From patchwork Wed Oct 19 14:13:49 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Veerendranath Jakkam X-Patchwork-Id: 1691981 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=vmp4RmGt; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=quicinc.com header.i=@quicinc.com header.a=rsa-sha256 header.s=qcppdkim1 header.b=EZt0sZiE; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4Mst7G2Ts3z23jk for ; Thu, 20 Oct 2022 01:15:54 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:CC:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=THEtc7JlblWmP4HhiVd1NVsDzYQluZ5UcbVQC+E7CUQ=; b=vmp4RmGtYpUNHW 9zPIR9sBhITLS59oxfkumznx6BJbQAH8MaVUHmatgyVrbuMNkxKIM3oXZ75ttjuMq4C/NKS7jWRWa v9Et9oSkFldmcw8AMyeXmev6BA/tAlqQN4BHBOHHf+Yi3meBWjErQ7wNefB+9KukSM6DLGCS8TZAu v0Z2mc0nq06qhWKilZecfgmhE1CxrnZw1f3fyjX4iZDQJ/Pkz5/fCBao2VfYGKeoMkf5BifgMDDLd RSl/tvjRrIXhCsQjfm6ZczdpClkeH8exQeqq30qLvO5SFDiD5iwqkwyT+rzgRVwQ5T5EEUhI6bFWs xSf7UrIpy7ZbiH9QNKQw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1ol9qb-002ein-6M; Wed, 19 Oct 2022 14:15:05 +0000 Received: from mx0a-0031df01.pphosted.com ([205.220.168.131]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1ol9qA-002daq-BE for hostap@lists.infradead.org; Wed, 19 Oct 2022 14:14:40 +0000 Received: from pps.filterd (m0279862.ppops.net [127.0.0.1]) by mx0a-0031df01.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 29J8R2ch031871 for ; Wed, 19 Oct 2022 14:14:36 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quicinc.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=qcppdkim1; bh=k1XRGb7aKg4TOW+e5v29SCzkGhIFNb2RTfyCpzXWm4A=; b=EZt0sZiE/hOizAT+Hn+FNQlMqRBuiLWtV+Fe/u7j54EDm1Pe4PYFrHOgYBemUSebzkBC aUSvw8vW/7BIh4OjZY4GnbXMlMA7L6CInBvmWmwroMOtDSgJrbc+rAkrj2/o89HHhDlQ 2xTSsC+uDCSX7XmT3dfwbtfiEAjopVKTWgYSKc+muVlxsBHN3FkVikCxla/bhtqK0Ra0 P8gQz3ADLa43WRFKth81Et1VlraZzQhTa1ORWne3/6Lm43Wux0BCvucjBxcYUTHMcgea YIScN+kP7vQAV3F65LLTktA1hgUnv8dQ+KgzdaYBTOIEr8vJn/2PB28/yGSdjMb/2cee kw== Received: from nalasppmta02.qualcomm.com (Global_NAT1.qualcomm.com [129.46.96.20]) by mx0a-0031df01.pphosted.com (PPS) with ESMTPS id 3ka5emjgq7-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 19 Oct 2022 14:14:35 +0000 Received: from nalasex01a.na.qualcomm.com (nalasex01a.na.qualcomm.com [10.47.209.196]) by NALASPPMTA02.qualcomm.com (8.17.1.5/8.17.1.5) with ESMTPS id 29JEEZ23009991 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 19 Oct 2022 14:14:35 GMT Received: from cnss-mw-linux.qualcomm.com (10.80.80.8) by nalasex01a.na.qualcomm.com (10.47.209.196) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.29; Wed, 19 Oct 2022 07:14:33 -0700 From: Veerendranath Jakkam To: CC: Subject: [PATCH v3 01/21] nl80211: Add support to parse MLO link status info in NL80211_CMD_CONNECT Date: Wed, 19 Oct 2022 19:43:49 +0530 Message-ID: <20221019141409.535582-2-quic_vjakkam@quicinc.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20221019141409.535582-1-quic_vjakkam@quicinc.com> References: <20221019141409.535582-1-quic_vjakkam@quicinc.com> MIME-Version: 1.0 X-Originating-IP: [10.80.80.8] X-ClientProxiedBy: nasanex01b.na.qualcomm.com (10.46.141.250) To nalasex01a.na.qualcomm.com (10.47.209.196) X-QCInternal: smtphost X-Proofpoint-Virus-Version: vendor=nai engine=6200 definitions=5800 signatures=585085 X-Proofpoint-ORIG-GUID: jRN-c_g3Y1lCm6jlurtUK-NiGAd7fa-x X-Proofpoint-GUID: jRN-c_g3Y1lCm6jlurtUK-NiGAd7fa-x X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.545,FMLib:17.11.122.1 definitions=2022-10-19_08,2022-10-19_03,2022-06-22_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 adultscore=0 lowpriorityscore=0 suspectscore=0 mlxlogscore=999 spamscore=0 malwarescore=0 clxscore=1015 phishscore=0 mlxscore=0 bulkscore=0 impostorscore=0 priorityscore=1501 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2209130000 definitions=main-2210190080 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20221019_071438_426147_710863C9 X-CRM114-Status: GOOD ( 17.56 ) X-Spam-Score: -0.9 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: NL80211_CMD_CONNECT event indicates MLO links status info with kernel commit 53ad07e9823b ("wifi: cfg80211: support reporting failed links"). Consider MLO links with success status only as valid links [...] Content analysis details: (-0.9 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/, low trust [205.220.168.131 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org NL80211_CMD_CONNECT event indicates MLO links status info with kernel commit 53ad07e9823b ("wifi: cfg80211: support reporting failed links"). Consider MLO links with success status only as valid links. Signed-off-by: Veerendranath Jakkam --- src/drivers/driver_nl80211_event.c | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/src/drivers/driver_nl80211_event.c b/src/drivers/driver_nl80211_event.c index 4f6de9891..aaf4c755f 100644 --- a/src/drivers/driver_nl80211_event.c +++ b/src/drivers/driver_nl80211_event.c @@ -482,7 +482,16 @@ static void nl80211_parse_mlo_link_info(struct driver_sta_mlo_info *mlo, if (link_id >= MAX_NUM_MLD_LINKS) continue; - mlo->valid_links |= BIT(link_id); + if (tb[NL80211_ATTR_STATUS_CODE]) { + if (nla_get_u16(tb[NL80211_ATTR_STATUS_CODE]) == + WLAN_STATUS_SUCCESS) + mlo->valid_links |= BIT(link_id); + else + continue; + } else { + mlo->valid_links |= BIT(link_id); + } + os_memcpy(mlo->links[link_id].addr, nla_data(tb[NL80211_ATTR_MAC]), ETH_ALEN); os_memcpy(mlo->links[link_id].bssid, From patchwork Wed Oct 19 14:13:50 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Veerendranath Jakkam X-Patchwork-Id: 1691979 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=IMNalTMJ; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=quicinc.com header.i=@quicinc.com header.a=rsa-sha256 header.s=qcppdkim1 header.b=gZG4LhF2; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4Mst710RfMz23jk for ; Thu, 20 Oct 2022 01:15:41 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:CC:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=0bbH59IuPSK64CnxRRSZe4fAS1KEA07LEymItofh8SM=; b=IMNalTMJbGfef7 i++dMa2NefSdQj1//5DjdJTDwGn4yWrXaPBFk+HwpmcynGlWYmOESF5ys1lPuuI+cQt8wkEOahFB+ 3msgvAxXQU6aL2pz2pOeQfpmdF4cGDzVk3Xh63JRN6ssX6dj/lcJ/Ai3kAlz1Kuq/zxkTPMPQlfHJ 4JFWwg6TOPpzA6tL5aZInP97kpPJn1BTbgn+hl20gzsDu5iXAFjINXjEHeJc+4s8XlnMkLBVXU8JQ LlCshfCgcSc69D9ilqCwW7fcM0hjCj1vCP9fverFKOsEREyEoHq8UuSmF+gxvTOlPnrsx48jbpZls UOhOKBLdnYgGGLuRjhgQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1ol9qD-002dne-I5; Wed, 19 Oct 2022 14:14:41 +0000 Received: from mx0a-0031df01.pphosted.com ([205.220.168.131]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1ol9q9-002dcK-QZ for hostap@lists.infradead.org; Wed, 19 Oct 2022 14:14:39 +0000 Received: from pps.filterd (m0279864.ppops.net [127.0.0.1]) by mx0a-0031df01.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 29JCAOHS011810 for ; Wed, 19 Oct 2022 14:14:37 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quicinc.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=qcppdkim1; bh=DEn6XzYV8nfYcC6xtcI3GuDYeWgbAZY8VUEuSlA8UyY=; b=gZG4LhF2fmXPEFt3Xy5hSkSJgvKhBRX2vQKRmEjssgqlGAoeYmD2095itFATGzHLrdXn J7bNhnHod6A0UQvm1TTvgJqy+i2kyJFJdO2xDWipJ2d90LObY7iheGkqbw37c+Zc4sgR IbkC+2LduK+sJhkM0DXgB9bQCdUVM67QhJ3MdnmAlX0wSF3pQYMUkDpGvgjh4SMvXaHs KiGj2rPXQ5FfbtW256jz4FjjslLpBOdPsCdBxSeo14F2pkIaNar+/g+/gfimdKjd6CBv R2iSoecQQqQuM36Gr2ejUQvwqybmWsmizOnJra3GItfKKgL1Q8L4lGSKIhflCNa/pMrh yA== Received: from nalasppmta03.qualcomm.com (Global_NAT1.qualcomm.com [129.46.96.20]) by mx0a-0031df01.pphosted.com (PPS) with ESMTPS id 3kaed8s891-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 19 Oct 2022 14:14:37 +0000 Received: from nalasex01a.na.qualcomm.com (nalasex01a.na.qualcomm.com [10.47.209.196]) by NALASPPMTA03.qualcomm.com (8.17.1.5/8.17.1.5) with ESMTPS id 29JEEaK4027525 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 19 Oct 2022 14:14:36 GMT Received: from cnss-mw-linux.qualcomm.com (10.80.80.8) by nalasex01a.na.qualcomm.com (10.47.209.196) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.29; Wed, 19 Oct 2022 07:14:35 -0700 From: Veerendranath Jakkam To: CC: Subject: [PATCH v3 02/21] MLD STA: Fetch MLO assoc link ID info to core wpa_supplicant Date: Wed, 19 Oct 2022 19:43:50 +0530 Message-ID: <20221019141409.535582-3-quic_vjakkam@quicinc.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20221019141409.535582-1-quic_vjakkam@quicinc.com> References: <20221019141409.535582-1-quic_vjakkam@quicinc.com> MIME-Version: 1.0 X-Originating-IP: [10.80.80.8] X-ClientProxiedBy: nasanex01b.na.qualcomm.com (10.46.141.250) To nalasex01a.na.qualcomm.com (10.47.209.196) X-QCInternal: smtphost X-Proofpoint-Virus-Version: vendor=nai engine=6200 definitions=5800 signatures=585085 X-Proofpoint-ORIG-GUID: CNkbFkLMoOYH7UEtlJK6kGvtWA5XNTu9 X-Proofpoint-GUID: CNkbFkLMoOYH7UEtlJK6kGvtWA5XNTu9 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.545,FMLib:17.11.122.1 definitions=2022-10-19_08,2022-10-19_03,2022-06-22_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 adultscore=0 lowpriorityscore=0 malwarescore=0 mlxscore=0 phishscore=0 mlxlogscore=999 spamscore=0 impostorscore=0 bulkscore=0 suspectscore=0 clxscore=1015 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2209130000 definitions=main-2210190080 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20221019_071437_889703_69D87C67 X-CRM114-Status: GOOD ( 23.83 ) X-Spam-Score: -0.9 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Add support to fetch MLO association link ID info from driver to wpa_supplicant instance of corresponding MLD STA interface. This info needed when setting the MLO connection info to wpa_sm. Signed-off-by: Veerendranath Jakkam --- src/drivers/driver.h | 1 + src/drivers/driver_nl80211.c | 4 ++-- src/drivers/driver_nl80211.h | 1 - src/drivers/driver_nl80211_event. [...] Content analysis details: (-0.9 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/, low trust [205.220.168.131 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Add support to fetch MLO association link ID info from driver to wpa_supplicant instance of corresponding MLD STA interface. This info needed when setting the MLO connection info to wpa_sm. Signed-off-by: Veerendranath Jakkam --- src/drivers/driver.h | 1 + src/drivers/driver_nl80211.c | 4 ++-- src/drivers/driver_nl80211.h | 1 - src/drivers/driver_nl80211_event.c | 16 ++++++++-------- wpa_supplicant/events.c | 3 ++- wpa_supplicant/wpa_supplicant_i.h | 1 + 6 files changed, 14 insertions(+), 12 deletions(-) diff --git a/src/drivers/driver.h b/src/drivers/driver.h index 4d9a7e3c0..9132409c1 100644 --- a/src/drivers/driver.h +++ b/src/drivers/driver.h @@ -2742,6 +2742,7 @@ struct weighted_pcl { struct driver_sta_mlo_info { u16 valid_links; /* bitmap of valid link IDs */ + u8 assoc_link_id; u8 ap_mld_addr[ETH_ALEN]; struct { u8 addr[ETH_ALEN]; diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c index fdc773a58..38e3f825c 100644 --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c @@ -1502,7 +1502,7 @@ static int nl80211_get_assoc_freq_handler(struct nl_msg *msg, void *arg) } if (!drv->sta_mlo_info.valid_links || - drv->mlo_assoc_link_id == link_id) { + drv->sta_mlo_info.assoc_link_id == link_id) { ctx->assoc_freq = freq; wpa_printf(MSG_DEBUG, "nl80211: Associated on %u MHz", ctx->assoc_freq); @@ -1530,7 +1530,7 @@ static int nl80211_get_assoc_freq_handler(struct nl_msg *msg, void *arg) } if (!drv->sta_mlo_info.valid_links || - drv->mlo_assoc_link_id == link_id) { + drv->sta_mlo_info.assoc_link_id == link_id) { os_memcpy(ctx->assoc_bssid, bssid, ETH_ALEN); wpa_printf(MSG_DEBUG, "nl80211: Associated with " MACSTR, MAC2STR(bssid)); diff --git a/src/drivers/driver_nl80211.h b/src/drivers/driver_nl80211.h index 3eb2a74ab..0b8b0ce11 100644 --- a/src/drivers/driver_nl80211.h +++ b/src/drivers/driver_nl80211.h @@ -128,7 +128,6 @@ struct wpa_driver_nl80211_data { u8 bssid[ETH_ALEN]; u8 prev_bssid[ETH_ALEN]; int associated; - int mlo_assoc_link_id; struct driver_sta_mlo_info sta_mlo_info; u8 ssid[SSID_MAX_LEN]; size_t ssid_len; diff --git a/src/drivers/driver_nl80211_event.c b/src/drivers/driver_nl80211_event.c index aaf4c755f..929bb1888 100644 --- a/src/drivers/driver_nl80211_event.c +++ b/src/drivers/driver_nl80211_event.c @@ -537,10 +537,10 @@ static void nl80211_parse_mlo_info(struct wpa_driver_nl80211_data *drv, if (!ml_ie) return; - drv->mlo_assoc_link_id = nl80211_get_assoc_link_id(&ml_ie[3], - ml_ie[1] - 1); - if (drv->mlo_assoc_link_id < 0 || - drv->mlo_assoc_link_id >= MAX_NUM_MLD_LINKS) + drv->sta_mlo_info.assoc_link_id = nl80211_get_assoc_link_id( + &ml_ie[3], ml_ie[1] - 1); + if (drv->sta_mlo_info.assoc_link_id < 0 || + drv->sta_mlo_info.assoc_link_id >= MAX_NUM_MLD_LINKS) return; os_memcpy(mlo->ap_mld_addr, nla_data(addr), ETH_ALEN); @@ -554,14 +554,14 @@ static void nl80211_parse_mlo_info(struct wpa_driver_nl80211_data *drv, nl80211_parse_qca_vendor_mlo_link_info(mlo, mlo_links); #endif /* CONFIG_DRIVER_NL80211_QCA */ - if (!(mlo->valid_links & BIT(drv->mlo_assoc_link_id))) { + if (!(mlo->valid_links & BIT(drv->sta_mlo_info.assoc_link_id))) { wpa_printf(MSG_ERROR, "nl80211: Invalid MLO assoc link ID %d", - drv->mlo_assoc_link_id); + drv->sta_mlo_info.assoc_link_id); mlo->valid_links = 0; return; } - os_memcpy(drv->bssid, mlo->links[drv->mlo_assoc_link_id].bssid, + os_memcpy(drv->bssid, mlo->links[drv->sta_mlo_info.assoc_link_id].bssid, ETH_ALEN); os_memcpy(drv->prev_bssid, drv->bssid, ETH_ALEN); } @@ -926,7 +926,7 @@ static void mlme_event_ch_switch(struct wpa_driver_nl80211_data *drv, EVENT_LINK_CH_SWITCH_STARTED, &data); } - if (link_id != drv->mlo_assoc_link_id) + if (link_id != drv->sta_mlo_info.assoc_link_id) return; } diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c index e0a97bc2e..f3cbe9755 100644 --- a/wpa_supplicant/events.c +++ b/wpa_supplicant/events.c @@ -3387,13 +3387,14 @@ static int wpa_drv_get_mlo_info(struct wpa_supplicant *wpa_s) } } - if (match && + if (match && wpa_s->mlo_assoc_link_id == mlo.assoc_link_id && os_memcmp(wpa_s->ap_mld_addr, mlo.ap_mld_addr, ETH_ALEN) == 0) return 0; } wpa_s->valid_links = mlo.valid_links; + wpa_s->mlo_assoc_link_id = mlo.assoc_link_id; os_memcpy(wpa_s->ap_mld_addr, mlo.ap_mld_addr, ETH_ALEN); for (i = 0; i < MAX_NUM_MLD_LINKS; i++) { if (!(wpa_s->valid_links & BIT(i))) diff --git a/wpa_supplicant/wpa_supplicant_i.h b/wpa_supplicant/wpa_supplicant_i.h index 4081592bd..9db847cec 100644 --- a/wpa_supplicant/wpa_supplicant_i.h +++ b/wpa_supplicant/wpa_supplicant_i.h @@ -740,6 +740,7 @@ struct wpa_supplicant { int ap_ies_from_associnfo; unsigned int assoc_freq; u8 ap_mld_addr[ETH_ALEN]; + u8 mlo_assoc_link_id; u8 valid_links; /* bitmap of valid MLO link IDs */ struct { u8 addr[ETH_ALEN]; From patchwork Wed Oct 19 14:13:51 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Veerendranath Jakkam X-Patchwork-Id: 1691982 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=wDQJd1oJ; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=quicinc.com header.i=@quicinc.com header.a=rsa-sha256 header.s=qcppdkim1 header.b=gycGnpdQ; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4Mst7c3DTVz23jk for ; Thu, 20 Oct 2022 01:16:12 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:CC:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=pMGtQOWrvHp8F5IBxG3zxGeg5h83WAp9PJOEp978Si4=; b=wDQJd1oJM03GQ7 Poo4HydqUX3W1DeUjh49Jqf6ouuUdfxqFoB4rhsCkDgIXAupc1r0PVSqothMf1UhUo9SFyoHMqP9x uZiPehnYsrv0S8zX2uA7KcsJ1iyOZr4OhN/WAQXQ9inipE6ytFp+1OvnFDnyFY8gHToP0itavmC5L 9Bw9fGpmuYWT2lTixc3lHYP+APhNZu4Io6e30Higx/tVF7yjdYi6WUsKa+I0NMPb6DCu0PmhBIAp2 a0Rdr94w7H/MkHhaQKXPBsK5m889WNTW9IblFwDqWu3p9Nv8P/gGQ4Ej8f6YgQx/qgaQOc/jG8qIV sIQlqCl/nJ0+kcUEzVWQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1ol9qo-002fCr-9O; Wed, 19 Oct 2022 14:15:18 +0000 Received: from mx0a-0031df01.pphosted.com ([205.220.168.131]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1ol9qB-002di6-Bh for hostap@lists.infradead.org; Wed, 19 Oct 2022 14:14:41 +0000 Received: from pps.filterd (m0279863.ppops.net [127.0.0.1]) by mx0a-0031df01.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 29JCBJtd032477 for ; Wed, 19 Oct 2022 14:14:39 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quicinc.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=qcppdkim1; bh=T/MtNreP+wXsi/uhDfMpoHJijBJGkSOavc7/QUcbC7c=; b=gycGnpdQ3STpe0QUXvrD75yEMWszhA+T9lu3ooQ0G3VfDRFpPWF84DF7y43MB64qJE2H 1f70dBxJiqvSuM+W8DCA0hr61wrQtD2if1ZyV8/1TWG3zqT5J8X0hJNVKUs8KnEWTmcX RCuLMvT2nvBog1/6poD2ioOplvQT5/48XKoIKY15te8Bvjdm3L8pUDYJjusv5EhMfIAp 50u5Rt5IW8R4VQmTnnTSpflkhbJ+dw1u/QTIGEWeWbMkoXVxRM7YOWNrE8cjxO3PUSRH BIWirlhF1hIggCQoMxWsYKytlOKr0NNtLqHA5GgixV27VJX/ZObdjurbBsAFwD6a1VHA pg== Received: from nalasppmta03.qualcomm.com (Global_NAT1.qualcomm.com [129.46.96.20]) by mx0a-0031df01.pphosted.com (PPS) with ESMTPS id 3k9n2p5pkn-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 19 Oct 2022 14:14:39 +0000 Received: from nalasex01a.na.qualcomm.com (nalasex01a.na.qualcomm.com [10.47.209.196]) by NALASPPMTA03.qualcomm.com (8.17.1.5/8.17.1.5) with ESMTPS id 29JEEcUC027533 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 19 Oct 2022 14:14:38 GMT Received: from cnss-mw-linux.qualcomm.com (10.80.80.8) by nalasex01a.na.qualcomm.com (10.47.209.196) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.29; Wed, 19 Oct 2022 07:14:37 -0700 From: Veerendranath Jakkam To: CC: Subject: [PATCH v3 03/21] EHT: Add support to parse Multi-Link elements Date: Wed, 19 Oct 2022 19:43:51 +0530 Message-ID: <20221019141409.535582-4-quic_vjakkam@quicinc.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20221019141409.535582-1-quic_vjakkam@quicinc.com> References: <20221019141409.535582-1-quic_vjakkam@quicinc.com> MIME-Version: 1.0 X-Originating-IP: [10.80.80.8] X-ClientProxiedBy: nasanex01b.na.qualcomm.com (10.46.141.250) To nalasex01a.na.qualcomm.com (10.47.209.196) X-QCInternal: smtphost X-Proofpoint-Virus-Version: vendor=nai engine=6200 definitions=5800 signatures=585085 X-Proofpoint-ORIG-GUID: AJ4_wGjtefg_8XtvtLheNXwnREO2Rt0j X-Proofpoint-GUID: AJ4_wGjtefg_8XtvtLheNXwnREO2Rt0j X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.545,FMLib:17.11.122.1 definitions=2022-10-19_08,2022-10-19_03,2022-06-22_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 impostorscore=0 clxscore=1015 mlxscore=0 lowpriorityscore=0 suspectscore=0 bulkscore=0 malwarescore=0 priorityscore=1501 phishscore=0 mlxlogscore=999 adultscore=0 spamscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2209130000 definitions=main-2210190080 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20221019_071439_428473_92E1E517 X-CRM114-Status: GOOD ( 18.55 ) X-Spam-Score: -0.9 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Parse and store pointers to different types of Multi-Link elements received in management frames. Signed-off-by: Veerendranath Jakkam --- src/common/ieee802_11_common.c | 46 ++++++++++++++++++++++++++++++++++ src/common/ieee802_11_common.h | 10 ++++++++ 2 files changed, [...] Content analysis details: (-0.9 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/, low trust [205.220.168.131 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Parse and store pointers to different types of Multi-Link elements received in management frames. Signed-off-by: Veerendranath Jakkam --- src/common/ieee802_11_common.c | 46 ++++++++++++++++++++++++++++++++++ src/common/ieee802_11_common.h | 10 ++++++++ 2 files changed, 56 insertions(+) diff --git a/src/common/ieee802_11_common.c b/src/common/ieee802_11_common.c index d97525e9f..966861c17 100644 --- a/src/common/ieee802_11_common.c +++ b/src/common/ieee802_11_common.c @@ -199,6 +199,46 @@ static int ieee802_11_parse_vendor_specific(const u8 *pos, size_t elen, } +static int ieee802_11_parse_mle(const u8 *pos, size_t elen, + struct ieee802_11_elems *elems, + int show_errors) +{ + u8 mle_type = pos[0] & MULTI_LINK_CONTROL_TYPE_MASK; + + switch (mle_type) { + case MULTI_LINK_CONTROL_TYPE_BASIC: + elems->basic_mle = pos; + elems->basic_mle_len = elen; + break; + case MULTI_LINK_CONTROL_TYPE_PROBE_REQ: + elems->probe_req_mle = pos; + elems->probe_req_mle_len = elen; + break; + case MULTI_LINK_CONTROL_TYPE_RECONF: + elems->reconf_mle = pos; + elems->reconf_mle_len = elen; + break; + case MULTI_LINK_CONTROL_TYPE_TDLS: + elems->tdls_mle = pos; + elems->tdls_mle_len = elen; + break; + case MULTI_LINK_CONTROL_TYPE_PRIOR_ACCESS: + elems->prior_access_mle = pos; + elems->prior_access_mle_len = elen; + break; + default: + if (show_errors) { + wpa_printf(MSG_MSGDUMP, + "Unknown Multi-Link element type %u", + mle_type); + } + return -1; + } + + return 0; +} + + static int ieee802_11_parse_extension(const u8 *pos, size_t elen, struct ieee802_11_elems *elems, int show_errors) @@ -315,6 +355,12 @@ static int ieee802_11_parse_extension(const u8 *pos, size_t elen, elems->eht_operation = pos; elems->eht_operation_len = elen; break; + case WLAN_EID_EXT_MULTI_LINK: + if (elen < 2) + break; + if (ieee802_11_parse_mle(pos, elen, elems, show_errors)) + return -1; + break; default: if (show_errors) { wpa_printf(MSG_MSGDUMP, diff --git a/src/common/ieee802_11_common.h b/src/common/ieee802_11_common.h index c3a3234b3..ff6d2a89f 100644 --- a/src/common/ieee802_11_common.h +++ b/src/common/ieee802_11_common.h @@ -119,6 +119,11 @@ struct ieee802_11_elems { const u8 *pasn_params; const u8 *eht_capabilities; const u8 *eht_operation; + const u8 *basic_mle; + const u8 *probe_req_mle; + const u8 *reconf_mle; + const u8 *tdls_mle; + const u8 *prior_access_mle; u8 ssid_len; u8 supp_rates_len; @@ -175,6 +180,11 @@ struct ieee802_11_elems { u8 pasn_params_len; u8 eht_capabilities_len; u8 eht_operation_len; + u8 basic_mle_len; + u8 probe_req_mle_len; + u8 reconf_mle_len; + u8 tdls_mle_len; + u8 prior_access_mle_len; struct mb_ies_info mb_ies; struct frag_ies_info frag_ies; From patchwork Wed Oct 19 14:13:52 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Veerendranath Jakkam X-Patchwork-Id: 1691983 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=WwttLMwW; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=quicinc.com header.i=@quicinc.com header.a=rsa-sha256 header.s=qcppdkim1 header.b=H79nCXpB; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4Mst80643Xz23jk for ; Thu, 20 Oct 2022 01:16:32 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:CC:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=jbp+veJihL9RzHbZnUa3S52hsEfTT8A0cgYYKLnjpYs=; b=WwttLMwW8cOqdL HYGV0Pvgc9Ka5jRtRAQ9ImVhBvm0vBXEUTMH3350Yv1HxyNeLTVgYKXXh2jHnn2/aIKQW6MEzVca2 4+Y4y2oQ4JoHGjm4txVzWpr1sunU2rwXu5hX34s2puJnr2TwxxaUhmFRviKI54CiB8YoY0eQtgsdQ utL0GsFPRLLaVrEd54sZMWjjzipYdWU9UXF7Wlm9Pr/zjnPMcb9ncg/to94l0p2hH0e/8w8GnenAa 603SUuWPKTeSE70PNipSCd93Mo6MUUIkZjC0m9+LqLMi4j1BEtkKWNY+m6/cvRwfiQke0QcLITMuq HDT4mptkW5DqC7uyTu9w==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1ol9r5-002fbL-Cv; Wed, 19 Oct 2022 14:15:35 +0000 Received: from mx0a-0031df01.pphosted.com ([205.220.168.131]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1ol9qD-002dnO-4c for hostap@lists.infradead.org; Wed, 19 Oct 2022 14:14:43 +0000 Received: from pps.filterd (m0279864.ppops.net [127.0.0.1]) by mx0a-0031df01.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 29J9CRCM030517 for ; Wed, 19 Oct 2022 14:14:40 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quicinc.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=qcppdkim1; bh=MqtDL3ERNc0yPB0WI0jRQjOYpIRCZZv6rD67szak3eM=; b=H79nCXpBL57SaK24uIT6/EKZZSBei4NDOVvCe891tLFcjB3Fne+s7OzKg6rcnhNjQeaJ FknCEVgq82fx0zPHIBRktKEk4p/nV9ANdva5+Drrur2YBFYx5+c9fSQ7yyDQ2rllwcFP +6gZx+bJJr7hIZGhsBQwhQQOR+AADXVJJcCjj+DANvwKf0l/CbhXE1N73ZoWxPApfVjZ RODlxOp//K5AVsesF1h5/VjCmwJbkVE6JHVCtZdtsBXtuEkY/M+8Wh9MfgOcGHO3Oo7l JcAWOabqHLGLMUlyCM1MLj3qgukYnFPE4cBej/W/Xhwgk+OQcEhrxmu/R+e85sLBn06p zg== Received: from nalasppmta01.qualcomm.com (Global_NAT1.qualcomm.com [129.46.96.20]) by mx0a-0031df01.pphosted.com (PPS) with ESMTPS id 3kaed8s899-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 19 Oct 2022 14:14:40 +0000 Received: from nalasex01a.na.qualcomm.com (nalasex01a.na.qualcomm.com [10.47.209.196]) by NALASPPMTA01.qualcomm.com (8.17.1.5/8.17.1.5) with ESMTPS id 29JEEe0e009034 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 19 Oct 2022 14:14:40 GMT Received: from cnss-mw-linux.qualcomm.com (10.80.80.8) by nalasex01a.na.qualcomm.com (10.47.209.196) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.29; Wed, 19 Oct 2022 07:14:38 -0700 From: Veerendranath Jakkam To: CC: Subject: [PATCH v3 04/21] common: Refactor element defragmentation Date: Wed, 19 Oct 2022 19:43:52 +0530 Message-ID: <20221019141409.535582-5-quic_vjakkam@quicinc.