The number of nlctrl name resolution calls required to connect to a
WPA2-PSK AP is 12. And each nlctrl name resolution call spends 55 micro
seconds on a lower spec CPU like Intel Atom N270. Reduce the number of
nctrl name resolution calls from 12 to 1 by caching the results of nctrl
name resolution calls on int size memory to speed up the connection
process a little bit.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
Add support to receive and process SCS Response frames from the AP and
indicate the status to upper layers.
Signed-off-by: Vinita S. Maloo <vmaloo@codeaurora.org>
Add support for the 6 GHz frequencies using 40, 80, and 160 MHz
bandwidths in the AP mode ACS.
Signed-off-by: Pradeep Kumar Chitrapu <pradeepc@codeaurora.org>
Even though these enum definitions are currently identical, it is better
to explicitly map these bits to the kernel interface instead of using
the internal definition for this. This makes it much clearer that new
enum tdls_peer_capability value needs to be assigned in nl80211 before
they can be added into wpa_supplicant.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
If the maximum size of MAC ACL entries is large enough, the
configuration message may exceed the default buffer size of a netlink
message which is allocated with nlmsg_alloc(), and result in a failure
when putting the attributes into the message.
To fix this, calculate the required buffer size of the netlink message
according to MAC ACL size and allocate a sufficiently large buffer with
nlmsg_alloc_size().
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
It is better to be able to determine whether the airtime weight
configuration for a STA actually was accepted by the driver or not.
Signed-off-by: Jouni Malinen <j@w1.fi>
To allow for a PASN station to deauthenticate from an AP to clear any
PTKSA cache entry for it, extend the nl80211 interface to allow sending
a Deauthentication frame with off channel enabled.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Send a flag to the kernel when user has specified disable_he=1 in the
network configuration block. This extends the functionality added in
commit 7c8f540ee0 ("wpa_supplicant: Add HE override support") to cover
the cases that need kernel functionality.
Signed-off-by: Ben Greear <greearb@candelatech.com>
The nl_connect is initialized with the process_bss_event() handler.
However, it is used several times with the default valid handler. As a
result, if a message that is only valid for process_bss_event() is
received while the default handler is used, it will be dropped.
This has been observed in a case where during the 4-way handshake, a
Beacon frame is received on the AP side, which triggers a beacon update,
just before receiving the next EAPOL. When send_and_recv_msgs_owner() is
called for sending the NL80211_CMD_SET_BEACON command, the
NL80211_CMD_CONTROL_PORT_FRAME event is already pending. As a result, it
is received with the default handler, which drops it. Since the EAPOL
frame is dropped, the connection attempt fails.
Fix it by using the process_bss_event() handler when the nl_connect
handler is used.
Signed-off-by: Avraham Stern <avraham.stern@intel.com>
Use a helper function as the do_acs() callback to allow builds to pull
in all the vendor specific operations into a single binary.
Signed-off-by: Jouni Malinen <j@w1.fi>
BRCM vendor command used to trigger ACS scan. After ACS finished,
DHD driver will send results by event BRCM_VENDOR_EVENT_ACS.
Signed-off-by: Xinrui Sun <xinrui.sun@broadcom.com>
Previously nl80211_nlmsg_clear() would be called under a special
condition when valid_handler is NULL and valid_data is -1. Such API is
not very convenient as it forces the handler to be NULL. Change the
send_and_recv() function to always clear the nl_msg, which will simplify
all this logic.
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Unsolicited broadcast Probe Response transmission is used for in-band
discovery in the 6 GHz band (IEEE P802.11ax/D8.0 26.17.2.3.2, AP
behavior for fast passive scanning). Add support for configuring the
parameters for such frames.
Signed-off-by: Aloka Dixit <alokad@codeaurora.org>
nl80211_set_4addr_mode() could fail when trying to enable 4addr mode on
an interface that is in a bridge and has 4addr mode already enabled.
This operation would not have been necessary in the first place and this
failure results in disconnecting, e.g., when roaming from one backhaul
BSS to another BSS with Multi AP.
Avoid this issue by ignoring the nl80211 command failure in the case
where 4addr mode is being enabled while it has already been enabled.
Signed-off-by: Jouni Malinen <j@w1.fi>
The HE 6 GHz capability was not being sent to the kernel causing 6 GHz
support being unidentifiable in the kernel driver for added stations.
Signed-off-by: Pradeep Kumar Chitrapu <pradeepc@codeaurora.org>
Extend SPR element to support following fields and pass all
information to kernel for driver use.
* Non-SRG OBSS PD Max Offset
* SRG BSS Color Bitmap
* SRG Partial BSSID Bitmap
Signed-off-by: Rajkumar Manoharan <rmanohar@codeaurora.org>
Allow HE MCS rate to be used for beacon transmission when the driver
advertises the support. The rate is specified with a new beacon_rate
option "he:<HE MCS>" in hostapd configuration.
Signed-off-by: Rajkumar Manoharan <rmanohar@codeaurora.org>
Use the correct enum nl80211_band value when configuring the beacon rate
for the 6 GHz band.
