Commit b36935be1a ('nl80211: Fix EAPOL
frames not being delivered') and commit
147848ec4d ('nl80211: Do not add all
virtual interfaces to drv->if_indices') were not fully in sync and it
was possible for some non-hostapd use cases to end up adding undesired
ifindexes into the list of interfaces from which events and EAPOL frames
are processed on the parent interface. This could result, e.g., in P2P
Device management interface on getting unexpected events, including
RTM_NEWLINK event that could end up getting interpreted as an
indication of the interface being down and unavailable.
Make both add_ifidx() calls use the same criteria for adding interfaces
to the local list. This is not really a complete solution, but it is
good enough for now to fix the most visible side effects of this issue.
Signed-off-by: Jithu Jance <jithu@broadcom.com>
Extend the set of supported cipher suites to include CCMP-256, GCMP,
GCMP-256, CMAC-256, GMAC, and GMAC-256 when ATH_GCM_SUPPORT=y is set in
the build configuration.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
I got the below prints on a particular Android platform:
I/wpa_supplicant( 2637): nl80211: send_and_recv->nl_recvmsgs failed: 20
I/wpa_supplicant( 2637): nl80211: send_and_recv->nl_recvmsgs failed: 20
In JellyBean libnl_2 code, I see that the nl_recvmsgs returns postive values
too. In some cases, nl_recvmgs return the output of nl_recv function. nl_recv
function can return Number of bytes read, 0 or a negative error code.
Looks like this positive return value for nl_recvmsgs may be specific to
Android. While this is not how the API is supposed to work, this does no
harm with upstream libnl which returns only 0 or -1 from the function.
Signed-off-by: Jithu Jance <jithu@broadcom.com>
Make sure to not remove interfaces that were not created by
hostapd/wpa_supplicant. This was already done on number of the error
paths, but not all.
Signed-off-by: Michal Kazior <michal.kazior@tieto.com>
Commit 04eff7d5ba or something around that
timeframe may have caused a regression on how drv->if_indices gets used
with wpa_supplicant. Most (curretly likely all) wpa_supplicant virtual
interface use cases should not actually use this. This could result in
issues with P2P group interfaces delivering events to incorrect
interface (parent rather than the group interface). The previous commit
removed some of the issues, but more complete fix is to undo some of
those merged hostapd/wpa_supplicant operations.
Filter add_ifidx() uses based on hostapd vs. wpa_supplicant and iftype
to get closer to the earlier wpa_supplicant behavior for the driver
events from virtual interfaces.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
It is possible for a virtual interface to be added and removed by
different parent interfaces. This can happen, e.g., with P2P group
interfaces if the P2P parent interface does not happen to be the first
entry in the wpa_supplicant global interface list. That first entry is
used to remove the group interface while the addition would have
happened with the dedicated P2P management interface.
This can result in the interface that added a new virtual interface
getting stuck with an obsolete ifindex value in the drv->if_indeces list
and as such, deliver some extra events to incorrect destination wpa_s
instance. In particular, this can result in INTERFACE_DISABLED event
from deletion of a P2P group interface getting delivered incorrectly to
the parent wpa_s instance which would disable that interface even though
the interface remains in enabled state.
Fix this by clearing the removed interface from all if_indeces lists
instead of just the one that was used to delete the interface. This is
the simplest approach since the ifindex is unique and there is no need
to track which interface added the new virtual interface to always hit
the same one when removing the interface.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Previously, the NL80211_ATTR_AKM_SUITES was skipped if either of these
SHA256-based AKMs was negotiated.
Signed-off-by: Jithu Jance <jithu@broadcom.com>
bss->freq was not updated for IBSS, so whatever old value was stored
from a previous AP mode operation could end up having been used as the
channel when trying to send Authentication frames in an RSN IBSS. This
resulted in the frame not sent (cfg80211 rejects it) and potentially not
being able to re-establish connection due to 4-way handshake failing
with replay counter mismatches. Fix this by learning the operating
channel of the IBSS both when join event is received and when a
management frame is being transmitted since the IBSS may have changed
channels due to merges.
Signed-off-by: Jouni Malinen <j@w1.fi>
Propagate max associated STAs in AP mode advertised by the driver to
core wpa_supplicant implemantion. This allows wpa_supplicant to update
the P2P GO group limit information automatically without having to
configure this limit manually. The information (if available) is also
used in the generic AP implementation to control maximum number of STA
entries.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Add a new wowlan_triggers option to wpa_supplicant.conf. The triggers in
this key will be used to configure the kernel wowlan configuration.