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20221019141409.535582-1-quic_vjakkam@quicinc.com> References: <20221019141409.535582-1-quic_vjakkam@quicinc.com> MIME-Version: 1.0 X-Originating-IP: [10.80.80.8] X-ClientProxiedBy: nasanex01b.na.qualcomm.com (10.46.141.250) To nalasex01a.na.qualcomm.com (10.47.209.196) X-QCInternal: smtphost X-Proofpoint-Virus-Version: vendor=nai engine=6200 definitions=5800 signatures=585085 X-Proofpoint-ORIG-GUID: pMmb0vgN1Fh7VxmFB6ABuCtlYSq1Dgmf X-Proofpoint-GUID: pMmb0vgN1Fh7VxmFB6ABuCtlYSq1Dgmf X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.545,FMLib:17.11.122.1 definitions=2022-10-19_08,2022-10-19_03,2022-06-22_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 adultscore=0 lowpriorityscore=0 malwarescore=0 mlxscore=0 phishscore=0 mlxlogscore=999 spamscore=0 impostorscore=0 bulkscore=0 suspectscore=0 clxscore=1015 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2209130000 definitions=main-2210190080 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20221019_071441_271608_0D4A1464 X-CRM114-Status: GOOD ( 29.69 ) X-Spam-Score: -0.9 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Instead of saving the pointers to the fragment elements during parsing of the frame, append all fragments found right after the element to the element length. Defragmentation of the lement can be done [...] Content analysis details: (-0.9 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/, low trust [205.220.168.131 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Instead of saving the pointers to the fragment elements during parsing of the frame, append all fragments found right after the element to the element length. Defragmentation of the lement can be done by parsing appended fragment elements. This approach removes the limit on maximum number of fragmented elements supported in a frame. Signed-off-by: Veerendranath Jakkam --- src/common/ieee802_11_common.c | 113 ++++++++++++++++----------------- src/common/ieee802_11_common.h | 31 +++------ 2 files changed, 65 insertions(+), 79 deletions(-) diff --git a/src/common/ieee802_11_common.c b/src/common/ieee802_11_common.c index 966861c17..76dba9d7c 100644 --- a/src/common/ieee802_11_common.c +++ b/src/common/ieee802_11_common.c @@ -239,11 +239,31 @@ static int ieee802_11_parse_mle(const u8 *pos, size_t elen, } +static size_t ieee802_11_fragments_length(struct ieee802_11_elems *elems, + const u8 *start, size_t len) +{ + const struct element *elem; + size_t frags_len = 0; + + for_each_element(elem, start, len) { + if (elem->id != WLAN_EID_FRAGMENT) + break; + + frags_len += elem->datalen + 2; + elems->num_frag_elems++; + } + + return frags_len; +} + + static int ieee802_11_parse_extension(const u8 *pos, size_t elen, struct ieee802_11_elems *elems, + const u8 *start, size_t len, int show_errors) { u8 ext_id; + size_t *total_len = NULL; if (elen < 1) { if (show_errors) { @@ -256,8 +276,6 @@ static int ieee802_11_parse_extension(const u8 *pos, size_t elen, ext_id = *pos++; elen--; - elems->frag_ies.last_eid_ext = 0; - switch (ext_id) { case WLAN_EID_EXT_ASSOC_DELAY_INFO: if (elen != 1) @@ -284,6 +302,7 @@ static int ieee802_11_parse_extension(const u8 *pos, size_t elen, break; elems->fils_hlp = pos; elems->fils_hlp_len = elen; + total_len = &elems->fils_hlp_len; break; case WLAN_EID_EXT_FILS_IP_ADDR_ASSIGN: if (elen < 1) @@ -300,6 +319,7 @@ static int ieee802_11_parse_extension(const u8 *pos, size_t elen, case WLAN_EID_EXT_WRAPPED_DATA: elems->wrapped_data = pos; elems->wrapped_data_len = elen; + total_len = &elems->wrapped_data_len; break; case WLAN_EID_EXT_FILS_PUBLIC_KEY: if (elen < 1) @@ -370,39 +390,15 @@ static int ieee802_11_parse_extension(const u8 *pos, size_t elen, return -1; } - if (elen == 254) - elems->frag_ies.last_eid_ext = ext_id; + if (elen == 254 && total_len) + *total_len += ieee802_11_fragments_length( + elems, pos + elen, + (start + len) - (pos + elen)); return 0; } -static void ieee802_11_parse_fragment(struct frag_ies_info *frag_ies, - const u8 *pos, u8 elen) -{ - if (frag_ies->n_frags >= MAX_NUM_FRAG_IES_SUPPORTED) { - wpa_printf(MSG_MSGDUMP, "Too many element fragments - skip"); - return; - } - - /* - * Note: while EID == 0 is a valid ID (SSID IE), it should not be - * fragmented. - */ - if (!frag_ies->last_eid) { - wpa_printf(MSG_MSGDUMP, - "Fragment without a valid last element - skip"); - return; - } - - frag_ies->frags[frag_ies->n_frags].ie = pos; - frag_ies->frags[frag_ies->n_frags].ie_len = elen; - frag_ies->frags[frag_ies->n_frags].eid = frag_ies->last_eid; - frag_ies->frags[frag_ies->n_frags].eid_ext = frag_ies->last_eid_ext; - frag_ies->n_frags++; -} - - /** * ieee802_11_parse_elems - Parse information elements in management frames * @start: Pointer to the start of IEs @@ -427,6 +423,13 @@ ParseRes ieee802_11_parse_elems(const u8 *start, size_t len, u8 id = elem->id, elen = elem->datalen; const u8 *pos = elem->data; + if (id == WLAN_EID_FRAGMENT && elems->num_frag_elems > 0) { + elems->num_frag_elems--; + continue; + } else { + elems->num_frag_elems = 0; + } + switch (id) { case WLAN_EID_SSID: if (elen > SSID_MAX_LEN) { @@ -630,11 +633,13 @@ ParseRes ieee802_11_parse_elems(const u8 *start, size_t len, elems->s1g_capab = pos; break; case WLAN_EID_FRAGMENT: - ieee802_11_parse_fragment(&elems->frag_ies, pos, elen); + wpa_printf(MSG_MSGDUMP, + "Fragment without a valid last element - skip"); + break; case WLAN_EID_EXTENSION: - if (ieee802_11_parse_extension(pos, elen, elems, - show_errors)) + if (ieee802_11_parse_extension(pos, elen, elems, start, + len, show_errors)) unknown++; break; default: @@ -646,12 +651,6 @@ ParseRes ieee802_11_parse_elems(const u8 *start, size_t len, id, elen); break; } - - if (id != WLAN_EID_FRAGMENT && elen == 255) - elems->frag_ies.last_eid = id; - - if (id == WLAN_EID_EXTENSION && !elems->frag_ies.last_eid_ext) - elems->frag_ies.last_eid = 0; } if (!for_each_element_completed(elem, start, len)) { @@ -2734,37 +2733,37 @@ enum oper_chan_width op_class_to_ch_width(u8 op_class) } -struct wpabuf * ieee802_11_defrag_data(struct ieee802_11_elems *elems, - u8 eid, u8 eid_ext, - const u8 *data, u8 len) +struct wpabuf * ieee802_11_defrag_data(const u8 *data, size_t len, + bool ext_elem) { - struct frag_ies_info *frag_ies = &elems->frag_ies; struct wpabuf *buf; - unsigned int i; + const u8 *pos; + size_t min_defrag_len = ext_elem ? 255 : 256; - if (!elems || !data || !len) + if (!data || !len) return NULL; - buf = wpabuf_alloc_copy(data, len); + if (len < min_defrag_len) + return wpabuf_alloc_copy(data, len); + + buf = wpabuf_alloc_copy(data, min_defrag_len - 1); if (!buf) return NULL; - for (i = 0; i < frag_ies->n_frags; i++) { - int ret; - - if (frag_ies->frags[i].eid != eid || - frag_ies->frags[i].eid_ext != eid_ext) - continue; + pos = &data[min_defrag_len - 1]; + len -= (min_defrag_len - 1); + while (len > 2 && pos[0] == WLAN_EID_FRAGMENT && pos[1]) { + int ret = wpabuf_resize(&buf, pos[1]); - ret = wpabuf_resize(&buf, frag_ies->frags[i].ie_len); if (ret < 0) { wpabuf_free(buf); return NULL; } /* Copy only the fragment data (without the EID and length) */ - wpabuf_put_data(buf, frag_ies->frags[i].ie, - frag_ies->frags[i].ie_len); + wpabuf_put_data(buf, &pos[2], pos[1]); + pos += pos[1] + 2; + len -= (pos[1] + 2); } return buf; @@ -2775,7 +2774,7 @@ struct wpabuf * ieee802_11_defrag(struct ieee802_11_elems *elems, u8 eid, u8 eid_ext) { const u8 *data; - u8 len; + size_t len; /* * TODO: Defragmentation mechanism can be supported for all IEs. For now @@ -2805,7 +2804,7 @@ struct wpabuf * ieee802_11_defrag(struct ieee802_11_elems *elems, return NULL; } - return ieee802_11_defrag_data(elems, eid, eid_ext, data, len); + return ieee802_11_defrag_data(data, len, true); } diff --git a/src/common/ieee802_11_common.h b/src/common/ieee802_11_common.h index ff6d2a89f..294e6265c 100644 --- a/src/common/ieee802_11_common.h +++ b/src/common/ieee802_11_common.h @@ -21,7 +21,6 @@ struct element { struct hostapd_hw_modes; #define MAX_NOF_MB_IES_SUPPORTED 5 -#define MAX_NUM_FRAG_IES_SUPPORTED 3 struct mb_ies_info { struct { @@ -31,21 +30,6 @@ struct mb_ies_info { u8 nof_ies; }; -struct frag_ies_info { - struct { - u8 eid; - u8 eid_ext; - const u8 *ie; - u8 ie_len; - } frags[MAX_NUM_FRAG_IES_SUPPORTED]; - - u8 n_frags; - - /* the last parsed element ID and element extension ID */ - u8 last_eid; - u8 last_eid_ext; -}; - /* Parsed Information Elements */ struct ieee802_11_elems { const u8 *ssid; @@ -162,10 +146,10 @@ struct ieee802_11_elems { u8 dils_len; u8 fils_req_params_len; u8 fils_key_confirm_len; - u8 fils_hlp_len; + size_t fils_hlp_len; u8 fils_ip_addr_assign_len; u8 key_delivery_len; - u8 wrapped_data_len; + size_t wrapped_data_len; u8 fils_pk_len; u8 owe_dh_len; u8 power_capab_len; @@ -187,7 +171,11 @@ struct ieee802_11_elems { u8 prior_access_mle_len; struct mb_ies_info mb_ies; - struct frag_ies_info frag_ies; + /* + * No.of fragment elements to be skipped after a known fragmented + * element. + */ + int num_frag_elems; }; typedef enum { ParseOK = 0, ParseUnknown = 1, ParseFailed = -1 } ParseRes; @@ -348,9 +336,8 @@ void hostapd_encode_edmg_chan(int edmg_enable, u8 edmg_channel, int ieee802_edmg_is_allowed(struct ieee80211_edmg_config allowed, struct ieee80211_edmg_config requested); -struct wpabuf * ieee802_11_defrag_data(struct ieee802_11_elems *elems, - u8 eid, u8 eid_ext, - const u8 *data, u8 len); +struct wpabuf * ieee802_11_defrag_data(const u8 *data, size_t len, + bool ext_elem); struct wpabuf * ieee802_11_defrag(struct ieee802_11_elems *elems, u8 eid, u8 eid_ext); const u8 * get_ml_ie(const u8 *ies, size_t len, u8 type); From patchwork Wed Oct 19 14:13:53 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Veerendranath Jakkam X-Patchwork-Id: 1691984 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=SvBeuq0w; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=quicinc.com header.i=@quicinc.com header.a=rsa-sha256 header.s=qcppdkim1 header.b=K1CEFOBj; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4Mst8J4cL0z23jk for ; Thu, 20 Oct 2022 01:16:48 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:CC:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=+KgCQWqaQ5NGWNho+KzWubA/bqQSQ7z31z0cMWzaNDM=; b=SvBeuq0w+GRkgT pNwZTmJmBey4bzM1bmmm8Lkiz+suB3zLzzlfp5Cb/BSZSZKFH6mwASX3NDt5InNiZLdYemcneYgy2 RoSL/gWzalnjk8R4OC8IaC1bxP+u1SKU4JB6YTeyaJ6ce7a3lvlbGOUXeXzrI4/g6opuB04Ex9uaY SgncMmk782b3Rsa2j8mlA6EdLawwBpTfvOfMFO1VsKdbReHT0fE1O7Pe8LQAI6EV+kQbz/1zY09kw ttYsRpPzheF1b6CCgC+vGpOnWFWIluWY4nXRoH1truxfrjeorq0lJYlYS6CbdTxT342sJKYU2dWEx GoHpYqgVPbG4JlkotOkg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1ol9rW-002gA2-E9; Wed, 19 Oct 2022 14:16:02 +0000 Received: from mx0a-0031df01.pphosted.com ([205.220.168.131]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1ol9qE-002dqL-MU for hostap@lists.infradead.org; Wed, 19 Oct 2022 14:14:44 +0000 Received: from pps.filterd (m0279864.ppops.net [127.0.0.1]) by mx0a-0031df01.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 29J9CJAi030384 for ; Wed, 19 Oct 2022 14:14:42 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quicinc.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=qcppdkim1; bh=Irj1a3Cd+bBUPdF4WiY/xR4ZJMPp29N+pb4IgFl+IJk=; b=K1CEFOBjlbvwGBJ3xPBVKH3LGJe7cNi+bEsyFVzBf1kLjzhAHjjdtj1/TJd/udF8aPhP gZ8zDH4w+Vkvlp1gtvyDz5BPp0abkR6bvs+tXUg1om89IwodJSNdutEUZEfEBgAR4fnk kYQlWy0FsFWNA/KRMKBKOmY9y4IfdXLXkP72BCf+WdoldOHkEIl71p8P9+UEuKDU0YYk FmoqZtucbRUgKo3AeF6v5oq8oFMd/5IvieQFU6xq56TdJ0ea0pyO0RNSR019DSwSbUa2 UapHJjoEvBEMv/rwaA1iP+9P+edK8RW76t9M8qATvfyNgFsxaJbxhjZ23NqWcUs0asKp 7A== Received: from nalasppmta01.qualcomm.com (Global_NAT1.qualcomm.com [129.46.96.20]) by mx0a-0031df01.pphosted.com (PPS) with ESMTPS id 3kaed8s89b-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 19 Oct 2022 14:14:42 +0000 Received: from nalasex01a.na.qualcomm.com (nalasex01a.na.qualcomm.com [10.47.209.196]) by NALASPPMTA01.qualcomm.com (8.17.1.5/8.17.1.5) with ESMTPS id 29JEEfbi009040 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 19 Oct 2022 14:14:41 GMT Received: from cnss-mw-linux.qualcomm.com (10.80.80.8) by nalasex01a.na.qualcomm.com (10.47.209.196) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.29; Wed, 19 Oct 2022 07:14:40 -0700 From: Veerendranath Jakkam To: CC: Subject: [PATCH v3 05/21] EHT: Add support for Multi-Link element defragmentation Date: Wed, 19 Oct 2022 19:43:53 +0530 Message-ID: <20221019141409.535582-6-quic_vjakkam@quicinc.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20221019141409.535582-1-quic_vjakkam@quicinc.com> References: <20221019141409.535582-1-quic_vjakkam@quicinc.com> MIME-Version: 1.0 X-Originating-IP: [10.80.80.8] X-ClientProxiedBy: nasanex01b.na.qualcomm.com (10.46.141.250) To nalasex01a.na.qualcomm.com (10.47.209.196) X-QCInternal: smtphost X-Proofpoint-Virus-Version: vendor=nai engine=6200 definitions=5800 signatures=585085 X-Proofpoint-ORIG-GUID: XFH1a44ZpBQ8BvPFK2uT1GudZyzTdzqL X-Proofpoint-GUID: XFH1a44ZpBQ8BvPFK2uT1GudZyzTdzqL X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.545,FMLib:17.11.122.1 definitions=2022-10-19_08,2022-10-19_03,2022-06-22_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 adultscore=0 lowpriorityscore=0 malwarescore=0 mlxscore=0 phishscore=0 mlxlogscore=999 spamscore=0 impostorscore=0 bulkscore=0 suspectscore=0 clxscore=1015 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2209130000 definitions=main-2210190080 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20221019_071442_761653_DE422FB9 X-CRM114-Status: GOOD ( 18.62 ) X-Spam-Score: -0.9 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Add support for element defragmentation of different types of Multi-Link elements. Signed-off-by: Veerendranath Jakkam --- src/common/ieee802_11_common.c | 46 ++++++++++++++++++++++++++++++++-- src/common/ieee802_11_common.h | 11 ++++---- 2 files changed, [...] Content analysis details: (-0.9 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/, low trust [205.220.168.131 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Add support for element defragmentation of different types of Multi-Link elements. Signed-off-by: Veerendranath Jakkam --- src/common/ieee802_11_common.c | 46 ++++++++++++++++++++++++++++++++-- src/common/ieee802_11_common.h | 11 ++++---- 2 files changed, 50 insertions(+), 7 deletions(-) diff --git a/src/common/ieee802_11_common.c b/src/common/ieee802_11_common.c index 76dba9d7c..9f29ec303 100644 --- a/src/common/ieee802_11_common.c +++ b/src/common/ieee802_11_common.c @@ -199,7 +199,7 @@ static int ieee802_11_parse_vendor_specific(const u8 *pos, size_t elen, } -static int ieee802_11_parse_mle(const u8 *pos, size_t elen, +static int ieee802_11_parse_mle(const u8 *pos, size_t elen, size_t **total_len, struct ieee802_11_elems *elems, int show_errors) { @@ -209,22 +209,27 @@ static int ieee802_11_parse_mle(const u8 *pos, size_t elen, case MULTI_LINK_CONTROL_TYPE_BASIC: elems->basic_mle = pos; elems->basic_mle_len = elen; + *total_len = &elems->basic_mle_len; break; case MULTI_LINK_CONTROL_TYPE_PROBE_REQ: elems->probe_req_mle = pos; elems->probe_req_mle_len = elen; + *total_len = &elems->probe_req_mle_len; break; case MULTI_LINK_CONTROL_TYPE_RECONF: elems->reconf_mle = pos; elems->reconf_mle_len = elen; + *total_len = &elems->reconf_mle_len; break; case MULTI_LINK_CONTROL_TYPE_TDLS: elems->tdls_mle = pos; elems->tdls_mle_len = elen; + *total_len = &elems->tdls_mle_len; break; case MULTI_LINK_CONTROL_TYPE_PRIOR_ACCESS: elems->prior_access_mle = pos; elems->prior_access_mle_len = elen; + *total_len = &elems->prior_access_mle_len; break; default: if (show_errors) { @@ -378,7 +383,8 @@ static int ieee802_11_parse_extension(const u8 *pos, size_t elen, case WLAN_EID_EXT_MULTI_LINK: if (elen < 2) break; - if (ieee802_11_parse_mle(pos, elen, elems, show_errors)) + if (ieee802_11_parse_mle(pos, elen, &total_len, elems, + show_errors)) return -1; break; default: @@ -2842,3 +2848,39 @@ const u8 * get_basic_mle_mld_addr(const u8 *buf, size_t len) return &buf[mld_addr_pos]; } + + +struct wpabuf * ieee802_11_defrag_mle(struct ieee802_11_elems *elems, u8 type) +{ + const u8 *data; + size_t len; + + switch (type) { + case MULTI_LINK_CONTROL_TYPE_BASIC: + data = elems->basic_mle; + len = elems->basic_mle_len; + break; + case MULTI_LINK_CONTROL_TYPE_PROBE_REQ: + data = elems->probe_req_mle; + len = elems->probe_req_mle_len; + break; + case MULTI_LINK_CONTROL_TYPE_RECONF: + data = elems->reconf_mle; + len = elems->reconf_mle_len; + break; + case MULTI_LINK_CONTROL_TYPE_TDLS: + data = elems->tdls_mle; + len = elems->tdls_mle_len; + break; + case MULTI_LINK_CONTROL_TYPE_PRIOR_ACCESS: + data = elems->prior_access_mle; + len = elems->prior_access_mle_len; + break; + default: + wpa_printf(MSG_DEBUG, + "Defragmentation not supported. mle_type=%d", type); + return NULL; + } + + return ieee802_11_defrag_data(data, len, true); +} diff --git a/src/common/ieee802_11_common.h b/src/common/ieee802_11_common.h index 294e6265c..9efcf1908 100644 --- a/src/common/ieee802_11_common.h +++ b/src/common/ieee802_11_common.h @@ -164,11 +164,11 @@ struct ieee802_11_elems { u8 pasn_params_len; u8 eht_capabilities_len; u8 eht_operation_len; - u8 basic_mle_len; - u8 probe_req_mle_len; - u8 reconf_mle_len; - u8 tdls_mle_len; - u8 prior_access_mle_len; + size_t basic_mle_len; + size_t probe_req_mle_len; + size_t reconf_mle_len; + size_t tdls_mle_len; + size_t prior_access_mle_len; struct mb_ies_info mb_ies; /* @@ -340,6 +340,7 @@ struct wpabuf * ieee802_11_defrag_data(const u8 *data, size_t len, bool ext_elem); struct wpabuf * ieee802_11_defrag(struct ieee802_11_elems *elems, u8 eid, u8 eid_ext); +struct wpabuf * ieee802_11_defrag_mle(struct ieee802_11_elems *elems, u8 type); const u8 * get_ml_ie(const u8 *ies, size_t len, u8 type); const u8 * get_basic_mle_mld_addr(const u8 *buf, size_t len); From patchwork Wed Oct 19 14:13:54 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Veerendranath Jakkam X-Patchwork-Id: 1691992 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=RfSHVf28; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=quicinc.com header.i=@quicinc.com header.a=rsa-sha256 header.s=qcppdkim1 header.b=HS6QrYwH; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4MstC76nt2z23jk for ; Thu, 20 Oct 2022 01:19:15 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:CC:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=qxKRdGeJLXHGB3KC1EjXSTPJbEmCrFRPDmaZpBxCN0g=; b=RfSHVf28NL3H9b orkALjPy6xfRtiqG6AHJWBvCTJRyZPlSi/3TEbIBOe9KCzTNLHQXTgcsPgN+fAZ3ZWaOEzPZOkKHR lmdMMbtxpgGAWYDGPMUTFOpgGiTZNbE8MbhzYQsSVjo9YBI16GelqN3ApZUXPAZ8hvD/GKSYmEHII 7owgEWe95u3t8l0bE53AbzNdGt21tNkg1FrvoXajnTO8cDA0TCmYUNWYEuz3ReTvLLsrOaSmlwtAv vcmvEAp6Ve2XOCDjXjMuVwWdmg1aUOnq0cumX1jJwHgtgqOnHhrhhuq/Cgu2uv7jKonQSixWUdNx2 5nb+Han2toohqb28Wmow==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1ol9ti-002iKy-3Y; Wed, 19 Oct 2022 14:18:18 +0000 Received: from mx0b-0031df01.pphosted.com ([205.220.180.131]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1ol9qL-002dwn-Lz for hostap@lists.infradead.org; Wed, 19 Oct 2022 14:14:51 +0000 Received: from pps.filterd (m0279870.ppops.net [127.0.0.1]) by mx0a-0031df01.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 29JCsh0i009854 for ; Wed, 19 Oct 2022 14:14:44 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quicinc.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=qcppdkim1; bh=rzr454nYAuL7fBAkj7UycdiOsQn+PsNYLMY1FoSTQHw=; b=HS6QrYwHt7dpJKhkxu/a1wF2/VawIqVwCNiIJtTPjxv6iNmsricDaGlekqvA8R9JP0I2 T3E5fnC4rA6FTlt7HbqCdG5Cybh3PTBe5BT/PMEG3eczQPxf7Yi9e1/FVy85FiYksxqF tchgQAY6h6ytOdgNqxG/O/YS6C0uscFVE93Sl0NMMXQ698uwXFDTx0e6oizXlGhNYkU5 NoErge4/YEGeG0zORAk53J/Dm36+RVz4htlDmG6MSkdeCcyyDpOX+Exnkwz6OCvNnYZN nagBxGdxyOwrF5E3E1jYm6X8oJ5B/fAsP6tKbTJ91eGrm7zshwsmavvcJR03D3Urk1fX WQ== Received: from nalasppmta04.qualcomm.com (Global_NAT1.qualcomm.com [129.46.96.20]) by mx0a-0031df01.pphosted.com (PPS) with ESMTPS id 3k9qwp3upj-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 19 Oct 2022 14:14:44 +0000 Received: from nalasex01a.na.qualcomm.com (nalasex01a.na.qualcomm.com [10.47.209.196]) by NALASPPMTA04.qualcomm.com (8.17.1.5/8.17.1.5) with ESMTPS id 29JEEhlP026745 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 19 Oct 2022 14:14:43 GMT Received: from cnss-mw-linux.qualcomm.com (10.80.80.8) by nalasex01a.na.qualcomm.com (10.47.209.196) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.29; Wed, 19 Oct 2022 07:14:42 -0700 From: Veerendranath Jakkam To: CC: Subject: [PATCH v3 06/21] EHT: Add definitions for STA Control fields of Basic Multi-Link element Date: Wed, 19 Oct 2022 19:43:54 +0530 Message-ID: <20221019141409.535582-7-quic_vjakkam@quicinc.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20221019141409.535582-1-quic_vjakkam@quicinc.com> References: <20221019141409.535582-1-quic_vjakkam@quicinc.com> MIME-Version: 1.0 X-Originating-IP: [10.80.80.8] X-ClientProxiedBy: nasanex01b.na.qualcomm.com (10.46.141.250) To nalasex01a.na.qualcomm.com (10.47.209.196) X-QCInternal: smtphost X-Proofpoint-Virus-Version: vendor=nai engine=6200 definitions=5800 signatures=585085 X-Proofpoint-GUID: 4JG776OZDeFRWZE0GNtszL0CLCfNPspq X-Proofpoint-ORIG-GUID: 4JG776OZDeFRWZE0GNtszL0CLCfNPspq X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.545,FMLib:17.11.122.1 definitions=2022-10-19_08,2022-10-19_03,2022-06-22_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 clxscore=1015 impostorscore=0 phishscore=0 bulkscore=0 mlxlogscore=999 malwarescore=0 adultscore=0 priorityscore=1501 mlxscore=0 suspectscore=0 spamscore=0 lowpriorityscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2209130000 definitions=main-2210190080 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20221019_071449_855277_95234A1E X-CRM114-Status: GOOD ( 17.98 ) X-Spam-Score: -0.9 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Define subelement IDs and Per-STA Profile STA control fields of Basic Multi-Link element as described in IEEE P802.11be/D2.2. Also add define for Multi-Link Control field length. Signed-off-by: Veerendranath Jakkam --- src/common/ieee802_11_defs.h | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) Content analysis details: (-0.9 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/, low trust [205.220.180.131 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Define subelement IDs and Per-STA Profile STA control fields of Basic Multi-Link element as described in IEEE P802.11be/D2.2. Also add define for Multi-Link Control field length. Signed-off-by: Veerendranath Jakkam --- src/common/ieee802_11_defs.h | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/src/common/ieee802_11_defs.h b/src/common/ieee802_11_defs.h index 0317f9d84..0d5fb5692 100644 --- a/src/common/ieee802_11_defs.h +++ b/src/common/ieee802_11_defs.h @@ -2519,6 +2519,7 @@ struct ieee80211_eht_capabilities { /* Figure 9-1002f: Multi-Link Control field */ #define MULTI_LINK_CONTROL_TYPE_MASK 0x07 +#define MULTI_LINK_CONTROL_LEN 2 /* Table 9-401c: Mult-Link element Type subfield encoding */ #define MULTI_LINK_CONTROL_TYPE_BASIC 0 @@ -2527,6 +2528,16 @@ struct ieee80211_eht_capabilities { #define MULTI_LINK_CONTROL_TYPE_TDLS 3 #define MULTI_LINK_CONTROL_TYPE_PRIOR_ACCESS 4 +/* + * Table 9-401d: Optional subelement IDs for Link Info field of the Multi-Link + * element + */ +#define MULTI_LINK_SUB_ELEM_ID_PER_STA_PROFILE 0 +#define MULTI_LINK_SUB_ELEM_ID_VENDOR 221 +#define MULTI_LINK_SUB_ELEM_ID_FRAGMENT 254 + +/* IEEE P802.11be/D2.1, 9.4.2.312.2 - Basic Multi-Link element */ + /* Figure 9-1002g: Presence Bitmap subfield of the Basic Multi-Link element */ #define BASIC_MULTI_LINK_CTRL0_PRES_LINK_ID 0x10 #define BASIC_MULTI_LINK_CTRL0_PRES_BSS_PARAM_CH_COUNT 0x20 @@ -2536,6 +2547,23 @@ struct ieee80211_eht_capabilities { #define BASIC_MULTI_LINK_CTRL1_PRES_MLD_CAPA 0x01 #define BASIC_MULTI_LINK_CTRL1_PRES_AP_MLD_ID 0x02 +/* + * STA control field definitions of Per-STA Profile subelement in Basic + * Multi-Link element as described in Figure 9-1002n: STA Control field format. + */ +#define BASIC_MLE_STA_CTRL0_LINK_ID_SHIFT 0 +#define BASIC_MLE_STA_CTRL0_LINK_ID_MASK 0x0F +#define BASIC_MLE_STA_CTRL0_COMPLETE_PROFILE 0x10 +#define BASIC_MLE_STA_CTRL0_PRES_STA_MAC 0x20 +#define BASIC_MLE_STA_CTRL0_PRES_BEACON_INT 0x40 +#define BASIC_MLE_STA_CTRL0_PRES_TSF_OFFSET 0x80 +#define BASIC_MLE_STA_CTRL1_PRES_DTIM_INFO 0x01 +#define BASIC_MLE_STA_CTRL1_PRES_NSTR_LINK_PAIR 0x02 +#define BASIC_MLE_STA_CTRL1_PRES_NSTR_BITMAP 0x04 +#define BASIC_MLE_STA_CTRL1_PRES_BSS_PARAM_COUNT 0x08 + +#define BASIC_MLE_STA_PROF_STA_MAC_IDX 3 + /* IEEE P802.11ay/D4.0, 9.4.2.251 - EDMG Operation element */ #define EDMG_BSS_OPERATING_CHANNELS_OFFSET 6 #define EDMG_OPERATING_CHANNEL_WIDTH_OFFSET 7 From patchwork Wed Oct 19 14:13:55 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Veerendranath Jakkam X-Patchwork-Id: 1691985 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=xG78z2lh; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=quicinc.com header.i=@quicinc.com header.a=rsa-sha256 header.s=qcppdkim1 header.b=i6UoMnDF; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4Mst8d6XBSz23jk for ; Thu, 20 Oct 2022 01:17:05 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:CC:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=sBhLiuQT2/khDiN7l3Jntskuxqh4Mik+dKcUPCBydLk=; b=xG78z2lh+Y5b17 KxWMr96ufblUip+kVfP4jOIhLjXpv8s5ohyk6TzLIPDWgTpR5FlAXWCLBl48ci2Ag7ubN9EyZspCP Om86sh8k+A3UK6TJ66rdGmG0UW/Tjp7Qz/YMysDUN9admlrvC5vQWzTbkFJHbOAPuc3miYmnoORFX h12sZgr7HOeAvGrM/N66XWpANNGN7fQ4AmtF02aw7f1vRUTNHRWyRffJ/u1H4vDbKdhJWQZvmGfKp dqV9F4creEZf4P1nkqgx2VqwEah+WntGIRNox44So2Rh+nuCf1j0m0cuW/DaQbwJ1XB/WaRijz521 djcD9yAUDtLYbvItgCFA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1ol9rq-002gbQ-RP; Wed, 19 Oct 2022 14:16:23 +0000 Received: from mx0a-0031df01.pphosted.com ([205.220.168.131]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1ol9qI-002dzX-1f for hostap@lists.infradead.org; Wed, 19 Oct 2022 14:14:47 +0000 Received: from pps.filterd (m0279863.ppops.net [127.0.0.1]) by mx0a-0031df01.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 29J8jGtX019176 for ; Wed, 19 Oct 2022 14:14:45 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quicinc.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=qcppdkim1; bh=tSpsFPhaYl81ej34vmwUOk83UtQGeU9nZ/0PPQTOph8=; b=i6UoMnDFBFHlguy9rGxUtng+PLpsOgJkc9pUIO1akWdo2qImNqzf+SORSGr273v5EEWO q8hBJGRORdeC+192WbEvS81X/GumSkVOBg+FWOnoIv6KQHjt8vtk3IgIprzREBUeMkOZ jngpaUc3Jhtjkx/EQ9Lx9Dgl32Rhp+CYlnDXWEwJCevKQQ1Sw73r1fQtKbeHSkIEUycA MT7MUa2NdzX7RKe2xdtNfsZ+Y1Svc/YAHSHHiecY0aNTOuOMSy5z2AxVunH3LuJAUVpv OjYtPyQsCJBY5z1KseWs5JgrzlglSUZX0OWInwwfgK8q0iIjipQpRVNGPzad/YJdmsAo ew== Received: from nalasppmta02.qualcomm.com (Global_NAT1.qualcomm.com [129.46.96.20]) by mx0a-0031df01.pphosted.com (PPS) with ESMTPS id 3k9n2p5pkx-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 19 Oct 2022 14:14:45 +0000 Received: from nalasex01a.na.qualcomm.com (nalasex01a.na.qualcomm.com [10.47.209.196]) by NALASPPMTA02.qualcomm.com (8.17.1.5/8.17.1.5) with ESMTPS id 29JEEjZj010295 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 19 Oct 2022 14:14:45 GMT Received: from cnss-mw-linux.qualcomm.com (10.80.80.8) by nalasex01a.na.qualcomm.com (10.47.209.196) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.29; Wed, 19 Oct 2022 07:14:43 -0700 From: Veerendranath Jakkam To: CC: Subject: [PATCH v3 07/21] wpa_debug: Add utility functions for printing MLO link ID in hexdump Date: Wed, 19 Oct 2022 19:43:55 +0530 Message-ID: <20221019141409.535582-8-quic_vjakkam@quicinc.