The nl80211 driver interface function mlme_event_mgmt_tx_status(),
filled in link_id only if the frame was the last transmitted on the
whole drv (driver) level. With co-hosted MLDs, there could be cases
where multiple frames are sent out by various interfaces (BSS) under the
same drv. Now while handling the TX status, only one interface will get
the proper link_id. Rest will get -1 and the event will be routed to the
first BSS always. If the frame was not sent from the first BSS this
leads to possibility of the frame getting dropped.
Hence to make the underlying link identification easier, modify
authentication and association frames to be always sent with the link
address as A1 and A3 for ease of TX status handling.
Signed-off-by: Sriram R <quic_srirrama@quicinc.com>
Signed-off-by: Aditya Kumar Singh <quic_adisi@quicinc.com>
If authentication fails repeatedly, e.g., because of a weak signal, the
link can end up in blocked state. If one of the nodes tries to establish
a link again before it is unblocked on the other side, it will block the
link to that other side. The same happens on the other side when it
unblocks the link. In that scenario, the link never recovers on its own.
To fix this, allow restarting authentication even if the link is in
blocked state, but don't initiate the attempt until the blocked period
is over. This reverts commit 09d96de09e ("mesh: Drop Authentication
frames from BLOCKED STA").
Signed-off-by: Felix Fietkau <nbd@nbd.name>
When one link is still under CAC or disabled, peer links should not
carry the information of this link in the RNR elements.
With this change, the RNR element will be included only if a peer link
is in HAPD_IFACE_ENABLED state.
Signed-off-by: Chenming Huang <quic_chenhuan@quicinc.com>
Modules that use libpasn for PASN authentication need the context of
PASN data. PASN data is a common context for the library and the modules
using it. Hence, initialize the context through init and deinit
functions. Also use set and get functions to update the parameters.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Add the Extended Capabilities element for a non-TX BSS into the non-TX
BSSID profile subelement in the Multiple BSSID element if the non-TX BSS
has different extended capabilities than the TX BSS.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
MLD level structure is present to store the MLD level information.
Add changes to use the MLD structure instead of link specific struct
hostapd_data to get/set the MLD level information.
Signed-off-by: Aditya Kumar Singh <quic_adisi@quicinc.com>
mld_id was provided as a user configuration to identify partner BSS
belonging to the same AP MLD. The same id is used at the protocol level
also to indicate the AP MLD ID of the MLD.
But, in general mld_id is a relative reference of the MLD where 0 is
used as the mld_id to represent the self MLD and in case of MLO MBSSID
mld_id of a non transmitted BSS affiliated to an AP MLD is based on the
relative BSS index of the non transmitted BSS from the transmitted BSS.
Hence mld_id need not be fetched from users, rather it can be identified
wherever required.
To verify if the partners belong to the same AP MLD the interface name
can be checked, since all link BSS partners of the same AP MLD belong to
the same interface.
Hence, remove use of mld_id user config and instead introduce two
functions hostapd_is_ml_partner() and hostapd_get_mld_id(). The former
is used to verify whether partners belong to the same AP MLD and the
latter is used to get the MLD ID of the BSS.
Signed-off-by: Sriram R <quic_srirrama@quicinc.com>
Signed-off-by: Aditya Kumar Singh <quic_adisi@quicinc.com>
Add support to fill "multi_ap_vlanid" info to the hostapd config file.
Add the Multi-AP Default 802.1Q Setting subelement into Multi-AP element
generating and parsing.
Signed-off-by: Manoj Sekar <quic_sekar@quicinc.com>
Add a new config option "multi_ap_client_disallow" to control allowing
backhaul STA with certain profiles alone to associate. This is done to
adhere to Wi-Fi EasyMesh specification which defined rules to
allow/disallow association of backhaul STA of certain profiles.
Signed-off-by: Manoj Sekar <quic_sekar@quicinc.com>
Allow both hostapd and wpa_supplicant to be configured with the
supported Multi-AP profile. The configured value will be advertised in
the Multi-AP element.
Signed-off-by: Manoj Sekar <quic_sekar@quicinc.com>
This makes it more convenient to handle extensions to the element and
allows code to be shared between hostapd and wpa_supplicant.
Signed-off-by: Manoj Sekar <quic_sekar@quicinc.com>
Replace the hardcoded buffer length with the actually number of
remaining bytes on the buffer. This is needed to be able to do real
buffer size validation within add_multi_ap_ie().