Signed-off-by: Rajkumar Manoharan <rmanohar@codeaurora.org>
Add option 2 to the p2p_device_random_mac_addr configuration option to
support device drivers which use by default random MAC adresses when
creating a new P2P Device interface (for instance, the BCM2711 80211
wireless device driver included in Raspberry Pi 4 Model B). In such
case, this option allows to create the P2P Device interface correctly
when using P2P permanent groups, enabling wpa_supplicant to reuse the
same MAC address when re-invoking a P2P permanent group.
update_config=1 is required.
Signed-off-by: Ircama <amacri@tiscali.it>
There's no point in attempting to configure frame filters on
a P2P-Devices that doesn't even have a netdev (nor passes any
data traffic), that just results in error messages. Skip it.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
When wpa_supplicant sends NL80211_CMD_AUTHENTICATE to kernel, it is
possible that the cfg80211 in kernel has expired the BSS entry that
we are trying to auth with. Then cfg80211 will reject the auth cmd.
In this case, wpa_supplicant will trigger a single channel scan to
refresh cfg80211 BSS entry, and retry the auth when scan is finished.
When this case happens, wpa_supplicant makes a copy of auth params,
such as frequency, bssid, ssid, ie and so on. So when we retry auth,
the copy of these params will be used. The problem is, a param named
auth_data is missed when making the copy. The auth_data is used by
NL80211_ATTR_SAE_DATA which is a mandatory field for WPA3-SAE auth.
In WPA3-SAE case the auth retry will always fail because auth_data is
missing. This patch fixes the issue.
Signed-off-by: hongwang.li <hongwang.li@sonos.com>
NL80211_CMD_ROAM indication is scheduled via a kernel work queue, while
QCA_NL80211_VENDOR_SUBCMD_KEY_MGMT_ROAM_AUTH is a vendor event from the
driver. Thus, a race condition can exist wherein the vendor event is
received prior to the NL80211_CMD_ROAM indication.
The processing of this vendor event depends on the NL80211_CMD_ROAM
indication to update the roamed BSS/BSSID information and thus the out
of sequence processing of these events would result in not updating the
right BSS information.
This commit adds a workaround to hold the pending
QCA_NL80211_VENDOR_SUBCMD_KEY_MGMT_ROAM_AUTH event for up to 100 ms in
case NL80211_CMD_ROAM is not received first.
Signed-off-by: Purushottam Kushwaha <pkushwah@codeaurora.org>
Support possible band combinations of 2.4 GHz, 5 GHz, and 6 GHz with
QCA_WLAN_VENDOR_ATTR_SETBAND_MASK attribute. Ensure backwards
compatibility with old drivers that are using
QCA_WLAN_VENDOR_ATTR_SETBAND_VALUE attribute and supporting only 2.4 GHz
and 5 GHz bands.
Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
The kernel requires indication of DFS handler residing in user space
(NL80211_ATTR_HANDLE_DFS) to enable DFS channels.
Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>
mac80211 does not allow mgmt tx to use off channel on
DFS channels in non-ETSI domain, because it will invalidate
CAC result on current operating channel.
(mac80211 commit: 34373d12f3cbb74960a73431138ef619d857996f)
Hence don't set offchanok for mgmt tx in case of DFS channels
in non-ETSI.
Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>
Use NL80211_ATTR_SAE_PWE attribute to indicate the sae_pwe value
to the driver during the NL80211_CMD_START_AP and NL80211_CMD_CONNECT
in WPA3-Personal networks which are using SAE authentication.
Signed-off-by: Rohan Dutta <drohan@codeaurora.org>
The newer kernel versions enforce strict netlink attribute policy
validation and will cause cfg80211 to reject vendor commands with
NL80211_ATTR_VENDOR_DATA if NLA_F_NESTED attribute is not set but
if the vendor command is expecting nested data within
NL80211_ATTR_VENDOR_DATA attribute.
Most of the earlier instances were addressed by adding NLA_F_NESTED
flag in nla_nest_start(). This commit addresses the remaining
instance in which NL80211_ATTR_VENDOR_DATA is populated using data
set by user through the control interface.
Enhance the control interface VENDOR command to indicate whether the
vendor subcommand uses nested attributes within NL80211_ATTR_VENDOR_DATA
attribute or not.
Set NLA_F_NESTED flag for existing QCA vendor commands which use nested
attributes within the NL80211_ATTR_VENDOR_DATA attributes so that the
old frameworks implementations for already existing commands work
without any issues.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
When nlmsg allocation fails, nl80211_drv_msg() returns NULL and the call
to send_and_recv_msgs_owner() from nl80211_leave_ibss() could have ended
up dereferencing a NULL pointer. Fix this by make
send_and_recv_msgs_owner() more consistent with other send_and_recv*()
cases that check msg == NULL internally.
Fixes: 12ea7dee31 ("nl80211: Use nl80211 control port for receiving EAPOL frames")
Signed-off-by: Pooventhiran G <pooventh@codeaurora.org>
Add support to receive and process MSCS Response frames from the AP and
indicate the status to upper layers.