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20221019141409.535582-1-quic_vjakkam@quicinc.com> References: <20221019141409.535582-1-quic_vjakkam@quicinc.com> MIME-Version: 1.0 X-Originating-IP: [10.80.80.8] X-ClientProxiedBy: nasanex01b.na.qualcomm.com (10.46.141.250) To nalasex01a.na.qualcomm.com (10.47.209.196) X-QCInternal: smtphost X-Proofpoint-Virus-Version: vendor=nai engine=6200 definitions=5800 signatures=585085 X-Proofpoint-ORIG-GUID: 9ZlgO0lBFPD3zujCO3uDkwEXT0aYjy3m X-Proofpoint-GUID: 9ZlgO0lBFPD3zujCO3uDkwEXT0aYjy3m X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.545,FMLib:17.11.122.1 definitions=2022-10-19_08,2022-10-19_03,2022-06-22_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 impostorscore=0 clxscore=1015 mlxscore=0 lowpriorityscore=0 suspectscore=0 bulkscore=0 malwarescore=0 priorityscore=1501 phishscore=0 mlxlogscore=999 adultscore=0 spamscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2209130000 definitions=main-2210190080 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20221019_071446_125034_97BA0580 X-CRM114-Status: GOOD ( 20.87 ) X-Spam-Score: -0.9 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Add support to print MLO link ID in hexdump debug prints. Signed-off-by: Veerendranath Jakkam --- src/utils/wpa_debug.c | 56 ++++++++++++++++++++++++++++++ src/utils/wpa_debug.h | 6 +++++ 2 files changed, 46 insertions [...] Content analysis details: (-0.9 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/, low trust [205.220.168.131 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Add support to print MLO link ID in hexdump debug prints. Signed-off-by: Veerendranath Jakkam --- src/utils/wpa_debug.c | 56 ++++++++++++++++++++++++++++++------------- src/utils/wpa_debug.h | 6 +++++ 2 files changed, 46 insertions(+), 16 deletions(-) diff --git a/src/utils/wpa_debug.c b/src/utils/wpa_debug.c index a338a2039..5d255cfed 100644 --- a/src/utils/wpa_debug.c +++ b/src/utils/wpa_debug.c @@ -255,16 +255,25 @@ void wpa_printf(int level, const char *fmt, ...) } -static void _wpa_hexdump(int level, const char *title, const u8 *buf, - size_t len, int show, int only_syslog) +static void _wpa_hexdump(int level, int link_id, const char *title, + const u8 *buf, size_t len, int show, int only_syslog) { size_t i; + char link_id_str[20]; + + link_id_str[0] = '\0'; + if (link_id >= 0 && link_id < 15) { + int ret = os_snprintf(link_id_str, sizeof(link_id_str), + " link_id=%d", link_id); + if (os_snprintf_error(sizeof(link_id_str), ret)) + link_id_str[0] = '\0'; + } #ifdef CONFIG_DEBUG_LINUX_TRACING if (wpa_debug_tracing_file != NULL) { fprintf(wpa_debug_tracing_file, - WPAS_TRACE_PFX "%s - hexdump(len=%lu):", - level, title, (unsigned long) len); + WPAS_TRACE_PFX "%s - hexdump(len=%lu%s):", + level, title, (unsigned long) len, link_id_str); if (buf == NULL) { fprintf(wpa_debug_tracing_file, " [NULL]\n"); } else if (!show) { @@ -311,9 +320,9 @@ static void _wpa_hexdump(int level, const char *title, const u8 *buf, __android_log_print(wpa_to_android_level(level), ANDROID_LOG_NAME, - "%s - hexdump(len=%lu):%s%s", - title, (long unsigned int) len, display, - len > slen ? " ..." : ""); + "%s - hexdump(len=%lu%s):%s%s", + title, (long unsigned int) len, link_id_str, + display, len > slen ? " ..." : ""); bin_clear_free(strbuf, 1 + 3 * slen); return; } @@ -344,8 +353,8 @@ static void _wpa_hexdump(int level, const char *title, const u8 *buf, display = " [REMOVED]"; } - syslog(syslog_priority(level), "%s - hexdump(len=%lu):%s", - title, (unsigned long) len, display); + syslog(syslog_priority(level), "%s - hexdump(len=%lu%s):%s", + title, (unsigned long) len, link_id_str, display); bin_clear_free(strbuf, 1 + 3 * len); if (only_syslog) return; @@ -354,8 +363,8 @@ static void _wpa_hexdump(int level, const char *title, const u8 *buf, wpa_debug_print_timestamp(); #ifdef CONFIG_DEBUG_FILE if (out_file) { - fprintf(out_file, "%s - hexdump(len=%lu):", - title, (unsigned long) len); + fprintf(out_file, "%s - hexdump(len=%lu%s):", + title, (unsigned long) len, link_id_str); if (buf == NULL) { fprintf(out_file, " [NULL]"); } else if (show) { @@ -368,7 +377,8 @@ static void _wpa_hexdump(int level, const char *title, const u8 *buf, } #endif /* CONFIG_DEBUG_FILE */ if (!wpa_debug_syslog && !out_file) { - printf("%s - hexdump(len=%lu):", title, (unsigned long) len); + printf("%s - hexdump(len=%lu%s):", title, (unsigned long) len, + link_id_str); if (buf == NULL) { printf(" [NULL]"); } else if (show) { @@ -384,13 +394,27 @@ static void _wpa_hexdump(int level, const char *title, const u8 *buf, void wpa_hexdump(int level, const char *title, const void *buf, size_t len) { - _wpa_hexdump(level, title, buf, len, 1, 0); + _wpa_hexdump(level, -1, title, buf, len, 1, 0); } void wpa_hexdump_key(int level, const char *title, const void *buf, size_t len) { - _wpa_hexdump(level, title, buf, len, wpa_debug_show_keys, 0); + _wpa_hexdump(level, -1, title, buf, len, wpa_debug_show_keys, 0); +} + + +void wpa_hexdump_link(int level, u8 link_id, const char *title, const void *buf, + size_t len) +{ + _wpa_hexdump(level, link_id, title, buf, len, 1, 0); +} + + +void wpa_hexdump_link_key(int level, u8 link_id, const char *title, + const void *buf, size_t len) +{ + _wpa_hexdump(level, link_id, title, buf, len, wpa_debug_show_keys, 0); } @@ -423,11 +447,11 @@ static void _wpa_hexdump_ascii(int level, const char *title, const void *buf, if (level < wpa_debug_level) return; #ifdef CONFIG_ANDROID_LOG - _wpa_hexdump(level, title, buf, len, show, 0); + _wpa_hexdump(level, -1, title, buf, len, show, 0); #else /* CONFIG_ANDROID_LOG */ #ifdef CONFIG_DEBUG_SYSLOG if (wpa_debug_syslog) - _wpa_hexdump(level, title, buf, len, show, 1); + _wpa_hexdump(level, -1, title, buf, len, show, 1); #endif /* CONFIG_DEBUG_SYSLOG */ wpa_debug_print_timestamp(); #ifdef CONFIG_DEBUG_FILE diff --git a/src/utils/wpa_debug.h b/src/utils/wpa_debug.h index c6d5cc647..9f3f6443e 100644 --- a/src/utils/wpa_debug.h +++ b/src/utils/wpa_debug.h @@ -37,6 +37,8 @@ enum { #define wpa_debug_close_file() do { } while (0) #define wpa_debug_setup_stdout() do { } while (0) #define wpa_dbg(args...) do { } while (0) +#define wpa_hexdump_link(l,li,t,b,le) do { } while (0) +#define wpa_hexdump_link_key(l,li,t,b,le) do { } while (0) static inline int wpa_debug_reopen_file(void) { @@ -85,6 +87,8 @@ PRINTF_FORMAT(2, 3); * configuration. The contents of buf is printed out has hex dump. */ void wpa_hexdump(int level, const char *title, const void *buf, size_t len); +void wpa_hexdump_link(int level, u8 link_id, const char *title, const void *buf, + size_t len); static inline void wpa_hexdump_buf(int level, const char *title, const struct wpabuf *buf) @@ -107,6 +111,8 @@ static inline void wpa_hexdump_buf(int level, const char *title, * etc.) in debug output. */ void wpa_hexdump_key(int level, const char *title, const void *buf, size_t len); +void wpa_hexdump_link_key(int level, u8 link_id, const char *title, + const void *buf, size_t len); static inline void wpa_hexdump_buf_key(int level, const char *title, const struct wpabuf *buf) From patchwork Wed Oct 19 14:13:56 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Veerendranath Jakkam X-Patchwork-Id: 1691986 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=Mr1WmGWG; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=quicinc.com header.i=@quicinc.com header.a=rsa-sha256 header.s=qcppdkim1 header.b=Cq90NIr+; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4Mst9Q1MgRz23jk for ; Thu, 20 Oct 2022 01:17:46 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:CC:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=3fECUV1wdBb513M8mLCztZvWAKhAsrcYFfxyIb3U+A0=; b=Mr1WmGWGKtM/F5 n02Qunk8+RgP4qvmLI0uftkA2y/SACiJtvlnlL0G3Um3LttMElFBR4QeP9ytEIrkGF0TF53crdCX2 4mhimgbBlBbk1DRug9uTsGDCEXLpglTp7fI1ZlbmLR1aA292ybS35GWDMMM6p7ypU8mRzIU2zydbt rMil3iYR8o4E3B7L6DpoOVKAsV278zOBmqowQ9GSFXv92rFTeLU+Ekmg05wXE/8TsDdxiLrb9Z063 98oSN58v87CHfbaKq8h3/Kk3unRNziuXtHix6K464Gzy7gGglmtWZRIa90bYPn4lmTRlQhVAklPtL uSmHbDArWhLk19sKJ0pA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1ol9sF-002h3n-6M; Wed, 19 Oct 2022 14:16:47 +0000 Received: from mx0a-0031df01.pphosted.com ([205.220.168.131]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1ol9qJ-002e4A-Qc for hostap@lists.infradead.org; Wed, 19 Oct 2022 14:14:50 +0000 Received: from pps.filterd (m0279863.ppops.net [127.0.0.1]) by mx0a-0031df01.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 29JBxZvX001697 for ; Wed, 19 Oct 2022 14:14:47 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quicinc.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=qcppdkim1; bh=PVDpwjEvgP6r39qWREA2xYEWEhVDwI67XpT+oYJQStw=; b=Cq90NIr+baH9fOyc0MiT83oY4eqMlksnhfRX6MCZvijgfnueFvb3IB6dmpxCBuBBWN/K nvnK2gUIZRzwjpT2pHDUFO2+gLM4FkPHEzcgVW9iAluC1lsxkQtroyRH7axyNutgyVyX Iwy7lPxK+7eAiy6lTCqifCn57fdQ0mPdcsX2aaYZ0HayH670txm3Pl0hDaD7FWslOtf8 jV7fLWhasAHXXN/jPX3W9IU7aP26o9K5TGqa06vxrRyU6jSoEqQhrsXeNuXmkgTZvwqE 1A+fmgLlr4lT9af42AhMx29VrlZoa932L2k9vvi9lVZn4b3qELcm/4PCInXAM5CyVgXE MA== Received: from nalasppmta04.qualcomm.com (Global_NAT1.qualcomm.com [129.46.96.20]) by mx0a-0031df01.pphosted.com (PPS) with ESMTPS id 3k9n2p5pm1-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 19 Oct 2022 14:14:47 +0000 Received: from nalasex01a.na.qualcomm.com (nalasex01a.na.qualcomm.com [10.47.209.196]) by NALASPPMTA04.qualcomm.com (8.17.1.5/8.17.1.5) with ESMTPS id 29JEEk0a026756 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 19 Oct 2022 14:14:46 GMT Received: from cnss-mw-linux.qualcomm.com (10.80.80.8) by nalasex01a.na.qualcomm.com (10.47.209.196) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.29; Wed, 19 Oct 2022 07:14:45 -0700 From: Veerendranath Jakkam To: CC: Subject: [PATCH v3 08/21] MLD STA: set MLO connection info to wpa_sm Date: Wed, 19 Oct 2022 19:43:56 +0530 Message-ID: <20221019141409.535582-9-quic_vjakkam@quicinc.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20221019141409.535582-1-quic_vjakkam@quicinc.com> References: <20221019141409.535582-1-quic_vjakkam@quicinc.com> MIME-Version: 1.0 X-Originating-IP: [10.80.80.8] X-ClientProxiedBy: nasanex01b.na.qualcomm.com (10.46.141.250) To nalasex01a.na.qualcomm.com (10.47.209.196) X-QCInternal: smtphost X-Proofpoint-Virus-Version: vendor=nai engine=6200 definitions=5800 signatures=585085 X-Proofpoint-ORIG-GUID: upOnipCx2uXT9gYRx3qeJJ3a4g0gHGZs X-Proofpoint-GUID: upOnipCx2uXT9gYRx3qeJJ3a4g0gHGZs X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.545,FMLib:17.11.122.1 definitions=2022-10-19_08,2022-10-19_03,2022-06-22_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 impostorscore=0 clxscore=1015 mlxscore=0 lowpriorityscore=0 suspectscore=0 bulkscore=0 malwarescore=0 priorityscore=1501 phishscore=0 mlxlogscore=999 adultscore=0 spamscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2209130000 definitions=main-2210190080 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20221019_071447_893621_54F8BAA8 X-CRM114-Status: GOOD ( 31.41 ) X-Spam-Score: -0.9 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Update below MLO Link info of the current connection to wpa_sm: - AP MLD address and link ID of the (re)association link. - For each requested link - own link address - AP's link bssid, RSNE, RSNXE Get the requested MLO links info from driver if available. Otherwise, parse Multi-Link element in Association request and response IEs and determine the required MLO connection information. Content analysis details: (-0.9 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/, low trust [205.220.168.131 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Update below MLO Link info of the current connection to wpa_sm: - AP MLD address and link ID of the (re)association link. - For each requested link - own link address - AP's link bssid, RSNE, RSNXE Get the requested MLO links info from driver if available. Otherwise, parse Multi-Link element in Association request and response IEs and determine the required MLO connection information. Signed-off-by: Veerendranath Jakkam --- src/drivers/driver.h | 3 +- src/drivers/driver_nl80211_event.c | 1 + src/rsn_supp/wpa.c | 74 ++++++++++ src/rsn_supp/wpa.h | 8 ++ src/rsn_supp/wpa_i.h | 16 +++ wpa_supplicant/events.c | 209 +++++++++++++++++++++++++++++ wpa_supplicant/wpa_supplicant.c | 4 + 7 files changed, 314 insertions(+), 1 deletion(-) diff --git a/src/drivers/driver.h b/src/drivers/driver.h index 9132409c1..82fec2174 100644 --- a/src/drivers/driver.h +++ b/src/drivers/driver.h @@ -2741,7 +2741,8 @@ struct weighted_pcl { }; struct driver_sta_mlo_info { - u16 valid_links; /* bitmap of valid link IDs */ + u16 req_links; /* bitmap of requested link IDs */ + u16 valid_links; /* bitmap of accepted link IDs */ u8 assoc_link_id; u8 ap_mld_addr[ETH_ALEN]; struct { diff --git a/src/drivers/driver_nl80211_event.c b/src/drivers/driver_nl80211_event.c index 929bb1888..289a9c734 100644 --- a/src/drivers/driver_nl80211_event.c +++ b/src/drivers/driver_nl80211_event.c @@ -483,6 +483,7 @@ static void nl80211_parse_mlo_link_info(struct driver_sta_mlo_info *mlo, continue; if (tb[NL80211_ATTR_STATUS_CODE]) { + mlo->req_links |= BIT(link_id); if (nla_get_u16(tb[NL80211_ATTR_STATUS_CODE]) == WLAN_STATUS_SUCCESS) mlo->valid_links |= BIT(link_id); diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c index 5f305b897..26e426b98 100644 --- a/src/rsn_supp/wpa.c +++ b/src/rsn_supp/wpa.c @@ -3006,6 +3006,8 @@ struct wpa_sm * wpa_sm_init(struct wpa_sm_ctx *ctx) */ void wpa_sm_deinit(struct wpa_sm *sm) { + int i; + if (sm == NULL) return; pmksa_cache_deinit(sm->pmksa); @@ -3016,6 +3018,10 @@ void wpa_sm_deinit(struct wpa_sm *sm) os_free(sm->ap_wpa_ie); os_free(sm->ap_rsn_ie); os_free(sm->ap_rsnxe); + for (i = 0; i < MAX_NUM_MLD_LINKS; i++) { + os_free(sm->mlo.links[i].ap_rsne); + os_free(sm->mlo.links[i].ap_rsnxe); + } wpa_sm_drop_sa(sm); os_free(sm->ctx); #ifdef CONFIG_IEEE80211R @@ -3303,6 +3309,74 @@ void wpa_sm_set_config(struct wpa_sm *sm, struct rsn_supp_config *config) } } +int wpa_sm_set_mlo_params(struct wpa_sm *sm, const struct wpa_sm_mlo *mlo) +{ + int i; + + if (!sm) + return -1; + + os_memcpy(sm->mlo.ap_mld_addr, mlo->ap_mld_addr, ETH_ALEN); + sm->mlo.assoc_link_id = mlo->assoc_link_id; + sm->mlo.valid_links = mlo->valid_links; + sm->mlo.req_links = mlo->req_links; + for (i = 0; i < MAX_NUM_MLD_LINKS; i++) { + const u8 *ie; + size_t len; + + if (sm->mlo.req_links & BIT(i)) { + if (mlo->links[i].ap_rsne == NULL || + mlo->links[i].ap_rsne_len == 0) { + wpa_dbg(sm->ctx->msg_ctx, MSG_ERROR, + "RSN: No RSN IE for AP MLO link %d with bssid " MACSTR, + i, MAC2STR(mlo->links[i].bssid)); + return -1; + + } + os_memcpy(sm->mlo.links[i].addr, mlo->links[i].addr, + ETH_ALEN); + os_memcpy(sm->mlo.links[i].bssid, mlo->links[i].bssid, + ETH_ALEN); + } + + ie = mlo->links[i].ap_rsne; + len = mlo->links[i].ap_rsne_len; + os_free(sm->mlo.links[i].ap_rsne); + if (ie == NULL || len == 0) { + wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, + "RSN: clearing MLO link[%u] AP RSNE", i); + sm->mlo.links[i].ap_rsne = NULL; + sm->mlo.links[i].ap_rsne_len = 0; + } else { + wpa_hexdump_link(MSG_DEBUG, i, "RSN: set AP RSNE", ie, + len); + sm->mlo.links[i].ap_rsne = os_memdup(ie, len); + if (!sm->mlo.links[i].ap_rsne) + return -1; + sm->mlo.links[i].ap_rsne_len = len; + } + + ie = mlo->links[i].ap_rsnxe; + len = mlo->links[i].ap_rsnxe_len; + os_free(sm->mlo.links[i].ap_rsnxe); + if (ie == NULL || len == 0) { + wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, + "RSN: clearing MLO link[%u] AP RSNXE", i); + sm->mlo.links[i].ap_rsnxe = NULL; + sm->mlo.links[i].ap_rsnxe_len = 0; + } else { + wpa_hexdump_link(MSG_DEBUG, i, "RSN: set AP RSNXE", ie, + len); + sm->mlo.links[i].ap_rsnxe = os_memdup(ie, len); + if (!sm->mlo.links[i].ap_rsnxe) + return -1; + sm->mlo.links[i].ap_rsnxe_len = len; + } + } + + return 0; +} + /** * wpa_sm_set_own_addr - Set own MAC address diff --git a/src/rsn_supp/wpa.h b/src/rsn_supp/wpa.h index 8449db761..216573131 100644 --- a/src/rsn_supp/wpa.h +++ b/src/rsn_supp/wpa.h @@ -20,6 +20,7 @@ struct wpa_config_blob; struct hostapd_freq_params; struct wpa_channel_info; enum frame_encryption; +struct wpa_sm_mlo; struct wpa_sm_ctx { void *ctx; /* pointer to arbitrary upper level context */ @@ -224,6 +225,7 @@ void wpa_sm_set_ptk_kck_kek(struct wpa_sm *sm, const u8 *ptk_kek, size_t ptk_kek_len); int wpa_fils_is_completed(struct wpa_sm *sm); void wpa_sm_pmksa_cache_reconfig(struct wpa_sm *sm); +int wpa_sm_set_mlo_params(struct wpa_sm *sm, const struct wpa_sm_mlo *mlo); #else /* CONFIG_NO_WPA */ @@ -438,6 +440,12 @@ static inline void wpa_sm_pmksa_cache_reconfig(struct wpa_sm *sm) { } +static inline int wpa_sm_set_mlo_params(struct wpa_sm *sm, + const struct wpa_sm_mlo *mlo) +{ + return 0; +} + #endif /* CONFIG_NO_WPA */ #ifdef CONFIG_IEEE80211R diff --git a/src/rsn_supp/wpa_i.h b/src/rsn_supp/wpa_i.h index 3811c3bc4..3c78cc1b0 100644 --- a/src/rsn_supp/wpa_i.h +++ b/src/rsn_supp/wpa_i.h @@ -19,6 +19,21 @@ struct pasn_ft_r1kh { u8 r1kh_id[FT_R1KH_ID_LEN]; }; +struct wpa_sm_link { + u8 addr[ETH_ALEN]; + u8 bssid[ETH_ALEN]; + u8 *ap_rsne, *ap_rsnxe; + size_t ap_rsne_len, ap_rsnxe_len; +} links[MAX_NUM_MLD_LINKS]; + +struct wpa_sm_mlo { + u8 ap_mld_addr[ETH_ALEN]; + u8 assoc_link_id; + u16 valid_links; /* bitmap of accepted links */ + u16 req_links; /* bitmap of requested links */ + struct wpa_sm_link links[MAX_NUM_MLD_LINKS]; +}; + /** * struct wpa_sm - Internal WPA state machine data */ @@ -218,6 +233,7 @@ struct wpa_sm { struct wpabuf *dpp_z; int dpp_pfs; #endif /* CONFIG_DPP2 */ + struct wpa_sm_mlo mlo; }; diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c index f3cbe9755..9374133d4 100644 --- a/wpa_supplicant/events.c +++ b/wpa_supplicant/events.c @@ -50,6 +50,7 @@ #include "mesh_mpm.h" #include "wmm_ac.h" #include "dpp_supplicant.h" +#include "rsn_supp/wpa_i.h" #define MAX_OWE_TRANSITION_BSS_SELECT_COUNT 5 @@ -3410,6 +3411,205 @@ static int wpa_drv_get_mlo_info(struct wpa_supplicant *wpa_s) } +struct links_info { + /* bitmap of link IDs in Per-STA profile subelements*/ + u16 non_assoc_links; + u8 addr[MAX_NUM_MLD_LINKS][ETH_ALEN]; +}; + + +static void wpas_get_basic_mle_links_info(const u8 *mle, size_t mle_len, + struct links_info *info) +{ + size_t rem_len; + const u8 *pos; + + if (mle_len < (MULTI_LINK_CONTROL_LEN + 1) || + (mle_len - MULTI_LINK_CONTROL_LEN) < mle[MULTI_LINK_CONTROL_LEN]) + return; + + // Skip Common Info + pos = mle + MULTI_LINK_CONTROL_LEN + mle[MULTI_LINK_CONTROL_LEN]; + rem_len = mle_len - + (MULTI_LINK_CONTROL_LEN + mle[MULTI_LINK_CONTROL_LEN]); + + // Parse Subelements + while (rem_len > 2) { + int ie_len = 2 + pos[1]; + + if (rem_len < ie_len) + return; + + if (pos[0] == MULTI_LINK_SUB_ELEM_ID_PER_STA_PROFILE) { + u8 link_id; + const u8 *sta_profile; + + if (pos[1] < + (BASIC_MLE_STA_PROF_STA_MAC_IDX + ETH_ALEN)) + goto next_subelem; + + sta_profile = &pos[2]; + link_id = sta_profile[0] & + BASIC_MLE_STA_CTRL0_LINK_ID_MASK; + if (link_id >= MAX_NUM_MLD_LINKS) + goto next_subelem; + + if (!(sta_profile[0] & + BASIC_MLE_STA_CTRL0_PRES_STA_MAC)) + goto next_subelem; + + info->non_assoc_links |= BIT(link_id); + os_memcpy(info->addr[link_id], + &sta_profile[BASIC_MLE_STA_PROF_STA_MAC_IDX], + ETH_ALEN); + } +next_subelem: + pos += ie_len; + rem_len -= ie_len; + } +} + + +static int wpas_get_ml_req_links_info(struct wpa_supplicant *wpa_s, + union wpa_event_data *data, + struct driver_sta_mlo_info *drv_mlo) +{ + int i; + struct wpabuf *mle; + struct ieee802_11_elems req_elems, resp_elems; + struct links_info req_info, resp_info; + + if (!data || !data->assoc_info.req_ies || !data->assoc_info.resp_ies) { + wpa_dbg(wpa_s, MSG_ERROR, + "MLO: Association request and/or response IEs not present"); + return -1; + } + + if (ieee802_11_parse_elems(data->assoc_info.resp_ies, + data->assoc_info.resp_ies_len, &resp_elems, + 0) == ParseFailed || + ieee802_11_parse_elems(data->assoc_info.req_ies, + data->assoc_info.req_ies_len, &req_elems, + 0) == ParseFailed) { + wpa_dbg(wpa_s, MSG_ERROR, + "MLO: Failed to parse Association request/response IEs"); + return -1; + } + + mle = ieee802_11_defrag_mle(&req_elems, MULTI_LINK_CONTROL_TYPE_BASIC); + if (!mle) { + wpa_dbg(wpa_s, MSG_ERROR, + "MLO: Basic Multi-Link element not found in Association request"); + return -1; + } + os_memset(&req_info, 0, sizeof(req_info)); + wpas_get_basic_mle_links_info((const u8 *) wpabuf_head(mle), + wpabuf_len(mle), &req_info); + wpabuf_free(mle); + + mle = ieee802_11_defrag_mle(&resp_elems, MULTI_LINK_CONTROL_TYPE_BASIC); + if (!mle) { + wpa_dbg(wpa_s, MSG_ERROR, + "MLO: Basic Multi-Link element not found in Association response"); + return -1; + } + os_memset(&resp_info, 0, sizeof(resp_info)); + wpas_get_basic_mle_links_info((const u8 *) wpabuf_head(mle), + wpabuf_len(mle), &resp_info); + wpabuf_free(mle); + + if (req_info.non_assoc_links != resp_info.non_assoc_links) { + wpa_dbg(wpa_s, MSG_ERROR, + "MLO: Association request and response links bitmap not equal"); + return -1; + } + + drv_mlo->req_links = BIT(drv_mlo->assoc_link_id) | + req_info.non_assoc_links; + if ((drv_mlo->req_links & drv_mlo->valid_links) != + drv_mlo->valid_links) { + wpa_dbg(wpa_s, MSG_ERROR, + "MLO: accepted links are not subset of requested links"); + return -1; + } + + /* Get MLO links info for rejected links */ + for (i = 0; i < MAX_NUM_MLD_LINKS; i++) { + if (!((drv_mlo->req_links & ~drv_mlo->valid_links) & BIT(i))) + continue; + + os_memcpy(drv_mlo->links[i].bssid, resp_info.addr[i], ETH_ALEN); + os_memcpy(drv_mlo->links[i].addr, req_info.addr[i], ETH_ALEN); + } + + return 0; +} + +static int wpa_sm_set_ml_info(struct wpa_supplicant *wpa_s, + union wpa_event_data *data) +{ + struct driver_sta_mlo_info drv_mlo; + struct wpa_sm_mlo wpa_mlo; + const u8 *bss_rsn = NULL, *bss_rsnx = NULL; + int i; + + drv_mlo.valid_links = 0; + drv_mlo.req_links = 0; + if (wpas_drv_get_sta_mlo_info(wpa_s, &drv_mlo)) { + wpa_dbg(wpa_s, MSG_ERROR, "Failed to get MLO link info"); + return -1; + } + + os_memset(&wpa_mlo, 0, sizeof(wpa_mlo)); + if (!drv_mlo.valid_links) + goto out; + + if (!drv_mlo.req_links && + wpas_get_ml_req_links_info(wpa_s, data, &drv_mlo)) + return -1; + + os_memcpy(wpa_mlo.ap_mld_addr, drv_mlo.ap_mld_addr, ETH_ALEN); + wpa_mlo.assoc_link_id = drv_mlo.assoc_link_id; + wpa_mlo.valid_links = drv_mlo.valid_links; + wpa_mlo.req_links = drv_mlo.req_links; + for (i = 0; i < MAX_NUM_MLD_LINKS; i++) { + struct wpa_bss *bss; + + if (!(drv_mlo.req_links & BIT(i))) + continue; + + bss = wpa_supplicant_get_new_bss(wpa_s, drv_mlo.links[i].bssid); + if (!bss) { + wpa_supplicant_update_scan_results(wpa_s); + bss = wpa_supplicant_get_new_bss( + wpa_s, drv_mlo.links[i].bssid); + } + + if (!bss) { + wpa_dbg(wpa_s, MSG_ERROR, + "Failed to get MLO link %d bss", i); + return -1; + } + + bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN); + bss_rsnx = wpa_bss_get_ie(bss, WLAN_EID_RSNX); + + wpa_mlo.links[i].ap_rsne = bss_rsn ? (u8 *) bss_rsn : NULL; + wpa_mlo.links[i].ap_rsne_len = bss_rsn ? 2 + bss_rsn[1] : 0; + wpa_mlo.links[i].ap_rsnxe = bss_rsnx ? (u8 *) bss_rsnx : NULL; + wpa_mlo.links[i].ap_rsnxe_len = bss_rsnx ? 2 + bss_rsnx[1] : 0; + + os_memcpy(wpa_mlo.links[i].bssid, drv_mlo.links[i].bssid, + ETH_ALEN); + os_memcpy(wpa_mlo.links[i].addr, drv_mlo.links[i].addr, + ETH_ALEN); + } + +out: + return wpa_sm_set_mlo_params(wpa_s->wpa, &wpa_mlo); +} + + static void wpa_supplicant_event_assoc(struct wpa_supplicant *wpa_s, union wpa_event_data *data) { @@ -3534,6 +3734,15 @@ static void wpa_supplicant_event_assoc(struct wpa_supplicant *wpa_s, wpa_supplicant_scard_init(wpa_s, wpa_s->current_ssid); } wpa_sm_notify_assoc(wpa_s->wpa, bssid); + + if (wpa_sm_set_ml_info(wpa_s, data)) { + wpa_dbg(wpa_s, MSG_ERROR, + "Failed to set MLO connection info to wpa_sm"); + wpa_supplicant_deauthenticate(wpa_s, + WLAN_REASON_DEAUTH_LEAVING); + return; + } + if (wpa_s->l2) l2_packet_notify_auth_start(wpa_s->l2); diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c index 3d7626aeb..bfdc23203 100644 --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c @@ -69,6 +69,7 @@ #include "ap/ap_config.h" #include "ap/hostapd.h" #endif /* CONFIG_MESH */ +#include "rsn_supp/wpa_i.h" const char *const wpa_supplicant_version = "wpa_supplicant v" VERSION_STR "\n" @@ -403,6 +404,7 @@ void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s, #ifdef CONFIG_WEP int i; #endif /* CONFIG_WEP */ + struct wpa_sm_mlo mlo; if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) wpa_s->key_mgmt = WPA_KEY_MGMT_WPS; @@ -443,6 +445,8 @@ void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s, wpa_s->mgmt_group_cipher); pmksa_cache_clear_current(wpa_s->wpa); + os_memset(&mlo, 0, sizeof(mlo)); + wpa_sm_set_mlo_params(wpa_s->wpa, &mlo); } From patchwork Wed Oct 19 14:13:57 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Veerendranath Jakkam X-Patchwork-Id: 1691989 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=4ni+trz7; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=quicinc.com header.i=@quicinc.com header.a=rsa-sha256 header.s=qcppdkim1 header.b=A4EhgUlF; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4MstBB5VRxz23jk for ; Thu, 20 Oct 2022 01:18:26 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:CC:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=ivWgFC48zqdB+hdoaO5EYPkgPljJYfaGbMyITCn7ptA=; b=4ni+trz7OHW6Wo ajzqUzcTXnYmPuxuLg86GLJnAAOQdCqcmYxjN3/TfrN4y2485/Na53/HqaFqQe4MdNy4QLYi/rX+7 dgbs5dc2Pug+Q/ajzhkbpAobv7ZoWwACijSjauG7bVBK4OtRNfmzXxCn9hMebMBZywxWb3Ld60RFA IKsaKUxjDYLZ9rodPslStKc08XExHZf8jE57iPZDCb0D3NkmGLm0YIW0WZiJwBERkKu+s1qM+5MOH SlX0SRi96z3F1VlQ3ji+/dvH4rO9Ufc+FQtKWP8uRVt341gx5KdyclEabULFEoHb9uJ8XmLcP29p2 CsILFR3+fJDIVMvfs3aw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1ol9sy-002hj4-2L; Wed, 19 Oct 2022 14:17:32 +0000 Received: from mx0a-0031df01.pphosted.com ([205.220.168.131]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1ol9qL-002e6L-E0 for hostap@lists.infradead.org; Wed, 19 Oct 2022 14:14:51 +0000 Received: from pps.filterd (m0279864.ppops.net [127.0.0.1]) by mx0a-0031df01.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 29JBEfhI023895 for ; Wed, 19 Oct 2022 14:14:49 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quicinc.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=qcppdkim1; bh=tqhQYr+8WDLmoqL452M/vKRHiZpo1vctq9QKiAHoqPg=; b=A4EhgUlFExhOq/DvN2WaDaSZ39wadEoLhym+UDifEkyBXhCVZQrviLYbR2CxH6dlKAlv 6FwbOonIs0oJAqF6Thj3Og1a7WWAIuiOsIOO0ftKqYR4yK9Nnnue4ySlW6t+P2DSWS9X V+6SAqUk8wpvVxKR864xkSnZztIUmU1uT1RsafvOnKHZnsGP7axoc90amqFHG9uhApnW kLdTmE4gRsq+p8n6KN1OKii19VeWbZ4MSM2rm1LR9n6VQorlchBfnnGUXcTUzAnwyoLA 4Jjv+WQr196n5te73yOqmE/Gy28ZyMR/l59KNQnR28kYossMjBKIhkLZp0tioIpSdlSs pw== Received: from nalasppmta04.qualcomm.com (Global_NAT1.qualcomm.com [129.46.96.20]) by mx0a-0031df01.pphosted.com (PPS) with ESMTPS id 3kaed8s89w-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 19 Oct 2022 14:14:49 +0000 Received: from nalasex01a.na.qualcomm.com (nalasex01a.na.qualcomm.com [10.47.209.196]) by NALASPPMTA04.qualcomm.com (8.17.1.5/8.17.1.5) with ESMTPS id 29JEEmsh026766 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 19 Oct 2022 14:14:48 GMT Received: from cnss-mw-linux.qualcomm.com (10.80.80.8) by nalasex01a.na.qualcomm.com (10.47.209.196) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.29; Wed, 19 Oct 2022 07:14:47 -0700 From: Veerendranath Jakkam To: CC: Subject: [PATCH v3 09/21] MLD STA: Add MLO KDEs for 2/4 and 4/4 EAPOL frames Date: Wed, 19 Oct 2022 19:43:57 +0530 Message-ID: <20221019141409.535582-10-quic_vjakkam@quicinc.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20221019141409.535582-1-quic_vjakkam@quicinc.com> References: <20221019141409.535582-1-quic_vjakkam@quicinc.com> MIME-Version: 1.0 X-Originating-IP: [10.80.80.8] X-ClientProxiedBy: nasanex01b.na.qualcomm.com (10.46.141.250) To nalasex01a.na.qualcomm.com (10.47.209.196) X-QCInternal: smtphost X-Proofpoint-Virus-Version: vendor=nai engine=6200 definitions=5800 signatures=585085 X-Proofpoint-ORIG-GUID: iA-1_lpc3M0H27L6B3KS_r2k5_33aWQa X-Proofpoint-GUID: iA-1_lpc3M0H27L6B3KS_r2k5_33aWQa X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.545,FMLib:17.11.122.1 definitions=2022-10-19_08,2022-10-19_03,2022-06-22_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 adultscore=0 lowpriorityscore=0 malwarescore=0 mlxscore=0 phishscore=0 mlxlogscore=999 spamscore=0 impostorscore=0 bulkscore=0 suspectscore=0 clxscore=1015 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2209130000 definitions=main-2210190080 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20221019_071449_499487_3CDEB21C X-CRM114-Status: GOOD ( 23.64 ) X-Spam-Score: -0.9 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Add new KDEs introduced for MLO connection as specified in 12.7.2 EAPOL-Key frames, IEEE P802.11be/D2.2. - Add MAC and MLO link KDE for each own affliated link (other than the link on which associatio [...] Content analysis details: (-0.9 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/, low trust [205.220.168.131 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Add new KDEs introduced for MLO connection as specified in 12.7.2 EAPOL-Key frames, IEEE P802.11be/D2.2. - Add MAC and MLO link KDE for each own affliated link (other than the link on which association happened) in 2/4 EAPOL frame. - Add MAC KDE in 4/4 EAPOL frame. Signed-off-by: Veerendranath Jakkam --- src/rsn_supp/wpa.c | 103 +++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 99 insertions(+), 4 deletions(-) diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c index 26e426b98..4a7329a52 100644 --- a/src/rsn_supp/wpa.c +++ b/src/rsn_supp/wpa.c @@ -684,6 +684,56 @@ static int wpa_handle_ext_key_id(struct wpa_sm *sm, } +static u8 * wpa_add_kde(u8 *pos, u32 kde, const u8 *data, size_t data_len) +{ + *pos++ = WLAN_EID_VENDOR_SPECIFIC; + *pos++ = RSN_SELECTOR_LEN + data_len; + RSN_SELECTOR_PUT(pos, kde); + pos += RSN_SELECTOR_LEN; + os_memcpy(pos, data, data_len); + pos += data_len; + + return pos; +} + + +static size_t wpa_mlo_link_kde_len(struct wpa_sm *sm) +{ + int i; + int num_links = 0; + + for (i = 0; i < MAX_NUM_MLO_LINKS; i++) { + if (sm->mlo.assoc_link_id == i || + !