leiwei [Mon, 15 Nov 2021 10:43:33 +0000 (18:43 +0800)]
macsec_linux: Support cipher suite configuration
Set the cipher suite for the link. Unlike the other parameters, this
needs to be done with the first rtnl_link_add() call (NLM_F_CREATE))
instead of the update in try_commit() since the kernel is rejecting
changes to the cipher suite after the link is first added.
Jouni Malinen [Wed, 16 Feb 2022 19:29:54 +0000 (21:29 +0200)]
tests: Make wpa2_ocv_ap_ht_mismatch more robust
Clear the scan cache on the AP before running this test since the HT40
operation on the 2.4 GHz band might get disallowed based on scan results
from earlier test cases. This was found with the following hwsim test
case sequence failing:
ap_acs_with_fallback_to_20 wpa2_ocv_ap_ht_mismatch
Jouni Malinen [Wed, 16 Feb 2022 19:09:57 +0000 (21:09 +0200)]
nl80211: Do not store no-wait TX frame cookies to be cancelled
If the TX frame operation does not request any wait time, there is not
going to be any pending wait that could be cancelled later. As such,
there is no need to store the cookie value for these cases. This removes
unnecessary cancel-TX-wait operations that would result in some extra
latency and confusing debug log entries.
This was found with the following hwsim test case sequence where the
second test was failing due to the extra latency and this commit gets
rid of that failure:
rrm_ftm_range_req_timeout dpp_qr_code_auth_neg_chan
Jouni Malinen [Wed, 16 Feb 2022 17:56:24 +0000 (19:56 +0200)]
tests: Make SAE roaming test cases more reliable
Flush the scan table explicitly to avoid issues with the ROAM command if
the new AP is not found and an entry from a previous test case is used
instead. This was happening in a number of cases where a SAE test case
was run after sigma_dut_ap_cipher_gcmp_256 which used the second AP
instance and allowed that to show up in the scan results in the next
text case.
Jouni Malinen [Tue, 15 Feb 2022 14:18:12 +0000 (16:18 +0200)]
DPP: Clear state on configuration failure in GAS server hander
There is no need to maintain the DPP authentication state if config
request processing fails, so clear state also in the GAS server request
handler similarly to the other failure cases.
Jouni Malinen [Tue, 15 Feb 2022 14:15:41 +0000 (16:15 +0200)]
nl80211: Clear the last saved TX frame cookie on wait expiration
drv->send_frame_cookies[] was already cleared, but
dev->send_frame_cookie was not. This resulted in unnecessary attempts of
canceling the TX wait for a wait that had already expired. While this
does not really result in real issues, it is cleaner to get rid of the
error messages from the debug log by skipping the unnecessary
operations.
Jouni Malinen [Mon, 14 Feb 2022 22:34:55 +0000 (00:34 +0200)]
tests: Clear AP scan cache after primary BSS on channel 40
A number of test cases using 40 MHz or wider channels with the primary
channel 36 were failing when executed after dpp_chirp_ap_5g since that
test case was running an AP on the channel 40 and resulting in need to
swap the primary and the secondary channels in the following test case.
Fix this by clearing the AP scan cache explicitly for such cases.
Jouni Malinen [Mon, 14 Feb 2022 22:18:07 +0000 (00:18 +0200)]
tests: Make GAS/ANQP test cases more robust
Flush the scan cache for all test cases that used get_bss() to check for
particular ANQP information. This was already done for one such case
based on commit dd900637b2d0 ("tests: Make gas_anqp_extra_elements more
robust"), but other test cases need this as well.
