Some of the information elements added in IEEE Std 802.11ax-2013 for VHT
purposes have since then been taken into use for other cases and renamed
to remove the "VHT" prefix in the standard. Update the defines for those
elements in the implementation to match the names used in the current
standard.
hostapd: Support channel switch to 320 MHz channels
Add validatation of center frequency, and filling of appropriate
bandwidth in the channel switch wrapper when the channel switch is done
to a 320 MHz channel.
Use the op_class configuration to determine whether to select the 5 GHz
or 6 GHz mode for ACS. Without this, the first mode (5 GHz in most
cases) would have been selected regardless of the op_class value.
Fix 40 MHz channel bringup with ACS on the 6 GHz band
When AP is brought up in HE40/EHT40 with ACS, the AP comes up with 20
MHz bandwidth. It is expected to come up with 40 MHz bandwidth.
conf->secondary_channel does not hold the correct value and it leads to
choosing 20 MHz in hostapd_set_freq_params(). conf->secondary_channel is
filled using the hostapd config he_oper_centr_freq_seg0_idx. When AP is
configured to use ACS, the hostapd config he_oper_centr_freq_seg0_idx is
not valid as the channel is not known during bring up. So using the
config he_oper_centr_freq_seg0_idx to fill the conf->secondary_channel
does not work with ACS.
Use op_class to determine the bandwidth and based on the bandwidth fill
the conf->secondary_channel to address this ACS case.
Signed-off-by: Hari Chandrakanthan <quic_haric@quicinc.com>
Allow MLO disabled connection to legacy open/WPA2-Personal-only AP MLDs
wpa_supplicant was skipping MLD APs from network selection when the AP
advertise legacy open, WPA2-Personal-only (PSK without SAE), or PMF
disabled. However, there are already some early Wi-Fi 7 APs in the
market which advertise legacy open, WPA2-Personal-only, or PMF disabled
even though these combinations are unlikely to be allowed for Wi-Fi 7 in
the end.
To avoid connectivity issues with such APs, allow stations to connect
with MLO disabled when an AP MLD is detected to advertise legacy open,
WPA2-Personal-only (PSK without SAE), or PMF disabled.
This reverts commit 7d8b96dcfdbb ("wpa_supplicant: Apply same
restrictions for MLD as for 6 GHz BSS") except WEP and TKIP checks,
i.e., AP MLDs which advertise only WEP or TKIP are still skipped from
network selection.
For the SME-in-wpa_supplicant case, skip configuring MLD parameters to
the driver if the STA can connect only in legacy open,
WPA2-Personal-only, or PMF disabled mode. For the SME-in-driver case, it
is the driver's responsibility to initiate connection with MLO disabled
with such APs.
Update AP RSNE/RSNXE to RSN state machine on driver-selected BSS cases
The driver-initiated BSS selection case and the "Network configuration
found for the current AP" case ended up clearing the RSN state machine
information on AP RSNE/RSNXE. That could result in incorrect behavior if
some key management operations depended on accurate information. For
example, this could result in not deriving the KDK as part of the PTK
derivation and failing to complete 4-way handshake if both the AP and
the STA indicated support for Secure LTF.
If the scan results for the selected BSS are available, use those to
update the RSN state machine AP RSNE/RSNXE similarly to the way this is
done with wpa_supplicant selects the BSS instead of clearing that
information in the RSN state machine.
tests: KDK derivation based on Secure LTF capability
This adds more production-like testing coverage for KDK derivation. Both
SAE and OWE transition mode are covered. The latter has some corner
cases that did not work correctly previously.
OWE: Update transition mode information on selecting a new BSS
It is possible for a new BSS entry to be added for the
hidden-SSID-OWE-BSS when running a new scan after having previously
learned the hidden SSID during a previous OWE connection attempt. That
new entry would not necessarily have the WPA_BSS_OWE_TRANSITION flag set
and that would result in not being able to recognize the appropriate OWE
profile when checking the association event against the transition mode
configuration.
Fix this by updating the BSS entry for OWE transition mode information
for the cases where this might happen.