(sm->mlo.req_links & BIT(i))) + continue; + + num_links++; + } + + return (num_links * (RSN_SELECTOR_LEN + 7 + 2)); +} + + +static u8 *wpa_mlo_link_kde(struct wpa_sm *sm, u8 *pos) +{ + int i; + u8 hdr[1 + ETH_ALEN]; + + for (i = 0; i < MAX_NUM_MLO_LINKS; i++) { + if (sm->mlo.assoc_link_id == i || + !(sm->mlo.req_links & BIT(i))) + continue; + + wpa_printf(MSG_DEBUG, + "MLO: Add MLO Link %d KDE in EAPOL-Key 2/4", i); + hdr[0] = i & 0xF; + os_memcpy(&hdr[1], sm->mlo.links[i].addr, ETH_ALEN); + pos = wpa_add_kde(pos, RSN_KEY_DATA_MLO_LINK, hdr, 7); + } + + return pos; +} + static void wpa_supplicant_process_1_of_4(struct wpa_sm *sm, const unsigned char *src_addr, const struct wpa_eapol_key *key, @@ -696,6 +746,7 @@ static void wpa_supplicant_process_1_of_4(struct wpa_sm *sm, int res; u8 *kde, *kde_buf = NULL; size_t kde_len; + size_t mlo_kde_len = 0; if (encrypted == FRAME_NOT_ENCRYPTED && sm->tk_set && wpa_sm_pmf_enabled(sm)) { @@ -775,13 +826,19 @@ static void wpa_supplicant_process_1_of_4(struct wpa_sm *sm, } sm->tptk_set = 1; + /* Add MLO Link KDE and MAC KDE in M2 for ML connection */ + if (sm->mlo.valid_links) + mlo_kde_len = (wpa_mlo_link_kde_len(sm) + + RSN_SELECTOR_LEN + 6 + 2); + kde = sm->assoc_wpa_ie; kde_len = sm->assoc_wpa_ie_len; kde_buf = os_malloc(kde_len + 2 + RSN_SELECTOR_LEN + 3 + sm->assoc_rsnxe_len + 2 + RSN_SELECTOR_LEN + 1 + - 2 + RSN_SELECTOR_LEN + 2); + 2 + RSN_SELECTOR_LEN + 2 + mlo_kde_len); + if (!kde_buf) goto failed; os_memcpy(kde_buf, kde, kde_len); @@ -855,6 +912,21 @@ static void wpa_supplicant_process_1_of_4(struct wpa_sm *sm, } #endif /* CONFIG_DPP2 */ + if (sm->mlo.valid_links) { + u8 *pos; + + /* Add MAC KDE */ + wpa_printf(MSG_DEBUG, "MLO: Add MAC KDE into EAPOL-Key 2/4"); + pos = kde + kde_len; + pos = wpa_add_kde(pos, RSN_KEY_DATA_MAC_ADDR, sm->own_addr, + ETH_ALEN); + + /* Add MLO link KDE */ + wpa_printf(MSG_DEBUG, "Add MLO Link KDE(s) into EAPOL-Key 2/4"); + pos = wpa_mlo_link_kde(sm, pos); + kde_len = pos - kde; + } + if (wpa_supplicant_send_2_of_4(sm, sm->bssid, key, ver, sm->snonce, kde, kde_len, ptk) < 0) goto failed; @@ -1663,13 +1735,32 @@ int wpa_supplicant_send_4_of_4(struct wpa_sm *sm, const unsigned char *dst, size_t mic_len, hdrlen, rlen; struct wpa_eapol_key *reply; u8 *rbuf, *key_mic; + u8 *kde = NULL; + size_t kde_len = 0; + + if (sm->mlo.valid_links) { + u8 *pos; + + kde = os_malloc(RSN_SELECTOR_LEN + 6 + 2); + if (!kde) + return -1; + + /* Add MAC KDE */ + wpa_printf(MSG_DEBUG, "MLO: Add MAC KDE into EAPOL-Key 4/4"); + pos = kde; + pos = wpa_add_kde(pos, RSN_KEY_DATA_MAC_ADDR, sm->own_addr, + ETH_ALEN); + kde_len = pos - kde; + } mic_len = wpa_mic_len(sm->key_mgmt, sm->pmk_len); hdrlen = sizeof(*reply) + mic_len + 2; rbuf = wpa_sm_alloc_eapol(sm, IEEE802_1X_TYPE_EAPOL_KEY, NULL, - hdrlen, &rlen, (void *) &reply); - if (rbuf == NULL) + hdrlen + kde_len, &rlen, (void *) &reply); + if (rbuf == NULL) { + os_free(kde); return -1; + } reply->type = (sm->proto == WPA_PROTO_RSN || sm->proto == WPA_PROTO_OSEN) ? @@ -1689,7 +1780,11 @@ int wpa_supplicant_send_4_of_4(struct wpa_sm *sm, const unsigned char *dst, WPA_REPLAY_COUNTER_LEN); key_mic = (u8 *) (reply + 1); - WPA_PUT_BE16(key_mic + mic_len, 0); + WPA_PUT_BE16(key_mic + mic_len, kde_len); /* Key Data length */ + if (kde) { + os_memcpy(key_mic + mic_len + 2, kde, kde_len); /* Key Data */ + os_free(kde); + } wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "WPA: Sending EAPOL-Key 4/4"); return wpa_eapol_key_send(sm, ptk, ver, dst, ETH_P_EAPOL, rbuf, rlen, From patchwork Wed Oct 19 14:13:58 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Veerendranath Jakkam X-Patchwork-Id: 1691993 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=X+MF3DmC; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=quicinc.com header.i=@quicinc.com header.a=rsa-sha256 header.s=qcppdkim1 header.b=SyEDGzG1; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4MstCz0cM1z23jk for ; Thu, 20 Oct 2022 01:19:59 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:CC:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=xRtdW3ZqzJICSi2wRAVZY9yW3epj+VzBXeHPYlxRrAo=; b=X+MF3DmCSIDlZT WMSB6XwPTGdF1k+miolOTSomkl24jyUoZ3G4DebhMZrzikl3VVyhdFcqSfDffNYE0wYZoFxqBBs2J urMb6o1S7Dzeae8Qq78awwcCc2fPrfWBIrfL/lfV4cT4z0/d2lSrWWUWopzCpBetvpWrkqu4iFMKG iX3BVkZ3Osd39GdhO2yLXgayVw55cSjmHgW/MtGGvRDUuKeW+n/0l+Z8PKWu3NZ12/9eDd9McEHVi 0Sf675cIoAoBaj9l+pwg7VH+OybgdIlH43VPux+MyTLPyhln+XMl1Sao5QwEwRDjnGePuvjIcTDQv xEerH57S+ThUPYXnymxw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1ol9ua-002iwz-Jb; Wed, 19 Oct 2022 14:19:12 +0000 Received: from mx0a-0031df01.pphosted.com ([205.220.168.131]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1ol9qN-002eCn-8W for hostap@lists.infradead.org; Wed, 19 Oct 2022 14:14:52 +0000 Received: from pps.filterd (m0279864.ppops.net [127.0.0.1]) by mx0a-0031df01.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 29J9CBe0030112 for ; Wed, 19 Oct 2022 14:14:51 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quicinc.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=qcppdkim1; bh=lBQ16nyXHmfei6d8Wn5rf+jhd5dX03/Lq8XOVyfUPNU=; b=SyEDGzG13tg9hfsi0G7kYlikmmwTpabivqpFHUS+r/vIH2BAr7YRDQyZFwYqqpV//DU7 AgrbAEvRNn+8YW285RJXM9wdaYAxtg7NnNRRl6G88RDTQCM7/BmTM6nVfkflcmvLCW5e 3Dx+wMK75pNEarztHKa6pLHKqh7vI7De6q8qb+gw/ILHD6BRVogvuhFnE2NcMy4jtl1U ysckRui9Uqmunulp5N6fw2SBfv4T9WACR+KVJ4g4+SqZQzisDyPvXY5estoCesuHkbs+ E0WBipxLYplKaDgXETfKgVHAAHF8Y8mJ2x/vUIFkM8aNXeEXTODsHVkE7CcgHwoS33Uu KQ== Received: from nalasppmta02.qualcomm.com (Global_NAT1.qualcomm.com [129.46.96.20]) by mx0a-0031df01.pphosted.com (PPS) with ESMTPS id 3kaed8s8a0-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 19 Oct 2022 14:14:50 +0000 Received: from nalasex01a.na.qualcomm.com (nalasex01a.na.qualcomm.com [10.47.209.196]) by NALASPPMTA02.qualcomm.com (8.17.1.5/8.17.1.5) with ESMTPS id 29JEEokx010347 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 19 Oct 2022 14:14:50 GMT Received: from cnss-mw-linux.qualcomm.com (10.80.80.8) by nalasex01a.na.qualcomm.com (10.47.209.196) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.29; Wed, 19 Oct 2022 07:14:48 -0700 From: Veerendranath Jakkam To: CC: Subject: [PATCH v3 10/21] MLD STA: Use AP MLD address to derive pairwise keys Date: Wed, 19 Oct 2022 19:43:58 +0530 Message-ID: <20221019141409.535582-11-quic_vjakkam@quicinc.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20221019141409.535582-1-quic_vjakkam@quicinc.com> References: <20221019141409.535582-1-quic_vjakkam@quicinc.com> MIME-Version: 1.0 X-Originating-IP: [10.80.80.8] X-ClientProxiedBy: nasanex01b.na.qualcomm.com (10.46.141.250) To nalasex01a.na.qualcomm.com (10.47.209.196) X-QCInternal: smtphost X-Proofpoint-Virus-Version: vendor=nai engine=6200 definitions=5800 signatures=585085 X-Proofpoint-ORIG-GUID: b3KvFjnPgeJSjKf23mLqp8H5XFvED2xt X-Proofpoint-GUID: b3KvFjnPgeJSjKf23mLqp8H5XFvED2xt X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.545,FMLib:17.11.122.1 definitions=2022-10-19_08,2022-10-19_03,2022-06-22_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 adultscore=0 lowpriorityscore=0 malwarescore=0 mlxscore=0 phishscore=0 mlxlogscore=896 spamscore=0 impostorscore=0 bulkscore=0 suspectscore=0 clxscore=1015 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2209130000 definitions=main-2210190080 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20221019_071451_365167_99EC7E97 X-CRM114-Status: GOOD ( 18.22 ) X-Spam-Score: -0.9 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Rohan Dutta Use AP MLD address to derive pairwise keys for MLO connection. Current changes are handling only ptk derivation during EAPOL Four-Way handshake. Signed-off-by: Rohan Dutta Signed-off-by: Veerendranath Jakkam --- src/rsn_supp/wpa.c | 8 +++++++- src/rsn_supp/wpa.h | 1 + src/rsn_supp/wpa_ft.c | [...] Content analysis details: (-0.9 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/, low trust [205.220.168.131 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Rohan Dutta Use AP MLD address to derive pairwise keys for MLO connection. Current changes are handling only ptk derivation during EAPOL Four-Way handshake. Signed-off-by: Rohan Dutta Signed-off-by: Veerendranath Jakkam --- src/rsn_supp/wpa.c | 8 +++++++- src/rsn_supp/wpa.h | 1 + src/rsn_supp/wpa_ft.c | 2 +- 3 files changed, 9 insertions(+), 2 deletions(-) diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c index 4a7329a52..e611f98ce 100644 --- a/src/rsn_supp/wpa.c +++ b/src/rsn_supp/wpa.c @@ -620,7 +620,7 @@ static int wpa_derive_ptk(struct wpa_sm *sm, const unsigned char *src_addr, kdk_len = 0; ret = wpa_pmk_to_ptk(sm->pmk, sm->pmk_len, "Pairwise key expansion", - sm->own_addr, sm->bssid, sm->snonce, + sm->own_addr, wpa_sm_get_auth_addr(sm), sm->snonce, key->key_nonce, ptk, akmp, sm->pairwise_cipher, z, z_len, kdk_len); @@ -4254,6 +4254,12 @@ unsigned int wpa_sm_get_key_mgmt(struct wpa_sm *sm) } +const u8 * wpa_sm_get_auth_addr(struct wpa_sm *sm) +{ + return sm->mlo.valid_links ? sm->mlo.ap_mld_addr : sm->bssid; +} + + #ifdef CONFIG_FILS struct wpabuf * fils_build_auth(struct wpa_sm *sm, int dh_group, const u8 *md) diff --git a/src/rsn_supp/wpa.h b/src/rsn_supp/wpa.h index 216573131..13d030c37 100644 --- a/src/rsn_supp/wpa.h +++ b/src/rsn_supp/wpa.h @@ -577,5 +577,6 @@ void wpa_sm_set_dpp_z(struct wpa_sm *sm, const struct wpabuf *z); void wpa_pasn_pmksa_cache_add(struct wpa_sm *sm, const u8 *pmk, size_t pmk_len, const u8 *pmkid, const u8 *bssid, int key_mgmt); void wpa_pasn_sm_set_caps(struct wpa_sm *sm, unsigned int flags2); +const u8 * wpa_sm_get_auth_addr(struct wpa_sm *sm); #endif /* WPA_H */ diff --git a/src/rsn_supp/wpa_ft.c b/src/rsn_supp/wpa_ft.c index 952c4ebde..e74396895 100644 --- a/src/rsn_supp/wpa_ft.c +++ b/src/rsn_supp/wpa_ft.c @@ -81,7 +81,7 @@ int wpa_derive_ptk_ft(struct wpa_sm *sm, const unsigned char *src_addr, kdk_len = 0; ret = wpa_pmk_r1_to_ptk(sm->pmk_r1, sm->pmk_r1_len, sm->snonce, - anonce, sm->own_addr, sm->bssid, + anonce, sm->own_addr, wpa_sm_get_auth_addr(sm), sm->pmk_r1_name, ptk, ptk_name, sm->key_mgmt, sm->pairwise_cipher, kdk_len); if (ret) { From patchwork Wed Oct 19 14:13:59 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Veerendranath Jakkam X-Patchwork-Id: 1691995 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=3XyrHX4C; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=quicinc.com header.i=@quicinc.com header.a=rsa-sha256 header.s=qcppdkim1 header.b=ICy5aCJU; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4MstFF1l4dz23k2 for ; Thu, 20 Oct 2022 01:21:05 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:CC:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=HXrY0HEYim7RW2wvNM9tEdFUivCauJm33qT8Y4/f8PQ=; b=3XyrHX4Chse8cG 4JPXF9zOY1SK7CI2jG73rZm9xUb0qJedwg6goIClNmempOQGXo+l+Zy6pF2HI30PCKbWR7wJTBrVH w7ehcqIG3AYd2JSNJyGHPI168vyAY0TZXLpdXHLfEpFOralWRORSCAgO4LlQZWEU6N3tFGPVB4UKW mmejGKEDJWTBzEd62dUm/if4ExlD1bWdkFWqtDuhwHK/tyU787LP3pObUgXrQ/zZhxfhruIRAVdkU SIMwlhRpmytpcU4c6kK8Yqp3F1iH0SaJa97ZTvfGUOFBgUvZHyEDPE1HdTuZGwTpuzJh/Bqz2NJyC qtn/2ZJpzcbgCrJw2EOQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1ol9vP-002jSy-3V; Wed, 19 Oct 2022 14:20:03 +0000 Received: from mx0b-0031df01.pphosted.com ([205.220.180.131]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1ol9qP-002eJK-M4 for hostap@lists.infradead.org; Wed, 19 Oct 2022 14:14:55 +0000 Received: from pps.filterd (m0279868.ppops.net [127.0.0.1]) by mx0a-0031df01.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 29JCsuH1020250 for ; Wed, 19 Oct 2022 14:14:53 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quicinc.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=qcppdkim1; bh=66zQp78gGJOv6tWeZqUjAwgbjLyFsDwvf/5dPb+v6EM=; b=ICy5aCJUtRyUohFKoI21zG/g/qvBxk1XBSTCCZ9Oep7taw/EDraaqmTwqgFu0OYr3OGt 6M+mvJxfdj1MUlqR88jMeapbxlqq6kYUSrUbZPv2gkj3Nxg1BRlFIP5XkZvytxYOgRFa bkSp9tJyh80dicSdp5Zq2ok8VXTXHh9bRovxDk7BmtYMBqpF2Ar+gvdkZl0m6XIvbUQt JG8PZpkYZ0insCBRhiZWaTDrs0+GUUbrvVHXG5jiI2G8lXeA1Uapj8KF4YdsBecvFcIG aXy8KDevMbsju/eH1a9+ayhGjJRC7huVCB+Hi8u3iz6T7RekflKY8ecJBIKp+GJ9u6y/ bw== Received: from nalasppmta01.qualcomm.com (Global_NAT1.qualcomm.com [129.46.96.20]) by mx0a-0031df01.pphosted.com (PPS) with ESMTPS id 3ka6brsrpf-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 19 Oct 2022 14:14:52 +0000 Received: from nalasex01a.na.qualcomm.com (nalasex01a.na.qualcomm.com [10.47.209.196]) by NALASPPMTA01.qualcomm.com (8.17.1.5/8.17.1.5) with ESMTPS id 29JEEp6O009105 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 19 Oct 2022 14:14:51 GMT Received: from cnss-mw-linux.qualcomm.com (10.80.80.8) by nalasex01a.na.qualcomm.com (10.47.209.196) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.29; Wed, 19 Oct 2022 07:14:50 -0700 From: Veerendranath Jakkam To: CC: Subject: [PATCH v3 11/21] MLD STA: Configure pairwise keys using AP MLD address Date: Wed, 19 Oct 2022 19:43:59 +0530 Message-ID: <20221019141409.535582-12-quic_vjakkam@quicinc.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20221019141409.535582-1-quic_vjakkam@quicinc.com> References: <20221019141409.535582-1-quic_vjakkam@quicinc.com> MIME-Version: 1.0 X-Originating-IP: [10.80.80.8] X-ClientProxiedBy: nasanex01b.na.qualcomm.com (10.46.141.250) To nalasex01a.na.qualcomm.com (10.47.209.196) X-QCInternal: smtphost X-Proofpoint-Virus-Version: vendor=nai engine=6200 definitions=5800 signatures=585085 X-Proofpoint-ORIG-GUID: aZxyzrFtFg6HwiGk4jBwfss2vQLEuLP9 X-Proofpoint-GUID: aZxyzrFtFg6HwiGk4jBwfss2vQLEuLP9 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.545,FMLib:17.11.122.1 definitions=2022-10-19_08,2022-10-19_03,2022-06-22_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 impostorscore=0 phishscore=0 priorityscore=1501 bulkscore=0 malwarescore=0 mlxscore=0 spamscore=0 suspectscore=0 clxscore=1015 mlxlogscore=999 adultscore=0 lowpriorityscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2209130000 definitions=main-2210190080 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20221019_071453_865985_34BFEEEF X-CRM114-Status: GOOD ( 17.97 ) X-Spam-Score: -0.9 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Rohan Dutta Configure the pairwise keys to driver with AP MLD address. Current changes are handling only EAPOL Four-Way handshake. Signed-off-by: Rohan Dutta Signed-off-by: Veerendranath Jakkam --- src/rsn_supp/wpa.c | 22 ++++++++++++ 1 file changed, 12 insertions(+), [...] Content analysis details: (-0.9 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/, low trust [205.220.180.131 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Rohan Dutta Configure the pairwise keys to driver with AP MLD address. Current changes are handling only EAPOL Four-Way handshake. Signed-off-by: Rohan Dutta Signed-off-by: Veerendranath Jakkam --- src/rsn_supp/wpa.c | 22 ++++++++++++---------- 1 file changed, 12 insertions(+), 10 deletions(-) diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c index e611f98ce..74caa3360 100644 --- a/src/rsn_supp/wpa.c +++ b/src/rsn_supp/wpa.c @@ -1050,13 +1050,13 @@ static int wpa_supplicant_install_ptk(struct wpa_sm *sm, wpa_hexdump(MSG_DEBUG, "WPA: RSC", key_rsc, rsclen); } - if (wpa_sm_set_key(sm, alg, sm->bssid, sm->keyidx_active, 1, key_rsc, - rsclen, sm->ptk.tk, keylen, + if (wpa_sm_set_key(sm, alg, wpa_sm_get_auth_addr(sm), sm->keyidx_active, + 1, key_rsc, rsclen, sm->ptk.tk, keylen, KEY_FLAG_PAIRWISE | key_flag) < 0) { wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, - "WPA: Failed to set PTK to the driver (alg=%d keylen=%d bssid=" + "WPA: Failed to set PTK to the driver (alg=%d keylen=%d auth_addr=" MACSTR " idx=%d key_flag=0x%x)", - alg, keylen, MAC2STR(sm->bssid), + alg, keylen, MAC2STR(wpa_sm_get_auth_addr(sm)), sm->keyidx_active, key_flag); return -1; } @@ -1096,14 +1096,16 @@ static int wpa_supplicant_install_ptk(struct wpa_sm *sm, static int wpa_supplicant_activate_ptk(struct wpa_sm *sm) { wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, - "WPA: Activate PTK (idx=%d bssid=" MACSTR ")", - sm->keyidx_active, MAC2STR(sm->bssid)); + "WPA: Activate PTK (idx=%d auth_addr=" MACSTR ")", + sm->keyidx_active, MAC2STR(wpa_sm_get_auth_addr(sm))); - if (wpa_sm_set_key(sm, 0, sm->bssid, sm->keyidx_active, 0, NULL, 0, - NULL, 0, KEY_FLAG_PAIRWISE_RX_TX_MODIFY) < 0) { + if (wpa_sm_set_key(sm, 0, wpa_sm_get_auth_addr(sm), sm->keyidx_active, + 0, NULL, 0, NULL, 0, KEY_FLAG_PAIRWISE_RX_TX_MODIFY) + < 0) { wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, - "WPA: Failed to activate PTK for TX (idx=%d bssid=" - MACSTR ")", sm->keyidx_active, MAC2STR(sm->bssid)); + "WPA: Failed to activate PTK for TX (idx=%d auth_addr=" + MACSTR ")", sm->keyidx_active, + MAC2STR(wpa_sm_get_auth_addr(sm))); return -1; } return 0; From patchwork Wed Oct 19 14:14:00 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Veerendranath Jakkam X-Patchwork-Id: 1691999 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=po2eUHJU; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=quicinc.com header.i=@quicinc.com header.a=rsa-sha256 header.s=qcppdkim1 header.b=lpp8LyIO; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4MstGF3xK2z23k2 for ; Thu, 20 Oct 2022 01:21:57 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:CC:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=pNBG9uIkaTquNcVSLFlbLLtF3CJi7BWNLsnLxCPpgz0=; b=po2eUHJUFxwPZS 3YsOOaD1kovgBsF7WqYyMvczzCsDPKW5FmX4CeRRcEpP6JSxL4+a4xDoCAqijAzE1wyFUHoLE2tCa +UfeJbPjvLaPEkr0CQ3HDJ57wp1nuL8KbTCuXdHoIMlG76rnces19XxFcWdeHqdwIfxE4xOACb+58 I2PFj1B+HFA42A+vCKNDjd15RKmHj+s+dJ5nxedEk8jP//8oHMqtSNaQ/7sUMwljuUFZuoxak1DtW m0evwxzimob9l4lIeR2YjoYtd8ghVtxozVmPUYH9WeaDkexn1+XjqppRQiaci77dDc0dvY+GO+BUC np1lSeM3kvCKvSSSfo2Q==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1ol9wM-002k6I-1A; Wed, 19 Oct 2022 14:21:02 +0000 Received: from mx0a-0031df01.pphosted.com ([205.220.168.131]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1ol9qQ-002eND-Ls for hostap@lists.infradead.org; Wed, 19 Oct 2022 14:14:57 +0000 Received: from pps.filterd (m0279863.ppops.net [127.0.0.1]) by mx0a-0031df01.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 29J6OXMN006438 for ; Wed, 19 Oct 2022 14:14:54 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quicinc.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=qcppdkim1; bh=W2HlHbEuc99ROk5L0vX6xFnpjMdfQkrnkbLvbeYXXXo=; b=lpp8LyIOzj6WCNBqvL3Gn4A2IE9Tcs+8Ty4S5ZWM3DJhPq3Hi+/wWpdvga/XT0H8/GmV W+Ao8OwcYiYuSUbwtzb4E4LJxyzGKW3PAE/B3BlEqiV3lMNEU/0CgFXCg4+fZ9T7OMJy 1IFkulSb51e3ocS/+tNSxb051Eua5Wd2B4XuiiS6sThul/ViBcWPQfvFl+TPbc1hl+KH VIjSmW+6vTGwA4+2/coGZV7ZtudLkQGVXTpXdE45urBahJ0yIRZAmw85D2QcYJ+kaN3W dTIMrH1zfnB5MpsHSLGzxWL9ZgsSqr3rh1r05OFV8AkZiniEaz2QgUhrOuuLqknjjG9X mQ== Received: from nalasppmta03.qualcomm.com (Global_NAT1.qualcomm.com [129.46.96.20]) by mx0a-0031df01.pphosted.com (PPS) with ESMTPS id 3k9n2p5pm7-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 19 Oct 2022 14:14:54 +0000 Received: from nalasex01a.na.qualcomm.com (nalasex01a.na.qualcomm.com [10.47.209.196]) by NALASPPMTA03.qualcomm.com (8.17.1.5/8.17.1.5) with ESMTPS id 29JEErPg028042 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 19 Oct 2022 14:14:53 GMT Received: from cnss-mw-linux.qualcomm.com (10.80.80.8) by nalasex01a.na.qualcomm.com (10.47.209.196) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.29; Wed, 19 Oct 2022 07:14:52 -0700 From: Veerendranath Jakkam To: CC: Subject: [PATCH v3 12/21] MLD STA: Add support to configure keys with MLO link ID Date: Wed, 19 Oct 2022 19:44:00 +0530 Message-ID: <20221019141409.535582-13-quic_vjakkam@quicinc.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20221019141409.535582-1-quic_vjakkam@quicinc.com> References: <20221019141409.535582-1-quic_vjakkam@quicinc.com> MIME-Version: 1.0 X-Originating-IP: [10.80.80.8] X-ClientProxiedBy: nasanex01b.na.qualcomm.com (10.46.141.250) To nalasex01a.na.qualcomm.com (10.47.209.196) X-QCInternal: smtphost X-Proofpoint-Virus-Version: vendor=nai engine=6200 definitions=5800 signatures=585085 X-Proofpoint-ORIG-GUID: EZCoTBULSQktjTKMFNEVq1k5plK0i5ia X-Proofpoint-GUID: EZCoTBULSQktjTKMFNEVq1k5plK0i5ia X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.545,FMLib:17.11.122.1 definitions=2022-10-19_08,2022-10-19_03,2022-06-22_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 impostorscore=0 clxscore=1015 mlxscore=0 lowpriorityscore=0 suspectscore=0 bulkscore=0 malwarescore=0 priorityscore=1501 phishscore=0 mlxlogscore=999 adultscore=0 spamscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2209130000 definitions=main-2210190080 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20221019_071454_761284_355D3472 X-CRM114-Status: GOOD ( 26.95 ) X-Spam-Score: -0.9 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Add support to specify link ID for set key operation for MLO connection. Signed-off-by: Veerendranath Jakkam --- src/ap/ap_drv_ops.c | 1 + src/drivers/driver.h | 6 +++++ src/drivers/driver_nl80211.c | 21 ++++++++++++++++-- src/rsn_supp/tdls.c | 4 [...] Content analysis details: (-0.9 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/, low trust [205.220.168.131 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Add support to specify link ID for set key operation for MLO connection. Signed-off-by: Veerendranath Jakkam --- src/ap/ap_drv_ops.c | 1 + src/drivers/driver.h | 6 +++++ src/drivers/driver_nl80211.c | 21 ++++++++++++++++-- src/rsn_supp/tdls.c | 4 ++-- src/rsn_supp/wpa.c | 21 +++++++++--------- src/rsn_supp/wpa.h | 2 +- src/rsn_supp/wpa_ft.c | 8 +++---- src/rsn_supp/wpa_i.h | 8 +++---- tests/fuzzing/eapol-key-supp/eapol-key-supp.c | 7 +++--- wpa_supplicant/ctrl_iface.c | 22 +++++++++---------- wpa_supplicant/driver_i.h | 3 ++- wpa_supplicant/events.c | 2 +- wpa_supplicant/ibss_rsn.c | 8 +++---- wpa_supplicant/mesh_mpm.c | 8 ++++--- wpa_supplicant/mesh_rsn.c | 6 ++--- wpa_supplicant/preauth_test.c | 2 +- wpa_supplicant/wpa_priv.c | 1 + wpa_supplicant/wpa_supplicant.c | 14 ++++++------ wpa_supplicant/wpas_glue.c | 12 +++++----- 19 files changed, 93 insertions(+), 63 deletions(-) diff --git a/src/ap/ap_drv_ops.c b/src/ap/ap_drv_ops.c index 721be4da1..ebc0dba9a 100644 --- a/src/ap/ap_drv_ops.c +++ b/src/ap/ap_drv_ops.c @@ -724,6 +724,7 @@ int hostapd_drv_set_key(const char *ifname, struct hostapd_data *hapd, params.key_len = key_len; params.vlan_id = vlan_id; params.key_flag = key_flag; + params.link_id = -1; return hapd->driver->set_key(hapd->drv_priv, ¶ms); } diff --git a/src/drivers/driver.h b/src/drivers/driver.h index 82fec2174..573dd7dd5 100644 --- a/src/drivers/driver.h +++ b/src/drivers/driver.h @@ -1788,6 +1788,12 @@ struct wpa_driver_set_key_params { * %KEY_FLAG_RX_TX * RX/TX key. */ enum key_flag key_flag; + + /** + * link_id - MLO link ID + * + * set to valid link ID (0-14) when applicable, otherwise -1 */ + int link_id; }; enum wpa_driver_if_type { diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c index 38e3f825c..ad1ca3348 100644 --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c @@ -3345,6 +3345,7 @@ static int wpa_driver_nl80211_set_key(struct i802_bss *bss, size_t key_len = params->key_len; int vlan_id = params->vlan_id; enum key_flag key_flag = params->key_flag; + int link_id = params->link_id; /* Ignore for P2P Device */ if (drv->nlmode == NL80211_IFTYPE_P2P_DEVICE) @@ -3352,9 +3353,10 @@ static int wpa_driver_nl80211_set_key(struct i802_bss *bss, ifindex = if_nametoindex(ifname); wpa_printf(MSG_DEBUG, "%s: ifindex=%d (%s) alg=%d addr=%p key_idx=%d " - "set_tx=%d seq_len=%lu key_len=%lu key_flag=0x%x", + "set_tx=%d seq_len=%lu key_len=%lu key_flag=0x%x link_id=%d", __func__, ifindex, ifname, alg, addr, key_idx, set_tx, - (unsigned long) seq_len, (unsigned long) key_len, key_flag); + (unsigned long) seq_len, (unsigned long) key_len, key_flag, + link_id); if (check_key_flag(key_flag)) { wpa_printf(MSG_DEBUG, "%s: invalid key_flag", __func__); @@ -3481,6 +3483,13 @@ static int wpa_driver_nl80211_set_key(struct i802_bss *bss, goto fail; } + if (link_id != -1) { + wpa_printf(MSG_DEBUG, "nl80211: Link ID %d", + link_id); + if (nla_put_u8(msg, NL80211_ATTR_MLO_LINK_ID, link_id)) + goto fail; + } + ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); if ((ret == -ENOENT || ret == -ENOLINK) && alg == WPA_ALG_NONE) ret = 0; @@ -3543,6 +3552,13 @@ static int wpa_driver_nl80211_set_key(struct i802_bss *bss, goto fail; } + if (link_id != -1) { + wpa_printf(MSG_DEBUG, "nl80211: set_key default - Link ID %d", + link_id); + if (nla_put_u8(msg, NL80211_ATTR_MLO_LINK_ID, link_id)) + goto fail; + } + ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); if (ret) wpa_printf(MSG_DEBUG, @@ -3870,6 +3886,7 @@ retry: os_memset(&p, 0, sizeof(p)); p.ifname = bss->ifname; p.alg = WPA_ALG_WEP; + p.link_id = -1; for (i = 0; i < 4; i++) { if (!params->wep_key[i]) continue; diff --git a/src/rsn_supp/tdls.c b/src/rsn_supp/tdls.c index c26a63d82..97537ee19 100644 --- a/src/rsn_supp/tdls.c +++ b/src/rsn_supp/tdls.c @@ -180,7 +180,7 @@ static u8 * wpa_add_ie(u8 *pos, const u8 *ie, size_t ie_len) static int wpa_tdls_del_key(struct wpa_sm *sm, struct wpa_tdls_peer *peer) { - if (wpa_sm_set_key(sm, WPA_ALG_NONE, peer->addr, + if (wpa_sm_set_key(sm, -1, WPA_ALG_NONE, peer->addr, 0, 0, NULL, 0, NULL, 0, KEY_FLAG_PAIRWISE) < 0) { wpa_printf(MSG_WARNING, "TDLS: Failed to delete TPK-TK from " "the driver"); @@ -230,7 +230,7 @@ static int wpa_tdls_set_key(struct wpa_sm *sm, struct wpa_tdls_peer *peer) wpa_printf(MSG_DEBUG, "TDLS: Configure pairwise key for peer " MACSTR, MAC2STR(peer->addr)); - if (wpa_sm_set_key(sm, alg, peer->addr, 0, 1, rsc, sizeof(rsc), + if (wpa_sm_set_key(sm, -1, alg, peer->addr, 0, 1, rsc, sizeof(rsc), peer->tpk.tk, key_len, KEY_FLAG_PAIRWISE_RX_TX) < 0) { wpa_printf(MSG_WARNING, "TDLS: Failed to set TPK to the " diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c index 74caa3360..269da766b 100644 --- a/src/rsn_supp/wpa.c +++ b/src/rsn_supp/wpa.c @@ -1050,9 +1050,9 @@ static int wpa_supplicant_install_ptk(struct wpa_sm *sm, wpa_hexdump(MSG_DEBUG, "WPA: RSC", key_rsc, rsclen); } - if (wpa_sm_set_key(sm, alg, wpa_sm_get_auth_addr(sm), sm->keyidx_active, - 1, key_rsc, rsclen, sm->ptk.tk, keylen, - KEY_FLAG_PAIRWISE | key_flag) < 0) { + if (wpa_sm_set_key(sm, -1, alg, wpa_sm_get_auth_addr(sm), + sm->keyidx_active, 1, key_rsc, rsclen, sm->ptk.tk, + keylen, KEY_FLAG_PAIRWISE | key_flag) < 0) { wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, "WPA: Failed to set PTK to the driver (alg=%d keylen=%d auth_addr=" MACSTR " idx=%d key_flag=0x%x)", @@ -1099,8 +1099,9 @@ static int wpa_supplicant_activate_ptk(struct wpa_sm *sm) "WPA: Activate PTK (idx=%d auth_addr=" MACSTR ")", sm->keyidx_active, MAC2STR(wpa_sm_get_auth_addr(sm))); - if (wpa_sm_set_key(sm, 0, wpa_sm_get_auth_addr(sm), sm->keyidx_active, - 0, NULL, 0, NULL, 0, KEY_FLAG_PAIRWISE_RX_TX_MODIFY) + if (wpa_sm_set_key(sm, -1, 0, wpa_sm_get_auth_addr(sm), + sm->keyidx_active, 0, NULL, 0, NULL, 0, + KEY_FLAG_PAIRWISE_RX_TX_MODIFY) < 0) { wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, "WPA: Failed to activate PTK for TX (idx=%d auth_addr=" @@ -1180,7 +1181,7 @@ static int wpa_supplicant_install_gtk(struct wpa_sm *sm, _gtk = gtk_buf; } if (sm->pairwise_cipher == WPA_CIPHER_NONE) { - if (wpa_sm_set_key(sm, gd->alg, NULL, + if (wpa_sm_set_key(sm, -1, gd->alg, NULL, gd->keyidx, 1, key_rsc, gd->key_rsc_len, _gtk, gd->gtk_len, KEY_FLAG_GROUP_RX_TX_DEFAULT) < 0) { @@ -1190,7 +1191,7 @@ static int wpa_supplicant_install_gtk(struct wpa_sm *sm, forced_memzero(gtk_buf, sizeof(gtk_buf)); return -1; } - } else if (wpa_sm_set_key(sm, gd->alg, broadcast_ether_addr, + } else if (wpa_sm_set_key(sm, -1, gd->alg, broadcast_ether_addr, gd->keyidx, gd->tx, key_rsc, gd->key_rsc_len, _gtk, gd->gtk_len, KEY_FLAG_GROUP_RX) < 0) { wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, @@ -1343,7 +1344,7 @@ static int wpa_supplicant_install_igtk(struct wpa_sm *sm, "WPA: Invalid IGTK KeyID %d", keyidx); return -1; } - if (wpa_sm_set_key(sm, wpa_cipher_to_alg(sm->mgmt_group_cipher), + if (wpa_sm_set_key(sm, -1, wpa_cipher_to_alg(sm->mgmt_group_cipher), broadcast_ether_addr, keyidx, 0, igtk->pn, sizeof(igtk->pn), igtk->igtk, len, KEY_FLAG_GROUP_RX) < 0) { @@ -1412,7 +1413,7 @@ static int wpa_supplicant_install_bigtk(struct wpa_sm *sm, "WPA: Invalid BIGTK KeyID %d", keyidx); return -1; } - if (wpa_sm_set_key(sm, wpa_cipher_to_alg(sm->mgmt_group_cipher), + if (wpa_sm_set_key(sm, -1, wpa_cipher_to_alg(sm->mgmt_group_cipher), broadcast_ether_addr, keyidx, 0, bigtk->pn, sizeof(bigtk->pn), bigtk->bigtk, len, KEY_FLAG_GROUP_RX) < 0) { @@ -5210,7 +5211,7 @@ int fils_process_assoc_resp(struct wpa_sm *sm, const u8 *resp, size_t len) rsclen = wpa_cipher_rsc_len(sm->pairwise_cipher); wpa_hexdump_key(MSG_DEBUG, "FILS: Set TK to driver", sm->ptk.tk, keylen); - if (wpa_sm_set_key(sm, alg, sm->bssid, 0, 1, null_rsc, rsclen, + if (wpa_sm_set_key(sm, -1, alg, sm->bssid, 0, 1, null_rsc, rsclen, sm->ptk.tk, keylen, KEY_FLAG_PAIRWISE_RX_TX) < 0) { wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, "FILS: Failed to set PTK to the driver (alg=%d keylen=%d bssid=" diff --git a/src/rsn_supp/wpa.h b/src/rsn_supp/wpa.h index 13d030c37..b97edd551 100644 --- a/src/rsn_supp/wpa.h +++ b/src/rsn_supp/wpa.h @@ -30,7 +30,7 @@ struct wpa_sm_ctx { enum wpa_states (*get_state)(void *ctx); void (*deauthenticate)(void * ctx, u16 reason_code); void (*reconnect)(void *ctx); - int (*set_key)(void *ctx, enum wpa_alg alg, + int (*set_key)(void *ctx, int link_id, enum wpa_alg alg, const u8 *addr, int key_idx, int set_tx, const u8 *seq, size_t seq_len, const u8 *key, size_t key_len, enum key_flag key_flag); diff --git a/src/rsn_supp/wpa_ft.c b/src/rsn_supp/wpa_ft.c index e74396895..0726727a5 100644 --- a/src/rsn_supp/wpa_ft.c +++ b/src/rsn_supp/wpa_ft.c @@ -494,7 +494,7 @@ static int wpa_ft_install_ptk(struct wpa_sm *sm, const u8 *bssid) alg = wpa_cipher_to_alg(sm->pairwise_cipher); keylen = wpa_cipher_key_len(sm->pairwise_cipher); - if (wpa_sm_set_key(sm, alg, bssid, 0, 1, null_rsc, sizeof(null_rsc), + if (wpa_sm_set_key(sm, -1, alg, bssid, 0, 1, null_rsc, sizeof(null_rsc), (u8 *) sm->ptk.tk, keylen, KEY_FLAG_PAIRWISE_RX_TX) < 0) { wpa_printf(MSG_WARNING, "FT: Failed to set PTK to the driver"); @@ -849,7 +849,7 @@ static int wpa_ft_process_gtk_subelem(struct wpa_sm *sm, const u8 *gtk_elem, os_memcpy(gtk + 16, gtk + 24, 8); os_memcpy(gtk + 24, tmp, 8); } - if (wpa_sm_set_key(sm, alg, broadcast_ether_addr, keyidx, 0, + if (wpa_sm_set_key(sm, -1, alg, broadcast_ether_addr, keyidx, 0, gtk_elem + 3, rsc_len, gtk, keylen, KEY_FLAG_GROUP_RX) < 0) { wpa_printf(MSG_WARNING, "WPA: Failed to set GTK to the " @@ -916,7 +916,7 @@ static int wpa_ft_process_igtk_subelem(struct wpa_sm *sm, const u8 *igtk_elem, wpa_hexdump_key(MSG_DEBUG, "FT: IGTK from Reassoc Resp", igtk, igtk_len); - if (wpa_sm_set_key(sm, wpa_cipher_to_alg(sm->mgmt_group_cipher), + if (wpa_sm_set_key(sm, -1, wpa_cipher_to_alg(sm->mgmt_group_cipher), broadcast_ether_addr, keyidx, 0, igtk_elem + 2, 6, igtk, igtk_len, KEY_FLAG_GROUP_RX) < 0) { @@ -984,7 +984,7 @@ static int wpa_ft_process_bigtk_subelem(struct wpa_sm *sm, const u8 *bigtk_elem, wpa_hexdump_key(MSG_DEBUG, "FT: BIGTK from Reassoc Resp", bigtk, bigtk_len); - if (wpa_sm_set_key(sm, wpa_cipher_to_alg(sm->mgmt_group_cipher), + if (wpa_sm_set_key(sm, -1, wpa_cipher_to_alg(sm->mgmt_group_cipher), broadcast_ether_addr, keyidx, 0, bigtk_elem + 2, 6, bigtk, bigtk_len, KEY_FLAG_GROUP_RX) < 0) { diff --git a/src/rsn_supp/wpa_i.h b/src/rsn_supp/wpa_i.h index 3c78cc1b0..ac10eae71 100644 --- a/src/rsn_supp/wpa_i.h +++ b/src/rsn_supp/wpa_i.h @@ -255,14 +255,14 @@ static inline void wpa_sm_deauthenticate(struct wpa_sm *sm, u16 reason_code) sm->ctx->deauthenticate(sm->ctx->ctx, reason_code); } -static inline int wpa_sm_set_key(struct wpa_sm *sm, enum wpa_alg alg, - const u8 *addr, int key_idx, int set_tx, - const u8 *seq, size_t seq_len, +static inline int wpa_sm_set_key(struct wpa_sm *sm, int link_id, + enum wpa_alg alg, const u8 *addr, int key_idx, + int set_tx, const u8 *seq, size_t seq_len, const u8 *key, size_t key_len, enum key_flag key_flag) { WPA_ASSERT(sm->ctx->set_key); - return sm->ctx->set_key(sm->ctx->ctx, alg, addr, key_idx, set_tx, + return sm->ctx->set_key(sm->ctx->ctx, link_id, alg, addr, key_idx, set_tx, seq, seq_len, key, key_len, key_flag); } diff --git a/tests/fuzzing/eapol-key-supp/eapol-key-supp.c b/tests/fuzzing/eapol-key-supp/eapol-key-supp.c index 0c7189571..5982c240f 100644 --- a/tests/fuzzing/eapol-key-supp/eapol-key-supp.c +++ b/tests/fuzzing/eapol-key-supp/eapol-key-supp.c @@ -172,14 +172,15 @@ static int supp_get_beacon_ie(void *ctx) } -static int supp_set_key(void *ctx, enum wpa_alg alg, +static int supp_set_key(void *ctx, int link_id, enum wpa_alg alg, const u8 *addr, int key_idx, int set_tx, const u8 *seq, size_t seq_len, const u8 *key, size_t key_len, enum key_flag key_flag) { wpa_printf(MSG_DEBUG, "SUPP: %s(alg=%d addr=" MACSTR " key_idx=%d " - "set_tx=%d key_flag=0x%x)", - __func__, alg, MAC2STR(addr), key_idx, set_tx, key_flag); + "set_tx=%d key_flag=0x%x link_id=%d)", + __func__, alg, MAC2STR(addr), key_idx, set_tx, key_flag, + link_id); wpa_hexdump(MSG_DEBUG, "SUPP: set_key - seq", seq, seq_len); wpa_hexdump(MSG_DEBUG, "SUPP: set_key - key", key, key_len); return 0; diff --git a/wpa_supplicant/ctrl_iface.c b/wpa_supplicant/ctrl_iface.c index 90eb67f2c..a658d93f5 100644 --- a/wpa_supplicant/ctrl_iface.c +++ b/wpa_supplicant/ctrl_iface.c @@ -5655,23 +5655,23 @@ static void wpa_supplicant_ctrl_iface_drop_sa(struct wpa_supplicant *wpa_s) { wpa_printf(MSG_DEBUG, "Dropping SA without deauthentication"); /* MLME-DELETEKEYS.request */ - wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 0, 0, NULL, 0, NULL, + wpa_drv_set_key(wpa_s, -1, WPA_ALG_NONE, NULL, 0, 0, NULL, 0, NULL, 0, KEY_FLAG_GROUP); - wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 1, 0, NULL, 0, NULL, + wpa_drv_set_key(wpa_s, -1, WPA_ALG_NONE, NULL, 1, 0, NULL, 0, NULL, 0, KEY_FLAG_GROUP); - wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 2, 0, NULL, 0, NULL, + wpa_drv_set_key(wpa_s, -1, WPA_ALG_NONE, NULL, 2, 0, NULL, 0, NULL, 0, KEY_FLAG_GROUP); - wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 3, 0, NULL, 0, NULL, + wpa_drv_set_key(wpa_s, -1, WPA_ALG_NONE, NULL, 3, 0, NULL, 0, NULL, 0, KEY_FLAG_GROUP); - wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 4, 0, NULL, 0, NULL, + wpa_drv_set_key(wpa_s, -1, WPA_ALG_NONE, NULL, 4, 0, NULL, 0, NULL, 0, KEY_FLAG_GROUP); - wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 5, 0, NULL, 0, NULL, + wpa_drv_set_key(wpa_s, -1, WPA_ALG_NONE, NULL, 5, 0, NULL, 0, NULL, 0, KEY_FLAG_GROUP); - wpa_drv_set_key(wpa_s, WPA_ALG_NONE, wpa_s->bssid, 0, 0, NULL, 0, NULL, - 0, KEY_FLAG_PAIRWISE); + wpa_drv_set_key(wpa_s, -1, WPA_ALG_NONE, wpa_s->bssid, 0, 0, NULL, 0, + NULL, 0, KEY_FLAG_PAIRWISE); if (wpa_sm_ext_key_id(wpa_s->wpa)) - wpa_drv_set_key(wpa_s, WPA_ALG_NONE, wpa_s->bssid, 1, 0, + wpa_drv_set_key(wpa_s, -1, WPA_ALG_NONE, wpa_s->bssid, 1, 0, NULL, 0, NULL, 0, KEY_FLAG_PAIRWISE); /* MLME-SETPROTECTION.request(None) */ wpa_drv_mlme_setprotection(wpa_s, wpa_s->bssid, @@ -9996,14 +9996,14 @@ static int wpas_ctrl_reset_pn(struct wpa_supplicant *wpa_s) /* First, use a zero key to avoid any possible duplicate key avoidance * in the driver. */ - if (wpa_drv_set_key(wpa_s, wpa_s->last_tk_alg, wpa_s->last_tk_addr, + if (wpa_drv_set_key(wpa_s, -1, wpa_s->last_tk_alg, wpa_s->last_tk_addr, wpa_s->last_tk_key_idx, 1, zero, 6, zero, wpa_s->last_tk_len, KEY_FLAG_PAIRWISE_RX_TX) < 0) return -1; /* Set the previously configured key to reset its TSC/RSC */ - return wpa_drv_set_key(wpa_s, wpa_s->last_tk_alg, wpa_s->last_tk_addr, + return wpa_drv_set_key(wpa_s, -1, wpa_s->last_tk_alg, wpa_s->last_tk_addr, wpa_s->last_tk_key_idx, 1, zero, 6, wpa_s->last_tk, wpa_s->last_tk_len, KEY_FLAG_PAIRWISE_RX_TX); diff --git a/wpa_supplicant/driver_i.h b/wpa_supplicant/driver_i.h index 6be117c1d..9cdfd4143 100644 --- a/wpa_supplicant/driver_i.h +++ b/wpa_supplicant/driver_i.h @@ -143,7 +143,7 @@ static inline int wpa_drv_get_ssid(struct wpa_supplicant *wpa_s, u8 *ssid) return -1; } -static inline int wpa_drv_set_key(struct wpa_supplicant *wpa_s, +static inline int wpa_drv_set_key(struct wpa_supplicant *wpa_s, int link_id, enum wpa_alg alg, const u8 *addr, int key_idx, int set_tx, const u8 *seq, size_t seq_len, @@ -163,6 +163,7 @@ static inline int wpa_drv_set_key(struct wpa_supplicant *wpa_s, params.key = key; params.key_len = key_len; params.key_flag = key_flag; + params.link_id = link_id; if (alg != WPA_ALG_NONE) { /* keyidx = 1 can be either a broadcast or--with diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c index 9374133d4..a0fe9cc8a 100644 --- a/wpa_supplicant/events.c +++ b/wpa_supplicant/events.c @@ -2844,7 +2844,7 @@ static int wpa_supplicant_use_own_rsne_params(struct wpa_supplicant *wpa_s, wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN, NULL, NULL); if (wpa_s->conf->key_mgmt_offload && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_KEY_MGMT_OFFLOAD) && - wpa_drv_set_key(wpa_s, 0, NULL, 0, 0, NULL, 0, ssid->psk, + wpa_drv_set_key(wpa_s, -1, 0, NULL, 0, 0, NULL, 0, ssid->psk, PMK_LEN, KEY_FLAG_PMK)) wpa_dbg(wpa_s, MSG_ERROR, "WPA: Cannot set PMK for key management offload"); diff --git a/wpa_supplicant/ibss_rsn.c b/wpa_supplicant/ibss_rsn.c index 874c2bf1d..fc0a5b85f 100644 --- a/wpa_supplicant/ibss_rsn.c +++ b/wpa_supplicant/ibss_rsn.c @@ -143,7 +143,7 @@ static void ibss_check_rsn_completed(struct ibss_rsn_peer *peer) } -static int supp_set_key(void *ctx, enum wpa_alg alg, +static int supp_set_key(void *ctx, int link_id, enum wpa_alg alg, const u8 *addr, int key_idx, int set_tx, const u8 *seq, size_t seq_len, const u8 *key, size_t key_len, enum key_flag key_flag) @@ -172,7 +172,7 @@ static int supp_set_key(void *ctx, enum wpa_alg alg, if (is_broadcast_ether_addr(addr)) addr = peer->addr; - return wpa_drv_set_key(peer->ibss_rsn->wpa_s, alg, addr, key_idx, + return wpa_drv_set_key(peer->ibss_rsn->wpa_s, link_id, alg, addr, key_idx, set_tx, seq, seq_len, key, key_len, key_flag); } @@ -352,7 +352,7 @@ static int auth_set_key(void *ctx, int vlan_id, enum wpa_alg alg, } } - return wpa_drv_set_key(ibss_rsn->wpa_s, alg, addr, idx, + return wpa_drv_set_key(ibss_rsn->wpa_s, -1, alg, addr, idx, 1, seq, 6, key, key_len, key_flag); } @@ -868,7 +868,7 @@ static void ibss_rsn_handle_auth_1_of_2(struct ibss_rsn *ibss_rsn, * still have a pairwise key configured. */ wpa_printf(MSG_DEBUG, "RSN: Clear pairwise key for peer " MACSTR, MAC2STR(addr)); - wpa_drv_set_key(ibss_rsn->wpa_s, WPA_ALG_NONE, addr, 0, 0, + wpa_drv_set_key(ibss_rsn->wpa_s, -1, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL, 0, KEY_FLAG_PAIRWISE); } diff --git a/wpa_supplicant/mesh_mpm.c b/wpa_supplicant/mesh_mpm.c index 2eb9a7ef6..c1ed8c4b5 100644 --- a/wpa_supplicant/mesh_mpm.c +++ b/wpa_supplicant/mesh_mpm.c @@ -879,7 +879,8 @@ static void mesh_mpm_plink_estab(struct wpa_supplicant *wpa_s, if (conf->security & MESH_CONF_SEC_AMPE) { wpa_hexdump_key(MSG_DEBUG, "mesh: MTK", sta->mtk, sta->mtk_len); - wpa_drv_set_key(wpa_s, wpa_cipher_to_alg(conf->pairwise_cipher), + wpa_drv_set_key(wpa_s, -1, + wpa_cipher_to_alg(conf->pairwise_cipher), sta->addr, 0, 0, seq, sizeof(seq), sta->mtk, sta->mtk_len, KEY_FLAG_PAIRWISE_RX_TX); @@ -888,7 +889,8 @@ static void mesh_mpm_plink_estab(struct wpa_supplicant *wpa_s, sta->mgtk_rsc, sizeof(sta->mgtk_rsc)); wpa_hexdump_key(MSG_DEBUG, "mesh: RX MGTK", sta->mgtk, sta->mgtk_len); - wpa_drv_set_key(wpa_s, wpa_cipher_to_alg(conf->group_cipher), + wpa_drv_set_key(wpa_s, -1, + wpa_cipher_to_alg(conf->group_cipher), sta->addr, sta->mgtk_key_id, 0, sta->mgtk_rsc, sizeof(sta->mgtk_rsc), sta->mgtk, sta->mgtk_len, @@ -900,7 +902,7 @@ static void mesh_mpm_plink_estab(struct wpa_supplicant *wpa_s, wpa_hexdump_key(MSG_DEBUG, "mesh: RX IGTK", sta->igtk, sta->igtk_len); wpa_drv_set_key( - wpa_s, + wpa_s, -1, wpa_cipher_to_alg(conf->mgmt_group_cipher), sta->addr, sta->igtk_key_id, 0, sta->igtk_rsc, sizeof(sta->igtk_rsc), diff --git a/wpa_supplicant/mesh_rsn.c b/wpa_supplicant/mesh_rsn.c index 65daa77c2..12dcc302d 100644 --- a/wpa_supplicant/mesh_rsn.c +++ b/wpa_supplicant/mesh_rsn.c @@ -118,7 +118,7 @@ static int auth_set_key(void *ctx, int vlan_id, enum wpa_alg alg, } wpa_hexdump_key(MSG_DEBUG, "AUTH: set_key - key", key, key_len); - return wpa_drv_set_key(mesh_rsn->wpa_s, alg, addr, idx, + return wpa_drv_set_key(mesh_rsn->wpa_s, -1, alg, addr, idx, 1, seq, 6, key, key_len, key_flag); } @@ -194,7 +194,7 @@ static int __mesh_rsn_auth_init(struct mesh_rsn *rsn, const u8 *addr, /* group mgmt */ wpa_hexdump_key(MSG_DEBUG, "mesh: Own TX IGTK", rsn->igtk, rsn->igtk_len); - wpa_drv_set_key(rsn->wpa_s, + wpa_drv_set_key(rsn->wpa_s, -1, wpa_cipher_to_alg(rsn->mgmt_group_cipher), broadcast_ether_addr, rsn->igtk_key_id, 1, @@ -205,7 +205,7 @@ static int __mesh_rsn_auth_init(struct mesh_rsn *rsn, const u8 *addr, /* group privacy / data frames */ wpa_hexdump_key(MSG_DEBUG, "mesh: Own TX MGTK", rsn->mgtk, rsn->mgtk_len); - wpa_drv_set_key(rsn->wpa_s, wpa_cipher_to_alg(rsn->group_cipher), + wpa_drv_set_key(rsn->wpa_s, -1, wpa_cipher_to_alg(rsn->group_cipher), broadcast_ether_addr, rsn->mgtk_key_id, 1, seq, sizeof(seq), rsn->mgtk, rsn->mgtk_len, KEY_FLAG_GROUP_TX_DEFAULT); diff --git a/wpa_supplicant/preauth_test.c b/wpa_supplicant/preauth_test.c index 3ae99da04..c7b6e2609 100644 --- a/wpa_supplicant/preauth_test.c +++ b/wpa_supplicant/preauth_test.c @@ -131,7 +131,7 @@ static int wpa_supplicant_get_bssid(void *wpa_s, u8 *bssid) } -static int wpa_supplicant_set_key(void *wpa_s, enum wpa_alg alg, +static int wpa_supplicant_set_key(void *wpa_s, int link_id, enum wpa_alg alg, const u8 *addr, int key_idx, int set_tx, const u8 *seq, size_t seq_len, const u8 *key, size_t key_len, diff --git a/wpa_supplicant/wpa_priv.c b/wpa_supplicant/wpa_priv.c index ff1fb6702..31a9af650 100644 --- a/wpa_supplicant/wpa_priv.c +++ b/wpa_supplicant/wpa_priv.c @@ -414,6 +414,7 @@ static void wpa_priv_cmd_set_key(struct wpa_priv_interface *iface, p.key = params->key_len ? params->key : NULL; p.key_len = params->key_len; p.key_flag = params->key_flag; + p.link_id = -1; res = iface->driver->set_key(iface->drv_priv, &p); wpa_printf(MSG_DEBUG, "drv->set_key: res=%d", res); diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c index bfdc23203..cb15feb7b 100644 --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c @@ -144,7 +144,7 @@ int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid) continue; set = 1; - wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL, + wpa_drv_set_key(wpa_s, -1, WPA_ALG_WEP, NULL, i, i == ssid->wep_tx_keyidx, NULL, 0, ssid->wep_key[i], ssid->wep_key_len[i], i == ssid->wep_tx_keyidx ? @@ -208,7 +208,7 @@ int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s, /* TODO: should actually remember the previously used seq#, both for TX * and RX from each STA.. */ - ret = wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen, + ret = wpa_drv_set_key(wpa_s, -1, alg, NULL, 0, 1, seq, 6, key, keylen, KEY_FLAG_GROUP_RX_TX_DEFAULT); os_memset(key, 0, sizeof(key)); return ret; @@ -769,18 +769,18 @@ void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr) for (i = 0; i < max; i++) { if (wpa_s->keys_cleared & BIT(i)) continue; - wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, i, 0, NULL, 0, + wpa_drv_set_key(wpa_s, -1, WPA_ALG_NONE, NULL, i, 0, NULL, 0, NULL, 0, KEY_FLAG_GROUP); } /* Pairwise Key ID 1 for Extended Key ID is tracked in bit 15 */ if (~wpa_s->keys_cleared & (BIT(0) | BIT(15)) && addr && !is_zero_ether_addr(addr)) { if (!(wpa_s->keys_cleared & BIT(0))) - wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, - 0, NULL, 0, KEY_FLAG_PAIRWISE); + wpa_drv_set_key(wpa_s, -1, WPA_ALG_NONE, addr, 0, 0, + NULL, 0, NULL, 0, KEY_FLAG_PAIRWISE); if (!(wpa_s->keys_cleared & BIT(15))) - wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 1, 0, NULL, - 0, NULL, 0, KEY_FLAG_PAIRWISE); + wpa_drv_set_key(wpa_s, -1, WPA_ALG_NONE, addr, 1, 0, + NULL, 0, NULL, 0, KEY_FLAG_PAIRWISE); /* MLME-SETPROTECTION.request(None) */ wpa_drv_mlme_setprotection( wpa_s, addr, diff --git a/wpa_supplicant/wpas_glue.c b/wpa_supplicant/wpas_glue.c index c5cfa92e5..c01b177fc 100644 --- a/wpa_supplicant/wpas_glue.c +++ b/wpa_supplicant/wpas_glue.c @@ -250,7 +250,7 @@ static int wpa_eapol_set_wep_key(void *ctx, int unicast, int keyidx, else wpa_s->group_cipher = cipher; } - return wpa_drv_set_key(wpa_s, WPA_ALG_WEP, + return wpa_drv_set_key(wpa_s, -1, WPA_ALG_WEP, unicast ? wpa_s->bssid : NULL, keyidx, unicast, NULL, 0, key, keylen, unicast ? KEY_FLAG_PAIRWISE_RX_TX : @@ -365,7 +365,7 @@ static void wpa_supplicant_eapol_cb(struct eapol_sm *eapol, wpa_hexdump_key(MSG_DEBUG, "RSN: Configure PMK for driver-based 4-way " "handshake", pmk, pmk_len); - if (wpa_drv_set_key(wpa_s, 0, NULL, 0, 0, NULL, 0, pmk, + if (wpa_drv_set_key(wpa_s, -1, 0, NULL, 0, 0, NULL, 0, pmk, pmk_len, KEY_FLAG_PMK)) { wpa_printf(MSG_DEBUG, "Failed to set PMK to the driver"); } @@ -527,7 +527,7 @@ static int wpa_supplicant_get_bssid(void *ctx, u8 *bssid) } -static int wpa_supplicant_set_key(void *_wpa_s, enum wpa_alg alg, +static int wpa_supplicant_set_key(void *_wpa_s, int link_id, enum wpa_alg alg, const u8 *addr, int key_idx, int set_tx, const u8 *seq, size_t seq_len, const u8 *key, size_t key_len, @@ -556,8 +556,8 @@ static int wpa_supplicant_set_key(void *_wpa_s, enum wpa_alg alg, wpa_s->last_tk_len = key_len; } #endif /* CONFIG_TESTING_OPTIONS */ - return wpa_drv_set_key(wpa_s, alg, addr, key_idx, set_tx, seq, seq_len, - key, key_len, key_flag); + return wpa_drv_set_key(wpa_s, link_id, alg, addr, key_idx, set_tx, seq, + seq_len, key, key_len, key_flag); } @@ -1253,7 +1253,7 @@ static int wpa_supplicant_key_mgmt_set_pmk(void *ctx, const u8 *pmk, if (wpa_s->conf->key_mgmt_offload && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_KEY_MGMT_OFFLOAD)) - return wpa_drv_set_key(wpa_s, 0, NULL, 0, 0, + return wpa_drv_set_key(wpa_s, -1, 0, NULL, 0, 0, NULL, 0, pmk, pmk_len, KEY_FLAG_PMK); else return 0; From patchwork Wed Oct 19 14:14:01 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Veerendranath Jakkam X-Patchwork-Id: 1692000 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=4QrLn2du; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=quicinc.com header.i=@quicinc.com header.a=rsa-sha256 header.s=qcppdkim1 header.b=O/dunq3i; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4MstHk10ytz23k2 for ; Thu, 20 Oct 2022 01:23:12 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:CC:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=eVAN0g5mND5rW3aJoGVNQwarq/gonn+kagmE8n79DT4=; b=4QrLn2du/UNuP2 +xHYgEdW8LMHm+I25F+AbysYE24Aofi0VXWjGYYYFSPerFscRsRMTTN5R7fC3COXyms/GO3yThOl0 3hN73ZpRECdaSkYuNZ54KvA/zNIZRCsUsedLiM2mGvt1aTq6xVVZxOWusvJg6O0xxIKlDpBLaQJaU tYl8CS83U0Zv42af/ArUa7plEnEVahFhy8sVkWqIa3MI9KrNPJJEfj+hvV1RvFM7zxw3Fs4Z5jdxO CmE6MzLKNRWRmpDBnPQneJTJf/pX8uLumRDQ1JiylpOvArjRx5k2130Jy4hrDR7cwqKEAL7yHkW+S m+dkklhjv1CmeqchevxA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1ol9xL-002kld-Hc; Wed, 19 Oct 2022 14:22:09 +0000 Received: from mx0a-0031df01.pphosted.com ([205.220.168.131]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1ol9qS-002eOM-Ic for hostap@lists.infradead.org; Wed, 19 Oct 2022 14:14:59 +0000 Received: from pps.filterd (m0279867.ppops.net [127.0.0.1]) by mx0a-0031df01.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 29J8LOCE013826 for ; Wed, 19 Oct 2022 14:14:56 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quicinc.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=qcppdkim1; bh=k29kNwLGUrNaYykT7SmNp+8YoQ3FHv/cSjlYSBEZMA8=; b=O/dunq3iU4DrC6dtXkxDpgpXB47OpmZ9KuRj4QLfzmmw6Zy94eB735DDGLwRRgCNbjPC F6Ezbd/iwRTPdJPiZuGpfLerEssAKHSugvna4tWogmwEU+jH7Ib8DDXMigvyezQH9Ww0 zhydKRlylYLOc93O0R1Z/3GqSGmEk4HkjeNNDWluTCxUXvx7vCjLykwEz3WsXT4hsqJB CCSvK1as8KROFtb7h0s4OccTx8H76McpPpAltvj8kP8/Rf90cbqLHa1qizKV0sVHFrM/ 4qsYhQEHHFHobgU7q3iDPU7DZsXBML+NKzD/JNL+yzy6+HB3Dv8vyqnDYvzdND7D3jI2 Bw== Received: from nalasppmta03.qualcomm.com (Global_NAT1.qualcomm.com [129.46.96.20]) by mx0a-0031df01.pphosted.com (PPS) with ESMTPS id 3ka4252pde-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 19 Oct 2022 14:14:56 +0000 Received: from nalasex01a.na.qualcomm.com (nalasex01a.na.qualcomm.com [10.47.209.196]) by NALASPPMTA03.qualcomm.com (8.17.1.5/8.17.1.5) with ESMTPS id 29JEEtjA028051 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 19 Oct 2022 14:14:55 GMT Received: from cnss-mw-linux.qualcomm.com (10.80.80.8) by nalasex01a.na.qualcomm.com (10.47.209.196) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.29; Wed, 19 Oct 2022 07:14:53 -0700 From: Veerendranath Jakkam To: CC: Subject: [PATCH v3 13/21] MLD STA: Add support for processing EAPOL 3/4 frame Date: Wed, 19 Oct 2022 19:44:01 +0530 Message-ID: <20221019141409.535582-14-quic_vjakkam@quicinc.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20221019141409.535582-1-quic_vjakkam@quicinc.com> References: <20221019141409.535582-1-quic_vjakkam@quicinc.com> MIME-Version: 1.0 X-Originating-IP: [10.80.80.8] X-ClientProxiedBy: nasanex01b.na.qualcomm.com (10.46.141.250) To nalasex01a.na.qualcomm.com (10.47.209.196) X-QCInternal: smtphost X-Proofpoint-Virus-Version: vendor=nai engine=6200 definitions=5800 signatures=585085 X-Proofpoint-GUID: IFwPqRZzpWaaN-TYp0T2_N1Jas9fbVLF X-Proofpoint-ORIG-GUID: IFwPqRZzpWaaN-TYp0T2_N1Jas9fbVLF X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.545,FMLib:17.11.122.1 definitions=2022-10-19_08,2022-10-19_03,2022-06-22_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 impostorscore=0 mlxscore=0 bulkscore=0 malwarescore=0 priorityscore=1501 clxscore=1015 spamscore=0 mlxlogscore=999 suspectscore=0 lowpriorityscore=0 phishscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2209130000 definitions=main-2210190080 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20221019_071456_660602_C08BF812 X-CRM114-Status: GOOD ( 29.58 ) X-Spam-Score: -0.9 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Process EAPOL 3/4 frame and configure PTK and per-link GTK/IGTK/BIGTK keys to driver. Signed-off-by: Veerendranath Jakkam --- src/rsn_supp/wpa.c | 453 ++++++++++++++++++++++++++++++++++++++++++- src/rsn_supp/wpa_i.h | 6 + 2 files changed, 457 insertions(+), 2 [...] Content analysis details: (-0.9 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/, low trust [205.220.168.131 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Process EAPOL 3/4 frame and configure PTK and per-link GTK/IGTK/BIGTK keys to driver. Signed-off-by: Veerendranath Jakkam --- src/rsn_supp/wpa.c | 453 ++++++++++++++++++++++++++++++++++++++++++- src/rsn_supp/wpa_i.h | 6 + 2 files changed, 457 insertions(+), 2 deletions(-) diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c index 269da766b..edcfde604 100644 --- a/src/rsn_supp/wpa.c +++ b/src/rsn_supp/wpa.c @@ -1216,6 +1216,55 @@ static int wpa_supplicant_install_gtk(struct wpa_sm *sm, } +static int wpa_supplicant_install_mlo_gtk(struct wpa_sm *sm, u8 link_id, + const struct wpa_gtk_data *gd, + const u8 *key_rsc, int wnm_sleep) +{ + const u8 *gtk = gd->gtk; + + /* Detect possible key reinstallation */ + if ((sm->mlo.links[link_id].gtk.gtk_len == (size_t) gd->gtk_len && + os_memcmp(sm->mlo.links[link_id].gtk.gtk, gd->gtk, + sm->mlo.links[link_id].gtk.gtk_len) == 0) || + (sm->mlo.links[link_id].gtk_wnm_sleep.gtk_len == + (size_t) gd->gtk_len && + os_memcmp(sm->mlo.links[link_id].gtk_wnm_sleep.gtk, gd->gtk, + sm->mlo.links[link_id].gtk_wnm_sleep.gtk_len) == 0)) { + wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, + "RSN: Not reinstalling already in-use GTK to the driver (link_id=%d keyidx=%d tx=%d len=%d)", + link_id, gd->keyidx, gd->tx, gd->gtk_len); + return 0; + } + + wpa_hexdump_link_key(MSG_DEBUG, link_id, "RSN: Group Key", gd->gtk, + gd->gtk_len); + wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, + "RSN: Installing GTK to the driver (link_id=%d keyidx=%d tx=%d len=%d)", + link_id, gd->keyidx, gd->tx, gd->gtk_len); + wpa_hexdump_link(MSG_DEBUG, link_id, "RSN: RSC", key_rsc, gd->key_rsc_len); + if (wpa_sm_set_key(sm, link_id, gd->alg, broadcast_ether_addr, + gd->keyidx, gd->tx, key_rsc, gd->key_rsc_len, gtk, + gd->gtk_len, KEY_FLAG_GROUP_RX) < 0) { + wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, + "RSN: Failed to set GTK to the driver (link_id=%d alg=%d keylen=%d keyidx=%d)", + link_id, gd->alg, gd->gtk_len, gd->keyidx); + return -1; + } + + if (wnm_sleep) { + sm->mlo.links[link_id].gtk_wnm_sleep.gtk_len = gd->gtk_len; + os_memcpy(sm->mlo.links[link_id].gtk_wnm_sleep.gtk, gd->gtk, + sm->mlo.links[link_id].gtk_wnm_sleep.gtk_len); + } else { + sm->mlo.links[link_id].gtk.gtk_len = gd->gtk_len; + os_memcpy(sm->mlo.links[link_id].gtk.gtk, gd->gtk, + sm->mlo.links[link_id].gtk.gtk_len); + } + + return 0; +} + + static int wpa_supplicant_gtk_tx_bit_workaround(const struct wpa_sm *sm, int tx) { @@ -1264,6 +1313,84 @@ static int wpa_supplicant_rsc_relaxation(const struct wpa_sm *sm, } +static int wpa_supplicant_mlo_gtk(struct wpa_sm *sm, u8 link_id, const u8 *gtk, + size_t gtk_len, int key_info) +{ + struct wpa_gtk_data gd; + const u8 *key_rsc; + int ret; + + /* + * MLO GTK KDE format: + * KeyID[bits 0-1], Tx [bit 2], Reserved [bit 3], link id [4-7] + * PN + * GTK + */ + os_memset(&gd, 0, sizeof(gd)); + wpa_hexdump_link_key(MSG_DEBUG, link_id, + "RSN: received GTK in pairwise handshake", gtk, + gtk_len); + + if (gtk_len < RSN_MLO_GTK_KDE_PREFIX_LENGTH || + gtk_len - RSN_MLO_GTK_KDE_PREFIX_LENGTH > sizeof(gd.gtk)) + return -1; + + gd.keyidx = gtk[0] & 0x3; + gtk += 1; + gtk_len -= 1; + + key_rsc = gtk; + + gtk += 6; + gtk_len -= 6; + + os_memcpy(gd.gtk, gtk, gtk_len); + gd.gtk_len = gtk_len; + + ret = 0; + if (wpa_supplicant_check_group_cipher(sm, sm->group_cipher, gtk_len, + gtk_len, &gd.key_rsc_len, + &gd.alg) || + wpa_supplicant_install_mlo_gtk(sm, link_id, &gd, key_rsc, 0)) { + wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, + "RSN: Failed to install GTK for MLO Link ID %u", + link_id); + ret = -1; + goto out; + } + +out: + forced_memzero(&gd, sizeof(gd)); + return ret; +} + + +static int wpa_supplicant_pairwise_mlo_gtk(struct wpa_sm *sm, + const struct wpa_eapol_key *key, + struct wpa_eapol_ie_parse *ie, + int key_info) +{ + u8 i; + + for (i = 0; i < MAX_NUM_MLO_LINKS; i++) { + if (!