT responder configurator in the driver parameters only when the AP
is configured with HE enabled. This was already done for the extended
capability bit generation in commit 8de0ff0fa1 ("HE: Add TWT responder
extended capabilities field"), but this parameter for the driver command
to start the AP in _ieee802_11_set_beacon() missed the condition.

Move the ieee80211ax check into the common helper function to cover both
cases. In addition, add a check for disable_11ax to cover the case where
HE is disabled for a specific BSS.

Fixes: ab8c55358e ("HE: Dynamically turn on TWT responder support")
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-09-13 04:24:03 +03:00
Aleti Nageshwar Reddy
5b76c36545 Extend attributes of QCA_NL80211_VENDOR_SUBCMD_GET_STA_INFO
Extend attributes of subcmd QCA_NL80211_VENDOR_SUBCMD_GET_STA_INFO
for quering per MCS TX and RX packets from the driver/firmware.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-09-13 00:21:45 +03:00
Kiran Kumar Lokere
897e090852 QCA vendor attribute to configure periodic sounding
Add a new QCA vendor attribute to configure the periodic sounding for Tx
beamformer functionality.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-09-12 23:54:24 +03:00
Jouni Malinen
0cc6f985d1 wlantest: Recognize additional not-Robust Action categories
Do not complain about unprotected Action frames for additional
categories that have been defined as not being Robust.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-09-05 22:06:31 +03:00
Jouni Malinen
cd392151c5 Validate MAC Address KDE length in the parser
Verify that the MAC Address KDE includes enough data to contain a MAC
address as a part of the parsing function so that each caller would not
need to verify this separately. None of the existing users of this
parser actually needed the MAC address value, so there was not any use
for the length field before. The updated design is more robust for
future uses and gets rid of that unused length field as well.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-09-05 20:56:49 +03:00
Vinay Gannevaram
6f8af5974c Fix expiration logic for the first PTKSA cache entry
When an entry is added to the PTKSA cache, timer expiration is not set.
Check the list and set the timer expiration when the list is empty also.
When another entry is added to the list, it is placed before the relavant
entry in the order of expiry time of all entries present in the list.

Fixes: a4e3691616 ("WPA: Add PTKSA cache implementation")
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-09-02 17:10:58 +03:00
Vinay Gannevaram
85e28a79ba PASN: Set secure ranging context to driver after association
After the secure association and PTK derivation are completed, if the
device supports LTF keyseed, generate the LTF keyseed using KDK and set
the ranging context to the driver by using the command
QCA_NL80211_VENDOR_SUBCMD_SECURE_RANGING_CONTEXT.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-09-02 17:07:56 +03:00
Vinay Gannevaram
9b62b61c68 PASN: Configure secure ranging context to the driver in AP mode
AP as a responder, on successful completion of PASN authentication
configures the required keys by using the command
QCA_NL80211_VENDOR_SUBCMD_SECURE_RANGING_CONTEXT to the driver.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-09-02 16:25:20 +03:00
Vinay Gannevaram
de3b91a172 nl80211: Define vendor interface functions to offload PASN authentication
This defines the QCA vendor interface functions to offload PASN
authentication from the driver.

The driver sends the QCA_NL80211_VENDOR_SUBCMD_PASN event requesting to
perform PASN authentication with a list of peers with which the driver
needs to do ranging. wpa_supplicant performs PASN handshake with all the
peer devices and sets the required keys using the command
QCA_NL80211_VENDOR_SUBCMD_SECURE_RANGING_CONTEXT to the driver. After
PASN handshake is completed with all requested peers, wpa_supplicant
sends consolidated status for all peers to the driver.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-09-02 16:18:26 +03:00
Vinay Gannevaram
e2c3cdf2ca nl80211: Register PASN Authentication frames for SME-in-driver
This is needed to allow PASN processing offload from the driver to
wpa_supplicant.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-09-02 16:18:14 +03:00
Vinay Gannevaram
58a96187ee nl80211: Allow PASN Authentication frames with random (foreign) MAC address
To support secure ranging with a random MAC address, PASN handshake is
performed with a different source MAC address from the device's own
interface address. Hence, allow PASN Authentication frames with any
foreign MAC address to further process the Authentication frames.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-09-02 16:18:14 +03:00
Vinay Gannevaram
24929543ba PASN: Deauthenticate on PTKSA cache entry expiration
Add an option for an alternative processing of PTKSA life time expiry.