Fix determining mode for 6 GHz band when using hw_mode=any
When 6 GHz band is specified and hw_mode parameter is set to any,
hostapd_determine_mode() may determine the wrong mode because there are
two hw modes (5 GHz and 6 GHz) with HOSTAPD_MODE_IEEE80211A. This will
cause 6 GHz AP to fail to start. Fix this by adding a check similar to
the changes in commit 99cd453720d6 ("hw_feature: Correctly select mode
in case of the 6 GHz band") into hostapd_determine_mode().
Add support to fetch link layer stats per MLO link
IEEE 802.11be enables multiple links between STA and AP. Each of the
link has its own set of statistics. Add additional attributes required
to fetch link layer statistics per MLO link.
For MLO connection, per MLO link statistics will be sent with the new
attribute QCA_WLAN_VENDOR_ATTR_LL_STATS_MLO_LINK. Also, cumulative
statistics of all the MLO links will be sent outside
QCA_WLAN_VENDOR_ATTR_LL_STATS_MLO_LINK to be compatible with legacy user
space.
For non-MLO connection, the statistics will be sent without being nested
inside QCA_WLAN_VENDOR_ATTR_LL_STATS_MLO_LINK attribute.
Fix vendor attribute numbering and relocate attribute accordingly
The attributes QCA_WLAN_VENDOR_ATTR_LL_STATS_PAD and
QCA_WLAN_VENDOR_ATTR_LL_STATS_IFACE_NF_CAL_VAL were allocated the same
attribute number in error. QCA_WLAN_VENDOR_ATTR_LL_STATS_PAD attribute
is known to not be used; thus, it is safe to be renumbered.
Chunquan Luo [Wed, 19 Apr 2023 11:28:06 +0000 (04:28 -0700)]
Add a vendor specific roam status of background scan abort
When user space triggers a scan, the firmware aborts background scan,
and uses the roam status QCA_ROAM_FAIL_REASON_CURR_AP_STILL_OK instead
of "Invalid roam failures reason".
Signed-off-by: Chunquan Luo <quic_chunquan@quicinc.com>
MLD STA: Do not fail on unknown IEs in Authentication frames
Fail MLD address validation only if Authentication frames IE parsing
actually failed, i.e., ignore all unknown IEs.
This is needed to avoid authentication failure when the Authentication
frames include IEs which are not handled by ieee802_11_parse_elems(),
e.g., AKM Suite Selector IE.
Xin Deng [Tue, 11 Apr 2023 10:24:58 +0000 (18:24 +0800)]
hostapd: Restore the flow of set beacon and WPA key init
hostapd start AP flow changed in commit 931e5d4f9e2e. However, that
could cause a regression in a legacy AP driver where the set key
operation for GTK, IGTK, and BIGTK before AP start (set beacon) would
cause the driver to ignore the key set command. Restore the flow of the
set beacon and WPA key init operations to make sure drivers can receive
and set group keys correctly.
Fixes: 931e5d4f9e2e ("mbssid: Configure all BSSes before beacon setup") Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Export wpa_supplicant config item 'he' for external configuration
Export the "he" network profile item to be configurable from external
client side, like wpa_cli or NetworkManager. This follows the earlier
changes to allow the previously internal-only parameter (e.g., vht) to
be used for additional purposes for AP mode.
Allowed frequency list configuration for AP operation
Add support to configure the allowed frequency list for AP operation
using a QCA vendor interface before NL80211_CMD_NEW_BEACON/
NL80211_CMD_START_AP. hostapd generates the allowed frequency list by
intersecting user configured frequency list and all the frequencies
advertised by the driver including disabled channels. If user doesn't
specify allowed frequency list, all the frequencies advertised by the
driver, including disabled channels, will be configured.
At least some of the previous versions have expired, so need to re-sign
these to avoid EAP test case failures. This contains updates from
running tests/hwsim/auth_server/update.sh.