(sm->mlo.valid_links & BIT(i))) + continue; + + if (!ie->mlo_gtk[i]) { + wpa_msg(sm->ctx->msg_ctx, MSG_ERROR, + "MLO RSN: GTK not found for link ID %u", i); + return -1; + } + + if (wpa_supplicant_mlo_gtk(sm, i, ie->mlo_gtk[i], + ie->mlo_gtk_len[i], key_info)) + return -1; + } + + return 0; +} + + static int wpa_supplicant_pairwise_gtk(struct wpa_sm *sm, const struct wpa_eapol_key *key, const u8 *gtk, size_t gtk_len, @@ -1434,6 +1561,176 @@ static int wpa_supplicant_install_bigtk(struct wpa_sm *sm, return 0; } +static int wpa_supplicant_install_mlo_igtk(struct wpa_sm *sm, u8 link_id, + const struct rsn_mlo_igtk_kde *igtk, + int wnm_sleep) +{ + size_t len = wpa_cipher_key_len(sm->mgmt_group_cipher); + u16 keyidx = WPA_GET_LE16(igtk->keyid); + + /* Detect possible key reinstallation */ + if ((sm->mlo.links[link_id].igtk.igtk_len == len && + os_memcmp(sm->mlo.links[link_id].igtk.igtk, igtk->igtk, + sm->mlo.links[link_id].igtk.igtk_len) == 0) || + (sm->mlo.links[link_id].igtk_wnm_sleep.igtk_len == len && + os_memcmp(sm->mlo.links[link_id].igtk_wnm_sleep.igtk, igtk->igtk, + sm->mlo.links[link_id].igtk_wnm_sleep.igtk_len) == 0)) { + wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, + "RSN: Not reinstalling already in-use IGTK to the driver (link_id=%d keyidx=%d)", + link_id, keyidx); + return 0; + } + + wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, + "RSN: MLO Link %u IGTK keyid %d pn " COMPACT_MACSTR, + link_id, keyidx, MAC2STR(igtk->pn)); + wpa_hexdump_link_key(MSG_DEBUG, link_id, "RSN: IGTK", igtk->igtk, len); + if (keyidx > 4095) { + wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, + "RSN: Invalid MLO Link %d IGTK KeyID %d", link_id, + keyidx); + return -1; + } + if (wpa_sm_set_key(sm, link_id, + wpa_cipher_to_alg(sm->mgmt_group_cipher), + broadcast_ether_addr, keyidx, 0, igtk->pn, + sizeof(igtk->pn), igtk->igtk, len, + KEY_FLAG_GROUP_RX) < 0) { + wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, + "RSN: Failed to configure MLO Link %d IGTK to the driver", + link_id); + return -1; + } + + if (wnm_sleep) { + sm->mlo.links[link_id].igtk_wnm_sleep.igtk_len = len; + os_memcpy(sm->mlo.links[link_id].igtk_wnm_sleep.igtk, + igtk->igtk, + sm->mlo.links[link_id].igtk_wnm_sleep.igtk_len); + } else { + sm->mlo.links[link_id].igtk.igtk_len = len; + os_memcpy(sm->mlo.links[link_id].igtk.igtk, igtk->igtk, + sm->mlo.links[link_id].igtk.igtk_len); + } + + return 0; +} + + +static int +wpa_supplicant_install_mlo_bigtk(struct wpa_sm *sm, u8 link_id, + const struct rsn_mlo_bigtk_kde *bigtk, + int wnm_sleep) +{ + size_t len = wpa_cipher_key_len(sm->mgmt_group_cipher); + u16 keyidx = WPA_GET_LE16(bigtk->keyid); + + /* Detect possible key reinstallation */ + if ((sm->mlo.links[link_id].bigtk.bigtk_len == len && + os_memcmp(sm->mlo.links[link_id].bigtk.bigtk, bigtk->bigtk, + sm->mlo.links[link_id].bigtk.bigtk_len) == 0) || + (sm->mlo.links[link_id].bigtk_wnm_sleep.bigtk_len == len && + os_memcmp(sm->mlo.links[link_id].bigtk_wnm_sleep.bigtk, + bigtk->bigtk, + sm->mlo.links[link_id].bigtk_wnm_sleep.bigtk_len) + == 0)) { + wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, + "RSN: Not reinstalling already in-use BIGTK to the driver (link_id=%d keyidx=%d)", + link_id, keyidx); + return 0; + } + + wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, + "RSN: MLO Link %u BIGTK keyid %d pn " COMPACT_MACSTR, + link_id, keyidx, MAC2STR(bigtk->pn)); + wpa_hexdump_link_key(MSG_DEBUG, link_id, "RSN: BIGTK", bigtk->bigtk, + len); + if (keyidx < 6 || keyidx > 7) { + wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, + "WPA: Invalid MLO Link %d BIGTK KeyID %d", link_id, + keyidx); + return -1; + } + if (wpa_sm_set_key(sm, link_id, + wpa_cipher_to_alg(sm->mgmt_group_cipher), + broadcast_ether_addr, keyidx, 0, bigtk->pn, + sizeof(bigtk->pn), bigtk->bigtk, len, + KEY_FLAG_GROUP_RX) < 0) { + wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, + "RSN: Failed to configure MLO Link %d BIGTK to the driver", + link_id); + return -1; + } + + if (wnm_sleep) { + sm->mlo.links[link_id].bigtk_wnm_sleep.bigtk_len = len; + os_memcpy(sm->mlo.links[link_id].bigtk_wnm_sleep.bigtk, + bigtk->bigtk, + sm->mlo.links[link_id].bigtk_wnm_sleep.bigtk_len); + } else { + sm->mlo.links[link_id].bigtk.bigtk_len = len; + os_memcpy(sm->mlo.links[link_id].bigtk.bigtk, bigtk->bigtk, + sm->mlo.links[link_id].bigtk.bigtk_len); + } + + return 0; +} + + +static int _mlo_ieee80211w_set_keys(struct wpa_sm *sm, u8 link_id, + struct wpa_eapol_ie_parse *ie) +{ + size_t len; + + if (!wpa_cipher_valid_mgmt_group(sm->mgmt_group_cipher)) + return 0; + + if (ie->mlo_igtk[link_id]) { + len = wpa_cipher_key_len(sm->mgmt_group_cipher); + if (ie->mlo_igtk_len[link_id] != + (RSN_MLO_IGTK_KDE_PREFIX_LENGTH + len)) + return -1; + + if (wpa_supplicant_install_mlo_igtk( + sm, link_id, + (const struct rsn_mlo_igtk_kde *) ie->mlo_igtk[link_id], + 0) < 0) + return -1; + } + + if (ie->mlo_bigtk[link_id] && sm->beacon_prot) { + len = wpa_cipher_key_len(sm->mgmt_group_cipher); + if (ie->mlo_bigtk_len[link_id] != + (RSN_MLO_BIGTK_KDE_PREFIX_LENGTH + len)) + return -1; + + if (wpa_supplicant_install_mlo_bigtk( + sm, link_id, + (const struct rsn_mlo_bigtk_kde *) ie->mlo_bigtk[link_id], + 0) < 0) + return -1; + } + + return 0; +} + + +static int mlo_ieee80211w_set_keys(struct wpa_sm *sm, + struct wpa_eapol_ie_parse *ie) +{ + u8 i; + + for (i = 0; i < MAX_NUM_MLO_LINKS; i++) { + if (!(sm->mlo.valid_links & BIT(i))) + continue; + + if (_mlo_ieee80211w_set_keys(sm, i, ie)) + return -1; + } + + return 0; +} + static int ieee80211w_set_keys(struct wpa_sm *sm, struct wpa_eapol_ie_parse *ie) @@ -1795,6 +2092,130 @@ int wpa_supplicant_send_4_of_4(struct wpa_sm *sm, const unsigned char *dst, } +static void wpa_supplicant_process_mlo_3_of_4(struct wpa_sm *sm, + const struct wpa_eapol_key *key, + u16 ver, const u8 *key_data, + size_t key_data_len) +{ + u16 key_info, keylen; + struct wpa_eapol_ie_parse ie; + int res; + + wpa_sm_set_state(sm, WPA_4WAY_HANDSHAKE); + wpa_dbg(sm->ctx->msg_ctx, MSG_INFO, "RSN MLO: RX message 3 of 4-Way " + "Handshake from " MACSTR " (ver=%d)", MAC2STR(sm->bssid), ver); + + key_info = WPA_GET_BE16(key->key_info); + + wpa_hexdump(MSG_DEBUG, "RSN MLO: IE KeyData", key_data, key_data_len); + if (wpa_supplicant_parse_ies(key_data, key_data_len, &ie) < 0) + goto failed; + + if (!ie.valid_mlo_gtks) { + wpa_msg(sm->ctx->msg_ctx, MSG_INFO, + "MLO RSN: No GTK KDE included in EAPOL-Key msg 3/4"); + goto failed; + } + if ((key_info & + (WPA_KEY_INFO_ENCR_KEY_DATA | WPA_KEY_INFO_INSTALL | + WPA_KEY_INFO_SECURE)) != + (WPA_KEY_INFO_ENCR_KEY_DATA | WPA_KEY_INFO_INSTALL | + WPA_KEY_INFO_SECURE)) { + wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, + "RSN MLO: Invalid key info in EAPOL-Key msg 3/4"); + goto failed; + } + +#ifdef CONFIG_IEEE80211R + if (wpa_key_mgmt_ft(sm->key_mgmt) && + wpa_supplicant_validate_ie_ft(sm, sm->bssid, &ie) < 0) + goto failed; +#endif /* CONFIG_IEEE80211R */ + + if (os_memcmp(sm->anonce, key->key_nonce, WPA_NONCE_LEN) != 0) { + wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, + "RSN MLO: ANonce from message 1 of 4-Way Handshake " + "differs from 3 of 4-Way Handshake - drop packet (src=" + MACSTR ")", MAC2STR(sm->bssid)); + goto failed; + } + + keylen = WPA_GET_BE16(key->key_length); + if (keylen != wpa_cipher_key_len(sm->pairwise_cipher)) { + wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, + "RSN MLO: Invalid %s key length %d (src=" MACSTR")", + wpa_cipher_txt(sm->pairwise_cipher), keylen, + MAC2STR(sm->bssid)); + goto failed; + } + + if (wpa_supplicant_send_4_of_4(sm, sm->bssid, key, ver, key_info, + &sm->ptk) < 0) + goto failed; + + /* SNonce was successfully used in msg 3/4, so mark it to be renewed + * for the next 4-Way Handshake. If msg 3 is received again, the old + * SNonce will still be used to avoid changing PTK. */ + sm->renew_snonce = 1; + + + if (sm->use_ext_key_id) + res = wpa_supplicant_activate_ptk(sm); + else + res = wpa_supplicant_install_ptk(sm, key, KEY_FLAG_RX_TX); + if (res) + goto failed; + + wpa_sm_mlme_setprotection(sm, sm->bssid, + MLME_SETPROTECTION_PROTECT_TYPE_RX, + MLME_SETPROTECTION_KEY_TYPE_PAIRWISE); + eapol_sm_notify_portValid(sm->eapol, true); + + wpa_sm_set_state(sm, WPA_GROUP_HANDSHAKE); + + if (wpa_supplicant_pairwise_mlo_gtk(sm, key, &ie, key_info) < 0) { + wpa_msg(sm->ctx->msg_ctx, MSG_INFO, + "MLO RSN: Failed to configure MLO GTKs"); + goto failed; + } + + if (mlo_ieee80211w_set_keys(sm, &ie) < 0) { + wpa_msg(sm->ctx->msg_ctx, MSG_INFO, + "MLO RSN: Failed to configure IGTK"); + goto failed; + } + + wpa_supplicant_key_neg_complete(sm, sm->bssid, + key_info & WPA_KEY_INFO_SECURE); + wpa_sm_set_rekey_offload(sm); + + /* Add PMKSA cache entry for Suite B AKMs here since PMKID can be + * calculated only after KCK has been derived. Though, do not replace an + * existing PMKSA entry after each 4-way handshake (i.e., new KCK/PMKID) + * to avoid unnecessary changes of PMKID while continuing to use the + * same PMK. */ + if (sm->proto == WPA_PROTO_RSN && wpa_key_mgmt_suite_b(sm->key_mgmt) && + !sm->cur_pmksa) { + struct rsn_pmksa_cache_entry *sa; + + sa = pmksa_cache_add(sm->pmksa, sm->pmk, sm->pmk_len, NULL, + sm->ptk.kck, sm->ptk.kck_len, + wpa_sm_get_auth_addr(sm), sm->own_addr, + sm->network_ctx, sm->key_mgmt, NULL); + if (!sm->cur_pmksa) + sm->cur_pmksa = sa; + } + + if (ie.transition_disable) + wpa_sm_transition_disable(sm, ie.transition_disable[0]); + sm->msg_3_of_4_ok = 1; + return; + +failed: + wpa_sm_deauthenticate(sm, WLAN_REASON_UNSPECIFIED); +} + + static void wpa_supplicant_process_3_of_4(struct wpa_sm *sm, const struct wpa_eapol_key *key, u16 ver, const u8 *key_data, @@ -2857,8 +3278,13 @@ int wpa_sm_rx_eapol(struct wpa_sm *sm, const u8 *src_addr, if (key_info & (WPA_KEY_INFO_MIC | WPA_KEY_INFO_ENCR_KEY_DATA)) { /* 3/4 4-Way Handshake */ - wpa_supplicant_process_3_of_4(sm, key, ver, key_data, - key_data_len); + if (sm->mlo.valid_links) + wpa_supplicant_process_mlo_3_of_4( + sm, key, ver, key_data, key_data_len); + else + wpa_supplicant_process_3_of_4(sm, key, ver, + key_data, + key_data_len); } else { /* 1/4 4-Way Handshake */ wpa_supplicant_process_1_of_4(sm, src_addr, key, @@ -3155,6 +3581,7 @@ void wpa_sm_deinit(struct wpa_sm *sm) void wpa_sm_notify_assoc(struct wpa_sm *sm, const u8 *bssid) { int clear_keys = 1; + int i; if (sm == NULL) return; @@ -3212,6 +3639,16 @@ void wpa_sm_notify_assoc(struct wpa_sm *sm, const u8 *bssid) os_memset(&sm->igtk, 0, sizeof(sm->igtk)); os_memset(&sm->igtk_wnm_sleep, 0, sizeof(sm->igtk_wnm_sleep)); sm->tk_set = false; + for (i = 0; i < MAX_NUM_MLD_LINKS; i++) { + os_memset(&sm->mlo.links[i].gtk, 0, + sizeof(sm->mlo.links[i].gtk)); + os_memset(&sm->mlo.links[i].gtk_wnm_sleep, 0, + sizeof(sm->mlo.links[i].gtk_wnm_sleep)); + os_memset(&sm->mlo.links[i].igtk, 0, + sizeof(sm->mlo.links[i].igtk)); + os_memset(&sm->mlo.links[i].igtk_wnm_sleep, 0, + sizeof(sm->mlo.links[i].igtk_wnm_sleep)); + } } #ifdef CONFIG_TDLS @@ -4064,6 +4501,8 @@ struct rsn_pmksa_cache_entry * wpa_sm_pmksa_cache_get(struct wpa_sm *sm, void wpa_sm_drop_sa(struct wpa_sm *sm) { + int i; + wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "WPA: Clear old PMK and PTK"); sm->ptk_set = 0; sm->tptk_set = 0; @@ -4076,6 +4515,16 @@ void wpa_sm_drop_sa(struct wpa_sm *sm) os_memset(&sm->gtk_wnm_sleep, 0, sizeof(sm->gtk_wnm_sleep)); os_memset(&sm->igtk, 0, sizeof(sm->igtk)); os_memset(&sm->igtk_wnm_sleep, 0, sizeof(sm->igtk_wnm_sleep)); + for (i = 0; i < MAX_NUM_MLD_LINKS; i++) { + os_memset(&sm->mlo.links[i].gtk, 0, + sizeof(sm->mlo.links[i].gtk)); + os_memset(&sm->mlo.links[i].gtk_wnm_sleep, 0, + sizeof(sm->mlo.links[i].gtk_wnm_sleep)); + os_memset(&sm->mlo.links[i].igtk, 0, + sizeof(sm->mlo.links[i].igtk)); + os_memset(&sm->mlo.links[i].igtk_wnm_sleep, 0, + sizeof(sm->mlo.links[i].igtk_wnm_sleep)); + } #ifdef CONFIG_IEEE80211R os_memset(sm->xxkey, 0, sizeof(sm->xxkey)); sm->xxkey_len = 0; diff --git a/src/rsn_supp/wpa_i.h b/src/rsn_supp/wpa_i.h index ac10eae71..534e4eae9 100644 --- a/src/rsn_supp/wpa_i.h +++ b/src/rsn_supp/wpa_i.h @@ -24,6 +24,12 @@ struct wpa_sm_link { u8 bssid[ETH_ALEN]; u8 *ap_rsne, *ap_rsnxe; size_t ap_rsne_len, ap_rsnxe_len; + struct wpa_gtk gtk; + struct wpa_gtk gtk_wnm_sleep; + struct wpa_igtk igtk; + struct wpa_igtk igtk_wnm_sleep; + struct wpa_bigtk bigtk; + struct wpa_bigtk bigtk_wnm_sleep; } links[MAX_NUM_MLD_LINKS]; struct wpa_sm_mlo { From patchwork Wed Oct 19 14:14:02 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Veerendranath Jakkam X-Patchwork-Id: 1692001 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=R/3tfdqS; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=quicinc.com header.i=@quicinc.com header.a=rsa-sha256 header.s=qcppdkim1 header.b=E74CQX4R; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4MstJl3LDYz23k2 for ; Thu, 20 Oct 2022 01:24:07 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:CC:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=+68kJ1MN5F2p907tp0pf1yqaM91dqAfxSlLuZyZ48i4=; b=R/3tfdqSu//2UM 4hMays1alFH2Cob85EHYSR27CDgCzctE1ZqrUoOAQl654gkF2Ev+JNejWqT6G7Fc6h4tSo8NEOYq0 /vxoS+nav6jtUHNhaxhEtSDu9ey1OkLwnyFltlhUoOxb1jwDuAGBjXB+YTcYJlJH6MkDXhbQN9f6k w6WWF2NmHq8eVKAk3xCBjycQ7YBgvYQIQ7bzMjaGMoD79dD3KHmtrI8PGCqx5oziQFmspR62H6jRq rUbt9vmW25R/0BsaVwCkRttxDIb9PZEVhi+q7DT0lZalSgToYHMYYzOatARR/FsUdk4Gzj//HLFOY 42EhwgFpBGd7RBmtT1Uw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1ol9yV-002lUA-In; Wed, 19 Oct 2022 14:23:15 +0000 Received: from mx0a-0031df01.pphosted.com ([205.220.168.131]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1ol9qT-002eOm-Rl for hostap@lists.infradead.org; Wed, 19 Oct 2022 14:14:59 +0000 Received: from pps.filterd (m0279867.ppops.net [127.0.0.1]) by mx0a-0031df01.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 29J8LOCF013826 for ; Wed, 19 Oct 2022 14:14:57 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quicinc.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=qcppdkim1; bh=IbP2HBhfKCIEhzx7su0zAwYSDeg9UFluxo7rpEL/Rnw=; b=E74CQX4RvFh4slJDiVYO3p2zx3cTia0YJg1waWeZa+wTe8suApDN1tQat6Wvn5Jn3L9q hMpHtoCknSGmpEamOFmq9M9Xq+qIkmZQIZYH4UTs5IZAH3e2eCqbxkNV0WAzmHAabRI8 s/pa6RNE6qXo/pk3oXj1MKQuoVz8hjWd8LlggAdcMUpNTBMJm7vkw8BecXuwukidkqdW onqecniitiUp5TiaIQaFgkUEb7dHu14gONF68gckMlWHzpgG8Yw8yYXlieE8PNcD2+1G hvCk3VE6WyXPxk52KmcAA3qOIMZV9SCCIT8C3idOUPGZzZobh+abd62RkBZp/O+6OH8r 5w== Received: from nalasppmta01.qualcomm.com (Global_NAT1.qualcomm.com [129.46.96.20]) by mx0a-0031df01.pphosted.com (PPS) with ESMTPS id 3ka4252pdj-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 19 Oct 2022 14:14:57 +0000 Received: from nalasex01a.na.qualcomm.com (nalasex01a.na.qualcomm.com [10.47.209.196]) by NALASPPMTA01.qualcomm.com (8.17.1.5/8.17.1.5) with ESMTPS id 29JEEuqP009127 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 19 Oct 2022 14:14:57 GMT Received: from cnss-mw-linux.qualcomm.com (10.80.80.8) by nalasex01a.na.qualcomm.com (10.47.209.196) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.29; Wed, 19 Oct 2022 07:14:55 -0700 From: Veerendranath Jakkam To: CC: Subject: [PATCH v3 14/21] MLD STA: Add support for validating MLO KDEs for 4WHS EAPOL frames Date: Wed, 19 Oct 2022 19:44:02 +0530 Message-ID: <20221019141409.535582-15-quic_vjakkam@quicinc.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20221019141409.535582-1-quic_vjakkam@quicinc.com> References: <20221019141409.535582-1-quic_vjakkam@quicinc.com> MIME-Version: 1.0 X-Originating-IP: [10.80.80.8] X-ClientProxiedBy: nasanex01b.na.qualcomm.com (10.46.141.250) To nalasex01a.na.qualcomm.com (10.47.209.196) X-QCInternal: smtphost X-Proofpoint-Virus-Version: vendor=nai engine=6200 definitions=5800 signatures=585085 X-Proofpoint-GUID: 3yz4yQedF5-h2_KZwbKLSwJtJU6EWBc2 X-Proofpoint-ORIG-GUID: 3yz4yQedF5-h2_KZwbKLSwJtJU6EWBc2 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.545,FMLib:17.11.122.1 definitions=2022-10-19_08,2022-10-19_03,2022-06-22_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 impostorscore=0 mlxscore=0 bulkscore=0 malwarescore=0 priorityscore=1501 clxscore=1015 spamscore=0 mlxlogscore=999 suspectscore=0 lowpriorityscore=0 phishscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2209130000 definitions=main-2210190080 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20221019_071457_939945_86CA1DB8 X-CRM114-Status: GOOD ( 25.05 ) X-Spam-Score: -0.9 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Validate new KDEs defined for MLO connection in EAPOL 1/4 and 3/4 and reject the Four-Way handshake frames if any of the new KDE data is not matching expected key data. Signed-off-by: Veerendranath Jakkam --- src/rsn_supp/wpa.c | 171 ++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 170 insertions(+), 1 deletion(-) Content analysis details: (-0.9 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/, low trust [205.220.168.131 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Validate new KDEs defined for MLO connection in EAPOL 1/4 and 3/4 and reject the Four-Way handshake frames if any of the new KDE data is not matching expected key data. Signed-off-by: Veerendranath Jakkam --- src/rsn_supp/wpa.c | 171 ++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 170 insertions(+), 1 deletion(-) diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c index edcfde604..38eac8104 100644 --- a/src/rsn_supp/wpa.c +++ b/src/rsn_supp/wpa.c @@ -734,6 +734,13 @@ static u8 *wpa_mlo_link_kde(struct wpa_sm *sm, u8 *pos) return pos; } + +static bool is_valid_ap_mld_mac_kde(struct wpa_sm *sm, const u8 *mac_kde) +{ + return mac_kde && !os_memcmp(mac_kde, sm->mlo.ap_mld_addr, ETH_ALEN); +} + + static void wpa_supplicant_process_1_of_4(struct wpa_sm *sm, const unsigned char *src_addr, const struct wpa_eapol_key *key, @@ -789,6 +796,12 @@ static void wpa_supplicant_process_1_of_4(struct wpa_sm *sm, } } + if (sm->mlo.valid_links && !is_valid_ap_mld_mac_kde(sm, ie.mac_addr)) { + wpa_printf(MSG_INFO, + "RSN: Discard EAPOL-Key msg 1/4 with invalid AP MLD MAC address KDE"); + return; + } + res = wpa_supplicant_get_pmk(sm, src_addr, ie.pmkid); if (res == -2) { wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "RSN: Do not reply to " @@ -2092,6 +2105,133 @@ int wpa_supplicant_send_4_of_4(struct wpa_sm *sm, const unsigned char *dst, } +static int wpa_supplicant_validate_link_kde(struct wpa_sm *sm, + u8 link_id, + const u8 *link_kde, + size_t link_kde_len) +{ + size_t rsne_len = 0, rsnxe_len = 0; + const u8 *rsne = NULL, *rsnxe = NULL; + + if (!link_kde) { + wpa_msg(sm->ctx->msg_ctx, MSG_ERROR, + "RSN: MLO Link KDE is not found for link ID %d", + link_id); + return -1; + } + + if (os_memcmp(sm->mlo.links[link_id].bssid, + &link_kde[RSN_MLO_LINK_KDE_LINK_MAC_INDEX], ETH_ALEN)) { + wpa_msg(sm->ctx->msg_ctx, MSG_ERROR, + "RSN: MLO Link %u MAC address not matching with assoc response", + link_id); + return -1; + } + + if (link_kde[0] & RSN_MLO_LINK_KDE_LI_RSNE_INFO) { + rsne = link_kde + RSN_MLO_LINK_KDE_FIXED_LENGTH; + if (link_kde_len < (RSN_MLO_LINK_KDE_FIXED_LENGTH + 2) || + link_kde_len < + (RSN_MLO_LINK_KDE_FIXED_LENGTH + 2 + rsne[1])) + return -1; + + rsne_len = rsne[1] + 2; + } + + if (!rsne) { + wpa_msg(sm->ctx->msg_ctx, MSG_ERROR, + "RSN: RSNE not present in MLO Link %u KDE", + link_id); + return -1; + } + + if (link_kde[0] & RSN_MLO_LINK_KDE_LI_RSNXE_INFO) { + rsnxe = link_kde + RSN_MLO_LINK_KDE_FIXED_LENGTH + rsne_len; + if (link_kde_len < + (RSN_MLO_LINK_KDE_FIXED_LENGTH + rsne_len + 2) || + link_kde_len < + (RSN_MLO_LINK_KDE_FIXED_LENGTH + rsne_len + 2 + rsnxe[1])) + return -1; + + rsnxe_len = rsnxe[1] + 2; + } + + if (wpa_compare_rsn_ie(wpa_key_mgmt_ft(sm->key_mgmt), + sm->mlo.links[link_id].ap_rsne, + sm->mlo.links[link_id].ap_rsne_len, + rsne, rsne_len)) { + wpa_msg(sm->ctx->msg_ctx, MSG_ERROR, + "RSN MLO: IE in 3/4 msg does not match with IE in Beacon/ProbeResp for link ID %u", + link_id); + wpa_hexdump(MSG_INFO, "RSNE in Beacon/ProbeResp", + sm->mlo.links[link_id].ap_rsne, + sm->mlo.links[link_id].ap_rsne_len); + wpa_hexdump(MSG_INFO, "RSNE in EAPOL-Key msg 3/4", + rsne, rsne_len); + return -1; + } + + if ((sm->mlo.links[link_id].ap_rsnxe && !rsnxe) || + (!sm->mlo.links[link_id].ap_rsnxe && rsnxe) || + (sm->mlo.links[link_id].ap_rsnxe && rsnxe && + (sm->mlo.links[link_id].ap_rsnxe_len != rsnxe_len || + os_memcmp(sm->mlo.links[link_id].ap_rsnxe, rsnxe, + sm->mlo.links[link_id].ap_rsnxe_len) != 0))) { + wpa_msg(sm->ctx->msg_ctx, MSG_INFO, + "RSN MLO: RSNXE mismatch between Beacon/ProbeResp and EAPOL-Key msg 3/4 for link ID %u", + link_id); + wpa_hexdump(MSG_INFO, "RSNXE in Beacon/ProbeResp", + sm->mlo.links[link_id].ap_rsnxe, + sm->mlo.links[link_id].ap_rsnxe_len); + wpa_hexdump(MSG_INFO, "RSNXE in EAPOL-Key msg 3/4", + rsnxe, rsnxe_len); + wpa_sm_deauthenticate(sm, WLAN_REASON_IE_IN_4WAY_DIFFERS); + return -1; + } + + return 0; +} + + +static int wpa_validate_mlo_ieee80211w_kdes(struct wpa_sm *sm, + u8 link_id, + struct wpa_eapol_ie_parse *ie) +{ + if (!ie->mlo_igtk[link_id]) { + wpa_msg(sm->ctx->msg_ctx, MSG_ERROR, + "RSN: IGTK not found for link ID %u", link_id); + return -1; + } + + if (ie->mlo_igtk_len[link_id] != RSN_MLO_IGTK_KDE_PREFIX_LENGTH + + (unsigned int) wpa_cipher_key_len(sm->mgmt_group_cipher)) { + wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, + "WPA MLO: Invalid IGTK KDE length %lu for link ID %u", + (unsigned long) ie->mlo_igtk_len, link_id); + return -1; + } + + if (!sm->beacon_prot) + return 0; + + if (!ie->mlo_bigtk[link_id]) { + wpa_msg(sm->ctx->msg_ctx, MSG_ERROR, + "RSN: BIGTK not found for link ID %u", link_id); + return -1; + } + + if (ie->mlo_bigtk_len[link_id] != RSN_MLO_BIGTK_KDE_PREFIX_LENGTH + + (unsigned int) wpa_cipher_key_len(sm->mgmt_group_cipher)) { + wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, + "WPA MLO: Invalid BIGTK KDE length %lu for link ID %u", + (unsigned long) ie->mlo_bigtk_len, link_id); + return -1; + } + + return 0; +} + + static void wpa_supplicant_process_mlo_3_of_4(struct wpa_sm *sm, const struct wpa_eapol_key *key, u16 ver, const u8 *key_data, @@ -2099,7 +2239,7 @@ static void wpa_supplicant_process_mlo_3_of_4(struct wpa_sm *sm, { u16 key_info, keylen; struct wpa_eapol_ie_parse ie; - int res; + int res, i; wpa_sm_set_state(sm, WPA_4WAY_HANDSHAKE); wpa_dbg(sm->ctx->msg_ctx, MSG_INFO, "RSN MLO: RX message 3 of 4-Way " @@ -2126,6 +2266,35 @@ static void wpa_supplicant_process_mlo_3_of_4(struct wpa_sm *sm, goto failed; } + if (!is_valid_ap_mld_mac_kde(sm, ie.mac_addr)) { + wpa_printf(MSG_DEBUG, "RSN: Invalid AP MLD MAC address KDE"); + goto failed; + } + + for (i = 0; i < MAX_NUM_MLD_LINKS; i++) { + if (!(sm->mlo.req_links & BIT(i))) + continue; + + if (wpa_supplicant_validate_link_kde(sm, i, ie.mlo_link[i], + ie.mlo_link_len[i]) < 0) + goto failed; + + if (!(sm->mlo.valid_links & BIT(i))) + continue; + + if (!ie.mlo_gtk[i]) { + wpa_msg(sm->ctx->msg_ctx, MSG_ERROR, + "RSN: GTK not found for link ID %u", i); + goto failed; + } + + if (!wpa_sm_pmf_enabled(sm)) + continue; + + if (wpa_validate_mlo_ieee80211w_kdes(sm, i, &ie) < 0) + goto failed; + } + #ifdef CONFIG_IEEE80211R if (wpa_key_mgmt_ft(sm->key_mgmt) && wpa_supplicant_validate_ie_ft(sm, sm->bssid, &ie) < 0) From patchwork Wed Oct 19 14:14:03 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Veerendranath Jakkam X-Patchwork-Id: 1692002 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=H6Kn5Pug; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=quicinc.com header.i=@quicinc.com header.a=rsa-sha256 header.s=qcppdkim1 header.b=MN7AteLm; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4MstL64t77z23kb for ; Thu, 20 Oct 2022 01:25:18 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:CC:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=GAXswwFXZ1+Yfjw94omGM1rqF60LVyS5TyveSf0BJDQ=; b=H6Kn5PugRW5uSO ORAzXKOjTfg6wrRku06J60jFKtlHk4MA53JJcH7YLUxkl6myTREBpGQ72eGyMu78xAfw+2l+29BFJ tTTNDaqnxjKgeLLqhOyv1VE18qIUdtcUFu3Wh00ByE2NyfWek5/lq+8n81Vjmr8mz6daHqSt34uVh OFBwa9aZ4gA5hjy9CY2OVRg5KHwm4FwHsivFub1stiahDIecbIGyaX3blNxD32qkN+9EqA0nCZi9v JWBxQmXo/JBMeUtTiOFaNCWR12CB49N+Y6c4NBR8VaXP+uuQcu5J1bJt75mMmSrapUXh4aA9Oji0R jpE7dqcDgUrg/CpVXdvQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1ol9za-002m80-Gz; Wed, 19 Oct 2022 14:24:22 +0000 Received: from mx0a-0031df01.pphosted.com ([205.220.168.131]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1ol9qV-002eUZ-N8 for hostap@lists.infradead.org; Wed, 19 Oct 2022 14:15:01 +0000 Received: from pps.filterd (m0279865.ppops.net [127.0.0.1]) by mx0a-0031df01.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 29JB0E9i013177 for ; Wed, 19 Oct 2022 14:14:59 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quicinc.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=qcppdkim1; bh=nYagnEMJlm+tnBb1kiZTn7/RknVByDTrSrzVLEXYwVo=; b=MN7AteLmQGhBe1VO7d5UgyZuB4xAazZ1l4kLPoaY4yqR6CMynLqxokTy+12W7HmS4IjT im/kQlXZjhDAvF1kWX8uw5v87rOoocQtfXszLKtHZSxB1+JxtMH8+j/QFPYKkzBpULed R04Kz8S+dpwi9eEDbFFKS/DT/pGIkBW/iCaGxmCBbG4Wya6cSTpx1gm9r39NyqSqyTtL myh1kJi4u3FJoWmTe1d55+70addreIYP7guPbjz//oASDzEEj+4+dnL1vltoRJk29wUO h2mcHaaPmtOOr/cn63oV4caScYPcwK2NxdHdWgyYrtyscec+4Huavk30Se2Sg40MUaYI eQ== Received: from nalasppmta01.qualcomm.com (Global_NAT1.qualcomm.com [129.46.96.20]) by mx0a-0031df01.pphosted.com (PPS) with ESMTPS id 3ka820t7pd-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 19 Oct 2022 14:14:59 +0000 Received: from nalasex01a.na.qualcomm.com (nalasex01a.na.qualcomm.com [10.47.209.196]) by NALASPPMTA01.qualcomm.com (8.17.1.5/8.17.1.5) with ESMTPS id 29JEEwJI009143 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 19 Oct 2022 14:14:58 GMT Received: from cnss-mw-linux.qualcomm.com (10.80.80.8) by nalasex01a.na.qualcomm.com (10.47.209.196) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.29; Wed, 19 Oct 2022 07:14:57 -0700 From: Veerendranath Jakkam To: CC: Subject: [PATCH v3 15/21] MLD STA: Use AP MLD address as destination for 4WHS EAPOL frames Date: Wed, 19 Oct 2022 19:44:03 +0530 Message-ID: <20221019141409.535582-16-quic_vjakkam@quicinc.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20221019141409.535582-1-quic_vjakkam@quicinc.com> References: <20221019141409.535582-1-quic_vjakkam@quicinc.com> MIME-Version: 1.0 X-Originating-IP: [10.80.80.8] X-ClientProxiedBy: nasanex01b.na.qualcomm.com (10.46.141.250) To nalasex01a.na.qualcomm.com (10.47.209.196) X-QCInternal: smtphost X-Proofpoint-Virus-Version: vendor=nai engine=6200 definitions=5800 signatures=585085 X-Proofpoint-ORIG-GUID: RC2ep-F_7Xit2DIhNgu6YlLppjSp_LJC X-Proofpoint-GUID: RC2ep-F_7Xit2DIhNgu6YlLppjSp_LJC X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.545,FMLib:17.11.122.1 definitions=2022-10-19_08,2022-10-19_03,2022-06-22_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 mlxlogscore=868 lowpriorityscore=0 spamscore=0 priorityscore=1501 bulkscore=0 adultscore=0 malwarescore=0 mlxscore=0 impostorscore=0 suspectscore=0 phishscore=0 clxscore=1015 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2209130000 definitions=main-2210190080 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20221019_071459_811736_BCF8ED54 X-CRM114-Status: GOOD ( 17.24 ) X-Spam-Score: -0.9 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Rohan Dutta Use AP MLD address as destination address for EAPOL Four-Way handshake frames since authenticator/supplicant are operates above MLD. Driver/FW will use RA/TA based on the link used for transmitting th [...] Content analysis details: (-0.9 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/, low trust [205.220.168.131 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Rohan Dutta Use AP MLD address as destination address for EAPOL Four-Way handshake frames since authenticator/supplicant are operates above MLD. Driver/FW will use RA/TA based on the link used for transmitting the EAPOL frames. Signed-off-by: Rohan Dutta Signed-off-by: Veerendranath Jakkam --- src/rsn_supp/wpa.