For now, support only simple flags. More complex triggers can be added
later on.
Signed-off-by: Eliad Peller <eliadx.peller@intel.com>
Indicate to cfg80211 that interfaces created by the wpa_supplicant
or hostapd are owned by them, and that in case that the socket that
created them closes, these interfaces should be removed.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Got segfault, when freeing drv and there exists registered timeout for
blocked rfkill. This patch adds cancel timeout to avoid this.
Signed-off-by: Eduardo Abinader <eduardo.abinader@openbossa.org>
The previous check for dl_list_len() or having an entry from the list is
sufficient, but some static analyzers cannot figure out that
dl_list_first() and dl_list_last() will return non-NULL in this type of
cases. Avoid invalid reports by explicitly checking for NULL.
Signed-off-by: Jouni Malinen <j@w1.fi>
This is not of any real use anymore with nl80211_set_channel() taking
care of channel setting operation.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Configure driver with the new channel parameters (mainly, HT 20/40 MHz
bandwidth changes) as part of set_ap().
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This provides information to allow the driver to be configured for
updated channel parameters, e.g., when dynamically changing HT20/HT40
bandwidth.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Some trailing whitespace and spaces for indentation were present in the
driver wrapper and header files.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Move the definitions that depended in common.h into a separate header
file so that qca-vendor.h can be copied and used as-is in other
projects.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Update the radiotap parser to the latest version of the
http://git.sipsolutions.net/radiotap.git/ library to get
parsing for vendor namespaces.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
This was already done for the disconnect event, but
SME-in-wpa_supplicant case needs to do same with the deauth event to
avoid getting extra events during WPS disconnect-and-reconnect sequence.
This can speed up WPS processing by removing unnecessary failures or
retries due to the extra event being processed during the next
association attempt.
Signed-off-by: Jouni Malinen <j@w1.fi>
The first combination may allow single-channel concurrency for
P2P + managed, but there may be others that allow multi-channel
concurrency. Parse all of them to find the maximum number of channels.
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
NL80211_CMD_LEAVE_IBSS was used only with wpa_supplicant-based SME.
Extend this to drivers that implement SME internally.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
While framing the TDLS Setup Confirmation frame, the driver needs to
know if the TDLS peer is VHT/HT/WMM capable and thus shall construct the
VHT/HT operation / WMM parameter elements accordingly. Supplicant
determines if the TDLS peer is VHT/HT/WMM capable based on the presence
of the respective IEs in the received TDLS Setup Response frame.
The host driver should not need to parse the received TDLS Response
frame and thus, should be able to rely on the supplicant to indicate
the capability of the peer through additional flags while transmitting
the TDLS Setup Confirmation frame through tdls_mgmt operations.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
When hostapd choose to reuse an existing interface, it does not add it
to the set of interfaces from which we accept EAPOL packets.
Make sure we always add it to that set.
Signed-off-by: Maxime Bizon <mbizon@freebox.fr>
This allows drivers that build the WPA/RSN IEs internally to use similar
design for building the OSEN IE.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This uses a QCA vendor extension to determine if the driver supports
fully offloaded DFS operations.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
The scan_for_auth workaround for cfg80211 missing a BSS entry for the
target BSS during authentication uses a single channel scan controlled
within driver_nl80211.c. This operation does not indicate
EVENT_SCAN_RESULTS to the upper layer code. However, it did report
EVENT_SCAN_STARTED and this resulted in the radio work protection code
assuming that an external program triggered a scan, but that scan never
completed. This resulted in all new radio work items getting stuck
waiting for this scan to complete.
Fix this by handling the scan_for_auth situation consistently within
driver_nl80211.c by filtering both the EVENT_SCAN_STARTED and
EVENT_SCAN_RESULTS.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
If NL80211_CMD_AUTHENTICATE fails due to exiting authentication, forced
deauthentication is used to clear cfg80211 start and a new
authentication command is retried. This resulted in an extra
disconnection event getting delivered to the core wpa_supplicant code
and that could end up confusing state there, e.g., by clearing
connection parameters like wpa_s->key_mgmt and preventing the following
association from reaching proper COMPLETED state with open networks.