WMM: Advertise support for 16 PTKSA replay counters for non-AP STA
In theory, each device that supports WMM (or the IEEE 802.11 QoS for
that matter) is expected to advertise how many replay counters it
supports and the peer device is supposed to use that information to
restrict the total number of different MSDU priorities (AC/UP) that
might be used. In practice, this is not really done in deployed devices
and instead, it is just assumed that everyone supports the eight
different replay counters so that there is no need to restrict which
MSDU priorities can be used.
hostapd implementation of WMM has advertised support for 16 PTKSA replay
counters from the beginning while wpa_supplicant has not had any code
for setting the supported replay counter fields in RSNE, i.e., has left
the value to 0 which implies that only a single replay counter is
supported. While this does not really result in any real issues with
deployed devices, this is not really correct behavior based on the
current IEEE 802.11 standard and the WMM specification.
Update wpa_supplicant to use similar design to the hostapd RSNE
generation by setting the number of supported PTKSA replay counters to
16 whenever WMM is enabled. For now, this is done based on the
association being for HT/VHT/HE/EHT and also based on the AP supporting
WMM since it is much more likely for the local device to support WMM and
eight replay counters (which can be indicated only with the value that
implies support for 16 counters since there is no separate value for 8).
Aloka Dixit [Tue, 4 Apr 2023 17:59:00 +0000 (10:59 -0700)]
nl80211: Support for RNR elements
Add new nested netlink attribute, NL80211_ATTR_EMA_RNR_ELEMS, to send
the reduced neighbor report (RNR) elements to the driver when EMA is
enabled. This attribute includes the count of RNR elements and data at
each index. While generating EMA beacons, the driver will include RNR
group at a given index along with MBSSID group. The last element, if
present, has RNR data common for all EMA beacons such as neighbor APs.
Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
Aloka Dixit [Tue, 4 Apr 2023 17:58:59 +0000 (10:58 -0700)]
RNR: Add elements by default for EMA AP
As per IEEE Std 802.11ax-2021, 11.1.3.8.3 Discovery of
a nontransmitted BSSID profile, an EMA AP that transmits a Beacon
frame carrying a partial list of nontransmitted BSSID profiles
should include in the frame a Reduced Neighbor Report element
carrying information for at least the nontransmitted BSSIDs that
are not present in the Multiple BSSID element carried in that frame.
Add this support by splitting the reduced neighbor report (RNR) in as
many elements as the number of multiple BSSID elements. Each RNR element
excludes the non-transmitting profiles already included in the MBSSID
element at the same index. If present, the last additional group will
have the data common for all EMA beacons such as neighbor AP information
gathered through neighbor reports.
The hwsim test case he_ap_ema demonstrates this support.
Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
Aloka Dixit [Tue, 4 Apr 2023 17:58:58 +0000 (10:58 -0700)]
RNR: Skip interfaces on the same radio for MBSSID
Do not include interfaces on the same radio in reduced neighbor
report elements (RNR) as multiple BSSID elements from the same
management frame already include these if MBSSID feature is enabled.
Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
Add QCA vendor attribute to configure list of allowed frequencies for AP
Define a new attribute QCA_WLAN_VENDOR_ATTR_CONFIG_AP_ALLOWED_FREQ_LIST
to configure the full list of allowed frequencies for the AP operation.
The configuration is valid only from the next BSS start until the BSS is
stopped. The drivers shall filter out channels on top of this list of
channels based on regulatory or other constraints. This can be used to
specify user's choice of frequencies, allowed list of channels with
static puncturing feature, etc.
Add 40 and 80 MHz channels 165 and 173 for 5 GHz IBSS/mesh
Add the channels 165 and 173 in allowed channels for ht40_plus. Also add
the allowed frequency 5825 (channel 165; channel center frequency index
171) for 80 MHz bandwidth.
Jouni Malinen [Wed, 29 Mar 2023 15:25:37 +0000 (18:25 +0300)]
6 GHz: Fix secondary channel setting
center_idx_to_bw_6ghz() does not return the bandwidth in MHz and as
such, the check here against 20 (MHz) is never true. The returned value
is greater than 0 for the over 20 MHz cases.
Fixes: 15742566fd7c ("6 GHz: Fix operating class in Supported Operating Classes element") Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Anilkumar Kolli [Mon, 13 Mar 2023 05:43:02 +0000 (11:13 +0530)]
Add 6 GHz channel validation during channel switching
The following command does not return FAIL, but it fails to update the
beacon since the center frequency used in the command is not valid for
80 MHz bandwidth.
Add condition check to validate the center frequency.