Register a callback in wpa_supplicant to handle the life time expiry of
the keys in PTKSA cache. Send PASN deauthentication when a PTKSA cache
entry expires.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-09-02 16:18:14 +03:00
Vinay Gannevaram
2edebc6b63 PASN: Add interface to handle PASN request from the driver
This brings in the function declarations and data structures that are
required for handling PASN request from the driver, sending secure
ranging context and PASN response to the driver.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-09-02 15:27:50 +03:00
Vinay Gannevaram
9330bf3189 PASN: Add function to compute LTF keyseed from KDK
Add a function to derive the LTF keyseed from KDK. This function is
built only in case that CONFIG_PASN is enabled at build time.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-09-01 20:30:11 +03:00
Vinay Gannevaram
580bd04cf3 Add own MAC address used for key derivation to PTKSA cache
On successful PASN handshake or 4-way handshake with a peer, PTK is
derived using the local and peer MAC addresses as input. Store the own
MAC address that is used for key derivation in PTKSA cache to maintain
that state over potential MAC addresses changes.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-09-01 19:01:21 +03:00
Vinay Gannevaram
d0d585c481 Store secure ranging driver capabilities in WPA state machine
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-09-01 18:59:58 +03:00
Vinay Gannevaram
96a604128b Use separate PASN capabilities for AP and STA modes
Use separate capabilities for AP and STA modes for P802.11az security
parameters secure LTF support, secure RTT measurement exchange support,
and protection of range negotiation and measurement management frames
support.

P802.11az security parameters are considered to be supported for both
station and AP modes if the driver sets NL80211_EXT_FEATURE_SECURE_LTF,
NL80211_EXT_FEATURE_SECURE_RTT, and
NL80211_EXT_FEATURE_PROT_RANGE_NEGO_AND_MEASURE flags. The driver can
advertize capabilities specific to each mode using
QCA_WLAN_VENDOR_FEATURE_SECURE_LTF*,
QCA_WLAN_VENDOR_FEATURE_SECURE_RTT*, and
QCA_WLAN_VENDOR_FEATURE_PROT_RANGE_NEGO_AND_MEASURE* flags.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-09-01 18:59:52 +03:00
Andre Heider
c80dc69408 OpenSSL: Include rsa.h for all OpenSSL versions
This fixes the build with OpenSSL 1.1.1:
../src/crypto/crypto_openssl.c: In function 'crypto_rsa_oaep_sha256_decrypt':
../src/crypto/crypto_openssl.c:4404:49: error: 'RSA_PKCS1_OAEP_PADDING' undeclared (first use in this function)

Signed-off-by: Andre Heider <a.heider@gmail.com>
2022-08-31 17:19:03 +03:00
Jouni Malinen
1f9a988f1f DPP3: Do not initiate PKEX for PB if no configuration is available
Reorder PKEX initiation function to send out the PKEX Exchange Request
frame at the end after all possible error cases have been checked. This
prevents Enrollee from seeing a PKEX frame when the session is about to
fail.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-08-27 00:50:05 +03:00
mukul sharma
aa75aa1dc0 Add QCA vendor interface to get SAR capabilities to userspace
Add QCA_NL80211_VENDOR_SUBCMD_GET_SAR_CAPABILITY to get various SAR
capabilities supported by the WLAN firmware to userspace. These
capabilites are usually reported by the firmware during the initial
bootup handshake with the driver. Based on these capabilities, user
space can choose proper SAR indexes.

Signed-off-by: Mukul Sharma <quic_mukul@quicinc.com>
2022-08-26 18:02:29 +03:00
Veerendranath Jakkam
5de45546d5 Add support to send multi AKM connect request when driver's SME in use
Add support to configure SAE, PSK, and PSK-SHA256 AKMs in connect
request when driver's SME in use. This is needed for implementing
WPA3-Personal transition mode correctly with any driver that handles
roaming internally.

Send additional AKMs configured in network block to driver based on
the maximum number of AKMs allowed by driver in connect request. Keep
first AKM in the list AKMs in the connect request as AKM selected by
wpa_supplicant to maintain backwards compatibility.

Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
2022-08-26 17:54:12 +03:00
Veerendranath Jakkam
0ce1545dcb nl80211: Determine maximum number of supported AKMs
Use the recently added attribute to determine whether the kernel
supports a larger number of AKM suites in various commands.

Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
2022-08-26 17:27:45 +03:00
Jouni Malinen
7e97c619a9 Sync with wireless-next.git include/uapi/linux/nl80211.h
This brings in nl80211 definitions as of 2022-07-22. In addition, update
nl80211_command_to_string() to cover the new defined commands.

Signed-off-by: Jouni Malinen <j@w1.fi>
2022-08-26 17:27:45 +03:00
Jouni Malinen
54706957e3 DPP: Fix DPP_RELAY_ADD_CONTROLLER command parsing
hostapd_dpp_add_controller() ended up trying to parse the IP address
without nul terminating it. This might work with some C libraries, but
not all. And anyway, this was already supposed to nul terminate the
string since a temporary copy is created of the constant string. Fix
this by adding the missed replacement of the space with nul.

Fixes: bfe3cfc382 ("DPP: Allow Relay connections to Controllers to be added and removed")
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-08-26 17:27:45 +03:00
Jouni Malinen
44b26d82b0 nl80211: Silence a compiler warning on printf in 32-bit builds
u64 needs "long long unsigned int" on 32-bit, so print this using a
typecase value so that both 32 and 64-bit builds work fine.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-08-26 17:27:45 +03:00
Jouni Malinen
820211245b OpenSSL: Fix HPKE in some corner cases
EVP_PKEY_derive() might report a larger maximum size of the output than
HPKE_MAX_SHARED_SECRET_LEN under some conditions. That should be allowed
as long as the real final length is within the maximum limit.
Furthermore, since we are using a fixed length buffer for this, there is
no need to call EVP_PKEY_derive() twice to first learn the maximum
length. Use a bit longer buffer and allow OpenSSL to take care of the
update to the final length internally with than single call.

This showed up using the following test case sequence:
dbus_pkcs11 dpp_private_peer_introduction

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-08-24 23:32:23 +03:00
Jouni Malinen
89de431f23 DPP: Add config response status value to DPP-CONF-SENT
This can be helpful for upper layers to be able to determine whether the
configuration was rejected.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-07-29 18:55:37 +03:00
Veerendranath Jakkam
80d5e264c5 Enhance QCA vendor roam event to indicate MLO links after reassociation
Enhance QCA_NL80211_VENDOR_SUBCMD_KEY_MGMT_ROAM_AUTH event for the
driver to indicate the information of the associated links of MLO
roaming.

Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
2022-07-28 20:37:16 +03:00
Jouni Malinen
6622493065 Update copyright notices for the QCA vendor definitions
Catch up with the changes from the last year.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-07-28 20:13:35 +03:00
Jouni Malinen
1d08b238cb nl80211: Allow more time for the initial scan with 6 GHz
The initial timeout of 10 seconds for the first scan before knowing
whether the driver reports scan completion events may not be sufficient
in cases where the driver ends up scanning a large number of channels.
In particular, this could be hit with 6 GHz support. Increase this
timeout when the driver indicates support for 6 GHz channels.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-07-28 16:40:05 +03:00
David Benjamin
faf9c04cb5 Remove a host of unnecessary OPENSSL_IS_BORINGSSL ifdefs
The <openssl/buf.h> include is relevant in both OpenSSL and BoringSSL
because the file uses BUF_MEM (include what you use). OpenSSL just
happened to include it via another file. OpenSSL also spells it
<openssl/buffer.h>, not matching the type, so use the compatible
spelling.

Additionally all the CHECKED_CAST and manual STACK_OF(T) definitions
call into BoringSSL internals. The correct, public APIs are simply to
just use the same code as OpenSSL and call the DEFINE_STACK_OF macros.

Signed-off-by: David Benjamin <davidben@google.com>
2022-07-28 12:57:40 +03:00
Veerendranath Jakkam
b9cd5a82f4 Always process pending QCA_NL80211_VENDOR_SUBCMD_KEY_MGMT_ROAM_AUTH data
Commit 74818ca63f ("Process
QCA_NL80211_VENDOR_SUBCMD_KEY_MGMT_ROAM_AUTH after NL80211_CMD_ROAM")
added workaround to hold the pending
QCA_NL80211_VENDOR_SUBCMD_KEY_MGMT_ROAM_AUTH event data for up to 100 ms
in case NL80211_CMD_ROAM is not received first. The 100 ms wait period
was sufficient for most of the cases but it's observed that some times
kernel is taking more than 100 ms to process and send NL80211_CMD_ROAM
to userspace.