This was showing with frequent errors in test cases sequences like this
one:
dfs_radar_no_ht gas_fragment_with_comeback_delay gas_unknown_adv_proto gas_anqp_venue_url
Jouni Malinen [Mon, 14 Feb 2022 22:02:34 +0000 (00:02 +0200)]
tests: Clear scan cache at the end of ap_wps_cancel
This is needed to avoid leaving behind a BSS entry with WPS enabled for
the next text case in some cases. In particular, this was causing issues
in the following sequence of test cases:
ap_wps_conf_chan14 ap_wps_cancel ap_wps_pin_request_file
Update QCA vendor attribute to indicate maximum PCL attributes
Add the enum qca_wlan_vendor_attr_pcl elements to mark the maximum value
of the defined attributes for the preferred channel list. This is
helpful for nla_parse().
Jouni Malinen [Thu, 10 Feb 2022 15:52:40 +0000 (17:52 +0200)]
atheros: Do not include p2p.h
That wpa_supplicant header file is not needed for driver_atheros.c and
maybe was never really needed, so do not include it here to avoid
potentially conflicting C preprocessor defines.
OCV: Don't start SA Query timer on CSA when SA Query is offloaded
Check driver support for SA Query offload in AP mode and skip starting
SA Query timer on CSA for OCV enabled STAs when the driver indicates
support for offloading SA Query procedures.
Jouni Malinen [Fri, 4 Feb 2022 19:29:52 +0000 (21:29 +0200)]
tests: Remove ignore_old_scan_res clearing from the test scripts
Now that wpa_supplicant does this internally as a part of the FLUSH
command, there is no need for the test scripts to try to clear the
parameter between test cases.
Jouni Malinen [Fri, 4 Feb 2022 19:26:24 +0000 (21:26 +0200)]
Clear ignore_old_scan_res on FLUSH command
The hwsim test cases are trying to clear this parameter between test
cases, but that was not really done correctly for many of the sigma_dut
test cases. Instead of fixing the text scripts to do this more
carefully, it seems to be simpler to just force the FLUSH command to
clear this.
Jouni Malinen [Fri, 4 Feb 2022 19:24:19 +0000 (21:24 +0200)]
tests: Use a more reasonable age for a scan result in scan_parsing
This test case could fail in some sequences like "sigma_dut_sae
scan_parsing" due to the ignore_old_scan_res parameter accidentally
being left to 1 by the former test case and the simulated scan result
being older than the previous scan trigger. Reduce the age of that scan
entry to make this less likely to happen.
Liangwei Dong [Tue, 28 Dec 2021 06:42:02 +0000 (14:42 +0800)]
Add QCA vendor MCC channel quota command and event
Add QCA_NL80211_VENDOR_SUBCMD_MCC_QUOTA. When two or more interfaces are
active on the same band and two different home channels (MCC), the
target may allocate quota of "on channel" time for each home channel.
The target will indicate the quota information to application layer with
this event. Application may do TX bitrate control based on the
information. The user may also set the MCC quota for an interface by
using this command.
Introduce a new vendor command
QCA_NL80211_VENDOR_SUBCMD_RATEMASK_CONFIG. This is used to set the rate
mask config to be used in MCS rate selection per PHY type.
Nirav Shah [Tue, 25 Jan 2022 04:56:52 +0000 (10:26 +0530)]
Rename moderate latency level to XR latency level in vendor attributes
Currently the moderate latency level is not used. Rename the moderate
latency level to XR latency level to be used in XR (extended reality)
applications.
Jouni Malinen [Thu, 3 Feb 2022 22:31:20 +0000 (00:31 +0200)]
nl80211: Clear frequency information on leaving mesh
Not doing this was resulting in test failures with many sequences of a
mesh test case (e.g., wpas_mesh_peer_connected) followed by
ap_csa_1_switch which was checking the driver wrapper frequency
information at the beginning.
Jouni Malinen [Thu, 3 Feb 2022 15:14:16 +0000 (17:14 +0200)]
DPP: Use a 120 second timeout for GAS query
This is needed since the gas_query_req() operation could remain waiting
indefinitely for the response if the Configurator keeps sending out
comeback responses with additional delay. The DPP technical
specification expects the Enrollee to continue sending out new Config
Requests for 60 seconds, so this gives an extra 60 second time after the
last expected new Config Request for the Configurator to determine what
kind of configuration to provide.