Also, if user doesn't provide HE parameter in the hostapd_cli
chan_switch command, by default HE should be enabled for 6 GHz
frequency range. This is because, 6 GHz does not support legacy
mode.
Set interface state as inactive if mesh bringup fails
The STATUS command showed the interface state as SCANNING even if mesh
bringup fails. This incorrect interface status can mislead
scripts/applications that rely on interface status to bring up different
type of virtual interfaces (AP/MESH) on a single radio.
Fix this by setting the interface status as INACTIVE if mesh bringup
fails.
Signed-off-by: Hari Chandrakanthan <quic_haric@quicinc.com>
Handle signal termination in hostapd_cli for all cases
hostapd_cli did not clean up the sockets and attachments to receive
hostapd events when SIGTERM was used to terminate it in action script
mode.
Do proper cleanup by convering the action script processing
functionality to use eloop similarly to the wpa_cli changes in commit 13f6f617eeca ("wpa_cli: Fix process termination in wpa_cli action mode
case") and by registering the process termination signal handler for all
cases instead of just for the interactive mode.
Signed-off-by: Sai Pratyusha Magam <quic_smagam@quicinc.com>
Jouni Malinen [Mon, 27 Mar 2023 14:26:41 +0000 (17:26 +0300)]
wlantest: MLO aware STA entry search for unprotected Data frames
Find a STA entry based on MLO affiliated link addresses for the case
where an unprotected Data frame is being processed. This extends the
changes in commit 228420e2d9a8 ("wlantest: Find a STA entry based on MLO
affiliated link addresses") to cover the unencrypted case. This is
needed in particular for the Null frames used for managing the power
save state to avoid generating duplicate STA entries that can mess up
key information for the following frames.
Aloka Dixit [Tue, 14 Mar 2023 04:59:23 +0000 (21:59 -0700)]
EHT: Configuration option for ACS puncturing threshold
Add a new option 'punct_acs_threshold' where the value indicates
the percentage of ideal channel average interference factor above
which a channel should be punctured. Default is set to 0 which disables
the puncturing for ACS.
Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
Muna Sinada [Tue, 14 Mar 2023 04:59:18 +0000 (21:59 -0700)]
EHT: Add puncturing bitmap to EHT Operation element
Add preamble puncturing bitmap to the EHT Operation element as per IEEE
P802.11be/D3.0, Figure 9-1002c (EHT Operation Information field format).
Bits set to 1 indicate that the subchannel is punctured, otherwise
active.
Aloka Dixit [Tue, 14 Mar 2023 04:59:17 +0000 (21:59 -0700)]
EHT: Downgrade bandwidths for VHT and HE when using puncturing
Legacy modes (VHT, HE) should advertise downgraded bandwidth if
RU puncturing is enabled in EHT mode. This is required for the legacy
stations which cannot parse the EHT Operation elements hence do not
support EHT RU puncturing.
Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com> Signed-off-by: Ramanathan Choodamani <quic_rchoodam@quicinc.com>
Aloka Dixit [Mon, 13 Mar 2023 09:11:25 +0000 (02:11 -0700)]
FILS: Fix maximum NSS calculation for FD frame
Maximum NSS calculation assumed the host to be little endian while
retrieving MCS values from HE capabilities which is incorrect. Use
WPA_GET_LE16() instead.
Add a check for HE as the current NSS calculation assumes HE support.
Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
Aloka Dixit [Mon, 13 Mar 2023 09:11:23 +0000 (02:11 -0700)]
FILS: Make HE a requirement for FILS discovery
FILS discovery frame generation currently assumes HE support for
calculating the number of spatial streams. Add a check to reject
the configuration if the feature is enabled without enabling HE.
Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
Pooventhiran G [Thu, 23 Feb 2023 16:43:50 +0000 (22:13 +0530)]
AP: Fix 6 GHz AP setup after disable-enable
Once ACS picks a channel, iface->freq and iface->conf->channel are
updated. So, AP comes up in the last operating channel when 'ENABLED'
after 'DISABLED' though ACS is configured.