If NL80211_CMD_ROAM takes more than 100 ms
QCA_NL80211_VENDOR_SUBCMD_KEY_MGMT_ROAM_AUTH event data getting ignored
though wpa_supplicant has it. To avoid this remove timeout for
QCA_NL80211_VENDOR_SUBCMD_KEY_MGMT_ROAM_AUTH event data since driver
always indicates NL80211_CMD_ROAM along with
QCA_NL80211_VENDOR_SUBCMD_KEY_MGMT_ROAM_AUTH.

In addition, clear the pending event data when marking the interface
disconnected since the roaming information is supposed to be used only
when reassociating without a disconnection.

Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
2022-07-28 12:49:45 +03:00
Xiaoning Ma
93be02592c Add fixed FDD mode to qca_btc_chain_mode QCA vendor attribute
Previously when chains of BT and WLAN 2.4 GHz are separated,
hybrid mode will be used for BTC. Now adding fixed FDD mode
to fulfill different BTC scenarios.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-07-28 12:24:21 +03:00
Jouni Malinen
5565fbee23 DPP: Check Enrollee supported curves when building Config Response
The Enrollee may report its supported curves in the bootstrapping URI.
If it does that, the Configurator may stop generating the Config Object
that would depend on the Enrollee using a curve that it did not indicate
as being supported. Check for this case while proessing the Config
Request and stop Configurator from building a configuration that is
known not to work.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-07-28 11:19:55 +03:00
Jouni Malinen
f70db167ab SAE: Derive a variable length PMK with the new AKM suites
Select the PMK length based on the used group (prime length) when using
the new AKM suites for SAE.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-07-25 00:31:51 +03:00
Jouni Malinen
91010e6f67 SAE: Indicate AKM suite selector in commit for new AKM suites
SAE authentication needs to known which AKM suite is being used to be
able to determine the correct PMK length for the new AKM suite selectors
that use variable length keys.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-07-25 00:31:51 +03:00
Jouni Malinen
e81ec0962d SAE: Use H2E unconditionally with the new AKM suites
The new SAE AKM suites are defined to use H2E, so ignore the sae_pwe
value when these AKM suites are used similarly to the way H2E gets
enabled when SAE Password Identifiers are used.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-07-25 00:31:51 +03:00
Jouni Malinen
f8eed2e8b8 SAE: Store PMK length and AKM in SAE data
These are needed to be able to support new AKM suites with variable
length PMK.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-07-25 00:31:51 +03:00
Jouni Malinen
9dc4e9d136 SAE: EAPOL-Key and key/MIC length information for the new AKM suites
Update the AKM suite specific mapping of various EAPOL-Key key lengths
and algorithms to include the new SAE AKM suites with variable length
keys.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-07-25 00:31:51 +03:00
Jouni Malinen
a32ef3cfb2 SAE: Driver capability flags for the new SAE AKM suites
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-07-25 00:23:31 +03:00
Jouni Malinen
91df8c9c65 SAE: Internal WPA_KEY_MGMT_* defines for extended key AKMs
Define new WPA_KEY_MGMT_* values for the new SAE AKM suite selectors
with variable length keys. This includes updates to various mapping and
checking of the SAE key_mgmt values.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-07-25 00:23:31 +03:00
Jouni Malinen
5c8a714b18 SAE: Use wpa_key_mgmt_sae() helper
Use the existing helper function instead of maintaining multiple copies
of lists of SAE key management suites.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-07-25 00:23:31 +03:00
Jouni Malinen
5456b0f260 Define new RSN AKM suite selector values
Add the new AKM suite selectors defined in IEEE P802.11-REVme/D1.3.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-07-25 00:23:31 +03:00
Jouni Malinen
d22dfe9187 DPP: Event message for indicating when Relay would need a Controller
The new DPP-RELAY-NEEDS-CONTROLLER control interface event can be used
to trigger mDNS discovery of a Controller to see if such a connection
can be established automatically at the time an Enrollee is trying to
initiate an operation.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-07-25 00:23:31 +03:00
Jouni Malinen
bfe3cfc382 DPP: Allow Relay connections to Controllers to be added and removed
The new control interface commands "DPP_RELAY_ADD_CONTROLLER <IP addr>
<PK hash>" and "DPP_RELAY_REMOVE_CONTROLLER <IP addr>" can now be used
to dynamically add and remove connections to Controllers for the cases
where the connection is initialized through a DPP Public Action frame
(i.e., Controller as the Responder).

