Commit graph

19549 commits

Author SHA1 Message Date
Chenming Huang
9c2d6c4232 Add QCA vendor attributes for link id for HT-scan/ACS command
For AP MLD case, HT-scan and ACS happens per link. To determine the
correct link, link id is required.

Signed-off-by: Chenming Huang <quic_chenhuan@quicinc.com>
2023-12-05 12:52:01 +02:00
Nagarajan Maran
7b67055794 Add QCA vendor commands for SDWF
Define subcmd IDs 235 and 236 for Service Defined Wi-Fi (SDWF).

Signed-off-by: Nagarajan Maran <quic_nmaran@quicinc.com>
2023-12-04 17:33:27 +02:00
Chaitanya Tata
20c82a2708 Add an option to remove WMM-AC
For a memory constrained system, it may be more important to reduce
binary size than include support for these capabilities.

By default this is enabled.

Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
2023-12-03 11:43:45 +02:00
Chaitanya Tata
32b5f7f501 Add an option to remove Robust AV (SCS, MSCS, QoS Management)
For a memory constrained system, it may be more important to reduce
binary size than include support for these capabilities.

By default this is enabled.

Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
2023-12-03 11:43:45 +02:00
Chaitanya Tata
6ed8eba00d Add an option to remove RRM and supported operating class indication
Removing radio measurements and supported operating class indication
might be needed to reduce binary size for a memory constrained system
that does not need more advanced features. However, removing these is
not recommended since they can help the AP manage the network and STA
steering.

By default this functionality is enabled.

Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
2023-12-03 11:43:43 +02:00
Jun Yu
4b80ad1194 Populate the new beacon hint event to wpa_msg()
Beacon hinting is a feature that can temporarily change the regulatory
rule flags on the channel where the radio hears the beacon. Add a new
event CTRL-EVENT-REGDOM-BEACON-HINT to notify the wpa_supplicant user
about an important update to the regulatory rules including which
frequencies are impacted, new power limit, and new rule flags.

Signed-off-by: Jun Yu <junyuu@chromium.org>
2023-12-02 20:48:15 +02:00
Ilan Peer
d8cae2d024 nl80211: Do not allow off channel when frequency is not specified
Do not allow offchannel operation for action frame transmission if
no frequency is specified, as this doesn't make sense.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2023-12-02 20:35:21 +02:00
Remi Pommarel
bbb0d3a40e mesh: Add for_each_sta implementation in wpa_auth_callbacks
The wpa_auth_callbacks for mesh was missing a for_each_sta
implementation. This is an issue with pmksa cache, as when a cache entry
expires the for_each_sta callback is called in order to clear the pmksa
reference for all sta that was using this entry. Not having a
for_each_sta callback will prevent this cleanup to happen then a sta
could still use this pmksa entry even after it has been freed.

This used after free was not a problem up until recently where
dpp_pkhash is now stored in pmksa entry and retreived later on causing
crash with below backtrace:

  _wpa_snprintf_hex                        src/utils/common.c:326
  wpa_snprintf_hex                         src/utils/common.c:348
  hostapd_ctrl_iface_sta_mib               src/ap/ctrl_iface_ap.c:542
  hostapd_ctrl_iface_sta_mib               src/ap/ctrl_iface_ap.c:542
  hostapd_ctrl_iface_sta_mib               src/ap/ctrl_iface_ap.c:600
  hostapd_ctrl_iface_sta                   src/ap/ctrl_iface_ap.c:615
  wpa_supplicant_ctrl_iface_process        src/wpa_supplicant/ctrl_iface.c:12741
  wpa_supplicant_global_ctrl_iface_receive src/wpa_supplicant/ctrl_iface_unix.c:1141
  eloop_sock_table_dispatch                src/utils/eloop.c:625
  eloop_run                                src/utils/eloop.c:1238
  wpa_supplicant_run                       src/wpa_supplicant/wpa_supplicant.c:8021
  main                                     src/wpa_supplicant/main.c:393

Adding a for_each_sta callbacks fixes that.