But this will fail for 6 GHz APs since configured_fixed_chan_to_freq()
checks if iface->conf->channel is filled or not irrespective of ACS
configuration, and the checks inside configured_fixed_chan_to_freq()
fail the AP setup. Fix this by clearing iface->freq and
iface->conf->channel in AP setup for ACS configuration.
Fixes: bb781c763f47 ("AP: Populate iface->freq before starting AP") Signed-off-by: Pooventhiran G <quic_pooventh@quicinc.com>
Chenming Huang [Wed, 8 Mar 2023 07:39:22 +0000 (15:39 +0800)]
ml80211: Put wiphy idx to obtain correct country code
If wiphy idx not provided, kernel returns global reg domain when
processing NL80211_CMD_GET_REG. To obtain the correct country code for
the self-managed regulatory cases, put wiphy idx into nl_msg when
sending this command to kernel.
Jeff Johnson [Thu, 23 Feb 2023 01:13:24 +0000 (17:13 -0800)]
Define QCA vendor per-enum 64-bit pad attributes
When writing 64-bit attributes into the netlink buffer, senders may
add a padding attribute to allow the payload of the 64-bit attribute
to be 64-bit aligned. For QCA vendor attributes, currently the
attribute QCA_WLAN_VENDOR_ATTR_PAD in enum qca_wlan_vendor_attr is
defined for this purpose.
Unfortunately, when adding attributes to the netlink buffer, all
attributes at a given level of nesting must be defined in the same
enum so that they can be unambiguously parsed. This means that
QCA_WLAN_VENDOR_ATTR_PAD can only be used to pad 64-bit attributes
defined in enum qca_wlan_vendor_attr.
There are many other QCA vendor enums which define 64-bit attributes,
so add a pad attribute to all of them so that the 64-bit attributes
can be unambiguously padded.
Signed-off-by: Jeff Johnson <quic_jjohnson@quicinc.com>
When an in interface is added dynamically to hostapd with
HWSimRadio, it's not removed during device reset.
This requires to manually remove it, otherwise subsequent tests may
fail. Better do it during device reset.
Ilan Peer [Wed, 15 Feb 2023 23:08:50 +0000 (01:08 +0200)]
WPA_AUTH: MLO: Add functions to get the AA and SPA
As a preparation to use AP MLD address and non-AP MLD address
in the RSN Authenticator state machine, add utility functions to
get the current AA and SPA.
Signed-off-by: Ilan Peer <ilan.peer@intel.com> Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Ilan Peer [Wed, 15 Feb 2023 23:08:30 +0000 (01:08 +0200)]
AP: Split check_assoc_ies()
As a preparation for processing an association request with
ML element, split the function such that the elements checking
would be separate from parsing.
Signed-off-by: Ilan Peer <ilan.peer@intel.com> Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Ilan Peer [Wed, 15 Feb 2023 23:08:29 +0000 (01:08 +0200)]
common: Support parsing link specific association request
An association request in the context of an MLO connection can
contain an ML element that holds the per station profile for
the additional links negotiated. To support this, add a function
to parse the per station profile.
Signed-off-by: Ilan Peer <ilan.peer@intel.com> Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Ilan Peer [Wed, 15 Feb 2023 23:08:27 +0000 (01:08 +0200)]
common: Split ieee8021_parse_elems()
As a preparation to parse management frames that include ML elements
with per station profiles, split the function to a helper function that
would not memset() the elements structure.
nl80211: AP MLD support for adding multi link stations
Multi link stations are represented in the kernel using a single
station with multiple links and the first ADD_STA command also
creates the first link. Subsequent links should be added with
LINK_ADD commands.
Implement this logic and provide the required MLD information per
station/link.
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Ilan Peer [Wed, 15 Feb 2023 23:08:16 +0000 (01:08 +0200)]
nl80211: Introduce and implement a callback to add an MLO link for AP MLD
Add a driver callback to add a link to an AP interface.
As the kernel removes all links on underline interface removal, there
is currently no need to support individual link removal.
Signed-off-by: Ilan Peer <ilan.peer@intel.com> Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Anthony Refuerzo [Thu, 23 Feb 2023 04:57:23 +0000 (20:57 -0800)]
AP: Add some bridge port attribute settings
"multicast_to_unicast" and "hairpin_mode" are usually set outside of
hostapd. However, DFS channel change events pull the BSS out of the
bridge causing these attributes to be lost. Make these settings tunable
within hostapd so they are retained after the BSS is brought up again.
