From patchwork Wed May 20 18:34:16 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kevin Lund X-Patchwork-Id: 1294581 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=reject dis=none) header.from=google.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20170209 header.b=Oih12R2h; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=google.com header.i=@google.com header.a=rsa-sha256 header.s=20161025 header.b=sECF8dOO; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49S1f56tVjz9sTC for ; Thu, 21 May 2020 04:35:41 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:To:From:Subject:References:Mime-Version :Message-Id:In-Reply-To:Date:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=Eqo9qKJ3W/MLIEY7gMqnPNrE/KjYFXwQ1CmMb2aDRTI=; b=Oih12R2hcRD73X gq8GP5t2sSDqw0C1HC2SNopBNz+mY6THiy5yTmdCJ5LVKcPWuX0OZXYElF166YsTnfQBWVrar5mdF YOquY2vNqWVtTliVkgw82DvGHw+nAWKNSOzj9VsESW9zTCGK/dFtGuQjElVbbX0ZSo8lHJSCuFySN 6Qd2WJXCZwzubk711LllDtTAPrOfDQLhLmYfieSoxoVcrpxVeVC0HOkEkdnSZSJWoyJAh0fo2/vnu 9l9HvQhKV2KYK/0V+BXMl8UwqK/N8v6MUvpCKskH6SpVbKM6SjwtKrrn6WYiM5IpHhE7g2LKfRhqr mfjhAEGmRtOpiKaXLnPg==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1jbTYu-0005DB-G4; Wed, 20 May 2020 18:35:28 +0000 Received: from mail-qv1-xf49.google.com ([2607:f8b0:4864:20::f49]) by bombadil.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1jbTY5-0002Bx-Dk for hostap@lists.infradead.org; Wed, 20 May 2020 18:34:39 +0000 Received: by mail-qv1-xf49.google.com with SMTP id cf17so4551174qvb.1 for ; Wed, 20 May 2020 11:34:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=0LbV1sux51cwTn/RAGQ5H27hmrOQiVYyowMMbMhUZhI=; b=sECF8dOOweJHVApjZDt04LVpC2GiFaWKps5DYpiyH2hR881ywtVcpWgv6+13pKXY/Q MmyQHLx4XnD6i6ze29O95N1IzpKTS4MGorJCHZ0uCxVMe61lEWYbYOqj7Fgt0L2R3GLL TfuKhAhLMYr7C8GVH69+VQ6WNOvlB96cjuSof38QTHD2LTjpho3B2siu8HEvMJh8v5cc f/NLyfopxXwVGTqVKMJPU+gc5nI+9ehR57c9ic0JL5URgtKsHU3s+IR4kVDtrIQIZvP0 E84FNVHK5HvLS8N9fXTFEwk8OaHyaEAapYgSBDa0zmMNQLinWsZSoMe6EWIL1nAFrZOC uQ3g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=0LbV1sux51cwTn/RAGQ5H27hmrOQiVYyowMMbMhUZhI=; b=BCTzexODvRESSBcm1/zK35rsvIcusVppcWzDAwjXdUHyidRu+88UfHsYiHWkmGAXHa 88FGPkJGq2TPkNkT/TP77uK9X6dvLJa54Yxl28YJiyXhemkdrjgDuOaIkUtuH/5lwsxV LE0p2D8p6sMt6GSDwqvaOe4B8KZ1vR6aI/5uWUfw4uOBRwZd+PNC9qzRgDVEZzXgXq64 UTexpMOYJ/KCKXrti34bneF/jux9opogcIG47dXo3SIsGKqftbcrzkxMRj8oWxw3hFyk GeMI3+Rdsx2XZ5cVMCSs1NAt8cJKfXqwOQTz9vqbdiP4Mf+78VVQjjs2z7U7HAe2nLLS qY8w== X-Gm-Message-State: AOAM532WYPNqKiHokl5v0QtniaxXHJiZ5663u9DExYMtsjwwFqI3PzDd kDowyyMAkfxvBf1e48knRkQjr+HQC8yLOXeZjXhRWkNWfpNSSS1neDR75yTJC5oUSqjp77qrb38 X5DlxYenfk2E2Tvdy09easdmxCi/n+huzEPC9swXVEtIHM/O4qGXmN74FXpJ6hroQUrM= X-Google-Smtp-Source: ABdhPJw2Xh2itrzokYpCPIdC7TKbPL8IhpQPCdhBxkRWT0np/swZhwVXFxiGmyjBtPaGVPvNlpRzem4sH5I= X-Received: by 2002:a0c:f054:: with SMTP id b20mr6045067qvl.112.1589999674365; Wed, 20 May 2020 11:34:34 -0700 (PDT) Date: Wed, 20 May 2020 12:34:16 -0600 In-Reply-To: <20200520183417.214702-1-kglund@google.com> Message-Id: <20200520183417.214702-3-kglund@google.com> Mime-Version: 1.0 References: <20200520183417.214702-1-kglund@google.com> X-Mailer: git-send-email 2.26.2.761.g0e0b3e54be-goog Subject: [PATCH 3/4] wpa_supplicant-2.8: Add wpa_blacklist_update() From: Kevin Lund To: hostap@lists.infradead.org X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200520_113437_479891_F2EACCB4 X-CRM114-Status: GOOD ( 14.25 ) X-Spam-Score: -7.7 (-------) X-Spam-Report: SpamAssassin version 3.4.4 on bombadil.infradead.org summary: Content analysis details: (-7.7 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2607:f8b0:4864:20:0:0:0:f49 listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record -7.5 USER_IN_DEF_DKIM_WL From: address is in the default DKIM white-list 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.0 DKIMWL_WL_MED DKIMwl.org - Medium sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Kevin Lund Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org This change adds the function wpa_blacklist_update(), which goes through all blacklist entries and deletes them if their blacklist expired