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-07-25 00:23:31 +03:00
Jouni Malinen
808834b18b Add a comparison function for hostapd_ip_addr
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-07-25 00:23:31 +03:00
Jouni Malinen
f7763880bd DPP: Advertise Configurator connectivity on Relay automatically
Instead of requiring explicit configuration through
dpp_configurator_connectivity=1, advertise Configurator connectivity
automatically if a Relay is configured with a Controller that can
operate as a Responder.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-07-25 00:23:31 +03:00
Jouni Malinen
ca682f80a9 DPP: Dynamic Controller initiated connection on Relay
Accept an incoming TCP connection from a Controller in a Relay that is
configured with dpp_relay_port even if that Controller is not configured
with a dpp_controller parameter. This allows more dynamic Controller
initiated operations, e.g., when using mDNS to discover a Relay.

This type of a dynamic Controller entry will not be used for exchanges
that are initiated by an Enrollee (i.e., based on a DPP Public Action
frame received by the Relay).

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-07-23 16:57:54 +03:00
Jouni Malinen
d2388bcca5 DPP: Strict validation of PKEX peer bootstrapping key during auth
Verify that the peer does not change its bootstrapping key between the
PKEX exchange and the authentication exchange.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-07-22 21:08:08 +03:00
Jouni Malinen
a7b8cef8b7 DPP3: Fix push button boostrapping key passing through PKEX
When PKEX was started through the push button mechanism, the own
bootstrapping key was not bound correctly to the Authentication phase
information and that ended up in incorrectly generating a new
bootstrapping key for the Authentication exchange. Fix this by added the
needed own=<id> parameter into the cached parameters when using push
button.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-07-22 21:06:04 +03:00
Jouni Malinen
69d7c8e6bb DPP: Add peer=id entry for PKEX-over-TCP case
The peer=<id> information about the specific boostrapping key provided
through PKEX was added for Public Action frame cases, but the TCP
variant did not do same. Add the same information there to maintain
knowledge of the specific peer bootstrapping key from PKEX to
Authentication exchange.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-07-22 21:04:08 +03:00
Jouni Malinen
1ff9251a83 DPP3: Push button Configurator in wpa_supplicant
Extend DPP push button support in wpa_supplicant to allow the role of
the Configurator to be used. This provides similar functionality to the
way the DPP_PUSH_BUTTON command in hostapd worked when providing the
configuration parameters with that command (instead of building the
config object based on current AP configuration).

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-07-22 12:28:18 +03:00
Jouni Malinen
e9137950fa DPP: Recognize own PKEX Exchange Request if it ends up being received
It is possible for a Controller to receive a copy of its own PKEX
Exchange Request in the case where the Controller is initiating a PKEX
exchange through a Relay. The Configurator role in the device would have
a matching PKEX code in that case and the device might reply as a PKEX
responder which would result in going through the exchange with the
Controller device itself. That is clearly not desired, so recognize this
special case by checking whether the Encrypted Key attribute value
matches a pending locally generated one when processing a received PKEX
Exchange Request.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-07-21 20:30:07 +03:00
Jouni Malinen
ae4a3a6f67 DPP: Add DPP-CONF-REQ-RX event for Controller
This gets the Controller (DPP-over-TCP) sequence closer to the one used
with Public Action frames and makes it easier for upper layer components
to share the same design for tracking operation status.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-07-21 13:15:22 +03:00
Jouni Malinen
fb2937b858 DPP: Allow Controller to initiate PKEX through Relay
Relay will need to allow the PKEX Exchange Response message to be
handled similarly to the Authentication Response message to allow this
sequence to be completed successfully.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-07-19 23:28:33 +03:00
Jouni Malinen
15af83cf18 DPP: Delete PKEX code and identifier on success completion of PKEX
We are not supposed to reuse these without being explicitly requested to
perform PKEX again. There is not a strong use case for being able to
provision an Enrollee multiple times with PKEX, so this should have no
issues on the Enrollee. For a Configurator, there might be some use
cases that would benefit from being able to use the same code with
multiple Enrollee devices, e.g., for guess access with a laptop and a
smart phone. That case will now require a new DPP_PKEX_ADD command on
the Configurator after each completion of the provisioning exchange.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-07-19 23:28:33 +03:00
Jouni Malinen
148de3e0dc DPP3: Private Peer Introduction protocol
Add a privacy protecting variant of the peer introduction protocol to
allow the station device to hide its Connector from 3rd parties. The new
wpa_supplicant network profile parameter dpp_connector_privacy=1 can be
used to select this alternative mechanism to the peer introduction
protocol added in the initial release of DPP.