Fix this by hiding the unnecessary disconnection event when using the
deauth-for-auth workaround.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
On RF-kill, we should not request the kernel to start a P2P device. In
addition, we should call i802_set_iface_flags() both for a P2P Device
interface and any other interface instead of calling a dedicated
function for each.
Signed-off-by: Moshe Benji <Moshe.Benji@intel.com>
At least in nl80211, broadcast management frames like Probe Request
frames, may be processed multiple times per BSS if multi-BSS is active
and NL80211_CMD_FRAME event is used to deliver them. In the case of
Probe Request frames, hostapd will create multiple redundant Probe
Response frames which are problematic when many BSS are on one channel.
This problem is caused by driver_nl80211 generating an event for
wpa_supplicant_event() for each BSS, and hostapd_mgmt_rx() calls
ieee802_11_mgmt() for each BSS, too.
Fix this by processing broadcast events only for the BSS the driver
intended to. The behavior is not changed for drivers not setting a BSS.
Signed-hostap: Simon Wunderlich <simon@open-mesh.com>
While these were already available from elsewhere in the debug log, it
is convenient to have the values also available at the location where
the actual nl80211 command is issued.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
wpa_supplicant already allowed beacon interval to be configured for AP
mode operations, but this was not passed to the driver for IBSS even
though the same parameter can used for that case. Add this for the
nl80211 driver interface to allow beacon interval to be controlled for
IBSS as well.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This commit adds an option to optimize AP teardown by leaving the
deletion of keys (including group keys) and stations to the driver.
This optimization option should be used if the driver supports stations
and keys removal when stopping an AP.
For example, the optimization option will always be used for cfg80211
drivers since cfg80211 shall always remove stations and keys when
stopping an AP (in order to support cases where the AP is disabled
without the knowledge of wpa_supplicant/hostapd).
Signed-off-by: Moshe Benji <moshe.benji@intel.com>
CONFIG_TESTING_OPTIONS=y build of wpa_supplicant now allows arbitrary
cfg80211 commands to be performed through the new VENDOR ctrl_iface
command by using a special vendor_id ffffffff. The command identifier
(NL80211_CMD_*) is encoded as the subcmd and the attributes in the
hexformatted data area. Response attributes are returned as a hexdump.
For example, this shows a NL80211_CMD_FRAME and a response (cookie
attribute) on a little endian host:
wpa_cli -i wlan0 vendor ffffffff 59 080003004d0000000800260085090000....
0c00580000d7868c0388ffff
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
When an interface is disabled through rtm event, wpa_supplicant's
EVENT_INTERFACE_DISABLED is generated, which in turn, may
completely destroy wpa_driver_nl80211_data struct (drv). This
scenario happens now when P2P GO interface is disabled. Since this
struct may be used later in this function it causes segmentation fault.
Fix it by trying to find drv again in the interface list after
wpa_supplicant's event handling.
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Add a callback to the driver interface that allows vendor specific
commands to be sent. In addition, a control interface command is added
to expose this new interface outside wpa_supplicant:
Vendor command's format:
VENDOR <vendor id> <sub command id> [<hex formatted data>]
The 3rd argument will be converted to binary data and then passed as
argument to the sub command.
This interface is driver independent, but for now, this is only
implemented for the nl80211 driver interface using the cfg80211 vendor
commands.
Signed-off-by: Beni Lev <beni.lev@intel.com>
wpa_driver_nl80211_if_remove() checks bss->if_added before deleting an
interface, which is 0 for the first BSS. The only part of
wpa_driver_nl80211_if_remove() that should get called for WDS STA
interfaces is the call to nl80211_remove_iface(), which can be pulled in
here directly.
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
If wpa_driver_roboswitch_read() fails before such comparison, the values
that are being compared are not initialized properly and as such, there
is not much point in comparing them either.
Signed-off-by: Jouni Malinen <j@w1.fi>
no_offchannel_tx=1 driver parameter can now be used to force the older
remain-on-channel -based offchannel TX design to be used with
mac80211_hwsim. This can be used to increase test coverage with the
hwsim test cases.
Signed-off-by: Jouni Malinen <j@w1.fi>
Subscription remediation notification WNM-Notification Request is now
shown in the following way in wpa_supplicant control interface:
<3>HS20-SUBSCRIPTION-REMEDIATION http://example.com/foo/
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Many drivers support operation without GTK configured, but most (if any)
today do not advertise this. Handle this by skipping GTK cipher suite
configuration if the driver did not advertise support in order to work
around cfg80211 validation steps.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Use nl80211_set_iface_id() in wpa_driver_nl80211_get_hw_feature_data(),
as otherwise the function fails for a P2P Device interface (which does
not have a netdev associated with it).