over an hour ago. The purpose of this is to remove stale entries from the blacklist which likely do not reflect the current condition of device's network surroundings. This function is called whenever the blacklist is polled, meaning that the caller always gets an up-to-date reflection of the blacklist. Another solution to clearing the blacklist that was considered was to slowly reduce the counts of blacklist entries over time, and delete them if the counts dropped below 0. We decided to go with the current solution instead because an AP's "problematic" status is really a binary thing: either the AP is no longer problematic, or it's still causing us problems. So if we see any more problems within a reasonable amount of time, it makes sense to just keep the blacklist where it was since the AP is likely still undergoing the same issue. If we go a significant amount of time (semi-arbitrarily chosen as 1 hour) without any issues with an AP, it's reasonable to behave as if the AP is no longer undergoing the same issue. If we see more problems at a later time, we can start the blacklisting process fresh again, treating this as a brand new issue. BUG=chromium:1040974, chromium:1051374 TEST=emerge-drallion wpa_supplicant-2_8 network_WiFi_BadAPAssocAttempts Run test and check logs. Reduce timer from one hour to 5 seconds, and check that the blacklist entry removal logic works as intended. TEST=Run suite:wifi_matfunc: "Total PASS: 180/180 (100%)" TEST=`./run-build-tests.sh` TEST=Emerge and deploy hostap-test on board Betty to cros_vm instance `tast -verbose run -var=network.HostapHwsim.runArgs='-f module_tests' localhost:9222 network.HostapHwsim.full` `tast -verbose run -var=network.HostapHwsim.runArgs='-f ap_open ap_roam wpas_ctrl' localhost:9222 network.HostapHwsim.full` `tast -verbose run localhost:9222 network.HostapHwsim.full` tast -verbose run localhost:9222 network.HostapHwsim.sanity` No new hwsim test failures are introduced by this change. Signed-off-by: Kevin Lund Change-Id: I7a274bdce35911d42894fc66ec16b1357662c7e1 --- wpa_supplicant/blacklist.c | 39 ++++++++++++++++++++++++++++++++++++++ wpa_supplicant/blacklist.h | 1 + 2 files changed, 40 insertions(+) diff --git a/wpa_supplicant/blacklist.c b/wpa_supplicant/blacklist.c index 74d6b0bcd..0b4848af4 100644 --- a/wpa_supplicant/blacklist.c +++ b/wpa_supplicant/blacklist.c @@ -26,6 +26,8 @@ struct wpa_blacklist * wpa_blacklist_get(struct wpa_supplicant *wpa_s, if (wpa_s == NULL || bssid == NULL) return NULL; + wpa_blacklist_update(wpa_s); + e = wpa_s->blacklist; while (e) { if (os_memcmp(e->bssid, bssid, ETH_ALEN) == 0) @@ -171,3 +173,40 @@ void wpa_blacklist_clear(struct wpa_supplicant *wpa_s) os_free(prev); } } + + +/** + * wpa_blacklist_update - Update the entries in the blacklist, + * deleting entries that have been expired for over an hour. + * @wpa_s: Pointer to wpa_supplicant data + */ +void wpa_blacklist_update(struct wpa_supplicant *wpa_s) +{ + struct wpa_blacklist *e, *prev = NULL, *to_delete = NULL; + struct os_reltime now; + + if (wpa_s == NULL) + return; + + e = wpa_s->blacklist; + os_get_reltime(&now); + while (e) { + if (os_reltime_expired(&now, &e->blacklist_start, + e->timeout_secs + 3600)) { + to_delete = e; + if (prev) { + prev->next = e->next; + e = prev->next; + } else { + wpa_s->blacklist = e->next; + e = wpa_s->blacklist; + } + wpa_printf(MSG_INFO, "Removed BSSID " MACSTR " from " + "blacklist (expired)", MAC2STR(to_delete->bssid)); + os_free(to_delete); + } else { + prev = e; + e = e->next; + } + } +} diff --git a/wpa_supplicant/blacklist.h b/wpa_supplicant/blacklist.h index 92990fb6d..bb473d465 100644 --- a/wpa_supplicant/blacklist.h +++ b/wpa_supplicant/blacklist.h @@ -28,5 +28,6 @@ int wpa_blacklist_add(struct wpa_supplicant *wpa_s, const u8 *bssid); int wpa_blacklist_del(struct wpa_supplicant *wpa_s, const u8 *bssid); int wpa_blacklist_is_blacklisted(struct wpa_supplicant *wpa_s, const u8 *bssid); void wpa_blacklist_clear(struct wpa_supplicant *wpa_s); +void wpa_blacklist_update(struct wpa_supplicant *wpa_s); #endif /* BLACKLIST_H */