Jouni Malinen [Thu, 3 Feb 2022 09:36:43 +0000 (11:36 +0200)]
GAS server: Increase query timeout to 60 seconds for DPP
DPP Enrollee might wait for the configuration for 60 seconds, so
increase the DPP Configurator timeout for the GAS server operation to 60
seconds to cover that full wait time. This is needed for cases where
user interaction can take significant amount of time before the
configuration response can be generated.
Jouni Malinen [Thu, 3 Feb 2022 09:30:06 +0000 (11:30 +0200)]
DPP: Start a listen operation for GAS server if needed
Instead of depending on the TX-wait-response-time to be sufficient to
cover the full GAS exchange, start an ongoing listen operation on the
negotiation channel (if no such listen operation is already in place) to
allow the configuration exchange to take longer amount of time. This is
needed for cases where the conf=query is used to request Configurator
parameters from upper layers and that upper layer processing (e.g., user
interaction) takes significant amount of time.
Jouni Malinen [Thu, 3 Feb 2022 09:35:35 +0000 (11:35 +0200)]
tests: Increase wait in dpp_qr_code_config_event_initiator_no_response
The DPP Enrollee might wait for up to 60 seconds for the configuration,
so use a longer timeout value to be able to cover this negative test
case where the Configurator never sends the response.
Jouni Malinen [Thu, 3 Feb 2022 22:12:13 +0000 (00:12 +0200)]
nl80211: Add a handler for NL80211_CMD_FRAME_WAIT_CANCEL events
This can be helpful in figuring out when the driver has stopped waiting
on a specific channel and would need a remain-on-channel command to
continue listening on that channel.
Sunil Ravi [Tue, 29 Jun 2021 18:18:20 +0000 (11:18 -0700)]
P2P: Update GO operating frequency after interface setup is completed
Once the GO/AP interface initialization is completed, check if the
operating frequency set in the wpa_supplicant group interface structure
is different than the one set in the hostapd interface structure
associated with the group interface. If yes, update the frequency in the
wpa_supplicant group interface and network configuration to the
frequency set in the hostapd interface structure.
The frequency set in the hostapd interface is the correct/final
frequency wpa_supplicant configured in the kernel/driver. This is done
because wpa_supplicant may switch the initially requested primary and
secondary frequencies to get a secondary frequency with no beacons (to
avoid interference or 20/40 MHz coex logic). And the updated frequency
is informed by the driver only after the interface setup is completed
through the channel switch event - EVENT_CH_SWITCH. But wpa_supplicant
updates the frequency to applications through the P2P_GROUP_STARTED
event which is triggered before the EVENT_CH_SWITCH event. To send the
correct frequency to applications the frequency must be updated before
sending the P2P_GROUP_STARTED event.
Bug: 191272346
Test: Manual - Verified that GO frequency is updated and reported
correctly to Nearby application.
Jouni Malinen [Wed, 2 Feb 2022 14:52:01 +0000 (16:52 +0200)]
DPP: Allow Configurator parameters to be provided during config exchange
This provides an alternative mechanism for upper layer components to
control configuration parameters to be used by the local Configurator.
Instead of the previously used design where the Configurator parameters
had to be provided before initiating the DPP Authentication exchange,
the new alternative approach allows the DPP Authentication exchange to
be started before any Configurator parameters have been determined and
wpa_supplicant will then request the parameters once the DPP
Configuration Request has been received from the Enrollee. This allows
the Config Request information to be used at upper layers to determine
how the Enrollee should be configured.