It should be noted that the new variant does not work with older DPP APs
(i.e., requires support for release 3). As such, this new variant is
disabled by default.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-07-19 00:14:41 +03:00
Jouni Malinen
786ea402bc HPKE base mode with single-shot API
Add support for HPKE base mode with single-shot API (see RFC 9180) using
OpenSSL. This is needed for DPP private introduction protocol.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-07-18 16:49:45 +03:00
Jouni Malinen
f0273bc814 OpenSSL: Remove a forgotten debug print
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-07-17 12:07:22 +03:00
Jouni Malinen
68209ddbe4 DPP: Allow 3rd party information to be added into config object
This allows the DPP Configuration Object from a Configurator to be
extended with 3rd party information. This information can be provided as
a part of the existing configuration specification mechanisms with the
new extra_name=<string> and extra_value=<hexdump encoded JSON>.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-07-16 17:22:23 +03:00
Jouni Malinen
0e2217c95b DPP: Allow 3rd party information to be added into config request obj
This allows the DPP Configuration Request Object from an Enrollee to be
extended with 3rd party information. The new dpp_extra_conf_req_name and
dpp_extra_conf_req_value configuration parameters specify the name of
the added JSON node and its contents. For example:
dpp_extra_conf_req_name=org.example
dpp_extra_conf_req_value={"a":1,"b":"test"}

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-07-16 17:22:23 +03:00
Harsh Kumar Bijlani
3d82fbe058 Add QCA vendor subcommand and attributes for SCS rule configuration
Add a new vendor subcommand QCA_NL80211_VENDOR_SUBCMD_SCS_RULE_CONFIG
for configuration event of Stream Classification Service (SCS) rule.

Also define the attributes present in this subcommand.

Signed-off-by: Harsh Kumar Bijlani <quic_hbijlani@quicinc.com>
2022-07-09 17:28:56 +03:00
Aditya Kodukula
16b62ddfaf QCA vendor attribute for DBAM configuration
Add a new vendor attribute QCA_WLAN_VENDOR_ATTR_CONFIG_DBAM to
configure Dedicated Bluetooth Antenna Mode (DBAM). It is used to
switch between dedicated antenna mode for BT and COEX shared
antenna mode for WLAN and BT.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-07-09 17:18:49 +03:00
Jouni Malinen
451ede2c31 DPP: Allow AP/Relay to be configured to listed for new TCP connections
This extends Relay functionality to allow a Controller to intitiate a
new DPP exchange in addition to the previously supported case where the
exchange was initiated through a DPP Public Action frame.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-07-09 13:09:04 +03:00
Jouni Malinen
7bbe859873 DPP3: Allow external configuration to be specified on AP for PB
While the most likely production use case for DPP push button is to
provision the AP's current configuration, there might be some use cases
for providing different configuration. Add possibility for doing this by
extending the DPP_PUSH_BUTTON command to accept an optional set of
parameters similarly to the other DPP commands for the Configurator.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-07-08 00:14:06 +03:00
Jouni Malinen
8db786a43b DPP3: Testing functionality for push button announcements
Allow the Responder/Initiator hash values to be corrupted in Push Button
Presence Announcement messages for testing purposes.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-07-07 12:58:49 +03:00
Jouni Malinen
37bccfcab8 DPP3: Push button bootstrap mechanism
Add support to use a push button -based bootstrap mechanism with DPP.
The new DPP_PUSH_BUTTON control interface command enables this mode on
the AP/hostapd and station/wpa_supplicant. This goes through the
following sequence of events: a suitable peer in active push button mode
is discovered with session overlap detection, PKEX is executed with
bootstrap key hash validation, DPP authentication and configuration
exchanges are performed.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-07-07 00:31:30 +03:00
Vinay Gannevaram
a0054fe7ca Add AP and STA specific P802.11az security capabilities (vendor command)
Add feature capability indication for P802.11az security for the drivers
to advertise capabilities such as secure LTF support, secure RTT
measurement exchange support, and protection of range negotiation and
measurement management frames for station and AP interfaces
independently. This allows a more fine-tuned capability indication as an
alternative to the upstream nl80211 mechanism that is not specific to
the operating mode.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-07-07 00:31:24 +03:00
Yu Wang
159e636132 QCA vendor command for CoAP offload processing
Add vendor command QCA_NL80211_VENDOR_SUBCMD_COAP_OFFLOAD to
enable/disable offload processing in firmware for CoAP messages
(RFC7252: The Constrained Application Protocol) or fetch the
CoAP messages cached during offload processing.