Signed-off-by: Anthony Refuerzo <anthony96922@gmail.com>
Jouni Malinen [Wed, 1 Mar 2023 08:38:02 +0000 (10:38 +0200)]
nl80211: Make sure scan frequency debug buffer is NUL terminated
In theory, os_snprintf() could have filled the buffer to the end and
while the pos variable would not have been incremented beyond that,
there would not necessarily be a NUL termination at the end. Force the
array to end in NUL just in case.
Avraham Stern [Tue, 28 Feb 2023 11:10:01 +0000 (13:10 +0200)]
nl80211: Fix frequencies array boundary check for scanned frequencies
The number of frequencies is increased before the boundary check,
thus it should be allowed to be equal to the number of elements in
the array. Update the limit to allow the full array to be used.
In addition, add the missing byte for the NULL terminator for the debug
print to be able to fit all values (assuming they are <= 9999 MHz).
Jouni Malinen [Thu, 23 Feb 2023 14:44:38 +0000 (16:44 +0200)]
EST: Write the RSA private key using the standard PRIVATE KEY format
The routines used for using raw RSA keys directly have been deprecated
in OpenSSL 3.0. There should be no particular need to use the "RSA
PRIVATE KEY" format, so replace this with the more common "PRIVATE KEY"
format that can be written without use of the deprecated functions.
Jouni Malinen [Thu, 23 Feb 2023 14:30:04 +0000 (16:30 +0200)]
webkit2: Avoid deprecated function call
webkit_web_context_set_tls_errors_policy() has been deprecated. Use its
replacement webkit_website_data_manager_set_tls_errors_policy() when
building against sufficiently recent version of webkit2.
Shivani Baranwal [Tue, 14 Feb 2023 12:11:01 +0000 (17:41 +0530)]
P2P: Filter out 6 GHz frequencies if not allowed for P2P connection
Add check to filter out 6 GHz frequencies from the local driver
frequency preference list when 6 GHz is not allowed for the P2P
connection. Earlier, 6 GHz frequency channels were included in the
preferred list if the p2p_6ghz_disable parameter was not set
irrespective of the allow_6ghz parameter.
Update PMK in wpa_sm when roam+auth event indicated with authorized flag
Currently, the PMK used by the driver is not updated to wpa_sm when
roaming is completed by the driver with the cached PMKSA and the
roam+auth event is indicated with the authorized flag.
To fix this, identify the PMKSA entry from the PMKID sent in
Reassociation Request frame and update the correct PMK to wpa_sm from
the PMKSA entry.
Avraham Stern [Mon, 2 Jan 2023 09:17:26 +0000 (11:17 +0200)]
nl80211: Replace the channel flags for VHT support
The flags that indicate that a channel is allowed for 80/160 MHz use
are divided according to the position of the control channel (e.g.,
HOSTAPD_CHAN_VHT_10_70, HOSTAPD_CHAN_VHT_30_50, etc.).
However, the position of the control channel does not add any extra
regulatory information because when trying to use a 80/160 MHz channel
all the desired bandwidth has to be allowed for 80/160 MHz use,
regardless of the control channel position.
In addition, these flags are set only if the driver reports one
regulatory rule that allows the entire 80/160 MHz bandwidth.
However, even when a 80/160 MHz channel is allowed, in some cases the
bandwidth will be split into several regulatory rules because
different segments of the bandwidth differ in other flags (that don't
affect the use of the bandwidth for VHT channels). So, in such cases
these flags will not be set, although VHT channels are allowed.
As the result, VHT channels will not be used although they are allowed
by the regulatory domain.
Fix this by introducing new flags that indicate if a 2 0MHz channel is
allowed to be used as a part of a wider (80/160 MHz) channel.
The new flags are set for each 20 MHz channel independently and thus
will be set even if the regulatory rules for the bandwidth are split.
A 80/160 MHz channel is allowed if all its 20 MHz sub-channels are
allowed for 80/160 MHz usage.