Signed-hostap: Ilan Peer <ilan.peer@intel.com>
This uses the new nl80211 attributes to allow the connect command to
provide bssid and freq hints to the driver without limiting roaming to
the specific BSS/frequency. This can be used by drivers that perform
internal BSS selection (WPA_DRIVER_FLAGS_BSS_SELECTION) as a candidate
for initial association.
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
Commit b1f625e0d8 extended
ap_scan_as_station to be able to distinguish between AP and P2P GO
iftypes. However, it did this in a way that completely lost the original
mode because drv->nlmode had already been replaced with the station
mode. Fix this by storing the correct old mode.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Commit 795baf773f ('hostapd: Filter
channel list updated events after country code change') uses the
EVENT_CHANNEL_LIST_CHANGED data pointer, but it updated only one of the
callers to provide that data. NL80211_CMD_REG_BEACON_HINT event was
still sending the event without the initiator data and resulted in NULL
pointer dereference, e.g., if a scan was run while hostapd was running
and the driver was in world roaming state and enabled a channel for
active scans.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
The hostapd compilation displays a below warning On NetBSD 6.1.2.
../src/drivers/driver_bsd.c:72:1: warning: 'get80211opmode' defined but not used
This patch solves it and moves other functions to appropriate position to
reduce #ifdef.
Signed-hostap: Masashi Honma <masashi.honma@gmail.com>
The original RSSI filter semantics for scheduled scan were
really confusing - a separate matchset was created, but it
wasn't actually treated as a separate matchset in the kernel
but rather used as the global RSSI value. The RSSI matchset
thus behaved like an RSSI filter outside of the matchsets,
being ANDed rather than ORed (as normal between matchsets.)
To make this less confusing, I changed the kernel API a bit
to actually treat the RSSI inside each matchset properly,
but keeping it compatible with the old approach by using a
matchset with only an RSSI value as the default for all the
other matchsets, and adding it as a separate matchset only
if it's the only one.
The proper way for wpa_supplicant to do this then would be
to add the RSSI to each SSID matchset, and only add another
matchset without SSID if there's none with.
However, to keep compatibility with older kernels, always
keep the non-SSID matchset and only add the RSSI to all the
other matchsets. This gets close to the desired behaviour,
the only difference would be that we shouldn't add the RSSI
matchset if there are others, but stays compatible with old
and new kernels, as new ones ignore the RSSI-only matchset
if there are others and those others have an RSSI.
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
It is possible for channel switch notification to be missing channel
type attribute. This is true at least for VHT80. This led to
iface->conf->secondary_channel being set to 0. This in turn made
subsequent DFS-triggered CSA to fail due to invalid frequency
parameters.
Signed-hostap: Michal Kazior <michal.kazior@tieto.com>
This checks if the NL80211_ATTR_IFINDEX attribute is present before
trying to get the value of interface index.
Signed-hostap: Shital Jaju <shitalj@broadcom.com>
This adds a QCA vendor specific nl80211 event to allow the driver to
indicate a list of frequency ranges that should be avoided due to
interference or possible known co-existance constraints. Such
frequencies are marked as not allowed for P2P use to force groups to be
formed on different channels.
If a P2P GO is operating on a channel that the driver recommended not to
use, a notification about this is sent on the control interface and
upper layer code may decide to tear down the group and optionally
restart it on another channel. As a TODO item, this could also be changed
to use CSA to avoid removing the group.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This file is used as a registry of identifier assignments from the
Qualcomm Atheros OUI 00:13:74 for purposes other than MAC address
assignment. One of the first uses will be for nl80211 vendor
commands/events which is reason for the preparation change in
driver_nl80211.c
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
When GAS is used with PMF negotiated, Protected Dual of Public Action
frames are expected to be used instead of Public Action frames, i.e.,
the GAS/ANQP frames are expected to be encrypted. Conver Public Action
GAS queries to use Dual of Public Action frame if PMF has been
negotiated with the AP to which the frame is being sent.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Fix sizeof in a validity comparison of nl80211_vendor_cmd_info size. The
incorrect version happened to work on 64-bit builds due the structure
being eight octets, but this was incorrect and would not used with
32-bit builds.