Fixes: 043dedee83 ("DPP: Expose enrollee pubkey hash for identification")
Signed-off-by: Remi Pommarel <repk@triplefau.lt>
2023-12-02 20:34:34 +02:00
Jouni Malinen
b07f19e082 test: Mesh PMKSA entry validation with MESH_PMKSA_ADD
Signed-off-by: Jouni Malinen <j@w1.fi>
2023-12-02 20:32:56 +02:00
Jouni Malinen
4f69b4a31e mesh: Fix PMKSA cache entry addition with external PMKSA management
The length of the PMK ended up getting lost when a PMKSA cache entry was
added based on externally managed information. Set the PMK length in SAE
context to get the correct length stored into the actual PMKSA cache
entry that gets created in this path.

Signed-off-by: Jouni Malinen <j@w1.fi>
2023-12-02 20:31:16 +02:00
Jaap Keuter
0302c3ad22 trace: binutils replaces bfd_hostptr_t with uintptr_t
According to this message https://marc.info/?l=binutils&m=165363679302282
the type bfd_hostptr_t is dropped in favor of uintptr_t.
Replace the use of this type in the code.

Signed-off-by: Jaap Keuter <jaap.keuter@xs4all.nl>
2023-12-02 19:08:25 +02:00
Andrei Otcheretianski
d5ef16e987 tests: Add a unit test for RNR/basic ML element parsing
Going through everything to test parsing of the basic ML element and the
RNR element is not really feasible for MBSSID mode. As such, add a unit
test to excercise parsing the available links from the RNR, basic ML
element and MBSSID-Index element if present.

Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2023-12-02 19:02:02 +02:00
Jouni Malinen
a7fdd58039 tests: Update capability checks to include OpenSSL 3.1 and 3.2
Signed-off-by: Jouni Malinen <j@w1.fi>
2023-12-02 11:22:24 +02:00
Jouni Malinen
033634019d Ignore missing set_secure_ranging_ctx callback for testing purposes
nl80211_set_secure_ranging_ctx() was already ignoring the operation, but
this is included only with CONFIG_DRIVER_NL80211_QCA=y. Make the default
case use same behavior based on the callback function not being defined.
This is needed to allow the following test cases to work:
pasn_owe_tm_kdk_secure_ltf pasn_sae_kdk_secure_ltf

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-11-27 12:01:15 +02:00
Chenming Huang
d54d0d8983 AP MLD: Handle DFS in correct link
Link ID is needed for AP MLD to handle DFS events in the correct link.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-11-26 17:31:46 +02:00
Chenming Huang
f1fee0d1ff AP MLD: Handle channel switch event in correct link
USe the link ID information to determine the specific affiliated link
when processing channel switch events on an AP MLD.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-11-26 17:25:41 +02:00
Chenming Huang
fb6598864b nl80211: Add link ID when setting BSS attributes for AP MLD
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-11-26 17:12:46 +02:00
Chenming Huang
5487d8d9e9 nl80211: Specify link ID when sending Management frames
Extend nl80211_send_frame_cmd() to include the link ID to use for TX
with NL80211_CMD_FRAME.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-11-26 17:12:05 +02:00
Chenming Huang
859cbc396f nl80211: Remove links when stopping AP MLD in hostapd
There is an issue when starting a non-MLD AP on the same interface that
previous operated as an AP MLD. When the previous AP MLD got stopped,
links were not removed when using hostapd. Next non-MLD AP will fail to
start because some nl80211 operations still require link id (e.g., set
freq).

Remove links when AP MLD is stop to avoid such issue. This was already
done in the deinit_ap() handler when using wpa_supplicant, but hostapd
needs to do same.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-11-26 17:05:59 +02:00
Ilan Peer
50526415cb tests: Test GTK rekey in test_eht_mld_link_removal()
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2023-11-26 17:01:30 +02:00
Ilan Peer
780e72cc14 AP MLD: Do not include empty MLO KDEs
Do include group MLO KDEs for links for which the information is
missing.