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c index 38eac8104..1a5f95fa5 100644 --- a/src/rsn_supp/wpa.c +++ b/src/rsn_supp/wpa.c @@ -940,8 +940,8 @@ static void wpa_supplicant_process_1_of_4(struct wpa_sm *sm, kde_len = pos - kde; } - if (wpa_supplicant_send_2_of_4(sm, sm->bssid, key, ver, sm->snonce, - kde, kde_len, ptk) < 0) + if (wpa_supplicant_send_2_of_4(sm, wpa_sm_get_auth_addr(sm), key, ver, + sm->snonce, kde, kde_len, ptk) < 0) goto failed; os_free(kde_buf); @@ -2318,8 +2318,8 @@ static void wpa_supplicant_process_mlo_3_of_4(struct wpa_sm *sm, goto failed; } - if (wpa_supplicant_send_4_of_4(sm, sm->bssid, key, ver, key_info, - &sm->ptk) < 0) + if (wpa_supplicant_send_4_of_4(sm, wpa_sm_get_auth_addr(sm), key, ver, + key_info, &sm->ptk) < 0) goto failed; /* SNonce was successfully used in msg 3/4, so mark it to be renewed From patchwork Wed Oct 19 14:14:04 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Veerendranath Jakkam X-Patchwork-Id: 1692003 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=iLUOfYd4; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=quicinc.com header.i=@quicinc.com header.a=rsa-sha256 header.s=qcppdkim1 header.b=WwQ12Lmp; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4MstNM37M0z23kb for ; Thu, 20 Oct 2022 01:27:15 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:CC:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=2opDho7ltFYs1xCfIueL3RkNsBkIZpV4f5yXD3SulLw=; b=iLUOfYd4ENxqZD OjkrzJuZLz033ly1CEmPRyJmuaYHyrSKAv5gWXj1+hh+HJ6cwyXFfA4YgX2LFZmaujdFFrqf4HOqW Nx1nKw/psgi+o3g0N29YYC677Nxpkg+pyUdvxV0Cp+xg9pH6Su7wxZb74oZBrORTvzFf7VtJgEjf+ 292L8Aq7mpIzgU0wL9At611WrGC3bVnzVCtwWLrTTKpv/nbLZVfthu+/epdmXdYw5RIHtira1HxqQ tSXnH29DkAYlWB6dNBnz2QlRlMYMtAHrLOUkA3bZMJjIdbI7K5Jk1f0O4pPSJkrpIDXQkLvy136AE FJxWD1YwRffbbnEf26NQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1olA1O-002mfq-UU; Wed, 19 Oct 2022 14:26:15 +0000 Received: from mx0a-0031df01.pphosted.com ([205.220.168.131]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1ol9qX-002eYb-5c for hostap@lists.infradead.org; Wed, 19 Oct 2022 14:15:02 +0000 Received: from pps.filterd (m0279867.ppops.net [127.0.0.1]) by mx0a-0031df01.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 29J3WhLq005441 for ; Wed, 19 Oct 2022 14:15:01 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quicinc.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=qcppdkim1; bh=Q5z8PNV1LXQkB60jG7zjgR3Bu5opaScFUe9jFbpVpp0=; b=WwQ12LmpWoh/CiNDILneu+9LhQuJxvUBjs3TApVquSm6Ccr//c0QT4vH9cGrSUsl60OA K8QT8s+msNuTvxug3sN6pTlGRxUZnTlbxzgnfVUnsF6F8FmvnOdEy2XNDnhUIRoSodFw dBHiM0d/pqXfWOTlDxBm7EyFHvD/cok6TBx/dCiQNlyiKYOHzDH05Ijy8Q+WD+lekL9n 8KBiGqDcwOIR5s6RxTJlvMi/Xqw4mVlyjC6T+ISDcBh47+4v9Y1Rz+HJDjFHSWEGwDBd OxacvOffRP7zKaeDoZQO66+48HWazDCXJf80bsST+gDEED1DR1OISwJFh+Y921KmeatY 4Q== Received: from nalasppmta03.qualcomm.com (Global_NAT1.qualcomm.com [129.46.96.20]) by mx0a-0031df01.pphosted.com (PPS) with ESMTPS id 3ka4252pds-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 19 Oct 2022 14:15:00 +0000 Received: from nalasex01a.na.qualcomm.com (nalasex01a.na.qualcomm.com [10.47.209.196]) by NALASPPMTA03.qualcomm.com (8.17.1.5/8.17.1.5) with ESMTPS id 29JEF0pc028097 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 19 Oct 2022 14:15:00 GMT Received: from cnss-mw-linux.qualcomm.com (10.80.80.8) by nalasex01a.na.qualcomm.com (10.47.209.196) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.29; Wed, 19 Oct 2022 07:14:58 -0700 From: Veerendranath Jakkam To: CC: Subject: [PATCH v3 16/21] MLD STA: Add support for group rekeying Date: Wed, 19 Oct 2022 19:44:04 +0530 Message-ID: <20221019141409.535582-17-quic_vjakkam@quicinc.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20221019141409.535582-1-quic_vjakkam@quicinc.com> References: <20221019141409.535582-1-quic_vjakkam@quicinc.com> MIME-Version: 1.0 X-Originating-IP: [10.80.80.8] X-ClientProxiedBy: nasanex01b.na.qualcomm.com (10.46.141.250) To nalasex01a.na.qualcomm.com (10.47.209.196) X-QCInternal: smtphost X-Proofpoint-Virus-Version: vendor=nai engine=6200 definitions=5800 signatures=585085 X-Proofpoint-GUID: kPQ0Ru4SQw-OzJl1JBvDFJzxBXQFLPDO X-Proofpoint-ORIG-GUID: kPQ0Ru4SQw-OzJl1JBvDFJzxBXQFLPDO X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.545,FMLib:17.11.122.1 definitions=2022-10-19_08,2022-10-19_03,2022-06-22_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 impostorscore=0 mlxscore=0 bulkscore=0 malwarescore=0 priorityscore=1501 clxscore=1015 spamscore=0 mlxlogscore=999 suspectscore=0 lowpriorityscore=0 phishscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2209130000 definitions=main-2210190080 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20221019_071501_253803_8F003B24 X-CRM114-Status: GOOD ( 23.76 ) X-Spam-Score: -0.9 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Rohan Dutta Add support for group rekeying in MLO connection. Parse per link MLO GTK/IGTK/BIGTK KDEs from Group Key msg 1/2 and configure to driver. Signed-off-by: Rohan Dutta Signed-off-by: Veerendranath Jakkam --- src/rsn_supp/wpa.c | 92 ++++++++++++++++++++++++++++++++++++++++++++-- 1 file ch [...] Content analysis details: (-0.9 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/, low trust [205.220.168.131 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Rohan Dutta Add support for group rekeying in MLO connection. Parse per link MLO GTK/IGTK/BIGTK KDEs from Group Key msg 1/2 and configure to driver. Signed-off-by: Rohan Dutta Signed-off-by: Veerendranath Jakkam --- src/rsn_supp/wpa.c | 92 ++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 89 insertions(+), 3 deletions(-) diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c index 1a5f95fa5..2b8d95f1c 100644 --- a/src/rsn_supp/wpa.c +++ b/src/rsn_supp/wpa.c @@ -2828,6 +2828,85 @@ static int wpa_supplicant_send_2_of_2(struct wpa_sm *sm, } +static void wpa_supplicant_process_mlo_1_of_2(struct wpa_sm *sm, + const unsigned char *src_addr, + const struct wpa_eapol_key *key, + const u8 *key_data, + size_t key_data_len, u16 ver) +{ + u16 key_info; + u8 i; + struct wpa_eapol_ie_parse ie; + + if (!sm->msg_3_of_4_ok && !wpa_fils_is_completed(sm)) { + wpa_msg(sm->ctx->msg_ctx, MSG_INFO, + "MLO RSN: Group Key Handshake started prior to completion of 4-way handshake"); + goto failed; + } + + wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "MLO RSN: RX message 1 of Group " + "Key Handshake from " MACSTR " (ver=%d)", MAC2STR(src_addr), + ver); + + key_info = WPA_GET_BE16(key->key_info); + + wpa_sm_set_state(sm, WPA_GROUP_HANDSHAKE); + + wpa_hexdump_key(MSG_DEBUG, "MLO RSN: msg 1/2 key data", key_data, + key_data_len); + if (wpa_supplicant_parse_ies(key_data, key_data_len, &ie) < 0) + goto failed; + + if (!ie.valid_mlo_gtks) { + wpa_msg(sm->ctx->msg_ctx, MSG_INFO, + "MLO RSN: No MLO GTK KDE in Group Key msg 1/2"); + goto failed; + } + + if (!(key_info & WPA_KEY_INFO_ENCR_KEY_DATA)) { + wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, + "MLO RSN: MLO GTK KDE in unencrypted key data"); + goto failed; + } + + if (mlo_ieee80211w_set_keys(sm, &ie) < 0) + wpa_msg(sm->ctx->msg_ctx, MSG_INFO, + "MLO RSN: Failed to configure MLO IGTK"); + + for (i = 0; i < MAX_NUM_MLO_LINKS; i++) { + if (!(sm->mlo.valid_links & BIT(i))) + continue; + + /* + * AP may send group keys for subset of the all links during + * rekey + */ + if (!ie.mlo_gtk[i]) + continue; + + if (wpa_supplicant_mlo_gtk(sm, i, ie.mlo_gtk[i], + ie.mlo_gtk_len[i], key_info)) + goto failed; + } + + if (wpa_supplicant_send_2_of_2(sm, key, ver, key_info) < 0) + goto failed; + + wpa_msg(sm->ctx->msg_ctx, MSG_INFO, "MLO RSN: Group rekeying completed " + "with " MACSTR " [GTK=%s]", MAC2STR(sm->mlo.ap_mld_addr), + wpa_cipher_txt(sm->group_cipher)); + wpa_sm_cancel_auth_timeout(sm); + wpa_sm_set_state(sm, WPA_COMPLETED); + + wpa_sm_set_rekey_offload(sm); + + return; + +failed: + wpa_sm_deauthenticate(sm, WLAN_REASON_UNSPECIFIED); +} + + static void wpa_supplicant_process_1_of_2(struct wpa_sm *sm, const unsigned char *src_addr, const struct wpa_eapol_key *key, @@ -3465,9 +3544,16 @@ int wpa_sm_rx_eapol(struct wpa_sm *sm, const u8 *src_addr, if ((mic_len && (key_info & WPA_KEY_INFO_MIC)) || (!mic_len && (key_info & WPA_KEY_INFO_ENCR_KEY_DATA))) { /* 1/2 Group Key Handshake */ - wpa_supplicant_process_1_of_2(sm, src_addr, key, - key_data, key_data_len, - ver); + if (sm->mlo.valid_links) + wpa_supplicant_process_mlo_1_of_2(sm, src_addr, + key, key_data, + key_data_len, + ver); + else + wpa_supplicant_process_1_of_2(sm, src_addr, key, + key_data, + key_data_len, + ver); } else { wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, "WPA: EAPOL-Key (Group) without Mic/Encr bit - " From patchwork Wed Oct 19 14:14:05 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Veerendranath Jakkam X-Patchwork-Id: 1692004 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=nEdmJjbp; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=quicinc.com header.i=@quicinc.com header.a=rsa-sha256 header.s=qcppdkim1 header.b=TIqKbruO; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4MstQM1vcLz23kb for ; Thu, 20 Oct 2022 01:28:59 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:CC:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=+hpQHHUTM84kd+PEQZfH67joEzuUafey8UnkPFhwOdU=; b=nEdmJjbpmAyzVk tint0qNzWq6t59k7d/1/PhhL7VJ2PZM8RhTdwkozEeXLLfOsyJMg9fG90APZio5Z90STPJaBKvUv0 IhgAm2mcw6yoRhSmrApZvuBbzYTzg4H/O4uSu/H8m/8imHRLil23mHWvrlmiDX7fAXh9tmAf8Z6Tb ihi7NoMBF3pJ8eMo2WmL7HeQhwlre+nZjIgQ2rABCqlGe1+rig9KBGa1FR3nSJmbksH05gSFEBPcv Skhf0zTv+ljTitnSGEs6UdJlFCnM6BquKE7cZxmDHLwb8klpcdgJjUZfWfcfXWByM9/BoKzkc5YzT A1iSao6UdNSPI57P8Ihg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1olA30-002n6Z-2F; Wed, 19 Oct 2022 14:27:55 +0000 Received: from mx0a-0031df01.pphosted.com ([205.220.168.131]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1ol9qY-002eco-Rk for hostap@lists.infradead.org; Wed, 19 Oct 2022 14:15:04 +0000 Received: from pps.filterd (m0279864.ppops.net [127.0.0.1]) by mx0a-0031df01.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 29JC1hfa021463 for ; Wed, 19 Oct 2022 14:15:02 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quicinc.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=qcppdkim1; bh=aJRcAFutPsybAlohS1mJgmixbqCuTFCm8fuDo9LeCTA=; b=TIqKbruO2BvFMB1WLp4DC5lG8HqvB6dxmvcUNKGaNE5mbJCmMYtEzLnQj5n6YXF/pbE4 TMq5xaoIpY0jFNVpTqP8j96MYfn9cqExnvw30uOQVU+PJxLks0DAqEDxVaIvJkt+eFhD jCqzQGb197/mXLjeEY9Txott33ddDcKxFXlXvgb4ElGvX2wc6EXPa+KpLImvwVVh43Gr Vwuq8gBRVmzq34ZcV/DgmNL1V9ApNna+ifJG0bdojQbE94I3eK9LPuPZirAlpgl+cTxP 3PHZJ8U+b4woeJyqMyEvZpU/XCo20mwCul6xRfpUWTQ7BqDyO/DN7BREhLmLtZ7hSdi3 bg== Received: from nalasppmta04.qualcomm.com (Global_NAT1.qualcomm.com [129.46.96.20]) by mx0a-0031df01.pphosted.com (PPS) with ESMTPS id 3kaed8s8an-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 19 Oct 2022 14:15:02 +0000 Received: from nalasex01a.na.qualcomm.com (nalasex01a.na.qualcomm.com [10.47.209.196]) by NALASPPMTA04.qualcomm.com (8.17.1.5/8.17.1.5) with ESMTPS id 29JEF1bv026962 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 19 Oct 2022 14:15:01 GMT Received: from cnss-mw-linux.qualcomm.com (10.80.80.8) by nalasex01a.na.qualcomm.com (10.47.209.196) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.29; Wed, 19 Oct 2022 07:15:00 -0700 From: Veerendranath Jakkam To: CC: Subject: [PATCH v3 17/21] MLD STA: Add support to process M1 received before association event Date: Wed, 19 Oct 2022 19:44:05 +0530 Message-ID: <20221019141409.535582-18-quic_vjakkam@quicinc.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20221019141409.535582-1-quic_vjakkam@quicinc.com> References: <20221019141409.535582-1-quic_vjakkam@quicinc.com> MIME-Version: 1.0 X-Originating-IP: [10.80.80.8] X-ClientProxiedBy: nasanex01b.na.qualcomm.com (10.46.141.250) To nalasex01a.na.qualcomm.com (10.47.209.196) X-QCInternal: smtphost X-Proofpoint-Virus-Version: vendor=nai engine=6200 definitions=5800 signatures=585085 X-Proofpoint-ORIG-GUID: FH21F_CDyWaWQP15tY_KtTzMNIzvdGf- X-Proofpoint-GUID: FH21F_CDyWaWQP15tY_KtTzMNIzvdGf- X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.545,FMLib:17.11.122.1 definitions=2022-10-19_08,2022-10-19_03,2022-06-22_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 adultscore=0 lowpriorityscore=0 malwarescore=0 mlxscore=0 phishscore=0 mlxlogscore=909 spamscore=0 impostorscore=0 bulkscore=0 suspectscore=0 clxscore=1015 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2209130000 definitions=main-2210190080 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20221019_071502_988577_A7498129 X-CRM114-Status: GOOD ( 19.69 ) X-Spam-Score: -0.9 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: EAPOL 1/4 msg can come before association indication from driver. For MLO connection, the source address check of such frames should be against AP MLD address instead of assoc link BSSID. Signed-off-by: Veerendranath Jakkam --- wpa_supplicant/events.c | 5 +++-- wpa_supplicant/wpa_supplicant.c | 10 ++++++---- 2 files changed, 9 insertions(+), 6 deletions(-) Content analysis details: (-0.9 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/, low trust [205.220.168.131 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org EAPOL 1/4 msg can come before association indication from driver. For MLO connection, the source address check of such frames should be against AP MLD address instead of assoc link BSSID. Signed-off-by: Veerendranath Jakkam --- wpa_supplicant/events.c | 5 +++-- wpa_supplicant/wpa_supplicant.c | 10 ++++++---- 2 files changed, 9 insertions(+), 6 deletions(-) diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c index a0fe9cc8a..4840c82fc 100644 --- a/wpa_supplicant/events.c +++ b/wpa_supplicant/events.c @@ -3844,8 +3844,9 @@ static void wpa_supplicant_event_assoc(struct wpa_supplicant *wpa_s, os_get_reltime(&now); os_reltime_sub(&now, &wpa_s->pending_eapol_rx_time, &age); if (age.sec == 0 && age.usec < 200000 && - os_memcmp(wpa_s->pending_eapol_rx_src, bssid, ETH_ALEN) == - 0) { + os_memcmp(wpa_s->pending_eapol_rx_src, + wpa_s->valid_links ? wpa_s->ap_mld_addr : bssid, + ETH_ALEN) == 0) { wpa_dbg(wpa_s, MSG_DEBUG, "Process pending EAPOL " "frame that was received just before " "association notification"); diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c index cb15feb7b..4f010ef40 100644 --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c @@ -5147,6 +5147,8 @@ void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr, enum frame_encryption encrypted) { struct wpa_supplicant *wpa_s = ctx; + const u8 *connected_addr = wpa_s->valid_links ? + wpa_s->ap_mld_addr : wpa_s->bssid; wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " (encrypted=%d)", MAC2STR(src_addr), encrypted); @@ -5172,7 +5174,7 @@ void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr, #ifdef CONFIG_AP !wpa_s->ap_iface && #endif /* CONFIG_AP */ - os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) != 0)) { + os_memcmp(src_addr, connected_addr, ETH_ALEN) != 0)) { /* * There is possible race condition between receiving the * association event and the EAPOL frame since they are coming @@ -5186,9 +5188,9 @@ void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr, * case with wired IEEE 802.1X). */ wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing " - "of received EAPOL frame (state=%s bssid=" MACSTR ")", + "of received EAPOL frame (state=%s connected_addr=" MACSTR ")", wpa_supplicant_state_txt(wpa_s->wpa_state), - MAC2STR(wpa_s->bssid)); + MAC2STR(connected_addr)); wpabuf_free(wpa_s->pending_eapol_rx); wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len); if (wpa_s->pending_eapol_rx) { @@ -5201,7 +5203,7 @@ void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr, } wpa_s->last_eapol_matches_bssid = - os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) == 0; + os_memcmp(src_addr, connected_addr, ETH_ALEN) == 0; #ifdef CONFIG_AP if (wpa_s->ap_iface) { From patchwork Wed Oct 19 14:14:06 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Veerendranath Jakkam X-Patchwork-Id: 1692005 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=ja9WGsqo; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=quicinc.com header.i=@quicinc.com header.a=rsa-sha256 header.s=qcppdkim1 header.b=cq3GedWr; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4MstSH0M2cz23jk for ; Thu, 20 Oct 2022 01:30:39 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:CC:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=2yhJVxO1+yGNkt/LPeiUnQNX1eHOlpsPoJKPpuduqn0=; b=ja9WGsqo0qJvQc xBj9KKQyfFZFMasae1nbxo5XlRvFH5IOb1YMuRhLiYVUSWI1iw2bj+3v/618hyj58/FlHkQaD8No9 V93Ykyvb4PnxlacYm4QDVJl55tuoefL1JlRr5x8bRWgFEBHJBrKcCPLU+d95s0eijyygo7oP/2Vqn OszXBVdMAtBP7SXSd20aZxfX0eiBa7XINrz/GyvUrKlujSOQnVAmWPssDXHuMzFIE+S8vpt8nZKzg h/IA60bsFafz2zvbjpdIQbaO+11GcG1ZQmjCcf280Z34xvzLnRRM4yfLj16ELJ8G+Jms3ZaFdFJdV z7FIz7m/CW5hxVptGymw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1olA4b-002nX0-CO; Wed, 19 Oct 2022 14:29:34 +0000 Received: from mx0b-0031df01.pphosted.com ([205.220.180.131]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1ol9qb-002ejE-MG for hostap@lists.infradead.org; Wed, 19 Oct 2022 14:15:07 +0000 Received: from pps.filterd (m0279872.ppops.net [127.0.0.1]) by mx0a-0031df01.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 29JEBRmX003859 for ; Wed, 19 Oct 2022 14:15:04 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quicinc.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=qcppdkim1; bh=tSSpFmW+TEcFpREMUerMw5+4sBUXg1WlJWoRdqkYSB8=; b=cq3GedWrQN/RmGBoWn3LJacG+u6kP9/iJ9Fpdn9Sy+bguHiLBgllGIBIt8G2LQZLsWRL ZCOp0dFRIcEKLVaumExiNhDTmUQogNJIEo9LV0mVwSDnxNOJYDNV//2xVZ30mbHUu71B 4jq5rqJKBF2UV06c+cTpNzkw8U9lXQjnoUEOlQ1Mny+5Dk2ORGtMReTND8c0HCzMUU1w ZuNNU6OJ8H8/Y1ERWLAOyNk3KkDwFUvSygzihNTIntBKjqZtHKr4iKuOfp/iCAzVMiK+ ba2WgcVJnea8WSh73Ml6tPixUxk9ctXXe7i9nZCAPFtKY1mCEexNKqNN61VhdXzph/nm kg== Received: from nalasppmta05.qualcomm.com (Global_NAT1.qualcomm.com [129.46.96.20]) by mx0a-0031df01.pphosted.com (PPS) with ESMTPS id 3k9yq1jrya-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 19 Oct 2022 14:15:04 +0000 Received: from nalasex01a.na.qualcomm.com (nalasex01a.na.qualcomm.com [10.47.209.196]) by NALASPPMTA05.qualcomm.com (8.17.1.5/8.17.1.5) with ESMTPS id 29JEF3gQ002779 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 19 Oct 2022 14:15:03 GMT Received: from cnss-mw-linux.qualcomm.com (10.80.80.8) by nalasex01a.na.qualcomm.com (10.47.209.196) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.29; Wed, 19 Oct 2022 07:15:02 -0700 From: Veerendranath Jakkam To: CC: Subject: [PATCH v3 18/21] MLD STA: Add support for SAE external authentication Date: Wed, 19 Oct 2022 19:44:06 +0530 Message-ID: <20221019141409.535582-19-quic_vjakkam@quicinc.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20221019141409.535582-1-quic_vjakkam@quicinc.com> References: <20221019141409.535582-1-quic_vjakkam@quicinc.com> MIME-Version: 1.0 X-Originating-IP: [10.80.80.8] X-ClientProxiedBy: nasanex01b.na.qualcomm.com (10.46.141.250) To nalasex01a.na.qualcomm.com (10.47.209.196) X-QCInternal: smtphost X-Proofpoint-Virus-Version: vendor=nai engine=6200 definitions=5800 signatures=585085 X-Proofpoint-ORIG-GUID: 53bcFfJF1g4Dxf8dKR_jkb2HGwWGmkXi X-Proofpoint-GUID: 53bcFfJF1g4Dxf8dKR_jkb2HGwWGmkXi X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.545,FMLib:17.11.122.1 definitions=2022-10-19_08,2022-10-19_03,2022-06-22_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 lowpriorityscore=0 clxscore=1015 malwarescore=0 impostorscore=0 phishscore=0 spamscore=0 mlxlogscore=999 bulkscore=0 adultscore=0 mlxscore=0 priorityscore=1501 suspectscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2209130000 definitions=main-2210190080 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20221019_071505_879483_2E8826C6 X-CRM114-Status: GOOD ( 31.20 ) X-Spam-Score: -0.9 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: This commit does below: - Enable MLO for SAE authentication when driver indicates transmit address(TA). - Add basic ML IE in SAE authentication frames. - Use TA address provided by driver for sending [...] Content analysis details: (-0.9 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/, low trust [205.220.180.131 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org This commit does below: - Enable MLO for SAE authentication when driver indicates transmit address(TA). - Add basic ML IE in SAE authentication frames. - Use TA address provided by driver for sending SAE authentication frames. - Use MLD address for SAE PWE derivation. - Allow authentication frames with RA address same as TA address provided by driver. Signed-off-by: Veerendranath Jakkam --- src/drivers/driver.h | 3 + src/drivers/driver_nl80211.h | 1 + src/drivers/driver_nl80211_event.c | 17 +++++ wpa_supplicant/sme.c | 107 ++++++++++++++++++++++------- wpa_supplicant/wpa_supplicant_i.h | 2 + 5 files changed, 106 insertions(+), 24 deletions(-) diff --git a/src/drivers/driver.h b/src/drivers/driver.h index 573dd7dd5..0fe416928 100644 --- a/src/drivers/driver.h +++ b/src/drivers/driver.h @@ -2623,6 +2623,8 @@ enum wpa_drv_update_connect_params_mask { * the real status code for failures. Used only for the request interface * from user space to the driver. * @pmkid: Generated PMKID as part of external auth exchange (e.g., SAE). + * @tx_addr: Transmit address to be used for the authentication frames. Optional + * for the request interface. */ struct external_auth { enum { @@ -2635,6 +2637,7 @@ struct external_auth { unsigned int key_mgmt_suite; u16 status; const u8 *pmkid; + const u8 *tx_addr; }; #define WPAS_MAX_PASN_PEERS 10 diff --git a/src/drivers/driver_nl80211.h b/src/drivers/driver_nl80211.h index 0b8b0ce11..40e845d78 100644 --- a/src/drivers/driver_nl80211.h +++ b/src/drivers/driver_nl80211.h @@ -80,6 +80,7 @@ struct i802_bss { struct nl80211_wiphy_data *wiphy_data; struct dl_list wiphy_list; u8 rand_addr[ETH_ALEN]; + u8 ext_auth_rand_addr[ETH_ALEN]; }; struct drv_nl80211_if_info { diff --git a/src/drivers/driver_nl80211_event.c b/src/drivers/driver_nl80211_event.c index 289a9c734..beab202ff 100644 --- a/src/drivers/driver_nl80211_event.c +++ b/src/drivers/driver_nl80211_event.c @@ -1288,6 +1288,10 @@ static void mlme_event(struct i802_bss *bss, MAC2STR(bss->addr), MAC2STR(data + 4), MAC2STR(data + 4 + ETH_ALEN)); + if (!is_zero_ether_addr(bss->ext_auth_rand_addr) && + os_memcmp(bss->ext_auth_rand_addr, data + 4, ETH_ALEN) == 0) + goto skip_ra_check; + /* PASN Authentication frame can be received with a different source MAC * address. Allow NL80211_CMD_FRAME event with foreign addresses also. */ @@ -1316,6 +1320,8 @@ static void mlme_event(struct i802_bss *bss, "for foreign address", bss->ifname); return; } + +skip_ra_check: wpa_hexdump(MSG_MSGDUMP, "nl80211: MLME event frame", nla_data(frame), nla_len(frame)); @@ -2994,6 +3000,17 @@ static void nl80211_external_auth(struct wpa_driver_nl80211_data *drv, event.external_auth.bssid = nla_data(tb[NL80211_ATTR_BSSID]); + if (tb[NL80211_ATTR_MAC]) { + event.external_auth.tx_addr = nla_data(tb[NL80211_ATTR_MAC]); + wpa_printf(MSG_ERROR, "TA addr for external auth: " MACSTR, + MAC2STR(event.external_auth.tx_addr)); + os_memcpy(drv->first_bss->ext_auth_rand_addr, + event.external_auth.tx_addr, + ETH_ALEN); + } else { + os_memset(drv->first_bss->ext_auth_rand_addr, 0, ETH_ALEN); + } + wpa_printf(MSG_DEBUG, "nl80211: External auth action: %u, AKM: 0x%x", event.external_auth.action, diff --git a/wpa_supplicant/sme.c b/wpa_supplicant/sme.c index 896fa9df4..e6e39c4c3 100644 --- a/wpa_supplicant/sme.c +++ b/wpa_supplicant/sme.c @@ -95,6 +95,7 @@ static struct wpabuf * sme_auth_build_sae_commit(struct wpa_supplicant *wpa_s, int use_pt = 0; bool use_pk = false; u8 rsnxe_capa = 0; + const u8 *peer_addr = bssid; if (ret_use_pt) *ret_use_pt = 0; @@ -124,19 +125,6 @@ static struct wpabuf * sme_auth_build_sae_commit(struct wpa_supplicant *wpa_s, return NULL; } - if (reuse && wpa_s->sme.sae.tmp && - os_memcmp(bssid, wpa_s->sme.sae.tmp->bssid, ETH_ALEN) == 0) { - wpa_printf(MSG_DEBUG, - "SAE: Reuse previously generated PWE on a retry with the same AP"); - use_pt = wpa_s->sme.sae.h2e; - use_pk = wpa_s->sme.sae.pk; - goto reuse_data; - } - if (sme_set_sae_group(wpa_s) < 0) { - wpa_printf(MSG_DEBUG, "SAE: Failed to select group"); - return NULL; - } - bss = wpa_bss_get_bssid_latest(wpa_s, bssid); if (!bss) { wpa_printf(MSG_DEBUG, @@ -150,6 +138,31 @@ static struct wpabuf * sme_auth_build_sae_commit(struct wpa_supplicant *wpa_s, rsnxe = wpa_bss_get_ie(bss, WLAN_EID_RSNX); if (rsnxe && rsnxe[1] >= 1) rsnxe_capa = rsnxe[2]; + + if (external && wpa_s->sme.ext_ml_auth) { + if (is_zero_ether_addr(bss->mld_addr)) { + wpa_printf(MSG_DEBUG, + "SAE: BSS not affliated with MLD"); + return NULL; + } + + wpa_printf(MSG_DEBUG, "SAE: AP MLD address: " MACSTR, + MAC2STR(bss->mld_addr)); + peer_addr = bss->mld_addr; + } + } + + if (reuse && wpa_s->sme.sae.tmp && + os_memcmp(peer_addr, wpa_s->sme.sae.tmp->bssid, ETH_ALEN) == 0) { + wpa_printf(MSG_DEBUG, + "SAE: Reuse previously generated PWE on a retry with the same AP"); + use_pt = wpa_s->sme.sae.h2e; + use_pk = wpa_s->sme.sae.pk; + goto reuse_data; + } + if (sme_set_sae_group(wpa_s) < 0) { + wpa_printf(MSG_DEBUG, "SAE: Failed to select group"); + return NULL; } if (ssid->sae_password_id && wpa_s->conf->sae_pwe != 3) @@ -190,24 +203,24 @@ static struct wpabuf * sme_auth_build_sae_commit(struct wpa_supplicant *wpa_s, if (use_pt && sae_prepare_commit_pt(&wpa_s->sme.sae, ssid->pt, - wpa_s->own_addr, bssid, + wpa_s->own_addr, peer_addr, wpa_s->sme.sae_rejected_groups, NULL) < 0) return NULL; if (!use_pt && - sae_prepare_commit(wpa_s->own_addr, bssid, + sae_prepare_commit(wpa_s->own_addr, peer_addr, (u8 *) password, os_strlen(password), &wpa_s->sme.sae) < 0) { wpa_printf(MSG_DEBUG, "SAE: Could not pick PWE"); return NULL; } if (wpa_s->sme.sae.tmp) { - os_memcpy(wpa_s->sme.sae.tmp->bssid, bssid, ETH_ALEN); + os_memcpy(wpa_s->sme.sae.tmp->bssid, peer_addr, ETH_ALEN); if (use_pt && use_pk) wpa_s->sme.sae.pk = 1; #ifdef CONFIG_SAE_PK os_memcpy(wpa_s->sme.sae.tmp->own_addr, wpa_s->own_addr, ETH_ALEN); - os_memcpy(wpa_s->sme.sae.tmp->peer_addr, bssid, ETH_ALEN); + os_memcpy(wpa_s->sme.sae.tmp->peer_addr, peer_addr, ETH_ALEN); sae_pk_set_password(&wpa_s->sme.sae, password); #endif /* CONFIG_SAE_PK */ } @@ -1041,11 +1054,30 @@ void sme_authenticate(struct wpa_supplicant *wpa_s, #ifdef CONFIG_SAE +#define WPA_AUTH_FRAME_ML_IE_LEN (6 + ETH_ALEN) + +static void wpa_auth_ml_ie(struct wpabuf *buf, const u8 *mld_addr) +{ + + wpabuf_put_u8(buf, WLAN_EID_EXTENSION); + wpabuf_put_u8(buf, WPA_AUTH_FRAME_ML_IE_LEN - 2); + wpabuf_put_u8(buf, WLAN_EID_EXT_MULTI_LINK); + + /* Basic Multi-Link IE control field */ + wpabuf_put_u8(buf, 0x0); + wpabuf_put_u8(buf, 0x0); + + /* Common info: Common Info Length + MLD MAC LEN */ + wpabuf_put_u8(buf, 0x7); + wpabuf_put_data(buf, mld_addr, ETH_ALEN); +} + + static int sme_external_auth_build_buf(struct wpabuf *buf, struct wpabuf *params, const u8 *sa, const u8 *da, u16 auth_transaction, u16 seq_num, - u16 status_code) + u16 status_code, const u8 *mld_addr) { struct ieee80211_mgmt *resp; @@ -1064,10 +1096,17 @@ static int sme_external_auth_build_buf(struct wpabuf *buf, if (params) wpabuf_put_buf(buf, params); + if (mld_addr) { + wpa_auth_ml_ie(buf, mld_addr); + wpa_hexdump(MSG_DEBUG, "ML Auth Frame", wpabuf_head(buf), + wpabuf_len(buf)); + } + return 0; } + static int sme_external_auth_send_sae_commit(struct wpa_supplicant *wpa_s, const u8 *bssid, struct wpa_ssid *ssid) @@ -1085,7 +1124,9 @@ static int sme_external_auth_send_sae_commit(struct wpa_supplicant *wpa_s, } wpa_s->sme.sae.state = SAE_COMMITTED; - buf = wpabuf_alloc(4 + SAE_COMMIT_MAX_LEN + wpabuf_len(resp)); + buf = wpabuf_alloc(4 + SAE_COMMIT_MAX_LEN + wpabuf_len(resp) + + (wpa_s->sme.ext_ml_auth ? + WPA_AUTH_FRAME_ML_IE_LEN : 0)); if (!buf) { wpabuf_free(resp); return -1; @@ -1098,8 +1139,10 @@ static int sme_external_auth_send_sae_commit(struct wpa_supplicant *wpa_s, status = WLAN_STATUS_SAE_HASH_TO_ELEMENT; else status = WLAN_STATUS_SUCCESS; - sme_external_auth_build_buf(buf, resp, wpa_s->own_addr, - bssid, 1, wpa_s->sme.seq_num, status); + sme_external_auth_build_buf(buf, resp, wpa_s->sme.ext_auth_tx_addr, + bssid, 1, wpa_s->sme.seq_num, status, + wpa_s->sme.ext_ml_auth ? + wpa_s->own_addr : NULL); wpa_drv_send_mlme(wpa_s, wpabuf_head(buf), wpabuf_len(buf), 1, 0, 0); wpabuf_free(resp); wpabuf_free(buf); @@ -1166,16 +1209,20 @@ static void sme_external_auth_send_sae_confirm(struct wpa_supplicant *wpa_s, } wpa_s->sme.sae.state = SAE_CONFIRMED; - buf = wpabuf_alloc(4 + SAE_CONFIRM_MAX_LEN + wpabuf_len(resp)); + buf = wpabuf_alloc(4 + SAE_CONFIRM_MAX_LEN + wpabuf_len(resp) + + (wpa_s->sme.ext_ml_auth ? WPA_AUTH_FRAME_ML_IE_LEN : 0)); if (!buf) { wpa_printf(MSG_DEBUG, "SAE: Auth Confirm buf alloc failure"); wpabuf_free(resp); return; } wpa_s->sme.seq_num++; - sme_external_auth_build_buf(buf, resp, wpa_s->own_addr, + sme_external_auth_build_buf(buf, resp, wpa_s->sme.ext_auth_tx_addr, da, 2, wpa_s->sme.seq_num, - WLAN_STATUS_SUCCESS); + WLAN_STATUS_SUCCESS, + wpa_s->sme.ext_ml_auth ? + wpa_s->own_addr : NULL); + wpa_drv_send_mlme(wpa_s, wpabuf_head(buf), wpabuf_len(buf), 1, 0, 0); wpabuf_free(resp); wpabuf_free(buf); @@ -1206,11 +1253,23 @@ void sme_external_auth_trigger(struct wpa_supplicant *wpa_s, if (!is_sae_key_mgmt_suite(data->external_auth.key_mgmt_suite)) return; + if (data->external_auth.tx_addr) { + wpa_s->sme.ext_ml_auth = true; + wpa_printf(MSG_DEBUG, + "SAE: External multi-link authentication with transmit address " MACSTR, + MAC2STR(data->external_auth.tx_addr)); + } else { + data->external_auth.tx_addr = wpa_s->own_addr; + wpa_s->sme.ext_ml_auth = false; + } + if (data->external_auth.action == EXT_AUTH_START) { if (!data->external_auth.bssid || !data->external_auth.ssid) return; os_memcpy(wpa_s->sme.ext_auth_bssid, data->external_auth.bssid, ETH_ALEN); + os_memcpy(wpa_s->sme.ext_auth_tx_addr, data->external_auth.tx_addr, + ETH_ALEN); os_memcpy(wpa_s->sme.ext_auth_ssid, data->external_auth.ssid, data->external_auth.ssid_len); wpa_s->sme.ext_auth_ssid_len = data->external_auth.ssid_len; diff --git a/wpa_supplicant/wpa_supplicant_i.h b/wpa_supplicant/wpa_supplicant_i.h index 9db847cec..68ca5229f 100644 --- a/wpa_supplicant/wpa_supplicant_i.h +++ b/wpa_supplicant/wpa_supplicant_i.h @@ -1034,6 +1034,8 @@ struct wpa_supplicant { struct wpa_ssid *ext_auth_wpa_ssid; u8 ext_auth_ssid[SSID_MAX_LEN]; size_t ext_auth_ssid_len; + u8 ext_auth_tx_addr[ETH_ALEN]; + bool ext_ml_auth; int *sae_rejected_groups; #endif /* CONFIG_SAE */ } sme; From patchwork Wed Oct 19 14:14:07 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Veerendranath Jakkam X-Patchwork-Id: 1692006 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=gDfbPRWX; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=quicinc.com header.i=@quicinc.com header.a=rsa-sha256 header.s=qcppdkim1 header.b=TjQ00itB; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4MstV41cnZz23jk for ; Thu, 20 Oct 2022 01:32:12 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:CC:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=gYRDE4u7ffxN+iZUtKZSwGexrwJSHxs2PK2njpMQQxs=; b=gDfbPRWX6stKlj Px8EzBOWczDsYNyfHkeG1V8cufQAfnoHpD9C3ERO1LKFrX9gTDL/ah8sUtoNuKEyNGoyGzYvh2Z7z SdRxIpM4a7MLm5PjMZ8TmtCLojR1fI0IIsai9bT4zrKwX0fWsnR4041veek/keE2WdP9bOzQ0f0Vq omGv/+MBHV9tYAqQ7osXnY534qGZAjLeCS4r4Z5d8wa81GhtLBY9Z3iGDOxZTAacG4edcuN8LmCz4 /mY6BjkZQ9ly1KPH7oP8gA0dOEtWoZUM2JDM68t4qYCwcGyE1vp0mKHX+RrE+gG19zlb5IzG+5Izw 0HXUddyYM7/pKZDSey5w==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1olA6E-002nsc-6c; Wed, 19 Oct 2022 14:31:14 +0000 Received: from mx0a-0031df01.pphosted.com ([205.220.168.131]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1ol9qc-002el2-3f for hostap@lists.infradead.org; Wed, 19 Oct 2022 14:15:08 +0000 Received: from pps.filterd (m0279863.ppops.net [127.0.0.1]) by mx0a-0031df01.