Signed-hostap: Max Stepanov <Max.Stepanov@intel.com>
The information of the peer's supported channel and operating class
is required for the driver to do TDLS off channel operations with a
compatible peer. Pass this information to the driver when the peer
station is getting added.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
The error path in bsd_init() on struct bsd_driver_data allocation was
jumping to location where drv is dereferenced. That will crash and it is
easier to just return from the function since no cleanup steps are
needed in this case.
Signed-hostap: Jouni Malinen <j@w1.fi>
Currently these three steps runs for each event.
1. get buffer size via system
2. allocate a memory for event
3. free the memory
The wpa_supplicant receives 4 events from boot to be connected.
So this patch prepare the event buffer at the init process.
I have tested wpa_supplicant on NetBSD 6.1.2.
But I could not tested hostapd because I do not have AP enabled device.
Signed-hostap: Masashi Honma <masashi.honma@gmail.com>
Replace channel_switch_supported flag of the
wpa_driver_nl80211_data by WPA_DRIVER_FLAGS_AP_CSA inside
wpa_driver_capa.flags. It makes more sense and also can
be accessed by wpa_supplicant.
Signed-hostap: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
If the BSS table within wpa_supplicant is flushed, request the driver to
flush its own scan result table during the next scan. This can avoid
unexpected old BSS entries showing up after BSS_FLUSH or FLUSH command
in cases where the driver may maintain its internal cache of scan
results (e.g., cfg80211 BSS table persists at least for 15 seconds).
In addition to doing this automatically on BSS_FLUSH/FLUSH, a new SCAN
command argument, only_new=1, can be used to request a manual scan
request to do same. Though, it should be noted that this maintains the
BSS table within wpa_supplicant. BSS_FLUSH followed by SCAN command can
be used to clear all BSS entries from both the driver and
wpa_supplicant.
Signed-hostap: Jouni Malinen <j@w1.fi>
These old driver wrappers have been removed quite some time ago, but
some of the build configuration notes were still describing how they
are configured.
Signed-hostap: Jouni Malinen <j@w1.fi>
Print into the debug log the list of vendor commands and events that the
driver supports. In addition, add a generic handler for vendor events.
This can be extended for each vendor/subcmd.
Signed-hostap: Jouni Malinen <j@w1.fi>
use_monitor=1 and force_connect_cmd=1 driver parameters can now be used
to force older monitor interface design and the connect API (SME in
driver) to increase hwsim testing coverage.
Signed-hostap: Jouni Malinen <j@w1.fi>
If Action frame registration in nl80211_mgmt_subscribe_non_ap() failed
for any frame type, the previous implementation skipped
nl80211_mgmt_handle_register_eloop() call. This is not desirable since
none of the Action frame types could be received and even worse, the
following nl80211_destroy_eloop_handle() call for nl_mgmt would likely
result in crashing the process due to the ELOOP_SOCKET_INVALID XOR
operation. This could be triggered at least in a P2P group interface
startup failure case.
Signed-hostap: Jouni Malinen <j@w1.fi>
Previously, it was possible for bss_info_handler() to end up dropping a
newer scan result entry if there were two entries with the same BSSID
and SSID (i.e., only frequency was different) and we were not associated
with either. This could happen, e.g., in some P2P use cases where device
discovery may happen on different channels. Fix this by checking the age
of the scan entries as well to prefer the most recent response.
Signed-hostap: Jouni Malinen <j@w1.fi>
Most of the attributes to these commands are identical and there is no
need to maintain two copies of the same functionality.
Signed-hostap: Jouni Malinen <j@w1.fi>
WPA_CIPHER_* and CIPHER_* are used for the exact same set of cipher
suites with the main difference being that the WPA_CIPHER_* version is
suitable to be used as a bitfield. Similarly, WPA_KEY_MGMT_* and
KEY_MGMT_* have similar design for AKMs. There is no need to maintain
two separate copies of the definitions since the bitfield compatible
version can be used for both needs. Get rid of the CIPHER_* and
KEY_MGMT_* versions to clean up the implementation by getting rid of
unnecessary mapping functions.
Signed-hostap: Jouni Malinen <j@w1.fi>
NL80211_ATTR_CONTROL_PORT was previously set only for
NL80211_CMD_ASSOCIATE, but it should also be set when using
NL80211_CMD_COMMAND (driver-based SME) even though none of the current
non-mac80211 drivers use this.