Signed-off-by: Vinita S. Maloo <vmaloo@codeaurora.org>
Use the "tmp_disallow" name more consistently so that both the core
wpa_supplicant functionality (struct wpa_bss_tmp_disallowed) and the
wpa_driver_ops callback have more similar names.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
The NL80211_ATTR_VLAN_ID attribute expects non-zero values, but vlan_id
with value 0 has been set in VLAN offload case. Due to this, station
connection failure is observed if the driver advertises VLAN_OFFLOAD
support:
nl80211: NL80211_ATTR_STA_VLAN (addr=8c:fd:f0:22:19:15 ifname=wlan0
vlan_id=0) failed: -34 (Result not representable)
wlan0: STA 8c:fd:f0:22:19:15 IEEE 802.11: could not bind the STA
entry to vlan_id=0
Fix this by setting only non-zero values.
Fixes: 0f903f37dc ("nl80211: VLAN offload support")
Signed-off-by: Seevalamuthu Mariappan <seevalam@codeaurora.org>
Check if nl80211 control port TX status is available in the kernel and
enable control port TX if so. With this feature, nl80211 control path is
able to provide the same feature set as nl80211 (management) + AF_PACKET
socket (control) before.
For debugging and testing, this can explicitly be disabled with
the driver parameter control_port_ap=0.
Signed-off-by: Markus Theil <markus.theil@tu-ilmenau.de>
The kernel commit "mac80211: support control port TX status reporting"
seems to be delivering the TX status events for EAPOL frames over
control port using NL80211_CMD_FRAME_TX_STATUS due to incorrect check on
whether the frame is a Management or Data frame. Use the pending cookie
value from EAPOL TX operation to detect this incorrect behavior and
redirect the event internally to allow it to be used to get full TX
control port functionality available for AP mode.
Signed-off-by: Jouni Malinen <j@w1.fi>
Allow custom ack handler to be registered and use the ext ack handler
for TX control port to fetch the cookie information. If these cookies
are not supported by the current kernel, a value of 0 is returned.
Signed-off-by: Markus Theil <markus.theil@tu-ilmenau.de>
This is a preliminary patch for using extack cookies for TX control port
handling. Custom ack handler arguments for send_and_recv() and friends
is introduced therefore. This commit does not actually use the provided
values, i.e., that will be added in a separate commit.
Signed-off-by: Markus Theil <markus.theil@tu-ilmenau.de>
wpa_supplicant registered to process the Radio Measurement Request
frames unconditionally. This would prevent other location based
applications from handling these frames. Enable such a use case by
allowing wpa_supplicant to be configured not to register to process
these frames. This can now be done by adding "no_rrm=1" to the
driver_param configuration parameter.
In addition, wpa_driver_nl80211_init() does not have the provision to
take driver_params. Hence, resubscribe again with cfg80211 when this
driver parameter "no_rrm=1" is set after the initial setup steps.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Use a shared wpa_alg_bip() function for this and fix the case in
nl_add_key() to cover all BIP algorithms. That fix does not change any
behavior since the function is not currently used with any BIP
algorithm, but it is better to avoid surprises should it ever be needed
with IGTK.
Signed-off-by: Jouni Malinen <j@w1.fi>
IGTK is the key that is used a BIP cipher. WPA_ALG_IGTK was the
historical name used for this enum value when only the AES-128-CMAC
based BIP algorithm was supported. Rename this to match the style used
with the other BIP options.
Signed-off-by: Jouni Malinen <j@w1.fi>
Commit dd74ddd0df ("nl80211: Handle AKM suite selectors for AP
configuration") added warning log message "nl80211: Not enough room for
all AKM suites (num_suites=X > NL80211_MAX_NR_AKM_SUITES)" which in some
cases fills logs every 3 seconds, so fix this by increasing the log
message level to debug.
Reported-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
Ref: https://patchwork.ozlabs.org/project/openwrt/patch/20200504130757.12736-1-ynezz@true.cz/#2429246
Fixes: dd74ddd0df ("nl80211: Handle AKM suite selectors for AP configuration")
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Tested-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
Linux bridging code does not allow a station mode WLAN interface in a
bridge and this prevents the AP mode scan workaround from working if the
AP interface is in a bridge and scanning can be only done by moving to
STA mode. Extend this workaround to remove the interface from the bridge
temporarily for the duration of the scan, i.e., for the same duration as
the interface needs to be moved into the station.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
When hostapd is started without beaconing (start_disabled=1), Public
Action frame transmission command through nl80211 needs to allow
offchannel operations regardless of the operating channel configuration.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
The driver can advertise supported AKMs per wiphy and/or per interface.
Populate per interface supported AKMs based on the driver advertisement
in the following order of preference:
1. AKM suites advertised by NL80211_ATTR_IFTYPE_AKM_SUITES
2. AKM suites advertised by NL80211_ATTR_AKM_SUITES
If neither of these is available:
3. AKMs support is assumed as per legacy behavior.
In addition, extend other driver interface wrappers to set the
per-interface values based on the global capability indication.
Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