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 29J8jGtZ019176 for ; Wed, 19 Oct 2022 14:15:05 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quicinc.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=qcppdkim1; bh=JASfm2zB07V9nViB7b3ri9XishJbF3q3aD+1n3ssoc0=; b=TjQ00itBQNUIWFIAxyLvcd+fWOR2uTUwjn3fc3rq9W6RPpUXRYdWTwbrueAei90rqmth MbFvev2/lMS6YuULmVSqn+zQYSLJ02FWBEY5aJ6XlzGCeMpSMjKTG5lVvbSTjiODsBQk uIiyNBNyFZbO3fuKeFnnfmfkuistJ9rBfFFAt24aR8mCXRiUoOu/4Pbqtxiji8WOkaei qRsZoubgc7mDDja59khKvj5FdWvLeqxjeXh0uukPUiBYAfVdLJsWCP3SMzWAsd5GxYie noPExcIn2E8TdwPFcikWbXWjIJDGk0zvRZNXoJKunUSCOclbmqkGjQ4vTEwXXK0+Ke0F Jw== Received: from nalasppmta02.qualcomm.com (Global_NAT1.qualcomm.com [129.46.96.20]) by mx0a-0031df01.pphosted.com (PPS) with ESMTPS id 3k9n2p5pmm-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 19 Oct 2022 14:15:05 +0000 Received: from nalasex01a.na.qualcomm.com (nalasex01a.na.qualcomm.com [10.47.209.196]) by NALASPPMTA02.qualcomm.com (8.17.1.5/8.17.1.5) with ESMTPS id 29JEF5Xx010677 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 19 Oct 2022 14:15:05 GMT Received: from cnss-mw-linux.qualcomm.com (10.80.80.8) by nalasex01a.na.qualcomm.com (10.47.209.196) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.29; Wed, 19 Oct 2022 07:15:03 -0700 From: Veerendranath Jakkam To: CC: Subject: [PATCH v3 19/21] MLD STA: Add PMKSA entries with both AP MLD address and AP link addresses Date: Wed, 19 Oct 2022 19:44:07 +0530 Message-ID: <20221019141409.535582-20-quic_vjakkam@quicinc.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20221019141409.535582-1-quic_vjakkam@quicinc.com> References: <20221019141409.535582-1-quic_vjakkam@quicinc.com> MIME-Version: 1.0 X-Originating-IP: [10.80.80.8] X-ClientProxiedBy: nasanex01b.na.qualcomm.com (10.46.141.250) To nalasex01a.na.qualcomm.com (10.47.209.196) X-QCInternal: smtphost X-Proofpoint-Virus-Version: vendor=nai engine=6200 definitions=5800 signatures=585085 X-Proofpoint-ORIG-GUID: cz9KC-pSsfWu6sm_demBYUYIN9af3wsF X-Proofpoint-GUID: cz9KC-pSsfWu6sm_demBYUYIN9af3wsF X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.545,FMLib:17.11.122.1 definitions=2022-10-19_08,2022-10-19_03,2022-06-22_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 impostorscore=0 clxscore=1015 mlxscore=0 lowpriorityscore=0 suspectscore=0 bulkscore=0 malwarescore=0 priorityscore=1501 phishscore=0 mlxlogscore=999 adultscore=0 spamscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2209130000 definitions=main-2210190080 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20221019_071506_203088_C084E516 X-CRM114-Status: GOOD ( 29.35 ) X-Spam-Score: -0.9 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Add PMKSA entries with both AP MLD address and AP link addresse for MLO connection. Per-BSSID PMKSA entries could be used in case the station wants to associate with one of the BSSs without enabling M [...] Content analysis details: (-0.9 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/, low trust [205.220.168.131 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Add PMKSA entries with both AP MLD address and AP link addresse for MLO connection. Per-BSSID PMKSA entries could be used in case the station wants to associate with one of the BSSs without enabling MLO capability later. Signed-off-by: Veerendranath Jakkam --- src/rsn_supp/wpa.c | 46 ++++++++++++++++++++++++++++----- src/rsn_supp/wpa.h | 4 +-- wpa_supplicant/events.c | 7 +++-- wpa_supplicant/sme.c | 26 ++++++++++++++++--- wpa_supplicant/wpa_supplicant.c | 6 ++++- 5 files changed, 75 insertions(+), 14 deletions(-) diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c index 2b8d95f1c..fd3d5c8da 100644 --- a/src/rsn_supp/wpa.c +++ b/src/rsn_supp/wpa.c @@ -2232,6 +2232,25 @@ static int wpa_validate_mlo_ieee80211w_kdes(struct wpa_sm *sm, } +static void mlo_links_pmksa_cache_add(struct wpa_sm *sm, const u8 *pmk, + size_t pmk_len, const u8 *pmkid, + const u8 *kck, size_t kck_len, + void *network_ctx, int akmp, + const u8 *cache_id) +{ + int i; + + for (i = 0; i < MAX_NUM_MLO_LINKS; i++) { + if (!(sm->mlo.valid_links & BIT(i))) + continue; + + pmksa_cache_add(sm->pmksa, pmk, pmk_len, pmkid, kck, kck_len, + sm->mlo.links[i].bssid, sm->own_addr, + network_ctx, akmp, cache_id); + } +} + + static void wpa_supplicant_process_mlo_3_of_4(struct wpa_sm *sm, const struct wpa_eapol_key *key, u16 ver, const u8 *key_data, @@ -2373,6 +2392,10 @@ static void wpa_supplicant_process_mlo_3_of_4(struct wpa_sm *sm, sm->network_ctx, sm->key_mgmt, NULL); if (!sm->cur_pmksa) sm->cur_pmksa = sa; + + mlo_links_pmksa_cache_add(sm, sm->pmk, sm->pmk_len, NULL, + sm->ptk.kck, sm->ptk.kck_len, + sm->network_ctx, sm->key_mgmt, NULL); } if (ie.transition_disable) @@ -3959,12 +3982,12 @@ void wpa_sm_notify_disassoc(struct wpa_sm *sm) * @pmk: The new PMK * @pmk_len: The length of the new PMK in bytes * @pmkid: Calculated PMKID - * @bssid: AA to add into PMKSA cache or %NULL to not cache the PMK + * @auth_addr: AA to add into PMKSA cache or %NULL to not cache the PMK * * Configure the PMK for WPA state machine. */ void wpa_sm_set_pmk(struct wpa_sm *sm, const u8 *pmk, size_t pmk_len, - const u8 *pmkid, const u8 *bssid) + const u8 *pmkid, const u8 *auth_addr) { if (sm == NULL) return; @@ -3980,12 +4003,17 @@ void wpa_sm_set_pmk(struct wpa_sm *sm, const u8 *pmk, size_t pmk_len, os_memcpy(sm->xxkey, pmk, pmk_len); #endif /* CONFIG_IEEE80211R */ - if (bssid) { + if (auth_addr) { sm->cur_pmksa = pmksa_cache_add(sm->pmksa, pmk, pmk_len, - pmkid, NULL, 0, bssid, + pmkid, NULL, 0, auth_addr, sm->own_addr, sm->network_ctx, sm->key_mgmt, NULL); + if (sm->mlo.valid_links && + os_memcmp(auth_addr, sm->mlo.ap_mld_addr, ETH_ALEN) == 0) + mlo_links_pmksa_cache_add(sm, pmk, pmk_len, pmkid, NULL, + 0, sm->network_ctx, + sm->key_mgmt, NULL); } } @@ -6020,7 +6048,7 @@ fail: } -int owe_process_assoc_resp(struct wpa_sm *sm, const u8 *bssid, +int owe_process_assoc_resp(struct wpa_sm *sm, const u8 *auth_addr, const u8 *resp_ies, size_t resp_ies_len) { struct ieee802_11_elems elems; @@ -6171,9 +6199,15 @@ int owe_process_assoc_resp(struct wpa_sm *sm, const u8 *bssid, wpa_hexdump_key(MSG_DEBUG, "OWE: PMK", sm->pmk, sm->pmk_len); wpa_hexdump(MSG_DEBUG, "OWE: PMKID", pmkid, PMKID_LEN); pmksa_cache_add(sm->pmksa, sm->pmk, sm->pmk_len, pmkid, NULL, 0, - bssid, sm->own_addr, sm->network_ctx, sm->key_mgmt, + auth_addr, sm->own_addr, sm->network_ctx, sm->key_mgmt, NULL); + if (sm->mlo.valid_links && + os_memcmp(auth_addr, sm->mlo.ap_mld_addr, ETH_ALEN) == 0) + mlo_links_pmksa_cache_add(sm, sm->pmk, sm->pmk_len, pmkid, NULL, + 0, sm->network_ctx, sm->key_mgmt, + NULL); + return 0; } diff --git a/src/rsn_supp/wpa.h b/src/rsn_supp/wpa.h index b97edd551..287864e5a 100644 --- a/src/rsn_supp/wpa.h +++ b/src/rsn_supp/wpa.h @@ -153,7 +153,7 @@ void wpa_sm_deinit(struct wpa_sm *sm); void wpa_sm_notify_assoc(struct wpa_sm *sm, const u8 *bssid); void wpa_sm_notify_disassoc(struct wpa_sm *sm); void wpa_sm_set_pmk(struct wpa_sm *sm, const u8 *pmk, size_t pmk_len, - const u8 *pmkid, const u8 *bssid); + const u8 *pmkid, const u8 *auth_addr); void wpa_sm_set_pmk_from_pmksa(struct wpa_sm *sm); void wpa_sm_set_fast_reauth(struct wpa_sm *sm, int fast_reauth); void wpa_sm_set_scard_ctx(struct wpa_sm *sm, void *scard_ctx); @@ -568,7 +568,7 @@ struct wpabuf * fils_build_assoc_req(struct wpa_sm *sm, const u8 **kek, int fils_process_assoc_resp(struct wpa_sm *sm, const u8 *resp, size_t len); struct wpabuf * owe_build_assoc_req(struct wpa_sm *sm, u16 group); -int owe_process_assoc_resp(struct wpa_sm *sm, const u8 *bssid, +int owe_process_assoc_resp(struct wpa_sm *sm, const u8 *auth_addr, const u8 *resp_ies, size_t resp_ies_len); void wpa_sm_set_reset_fils_completed(struct wpa_sm *sm, int set); diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c index 4840c82fc..e714ac489 100644 --- a/wpa_supplicant/events.c +++ b/wpa_supplicant/events.c @@ -3113,7 +3113,8 @@ static int wpa_supplicant_event_associnfo(struct wpa_supplicant *wpa_s, #ifdef CONFIG_OWE if (wpa_s->key_mgmt == WPA_KEY_MGMT_OWE && (!bssid_known || - owe_process_assoc_resp(wpa_s->wpa, bssid, + owe_process_assoc_resp(wpa_s->wpa, + wpa_s->valid_links ? wpa_s->ap_mld_addr : bssid, data->assoc_info.resp_ies, data->assoc_info.resp_ies_len) < 0)) { wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_UNSPECIFIED); @@ -5036,7 +5037,9 @@ static void wpa_supplicant_event_assoc_auth(struct wpa_supplicant *wpa_s, data->assoc_info.fils_pmk, data->assoc_info.fils_pmk_len, data->assoc_info.fils_pmkid, - wpa_s->bssid, fils_cache_id); + wpa_s->valid_links ? + wpa_s->ap_mld_addr : wpa_s->bssid, + fils_cache_id); } else if (data->assoc_info.fils_pmkid) { /* Update the current PMKSA used for this connection */ pmksa_cache_set_current(wpa_s->wpa, diff --git a/wpa_supplicant/sme.c b/wpa_supplicant/sme.c index e6e39c4c3..83269968b 100644 --- a/wpa_supplicant/sme.c +++ b/wpa_supplicant/sme.c @@ -1548,12 +1548,12 @@ static int sme_sae_auth(struct wpa_supplicant *wpa_s, u16 auth_transaction, } -static int sme_sae_set_pmk(struct wpa_supplicant *wpa_s, const u8 *bssid) +static int sme_sae_set_pmk(struct wpa_supplicant *wpa_s, const u8 *auth_addr) { wpa_printf(MSG_DEBUG, "SME: SAE completed - setting PMK for 4-way handshake"); wpa_sm_set_pmk(wpa_s->wpa, wpa_s->sme.sae.pmk, wpa_s->sme.sae.pmk_len, - wpa_s->sme.sae.pmkid, bssid); + wpa_s->sme.sae.pmkid, auth_addr); if (wpa_s->conf->sae_pmkid_in_assoc) { /* Update the own RSNE contents now that we have set the PMK * and added a PMKSA cache entry based on the successfully @@ -1597,6 +1597,8 @@ void sme_external_auth_mgmt_rx(struct wpa_supplicant *wpa_s, if (le_to_host16(header->u.auth.auth_alg) == WLAN_AUTH_SAE) { int res; + struct wpa_bss *bss; + const u8 *auth_addr; res = sme_sae_auth( wpa_s, le_to_host16(header->u.auth.auth_transaction), @@ -1615,7 +1617,25 @@ void sme_external_auth_mgmt_rx(struct wpa_supplicant *wpa_s, if (res != 1) return; - if (sme_sae_set_pmk(wpa_s, wpa_s->sme.ext_auth_bssid) < 0) + auth_addr = wpa_s->sme.ext_auth_bssid; + if (wpa_s->sme.ext_ml_auth) { + bss = wpa_bss_get_bssid_latest( + wpa_s, wpa_s->sme.ext_auth_bssid); + if (!bss) { + wpa_printf(MSG_INFO, + "MLO SAE: BSS not available, update scan result to get BSS"); + wpa_supplicant_update_scan_results(wpa_s); + bss = wpa_bss_get_bssid_latest( + wpa_s, wpa_s->sme.ext_auth_bssid); + } + if (bss && !is_zero_ether_addr(bss->mld_addr)) + auth_addr = bss->mld_addr; + else + wpa_printf(MSG_INFO, + "MLO SAE: AP MLD address fetch failed"); + } + + if (sme_sae_set_pmk(wpa_s, auth_addr) < 0) return; } } diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c index 4f010ef40..547c00187 100644 --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c @@ -3101,6 +3101,10 @@ static u8 * wpas_populate_assoc_ies( wpa_key_mgmt_wpa(ssid->key_mgmt)) { int try_opportunistic; const u8 *cache_id = NULL; + const u8 *auth_addr = bss->bssid; + + if (!is_zero_ether_addr(bss->mld_addr)) + auth_addr = bss->mld_addr; try_opportunistic = (ssid->proactive_key_caching < 0 ? wpa_s->conf->okc : @@ -3110,7 +3114,7 @@ static u8 * wpas_populate_assoc_ies( if (wpa_key_mgmt_fils(ssid->key_mgmt)) cache_id = wpa_bss_get_fils_cache_id(bss); #endif /* CONFIG_FILS */ - if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid, + if (pmksa_cache_set_current(wpa_s->wpa, NULL, auth_addr, ssid, try_opportunistic, cache_id, 0) == 0) { eapol_sm_notify_pmkid_attempt(wpa_s->eapol); From patchwork Wed Oct 19 14:14:08 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Veerendranath Jakkam X-Patchwork-Id: 1692011 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=n92frtaX; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=quicinc.com header.i=@quicinc.com header.a=rsa-sha256 header.s=qcppdkim1 header.b=kA80mdsn; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4MstY95JK1z23jk for ; Thu, 20 Oct 2022 01:34:53 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:CC:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=nr1m0/wNvRd/kOANTmLm5M8TBNmvi45Ra0jUGKPzCG0=; b=n92frtaXvB5fXD Ec/lpABr83hYnXO9EEY6fXjaoGTCFIBuROn7LWmUN/4AvdqI8NcwJtHv0zeEPXrgUqYXVtCW5vxH3 m7ayjjXqEPwmLeSbZQAlYj5fFrKN85Yl/uirmSYmPRDL7NFrfl/K+dy6Ku+6JfHeWVe7AL7KgPTZM 3WHsMNY7jPE52e2rqAkAgYgJzH+B47XTCmlQA2SfRg2Xkhw7iNwXFhg2f10K09xOgFokVc0m2XWHh AqGvm0dsf4sOFrx3OR8DQnx400tNKF/mG6PUlHFLrgfqMfiDq6UuHVeRIdh2b+b4xTzXh1YzqlpbW 7dnVhl9VNE49T2cEvfMw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1olA8N-002oJe-Ho; Wed, 19 Oct 2022 14:33:28 +0000 Received: from mx0a-0031df01.pphosted.com ([205.220.168.131]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1ol9qd-002eoj-L7 for hostap@lists.infradead.org; Wed, 19 Oct 2022 14:15:09 +0000 Received: from pps.filterd (m0279863.ppops.net [127.0.0.1]) by mx0a-0031df01.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 29JB10Ta001095 for ; Wed, 19 Oct 2022 14:15:07 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quicinc.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=qcppdkim1; bh=M7+XJ1h31RQzgqT59PCC6cOKSV1LbURttrNJOJwj6Nk=; b=kA80mdsny8VBKGxAxxdkR2/URHM9vTcTBu7iyn980nPpvRiLupKFt5K8iVGVGZPOU+H1 x3cneXrFF6O8G3zOA/JWOBVCgfbyG4PA4kt4e6sFzbhjqebsrf7x9VFUNSD72zBVVuZR rqb0tnYdpl+omXyNODTuEgac9LttmDWaZbJkAJ4K1dfh81pUTzSV/otdWA3PFB6oxxHf y93H+d+4HdqVvxG9WhuKB5GjNOXijMDR9iaNb6Fy0854GaBKrnIaLehujjn1mtqu1iRT 9CqZStGGUsS+Cx1h4BAzCONXtfntQIjSVK/k1jOy3qrfiWjnDSlxfbTf7klsxut4uO6s aA== Received: from nalasppmta01.qualcomm.com (Global_NAT1.qualcomm.com [129.46.96.20]) by mx0a-0031df01.pphosted.com (PPS) with ESMTPS id 3k9n2p5pmp-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 19 Oct 2022 14:15:07 +0000 Received: from nalasex01a.na.qualcomm.com (nalasex01a.na.qualcomm.com [10.47.209.196]) by NALASPPMTA01.qualcomm.com (8.17.1.5/8.17.1.5) with ESMTPS id 29JEF6lg009417 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 19 Oct 2022 14:15:06 GMT Received: from cnss-mw-linux.qualcomm.com (10.80.80.8) by nalasex01a.na.qualcomm.com (10.47.209.196) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.29; Wed, 19 Oct 2022 07:15:05 -0700 From: Veerendranath Jakkam To: CC: Subject: [PATCH v3 20/21] MLD STA: Indicate supplicant MLO support to driver's SME Date: Wed, 19 Oct 2022 19:44:08 +0530 Message-ID: <20221019141409.535582-21-quic_vjakkam@quicinc.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20221019141409.535582-1-quic_vjakkam@quicinc.com> References: <20221019141409.535582-1-quic_vjakkam@quicinc.com> MIME-Version: 1.0 X-Originating-IP: [10.80.80.8] X-ClientProxiedBy: nasanex01b.na.qualcomm.com (10.46.141.250) To nalasex01a.na.qualcomm.com (10.47.209.196) X-QCInternal: smtphost X-Proofpoint-Virus-Version: vendor=nai engine=6200 definitions=5800 signatures=585085 X-Proofpoint-ORIG-GUID: -DSljSFrIpyLF02F4x33z7AuaR94Zpn- X-Proofpoint-GUID: -DSljSFrIpyLF02F4x33z7AuaR94Zpn- X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.545,FMLib:17.11.122.1 definitions=2022-10-19_08,2022-10-19_03,2022-06-22_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 impostorscore=0 clxscore=1015 mlxscore=0 lowpriorityscore=0 suspectscore=0 bulkscore=0 malwarescore=0 priorityscore=1501 phishscore=0 mlxlogscore=892 adultscore=0 spamscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2209130000 definitions=main-2210190080 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20221019_071507_719832_63823807 X-CRM114-Status: GOOD ( 16.73 ) X-Spam-Score: -0.9 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Send NL80211_ATTR_MLO_SUPPORT flag in NL80211_CMD_CONNECT to indicate that wpa_supplicant has support to handle MLO connection like parsing MLO connection information from connect response, verifying [...] Content analysis details: (-0.9 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/, low trust [205.220.168.131 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Send NL80211_ATTR_MLO_SUPPORT flag in NL80211_CMD_CONNECT to indicate that wpa_supplicant has support to handle MLO connection like parsing MLO connection information from connect response, verifying MLO KDEs validation and adding new MLO KDEs. Signed-off-by: Veerendranath Jakkam --- src/drivers/driver_nl80211.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c index ad1ca3348..ea3edc9a4 100644 --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c @@ -6538,6 +6538,10 @@ static int nl80211_connect_common(struct wpa_driver_nl80211_data *drv, nla_put_flag(msg, NL80211_ATTR_EXTERNAL_AUTH_SUPPORT)) return -1; + if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME) && + nla_put_flag(msg, NL80211_ATTR_MLO_SUPPORT)) + return -1; + return 0; } From patchwork Wed Oct 19 14:14:09 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Veerendranath Jakkam X-Patchwork-Id: 1692012 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=E2YwEowq; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=quicinc.com header.i=@quicinc.com header.a=rsa-sha256 header.s=qcppdkim1 header.b=Ehh5D1tr; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4MstZq28bJz23k2 for ; Thu, 20 Oct 2022 01:36:19 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:CC:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=/BNVsEmAFzcpvthI9Fj322eKwqcEp8lwA6wwr8aXFSI=; b=E2YwEowqsrXj7h sOvHOK2wczbqDaCiQBqCAtSsMkkzo8lfAN9ABdX5zhaJpRwnNjR8D6Fo22cAjxznN8bmenBSzrKLS p/6f2ybk0r958jKU1noA+xpOc1TBYi6GxcCvgFXeWmW8b6BlFO3dVDAYXifJHt9MeI9gnafPjjGs/ dwozPfphO03RlQ1acLrocc/hQWxayADIYSdY3K1sJWuKKOs9OkOa6MAgpkC4rhNTaQrz6j52Ai4+g SSSYlYCA6/6sBckHvYHdaSwY72oBG3r9Lb0Hq1yG/sMDUCBT8rAoYIK2ihjQSUI5cFergsBv73nyS 2F/VsRJ7JWwcaJet7wUg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1olA9k-002ogN-WE; Wed, 19 Oct 2022 14:34:53 +0000 Received: from mx0a-0031df01.pphosted.com ([205.220.168.131]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1ol9qf-002et3-Cn for hostap@lists.infradead.org; Wed, 19 Oct 2022 14:15:10 +0000 Received: from pps.filterd (m0279867.ppops.net [127.0.0.1]) by mx0a-0031df01.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 29J8EsuU030920 for ; Wed, 19 Oct 2022 14:15:09 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quicinc.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=qcppdkim1; bh=gr0s/uUiaKjBfI1CBoEJgaRulUyAPaQ+0gCAjoRwfok=; b=Ehh5D1traKYrD0rC70cvq7G8/kAuaADY+GPo4f635hbgt8OHfMRhpkScV38pOUaQmxUa Kw0Df57LrVw9DK0yKEkTPJ4B73VFPLUG18ScaKjPSIMS7fqLw/RiSISnKryzfejN9cdk mmdnLD3/fcr+EvCYuSA3lD0/0fRQrKgaCphfyRKx9qHTDi1beoeGbw9uhmAgySS/wfhZ gDE6gQeU1ukRra31nlsKHNZABTfvU9pKPNyCje8HevOulaXd49Fu36JxqTk6ITdcGkFr ULTmV4qGx5Npy5etZMptQdqYYYe61nm7EubDYYLtvLLxMOzsYSN0urgyruFwC/Q5bKkP 2w== Received: from nalasppmta02.qualcomm.com (Global_NAT1.qualcomm.com [129.46.96.20]) by mx0a-0031df01.pphosted.com (PPS) with ESMTPS id 3ka4252pe6-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 19 Oct 2022 14:15:09 +0000 Received: from nalasex01a.na.qualcomm.com (nalasex01a.na.qualcomm.com [10.47.209.196]) by NALASPPMTA02.qualcomm.com (8.17.1.5/8.17.1.5) with ESMTPS id 29JEF8R9010709 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 19 Oct 2022 14:15:08 GMT Received: from cnss-mw-linux.qualcomm.com (10.80.80.8) by nalasex01a.na.qualcomm.com (10.47.209.196) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.29; Wed, 19 Oct 2022 07:15:07 -0700 From: Veerendranath Jakkam To: CC: Subject: [PATCH v3 21/21] MLD STA: Use MLD addresses for sending non-public action frames Date: Wed, 19 Oct 2022 19:44:09 +0530 Message-ID: <20221019141409.535582-22-quic_vjakkam@quicinc.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20221019141409.535582-1-quic_vjakkam@quicinc.com> References: <20221019141409.535582-1-quic_vjakkam@quicinc.com> MIME-Version: 1.0 X-Originating-IP: [10.80.80.8] X-ClientProxiedBy: nasanex01b.na.qualcomm.com (10.46.141.250) To nalasex01a.na.qualcomm.com (10.47.209.196) X-QCInternal: smtphost X-Proofpoint-Virus-Version: vendor=nai engine=6200 definitions=5800 signatures=585085 X-Proofpoint-GUID: fBmHNy7UlpuoEvI-1nRapGAmf3fn98xr X-Proofpoint-ORIG-GUID: fBmHNy7UlpuoEvI-1nRapGAmf3fn98xr X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.545,FMLib:17.11.122.1 definitions=2022-10-19_08,2022-10-19_03,2022-06-22_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 impostorscore=0 mlxscore=0 bulkscore=0 malwarescore=0 priorityscore=1501 clxscore=1015 spamscore=0 mlxlogscore=999 suspectscore=0 lowpriorityscore=0 phishscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2209130000 definitions=main-2210190080 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20221019_071509_479689_5EC37E53 X-CRM114-Status: GOOD ( 20.39 ) X-Spam-Score: -0.9 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Kernel expects to use AP MLD address as destination and BSSID addresses for non-public action frames when current connection is MLO capable. This commit adds the changes for the same. Signed-off-by: Veerendranath Jakkam --- wpa_supplicant/driver_i.h | 18 ++++ wpa_supplicant/wpa_supplicant.c | 40 +++++++++++++++++++++++++++++++++ 2 files changed [...] Content analysis details: (-0.9 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/, low trust [205.220.168.131 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Kernel expects to use AP MLD address as destination and BSSID addresses for non-public action frames when current connection is MLO capable. This commit adds the changes for the same. Signed-off-by: Veerendranath Jakkam --- wpa_supplicant/driver_i.h | 18 ++++----------- wpa_supplicant/wpa_supplicant.c | 40 +++++++++++++++++++++++++++++++++ 2 files changed, 44 insertions(+), 14 deletions(-) diff --git a/wpa_supplicant/driver_i.h b/wpa_supplicant/driver_i.h index 9cdfd4143..5dd2a514c 100644 --- a/wpa_supplicant/driver_i.h +++ b/wpa_supplicant/driver_i.h @@ -407,20 +407,10 @@ static inline int wpa_drv_set_supp_port(struct wpa_supplicant *wpa_s, return 0; } -static inline int wpa_drv_send_action(struct wpa_supplicant *wpa_s, - unsigned int freq, - unsigned int wait, - const u8 *dst, const u8 *src, - const u8 *bssid, - const u8 *data, size_t data_len, - int no_cck) -{ - if (wpa_s->driver->send_action) - return wpa_s->driver->send_action(wpa_s->drv_priv, freq, - wait, dst, src, bssid, - data, data_len, no_cck); - return -1; -} +int wpa_drv_send_action(struct wpa_supplicant *wpa_s, unsigned int freq, + unsigned int wait, const u8 *dst, const u8 *src, + const u8 *bssid, const u8 *data, size_t data_len, + int no_cck); static inline void wpa_drv_send_action_cancel_wait(struct wpa_supplicant *wpa_s) { diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c index 547c00187..1b7bbb43a 100644 --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c @@ -8876,3 +8876,43 @@ wpa_drv_get_scan_results2(struct wpa_supplicant *wpa_s) return scan_res; } + + +static bool wpas_ap_link_address(struct wpa_supplicant *wpa_s, const u8 *addr) +{ + int i; + + if (!wpa_s->valid_links) + return false; + + for (i = 0; i < MAX_NUM_MLD_LINKS; i++) { + if (!(wpa_s->valid_links & BIT(i))) + continue; + + if (os_memcmp(wpa_s->links[i].bssid, addr, ETH_ALEN) == 0) + return true; + } + + return false; +} + + +int wpa_drv_send_action(struct wpa_supplicant *wpa_s, unsigned int freq, + unsigned int wait, const u8 *dst, const u8 *src, + const u8 *bssid, const u8 *data, size_t data_len, + int no_cck) +{ + if (!wpa_s->driver->send_action) + return -1; + + if (data[0] != WLAN_ACTION_PUBLIC) { + if (wpas_ap_link_address(wpa_s, dst)) + dst = wpa_s->ap_mld_addr; + + if (wpas_ap_link_address(wpa_s, bssid)) + bssid = wpa_s->ap_mld_addr; + } + + return wpa_s->driver->send_action(wpa_s->drv_priv, freq, wait, dst, src, + bssid, data, data_len, no_cck); +}