For example for an Initiator:
CTRL: DPP_QR_CODE <URI from Responder/Enrollee>
CTRL: DPP_AUTH_INIT peer=1 conf=query
<3>DPP-CONF-NEEDED peer=1 src=02:00:00:00:00:00 net_role=sta name="Test" opclass=81,82,83,84,115,116,117,118,119,120,121,122,123,124,125,126,127,128,129,130 mud_url=N/A
(upper layer processing; potentially including user interaction)
CTRL: DPP_CONF_SET peer=1 conf=sta-sae ssid=736165 pass=70617373776f7264
<3>DPP-CONF-SENT
For example for a Responder:
CTRL: SET dpp_configurator_params conf=query
CTRL: DPP_LISTEN 2412 role=configurator
<3>DPP-CONF-NEEDED peer=2 src=02:00:00:00:01:00 net_role=sta name="Test" opclass=81,82,83,84,115,116,117,118,119,120,121,122,123,124,125,126,127,128,129,130 mud_url=N/A
(upper layer processing; potentially including user interaction)
CTRL: DPP_CONF_SET peer=2 conf=sta-sae ssid=736165 pass=70617373776f7264
<3>DPP-CONF-SENT
For example for an Initiator that can act both as a Configurator and an
Enrollee in a case where the Initiator becomes the Enrollee:
Jouni Malinen [Wed, 2 Feb 2022 14:48:51 +0000 (16:48 +0200)]
GAS server: Asynchronous request handler comeback time indication
Extend the GAS server functionality to allow a request handler to return
the initial comeback delay with a later callback instead of having to
indicate the comeback delay when returning from the handler function.
Jouni Malinen [Fri, 28 Jan 2022 15:28:49 +0000 (17:28 +0200)]
DPP: Fix connection result reporting when using TCP
The TCP code path did not handle the postponed connection attempt on TX
status and the following result message from the Enrollee to the
Configurator. Fix this by adding TCP-versions of these operations to
match the way wpa_supplicant implemented this for the Public Action
frames.
Jouni Malinen [Tue, 25 Jan 2022 18:06:49 +0000 (20:06 +0200)]
DPP: Change PKEX version configuration design
Use a separate ver=<1|2> parameter to DPP_PKEX_ADD instead of
overloading init=1 with version indication. This allows additional
options for forcing v1-only and v2-only in addition to automatic mode
(start with v2 and fall back to v1, if needed).
Jouni Malinen [Mon, 24 Jan 2022 18:57:19 +0000 (20:57 +0200)]
DPP3: Add PKEX initiator retries and fallback from v2 to v1 for hostapd
This extends hostapd with the design used in wpa_supplicant for PKEX
initiator retries and automatic version fallback from v2 to v1 (the
latter is enabled only with CONFIG_DPP3=y).
Jouni Malinen [Mon, 24 Jan 2022 18:21:24 +0000 (20:21 +0200)]
DPP3: Start with PKEXv2 and fall back to v1
Use automatic PKEX version negotiation as the initiator by starting with
PKEXv2 and if no response is received, trying again with PKEXv1. For
now, this is enabled only in wpa_supplicant CONFIG_DPP3=y builds.
Qiwei Cai [Wed, 5 Jan 2022 05:04:24 +0000 (13:04 +0800)]
P2P: Send response frame on channel where the request is received
The rx_freq of Public Action frame was not maintained by the GO and the
GO always sent the response on the operating channel. This causes
provision discovery failure when a P2P Device is sending a PD Request on
a 2.4 GHz social channel and the GO is responding on a 5 GHz operating
channel.
Save the rx_freq and use it for GO to sent the response. This extends
commit c5cc7a59acb2 ("Report offchannel RX frame frequency to hostapd")
to cover additional frame types.
Extend the peer queue flush command with following attributes
1. Enable to flush per TID peer queue
2. Enable to configure when to flush the peer/TID queue
Jouni Malinen [Sun, 16 Jan 2022 20:46:15 +0000 (22:46 +0200)]
Preparations for v2.10 release
Update the version number for the build and also add the ChangeLog
entries for both hostapd and wpa_supplicant to describe main changes
between v2.9 and v2.10.