Signed-off-by: Avraham Stern <avraham.stern@intel.com> Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Jouni Malinen [Wed, 22 Feb 2023 15:07:07 +0000 (17:07 +0200)]
DPP: Allow both STA and AP configObject to be set
Extend @CONF-OBJ-SEP@ behavior to allow the second entry to be used for
different netRole. In other words, allow both the AP and STA netRole
(though, only a single one per netRole) configuration to be set.
Jouni Malinen [Wed, 22 Feb 2023 15:01:58 +0000 (17:01 +0200)]
DPP: Fix @CONF-OBJ-SEP@ parsing for multiple configs
The first call to dpp_configuration_parse_helper() was supposed to use
the separately prepared tmp string with only the first configuration
entry, but it ended up using the full string that included both
configuration entries. This could result in the first configObject
getting a mix of parameters from both entries.
Fix the parsing to use only the text before the @CONF-OBJ-SEP@ separator
for the first entry.
Fixes: 7eb06a33697f ("DPP2: Allow multiple Config Objects to be build on Configurator") Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Matthew Wang [Wed, 22 Feb 2023 00:46:16 +0000 (16:46 -0800)]
P2P: Optimize join scan frequency
Allow clients to specify the BSSID of an auto GO. If the auto GO has been
discovered on another interface, optimize scan frequency by performing
a single channel scan first. Android and ChromeOS use this to streamline
auto GO discovery.
Signed-off-by: Matthew Wang <matthewmwang@chromium.org>
Harshitha Prem [Wed, 22 Feb 2023 03:59:01 +0000 (09:29 +0530)]
nl80211: Add frequency info in start AP command
When ACS is configured in multiple BSS case, sometimes a virtual AP
interface does not come up as the channel context information between
different BSSs of the same band does not match.
Same behavior is observed in case of multiple band/hardware under a
single wiphy, when we bring up multiple virtual interface in various
bands simultaneously and the kernel maps a random channel as it has more
than one channel context, e.g., say a 2.4 GHz channel to a 5 GHz virtual
AP interface when the start AP command is sent. This is because the
frequency information is not present in the command.
Add the frequency information into the start AP netlink command so that
the kernel maps the appropriate channel context by parsing it instead of
using a previous set channel information.
Jouni Malinen [Tue, 21 Feb 2023 17:46:17 +0000 (19:46 +0200)]
tests: Make PASN checks for PTKSA_CACHE_LIST a bit more robust
It was apparently possible for the test script to fetch the
PTKSA_CACHE_LIST information from hostapd before the PASN message 3 had
been processed since only the event from wpa_supplicant related to
sending of that frame was explicitly waited for. Add a small wait to try
to avoid this race condition with UML time-travel.
Emeel Hakim [Tue, 14 Feb 2023 08:26:57 +0000 (10:26 +0200)]
macsec_linux: Add support for MACsec hardware offload
This uses libnl3 to communicate with the macsec module available on
Linux. A recent enough version of libnl is needed for the hardware
offload support.
Antonio Prcela [Mon, 20 Feb 2023 22:14:39 +0000 (23:14 +0100)]
hostapd: Output country_code and country3 when using STATUS
Add the country_code and country3 config parameter to the STATUS output
to easier determine the current values for each of an hostapd
access point. Currently neither STATUS, GET [country_code/country3] nor
GET_CONFIG output it.
This is useful if the hostapd access point has been created with
wpa_ctrl_request() without using a *.conf file (like hostapd.conf).
Signed-off-by: Antonio Prcela <antonio.prcela@gmail.com> Signed-off-by: Antonio Prcela <antonio.prcela@sartura.hr>
Jouni Malinen [Tue, 21 Feb 2023 15:25:50 +0000 (17:25 +0200)]
FT: Store PTKSA entry for the correct BSSID in the FT protocol case
sm->bssid has not yet been updated here, so use the provided bssid
instead. This avoids replacing the PTKSA entry for the previous AP when
a new PTKSA is being stored while using the FT protocol.
Fixes: d70060f9665a ("WPA: Add PTKSA cache to wpa_supplicant for PASN") Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
projects / thirdparty / hostap.git / log