Furthermore, make hostapd_eid_multi_ap() static since it is not used
outside this file.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Once the non-AP MLD is added to the driver, the driver handles the
address translation so that hostapd receives Management frames with
SA/DA being translated into MLD MAC addresses.
If the Authentication frmae is retransmitted with transaction being 1,
SA of the retransmitted Authentication frame is translated into the MLD
MAC address by the driver, and then in the function handle_auth(),
sta->mld_info.links[].peer_addr would be replaced by the MLD MAC address
even though it is supposed to be the link address.
Therefore, update the MLD information only when the STA has not yet been
added into the driver to avoid replacing the previously determined link
address with the MLD MAC address.
Fixes: bcbe80a66 ("AP: MLO: Handle Multi-Link element during authentication")
Signed-off-by: Michael-CY Lee <michael-cy.lee@mediatek.com>
Add hostapd support for interacting with the NAN discovery engine to
allow single-channel (i.e., the AP's operating channel) USD as Publisher
or Subscriber.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
The standard is somewhat unclear on whether the PMKIDs used in
(Re)Association Request frame (i.e., potential PMKIDs that could be used
for PMKSA caching during the initial mobility domain association) are to
be retained or removed when generating EAPOL-Key msg 2/4.
wpa_supplicant has replaced the PMKID List contents from (Re)Association
Request frame with PMKR1Name when generating EAPOL-Key msg 2/4 for FT.
Allow it to be configured (ft_prepend_pmkid=1) to prepend the PMKR1Name
without removing the PMKIDs from (Re)Association Request frame.
Signed-off-by: Jouni Malinen <j@w1.fi>
When association is handled in hostapd, a non-AP MLD's info is stored in
all valid links. This should be the same when SME is offloaded to the
driver.
Also skip some operations that are already done by the driver
when SME is offloaded.
Signed-off-by: Chenming Huang <quic_chenhuan@quicinc.com>
Currently, AID is not allocated properly in hostapd for legacy non-MLD
STA in case of an AP MLD. All such stations have same AID.
Fix this issue by allocating AID properly in hostapd when operating as
an AP MLD and the STA is not an MLD.
Fixes: d924be3bd0 ("AP: AID allocation for MLD")
Signed-off-by: Harish Rachakonda <quic_rachakon@quicinc.com>
Replace the fixed length maximum buffer size for STA profile with
dynamically allocated buffers for active links. This reduces struct
mld_link_info size by almost 16 kB and drops the per-STA information in
struct sta_info to a more reasonable size to avoid the almost 10x
increase from MLO support.
In addition, free the resp_sta_profile buffers as soon as the ML element
has bee generated for (Re)Association Response frame since those buffers
are not needed after that.
Signed-off-by: Jouni Malinen <j@w1.fi>
This was done with spatch using the following semantic patch and minor
manual edits to clean up coding style and avoid compiler warnings in
driver_wext.c:
@@
expression a,b;
@@
- os_memcmp(a, b, ETH_ALEN) == 0
+ ether_addr_equal(a, b)
@@
expression a,b;
@@
- os_memcmp(a, b, ETH_ALEN) != 0
+ !ether_addr_equal(a, b)
@@
expression a,b;
@@
- !os_memcmp(a, b, ETH_ALEN)
+ ether_addr_equal(a, b)
Signed-off-by: Jouni Malinen <j@w1.fi>
If CONFIG_FILS isn't set, the compiler complains about unused variables.
Fix it.
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
If the station is not an MLO station do not attempt to find the
association station and return false in the ML specific disconnection
processing.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Set the current value instead of hardcoded 1.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Invert the check on hapd->conf->mld_ap on the affiliated links to
actually call the link specific callback handler. This is needed to set
the STA associated.
Fixes: 55038680a6 ("AP: MLO: Handle association callback")
Signed-off-by: Jouni Malinen <j@w1.fi>
The change to use a helper function for checking he_6ghz_reg_pwr_type
missed the difference between two types of checks for different values:
indoor AP vs. SP AP. Fix this by introducing another helper function to
cover the indoor (i.e., SP and non-SP indoor cases).
Fixes: 121ccadeb4 ("AP: A helper function for determining whether the AP is an SP AP")
Signed-off-by: Jouni Malinen <j@w1.fi>
If the regulatory client EIRP PSD values advertised by an AP that is a
standard power AP or indoor standard power AP are insufficient to ensure
that regulatory client limits on total EIRP are always met for all
transmission bandwidths within the bandwidth of the AP’s BSS, the AP
shall also send a TPE element in Beacon and Probe Response frames as
that depicts the regulatory client EIRP limit.