Jouni Malinen [Fri, 7 Jan 2022 16:52:27 +0000 (18:52 +0200)]
EAP-pwd: Derive the y coordinate for PWE with own implementation
The crypto_ec_point_solve_y_coord() wrapper function might not use
constant time operations in the crypto library and as such, could leak
side channel information about the password that is used to generate the
PWE in the hunting and pecking loop. As such, calculate the two possible
y coordinate values and pick the correct one to use with constant time
selection.
Jouni Malinen [Fri, 7 Jan 2022 11:47:16 +0000 (13:47 +0200)]
SAE: Derive the y coordinate for PWE with own implementation
The crypto_ec_point_solve_y_coord() wrapper function might not use
constant time operations in the crypto library and as such, could leak
side channel information about the password that is used to generate the
PWE in the hunting and pecking loop. As such, calculate the two possible
y coordinate values and pick the correct one to use with constant time
selection.
Vishal Miskin [Thu, 2 Dec 2021 06:49:22 +0000 (12:19 +0530)]
Defined a driver interface for periodic TSF sync feature
Add a QCA vendor netlink interface to start/stop periodic TSF sync
feature and also support configuration of interval value as part of TSF
sync start command. In addition, improve documentation for the related
attributes and values.
Add a QCA vendor attribute to indicate ACS over EHT
Add QCA_WLAN_VENDOR_ATTR_ACS_EHT_ENABLED flag attribute to conduct ACS
for EHT mode. The driver can consider EHT specific parameters such as
puncture pattern for ACS when this flag attribute is indicated by
userspace.
Jouni Malinen [Tue, 11 Jan 2022 16:02:53 +0000 (18:02 +0200)]
Clear roam/BSS TM in progress flags for additional cases
It looks like the recently added roam_in_progress and
bss_trans_mgmt_in_progress flags could end up getting set, but not
cleared, in some cases. Make sure these get cleared on explicit
disconnection request and also in case the SME-in-driver path is used
(while that path does not really use these flags yet, it is better to
not allow them to be forgotten to be set should it be extended to cover
similar functionality).
Nicolas Norvez [Wed, 5 Jan 2022 01:35:13 +0000 (01:35 +0000)]
Reject authentication start during BSS TM requests
After receiving a BSS Transition Management request,
wpa_supplicant_connect() will abort ongoing scans, which will cause scan
results to be reported. Since the reassociate bit is set, this will
trigger a connection attempt based on the aborted scan's scan results
and cancel the initial connection request. This often causes
wpa_supplicant to reassociate to the same AP it is currently associated
to instead of the AP it was asked to transition to.
Add a bss_trans_mgmt_in_progress flag to indicate that we're currently
transitioning to a different AP so that we don't initiate another
connection attempt based on the possibly received scan results from a
scan that was in progress at the time the BSS Transition Management
request was received.
This is the equivalent of commit 5ac977758d35 ("Reject authentication
start during explicit roam requests") for the roaming scenario.
Signed-off-by: Nicolas Norvez <norvez@chromium.org>
Jouni Malinen [Tue, 11 Jan 2022 15:37:32 +0000 (17:37 +0200)]
OpenSSL: Update security level drop for TLS 1.0/1.1 with OpenSSL 3.0
OpenSSL 3.0 dropped these older TLS versions from the security level 2
to 1, so need to drop the security level all the way to 0 if TLS v1.0 or
v1.1 is explicitly enabled.
Jouni Malinen [Tue, 11 Jan 2022 12:00:43 +0000 (14:00 +0200)]
OpenSSL: Fix compressed form encoding for subjectPublicKey with 3.0
It looks like EC_KEY_set_conv_form() for the EC_KEY within the EVP_PKEY
does not take effect for i2d_PUBKEY() with OpenSSL 3.0, so allocate a
new wrapper EVP_PKEY after the conversion format change to be able to
return the correctly encoded (compressed) value here. This is required
for DPP to work correctly.