Signed-hostap: Jouni Malinen <j@w1.fi>
The option of handling upper layer P2P management operations within the
driver/firmware was originally planned to be used with wpa_supplicant,
but this has not really happened and there is no clear sign of this
being needed in the near term either. This functionality has not been
completed and it is certainly not being kept up-to-date or tested. As
such, it is best to remove it for now and if this or something similar
is needed in the future, it can be brought back once a clear need for it
has been demonstrated first.
Signed-hostap: Jouni Malinen <j@w1.fi>
This driver event was used separately for some Action frames, but all
the driver wrappers converted to this from information that would have
been enough to indicate an EVENT_RX_MGMT event. In addition, the
received event was then converted back to a full IEEE 802.11 management
frame for processing in most cases. This is unnecessary complexity, so
get rid of the extra path and use EVENT_RX_MGMT for Action frames as
well as other management frame subtypes.
Signed-hostap: Jouni Malinen <j@w1.fi>
Action frame RX report through EVENT_RX_ACTION did not indicate whether
the frame was protected or not even though that information is available
in mlme_event_mgmt(). hostapd_rx_action() has a workaround for setting
the protected flag for SA Query frames, but that did not apply for other
frames, like FT Action. This broke FT-over-DS when PMF is enabled with
newer kernel versions (i.e., the ones that do not use monitor interface
for receiving management frames).
Signed-hostap: Jouni Malinen <j@w1.fi>
These files have been distributed only under the BSD license option
since February 2012. Clarify the license statements in the files to
match that to avoid confusion.
Signed-hostap: Jouni Malinen <j@w1.fi>
This adds initial parts for supporting the new GCMP-256, CCMP-256,
BIP-GMAC-128, BIP-GMAC-256, and BIP-CMAC-256 cipher suites.
Signed-hostap: Jouni Malinen <j@w1.fi>
The BSS table, scan timeout, and related functionality should use
monotonic time since they care about relative values (age) only.
Unfortunately, these are all connected, so the patch can't be split
further. Another problem with this is that it changes the driver wrapper
API. Though, it seems only the test driver is using this.
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
Do not assume the driver supports QoS Mapping, but instead, advertise
support for this only if CONFIG_INTERWORKING is defined and driver
indicates support for configuring QoS Map.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
The driver_nl80211.c changes are needed to avoid compiler warnings
with two frequency attributes pointing to the same value.
Signed-hostap: Jouni Malinen <j@w1.fi>
Adds support for VHT by parsing bandwidth and center_freq{1,2}.
Signed-hostap: Michal Kazior <michal.kazior@tieto.com>
Signed-hostap: Janusz Dziedzic <janusz.dziedzic@tieto.com>
Commit 390e489c0d extended hostapd BSS
interface removal capabilities. However, it ended up causing a
regression in wpa_supplicant P2P group interface handling. That P2P
group interface is removed through another driver_nl80211.c BSS context
and as such, the bss->added_if is not set. Fix this by verifying whether
the request is for another ifindex and if so, removing the interface
even if added_if is not marked.
Signed-hostap: Jouni Malinen <j@w1.fi>
This is a mechanism used in Android to extend driver interface in vendor
specific ways. This is included only for the purpose of Android
compatibility. Proper interface commands should be used for any new
functionality.
Signed-hostap: Jouni Malinen <j@w1.fi>
Android uses a vendor specific library for implementing couple of driver
interface functions. Add the wrapper code to allow that mechanism to be
used.
Signed-hostap: Jouni Malinen <j@w1.fi>
Add csa_settings struct which holds parameters for CSA. Change driver
interface for switch_channel(), so that it will receive this struct and
not only the new frequency as it was before. This allows wpa_supplicant
to provide all the required parameters (beacons, proberesp, assocresp,
CSA IE) which are required by cfg80211 implementation.
Signed-hostap: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
We were not filtering the EVENT_CHANNEL_LIST_CHANGED events based on the
regulatory hint initiator. So wait for EVENT_CHANNEL_LIST_CHANGED event
after our own change was triggered even when regulatory hint initiator
was the driver. This could result in the wait for the channel list to be
updated to be terminated before the real change has occurred and as
such, old channel list remaining in use when configuring
hostapd/wpa_supplicant country parameter. Fix this by filtering the
hints according to the initiator and only regulatory hints initiated by
user will be used to stop the wait.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
If hostapd was started with the interface already in AP mode, leave the
interface in AP mode on deinit instead of unconditionally forcing it to
station mode.