Signed-off-by: Yu Wang <quic_yyuwang@quicinc.com>
2022-06-30 15:43:54 +03:00
Jingxiang Ge
3b7bb17f69 Add QCA vendor attribute for TIM beacon statistics
Add the following two vendor attributes to send TIM beacon
statistics to userspace which can be used for power saving:
QCA_WLAN_VENDOR_ATTR_LL_STATS_TIM_BEACON
QCA_WLAN_VENDOR_ATTR_LL_STATS_TIM_BEACON_ERR

Signed-off-by: Jingxiang Ge <quic_jge@quicinc.com>
2022-06-30 15:30:10 +03:00
Vinay Gannevaram
09a281e52a Add QCA vendor interface for PASN offload to userspace
Define QCA vendor interface for PASN offload to userspace from the driver.

The driver can send this command as an event to a userspace component to
perform PASN authentication with a list of peers with which the driver
needs to do ranging. The userspace component, if capable of performing
PASN handshake, can perform PASN handshake with all the peer devices and
set the relevant keys by sending the
QCA_NL80211_VENDOR_SUBCMD_SECURE_RANGING_CONTEXT command for each peer
to the driver.

Once PASN handshake is completed with all requested peers, the userspace
component sends consolidated status for all the peers to the driver. The
consolidated report is required for the driver to understand that the
PASN handshake process is complete and whether it succeeded/failed for
each of the peers it was requested for. The secure ranging context is
configured only for the peers with which the PASN handshake succeeded.

When the driver requests PASN keys, the userspace component can set the
keys from its cache if those keys have not already expired and were
derived with the same source MAC address that is requested by the driver
instead of doing the full PASN handshake again.

If the driver detects that current keys of a peer are not valid anymore,
it sends a notification to userspace using the
QCA_NL80211_VENDOR_SUBCMD_PASN command and setting the action to
QCA_WLAN_VENDOR_PASN_ACTION_DELETE_SECURE_RANGING_CONTEXT. The userspace
component should delete the corresponding keys from its cache.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-06-23 21:50:04 +03:00
Purushottam Kushwaha
809fb96fa0 Add a vendor attribute to configure concurrency policy for AP interface
Add a new QCA vendor attribute
QCA_WLAN_VENDOR_ATTR_CONCURRENT_POLICY_AP_CONFIG to
QCA_NL80211_VENDOR_SUBCMD_CONCURRENT_POLICY sub command to set the
concurrency policy for AP interface.
QCA_WLAN_VENDOR_ATTR_CONCURRENT_POLICY_AP_CONFIG uses the values
defined in enum qca_wlan_concurrent_ap_policy_config to specify
concurrency policy.

Signed-off-by: Purushottam Kushwaha <quic_pkushwah@quicinc.com>
2022-06-23 21:33:38 +03:00
Purushottam Kushwaha
a5754f531e Rename QCA_NL80211_VENDOR_SUBCMD_CONCURRENT_MULTI_STA_POLICY
Rename QCA_NL80211_VENDOR_SUBCMD_CONCURRENT_MULTI_STA_POLICY to
QCA_NL80211_VENDOR_SUBCMD_CONCURRENT_POLICY to allow extension for other
interface type(s). A subsequent commit will extend the renamed
definitions in a manner that is inconsistent with the current naming.

This is a precursor for AP/P2P concurrency policy configuration support
via updated vendor command QCA_NL80211_VENDOR_SUBCMD_CONCURRENT_POLICY.

Signed-off-by: Purushottam Kushwaha <quic_pkushwah@quicinc.com>
2022-06-23 21:32:06 +03:00