In addition, set the KDE buffer length based on the added data.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2023-11-26 17:01:02 +02:00
Ilan Peer
ecd9ea0c8a AP MLD: Do not access WPA authenticator object if not valid
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2023-11-26 16:56:18 +02:00
Ilan Peer
21e8fcc807 nl80211: Add support for handling MLO removed links
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2023-11-26 13:42:43 +02:00
Ilan Peer
782d897e3c tests: Verify link removal (MLO)
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2023-11-26 13:25:57 +02:00
Ilan Peer
2a6d094278 tests: Add validation of number of valid and active links for MLO
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2023-11-26 13:03:55 +02:00
Benjamin Berg
cd79d834bf trace: Add TEST_FAIL_TAG macro to allow more narrow matching
The tag is inserted as the first item in the stack trace, making it
trivial to match against it from the test.

Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
2023-11-26 13:00:45 +02:00
Benjamin Berg
a5d5b63d61 tests: Allow specifying multiple failure locations
Having the ability to trigger multiple failures in one test can be
useful. Add support to the test infrastructure to do this.

Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
2023-11-26 12:56:03 +02:00
Benjamin Berg
781e87c418 trace: Allow multiple failures in one test
Refactor the backtrace matching a bit in order to allow triggering
multiple failures in one test.

Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
2023-11-26 12:47:40 +02:00
Benjamin Berg
e62d351ce7 trace: Document function pattern prefixes
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
2023-11-26 12:45:12 +02:00
Benjamin Berg
5545d995b3 trace: Share common implementation for TEST_FAIL and TEST_ALLOC_FAIL
Get rid of more or less duplicated implementation of backtrace matching
for the two testing failure cases.

Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
2023-11-26 12:40:11 +02:00
Benjamin Berg
7d901dc7e7 trace: Use an array of skipped function names
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
2023-11-26 12:14:04 +02:00
Benjamin Berg
e9bdecce4d Share TEST_FAIL/TEST_ALLOC_FAIL/GET_FAIL/GET_ALLOC_FAIL handler
Move the hostapd and wpa_supplicant control interface handlers into a
shared functions instead of duplicated implementation.

Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
2023-11-26 12:03:47 +02:00
Benjamin Berg
85c96b7cf7 tests: Fix some incorrect failure waiting calls
These were either sending the command to the wrong
hostapd/wpa_supplicant instance or using the wrong command. This
currently causes the wait to just immediately stop, but with future
commits it would start failing.

Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
2023-11-26 11:26:50 +02:00
Benjamin Berg
6f2289b6b4 tests: Avoid exception string matching for failures
Future commits change the related code and exception string. Avoiding
using the context is easy here and actually avoids two layers of
nesting.

Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
2023-11-26 11:24:00 +02:00
Andrei Otcheretianski
2c89ca9223 wpa_supplicant: Use wpa_msg() in bssid_ignore.c
This allows to use the messages for testing.

Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2023-11-26 10:53:15 +02:00
Andrei Otcheretianski
6fc2d1357d AP: Get rid of wpa_auth_pmksa_add3()
Simply pass another parameter to wpa_auth_pmksa_add2() instead.

Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2023-11-26 00:06:50 +02:00
Ilan Peer
e996704201 AP: Handle re-association from a non-AP MLD
When processing a (Re)Association Request frame and no corresponding
station is found, try to find the station using the station MLD MAC
address from the Basic ML element, as it is possible that the station
is trying to re-associate but with a different link address (in such
a case the underlying driver would not perform address translations).