Signed-hostap: Jouni Malinen <j@w1.fi>
It is common to build wpa_supplicant with AP mode support and it is
justifiable to clean up driver_nl80211.c by removing the conditional
build blocks based on hostapd vs. wpa_supplicant builds.
Signed-hostap: Jouni Malinen <j@w1.fi>
This gets rid of some ifdef HOSTAPD constructs and shares more
of the initialization code between hostapd and wpa_supplicant.
Signed-hostap: Jouni Malinen <j@w1.fi>
These variables were originally used in hostapd to clear HT channel
information when exiting. However, that functionality was lost with
commit f019981aee when moving to a common
code for setting the channel. Taken into account that no one seems to
have missed this functionality over the last four years, it seems safe
to drop this rather than try to fix the old hostapd behavior.
Signed-hostap: Jouni Malinen <j@w1.fi>
system/core/libnl_2 does not include nl_socket_set_nonblocking(), so
need to implement that to fix the build.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This call requires a struct hostapd_data pointer and that is not really
something that the driver wrappers should be using.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
If hostapd is requested to set the country code and the previous country
code differs from the new one, the channel list information from the
driver may change. This change may not be instant, so wait for an
EVENT_CHANNEL_LIST_CHANGED event before continuing interface setup with
fetching of the channel list information. This fixes issues where the
selected channel is not available based on the previous regulatory data
and update through CRDA takes some time.
Signed-hostap: Jouni Malinen <j@w1.fi>
While these attributes may be expected to be present always, this needs
to be verified within driver_nl80211.c since we cannot depend on the
kernel/driver working correctly.
Signed-hostap: Jouni Malinen <j@w1.fi>
When removing and re-adding the first wlan# netdev to hostapd
dynamically, the netdev is already present and should not be removed and
re-added to maintain its state as not-added-by-hostapd so that it does
not get removed automatically.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This moves the vif added check from core hostapd to the driver wrapper
(only driver_nl80211.c uses this) and reorders operations a bit to allow
the first BSS (vif) to be removed from a multi-BSS setup.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
The first user of monitor interface was not counted and that could
result in the monitor interface getting removed if the initial interface
was removed from a multi-BSS setup.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Later on, we'll consider the availability of these
channels when starting P2P GO with VHT support.
Signed-hostap: Eliad Peller <eliadx.peller@intel.com>
Previously the Country element contained the max TX power the local
hardware was capable of. Change this to just use the regulatory limit.
Signed-hostap: Helmut Schaa <helmut.schaa@googlemail.com>
Signed-off-by: Helmut Schaa <helmut.schaa@googlemail.com>
To avoid a problem where the beacon socket occasionally
blocks, mark any sockets on the eloop as non-blocking.
The previous patch reordered the code to never send a
command after a socket was put on the eloop, but now also
invalidate the nl handle pointer while it's on there.
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
Abstract the handling of sockets on the eloop to avoid
destroying sockets still on the eloop and also to allow
the next patch to mark the socket non-blocking.
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
The IBSS code registers the bss nl_mgmt socket for auth
frames when the join event happens, but that is too late
as then the socket is already on the eloop, which could
cause problems when other events are received at the
same time as the registration is done.
Move the auth frame registration to the initial setup
before the socket is put onto the eloop.
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
linux_br_get() was forcing null termination on the buffer, but did not
check whether the string could have been truncated. Make this more
strict by rejecting any truncation case.
Signed-hostap: Jouni Malinen <j@w1.fi>
The allocation of new_bss and its use was separated by a lot of code in
this function. This can be cleaned up by moving the allocation next to
the use, so that this all can be within a single #ifdef HOSTAPD block.
The i802_check_bridge() call was outside type == WPA_IF_AP_BSS case, but
in practice, it is only used for WPA_IF_AP_BSS (and if used for
something else, this would have resulted in NULL pointer dereference
anyway).
Signed-hostap: Jouni Malinen <j@w1.fi>
Incorrect nla_get variants were used to get event type and frequency.
Kernel passes both as u32. This caused issues on tinynl/big-endian hosts
- CAC finished was treated as radar detection and frequency was 0.
Signed-hostap: Michal Kazior <michal.kazior@tieto.com>