Jouni Malinen [Tue, 11 Jan 2022 10:43:19 +0000 (12:43 +0200)]
OpenSSL: Load legacy provider when needed for OpenSSL 3.0
Number of the older algorithms have now been moved into a separate
provider in OpenSSL 3.0 and they are not available by default.
Explicitly load the legacy provider when such an algorithm is needed for
the first time.
In addition, at least for now, load the legacy providers when initiating
TLS context to maintain existing functionality for various private key
formats.
Chenming Huang [Mon, 13 Dec 2021 07:57:58 +0000 (15:57 +0800)]
DPP: Remove dpp-listen radio work when stopping
The radio work starting may be delayed. If the DPP listen operation is
stopped before the radio work starts, the pending dpp-listen radio work
won't get cleaned up, which might lead to failing to start the next DPP
listen operation.
Issue scenario: DPP start -> dpp-listen radio work added but not started
-> DPP stop, pending radio work not cleaned up -> radio work start ->
trying to start DPP but failing because a dpp-listen work already
exists.
This commit removes the potential pending dpp-listen radio
work when DPP stops.
SAE: Make sure BSS entry is available to determine RSNXE information
wpa_supplicant may use wrong SAE authentication method if it doesn't
have the scan result for the target BSS since RSNXE information is not
available.
For example, STA might use the hunting-and-pecking loop method for SAE
authentication even though AP supports SAE H2E and STA is configured
with sae_pwe=2.
This is possible in cases like EXTERNAL_AUTH triggered by the driver
during roaming. To avoid this update scan results to fetch the target
BSS scan result from the driver.
Mukul Sharma [Thu, 16 Dec 2021 18:14:02 +0000 (23:44 +0530)]
Add new vendor attributes to avoid coex unsafe frequencies
Add additional attributes in
QCA_NL80211_VENDOR_SUBCMD_AVOID_FREQUENCY_EXT vendor sub command to
avoid usage of unsafe frequencies on wifi interfaces sent from userspace
to the driver/firmware. The driver/firmware shall use restrictions and
power cap accordingly to restrict the usage of these frequencies on
operating interface(s).
Jouni Malinen [Tue, 14 Dec 2021 16:25:43 +0000 (18:25 +0200)]
tests: Fix DPP PKEXv2 capability checks
At least for the time being PKEXv2 needs CONFIG_DPP3=y to work in a
testable manner. Couple of the test cases did not cover this correctly
and resulted in failures (instead of skipping the tests) when the
default build configuration was used. Fix that by checking for DPP
version 3.
Jouni Malinen [Tue, 14 Dec 2021 17:43:54 +0000 (19:43 +0200)]
DPP3: Update version capability indication for hostapd
The "GET_CAPABILITY dpp" command in wpa_supplicant was already extended
to cover DPP version 3, but the matching change for hostapd was
forgotten. Add that now.
peterhuang [Wed, 18 Aug 2021 10:48:53 +0000 (18:48 +0800)]
Update supported channel width set (HT40) after channel switch
hostapd should update Supported Channel Width Set of HT Capability
Information field after channel switching done. Otherwise, it would
continue to use the old setting.
peterhuang [Wed, 18 Aug 2021 10:57:28 +0000 (18:57 +0800)]
Fix channel switch wrapper when switching from HT to VHT/HE
Because ieee80211ac and ieee80211ax were not updated before channel
switch is done, hostapd didn't build the Channel Switch Wrapper element
when it switched from HT to bandwidth more than 40 MHz of VHT/HE. fix
this by allowing hostapd_eid_wb_chsw_wrapper() to determine internally
when the element needs to be added based on the new channel instead of
the old configuration.
Daniel Golle [Tue, 31 Aug 2021 07:44:07 +0000 (10:44 +0300)]
mesh: Make forwarding configurable
Allow mesh_fwding (dot11MeshForwarding) to be specified in a mesh BSS
config, pass that to the driver (only nl80211 implemented for now) and
announce forwarding capability accordingly.
projects / thirdparty / hostap.git / log