When sending the (Re)Association Response frame, use the addresses from
the (Re)Association Request frame and not the AP MLD MAC address, again,
to avoid the address translation done in the driver.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2023-11-26 00:05:51 +02:00
Ilan Peer
a18f8ee0f5 AP MLD: Use MLD MAC address for SA query and response when needed
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2023-11-25 21:52:23 +02:00
Benjamin Berg
b9c81e2005 MLD: Use MLD MAC address for deauthentication
When connecting, pending_bssid is set to the main link that we are
authenticating/associating on. Later on, the MLD MAC address will be
stored in the bssid, but we may also try to deauthenticate before we are
connected and in that case, pending_bssid is not yet set to the MLD MAC
address.

As such, use the ap_mld_addr instead of pending_bssid if n_mld_links is
non-zero. This is the sensible thing to do and expected behavior on
nl80211.

Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2023-11-25 21:49:06 +02:00
Andrei Otcheretianski
f60287e6c9 AP: Avoid setting same MLD and link address
For AP MLD, when BSSID configuration is specified without mld_addr, the
first link address is used as the MLD MAC address as well. Though IEEE
P802.11be allows this, the current implementation and the kernel aren't
happy about it. Better avoid this.

Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2023-11-25 21:44:28 +02:00
Ilan Peer
e5917e2a5b scan: MLD: Include SSID in ML probe request
This improves chances with APs that do not reply to Probe Request frame
with short SSID or with direct BSSID.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2023-11-25 21:41:15 +02:00
Ilan Peer
b29ac99d52 scan: Include AP MLD ID in ML probe request if needed
According to IEEE P802.11be/D4.0, 35.3.4.2, the AP MLD ID must be
included in the Probe Request ML element in case it is sent to a
transmitted BSS in which case it should be set to 0. If it is sent to an
non-transmitted BSSID, the AP MLD ID should not be included.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2023-11-25 21:38:57 +02:00
Andrei Otcheretianski
d64ec94140 AP MLD: Don't include AP MLD ID in Beacon frames
IEEE P802.11be/D4.0, 9.4.2.312.2.3 states that the AP MLD ID should only
be included in some ML probe responses. Beacon frames shouldn't include
AP MLD ID.

Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2023-11-25 18:50:03 +02:00
Benjamin Berg
3bde811756 ML: Add basic handling of ML probe requests
This responds by simply embedding most of the IEs from the other links
into the ML element. This is not correct really, as inheritance rules
should be applied and an inheritance element may need to be added.

Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2023-11-25 18:47:44 +02:00
Benjamin Berg
ecb22ba12e AP: MLO: Add helper to iterate all links of an AP MLD
Add a simple for_each_mld_link helper that sets first variable to the
hapd data for every link. It takes the interfaces and MLD ID as
arguments and two extra integers as scratch variables (for the interface
and bss offsets).

Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
2023-11-25 18:30:57 +02:00
Benjamin Berg
db2bc0364f AP: Add parsing of ML probe requests
This adds the parsing of ML probe requests. Handling will be added by a
later commit.

Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2023-11-25 18:29:50 +02:00
Benjamin Berg
82453a3482 AP: Split Probe Response frame IE generation into a separate function
To support ML probe request we will need to include IEs from the other
hapd instances in the response. Split the function to allow just
generating the per-instance IEs separately.

Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2023-11-25 18:22:41 +02:00
Benjamin Berg
6b5e00a80e AP: Use a struct for Probe Response generation in/out params
This effectively moves setting the csa/ecsa/cca position to happen
only when a Probe Response template for offloading is generated.

One could probably avoid the global variable altogether, as the
value is immediately consumed into struct {csa,cca}_settings.

Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2023-11-25 18:10:18 +02:00
Benjamin Berg
3cd377eb54 MLD: Ignore failed links from association attempt
If for some reason association fails and a link which has an error is
reported, add that specific link to the ignore list. After that,
immediately retrigger the connection code. In the usual case, we are
then going to reconnect to the same AP MLD but with that particular link
not being included in the connection.

Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
2023-11-25 17:10:38 +02:00
Benjamin Berg
4a1cd7f545 nl80211: Report link specific association failures from the kernel
If a link specific error occured, mark the offending link within the
association parameters.

Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2023-11-25 17:06:52 +02:00