Add support for this.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
According to IEEE P802.11-REVme/D4.0, E.2.7 (6 GHz band), two Transmit
Power Envelope (TPE) elements need to be included by Indoor Standard
Power (Indoor SP) APs. Extend the code to support this.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
According to IEEE P802.11-REVme/D4.0, 9.4.2.169.2 (Neighbor AP
Information field), the 20 MHz PSD subfield in the TBTT Information
field is a signed value with valid range of -127 to +126, while +127
indicates "no maximum transmit power is specified". Fix the default
value advertised.
Fixes: 3db24e4eef ("RNR: Define element format")
Fixes: a7c152d6b8 ("RNR: Add data from neighbor database")
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Add configuration options for setting the Tx Power value
in the Transmit Power Envelope for 6 GHz:
- The Tx power value for default client where the transmit
power interpretation is "Regulatory Client EIRP PSD"
- The Tx power value for subordinate client where the transmit
power interpretation is "Regulatory Client EIRP PSD"
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Update the HE regulatory information AP types based on IEEE
P802.11-REVme/D4.0. Set the default AP type to VLP. Check for valid
values when setting 'he_6ghz_reg_pwr_type' in the interface
configuration.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
In cases of SAE failure and testing, mgmt->sa was used for sending the
Authentication frame. Fix these to use the station address (which is
the MLD MAC address in cases of non-AP MLDs).
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Add a testing configuration such that the AP would be reported as
disabled in the RNR TBTT information MLD parameters included by other
affiliated APs of the AP MLD.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Reorder the Element ID List to fill in the values in increasing order to
match the way the Element ID List is defined.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Currently while deciding to create a new Multiple BSSID element based on
the condition when the length reaches 255, the length value being used
is the total element length (including the length of the Element ID and
Length fields as well). However, the value in the length field denotes
the number of octets following it and excluding itself. Hence including
the total length is wrong. This leads to incorrect count of Multiple
BSSID elements.
And while filling the data, the length is considered porperly as it
should be hence we are filling more data in a single go and all data is
filled in MBSSID count which is less than originally calculated. This
ultimately leads to incorrect length calculation during nla_put() and
setting the beacon to the driver fails while putting the Multiple BSSID
element data into the netlink socket buffer.
Fix this issue by considering the length excluding the Element ID and
Length field sizes.
Signed-off-by: Aditya Kumar Singh <quic_adisi@quicinc.com>
This function is both updating the hostapd-internal sta->flags value and
sending out the AP-STA-CONNECTED control interface message. When
authorizing a STA, the call to this function is followed by a driver
command to update the flags of the STA entry in the driver. That has a
race condition at least for UML time-travel since the AP-STA-CONNECTED
event is used as a message to wait for before running a connectivity
test or some other operation that depends on the data connection being
in working condition.
Split the function into two steps so that the driver STA entry update
can be done between those two steps for the cases where it matters for
the race condition. In other words, send the AP-STA-CONNECTED message
only after having authorized the STA in the driver.
Signed-off-by: Jouni Malinen <j@w1.fi>
Verify that sta is not NULL before calling
hostapd_process_assoc_ml_info() that references this parameter. In
theory, sta might be NULL here if addition of the STA entry failed in
the 60 GHz case.
Signed-off-by: Jouni Malinen <j@w1.fi>
Remove a spurious \tab char in hostapd_eid_rnr() between arguments to a
function.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
In case the TBTT information is reporting about an AP in the same AP MLD
as the current AP, the AP MLD ID in the MLD Parameters subfield should
be set to 0.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Removing radio measurements and supported operating class indication
might be needed to reduce binary size for a memory constrained system
that does not need more advanced features. However, removing these is
not recommended since they can help the AP manage the network and STA
steering.
By default this functionality is enabled.
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
When processing a (Re)Association Request frame and no corresponding
station is found, try to find the station using the station MLD MAC
address from the Basic ML element, as it is possible that the station
is trying to re-associate but with a different link address (in such
a case the underlying driver would not perform address translations).
When sending the (Re)Association Response frame, use the addresses from
the (Re)Association Request frame and not the AP MLD MAC address, again,
to avoid the address translation done in the driver.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
